fix: inject placeholder API key for keyless custom endpoints

[khaledsulayman]

Summary

• Fixes Custom endpoint deploys without API key fail at startup (keyless auth) #166 — custom endpoints without API keys fail at startup
• When a custom endpoint is configured without an API key, injects a placeholder value (no-key-required) so OpenClaw's auth requirement is satisfied
• Applies to both local (podman/docker) and Kubernetes deployers

Changes

• k8s-helpers.ts: Added KEYLESS_ENDPOINT_PLACEHOLDER constant; updated modelEndpointApiKeyRef resolution to create an env secret ref when modelEndpoint is set even without a key
• local.ts: Same ref resolution fix; added placeholder env var injection in buildRunArgs()
• k8s-manifests.ts: Added placeholder to secretManifest() Secret data when endpoint exists but no key is provided
• Updated existing test and added 3 new regression tests

Test plan

• npm run build passes
• npm run lint passes
• npm test — all server tests pass, including new regression tests
• Deploy with keyless vLLM endpoint on OpenShift
• Deploy with keyless endpoint locally via podman/docker
• Deploy with a real API key and verify it still works

_{Generated by Claude under the supervision of Khaled Sulayman}