Thanks Clara. I presume the docker images will now be updated, but will lag the key update by a day or two (as happened with the non snapshot releases).
Thanks for the update @claraberendsen - building fresh containers now and the key is all good. Appreciate all of your efforts. 
1 Like
ros:foxy-ros-base images for arm64 and amd64 seem to be updated now. thank you.
All snapshot based images in the official docker library have now been rebuilt
Remaining issues:
- snapshots based images hosted on osrf’s dockerhub: EOL osrf hosted images need rebuild to pick up new gpg key · Issue #818 · osrf/docker_images · GitHub
- ROS Noetic images: GPG key expired for ROS Noetic images (e.g. noetic-ros-base-focal) · Issue #814 · osrf/docker_images · GitHub
1 Like
All images are now available with the updated gpg key.
Happy containing 
4 Likes
I think the instructions are a tad bit confusing. I am migrating after June 1st.
I did:
sudo rm /usr/share/keyrings/ros-archive-keyring.gpg
sudo curl -sSL https://raw.githubusercontent.com/ros/rosdistro/master/ros.key -o /usr/share/keyrings/ros-archive-keyring.gpg
And then (for ROS 2):
sudo rm /etc/apt/sources.list.d/ros2.list
sudo rm /usr/share/keyrings/ros-archive-keyring.gpg
First, I think the effect of the second set of commands nullifies the first (maybe they should be reversed in order).
And the instructions mention, “Remove the previous configuration by running the following commands and follow the new installation instructions for your ROS distribution.”
As someone who is not aware of the key signing process and how updates are handled, this was ambiguous to me (what specific instructions from the installation process do I need to follow?). I thought I had to run
sudo apt update && sudo apt install ros-apt-source
but I was getting the following error: E: Unable to locate package ros2-apt-source
I went to the installation instructions for ROS2 Humble and ran the following:
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/ros-archive-keyring.gpg] http://packages.ros.org/ros2/ubuntu $(. /etc/os-release && echo $UBUNTU_CODENAME) main" | sudo tee /etc/apt/sources.list.d/ros2.list > /dev/null
That seems to have done the trick. I am still not sure if I need to install ros-apt-source or what that is used for.
Hi @speedracer1702 ,
That is true, those set of instructions represent two ways of doing the migration so their effect is similar. The first bullet point is by using your current installation with an updated key to fetch the package and the second one is by bootstrapping the package as if were a clean ROS installation.
However I understand the confusion and will clarify the wording around those bullet point outlining that only one of them have to be run.
The ros-apt-source package is used so updates to the signing key in the future can be done through and apt update command instead of this set of migration guides every time they come around.
As is right now you have configured the source with the updated key manually and you should be able to get the latest packages but won’t take the advantage of getting updates to the key through apt. I recommend that you use the package to avoid having to manually update that file in the future by doing the Ubuntu/Debian migration steps as if you had done them before June 1st.
Let me know if you encounter any more hurdles along the way.