Page MenuHomeVyOS Platform

Debian security repository URLs are not overwritten correctly in the image build script
Open, HighPublic

Description

We have --debian-mirror option that is supposed to allow the user to build from any Debian mirror. However, that option doesn't override security mirrors, so that option is incomplete if one wants to avoid expensive connections or do a build in an air-gapped environment.

sudo --preserve-env ./build-vyos-image --build-by [email protected] --build-type release --debian-mirror https://deb-mirror.local --vyos-mirror https://deb-mirror.local generic
[2024-11-27 12:50:57] lb clean 
P: Cleaning chroot
[2024-11-27 12:50:58] lb config noauto --apt-indices false --apt-options --yes -oAPT::Get::allow-downgrades=true --apt-recommends false --architecture amd64 --archive-areas main contrib non-free non-free-firmware --backports true --binary-image iso-hybrid --bootappend-live boot=live components hostname=vyos username=live nopersistence noautologin nonetworking union=overlay console=ttyS0,115200 console=tty0 net.ifnames=0 biosdevname=0 --bootappend-live-failsafe live components memtest noapic noapm nodma nomce nolapic nomodeset nosmp nosplash vga=normal console=ttyS0,115200 console=tty0 net.ifnames=0 biosdevname=0 --bootloaders syslinux,grub-efi --checksums sha256 md5 --chroot-squashfs-compression-type xz -Xbcj x86 -b 256k -always-use-fragments -no-recovery --debian-installer none --debootstrap-options --variant=minbase --exclude=isc-dhcp-client,isc-dhcp-common,ifupdown --include=apt-utils,ca-certificates,gnupg2,linux-kbuild-6.1 --distribution bookworm --firmware-binary false --firmware-chroot false --iso-application VyOS --iso-publisher [email protected] --iso-volume VyOS --linux-flavours vyos --linux-packages linux-image-6.6.62 --mirror-binary https://deb-mirror.local --mirror-binary-security http://deb.debian.org/debian-security --mirror-bootstrap https://deb-mirror.local --mirror-chroot https://deb-mirror.local --mirror-chroot-security http://deb.debian.org/debian-security --security true --updates true --utc-time true

Details

Version
-
Is it a breaking change?
Perfectly compatible
Issue type
Bug (incorrect behavior)
Story points
0