Add Policy DSL Validator, Schema Exporter, and Simulation Smoke tools

- Implemented PolicyDslValidator with command-line options for strict mode and JSON output.
- Created PolicySchemaExporter to generate JSON schemas for policy-related models.
- Developed PolicySimulationSmoke tool to validate policy simulations against expected outcomes.
- Added project files and necessary dependencies for each tool.
- Ensured proper error handling and usage instructions across tools.

src/StellaOps.Scanner.Core.Tests/Contracts/ComponentGraphBuilderTests.cs

@@ -18,27 +18,32 @@ public sealed class ComponentGraphBuilderTests
                 Evidence = ImmutableArray.Create(ComponentEvidence.FromPath("/app/node_modules/a/package.json")),
                 Dependencies = ImmutableArray.Create("pkg:npm/x"),
                 Usage = ComponentUsage.Create(false),
-                Metadata = new ComponentMetadata
-                {
-                    Scope = "runtime",
-                },
-            }
-        });
-
-        var layer2 = LayerComponentFragment.Create("sha256:layer2", new[]
+                Metadata = new ComponentMetadata
+                {
+                    Scope = "runtime",
+                    BuildId = "ABCDEF1234567890ABCDEF1234567890ABCDEF12",
+                },
+            }
+        });
+
+        var layer2 = LayerComponentFragment.Create("sha256:layer2", new[]
         {
             new ComponentRecord
             {
                 Identity = ComponentIdentity.Create("pkg:npm/a", "a", "1.0.0"),
-                LayerDigest = "sha256:layer2",
-                Evidence = ImmutableArray.Create(ComponentEvidence.FromPath("/app/node_modules/a/index.js")),
-                Dependencies = ImmutableArray.Create("pkg:npm/y"),
-                Usage = ComponentUsage.Create(true, new[] { "/app/start.sh" }),
-            },
-            new ComponentRecord
-            {
-                Identity = ComponentIdentity.Create("pkg:npm/b", "b", "2.0.0"),
-                LayerDigest = "sha256:layer2",
+                LayerDigest = "sha256:layer2",
+                Evidence = ImmutableArray.Create(ComponentEvidence.FromPath("/app/node_modules/a/index.js")),
+                Dependencies = ImmutableArray.Create("pkg:npm/y"),
+                Usage = ComponentUsage.Create(true, new[] { "/app/start.sh" }),
+                Metadata = new ComponentMetadata
+                {
+                    BuildId = "abcdef1234567890abcdef1234567890abcdef12",
+                },
+            },
+            new ComponentRecord
+            {
+                Identity = ComponentIdentity.Create("pkg:npm/b", "b", "2.0.0"),
+                LayerDigest = "sha256:layer2",
                 Evidence = ImmutableArray.Create(ComponentEvidence.FromPath("/app/node_modules/b/package.json")),
             }
         });
@@ -54,9 +59,10 @@ public sealed class ComponentGraphBuilderTests
         Assert.Equal(new[] { "sha256:layer1", "sha256:layer2" }, componentA.LayerDigests);
         Assert.True(componentA.Usage.UsedByEntrypoint);
         Assert.Contains("/app/start.sh", componentA.Usage.Entrypoints);
-        Assert.Equal(new[] { "pkg:npm/x", "pkg:npm/y" }, componentA.Dependencies);
-        Assert.Equal("runtime", componentA.Metadata?.Scope);
-        Assert.Equal(2, componentA.Evidence.Length);
+        Assert.Equal(new[] { "pkg:npm/x", "pkg:npm/y" }, componentA.Dependencies);
+        Assert.Equal("runtime", componentA.Metadata?.Scope);
+        Assert.Equal("abcdef1234567890abcdef1234567890abcdef12", componentA.Metadata?.BuildId);
+        Assert.Equal(2, componentA.Evidence.Length);
 
         var componentB = graph.ComponentMap["pkg:npm/b"];
         Assert.Equal("sha256:layer2", componentB.FirstLayerDigest);

src/StellaOps.Scanner.Core.Tests/Contracts/ComponentModelsTests.cs

@@ -62,24 +62,26 @@ public sealed class ComponentModelsTests
             Evidence = ImmutableArray.Create(ComponentEvidence.FromPath("/app/package.json")),
             Dependencies = ImmutableArray.Create("pkg:npm/dep"),
             Usage = ComponentUsage.Create(true, new[] { "/app/start.sh" }),
-            Metadata = new ComponentMetadata
-            {
-                Scope = "runtime",
-                Licenses = new[] { "MIT" },
-                Properties = new Dictionary<string, string>
-                {
-                    ["source"] = "package-lock.json",
-                },
-            },
-        };
-
-        var json = JsonSerializer.Serialize(record, ScannerJsonOptions.Default);
-        var deserialized = JsonSerializer.Deserialize<ComponentRecord>(json, ScannerJsonOptions.Default);
+            Metadata = new ComponentMetadata
+            {
+                Scope = "runtime",
+                Licenses = new[] { "MIT" },
+                Properties = new Dictionary<string, string>
+                {
+                    ["source"] = "package-lock.json",
+                },
+                BuildId = "5f0c7c3cb4d9f8a4f1c1d5c6b7e8f90123456789",
+            },
+        };
+
+        var json = JsonSerializer.Serialize(record, ScannerJsonOptions.Default);
+        var deserialized = JsonSerializer.Deserialize<ComponentRecord>(json, ScannerJsonOptions.Default);
 
         Assert.NotNull(deserialized);
         Assert.Equal(record.Identity.Key, deserialized!.Identity.Key);
-        Assert.Equal(record.Metadata?.Scope, deserialized.Metadata?.Scope);
-        Assert.True(deserialized.Usage.UsedByEntrypoint);
-        Assert.Equal(record.Usage.Entrypoints.AsSpan(), deserialized.Usage.Entrypoints.AsSpan());
-    }
-}
+        Assert.Equal(record.Metadata?.Scope, deserialized.Metadata?.Scope);
+        Assert.Equal(record.Metadata?.BuildId, deserialized.Metadata?.BuildId);
+        Assert.True(deserialized.Usage.UsedByEntrypoint);
+        Assert.Equal(record.Usage.Entrypoints.AsSpan(), deserialized.Usage.Entrypoints.AsSpan());
+    }
+}