The proposal to merge ~jchittum/launchpad-buildd:oci-docker-ppa-pin into launchpad-buildd:master has been updated.
Description changed to: 1. I have a concern about possible leaking of the PPA, but lack context. This is being installed into the lxd backend container used for the build. what i'm unfamiliar with is the isolation between lxd container running the build and the build context (chroot?). If there is a chance of sources.list being made available to the OCI being built, adding the following lines after installing docker.io * apt-mark pin docker.io * rm /etc/apt/source.list.d/canonical-server-ubuntu-lp2098106-docker-rollback-focal.list 2. I am operating under the assumption that the build backend (lxd) is ephemeral and fully removed between builds on a node. I'm reasonably sure this is true. Any reuse of this install will cause long term problems due to the epoch versioning. example policy statement in an amd64 vm root@focal-ppa-24-docker:~# apt-cache policy docker.io docker.io: Installed: (none) Candidate: 1:24.0.7-0ubuntu2~20.04.1 Version table: 1:24.0.7-0ubuntu2~20.04.1 500 500 http://ppa.launchpad.net/canonical-server/lp2098106-docker-rollback/ubuntu focal/main amd64 Packages 26.1.3-0ubuntu1~20.04.1 500 500 http://archive.ubuntu.com/ubuntu focal-updates/universe amd64 Packages 20.10.21-0ubuntu1~20.04.2 500 500 http://security.ubuntu.com/ubuntu focal-security/universe amd64 Packages 19.03.8-0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu focal/universe amd64 Packages For more details, see: https://code.launchpad.net/~jchittum/launchpad-buildd/+git/launchpad-buildd/+merge/482782 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~jchittum/launchpad-buildd:oci-docker-ppa-pin into launchpad-buildd:master. _______________________________________________ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
