Jenkins APT repository 的 GPG key 過期 解決方式

日期:
使用 apt update 指令更新 linux 套件來源索引時出現以下錯誤: 
    
sudo apt update 
Hit:1 https://apt.releases.hashicorp.com noble InRelease
Hit:2 http://tw.archive.ubuntu.com/ubuntu noble InRelease                                                                                   
Hit:3 https://download.docker.com/linux/ubuntu noble InRelease                                                                              
Hit:4 http://tw.archive.ubuntu.com/ubuntu noble-updates InRelease                                                
Hit:5 http://tw.archive.ubuntu.com/ubuntu noble-backports InRelease                        
Ign:6 https://pkg.jenkins.io/debian-stable binary/ InRelease                                         
Get:7 https://pkg.jenkins.io/debian-stable binary/ Release [2044 B]
Get:8 https://pkg.jenkins.io/debian-stable binary/ Release.gpg [833 B]
Hit:9 http://security.ubuntu.com/ubuntu noble-security InRelease
Err:8 https://pkg.jenkins.io/debian-stable binary/ Release.gpg
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7198F4B714ABFC68
Fetched 833 B in 1s (880 B/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
All packages are up to date.
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://pkg.jenkins.io/debian-stable binary/ Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7198F4B714ABFC68
W: Failed to fetch https://pkg.jenkins.io/debian-stable/binary/Release.gpg  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7198F4B714ABFC68
W: Some index files failed to download. They have been ignored, or old ones used instead.

原因是在檢查 Jenkins 套件來源時出現問題,本機沒有對應的 GPG 公鑰,無法驗證 Jenkins repo 是不是 Jenkins 官方簽署的。

具體原因是 Jenkins 官方在 2025-12-23 更新了金鑰(原本的有效期限是三年)(詳細可以看參考連結),所以需要安裝新的金鑰。

Debian/Ubuntu

    
curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2026.key | sudo tee \
  /usr/share/keyrings/jenkins-keyring.asc > /dev/null
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \
  https://pkg.jenkins.io/debian-stable binary/ | sudo tee \
  /etc/apt/sources.list.d/jenkins.list > /dev/null

Red Hat/CentOS

    
sudo rpm --import https://pkg.jenkins.io/rpm-stable/jenkins.io-2026.key

執行後就解決了。

參考資料:
Jenkins - Jenkins 2.543 and 2.541.1: New Linux Repository Signing Keys

留言

張貼留言

如果有任何問題、建議、想說的話或文章題目推薦,都歡迎留言或來信: a@ruyut.com