Setting up private go modules it’s not a pain provided you don’t mind leaking a bit of information.
Let’s just read the modules reference and see if they mention my use case: a private github repository which I want to use as a module.
Lucky enough the Private modules section describes the possible solutions and how to choose one by setting some environment variables.
Provided that I am fine with with https://proxy.golang.org knowing which modules I want to download how do I set up authentication so that I can get a module from a private github repository?
The section Direct access to private modules describes this use case. For my
github.com/edoput namespace I want to fall back to a direct connection using git to fetch the module’s code. This will happen whenever the proxy will return a 404 or 410 HTTP status code, e.g. for my unpublished modules and private repositories.
But direct connection still needs to authenticate against github because I want to be able to use all my repositories, not only my public ones.
Luckily the section Passing credentials to private repositories describes just that. As the
go tool fetches the repositories using
git (or other VCS tools) you can either specify your token/password in their configuration or rely on the
.netrc file having an entry for github.com.
At the end of the day it was super easy setting up everything. After creating a personal access token you can paste it in the password field of your
~/.netrc file and it will be picked up by git.
The next step is remembering to set up the
GOPRIVATE environment variable so that
go will actually use
those credentials when connecting directly to github.com.
Not setting the
GOPRIVATE environment variable will have the consequence of
go talking to the module proxy so you may leak to a third party the full module path.