diff --git a/cluster-scope/overlays/nerc-ocp-obs/externalsecrets/github-client-secret.yaml b/cluster-scope/overlays/nerc-ocp-obs/externalsecrets/github-client-secret.yaml
deleted file mode 100644
index 194b925c..00000000
--- a/cluster-scope/overlays/nerc-ocp-obs/externalsecrets/github-client-secret.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: github-client-secret
-  namespace: openshift-config
-spec:
-  secretStoreRef:
-    name: nerc-cluster-secrets
-    kind: ClusterSecretStore
-  target:
-    name: github-client-secret
-    template:
-      metadata:
-        labels: {}
-  data:
-  - secretKey: clientSecret
-    remoteRef:
-      key: nerc/nerc-ocp-obs/openshift-config/github-client-secret
-      property: clientSecret
diff --git a/cluster-scope/overlays/nerc-ocp-obs/kustomization.yaml b/cluster-scope/overlays/nerc-ocp-obs/kustomization.yaml
index bbfd2851..85ec78b3 100644
--- a/cluster-scope/overlays/nerc-ocp-obs/kustomization.yaml
+++ b/cluster-scope/overlays/nerc-ocp-obs/kustomization.yaml
@@ -7,7 +7,9 @@ resources:
 - ../common
 - ../../bundles/node-feature-discovery
 - ../../base/core/namespaces/openshift-gitops
+- ../../base/rbac.authorization.k8s.io/clusterroles/allow-edit-rbac
 - clusterversion.yaml
+- externalsecrets
 - secretstores
 
 components:
@@ -53,13 +55,6 @@ patches:
             - ocp-on-nerc/nerc-ops
             - ocp-on-nerc/nerc-logs-metrics
             - ocp-on-nerc/nerc-obs-admins
-- target:
-    kind: ExternalSecret
-    name: oauths-clientsecret-nerc
-  patch: |
-    - op: replace
-      path: /spec/data/0/remoteRef/key
-      value: nerc/nerc-ocp-obs/openshift-config/oauths-clientsecret-nerc
 - target:
     kind: ExternalSecret
     name: aws-route53-credentials