search

checkmarx-ts / checkmarx-cxflow-github-action

Checkmarx CxFlow GitHub Action with SARIF output
GNU General Public License v3.0
52 stars 53 forks source link

Only some issues being reported to Jira #44

Closed bfentiman-ipipeline closed 2 years ago

bfentiman-ipipeline commented 2 years ago

We currently have the following as part of our GitHub Action config, with the correct secrets added to the repository.

preset: High and Medium
jira_url: ${{ secrets.JIRA_URL }}
jira_username: ${{ secrets.JIRA_USERNAME }}
jira_token: ${{ secrets.JIRA_TOKEN }}
jira_project: ${{ secrets.JIRA_PROJECT }}
jira_issue_type: 'Story'
jira_open_transition: 'Open'
jira_close_transition: 'Close'
jira_open_status: 'Open,In Progress'
jira_closed_status: 'Closed'
params: --exclude-folders=.github --cx-flow.filterSeverity --cx-flow.filterCategory --cx-flow.bug-tracker=JIRA --jira.priorities.High=High --jira.priorities.Medium=Medium

What we've found is that only the Medium level issues found by Checkmarx are being reported into Jira, the High level ones are being ignored.

When we do exactly the same config but without Jira as the bug tracker and using it as part of a pull request, both the high and medium issues are reported.

I'm not quite sure why it would be returning all the issues but only raising the medium ones as a Jira.

jbrotsos commented 2 years ago

@bfentiman-ipipeline

I believe the correct filter is --cx-flow.filter-severity=High

Let me know if that works.

bfentiman-ipipeline commented 2 years ago

@bfentiman-ipipeline

I believe the correct filter is --cx-flow.filter-severity=High

Let me know if that works.

This then results in just High issues being raised whereas we need medium and high issues being raised.

I managed to get this to happen by removing the --cx-flow.filterSeverity completely