[AZ-284] Autodev baseline + testability refactor

Phase A baseline outputs from /autodev (Steps 1-5):
- Problem & solution docs (_docs/00_problem, _docs/01_solution)
- Codebase documentation (_docs/02_document) incl. architecture,
  module-layout, glossary, system-flows, baseline compliance scan
- Test specs (blackbox, performance, resilience, security, resource,
  traceability matrix)
- Test task decomposition (_docs/02_tasks/todo): AZ-285..AZ-290
- Testability refactor (_docs/04_refactoring/01-testability-refactoring):
  - TC-01 Move DownloadedTileInfoV2 + new ExistingTileInfo to Common.DTO
  - TC-02 Replace dead ISatelliteDownloader API with real signatures
  - TC-03 GoogleMapsDownloaderV2 implements ISatelliteDownloader
  - TC-04 TileService depends on ISatelliteDownloader (mockable)
  - TC-05 DI + endpoints use ISatelliteDownloader
- Test runner scripts (scripts/run-tests.sh, run-performance-tests.sh)
- Autodev state pointer (_docs/_autodev_state.md)

Prepares the codebase for AZ-285..AZ-290 unit/integration test work.

Co-authored-by: Cursor <cursoragent@cursor.com>

_docs/02_document/deployment/ci_cd_pipeline.md

@@ -0,0 +1,49 @@
+# CI/CD Pipeline
+
+## Platform
+
+**CI Server**: Woodpecker CI (self-hosted)
+**Agent architecture**: ARM64 (AMD64 prepared but not yet active)
+
+## Pipeline Stages
+
+```mermaid
+flowchart LR
+    Push[Push/PR to dev/stage/main] --> Test[01-test]
+    Test --> Build[02-build-push]
+```
+
+### 01-test (Unit Tests)
+
+| Property | Value |
+|----------|-------|
+| Trigger | push, pull_request, manual |
+| Branches | dev, stage, main |
+| Image | mcr.microsoft.com/dotnet/sdk:8.0 |
+| Steps | `dotnet restore` → `dotnet test` (Release config) |
+| Output | TRX test results |
+
+### 02-build-push (Docker Build & Push)
+
+| Property | Value |
+|----------|-------|
+| Trigger | push, manual |
+| Branches | dev, stage, main |
+| Depends on | 01-test (must pass) |
+| Image | docker (DinD via socket mount) |
+| Tag format | `{branch}-arm` (e.g., `dev-arm`) |
+| Registry | Private (from secrets: registry_host, registry_user, registry_token) |
+
+## Multi-Architecture Strategy
+
+- Currently: ARM64 only
+- Prepared: AMD64 entry commented out in matrix
+- Tag suffix distinguishes architectures (`-arm`, `-amd`)
+
+## Secrets
+
+| Secret | Purpose |
+|--------|---------|
+| registry_host | Container registry URL |
+| registry_user | Registry username |
+| registry_token | Registry password/token |

_docs/02_document/deployment/containerization.md

@@ -0,0 +1,45 @@
+# Containerization
+
+## Docker Image
+
+**Base image**: `mcr.microsoft.com/dotnet/aspnet:8.0`
+**Build image**: `mcr.microsoft.com/dotnet/sdk:8.0`
+**Build strategy**: Multi-stage (restore → build → publish → runtime)
+**Exposed ports**: 8080 (HTTP), 8081 (management/metrics)
+
+## Container Composition (docker-compose.yml)
+
+| Service | Image | Ports (host:container) | Purpose |
+|---------|-------|------------------------|---------|
+| postgres | postgres:16 | 5432:5432 | Database |
+| api | Custom (Dockerfile) | 18980:8080, 18981:8081 | Application |
+
+## Volumes
+
+| Mount | Container Path | Purpose |
+|-------|---------------|---------|
+| ./tiles | /app/tiles | Tile image storage |
+| ./ready | /app/ready | Output artifacts (CSV, summary, stitched, ZIP) |
+| ./logs | /app/logs | Serilog file output |
+| postgres_data (named) | /var/lib/postgresql/data | Database persistence |
+
+## Health Checks
+
+- **PostgreSQL**: `pg_isready -U postgres` (interval 5s, timeout 5s, retries 5)
+- **API**: depends on postgres health (startup ordering)
+
+## Environment Variables
+
+| Variable | Source | Purpose |
+|----------|--------|---------|
+| ASPNETCORE_ENVIRONMENT | docker-compose | Environment selection |
+| ASPNETCORE_URLS | docker-compose | Listen address |
+| ConnectionStrings__DefaultConnection | docker-compose | DB connection string |
+| MapConfig__ApiKey | Host env `GOOGLE_MAPS_API_KEY` | Google Maps API key |
+| AZAION_REVISION | Build arg (CI_COMMIT_SHA) | Git revision tracking |
+
+## Build Labels (OCI)
+
+- `org.opencontainers.image.revision` — Git commit SHA
+- `org.opencontainers.image.created` — Build timestamp
+- `org.opencontainers.image.source` — Repository URL

_docs/02_document/deployment/environment_strategy.md

@@ -0,0 +1,32 @@
+# Environment Strategy
+
+## Environments
+
+| Environment | Purpose | Configuration Source |
+|-------------|---------|---------------------|
+| Development | Local development via docker-compose | appsettings.Development.json + docker-compose env |
+| Production | Deployed container | Environment variables |
+
+## Configuration Hierarchy
+
+1. `appsettings.json` — base defaults
+2. `appsettings.{Environment}.json` — environment overrides
+3. Environment variables — final override (production secrets)
+
+## Key Differences
+
+| Concern | Development | Production |
+|---------|-------------|------------|
+| Database host | localhost / postgres (container) | Environment variable |
+| Google Maps key | appsettings.Development.json | `MapConfig__ApiKey` env var |
+| Logging | Console + File | File only |
+| Swagger UI | Enabled | Enabled (no auth gate currently) |
+| Ports | 18980 (mapped from 8080) | 8080 |
+
+## Observability
+
+- **Logging**: Serilog writing to `./logs/` directory (file sink)
+- **Log format**: Structured (Serilog default)
+- **Metrics**: None currently implemented
+- **Health checks**: PostgreSQL readiness via `pg_isready`
+- **Tracing**: None currently implemented