Python: fix(foundry): reconcile toolbox hosted-tool payloads with Responses API

[moonbox3]

Motivation and Context

Fixes a 400 Missing required parameter: 'tools[N].container' that surfaces when a Foundry toolbox containing a code_interpreter tool is loaded via FoundryChatClient.get_toolbox() and passed to an Agent. Along the way, hardens adjacent hosted-tool payloads that would also fail silently until the Responses API rejects them.

The issue:

Three layers disagree about what's required on hosted-tool payloads:

Layer	container on code_interpreter
azure.ai.projects.models.CodeInterpreterTool (SDK type)	Optional
Toolbox create/get APIs	Accepts and returns without it
Foundry /openai/v1/responses proxy	Required

So CodeInterpreterTool(name="code_interpreter") round-trips through a toolbox and lands at /responses without a container, which is rejected. The existing sanitize_foundry_response_tool already exists to reconcile the opposite
round-trip mismatch (toolbox reads decorate payloads with name/description that /responses rejects) — this PR extends it to cover the missing-default direction too, and makes adjacent non-defaultable gaps fail fast with a clear error instead of bubbling up as a generic 400.

Description

Fixes for toolbox tools.

Contribution Checklist

• The code builds clean without any errors or warnings
• The PR follows the Contribution Guidelines
• All unit tests pass, and I have added new tests where possible
• Is this a breaking change? If yes, add "[BREAKING]" prefix to the title of the PR.

[moonbox3]

Python Test Coverage Report •

File	Stmts	Miss	Cover	Missing
packages/foundry/agent_framework_foundry
_chat_client.py	151	19	87%	84, 86–88, 92–93, 97, 191, 222, 315, 376, 378, 476, 480–481, 483–486
_tools.py	82	4	95%	72, 80, 127, 198
TOTAL	29028	3474	88%

Python Unit Test Overview

Tests	Skipped	Failures	Errors	Time
5771	30 💤	0 ❌	0 🔥	1m 35s ⏱️

[Copilot]

Pull request overview

This PR fixes interoperability issues between Azure AI Foundry toolbox tool payloads and the Foundry /openai/v1/responses proxy by sanitizing/validating hosted-tool payloads before sending them to the Responses API.

Changes:

• Extend hosted-tool sanitization to inject a default {"type": "auto"} container for code_interpreter tools when absent.
• Add fail-fast validation for hosted tool payloads that the Responses API will always reject (e.g., file_search without vector_store_ids, mcp without server_url or project_connection_id) and tighten MCP tool factory behavior.
• Update samples/tests to cover toolbox-hosted tool round-trips and the new sanitization behavior.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
python/samples/04-hosting/foundry-hosted-agents/responses/02_local_tools/main.py	Import cleanup to keep the sample consistent.
python/samples/02-agents/providers/foundry/foundry_chat_client_with_toolbox.py	Sample toolbox creation now includes web search and code interpreter tools.
python/packages/foundry/tests/foundry/test_foundry_chat_client.py	Adds unit tests for new sanitization/validation behavior and MCP tool factory constraints.
python/packages/foundry/agent_framework_foundry/_tools.py	Implements hosted-tool payload validation and injects default container for code_interpreter.
python/packages/foundry/agent_framework_foundry/_chat_client.py	Updates get_mcp_tool() to avoid fabricating server_url and to raise when missing destination info.