It seems you cannot enable headers mutator without config? Why is that? Maybe I am missing something, but I basically want to have different header config for different rules, and I just want to enable the mutator like such

mutators:
  noop:
    enabled: true
  header:
    enabled: true

Which fails

oathkeeper-1  | The configuration contains values or keys which are invalid:
oathkeeper-1  | mutators.header: map[enabled:true]
oathkeeper-1  |                  ^-- oneOf failed
oathkeeper-1  |
oathkeeper-1  | The configuration contains values or keys which are invalid:
oathkeeper-1  | mutators.header.config: <nil>
oathkeeper-1  |                         ^-- one or more required properties are missing
oathkeeper-1  |
oathkeeper-1  | The configuration contains values or keys which are invalid:
oathkeeper-1  | mutators.header.enabled: true
oathkeeper-1  |                          ^-- value must be false
oathkeeper-1  |

Why must I provide config if I'll provide it when I use the mutator in my rules?

oathkeeper does config validation in a poor order unfortunately, so we worked around this by setting a bunch of junk in our environment that we override in our rules to allow start-up to succeed

AUTHENTICATORS_NOOP_ENABLED=true

AUTHENTICATORS_OAUTH2_INTROSPECTION_ENABLED=true
AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_INTROSPECTION_URL=<http://example.com>

AUTHENTICATORS_BEARER_TOKEN_ENABLED=true
AUTHENTICATORS_BEARER_TOKEN_CONFIG_CHECK_SESSION_URL=<http://example.com>

AUTHENTICATORS_COOKIE_SESSION_ENABLED=true
AUTHENTICATORS_COOKIE_SESSION_CONFIG_CHECK_SESSION_URL=<http://example.com>

AUTHENTICATORS_JWT_ENABLED=true
AUTHENTICATORS_JWT_CONFIG_JWKS_URLS=<http://example.com>

AUTHORIZERS_ALLOW_ENABLED=true

MUTATORS_NOOP_ENABLED=true