I guess there may be some private (sic) use of it out of nixpkgs. Maybe a mention of the alternative in 20.03 release note would be good.

probably more correct, would be make an alias of builtins.fetchgit

@adisbladis So I just learned that this removal happened, I used fetchgitPrivate in combination with buildGoPackage like this:

  buildGoPackage = pkgs.buildGoPackage.override {
    go = pkgs.go_1_13;
    fetchgit = pkgs.fetchgitPrivate;
  };

like this and it allowed me to use nix with packages that had private repos, any idea how I can do that without it? If there's a way to do it with buildGoModule that would be even better.

@takeda

  buildGoPackage = pkgs.buildGoPackage.override {
    go = pkgs.go_1_13;
    fetchgit = builtins.fetchGit;
  };

@jonringer I tried it, but unfortunately that doesn't work.

fetchGit doesn't expect sha256 parameter, when I write a wrapper that that removes that parameter I also need to rewrite that rev parameter is mapped to ref. But then there is an issue because I need to distinguish between hash and a tag. With a tag it supposed to be "refs/tags/${x.rev}" (example of repo: github.com/BurntSushi/toml rev v0.3.1), the problem though is when hash is given I need to provide that hash supposed to be provided as rev parameter, which makes things more complex. To make things worse, hashes generated by vgo2nix are short (I guess because go.mod only stores short version), but builtins.fetchGit expects the entire length. Example of repo: github.com/PagerDuty/go-pagerduty rev 94ee1c55dbdb.

This is where I'm right now.

pkgs.fetchgitPrivate was a drop in replacement and just worked without issues.

your package might be private, but the dependencies should be public (unless go implemented private repo references that I'm unaware of (I don't mess much with go)). just use builtins.fetchGit on the src of your private go package, instead of editing how all go packages are built

Go internally uses git for fetching. There are two ways to make it work with private repos:

One way (most convenient) to make it work with private repo is to add this to the ~/.gitconfig configuration:

[url "ssh://git@github.com/"]
        insteadOf = https://github.com/

Then it will fall back to ssh and be able to access all private repos.

(this is also how fetchgitPrivate was working by passing ssh-agent socket)

Another way is to create .netrc file (I see that's what fetchFromGithub supports now) but it requires to generate a token and it is not as straight forward.

beyond me, sorry ;(

Would this be a good reason to restore fetchgitPrivate?

Alternatively is there a way for builtins.fetchGit have a wrapper that could be a drop-in replacement for fetchgit? Or (maybe even better) fetchgit use builtins.fetchGit? In last case that would make fetchgit and fetchFromGithub automatically work with private repos.

As a side note, I use fetchgitPrivate as much as possible. Because:

• building on remote server with fast connection,
• suffers low-speed Wi-Fi,
• fetchGit is slow since cloning and uploading some big and frequently changing repositories takes extra time.

I wish we could have fetch and build remotely with local ssh keys...

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/why-doesnt-fetchfromgithub-support-submodules-with-private/6600/3