gpg keyserver: https://sks-keyservers.net/ is deprecated #474
Description
A gpg keyserver URL that is currently in use within many Dockerfiles has been deprecated/retired/discontinued.
https://sks-keyservers.net/ currently has a banner:
This service is deprecated. This means it is no longer maintained,
and new HKPS certificates will not be issued. Service reliability should not be expected.
Update 2021-06-21: Due to even more GDPR takedown requests,
the DNS records for the pool will no longer be provided at all.
See upstream for source of sks.srv.dumain.com reference, mentioned below:
This repo currently has several references to this service:
# grep sks-keyservers -r .
./unsupported_images/python/3.3.6/Dockerfile: && (gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$GPG_KEY" \
./unsupported_images/python/2.7.12/Dockerfile: && (gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$GPG_KEY" \
./unsupported_images/python/3.5.2/Dockerfile: && (gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$GPG_KEY" \
./unsupported_images/python/3.6.5/Dockerfile: && (gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$GPG_KEY" \
./unsupported_images/python/3.7.1/Dockerfile: && (gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$GPG_KEY" \
./unsupported_images/python/3.4.5/Dockerfile: && (gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$GPG_KEY" \
./unsupported_images/android-java-8/26.1.1/Dockerfile: gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \
./unsupported_images/android-java-8/26.1.1/Dockerfile: gpg --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \
./unsupported_images/nodejs/10.14.1/Dockerfile: gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \
./unsupported_images/nodejs/10.14.1/Dockerfile: gpg --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \
./unsupported_images/nodejs/10.1.0/Dockerfile: gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \
./unsupported_images/nodejs/10.1.0/Dockerfile: gpg --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \
./unsupported_images/nodejs/4.4.7/Dockerfile: gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
./unsupported_images/nodejs/5.12.0/Dockerfile: gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
./unsupported_images/nodejs/8.11.0/Dockerfile: gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \
./unsupported_images/nodejs/8.11.0/Dockerfile: gpg --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \
./unsupported_images/nodejs/7.0.0/Dockerfile: gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
./unsupported_images/nodejs/4.3.2/Dockerfile: gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
./unsupported_images/nodejs/6.3.1/Dockerfile: gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \
./unsupported_images/nodejs/6.3.1/Dockerfile: gpg --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \
./unsupported_images/php/7.0/Dockerfile: ( gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" \
./unsupported_images/php/5.6/Dockerfile: ( gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" \
./unsupported_images/php/7.1/Dockerfile: gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
./al2/aarch64/standard/1.0/Dockerfile: && (gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$GPG_KEY" \
./al2/aarch64/standard/1.0/Dockerfile: && gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$GPG_KEY" \
./al2/aarch64/standard/1.0/Dockerfile: ( gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" \
Recommended actions:
- In all Dockerfiles, replace all sks-keyserver.net references:
- p80.pool.sks-keyservers.net
- ipv4.pool.sks-keyservers.net
- ha.pool.sks-keyservers.net
with - sks.srv.dumain.com