Skip to main content

Jira

Reporter that opens formatted issues for every non-filtered finding.

How to use

Open-Source

  1. Add the component to the workflow:
# file ./my-workflow/workflow.yml
description: Workflow reporting to Jira
name: jira
components:
- component: ghcr.io/smithy-security/smithy/manifests/components/targets/git-clone:v1.3.2
- component: ghcr.io/smithy-security/smithy/manifests/components/scanners/gosec:v1.2.3
- component: ghcr.io/smithy-security/smithy/manifests/components/scanners/nancy:v1.2.2
- component: ghcr.io/smithy-security/smithy/manifests/components/enrichers/custom-annotation:v0.1.2
- component: ghcr.io/smithy-security/smithy/manifests/components/reporters/jira:v0.1.1
  1. Configure the run parameters of the component in the overrides file:
# file: ./my-workflow/overrides.yaml
git-clone:
- name: "repo_url"
type: "string"
value: "https://github.com/sqreen/go-dvwa"
- name: "reference"
type: "string"
value: "master"
jira:
- name: "base_url"
type: "string"
value: "$baseURL"
- name: "project"
type: "string"
value: "$project"
- name: "auth_enabled"
type: "string"
value: "false"
- name: "username"
type: "string"
value: "$username"
- name: "password"
type: "string"
value: "$password"

SaaS

  1. In the Smithy UI, open the page to create a new workflow.
  2. Find the Jira component in the Reporters dropdown.
  3. Fill the form on the right

Options

You can configure this component with the following options. The options that have a default value are optional:

Option NameDescriptionDefaultType
[Required] base_urlBase URL of the Jira serverString
[Required] projectProject in Jira where to open issues toString
issue_typeThe issue type to open (task, bug, something else)TaskString
auth_enabledWhether auth should be enabled or notfalseBoolean
usernameThe auth usernameString
passwordThe auth password or auth tokenString
client_max_retriesOptional parameter to configure how many times the client should retry on retryable status codes10Number