T6334: build: adds option to use unsigned repos

[fvlaicu]

Change Summary

Allow unsigned vyos mirror

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Code style update (formatting, renaming)
• Refactoring (no functional changes)
• Migration from an old Vyatta component to vyos-1x, please link to related PR inside obsoleted component
• Other (please describe):

Related Task(s)

https://vyos.dev/T6334

Component(s) name

build

Proposed changes

adds new option to allow for unsigned vyos mirrors to be used.
I implemented it this way because of this:
https://manpages.debian.org/buster/apt/sources.list.5.en.html
•Trusted (trusted) is a tri-state value which defaults to APT deciding if a source is considered trusted or if warnings should be raised before e.g. packages are installed from this source. This option can be used to override that decision. The value yes tells APT always to consider this source as trusted, even if it doesn't pass authentication checks. It disables parts of apt-secure(8), and should therefore only be used in a local and trusted context (if at all) as otherwise security is breached. The value no does the opposite, causing the source to be handled as untrusted even if the authentication checks passed successfully. The default value can't be set explicitly.

How to test

vyos_bld@514053f60efd:/vyos$ sudo ./build-vyos-image iso --architecture amd64 --build-by "florin"
I: Checking if packages required for VyOS image build are installed
I: using build flavors directory data/build-flavors
W: Could not build a version string specific to git branch, falling back to default: 'T6334-allow-unsigned-mirrors'
I: Cleaning the build workspace
[2024-05-14 07:05:15] lb clean
...
vyos_bld@514053f60efd:/vyos$ cat build/config/archives/vyos.list.chroot
deb https://rolling-packages.vyos.net/current current main

vyos_bld@514053f60efd:/vyos$ sudo ./build-vyos-image iso --architecture amd64 --build-by "florin"  --unsigned-vyos-mirror
I: Checking if packages required for VyOS image build are installed
I: using build flavors directory data/build-flavors
W: Could not build a version string specific to git branch, falling back to default: 'T6334-allow-unsigned-mirrors'
I: Cleaning the build workspace
....
vyos_bld@514053f60efd:/vyos$ cat build/config/archives/vyos.list.chroot
deb [trusted=yes] https://rolling-packages.vyos.net/current current main

Checklist:

• I have read the CONTRIBUTING document
• I have linked this PR to one or more Phabricator Task(s)
• My commit headlines contain a valid Task id
• My change requires a change to the documentation
• I have updated the documentation accordingly

[fvlaicu]

closing, since the following works:

vyos_bld@5647d929bac0:/vyos/vyos-build$ sudo ./build-vyos-image iso \
    --architecture amd64 \
    --vyos-mirror "[trusted=yes] https://some.repo/current"
I: Checking if packages required for VyOS image build are installed
build/config
I: Cleaning the build workspace
...^C
vyos_bld@5647d929bac0:/vyos/vyos-build$ cat build/config/archives/vyos.list.chroot
deb [trusted=yes] https://some.repo/current current main