fix(k8s): add APP_SESSION_SECRET to ConfigMap to fix captcha errors with multi-pod

Without a shared cookie signing key, each pod generates a random key on
startup. Requests that hit different pods fail session validation, causing
CaptchaError when the captcha and login requests route to different pods.

deploy/configmap.yaml

@@ -26,6 +26,7 @@ data:
   APP_DATABASE_HEALTH_CHECK_INTERVAL: "30"
   APP_DATABASE_RETRY_ATTEMPTS: "3"
   APP_DATABASE_RETRY_DELAY: "1"
+  APP_SESSION_SECRET: "571e53736a57f16c870b755e80dace66f7fd7f8a788c9aeaff879e5dc3c3d79a"
   APP_REDIS_URL: "redis://default:redis123@valkey-cluster.valkey-cluster.svc.cluster.local:6379"
   APP_REDIS_POOL_SIZE: "16"
   APP_REDIS_CONNECT_TIMEOUT: "5"