Merge 0f432854c6 into edf9e25001

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>

.golangci.yaml

@@ -27,7 +27,6 @@ linters:
     - nolintlint
     - musttag # causes issues with imported libs
     - depguard
-    - exportloopref
 
     # We should strive to enable these:
     - wrapcheck
@@ -57,14 +56,9 @@ linters-settings:
       - ok
       - c
       - tt
-      - tx
-      - rx
 
   gocritic:
     disabled-checks:
       - appendAssign
       # TODO(kradalby): Remove this
       - ifElseChain
-
-  nlreturn:
-    block-size: 4

docs/requirements.txt

@@ -1,5 +1,7 @@
-mkdocs-include-markdown-plugin~=7.1
-mkdocs-macros-plugin~=1.3
-mkdocs-material[imaging]~=9.5
-mkdocs-minify-plugin~=0.7
-mkdocs-redirects~=1.2
+cairosvg~=2.7.1
+mkdocs-include-markdown-plugin~=6.2.2
+mkdocs-macros-plugin~=1.2.0
+mkdocs-material~=9.5.18
+mkdocs-minify-plugin~=0.7.1
+mkdocs-redirects~=1.2.1
+pillow~=10.1.0

hscontrol/db/db.go

@@ -498,25 +498,6 @@ func NewHeadscaleDatabase(
 						return err
 					}
 
-					// Set up indexes and unique constraints outside of GORM, it does not support
-					// conditional unique constraints.
-					// This ensures the following:
-					// - A user name and provider_identifier is unique
-					// - A provider_identifier is unique
-					// - A user name is unique if there is no provider_identifier is not set
-					for _, idx := range []string{
-						"DROP INDEX IF EXISTS `idx_provider_identifier`",
-						"DROP INDEX IF EXISTS `idx_name_provider_identifier`",
-						"CREATE UNIQUE INDEX IF NOT EXISTS `idx_provider_identifier` ON `users` (`provider_identifier`) WHERE provider_identifier IS NOT NULL;",
-						"CREATE UNIQUE INDEX IF NOT EXISTS `idx_name_provider_identifier` ON `users` (`name`,`provider_identifier`);",
-						"CREATE UNIQUE INDEX IF NOT EXISTS `idx_name_no_provider_identifier` ON `users` (`name`) WHERE provider_identifier IS NULL;",
-					} {
-						err = tx.Exec(idx).Error
-						if err != nil {
-							return fmt.Errorf("creating username index: %w", err)
-						}
-					}
-
 					return nil
 				},
 				Rollback: func(db *gorm.DB) error { return nil },

hscontrol/db/db_test.go

@@ -46,7 +46,7 @@ func TestMigrations(t *testing.T) {
 				routes, err := Read(h.DB, func(rx *gorm.DB) (types.Routes, error) {
 					return GetRoutes(rx)
 				})
-				require.NoError(t, err)
+				assert.NoError(t, err)
 
 				assert.Len(t, routes, 10)
 				want := types.Routes{
@@ -72,7 +72,7 @@ func TestMigrations(t *testing.T) {
 				routes, err := Read(h.DB, func(rx *gorm.DB) (types.Routes, error) {
 					return GetRoutes(rx)
 				})
-				require.NoError(t, err)
+				assert.NoError(t, err)
 
 				assert.Len(t, routes, 4)
 				want := types.Routes{
@@ -134,7 +134,7 @@ func TestMigrations(t *testing.T) {
 
 					return append(kratest, testkra...), nil
 				})
-				require.NoError(t, err)
+				assert.NoError(t, err)
 
 				assert.Len(t, keys, 5)
 				want := []types.PreAuthKey{
@@ -179,7 +179,7 @@ func TestMigrations(t *testing.T) {
 				nodes, err := Read(h.DB, func(rx *gorm.DB) (types.Nodes, error) {
 					return ListNodes(rx)
 				})
-				require.NoError(t, err)
+				assert.NoError(t, err)
 
 				for _, node := range nodes {
 					assert.Falsef(t, node.MachineKey.IsZero(), "expected non zero machinekey")
@@ -271,8 +271,8 @@ func TestConstraints(t *testing.T) {
 				require.NoError(t, err)
 				_, err = CreateUser(db, "user1")
 				require.Error(t, err)
-				assert.Contains(t, err.Error(), "UNIQUE constraint failed:")
-				// require.Contains(t, err.Error(), "user already exists")
+				// assert.Contains(t, err.Error(), "UNIQUE constraint failed: users.username")
+				require.Contains(t, err.Error(), "user already exists")
 			},
 		},
 		{
@@ -295,7 +295,7 @@ func TestConstraints(t *testing.T) {
 
 				err = db.Save(&user).Error
 				require.Error(t, err)
-				require.Contains(t, err.Error(), "UNIQUE constraint failed:")
+				require.Contains(t, err.Error(), "UNIQUE constraint failed: users.provider_identifier")
 			},
 		},
 		{
@@ -318,7 +318,7 @@ func TestConstraints(t *testing.T) {
 
 				err = db.Save(&user).Error
 				require.Error(t, err)
-				require.Contains(t, err.Error(), "UNIQUE constraint failed:")
+				require.Contains(t, err.Error(), "UNIQUE constraint failed: users.provider_identifier")
 			},
 		},
 		{
@@ -329,8 +329,8 @@ func TestConstraints(t *testing.T) {
 
 				user := types.User{
 					Name: "user1",
-					ProviderIdentifier: sql.NullString{String: "http://test.com/user1", Valid: true},
 				}
+				user.ProviderIdentifier.String = "http://test.com/user1"
 
 				err = db.Save(&user).Error
 				require.NoError(t, err)
@@ -341,8 +341,8 @@ func TestConstraints(t *testing.T) {
 			run: func(t *testing.T, db *gorm.DB) {
 				user := types.User{
 					Name: "user1",
-					ProviderIdentifier: sql.NullString{String: "http://test.com/user1", Valid: true},
 				}
+				user.ProviderIdentifier.String = "http://test.com/user1"
 
 				err := db.Save(&user).Error
 				require.NoError(t, err)
@@ -360,7 +360,7 @@ func TestConstraints(t *testing.T) {
 				t.Fatalf("creating database: %s", err)
 			}
 
-			tt.run(t, db.DB.Debug())
+			tt.run(t, db.DB)
 		})
 
 	}

hscontrol/db/ip_test.go

@@ -12,7 +12,6 @@ import (
 	"github.com/juanfont/headscale/hscontrol/types"
 	"github.com/juanfont/headscale/hscontrol/util"
 	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
 	"tailscale.com/net/tsaddr"
 	"tailscale.com/types/ptr"
 )
@@ -458,12 +457,7 @@ func TestBackfillIPAddresses(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			db := tt.dbFunc()
 
-			alloc, err := NewIPAllocator(
-				db,
-				tt.prefix4,
-				tt.prefix6,
-				types.IPAllocationStrategySequential,
-			)
+			alloc, err := NewIPAllocator(db, tt.prefix4, tt.prefix6, types.IPAllocationStrategySequential)
 			if err != nil {
 				t.Fatalf("failed to set up ip alloc: %s", err)
 			}
@@ -488,29 +482,24 @@ func TestBackfillIPAddresses(t *testing.T) {
 }
 
 func TestIPAllocatorNextNoReservedIPs(t *testing.T) {
-	alloc, err := NewIPAllocator(
-		db,
-		ptr.To(tsaddr.CGNATRange()),
-		ptr.To(tsaddr.TailscaleULARange()),
-		types.IPAllocationStrategySequential,
-	)
+	alloc, err := NewIPAllocator(db, ptr.To(tsaddr.CGNATRange()), ptr.To(tsaddr.TailscaleULARange()), types.IPAllocationStrategySequential)
 	if err != nil {
 		t.Fatalf("failed to set up ip alloc: %s", err)
 	}
 
 	// Validate that we do not give out 100.100.100.100
 	nextQuad100, err := alloc.next(na("100.100.100.99"), ptr.To(tsaddr.CGNATRange()))
-	require.NoError(t, err)
+	assert.NoError(t, err)
 	assert.Equal(t, na("100.100.100.101"), *nextQuad100)
 
 	// Validate that we do not give out fd7a:115c:a1e0::53
 	nextQuad100v6, err := alloc.next(na("fd7a:115c:a1e0::52"), ptr.To(tsaddr.TailscaleULARange()))
-	require.NoError(t, err)
+	assert.NoError(t, err)
 	assert.Equal(t, na("fd7a:115c:a1e0::54"), *nextQuad100v6)
 
 	// Validate that we do not give out fd7a:115c:a1e0::53
 	nextChrome, err := alloc.next(na("100.115.91.255"), ptr.To(tsaddr.CGNATRange()))
 	t.Logf("chrome: %s", nextChrome.String())
-	require.NoError(t, err)
+	assert.NoError(t, err)
 	assert.Equal(t, na("100.115.94.0"), *nextChrome)
 }

hscontrol/db/node_test.go

@@ -17,7 +17,6 @@ import (
 	"github.com/juanfont/headscale/hscontrol/util"
 	"github.com/puzpuzpuz/xsync/v3"
 	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
 	"gopkg.in/check.v1"
 	"gorm.io/gorm"
 	"tailscale.com/net/tsaddr"
@@ -559,17 +558,17 @@ func TestAutoApproveRoutes(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			adb, err := newTestDB()
-			require.NoError(t, err)
+			assert.NoError(t, err)
 			pol, err := policy.LoadACLPolicyFromBytes([]byte(tt.acl))
 
-			require.NoError(t, err)
+			assert.NoError(t, err)
 			assert.NotNil(t, pol)
 
 			user, err := adb.CreateUser("test")
-			require.NoError(t, err)
+			assert.NoError(t, err)
 
 			pak, err := adb.CreatePreAuthKey(types.UserID(user.ID), false, false, nil, nil)
-			require.NoError(t, err)
+			assert.NoError(t, err)
 
 			nodeKey := key.NewNode()
 			machineKey := key.NewMachine()
@@ -591,21 +590,21 @@ func TestAutoApproveRoutes(t *testing.T) {
 			}
 
 			trx := adb.DB.Save(&node)
-			require.NoError(t, trx.Error)
+			assert.NoError(t, trx.Error)
 
 			sendUpdate, err := adb.SaveNodeRoutes(&node)
-			require.NoError(t, err)
+			assert.NoError(t, err)
 			assert.False(t, sendUpdate)
 
 			node0ByID, err := adb.GetNodeByID(0)
-			require.NoError(t, err)
+			assert.NoError(t, err)
 
 			// TODO(kradalby): Check state update
 			err = adb.EnableAutoApprovedRoutes(pol, node0ByID)
-			require.NoError(t, err)
+			assert.NoError(t, err)
 
 			enabledRoutes, err := adb.GetEnabledRoutes(node0ByID)
-			require.NoError(t, err)
+			assert.NoError(t, err)
 			assert.Len(t, enabledRoutes, len(tt.want))
 
 			tsaddr.SortPrefixes(enabledRoutes)
@@ -698,13 +697,13 @@ func TestListEphemeralNodes(t *testing.T) {
 	}
 
 	user, err := db.CreateUser("test")
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	pak, err := db.CreatePreAuthKey(types.UserID(user.ID), false, false, nil, nil)
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	pakEph, err := db.CreatePreAuthKey(types.UserID(user.ID), false, true, nil, nil)
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	node := types.Node{
 		ID:             0,
@@ -727,16 +726,16 @@ func TestListEphemeralNodes(t *testing.T) {
 	}
 
 	err = db.DB.Save(&node).Error
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	err = db.DB.Save(&nodeEph).Error
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	nodes, err := db.ListNodes()
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	ephemeralNodes, err := db.ListEphemeralNodes()
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	assert.Len(t, nodes, 2)
 	assert.Len(t, ephemeralNodes, 1)
@@ -754,10 +753,10 @@ func TestRenameNode(t *testing.T) {
 	}
 
 	user, err := db.CreateUser("test")
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	user2, err := db.CreateUser("test2")
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	node := types.Node{
 		ID:             0,
@@ -778,10 +777,10 @@ func TestRenameNode(t *testing.T) {
 	}
 
 	err = db.DB.Save(&node).Error
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	err = db.DB.Save(&node2).Error
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	err = db.DB.Transaction(func(tx *gorm.DB) error {
 		_, err := RegisterNode(tx, node, nil, nil)
@@ -791,10 +790,10 @@ func TestRenameNode(t *testing.T) {
 		_, err = RegisterNode(tx, node2, nil, nil)
 		return err
 	})
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	nodes, err := db.ListNodes()
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	assert.Len(t, nodes, 2)
 
@@ -816,26 +815,26 @@ func TestRenameNode(t *testing.T) {
 	err = db.Write(func(tx *gorm.DB) error {
 		return RenameNode(tx, nodes[0].ID, "newname")
 	})
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	nodes, err = db.ListNodes()
-	require.NoError(t, err)
+	assert.NoError(t, err)
 	assert.Len(t, nodes, 2)
-	assert.Equal(t, "test", nodes[0].Hostname)
-	assert.Equal(t, "newname", nodes[0].GivenName)
+	assert.Equal(t, nodes[0].Hostname, "test")
+	assert.Equal(t, nodes[0].GivenName, "newname")
 
 	// Nodes can reuse name that is no longer used
 	err = db.Write(func(tx *gorm.DB) error {
 		return RenameNode(tx, nodes[1].ID, "test")
 	})
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	nodes, err = db.ListNodes()
-	require.NoError(t, err)
+	assert.NoError(t, err)
 	assert.Len(t, nodes, 2)
-	assert.Equal(t, "test", nodes[0].Hostname)
-	assert.Equal(t, "newname", nodes[0].GivenName)
-	assert.Equal(t, "test", nodes[1].GivenName)
+	assert.Equal(t, nodes[0].Hostname, "test")
+	assert.Equal(t, nodes[0].GivenName, "newname")
+	assert.Equal(t, nodes[1].GivenName, "test")
 
 	// Nodes cannot be renamed to used names
 	err = db.Write(func(tx *gorm.DB) error {

hscontrol/db/users_test.go

@@ -90,10 +90,9 @@ func (s *Suite) TestRenameUser(c *check.C) {
 	c.Assert(err, check.IsNil)
 	c.Assert(userTest2.Name, check.Equals, "test2")
 
-	want := "UNIQUE constraint failed"
 	err = db.RenameUser(types.UserID(userTest2.ID), "test-renamed")
-	if err == nil || !strings.Contains(err.Error(), want) {
-		c.Fatalf("expected failure with unique constraint, want: %q got: %q", want, err)
+	if !strings.Contains(err.Error(), "UNIQUE constraint failed") {
+		c.Fatalf("expected failure with unique constraint, got: %s", err.Error())
 	}
 }
 

hscontrol/oidc.go

@@ -505,7 +505,7 @@ func (a *AuthProviderOIDC) registerNode(
 }
 
 // TODO(kradalby):
-// Rewrite in elem-go.
+// Rewrite in elem-go
 func renderOIDCCallbackTemplate(
 	user *types.User,
 ) (*bytes.Buffer, error) {

hscontrol/policy/acls.go

@@ -613,7 +613,7 @@ func (pol *ACLPolicy) ExpandAlias(
 // TODO(kradalby): It is quite hard to understand what this function is doing,
 // it seems like it trying to ensure that we dont include nodes that are tagged
 // when we look up the nodes owned by a user.
-// This should be refactored to be more clear as part of the Tags work in #1369.
+// This should be refactored to be more clear as part of the Tags work in #1369
 func excludeCorrectlyTaggedNodes(
 	aclPolicy *ACLPolicy,
 	nodes types.Nodes,

hscontrol/policy/acls_test.go

@@ -11,7 +11,7 @@ import (
 	"github.com/juanfont/headscale/hscontrol/util"
 	"github.com/rs/zerolog/log"
 	"github.com/spf13/viper"
-	"github.com/stretchr/testify/require"
+	"github.com/stretchr/testify/assert"
 	"go4.org/netipx"
 	"gopkg.in/check.v1"
 	"tailscale.com/net/tsaddr"
@@ -1824,20 +1824,12 @@ func TestTheInternet(t *testing.T) {
 
 	for i := range internetPrefs {
 		if internetPrefs[i].String() != hsExitNodeDest[i].IP {
-			t.Errorf(
-				"prefix from internet set %q != hsExit list %q",
-				internetPrefs[i].String(),
-				hsExitNodeDest[i].IP,
-			)
+			t.Errorf("prefix from internet set %q != hsExit list %q", internetPrefs[i].String(), hsExitNodeDest[i].IP)
 		}
 	}
 
 	if len(internetPrefs) != len(hsExitNodeDest) {
-		t.Fatalf(
-			"expected same length of prefixes, internet: %d, hsExit: %d",
-			len(internetPrefs),
-			len(hsExitNodeDest),
-		)
+		t.Fatalf("expected same length of prefixes, internet: %d, hsExit: %d", len(internetPrefs), len(hsExitNodeDest))
 	}
 }
 
@@ -2044,12 +2036,7 @@ func TestReduceFilterRules(t *testing.T) {
 			},
 			want: []tailcfg.FilterRule{
 				{
-					SrcIPs: []string{
-						"100.64.0.1/32",
-						"100.64.0.2/32",
-						"fd7a:115c:a1e0::1/128",
-						"fd7a:115c:a1e0::2/128",
-					},
+					SrcIPs: []string{"100.64.0.1/32", "100.64.0.2/32", "fd7a:115c:a1e0::1/128", "fd7a:115c:a1e0::2/128"},
 					DstPorts: []tailcfg.NetPortRange{
 						{
 							IP:    "100.64.0.100/32",
@@ -2062,12 +2049,7 @@ func TestReduceFilterRules(t *testing.T) {
 					},
 				},
 				{
-					SrcIPs: []string{
-						"100.64.0.1/32",
-						"100.64.0.2/32",
-						"fd7a:115c:a1e0::1/128",
-						"fd7a:115c:a1e0::2/128",
-					},
+					SrcIPs:   []string{"100.64.0.1/32", "100.64.0.2/32", "fd7a:115c:a1e0::1/128", "fd7a:115c:a1e0::2/128"},
 					DstPorts: hsExitNodeDest,
 				},
 			},
@@ -2150,12 +2132,7 @@ func TestReduceFilterRules(t *testing.T) {
 			},
 			want: []tailcfg.FilterRule{
 				{
-					SrcIPs: []string{
-						"100.64.0.1/32",
-						"100.64.0.2/32",
-						"fd7a:115c:a1e0::1/128",
-						"fd7a:115c:a1e0::2/128",
-					},
+					SrcIPs: []string{"100.64.0.1/32", "100.64.0.2/32", "fd7a:115c:a1e0::1/128", "fd7a:115c:a1e0::2/128"},
 					DstPorts: []tailcfg.NetPortRange{
 						{
 							IP:    "100.64.0.100/32",
@@ -2168,12 +2145,7 @@ func TestReduceFilterRules(t *testing.T) {
 					},
 				},
 				{
-					SrcIPs: []string{
-						"100.64.0.1/32",
-						"100.64.0.2/32",
-						"fd7a:115c:a1e0::1/128",
-						"fd7a:115c:a1e0::2/128",
-					},
+					SrcIPs: []string{"100.64.0.1/32", "100.64.0.2/32", "fd7a:115c:a1e0::1/128", "fd7a:115c:a1e0::2/128"},
 					DstPorts: []tailcfg.NetPortRange{
 						{IP: "0.0.0.0/5", Ports: tailcfg.PortRangeAny},
 						{IP: "8.0.0.0/7", Ports: tailcfg.PortRangeAny},
@@ -2245,10 +2217,7 @@ func TestReduceFilterRules(t *testing.T) {
 				IPv6: iap("fd7a:115c:a1e0::100"),
 				User: types.User{Name: "user100"},
 				Hostinfo: &tailcfg.Hostinfo{
-					RoutableIPs: []netip.Prefix{
-						netip.MustParsePrefix("8.0.0.0/16"),
-						netip.MustParsePrefix("16.0.0.0/16"),
-					},
+					RoutableIPs: []netip.Prefix{netip.MustParsePrefix("8.0.0.0/16"), netip.MustParsePrefix("16.0.0.0/16")},
 				},
 			},
 			peers: types.Nodes{
@@ -2265,12 +2234,7 @@ func TestReduceFilterRules(t *testing.T) {
 			},
 			want: []tailcfg.FilterRule{
 				{
-					SrcIPs: []string{
-						"100.64.0.1/32",
-						"100.64.0.2/32",
-						"fd7a:115c:a1e0::1/128",
-						"fd7a:115c:a1e0::2/128",
-					},
+					SrcIPs: []string{"100.64.0.1/32", "100.64.0.2/32", "fd7a:115c:a1e0::1/128", "fd7a:115c:a1e0::2/128"},
 					DstPorts: []tailcfg.NetPortRange{
 						{
 							IP:    "100.64.0.100/32",
@@ -2283,12 +2247,7 @@ func TestReduceFilterRules(t *testing.T) {
 					},
 				},
 				{
-					SrcIPs: []string{
-						"100.64.0.1/32",
-						"100.64.0.2/32",
-						"fd7a:115c:a1e0::1/128",
-						"fd7a:115c:a1e0::2/128",
-					},
+					SrcIPs: []string{"100.64.0.1/32", "100.64.0.2/32", "fd7a:115c:a1e0::1/128", "fd7a:115c:a1e0::2/128"},
 					DstPorts: []tailcfg.NetPortRange{
 						{
 							IP:    "8.0.0.0/8",
@@ -2335,10 +2294,7 @@ func TestReduceFilterRules(t *testing.T) {
 				IPv6: iap("fd7a:115c:a1e0::100"),
 				User: types.User{Name: "user100"},
 				Hostinfo: &tailcfg.Hostinfo{
-					RoutableIPs: []netip.Prefix{
-						netip.MustParsePrefix("8.0.0.0/8"),
-						netip.MustParsePrefix("16.0.0.0/8"),
-					},
+					RoutableIPs: []netip.Prefix{netip.MustParsePrefix("8.0.0.0/8"), netip.MustParsePrefix("16.0.0.0/8")},
 				},
 			},
 			peers: types.Nodes{
@@ -2355,12 +2311,7 @@ func TestReduceFilterRules(t *testing.T) {
 			},
 			want: []tailcfg.FilterRule{
 				{
-					SrcIPs: []string{
-						"100.64.0.1/32",
-						"100.64.0.2/32",
-						"fd7a:115c:a1e0::1/128",
-						"fd7a:115c:a1e0::2/128",
-					},
+					SrcIPs: []string{"100.64.0.1/32", "100.64.0.2/32", "fd7a:115c:a1e0::1/128", "fd7a:115c:a1e0::2/128"},
 					DstPorts: []tailcfg.NetPortRange{
 						{
 							IP:    "100.64.0.100/32",
@@ -2373,12 +2324,7 @@ func TestReduceFilterRules(t *testing.T) {
 					},
 				},
 				{
-					SrcIPs: []string{
-						"100.64.0.1/32",
-						"100.64.0.2/32",
-						"fd7a:115c:a1e0::1/128",
-						"fd7a:115c:a1e0::2/128",
-					},
+					SrcIPs: []string{"100.64.0.1/32", "100.64.0.2/32", "fd7a:115c:a1e0::1/128", "fd7a:115c:a1e0::2/128"},
 					DstPorts: []tailcfg.NetPortRange{
 						{
 							IP:    "8.0.0.0/16",
@@ -3353,11 +3299,7 @@ func TestSSHRules(t *testing.T) {
 					SSHUsers: map[string]string{
 						"autogroup:nonroot": "=",
 					},
-					Action: &tailcfg.SSHAction{
-						Accept:                   true,
-						AllowAgentForwarding:     true,
-						AllowLocalPortForwarding: true,
-					},
+					Action: &tailcfg.SSHAction{Accept: true, AllowAgentForwarding: true, AllowLocalPortForwarding: true},
 				},
 				{
 					SSHUsers: map[string]string{
@@ -3368,11 +3310,7 @@ func TestSSHRules(t *testing.T) {
 							Any: true,
 						},
 					},
-					Action: &tailcfg.SSHAction{
-						Accept:                   true,
-						AllowAgentForwarding:     true,
-						AllowLocalPortForwarding: true,
-					},
+					Action: &tailcfg.SSHAction{Accept: true, AllowAgentForwarding: true, AllowLocalPortForwarding: true},
 				},
 				{
 					Principals: []*tailcfg.SSHPrincipal{
@@ -3383,11 +3321,7 @@ func TestSSHRules(t *testing.T) {
 					SSHUsers: map[string]string{
 						"autogroup:nonroot": "=",
 					},
-					Action: &tailcfg.SSHAction{
-						Accept:                   true,
-						AllowAgentForwarding:     true,
-						AllowLocalPortForwarding: true,
-					},
+					Action: &tailcfg.SSHAction{Accept: true, AllowAgentForwarding: true, AllowLocalPortForwarding: true},
 				},
 				{
 					SSHUsers: map[string]string{
@@ -3398,11 +3332,7 @@ func TestSSHRules(t *testing.T) {
 							Any: true,
 						},
 					},
-					Action: &tailcfg.SSHAction{
-						Accept:                   true,
-						AllowAgentForwarding:     true,
-						AllowLocalPortForwarding: true,
-					},
+					Action: &tailcfg.SSHAction{Accept: true, AllowAgentForwarding: true, AllowLocalPortForwarding: true},
 				},
 			}},
 		},
@@ -3462,7 +3392,7 @@ func TestSSHRules(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			got, err := tt.pol.CompileSSHPolicy(&tt.node, tt.peers)
-			require.NoError(t, err)
+			assert.NoError(t, err)
 
 			if diff := cmp.Diff(tt.want, got); diff != "" {
 				t.Errorf("TestSSHRules() unexpected result (-want +got):\n%s", diff)
@@ -3569,7 +3499,7 @@ func TestValidExpandTagOwnersInSources(t *testing.T) {
 	}
 
 	got, _, err := GenerateFilterAndSSHRulesForTests(pol, node, types.Nodes{})
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	want := []tailcfg.FilterRule{
 		{
@@ -3620,7 +3550,7 @@ func TestInvalidTagValidUser(t *testing.T) {
 	}
 
 	got, _, err := GenerateFilterAndSSHRulesForTests(pol, node, types.Nodes{})
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	want := []tailcfg.FilterRule{
 		{
@@ -3679,7 +3609,7 @@ func TestValidExpandTagOwnersInDestinations(t *testing.T) {
 	// c.Assert(rules[0].DstPorts[0].IP, check.Equals, "100.64.0.1/32")
 
 	got, _, err := GenerateFilterAndSSHRulesForTests(pol, node, types.Nodes{})
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	want := []tailcfg.FilterRule{
 		{
@@ -3749,7 +3679,7 @@ func TestValidTagInvalidUser(t *testing.T) {
 	}
 
 	got, _, err := GenerateFilterAndSSHRulesForTests(pol, node, types.Nodes{nodes2})
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	want := []tailcfg.FilterRule{
 		{

hscontrol/templates/windows.go

@@ -21,8 +21,7 @@ func Windows(url string) *elem.Element {
 				elem.A(attrs.Props{
 					attrs.Href:   "https://tailscale.com/download/windows",
 					attrs.Rel:    "noreferrer noopener",
-					attrs.Target: "_blank",
-				},
+					attrs.Target: "_blank"},
 					elem.Text("Tailscale for Windows ")),
 				elem.Text("and install it."),
 			),

hscontrol/types/config_test.go

@@ -9,7 +9,6 @@ import (
 	"github.com/google/go-cmp/cmp"
 	"github.com/spf13/viper"
 	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
 	"tailscale.com/tailcfg"
 	"tailscale.com/types/dnstype"
 )
@@ -37,17 +36,8 @@ func TestReadConfig(t *testing.T) {
 				MagicDNS:   true,
 				BaseDomain: "example.com",
 				Nameservers: Nameservers{
-					Global: []string{
-						"1.1.1.1",
-						"1.0.0.1",
-						"2606:4700:4700::1111",
-						"2606:4700:4700::1001",
-						"https://dns.nextdns.io/abc123",
-					},
-					Split: map[string][]string{
-						"darp.headscale.net": {"1.1.1.1", "8.8.8.8"},
-						"foo.bar.com":        {"1.1.1.1"},
-					},
+					Global: []string{"1.1.1.1", "1.0.0.1", "2606:4700:4700::1111", "2606:4700:4700::1001", "https://dns.nextdns.io/abc123"},
+					Split:  map[string][]string{"darp.headscale.net": {"1.1.1.1", "8.8.8.8"}, "foo.bar.com": {"1.1.1.1"}},
 				},
 				ExtraRecords: []tailcfg.DNSRecord{
 					{Name: "grafana.myvpn.example.com", Type: "A", Value: "100.64.0.3"},
@@ -102,17 +92,8 @@ func TestReadConfig(t *testing.T) {
 				MagicDNS:   false,
 				BaseDomain: "example.com",
 				Nameservers: Nameservers{
-					Global: []string{
-						"1.1.1.1",
-						"1.0.0.1",
-						"2606:4700:4700::1111",
-						"2606:4700:4700::1001",
-						"https://dns.nextdns.io/abc123",
-					},
-					Split: map[string][]string{
-						"darp.headscale.net": {"1.1.1.1", "8.8.8.8"},
-						"foo.bar.com":        {"1.1.1.1"},
-					},
+					Global: []string{"1.1.1.1", "1.0.0.1", "2606:4700:4700::1111", "2606:4700:4700::1001", "https://dns.nextdns.io/abc123"},
+					Split:  map[string][]string{"darp.headscale.net": {"1.1.1.1", "8.8.8.8"}, "foo.bar.com": {"1.1.1.1"}},
 				},
 				ExtraRecords: []tailcfg.DNSRecord{
 					{Name: "grafana.myvpn.example.com", Type: "A", Value: "100.64.0.3"},
@@ -206,7 +187,7 @@ func TestReadConfig(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			viper.Reset()
 			err := LoadConfig(tt.configPath, true)
-			require.NoError(t, err)
+			assert.NoError(t, err)
 
 			conf, err := tt.setup(t)
 
@@ -216,7 +197,7 @@ func TestReadConfig(t *testing.T) {
 				return
 			}
 
-			require.NoError(t, err)
+			assert.NoError(t, err)
 
 			if diff := cmp.Diff(tt.want, conf); diff != "" {
 				t.Errorf("ReadConfig() mismatch (-want +got):\n%s", diff)
@@ -296,10 +277,10 @@ func TestReadConfigFromEnv(t *testing.T) {
 
 			viper.Reset()
 			err := LoadConfig("testdata/minimal.yaml", true)
-			require.NoError(t, err)
+			assert.NoError(t, err)
 
 			conf, err := tt.setup(t)
-			require.NoError(t, err)
+			assert.NoError(t, err)
 
 			if diff := cmp.Diff(tt.want, conf); diff != "" {
 				t.Errorf("ReadConfig() mismatch (-want +got):\n%s", diff)
@@ -330,25 +311,13 @@ noise:
 
 	// Check configuration validation errors (1)
 	err = LoadConfig(tmpDir, false)
-	require.NoError(t, err)
+	assert.NoError(t, err)
 
 	err = validateServerConfig()
-	require.Error(t, err)
-	assert.Contains(
-		t,
-		err.Error(),
-		"Fatal config error: set either tls_letsencrypt_hostname or tls_cert_path/tls_key_path, not both",
-	)
-	assert.Contains(
-		t,
-		err.Error(),
-		"Fatal config error: the only supported values for tls_letsencrypt_challenge_type are",
-	)
-	assert.Contains(
-		t,
-		err.Error(),
-		"Fatal config error: server_url must start with https:// or http://",
-	)
+	assert.Error(t, err)
+	assert.Contains(t, err.Error(), "Fatal config error: set either tls_letsencrypt_hostname or tls_cert_path/tls_key_path, not both")
+	assert.Contains(t, err.Error(), "Fatal config error: the only supported values for tls_letsencrypt_challenge_type are")
+	assert.Contains(t, err.Error(), "Fatal config error: server_url must start with https:// or http://")
 
 	// Check configuration validation errors (2)
 	configYaml = []byte(`---
@@ -363,7 +332,7 @@ tls_letsencrypt_challenge_type: TLS-ALPN-01
 		t.Fatalf("Couldn't write file %s", configFilePath)
 	}
 	err = LoadConfig(tmpDir, false)
-	require.NoError(t, err)
+	assert.NoError(t, err)
 }
 
 // OK

hscontrol/types/users.go

@@ -27,7 +27,7 @@ type User struct {
 
 	// Username for the user, is used if email is empty
 	// Should not be used, please use Username().
-	Name string
+	Name string `gorm:"uniqueIndex:idx_name_provider_identifier;index"`
 
 	// Typically the full name of the user
 	DisplayName string
@@ -39,7 +39,7 @@ type User struct {
 	// Unique identifier of the user from OIDC,
 	// comes from `sub` claim in the OIDC token
 	// and is used to lookup the user.
-	ProviderIdentifier sql.NullString
+	ProviderIdentifier sql.NullString `gorm:"uniqueIndex:idx_name_provider_identifier;uniqueIndex:idx_provider_identifier"`
 
 	// Provider is the origin of the user account,
 	// same as RegistrationMethod, without authkey.

hscontrol/util/string_test.go

@@ -4,13 +4,12 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
 )
 
 func TestGenerateRandomStringDNSSafe(t *testing.T) {
 	for i := 0; i < 100000; i++ {
 		str, err := GenerateRandomStringDNSSafe(8)
-		require.NoError(t, err)
+		assert.Nil(t, err)
 		assert.Len(t, str, 8)
 	}
 }

integration/acl_test.go

@@ -12,7 +12,6 @@ import (
 	"github.com/juanfont/headscale/integration/hsic"
 	"github.com/juanfont/headscale/integration/tsic"
 	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
 )
 
 var veryLargeDestination = []string{
@@ -55,7 +54,7 @@ func aclScenario(
 ) *Scenario {
 	t.Helper()
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	spec := map[string]int{
 		"user1": clientsPerUser,
@@ -78,10 +77,10 @@ func aclScenario(
 		hsic.WithACLPolicy(policy),
 		hsic.WithTestName("acl"),
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	_, err = scenario.ListTailscaleClientsFQDNs()
-	require.NoError(t, err)
+	assertNoErrListFQDN(t, err)
 
 	return scenario
 }
@@ -268,7 +267,7 @@ func TestACLHostsInNetMapTable(t *testing.T) {
 	for name, testCase := range tests {
 		t.Run(name, func(t *testing.T) {
 			scenario, err := NewScenario(dockertestMaxWait())
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			spec := testCase.users
 
@@ -276,22 +275,22 @@ func TestACLHostsInNetMapTable(t *testing.T) {
 				[]tsic.Option{},
 				hsic.WithACLPolicy(&testCase.policy),
 			)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 			defer scenario.ShutdownAssertNoPanics(t)
 
 			allClients, err := scenario.ListTailscaleClients()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			err = scenario.WaitForTailscaleSyncWithPeerCount(testCase.want["user1"])
-			require.NoError(t, err)
+			assertNoErrSync(t, err)
 
 			for _, client := range allClients {
 				status, err := client.Status()
-				require.NoError(t, err)
+				assertNoErr(t, err)
 
 				user := status.User[status.Self.UserID].LoginName
 
-				assert.Len(t, status.Peer, (testCase.want[user]))
+				assert.Equal(t, (testCase.want[user]), len(status.Peer))
 			}
 		})
 	}
@@ -320,23 +319,23 @@ func TestACLAllowUser80Dst(t *testing.T) {
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	user1Clients, err := scenario.ListTailscaleClients("user1")
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	user2Clients, err := scenario.ListTailscaleClients("user2")
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// Test that user1 can visit all user2
 	for _, client := range user1Clients {
 		for _, peer := range user2Clients {
 			fqdn, err := peer.FQDN()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			url := fmt.Sprintf("http://%s/etc/hostname", fqdn)
 			t.Logf("url from %s to %s", client.Hostname(), url)
 
 			result, err := client.Curl(url)
 			assert.Len(t, result, 13)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 		}
 	}
 
@@ -344,14 +343,14 @@ func TestACLAllowUser80Dst(t *testing.T) {
 	for _, client := range user2Clients {
 		for _, peer := range user1Clients {
 			fqdn, err := peer.FQDN()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			url := fmt.Sprintf("http://%s/etc/hostname", fqdn)
 			t.Logf("url from %s to %s", client.Hostname(), url)
 
 			result, err := client.Curl(url)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 		}
 	}
 }
@@ -377,10 +376,10 @@ func TestACLDenyAllPort80(t *testing.T) {
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	allClients, err := scenario.ListTailscaleClients()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	allHostnames, err := scenario.ListTailscaleClientsFQDNs()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	for _, client := range allClients {
 		for _, hostname := range allHostnames {
@@ -395,7 +394,7 @@ func TestACLDenyAllPort80(t *testing.T) {
 
 			result, err := client.Curl(url)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 		}
 	}
 }
@@ -421,23 +420,23 @@ func TestACLAllowUserDst(t *testing.T) {
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	user1Clients, err := scenario.ListTailscaleClients("user1")
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	user2Clients, err := scenario.ListTailscaleClients("user2")
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// Test that user1 can visit all user2
 	for _, client := range user1Clients {
 		for _, peer := range user2Clients {
 			fqdn, err := peer.FQDN()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			url := fmt.Sprintf("http://%s/etc/hostname", fqdn)
 			t.Logf("url from %s to %s", client.Hostname(), url)
 
 			result, err := client.Curl(url)
 			assert.Len(t, result, 13)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 		}
 	}
 
@@ -445,14 +444,14 @@ func TestACLAllowUserDst(t *testing.T) {
 	for _, client := range user2Clients {
 		for _, peer := range user1Clients {
 			fqdn, err := peer.FQDN()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			url := fmt.Sprintf("http://%s/etc/hostname", fqdn)
 			t.Logf("url from %s to %s", client.Hostname(), url)
 
 			result, err := client.Curl(url)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 		}
 	}
 }
@@ -477,23 +476,23 @@ func TestACLAllowStarDst(t *testing.T) {
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	user1Clients, err := scenario.ListTailscaleClients("user1")
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	user2Clients, err := scenario.ListTailscaleClients("user2")
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// Test that user1 can visit all user2
 	for _, client := range user1Clients {
 		for _, peer := range user2Clients {
 			fqdn, err := peer.FQDN()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			url := fmt.Sprintf("http://%s/etc/hostname", fqdn)
 			t.Logf("url from %s to %s", client.Hostname(), url)
 
 			result, err := client.Curl(url)
 			assert.Len(t, result, 13)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 		}
 	}
 
@@ -501,14 +500,14 @@ func TestACLAllowStarDst(t *testing.T) {
 	for _, client := range user2Clients {
 		for _, peer := range user1Clients {
 			fqdn, err := peer.FQDN()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			url := fmt.Sprintf("http://%s/etc/hostname", fqdn)
 			t.Logf("url from %s to %s", client.Hostname(), url)
 
 			result, err := client.Curl(url)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 		}
 	}
 }
@@ -538,23 +537,23 @@ func TestACLNamedHostsCanReachBySubnet(t *testing.T) {
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	user1Clients, err := scenario.ListTailscaleClients("user1")
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	user2Clients, err := scenario.ListTailscaleClients("user2")
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// Test that user1 can visit all user2
 	for _, client := range user1Clients {
 		for _, peer := range user2Clients {
 			fqdn, err := peer.FQDN()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			url := fmt.Sprintf("http://%s/etc/hostname", fqdn)
 			t.Logf("url from %s to %s", client.Hostname(), url)
 
 			result, err := client.Curl(url)
 			assert.Len(t, result, 13)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 		}
 	}
 
@@ -562,14 +561,14 @@ func TestACLNamedHostsCanReachBySubnet(t *testing.T) {
 	for _, client := range user2Clients {
 		for _, peer := range user1Clients {
 			fqdn, err := peer.FQDN()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			url := fmt.Sprintf("http://%s/etc/hostname", fqdn)
 			t.Logf("url from %s to %s", client.Hostname(), url)
 
 			result, err := client.Curl(url)
 			assert.Len(t, result, 13)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 		}
 	}
 }
@@ -680,10 +679,10 @@ func TestACLNamedHostsCanReach(t *testing.T) {
 			test1ip4 := netip.MustParseAddr("100.64.0.1")
 			test1ip6 := netip.MustParseAddr("fd7a:115c:a1e0::1")
 			test1, err := scenario.FindTailscaleClientByIP(test1ip6)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			test1fqdn, err := test1.FQDN()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 			test1ip4URL := fmt.Sprintf("http://%s/etc/hostname", test1ip4.String())
 			test1ip6URL := fmt.Sprintf("http://[%s]/etc/hostname", test1ip6.String())
 			test1fqdnURL := fmt.Sprintf("http://%s/etc/hostname", test1fqdn)
@@ -691,10 +690,10 @@ func TestACLNamedHostsCanReach(t *testing.T) {
 			test2ip4 := netip.MustParseAddr("100.64.0.2")
 			test2ip6 := netip.MustParseAddr("fd7a:115c:a1e0::2")
 			test2, err := scenario.FindTailscaleClientByIP(test2ip6)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			test2fqdn, err := test2.FQDN()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 			test2ip4URL := fmt.Sprintf("http://%s/etc/hostname", test2ip4.String())
 			test2ip6URL := fmt.Sprintf("http://[%s]/etc/hostname", test2ip6.String())
 			test2fqdnURL := fmt.Sprintf("http://%s/etc/hostname", test2fqdn)
@@ -702,10 +701,10 @@ func TestACLNamedHostsCanReach(t *testing.T) {
 			test3ip4 := netip.MustParseAddr("100.64.0.3")
 			test3ip6 := netip.MustParseAddr("fd7a:115c:a1e0::3")
 			test3, err := scenario.FindTailscaleClientByIP(test3ip6)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			test3fqdn, err := test3.FQDN()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 			test3ip4URL := fmt.Sprintf("http://%s/etc/hostname", test3ip4.String())
 			test3ip6URL := fmt.Sprintf("http://[%s]/etc/hostname", test3ip6.String())
 			test3fqdnURL := fmt.Sprintf("http://%s/etc/hostname", test3fqdn)
@@ -720,7 +719,7 @@ func TestACLNamedHostsCanReach(t *testing.T) {
 				test3ip4URL,
 				result,
 			)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			result, err = test1.Curl(test3ip6URL)
 			assert.Lenf(
@@ -731,7 +730,7 @@ func TestACLNamedHostsCanReach(t *testing.T) {
 				test3ip6URL,
 				result,
 			)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			result, err = test1.Curl(test3fqdnURL)
 			assert.Lenf(
@@ -742,7 +741,7 @@ func TestACLNamedHostsCanReach(t *testing.T) {
 				test3fqdnURL,
 				result,
 			)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			// test2 can query test3
 			result, err = test2.Curl(test3ip4URL)
@@ -754,7 +753,7 @@ func TestACLNamedHostsCanReach(t *testing.T) {
 				test3ip4URL,
 				result,
 			)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			result, err = test2.Curl(test3ip6URL)
 			assert.Lenf(
@@ -765,7 +764,7 @@ func TestACLNamedHostsCanReach(t *testing.T) {
 				test3ip6URL,
 				result,
 			)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			result, err = test2.Curl(test3fqdnURL)
 			assert.Lenf(
@@ -776,33 +775,33 @@ func TestACLNamedHostsCanReach(t *testing.T) {
 				test3fqdnURL,
 				result,
 			)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			// test3 cannot query test1
 			result, err = test3.Curl(test1ip4URL)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 
 			result, err = test3.Curl(test1ip6URL)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 
 			result, err = test3.Curl(test1fqdnURL)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 
 			// test3 cannot query test2
 			result, err = test3.Curl(test2ip4URL)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 
 			result, err = test3.Curl(test2ip6URL)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 
 			result, err = test3.Curl(test2fqdnURL)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 
 			// test1 can query test2
 			result, err = test1.Curl(test2ip4URL)
@@ -815,7 +814,7 @@ func TestACLNamedHostsCanReach(t *testing.T) {
 				result,
 			)
 
-			require.NoError(t, err)
+			assertNoErr(t, err)
 			result, err = test1.Curl(test2ip6URL)
 			assert.Lenf(
 				t,
@@ -825,7 +824,7 @@ func TestACLNamedHostsCanReach(t *testing.T) {
 				test2ip6URL,
 				result,
 			)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			result, err = test1.Curl(test2fqdnURL)
 			assert.Lenf(
@@ -836,20 +835,20 @@ func TestACLNamedHostsCanReach(t *testing.T) {
 				test2fqdnURL,
 				result,
 			)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			// test2 cannot query test1
 			result, err = test2.Curl(test1ip4URL)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 
 			result, err = test2.Curl(test1ip6URL)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 
 			result, err = test2.Curl(test1fqdnURL)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 		})
 	}
 }
@@ -947,10 +946,10 @@ func TestACLDevice1CanAccessDevice2(t *testing.T) {
 			test1ip6 := netip.MustParseAddr("fd7a:115c:a1e0::1")
 			test1, err := scenario.FindTailscaleClientByIP(test1ip)
 			assert.NotNil(t, test1)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			test1fqdn, err := test1.FQDN()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 			test1ipURL := fmt.Sprintf("http://%s/etc/hostname", test1ip.String())
 			test1ip6URL := fmt.Sprintf("http://[%s]/etc/hostname", test1ip6.String())
 			test1fqdnURL := fmt.Sprintf("http://%s/etc/hostname", test1fqdn)
@@ -959,10 +958,10 @@ func TestACLDevice1CanAccessDevice2(t *testing.T) {
 			test2ip6 := netip.MustParseAddr("fd7a:115c:a1e0::2")
 			test2, err := scenario.FindTailscaleClientByIP(test2ip)
 			assert.NotNil(t, test2)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			test2fqdn, err := test2.FQDN()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 			test2ipURL := fmt.Sprintf("http://%s/etc/hostname", test2ip.String())
 			test2ip6URL := fmt.Sprintf("http://[%s]/etc/hostname", test2ip6.String())
 			test2fqdnURL := fmt.Sprintf("http://%s/etc/hostname", test2fqdn)
@@ -977,7 +976,7 @@ func TestACLDevice1CanAccessDevice2(t *testing.T) {
 				test2ipURL,
 				result,
 			)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			result, err = test1.Curl(test2ip6URL)
 			assert.Lenf(
@@ -988,7 +987,7 @@ func TestACLDevice1CanAccessDevice2(t *testing.T) {
 				test2ip6URL,
 				result,
 			)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			result, err = test1.Curl(test2fqdnURL)
 			assert.Lenf(
@@ -999,19 +998,19 @@ func TestACLDevice1CanAccessDevice2(t *testing.T) {
 				test2fqdnURL,
 				result,
 			)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			result, err = test2.Curl(test1ipURL)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 
 			result, err = test2.Curl(test1ip6URL)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 
 			result, err = test2.Curl(test1fqdnURL)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 		})
 	}
 }
@@ -1021,7 +1020,7 @@ func TestPolicyUpdateWhileRunningWithCLIInDatabase(t *testing.T) {
 	t.Parallel()
 
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	spec := map[string]int{
@@ -1047,19 +1046,19 @@ func TestPolicyUpdateWhileRunningWithCLIInDatabase(t *testing.T) {
 			"HEADSCALE_POLICY_MODE": "database",
 		}),
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	_, err = scenario.ListTailscaleClientsFQDNs()
-	require.NoError(t, err)
+	assertNoErrListFQDN(t, err)
 
 	err = scenario.WaitForTailscaleSync()
-	require.NoError(t, err)
+	assertNoErrSync(t, err)
 
 	user1Clients, err := scenario.ListTailscaleClients("user1")
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	user2Clients, err := scenario.ListTailscaleClients("user2")
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	all := append(user1Clients, user2Clients...)
 
@@ -1071,19 +1070,19 @@ func TestPolicyUpdateWhileRunningWithCLIInDatabase(t *testing.T) {
 			}
 
 			fqdn, err := peer.FQDN()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			url := fmt.Sprintf("http://%s/etc/hostname", fqdn)
 			t.Logf("url from %s to %s", client.Hostname(), url)
 
 			result, err := client.Curl(url)
 			assert.Len(t, result, 13)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 		}
 	}
 
 	headscale, err := scenario.Headscale()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	p := policy.ACLPolicy{
 		ACLs: []policy.ACL{
@@ -1101,7 +1100,7 @@ func TestPolicyUpdateWhileRunningWithCLIInDatabase(t *testing.T) {
 	policyFilePath := "/etc/headscale/policy.json"
 
 	err = headscale.WriteFile(policyFilePath, pBytes)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// No policy is present at this time.
 	// Add a new policy from a file.
@@ -1114,7 +1113,7 @@ func TestPolicyUpdateWhileRunningWithCLIInDatabase(t *testing.T) {
 			policyFilePath,
 		},
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// Get the current policy and check
 	// if it is the same as the one we set.
@@ -1130,7 +1129,7 @@ func TestPolicyUpdateWhileRunningWithCLIInDatabase(t *testing.T) {
 		},
 		&output,
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	assert.Len(t, output.ACLs, 1)
 
@@ -1142,14 +1141,14 @@ func TestPolicyUpdateWhileRunningWithCLIInDatabase(t *testing.T) {
 	for _, client := range user1Clients {
 		for _, peer := range user2Clients {
 			fqdn, err := peer.FQDN()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			url := fmt.Sprintf("http://%s/etc/hostname", fqdn)
 			t.Logf("url from %s to %s", client.Hostname(), url)
 
 			result, err := client.Curl(url)
 			assert.Len(t, result, 13)
-			require.NoError(t, err)
+			assertNoErr(t, err)
 		}
 	}
 
@@ -1157,14 +1156,14 @@ func TestPolicyUpdateWhileRunningWithCLIInDatabase(t *testing.T) {
 	for _, client := range user2Clients {
 		for _, peer := range user1Clients {
 			fqdn, err := peer.FQDN()
-			require.NoError(t, err)
+			assertNoErr(t, err)
 
 			url := fmt.Sprintf("http://%s/etc/hostname", fqdn)
 			t.Logf("url from %s to %s", client.Hostname(), url)
 
 			result, err := client.Curl(url)
 			assert.Empty(t, result)
-			require.Error(t, err)
+			assert.Error(t, err)
 		}
 	}
 }

integration/cli_test.go

@@ -13,7 +13,6 @@ import (
 	"github.com/juanfont/headscale/integration/hsic"
 	"github.com/juanfont/headscale/integration/tsic"
 	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
 )
 
 func executeAndUnmarshal[T any](headscale ControlServer, command []string, result T) error {
@@ -35,7 +34,7 @@ func TestUserCommand(t *testing.T) {
 	t.Parallel()
 
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	spec := map[string]int{
@@ -44,10 +43,10 @@ func TestUserCommand(t *testing.T) {
 	}
 
 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("clins"))
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	headscale, err := scenario.Headscale()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	var listUsers []v1.User
 	err = executeAndUnmarshal(headscale,
@@ -60,7 +59,7 @@ func TestUserCommand(t *testing.T) {
 		},
 		&listUsers,
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	result := []string{listUsers[0].GetName(), listUsers[1].GetName()}
 	sort.Strings(result)
@@ -82,7 +81,7 @@ func TestUserCommand(t *testing.T) {
 			"newname",
 		},
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	var listAfterRenameUsers []v1.User
 	err = executeAndUnmarshal(headscale,
@@ -95,7 +94,7 @@ func TestUserCommand(t *testing.T) {
 		},
 		&listAfterRenameUsers,
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	result = []string{listAfterRenameUsers[0].GetName(), listAfterRenameUsers[1].GetName()}
 	sort.Strings(result)
@@ -115,7 +114,7 @@ func TestPreAuthKeyCommand(t *testing.T) {
 	count := 3
 
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	spec := map[string]int{
@@ -123,13 +122,13 @@ func TestPreAuthKeyCommand(t *testing.T) {
 	}
 
 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("clipak"))
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	headscale, err := scenario.Headscale()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	keys := make([]*v1.PreAuthKey, count)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	for index := 0; index < count; index++ {
 		var preAuthKey v1.PreAuthKey
@@ -151,7 +150,7 @@ func TestPreAuthKeyCommand(t *testing.T) {
 			},
 			&preAuthKey,
 		)
-		require.NoError(t, err)
+		assertNoErr(t, err)
 
 		keys[index] = &preAuthKey
 	}
@@ -172,7 +171,7 @@ func TestPreAuthKeyCommand(t *testing.T) {
 		},
 		&listedPreAuthKeys,
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// There is one key created by "scenario.CreateHeadscaleEnv"
 	assert.Len(t, listedPreAuthKeys, 4)
@@ -229,7 +228,7 @@ func TestPreAuthKeyCommand(t *testing.T) {
 			listedPreAuthKeys[1].GetKey(),
 		},
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	var listedPreAuthKeysAfterExpire []v1.PreAuthKey
 	err = executeAndUnmarshal(
@@ -245,7 +244,7 @@ func TestPreAuthKeyCommand(t *testing.T) {
 		},
 		&listedPreAuthKeysAfterExpire,
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	assert.True(t, listedPreAuthKeysAfterExpire[1].GetExpiration().AsTime().Before(time.Now()))
 	assert.True(t, listedPreAuthKeysAfterExpire[2].GetExpiration().AsTime().After(time.Now()))
@@ -259,7 +258,7 @@ func TestPreAuthKeyCommandWithoutExpiry(t *testing.T) {
 	user := "pre-auth-key-without-exp-user"
 
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	spec := map[string]int{
@@ -267,10 +266,10 @@ func TestPreAuthKeyCommandWithoutExpiry(t *testing.T) {
 	}
 
 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("clipaknaexp"))
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	headscale, err := scenario.Headscale()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	var preAuthKey v1.PreAuthKey
 	err = executeAndUnmarshal(
@@ -287,7 +286,7 @@ func TestPreAuthKeyCommandWithoutExpiry(t *testing.T) {
 		},
 		&preAuthKey,
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	var listedPreAuthKeys []v1.PreAuthKey
 	err = executeAndUnmarshal(
@@ -303,7 +302,7 @@ func TestPreAuthKeyCommandWithoutExpiry(t *testing.T) {
 		},
 		&listedPreAuthKeys,
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// There is one key created by "scenario.CreateHeadscaleEnv"
 	assert.Len(t, listedPreAuthKeys, 2)
@@ -322,7 +321,7 @@ func TestPreAuthKeyCommandReusableEphemeral(t *testing.T) {
 	user := "pre-auth-key-reus-ephm-user"
 
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	spec := map[string]int{
@@ -330,10 +329,10 @@ func TestPreAuthKeyCommandReusableEphemeral(t *testing.T) {
 	}
 
 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("clipakresueeph"))
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	headscale, err := scenario.Headscale()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	var preAuthReusableKey v1.PreAuthKey
 	err = executeAndUnmarshal(
@@ -350,7 +349,7 @@ func TestPreAuthKeyCommandReusableEphemeral(t *testing.T) {
 		},
 		&preAuthReusableKey,
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	var preAuthEphemeralKey v1.PreAuthKey
 	err = executeAndUnmarshal(
@@ -367,7 +366,7 @@ func TestPreAuthKeyCommandReusableEphemeral(t *testing.T) {
 		},
 		&preAuthEphemeralKey,
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	assert.True(t, preAuthEphemeralKey.GetEphemeral())
 	assert.False(t, preAuthEphemeralKey.GetReusable())
@@ -386,7 +385,7 @@ func TestPreAuthKeyCommandReusableEphemeral(t *testing.T) {
 		},
 		&listedPreAuthKeys,
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// There is one key created by "scenario.CreateHeadscaleEnv"
 	assert.Len(t, listedPreAuthKeys, 3)
@@ -400,7 +399,7 @@ func TestPreAuthKeyCorrectUserLoggedInCommand(t *testing.T) {
 	user2 := "user2"
 
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	spec := map[string]int{
@@ -416,10 +415,10 @@ func TestPreAuthKeyCorrectUserLoggedInCommand(t *testing.T) {
 		hsic.WithTLS(),
 		hsic.WithHostnameAsServerURL(),
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	headscale, err := scenario.Headscale()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	var user2Key v1.PreAuthKey
 
@@ -441,10 +440,10 @@ func TestPreAuthKeyCorrectUserLoggedInCommand(t *testing.T) {
 		},
 		&user2Key,
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	allClients, err := scenario.ListTailscaleClients()
-	require.NoError(t, err)
+	assertNoErrListClients(t, err)
 
 	assert.Len(t, allClients, 1)
 
@@ -452,22 +451,22 @@ func TestPreAuthKeyCorrectUserLoggedInCommand(t *testing.T) {
 
 	// Log out from user1
 	err = client.Logout()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	err = scenario.WaitForTailscaleLogout()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	status, err := client.Status()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	if status.BackendState == "Starting" || status.BackendState == "Running" {
 		t.Fatalf("expected node to be logged out, backend state: %s", status.BackendState)
 	}
 
 	err = client.Login(headscale.GetEndpoint(), user2Key.GetKey())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	status, err = client.Status()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	if status.BackendState != "Running" {
 		t.Fatalf("expected node to be logged in, backend state: %s", status.BackendState)
 	}
@@ -488,7 +487,7 @@ func TestPreAuthKeyCorrectUserLoggedInCommand(t *testing.T) {
 		},
 		&listNodes,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 	assert.Len(t, listNodes, 1)
 
 	assert.Equal(t, "user2", listNodes[0].GetUser().GetName())
@@ -501,7 +500,7 @@ func TestApiKeyCommand(t *testing.T) {
 	count := 5
 
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	spec := map[string]int{
@@ -510,10 +509,10 @@ func TestApiKeyCommand(t *testing.T) {
 	}
 
 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("clins"))
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	headscale, err := scenario.Headscale()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	keys := make([]string, count)
 
@@ -529,7 +528,7 @@ func TestApiKeyCommand(t *testing.T) {
 				"json",
 			},
 		)
-		require.NoError(t, err)
+		assert.Nil(t, err)
 		assert.NotEmpty(t, apiResult)
 
 		keys[idx] = apiResult
@@ -548,7 +547,7 @@ func TestApiKeyCommand(t *testing.T) {
 		},
 		&listedAPIKeys,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	assert.Len(t, listedAPIKeys, 5)
 
@@ -604,7 +603,7 @@ func TestApiKeyCommand(t *testing.T) {
 				listedAPIKeys[idx].GetPrefix(),
 			},
 		)
-		require.NoError(t, err)
+		assert.Nil(t, err)
 
 		expiredPrefixes[listedAPIKeys[idx].GetPrefix()] = true
 	}
@@ -620,7 +619,7 @@ func TestApiKeyCommand(t *testing.T) {
 		},
 		&listedAfterExpireAPIKeys,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	for index := range listedAfterExpireAPIKeys {
 		if _, ok := expiredPrefixes[listedAfterExpireAPIKeys[index].GetPrefix()]; ok {
@@ -646,7 +645,7 @@ func TestApiKeyCommand(t *testing.T) {
 			"--prefix",
 			listedAPIKeys[0].GetPrefix(),
 		})
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	var listedAPIKeysAfterDelete []v1.ApiKey
 	err = executeAndUnmarshal(headscale,
@@ -659,7 +658,7 @@ func TestApiKeyCommand(t *testing.T) {
 		},
 		&listedAPIKeysAfterDelete,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	assert.Len(t, listedAPIKeysAfterDelete, 4)
 }
@@ -669,7 +668,7 @@ func TestNodeTagCommand(t *testing.T) {
 	t.Parallel()
 
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	spec := map[string]int{
@@ -677,17 +676,17 @@ func TestNodeTagCommand(t *testing.T) {
 	}
 
 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("clins"))
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	headscale, err := scenario.Headscale()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	machineKeys := []string{
 		"mkey:9b2ffa7e08cc421a3d2cca9012280f6a236fd0de0b4ce005b30a98ad930306fe",
 		"mkey:6abd00bb5fdda622db51387088c68e97e71ce58e7056aa54f592b6a8219d524c",
 	}
 	nodes := make([]*v1.Node, len(machineKeys))
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	for index, machineKey := range machineKeys {
 		_, err := headscale.Execute(
@@ -705,7 +704,7 @@ func TestNodeTagCommand(t *testing.T) {
 				"json",
 			},
 		)
-		require.NoError(t, err)
+		assert.Nil(t, err)
 
 		var node v1.Node
 		err = executeAndUnmarshal(
@@ -723,7 +722,7 @@ func TestNodeTagCommand(t *testing.T) {
 			},
 			&node,
 		)
-		require.NoError(t, err)
+		assert.Nil(t, err)
 
 		nodes[index] = &node
 	}
@@ -742,7 +741,7 @@ func TestNodeTagCommand(t *testing.T) {
 		},
 		&node,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	assert.Equal(t, []string{"tag:test"}, node.GetForcedTags())
 
@@ -756,7 +755,7 @@ func TestNodeTagCommand(t *testing.T) {
 			"--output", "json",
 		},
 	)
-	require.ErrorContains(t, err, "tag must start with the string 'tag:'")
+	assert.ErrorContains(t, err, "tag must start with the string 'tag:'")
 
 	// Test list all nodes after added seconds
 	resultMachines := make([]*v1.Node, len(machineKeys))
@@ -770,7 +769,7 @@ func TestNodeTagCommand(t *testing.T) {
 		},
 		&resultMachines,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 	found := false
 	for _, node := range resultMachines {
 		if node.GetForcedTags() != nil {
@@ -781,8 +780,9 @@ func TestNodeTagCommand(t *testing.T) {
 			}
 		}
 	}
-	assert.True(
+	assert.Equal(
 		t,
+		true,
 		found,
 		"should find a node with the tag 'tag:test' in the list of nodes",
 	)
@@ -793,22 +793,18 @@ func TestNodeAdvertiseTagNoACLCommand(t *testing.T) {
 	t.Parallel()
 
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	spec := map[string]int{
 		"user1": 1,
 	}
 
-	err = scenario.CreateHeadscaleEnv(
-		spec,
-		[]tsic.Option{tsic.WithTags([]string{"tag:test"})},
-		hsic.WithTestName("cliadvtags"),
-	)
-	require.NoError(t, err)
+	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{tsic.WithTags([]string{"tag:test"})}, hsic.WithTestName("cliadvtags"))
+	assertNoErr(t, err)
 
 	headscale, err := scenario.Headscale()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// Test list all nodes after added seconds
 	resultMachines := make([]*v1.Node, spec["user1"])
@@ -823,7 +819,7 @@ func TestNodeAdvertiseTagNoACLCommand(t *testing.T) {
 		},
 		&resultMachines,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 	found := false
 	for _, node := range resultMachines {
 		if node.GetInvalidTags() != nil {
@@ -834,8 +830,9 @@ func TestNodeAdvertiseTagNoACLCommand(t *testing.T) {
 			}
 		}
 	}
-	assert.True(
+	assert.Equal(
 		t,
+		true,
 		found,
 		"should not find a node with the tag 'tag:test' in the list of nodes",
 	)
@@ -846,18 +843,14 @@ func TestNodeAdvertiseTagWithACLCommand(t *testing.T) {
 	t.Parallel()
 
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	spec := map[string]int{
 		"user1": 1,
 	}
 
-	err = scenario.CreateHeadscaleEnv(
-		spec,
-		[]tsic.Option{tsic.WithTags([]string{"tag:exists"})},
-		hsic.WithTestName("cliadvtags"),
-		hsic.WithACLPolicy(
+	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{tsic.WithTags([]string{"tag:exists"})}, hsic.WithTestName("cliadvtags"), hsic.WithACLPolicy(
 		&policy.ACLPolicy{
 			ACLs: []policy.ACL{
 				{
@@ -870,12 +863,11 @@ func TestNodeAdvertiseTagWithACLCommand(t *testing.T) {
 				"tag:exists": {"user1"},
 			},
 		},
-		),
-	)
-	require.NoError(t, err)
+	))
+	assertNoErr(t, err)
 
 	headscale, err := scenario.Headscale()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// Test list all nodes after added seconds
 	resultMachines := make([]*v1.Node, spec["user1"])
@@ -890,7 +882,7 @@ func TestNodeAdvertiseTagWithACLCommand(t *testing.T) {
 		},
 		&resultMachines,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 	found := false
 	for _, node := range resultMachines {
 		if node.GetValidTags() != nil {
@@ -901,8 +893,9 @@ func TestNodeAdvertiseTagWithACLCommand(t *testing.T) {
 			}
 		}
 	}
-	assert.True(
+	assert.Equal(
 		t,
+		true,
 		found,
 		"should not find a node with the tag 'tag:exists' in the list of nodes",
 	)
@@ -913,7 +906,7 @@ func TestNodeCommand(t *testing.T) {
 	t.Parallel()
 
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	spec := map[string]int{
@@ -922,10 +915,10 @@ func TestNodeCommand(t *testing.T) {
 	}
 
 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("clins"))
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	headscale, err := scenario.Headscale()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// Pregenerated machine keys
 	machineKeys := []string{
@@ -936,7 +929,7 @@ func TestNodeCommand(t *testing.T) {
 		"mkey:cf7b0fd05da556fdc3bab365787b506fd82d64a70745db70e00e86c1b1c03084",
 	}
 	nodes := make([]*v1.Node, len(machineKeys))
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	for index, machineKey := range machineKeys {
 		_, err := headscale.Execute(
@@ -954,7 +947,7 @@ func TestNodeCommand(t *testing.T) {
 				"json",
 			},
 		)
-		require.NoError(t, err)
+		assert.Nil(t, err)
 
 		var node v1.Node
 		err = executeAndUnmarshal(
@@ -972,7 +965,7 @@ func TestNodeCommand(t *testing.T) {
 			},
 			&node,
 		)
-		require.NoError(t, err)
+		assert.Nil(t, err)
 
 		nodes[index] = &node
 	}
@@ -992,7 +985,7 @@ func TestNodeCommand(t *testing.T) {
 		},
 		&listAll,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	assert.Len(t, listAll, 5)
 
@@ -1013,7 +1006,7 @@ func TestNodeCommand(t *testing.T) {
 		"mkey:dc721977ac7415aafa87f7d4574cbe07c6b171834a6d37375782bdc1fb6b3584",
 	}
 	otherUserMachines := make([]*v1.Node, len(otherUserMachineKeys))
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	for index, machineKey := range otherUserMachineKeys {
 		_, err := headscale.Execute(
@@ -1031,7 +1024,7 @@ func TestNodeCommand(t *testing.T) {
 				"json",
 			},
 		)
-		require.NoError(t, err)
+		assert.Nil(t, err)
 
 		var node v1.Node
 		err = executeAndUnmarshal(
@@ -1049,7 +1042,7 @@ func TestNodeCommand(t *testing.T) {
 			},
 			&node,
 		)
-		require.NoError(t, err)
+		assert.Nil(t, err)
 
 		otherUserMachines[index] = &node
 	}
@@ -1069,7 +1062,7 @@ func TestNodeCommand(t *testing.T) {
 		},
 		&listAllWithotherUser,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	// All nodes, nodes + otherUser
 	assert.Len(t, listAllWithotherUser, 7)
@@ -1095,7 +1088,7 @@ func TestNodeCommand(t *testing.T) {
 		},
 		&listOnlyotherUserMachineUser,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	assert.Len(t, listOnlyotherUserMachineUser, 2)
 
@@ -1127,7 +1120,7 @@ func TestNodeCommand(t *testing.T) {
 			"--force",
 		},
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	// Test: list main user after node is deleted
 	var listOnlyMachineUserAfterDelete []v1.Node
@@ -1144,7 +1137,7 @@ func TestNodeCommand(t *testing.T) {
 		},
 		&listOnlyMachineUserAfterDelete,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	assert.Len(t, listOnlyMachineUserAfterDelete, 4)
 }
@@ -1154,7 +1147,7 @@ func TestNodeExpireCommand(t *testing.T) {
 	t.Parallel()
 
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	spec := map[string]int{
@@ -1162,10 +1155,10 @@ func TestNodeExpireCommand(t *testing.T) {
 	}
 
 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("clins"))
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	headscale, err := scenario.Headscale()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// Pregenerated machine keys
 	machineKeys := []string{
@@ -1193,7 +1186,7 @@ func TestNodeExpireCommand(t *testing.T) {
 				"json",
 			},
 		)
-		require.NoError(t, err)
+		assert.Nil(t, err)
 
 		var node v1.Node
 		err = executeAndUnmarshal(
@@ -1211,7 +1204,7 @@ func TestNodeExpireCommand(t *testing.T) {
 			},
 			&node,
 		)
-		require.NoError(t, err)
+		assert.Nil(t, err)
 
 		nodes[index] = &node
 	}
@@ -1230,7 +1223,7 @@ func TestNodeExpireCommand(t *testing.T) {
 		},
 		&listAll,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	assert.Len(t, listAll, 5)
 
@@ -1250,7 +1243,7 @@ func TestNodeExpireCommand(t *testing.T) {
 				fmt.Sprintf("%d", listAll[idx].GetId()),
 			},
 		)
-		require.NoError(t, err)
+		assert.Nil(t, err)
 	}
 
 	var listAllAfterExpiry []v1.Node
@@ -1265,7 +1258,7 @@ func TestNodeExpireCommand(t *testing.T) {
 		},
 		&listAllAfterExpiry,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	assert.Len(t, listAllAfterExpiry, 5)
 
@@ -1281,7 +1274,7 @@ func TestNodeRenameCommand(t *testing.T) {
 	t.Parallel()
 
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	spec := map[string]int{
@@ -1289,10 +1282,10 @@ func TestNodeRenameCommand(t *testing.T) {
 	}
 
 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("clins"))
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	headscale, err := scenario.Headscale()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// Pregenerated machine keys
 	machineKeys := []string{
@@ -1303,7 +1296,7 @@ func TestNodeRenameCommand(t *testing.T) {
 		"mkey:9b2ffa7e08cc421a3d2cca9012280f6a236fd0de0b4ce005b30a98ad930306fe",
 	}
 	nodes := make([]*v1.Node, len(machineKeys))
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	for index, machineKey := range machineKeys {
 		_, err := headscale.Execute(
@@ -1321,7 +1314,7 @@ func TestNodeRenameCommand(t *testing.T) {
 				"json",
 			},
 		)
-		require.NoError(t, err)
+		assertNoErr(t, err)
 
 		var node v1.Node
 		err = executeAndUnmarshal(
@@ -1339,7 +1332,7 @@ func TestNodeRenameCommand(t *testing.T) {
 			},
 			&node,
 		)
-		require.NoError(t, err)
+		assertNoErr(t, err)
 
 		nodes[index] = &node
 	}
@@ -1358,7 +1351,7 @@ func TestNodeRenameCommand(t *testing.T) {
 		},
 		&listAll,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	assert.Len(t, listAll, 5)
 
@@ -1379,7 +1372,7 @@ func TestNodeRenameCommand(t *testing.T) {
 				fmt.Sprintf("newnode-%d", idx+1),
 			},
 		)
-		require.NoError(t, err)
+		assert.Nil(t, err)
 
 		assert.Contains(t, res, "Node renamed")
 	}
@@ -1396,7 +1389,7 @@ func TestNodeRenameCommand(t *testing.T) {
 		},
 		&listAllAfterRename,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	assert.Len(t, listAllAfterRename, 5)
 
@@ -1417,7 +1410,7 @@ func TestNodeRenameCommand(t *testing.T) {
 			strings.Repeat("t", 64),
 		},
 	)
-	require.ErrorContains(t, err, "not be over 63 chars")
+	assert.ErrorContains(t, err, "not be over 63 chars")
 
 	var listAllAfterRenameAttempt []v1.Node
 	err = executeAndUnmarshal(
@@ -1431,7 +1424,7 @@ func TestNodeRenameCommand(t *testing.T) {
 		},
 		&listAllAfterRenameAttempt,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	assert.Len(t, listAllAfterRenameAttempt, 5)
 
@@ -1447,7 +1440,7 @@ func TestNodeMoveCommand(t *testing.T) {
 	t.Parallel()
 
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	spec := map[string]int{
@@ -1456,10 +1449,10 @@ func TestNodeMoveCommand(t *testing.T) {
 	}
 
 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("clins"))
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	headscale, err := scenario.Headscale()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// Randomly generated node key
 	machineKey := "mkey:688411b767663479632d44140f08a9fde87383adc7cdeb518f62ce28a17ef0aa"
@@ -1479,7 +1472,7 @@ func TestNodeMoveCommand(t *testing.T) {
 			"json",
 		},
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	var node v1.Node
 	err = executeAndUnmarshal(
@@ -1497,11 +1490,11 @@ func TestNodeMoveCommand(t *testing.T) {
 		},
 		&node,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	assert.Equal(t, uint64(1), node.GetId())
 	assert.Equal(t, "nomad-node", node.GetName())
-	assert.Equal(t, "old-user", node.GetUser().GetName())
+	assert.Equal(t, node.GetUser().GetName(), "old-user")
 
 	nodeID := fmt.Sprintf("%d", node.GetId())
 
@@ -1520,9 +1513,9 @@ func TestNodeMoveCommand(t *testing.T) {
 		},
 		&node,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
-	assert.Equal(t, "new-user", node.GetUser().GetName())
+	assert.Equal(t, node.GetUser().GetName(), "new-user")
 
 	var allNodes []v1.Node
 	err = executeAndUnmarshal(
@@ -1536,13 +1529,13 @@ func TestNodeMoveCommand(t *testing.T) {
 		},
 		&allNodes,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	assert.Len(t, allNodes, 1)
 
 	assert.Equal(t, allNodes[0].GetId(), node.GetId())
 	assert.Equal(t, allNodes[0].GetUser(), node.GetUser())
-	assert.Equal(t, "new-user", allNodes[0].GetUser().GetName())
+	assert.Equal(t, allNodes[0].GetUser().GetName(), "new-user")
 
 	_, err = headscale.Execute(
 		[]string{
@@ -1557,12 +1550,12 @@ func TestNodeMoveCommand(t *testing.T) {
 			"json",
 		},
 	)
-	require.ErrorContains(
+	assert.ErrorContains(
 		t,
 		err,
 		"user not found",
 	)
-	assert.Equal(t, "new-user", node.GetUser().GetName())
+	assert.Equal(t, node.GetUser().GetName(), "new-user")
 
 	err = executeAndUnmarshal(
 		headscale,
@@ -1579,9 +1572,9 @@ func TestNodeMoveCommand(t *testing.T) {
 		},
 		&node,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
-	assert.Equal(t, "old-user", node.GetUser().GetName())
+	assert.Equal(t, node.GetUser().GetName(), "old-user")
 
 	err = executeAndUnmarshal(
 		headscale,
@@ -1598,9 +1591,9 @@ func TestNodeMoveCommand(t *testing.T) {
 		},
 		&node,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
-	assert.Equal(t, "old-user", node.GetUser().GetName())
+	assert.Equal(t, node.GetUser().GetName(), "old-user")
 }
 
 func TestPolicyCommand(t *testing.T) {
@@ -1608,7 +1601,7 @@ func TestPolicyCommand(t *testing.T) {
 	t.Parallel()
 
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	spec := map[string]int{
@@ -1623,10 +1616,10 @@ func TestPolicyCommand(t *testing.T) {
 			"HEADSCALE_POLICY_MODE": "database",
 		}),
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	headscale, err := scenario.Headscale()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	p := policy.ACLPolicy{
 		ACLs: []policy.ACL{
@@ -1646,7 +1639,7 @@ func TestPolicyCommand(t *testing.T) {
 	policyFilePath := "/etc/headscale/policy.json"
 
 	err = headscale.WriteFile(policyFilePath, pBytes)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// No policy is present at this time.
 	// Add a new policy from a file.
@@ -1660,7 +1653,7 @@ func TestPolicyCommand(t *testing.T) {
 		},
 	)
 
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// Get the current policy and check
 	// if it is the same as the one we set.
@@ -1676,11 +1669,11 @@ func TestPolicyCommand(t *testing.T) {
 		},
 		&output,
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	assert.Len(t, output.TagOwners, 1)
 	assert.Len(t, output.ACLs, 1)
-	assert.Equal(t, []string{"policy-user"}, output.TagOwners["tag:exists"])
+	assert.Equal(t, output.TagOwners["tag:exists"], []string{"policy-user"})
 }
 
 func TestPolicyBrokenConfigCommand(t *testing.T) {
@@ -1688,7 +1681,7 @@ func TestPolicyBrokenConfigCommand(t *testing.T) {
 	t.Parallel()
 
 	scenario, err := NewScenario(dockertestMaxWait())
-	require.NoError(t, err)
+	assertNoErr(t, err)
 	defer scenario.ShutdownAssertNoPanics(t)
 
 	spec := map[string]int{
@@ -1703,10 +1696,10 @@ func TestPolicyBrokenConfigCommand(t *testing.T) {
 			"HEADSCALE_POLICY_MODE": "database",
 		}),
 	)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	headscale, err := scenario.Headscale()
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	p := policy.ACLPolicy{
 		ACLs: []policy.ACL{
@@ -1728,7 +1721,7 @@ func TestPolicyBrokenConfigCommand(t *testing.T) {
 	policyFilePath := "/etc/headscale/policy.json"
 
 	err = headscale.WriteFile(policyFilePath, pBytes)
-	require.NoError(t, err)
+	assertNoErr(t, err)
 
 	// No policy is present at this time.
 	// Add a new policy from a file.
@@ -1741,7 +1734,7 @@ func TestPolicyBrokenConfigCommand(t *testing.T) {
 			policyFilePath,
 		},
 	)
-	require.ErrorContains(t, err, "verifying policy rules: invalid action")
+	assert.ErrorContains(t, err, "verifying policy rules: invalid action")
 
 	// The new policy was invalid, the old one should still be in place, which
 	// is none.
@@ -1754,5 +1747,5 @@ func TestPolicyBrokenConfigCommand(t *testing.T) {
 			"json",
 		},
 	)
-	require.ErrorContains(t, err, "acl policy not found")
+	assert.ErrorContains(t, err, "acl policy not found")
 }

integration/general_test.go

@@ -18,7 +18,6 @@ import (
 	"github.com/rs/zerolog/log"
 	"github.com/samber/lo"
 	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
 	"golang.org/x/sync/errgroup"
 	"tailscale.com/client/tailscale/apitype"
 	"tailscale.com/types/key"
@@ -245,11 +244,7 @@ func TestEphemeral(t *testing.T) {
 }
 
 func TestEphemeralInAlternateTimezone(t *testing.T) {
-	testEphemeralWithOptions(
-		t,
-		hsic.WithTestName("ephemeral-tz"),
-		hsic.WithTimezone("America/Los_Angeles"),
-	)
+	testEphemeralWithOptions(t, hsic.WithTestName("ephemeral-tz"), hsic.WithTimezone("America/Los_Angeles"))
 }
 
 func testEphemeralWithOptions(t *testing.T, opts ...hsic.Option) {
@@ -1169,10 +1164,10 @@ func Test2118DeletingOnlineNodePanics(t *testing.T) {
 		},
 		&nodeList,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 	assert.Len(t, nodeList, 2)
-	assert.True(t, nodeList[0].GetOnline())
-	assert.True(t, nodeList[1].GetOnline())
+	assert.True(t, nodeList[0].Online)
+	assert.True(t, nodeList[1].Online)
 
 	// Delete the first node, which is online
 	_, err = headscale.Execute(
@@ -1182,13 +1177,13 @@ func Test2118DeletingOnlineNodePanics(t *testing.T) {
 			"delete",
 			"--identifier",
 			// Delete the last added machine
-			fmt.Sprintf("%d", nodeList[0].GetId()),
+			fmt.Sprintf("%d", nodeList[0].Id),
 			"--output",
 			"json",
 			"--force",
 		},
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 
 	time.Sleep(2 * time.Second)
 
@@ -1205,8 +1200,9 @@ func Test2118DeletingOnlineNodePanics(t *testing.T) {
 		},
 		&nodeListAfter,
 	)
-	require.NoError(t, err)
+	assert.Nil(t, err)
 	assert.Len(t, nodeListAfter, 1)
-	assert.True(t, nodeListAfter[0].GetOnline())
-	assert.Equal(t, nodeList[1].GetId(), nodeListAfter[0].GetId())
+	assert.True(t, nodeListAfter[0].Online)
+	assert.Equal(t, nodeList[1].Id, nodeListAfter[0].Id)
+
 }

integration/route_test.go

@@ -92,9 +92,9 @@ func TestEnablingRoutes(t *testing.T) {
 	assert.Len(t, routes, 3)
 
 	for _, route := range routes {
-		assert.True(t, route.GetAdvertised())
-		assert.False(t, route.GetEnabled())
-		assert.False(t, route.GetIsPrimary())
+		assert.Equal(t, true, route.GetAdvertised())
+		assert.Equal(t, false, route.GetEnabled())
+		assert.Equal(t, false, route.GetIsPrimary())
 	}
 
 	// Verify that no routes has been sent to the client,
@@ -139,9 +139,9 @@ func TestEnablingRoutes(t *testing.T) {
 	assert.Len(t, enablingRoutes, 3)
 
 	for _, route := range enablingRoutes {
-		assert.True(t, route.GetAdvertised())
-		assert.True(t, route.GetEnabled())
-		assert.True(t, route.GetIsPrimary())
+		assert.Equal(t, true, route.GetAdvertised())
+		assert.Equal(t, true, route.GetEnabled())
+		assert.Equal(t, true, route.GetIsPrimary())
 	}
 
 	time.Sleep(5 * time.Second)
@@ -212,18 +212,18 @@ func TestEnablingRoutes(t *testing.T) {
 	assertNoErr(t, err)
 
 	for _, route := range disablingRoutes {
-		assert.True(t, route.GetAdvertised())
+		assert.Equal(t, true, route.GetAdvertised())
 
 		if route.GetId() == routeToBeDisabled.GetId() {
-			assert.False(t, route.GetEnabled())
+			assert.Equal(t, false, route.GetEnabled())
 
 			// since this is the only route of this cidr,
 			// it will not failover, and remain Primary
 			// until something can replace it.
-			assert.True(t, route.GetIsPrimary())
+			assert.Equal(t, true, route.GetIsPrimary())
 		} else {
-			assert.True(t, route.GetEnabled())
-			assert.True(t, route.GetIsPrimary())
+			assert.Equal(t, true, route.GetEnabled())
+			assert.Equal(t, true, route.GetIsPrimary())
 		}
 	}
 
@@ -342,9 +342,9 @@ func TestHASubnetRouterFailover(t *testing.T) {
 	t.Logf("initial routes %#v", routes)
 
 	for _, route := range routes {
-		assert.True(t, route.GetAdvertised())
-		assert.False(t, route.GetEnabled())
-		assert.False(t, route.GetIsPrimary())
+		assert.Equal(t, true, route.GetAdvertised())
+		assert.Equal(t, false, route.GetEnabled())
+		assert.Equal(t, false, route.GetIsPrimary())
 	}
 
 	// Verify that no routes has been sent to the client,
@@ -391,14 +391,14 @@ func TestHASubnetRouterFailover(t *testing.T) {
 	assert.Len(t, enablingRoutes, 2)
 
 	// Node 1 is primary
-	assert.True(t, enablingRoutes[0].GetAdvertised())
-	assert.True(t, enablingRoutes[0].GetEnabled())
-	assert.True(t, enablingRoutes[0].GetIsPrimary(), "both subnet routers are up, expected r1 to be primary")
+	assert.Equal(t, true, enablingRoutes[0].GetAdvertised())
+	assert.Equal(t, true, enablingRoutes[0].GetEnabled())
+	assert.Equal(t, true, enablingRoutes[0].GetIsPrimary(), "both subnet routers are up, expected r1 to be primary")
 
 	// Node 2 is not primary
-	assert.True(t, enablingRoutes[1].GetAdvertised())
-	assert.True(t, enablingRoutes[1].GetEnabled())
-	assert.False(t, enablingRoutes[1].GetIsPrimary(), "both subnet routers are up, expected r2 to be non-primary")
+	assert.Equal(t, true, enablingRoutes[1].GetAdvertised())
+	assert.Equal(t, true, enablingRoutes[1].GetEnabled())
+	assert.Equal(t, false, enablingRoutes[1].GetIsPrimary(), "both subnet routers are up, expected r2 to be non-primary")
 
 	// Verify that the client has routes from the primary machine
 	srs1, err := subRouter1.Status()
@@ -446,14 +446,14 @@ func TestHASubnetRouterFailover(t *testing.T) {
 	assert.Len(t, routesAfterMove, 2)
 
 	// Node 1 is not primary
-	assert.True(t, routesAfterMove[0].GetAdvertised())
-	assert.True(t, routesAfterMove[0].GetEnabled())
-	assert.False(t, routesAfterMove[0].GetIsPrimary(), "r1 is down, expected r2 to be primary")
+	assert.Equal(t, true, routesAfterMove[0].GetAdvertised())
+	assert.Equal(t, true, routesAfterMove[0].GetEnabled())
+	assert.Equal(t, false, routesAfterMove[0].GetIsPrimary(), "r1 is down, expected r2 to be primary")
 
 	// Node 2 is primary
-	assert.True(t, routesAfterMove[1].GetAdvertised())
-	assert.True(t, routesAfterMove[1].GetEnabled())
-	assert.True(t, routesAfterMove[1].GetIsPrimary(), "r1 is down, expected r2 to be primary")
+	assert.Equal(t, true, routesAfterMove[1].GetAdvertised())
+	assert.Equal(t, true, routesAfterMove[1].GetEnabled())
+	assert.Equal(t, true, routesAfterMove[1].GetIsPrimary(), "r1 is down, expected r2 to be primary")
 
 	srs2, err = subRouter2.Status()
 
@@ -501,16 +501,16 @@ func TestHASubnetRouterFailover(t *testing.T) {
 	assert.Len(t, routesAfterBothDown, 2)
 
 	// Node 1 is not primary
-	assert.True(t, routesAfterBothDown[0].GetAdvertised())
-	assert.True(t, routesAfterBothDown[0].GetEnabled())
-	assert.False(t, routesAfterBothDown[0].GetIsPrimary(), "r1 and r2 is down, expected r2 to _still_ be primary")
+	assert.Equal(t, true, routesAfterBothDown[0].GetAdvertised())
+	assert.Equal(t, true, routesAfterBothDown[0].GetEnabled())
+	assert.Equal(t, false, routesAfterBothDown[0].GetIsPrimary(), "r1 and r2 is down, expected r2 to _still_ be primary")
 
 	// Node 2 is primary
 	// if the node goes down, but no other suitable route is
 	// available, keep the last known good route.
-	assert.True(t, routesAfterBothDown[1].GetAdvertised())
-	assert.True(t, routesAfterBothDown[1].GetEnabled())
-	assert.True(t, routesAfterBothDown[1].GetIsPrimary(), "r1 and r2 is down, expected r2 to _still_ be primary")
+	assert.Equal(t, true, routesAfterBothDown[1].GetAdvertised())
+	assert.Equal(t, true, routesAfterBothDown[1].GetEnabled())
+	assert.Equal(t, true, routesAfterBothDown[1].GetIsPrimary(), "r1 and r2 is down, expected r2 to _still_ be primary")
 
 	// TODO(kradalby): Check client status
 	// Both are expected to be down
@@ -560,14 +560,14 @@ func TestHASubnetRouterFailover(t *testing.T) {
 	assert.Len(t, routesAfter1Up, 2)
 
 	// Node 1 is primary
-	assert.True(t, routesAfter1Up[0].GetAdvertised())
-	assert.True(t, routesAfter1Up[0].GetEnabled())
-	assert.True(t, routesAfter1Up[0].GetIsPrimary(), "r1 is back up, expected r1 to become be primary")
+	assert.Equal(t, true, routesAfter1Up[0].GetAdvertised())
+	assert.Equal(t, true, routesAfter1Up[0].GetEnabled())
+	assert.Equal(t, true, routesAfter1Up[0].GetIsPrimary(), "r1 is back up, expected r1 to become be primary")
 
 	// Node 2 is not primary
-	assert.True(t, routesAfter1Up[1].GetAdvertised())
-	assert.True(t, routesAfter1Up[1].GetEnabled())
-	assert.False(t, routesAfter1Up[1].GetIsPrimary(), "r1 is back up, expected r1 to become be primary")
+	assert.Equal(t, true, routesAfter1Up[1].GetAdvertised())
+	assert.Equal(t, true, routesAfter1Up[1].GetEnabled())
+	assert.Equal(t, false, routesAfter1Up[1].GetIsPrimary(), "r1 is back up, expected r1 to become be primary")
 
 	// Verify that the route is announced from subnet router 1
 	clientStatus, err = client.Status()
@@ -614,14 +614,14 @@ func TestHASubnetRouterFailover(t *testing.T) {
 	assert.Len(t, routesAfter2Up, 2)
 
 	// Node 1 is not primary
-	assert.True(t, routesAfter2Up[0].GetAdvertised())
-	assert.True(t, routesAfter2Up[0].GetEnabled())
-	assert.True(t, routesAfter2Up[0].GetIsPrimary(), "r1 and r2 is back up, expected r1 to _still_ be primary")
+	assert.Equal(t, true, routesAfter2Up[0].GetAdvertised())
+	assert.Equal(t, true, routesAfter2Up[0].GetEnabled())
+	assert.Equal(t, true, routesAfter2Up[0].GetIsPrimary(), "r1 and r2 is back up, expected r1 to _still_ be primary")
 
 	// Node 2 is primary
-	assert.True(t, routesAfter2Up[1].GetAdvertised())
-	assert.True(t, routesAfter2Up[1].GetEnabled())
-	assert.False(t, routesAfter2Up[1].GetIsPrimary(), "r1 and r2 is back up, expected r1 to _still_ be primary")
+	assert.Equal(t, true, routesAfter2Up[1].GetAdvertised())
+	assert.Equal(t, true, routesAfter2Up[1].GetEnabled())
+	assert.Equal(t, false, routesAfter2Up[1].GetIsPrimary(), "r1 and r2 is back up, expected r1 to _still_ be primary")
 
 	// Verify that the route is announced from subnet router 1
 	clientStatus, err = client.Status()
@@ -677,14 +677,14 @@ func TestHASubnetRouterFailover(t *testing.T) {
 	t.Logf("routes after disabling r1 %#v", routesAfterDisabling1)
 
 	// Node 1 is not primary
-	assert.True(t, routesAfterDisabling1[0].GetAdvertised())
-	assert.False(t, routesAfterDisabling1[0].GetEnabled())
-	assert.False(t, routesAfterDisabling1[0].GetIsPrimary())
+	assert.Equal(t, true, routesAfterDisabling1[0].GetAdvertised())
+	assert.Equal(t, false, routesAfterDisabling1[0].GetEnabled())
+	assert.Equal(t, false, routesAfterDisabling1[0].GetIsPrimary())
 
 	// Node 2 is primary
-	assert.True(t, routesAfterDisabling1[1].GetAdvertised())
-	assert.True(t, routesAfterDisabling1[1].GetEnabled())
-	assert.True(t, routesAfterDisabling1[1].GetIsPrimary())
+	assert.Equal(t, true, routesAfterDisabling1[1].GetAdvertised())
+	assert.Equal(t, true, routesAfterDisabling1[1].GetEnabled())
+	assert.Equal(t, true, routesAfterDisabling1[1].GetIsPrimary())
 
 	// Verify that the route is announced from subnet router 1
 	clientStatus, err = client.Status()
@@ -735,14 +735,14 @@ func TestHASubnetRouterFailover(t *testing.T) {
 	assert.Len(t, routesAfterEnabling1, 2)
 
 	// Node 1 is not primary
-	assert.True(t, routesAfterEnabling1[0].GetAdvertised())
-	assert.True(t, routesAfterEnabling1[0].GetEnabled())
-	assert.False(t, routesAfterEnabling1[0].GetIsPrimary())
+	assert.Equal(t, true, routesAfterEnabling1[0].GetAdvertised())
+	assert.Equal(t, true, routesAfterEnabling1[0].GetEnabled())
+	assert.Equal(t, false, routesAfterEnabling1[0].GetIsPrimary())
 
 	// Node 2 is primary
-	assert.True(t, routesAfterEnabling1[1].GetAdvertised())
-	assert.True(t, routesAfterEnabling1[1].GetEnabled())
-	assert.True(t, routesAfterEnabling1[1].GetIsPrimary())
+	assert.Equal(t, true, routesAfterEnabling1[1].GetAdvertised())
+	assert.Equal(t, true, routesAfterEnabling1[1].GetEnabled())
+	assert.Equal(t, true, routesAfterEnabling1[1].GetIsPrimary())
 
 	// Verify that the route is announced from subnet router 1
 	clientStatus, err = client.Status()
@@ -795,9 +795,9 @@ func TestHASubnetRouterFailover(t *testing.T) {
 	t.Logf("routes after deleting r2 %#v", routesAfterDeleting2)
 
 	// Node 1 is primary
-	assert.True(t, routesAfterDeleting2[0].GetAdvertised())
-	assert.True(t, routesAfterDeleting2[0].GetEnabled())
-	assert.True(t, routesAfterDeleting2[0].GetIsPrimary())
+	assert.Equal(t, true, routesAfterDeleting2[0].GetAdvertised())
+	assert.Equal(t, true, routesAfterDeleting2[0].GetEnabled())
+	assert.Equal(t, true, routesAfterDeleting2[0].GetIsPrimary())
 
 	// Verify that the route is announced from subnet router 1
 	clientStatus, err = client.Status()
@@ -893,9 +893,9 @@ func TestEnableDisableAutoApprovedRoute(t *testing.T) {
 	assert.Len(t, routes, 1)
 
 	// All routes should be auto approved and enabled
-	assert.True(t, routes[0].GetAdvertised())
-	assert.True(t, routes[0].GetEnabled())
-	assert.True(t, routes[0].GetIsPrimary())
+	assert.Equal(t, true, routes[0].GetAdvertised())
+	assert.Equal(t, true, routes[0].GetEnabled())
+	assert.Equal(t, true, routes[0].GetIsPrimary())
 
 	// Stop advertising route
 	command = []string{
@@ -924,9 +924,9 @@ func TestEnableDisableAutoApprovedRoute(t *testing.T) {
 	assert.Len(t, notAdvertisedRoutes, 1)
 
 	// Route is no longer advertised
-	assert.False(t, notAdvertisedRoutes[0].GetAdvertised())
-	assert.False(t, notAdvertisedRoutes[0].GetEnabled())
-	assert.True(t, notAdvertisedRoutes[0].GetIsPrimary())
+	assert.Equal(t, false, notAdvertisedRoutes[0].GetAdvertised())
+	assert.Equal(t, false, notAdvertisedRoutes[0].GetEnabled())
+	assert.Equal(t, true, notAdvertisedRoutes[0].GetIsPrimary())
 
 	// Advertise route again
 	command = []string{
@@ -955,9 +955,9 @@ func TestEnableDisableAutoApprovedRoute(t *testing.T) {
 	assert.Len(t, reAdvertisedRoutes, 1)
 
 	// All routes should be auto approved and enabled
-	assert.True(t, reAdvertisedRoutes[0].GetAdvertised())
-	assert.True(t, reAdvertisedRoutes[0].GetEnabled())
-	assert.True(t, reAdvertisedRoutes[0].GetIsPrimary())
+	assert.Equal(t, true, reAdvertisedRoutes[0].GetAdvertised())
+	assert.Equal(t, true, reAdvertisedRoutes[0].GetEnabled())
+	assert.Equal(t, true, reAdvertisedRoutes[0].GetIsPrimary())
 }
 
 func TestAutoApprovedSubRoute2068(t *testing.T) {
@@ -1163,9 +1163,9 @@ func TestSubnetRouteACL(t *testing.T) {
 	assert.Len(t, routes, 1)
 
 	for _, route := range routes {
-		assert.True(t, route.GetAdvertised())
-		assert.False(t, route.GetEnabled())
-		assert.False(t, route.GetIsPrimary())
+		assert.Equal(t, true, route.GetAdvertised())
+		assert.Equal(t, false, route.GetEnabled())
+		assert.Equal(t, false, route.GetIsPrimary())
 	}
 
 	// Verify that no routes has been sent to the client,
@@ -1212,9 +1212,9 @@ func TestSubnetRouteACL(t *testing.T) {
 	assert.Len(t, enablingRoutes, 1)
 
 	// Node 1 has active route
-	assert.True(t, enablingRoutes[0].GetAdvertised())
-	assert.True(t, enablingRoutes[0].GetEnabled())
-	assert.True(t, enablingRoutes[0].GetIsPrimary())
+	assert.Equal(t, true, enablingRoutes[0].GetAdvertised())
+	assert.Equal(t, true, enablingRoutes[0].GetEnabled())
+	assert.Equal(t, true, enablingRoutes[0].GetIsPrimary())
 
 	// Verify that the client has routes from the primary machine
 	srs1, _ := subRouter1.Status()

integration/scenario.go

@@ -21,7 +21,6 @@ import (
 	"github.com/puzpuzpuz/xsync/v3"
 	"github.com/samber/lo"
 	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
 	"golang.org/x/sync/errgroup"
 	"tailscale.com/envknob"
 )
@@ -206,11 +205,11 @@ func (s *Scenario) ShutdownAssertNoPanics(t *testing.T) {
 
 		if t != nil {
 			stdout, err := os.ReadFile(stdoutPath)
-			require.NoError(t, err)
+			assert.NoError(t, err)
 			assert.NotContains(t, string(stdout), "panic")
 
 			stderr, err := os.ReadFile(stderrPath)
-			require.NoError(t, err)
+			assert.NoError(t, err)
 			assert.NotContains(t, string(stderr), "panic")
 		}
 

mkdocs.yml

@@ -1,6 +1,5 @@
----
 site_name: Headscale
-site_url: https://juanfont.github.io/headscale/
+site_url: https://juanfont.github.io/headscale
 edit_uri: blob/main/docs/ # Change the master branch to main as we are using main as a main branch
 site_author: Headscale authors
 site_description: >-