diff --git a/.github/workflows/container-deploy.yml b/.github/workflows/container-deploy.yml
index 5c8f234330..df2c266c90 100644
--- a/.github/workflows/container-deploy.yml
+++ b/.github/workflows/container-deploy.yml
@@ -176,6 +176,9 @@ jobs:
           # Google Cloud credentials
           echo "GOOGLE_CREDENTIALS=${{ secrets.GOOGLE_CREDENTIALS }}" >> .env
 
+          # Secret key to secure batch job import
+          echo "BATCH_JOB_KEY=${{ secrets.BATCH_JOB_KEY }}" >> .env
+
 
     - name: Create Docker volumes
       uses: appleboy/ssh-action@master
diff --git a/robotoff/batch/launch.py b/robotoff/batch/launch.py
index 8b6d9c2113..52c4f37101 100644
--- a/robotoff/batch/launch.py
+++ b/robotoff/batch/launch.py
@@ -1,3 +1,4 @@
+import base64
 import datetime
 import json
 import os
@@ -24,7 +25,8 @@ def check_google_credentials() -> None:
             credentials_path,
         )
         credentials_path.parent.mkdir(parents=True, exist_ok=True)
-        credentials = json.loads(os.environ["GOOGLE_CREDENTIALS"])
+        credentials_base64 = os.environ["GOOGLE_CREDENTIALS"]
+        credentials = json.loads(base64.b64decode(credentials_base64).decode("utf-8"))
         with open(credentials_path, "w") as f:
             json.dump(credentials, f, indent=4)