I am new to this, but I enherited a project, where runtime build is created with dockerfile and commands like this:
# Build runtime image
FROM microsoft/dotnet:2.2-aspnetcore-runtime-alpine
RUN echo "http://dl-4.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories;
RUN apk update && apk add libgdiplus
RUN apk add --no-cache icu-libs
The gitlab pipeline shows this:
Step 15/20 : RUN apk update && apk add libgdiplus
96 ---> Running in 95f8ebccb602
97fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/main/x86_64/APKINDEX.tar.gz
98fetch http://dl-cdn.alpinelinux.org/alpine/v3.10/community/x86_64/APKINDEX.tar.gz
99fetch http://dl-4.alpinelinux.org/alpine/edge/testing/x86_64/APKINDEX.tar.gz
100ERROR: http://dl-4.alpinelinux.org/alpine/edge/testing: UNTRUSTED signature
101WARNING: Ignoring APKINDEX.24c95890.tar.gz: No such file or directory
102v3.10.9-43-g3feb769ea3 [http://dl-cdn.alpinelinux.org/alpine/v3.10/main]
103v3.10.6-10-ged79a86de3 [http://dl-cdn.alpinelinux.org/alpine/v3.10/community]
1041 errors; 10355 distinct packages available
105Service 'api' failed to build: The command '/bin/sh -c apk update && apk add libgdiplus' returned a non-zero code: 1
I know that the keys have been rotated and I have to upgrade alpine somehow, but adding RUN upgrade, or RUN apk add -X https://dl-cdn.alpinelinux.org/alpine/v3.16/main -u alpine-keys doesn't change anything. Can someone please tell me what do I need to do?
Yes, we have come across this problem and it is because alpine linux edge signing keys rotated (link, according to this official announcement). You have to execute this command inside the Dockerfile.
apk add -X https://dl-cdn.alpinelinux.org/alpine/v3.16/main -u alpine-keys
Another way is to upgrade the base image, in your case the microsoft/dotnet:2.2-aspnetcore-runtime-alpine, to a newer version.