Use file based variables for GPG_KEY
What does this MR do?
ci: use file-based GPG key
Inside of CI it's safer to use file based
varialbes
for secrets like GPG since anything can accidentally print the variable
or end up using that variable for something that is unexpected. Inside
of the Settings > CI/CD > Variables 2 new variables are added
GPG_KEY_PATH
and GPG_PASSPHRASE_PATH
which has the same values as
before but file-based variables.
The GPG key is used for package signing and release signing so if they are the paths are set the environment variables accordingly.
refactor(ci): remove unset GPG_KEY
With #27963 the variables were moved to be file-based so there is no longer a need to unset this variable. There is also a plan to scope these variables for specific jobs through environments.
There was already a problem with this unset from a maintainability perspective because not all jobs had it or it wasn't safe enough for us.
What's the best way to test this MR?
There isn't a really easy way test this given that these jobs run on master.