3

I am trying to build docker image for go app that is using different go packages from different private gitlab repos. When I was doing it on my local machine, I had to add the following commands in order to make it work;

git config --global url.git@gitlab.com:.insteadOf https://gitlab.com/
export GOPRIVATE=*gitlab*

In this case, my ssh key will be used and it worked fine.

Now, I want to do the same thing when building a Docker image but without using ssh keys so I though of using deployment token (the token has access for all repos in the gitlab group).

dockerfile:

FROM golang:1.14 AS builder

...

ARG USER
ARG KEY

RUN git config --global url."https://${USER}:${KEY}@gitlab.com/".insteadOf "https://gitlab.com/"
RUN export GOPRIVATE=*gitlab*

apparently, this didn't work and I become the following error: 

Fatal: could not read Username for 'https://gitlab.com': terminal prompts disabled

Can you please share your ideas on how I could make it work using deployment tokens?

Kingindanord
  • 1,754
  • 2
  • 19
  • 48
  • are `${USER}` and `${KEY}` set as build-args during build ? – invad0r Apr 19 '20 at 17:42
  • yes, I build it like this: ```docker build --build-arg USER=$GITLAB_DOCKER_USER --build-arg KEY=$GITLAB_DOCKER_KEY -t go-dns . ``` – Kingindanord Apr 19 '20 at 17:43
  • is `GIT_TERMINAL_PROMPT` set ? see https://stackoverflow.com/a/38237165/2087704 – invad0r Apr 19 '20 at 17:47
  • yes, like this ```RUN export GIT_TERMINAL_PROMPT=1``` – Kingindanord Apr 19 '20 at 17:51
  • What does `RUN git config credential.helper` returns on `docker build`? – VonC Apr 19 '20 at 18:44
  • @VonC I am getting an error ```Step 8/24 : RUN git config credential.helper ---> Running in 956bb736901d The command '/bin/sh -c git config credential.helper' returned a non-zero code: 1``` – Kingindanord Apr 19 '20 at 18:48
  • @Kingindanord Sorry, try `RUN git config --global credential.helper` – VonC Apr 19 '20 at 18:53
  • @VonC same result ```Step 8/23 : RUN git config --global credential.helper ---> Running in 5412c2440f1e The command '/bin/sh -c git config --global credential.helper' returned a non-zero code: 1``` – Kingindanord Apr 19 '20 at 18:56

2 Answers2

4

As workaround, I clone the repo(s) manually and then edit go mod file

RUN git clone https://${USER}:${KEY}@gitlab.com/mygroup/myproject
RUN go mod init gitlab.com/mygroup/go-dns
RUN go mod edit -replace=gitlab.com/mygroup/myproject=./myproject
Kingindanord
  • 1,754
  • 2
  • 19
  • 48
0

In my scenario the issue with this error message:

fatal: could not read Username for 'https://gitlab.com': terminal prompts disabled

Despite me having:

  1. configured correctly SSH keys for GitLab / Git,
  2. and invoked globally git config --global url."git@gitlab.com:".insteadOf "https://gitlab.com/"

was that:

  • the go command for some reason clones some repositories (not all repositories) at "root path" /tmp/...,
  • but the Git global config refers to the $HOME directory.

The solution for me was to add as prefix the GOPRIVATE env var to the `go command like this:

GOPRIVATE=gitlab.com/my-org-name go mod download

Bear in mind that despite not having setup a GOPATH env var, my recent Go installation has a GOPATH setup by default that I can see from go env which points at $HOME/go/, see the different output from the env command and the go env command here:

$ env | grep GOPATH
$ go env | grep -i path
GOPATH="/home/<<MY_USER>>/go"

This above means that commands like go mod download start pulling repos from GitLab and store them in various places:

  1. your local Go module (as expected),
  2. this "special" go env based default GOPATH pointing at /home/<<MY_USER>>/go
  3. this even "more special" path /tmp/...

This weird combination of paths might be part of the issue when not using GOPRIVATE

TPPZ
  • 4,447
  • 10
  • 61
  • 106