feat: support client verify for derp (add integration tests)#2046
Conversation
ArcticLampyrid
requested review from
juanfont,
kradalby and
ohdearaugustin
as code owners
|
Thank you very much for your work! I have been a bit busy lately, and it would be great if you could help push this matter forward. |
|
Rebased onto main. Can you give a review? |
|
Im away traveling, but ill get back to it in a few weeks when im back. |
|
Very very useful future 👍 Eliminates the need to create Tailscale clients for every derper server I build. |
|
This looks in general good, some comments, and a couple of failing tests to check out. Thanks! |
|
Thank you, given passing tests this should be good to go |
|
I believe this PR is ready for review and merging. The failures in the checks seem unrelated to the changes introduced in this PR. Specifically:
Please let me know if there's anything further needed. |
|
Since its DERP related, tho I agree it's not related, I would prefer having a pr to fix the failing tests first so we can have this one passing clean. I might be able to get to it this week, but if you have the opportunity that would be appreciated, or @enoperm who I introduced the websocket stuff |
|
Okay... at glance I'm not sure how to fix it without either a custom client (compiled with On the other hand, I specifically put work into being able to detect this exact scenario (behaviour of the client-under-test changing) in spite of the interface (env var). Seeing it turn red, it feels like it was worth the effort. :) |
|
moved discussion to: #2241 |
5 participants
Fixes #1953
By implementing
/verifyendpoint, derper can verify whether the client is in the node list of Headscale by specifying the--verify-client-urlparameter to/verifyin Headscale.This is a continued work on PR #1957, which includes integration testing to meet Headscale's merge requirements.
I am willing to participate in updating the related documentation and change logs, if needed. (Of course, I believe @117503445 is also willing)