From bc9b88be63d95edbff141567a3b0f37e5fa2a883 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 29 May 2019 12:19:18 +0300 Subject: [PATCH] Using static NGINX_GPGKEY value --- web-nginx-mysql/ubuntu/Dockerfile | 15 ++++++++++++--- web-nginx-pgsql/ubuntu/Dockerfile | 15 ++++++++++++--- zabbix-appliance/ubuntu/Dockerfile | 15 ++++++++++++--- 3 files changed, 36 insertions(+), 9 deletions(-) diff --git a/web-nginx-mysql/ubuntu/Dockerfile b/web-nginx-mysql/ubuntu/Dockerfile index be0b337bb..45ac03589 100644 --- a/web-nginx-mysql/ubuntu/Dockerfile +++ b/web-nginx-mysql/ubuntu/Dockerfile @@ -36,10 +36,19 @@ RUN apt-get ${APT_FLAGS_COMMON} update && \ mkdir -p /etc/zabbix/web && \ chown --quiet -R zabbix:root /etc/zabbix && \ apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} install \ - wget && \ + NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ + found=''; \ + for server in \ + ha.pool.sks-keyservers.net \ + hkp://keyserver.ubuntu.com:80 \ + hkp://p80.pool.sks-keyservers.net:80 \ + pgp.mit.edu \ + ; do \ + echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ + apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ + done; \ + test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ DISTRIB_CODENAME=$(/bin/bash -c 'source /etc/lsb-release && echo $DISTRIB_CODENAME') && \ - wget -q https://nginx.org/keys/nginx_signing.key -O- | apt-key add - && \ echo "deb http://nginx.org/packages/ubuntu/ $DISTRIB_CODENAME nginx" >> /etc/apt/sources.list.d/nginx.list && \ apt-get ${APT_FLAGS_COMMON} update && \ DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ diff --git a/web-nginx-pgsql/ubuntu/Dockerfile b/web-nginx-pgsql/ubuntu/Dockerfile index 19065a7e6..c6dacf38b 100644 --- a/web-nginx-pgsql/ubuntu/Dockerfile +++ b/web-nginx-pgsql/ubuntu/Dockerfile @@ -36,10 +36,19 @@ RUN apt-get ${APT_FLAGS_COMMON} update && \ mkdir -p /etc/zabbix/web && \ chown --quiet -R zabbix:root /etc/zabbix && \ apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} install \ - wget && \ + NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ + found=''; \ + for server in \ + ha.pool.sks-keyservers.net \ + hkp://keyserver.ubuntu.com:80 \ + hkp://p80.pool.sks-keyservers.net:80 \ + pgp.mit.edu \ + ; do \ + echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ + apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ + done; \ + test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ DISTRIB_CODENAME=$(/bin/bash -c 'source /etc/lsb-release && echo $DISTRIB_CODENAME') && \ - wget -q https://nginx.org/keys/nginx_signing.key -O- | apt-key add - && \ echo "deb http://nginx.org/packages/ubuntu/ $DISTRIB_CODENAME nginx" >> /etc/apt/sources.list.d/nginx.list && \ apt-get ${APT_FLAGS_COMMON} update && \ DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \ diff --git a/zabbix-appliance/ubuntu/Dockerfile b/zabbix-appliance/ubuntu/Dockerfile index 506256cfc..3dc6a2837 100644 --- a/zabbix-appliance/ubuntu/Dockerfile +++ b/zabbix-appliance/ubuntu/Dockerfile @@ -153,10 +153,19 @@ RUN apt-get ${APT_FLAGS_COMMON} update && \ chown --quiet -R zabbix:root /var/lib/zabbix && \ mkdir -p /usr/share/doc/zabbix-${ZBX_TYPE}-${ZBX_DB_TYPE}/ && \ apt-get ${APT_FLAGS_COMMON} update && \ - DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_COMMON} install \ - wget && \ + NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ + found=''; \ + for server in \ + ha.pool.sks-keyservers.net \ + hkp://keyserver.ubuntu.com:80 \ + hkp://p80.pool.sks-keyservers.net:80 \ + pgp.mit.edu \ + ; do \ + echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ + apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ + done; \ + test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ DISTRIB_CODENAME=$(/bin/bash -c 'source /etc/lsb-release && echo $DISTRIB_CODENAME') && \ - wget -q https://nginx.org/keys/nginx_signing.key -O- | apt-key add - && \ echo "deb http://nginx.org/packages/ubuntu/ $DISTRIB_CODENAME nginx" >> /etc/apt/sources.list.d/nginx.list && \ apt-get ${APT_FLAGS_COMMON} update && \ DEBIAN_FRONTEND=noninteractive apt-get ${APT_FLAGS_PERSISTENT} install \