Blog

We just published a new page, which gives our customers a better transparency regarding:

• Information to the latest release of the self-service portal (release notes)
• Information regarding planned improvements and enhancements (release planning)
• Information about other enhancements and new features, planned for the next months

All this information can be found here: Release Notes

We suggest watching that page to keep informed in case of any changes.

Released on March 27, 2024

Enhancements

• Gitea has been added to the Dashboard. Customers which use Gitea for Source Code Management get a tile for Git Repositories and Pull-Requests:
  
  Customers which use Gitea as an Artifact repository get a tile for Packages:
  
• We have developed an Extended API Plugin which adds missing functionality to Jira. The first version deletes Screens and Screen Schemes that are left behind when a project is deleted. Not deleting them makes Jira slow over time and clutters up the display of some administration pages.

Improvements

• Personal Git repositories on Gitea are now automatically deleted when a user is deleted. The DevOps Portal will show a warning message about this.
• The number of pending synchronizations is now shown on the Synchronization page.
• Clicking on the T-Systems logo on the login related screens will now make the browser go to the DevOps Portal. This can be used if the redirect to the DevOps Portal is not working properly after a password reset. This problem is caused by a known bug in Keycloak https://github.com/keycloak/keycloak/issues/21127 which was not fixed yet.

Known Issues

• Unfortunately, the links to Agile Board and Backlog in the Jira tile of the DevOps Portal homepage do not work properly for users which have more than one project. In fact, the links will lead to the last visited agile board on Jira, independent to the project selection on the homepage of the DevOps Portal. This is caused by the fact, that agile boards are not part of a Jira project, but instead are independent entities. We are striving to find a solution for the problem in a future version.

Released on March 12, 2024

Improvements

• Matching the IDEaaS release, the links to the tool were adjusted to work in all DevOps-as-a-Service instances which have IDEaaS installed.

Bugfixes

• The additional Jira permissions introduced in 1.6.4 now also work on Jira instances without Jira Service Management installed.
• When scrolling through lists, it could happen that additional white space was visible between the rows. This has been fixed.

Known Issues

• Unfortunately, the links to Agile Board and Backlog in the Jira tile of the DevOps Portal homepage do not work properly for users which have more than one project. In fact, the links will lead to the last visited agile board on Jira, independent to the project selection on the homepage of the DevOps Portal. This is caused by the fact, that agile boards are not part of a Jira project, but instead are independent entities. We are striving to find a solution for the problem in a future version.

Released on March 09, 2024

PSA (Privacy and Security Assessment) Compliance

• Updated all PostgreSQL databases to hardened version with additional network access protection.

Enhancements

• Portal CREATORs can now see all users and organizations, like Portal ADMINS, totally independent of their own organization. This is changed, so that every CREATOR can really onboard new users from different companies. If necessary you can at any time change the Portal role of a CREATOR back to USER, when he or she is finished with creating new projects and users. For standard USERs the visibility rule stays like it was: only project admins in the default organization can see users in other organizations.
• The credentials for pulling and pushing to Gitea which are automatically injected into Jenkins projects are now keeping a Gitea token in the password part of the credential. This allows to use the credential directly for any operation, since most package accesses require a token of the user instead of its password. As before, the name of the users in Gitea and of the credentials in Jenkins are PKEY-jenkins-pull-gitea and PKEY-jenkins-push-gitea where PKEY is the project key as defined in the DevOps Portal.
• Automated testing is now using Video Recording for Playwright.

Improvements

• The support for IDEaaS (IDE as a Service) was improved to allow the IDEaaS roll-out to pilot customers.
• To improve the reliability of the auto provisioning process, all outstanding synchronizations are now immediately persisted to the database. Previously this was only done when the first try was not successful.
• Some additional permissions which were added to Jira are now also set by the DevOps Portal. Effectively there is no change of functionality for the project roles.
• When a retired project has been long enough in RETIRED state (usually one day), the delete operation is now automatically enabled. It's no longer required to reload the page.
• Since Gitea is using a common namespace for users and organizations, the DevOps Portal will no longer accept to create a technical user and a project with the same name. In addition, some names reserved in Gitea won't be accepted by the Portal to avoid any problems.
• Automated auto provisioning testing of tool updates is now faster, allowing a quicker roll-out of updated tools.

Bugfixes

• The DevOps-as-a-Service permission scheme in Jira was not correctly set for freshly created projects. This has been fixed and affected projects have been repaired.
• Assigning roles to technical users which have not yet been created on Jira will now correctly fail to be triggered later again.
• Gitea is no longer sending invitation mails to users which manage their password on the DevOps Portal.
• The Gitea organization folder in Jenkins projects was broken after first discovery of a buildable git repository. This is fixed now.

Known Issues

• Unfortunately, the links to Agile Board and Backlog in the Jira tile of the DevOps Portal homepage do not work properly for users which have more than one project. In fact, the links will lead to the last visited agile board on Jira, independent to the project selection on the homepage of the DevOps Portal. This is caused by the fact, that agile boards are not part of a Jira project, but instead are independent entities. We are striving to find a solution for the problem in a future version.

Released on February 22, 2024

Enhancements

• Inside the DevOps Portal Harbor was automatically added to all existing projects and users which are using the DevOps functions Docker registry and Helm chart repository.
• Automated testing is now done with Playwright directly on the Jenkins agents. Test results are presented by Allure Report which is integrated into the DevOps-as-a-Service Jenkins.

Improvements

• Improved error logging
• Prepared for more Jira project customization options

Bugfixes

• Project admins are automatically maintained as administrators for the oldest Agile Board connected with a Jira Project. When a role was saved for a project admin, this could lead to a pending sync when no Agile Board was found for the affected Jira project. Since it's allowed that project admins delete all Agile Boards connected with a Jira Project, this is now fixed.
• Assigning a user to a project which has none of his or her tools lead to a harmless pending sync. This has been fixed.
• Fixed flickering table columns which could occur when scrolling under certain circumstances.

Released on February 15, 2024

New Features

Harbor

• Added support for the new tool Harbor. Harbor is now the standard tool for the DevOps functions Docker registry and Helm chart repository inside DevOps-as-a-Service.
• A new tile for Harbor was added to the dashboard.
• Robot accounts for projects are automatically created in Harbor and injected as credentials into Jenkins projects. This allows the Jenkins Shared Library starting with v2.15.0 to automatically login to the hosted Docker registry and Helm chart repository of the project for pulling or pushing artifacts. The name of the user in Harbor and of the credentials in Jenkins is doaas-PKEY+jenkins-push-harbor where PKEY is the project key as defined in the DevOps Portal.

Gitea

• Added support for the new tool Gitea. Gitea will become the new standard tool for the DevOps function Artifact repository inside DevOps-as-a-Service. Furthermore, it's a viable alternative to seasoned SCM tools like Bitbucket or GitLab.
• Technical users for projects are automatically created in Gitea and injected as credentials into Jenkins projects. This allows your delivery pipelines to automatically login to the hosted Artifact repository of the project for pulling or pushing artifacts. The name of the users in Gitea and of the credentials in Jenkins are PKEY-jenkins-pull-gitea and PKEY-jenkins-push-gitea where PKEY is the project key as defined in the DevOps Portal.

Bugfixes

• A problem with unnecessary white space was fixed, which could occur with the new turbo scrolling feature when a search filter was previously used.

Known Issues

• Unfortunately, the links to Agile Board and Backlog in the Jira tile of the DevOps Portal homepage do not work properly for users which have more than one project. In fact, the links will lead to the last visited agile board on Jira, independent to the project selection on the homepage of the DevOps Portal. This is caused by the fact, that agile boards are not part of a Jira project, but instead are independent entities. We are striving to find a solution for the problem in a future version.

Released on February 07, 2024

Enhancements

• When a project is created, it's now possible to deselect some tools. Therefore, you can now create projects which use just a subset of tools. By editing the project later, you can add at any time more tools. Removing tools after the project creation is not possible to avoid any data loss.
• Introduced tiles for the new tools AI Engineer and IDEaaS on the dashboard.
• Prepared support for the new tool Harbor.

Improvements

• The ApacheDS LDAP server was updated to the latest version
• Text in table columns is now automatically shortened (e.g. very long email addresses) to avoid line breaks or very wide columns.
• Improved OIDC group management to better support upcoming new tools.

Bugfixes

• Searching in the audit log was not working, but is fixed now.
• The selection count now only counts selected and visible elements. Elements can be hidden by a search filter and were previously counted, too.
• On the users page sorting by project role could be wrong when a search filter was used, another project was selected and then the filter removed again. This works now as expected.
• Creating new technical users on Jenkins was broken, but now works again.

Known Issues

• Unfortunately, the links to Agile Board and Backlog in the Jira tile of the DevOps Portal homepage do not work properly for users which have more than one project. In fact, the links will lead to the last visited agile board on Jira, independent to the project selection on the homepage of the DevOps Portal. This is caused by the fact, that agile boards are not part of a Jira project, but instead are independent entities. We are striving to find a solution for the problem in a future version.

Released on January 25, 2024

New Features

AI Engineer

Added support for the new tool AI Engineer developed by T-Systems. AI Engineer is currently exclusively available in DevOps-as-a-Service instances.

SSO and Project roles are managed as usual in the DevOps Portal. The new tile on the DevOps Dashboard

can be used to enter the AI Code Engineer.

The AI Engineer can translate code from one programming language to another. It can also produce code from natural text, taking into account context from uploaded documents.

IDEaaS

Added support for the new tool IDEaaS developed by T-Systems. IDEaaS is currently exclusively available in DevOps-as-a-Service instances.

It's a browser based Integrated Development Environment (IDE) enhanced with a special AI plug-in. The plugin offers AI supported code generation which can use the files in your project as context.

SSO and Project roles are managed as usual in the DevOps Portal.

Jira Notification Scheme Management

Portal Admins have now the possibility to select Notification Schemes for Projects in Jira without having a Jira Sysadmin permission. For simple configuration, a new selection box was added to the Edit Project page.

The Default Notification Scheme sends an email on nearly any modification of a Jira issue. As an alternative to None, which doesn't send any emails, it's possible to have custom notification schemes added by raising a Service Request at the Service Desk of DevOps-as-a-Service. The screenshot shows an example for a customized scheme named "SDCloud Notification Scheme".

Automated linking of projects accross Atlassian tools

The three Atlassian tools Jira, Confluence and Bitbucket allow linking related projects with each other. Since the DevOps Portal manages Projects accross all tools in the DevOps toolchain it now automatically links projects with the same Project Key in all three tools which each other. This adds more comfort to dialogs, for example when choosing a Git Repository in Btibucket when a branch is created for a Jira issue. This config option is usually only available to users with Sysadmin privileges on the Atllassian tools, but the DevOps Portal handles it now automatically for you in the background. To activate it for an existing project, simply Edit and Save the Project or Resync the Project.

See https://confluence.atlassian.com/applinks090/configuring-project-links-across-applications-1209876486.html for more information.

Automated deletion of personal Git Repositories

Previously, when a user was deleted on Bitbucket all his personal repos were kept. This is a standard behavior of Bitbucket, but can impose security risks. Finding and deleting such orphaned repositories is a hard job in the Bitbucket UI. In addition, users can even make their repositories public, so that they can be accessed without authentication. In general, we don't recommend to use personal repositories. Instead, keep repositories inside a Project for close cooperation with the Project members.

When you delete a locked user in the DevOps Portal, it will now warn you that any personal repos of the user will be automatically deleted.

Automated deletion of personal Confluence Spaces

Previously, when a user was deleted on Confluence his personal space with all pages was kept. This is a standard behavior of Confluence, but can impose security risks. Finding and deleting such orphaned spaces is a hard job in the Confluence UI. In addition, users can even make their spaces public, so that they can be accessed without authentication. In general, we don't recommend to use personal spaces. Instead, keep pages inside a Project space for close cooperation with the Project members.

When you delete a locked user in the DevOps Portal, it will now warn you that any personal space of the user will be automatically deleted.

Turbo rendering for entity lists

Several pages on the DevOps Portal can have thousands of entries, like users, projects, organizations and tech users. The new turbo rendering drastically reduces the time until the page is displayed. In addtion when scrolling down, the new entries are rendered in real time. With this new approach, paging becomes useless. With the DevOps portal you can manage users and projects in large enterprises with high speed.

Selection count

In addtion, these entity lists are now counting for you the number of selected entries. In contrast, the already established Displayed count is based on the currently visible entries concerning the search filter. Operations like "Assign" are only performed on entries which are selected and currently visible. Therefore, the selection count helps you to exactly recognize how many elements will be modified when you press the Assign button for changing the roles of users.

Enhancements

• On the Dashboard, the Jenkins tile now has a link to get to your "Favorite Pipelines". In the Blue Ocean UI you can mark multiple delivery pipelines from different projects to be your favorite ones. Just click the star icon on the right-hand side of the branch you are interested in.
  
• In addition, the SonarQube tile on the Dashboard now links to "My unresolved issues". In SonarQube you can work there on all unresolved issues in all projects that were assigned to you.

Improvements

• To improve the scrolling through large list of users, the text in some columns like first name, last name and email is now automatically shortened. Previously, text was wrapped which resulted in different possible heights of rows.
• Auto-provisioning of Jira is now faster.
• Emails sent by the portal are now also containing a name in addition to the From email following this template: "CUSTOMER.devops.t-systems.net <noreply@CUSTOMER.devops.t-systems.net>"
• Adding and removing tools to a DevOps-as-a-Service instance is now easier to achieve.
• SonarQube Scan results are now automatically deleted when the project is deleted. This avoids problems if the project is recreated with the same project key.
• Improved automatic testing

Bugfixes

• Hardened the Portal API to fix a finding from a Portal penetration test.
• Deleting Bitbucket projects with a lot of repositories inside is now working properly.
• The password reset link in password expired notification mails is now working properly. The password reset link on the Portal was not affected by the problem.
• When a user in Portal Role CREATOR had created a new project, the more button of the project did not appear and the project details page could not be opened. The workaround was to relogin, but now it's immediately working.

Released on November 23, 2023

New Features

Portal Creator

The new CREATOR Portal role is now available. Portal Creators have more power than standard Portal Users, but less than Portal Admins. In short, the 3 available roles are best explained like this:

• USER can only access projects for which a role was assigned to him or her.

• CREATOR can create all kinds of entities like users, projects, organizations and technical users.

• ADMIN has full-access. Can create, edit and delete all kinds of entities.

Like a normal user, if the CREATOR is a member of the default organization, he can see all users and organizations. Members of other organizations can only see users of their own organization and additionally users which share a project membership with them. There's no exception on this for CREATORs.

In detail, the CREATOR (German: Ersteller) is allowed to:

• Create Projects
• Create Users (but no Portal Admins or Creators)
• Create Tech Users
• Create Organizations
• Reinvite Users (but not forcing an activation)
• See Tech Users with no role assigned (Project count 0)
• See all Organizations to be able to create new users in any organization
• View additional information on user detail pages like Portal ADMINs can
• See remaining licence counts on the pages Projects, Users and Tech Users (but doesn't have access to the Administration menu)

Since the CREATOR can only see projects where he has a role, he is automatically assigned to be a Project Admin for any new project he creates. After adding another Project Admin to a project, he can decide to remove himself.

The CREATOR cannot edit any entity after creation. If by mistake something wrong has been entered in the creation dialog, he has to ask a Portal ADMIN to fix it.

The CREATOR role is the ideal role for somebody who has to onboard some new users and create projects for them. It can make sense to grant the CREATOR role for a limited time to a project manager to improve the self-service. When he has finished setting up new users and projects he could be set back to be a standard user by any Portal Admin.

Known Issues

• Unfortunately, the links to Agile Board and Backlog in the Jira tile of the DevOps Portal homepage do not work properly for users which have more than one project. In fact, the links will lead to the last visited agile board on Jira, independent to the project selection on the homepage of the DevOps Portal. This is caused by the fact, that agile boards are not part of a Jira project, but instead are independent entities. We are striving to find a solution for the problem in a future version.

Released on November 09, 2023

PSA (Privacy and Security Assessment) Compliance

• The password reset procedure is now protected against automated use or misuse. After entering the email address, the user is now asked for his 2nd factor. This ensures, that it's not possible to spam users with password reset mails. Of course, it requires that 2FA has been enabled for the user. In general, it's recommend to enable 2FA for all your users. Therefore, 2FA has always been enabled by default when you create a new user on the DevOps Portal.

Enhancements

• Starting with Bitbucket 8.2, a new Create repository permission has been added by the vendor. This new permission is now granted to all users with a MASTER role. To enable it for existing projects, simply initiate a Resync of the project in the DevOps Portal. Please note, that users automatically get admin permissions in the repositories they create.
• In some tools (currently Jira, Confluence and Bitbucket) Project ADMINs can directly add individual users to their project choosing from one of the available roles or permissions. This is now cleaned-up when a Project Resync is initiated. To be more precise, a Project Resync removes any Project roles or permissions for users which don't have a role assigned in the DevOps portal.

Improvements

• Prepared the DevOps Portal for configuring tool specific project settings in the future.
• Updates of used software frameworks and libraries.
• When a Technical User is deleted, the sort order of the table is now preserved.

Bugfixes

• On the Projects page, assigning a role to a user which he already has, obviously has no effect. But unfortunately, after such an action the Assign button was disabled, even when another user was selected. This is fixed now.

Known Issues

• Unfortunately, the links to Agile Board and Backlog in the Jira tile of the DevOps Portal homepage do not work properly for users which have more than one project. In fact, the links will lead to the last visited agile board on Jira, independent to the project selection on the homepage of the DevOps Portal. This is caused by the fact, that agile boards are not part of a Jira project, but instead are independent entities. We are striving to find a solution for the problem in a future version.