Break out re-tagging functionality in the release workflow

[mcdonnnj]

💡 Summary

We should consider extracting the logic in

skeleton-action-composite/.github/workflows/release.yml

Lines 105 to 117 in c701675

	run: |
	major_tag=v${{ steps.extract-semver-parts.outputs.major }}
	major_minor_tag=${major_tag}.${{ steps.extract-semver-parts.outputs.minor }}
	# Delete old tags remotely, if they exist
	git ls-remote --exit-code --tags origin ${major_tag} \
	&& git push origin --delete ${major_tag}
	git ls-remote --exit-code --tags origin ${major_minor_tag} \
	&& git push origin --delete ${major_minor_tag}
	# Create new tags locally
	git tag ${major_tag}
	git tag ${major_minor_tag}
	# Push up new tags
	git push origin ${major_tag} ${major_minor_tag}

and moving it into a bash script stored in the repository (perhaps in a .github/scripts director?). The release workflow would then use that script. Alternatively we could turn that functionality into an action instead.

Motivation and context

This was suggested in a GitHub Copilot PR review here: cisagov/setup-env-github-action#85 (comment). It seems reasonable enough and would allow better maintainability of the functionality. The one downside is that it is a security threat change as something could modify the script before the workflow uses it when run.

Implementation notes

The workflow will need to be updated to use the bash script after the functionality is moved out of the workflow and into the script.

Acceptance criteria

• The re-tagging functionality is stored in a bash script that is used by the release workflow.