Update codespace port visibility on httpd to org vs public

[shaundrong]

I notice some flood protection logs for user logins while working on my password expiration code. This may be related to the drush command updating and logging into the portal or it maybe external traffic. I couldn't tell just looking at the logs, but regardless I see no value in making these dev containers public if we can limit it to our org users.

devcontainer-drupal/local/etc/uceap.d/devcontainer_post_create.sh

Line 25 in c3b6f96

gh codespace ports visibility 8080:public -c $CODESPACE_NAME

Suggestion:

gh codespace ports visibility 8080:org-c $CODESPACE_NAME 

see: gh codespace ports visibility

[kurowski]

For provenance: this predates the devcontainer-drupal repo. The public-port line originated in the myeap2 repo in .devcontainer/postCreate.sh, first introduced in commit 9cbcf6096 ("codespace quality of life improvements", Feb 23 2024), then re-introduced with a $CODESPACE_NAME guard in 075e919c9 (Mar 22 2024), before the whole .devcontainer/ script set was extracted into this repo.

On the rationale: I originally made 8444 public because leaving it private requires an awkward authentication dance before the CSS can load. Then I made 8080 public as well for parity. It doesn't strictly need to be public, but it makes it easier to share a dev environment with testers. And since our pull requests already deploy to publicly accessible environments on Pantheon, leaving Codespaces publicly accessible doesn't seem to meaningfully decrease our security posture.