Don't run build.yaml ever, let the release-* jobs trigger it

.github/workflows/build.yaml

@@ -1,7 +1,6 @@
 name: Build artifacts
 
 on:
-  pull_request:
   workflow_dispatch:
   workflow_call:
 

.github/workflows/release-branches.yml

@@ -1,8 +1,7 @@
 name: Release Branch
 
 on:
-  workflow_run:
-    workflows: ["Build artifacts"]
+  push:
     branches:
       # NOTE: make sure any branches here are also valid directory names,
       # otherwise creating the directory and uploading to s3 will fail
@@ -20,6 +19,7 @@ jobs:
     concurrency: release
     runs-on: ubuntu-latest
     permissions:
+      contents: read
       id-token: write # In order to request a JWT for AWS auth
     steps:
       - name: Checkout

.github/workflows/release-tags.yml

@@ -1,14 +1,6 @@
 name: Release Tags
 
 on:
-  workflow_run:
-    workflows: ["Build artifacts"]
-    branches:
-      # NOTE: make sure any branches here are also valid directory names,
-      # otherwise creating the directory and uploading to s3 will fail
-      - "main"
-    types:
-      - completed
   push:
     tags:
       - "v*.*.*"