Fix invalid secrets reference in versioning workflow (#1531)

Secrets cannot be used directly in step-level `if` expressions in
GitHub Actions. Use an env var with a shell conditional instead.

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

Author: vahid-ahmadi

.github/workflows/versioning.yaml

@@ -79,7 +79,11 @@ jobs:
           password: ${{ secrets.PYPI }}
           skip_existing: true
       - name: Update API
-        if: ${{ secrets.POLICYENGINE_GITHUB != '' }}
-        run: python .github/update_api.py
+        run: |
+          if [ -n "$CROSS_REPO_TOKEN" ]; then
+            GITHUB_TOKEN="$CROSS_REPO_TOKEN" python .github/update_api.py
+          else
+            echo "Skipping cross-repo API update (POLICYENGINE_GITHUB secret not set)"
+          fi
         env:
-          GITHUB_TOKEN: ${{ secrets.POLICYENGINE_GITHUB }}
+          CROSS_REPO_TOKEN: ${{ secrets.POLICYENGINE_GITHUB }}

changelog.d/fix-versioning-secrets-syntax.fixed.md

@@ -0,0 +1 @@
+Fixed invalid `secrets` reference in versioning workflow step condition that prevented the workflow from running.