Go pit filling: using Private warehouse as module dependency

Keywords: Go GitLab git ssh github

This article is published synchronously in Personal blog.

The development of Golang can be described as changing with each passing day, but this is not a commendatory term, but it is said that there are many imperfections in its performance and function. With the development of small versions, the same function will also have destructive changes.

But since we chose Golang, whether it's unreasonable or not, we have to endure Russ Cox's radical changes to the language.

This article briefly introduces the problems encountered when go mod, which is introduced after version 1.11, uses private repositories.

Use go get directly

When you directly use go get... To add a private warehouse dependency, the following error occurs:

get "gitlab.com/xxx": found meta tag get.metaImport{Prefix:"gitlab.com/xxx", VCS:"git", RepoRoot:"https://gitlab.com/xxx.git"} at //gitlab.com/xxx?go-get=1
go get gitlab.com/xxx: git ls-remote -q https://gitlab.com/xxx.git in /Users/sulin/go/pkg/mod/cache/vcs/91fae55e78195f3139c4f56af15f9b47ba7aa6ca0fa761efbd5b6e2b16d5159d: exit status 128:
    fatal: could not read Username for 'https://gitlab.com': terminal prompts disabled
Confirm the import path was entered correctly.
If this is a private repository, see https://golang.org/doc/faq#git_https for additional information.

It can be seen from the error information that ssh pubkey is usually configured for authentication when we use the private warehouse, but go get uses https instead of ssh to download dependencies, which leads to authentication failure.

GOPROXY error

If the GOPROXY agent is configured, the error message is as follows:

go get gitlab.com/xxx: module gitlab.com/xxx: reading https://goproxy.io/gitlab.com/xxx/@v/list: 404 Not Found

From the error information, we can see that go get pulls the private warehouse through the proxy service, and the proxy service can't access the private warehouse, so there is a 404 error.

Version 1.12 solution

In versions 1.11 and 1.12, the mainstream solution is to configure git to enforce ssh.

This solution can be seen in many blogs and Q & A:

git config --global url."git@gitlab.com:xxx/zz.git".insteadof "https://gitlab.com/xxx/zz.git"

But it conflicts with GOPROXY, which means that the solution doesn't work when using proxies.

Version 1.13 solution

After version 1.13, the previous solution will lead to another error in go get:

get "gitlab.com/xxx/zz": found meta tag get.metaImport{Prefix:"gitlab.com/xxx/zz", VCS:"git", RepoRoot:"https://gitlab.com/xxx/zz.git"} at //gitlab.com/xxx/zz?go-get=1
  verifying gitlab.com/xxx/zz@v0.0.1: gitlab.com/xxx/zz@v0.0.1: reading https://sum.golang.org/lookup/gitlab.com/xxx/zz@v0.0.1: 410 Gone

This error is because the new version of go mod will check the dependency package, but the private warehouse is invisible to sum.golang.org. Of course, it can't successfully execute the check.

That is to say, the solution of forcing git to adopt ssh is GG after version 1.13.

Of course, before closing the window, Golang also opened the door, which provides a more convenient solution: GOPRIVATE environment variable. To solve the above errors, you can configure as follows:

export GOPRIVATE=gitlab.com/xxx

It can declare the specified domain name as a private warehouse. When go get processes all the dependencies under the domain name, it will directly skip the logic such as GOPROXY and CHECKSUM, so as to avoid all the problems encountered previously.

In addition, the domain name gitlab.com/xxx is very flexible. By default, it matches the prefix. All the dependent modules of the prefix gitlab.com/xxx will be regarded as private modules, which will benefit enterprises and private groups once and for all.

Tip: if you access the private warehouse through ssh public key, remember to use ssh instead of https when git pulls the private warehouse.

It can be configured by the command git config. You can also modify ~ /. gitconfig directly and add the following configuration like me:

[url "git@github.com:"]
    insteadOf = https://github.com/
[url "git@gitlab.com:"]
    insteadOf = https://gitlab.com/

You can force go get to use ssh instead of https for github.com and gitlab.com.

Follow up version

There may be other changes in the future. If so, I will continue to improve this article.

By the way, I wrote my own logstore slf4go Make an advertisement.

Posted by djrichwz on Tue, 26 Nov 2019 21:21:14 -0800