fix: trigger goreleaser workflow via tag (#51)

mikesmitty · web-flow · commit fcdb62102ab5 · 2025-11-23T11:35:33.000-05:00
diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml
@@ -0,0 +1,45 @@
+name: GoReleaser
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+permissions:
+  contents: write
+  id-token: write # Required for Cosign keyless signing
+  attestations: write # Required for provenance
+
+jobs:
+  goreleaser:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v6
+        with:
+          fetch-depth: 0
+
+      - name: Set up Go
+        uses: actions/setup-go@v6
+        with:
+          go-version: stable
+
+      - name: Install Cosign
+        uses: sigstore/cosign-installer@v4.0.0
+
+      - name: Install Syft
+        uses: anchore/sbom-action/download-syft@v0.20.10
+
+      - name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@v6
+        with:
+          distribution: goreleaser
+          version: '~> v2'
+          args: release --clean
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Attest Build Provenance
+        uses: actions/attest-build-provenance@v3
+        with:
+          subject-path: dist/checksums.txt
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -8,8 +8,6 @@ on:
 permissions:
   contents: write
   pull-requests: write
-  id-token: write # Required for Cosign keyless signing
-  attestations: write # Required for provenance
 
 jobs:
   release-please:
@@ -18,43 +16,4 @@ jobs:
       - uses: googleapis/release-please-action@v4
         id: release
         with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-
-    outputs:
-      release_created: ${{ steps.release.outputs.release_created }}
-      tag_name: ${{ steps.release.outputs.tag_name }}
-
-  goreleaser:
-    needs: release-please
-    if: ${{ needs.release-please.outputs.release_created }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v6
-        with:
-          fetch-depth: 0
-
-      - name: Set up Go
-        uses: actions/setup-go@v6
-        with:
-          go-version: stable
-
-      - name: Install Cosign
-        uses: sigstore/cosign-installer@v4.0.0
-
-      - name: Install Syft
-        uses: anchore/sbom-action/download-syft@v0.20.10
-
-      - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v6
-        with:
-          distribution: goreleaser
-          version: '~> v2'
-          args: release --clean
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Attest Build Provenance
-        uses: actions/attest-build-provenance@v3
-        with:
-          subject-path: dist/checksums.txt
+          token: ${{ secrets.RELEASE_PLEASE_TOKEN }}
