Dockerfile for multistage image won't work

Dockerfile for multistage image won't work

Problem Description:

I am attempting to run a Dockerfile for a multistage image I cloned from github. The Dockerfile reads:

FROM openjdk:9-jdk-slim AS build
COPY certificates /usr/local/share/ca-certificates/certificates
RUN apt-get update && apt-get install --no-install-recommends -y -qq ca-certificates-java &&  
apt-update ca-certificates --verbose

FROM openjdk:9-jre-slim
COPY --from=build /etc/ssl/certs/java/cacerts /etc/ssl/certs/java/cacerts
RUN groupadd --gid 1000 java && 
  useradd --uid 1000 --gid java --shell /bin/bash --create-home java && 
  chmod -R a+w /home/java
WORKDIR /home/java
USER java

When I attempt to run it with the command:

docker image build . -t layers:5

I get the following response:

executor failed running [/bin/sh -c apt-get update && apt-get install --no-install-recommends -y -qq ca-certificates-java &&   update-ca-certificates --verbose]: exit code: 100

I have tried solving this by removing ‘-y’ and attaching ‘apt-‘ to ‘update-ca-certificates’ and removing the dash between ‘ca’ and ‘certificates’, but none of them have worked. I’m unsure how to tackle this; your help would be most appreciated.

Solution – 1

The base image, openjdk:9-jdk-slim, is an older image based on Debian Buster.

The apt-get update is the cause of the issue because of no public key existing.

  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 648ACFD622F3D138 NO_PUBKEY 0E98404D386FA1D9

Normally, you’d import the key and be on your way. However, use of the image is not recommended because the Debian version is Debian GNU/Linux buster/sid. The Debian release docs say: "The unstable distribution is always called sid." You’d be better off upgrading to a stable version of Debian like an image built more recently for a newer version of Java.

Another option, that could cause more problems is to copy /etc/apt/trusted.gpg.d from a newer Buster release like buster-20221205-slim and then run your commands.

Rate this post
We use cookies in order to give you the best possible experience on our website. By continuing to use this site, you agree to our use of cookies.