@@ -93,19 +93,27 @@ pub async fn init_cache(
9393 } ;
9494 let api = ApiClient :: from_server_config ( server_config) ?;
9595
96- // Periodically refresh JWT in GitHub Actions environment
97- if environment. is_github_actions ( ) {
96+ // Periodically refresh JWT when not in GitLab CI (which doesn't have a way for us to request a
97+ // new token). If we're running in GitHub or Buildkite, and the auth source is determinate-nixd,
98+ // we'll refresh the auth info whenever the netrc file is rewritten.
99+ if !environment. is_gitlab_ci ( ) {
98100 match auth_method {
99101 super :: FlakeHubAuthSource :: Netrc ( path) => {
100- let netrc_path_clone = path. to_path_buf ( ) ;
101- let initial_github_jwt_clone = flakehub_password. clone ( ) ;
102- let api_clone = api. clone ( ) ;
103-
104- tokio:: task:: spawn ( refresh_github_actions_jwt_worker (
105- netrc_path_clone,
106- initial_github_jwt_clone,
107- api_clone,
108- ) ) ;
102+ if environment. is_github_actions ( ) {
103+ let netrc_path_clone = path. to_path_buf ( ) ;
104+ let initial_github_jwt_clone = flakehub_password. clone ( ) ;
105+ let api_clone = api. clone ( ) ;
106+
107+ tokio:: task:: spawn ( refresh_github_actions_jwt_worker (
108+ netrc_path_clone,
109+ initial_github_jwt_clone,
110+ api_clone,
111+ ) ) ;
112+ } else {
113+ tracing:: warn!(
114+ "not running in GitHub Actions -- netrc auth source will not be refreshed!"
115+ ) ;
116+ }
109117 }
110118 crate :: FlakeHubAuthSource :: DeterminateNixd => {
111119 let api_clone = api. clone ( ) ;
@@ -127,6 +135,10 @@ pub async fn init_cache(
127135 ) ) ;
128136 }
129137 }
138+ } else {
139+ tracing:: warn!(
140+ "running in GitLab CI -- auth cannot be refreshed, so don't take too long..."
141+ ) ;
130142 }
131143
132144 // Get the cache UUID for this project.
0 commit comments