New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Alpine unable to install local .apk file #689
Comments
From @steelhead31 _It appears all of our Alpine APKs going back several releases are not signed, Im just looking into the code to see if we currently sign it( and it isnt working.. ) or whether we release them unsigned.... this error can be worked around by adding the --allow-untrusted switch (e.g.. apk add ./temurin-17-jdk-17.0.7_p7-r0.apk --allow-untrusted ) I've figured it out, its an alpine oddity, Im fairly certain now our Alpine APKs are being signed, and signatures are verified when installing from the online repo, not when manually installing from an APK.. Im still digging, but this appears to be the case.. local apk's have to be installed with the --allow-untrusted switch Thats how the packaging test for alpine passes in the Jenkins workflow too, I've unpacked the APK and can verify its signed that way, but having done some digging, I cant find an easy way to do the same on the command line.._ @karianna added: Thanks for checking! Sounds like either Alpine has some sort of a missing feature gap (perhaps there's a check from an online APK repo vs local) or we are missing something else that we weren't aware of. I'll update the ticket and see if the OP knows anything more |
I downloaded an package from Alpine repository, and tested it. It can be installed without any problem.
So I unpacked
Here are keys I have.
I guess So I changed filename of the Adoptium key.
Now I can install local APK file without any errors.
But when I do
|
Install Temurin following Instructions on the website for Alpine Linux.
apk add
works fineBut it doesn't work if I download the .apk file to the local directory and install it
It looks like the .apk file can't be verified
The text was updated successfully, but these errors were encountered: