GitOps for Tailscale ACLs

The blog post discusses implementing a GitOps workflow to manage Tailscale Access Control Lists (ACLs) using GitHub Actions, which allows for the centralized management of ACLs in a Git repository with "config as code" practices. This setup ensures that changes to the tailnet policy file undergo review and testing similar to code changes, leveraging the Sync Tailscale ACLs GitHub Action to automate updates and enforce version control. Users are warned about the GitOps setup in the admin console to prevent unauthorized changes, although emergency edits remain possible. While this approach offers a structured method for maintaining ACLs, it is noted that Tailscale API keys require regular renewal every 90 days, which currently must be done manually.