refactor: DB schema fixes + container renames + compose include + audit sprint

- FindingsLedger: change schema from public to findings (V3-01)
- Add 9 migration module plugins: RiskEngine, Replay, ExportCenter, Integrations, Signer, IssuerDirectory, Workflow, PacksRegistry, OpsMemory (V4-01 to V4-09)
- Remove 16 redundant inline CREATE SCHEMA patterns (V4-10)
- Rename export→export-web, excititor→excititor-web for consistency
- Compose stella-ops.yml: thin wrapper using include: directive
- Fix dead /api/v1/jobengine/* gateway routes → release-orchestrator/packsregistry
- Scheduler plugin architecture: ISchedulerJobPlugin + ScanJobPlugin + DoctorJobPlugin
- Create unified audit sink sprint plan
- VulnExplorer integration tests + gap analysis

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

devops/compose/docker-compose.compliance-china.yml

@@ -144,8 +144,8 @@ services:
   # ---------------------------------------------------------------------------
   # Excititor - China crypto overlay
   # ---------------------------------------------------------------------------
-  excititor:
-    image: registry.stella-ops.org/stellaops/excititor:china
+  excititor-web:
+    image: registry.stella-ops.org/stellaops/excititor-web:china
     environment:
       <<: *crypto-env
     volumes:

devops/compose/docker-compose.compliance-eu.yml

@@ -152,8 +152,8 @@ services:
   # ---------------------------------------------------------------------------
   # Excititor - EU crypto overlay
   # ---------------------------------------------------------------------------
-  excititor:
-    image: registry.stella-ops.org/stellaops/excititor:eu
+  excititor-web:
+    image: registry.stella-ops.org/stellaops/excititor-web:eu
     environment:
       <<: *crypto-env
     volumes:

devops/compose/docker-compose.compliance-russia.yml

@@ -160,8 +160,8 @@ services:
   # ---------------------------------------------------------------------------
   # Excititor - Russia crypto overlay
   # ---------------------------------------------------------------------------
-  excititor:
-    image: registry.stella-ops.org/stellaops/excititor:russia
+  excititor-web:
+    image: registry.stella-ops.org/stellaops/excititor-web:russia
     environment:
       <<: *crypto-env
     volumes:

devops/compose/docker-compose.crypto-provider.crypto-sim.yml

@@ -112,7 +112,7 @@ services:
       com.stellaops.crypto.simulator: "enabled"
 
   # Excititor - Enable sim crypto
-  excititor:
+  excititor-web:
     environment:
       <<: *sim-crypto-env
     labels:

devops/compose/docker-compose.crypto-provider.cryptopro.yml

@@ -136,7 +136,7 @@ services:
       com.stellaops.crypto.provider: "cryptopro"
 
   # Excititor - Use CryptoPro for VEX signing
-  excititor:
+  excititor-web:
     environment:
       <<: *cryptopro-env
     depends_on:

devops/helm/stellaops/values-airgap.yaml

@@ -217,8 +217,8 @@ services:
         mountPath: /app/etc/notify.yaml
         subPath: notify.yaml
         configMap: notify-config
-  excititor:
-    image: registry.stella-ops.org/stellaops/excititor@sha256:65c0ee13f773efe920d7181512349a09d363ab3f3e177d276136bd2742325a68
+  excititor-web:
+    image: registry.stella-ops.org/stellaops/excititor-web@sha256:65c0ee13f773efe920d7181512349a09d363ab3f3e177d276136bd2742325a68
     env:
       EXCITITOR__CONCELIER__BASEURL: "https://stellaops-concelier:8445"
       EXCITITOR__STORAGE__DRIVER: "postgres"

devops/helm/stellaops/values-dev.yaml

@@ -172,8 +172,8 @@ services:
         mountPath: /app/etc/notify.yaml
         subPath: notify.yaml
         configMap: notify-config
-  excititor:
-    image: registry.stella-ops.org/stellaops/excititor@sha256:d9bd5cadf1eab427447ce3df7302c30ded837239771cc6433b9befb895054285
+  excititor-web:
+    image: registry.stella-ops.org/stellaops/excititor-web@sha256:d9bd5cadf1eab427447ce3df7302c30ded837239771cc6433b9befb895054285
     env:
       EXCITITOR__CONCELIER__BASEURL: "https://stellaops-concelier:8445"
       EXCITITOR__STORAGE__DRIVER: "postgres"

devops/helm/stellaops/values-mirror.yaml

@@ -25,7 +25,7 @@ configMaps:
         }
 
         upstream excititor_backend {
-            server stellaops-excititor:8448;
+            server stellaops-excititor-web:8448;
             keepalive 32;
         }
 
@@ -179,8 +179,8 @@ services:
         secret:
           secretName: concelier-mirror-auth
 
-  excititor:
-    image: registry.stella-ops.org/stellaops/excititor@sha256:d9bd5cadf1eab427447ce3df7302c30ded837239771cc6433b9befb895054285
+  excititor-web:
+    image: registry.stella-ops.org/stellaops/excititor-web@sha256:d9bd5cadf1eab427447ce3df7302c30ded837239771cc6433b9befb895054285
     env:
       ASPNETCORE_URLS: "http://+:8448"
       EXCITITOR__STORAGE__DRIVER: "postgres"

devops/helm/stellaops/values-prod.yaml

@@ -247,8 +247,8 @@ services:
         mountPath: /app/etc/notify.yaml
         subPath: notify.yaml
         configMap: notify-config
-  excititor:
-    image: registry.stella-ops.org/stellaops/excititor@sha256:59022e2016aebcef5c856d163ae705755d3f81949d41195256e935ef40a627fa
+  excititor-web:
+    image: registry.stella-ops.org/stellaops/excititor-web@sha256:59022e2016aebcef5c856d163ae705755d3f81949d41195256e935ef40a627fa
     env:
       EXCITITOR__CONCELIER__BASEURL: "https://stellaops-concelier:8445"
       EXCITITOR__STORAGE__DRIVER: "postgres"

devops/helm/stellaops/values-stage.yaml

@@ -172,8 +172,8 @@ services:
         mountPath: /app/etc/notify.yaml
         subPath: notify.yaml
         configMap: notify-config
-  excititor:
-    image: registry.stella-ops.org/stellaops/excititor@sha256:59022e2016aebcef5c856d163ae705755d3f81949d41195256e935ef40a627fa
+  excititor-web:
+    image: registry.stella-ops.org/stellaops/excititor-web@sha256:59022e2016aebcef5c856d163ae705755d3f81949d41195256e935ef40a627fa
     env:
       EXCITITOR__CONCELIER__BASEURL: "https://stellaops-concelier:8445"
       EXCITITOR__STORAGE__DRIVER: "postgres"