2. Ship a single container that only needs to be QA’d once, works
everywhere, and has no dependencies except for the Linux kernel.
I get to update dependencies when *I* want to, and don’t have
to worry about breaking user’s systems. I can even ship a
shell script wrapper so that the container can be invoked as
a binary.
It’s pretty easy to see why someone would go with option 2.
Of course this is better for you, as a developer, but it is bad for
me as a user.
There is a reason why a "distribution" exists, centralized control
of everything with rpm, yum, logrotate, ...
+1
Such decision force me (as a user) to use that container.
And it is a huge a pain to use it on bare metal or in modified container.
You basically shift the burden from developers to users.
Miroslav