tendstofortytwo
commented
2 years ago It would be nice if you could also detect an expired authkey. :) Not sure if worth making a separate issue for that?
Closed DentonGentry closed 1 year ago
tendstofortytwo
commented
2 years ago It would be nice if you could also detect an expired authkey. :) Not sure if worth making a separate issue for that?
willnorris
commented
1 year ago perhaps related, but we recently had an issue where an auth key was accidentally revoked (https://github.com/tailscale/corp/issues/7280). The behavior there was that the tailscale action hung and was eventually killed by GitHub after ~6 hours. Like the above cases, this seems like something we should be able to detect and fail fast.
When a pull request is initiated from a fork, none of the secrets of the original repo are available. This notably includes the TAILSCALE_AUTHKEY, which means tailscaled in the CI runner is trying to start with "tailscale up --authkey= --hostname=name"
We should notice if the authkey is empty and exit early with a comprehensible error message.