feat: adds SSH support + tagging + upgrades ssm-agent 1.0 #13
Conversation
chore: cleans up trunk issues chore: cleans up trunk issues chore: cleans up trunk issues
|
@Gowiem Why remove Edit: oh I see now in ssm-agent -- I'll review that first |
| --authkey=${authkey} \ | ||
| --hostname=${hostname} | ||
| --advertise-routes=${routes} \ | ||
| --advertise-tags=${tags} \ |
There was a problem hiding this comment.
I'm confused about this change. I assume something could be changed in Tailscale auth/tagging logic, but previously the machine was tagged when authenticated with the pre-authentication Tailnet key, see the comment.
I get why we might want to concat context.tf tags + additional tags provided by a user, but I don't get why we need to add this flag and use different tags for the key and for up command.
There was a problem hiding this comment.
To recap the conversation we had over a call for history purposes:
- We weren't including the
primary_tagin this list, which was a mistake on my end. I've now fixed that in a recent push. - We're going to keep this
--advertise-tagsbit here because it's useful to be explicit since Tailscale is confusing af at times.
| @@ -1,3 +1,4 @@ | |||
| # trunk-ignore-all(trivy/AVD-AWS-0178): We don't need have VPC Flow logs. | |||
There was a problem hiding this comment.
What I was going to update here (and successfully forgot to complete 😑) is to redo the example without referencing to context.tf (maybe worth leaving it commented for the users who utilize this pattern). Do you want me to add this to your branch? Or you'll update it by yourself?
There was a problem hiding this comment.
@gberenice Hm -- I'm glad you're thinking of this as I always forget to update the example. I think what I'll do is update the readme for the two use-cases: 1) passing primary_tag and 2) passing in context.tf label elements to create the module.this.id
what
why
references