I'm building ODK Central version 1.5.1 on an AWS EC2 instance using Ansible. It worked fine a couple weeks ago, but I just tried a clean deploy this week and now it's failing when building the service container. Ansible reports that the problem is in the RUN command at line 5 of service.dockerfile:
RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ stretch-pgdg main" | tee /etc/apt/sources.list.d/pgdg.list; \ wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -; \ apt-get update; \ apt-get install -y cron gettext postgresql-client-9.6
I removed --quiet from the wget command and got the following errors when I tried to build just that service with
docker-compose build service:
deb http://apt.postgresql.org/pub/repos/apt/ stretch-pgdg main --2021-10-06 14:26:37-- https://www.postgresql.org/media/keys/ACCC4CF8.asc Resolving www.postgresql.org (www.postgresql.org)... 18.104.22.168, 22.214.171.124, 126.96.36.199, ... Connecting to www.postgresql.org (www.postgresql.org)|188.8.131.52|:443... connected. Warning: apt-key output should not be parsed (stdout is not a terminal) ERROR: The certificate of 'www.postgresql.org' is not trusted. ERROR: The certificate of 'www.postgresql.org' has expired. gpg: no valid OpenPGP data found.
W: GPG error: http://apt.postgresql.org/pub/repos/apt stretch-pgdg InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7FCC7D46ACCC4CF8 W: The repository 'http://apt.postgresql.org/pub/repos/apt stretch-pgdg InRelease' is not signed.
Is anyone else experiencing this?
Is the cert from www.postgresql.org really expired or is there a network issue or something else on my side causing this problem?