Converts security scan results into JSON which can then be imported into Jira as tickets.
Currently works with the following scan types:
- AQUA (-aqua.csv)
- Trivy (-trivy.sarif)
- Anchore (-anchore.sarif)
Create a scans directory at project root and place scan result files in that directory, or rename sample-scans directory to scans to run with sample data. Files must end with the appropriate file name and extension shown in parenthesis in the list above in order to be processed by this script.
Feel free to modify the script as you see fit to include any details from your scans into the final output file.
- Scan results placed in a
scansdirectory at project root with appropriate file names (see Usage section above) - Python 3 installed
Once the scans are placed in the directory simply run using python3 security-scan-jira-script.py. The scipt will output a .json file to the project root.
- Jira JSON Documentation : How to import JSON files into JIRA. Also includes information on valid JSON structure and fields.
- Note:
summaryis the only mandatory field forissues. All others are optional.
- Note: