From 41d9c98f8e63a43ed752b53a09fb088c129e8069 Mon Sep 17 00:00:00 2001
From: Aaron Jacobs <aaron.jacobs@rstudio.com>
Date: Tue, 5 Apr 2022 12:34:26 -0400
Subject: [PATCH] Add the existing header and footer to the GitHub release
 notes.

This should reduce the number of copy & paste operations required during
a release.

Signed-off-by: Aaron Jacobs <aaron.jacobs@rstudio.com>
---
 .goreleaser.yaml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/.goreleaser.yaml b/.goreleaser.yaml
index 7c82c87..fc5e3ad 100644
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -26,6 +26,22 @@ archives:
     format: zip
 release:
   draft: true
+  header: |
+    `rskey` is a command-line tool (and bundled Go packages) that generates secret keys interoperable with the format used by RStudio's Workbench, Connect, and Package Manager products.
+
+    ## Changes since v{{ .Version }}
+  footer: |
+    ## Binary signatures
+
+    Binary releases are signed with [Sigstore](https://www.sigstore.dev/). You can verify these signatures with their `cosign` tool, for example:
+
+    ``` shell
+    $ COSIGN_EXPERIMENTAL=1 cosign verify-blob \
+      --signature rskey_{{ .Version }}_linux_amd64.tar.gz.sig \
+      rskey_{{ .Version }}_linux_amd64.tar.gz
+    ```
+
+    We use Cosign's ["keyless"](https://docs.sigstore.dev/cosign/openid_signing) mode, which uses the OpenID Connect tokens issued by GitHub for this repository and ephemeral certificates instead of private keys. This feature currently requires setting `COSIGN_EXPERIMENTAL=1`.
 signs:
 - cmd: cosign
   signature: "${artifact}.sig"