From a21f916300240de11a1d72f02f1512a948015fbf Mon Sep 17 00:00:00 2001
From: Martin Porwoll <martin.porwoll@complexcaresolutions.de>
Date: Tue, 17 Feb 2026 12:09:20 +0000
Subject: [PATCH] fix(ci): add CRON_SECRET placeholder for production build

Next.js builds run in NODE_ENV=production which triggers env
validation requiring CRON_SECRET (added by security hardening).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .github/workflows/ci.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 0816464..9998f9d 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -212,13 +212,14 @@ jobs:
       - name: Build application
         run: pnpm build
         env:
-          # Minimal env vars for build
+          # Minimal env vars for build (Next.js runs in NODE_ENV=production)
           PAYLOAD_SECRET: build-secret-placeholder
           DATABASE_URI: postgresql://placeholder:placeholder@localhost:5432/placeholder
           NEXT_PUBLIC_SERVER_URL: https://build.example.com
           PAYLOAD_PUBLIC_SERVER_URL: https://build.example.com
           CONSENT_LOGGING_API_KEY: ci-consent-api-key-placeholder
           IP_ANONYMIZATION_PEPPER: ci-anonymization-pepper-placeholder
+          CRON_SECRET: ci-cron-secret-placeholder
 
       - name: Verify build output
         run: |