Generate and upload sha256 checksums

[Jake-Shadle]

This PR attempts to add an additional "${artifact_name}.sha256" for each platform's release tarball that just contains the sha256 hash of that tarball. This would allow external packagers/installers (eg. scoop) to validate the tarballs without actually downloading the full tarball.

Resolves: #369

[Jake-Shadle]

Oh, and though I am fairly sure the Travis config will work, I have much lower confidence in the Appveyor config as the docs around deployment stuff were...weird. Also I tried the powershell stuff in an online interpreter, but really have no idea what I am doing to be honest. Fake it till you make it!

[Jake-Shadle]

Once this PR is merged, I can improve the scoop entry for sccache so that it can be easily kept up to date with new releases.

[luser]

Oh, and though I am fairly sure the Travis config will work, I have much lower confidence in the Appveyor config as the docs around deployment stuff were...weird. Also I tried the powershell stuff in an online interpreter, but really have no idea what I am doing to be honest. Fake it till you make it!

This is my exact process for dealing with Travis and AppVeyor configs in general. I wish there were more sensible ways to test the release logic. 🤷‍♂️