Add release process: (#11)

## Description


This includes pushing the helm chart to ghcr.io

## Why is this needed



Fixes: #

## How Has This Been Tested?





## How are existing users impacted? What migration steps/scripts do we need?





## Checklist:

I have:

- [ ] updated the documentation and/or roadmap (if required)
- [ ] added unit or e2e tests
- [ ] provided instructions on how to upgrade

.github/workflows/tags.yaml

@@ -0,0 +1,47 @@
+on:
+  push:
+    tags:
+      - "v*"
+name: Create release
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: Generate Release Notes
+        run: |
+          release_notes=$(gh api repos/{owner}/{repo}/releases/generate-notes -F tag_name=${{ github.ref }} --jq .body)
+          echo 'RELEASE_NOTES<<EOF' >> $GITHUB_ENV
+          echo "${release_notes}" >> $GITHUB_ENV
+          echo 'EOF' >> $GITHUB_ENV
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          OWNER: ${{ github.repository_owner }}
+          REPO: ${{ github.event.repository.name }}
+
+      - name: install helm
+        uses: Azure/[email protected]
+        with:
+          version: v3.9.4
+
+      - name: create helm chart package
+        run: ver=${GITHUB_REF_NAME}; helm package tinkerbell/stack --dependency-update --version ${ver:1}
+
+      - name: login to ghcr.io
+        run: echo ${{ secrets.GITHUB_TOKEN }} | helm registry login ghcr.io/tinkerbell --username ${{ github.actor }} --password-stdin
+
+      - name: publish chart to ghcr.io
+        run: ver=${GITHUB_REF_NAME}; helm push stack-${ver:1}.tgz oci://ghcr.io/tinkerbell/charts
+
+      - name: Create Release
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ github.ref }}
+          release_name: ${{ github.ref }}
+          body: ${{ env.RELEASE_NOTES }}
+          draft: false
+          prerelease: true

RELEASING.md

@@ -0,0 +1,19 @@
+# Releasing
+
+## Process
+
+For version v0.x.y:
+
+1. Create the annotated tag
+    > NOTE: To use your GPG signature when pushing the tag, use `SIGN_TAG=1 ./contrib/tag-release.sh v0.x.y` instead)
+    - `./contrib/tag-release.sh v0.x.y`
+1. Push the tag to the GitHub repository. This will automatically trigger a [Github Action](https://github.com/tinkerbell/charts/actions) to create a release.
+    > NOTE: `origin` should be the name of the remote pointing to `github.com/tinkerbell/charts`
+    - `git push origin v0.x.y`
+1. Review the release on GitHub.
+
+### Permissions
+
+Releasing requires a particular set of permissions.
+
+-   Tag push access to the GitHub repository

contrib/tag-release.sh

@@ -0,0 +1,40 @@
+#!/usr/bin/env bash
+
+set -o errexit -o nounset -o pipefail
+
+if [ -z "${1-}" ]; then
+	echo "Must specify new tag"
+	exit 1
+fi
+
+new_tag=${1-}
+[[ $new_tag =~ ^v[0-9]*\.[0-9]*\.[0-9]*$ ]] || (
+	echo "Tag must be in the form of vX.Y.Z"
+	exit 1
+)
+
+if [[ $(git symbolic-ref HEAD) != refs/heads/main ]] && [[ -z ${ALLOW_NON_MAIN:-} ]]; then
+	echo "Must be on main branch" >&2
+	exit 1
+fi
+if [[ $(git describe --dirty) != $(git describe) ]]; then
+	echo "Repo must be in a clean state" >&2
+	exit 1
+fi
+
+git fetch --all
+
+last_tag=$(git describe --abbrev=0)
+last_tag_commit=$(git rev-list -n1 "$last_tag")
+last_specific_tag=$(git tag --contains="$last_tag_commit" | grep -E "^v[0-9]*\.[0-9]*\.[0-9]*$" | tail -n 1)
+last_specific_tag_commit=$(git rev-list -n1 "$last_specific_tag")
+if [[ $last_specific_tag_commit == $(git rev-list -n1 HEAD) ]]; then
+	echo "No commits since last tag" >&2
+	exit 1
+fi
+
+if [[ -n ${SIGN_TAG-} ]]; then
+	git tag -s -m "${new_tag}" "${new_tag}" &>/dev/null && echo "created signed tag ${new_tag}" >&2 && exit
+else
+	git tag -a -m "${new_tag}" "${new_tag}" &>/dev/null && echo "created annotated tag ${new_tag}" >&2 && exit
+fi