ci(reusable-update-flake-lock): Remove GPG passphrase option

PetarKirov · PetarKirov · commit c1c6a3b93d3d · 2025-08-23T15:40:49.000+03:00
`nix flake update --commit-lock-file` does not have a way to provide a
passphrase to GPG.
diff --git a/.github/workflows/reusable-update-flake-lock.yml b/.github/workflows/reusable-update-flake-lock.yml
@@ -39,9 +39,6 @@ on:
       GIT_GPG_SIGNING_SECRET_KEY:
         description: GPG secret key used to sign commits
         required: false
-      GIT_GPG_SIGNING_PASSPHRASE:
-        description: GPG passphrase for secret key
-        required: false
 
     outputs:
       pr-url:
@@ -82,12 +79,10 @@ jobs:
         if: ${{ inputs.sign-commits }}
         env:
           GIT_GPG_SIGNING_SECRET_KEY: ${{ secrets.GIT_GPG_SIGNING_SECRET_KEY }}
-          GIT_GPG_SIGNING_PASSPHRASE: ${{ secrets.GIT_GPG_SIGNING_PASSPHRASE }}
         run: |
           echo "$GIT_GPG_SIGNING_SECRET_KEY" \
             | gpg --batch --yes \
                 --pinentry-mode loopback \
-                --passphrase "$GIT_GPG_SIGNING_PASSPHRASE" \
                 --import
           git config --local user.signingkey "${{ vars.GIT_GPG_SIGNING_KEY_ID }}"
 
