DefectDojo
Add team-managed Jira projects
I'm currently unable to create Jira issues in team-managed (formerly next-gen) Jira projects. This limitation prevents me from seamlessly integrating my findings into our usual issue-tracking process. As a result, I have to rely on manual workarounds or separate project configurations, which is inefficient and increases the risk of missing important updates or tasks.
Describe the solution you'd like A clear and concise description of what you want to happen.
As a security analyst, I want to create issues directly in our team-managed Jira projects so that all vulnerabilities are tracked in one streamlined workflow, reducing manual overhead and minimizing the risk of missed updates.
Describe alternatives you've considered A clear and concise description of any alternative solutions or features you have considered.
I initially tried setting up Jira as a company-managed project, but this approach presented compliance obstacles because I’m unable to create or modify fields at will. Consequently, I looked into using a team-managed Jira project instead, which would give me the flexibility I need while ensuring I’m not interfering with the organization's established processes and policies.
Thanks.
similar to #5179 #7360
can you let us know what errors you are seeing?
hey @valentijnscholten thanks for the review.
the error i see is:
If i save the product-settings:
Could you check the errors from the logs? If you're running the docker compose setup, you can view them with docker compose logs or tail them with docker compose logs -f. We know that next gen projects are slightly different, but it's good to have some real world error messages to get a feel for what's wrong.
Hey sry for the delayed answer. here are the logs for saving the product, but the error message is the same. How can I increase the log level? maybe that would show some more information?!
wsgi-1 | [pid: 1|app: -|req: -/-] 24.134.49.93 (admin) {60 vars in 1526 bytes} [Fri Jan 10 07:11:47 2025] GET /product/2 => generated 97621 bytes in 562 msecs (HTTP/1.1 200) 8 headers in 377 bytes (1 switches on core 1) nginx-1 | 24.134.49.93 - - [10/Jan/2025:07:11:47 +0000] "GET /product/2 HTTP/1.1" 200 13569 "https://<url>/product" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "-" uwsgi-1 | [pid: 31|app: -|req: -/-] 24.134.49.93 (admin) {60 vars in 1538 bytes} [Fri Jan 10 07:11:50 2025] GET /product/2/edit => generated 103727 bytes in 199 msecs (HTTP/1.1 200) 8 headers in 378 bytes (1 switches on core 0) nginx-1 | 24.134.49.93 - - [10/Jan/2025:07:11:50 +0000] "GET /product/2/edit HTTP/1.1" 200 14132 "https://<url>/product/2" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "-" uwsgi-1 | [pid: 31|app: -|req: -/-] 24.134.49.93 (admin) {58 vars in 1379 bytes} [Fri Jan 10 07:12:00 2025] GET /alerts/count => generated 14 bytes in 34 msecs (HTTP/1.1 200) 7 headers in 212 bytes (1 switches on core 1) nginx-1 | 24.134.49.93 - - [10/Jan/2025:07:12:00 +0000] "GET /alerts/count HTTP/1.1" 200 14 "https://<url>/product/2/edit" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "-" nginx-1 | 24.134.49.93 - - [10/Jan/2025:07:12:10 +0000] "GET /alerts/count HTTP/1.1" 200 14 "https://<url>/product/2/edit" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "-" uwsgi-1 | [pid: 1|app: -|req: -/-] 24.134.49.93 (admin) {58 vars in 1379 bytes} [Fri Jan 10 07:12:10 2025] GET /alerts/count => generated 14 bytes in 33 msecs (HTTP/1.1 200) 7 headers in 212 bytes (1 switches on core 0)
uwsgi-1 | [10/Jan/2025 07:12:13] WARNING [dojo.jira_link.helper:1162] Failed retrieving field metadata from Jira version: (1001, 0, 0), project: SEC, issue type: Epic. Project misconfigured or no permissions in Jira ?
uwsgi-1 | [pid: 1|app: -|req: -/-] 24.134.49.93 (admin) {68 vars in 1739 bytes} [Fri Jan 10 07:12:11 2025] POST /product/2/edit => generated 105447 bytes in 1236 msecs (HTTP/1.1 200) 8 headers in 378 bytes (1 switches on core 1) nginx-1 | 24.134.49.93 - - [10/Jan/2025:07:12:13 +0000] "POST /product/2/edit HTTP/1.1" 200 14420 "https://<url>/product/2/edit" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "-"
Hi @chrischan753 , the best way to get more detailed Jira logs is to add the following lines to local_settings.py :
LOGGING['loggers']['root'] = {'handlers': ['console'], 'level': 'DEBUG'} LOGGING['loggers']['dojo']['level'] = 'DEBUG' LOGGING['loggers']['dojo.specific-loggers.deduplication']['level'] = 'DEBUG'
You'll need to restart the server before the logs will work. Not sure if every line here is necessary but this is my go-to for debugging Jira integration errors.
Another option is to run the containers in dev mode: https://github.com/DefectDojo/django-DefectDojo/blob/master/readme-docs/DOCKER.md#run-with-docker-compose-in-development-mode-with-hot-reloading
Hey @paulOsinski , @valentijnscholten .
here some logs for trying to add a team.managed jira:
uwsgi-1 | [10/Feb/2025 13:24:06] DEBUG [dojo.jira_link.helper:1533] request.POST: <QueryDict: {'csrfmiddlewaretoken': ['KhXfllv1LmEpeKmkNGzXVCPRfIBR22IRc0W'], 'name': ['TEST'], 'description': ['OrderHub TEST'], 'tags': ['bb, oh'], 'product_manager': ['6'], 'technical_contact': ['3'], 'team_manager': [''], 'prod_type': ['2'], 'sla_configuration': ['1'], 'business_criticality': ['high'], 'platform': ['web'], 'lifecycle': ['construction'], 'origin': ['contractor'], 'user_records': [''], 'revenue': [''], 'external_audience': ['on'], 'enable_product_tag_inheritance': ['on'], 'internet_accessible': ['on'], 'enable_simple_risk_acceptance': ['on'], 'enable_full_risk_acceptance': ['on'], 'jira-project-form-jira_instance': ['5'], 'jira-project-form-project_key': ['SEC'], 'jira-project-form-issue_template_dir': ['issue-trackers/jira_full'], 'jira-project-form-epic_issue_type_name': ['Task'], 'jira-project-form-component': [''], 'jira-project-form-custom_fields': [''], 'jira-project-form-jira_labels': [''], 'jira-project-form-default_assignee': [''], 'jira-project-form-enabled': ['on']}> uwsgi-1 | [10/Feb/2025 13:24:06] DEBUG [dojo.forms:2974] validating jira project form uwsgi-1 | [10/Feb/2025 13:24:06] DEBUG [dojo.forms:2977] clean: inherit: False uwsgi-1 | [10/Feb/2025 13:24:06] DEBUG [dojo.jira_link.helper:248] found jira_instance Sec | https://test.atlassian.net | [email protected] for None: SEC (https://test.atlassian.net) uwsgi-1 | [10/Feb/2025 13:24:06] DEBUG [urllib3.connectionpool:1019] Starting new HTTPS connection (1): test.atlassian.net:443 uwsgi-1 | [10/Feb/2025 13:24:07] DEBUG [urllib3.connectionpool:474] https://test.atlassian.net:443 "GET /rest/api/2/serverInfo HTTP/1.1" 200 None uwsgi-1 | [10/Feb/2025 13:24:07] DEBUG [dojo.jira_link.helper:408] logged in to JIRA https://test.atlassian.net successfully uwsgi-1 | [10/Feb/2025 13:24:07] DEBUG [urllib3.connectionpool:474] https://test.atlassian.net:443 "GET /rest/api/2/issue/createmeta?projectKeys=SEC&issuetypeNames=Task&expand=projects.issuetypes.fields HTTP/1.1" 200 None uwsgi-1 | [10/Feb/2025 13:24:07] WARNING [dojo.jira_link.helper:1163] Failed retrieving field metadata from Jira version: (1001, 0, 0), project: SEC, issue type: Task. Project misconfigured or no permissions in Jira ? uwsgi-1 | [10/Feb/2025 13:24:07] DEBUG [dojo.jira_link.helper:1177] invalid JIRA Project Config, can't retrieve metadata for 'None: SEC (https://test.atlassian.net)' uwsgi-1 | [10/Feb/2025 13:24:07] DEBUG [dojo.jira_link.helper:1567] unable to retrieve jira project from jira instance, invalid?!
i tried the request /rest/api/2/issue/createmeta?projectKeys=SEC&issuetypeNames=Task&expand=projects.issuetypes.fields manual. The response is:
{"expand":"projects","projects":[{"expand":"issuetypes","self":"https://test.atlassian.net/rest/api/3/project/10443","id":"10443","key":"SEC","name":"Security","avatarUrls":{"48x48":"https://test.atlassian.net/rest/api/3/universal_avatar/view/type/project/avatar/10400","24x24":"https://test.atlassian.net/rest/api/3/universal_avatar/view/type/project/avatar/10400?size=small","16x16":"https://test.atlassian.net/rest/api/3/universal_avatar/view/type/project/avatar/10400?size=xsmall","32x32":"https://test.atlassian.net/rest/api/3/universal_avatar/view/type/project/avatar/10400?size=medium"},"issuetypes":[{"self":"https://test.atlassian.net/rest/api/3/issuetype/10197","id":"10197","description":"Tasks verfolgen ein kleines, bestimmtes Stück Arbeit nach.","iconUrl":"https://test.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","untranslatedName":"Task","subtask":false,"hierarchyLevel":0,"scope":{"type":"PROJECT","project":{"id":"10443"}},"expand":"fields","fields":{"summary":{"required":true,"schema":{"type":"string","system":"summary"},"name":"Zusammenfassung","key":"summary","hasDefaultValue":false,"operations":["set"]},"issuetype":{"required":false,"schema":{"type":"issuetype","system":"issuetype"},"name":"Vorgangstyp","key":"issuetype","hasDefaultValue":false,"operations":[],"allowedValues":[{"self":"https://test.atlassian.net/rest/api/3/issuetype/10197","id":"10197","description":"Tasks verfolgen ein kleines, bestimmtes Stück Arbeit nach.","iconUrl":"https://test.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"entityId":"176d8404-ef6d-452c-8fd2-082553b27120","hierarchyLevel":0}]},"issuerestriction":{"required":false,"schema":{"type":"issuerestriction","system":"issuerestriction"},"name":"Beschränken auf","key":"issuerestriction","hasDefaultValue":false,"operations":["set"],"allowedValues":[]},"parent":{"required":false,"schema":{"type":"issuelink","system":"parent"},"name":"Übergeordnet","key":"parent","hasDefaultValue":false,"operations":["set"]},"description":{"required":false,"schema":{"type":"string","system":"description"},"name":"Beschreibung","key":"description","hasDefaultValue":false,"operations":["set"]},"customfield_10020":{"required":false,"schema":{"type":"array","items":"json","custom":"com.pyxis.greenhopper.jira:gh-sprint","customId":10020},"name":"Sprint","key":"customfield_10020","hasDefaultValue":false,"operations":["set"]},"project":{"required":true,"schema":{"type":"project","system":"project"},"name":"Projekt","key":"project","hasDefaultValue":false,"operations":["set"],"allowedValues":[{"self":"https://test.atlassian.net/rest/api/3/project/10443","id":"10443","key":"SEC","name":"Security","projectTypeKey":"software","simplified":true,"avatarUrls":{"48x48":"https://test.atlassian.net/rest/api/3/universal_avatar/view/type/project/avatar/10400","24x24":"https://test.atlassian.net/rest/api/3/universal_avatar/view/type/project/avatar/10400?size=small","16x16":"https://test.atlassian.net/rest/api/3/universal_avatar/view/type/project/avatar/10400?size=xsmall","32x32":"https://test.atlassian.net/rest/api/3/universal_avatar/view/type/project/avatar/10400?size=medium"}}]},"customfield_10021":{"required":false,"schema":{"type":"array","items":"option","custom":"com.atlassian.jira.plugin.system.customfieldtypes:multicheckboxes","customId":10021},"name":"Flagged","key":"customfield_10021","hasDefaultValue":false,"operations":["add","set","remove"],"allowedValues":[{"self":"https://test.atlassian.net/rest/api/3/customFieldOption/10019","value":"Impediment","id":"10019"},{"self":"https://test.atlassian.net/rest/api/3/customFieldOption/10441","value":"Hindernis","id":"10441"}]},"reporter":{"required":true,"schema":{"type":"user","system":"reporter"},"name":"Autor","key":"reporter","autoCompleteUrl":"https://test.atlassian.net/rest/api/3/user/recommend?context=Reporter&issueKey=","hasDefaultValue":true,"operations":["set"]},"customfield_10000":{"required":false,"schema":{"type":"any","custom":"com.atlassian.jira.plugins.jira-development-integration-plugin:devsummarycf","customId":10000},"name":"development","key":"customfield_10000","hasDefaultValue":false,"operations":["set"]},"customfield_10001":{"required":false,"schema":{"type":"team","custom":"com.atlassian.jira.plugin.system.customfieldtypes:atlassian-team","customId":10001,"configuration":{"com.atlassian.jira.plugin.system.customfieldtypes:atlassian-team":true}},"name":"Team","key":"customfield_10001","autoCompleteUrl":"https://test.atlassian.net/gateway/api/v1/recommendations","hasDefaultValue":false,"operations":["set"]},"priority":{"required":false,"schema":{"type":"priority","system":"priority"},"name":"Priorität","key":"priority","hasDefaultValue":true,"operations":["set"],"allowedValues":[{"self":"https://test.atlassian.net/rest/api/3/priority/10000","iconUrl":"https://test.atlassian.net/rest/api/3/universal_avatar/view/type/priority/avatar/10631?size=medium","avatarId":10631,"name":"BLOCKER","id":"10000"},{"self":"https://test.atlassian.net/rest/api/3/priority/1","iconUrl":"https://test.atlassian.net/images/icons/priorities/highest.svg","name":"Highest","id":"1"},{"self":"https://test.atlassian.net/rest/api/3/priority/2","iconUrl":"https://test.atlassian.net/images/icons/priorities/high.svg","name":"High","id":"2"},{"self":"https://test.atlassian.net/rest/api/3/priority/3","iconUrl":"https://test.atlassian.net/images/icons/priorities/medium.svg","name":"Medium","id":"3"},{"self":"https://test.atlassian.net/rest/api/3/priority/4","iconUrl":"https://test.atlassian.net/images/icons/priorities/low.svg","name":"Low","id":"4"},{"self":"https://test.atlassian.net/rest/api/3/priority/5","iconUrl":"https://test.atlassian.net/images/icons/priorities/lowest.svg","name":"Lowest","id":"5"}],"defaultValue":{"self":"https://test.atlassian.net/rest/api/3/priority/3","iconUrl":"https://test.atlassian.net/images/icons/priorities/medium.svg","name":"Medium","id":"3"}},"customfield_10585":{"required":false,"schema":{"type":"string","custom":"com.atlassian.jira.plugin.system.customfieldtypes:url","customId":10585},"name":"Link DD","key":"customfield_10585","hasDefaultValue":false,"operations":["set"]},"customfield_10586":{"required":false,"schema":{"type":"option","custom":"com.atlassian.jira.plugin.system.customfieldtypes:select","customId":10586},"name":"Team","key":"customfield_10586","hasDefaultValue":false,"operations":["set"],"allowedValues":[{"self":"https://test.atlassian.net/rest/api/3/customFieldOption/10891","value":"WL","id":"10891"},{"self":"https://test.atlassian.net/rest/api/3/customFieldOption/10892","value":"HF","id":"10892"},{"self":"https://test.atlassian.net/rest/api/3/customFieldOption/10893","value":"FE","id":"10893"}]},"labels":{"required":false,"schema":{"type":"array","items":"string","system":"labels"},"name":"Stichwort","key":"labels","autoCompleteUrl":"https://test.atlassian.net/rest/api/1.0/labels/suggest?query=","hasDefaultValue":false,"operations":["add","set","remove"]},"customfield_10015":{"required":false,"schema":{"type":"date","custom":"com.atlassian.jira.plugin.system.customfieldtypes:datepicker","customId":10015},"name":"Start date","key":"customfield_10015","hasDefaultValue":false,"operations":["set"]},"customfield_10016":{"required":false,"schema":{"type":"number","custom":"com.pyxis.greenhopper.jira:jsw-story-points","customId":10016},"name":"Story point estimate","key":"customfield_10016","hasDefaultValue":false,"operations":["set"]},"customfield_10019":{"required":false,"schema":{"type":"any","custom":"com.pyxis.greenhopper.jira:gh-lexo-rank","customId":10019},"name":"Rank","key":"customfield_10019","hasDefaultValue":false,"operations":["set"]},"attachment":{"required":false,"schema":{"type":"array","items":"attachment","system":"attachment"},"name":"Anhang","key":"attachment","hasDefaultValue":false,"operations":["set","copy"]},"duedate":{"required":false,"schema":{"type":"date","system":"duedate"},"name":"Fälligkeitsdatum","key":"duedate","hasDefaultValue":false,"operations":["set"]},"customfield_10618":{"required":true,"schema":{"type":"string","custom":"com.atlassian.jira.plugin.system.customfieldtypes:textfield","customId":10618},"name":"Service","key":"customfield_10618","hasDefaultValue":false,"operations":["set"]},"issuelinks":{"required":false,"schema":{"type":"array","items":"issuelinks","system":"issuelinks"},"name":"Verknüpfte Vorgänge","key":"issuelinks","autoCompleteUrl":"https://test.atlassian.net/rest/api/3/issue/picker?currentProjectId=&showSubTaskParent=true&showSubTasks=true¤tIssueKey=null&query=","hasDefaultValue":false,"operations":["add","copy"]},"assignee":{"required":false,"schema":{"type":"user","system":"assignee"},"name":"Zugewiesene Person","key":"assignee","autoCompleteUrl":"https://test.atlassian.net/rest/api/3/user/assignable/search?project=SEC&query=","hasDefaultValue":false,"operations":["set"]}}}]}]}
Is there nothing more in the logs? There should be more debug/warning/errors logs from this file: https://github.com/defectdojo/django-DefectDojo/blob/master/dojo/jira_link/helper.py
What version of Defect Dojo are you running?
In my case the jira integration worked when I clicked the "send to jira" button (it created a new jira issue in my next-gen team-managed project - had to create the "DefectDojo" issue type first in Jira of course). However the Epic engagement feature is not working for some reason.
