From f8673929708cbb535553e988eaf2b30c046a953b Mon Sep 17 00:00:00 2001
From: David Anderson <danderson@tailscale.com>
Date: Sat, 18 Nov 2023 14:40:13 -0800
Subject: [PATCH] cmd/tailscale/cli: add debug function to print the netmap

It's possible to do this with a combination of watch-ipn and jq, but looking
at the netmap while debugging is quite common, so it's nice to have a one-shot
command to get it.

Updates #cleanup

Signed-off-by: David Anderson <danderson@tailscale.com>
---
 cmd/tailscale/cli/debug.go | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

diff --git a/cmd/tailscale/cli/debug.go b/cmd/tailscale/cli/debug.go
index 5a2f53b49..0cd0d8368 100644
--- a/cmd/tailscale/cli/debug.go
+++ b/cmd/tailscale/cli/debug.go
@@ -193,6 +193,16 @@
 				return fs
 			})(),
 		},
+		{
+			Name:      "netmap",
+			Exec:      runNetmap,
+			ShortHelp: "print the current network map",
+			FlagSet: (func() *flag.FlagSet {
+				fs := newFlagSet("netmap")
+				fs.BoolVar(&netmapArgs.showPrivateKey, "show-private-key", false, "include node private key in printed netmap")
+				return fs
+			})(),
+		},
 		{
 			Name:      "via",
 			Exec:      runVia,
@@ -448,6 +458,33 @@ func runWatchIPN(ctx context.Context, args []string) error {
 	return nil
 }
 
+var netmapArgs struct {
+	showPrivateKey bool
+}
+
+func runNetmap(ctx context.Context, args []string) error {
+	ctx, cancel := context.WithTimeout(ctx, 5*time.Second)
+	defer cancel()
+
+	var mask ipn.NotifyWatchOpt = ipn.NotifyInitialNetMap
+	if !netmapArgs.showPrivateKey {
+		mask |= ipn.NotifyNoPrivateKeys
+	}
+	watcher, err := localClient.WatchIPNBus(ctx, mask)
+	if err != nil {
+		return err
+	}
+	defer watcher.Close()
+
+	n, err := watcher.Next()
+	if err != nil {
+		return err
+	}
+	j, _ := json.MarshalIndent(n.NetMap, "", "\t")
+	fmt.Printf("%s\n", j)
+	return nil
+}
+
 func runDERPMap(ctx context.Context, args []string) error {
 	dm, err := localClient.CurrentDERPMap(ctx)
 	if err != nil {