OPA filter smoke tests

[pavolloffay]

This is a tracking issue for discussing OPA filter testing. The idea is that in agent we want to be able to test OPA filter https://github.com/hypertrace/javaagent/tree/main/filter-custom-opa against running https://github.com/open-policy-agent/opa. The filter gets data from /v1/data and runs evaluation on every request.

I would like to package https://github.com/open-policy-agent/opa into a docker container and make data.json and /v1/policies/remote-bundle/traceable/http/request/policy.rego configurable. This container could be used in smoke tests in all Hypertrace agents. There is already a docker container https://hub.docker.com/r/openpolicyagent/opa - we should have a look if it could be used.

In the meantime the OPA filter can be tested by:

1. port-forwarding OPA agent from traceableai namespace k port-forward service/opa 8181:8181 -n traceableai
2. get the data from OPA agent curl localhost:8181/v1/data and pick some IP address from denylist
3. run agent on a test/demo app and do curl localhost:8080 -H "X-Forwarded-For: <IP from deny list> - the request should be blocked with 403

cc) @mohit-a21 @jcchavezs @davexroth

[pavolloffay]

Removing OPA is moved to a private repo