Terraform 0.12 was awesome. It had no supply-chain sploit risk, ran well, accepted add-ons easily, and was very powerful.
Then they got a registry for people to attack, an umbilical to operation that ubisoft would envy.
I’ve been unable to get anything newer approved so far, because of the risk . Sure, you firewall off the box running CI, but often it needs to get out to the world, and suddenly it’s a WAF on top of everything, and it’s a real mess … which they can eliminate by killing terraform usage altogether. And I don’t wanna see that, as while tf’s dsl is pretty weird it’s the least-worst tool out there.
Terraform 0.12 was awesome. It had no supply-chain sploit risk, ran well, accepted add-ons easily, and was very powerful.
Then they got a registry for people to attack, an umbilical to operation that ubisoft would envy.
I’ve been unable to get anything newer approved so far, because of the risk . Sure, you firewall off the box running CI, but often it needs to get out to the world, and suddenly it’s a WAF on top of everything, and it’s a real mess … which they can eliminate by killing terraform usage altogether. And I don’t wanna see that, as while tf’s dsl is pretty weird it’s the least-worst tool out there.