# Jira Integration

## Overview

Arnica’s Jira integration allows customers to easily create issues manually and automatically by utilizing the [Secrets](https://docs.arnica.io/arnica-documentation/hardcoded-secrets/secrets-policy-settings#rules) and [Code Risk](https://docs.arnica.io/arnica-documentation/code-risks/code-risk-policy-settings#rules) policies.

Arnica provides a customizable **unidirectional** connection to Jira. The reason for providing a single-direction connection is that Arnica maintains the source of truth for the resolution of vulnerabilities through the entire development lifecycle, from the moment the fix was introduced into a feature branch until it is merged into your production branch.

## Ensure service account continuity <a href="#h_899746cec5" id="h_899746cec5"></a>

### Create a dedicated application user <a href="#h_729a2d46f2" id="h_729a2d46f2"></a>

Arnica's Jira integration leverages OAuth2 to authenticate with a dedicated application user. To avoid the revocation of this functionality upon the impersonated user's departure, it is highly recommended to create and integrate using a standard application user.

{% hint style="warning" %}
The created user will be visible to all developers as part of Arnica's interactions, such as the reporter of each issue. Hence, it is recommended to name the service account properly, such as `arnica-jira-service-account`
{% endhint %}

## Prerequisites

### Grant permissions to application user

Ensure that the application user has the privileges to view all issues, issue types, projects, users and workflows

Additionally, ensure that this user is authorized to create and update Jira issues.

{% hint style="info" %}
If an integration is required with multiple workspaces, ensure the user has similar level of access across all workspaces.
{% endhint %}

## Installation process

### Integrate

1. Navigate to the [Integrations page](https://app.arnica.io/#/admin/integrations) in Arnica and click on `Jira`.
2. Authorize the application for each workspace

<div align="center"><figure><img src="https://4035514934-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FMxc1Ek3qoIZi5t2Sx7do%2Fuploads%2Fgit-blob-4de4959233dae2681223124ccb5cea0965e6c8f3%2Fimage.png?alt=media" alt="" width="375"><figcaption></figcaption></figure></div>

3. Click on `Approve` . You will see the workspaces in the integrations page.

### Map issues in policies

Issues creation is available from each finding details in Secrets and Code Risks. You will see the Jira icon at the top right of each finding, as in the image below.

In order to avoid mapping each issue manually when it is created, Arnica requires to setup a policy in Secrets or Code Risks with the mapping of the relevant workspace, project, issue type, custom fields, as well as the determination of open vs. closed statuses.

{% hint style="info" %}
The mapping of the `open` and `closed` status is important to allow Arnica close the issue when it is resolved.
{% endhint %}

#### **Map manual issue creation**

1. Navigate to the [Policies page](https://app.arnica.io/#/admin/policy-v2) and expand the relevant section
2. Add a rule with the [trigger](https://docs.arnica.io/arnica-documentation/code-risks/code-risk-policy-settings#triggers) `User Created Issue` and relevant [conditions](https://docs.arnica.io/arnica-documentation/code-risks/code-risk-policy-settings#conditions)
3. Add the [action](https://docs.arnica.io/arnica-documentation/code-risks/code-risk-policy-settings#actions) `Create Issue` and fill the relevant fields mapping in Jira

<figure><img src="https://4035514934-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FMxc1Ek3qoIZi5t2Sx7do%2Fuploads%2Fgit-blob-594d14c225182ef8c9f5cb247ff928d87c151cab%2Fimage.png?alt=media" alt=""><figcaption><p>Policy configuration for manual issue creation</p></figcaption></figure>

{% hint style="info" %}
Arnica's field mapping supports string, integer or custom list typed fields . The values can be dynamic based on the finding or static strings.
{% endhint %}

4. Click on `Save` and navigate to the relevant finding.
5. Open the finding and click on the Jira icon on the top right pane.

<figure><img src="https://4035514934-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FMxc1Ek3qoIZi5t2Sx7do%2Fuploads%2Fgit-blob-ee40d8cca6b9923a0384917719f5c0d6c032af7d%2Fimage.png?alt=media" alt="" width="192"><figcaption></figcaption></figure>

6. When the issue created successfully, the link to the Jira issue will appear in the history of the finding and in the column `issue`

<figure><img src="https://4035514934-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FMxc1Ek3qoIZi5t2Sx7do%2Fuploads%2Fgit-blob-cddbfc61bc453126cef080025c473b799b89acf7%2Fimage.png?alt=media" alt=""><figcaption><p>Links to Jira issues in the risks view</p></figcaption></figure>

#### Map automated issue creation

Jira issue creation [action](https://docs.arnica.io/arnica-documentation/code-risks/code-risk-policy-settings#actions) can run with any [trigger](https://docs.arnica.io/arnica-documentation/code-risks/code-risk-policy-settings#triggers) and [condition](https://docs.arnica.io/arnica-documentation/code-risks/code-risk-policy-settings#conditions). This powerful automation can route any issue creation and resolution at any stage of the development lifecycle.

1. Navigate to the [Policies page](https://app.arnica.io/#/admin/policy-v2) and expand the relevant section
2. Add a rule with the [trigger](https://docs.arnica.io/arnica-documentation/code-risks/code-risk-policy-settings#triggers) (e.g. `Code risk detected on PR`) and relevant [conditions](https://docs.arnica.io/arnica-documentation/code-risks/code-risk-policy-settings#conditions) (e.g. severity is `High` or above).
3. Add the relevant [actions](https://docs.arnica.io/arnica-documentation/code-risks/code-risk-policy-settings#actions) (e.g. `Comment on PR` and `Fail Status Check`), alongside the `Create Issue`. Fill the relevant fields mapping in Jira

<figure><img src="https://4035514934-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FMxc1Ek3qoIZi5t2Sx7do%2Fuploads%2Fgit-blob-75702dbb2c5c571dcf678c6c71fa67b776c23df9%2Fimage%20(116).png?alt=media" alt=""><figcaption><p>Automated issue creation on PR</p></figcaption></figure>

{% hint style="info" %}
Arnica's field mapping supports string, integer or custom list typed fields. The values can be dynamic based on the finding or static strings.
{% endhint %}

4. Click on `Save` and navigate to the relevant finding.
5. The next time this rule is matches, the action will be taken.