state: replace zcache with bounded LRU for auth cache

Replace zcache with golang-lru/v2/expirable for both the state auth cache and the OIDC state cache. Add tuning.register_cache_max_entries (default 1024) to cap the number of pending registration entries. Introduce types.RegistrationData to replace caching a full *Node; only the fields the registration callback path reads are retained. Remove the dead HSDatabase.regCache field. Drop zgo.at/zcache/v2 from go.mod.
2026-04-23 17:18:50 +02:00 · 2026-04-09 17:27:42 +00:00
parent 3587225a88
commit 0d4f2293ff
21 changed files with 343 additions and 258 deletions
--- a/hscontrol/mapper/batcher_test.go
+++ b/hscontrol/mapper/batcher_test.go
@@ -20,7 +20,6 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"tailscale.com/tailcfg"
-	"zgo.at/zcache/v2"
 )

 var errNodeNotFoundAfterAdd = errors.New("node not found after adding to batcher")
@@ -109,11 +108,6 @@ var allBatcherFunctions = []batcherTestCase{
 	{"Default", NewBatcherAndMapper},
 }

-// emptyCache creates an empty registration cache for testing.
-func emptyCache() *zcache.Cache[types.AuthID, types.AuthRequest] {
-	return zcache.New[types.AuthID, types.AuthRequest](time.Minute, time.Hour)
-}
-
 // Test configuration constants.
 const (
 	// Test data configuration.
@@ -211,10 +205,7 @@ func setupBatcherWithTestData(
 	}

 	// Create database and populate it with test data
-	database, err := db.NewHeadscaleDatabase(
-		cfg,
-		emptyCache(),
-	)
+	database, err := db.NewHeadscaleDatabase(cfg)
 	if err != nil {
 		t.Fatalf("setting up database: %s", err)
 	}