[confcom] Address copilot reviews

Author: MahatiC

src/confcom/HISTORY.rst

@@ -4,7 +4,7 @@ Release History
 ===============
 
 2.0.0b1
-+++++
++++++++
 * Add Windows container support with CIM-based layer hashing
 * Support for mounted_cim field in security policies for Windows containers
 

src/confcom/azext_confcom/container.py

@@ -563,7 +563,7 @@ def from_json(
             mounts=mounts,
             allow_elevated=allow_elevated,
             extraEnvironmentRules=[],
-            platform=container_json["platform"],
+            platform=container_json.get("platform", "linux/amd64"),
             execProcesses=exec_processes,
             signals=signals,
             user=user,
@@ -814,7 +814,7 @@ def from_json(
         image.__class__ = UserContainerImage
         # inject default mounts for user container
         if (image.base not in config.BASELINE_SIDECAR_CONTAINERS) and (not is_vn2):
-            if container_json["platform"].startswith("linux"):
+            if container_json.get("platform", "linux/amd64").startswith("linux"):
                 image.get_mounts().extend(_DEFAULT_MOUNTS)
 
         if (image.base not in config.BASELINE_SIDECAR_CONTAINERS) and (is_vn2):
@@ -823,7 +823,7 @@ def from_json(
         # Start with the customer environment rules
         env_rules = (
             copy.deepcopy(_INJECTED_CUSTOMER_ENV_RULES)
-            if container_json["platform"].startswith("linux") else []
+            if container_json.get("platform", "linux/amd64").startswith("linux") else []
         )
         # If is_vn2, add the VN2 environment rules
         if is_vn2:

src/confcom/azext_confcom/security_policy.py

@@ -149,8 +149,11 @@ def __init__(
             image_platform = c.get("platform", "linux/amd64")
             if self._platform is None:
                 self._platform = image_platform
-            else:
-                assert self._platform == image_platform, "All images must have the same platform"
+            elif self._platform != image_platform:
+                eprint(
+                    f'All images must have the same platform. '
+                    f'Found "{image_platform}" but expected "{self._platform}".'
+                )
 
             if not is_sidecar(c[config.POLICY_FIELD_CONTAINERS_ID]):
                 container_image = UserContainerImage.from_json(c, is_vn2=is_vn2)
@@ -250,6 +253,8 @@ def _add_rego_boilerplate(self, output: str) -> str:
                 pretty_print_func(self._allow_runtime_logging),
                 pretty_print_func(self._allow_environment_variable_dropping),
             )
+        eprint(f'Unsupported platform: "{self._platform}". '
+               f'Supported platforms are linux/amd64 and windows/amd64.')
 
     def validate_cce_policy(self) -> Tuple[bool, Dict]:
         """Utility method: check to see if the existing policy
@@ -716,6 +721,12 @@ def validate_image_platform(image_name: str, platform: str) -> None:
                     f'"{platform}": {e}'
                 )
 
+    if image is None:
+        eprint(
+            f'Image "{image_name}" could not be retrieved for platform validation.'
+        )
+        return
+
     detected = f"{image.attrs.get('Os')}/{image.attrs.get('Architecture')}"
     if detected != platform:
         eprint(