Improve efficiency of configuring Jira issue creation from vulnerabilities at scale

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Work on this issue
• Close this issue

Release notes

Problem to solve

Some customers that want to leverage Jira issue creation from vulnerabilities want to map many GitLab projects to the same Jira project (and issue type). While the main Jira integration can be set at a Group level and inherited by child Projects, the vulnerabilities integration portion must still be set on each individual project. For those customers who might have 100s of GitLab projects they want to map to a single Jira project, this means they have to visit the integrations settings for each such GitLab project and manually set the same Jira project and issue type. This is extremely tedious and inefficient.

Proposal

The core need is to provide an efficient way of configuring multiple GitLab project's Jira/vulnerabilities integration settings. For the purposes of this issue, we should choose the method that will be fastest to implement and deploy as there is a customer actively experiencing this pain point.

Suggested approaches:

1. Add a new GraphQL mutation that allows configuring the ability to create Jira issue from vulnerabilities for a Project.
2. Extend the ability to set Jira integrations at a Group level to the Jira / vulnerabilities portion of the integration.

For the first option, we would need to be able to both set and update/override the necessary integration parameters including:

• Turning the vulnerabilities creation on and off
• Jira project key
• Jira issue type key

For the second option, we would allow setting the same options currently on the Project level but at the Group level. These vulnerability settings would be inherited by all child projects just like the base Jira integration settings can be today. Also, any of the Jira issue creation from vulnerabilities settings can be overridden at the Project level.

Implementation plan

• backend create enableCreateJiraIssueFromVulnerabilities GraphQL that turns on the integration on project level provided credentials, project key and issue type exist.