v2.3.2

Add GPG Key ID (#39) @goruha (#40)

## what

[!IMPORTANT]
This pull request is a work in progress as I would love to see this feature but do not want to encroach on any work from the CloudPosse team. If this PR is not on the right track, feel free to close at your will

why

• Provides an interface for teams to sign component updater commits
• The following is an example of how this could be leveraged to sign component updater commits:

name: "atmos-components"

on:
  workflow_dispatch: {}

  schedule:
    - cron:  '0 8 * * 1'         # Execute every week on Monday at 08:00

permissions:
  contents: write
  pull-requests: write

jobs:
  update:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3
        with:
          fetch-depth: 0

      - name: Import GPG Key
        run: |
          echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --batch --import
          git config --global user.signingkey ${{ secrets.GPG_KEY_ID }}
          git config --global commit.gpgSign true

      - name: Update Atmos Components
        uses: cloudposse/github-action-atmos-component-updater@v2
        with:
          github-access-token: ${{ secrets.GITHUB_TOKEN }}
          max-number-of-prs: 5
          include: |
            aws-*
            eks/*
            bastion
          exclude: aws-sso,aws-saml
        env:
          GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }}

#39

🤖 Automatic Updates

Update release workflow to allow pull-requests: write @osterman (#35)

## what - Update workflow (`.github/workflows/release.yaml`) to have permission to comment on PR

why

• Add comment to PR when it is released

Use GitHub Action Workflows from `cloudposse/.github` Repo @osterman (#33)

## what - Update workflows (`.github/workflows/settings.yaml`) to use shared workflows from `.github` repo

why

• Reduce nested levels of reusable workflows