mirror of
https://github.com/tailscale/tailscale.git
synced 2026-05-08 13:46:46 +02:00
c299a96624
This runs:
go run ./cmd/jsonimports -update -ignore=tempfork/
which applies the following rules:
* Until the Go standard library formally accepts "encoding/json/v2"
and "encoding/json/jsontext" into the standard library
(i.e., they are no longer considered experimental),
we forbid any code from directly importing those packages.
Go code should instead import "github.com/go-json-experiment/json"
and "github.com/go-json-experiment/json/jsontext".
The latter packages contain aliases to the standard library
if built on Go 1.25 with the goexperiment.jsonv2 tag specified.
* Imports of "encoding/json" or "github.com/go-json-experiment/json/v1"
must be explicitly imported under the package name "jsonv1".
If both packages need to be imported, then
the former should be imported under the package name "jsonv1std".
* Imports of "github.com/go-json-experiment/json"
must be explicitly imported under the package name "jsonv2".
The latter two rules exist to provide clarity when reading code.
Without them, it is unclear whether "json.Marshal" refers to v1 or v2.
With them, however, it is clear that "jsonv1.Marshal" is calling v1 and
that "jsonv2.Marshal" is calling v2.
Updates tailscale/corp#791
Signed-off-by: Joe Tsai <joetsai@digital-static.net>
67 lines
1.9 KiB
Go
67 lines
1.9 KiB
Go
// Copyright (c) Tailscale Inc & AUTHORS
|
|
// SPDX-License-Identifier: BSD-3-Clause
|
|
|
|
package main
|
|
|
|
import (
|
|
jsonv1 "encoding/json"
|
|
"os"
|
|
)
|
|
|
|
// Cache contains cached information about the last time this tool was run.
|
|
//
|
|
// This is serialized to a JSON file that should NOT be checked into git.
|
|
// It should be managed with either CI cache tools or stored locally somehow. The
|
|
// exact mechanism is irrelevant as long as it is consistent.
|
|
//
|
|
// This allows gitops-pusher to detect external ACL changes. I'm not sure what to
|
|
// call this problem, so I've been calling it the "three version problem" in my
|
|
// notes. The basic problem is that at any given time we only have two versions
|
|
// of the ACL file at any given point. In order to check if there has been
|
|
// tampering of the ACL files in the admin panel, we need to have a _third_ version
|
|
// to compare against.
|
|
//
|
|
// In this case I am not storing the old ACL entirely (though that could be a
|
|
// reasonable thing to add in the future), but only its sha256sum. This allows
|
|
// us to detect if the shasum in control matches the shasum we expect, and if that
|
|
// expectation fails, then we can react accordingly.
|
|
type Cache struct {
|
|
PrevETag string // Stores the previous ETag of the ACL to allow
|
|
}
|
|
|
|
// Save persists the cache to a given file.
|
|
func (c *Cache) Save(fname string) error {
|
|
os.Remove(fname)
|
|
fout, err := os.Create(fname)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer fout.Close()
|
|
|
|
return jsonv1.NewEncoder(fout).Encode(c)
|
|
}
|
|
|
|
// LoadCache loads the cache from a given file.
|
|
func LoadCache(fname string) (*Cache, error) {
|
|
var result Cache
|
|
|
|
fin, err := os.Open(fname)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer fin.Close()
|
|
|
|
err = jsonv1.NewDecoder(fin).Decode(&result)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return &result, nil
|
|
}
|
|
|
|
// Shuck removes the first and last character of a string, analogous to
|
|
// shucking off the husk of an ear of corn.
|
|
func Shuck(s string) string {
|
|
return s[1 : len(s)-1]
|
|
}
|