Forgive me that I might come off as being self-entitled or just plain ignorant but I am new to Docker and I just wanna voice out how I feel about it and the problem I have with it.
First off, I would like to say that Docker is a great tool for development and creating isolated containers without having to fiddle with parent configurations. I’ve so far used docker to put up a nodejs app and a mysql database with docker compose.
However, now I have a project I am working on and I would only want to have one or two collaborators to be able to access my private repository. What I find in my opinion quite infuriating is that Docker only offers 1 private repository for a free tier and does not enable private repositories to be made accessible to collaborators via invite.
I find this a bit striking because GitHub, which has pretty much a similar structure when it comes to uploading repositories (I mean we’re talking about uploading repositories here), do not require their users to pay just to have private repositories or pay to allow more than one collaborator on a private repository.
Personally I do not find this an ideal situation especially in situations for small teams of developers (like 1-5 devs) who just need to work together on a one-off project and simply need to share project code around without having to fiddle with their own configuration. Also, I don’t think a team would put down money just to collaborate on a project for like a few months, especially if it’s just a bunch of students working on a school project
Also, wouldn’t everyone not be comfortable to leave their repository public because logically speaking, if repositories are public, doesn’t that make the source code of one’s project exposed to the entire world which technically would or would have already opened the Pandora’s box to malicious users being able to steal or find vulnerabilities in one’s code? If I’m wrong here can someone explain to me how are public repositories even safe to begin with and whether what I just said about malicious intents are even possible.
As I said, I might sound ignorant here or self-entitled but I think I made a very reasonable comparison of features with another major service such as Github. Thus, I hope someone can give me some insight into why Docker sets a price on the things that can quote-on-quote be free and also give me some clarifications on the “security issues” that I pointed out in the previous paragraph.
Though I may not be somewhat satisfied with the features that I have accessible at hand now without paying a single cent, may I request that in the near future, could Docker adjust their price plans or at least make a few of the features such as private repositories and private collaborators free for everyone? Or is that too much to ask?