[feature] Custom GITHUB_TOKEN for go `upload-assets`

[OpenWaygate]

trafficstars

Is your feature request related to a problem? Please describe. builder_go_slsa3.yml is a reuseable workflow, so I cannot set environment variable when use it

Any environment variables set in an env context defined at the workflow level in the caller workflow are not propagated to the called workflow." ref

The upload-assets job use the default GITHUB_TOKEN, then default releaser is github-actions.

When you use the repository's GITHUB_TOKEN to perform tasks, events triggered by the GITHUB_TOKEN, with the exception of workflow_dispatch and repository_dispatch, will not create a new workflow run. ref

Accordingly, if I created a new action with this trigger, it will never be triggered.

on:
  release:
    types: [released]

Describe the solution you'd like I think this can be resolved with new input, accept a new input GITHUB_TOKEN and use it as environment variable in upload-assets

Describe alternatives you've considered Convert the reuseable workflow to composite action.

Additional context ~