annotations: allow URL pointer to JSON schema

[anderseknert]

Annotations may currently point to a JSON schema on disk, and requires this location to be provided by the tool, e.g. opa eval. It would be very handy if we as an alternative to this allowed a schema to be retrieved from an URL pointed out in the annotation.

# METADATA
# schemas:
#   - input: https://json.schemastore.org/github-action.json
package github.actions

Some thoughts:

• Should this be enabled by default or require a flag? I'm leaning towards the former, with capabilites extended to disable it.
• Caching? The opa eval development cycle can be quite intensive, and you wouldn't want to have the same schema fetched again and again. Additionally, while I doubt this will DDOS any service provider, it would be courteous to not hammer them with requests.

[anderseknert]

@aavarghese @vazirim thoughts on this? 😃

[stale[bot]]

This issue has been automatically marked as inactive because it has not had any activity in the last 30 days.

[aavarghese]

@anderseknert missed responding to this earlier but this does seem very useful and practical - not all schemas especially Kubernetes related need to be loaded on disk. So +1 for this feature!

[stale[bot]]

This issue has been automatically marked as inactive because it has not had any activity in the last 30 days.

[anderseknert]

So, this is actually possible already, using the undocumented inline format.

# METADATA
# schemas:
# - input: {"$ref": "http://localhost:8000/schema.json"}

As this is about to be both documented, and properly supported ( see https://github.com/open-policy-agent/opa/pull/5689 ) I think we're good to close this :)