ci: aligner pipeline sur le modèle de référence (fabio/consul/registrator)

- Suppression de deploy-rsync (hors stack)
- Renommage deploy-docker → deploy
- Ajout healthcheck (curl localhost:3006, max 100s)
- Remplacement notify Telegram/vars Drone → notify-failure avec vars CI
  ($CI_BUILD_NUMBER, $CI_COMMIT_SHA, $CI_COMMIT_BRANCH)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

.woodpecker.yml

@@ -7,6 +7,7 @@ when:
 steps:
 
   # Etape 1 : Build de l'application statique
+  # Les vars CI (CI_REPO_OWNER, CI_COMMIT_BRANCH) sont injectees automatiquement par Woodpecker
   - name: build
     image: node:20-alpine
     environment:
@@ -21,59 +22,44 @@ steps:
       - npm run build
       - ls -la build/ | head -10
 
-  # Etape 2a : Deploiement via rsync (optionnel — choisir rsync OU docker, pas les deux)
-  - name: deploy-rsync
-    image: alpine:latest
-    environment:
-      DEPLOY_HOST:
-        from_secret: deploy_host
-      DEPLOY_USER:
-        from_secret: deploy_user
-      DEPLOY_PATH:
-        from_secret: deploy_path
-      DEPLOY_KEY:
-        from_secret: deploy_key
-    commands:
-      - apk add --no-cache openssh-client rsync
-      - mkdir -p ~/.ssh
-      - echo "$DEPLOY_KEY" > ~/.ssh/id_rsa
-      - chmod 600 ~/.ssh/id_rsa
-      - ssh-keyscan -H $DEPLOY_HOST >> ~/.ssh/known_hosts || true
-      - rsync -avz --delete build/ $DEPLOY_USER@$DEPLOY_HOST:$DEPLOY_PATH/
-      - echo "Deploiement termine sur $DEPLOY_HOST:$DEPLOY_PATH"
-
-  # Etape 2b : Deploiement via Docker Compose (recommande)
-  - name: deploy-docker
+  # Etape 2 : Deploiement sur sonic via Docker socket
+  # NOTE: from_secret et volumes: incompatibles dans le meme step (bug Woodpecker next)
+  # Aucun secret ici — les variables de build sont dans docker-compose.business.yml
+  - name: deploy
     image: docker:27-cli
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
     commands:
       - docker compose -f docker-compose.business.yml build --no-cache
       - docker compose -f docker-compose.business.yml up -d --remove-orphans
-      - docker compose -f docker-compose.business.yml ps | grep laplank-radar || echo "Conteneur non trouve"
+      - docker compose -f docker-compose.business.yml ps
 
-  # Etape 3 : Notification Telegram
-  - name: notify
-    image: appleboy/drone-telegram
-    settings:
-      token:
-        from_secret: telegram_token
-      to:
-        from_secret: telegram_chat_id_ajr
-      format: markdown
-      message: >
-        {{#success build.status}}
-        ✅ Build réussi pour `{{repo.name}}` sur la branche `{{commit.branch}}`
-        📝 Commit: `{{commit.message}}`
-        👤 Auteur: {{commit.author}}
-        🔗 {{ build.link }}
-        {{else}}
-        ❌ Build échoué pour `{{repo.name}}` sur la branche `{{commit.branch}}`
-        📝 Commit: `{{commit.message}}`
-        👤 Auteur: {{commit.author}}
-        🔗 {{ build.link }}
-        {{/success}}
+  # Etape 3 : Healthcheck post-deploiement
+  - name: healthcheck
+    image: alpine:3.20
+    commands:
+      - apk add --no-cache --quiet curl
+      - |
+        MAX=20
+        i=0
+        until [ $i -ge $MAX ]; do
+          CODE=$(curl -sSo /dev/null -w "%{http_code}" http://localhost:3006/ 2>/dev/null)
+          echo "Tentative $((i+1))/$MAX - HTTP $CODE"
+          if [ "$CODE" = "200" ]; then
+            echo "Radar repond sur http://localhost:3006/"
+            exit 0
+          fi
+          i=$((i+1))
+          sleep 5
+        done
+        echo "ERREUR: Radar ne repond pas apres $(($MAX * 5)) secondes"
+        exit 1
+
+  # Notification en cas d'echec
+  - name: notify-failure
+    image: alpine:3.20
+    commands:
+      - 'echo "ECHEC pipeline #$CI_BUILD_NUMBER sur commit $CI_COMMIT_SHA"'
+      - 'echo "Branche: $CI_COMMIT_BRANCH"'
     when:
-      - status:
-          - success
-          - failure
+      - status: failure