What is the "Proper" Way to Compile or Install Something from Github and Make it Accessible in a Template?

In a non-Qubes environment everyone uses git clone and then installs the tools needed to compile and follows the instructions and runs thing.

If I want a program to be in the template, should I be doing everything in the template?

So GitHub - SYSTRAN/faster-whisper: Faster Whisper transcription with CTranslate2 is an example of something I’d like to try out. I need to make sure python is installed, I need to clone the repository.

Is the answer to install the tools needed in the template and just clone in a disposable VM and copy it to the template and then compile or install?

I think that’s the answer and I may have answered my own question.

You could also clone and compile in the disposable, test there, and then
finally transfer the final software in to the template.

I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.

Sometimes compilation instructions require prerequisites and it will be something that will pull something remotely and then execute a script and the script will want internet access and then the script will do the installation.

for example I could be supposed to run setup-install.sh and I would run that and if the template were connected, it would download lots of things, compile them, and then install them. some of these scripts are not that simple for someone with only a small understanding of linux or programming. is the only solution for something like this to open up the sh file and read it and run some of it in the disposable and some in the template?

would there be a way to temporarily give a template access to the internet for certain downloads or domains but have it go through the same process as when the template is updating? this would break the qubes security model however?

You can configure the script to use proxy:

You can set this proxy for any app that is used in setup process git/curl/wget/etc.