feat(Makefile): replace Cloud Run deployment with Firebase Hosting for launchpad

feat(firebase.json): remove site property from api-harness hosting config
feat(firebase): migrate launchpad to firebase hosting with auth

This commit migrates the internal launchpad from Cloud Run with IAP
to Firebase Hosting with Firebase Authentication. This change
simplifies the deployment process and leverages Firebase's authentication
capabilities for user access control.

The following changes were made:

- Updated the Makefile to remove Cloud Run deployment tasks and add
 Firebase Hosting deployment tasks.
- Removed the Dockerfile and .gcloudignore files, as they are no longer
 needed for Firebase Hosting.
- Updated the firebase.json file to configure Firebase Hosting for the
 launchpad.
- Modified the launchpad's index.html to include Firebase Authentication
 logic.
- Updated the iap-users.txt file to be used as a whitelist for Firebase
 Authentication.
- Added a launchpad-dev target to run the launchpad locally using the
 Firebase Hosting emulator.
- Removed the configure-iap-launchpad target, as IAP is no longer used.
- Removed the site property from the api-harness hosting configuration
 in firebase.json, as it is not needed.

The migration to Firebase Hosting provides the following benefits:

- Simplified deployment process.
- Firebase Authentication for user access control.
- Improved scalability and reliability.
- Reduced operational overhead.

Makefile

@@ -21,10 +21,6 @@ GCP_STAGING_PROJECT_ID := krow-workforce-staging
 IAP_SERVICE_ACCOUNT    := service-933560802882@gcp-sa-iap.iam.gserviceaccount.com
 
 # --- Cloud Run Configuration ---
-CR_LAUNCHPAD_SERVICE_NAME := internal-launchpad
-CR_LAUNCHPAD_REGION       := us-central1
-CR_LAUNCHPAD_IMAGE_URI    := us-docker.pkg.dev/$(GCP_DEV_PROJECT_ID)/gcr-io/$(CR_LAUNCHPAD_SERVICE_NAME)
-
 CR_ADMIN_SERVICE_NAME     := admin-console
 CR_ADMIN_REGION           := us-central1
 CR_ADMIN_IMAGE_URI        = us-docker.pkg.dev/$(GCP_PROJECT_ID)/gcr-io/$(CR_ADMIN_SERVICE_NAME)
@@ -68,6 +64,7 @@ help:
 	@echo "  make install          - Installs web frontend dependencies."
 	@echo "  make dev              - Starts the local web frontend server."
 	@echo "  make build            - Builds the web frontend for production."
+	@echo "  make launchpad-dev    - Starts the local launchpad server (Firebase Hosting emulator)."
 	@echo ""
 	@echo "  --- MOBILE APP DEVELOPMENT ---"
 	@echo "  make mobile-client-install        - Install dependencies for client app"
@@ -79,7 +76,7 @@ help:
 	@echo "  make mobile-staff-build           - Build staff app (requires ENV & PLATFORM, optional BUILD_TYPE=apk)"
 	@echo ""
 	@echo "  --- DEPLOYMENT ---"
-	@echo "  make deploy-launchpad-full - Deploys internal launchpad to Cloud Run (dev only) with IAP."
+	@echo "  make deploy-launchpad-hosting - Deploys internal launchpad to Firebase Hosting (Auth via Firebase)."
 	@echo "  make deploy-admin-full [ENV=staging] - Deploys Admin Console to Cloud Run with IAP (default: dev)."
 	@echo "  make deploy-app [ENV=staging] - Builds and deploys the main web app via Firebase Hosting (default: dev)."
 	@echo ""
@@ -125,29 +122,17 @@ build:
 	@echo "--> Building web frontend for production..."
 	@cd frontend-web && VITE_APP_ENV=$(ENV) npm run build
 
-# --- Deployment ---
-deploy-launchpad:
-	@echo "--> Building and deploying Internal Launchpad to Cloud Run..."
-	@echo "    - Step 1: Building container image..."
-	@cd firebase/internal-launchpad && gcloud builds submit \
-		--tag $(CR_LAUNCHPAD_IMAGE_URI) \
-		--project=$(GCP_DEV_PROJECT_ID)
-	@echo "    - Step 2: Deploying to Cloud Run..."
-	@gcloud run deploy $(CR_LAUNCHPAD_SERVICE_NAME) \
-		--image $(CR_LAUNCHPAD_IMAGE_URI) \
-		--platform managed \
-		--region $(CR_LAUNCHPAD_REGION) \
-		--no-allow-unauthenticated \
-		--project=$(GCP_DEV_PROJECT_ID)
-	@echo "    - Step 3: Enabling IAP on the service..."
-	@gcloud beta run services update $(CR_LAUNCHPAD_SERVICE_NAME) \
-		--region=$(CR_LAUNCHPAD_REGION) \
-		--project=$(GCP_DEV_PROJECT_ID) \
-		--iap
-	@echo "--> ✅ Deployment to Cloud Run successful."
+launchpad-dev:
+	@echo "--> Starting local Launchpad server using Firebase Hosting emulator..."
+	@firebase serve --only hosting:launchpad --project=$(FIREBASE_ALIAS)
 
-deploy-launchpad-full: deploy-launchpad configure-iap-launchpad
-	@echo "✅ Launchpad deployed and IAP configured successfully!"
+# --- Deployment ---
+deploy-launchpad-hosting:
+	@echo "--> Deploying Internal Launchpad to Firebase Hosting..."
+	@echo "    - Target: hosting:launchpad"
+	@echo "    - Project: $(FIREBASE_ALIAS)"
+	@firebase deploy --only hosting:launchpad --project=$(FIREBASE_ALIAS)
+	@echo "--> ✅ Deployment to Firebase Hosting successful."
 
 deploy-app: build
 	@echo "--> Deploying Frontend Web App to [$(ENV)] environment..."
@@ -214,30 +199,6 @@ free-dev: dataconnect-sync
 	@cd frontend-web-free && npm run dev -- --port 5174
 
 # --- Cloud IAP Configuration ---
-configure-iap-launchpad:
-	@echo "--> Configuring IAP for Cloud Run service [$(CR_LAUNCHPAD_SERVICE_NAME)]..."
-	@echo "    - Granting Cloud Run Invoker role to IAP Service Account..."
-	@gcloud run services add-iam-policy-binding $(CR_LAUNCHPAD_SERVICE_NAME) \
-		--region=$(CR_LAUNCHPAD_REGION) \
-		--project=$(GCP_DEV_PROJECT_ID) \
-		--member=\"serviceAccount:$(IAP_SERVICE_ACCOUNT)\" \
-		--role='roles/run.invoker' \
-		--quiet
-	@echo "    - Adding users from iap-users.txt..."
-	@cd firebase/internal-launchpad && \
-	grep -v '^#' iap-users.txt | grep -v '^$$' | while read -r member; do \
-		echo "      Adding $$member as IAP-secured Web App User..."; \
-		gcloud beta iap web add-iam-policy-binding \
-			--project=$(GCP_DEV_PROJECT_ID) \
-			--resource-type=cloud-run \
-			--service=$(CR_LAUNCHPAD_SERVICE_NAME) \
-			--region=$(CR_LAUNCHPAD_REGION) \
-			--member=\"$$member\" \
-			--role='roles/iap.httpsResourceAccessor' \
-			--quiet; \
-	done
-	@echo "✅ IAP configuration for Launchpad complete."
-
 configure-iap-admin:
 	@echo "--> Configuring IAP for Cloud Run service [$(CR_ADMIN_SERVICE_NAME)] in [$(ENV)]..."
 	@echo "    - Granting Cloud Run Invoker role to IAP Service Account..."