Harden published Docker image and GHCR publish workflow

[pinodeca]

Summary

Follow-up improvements to the GHCR Docker-publishing work added across #218 and #222 (reviewed as a combined change, since #222 partly reversed #218). Scope is the published image and its publish workflow plus related docs; the local-dev Docker CI is intentionally untouched.

Image hardening (Dockerfile.release)

• Pin init to the postgres database. The init script now connects with --dbname postgres instead of $POSTGRES_DB, so POSTGRES_DB can no longer desync the extension from the background worker (which targets postgres). Previously, -e POSTGRES_DB=myapp would silently install the extension where the worker never looks.
• Install the .deb via apt so any dependencies the package declares resolve automatically (instead of bare dpkg -i).
• Add a HEALTHCHECK based on pg_isready against the postgres database.

Publish workflow hardening (docker-publish.yml)

• Default dry_run to true for manual workflow_dispatch, so pushing is a deliberate choice; release events still publish.
• Add --limit 1000 to gh release list so the "highest stable release" computation isn't capped at the default 30.
• Add an overwrite input (default false): immutable X.Y.Z-pg<major> tags are skipped if already present unless overwrite=true; floating pg<major>/latest tags always move forward.
• End-to-end smoke test: the smoke step now runs df.start('SELECT 1') and polls df.status to completed, proving the background worker actually executes (would have caught the POSTGRES_DB mismatch above).
• Provenance + SBOM attestations: a second cache-backed build-push-action (push: true, provenance, sbom) publishes the byte-identical image with attestations, since a --loaded image can't carry them.

Documentation

• docs/http-security.md: corrected the stale "production Dockerfile" claim — the source Dockerfile uses http-allow-test-domains; the released .deb / Dockerfile.release use http-allow-azure-domains.
• README.md: moved the GHCR run examples into the Packages section (PG17 + PG18 side by side with psql), noted that POSTGRES_DB is ignored, recommended pinning immutable tags, and clarified that the GHCR image and the source Dockerfile are different artifacts. The Development → Docker subsection now keeps only the from-source flow.
• prompts/pg_durable-release.md: added a "Publish the Public Image to GHCR" runbook covering the ref/dry_run/overwrite inputs and typical flows.

Notes / deferred

• Action SHA pinning was deferred. Pinning the publish workflow's actions to commit SHAs is good practice, but the rest of the repo uses floating major tags; tracking it as a repo-wide change rather than doing it inconsistently here.

Testing

Trigger workflow on this PR branch, set dry run to true.