wiki: add page on using private repositories (e.g., on-prem GitLab, private github.com repos, etc.) #29953
Comments
|
Seems reasonable to me. Every week I see someone having issues with modules and on-site git servers on the #modules slack channel. |
|
I would probably title the page |
|
why go modules use HTTP(s) to download repos instead of ssh? tools like |
|
I wish it would be possible to specify in |
|
@thepudds suggested to add an example of what I'd like to have and how it could be useful. here's an excerpt from one of our previous Our company uses a GHE instance with ssh authentication - both humans and CI setups. With So my wish - likely both belated and unrealistic - would be to have a place in |
bcmills
added
the
NeedsFix
bcmills
changed the title
|
Good discussion of some of the issues and compares a few alternative solutions: |
|
#25792 is older AWS CodeCommit vgo bug, and includes final comment:
|
|
Another recent blog post on using modules with private git repositories that steps through the details of some alternatives: |
|
Any update on this? |
|
The solution that worked for me was to set the environmental variable: |
can also run |
|
If this happens, I'm happy to write a section on how to set up an Athens server for private modules |
|
Any info on what configuration to use to resolve BitBucket Cloud private repositories? |
|
Using both
EDIT: It works only when you provide key without password |
|
@gudvinr You can use |
@ionling SSH agent passthrough works only for BuildKit-enabled builds and somewhat experimental. It didn't work for me either but docker-related questions aren't related to this topic so that's where I end this conversation. |
|
This would be very helpful. I can't seem to get go to pass the creds in my .netrc file when performing go get. Very frustrating trying to figure it out. |
|
Another (seemingly) broken use-case: AWS Codecommit private repos. It almost works, but not quite. From various references, I've set the And set the This scenario fails: |
|
This seems still broken in Go 1.17.4 for private Gitlab projects, which have subgroups, i.e. gitlab.com/org/team/tools/mytool.go |
Yup. A total nightmare to deal with... |
|
I have contacted our GitLab enterprise support to reopen: https://gitlab.com/gitlab-org/gitlab-foss/-/issues/30785 |
Weird behavior encountered on GitLab's subgroups in private mode. After investigation, it turns out that GitLab conceils the existence of the nested project when unauthenticated: https://gitlab.com/gitlab-org/gitlab-foss/-/blob/master/lib/gitlab/middleware/go.rb#L114-126. The current behavior of the library is to rely on the `git ls-remote -q` command when the path contains a `.git`, which relies on gitcredentials for auth. The exact behavior is detailed in this comment: golang/go#26232 (comment) Interesting link regrouping all Go private repo issues: golang/go#29953 Signed-off-by: grouville <guillaume@dagger.io>
Weird behavior encountered on GitLab's subgroups in private mode. After investigation, it turns out that GitLab conceils the existence of the nested project when unauthenticated: https://gitlab.com/gitlab-org/gitlab-foss/-/blob/master/lib/gitlab/middleware/go.rb#L114-126. The current behavior of the library is to rely on the `git ls-remote -q` command when the path contains a `.git`, which relies on gitcredentials for auth. The exact behavior is detailed in this comment: golang/go#26232 (comment) Interesting link regrouping all Go private repo issues: golang/go#29953 Signed-off-by: grouville <guillaume@dagger.io>
Weird behavior encountered on GitLab's subgroups in private mode. After investigation, it turns out that GitLab conceils the existence of the nested project when unauthenticated: https://gitlab.com/gitlab-org/gitlab-foss/-/blob/master/lib/gitlab/middleware/go.rb#L114-126. The current behavior of the library is to rely on the `git ls-remote -q` command when the path contains a `.git`, which relies on gitcredentials for auth. The exact behavior is detailed in this comment: golang/go#26232 (comment) Interesting link regrouping all Go private repo issues: golang/go#29953 Signed-off-by: grouville <guillaume@dagger.io>
Weird behavior encountered on GitLab's subgroups in private mode. After investigation, it turns out that GitLab conceils the existence of the nested project when unauthenticated: https://gitlab.com/gitlab-org/gitlab-foss/-/blob/master/lib/gitlab/middleware/go.rb#L114-126. The current behavior of the library is to rely on the `git ls-remote -q` command when the path contains a `.git`, which relies on gitcredentials for auth. The exact behavior is detailed in this comment: golang/go#26232 (comment) Interesting link regrouping all Go private repo issues: golang/go#29953 Signed-off-by: grouville <guillaume@dagger.io>
Weird behavior encountered on GitLab's subgroups in private mode. After investigation, it turns out that GitLab conceils the existence of the nested project when unauthenticated: https://gitlab.com/gitlab-org/gitlab-foss/-/blob/master/lib/gitlab/middleware/go.rb#L114-126. The current behavior of the library is to rely on the `git ls-remote -q` command when the path contains a `.git`, which relies on gitcredentials for auth. The exact behavior is detailed in this comment: golang/go#26232 (comment) Interesting link regrouping all Go private repo issues: golang/go#29953 Signed-off-by: grouville <guillaume@dagger.io>
Consider adding a new wiki page on using Go with private repositories such as on-prem GitLab, on-prem GitHub, on-prem bitbucket, private github.com repos, etc.
This seems to be a fairly frequent source of confusion, and often it is when someone is new or somewhat new to Go, which means it both impacts early impressions of Go, as well as means someone at that point in time is less versed in Go overall (e.g., it is more challenging to work through how to set up something like an on-prem GitLab instance if someone is asking "what is an import path?" at more or less the same time).
It also comes up in the context of modules (because of a different error with modules, or because someone initially assumes they are seeing a module-specific issue, etc.). I would wager that at this point in time, a private repo problem that is reported in the context of modules the majority of the time ends up not actually being a module-specific issue (at least as of 1.11), but there are also module-specific aspects such as how to have an internal corporate mirror via the
replacedirective, etc.Part of the current complexity comes from the fact that it is a moving target with products like GitLab and GitHub Enterprise improving over time (or in some cases, having new bugs), which also means currently people can end up talking past each other in terms of a specific solution if they are on different versions. A similar piece of current complexity is that sometimes a solution described for GitHub Enterprise also works for GitLab and other solutions, but sometimes that is not the case.
Having a wiki page could help on all of those fronts, including helping to draft off of community experience. It might also cut down on people reinventing solutions from scratch. I personally would not expect this type of material to be in the core Go documentation, nor would I expect the core Go team to be experts in something like on-prem GitLab.
I am not sure of the best title, but perhaps "Private Repositories", or "Working with Private Repositories"?
Some current material
Some older items
Some sample community commentary
The first four are taken from here (including as an example of people sharing different solutions that don't always work for the original reporter). The remainder are from various other discussions.
CC @bcmills @andybons @myitcv @mvdan @dmitris @leitzler
The text was updated successfully, but these errors were encountered: