@@ -185,22 +185,29 @@ func (*Provider) executable() string {
185
185
// private cache.
186
186
func (p * Provider ) Credentials (ctx context.Context ) (AWSCredentials , error ) {
187
187
cache := filecache.New [AWSCredentials ]("devbox/providers/nixcache" )
188
- creds , err := cache .GetOrSetWithTime ("credentials" , func () (AWSCredentials , time.Time , error ) {
189
- token , err := identity .Get ().GenSession (ctx )
190
- if err != nil {
191
- return AWSCredentials {}, time.Time {}, err
192
- }
193
- client := api .NewClient (ctx , build .JetpackAPIHost (), token )
194
- creds , err := client .GetAWSCredentials (ctx )
195
- if err != nil {
196
- return AWSCredentials {}, time.Time {}, err
197
- }
198
- exp := time.Time {}
199
- if t := creds .GetExpiration (); t != nil {
200
- exp = t .AsTime ()
201
- }
202
- return newAWSCredentials (creds ), exp , nil
203
- })
188
+ token , err := identity .Get ().GenSession (ctx )
189
+ if err != nil {
190
+ return AWSCredentials {}, err
191
+ }
192
+ creds , err := cache .GetOrSetWithTime (
193
+ "credentials-" + token .IDClaims ().Subject ,
194
+ func () (AWSCredentials , time.Time , error ) {
195
+ token , err := identity .Get ().GenSession (ctx )
196
+ if err != nil {
197
+ return AWSCredentials {}, time.Time {}, err
198
+ }
199
+ client := api .NewClient (ctx , build .JetpackAPIHost (), token )
200
+ creds , err := client .GetAWSCredentials (ctx )
201
+ if err != nil {
202
+ return AWSCredentials {}, time.Time {}, err
203
+ }
204
+ exp := time.Time {}
205
+ if t := creds .GetExpiration (); t != nil {
206
+ exp = t .AsTime ()
207
+ }
208
+ return newAWSCredentials (creds ), exp , nil
209
+ },
210
+ )
204
211
if err != nil {
205
212
return AWSCredentials {}, redact .Errorf ("nixcache: get credentials: %w" , redact .Safe (err ))
206
213
}
@@ -212,21 +219,31 @@ func (p *Provider) Credentials(ctx context.Context) (AWSCredentials, error) {
212
219
// and a nil error.
213
220
func (p * Provider ) URI (ctx context.Context ) (string , error ) {
214
221
cache := filecache.New [string ]("devbox/providers/nixcache" )
215
- uri , err := cache .GetOrSet ("uri" , func () (string , time.Duration , error ) {
216
- token , err := identity .Get ().GenSession (ctx )
217
- if err != nil {
218
- return "" , 0 , err
219
- }
220
- client := api .NewClient (ctx , build .JetpackAPIHost (), token )
221
- resp , err := client .GetBinCache (ctx )
222
- if err != nil {
223
- return "" , 0 , redact .Errorf ("nixcache: get uri: %w" , redact .Safe (err ))
224
- }
225
-
226
- // TODO(gcurtis): do a better job of invalidating the URI after
227
- // logout or after a Nix command fails to query the cache.
228
- return resp .GetNixBinCacheUri (), 24 * time .Hour , nil
229
- })
222
+ token , err := identity .Get ().GenSession (ctx )
223
+ if err != nil {
224
+ return "" , err
225
+ }
226
+ // Landau: I think we can probably remove this cache? This endpoint is very
227
+ // fast and we only use this for build/upload which are slow.
228
+ uri , err := cache .GetOrSet (
229
+ "uri-" + token .IDClaims ().Subject ,
230
+ func () (string , time.Duration , error ) {
231
+ client := api .NewClient (ctx , build .JetpackAPIHost (), token )
232
+ resp , err := client .GetBinCache (ctx )
233
+ if err != nil {
234
+ return "" , 0 , redact .Errorf ("nixcache: get uri: %w" , redact .Safe (err ))
235
+ }
236
+
237
+ // Don't cache negative responses.
238
+ if resp .GetNixBinCacheUri () == "" {
239
+ return "" , 0 , nil
240
+ }
241
+
242
+ // TODO(gcurtis): do a better job of invalidating the URI after
243
+ // a Nix command fails to query the cache.
244
+ return resp .GetNixBinCacheUri (), 24 * time .Hour , nil
245
+ },
246
+ )
230
247
if err != nil {
231
248
return "" , redact .Errorf ("nixcache: get uri: %w" , redact .Safe (err ))
232
249
}
0 commit comments