Another quarter, another rollout. The infamous quarterly ROOT Atlassian rollout is back with a vengeance. Well… yeah. Perhaps not quite.

Whilst it feels as if it was just yesterday we were planning and preparing for the previous Atlassian rollout in December, it has indeed been three months already. Oh, how time flies. And as always, this is not merely a month of Atlassian either, there is a good number of updates scheduled for GoCD, JFrog Xray, ROOT Team Management and others as well.

As for the protagonist of this story, this - in short - is what we have planned for March:

  • Bamboo will receive a version update from 7.1.3 to 7.2.2,
  • Bitbucket will get a healthy bump from 7.7.0 to 7.10.1,
  • Confluence gets a level-up from 7.8.3 to 7.11.1
  • Crowd will be seeing a minor treatment from 4.2 to 4.2.2, and, finally
  • Fisheye/Crucible is updated to 4.8.6.

Yes. 

Very good.

“Aren’t you forgetting something, buddy?”, exclaims a voice from the audience, having mustered the courage to point out the elephant in the room, “what’s the deal with Jira?”

When it comes to the two main culprits of an Atlassian rollout - Confluence and Jira - we’ve decided to split the operation into two parts for this one, in order to ensure the smoothest update possible. Both have a lot of changes under their hoods, many things revolving around the new Data Center bits and bobs and all that jazz. That missing Jira will hit the streets in April, more on that coming up very soon.

With sights already set on the upcoming Bamboo 8, this will more than likely be the final version of the 7.x line we will be rolling out.

Improvements to Bamboo Specs

 

Bamboo 7.2 brings a bunch of improvements to Bamboo Specs:

  • Any-task command which will allow you to use tasks from any Marketplace app in Bamboo YAML Specs.
  • Native YAML Specs support for SSH/SCP, Command, Maven, and Build Warnings tasks.
  • Trigger conditions configuration is now available in Java Bamboo Specs.
  • Third-party Java Specs builders can be used for repository stored Specs. You can utilize this to create your own Specs libraries, to help with managing large and complex plans.

Tag triggers


Bamboo 7.2 also introduces a new feature for firing up builds automatically, whenever a specific tag appears in your repository.

See the Tag triggering documentation at atlassian.com to find out more!

 

With this release Bitbucket Data Center gains support for zero-downtime upgrades along with some CI/CD refreshments for all.

Evolving CI/CD integration

Back in September, with Bitbucket 7.4, Atlassian provided us with a much-appreciated Integrated CI/CD, which allowed us to interact with 3rd party CI/CD systems (like Jenkins) directly from Bitbucket UI. Since its inception Atlassian has been hard at work making it even better. Our December feature, as you may remember, added the possibility of accessing build logs and artifacts directly from Bitbucket UI, as well as improved the overall user experience.

pasted image 0-1

Starting with this release, you can rerun your builds from Bitbucket. You’ll find a new Actions column on the Builds page and on the Builds tab of a Pull requests page. From here you can start the actions authorization process (in order to act on Bamboo or Jenkins builds from Bitbucket, you’ll need to authorize your access first), then you can rerun Bamboo plans and Jenkins jobs from this menu.

See the Integrated CI/CD documentation at atlassian.com for more on setting up actions and the feature in general. 

Rolling upgrade with zero downtime

Like with its Confluence and Jira brethren, it is now possible for critical and very downtime-sensitive clustered Bitbucket Data Center installations to be upgraded with no downtime at all (within certain limitations).

On a clustered setup, Bitbucket application upgrade can now be performed in a rolling upgrade fashion, where nodes are taken down for upgrade one at a time, without any disruption to application availability for end users.

Noteworthy changes in the Bitbucket plugin ecosystem

Awesome graphs for Bitbucket

  • Export to CSV
    • REST API resource allows you to export raw data with commits or pull request statistics to a CSV file. You can get lists of commits or pull requests with their details, made during the selected period on global, project, repository and user levels.
  • Retrieve single commit data
    • REST API resource makes it possible to query data for a single commit identified by its ID, which paves ways for a more precise analysis of your codebase. The data includes lines of code added and deleted, author details, commit creation time and parent commits’ hashes.

Post webhooks for Bitbucket

  • Now you can trigger Azure DevOps pipelines from Bitbucket Server or Data Center.
  • Support of Basic Authentication.
  • Support of POST/PUT and GET HTTP verbs/methods.
  • Option to filter by source and destination branches for pull request events.
  • Added support for Azure DevOps Pipeline parameters when the pipeline is triggered. Check out the documentation at moveworkforward.com for more details.

This Confluence 7.11 release introduces multiple changes to Data Center deployments, performance improvements, fixes and enhancements of all sorts, sprinkled with some plugin and addon updates for the finishing touch.

Bundle of added value for Data Center package

Analytics for Confluence and Team Calendars for Confluence, which previously were paid-for add-ons, are now bundled with the Confluence Data Center subscription.

In depth intel with Analytics for Confluence 

Interested in the efficacy of your communication reach and the use of your documentation spaces or popularity contest? Doesn’t matter, Analytics for Confluence can sort you out.

The site analytics reports available in Analytics give an overview of engagement with all the content in your site. You can filter the report by date and type of content, visualize trends in different activities across your site, identify popular spaces and the most active users overall.

Getting more in depth to the site analytics reports can reveal further insights on a space, a page, or even down to the level of a single file attached to a page. And it’s more than just page views, too, with timestamp data for creation, last modification and viewing activity, number of unique users viewing the content and so forth. And, of course, it can all be exported to Excel for those real charts and diagrams.

The Analytics feature has also been built with privacy in mind:

  • Space permissions are respected at every level. Users will only see analytics details for spaces they have access to.
  • Access to analytics reports can be limited to certain users or groups only, if you so wish.
  • Anonymizing usernames and avatars in the analytics view is possible in increased privacy mode. You’ll get an accurate picture of the engagement, without actually revealing users’ details.

Learn more about Analytics on atlassian.com.

Alright stop, collaborate and… organize?

DC’s back with a brand new invention. Team Calendars, a long time favorite for many Confluence users, is also available for all Data Center instances. Team Calendars allows creating calendars for yourself and your team and viewing such calendars from your organization in one place.

pasted image 0 (1)

In addition to adding your own events in Confluence, you can also populate your team calendars via integration with external sources:

  • Get your team’s sprint dates, release dates and issue due dates from Jira.
  • Schedules and on-call rotations from Opsgenie and PagerDuty.
  • Existing calendars from Google, iCloud, Outlook and TeamUp.

Personal access tokens are here!

You may already be familiar with Personal Access Tokens (or PATs) from Bitbucket, for example. Previously only available in Atlassian Cloud, Personal Access Tokens have now arrived for Confluence Server and Data Center as well.

pasted image 0 (2)

This will make automation and integration implementations via Confluence REST API safer and more secure by not having to use username-password combination for authentication any more, but a separate, revocable access token.

You can set up tokens to expire on a certain date, or have multiple tokens active simultaneously.

Once a user account is set inactive or deleted from Confluence, all access tokens associated with it will automatically get revoked.

Much like in Bitbucket, Confluence Administrators, too, will have the ability to enforce rules for token use:

  • Limit the number of tokens people can create
  • Set global expiry rules for created tokens

Good times. However...

Performance improvements

Working with big Office files is sometimes unavoidable. And as a result, the usability of your Confluence pages might have ended up being a casualty of this. From now on, for pages with big Office documents, Confluence will load the regular content first and all the Office content then. This should improve page loads and usability on such pages.

There are also changes under the hood for the content indexing facility built into the Confluence itself. After the upgrade, with the new improved and optimized indexing, pages that rely on the content index, like search and the dashboard, now load faster on bigger and busier sites, while reducing the CPU load on the server running your Confluence.

Noteworthy changes in the Confluence plugin ecosystem

Bob Swift Add-ons - SQL (PRO)

  • Added capability to filter table data based on a value in the column.

Bob Swift Atlassian Add-ons - Advanced Tables

  • Added a new feature which allows searching for Jira issues using JQL and returning them as a table where issue fields are columns.
  • Added capability to filter table data based on a value in the column.

pasted image 0 (3)-1

Excel for Confluence

  • Added capability to migrate data to Confluence cloud using cloud migration assistant tool.

Team Calendars

  • Team Calendars is now bundled with Confluence Data Center and is free for customers with a Data Center subscription.

Scroll Viewport

  • Added capability to integrate search function into a viewport. The search can also utilise page labels.

Table Filters and Charts

  • Added a new macro which allows converting JSON to a table.
  • Added capability to select a preconfigured chart in page view mode. Suitable chart is suggested by the macro based on the table data.
  • Added capability to show related page titles when using Table Excerpt Include macro.

Smart Terms for Confluence

  • Added audio file support.
  • Added capability to include or exclude terms from other glossaries.

 

This quarterly release of ours will also contain minor version bumps for Crowd and Fisheye.

Crowd

This release of Crowd is merely a fix for some previous bugs. Full disclosure can be found in Crowd 4.2 release notes at atlassian.com

Fisheye

This minor update to Fisheye 4.8.6 is primarily about slashing bugs here and there, but there’s also support for Git versions up to 2.26 as well as a new GitHub integration app. 

Improved GitHub integration

Repository polling with a large number of repositories can end up being terribly inefficient use of system resources, never mind being impossibly slow as well. With the new free GitHub webhooks for Fisheye add-on from Atlassian Labs you can set up to trigger Fisheye to update your repository automatically on every push, so you can completely disable scheduled polling.

Check out the Atlassian Marketplace listing for details on the app. 

We’re expecting SonarQube to hit us with a fresh 8 LTS in the next couple of weeks and the release of a new major LTS version of Jenkins soon, this month our focus is on bug fixes and maintenance of all kinds.

GoCD 21.1.0

This release of GoCD will contain important security fixes pertaining to Agent-Server communication, as well as some bug fixes and other improvements. Browse over to Release notes of GoCD at gocd.org for the nitty-gritty. 

UI/UX improvements

The ongoing UI / UX refresh of GoCD has brought improvements to the overall user experience.

The Preference page has been rewritten to sync with UI/UX of other pages, while retaining all the functionality.

You can also now view the stage overview on VSM page. Earlier it was accessible on the Dashboard and Pipeline Activity page. In the case of stage reruns, the overview now provides an option to see the earlier stage runs as well.

pasted image 0 (4)Stage overview. Screenshot by GoCD.org.

Webhook support for Config Repositories

With the release of GoCD 21.1.0, you can now refresh or update your config repositories via a webhook trigger. The config repositories page will now contain instructions for different version control providers (such as Bitbucket or GitHub) for setting up the webhook.

unnamed-2Webhook configuration. Screenshot by GoCD.org.

Helix TeamHub’s security fix

The release 2020.2.1 fixes a vulnerability pertaining to the OpenSSL library. Nothing further, Your Honor.

Jenkins’ monthly treatment

Jenkins core is updated to version 2.263.4 LTS along with a bunch of plugins and addons.

This time around, there is a potentially breaking change in the Git plugin, which removes doGenerateSubmoduleConfigurations and submoduleCfg from Pipeline syntax. Check out the GitHub pull request for all details.

Please contact your ROOT support for a complete list of plugin updates applicable to your ROOT Jenkins instance.

Rancher v2.5.5 delivers bug fixes, major and minor

This release of Rancher fixes some major annoyances of earlier versions, such as installation errors (#30188, #29980), pods being scheduled on dead nodes (#27734), Amazon Linux provisioning failures (#21648) to name a few. Check out their release notes for v2.5.5 at GitHub.com for a full list of fixes for this version.

ROOT Team Management version 1.6.2

To prevent insecure use of login credentials with REST API access, two already deprecated authentication endpoints have been completely removed in the version 1.6.2:

  • POST /oauth/token?username=<username>&password=<password>&grant_type=password
  • POST /oauth/token with credentials as a request body content.

Authentication calls using this endpoint should be updated to use the current /auth/login. This endpoint is available in earlier versions of ROOT Team Management as well.

Example authentication call to REST API using curl:

curl --location --request POST 'https://rtm.eficode.io/api/auth/login' \
    --header 'Content-Type: application/json; charset=utf-8' \
    --data-raw '{"username": "myUsername", "password": "myPassword"}'

In addition to this, the maximum permissible length for an email address, user or group name can be extended for the default 64 characters, if required.

The configured email address of a technical bot user account can now be retrieved through the LDAP API, which allows the resource account to be used for subscribing to notifications from Confluence or Jira, for example.

You can read more about ROOT Team Management 1.6.x at docs.eficode.io.

Xray radiates towards version 3.17

JFrog promised us that they would be constantly updating the Reports feature introduced for Xray 3.x. And they certainly have. This release of Xray adds the following:

  • Impact Path Data is now available for Due Diligence, Violations and Vulnerabilities reports
  • Ignored Violations data can now be viewed on the Violation report

And there’s also the new REST API to restore Ignored Violations and a host of other changes and fixes. Head on over to Xray Release Notes at jfrog.com for all details on this version.