gpg: keyserver receive failed: Cannot assign requested address

[katomel4]

gpg: keyserver receive failed: Cannot assign requested address
Only on Azure Devops build

[wglambert]

docker-library/official-images#4252 (comment)

TLDR; GPG servers are extremely flaky and we have yet to solve it reliably.

For automated testing, we usually just set our travis builds to repeat multiple times (like php) since it is usually just gpg failures.

For builds on my local machine (which is were most build tests for official image PRs are done) I run an nginx reverse proxy server to man-in-the-middle apt, apk, and gpg requests and cache them.

For the servers that build and push the official images we take an eventually consistent approach and mark builds as "unstable" if one or more tags fail to build and just allow the build to run later. They also have multiple retries for each tag.

Related issues: docker-library/cassandra#131 (comment), docker-library/tomcat#87, docker-library/tomcat#108, #263 (comment), docker-library/httpd#66 (comment), docker-library/php#586, docker-library/wordpress#291

[erinbit]

We faced this issue in our own docker builds and found another solution.

Use the keyserver to add the key once, then use apt-key export to export the key to a file. Add that file to your code repo, copy it into docker, and then use apt-key add to add it. No need to download keys anymore!

This way the builds will work well until the key is changed for some reason, which usually doesn't happen too often I hope.