summaryrefslogtreecommitdiffhomepage
path: root/util/syspolicy/internal
AgeCommit message (Collapse)AuthorFilesLines
2025-08-31util/syspolicy/*: move syspolicy keys to new const leaf "pkey" packageBrad Fitzpatrick2-4/+6
This is step 1 of ~3, breaking up #14720 into reviewable chunks, with the aim to make syspolicy be a build-time configurable feature. In this first (very noisy) step, all the syspolicy string key constants move to a new constant-only (code-free) package. This will make future steps more reviewable, without this movement noise. There are no code or behavior changes here. The future steps of this series can be seen in #14720: removing global funcs from syspolicy resolution and using an interface that's plumbed around instead. Then adding build tags. Updates #12614 Change-Id: If73bf2c28b9c9b1a408fe868b0b6a25b03eeabd1 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2025-04-08all: unify some redundant testing.TB interface copiesBrad Fitzpatrick4-18/+8
I added yet another one in 6d117d64a256234 but that new one is at the best place int he dependency graph and has the best name, so let's use that one for everything possible. types/lazy can't use it for circular dependency reasons, so unexport that copy at least. Updates #cleanup Change-Id: I25db6b6a0d81dbb8e89a0a9080c7f15cbf7aa770 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2025-02-27go.mod: bump github.com/go-json-experiment/json (#15010)Joe Tsai1-2/+2
The upstream module has seen significant work making the v1 emulation layer a high fidelity re-implementation of v1 "encoding/json". This addresses several upstream breaking changes: * MarshalJSONV2 renamed as MarshalJSONTo * UnmarshalJSONV2 renamed as UnmarshalJSONFrom * Options argument removed from MarshalJSONV2 * Options argument removed from UnmarshalJSONV2 Updates tailscale/corp#791 Signed-off-by: Joe Tsai <joetsai@digital-static.net>
2025-02-01util/syspolicy/internal/metrics: replace dots with underscores for metric namesNick Khyl1-0/+1
Dots are not allowed in metric names and cause panics. Since we use dots in names like AlwaysOn.OverrideWithReason, let's replace them with underscores. We don’t want to use setting.KeyPathSeparator here just yet to make it fully hierarchical, but we will decide as we progress on the (experimental) AlwaysOn.* policy settings. tailscale/corp#26146 Signed-off-by: Nick Khyl <nickk@tailscale.com>
2025-01-22util/slicesx: add AppendNonzeroBrad Fitzpatrick1-3/+1
By request of @agottardo. Updates #cleanup Change-Id: I2f02314eb9533b1581e47b66b45b6fb8ac257bb7 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2024-10-30util/syspolicy: implement a syspolicy store that reads settings from ↵Nick Khyl1-1/+1
environment variables In this PR, we implement (but do not use yet, pending #13727 review) a syspolicy/source.Store that reads policy settings from environment variables. It converts a CamelCase setting.Key, such as AuthKey or ExitNodeID, to a SCREAMING_SNAKE_CASE, TS_-prefixed environment variable name, such as TS_AUTH_KEY and TS_EXIT_NODE_ID. It then looks up the variable and attempts to parse it according to the expected value type. If the environment variable is not set, the policy setting is considered not configured in this store (the syspolicy package will still read it from other sources). Similarly, if the environment variable has an invalid value for the setting type, it won't be used (though the reported/logged error will differ). Updates #13193 Updates #12687 Signed-off-by: Nick Khyl <nickk@tailscale.com>
2024-10-16util/syspolicy: add rsop package that provides access to the resultant policyNick Khyl1-0/+3
In this PR we add syspolicy/rsop package that facilitates policy source registration and provides access to the resultant policy merged from all registered sources for a given scope. Updates #12687 Signed-off-by: Nick Khyl <nickk@tailscale.com>
2024-10-08util/syspolicy, ipn: add "tailscale debug component-logs" supportNick Khyl2-12/+83
Fixes #13313 Fixes #12687 Signed-off-by: Nick Khyl <nickk@tailscale.com>
2024-09-03util/syspolicy/source: add package for reading policy settings from external ↵Nick Khyl4-0/+877
stores We add package defining interfaces for policy stores, enabling creation of policy sources and reading settings from them. It includes a Windows-specific PlatformPolicyStore for GP and MDM policies stored in the Registry, and an in-memory TestStore for testing purposes. We also include an internal package that tracks and reports policy usage metrics when a policy setting is read from a store. Initially, it will be used only on Windows and Android, as macOS, iOS, and tvOS report their own metrics. However, we plan to use it across all platforms eventually. Updates #12687 Signed-off-by: Nick Khyl <nickk@tailscale.com>
2024-08-12util/syspolicy/setting: add package that contains types for the next ↵Nick Khyl1-0/+63
syspolicy PRs Package setting contains types for defining and representing policy settings. It facilitates the registration of setting definitions using Register and RegisterDefinition, and the retrieval of registered setting definitions via Definitions and DefinitionOf. This package is intended for use primarily within the syspolicy package hierarchy, and added in a preparation for the next PRs. Updates #12687 Signed-off-by: Nick Khyl <nickk@tailscale.com>
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.