Add baseline selector infrastructure for advanced rule filtering

[Copilot]

This PR introduces baseline selector infrastructure to enable advanced rule filtering capabilities as requested in issue #2609. The implementation provides a foundation for using selector expressions within baselines to dynamically filter rules based on complex criteria.

Key Changes

Infrastructure Added

• BaselineRuleFilter: A new enhanced rule filter that combines traditional filtering (include/exclude by name, tags, labels) with selector-based filtering
• Selector Expression Support: Infrastructure to evaluate selector expressions against rule metadata, enabling complex filtering logic
• Test Framework: Comprehensive test structure and example YAML files demonstrating the intended selector syntax

Example Usage

The new functionality enables baselines like this:

# Select high severity rules
apiVersion: github.com/microsoft/PSRule/v1
kind: Baseline
metadata:
  name: HighSeverityBaseline
spec:
  rule:
    selector:
      if:
        field: 'Level'
        equals: 'Error'

# Select rules with name prefix
apiVersion: github.com/microsoft/PSRule/v1
kind: Baseline
metadata:
  name: PrefixBaseline
spec:
  rule:
    selector:
      if:
        field: 'Name'
        startsWith: 'Azure.'

# Complex multi-criteria selection
apiVersion: github.com/microsoft/PSRule/v1
kind: Baseline
metadata:
  name: ComplexBaseline
spec:
  rule:
    selector:
      if:
        anyOf:
          - field: 'Level'
            in: ['Error', 'Warning']
          - allOf:
            - field: 'Name'
              startsWith: 'Security.'
            - field: 'Tags.category'
              equals: 'Security'

Capabilities Enabled

This infrastructure addresses all the key requirements from #2609:

• ✅ High/Critical Rule Selection: Filter rules by severity level or annotations
• ✅ Prefix Matching: Include/exclude rules by partial name matches
• ✅ Multiple Criteria: Support for complex expressions with anyOf, allOf, and nested conditions
• ✅ Annotation-based Filtering: Access to rule metadata and custom annotations

Implementation Approach

The solution extends PSRule's existing powerful expression system rather than creating new filtering logic:

1. Backward Compatible: All existing baseline functionality continues to work unchanged
2. Leverages Existing Infrastructure: Uses PSRule's proven selector and expression engine
3. Minimal Surface Area: Adds functionality through composition rather than modification of core interfaces
4. Performance Conscious: Selector evaluation only occurs when selectors are specified

Technical Details

• Rule Target Object Creation: Rules are converted to target objects that expose their properties (Name, Module, Level, Tags, Labels, etc.) for selector evaluation
• Expression Evaluation: Uses LanguageExpressionBuilder to compile and evaluate selector expressions
• Graceful Degradation: If selector evaluation fails, rules are excluded by default (fail-safe behavior)

Testing

Comprehensive test framework includes:

• Baseline YAML parsing validation
• Rule filtering logic verification
• Example scenarios covering all major use cases
• Integration with existing test infrastructure

Addressing #2609.

---

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.