ci: update GPG reference to fix artifact signing

.github/workflows/release.yml

@@ -23,19 +23,18 @@ jobs:
       with:
         path: /home/runner/go/pkg/mod
         key: go-mod
+    - name: Login to Docker hub
+      run: docker login -u ${{ secrets.DOCKER_HUB_USER }} -p ${{ secrets.DOCKER_HUB_PASSWORD }}
     - name: Import GPG key
       id: import_gpg
       uses: crazy-max/ghaction-import-gpg@v4
       with:
-        gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
-        passphrase: ${{ secrets.PASSPHRASE }}
-    - name: Login to Docker hub
-      run: docker login -u ${{ secrets.DOCKER_HUB_USER }} -p ${{ secrets.DOCKER_HUB_PASSWORD }}
+        gpg_private_key: ${{ secrets.SIGNING_KEY }}
     - uses: goreleaser/goreleaser-action@v2
       with:
         args: release
-        key: ${{ secrets.SIGNING_KEY }}
       env:
         GITHUB_TOKEN: ${{ secrets.NORWOODJ_ORG_TOKEN }}
+        GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
     - if: always()
       run: rm -f ${HOME}/.docker/config.json

.goreleaser.yml

@@ -37,7 +37,7 @@ changelog:
 
 signs:
 - artifacts: checksum
-  args: ["-u", "57D120E26D60F11E5BFB0B907A86FD2D954253E2", "--output", "${signature}", "--detach-sign", "${artifact}"]
+  args: ["-u", "{{ .ENV.GPG_FINGERPRINT }}", "--output", "${signature}", "--detach-sign", "${artifact}"]
 
 nfpms:
 - vendor: helm-docs