Skip to content
Latchkey

apt-get update: Refresh Package Indexes in CI

apt-get update refreshes the local package index from every source in sources.list before you install anything.

Debian and Ubuntu images ship without a package index, so install fails until you run update first. In CI this one line prevents most stale-cache and 404 errors.

What it does

apt-get update downloads the Packages and Release files from each repository in /etc/apt/sources.list and /etc/apt/sources.list.d/. It does not install or upgrade anything; it only refreshes the index apt uses to resolve package names and versions.

Common usage

Terminal
apt-get update
# combine with install in one RUN layer (Docker)
apt-get update && apt-get install -y --no-install-recommends curl ca-certificates

Options

FlagWhat it does
-yAssume yes to prompts (rarely needed for update itself)
-o <opt>=<val>Set an apt config option, e.g. -o Acquire::Retries=3
--allow-releaseinfo-changeAccept a repository whose Release metadata changed
-q / -qqQuiet output (log-friendly)

In CI

Always run apt-get update in the same layer as install so a cached Docker layer never pairs a stale index with a new install. Add -o Acquire::Retries=3 to survive flaky mirrors.

Common errors in CI

"404 Not Found" on a Packages or a .deb URL means the index is stale or a repo moved; re-run apt-get update. "The following signatures couldn't be verified because the public key is not available: NO_PUBKEY <id>" means a repo key is missing (import it with gpg into /etc/apt/keyrings). "Release file ... is not valid yet" means the runner clock is wrong; fix the container time.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →