add secrets

.github/workflows/release.yml

@@ -135,3 +135,6 @@ jobs:
             - get-test-infos
 
         uses: ./.github/workflows/release_parallel.yml
+        secrets:
+            GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }} # All commits must be verified
+            GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/release_parallel.yml

@@ -1,6 +1,11 @@
 name: Parallel Release
 on:
     workflow_call:
+        secrets:
+            GPG_SIGNING_KEY:
+                required: true
+            GH_TOKEN:
+                required: true
 
 jobs:
     prepare-release:
@@ -63,6 +68,7 @@ jobs:
             #       git add --all
             #       git commit -m "Prepare release ${{ steps.get-version.outputs.release-version }}"
             #       git push origin "${{ github.event.pull_request.head.ref || github.ref_name }}"
+
             # TODO we should use some Action-specific bot account
             - name: Configure git for publishing release
               run: |
@@ -71,12 +77,12 @@ jobs:
                   git config --global user.email '[email protected]'
                   git config --global commit.gpgsign true
                   echo "GPG_SIGNING_KEY length: ${#GPG_SIGNING_KEY}"
-              #   echo -n "$GPG_SIGNING_KEY" | base64 --decode | gpg --import
-              #   if [ $? -ne 0 ]; then
-              #     echo "GPG key import failed"
-              #     exit 1
-              #   fi
-              #   git config --global user.signingkey C8B77BCBE16CD2B94B43F9C8757397B82D4ED7B0
+                  echo -n "$GPG_SIGNING_KEY" | base64 --decode | gpg --import
+                  if [ $? -ne 0 ]; then
+                    echo "GPG key import failed"
+                    exit 1
+                  fi
+                  git config --global user.signingkey C8B77BCBE16CD2B94B43F9C8757397B82D4ED7B0
 
             - name: Update version and build templates
               run: |