Skip to content
Latchkey

Go private module 410/auth failure (GOPRIVATE) - Fix in CI

Public proxies and the sum DB cannot fetch or verify private modules. Without GOPRIVATE and git credentials, Go tries the public path and gets a 410 or an auth error.

What this error means

A build fails fetching github.com/yourorg/private-lib with a 410 Gone from the proxy or terminal prompts disabled/could not read Username. It means CI tried the public proxy or could not authenticate to the private repo.

go
go: github.com/yourorg/private-lib@v0.3.0: reading https://proxy.golang.org/.../v0.3.0.info: 410 Gone
fatal: could not read Username for 'https://github.com': terminal prompts disabled

Common causes

GOPRIVATE not set

Without GOPRIVATE the private path goes through the public proxy and sum DB, which return 410 because they cannot see it.

No git credentials in CI

The runner has no token configured for the private host, so the direct git fetch cannot authenticate.

How to fix it

Set GOPRIVATE and skip the proxy

  1. List your private module prefixes in GOPRIVATE so Go bypasses the proxy and sum DB.
.github/workflows/ci.yml
export GOPRIVATE=github.com/yourorg/*
export GONOSUMDB=github.com/yourorg/*

Inject git credentials

  1. Rewrite the host to use a token so the direct fetch authenticates.
.github/workflows/ci.yml
git config --global url."https://x-access-token:${{ secrets.GH_TOKEN }}@github.com/".insteadOf "https://github.com/"

How to prevent it

  • Set GOPRIVATE for every private module prefix in CI.
  • Provide a least-privilege token for private fetches.
  • Avoid routing private modules through the public proxy.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →