v0.1.1 Full release pipeline lights up: each tag now produces - 3 signed UBI 9.8 container images (consent, ldap-bridge, portal) - 3 CycloneDX SBOMs via syft (uploaded to project's generic package registry) - GitLab Release record (portal SBOM linked from the release page) No code changes; first time exercising the container-sbom + release-create catalog templates against this repo. Cuts the "shippable" question: auth substrate is image-ready, SBOM-traceable, sig-verifiable, ready for the carmine pyinfra cutover.