| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Updates #18682
Change-Id: I1eadfab950e55d004484af880a5d8df6893e85e8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
This file was never truly necessary and has never actually been used in
the history of Tailscale's open source releases.
A Brief History of AUTHORS files
---
The AUTHORS file was a pattern developed at Google, originally for
Chromium, then adopted by Go and a bunch of other projects. The problem
was that Chromium originally had a copyright line only recognizing
Google as the copyright holder. Because Google (and most open source
projects) do not require copyright assignemnt for contributions, each
contributor maintains their copyright. Some large corporate contributors
then tried to add their own name to the copyright line in the LICENSE
file or in file headers. This quickly becomes unwieldy, and puts a
tremendous burden on anyone building on top of Chromium, since the
license requires that they keep all copyright lines intact.
The compromise was to create an AUTHORS file that would list all of the
copyright holders. The LICENSE file and source file headers would then
include that list by reference, listing the copyright holder as "The
Chromium Authors".
This also become cumbersome to simply keep the file up to date with a
high rate of new contributors. Plus it's not always obvious who the
copyright holder is. Sometimes it is the individual making the
contribution, but many times it may be their employer. There is no way
for the proejct maintainer to know.
Eventually, Google changed their policy to no longer recommend trying to
keep the AUTHORS file up to date proactively, and instead to only add to
it when requested: https://opensource.google/docs/releasing/authors.
They are also clear that:
> Adding contributors to the AUTHORS file is entirely within the
> project's discretion and has no implications for copyright ownership.
It was primarily added to appease a small number of large contributors
that insisted that they be recognized as copyright holders (which was
entirely their right to do). But it's not truly necessary, and not even
the most accurate way of identifying contributors and/or copyright
holders.
In practice, we've never added anyone to our AUTHORS file. It only lists
Tailscale, so it's not really serving any purpose. It also causes
confusion because Tailscalars put the "Tailscale Inc & AUTHORS" header
in other open source repos which don't actually have an AUTHORS file, so
it's ambiguous what that means.
Instead, we just acknowledge that the contributors to Tailscale (whoever
they are) are copyright holders for their individual contributions. We
also have the benefit of using the DCO (developercertificate.org) which
provides some additional certification of their right to make the
contribution.
The source file changes were purely mechanical with:
git ls-files | xargs sed -i -e 's/\(Tailscale Inc &\) AUTHORS/\1 contributors/g'
Updates #cleanup
Change-Id: Ia101a4a3005adb9118051b3416f5a64a4a45987d
Signed-off-by: Will Norris <will@tailscale.com>
|
|
Test that the base image builds and has the right iptables binary
linked.
Updates #17854
Signed-off-by: Irbe Krumina <irbe@tailscale.com>
|
|
Re-instate the linking of iptables installed in Tailscale container
to the legacy iptables version. In environments where the legacy
iptables is not needed, we should be able to run nftables instead,
but this will ensure that Tailscale keeps working in environments
that don't support nftables, such as some Synology NAS hosts.
Updates #17854
Signed-off-by: Irbe Krumina <irbe@tailscale.com>
|
|
Updates #15328
Change-Id: Ib33baf8756b648176dce461b25169e079cbd5533
Signed-off-by: Tom Proctor <tomhjp@users.noreply.github.com>
|
|
go.toolchain.rev: bump go1.25 version
flake.nix: bump Go to 1.25
Updates #16330
Signed-off-by: Patrick O'Doherty <patrick@tailscale.com>
|
|
Updates#cleanup
Signed-off-by: Irbe Krumina <irbe@tailscale.com>
|
|
Bumps Alpine 3.18 -> 3.19.
Alpine 3.19 links iptables to nftables-based
implementation that can break hosts that don't
support nftables.
Link iptables back to the legacy implementation
till we have some certainty that changing to
nftables based implementation will not break existing
setups.
Updates tailscale/tailscale#15328
Signed-off-by: Irbe Krumina <irbe@tailscale.com>
|
|
* go.toolchain.branch: update to Go 1.24
Updates #15015
Change-Id: I29c934ec17e60c3ac3264f30fbbe68fc21422f4d
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
* cmd/testwrapper: fix for go1.24
Updates #15015
Signed-off-by: Paul Scott <paul@tailscale.com>
* go.mod,Dockerfile: bump to Go 1.24
Also bump golangci-lint to a version that was built with 1.24
Updates #15015
Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
---------
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
Signed-off-by: Paul Scott <paul@tailscale.com>
Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
Co-authored-by: Paul Scott <paul@tailscale.com>
Co-authored-by: Andrew Lytvynov <awly@tailscale.com>
|
|
This reverts commit 5fdb4f83ad23f0ee7a9dc08ecc2a0ceeabd81fc3.
Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
|
|
Bump the versions to pick up some CVE patches. They don't affect us, but
customer scanners will complain.
Updates #cleanup
Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
|
|
Updates #12912
Change-Id: Ib4ae26eb5fb68ad2216cab4913811b94f7eed5b6
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Coder has just adopted nhooyr/websocket which unfortunately changes the import path.
`github.com/coder/coder` imports `tailscale.com/net/wsconn` which was still pointing
to `nhooyr.io/websocket`, but this change updates it.
See https://coder.com/blog/websocket
Updates #13154
Change-Id: I3dec6512472b14eae337ae22c5bcc1e3758888d5
Signed-off-by: Kyle Carberry <kyle@carberry.com>
|
|
images (#12955)
Add a warning that the Dockerfile in the OSS repo is not the
currently used mechanism to build the images we publish - for folks
who want to contribute to image build scripts or otherwise need to
understand the image build process that we use.
Updates#cleanup
Signed-off-by: Irbe Krumina <irbe@tailscale.com>
|
|
Fixes tailscale/tailscale#12842
Signed-off-by: Cameron Stokes <cameron@cameronstokes.com>
|
|
Updates #11058
Change-Id: I0f63be498be33d71bd90b7956f9fe9666fd7a696
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Bump alpine base image version used to build tailscale/tailscale
and tailscale/k8s-operator images 3.16 -> 3.18
Updates #cleanup
Signed-off-by: Irbe Krumina <irbe@tailscale.com>
|
|
Updates #8419
Change-Id: I809b6a4d59d92a2ab6ec587ccbb9053376bf02c2
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Fixes #8344
Signed-off-by: Claire Wang <claire@tailscale.com>
|
|
Closes #8342
Signed-off-by: Claire Wang <claire@tailscale.com>
|
|
The stamp vars got renamed and I forgot to update these scripts.
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
The other formerly exported values aren't used outside the package,
so just unexport them.
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
Updates #7123
Updates #5309
Change-Id: I90bcd87a2fb85a91834a0dd4be6e03db08438672
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
This updates all source files to use a new standard header for copyright
and license declaration. Notably, copyright no longer includes a date,
and we now use the standard SPDX-License-Identifier header.
This commit was done almost entirely mechanically with perl, and then
some minimal manual fixes.
Updates #6865
Signed-off-by: Will Norris <will@tailscale.com>
|
|
This implements the same functionality as the former run.sh, but in Go
and with a little better awareness of tailscaled's lifecycle.
Also adds TS_AUTH_ONCE, which fixes the unfortunate behavior run.sh had
where it would unconditionally try to reauth every time if you gave it
an authkey, rather than try to use it only if auth is actually needed.
This makes it a bit nicer to deploy these containers in automation, since
you don't have to run the container once, then go and edit its definition
to remove authkeys.
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
Tailscale @4a82b31 does not build in the container image due to using golang:1.18 image
Signed-off-by: Luis Peralta <luis.peralta@gmail.com>
|
|
This has the benefit of propagating SIGINT to tailscaled, which in turn
can react to the event and logout in case of an ephemeral node.
Also fix missing run.sh in Dockerfile.
Signed-off-by: Maisem Ali <maisem@tailscale.com>
|
|
The Dockerfile directions said:
But that failed with:
Step 14/15 : FROM ghcr.io/tailscale/alpine-base:3.14
Head "https://ghcr.io/v2/tailscale/alpine-base/manifests/3.14": denied: denied
So I guess the Dockerfile.base part was undocumented. But it only had
one line anyway, so move it here to avoid the intermediate layer's
published permissions problem entirely.
Also optimize the cachability a bit while here.
Change-Id: I846ad59fe7e88e6126925689fae78bfb80c279f0
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
|
|
That build tag hasn't been used since 5088af68cf
(June 2nd, 2021, for 1.10.0)
Change-Id: Ib6093a975505339872a0dc663fff9fc09c13bbc0
|
|
Signed-off-by: Maisem Ali <maisem@tailscale.com>
|
|
Updates #3112
Signed-off-by: Mangirdas <mangirdas@judeikis.lt>
|
|
The image is pulled using tailscale/tailscale:latest, and can be run using tailscale/tailscale
Signed-off-by: Michael Stapelberg <michael@stapelberg.de>
|
|
Signed-off-by: Maisem Ali <maisem@tailscale.com>
|
|
Signed-off-by: Maisem Ali <maisem@tailscale.com>
|
|
Signed-off-by: Maya Kaczorowski <15946341+mayakacz@users.noreply.github.com>
|
|
In prep for using 1.17 features.
Note the go.mod changes are due to:
https://golang.org/doc/go1.17#go-command
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
golang:1.16-alpine has updated to Alpine 3.14,
update the system image to match.
Reported by @kubeworm
https://twitter.com/kubeworm/status/1426751941519020033
Signed-off-by: Denton Gentry <dgentry@tailscale.com>
|
|
Signed-off-by: pratikbalar <pratik@improwised.com>
|
|
Fixes #1449
Signed-off-by: Steve Coffman <steve@khanacademy.org>
|
|
Fixes #1370
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Signed-off-by: Steve Coffman <steve@khanacademy.org>
|
|
Updates #504
|
|
As documented in the README, tailscale only build with the latest Go
version (Go 1.15). As a result, a handful of undefined errors would pop
up using an older verison.
This patch updates the base image to 1.15, allowing "docker build"
to function correctly once more.
Signed-off-by: Sean Klein <seanmarionklein@gmail.com>
|
|
Fixes #368.
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
|
|
This reverts commit 905fe9f6a227398c9032cfdee46a20cef43c8fa9.
We're not quite ready to update the Mac/iOS builds to 1.14.
|
|
|
|
We need iptables to make subnet routing work. Without it,
Tailscale mostly works, but subnet routing mysteriously doesn't.
Signed-off-by: David Anderson <dave@natulte.net>
|
|
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
