Hey Graham, thanks for the reply (and my word, it’s lovely to hear from you!)

I can’t speak for other admins, but my current team doesn’t use FaaS for anything except for where a SaaS provider has told us to implement it. That said, we’re pretty conservative on things which aren’t self-hosted, after we’ve had near-misses with 3rd party branches putting out user’s data at risk (but never, afaik, in the hands of attackers!)

I’d say that our model still looks like:
1. Script stored on GitHub, pull and run from your machine. Mostly for unprivileged users making local changes to their machines.
2. IaC stored in GitHub, run in specific trusted SaaS platforms on push, mostly unprivileged users in specific roles that need to change infra.
3. IaC stored in GitHub, run locally on an admin machine, essentially where sudo is required.

Regarding AI, it’s fair to say that I’m fairly distrustful of it. I essentially use it to fix my “google-foo” (for a term that shows my age!) as a way to find the search terms I don’t remember or never knew.

I have tried several times to more directly incorporate AI tooling into my workflow and each time removed it fairly soon after putting it in, because it was either plain wrong, because it did things that didn’t match what I needed, or because it did something that wasn’t in keeping with the rest of the project, and thus made the code less maintainable.