action.yml: allow specifying a state directory#133
Conversation
Also, document usage of the action with Tailnet Lock. Fixes #132 Signed-off-by: Anton Tolchanov <anton@tailscale.com>
Erisa
left a comment
Erisa
left a comment
There was a problem hiding this comment.
Tested with various commits in https://github.com/Erisa/tailscale-action-test
| statedir: | ||
| description: 'Optional state directory to use (if unset, memory state is used)' | ||
| required: false | ||
| default: '' |
There was a problem hiding this comment.
maybe set the default mem: value here, so you don't need the if/else below?
There was a problem hiding this comment.
--state=mem: is a different flag to --statedir= so it still wouldn't work without a check.
There was a problem hiding this comment.
doh! I totally overlooked that. Disregard then 😛
There was a problem hiding this comment.
oh, I know what I was thinking about... you can just set --state to a file and then --statedir will be derived from that. That's what I normally do in testing. But having statedir be the config option here makes more sense.
There was a problem hiding this comment.
While I haven't tested, I think that these may be different?
https://tailscale.com/kb/1278/tailscaled#flags-to-tailscaled
To control where state (including preferences and keys) is stored, use one of:
--statedir= for a directory on disk where to store config, keys, Taildrop files, and other state.
--state= to either a /path/to/file, kube: to use Kubernetes secrets, arn:aws:ssm:... to store state in AWS SSM, or mem: to not store state and reigster as an ephemeral node. By default, if not provided, the state is stored in /tailscaled.state.
--state is specifically for the tailscaled.state file, but --statedir gives a whole directory for config/keys which is what is needed for Taillnet Lock to work (it needs somewhere to store keys).
and "one of" implies they're mutually exclusive, so using --statedir you shouldnt also use --state
There was a problem hiding this comment.
And I properly read what you mean now with
and then --statedir will be derived from that.
This isn't documented but if it works and is supposed to work I'm on board!
There was a problem hiding this comment.
looks like the KB is missing a little bit of the documentation we have in the CLI...
% tailscaled --help
...
-statedir string
path to directory for storage of config state, TLS certs, temporary incoming Taildrop files, etc.
If empty, it's derived from --state when possible.
There was a problem hiding this comment.
To make use of that in a way that doesn't have a check in code I think you would have to change the option to be a state file rather than a directory.
e.g. if you set state: /tmp/tailscale/tailscaled.sock then you can safely set that and have the default as mem:
But if you expose the actions option as statedir: /tmp/tailscale/ with a default of mem: then you still need to think "is this set to mem:" before you go setting the --state file.
There was a problem hiding this comment.
yeah, I had originally just forgotten there are two different flags. I think this PR is good to merge as-is.
3 participants
Also, document usage of the action with Tailnet Lock.
Fixes #132