Open Policy Agent (OPA) - CI/CD Glossary Definition
OPA is a policy engine that evaluates Rego rules over JSON to make consistent authorization and compliance decisions.
Open Policy Agent (OPA) is a general-purpose policy engine that evaluates rules written in the Rego language against JSON input to return allow/deny or other structured decisions.
OPA decouples policy from application code, so the same rules can guard APIs, Kubernetes, and CI/CD pipelines.
In CI/CD
Tools like conftest embed OPA to evaluate Terraform plans, Kubernetes manifests, or Dockerfiles as a pipeline gate, failing the build on a deny decision.
Related guides
Rego - CI/CD Glossary DefinitionRego: Rego is the declarative query language used by Open Policy Agent to express policy rules as logic over…
Conftest - CI/CD Glossary DefinitionConftest: Conftest is a command-line tool that tests structured configuration files (YAML, JSON, HCL, Dockerf…
Policy as Code - CI/CD Glossary DefinitionPolicy as Code: Policy as code is the practice of writing organizational rules (security, compliance, cost) a…