Private Go module lookup fails in versions >41.66-full even with GOPRIVATE set #37624
Replies: 5 comments 5 replies
-
|
The logs show that Renovate correctly detects the Go module import path via GONOPROXY, but when resolving versions it queries the GitLab API with a truncated path (group/project instead of group/project/libs/lib-a). This mismatch results in 404 errors during tag lookup. |
Beta Was this translation helpful? Give feedback.
-
|
the root cause of this issue is due to #37647, renovate does not use the go get tool itself |
Beta Was this translation helpful? Give feedback.
-
|
Pretty sure this is a result of #36963. Version A similar change has previously been reverted (#31055) because it caused this (similar) issue, as discussed in #30886. Related issue: #28540 |
Beta Was this translation helpful? Give feedback.
-
|
Would be keen to understand this a bit better, so I can try to reproduce. In the example above, am I right to assume you've got this structure in gitlab? What does your renovate config look like? I've not been able to dig into this fully yet however my guess is it might be to do with how gitlab handles authenticated / unauthenticated go-get requests. E.g. I setup this structure in gitlab which unauthenticated returns: curl 'https://gitlab.com/tmptest1/group/tmp?go-get=1'
# <html><head><meta name="go-import" content="gitlab.com/tmptest1/group git https://gitlab.com/tmptest1/group.git"></head><body>go get gitlab.com/tmptest1/group</body></html>go get gitlab.com/tmptest1/group but authenticated returns: go get gitlab.com/tmptest1/group/tmp If that's the root cause then adding a hostRule to the config should resolve it |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for looking into this in more detail. The structure in my case is exactly like this: where app-x is the actual repository containing the code. Regarding the configuration: I have platform = "gitlab" with token-based authentication enabled. For Go specifically, I haven’t added any special settings in the Renovate config. What I do set are the Go-related environment variables (GOPRIVATE, GONOPROXY, etc.) in the Docker image This configuration works without any issues on Renovate version 41.66, where it successfully resolves both private and public libraries. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
How are you running Renovate?
Self-hosted Renovate
If you're self-hosting Renovate, tell us which platform (GitHub, GitLab, etc) and which version of Renovate.
GitLab
Please tell us more about your question or problem
Hello,
since upgrading to Renovate Docker images >41.66-full (tested with 41.76-full), Renovate fails to resolve private Go modules hosted in our internal GitLab/Artifactory repositories.
Even when GOPRIVATE, GONOPROXY, and GONOSUMDB are explicitly set, the resolution fails. This differs from 41.66-full, where private modules were resolved correctly.
The behavior appears misleading with Go 1.25: Go itself honors the env vars, but in Renovate containers >41.66-full, private modules cannot be fetched anymore, suggesting the problem is likely related to the image environment or how Renovate invokes Go commands internally.
Logs (if relevant)
Logs
Beta Was this translation helpful? Give feedback.
All reactions