Hi guys,

I wanted to add additional repositories at the beginning of the build (e.g for installing docker-ce) and I tried to add it to the  "DISTRO_APT_KEYS" variable.

But doing that way debootstrap doesn't seem to work anymore:

| I: Retrieving InRelease
| I: Retrieving Release
| I: Retrieving Release.gpg
| I: Checking Release signature
| E: Release signed by unknown key (key id EF0F382A1A7B6500)
| WARNING: exit code 1 from a shell command.


I think the default gpg keyring gets overwritten.

Do you have any proposals or clean solutions for this?


For now I implemented a little hack to get things to work.

Maybe we need a functionality in Isar which works like a hook based mechanism, so we can add those

to the initial build step when bootstrapping the rootfs.


isar-bootstrap-host.bbappend & isar-bootstrap-target.bbappend:

do_bootstrap_append() {
    sudo install -v -m755 ${WORKDIR}/custom-setup.sh ${ROOTFSDIR}/
    sudo flock "${ISAR_BOOTSTRAP_LOCK}" -c "\
        set -e
        export DISTRO_SUITE="${@get_distro_suite(d, True)}"
        export DISTRO_ARCH="${DISTRO_ARCH}"
        chroot "${ROOTFSDIR}" /custom-setup.sh
    "
    sudo rm -f ${ROOTFSDIR}/custom-setup.sh
}
custom-setup.sh:
GPG_URL="https://download.docker.com/linux/debian/gpg"
apt-get install --no-install-recommends -y curl apt-transport-https ca-certificates curl gnupg2 software-properties-common
curl -fsSL $GPG_URL | apt-key add -
echo "deb [arch=$DISTRO_ARCH] https://download.docker.com/linux/debian \
$DISTRO_SUITE stable" | \
tee /etc/apt/sources.list.d/docker.list
apt-get update -y
Regards
Benedikt