DIY Dockerfile.repo not honoring cargo locks results in non-deterministic builds

[theJC]

DIY Dockerfile.repo is not honoring cargo locks results in non-deterministic builds

I used it and ended up with a binary that had newer version of the h2 library than the official build, this change will fix the problem.

---

Checklist

Complete the checklist (and note appropriate exceptions) before the PR is marked ready-for-review.

• PR description explains the motivation for the change and relevant context for reviewing
• PR description links appropriate GitHub/Jira tickets (creating when necessary)
• Changeset is included for user-facing changes
• Changes are compatible¹
• Documentation² completed
• Performance impact assessed and acceptable
• Metrics and logs are added³ and documented
• Tests added and passing⁴
  • Unit tests
  • Integration tests
  • Manual tests, as necessary

Exceptions

Note any exceptions here

Notes

Footnotes

1. It may be appropriate to bring upcoming changes to the attention of other (impacted) groups. Please endeavour to do this before seeking PR approval. The mechanism for doing this will vary considerably, so use your judgement as to how and when to do this. ↩

2. Configuration is an important part of many changes. Where applicable please try to document configuration examples. ↩

3. A lot of (if not most) features benefit from built-in observability and debug-level logs. Please read this guidance on metrics best-practices. ↩

4. Tick whichever testing boxes are applicable. If you are adding Manual Tests, please document the manual testing (extensively) in the Exceptions. ↩

[apollo-librarian]

✅ AI Style Review — No Changes Detected

No MDX files were changed in this pull request.

Review Log: View detailed log

This review is AI-generated. Please use common sense when accepting these suggestions, as they may not always be accurate or appropriate for your specific context.

[theJC]

This is what the ci build uses, lets use this which honors the lockfile and so the DIY more closely aligns to the ci build.

[theJC]

because this didnt have --locked it was not honoring the cargo lock, and builds of an identical hash could end up with a different version of libraries.

[theJC]

since we are building and not installing now

[abernix]

@mergify copy dev

[mergify]

copy dev

✅ Pull request copies have been created

Details

• #8988 DIY Dockerfile.repo not honoring cargo locks results in non-deterministic builds (copy #8983) has been created for branch dev

[abernix]

Nice fine. We really need to fix the contributor PR path. I'll get this over the line, again, for now, but making the copy at #8988 so I can fast-track it.

[abernix]

#8988 has landed. thanks!