Add deployment process and guidelines

[sohkai]

We should document what steps were taken, who took them, and any comments or concerns raised (e.g. from external security partners) before and during a deployment. This is especially important for smart contract deployments, but could be adapted in a lightweight fashion to also cover frontend changes to aragonPM packages.

An initial list (to be expanded as time goes):

• Repos / contracts to be deployed
  • Functionality delta from previous release (or completely new functionality if no previous deployment)
    • If previous deployment exists, is there an upgrade path and has it been tested?
  • Contract configuration (if parametrizable)
  • State of repo
    • Commit hash
    • Spec status
    • Test status
    • Security review status
• Deployer
  • Permissions required / used

Sign-offs could be done in the form of approvals to an issue made to document the process for the release (e.g. on this repo).