From 6920e263e426e58a42e953a85283a996c354a160 Mon Sep 17 00:00:00 2001
From: Alex Lovell-Troy <alovelltroy@lanl.gov>
Date: Thu, 21 Aug 2025 10:45:14 -0400
Subject: [PATCH 1/5] refactor: streamline Release workflow by removing
 unnecessary build steps

Signed-off-by: Alex Lovell-Troy <alovelltroy@lanl.gov>
---
 .github/workflows/Release.yml | 74 ++++-------------------------------
 1 file changed, 8 insertions(+), 66 deletions(-)

diff --git a/.github/workflows/Release.yml b/.github/workflows/Release.yml
index 9da4b4f5..8d9c8245 100644
--- a/.github/workflows/Release.yml
+++ b/.github/workflows/Release.yml
@@ -6,70 +6,12 @@ on:
     tags:
       - v*
 
-permissions: write-all # Necessary for the generate-build-provenance action with containers
-
 jobs:
-
-  build:
-
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Set up latest stable Go
-        uses: actions/setup-go@v5
-        with:
-          go-version: stable
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-      - name: Docker Login
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-tags: 1
-          fetch-depth: 0
-      # Set environment variables required by GoReleaser
-      - name: Set build environment variables
-        run: |
-          echo "GIT_STATE=$(if git diff-index --quiet HEAD --; then echo 'clean'; else echo 'dirty'; fi)" >> $GITHUB_ENV
-          echo "BUILD_HOST=$(hostname)" >> $GITHUB_ENV
-          echo "GO_VERSION=$(go version | awk '{print $3}')" >> $GITHUB_ENV
-          echo "BUILD_USER=$(whoami)" >> $GITHUB_ENV
-          echo "CGO_ENABLED=0" >> $GITHUB_ENV
-      
-      - name: Install Swag
-        run: go install github.com/swaggo/swag/cmd/swag@latest
-        
-      - name: Release with goreleaser
-        uses: goreleaser/goreleaser-action@v6
-        env:
-          GITHUB_TOKEN: ${{ github.token }}
-        with:
-          version: latest
-          args: release --clean
-        id: goreleaser
-      - name: Process goreleaser output
-        id: process_goreleaser_output
-        run: |
-          echo "const fs = require('fs');" > process.js
-          echo 'const artifacts = ${{ steps.goreleaser.outputs.artifacts }}' >> process.js
-          echo "const firstNonNullDigest = artifacts.find(artifact => artifact.extra && artifact.extra.Digest != null)?.extra.Digest;" >> process.js
-          echo "console.log(firstNonNullDigest);" >> process.js
-          echo "fs.writeFileSync('digest.txt', firstNonNullDigest);" >> process.js
-          node process.js
-          echo "digest=$(cat digest.txt)" >> $GITHUB_OUTPUT
-      - name: Attest Binaries
-        uses: actions/attest-build-provenance@v1
-        with:
-          subject-path: dist/cloud-init*
-      - name: generate build provenance
-        uses: actions/attest-build-provenance@v1
-        with:
-          subject-name: ghcr.io/openchami/cloud-init
-          subject-digest: ${{ steps.process_goreleaser_output.outputs.digest }}
-          push-to-registry: true
+  release:
+    uses: OpenCHAMI/github-actions/workflows/go-build-release.yml@v2
+    with:
+      cgo-enabled: "0"
+      pre-build-commands: |
+        go install github.com/swaggo/swag/cmd/swag@latest
+      attestation-binary-path: "dist/cloud-init*"
+      registry-name: ghcr.io/openchami/cloud-init

From 84f3488299d037dbf5916a638c7ffde5226d9e61 Mon Sep 17 00:00:00 2001
From: Alex Lovell-Troy <alovelltroy@lanl.gov>
Date: Thu, 21 Aug 2025 11:36:12 -0400
Subject: [PATCH 2/5] fix: enable CGO support in Release workflow

Signed-off-by: Alex Lovell-Troy <alovelltroy@lanl.gov>
---
 .github/workflows/Release.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/Release.yml b/.github/workflows/Release.yml
index 8d9c8245..19bf96a0 100644
--- a/.github/workflows/Release.yml
+++ b/.github/workflows/Release.yml
@@ -6,11 +6,13 @@ on:
     tags:
       - v*
 
+permissions: write-all # Necessary for the generate-build-provenance action with containers
+
 jobs:
   release:
     uses: OpenCHAMI/github-actions/workflows/go-build-release.yml@v2
     with:
-      cgo-enabled: "0"
+      cgo-enabled: "1"
       pre-build-commands: |
         go install github.com/swaggo/swag/cmd/swag@latest
       attestation-binary-path: "dist/cloud-init*"

From 45de010e6008afca717742827e77e2bb7aaccab0 Mon Sep 17 00:00:00 2001
From: Alex Lovell-Troy <alovelltroy@lanl.gov>
Date: Thu, 21 Aug 2025 13:35:23 -0400
Subject: [PATCH 3/5] fix: update go-build-release workflow to version 3

Signed-off-by: Alex Lovell-Troy <alovelltroy@lanl.gov>
---
 .github/workflows/Release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/Release.yml b/.github/workflows/Release.yml
index 19bf96a0..e0483648 100644
--- a/.github/workflows/Release.yml
+++ b/.github/workflows/Release.yml
@@ -10,7 +10,7 @@ permissions: write-all # Necessary for the generate-build-provenance action with
 
 jobs:
   release:
-    uses: OpenCHAMI/github-actions/workflows/go-build-release.yml@v2
+    uses: OpenCHAMI/github-actions/.github/workflows/go-build-release.yml@v3
     with:
       cgo-enabled: "1"
       pre-build-commands: |

From 88ae11ccc067264bb4ff7045993622aa0d0409e3 Mon Sep 17 00:00:00 2001
From: Alex Lovell-Troy <alovelltroy@lanl.gov>
Date: Thu, 21 Aug 2025 15:46:12 -0400
Subject: [PATCH 4/5] fix: update go-build-release workflow to version 3.1

Signed-off-by: Alex Lovell-Troy <alovelltroy@lanl.gov>
---
 .github/workflows/Release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/Release.yml b/.github/workflows/Release.yml
index e0483648..d14074e6 100644
--- a/.github/workflows/Release.yml
+++ b/.github/workflows/Release.yml
@@ -10,7 +10,7 @@ permissions: write-all # Necessary for the generate-build-provenance action with
 
 jobs:
   release:
-    uses: OpenCHAMI/github-actions/.github/workflows/go-build-release.yml@v3
+    uses: OpenCHAMI/github-actions/.github/workflows/go-build-release.yml@v3.1
     with:
       cgo-enabled: "1"
       pre-build-commands: |

From 267e163f6c6ff86124c4401e4c4306c3e1ad524e Mon Sep 17 00:00:00 2001
From: Alex Lovell-Troy <alovelltroy@lanl.gov>
Date: Thu, 21 Aug 2025 16:40:34 -0400
Subject: [PATCH 5/5] fix: update go-build-release workflow to version 3.2

Signed-off-by: Alex Lovell-Troy <alovelltroy@lanl.gov>
---
 .github/workflows/Release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/Release.yml b/.github/workflows/Release.yml
index d14074e6..2752d3da 100644
--- a/.github/workflows/Release.yml
+++ b/.github/workflows/Release.yml
@@ -10,7 +10,7 @@ permissions: write-all # Necessary for the generate-build-provenance action with
 
 jobs:
   release:
-    uses: OpenCHAMI/github-actions/.github/workflows/go-build-release.yml@v3.1
+    uses: OpenCHAMI/github-actions/.github/workflows/go-build-release.yml@v3.2
     with:
       cgo-enabled: "1"
       pre-build-commands: |