Protect GitHub Actions secrets via local environment variables

Author: SteveDesmond-ca

.github/workflows/Release.yml

@@ -54,4 +54,6 @@ jobs:
       run: dotnet pack -c Release -p:ContinuousIntegrationBuild=true
 
     - name: Push NuGet Package
-      run: dotnet nuget push src/bin/Release/LoadTestToolbox.$(echo ${{ github.ref }} | sed 's/refs\/tags\///').nupkg -k ${{ secrets.NUGET_TOKEN }} -s https://api.nuget.org/v3/index.json
+      run: dotnet nuget push src/bin/Release/LoadTestToolbox.$(echo ${{ github.ref }} | sed 's/refs\/tags\///').nupkg -k $NUGET_TOKEN -s https://api.nuget.org/v3/index.json
+      env:
+        NUGET_TOKEN: ${{secrets.NUGET_TOKEN}}

.github/workflows/Sonar.yml

@@ -30,7 +30,9 @@ jobs:
       run: dotnet restore
 
     - name: Start Sonar Analysis
-      run: dotnet-sonarscanner begin /d:sonar.host.url="https://sonarcloud.io" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /o:"ecoapm" /k:"ecoAPM_LoadTestToolbox" /d:sonar.cs.vstest.reportsPaths="test/TestResults/results.trx" /d:sonar.cs.opencover.reportsPaths="test/TestResults/coverage.opencover.xml"
+      run: dotnet-sonarscanner begin /d:sonar.host.url="https://sonarcloud.io" /d:sonar.login="$SONAR_TOKEN" /o:"ecoapm" /k:"ecoAPM_LoadTestToolbox" /d:sonar.cs.vstest.reportsPaths="test/TestResults/results.trx" /d:sonar.cs.opencover.reportsPaths="test/TestResults/coverage.opencover.xml"
+      env:
+        SONAR_TOKEN: ${{secrets.SONAR_TOKEN}}
 
     - name: Build
       run: dotnet build --no-restore
@@ -44,6 +46,7 @@ jobs:
       run: mv test/TestResults/**/*.xml test/TestResults
 
     - name: Finish Sonar Analysis
-      run: dotnet-sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}"
+      run: dotnet-sonarscanner end /d:sonar.login="$SONAR_TOKEN"
       env:
+        SONAR_TOKEN: ${{secrets.SONAR_TOKEN}}
         GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}