Issue 1096:workflow to automatically bump PowerShell module dependencies

[skirkpatrickMSFT]

🗣 Description

Currently we are having to manually check for version updates for our PowerShell dependencies.
This issue is to create a GitHub action to automatically bump our PowerShell dependency versions.
Since there is no dependabot for PowerShell this workflow has to be custom made.

This change implements 2 workflows. One for updating the MaximumVersion of all the modules in the PowerShell/ScubaGear/RequiredVersions.ps1 file and another, which can be removed if unwanted, that updates a dependencies.psd1 file in the root directory. The one in the root directory allows to see if changes were made to versions without diving into the folder structure to view other files.

💭 Motivation and context

Closes 1096 https://github.com//issues/1096

🧪 Testing

My tests were successfull, yes anyone can test it. Forked main from CISA and updated files in the fork. Tested the workflows manually and then had them run automatically at midnight. Updates to the dependency files were made successfully in both cases. Ran ScubaGear after the changes were made, no issues seen. N/A

✅ Pre-approval checklist

• This PR has an informative and human-readable title.
• PR targets the correct parent branch (e.g., main or release-name) for merge.
• Changes are limited to a single goal - eschew scope creep!
• [x ] Changes are sized such that they do not touch excessive number of files.
• All future TODOs are captured in issues, which are referenced in code comments.
• These code changes follow the ScubaGear content style guide.
• Related issues these changes resolve are linked preferably via closing keywords.
• All relevant type-of-change labels added.
• All relevant project fields are set.
• All relevant repo and/or project documentation updated to reflect these changes.
• Unit tests added/updated to cover PowerShell and Rego changes.
• Functional tests added/updated to cover PowerShell and Rego changes.
• All relevant functional tests passed.
• All automated checks (e.g., linting, static analysis, unit/smoke tests) passed.

✅ Pre-merge checklist

• PR passed smoke test check.

• Feature branch has been rebased against changes from parent branch, as needed

  Use Rebase branch button below or use this reference to rebase from the command line.

• Resolved all merge conflicts on branch

• Notified merge coordinator that PR is ready for merge via comment mention

• Demonstrate changes to the team for questions and comments.
  (Note: Only required for issues of size Medium or larger)

✅ Post-merge checklist

• Feature branch deleted after merge to clean up repository.
• Verified that all checks pass on parent branch (e.g., main or release-name) after merge.

[buidav]

Does this just push to the current branch?
Recommendation would be to create a separate branch when the workflow is run.
Similar to the current OPA update workflow: https://github.com/cisagov/ScubaGear/blob/main/.github/workflows/run_update_opa.yaml

Example of a PR created by the workflow: buidav#63

One thing critical to this issue as well is we want to run a smoke test of ScubaGear with the new module version to see there are any errors.
Smoke test workflow:
https://github.com/cisagov/ScubaGear/blob/main/.github/workflows/run_smoke_test.yaml

[mitchelbaker-cisa]

#1684 is the latest.