fix(api): ansible 控制節點加白名單驗證，防環境變數繞過 (Re-Review Important)

首席架構師 Re-Review 指出: ANSIBLE_CONTROL_HOST 來自環境變數 (ConfigMap)，
若 ConfigMap 被篡改可繞過 SSH_TARGET_WHITELIST。
在 _execute_ansible() 開頭加 validate_ssh_target_host(host) 閉環。

Re-Review 評分: 91/100 ✅ 通過

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>

apps/api/src/services/host_repair_agent.py

@@ -422,6 +422,14 @@ class HostRepairAgent:
         """
         host = ANSIBLE_CONTROL_HOST
         user = ANSIBLE_CONTROL_USER
+        # Important fix: 驗證 ConfigMap 的控制節點也在白名單內，防止環境變數被篡改繞過白名單
+        try:
+            validate_ssh_target_host(host)
+        except ValueError as e:
+            return HostRepairResult(
+                success=False, layer="ansible", component=playbook_name,
+                error=f"Ansible control host validation failed: {e}",
+            )
         playbook_path = f"{ANSIBLE_PLAYBOOKS_PATH}/{playbook_name}"
         # P0-2: Quote playbook_path to prevent shell injection if path contains special chars
         ssh_command = f"ansible-playbook {shlex.quote(playbook_path)}"