Access to security container for vuln triggers within project automation

Shannon Tillery
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
March 21, 2024

We have many teams working from the same Jira project and Github Advanced Security integrated with our project. Our Github org includes hundreds of repos, each owned by a single team. We'd like to automate ticket creation triggered by "vulnerability found", but we need to be able to either assign the appropriate Team from the automation or add the security container as a component (which implies the Team). Is there some workaround?

1 answer

0 votes
Armando Jimenez
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
April 11, 2024

Hi! were you able to achieve this? Right now there is no way to get the repo name or security container name.

Shannon Tillery
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
May 17, 2024

Hi there! I did manage a workaround for now...

I'm using the vulnerability trigger along with the vulnerability.url smart var and regex comparison with org-name/repo-name. We happen to have multiple GH orgs integrated and the vuln trigger will execute against any org/repo integrated with your account, regardless of whether they're included in your project as a security container or not. 

The If block > Conditions look like this

Value
{{vulnerability.url}}

Condition
contains regular expression

Regular expression
my-org\/my-repo-x|my-org\/my-repo-y|my-org\/my-repo-z

Then I have a Create new issue step that sets the Team from the More options > Additional fields section, like this:

{
    "fields": {
        "Team": "36885b3c-1bf0-4f85-a357-c5b858c31de4"
    }
}
You can find the team id from either the team page url or from a simple query using the team display name, like this. Once you select the display name, it'll replace it with the team id.

"Team[Team]"=my-team
 

I also update the Sprint field as part of issue creation to Next Sprint (my-team-board). We triage any vuln enqueued in next sprint weekly. And I'm sending a slack notification to our team channel for Severity = Critical vulns so we can triage those immediately.

 

Hope that helps!

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
TAGS
AUG Leaders

Atlassian Community Events