Skip to content

Add Jira issues in activity column to pipeline security listing

Lorenz van Herwaarden requested to merge lorenzvanherwaarden/add-jira-issues-pipeline-security-tab into master

What does this MR do and why?

Related #450240 (closed)

This MR allows Jira issues related to findings to be displayed in the activity column of the GraphQL pipeline listing page.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After
Screenshot_2024-04-17_at_10.24.44 Screenshot_2024-04-17_at_10.30.59

How to set up and validate locally

Prerequisites

  1. You need an EE license
  2. You need to have runners enabled (See $2408961 for setting up a runner)
  3. Import https://gitlab.com/gitlab-examples/security/security-reports
  4. Run a pipeline on master

Jira setup

  1. Create a Jira test project at https://jira.atlassian.com/ and get an API key at Account settings > Security
  2. Navigate to the security-reports project
  3. Go to Settings > Integrations > Jira
  4. Enable the integration and fill out the form
  5. Enable "Jira Issues" and "Issue creation from vulnerabilities"

Enable feature flag

  1. Go to http://gdk.test:3000/rails/features
  2. Search for pipeline_security_dashboard_graphql and enable

Create jira issue

  1. Go to security reports vulnerability report
  2. Click first vulnerability to go to detail page
  3. Click "Create jira issue"

Validate pipeline activity column

  1. Go to latest pipeline on security reports
  2. Go to the security tab
  3. Validate that first finding has an issue badge in the activity column hovering it opens a popover with a link. Click the link to go the issue in Jira (if this badge is not showing, check troubleshoot below).

Troubleshooting

  1. Check #450240 (comment 1859119476) for context. The jira issues are cached reactively, which means if they are requested by the UI for the first time, you'll not see them and a background job will kick off to fetch this data. The next time they should appear. However, it seems that on the GDK, this does not always behave correctly.
  2. You can try refreshing the page once.
  3. If that does not work, you can temporarily remove the reactive caching:
diff --git a/ee/app/finders/projects/integrations/jira/by_ids_finder.rb b/ee/app/finders/projects/integrations/jira/by_ids_finder.rb
index bb43f74535a6..00b6d2b1b856 100644
--- a/ee/app/finders/projects/integrations/jira/by_ids_finder.rb
+++ b/ee/app/finders/projects/integrations/jira/by_ids_finder.rb
@@ -24,7 +24,7 @@ def initialize(project, jira_issue_ids)
         end
 
         def execute
-          with_reactive_cache(*cache_args) { |issues| issues }
+          without_reactive_cache(*cache_args) { |issues| issues }
         end
 
         def calculate_reactive_cache(*)
Edited by Lorenz van Herwaarden

Merge request reports