PR Summary

Fix #5695

Enable ScriptBlockLogging on Linux/macOS by moving the GroupPolicy configurations to the configuration file PowerShellProperties.json. Including the following tasks:

1. Enable the logging via MshLog.cs on Unix platforms. (the 1st commit)
2. Refactor PropertyAccessor.cs. (the 2nd commit)
   • Remove the unneeded base type
   • Rename 'ConfigPropertyAccessor' to PowerShellConfig
   • Move PowerShellConfig to the namespace System.Management.Automation.Configuration
3. Rename the enum PropertyScope to ConfigScope. (the 3rd commit)
4. Rename file PropertyAccessor.cs to PSConfiguration.cs. (the 4th commit)
5. Refactor GroupPolicy setting related code to use the configuration file. (the 5th commit)
   • Followings are the policy settings that are moved to the configuration file.
     • ScriptExecution settings (used in SecuritySupport.cs)
     • ScriptBlockLogging settings (used in CompiledScriptBlock.cs)
     • ModuleLogging settings (used in ModuleCmdletBase.cs)
     • ProtectedEventLogging settings (used in CompiledScriptBlock.cs)
     • Transcription settings (used in MshHostUserInterface.cs)
     • UpdatableHelp setting (used in UpdatableHelpSystem.cs)
     • ConsoleSessionConfiguration settings (used in CommandLineParameterParser.cs)
   • In PSConfiguration.cs, updated ReadValueFromFile<T> to make it flexible to allow a custom JsonObject parsing implementation delegate passed in.
   • In PSConfiguration.cs, added GetPowerShellPolicies(ConfigScope scope) and make DefaultSourcePath setting part of the new policy settings because it is part of the group policy on windows powershell.
   • In Utils.cs, replace the method GetGroupPolicySetting with T GetPolicySetting<T>(ConfigScope[] preferenceOrder) where T : PolicyBase. The old method was for reading from Registry, while the new one is for reading from configuration file.
   • Changes in other files are the corresponding changes due to GetGroupPolicySetting being replaced.
6. Add xUnit tests to test reading policy settings from the configuration files in different scenarios. (the 6th commit)
   • The xUnit tests are running in parallel by default. Tests for reading policy settings manipulate the configuration file and thus are in conflict with other xUnit tests. So the existing xUnit tests are moved to the namespace PSTests.Parallel and the new tests are moved to PSTests.Sequential and the corresponding build scripts are updated to run sequential xUnit tests first and then run other xUnit tests in parallel.
7. A minor change to fix an issue in xUnit test and another minor change to SysLogProvider to make ScriptBlock logging not ignored on Unix platforms. (the 7th commit)
8. Re-enable GPO support on Windows. On Windows, we first query GPO from registry, if the required policy is not defined, then we query policies from the configuration file. (the 9th commit)
9. Rename PowerShellProperties.json to powershell.config.json. (the 10th commit)

An example of the configuration file powershell.config.json

{
  "Microsoft.PowerShell:ExecutionPolicy": "RemoteSigned",
  "PowerShellPolicies": {
    "ScriptExecution": {
      "ExecutionPolicy": "RemoteSigned",
      "EnableScripts": true
    },
    "ScriptBlockLogging": {
      "EnableScriptBlockInvocationLogging": true,
      "EnableScriptBlockLogging": true
    },
    "ModuleLogging": {
      "EnableModuleLogging": false,
      "ModuleNames": [
        "PSReadline",
        "PowerShellGet"
      ]
    },
    "ProtectedEventLogging": {
      "EnableProtectedEventLogging": false,
      "EncryptionCertificate": [
        "Joe"
      ]
    },
    "Transcription": {
      "EnableTranscripting": true,
      "EnableInvocationHeader": true,
      "OutputDirectory": "F:\\tmp\\new"
    },
    "UpdatableHelp": {
      "DefaultSourcePath": "f:\\temp"
    },
    "ConsoleSessionConfiguration": {
      "EnableConsoleSessionConfiguration": false,
      "ConsoleSessionConfigurationName": "name"
    }
  },
  "LogLevel": "verbose"
}

Limitation that needs to be documented

On Unix platform, the default logging level filter is information, while the logging of script block execution writes out verbose level logging. So the configuration entry "LogLevel": "verbose" is needed along with the settings in "ScriptBlockLogging". This needs to be documented.

Documentation needed

We need documentation to clarify how logging works in PowerShell. Not sure if we already have some docs about it. Issue MicrosoftDocs/PowerShell-Docs#2017 is opened.

PR Checklist

Note: Please mark anything not applicable to this PR NA.

• PR has a meaningful title
  • Use the present tense and imperative mood when describing your changes
• Summarized changes
• User facing Documentation needed
  • Issue filed - Issue link:
• Change is not breaking
• Make sure you've added a new test if existing tests do not effectively test the code changed
  • Add [feature] if the change is significant or affectes feature tests
• This PR is ready to merge and is not Work in Progress.
  • If the PR is work in progress, please add the prefix WIP: to the beginning of the title and remove the prefix when the PR is ready.