diff --git a/.github/workflows/create-release-branch.yaml b/.github/workflows/create-release-branch.yaml
index 75a51249ebe..e9479b3406d 100644
--- a/.github/workflows/create-release-branch.yaml
+++ b/.github/workflows/create-release-branch.yaml
@@ -15,7 +15,7 @@ jobs:
   create-release-branch:
     runs-on: ubuntu-latest
     permissions:
-      contents: read
+      contents: write # Allow pushing the empty release branch
       id-token: write # Required for OIDC token federation
     steps:
       - uses: DataDog/dd-octo-sts-action@acaa02eee7e3bb0839e4272dacb37b8f3b58ba80 # v1.0.3
@@ -45,8 +45,10 @@ jobs:
           BRANCH="release/${TAG%.0}.x"
           echo "branch=${BRANCH}" >> "$GITHUB_OUTPUT"
 
-      - name: Checkout dd-trace-java
+      - name: Checkout dd-trace-java at tag
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # 5.0.0
+        with:
+          ref: ${{ github.sha }}
 
       - name: Check if branch already exists
         id: check-branch
@@ -60,15 +62,11 @@ jobs:
             echo "Branch $BRANCH does not exist - proceeding with following steps"
           fi
 
-      - name: Push empty release branch
+      - name: Create and push empty release branch
         if: steps.check-branch.outputs.creating_new_branch == 'true'
-        uses: DataDog/commit-headless@5a0f3876e0fbdd3a86b3e008acf4ec562db59eee # action/v2.0.1
-        with:
-          token: "${{ steps.octo-sts.outputs.token }}"
-          branch: "${{ steps.define-branch.outputs.branch }}"
-          head-sha: "${{ github.sha }}"
-          create-branch: true
-          command: push
+        run: |
+          git checkout -b "${{ steps.define-branch.outputs.branch }}"
+          git push -u origin "${{ steps.define-branch.outputs.branch }}"
 
       - name: Define temp branch name
         if: steps.check-branch.outputs.creating_new_branch == 'true'