Installing packages securely with APT (apt-key, gpg, etc)May 22, 2019 at 10:07pm
It's not uncommon to find instructions to run something like the following (here to configure neurodebian):
RUN wget -O- http://neuro.debian.net/lists/bionic.us-tn.full | tee /etc/apt/sources.list.d/neurodebian.sources.list \&& apt-key adv --recv-keys --keyserver hkp://pool.sks-keyservers.net:80 0xA5D32F012649A5A9
Unfortunately, in the minimal images in gigantum, this won't work (yet), because it requires the packages
dirmngrto be installed. These three packages will enable the Gnu Privacy Guard (GPG) system for managing cryptographic keys - it's used by apt to make sure the programs you're getting are from the key-holder.
You can easily add those three packages using
aptin the Environment tab, though. Once you do that, you can add the above instruction to your Docker snippets and it should work fine... except sometimes Docker networking creates trouble with GPG. So, this is one case where you may have to rebuild one or more times!