Add command to force tags on nodes and list tags #558
Conversation
Also change ID in proto for ForcedTags since the previous ID's should be reserved for commented fields
machine.go
Outdated
| validTagMap := make(map[string]bool) | ||
| invalidTagMap := make(map[string]bool) | ||
| for _, tag := range machine.HostInfo.RequestTags { | ||
| owners, err := expandTagOwners(aclPolicy, tag, stripEmailDomain) |
There was a problem hiding this comment.
This whole part of the invalidTagMap really confuses me, and I cant really test what happens from the tests, could you try to elaborate?
There was a problem hiding this comment.
What is bothering you ? The fact that I use a map or the concept of invalidTags ? I'm using a map to remove duplicated tags at insertion. It is possible for a machine to have multiple times the same tag (declared in tailscale up).
There was a problem hiding this comment.
It doesnt necessary bother me, I just dont think I understand, what is an invalid and what is a valid?
There was a problem hiding this comment.
Right, so an invalid tag is a tag added by a user that does'nt have permission to add tags. If joe (a simple user) can setup his computer to be a server (just because he is root on his laptop and added --advertise-tags=tag:server), then he can talk to the database directly even if he should not. So the validation of the tags are made with the TagOwners in the ACL file. The documentation of this feature has not been made yet. It seems necessary.
There was a problem hiding this comment.
I feel that we need to explain this somewhere. Do you have any good location for this ?
There was a problem hiding this comment.
hmm, maybe in the signature of the function 🤔
|
And we will want some integration tests |
Execute command doesn't fail, the result is passed in json content.
machine.go
Outdated
| validTagMap := make(map[string]bool) | ||
| invalidTagMap := make(map[string]bool) | ||
| for _, tag := range machine.HostInfo.RequestTags { | ||
| owners, err := expandTagOwners(aclPolicy, tag, stripEmailDomain) |
There was a problem hiding this comment.
hmm, maybe in the signature of the function 🤔
…scale into feat-list-tags-of-machines
When running in CI, I obtained the following error: ``` Running [/home/runner/golangci-lint-1.41.0-linux-amd64/golangci-lint run --out-format=github-actions --new-from-patch=/tmp/tmp-1795-28vaWZek2jfM/pull.patch --new=false --new-from-rev=] in [] ... level=error msg="Running error: unknown linters: 'ireturn,maintidx', run 'golangci-lint linters' to see the list of supported linters" ```
restanrm
force-pushed
the
feat-list-tags-of-machines
branch
from
3000742 to
1158210
Compare
|
Let's merge this, but can you open a pr or issue with the golang ci snippets that's removed to we can debug that separately ? I don't want to remove it, but we can remove and then add it back in. |
You mean the version pinning in the GithubAction and the ignored linters ? |
This one |
|
oh, ok it didn't work anyway… |
|
Can someone please share exact command for listing nodes? Gives me nodes list but not the tags. Tried few others like headscale nodes tag list but did not work either. |
|
|
This PR will fix #356 and fix #525
Work to be done before finalisation of this PR
tag:prefix)this means that we should define a way to return errors in the protobuf. Should we define status and message ?
containsfunctionupdateDBMachinetoUpdateTags