Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/tools/go/vcs: refresh from cmd/go #19362

Open
nalbion opened this Issue Mar 2, 2017 · 10 comments

Comments

Projects
None yet
5 participants
@nalbion
Copy link

nalbion commented Mar 2, 2017

kardianos/govendor#265 is due to golang.org/x/tools/go/vcs/http.go using http.DefaultClient.get(privateBitbucketUrl) without an Authorization header.

bitbucketVCS should extract the login and password from ~/.netrc

@josharian josharian changed the title golang.org/x/tools/go/vcs does not support private repos which require Authorization x/tools/go/vcs: support private repos which require Authorization Mar 2, 2017

@bradfitz

This comment has been minimized.

Copy link
Member

bradfitz commented Mar 3, 2017

@rsc, opinions on this?

@rsc

This comment has been minimized.

Copy link
Contributor

rsc commented Mar 6, 2017

Reading .netrc seems a bit hacky.

@nalbion

This comment has been minimized.

Copy link
Author

nalbion commented Mar 7, 2017

How is that hacky if the user who created the .netrc file (%HOME%\_netrc in Windows) is running a process which needs to access one of those domains? ...as long as you don't post the contents to Twitter or something ;-)

Another (not even mutually exclusive) option would be to parse ~/.gitconfig:

[url "ssh://git@bitbucket.org/"]
        insteadOf = https://bitbucket.org/
[url "ssh://git@github.com/"]
        insteadOf = https://github.com/
@rsc

This comment has been minimized.

Copy link
Contributor

rsc commented Mar 7, 2017

It's hacky because it's not the go command's job to recreate the functionality of other tools. We're not reading .gitconfig and we're not reading .netrc, and that's good.

That said, I think the go command itself handles bitbucketVCS just fine - for an auth failure it falls back to invoking git/hg directly, which is the perfect way to respect .netrc without parsing .netrc - and the x/tools/go/vcs copy is just out of date. Perhaps it is enough for someone to refresh the x/tools copy.

@nalbion

This comment has been minimized.

Copy link
Author

nalbion commented Mar 7, 2017

... So govendor sync is calling the wrong X/tools function?

@rsc

This comment has been minimized.

Copy link
Contributor

rsc commented Mar 7, 2017

No, I think x/tools/go/vcs (which is a copy of code internal to the go command) is out of date and needs to be updated.

@nalbion

This comment has been minimized.

Copy link
Author

nalbion commented Mar 7, 2017

Perhaps the go command should vendor this library so that there is one version of this code to maintain?

@rsc

This comment has been minimized.

Copy link
Contributor

rsc commented Mar 8, 2017

There will always be two copies to maintain. The go command is the primary source here.

@gopherbot gopherbot added this to the Unreleased milestone Mar 21, 2017

@rsc rsc changed the title x/tools/go/vcs: support private repos which require Authorization x/tools/go/vcs: refresh from cmd/go Jun 5, 2017

@rsc

This comment has been minimized.

Copy link
Contributor

rsc commented Jun 5, 2017

This just needs to be refreshed from the cmd/go master.

@mengzhuo

This comment has been minimized.

Copy link
Contributor

mengzhuo commented Jun 14, 2017

I think go get should respect .netrc file at least while fetching meta-data.
My company's code repos (derived from Gitlab) that only authorized user access any URL.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.