I'm having an issue building a docker image from a dockerfile that used to work:
(My dockerfile has more steps, but this is enough to reproduce)
FROM gcr.io/deeplearning-platform-release/tf2-gpu.2-2
RUN apt-get update && \
apt-get install --no-install-recommends -y libsndfile-dev
ENTRYPOINT ["ls", "-l"]
When running docker build, I get the following errors (in step 2):
W: GPG error: http://packages.cloud.google.com/apt gcsfuse-bionic InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY [some key] NO_PUBKEY [some key]
E: The repository 'http://packages.cloud.google.com/apt gcsfuse-bionic InRelease' is not signed.
W: GPG error: http://packages.cloud.google.com/apt cloud-sdk-bionic InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY [some key] NO_PUBKEY [some key]
E: The repository 'http://packages.cloud.google.com/apt cloud-sdk-bionic InRelease' is not signed.
I've tried both on my local machine and cloud builds (on google cloud), with no success.
Starting from the image tf2-gpu.2-4 instead of tf2-gpu.2-2 works, but that version is incompatible with other dependencies I rely on.
Note that the combination tf2-gpu.2-2 and libsndfile-dev worked fine before but doesn't anymore.
Why am I getting those errors and what can I do to fix them ?
Thanks!
This is a known issue. Read this for more info.
You can first add the correct repository GPG key using the following command.
curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
Updated Dockerfile would be:
FROM gcr.io/deeplearning-platform-release/tf2-gpu.2-2
RUN curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
RUN apt-get update && \
apt-get install --no-install-recommends -y libsndfile-dev
ENTRYPOINT ["ls", "-l"]
Your issue seems related to this Github issue
A dirty workaround is adding --allow-unauthenticated to your apt-get install in order to bypass the signature issue. However, I recommend you dig deeper into it to find a fix instead of a workaround.
Most likely this has to do with either your Linux version (version of the source image), apt version, or even the package version itself could be deprecated.
So your Dockerfile would look like this:
FROM gcr.io/deeplearning-platform-release/tf2-gpu.2-2
RUN apt-get update && \
apt-get install --no-install-recommends -y libsndfile-dev
ENTRYPOINT ["ls", "-l"]
Hopefully, someone else more familiar with your packages can propose a better approach.
Related
I am trying to install Jenkins on my Ubuntu EC2 instance and I performed the following steps to install but couldn't install it.
$sudo apt update
$sudo apt install openjdk-8-jdk
$wget -q -O - https://pkg.jenkins.io/debian-stable/jenkins.io.key | sudo apt-key add -
$sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'
$sudo apt update <--------- (Here I am getting below error)
root#ip-172-31-44-187:~# sudo apt update
Ign:1 https://pkg.jenkins.io/debian-stable binary/ InRelease
Err:2 https://pkg.jenkins.io/debian-stable binary/ Release
Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in
the certificate verification. [IP: 151.101.154.133 443]
Hit:3 http://ap-south-1.ec2.archive.ubuntu.com/ubuntu focal InRelease
Get:4 http://ap-south-1.ec2.archive.ubuntu.com/ubuntu focal-updates InRelease [114 kB]
Get:5 http://security.ubuntu.com/ubuntu focal-security InRelease [114 kB]
Get:6 http://ap-south-1.ec2.archive.ubuntu.com/ubuntu focal-backports InRelease [101 kB]
Reading package lists... Done
E: The repository 'http://pkg.jenkins.io/debian-stable binary/ Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
Instead of upgrading every package with apt-get upgrade, I used:
sudo apt install ca-certificates
And then:
sudo apt-get update worked just fine.
Yeah , I had same problem with this from yesterday , I think this is after yesterday's new update in jenkins 2.303.2 Lts .
Just do ,
apt upgrade ,
apt update,
apt get install jenkins -y .
It worked for me .
I was facing same issue when I tried to install jenkins in AWS ec2 instance (Ubuntu 20.04). Below steps helped me.
Update Ubuntu packages and all installed applications
sudo apt-get update -y
sudo apt-get upgrade -y
Next, Install JDK
sudo apt install openjdk-11-jdk -y
Verify Java version
java -version
Add gpg key for jenkins installation
wget -q -O - https://pkg.jenkins.io/debian-stable/jenkins.io.key | apt-key add -
Add the repository address to our /etc/apt/sources.list.d file
sudo sh -c 'echo deb https://pkg.jenkins.io/debian-stable binary/ > \
e> /etc/apt/sources.list.d/jenkins.list'
Update our package list again
sudo apt-get update -y
Install Jenkins
sudo apt-get install jenkins -y
It worked like charm!
I had the same problem with adding Jenkins repository on Ubuntu 18.04
add-apt-repository 'deb https://pkg.jenkins.io/debian-stable binary/'
Ign:5 https://pkg.jenkins.io/debian-stable binary/ InRelease Err:6 https://pkg.jenkins.io/debian-stable binary/ Release Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 199.232.66.133 443] Hit:7 http://ppa.launchpad.net/deadsnakes/ppa/ubuntu bionic InRelease Reading package lists... Done E: The repository 'https://pkg.jenkins.io/debian-stable binary/ Release' does not have a Release file. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details.
For fixing this issue you need to install/update ca-certificates
sudo apt install ca-certificates
After that, you can successfully add the Jenkins repository
I would like to correct the first answer provided. You need to run apt install Jenkins -y instead of apt get install jenkins -y. Running the below commands will fix your error. If you are not using root ensure that you add sudo before of all the below commands.
apt upgrade
apt update
apt install jenkins -y
You will find out your jenkins is started using the below command.
service jenkins status
As it might help some, none of the above solutions worked for me, but it was a silly mistake! *Please* read ALL the outputs. In my case, I'd missed an error a few lines above which indicated that I didn't have "curl" installed (!) on my Debian server. And so copy pasting the key installation lines from the Jenkins manual (which uses curl) didn't succeed, so all those unsecure errors in result.
Instead of upgrading every package with the apt-get upgrade, I used: sudo apt install ca-certificates
And then: sudo apt-get update worked just fine
Please Follow these commands
sudo apt-get update
sudo apt install openjdk-8-jdk
wget -q -O - https://pkg.jenkins.io/debian-stable/jenkins.io.key | apt-key add -
sudo sh -c 'echo deb https://pkg.jenkins.io/debian-stable binary/ > \
e> /etc/apt/sources.list.d/jenkins.list'
sudo apt-get update
sudo apt-get install jenkins -y
I have a dockerfile to upload some python code on Azure. It has been working for a few months, but today it suddenly stopped working.
The relevant commands in the Dockerfile are:
FROM python:3.9.5
:
:
RUN curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add -
RUN curl https://packages.microsoft.com/config/ubuntu/20.04/prod.list > /etc/apt/sources.list.d/mssql-release.list
RUN exit
RUN apt-get update && ACCEPT_EULA=Y apt-get install msodbcsql17
The error message is that appeared today is:
Err:1 https://packages.microsoft.com/ubuntu/20.04/prod focal/main amd64 msodbcsql17 amd64 17.7.2.1-1
404 Not Found [IP: 104.214.230.139 443]
E: Failed to fetch https://packages.microsoft.com/ubuntu/20.04/prod/pool/main/m/msodbcsql17/msodbcsql17_17.7.2.1-1_amd64.deb 404 Not Found [IP: 104.214.230.139 443]
E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
The command '/bin/sh -c apt-get update && ACCEPT_EULA=Y apt-get install msodbcsql17' returned a non-zero code: 100
2021/06/16 20:50:56 Container failed during run: build. No retries remaining.
failed to run step ID: build: exit status 100
I believe this might be related to the .deb files being moved - or that some computer at Microsoft is down?
A good workaround would maybe be to download the relevant msodbcsql17 package directly, but I was unable to find this package in the normal repos?
There seems to be some ongoing trouble with microsoft repos for some linux distributions (including ubuntu and debian). Not clear when this will be fixed.
https://github.com/dotnet/core/issues/6381
https://github.com/MicrosoftDocs/sql-docs/issues/6494
The answer might be related to this post:
https://github.com/dotnet/core/issues/6381
It seems that some Ubuntu repositories are broken.
Hopefully it will be fixed soon...
I Will keep an eye on the resolve, but I have the same issue using:
FROM python:3
ENV PYTHONUNBUFFERED 1
RUN mkdir /code
WORKDIR /code
RUN curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add -
RUN curl https://packages.microsoft.com/config/ubuntu/16.04/prod.list > /etc/apt/sources.list.d/mssql-release.list
RUN apt-get update
RUN ACCEPT_EULA=Y apt-get install -y msodbcsql17
# optional: for bcp and sqlcmd
RUN ACCEPT_EULA=Y apt-get install -y mssql-tools
RUN echo 'export PATH="$PATH:/opt/mssql-tools/bin"' >> ~/.bash_profile
RUN echo 'export PATH="$PATH:/opt/mssql-tools/bin"' >> ~/.bashrc
# optional: for unixODBC development headers
RUN apt-get install -y unixodbc-dev
Getting error while building the following Docker file
FROM ubuntu:21.04
RUN apt-get update && \
apt-get install --no-install-recommends -y curl=7.\* && \
apt-get install --no-install-recommends -y unzip=6.\* &&\
rm -rf /var/lib/apt/lists/*
RUN apt-get update && \
mkdir -p /usr/share/man/man1 && \
apt-get install --no-install-recommends -y maven=3.6.3-5 && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
The error occurs when the second apt-get update runs.
The error is as follows :-
E: The repository 'http://security.ubuntu.com/ubuntu hirsute-security InRelease' is not signed.
W: GPG error: http://archive.ubuntu.com/ubuntu hirsute InRelease: gpgv, gpgv2 or gpgv1 required for verification, but neither seems installed
E: The repository 'http://archive.ubuntu.com/ubuntu hirsute InRelease' is not signed.
W: GPG error: http://archive.ubuntu.com/ubuntu hirsute-updates InRelease: gpgv, gpgv2 or gpgv1 required for verification, but neither seems installed
E: The repository 'http://archive.ubuntu.com/ubuntu hirsute-updates InRelease' is not signed.
W: GPG error: http://archive.ubuntu.com/ubuntu hirsute-backports InRelease: gpgv, gpgv2 or gpgv1 required for verification, but neither seems installed
E: The repository 'http://archive.ubuntu.com/ubuntu hirsute-backports InRelease' is not signed.
Any kind of help would be appreciated.
That's a bug in the docker / seccomp / glibc interaction: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1916485
I've run your docker file and get the same error. Playing around with various ways to disable the verification also produced no good results. Neither did removing the version constraints and just installing the latest versions of the tools. The only solution I could find was to downgrade ubuntu to 20.04, but there is no 3.6.3-5 version of maven for that version of the OS, only 3.6.3-1 (afaik).
The closest I could get working is quite different from your desired image:
FROM ubuntu:20.04
RUN apt update && \
apt install --no-install-recommends -y curl=7.\* unzip=6.\* maven=3.6.3-1 && \
apt clean && \
rm -rf /var/lib/apt/lists/* && \
mkdir -p /usr/share/man/man1
Also note how I use apt rather than apt-get and I only do a single run (which makes a simpler image by having only a single layer) and only a single apt update and chain the things I want to install into a single apt install rather than separate ones. This is just quicker and easier.
However, if you want a maven build box, perhaps you'd be better advised using one of the prebuilt maven images from docker hub that are themselves based on openjdk images. For java the underlying linux distro rarely matters and the openjdk images are pretty well respected:
from maven:3.6.3-jdk-11
run apt update && apt install -y curl unzip && apt clean
This bug does not occur if using a newer version of Docker (tested with 20.10). If using an older version of Docker, I recommend switching to a previous version of the ubuntu image. I tested ubuntu:20.10 with Docker 19.03 and it worked just fine. This is discussed here: https://bugs.launchpad.net/cloud-images/+bug/1928218
Update Docker version to the latest to solve this issue.
For ubuntu users follow these steps:
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
For others please refer this link: https://docs.docker.com/engine/install/
I ran into this problem when I was running the Ubuntu 21.04 image under Rootless Docker, but the apt-get update command worked fine under the system Docker (invoked via sudo). Since my need was just for a manual test of an environment setup script, I just ran under the system Docker but, depending on your application, that might not be secure.
Substituting apt-get with apt has worked for me.
I have a Dockerfile that works, but if I add any new dependencies to the apt-get install command, it fails. For example, this works:
FROM debian:stable
RUN apt-get update
RUN apt-get install -y \
python \
...
apache2
But if I try this, it fails:
FROM debian:stable
RUN apt-get update
RUN apt-get install -y \
python \
...
apache2
python-mysqldb
I can replace python-mysqldb with anything else, git-core, for example, and it will still fail with the same error message:
Unable to correct missing packages.
E: Failed to fetch http://security.debian.org/pool/updates/main/l/linux/linux-libc-dev_3.16.7-ckt11-1+deb8u5_amd64.deb 404 Not Found [IP: 149.20.20.6 80]
E: Aborting install.
Any thoughts on why adding a new dependency causes the failure and how to fix it?
I've found that you need to join the update & install command into the same RUN block.
eg:
RUN apt-get update \
&& apt-get install -y \
python \
...
apache2 \
python-mysqldb
According to this post describing the issue
By default, Docker cache your commands to reduce time spent building
images. Unless there was any change before such commands (or at the
same line).
Meanwhile, I notice that the AWS examples separate them, as you have them. So I dunno if it works different there. Maybe they disable the cache by default.
I am running sudo apt-get update on Vagrant but it is not working:
GPG error: http://us.ubuntu.mirror.atratoip.net raring Release: The following signatures were invalid: NODATA 1 NODATA 2
You can reinstall the missing keys like this guy explains in this post
examples from the site:
How you can download the keys:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys
after you have sucsessfully downloaded the missing keys you have to update again.
sudo apt-get update
Plan B:
It seems like you are in a hurry!
If everything fails and you have to update that tool asap then just remove it from:
/etc/apt/sources.list
and get a new repository from here:
https://help.ubuntu.com/community/Repositories/Ubuntu
after adding the new repository do a
sudo apt-get update
again.
IF THIS FAILS AS WELL :
Try this and enter the following commands into your console:
apt-get clean # Remove cached packages
cd /var/lib/apt
mv lists lists.old # Backup mirror info
mkdir -p lists/partial # Recreate directory structure
apt-get clean
apt-get update # Fetch mirror info