search

fortify-ps / FortifyBugTrackerUtility

Automated submission of FoD and SSC vulnerabilities to external systems
MIT License
25 stars 14 forks source link

FoD to Azure Issue Transition #50

Closed bars0um closed 3 years ago

bars0um commented 3 years ago

The documentation does not currently provide an example for how to enable issue transitions from open to close and vice versa. Also the transitionsForClsoingIssue syntax in the documented example appears to be incorrect:

https://github.com/fortify-ps/FortifyBugTrackerUtility/blob/83aca6d82c88f6b73fee76a6c184b8a336d0df99/bugtracker/config/FoDToTFS.xml#L80-L82

The SpEL needs to use the get method on the fields hash using the azure attribute as a key. This will provide the value which can then be matched with the desired value.

The following is a configuration that works for this:

<property name="fieldsToUpdateDuringStateManagement" value="Microsoft.VSTS.TCM.SystemInfo"/>

        <property name="transitionsForOpeningIssue"><map>
            <entry key="fields.get('System.WorkItemType') matches 'Bug' and fields.get('System.State') matches 'Done'" value="Active[Issue opened by FortifyBugTrackerUtility]" />
            <entry key="fields.get('System.WorkItemType') matches 'Bug' and fields.get('System.State') matches 'Removed'" value="Active[Issue opened by FortifyBugTrackerUtility]" />
            <entry key="fields.get('System.WorkItemType') matches 'Bug' and fields.get('System.State') matches 'Resolved|Closed'" value="Active[Issue opened by FortifyBugTrackerUtility]" />

        </map></property>
        <property name="transitionsForClosingIssue"><map>           
            <entry key="fields.get('System.WorkItemType') matches 'Bug' and fields.get('System.State') matches 'New'" value="Closed[Issue closed by FortifyBugTrackerUtility]" />
            <entry key="fields.get('System.WorkItemType') matches 'Bug' and fields.get('System.State') matches 'Open'" value="Closed[Issue closed by FortifyBugTrackerUtility]" />
            <entry key="fields.get('System.WorkItemType') matches 'Bug' and fields.get('System.State') matches 'Active'" value="Closed[Issue closed by FortifyBugTrackerUtility]" />
            <entry key="fields.get('System.WorkItemType') matches 'Bug' and fields.get('System.State') matches 'In Progress'" value="Closed[Issue closed by FortifyBugTrackerUtility]" />

</map></property>
rsenden commented 3 years ago

Thanks for figuring this out, I'll try to include this in a next version of the utility/documentation.

Instead of fields.get('System.WorkItemType'), maybe it is also possible to use something like fields[System.WorkItemType]. This would be a little easier to read; please let me know the results if you have a chance to test this alternative approach.

rsenden commented 3 years ago

A new 4.2-beta pre-release has been posted, which contains major updates related to Azure DevOps support. Most of the information in this thread is now obsolete. Please open a new issue if you encounter any problems with the new beta version.