Jira Integration
Last updated
Was this helpful?
Last updated
Was this helpful?
Arnica’s Jira integration allows customers to easily create issues manually and automatically by utilizing the and policies.
Arnica provides a customizable unidirectional connection to Jira. The reason for providing a single-direction connection is that Arnica maintains the source of truth for the resolution of vulnerabilities through the entire development lifecycle, from the moment the fix was introduced into a feature branch until it is merged into your production branch.
Arnica's Jira integration leverages OAuth2 to authenticate with a dedicated application user. To avoid the revocation of this functionality upon the impersonated user's departure, it is highly recommended to create and integrate using a standard application user.
The created user will be visible to all developers as part of Arnica's interactions, such as the reporter of each issue. Hence, it is recommended to name the service account properly, such as arnica-jira-service-account
Ensure that the application user has the privileges to view all issues, issue types, projects, users and workflows
Additionally, ensure that this user is authorized to create and update Jira issues.
Authorize the application for each workspace
Click on Approve
. You will see the workspaces in the integrations page.
Issues creation is available from each finding details in Secrets and Code Risks. You will see the Jira icon at the top right of each finding, as in the image below.
In order to avoid mapping each issue manually when it is created, Arnica requires to setup a policy in Secrets or Code Risks with the mapping of the relevant workspace, project, issue type, custom fields, as well as the determination of open vs. closed statuses.
Click on Save
and navigate to the relevant finding.
Open the finding and click on the Jira icon on the top right pane.
When the issue created successfully, the link to the Jira issue will appear in the history of the finding and in the column issue
Click on Save
and navigate to the relevant finding.
The next time this rule is matches, the action will be taken.
Navigate to the in Arnica and click on Jira
.
Navigate to the and expand the relevant section
Add a rule with the User Created Issue
and relevant
Add the Create Issue
and fill the relevant fields mapping in Jira
Jira issue creation can run with any and . This powerful automation can route any issue creation and resolution at any stage of the development lifecycle.
Navigate to the and expand the relevant section
Add a rule with the (e.g. Code risk detected on PR
) and relevant (e.g. severity is High
or above).
Add the relevant (e.g. Comment on PR
and Fail Status Check
), alongside the Create Issue
. Fill the relevant fields mapping in Jira