CI quality gates (Pester runner + PSScriptAnalyzer + artifacts + SARIF)

[blindzero]

Summary

This PR introduces repo-native quality gates for IdLE:

• A canonical Pester entry point (tools/Invoke-IdlePesterTests.ps1) with CI-friendly outputs (test results + coverage).
• A canonical PSScriptAnalyzer entry point (tools/Invoke-IdleScriptAnalyzer.ps1) using repo settings and producing machine-readable outputs (JSON + optional SARIF).
• CI is extended with a dedicated lint job and artifact uploads.
• Legacy tools/run-tests.ps1 was removed.

Motivation

We want consistent, deterministic, and portable quality feedback across local development and CI:

• CI should enforce baseline code quality and style using a repo-owned policy file.
• Results should be visible both as artifacts and (where applicable) as GitHub Code Scanning alerts.

Type of Change

• New feature
• Breaking change
• Documentation update

Changes

• New PSScriptAnalyzerSettings.psd1 (repo root): curated baseline rules + formatting settings.
• New tools/Invoke-IdlePesterTests.ps1: canonical test runner; -CI writes:
  • artifacts/test-results.xml (NUnitXml)
  • artifacts/coverage.xml
• New tools/Invoke-IdleScriptAnalyzer.ps1: canonical analyzer runner; -CI writes:
  • artifacts/pssa-results.json
  • artifacts/pssa-results.sarif
• CI .github/workflows/ci.yml:
  • Uses Invoke-IdlePesterTests.ps1 -CI
  • Adds lint job running Invoke-IdleScriptAnalyzer.ps1 -CI
  • Uploads Pester and PSScriptAnalyzer outputs as artifacts
  • Uploads SARIF to GitHub Code Scanning on push to main
• Docs updated to reflect new local commands and CI behavior:
  • CONTRIBUTING.md
  • STYLEGUIDE.md
  • docs/advanced/testing.md
  • docs/advanced/releases.md

Testing

Local:

pwsh -NoProfile -File ./tools/Invoke-IdlePesterTests.ps1
pwsh -NoProfile -File ./tools/Invoke-IdlePesterTests.ps1 -CI

pwsh -NoProfile -File ./tools/Invoke-IdleScriptAnalyzer.ps1
pwsh -NoProfile -File ./tools/Invoke-IdleScriptAnalyzer.ps1 -CI

CI:

• Verify the lint job runs and uploads artifacts/pssa-results.json + artifacts/pssa-results.sarif.
• Verify the test job uploads artifacts/test-results.xml + artifacts/coverage.xml.

Notes

• PSScriptAnalyzer and ConvertToSARIF are version-pinned in the runner for deterministic results.
• SARIF upload is limited to default-branch runs to avoid permission issues with PRs from forks.

Related Issues

Link related issues here (if any).

Closes #68

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 1d5c222182

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[Copilot]

Pull request overview

This PR introduces comprehensive CI quality gates for the IdLE repository, establishing canonical test and linting infrastructure with CI-friendly artifact outputs.

Changes:

• Adds PSScriptAnalyzer integration with repo-specific settings (PSScriptAnalyzerSettings.psd1) and SARIF output for GitHub Code Scanning
• Replaces legacy test runner with new Pester entry point supporting coverage reporting and deterministic artifact generation
• Extends CI pipeline with dedicated lint job and artifact uploads for both test results and static analysis findings

Reviewed changes

Copilot reviewed 11 out of 11 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
tools/run-tests.ps1	Removed legacy test runner in favor of more robust Invoke-IdlePesterTests.ps1
tools/Invoke-IdleScriptAnalyzer.ps1	New canonical PSScriptAnalyzer runner with CI mode, JSON/SARIF outputs, and version pinning
tools/Invoke-IdlePesterTests.ps1	New canonical Pester test runner with coverage support and artifact generation
tests/ProviderContracts/EntitlementProvider.Contract.ps1	Fixed array coercion for Where-Object results to ensure Count property is available
docs/advanced/testing.md	Updated with new test/analyzer commands and CI artifact documentation
docs/advanced/releases.md	Updated release checklist to include both Pester and PSScriptAnalyzer checks
STYLEGUIDE.md	Added Quality Gates section documenting PSScriptAnalyzer and Pester requirements
PSScriptAnalyzerSettings.psd1	New repo-wide analyzer configuration with curated rule set and 4-space indentation standard
CONTRIBUTING.md	Updated Definition of Done and added detailed local quality check instructions
.github/workflows/issue-auto-assign.yml	Removed (undocumented change, unrelated to quality gates)
.github/workflows/ci.yml	Added lint job with PSScriptAnalyzer, SARIF upload to Code Scanning, and updated artifact uploads

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

@blindzero I've opened a new pull request, #71, to work on those changes. Once the pull request is ready, I'll request review from you.

[Copilot]

Pull request overview

Copilot reviewed 11 out of 11 changed files in this pull request and generated 1 comment.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 11 out of 11 changed files in this pull request and generated no new comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.