-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Closed] GPG key rotation #1
Comments
Hi, we are getting the following error:
Details:
|
Hi @erikwijmans The new GPG keys for the CUDA repository
Please remove the old
And enroll the new signing key (a
|
Thank you for the fast reply! That fixes it. |
Hi @kmittman, I'm facing the same issue using the docker image tensorflow/tensorflow:2.7.0-gpu from Docker Hub. I pulled the image again from the hub but it doesn't seem to work. From what I see, in the docker image creation, it seems like it tries to get the older signing key (https://hub.docker.com/layers/tensorflow/tensorflow/tensorflow/2.7.0-gpu/images/sha256-fc5eb0604722c7bef7b499bb007b3050c4beec5859c2e0d4409d2cca5c14d442?context=explore) I was just wondering if I was on the right track and if you knew what could be done about this/where should I post to make the tensorflow team aware of this problem. Thank you |
I have updated my Ubuntu 20.04 to use the new key, but am hitting this issue which has happened over the years. This host is in the northeast of the US. I have tried running
Edit: Looks like it is resolved 30 minutes later. |
When trying to update the signing key via the
When was the Release (Debian) or repomd.xml (RPM) file last modified ?
Not sure, definitely CUDA and compute/machine- learning
Both.
Seattle, Washington
Not sure.
Using the |
@kkoehncke I think you may have both @kmittman I would suggest using individual issues instead of using a megathread, since GitHub issues are not threaded and it will be very confusing dealing with several unrelated problems. And everyone who posts a question here will be subscribed to future notifications to unrelated problems which is a little annoying. |
Hi @topinfrassi01 |
Hi @kkoehncke please |
Hi @rgov RE: mega thread, the problem is, unless I assign the issue to myself, I cannot figure out how to configure GitHub to send me email notifications, as technically this repo is owned by the NVIDIA user/group. Is there some way to create an issue template? |
@kmittman Yep there are issue templates and you can use the "Watch" button (next to "Fork" in the top right) to get notified of all new issues. |
Lots of nvidia documentation / repositories need to be changed now.... For example this guide on how to use the latest TensorRT has the the instruction to add the 7fa2af80.pub explicitly |
Is there a best practice for applying this change to Nvidia docker images? For instance, I'm using apt-key del 7fa2af80
apt-key adv --fetch-keys http://developer.download.nvidia.com/compute/cuda/repos/ubuntu1604/x86_64/3bf863cc.pub It seems then that running the above commands from the Dockerfile that deploys the image may be a good way of avoiding the NO_PUBKEY GPG error. RUN apt-key del 7fa2af80
RUN apt-key adv --fetch-keys http://developer.download.nvidia.com/compute/cuda/repos/ubuntu1604/x86_64/3bf863cc.pub TL;DR: I'm not sure how often GPG keys are rotated and I was wondering whether the above solution is a good workaround or actually a long-term solution to the problem? And if not, is there a good way to apply this fix to published docker images? |
Seeing this happen on the west coast
|
Closing this again. If experience further errors, please file a new issue, thank you. |
Mega thread for reporting metdata issues with the CUDA repositories
Is the CDN stale? Have you seen something like:
or
Please provide the following information in your comment:
The error message and the last command(s) run.
When was the
Release
(Debian) orrepomd.xml
(RPM) file last modified ?The Linux distro and architecture. If cross-compiling or containerized, please mention that.
Which NVIDIA repositories do you have enabled ?
Do your
.list
/.repo
files contain URLs using HTTP (port 80) or HTTPS (port 443) ?Which geographic region is the machine located in ?
Which CDN edge node are you hitting ?
Any other relevant environmental conditions (i.e. a specific Docker container image) ?
The text was updated successfully, but these errors were encountered: