diff --git a/.github/workflows/pre-release.yaml b/.github/workflows/pre-release.yaml
index fac28209..eca11d68 100644
--- a/.github/workflows/pre-release.yaml
+++ b/.github/workflows/pre-release.yaml
@@ -28,8 +28,8 @@ jobs:
         uses: rancher-eio/read-vault-secrets@main
         with:
           secrets: |
-            secret/data/github/repo/${{ github.repository }}/key/credentials passphrase | GPG_PASSPHRASE ;
-            secret/data/github/repo/${{ github.repository }}/key/credentials key | GPG_KEY
+            secret/data/github/repo/${{ github.repository }}/signing/gpg privateKey | GPG_KEY;
+            secret/data/github/repo/${{ github.repository }}/signing/gpg passphrase | GPG_PASSPHRASE
 
       - name: sign shasum
         env:
@@ -37,11 +37,11 @@ jobs:
           GPG_PASSPHRASE: ${{ env.GPG_PASSPHRASE }}
         run: |
           echo "Importing gpg key"
-          echo -n '${{ env.GPG_KEY }}' | base64 -d | gpg --import --batch > /dev/null
+          echo -n '${{ env.GPG_KEY }}' | gpg --import --batch > /dev/null
           echo "signing SHASUM file"
           VERSION_NO_V="$(echo ${{ github.ref_name }} | tr -d 'v')"
           SHASUM_FILE="dist/artifacts/${{ github.ref_name }}/terraform-provider-rke_${VERSION_NO_V}_SHA256SUMS"
-          echo -n '${{ env.GPG_PASSPHRASE }}' | base64 -d | gpg --detach-sig --pinentry-mode loopback --passphrase-fd 0 --output "${SHASUM_FILE}.sig" --sign "${SHASUM_FILE}"
+          echo '${{ env.GPG_PASSPHRASE }}' | gpg --detach-sig --pinentry-mode loopback --passphrase-fd 0 --output "${SHASUM_FILE}.sig" --sign "${SHASUM_FILE}"
 
       - name: GH release
         env:
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 95cdfe57..8b1d4d02 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -28,8 +28,8 @@ jobs:
         uses: rancher-eio/read-vault-secrets@main
         with:
           secrets: |
-            secret/data/github/repo/${{ github.repository }}/key/credentials passphrase | GPG_PASSPHRASE ;
-            secret/data/github/repo/${{ github.repository }}/key/credentials key | GPG_KEY
+            secret/data/github/repo/${{ github.repository }}/signing/gpg privateKey | GPG_KEY;
+            secret/data/github/repo/${{ github.repository }}/signing/gpg passphrase | GPG_PASSPHRASE
 
       - name: sign shasum
         env:
@@ -37,11 +37,11 @@ jobs:
           GPG_PASSPHRASE: ${{ env.GPG_PASSPHRASE }}
         run: |
           echo "Importing gpg key"
-          echo -n '${{ env.GPG_KEY }}' | base64 -d | gpg --import --batch > /dev/null
+          echo -n '${{ env.GPG_KEY }}' | gpg --import --batch > /dev/null
           echo "signing SHASUM file"
           VERSION_NO_V="$(echo ${{ github.ref_name }} | tr -d 'v')"
           SHASUM_FILE="dist/artifacts/${{ github.ref_name }}/terraform-provider-rke_${VERSION_NO_V}_SHA256SUMS"
-          echo -n '${{ env.GPG_PASSPHRASE }}' | base64 -d | gpg --detach-sig --pinentry-mode loopback --passphrase-fd 0 --output "${SHASUM_FILE}.sig" --sign "${SHASUM_FILE}"
+          echo '${{ env.GPG_PASSPHRASE }}' | gpg --detach-sig --pinentry-mode loopback --passphrase-fd 0 --output "${SHASUM_FILE}.sig" --sign "${SHASUM_FILE}"
 
       - name: GH release
         env: