I’d agree more if most docker stuff didn’t depend on running as root.
I’d agree more if most docker stuff didn’t depend on running as root.
Now install tools that are only available as github released binaries. And ensure that hashes match for that. Maybe install a tool that needs to be compiled.
What if, get this, we put the bash scripts in yaml. And then put it in kubernetes.
And what is the token in the link?
Consider that a ‘username+password’ is much harder to ‘revoke’ individually. As in, you can have 3-4 API keys in use, and can revoke any one of them without having to change a password.
You can also change password independently of the keys, or have it linked so keys are revoked on a password change. It also allows traceability as to where accesses are coming from (auditability). If everything is using the same client-id+secret (or usn/pwd), you don’t know which ‘client’ is doing what.
It’s the sort of thing that makes me really, really sad for the people working there. That crazy breakneck pace cannot be good for mental health.
I do wish I could hit a key chord or something to show a terminal of what is happening under the hood with Windows…
Blame the thousands of supply chain attacks.