[confcom] Add more thorough tests for --with-containers

[DomAyre]

Why

The existing tests for --with-containers are okay but don't tests the full range of inputs we have in samples/.

How

• Update the policy model to define which collections care about order for the sake of serialisation and comparison
• Add for each sample, the reduced container definition that can be supplied to --with-containers to get policy.rego
• Update the tests to check that parsing with --with-containers to produce policy.rego

---

This checklist is used to make sure that common guidelines for a pull request are followed.

Related command

General Guidelines

• Have you run azdev style <YOUR_EXT> locally? (pip install azdev required)
• Have you run python scripts/ci/test_index.py -q locally? (pip install wheel==0.30.0 required)
• My extension version conforms to the Extension version schema

[azure-client-tools-bot-prd]

️✔️Azure CLI Extensions Breaking Change Test

️✔️Non Breaking Changes

[yonzhan]

Thank you for your contribution! We will review the pull request and get back to you soon.

[github-actions]

The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR.

Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions).
After that please run the following commands to enable git hooks:

pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>

[github-actions]

• For more info about extension versioning, please refer to Extension version schema

[Copilot]

Pull Request Overview

This PR enhances test coverage for the --with-containers flag by adding comprehensive tests for all samples and refactoring the policy model to use Pydantic dataclasses with explicit ordering semantics.

Key changes:

• Migrated policy data model from standard Python dataclasses to Pydantic dataclasses with custom ordering support
• Added container definition (.rego) files for each sample directory to support --with-containers testing
• Implemented OPA (Open Policy Agent) integration for policy deserialization and comparison
• Added parameterized test that validates policy generation from container definitions for all samples

Reviewed Changes

Copilot reviewed 29 out of 29 changed files in this pull request and generated 11 comments.

Show a summary per file

File	Description
setup.py	Version bump to 1.4.2, added pydantic dependency, and OPA binary download during installation
HISTORY.rst	Added release notes for version 1.4.2 describing pydantic migration
samples/aci/*/container*.rego	Added 20+ container definition files as test inputs for --with-containers testing
azext_confcom/lib/policy.py	Migrated from dataclasses to Pydantic with OrderlessField for collections where order is semantically irrelevant
azext_confcom/lib/orderless_dataclasses.py	New custom Pydantic dataclass wrapper that sorts orderless fields for serialization and comparison
azext_confcom/lib/opa.py	New OPA binary downloader and executor for policy evaluation
azext_confcom/lib/binaries.py	New utility for managing binary directory location
azext_confcom/lib/serialization.py	New policy serialization/deserialization utilities using OPA
azext_confcom/security_policy.py	Updated to use Pydantic's TypeAdapter for container serialization
azext_confcom/tests/latest/test_confcom_acipolicygen_arm.py	Added comprehensive parameterized test and renamed existing test for clarity