Skip to main content

Check out Port for yourselfย 

Create Jira Issue from Dependabot Alert

This self-service action shows how to create a Jira issue from a dependabot alert that links the issue to a service in Port.

Use casesโ€‹

  • Automatically create Jira issues from Dependabot alerts.
  • Add detailed metadata to Jira issues from Dependabot alerts.

Prerequisitesโ€‹

  1. Port's GitHub app needs to be installed

  2. Jira API token with permissions to create new issues

  3. In your GitHub repository, go to Settings > Secrets and add the following secrets:

  4. Optional - Install Port's Jira integration learn more

Jira integration

This step is not required for this example, but it will create all the blueprint boilerplate for you, and also update the catalog in real time with the new issue created.

  1. In case you decided not to install the Jira integration, you will need to create a blueprint for the Jira Project in Port.
Jira Project Blueprint (Click to expand)
  {
"identifier": "jiraProject",
"description": "A Jira project",
"title": "Jira Project",
"icon": "Jira",
"schema": {
"properties": {
"url": {
"title": "Project URL",
"type": "string",
"format": "url",
"description": "URL to the project in Jira"
},
"totalIssues": {
"title": "Total Issues",
"type": "number",
"description": "The total number of issues in the project"
}
},
"required": []
},
"mirrorProperties": {},
"calculationProperties": {},
"aggregationProperties": {},
"relations": {}
}
  1. You have finished the onboarding process and created a Service blueprint from the onboarding steps. You can alternatively create the Service blueprint in Port using the schema below:
Service Blueprint (Click to expand)
{
"identifier": "service",
"title": "Service",
"icon": "Github",
"schema": {
"properties": {
"readme": {
"title": "README",
"type": "string",
"format": "markdown",
"icon": "Book"
},
"url": {
"title": "URL",
"format": "url",
"type": "string",
"icon": "Link"
},
"language": {
"icon": "Git",
"type": "string",
"title": "Language",
"enum": [
"GO",
"Python",
"Node",
"React"
],
"enumColors": {
"GO": "red",
"Python": "green",
"Node": "blue",
"React": "yellow"
}
},
"slack": {
"icon": "Slack",
"type": "string",
"title": "Slack",
"format": "url"
},
"code_owners": {
"title": "Code owners",
"description": "This service's code owners",
"type": "string",
"icon": "TwoUsers"
},
"type": {
"title": "Type",
"description": "This service's type",
"type": "string",
"enum": [
"Backend",
"Frontend",
"Library"
],
"enumColors": {
"Backend": "purple",
"Frontend": "pink",
"Library": "green"
},
"icon": "DefaultProperty"
},
"lifecycle": {
"title": "Lifecycle",
"type": "string",
"enum": [
"Production",
"Experimental",
"Deprecated"
],
"enumColors": {
"Production": "green",
"Experimental": "yellow",
"Deprecated": "red"
},
"icon": "DefaultProperty"
},
"locked_in_prod": {
"icon": "DefaultProperty",
"title": "Locked in Prod",
"type": "boolean",
"default": false
},
"locked_reason_prod": {
"icon": "DefaultProperty",
"title": "Locked Reason Prod",
"type": "string"
}
},
"required": []
},
"mirrorProperties": {},
"calculationProperties": {},
"aggregationProperties": {},
"relations": {}
}
Mapping Dependabot Alerts to Service Blueprint

To effectively manage your Dependabot alerts, map them to your service blueprint in Port. This allows you to categorize and link alerts to the appropriate services within your catalog, enhancing visibility and traceability. Follow this resource mapping guide for detailed steps on how to map Dependabot alerts.

  1. Create the Dependabot Alert blueprint using this schema if you don't have it created already:
Dependabot Blueprint (Click to expand)
{
"identifier": "githubDependabotAlert",
"title": "Dependabot Alert",
"icon": "Github",
"schema": {
"properties": {
"severity": {
"icon": "DefaultProperty",
"title": "Severity",
"type": "string",
"enum": [
"low",
"medium",
"high",
"critical"
],
"enumColors": {
"low": "green",
"medium": "orange",
"high": "red",
"critical": "red"
}
},
"state": {
"title": "State",
"type": "string",
"enum": [
"auto_dismissed",
"dismissed",
"fixed",
"open"
],
"enumColors": {
"auto_dismissed": "green",
"dismissed": "green",
"fixed": "green",
"open": "red"
},
"icon": "DefaultProperty"
},
"packageName": {
"icon": "DefaultProperty",
"title": "Package Name",
"type": "string"
},
"packageEcosystem": {
"title": "Package Ecosystem",
"type": "string"
},
"manifestPath": {
"title": "Manifest Path",
"type": "string"
},
"scope": {
"title": "Scope",
"type": "string"
},
"ghsaID": {
"title": "GHSA ID",
"type": "string"
},
"cveID": {
"title": "CVE ID",
"type": "string"
},
"url": {
"title": "URL",
"type": "string",
"format": "url"
},
"references": {
"icon": "Vulnerability",
"title": "References",
"type": "array",
"items": {
"type": "string",
"format": "url"
}
}
},
"required": []
},
"mirrorProperties": {},
"calculationProperties": {},
"aggregationProperties": {},
"relations": {
"jira_issue": {
"title": "JIRA Issue",
"target": "jiraIssue",
"required": false,
"many": false
},
"service": {
"title": "Service",
"target": "service",
"required": false,
"many": false
}
}
}

GitHub Workflowโ€‹

Create the file create-jira-issue-from-dependabot.yml in the .github/workflows folder of your repository and copy the content of the workflow configuration below:

Dedicated repository

We recommend creating a dedicated repository for the workflows that are used by Port actions.

Create Jira Issue from dependabot alert workflow (Click to expand)
name: Create Jira Issue from Dependabot Alert

on:
workflow_dispatch:
inputs:
project:
required: true
type: string
type:
required: true
type: string
port_context:
required: true
type: string

jobs:
create-jira-issue:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Login to Jira
uses: atlassian/gajira-login@v3
env:
JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}

- name: Inform starting of Jira issue creation
uses: port-labs/port-github-action@v1
with:
clientId: ${{ secrets.PORT_CLIENT_ID }}
clientSecret: ${{ secrets.PORT_CLIENT_SECRET }}
operation: PATCH_RUN
runId: ${{ fromJson(inputs.port_context).run_id }}
logMessage: "Creating a new Jira issue from Dependabot alert... โ›ด๏ธ"

- name: Create Jira issue
id: create_jira
uses: atlassian/gajira-create@v3
with:
project: ${{ inputs.project }}
issuetype: ${{ inputs.type }}
summary: "Dependabot Alert: ${{ fromJson(inputs.port_context).entity.title }}"
description: |
**Severity**: ${{ fromJson(inputs.port_context).entity.properties.severity }}
**State**: ${{ fromJson(inputs.port_context).entity.properties.state }}
**Package Name**: ${{ fromJson(inputs.port_context).entity.properties.packageName }}
**Package Ecosystem**: ${{ fromJson(inputs.port_context).entity.properties.packageEcosystem }}
**Manifest Path**: ${{ fromJson(inputs.port_context).entity.properties.manifestPath }}
**Scope**: ${{ fromJson(inputs.port_context).entity.properties.scope }}
**GHSA ID**: ${{ fromJson(inputs.port_context).entity.properties.ghsaID }}
**CVE ID**: ${{ fromJson(inputs.port_context).entity.properties.cveID }}
**URL**: ${{ fromJson(inputs.port_context).entity.properties.url }}
fields: |
{
"labels": ["port-${{ fromJson(inputs.port_context).entity.identifier }}"]
}

- name: Inform creation of Jira issue
uses: port-labs/port-github-action@v1
with:
clientId: ${{ secrets.PORT_CLIENT_ID }}
clientSecret: ${{ secrets.PORT_CLIENT_SECRET }}
operation: PATCH_RUN
link: ${{ secrets.JIRA_BASE_URL }}/browse/${{ steps.create_jira.outputs.issue }}
runId: ${{ fromJson(inputs.port_context).run_id }}
logMessage: |
Jira issue created! โœ…
The issue ID is: ${{ steps.create_jira.outputs.issue }}

Port Configurationโ€‹

On the self-service page, create the Port action against the Dependabot Alert blueprint. This will trigger the GitHub workflow.

Create Jira Issue from Dependabot Alert (Click to expand)
Modification Required

Make sure to replace <GITHUB_ORG> and <GITHUB_REPO> with your GitHub organization and repository names respectively

{
"identifier": "create_jira_issue_from_dependabot",
"title": "Create Jira Issue from Dependabot",
"icon": "Jira",
"description": "Creates a Jira issue from dependabot.",
"trigger": {
"type": "self-service",
"operation": "DAY-2",
"userInputs": {
"properties": {
"project": {
"title": "Project",
"description": "The issue will be created on this project",
"icon": "Jira",
"type": "string",
"blueprint": "jiraProject",
"format": "entity"
},
"type": {
"title": "Type",
"description": "Issue type",
"icon": "Jira",
"type": "string",
"default": "Task",
"enum": [
"Task",
"Story",
"Bug",
"Epic"
],
"enumColors": {
"Task": "blue",
"Story": "green",
"Bug": "red",
"Epic": "pink"
}
}
},
"required": [
"type",
"project"
]
},
"blueprintIdentifier": "githubDependabotAlert"
},
"invocationMethod": {
"type": "GITHUB",
"org": "<GITHUB_ORG>",
"repo": "<GITHUB_REPO>",
"workflow": "create-jira-issue-from-dependabot.yml",
"workflowInputs": {
"type": "{{.inputs.\"type\"}}",
"project": "{{.inputs.\"project\" | if type == \"array\" then map(.identifier) else .identifier end}}",
"port_context": {
"entity": "{{.entity}}",
"run_id": "{{.run.id}}"
}
},
"reportWorkflowStatus": true
},
"requiredApproval": false,
"publish": true
}

Let's test itโ€‹

  1. Head to the Self Service hub
  2. Click on Execute on the Create Jira Issue from Dependabot action
  3. Select the dependabot alert
  4. Select the project
  5. Select the task type
  6. Click on Execute
  7. Done! wait for the issue to be created in Jira

Congrats ๐ŸŽ‰ You've created your first Jira issue from a Dependabot alert!