Add Subsystem and SubsystemList Resources

[tgauth]

PR Summary

• modify sshdconfig set behavior to overwrite for all keywords, instead of erroring for repeatable/multi-arg keywords
• add resources for subsystem and subsystemList, handled internally by sshdconfig via repeat_keyword.rs module
• add canonical_properties.rs module to centralize handling of non-ssh keywords (_metadata, _exist, etc.)

PR Context

• fix Proposal: SSHDConfig Set Support for Repeatable Keywords #1340 [partially]

[Copilot]

Pull request overview

This PR adds support for managing SSH server Subsystem configurations through new DSC resources (Microsoft.OpenSSH.SSHD/Subsystem and Microsoft.OpenSSH.SSHD/SubsystemList). It also modifies the core sshdconfig behavior to handle repeatable keywords by overwriting them instead of throwing errors when _purge: false is set.

Changes:

• Adds structured keyword support (name-value format) to the parser and formatter for subsystem configurations
• Introduces two new DSC resources: Subsystem (single entry add/remove) and SubsystemList (batch operations with purge support)
• Removes the restriction preventing _purge: false from being used with repeatable keywords, enabling incremental updates

Reviewed changes

Copilot reviewed 16 out of 16 changed files in this pull request and generated 8 comments.

Show a summary per file

File	Description
src/set.rs	Adds set_sshd_config_repeat and set_sshd_config_repeat_list handlers, removes purge restriction for repeatable keywords
src/parser.rs	Implements structured keyword parsing to extract name/value pairs from subsystem entries, adds operator validation
src/formatter.rs	Adds formatting support for structured keywords with name/value object format
src/metadata.rs	Introduces KeywordInfo struct and STRUCTURED_KEYWORDS constant to encapsulate keyword metadata
src/inputs.rs	Defines NameValueEntry, RepeatInput, and RepeatListInput structs for the new resources
src/args.rs	Adds SshdConfigRepeat and SshdConfigRepeatList setting variants
src/get.rs	Adds catch-all error handling for new settings (which don't support get operations)
src/main.rs	Registers schema generation for new input types
sshd-subsystem.dsc.resource.json	Resource manifest for single subsystem entry operations
sshd-subsystemList.dsc.resource.json	Resource manifest for subsystem list operations
tests/sshdconfigRepeat.tests.ps1	Unit tests for single subsystem entry operations
tests/sshdconfigRepeatList.tests.ps1	Unit tests for subsystem list operations
tests/sshdconfig.set.tests.ps1	Updated to remove obsolete test and add test for repeatable keyword overwrite behavior
dsc/tests/dsc_sshdconfig.tests.ps1	Integration tests for new Subsystem/SubsystemList resources
locales/en-us.toml	Adds localization strings for new error messages
.project.data.json	Registers new resource manifests for build output

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 16 out of 16 changed files in this pull request and generated 4 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[ThomasNieto]

With two resources that manage the same underlying configuration. When key properties are introduced how would that work? I added a comment on this issue: #142 (comment)

We might want to discuss in the WG group what the plan is for that.

[SteveL-MSFT]

With two resources that manage the same underlying configuration. When key properties are introduced how would that work? I added a comment on this issue: #142 (comment)

We might want to discuss in the WG group what the plan is for that.

Tagged for WG discussion. I don't think we want to make the two mutually exclusive in that you can only use one or the other. However, currently this would naturally be resolved with last-one-wins. Since the resource is instantiated separately for each type, it doesn't know that it was already used before. Is documentation sufficient here?