Next evolution, just a one line bash script.

  • @[email protected]
    link
    fedilink
    310 months ago

    If it’s an open-source project, usually the dockerfiles are available for reading.

    Do you audit every line of code that you run in production? If you are trying some new python/django/sql app, are you reviewing all that?

    I’d assume with a python based project, you’d be able to at least look at requirements and tell there’s something that sets off red flags. And you are either familiar/trust the maintainer, or you are reviewing the actual python itself?

    Beyond that, the dockerfile is essentially just installation instructions for getting it running on a virgin system of X distribution. I wouldn’t call that a black box.

    If the container isn’t part of an open source project, then this is a moot point then. The project itself is a black box.

    • @[email protected]
      link
      fedilink
      English
      5
      edit-2
      10 months ago

      You do you. Speaking for myself, I prefer to understand and be able to trivially inspect and modify the moving parts in the things I deploy so I have a snowball’s chance in hell of debugging and fixing things when something inevitably goes wrong.