Repository 'OSS Update' is invalid 42.3

MarvinTheParanDroid · April 21, 2023, 2:29pm

Hi. I pulled a fresh docker image with docker pull opensuse/leap:42.3.
In the image I run zypper -n install gcc gcc-c++ make automake subversion java-1_8_0-openjdk-devel libtool zip unzip doxygen glibc-locale which rpm-build zlib-devel with the following output:

Retrieving repository 'OSS Update' metadata ---------------------------------------------------------------------------------------------[/]
Signature verification failed for file 'repomd.xml' from repository 'OSS Update'.

    Note: Signing data enables the recipient to verify that no modifications occurred after the data
    were signed. Accepting data with no, wrong or unknown signature can lead to a corrupted system
    and in extreme cases even to a system compromise.

    Note: File 'repomd.xml' is the repositories master index file. It ensures the integrity of the
    whole repo.

    Warning: This file was modified after it has been signed. This may have been a malicious change,
    so it might not be trustworthy anymore! You should not continue unless you know it's safe.

Signature verification failed for file 'repomd.xml' from repository 'OSS Update'. Continue? [yes/no] (no): no
Retrieving repository 'OSS Update' metadata .........................................................................................[error]
Repository 'OSS Update' is invalid.
[OSS Update|http://download.opensuse.org/update/leap/42.3/oss/] Valid metadata not found at specified URL
Please check if the URIs defined for this repository are pointing to a valid repository.
Warning: Skipping repository 'OSS Update' because of the above error.
Some of the repositories have not been refreshed because of an error.

I already tried zypper clean -a + zypper ref
and zypper clean -a + zypper --gpg-auto-import-keys ref
all with the same result.

Note that I use -n in the zypper install command because I need this in my Dockerfile for a CI/CD pipeline.
Also note that all packages I want to install are actually correctly installed but I get a non-zero exit code (106) which causes docker build to fail.
I was able to come around this by adding --no-gpg-checks but I don’t really feel good with this solution.

johnvv · April 21, 2023, 3:00pm

Hello there , i would expect errors like this with the old 42.3 , it went end of life back in June 2019

MarvinTheParanDroid · April 21, 2023, 3:31pm

That’s unfortunate since we are using leap to make builds of our software for SLES customers, SLES 12 hast LTSS until 2027.
I wasn’t able to find SLES images in docker hub so I used openSUSE images instead due to their binary compatibility.

hui · April 21, 2023, 3:58pm

SUSE Linux Enterprise has deticated forums and support channels. This is the openSUSE support forum. Maybe you should ask for support for your Enterprise product in the right support channel.

gogalthorp · April 22, 2023, 12:29pm

OpenSUSE and SUSE where not all the close back at version 42.3