Merge branch 'master' into add/hot-fix-infrastructure

Signed-off-by: Rasmus <[email protected]>

Author: rasmunk

Dockerfile.rocky8

@@ -1734,11 +1734,17 @@ ARG TINI_GPG_KEY=0527A9B7
 #ADD --checksum=${TINI_CHECKSUM} https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
 ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
 ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc /tini.asc
-RUN gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys ${TINI_GPG_KEY} \
-    && if ! gpg --verify /tini.asc /tini ; then \
+# NOTE: some build environments with strict firewalling may not allow e.g. hkp.
+#       For robustness try different methods in turn until key import succeeds.
+RUN for key in ${TINI_GPG_KEY}; do \
+      gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$key" || \
+      gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys "$key" || \
+      gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys "$key" ; \
+    done && \
+    if ! gpg --verify /tini.asc /tini ; then \
       echo "FATAL: failed to verify tini binary"; \
       exit 1 ; \
-   fi
+    fi
 RUN chmod +x /tini
 ENTRYPOINT ["/tini", "--"]
 

Dockerfile.rocky9

@@ -1621,11 +1621,17 @@ ARG TINI_GPG_KEY=0527A9B7
 #ADD --checksum=${TINI_CHECKSUM} https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
 ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
 ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc /tini.asc
-RUN gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys ${TINI_GPG_KEY} \
-    && if ! gpg --verify /tini.asc /tini ; then \
+# NOTE: some build environments with strict firewalling may not allow e.g. hkp.
+#       For robustness try different methods in turn until key import succeeds.
+RUN for key in ${TINI_GPG_KEY}; do \
+      gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$key" || \
+      gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys "$key" || \
+      gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys "$key" ; \
+    done && \
+    if ! gpg --verify /tini.asc /tini ; then \
       echo "FATAL: failed to verify tini binary"; \
       exit 1 ; \
-   fi
+    fi
 RUN chmod +x /tini
 ENTRYPOINT ["/tini", "--"]
 

docker-compose_development.yml

@@ -488,7 +488,7 @@ volumes:
       device: ${DOCKER_MIGRID_ROOT}/state
       o: bind
 
-  # NOTE: we don't bother setting up persistent data outside state here
+  # NOTE: we don't bother setting up other persistent data outside state here
 
   log:
     # Volume used to contain the mig state log folder shared by all containers

docker-compose_development_gdp.yml

@@ -492,7 +492,7 @@ volumes:
       device: ${DOCKER_MIGRID_ROOT}/state
       o: bind
 
-  # NOTE: we don't bother setting up persistent data outside state here
+  # NOTE: we don't bother setting up other persistent data outside state here
 
   log:
     # Volume used to contain the mig state log folder shared by all containers