Create a GitHub Action to automate OPA version dependency management #918
Description
Prerequisites
- This issue has an informative and human-readable title.
💡 Summary
We need a workflow to automate OPA version dependency bumps.
Motivation and context
ScubaGoggles should be using the latest OPA version. As of 02/09/2026, our max supported version of OPA is v1.0.1 which is 20 versions behind.
Also, the OPA version bump is currently a manual process. This is something that's easy for automation to handle and will help allocate developer time elsewhere.
Implementation notes
The workflow would involve the following steps:
- Determine if an update is required (check OPA GitHub releases if there's a new release that exceeds ScubaGoggles' latest supported OPA version)
- If the condition is true for step 1, the workflow should create a new feature branch and update the OPA version constant in scuba_constants.py
- Create a new PR that includes the change from step 2. The PR description should include information about which OPA version was tested, links to corresponding smoke tests, etc.
- Run the smoke test and rego unit tests to regression test/check for any breaking changes the new OPA version introduces
See run_update_opa.yaml and its helper functions for reference.
Acceptance criteria
- We have an automated GitHub Action that handles OPA version dependency management