chore: enhance GitHub Actions workflows with GPG key input for signing releases

- Added an optional input for GPG private key in release.yml to support signing releases.
- Updated the conditional check for GPG key import to utilize the new input, improving flexibility and maintainability.
- Ensured that the auto-tag workflow inherits secrets for better security practices.

.github/workflows/auto-tag.yml

@@ -51,4 +51,6 @@ jobs:
     needs: auto-tag
     if: success()
     uses: ./.github/workflows/release.yml
+    with:
+      gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
     secrets: inherit

.github/workflows/release.yml

@@ -40,9 +40,9 @@ jobs:
       - name: Import GPG key
         id: import_gpg
         uses: crazy-max/ghaction-import-gpg@v6
-        if: "${{ secrets.GPG_PRIVATE_KEY != '' }}"
+        if: inputs.gpg_private_key != ''
         with:
-          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
+          gpg_private_key: ${{ inputs.gpg_private_key }}
           passphrase: ${{ secrets.PASSPHRASE }}
 
       - name: Run GoReleaser