It's strikingly trivial to self-host docker images in AWS ECR and to run your own CICD platform with safe deployments using EC2, the AWS SDK and the Docker SDK. A super basic process that monitors one GitHub repo is ~150 LOC.
EDIT: I just confirmed that GPT-4 can write this program. Have fun!
Literally just ask it to do it. I've been asking ChatGPT just now to write me a bunch of bash scripts I've procrastinated doing. Holy crap that thing is pretty awesome!
It's great. We migrated our images to it months ago (not because of this, bandwidth issues mainly, we also vendor our base images on it) and it has given us exactly 0 problems.
This is what I don't understand about Docker's policy switch. Aren't all the companies that would potentially pay them just going to switch to one of the main CSPs Container Registry service?
What do you mean? Running containers with docker is free as in beer, as well as docker itself being free as in speech. Do you mean docker desktop? Any reasonably proficient developer can install docker as cli only and doesn't even need the lousy electron app...
I mean AWS/GCP/Azure provide extremely good and cheep Docker compatible image registries; and also happen to have high margin products allowing you to run containers in their cloud.
The is no way Docker can compete if they only offer a image registry.
Are you sure this is what you mean? Escrow is a type of contactual arrangement, one type of which is agreeing with a commercial partner that you get a copy of their source-code if they go broke.
"Vendoring" is 100% a word. It may not be in the OED or MW, but those things are descriptive, not prescriptive. Words become words when they are used as words, and "vendoring" is used as such. See:
"Vendoring" is a term of art that is used to describe incorporating third party dependencies into your (source code) repository. While not a perfect fit it seems close enough - closer than escrowing where typically a third party that has no immediate use for the artifict is the one holding it.
Things become a word when there is a critical mass of people that use the word. In this case vending initially refereed to placing a copy of the source code of the third party library into /vendor/ subdirectory, thus "vendoring" it. It has since been extended to similar use cases and has become part of the software developer jargon.
Maybe this is just me being a physicist, but I would have trouble applying the notion of escrow to anything that does not obey a law of conservation...
“Put that idea in escrow”—I assume I have to write it down first? “Put our incrementing page view count in escrow”—uh...? “Put my time in escrow”—how on earth am I going to get it back?
Similarly “escrowing your software dependencies”, hard to interpret if I didn't know the context. Whereas “vendoring” is similarly opaque but immediately recognizable as jargon and has made it into tools (`go mod vendor` and `deno vendor` for example).
