I just stumbled on this. I have a self-managed gitlab with private go modules that I use additionally with replace in go.mod. This also relies on a private GOPROXY because go doesn’t handle ssh://git@... but only straight https.
Maybe for the above topic (regardless of the aguably valid reasons stated above), one could start to actually offer a way to define GO* env vars in the build env that is run by e.g. buildGoModule?
What would be the most direct way to do this?
EDIT:
I played a bit with it (and read some of this issue as well),
and managed to make it work like this:
buildGoModule rec {
...
src = fetchGit {
url = "ssh://git@my.gitdomain.com:/mygoprog.git";
ref = "main";
};
vendorSha256 = "sha256-eemA0VQKgsrr0r5Y3NjM+8eDvLrpVUNNFHszhtjG4qw=";
# proxyVendor = true;
# vendorHash = null;
buildFlags = "-mod=mod";
preBuild = ''
GONOSUMDB="my.gitdomain.com/*,replaceddomain.com/*"
GOPROXY="http://192.168.1.114:3000,direct"
GOSUMDB="sum.golang.org"
export GONOSUMDB GOPROXY GOSUMDB
'';
...
}
This additionally requires buix-build --options sandbox false because the build isn’t allowed access to the go proxy otherwise. So hardly an acceptable idiomatic UX. But this must be solvable because the “vendor fetch” step also connects, so the options must probably rather be set there?