Hi #oathkeeper I am facing the following issue when deployed using Helm Chart

unable to update access rules from given location, changes will be ignored. Check the configuration or restart the service if the issue persists.  audience=application error=map[message:No Major.Minor.Patch elements found] file=access-rule-1.json service_name=ORY Oathkeeper service_version=v0.38.23-beta.1

<< Same goes with Pastebin url which is publicly accesible and base64 encoded rules string Here is the values.yaml file I am using

oathkeeper:
  config:
    serve:
      proxy:
        port: 4455
      api:
        port: 4456
    access_rules:
      repositories:
        - <file://access-rule-1.json>
        - <https://pastebin.com/raw/zPu0JHqv>
      matching_strategy: regexp
  mutatorIdTokenJWKs: {}

My Sample Access Rule is as follows

[
  {
    "id": "asd2",
    "version": "v0.1",
    "upstream": {
      "url": "<https://httpbin.org/get>",
      "preserve_host": true
    },
    "match": {
      "url": "<http://127.0.0.1:4455/get>",
      "methods": ["GET", "POST"]
    }
  }
]

Kindly let me know if there’s any more information needed

Hello @User Could you repost this in #self-hosted? I think this is mostly an issue with helm configuration and the k8s wizards are all residing in that channel 😋

For sure

Hello @User What cloud provider do you use?

I am using AWS, and I am trying to use Public URLs and inline (base64 encoded) for the Access Rules Can this be linked to the Cloud Provider?

I think that

access-rule-1.json

does not exist in your deployed container. As a solution you can try to store it in private s3 bucket and pass to the configuration using

repositories:
  - <s3://bucket_name/access-rule.json>
  - <s3://bucket_name/access-rule.json>

I have tried uploading a json file on S3 which is publicly accessible and used it haven’t tried with S3 specific settings

I see

[
  {
    "id": "1",
    "version": "v0.1",
    "upstream": {
      "url": "<https://httpbin.org/get>",
      "preserve_host": true
    },
    "match": {
      "url": "<http://127.0.0.1:4455/get>",
      "methods": ["GET", "POST"]
    },
    "authenticators": [{ "handler": "noop" }],
    "authorizer": { "handler": "allow" },
    "mutators": [{ "handler": "noop" }],
    "errors": [{ "handler": "json" }]
  }
]

I’m using this @User

version

uses semver to support versioning. You need to have

vx.y.z

format

Given a version number MAJOR.MINOR.PATCH, increment the:

MAJOR version when you make incompatible API changes,
MINOR version when you add functionality in a backwards compatible manner, and
PATCH version when you make backwards compatible bug fixes.
Additional labels for pre-release and build metadata are available as extensions to the MAJOR.MINOR.PATCH format.

Yeah Figured it out

Changing version value

v0.1.2

solved issue

Thanks for the Reply

Thanks for pointing this out. I’ll update documentation for oathkeeper

[
  {
    "id": "1",
    "version": "0.0.1",
    "upstream": {
      "url": "<https://httpbin.org>",
      "preserve_host": true
    },
    "match": {
      "url": "<http://127.0.0.1:4455/get>",
      "methods": ["GET", "POST"]
    },
    "authenticators": [{ "handler": "noop" }],
    "authorizer": { "handler": "allow" },
    "mutators": [{ "handler": "noop" }],
    "errors": [{ "handler": "json" }]
  },
  {
    "id": "2",
    "version": "0.0.1",
    "upstream": {
      "url": "<https://httpbin.org>",
      "preserve_host": true
    },
    "match": {
      "url": "<http://127.0.0.1:4455/stream/><.*>",
      "methods": ["GET", "POST"]
    },
    "authenticators": [{ "handler": "oauth2_introspection"}],
    "authorizer": { "handler": "allow" },
    "mutators": [{ "handler": "noop" }],
    "errors": [{ "handler": "json" }]
  }
]

I’m using this now and it’s Working like a charm

Could you please create an issue for that?

Sure