From 0966a301b0a686648351376bee75083fcf1ee69a Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Wed, 2 Feb 2022 20:51:03 +0100
Subject: [PATCH] fix(oauth): Fix proxy secret

The proxy secret wasn't generated properly, it has to be base64 encoded.
Therefore the following command is recommended:

```shell
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1 | base64
```

References:
https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/overview#generating-a-cookie-secret
---
 clusters/k8s01/monitoring/oauth2.yaml | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/clusters/k8s01/monitoring/oauth2.yaml b/clusters/k8s01/monitoring/oauth2.yaml
index 4c4056424..9ebeb8f9a 100644
--- a/clusters/k8s01/monitoring/oauth2.yaml
+++ b/clusters/k8s01/monitoring/oauth2.yaml
@@ -12,8 +12,8 @@ sops:
     azure_kv: []
     hc_vault: []
     age: []
-    lastmodified: "2022-02-02T19:45:12Z"
-    mac: ENC[AES256_GCM,data:EAj6rLRoYG2ws04G/avfzdr7H2Kv332spObfaiV9i7U/KIKG+tyhUGDIQi0EBJgB1+O6wqiD2dKAjNTZujtTernJhUAJu2U9zv7PxkuYYWnb7Zqt9zUT/RGJaQ1HyogjHPU5fahAxMuKKF1hprMXYXPakM4+jcBGGq0Naf0tO3s=,iv:06Czv/7fUDZWbt3Jq/1nrp7a2HGAOpZ1w8jN08g3niU=,tag:0CVJ1oDb9DBh5ZFpvS2k/A==,type:str]
+    lastmodified: "2022-02-02T19:50:54Z"
+    mac: ENC[AES256_GCM,data:1l0TSf7daiXIr2lVZwlH0d2ky6QtQseEqrm0EQ1HPwD+u0ilHGs0FAAqTXlO36dZrDoBPKQ3PZlp1Z6uokDrGnxA+ueG8dUm1ssHupSjGd6bhwhaBVi+h4iF8H7KRBRiqV6QRlgQNrd0Mkr0r59ibggGSe/FIcvfCAaiZxZgAhs=,iv:dj5cXgo4VGjZ46RA/crr7CluF5ArbBDC1NGQ9pCD4Zk=,tag:eyj74HOWdouzJUF7Vos1aw==,type:str]
     pgp:
         - created_at: "2022-01-22T04:06:16Z"
           enc: |-
@@ -82,7 +82,7 @@ spec:
         config:
             clientID: monitoring-k8s01
             clientSecret: ENC[AES256_GCM,data:O9p9U9nOib+ozArhJilHlczHbl5j0Jh9kfXADP9bwrE=,iv:NcR7lQjDvzyYc7Eqmrco98tl32yCLsh6wXrU80DXGtk=,tag:iSMD+x+ffRUyCQtllTjFsg==,type:str]
-            cookieSecret: ENC[AES256_GCM,data:lHOpXWk/ngEwpoY9c4zdVV8MGjsrzqwOeHSAg6KpjUlVfQpKYolE7Q==,iv:5L2xO2Pvz6RcmsoRsEEeUa3L+eZ0va9e6DZA5gJ5uYk=,tag:xFul8ji1TFjVf+ycmxbLiQ==,type:str]
+            cookieSecret: ENC[AES256_GCM,data:Mjr68r6psoHCjI1wGp9UXZBijwGd2i0ZRPnR3oPD/Kj2pE/0dGexo4Zig6k=,iv:TtrBApSydnkJUbMp0nuHRBY+79mDbTDWeRAt5wrfw2M=,tag:XWQgYnvcNmOD8+cBUVbF0g==,type:str]
         extraArgs:
             provider: keycloak-oidc
             provider-display-name: SI-Auth
@@ -126,8 +126,8 @@ sops:
     azure_kv: []
     hc_vault: []
     age: []
-    lastmodified: "2022-02-02T19:45:12Z"
-    mac: ENC[AES256_GCM,data:EAj6rLRoYG2ws04G/avfzdr7H2Kv332spObfaiV9i7U/KIKG+tyhUGDIQi0EBJgB1+O6wqiD2dKAjNTZujtTernJhUAJu2U9zv7PxkuYYWnb7Zqt9zUT/RGJaQ1HyogjHPU5fahAxMuKKF1hprMXYXPakM4+jcBGGq0Naf0tO3s=,iv:06Czv/7fUDZWbt3Jq/1nrp7a2HGAOpZ1w8jN08g3niU=,tag:0CVJ1oDb9DBh5ZFpvS2k/A==,type:str]
+    lastmodified: "2022-02-02T19:50:54Z"
+    mac: ENC[AES256_GCM,data:1l0TSf7daiXIr2lVZwlH0d2ky6QtQseEqrm0EQ1HPwD+u0ilHGs0FAAqTXlO36dZrDoBPKQ3PZlp1Z6uokDrGnxA+ueG8dUm1ssHupSjGd6bhwhaBVi+h4iF8H7KRBRiqV6QRlgQNrd0Mkr0r59ibggGSe/FIcvfCAaiZxZgAhs=,iv:dj5cXgo4VGjZ46RA/crr7CluF5ArbBDC1NGQ9pCD4Zk=,tag:eyj74HOWdouzJUF7Vos1aw==,type:str]
     pgp:
         - created_at: "2022-01-22T04:06:16Z"
           enc: |-
@@ -193,8 +193,8 @@ sops:
     azure_kv: []
     hc_vault: []
     age: []
-    lastmodified: "2022-02-02T19:45:12Z"
-    mac: ENC[AES256_GCM,data:EAj6rLRoYG2ws04G/avfzdr7H2Kv332spObfaiV9i7U/KIKG+tyhUGDIQi0EBJgB1+O6wqiD2dKAjNTZujtTernJhUAJu2U9zv7PxkuYYWnb7Zqt9zUT/RGJaQ1HyogjHPU5fahAxMuKKF1hprMXYXPakM4+jcBGGq0Naf0tO3s=,iv:06Czv/7fUDZWbt3Jq/1nrp7a2HGAOpZ1w8jN08g3niU=,tag:0CVJ1oDb9DBh5ZFpvS2k/A==,type:str]
+    lastmodified: "2022-02-02T19:50:54Z"
+    mac: ENC[AES256_GCM,data:1l0TSf7daiXIr2lVZwlH0d2ky6QtQseEqrm0EQ1HPwD+u0ilHGs0FAAqTXlO36dZrDoBPKQ3PZlp1Z6uokDrGnxA+ueG8dUm1ssHupSjGd6bhwhaBVi+h4iF8H7KRBRiqV6QRlgQNrd0Mkr0r59ibggGSe/FIcvfCAaiZxZgAhs=,iv:dj5cXgo4VGjZ46RA/crr7CluF5ArbBDC1NGQ9pCD4Zk=,tag:eyj74HOWdouzJUF7Vos1aw==,type:str]
     pgp:
         - created_at: "2022-01-22T04:06:16Z"
           enc: |-
-- 
GitLab