由于检测到错误密钥,我无法更新我的 Gitlab-runner 安装。这是 Gitlab 更新问题还是我的系统出现问题? 2023 年更新和安装工作顺利。
root@gitlab-runner:~# apt-get update
Hit:1 http://security.debian.org bookworm-security InRelease
Hit:2 http://deb.debian.org/debian bookworm InRelease
Get:3 https://packages.gitlab.com/runner/gitlab-runner/debian bookworm InRelease [23.3 kB]
Err:3 https://packages.gitlab.com/runner/gitlab-runner/debian bookworm InRelease
The following signatures were invalid: EXPKEYSIG 3F01618A51312F3F GitLab B.V. (package repository signing key) <[email protected]>
Fetched 23.3 kB in 1s (21.0 kB/s)
Reading package lists... Done
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://packages.gitlab.com/runner/gitlab-runner/debian bookworm InRelease: The following signatures were invalid: EXPKEYSIG 3F01618A51312F3F GitLab B.V. (package repository signing key) <[email protected]>
W: Failed to fetch https://packages.gitlab.com/runner/gitlab-runner/debian/dists/bookworm/InRelease The following signatures were invalid: EXPKEYSIG 3F01618A51312F3F GitLab B.V. (package repository signing key) <[email protected]>
W: Some index files failed to download. They have been ignored, or old ones used instead.
很多人建议像这样添加 gitlab apt gpg 密钥
root@gitlab-runner:~# curl -s https://packages.gitlab.com/gpg.key | apt-key add -
OK
它仍然无法解决 Debian 12 和 Ubuntu 22 上的问题。apt update 上出现同样的错误。
要在 2024 年解决这种情况,特别是在旧安装上,首先我们需要删除已添加的 gitlab apt gpg 密钥。 运行命令:
sudo apt-key del "F640 3F65 44A3 8863 DAA0 B6E0 3F01 618A 5131 2F3F"
并运行最新的 gitlab runner 安装脚本:
curl -L "https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.deb.sh" | sudo bash && sudo apt update
就是这样,现在你可以做
apt upgrade更多详情:
请注意,Debian 12 上的 apt-key 已过时:
root@gitlab-runner:~# apt-key list
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
所以一般来说正确的方法应该是将 Dearmored gpg 签名放入 /etc/apt/trusted.gpg.d,但这不是 gitlab 的情况。
如果您查看
/etc/apt/sources.list.d/runner_gitlab-runner.list# this file was generated by packages.gitlab.com for
# the repository at https://packages.gitlab.com/runner/gitlab-runner
deb [signed-by=/usr/share/keyrings/runner_gitlab-runner-archive-keyring.gpg] https://packages.gitlab.com/runner/gitlab-runner/debian/ bookworm main
deb-src [signed-by=/usr/share/keyrings/runner_gitlab-runner-archive-keyring.gpg] https://packages.gitlab.com/runner/gitlab-runner/debian/ bookworm main
这就是为什么使用 apt-key 手动添加 gpg 密钥无法解决问题的原因。 再次执行安装脚本,将部署最新的密钥签名。