Updated automation for schema bump (#1037)

.github/dependabot.yml

@@ -7,22 +7,22 @@
 
 version: 2
 updates:
-# Maintain dependencies for GitHub Actions
-- package-ecosystem: 'github-actions'
-  directory: '/'
-  schedule:
-    interval: 'daily'
-  labels:
-  - 'ci-quality'
-  reviewers:
-  - 'microsoft/psrule'
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: 'github-actions'
+    directory: '/'
+    schedule:
+      interval: 'daily'
+    labels:
+      - 'ci-quality'
+    reviewers:
+      - 'microsoft/psrule'
 
-# Maintain dependencies for npm
-- package-ecosystem: 'npm'
-  directory: '/'
-  schedule:
-    interval: 'daily'
-  labels:
-  - 'dependencies'
-  reviewers:
-  - 'microsoft/psrule'
+  # Maintain dependencies for npm
+  - package-ecosystem: 'npm'
+    directory: '/'
+    schedule:
+      interval: 'daily'
+    labels:
+      - 'dependencies'
+    reviewers:
+      - 'microsoft/psrule'

.github/workflows/analyze.yaml

@@ -12,12 +12,14 @@
 name: Analyze
 on:
   push:
-    branches: [ main, 'release/*', 'create-pull-request/*', 'dependencies/*' ]
+    branches: [main, 'release/*', 'dependencies/*']
   pull_request:
-    branches: [ main, 'release/*' ]
+    branches: [main, 'release/*']
   schedule:
-  - cron: '54 20 * * 0' # At 08:54 PM, on Sunday each week
-  workflow_dispatch:
+    - cron: '54 20 * * 0' # At 08:54 PM, on Sunday each week
+  workflow_dispatch: {}
+
+permissions: {}
 
 jobs:
   oss:
@@ -26,15 +28,14 @@ jobs:
     permissions:
       contents: read
     steps:
+      - name: Checkout
+        uses: actions/checkout@v3
 
-    - name: Checkout
-      uses: actions/checkout@v3
-
-    - name: Run PSRule analysis
-      uses: microsoft/ps-rule@v2.7.0
-      with:
-        modules: PSRule.Rules.MSFT.OSS
-        prerelease: true
+      - name: Run PSRule analysis
+        uses: microsoft/ps-rule@v2.7.0
+        with:
+          modules: PSRule.Rules.MSFT.OSS
+          prerelease: true
 
   devskim:
     name: Analyze with DevSkim
@@ -44,7 +45,6 @@ jobs:
       contents: read
       security-events: write
     steps:
-
       - name: Checkout
         uses: actions/checkout@v3
 
@@ -66,17 +66,16 @@ jobs:
       contents: read
       security-events: write
     steps:
+      - name: Checkout
+        uses: actions/checkout@v3
 
-    - name: Checkout
-      uses: actions/checkout@v3
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: 'javascript'
 
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
-      with:
-        languages: 'javascript'
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
 
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

.github/workflows/schema.yaml

@@ -1,22 +1,34 @@
-name: SyncPSRuleSchema
+#
+# Sync PSRule schemas
+#
 
+# NOTES:
+# Autoamtically bump PSRule schemas.
+
+name: Schemas
 on:
   schedule:
     - cron: '0 0 * * 1' # At 12:00 AM, only on Monday
-  workflow_dispatch:
-    
+  workflow_dispatch: {}
+
+permissions: {}
+
+env:
+  WORKING_BRANCH: dependencies/schema-bump
+
 jobs:
   sync:
+    name: Bump schemas
     runs-on: ubuntu-latest
     if: github.repository == 'microsoft/PSRule-vscode'
     permissions:
       contents: write
       pull-requests: write
-
     steps:
-
       - name: Checkout
         uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
 
       - name: Checkout PSRule
         uses: actions/checkout@v3
@@ -29,20 +41,14 @@ jobs:
           git config user.name github-actions
           git config user.email '41898282+github-actions[bot]@users.noreply.github.com'
 
+      - name: Get working branch
+        run: |
+          git checkout -B ${{ env.WORKING_BRANCH }} --force
+
       - name: Copy Schemas
         run: |
-          $sourceSchemaDirectory = [System.IO.Path]::Combine($env:GITHUB_WORKSPACE, 'PSRule', 'schemas')
-          $sourceSchemaFiles = Get-ChildItem -Path $sourceSchemaDirectory -File -Filter *.schema.json
-          $sourceSchemaFiles | ForEach-Object { Copy-Item -Path $_.FullName -Destination schemas }
+          Import-Module ./scripts/schemas.psm1;
+          Update-Schemas -Path ./PSRule/schemas/;
         shell: pwsh
-
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v4
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          commit-message: Sync PSRule Schema
-          title: Sync PSRule Schema
-          body: 'Updates to JSON schema files'
-          delete-branch: true
-          add-paths: |
-            schemas/*.schema.json
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -4,3 +4,4 @@ reports/
 node_modules/
 .vscode-test/
 *.vsix
+PSRule/

.vscode/settings.json

@@ -1,48 +1,47 @@
 {
-    "files.exclude": {
-        "node_modules/": true
-    },
-    "search.exclude": {
-        "out/": true,
-        "node_modules/": true
-    },
-    "files.associations": {
-        "**/.azure-pipelines/*.yaml": "azure-pipelines",
-        "**/.azure-pipelines/jobs/*.yaml": "azure-pipelines"
-    },
-    "json.schemas": [
-        {
-            "url": ".vscode/walkthrough.schema.json",
-            "fileMatch": [
-                "**/media/walkthroughs/**/snippets.json"
-            ]
-        }
-    ],
-    "editor.insertSpaces": true,
-    "files.insertFinalNewline": true,
+  "files.exclude": {
+    "node_modules/": true
+  },
+  "search.exclude": {
+    "out/": true,
+    "node_modules/": true
+  },
+  "files.associations": {
+    "**/.azure-pipelines/*.yaml": "azure-pipelines",
+    "**/.azure-pipelines/jobs/*.yaml": "azure-pipelines"
+  },
+  "json.schemas": [
+    {
+      "url": ".vscode/walkthrough.schema.json",
+      "fileMatch": [
+        "**/media/walkthroughs/**/snippets.json"
+      ]
+    }
+  ],
+  "yaml.format.singleQuote": true,
+  "files.insertFinalNewline": true,
+  "editor.insertSpaces": true,
+  "editor.formatOnSave": true,
+  "editor.tabSize": 2,
+  "editor.detectIndentation": false,
+  "[json]": {
+    "editor.defaultFormatter": "vscode.json-language-features"
+  },
+  "[typescript]": {
+    //"editor.defaultFormatter": "esbenp.prettier-vscode",
+    "editor.tabSize": 4
+  },
+  "[powershell]": {
     "editor.tabSize": 4,
-    "[yaml]": {
-        "editor.tabSize": 2
-    },
-    "[markdown]": {
-        "editor.tabSize": 2
-    },
-    "[json]": {
-        "editor.formatOnSave": true,
-        "editor.defaultFormatter": "vscode.json-language-features"
-    },
-    "[jsonc]": {
-        "editor.formatOnSave": true,
-        "editor.defaultFormatter": "esbenp.prettier-vscode"
-    },
-    "[typescript]": {
-        "editor.formatOnSave": true,
-        "editor.defaultFormatter": "esbenp.prettier-vscode"
-    },
-    // Turn off tsc task auto detection since we have the necessary tasks as npm scripts
-    "typescript.tsc.autoDetect": "off",
-    "cSpell.words": ["Pseudoterminal", "pwsh"],
-    "git.branchProtection": [
-        "main"
-    ]
+    "editor.formatOnSave": false
+  },
+  // Turn off tsc task auto detection since we have the necessary tasks as npm scripts
+  "typescript.tsc.autoDetect": "off",
+  "cSpell.words": [
+    "Pseudoterminal",
+    "pwsh"
+  ],
+  "git.branchProtection": [
+    "main"
+  ]
 }

.vscodeignore

@@ -5,6 +5,7 @@ docs/
 out/package/
 out/dist/test/
 src/
+scripts/
 node_modules/
 reports/
 .ps-rule/
@@ -20,3 +21,4 @@ ps-project.yaml
 SECURITY.md
 SUPPORT.md
 .markdownlint.json
+out/updates.txt

scripts/schemas.psm1

@@ -0,0 +1,52 @@
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+
+# Note:
+# Handles dependencies updates.
+
+function Update-Schemas {
+    [CmdletBinding()]
+    param (
+        [Parameter(Mandatory = $False)]
+        [String]$Path = (Join-Path -Path $PWD -ChildPath 'PSRule/schemas/'),
+
+        [Parameter(Mandatory = $False)]
+        [String]$Target = (Join-Path -Path $PWD -ChildPath 'schemas/')
+    )
+    process {
+        $files = Get-ChildItem -Path $Path -File -Filter '*.schema.json';
+        $files | ForEach-Object {
+            Copy-Item -Path $_.FullName -Destination $Target -Force;
+        }
+
+        if (!(Test-Path -Path 'out/')) {
+            $Null = New-Item -Path 'out/' -ItemType Directory -Force;
+        }
+
+        $updates = @(git status --porcelain);
+        if ($Null -ne $Env:WORKING_BRANCH -and $Null -ne $updates -and $updates.Length -gt 0) {
+            git add schemas/*;
+            git commit -m "Update schemas/";
+            git push --force -u origin $Env:WORKING_BRANCH;
+
+            $updates | ForEach-Object {
+                if ($_ -like '* schemas/*') {
+                    "Bump $($_.Substring(3))";
+                }
+            } | Set-Content -Path 'out/updates.txt' -Force;
+
+            $existingBranch = @(gh pr list --head $Env:WORKING_BRANCH --state open --json number | ConvertFrom-Json);
+            if ($Null -eq $existingBranch -or $existingBranch.Length -eq 0) {
+                gh pr create -B 'main' -H $Env:WORKING_BRANCH -l 'dependencies' -t 'Bump PSRule schemas' -F 'out/updates.txt';
+            }
+            else {
+                $pr = $existingBranch[0].number
+                gh pr edit $pr -F 'out/updates.txt';
+            }
+        }
+    }
+}
+
+Export-ModuleMember -Function @(
+    'Update-Schemas'
+)