[Rule-based Auto-tagging] add the schema for security attributes

[ruai0511]

This PR enhances rule-based auto-tagging functionality by introducing security-related attributes. Specifically, we aim to extract user information (username and role) from the security context of incoming requests. In many real-world environments, security context is essential for customers with multiple teams, departments, or security boundaries. By enabling the use of security attributes in auto-tagging rules, this project will provide more practical and convenient ways to define the tenants.

This PR includes:

• Updated schema to include security attributes (principal.username and principal.role).
• No runtime label-resolving logic changes yet; this PR focuses only on schema changes to support future security attribute features.

Description

[Describe what this change achieves]

Related Issues

Resolves #[Issue number to be closed when this PR is merged]

Check List

• Functionality includes testing.
• API changes companion pull request created, if applicable.
• Public documentation issue/PR created, if applicable.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[jainankitk]

Thanks @ruai0511! Changes look more consumable as separate small PRs. Mostly LGTM, just few comments to understand the changes better

[github-actions]

❌ Gradle check result for eefa8d2: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

[github-actions]

❌ Gradle check result for c059395: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

[jainankitk]

Unrelated test failure:

[Test Result](https://build.ci.opensearch.org/job/gradle-check/63933/testReport/) (1 failure / -1)

    [org.opensearch.upgrades.FullClusterRestartIT.testRecovery](https://build.ci.opensearch.org/job/gradle-check/63933/testReport/junit/org.opensearch.upgrades/FullClusterRestartIT/testRecovery/)

@ruai0511 - Can you merge from the main branch?

[jainankitk]

LGTM!

[github-actions]

❌ Gradle check result for 639bd3b: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

[github-actions]

❌ Gradle check result for 97e899d: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

[jainankitk]

Unrelated failures:

[Test Result](https://build.ci.opensearch.org/job/gradle-check/64284/testReport/) (2 failures / +1)

    [org.opensearch.upgrades.FullClusterRestartIT.testRecovery](https://build.ci.opensearch.org/job/gradle-check/64284/testReport/junit/org.opensearch.upgrades/FullClusterRestartIT/testRecovery/)
    [org.opensearch.index.fielddata.FieldDataLoadingIT.testIndicesFieldDataCacheSizeSetting](https://build.ci.opensearch.org/job/gradle-check/64284/testReport/junit/org.opensearch.index.fielddata/FieldDataLoadingIT/testIndicesFieldDataCacheSizeSetting/)

Retrying gradle check.

@peteralfonsi - Can you check the failure related to FDC once? - https://build.ci.opensearch.org/job/gradle-check/64284/testReport/junit/org.opensearch.index.fielddata/FieldDataLoadingIT/testIndicesFieldDataCacheSizeSetting/

[github-actions]

❌ Gradle check result for 97e899d: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

[github-actions]

✅ Gradle check result for d7fd516: SUCCESS

[codecov]

Codecov Report

❌ Patch coverage is 73.80952% with 11 lines in your changes missing coverage. Please review.
✅ Project coverage is 72.97%. Comparing base (6fdb010) to head (7a05f7c).
⚠️ Report is 5 commits behind head on main.

Files with missing lines	Patch %	Lines
.../java/org/opensearch/rule/RuleFrameworkPlugin.java	0.00%	5 Missing ⚠️
...pensearch/plugin/wlm/WorkloadManagementPlugin.java	58.33%	5 Missing ⚠️
...ain/java/org/opensearch/rule/autotagging/Rule.java	75.00%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##               main   #19345      +/-   ##
============================================
+ Coverage     72.90%   72.97%   +0.06%     
+ Complexity    69915    69887      -28     
============================================
  Files          5675     5675              
  Lines        320841   320893      +52     
  Branches      46387    46391       +4     
============================================
+ Hits         233909   234164     +255     
+ Misses        68031    67745     -286     
- Partials      18901    18984      +83     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[github-actions]

✅ Gradle check result for 7a05f7c: SUCCESS