webnet/tailscale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

cmd,feature: add identity token auto generation for workload identity (#18373)

Browse Source 
Adds the ability to detect what provider the client is running on and tries fetch the ID token to use with Workload Identity.

Updates https://github.com/tailscale/corp/issues/33316

Signed-off-by: Danni Popova <danni@tailscale.com>
This commit is contained in:
Danni Popova
2026-01-14 15:00:59 +00:00
committed by GitHub
parent 58042e2de3
commit 6a6aa805d6
18 changed files with 592 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tsnet/tsnet.go
+1 -1
View File
@@ -811,7 +811,7 @@ func (s *Server) resolveAuthKey() (string, error) {
if clientID == "" && idToken != "" {
return "", fmt.Errorf("ID token for workload identity federation found, but client ID is empty")
}
authKey, err = resolveViaWIF(s.shutdownCtx, s.ControlURL, clientID, idToken, s.AdvertiseTags)
authKey, err = resolveViaWIF(s.shutdownCtx, s.ControlURL, clientID, idToken, "", s.AdvertiseTags)
if err != nil {
return "", err
}