My aim is to use Tailscale in a workflow to be able to deploy changes to infrastructure which is only accessible over Tailscale. I’m aware of this blog article, but it’s not ideal for using in a ci/cd pipeline because the keys expire - I may not make any changes for 6 months and then the pipeline will fail because it can’t deploy the changes.
Is there any way I can go about this in a way which isn’t going to require periodic manual intervention?
This is an interesting problem. I am interested in what others have to say as well. One could get away with using reusable keys but that also irks me a bit.
Perhaps, this can be done using API access (with a small shim in Go/Python etc…) to generate a new one-off key and then use it but I am not sure how that would fit in with GH actions.
