Thanks a lot for this step-by-step instruction!
It's worth to mention there is an alternative way to base64-ing your private key and echoing it to file-system. Gradle signing plugin may use an in-memory ascii-armored (like safe-encoded to transfer as a text) key that you explicitly configure in `signing` closure. The key than is put as a secret and exported as an ENV.
To get such key you run the pgp executable like this:
gpg --export-secret-keys --armor AABBCCDD > AABBCCDD.asc
Then you get the key in a transfer-safe way:
-----BEGIN PGP PRIVATE KEY BLOCK-------== The key sequence itself ==-------END PGP PRIVATE KEY BLOCK-----
which could be directly copy-pasted as a secret variable
Then configure signing to use in-memory keys:
To be able to build locally the armored key may be “escaped” to put inside your
local.properties (line-breaks transformed):
signingKey=-----BEGIN PGP PRIVATE KEY BLOCK-----\n\nescaped key\n-----END PGP PRIVATE KEY BLOCK-----\n
Bonus: thus you have all your signing/publishing credentials in one portable file.
Take a look at complete build scripts here. The publishing is made based on your solution.