Add release workflow back

[hungyanbin]

Description:

Currently, our GitHub Actions workflow is configured to trigger Maven releases automatically. However, this process involves the use of a release key, which is sensitive and poses a security risk—especially in the context of an open source repository.

To better align with best practices and ensure the integrity of our releases, we should explore safer alternatives for managing releases. Potential areas to investigate include:

• Using GitHub Environments for setting gradle properties including the GPG key file

signing.keyId=...
signing.password=...
signing.secretKeyRingFile=/somewhere/secring.gpg

mavenCentralUsername=...
mavenCentralPassword=...

• Moving the release process to a more controlled environment (e.g., self-hosted runner or external CI)

• Requiring manual approval or pull request triggers before release steps

• Leveraging tools like GitHub Releases + manual Maven Central publishing

Reference:

https://central.sonatype.org/publish/requirements/gpg/
https://central.sonatype.org/publish/generate-portal-token/

Goal:

Make our Maven release process more secure without sacrificing too much convenience.

[hungyanbin]

如果要用workflow我之前是讓他一起build

要一步一步，然後最後才發version change的commit

1. get next version number
2. build ks with new version number
3. change toml for ks version number to new
4. build ks-compose with new version number
5. change toml for ks-compose version number to new
6. commit and push
7. create tag and have a release on github

然後因為要用對的dependency所以dependency要等maven central發佈完成才能跑ks-compose的build

[hungyanbin]

Note: use ./gradlew publishAllPublicationsToMavenCentral can publish all together in right order