Absolutely not, since it's the same price as their cheapest hosted option. If all they're doing is orchestration, why the hell are they charging per-minute instead of per-action or some other measure that recognizes the difference in their cost between self-hosted and github-hosted?

For some background, my company has recently undertaken a growth initiative, and in the process our director of infrastructure has started applying all sorts of "best-practices" to corporate security policy indiscriminately to all machines on the domain. This has followed short on the heels of requiring our very small team of developers (five when I started, now even less) to stop using MacBooks for our development and to move to Microsoft Surface Laptops because "infrastructure can't manage multiple types of machines", despite the fact that we develop for cloud systems that run on Linux.

Needless to say, the indiscriminate application of mounds of third-party security services on top of moving us to an already less-powerful machine is impacting productivity in random and unpredictable ways. The director in question is not overly technical, and was last in the trenches around the time Windows NT was coming out, so the arguments my team are making for exceptions to some of these (in our perspective) arbitrary rules are falling on deaf ears.

I've been in the game for over 25 years, and this is the first time I've run across a director so completely brainwashed by cybersecurity marketing that he doesn't realize there's a difference between putting up baby gates for the toddlers and telling the adults they're not allowed to walk down a set of stairs by themselves, so I'm looking for some perspective on current industry practices as the HN crowd has seen it.

Comments URL: https://news.ycombinator.com/item?id=44041353

Points: 6

# Comments: 1

This may be a great article, but I'll never know because it's frustrating to try and read.