Table of Contents
| API Documentation: | HttpBuildCache |
|---|
Configuration object for the HTTP build cache. The build cache only supports BASIC authentication currently.
Cache entries are loaded via GET and stored via PUT requests.
For a GET request we expect a 200 or 404 response and for PUT we expect any 2xx response. Other responses are treated as recoverable or non-recoverable errors, depending on the status code. E.g. we treat authentication failures (401 and 409) as non-recoverable while an internal server error (500) is recoverable.
| Property | Description |
allowInsecureProtocol | Incubating Specifies whether it is acceptable to communicate with a build cache over an insecure HTTP connection. |
allowUntrustedServer | Specifies whether it is acceptable to communicate with an HTTP build cache backend with an untrusted SSL certificate. |
enabled | Whether the build cache is enabled. |
push | Whether a given build can store outputs in the build cache. |
url | The URI to the cache. |
| Method | Description |
credentials(configuration) | Configures the credentials used to access the HTTP cache backend. |
Note: This property is incubating and may change in a future version of Gradle.
Specifies whether it is acceptable to communicate with a build cache over an insecure HTTP connection.
For security purposes this intentionally requires a user to opt-in to using insecure protocols on case by case basis.
Gradle intentionally does not offer a global system/gradle property that allows a universal disable of this check.
Allowing communication over insecure protocols allows for a man-in-the-middle to impersonate the intended server, and gives an attacker the ability to serve malicious executable code onto the system.
See also: Want to take over the Java ecosystem? All you need is a MITM!
Specifies whether it is acceptable to communicate with an HTTP build cache backend with an untrusted SSL certificate.
The SSL certificate for the HTTP build cache backend may be untrusted since it is internally provisioned or a self-signed certificate.
In such a scenario, you can either configure the build JVM environment to trust the certificate,
or set this property to true to disable verification of the server's identity.
Allowing communication with untrusted servers keeps data encrypted during transmission, but makes it easier for a man-in-the-middle to impersonate the intended server and capture data.
This value has no effect if a server is specified using the HTTP protocol (i.e. has SSL disabled).
URI url
The URI to the cache.
void credentials(Action<? super HttpBuildCacheCredentials>
Action<? super HttpBuildCacheCredentials>Configures the credentials used to access the HTTP cache backend.