refactor: remove OIDC config from K8s manifests

OIDC configuration should be managed by the server itself (database-backed),
not injected via K8s secrets. Remove all CAMELEER_OIDC_* env vars from
deployment manifests and the cameleer-oidc secret from CI. The server
defaults to OIDC disabled via application.yml.

This also fixes the Kustomize strategic merge conflict where the feature
overlay tried to set value on an env var that had valueFrom in the base.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

deploy/base/server.yaml

@@ -63,30 +63,7 @@ spec:
                   name: cameleer-auth
                   key: CAMELEER_JWT_SECRET
                   optional: true
-            - name: CAMELEER_OIDC_ENABLED
-              valueFrom:
-                secretKeyRef:
-                  name: cameleer-oidc
-                  key: CAMELEER_OIDC_ENABLED
-                  optional: true
-            - name: CAMELEER_OIDC_ISSUER
-              valueFrom:
-                secretKeyRef:
-                  name: cameleer-oidc
-                  key: CAMELEER_OIDC_ISSUER
-                  optional: true
-            - name: CAMELEER_OIDC_CLIENT_ID
-              valueFrom:
-                secretKeyRef:
-                  name: cameleer-oidc
-                  key: CAMELEER_OIDC_CLIENT_ID
-                  optional: true
-            - name: CAMELEER_OIDC_CLIENT_SECRET
-              valueFrom:
-                secretKeyRef:
-                  name: cameleer-oidc
-                  key: CAMELEER_OIDC_CLIENT_SECRET
-                  optional: true
+
           resources:
             requests:
               memory: "256Mi"