search

rocker-org / rocker-versioned2

Run current & prior versions of R using docker. rocker/r-ver, rocker/rstudio, rocker/shiny, rocker/tidyverse, and so on.
https://rocker-project.org
GNU General Public License v2.0
406 stars 168 forks source link

Use cuda_keyring for avoiding installing keys manually in install_cuda-scripts in the future? #449

Open mskyttner opened 2 years ago

mskyttner commented 2 years ago

In a recent fix for #442 the list of keys for cuda libraries is manually updated with the latest key so that "apt-get update" does not fail (after April 27) when rebuilding with messages such as "The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A4B469963BF863CC".

Nvidia recommends to use cuda_keyring which can avoid manual steps next time they rotate keys for CUDA Linux repositories, if I understand correctly.

This Dockerfile stanza seems to work for switching to their new repositories and installing cuda_keyring:

# use cuda_keyring instead of manually installed keys
RUN sed -i '/developer\.download\.nvidia\.com\/compute\/cuda\/repos/d' /etc/apt/sources.list.d/cuda.list && \
    sed -i '/developer\.download\.nvidia\.com\/compute\/cuda\/repos/d' /etc/apt/sources.list.d/nvidia-ml.list && \
    wget -O cuda-keyring.deb "https://developer.download.nvidia.com/compute/cuda/repos/ubuntu1804/x86_64/cuda-keyring_1.0-1_all.deb" && \
    dpkg -i cuda-keyring.deb && \
    rm cuda-keyring.deb && \
    apt-get update

Would something similar to install cuda_keyring be nice to have in the install_cuda scripts?

cboettig commented 2 years ago

thanks for looking into this, sounds like a good idea to me. Would you be interested in sending a PR for this?