[chore] Add GitHub Action to build, sign, release NuGet package

[nwithan8]

Description

Changes to how Digicert issues our authenticity certificate have accelerated our migration of the release process to a GitHub Action. This PR makes introductions and modifications necessary to build, sign and release our library via a GitHub Action.

• Digicert details have been added to this repo as GitHub Secrets, which are used in the new "Release" GitHub Action to generate a certificate fingerprint used to sign our code. Reference
• The new "Release" GitHub Action, which is triggered by a push to a tag starting with v, does the following:
  • Sets up the environment and installs required dependencies (NuGet, .NET frameworks, Digicert code signing utilities)
  • Uses GitHub Secrets to interface with Digicert to create a temporary certificate fingerprint
  • Runs the normal build_release_nuget script (previously called via make prep-release, now called directly), which:
    • Cleans old files
    • Builds a DLL for each corresponding .NET version
    • Strong-name signs each DLL using our strong-name certificate
    • Signs each DLL for authenticity using the Digicert certificate fingerprint
    • Packages the DLLs into a NuGet file
    • Signs the NuGet file for authenticity using the Digicert certificate fingerprint
  • Publishes the output NuGet file to nuget.org
  • Generates a release on GitHub, using RELEASE_NOTES.md as the body text.

NOTE: This PR checks in our entire strong-name certificate (EasyPostNETStrongNameSigning.snk), as this is needed for the signing process. Strong-name certificates are perfectly-safe to check into public repositories in their entirety (they are not traditional security-focused certificates). Previously, we only included the public key in this repository out of caution, but now that the whole certificate needs to be present to complete the release process, it's best to follow industry recommendations. This is easier than the alternative of encrypting/decrypting a copy of the certificate during Action time.

Not currently squashing in case reference to earlier work is needed. This PR has evolved many times in its lifespan.

TODO:

• Add nuget.org API key to GitHub Secrets to facilitate automated releasing
• Tweak trigger for "Release" (push to tag versus on release?)

Testing

Steps up to and including build_release_nuget were successful in testing, producing validated signed DLLs inside a validated signed NuGet package file.

Pull Request Type

Please select the option(s) that are relevant to this PR.

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Improvement (fixing a typo, updating readme, renaming a variable name, etc)

[nwithan8]

I will uncomment the final publish step in the GitHub Actions config once the rest of this process has been approved.

[Justintime50]

I have various questions (most of the code looks good) so I'm blocking till those are worked through.

I think I'd like to do a release candidate for this next major release to ensure this works as we expect, that way we buy ourselves a buffer in the off chance the release goes bad. If it works we can follow it up quickly with the real release.

[jchen293]

We will try this tomorrow for release to see if it works