fix(woodpecker): fix secrets syntax - use environment with from_secret

- Replace deprecated secrets with environment + from_secret

- Fix when conditions structure

- Ensure proper schema validation

.woodpecker.yml

@@ -24,7 +24,6 @@ matrix:
     - cron
 
 steps:
-  # Step 1: Detect if this service needs building
   - name: detect-changes
     image: alpine/git
     commands:
@@ -65,7 +64,6 @@ steps:
         # Export for other steps
         cat .build-${SERVICE} >> ${CI_ENV}
 
-  # Step 2: Build optimized Docker image (only if changed)
   - name: build
     image: woodpeckerci/plugin-docker-buildx:5.0.0
     settings:
@@ -79,20 +77,19 @@ steps:
         - ${CI_COMMIT_SHA}
         - latest
         - high-performance-latest
-      logins:
-        - registry: https://ghcr.io
-          username:
-            from_secret: GHCR_USERNAME
-          password:
-            from_secret: GHCR_TOKEN
+      username:
+        from_secret: GHCR_USERNAME
+      password:
+        from_secret: GHCR_TOKEN
       platforms: linux/amd64
     when:
       - evaluate: 'env.SHOULD_BUILD == "true"'
 
-  # Step 3: Deploy to Kubernetes (only if changed and on main/high-performance)
   - name: deploy
     image: bitnami/kubectl:latest
-    secrets: [kube_config]
+    environment:
+      KUBE_CONFIG:
+        from_secret: kube_config
     commands:
       - |
         #!/bin/bash
@@ -128,9 +125,7 @@ steps:
         kubectl get deployment/nxtgauge-rust-${DEPLOYMENT_NAME} -n ${NAMESPACE}
     when:
       - evaluate: 'env.SHOULD_BUILD == "true"'
-      - branch: [main, high-performance]
 
-  # Step 4: Notify on success
   - name: notify-success
     image: alpine:latest
     commands:
@@ -139,7 +134,6 @@ steps:
       - evaluate: 'env.SHOULD_BUILD == "true"'
       - status: success
 
-  # Step 5: Notify on failure
   - name: notify-failure
     image: alpine:latest
     commands: