ci(release): correct secret access syntax

Signed-off-by: Timothy MacDonald <tim.macdonald@lacework.net>
lacework · Feb 12, 2024 · 3a6fc0f · 3a6fc0f
1 parent 127a1f3
commit 3a6fc0f
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/.github/workflows/python-release.yml b/.github/workflows/python-release.yml
@@ -46,8 +46,8 @@ jobs:
       run: |
         git config --global user.name "tech-ally"
         git config --global user.email tech-ally@lacework.net
-        echo "${{ GPG_SECRET_KEY }}" | base64 --decode | gpg --import --no-tty --batch --yes
-        git config --global user.signingkey ${{ GPG_SIGNING_KEY }}
+        echo "${{ secrets.GPG_SECRET_KEY }}" | base64 --decode | gpg --import --no-tty --batch --yes
+        git config --global user.signingkey ${{ secrets.GPG_SIGNING_KEY }}
         git config commit.gpgsign true
         poetry run semantic-release version --major
         poetry run semantic-release publish
@@ -59,8 +59,8 @@ jobs:
       run: |
         git config --global user.name "tech-ally"
         git config --global user.email tech-ally@lacework.net
-        echo "${{ GPG_SECRET_KEY }}" | base64 --decode | gpg --import --no-tty --batch --yes
-        git config --global user.signingkey ${{ GPG_SIGNING_KEY }}
+        echo "${{ secrets.GPG_SECRET_KEY }}" | base64 --decode | gpg --import --no-tty --batch --yes
+        git config --global user.signingkey ${{ secrets.GPG_SIGNING_KEY }}
         git config commit.gpgsign true
         poetry run semantic-release publish
       env: