From 94f5a4dc52f64a9ea295670a00d04d596c5c374f Mon Sep 17 00:00:00 2001
From: Julien Ponge <jponge@redhat.com>
Date: Wed, 29 May 2024 09:53:23 +0200
Subject: [PATCH] ci: use the new Smallrye secrets scheme

---
 .build/decrypt-secrets.sh                     |   9 -------
 .build/justfile-for-release                   |  22 ++++--------------
 .build/maven-settings.xml.gpg                 | Bin 513 -> 0 bytes
 .build/smallrye-sign.asc.gpg                  | Bin 6497 -> 0 bytes
 .github/workflows/build-main.yml              |   9 ++++++-
 .../push-release-to-maven-central.yml         |  11 +++++++--
 .github/workflows/release.yml                 |  10 +++++++-
 7 files changed, 30 insertions(+), 31 deletions(-)
 delete mode 100755 .build/decrypt-secrets.sh
 delete mode 100644 .build/maven-settings.xml.gpg
 delete mode 100644 .build/smallrye-sign.asc.gpg

diff --git a/.build/decrypt-secrets.sh b/.build/decrypt-secrets.sh
deleted file mode 100755
index 030f029b4..000000000
--- a/.build/decrypt-secrets.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/usr/bin/env bash
-
-echo "Decrypting smallrye signature"
-gpg --quiet --batch --yes --decrypt --passphrase="${SECRET_FILES_PASSPHRASE}" \
-    --output smallrye-sign.asc .build/smallrye-sign.asc.gpg
-
-echo "Decrypting Maven settings"
-gpg --quiet --batch --yes --decrypt --passphrase="${SECRET_FILES_PASSPHRASE}" \
-    --output maven-settings.xml .build/maven-settings.xml.gpg
\ No newline at end of file
diff --git a/.build/justfile-for-release b/.build/justfile-for-release
index 0e0ede66f..88f1d20a8 100644
--- a/.build/justfile-for-release
+++ b/.build/justfile-for-release
@@ -12,20 +12,6 @@ purpose:
 perform-release: pre-release release post-release
     @echo "🎉 Successfully released Mutiny ${RELEASE_VERSION} 🚀"
 
-# Decrypt secrets
-decrypt-secrets:
-    @echo "Decrypting smallrye signature"
-    gpg --quiet --batch --yes --decrypt --passphrase="${SECRET_FILES_PASSPHRASE}" \
-        --output smallrye-sign.asc .build/smallrye-sign.asc.gpg
-    @echo "Decrypting Maven settings"
-    gpg --quiet --batch --yes --decrypt --passphrase="${SECRET_FILES_PASSPHRASE}" \
-        --output maven-settings.xml .build/maven-settings.xml.gpg
-
-# Initialize GnuPG
-init-gpg:
-    @echo "GnuPG setup"
-    gpg --fast-import --no-tty --batch --yes smallrye-sign.asc
-
 # Initialize Git
 init-git:
     @echo "Git setup"
@@ -33,7 +19,7 @@ init-git:
     git config --global user.email "smallrye@googlegroups.com"
 
 # Steps before releasing
-pre-release: decrypt-secrets init-gpg init-git
+pre-release: init-git
     @echo "🚀 Pre-release steps..."
     @echo "Pre-release verifications"
     jbang .build/PreRelease.java --token=${RELEASE_TOKEN} --release-version=${RELEASE_VERSION}
@@ -42,7 +28,7 @@ pre-release: decrypt-secrets init-gpg init-git
     ./mvnw --settings .build/maven-ci-settings.xml --batch-mode --no-transfer-progress versions:set -DnewVersion=${RELEASE_VERSION} -DgenerateBackupPoms=false -pl bom
     jbang .build/UpdateDocsAttributesFiles.java --mutiny-version=${RELEASE_VERSION}
     @echo "Check that the project builds (no tests)"
-    ./mvnw --settings maven-settings.xml --batch-mode --no-transfer-progress clean install -Prelease -DskipTests
+    ./mvnw --settings .build/maven-ci-settings.xml --batch-mode --no-transfer-progress clean install -Prelease -DskipTests
     @echo "Bump workshop examples to ${RELEASE_VERSION}"
     .build/update-workshop-target-version.sh "${RELEASE_VERSION}"
     @echo "Check that the website builds"
@@ -63,9 +49,9 @@ release: pre-release
     git push
 
 # Deploy to Maven Central
-deploy-to-maven-central: decrypt-secrets init-gpg
+deploy-to-maven-central:
     @echo "Deploy to Maven Central"
-    ./mvnw --settings maven-settings.xml --batch-mode --no-transfer-progress deploy -Prelease -DskipTests
+    ./mvnw --settings .build/maven-ci-settings.xml --batch-mode --no-transfer-progress deploy -Prelease -DskipTests
 
 # Steps post-release
 post-release:
diff --git a/.build/maven-settings.xml.gpg b/.build/maven-settings.xml.gpg
deleted file mode 100644
index c33bdd2b19aae5dc872950d8c42fb081e37606b8..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 513
zcmV+c0{;Ds4Fm}T0#kM*zlEYPtMbypF98FD4RwRF0q1wU4?rOE{9sBvAJKG~w<eqh
z2#VbNEGiZqtND|WFodcL+;!RLi$s2mg$#qga%oTs_=G<<GcG+X64jPIkPUlJF)_~9
z$ln!;LvyF-h$J($080`TbQ08J*@eh%1+X78b{c++dX(_$7pd=CGHLOAn8tAwTR&$7
z5d~e)oK!ixr9u0)!GaCtr#EhWRSC3D_cf)n2F#==<<1wc&;&GjG8j*#nr)HdIPj<z
zW&Pq9<ywhcOG&q&uNKvbL%5h@VgQsJ)dssR`JaA+4P^RHBpR(Fv*9X@g1(rW&o1+}
z*ki_<k|}IpA=bDfAsZAHzjToIm*jgd9O}&Z>_<BZte)Fw`V8T;)wQ!zEdb-E^A&s}
z`k&RXcTqUC6szrkCEBLcEZX)dyho913KUnU!$3^*F*Ch;%t3kV4k9Hz19{`91if`N
z)^sybfs-pG>4YBgy0eg4sMc|l8j}G(CF_*On*3C4(`86esGs)0QyA3Y0Kng&ENs-*
z-5!Sqnmsa><tgy)-aZe=o-q+4O0~j3u(H7}=TsPdzmb^(UEpBEh)7ff>)mWCQ(<D~
z;XP8Ut-1$@vQ1a$?s)&4ssddMjQA0~=q8nsWJ1n>2=<I1J{-sx<z4@wLb+qT5sT+a
DBZBr-

diff --git a/.build/smallrye-sign.asc.gpg b/.build/smallrye-sign.asc.gpg
deleted file mode 100644
index ffd7b0f07da56e837c901173bde53f6f4fbc5be1..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 6497
zcmV-n8J^~h4Fm}T0za2Xtv{hZH0jdp0gz(MXu0<Zs6CTa!~3)<c}pJDuL~a8tK4b(
zIdFruRhJjZ?#Nat2ilAkw^yi>zuQ{|^Zb|8AXq77?)k_z4c+{N$iy^%tJ)!;Iw0kD
zH}0hgLVK|ytQF+95d+?y<9#8b=|M+FaZQ9E%Oe0jJx>9;)$A$UIQNM|P)+LKVNE}t
zc~9l`7~?Jo9=Ib*C3Y!H(9)1||0!Y8Pn&m1lq{Y_7_zfU$$k*3o|u`RAjWvW1IDeI
z&v+~h0(Hz<=+D)gZV}?kAE!X;(IqT*Fm=<)qFQ`Gd~+MrDNG`h<L0Oe<c`Tgl`%nE
zEMrBAVx;njB~QKfJ&89M1IVxbhqmKo80Ufv3W0X8c)@8cl=pC-h&^F(^lUW@%l=ks
zE7N%Jw;XY9X-qRNx|<#L%%yRD*yG#+6rUI$M)WGkpTo0Fv0nll>S%>vp&_Vw^SJCQ
zrg+|He=3{cgnwDbGabnHlqNmI7SV(#1YVv<>E{v9$~;yk*CFxl+3YD7hA9nvxmgA|
z?M&Y}=bI*b670Ag^+mPf`cwm1j}Wf3cF&+H4yp8D4;TL@g7h&Gi?FdwA9V&0?b?@h
zddMYtL};ln0rj=Ghya84oGEnTO2^zcECuf_TEOIc$vV>mngLny4n#}<JBRxKeD$(%
zZPRnk6Yss9mxpPCrngk}SQ>f*wy4F?I&IC5$Ck#_i=Sc3&z4@E){53ar0rcD*7+?5
zFTSE<kkW=CKdozmippD5Nv5N|+C;f&!ZVJ2udvE4<k&-#2V97IZ#!(MP7PT@d8YOj
zkzMre#vMtQCZ0v;58VQ3Y3ILjTEoNlpivV?I#HQV1@RJc`|d_gPQ?)7Ga9;0fcOI7
zXcEq9cg#CzlFlNNFPZ0|6N0pIYU6A=XYU4-2iq$d1kF+Cl2hnZ6;{vxfVvx)!85J{
zdQJ33aCeZY>Ncxlw@BZ+KC)W2t(2kL?5)3kr5sYH2#Jdt+z&O5QYYC)D2Y4F1>qAV
zWSY|=frxZaSeJ_FA!n3HF~VX8JLbR)j4CZT#{*MbN+VxAiCuKO^at9`7_7Sz_=G9D
z4my~Jt=TFq3tylu_VgFlostl=g8QxsH@ontDX9jA5VlQ4j_HAkj~(Dj#hdta62Q8%
z!vHoDoxfz_PvrFE^}Uiij(T(NIREvz%YYGhJ7?*-=_(oHQ`F?a7li0Pgam81x3@de
z^bXW9@xa2;{Yk7X|H`@0D9&tud|%GUr9<8*5CrQW#8H-bK)4HAh0p`3PDL^k!$Mof
zIMPfk6FeUT4J`=bP2LqFDm>pyoY2@`1He}hfINL<THau_yBCFBZijdGjcHeeIjFz@
z6!kq5I*_W<b4WOG+lz~QlE}whtGowr*sJsdtx$^_)yEVu2H8y_z?}^m#J^npAnVOZ
zfrB*Z;7I@l<x4*GLtQIVuQl9)%{trvJEE$2MN<58jAI_Elb!ObjO0Kdc-u2l4w3)B
zv|kD~>f^Jv<aeRbq?sXI6E2fxbU%-@PlXv*cV&{if*Sr>w%K@(v!33xyltb4p+-~O
z16Sv0=Ow|yib$pF;+9nA^~h?YTtSXGkgJy$$N>BuzY|nlJi&7RE3mFEyU6l0*0#EJ
zKNdV4Mf|xM3Fo-xu*wMzS<c1+F4!R!VXs@1OjJ8GQLRWM-mvQ}f_KSQ6Er0XZ{qzv
z+|yPpRoAb8D=MO4Im0|yxS9q@i?4XxQ;Zm>n3&Op>&iOtM67fktztV&2Bl#eKQiDF
zPd*!$mPoTB4Yh$NTm^eI;{|aHxTeZ47ypi|%kdSc5q+mcgp9UX%sfDwd!3LlS)|jH
zYG6$PB3TDYZ@)6m;MRl<Lu;_D0sQrtixpNkZWc$>D#+<W1|yubk<y0v-l+NX=q44f
zGO$LB8e6^=dG1HCC1QC@){%dm)Sb-SJMv(f7*;Ei*N9EKH=Ar1Av489dR4TQhMXpH
zya4i8{P~9LW2|H5Ng}d4>ovN2)@v2nyzI8mkq9k4ip8AM44D6tU#vmFH9WT>tQOQN
zw{@JwwE|LTnR_)@)~hBREJXPwFN(f7t6K=(<#O9(j{EL6fIkuNuigMmEpF=JzYX3P
zbZ>oX0p&q++krc;N#mR~<y^EN+_ean>}HV;jiR@q$`)-&E}HDO;K4shEc*ej)Tb5(
zMYDA-tQRsk*}*z;*m@=E67fS2)0LKhM$@jv0q&*z;hsI`@Lr`B;9m0h1d1?C7PAYc
zuSi2V`SsfAUy!4g66~58CV%E=O1@OIXjZ^jO>WGkt3i8n?#uWg!;dj)9t{2~Q6xo$
ztL)=|Nm}F9c-nK!!IreH-2TA%DGU5mBKUwBvEZ|G$V@xAltitB>DOGxji}2FH0_&q
z?P|crAkP1EtEf@uIsviT@7Nnv+59ufZ)?J$o9<;ydsMna@<dT@4gAQ}ZkXihZz!Qv
zfSuC3&}LERWvf076$kDAncejM>F+{@AR1|cW8z-lCvA3y%`I)JPd-Bcs|Saph`Y5?
zPjs0jf?DQGWpjzIHwmY7(|DCaVrVe5g5utDuYn=+cNjlX{1_%NHORfc#(2c=3uYuH
zSWXgI@_gQ`GScF`pxQ%+;&I6-YacQ`o{$K3t<u-}A2XnXSOkZei_X)haU>7Ynmrw5
zTj@x=ffNi?u>U3H$Jr?~>iJ^vDwAR@ADQjQp+2<&_zkp(>j;ku_^OQW;Ef~`k@u!7
z$_-%x_*8x-uTI(+uD2-1<io~28Xn#e<N$4&{qlAZ&W5Myxy}6_^<3#daTx+Ue$NzT
zABTqw{^{J@6!iTycsld7<yC~o^<!ZE+WXxyo)*C&#f0Ayo$;DniM;F-{<Ff-AB$mN
zdc;g}fx~C+Y@IMma%BN7AT?|*fsh#lv)^YLJ6M*JpC)wyxiet&&yTR+mCYXegmAbS
zIcIn=0Uy<B(34h;zRcBd52G3o<Bd7v(dIjreS(Ilbx6o1ye2}$i_XV!LRP!DsKTJO
zdv8nC9kE(P!X_49kx1uI9cKzX%*EoOj?h__k!-sM#emUJ%~T&*0kR~?dBV8}CQi4b
zdoQP=`A1#9GQ?WMltu5XAFv)zqMXLw$RH3+{w3AZl#J`lBM3XuG-!wI^BLBsA=w_m
z1#C0F=8WRDZS%TNVjz}G?ZHB^h*V`c;voogwVaKr>i5h-c#7lDw5u(`iNQ7JO)QE9
zAS15j5%|T9LmVzc{=2Rb7cayXzB_1_V~}0${w|!dWpb}6j{{v@N7L6OV)T)>f=Sk9
zPa$Fe-4oAb@p7OWX1(|xtno*)WARWo&z=?f8YD<X=MAXAd*8N`cjKY<^C$L`nY^IV
z9a4PF1|w7d4!4@_XOG~TNsqZ<?O1mjUMN1|DB2RtHRIA3p|#`K$;qg`xyQ$Bb#T*N
zG~wFJ!3To&cJ>WVg{EmP<$+fn<t<zI4A|dy!qC4V&acLD$UtUBawb;IYnhT)uBI_>
zoBu@@f!s94t4K+Yzpnq?2Cxj#CX(yPGz{8J{z7X_?+m1vG1ts`aDzd(K@|JlqX-P2
zW=Na~@ER61PM5eHc(EiI4Y+xZrhh>35;zy|?CuB^SO}J>IzqbjZ6)G4S>znaa@pBX
zSeQC@{#Hl^Jg7-djz8xUk%J?;(%e(e#}&duF~whdxiIp-N&VQ8C@~!93!k|K+8e1;
zWI85KZ%$jJCjhT=TC*+OM`IbT_6Y9a)8%hoK%XABj{!P|67%W7WwPS%(4$>I06dL9
zW|v)K(50M^>H&n_q%lE{X;cINp>$_aZe5|L_@!+UBGBk6%{Nl92}nU_=$}HJsS*q3
zNnL|lVg_E?VAY+T)msYJS429RiP(`!TSRZ2s{}Z=8-Evz8MViGE)~%(rq~b+h+b!v
zW`vxfO>7M-MXaVLeQ@Pnb1h{dxd(&^MxZDj>0ZJ1Rz?8#TFdjD_O@HR-y*(aT}V4Q
zdM3^s%-!Fv!+!n!ii&&3B4_dbLL&ZmFgHQ>5AW@<`$%C*s5@ZIS#n!Azy5LsSe^%`
zvO(PcQ^{SMA)B$Q<i4;HtJ%P_HZhZGcRGw@I3kZ=XaeIYHlMa81L^qS09z*@bjoOH
zc7UXc*@jV?P~_qjYy&bx(DXazrD>AK-v$$@8x)AZIM(<gmILbSqG9&x;pzmFHLv}+
z+&qw6ElVR_0h^kNJ2m)EN)!4LKS$8;IxdWNkL<~gH%I!)B|G3R9Aq+23<pvVQBKse
zX3RNP+A<dr92dw-5|Pl?3I*hoN{|QzFqS-_D?0$;0c^JTLr*6=o>*I+cK|x_w<-0%
zU*14wdx22W*UP^4m)Q>Yq+A<I+7)Sm#8X}|JQ_5=F_8_b^DkJ9gf@p;sv`xkwd0Z>
zqrSIR$x`#jtTcFAzU7?RJ;v=a7Q((;L^fu<anZ(GQPm<Seu)Xci?|A-Wo5$&qt-2$
zW9FW#2T4t?Rs~8&qLI!C*R*#gr-5CA_4E_aMa|>IwQhyV8%0KlsfUI1zY;zWNCO-Q
z_e>h{Mb4R*YyTcCWT?&}bF&rX*V<p-I>PdYrmU)WDmy#_O7&kqut1iK>;NY(kI*dq
z@qC+^&yI}RF%h}bB)h_}Q`QA$u#@CzE^)^eEy&IL%Oo5Mf?p)|og9HFQ>+5fzl=hB
z$n)tDP4C;as{S0G-z>Xef_x*LCXv$40j@AuQOsrN85$Rxyp0-F{M)hyZp}0OjH1sI
z?DFIQxbc227N2Z@hU2{zIlu)B*oCp{1^j6_s*xH5O$Rni@8h-E{;4za<-ET`Et~9J
zd!>Uq46DoU@>`VRMO!*Tj}*tYr~%IxU+~yfBxpU}g&8^N*e<A|Qaox-P%lpBI+cq5
zp35&t+s{=BGGQqC?Pyi#**jjNCD}-jPMt>(5Q6809vW#b^o$C7KF%Co#V+9xhiv^X
z6X;ELYDY2a?oHiGGXrh03<0n*>L_)pyyx^L_DT(`a@FjB6dPV4$rOL+HnpO*+*9{W
zNd0s9(~3#u?d^F~R0AK7Ps}=@G7DSOWRr$lUFjwRGrr45RwhP<jXUvc>WyjMxq*nd
z9!c#KWW#S^gXf_qxXd<M|4dN7_gtxA=dbp39~X1_kMB{;?Ha%SyH_K<CT<%#Jaj|@
z3JRU`OM*__E9rt#rg~G*Pnrm_M*Y|wU02a2+xN%|(A+O-*g4r4+pN)_)i!L#zbsH!
zwS86sEk-C+CdzZ6%rhu)M53hih_StoD9xzJk}YlE3CE{*fqv8xqvmu;ok1R9(v@6i
z3=<b?qTp}V@^3F{0!o~+r-1^r)DcB6VP`-HazkLDBhgN2(rU!HcqT%t!r_H~VgY4G
zkC@x$bxq=4n9M)*aWG39Mpb}$e_qh-g0X*guExZJJ$}Yn$oiB^^8P0DRq~1*Ts);~
z?pBhpf_c-w-GllJ>+6KlPF57e_St$(qaAi7=>_Yyu4Ol+>ekAm#t>{MW5Y@L=>6k4
zIdWgn>5`4`fwU~u{o5>gt0GaZ0{Pa>XA~uAc3N%Xefh{`_}xzQg)$S+eP`nl=nqc<
z=qMCPy7`ndnc8!YWhwJ)D%k>QUJjtKbP1A6@t*7C!$Rpx01a=w*_m}>Go^^ZW#R3J
z4X-e40XG>OTYIjZTHWY5We|?_Qv*xrY|g|@x4<u;<O4x50HiCh0%ve49>z=nA1kXE
zQ6%gmM@Y@>Ohsb$$8i(yyn{vOZ}Ml~CCwMMvLy9y0;0r)#d3xi&b{t~Dcm{AlA%wR
z^4E}pf{>fByZI$$*o_*=EH^%z_>iCiYmMo4S_X$f22N)Ax?`b|)X%&x{pH5=OWKpW
z;?APQ0Npvv)S8ygWDRUYIgECR+KZ#Ao5}vv;|#`lF?~vmZbv)nI+O{*H|f_}V*3yh
zX9gFR<rS@4{Fc$S9G~;fupN}<S)z7?jy-EAD+CTUMjq|?cMnjO*)HTF<F6?H|F21w
z?E_@uM%_15FjfUuV3r@E5YI1YCZc??{>yFogk&i$0Y}a3OxKpcub$bu)nK!g5P_t-
zh6EiEHPWQGlVFH8oH&tRM!;zKumbVHP5@P5e)8TWa}Q!Zcx3zl9o$uE;=>K9VsF-+
zeiNIvM(`wYcyjSjz;B!;;>M=!0DvG7RQilv`NS6J_qbFhayFZ`?O^qx4OO?ZOUY!$
zpb@+gEAQ3nb!DvbOLQyRwn|0k6?P=pjYGmK_MkUSp$7&`WV@n#yfjy0$Ujb+6+O$r
zolmWWrJw<I-T+Gx@(-HcH;8q`4{mv767VJJaYkb<dvCLJ)Y$7+9^)5XSe<gb5&x4i
zbh_aMLX<xnE`-CwFJWRn)uLPGd`>DO4*<!9<2BX6LGim@qn#gRsQ2s2Vv?dnG#Z>B
zROguiXsLYQutF^H8yLim&xC#kpMh%FdGXaHQ36>Gy&czqZ`wDu=#U^;Di&6H{71q-
zQ^YOeWu#OlPLN#x^kjn?zOuNx92bF%rS|mzi)+VmF8c=9$Vr6C6!FNw-r+UgZ~~37
zun$$R)KZpm!;9)y>8E{ZL5m2_*=9TXLX<fD^I!{Sp1J>VEX~0o?3*CAbe{V#bccuk
zf@G()e;z<hL<8%$HpUWSb~_VFnbV5E=%i5E_YIYh%N$FV8K*@mBK(4_zNED%lFUq}
zM$lHInWK9l#brJIIE+0FUljhQ7<CPtR)He$2xga~dU)cWk*`g=_OWi&qXK4F0B|Z}
zFk2{eNk%xq0$%a<aco3z%ouEqF1^g$Q59&G7?<zIh>dXIBvH}1OxCFGAN$$u*C@zI
zqR*dk6RCDoT6$ng89}Zvymj*veCly?LIh>2cqVq^9`@v}W04$>&*q8v4%b9H=VgDC
zzis%1+x{<GQ4jL+pfeE#y74vfdxdc2N=WDTXSD{A!5ghg@ugndFLN^(dE=ZDH8!|B
z$SR93>U}jGdCysq1omJItZfk}MfJRvC9(saDUp>4O8{(Q1V?A-lsUz{bDMS{C=j5V
z({rMJTpTVnY$q#M@*~vz604&t$-*J>$vZ#;?W=G${8<q8E->$1Y0d|;8Q{(qsBq54
z(c)tgg2i?>gYG+e)Aj>?P;i17g!_2TMDW%T3G;76Qc8|u05uw8v=lSZiDSnkF0s){
zsFSuKu7hMJ>ti0|mn`p8s3BZ!=@C~Sk8<n9l{Gt!SO8i~S-R!Fqxt4QBuK^8kw`zw
zxebFaOeU0w59K?w$}~fPU!0wabIw$kaPufs(#IjYNCj){@n}Rrc<gR2Fm8gY(gs$j
zEEVJ<*$yw`_ht&1z2A;*kQcs}y?UPYHkUZMA02B{G*!&_-l}h2(4>21g;MC?xk~`W
zm+_1naF*xUV}ysirzxR)bI#ZktPAmDbf97Bf>Ao^sVM;ljX|y9AsbdHCpL5NI7>e;
zc(}_O$VsgS+)&JAj{+i(q^s>fhI$0d>jX*2v`ge;FV+AJ=xMZRDZhKY{Pnrvc!J?f
zw7h|A&!Z0-xddwAhKR;)@<*d-7Qp-<gtS~wL~9nn7n!i?<a#&)BN6l5t1TU%327Da
z&uJSx{)?j4v)O*Rrdl+Fa47SU6;@ge_jeN<ZJTc#_01xGz|&Q8%eUSmY%0Tqh^>I1
z;{8t4z8>iLklOAN{<+PnCuF<LBDJVyKYOa5nO_UNqosI$<B=HJ0LZ=7!%{VE^RGAd
z9|mBPWrM1G5{n(di{vuRC27S7$I>H1HpExTO!04bIGFP_VgH(aj{xp9*~jRhLj;Zv
zR|F8~Zw2Lb5{#YVvPxBlu&tvVq-|F|z5iDxJKhtRE+}YfB_%2A>Vh?WyQJ!(lGO$E
z!C^Hq4wGBy`a^&&+$52?QC|LiVZ0*<vd6uq6GjuNB$)>(X|@)9zoLcHwhU4D4m<Ex
z>Z12+U>VmP?88&8;k=ac<<qS(6@U(|Q^`Z#FHB$wb}&3AXRJ-yn@Loi?Yw#bY?$>K
z>a_XZ^16K`2h-u|*i#E|)CSC8#H(Xb!MYAv;c8&y+;Ig7uxAQpj!$|yRQ@lW<)mo1
zSoDR!DJ0u!{&yWi?Xl-t$NNJN$Ko|RWnqKCnNV4k%`@1-@^;zGVIr_QqX|NSVk%K&
zMfJa7H1n3Z>!I^$7nRVa_6oMK<r3$j6cvV%@bX;9aKMdib`ai8J@WszsZ!=Al)p}+
z)WIHj{J?7jWp8n{BIlWy4(BPW-2pp;_nu`05|?poFq8uz{{6-mUSs@K7q#(2KKr!)
zTeqk1)PK3Es2wP!pj$B_y~4oVtj{aW;l=@K2U;mL9vZW3)$~Q)6}sF~C51SguDqs-
zBjyGSuJJ+bFU}>;E{J>acB|x*W_kVeU%ZNIc;r%q;BQnQM0!F8u6)gD31O>auK=#1
zd)}%v<SLiX1`fLPgV1@3Hl^PCrP%^KXzvQ2pSoYEwon4UoY8=PYZ%)HI{H1!A(bMJ
zNqa=)Y42;Dtg6%A@JZ45T>k(2<2X3q)1vOJ8mnqApLYVip1Up=ONyvZthJzr@H_}S
z{#1jrcdof~@AX3GZ2zs+daf!Zu6Bm&pFVM7dPXW|26ACc1YPE)aQV-ztmBx&6n^??
Hu$vxMDsQoM

diff --git a/.github/workflows/build-main.yml b/.github/workflows/build-main.yml
index 118ff105d..ca21e2cd9 100644
--- a/.github/workflows/build-main.yml
+++ b/.github/workflows/build-main.yml
@@ -20,12 +20,19 @@ jobs:
           java-version: 11
           distribution: temurin
           cache: maven
+          server-id: 'oss.sonatype'
+          server-username: 'MAVEN_DEPLOY_USERNAME'
+          server-password: 'MAVEN_DEPLOY_TOKEN'
+          gpg-private-key: ${{secrets.MAVEN_GPG_PRIVATE_KEY}}
+          gpg-passphrase: 'MAVEN_GPG_PASSPHRASE'
       - name: Install just
         uses: taiki-e/install-action@just
       - name: Test and deploy snapshots
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SECRET_FILES_PASSPHRASE: ${{ secrets.SECRET_FILES_PASSPHRASE }}
+          MAVEN_DEPLOY_USERNAME: ${{secrets.MAVEN_DEPLOY_USERNAME}}
+          MAVEN_DEPLOY_TOKEN: ${{secrets.MAVEN_DEPLOY_TOKEN}}
+          MAVEN_GPG_PASSPHRASE: ${{secrets.MAVEN_GPG_PASSPHRASE}}
         run: |
           VERSION=$(./mvnw -q exec:exec -Dexec.executable=echo -Dexec.args='${project.version}' -pl :mutiny-project)
           if [[ ${VERSION} == *SNAPSHOT ]]; then
diff --git a/.github/workflows/push-release-to-maven-central.yml b/.github/workflows/push-release-to-maven-central.yml
index 1bbed2b5d..920c58f6b 100644
--- a/.github/workflows/push-release-to-maven-central.yml
+++ b/.github/workflows/push-release-to-maven-central.yml
@@ -8,8 +8,6 @@ on:
 jobs:
   release:
     runs-on: ubuntu-latest
-    env:
-      SECRET_FILES_PASSPHRASE: ${{ secrets.SECRET_FILES_PASSPHRASE }}
     steps:
       - name: Git checkout
         uses: actions/checkout@v4
@@ -19,7 +17,16 @@ jobs:
           java-version: '11'
           distribution: 'temurin'
           cache: maven
+          server-id: 'oss.sonatype'
+          server-username: 'MAVEN_DEPLOY_USERNAME'
+          server-password: 'MAVEN_DEPLOY_TOKEN'
+          gpg-private-key: ${{secrets.MAVEN_GPG_PRIVATE_KEY}}
+          gpg-passphrase: 'MAVEN_GPG_PASSPHRASE'
       - name: Install just
         uses: taiki-e/install-action@just
       - name: Deploy to Maven Central
+        env:
+          MAVEN_DEPLOY_USERNAME: ${{secrets.MAVEN_DEPLOY_USERNAME}}
+          MAVEN_DEPLOY_TOKEN: ${{secrets.MAVEN_DEPLOY_TOKEN}}
+          MAVEN_GPG_PASSPHRASE: ${{secrets.MAVEN_GPG_PASSPHRASE}}
         run: just -f .build/justfile-for-release -d . deploy-to-maven-central
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index aebd27542..ad98206a8 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -24,7 +24,6 @@ jobs:
     env:
       GITHUB_TOKEN: ${{secrets.RELEASE_TOKEN}}
       RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }}
-      SECRET_FILES_PASSPHRASE: ${{ secrets.SECRET_FILES_PASSPHRASE }}
       PREVIOUS_VERSION: ${{ github.event.inputs.previousVersion }}
       RELEASE_VERSION: ${{ github.event.inputs.version }}      
       DEPLOY_WEBSITE: ${{ github.event.inputs.deployWebsite }}
@@ -45,6 +44,11 @@ jobs:
           java-version: '11'
           distribution: 'temurin'
           cache: maven
+          server-id: 'oss.sonatype'
+          server-username: 'MAVEN_DEPLOY_USERNAME'
+          server-password: 'MAVEN_DEPLOY_TOKEN'
+          gpg-private-key: ${{secrets.MAVEN_GPG_PRIVATE_KEY}}
+          gpg-passphrase: 'MAVEN_GPG_PASSPHRASE'
       - name: Install just
         uses: taiki-e/install-action@just
       - name: Install yq
@@ -56,6 +60,10 @@ jobs:
       - name: Install MkDocs dependencies
         run: .build/install-mkdocs-deps.sh
       - name: Perform the release steps
+        env:
+          MAVEN_DEPLOY_USERNAME: ${{secrets.MAVEN_DEPLOY_USERNAME}}
+          MAVEN_DEPLOY_TOKEN: ${{secrets.MAVEN_DEPLOY_TOKEN}}
+          MAVEN_GPG_PASSPHRASE: ${{secrets.MAVEN_GPG_PASSPHRASE}}
         run: |
           curl -s "https://get.sdkman.io" | bash
           source ~/.sdkman/bin/sdkman-init.sh && sdk install jbang