Hey Jarek, Thanks for the meeting. I now understand what you want to achieve and I support your solution.
I would just like to ask you to add information in the README.md file explaining the purpose of each repository. Best regards, Kamil On Fri, Jul 24, 2020 at 1:34 AM Kamil Breguła <[email protected]> wrote: > Hey Jarek, > > Do you have time for a 15 minute meeting tomorrow? I see that this is an > important topic but I am not sure if I understand the solution correctly. > The meeting allowed me to respond to your message.I would like to find a > solution that is easy to maintain and that meets the expectations of the > community. > > On Fri, Jul 24, 2020, 01:24 Jarek Potiuk <[email protected]> wrote: > >> Hey Greg, Daniel, >> >> I just rebased the change with the sources - >> https://github.com/apache/airflow/pull/9650 for helm files and >> https://github.com/apache/airflow/pull/9652 for the dev docker images. >> I'd >> love your review on that. >> >> After discussion with our customer (one of the biggest SaaS companies in >> the world) - they would love to use the helm chart but their security team >> is unlikely to accept any unofficial binary. So I strongly believe >> bringing >> the sources in and capability of rebuilding the images from "community" >> sources is important. I rebased those above PRs and I think it would be >> great to merge them! >> >> J. >> >> On Mon, Jul 13, 2020 at 8:27 PM Jarek Potiuk <[email protected]> >> wrote: >> >> > While preparing the presentation for tomorrow's summit session on >> > Docker Image, I realized that there is yet another reason why this is >> > super important to have those images rebuildable from sources + >> > official images. We work with a few rather "corporate" customers - >> > and their security teams are rather picky when it comes to accepting >> > software. That includes not allowing PyPI packages and images outside >> > of whitelisted and vetted ones. >> > >> > For such customers, having an unproven-origin image is a total no-go, >> > so using the Helm chart with binary dependency on which origin is not >> > verified and proven is a no-go. By providing an easy way to rebuild >> > the image from sources + official (hopefully vetted) images, we make >> > it possible to use the helm chart as everything can be rebuilt and >> > vetted in-house. >> > >> > I think that alone is enough reason to get those sources in and >> > officially support it. >> > >> > J. >> > >> >> >> -- >> >> Jarek Potiuk >> Polidea <https://www.polidea.com/> | Principal Software Engineer >> >> M: +48 660 796 129 <+48660796129> >> [image: Polidea] <https://www.polidea.com/> >> >
