存储库未在 docker build 中签名 [英] Repository is not signed in docker build

问题描述

我有以下使用从 dockerhub 拉取的最新 Ubuntu 镜像的 Dockerfile:

I have the following Dockerfile that uses the latest Ubuntu image pulled from dockerhub:

FROM ubuntu:latest  
RUN apt-get update  && apt-get install -y  g++ llvm lcov 

当我启动 docker build 命令时，出现以下错误:

when I launch the docker build command, the following errors occur:

Err:2 http://archive.ubuntu.com/ubuntu 仿生 InRelease至少遇到一个无效签名.

Err:2 http://archive.ubuntu.com/ubuntu bionic InRelease At least one invalid signature was encountered.

Err:1 http://security.ubuntu.com/ubuntu bionic-security InRelease至少遇到一个无效签名.

Err:1 http://security.ubuntu.com/ubuntu bionic-security InRelease At least one invalid signature was encountered.

Err:3 http://archive.ubuntu.com/ubuntu 仿生更新 InRelease至少遇到一个无效签名.

Err:3 http://archive.ubuntu.com/ubuntu bionic-updates InRelease At least one invalid signature was encountered.

Err:4 http://archive.ubuntu.com/ubuntu bionic-backports InRelease至少遇到一个无效签名.

Err:4 http://archive.ubuntu.com/ubuntu bionic-backports InRelease At least one invalid signature was encountered.

正在阅读包裹清单...

Reading package lists...

W:GPG 错误:http://archive.ubuntu.com/ubuntu 仿生 InRelease:在至少遇到一个无效签名.E:存储库 'http://archive.ubuntu.com/ubuntu bionic InRelease' 未签名.

W: GPG error: http://archive.ubuntu.com/ubuntu bionic InRelease: At least one invalid signature was encountered. E: The repository 'http://archive.ubuntu.com/ubuntu bionic InRelease' is not signed.

W:GPG 错误:http://security.ubuntu.com/ubuntu bionic-security InRelease: 至少遇到一个无效签名.E:存储库 'http://security.ubuntu.com/ubuntu bionic-security InRelease' 不是签名.

W: GPG error: http://security.ubuntu.com/ubuntu bionic-security InRelease: At least one invalid signature was encountered. E: The repository 'http://security.ubuntu.com/ubuntu bionic-security InRelease' is not signed.

W:GPG 错误:http://archive.ubuntu.com/ubuntu bionic-updates InRelease: 至少遇到一个无效签名.E:存储库 'http://archive.ubuntu.com/ubuntu bionic-updates InRelease' 不是签名.

W: GPG error: http://archive.ubuntu.com/ubuntu bionic-updates InRelease: At least one invalid signature was encountered. E: The repository 'http://archive.ubuntu.com/ubuntu bionic-updates InRelease' is not signed.

W:GPG 错误:http://archive.ubuntu.com/ubuntu bionic-backports InRelease: 至少遇到一个无效签名.E:存储库 'http://archive.ubuntu.com/ubuntu bionic-backports InRelease' 不是签名.

W: GPG error: http://archive.ubuntu.com/ubuntu bionic-backports InRelease: At least one invalid signature was encountered. E: The repository 'http://archive.ubuntu.com/ubuntu bionic-backports InRelease' is not signed.

我在这里阅读 https://superuser.com/questions/1331936/how-can-i-get-past-a-repository-is-not-signed-message-when-attempting-to-upgr您可以使用 --allow-unauthenitcated 或 --allow-insecure-repositories 传递此错误，但在我看来，这两种解决方法都可能危及容器的安全性.

I read here https://superuser.com/questions/1331936/how-can-i-get-past-a-repository-is-not-signed-message-when-attempting-to-upgr that you can pass this error using --allow-unauthenitcated or --allow-insecure-repositories but both seem to me workarounds that may compromize security of the container.

编辑

尝试以不同的发行版名称拉取 ubuntu:18.04、ubuntu:19:04、ubuntu:19.10 相同的错误

Tried to pull ubuntu:18.04, ubuntu:19:04, ubuntu:19.10 same error with different distro name

推荐答案

显然我的根分区已满(可能是我尝试了太多次无法通过 apt 下载软件包)，然后运行 ​​sudo apt clean 解决了问题

Apparently my root partition was full (maybe I've tried too many times to download packages through apt), and running sudo apt clean solved the issue

这篇关于存储库未在 docker build 中签名的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！