I have created an engagement and uploaded a Trivy scan (trivy config) and a Coverity scan (to compare scanners).
Steps to reproduce
Steps to reproduce the behavior:
-
Create Engagement
-
Upload Trivy or Coverity scan via "Import Scan Results" inside the engagement
-
Edit a defect
3a. Set to "Active" and "Verified"
3b. Set "Push to Jira" (We are not pushing all findings for the engagement automatically)
-
Jira bug (and epic) are created as expected
-
Close the defect in Dojo with comment
-
Jira bug is closed as expected with comment and Dojo sets the defect to "Inactive, Mitigated"
However, something is causing the defect in Dojo to reopen and go back to "Active, Verified".
There are no other engagements within the Product. So, I don't think it is the dedupe process.
This same workflow on a non-Jira linked defect works as expected. The defect remains as "Inactive, Mitigated".
I looked for Jira related events in the logs. The following event may be helpful:
"Unrecognized JIRA webhook event received: issuelink_created"
My current thought is that maybe Dojo is reopening the bug as the callback from Jira looks to be unsuccessful here?
Any suggestions where to look? Happy to provide more details... just unsure what else to look for.
Expected behavior
The defect in Dojo should remain in the "Inactive, Mitigated" state.
Deployment method (select with an X)
Environment information
- Operating System: [e.g. Ubuntu 18.04]
- DefectDojo version (see footer) or commit message: [use
git show -s --format="[%ci] %h: %s [%d]"]: 2.31.1
Additional Context
Maybe this is related to #9512, API changes, or my version of Jira?
I have created an engagement and uploaded a Trivy scan (
trivy config) and a Coverity scan (to compare scanners).Steps to reproduce
Steps to reproduce the behavior:
Create Engagement
Upload Trivy or Coverity scan via "Import Scan Results" inside the engagement
Edit a defect
3a. Set to "Active" and "Verified"
3b. Set "Push to Jira" (We are not pushing all findings for the engagement automatically)
Jira bug (and epic) are created as expected
Close the defect in Dojo with comment
Jira bug is closed as expected with comment and Dojo sets the defect to "Inactive, Mitigated"
However, something is causing the defect in Dojo to reopen and go back to "Active, Verified".
There are no other engagements within the Product. So, I don't think it is the dedupe process.
This same workflow on a non-Jira linked defect works as expected. The defect remains as "Inactive, Mitigated".
I looked for Jira related events in the logs. The following event may be helpful:
"Unrecognized JIRA webhook event received: issuelink_created"
My current thought is that maybe Dojo is reopening the bug as the callback from Jira looks to be unsuccessful here?
Any suggestions where to look? Happy to provide more details... just unsure what else to look for.
Expected behavior
The defect in Dojo should remain in the "Inactive, Mitigated" state.
Deployment method (select with an
X)Environment information
git show -s --format="[%ci] %h: %s [%d]"]: 2.31.1Additional Context
Maybe this is related to #9512, API changes, or my version of Jira?