Create Jira Issue from Dependabot Alert
This self-service action shows how to create a Jira issue from a dependabot alert that links the issue to a service in Port.
Use casesโ
- Automatically create Jira issues from Dependabot alerts.
- Add detailed metadata to Jira issues from Dependabot alerts.
Prerequisitesโ
-
Port's GitHub app needs to be installed
-
Jira API token with permissions to create new issues
-
In your GitHub repository, go to Settings > Secrets and add the following secrets:
- JIRA_API_TOKEN - Jira API token generated by the user
- JIRA_BASE_URL - The URL of your Jira organization
- JIRA_USER_EMAIL - The email of the Jira user that owns the Jira API token
- PORT_CLIENT_ID - Your port [client id](How to get the credentials)
- PORT_CLIENT_SECRET - Your port [client secret](How to get the credentials)
-
Optional - Install Port's Jira integration learn more
This step is not required for this example, but it will create all the blueprint boilerplate for you, and also update the catalog in real time with the new issue created.
- In case you decided not to install the Jira integration, you will need to create a blueprint for the Jira Project in Port.
Jira Project Blueprint (Click to expand)
{
"identifier": "jiraProject",
"description": "A Jira project",
"title": "Jira Project",
"icon": "Jira",
"schema": {
"properties": {
"url": {
"title": "Project URL",
"type": "string",
"format": "url",
"description": "URL to the project in Jira"
},
"totalIssues": {
"title": "Total Issues",
"type": "number",
"description": "The total number of issues in the project"
}
},
"required": []
},
"mirrorProperties": {},
"calculationProperties": {},
"aggregationProperties": {},
"relations": {}
}
- You have finished the onboarding process and created a
Service
blueprint from the onboarding steps. You can alternatively create theService
blueprint in Port using the schema below:
Service Blueprint (Click to expand)
{
"identifier": "service",
"title": "Service",
"icon": "Github",
"schema": {
"properties": {
"readme": {
"title": "README",
"type": "string",
"format": "markdown",
"icon": "Book"
},
"url": {
"title": "URL",
"format": "url",
"type": "string",
"icon": "Link"
},
"language": {
"icon": "Git",
"type": "string",
"title": "Language",
"enum": [
"GO",
"Python",
"Node",
"React"
],
"enumColors": {
"GO": "red",
"Python": "green",
"Node": "blue",
"React": "yellow"
}
},
"slack": {
"icon": "Slack",
"type": "string",
"title": "Slack",
"format": "url"
},
"code_owners": {
"title": "Code owners",
"description": "This service's code owners",
"type": "string",
"icon": "TwoUsers"
},
"type": {
"title": "Type",
"description": "This service's type",
"type": "string",
"enum": [
"Backend",
"Frontend",
"Library"
],
"enumColors": {
"Backend": "purple",
"Frontend": "pink",
"Library": "green"
},
"icon": "DefaultProperty"
},
"lifecycle": {
"title": "Lifecycle",
"type": "string",
"enum": [
"Production",
"Experimental",
"Deprecated"
],
"enumColors": {
"Production": "green",
"Experimental": "yellow",
"Deprecated": "red"
},
"icon": "DefaultProperty"
},
"locked_in_prod": {
"icon": "DefaultProperty",
"title": "Locked in Prod",
"type": "boolean",
"default": false
},
"locked_reason_prod": {
"icon": "DefaultProperty",
"title": "Locked Reason Prod",
"type": "string"
}
},
"required": []
},
"mirrorProperties": {},
"calculationProperties": {},
"aggregationProperties": {},
"relations": {}
}
To effectively manage your Dependabot alerts, map them to your service
blueprint in Port. This allows you to categorize and link alerts to the appropriate services within your catalog, enhancing visibility and traceability.
Follow this resource mapping guide for detailed steps on how to map Dependabot alerts.
- Create the Dependabot Alert blueprint using this schema if you don't have it created already:
Dependabot Blueprint (Click to expand)
{
"identifier": "githubDependabotAlert",
"title": "Dependabot Alert",
"icon": "Github",
"schema": {
"properties": {
"severity": {
"icon": "DefaultProperty",
"title": "Severity",
"type": "string",
"enum": [
"low",
"medium",
"high",
"critical"
],
"enumColors": {
"low": "green",
"medium": "orange",
"high": "red",
"critical": "red"
}
},
"state": {
"title": "State",
"type": "string",
"enum": [
"auto_dismissed",
"dismissed",
"fixed",
"open"
],
"enumColors": {
"auto_dismissed": "green",
"dismissed": "green",
"fixed": "green",
"open": "red"
},
"icon": "DefaultProperty"
},
"packageName": {
"icon": "DefaultProperty",
"title": "Package Name",
"type": "string"
},
"packageEcosystem": {
"title": "Package Ecosystem",
"type": "string"
},
"manifestPath": {
"title": "Manifest Path",
"type": "string"
},
"scope": {
"title": "Scope",
"type": "string"
},
"ghsaID": {
"title": "GHSA ID",
"type": "string"
},
"cveID": {
"title": "CVE ID",
"type": "string"
},
"url": {
"title": "URL",
"type": "string",
"format": "url"
},
"references": {
"icon": "Vulnerability",
"title": "References",
"type": "array",
"items": {
"type": "string",
"format": "url"
}
}
},
"required": []
},
"mirrorProperties": {},
"calculationProperties": {},
"aggregationProperties": {},
"relations": {
"jira_issue": {
"title": "JIRA Issue",
"target": "jiraIssue",
"required": false,
"many": false
},
"service": {
"title": "Service",
"target": "service",
"required": false,
"many": false
}
}
}
GitHub Workflowโ
Create the file create-jira-issue-from-dependabot.yml
in the .github/workflows
folder of your repository and copy the content of the workflow configuration below:
We recommend creating a dedicated repository for the workflows that are used by Port actions.
Create Jira Issue from dependabot alert workflow (Click to expand)
name: Create Jira Issue from Dependabot Alert
on:
workflow_dispatch:
inputs:
project:
required: true
type: string
type:
required: true
type: string
port_context:
required: true
type: string
jobs:
create-jira-issue:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Login to Jira
uses: atlassian/gajira-login@v3
env:
JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
- name: Inform starting of Jira issue creation
uses: port-labs/port-github-action@v1
with:
clientId: ${{ secrets.PORT_CLIENT_ID }}
clientSecret: ${{ secrets.PORT_CLIENT_SECRET }}
operation: PATCH_RUN
runId: ${{ fromJson(inputs.port_context).run_id }}
logMessage: "Creating a new Jira issue from Dependabot alert... โด๏ธ"
- name: Create Jira issue
id: create_jira
uses: atlassian/gajira-create@v3
with:
project: ${{ inputs.project }}
issuetype: ${{ inputs.type }}
summary: "Dependabot Alert: ${{ fromJson(inputs.port_context).entity.title }}"
description: |
**Severity**: ${{ fromJson(inputs.port_context).entity.properties.severity }}
**State**: ${{ fromJson(inputs.port_context).entity.properties.state }}
**Package Name**: ${{ fromJson(inputs.port_context).entity.properties.packageName }}
**Package Ecosystem**: ${{ fromJson(inputs.port_context).entity.properties.packageEcosystem }}
**Manifest Path**: ${{ fromJson(inputs.port_context).entity.properties.manifestPath }}
**Scope**: ${{ fromJson(inputs.port_context).entity.properties.scope }}
**GHSA ID**: ${{ fromJson(inputs.port_context).entity.properties.ghsaID }}
**CVE ID**: ${{ fromJson(inputs.port_context).entity.properties.cveID }}
**URL**: ${{ fromJson(inputs.port_context).entity.properties.url }}
fields: |
{
"labels": ["port-${{ fromJson(inputs.port_context).entity.identifier }}"]
}
- name: Inform creation of Jira issue
uses: port-labs/port-github-action@v1
with:
clientId: ${{ secrets.PORT_CLIENT_ID }}
clientSecret: ${{ secrets.PORT_CLIENT_SECRET }}
operation: PATCH_RUN
link: ${{ secrets.JIRA_BASE_URL }}/browse/${{ steps.create_jira.outputs.issue }}
runId: ${{ fromJson(inputs.port_context).run_id }}
logMessage: |
Jira issue created! โ
The issue ID is: ${{ steps.create_jira.outputs.issue }}
Port Configurationโ
On the self-service page, create the Port action against the Dependabot Alert
blueprint. This will trigger the GitHub workflow.
Create Jira Issue from Dependabot Alert (Click to expand)
Make sure to replace <GITHUB_ORG>
and <GITHUB_REPO>
with your GitHub organization and repository names respectively
{
"identifier": "create_jira_issue_from_dependabot",
"title": "Create Jira Issue from Dependabot",
"icon": "Jira",
"description": "Creates a Jira issue from dependabot.",
"trigger": {
"type": "self-service",
"operation": "DAY-2",
"userInputs": {
"properties": {
"project": {
"title": "Project",
"description": "The issue will be created on this project",
"icon": "Jira",
"type": "string",
"blueprint": "jiraProject",
"format": "entity"
},
"type": {
"title": "Type",
"description": "Issue type",
"icon": "Jira",
"type": "string",
"default": "Task",
"enum": [
"Task",
"Story",
"Bug",
"Epic"
],
"enumColors": {
"Task": "blue",
"Story": "green",
"Bug": "red",
"Epic": "pink"
}
}
},
"required": [
"type",
"project"
]
},
"blueprintIdentifier": "githubDependabotAlert"
},
"invocationMethod": {
"type": "GITHUB",
"org": "<GITHUB_ORG>",
"repo": "<GITHUB_REPO>",
"workflow": "create-jira-issue-from-dependabot.yml",
"workflowInputs": {
"type": "{{.inputs.\"type\"}}",
"project": "{{.inputs.\"project\" | if type == \"array\" then map(.identifier) else .identifier end}}",
"port_context": {
"entity": "{{.entity}}",
"run_id": "{{.run.id}}"
}
},
"reportWorkflowStatus": true
},
"requiredApproval": false,
"publish": true
}
Let's test itโ
- Head to the Self Service hub
- Click on
Execute
on theCreate Jira Issue from Dependabot
action - Select the dependabot alert
- Select the project
- Select the task type
- Click on
Execute
- Done! wait for the issue to be created in Jira
Congrats ๐ You've created your first Jira issue from a Dependabot alert!