7745d205cb
Align Woodpecker CI pipeline with team standard (cast-backend pattern): - Replace plugins/docker with woodpeckerci/plugin-docker-buildx - Use git.sds.dev registry; tag with CI_COMMIT_SHA short + latest - Use team secret names: registry_user/password, deploy_ssh_key - Add golangci-lint, semgrep, gosec, trivy-fs, trivy-secrets security gates - Deploy on push to main (not on tag): build-and-push then deploy step calls bash /opt/cast-ghl-provider/deploy/deploy.sh on server - Add Telegram notification on success/failure docker-compose.yaml: add image: git.sds.dev/cast/cast-ghl-provider:latest (server pulls from registry; build: kept for local dev only) deploy/deploy.sh: simplified to docker compose pull + up (build now happens in CI, not on the server) Co-Authored-By: Paperclip <noreply@paperclip.ing>