feat(jira): per-user auth, lifecycle hooks, admin config endpoints

- Add jira_api_token field to User model + migration b042
- Per-user Jira client: user's corporate email + personal Atlassian token
- Admin-configurable Jira URL/project via system_configs (GET/PATCH /system/jira-config + POST /system/jira-test)
- Auto-create Jira ticket when a test is created (non-fatal)
- Push lifecycle comments on every state transition: draft→red_executing→blue_evaluating→in_review→validated/rejected→draft
- Rich ticket descriptions with technique, MITRE ID, priority from severity, labels
- UserOut.jira_token_set (bool) instead of exposing raw token
- PATCH /users/me/preferences now accepts jira_api_token

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

backend/alembic/versions/b042_jira_user_token.py

@@ -0,0 +1,25 @@
+"""Add jira_api_token to users table.
+
+Revision ID: b042
+Revises: b041_operational_alerts
+Create Date: 2026-05-26
+"""
+
+from alembic import op
+import sqlalchemy as sa
+
+revision = "b042"
+down_revision = "b041_operational_alerts"
+branch_labels = None
+depends_on = None
+
+
+def upgrade() -> None:
+    op.add_column(
+        "users",
+        sa.Column("jira_api_token", sa.String(500), nullable=True),
+    )
+
+
+def downgrade() -> None:
+    op.drop_column("users", "jira_api_token")