diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 49413ef..bbe587e 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -58,12 +58,12 @@ jobs:
     # - uses: grafana/plugin-actions/build-plugin@release
     #   with:
     #     grafana_token: ${{ secrets.GRAFANA_ACCESS_POLICY_TOKEN }}
+    env:
+        GRAFANA_ACCESS_POLICY_TOKEN: ${{ secrets.GRAFANA_ACCESS_POLICY_TOKEN }}
     steps:
     - name: Sign plugin
       run: npm run sign
       shell: bash
-      env:
-        GRAFANA_ACCESS_POLICY_TOKEN: ${{ secrets.GRAFANA_ACCESS_POLICY_TOKEN }}
       if: ${{ GRAFANA_ACCESS_POLICY_TOKEN != '' }} # https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#using-secrets-in-a-workflow
 
     - name: Get plugin metadata