fix(core): always add the secret consumer

This causes a WARNING in the log for some cases, with the risk to have a secret leaked into the logs.

Fixes kestra-io/kestra-ee#1741

core/src/main/java/io/kestra/core/runners/RunVariables.java

@@ -274,9 +274,10 @@ public Map<String, Object> build(final RunContextLogger logger) {
             // adds any additional variables
             if (variables != null) {
                 builder.putAll(variables);
-                if (logger != null && !variables.containsKey(RunVariables.SECRET_CONSUMER_VARIABLE_NAME)) {
-                    builder.put(RunVariables.SECRET_CONSUMER_VARIABLE_NAME, (Consumer<String>) logger::usedSecret);
-                }
+            }
+
+            if (logger != null && (variables == null || !variables.containsKey(RunVariables.SECRET_CONSUMER_VARIABLE_NAME))) {
+                builder.put(RunVariables.SECRET_CONSUMER_VARIABLE_NAME, (Consumer<String>) logger::usedSecret);
             }
 
             return builder.build();

core/src/test/java/io/kestra/core/runners/RunVariablesTest.java

@@ -8,12 +8,20 @@
 
 import java.util.Map;
 
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.Matchers.notNullValue;
+
 class RunVariablesTest {
 
     @Test
+    @SuppressWarnings("unchecked")
     void shouldGetEmptyVariables() {
         Map<String, Object> variables = new RunVariables.DefaultBuilder().build(new RunContextLogger());
-        Assertions.assertEquals(Map.of("envs", Map.of(), "globals", Map.of()), variables);
+        assertThat(variables.size(), is(3));
+        assertThat((Map<String, Object>) variables.get("envs"), is(Map.of()));
+        assertThat((Map<String, Object>) variables.get("globals"), is(Map.of()));
+        assertThat(variables.get("addSecretConsumer"), notNullValue());
     }
 
     @Test