Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BES is incompatible with Bazel remote caching on GCS #12

Open
amlinux opened this issue Apr 20, 2020 · 2 comments
Open

BES is incompatible with Bazel remote caching on GCS #12

amlinux opened this issue Apr 20, 2020 · 2 comments
Labels
enhancement New feature or request

Comments

@amlinux
Copy link

amlinux commented Apr 20, 2020

I encountered an incompatibility between BES setup in TeamCity and Bazel remote caching on GCS.
Due to a combination of the following facts:

  • GCS caching requires passing Google service account credentials to Bazel (--default_google_credentials option).
  • Google service account credentials are issued with certain policy restrictions (all connections must be authenticated and encrypted PRIVACY_AND_INTEGRITY) respected by gRPC.
  • The same credentials are apllied to all outgoing connections from Bazel (both remote caching and BES are affected).
  • BES in the Bazel agent plugin is configured without encryption (protocol grpc:// as opposed to grpcs://).

I see the following errors:

ERROR: The Build Event Protocol upload failed: UNAUTHENTICATED: UNAUTHENTICATED: Credentials require channel with PRIVACY_AND_INTEGRITY security level. Observed security level: NONE
@NikolayPianikov NikolayPianikov self-assigned this May 15, 2020
@NikolayPianikov
Copy link
Contributor

NikolayPianikov commented May 19, 2020
edited
Loading

@amlinux Alternatively, please use a binary event file for TeamCity integration

@NikolayPianikov NikolayPianikov added the enhancement New feature or request label May 19, 2020
@NikolayPianikov NikolayPianikov removed their assignment May 19, 2020
@amlinux
Copy link
Author

amlinux commented May 20, 2020

I do use binary event files now. To me it feels like it lacks realtime updates as the build/test progresses. Apparently some buffering is involved there. It would be great to have the proper solution.

@IgorMinar IgorMinar mentioned this issue May 27, 2020
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@amlinux @NikolayPianikov