feat(infra): prestage broader app exposure hardening

apps/telephony/telephony.yaml

@@ -114,6 +114,9 @@ spec:
       app: telephony-web
   template:
     metadata:
+      annotations:
+        fc.flowercore.io/healthz-anon: "true"
+        fc.flowercore.io/probe-path: "/health"
       labels:
         app: telephony-web
     spec:
@@ -161,6 +164,7 @@ spec:
           ports:
             - containerPort: 5100
               name: http
+          # fc-safe-to-expose: X-Forwarded-Proto handled by AddFlowerCoreWebAuth (ADR-178) before any future public/OIDC flip.
           env:
             - name: Telephony__Twilio__AccountSid
               valueFrom:
@@ -387,4 +391,3 @@ spec:
 
 
 
-