diff --git a/.github/workflows/pre-release.yaml b/.github/workflows/pre-release.yaml
index e9214a59..c3c78670 100644
--- a/.github/workflows/pre-release.yaml
+++ b/.github/workflows/pre-release.yaml
@@ -17,7 +17,7 @@ jobs:
         env:
           CROSS: 1
           VERSION: ${{ github.ref_name }}
-        run: |
+        run: | 
           make build
 
       - name: package
@@ -28,20 +28,22 @@ jobs:
         uses: rancher-eio/read-vault-secrets@main
         with:
           secrets: |
-            secret/data/github/repo/${{ github.repository }}/key/app-credentials passphrase | GPG_PASSPHRASE ;
-            secret/data/github/repo/${{ github.repository }}/key/app-credentials privateKey | GPG_KEY
+            secret/data/github/repo/${{ github.repository }}/signing/gpg privateKey | GPG_KEY;
+            secret/data/github/repo/${{ github.repository }}/signing/gpg passphrase | GPG_PASSPHRASE
 
-      - name: sign SHASUM
+      - name: sign shasum
         env:
           GPG_KEY: ${{ env.GPG_KEY }}
           GPG_PASSPHRASE: ${{ env.GPG_PASSPHRASE }}
         run: |
           echo "Importing gpg key"
-          echo -n "${{ env.GPG_KEY }}" | base64 --decode | gpg --import --batch >/dev/null          
+          echo -n '${{ env.GPG_KEY }}' | gpg --import --batch > /dev/null
           echo "signing SHASUM file"
-          VERSION_NO_V=$(echo ${{ github.ref_name }} | sed "s/^[v|V]//")
-          SHASUM_FILE=dist/artifacts/${{ github.ref_name }}/terraform-provider-rke_"$VERSION_NO_V"_SHA256SUMS
-          echo ${{ env.GPG_PASSPHRASE }} | gpg --detach-sig --pinentry-mode loopback --passphrase-fd 0 --output "$SHASUM_FILE".sig --sign "$SHASUM_FILE"
+          VERSION_NO_V="$(echo ${{ github.ref_name }} | tr -d 'v')"
+          SHASUM_FILE="dist/artifacts/${{ github.ref_name }}/terraform-provider-rke_${VERSION_NO_V}_SHA256SUMS"
+          echo '${{ env.GPG_PASSPHRASE }}' | gpg --detach-sig --pinentry-mode loopback --passphrase-fd 0 --output "${SHASUM_FILE}.sig" --sign "${SHASUM_FILE}"
+
+
 
       - name: GH release
         env:
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index fcacb333..8b1d4d02 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -28,20 +28,20 @@ jobs:
         uses: rancher-eio/read-vault-secrets@main
         with:
           secrets: |
-            secret/data/github/repo/${{ github.repository }}/key/app-credentials passphrase | GPG_PASSPHRASE ;
-            secret/data/github/repo/${{ github.repository }}/key/app-credentials privateKey | GPG_KEY
+            secret/data/github/repo/${{ github.repository }}/signing/gpg privateKey | GPG_KEY;
+            secret/data/github/repo/${{ github.repository }}/signing/gpg passphrase | GPG_PASSPHRASE
 
-      - name: sign SHASUM
+      - name: sign shasum
         env:
           GPG_KEY: ${{ env.GPG_KEY }}
           GPG_PASSPHRASE: ${{ env.GPG_PASSPHRASE }}
         run: |
           echo "Importing gpg key"
-          echo -n "${{ env.GPG_KEY }}" | base64 --decode | gpg --import --batch >/dev/null          
+          echo -n '${{ env.GPG_KEY }}' | gpg --import --batch > /dev/null
           echo "signing SHASUM file"
-          VERSION_NO_V=$(echo ${{ github.ref_name }} | sed "s/^[v|V]//")
-          SHASUM_FILE=dist/artifacts/${{ github.ref_name }}/terraform-provider-rke_"$VERSION_NO_V"_SHA256SUMS
-          echo ${{ env.GPG_PASSPHRASE }} | gpg --detach-sig --pinentry-mode loopback --passphrase-fd 0 --output "$SHASUM_FILE".sig --sign "$SHASUM_FILE"
+          VERSION_NO_V="$(echo ${{ github.ref_name }} | tr -d 'v')"
+          SHASUM_FILE="dist/artifacts/${{ github.ref_name }}/terraform-provider-rke_${VERSION_NO_V}_SHA256SUMS"
+          echo '${{ env.GPG_PASSPHRASE }}' | gpg --detach-sig --pinentry-mode loopback --passphrase-fd 0 --output "${SHASUM_FILE}.sig" --sign "${SHASUM_FILE}"
 
       - name: GH release
         env: