fix(cd): Use kubectl for health check instead of external DNS

Problem: Self-hosted runner (192.168.0.110) cannot resolve
api.awoooi.wooo.work, causing health check to fail even though
deployments succeeded.

Solution:
- Use kubectl get pods to verify Pod is Running
- Use kubectl exec to test internal health endpoint (localhost:8000)
- More reliable than external DNS dependency

This follows mainstream K8s deployment practices.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

.github/workflows/cd.yaml

@@ -224,8 +224,17 @@ jobs:
 
       - name: Health check
         run: |
+          export PATH="$HOME/.local/bin:$PATH"
           sleep 10
-          curl -f https://api.awoooi.wooo.work/api/v1/health || exit 1
+          # 使用 kubectl 驗證 Pod 健康 (避免 runner DNS 問題)
+          echo "🔍 檢查 API Pod 狀態..."
+          kubectl get pods -n awoooi-prod -l app=awoooi-api -o jsonpath='{.items[*].status.phase}' | grep -q Running
+          echo "✅ API Pod Running"
+
+          # 透過 kubectl exec 測試內部健康端點
+          API_POD=$(kubectl get pods -n awoooi-prod -l app=awoooi-api -o jsonpath='{.items[0].metadata.name}')
+          kubectl exec -n awoooi-prod $API_POD -- curl -sf http://localhost:8000/api/v1/health || exit 1
+          echo "✅ API 內部健康檢查通過"
 
       - name: Notify Telegram on Success
         if: success()