feat: Initialize Zastava Webhook service with TLS and Authority authentication

- Added Program.cs to set up the web application with Serilog for logging, health check endpoints, and a placeholder admission endpoint.
- Configured Kestrel server to use TLS 1.3 and handle client certificates appropriately.
- Created StellaOps.Zastava.Webhook.csproj with necessary dependencies including Serilog and Polly.
- Documented tasks in TASKS.md for the Zastava Webhook project, outlining current work and exit criteria for each task.

etc/notify.yaml.sample

@@ -0,0 +1,46 @@
+# Notify WebService sample configuration
+
+storage:
+  # Use "mongo" for production deployments; set to "memory" only for tests/dev harnesses.
+  driver: mongo
+  connectionString: "mongodb://localhost:27017"
+  database: "stellaops_notify"
+  commandTimeoutSeconds: 30
+
+authority:
+  enabled: true
+  issuer: "https://authority.stella-ops.local"
+  metadataAddress: "https://authority.stella-ops.local/.well-known/openid-configuration"
+  requireHttpsMetadata: true
+  allowAnonymousFallback: false
+  backchannelTimeoutSeconds: 30
+  tokenClockSkewSeconds: 60
+  audiences:
+    - notify
+  readScope: notify.read
+  adminScope: notify.admin
+
+api:
+  basePath: "/api/v1/notify"
+  internalBasePath: "/internal/notify"
+  tenantHeader: "X-StellaOps-Tenant"
+
+plugins:
+  baseDirectory: "../"
+  directory: "plugins/notify"
+  searchPatterns:
+    - "StellaOps.Notify.Connectors.*.dll"
+  orderedPlugins:
+    - StellaOps.Notify.Connectors.Slack
+    - StellaOps.Notify.Connectors.Teams
+    - StellaOps.Notify.Connectors.Email
+    - StellaOps.Notify.Connectors.Webhook
+
+telemetry:
+  enableRequestLogging: true
+  minimumLogLevel: Information
+
+# When running in development without Authority, set the following instead:
+# authority:
+#   enabled: false
+#   developmentSigningKey: "change-me-32-bytes-minimum-signing-key"