unix: trust Debian Jessie sources

indygreg · indygreg · commit 84de2be2e57d · 2022-12-18T14:48:27.000-08:00
The signing keys expired and package installs are refusing to proceed
because a trust chain to a valid signing key can't be established. Work
around this by implicitly trusting the source.
diff --git a/cpython-unix/base.Dockerfile b/cpython-unix/base.Dockerfile
@@ -17,8 +17,9 @@ ENV HOME=/build \
 CMD ["/bin/bash", "--login"]
 WORKDIR '/build'
 
+# Jessie's signing keys expired in late 2022. So need to add [trusted=yes] to force trust.
 RUN for s in debian_jessie debian_jessie-updates debian-security_jessie/updates; do \
-      echo "deb http://snapshot.debian.org/archive/${s%_*}/20221105T150728Z/ ${s#*_} main"; \
+      echo "deb [trusted=yes] http://snapshot.debian.org/archive/${s%_*}/20221105T150728Z/ ${s#*_} main"; \
     done > /etc/apt/sources.list && \
     ( echo 'quiet "true";'; \
       echo 'APT::Get::Assume-Yes "true";'; \
