It got a lot worse since 'devops' came around, in my experience. As an example: people started getting increasingly pissed off when proprietary software (unpackaged, but usually with a shell installation script) couldn't get installed on a network wide setup of ~200 nodes fast enough to their liking. Since at home they could do that in 15m following the vendor's instructions (which involved running the installer script as root).
It fell to deaf ears that a packaged approach was the right way to go, given said software installed its own jungle all around the filesystem hierarchy, numerous times conflicting with software from other vendors with the same kind of recklessness.
Quite clear that any of these people lacked the understanding that having a longterm stable environment where everyone uses the same version of everything, is uncomparable with doing unsafe installations following the first forum-post you find online.
Devops learned them that cutting corners to empower yourself is OK, they could run their own systems quicker. Needless to say all the debugging (the search-engine based kind) that needed to be done after the facts was suddenly part of their job description, and filled up most of their time...
I recently got called in to support one of my folks because some devops team was absolutely incensed they couldn't just pull in some rando docker container they'd found on the net. From a .cn domain. That failed the static analysis suite. For a production financial application. Fail fast indeed.
I get we need to adapt to support devops. I'm investing big resources to support that. It would be so much easier if so many devs didn't think devops == no oversight.
The dev folks have an 'approved repository' workflow; when this team tried to deploy to QA the rouge container got flagged. Plus it failed the static analysis step in the pipeline. I assume a sufficiently clever dev could find a way around this, but it worked here. Maybe we just got lucky this time, but we did an asset audit when we found this one and didn't find anything that had slipped through.
We're looking at deploying some tools (e.g. Dome9) that we think will close some of the loopholes and provide more automation. However, due to the complexity of these environments, I'm not sure there's a perfect solution.
It fell to deaf ears that a packaged approach was the right way to go, given said software installed its own jungle all around the filesystem hierarchy, numerous times conflicting with software from other vendors with the same kind of recklessness.
Quite clear that any of these people lacked the understanding that having a longterm stable environment where everyone uses the same version of everything, is uncomparable with doing unsafe installations following the first forum-post you find online.
Devops learned them that cutting corners to empower yourself is OK, they could run their own systems quicker. Needless to say all the debugging (the search-engine based kind) that needed to be done after the facts was suddenly part of their job description, and filled up most of their time...