Integrate Jira with Spinnaker

Improve visibility and collaboration by integrating Jira with Spinnaker

A Spinnaker delivery pipeline allows code to flow through multiple automated stages, where each stage serves a different purpose. These business-critical stages are managed by Developers and DevOps engineers. These business-critical stages must be closely tracked by the management to avoid unforeseen delays and take preventive action.

Why do you need to integrate Jira with your Spinnaker Pipeline?

With Zero Trust Architecture, management can never be given access to view the pipeline for their status reports. Visibility plays a critical role as DevOps culture demands that stakeholders must be aware of what is going on with the code at any point in time. Without visibility, there is a risk of damage to business in the form of bugs and production failures. Visibility provides confidence. So it is imperative that business leaders and business heads involved in engineering and product development be aware of the situation. Jira is a de-facto issue tracking and project management tool for a lot of enterprises and start-ups. Posting updates to Jira on the status of CI/CD pipelines increases transparency and helps in auditing. Although Spinnaker can be integrated with various tools in the cloud-native space, it doesn’t have a built-in Jira stage. With this in mind, OpsMx with the help of custom stages in Spinnaker has developed a Duplex Jira integration. Off the shelf Spinnaker only supports a webhook trigger. All visibility is lost once Jira has triggered the pipeline. With OpsMx, ISD developers and DevOps Engineers can leverage this feature to create and edit issue tickets, The beauty of the feature is that PMs and other stakeholders can track progress from Jira or provide comments and updates into the pipeline without having to open the Spinnaker terminal.

What is a Webhook?

Webhooks are an API architecture that is resourceful and lightweight to trigger event reactions or push notifications and data. Technically it is defined as a user-defined callback over HTTP. In this blog, we use the Jira webhook for notification purposes when certain events occur in our Jira ticket.

Advantages of integrating Jira with your Spinnaker Pipelines?

• Visibility into the pipelines for management and stakeholders without compromising security

• Adhere to Zero Trust guidelines

• Easy execution and approvals for the Pipeline workflow

• Instant event alerts and notifications on Jira

To configure Jira with WebHooks, refer here.

How to configure Jira with Spinnaker?

Jira WebHook only uses HTTPS protocol. So the connection is encrypted and all data is safe and secure. To configure the webhook we must be an admin or at least have access to the Jira admin console.

Follow the steps below to configure the Jira webhook for OpsMx Enterprise Spinnaker. Screenshots from the Jira admin console to help you follow the process.

Step 1- Configure Jira Webhook settings

Jira Webhook to Trigger Spinnaker Pipeline:

The Spinnaker pipeline will be triggered by the following events.

To send triggers based on matching events, you can select "all issues" or specify "particular issues". After configuring the details and saving them, you should see the below screen:

Step 2 - Setup an Automated Trigger as a WebHook:

To trigger the pipeline using a Jira webhook, first create a simple pipeline by setup the configuration stage as shown below:

The above pipeline will be triggered whenever there is a change in your Jira ticket.

To avoid confusion with the Spinnaker webhook link shown above, when the Source name was given as 'jirademo,' we received the Webhook link as '/gate/webhooks/jirademo,' and the https://demo.opsmx.com part was added to the webhook to get https://demo.opsmx.com/gate/webhooks/jirademo.

This is entirely dependent on how your Spinnaker is configured. In Spinnaker, you can find the WebHook link below the Source field, which you will use for Jira.

Also, make sure that any apps you're trying to integrate with Jira WebHook have valid and not expired security certificates. If the app's certificates are invalid, Jira WebHook will not trigger any events.

Is the webhook limited to only triggering pipelines in Spinnaker?

Spinnaker does not natively support any additional Jira webhook actions. However, in OpsMx Enterprise for Spinnaker, custom stages can be created in Spinnaker for creating issues/tasks, updating comments, and transitioning issues in Jira. This is possible because Spinnaker supports custom webhooks.

Jira's API-driven architecture allows users to perform a variety of actions on the platform by using the REST APIs. So, using Spinnaker's custom stage, users can call the necessary API and create/manage issues/tasks on Jira.

Step 3 - Custom stages for Jira in Spinnaker:

Custom stages can be added to Spinnaker via orca-local.yml in the halyard profile settings.

Pre-requisites:

• A user API token has to be created to use authentication and authorization in stages

• Access to the halyard configuration to add a custom stage under /home/spinnaker/.hal/default/profiles/orca-local.yml

We will go over four use-cases for creating custom stages in Spinnaker:

Use Case 1: Spinnaker custom stage for creating a Jira issue:

This custom stage allows users to add a stage to the Spinnaker pipeline that can create an issue in Jira. While adding this stage to the orca-local.yml file, the email:token string was base64 encoded and placed under the Authorization section, as shown below.

webhook: preconfigured: - label: "Jira: Create Issue" type: addJiraIss enabled: true description: Custom stage that add an Issue in Jira method: POST url: https://myjirainstance.atlassian.net/rest/api/3/issue customHeaders: ## Provide the Jira credentials below in base64 encoded USER:TOKEN Authorization: Basic bXllbWFp*******************************************va2VuCg== Content-Type: application/json payload: |- { "fields": { "project": { "key": "${parameterValues['projectid']}" }, "summary": "${parameterValues['summary']}", "issuetype": { "name": "${parameterValues['issuetype']}" }, "components": [{"name" : "${parameterValues['components']}"}], "assignee": { "accountId": "5ee9de1bdefde70abc6c74f1" }, "customfield_10104": 10, "duedate": "2021-07-25" } } parameters: - label: Project ID ("ENG" or "DOCS") name: projectid description: Which Jira project do you want to create an item in? type: string - label: Issue Type ("Improvement", "Task", "New Feature", or "Bug") name: issuetype description: issuetype type: string - label: Priority ("Low", "Medium", or "High") name: priority description: priority type: string - label: Components ("10103") name: components description: component of the project - label: Issue Summary name: summary description: summary type: string - label: Description name: description description: description type: string

Use Case 2 - Custom stage in Spinnaker for updating a Jira issue:

This custom stage allows users to add a stage to the Spinnaker pipeline that can update an issue in Jira. While adding this stage to the orca-local.yml file, the email:token string was base64 encoded and placed under the Authorization section, as shown below:

webhook: preconfigured: - label: "Jira : Update Issue" type: updJiraIss enabled: true description: Custom stage that updates description/summary of an Issue in Jira method: PUT url: https://myjirainstance.atlassian.net/rest/api/3/issue/${parameterValues['issue']} customHeaders: ## Provide the Jira credentials below in base64 encoded USER:TOKEN Authorization: Basic bXllbW***********************************************2VuCg== Content-Type: application/json payload: |- { "update": { "summary": [ { "set": "${parameterValues['summary']}" } ], "description": [ { "set": "${parameterValues['description']}" } ] } } parameters: - label: Issue ID name: issue description: Issue type: string - label: Summary name: summary description: summary type: string - label: Description name: description description: description

Use Case 3 - Custom stage in Spinnaker for posting comments to Jira issue:

This custom stage allows users to add a stage to the Spinnaker pipeline that can post comments under an issue in Jira. While adding this stage to the orca-local.yml file, the email:token string was base64 encoded and placed under the Authorization section, as shown below:

webhook: preconfigured: - label: "Jira: Comment on Issue" type: comJiraIss enabled: true description: Custom stage that posts a comment in a Jira Issue method: POST url: https://myjirainstance.atlassian.net/rest/api/3/issue/${parameterValues['issue']}/comment customHeaders: ## Provide the Jira credentials below in base64 encoded USER:TOKEN Authorization: Basic bXllbW*****************************************a2VuCg== Content-Type: application/json payload: |- { "body": { "type": "doc", "version": 1, "content": [ { "type": "paragraph", "content": [ { "text": "${parameterValues['message']}", "type": "text" } ] } ] } } parameters: - label: Issue ID name: issue description: Issue type: string - label: Message name: message description: message type: string

Use Case 4 - Jira issue transition status:

This custom stage allows users to add a stage to the Spinnaker pipeline that can transition the state of an issue in Jira. While adding this stage to the orca-local.yml file, the email:token string was base64 encoded and placed under the Authorization section, as shown below:

webhook: preconfigured: - label: "Jira: Transition Issue" type: transJiraIss enabled: true description: Custom stage that transitions an Issue in Jira method: POST url: https://myjirainstance.atlassian.net/rest/api/3/issue/${parameterValues['issue']}/transitions customHeaders: ## Provide the Jira credentials below in base64 encoded USER:TOKEN Authorization: Basic bXllbW*************************************************2VuCg== Content-Type: application/json payload: |- { "transition": { "id": "${parameterValues['targetStageID']}" } } parameters: - label: Issue ID name: issue description: Issue type: string - label: Target Stage ID name: targetStageID description: Target Stage ID (11 is "To Do", 21 is "In Progress", 31 is "In Review", 41 is "Done", 81 is "Additional Info Needed", 71 is "Approved") type: string

The Authorization option in the preceding YAML represents our Jira tokens, which we need to create and then add to our orca YAML file.

Account Settings

Security

We completed the Spinnaker deployment once the relevant details in the YAML file were updated. We can return to the Spinnaker UI and try adding the custom stages we created; we should see the options shown in the screenshot below: