Skip to content

fix(oauth2_http): Avoid retrying on 403 Forbidden during GCE metadata ping#13715

Open
macastelaz wants to merge 6 commits into
mainfrom
remove-gce-403-retry
Open

fix(oauth2_http): Avoid retrying on 403 Forbidden during GCE metadata ping#13715
macastelaz wants to merge 6 commits into
mainfrom
remove-gce-403-retry

Conversation

@macastelaz

Copy link
Copy Markdown

Don't retry GCE Metadata 403 errors which are generally non-retriable errors and only adds startup noise/latency by retrying 3 times.

Fixes #13649

@macastelaz macastelaz requested review from a team as code owners July 9, 2026 01:49

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates ComputeEngineCredentials to handle 403 Forbidden responses during the Compute Engine metadata server ping check by immediately returning false instead of logging an unexpected exception. It also introduces a new test case to verify this behavior and adds request counting to MockMetadataServerTransport to ensure no retries occur. There are no review comments, and I have no additional feedback to provide.

@macastelaz macastelaz force-pushed the remove-gce-403-retry branch from fe14912 to b5f6618 Compare July 9, 2026 02:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

bug(auth): ComputeEngineCredentials.isOnGce retries on non-transient 403 Forbidden responses

1 participant