I have a docker recipe that does not much more than:
FROM fedora:rawhide
RUN dnf -y install ...blah...
If I run this from a Fedora host it works fine, resolving fedora:rawhide
to registry.fedoraproject.org image ID 23902052bc28
If I run this from a non-Fedora host, such as from GitLab CI, it resolves
to docker.io/library image ID e6ff04a4b8bd.
The latter image fails when installing RPMs due tpo missing gpg keys
# dnf install numactl
Fedora 33 openh264 (From Cisco) - x86_64 5.2 kB/s | 5.1
kB 00:00
Fedora - Modular Rawhide - Developmental packages for the next 1.9 MB/s | 961
kB 00:00
Fedora - Rawhide - Developmental packages for the next Fedora 12 MB/s | 73
MB 00:06
Dependencies resolved.
===============================================================================================
Package Architecture Version
Repository Size
===============================================================================================
Installing:
numactl x86_64 2.0.12-6.fc33 rawhide
69 k
Installing dependencies:
numactl-libs x86_64 2.0.12-6.fc33 rawhide
30 k
Transaction Summary
===============================================================================================
Install 2 Packages
Total download size: 99 k
Installed size: 238 k
Is this ok [y/N]: y
Downloading Packages:
(1/2): numactl-2.0.12-6.fc33.x86_64.rpm 543 kB/s | 69
kB 00:00
(2/2): numactl-libs-2.0.12-6.fc33.x86_64.rpm 207 kB/s | 30
kB 00:00
-----------------------------------------------------------------------------------------------
Total 219 kB/s | 99
kB 00:00
warning:
/var/cache/dnf/rawhide-2d95c80a1fa0a67d/packages/numactl-2.0.12-6.fc33.x86_64.rpm:
Header V4 RSA/SHA256 Signature, key ID 45719a39: NOKEY
Fedora - Rawhide - Developmental packages for the next Fedora 1.6 MB/s | 1.6
kB 00:00
GPG key at file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-33-x86_64 (0x9570FF31) is
already installed
The GPG keys listed for the "Fedora - Rawhide - Developmental packages for the
next Fedora release" repository are already installed but they are not correct
for this package.
Check that the correct key URLs are configured for this repository.. Failing
package is: numactl-2.0.12-6.fc33.x86_64
GPG Keys are configured as:
file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-33-x86_64
Public key for numactl-libs-2.0.12-6.fc33.x86_64.rpm is not installed. Failing
package is: numactl-libs-2.0.12-6.fc33.x86_64
GPG Keys are configured as:
file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-33-x86_64
The downloaded packages were saved in cache until the next successful
transaction.
You can remove cached packages by executing 'dnf clean packages'.
Error: GPG check FAILED
I can see the docker.io image has older packages
# rpm -q fedora-release-container fedora-gpg-keys
fedora-release-container-33-0.9.noarch
fedora-gpg-keys-33-0.8.noarch
than the registry.fedoraproject.org image
# rpm -q fedora-release-container fedora-gpg-keys
fedora-release-container-33-0.13.noarch
fedora-gpg-keys-33-0.11.noarch
Looking at https://hub.docker.com/_/fedora?tab=tags I see the rawhide
image is over a month out of date.
As a workaround I tried adding
dnf update -y --nogpgcheck fedora-gpg-keys
and this pulls in fedora-gpg-keys-34-0.1.noarch on docker.io images, and
does nothing on registry.fedoraproject.org images.
Even after the fedora-gpg-keys update, I still get gpg errors installing
RPMs.
Why is docker.io registry lagging so far behind registry.fedoraproject.org ?
Why is the registry.fedoraproject.org image seemingly attached to
F33 content, not pulling in F34 rawhide content ?
While the older docker.io image trying to use F34 rawhide content.
These inconsistency between the registries is making it really quite
painful for using Fedora rawhide images across different host OS.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
