Archive
Blog - posts for March 2021
Mar 26 2021
New phone number for DevOps as a Service Helpdesk
We want to inform that our DevOps Helpdesk number has changed.
- new number: +49 69 9731799115
Our old number has been replaced by the new one.
The number is available since 25.03.2021 and occupied between 08-18 CET.
Mar 11 2021
Initial Rollout of Single-Sign-On (SSO)
Beginning at next week we start the initial rollout of SSO for most of the customers. This initial rollout includes the deployment of the basic infrastructure and providing SSO for the Atlassian tools Confluence, Jira and Bitbucket.
Some of the preparation work can be done in the background, but to reconfigure the tools a maintenance window is required. The affected customers are going to receive corresponding maintenance tickets for information and approval of the maintenance work for SSO.
When SSO is enabled for a specific tool, then the login doesn't occur locally in the tool anymore. The user is rather redirected to a central login page, which performs authentication centrally on behalf of the tools. As a result, login must only be performed once and the established authentication session also automatically authenticates a user against the other tools.
The Password Reset function remains unchanged, there is a link at the login page which refers to the reset page.
2-Factor-Authentication (2FA) is prepared and can be configured on demand per User. If a customer wants to have 2FA for users activated, then it's performed based on a Service Request for the defined list of users. We decided against to enforce 2FA for all users, because there are side-effects for technical users possible. There is already a user story in our backlog to integrate 2FA per user in the self-service-portal.
Technical users for the Atlassian tools have already been stored locally in the tool. This remains unchanged with SSO. As a consequence, technical users can still use the Rest-API with local authentication (unchanged) but can't login to the Web-UI anymore. When SSO for Jenkins is going to be rolled out, then there are some preconditions required regarding technical users.
To provide SSO as early as possible and to minimize risks during migration we decided to rollout SSO step-by-step for the different tools. So, the initial rollout includes Confluence, Jira and Bitbucket. In a next step, the self-service portal and Jenkins will be added. GitLab and Rancher will be added at the end. Due to technical reasons, Nexus is not going to be included in SSO. This should not be an issue, because there is only a seldom requirement to manual login into Nexus.
We think, that the introduction of SSO is a significant step forward making DevOps-as-a-Service a better and safer product.
