Select Page
by

Ayan Ganguly

|
last updated on May 31, 2023
Share

A Spinnaker delivery pipeline allows code to flow through multiple automated stages, where each stage serves a different purpose. These business-critical stages are managed by Developers and DevOps engineers. These business-critical stages must be closely tracked by the management to avoid unforeseen delays and take preventive action.

Why do you need to integrate Jira with your Spinnaker Pipeline?

With Zero Trust Architecture, management can never be given access to view the pipeline for their status reports. Visibility plays a critical role as DevOps culture demands that stakeholders must be aware of what is going on with the code at any point in time.

Without visibility, there is a risk of damage to business in the form of bugs and production failures. Visibility provides confidence. So it is imperative that business leaders and business heads involved in engineering and product development be aware of the situation. 

Jira is a de-facto issue tracking and project management tool for a lot of enterprises and start-ups. Posting updates to Jira on the status of CI/CD pipelines increases transparency and helps in auditing. Although Spinnaker can be integrated with various tools in the cloud-native space, it doesn’t have a built-in Jira stage. 

With this in mind, OpsMx with the help of custom stages in Spinnaker has developed a Duplex Jira integration. Off the shelf Spinnaker only supports a webhook trigger . All visibility is lost once Jira has triggered the pipeline.

With OpsMx, ISD developers and DevOps Engineers can leverage this feature to create and edit issue tickets, The beauty of the feature is that PMs and other stakeholders can track progress from Jira or provide comments and updates into the pipeline without having to open the Spinnaker terminal.

What is a Webhook?

Webhooks are an API architecture that is resourceful and lightweight to trigger event reactions or push notifications and data. Technically it is defined as a user-defined callback over HTTP. 

In this blog, we use the Jira webhook for notification purposes when certain events occur in our Jira ticket.

Advantages of integrating Jira for your Spinnaker Pipelines?

  • Visibility into the pipelines for management and stakeholders without compromising security
  • Adhere to Zero Trust guidelines
  • Easy execution and approvals for the Pipeline workflow
  • Instant event alerts and notifications on Jira

NOTE:The below document can be referred to in configuring Jira WebHooks:https://developer.atlassian.com/server/jira/platform/webhooks/

How to configure Jira with Spinnaker

Jira WebHook only uses HTTPS protocol. So the connection is encrypted and all data is safe and secure. To configure the webhook we must be an admin or at least have access to the Jira admin console. 

Follow the step-by-step procedure to configure the Jira webhook for OpsMx Enterprise Spinnaker. Screenshots from the Jira admin console to help you follow the process.

Step 1- Configure Jira Webhook settings

Jira Webhook to Trigger Spinnaker Pipeline:

webhooks for Jira

these are the events we configured for which it will trigger the Spinnaker pipeline.

We can select ‘all issues’  or specify particular issues to send triggers based on matching events.  After configuring the details and saving you should see a similar screen as shown :

Step 2 - Setup Automated Trigger as WebHook:

To test whether we are able to trigger the pipeline using Jira webhook, we can try a simple pipeline first by setting up the Configuration stage as shown:

Now every time there is a change in your Jira ticket the above pipeline will be triggered.

*** Not to get confused with the Spinnaker webhook link shown in the above image, when we named our Source ‘jirademo’ we got the Webhook link as ‘/gate/webhooks/jirademo’, we added the https://demo.opsmx.com part to the webhook to get https://demo.opsmx.com/gate/webhooks/jirademo . 

This will entirely depend on how your Spinnaker is set up. You will always get the link to your WebHook below the Source field in Spinnaker which you will use for Jira.

** Also whatever apps you are trying to integrate with Jira WebHook ensure the security certs on them are valid and not expired. Jira WebHook will not trigger any event for the app in question if they have invalid certs. 

Is the webhook limited to only triggering pipelines in Spinnaker?

Spinnaker does not natively support any further actions with the Jira webhook. But in our case of OpsMx Enterprise for Spinnaker that is not the case, custom stages can be created in Spinnaker for creating issues/tasks, updating comments, and transitioning issues in Jira, this is possible because we can define custom webhooks in Spinnaker.

API-driven architecture of Jira allows us to do various actions on Jira using REST APIs. So, via the custom stage of Spinnaker, we can invoke the necessary API and create/manage issues/tasks on Jira.

Step 3 - Custom stages for Jira in Spinnaker:

Spinnaker allows the addition of custom-stages via orca-local.yml under halyard profile settings. 

Pre-requisites:

    • User API token has to be created for authentication and authorization to be used in stages
    • Access to halyard config so that custom stage code can be added under /home/spinnaker/.hal/default/profiles/orca-local.yml

We will discuss 4 use-cases for creating custom stages in Spinnaker:

Use Case 1 - Custom stage in Spinnaker for creating a Jira issue:

This custom stage allows users to add a stage to the Spinnaker pipeline that can create an issue in Jira. While adding this stage to the orca-local.yml file, base64 encoded the email:token string and put it under the Authorization section as shown below.

				
					webhook:
 preconfigured:
 - label: "Jira: Create Issue"
   type: addJiraIss
   enabled: true
   description: Custom stage that add an Issue in Jira
   method: POST
   url: https://myjirainstance.atlassian.net/rest/api/3/issue
   customHeaders:
    ## Provide the Jira credentials below in base64 encoded USER:TOKEN
    Authorization: Basic bXllbWFp*******************************************va2VuCg==
    Content-Type: application/json
   payload: |-
     {
       "fields": {
          "project":
           {
             "key": "${parameterValues['projectid']}"
           },
           "summary": "${parameterValues['summary']}",
           "issuetype": {
             "name": "${parameterValues['issuetype']}"
           },
           "components": [{"name" : "${parameterValues['components']}"}],
           "assignee": {
             "accountId": "5ee9de1bdefde70abc6c74f1"
           },
           "customfield_10104": 10,
           "duedate": "2021-07-25"
       }
     }
   parameters:
   - label: Project ID ("ENG" or "DOCS")
     name: projectid
     description: Which Jira project do you want to create an item in?
     type: string
   - label: Issue Type ("Improvement", "Task", "New Feature", or "Bug")
     name: issuetype
     description: issuetype
     type: string
   - label: Priority ("Low", "Medium", or "High")
     name: priority
     description: priority
     type: string
   - label: Components ("10103")
     name: components
     description: component of the project
   - label: Issue Summary
     name: summary
     description: summary
     type: string
   - label: Description
     name: description
     description: description
     type: string
				
			

Use Case 2 - Custom stage in Spinnaker for updating a Jira issue:

This custom stage allows users to add a stage to the Spinnaker pipeline that can update an issue in Jira. While adding this stage to the orca-local.yml file, base64 encoded the email:token string and put it under the Authorization section as shown below.

				
					webhook:
 preconfigured:
 - label: "Jira : Update Issue"
   type: updJiraIss
   enabled: true
   description: Custom stage that updates description/summary of an Issue in Jira
   method: PUT
   url: https://myjirainstance.atlassian.net/rest/api/3/issue/${parameterValues['issue']}
   customHeaders:
     ## Provide the Jira credentials below in base64 encoded USER:TOKEN
     Authorization: Basic bXllbW***********************************************2VuCg==
     Content-Type: application/json
   payload: |-
     {
       "update": {
           "summary": [
               {
                   "set": "${parameterValues['summary']}"
               }
           ],
           "description": [
               {
                  "set": "${parameterValues['description']}"
               }
           ]
       }
     }
   parameters:
   - label: Issue ID
     name: issue
     description: Issue
     type: string
   - label: Summary
     name: summary
     description: summary
     type: string
   - label: Description
     name: description
     description: description
				
			

Use Case 3 - Custom stage in Spinnaker for posting comments to Jira issue:

This custom stage allows users to add a stage to the Spinnaker pipeline that can post comments under an issue in Jira. While adding this stage to the orca-local.yml file, base64 encoded the email:token string and put it under the Authorization section as shown below.

				
					webhook:
 preconfigured:
 - label: "Jira: Comment on Issue"
   type: comJiraIss
   enabled: true
   description: Custom stage that posts a comment in a Jira Issue
   method: POST
   url: https://myjirainstance.atlassian.net/rest/api/3/issue/${parameterValues['issue']}/comment
   customHeaders:
     ## Provide the Jira credentials below in base64 encoded USER:TOKEN
     Authorization: Basic bXllbW*****************************************a2VuCg==
     Content-Type: application/json
   payload: |-
     {
       "body": {
         "type": "doc",
         "version": 1,
         "content": [
           {
             "type": "paragraph",
             "content": [
               {
                 "text": "${parameterValues['message']}",
                 "type": "text"
               }
             ]
           }
         ]
       }
     }
   parameters:
   - label: Issue ID
     name: issue
     description: Issue
     type: string
   - label: Message
     name: message
     description: message
     type: string
				
			

Use Case 4 - Transition the status of Jira issue:

This custom stage allows users to add a stage to the Spinnaker pipeline that can transition the state of an issue in Jira. While adding this stage to the orca-local.yml file, base64 encoded the email:token string and put it under the Authorization section as shown below.

				
					webhook:
 preconfigured:
 - label: "Jira: Transition Issue"
   type: transJiraIss
   enabled: true
   description: Custom stage that transitions an Issue in Jira
   method: POST
   url: https://myjirainstance.atlassian.net/rest/api/3/issue/${parameterValues['issue']}/transitions
   customHeaders:
     ## Provide the Jira credentials below in base64 encoded USER:TOKEN
     Authorization: Basic bXllbW*************************************************2VuCg==
     Content-Type: application/json
   payload: |-
     {
       "transition": {
         "id": "${parameterValues['targetStageID']}"
       }
     }
   parameters:
   - label: Issue ID
     name: issue
     description: Issue
     type: string
   - label: Target Stage ID
     name: targetStageID
     description: Target Stage ID (11 is "To Do", 21 is "In Progress", 31 is "In Review", 41 is "Done", 81 is "Additional Info Needed", 71 is "Approved")
     type: string

				
			

The Authorization option in the above YAML is our Jira tokens that we have to create and then add them to our orca YAML file.

Account Settings

Security

Manage tokens
create a token

Once the relevant details are updated in the orca YAML file and we complete the Spinnaker deployment. We can go to the Spinnaker UI and try adding the custom stages we configured, we should get the options seen in the below screenshot:

Conclusion:

Based on your requirement both Jira WebHook and Jira Custom WebHook will help you achieve your DevOps goal, be it your dev/prod environment both the above approaches can be implemented seamlessly, ensuring you are not limited or restricted in using your Spinnaker pipelines. I will leave you all to explore these features now.

Ayan Ganguly

Ayan is a DevOps Engineer at OpsMx. He helps platform teams of large clients across US and UK regions implement Continuous Delivery solutions. He has nearly 10 years of experience in IT maintenance, support, and operations. He is an avid book reader, and in his spare time, he likes to trek mountains.

Link

0 Comments

Submit a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.