Thanks for the pointer. I guess I was more thinking about the culture involved in explicitly denouncing a from-source build. Sorry if that wasn't clear.
I suppose the Ansible and Docker versions are both built from the source, in a reproducible manner. What would you gain by going through the build steps manually by yourself?
From my point of view, having to build things is a hassle: one needs the dependencies, it will work differently on different OSes/distros, the maintainer needs to keep the build instructions up-to-date and verify manually that they won't break (for all OSes/distros). Ansible or Docker just gives you a reproducible thing, easier to verify in one step whether the build instructions in it still work.
> What would you gain by going through the build steps manually by yourself?
To know your enemy, you must become your enemy - Sun Tzu, "The Art of War".
Developers as well as operators should read Sun Tzu and take what they read to heed. To know what you're running it makes sense to know what you're installing. While this still leaves open the chance of the actual code being riddled with nasty bits it at least removes the chance of the Ansible playbook or dockerfile adding something "extra".
tasuki|4 years ago
From my point of view, having to build things is a hassle: one needs the dependencies, it will work differently on different OSes/distros, the maintainer needs to keep the build instructions up-to-date and verify manually that they won't break (for all OSes/distros). Ansible or Docker just gives you a reproducible thing, easier to verify in one step whether the build instructions in it still work.
the_third_wave|4 years ago
To know your enemy, you must become your enemy - Sun Tzu, "The Art of War".
Developers as well as operators should read Sun Tzu and take what they read to heed. To know what you're running it makes sense to know what you're installing. While this still leaves open the chance of the actual code being riddled with nasty bits it at least removes the chance of the Ansible playbook or dockerfile adding something "extra".