TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-07-30 07:43:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

cmd/containerboot: logic/fmt comments

Browse Source 
Change-Id: If06e5c13062c26b11c7e52c2828b91f44146cbb1
Signed-off-by: Tom Proctor <tomhjp@users.noreply.github.com>
This commit is contained in:
Tom Proctor 2025-07-07 11:52:42 +01:00
parent 969927c47c
commit ca91bcf6ef
1 changed files with 8 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
cmd/containerboot/main.go
View File

@ -347,12 +347,12 @@ authLoop:
if hasKubeStateStore(cfg) { if hasKubeStateStore(cfg) {
setErr := kc.setReissueAuthKey(bootCtx, tailscaledConfigAuthkey) setErr := kc.setReissueAuthKey(bootCtx, tailscaledConfigAuthkey)
if setErr != nil { if setErr != nil {
return fmt.Errorf("failed to set reissue_authkey in kube Secret after NeedsLogin state change: %w", setErr) return fmt.Errorf("failed to set reissue_authkey in Kubernetes Secret after NeedsLogin state change: %w", setErr)
} }
return fmt.Errorf("invalid state: tailscaled daemon started with a config file, but tailscale is not logged in; auth key reissue from operator requested") return errors.New("invalid state: tailscaled daemon started with a config file, but tailscale is not logged in; auth key reissue from operator requested")
} }
return fmt.Errorf("invalid state: tailscaled daemon started with a config file, but tailscale is not logged in: ensure you pass a valid auth key in the config file") return errors.New("invalid state: tailscaled daemon started with a config file, but tailscale is not logged in: ensure you pass a valid auth key in the config file")
} }
if err := authTailscale(); err != nil { if err := authTailscale(); err != nil {
return fmt.Errorf("failed to auth tailscale: %w", err) return fmt.Errorf("failed to auth tailscale: %w", err)
@ -380,9 +380,9 @@ authLoop:
if isOneStepConfig(cfg) && hasKubeStateStore(cfg) { if isOneStepConfig(cfg) && hasKubeStateStore(cfg) {
err := kc.setReissueAuthKey(bootCtx, tailscaledConfigAuthkey) err := kc.setReissueAuthKey(bootCtx, tailscaledConfigAuthkey)
if err != nil { if err != nil {
return fmt.Errorf("failed to set reissue_authkey in kube Secret after login state warning: %w", err) return fmt.Errorf("failed to set reissue_authkey in Kubernetes Secret after login state warning: %w", err)
} }
return fmt.Errorf("tailscaled failed to log in with the auth key from its config file; auth key reissue from operator requested") return errors.New("tailscaled failed to log in with the auth key from its config file; auth key reissue from operator requested")
} }
} }
} }
@ -411,9 +411,9 @@ authLoop:
// We were told to only auth once, so any secret-bound // We were told to only auth once, so any secret-bound
// authkey is no longer needed. We don't strictly need to // authkey is no longer needed. We don't strictly need to
// wipe it, but it's good hygiene. // wipe it, but it's good hygiene.
log.Printf("Deleting authkey from kube secret") log.Printf("Deleting authkey from Kubernetes Secret")
if err := kc.deleteAuthKey(ctx); err != nil { if err := kc.deleteAuthKey(ctx); err != nil {
return fmt.Errorf("deleting authkey from kube secret: %w", err) return fmt.Errorf("deleting authkey from Kubernetes Secret: %w", err)
} }
} }
@ -921,9 +921,7 @@ func runHTTPServer(mux *http.ServeMux, addr string) (close func() error) {
} }
func authkeyFromTailscaledConfig(path string) string { func authkeyFromTailscaledConfig(path string) string {
if cfg, err := conffile.Load(path); err != nil { if cfg, err := conffile.Load(path); err == nil && cfg.Parsed.AuthKey != nil {
return ""
} else if cfg.Parsed.AuthKey != nil {
return *cfg.Parsed.AuthKey return *cfg.Parsed.AuthKey
} }