Improve failure logging on expired TS API

[a1ecbr0wn]

Edited after establishing the reason for the error:

Without changing my ACL or build, I started getting the following error when testing on GitHub. The issue was that my TS API key stored in GitHub had expired, but without notification, the error 401 was not clear enough to me that the key had expired. It would be nice if the error message was a little more descriptive about what to check.

Run go run tailscale.com/cmd/gitops-pusher@v1.66.4 "--policy-file=policy.hujson" "test"
go: downloading tailscale.com v1.66.4
go: downloading github.com/peterbourgon/ff/v3 v3.4.0
go: downloading github.com/tailscale/hujson v0.0.0-20221223112325-20486734a56a
go: downloading golang.org/x/oauth2 v0.16.0
go: downloading go4.org/mem v0.0.0-20220726221520-4f986261bf13
go: downloading golang.org/x/sys v0.18.0
go: downloading github.com/mitchellh/go-ps v1.0.0
go: downloading github.com/fxamacker/cbor/v2 v2.5.0
go: downloading github.com/hdevalence/ed25519consensus v0.2.0
go: downloading golang.org/x/crypto v0.21.0
go: downloading go4.org/netipx v0.0.0-20231129151722-fdeea329fbba
go: downloading github.com/jsimonetti/rtnetlink v1.4.0
go: downloading github.com/mdlayher/netlink v1.7.2
go: downloading github.com/x448/float16 v0.8.4
go: downloading filippo.io/edwards25519 v1.1.0
go: downloading github.com/josharian/native v1.1.1-0.20230202152459-5c7d0dd6ab86
go: downloading github.com/mdlayher/socket v0.5.0
go: downloading golang.org/x/net v0.23.0
go: downloading golang.org/x/sync v0.6.0
go: downloading golang.org/x/text v0.14.0
wanted HTTP status code 200 but got 401
exit status 1

[rsyring]

Ditto. But my error ends with a 404 instead of a 401.

[a1ecbr0wn]

401 is unauthorised but 404 is page not found. It is clearly making some sort of web call but to what I don't know. Hopefully someone from Tailscale will have a look at some point. Shame they don't have a community anywhere e.g. discord. Maybe Alex is on holiday

[compscidr]

Tried rolling back to a couple different previous versions, similar errors all the way back to 1.0.0. Perhaps something changed on their endpoint side and the client needs to be updated. According to here: https://pkg.go.dev/tailscale.com/cmd/gitops-pusher theres a 1.7.0 version and this action is using v1.66.4.

Update, tried making a fork and upgrading, still the same issue.

Ugh, turns out I just had an expired TS_API_KEY - some of my other workflows used a non-expiring oauth client so I assumed this had not been the case.

[a1ecbr0wn]

FGS, that was my issue as well. I suppose the Issue for tailscale is to consider improving the failure feedback to the user

[james-pickle]

+1 to improving the failure messaging