Best practices for uploading an artifact to external repository using CI/CD

I was wondering what the best practices were for uploading an artifact to an external repository such as Maven Central using Gitlab’s built-in CI/CD. Maven Central in specific requires signing the artifact with PGP before deployment and other CI services have integrated ways to store these keys safely. Is there something in the documentation I have overlooked or is it not possible to put these keys on Gitlab currently?