BAD signature

[chuoke]

FROM alpine:3.12

RUN apk update \
    && apk upgrade \
    && apk add --no-cache openssl bash curl ca-certificates

RUN echo "https://dl.bintray.com/php-alpine/v3.12/php-7.4" >> /etc/apk/repositories

RUN apk --no-cache add \
    php \
    php-fpm \
    php-opcache \
    php-tokenizer \
    ....

Some packages install error, which shows a Bad signature, such as:

#9 5.094 ERROR: php7-7.4.13-r1: BAD signature

What's the meaning of this error?

[tobias-trozowski]

Getting the same issue with php8 and alpine 3.11

wget -qO /etc/apk/keys/php-alpine.rsa.pub https://dl.bintray.com/php-alpine/key/php-alpine.rsa.pub \
    && echo "https://dl.bintray.com/php-alpine/v3.11/php-8.0" >> /etc/apk/repositories  \
    && apk --update --no-cache add \
        php8 \
        php-pcntl

❯ docker run --rm -it alpine:3.11 sh
/ # wget -qO /etc/apk/keys/php-alpine.rsa.pub https://dl.bintray.com/php-alpine/key/php-alpine.rsa.pub \
>     && echo "https://dl.bintray.com/php-alpine/v3.11/php-8.0" >> /etc/apk/repositories  \
>     && apk --update --no-cache add \
>         php8 \
>         php-pcntl
fetch http://dl-cdn.alpinelinux.org/alpine/v3.11/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.11/community/x86_64/APKINDEX.tar.gz
fetch https://dl.bintray.com/php-alpine/v3.11/php-8.0/x86_64/APKINDEX.tar.gz
(1/10) Installing php8-common (8.0.0-r1)
(2/10) Installing php8-pcntl (8.0.0-r1)
ERROR: php8-pcntl-8.0.0-r1: BAD signature
(3/10) Installing argon2-libs (20190702-r1)
(4/10) Installing ncurses-terminfo-base (6.1_p20200118-r4)
(5/10) Installing ncurses-libs (6.1_p20200118-r4)
(6/10) Installing libedit (20191211.3.1-r0)
(7/10) Installing pcre2 (10.34-r1)
(8/10) Installing xz-libs (5.2.4-r0)
(9/10) Installing libxml2 (2.9.10-r4)
(10/10) Installing php8 (8.0.0-r1)
Executing busybox-1.31.1-r9.trigger
1 error; 30 MiB in 23 packages

Using this with alpine 3.12 everything seems alright

❯ docker run --rm -it alpine:3.12 sh
/ # wget -qO /etc/apk/keys/php-alpine.rsa.pub https://dl.bintray.com/php-alpine/key/php-alpine.rsa.pub \
>     && echo "https://dl.bintray.com/php-alpine/v3.12/php-8.0" >> /etc/apk/repositories  \
>     && apk --update --no-cache add \
>         php8 \
>         php-pcntl
fetch http://dl-cdn.alpinelinux.org/alpine/v3.12/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.12/community/x86_64/APKINDEX.tar.gz
fetch https://dl.bintray.com/php-alpine/v3.12/php-8.0/x86_64/APKINDEX.tar.gz
(1/10) Installing php8-common (8.0.0-r1)
(2/10) Installing php8-pcntl (8.0.0-r1)
(3/10) Installing argon2-libs (20190702-r1)
(4/10) Installing ncurses-terminfo-base (6.2_p20200523-r0)
(5/10) Installing ncurses-libs (6.2_p20200523-r0)
(6/10) Installing libedit (20191231.3.1-r0)
(7/10) Installing pcre2 (10.35-r0)
(8/10) Installing xz-libs (5.2.5-r0)
(9/10) Installing libxml2 (2.9.10-r5)
(10/10) Installing php8 (8.0.0-r1)
Executing busybox-1.31.1-r19.trigger
OK: 31 MiB in 24 packages

[Jeroen-G]

PHP 7.4 with alpine 3.10 - 3.12 keeps failing though.

[bobbybouwmann]

I have a similar issue with adding certain dependencies to PHP 7.4

$ apk add -U php7-bcmath php7-sodium
fetch http://dl-cdn.alpinelinux.org/alpine/v3.12/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.12/community/x86_64/APKINDEX.tar.gz
fetch https://dl.bintray.com/php-alpine/v3.12/php-7.4/x86_64/APKINDEX.tar.gz
(1/3) Installing php7-bcmath (7.4.13-r1)
ERROR: php7-bcmath-7.4.13-r1: BAD signature
(2/3) Installing libsodium (1.0.18-r0)
(3/3) Installing php7-sodium (7.4.13-r1)
ERROR: php7-sodium-7.4.13-r1: BAD signature
2 errors; 705 MiB in 145 packages

Let me know if you need more information or if I can help debug anything!

[Jeroen-G]

This might help to reproduce the problem. I took the example Dockerfile from the readme and added the php-bcmath extension as one example of a package with the bad signature error.

FROM alpine:3.12

ADD https://dl.bintray.com/php-alpine/key/php-alpine.rsa.pub /etc/apk/keys/php-alpine.rsa.pub

RUN apk --update-cache add ca-certificates && \
    echo "https://dl.bintray.com/php-alpine/v3.12/php-7.4" >> /etc/apk/repositories

# install php and some extensions
RUN apk add --update-cache \
    php \
    php-bz2 \
    php-json \
    php-bcmath

[Jeroen-G]

I found that above file errors with 3.10 and 3.12, but not with 3.11

[juliusstoerrle]

I experience this with 3.12 and 3.11

[hernandev]

shit

[hernandev]

looks like all uploads failed due Bintray API limits, ensuring that's true now

[hernandev]

PHP 7.4 fixed.

others will be in a few minutes after new build

[bobbybouwmann]

@hernandev Awesome! Thanks for looking into this.

[hernandev]

All files will be stored as artifacts now, after each build so even if bintray fails, we have the packges as zip to fallback :)

the issue was confirmed as bintray api rate limit issue.

[Jeroen-G]

For whoever still gets the Bad Signature errors, make sure you have alpine on 3.12

[limingxinleo]

When I build php-7.3 in alpine v3.11

BAD signature occurs.

[Jeroen-G]

@limingxinleo as I mentioned in the comment just before yours, try updating to Alpine 3.12

[limingxinleo]

It works.

[eXistenZNL]

@hernandev @Jeroen-G any view on when the Alpine 3.11 packages will be updated? I could switch to Alpine 3.12 but I rather not.

[chuoke]

Hi, My issue with 3.12 and 7.4 is seems fixed. I have built successfully. There no error occurred. That's Great. Thank you very much.

[hernandev]

@eXistenZNL 3.11 should be good, gonna check here why did they still erroring

[hernandev]

same shit, after a bunch of uploads we are hitting upload rate limit on bintray, gonna switch to another place to host files in the future but gonna manually fix things in a bit

[hernandev]

Please @chuoke @tobias-trozowski @Jeroen-G @bobbybouwmann @juliusstoerrle @limingxinleo @eXistenZNL and others:

https://github.com/codecasts/php-alpine/issues/119

Keep track of this issue resolution at the above link.

[eXistenZNL]

Thanks a ton for your work @hernandev 👍

[hernandev]

fixed, details on #119