MongoDB:4.2 docker image failing to apt-get update due to expired signature

Docker Hub
1

Hello,

I have a DevOps infrastructure for a few of my projects at work, which work as a automated version release/deployment.

During the process of the pipeline (building and deploying the project), the project is built into a docker image. Based on MongoDB:4.2 docker image (Link: MongoDB:4.2 docker image

and during the set-up of the docker image (AKA the dockerfile commands) there is a failure during the apt-get update process. I receive the following error:

#5 23.68 W: GPG error: [MongoDB Repositories](http://repo.mongodb.org/apt/ubuntu) bionic/mongodb-org/4.2 Release: The following signatures were invalid: EXPKEYSIG 4B7C549A058F8B6B MongoDB 4.2 Release Signing Key [packaging@mongodb.com](mailto:packaging@mongodb.com)

I tried allowing unauthorized connections with --allow-unauthenticated in the apt-get command, but still the same error.

I read somewhere this might be on MongoDB’s side and they let the signature expire, and they need to fix this, but I’m unsure whether or not this is correct. (I’m starting to believe it because I’ve tried so many different potential solutions, but nothing works)

Best regards,
Mat

2

Did you open this issue?

I answered there too. Quote:

It looks like the image was built 8 days ago, but I guess the layer that updates the key was not rebeuilt. Here is the RUN instruction:

I added it to a new Dockerfile and it worked as is.

FROM mongo:4.2

RUN set -ex; \
	export GNUPGHOME="$(mktemp -d)"; \
	set -- 'E162F504A20CDF15827F718D4B7C549A058F8B6B'; \
	for key; do \
		gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
	done; \
	mkdir -p /etc/apt/keyrings; \
	gpg --batch --export "$@" > /etc/apt/keyrings/mongodb.gpg; \
	gpgconf --kill all; \
	rm -rf "$GNUPGHOME"

RUN apt-get update