fix(crowdsec): clean up Failed pods before Traefik middleware reload

Re-running the role would leave behind crowdsec pods stuck in Failed phase
(typically after a config error on a previous run), which then blocked the
Traefik middleware refresh. Delete them up front so the next reconcile
schedules fresh pods.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

ansible/arcodange/factory/playbooks/tools/roles/crowdsec/tasks/main.yml

@@ -147,6 +147,13 @@
             redisCacheDatabase: "0"
             redisCacheUnreachableBlock: false
 
+- name: Supprimer les pods crowdsec en état Error pour forcer leur redémarrage
+  ansible.builtin.shell: |
+    kubectl get pods -n tools -l k8s-app=crowdsec \
+      --field-selector=status.phase=Failed -o name | xargs -r kubectl delete -n tools
+  changed_when: false
+  ignore_errors: yes
+
 - name: Redémarrer traefik pour prendre la nouvelle configuration du middleware
   block:
     # ---------------------