Eficode ROOT: What’s new this September?

Jump to read about:

• Bamboo
• Bitbucket
• Confluence
• Jira
• Jira Service Desk
• Jira plugins
• JFrog Platform
• ISO 27001 audit and other tools

What’s new in the Atlassian universe?

The autumn is approaching quickly, therefore it is the time for our third quarterly Atlassian Rollout of the year 2020. We’ve got brand new versions lined up for Bamboo, Bitbucket, Confluence, Fisheye/Crucible and Jira, as well as for many of their add-ons.

This is what’s coming, in a nutshell:

• Bamboo is updated from 7.0.4 to 7.1.1,
• Bitbucket is updated from 7.1.1 to 7.4.1,

• Confluence is updated from 7.3.5 to 7.7.2,

• FeCru is updated from 4.8.0 to 4.8.3,
• Jira and Jira Service Desk are updated from 8.8.1 and 4.8.1 to 8.11.1 and 4.11.1, respectively.

Be in the know, continue reading for our recap and highlights of the stuff that’s changing with this release!

What’s new in Bamboo?

Conditional tasks

In Bamboo 7.1, you can now configure your tasks to run only when a defined criterion is fulfilled, by adding conditions that have to be met to run a task. Conditions for tasks can be set through Bamboo UI or by using Bamboo Specs.

See the Configuring tasks guide at atlassian.com for more details.

Webhooks for Bamboo

It is now possible to make Bamboo send real-time notifications to other applications using webhooks. For example, you can use webhooks to send an alarm to a chat room if a plan fails.

See the Using webhooks guide at atlassian.com to learn more.

What’s new in Bitbucket?

Expiring access tokens

When creating an access token users can now set an expiry date for it. For increased security, token expiry date and the maximum amount of days it can remain valid can also be configured as a mandatory setting for all personal access tokens.

Integrated CI/CD for Bitbucket

Bitbucket 7.4 delivers a new CI/CD integration - compatible with third-party CI/CD tools - which starts off with two new ways for getting feedback on your code in Bitbucket: the new Builds page and the new Builds tab on the Pull requests page. Now when you integrate your instance with Atlassian Bamboo, Jenkins, or other compatible CI/CD application, you'll get the results of your build and other related information on these two pages. They allow you to stay focused without having to go back and forth between different tools constantly.

In upcoming Bitbucket releases, Atlassian will be enriching these pages and rolling out more Integrated CI/CD features for streamlining your workflow.

All the necessary bits and pieces are readily available in your ROOT platform CI tools (e.g. Jenkins), so you can set up the Bitbucket integration for your project whenever you want.

Source branches are now deleted by default

Source Bitbucket Server 7.3 release notes at atlassian.com

To help you keep your branch list clean, the delete source branch after merging option will now be selected by default when you merge a pull request. If this isn’t your preferred setting, you can change it and Bitbucket will remember your choice for next time using local storage.

For more, see Merge a pull request at atlassian.com.

View hidden comments

Comments in older diffs will not disappear anymore.

By selecting the other comments counter when it appears on your pull request, you’ll have more context on why code has changed throughout a pull request by being able to:

• see a file’s activity stream showing comments that are outdated or appear on another diff
• distinguish which comments are actually outdated
• reply to, like, delete, or react to outdated comments the same way you can from the overview tab.

What’s new in Confluence?

This release of Confluence improves on multiple fronts: making accessibility and usability of the user interface even better, keeping up with various regulatory requirements with improved auditing, as well as providing fixes to some bugs and problems in earlier versions.

Highlights below, complete details can be found in Confluence Release Notes at atlassian.com.

Automation with webhooks for Confluence

You might already be familiar with the concept of webhooks from version control systems (such as Bitbucket) or CI/CD utilities (like Jenkins), for example. With the release of version 7.7, webhooks have now become available for Confluence as well!

Webhooks are a way for an application to notify another application when a certain event happens. For example, you could use a webhook to trigger the creation of a new Slack channel whenever someone creates a new space for their project.

You can trigger webhooks on various events, such as:

• Adding and removing users or groups
• Creating or updating content
• Deleting or restoring content

Navigate to Managing Webhooks guide at atlassian.com to learn more about Confluence webhooks.

Advancements to advanced audit logging

(Confluence Data Center only)

Filter by category or summary

All audit log events are organized into categories. With Confluence Data Center, you now have the possibility to filter the audit log by one or more categories, to limit the results to, for example, security-related events only.

And to drill down even further, you can also apply the new Summary filter to limit the log view to specific events only, like when someone deletes a page, exports a page to Office or changes a setting.

Capture more

Advanced coverage level in Confluence Data Center adds the possibility of capturing more end-user activity in the audit log. It can now record an event when someone:

• moves a page or blog post,
• shares a page or blog post,
• requests or grants access to a page or blog post (from an access request).

A dash of color for your tables

You can now choose from 49 different colors to apply to your table cells, including pure black and all the colors of the rainbow. Old colors will still be available, so the look of your existing tables will remain the same.

(Screenshot by Atlassian)

Improved auditing with revamped audit log

According to Atlassian, the revamped Audit log in Confluence can even be fun to work with. You be the judge of that, but they have indeed made significant improvements to it. The most obvious change being the way it looks, with a clear, user-friendly interface that makes it easy to navigate around, adjust the settings and filter the events.

“But it’s not just about the looks.”, says Atlassian, “It’s also what you can do with it”:

• You’re in control: you decide which events are logged and how long you want to keep them.
• Full transparency: filter events, expand to see further details, and export the audit log if necessary.
• Free up your auditing schedule: events are clear and well categorized, so you don’t need to spend time browsing through piles of events.
• Delegate some tasks: space admins can now access the audit log for specific spaces to monitor what’s going on there (Confluence Data Center)
• Integrate with 3rd party tools: events are logged to your database and to a file in the local home directory. Use this file to integrate with SumoLogic, ELK, Amazon CloudWatch and Splunk (Confluence Data Center)

Smoother editing and improved accessibility

Atlassian has ironed out some of the several long-standing frustrations in the Confluence editor, making editing experience smoother than ever before. The look of the editor has not changed, but under the hood they have provided us with improvements related to:

• Copying and pasting links
• Navigating within the tables
• Inserting links
• Using keyboard shortcuts
• Changing cell background colors

Upload files with confidence

Confluence will now warn you if a new version of a file has been uploaded since you started editing a file. You can choose to either discard your changes, or continue to upload your changes as a new version in the file history.

What’s new in Jira?

Issue detail view is now optional

You can now choose to hide the detail view and swiftly re-enable it whenever you need it. You can do this with two clicks of a button: on your board view, select Board > Hide detail view.

Managing private filters and dashboards

Jira 8.11 gives Jira Administrators the power to edit and delete private filters and dashboards.

Previously, if a board or filter was not shared, doing changes to it or changing its ownership even as Jira System Administrator was very difficult. In some situations this could lead to broken boards when the user account of the board owner was deactivated. Fixing these problems became a lot easier.

Also, if you happen to come across filters with inefficient search criteria or dashboards filled with some unwanted gadget configurations, you can now improve them yourself, or just delete them altogether.

Refreshed Velocity Chart

The Velocity Chart report received some freshening up in Jira 8.9. 

(Screenshot by Atlassian)

The new and improved chart now shows up to 120 sprints, lets you choose a pre-defined timeframe or custom date ranges, shows average velocity of your team and has a brand new look and feel to it, with some additional feature like focus that lets you zoom in on the sprint you are interested in.

Restricted sprint selection

Jira Administrators now have the ability to restrict sprint selection by enabling the option called Relevant Sprints. This will change the sprint selection dropdown to only display sprints belonging to the selected project by default. You can tick the Show all box to see sprints for all other projects as well.

This will reduce the chance of accidentally linking issues to other projects’ sprints, which has caused users to not be able to close a sprint and has required support to fix the board when this has happened.

User anonymization (GDPR) improvements

Atlassian has continued to fix the limitations of the user anonymization feature originally introduced in Jira 8.7 (for staying compliant with GDPR). In this release, the scope of anonymization has been extended to include:

• Reporters and creators of issue collectors
• Full name in the issue history
• Ability to anonymize users that have already been deleted

What’s new in Jira Service Desk?

Multilingual Service Desk

Jira Service Desk now ships with support for a multilingual customer portal, which allows adding various languages to your Jira Service Desk, making it possible to provide translations for most important items and fields on your request templates.

What’s new in the Jira Plugin world?

Advanced Roadmaps

Portfolio for Jira got a new name, it is now called Advanced Roadmaps. Atlassian has added quite a few useful features, some of which - like dependency maps - are also available in Jira Align.

• Visibility of roll-up values in CSV exports
• Share direct links to saved views
• Coloring schedule bars on the timeline by issue type
• Enhanced capacity distribution now the standard for Scrum teams
• More accurate capacity planning by editing sprint velocity directly on your timeline
• A redesigned fields menu to customize your plan’s issue details
• Ability to rename saved views
• New warning center allows you to diagnose, focus on, and manage issues with warnings
• Early access feature: New dependencies map to focus and filter dependencies in your plan
• Enhanced issue search displays results hidden behind filters

Better Excel Exporter for Jira

• Improved classloading for Groovy scripts
• Support for Git integration

Insight

• Object Page Layout Configuration:
  Provides means to customize the layout of your Object Page. Choose the information that you want to see by configuring widgets in separate sections. Read more about configuring page layout at mindville.com
• Improvements to Object Page:
  Quick search in widgets The download view in Attachments widget now responsive to the current search Panel contents can be filtered by a criteria A new rich text editor for writing comments A custom order possible to be set on the tabs. Read more about object view at mindville.com
• New IQL query widget: Provides a means to store IQL queries in the context of the object displayed on the Object page and display results based on this IQL. Comes in with support for placeholders! See the IQL query documentation at mindville.com to learn more.
• Configure widgets for Object page: You can now configure each widget with options that may range from lazy loading, display options for attributes, display for comments editor or attachment dropbox. See the widget documentation at mindville.com to learn more.
• Configure non-indexed attributes on Object types: You can now choose to not index attributes to reduce memory consumption. See the object type documentation at mindville.com to learn more.

Xray

Document Generator

Do you need to export Xray-related information out of Jira using your own customized report? Now you can!

With the Document Generator, you can export Xray Issues, Requirements, and Defects to Word, Excel, and PDF. 

You can build your own templates using Word and Excel documents or choose from the pre-made templates available in the Xray app within Jira free of charge. Once you have the right template, you can use it to export Stories, Tests, Test Plans, etc., into different formats such as PDF, DOCX (Word), XLSX (Excel), and more.

Configuring templates is also very easy. There are global templates configured by Jira administrators, and also project-level templates.

What’s new on the JFrog Platform?

What’s new in Artifactory?

We’re upgrading your current Artifactory 6.19.1 installation to a completely refreshed Artifactory Seven, version 7.6.1 to be specific. So refreshed in fact, that it is - for all practical purposes - pretty much completely redesigned and rebuilt from ground up.

The new system architecture will provide a solid foundation for JFrog to add new features and products on the Platform for years to come.

Be sure to also check out What's New: On-Prem at jfrog.com and the Artifactory 7 Release Notes at jfrog.com for a full overview of the changes in store.

Introducing the JFrog Platform

With the release of version 7, Artifactory will no longer be just Artifactory. Instead, it’ll begin a new life as the entry point and the base building block of JFrog Platform -- a unified approach for the whole JFrog toolchain.

Backwards compatible

We know how frustrating it is when a seemingly harmless version update in one application ends up triggering an unwarranted snowball effect, ending up requiring massive amounts of code and configuration changes across the whole pipeline with countless hours being spent doing unproductive work. This is why we took our time and did our best to ensure this does not happen with Artifactory 7, before releasing it to our ROOT Platform users.

But since we are not perfect by any means, and this is a major overhaul of the application, it is possible that we have managed to overlook something. If this turns out to be the case, we kindly ask you to get in touch with your ROOT Support as soon as possible, and we'll figure it out together.

Unified user interface

Artifactory 7 introduces a new unified UI for the entire JFrog Platform, including all JFrog products. If you are using Artifactory with other JFrog products, such as JFrog Xray, JFrog Mission Control or JFrog Insights, they are now all accessible from a single UI with one URL.

Unified permission model

This version also unifies all JFrog production permissions across the Platform, allowing more straightforward management of permissions through one unified UI. The Unified Permission Model enables you to create a single permission target, which can be used to control permissions of all products on your JFrog Platform.

Deprecations

• License Control is deprecated. Its functionality is included in the Xray integration, which provides richer information and wider support of additional package types.
• Stash Search Results feature has been removed from JFrog Platform UI.
• Internet Explorer is not supported in the JFrog Platform. See the list of supported browsers. 

Feature enhancements in Artifactory

Alpine Linux repository support

Artifactory 7.6 now natively supports Alpine Linux packages. You can create private local Alpine Linux repositories with fine-grained access control, as well as proxy to remote Alpine Linux resources using Artifactory Remote Repositories.

Event-driven webhooks

The new Webhooks feature shipped with Artifactory 7 allows you to notify other applications when important events occur in Artifactory. See the Webhooks documentation at jfrog.com to learn more about creating webhooks on your JFrog Platform.

Support for RHEL 8 AppStream in RPM repositories

Artifactory now supports Red Hat Enterprise Linux 8 which contains support for enhanced Yum metadata for AppStream (RHEL8) or Modularity (Fedora) technology used in RHEL8.

What’s new in Xray?

With the release of Xray 3, it will no longer appear as a separate, standalone tool like Xray 2 did. Instead, it will now be an integrated feature in the new JFrog Platform Unified Experience.

You can now access all the Xray functions directly from your JFrog Platform (previously Artifactory) user interface. The previous separate service URL addresses, separate logins and such are no longer required.

Feature enhancements in Xray

Source JFrog Xray release notes at jfrog.com

Release Bundles Scan

In addition to scanning repositories and builds, the Unified Platform now allows Xray 3.0 to scan Release Bundles for vulnerability and license compliance.  You can now protect your releases by defining policies and watches on your Release Bundles. Policy violations can block the distribution of a Release Bundle. 

Configure Indexed Resources Using Patterns

You now have more flexibility when configuring Xray indexed resources by using Exclude or Include Patterns for Builds and Release Bundles.

Configure Watch Scope Using Patterns

You now have more flexibility when configuring the Watch resources scope of repositories, builds and Release Bundles by name or using Exclude/Include patterns.

Dedicated Security and Compliance Search Experience

Xray 3.0 introduces a new Security and Compliance Search, part of the new Global Search Experience in the JFrog Platform. You can now search for specific vulnerability and license compliance information by resource name, CVE number, license, severity level and scan date range. 

Deprecations

• Out of the box integrations with Aqua, WhiteSource and Black Duck are deprecated. Custom integrations are still available.
• Xray homepage has been removed

What else is happening on Eficode ROOT?

ISO 27001 Audit done

Eficode has now successfully gone through an ISO 27001 audit. Audit statements will be available in October for those who need it. Additionally, ISAE 3402 type 1 platform is now available and ISAE 3402 type 2 is expected to be in place during the year 2021. Please get in touch with us for more details.

Jenkins gets the monthly treatment

A number of plugins receive updates and fixes in our monthly rollout. Please contact your ROOT support for a full list of plugin changes applicable to your ROOT Jenkins instances.

SonarQube LTS receives a minor update

Version of SonarQube LTS gets an update from the current 7.9.3 to version 7.9.4, along with a SonarJava plugin update to version 6.3.2.

Don't miss our upcoming webinar where we'll walk you through the upcoming changes: