ci: add health check + rollback hint to deploy step

- Record previous docker images before deploy
- Health check loop: 12 attempts × 5s = 60s total
- On failure: warning + previous images printed for manual rollback

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

.github/workflows/ci.yml

@@ -139,13 +139,34 @@ jobs:
             ${{ vars.DOCKER_REGISTRY }}/zhixi-worker:${{ github.sha }}
 
       - name: Deploy via SSH
+        id: deploy
         uses: appleboy/ssh-action@v1
         with:
           host: ${{ secrets.DEPLOY_HOST }}
           username: ${{ secrets.DEPLOY_USER }}
           key: ${{ secrets.DEPLOY_SSH_KEY }}
           script: |
+            set -e
             cd /opt/zhixi/api-server
+
+            # Record previous image tags for rollback
+            docker compose config --images | tee /tmp/zhixi_prev_images.txt
+
             docker compose pull
             docker compose up -d --remove-orphans
             docker compose exec -T api npx prisma migrate deploy
+
+            # Health check with retry
+            echo "Waiting for API health check..."
+            for i in $(seq 1 12); do
+              STATUS=$(curl -s -o /dev/null -w '%{http_code}' http://localhost:3000/health 2>/dev/null || echo "000")
+              if [ "$STATUS" = "200" ]; then
+                echo "Health check OK"
+                exit 0
+              fi
+              echo "  attempt $i/12: HTTP $STATUS, retrying..."
+              sleep 5
+            done
+            echo "::warning::Health check failed after 60s — manual rollback may be needed"
+            echo "Previous images: $(cat /tmp/zhixi_prev_images.txt)"
+            # Rollback: docker compose up -d <previous-image-tag>