无法使用雅典(Go 模块代理)对私有模块进行身份验证
[英]Failed to authenticate to private module with Athens (Go module proxy)
问题描述
I was testing Athens with docker in my local, trying to setup the authentication so that Athens is able to access to company's private module.
我在本地使用 docker 测试雅典,尝试设置身份验证,以便雅典能够访问公司的私有模块。 I followed the guide here and the command go get github.com/SomeCompany/someprivatemodule successfully pulled the latest version of that lib to my local.我按照这里的指南和命令go get github.com/SomeCompany/someprivatemodule成功将该库的最新版本拉到我的本地。 But there's something weird.但有一点很奇怪。
- Those config files (.gitconfig, .ssh/config and.ssh/id_rsa) didn't make that command work.那些配置文件(.gitconfig、.ssh/config 和.ssh/id_rsa)并没有使该命令起作用。 Instead, the .netrc file, consisting of my GitHub token, makes it work.相反,由我的 GitHub 令牌组成的 .netrc 文件使其工作。 I've tried to run the docker image without mounting those config files and the command still works;我尝试在不安装这些配置文件的情况下运行 docker 映像,并且该命令仍然有效; However, if I removed ~/.netrc in my local, the
go getcommand fails.但是,如果我在本地删除 ~/.netrc,则go get命令会失败。 It seems go get is still depending on local config instead of Athens.似乎 go get 仍然取决于本地配置而不是雅典。
go get command fails when .netrc removed删除 .netrc 时 go 获取命令失败
- The
go getcommand does pull the private module from GitHub.go get命令确实从 GitHub 中拉出私有模块。 However, under ATHENS_DISK_STORAGE_ROOT , I can only find those public modules that github.com/SomeCompany/someprivatemodule depends on, and those private modules can only be found under GOPATH /pkg/mod.但是,在ATHENS_DISK_STORAGE_ROOT下,我只能找到github.com/SomeCompany/someprivatemodule所依赖的那些公共模块,而那些私有模块只能在GOPATH /pkg/mod 下找到。 Isn't Athens supposed to download the private module to ATHENS_DISK_STORAGE_ROOT , so that once GitHub/gitlab is down, users can still download those private modules from Athens?雅典不应该将私有模块下载到ATHENS_DISK_STORAGE_ROOT ,这样一旦 GitHub/gitlab 关闭,用户仍然可以从雅典下载这些私有模块吗?
Missing private module in Athens dir雅典目录中缺少私有模块
Here is my setup:这是我的设置:
GOPROXY=127.0.0.1:3000, which is the exposed port of Athens. GOPRIVATE="github.com/SomeCompany"
GONOPROXY="github.com/SomeCompany"
GONOSUMDB="github.com/SomeCompany"
~/.netrc ~/.netrc
machine github.com login some_personal_access_token
.gitconfig .gitconfig
[url "ssh://git@github.com/"]
insteadOf = https://github.com/
[url "ssh://git@gitlab.com/"]
insteadOf = https://gitlab.com/
.ssh/config .ssh/配置
Host github.com
Hostname github.com
StrictHostKeyChecking no
IdentityFile /root/.ssh/id_rsa
command of running docker image docker镜像运行命令
docker run -d -v $ATHENS_STORAGE:/var/lib/athens -e ATHENS_DISK_STORAGE_ROOT=/var/lib/athens -e ATHENS_STORAGE_TYPE=disk -v $PWD/.gitconfig:/root/.gitconfig -v @PWD/.ssh:/root/.ssh --name athens-proxy --restart always -p 3000:3000 gomods/athens:v0.11.0
1st edit第一次编辑
By setting GOPRIVATE to empty, GONOPROXY and GONOSUMDB get unset automatically.通过将 GOPRIVATE 设置为空,GONOPROXY 和 GONOSUMDB 会自动取消设置。 And I tried to rerun the docker with original setup, I got the 404 error:我尝试使用原始设置重新运行 docker,但出现 404 错误:
404 error in my terminal我的终端出现 404 错误
Docker log: Docker 日志:
INFO[2:35PM]: Exporter not specified. Traces won't be exported
2021-05-29 14:35:11.957339 I | Starting application at port :3000
INFO[2:35PM]: exit status 1: go list -m: github.com/SomeCompany@latest: invalid github.com/ import path "github.com/SomeCompany"
http-method=GET http-path=/github.com/SomeCompany/@v/list kind=Not Found module= operation=download.ListHandler ops=[download.ListHandler pool.List protocol.List vcsLister.List] request-id=3660faa3-256f-43fb-9937-f29565e7afa9 version=
INFO[2:35PM]: incoming request http-method=GET http-path=/github.com/SomeCompany/@v/list http-status=404 request-id=3660faa3-256f-43fb-9937-f29565e7afa9
INFO[2:35PM]: exit status 1: go list -m: github.com@latest: unrecognized import path "github.com": parse https://github.com/?go-get=1: no go-import meta tags ()
http-method=GET http-path=/github.com/@v/list kind=Not Found module= operation=download.ListHandler ops=[download.ListHandler pool.List protocol.List vcsLister.List] request-id=4d6659d2-710d-445f-b07f-7407aa4f2e3e version=
INFO[2:35PM]: incoming request http-method=GET http-path=/github.com/@v/list http-status=404 request-id=4d6659d2-710d-445f-b07f-7407aa4f2e3e
INFO[2:35PM]: incoming request http-method=GET http-path=/github.com/SomeCompany/someprivatemodule/@v/list http-status=200 request-id=e8d95d77-81dc-46fe-9523-e35f6dc8201f
DEBUG[2:35PM]: saving github.com/SomeCompany/someprivatemodule@v1.0.5 to storage... http-method=GET http-path=/github.com/SomeCompany/someprivatemodule/@v/v1.0.5.info request-id=24964b9c-b0b2-450a-bd9a-9d59f60a5c52
INFO[2:35PM]: github.com/SomeCompany/someprivatemodule@v1.0.5/go.mod: verifying module: github.com/SomeCompany/someprivatemodule@v1.0.5/go.mod: reading https://sum.golang.org/lookup/github.com/SomeCompany/someprivatemodule@v1.0.5: 410 Gone
server response: not found: github.com/SomeCompany/someprivatermodule@v1.0.5: invalid version: unknown revision v1.0.5 http-method=GET http-path=/github.com/SomeCompany/someprivatemodule/@v/v1.0.5.info kind=Not Found module=github.com/SomeCompany/someprivatemodule operation=download.InfoHandler ops=[download.InfoHandler pool.Info protocol.Info protocol.processDownload stash.Pool stasher.Stash stasher.fetchModule goGetFetcher.Fetch module.downloadModule] request-id=24964b9c-b0b2-450a-bd9a-9d59f60a5c52 version=v1.0.5
INFO[2:35PM]: incoming request http-method=GET http-path=/github.com/SomeCompany/someprivatemodule/@v/v1.0.5.info http-status=404 request-id=24964b9c-b0b2-450a-bd9a-9d59f60a5c52
It seems Athens tries to find packages from sum.golang.org.雅典似乎试图从 sum.golang.org 找到包。 So I tried to mount .netrc file with proper credentials and set ATHENS_NETRC_PATH.所以我尝试使用正确的凭据挂载 .netrc 文件并设置 ATHENS_NETRC_PATH。 This still gives me same error.这仍然给我同样的错误。
Another fact: with v0.11.0, I couldn't download anything with go get.另一个事实:使用 v0.11.0,我无法使用 go get 下载任何内容。 However, with v0.2.0 version of Athens docker image, I was able to download part of the modules.但是,使用雅典 docker 映像的 v0.2.0 版本,我能够下载部分模块。 The docker log (v0.2.0) is shown below: docker 日志(v0.2.0)如下所示:
buffalo: Unless you set SESSION_SECRET env variable, your session storage is not protected!
time="2021-05-29T19:39:20Z" level=info msg="Exporter not specified. Traces won't be exported"
buffalo: Starting application at :3000
time="2021-05-29T19:39:26Z" level=error msg="exit status 1: go list -m github.com/SomeCompany: invalid github.com/ import path \"github.com/SomeCompany\"\n" http-method=GET http-path="/github.com/SomeCompany/@v/list/" http-url="/github.com/SomeCompany/@v/list/" kind="Internal Server Error" module= operation=download.ListHandler ops="[download.ListHandler pool.List protocol.List vcsLister.List]" version=
handler: GET /github.com/SomeCompany/@v/list/ [500]
time="2021-05-29T19:39:26Z" level=error msg="exit status 1: go list -m github.com: unrecognized import path \"github.com\" (parse https://github.com?go-get=1: no go-import meta tags ())\n" http-method=GET http-path=/github.com/@v/list/ http-url=/github.com/@v/list/ kind="Internal Server Error" module= operation=download.ListHandler ops="[download.ListHandler pool.List protocol.List vcsLister.List]" version=
handler: GET /github.com/@v/list/ [500]
handler: GET /github.com/SomeCompany/someprivatemodule/@v/list/ [200]
time="2021-05-29T19:39:26Z" level=error msg="exit status 1: go: finding github.com/SomeCompany/someprivatemodule/somefile latest\ngo list -m github.com/SomeCompany/someprivatemodule/somefile: no matching versions for query \"latest\"\n" http-method=GET http-path="/github.com/SomeCompany/someprivatemodule/somefile/@v/list/" http-url="/github.com/SomeCompany/someprivatemodule/somefile/@v/list/" kind="Internal Server Error" module= operation=download.ListHandler ops="[download.ListHandler pool.List protocol.List vcsLister.List]" version=
handler: GET /github.com/SomeCompany/someprivatemodule/ratelimit/@v/list/ [500]
handler: GET /github.com/SomeCompany/someprivatemodule/@v/v1.0.5.info [200]
handler: GET /github.com/SomeCompany/someprivatemodule/@v/v1.0.5.mod [200]
handler: GET /github.com/SomeCompany/someprivatemodule/@v/v1.0.5.zip [200]
And apparently this still won't work cuz its missing part of the module.显然这仍然行不通,因为它缺少模块的一部分。
Edit: Solved by adding GONOSUM_PATTERNS编辑:通过添加 GONOSUM_PATTERNS 解决
1 个解决方案
解决方案1
0 2021-05-29 07:45:34
I just tried Athens a bit.我只是尝试了一下雅典。 It serves as a Go module cache.它用作 Go 模块缓存。 When you start athens and set GOPROXY=127.0.0.1:3000, the go get command would try to get modules using the sequence below:当您启动 athens 并设置 GOPROXY=127.0.0.1:3000 时,go get 命令将尝试使用以下顺序获取模块:
- check GOPATH/pkg/mod检查 GOPATH/pkg/mod
- request from GOPROXY来自 GOPROXY 的请求
Here your GOPROXY is athens server, thus your local go get will send request to athens.这里您的 GOPROXY 是雅典服务器,因此您的本地 go 获取将向雅典发送请求。 Then athens will check if the module is in ATHENS_DISK_STORAGE_ROOT;然后 athens 会检查模块是否在 ATHENS_DISK_STORAGE_ROOT; if not, get the proxy from github.com or wherever it should be.如果没有,请从 github.com 或任何应有的位置获取代理。
You can try to walkthrough the process.您可以尝试演练该过程。
As for your questions,至于你的问题,
I notice that you set github.com/SomeCompany in your GONOPROXY, thus all modules in this repository will not use GOPROXY, and athens will not work as well.我注意到您在github.com/SomeCompany中设置了 github.com/SomeCompany,因此此存储库中的所有模块都不会使用 GOPROXY,并且 athens 也无法正常工作。
That's why in Question1, your .netrc is used;这就是在 Question1 中使用您的 .netrc 的原因; and in Question2, only the modules that github.com/SomeCompany/someprivatemodule depends on is downloaded from athens, but the module itself is not.而在Question2中,只有github.com/SomeCompany/someprivatemodule所依赖的模块是从athens下载的,而模块本身不是。
Remove the GONOPROXY and try again, see what's happening.移除 GONOPROXY 并重试,看看发生了什么。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.