⚠️ Do not use! – Tutorial: Notify users about major updates

Forge Forge Platform and Tools
, ,
1

:warning: Unfortunately, this method no longer works due to a change in the Forge runtime (the outbound proxy can no longer make unauthenticated GraphQL requests).

One of the biggest problems with the current app versioning system is that customers often stay on old versions because admins don’t update apps manually when new major updates are available.

I found a way to notify users about major updates that you can use until Atlassian ships improvements to the versioning system.

Prerequisites

  • The app must use the native Node.js runtime.
  • This method doesn’t need additional scopes or egress permissions.

Getting the current version

The getAppContext function returns an object that includes the environment and the app version under which a Forge function is executed:

import { getAppContext } from "@forge/api";

const context = getAppContext();
console.log(context.environmentType); // e.g., "PRODUCTION"
console.log(context.appVersion); // e.g., "2.1.0"

Getting the latest version

To find out if the current version differs from the latest deployed version, you can fetch the latest version using the GraphQL API:

query App {
  app(id: "ari:cloud:ecosystem::app/<YOUR_APP_ID>") {
    environments {
      type # e.g., "PRODUCTION"
      versions(first: 1) { # We only need the latest version.
        nodes {
          version # e.g., "3.0.0"
        }
      }
    }
  }
}

To make the request, use requestGraph function like this:

const response = await api.asApp().requestGraph(query, undefined, {
  Authorization: "Forge none"
});

It’s important to override the Authorization header because asApp and asUser requests are not supported by this part of the GraphQL schema. "Forge none" is a special header value that tells the Forge outbound proxy to not use an Authorization header. Luckily, the GraphQL API returns details about the production environment of your app without this header if the app is published on the Marketplace. For example:

{
  "data": {
    "app": {
      "environments": [
        {
          "type": "PRODUCTION",
          "versions": { "nodes": [{ "version": "3.0.0" }] }
        }
      ]
    }
  }
}

Finally, you can compare the version from the app context with the latest version for the respective environment and show a message in your front end if users need to update manually. :tada:

22 Likes
2

Looks like this is not working anymore. The Graph API returns 400 when Authorization header is used.

3 Likes
3

There’s another way to access information about the latest available version using the marketplace Rest API: https://developer.atlassian.com/platform/marketplace/rest/v2/api-group-app-versions/#api-addons-addonkey-versions-latest-get. This doesn’t require the Authorization header so still works.
It does require the marketplace URL to be added to the manifest though. With something like:

permissions:
  external:
    fetch:
      client:
        - remote: atlassian-marketplace
remotes:
  - key: atlassian-marketplace
    baseUrl: 'https://marketplace.atlassian.com'
    operations:
      - fetch

Specifying the URL permission directly also works but could affect data residency PINNED status (see https://developer.atlassian.com/platform/forge/runtime-egress-permissions/#data-residency-eligibility).

3 Likes