News / Projects

January 2021

Atlassian apps ready for Data Center

Using Confluence Data Center or Jira Data Center? Great! The most popular apps developed by TNG are now available for you.

Atlassian discontinued all server products last year. Because of this, the data center products will become even more important in the future. We are following this trend and have revised some of our apps for use on data center products.  Maybe you can find something of interest for you?



December 2020

Modern identity and access management: Configuration as code for Keycloak with Terraform @TNG

Consider a company that grows steadily in employee numbers and the amount of web services it uses. Additionally, consider the time spent (wasted) logging in to many of those web services separately each and every day – for each employee. The advantages of a company-wide identity and access management (IAM) including a single sign-on solution (SSO) become quite apparent. Keycloak uses open standards to authenticate users of a company's internal applications, and also supports external services, such as Slack or Zoom. Unfortunately, it lags behind on what has become the standard for maintaining IT systems: Configuration as Code (CaC). That's where the Terraform Keycloak Provider comes into play. Here at TNG, we have adopted and contributed to this quite mature open source project.

tl;dr: We contribute to and use a Keycloak provider for Terraform to manage our authentication server. Quick and reliable iterations on this very critical infrastructure component are now possible using our usual software development methods and high standards.

We compared several candidates with respect to the required additional development effort and our stability goals. The Kubernetes Keycloak Operator is a relatively young project and thus not battle-proven enough for our purposes. Another way to abstract the Keycloak API is the Keycloak Ansible provider. However, here we had non-optimal experiences from previous projects, including a challenging state of the tool's documentation. The third candidate we looked at and finally chose to use, was the Terraform Keycloak Provider. Importantly, it supports LDAP user federations as well as an adequate number of Keycloak's role mappers and it enables automated provisioning alongside manual configuration.

At some stages we had to patch the provider. The maintainer, Michael Parker, reacted quickly and we collaborated on our pull requests. By now we gathered quite some experience extending and maintaining Keycloak via Terraform. To us, it seems as straightforward as manual configuration in the UI. Terraform modules hold our client configuration and allow us to tune and test different parameters quickly. Any misconfiguration can be quickly fixed by rolling forward or rolling back to a working version. Furthermore, we mitigate missing features in the provider by completing the configuration manually. This hybrid approach also allows lightweight experiments by falling back to the UI. 

After transforming our Keycloak configuration into code, the migration of our Keycloak instances to Kubernetes was a non-event. As it should be.

What do think? Feel free to reach out in case you have questions or need some support!

November 2020

Surveys and polls directly in Confluence

It's finally here!  Our completely renewed and extended survey and voting app for Confluence, "Multivote & Enterprise Survey", is now available. Still included is our Multivote Macro (whose previous version was the most popular polling app for Confluence), alongside a new Survey macro for complex and dynamic surveys, where later questions can be configured to display or not depending on earlier answers.  We at TNG use these types of surveys for tasks such as organising company retreats, where, for example, we display selections of Saturday's retreat activities only to those that indicated participation on Saturday.  Other use cases include employee surveys and feedback-gathering on company-wide issues.  Please visit us at Atlassian Marketplace, where for a limited time we offer 50% discount on the new version of the app.

Previous project news can be found in the archive.