Skip to content

How to configure for gomod dependencies in gitlab subgroups.

We're wondering how if there is support for packages in subgroups for the gomod ecosystem. Currently we've installed dependabot using helm with the gitlab access token set.

During the execution on one of our projects it returns the following error for internal go packages that are in a gitlab subgroup:

[2021-10-08 11:25:05 +0000 tid=1b1d class=DependencyUpdateJob] ERROR: [group1]/[project]=>gomod] module [our.domain.name]/[group2]/[subgroup]/[package]/v2: git ls-remote -q origin in /home/dependabot/go/pkg/mod/cache/vcs/e24177e82ae344e15ee18cd6ef4e576cffa1fadbcee399cfefb2746ae0eecb0c: exit status 128:
	remote: The project you were looking for could not be found or you don't have permission to view it.
	fatal: repository 'https://[our.domain.name]/[group2]/[subgroup].git/' not found

It seems like it tries to access the subgroup as a git repository which is not possible AFAIK.

It does resolve internal packages that are not in a subgroup:

[2021-10-08 11:24:53 +0000 tid=1b1d class=DependencyUpdateJob] INFO: [[group1]/[project]=>gomod] Fetching info for [our.domain.name]/[group3]/[somepackage]
[2021-10-08 11:24:53 +0000 tid=1b1d class=DependencyUpdateJob] INFO: [[group1]/[project]=>gomod]   [our.domain.name]/[group3]/[somepackage]: [version] is up to date

Thanks in advance for your response.