Skip to content

Commit 30d09db

Browse files
tianontianon
committed
Use "/etc/apt/trusted.gpg.d" instead of "apt-key adv"
> Note: Instead of using this command a keyring should be placed > directly in the /etc/apt/trusted.gpg.d/ directory with a > descriptive name and either "gpg" or "asc" as file extension. https://manpages.debian.org/cgi-bin/man.cgi?query=apt-key&manpath=Debian+testing+stretch
1 parent 6f54865 commit 30d09db

File tree

3 files changed

+30
-10
lines changed

3 files changed

+30
-10
lines changed

3.0/Dockerfile

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,8 +22,17 @@ RUN set -x \
2222
&& gosu nobody true \
2323
&& apt-get purge -y --auto-remove ca-certificates wget
2424

25+
ENV GPG_KEYS \
2526
# gpg: key 7F0CEB10: public key "Richard Kreuter <[email protected]>" imported
26-
RUN apt-key adv --keyserver ha.pool.sks-keyservers.net --recv-keys 492EAFE8CD016A07919F1D2B9ECBEC467F0CEB10
27+
492EAFE8CD016A07919F1D2B9ECBEC467F0CEB10
28+
RUN set -ex; \
29+
export GNUPGHOME="$(mktemp -d)"; \
30+
for key in $GPG_KEYS; do \
31+
gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
32+
done; \
33+
gpg --export $GPG_KEYS > /etc/apt/trusted.gpg.d/mongodb.gpg; \
34+
rm -r "$GNUPGHOME"; \
35+
apt-key list
2736

2837
ENV MONGO_MAJOR 3.0
2938
ENV MONGO_VERSION 3.0.14

3.2/Dockerfile

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -22,21 +22,23 @@ RUN set -x \
2222
&& gosu nobody true \
2323
&& apt-get purge -y --auto-remove ca-certificates wget
2424

25+
ENV GPG_KEYS \
2526
# pub 4096R/AAB2461C 2014-02-25 [expires: 2016-02-25]
2627
# Key fingerprint = DFFA 3DCF 326E 302C 4787 673A 01C4 E7FA AAB2 461C
2728
# uid MongoDB 2.6 Release Signing Key <[email protected]>
28-
#
29+
DFFA3DCF326E302C4787673A01C4E7FAAAB2461C \
2930
# pub 4096R/EA312927 2015-10-09 [expires: 2017-10-08]
3031
# Key fingerprint = 42F3 E95A 2C4F 0827 9C49 60AD D68F A50F EA31 2927
3132
# uid MongoDB 3.2 Release Signing Key <[email protected]>
32-
#
33-
ENV GPG_KEYS \
34-
DFFA3DCF326E302C4787673A01C4E7FAAAB2461C \
3533
42F3E95A2C4F08279C4960ADD68FA50FEA312927
36-
RUN set -ex \
37-
&& for key in $GPG_KEYS; do \
38-
apt-key adv --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
39-
done
34+
RUN set -ex; \
35+
export GNUPGHOME="$(mktemp -d)"; \
36+
for key in $GPG_KEYS; do \
37+
gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
38+
done; \
39+
gpg --export $GPG_KEYS > /etc/apt/trusted.gpg.d/mongodb.gpg; \
40+
rm -r "$GNUPGHOME"; \
41+
apt-key list
4042

4143
ENV MONGO_MAJOR 3.2
4244
ENV MONGO_VERSION 3.2.11

3.4/Dockerfile

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,10 +22,19 @@ RUN set -x \
2222
&& gosu nobody true \
2323
&& apt-get purge -y --auto-remove ca-certificates wget
2424

25+
ENV GPG_KEYS \
2526
# pub 4096R/A15703C6 2016-01-11 [expires: 2018-01-10]
2627
# Key fingerprint = 0C49 F373 0359 A145 1858 5931 BC71 1F9B A157 03C6
2728
# uid MongoDB 3.4 Release Signing Key <[email protected]>
28-
RUN apt-key adv --keyserver ha.pool.sks-keyservers.net --recv-keys 0C49F3730359A14518585931BC711F9BA15703C6
29+
0C49F3730359A14518585931BC711F9BA15703C6
30+
RUN set -ex; \
31+
export GNUPGHOME="$(mktemp -d)"; \
32+
for key in $GPG_KEYS; do \
33+
gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
34+
done; \
35+
gpg --export $GPG_KEYS > /etc/apt/trusted.gpg.d/mongodb.gpg; \
36+
rm -r "$GNUPGHOME"; \
37+
apt-key list
2938

3039
ENV MONGO_MAJOR 3.4
3140
ENV MONGO_VERSION 3.4.1

0 commit comments

Comments
 (0)