This document will detail the automation you need to build to have new vulnerabilities create Jira issues automatically.
These automation steps are performed in Jira, and as such, there is a possibility Atlassian may make changes, rendering this document outdated. This is outside of Snyk's control. However, this document will be reviewed periodically to ensure it is as accurate as possible.
This guide assumes you are utilizing Snyk Security in Jira Cloud Integration. Please configure this first before proceeding.
To create Jira's automatically when a new Vulnerability has been found
In Jira on your Project, go into Project Settings and then Automation
Click on the Create Rule button.
Click on Security and then on Vulnerabilities found
Choose the vulnerability severity that is relevant to you (you can select multiple), then hit Next
Next, add the THEN: Add an action component and select Create issue
From the Create issue step, if you select your Project and your issue type then set the Summary as Fix {{vulnerability.displayName}}
and enter this into the description field {{vulnerability.description.wiki}}
Lastly, add a new component, again choose THEN: Add an action
Choose Security and then Link vulnerability to issue
Leave the issue to link to vulnerability to the default of most recently created issue then hit Next
That's it, you finished setting it up. Now you can click on Turn on rule, give it a name, and then hit the Turn on rule button again, and that's it.
Now, whenever a new vulnerability is detected, a Jira issue will be opened automatically. Also, if you add a new Security Container, then any vulnerability in there will open a new Jira issue.