Add more complianceType options for better merging with ConfigurationPolicies

[JustinKuli]

The existing musthave, mustonlyhave options are sometimes insufficient. Using mustonlyhave to work around the bespoke merging behavior of musthave requires setting many more fields in the policy, and can result in "thrashing" on the cluster, as the config-policy-controller fights with another controller (sometimes the API server itself) to apply certain configurations.

Options that match kubectl patch behaviors might be easier for users to understand.