Hey Greg, Daniel, I just rebased the change with the sources - https://github.com/apache/airflow/pull/9650 for helm files and https://github.com/apache/airflow/pull/9652 for the dev docker images. I'd love your review on that.
After discussion with our customer (one of the biggest SaaS companies in the world) - they would love to use the helm chart but their security team is unlikely to accept any unofficial binary. So I strongly believe bringing the sources in and capability of rebuilding the images from "community" sources is important. I rebased those above PRs and I think it would be great to merge them! J. On Mon, Jul 13, 2020 at 8:27 PM Jarek Potiuk <[email protected]> wrote: > While preparing the presentation for tomorrow's summit session on > Docker Image, I realized that there is yet another reason why this is > super important to have those images rebuildable from sources + > official images. We work with a few rather "corporate" customers - > and their security teams are rather picky when it comes to accepting > software. That includes not allowing PyPI packages and images outside > of whitelisted and vetted ones. > > For such customers, having an unproven-origin image is a total no-go, > so using the Helm chart with binary dependency on which origin is not > verified and proven is a no-go. By providing an easy way to rebuild > the image from sources + official (hopefully vetted) images, we make > it possible to use the helm chart as everything can be rebuilt and > vetted in-house. > > I think that alone is enough reason to get those sources in and > officially support it. > > J. > -- Jarek Potiuk Polidea <https://www.polidea.com/> | Principal Software Engineer M: +48 660 796 129 <+48660796129> [image: Polidea] <https://www.polidea.com/>
