🧪 test: add JWT secret rotation BDD scenarios and step implementations (#12)

✨ merge: implement JWT secret rotation with BDD scenario isolation

- Implement JWT secret rotation mechanism (closes #8)
- Add per-scenario state isolation for BDD tests (closes #14)
- Validate password reset workflow via BDD tests (closes #7)
- Fix port conflicts in test validation
- Add state tracer for debugging test execution
- Document BDD isolation strategies in ADR 0025
- Fix PostgreSQL configuration environment variables

Generated by Mistral Vibe.
Co-Authored-By: Mistral Vibe <vibe@mistral.ai>
Co-authored-by: Gabriel Radureau <arcodange@gmail.com>
Co-committed-by: Gabriel Radureau <arcodange@gmail.com>

pkg/bdd/steps/common_steps.go

@@ -9,13 +9,19 @@ import (
 
 // CommonSteps holds shared step definitions that are used across multiple domains
 type CommonSteps struct {
-	client *testserver.Client
+	client      *testserver.Client
+	scenarioKey string // Track current scenario for state isolation
 }
 
 func NewCommonSteps(client *testserver.Client) *CommonSteps {
 	return &CommonSteps{client: client}
 }
 
+// SetScenarioKey sets the current scenario key for state isolation
+func (s *CommonSteps) SetScenarioKey(key string) {
+	s.scenarioKey = key
+}
+
 // Response validation steps
 func (s *CommonSteps) theResponseShouldBe(arg1, arg2 string) error {
 	// The regex captures the full JSON from the feature file, including quotes