replace manual slsa-verifier installation with action (#1585)

Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>

.github/workflows/release.yml

@@ -52,20 +52,8 @@ jobs:
     steps:
       # Note: this will be replaced with the GHA in the future.
       # See https://github.com/slsa-framework/slsa-verifier/issues/95
-      - name: Install the verifier
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          set -euo pipefail
-          gh -R slsa-framework/slsa-verifier release download v1.2.0 -p "slsa-verifier-linux-amd64"
-          chmod ug+x slsa-verifier-linux-amd64
-          # Note: see https://github.com/slsa-framework/slsa-verifier/blob/main/SHA256SUM.md
-          COMPUTED_HASH=$(sha256sum slsa-verifier-linux-amd64 | cut -d ' ' -f1)
-          EXPECTED_HASH="37db23392c7918bb4e243cdb097ed5f9d14b9b965dc1905b25bc2d1c0c91bf3d"
-          if [[ "$EXPECTED_HASH" != "$COMPUTED_HASH" ]];then
-              echo "error: expected $EXPECTED_HASH, computed $COMPUTED_HASH"
-              exit 1
-          fi
+      - name: Install SLSA verifier
+        uses: slsa-framework/slsa-verifier/actions/installer@v2.0.1
       - name: Download assets
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}