Gitlab Debian存储库公钥不可用

Question

当运行“sudo apt update”时，我得到以下错误：

user@gitlab:~$ sudo apt update
Hit:1 http://security.debian.org/debian-security stretch/updates InRelease
Ign:2 http://ftp.fi.debian.org/debian stretch InRelease
Hit:3 http://ftp.fi.debian.org/debian stretch-updates InRelease
Hit:4 http://ftp.fi.debian.org/debian stretch Release
Get:6 https://packages.gitlab.com/gitlab/gitlab-ee/debian stretch InRelease [23.3 kB]
Err:6 https://packages.gitlab.com/gitlab/gitlab-ee/debian stretch InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 3F01618A51312F3F
Fetched 23.3 kB in 2s (11.0 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
All packages are up to date.
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://packages.gitlab.com/gitlab/gitlab-ee/debian stretch InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 3F01618A51312F3F
W: Failed to fetch https://packages.gitlab.com/gitlab/gitlab-ee/debian/dists/stretch/InRelease  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 3F01618A51312F3F
W: Some index files failed to download. They have been ignored, or old ones used instead.

Answer 1

问题是Gitlab安装脚本安装的密钥已过期。这可以通过运行sudo apt-key list来验证。

user@gitlab:~$ sudo apt-key list
/etc/apt/trusted.gpg
--------------------
pub   rsa4096 2015-04-17 [SC] [expired: 2020-04-15]
      1A4C 919D B987 D435 9396  38B9 1421 9A96 E15E 78F4
uid           [ expired] GitLab B.V. (package repository signing key) 
-------Output Snipped----------

通过运行与Gitlab安装脚本相同的命令可以很容易地修复这个问题，该命令将从Gitlab获取新密钥并将其安装在APT密钥环中。

curl -L "https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey" 2> /dev/null | sudo apt-key add - &>/dev/null

在此之后，可以重新运行apt-key list命令，以验证密钥是否已正确安装。

user@gitlab:~$ sudo apt-key list
/etc/apt/trusted.gpg
--------------------
pub   rsa4096 2015-04-17 [SC] [expired: 2020-04-15]
      1A4C 919D B987 D435 9396  38B9 1421 9A96 E15E 78F4
uid           [ expired] GitLab B.V. (package repository signing key) 

pub   rsa4096 2020-03-02 [SC] [expires: 2022-03-02]
      F640 3F65 44A3 8863 DAA0  B6E0 3F01 618A 5131 2F3F
uid           [ unknown] GitLab B.V. (package repository signing key) 
sub   rsa4096 2020-03-02 [E] [expires: 2022-03-02]