tailscale 0.3.3

A work-in-progress Tailscale implementation
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128

name: python

on:
  push:
    branches:
      - main
    tags:
      - 'v*'
  pull_request:
  workflow_dispatch:
    inputs:
      python_environment:
        default: 'pypi'
        description: 'The GitHub environment to use for publishing, as well as the name
        of the Python package index to publish to. Value must match both the name of a
        GitHub environment and the name of a [[tool.uv.index]] entry in
        ts_python/pyproject.toml.'
        required: true
        type: choice
        options:
          - 'pypi'
          - 'testpypi'

permissions:
  contents: read

env:
  # Cache-busting key -- change it if the build changes in a way that invalidates old
  # cached state.
  cache_key: python-ci
  # Is this a tagged release build?
  is_tag_push: ${{ startsWith(github.ref, 'refs/tags/') }}
  # The GitHub environment to use for the "publish" job. Use the workflow_dispatch input
  # if present, 'pypi' if this is a tagged release build; otherwise, fall back to
  # 'testpypi'.
  python_environment: &python_environment ${{ case(inputs.python_environment != '', inputs.python_environment, startsWith(github.ref, 'refs/tags/'), 'pypi', 'testpypi') }}
  # The Python package index to publish to. Identical to "python_environment", separated
  # for clarity.
  python_index: *python_environment
  # The Python ABI to build wheels for. Serves as a "minimum supported CPython version".
  python_version: 3.12
  # The Rust toolchain version to build the wheels with. Should be latest supported
  # version (MSRV + 1).
  rust_toolchain: 1.95.0

jobs:
  build:
    name: build (${{ matrix.platform.os }}, ${{ matrix.platform.target }})
    runs-on: ${{ matrix.platform.runner }}
    strategy:
      matrix:
        platform:
          - os: linux
            runner: linux-arm64-16cpu
            target: aarch64
            triple: aarch64-unknown-linux-gnu
          - os: linux
            runner: linux-x86_64-16cpu
            target: x86_64
            triple: x86_64-unknown-linux-gnu
          - os: macOS
            runner: macos-26
            target: aarch64
            triple: aarch64-apple-darwin
          - os: windows
            runner: windows-8vcpu
            target: x86_64
            triple: x86_64-pc-windows-msvc

    steps:
      - name: Checkout
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      - name: Setup rust
        id: setup-rust
        uses: ./.github/actions/setup-rust
        with:
          toolchain-version: ${{ env.rust_toolchain }}
          builder-triple: ${{ matrix.platform.triple }}
      - name: Install python
        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
        with:
          python-version: ${{ env.python_version }}
      - name: Build wheels
        uses: PyO3/maturin-action@e83996d129638aa358a18fbd1dfb82f0b0fb5d3b # v1.51.0
        with:
          working-directory: ts_python
          rust-toolchain: ${{ env.rust_toolchain }}
          target: ${{ matrix.platform.triple }}
          args: --release --out dist
          sccache: ${{ !env.is_tag_push }}
          manylinux: auto
      - name: Upload wheels
        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
        with:
          name: wheels-${{ matrix.platform.os }}-${{ matrix.platform.target }}
          path: ts_python/dist

  publish:
    runs-on: ubuntu-latest
    if: ${{ startsWith(github.ref, 'refs/tags/') || github.event_name == 'workflow_dispatch' }}
    needs: build
    environment: *python_environment
    permissions:
      # Use to sign the release artifacts
      id-token: write
      # Used to upload release artifacts
      contents: write
      # Used to generate artifact attestation
      attestations: write
    steps:
      - name: Checkout
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      - name: Download built wheels
        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
        with:
          path: ts_python
      - name: Generate artifact attestation
        uses: actions/attest@59d89421af93a897026c735860bf21b6eb4f7b26 # v4.1.0
        with:
          subject-path: 'ts_python/wheels-*/*'
      - name: Install uv
        uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 # v8.0.0
        with:
          working-directory: ts_python
      - name: (Dry Run) Publish to ${{ env.python_index }}
        run: uv publish --dry-run --directory ts_python --index ${{ env.python_index }} 'wheels-*/*'
      - name: Publish to ${{ env.python_index }}
        run: uv publish --directory ts_python --index ${{ env.python_index }} 'wheels-*/*'