Restructure Release Drafter Flow

[Maffooch]

This PR updates the structure and flow of the release drafter process. Now that OAS schemas are appended to each release object, it might be a better approach to make the release drafting process less event driven. Here is what the PR proposes:

• Remove the trigger to run the release drafter on pushes to master
  • This is necessary as the docker images to generate the OAS schemas for a given release X are not public yet
  • One approach is to build the docker images before generating the release, but this slows down the release process overall
• Explicitly run the release drafter workflow as step 2 of the release (this creates the the release, builds/uploads the helm chart, and pushes the newest images to dockerhub) only after the docker images have been pushed
  • The OAS schema generator will pull down the specified version of the. docker images, start them, generate the schemas, and then upload them to a cache where the release drafter will upload them to the correct release object along with the notes
• The release object itself is manually published after verifying the contents have been generated/uploaded correctly, so if there are any failures here, we are able to debug what the issue is without losing too much of the process

@kiblik I encountered a few errors during the release this morning, and had a few thoughts to improve this process as I was going though it. I have not tested this PR in any capacity (it is a bit difficult to do that outside of releases) but please looks it over and let me know your thoughts. Here is the failed run from today

[dryrunsecurity]

Contextual Security Analysis

As DryRun Security performs checks, we’ll summarize them here. You can always dive into the detailed results in the section below for checks.

Status	DryRun Security Check
✅	AI-powered Sensitive Function Check
✅	Configured Sensitive Files Check
✅	AI-powered Sensitive Files Check

Chat with your AI-powered Security Buddy by typing @dryrunsecurity followed by your question into a comment.
Example: @dryrunsecurity What are common security issues with web application cookies?

Install and configure more repositories at DryRun Security

[kiblik]

One small note but I agree in general

[mtesauro]

Approved

[kiblik]

It failed again :( https://github.com/DefectDojo/django-DefectDojo/actions/runs/7614278448/job/20736452711
For some reason github.event.inputs.version has not been propagated.

[Maffooch]

Weird right? I am confused why the release-number propagates, but version does not even when explicitly set... Will play around with this as I wait for the tests to run on the PRs from master to bugfix/dev

[Maffooch]

Got very lucky finding this SO post. Seems to be the problem
https://stackoverflow.com/questions/71458189/github-action-workflow-call-does-not-use-up-to-date-input-values

[Maffooch]

Got it working :) I think next weeks release will go off without a hitch now

https://github.com/DefectDojo/django-DefectDojo/releases/tag/2.30.3

[kiblik]

Nice. Thank you :)

[kiblik]

@Maffooch, any idea, what does happened here?

• https://github.com/DefectDojo/django-DefectDojo/actions/runs/7791840759
• https://github.com/DefectDojo/django-DefectDojo/actions/runs/7791651026