BuildCachepublic abstract class HttpBuildCache extends AbstractBuildCache
A successful GET request must return a response with status 200 (cache hit) or 404 (cache miss), with cache hit responses including the cache entry as the response body. A successful PUT request must return any 2xx response.
PUT requests may also return a 413 Payload Too Large response to indicate that the payload is larger than can be accepted.
This is useful when isUseExpectContinue() is enabled.
Redirecting responses may be issued with 301, 302, 303, 307 or 308 responses. Redirecting responses to PUT requests must use 307 or 308 to have the PUT replayed. Otherwise, the redirect will be followed with a GET request.
Any other type of response will be treated as an error, causing the remote cache to be disabled for the remainder of the build.
When credentials are configured (see getCredentials()), they are sent using HTTP Basic Auth.
Requests that fail during request transmission, after having established a TCP connection, will automatically be retried. This includes dropped connections, read or write timeouts, and low level network failures such as a connection resets. Requests will be retried 3 times, before giving up and disabling use of the cache for the remainder of the build.
| Constructor | Description |
|---|---|
HttpBuildCache() |
| Modifier and Type | Method | Description |
|---|---|---|
void |
credentials(Action<? super HttpBuildCacheCredentials> configuration) |
Configures the credentials used to access the HTTP cache backend.
|
HttpBuildCacheCredentials |
getCredentials() |
Returns the credentials used to access the HTTP cache backend.
|
java.net.URI |
getUrl() |
Returns the URI to the cache.
|
boolean |
isAllowInsecureProtocol() |
Specifies whether it is acceptable to communicate with a build cache over an insecure HTTP connection.
|
boolean |
isAllowUntrustedServer() |
Specifies whether it is acceptable to communicate with an HTTP build cache backend with an untrusted SSL certificate.
|
boolean |
isUseExpectContinue() |
Specifies whether HTTP expect-continue should be used for store requests.
|
void |
setAllowInsecureProtocol(boolean allowInsecureProtocol) |
Specifies whether it is acceptable to communicate with a build cache over an insecure HTTP connection.
|
void |
setAllowUntrustedServer(boolean allowUntrustedServer) |
Specifies whether it is acceptable to communicate with an HTTP build cache backend with an untrusted SSL certificate.
|
void |
setUrl(java.lang.String url) |
Sets the URL of the cache.
|
void |
setUrl(java.net.URI url) |
Sets the URL of the cache.
|
void |
setUrl(java.net.URL url) |
Sets the URL of the cache.
|
void |
setUseExpectContinue(boolean useExpectContinue) |
Specifies whether HTTP expect-continue should be used for store requests.
|
isEnabled, isPush, setEnabled, setPush@Nullable public java.net.URI getUrl()
public void setUrl(java.lang.String url)
public void setUrl(java.net.URL url)
throws java.net.URISyntaxException
java.net.URISyntaxExceptionpublic void setUrl(@Nullable
java.net.URI url)
public HttpBuildCacheCredentials getCredentials()
public void credentials(Action<? super HttpBuildCacheCredentials> configuration)
public boolean isAllowUntrustedServer()
The SSL certificate for the HTTP build cache backend may be untrusted since it is internally provisioned or a self-signed certificate.
In such a scenario, you can either configure the build JVM environment to trust the certificate,
or set this property to true to disable verification of the server's identity.
Allowing communication with untrusted servers keeps data encrypted during transmission, but makes it easier for a man-in-the-middle to impersonate the intended server and capture data.
This value has no effect if a server is specified using the HTTP protocol (i.e. has SSL disabled).
public void setAllowUntrustedServer(boolean allowUntrustedServer)
isAllowUntrustedServer()public boolean isAllowInsecureProtocol()
For security purposes this intentionally requires a user to opt-in to using insecure protocols on case by case basis.
Gradle intentionally does not offer a global system/gradle property that allows a universal disable of this check.
Allowing communication over insecure protocols allows for a man-in-the-middle to impersonate the intended server, and gives an attacker the ability to serve malicious executable code onto the system.
See also: Want to take over the Java ecosystem? All you need is a MITM!
public void setAllowInsecureProtocol(boolean allowInsecureProtocol)
isAllowInsecureProtocol()public void setUseExpectContinue(boolean useExpectContinue)
public boolean isUseExpectContinue()
false.
When enabled, whether or not a store request would succeed is checked with the server before attempting.
This is particularly useful when potentially dealing with large artifacts that may be rejected by the server with a 413 Payload Too Large response,
as it avoids the overhead of transmitting the large file just to have it rejected.
This fail-fast behavior comes at the expense of extra marginal overhead for successful requests,
due to the extra network communication required by the initial check.
Note: not all HTTP servers support expect-continue.setUseExpectContinue(boolean)