Log Message:
opa: Update to 0.64.1

Changes:
v0.64.1
This is a bug fix release addressing the following issues:

- plugins/discovery: Update comparison logic used in the discovery
  plugin for handling overrides. This fixes a panic that resulted from
  the comparison of uncomparable types

v0.64.0
This release contains a mix of features, a new builtin function
`json.marshal_with_options()`, performance improvements, and bugfixes.

### Breaking Change

#### Bootstrap configuration overrides Discovered configuration

Previously if Discovery was enabled, other features like bundle
downloading and status reporting could not be configured manually. The
reason for this was to prevent OPAs being deployed that could not be
controlled through discovery. It's possible that the system serving the
discovered config is unaware of all options locally available in OPA.
Hence, we relax the configuration check when discovery is enabled so
that the bootstrap configuration can contain plugin configurations. In
case of conflicts, the bootstrap configuration for plugins wins. These
local configuration overrides from the bootstrap configuration are
included in the Status API messages so that management systems can get
visibility into the local overrides.

In general, the bootstrap configuration overrides the discovered
configuration. Previously this was not the case for all configuration
fields. For example, if the discovered configuration changes the
`labels` section, only labels that are additional compared to the
bootstrap configuration are used, all other changes are ignored. This
implies labels in the bootstrap configuration override those in the
discovered configuration. But for fields such as `default_decision`,
`default_authorization_decision`, `nd_builtin_cache`, the discovered
configuration would override the bootstrap configuration. Now the
behavior is more consistent for the entire configuration and helps to
avoid accidental configuration errors.

### Add `rego_version` attribute to the bundle manifest

A new global `rego_version` attribute is added to the bundle manifest,
to inform the OPA runtime about what Rego version (`v0`/`v1`) to use
while parsing/compiling contained Rego files. There is also a new
`file_rego_versions` attribute which allows individual files to
override the global Rego version specified by `rego_version`.

When the version of the contained Rego is advertised by the bundle
through this attribute, it is not required to run OPA with the
`--v1-compatible` (or future `--v0-compatible`) flag in order to
correctly parse, compile and evaluate the bundle's modules.

A bundle's `rego_version` attribute takes precedence over any applied
`--v1-compatible`/`--v0-compatible` flag.
([#6578](https://github.com/open-policy-agent/opa/issues/6578))
authored by @johanfylling

v0.63.0
This release contains a mix of features, performance improvements, and
bugfixes.