Build is failing: says no public key is available

The issue is each time I try to build/deploy my app, I get this error:

“W: There is no public key available for the following key IDs: AA8E81B4331F7F50”

as well as

“E: There are problems and -y was used without --force-yes”

Kindly assist.

Hello @kennedy-mukuna!

This error can occur for a few different reasons. Could you share a code snippet of your .circleci/config.yml that includes the executor, image and any related dependency install steps?

if you would rather not share them here, please do submit a support ticket here: https://support.circleci.com/hc/en-us/requests/new

Best regards,

Here you go!

version: 2
jobs:
build:
docker:
- image: circleci/php:7.1-jessie-node-browsers
steps:
- setup_remote_docker:
docker_layer_caching: false
- checkout
- run:
name: Installing dependencies
command: |
cd project
composer install -n --prefer-dist
- run:
name: Set convenience environment variables
command: |
COMMIT=(git rev-parse --short HEAD) ECR_REPOSITORY_NAME=lexlinkconsulting/afyakit-web echo "export COMMIT={COMMIT}" >> BASH_ENV echo "export CIRCLE_BRANCH={CIRCLE_BRANCH}" >> BASH_ENV echo "export ECR_REPOSITORY_NAME={ECR_REPOSITORY_NAME}" >> BASH_ENV echo "export FULL_IMAGE_NAME={AWS_ACCOUNT_ID}.dkr.ecr.{AWS_DEFAULT_REGION}.amazonaws.com/{ECR_REPOSITORY_NAME}:{CIRCLE_BRANCH}-{COMMIT}" >> BASH_ENV - run: name: Build image command: | if [ "{CIRCLE_BRANCH}" == “prod” ]; then
docker build -t FULL_IMAGE_NAME . fi; if [ "{CIRCLE_BRANCH}" == “dev” ]; then
docker build -t FULL_IMAGE_NAME . fi; - run: name: Save image to an archive command: | mkdir docker-image if [ "{CIRCLE_BRANCH}" == “prod” ]; then
docker save -o docker-image/image.tar FULL_IMAGE_NAME fi; if [ "{CIRCLE_BRANCH}" == “dev” ]; then
docker save -o docker-image/image.tar FULL_IMAGE_NAME fi; - persist_to_workspace: root: . paths: - docker-image deploy: docker: - image: circleci/python:3.6.1 environment: AWS_DEFAULT_OUTPUT: json steps: - checkout - setup_remote_docker - attach_workspace: at: workspace - restore_cache: key: v1-{{ checksum "requirements.txt" }} - run: name: Install awscli command: | python3 -m venv venv . venv/bin/activate pip install -r requirements.txt - save_cache: key: v1-{{ checksum "requirements.txt" }} paths: - "venv" - run: name: Load image command: | docker load --input workspace/docker-image/image.tar - run: name: Setup common environment variables command: | COMMIT=(git rev-parse --short HEAD)
ECR_REPOSITORY_NAME=lexlinkconsulting/afyakit-web
echo “export COMMIT=${COMMIT}” >> BASH_ENV echo "export CIRCLE_BRANCH={CIRCLE_BRANCH}" >> BASH_ENV echo "export ECR_REPOSITORY_NAME={ECR_REPOSITORY_NAME}" >> BASH_ENV echo "export FULL_IMAGE_NAME={AWS_ACCOUNT_ID}.dkr.ecr.{AWS_DEFAULT_REGION}.amazonaws.com/{ECR_REPOSITORY_NAME}:{CIRCLE_BRANCH}-{COMMIT}" >> BASH_ENV - run: name: Push image command: | . venv/bin/activate eval (aws ecr get-login --region $AWS_DEFAULT_REGION --no-include-email)
docker push $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/ECR_REPOSITORY_NAME:{CIRCLE_BRANCH}-$COMMIT
workflows:
version: 2
build-deploy:
jobs:
- build
- deploy:
requires:
- build
filters:
branches:
only:
- dev
- prod

Hello @kennedy-mukuna - Thank you for sharing your config.yml here.

This error is occurring because Debian is no longer maintaining the libraries for the updates that are attempting to download. You will see something similar to the following in your build output:

Get:1 http://security.debian.org jessie/updates InRelease [44.9 kB]
 Ign http://archive.debian.org jessie InRelease
 Get:2 http://archive.debian.org jessie Release.gpg [2420 B]
 Get:3 http://archive.debian.org jessie Release [148 kB]
 Ign http://archive.debian.org jessie Release
 Get:4 http://security.debian.org jessie/updates/main Sources [473 kB]
 Get:5 http://archive.debian.org jessie/main Sources [9169 kB]
 Get:6 http://security.debian.org jessie/updates/main amd64 Packages [992 kB]
 Get:7 http://archive.debian.org jessie/main amd64 Packages [9098 kB]
 Fetched 19.9 MB in 4s (4507 kB/s)
 
Reading package lists...
 W: There is no public key available for the following key IDs:
 AA8E81B4331F7F50
 W: GPG error: http://archive.debian.org jessie Release: The following signatures were invalid: KEYEXPIRED 

Your build is using image circleci/php:7.1-jessie-node-browsers
One suggestion is to try a newer PHP image.
Reference: https://github.com/CircleCI-Public/circleci-dockerfiles/tree/master/php/images

Another suggestion: If you need to remain on the older image, the following sed command could work here, although I must admit that I have not personally tested this option:
sed -i 's;http://archive.debian.org/debian/;http://deb.debian.org/debian/;' /etc/apt/sources.list

thanks! Tried the -sed line and it didn’t work. I will update the image.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.