Problems with ssh transport and golang.org services
448 views
Skip to first unread message
SuperTXT Team
Mar 30, 2023, 1:04:49 PM3/30/23
to golang-dev
Hello Everyone,
I tried asking about this on the golang-nuts group, but there weren't any replies.
I'm
maintaining an internet site that hosts Go-based tools/libraries.
They're served using the git ssh protocol, not https. There is a subset
of the site that works via https, so the module proxy protocol is
implemented. https://pkg.go.dev/cmd/go#hdr-Module_proxy_protocol
When requested of the site the meta tag is provided with an ssh URL that is cloneable. However, when I try to "go install" a cli tool from there it fails with this error:
go: downloading supertxt.net/git/cats v0.1.0
go: supertxt.net/git/cats@latest: supertxt.net/git/ca...@v0.1.0: verifying module: supertxt.net/git/ca...@v0.1.0: reading https://sum.golang.org/lookup/supertxt.net/git/ca...@v0.1.0: 404 Not Found
server response:
not found: supertxt.net/git/ca...@v0.1.0: invalid version: git ls-remote -q origin in /tmp/gopath/pkg/mod/cache/vcs/5036be04affce43ea67c463aac9d1c179b6e55c9f8d713eadbb0f442f8bbb14f: exit status 128:
fatal: transport 'ssh' not allowed
When requested of the site the meta tag is provided with an ssh URL that is cloneable. However, when I try to "go install" a cli tool from there it fails with this error:
go: downloading supertxt.net/git/cats v0.1.0
go: supertxt.net/git/cats@latest: supertxt.net/git/ca...@v0.1.0: verifying module: supertxt.net/git/ca...@v0.1.0: reading https://sum.golang.org/lookup/supertxt.net/git/ca...@v0.1.0: 404 Not Found
server response:
not found: supertxt.net/git/ca...@v0.1.0: invalid version: git ls-remote -q origin in /tmp/gopath/pkg/mod/cache/vcs/5036be04affce43ea67c463aac9d1c179b6e55c9f8d713eadbb0f442f8bbb14f: exit status 128:
fatal: transport 'ssh' not allowed
If
I disable the sum function with GOSUMDB=off then this all works as
expected. I notice a similar error when I try to register the module
with proxy.golang.org as well, in an effort to have the package added to the pkg.go.dev site.
It appears that while the module proxy protocol supports git ssh protocol, it isn't working with the *.golang.org sites. Does anyone know if this is a known limitation, or should this be raised as a bug? I couldn't find anything in the documentation for registering a package with pkg.go.dev that says that it wouldn't work.
It appears that while the module proxy protocol supports git ssh protocol, it isn't working with the *.golang.org sites. Does anyone know if this is a known limitation, or should this be raised as a bug? I couldn't find anything in the documentation for registering a package with pkg.go.dev that says that it wouldn't work.
Thanks!
Hyang-Ah Hana Kim
Mar 31, 2023, 4:17:56 PM3/31/23
to SuperTXT Team, golang-dev
Hi,
- Hana
Even though the go command supports both https:// and git+ssh:// protocols,
proxy.golang.org and sum.golang.org supports only https:// transport.
Even if the service supported git+ssh:// transport, it won't be able to fetch
the source from your repo due to the host key check.
Thanks for asking the question. We will improve our documentation
and include this detail in the proxy.golang.org service documentation.
Thanks!
proxy.golang.org and sum.golang.org supports only https:// transport.
Even if the service supported git+ssh:// transport, it won't be able to fetch
the source from your repo due to the host key check.
Thanks for asking the question. We will improve our documentation
and include this detail in the proxy.golang.org service documentation.
Thanks!
- Hana
--
You received this message because you are subscribed to the Google Groups "golang-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to golang-dev+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/golang-dev/77ca635c-0311-454a-a768-bc02aba91830n%40googlegroups.com.
__
Reply all
Reply to author
Forward
0 new messages