feat(bootstrap): bootstrap the project with structure and automation

.github/ISSUE_TEMPLATE/bug.md

@@ -0,0 +1,35 @@
+---
+name: Bug
+about: Something's Broken
+title: ""
+labels: bug
+assignees: ""
+---
+
+## Type of Issue:
+
+- [x] Bug: Something isn't working
+
+#### Issue Creator Checklist
+
+- [ ] This issue has been thoroughly documented below; a developer should be able to understand the issue by reading it.
+
+## What's broken?
+
+_List a description of the bad behavior or failure. Please be as detailed as possible. Attach screenshots if appropriate_
+
+## What's the impact of this bug?
+
+_What's the impact to the end user experience and/or application in general_
+
+## Steps to Reproduce?
+
+_If applicable, list steps to reproduce the issue_
+
+## Assorted Notes/Considerations
+
+_List any other information that you think is important_
+
+## AC:
+
+_List the acceptance criteria for this issue._

.github/ISSUE_TEMPLATE/enhancement.md

@@ -0,0 +1,31 @@
+---
+name: Enhancement
+about: New functionality or request
+title: ""
+labels: enhancement
+assignees: ""
+---
+
+## Type of Issue:
+
+- [x] Enhancement: New feature or request
+
+#### Issue Creator Checklist
+
+- [ ] This issue has been thoroughly documented below; a developer should be able to understand the issue by reading it.
+
+## Background
+
+_History or background behind this enhancement request._
+
+## Proposed Approach
+
+_If applicable... sometimes we don't have a proposed approach yet, and that's OK_
+
+## Value
+
+_In a sentence, or maybe two, what value does this enhancement represent?_
+
+## AC:
+
+_List the acceptance criteria for this issue._

.github/ISSUE_TEMPLATE/question.md

@@ -0,0 +1,25 @@
+---
+name: Question
+about: Request for more information
+title: ""
+labels: question
+assignees: ""
+---
+
+_If you'd prefer, use the repo's GitHub Discussions feature to ask questions._
+
+## Type of Issue:
+
+- [x] Question: Further information is requested (I have a question)
+
+#### Issue Creator Checklist
+
+- [ ] This issue has been thoroughly documented below; a developer should be able to understand the issue by reading it.
+
+## Question / Request for more Info
+
+_What's your question? Or, what would you like more information on? Don't be afraid to use plain english_
+
+## AC:
+
+- My question is answered.

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,34 @@
+## Purpose
+
+_Describe the problem or feature in addition to a link to the issues._
+
+#### Linked Issues to Close
+
+_Links to issue(s) that are closed by this PR, if applicable. Be sure to use the phrase "Closes #XXX" for each issue, so they automatically close_
+
+## Approach
+
+_How does this change address the issue?_
+
+## Learning
+
+_Describe the research stage_
+
+_Links to blog posts, patterns, libraries or addons used to solve this problem_
+
+## Assorted Notes/Considerations
+
+_List any other information that you think is important... a post-merge activity, someone to notify, etc._
+
+#### Pull Request Creator Checklist
+
+- [ ] Any associated issue(s) are linked above.
+- [ ] This PR and linked issues(s) are a complete description of the changeset.
+- [ ] Someone has been assigned this PR.
+- [ ] Someone has been marked as reviewer on this PR.
+
+#### Pull Request Assignee Checklist
+
+- [ ] Any associated issue(s) are linked above.
+- [ ] This PR meets all acceptance criteria for any linked issues.
+- [ ] This PR and linked issues(s) are a complete description of the changeset.

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,33 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+  schedule:
+    - cron: "00 4 * * 1"
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ["javascript"]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v1
+        with:
+          languages: ${{ matrix.language }}
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v1

.github/workflows/pre-commit.yml

@@ -0,0 +1,13 @@
+name: Pre-commit
+
+on: [pull_request]
+
+jobs:
+  prettier:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-python@v2
+      - uses: pre-commit/action@v2.0.2
+        with:
+          extra_args: --all-files

.github/workflows/release.yml

@@ -0,0 +1,20 @@
+name: Release
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  Release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: 16
+      - run: npm ci
+      - run: npx semantic-release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.SEMANTIC_RELEASE_BOT_NPM_TOKEN }}

.gitignore

@@ -1,2 +1 @@
-yarn.lock
-package-lock.json
+node_modules

.pre-commit-config.yaml

@@ -0,0 +1,15 @@
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.0.1
+    hooks:
+      - id: check-added-large-files
+        exclude: package-lock.json
+  - repo: https://github.com/pre-commit/mirrors-prettier
+    rev: v2.3.1
+    hooks:
+      - id: prettier
+  - repo: https://github.com/Yelp/detect-secrets
+    rev: v1.1.0
+    hooks:
+      - id: detect-secrets
+        args: ["--exclude-files", "services/uploads/src/test.json"]

.prettierignore

@@ -0,0 +1 @@
+CHANGELOG.md

README.md

@@ -1,7 +1,25 @@
-
-# Serverless IAM Helper Plugin
-
-This plugin intends to help apply IAM Path and PermissionsBoundary properties to hard to reach IAM roles, but conditionally applies to all.
+<h1 align="center" style="border-bottom: none;"> serverless-iam-helper</h1>
+<h3 align="center">Helps apply IAM Path and PermissionsBoundary properties, especially for hard to reach roles.</h3>
+<p align="center">
+  <a href="https://github.com/mdial89f/serverless-iam-helper/releases/latest">
+    <img alt="latest release" src="https://img.shields.io/github/release/mdial89f/serverless-iam-helper.svg">
+  </a>
+  <a href="https://www.npmjs.com/package/serverless-iam-helper">
+    <img alt="npm latest version" src="https://img.shields.io/npm/v/serverless-iam-helper/latest.svg">
+  </a>
+  <a href="https://codeclimate.com/github/mdial89f/serverless-iam-helper/maintainability">
+    <img alt="Maintainability" src="https://api.codeclimate.com/v1/badges/20f59ef91bd30565c424/maintainability">
+  </a>
+  <a href="https://github.com/semantic-release/semantic-release">
+    <img alt="semantic-release: angular" src="https://img.shields.io/badge/semantic--release-angular-e10079?logo=semantic-release">
+  </a>
+  <a href="https://dependabot.com/">
+    <img alt="Dependabot" src="https://badgen.net/badge/Dependabot/enabled/green?icon=dependabot">
+  </a>
+  <a href="https://github.com/prettier/prettier">
+    <img alt="code style: prettier" src="https://img.shields.io/badge/code_style-prettier-ff69b4.svg?style=flat-square">
+  </a>
+</p>
 
 ## Usage
 
@@ -13,15 +31,18 @@ plugins:
 
 ...
 
+# Note:  This is standard aws provider configuration; this plugin makes use of it.
 provider:
   iam:
     role:
       path: /my/custom/path
-        permissionsBoundary: arn:aws:iam::000000000000:policy/my/custom-boundary-policy
+      permissionsBoundary: arn:aws:iam::000000000000:policy/my/custom-boundary-policy
 ```
 
 ## Background
 
+This plugin intends to help apply IAM Path and PermissionsBoundary properties to hard to reach IAM roles, but conditionally applies to all.
+
 While the Serverless Framework supports [path/permboundary specification at the provider level](https://www.serverless.com/framework/docs/providers/aws/guide/iam/), that capability seems to only affect roles generated for user defined functions. Some serverless deployments generate roles outside of user defined functions, sometimes in user defined cloudformation and sometimes behind the scenes of certain plugins/functionality, so this plugin helps reach those.  
 Scenarios where this should help:
 
@@ -38,10 +59,16 @@ Notes on logic:
 - If provider.iam.role.permissionsBoundary is specified, the plugin makes sure the role's Properties.PermissionsBoundary is set to provider.iam.role.permissionsBoundary.
 - Paths/PermissionsBoundarys already set on resources will be overwritten. So if a user specifies a provider.iam.role.path to /my/path/one, and then in the same serverless.yml creates a role in cloudformation and attempts to manually set that role's path to /my/path/two... the provider config will win. Originally, this plugin had not overwritten, to allow for users to specify different paths/permboundarys in the same serverless.yml. However, some other plugins and workflows generate cloudformation resources with path set to the default, so there's no good way to differentiate between an incorrectly set path and a user's correctly set path (different than provider config). This is seen as an edge case, however. If a user wants to leverage the provider level iam path/permBoundary settings, the assumption is that all roles created in that service will use the provider config. This plugin stands on that assumption, and is deemed fair.
 
-
 ## License
 
-CC0 1.0 Universal
+[![License](https://img.shields.io/badge/License-CC0--1.0--Universal-blue.svg)](https://creativecommons.org/publicdomain/zero/1.0/legalcode)
+
+See [LICENSE](LICENSE.md) for full details.
+
+## Contributors
+
+| [![Mike Dial][dial_avatar]][dial_homepage]<br/>[Mike Dial][dial_homepage] |
+| ------------------------------------------------------------------------- |
 
-This project stems from [CMSgov/serverless-iam-helper](https://github.com/cmsgov/serverless-iam-helper).  
-This project is maintained and developed independently from [CMSgov/serverless-idempotency-helper](https://github.com/cmsgov/serverless-iam-helper), and is published with a CC0 1.0 Universal license.
+[dial_homepage]: https://github.com/mdial89f
+[dial_avatar]: https://avatars.githubusercontent.com/mdial89f?size=150