1. 问题描述及原因分析

在飞腾2000+的服务器，OS为Kylin Linux Advanced Server release V10环境下，docker版本为18.09.0（docker-engine-18.09.0-101.ky10.aarch64），基于容器镜像golang:1.19编译新的容器镜像，报如下错误：

Get:1 http://deb.debian.org/debian bookworm InRelease [151 kB]
Err:1 http://deb.debian.org/debian bookworm InReleaseThe following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0E98404D386FA1D9 NO_PUBKEY 6ED0E7B82643E131 NO_PUBKEY F8D2585B8783D481
Get:2 http://deb.debian.org/debian bookworm-updates InRelease [55.4 kB]
Err:2 http://deb.debian.org/debian bookworm-updates InReleaseThe following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0E98404D386FA1D9 NO_PUBKEY 6ED0E7B82643E131
Get:3 http://deb.debian.org/debian-security bookworm-security InRelease [48.0 kB]
Err:3 http://deb.debian.org/debian-security bookworm-security InReleaseThe following signatures couldn't be verified because the public key is not available: NO_PUBKEY 54404762BBB6E853 NO_PUBKEY BDE6D2B9216EC7A8
Reading package lists... Done
W: GPG error: http://deb.debian.org/debian bookworm InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0E98404D386FA1D9 NO_PUBKEY 6ED0E7B82643E131 NO_PUBKEY F8D2585B8783D481
E: The repository 'http://deb.debian.org/debian bookworm InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: http://deb.debian.org/debian bookworm-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0E98404D386FA1D9 NO_PUBKEY 6ED0E7B82643E131
E: The repository 'http://deb.debian.org/debian bookworm-updates InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: http://deb.debian.org/debian-security bookworm-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 54404762BBB6E853 NO_PUBKEY BDE6D2B9216EC7A8
E: The repository 'http://deb.debian.org/debian-security bookworm-security InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

按照网上搜索的方法，通过apt-key命令处理，仍然无法解决

#apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0E98404D386FA1D9
#apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 6ED0E7B82643E131
#apt-key adv --keyserver keyserver.ubuntu.com --recv-keys F8D2585B8783D481
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).

换成国内的源/etc/apt/sources.list

deb https://mirrors.aliyun.com/debian/ bookworm main non-free non-free-firmware contrib
deb-src https://mirrors.aliyun.com/debian/ bookworm main non-free non-free-firmware contrib
deb https://mirrors.aliyun.com/debian-security/ bookworm-security main
deb-src https://mirrors.aliyun.com/debian-security/ bookworm-security main
deb https://mirrors.aliyun.com/debian/ bookworm-updates main non-free non-free-firmware contrib
deb-src https://mirrors.aliyun.com/debian/ bookworm-updates main non-free non-free-firmware contrib
deb https://mirrors.aliyun.com/debian/ bookworm-backports main non-free non-free-firmware contrib
deb-src https://mirrors.aliyun.com/debian/ bookworm-backports main non-free non-free-firmware contrib

执行apt update，已然报错如下：

Get:1 https://mirrors.aliyun.com/debian bookworm InRelease [151 kB]
Get:2 https://mirrors.aliyun.com/debian-security bookworm-security InRelease [48.0 kB]
Err:1 https://mirrors.aliyun.com/debian bookworm InReleaseAt least one invalid signature was encountered.
Err:2 https://mirrors.aliyun.com/debian-security bookworm-security InReleaseAt least one invalid signature was encountered.
Get:3 https://mirrors.aliyun.com/debian bookworm-updates InRelease [55.4 kB]
Get:4 https://mirrors.aliyun.com/debian bookworm-backports InRelease [59.0 kB]
Err:3 https://mirrors.aliyun.com/debian bookworm-updates InReleaseAt least one invalid signature was encountered.
Err:4 https://mirrors.aliyun.com/debian bookworm-backports InReleaseAt least one invalid signature was encountered.
Reading package lists... Done
W: GPG error: https://mirrors.aliyun.com/debian bookworm InRelease: At least one invalid signature was encountered.
E: The repository 'https://mirrors.aliyun.com/debian bookworm InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: https://mirrors.aliyun.com/debian-security bookworm-security InRelease: At least one invalid signature was encountered.
E: The repository 'https://mirrors.aliyun.com/debian-security bookworm-security InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: https://mirrors.aliyun.com/debian bookworm-updates InRelease: At least one invalid signature was encountered.
E: The repository 'https://mirrors.aliyun.com/debian bookworm-updates InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: https://mirrors.aliyun.com/debian bookworm-backports InRelease: At least one invalid signature was encountered.
E: The repository 'https://mirrors.aliyun.com/debian bookworm-backports InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

查阅了相关资料，通过gpg更新trusted.gpg.d下问题等等依然解决不了问题。无意中发现issues/1417问题有些类似，估计与docker版本有关，版本过低，升级到20.10.9，重新编译容器镜像成功了。
以下为通过apt update手动验证截图

---

2. 解决方案：

通过网址在https://download.docker.com/linux/static/stable/aarch64/下载20.10.9版本的docker，进行升级，golang:1.19镜像的里面的源采用国内的源进行加速，GPG error问题得以解决。

3.参考文献

https://forums.debian.net/viewtopic.php?t=155019
https://download.docker.com/linux/static/stable/aarch64/
https://gist.github.com/hakerdefo/5e1f51fa93ff37871b9ff738b05ba30f
https://www.osgeo.cn/post/195a2
https://github.com/docker-library/php/issues/1417
https://github.com/docker-library/python/issues/837#issuecomment-1593437629
https://github.com/golang/go/issues/60803
https://forums.debian.net/viewtopic.php?t=155019
https://www.reddit.com/r/debian/comments/178burx/what_are_your_sourceslist_lines_in_debian_12/?rdt=44726