Automatically create Jira Issue from Snyk Vulnerability
This guide demonstrates how to implement an automated process in Port that creates a Jira issue from a Snyk vulnerability.
This automation streamlines vulnerability management by enabling teams to efficiently track and resolve security alerts.
Use cases
- Automatically create Jira issues from Snyk vulnerabilities.
- Track and follow up on critical security risks.
Prerequisites
- Complete the onboarding process.
- Access to your Jira organization with permissions to create issues.
- Port's Snyk integration needs to be installed.
- Jira API token with permissions to create new issues.
Set up data model
For this guide, we will use the data model provided by the Port Snyk integration.
If you haven’t installed the Snyk integration yet, head over to the integration installation page to install it. This will automatically set up the relevant blueprints for you.
Set up automation
Once the integration is installed and Snyk entities are ingested, you can set up an automation that triggers whenever a Snyk Vulnerability changes severity to "critical".
The automation will create a Jira issue containing the details of the vulnerability.
Follow the steps below to configure the automation:
Add Port secrets
To add these secrets to your portal:
-
Click on the
...button in the top right corner of your Port application. -
Click on Credentials.
-
Click on the
Secretstab. -
Click on
+ Secretand add the following secret:-
JIRA_AUTH- Base64 encoded string of your Jira credentials. Generate this by running:echo -n "your-email@domain.com:your-api-token" | base64Replace
your-email@domain.comwith your Jira email andyour-api-tokenwith your Jira API token.One time generationThe base64 encoded string only needs to be generated once and will work for all webhook calls until you change your API token.
-
Automation backend
-
Head to the automation page.
-
Click on the
+ Automationbutton. -
Copy and paste the following JSON configuration into the editor:
Create Jira issue from Snyk vulnerability automation (Click to expand)
Configure your Jira environmentReplace
<JIRA_ORGANIZATION_URL>in the webhook URL with your Jira organization URL (e.g.,example.atlassian.net).Replace
<JIRA_PROJECT_NAME>in the webhook body with your Jira project name.{
"identifier": "createJiraIssueOnCriticalSnykVuln",
"title": "Create Jira Issue On Critical Snyk Vulnerabilty",
"description": "Automation to open a Jira issue when a Snyk vulnerabilty changes severity to critical",
"trigger": {
"type": "automation",
"event": {
"type": "ENTITY_UPDATED",
"blueprintIdentifier": "snykVulnerability"
},
"condition": {
"type": "JQ",
"expressions": [
".diff.before.properties.severity != \"critical\"",
".diff.after.properties.severity == \"critical\""
],
"combinator": "and"
}
},
"invocationMethod": {
"type": "WEBHOOK",
"url": "https://<JIRA_ORGANIZATION_URL>/rest/api/3/issue",
"agent": false,
"synchronized": true,
"method": "POST",
"headers": {
"Authorization": "Basic {{.secrets.JIRA_AUTH}}",
"Content-Type": "application/json"
},
"body": {
"fields": {
"project": {
"key": "<JIRA_PROJECT_NAME>"
},
"summary": "Critical Snyk Vulnerability: {{.event.diff.after.title}}",
"description": {
"version": 1,
"type": "doc",
"content": [
{
"type": "paragraph",
"content": [
{
"type": "text",
"text": "Severity",
"marks": [
{
"type": "strong"
}
]
},
{
"type": "text",
"text": ": {{.event.diff.after.properties.severity}}"
}
]
},
{
"type": "paragraph",
"content": [
{
"type": "text",
"text": "Type",
"marks": [
{
"type": "strong"
}
]
},
{
"type": "text",
"text": ": {{.event.diff.after.properties.type}}"
}
]
},
{
"type": "paragraph",
"content": [
{
"type": "text",
"text": "Package Names",
"marks": [
{
"type": "strong"
}
]
},
{
"type": "text",
"text": ": {{.event.diff.after.properties.packageNames}}"
}
]
},
{
"type": "paragraph",
"content": [
{
"type": "text",
"text": "Package Versions",
"marks": [
{
"type": "strong"
}
]
},
{
"type": "text",
"text": ": {{.event.diff.after.properties.packageVersions}}"
}
]
},
{
"type": "paragraph",
"content": [
{
"type": "text",
"text": "Issue URL",
"marks": [
{
"type": "strong"
}
]
},
{
"type": "text",
"text": ": {{.event.diff.after.properties.url}}"
}
]
},
{
"type": "paragraph",
"content": [
{
"type": "text",
"text": "Status",
"marks": [
{
"type": "strong"
}
]
},
{
"type": "text",
"text": ": {{.event.diff.after.properties.status}}"
}
]
},
{
"type": "paragraph",
"content": [
{
"type": "text",
"text": "Publication Time",
"marks": [
{
"type": "strong"
}
]
},
{
"type": "text",
"text": ": {{.event.diff.after.properties.publicationTime}}"
}
]
},
{
"type": "paragraph",
"content": [
{
"type": "text",
"text": "URL",
"marks": [
{
"type": "strong"
}
]
},
{
"type": "text",
"text": ": "
},
{
"type": "text",
"text": "{{.event.diff.after.properties.url}}",
"marks": [
{
"type": "link",
"attrs": {
"href": "{{.event.diff.after.properties.url}}"
}
}
]
}
]
},
{
"type": "paragraph",
"content": [
{
"type": "text",
"text": "Score",
"marks": [
{
"type": "strong"
}
]
},
{
"type": "text",
"text": ": {{.event.diff.after.properties.score}}"
}
]
}
]
},
"issuetype": {
"name": "Bug"
},
"labels": [
"snyk"
]
}
}
},
"publish": true
} -
Click
Save.
Once set up, every time a Snyk Vulnerability changes its severity to "critical", the automation will be triggered and a Jira issue like the one below will be created:
