Problem
atl issue comment add cannot post a JSD-internal comment (visible only to agents, hidden from the reporter). It only exposes --visibility-type role|group, which is the Jira-platform restriction model and not the same as JSD's public/internal flag.
This matters for SD-* (Service Desk) tickets where post-mortem notes, root-cause analyses, and debugging context must stay agent-only. Today there is no safe CLI path: any `atl issue comment add SD-XXXXX ...` is published to the reporter.
What does NOT work today
atl issue comment add + PUT property afterward. Setting sd.public.comment = {internal: true} via PUT /rest/api/3/comment/{id}/properties/sd.public.comment returns HTTP 201 but the comment stays public — by the time the property is patched the comment has already been delivered to the customer. Confirmed on SD-25345 (2026-05-12): three attempts, all landed publicly, had to be deleted manually.POST /rest/servicedeskapi/request/{id}/comment with {public: false}. Correct endpoint, but the atl OAuth token does not carry the Service Desk scope — returns 401 Unauthorized; scope does not match.
Requested change
Add a flag to atl issue comment add for JSD-internal comments, e.g.:
atl issue comment add SD-25345 --body "..." --internal
Suggested behavior:
- For SD-* (or any issue under a Service Desk project), use the JSD request comment endpoint with
public: false.
- Requires adding the
read:servicedesk-request/write:servicedesk-request scopes to the atl OAuth client (or whichever the Atlassian Service Desk API requires).
- For non-JSD issues, the flag should be rejected with a clear error.
Bonus: warn or refuse to post comments to SD-* tickets without --internal / --public being explicit, to prevent accidental customer-visible posts.
References
Problem
atl issue comment addcannot post a JSD-internal comment (visible only to agents, hidden from the reporter). It only exposes--visibility-type role|group, which is the Jira-platform restriction model and not the same as JSD's public/internal flag.This matters for SD-* (Service Desk) tickets where post-mortem notes, root-cause analyses, and debugging context must stay agent-only. Today there is no safe CLI path: any `atl issue comment add SD-XXXXX ...` is published to the reporter.
What does NOT work today
atl issue comment add+ PUT property afterward. Settingsd.public.comment = {internal: true}viaPUT /rest/api/3/comment/{id}/properties/sd.public.commentreturns HTTP 201 but the comment stays public — by the time the property is patched the comment has already been delivered to the customer. Confirmed on SD-25345 (2026-05-12): three attempts, all landed publicly, had to be deleted manually.POST /rest/servicedeskapi/request/{id}/commentwith{public: false}. Correct endpoint, but the atl OAuth token does not carry the Service Desk scope — returns401 Unauthorized; scope does not match.Requested change
Add a flag to
atl issue comment addfor JSD-internal comments, e.g.:Suggested behavior:
public: false.read:servicedesk-request/write:servicedesk-requestscopes to the atl OAuth client (or whichever the Atlassian Service Desk API requires).Bonus: warn or refuse to post comments to SD-* tickets without
--internal/--publicbeing explicit, to prevent accidental customer-visible posts.References