Gathering some usage stats from Forge apps

clement_garin · October 5, 2021, 4:42pm

Hey,

We plan to release a free Forge app on the Marketplace. Before that, we would like to retrieve some stats about our app usage, to help us make decisions in the future.

Example of data:

Application sections visited (since it’s a single page application with a React router, retrieve the current route path)
Features used by the user (e.g. settings are changed)
Stats regarding our Forge functions (number of execution, time, …)

Some data can only be collected in the “front” part (CustomUI), while other are retrievable from Forge function executions.

First question: is collecting that kind of data OK regarding Atlassian policy? We don’t plan to retrieve information about users.

Second question: is there a recommended way to collect that kind of data ? We’ve tried integrating Google Analytics but it collects too many things regarding our needs, and doesn’t seem to work in a Forge app (even with egress permission to external script set to ‘*’, a CSP error is thrown).

Thanks in advance for your responses,
Clément

james.dellow · October 6, 2021, 2:13am

This is something I’ve been wondering about myself - from a Marketplace Partner perspective, I need access to analytics at a summary level and for each install (although not necessarily individual users). Ideally, there should be both a base level in Forge and the option to extend.

SushantBista · October 6, 2021, 3:24am

Hi @clement_garin and @james.dellow, thanks for the feedback. We are looking into this and will provide an update soon.

SamSmyth · October 7, 2021, 3:57am

Hey @clement_garin and @james.dellow,

We are currently underway with a project to address exposing

Stats regarding our Forge functions (number of execution, time, …)

to developers through the Developer Console. This will be the first of many incremental releases to improve monitoring for Forge developers. We plan to have these basic stats around Forge functions (number of execution, time, errors, etc.) available within 2 months.

For the second question, I would be interested in seeing exactly what CSP errors you are facing, would help us narrow down the cause.

Back to the first question (sorry for jumping around), I think User privacy guide for developers, Data privacy guidelines for developers and do I see customer data should be good jumping off points to determine whether the data you are collecting is ok.

clement_garin · October 7, 2021, 8:20am

Thanks for your responses

We plan to have these basic stats around Forge functions (number of execution, time, errors, etc.) available within 2 months.

Nice! Do you know if an open beta phase for this feature is planed ?

For the second question, I would be interested in seeing exactly what CSP errors you are facing, would help us narrow down the cause.

Using Custom UI, I’ve tried adding the basic Google Analytics code snipet in my index.html head:

  <script async src="https://www.googletagmanager.com/gtag/js?id=G-XXXXXXX"></script>
  <script>
    window.dataLayer = window.dataLayer || [];
    function gtag(){dataLayer.push(arguments);}
    gtag('js', new Date());

    gtag('config', 'G-XXXXXXX');
  </script>

Without any egress permission, I got expected CSP errors:

Content Security Policy: Les paramètres de la page ont empêché le chargement d’une ressource à https://www.googletagmanager.com/gtag/js?id=G-XXXXXXX (« script-src »).
Content Security Policy: Les paramètres de la page ont empêché le chargement d’une ressource à inline (« script-src »).

So, I add these permissions:

permissions:
  external:
    scripts:
      - '*.googletagmanager.com/gtag/js'
    fetch:
      client:
        - '*.google-analytics.com'

After a deploy/install+upgrade, only the first error is gone, the second remains:

Content Security Policy: Les paramètres de la page ont empêché le chargement d’une ressource à inline (« script-src »).

Ok, found the solution during writting this : I forgot that inline refer to JS code between <script> tags. Moving Google Analytics to my JS file solved the issue.

Back to the first question (sorry for jumping around), I think User privacy guide for developers, Data privacy guidelines for developers and do I see customer data should be good jumping off points to determine whether the data you are collecting is ok.

Thanks for this resources, I will check this

SamSmyth · October 8, 2021, 1:08am

We are not sure yet whether we will be structuring that release as an “open beta” but it will be be available to Forge developers within 2 months.