英文:
Automatically open Jira ticket for issues in Snyk
问题
我想要能够自动从Snyk打开Jira的工单,用于新发现的问题,不论是新问题还是现有的漏洞。
同时,我想要能够为已存在于代码中的问题创建Jira工单。
我查看了Snyk API,也研究了通过界面打开工单的方式,但这不够可扩展。我们希望自动化这个任务并使其自动化。
英文:
I would like to be able to open tickets automatically from Snyk to Jira for new issues found. Based on new or existing vulnerabilities.
And I would like to be able to create Jira tickets for issues already in the code.
Looked at Snyk APIs and looked at the UI way of opening ticket but it is not scalable. We want to automate this task and have it automated.
答案1
得分: 2
以下是翻译好的部分:
有一个名为***jira-tickets-for-new-vulns***的工具,它提供了同步您的Snyk监控项目并自动为新问题和已存在的没有创建工单的问题打开Jira工单的方式。
每隔X分钟/小时运行Cron并修复这些问题。这个工具旨在定期执行或根据您的选择(Webhook触发器)执行。它可以像这样:
./snyk-jira-sync-<yourplatform>
-orgID=<SNYK_ORG_ID> // 可在设置下找到
-token=<API Token> // Snyk API令牌。服务帐号可用。
-jiraProjectKey=<Key> // Jira项目键,工单将针对其开放
--severity=critical // 可选:critical|high|medium|low
您还可以找到一些扩展选项来设置它,例如仅适用于'High'严重性及以上的漏洞。
英文:
There is a tool called jira-tickets-for-new-vulns, it provides the means to sync your Snyk-monitored projects and automatically open Jira tickets for new issues and existing issue(s) without ticket(s) already created.
Cron it every X minutes/hours and fix the issues. This tool is aimed to be executed at regular intervals or with a trigger of your choice (webhooks). It can be could like this:
./snyk-jira-sync-<yourplatform>
-orgID=<SNYK_ORG_ID> // Can find it under settings
-token=<API Token> // Snyk API Token. Service accounts work.
-jiraProjectKey=<Key> // Jira project Key the tickets will be opened against
--severity=critical // optional: critical|high|medium|low
You can also find some extended options to set this up, for example apply this just for 'High' severity vulnerabilities and above.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论