feat: implement external secret resolver for L7 network policies

[tatsuya-ogawa]

Summary

Currently, the OpenShell sandbox's L7 relay only supports static secrets or environment variable placeholders resolved at startup. To support environments where secrets are dynamic or managed by external systems (e.g., rotating tokens, vault services, or identity-based access), a more flexible resolution mechanism is required.

This PR introduces the External Resolver, allowing the sandbox to fetch credentials on-demand from an HTTP endpoint right before relaying a request to an upstream provider. This enhances security by moving secret management out of the sandbox configuration and into dedicated infrastructure.

Related Issue

#538

Changes

• Protobuf & Policy Schema: Added ExternalResolver configuration to NetworkEndpoint in sandbox.proto and updated openshell-policy to support YAML parsing for the new fields (url, method, header, response_path, body_template).
• Dynamic Secret Resolution: Implemented resolve_external_secret in openshell-sandbox. The L7 relay can now perform an out-of-band HTTP request to a resolver service and extract credentials using JSON paths.
  Header Injection: Updated the REST protocol provider to inject resolved secrets into specific request headers (e.g., Authorization: Bearer ) based on the resolver's instructions.
• OPA Engine Updates: Enhanced the OPA data preprocessing to include external resolver metadata, ensuring consistent policy enforcement.
• Documentation: Updated architecture documents (sandbox.md, security-policy.md) and user-facing schema references to reflect the new capabilities.

Testing

• mise run pre-commit passes
• Unit tests added/updated
• E2E tests added/updated (if applicable)

Checklist

• Follows Conventional Commits
• Commits are signed off (DCO)
• Architecture docs updated (if applicable)

[github-actions]

Thank you for your interest in contributing to OpenShell, @tatsuya-ogawa.

This project uses a vouch system for first-time contributors. Before submitting a pull request, you need to be vouched by a maintainer.

To get vouched:

1. Open a Vouch Request discussion.
2. Describe what you want to change and why.
3. Write in your own words — do not have an AI generate the request.
4. A maintainer will comment /vouch if approved.
5. Once vouched, open a new PR (preferred) or reopen this one after a few minutes.

See CONTRIBUTING.md for details.

[github-actions]

Thank you for your submission! We ask that you sign our Developer Certificate of Origin before we can accept your contribution. You can sign the DCO by adding a comment below using this text:

---

I have read the DCO document and I hereby sign the DCO.

---

_{You can retrigger this bot by commenting recheck in this Pull Request. Posted by the DCO Assistant Lite bot.}