Hey Jarek, Do you have time for a 15 minute meeting tomorrow? I see that this is an important topic but I am not sure if I understand the solution correctly. The meeting allowed me to respond to your message.I would like to find a solution that is easy to maintain and that meets the expectations of the community.
On Fri, Jul 24, 2020, 01:24 Jarek Potiuk <[email protected]> wrote: > Hey Greg, Daniel, > > I just rebased the change with the sources - > https://github.com/apache/airflow/pull/9650 for helm files and > https://github.com/apache/airflow/pull/9652 for the dev docker images. I'd > love your review on that. > > After discussion with our customer (one of the biggest SaaS companies in > the world) - they would love to use the helm chart but their security team > is unlikely to accept any unofficial binary. So I strongly believe bringing > the sources in and capability of rebuilding the images from "community" > sources is important. I rebased those above PRs and I think it would be > great to merge them! > > J. > > On Mon, Jul 13, 2020 at 8:27 PM Jarek Potiuk <[email protected]> > wrote: > > > While preparing the presentation for tomorrow's summit session on > > Docker Image, I realized that there is yet another reason why this is > > super important to have those images rebuildable from sources + > > official images. We work with a few rather "corporate" customers - > > and their security teams are rather picky when it comes to accepting > > software. That includes not allowing PyPI packages and images outside > > of whitelisted and vetted ones. > > > > For such customers, having an unproven-origin image is a total no-go, > > so using the Helm chart with binary dependency on which origin is not > > verified and proven is a no-go. By providing an easy way to rebuild > > the image from sources + official (hopefully vetted) images, we make > > it possible to use the helm chart as everything can be rebuilt and > > vetted in-house. > > > > I think that alone is enough reason to get those sources in and > > officially support it. > > > > J. > > > > > -- > > Jarek Potiuk > Polidea <https://www.polidea.com/> | Principal Software Engineer > > M: +48 660 796 129 <+48660796129> > [image: Polidea] <https://www.polidea.com/> >
