Blog

Jira Agile Board Management Change

The existing feature and the reason for the change

When a project is created on Jira, Jira automatically creates a Scrum Board for the project, which is named by the project key. It was always possible, that the Project Admin later decides to have a Kanban board instead. To achieve this, the Project Admin can create a new agile board and delete the old one. Since the DevOps Portal automatically sets the Administrators of the board to match the Admins of the project, it's necessary for the DevOps Portal to find the correct board. Unfortunately, Jira doesn't maintain a connection between projects and boards. Therefore, the old algorithm was choosing the oldest board with a filter query on the project. But since all Jira users can create boards and in addition filter queries can be constructed, which reference multiple projects, it was possible to get into corner cases where the DevOps Portal was managing the Administrators of the wrong board. Therefore, the algorithm was changed. The filter query used by the board is no longer important. Instead, only the name of the board is relevant. The new algorithm even allows it keeping the Administrators of multiple boards in sync with the Admins of a project.

The enhanced feature

When a project is resynced or an Admin is added or removed from a project, the DevOps Portal will set the Administrators of the matching boards to the list of Project Admins. To qualify for a match, the board name has to start with the project key. For example, if the project key is "PKEY":

• Board names like "PKEY", "PKEY Kanban Board", "PKEY_Team_Board", "PKEY-CoolBoard" etc. will have their Administrators managed by the DevOps Portal
• Board names like "_PKEY MyBoard" or "Joe's Board" don't have a "PKEY" prefix. They will not be managed by the DevOps Portal.

Required actions on your side

• If nobody manually created boards, you don't have to change anything, since "PKEY" is the default name of boards which are automatically created. So they will be still found and managed by the DevOps Portal as before.
• If anybody manually created boards, please check the names and rename as necessary to get the desired behavior.
• Since board Administrators can rename their boards, all of them can decide themselves by eventually renaming the board, if they want to keep a Team board managed by the DevOps Portal or if they want to have an independent board, where the list of Administrators is manually maintained in Jira.

Enhancements

• It's now possible to assign the agent-admin role to Jenkins tech users using the checkbox "Allow to administer agents"
  For more details see Connecting Inbound Jenkins Agents.
• The REST API was extended and now supports all required management operations for projects. This contains CREATION/POST, PATCH, RETIRE and REACTIVATE as well as DELETE.

Improvements

• If a user is set to be a component lead of one or more components in a Jira project, these assignments are automatically removed when the role of the user is removed. Therefore, if you use component leads in your project, check if some components have no longer a lead, after you removed the role of a user.
• Switched to new translation mechanism of messages in the portal.
• Added documentation for XWiki.

Bugfixes

• When Jira was added to an existing project, it was not possible to select a non-default Workflow Scheme, Issue Type Scheme or Issue Type Screen Scheme.
• Manual language selection on the login screen did work properly only with the keyboard, but not using the mouse.

New feature

• Bitbucket git repositories are now automatically connected with SonarQube results. This enables the Pull-request decoration in Bitbucket which is supported by SonarQube instances with Developer or Enterprise licenses. In addition, the delivery pipeline can now set the desired quality gate for the git repository.
  To successfully use the new feature, at least v3.4.0 of the Jenkins Shared Library has to be used. For more information see the DevOps-as-a-Service Jenkins Library Changelog.

Enhancements

• Prepared support for the tool Dependency Track which will allow automated SBOM analysis together with Jenkins.
• AI Operator is now automatically connected to Jira using a read-only technical user. To enable the feature for existing projects with AI Operator and Jira a Project Admin simply needs to edit and save the project. This adds more functionality to AI Operator since it can now read all your Jira issues in addition to Confluence pages.
• Added RestAPI for user management. Portal Admins can now use the API to create, update or delete users. All other status transitions are also supported like e.g. lock and unlock. See Swagger screenshot below:
  

Improvements

• Since the DevOps Portal sometimes requires technical user accounts with assigned licenses to connect one tool with another, the Create Project page has been improved to make this more transparent. Lets's say you have selected some tools for a new project. Now you also select Jenkins. Then some info messages will appear and show you which tool will have to contribute 1 or 2 licenses for a successful connection with Jenkins. The following screenshot shows a sample tool selection with and without Jenkins.
    →  
• The Workspace read permission in Jenkins is now also granted to DEVELOPERs, not only ADMINs and MASTERs. This improves self-service for DEVELOPERs for troubleshooting build failures.
• The Health Checks page for Portal Admins was removed. Due to technology changes, it did no longer offer any added value. Instead, use the dashboards which are automatically available for all users in the Main Org of Grafana to see much more metrics and statuses.
• Changes of the 2FA setting of a user are now more clearly logged in the Audit Log.
• The instructions a new user sees in emails or in the web browser during onboarding are now different depending on if 2FA was enabled or not. This makes it easier to understand and follow the process.

Bugfixes

• When the DevOps-as-a-Service session timed out after 5 hours of inactivity, it could happen that a still opened DevOps Portal was not correctly redirecting the user to the login page, but instead was showing an error. This was a problem caused by the new JWT implementation introduced in DevOps Portal 1.9.1 and has been fixed.
• Some links in the footer were not correctly adapted when the user changed his or her favorite language.

Enhancements

• Added support for the Version Manager for Jira plugin. The presence of the additional permission "Manage Versions" is automatically detected and assigned to the project roles ADMIN and MASTER. Therefore, the plugin effectively allows MASTERs and not only ADMINs to manage versions for their project. To change it for an existing project, simply Edit and Save the project again.
• Switched from classic session handling (JSESSIONID) to JSON Web Token (JWT). See https://jwt.io/introduction for more information. From the perspective of the user, this change is mostly invisible. If you are a REST API pilot customer, please note that the token expires quickly and needs to be renewed. The curl examples shown on the swagger page in the DevOps Portal already use JWT and can be used as is. To support M2M communication in the future, we plan to add Technical Users for the Portal REST API.
• The link DOaaS Metrics was added to the Grafana tile on the Home page. It leads to the DevOps-as-a-Service Metrics which are available for every user who has the Grafana tool assigned. For more information, see Grafana DOaaS Metrics

Improvements

• Added official AI Operator logo on the Home page for projects which are using this tool.
• Prepare support for sending email notifications from Gitea.
• The menu item Account → Sign out will now immediately logout from the DevOps Portal and all tools without a confirmation question.
• Actions performed by DOaaS Operators like e.g. a project resync, which could be necessary after an update, are now visible in the audit log for Portal Admins.

Bugfixes

• Some manually constructed URLs could result in an HTTP error code of 500 instead of 404. This is fixed now.

New feature

• The DevOps Portal is now supporting auto-provisioning Grafana. Grafana  is the leading open-source tool for monitoring and visualizing data from sources such as Prometheus, Loki, Databases, and more. It allows users to create interactive dashboards and set-up alerts to monitor application metrics as well as system performance and trends in real time. Grafana is rolled-out in May for all customers. You can add Grafana to any of your existing projects. This adds the Grafana tile to the Homepage of your project on the DevOps Portal.
  
  See Grafana concerning all details of the integration.

Improvements

• Improved possibilities to support customers within their Portal.
• Updated design to new T-Systems logo.
• The regular expression used to validate email addresses is now stricter than before to spot impossible addresses earlier in the onboarding process of new users.
• Improved formatting of long audit log entries.
• In addition, includes all improvements from DevOps Portal 1.8.6 

Improvements

• On the Projects page, the link to AI Engineer is now directly linking to the distinct project inside AI Engineer.
• Further improvements of the audit log entries so that with one glance you can immediately see what value has been changed for the affected entity.
• Passwords for Technical Users now have to match the rules for passwords for human users concerning character classes. This means that at least one lower case letter, one upper case letter, one digit and one special character have to be used. The minimum length stays at 32 characters, whereas for human users 12 characters are sufficient. We recommend to simply use the automatically generated random password when creating new Technical Users.
• Made sure that future design changes in the Keycloak pages don't require clearing the browser cache to get visible.

Enhancements

• More links have beed added in the AI Engineer tile on the Portal Homepage. All links are directly leading to the specific AI features available for the selected Project.
• More code has been added for the upcoming SonarQube automation enhancement, which was already described in  DevOps Portal 1.7.5.

Improvements

• A work-around concerning Jenkins had to be applied for the improvement introduced in DevOps Portal 1.7.5 to keep it working in recent Jenkins versions.

Bugfixes

• Since some special characters made problems when used in passwords of Technical Users, the allowed characters have been now restricted to 7 Bit ASCII.

Enhancements

• The new Rest API now offers endpoints for listing, adding and removal of project roles.
• When searching for user entries with accents or transliterations it is now no longer required to know the exact verbatim spelling. For example searching for the name "Muller" will now also find "Müller". This simplifies finding specific users a lot.

Improvements

• The number of remaining users based on your package size is now displayed on the Users page.
• Project Admins can set the Project lead in Jira projects on the page Project Settings ➡ Users and roles. Press the button "Edit defaults" in the top right corner like shown in the screenshot:
  
  The Project lead has more a symbolic function. Being a Project lead does not add more permissions to the user, but the Project lead can be set to be the default assignee of new issues. Previously the DevOps Portal has reset the Project lead to SDCloud Admin on every project save or resync. This was changed now. If Project lead was set to something different than the DevOps Portal service account, it will be preserved.
• The Audit Log has been improved to avoid any unnecessary information in the log entries. Will be even more improved in a future version.
• A robots.txt file is now forbidding web crawlers to scan your public pages of the DevOps toolchain. Please open a Service Request, if you want to have your public content indexed by search engines.

Bugfixes

• The More menu on the Users page has been moved to be more readable for all windows sizes.
• Some minor design issues on the login page have been fixed. If it doesn't work for you, please use Shift-Reload on the page or clear your browser cache.

Enhancements

• Customers of the Competitive Toolchain use Gitea for Issue-Tracking and Agile Boards. Now all projects automatically get a well-established set of advanced defaults for labels which can be used to categorize issues. To get it enabled for a specific existing project, edit and save it or resync the project. The complete list of labels is:
  • Compat: Breaking
  • Kind: Bug, Documentation, Enhancement, Feature, Security, Testing
  • Priority: Critical, High, Medium, Low
  • Reviewed: Confirmed, Duplicate, Invalid, Won't Fix
  • Status: Abandoned, Blocked, Need More Info

Improvements

• The scrolling in the new user selection box on the Projects page has been improved.
• The layout of the footer on the login page has been aligned with the footer of the DevOps Portal.
• All remaining LDAP code has been removed from the DevOps Portal.
• Added support for JWT tokens in the Portal back-end.
• Implemented more automated E2E tests.

Bugfixes

• Some permissions for roles in Gitea were not exactly set as planned. This mostly applies only to users of the Competive Toolchain, who are using Gitea for Issue-Tracking and Source Code Management. One missing permission was Create Repositories for MASTERs. To get it fixed for a specific existing project, edit and save it or resync the project.
• In some cases, the menu bar was not correctly colored. This has been fixed. The current page gets a magenta title, and there's a grey background when hovering with the mouse over any menu item. If it does not perfectly work for you, please clear your browser cache.

This version was only released for customers of the Competitive Toolchain due to Gitea and XWiki improvements.

Enhancements

• Gitea is now also supported for issue-tracking and agile boards. Therefore, a new tile has been added to the home page of the DevOps Portal.
• A new tile has also been added for XWiki, which links to the sub wiki, which represents the current project in XWiki.

Improvements

• Potentially dangerous permissions granted inside XWiki sub wikis have been removed from roles maintained by DevOps Portal.
• Creating a new project in XWiki can take several minutes since all themes and extensions have to be installed into the new sub wiki. The auto provisioning code has been improved to avoid any problems with such long-running tasks.
• USER_SETTINGS_CHANGE events will no longer be recorded in the audit log, since they just talk about unimportant changes like last selected project of the current user etc.
• The max length of recorded audit log entries has been extended to also show very long messages.

Bugfixes

• The processing of an unexpected AI Engineer response has been adapted to avoid possible pending syncs when resyncing a project.
• Changing the color of page titles from black to magenta was not working in all possible cases.

Improvements

• The database for the DevOps Portal has been upgraded from PostgreSQL v12 to v14 for all instances.
• The new RestAPI has been enabled for more pilot customers.