The GPG signing subkey and passphrase are respectively provided through
a Travis encrypted file and a Travis encrypted environment variable.
Signing is only done if there is a signing key present when the build is
complete (so as to not fail when e.g. building a PR that doesn't have
encrypted files available).
Thomas Orozco