From a0ff888a9884264a2ae2d91e7a542f526808e013 Mon Sep 17 00:00:00 2001 From: denis-roy Date: Sat, 26 Dec 2020 18:30:03 -0500 Subject: [PATCH 01/10] Offering an alternative to apt-key (deprecated) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [Use trusted.gpg.d instead of apt-key · Issue #11625 · docker/docker.github.io](https://github.com/docker/docker.github.io/issues/11625) As of Debian 10 / Ubuntu 20.10, apt-key is deprecated and will not be available after Debian 11 / Ubuntu 22.04 Although adding keys directly to `/etc/apt/trusted.gpg.d`/ is suggested by apt-key deprecation message, as per [Debian Wiki](https://wiki.debian.org/DebianRepository/UseThirdParty) GPG keys for third party repositories should be added to `/usr/share/keyrings` and referenced with the `signed-by` option in the source.list.d entry. Providing a binary .gpg key instead of an ASCII Armored one might help shorten the lengthy command by removing the ` | gpg --dearmor ` bit. --- engine/install/debian.md | 20 ++++---------------- 1 file changed, 4 insertions(+), 16 deletions(-) diff --git a/engine/install/debian.md b/engine/install/debian.md index edc1f7f184f4..5b5ecd8217e3 100644 --- a/engine/install/debian.md +++ b/engine/install/debian.md @@ -91,20 +91,8 @@ from the repository. 2. Add Docker's official GPG key: ```bash - $ curl -fsSL {{ download-url-base }}/gpg | sudo apt-key add - - ``` - - Verify that you now have the key with the fingerprint - `9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88`, by searching for the - last 8 characters of the fingerprint. - - ```bash - $ sudo apt-key fingerprint 0EBFCD88 + $ curl -fsSL {{ download-url-base }}/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/docker-ce-archive-keyring.gpg > /dev/null - pub 4096R/0EBFCD88 2017-02-22 - Key fingerprint = 9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88 - uid Docker Release (CE deb) - sub 4096R/F273FCD8 2017-02-22 ``` 3. Use the following command to set up the **stable** repository. To add the @@ -128,7 +116,7 @@ from the repository. ```bash $ sudo add-apt-repository \ - "deb [arch=amd64] {{ download-url-base }} \ + "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ $(lsb_release -cs) \ stable" ``` @@ -138,7 +126,7 @@ from the repository. ```bash $ sudo add-apt-repository \ - "deb [arch=armhf] {{ download-url-base }} \ + "deb [arch=armhf signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ $(lsb_release -cs) \ stable" ``` @@ -148,7 +136,7 @@ from the repository. ```bash $ sudo add-apt-repository \ - "deb [arch=arm64] {{ download-url-base }} \ + "deb [arch=arm64 signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ $(lsb_release -cs) \ stable" ``` From e9906e717d951b112a662db78d28eb051b24a4b5 Mon Sep 17 00:00:00 2001 From: denis-roy Date: Sat, 26 Dec 2020 19:03:48 -0500 Subject: [PATCH 02/10] Offering alternative to the deprecated apt-key --- engine/install/ubuntu.md | 21 ++++----------------- 1 file changed, 4 insertions(+), 17 deletions(-) diff --git a/engine/install/ubuntu.md b/engine/install/ubuntu.md index d6f4b5f0dacf..c9f103493e64 100644 --- a/engine/install/ubuntu.md +++ b/engine/install/ubuntu.md @@ -99,20 +99,7 @@ from the repository. 2. Add Docker's official GPG key: ```bash - $ curl -fsSL {{ download-url-base }}/gpg | sudo apt-key add - - ``` - - Verify that you now have the key with the fingerprint - 9DC8 5822 9FC7 DD38 854A  E2D8 8D81 803C 0EBF CD88, by searching for the - last 8 characters of the fingerprint. - - ```bash - $ sudo apt-key fingerprint 0EBFCD88 - - pub rsa4096 2017-02-22 [SCEA] - 9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88 - uid [ unknown] Docker Release (CE deb) - sub rsa4096 2017-02-22 [S] + $ curl -fsSL {{ download-url-base }}/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/docker-ce-archive-keyring.gpg > /dev/null ``` 3. Use the following command to set up the **stable** repository. To add the @@ -136,7 +123,7 @@ from the repository. ```bash $ sudo add-apt-repository \ - "deb [arch=amd64] {{ download-url-base }} \ + "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ $(lsb_release -cs) \ stable" ``` @@ -146,7 +133,7 @@ from the repository. ```bash $ sudo add-apt-repository \ - "deb [arch=armhf] {{ download-url-base }} \ + "deb [arch=armhf signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ $(lsb_release -cs) \ stable" ``` @@ -156,7 +143,7 @@ from the repository. ```bash $ sudo add-apt-repository \ - "deb [arch=arm64] {{ download-url-base }} \ + "deb [arch=arm64 signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ $(lsb_release -cs) \ stable" ``` From 84805ac5c3d54194b687bd336f0a92f61dcd6322 Mon Sep 17 00:00:00 2001 From: denis-roy Date: Sun, 3 Jan 2021 12:51:47 -0500 Subject: [PATCH 03/10] Correcting my mistake Clearly pasted code from the wrong source. The intended change was to removed usage of `apt-add-repository` by creating an entry in /etc/apt/source.list.d/ --- engine/install/debian.md | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/engine/install/debian.md b/engine/install/debian.md index 5b5ecd8217e3..5f29d148f8b1 100644 --- a/engine/install/debian.md +++ b/engine/install/debian.md @@ -115,30 +115,27 @@ from the repository.
```bash - $ sudo add-apt-repository \ - "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ - $(lsb_release -cs) \ - stable" + $ echo \ + "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ + $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null ```
```bash - $ sudo add-apt-repository \ - "deb [arch=armhf signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ - $(lsb_release -cs) \ - stable" + $ echo \ + "deb [arch=armhf signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ + $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null ```
```bash - $ sudo add-apt-repository \ - "deb [arch=arm64 signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ - $(lsb_release -cs) \ - stable" + $ echo \ + "deb [arch=arm64 signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ + $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null ```
From a6e37aabd176641b280092c19327edb4cb64e75c Mon Sep 17 00:00:00 2001 From: denis-roy Date: Sun, 3 Jan 2021 12:52:09 -0500 Subject: [PATCH 04/10] Correcting my mistake Clearly pasted code from the wrong source. The intended change was to removed usage of `apt-add-repository` by creating an entry in /etc/apt/source.list.d/ --- engine/install/ubuntu.md | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/engine/install/ubuntu.md b/engine/install/ubuntu.md index c9f103493e64..9d328df59bad 100644 --- a/engine/install/ubuntu.md +++ b/engine/install/ubuntu.md @@ -122,30 +122,27 @@ from the repository.
```bash - $ sudo add-apt-repository \ - "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ - $(lsb_release -cs) \ - stable" + $ echo \ + "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ + $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null ```
```bash - $ sudo add-apt-repository \ - "deb [arch=armhf signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ - $(lsb_release -cs) \ - stable" + $ echo \ + "deb [arch=armhf signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ + $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null ```
```bash - $ sudo add-apt-repository \ - "deb [arch=arm64 signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ - $(lsb_release -cs) \ - stable" + $ echo \ + "deb [arch=arm64 signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ + $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null ```
From 221db2e24c50e1c3f2095d65058f884790055be6 Mon Sep 17 00:00:00 2001 From: denis-roy Date: Mon, 4 Jan 2021 00:08:27 -0500 Subject: [PATCH 05/10] Removing dependency software-properties-common provides add-apt-repository which we don't use anymore --- engine/install/debian.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/engine/install/debian.md b/engine/install/debian.md index 5f29d148f8b1..1722d0b9dd98 100644 --- a/engine/install/debian.md +++ b/engine/install/debian.md @@ -84,8 +84,7 @@ from the repository. apt-transport-https \ ca-certificates \ curl \ - gnupg-agent \ - software-properties-common + gnupg-agent ``` 2. Add Docker's official GPG key: From 40f541078f30653a06858f9593a7da4860871030 Mon Sep 17 00:00:00 2001 From: denis-roy Date: Mon, 4 Jan 2021 00:08:59 -0500 Subject: [PATCH 06/10] Removing dependency software-properties-common provides add-apt-repository which we don't use anymore --- engine/install/ubuntu.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/engine/install/ubuntu.md b/engine/install/ubuntu.md index 9d328df59bad..7e205214c82d 100644 --- a/engine/install/ubuntu.md +++ b/engine/install/ubuntu.md @@ -92,8 +92,7 @@ from the repository. apt-transport-https \ ca-certificates \ curl \ - gnupg-agent \ - software-properties-common + gnupg-agent ``` 2. Add Docker's official GPG key: From 11c3fb6b4517e9e4bfb18be93de8d70bbeadc813 Mon Sep 17 00:00:00 2001 From: denis-roy Date: Tue, 16 Feb 2021 22:03:26 -0500 Subject: [PATCH 07/10] Incorporating MichaIng's suggestions Reference: https://github.com/docker/docker.github.io/pull/11990#issuecomment-778798458 --- engine/install/ubuntu.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/engine/install/ubuntu.md b/engine/install/ubuntu.md index 7e205214c82d..ca0b8697821b 100644 --- a/engine/install/ubuntu.md +++ b/engine/install/ubuntu.md @@ -92,13 +92,13 @@ from the repository. apt-transport-https \ ca-certificates \ curl \ - gnupg-agent + gnupg ``` 2. Add Docker's official GPG key: ```bash - $ curl -fsSL {{ download-url-base }}/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/docker-ce-archive-keyring.gpg > /dev/null + $ curl -fsSL {{ download-url-base }}/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg ``` 3. Use the following command to set up the **stable** repository. To add the @@ -122,7 +122,7 @@ from the repository. ```bash $ echo \ - "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ + "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] {{ download-url-base }} \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null ``` @@ -131,7 +131,7 @@ from the repository. ```bash $ echo \ - "deb [arch=armhf signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ + "deb [arch=armhf signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] {{ download-url-base }} \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null ``` @@ -140,7 +140,7 @@ from the repository. ```bash $ echo \ - "deb [arch=arm64 signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ + "deb [arch=arm64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] {{ download-url-base }} \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null ``` From 694aaad93ec467821a608975cdc113720289c916 Mon Sep 17 00:00:00 2001 From: denis-roy Date: Tue, 16 Feb 2021 22:04:08 -0500 Subject: [PATCH 08/10] Incorporating MichaIng's suggestions Reference: https://github.com/docker/docker.github.io/pull/11990#issuecomment-778798458 --- engine/install/debian.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/engine/install/debian.md b/engine/install/debian.md index 1722d0b9dd98..c3231771ea89 100644 --- a/engine/install/debian.md +++ b/engine/install/debian.md @@ -84,13 +84,13 @@ from the repository. apt-transport-https \ ca-certificates \ curl \ - gnupg-agent + gnupg ``` 2. Add Docker's official GPG key: ```bash - $ curl -fsSL {{ download-url-base }}/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/docker-ce-archive-keyring.gpg > /dev/null + $ curl -fsSL {{ download-url-base }}/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg ``` @@ -115,7 +115,7 @@ from the repository. ```bash $ echo \ - "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ + "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] {{ download-url-base }} \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null ``` @@ -124,7 +124,7 @@ from the repository. ```bash $ echo \ - "deb [arch=armhf signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ + "deb [arch=armhf signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] {{ download-url-base }} \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null ``` @@ -133,7 +133,7 @@ from the repository. ```bash $ echo \ - "deb [arch=arm64 signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] {{ download-url-base }} \ + "deb [arch=arm64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] {{ download-url-base }} \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null ``` From a4a1ba7f51bb18c33659425ac47d14d76af08931 Mon Sep 17 00:00:00 2001 From: denis-roy Date: Wed, 17 Feb 2021 09:33:07 -0500 Subject: [PATCH 09/10] Missed some "-ce" during cleanup --- engine/install/ubuntu.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/engine/install/ubuntu.md b/engine/install/ubuntu.md index ca0b8697821b..77a09a08682f 100644 --- a/engine/install/ubuntu.md +++ b/engine/install/ubuntu.md @@ -123,7 +123,7 @@ from the repository. ```bash $ echo \ "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] {{ download-url-base }} \ - $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null + $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null ``` @@ -132,7 +132,7 @@ from the repository. ```bash $ echo \ "deb [arch=armhf signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] {{ download-url-base }} \ - $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null + $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null ``` @@ -141,7 +141,7 @@ from the repository. ```bash $ echo \ "deb [arch=arm64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] {{ download-url-base }} \ - $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null + $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null ``` From 2ddacb448ba84e1677d762d2f849e76ade8e5dd1 Mon Sep 17 00:00:00 2001 From: denis-roy Date: Wed, 17 Feb 2021 09:34:05 -0500 Subject: [PATCH 10/10] Missed some "-ce" during cleanup --- engine/install/debian.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/engine/install/debian.md b/engine/install/debian.md index c3231771ea89..2e0edc1d3146 100644 --- a/engine/install/debian.md +++ b/engine/install/debian.md @@ -116,7 +116,7 @@ from the repository. ```bash $ echo \ "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] {{ download-url-base }} \ - $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null + $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null ``` @@ -125,7 +125,7 @@ from the repository. ```bash $ echo \ "deb [arch=armhf signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] {{ download-url-base }} \ - $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null + $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null ``` @@ -134,7 +134,7 @@ from the repository. ```bash $ echo \ "deb [arch=arm64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] {{ download-url-base }} \ - $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null + $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null ```