This set builds vocabulary for provisioning and securing cloud-hosted development environments.
0 / 5 completed
1 / 5
At standup, a dev mentions opening a fully configured, cloud-hosted development environment for a repository directly from the browser, with no local setup. What is this called?
A cloud development environment, like a GitHub Codespace, provisions a fully configured container with the repository's dependencies already installed, accessible directly from a browser without requiring any local setup on the developer's own machine. This removes the classic "works on my machine" friction of inconsistent local environments. It's especially useful for quickly onboarding a new contributor or reviewing a pull request in a live, runnable environment.
2 / 5
During a design review, the team wants every contributor's environment to include the same installed extensions, dotfiles, and startup commands automatically. Which capability supports this?
A devcontainer configuration file, committed to the repository, declares the exact base image, extensions, and startup commands needed, so every contributor's cloud environment is provisioned identically and automatically rather than depending on each person manually replicating the setup. This consistency eliminates a whole class of environment-related bugs and onboarding friction. It's the mechanism that makes cloud development environments reliably reproducible across a team.
3 / 5
In a code review, a dev notices a cloud environment automatically shuts down and stops billing after a period of inactivity. What does this represent?
An automatic idle timeout stops a cloud development environment's compute resources after a period of inactivity, preventing a forgotten, unused environment from continuing to accrue cost indefinitely. This automated cost control is important since cloud compute, unlike a local machine, is billed based on active usage. It's a standard cost-management feature across cloud-hosted development environment offerings.
4 / 5
An incident report shows a Codespace was left running with an exposed port publicly accessible, leaking an internal development server. What practice would prevent this?
Reviewing and explicitly restricting port visibility settings before forwarding a development server prevents an internal, unfinished service from being unintentionally exposed to the public internet. Assuming a safe default without checking is how this kind of misconfiguration leads to an accidental leak. This verification step is a reasonable habit whenever a cloud environment forwards a port that wasn't explicitly meant to be public.
5 / 5
During a PR review, a teammate asks why the team adopted cloud development environments instead of requiring everyone to set up the project locally. What is the reasoning?
Requiring each person to set up a project locally risks subtle inconsistencies between machines that lead to hard-to-diagnose bugs, while a cloud development environment guarantees everyone starts from the exact same configured setup. This consistency significantly reduces onboarding time for a new contributor joining a project. The tradeoff is a dependency on internet connectivity and the platform's availability instead of a fully offline-capable local setup.