feat: add infrastructureendpoints flag with conditional DB/CH controllers

Add cameleer.server.security.infrastructureendpoints property (default true) and
@ConditionalOnProperty to DatabaseAdminController and ClickHouseAdminController so
the SaaS provisioner can set CAMELEER_SERVER_SECURITY_INFRASTRUCTUREENDPOINTS=false
to suppress these endpoints (404) on tenant server containers.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

cameleer3-server-app/src/main/resources/application.yml

@@ -71,6 +71,7 @@ cameleer:
       uiorigin: ${CAMELEER_SERVER_SECURITY_UIORIGIN:http://localhost:5173}
       jwtsecret: ${CAMELEER_SERVER_SECURITY_JWTSECRET:}
       corsallowedorigins: ${CAMELEER_SERVER_SECURITY_CORSALLOWEDORIGINS:}
+      infrastructureendpoints: ${CAMELEER_SERVER_SECURITY_INFRASTRUCTUREENDPOINTS:true}
       oidc:
         issueruri: ${CAMELEER_SERVER_SECURITY_OIDC_ISSUERURI:}
         jwkseturi: ${CAMELEER_SERVER_SECURITY_OIDC_JWKSETURI:}