I'm building ODK Central version 1.5.1 on an AWS EC2 instance using Ansible. It worked fine a couple weeks ago, but I just tried a clean deploy this week and now it's failing when building the service container. Ansible reports that the problem is in the RUN command at line 5 of service.dockerfile:
RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ stretch-pgdg main" | tee /etc/apt/sources.list.d/pgdg.list; \
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -; \
apt-get update; \
apt-get install -y cron gettext postgresql-client-9.6
I removed --quiet from the wget command and got the following errors when I tried to build just that service with docker-compose build service
:
deb http://apt.postgresql.org/pub/repos/apt/ stretch-pgdg main
--2021-10-06 14:26:37-- https://www.postgresql.org/media/keys/ACCC4CF8.asc
Resolving www.postgresql.org (www.postgresql.org)... 72.32.157.230, 87.238.57.232, 217.196.149.50, ...
Connecting to www.postgresql.org (www.postgresql.org)|72.32.157.230|:443... connected.
Warning: apt-key output should not be parsed (stdout is not a terminal)
ERROR: The certificate of 'www.postgresql.org' is not trusted.
ERROR: The certificate of 'www.postgresql.org' has expired.
gpg: no valid OpenPGP data found.
W: GPG error: http://apt.postgresql.org/pub/repos/apt stretch-pgdg InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7FCC7D46ACCC4CF8
W: The repository 'http://apt.postgresql.org/pub/repos/apt stretch-pgdg InRelease' is not signed.
Is anyone else experiencing this?
Is the cert from www.postgresql.org really expired or is there a network issue or something else on my side causing this problem?