Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update docs to reflect OAuth client credentials may be used instead of an API key #150

Closed
passcod opened this issue May 25, 2023 · 6 comments
Closed

Update docs to reflect OAuth client credentials may be used instead of an API key #150

passcod opened this issue May 25, 2023 · 6 comments
Assignees
@guineveresaenger
Labels
kind/enhancement Improvements or new features resolution/fixed This issue was fixed

Comments

@passcod
Copy link

passcod commented May 25, 2023
edited
Loading

Hello!

  • Vote on this issue by adding a 👍 reaction
  • If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)

Issue details

Tailscale now supports (in beta) OAuth access which notably doesn't expire, and is tied to the tailnet, not a user. This would stop this provider needing its credentials rotated every 90 days!

Also would permanently solve #93 I think ;)

Affected area/feature
@passcod passcod added kind/enhancement Improvements or new features needs-triage Needs attention from the triage team labels May 25, 2023
@aq17 aq17 removed the needs-triage Needs attention from the triage team label May 25, 2023
@aq17
Copy link
Contributor

aq17 commented May 25, 2023

Thanks for the update @passcod ! Adding this to our project backlog.

@aq17 aq17 closed this as completed May 25, 2023
@aq17 aq17 reopened this May 25, 2023
@passcod
Copy link
Author

passcod commented May 26, 2023

Hmm, this should be supported already, as support landed in the terraform provider version 0.13.7. Indeed I can see this in the generated pulumi sdk code. So it might just work already, and only need documenting. I'll try it out later this weekend and report back.

@aq17
Copy link
Contributor

aq17 commented May 26, 2023

@passcod looks like you're correct – I'll change this issue to track updating our docs. Thanks for checking!

@aq17 aq17 changed the title Use OAuth client credentials instead of an API key Update docs to reflect OAuth client credentials may be used instead of an API key May 26, 2023
@passcod
Copy link
Author

passcod commented May 27, 2023

Can confirm setting tailscale:oauthClientId and tailscale:oauthClientSecret does work!

@guineveresaenger
Copy link
Contributor

Hi everyone -

looking into this further, it appears that we have a failed release run for v0.12.1: https://github.com/pulumi/pulumi-tailscale/actions/runs/4632658057 which means we don't need to update our docs; we just need to ensure that the publish step succeeds.

This was referenced Jun 5, 2023
Merged
Merged
Merged
@guineveresaenger guineveresaenger added the resolution/fixed This issue was fixed label Jun 6, 2023
@guineveresaenger
Copy link
Contributor

Hi @passcod - many thanks for the tip on OAuth clients 👍
Closing this as completed.

@guineveresaenger guineveresaenger self-assigned this Jun 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@guineveresaenger guineveresaenger

Labels
kind/enhancement Improvements or new features resolution/fixed This issue was fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@passcod @guineveresaenger @aq17