webnet/tailscale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

client: allow the expiry time to be specified for new keys

Browse Source 
Adds a parameter for create key that allows a number of seconds
(less than 90) to be specified for new keys.

Fixes https://github.com/tailscale/tailscale/issues/7965

Signed-off-by: Matthew Brown <matthew@bargrove.com>
This commit is contained in:
Matt Brown
2023-05-12 06:05:18 +01:00
committed by GitHub
parent 85215ed58a
commit 9b6e48658f
4 changed files with 21 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cmd/k8s-operator/operator.go
+7 -3
View File
@@ -153,7 +153,9 @@ waitOnline:
},
},
}
authkey, _, err := tsClient.CreateKey(ctx, caps)
// zeroSeconds adopts the default expiration time.
zeroSeconds := time.Duration(0 * time.Second)
authkey, _, err := tsClient.CreateKey(ctx, caps, zeroSeconds)
if err != nil {
startlog.Fatalf("creating operator authkey: %v", err)
}
@@ -287,7 +289,7 @@ type ServiceReconciler struct {
}
type tsClient interface {
CreateKey(ctx context.Context, caps tailscale.KeyCapabilities) (string, *tailscale.Key, error)
CreateKey(ctx context.Context, caps tailscale.KeyCapabilities, expiry time.Duration) (string, *tailscale.Key, error)
DeleteDevice(ctx context.Context, id string) error
}
@@ -593,7 +595,9 @@ func (a *ServiceReconciler) newAuthKey(ctx context.Context, tags []string) (stri
},
},
}
key, _, err := a.tsClient.CreateKey(ctx, caps)
zeroDuration := time.Duration(0)
key, _, err := a.tsClient.CreateKey(ctx, caps, zeroDuration)
if err != nil {
return "", err
}