jetify-com · mikeland73 · Apr 15, 2024 · Apr 15, 2024 · Apr 15, 2024 · Apr 15, 2024
diff --git a/go.mod b/go.mod
@@ -40,7 +40,7 @@ require (
 	github.com/wk8/go-ordered-map/v2 v2.1.8
 	github.com/zealic/go2node v0.1.0
 	go.jetpack.io/envsec v0.0.16-0.20240329013200-4174c0acdb00
-	go.jetpack.io/pkg v0.0.0-20240411004921-791796648f19
+	go.jetpack.io/pkg v0.0.0-20240415190428-d17de207b432
 	go.jetpack.io/typeid v1.0.1-0.20240410183543-96a4fd53d1e2
 	golang.org/x/exp v0.0.0-20240222234643-814bf88cf225
 	golang.org/x/mod v0.16.0

diff --git a/go.sum b/go.sum
@@ -362,6 +362,8 @@ go.jetpack.io/envsec v0.0.16-0.20240329013200-4174c0acdb00 h1:Kb+OlWOntAq+1nF+01
 go.jetpack.io/envsec v0.0.16-0.20240329013200-4174c0acdb00/go.mod h1:dVG2n8fBAGpQczW8yk/6wuXb9uEhzaJF7wGXkGLRRCU=
 go.jetpack.io/pkg v0.0.0-20240411004921-791796648f19 h1:ZloUPW4zNknwS2mYSmMVAtMfl3H2zZUCz+MxU5s79fY=
 go.jetpack.io/pkg v0.0.0-20240411004921-791796648f19/go.mod h1:JfVScypw14E4GR2TA2Nv29JqalRtgv2C9QjeQcNS4UM=
+go.jetpack.io/pkg v0.0.0-20240415190428-d17de207b432 h1:5B9uUxqzwDLUi+m/SVawTMszOmCK6KnUWb4yiCZJumg=
+go.jetpack.io/pkg v0.0.0-20240415190428-d17de207b432/go.mod h1:JfVScypw14E4GR2TA2Nv29JqalRtgv2C9QjeQcNS4UM=
 go.jetpack.io/typeid v1.0.1-0.20240410183543-96a4fd53d1e2 h1:w9uWg8BAim374iWzxEuDhf6MJ/cMQVR/0xi/L3DgfT0=
 go.jetpack.io/typeid v1.0.1-0.20240410183543-96a4fd53d1e2/go.mod h1:zqBUNjE3NxAL8wRYW2LcOpH5LxCvTqthm9YSuuu1ic4=
 go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=

diff --git a/internal/boxcli/cache.go b/internal/boxcli/cache.go
@@ -5,6 +5,7 @@ package boxcli
 
 import (
 	"encoding/json"
+	"fmt"
 	"os/user"
 
 	"github.com/MakeNowJust/heredoc/v2"
@@ -64,7 +65,7 @@ func cacheCmd() *cobra.Command {
 	cacheCommand.AddCommand(uploadCommand)
 	cacheCommand.AddCommand(cacheConfigureCmd())
 	cacheCommand.AddCommand(cacheCredentialsCmd())
-	cacheCommand.Hidden = true
+	cacheCommand.AddCommand(cacheInfoCmd())
 
 	return cacheCommand
 }
@@ -108,3 +109,25 @@ func cacheCredentialsCmd() *cobra.Command {
 		},
 	}
 }
+
+func cacheInfoCmd() *cobra.Command {
+	return &cobra.Command{
+		Use:   "info",
+		Short: "Output information about the nix cache",
+		Args:  cobra.ExactArgs(0),
+		RunE: func(cmd *cobra.Command, args []string) error {
+			// TODO(gcurtis): We can also output info about the daemon config status
+			// here
+			uri, err := nixcache.Get().URI(cmd.Context())
+			if err != nil {
+				return err
+			}
+			if uri == "" {
+				fmt.Fprintln(cmd.OutOrStdout(), "No cache configured")
+				return nil
+			}
+			fmt.Fprintln(cmd.OutOrStdout(), "Cache URI:", uri)
+			return err
+		},
+	}
+}
diff --git a/internal/devbox/packages.go b/internal/devbox/packages.go
@@ -452,8 +452,10 @@ func (d *Devbox) installNixPackagesToStore(ctx context.Context, mode installMode
 			Flags:         flags,
 			Writer:        d.stderr,
 		}
-		args.ExtraSubstituter, err = d.providers.NixCache.URI(ctx)
-		if err == nil {
+		args.ExtraSubstituter, _ = d.providers.NixCache.URI(ctx)
+		// TODO (Landau): handle errors that are not auth.ErrNotLoggedIn
+		// Only lookup credentials if we have a cache to use
+		if args.ExtraSubstituter != "" {
 			creds, err := d.providers.NixCache.Credentials(ctx)
 			if err == nil {
 				args.Env = creds.Env()

diff --git a/internal/devbox/providers/nixcache/nixcache.go b/internal/devbox/providers/nixcache/nixcache.go
@@ -185,22 +185,29 @@ func (*Provider) executable() string {
 // private cache.
 func (p *Provider) Credentials(ctx context.Context) (AWSCredentials, error) {
 	cache := filecache.New[AWSCredentials]("devbox/providers/nixcache")
-	creds, err := cache.GetOrSetWithTime("credentials", func() (AWSCredentials, time.Time, error) {
-		token, err := identity.Get().GenSession(ctx)
-		if err != nil {
-			return AWSCredentials{}, time.Time{}, err
-		}
-		client := api.NewClient(ctx, build.JetpackAPIHost(), token)
-		creds, err := client.GetAWSCredentials(ctx)
-		if err != nil {
-			return AWSCredentials{}, time.Time{}, err
-		}
-		exp := time.Time{}
-		if t := creds.GetExpiration(); t != nil {
-			exp = t.AsTime()
-		}
-		return newAWSCredentials(creds), exp, nil
-	})
+	token, err := identity.Get().GenSession(ctx)
+	if err != nil {
+		return AWSCredentials{}, err
+	}
+	creds, err := cache.GetOrSetWithTime(
+		"credentials-"+token.IDClaims().Subject,
+		func() (AWSCredentials, time.Time, error) {
+			token, err := identity.Get().GenSession(ctx)
+			if err != nil {
+				return AWSCredentials{}, time.Time{}, err
+			}
+			client := api.NewClient(ctx, build.JetpackAPIHost(), token)
+			creds, err := client.GetAWSCredentials(ctx)
+			if err != nil {
+				return AWSCredentials{}, time.Time{}, err
+			}
+			exp := time.Time{}
+			if t := creds.GetExpiration(); t != nil {
+				exp = t.AsTime()
+			}
+			return newAWSCredentials(creds), exp, nil
+		},
+	)
 	if err != nil {
 		return AWSCredentials{}, redact.Errorf("nixcache: get credentials: %w", redact.Safe(err))
 	}
@@ -212,21 +219,31 @@ func (p *Provider) Credentials(ctx context.Context) (AWSCredentials, error) {
 // and a nil error.
 func (p *Provider) URI(ctx context.Context) (string, error) {
 	cache := filecache.New[string]("devbox/providers/nixcache")
-	uri, err := cache.GetOrSet("uri", func() (string, time.Duration, error) {
-		token, err := identity.Get().GenSession(ctx)
-		if err != nil {
-			return "", 0, err
-		}
-		client := api.NewClient(ctx, build.JetpackAPIHost(), token)
-		resp, err := client.GetBinCache(ctx)
-		if err != nil {
-			return "", 0, redact.Errorf("nixcache: get uri: %w", redact.Safe(err))
-		}
-
-		// TODO(gcurtis): do a better job of invalidating the URI after
-		// logout or after a Nix command fails to query the cache.
-		return resp.GetNixBinCacheUri(), 24 * time.Hour, nil
-	})
+	token, err := identity.Get().GenSession(ctx)
+	if err != nil {
+		return "", err
+	}
+	// Landau: I think we can probably remove this cache? This endpoint is very
+	// fast and we only use this for build/upload which are slow.
+	uri, err := cache.GetOrSet(
+		"uri-"+token.IDClaims().Subject,
+		func() (string, time.Duration, error) {
+			client := api.NewClient(ctx, build.JetpackAPIHost(), token)
+			resp, err := client.GetBinCache(ctx)
+			if err != nil {
+				return "", 0, redact.Errorf("nixcache: get uri: %w", redact.Safe(err))
+			}
+
+			// Don't cache negative responses.
+			if resp.GetNixBinCacheUri() == "" {
+				return "", 0, nil
+			}
+
+			// TODO(gcurtis): do a better job of invalidating the URI after
+			// a Nix command fails to query the cache.
+			return resp.GetNixBinCacheUri(), 24 * time.Hour, nil
+		},
+	)
 	if err != nil {
 		return "", redact.Errorf("nixcache: get uri: %w", redact.Safe(err))
 	}