diff --git a/.goreleaser.yml b/.goreleaser.yml
index 3cf60c0..1e37c07 100644
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -33,7 +33,7 @@ builds:
 
 archives:
   - id: summon-aws-secrets
-    name_template: "{{.ProjectName}}-{{.Version}}-{{.Os}}-{{.Arch}}"
+    name_template: "{{.ProjectName}}-{{.Os}}-{{.Arch}}"
     format_overrides:
       - goos: windows
         format: zip
@@ -43,6 +43,21 @@ archives:
       - LICENSE
       - SECURITY.md
 
+brews:
+  - description: AWS Secrets Manager provider for Summon
+    homepage: https://github.com/cyberark/summon-aws-secrets
+    url_template: https://github.com/cyberark/summon/releases/download/v{{.Version}}/summon-aws-secrets-{{ tolower .Os }}-{{ tolower .Arch }}.tar.gz
+    install: |
+      target = lib/"summon"
+      target.install "summon-aws-secrets"
+    test: |
+      system lib/"summon"/"summon-aws-secrets", "-v"
+
+    tap:
+      owner: cyberark
+      name: homebrew-tools
+    skip_upload: true
+
 checksum:
   name_template: 'SHA256SUMS.txt'
 
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 335415c..c355b5b 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -14,3 +14,49 @@ For general contribution and community guidelines, please see the [community rep
 From here your pull request will be reviewed and once you've responded to all
 feedback it will be merged into the project. Congratulations, you're a
 contributor!
+
+## Releasing
+
+### Update the version and changelog
+
+1. Examine the changelog and decide on the version bump rank (major, minor, patch).
+2. Change the title of _Unreleased_ section of the changelog to the target version.
+   - Be sure to add the date (ISO 8601 format) to the section header.
+3. Add a new, empty _Unreleased_ section to the changelog.
+   - Remember to update the references at the bottom of the document.
+4. Update `VERSION` and `version.go` files to reflect the version change.
+5. Commit these changes. `Bump version to x.y.z` is an acceptable commit message.
+6. Push your changes to a branch, and get the PR reviewed and merged.
+
+### Tag the version
+
+1. Tag the version on the master branch using `git tag -s vx.y.z -m vx.y.z`.
+   Note this requires you to be able to sign releases. Consult the
+   [GitHub documentation on signing commits](https://docs.github.com/en/authentication/managing-commit-signature-verification)
+   to set this up.
+2. Push the tag: `git push vx.y.z` (or `git push origin vx.y.z` if you are
+   working from your local machine).
+
+### Add a new GitHub release
+
+1. Create a new release from the tag in the GitHub UI.
+2. Add the changelog for the current version to the release description.
+3. Retrieve the following artifacts from the Jenkins build on the tagged branch,
+   and attach them to the release:
+   - `SHA256SUMS.txt`
+   - `summon-aws-secrets-darwin-amd64.tar.gz`
+   - `summon-aws-secrets-darwin-arm64.tar.gz`
+   - `summon-aws-secrets-freebsd-amd64.tar.gz`
+   - `summon-aws-secrets-linux-amd64.tar.gz`
+   - `summon-aws-secrets-netbsd-amd64.tar.gz`
+   - `summon-aws-secrets-openbsd-amd64.tar.gz`
+   - `summon-aws-secrets-solaris-amd64.tar.gz`
+   - `summon-aws-secrets-windows-amd64.tar.gz`
+
+### Update Homebrew Tools
+
+1. Create a PR in [`cyberark/homebrew-tools`](https://github.com/cyberark/homebrew-tools)
+   to update [`summon-aws-secrets.rb` formula](https://github.com/cyberark/homebrew-tools/blob/master/summon-aws-secrets.rb)
+   using the file `dist/summon-aws-secrets.rb` retrieved from Jenkins artifacts.
+   - Make sure the SHA hashes for the artifacts match the values in the
+     `SHA256SUMS.txt` file attached to the release.
diff --git a/Jenkinsfile b/Jenkinsfile
index f0a72b4..cf9d81b 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -23,9 +23,27 @@ pipeline {
     }
 
     stage('Build Go binaries') {
-      steps {
-        sh './bin/build'
-        archiveArtifacts artifacts: 'dist/*', fingerprint: true
+      stages {
+        stage('Release artifacts') {
+          when {
+            buildingTag()
+          }
+          steps {
+            sh './bin/build'
+            archiveArtifacts artifacts: 'dist/*', fingerprint: true
+          }
+        }
+        stage('Snapshot artifacts') {
+          when {
+            not {
+              buildingTag()
+            }
+          }
+          steps {
+            sh './bin/build --snapshot'
+            archiveArtifacts artifacts: 'dist/*', fingerprint: true
+          }
+        }
       }
     }
 
diff --git a/VERSION b/VERSION
index 60a2d3e..44bb5d1 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-0.4.0
\ No newline at end of file
+0.4.1
\ No newline at end of file
diff --git a/bin/build b/bin/build
index 81f2b32..8ce4917 100755
--- a/bin/build
+++ b/bin/build
@@ -2,7 +2,7 @@
 
 function main() {
   retrieve_cyberark_ca_cert
-  build_binaries
+  build_binaries "$@"
 
   # Needed for testing stages
   goos='linux'
@@ -45,8 +45,7 @@ function build_binaries() {
 
   echo "> Building and packaging binaries"
   docker-compose run --rm \
-    goreleaser release --rm-dist --snapshot
+    goreleaser release --rm-dist --skip-publish --skip-announce --skip-validate "$@"
 }
 
-main
-
+main "$@"
diff --git a/version.go b/version.go
index 3d18682..200e85e 100644
--- a/version.go
+++ b/version.go
@@ -1,3 +1,3 @@
 package main
 
-const VERSION = "0.4.0"
+const VERSION = "0.4.1"