feat: Add keystone container with opa and policies

[gtema]

Add possibility for Keystone to start OPA as a subprocess to help out in
the maintenance. Also add OPA binary (and policies) into a dedicated
container.
There are few reasons why user may decide not do use it:

• need to use different version of OPA
• OPA logs

Fixes: #700

[github-actions]

🦢 Load Test Results

Goose Attack Report

Plan Overview

Action	Started	Stopped	Elapsed	Users
Increasing	26-05-28 15:29:20	26-05-28 15:29:22	00:00:02	0 → 4
Maintaining	26-05-28 15:29:22	26-05-28 15:29:52	00:00:30	4
Decreasing	26-05-28 15:29:52	26-05-28 15:29:52	00:00:00	0 ← 4

Request Metrics

Method	Name	# Requests	# Fails	Average (ms)	Min (ms)	Max (ms)	RPS	Failures/s
GET		6969	0	16.74	11	36	232.30	0.00
	Aggregated	6969	0	16.74	11	36	232.30	0.00

Response Time Metrics

Method	Name	50%ile (ms)	60%ile (ms)	70%ile (ms)	80%ile (ms)	90%ile (ms)	95%ile (ms)	99%ile (ms)	100%ile (ms)
GET		15	18	20	21	22	23	25	36
	Aggregated	15	18	20	21	22	23	25	36

Status Code Metrics

Method	Name	Status Codes
GET		6,969 [200]
	Aggregated	6,969 [200]

Transaction Metrics

Transaction	# Times Run	# Fails	Average (ms)	Min (ms)	Max (ms)	RPS	Failures/s
ListUsers
0.0	0	0	0.00	0	0	0.00	0.00
0.1	4216	0	13.77	11	23	140.53	0.00
ValidateToken
1.0	0	0	0.00	0	0	0.00	0.00
1.1	2753	0	21.37	17	36	91.77	0.00
Aggregated	6969	0	16.74	11	36	232.30	0.00

Scenario Metrics

Transaction	# Users	# Times Run	Average (ms)	Min (ms)	Max (ms)	Scenarios/s	Iterations
ListUsers	2	4214	13.77	11	23	140.47	2107.00
ValidateToken	2	2751	21.37	17	36	91.70	1375.50
Aggregated	4	6965	16.78	11	36	232.17	3482.50

View full report

[github-actions]

Bencher Report

Branch	container-opa
Testbed	ubuntu-latest

Click to view all benchmark results

Benchmark	Latency	Benchmark Result nanoseconds (ns) (Result Δ%)	Upper Boundary nanoseconds (ns) (Limit %)
Command_Serde/apply/remove	📈 view plot 🚷 view threshold	134,330.00 ns (-14.91%) Baseline: 157,867.89 ns	610,087.14 ns (22.02%)
Command_Serde/apply/set	📈 view plot 🚷 view threshold	137,940.00 ns (+1.57%) Baseline: 135,811.18 ns	334,023.43 ns (41.30%)
Command_Serde/pack/delete	📈 view plot 🚷 view threshold	122.05 ns (-0.57%) Baseline: 122.76 ns	145.59 ns (83.83%)
Command_Serde/pack/delete_index	📈 view plot 🚷 view threshold	112.68 ns (-1.59%) Baseline: 114.50 ns	135.05 ns (83.44%)
Command_Serde/pack/set	📈 view plot 🚷 view threshold	204.14 ns (+2.44%) Baseline: 199.28 ns	241.82 ns (84.42%)
Command_Serde/pack/set_index	📈 view plot 🚷 view threshold	113.37 ns (-1.16%) Baseline: 114.70 ns	134.94 ns (84.01%)
Command_Serde/unpack/delete	📈 view plot 🚷 view threshold	188.34 ns (+0.23%) Baseline: 187.91 ns	230.29 ns (81.78%)
Command_Serde/unpack/delete_index	📈 view plot 🚷 view threshold	157.80 ns (-4.00%) Baseline: 164.37 ns	203.33 ns (77.61%)
Command_Serde/unpack/set	📈 view plot 🚷 view threshold	247.13 ns (+0.61%) Baseline: 245.62 ns	290.45 ns (85.09%)
Command_Serde/unpack/set_index	📈 view plot 🚷 view threshold	156.10 ns (-3.91%) Baseline: 162.45 ns	201.17 ns (77.60%)
Payload_encryption/pack/inner	📈 view plot 🚷 view threshold	65.85 ns (+0.76%) Baseline: 65.35 ns	77.83 ns (84.61%)
Payload_encryption/pack/remove_cmd	📈 view plot 🚷 view threshold	120.77 ns (-0.88%) Baseline: 121.85 ns	146.02 ns (82.71%)
Payload_encryption/pack/set_cmd	📈 view plot 🚷 view threshold	251.80 ns (+9.09%) Baseline: 230.82 ns	287.97 ns (87.44%)
Payload_encryption/unpack/inner	📈 view plot 🚷 view threshold	161.94 ns (-0.48%) Baseline: 162.72 ns	191.30 ns (84.65%)
Payload_encryption/unpack/remove_cmd	📈 view plot 🚷 view threshold	194.78 ns (-1.40%) Baseline: 197.54 ns	241.98 ns (80.50%)
Payload_encryption/unpack/set_cmd	📈 view plot 🚷 view threshold	258.30 ns (-0.10%) Baseline: 258.56 ns	315.32 ns (81.92%)
Raft_1Node_Latency/prefix/1node	📈 view plot 🚷 view threshold	2,793,500.00 ns (-24.45%) Baseline: 3,697,423.33 ns	6,887,817.52 ns (40.56%)
Raft_1Node_Latency/read/1node	📈 view plot 🚷 view threshold	573.16 ns (+3.22%) Baseline: 555.28 ns	762.93 ns (75.13%)
Raft_1Node_Latency/remove/1node	📈 view plot 🚷 view threshold	374,000.00 ns (-5.83%) Baseline: 397,155.67 ns	1,179,701.49 ns (31.70%)
Raft_1Node_Latency/write/1node	📈 view plot 🚷 view threshold	379,650.00 ns (-1.80%) Baseline: 386,596.67 ns	938,998.14 ns (40.43%)
build_snapshot/default	📈 view plot 🚷 view threshold	91,398.00 ns (-3.03%) Baseline: 94,258.32 ns	157,859.69 ns (57.90%)
fernet token/project	📈 view plot 🚷 view threshold	1,408.30 ns (-4.31%) Baseline: 1,471.78 ns	1,632.88 ns (86.25%)
get_data_keyspace	📈 view plot 🚷 view threshold	0.31 ns (-2.92%) Baseline: 0.32 ns	0.38 ns (82.07%)
get_db	📈 view plot 🚷 view threshold	0.31 ns (-2.24%) Baseline: 0.32 ns	0.38 ns (82.34%)
get_fernet_token_timestamp/project	📈 view plot 🚷 view threshold	158.74 ns (+6.88%) Baseline: 148.52 ns	173.45 ns (91.52%)
get_keyspace	📈 view plot 🚷 view threshold	4.37 ns (-6.73%) Baseline: 4.68 ns	8.42 ns (51.83%)

🐰 View full continuous benchmarking report in Bencher