ci: improve workflow reliability and error handling

.github/workflows/auto-tag.yml

@@ -7,20 +7,20 @@ on:
       - main
     paths-ignore:
       - '**.md'
-      - '.gitignore'
-      - '.github/workflows/**'
       - 'LICENSE'
+      - '.gitignore'
 
 jobs:
   auto-tag:
     runs-on: ubuntu-latest
     permissions:
       contents: write
+    outputs:
+      new_tag: ${{ steps.get_latest_tag.outputs.version }}
     steps:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-          token: ${{ secrets.GITHUB_TOKEN }}
           
       - name: Get latest tag
         id: get_latest_tag
@@ -38,6 +38,8 @@ jobs:
           fi
 
       - name: Create new tag
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           new_tag=${{ steps.get_latest_tag.outputs.version }}
           git config --global user.name 'github-actions[bot]'

.github/workflows/release.yml

@@ -24,6 +24,14 @@ jobs:
           go-version: '1.21'
           cache: true
 
+      - name: Import GPG key
+        id: import_gpg
+        uses: crazy-max/ghaction-import-gpg@v6
+        with:
+          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.PASSPHRASE }}
+        if: ${{ env.GPG_PRIVATE_KEY != '' }}
+
       - name: Run GoReleaser
         uses: goreleaser/goreleaser-action@v5
         with:
@@ -32,3 +40,4 @@ jobs:
           args: release --clean
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}