[9.0.0] Partially revert "Make download cache entries read-only" #28160
Conversation
This reverts commit 65fe463. Breaks repo rules that hit a download cache entry and subsequently attempt to overwrite the file (e.g. http_archive's handling of remote module files). Keeps the added test as it doesn't depend on the change. Work towards bazelbuild#28031 Closes bazelbuild#28148. PiperOrigin-RevId: 852373210 Change-Id: I9e5e9ae87696068fbcb41cfd4dc77c36fea8248b
bazel-io
added
team-ExternalDeps
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request partially reverts a previous change, removing the read-only attribute from download cache entries. This is intended to fix a regression where repository rules that need to modify cached files were failing with permission errors.
While this change unblocks those rules, it re-introduces the risk of cache corruption if a hardlinked file is modified by a user. The build system will detect this corruption via checksum validation, but this will result in a build failure requiring manual intervention (deleting the corrupted cache entry). This is a significant trade-off for cache reliability.
For a more robust long-term solution, consider modifying the affected repository rules to request a copy of the file instead of a hardlink when modification is intended. This can be achieved by passing mayHardlink=false to DownloadCache.get().
I am having trouble creating individual review comments. Click here to see my feedback.
src/main/java/com/google/devtools/build/lib/bazel/repository/cache/DownloadCache.java (249-250)
Removing this read-only protection re-introduces the risk of cache corruption when hardlinked files are modified. While this is being done to fix a regression, it's a significant trade-off that impacts cache reliability.
The existing checksum validation on cache reads will prevent silent corruption, but it will cause build failures that require users to manually clean their cache directories. This can lead to a frustrating user experience.
As a long-term solution, it would be better to update the repository rules that modify these files to request copies instead of hardlinks (by passing mayHardlink=false to DownloadCache.get()). This would prevent both the permission errors this PR is fixing and the cache corruption issue.
github-actions
bot
removed
the
awaiting-review
4 participants
This reverts commit 65fe463.
Breaks repo rules that hit a download cache entry and subsequently attempt to overwrite the file (e.g. http_archive's handling of remote module files).
Keeps the added test as it doesn't depend on the change.
Work towards #28031
Closes #28148.
PiperOrigin-RevId: 852373210
Change-Id: I9e5e9ae87696068fbcb41cfd4dc77c36fea8248b
Commit d5dba3f