provider-tailscale is a Crossplane provider built with Upjet v2 that exposes XRM-conformant managed resources for the Tailscale Terraform provider.
Install the provider from the Upbound registry:
apiVersion: pkg.crossplane.io/v1
kind: Provider
metadata:
name: provider-tailscale
spec:
package: xpkg.upbound.io/buttah-cloud/provider-tailscale:v0.1.0This provider generates managed resources for all Tailscale Terraform resources in v0.29.2:
- ACL, contacts, services, webhooks
- Device authorization, keys, subnet routes, tags
- DNS configuration, nameservers, preferences, search paths, split nameservers
- AWS external ID, federated identities, OAuth clients
- Logstream configuration, posture integrations
- Tailnet keys and settings
Both cluster-scoped (*.tailscale.buttah-cloud.io) and namespaced (*.tailscale.m.buttah-cloud.io) APIs are available.
Create a Kubernetes secret with Tailscale credentials and reference it from a ProviderConfig or ClusterProviderConfig:
apiVersion: v1
kind: Secret
metadata:
name: tailscale-creds
namespace: crossplane-system
type: Opaque
stringData:
credentials: |
{
"api_key": "tskey-api-...",
"tailnet": "example.com"
}OAuth client credentials are also supported:
{
"oauth_client_id": "k...",
"oauth_client_secret": "...",
"tailnet": "example.com"
}See the Tailscale provider authentication docs for all supported credential fields.
Generate APIs, controllers, and CRDs:
make submodules
make generateRun locally against a cluster:
make runBuild binaries (without container images):
make go.buildFile an issue in this repository.