Skip to content

fix: ts oauth #193

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
TobiTenno merged 1 commit into from
Oct 17, 2025
Merged

fix: ts oauth #193

TobiTenno merged 1 commit into from
Oct 17, 2025

Conversation

@TobiTenno
Copy link
Member

@TobiTenno TobiTenno commented Oct 17, 2025
edited by coderabbitai bot
Loading

What did you fix?

switch to more supported auth method

Reproduction steps

do a build

Evidence/screenshot/link to line

Considerations

  • Does this contain a new dependency? [No]
  • Does this introduce opinionated data formatting or manual data entry? [No]
  • Does this pr include updated data files in a separate commit that can be reverted for a clean code-only pr? [No]
  • Have I run the linter? [Yes]
  • Is is a bug fix, feature request, or enhancement? [Maintenance]

Summary by CodeRabbit

  • Chores
    • Updated CI/CD authentication configuration for improved security practices.

@TobiTenno TobiTenno requested a review from a team as a code owner October 17, 2025 05:28
@TobiTenno TobiTenno requested a review from AyAyEm October 17, 2025 05:28
@coderabbitai
Copy link

coderabbitai bot commented Oct 17, 2025
edited
Loading

Walkthrough

GitHub workflow files (.github/workflows/) updated to replace Tailscale authkey authentication with OAuth-based credentials (oauth-client-id and oauth-secret) and add a tag:ci tag parameter across multiple workflow configurations.

Changes

Cohort / File(s) Summary
Tailscale OAuth Migration in Workflows
​.github/workflows/build.yaml, ​.github/workflows/static.yaml		 Replaced Tailscale authkey input with oauth-client-id and oauth-secret parameters; added tags: tag:ci parameter to identify CI workflow runs.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 Hoppy tales of auth so fine,
OAuth credentials now align!
Tag by tag, the CI flows,
Security blooms where trust grows. 🔐✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check ✅ Passed The pull request title "fix: ts oauth" is directly related to the main change in the changeset, which involves switching Tailscale authentication from authkey to OAuth-based credentials (oauth-client-id and oauth-secret) in workflow files. The title clearly indicates the core change through concise phrasing that refers to Tailscale OAuth, the primary focus of this maintenance update. While the title uses the abbreviation "ts," it is specific enough to convey meaningful information about the changeset to team members familiar with the project.
Docstring Coverage ✅ Passed No functions found in the changes. Docstring coverage check skipped.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch ts_oauth
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 58065e8 and 6653a65.

📒 Files selected for processing (2)
  • .github/workflows/build.yaml (1 hunks)
  • .github/workflows/static.yaml (1 hunks)
🔇 Additional comments (2)
.github/workflows/static.yaml (1)

43-48: Verify Tailscale secrets and action version compatibility.

The Tailscale step now uses OAuth-based authentication with oauth-client-id and oauth-secret secrets and includes a tag:ci parameter. Ensure:

  1. Secrets TS_OAUTH_CLIENT_ID and TS_OAUTH_SECRET are configured in the GitHub repository settings
  2. The tailscale/github-action@v3 supports these OAuth parameters (if not explicitly documented, test with a trial run)
  3. The tags: tag:ci format is correct for your Tailscale configuration
  4. Any old authkey secret has been decommissioned or is no longer in use
.github/workflows/build.yaml (1)

20-25: Consistent OAuth migration across workflows.

The changes mirror those in .github/workflows/static.yaml, updating the Tailscale authentication from authkey to OAuth-based credentials. The same verification steps apply—ensure the secrets are configured and the action version supports these parameters. Once verified in one workflow, the consistency across both is appropriate.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@TobiTenno TobiTenno enabled auto-merge (squash) October 17, 2025 05:38
@TobiTenno TobiTenno disabled auto-merge October 17, 2025 05:38
@TobiTenno TobiTenno enabled auto-merge (squash) October 17, 2025 05:38
@TobiTenno TobiTenno disabled auto-merge October 17, 2025 05:38
@TobiTenno TobiTenno merged commit c8e5877 into master Oct 17, 2025
9 of 10 checks passed
@TobiTenno TobiTenno deleted the ts_oauth branch October 17, 2025 05:38
@wfcd-bot-boi
Copy link
Collaborator

wfcd-bot-boi commented Oct 21, 2025

🎉 This PR is included in version 2.85.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

@coderabbitai coderabbitai bot mentioned this pull request Nov 29, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AyAyEm AyAyEm Awaiting requested review from AyAyEm AyAyEm is a code owner automatically assigned from WFCD/node-libraries

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@TobiTenno @wfcd-bot-boi