Kubernetes install.sh repo key: apt-key.gpg needs gpg --dearmour to work #86
Closed
Description
service/kubernetes/scripts/install.sh fails when running apt-get update with an error relating to the key being invalid, despite the url to the key being correct:
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://packages.cloud.google.com/apt kubernetes-xenial InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY B53DC80D13EDEF05
W: Failed to fetch https://apt.kubernetes.io/dists/kubernetes-xenial/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY B53DC80D13EDEF05
W: Some index files failed to download. They have been ignored, or old ones used instead.
An update to the key was made at some point where it is now presented as ASCII armoured so it needs to be presented to apt as binary by piping through gpg --dearmour. When replacing the line that gets the key with this it works OK:
curl -fsSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-archive-keyring.gpg
The offical instructions refer to using gpg dearmour: https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/#install-using-native-package-management
Also this SE Q refers to using gpg dearmour too: https://askubuntu.com/a/1476957/699984
Metadata
Assignees
Labels
No labels