Update docker.io/openpolicyagent/opa Docker tag to v0.67.1 #269
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
![renovate-approve[bot]](https://avatars.githubusercontent.com/in/7394?s=60&v=4){kind=small}
renovate
bot
force-pushed
the
renovate/docker.io-openpolicyagent-opa-0.x
branch
2 times, most recently
from
f015741 to
d5cdbc3
Compare
renovate
bot
force-pushed
the
renovate/docker.io-openpolicyagent-opa-0.x
branch
from
d5cdbc3 to
c292d57
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/docker.io-openpolicyagent-opa-0.x
branch
2 times, most recently
from
f78cf77 to
94bf6a7
Compare
renovate
bot
force-pushed
the
renovate/docker.io-openpolicyagent-opa-0.x
branch
2 times, most recently
from
e02213c to
8b4b7c8
Compare
vierbergenlars
force-pushed
the
renovate/docker.io-openpolicyagent-opa-0.x
branch
from
8b4b7c8 to
cf855ff
Compare
renovate
bot
force-pushed
the
renovate/docker.io-openpolicyagent-opa-0.x
branch
from
cf855ff to
2c13ac7
Compare
renovate
bot
force-pushed
the
renovate/docker.io-openpolicyagent-opa-0.x
branch
from
2c13ac7 to
e0c637f
Compare
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
0.66.0-debug->0.67.1-debugRelease Notes
open-policy-agent/opa (docker.io/openpolicyagent/opa)
v0.67.1Compare Source
This is a bug fix release addressing the following issue:
v0.67.0Compare Source
This release contains a mix of features, a new builtin function (
strings.count), performance improvements, and bugfixes.Breaking Change
Request Body Size Limits
OPA now automatically rejects very large requests (#6868) authored by @philipaconrad.
Requests with a
Content-Lengthlarger than 128 MB uncompressed, and gzipped requests with payloads that decompress tolarger than 256 MB will be rejected, as part of hardening OPA against denial-of-service attacks. Previously, a large
enough request could cause an OPA instance to run out of memory in low-memory sidecar deployment scenarios, just from
attempting to read the request body into memory.
These changes allow improvements in memory usage for the OPA HTTP server, and help OPA deployments avoid some accidental out-of-memory situations.
For most users, no changes will be needed to continue using OPA. However, to control this behavior, two new configuration
keys are available:
server.decoding.max_lengthandserver.decoding.gzip.max_length. These control the max size inbytes to allow for an incoming request payload, and the maximum size in bytes to allow for a decompressed gzip request payload, respectively.
Here's an example OPA configuration using the new keys:
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.