OCPERT-154: Change urls to Atlassian Cloud

[tomasdavidorg]

This is draft PR. The URLs have to be checked when the Atlassian Cloud migration is done.

Summary by CodeRabbit

• Bug Fixes

  • Updated Jira instance URLs across documentation, authentication, and notification systems from the legacy domain to the new Atlassian Cloud endpoints, ensuring proper integration and functionality with the updated Jira infrastructure.

• Documentation

  • Updated Confluence and Jira reference links to point to the Atlassian Cloud environment.

[openshift-ci-robot]

@tomasdavidorg: This pull request references OCPERT-154 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the task to target the "4.22.0" version, but no target version was set.

Details

In response to this:

This is draft PR. The URLs have to be checked when the Atlassian Cloud migration is done.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[coderabbitai]

Walkthrough

This pull request migrates Jira URL references from the legacy Red Hat instance (issues.redhat.com) to the new Atlassian Cloud instance (redhat.atlassian.net). The changes update documentation, core logic, test expectations, and dashboard components consistently throughout the codebase.

Changes

Cohort / File(s)	Summary
Documentation & Configuration AGENTS.md, docs/JIRA_NOTIFICATOR.md, prow/job/job.py	Updated Jira URLs and links in documentation and comments to reference redhat.atlassian.net instead of issues.redhat.com. Verification endpoints and browse links updated accordingly.
Core Utilities & Notificators oar/core/shipment.py, oar/core/util.py, oar/notificator/jira_notificator.py	Updated Jira source URL strings and base URL construction to use redhat.atlassian.net/jira. Affects issue source validation, URL generation, and JIRA client instantiation.
Tests tests/test_jira_notificator.py, tests/test_notification.py	Updated test setup and expected values to reflect new Jira instance URL in test JIRA client initialization and assertion strings.
Dashboard tools/release_progress_dashboard/release_progress_dashboard.py	Updated Jira ticket URL generation in release metadata tabs to use new Atlassian Cloud domain.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 61.54% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Test Structure And Quality	⚠️ Warning	Test files lack tearDown() methods for cleanup, assertions lack meaningful failure messages, and setUp() has incorrect JIRA configuration.	Add tearDown() methods, include failure messages in assertions, and fix JIRA URL and authentication in setUp().

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically describes the main change: updating URLs from the old Red Hat Jira domain (issues.redhat.com) to the new Atlassian Cloud domain (redhat.atlassian.net), which is the primary focus across all modified files.
Stable And Deterministic Test Names	✅ Passed	Pull request changes only modify URL strings within test bodies and assertions, not test function names. All test names remain static and deterministic.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign luboterifaj for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci-robot]

@tomasdavidorg: This pull request references OCPERT-154 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the task to target the "4.22.0" version, but no target version was set.

Details

In response to this:

This is draft PR. The URLs have to be checked when the Atlassian Cloud migration is done.

Summary by CodeRabbit

• Bug Fixes

• Updated Jira instance URLs across documentation, authentication, and notification systems from the legacy domain to the new Atlassian Cloud endpoints, ensuring proper integration and functionality with the updated Jira infrastructure.

• Documentation

• Updated Confluence and Jira reference links to point to the Atlassian Cloud environment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[coderabbitai]

Actionable comments posted: 3

♻️ Duplicate comments (3)

tests/test_notification.py (1)

162-162: Ensure Slack message Jira URL matches the actual link builder.

This expectation uses /browse without /jira. If the production builder now uses /jira/browse, the test will drift. Please verify the builder and keep tests aligned with the canonical base.

#!/bin/bash
# Locate Jira link builders and message formatting to confirm the base URL used.
rg -n "get_jira_link|redhat\.atlassian\.net" -g'*.py'
rg -n "get_slack_message_for_unverified_cve_issues_to_managers" -C3

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@tests/test_notification.py` at line 162, The test expectation contains a Jira
link using "/browse" but the canonical link builder (functions like
get_jira_link and the message builder
get_slack_message_for_unverified_cve_issues_to_managers) uses "/jira/browse";
verify which base the production builder returns and update the test expectation
to match that canonical base (or change the builder if the test is canonical).
Ensure the test string uses the exact URL path returned by get_jira_link (e.g.,
include "/jira/browse" if that is what the builder produces) so the Slack
message assertion stays in sync.

oar/core/shipment.py (1)

1159-1160: Keep bug-removal source matching in sync with issue extraction.

Same normalization concern as above; this should use the same normalized/allowed source set to avoid partial removals.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@oar/core/shipment.py` around lines 1159 - 1160, The conditional that checks
for the specific string 'source: redhat.atlassian.net/jira' (inside the loop
that uses lines and lines_to_remove) is brittle and must be changed to use the
same normalization/allowed-source logic used by the issue extraction code;
replace the hardcoded substring test with a membership check against the
canonical allowed_sources (or call the same
normalize_source()/extract_issue_sources helper used elsewhere) after
normalizing lines[i+1], so the bug-removal path and issue-extraction path use
the identical normalized source set.

tools/release_progress_dashboard/release_progress_dashboard.py (1)

521-521: Keep Jira URL base consistent across link builders.

This renders Jira links with /browse (no /jira) while other helpers now build /jira/browse. Please confirm the canonical base and keep all builders/tests in sync.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@tools/release_progress_dashboard/release_progress_dashboard.py` at line 521,
The Jira link is being built as jira_url =
f"https://redhat.atlassian.net/browse/{jira_ticket}" which is inconsistent with
other link builders using the "/jira/browse" path; update this to use the
canonical base (e.g., jira_url =
f"https://redhat.atlassian.net/jira/browse/{jira_ticket}") and ensure any other
builders/tests that construct Jira URLs use the exact same "/jira/browse" base
so all helpers and tests remain in sync.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@oar/core/util.py`:
- Around line 107-108: get_jira_link currently builds URLs with an extra "/jira"
segment so it returns https://redhat.atlassian.net/jira/browse/{key} which is
invalid; update the function get_jira_link to use the correct base host
"https://redhat.atlassian.net" (i.e. remove the "/jira" suffix) so it returns
https://redhat.atlassian.net/browse/{key} for all callers.

In `@oar/notificator/jira_notificator.py`:
- Line 709: The JIRA client is being instantiated with an incorrect server URL
suffix: update the JIRA(...) call that assigns jira (the JIRA =
JIRA(server="https://redhat.atlassian.net/jira", token_auth=jira_token)
instantiation) to use the base Atlassian Cloud URL without the "/jira" suffix
(https://redhat.atlassian.net) so the library can append REST paths correctly;
also replace the hardcoded URL by reading from configuration like
oar/core/jira.py's get_jira_server() (or call get_jira_server()) to centralize
the server setting and avoid future hardcoding.

In `@tests/test_jira_notificator.py`:
- Line 16: The JIRA client instantiation uses an incorrect server URL and auth
method: update the JIRA(...) call that assigns self.jira (and any other JIRA
instantiations such as in jira_notificator.py and oar/core/jira.py where
ConfigStore may supply the URL) to use server="https://redhat.atlassian.net"
(remove the "/jira" suffix) and switch from token_auth to basic_auth using the
email and API token (basic_auth=(os.environ.get("JIRA_EMAIL"), jira_token)), and
ensure all other JIRA client constructions follow the same pattern for Atlassian
Cloud compatibility.

---

Duplicate comments:
In `@oar/core/shipment.py`:
- Around line 1159-1160: The conditional that checks for the specific string
'source: redhat.atlassian.net/jira' (inside the loop that uses lines and
lines_to_remove) is brittle and must be changed to use the same
normalization/allowed-source logic used by the issue extraction code; replace
the hardcoded substring test with a membership check against the canonical
allowed_sources (or call the same normalize_source()/extract_issue_sources
helper used elsewhere) after normalizing lines[i+1], so the bug-removal path and
issue-extraction path use the identical normalized source set.

In `@tests/test_notification.py`:
- Line 162: The test expectation contains a Jira link using "/browse" but the
canonical link builder (functions like get_jira_link and the message builder
get_slack_message_for_unverified_cve_issues_to_managers) uses "/jira/browse";
verify which base the production builder returns and update the test expectation
to match that canonical base (or change the builder if the test is canonical).
Ensure the test string uses the exact URL path returned by get_jira_link (e.g.,
include "/jira/browse" if that is what the builder produces) so the Slack
message assertion stays in sync.

In `@tools/release_progress_dashboard/release_progress_dashboard.py`:
- Line 521: The Jira link is being built as jira_url =
f"https://redhat.atlassian.net/browse/{jira_ticket}" which is inconsistent with
other link builders using the "/jira/browse" path; update this to use the
canonical base (e.g., jira_url =
f"https://redhat.atlassian.net/jira/browse/{jira_ticket}") and ensure any other
builders/tests that construct Jira URLs use the exact same "/jira/browse" base
so all helpers and tests remain in sync.

---

ℹ️ Review info

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between 838bc32 and 0208e80.

📒 Files selected for processing (9)

• AGENTS.md
• docs/JIRA_NOTIFICATOR.md
• oar/core/shipment.py
• oar/core/util.py
• oar/notificator/jira_notificator.py
• prow/job/job.py
• tests/test_jira_notificator.py
• tests/test_notification.py
• tools/release_progress_dashboard/release_progress_dashboard.py

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

# First, find and examine the get_jira_link function in context
grep -n "get_jira_link" oar/core/util.py | head -20

Repository: openshift/release-tests

Length of output: 94

---

🏁 Script executed:

# Search for all usages of get_jira_link in the codebase
rg "get_jira_link" --type py -B 2 -A 2

Repository: openshift/release-tests

Length of output: 5370

---

🏁 Script executed:

# Search for other Jira URL patterns or references in the codebase
rg "atlassian|jira" --type py -i | head -30

Repository: openshift/release-tests

Length of output: 2968

---

🏁 Script executed:

# Check if there are tests for this function
fd -e py -type f | xargs grep -l "get_jira_link\|test.*jira" 2>/dev/null | head -10

Repository: openshift/release-tests

Length of output: 237

---

🌐 Web query:

Jira Cloud browse URL format standard path atlassian.net

💡 Result:

The standard Jira Cloud “browse issue” URL on an atlassian.net site is:

• https://{site}.atlassian.net/browse/{ISSUE-KEY} (example: https://mysite.atlassian.net/browse/PROJ-123) [1][2]

Notes:

• {site} is your Jira Cloud site subdomain (the part before .atlassian.net). [2]
• {ISSUE-KEY} is the issue key like PROJ-123. [1][2]

Sources: Atlassian developer docs example for Jira issue URLs [1], Atlassian Developer Community confirmation of the format [2].

---

🏁 Script executed:

# Search for tests of get_jira_link
find . -name "*.py" -type f | xargs grep -l "test.*get_jira_link\|get_jira_link.*test" 2>/dev/null | head -10

Repository: openshift/release-tests

Length of output: 49

---

🏁 Script executed:

# Search for any test files that might test util.py
find . -name "*test*.py" -type f | xargs grep -l "util\|get_jira_link" 2>/dev/null | head -10

Repository: openshift/release-tests

Length of output: 365

---

🏁 Script executed:

# Check test_jira.py for any URL format tests
cat tests/test_jira.py | head -100

Repository: openshift/release-tests

Length of output: 3979

---

🏁 Script executed:

# Check test_notification.py for get_jira_link validation
rg "get_jira_link|browse" tests/test_notification.py -B 2 -A 2

Repository: openshift/release-tests

Length of output: 225

---

🏁 Script executed:

# Check more context around that test assertion
rg "redhat.atlassian.net/browse" tests/test_notification.py -B 5 -A 5

Repository: openshift/release-tests

Length of output: 512

---

🏁 Script executed:

# Verify the exact line in util.py to confirm the /jira path
sed -n '107,108p' oar/core/util.py

Repository: openshift/release-tests

Length of output: 161

---

🏁 Script executed:

# Check the full test_notification.py to see how the URL is constructed in the test
rg "unverified_cve" tests/test_notification.py -B 15 | head -50

Repository: openshift/release-tests

Length of output: 1901

---

🏁 Script executed:

# Search for where the notification message is actually created to see if get_jira_link is called
rg "unverified_cve\|get_jira_link" oar/core/notification.py -B 3 -A 3

Repository: openshift/release-tests

Length of output: 49

---

🏁 Script executed:

# Search to see if the test actually calls get_jira_link or just checks the output string
rg "get_slack_message_for_unverified_cve_issues_to_managers" oar/core/notification.py -B 5 -A 20 | head -60

Repository: openshift/release-tests

Length of output: 2523

---

🏁 Script executed:

# Check if get_jira_link is called within that method
ast-grep --pattern 'def get_slack_message_for_unverified_cve_issues_to_managers {
  $$$
}'

Repository: openshift/release-tests

Length of output: 49

---

🏁 Script executed:

# Just search for the method implementation more directly
rg "def get_slack_message_for_unverified_cve_issues_to_managers" oar/core/notification.py -A 30

Repository: openshift/release-tests

Length of output: 1613

---

Fix hardcoded Jira URL—it includes erroneous /jira path that breaks links.

get_jira_link() generates https://redhat.atlassian.net/jira/browse/{key}, but Jira Cloud browse URLs use the format https://redhat.atlassian.net/browse/{key} without the /jira suffix. Remove /jira from the hardcoded base URL. All links generated through this function (used in 13+ places across notifications and worksheets) are currently malformed.

Fix

 def get_jira_link(key):
-    return "%s/browse/%s" % ("https://redhat.atlassian.net/jira", key)
+    return "%s/browse/%s" % ("https://redhat.atlassian.net", key)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@oar/core/util.py` around lines 107 - 108, get_jira_link currently builds URLs
with an extra "/jira" segment so it returns
https://redhat.atlassian.net/jira/browse/{key} which is invalid; update the
function get_jira_link to use the correct base host
"https://redhat.atlassian.net" (i.e. remove the "/jira" suffix) so it returns
https://redhat.atlassian.net/browse/{key} for all callers.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# First, let's examine the file and the specific line
wc -l oar/notificator/jira_notificator.py

Repository: openshift/release-tests

Length of output: 106

---

🏁 Script executed:

# Read the context around line 709
sed -n '700,720p' oar/notificator/jira_notificator.py

Repository: openshift/release-tests

Length of output: 519

---

🏁 Script executed:

# Search for all JIRA() instantiations in the codebase
rg "JIRA\(" -A 2 -B 2

Repository: openshift/release-tests

Length of output: 1164

---

🏁 Script executed:

# Look for any Jira API calls to understand how the client is used
rg "jira\." oar/notificator/jira_notificator.py | head -20

Repository: openshift/release-tests

Length of output: 273

---

🏁 Script executed:

# Check for any configuration or comments about Jira URL
rg "redhat\.atlassian" .

Repository: openshift/release-tests

Length of output: 1636

---

🏁 Script executed:

# Look for any tests related to Jira
fd -e test -e spec | xargs rg -l "jira" 2>/dev/null | head -10

Repository: openshift/release-tests

Length of output: 315

---

🏁 Script executed:

# Find the get_jira_server() definition
rg "get_jira_server" -B 3 -A 5

Repository: openshift/release-tests

Length of output: 1003

---

🏁 Script executed:

# Check oar/core/jira.py for full context
cat -n oar/core/jira.py

Repository: openshift/release-tests

Length of output: 22782

---

🏁 Script executed:

# Check oar/core/const.py for configuration
cat oar/core/const.py

Repository: openshift/release-tests

Length of output: 6644

---

🏁 Script executed:

# Find where jira_server is configured
rg "jira_server" -B 3 -A 3

Repository: openshift/release-tests

Length of output: 935

---

🏁 Script executed:

# Look for ConfigStore initialization and configuration
rg "class ConfigStore" -A 20

Repository: openshift/release-tests

Length of output: 3463

---

🌐 Web query:

jira-python library JIRA() server URL format Atlassian Cloud

💡 Result:

For Atlassian Cloud with the jira (jira-python / pycontribs) library, the JIRA() server URL should be your site base URL, e.g.:

• https://<your-site>.atlassian.net (recommended; no extra path) [1]
• A trailing slash is also commonly accepted: https://<your-site>.atlassian.net/ [2]

Example:

from jira import JIRA
jira = JIRA(server="https://yourcompany.atlassian.net",
            basic_auth=("you@example.com", "your_api_token"))

Don’t include a Server/DC-style context path like .../jira—Cloud sites typically don’t use that, and it can break requests/auth expectations. [1]

Sources: Atlassian Community example for Jira Cloud + jira-python [1]; pycontribs/jira issue showing Cloud server='https://XXX.atlassian.net/' usage [2].

---

🏁 Script executed:

# Check AGENTS.md to see the documented Jira testing URL
cat AGENTS.md | grep -A 2 -B 2 "redhat.atlassian.net"

Repository: openshift/release-tests

Length of output: 393

---

🏁 Script executed:

# Check if there's any documentation about the config initialization
fd -name "*.md" -o -name "*.yaml" | xargs grep -l "jira_server" 2>/dev/null

Repository: openshift/release-tests

Length of output: 299

---

🏁 Script executed:

# Look at how the jira_notificator_jira.py function is structured
cat -n oar/notificator/jira_notificator.py | head -50

Repository: openshift/release-tests

Length of output: 1793

---

Remove the /jira suffix from the JIRA server URL.

The JIRA() constructor expects the base URL for Atlassian Cloud (https://redhat.atlassian.net), not the REST API endpoint path. Including /jira will cause authentication and API call failures because the library appends REST paths automatically. Change line 709 to https://redhat.atlassian.net.

Additionally, consider moving the URL to configuration (similar to how oar/core/jira.py uses get_jira_server()) instead of hardcoding it to avoid similar issues in the future.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@oar/notificator/jira_notificator.py` at line 709, The JIRA client is being
instantiated with an incorrect server URL suffix: update the JIRA(...) call that
assigns jira (the JIRA = JIRA(server="https://redhat.atlassian.net/jira",
token_auth=jira_token) instantiation) to use the base Atlassian Cloud URL
without the "/jira" suffix (https://redhat.atlassian.net) so the library can
append REST paths correctly; also replace the hardcoded URL by reading from
configuration like oar/core/jira.py's get_jira_server() (or call
get_jira_server()) to centralize the server setting and avoid future hardcoding.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Search for JIRA server URL usages and token_auth patterns

echo "=== Files mentioning atlassian.net ==="
rg -l "atlassian\.net" --type=py

echo -e "\n=== JIRA server URL usages (context) ==="
rg -n --type=py "atlassian\.net" -A2 -B2

echo -e "\n=== token_auth usages in Python files ==="
rg -n --type=py "token_auth"

echo -e "\n=== JIRA client instantiations ==="
rg -n --type=py "JIRA\(" -A3

Repository: openshift/release-tests

Length of output: 5706

---

🏁 Script executed:

#!/bin/bash
# Check for the main implementation file and related jira_notificator files

echo "=== Files related to jira_notificator ==="
find . -name "*jira*" -type f | grep -v __pycache__

echo -e "\n=== Check main implementation file (if exists) ==="
if [ -f "oar/notificator/jira_notificator.py" ]; then
  echo "Found oar/notificator/jira_notificator.py"
  grep -n "JIRA(" oar/notificator/jira_notificator.py | head -20
fi

Repository: openshift/release-tests

Length of output: 400

---

🏁 Script executed:

#!/bin/bash
# Check oar/core/jira.py for the server configuration
echo "=== oar/core/jira.py content (first 50 lines) ==="
head -50 oar/core/jira.py

echo -e "\n=== Search for JIRA_SERVER or jira server config ==="
rg -n "get_jira_server|JIRA_SERVER" --type=py -B2 -A2

echo -e "\n=== Check config/settings files ==="
find . -name "config*" -o -name "settings*" -o -name "*constants*" | grep -v __pycache__ | head -20

Repository: openshift/release-tests

Length of output: 2281

---

🏁 Script executed:

#!/bin/bash
# Check what get_jira_server returns in ConfigService
echo "=== Search for ConfigService and get_jira_server ==="
rg -n "class ConfigService|def get_jira_server" --type=py -A10

Repository: openshift/release-tests

Length of output: 712

---

🏁 Script executed:

#!/bin/bash
# Look at actual usage in tests and check environment
echo "=== Check test_jira.py for any clues about server config ==="
head -100 tests/test_jira.py

echo -e "\n=== Check for any existing uses of basic_auth in codebase ==="
rg -n "basic_auth" --type=py

Repository: openshift/release-tests

Length of output: 4103

---

🏁 Script executed:

#!/bin/bash
# Check configstore.json for jira_server value
echo "=== oar/core/configstore.json ==="
cat oar/core/configstore.json | head -50

echo -e "\n=== Look for jira_server in the file ==="
rg -n "jira_server" oar/core/configstore.json

Repository: openshift/release-tests

Length of output: 2357

---

🏁 Script executed:

#!/bin/bash
# Check for any README or documentation about Cloud migration
echo "=== Search for migration-related comments or docs ==="
rg -i "cloud|migration|atlassian" --type=md -B2 -A2 | head -50

echo -e "\n=== Check the PR/commit context if available ==="
git log --oneline -20 | head -20

Repository: openshift/release-tests

Length of output: 2973

---

🏁 Script executed:

#!/bin/bash
# Let's verify what the jira library actually expects
# Search for any existing documentation or tests in the codebase
echo "=== Check if there are any docs about jira library usage ==="
find . -name "*.md" -o -name "*.txt" | xargs grep -l -i "jira" 2>/dev/null | head -10

echo -e "\n=== Check requirements or setup files for jira library version ==="
find . -name "requirements*" -o -name "setup.py" -o -name "pyproject.toml" | xargs grep -i jira 2>/dev/null

Repository: openshift/release-tests

Length of output: 579

---

🌐 Web query:

jira python library token_auth vs basic_auth Atlassian Cloud

💡 Result:

For Atlassian Cloud, use basic_auth (email + API token). In the jira (pycontribs) library docs, Cloud “API Token” auth is shown as JIRA(basic_auth=('email','API token')), while token_auth is for self‑hosted Jira (Server/Data Center) Personal Access Tokens (PATs), not Cloud. [1]

Atlassian’s Cloud REST API “basic auth” is email address + API token (passwords are deprecated). [2]

from jira import JIRA

jira = JIRA(
    server="https://your-site.atlassian.net",
    basic_auth=("you@company.com", "YOUR_ATLASSIAN_API_TOKEN"),
)

Sources: [1] https://jira.readthedocs.io/examples.html [2] https://developer.atlassian.com/cloud/jira/platform/basic-auth-for-rest-apis/

---

🌐 Web query:

jira python library server URL format Atlassian Cloud /jira suffix

💡 Result:

For the pycontribs jira Python library, set server to the Jira site base URL (scheme + host, and only include a path if your Jira is deployed under a context path):

• Atlassian Cloud (most common): use no /jira suffix
  https://<your-site>.atlassian.net (then the library will call endpoints like /rest/api/3/...) [1], [2]

• Jira Server/Data Center with a context path: include it (this is where /jira comes from)
  https://jira.example.com/jira (if that’s your instance’s configured base URL)

If you’re unsure what to use (especially with custom domains), query Jira for its canonical base URL and use the returned baseUrl:

• GET https://<whatever-you-use-to-access-jira>/rest/api/3/serverInfo → read baseUrl [3], [4]

Example (Cloud):

from jira import JIRA
jira = JIRA(server="https://your-site.atlassian.net", basic_auth=("email@company.com", "api_token"))

[1], [2]

Sources: [1] pycontribs/jira README, [2] Atlassian “Basic auth for REST APIs” (Feb 6, 2026), [3] Atlassian Jira Cloud REST API intro, [4] Jira Cloud /serverInfo baseUrl guidance.

---

🌐 Web query:

jira 3.4.1 python library Atlassian Cloud authentication

💡 Result:

For Atlassian Jira Cloud with the jira (pycontribs) Python library v3.4.1, use Basic Auth with your Atlassian account email + an API token (not your password). Atlassian documents this as the supported Basic Auth approach for Jira Cloud REST APIs. [1]

from jira import JIRA

jira = JIRA(
    server="https://YOUR_SITE.atlassian.net",
    basic_auth=("you@company.com", "YOUR_ATLASSIAN_API_TOKEN"),
)

Notes:

• The jira library’s JIRA(...) client supports authentication via basic_auth (and also token_auth, which is for bearer/PAT-style tokens, typically used in non-Cloud scenarios). [2]
• For integrations, Atlassian recommends OAuth 2.0 (3LO) over Basic Auth for most non-personal-script use cases; Basic Auth is mainly for simple scripts/bots. [3]

Sources

1. Atlassian: “Basic auth for REST APIs” (email address + API token; passwords deprecated) [1]
2. jira library docs: JIRA(...) authentication via basic_auth / token_auth [2]
3. Atlassian: “Security for other integrations” (OAuth 2.0 (3LO) recommended; Basic Auth for scripts) [3]

---

Correct server URL and authentication method for Atlassian Cloud compatibility.

Two required fixes for Atlassian Cloud:

1. Server URL: Remove the /jira suffix. Atlassian Cloud uses https://redhat.atlassian.net (the /jira path segment is specific to self-hosted Server/Data Center deployments). The jira library appends REST paths directly to the server value, so including /jira would produce malformed endpoints like .../jira/rest/api/3/... instead of .../rest/api/3/....

2. Authentication: Change from token_auth to basic_auth=(email, api_token). The token_auth parameter is for self-hosted Jira Personal Access Tokens (PATs), not Atlassian Cloud. Cloud requires HTTP Basic Auth with the user's email and API token, as documented in Atlassian's official guidance.

Correct Cloud-compatible pattern:

self.jira = JIRA(
    server="https://redhat.atlassian.net",
    basic_auth=(os.environ.get("JIRA_EMAIL"), jira_token),
)

Note: The same issues exist in oar/notificator/jira_notificator.py line 709 and potentially in oar/core/jira.py if ConfigStore returns the Cloud URL. Ensure consistency across all JIRA client instantiations.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@tests/test_jira_notificator.py` at line 16, The JIRA client instantiation
uses an incorrect server URL and auth method: update the JIRA(...) call that
assigns self.jira (and any other JIRA instantiations such as in
jira_notificator.py and oar/core/jira.py where ConfigStore may supply the URL)
to use server="https://redhat.atlassian.net" (remove the "/jira" suffix) and
switch from token_auth to basic_auth using the email and API token
(basic_auth=(os.environ.get("JIRA_EMAIL"), jira_token)), and ensure all other
JIRA client constructions follow the same pattern for Atlassian Cloud
compatibility.