将GOINSECURE设置为启用,以便从Github下载软件包时使用HTTP。

huangapple go评论122阅读模式
英文:

GOINSECURE to enable http downlaods on packages from Github

问题

我正在开发一个命令行应用程序,以便在工作中自动化一些繁琐的任务。为了做到这一点,我需要安装一些包,比如 gotp。我注意到在将这个新包安装到我的项目中时,出现了以下错误。

go get github.com/xlzd/gotp
go: module github.com/xlzd/gotp: Get "https://proxy.golang.org/github.com/xlzd/gotp/@v/list": x509: certificate signed by unknown authority

我猜这与我的工作电脑的防火墙或安全配置有关,因为在我的电脑上启用防火墙之前,我能够安装一些包。我了解到环境变量 GOINSECURE 可以使 go get 在下载包时使用 HTTP。所以这是我在我的情况下所做的。

export GOINSECURE="proxy.golang.org/*,github.com,github.com/*"

仍然出现相同的错误,请问我的配置有什么问题吗?

英文:

I'm developing a CLI app at work in order to automate a couple tedious tasks, to do this I need to install a couple packages like gotp. I noticed that installing this new package into my project this error pops up.

go get github.com/xlzd/gotp
go: module github.com/xlzd/gotp: Get "https://proxy.golang.org/github.com/xlzd/gotp/@v/list": x509: certificate signed by unknown authority

I suppose this has something to do with my work PC's firewall or security configuration, since I was able to install a couple packages before the firewall was enabled on my PC. I read about the environment variable GOINSECURE which would enable go get to download packages over HTTP. So here's what I've done in my case.

export GOINSECURE="proxy.golang.org/*,github.com,github.com/*"

Still the same error pops up, am I missing something in my configuration?

答案1

得分: 4

我在安装内部包时也遇到了这个错误,解决方法是选择适当的代理,我将我的GOPROXY更改为内部代理站点地址,并将GOPRIVATEGONOPROXYGONOSUMDB设置为null值。
在你的情况下,你可以尝试以下操作:

GOINSECURE="proxy.golang.org/*,github.com,github.com/*"
GONOSUMDB="proxy.golang.org/*,github.com,github.com/*"
GOPRIVATE="proxy.golang.org/*,github.com,github.com/*"
英文:

I also encountered this error when I installed internal package, the solution is selected proper proxy, I change my GOPROXY to internal proxy site address, and made GOPRIVATE, GONOPROXY, GONOSUMDB to null value.
In your case, you may attempt

GOINSECURE="proxy.golang.org/*,github.com,github.com/*"
GONOSUMDB="proxy.golang.org/*,github.com,github.com/*"
GOPRIVATE="proxy.golang.org/*,github.com,github.com/*"

答案2

得分: 1

我在尝试在运行在Windows上的Docker桌面中的Ubuntu22容器内使用bash shell时遇到了困难,这是在公司网络中进行的。

我想执行以下操作:

go get github.com/Masterminds/sprig

但是一直遇到x509错误:

go get github.com/Masterminds/sprig
go: github.com/Masterminds/goutils@v1.1.1: 获取"https://proxy.golang.org/github.com/%21masterminds/goutils/@v/v1.1.1.mod"时出错: x509: 由未知机构签名的证书
  1. go get --insecure 已经被弃用,不再起作用

  2. export GOINSECURE=github.com 一开始没有起作用

  3. 看起来更多是使用 GOINSECURE 结合以下命令:

    git config --global http.sslverify false

一旦将 sslVerify 设置为 false,它就可以进一步执行了。

所以我不断迭代执行 go get github.com/Masterminds/sprig,每次都能进一步执行...调用另一个URL(可能是一个包的依赖项)

go get github.com/Masterminds/sprig
go: golang.org/x/crypto@v0.0.0-20211108221036-ceb1ce70b4fa: 无法识别的导入路径 "golang.org/x/crypto": https获取: 获取"https://golang.org/x/cr
ypto?go-get=1"时出错: x509: 由未知机构签名的证书

每次我都将URL添加到 GOINSECURE 中,例如:

export GOINSECURE=github.com,golang.org

go get github.com/Masterminds/sprig
go: sigs.k8s.io/yaml@v1.2.0: 无法识别的导入路径 "sigs.k8s.io/yaml": https获取: 获取"https://sigs.k8s.io/yaml?go-get=1"时出错: x509: 由未知机构签名的证书

export GOINSECURE=github.com,golang.org,sigs.k8s.io

直到最终下载完成为止:

go get github.com/Masterminds/sprig
go: 正在下载 github.com/Masterminds/sprig v2.22.0+incompatible
go: 正在下载 github.com/Masterminds/goutils v1.1.1
go: 正在下载 github.com/Masterminds/semver v1.5.0
go: 正在下载 github.com/google/uuid v1.3.0
go: 正在下载 github.com/huandu/xstrings v1.3.2
go: 正在下载 github.com/imdario/mergo v0.3.12
go: 正在下载 github.com/mitchellh/copystructure v1.2.0
go: 正在下载 golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa
go: 正在下载 github.com/mitchellh/reflectwalk v1.0.2
""/bin/go build prehelm.go
go: 正在下载 sigs.k8s.io/yaml v1.2.0
go: 正在下载 gopkg.in/yaml.v2 v2.3.0

希望这有所帮助,简而言之:

  1. 确保你执行了 git config --global http.sslverify false
  2. 逐个将站点添加到 GOINSECURE= 中,直到完成。
  3. 或者,但不太安全,你可以添加 export GOINSECURE=*
英文:

I struggled with this when trying to use go inside a bash shell in a ubuntu22 container running inside docker desktop for windows on a corporate network.

I want to do

go get github.com/Masterminds/sprig

But kept getting x509 errors

go get github.com/Masterminds/sprig
go: github.com/Masterminds/goutils@v1.1.1: Get "https://proxy.golang.org/github.com/%21masterminds/goutils/@v/v1.1.1.mod": x509: certificate signed by unknown authority
  1. go get --insecure is indeed deprecated and don't work any more

  2. export GOINSECURE=github.com didn't work at first

  3. it seemed to be more a combination of using GOINSECURE with

    git config --global http.sslverify false

One I'd set this sslVerify to false, it got further..

so I kept iterating the go get github.com/Masterminds/sprig and each time it got further.. calling out another url (probably a package dependency)

go get github.com/Masterminds/sprig
go: golang.org/x/crypto@v0.0.0-20211108221036-ceb1ce70b4fa: unrecognized import path "golang.org/x/crypto": https fetch: Get "https://golang.org/x/cr
ypto?go-get=1": x509: certificate signed by unknown authority

each time I added the url to the GOINSECURE i.e.

export GOINSECURE=github.com,golang.org

go get github.com/Masterminds/sprig
go: sigs.k8s.io/yaml@v1.2.0: unrecognized import path "sigs.k8s.io/yaml": https fetch: Get "https://sigs.k8s.io/yaml?go-get=1": x509: certificate sig
ned by unknown authority

export GOINSECURE=github.com,golang.org,sigs.k8s.io

Until ultimately everything was downloaded

go get github.com/Masterminds/sprig
go: downloading github.com/Masterminds/sprig v2.22.0+incompatible
go: downloading github.com/Masterminds/goutils v1.1.1
go: downloading github.com/Masterminds/semver v1.5.0
go: downloading github.com/google/uuid v1.3.0
go: downloading github.com/huandu/xstrings v1.3.2
go: downloading github.com/imdario/mergo v0.3.12
go: downloading github.com/mitchellh/copystructure v1.2.0
go: downloading golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa
go: downloading github.com/mitchellh/reflectwalk v1.0.2
""/bin/go build prehelm.go
go: downloading sigs.k8s.io/yaml v1.2.0
go: downloading gopkg.in/yaml.v2 v2.3.0

I hope that helps, in short

  1. ensure you have git config --global http.sslverify false
  2. add the sites to you GOINSECURE= one by one until done.
  3. Alternatively but less secure you can add export GOINSECURE=*

huangapple
  • 本文由 发表于 2022年3月26日 05:54:15
  • 转载请务必保留本文链接:https://go.coder-hub.com/71623508.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定