Add Docker build, K8s manifests, and CI/CD deploy pipeline

- Dockerfile: multi-stage build with $BUILDPLATFORM for native Maven
  builds on ARM64 runners, amd64 runtime target. Passes REGISTRY_TOKEN
  build arg for cameleer3-common dependency resolution.
- K8s manifests: ClickHouse StatefulSet with init scripts ConfigMap,
  server Deployment + NodePort (30081)
- CI: docker job (QEMU + buildx cross-compile, registry cache,
  provenance=false, old image cleanup) + deploy job (kubectl)
- .dockerignore for build context optimization

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

deploy/server.yaml

@@ -0,0 +1,55 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cameleer3-server
+  namespace: cameleer
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: cameleer3-server
+  template:
+    metadata:
+      labels:
+        app: cameleer3-server
+    spec:
+      imagePullSecrets:
+        - name: gitea-registry
+      containers:
+        - name: server
+          image: gitea.siegeln.net/cameleer/cameleer3-server:latest
+          ports:
+            - containerPort: 8081
+          env:
+            - name: SPRING_DATASOURCE_URL
+              value: "jdbc:ch://clickhouse:8123/cameleer3"
+            - name: SPRING_DATASOURCE_USERNAME
+              value: "cameleer"
+            - name: SPRING_DATASOURCE_PASSWORD
+              value: "cameleer_dev"
+            - name: CAMELEER_AUTH_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: cameleer-auth
+                  key: CAMELEER_AUTH_TOKEN
+          resources:
+            requests:
+              memory: "256Mi"
+              cpu: "100m"
+            limits:
+              memory: "512Mi"
+              cpu: "500m"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: cameleer3-server
+  namespace: cameleer
+spec:
+  type: NodePort
+  selector:
+    app: cameleer3-server
+  ports:
+    - port: 8081
+      targetPort: 8081
+      nodePort: 30081