Update Secure `analyzers/common` release process to include submodule tag creation
Problem to solve
Our current https://gitlab.com/gitlab-org/security-products/analyzers/common release process does not follow proper golang guidelines on versioning of submodules. See more discussion in gitlab-org/security-products/sast!156 (comment 220013771).
We eventually want to git rid of these sub modules but for for the time being we should release proper versions of the current modules and document this release process of git tag
ing submodules.
Intended users
Further details
Proposal
Update common
release process and cut tags for current module versions
Permissions and Security
No change to permissions
Documentation
Update documentation on how to properly release new versions of common
modules
Testing
go get -u gitlab.com/gitlab-org/security-products/analyzers/common/orchestrator/v2
should pull latest tag, not latest SHA of parent repo
What does success look like, and how can we measure that?
go get -u gitlab.com/gitlab-org/security-products/analyzers/common/orchestrator/v2
should pull latest tag, not latest SHA of parent repo