From f127910308e027a42d4e8eabb8b1bd07c5ff8b36 Mon Sep 17 00:00:00 2001 From: Daniel Langbein Date: Thu, 17 Jun 2021 10:37:04 +0200 Subject: [PATCH] Dockerfile: Specify keyserver for gnupg auto key import --- build-pkg/Dockerfile | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/build-pkg/Dockerfile b/build-pkg/Dockerfile index 17fb989..bd62f50 100644 --- a/build-pkg/Dockerfile +++ b/build-pkg/Dockerfile @@ -26,8 +26,15 @@ USER build WORKDIR /home/build # Auto-fetch GPG keys (to check signatures): -RUN mkdir .gnupg && \ - echo "keyserver-options auto-key-retrieve" > .gnupg/gpg.conf +RUN install -dm0700 .gnupg && \ + install -m0600 <(printf "keyserver-options auto-key-retrieve\nkeyserver hkp://keyserver.ubuntu.com\n") .gnupg/gpg.conf +# +# GnuPG key import from keys.opengpg.org does not work for all keys, see +# https://keys.openpgp.org/about/usage#gnupg-troubleshooting +# https://superuser.com/a/1485255 +# It seems as if thos won't be fixed: +# https://dev.gnupg.org/T4393 +# Thus we use the ubuntu keyserver instead. COPY run.sh /home/build/run.sh ENTRYPOINT [ "/bin/bash", "/home/build/run.sh" ]