security - automate the OSS portal steps

[baywet]

In the current releasing process, we manually go to the maven central portal to close and release the artifacts our CI uploaded. Not only this is time consuming, it's a security concern (since this platform doesn't support organizations, we're sharing credentials)

We should explore automating those steps, and once we have the recipe, replicate on other java repositories.

https://central.sonatype.org/publish/publish-gradle/#releasing-the-deployment-to-the-central-repository https://github.com/gradle-nexus/publish-plugin/

Note: this wouldn't be necessary if ESRP release was available for GHA.

• [ ] Remove approval steps on the maven central GitHub environment

[andrueastman]

@Ndiritu to confirm if this is possible to do in the next couple of weeks when he gets back.