Closed IharKotau closed 1 year ago
michielvermeir
commented
1 year ago This issue is easy enough to solve by adding a step to refresh the GPG keys, but would be grand if the CodeBuild team could release updates of aws/codebuild/standard:5.0 and 6.0 with the updated signatures baked in.
IharKotau
commented
1 year ago Yes, you need to add this to build spec to fix temporarily:
commands:
- curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
- apt-get update
fouadchamoun
commented
1 year ago same issue on aws/codebuild/standard:4.0
ebarault
commented
1 year ago according to AWS support team, "This fix will be propagated to all CodeBuild images by 1/31/2023." :-/
awszhen
commented
1 year ago CodeBuild team here, we will be patching the Ubuntu standard images today.
aahung
commented
1 year ago awszhen
commented
1 year ago Hi, the Ubuntu standard images have been patched. Please retry, thanks.
Describe the bug We are using the aws/codebuild/standard:5.0 in a CodeBuild. The build fails at apt-get update -y exit status 100
Reason: Err:2 https://dl.yarnpkg.com/debian stable InRelease The following signatures were invalid: EXPKEYSIG 23E7166788B63E1E Yarn Packaging yarn@dan.cx
To Reproduce Steps to reproduce the behavior:
Expected behavior No errors, exit code 0
Logs Reading package lists... W: https://dl.yarnpkg.com/debian/dists/stable/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details. W: GPG error: https://dl.yarnpkg.com/debian stable InRelease: The following signatures were invalid: EXPKEYSIG 23E7166788B63E1E Yarn Packaging yarn@dan.cx E: The repository 'https://dl.yarnpkg.com/debian stable InRelease' is not signed. W: https://apt.corretto.aws/dists/stable/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
Platform (please complete the following information):
Additional context