diff --git a/src/main/java/com/google/devtools/build/lib/authandtls/AuthAndTLSOptions.java b/src/main/java/com/google/devtools/build/lib/authandtls/AuthAndTLSOptions.java index d215fa8817ae9b..22dd94d1002d7e 100644 --- a/src/main/java/com/google/devtools/build/lib/authandtls/AuthAndTLSOptions.java +++ b/src/main/java/com/google/devtools/build/lib/authandtls/AuthAndTLSOptions.java @@ -15,11 +15,14 @@ package com.google.devtools.build.lib.authandtls; import com.google.devtools.common.options.Converters.CommaSeparatedOptionListConverter; +import com.google.devtools.common.options.Converters.DurationConverter; import com.google.devtools.common.options.Option; import com.google.devtools.common.options.OptionDocumentationCategory; import com.google.devtools.common.options.OptionEffectTag; import com.google.devtools.common.options.OptionMetadataTag; import com.google.devtools.common.options.OptionsBase; + +import java.time.Duration; import java.util.List; /** @@ -100,4 +103,35 @@ public class AuthAndTLSOptions extends OptionsBase { + "value a valid TLS authority." ) public String tlsAuthorityOverride; + + @Option( + name = "grpc_keepalive_time", + defaultValue = "null", + converter = DurationConverter.class, + documentationCategory = OptionDocumentationCategory.UNCATEGORIZED, + effectTags = {OptionEffectTag.UNKNOWN}, + help = + "Configures keep-alive pings for outgoing gRPC connections. If this is set, then " + + "Bazel sends pings after this much time of no read operations on the connection, " + + "but only if there is at least one pending gRPC call. Times are treated as second " + + "granularity; it is an error to set a value less than one second. By default, " + + "keep-alive pings are disabled. You should coordinate with the service owner " + + "before enabling this setting." + ) + public Duration grpcKeepaliveTime; + + @Option( + name = "grpc_keepalive_timeout", + defaultValue = "20s", + converter = DurationConverter.class, + documentationCategory = OptionDocumentationCategory.UNCATEGORIZED, + effectTags = {OptionEffectTag.UNKNOWN}, + help = + "Configures a keep-alive timeout for outgoing gRPC connections. If keep-alive pings are " + + "enabled with --grpc_keepalive_time, then Bazel times out a connection if it does " + + "not receive a ping reply after this much time. Times are treated as second " + + "granularity; it is an error to set a value less than one second. If keep-alive " + + "pings are disabled, then this setting is ignored." + ) + public Duration grpcKeepaliveTimeout; } diff --git a/src/main/java/com/google/devtools/build/lib/authandtls/GoogleAuthUtils.java b/src/main/java/com/google/devtools/build/lib/authandtls/GoogleAuthUtils.java index 9be58e6d01ba10..c3ec90e878ed90 100644 --- a/src/main/java/com/google/devtools/build/lib/authandtls/GoogleAuthUtils.java +++ b/src/main/java/com/google/devtools/build/lib/authandtls/GoogleAuthUtils.java @@ -41,6 +41,7 @@ import java.io.IOException; import java.io.InputStream; import java.util.List; +import java.util.concurrent.TimeUnit; import javax.annotation.Nullable; /** Utility methods for using {@link AuthAndTLSOptions} with Google Cloud. */ @@ -72,6 +73,10 @@ public static ManagedChannel newChannel( newNettyChannelBuilder(targetUrl, proxy) .negotiationType( isTlsEnabled(target) ? NegotiationType.TLS : NegotiationType.PLAINTEXT); + if (options.grpcKeepaliveTime != null) { + builder.keepAliveTime(options.grpcKeepaliveTime.getSeconds(), TimeUnit.SECONDS); + builder.keepAliveTimeout(options.grpcKeepaliveTimeout.getSeconds(), TimeUnit.SECONDS); + } if (interceptors != null) { builder.intercept(interceptors); }