chore(deps): bump github.com/open-policy-agent/opa from 0.32.0 to 0.38.1

[dependabot]

Bumps github.com/open-policy-agent/opa from 0.32.0 to 0.38.1.

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v0.38.1

This is a bug fix release that addresses one issue when using opa test with the --bundle (-b) flag, and a policy that uses the every keyword.

There are no other code changes in this release.

Fixes

• Compiler: don't raise an error with unused declared+generated vars (every) (#4420), reported by @​kristiansvalland

v0.38.0

This release contains a number of fixes and enhancements.

It contains one backwards-incompatible change to the JSON representation of metrics in Status API payloads, please see the section below.

Rich Metadata

It is now possible to annotate Rego policies in a way that can be processed programmatically, using Rich Metadata.

# METADATA
# title: My rule
# description: A rule that determines if x is allowed.
# authors:
# - Jane Austin <[email protected]>
allow {
  ...
}

The available keys are:

• title
• description
• authors
• organizations
• related_resources
• schemas
• scope
• custom

Custom annotations can be used to annotate rules, packages, and documents with whatever you specifically need, beyond the generic keywords.

Annotations can be retrieved using the Golang library or via the CLI, opa inspect -a.

All the details can be found in the documentation on Annotations.

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

0.38.1

This is a bug fix release that addresses one issue when using opa test with the --bundle (-b) flag, and a policy that uses the every keyword.

There are no other code changes in this release.

Fixes

• Compiler: don't raise an error with unused declared+generated vars (every) (#4420), reported by @​kristiansvalland

0.38.0

This release contains a number of fixes and enhancements.

It contains one backwards-incompatible change to the JSON representation of metrics in Status API payloads, please see the section below.

Rich Metadata

It is now possible to annotate Rego policies in a way that can be processed programmatically, using Rich Metadata.

# METADATA
# title: My rule
# description: A rule that determines if x is allowed.
# authors:
# - Jane Austin <[email protected]>
allow {
  ...
}

The available keys are:

• title
• description
• authors
• organizations
• related_resources
• schemas
• scope
• custom

Custom annotations can be used to annotate rules, packages, and documents with whatever you specifically need, beyond the generic keywords.

Annotations can be retrieved using the Golang library

... (truncated)

Commits

• cc65707 Prepare 0.38.1 release
• 9338d3f ast/compile: don't error on unused declared+generated vars (every) (#4421)
• 80db6d5 Prepare Release v0.38.0 (#4400)
• 521cd23 docs: Update generated CLI docs
• 60e564f cmd/inspect: render "related resources" and small misc changes (#4399)
• 64a03c1 docs: Update generated CLI docs
• 35d7e58 cmd: Adding annotations listing to inspect command (#4388)
• 3d93280 docs/rest-api: Update docs on 400 response (#4392)
• bbb8a41 docs/integrations: add OPToggles (#4398)
• cd36c74 build(deps): bump actions/checkout from 2 to 3 (#4395)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)