从Dockerfile构建并获取“由于公共密钥不可用,因此无法验证以下签名:NO_PUBKEY”

编程问答 2022-08-16

问题描述

我正在尝试使用启动以下代码的Dockerfile构建供本地使用的PHP 5.3 / Apache:

FROM PHP:5.3-apache

RUN apt-get update && \
    apt-get install -y \
    libfreetype6-dev \
    libjpeg62-turbo-dev \
    libmcrypt-dev \
    libpng-dev

但是当“阅读包裹清单”时,我得到了:

W: GPG error: http://security.debian.org jessie/updates InRelease: The following signatures Couldn't be verified because the public key is not available: NO_PUBKEY 9D6D8F6BC857C906 NO_PUBKEY AA8E81B4331F7F50
W: GPG error: http://http.debian.net jessie-updates InRelease: The following signatures Couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010
W: GPG error: http://http.debian.net jessie Release: The following signatures Couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010

阅读this page后,我尝试在第一行之后添加

RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys AA8E81B4331F7F50 && \
    apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010

但是出现此错误

W: There is no public key available for the following key IDs:
9D6D8F6BC857C906
W: Failed to fetch http://http.debian.net/debian/dists/jessie/Release.gpg  Connection Failed [IP: 130.89.148.77 80]

几乎不了解Ubuntu vs Debian,我尝试了相同的尝试,但是用keyring.debian.org代替了keyserver.ubuntu.com,并得到了:

gpgkeys: key AA8E81B4331F7F50 can't be retrieved
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

another question中,我尝试了此操作:

RUN apt-get update && \
    apt-get install -y --no-install-recommends \
    apt-transport-https \
    ca-certificates
RUN apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys AA8E81B4331F7F50
RUN apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 7638D0442B90D010

但是会收到与最初相同的GPG错误

我现在对如何进行感到困惑。 (我知道PHP 5.3已经非常过时了,但不幸的是我不能更改它。)

解决方法

经过多次尝试和错误后,我发现仅执行此操作而不安装先前安装的apt-transport-https ca-certificates似乎可以解决问题:

RUN apt-key adv --keyserver hkp://pool.sks-keyservers.net:80 --recv-keys AA8E81B4331F7F50 && \
    apt-key adv --keyserver hkp://pool.sks-keyservers.net:80 --recv-keys 7638D0442B90D010

我确实收到此错误,但是它不会出现,不会影响任何事情,并且安装继续进行:

W: There is no public key available for the following key IDs:
9D6D8F6BC857C906
,

http://forums.debian.net/viewtopic.php?f=10&t=141778开始,一种解决方案是

gpg --recv-keys AA8E81B4331F7F50
gpg --export AA8E81B4331F7F50| apt-key add -

Dockerfile可能如下所示:

FROM php:5.3-apache

RUN for key in AA8E81B4331F7F50 7638D0442B90D010 9D6D8F6BC857C906; do \
        gpg --recv-keys "$key" \
        && gpg --export "$key" | apt-key add - ; \
    done

RUN apt-get update && \
    apt-get install -y \
        libfreetype6-dev \
        libjpeg62-turbo-dev \
        libmcrypt-dev \
        libpng-dev
docker