feat(labels): added ability to add labels (#56)

* feat(labels): added ability to add labels * feat(labels): added ability to add labels * feat(labels): added ability to add labels * feat(labels): added ability to add labels
Enterprise-CMCS · Oct 2, 2024 · 9d670ab · 9d670ab
1 parent 5f916c5
commit 9d670ab
Show file tree

Hide file tree

Showing 8 changed files with 40 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -6,9 +6,9 @@
 
 2. Creates Jira issues for findings that do not already have a Jira issue
 
-- To avoid creating duplicate issues, the search criteria use the custom label configuration as well as default configuration for three identifying search labels: region, AWS account ID, and "security-hub."
+- **To avoid creating duplicate issues**, the search criteria use the custom label configuration as well as default configuration for three identifying search labels: region, AWS account ID, and "security-hub."
 
-- each Security Hub Finding type (by title) is represented as a single issue, e.g. if there are three resources that have violated the 'S3.8' rule there will be a single S3.8 Jira issue created
+- Each Security Hub Finding type (by title) is represented as a single issue, e.g. if there are three resources that have violated the 'S3.8' rule there will be a single S3.8 Jira issue created
 
 3. Closes existing Jira issues in the target project if their underlying findings are no longer active
 
@@ -269,6 +269,14 @@ Execute a sync but only log API calls to Jira which would create/modify Jira Iss
 
 **Description:** Comma separated list of User Emails for Atlassion Jira or User EUA IDs for Enterprise Jira.
 
+### `jira-watchers`
+
+**Required: No**
+
+**Default Value: ''**
+
+**Description:** Comma separated list of Labels to be added on newly created issues.
+
 ## Local Testing
 
 See test-infrastructure/jira-container/README.md for instructions on how to run against local Jira container
diff --git a/action.yml b/action.yml
@@ -34,6 +34,9 @@ inputs:
     description: 'Comma separated list of Emails for Atlassion Jira and User EUA IDs for Enterprise Jira '
     required: false
     default: ''
+  jira-add-labels:
+    description: 'Comma separated list of labels to add in newly created tickets'
+    default: ''
 # AWS
   aws-region:
     description: 'Target AWS region for Security Hub findings'

diff --git a/dist/index.js b/dist/index.js
diff --git a/dist/libs/jira-lib.d.ts b/dist/libs/jira-lib.d.ts
diff --git a/dist/macfc-security-hub-sync.d.ts b/dist/macfc-security-hub-sync.d.ts
diff --git a/src/index.ts b/src/index.ts
@@ -146,6 +146,11 @@ async function run(): Promise<void> {
         'Done, Closed, Resolved'
       ),
       jiraWatchers: getDefaultInputOrEnv('jira-watchers', 'JIRA_WATCHERS', ''),
+      jiraAddLabels: getDefaultInputOrEnv(
+        'jira-add-labels',
+        'JIRA_ADD_LABELS',
+        ''
+      ),
       jiraAssignee: getInputOrEnv('jira-assignee', 'JIRA_ASSIGNEE'),
       transitionMap: transitionMap,
       dryRun: getInputOrEnvAndConvertToBool('dry-run', 'DRY_RUN', false),

diff --git a/src/libs/jira-lib.ts b/src/libs/jira-lib.ts
@@ -13,6 +13,7 @@ export interface JiraConfig {
   jiraIgnoreStatuses: string
   jiraAssignee?: string
   jiraWatchers?: string
+  jiraAddLabels?: string
   transitionMap: Array<{status: string; transition: string}>
   dryRun: boolean
   jiraLinkId?: string
@@ -371,7 +372,7 @@ export class Jira {
         .map(label => Jira.formatLabelQuery(label))
         .join(' AND ')
       if (searchQuery) {
-        finalLabelQuery = `(${finalLabelQuery}) OR (${searchQuery})`
+        finalLabelQuery = `((${finalLabelQuery}) OR (${searchQuery}))`
       }
     }
     const projectQuery = `project = '${this.jiraProject}'`

diff --git a/src/macfc-security-hub-sync.ts b/src/macfc-security-hub-sync.ts
@@ -43,6 +43,7 @@ export class SecurityHubJiraSync {
   private jiraLinkType?: string
   private jiraLinkDirection?: string
   private jiraLabelsConfig?: LabelConfig[]
+  private jiraAddLabels?: string[]
   constructor(
     jiraConfig: JiraConfig,
     securityHubConfig: SecurityHubJiraSyncConfig,
@@ -58,6 +59,9 @@ export class SecurityHubJiraSync {
     this.jiraLinkId = jiraConfig.jiraLinkId
     this.jiraLinkType = jiraConfig.jiraLinkType
     this.jiraLinkDirection = jiraConfig.jiraLinkDirection
+    this.jiraAddLabels = jiraConfig.jiraAddLabels
+      ?.split(',')
+      .map(label => label.trim())
     if (jiraConfig.jiraLabelsConfig) {
       this.jiraLabelsConfig = JSON.parse(jiraConfig.jiraLabelsConfig)
     }
@@ -418,6 +422,10 @@ export class SecurityHubJiraSync {
         console.log('Invalid labels config - going with default labels')
       }
     }
+    if (this.jiraAddLabels) {
+      const prevLabels = newIssueData.fields.labels ?? []
+      newIssueData.fields.labels = [...prevLabels, ...this.jiraAddLabels]
+    }
     let newIssueInfo
     try {
       newIssueInfo = await this.jira.createNewIssue(newIssueData)