ddev: GPG error: https://dl.yarnpkg.com/debian stable InRelease: The following signatures were invalid: EXPKEYSIG 23E7166788B63E1E Yarn Packaging
Hi,
Doing a ddev start this morning and I’ve bumped into an issue that I’m struggling to fix.
Reading package lists...
W: GPG error: https://dl.yarnpkg.com/debian stable InRelease: The following signatures were invalid: EXPKEYSIG 23E7166788B63E1E Yarn Packaging <yarn@dan.cx>
E: The repository 'https://dl.yarnpkg.com/debian stable InRelease' is not signed.
', stderr='Building db
Building web
Service 'web' failed to build : The command '/bin/sh -c apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y -o Dpkg::Options::="--force-confold" --no-install-recommends --no-install-suggests build-essential' returned a non-zero code: 100'
A Google of this and I’ve seen there is a fix: https://github.com/yarnpkg/yarn/issues/7866
My problem is I’m not so hot on docker so I’m struggling to figure out where this fix needs to go.
Cheers
Tom
DDEV version: 1.16.5 Docker Dekstop: 3.0.4 (updated to 3.1.0 and no change) MacBook Pro: Catalina 10.15.7
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Comments: 15 (12 by maintainers)
Commits related to this issue
- Install yarn using npm instead of debian package, for drud/ddev#2772 — committed to rfay/ddev-images by rfay 3 years ago
- Install yarn using npm instead of debian package, for drud/ddev#2772 (#43) — committed to drud/ddev-images by rfay 3 years ago
- Update key for replaced yarnpkg key, fixes #2772 — committed to ddev/ddev by rfay 3 years ago
- Use updated upstream for yarn fix, fixes #2772 — committed to rfay/ddev by rfay 3 years ago
- Update yarn install to fix replaced yarnpkg key, fixes #2772 (#2773) * Update key for replaced yarnpkg key, fixes #2772 * Backport changes to circleci build for makensis * Backport test changes tha... — committed to ddev/ddev by rfay 3 years ago
I found a fix by adding
to my
web-build/Dockerfile@carstendietrich any chance you could post a code snippet for your fix? Looks a bit cleaner than mine!
Thanks so much for reporting this issue @tommym9 and @carstendietrich - ddev v1.16.6 and v1.17.0-alpha4 are building right now and will be available shortly. Please check to make sure they resolve your issues.
@tommym9 in my project I don’t have any complex setup therefore I only rely on the
webimage_extra_packagesoption in the.ddev/config.yamlfor adding additional apt packages. Therefore I don’t have a dedicatedweb-build/Dockerfilesince adding that will disable thewebimage_extra_packagessetting.So as a temporary fix I pretty much did the same as you, only that I needed to add the
web-build/Dockerfilemanually and add the stuff that I had previously specified inwebimage_extra_packages.So my
web-build/Dockerfilenow looks like this:Guess now we are waiting for an updated web-base image that already contains the latest yarn key.
I’ve been meaning to fix it so that the Yarn key can be automatically renewed (eg by packaging it in a Debian package that the
yarnpackage depends on), but never got around to it, and so far people have only been willing to complain about it but not actually spend time helping to improve it 🙂Thanks, yes, just installing via npm gets v1; I missed that part. I’ll do a new v1.16.6 release and also fix it for v1.17 in https://github.com/drud/ddev-images/pull/43
It’s amazing that this happens every Feb 1. This is https://github.com/yarnpkg/yarn/issues/6865 (and https://github.com/yarnpkg/yarn/issues/7866 as mentioned above) and it just seems to be every single year.
I guess I’ll need to do a release. The two answers here are perfect.