-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
deprecate, remove {Node,PeerStatus}.Capabilities #11508
Comments
This arguments-in-string capability string now looks dated too: // CapabilityFunnelPorts specifies the ports that the Funnel is available on.
// The ports are specified as a comma-separated list of port numbers or port
// ranges (e.g. "80,443,8080-8090") in the ports query parameter.
// e.g. https://tailscale.com/cap/funnel-ports?ports=80,443,8080-8090
CapabilityFunnelPorts NodeCapability = "https://tailscale.com/cap/funnel-ports" We should probably convert that to a proper argument too. |
bradfitz
added a commit
that referenced
this issue
Mar 23, 2024
…es [capver 89] First we had Capabilities []string. Then https://tailscale.com/blog/acl-grants (#4217) brought CapMap, a superset of Capabilities. Except we never really finished the transition inside the codebase to go all-in on CapMap. This does so. Notably, this coverts Capabilities on the wire early to CapMap internally so the code can only deal in CapMap, even against an old control server. In the process, this removes PeerChange.Capabilities support, which no known control plane sent anyway. They can and should use PeerChange.CapMap instead. Updates #11508 Updates #4217 Change-Id: I872074e226b873f9a578d9603897b831d50b25d9 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
bradfitz
added a commit
that referenced
this issue
Mar 24, 2024
…es [capver 89] First we had Capabilities []string. Then https://tailscale.com/blog/acl-grants (#4217) brought CapMap, a superset of Capabilities. Except we never really finished the transition inside the codebase to go all-in on CapMap. This does so. Notably, this coverts Capabilities on the wire early to CapMap internally so the code can only deal in CapMap, even against an old control server. In the process, this removes PeerChange.Capabilities support, which no known control plane sent anyway. They can and should use PeerChange.CapMap instead. Updates #11508 Updates #4217 Change-Id: I872074e226b873f9a578d9603897b831d50b25d9 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
bradfitz
added a commit
that referenced
this issue
Mar 24, 2024
…es [capver 89] First we had Capabilities []string. Then https://tailscale.com/blog/acl-grants (#4217) brought CapMap, a superset of Capabilities. Except we never really finished the transition inside the codebase to go all-in on CapMap. This does so. Notably, this coverts Capabilities on the wire early to CapMap internally so the code can only deal in CapMap, even against an old control server. In the process, this removes PeerChange.Capabilities support, which no known control plane sent anyway. They can and should use PeerChange.CapMap instead. Updates #11508 Updates #4217 Change-Id: I872074e226b873f9a578d9603897b831d50b25d9 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
bradfitz
added a commit
that referenced
this issue
Mar 24, 2024
…es [capver 89] First we had Capabilities []string. Then https://tailscale.com/blog/acl-grants (#4217) brought CapMap, a superset of Capabilities. Except we never really finished the transition inside the codebase to go all-in on CapMap. This does so. Notably, this coverts Capabilities on the wire early to CapMap internally so the code can only deal in CapMap, even against an old control server. In the process, this removes PeerChange.Capabilities support, which no known control plane sent anyway. They can and should use PeerChange.CapMap instead. Updates #11508 Updates #4217 Change-Id: I872074e226b873f9a578d9603897b831d50b25d9 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
bradfitz
added a commit
that referenced
this issue
Mar 25, 2024
…es [capver 89] First we had Capabilities []string. Then https://tailscale.com/blog/acl-grants (#4217) brought CapMap, a superset of Capabilities. Except we never really finished the transition inside the codebase to go all-in on CapMap. This does so. Notably, this coverts Capabilities on the wire early to CapMap internally so the code can only deal in CapMap, even against an old control server. In the process, this removes PeerChange.Capabilities support, which no known control plane sent anyway. They can and should use PeerChange.CapMap instead. Updates #11508 Updates #4217 Change-Id: I872074e226b873f9a578d9603897b831d50b25d9 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
sailorfrag
pushed a commit
that referenced
this issue
Apr 16, 2024
Updates tailscale/corp#17516 Updates #11508 Change-Id: Iad2dafb38ffb9948bc2f3dfaf9c268f7d772cf56 Signed-off-by: Adrian Dewhurst <adrian@tailscale.com>
sailorfrag
added a commit
that referenced
this issue
Apr 16, 2024
Updates tailscale/corp#17516 Updates #11508 Change-Id: Iad2dafb38ffb9948bc2f3dfaf9c268f7d772cf56 Signed-off-by: Adrian Dewhurst <adrian@tailscale.com>
sailorfrag
added a commit
that referenced
this issue
Apr 16, 2024
Updates tailscale/corp#17516 Updates #11508 Change-Id: Iad2dafb38ffb9948bc2f3dfaf9c268f7d772cf56 Signed-off-by: Adrian Dewhurst <adrian@tailscale.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We're deprecating Node.Capabilities (a
[]string
) in favor of the more expressive Node.CapMap (a map from those same strings, but to zero or more values associated with that capability). (see https://tailscale.com/blog/acl-grants)One place this shows up is
tailscale status --json
which has both forms.We're going to remove the old
Capabilities []string
in 6 months or so. In the meantime the two will mirror each other, with the older form just lacking arguments./cc @maisem
The text was updated successfully, but these errors were encountered: