feat: add pipeline to sync the checks from the dashboard db

.github/workflows/sync_checks.yml

@@ -0,0 +1,113 @@
+name: Sync and update Compliance Checks
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+  # schedule:
+  #   - cron: "0 0 * * *" # Runs daily at midnight UTC
+  # workflow_dispatch: # Allows manual triggering
+
+permissions:
+  # We will create a pull request, so we need write permissions
+  pull-requests: write
+  # We will be committing to the repository, so we need write permissions
+  contents: write
+
+
+jobs:
+  sync-and-update:
+    runs-on: ubuntu-latest
+
+    services:
+      postgres:
+        image: postgres:17.2
+        env:
+          POSTGRES_DB: dashboard
+          POSTGRES_USER: openjs
+          POSTGRES_PASSWORD: password
+        ports:
+          - 5432:5432
+        options: >-
+          --health-cmd="pg_isready -U openjs"
+          --health-interval=10s
+          --health-timeout=5s
+          --health-retries=5
+
+    steps:
+      # Checkout the current repository
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+
+      # Create or switch to the chore/update-content branch
+      - name: Create or Checkout Branch
+        run: |
+          git fetch origin chore/update-content || true
+          git checkout chore/update-content || git checkout -b chore/update-content
+
+      # Clone the public repository and set it up
+      - name: Clone OpenJS Foundation Dashboard
+        run: |
+          git clone https://github.com/secure-dashboards/openjs-foundation-dashboard.git temp-openjs-dashboard
+          cd temp-openjs-dashboard
+          npm install
+          npm run db:migrate
+          psql -U openjs -d dashboard -c "\copy (SELECT json_agg(t) FROM compliance_checks t) TO '../data/checks.json'"
+          cd ..
+          rm -rf temp-openjs-dashboard
+        env:
+          PGHOST: localhost
+          PGUSER: openjs
+          PGPASSWORD: password
+          PGDATABASE: dashboard
+
+      - name: Debug Git Changes (Before Commit Updated Checks)
+        run: |
+          git status
+          git diff
+
+      # Commit the updated checks.json
+      - name: Commit Updated Checks
+        run: |
+          git config user.name "GitHub Actions"
+          git config user.email "actions@github.com"
+          git add -A
+          git diff --cached --quiet || git commit -m "chore: sync with OpenJS Foundation Dashboard"
+
+      # Install dependencies for the current repository and generate site
+      - name: Install Dependencies and Generate Site
+        run: |
+          npm install
+          npm run populate-details
+          npm run populate-implementations
+
+      - name: Debug Git Changes (Before Commit Updated Checks)
+        run: |
+          git status
+          git diff
+
+      # Commit the generated site
+      - name: Commit and Push Changes
+        run: |
+          git config user.name "GitHub Actions"
+          git config user.email "actions@github.com"
+          git add -A
+          git diff --cached --quiet || git commit -m "chore: auto-update details and implementations"
+          git push origin chore/update-content
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Create Pull Request
+        run: |
+          PR_DATA=$(jq -n \
+            --arg title "Auto update content" \
+            --arg body "This PR updates the content." \
+            --arg head "chore/update-content" \
+            --arg base "main" \
+            --arg assignee "${{ github.actor }}" \
+            '{title: $title, body: $body, head: $head, base: $base, assignees: [$assignee]}')
+          curl -X POST -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
+            -H "Accept: application/vnd.github.v3+json" \
+            https://api.github.com/repos/${{ github.repository }}/pulls \
+            -d "$PR_DATA"