Apache Arrow sporadic build failures due to hash sum mismatch errors


#1

The Apache Arrow project has been observing jobs sporadically failing with the following syndrome:

W: http://ppa.launchpad.net/couchdb/stable/ubuntu/dists/trusty/Release.gpg: Signature by key 15866BAFD9BCC4F3C1E0DFC7D69548E1C17EAB57 uses weak digest algorithm (SHA1)
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://packagecloud.io/github/git-lfs/ubuntu trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 6B05F25D762E3157
W: Failed to fetch https://packagecloud.io/github/git-lfs/ubuntu/dists/trusty/InRelease  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 6B05F25D762E3157
E: Failed to fetch http://security.ubuntu.com/ubuntu/dists/trusty-security/main/binary-i386/Packages.gz  Hash Sum mismatch
W: Some index files failed to download. They have been ignored, or old ones used instead.
The command "if [ $TRAVIS_OS_NAME == "linux" ]; then
    sudo bash -c "echo -e 'Acquire::Retries 10; Acquire::http::Timeout \"20\";' > /etc/apt/apt.conf.d/99-travis-retry"
    sudo add-apt-repository -y ppa:ubuntu-toolchain-r/test
    sudo apt-get update -qq
  fi
  " failed and exited with 100 during .
Your build has been stopped.

See:

https://travis-ci.org/apache/arrow/jobs/502285685#L492
https://travis-ci.org/apache/arrow/jobs/502285699#L973

Let us know if there is a workaround that we can apply.