'startup script yum install fails with "signature could not be verified for google-cloud-sdk"

I reran the startup script using following command: sudo google_metadata_script_runner --script-type startup

All the yum install commands are failing with following error:

startup-script: INFO startup-script-url: Retrieving key from https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
startup-script: INFO startup-script-url: https://packages.cloud.google.com/yum/repos/cloud-sdk-el7-x86_64/repodata/repomd.xml: [Errno -1] repomd.xml signature could not be verified for google-cloud-sdk
startup-script: INFO startup-script-url: Trying other mirror.
startup-script: INFO startup-script-url:  One of the configured repositories failed (Google Cloud SDK),

Any idea how I could fix this while instance provisioning or any workaround?

google-cloud-platformgoogle-compute-engine


Solution 1:[1]

I am trying to reproduce the issue on my end. It would be helpful if you could share the information below:

  1. What is the exact OS you are using here.

  2. What happens when you are trying to run the scripts manually after VM starts.

  3. Can you please share the sample script without the confidential information or credentials.

Though I have not tested this, the error can happen due to yum not having enough cached data to continue. And the solution can be found on the public: https://community.cloudera.com/t5/Support-Questions/yum-doesn-t-have-enough-cached-data-to-continue/m-p/220862

Solution 2:[2]

To be honest I have found this on google, not sure if this helps but maybe you can try it out anyway.

1) Disable Caching in yum config /etc/yum.conf:

http_caching=none

2) Delete tmp yum files:
rm -r /var/tmp/yum*

3) restart machines

4) cleanup yum: 

yum clean metadata  
yum clean all  
yum update

Solution 3:[3]

I just encountered this same error on a Docker build.

Google Cloud's (latest) repo configuration is as follows:

[google-cloud-cli]
name=Google Cloud CLI
baseurl=https://packages.cloud.google.com/yum/repos/cloud-sdk-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=0
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
       https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

Our Dockerfile yum repo configuration had to be corrected from repo_gpgcheck=1 to repo_gpgcheck=0 and then the error went away.

Solution 4:[4]

For me running yum-config-manager --disable google-cloud-sdk solved it. I got this from the error message that I got:

...
4. Disable the repository permanently, so yum won't use it by default. Yum
    will then just ignore the repository until you permanently enable it
    again or use --enablerepo for temporary usage:

        yum-config-manager --disable google-cloud-sdk
    or
        subscription-manager repos --disable=google-cloud-sdk

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Christian
Solution 2 Christian
Solution 3 deviate
Solution 4 asherbret

Related Questions

How to use use Firestore document field's HashMap key value and populate recyclerview?

how to keep GKE cluster nodes in different regions?

Google Cloud TTS API for M1 Mac

Is it possible to render a video from AfterEffects in a Google Collaboratory notebook?

Allow-IAP Firewall Rule created in default VPC in GCP getting reflected in other VPC as well

Attribute Error when importing SpeechClient from google.cloud.speech

GCP Cost billing data

What is the difference between gcloud and gsutil?

Volume not persistent in Google Cloud

Permission Denied when trying to write on a TPU VM foler

Google Cloud Free Tier will start charging for static or ephemeral IP Address?

How to create a empty folder in google storage(bucket) using gsutil command?

How can size of the root disk in Google Compute Engine be increased?

Cannot switch Firestore from Datastore to native mode on GCP

action console simulator is not working and I cannot release my project