I'm trying to run apt-get update and getting this error for gitlab-runner:
# apt-get update...Get:6 https://packages.gitlab.com/runner/gitlab-runner/ubuntu focal InRelease [23.5 kB]Err:6 https://packages.gitlab.com/runner/gitlab-runner/ubuntu focal InRelease The following signatures were invalid: EXPKEYSIG 3F01618A51312F3F GitLab B.V. (package repository signing key) <packages@gitlab.com>Reading package lists... DoneW: GPG error: https://packages.gitlab.com/runner/gitlab-runner/ubuntu focal InRelease: The following signatures were invalid: EXPKEYSIG 3F01618A51312F3F GitLab B.V. (package repository signing key) <packages@gitlab.com>E: The repository 'https://packages.gitlab.com/runner/gitlab-runner/ubuntu focal InRelease' is not signed.N: Updating from such a repository can't be done securely, and is therefore disabled by default.N: See apt-secure(8) manpage for repository creation and user configuration details.You have new mail in /var/mail/root#...I've worked through a few posts about this exact same error but nothing suggested solves my issue.
The official GitLab signing-keys guide at https://docs.gitlab.com/omnibus/update/package_signatures.html#package-repository-metadata-signing-keys does not correct the problem.
The above page suggests:
awk '/deb \[signed-by=/{ pubkey = $2; sub(/\[signed-by=/, "", pubkey); sub(/\]$/, "", pubkey); print pubkey }' /etc/apt/sources.list.d/gitlab_gitlab-?e.list | \ while read line; do curl -s "https://packages.gitlab.com/gpg.key" | gpg --dearmor > $line doneor
apt-key del 3F01618A51312F3F curl -s "https://packages.gitlab.com/gpg.key" | apt-key add - apt-key list 3F01618A51312F3Fto solve the issue with gitlab-runner having an expired package repository signing key, but the error remains exactly the same:
W: GPG error: https://packages.gitlab.com/runner/gitlab-runner/ubuntu focal InRelease: The following signatures were invalid: EXPKEYSIG 3F01618A51312F3F GitLab B.V. (package repository signing key) <packages@gitlab.com>I've also tried steps from numerous posts found here and elsewhere to update the repository signing key, but nothing works - error remains the same.
It seems a simple operation - update a repository signing key for an APT repository - but -how- exactly do I do this to enable gitlab-runner to be updateable and maintainable in Ubuntu 20.04.6 LTS again?
This key
https://packages.gitlab.com/gpg.key
is considered invalid by the "apt-get update" command for the gitlab-runner APT repository, no matter what I do.
Any ideas?
Thanks!
(PS - Aware "apt-key" is deprecated, but I just NEED to get gitlab-runner updated / updatable again, don't mind for now that "apt-key" is deprecated. After I get gitlab-runner updated I can spend time learning how to use gpg itself instead of apt-key for future signature expiries.)