GHA: Release orchestrator

[malmstein]

Task/Issue URL: https://app.asana.com/1/137249556945/project/488551667048375/task/1213084636851473

Description

This PR creates a workflow to orchestrate all release steps

---

Note

Medium Risk
Medium risk because it changes release automation wiring and input handling across multiple GitHub Actions workflows, which can block or mis-route production releases if any called workflow still expects github.event.inputs values.

Overview
Adds a new Release Orchestrator workflow that sequences the release steps by calling existing workflows (release_create_tag, release_create_task, Play Store upload, then internal upload) with shared inputs and inherited secrets.

Updates release_create_tag.yml, release_create_task.yml, and release_tests.yml to support workflow_call inputs (with explicit type) and to consistently use ${{ inputs.* }} instead of ${{ github.event.inputs.* }} so they work both when dispatched manually and when invoked as reusable workflows.

Removes the standalone release_report_error.yml workflow.

^{Written by Cursor Bugbot for commit a8b3109. This will update automatically on new commits. Configure here.}

[malmstein]

• GHA: Release orchestrator #7655 👈 (View in Graphite)
• develop

This stack of pull requests is managed by Graphite. Learn more about stacking.

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

[cursor]

Missing PLACEHOLDER validation allows invalid release tag creation

Medium Severity

The orchestrator workflow has a default value of PLACEHOLDER for app-version but lacks validation before passing it to child workflows. The create-release-tag job runs first and has no PLACEHOLDER check, meaning it could create a git tag named "PLACEHOLDER". The PLACEHOLDER validation only exists in release_create_task.yml, which runs after the tag is created. This allows accidental tag creation with invalid version strings.