fix(augment): enforce lifecycle validation on publish/unpublish routes

[rrbanda]

Summary

• PUT /agents/:id/publish now enforces staging → production transition via isValidTransition
• PUT /agents/:id/unpublish now enforces production → staging transition
• PUT /agents/bulk-publish validates each agent individually and reports skipped agents that fail validation
• All routes now include from/to stages in audit log entries

Previously, these shortcuts allowed jumping from any lifecycle stage directly to production, bypassing required review and staging phases.

Part of the Agent Lifecycle Governance Epic.

Test plan

• Try to publish an agent in "draft" stage -- should get validation error
• Promote an agent through draft → review → staging, then publish -- should succeed
• Unpublish a production agent -- should move to staging
• Try to unpublish a non-production agent -- should get validation error
• Bulk publish mixed agents (some in staging, some in draft) -- draft ones should be skipped

[rhdh-gh-app]

Missing Changesets

The following package(s) are changed by this PR but do not have a changeset:

• @red-hat-developer-hub/backstage-plugin-augment-backend

See CONTRIBUTING.md for more information about how to add changesets.

Changed Packages

Package Name	Package Path	Changeset Bump	Current Version
@red-hat-developer-hub/backstage-plugin-augment-backend	workspaces/augment/plugins/augment-backend	none	v0.1.0

[sonarqubecloud]

Quality Gate failed

Failed conditions
19.6% Duplication on New Code (required ≤ 3%)

See analysis details on SonarQube Cloud

[codecov]

Codecov Report

❌ Patch coverage is 0% with 21 lines in your changes missing coverage. Please review.
✅ Project coverage is 53.40%. Comparing base (7d93262) to head (c2eba82).
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3207      +/-   ##
==========================================
- Coverage   53.41%   53.40%   -0.01%     
==========================================
  Files        2373     2373              
  Lines       84895    84910      +15     
  Branches    23568    23571       +3     
==========================================
  Hits        45349    45349              
- Misses      39200    39215      +15     
  Partials      346      346              

Flag	Coverage Δ		*Carryforward flag
adoption-insights	83.58% <ø> (ø)		Carriedforward from 7d93262
ai-integrations	70.03% <ø> (ø)		Carriedforward from 7d93262
app-defaults	69.60% <ø> (ø)		Carriedforward from 7d93262
augment	46.66% <0.00%> (-0.02%)	⬇️
bulk-import	72.86% <ø> (ø)		Carriedforward from 7d93262
cost-management	16.49% <ø> (ø)		Carriedforward from 7d93262
dcm	32.85% <ø> (ø)		Carriedforward from 7d93262
extensions	61.79% <ø> (ø)		Carriedforward from 7d93262
global-floating-action-button	74.30% <ø> (ø)		Carriedforward from 7d93262
global-header	61.68% <ø> (ø)		Carriedforward from 7d93262
homepage	50.92% <ø> (ø)		Carriedforward from 7d93262
konflux	91.01% <ø> (ø)		Carriedforward from 7d93262
lightspeed	68.33% <ø> (ø)		Carriedforward from 7d93262
mcp-integrations	81.59% <ø> (ø)		Carriedforward from 7d93262
orchestrator	36.36% <ø> (ø)		Carriedforward from 7d93262
quickstart	62.88% <ø> (ø)		Carriedforward from 7d93262
sandbox	79.49% <ø> (ø)		Carriedforward from 7d93262
scorecard	83.84% <ø> (ø)		Carriedforward from 7d93262
theme	64.54% <ø> (ø)		Carriedforward from 7d93262
translations	8.49% <ø> (ø)		Carriedforward from 7d93262
x2a	78.59% <ø> (ø)		Carriedforward from 7d93262

*This pull request uses carry forward flags. Click here to find out more.

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7d93262...c2eba82. Read the comment docs.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[rrbanda]

Closing: superseded by Phase 1 (#3222) + Phase 4 (#3225) which consolidate lifecycle transition enforcement with the full hardening implementation.