From 72569d2a537d17b78f7bcd7960f9f015649c8cb5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christopher=20M=C3=BChl?= <toki@toph.so>
Date: Wed, 18 Feb 2026 01:22:08 +0100
Subject: [PATCH] fix: forward NOMAD_TOKEN to $GITHUB_ENV for shell access

Job-level env vars from secrets aren't injected as real shell env
vars in Docker-based composite actions. Bridge via $GITHUB_ENV,
same pattern as NOMAD_ADDR.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 deploy-nix-site/action.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/deploy-nix-site/action.yaml b/deploy-nix-site/action.yaml
index a50e9e6..684878e 100644
--- a/deploy-nix-site/action.yaml
+++ b/deploy-nix-site/action.yaml
@@ -29,8 +29,9 @@ runs:
         # Install AWS CLI
         nix profile install nixpkgs#awscli2
 
-        # Set Nomad address
+        # Set Nomad connection
         echo "NOMAD_ADDR=http://alvin:4646" >> $GITHUB_ENV
+        echo "NOMAD_TOKEN=${{ env.NOMAD_TOKEN }}" >> $GITHUB_ENV
 
     - name: Build site with Nix
       shell: bash