## What I did: - cloned the repo - moved into the folder - run `docker compose up --build` This is the output: ```shell Compose can now delegate builds to bake for better performance. To do so, set COMPOSE_BAKE=true. [+] Building 2.1s (7/11) docker:desktop-linux => [unified internal] load build definition from Dockerfile 0.0s => => transferring dockerfile: 260B 0.0s => [unified internal] load metadata for docker.io/library/python:3.9 1.3s => [unified auth] library/python:pull token for registry-1.docker.io 0.0s => [unified internal] load .dockerignore 0.0s => => transferring context: 2B 0.0s => CACHED [unified 1/6] FROM docker.io/library/python:3.9@sha256:2b5aeae 0.0s => [unified internal] load build context 0.1s => => transferring context: 193.47kB 0.0s => ERROR [unified 2/6] RUN apt-get update && apt-get -y install tree 0.8s ------ > [unified 2/6] RUN apt-get update && apt-get -y install tree: 0.413 Get:1 http://deb.debian.org/debian bookworm InRelease [151 kB] 0.554 Get:2 http://deb.debian.org/debian bookworm-updates InRelease [55.4 kB] 0.576 Err:1 http://deb.debian.org/debian bookworm InRelease 0.576 At least one invalid signature was encountered. 0.614 Get:3 http://deb.debian.org/debian-security bookworm-security InRelease [48.0 kB] 0.630 Err:2 http://deb.debian.org/debian bookworm-updates InRelease 0.630 At least one invalid signature was encountered. 0.687 Err:3 http://deb.debian.org/debian-security bookworm-security InRelease 0.687 At least one invalid signature was encountered. 0.693 Reading package lists... 0.706 W: GPG error: http://deb.debian.org/debian bookworm InRelease: At least one invalid signature was encountered. 0.706 E: The repository 'http://deb.debian.org/debian bookworm InRelease' is not signed. 0.706 W: GPG error: http://deb.debian.org/debian bookworm-updates InRelease: At least one invalid signature was encountered. 0.706 E: The repository 'http://deb.debian.org/debian bookworm-updates InRelease' is not signed. 0.706 W: GPG error: http://deb.debian.org/debian-security bookworm-security InRelease: At least one invalid signature was encountered. 0.706 E: The repository 'http://deb.debian.org/debian-security bookworm-security InRelease' is not signed. ------ failed to solve: process "/bin/sh -c apt-get update && apt-get -y install tree" did not complete successfully: exit code: 100 ``` ## What I use: - macOS (intel) - Docker version 28.0.4 - Docker Compose version v2.34.0-desktop.1 ## Workaround (but don't trust it) Using `Acquire::AllowInsecureRepositories`. It shouldn't be used but in my case this works. ```Dockerfile FROM python:3.9-bullseye # Allow unsigned repos (not secure – only use for local dev) RUN echo 'Acquire::AllowInsecureRepositories "true";' > /etc/apt/apt.conf.d/allow-insecure && \ echo 'Acquire::AllowDowngradeToInsecureRepositories "true";' >> /etc/apt/apt.conf.d/allow-insecure && \ apt-get update --allow-releaseinfo-change && \ apt-get install -y --no-install-recommends \ tree \ ca-certificates \ gnupg \ debian-archive-keyring && \ rm -rf /var/lib/apt/lists/* WORKDIR /app COPY requirements.txt . RUN pip install --no-cache-dir -r requirements.txt COPY . . CMD ["sh", "/app/docker/unified/start.sh"] ```