If you want to use S3 storage for the sccache cache, you need to set the SCCACHE_BUCKET environment variable to the name of the S3 bucket to use.
You can configure the region using the SCCACHE_REGION environment variable, or specify the region key in ~/.aws/credentials. Alternatively you can specify the endpoint URL using the SCCACHE_ENDPOINT environment variable. To connect to a minio storage for example you can set SCCACHE_ENDPOINT=<ip>:<port>.
If your endpoint requires HTTPS/TLS, set SCCACHE_S3_USE_SSL=true. If you don't need a secure network layer, HTTP (SCCACHE_S3_USE_SSL=false) might be better for performance.
You can also define a prefix that will be prepended to the keys of all cache objects created and read within the S3 bucket, effectively creating a scope. To do that use the SCCACHE_S3_KEY_PREFIX environment variable. This can be useful when sharing a bucket with another application.
Sccache is able to load credentials from various sources. Including:
- Static:
AWS_ACCESS_KEY_IDandAWS_SECRET_ACCESS_KEY. - Profile:
~/.aws/credentialsand~/.aws/config. The AWS_PROFILE environment variable can be used to select a specific profile if multiple profiles are available. - EC2 Metadata Services: Via IMDSv2.
- AssumeRole: assume role with the role specified by
AWS_ROLE_ARN. - AssumeRoleWithWebIdentity: assume role with web webIdentity specified by
AWS_ROLE_ARNandAWS_WEB_IDENTITY_TOKEN_FILE.
Alternatively, the SCCACHE_S3_NO_CREDENTIALS environment variable can be set to use public readonly access to the S3 bucket, without the need for credentials. This can be useful for implementing a readonly cache for pull requests, which typically cannot be given access to credentials for security reasons.