Add environment naming conventions to implementation guide

[dangrondahl]

Description

The implementation guide already has naming convention pages for flows/trails and attestation types, but environments are missing:

implementation_guide/phase_2/plan_organizational_structure/naming_conventions/
├── overview.md              ✅ General guidelines (delimiters, case, regex)
├── flows_and_trails.md      ✅ Build flows, release flows, trail naming
├── attestation_types.md     ✅ Control-objective-evidence-detail-version pattern
└── environments.md          ❌ MISSING

The overview page mentions environments as a target for naming conventions, but there's no dedicated page covering them.

Additionally, kosli tag env (CLI reference) supports key-value tagging on environments, but there's no best-practice guidance on what to tag or why. Tagging complements naming -- names identify environments, tags classify them for filtering, policies, and reporting.

Originally tracked in kosli-dev/customer-success#59 (could not transfer due to private-to-public repo restriction).

What should environments.md cover

Following the pattern established by the existing naming convention pages:

Naming:

1. Physical environment naming -- convention for K8S, ECS, Lambda, S3, docker, server types
   • Suggested pattern: {stage}-{service}-{type} (e.g. prod-api-k8s, staging-web-ecs)
   • Or {org-unit}-{stage}-{type} depending on org structure
2. Logical environment naming -- how to name logical environments that group physical ones
   • Suggested pattern: {stage} or {stage}-{region} (e.g. production, staging-eu)
   • Relationship between logical and physical names should be clear
3. Examples with multiple case styles (snake_case, camelCase, PascalCase) -- matching the tab format used in flows_and_trails.md and attestation_types.md
4. Regex patterns for enforcement -- matching the pattern from overview.md
5. Multi-region and multi-cloud patterns -- e.g. prod-eu-west-1-k8s vs prod-us-east-1-ecs

Tagging best practices:

6. Recommended tag keys -- standard keys that help with filtering and policy:
   • region -- AWS/GCP/Azure region (e.g. eu-west-1, us-east-1)
   • team -- owning team (e.g. platform, payments)
   • tier -- criticality level (e.g. production, staging, development)
   • cloud -- provider (e.g. aws, gcp, azure, on-prem)
   • cost-center -- for billing/chargeback
7. When to use tags vs encoding in the name -- tags for filterable metadata that may change; names for stable identity. E.g. don't put team=payments in the name if ownership changes; use a tag instead.
8. Tag naming conventions -- lowercase keys, consistent value formats, avoid redundancy with the environment name

Existing content to reference

• overview.md -- general guidelines (delimiters, case styles, regex)
• flows_and_trails.md -- follow the same structure
• Getting Started: Environments -- introduces logical environments
• CLI: create environment -- character constraints and supported types
• CLI: kosli tag -- tag command with kosli tag env examples

Tasks

• Create implementation_guide/phase_2/plan_organizational_structure/naming_conventions/environments.md
• Follow the same structure as flows_and_trails.md (convention, ParamField components, tabbed case examples, regex, accordion examples)
• Cover physical environments (K8S, ECS, Lambda, S3, docker, server)
• Cover logical environments and their relationship to physical naming
• Add multi-region/multi-cloud naming examples
• Add tagging best practices section: recommended keys, when tags vs name, tag naming conventions
• Add the page to docs.json navigation under the naming conventions group