Skip to content

Scan and Open Jira Tickets (AWS Security Hub) #56

Scan and Open Jira Tickets (AWS Security Hub)

Scan and Open Jira Tickets (AWS Security Hub) #56

name: Sync Security Hub findings and Jira issues
on:
workflow_dispatch: # for testing and manual runs
schedule:
- cron: "0 6 * * *" # daily at 0600 UTC
permissions:
id-token: write
jobs:
sync:
name: Run sync
runs-on: ubuntu-20.04
steps:
- name: Check out repo
uses: actions/checkout@v3
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
role-to-assume: ${{ secrets.PRODUCTION_SYNC_OIDC_ROLE }}
- name: Sync Security Hub and Jira
uses: Enterprise-CMCS/[email protected]
with:
jira-token: ${{ secrets.JIRA_SERVICE_USER_TOKEN }}
jira-username: ${{ secrets.JIRA_SERVICE_USERNAME }}
jira-host: qmacbis.atlassian.net
jira-project-key: MDCT
jira-epic-key: MDCT-2280
jira-ignore-statuses: Done, Closed, Canceled
jira-custom-fields: '{ "customfield_14154" : [{"id": "16955", "value": "CARTS"}] }'
aws-severities: CRITICAL, HIGH, MEDIUM
assign-jira-ticket-to: ${{ secrets.ACCOUNT_ID_REHMAN }}