Allow stage definitions in custom yaml

What does this MR do and why?

This enables stages to be defined in a security policy using custom yaml:

• It merges stages defined in security policy yaml with stages defined in project .gitlab-ci.yaml or default stages.
• It injects .pre and .post stages at the beginning and end of the stages.

Screenshots or screen recordings

📺 Demo: youtu.be/C8SIubEstu8

How to set up and validate locally

1. Upload a GitLab Ultimate license.
2. Enable the feature flag:

   echo "Feature.enable(:compliance_pipeline_in_policies)" | rails c

3. Create a new project with a simple .gitlab-ci.yml file:

   project job:
     stage: build
     script:
       - echo "job defined in project CI"

4. Go to Secure -> Policies -> New policy -> Scan Execution Policy.
5. Go to yaml mode and paste a policy that defines custom stages:

   type: scan_execution_policy
   name: 'custom stages'
   description: ''
   enabled: true
   rules:
     - type: pipeline
       branches:
         - '*'
   actions:
   - scan: custom
     ci_configuration: |-
       stages:
         - custom_stage
       security policy job:
         stage: custom_stage
         script:
           - echo "This is a security policy"

6. Go back to the project -> Build -> Pipelines.
7. Select Run Pipeline.
8. Select Run Pipeline again.
9. The pipeline should have two stages build and custom_stage.

Other things to verify

Merge stages with project CI

1. Change .gitlab-ci.yml to include a custom stage:

   stages:
     - custom_project_stage
   project job:
     stage: custom_project_stage
     script:
       - echo "job defined in project CI"

2. Commit the changes
3. The latest pipeline should have custom_stage and custom_project_stage

Edge stages

1. Change .gitlab-ci.yml to include jobs for edge stages:

   pre job:
     stage: .pre
     script:
       - echo "job defined in project CI"
   post job:
     stage: .post
     script:
       - echo "job defined in project CI"

2. Commit the changes.
3. The latest pipeline should have the following stages in the same order: .pre custom_stage .post

Rule schedules

1. Go back to Secure -> Policies
2. Select custom stages -> Edit policy
3. Change the policy to run on a schedule:

   type: scan_execution_policy
   name: custom stages
   description: ''
   enabled: true
   rules:
     - type: schedule
       cadence: 0 0 * * *
       branch_type: all
   actions:
     - scan: custom
       ci_configuration: |-
         stages:
           - custom_stage
         security policy job:
           stage: custom_stage
           script:
             - echo "This is a security policy"

4. Trigger the schedule worker

   echo "Security::OrchestrationPolicyRuleSchedule.update_all(next_run_at: Time.now - 1.day)\nSecurity::OrchestrationPolicyRuleScheduleWorker.new.perform" | rails c

5. Go back to the project -> Build -> Pipelines.
6. Select the latest pipeline. (It might take a few seconds until the rule schedule pipeline appears)
7. There should only be one job on the custom_stage stage.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.

Related to #425012 (closed)