MAAS snap build pulls python modules from outside Ubuntu Archive / MAAS PPAs

Describe the bug:
---

During the MAAS snap build, python modules are installed from sources which are not the Ubuntu Archive or MAAS PPAs (e.g., pip), sometimes overriding previously installed packages from these sources.

This can lead to specific problems (e.g., in bug 2030814, a newer setuptools broke version number parsing in the snap build only, making even just `--help` fail; the deb build was fine).

But more importantly, this can lead to general problems to supportability and security:

- For example, if an issue/bug is found in such external dependencies, how to address/fix those (it might not be feasible to pull one by one into the MAAS PPAs).
- Another example are security vulnerabilities, as such external sources are not monitored/maintained by our Security Engineering team.

Steps to reproduce:
---

Looking at some snap build logs in lp:~maas-committers (maas-master, maas-3.{5,4,3,2}), we see deb packages pulled at earlier versions, then pip installs at newer versions:

maas-master @ https://launchpadlibrarian.net/762786657/buildlog_snap_ubuntu_noble_ppc64el_maas-master_BUILDING.txt.gz

 """
 Installing build-packages
 ...
 [10/Dec/2024:11:22:51 +0000] "GET http://ftpmaster.internal/ubuntu/pool/main/s/setuptools/python3-setuptools_68.1.2-2ubuntu1.1_all.deb HTTP/1.1" 200 396390 "-" "Debian APT-HTTP/1.3 (2.7.14) non-interactive"
 ...

 Fetching stage-packages
 ...
 [10/Dec/2024:11:24:59 +0000] "GET http://ftpmaster.internal/ubuntu/pool/main/s/setuptools/python3-setuptools_68.1.2-2ubuntu1.1_all.deb HTTP/1.1" 200 396390 "-" "Debian APT-HTTP/1.3 (2.4.13) non-interactive"
 ...
 Extracting stage package: python3-setuptools
 ...

 :: + /build/maas/parts/maas/install/bin/pip install -U pip setuptools wheel
 ...
 :: Downloading setuptools-75.6.0-py3-none-any.whl (1.2 MB)
 """

maas-3.2 @ https://launchpadlibrarian.net/740966637/buildlog_snap_ubuntu_focal_ppc64el_maas-3.2_BUILDING.txt.gz

 Get:33 http://ftpmaster.internal/ubuntu focal-security/main ppc64el python3-setuptools all 45.2.0-1ubuntu0.1 [330 kB]
 ...
 [25/Jul/2024:21:19:55 +0000] "GET http://ftpmaster.internal/ubuntu/pool/main/r/requests/python3-requests_2.22.0-2ubuntu1.1_all.deb HTTP/1.1" 200 47160 "-" "Debian APT-HTTP/1.3 (2.4.12) non-interactive"
 ...
 [25/Jul/2024:21:19:59 +0000] "GET http://ftpmaster.internal/ubuntu/pool/main/p/python-urllib3/python3-urllib3_1.25.8-2ubuntu0.3_all.deb HTTP/1.1" 200 88744 "-" "Debian APT-HTTP/1.3 (2.4.12) non-interactive"

 + pip install -U pip setuptools wheel
 ...
   Downloading setuptools-71.1.0-py3-none-any.whl (2.3 MB)

 + pip install -U -r snap/local/requirements.txt
 ...
 Downloading requests-2.32.3-py3-none-any.whl (64 kB)
 ...
 Downloading urllib3-2.2.2-py3-none-any.whl (121 kB)
 ...

Expected behavior (what should have happened?):
---

All python modules used as build dependencies (or any build dependency) should be installed from sources that can be maintained/supported, e.g., Ubuntu Archive and MAAS PPAs -- not upstream sources that cannot allow for such guarantees.

Actual behavior (what actually happened?):
---

Some python modules are installed with 'pip', pulling in versions outside the Ubuntu Archive / MAAS PPAs, which can lead to specific problems as bug 2030814 (and other potential supportability/security problems).

MAAS version and installation type (deb, snap):
---

At least since maas 2.9.3 (bug 2030814), but also present in later maas builds (e.g., maas 3.2 to master, as in the build logs above).

MAAS setup (HA, single node, multiple regions/racks):
---

Not applicable (build-time).

Host OS distro and version:
---

Not applicable (build-time).

Additional context:
---

Internal document [1] (Jerzy has access), section 'DEB vs. SNAP build dependencies differences (and supportability)'

[1] https://docs.google.com/document/d/1pQkNSyT8Kt1wlhHqgPUTv3k1310jZ6qZEHLX99ce48Q