diff --git a/.github/workflows/trace-workflow.yml b/.github/workflows/trace-workflow.yml
new file mode 100644
index 0000000..62f2320
--- /dev/null
+++ b/.github/workflows/trace-workflow.yml
@@ -0,0 +1,32 @@
+name: Emit Workflow Traces
+
+on:
+  workflow_run:
+    workflows:
+      - "**"
+    types:
+      - completed
+
+permissions:
+  packages: write
+  contents: write
+  attestations: write
+  id-token: write
+  actions: write
+  checks: write
+
+jobs:
+  send:
+    runs-on: ubuntu-latest
+    services:
+      otel-collector:
+        image: "ghcr.io/freckle/trace-workflow-action-otel-image:7aa520d43a29e6d028037bdeafe9e9882e695795"
+        ports:
+          - "4317:4317"
+          - "4318:4318"
+        env:
+          DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
+
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./
diff --git a/action.yml b/action.yml
new file mode 100644
index 0000000..3afa772
--- /dev/null
+++ b/action.yml
@@ -0,0 +1,22 @@
+name: 'Trace Workflow Actions'
+description: 'publishes execution traces of workflow actions.'
+inputs:
+  github-commit-sha:
+    default: "${{ github.event.pull_request.head.sha || github.sha }}"
+  github-owner:
+    default: "${{ github.repository_owner }}"
+  github-repo:
+    default: "${{ github.repository }}"
+  github-run-id:
+    default: "${{ github.run_id }}"
+  github-token:
+    default: "${{ github.token }}"
+runs:
+  using: 'docker'
+  image: "ghcr.io/freckle/trace-workflow-action-image:810e79fdfe2df6e8eca521394e27cea195ecf7d5"
+  env:
+    GITHUB_COMMIT_SHA: ${{ inputs.github-commit-sha }}
+    GITHUB_OWNER: ${{ inputs.github-owner }}
+    GITHUB_REPO: ${{ inputs.github-repo }}
+    GITHUB_RUN_ID: ${{ inputs.github-run-id }}
+    GITHUB_TOKEN: ${{ inputs.github-token }}