Update MRs of Secure analyzers to show they've been released, deployed

Problem to solve

When looking at the MR in one the Secure analyzer project, and one the MR has been merged, it's difficult to know if it's been released and deployed.

@fcatteau: I currently keep track of that by posting comments in the MR:

See gitlab-org/security-products/analyzers/gemnasium-maven!58 (comment 377083100)

Intended users

To be used by developers of the devopssecure analyzers.

User experience goal

As the author or reviewer of a MR in a Secure analyzer project, I get a comment in the MR telling the code has been released, and then deployed.

Proposal

Update the CI configuration shared by the Secure analyzer projects:

• make the tag version job post a comment when it completes, to say the MR has been released
• make the tag major job post a comment when it completes, to say the MR has been deployed

TBD: How does the pipeline for the git tag finds the ID of the MR to be updated?

Warning! This needs to be revisited if we start pining the minor version of the Secure analyzers, as suggested in #9725 (closed).

Another approach would be to trigger the release from the MR itself, in which case its easy to reference the MR and post comments to it. See #215546 (closed)

Further details

Permissions and Security

N/A

Documentation

N/A

Availability & Testing

N/A

Is this a cross-stage feature?

Yes, applies to all devopssecure analyzers using the shared CI template.

Links / references

/cc @adamcohen @gonzoyumo