a) gunning them down in the streets
b) beating the shit out of them
c) injecting them with hilarious overdoses of drugs and crossing our fingers
then why would we pay for police?
If that's ok, we might as well go back to old west times and just have everyone carry revolvers, possibly calling the town apothecary with his bottle of ether if we think we need it. It'll be way cheaper than maintaining a standing police department.
The whole point is that police are supposed to be trained and equipped to handle disturbances without harming the person being detained. There are options for this, including that so rarely used tactic, defusal.
Like, we pay police overtime. Cordon the person off, give them space but don't let them leave, wait until they get hungry even if it takes 12 hours, and then bribe them with pizza to come quietly. Build rapport with them over the entire incident. How often do we see that strategy deployed before we fall back to injecting ketamine?
I see that Docker doesn't actually offer an AWS-style enterprise account that one can use to hand authorization to developers without requiring those developers to make individual accounts.
It feels pretty sassy of docker to give everyone 2 months to shove credentials everywhere when docker themselves haven't done the minimum to make enterprise accounts realistic. Instead, they're adopting the github model of "oh, just ask everyone to make personal accounts and then include their personal accounts in the org team". That has problems.
Firstly, it puts employers in the unpleasant position of attempting to compel employees to make legal agreements with third parties (docker, in this case). The correct way to do this is AWS-style, where the org itself makes /one/ agreement and then delegates that agreement via access keys. This is the minimum I expect from enterprise account systems, hard fail for docker.
Secondly, it's a clusterfuck to manage. You end up with an org filled with random-arse account names that you can't really audit, and you don't know who has access to what. If employees leave the org, it's hard to ensure that their access is revoked because the access takes place entirely outside the standard account domains.
Github has recently improved this a shade by adding ADFS authorization to org accounts, but that involves asking employees to tie their personal (and all github and docker accounts /are/ personal) account to their work ADFS account, which is a shitty half-solution.
All things considered, docker made this problem for themselves. They've spent /years/ working hard to get everyone to make docker accounts and push everything to docker hub instead of fostering an ecosystem of registries by different orgs for different purposes. All of a sudden it's now "too expensive" and they're dropping the hammer on everyone to sign up and push credentials everywhere with very little warning, whilst not doing their half of the work by making a proper delegated authority account system.
Doesn't fill me with confidence for their future as a stable platform on which to base a business.