Adding external runner for doing a one-time full-sync

[pydolan]

Summary:

This is a potential way of addressing #378 and #379.

As noted on #378, I'm using this along with the following for triggering safe-settings via GHA:

name: Safe Settings Sync
on:
  schedule:
    # daily run:
    - cron:  '0 0 * * *'
  workflow_dispatch: {}

jobs:
  safeSettingsSync:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          repository: pydolan/safe-settings
          ref: gha-runner
      - uses: actions/setup-node@v4
      - run: npm install
      - run: npm run full-sync
        env:
          GH_ORG: my-org
          APP_ID: my-app-id
          PRIVATE_KEY: ${{ secrets.SAFE_SETTINGS_PRIVATE_KEY }}
          GITHUB_CLIENT_ID: ${{ secrets.SAFE_SETTINGS_GITHUB_CLIENT_ID }}
          GITHUB_CLIENT_SECRET: ${{ secrets.SAFE_SETTINGS_GITHUB_CLIENT_SECRET }}

Additional comments:

• My Commit history is a mess, so if you weren't going to do a Squash Merge of this PR, I will clean this up.
• If there's a more javascript-y way of calling syncInstallation using index.js/package.json, I'm happy to change this.
• Regarding Probot's GHA Adapter -- I initially used this in my separate script (similar to what handler.js does with the Serverless adapter), but this adapter uses the Action's GITHUB_TOKEN, which is limited to the current repo, so it offers no benefit that I can see.
• Regarding my use of actions/checkout -- I would prefer to run safe-settings as an action using the Dockerfile, but GHA targets a different WORKDIR when doing so. There's an https://github.com/actions/runner/issues/878 about allowing workdir overrides with GHA.
• [As noted in comments] I realized that my initial version of full-sync did not return a non-zero exit code when errors occurred, so I updated it to check settings.errors. I didn't see a way to check the errors from my syncInstallation call, so I modified Settings.syncAll to return its settings object. If someone has a cleaner option for this error checking, please let me know.

[pydolan]

I realized that my initial version of full-sync did not return a non-zero exit code when errors occurred, so I updated it to check settings.errors. I didn't see a way to check the errors from my syncInstallation call, so I modified Settings.syncAll to return its settings object.

If someone has a cleaner option for this error checking, please let me know

[decyjphr]

We could look into using checks to communicate errors back to the Actions workflow.

[pydolan]

Yea, tying into Checks would make things cleaner. I'm not familiar with the feature or code in detail, so if anyone has tips/suggestions, let me know.

The other question I had was if the probot gha adapter would help with error collecting, but it doesn't look like the Settings class is sending probot error info, so maybe it wouldn't help