The Veracode Integration for Jira can map custom fields in the application profile in the Veracode Platform to standard or custom fields in a Jira ticket.
When you map Veracode-supplied fields to Jira fields, the process overrides any default values in the Jira issue. If the values in the Veracode fields are invalid, the default Jira value or an empty value takes its place and the finding import process continues, uninterrupted.
The following table lists the standard Jira fields you can map to the Veracode custom fields.
|Standard Jira Field||Notes|
|Assignee||If you create a mapping for Assignee, but do not provide a value in the appropriate Veracode custom field, the plugin uses the project assignee defined on the Jira configuration page.|
The plugin validates this value against component values defined on the Jira configuration page. Use the following format:
For example, subproject1:group1a:joeB:2.
|Description||A value appended to the description value from the detailed report.|
|Issue Type||If there is no mapping for this field, the plugin uses the issue type set in the on the Jira configuration page.|
|Labels||Separate the labels by commas. The plugin removes any spaces between labels and concatenates any strings. These labels are added to any labels, such as CWE, that are specified by the Labels settings on the Veracode Integration Administration page.|
|Original Estimate||The original estimate of the work required to resolve this issue. To map this field, you must have Time Tracking configured on the Jira screen.|
|Reporter||If there is no mapping for this field, the plugin uses the reporter the on the Jira configuration page.|
|Time Spent||This value is calculated based on the Time Tracking setting in Jira. You can set the default unit to Minute, Hour, Day, or Week, and the input long value is converted to the default unit. To map this field, you must have Log Work configured on the Jira configuration page.|
You define Jira custom fields by various categories including type using the Jira Administration menu: Veracode Platform fields, the only field definitions that are allowed on the Custom Field page are Select List (single choice), Text Field (single line), or Text Field (muti-line).. If you want to map Jira custom fields to
The Veracode Platform categories of default Jira fields are as follows:
- Common Fields
- Information pertaining to a particular Veracode application and also applicable to static analysis and SCA findings
- Static Fields
- Details for static analysis, dynamic analysis, and manual penetration test scan results
- SCA Components
- Security findings details for SCA component
- SCA Vulnerabilities
- Security findings details for SCA vulnerabilities
The Veracode Platform Jira fields also include the following custom fields:
- Custom 1 – Custom 10
The following image shows the Veracode Platform Jira fields.