|
22 | 22 | using BuildXL.Cache.MemoizationStore.Sessions; |
23 | 23 | using Microsoft.Build.Experimental.ProjectCache; |
24 | 24 | using Microsoft.MSBuildCache.Caching; |
25 | | -using Microsoft.MSBuildCache.SourceControl; |
26 | 25 |
|
27 | 26 | namespace Microsoft.MSBuildCache.AzureBlobStorage; |
28 | 27 |
|
@@ -75,25 +74,17 @@ protected override async Task<ICacheClient> CreateCacheClientAsync(PluginLoggerB |
75 | 74 |
|
76 | 75 | ICacheSession localCacheSession = await StartCacheSessionAsync(context, localCache, "local"); |
77 | 76 |
|
78 | | - // We want our caches to be secure by default. For Pipeline Caching, branches are isolated on the server-side. |
79 | | - // For Blob L3, we need to isolate the cache namespace on the client-side. We do this by using the branch name as the cache namespace. |
80 | | - // Note: The build still has access to broad access to the underlying Storage account, so this is *not* a true security boundary, |
81 | | - // but rather a best effort attempt. |
82 | | - |
83 | | - // The cache universe and namespace are directly applied to the name of the container, so we need to sanitize and summarize with hash. |
84 | | - string @namespace = await Git.BranchNameAsync(logger, Settings.RepoRoot); |
85 | | - string cacheContainer = $"{Settings.CacheUniverse}-{@namespace}"; |
86 | | - |
| 77 | + // The cache universe and namespace are directly applied to the name of the container, so we need to sanitize and summarize with lowercase hash. |
87 | 78 | #pragma warning disable CA1308 // Azure Storage only supports lowercase |
88 | | - string cacheContainerHash = ContentHasher.GetContentHash(Encoding.UTF8.GetBytes(cacheContainer)).ToShortString(includeHashType: false).ToLowerInvariant(); |
| 79 | + string cacheUniverse = ContentHasher.GetContentHash(Encoding.UTF8.GetBytes(Settings.CacheUniverse)).ToShortString(includeHashType: false).ToLowerInvariant(); |
89 | 80 | #pragma warning restore CA1308 // Azure Storage only supports lowercase |
90 | 81 |
|
91 | | - logger.LogMessage($"Using cache namespace '{cacheContainer}' as '{cacheContainerHash}'."); |
| 82 | + logger.LogMessage($"Using cache universe '{Settings.CacheUniverse}' as '{cacheUniverse}'."); |
92 | 83 |
|
93 | 84 | IAzureStorageCredentials credentials = CreateAzureStorageCredentials(Settings, cancellationToken); |
94 | 85 |
|
95 | 86 | #pragma warning disable CA2000 // Dispose objects before losing scope. Expected to be disposed by TwoLevelCache |
96 | | - ICache remoteCache = CreateRemoteCache(new OperationContext(context, cancellationToken), cacheContainerHash, Settings.RemoteCacheIsReadOnly, credentials); |
| 87 | + ICache remoteCache = CreateRemoteCache(new OperationContext(context, cancellationToken), cacheUniverse, Settings.RemoteCacheIsReadOnly, credentials); |
97 | 88 | #pragma warning restore CA2000 // Dispose objects before losing scope |
98 | 89 |
|
99 | 90 | ICacheSession remoteCacheSession = await StartCacheSessionAsync(context, remoteCache, "remote"); |
@@ -192,7 +183,7 @@ private static ICache CreateRemoteCache(OperationContext context, string cacheUn |
192 | 183 | AzureBlobStorageCacheFactory.Configuration cacheConfig = new( |
193 | 184 | ShardingScheme: new ShardingScheme(ShardingAlgorithm.SingleShard, [accountName]), |
194 | 185 | Universe: cacheUniverse, |
195 | | - Namespace: "0", |
| 186 | + Namespace: AzureBlobStorageCacheFactory.Configuration.DefaultNamespace, |
196 | 187 | RetentionPolicyInDays: null, |
197 | 188 | IsReadOnly: isReadOnly); |
198 | 189 | return AzureBlobStorageCacheFactory.Create(context, cacheConfig, new StaticBlobCacheSecretsProvider(credentials)).Cache; |
|
0 commit comments