Policies are not tagged & released

[kravciak]

Current problem

We are merging PRs, but not tagging & releasing policies

• https://github.com/kubewarden/pod-privileged-policy/tags - Jan 19
• https://github.com/kubewarden/capabilities-psp-policy/tags - Jan 17

We would like to automate the release of policies as much as possible, to ensure dependency bumps are regularly shipped to our users.

Admission criteria

• Configure renovatebot on all policies to automerge patch deps.
• Create an automation that runs inside of each policy repository on a monthly basis. The check should be run around the middle of the month, to ensure policies being referenced by our helm chart are going to be updated as part of the monthly release of the Kubewarden stack (which happens at the end of the month)
• If the was some activity (commits) into the repo, but no new release -> propose a patch release of the policy

The automation will create a PR that bumps the patch version of the policy. The automation should be smart enough to handle eventual changes to:

• Cargo.toml: for the rust-based policies
• metadata.yml: which includes the version of the policy
• artifact-hub.yml: which includes data coming from metadata.yml

A maintainer will then review and merge the PR.

Some automation will then git tag the new version of the policy, triggering the already existing release pipeline.