Better authentication with workload identity federation

Workload identity federation is a new feature introduced by Tailscale that enhances the security and automation of infrastructure and CI/CD systems by replacing static credentials like API keys with signed, short-lived OpenID Connect (OIDC) tokens. This approach leverages existing identity systems in cloud providers, allowing workloads to authenticate with Tailscale without manually managing secrets. The system supports various cloud platforms such as GitHub Actions, Google Cloud, and Microsoft Azure, and it is designed to facilitate secure, automated access to resources by using verifiable tokens. The feature is particularly beneficial for environments that prioritize automation and security, enabling ephemeral workloads to access networks with minimal permissions and reducing the complexity of credential management. The Tailscale admin console has been updated to simplify the management of OAuth clients and federated identities, and workload identity federation is now available in public beta across all Tailscale plans.