chore(cicd): switched to python semantic release github action (#67)

The current workflow uses a release branch strategy (`release/*`) that
required manual merging of release commits back to main. The problem was
that those release tags were only on the release branch and needed to
merge back to main.

I tested this out in a fork and it's working
[here](https://github.com/lempira/algokit-subscriber-py). It has
everything except publishing to PyPi.

### Solution
- **Replaced release branch triggers** with `workflow_dispatch` for
manual production releases
- **Added conditional release logic** using `python-semantic-release`
GitHub Action:
  - Push to main → automatic beta releases
  - Manual dispatch with `production_release=true` → production releases
  - Manual dispatch with `production_release=false` → beta releases
- **Simplified semantic-release config** to work directly on main branch
with conditional prerelease behavior
- **Added docs publishing control** - only publishes for production
releases

### Key Changes
- Removed `release/*` branch handling entirely
- Added `workflow_dispatch` input for production release control
- Switched to `python-semantic-release` GitHub Action for better
integration
- Updated semantic release config to use main branch with
`prerelease=false` default
- Added dynamic run names for better workflow visibility

Author: lempira

.github/workflows/cd.yaml

@@ -1,10 +1,20 @@
 name: Continuous Delivery of Python package
 
+run-name: ${{ inputs.production_release && 'Production Release' || 'Beta Release' }}
+
 on:
   push:
     branches:
       - main
-      - release/*
+    paths-ignore:
+      - "docs/**"
+  workflow_dispatch:
+    inputs:
+      production_release:
+        description: "Production release?"
+        type: boolean
+        required: true
+        default: true
 
 concurrency: release
 
@@ -17,7 +27,7 @@ jobs:
     name: Semantic Release
     runs-on: ubuntu-latest
     permissions:
-      # IMPORTANT: this permission is mandatory for trusted publishing
+      # IMPORTANT: mandatory for trusted publishing and GitHub releases
       id-token: write
       contents: write
       packages: read
@@ -37,58 +47,45 @@ jobs:
       - name: Setup Python and algokit
         uses: ./.github/actions/setup-algokit-python
 
-      - name: Check if version is already released
-        id: check_version
-        run: |
-          rc=0
-          poetry run semantic-release --strict --noop version || rc=$?
-          echo "return_code=$rc" >> $GITHUB_OUTPUT
-          if [ $rc -ne 2 ]; then
-             exit $rc
-          fi
-
-      - name: pre-commit and pytest
-        if: steps.check_version.outputs.return_code == '0'
+      - name: Run tests and quality checks (dummy for testing)
         run: |
           set -o pipefail
           poetry run pre-commit run --all-files && git diff --exit-code
           poetry run pytest
 
-      - name: Set Git user as GitHub actions
-        if: steps.check_version.outputs.return_code == '0'
-        run: git config --global user.email "actions@github.com" && git config --global user.name "github-actions"
-
-      - name: Update release
-        if: steps.check_version.outputs.return_code == '0'
-        run: poetry run semantic-release --strict version
-        env:
-          GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
-
-      - name: Create Wheel
-        if: steps.check_version.outputs.return_code == '0'
-        run: poetry build --format wheel
+      - name: Get branch name
+        shell: bash
+        run: echo "branch=${GITHUB_REF#refs/heads/}" >> $GITHUB_OUTPUT
+        id: get_branch
 
-      - uses: actions/upload-artifact@v4 # upload artifacts so they are retained on the job
-        if: steps.check_version.outputs.return_code == '0'
+      - name: Python Semantic Release - Beta (non-prod)
+        id: release-beta
+        if: steps.get_branch.outputs.branch == 'main' && !inputs.production_release
+        uses: python-semantic-release/python-semantic-release@v10.3.1
         with:
-          path: dist
+          github_token: ${{ steps.app-token.outputs.token }}
+          prerelease: true
 
-      - name: Publish to GitHub
-        if: steps.check_version.outputs.return_code == '0'
-        run: poetry run semantic-release publish
-        env:
-          GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
+      - name: Python Semantic Release - Production
+        id: release-prod
+        if: steps.get_branch.outputs.branch == 'main' && inputs.production_release
+        uses: python-semantic-release/python-semantic-release@v10.3.1
+        with:
+          github_token: ${{ steps.app-token.outputs.token }}
 
       - name: Publish to PyPI
-        if: steps.check_version.outputs.return_code == '0'
         uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          verbose: true
+
 
   publish-docs:
     name: Publish Docs
-    # Don't publish canary docs
-    if: github.ref != 'refs/heads/main'
+    needs: release
+    # Don't publish docs for beta releases from main
+    if: inputs.production_release
     uses: ./.github/workflows/gh-pages.yaml
     permissions:
       contents: read
       pages: write
-      id-token: write
+      id-token: write