Fix secret exposure in GitHub Actions logs

Use Python to write integration config instead of echo to prevent
API key from being visible in build logs.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <[email protected]>

Author: msch-nutrient

.github/workflows/ci.yml

@@ -82,7 +82,11 @@ jobs:
 
     - name: Create integration config with API key
       run: |
-        echo 'API_KEY = "${{ secrets.NUTRIENT_DWS_API_KEY }}"' > tests/integration/integration_config.py
+        python -c "
+        import os
+        with open('tests/integration/integration_config.py', 'w') as f:
+            f.write(f'API_KEY = \"{os.environ[\"NUTRIENT_DWS_API_KEY\"]}\"\n')
+        "
       env:
         NUTRIENT_DWS_API_KEY: ${{ secrets.NUTRIENT_DWS_API_KEY }}