feat(devops): improve multi-stage production Dockerfile for NestJS API

- Use pnpm deploy --prod for pruned production node_modules (smaller image)
- Add docker-entrypoint.sh with optional Prisma migration support (RUN_MIGRATIONS)
- Copy generated Prisma client explicitly into production stage
- Add OCI image labels for container registry metadata
- Update .dockerignore: exclude apps/web, libs/ai-services, agent configs, Python artifacts
- Add build directive + RUN_MIGRATIONS env to docker-compose.prod.yml
- Maintain non-root user, dumb-init signal handling, and healthcheck

Co-Authored-By: Paperclip <noreply@paperclip.ing>

docker-compose.prod.yml

@@ -1,6 +1,10 @@
 services:
   # ── Application Services ──────────────────────────────────────────────────────
   api:
+    build:
+      context: .
+      dockerfile: apps/api/Dockerfile
+      target: production
     image: ${REGISTRY_URL:-ghcr.io/goodgo}/goodgo-api:${IMAGE_TAG:-latest}
     container_name: goodgo-api
     restart: unless-stopped
@@ -21,6 +25,7 @@ services:
       MINIO_SECRET_KEY: ${MINIO_SECRET_KEY}
       AI_SERVICES_URL: http://ai-services:8000
       AI_SERVICES_API_KEY: ${AI_API_KEY}
+      RUN_MIGRATIONS: ${RUN_MIGRATIONS:-false}
     depends_on:
       postgres:
         condition: service_healthy