refactor(guest-agent): isolate simulator from production paths

[kvinwang]

Summary

This PR hardens the guest-agent / simulator boundary and removes several design smells around simulated attestation handling.

What changed

• split simulator execution into a dedicated dstack-guest-agent-simulator crate/binary
• removed runtime mixed-mode simulator switching from the production guest-agent config/binary path
• introduced a platform backend boundary for real vs simulator attestation/event behavior
• removed shared-flow attestation override handling
• moved simulator-only attestation helper code out of the dstack-guest-agent crate and into the simulator crate
• changed info attestation retrieval to fail loudly instead of silently returning default AppInfo
• moved RA-TLS CSR assembly out of cert-client, so cert-client now only signs CSRs
• updated simulator build flow to build the standalone simulator binary

Why

Previously, simulator behavior was mixed into the same guest-agent binary and selected by runtime configuration. That made the trust boundary fuzzy and increased the risk of accidentally routing production paths through simulated attestation behavior.

This PR makes the separation much stricter:

• production binary only uses the real platform implementation
• simulator binary owns simulator-only helper logic
• certificate issuance no longer relies on an attestation override hook in shared code
• guest-agent and simulator now assemble RA-TLS CSRs themselves; cert-client only transports/signs them

Validation

Ran successfully:

• cargo check -p cert-client -p dstack-guest-agent -p dstack-guest-agent-simulator -p dstack-util
• cargo test -p dstack-guest-agent --lib
• cargo test -p dstack-guest-agent-simulator
• cd sdk/simulator && ./build.sh

Commits

• refactor(guest-agent): isolate simulator into standalone binary
• refactor(cert): remove attestation override from shared flow
• refactor(simulator): move simulator helpers out of guest-agent crate
• refactor(cert): move csr assembly out of cert-client