From 438f30e62c5cc4d183d77a53c99fd6d4890ace7b Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 2 Jun 2022 01:14:48 +0300 Subject: [PATCH] Fixed apt-key deprecation warnings for Ubuntu web images --- Dockerfiles/web-nginx-mysql/ubuntu/Dockerfile | 22 ++++++++----------- Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile | 22 ++++++++----------- 2 files changed, 18 insertions(+), 26 deletions(-) diff --git a/Dockerfiles/web-nginx-mysql/ubuntu/Dockerfile b/Dockerfiles/web-nginx-mysql/ubuntu/Dockerfile index 35b5e2b0d..17e73e170 100644 --- a/Dockerfiles/web-nginx-mysql/ubuntu/Dockerfile +++ b/Dockerfiles/web-nginx-mysql/ubuntu/Dockerfile @@ -48,25 +48,21 @@ RUN set -eux && \ INSTALL_TEMP_PKGS="gpg \ ca-certificates \ dirmngr \ + curl \ gpg-agent" && \ apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y \ --no-install-recommends install \ ${INSTALL_TEMP_PKGS} && \ - NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ - found=''; \ - for server in \ - ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ - pgp.mit.edu \ - ; do \ - echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ - apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ - done; \ - test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ + GNUPGHOME="$(mktemp -d)"; export GNUPGHOME && \ + curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor > /etc/apt/trusted.gpg.d/nginx.gpg && \ + gpg --dry-run --quiet --import --import-options import-show /etc/apt/trusted.gpg.d/nginx.gpg && \ DISTRIB_CODENAME=$(/bin/bash -c 'source /etc/lsb-release && echo $DISTRIB_CODENAME') && \ - echo "deb https://nginx.org/packages/ubuntu/ $DISTRIB_CODENAME nginx" >> /etc/apt/sources.list.d/nginx.list && \ + echo "deb http://nginx.org/packages/ubuntu $DISTRIB_CODENAME nginx" > /etc/apt/sources.list.d/nginx.list && \ + echo "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" \ + > /etc/apt/preferences.d/99nginx && \ + gpgconf --kill all && \ + rm -rf "$GNUPGHOME" && \ apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y \ -o Dpkg::Options::="--force-confdef" \ diff --git a/Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile b/Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile index 843d55da4..7319f4746 100644 --- a/Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile +++ b/Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile @@ -48,25 +48,21 @@ RUN set -eux && \ INSTALL_TEMP_PKGS="gpg \ ca-certificates \ dirmngr \ + curl \ gpg-agent" && \ apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y \ --no-install-recommends install \ ${INSTALL_TEMP_PKGS} && \ - NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ - found=''; \ - for server in \ - ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ - pgp.mit.edu \ - ; do \ - echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ - apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ - done; \ - test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ + GNUPGHOME="$(mktemp -d)"; export GNUPGHOME && \ + curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor > /etc/apt/trusted.gpg.d/nginx.gpg && \ + gpg --dry-run --quiet --import --import-options import-show /etc/apt/trusted.gpg.d/nginx.gpg && \ DISTRIB_CODENAME=$(/bin/bash -c 'source /etc/lsb-release && echo $DISTRIB_CODENAME') && \ - echo "deb https://nginx.org/packages/ubuntu/ $DISTRIB_CODENAME nginx" >> /etc/apt/sources.list.d/nginx.list && \ + echo "deb http://nginx.org/packages/ubuntu $DISTRIB_CODENAME nginx" > /etc/apt/sources.list.d/nginx.list && \ + echo "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" \ + > /etc/apt/preferences.d/99nginx && \ + gpgconf --kill all && \ + rm -rf "$GNUPGHOME" && \ apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y \ -o Dpkg::Options::="--force-confdef" \