VMauth: failed to parse auth config: missing url_prefix or url_map

[tropnikovvl]

Hi, my config looks like this (this is generated by the operator).

users:
- url_prefix:
  - http://vmsingle-vms-victoria-metrics-k8s-stack.vms.svc:8429
  username: user
  password: pass
unauthorized_user:
  url_map:
  - src_paths:
    - /metrics
    url_prefix:
    - http://vmsingle-vms-victoria-metrics-k8s-stack.vms.svc.cluster.local.:8429/
  discover_backend_ips: true

When I remove unauthorized_user map, I get an error
vmauth 2024-11-25T10:11:45.690Z fatal VictoriaMetrics/app/vmauth/auth_config.go:602 cannot load auth config: failed to pars -auth.config="/opt/vmauth/config.yaml": failed to parse auth config: missing "url_prefix" or "url_map"

It seems that the operator does not add the paths from the CR to the configuration or am I doing something wrong?

extraObjects:
- kind: VMUser
  apiVersion: operator.victoriametrics.com/v1beta1
  metadata:
    name: user
    namespace: vms
 # https://docs.victoriametrics.com/operator/api/index.html#vmuserspec
  spec:
    username: user
    password: pass
    targetRefs:
      - crd:
          kind: VMSingle
          name: vms-victoria-metrics-k8s-stack
          namespace: vms
        paths: ["/.*"]

In general, I want to completely remove section unauthorized_user and prohibit unauthorized access to all VM components

[f41gh7]

Looks like there is a problem with discover_backend_ips: true and any other options defined globally for unauthorizedConfig. It generate incorrect configuration.

Current workaround is to remove discover_backend_ips definition from helm chart spec.

[f41gh7]

Related issue #1168