Then "sudo apt-get update" failed: public key is not available: NO_PUBKEY 6B05F25D762E3157 in ubuntu xenial

ascendhuawei · January 11, 2019, 3:09pm

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://packagecloud.io/github/git-lfs/ubuntu xenial InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 6B05F25D762E3157

W: Failed to fetch https://packagecloud.io/github/git-lfs/ubuntu/dists/xenial/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 6B05F25D762E3157

W: Some index files failed to download. They have been ignored, or old ones used instead.

jsravn · January 8, 2019, 12:11pm

I’ve started getting the same thing in the last couple days. It happens on sudo apt update on the xenial workers.

As a temporary workaround you can do sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 762E3157.

To fix, I think travis will need to update its xenial image which is including the git-lfs repo.

0xc0170 · January 8, 2019, 12:48pm

Thanks for the report, I was going to do about the same as we are also affected.

We will do the workaround by adding the keyserver

alexkiro · January 11, 2019, 12:19pm

This is still broken, but the workaround works!

BanzaiMan · January 11, 2019, 3:14pm

Thanks for the report. Could you tell me how you identified the key ID?

jsravn · January 11, 2019, 5:59pm

The key shows in the logs.

BanzaiMan · January 11, 2019, 6:43pm

You mean 6B05F25D762E3157?

jsravn · January 11, 2019, 7:44pm

Yep. See the last 8 characters.

Arusekk · January 20, 2019, 3:57pm

Workers using trusty are also affected on some builds, see:
https://travis-ci.org/Gallopsled/pwntools/jobs/482058694#L555
Is there any official status on this? Looks like it hasn’t been fixed yet.

ssbarnea · January 23, 2019, 9:30am

Travis used do be amazing, but since a couple of years ago it started to went south,… and it seems only to accelerate in that direction.

keiranmraine · February 7, 2019, 3:22pm

I’ve raised a support request relating to this as I don’t think the workaround is viable when using:

addons:
 apt:
  packages:
   - somepackage

If you know otherwise I’m happy to be wrong.

BanzaiMan · February 7, 2019, 6:18pm

Working on a fix…

georgedorn · April 29, 2019, 3:19pm

Where does that workaround go in the .travis.yml?

Mine looks like: https://github.com/django-tastypie/django-tastypie/blob/master/.travis.yml

Edit: Figured this out. Anybody else trying to use this workaround, add this section to .travis.yml:

before_install:
  - sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 762E3157

Also, this is pretty gross, and I hope they fix the xenial environment soon, given that it’s now the default environment for linux…

native-api · April 29, 2019, 2:49pm

intgr · May 1, 2019, 1:54pm

ISTM the real workaround is to use a newer Ubuntu image that does not suffer from this issue. Add to your .travis.yml:

dist: xenial

georgedorn · May 10, 2019, 11:46pm

Xenial is already the default Ubuntu image. It’s been that way for a month or so.

vanthome · May 15, 2019, 12:57pm

worked for mw

moonshoes87 · May 29, 2019, 11:37pm

I am just now seeing this error for the first time. I haven’t changed my travis.yml file in weeks, so I’m not sure why it is only showing up now. Does anybody know the current status of this issue and the fix?

ivansg44 · May 30, 2019, 12:17am

Receiving similar errors, varying slightly in order from build to build.

I have rerun previously successful builds, and they are now failing as well.

Example (rebuild of a previously successful PR build):

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://packagecloud.io/github/git-lfs/ubuntu trusty InRelease: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 6B05F25D762E3157
W: http://ppa.launchpad.net/couchdb/stable/ubuntu/dists/trusty/Release.gpg: Signature by key 15866BAFD9BCC4F3C1E0DFC7D69548E1C17EAB57 uses weak digest algorithm (SHA1)
W: Failed to fetch https://packagecloud.io/github/git-lfs/ubuntu/dists/trusty/InRelease The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 6B05F25D762E3157
E: Failed to fetch http://dl.google.com/linux/chrome/deb/dists/stable/main/binary-amd64/Packages.gz Hash Sum mismatch
W: Some index files failed to download. They have been ignored, or old ones used instead.

colbygk · May 31, 2019, 11:45am

We are also seeing this in a previously working build:

$ sudo apt-get update -qq

W: GPG error: https://packagecloud.io/github/git-lfs/ubuntu trusty InRelease: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 6B05F25D762E3157

W: The repository ‘https://packagecloud.io/github/git-lfs/ubuntu trusty InRelease’ is not signed.

W: There is no public key available for the following key IDs:

6B05F25D762E3157