How do you see this in person and resist going outside to say hi..

I get the convenience part so the staff doesn't have to go around do it by hand, but it just seems infeasible to do it for the other examples mentioned.

E.g. you go in, pick up item listed for $10, finish shopping in 20 mins, item now costs $15 at till.. probably leave it (so now the staff has to re-shelf it) and start shopping at a place that is not trying to scam you.

For the other example, if there are a few packs of something expiring and they reduce the price for all the items on the shelf, everyone will just take the ones which have a reasonable shelf life left leaving the expiring ones.

Both of these just seem stupid.

Use the buddy system. Years ago I had a work-friend, we'd just book meetings with each other a couple of times a week, go to a meeting room and just hang out, I taught him to juggle, or we'd watch an episode from a series etc.

It was fun feeling like we got away with something, but realistically nobody questioned it because we both got our work done and it was a good company where that mattered more than time spent at a desk.

Honestly, even if you don't terminate SSL right until your very own app server, it's still based on the assumption that whoever holds the root cert for your certificate is trustworthy.

The thing that has actually scared me with CF is the way their rules work. I am not even sure what's the verification step to get to this, but if there is a configured page rule in a different CF account for your domain that points at cloudflare (I.e. the orange cloud), you essentially can't control your domain as long as it's pointing at CF (I think this sentence is a bit confusing so an alternative explanation: your domain is pointing DNS at your own CF account, in your CF account you have enabled proxying for your domain, some other CF account has a page rule for your domain, that rule is now in control). The rule in some other account will control it.

It has happened to us at work and I had to escalate with their support to get them to remove the rule from the other cloudflare account so we can get back control of our domain while using CF. Their standard response is for you to find and ask the other CF account to remove the rule for your domain.

This is a pretty common issue with gitbook, even the gitbook CEO was surprised CF does this.

I wonder if this will also have a reverse tail end effect.

Company uses AI (with devs) to produce a large amount of code -> code is in prod for a few years with incremental changes -> dev roles rotate or get further reduced over time -> company now needs to modernize and change very large legacy codebase that nobody really understands well enough to even feed it Into the AI -> now hiring more devs than before to figure out how to manage a legacy codebase 5-10x the size of what the team could realistically handle.

Writing greenfield code is relatively easy, maintaining it over years and keeping it up to date and well understood while twisting it for all new requirements - now that's hard.

I think I misunderstood your problem, I assumed the issue was the volume mounts and after testing it I was indeed wrong - the docker cli now accepts relative paths so your original command does the same as what I suggested. After re-reading your issue I have a different idea of what's wrong, but would have to see your dockerfile (or for you to confirm) to be sure.

Do you add 10f.py to the docker image when you build it and do you specify the command/entrypoint in the Dockerfile? There are possibly to issues I can think of with how you do that (although considering the docker compose works it's probably the 2nd):

1. You do add it and you add it to /data in the image - when you mount a volume over it would make the script no longer exist in the container.
2. You do add it and it's not in /data - in this case the issue with running docker run -v ./:/data -w /workdir tenfigers_10f:v1 10f.py is the last bit - you override the command which makes it try to look for it at /data/10f.py, if you omit it the last part (10f.py) it should run whatever the original command was and assuming you set the cmd/entrypoint correctly in the Dockerfile it should see /data as ./ in python.

(Also when you run it with the CLI you might want to add -it --rm as well to the docker command otherwise it won't really behave similarly to a regular command)

It works in docker compose because compose handles relative paths for the volumes, the docker CLI doesn't.

You can achieve this by doing something like

docker run -v $(pwd):/data ...

pwd is a command that returns the current path as an absolute path, you can just run it by itself to see this. $() syntax is to execute the inner command separately before the shell runs the rest of it. (Same as backticks, just better practice)

I imagine that wouldn't work on windows, but it would on either osx, Linux or wsl.

Generally speaking, if you need the file system access and your CLI requires some setup, I'd recommend either writing it in a statically compiled language (e.g. golang, rust) or researching how to compile a python script into an executable.

If you're just mounting your script in the container - you're better off adding it directly at build time.