19 min read

Transcript: The Atlassian Ecosystem Podcast Ep. 121 - Data Residency is Back on the Menu

Adaptavist Live Podcast Banner

Transcript

Ryan Spilken:

Hello and welcome to Adaptavist Live, the Atlassian Ecosystem podcast.

Ryan Spilken:

This is episode 121. Data residency is back on the menu. I'm your lead ORC Ryan Spilken and joining me today is Grishnákh himself, Matthew Stublefield. Hi Matthew.

Matthew Stublefield:

Good to see you Ryan.

Ryan Spilken:

I will never ever call you an orc-ish name again, I promise.

Matthew Stublefield:

No worries. Brenda Burrell could not join us today. She is on holiday. She is actually here in Springfield, so we got to have lunch together last week and spend a little time. Then I think this Saturday, maybe she's going to bring the family over for some fair play dates. Really good to see Brenda and hope she's enjoying her time off.

Ryan Spilken:

Fun and frivolity. Indeed. That sounds excellent. I hope Brenda is enjoying her break. She has earned it. All right, Matthew let's dig in man, it's cloud time. There are several changes all across the Atlassian cloud, starting with the Jira platform, where priority icons in issues have been updated to become more accessible. They're no longer reliant on color, accessible to people who are color blind and who may experience low vision. Good on you. Always great to see those accessibility changes. The new issue view can now be copied as we've discussed on previous podcasts. It's not quite schemes, but you now have the ability to change, to duplicate the way fields are laid out in a project across the Jira platform. As long as the project is using that screen, the layout can be copied. Customization in the help center has been improved. When you're... If they're in Jira work management or Jira service management, the experience that your end user will get when putting in a ticket, it's just looks cleaner, gives the admins the ability to add translations for the login message announcements and so on.

Ryan Spilken:

Plenty of improvements there. The code feature in team managed projects has been improved as well. Now the code feature will display repositories from all of your connected source code management tools, and you'll be able to link your Jira issues directly. View code at a glance, automate, have a little bit of fun. As part of the UI updates that are sweeping the platform, the way that a trusted user will invite new users to the platform is changing. This is a peer UI tweak. If you're looking for the administration button in the switch to menu, it's no longer available. If you're a trusted user, you navigate to the people menu in the top navigation, and that's where you'll be able to invite new users from. If you've got a team managed project, which I don't, you can now create a workflow just for your epics.

Ryan Spilken:

That's pretty self-explanatory, you'll be able to put your epics through your own special workflow, just for funsies. Lastly, for the Jira platform at large, and this is a delightful quality of life change. You'll now be able to create sub-tasks in the timeline view. Next for Jira service management cloud, Atlassian is implementing further enhancements to the view of knowledge-based articles for your agents. Now, videos will be able to be played inline on the ticket, which before you just got an inline view of page content, now you can even watch a video. It makes me think if I can make a YouTube playlist and watch it through Jira. Absolutely pointless hackathon projects, going to put that one in the folder. You're also able to now make groups approvers. Groups can be used as an approval source. Anybody in this group of users can make an approval in a workflow. Finally, for Jira service management cloud, if you have your JSM instance in the cloud but your knowledge base is in Confluence... Well, get ready to bring them together. When creating or linking spaces to your service project, you can now choose between spaces from Confluence cloud or server sites.

Matthew Stublefield:

This is very similar to when we talked about a few weeks ago where you had a Jira software in the cloud, but wanted to display the deployment statistics from BitBucket server. I think it was?

Ryan Spilken:

That's correct. Yep, absolutely.

Matthew Stublefield:

Or the build statistics and things like that.

Matthew Stublefield:

I can't remember if it was BitBucket or Bamboo?

Ryan Spilken:

Only the time machine knows for sure.

Matthew Stublefield:

I guess somebody could go back and listen to a previous episode.

Ryan Spilken:

It was BitBucket.

Matthew Stublefield:

Anyway, we had this whole discussion about like, "Oh, interesting that this isn't coming to Jira software server or Data Center. It's a new feature for Jira software cloud to connect it". Similarly here we're getting the ability to connect Confluence server into your Jira service management cloud. Of course, obviously that integration already exists for Jira service management on premise. Just speaking to this, what's particularly nice about this is there are, as with all cloud products, a lot of limitations in cloud. You can't have the same set of add-ons, there's just a lot of styling and visual restrictions and constraints. For Confluence cloud is not there for some enterprises in terms of meeting their needs. This way, those enterprises can have the really robust pages on Confluence server Data Center, but still use service management in the cloud. It's a good direction to go.

Ryan Spilken:

In fairness, my experience so far with the Atlassian cloud Jira products has been incredible. I could really see why you'd want to move that direction.

Matthew Stublefield:

Confluence cloud tends to crash on me a lot. I run into a lot of... When I'm writing long form content, I would just run into a lot of challenges as the page gets larger.

Ryan Spilken:

Well, moving on to Jira work management, there are a new set of filters rolling out. The filters are expanding across more views in Jira work management. Now you're able to apply the basic quick filters across your timeline, calendar and list views.

Ryan Spilken:

If you select the plus button, plus more, that are next to the filters, there will be more advanced filtering options available to you. You'll be able to break it down by assignee issue type, priority reporter and status. I suspect that this feature will continue to be iterated upon in the coming weeks or coming months as your work management gets more robust all the time. Next in Confluence cloud, if you are a member of the Confluence cloud premium plan, if you're on Confluence cloud premium, if you apply for the early access program, you will be able to invite guests for external collaboration. We talked about this a long time ago. Do you remember?

Matthew Stublefield:

Vaguely. What's also interesting is on server Data Center, this is a feature provided by a third-party app. That's getting to add it in natively into cloud.

Ryan Spilken:

Well, I still think this is the first steps in Atlassian taking on the Google Suite for workplace domination. Two companies will enter, six companies will come out.

Matthew Stublefield:

Well not just that, but Microsoft with Office 365, we've talked about it. It's not like it's replacing Word. Word still has a place, but in terms of collaboration and having that single source of truth, that single document. We've worked with a lot of companies that they're drafting or they're doing stuff, but they've got external vendors, contractors that they need to work with and security sometimes becomes challenging around contractors. This type of guest access and external collaboration is really valuable.

Ryan Spilken:

As a quick side note. One of the things that has been driving me crazy is that if you use the Google Tools, they're closed by default, right? So it's really hard just to easily get a piece of content across to somebody or to even make it discoverable. If I'm working, if I'm spending my day head down in Google Docs, there's no feed anywhere that my colleagues are looking at to see, "Oh, I wonder what Ryan's doing that's interesting". With the Atlassian stuff, it's generally opened by default. You have to choose to hide it. Whereas with Google, it's the total opposite. I really am enthusiastic about open by default now. That has made me... Because you're really closing yourself off when you close yourself off.

Matthew Stublefield:

I've never thought about it that way. But I do find when I'm doing a lot of work in Google Docs, I feel like I get a lower level of engagement from team members and other people, even if I'm sending them the link. If I'm sending them something it doesn't seem to create the same level of feedback that I get from Confluence. They both have inline commenting, right? You can do that in a Google Doc and in Confluence. Yet I don't get it in Google as much. I think people really like commenting them the whole page. There's something about having both options in-line or whole page commenting that seems to drive more engagement from me.

Ryan Spilken:

It's just got me... You got me really gung-ho about the Atlassian philosophy there. I actually really appreciate that. All right. Last but not least BitBucket. The one thing that we found that's new seems to be a bug fix. It's listed as a feature, but it's implemented new pipeline state calculator logic to fix halted step bug. I knew customers were looking for that.

Matthew Stublefield:

It's notable because we've never seen a bug fix listed in the cloud. I was going to say the cloud release notes, which is what they are, but the Atlassian cloud changes, the articles we link to, are presented as blog posts. In the documentation, if you look at the breadcrumb, it's Atlassian support, Atlassian cloud documentation blog. Then we have a blog post for the changes, which again Atlassian, still a real weird way to do your release notes for cloud. Would really like to have a dedicated release note [inaudible 00:11:16] like you have for your server products, but that aside, never seen a bug fix on here before. Presumably there've been lots. There are probably a billion bug fixes every week. This is the first one we've seen in the blog post slash releases.

Ryan Spilken:

You think it's a billion or two?

Matthew Stublefield:

I mean the thing with the CACD approach, which is great. I mean, that's how it is. It totally could be annoying to post that everyone. It's become a running joke for Nintendo Switch release notes, where every release includes the generic bullet point of stability improvements. They're like on version 12 now or something with all the different point releases like, "Oh good. Oh good. They improved stability some more, excellent". When you're doing a cloud type a continuous rollout service standard bug would be annoying. But why this one, why was this the one that made it to the release notes? Inquiring minds, they want to know.

Ryan Spilken:

Connect with us on social and tell us why this bug fix ended up in the blog at Adaptavist.

Matthew Stublefield:

Cloud development team, let us know, we're curious.

Matthew Stublefield:

Before we turn to our server and Data Center updates, want to a highlight an article from TechRadar. This is one of many on the subject that are out there, but I felt this one summarized it best and it links to other very relevant articles titled, "Atlassian security flaws could have allowed a business app account takeover with one click". I will point out use of the phrase, could have, not that it did. That completely took advantage of this.

Ryan Spilken:

Just one click though.

Matthew Stublefield:

Totally could with just a single click.

Matthew Stublefield:

There was a checkpoint. Security review company found this bug, reported to Atlassian and followed everything properly. Atlassian fixed this back in May. This is something that's already fixed, don't know that it was ever exploited. I'm sure there's tons of due diligence or reviews going on.

Matthew Stublefield:

Specifically, I think if I'm going to say it correctly, really impacted cloud and hosted Atlassian sites. They refer to jira.atlassian.com, confluence.atlassian, partners.atlassian all these different sites. The security flaws could have enabled an attacker to perform a cross site, scripting attack, cross site request forgery, could take over the victim's Atlassian account, perform actions on behalf of them, get access to support tickets, even potentially edit your Confluence Wiki or get into Soft. Security vulnerability is fixed. It's out there. But part of why I bring this article up is both because it was within the last two weeks and viewers, we try to keep you abreast of everything going on in the Atlassian ecosystem. All of the on-prem release notes this time round, all start with a section titled, "Stepping up securities".

Matthew Stublefield:

In this case we've got three Jira release notes. My guess is whenever the next Confluence release, is it'll have a, "Stepping up Confluence security" block at the top. They're all identical, stating, "We're always taking the security of our product seriously", followed by, for I think all three. I'll talk about each of these in turn, but all three talk about upgrading components and libraries. For those unfamiliar, components and libraries are sort of other software that gets included in the application. One vulnerability that can sometimes get overlooked in applications is something gets found in this other package. If you don't upgrade to the latest version of that package, then your software now has that vulnerability. Sometimes that upgrade takes time, or it's hard. Those are the dependencies that... It could break if you try to upgrade.

Matthew Stublefield:

Lastly, it wants you to know they take security seriously, they're upgrading their components and libraries and they want to tell you about it in their release notes. Beyond that, Jira Core 8.18, list of bug fixes, just nine, nothing real major. There's nothing in the bug fixes here that's like, "Here's a big security issue you really ought to upgrade because of the security issue", given that the security thing was actually addressed back in May. My guess is the fix is already probably at a June release. We're just now hearing about it. As often as the case, they want to make sure everything gets patched before disclosing a vulnerability publicly. It's still good to make sure you're up to date. Don't have any security vulnerabilities, take a look at the release, those for Jira Core 8.18 for that. Jira software 8.18 commentary actions, you can do a little emoji reaction to comment. That's nice.

Matthew Stublefield:

Then it has an update similar to Jira service management. That I'll talk about in a moment, analyze how your issues change over time. Haven't gotten hands-on with this yet, but I think it's interesting. Export issue history. There's now an export from the history tab where you could presumably get this into Excel or your spreadsheet tool of choice and do some pivot tables and sort of see how things have changed over time. I've done this type of analysis in the past. It was a huge pain. Having an export that just formats everything nicely as opposed to having to do a database stump and then work from there. That's presumably really nice. I say, presumably, because I haven't done it, haven't used this new feature, because this release just came out four or five days ago. I'm very excited to see that. That'll be swell.

Matthew Stublefield:

They also mentioned back porting to the LTS release. Jira software, if you are on the current long-term support release, there will be some critical fixes presumably related to security. They don't explicitly say that, but I'm guessing. If you're on LTS, because we want to avoid upgrading, that's just fine. Atlassian is releasing some hotfixes that you can install without having to do a full upgrade so they can get the benefit of some bug fixes and presumably some security releases. You can go through the release notes or specifically the issues resolved to see which have been included in a hotfix if you really want to. My guess is it's going to be related more to the sinking thing. I do want to call out one of the bug fixes that we talked about a month ago: disabling or uninstalling advanced roadmaps disables Jira software. I remember talking about that awhile back and apparently my guess is the fix did not fix it. It had to be fixed some more. It's in 8.17.1 and an 8.18.0. It could be it was totally fixed, but then adding it to the hotfix they're releasing as tagged for 8.18. But I just thought it was funny to see it in the list again.

Matthew Stublefield:

Jira service management. 4.18 though, pretty significant. Of course, stepping up Jira security, back porting to LTS releases, but some new features that are... I mean they've been requested for as long as Jira service desk has been a thing. Number one on the menu, show SLAs on customer portals. I swear to God, if this was a Family Feud? Show me the number one thing customers want in Jira service management. Showing SLAs on customer portals. Even better for you all, it's optional per SLA. There's a toggle to say, "I want to show this SLA". By default they're still hidden, and you can choose which SLAs to show on the customer portal. Super nice. New look and feel, the way that it shows on the portal is... Nuance isn't the right word, but it's not just slapping the exact same data up there.

Matthew Stublefield:

When it is shown on the portal... They see the time metric, so there's a screenshot on the original thing of time to resolution, sort of a countdown or something like that. But, they don't necessarily see like, "This has to happen within this amount of time or it's breached". A sale that as I phrased it, I recognize it sounds a little confusing, and the screenshot, the phrases look confusing. They've got a link to setting up SLAs, which I have also read through. I'm just going to have to see it in practice to see how it works out in the customer portal. Being able to see that is wonderful. Some additional customer portal improvements. You can turn off the portal search bar.

Matthew Stublefield:

They say that it can be confusing for customers if there's no knowledge base having the search bar there. That makes sense. Just being able to turn that off as nice. Even more exciting to me, you can finally do @ mentions through Jira service desk. If you're through the customer portal... We use customer portals internally at Adaptavist for a lot of different things, but I often will either create a ticket or add a comment and then immediately switch over to the traditional Jira view and edit whatever I just put in just so I can @ mention somebody.

Ryan Spilken:

I do exactly that same thing.

Matthew Stublefield:

It's so valuable being able to do that. This is the type of thing that seems easy and isn't. That sort of did the little ping for me of, "Ah yes, Atlassian has rewritten Jira service desk". I went back to the 4.0 release notes because I was like, "4.18, this is actually a pretty significant change". Being able to tie in with [inaudible 00:21:52] users through the customer portal. That's a deeper level of integration than we have had for a lot of features. Going back to the 4.0 release notes, there were these sort of hints of... That was the one you may recall, Ryan, this was back in 2019, I think. 4.0 was the one with like, "We've improved performance by 60%. Everything is massively faster". That was version.

Matthew Stublefield:

I think we're now seeing the outcome of a much deeper integration with Jira. That was probably where the performance speed came from. I bet much like what was Jira portfolio now Advanced Roadmaps. Jira portfolio 2.0 was a complete rewrite from ground up. [inaudible 00:22:30] because we haven't asked the PM at Atlassian, but I'm guessing 4.0 was kind of a rewrite of service desk. Now we're really seeing not just the performance improvements, but we're seeing the feature availability, the feature potentials being realized of rewriting. I know it's a small thing, @ mentions, but that is so useful. I'm really excited to see it.

Ryan Spilken:

It gets better. It gets better as you go.

Matthew Stublefield:

It does. Next up, Data Center only here. Actually it's... I guess I should mention these customer portal improvements also tagged as Data Center. We're all going to be on Data Center soon if we're not already. This one, Data Center and it's tagged as beta. It's still in development. Do not recommend doing this on your production instance, but you might want to try it out. You probably don't even want to try it on stage instance at this point, do it on a test instance, but multiple incoming email channels for different requests. I'm so excited about this. You could say, having multiple email addresses, that everything from that mailbox creates a different request type in the same project. Previously, if you want to do this, you had to use a plugin to do it. I've worked with some of those plugins, and I'm always a little... I don't like Atlassian adding in core functionality, that's done by a plugin. But those plugins go way beyond this feature, they do a ton of different things and they're super valuable. This is one of the things that I'm like, "Yeah, the core product should have been able to do this".

Matthew Stublefield:

Being able to have a single project but have different email addresses... I would like to see, and I don't know if this is possible. I haven't gotten into it again, it just came out a few days ago. I would like to see it, be able to use my map and be able to create different request types out of different folders from your mailbox. This is what I did years ago of setting up the filters in the mailbox to add it automatically categorize the emails and then have it just pull those in as different request types.

Matthew Stublefield:

Having a separate email address is wonderful. They show questions at example. com performance, at example.com, even different email service providers have that be different request types. Super exciting. That's in beta. If you've got a large service desk, I'm sure you'll find value out of that. Then the mobile app getting better for Jira service management, being able to approve and decline requests, replying to customers through the common field in transitions. So JSM specific fields, all that's great. Then it gets the same export issue history that your software gets. Ton of value and Jira service management. I'm super excited to get our version of Jira service management upgraded to take advantage of some of these things, knock it out of the park. This is great.

Ryan Spilken:

Can I point out that there's a joke running through the screenshots of the article as well?

Matthew Stublefield:

I don't spoil it all for you, but they need some help with Captain Joe and y'all should go read it.

Ryan Spilken:

Now, turning our attention back to the cloud. On June 30th, Atlassian announced the data residency had arrived.

Ryan Spilken:

Had it? Had it really?

Matthew Stublefield:

Forge hit general availability and data residency is a feature of Forge and cloud, going to have some residency. It turns out it's available for some. If you have an enterprise cloud plan, I love the bullet point. It's available for standard and premium cloud plans for new products with no data. If you have existing data, not so much, which also dovetails with the other thing we found, which is not just if you have existing data, but in the future, if you decide you've got data residency, which for those who are unfamiliar with the term means that you've declared my data has to stay in this geography or in this server farm... It's all in the quote unquote cloud, but really it's on a server somewhere, right? So certain countries have laws and say data created in that country has to stay within the country's borders. Data residency is just to say, "I want to check the box saying my data has to stay with my country's borders", as potential example-

Ryan Spilken:

While compliant with all regulatory laws.

Matthew Stublefield:

Yeah, all local laws. What do you do if your company moves countries and you want to move your data? Well the answer right now is you can't really, it's still coming along. They're going to continue working on it. It'll be available for standard and premium cloud plans with existing product data soon. There's a link to learn more and to sign up for updates. You can get that right now, the locations, the AWS regions, there's three. So something more... I think seeing Frankfurt as the European one, I always think of Germany as my go to example that that requires data to be in country. Having that as solid, there's a good table of what data can be made resident and what can not. Some of it is just based on how the products are built.

Matthew Stublefield:

They weren't built initially for data residency. Some of the calculations that have to be done, they have to run elsewhere, but really, I don't want to use the word data again, but just very valuable piece of documentation here. Really in depth well-written. If data residency is of concern to you, this goes into good detail on it. It's on the support site, which I think is interesting. It's not in the documentation.

Matthew Stublefield:

I sometimes marvel at us, right? Of finding the random different things around the Atlassian ecosystem. This isn't in the blog, it's not in the documentation. It's actually under Atlassian support and access policies, resources, but really valuable information about data residency here.

Ryan Spilken:

We will share the documentation on... Oh no, no we won't.

Matthew Stublefield:

Also I see they've added a page, so I have to retract my earlier criticism. If data residency is available, you can request to have your in-scope product data move to a new location and pin there. If you're from Atlassian listening to this and you were getting riled at me, "Hey, we have that feature, you can move your data now", I apologize. I'm sorry. We're going to link in the show notes to this support article, "Understand data residency". Right-hand nav, second link, move data to another location. It's all right there. Atlassian are on the ball. Published June 29th or at least last modified June 29th.

Matthew Stublefield:

So, Git BitBucket API activity. I know this is a bit more in the developer weeds than we typically have. We already been talking about data residency forever, which I know is kind of a developer-ish thing, but maybe you care. You may not care as much about getting BitBucket API, but there's a article from June 29th, deprecating Atlassian account password. Forget BitBucket API activity. Starting March 1st, 2022 BitBucket users will no longer be able to use their Atlassian account password to interact with BitBucket via Git over https and the BitBucket API. You will instead need to start using BitBucket app passwords for Git command and scripts integrating tools. Very brief article, will link to here. Describes how you can tell if you're going to be effected by this change, how to migrate. I think this is a great security step. I always like to have different passwords for every single account.

Matthew Stublefield:

I use 1Password for managing all that I use, LastPass for over a decade before that. One of the things I did when I used to run a bunch of systems and servers and whatnot was machine accounts. Some other [inaudible 00:31:28] were uncomfortable at the idea of machine accounts. It's like, "Well, there's not necessarily an individual who's held responsible for that", but I think it's good to have accounts because it creates this sort of firewalled security. If one thing gets compromised, it doesn't compromise anything else. Right now using your Atlassian account, it means if you're Atlassian account gets compromised, everything gets compromised, and that's an account you're using to log on to a forum. The account you use for your Git API commands, and writing to your repose should be higher security than what you use to comment on a forum thread. So having... That you might be logging on to from anywhere, right? I think this is a great move. I think it speaks to Atlassian's focus on security. It's a smart thing to do.

Ryan Spilken:

Lastly, on the podcast, we're going to hack at a hackathon because Partner's resolution and Jexo went on a hackathon with Forge and they took a... They did a four day hackathon and they wrote up a tremendous article on it, on Atlassian community, and we want to let you know a little bit about it.

Matthew Stublefield:

We're going to be super brief on this because it is super not brief. It's long. We're also going to link to a YouTube video that was separate from this, but published by Atlassian about developer days and some news about Forge. If Forge is of interest to you, take a look at this. Some of the summary findings that the resolution Jexo had, they found UI kit easy, particularly if you've got some reaction experience, okay for simple UIs. The new custom UI for Forge, it's come out. Still pretty limited compared to Connect, especially when it comes to the JavaScript API's that Connect provides. So custom UI, you still don't get the full range of what you get when making Connect apps, but presumably it will expand and come along. They do a review of tooling and templates, get pretty in depth that. Talk about the restrictions they encountered when it came to runtime, snapshots, security, considerations, like Forge's execution, environment storage, just it introduces a lot of restrictions that do create challenges. There's no support for Jira service management, which is problematic. Shocking to the cloud, like for server Data Center, I totally get that because Jira service management used to be a plugin. It was actually SLAs for Jira created by [inaudible 00:34:30] that Atlassian acquired and has slowly been integrating and rebuilding. In the cloud you would expect-

Ryan Spilken:

The re-engineering of the platform I thought would just make it all one.

Matthew Stublefield:

The cloud was built from the ground up. I was surprised. They provide some review of Forge's scopes, modules of permissions, for some suggestions, to improve them, talking about app migration options for connect to Forge and some known limitations and whatnot. Really in-depth phenomenal stuff here from resolution and Jexo. Thank you to the teams to not just to this, but you know, documented it and wrote it up. Beyond doing the hackathon, then sharing their findings with the wider community, tremendous stuff here. Take a look at that community post. If you want, you can take a look at the video, which is... Right under 30 minutes, titled, "Connect and forge together" one platform for cloud app development. Again, if you are an app developer and you're trying to out how to go from connect to Forge or presumably, there was a way to take a Forge app, and rapid connect, I think.

Matthew Stublefield:

Take a look. For non-developers, you're an admin, you're wondering what this means for you. I think the big takeaway is even though it's reached general availability, there are still a lot of limitations to Forge that do make it hard to elapse, but it's coming along. We're seeing progress quickly when it comes to the UI capabilities. I know adaptive, it's like we're starting to build some apps on Forge and move stuff out, and we're excited about the potential for it moving forward. One of the main things it's doing is it's driving us to provide feedback to Atlassian, on where it doesn't meet the needs and, and Atlassian is inviting that feedback loudly and vociferously. They want to know how to make it better for the user. Exciting times all around.

Ryan Spilken:

Well, Matthew, a gigantic plus one to you for using vociferously in today's episode of the podcast., Should have made that the secret word and to you listeners, thank you so much for tuning in. We are so grateful that you're here. Make sure that you connect with us on social at Adaptavist and like and share and subscribe to this podcast as often as you can. So for Matthew Stublefield, I'm Ryan Spilken and we'll see you next time on the Atlassian ecosystem podcast.