feat: add audit infrastructure to PaymentOrder service (task 13) (#340)

* feat: add audit infrastructure to PaymentOrder service (task 13)

Add async audit trail capability to the payment-order service using
the audit_outbox pattern established in task 7.

Changes:
- Add audit_log and audit_outbox table migration
- Implement GORM AfterCreate/AfterDelete hooks for PaymentOrderEntity
- Add explicit audit recording in repository Update method
  (required because optimistic locking uses Map-based Updates which
  don't trigger GORM struct hooks)
- Add AuditOutbox model for outbox entries
- Add comprehensive audit integration tests covering:
  - INSERT, UPDATE, DELETE operations
  - Status transitions (INITIATED -> RESERVED -> EXECUTING -> COMPLETED)
  - Failure scenarios (FAILED status with reason/error code)
  - Lien execution status tracking
  - Critical fields capture (Status, Amount, DebtorAccountID, etc.)
- Update existing repository tests to include audit_outbox table setup

* fix: add audit_outbox table to integration test setup

Update integration test setup to include audit_outbox table required
by the new audit hooks. Also fix table name to use singular form
matching the entity's TableName() method.

* fix: use VARCHAR(45) for client_ip instead of INET

Address CodeRabbit feedback: Use VARCHAR(45) consistently for client_ip
across migration and test DDL. VARCHAR(45) is sufficient for both IPv4
(15 chars) and IPv6 (45 chars) addresses, and simplifies test setup.

---------

Co-authored-by: Ben Coombs <bjcoombs@users.noreply.github.com>

Author: bjcoombs