chore: Add GPG key import step to GitHub Actions workflow

- Introduced a step to import the GPG private key from GitHub secrets for secure artifact signing.
- Enhanced the workflow to ensure GPG signing capabilities are properly configured during the deployment process.

Author: Marvin Zhang

.github/workflows/publish.yml

@@ -43,6 +43,12 @@ jobs:
             </servers>
           </settings>" > ~/.m2/settings.xml
 
+      - name: Import GPG key
+        run: |
+          echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --batch --import
+        env:
+          GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
+
       - name: Set GPG_TTY
         run: echo "export GPG_TTY=$(tty)" >> $GITHUB_ENV