MergeBack automatically generates self-signed certificates during the installation step and places them in the installation folder (/opt/mergeback/certs).
In order to eliminate security warnings when opening the product in browsers administrators need to either install these self-signed certificates on end-users machines or replace them.
Your options for replacing the existing certificates are:
If the product can be accessed via the public internet it is possible to use Let's Encrypt to generate and install signed certificates automatically.
This feature only works if Let's Encrypt's servers are able to connect to the host running MergeBack (indicated by the value you place in the 'Domains' field). Let's Encrypt will need to access port 80 on the host in order to verify the request made by MergeBack.
MergeBack will also periodically request replacement certificates on its own should the current ones reach their expiration date.
This option functions the same way as Let's Encrypt except it is up to the user to provide the information on how to connect to the certificate provider. This is primarily intended for organizations that may be running their own certificate provider.
This option allows users to upload their own certificates and their associated private key.
Note: The product expects PEM encoded certificate and key files. The key file should not be password protected.
MergeBack includes basic functionality around managing users and groups, including
Adding users and groups is performed via the system management interface accessible by the 'admin' user via the 'Manage' shortcut in the top navbar. All other users will not have access to this screen.
A user can be added manually by clicking the 'Add' button and filling out the necessary information
Additionally a user invite can be generated and sent to the user and allow them to finalize the user creation process themselves
The username for the user invite can either be set by the administrator or auto-generated and set by the user when they finish setting up their account. Additionally the administrator can attach metadata to the invite/user in case the account is associated with some external application.
Unclaimed user invites will eventually be expired and removed by the system automatically
'Fake' users can be created to facilitate processes. For example an 'unassigned' user can be created and the ticket workflow can be configured to assign all newly opened tickets to the 'unassigned' user by default. 'Fake' users cannot log into the system but can be otherwise treated like normal users.
Groups provide an easy way to manage permissions across a large number of users at once.
Groups can also be given a role to indicate if the members are developers or QA. This role is used by the system to automatically assign the user as the developer or QA owner of the ticket when they are assigned to it.
Creating a user will give them the ability to log into the system but until they are granted permissions they will be unable to access anything.
Most access is granted on a per-project basis via the project management interface found in the project dropdown in the navigation bar. Project management is available only to the 'admin' user.
Granting permissions to a group and then adding a user to the group is the most efficient way of managing permissions in the long-term. Users can be granted individual permissions for one-off cases. The user's access is the union of the permissions granted to them directly and via any groups they are assigned to.
MergeBack stores most of its data in the PostgreSQL database. The exception to this is file attachments.
This exception is made due to the inefficiencies of storing arbitrary files in the database as well as to facilitate easier access and recovery of these files during data recovery scenarios.
As a result at least one storage volume must be added to the product to store these files, though multiple volumes may be used to organize these files or keep them on separate storage devices.
Storage volume management is performed via the system management interface as the 'admin' user.
A storage volume is fundamentally a folder somewhere in the filesystem. The folder must exist on the machine before the storage volume can be created. It will also need to have the correct permissions and ownership settings so MergeBack can read and write files to it.
Storage volumes will be monitored for their disk usage and the admin user will be alerted when the remaining free space drops below recommended levels.
Disclaimer: While MergeBack is capable of using a remote PostgreSQL database the built in database backup and restore functionality works only with locally installed databases.
MergeBack provides built in automatic database backups, allowing the administrator to choose when the backup should happen and how many backups should be retained.
The administrator also has the ability to manually trigger a backup as well as lock backups to prevent them from being deleted
Clicking the square icon to the right of the backup will allow the administrator to restore from that backup:
Please note that if the 'Delete existing database' is not checked the old database will be renamed and remain on the PostgreSQL server until manually cleaned up. If space is not a concern then leaving this unchecked is best practice should something go wrong during the restore.
Users seeking a more comprehensive backup and restore solution can take this one step further by enabling the replication feature. This feature allows you to have a hot-spare instance of the product running on a secondary machine. It also covers backing up files from storage volumes (including database backups).
This feature requires a separate install of the product on another machine configured in 'Replication Mode'. In this mode it will listen for replication requests on the specified hostname and port. Enabling this mode is done through the initial 'Product Setup' screen:
Once your replication server is ready you can configure your production server to send backup data to it every time a backup is made:
When enabled the production server will connect to the replication server and upload database backups and files to the replication server. It will then trigger a restore of the database on the replication server to the latest backup
Please note that since the replication server is listening on a non-standard port that it is more vulnerable to having connectivity issues caused by routers and firewalls.
The replication server runs in read-only unlicensed mode. Promoting it to a normal install can be done by changing the selected mode in the drop-down at the top of the product setup screen.
MergeBack includes a built-in notification system to alert users and administrators to ticket updates or runtime errors. The indicator for them can be found in the right side of the top navigation bar next to the user's profile.
In the case of a large number of notifications or situations where the user wants to view acknowledged notifications they can click the 'Manage' button in the notification screen to navigate to a full page view of all notifications. The checkbox at the top will make acknowledged notifications visible, though they will get cleaned up automatically by the system after being acknowledged for 24 hours.
Users can also configure a forwarder that is capable of sending notification details as a HTTP request to another service. These settings can be found in the user's profile. Please note that notifications may contain sensistive information such as ticket titles and should only be sent to trusted destinations.
HTTP or HTTPS is supported. The server certificate is not required unless it is signed by a non-official certificate authority. Skipping certificate verification can be used but is not recommended if there are concerns about sensitive data. The 'Load Example' button can be used to populate a basic JSON request body that will auto-populate with the details of the notification.
MergeBack includes support for sending mail via SMTP in order deliver user invites, ticket updates or notifications to the system administrator
At this point SMTP settings are considered an advanced feature intended for intranets hosting their own SMTP server. This is due largely to the complexity of setting it up as well as the difficulty of sending mail reliably without getting flagged as spam.
The product backlog is where users can view, organize and manage tickets and sprints. It includes the following features:
Waterlines appear in the backlog like other tickets but primarily serve as separators to group tickets into meaningful blocks.
By default all projects will have a 'Refinement' waterline used to indicate the separation between tickets that have been refined and those that aren't. This allows maintainers to keep track of refinement progress and better understand the state of the backlog at a glance.
In addition to this maintainers can also create release waterlines to separate tickets into a specific release. Release waterlines create a visual way of tracking a release's progress as it approaches the top of the backlog. It also automates the process of adding tickets to a release as simply dragging the ticket above the release waterline will have the side-effect of marking it as part of that release.
Use predefined or custom queries to search through your library of tickets. Sort tickets by order, last updated and investment amounts.
Access the full list of knowledgebase tags and view knowledge base data
View the list of previous sprints and releases for the project.
The sprint feature allows you to set a discrete window of time and a list of tickets to complete in that time-frame. Tickets and releases can be dragged between the sprint and the backlog for simple management.
Built-in capacity planning let's you quickly estimate total capacity for the entire sprint and each member with individual adjustments for excess or reduce capacity scenarios.
The sprint progress bar provides a simple way of viewing sprint progress by indicating hours completed, hours remaining and excess capacity. The arrow mark on the progress bar is a basic estimate of where progress should be based on the current timestamp relative to the start and the end of the sprints.
Click the filter icon next to the progress bar to target a specific team member to see their invidiual progress and capacity
Instead of sprints some teams may adopt the use of a Kanban board to track open work items and their progress. This is often better suited for situations where work does not follow a rigid release schedule such as continuous release workflows.
Under this workflow a manager or stakeholder can pull in tickets from the backlog for team members to pick up and progress across the board as they become available to work.
Columns allow for sorting tickets based on priority and the number of columns can be customized by configuring the ticket states in the project's settings.
Projects can be swapped between Kanban and sprint mode as needed in the project settings screen but both are not supported at the same time.
Ticket state management allows you to define the flow of tickets, how they are assigned to team members and integrate with other subsystems.
Configure ticket state color, what states to transition to/from and actions to take when entering or leaving the state.
Examples of actions include:
Use the invest feature to help gain insights into ticket importance and better prioritize your backlog.
Award users or groups investment currency manually or with allowances that will automatically distribute amounts at set intervals.
As team members and stakeholders work on the project they can distribute their investment credits according to their own desires.
Use the investment view of the backlog to see investment amount's and sort from highest investment to lowest.
Example use cases include:
Tag ticket descriptions and comments to automatically add them to your product knowledgebase. Tickets containing KB information are protected from accidental deletion.
View all related information on a KB topic quickly via the product library.
Add to-do items to tickets to track short-term goals and tasks. To-do items are private and viewable by the current user.
Track to-do list items on the user's home page to improve visibility.
Convenient links allow the user to quickly open the related ticket for each to-do list item.
Mark a ticket as the currently active ticket to add it to the user's home page.
Quickly manage the ticket from the home screen to simplify common tasks like updating estimates or ticket status.
Automatically track recent tickets that the user has created or own to quickly get back to where they left off.
View the list of the user's top investments based off how much they have personally invested in them.
Note: Certificates, logs and other generated files will persist.
The provided list of built-in queries on the Library sidebar will autopopulate the search bar with the query being used. This can be helpful for demonstrating how to form your own queries
Supported query filters:
Example queries:
On startup and periodically during execution MergeBack will heartbeat to the licensing server to check the validity of the license key. We do not collect personal user information but may collect non-identifying data to detect compromised license keys.
When MergeBack detects license expiration or is unable to contact the licensing server it will go into 'read-only' mode. Most functionality will continue to work but key actions like creating tickets, adding users, etc will start to fail.
The administrator can change the license key or force an immediate check of it in the 'Settings' screen of the server management interface