SPDE-130: Re-CD this repo

goodbye travis, hello ghactions

.github/CONTRIBUTING.md

@@ -12,8 +12,24 @@ Welcome! HelloSign Embedded is an open source project which allows HelloSign API
 ## Pull Requests
 
 1. Fork the HelloSign Embedded repository.
-2. Create a new branch for each feature, fix or improvement.
-3. Send a pull request from each feature branch to the **`develop`** branch.
+2. Create a new branch for your changes ~each feature, fix or improvement.~
+   * Unless we introduce a release branch concept, this won't work well
+3. Increment the version number in packages.json
+4. Make your changes
+5. Open a pull request, triggering a github action that does the following:
+   1. verify the version
+   2. build beta package
+   3. test beta package
+   4. generate a github tagged draft release
+   5. publish beta package to npm & our s3 staging CDN
+6. Once the pull request is merged to master, github actions:
+   1. verifies the live version
+   2. build package
+   3. test package
+   4. generate release with release notes
+   5. generate github release tag
+   6. publish to npm
+   7. publish to our S3 CDN
 
 ## License
 

.github/actions-scripts/validate-release-version.js

@@ -0,0 +1,43 @@
+#!/usr/bin/env node
+
+const { context, getOctokit } = require('@actions/github');
+const { setOutput } = require('@actions/core');
+
+const semver = require('semver');
+
+console.assert(process.env.GITHUB_TOKEN, "GITHUB_TOKEN not present");
+
+const octokit = getOctokit(process.env.GITHUB_TOKEN);
+const workspace = process.env.GITHUB_WORKSPACE;
+
+main();
+
+async function validateReleaseVersion() {
+    const {
+        repo: { owner, repo },
+        payload: { number },
+    } = context;
+    console.assert(number, "number not present");
+
+    const { version } = require(`${workspace}/package.json`);
+    console.log("Submitted Version: ", version)
+
+    const { data: latest } = await octokit.request(`GET /repos/${owner}/${repo}/releases/latest`, {
+        headers: {
+            'X-GitHub-Api-Version': '2022-11-28'
+        }
+    })
+    console.log("Latest Version: ", latest.name)
+
+    // Version set in package.json must be greater than latest
+    if (! semver.gt(version, latest.name)) {
+        console.log("version property in package.json must be greater than: ", latest.name)
+        process.exit(1);
+    }
+    return version;
+}
+
+async function main() {
+    const version = await validateReleaseVersion();
+    setOutput("version", version);
+}

.github/workflows/publish-beta-package.yml

@@ -0,0 +1,72 @@
+name: New Pull request; publish as beta package
+
+on:
+  pull_request:
+    branches: [ "master" ]
+
+env:
+  NPM_REGISTRY_URL: "https://registry.npmjs.com"
+  BETA_SUFFIX: 'testbeta'
+  CDN_AWS_PUBLISH_ROLE: arn:aws:iam::654344198836:role/github-actions-oidc-role-nonprod-sign-embedded
+  CDN_BUCKET: cdn.staging-hellosign.com
+  CDN_PATH: public/js/embedded
+  AWS_REGION: us-east-1
+jobs:
+  build:
+    permissions:
+      id-token: write # This is required for requesting the JWT
+      contents: write # This is required for publishing releases
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node-version: [16.x] # we should pull this from a common place
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Use Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+          registry-url: ${{ env.NPM_REGISTRY_URL }}
+
+      - name: Build
+        run: |
+          npm install
+          npm run build
+
+      - name: Test
+        run: |
+          npm test
+
+      - name: Validate Semver
+        id: version
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: .github/actions-scripts/validate-release-version.js
+
+      - name: Announce version
+        run: |
+          echo "v${{ steps.version.outputs.version }} is the proposed new version."
+
+      - name: Pack
+        run: |
+          npm pack --pack-destination="./umd"
+
+      - name: Publish (dry-run)
+        run: |
+          npm publish --dry-run --access=public
+
+      - name: Configure AWS credentials for Non-Prod
+        id: awskeys
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ env.CDN_AWS_PUBLISH_ROLE }}
+          aws-region: ${{ env.AWS_REGION }}
+
+      - name: Copy dev build to nonprod cdn
+        run: aws s3 cp umd/embedded.development.js s3://${{ env.CDN_BUCKET }}/${{ env.CDN_PATH }}/v${{ steps.version.outputs.value }}-${{ env.BETA_SUFFIX }}/
+
+      - name: Copy minified build to nonprod cdn
+        run: aws s3 cp umd/embedded.production.min.js s3://${{ env.CDN_BUCKET }}/${{ env.CDN_PATH }}/v${{ steps.version.outputs.value }}-${{ env.BETA_SUFFIX }}/
+

README.md

@@ -83,4 +83,5 @@ If you have any questions or issues with HelloSign Embedded or our API, please c
 [external_demo]: https://app.hellosign.com/api/embeddedTest
 [external_hellosign]: https://hellosign.com
 [external_npm]: https://npmjs.org/package/hellosign-embedded
-[external_travis]: https://travis-ci.org/hellosign/hellosign-embedded?branch=master
+
+

package.json

@@ -1,6 +1,6 @@
 {
   "name": "hellosign-embedded",
-  "version": "2.11.1",
+  "version": "2.11.2",
   "description": "Embed HelloSign signature requests and templates from within your web application.",
   "main": "index.js",
   "license": "MIT",
@@ -37,6 +37,8 @@
     "tiny-emitter": "^2.1.0"
   },
   "devDependencies": {
+    "@actions/github": "^6.0.0",
+    "@actions/core": "^1.10.1",
     "@babel/core": "^7.2.2",
     "@babel/plugin-proposal-class-properties": "^7.3.0",
     "@babel/plugin-proposal-object-rest-spread": "^7.3.2",
@@ -60,7 +62,8 @@
     "url-polyfill": "^1.1.8",
     "url-search-params-polyfill": "^5.0.0",
     "webpack": "^4.29.4",
-    "webpack-cli": "^3.2.3"
+    "webpack-cli": "^3.2.3",
+    "semver": "^7.5.4"
   },
   "files": [
     "umd",