[credentialhelper] Ignore all errors when writing stdin (#18540)

It's totally fine for helpers to not care about the request on stdin and close stdin early. ``` ERROR: java.io.IOException: Broken pipe at java.base/java.io.FileOutputStream.writeBytes(Native Method) at java.base/java.io.FileOutputStream.write(Unknown Source) at java.base/java.io.BufferedOutputStream.flushBuffer(Unknown Source) at java.base/java.io.BufferedOutputStream.flush(Unknown Source) at java.base/java.io.FilterOutputStream.close(Unknown Source) at java.base/sun.nio.cs.StreamEncoder.implClose(Unknown Source) at java.base/sun.nio.cs.StreamEncoder.close(Unknown Source) at java.base/java.io.OutputStreamWriter.close(Unknown Source) at com.google.devtools.build.lib.authandtls.credentialhelper.CredentialHelper.getCredentials(CredentialHelper.java:83) at com.google.devtools.build.lib.authandtls.credentialhelper.CredentialHelperCredentials.getCredentialsFromHelper(CredentialHelperCredentials.java:108) at com.github.benmanes.caffeine.cache.BoundedLocalCache.lambda$doComputeIfAbsent$13(BoundedLocalCache.java:2451) at java.base/java.util.concurrent.ConcurrentHashMap.compute(Unknown Source) at com.github.benmanes.caffeine.cache.BoundedLocalCache.doComputeIfAbsent(BoundedLocalCache.java:2449) at com.github.benmanes.caffeine.cache.BoundedLocalCache.computeIfAbsent(BoundedLocalCache.java:2432) at com.github.benmanes.caffeine.cache.LocalCache.computeIfAbsent(LocalCache.java:107) at com.github.benmanes.caffeine.cache.LocalManualCache.get(LocalManualCache.java:62) at com.google.devtools.build.lib.authandtls.credentialhelper.CredentialHelperCredentials.getRequestMetadata(CredentialHelperCredentials.java:80) at com.google.auth.Credentials.blockingGetToCallback(Credentials.java:112) at com.google.auth.Credentials$1.run(Credentials.java:98) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.base/java.lang.Thread.run(Unknown Source) ``` Follow-up on 7c235ff Closes #18501. PiperOrigin-RevId: 536403312 Change-Id: I837bae70978e29f748c0fcc398c8f64de2b7b7c6 Co-authored-by: Yannic <yannic@engflow.com>
bazelbuild · May 31, 2023 · 4afed73 · 4afed73
1 parent 53d1d23
commit 4afed73
Showing 1 changed file with 2 additions and 6 deletions.
diff --git a/...main/java/com/google/devtools/build/lib/authandtls/credentialhelper/CredentialHelper.java b/...main/java/com/google/devtools/build/lib/authandtls/credentialhelper/CredentialHelper.java
@@ -82,12 +82,8 @@ public GetCredentialsResponse getCredentials(CredentialHelperEnvironment environ
           GSON.toJson(GetCredentialsRequest.newBuilder().setUri(uri).build(), stdin);
         } catch (IOException e) {
           // This can happen if the helper prints a static set of credentials without reading from
-          // stdin (e.g., with a simple shell script running `echo "{...}"`). If the process is
-          // already finished even though we failed to write to its stdin, ignore the error and
-          // assume the process did not need the request payload.
-          if (!process.finished()) {
-            throw e;
-          }
+          // stdin (e.g., with a simple shell script running `echo "{...}"`). This is fine to
+          // ignore.
         }
 
         try {