manifests icon indicating copy to clipboard operation
manifests copied to clipboard
verified publisher icon oauth2-proxy

Architectural problems with the alpha secret

Open EvanCarroll opened this issue 8 months ago • 1 comments

I think the -oauth2-proxy-alpha has a couple of questionable design decisions

I don't understand why we're storing the secret for alphaAuth as b64. Why not just store it as yaml? It makes sense when you're storing toml. But it doesn't make sense when the actual file is yaml. If it's valid yaml to begin with we don't have to worry about it not being valid yaml there.

I don't think we write out one file with all the secrets.. These should be mapped to environmental variables instead. Atleast the clientIds, and clientSecrets.

EvanCarroll avatar Apr 27 '25 05:04 EvanCarroll

@tuunit, isn't this a question about the software more than the chart? Shouldn't it be moved to the other repo?

pierluigilenoci avatar Aug 19 '25 08:08 pierluigilenoci

There is a project to refactor alphaConfig, which should resolve all related issues. I would appreciate your patience.

Ref:

  • https://github.com/oauth2-proxy/manifests/issues/226
  • https://github.com/oauth2-proxy/manifests/issues/302
  • https://github.com/oauth2-proxy/manifests/issues/311

pierluigilenoci avatar Nov 27 '25 10:11 pierluigilenoci