In cas a pull request is tested, the secret environment variables are not
present, because they could be exposed by a malicious pull request. So we can
only decrypt the gpg-keys only when the keyphrase is availible.