Support SSH for go get #5711

New Issue

GiteaMirror · 2025-11-02T06:33:45-06:00

GiteaMirror commented

2025-11-02 06:33:45 -06:00

Originally created by @skaldesh on GitHub (Jul 8, 2020).

Gitea version (or commit ref): 1.12.1 built with GNU Make 4.2.1, go1.14.4 : bindata, sqlite, sqlite_unlock_notify
Git version: 2.24.3
Operating system: Arch Linux
Database (use [x]):
- PostgreSQL
- MySQL
- MSSQL
- SQLite
Can you reproduce the bug at https://try.gitea.io:
- Yes (provide example URL)
- No
- Not relevant
Log gist:

Description

We have a private gitea repository containing a go module. When we want to go get git.company.com/organization/private, gitea returns only the HTTPS link of the repository, not the SSH one.
To reproduce, one can simply open a link in the browser: https://git.company.com/organization/private?go-get=1
and examine the returned HTML:

<!DOCTYPE html>
<html>
<head>
<meta name="go-import" content="git.company.com/organization/private git https://git.company.com/organization/private.git">
<meta name="go-source" content="git.company.com/organization/private _ https://git.company.com/organization/private/src/branch/master{/dir} https://git.company.com/organization/private/src/branch/master{/dir}/{file}#L{line}">
</head>
<body cz-shortcut-listen="true">
go get git.company.com/organization/private
</body>
</html>

Here are the relevant source code locations:

templates/base/head.tmpl:	<meta name="go-import" content="{{.GoGetImport}} git {{.CloneLink.HTTPS}}">
modules/context/repo.go:	ctx.PlainText(200, []byte(com.Expand(`<meta name="go-import" content="{GoGetImport} git {CloneLink}">`,
modules/context/context.go:		<meta name="go-import" content="{GoGetImport} git {CloneLink}">

One can see in these files/lines that only the HTTPS path is ever returned. We expected that this can be at least configured to either return the SSH or HTTPS one. When disabling HTTPS for the repo, the returned links still stayed the same.

Originally created by @skaldesh on GitHub (Jul 8, 2020).   - Gitea version (or commit ref): 1.12.1 built with GNU Make 4.2.1, go1.14.4 : bindata, sqlite, sqlite_unlock_notify - Git version: 2.24.3 - Operating system: Arch Linux - Database (use `[x]`): - [ ] PostgreSQL - [ ] MySQL - [ ] MSSQL - [x] SQLite - Can you reproduce the bug at https://try.gitea.io: - [ ] Yes (provide example URL) - [ ] No - [x] Not relevant - Log gist: ## Description We have a private gitea repository containing a go module. When we want to `go get git.company.com/organization/private`, gitea returns only the HTTPS link of the repository, not the SSH one. To reproduce, one can simply open a link in the browser: `https://git.company.com/organization/private?go-get=1` and examine the returned HTML: ```html <!DOCTYPE html> <html> <head> <meta name="go-import" content="git.company.com/organization/private git https://git.company.com/organization/private.git"> <meta name="go-source" content="git.company.com/organization/private _ https://git.company.com/organization/private/src/branch/master{/dir} https://git.company.com/organization/private/src/branch/master{/dir}/{file}#L{line}"> </head> <body cz-shortcut-listen="true"> go get git.company.com/organization/private </body> </html> ``` Here are the relevant source code locations: ``` templates/base/head.tmpl: <meta name="go-import" content="{{.GoGetImport}} git {{.CloneLink.HTTPS}}"> modules/context/repo.go: ctx.PlainText(200, []byte(com.Expand(`<meta name="go-import" content="{GoGetImport} git {CloneLink}">`, modules/context/context.go: <meta name="go-import" content="{GoGetImport} git {CloneLink}"> ``` One can see in these files/lines that only the HTTPS path is ever returned. We expected that this can be at least configured to either return the SSH or HTTPS one. When disabling HTTPS for the repo, the returned links still stayed the same.

GiteaMirror added the issue/confirmed type/enhancement labels 2025-11-02 06:33:45 -06:00

GiteaMirror closed this issue

2025-11-02 06:33:45 -06:00

GiteaMirror commented

2025-11-02 06:33:45 -06:00

@lunny commented on GitHub (Jul 9, 2020):

I don't think go get support SSH protocol.

@lunny commented on GitHub (Jul 9, 2020): I don't think `go get` support SSH protocol.

GiteaMirror commented

2025-11-02 06:33:46 -06:00

@r0l1 commented on GitHub (Jul 9, 2020):

It does. We use it in production. The meta tag should look as following:

<meta name="go-import" content="git.company.com/organization/private git ssh://git@git.company.com/organization/private">

When a version control system supports multiple protocols, each is tried in turn when downloading. For example, a Git download tries https://, then git+ssh://.

https://golang.org/cmd/go/#hdr-Remote_import_paths

@r0l1 commented on GitHub (Jul 9, 2020): It does. We use it in production. The meta tag should look as following: ```html <meta name="go-import" content="git.company.com/organization/private git ssh://git@git.company.com/organization/private"> ``` > When a version control system supports multiple protocols, each is tried in turn when downloading. For example, a Git download tries https://, then git+ssh://. https://golang.org/cmd/go/#hdr-Remote_import_paths

GiteaMirror commented

2025-11-02 06:33:46 -06:00

@lunny commented on GitHub (Jul 9, 2020):

It does. We use it in production. The meta tag should look as following:
<meta name="go-import" content="git.company.com/organization/private git ssh://git@git.company.com/organization/private">
When a version control system supports multiple protocols, each is tried in turn when downloading. For example, a Git download tries https://, then git+ssh://.

https://golang.org/cmd/go/#hdr-Remote_import_paths

Interesting! Thanks for the information.

@lunny commented on GitHub (Jul 9, 2020): > It does. We use it in production. The meta tag should look as following: > > ``` > <meta name="go-import" content="git.company.com/organization/private git ssh://git@git.company.com/organization/private"> > ``` > > > When a version control system supports multiple protocols, each is tried in turn when downloading. For example, a Git download tries https://, then git+ssh://. > > https://golang.org/cmd/go/#hdr-Remote_import_paths Interesting! Thanks for the information.

GiteaMirror commented

2025-11-02 06:33:46 -06:00

@r0l1 commented on GitHub (Jul 9, 2020):

It's quite useful for private internal git modules :)

@r0l1 commented on GitHub (Jul 9, 2020): It's quite useful for private internal git modules :)

GiteaMirror commented

2025-11-02 06:33:46 -06:00

@zeripath commented on GitHub (Jul 11, 2020):

OK looking at: 95e1ea4598/src/cmd/go/internal/get/discovery.go (L36-L64)

I think we could even have a second go-import tag which would save yet another setting...

@zeripath commented on GitHub (Jul 11, 2020): OK looking at: https://github.com/golang/go/blob/95e1ea4598175a3461f40d00ce47a51e5fa6e5ea/src/cmd/go/internal/get/discovery.go#L36-L64 I think we could even have a second go-import tag which would save yet another setting...

GiteaMirror commented

2025-11-02 06:33:46 -06:00

@zeripath commented on GitHub (Jul 11, 2020):

Actually looking on - I think that might not work:

8cb865c919/src/cmd/go/internal/get/vcs.go (L815)

8cb865c919/src/cmd/go/internal/get/vcs.go (L979-982)

Sigh.

@zeripath commented on GitHub (Jul 11, 2020): Actually looking on - I think that might not work: https://github.com/golang/go/blob/8cb865c9197f0f383b0bde48e37faea7b7a2451d/src/cmd/go/internal/get/vcs.go#L815 https://github.com/golang/go/blob/8cb865c9197f0f383b0bde48e37faea7b7a2451d/src/cmd/go/internal/get/vcs.go#L979-982 Sigh.

GiteaMirror commented

2025-11-02 06:33:47 -06:00

@zeripath commented on GitHub (Jul 12, 2020):

OK I think this is going to need (yet) another setting. The ideal would be a global setting and a per repository setting.

Simply because every time we do this we're causing a change of schema - I think we need a generic settings system and I'm opening an issue for that.

@zeripath commented on GitHub (Jul 12, 2020): OK I think this is going to need (yet) another setting. The ideal would be a global setting and a per repository setting. Simply because every time we do this we're causing a change of schema - I think we need a generic settings system and I'm opening an issue for that.

GiteaMirror commented

2025-11-02 06:33:47 -06:00

@stale[bot] commented on GitHub (Sep 11, 2020):

This issue has been automatically marked as stale because it has not had recent activity. I am here to help clear issues left open even if solved or waiting for more insight. This issue will be closed if no further activity occurs during the next 2 weeks. If the issue is still valid just add a comment to keep it alive. Thank you for your contributions.

@stale[bot] commented on GitHub (Sep 11, 2020): This issue has been automatically marked as stale because it has not had recent activity. I am here to help clear issues left open even if solved or waiting for more insight. This issue will be closed if no further activity occurs during the next 2 weeks. If the issue is still valid just add a comment to keep it alive. Thank you for your contributions.

GiteaMirror commented

2025-11-02 06:33:47 -06:00

@mei-rune commented on GitHub (May 11, 2023):

Why don't you solve this, this is very useful for private repositories

HTTPS access requires a username and password, while SSH is not required

In my Jenkins I can only use git, not https, because I can't type in usernames and passwords

为什么这个不解决呢，这个对私有仓库很有用啊

https 访问方式，需要用户名和密码，而 git 可以不用

在我的 jenkins 中我只能用 git，不能用 https，因为我不可能去输用户名和密码啊

@mei-rune commented on GitHub (May 11, 2023): Why don't you solve this, this is very useful for private repositories HTTPS access requires a username and password, while SSH is not required In my Jenkins I can only use git, not https, because I can't type in usernames and passwords 为什么这个不解决呢，这个对私有仓库很有用啊 https 访问方式，需要用户名和密码，而 git 可以不用在我的 jenkins 中我只能用 git，不能用 https，因为我不可能去输用户名和密码啊

GiteaMirror commented

2025-11-02 06:33:47 -06:00

@wxiaoguang commented on GitHub (May 11, 2023):

Here is : https://github.com/go-gitea/gitea/blob/main/CODE_OF_CONDUCT.md

Before asking "Why don't you solve this", please ask: could you write some code to help the open-source projects?

Complaining doesn't help anything. Being constructive and respectful

@wxiaoguang commented on GitHub (May 11, 2023): Here is : https://github.com/go-gitea/gitea/blob/main/CODE_OF_CONDUCT.md Before asking "Why don't you solve this", please ask: could you write some code to help the open-source projects? Complaining doesn't help anything. Being constructive and respectful

GiteaMirror commented

2025-11-02 06:33:48 -06:00

@mei-rune commented on GitHub (May 11, 2023):

@wxiaoguang 你说的很对，我来解决这个问题

@mei-rune commented on GitHub (May 11, 2023): @wxiaoguang 你说的很对，我来解决这个问题

GiteaMirror commented

2025-11-02 06:33:48 -06:00

@mei-rune commented on GitHub (May 11, 2023):

I send a pull request for this;

补丁好不好不说，反正我提供了

@mei-rune commented on GitHub (May 11, 2023): I send a pull request for this; 补丁好不好不说，反正我提供了

GiteaMirror commented

2025-11-02 06:33:48 -06:00

@wxiaoguang commented on GitHub (May 11, 2023):

Awesome, thank you very much. I did a quick review, I think the PR is high quality.

Before approving, there are only a few nits (I can vote my approval, it needs at least 2 approvals to be merged, other maintainers will also review)

@wxiaoguang commented on GitHub (May 11, 2023): Awesome, thank you very much. I did a quick review, I think the PR is high quality. Before approving, there are only a few nits (I can vote my approval, it needs at least 2 approvals to be merged, other maintainers will also review)

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/gitea#5711