This Week #12: Devbox 0.8, OAuth Integrations, and more

This week: Devbox 0.8 + removing binwrappers, integrating with Github OAuth and Google Cloud, and more


This week, I focused on integrating GitHub OAuth and GitHub app installation into Jetpack Cloud Dashboard. We envision users connecting their GitHub accounts and selecting repositories based on their App Installation settings via the UI. The goal is to make it seamless for users to start a new cloud project without relying on the Devbox/envsec CLI.


This week, we started rethinking the architecture around payments and how it affects other services. Besides that, I mainly focused on finishing different payment scenarios (in-trial, trial expired, active, and when to create a subscription in the login flow). We have handled most of the cases, and next week, I plan to finish all the edge cases on the payments page.

Other than payments, we got some issue reports with Devbox's docker image and vscode extension. As the primary dev on those features, I had to figure out the root cause and a solution for the reported issues. Next week, I'll focus on the vscode extension issue, which seems more challenging to reproduce.


Last week we released a pre-release version of the upcoming Devbox 0.8.0. This pre-release included a few major changes under the hood:

  • Comments + trailing commas in devbox.json
  • Better caching for package search results
  • Removing binwrappers from installed packages

Removing binwrappers is probably the biggest change on this list. In addition to cleaning up our code and simplifying how Devbox works and installs packages, we’ve seen a pretty significant performance improvement for devbox global and scripts that invoke multiple packages. We plan to publish more technical details on this change in the coming


This past week, I focused on updating our upcoming secret product's website. In particular, I worked on having the website call a new REST API I built in the previous weeks. This enabled us to set multiple "environments" like dev, preview, and prod for a particular secret.


Last week, I focused on integrating GCP with Jetpack Cloud. When a user creates a new Jetpack account, we must provision a Google Cloud project for them with all the necessary permissions. This means we need API endpoints to kick off this process at the right time. We’ve also been trying out Buf Connect to implement this part of the API, and so far it’s been working well. It’s a much nicer experience than using gRPC and protocol buffers directly.


I removed bin wrappers from Devbox!


I've focused on making progress our unified API service. The unified API will consolidate our different APIs into a single service. I've been working on: a) setting up the initial scaffolding for the code, using buf connect, and b) setting up a CICD pipeline for deployment with GitHub Actions + Workload Identity Federation


Last week I worked on deployments, to add the concept of preview deployments vs production deployments. You can now select a branch to be a production branch. When you push to it, we create a newdeployment and automatically migrate traffic. When pushing to a different branch, we create a deployment, but do not migrate traffic. The deployment is accessible at a custom URL instead.

I also spent some time exploring the GitHub API with Lucille to determine how to proceed in the new project creation flow, where we need to associate a Jetpack user with their GitHub account and then (potentially) ask them to install our GitHub App in their account(s).