[12:00] <icey> if I want to install software from a private PPA, would I have to manually mirror that to an apt-cacher like apt-cacher-ng if I want to use the cache?\
[12:02] <cjwatson> icey: I'm not sure I understand why that would be necessary, unless apt-cacher-ng is missing some bit of HTTPS support or something.
[12:03] <icey> thanks cjwatson, I was running into annoying issues with machines behind a cacher throwing errors trying to get setup, maybe I just need more configuration on my setup
[12:05] <cjwatson> icey: There's a commented-out bit in the stock apt-cacher-ng.conf that mentions private-ppa.launchpad.net - you may want to look at that.
[12:05] <cjwatson> PassThroughPattern
[12:06] <icey> awesome, thanks cjwatson!
[15:07] <kyrofa> cjwatson, I noticed today that https://rt.admin.canonical.com/Ticket/Display.html?id=89394 was resolved-- awesome!
[15:08] <cjwatson> kyrofa: ah yes, I was trying to remember who'd asked me about that.  Should all work now.
[15:08] <kyrofa> cjwatson, internet access in snap builders should work?
[15:08] <cjwatson> kyrofa: In the pull phase, yes.
[15:09] <kyrofa> cjwatson, fantastic, thank you! I'll give it a shot
[15:12] <icey> I'm seeing HUGE packet loss to launchpad.net
[15:13] <cjwatson> being investigated by sysadmins at the moment
[15:16] <noimnicknoim> Launchpad down ?
[15:17] <noimnicknoim> trying to download the latest version of
[15:17] <noimnicknoim> trying to download the latest version of Unetbootin
[15:17] <rbasak> 16:13 <cjwatson> being investigated by sysadmins at the moment
[15:18] <cjwatson> seems to be network-level, LP itself is OK
[15:18] <cjwatson> noimnicknoim: even now?  it may have been a temporary blip, looks OK at the moment
[15:19] <noimnicknoim> yup.. ok for now. cloud washed over or something .. :P
[15:25] <kyrofa> cjwatson, things worked great in the pull step, but I have a snap building mysql, which wants to download stuff when building. Why limit the access to pull?
[15:33] <cjwatson> kyrofa: Anyone with an email address can use Launchpad's builders, and we want to avoid our systems being used for malicious purposes to attack other bits of the internet.  The build step can involve basically anything, all user-controlled code.  Limiting to pull means that we have a better chance of limiting the amount of user-controlled code that can talk to the network - it has to be in snapcraft pl
[15:33] <cjwatson> ugins and such.
[15:34] <cjwatson> kyrofa: It would be very bad if github decided to blacklist us because somebody had managed to use Canonical's network resources to launch an attack on them, for instance.
[15:34] <kyrofa> cjwatson, ah, sure that indeed make sense
[15:34] <kyrofa> cjwatson, I'll work around it :)
[15:35] <kyrofa> cjwatson, though note that nothing prevents users from building with in-tree plugins that utilize the pull step
[15:35] <cjwatson> kyrofa: We may have to refine things, certainly.
[15:36] <kyrofa> Good first pass, though
[15:36] <cjwatson> kyrofa: But it's much easier if we start this way so that at least it's more obvious that you're doing something sketchy and workaroundy if you do that; far harder to lock things down later once user expectations are established.
[15:36] <kyrofa> Indeed