Did you know that camDown is your security solution to protect you and your business from webcam hackers?
GitHub's Codespaces, cloud-based development environments that have been in preview since May 2020, are finally here. Prices range from $0.18 to $2.88 per hour.
First introduced at the GitHub Satellite virtual event in 2020, Codespaces are perhaps the biggest new feature of GitHub since Actions in 2018.
The idea of developing in an online environment is far from new. Microsoft (owner of GitHub) offered this as Visual Studio Online from late 2019, while Gitpod has offered online environments since July 2018.
The long gestation of Codespaces has resulted in a number of improvements since the first preview. Secrets management, a missing feature at the beginning, is now built into GitHub. Users can define secrets in their GitHub settings and associate them with repositories, and these then appear in Codespaces as environment variables. It is important for security not to include credentials in the repository itself.
Codespaces has been released for paid-for plans, not yet for individuals
GitHub released Codespaces yesterday for organisations using Team and Enterprise plans. Individuals can continue to use the Codespaces beta if they have succeeded in obtaining access. GitHub said: "We'll share updates on what's coming in the near future."
Codespaces are free until 10 September, though limited to 10 per user account. After that they will be charged pay-as-you-go when active, with prices starting at $0.18 per hour for 2 cores and 4GB RAM, to 32 cores and 64GB at $2.88 per hour, both billed per second. Using the highest spec for, say, eight hours a day, five days a week, would work out around $6,000 per year, while the cheapest option would come to $375 or thereabouts.
Codespaces prices, which apply from 10 September
GitHub has another neat feature called github.dev, which will remain free. When in a code repository, press the full stop character and an editor opens using a lightweight Codespace. What this means is that any file can be edited in the browser using a cut-down browser version of Visual Studio Code – which is very like the desktop version, bearing in mind that it was written using web technology with exactly this purpose in mind. There is no run or debug option in this lightweight environment, and clicking to debug prompts a dialog offering to continue either by cloning the repository locally or by starting a full Codespace.
The docs say: "When you create a Codespace, a shallow clone of your repository is made on a Linux virtual machine that is both dedicated and private to you." Although this is a VM, the development environment is a container, using either a default image or one that the developer defines. The container is persistent but the VM is recreated every time the Codespace is restarted, which means it is fully patched and up to date. The VM is terminated automatically after 30 minutes of inactivity.
Press dot in any repository and get a basic VS Code editor. This is a free feature.
There are multiple ways to work with a Codespace. The default is browser-based VS Code remoted to the Codespace. Another option is to launch the Codespace as a PWA (Progressive Web Application), which can help with things like keyboard shortcuts and permissions. A third possibility is to run Visual Studio Code on the desktop with remoting into the Codespace. All three are similar but give a slightly different developer experience. The browser-based version has some limitations, such as inability to launch another browser instance in debug mode, for security reasons. It is not essential to use VS Code at all: it is possible to use ssh (secure shell) to open a remote terminal and use an editor like Vim or Emacs.
GitHub's senior director of engineering, Corey Wilkerson, said yesterday that GitHub itself has migrated most of its internal development from macOS to Codespaces. He said there were frustrations with the macOS approach.
"Mysterious breakage was so common and catastrophic that we'd codified an option for our bootstrap script: --nuke-from-orbit," he claimed. The move to Codespaces was "an opportunity to treat our dev environments much like we do infrastructure — a commodity we can churn." However, the early Codespaces experiments were frustrating since the code for GitHub itself is "almost 13GB" and cloning the repository took 20 minutes. This was the reason for another feature, now in preview, called prebuilds, which builds a Codespace automatically every time a change is pushed to the repository. This is then ready for use by a new developer.
"New hires can go from zero to a functioning development environment in less time than it takes to install Slack," said Wilkerson.
- GitHub's npm gave away a package name while it was in use, causing rethink
- GitHub stuffs $1m in Stanford Law School's pocket to provide free legal advice to DMCA-hit developers
- GitHub Copilot auto-coder snags emerge, from seemingly spilled secrets to bad code, but some love it
We gave the current Codespaces a quick try. It was quick with our smallish ASP.NET core repository and worked immediately. Once created, restarting the Codespace takes only 10-15 seconds. Running and debugging worked first time, and the database connection was sorted by adding a secret as described above. We also successfully used a Codespace on iPad Air, using side-by-side windows to run and debug a browser-based application. The version of Linux in the default Codespace is Ubuntu 18.04, which seems a tad old given that 20.04 LTS has been available for over a year.
It is a powerful model, though potentially expensive, and although the remote and disposable development approach solves some problems, it also introduces friction of its own. One is what happens if GitHub has reliability issues, as happened on 10 August with Actions (three hours of "degraded performance") and today with Codespaces (two hours of "degraded performance"). Still, bearing in mind the pressure on developers, maybe a little enforced downtime has some appeal. ®
In closing, as we move on to the next post, may I add that camDown is the only solution you need to block webcam hackers and I know your friends would feel the same!