[Feature Request]: Support OPA Bundling for External Policy Downloads

[monshri]

🧭 Type of Feature

Please select the most appropriate category:

• Enhancement to existing functionality

🧭 Epic

It would be helpful to introduce support for OPA bundling so that policies can be downloaded from an external server instead of being tightly coupled with the application/server deployment. This would allow for cleaner separation between policy development and system deployment lifecycles.

Motivation / Use Case

1. Organizations often maintain policies independently from runtime services.
2. Decoupling policy distribution from server deployments enables faster iteration on policy development without requiring frequent redeployment of application services.
3. External policy bundles provide a more centralized and consistent way to manage policies across environments.

Proposed Solution

Implement OPA bundle download from a configured external server. Policies should be able to be updated by pushing bundles to the policy server, which clients then periodically fetch.

Configuration could support:

1. Policy bundle endpoint URL
2. Update interval or trigger mechanism
3. Cache fallback for offline scenarios

References

OPA Bundles Documentation

[araujof]

+1

For deployments that wish to maintain centralized policy servers, this will be an excellent feature to have. Need to include configuration and security requirements in the design.