apt update google cloud EXPKEYSIG Err:3 public key is not available

Question

I'm getting this error when running apt update:

Err:3 http://packages.cloud.google.com/apt cloud-sdk InRelease                                         
  The following signatures were invalid: EXPKEYSIG 6A030B21BA07F4FB Google Cloud Packages Automatic Signing Key <gc-team@google.com> The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B57C5C2836F4BEB

I tried some solutions like this, but it didn't work. Also I tried this and didn't work either:

apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 8B57C5C2836F4BEB
Executing: /tmp/apt-key-gpghome.mO2cvBYeEi/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 8B57C5C2836F4BEB
gpg: key 8B57C5C2836F4BEB: "gLinux Rapture Automatic Signing Key (//depot/google3/production/borg/cloud-rapture/keys/cloud-rapture-pubkeys/cloud-rapture-signing-key-2020-12-03-16_08_05.pub) <glinux-team@google.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

and since I'm shooting in the dark anyway I tried this too:

apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 6A030B21BA07F4FB
Executing: /tmp/apt-key-gpghome.KaSWQmemRD/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 6A030B21BA07F4FB
gpg: key 6A030B21BA07F4FB: "Google Cloud Packages Automatic Signing Key <gc-team@google.com>" 1 new signature
gpg: Total number processed: 1
gpg:         new signatures: 1

Did I do it wrong?

Answer 1

This fixed the problem for me:

curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key --keyring /usr/share/keyrings/cloud.google.gpg add -

This is the officially documented way to add the current key, as found e.g. on https://cloud.google.com/sdk/docs/install#deb.