-
Notifications
You must be signed in to change notification settings - Fork 17
38 lines (35 loc) · 1.21 KB
/
synced-security-alert-for-jira.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
name: Dependabot PR to create Jira ticket
on:
pull_request:
types:
- opened
branches:
- master
- main
- develop
# workflow_dispatch:
env:
JIRA_BASE_URL: https://runai.atlassian.net
JIRA_USER_EMAIL: [email protected]
JIRA_API_TOKEN: ${{ secrets.JIRA_SECRET }}
JIRA_PROJECT: RUN
JIRA_ISSUE_TYPE: Bug
jobs:
create_jira:
name: Dependabot Jira
runs-on: ubuntu-latest
if: ${{ github.actor == 'dependabot[bot]' }}
steps:
- name: Login to Jira
uses: atlassian/gajira-login@master
- name: Create Jira Issue
id: create
uses: atlassian/[email protected]
with:
project: ${{ env.JIRA_PROJECT }}
issuetype: ${{ env.JIRA_ISSUE_TYPE }}
summary: |
[Vulnerability fix][Repo: ${{github.event.repository.name }}] ${{github.event.pull_request.title }}
description: |
Action required: Browse to pull request: ${{github.event.pull_request.html_url }}. If CircleCI tests have passed, force merge the pull request. Note: the Jira - Github integration will not work due to the Dependabot pull request name not including the Jira ticket name.
fields: '{"customfield_10014": "RUN-1296"}' # Security Epic