[Bug] Update Schema Prompt to include new_terms_fields

[eric-forte-elastic]

Pull Request

Issue link(s):

Resolves https://github.com/elastic/detection-rules/issues/4566

Summary - What I changed

This PR fixes a bug where there was a missing default value if there where no new_terms values provided prior to the rule_prompt. In effect, this would cases a variable to be access before it was available. To fix this, I use a default of None. However, I also need to ensure the appropriate type conversion between the input string and the output list that we need to pass schema validation. To address this, I wrote a new ensure_list_of_strings utility function which is used for this purpose.

How To Test

Run a create-rule CLI command line the following and create a test new_terms rule: python -m detection_rules create-rule rules/linux/test_rule_2.toml --required-only

Checklist

• [ ] Added a label for the type of pr: bug, enhancement, schema, maintenance, Rule: New, Rule: Deprecation, Rule: Tuning, Hunt: New, or Hunt: Tuning so guidelines can be generated
• [ ] Added the meta:rapid-merge label if planning to merge within 24 hours
• [ ] Secret and sensitive material has been managed correctly
• [ ] Automated testing was updated or added to match the most common scenarios
• [ ] Documentation and comments were added for features that require explanation

Contributor checklist

• Have you signed the contributor license agreement?
• Have you followed the contributor guidelines?

[github-actions[bot]]

Bug - Guidelines

These guidelines serve as a reminder set of considerations when addressing a bug in the code.

Documentation and Context

• [ ] Provide detailed documentation (description, screenshots, reproducing the bug, etc.) of the bug if not already documented in an issue.
• [ ] Include additional context or details about the problem.
• [ ] Ensure the fix includes necessary updates to the release documentation and versioning.

Code Standards and Practices

• [ ] Code follows established design patterns within the repo and avoids duplication.
• [ ] Code changes do not introduce new warnings or errors.
• [ ] Variables and functions are well-named and descriptive.
• [ ] Any unnecessary / commented-out code is removed.
• [ ] Ensure that the code is modular and reusable where applicable.
• [ ] Check for proper exception handling and messaging.

Testing

• [ ] New unit tests have been added to cover the bug fix or edge cases.
• [ ] Existing unit tests have been updated to reflect the changes.
• [ ] Provide evidence of testing and detecting the bug fix (e.g., test logs, screenshots).
• [ ] Validate that any rules affected by the bug are correctly updated.
• [ ] Ensure that performance is not negatively impacted by the changes.
• [ ] Verify that any release artifacts are properly generated and tested.

Additional Checks

• [ ] Ensure that the bug fix does not break existing functionality.
• [ ] Review the bug fix with a peer or team member for additional insights.
• [ ] Verify that the bug fix works across all relevant environments (e.g., different OS versions).
• [ ] Confirm that all dependencies are up-to-date and compatible with the changes.
• [ ] Confirm that the proper version label is applied to the PR patch, minor, major.