[adamckay]

Usually for production you want to know with 100% certainty what version of the software is running. Whilst you can do that with Git commit hashes you can't be sure no one has performed a hotfix and modified code on the production server which is not committed to source control. Then there's also the potential problem of pulling the latest updates from source control but forgetting to restart the container so it's not obvious you're actually running outdated code.

It's also a lot easier if there's a bad deploy to roll back the update by reverting the image tag in the compose file and restarting rather than checking out specific older commits and risk getting into a funky state with detached heads and the like.

[edfletcher_t137]

This, 100%. Reproducibility, traceability and auditability all go out the window when you allow source modification on in production directly. You never want to ask "what's running in production" only to be greeted by crickets in response, or worse a lone "my branch from five days ago."