Failed to fetch GPG key when building docker nginx image

[shangchen0531]

Describe the bug

Can't build the nginx image successfully due to a failure to fetch the GPG key.

The following is part of the Dockerfile that I use:

FROM debian:bullseye-slim

LABEL maintainer="NGINX Docker Maintainers <[email protected]>"

ENV NGINX_VERSION   1.21.6
ENV NJS_VERSION     0.7.3
ENV PKG_RELEASE     1~bullseye

RUN set -x \
# create nginx user/group first, to be consistent throughout docker variants
    && addgroup --system --gid 101 nginx \
    && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \
    && apt-get update \
    && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates 
RUN NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \
    found=''; \
    for server in \
        hkp://keyserver.ubuntu.com:80 \
        pgp.mit.edu \
    ; do \
        echo "Fetching GPG key $NGINX_GPGKEY from $server"; \
        apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \
    done; \
    test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \

And the log is:

#0 0.252 Executing: /tmp/apt-key-gpghome.cep5ql2UEx/gpg.1.sh --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options timeout=10 --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
#0 0.253 gpg: requesting key 7BD9BF62 from hkp server keyserver.ubuntu.com
#0 0.776 gpg: key 7BD9BF62: public key "nginx signing key <[email protected]>" imported
#0 0.776 gpg: Total number processed: 1
#0 0.776 gpg:               imported: 1  (RSA: 1)
#0 0.798 gpg: key 350947F8: "Debian Archive Automatic Signing Key (12/bookworm) <[email protected]>" not changed
#0 0.798 gpg: key 8783D481: no valid user IDs
#0 0.798 gpg: this may be caused by a missing self-signature
#0 0.798 gpg: Total number processed: 10
#0 0.798 gpg:       skipped new keys: 8
#0 0.798 gpg:           w/o user IDs: 1
#0 0.798 gpg:              unchanged: 1
#0 0.798 Fetching GPG key 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62 from pgp.mit.edu
#0 0.822 Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
#0 0.836 Executing: /tmp/apt-key-gpghome.9jJ4ZHi1uY/gpg.1.sh --keyserver pgp.mit.edu --keyserver-options timeout=10 --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
#0 0.837 gpg: requesting key 7BD9BF62 from hkp server pgp.mit.edu
#0 10.87 gpg: keyserver timed out
#0 10.87 gpg: keyserver receive failed: keyserver error
#0 10.87 error: failed to fetch GPG key 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62

To reproduce

Steps to reproduce the behavior:

1. Clone this repository
2. cd mainline/debian && docker build -t test-nginx .
3. See error

Expected behavior

Build nginx image successfully.

Your environment

• Docker version 23.0.3, build 3e7cbfd
• OS: Ubuntu 22.04 LTS