annotations:
# ...
jira/project-key: <jira_project_key>
# ...
If you are using Jira, you can forward alerts from Red Hat Advanced Cluster Security for Kubernetes to Jira.
The following steps represent a high-level workflow for integrating Red Hat Advanced Cluster Security for Kubernetes with Jira:
Setup a user in Jira.
Use the Jira URL, username, and password to integrate Jira with Red Hat Advanced Cluster Security for Kubernetes.
Identify policies for which you want to send notifications, and update the notification settings for those policies.
Start by creating a new user, and assign appropriate roles and permissions.
You need a Jira account with permissions to create and edit issues in the project with which you are integrating.
Create a user in Jira which have access to the projects for which you want to create issues:
To create a new user, see the Jira documentation topic Create, edit, or remove a user.
To give users access to project roles and applications, see the Jira documentation topic Assign users to groups, project roles, and applications.
If you are using Jira Software Cloud, after you create the user, you must create a token for the user:
|
Create a new integration in Red Hat Advanced Cluster Security for Kubernetes by using the Jira server URL and user credentials.
In the RHACS portal, go to Platform Configuration → Integrations.
Scroll down to the Notifier Integrations section and select Jira Software.
Click New integration.
Enter a name for Integration name.
Enter the user credentials in the username and Password or API token fields.
For Issue type, enter a valid Jira Issue Type, for example Task, Sub-task, or Bug.
Enter the Jira server URL in the Jira URL field.
Enter the key of the project in which you want to create issues in the Default project field.
Optional: Use the Annotation key for project field to create issues in different Jira projects by completing the following steps. You can use annotations to dynamically create issues.
Add an annotation similar to the following example in your namespace or deployment YAML file, where jira/project-key
is the annotation key that you specify in your Jira integration. You can create an annotation for the deployment or the namespace.
annotations:
# ...
jira/project-key: <jira_project_key>
# ...
Use the annotation key jira/project-key
in the Annotation key for project field.
If you use custom priorities in your Jira project, use the Priority Mapping toggle to configure custom priorities.
If you use mandatory custom fields in your Jira project, enter them as JSON values in the Default Fields JSON field. For example:
{
"customfield_10004": 3,
"customfield_20005": "Alerts",
}
Select Test to test that the integration with Jira is working.
Select Create to generate the configuration.
You can configure Red Hat Advanced Cluster Security for Kubernetes to create issues in different Jira projects so that they directly go to the correct team. After completing the configuration, if a deployment has an annotation in the YAML file, RHACS creates issues in the project specified for that annotation. Otherwise, RHACS creates issues in the default project.
You must have an account with access to each project that you want to send the alerts to.
Add an annotation similar to the following example in your namespace or deployment YAML file:
annotations:
# ...
jira/project-key: <jira_project_key>
# ...
Use the annotation key jira/project-key
in the Annotation key for project field when you configure Red Hat Advanced Cluster Security for Kubernetes.
If you are using custom priorities in your Jira project, you can configure them in Red Hat Advanced Cluster Security for Kubernetes.
While configuring Jira integration in Red Hat Advanced Cluster Security for Kubernetes, turn on the Priority Mapping toggle. Red Hat Advanced Cluster Security for Kubernetes gets the JIRA project schema, and auto fills the values for the CRITICAL_SEVERITY, HIGH_SEVERITY, MEDIUM_SEVERITY, and LOW_SEVERITY fields.
Verify or update the priority values based on your JIRA project configuration.
Select Test to test that the integration with Jira is working.
Select Create to generate the configuration.
If you get an error, follow the instructions in the Troubleshooting Jira integration section. |
Enable alert notifications for system policies.
In the RHACS portal, go to Platform Configuration → Policy Management.
Select one or more policies for which you want to send alerts.
Under Bulk actions, select Enable notification.
In the Enable notification window, select the Jira notifier.
If you have not configured any other integrations, the system displays a message that no notifiers are configured. |
Click Enable.
|
If you are using custom priorities or mandatory custom fields in your Jira project, you may get an error when you try to integrate Red Hat Advanced Cluster Security for Kubernetes with Jira Software. This error might be because of the mismatch between the severity and the priority field values.
If you do not know the custom priority values in your JIRA project, use the roxctl
CLI to enable debug logging for JIRA integration.
To get the custom priority values from your JIRA project, run the following command to turn on debug logging for JIRA integration:
$ roxctl -e "$ROX_CENTRAL_ADDRESS" central debug log --level Debug --modules notifiers/jira
Follow the instructions to configure Red Hat Advanced Cluster Security for Kubernetes for Jira integration. When you test the integration, even if the integration test fails, the generated log includes your JIRA project schema and the custom priorities.
To save the debugging information as a compressed .zip
file, run the following command:
$ roxctl -e "$ROX_CENTRAL_ADDRESS" central debug dump
Unzip the .zip
file to retrieve the custom priority values in use in your JIRA project.
To turn off debug logging, run the following command:
$ roxctl -e "$ROX_CENTRAL_ADDRESS" central debug log --level Info
Configure Red Hat Advanced Cluster Security for Kubernetes for Jira integration again and use the priority values to configure custom priorities.