MongoDB:4.2 docker image failing to apt-get update due to expired signature


I have a DevOps infrastructure for a few of my projects at work, which work as a automated version release/deployment.

During the process of the pipeline (building and deploying the project), the project is built into a docker image. Based on MongoDB:4.2 docker image (Link: MongoDB:4.2 docker image

and during the set-up of the docker image (AKA the dockerfile commands) there is a failure during the apt-get update process. I receive the following error:

#5 23.68 W: GPG error: MongoDB Repositories bionic/mongodb-org/4.2 Release: The following signatures were invalid: EXPKEYSIG 4B7C549A058F8B6B MongoDB 4.2 Release Signing Key

I tried allowing unauthorized connections with --allow-unauthenticated in the apt-get command, but still the same error.

I read somewhere this might be on MongoDB’s side and they let the signature expire, and they need to fix this, but I’m unsure whether or not this is correct. (I’m starting to believe it because I’ve tried so many different potential solutions, but nothing works)

Best regards,

I ran into this today. It does look like the GPG key expired on the 17th. The devs seem to have updated the key on their pgp site but not in the Docker image. I was able to get around the issue by adding the following lines to a Dockerfile based on the 4.2 image:

RUN mv /etc/apt/sources.list.d/mongodb-org.list /tmp/mongodb-org.list && \
    apt-get update && \
    apt-get install -y curl && \
    curl -o /etc/apt/keyrings/mongodb.gpg && \
    mv /tmp/mongodb-org.list /etc/apt/sources.list.d/mongodb-org.list;
RUN apt-get update 

You can use the following command to fix the issue for the Invalid signature. Place it before apt-update command:

sudo apt-key adv --keyserver hkp:// --recv 4B7C549A058F8B6B

It solved the problem for me. Had the same issue.