chore(deps): update openpolicyagent/opa docker tag to v0.70.0 (#2372)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[openpolicyagent/opa](https://images.chainguard.dev/directory/image/glibc-dynamic/overview)
([source](https://redirect.github.com/open-policy-agent/opa)) | minor |
`0.69.0-static` -> `0.70.0-static` |

---

### Release Notes

<details>
<summary>open-policy-agent/opa (openpolicyagent/opa)</summary>

###
[`v0.70.0`](https://redirect.github.com/open-policy-agent/opa/blob/HEAD/CHANGELOG.md#0700)

[Compare
Source](https://redirect.github.com/open-policy-agent/opa/compare/v0.69.0...v0.70.0)

This release contains a mix of features, performance improvements, and
bugfixes.

##### Optimized read mode for OPA's in-memory store
([#&#8203;7125](https://redirect.github.com/open-policy-agent/opa/pull/7125))

A new optimized read mode has been added to the default in-memory store,
where data written to the store is eagerly converted
to AST values (the data format used during evaluation). This removes the
time spent converting raw data values to AST
during policy evaluation, thereby improving performance.

The memory footprint of the store will increase, as processed AST values
generally take up more space in memory than the
corresponding raw data values, but overall memory usage of OPA might
remain more stable over time, as pre-converted data
is shared across evaluations and isn't recomputed for each evaluation,
which can cause spikes in memory usage.

This mode can be enabled for `opa run`, `opa eval`, and `opa bench` by
setting the `--optimize-store-for-read-speed` flag.

More information about this feature can be found
[here](https://www.openpolicyagent.org/docs/v0.70.0/policy-performance/#storage-optimization).

Co-authored by
[@&#8203;johanfylling](https://redirect.github.com/johanfylling) and
[@&#8203;ashutosh-narkar](https://redirect.github.com/ashutosh-narkar).

##### Topdown and Rego

- topdown: Use new Inter-Query Value Cache for `json.match_schema`
built-in function
([#&#8203;7011](https://redirect.github.com/open-policy-agent/opa/issues/7011))
authored by
[@&#8203;anderseknert](https://redirect.github.com/anderseknert)
reported by [@&#8203;lcarva](https://redirect.github.com/lcarva)
- ast: Fix location text attribute for multi-value rules with generated
body
([#&#8203;7128](https://redirect.github.com/open-policy-agent/opa/issues/7128))
authored by
[@&#8203;anderseknert](https://redirect.github.com/anderseknert)
- ast: Fix regression in `opa check` where a file that referenced
non-provided schemas failed validation
([#&#8203;7124](https://redirect.github.com/open-policy-agent/opa/pull/7124))
authored by [@&#8203;tjons](https://redirect.github.com/tjons)
- test/cases/testdata: Fix bug in test by replacing unification by
explicit equality check
([#&#8203;7093](https://redirect.github.com/open-policy-agent/opa/pull/7093))
authored by [@&#8203;matajoh](https://redirect.github.com/matajoh)
- ast: Replace use of yaml.v2 library with yaml.v3. The earlier version
would parse `yes`/`no` values as boolean. The usage of yaml.v2 in the
parser was unintentional and now has been updated to yaml.v3
([#&#8203;7090](https://redirect.github.com/open-policy-agent/opa/issues/7090))
authored by
[@&#8203;anderseknert](https://redirect.github.com/anderseknert)

##### Runtime, Tooling, SDK

- cmd: Make `opa check` respect `--ignore` when `--bundle` flag is set
([#&#8203;7136](https://redirect.github.com/open-policy-agent/opa/issues/7136))
authored by
[@&#8203;anderseknert](https://redirect.github.com/anderseknert)
- server/writer: Properly handle result encoding errors which earlier on
failure would emit logs such as `superfluous call to WriteHeader()`
while still returning `200` HTTP status code. Now, errors encoding the
payload properly lead to `500` HTTP status code, without extra logs.
Also use Header().Set() not Header().Add() to avoid duplicate
content-type headers
([#&#8203;7114](https://redirect.github.com/open-policy-agent/opa/pull/7114))
authored by [@&#8203;srenatus](https://redirect.github.com/srenatus)
- cmd: Support `file://` format for TLS key material file flags in `opa
run`
([#&#8203;7094](https://redirect.github.com/open-policy-agent/opa/pull/7094))
authored by
[@&#8203;alexrohozneanu](https://redirect.github.com/alexrohozneanu)
- plugins/rest/azure: Support managed identity for App Service /
Container Apps
([#&#8203;7085](https://redirect.github.com/open-policy-agent/opa/issues/7085))
reported and authored by
[@&#8203;apc-kamezaki](https://redirect.github.com/apc-kamezaki)
- debug: Fix step-over behaviour when exiting partial rules
([#&#8203;7096](https://redirect.github.com/open-policy-agent/opa/pull/7096))
authored by
[@&#8203;johanfylling](https://redirect.github.com/johanfylling)
- util+plugins: Fix potential memory leaks with explicit timer
cancellation
([#&#8203;7089](https://redirect.github.com/open-policy-agent/opa/pull/7089))
authored by
[@&#8203;philipaconrad](https://redirect.github.com/philipaconrad)

##### Docs, Website, Ecosystem

- docs: Fix OCI example with updated flag used by the ORAS CLI
([#&#8203;7130](https://redirect.github.com/open-policy-agent/opa/pull/7130))
authored by [@&#8203;b3n3d17](https://redirect.github.com/b3n3d17)
- docs: Delete Atom editor from supported editor integrations
([#&#8203;7111](https://redirect.github.com/open-policy-agent/opa/pull/7111))
authored by
[@&#8203;KaranbirSingh7](https://redirect.github.com/KaranbirSingh7)
- docs/website: Add Styra OPA ASP.NET Core SDK integration
([#&#8203;7073](https://redirect.github.com/open-policy-agent/opa/pull/7073))
authored by
[@&#8203;philipaconrad](https://redirect.github.com/philipaconrad)
- docs/website: Update compatibility information on the rego-cpp
integration
([#&#8203;7078](https://redirect.github.com/open-policy-agent/opa/pull/7078))
authored by [@&#8203;matajoh](https://redirect.github.com/matajoh)

##### Miscellaneous

-   Dependency updates; notably:
- build(deps): bump github.com/containerd/containerd from 1.7.22 to
1.7.23
- build(deps): bump github.com/prometheus/client_golang from 1.20.4 to
1.20.5
    -   build(deps): bump golang.org/x/net from 0.29.0 to 0.30.0
    -   build(deps): bump golang.org/x/time from 0.6.0 to 0.7.0
    -   build(deps): bump google.golang.org/grpc from 1.67.0 to 1.67.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/infonl/dimpact-zaakafhandelcomponent).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS45Mi4wIiwidXBkYXRlZEluVmVyIjoiMzkuOTIuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: infonl-marcel <82890006+infonl-marcel@users.noreply.github.com>

helm/values.yaml

@@ -261,7 +261,7 @@ opa:
     annotations: {}
   image:
     repository: openpolicyagent/opa
-    tag: "0.69.0-static@sha256:eeba593a37823cd086b3e41f5b24da4bb0876d1a843776ae7792a68a0a950cc7"
+    tag: "0.70.0-static@sha256:5679cbbedd1908063b7a68e8af28e662dce4ae3e069b4b5459531b141c6b6ff0"
     pullPolicy: IfNotPresent
   # The settings below will be ignored when running as a sidecar (the zac values will be used instead)
   autoscaling: