Gitlab CI and Signing plugin

I am working on an open-source Java library and want to automate deployment to Sonatype. I managed to publish from my local machine, however, I want to automate things so that each tag is published. The problem which I am encountering is related to signing my artifacts using the signing plugin.

More precisely, I have a main project which contains 3 modules: masker, log4j2 and logback. The last two build jar artifacts and have the signing code in the build.gradle:

signing {
    sign publishing.publications

The problem I am facing is that this approach requires having the file with the keyId, password and file location. For obvious reasons, I don’t want these commited in the repository. So, I use Gitlab CI to store these secret values in variables.

However, I can’t write the two files (one in the log4j2 module and one in the logback module) during publishing. And using the ./gradlew with the -P does not pass the arguments to the sub-modules. I don’t know how else to automate things, so any help is appreciated.

I tried using this method:

def signingKey = findProperty("signingKey")
    def signingPassword = findProperty("signingPassword")
    useInMemoryPgpKeys(signingKey, signingPassword)

However, it did not work locally:

* What went wrong:
Execution failed for task ':log4j2:signMavenJavaPublication'.
> Cannot perform signing task ':log4j2:signMavenJavaPublication' because it has no configured signatory

P.S: For anyone interested in looking over the code directly, you can find it here: Petre Popescu Open Source Projects / LogMasker · GitLab

So, I found a workaround. Probably not the best, but it works.
I store the contents of the file in a variable in Gitlab. In the pipeline, prior to starting the build, I write the contents of the variable to a file in the needed locations.

That is not correct.
Gradle properties that you set on the command line are available in the whole build.
If it did not work with that, something else is not correct.