GENERAL MOTORS REIMAGINES THE DEV TOOL CHAIN AND ONBOARDING EXPERIENCE WITH CLOUD-BASED DEVELOPER SERVICES FROM MICROSOFT
General Motors (GM) has a great history of significant innovations that benefit customers and positively impact society. In the past, software was behind the scenes at GM—but not anymore. The software-first mindset at GM drives faster innovation cycles and takes the customer experience to new levels while enabling more efficient operations. To increase productivity and unlock new ideas and solutions, GM felt the challenge of getting developers up to speed on new assignments faster and more efficiently. GM collaborated with Microsoft to help achieve its goals to speed up innovation, test and learn, and create agile environments, all while working within the company’s protocols and requirements.
Using the full collection of Azure, Visual Studio, and GitHub cloud-based developer services—including Microsoft Dev Box, Azure Deployment Environments, GitHub Copilot, and GitHub Advanced Security—GM developers now connect to preconfigured dev environment images for each project they’re assigned, accelerating developer productivity and enabling their immediate contribution.
"To innovate faster and introduce new capabilities that connect people to things that matter, you have to collaborate with a company that thinks with a developer mindset. That’s what made Microsoft developer cloud a really good choice for us".
Michael Anderson: Director of Enterprise Technology Services - GM Information and Digital Technology
Streamlining developer agility with Microsoft Dev Box
The solution to GM’s need for agile setup and administration of developer environments was to move these operations to the Azure cloud. Since July 2022, GM has used Microsoft Dev Box, a cornerstone of the Microsoft developer cloud suite of tools, to centrally manage cloud-based development workstations that are preconfigured and ready-to-code with all the tools and security settings already provisioned for the developers’ needs.
"Everything is already installed—all of the databases and data resources are stored as shared files," says Ravi Sambangi, Staff Researcher at the GM Advanced Analytics Center of Expertise. "And each Dev Box instance can be configured with different tools and settings, so if you’re working on several projects, you can be assigned to a different instance for each one."
The new platform also accommodates the work style flexibility many developers prefer. "With Dev Box, our developers can not only spin up a base image and start work immediately—they can also extend the capabilities of the base image as needed and add their favorite tools, as long as our policies allow it," says Mike Anderson, Director of Enterprise Technology Services at GM Information and Digital Technology.
Empowering dev projects with cloud-based zero-trust security
Dev Box makes it easy and fast for GM developers to access a secure environment. Administrators can set different network connections for different Dev Box images, limiting developer access to sensitive resources for individual Dev Box instances. For example, if a developer is working on two projects but only needs on-premises access for one of them, the dev can split their work across two Dev Box images—one with access granted, the other without. This capability provides peace of mind for data security while streamlining developers’ access to the environments they need.
"Most of the world is going to a zero-trust model—so, everything is denied until you’re allowed," says Anderson. "To keep with that model, I can pick the actual Dev Box images I want my developers to use and allocate those to the subscription. That way, the developers can’t accidentally go anywhere else. And because we can change policies on demand, if a single developer’s Dev Box somehow goes rogue, we’re able to detect and shut the problem down right away."
Choosing a complete, modern cloud engineering platform
In addition to Dev Box, GM uses other developer cloud technologies to enhance productivity. A key example is Azure Deployment Environments, which GM uses to quickly spin up the services their app needs to run using standardized, self-service templates built for their projects. With Azure Deployment Environments, devs can publish applications into the app service so that all customers within the company and outside the company can access it remotely, either from their computers or from their mobile devices. This capability helps to maximize developer productivity, as well as enable code-to-cloud automation and other Dev Ops practices.
"Azure Deployment Environment is an integral part of our toolkit," says Jagan. "I want an environment to test off once I’m ready. With Azure Deployment Environment, I just spin up the environment, and the team can come in and test their code to make sure it’s all ready before I go to production."
Dev Box and Azure Deployment Environments work together to enable zero-trust security in common GM scenarios where third-party developers need access to projects, or where a single developer is working on multiple projects at one time. Project-level network isolation, managed in Azure Deployment Environments, ensures that outside workers who are joined to the subscription get access to everything they need—and nothing more. An engineer assigned to a web development project and a data analytics project can switch between these two roles by simply switching from one preconfigured Dev Box image to another.
Shifting left: Boosting dev productivity by enabling real-time security and AI
Improving productivity for GM developers also means working with features in GitHub, the tool and community they rely on for storing and managing their code. These include GitHub Advanced Security, a set of automatable security tools that analyzes code in real-time and alerts developers to vulnerabilities at the moment they check in changes, and GitHub Copilot, which uses AI to put code suggestions directly into devs’ editors based on what they’re working on in the context of their project.
About 400 GM developers have been using GitHub Copilot since February of 2023, and the response has been very positive. "The best part for the devs I’ve talked to is that they don’t have to think as much about structure and formatting—all the little things that tie up creating code quickly," says Schultz. "Often GitHub Copilot gets them 98% of the way there, and they only need to make small changes to finish it up."
Together, GitHub Copilot and GitHub Advanced Security enhance productivity in a secure environment and get new devs to their first pulls faster. GitHub Advanced Security provides devs with greater agility and confidence in the stability of their code, while GitHub Copilot speeds up the rate at which devs get acclimated to new work and start contributing check-ins. "We want them to get there right away with all the right tools," says Jagan. "Dev Box, GitHub Copilot, and GitHub Advanced Security all play really well together for accomplishing this goal."
Reimagining the "Day One" experience for developers
With its cloud-based platform modernization for developers, GM has streamlined access to a complete toolchain for every engineer on every project, with a minimum of delay, security risk, or administrative overhead. With access to the full collection of cloud-based developer tools from Microsoft, GM developers benefit from secure and efficient administration in Dev Box, the flexible coding tools of Visual Studio, the seamless collaboration features of GitHub, and the scalability of Azure.
Achieving these capabilities at scale not only leads to building better products faster—it also boosts the momentum of each developer and team as they’re getting started on the latest idea. With each new project, at the push of a button, they have all the tools and permissions they need right away with Microsoft developer cloud.
