Add automated release workflow for package building and distribution

[Copilot]

This PR implements a comprehensive automated release workflow that handles the complete release process for DocumentDB, including package building, Docker image creation, and GitHub release management.

🚀 Features Added

Automated Release Workflow (.github/workflows/release.yml)

Trigger Options:

• Manual Dispatch: Trigger releases via GitHub Actions UI with version input and draft option
• Tag Creation: Automatic release when pushing tags matching v* pattern

Release Process:

1. Version & Changelog Extraction: Automatically parses version from tags/input and extracts release notes from CHANGELOG.md
2. Package Building: Builds DEB and RPM packages for multiple OS/architecture combinations
3. Changelog Updates: Automatically updates package changelogs with release notes during build
4. Package Signing: Signs all packages with GPG keys and includes verification keys
5. Docker Images: Builds and pushes signed Docker images to GitHub Container Registry
6. Release Creation: Creates GitHub releases with all artifacts, checksums, and documentation

Package Support

DEB Packages:

• Ubuntu 22.04, 24.04, Debian 11, 12
• amd64 and arm64 architectures
• PostgreSQL 16, 17 support
• Updates packaging/debian_files/changelog automatically

RPM Packages:

• RHEL 8, 9 compatible systems
• amd64 architecture
• PostgreSQL 16, 17 support
• Updates packaging/rpm_files/documentdb.spec changelog automatically

Docker Integration

Images Built:

• Base: Ubuntu 22.04 with DEB packages
• Registry: GitHub Container Registry (GHCR)
• Architectures: amd64, arm64
• Tags: PG{16,17}-{arch}-{version} and PG{16,17}-{arch}-latest

Security:

• Cosign keyless signing with GitHub OIDC
• Image verification instructions included
• Package signing with GPG keys

Documentation & Usage

Added comprehensive documentation:

• docs/release-workflow.md - Complete workflow guide
• Updated README.md with release section
• Package verification instructions
• Troubleshooting guide
• Security considerations

Example Usage:

# Manual trigger via GitHub CLI
gh workflow run release.yml -f version=v0.105-0 -f create_draft=true

# Automatic trigger via tag
git tag v0.105-0 && git push origin v0.105-0

🔧 Implementation Details

• Changelog Parsing: Extracts release notes from CHANGELOG.md using version-specific regex
• Artifact Organization: Collects all packages, signing keys, and generates SHA256 checksums
• Matrix Strategy: Builds packages for all supported OS/architecture/PostgreSQL combinations
• Error Handling: Comprehensive validation and fallback mechanisms
• Testing: Validated changelog extraction, package formatting, and artifact organization

🛡️ Security Features

• Package signing with temporary GPG keys (production should use secure key management)
• Docker image signing with cosign keyless signing
• Verification instructions for all artifacts
• SHA256 checksums for integrity verification

📦 Release Artifacts

Each release includes:

• DEB/RPM packages for all supported combinations
• GPG signing keys for package verification
• SHA256SUMS file for integrity checking
• Docker images pushed to GHCR with version and latest tags
• Comprehensive release notes extracted from CHANGELOG.md

This workflow enables maintainers to create complete, verified releases with a single action while ensuring all packages are properly signed and documented.

Fixes #225.

Warning

Firewall rules blocked me from connecting to one or more addresses

I tried to connect to the following addresses, but was blocked by firewall rules:

• www.postgresql.org
  • Triggering command: wget --quiet -O - REDACTED (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to my firewall allow list

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.