Rename [Nn]amespace -> [Uu]ser in go code

Use gopls, ag and perl to rename all occurances of Namespace Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-17 17:43:44 +01:00 · 2023-01-17 17:43:44 +01:00 · e3a2593344
commit e3a2593344
parent bafb6791d3
37 changed files with 1130 additions and 1130 deletions
--- a/integration/auth_oidc_test.go
+++ b/integration/auth_oidc_test.go
@ -49,7 +49,7 @@ func TestOIDCAuthenticationPingAll(t *testing.T) {
 	}

 	spec := map[string]int{
-		"namespace1": len(TailscaleVersions),
+		"user1": len(TailscaleVersions),
 	}

 	oidcConfig, err := scenario.runMockOIDC(defaultAccessTTL)
@ -116,7 +116,7 @@ func TestOIDCExpireNodes(t *testing.T) {
 	}

 	spec := map[string]int{
-		"namespace1": len(TailscaleVersions),
+		"user1": len(TailscaleVersions),
 	}

 	oidcConfig, err := scenario.runMockOIDC(shortAccessTTL)
@ -169,7 +169,7 @@ func TestOIDCExpireNodes(t *testing.T) {
 }

 func (s *AuthOIDCScenario) CreateHeadscaleEnv(
-	namespaces map[string]int,
+	users map[string]int,
 	opts ...hsic.Option,
 ) error {
 	headscale, err := s.Headscale(opts...)
@ -182,19 +182,19 @@ func (s *AuthOIDCScenario) CreateHeadscaleEnv(
 		return err
 	}

-	for namespaceName, clientCount := range namespaces {
-		log.Printf("creating namespace %s with %d clients", namespaceName, clientCount)
-		err = s.CreateNamespace(namespaceName)
+	for userName, clientCount := range users {
+		log.Printf("creating user %s with %d clients", userName, clientCount)
+		err = s.CreateUser(userName)
 		if err != nil {
 			return err
 		}

-		err = s.CreateTailscaleNodesInNamespace(namespaceName, "all", clientCount)
+		err = s.CreateTailscaleNodesInUser(userName, "all", clientCount)
 		if err != nil {
 			return err
 		}

-		err = s.runTailscaleUp(namespaceName, headscale.GetEndpoint())
+		err = s.runTailscaleUp(userName, headscale.GetEndpoint())
 		if err != nil {
 			return err
 		}
@ -287,20 +287,20 @@ func (s *AuthOIDCScenario) runMockOIDC(accessTTL time.Duration) (*headscale.OIDC
 }

 func (s *AuthOIDCScenario) runTailscaleUp(
-	namespaceStr, loginServer string,
+	userStr, loginServer string,
 ) error {
 	headscale, err := s.Headscale()
 	if err != nil {
 		return err
 	}

-	log.Printf("running tailscale up for namespace %s", namespaceStr)
-	if namespace, ok := s.namespaces[namespaceStr]; ok {
-		for _, client := range namespace.Clients {
-			namespace.joinWaitGroup.Add(1)
+	log.Printf("running tailscale up for user %s", userStr)
+	if user, ok := s.users[userStr]; ok {
+		for _, client := range user.Clients {
+			user.joinWaitGroup.Add(1)

 			go func(c TailscaleClient) {
-				defer namespace.joinWaitGroup.Done()
+				defer user.joinWaitGroup.Done()

 				// TODO(juanfont): error handle this
 				loginURL, err := c.UpWithLoginURL(loginServer)
@ -347,12 +347,12 @@ func (s *AuthOIDCScenario) runTailscaleUp(
 			log.Printf("client %s is ready", client.Hostname())
 		}

-		namespace.joinWaitGroup.Wait()
+		user.joinWaitGroup.Wait()

 		return nil
 	}

-	return fmt.Errorf("failed to up tailscale node: %w", errNoNamespaceAvailable)
+	return fmt.Errorf("failed to up tailscale node: %w", errNoUserAvailable)
 }

 func pingAll(t *testing.T, clients []TailscaleClient, ips []netip.Addr) int {
--- a/integration/auth_web_flow_test.go
+++ b/integration/auth_web_flow_test.go
@ -35,8 +35,8 @@ func TestAuthWebFlowAuthenticationPingAll(t *testing.T) {
 	}

 	spec := map[string]int{
-		"namespace1": len(TailscaleVersions),
-		"namespace2": len(TailscaleVersions),
+		"user1": len(TailscaleVersions),
+		"user2": len(TailscaleVersions),
 	}

 	err = scenario.CreateHeadscaleEnv(spec, hsic.WithTestName("webauthping"))
@ -93,8 +93,8 @@ func TestAuthWebFlowLogoutAndRelogin(t *testing.T) {
 	}

 	spec := map[string]int{
-		"namespace1": len(TailscaleVersions),
-		"namespace2": len(TailscaleVersions),
+		"user1": len(TailscaleVersions),
+		"user2": len(TailscaleVersions),
 	}

 	err = scenario.CreateHeadscaleEnv(spec, hsic.WithTestName("weblogout"))
@ -156,8 +156,8 @@ func TestAuthWebFlowLogoutAndRelogin(t *testing.T) {
 		t.Errorf("failed to get headscale server: %s", err)
 	}

-	for namespaceName := range spec {
-		err = scenario.runTailscaleUp(namespaceName, headscale.GetEndpoint())
+	for userName := range spec {
+		err = scenario.runTailscaleUp(userName, headscale.GetEndpoint())
 		if err != nil {
 			t.Errorf("failed to run tailscale up: %s", err)
 		}
@ -225,7 +225,7 @@ func TestAuthWebFlowLogoutAndRelogin(t *testing.T) {
 }

 func (s *AuthWebFlowScenario) CreateHeadscaleEnv(
-	namespaces map[string]int,
+	users map[string]int,
 	opts ...hsic.Option,
 ) error {
 	headscale, err := s.Headscale(opts...)
@ -238,19 +238,19 @@ func (s *AuthWebFlowScenario) CreateHeadscaleEnv(
 		return err
 	}

-	for namespaceName, clientCount := range namespaces {
-		log.Printf("creating namespace %s with %d clients", namespaceName, clientCount)
-		err = s.CreateNamespace(namespaceName)
+	for userName, clientCount := range users {
+		log.Printf("creating user %s with %d clients", userName, clientCount)
+		err = s.CreateUser(userName)
 		if err != nil {
 			return err
 		}

-		err = s.CreateTailscaleNodesInNamespace(namespaceName, "all", clientCount)
+		err = s.CreateTailscaleNodesInUser(userName, "all", clientCount)
 		if err != nil {
 			return err
 		}

-		err = s.runTailscaleUp(namespaceName, headscale.GetEndpoint())
+		err = s.runTailscaleUp(userName, headscale.GetEndpoint())
 		if err != nil {
 			return err
 		}
@ -260,15 +260,15 @@ func (s *AuthWebFlowScenario) CreateHeadscaleEnv(
 }

 func (s *AuthWebFlowScenario) runTailscaleUp(
-	namespaceStr, loginServer string,
+	userStr, loginServer string,
 ) error {
-	log.Printf("running tailscale up for namespace %s", namespaceStr)
-	if namespace, ok := s.namespaces[namespaceStr]; ok {
-		for _, client := range namespace.Clients {
-			namespace.joinWaitGroup.Add(1)
+	log.Printf("running tailscale up for user %s", userStr)
+	if user, ok := s.users[userStr]; ok {
+		for _, client := range user.Clients {
+			user.joinWaitGroup.Add(1)

 			go func(c TailscaleClient) {
-				defer namespace.joinWaitGroup.Done()
+				defer user.joinWaitGroup.Done()

 				// TODO(juanfont): error handle this
 				loginURL, err := c.UpWithLoginURL(loginServer)
@ -276,7 +276,7 @@ func (s *AuthWebFlowScenario) runTailscaleUp(
 					log.Printf("failed to run tailscale up: %s", err)
 				}

-				err = s.runHeadscaleRegister(namespaceStr, loginURL)
+				err = s.runHeadscaleRegister(userStr, loginURL)
 				if err != nil {
 					log.Printf("failed to register client: %s", err)
 				}
@ -287,15 +287,15 @@ func (s *AuthWebFlowScenario) runTailscaleUp(
 				log.Printf("error waiting for client %s to be ready: %s", client.Hostname(), err)
 			}
 		}
-		namespace.joinWaitGroup.Wait()
+		user.joinWaitGroup.Wait()

 		return nil
 	}

-	return fmt.Errorf("failed to up tailscale node: %w", errNoNamespaceAvailable)
+	return fmt.Errorf("failed to up tailscale node: %w", errNoUserAvailable)
 }

-func (s *AuthWebFlowScenario) runHeadscaleRegister(namespaceStr string, loginURL *url.URL) error {
+func (s *AuthWebFlowScenario) runHeadscaleRegister(userStr string, loginURL *url.URL) error {
 	headscale, err := s.Headscale()
 	if err != nil {
 		return err
@ -335,7 +335,7 @@ func (s *AuthWebFlowScenario) runHeadscaleRegister(namespaceStr string, loginURL

 	if headscale, err := s.Headscale(); err == nil {
 		_, err = headscale.Execute(
-			[]string{"headscale", "-n", namespaceStr, "nodes", "register", "--key", key},
+			[]string{"headscale", "-n", userStr, "nodes", "register", "--key", key},
 		)
 		if err != nil {
 			log.Printf("failed to register node: %s", err)
--- a/integration/cli_test.go
+++ b/integration/cli_test.go
@ -28,7 +28,7 @@ func executeAndUnmarshal[T any](headscale ControlServer, command []string, resul
 	return nil
 }

-func TestNamespaceCommand(t *testing.T) {
+func TestUserCommand(t *testing.T) {
 	IntegrationSkip(t)
 	t.Parallel()

@ -36,8 +36,8 @@ func TestNamespaceCommand(t *testing.T) {
 	assert.NoError(t, err)

 	spec := map[string]int{
-		"namespace1": 0,
-		"namespace2": 0,
+		"user1": 0,
+		"user2": 0,
 	}

 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("clins"))
@ -46,60 +46,60 @@ func TestNamespaceCommand(t *testing.T) {
 	headscale, err := scenario.Headscale()
 	assert.NoError(t, err)

-	var listNamespaces []v1.Namespace
+	var listUsers []v1.User
 	err = executeAndUnmarshal(headscale,
 		[]string{
 			"headscale",
-			"namespaces",
+			"users",
 			"list",
 			"--output",
 			"json",
 		},
-		&listNamespaces,
+		&listUsers,
 	)
 	assert.NoError(t, err)

-	result := []string{listNamespaces[0].Name, listNamespaces[1].Name}
+	result := []string{listUsers[0].Name, listUsers[1].Name}
 	sort.Strings(result)

 	assert.Equal(
 		t,
-		[]string{"namespace1", "namespace2"},
+		[]string{"user1", "user2"},
 		result,
 	)

 	_, err = headscale.Execute(
 		[]string{
 			"headscale",
-			"namespaces",
+			"users",
 			"rename",
 			"--output",
 			"json",
-			"namespace2",
+			"user2",
 			"newname",
 		},
 	)
 	assert.NoError(t, err)

-	var listAfterRenameNamespaces []v1.Namespace
+	var listAfterRenameUsers []v1.User
 	err = executeAndUnmarshal(headscale,
 		[]string{
 			"headscale",
-			"namespaces",
+			"users",
 			"list",
 			"--output",
 			"json",
 		},
-		&listAfterRenameNamespaces,
+		&listAfterRenameUsers,
 	)
 	assert.NoError(t, err)

-	result = []string{listAfterRenameNamespaces[0].Name, listAfterRenameNamespaces[1].Name}
+	result = []string{listAfterRenameUsers[0].Name, listAfterRenameUsers[1].Name}
 	sort.Strings(result)

 	assert.Equal(
 		t,
-		[]string{"namespace1", "newname"},
+		[]string{"user1", "newname"},
 		result,
 	)

@ -111,14 +111,14 @@ func TestPreAuthKeyCommand(t *testing.T) {
 	IntegrationSkip(t)
 	t.Parallel()

-	namespace := "preauthkeyspace"
+	user := "preauthkeyspace"
 	count := 3

 	scenario, err := NewScenario()
 	assert.NoError(t, err)

 	spec := map[string]int{
-		namespace: 0,
+		user: 0,
 	}

 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("clipak"))
@ -137,8 +137,8 @@ func TestPreAuthKeyCommand(t *testing.T) {
 			[]string{
 				"headscale",
 				"preauthkeys",
-				"--namespace",
-				namespace,
+				"--user",
+				user,
 				"create",
 				"--reusable",
 				"--expiration",
@ -163,8 +163,8 @@ func TestPreAuthKeyCommand(t *testing.T) {
 		[]string{
 			"headscale",
 			"preauthkeys",
-			"--namespace",
-			namespace,
+			"--user",
+			user,
 			"list",
 			"--output",
 			"json",
@ -216,8 +216,8 @@ func TestPreAuthKeyCommand(t *testing.T) {
 		[]string{
 			"headscale",
 			"preauthkeys",
-			"--namespace",
-			namespace,
+			"--user",
+			user,
 			"expire",
 			listedPreAuthKeys[1].Key,
 		},
@ -230,8 +230,8 @@ func TestPreAuthKeyCommand(t *testing.T) {
 		[]string{
 			"headscale",
 			"preauthkeys",
-			"--namespace",
-			namespace,
+			"--user",
+			user,
 			"list",
 			"--output",
 			"json",
@ -252,13 +252,13 @@ func TestPreAuthKeyCommandWithoutExpiry(t *testing.T) {
 	IntegrationSkip(t)
 	t.Parallel()

-	namespace := "pre-auth-key-without-exp-namespace"
+	user := "pre-auth-key-without-exp-user"

 	scenario, err := NewScenario()
 	assert.NoError(t, err)

 	spec := map[string]int{
-		namespace: 0,
+		user: 0,
 	}

 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("clipaknaexp"))
@ -273,8 +273,8 @@ func TestPreAuthKeyCommandWithoutExpiry(t *testing.T) {
 		[]string{
 			"headscale",
 			"preauthkeys",
-			"--namespace",
-			namespace,
+			"--user",
+			user,
 			"create",
 			"--reusable",
 			"--output",
@ -290,8 +290,8 @@ func TestPreAuthKeyCommandWithoutExpiry(t *testing.T) {
 		[]string{
 			"headscale",
 			"preauthkeys",
-			"--namespace",
-			namespace,
+			"--user",
+			user,
 			"list",
 			"--output",
 			"json",
@ -317,13 +317,13 @@ func TestPreAuthKeyCommandReusableEphemeral(t *testing.T) {
 	IntegrationSkip(t)
 	t.Parallel()

-	namespace := "pre-auth-key-reus-ephm-namespace"
+	user := "pre-auth-key-reus-ephm-user"

 	scenario, err := NewScenario()
 	assert.NoError(t, err)

 	spec := map[string]int{
-		namespace: 0,
+		user: 0,
 	}

 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("clipakresueeph"))
@ -338,8 +338,8 @@ func TestPreAuthKeyCommandReusableEphemeral(t *testing.T) {
 		[]string{
 			"headscale",
 			"preauthkeys",
-			"--namespace",
-			namespace,
+			"--user",
+			user,
 			"create",
 			"--reusable=true",
 			"--output",
@ -355,8 +355,8 @@ func TestPreAuthKeyCommandReusableEphemeral(t *testing.T) {
 		[]string{
 			"headscale",
 			"preauthkeys",
-			"--namespace",
-			namespace,
+			"--user",
+			user,
 			"create",
 			"--ephemeral=true",
 			"--output",
@ -375,8 +375,8 @@ func TestPreAuthKeyCommandReusableEphemeral(t *testing.T) {
 		[]string{
 			"headscale",
 			"preauthkeys",
-			"--namespace",
-			namespace,
+			"--user",
+			user,
 			"list",
 			"--output",
 			"json",
@ -396,13 +396,13 @@ func TestEnablingRoutes(t *testing.T) {
 	IntegrationSkip(t)
 	t.Parallel()

-	namespace := "enable-routing"
+	user := "enable-routing"

 	scenario, err := NewScenario()
 	assert.NoError(t, err)

 	spec := map[string]int{
-		namespace: 3,
+		user: 3,
 	}

 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("clienableroute"))
--- a/integration/control.go
+++ b/integration/control.go
@ -10,9 +10,9 @@ type ControlServer interface {
 	GetHealthEndpoint() string
 	GetEndpoint() string
 	WaitForReady() error
-	CreateNamespace(namespace string) error
-	CreateAuthKey(namespace string, reusable bool, ephemeral bool) (*v1.PreAuthKey, error)
-	ListMachinesInNamespace(namespace string) ([]*v1.Machine, error)
+	CreateUser(user string) error
+	CreateAuthKey(user string, reusable bool, ephemeral bool) (*v1.PreAuthKey, error)
+	ListMachinesInUser(user string) ([]*v1.Machine, error)
 	GetCert() []byte
 	GetHostname() string
 	GetIP() string
--- a/integration/general_test.go
+++ b/integration/general_test.go
@ -22,8 +22,8 @@ func TestPingAllByIP(t *testing.T) {
 	}

 	spec := map[string]int{
-		"namespace1": len(TailscaleVersions),
-		"namespace2": len(TailscaleVersions),
+		"user1": len(TailscaleVersions),
+		"user2": len(TailscaleVersions),
 	}

 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("pingallbyip"))
@ -77,8 +77,8 @@ func TestAuthKeyLogoutAndRelogin(t *testing.T) {
 	}

 	spec := map[string]int{
-		"namespace1": len(TailscaleVersions),
-		"namespace2": len(TailscaleVersions),
+		"user1": len(TailscaleVersions),
+		"user2": len(TailscaleVersions),
 	}

 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("pingallbyip"))
@ -121,15 +121,15 @@ func TestAuthKeyLogoutAndRelogin(t *testing.T) {
 		t.Errorf("failed to get headscale server: %s", err)
 	}

-	for namespaceName := range spec {
-		key, err := scenario.CreatePreAuthKey(namespaceName, true, false)
+	for userName := range spec {
+		key, err := scenario.CreatePreAuthKey(userName, true, false)
 		if err != nil {
-			t.Errorf("failed to create pre-auth key for namespace %s: %s", namespaceName, err)
+			t.Errorf("failed to create pre-auth key for user %s: %s", userName, err)
 		}

-		err = scenario.RunTailscaleUp(namespaceName, headscale.GetEndpoint(), key.GetKey())
+		err = scenario.RunTailscaleUp(userName, headscale.GetEndpoint(), key.GetKey())
 		if err != nil {
-			t.Errorf("failed to run tailscale up for namespace %s: %s", namespaceName, err)
+			t.Errorf("failed to run tailscale up for user %s: %s", userName, err)
 		}
 	}

@ -207,8 +207,8 @@ func TestEphemeral(t *testing.T) {
 	}

 	spec := map[string]int{
-		"namespace1": len(TailscaleVersions),
-		"namespace2": len(TailscaleVersions),
+		"user1": len(TailscaleVersions),
+		"user2": len(TailscaleVersions),
 	}

 	headscale, err := scenario.Headscale(hsic.WithTestName("ephemeral"))
@ -216,25 +216,25 @@ func TestEphemeral(t *testing.T) {
 		t.Errorf("failed to create headscale environment: %s", err)
 	}

-	for namespaceName, clientCount := range spec {
-		err = scenario.CreateNamespace(namespaceName)
+	for userName, clientCount := range spec {
+		err = scenario.CreateUser(userName)
 		if err != nil {
-			t.Errorf("failed to create namespace %s: %s", namespaceName, err)
+			t.Errorf("failed to create user %s: %s", userName, err)
 		}

-		err = scenario.CreateTailscaleNodesInNamespace(namespaceName, "all", clientCount, []tsic.Option{}...)
+		err = scenario.CreateTailscaleNodesInUser(userName, "all", clientCount, []tsic.Option{}...)
 		if err != nil {
-			t.Errorf("failed to create tailscale nodes in namespace %s: %s", namespaceName, err)
+			t.Errorf("failed to create tailscale nodes in user %s: %s", userName, err)
 		}

-		key, err := scenario.CreatePreAuthKey(namespaceName, true, true)
+		key, err := scenario.CreatePreAuthKey(userName, true, true)
 		if err != nil {
-			t.Errorf("failed to create pre-auth key for namespace %s: %s", namespaceName, err)
+			t.Errorf("failed to create pre-auth key for user %s: %s", userName, err)
 		}

-		err = scenario.RunTailscaleUp(namespaceName, headscale.GetEndpoint(), key.GetKey())
+		err = scenario.RunTailscaleUp(userName, headscale.GetEndpoint(), key.GetKey())
 		if err != nil {
-			t.Errorf("failed to run tailscale up for namespace %s: %s", namespaceName, err)
+			t.Errorf("failed to run tailscale up for user %s: %s", userName, err)
 		}
 	}

@ -278,19 +278,19 @@ func TestEphemeral(t *testing.T) {

 	t.Logf("all clients logged out")

-	for namespaceName := range spec {
-		machines, err := headscale.ListMachinesInNamespace(namespaceName)
+	for userName := range spec {
+		machines, err := headscale.ListMachinesInUser(userName)
 		if err != nil {
 			log.Error().
 				Err(err).
-				Str("namespace", namespaceName).
-				Msg("Error listing machines in namespace")
+				Str("user", userName).
+				Msg("Error listing machines in user")

 			return
 		}

 		if len(machines) != 0 {
-			t.Errorf("expected no machines, got %d in namespace %s", len(machines), namespaceName)
+			t.Errorf("expected no machines, got %d in user %s", len(machines), userName)
 		}
 	}

@ -311,8 +311,8 @@ func TestPingAllByHostname(t *testing.T) {

 	spec := map[string]int{
 		// Omit 1.16.2 (-1) because it does not have the FQDN field
-		"namespace3": len(TailscaleVersions) - 1,
-		"namespace4": len(TailscaleVersions) - 1,
+		"user3": len(TailscaleVersions) - 1,
+		"user4": len(TailscaleVersions) - 1,
 	}

 	err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("pingallbyname"))
--- a/integration/hsic/hsic.go
+++ b/integration/hsic/hsic.go
@ -328,10 +328,10 @@ func (t *HeadscaleInContainer) WaitForReady() error {
 	})
 }

-func (t *HeadscaleInContainer) CreateNamespace(
-	namespace string,
+func (t *HeadscaleInContainer) CreateUser(
+	user string,
 ) error {
-	command := []string{"headscale", "namespaces", "create", namespace}
+	command := []string{"headscale", "users", "create", user}

 	_, _, err := dockertestutil.ExecuteCommand(
 		t.container,
@ -346,14 +346,14 @@ func (t *HeadscaleInContainer) CreateNamespace(
 }

 func (t *HeadscaleInContainer) CreateAuthKey(
-	namespace string,
+	user string,
 	reusable bool,
 	ephemeral bool,
 ) (*v1.PreAuthKey, error) {
 	command := []string{
 		"headscale",
-		"--namespace",
-		namespace,
+		"--user",
+		user,
 		"preauthkeys",
 		"create",
 		"--expiration",
@ -388,10 +388,10 @@ func (t *HeadscaleInContainer) CreateAuthKey(
 	return &preAuthKey, nil
 }

-func (t *HeadscaleInContainer) ListMachinesInNamespace(
-	namespace string,
+func (t *HeadscaleInContainer) ListMachinesInUser(
+	user string,
 ) ([]*v1.Machine, error) {
-	command := []string{"headscale", "--namespace", namespace, "nodes", "list", "--output", "json"}
+	command := []string{"headscale", "--user", user, "nodes", "list", "--output", "json"}

 	result, _, err := dockertestutil.ExecuteCommand(
 		t.container,
--- a/integration/scenario.go
+++ b/integration/scenario.go
@ -25,7 +25,7 @@ const (

 var (
 	errNoHeadscaleAvailable = errors.New("no headscale available")
-	errNoNamespaceAvailable = errors.New("no namespace available")
+	errNoUserAvailable = errors.New("no user available")

 	// Tailscale started adding TS2021 support in CapabilityVersion>=28 (v1.24.0), but
 	// proper support in Headscale was only added for CapabilityVersion>=39 clients (v1.30.0).
@ -61,7 +61,7 @@ var (
 	)
 )

-type Namespace struct {
+type User struct {
 	Clients map[string]TailscaleClient

 	createWaitGroup sync.WaitGroup
@ -75,7 +75,7 @@ type Scenario struct {
 	// use one.
 	controlServers *xsync.MapOf[string, ControlServer]

-	namespaces map[string]*Namespace
+	users map[string]*User

 	pool    *dockertest.Pool
 	network *dockertest.Network
@ -116,7 +116,7 @@ func NewScenario() (*Scenario, error) {

 	return &Scenario{
 		controlServers: xsync.NewMapOf[ControlServer](),
-		namespaces:     make(map[string]*Namespace),
+		users:     make(map[string]*User),

 		pool:    pool,
 		network: network,
@ -136,9 +136,9 @@ func (s *Scenario) Shutdown() error {
 		return true
 	})

-	for namespaceName, namespace := range s.namespaces {
-		for _, client := range namespace.Clients {
-			log.Printf("removing client %s in namespace %s", client.Hostname(), namespaceName)
+	for userName, user := range s.users {
+		for _, client := range user.Clients {
+			log.Printf("removing client %s in user %s", client.Hostname(), userName)
 			err := client.Shutdown()
 			if err != nil {
 				return fmt.Errorf("failed to tear down client: %w", err)
@ -158,13 +158,13 @@ func (s *Scenario) Shutdown() error {
 	return nil
 }

-func (s *Scenario) Namespaces() []string {
-	namespaces := make([]string, 0)
-	for namespace := range s.namespaces {
-		namespaces = append(namespaces, namespace)
+func (s *Scenario) Users() []string {
+	users := make([]string, 0)
+	for user := range s.users {
+		users = append(users, user)
 	}

-	return namespaces
+	return users
 }

 /// Headscale related stuff
@ -194,45 +194,45 @@ func (s *Scenario) Headscale(opts ...hsic.Option) (ControlServer, error) {
 	return headscale, nil
 }

-func (s *Scenario) CreatePreAuthKey(namespace string, reusable bool, ephemeral bool) (*v1.PreAuthKey, error) {
+func (s *Scenario) CreatePreAuthKey(user string, reusable bool, ephemeral bool) (*v1.PreAuthKey, error) {
 	if headscale, err := s.Headscale(); err == nil {
-		key, err := headscale.CreateAuthKey(namespace, reusable, ephemeral)
+		key, err := headscale.CreateAuthKey(user, reusable, ephemeral)
 		if err != nil {
-			return nil, fmt.Errorf("failed to create namespace: %w", err)
+			return nil, fmt.Errorf("failed to create user: %w", err)
 		}

 		return key, nil
 	}

-	return nil, fmt.Errorf("failed to create namespace: %w", errNoHeadscaleAvailable)
+	return nil, fmt.Errorf("failed to create user: %w", errNoHeadscaleAvailable)
 }

-func (s *Scenario) CreateNamespace(namespace string) error {
+func (s *Scenario) CreateUser(user string) error {
 	if headscale, err := s.Headscale(); err == nil {
-		err := headscale.CreateNamespace(namespace)
+		err := headscale.CreateUser(user)
 		if err != nil {
-			return fmt.Errorf("failed to create namespace: %w", err)
+			return fmt.Errorf("failed to create user: %w", err)
 		}

-		s.namespaces[namespace] = &Namespace{
+		s.users[user] = &User{
 			Clients: make(map[string]TailscaleClient),
 		}

 		return nil
 	}

-	return fmt.Errorf("failed to create namespace: %w", errNoHeadscaleAvailable)
+	return fmt.Errorf("failed to create user: %w", errNoHeadscaleAvailable)
 }

 /// Client related stuff

-func (s *Scenario) CreateTailscaleNodesInNamespace(
-	namespaceStr string,
+func (s *Scenario) CreateTailscaleNodesInUser(
+	userStr string,
 	requestedVersion string,
 	count int,
 	opts ...tsic.Option,
 ) error {
-	if namespace, ok := s.namespaces[namespaceStr]; ok {
+	if user, ok := s.users[userStr]; ok {
 		for i := 0; i < count; i++ {
 			version := requestedVersion
 			if requestedVersion == "all" {
@ -247,7 +247,7 @@ func (s *Scenario) CreateTailscaleNodesInNamespace(
 			cert := headscale.GetCert()
 			hostname := headscale.GetHostname()

-			namespace.createWaitGroup.Add(1)
+			user.createWaitGroup.Add(1)

 			opts = append(opts,
 				tsic.WithHeadscaleTLS(cert),
@ -255,7 +255,7 @@ func (s *Scenario) CreateTailscaleNodesInNamespace(
 			)

 			go func() {
-				defer namespace.createWaitGroup.Done()
+				defer user.createWaitGroup.Done()

 				// TODO(kradalby): error handle this
 				tsClient, err := tsic.New(
@ -275,26 +275,26 @@ func (s *Scenario) CreateTailscaleNodesInNamespace(
 					log.Printf("failed to wait for tailscaled: %s", err)
 				}

-				namespace.Clients[tsClient.Hostname()] = tsClient
+				user.Clients[tsClient.Hostname()] = tsClient
 			}()
 		}
-		namespace.createWaitGroup.Wait()
+		user.createWaitGroup.Wait()

 		return nil
 	}

-	return fmt.Errorf("failed to add tailscale node: %w", errNoNamespaceAvailable)
+	return fmt.Errorf("failed to add tailscale node: %w", errNoUserAvailable)
 }

 func (s *Scenario) RunTailscaleUp(
-	namespaceStr, loginServer, authKey string,
+	userStr, loginServer, authKey string,
 ) error {
-	if namespace, ok := s.namespaces[namespaceStr]; ok {
-		for _, client := range namespace.Clients {
-			namespace.joinWaitGroup.Add(1)
+	if user, ok := s.users[userStr]; ok {
+		for _, client := range user.Clients {
+			user.joinWaitGroup.Add(1)

 			go func(c TailscaleClient) {
-				defer namespace.joinWaitGroup.Done()
+				defer user.joinWaitGroup.Done()

 				// TODO(kradalby): error handle this
 				_ = c.Up(loginServer, authKey)
@ -306,19 +306,19 @@ func (s *Scenario) RunTailscaleUp(
 			}
 		}

-		namespace.joinWaitGroup.Wait()
+		user.joinWaitGroup.Wait()

 		return nil
 	}

-	return fmt.Errorf("failed to up tailscale node: %w", errNoNamespaceAvailable)
+	return fmt.Errorf("failed to up tailscale node: %w", errNoUserAvailable)
 }

 func (s *Scenario) CountTailscale() int {
 	count := 0

-	for _, namespace := range s.namespaces {
-		count += len(namespace.Clients)
+	for _, user := range s.users {
+		count += len(user.Clients)
 	}

 	return count
@ -327,18 +327,18 @@ func (s *Scenario) CountTailscale() int {
 func (s *Scenario) WaitForTailscaleSync() error {
 	tsCount := s.CountTailscale()

-	for _, namespace := range s.namespaces {
-		for _, client := range namespace.Clients {
-			namespace.syncWaitGroup.Add(1)
+	for _, user := range s.users {
+		for _, client := range user.Clients {
+			user.syncWaitGroup.Add(1)

 			go func(c TailscaleClient) {
-				defer namespace.syncWaitGroup.Done()
+				defer user.syncWaitGroup.Done()

 				// TODO(kradalby): error handle this
 				_ = c.WaitForPeers(tsCount)
 			}(client)
 		}
-		namespace.syncWaitGroup.Wait()
+		user.syncWaitGroup.Wait()
 	}

 	return nil
@ -346,9 +346,9 @@ func (s *Scenario) WaitForTailscaleSync() error {

 // CreateHeadscaleEnv is a conventient method returning a set up Headcale
 // test environment with nodes of all versions, joined to the server with X
-// namespaces.
+// users.
 func (s *Scenario) CreateHeadscaleEnv(
-	namespaces map[string]int,
+	users map[string]int,
 	tsOpts []tsic.Option,
 	opts ...hsic.Option,
 ) error {
@ -357,23 +357,23 @@ func (s *Scenario) CreateHeadscaleEnv(
 		return err
 	}

-	for namespaceName, clientCount := range namespaces {
-		err = s.CreateNamespace(namespaceName)
+	for userName, clientCount := range users {
+		err = s.CreateUser(userName)
 		if err != nil {
 			return err
 		}

-		err = s.CreateTailscaleNodesInNamespace(namespaceName, "all", clientCount, tsOpts...)
+		err = s.CreateTailscaleNodesInUser(userName, "all", clientCount, tsOpts...)
 		if err != nil {
 			return err
 		}

-		key, err := s.CreatePreAuthKey(namespaceName, true, false)
+		key, err := s.CreatePreAuthKey(userName, true, false)
 		if err != nil {
 			return err
 		}

-		err = s.RunTailscaleUp(namespaceName, headscale.GetEndpoint(), key.GetKey())
+		err = s.RunTailscaleUp(userName, headscale.GetEndpoint(), key.GetKey())
 		if err != nil {
 			return err
 		}
@ -382,9 +382,9 @@ func (s *Scenario) CreateHeadscaleEnv(
 	return nil
 }

-func (s *Scenario) GetIPs(namespace string) ([]netip.Addr, error) {
+func (s *Scenario) GetIPs(user string) ([]netip.Addr, error) {
 	var ips []netip.Addr
-	if ns, ok := s.namespaces[namespace]; ok {
+	if ns, ok := s.users[user]; ok {
 		for _, client := range ns.Clients {
 			clientIps, err := client.IPs()
 			if err != nil {
@ -396,12 +396,12 @@ func (s *Scenario) GetIPs(namespace string) ([]netip.Addr, error) {
 		return ips, nil
 	}

-	return ips, fmt.Errorf("failed to get ips: %w", errNoNamespaceAvailable)
+	return ips, fmt.Errorf("failed to get ips: %w", errNoUserAvailable)
 }

-func (s *Scenario) GetClients(namespace string) ([]TailscaleClient, error) {
+func (s *Scenario) GetClients(user string) ([]TailscaleClient, error) {
 	var clients []TailscaleClient
-	if ns, ok := s.namespaces[namespace]; ok {
+	if ns, ok := s.users[user]; ok {
 		for _, client := range ns.Clients {
 			clients = append(clients, client)
 		}
@ -409,18 +409,18 @@ func (s *Scenario) GetClients(namespace string) ([]TailscaleClient, error) {
 		return clients, nil
 	}

-	return clients, fmt.Errorf("failed to get clients: %w", errNoNamespaceAvailable)
+	return clients, fmt.Errorf("failed to get clients: %w", errNoUserAvailable)
 }

-func (s *Scenario) ListTailscaleClients(namespaces ...string) ([]TailscaleClient, error) {
+func (s *Scenario) ListTailscaleClients(users ...string) ([]TailscaleClient, error) {
 	var allClients []TailscaleClient

-	if len(namespaces) == 0 {
-		namespaces = s.Namespaces()
+	if len(users) == 0 {
+		users = s.Users()
 	}

-	for _, namespace := range namespaces {
-		clients, err := s.GetClients(namespace)
+	for _, user := range users {
+		clients, err := s.GetClients(user)
 		if err != nil {
 			return nil, err
 		}
@ -431,15 +431,15 @@ func (s *Scenario) ListTailscaleClients(namespaces ...string) ([]TailscaleClient
 	return allClients, nil
 }

-func (s *Scenario) ListTailscaleClientsIPs(namespaces ...string) ([]netip.Addr, error) {
+func (s *Scenario) ListTailscaleClientsIPs(users ...string) ([]netip.Addr, error) {
 	var allIps []netip.Addr

-	if len(namespaces) == 0 {
-		namespaces = s.Namespaces()
+	if len(users) == 0 {
+		users = s.Users()
 	}

-	for _, namespace := range namespaces {
-		ips, err := s.GetIPs(namespace)
+	for _, user := range users {
+		ips, err := s.GetIPs(user)
 		if err != nil {
 			return nil, err
 		}
@ -450,10 +450,10 @@ func (s *Scenario) ListTailscaleClientsIPs(namespaces ...string) ([]netip.Addr,
 	return allIps, nil
 }

-func (s *Scenario) ListTailscaleClientsFQDNs(namespaces ...string) ([]string, error) {
+func (s *Scenario) ListTailscaleClientsFQDNs(users ...string) ([]string, error) {
 	allFQDNs := make([]string, 0)

-	clients, err := s.ListTailscaleClients(namespaces...)
+	clients, err := s.ListTailscaleClients(users...)
 	if err != nil {
 		return nil, err
 	}
@ -471,17 +471,17 @@ func (s *Scenario) ListTailscaleClientsFQDNs(namespaces ...string) ([]string, er
 }

 func (s *Scenario) WaitForTailscaleLogout() {
-	for _, namespace := range s.namespaces {
-		for _, client := range namespace.Clients {
-			namespace.syncWaitGroup.Add(1)
+	for _, user := range s.users {
+		for _, client := range user.Clients {
+			user.syncWaitGroup.Add(1)

 			go func(c TailscaleClient) {
-				defer namespace.syncWaitGroup.Done()
+				defer user.syncWaitGroup.Done()

 				// TODO(kradalby): error handle this
 				_ = c.WaitForLogout()
 			}(client)
 		}
-		namespace.syncWaitGroup.Wait()
+		user.syncWaitGroup.Wait()
 	}
 }
--- a/integration/scenario_test.go
+++ b/integration/scenario_test.go
@ -31,7 +31,7 @@ func TestHeadscale(t *testing.T) {

 	var err error

-	namespace := "test-space"
+	user := "test-space"

 	scenario, err := NewScenario()
 	if err != nil {
@ -50,19 +50,19 @@ func TestHeadscale(t *testing.T) {
 		}
 	})

-	t.Run("create-namespace", func(t *testing.T) {
-		err := scenario.CreateNamespace(namespace)
+	t.Run("create-user", func(t *testing.T) {
+		err := scenario.CreateUser(user)
 		if err != nil {
-			t.Errorf("failed to create namespace: %s", err)
+			t.Errorf("failed to create user: %s", err)
 		}

-		if _, ok := scenario.namespaces[namespace]; !ok {
-			t.Errorf("namespace is not in scenario")
+		if _, ok := scenario.users[user]; !ok {
+			t.Errorf("user is not in scenario")
 		}
 	})

 	t.Run("create-auth-key", func(t *testing.T) {
-		_, err := scenario.CreatePreAuthKey(namespace, true, false)
+		_, err := scenario.CreatePreAuthKey(user, true, false)
 		if err != nil {
 			t.Errorf("failed to create preauthkey: %s", err)
 		}
@ -82,24 +82,24 @@ func TestCreateTailscale(t *testing.T) {
 	IntegrationSkip(t)
 	t.Parallel()

-	namespace := "only-create-containers"
+	user := "only-create-containers"

 	scenario, err := NewScenario()
 	if err != nil {
 		t.Errorf("failed to create scenario: %s", err)
 	}

-	scenario.namespaces[namespace] = &Namespace{
+	scenario.users[user] = &User{
 		Clients: make(map[string]TailscaleClient),
 	}

 	t.Run("create-tailscale", func(t *testing.T) {
-		err := scenario.CreateTailscaleNodesInNamespace(namespace, "all", 3)
+		err := scenario.CreateTailscaleNodesInUser(user, "all", 3)
 		if err != nil {
 			t.Errorf("failed to add tailscale nodes: %s", err)
 		}

-		if clients := len(scenario.namespaces[namespace].Clients); clients != 3 {
+		if clients := len(scenario.users[user].Clients); clients != 3 {
 			t.Errorf("wrong number of tailscale clients: %d != %d", clients, 3)
 		}

@ -122,7 +122,7 @@ func TestTailscaleNodesJoiningHeadcale(t *testing.T) {

 	var err error

-	namespace := "join-node-test"
+	user := "join-node-test"

 	count := 1

@ -143,30 +143,30 @@ func TestTailscaleNodesJoiningHeadcale(t *testing.T) {
 		}
 	})

-	t.Run("create-namespace", func(t *testing.T) {
-		err := scenario.CreateNamespace(namespace)
+	t.Run("create-user", func(t *testing.T) {
+		err := scenario.CreateUser(user)
 		if err != nil {
-			t.Errorf("failed to create namespace: %s", err)
+			t.Errorf("failed to create user: %s", err)
 		}

-		if _, ok := scenario.namespaces[namespace]; !ok {
-			t.Errorf("namespace is not in scenario")
+		if _, ok := scenario.users[user]; !ok {
+			t.Errorf("user is not in scenario")
 		}
 	})

 	t.Run("create-tailscale", func(t *testing.T) {
-		err := scenario.CreateTailscaleNodesInNamespace(namespace, "1.30.2", count)
+		err := scenario.CreateTailscaleNodesInUser(user, "1.30.2", count)
 		if err != nil {
 			t.Errorf("failed to add tailscale nodes: %s", err)
 		}

-		if clients := len(scenario.namespaces[namespace].Clients); clients != count {
+		if clients := len(scenario.users[user].Clients); clients != count {
 			t.Errorf("wrong number of tailscale clients: %d != %d", clients, count)
 		}
 	})

 	t.Run("join-headscale", func(t *testing.T) {
-		key, err := scenario.CreatePreAuthKey(namespace, true, false)
+		key, err := scenario.CreatePreAuthKey(user, true, false)
 		if err != nil {
 			t.Errorf("failed to create preauthkey: %s", err)
 		}
@ -177,7 +177,7 @@ func TestTailscaleNodesJoiningHeadcale(t *testing.T) {
 		}

 		err = scenario.RunTailscaleUp(
-			namespace,
+			user,
 			headscale.GetEndpoint(),
 			key.GetKey(),
 		)
@ -187,7 +187,7 @@ func TestTailscaleNodesJoiningHeadcale(t *testing.T) {
 	})

 	t.Run("get-ips", func(t *testing.T) {
-		ips, err := scenario.GetIPs(namespace)
+		ips, err := scenario.GetIPs(user)
 		if err != nil {
 			t.Errorf("failed to get tailscale ips: %s", err)
 		}
--- a/integration/ssh_test.go
+++ b/integration/ssh_test.go
@ -41,7 +41,7 @@ var retry = func(times int, sleepInterval time.Duration,
 	return result, stderr, err
 }

-func TestSSHOneNamespaceAllToAll(t *testing.T) {
+func TestSSHOneUserAllToAll(t *testing.T) {
 	IntegrationSkip(t)
 	t.Parallel()

@ -51,7 +51,7 @@ func TestSSHOneNamespaceAllToAll(t *testing.T) {
 	}

 	spec := map[string]int{
-		"namespace1": len(TailscaleVersions) - 5,
+		"user1": len(TailscaleVersions) - 5,
 	}

 	err = scenario.CreateHeadscaleEnv(spec,
@ -59,7 +59,7 @@ func TestSSHOneNamespaceAllToAll(t *testing.T) {
 		hsic.WithACLPolicy(
 			&headscale.ACLPolicy{
 				Groups: map[string][]string{
-					"group:integration-test": {"namespace1"},
+					"group:integration-test": {"user1"},
 				},
 				ACLs: []headscale.ACL{
 					{
@ -117,7 +117,7 @@ func TestSSHOneNamespaceAllToAll(t *testing.T) {
 	}
 }

-func TestSSHMultipleNamespacesAllToAll(t *testing.T) {
+func TestSSHMultipleUsersAllToAll(t *testing.T) {
 	IntegrationSkip(t)
 	t.Parallel()

@ -127,8 +127,8 @@ func TestSSHMultipleNamespacesAllToAll(t *testing.T) {
 	}

 	spec := map[string]int{
-		"namespace1": len(TailscaleVersions) - 5,
-		"namespace2": len(TailscaleVersions) - 5,
+		"user1": len(TailscaleVersions) - 5,
+		"user2": len(TailscaleVersions) - 5,
 	}

 	err = scenario.CreateHeadscaleEnv(spec,
@ -136,7 +136,7 @@ func TestSSHMultipleNamespacesAllToAll(t *testing.T) {
 		hsic.WithACLPolicy(
 			&headscale.ACLPolicy{
 				Groups: map[string][]string{
-					"group:integration-test": {"namespace1", "namespace2"},
+					"group:integration-test": {"user1", "user2"},
 				},
 				ACLs: []headscale.ACL{
 					{
@ -163,12 +163,12 @@ func TestSSHMultipleNamespacesAllToAll(t *testing.T) {
 		t.Errorf("failed to create headscale environment: %s", err)
 	}

-	nsOneClients, err := scenario.ListTailscaleClients("namespace1")
+	nsOneClients, err := scenario.ListTailscaleClients("user1")
 	if err != nil {
 		t.Errorf("failed to get clients: %s", err)
 	}

-	nsTwoClients, err := scenario.ListTailscaleClients("namespace2")
+	nsTwoClients, err := scenario.ListTailscaleClients("user2")
 	if err != nil {
 		t.Errorf("failed to get clients: %s", err)
 	}
@ -183,7 +183,7 @@ func TestSSHMultipleNamespacesAllToAll(t *testing.T) {
 		t.Errorf("failed to get FQDNs: %s", err)
 	}

-	testInterNamespaceSSH := func(sourceClients []TailscaleClient, targetClients []TailscaleClient) {
+	testInterUserSSH := func(sourceClients []TailscaleClient, targetClients []TailscaleClient) {
 		for _, client := range sourceClients {
 			for _, peer := range targetClients {
 				assertSSHHostname(t, client, peer)
@ -191,8 +191,8 @@ func TestSSHMultipleNamespacesAllToAll(t *testing.T) {
 		}
 	}

-	testInterNamespaceSSH(nsOneClients, nsTwoClients)
-	testInterNamespaceSSH(nsTwoClients, nsOneClients)
+	testInterUserSSH(nsOneClients, nsTwoClients)
+	testInterUserSSH(nsTwoClients, nsOneClients)

 	err = scenario.Shutdown()
 	if err != nil {
@ -210,7 +210,7 @@ func TestSSHNoSSHConfigured(t *testing.T) {
 	}

 	spec := map[string]int{
-		"namespace1": len(TailscaleVersions) - 5,
+		"user1": len(TailscaleVersions) - 5,
 	}

 	err = scenario.CreateHeadscaleEnv(spec,
@ -218,7 +218,7 @@ func TestSSHNoSSHConfigured(t *testing.T) {
 		hsic.WithACLPolicy(
 			&headscale.ACLPolicy{
 				Groups: map[string][]string{
-					"group:integration-test": {"namespace1"},
+					"group:integration-test": {"user1"},
 				},
 				ACLs: []headscale.ACL{
 					{
@ -280,7 +280,7 @@ func TestSSHIsBlockedInACL(t *testing.T) {
 	}

 	spec := map[string]int{
-		"namespace1": len(TailscaleVersions) - 5,
+		"user1": len(TailscaleVersions) - 5,
 	}

 	err = scenario.CreateHeadscaleEnv(spec,
@ -288,7 +288,7 @@ func TestSSHIsBlockedInACL(t *testing.T) {
 		hsic.WithACLPolicy(
 			&headscale.ACLPolicy{
 				Groups: map[string][]string{
-					"group:integration-test": {"namespace1"},
+					"group:integration-test": {"user1"},
 				},
 				ACLs: []headscale.ACL{
 					{
@ -347,7 +347,7 @@ func TestSSHIsBlockedInACL(t *testing.T) {
 	}
 }

-func TestSSNamespaceOnlyIsolation(t *testing.T) {
+func TestSSUserOnlyIsolation(t *testing.T) {
 	IntegrationSkip(t)
 	t.Parallel()

@ -357,8 +357,8 @@ func TestSSNamespaceOnlyIsolation(t *testing.T) {
 	}

 	spec := map[string]int{
-		"namespaceacl1": len(TailscaleVersions) - 5,
-		"namespaceacl2": len(TailscaleVersions) - 5,
+		"useracl1": len(TailscaleVersions) - 5,
+		"useracl2": len(TailscaleVersions) - 5,
 	}

 	err = scenario.CreateHeadscaleEnv(spec,
@ -366,8 +366,8 @@ func TestSSNamespaceOnlyIsolation(t *testing.T) {
 		hsic.WithACLPolicy(
 			&headscale.ACLPolicy{
 				Groups: map[string][]string{
-					"group:ssh1": {"namespaceacl1"},
-					"group:ssh2": {"namespaceacl2"},
+					"group:ssh1": {"useracl1"},
+					"group:ssh2": {"useracl2"},
 				},
 				ACLs: []headscale.ACL{
 					{
@ -392,7 +392,7 @@ func TestSSNamespaceOnlyIsolation(t *testing.T) {
 				},
 			},
 		),
-		hsic.WithTestName("sshtwonamespaceaclblock"),
+		hsic.WithTestName("sshtwouseraclblock"),
 		hsic.WithConfigEnv(map[string]string{
 			"HEADSCALE_EXPERIMENTAL_FEATURE_SSH": "1",
 		}),
@ -401,12 +401,12 @@ func TestSSNamespaceOnlyIsolation(t *testing.T) {
 		t.Errorf("failed to create headscale environment: %s", err)
 	}

-	ssh1Clients, err := scenario.ListTailscaleClients("namespaceacl1")
+	ssh1Clients, err := scenario.ListTailscaleClients("useracl1")
 	if err != nil {
 		t.Errorf("failed to get clients: %s", err)
 	}

-	ssh2Clients, err := scenario.ListTailscaleClients("namespaceacl2")
+	ssh2Clients, err := scenario.ListTailscaleClients("useracl2")
 	if err != nil {
 		t.Errorf("failed to get clients: %s", err)
 	}