From 6be27d9ed87fbcff76f13f19f7eef6e0656a9f9d Mon Sep 17 00:00:00 2001
From: Michael Thomson <mthomson@konradgroup.com>
Date: Fri, 24 Nov 2023 00:26:53 -0500
Subject: [PATCH] oidc fix for weave maybe?

---
 weave-gitops/helmrelease-weave-gitops.yaml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/weave-gitops/helmrelease-weave-gitops.yaml b/weave-gitops/helmrelease-weave-gitops.yaml
index 939aad1..778c9ce 100644
--- a/weave-gitops/helmrelease-weave-gitops.yaml
+++ b/weave-gitops/helmrelease-weave-gitops.yaml
@@ -35,7 +35,8 @@ spec:
     # -- What log level to output. Valid levels are 'debug', 'info', 'warn' and 'error'
     logLevel: info
     # -- Additional arguments to pass in to the gitops-server
-    additionalArgs: []
+    additionalArgs:
+    - --auth-methods=oidc
     # Any other environment variables:
     envVars:
       - name: WEAVE_GITOPS_FEATURE_TENANCY
@@ -78,7 +79,7 @@ spec:
       impersonationResources: ["users", "groups"]
       # -- If non-empty, this limits the secrets that can be accessed by
       # the service account to the specified ones, e.g. `['weave-gitops-enterprise-credentials']`
-      viewSecretsResourceNames: ["oidc-auth"]
+      viewSecretsResourceNames: ["cluster-user-auth", "oidc-auth"]
       # -- If non-empty, these additional rules will be appended to the RBAC role and the cluster role.
       # for example,
       # additionalRules: