Skip to content

Add Cloud provider error message details for cache upload failures to cloud storage targets

Romuald Atchadé - OOO until Jan 11th, 2026requested to merge
gcs-error-message-cache-up-failure into main

What does this MR do?

Improve the error message logging in the event of cache upload failure

Why was this MR needed?

To better explain the reason why the cache upload has failed

What's the best way to test this MR?

  1. Create a GCS Bucket and enable retention policy to 1 hour
  2. Use the following config.toml
config.toml 
listen_address = ":9252"
concurrent = 3
check_interval = 1
# log_level = "debug"
log_format = "runner"
connection_max_age = "15m0s"
shutdown_timeout = 0

[session_server]
  session_timeout = 1800

[[runners]]
  pre_get_sources_script = "git config --system --add safe.directory $CI_PROJECT_DIR"
  post_get_sources_script = "git config --local --add safe.directory $CI_PROJECT_DIR"

  limit = 50
  url = "https://gitlab.com/"
  id = 0
  token = "glrt-REDACTED"
  token_obtained_at = 2024-09-30T14:38:04.623237Z
  executor = "kubernetes"
  environment = []
  # shell = "bash"
  [runners.cache]
    Type = "gcs"
    MaxUploadedArchiveSize = 0
    Shared = false
    [runners.cache.gcs]
      CredentialsFile = "PATH_TO_CREDENTIAL_FILE"
      BucketName = "BUCKET_NAME"
  [runners.feature_flags]
    FF_USE_ADVANCED_POD_SPEC_CONFIGURATION = true
    FF_USE_POD_ACTIVE_DEADLINE_SECONDS = true
    FF_PRINT_POD_EVENTS = true
    FF_USE_FASTZIP = true
    FF_DISABLE_UMASK_FOR_KUBERNETES_EXECUTOR = true
  [runners.kubernetes]
    host = ""
    bearer_token_overwrite_allowed = false
    # image = ""
    image = "alpine"
    namespace = ""
    namespace_overwrite_allowed = ""
    namespace_per_job = false
    helper_image = "registry.gitlab.com/gitlab-org/gitlab-runner/gitlab-runner-helper-dev:alpine-edge-x86_64-86d0118b"
    privileged = true
    node_selector_overwrite_allowed = ".*"
    node_tolerations_overwrite_allowed = ""
    pod_labels_overwrite_allowed = ""
    service_account_overwrite_allowed = ""
    pull_policy = "always"
    allowed_pull_policies = ["always", "if-not-present", "never"]
    [runners.kubernetes.pod_labels]
    [[runners.kubernetes.volumes.empty_dir]]
      name = "docker-certs"
      mount_path = "/certs/client"
      medium = "Memory"
    [runners.kubernetes.build_container_security_context]
      run_as_user = 1000
      run_as_group = 65533
    [runners.kubernetes.dns_config]
  1. Use the following gitlab-ci.yaml
gitlab-ci 
variables:
  FF_USE_POWERSHELL_PATH_RESOLVER: "true"
  FF_RETRIEVE_POD_WARNING_EVENTS: "true"
  FF_PRINT_POD_EVENTS: "true"

test:
  image: alpine
  cache:
    paths:
      - cache_file
  script:
    - mkdir -p cache_file
    - touch cache_file/test.txt

The cache upload fails with the following error

Saving cache for successful job
00:01
Creating cache my-key-2-non_protected...
cache_file: found 2 matching artifact files and directories 
Uploading cache.zip to https://storage.googleapis.com/touni-test-bucket/runner/REDACTED/project/25452826/my-key-2-non_protected 
FATAL: received: 403 Forbidden. Request failed with code: RetentionPolicyNotMet, message: Object overwrite or deletion is not allowed due to retention policy. 
Failed to create cache

What are the relevant issue numbers?

close #4127 (closed)

Edited by Romuald Atchadé - OOO until Jan 11th, 2026

Merge request reports