1 files changed, 13 insertions, 10 deletions

diff --git a/.drone/authenv.sh b/.drone/authenv.sh
index ba9bc01..7dbeaaa 100755
--- a/.drone/authenv.sh
+++ b/.drone/authenv.sh
@@ -1,17 +1,19 @@
-#!/bin/sh
+#!/bin/bash
+
+# Set up an environment for signing and publishing sbt projects.
 
-# Set up the environment for signing and publishing sbt projects.
 # WARNING: this script has global side effects, it is intended to be
 # run in an isolated, throw-away environment!
 
 set -e
+set -o pipefail
 
-echo "Preparing authenticated environment"
+echo "Preparing authenticated environment" >&2
 
-# Veridy that this script is running in a CI environment and has
+# Verify that this script is running in a CI environment and has
 # secrets available
 if [ -z "CI" ]; then
-    echo "This script should be run in a CI environment. Aborting."
+    echo "This script should be run in a CI environment. Aborting." >&2
     exit 1
 fi
 if [ -z "$SECURE" ] || [ "$SECURE" = "\$\$SECURE" ]; then
@@ -19,20 +21,21 @@ if [ -z "$SECURE" ] || [ "$SECURE" = "\$\$SECURE" ]; then
     exit 1
 fi
 
-# Import secret signing sub key.
+# Import gpg signing (secret) key.
 #
-# Although the key is encrypted as a drone secret, it must also be
+# Although the key is encrypted as a drone secret, it should also be
 # encrypted with a passphrase since gpg2 does not allow exporting keys
 # with empty passwords https://bugs.gnupg.org/gnupg/issue2070
-echo "$GPG_SSB_ENC" | base64 -w 0 -d | gpg --batch --import
-echo "Imported signing key"
+# The used password is 0000000000
+echo "$GPG_KEY_ENC" | base64 -w 0 -d | gpg --batch --import
+echo "Imported signing key" >&2
 
 # Prepare gpg settings for sbt
 cat << EOF > "gpg.sbt"
 pgpSigningKey in Global := Some(0x2CED17AB2B6D6F37l)
 pgpPassphrase in Global := Some("0000000000".toCharArray)
 EOF
-echo "sbt-pgp ready"
+echo "sbt-pgp ready" >&2
 
 # Prepare bintray settings
 mkdir -p "$HOME/.bintray"