From 3c609fe8d2d509817a19b72713a05a34147c9335 Mon Sep 17 00:00:00 2001
From: OpenTofu Core Development Team <core@opentofu.org>
Date: Mon, 29 Apr 2024 16:57:40 +0200
Subject: [PATCH] Apply GitHub workflow changes

---
 .../workflows/artifact-release-trigger.yml    | 12 +++++++
 .github/workflows/artifact-release.yml        | 33 +++++++++++++++++++
 .github/workflows/fork_sync.yml               | 11 +++++++
 .github/workflows/resign.yml                  | 17 ++++++++++
 4 files changed, 73 insertions(+)
 create mode 100644 .github/workflows/artifact-release-trigger.yml
 create mode 100644 .github/workflows/artifact-release.yml
 create mode 100644 .github/workflows/fork_sync.yml
 create mode 100644 .github/workflows/resign.yml

diff --git a/.github/workflows/artifact-release-trigger.yml b/.github/workflows/artifact-release-trigger.yml
new file mode 100644
index 000000000000..a2893ec26690
--- /dev/null
+++ b/.github/workflows/artifact-release-trigger.yml
@@ -0,0 +1,12 @@
+name: Trigger Artifact Release
+
+on:
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  actions: write
+
+jobs:
+  trigger:
+    uses: opentofu/scripts/.github/workflows/trigger.yml@main
diff --git a/.github/workflows/artifact-release.yml b/.github/workflows/artifact-release.yml
new file mode 100644
index 000000000000..1c9b22538ee9
--- /dev/null
+++ b/.github/workflows/artifact-release.yml
@@ -0,0 +1,33 @@
+name: Artifact Release
+
+on:
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: "Release tag (v#.#.#)"
+        type: string
+        required: true
+
+permissions:
+  contents: write
+
+jobs:
+  release-dispatch:
+    if: inputs.tag != ''
+    uses: opentofu/scripts/.github/workflows/release.yml@main
+    with:
+      tag: ${{ inputs.tag }}
+    secrets:
+      GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
+      GH_PAT: ${{ secrets.GH_PAT }}
+      GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
+
+  release-push:
+    if: inputs.tag == ''
+    uses: opentofu/scripts/.github/workflows/release.yml@main
+    with:
+      tag: ${{ github.ref_name }}
+    secrets:
+      GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
+      GH_PAT: ${{ secrets.GH_PAT }}
+      GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
diff --git a/.github/workflows/fork_sync.yml b/.github/workflows/fork_sync.yml
new file mode 100644
index 000000000000..2d1b269b3a1f
--- /dev/null
+++ b/.github/workflows/fork_sync.yml
@@ -0,0 +1,11 @@
+name: Sync Fork
+
+on:
+  schedule:
+    - cron: '15 */4 * * *' # every 4 hours
+  workflow_dispatch: # on button click
+
+jobs:
+  sync:
+    uses: opentofu/scripts/.github/workflows/sync.yml@main
+    secrets: inherit
diff --git a/.github/workflows/resign.yml b/.github/workflows/resign.yml
new file mode 100644
index 000000000000..28b2efba3412
--- /dev/null
+++ b/.github/workflows/resign.yml
@@ -0,0 +1,17 @@
+name: Artifacts Resign
+
+on:
+  workflow_dispatch:
+
+permissions:
+  contents: write
+
+jobs:
+  resign:
+    uses: opentofu/scripts/.github/workflows/sign.yml@main
+    with:
+      owner: ${{ github.repository_owner }}
+      repo: ${{ github.event.repository.name }}
+    secrets:
+      GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
+      GH_PAT: ${{ secrets.GH_PAT }}