Don’t Hardcode URIs For Ubuntu Sources

URIs in APT conf files for ubuntu.sources.j2 shouldn’t be hardcoded - they lock in outdated URLs and stall critical security updates. Recent Kubernetes image-builder feedback reveals this bottleneck: contributors struggle to update kernel or repo sources because template files embed fixed URIs, forcing manual edits every release cycle. This slows deployment pipelines and risks outdated dependencies creeping into Kubernetes images.

These URIs should leverage existing Ansible variables like ubuntu_repo and ubuntu_security_repo - they’re dynamic, maintainable, and reflect real-time repo metadata.

Many suggest customizing build scripts or injecting values at runtime, but that adds complexity and breaks reproducibility. Others propose hardcoding for speed, yet this creates technical debt and reduces team agility.

The real issue? Our templates treat infrastructure as static, ignoring how modern image builds depend on up-to-date, external references. Fixing this means shifting from hardcoded strings to dynamic variable injection - where configuration stays in source, not source files.

Is your feature request about broken updates? Try checking current open issues before filing a new one. Communicate early with contributors - reach out via the image-builder GitHub page or community channels to align on what’s truly feasible. The smallest changes prevent big headaches down the line.