feat(api): add tag management endpoints for applications, databases, and services

[kleintonno]

Changes

Add API endpoints to manage tags on applications, databases, and services. Previously tags could only be managed through the web UI. This adds:

• GET /api/v1/tags — list all tags for the current team
• GET/POST/DELETE /api/v1/{applications,databases,services}/{uuid}/tags — CRUD tags per resource
• Optional tags array parameter on all resource creation endpoints (5 application types, 8 database types, 2 service paths)

Implementation uses a shared HandlesTagsApi trait to avoid code duplication across 3 controllers. Tags are race-safe (syncWithoutDetaching), sanitized (strip_tags + lowercase), and garbage-collected when orphaned.

Issues

• Related discussion: Add tag management API endpoints #9273

Category

• Bug fix
• Improvement
• New feature
• Adding new one click service
• Fixing or updating existing one click service

Preview

N/A — API-only changes, no UI modifications.

AI Assistance

• AI was NOT used to create this PR
• AI was used (please describe below)

If AI was used:

• Tools used: Claude Code (CLI)
• How extensively: AI assisted with implementation, code review, and test writing. All code was reviewed, understood, and verified by a human. All endpoints were manually tested against a local dev instance.

Testing

• 26 Pest tests in tests/Feature/TagApiTest.php
• Covers: CRUD for all 3 resource types, team isolation, tag sanitization (HTML stripping, lowercase), garbage collection of orphaned tags, race-safe duplicate handling, cross-resource isolation, validation errors (short names, unknown fields, mutually exclusive params)
• Existing API tests (EnvironmentVariableUpdateApiTest, StorageApiTest) pass without regression
• All endpoints manually tested against local dev instance via curl
• vendor/bin/pint --dirty passes clean

Contributor Agreement

Important

• I have read and understood the contributor guidelines. If I have failed to follow any guideline, I understand that this PR may be closed without review.
• I have searched existing issues and pull requests (including closed ones) to ensure this isn't a duplicate.
• I have tested all the changes thoroughly with a local development instance of Coolify and I am confident that they will work as expected when a maintainer tests them.

[ShadowArcanist]

Did you manually tested the API endpoints other than running the tests?

[ShadowArcanist]

Please resolve merge conflicts

[kleintonno]

yes, tested API endpoints with root api key and curl. worked fine

merge conflicts resolved