Add M1.

.goreleaser.yaml

@@ -12,13 +12,19 @@ builds:
     goos:
       - linux
       - darwin
+    goarch:
+      - arm64
+      - amd64
+      - 386
     main: ./cmd/gomodproxy/main.go
 archives:
   - replacements:
       darwin: Darwin
       linux: Linux
+      windows: Windows
       386: i386
       amd64: x86_64
+      arm64: Arm64
 checksum:
   name_template: 'checksums.txt'
 snapshot:

cmd/gomodproxy/main.go

@@ -137,7 +137,8 @@ func main() {
 		if len(kv) != 2 {
 			log.Fatal("bad git path:", path)
 		}
-		options = append(options, api.GitWithEphemeralTags(kv[0], kv[1]))
+		password := os.Getenv("SSH_PASSPHRASE")
+		options = append(options, api.GitWithEphemeralTags(kv[0], kv[1], password))
 	}
 
 	for _, path := range vcsPaths {

pkg/api/api.go

@@ -74,9 +74,9 @@ func GitDir(dir string) Option { return func(api *api) { api.gitdir = dir } }
 // Git configures API to use a specific git client when trying to download a
 // repository with the given prefix. Auth string can be a path to the SSK key,
 // or a colon-separated username:password string.
-func Git(prefix string, auth string) Option {
-	a := vcs.Key(auth)
-	if creds := strings.SplitN(auth, ":", 2); len(creds) == 2 {
+func Git(prefix, key, password string) Option {
+	a := vcs.Key(key, password)
+	if creds := strings.SplitN(key, ":", 2); len(creds) == 2 {
 		a = vcs.Password(creds[0], creds[1])
 	}
 	return func(api *api) {
@@ -92,12 +92,13 @@ func Git(prefix string, auth string) Option {
 // GitWithEphemeralTags configures API to use a specific git client when trying
 // to download a repository with the given prefix. Auth string can be a path to
 // the SSK key, or a colon-separated username:password string.
-func GitWithEphemeralTags(prefix string, auth string) Option {
-
+func GitWithEphemeralTags(prefix, key, password string) Option {
+	// TODO(bilus): Ugly but we don't want to mess with the : encoding so
+	// we'll work around the issue of having to pass a passphrase
+	// to decrypt a key.
 	storage := vcs.NewEphemeralTagStorage()
-
-	a := vcs.Key(auth)
-	if creds := strings.SplitN(auth, ":", 2); len(creds) == 2 {
+	a := vcs.Key(key, password)
+	if creds := strings.SplitN(key, ":", 2); len(creds) == 2 {
 		a = vcs.Password(creds[0], creds[1])
 	}
 	return func(api *api) {

pkg/vcs/git.go

@@ -34,6 +34,8 @@ type gitVCS struct {
 	auth   Auth
 }
 
+var ErrNoMatchingVersion = errors.New("no matching versions")
+
 // NewGit return a go-git VCS client implementation that provides information
 // about the specific module using the pgiven authentication mechanism.
 func NewGit(l logger, dir string, module string, auth Auth) VCS {
@@ -61,9 +63,8 @@ func (g *gitVCS) List(ctx context.Context) ([]Version, error) {
 	if err != nil {
 		return nil, err
 	}
-
 	list := []Version{}
-	var masterHash plumbing.Hash
+	masterHash := ""
 	tagPrefix := ""
 	if g.prefix != "" {
 		tagPrefix = g.prefix + "/"
@@ -71,18 +72,24 @@ func (g *gitVCS) List(ctx context.Context) ([]Version, error) {
 	for _, ref := range refs {
 		name := ref.Name()
 		if name == plumbing.Master {
-			masterHash = ref.Hash()
+			masterHash = ref.Hash().String()
 		} else if name.IsTag() && strings.HasPrefix(name.String(), "refs/tags/"+tagPrefix+"v") {
 			list = append(list, Version(strings.TrimPrefix(name.String(), "refs/tags/"+tagPrefix)))
 		}
 	}
 
 	if len(list) == 0 {
-		if masterHash.IsZero() {
+		if masterHash == "" {
 			return nil, errors.New("no tags and no master branch found")
 		}
 
-		masterCommit, err := repo.CommitObject(masterHash)
+		short := masterHash[:12]
+		version, err := g.versionFromHash(ctx, short)
+		if err != nil {
+			return nil, err
+		}
+
+		masterCommit, err := g.commit(ctx, version)
 		if err != nil {
 			return nil, err
 		}
@@ -92,23 +99,27 @@ func (g *gitVCS) List(ctx context.Context) ([]Version, error) {
 			return nil, err
 		}
 
+		// No tags while it's a module.
 		if g.isModule(tree) {
-			return nil, errors.New("no matching versions")
+			return nil, ErrNoMatchingVersion
 		}
 
-		hashStr := masterHash.String()
-		short := hashStr[:12]
-		t, err := g.Timestamp(ctx, Version("v0.0.0-20060102150405-"+short))
-		if err != nil {
-			return nil, err
-		}
-		list = []Version{Version(fmt.Sprintf("v0.0.0-%s-%s", t.Format("20060102150405"), short))}
+		list = []Version{version}
 	}
 
 	g.log("gitVCS.List", "module", g.module, "list", list)
 	return list, nil
 }
 
+func (g *gitVCS) versionFromHash(ctx context.Context, hash string) (Version, error) {
+	t, err := g.Timestamp(ctx, Version("v0.0.0-20060102150405-"+hash))
+	if err != nil {
+		return Version(""), err
+	}
+	v := Version(fmt.Sprintf("v0.0.0-%s-%s", t.Format("20060102150405"), hash))
+	return v, nil
+}
+
 func (g *gitVCS) isModule(tree *object.Tree) bool {
 	mod := "go.mod"
 	for path := g.prefix; path != "."; path = filepath.Dir(path) {
@@ -313,7 +324,7 @@ func (g *gitVCS) commit(ctx context.Context, version Version) (*object.Commit, e
 
 func (g *gitVCS) authMethod() (transport.AuthMethod, error) {
 	if g.auth.Key != "" {
-		return ssh.NewPublicKeysFromFile("git", g.auth.Key, "")
+		return ssh.NewPublicKeysFromFile("git", g.auth.Key, g.auth.Password)
 	} else if g.auth.Username != "" {
 		return &http.BasicAuth{Username: g.auth.Username, Password: g.auth.Password}, nil
 	}

pkg/vcs/tags.go

@@ -62,8 +62,20 @@ func NewGitWithEphemeralTags(l logger, dir string, module string, auth Auth, sto
 	}
 }
 
-func (v *taggableVCS) Tag(ctx context.Context, semVer Version, short string) error {
+func (v *taggableVCS) safeList(ctx context.Context) ([]Version, error) {
 	remoteVersions, err := v.wrapped.List(ctx)
+	if err != nil {
+		// Ignore this error, we can still count on ephemeral tags.
+		if err != ErrNoMatchingVersion {
+			return nil, err
+		}
+		v.wrapped.log("No remote version tags yet:", err)
+	}
+	return remoteVersions, nil
+}
+
+func (v *taggableVCS) Tag(ctx context.Context, semVer Version, short string) error {
+	remoteVersions, err := v.safeList(ctx)
 	if err != nil {
 		return err
 	}
@@ -74,11 +86,10 @@ func (v *taggableVCS) Tag(ctx context.Context, semVer Version, short string) err
 }
 
 func (v *taggableVCS) List(ctx context.Context) ([]Version, error) {
-	remoteVersions, err := v.wrapped.List(ctx)
+	remoteVersions, err := v.safeList(ctx)
 	if err != nil {
 		return nil, err
 	}
-
 	tags := v.storage.tags(v.module)
 	// Remote versions win.
 	return appendEphemeralVersion(remoteVersions, tags...), nil
@@ -124,14 +135,7 @@ func (v *taggableVCS) Zip(ctx context.Context, version Version) (io.ReadCloser,
 func (v *taggableVCS) resolveVersion(ctx context.Context, version Version) (Version, error) {
 	for _, tag := range v.storage.tags(v.module) {
 		if tag.semVer == version {
-			// TODO(bilus): Duplicated in git.go.
-			t, err := v.wrapped.Timestamp(ctx, Version("v0.0.0-20060102150405-"+tag.short))
-			if err != nil {
-				return Version(""), err
-			}
-			version2 := Version(fmt.Sprintf("v0.0.0-%s-%s", t.Format("20060102150405"), tag.short))
-
-			return version2, nil
+			return v.wrapped.versionFromHash(ctx, tag.short)
 		}
 	}
 	return version, nil

pkg/vcs/vcs.go

@@ -61,4 +61,4 @@ func NoAuth() Auth { return Auth{} }
 func Password(username, password string) Auth { return Auth{Username: username, Password: password} }
 
 // Key returns an Auth implementation that uses key file authentication mechanism.
-func Key(key string) Auth { return Auth{Key: key} }
+func Key(key, password string) Auth { return Auth{Key: key, Password: password} }