@enterprise-cmcs/macpro-security-hub-sync
Advanced tools
Comparing version 1.13.0 to 1.14.0
import { IssueObject } from "jira-client"; | ||
import { LabelConfig } from "macpro-security-hub-sync"; | ||
export declare class Jira { | ||
@@ -10,2 +11,3 @@ private readonly jira; | ||
private static formatLabelQuery; | ||
createSearchLabels(identifyingLabels: string[], config: LabelConfig[]): string[]; | ||
getAllSecurityHubIssuesInJiraProject(identifyingLabels: string[]): Promise<IssueObject[]>; | ||
@@ -12,0 +14,0 @@ getPriorityIdsInDescendingOrder(): Promise<string[]>; |
@@ -129,8 +129,39 @@ "use strict"; | ||
} | ||
createSearchLabels(identifyingLabels, config) { | ||
const labels = []; | ||
const fields = ["accountId", "region", "identify"]; | ||
const values = [...identifyingLabels, "security-hub"]; | ||
config.forEach(({ labelField: field, labelDelimiter: delim, labelPrefix: prefix }) => { | ||
const delimiter = delim ?? ""; | ||
const labelPrefix = prefix ?? ""; | ||
if (fields.includes(field)) { | ||
const index = fields.indexOf(field); | ||
if (index >= 0) { | ||
labels.push(`${labelPrefix}${delimiter}${values[index] | ||
?.trim() | ||
.replace(/ /g, "")}`); | ||
} | ||
} | ||
}); | ||
return labels; | ||
} | ||
async getAllSecurityHubIssuesInJiraProject(identifyingLabels) { | ||
const labelQueries = [...identifyingLabels, "security-hub"].map((label) => Jira.formatLabelQuery(label)); | ||
const labelQueries = [...identifyingLabels, "security-hub"] | ||
.map((label) => Jira.formatLabelQuery(label)) | ||
.join(" AND "); | ||
let finalLabelQuery = labelQueries; | ||
if (process.env.LABELS_CONFIG) { | ||
const config = JSON.parse(process.env.LABELS_CONFIG); | ||
const configLabels = this.createSearchLabels(identifyingLabels, config); | ||
const searchQuery = configLabels | ||
.map((label) => Jira.formatLabelQuery(label)) | ||
.join(" AND "); | ||
if (searchQuery) { | ||
finalLabelQuery = `(${finalLabelQuery}) OR (${searchQuery})`; | ||
} | ||
} | ||
const projectQuery = `project = '${process.env.JIRA_PROJECT}'`; | ||
const statusQuery = `status not in ('${this.jiraClosedStatuses.join("','" // wrap each closed status in single quotes | ||
)}')`; | ||
const fullQuery = [...labelQueries, projectQuery, statusQuery].join(" AND "); | ||
const fullQuery = [finalLabelQuery, projectQuery, statusQuery].join(" AND "); | ||
// We want to do everything possible to prevent matching tickets that we shouldn't | ||
@@ -137,0 +168,0 @@ if (!fullQuery.includes(Jira.formatLabelQuery("security-hub"))) { |
@@ -16,3 +16,3 @@ import { Resource, SecurityHubFinding } from "./libs"; | ||
} | ||
interface LabelConfig { | ||
export interface LabelConfig { | ||
labelField: string; | ||
@@ -19,0 +19,0 @@ labelPrefix?: string; |
@@ -7,3 +7,3 @@ { | ||
}, | ||
"version": "1.13.0", | ||
"version": "1.14.0", | ||
"description": "NPM module to create Jira issues for all findings in Security Hub for the current AWS account..", | ||
@@ -10,0 +10,0 @@ "main": "./dist/index.js", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
52552
947
34