Fix signing key format and bump to v0.2.1 (#431)

* Bump version to 0.2.1 for Maven Central publish

The v0.2.0 tag pointed to a commit before the publish workflow fix,
so re-releasing as 0.2.1 with the corrected task configuration.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Decode base64 signing key before passing to Gradle

The SIGNING_KEY secret is base64-encoded but the vanniktech plugin's
in-memory signing expects a raw ASCII-armored PGP key. Decode it in
a separate step before publishing.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

Author: wow-miley

.github/workflows/publish.yml

@@ -54,15 +54,21 @@ jobs:
       - name: Run tests before publish
         run: ./gradlew :ampere-core:jvmTest
 
+      - name: Decode signing key
+        env:
+          SIGNING_KEY_BASE64: ${{ secrets.SIGNING_KEY }}
+        run: echo "$SIGNING_KEY_BASE64" | base64 -d > /tmp/signing-key.asc
+
       - name: Publish to Maven Central
         if: ${{ github.event.inputs.dry_run != 'true' }}
         env:
           ORG_GRADLE_PROJECT_mavenCentralUsername: ${{ secrets.MAVEN_CENTRAL_USERNAME }}
           ORG_GRADLE_PROJECT_mavenCentralPassword: ${{ secrets.MAVEN_CENTRAL_PASSWORD }}
           ORG_GRADLE_PROJECT_signingInMemoryKeyId: ${{ secrets.SIGNING_KEY_ID }}
-          ORG_GRADLE_PROJECT_signingInMemoryKey: ${{ secrets.SIGNING_KEY }}
           ORG_GRADLE_PROJECT_signingInMemoryKeyPassword: ${{ secrets.SIGNING_PASSWORD }}
-        run: ./gradlew :ampere-core:publishAllPublicationsToMavenCentralRepository
+        run: |
+          export ORG_GRADLE_PROJECT_signingInMemoryKey="$(cat /tmp/signing-key.asc)"
+          ./gradlew :ampere-core:publishAllPublicationsToMavenCentralRepository
 
       - name: Dry run publish
         if: ${{ github.event.inputs.dry_run == 'true' }}