HoustonPutman commented on code in PR #4: URL: https://github.com/apache/solr-docker/pull/4#discussion_r872729501
########## 9.0/Dockerfile: ########## @@ -39,24 +38,30 @@ ARG SOLR_ARCHIVE_URL="https://archive.apache.org/dist/solr/solr/$SOLR_VERSION/so RUN set -ex; \ apt-get update; \ - apt-get -y install wget gpg; \ + apt-get -y install wget gpg dirmngr; \ rm -rf /var/lib/apt/lists/*; \ export GNUPGHOME="/tmp/gnupg_home"; \ mkdir -p "$GNUPGHOME"; \ chmod 700 "$GNUPGHOME"; \ echo "disable-ipv6" >> "$GNUPGHOME/dirmngr.conf"; \ - for key in $SOLR_KEYS; do \ - found=''; \ - for server in \ - pgp.mit.edu \ - keyserver.ubuntu.com \ - hkp://keyserver.ubuntu.com:80 \ - ; do \ - echo " trying $server for $key"; \ - gpg --batch --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$key" && found=yes && break; \ - gpg --batch --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$key" && found=yes && break; \ - done; \ - test -z "$found" && echo >&2 "error: failed to fetch $key from several disparate servers -- network issues?" && exit 1; \ + if [ -n "$SOLR_KEYS" ]; then \ + # Install all Solr GPG Keys + wget -nv "https://downloads.apache.org/solr/KEYS"; -O "SOLR_KEYS"; \ + gpg \ + --key-origin 'url,https://downloads.apache.org/solr/KEYS' \ + --import SOLR_KEYS; \ + rm SOLR_KEYS; \ + # Export the keys explicitly mentioned in the Dockerfile + gpg --export ${SOLR_KEYS} > SAVED_KEYS; \ + # Start from scratch + gpg --list-keys --with-colons \ + | awk -F: '$1 == "pub" && ($2 == "e" || $2 == "r") { print $5 }' \ + | xargs gpg --batch --yes --delete-keys; \ + # Re-import the keys that we saved \ + gpg --import SAVED_KEYS; \ + rm SAVED_KEYS; \ Review Comment: I tried that, it doesn't filter the keys though, it just removes the user-id information for keys that aren't jan's. So all Solr keys will still be there, they just won't have names. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
