How to sign jar with GPG

Dear All,
I need to deploy the created jar into a Nexus repo.
Fine so far, but… I have to sign the files with gpg.

What is the right way to do this, because I have no idea, how to make the
private key available to this build.

Cheers
Sven

Use secrets
http://docs.drone.io/manage-secrets/#example-from-file

pipeline:
    image: maven-3
    secrets: [private_key]
    commands:
        - echo -n "$PRIVATE_KEY" > ~/path/to/key
        - mvn clean install -Pdeploy-nexus

Thanks, will have a look at it tomorrow. Cheers Sven