Does Oathkeeper support K8S SRV records, e.g. http://_http-api-svc._tcp.app-service.ns.svc.cluster.local?

I use it in k8s w/o any problem

I keep on getting a timeout error... See any issues with my service?

Name:              app-service
Namespace:         showcase
Labels:            <http://app.kubernetes.io/managed-by=Helm|app.kubernetes.io/managed-by=Helm>
                   skaffold.dev/run-id=b16e7fe4-394d-4381-9e01-afea9de570a6
Annotations:       <http://meta.helm.sh/release-name|meta.helm.sh/release-name>: engine
                   <http://meta.helm.sh/release-namespace|meta.helm.sh/release-namespace>: default
Selector:          app=app
Type:              ClusterIP
IP Family Policy:  SingleStack
IP Families:       IPv4
IP:                10.96.20.229
IPs:               10.96.20.229
Port:              http-api-svc  1010/TCP
TargetPort:        1010/TCP
Endpoints:         10.244.0.96:1010
Port:              grpc-api-svc  1111/TCP
TargetPort:        1111/TCP
Endpoints:         10.244.0.96:1111
Session Affinity:  None
Events:            <none>

as I can see you have oathkeeper in front of GRPC service and this can be an issue

Oathkeeper doesnt proxy the GRPC service! It only proxies the HTTP service, e.g.

"upstream": {
          "preserve_host": true,
          "url": "<http://_http-api-svc>._tcp.app-service.showcase.svc.cluster.local",
          "strip_path": "/api/assessments"
        },

From what you copied, you didn't specify that http-api-svc is listening to port 1010, I'm assuming oathkeeper defaults to port 80 unless told otherwise in upstream.url

That is because I dont believe I should have to define the port if I use:

_http-api-svc._tcp

Because it will use the SRV record... I may be wrong, but I believe Oathkeeper may not be setting a host:host header which stops SRV from working?