-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Updating go.sum fails when a dependency is not resolvable with GOPROXY=direct #7233
Comments
We should work out how to address this. First of all if our go.sum updating fails then we should detect that and add a failing status check to the PR so that it can't be automerged. I don't have my head around the proxy part though. Our "direct" approach means we bypass the proxy when we run? Do you think we should have a different default or just allow it to be configurable? |
I wasn't too familiar with the Go proxy either before investigating this issue. I found the documentation at https://proxy.golang.org/ and https://golang.org/cmd/go/#hdr-Module_downloading_and_verification as well as the output of According to the documentation "proxy.golang.org is a module mirror which meets the spec provided at go help goproxy". In the FAQ they state
When you specify In my specific case however, it appears that the module Since the module mirror has a cached copy of the module, the dependency can be fetched when |
Thanks for looking into it. First of all, I assume it's a risky idea to be using a module that has disappeared but is still cached, right? Just want to check that I understand the situation. I don't recall exactly why we set GOPROXY to direct, but I thought it was because private module resolution was failing. Is it possible that the first release didn't support the concept of falling back to direct? The default value of |
@moorara @acmcelwee do you have any recommendation here? |
I agree that it's risky to use a module that cannot be resolved directly anymore, and would take steps to avoid this for direct dependencies. However, I don't have direct control over what dependencies the Kubernetes project (kubectl in this case) uses.
Apparently, private module resolution used to not work with GOPROXY not set to direct, but since go1.13 GOPROXY can be set to a comma-separated list of values, and there's a GOPRIVATE environment variable which can be set to a comma-separated list of globs for any private packages you might use. For example
If I understand https://golang.org/cmd/go/#hdr-Module_configuration_for_non_public_modules and https://golang.org/cmd/go/#hdr-Module_authentication_failures correctly, keeping In any case I would think that exposing the whole Go proxy configuration would make sense, especially for self-hosted Renovate instances, as corporations may run their own internal Go proxies. |
If I have read our logic right, we pass the value of For self-hosted users I think this means it will use their In the hosted app, It seems we could possibly resolve this issue by rebuilding our @viceice what do you think? |
Sounds good |
Should the linked change be rolled out by now? I got another failing PR (projectsyn/boatswain#45), which was originally created approximately 14 hours ago, but a retry just now still yields the same failure as originally observed: From the renovate job #229113091 logs:
|
It seems we didn't succeed rebuilding all images before GitHub Actions ran out of space. Retrying manually now. |
We should now have them all rebuilt. Can you click the retry/rebase option and see if there's any change? |
Triggered a retry in projectsyn/boatswain#45. Will report back when the job has completed. |
Looks good now, thanks for the fast resolution 👍 |
What Renovate type, platform and version are you using?
Hosted app, on GitHub (github.com/projectsyn/boatswain).
Describe the bug
When dependencies of a Go project directly or indirectly reference a package which is not resolvable without the default
GOPROXY
settings (GOPROXY="https://proxy.golang.org,direct"
), Renovate fails to updatego.sum
becausego get -d ./...
fails with a name resolution error.Feel free to disregard this bug report, if this behavior is intended. I would appreciate a pointer to any workarounds if that's the case though.
Relevant debug logs
To Reproduce
Currently happens in github.com/projectsyn/boatswain (e.g. projectsyn/boatswain#41).
Unfortunately the PRs get automerged anyway, since the tests (which leave
GOPROXY
with its default value) pass.Minimal example can also be found at https://github.com/simu/go-renovate-example. In the mean time, Renovate has also generated the same error as observed for projectsyn/boatswain: https://github.com/simu/go-renovate-example/pull/1
Additional context
I spent some time playing around with the docker command that can be seen failing in the Renovate debug logs. After reading up on
go get
, and seeing thatGOPROXY
is set todirect
in the Docker image, I found that adding-e GOPROXY=https://proxy.golang.org,direct
to the docker command resolves the issue.The issue started appearing ~12 days ago (PRs projectsyn/boatswain#32 and projectsyn/boatswain#33).
The text was updated successfully, but these errors were encountered: