Ashutosh Narkar

Hello @rasmuscc thanks for filing this request. If you could provide more context around why this is required and the benefit of this feature, that would be helpful. Thanks.

Just to understand this, OPA does generate the error at eval time and you're suggesting this should happen sooner? Are there cases where the policy needs to evaluated first to...

Are you using the plugin with Istio ? I haven't tried this out but we could configure OPA to use a [Discovery](https://www.openpolicyagent.org/docs/latest/management-discovery/) bundle and then inside that use an environment...

You can do that using OPA's [Discovery](https://www.openpolicyagent.org/docs/latest/management-discovery/) feature. We'll have to pass an environment variable in the manifest and have OPA use that to decide the policy bundle to use...

I'm not very familiar with the oci downloader. @carabasdaniel you and @DerGut have more insight into this. @DerGut anything you see that can help to resolve this.

> I think using the presence of the www-authenticate header to know if the auth header should be set, is the most idiomatic way, in terms of the HTTP spec....

@sunjh thanks for working on this. Just checking in to see if you had a chance to address Stephan's comments. We can then get this in the next release.

@sunjh closing this PR for now. Feel free to re-open when you get a chance to address the PR comments and we can get this in.

@Abhishek-569 here is the updated link https://www.openpolicyagent.org/docs/latest/policy-language/#metadata.

I think https://www.openpolicyagent.org/docs/latest/policy-language/#using-schemas-to-enhance-the-rego-type-checker.