Skip to content

Create Jira issue via new security findings modal

David Pisek requested to merge 393378-add-create-issue-jira-functionality into master

What does this MR do and why?

Create Jira issue via new security findings modal

Adds capability to create Jira issues via the new security findings modal.

Screenshots or screen recordings

Before After
Screenshot_2023-06-22_at_8.38.01_pm Screenshot_2023-06-22_at_8.37.42_pm
recording of issue creation
Screen_Recording_2023-06-22_at_8.39.21_pm

How to set up and validate locally

Setup

  1. Have the related FF enabled: echo "Feature.enable(:standalone_finding_modal)" | rails c
  2. You'll need an EE License
  3. You'll need to have runners enabled (See $2408961 for setting up a runner)
  4. Import https://gitlab.com/gitlab-examples/security/security-reports
  5. Run a pipeline on master

Validation

  1. Enable the Jira integration for a project:
    1. Either create a Jira test project at https://jira.atlassian.com/ or reach out to me for an API key
    2. Navigate to the security-reports project
    3. Go to Settings -> Integrations -> Jira
    4. Enable the integration and fill out the form
    5. Enable "Jira Issues" and "Issue creation from vulnerabilities"
    6. Make sure that the type of Jira issue to create from a vulnerability is selected
  2. Click on a finding and verify that the "Create Jira issue" button displays (including an "external link" icon).
  3. Click on the button and verify that the loading spinner is active and the button is disabled.
  4. Wait until the newly created issue opens in a new tab. Verify that it has the correct information.
  5. Go back to the pipeline's tab and verify that the "Create Jira issue" button no longer shows up.
  6. Refresh the page, click on the same finding and verify that the button is still not showing up.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #393378 (closed)

Edited by David Pisek

Merge request reports

Loading