From 761f2da8dea6cc300ec351828d33483d73120b4b Mon Sep 17 00:00:00 2001
From: shubham-stepsecurity <shubham@stepsecurity.io>
Date: Thu, 13 Jun 2024 18:43:01 +0530
Subject: [PATCH] standardize release worklow

---
 .github/workflows/actions_release.yaml | 21 +++++++++++++++
 .github/workflows/release.yml          | 37 --------------------------
 2 files changed, 21 insertions(+), 37 deletions(-)
 create mode 100644 .github/workflows/actions_release.yaml
 delete mode 100644 .github/workflows/release.yml

diff --git a/.github/workflows/actions_release.yaml b/.github/workflows/actions_release.yaml
new file mode 100644
index 0000000..6082ace
--- /dev/null
+++ b/.github/workflows/actions_release.yaml
@@ -0,0 +1,21 @@
+name: Release GitHub Actions
+
+on:
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: "Tag for the release"
+        required: true
+
+permissions:
+  contents: read
+
+jobs:
+  release:
+    permissions:
+      actions: read
+      id-token: write
+      contents: write
+    uses: step-security/reusable-workflows/.github/workflows/actions_release.yaml@v1
+    with:
+      tag: "${{ github.event.inputs.tag }}"
\ No newline at end of file
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
deleted file mode 100644
index e8522c4..0000000
--- a/.github/workflows/release.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-name: Release new action version
-on:
-  workflow_dispatch:
-    inputs:
-      TAG_NAME:
-        description: "Tag name that the major tag will point to"
-        required: true
-
-env:
-  TAG_NAME: ${{ github.event.inputs.TAG_NAME || github.event.release.tag_name }}
-defaults:
-  run:
-    shell: pwsh
-
-permissions:
-  contents: read
-
-jobs:
-  update_tag:
-    name: Update the major tag to include the ${{ github.event.inputs.TAG_NAME || github.event.release.tag_name }} changes
-    # Remember to configure the releaseNewActionVersion environment with required approvers in the repository settings
-    environment:
-      name: releaseNewActionVersion
-    runs-on: ubuntu-latest
-    permissions:
-      contents: write
-    steps:
-      - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423
-        with:
-          egress-policy: audit
-
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
-
-      - name: Update the ${{ env.TAG_NAME }} tag
-        uses: step-security/publish-action@b438f840875fdcb7d1de4fc3d1d30e86cf6acb5d
-        with:
-          source-tag: ${{ env.TAG_NAME }}
\ No newline at end of file