Added mapping labels capability like Jira

[itsKedar]

Description

Added new parameters for GitHub and GitLab

   fields:
    - type: result
      name: application
    - type: result
      name: project

Every value mentioned in fields will be added in Labels.

• type

  • cx-scan: Used to map specific Checkmarx Scan Custom Field values
  • cx-sca: Used to map specific Checkmarx SCA Scan tags values
  • static: Used for static values (specifically requires a default-value to be provided)
  • result: Used to map known values from Checkmarx results or repository/scan request details. Refer to the Result values below.

• name: If cx-scan or cx-sca reflects the type, it is the name of the custom field within Checkmarx SAST or key of tag in case o SCA

• default-value Static value if no value can be determined for the respective field (Optional)

• If result is provided as type, the name must be one of the following:

application - Command line option --app
project - Command line option --cx-project
namespace - Command line option --namespace
repo-name - Command line option --repo-name
repo-url - Command line option --repo-url
branch - Command line option --branch
severity - Severity of issue in Checkmarx
category - Category of issue in Checkmarx
cwe - CWE of issue in Checkmarx
recommendation - Recommendation details based on Mitre/Custom Wiki
loc - csv of lines of code
issue-link - Direct link to issue within Checkmarx
filename - Filename provided by Checkmarx issue
language - Language provided by Checkmarx issue
similarity-id - Cx Similarity ID

References

https://github.com/checkmarx-ltd/cx-flow/issues/1029

Testing

Tested on GitHub and GitLab

[AvivCx]

Checkmarx One – Scan Summary & Details – 11d60029-095b-4dd8-851d-f47cd0d0cea8

No New Or Fixed Issues Found