CI/CD Pipeline - Initial

[josh-chamberlain]

Context

To that point, we probably want to protect npm publish with an access token or (even better) implement a workflow in GH actions to publish automatically on merges to main when certain conditions are met, and gate npm publish behind a token so it can't be used outside of GH. Otherwise, anybody with access to the repo can just publish a new version whenever.

_Originally posted by @joshuagraber in https://github.com/Police-Data-Accessibility-Project/design-system/pull/10#discussion_r1357277075_

Requirements

• [x] Add github actions to gate PRs by build, lint, and test scripts.
• [x] Add lint-staged library and configure to lint staged files on commit, using husky library to perform actions on commit hooks.
• [x] Add commitizen library and configure to enforce semantic commit messages.
• [x] Add semantic-release library and add github action to publish automatically on merges to main.
• [x] Ensure semantic-release is configured to automatically update package.json, README.md, and CHANGELOG.md

Docs

• make sure the CONTRIBUTING guide reflects this

Consider

• Should we just use GitHub Releases at this point?