caius
commented
4 months ago Ideally we compile get-authkey at image build time however, not at runtime.
Open caius opened 4 months ago
caius
commented
4 months ago Ideally we compile get-authkey at image build time however, not at runtime.
Tailscale Auth Keys expire every 90 days (maximum) which makes it annoying to keep updating the Spacelift context with a new auth key every 3 months. The workaround/solution to this from Tailscale is to implement an OAuth client that can generate a tailscale auth key "just in time" whenever one is needed.
The easy way is probably to use tailscale's
get-authkeyutility to take in OAuth Token/secret and generate an auth key for spacetail to then consume.