fix(database,api): add 6 missing table migrations and fix CORS health checks

Database: 6 models in the Prisma schema had no CREATE TABLE migration:
cron_schedules, workspace_llm_settings, quality_gates, task_rejections,
token_budgets, llm_usage_logs. Same root cause as the federation tables.

CORS: Health check requests (Docker, load balancers) don't send Origin
headers. The CORS config was rejecting these in production, causing
/health to return 500 and Docker to mark the container as unhealthy.
Requests without Origin headers are not cross-origin per the CORS spec
and should be allowed through.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

apps/api/src/main.ts

@@ -66,14 +66,10 @@ async function bootstrap() {
       origin: string | undefined,
       callback: (err: Error | null, allow?: boolean) => void
     ): void => {
-      // SECURITY: In production, reject requests with no Origin header.
-      // In development, allow no-origin requests (Postman, curl, mobile apps).
+      // Allow requests with no Origin header (health checks, server-to-server,
+      // load balancer probes). These are not cross-origin requests per the CORS spec.
       if (!origin) {
-        if (isDevelopment) {
-          callback(null, true);
-        } else {
-          callback(new Error("CORS: Origin header is required"));
-        }
+        callback(null, true);
         return;
       }