The Veracode Integration for Jira can map custom fields in the application profile in the Veracode Platform to standard or custom fields in a Jira ticket.
When you map Veracode-supplied fields to Jira fields, the process overrides any default values in the Jira issue. If the values in the Veracode fields are invalid, the default Jira value or an empty value takes its place and the finding import process continues, uninterrupted.
The following table lists the standard Jira fields you can map to the Veracode custom fields.
|Standard Jira Field||Notes|
|Assignee||If you create a mapping for Assignee, but do not provide a value in the appropriate Veracode custom field, the plugin uses the project assignee defined on the Jira configuration page.|
|Component/s||The plugin validates this value against component values defined on the Jira configuration page. Use the following format:
For example, comp1:my_component:Mary:0
If you omit a part, enter a space after the colon. For example, comp1: : : . For the default assignee, which is 0 in the first example above, you enter one of these numeric values:
|Description||A value appended to the description value from the detailed report.
The Description (overwrite) option replaces the Description field in Jira with the value from the selected Veracode Platform field. If the selected Veracode Platform field is empty, the mapping erases the contents of the Description field in Jira.
|Issue Type||If there is no mapping for this field, the plugin uses the issue type set on the Jira configuration page.|
|Labels||Separate the labels with commas. The plugin removes any spaces between labels and concatenates any strings. The plugin adds the labels to any labels, such as CWE, that are specified with the Labels settings on the Veracode Integration Custom fields page.|
|Original Estimate||The original estimate of the work required to resolve this issue. To map this field, you must have Time Tracking configured on the screen.|
|Reporter||If there is no mapping for this field, the plugin uses the reporter the on the Jira configuration page.|
|Time Spent||This value is calculated based on the Time Tracking setting in Jira. You can set the default unit to Minute, Hour, Day, or Week, and the input long value is converted to the default unit. To map this field, you must have Log Work configured on the Jira configuration page.|
You select from various categories of issue criteria, such as field type, to create custom fields on the Jira Administration page: Veracode Platform fields, the only field definitions that are allowed on the Custom Field page are Select List (single choice), Text Field (single line), or Text Field (multi-line).. If you want to map Jira custom fields to
The Veracode Platform categories of default Jira fields are as follows:
- Common Fields
- Information pertaining to a specific Veracode application and also applicable to static analysis and SCA findings
- Static Fields
- Details for static analysis, dynamic analysis, and manual penetration test scan results
- SCA Components
- Security findings details for SCA components
- SCA Vulnerabilities
- Security findings details for SCA vulnerabilities
- Custom 1 – Custom 10
The following image shows the Veracode Platform Jira fields.