Private modules with Go mod

If you have hit an error in your build like:

fatal: could not read Username for 'https://source.example.com': terminal prompts disabled
Makefile:36: recipe for target 'build' failed
make: *** [build] Error 1
The command '/bin/sh -c make build' returned a non-zero code: 2

Despite having GOPRIVATE="source.example.com" etc set, it's probably because you expected:

git config url."https://gitlab-ci-token:${CI_BUILD_TOKEN}@source.example.com".insteadOf "https://source.example.com"

... to work in your Docker build. It won't because the git config is missing the --global switch to fetch other private git repos. That means you need an ARG CI_BUILD_TOKEN in your Dockerfile and well STOP. Don't do that!

Use go vendor

Don't be afraid to commit that vendor/ directory into your sources. Use export GOFLAGS=-mod=vendor in your Makefile.

When you (the developer) go get -u, it will rely on your local ~/.gitconfig to have the correct credentials to fetch the private module source.

Don't rely on your CI to actually fetch the networked dependencies.

Reduce complexity! Save time.

Other advantages to using mod=vendor

As argued on golang/go/issues/27227

Some nice to haves that are missing from 1.13

Found any of my content interesting or useful?