fix(ci): use env var pattern for secrets in nuget.yml if condition

csharpfritz · Copilot · csharpfritz · commit b4f021c6547b · 2026-02-25T12:11:37.000-05:00
The if: secrets.NUGET_API_KEY expression causes workflow file validation
failures in GitHub Actions. Use the env var pattern instead: set the
secret to an env var, then check env.NUGET_API_KEY in the if condition.

Co-authored-by: Copilot &lt;223556219+Copilot@users.noreply.github.com&gt;
diff --git a/.github/workflows/nuget.yml b/.github/workflows/nuget.yml
@@ -41,8 +41,10 @@ jobs:
         run: dotnet nuget push ./nupkg/*.nupkg --source "https://nuget.pkg.github.com/${{ github.repository_owner }}/index.json" --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate
 
       - name: Push to nuget.org
-        if: ${{ secrets.NUGET_API_KEY != '' }}
-        run: dotnet nuget push ./nupkg/*.nupkg --source "https://api.nuget.org/v3/index.json" --api-key ${{ secrets.NUGET_API_KEY }} --skip-duplicate
+        env:
+          NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }}
+        if: env.NUGET_API_KEY != ''
+        run: dotnet nuget push ./nupkg/*.nupkg --source "https://api.nuget.org/v3/index.json" --api-key ${{ env.NUGET_API_KEY }} --skip-duplicate
 
       - name: Upload NuGet package artifact
         uses: actions/upload-artifact@v4
