Log Message:
opa: Update to 0.67.0

Changes:
v0.67.0
This release contains a mix of features, a new builtin function
(`strings.count`), performance improvements, and bugfixes.

### Breaking Change
#### Request Body Size Limits

OPA now automatically rejects very large requests.
Requests with a `Content-Length` larger than 128 MB uncompressed, and
gzipped requests with payloads that decompress to larger than 256 MB
will be rejected, as part of hardening OPA against denial-of-service
attacks. Previously, a large enough request could cause an OPA instance
to run out of memory in low-memory sidecar deployment scenarios, just
from attempting to read the request body into memory.

These changes allow improvements in memory usage for the OPA HTTP
server, and help OPA deployments avoid some accidental out-of-memory
situations.

For most users, no changes will be needed to continue using OPA.
However, to control this behavior, two new configuration keys are
available: `server.decoding.max_length` and
`server.decoding.gzip.max_length`. These control the max size in bytes
to allow for an incoming request payload, and the maximum size in bytes
to allow for a decompressed gzip request payload, respectively.