Skip to content

Updated the README with more comprehensive instructions & updated deprecated Actions #35

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Updated the README with more comprehensive instructions & updated deprecated Actions #35

wants to merge 3 commits into from

Conversation

@campbell-lunar
Copy link

@campbell-lunar campbell-lunar commented Feb 9, 2024

No description provided.

dannytsang
dannytsang approved these changes Mar 17, 2024
View reviewed changes
Copy link

@dannytsang dannytsang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can't comment on the action.yml changes but I like the updated README.

@nemchik
Copy link

nemchik commented Jun 2, 2025

I just went on an adventure setting up GitOps for my ACLs and found a number of tweaks to be beneficial. Here is the end result of what I did (explanations below).

name: Sync Tailscale ACLs

on:
  push:
  pull_request:
  workflow_dispatch:

jobs:
  acls:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v4

      - name: Fetch version-cache.json
        id: fetch-old-version
        uses: actions/cache@v4
        with:
          path: ./version-cache.json
          key: version-cache.json-${{ github.run_id }}
          restore-keys: |
            version-cache.json-

      - name: Test ACL
        id: test-acl
        uses: tailscale/gitops-acl-action@v1
        with:
          # api-key: ${{ secrets.TS_API_KEY }}
          oauth-client-id: ${{ secrets.TS_OAUTH_ID }}
          oauth-secret: ${{ secrets.TS_OAUTH_SECRET}}
          tailnet: ${{ secrets.TS_TAILNET }}
          action: test

      - name: Deploy ACL
        if: github.event_name == 'push' && github.ref_name == 'main'
        id: deploy-acl
        uses: tailscale/gitops-acl-action@v1
        with:
          # api-key: ${{ secrets.TS_API_KEY }}
          oauth-client-id: ${{ secrets.TS_OAUTH_ID }}
          oauth-secret: ${{ secrets.TS_OAUTH_SECRET}}
          tailnet: ${{ secrets.TS_TAILNET }}
          action: apply

From the top:

  • The on section has push and pull_request without any branch restrictions so that the test action can run on pull requests, and commits pushed to pull requests
  • The workflow_dispatch trigger (in the on section) is added to allow ad-hoc running the workflow from the Actions page in the repository (handy to re-deploy without creating a new commit in the main branch)
  • The Test ACL step is moved above the Deploy ACL step so that the changes are tested before being deployed (the test step runs in the main branch and in any pull request)
  • The Deploy ACL step has an added condition if: github.event_name == 'push' && github.ref_name == 'main' so deploys only happen if a commit is pushed to the main branch (ex: after a pull request merges, or a direct push to the main branch)
  • I also have both the API and OAuth lines in my example above (with the API lines commented out) but I think this PR having them separated and nicely explained makes perfect sense

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@dannytsang dannytsang dannytsang approved these changes

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@campbell-lunar @nemchik @dannytsang