Skip to content

USHIFT-6692: Update jira to atlassian #6359

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
openshift-merge-bot merged 1 commit into from
Mar 16, 2026
Merged

USHIFT-6692: Update jira to atlassian #6359

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions scripts/advisory_publication/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ This script will generate a report with advisories, CVEs and jira tickets releva

1. **Switch to the 4.19 branch** to use the advisory publication script
2. Run: `sh advisory_publication_report.sh <ocp_release_version>` to check for rpm advisories.
3. User will need to export both `GITLAB_API_TOKEN` and `JIRA_API_TOKEN` environment variables.
3. User will need to export `GITLAB_API_TOKEN`, `ATLASSIAN_API_TOKEN`, and `ATLASSIAN_EMAIL` environment variables.
4. A warning already appears when running `advisory_publication_report.sh` script from 4.20 and above branches to run `advisory_publication_report.sh` from 4.19 branches for rpm advisories

### Steps
Expand All @@ -29,13 +29,13 @@ This script will generate a report with advisories, CVEs and jira tickets releva

### Jira API token

Visit [the Profile page on the Jira
Server](https://issues.redhat.com/secure/ViewProfile.jspa?selectedTab=com.atlassian.pats.pats-plugin:jira-user-personal-access-tokens) and create a token.
Visit [the Atlassian API tokens page](https://id.atlassian.com/manage-profile/security/api-tokens) and create a token.

Set the `JIRA_API_TOKEN` in your env:
Set the `ATLASSIAN_API_TOKEN` and `ATLASSIAN_EMAIL` in your env:

```
export JIRA_API_TOKEN="TOKEN_VALUE"
export ATLASSIAN_API_TOKEN="TOKEN_VALUE"
export ATLASSIAN_EMAIL="your-email@redhat.com"
```

### GitLab API token
Expand Down
34 changes: 22 additions & 12 deletions scripts/advisory_publication/advisory_publication_report.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,9 @@
import jira
import jira.client

JIRA_URL = 'https://issues.redhat.com/'
JIRA_API_TOKEN = os.environ.get('JIRA_API_TOKEN')
ATLASSIAN_URL = 'https://redhat.atlassian.net'
ATLASSIAN_API_TOKEN = os.environ.get('ATLASSIAN_API_TOKEN')
ATLASSIAN_EMAIL = os.environ.get('ATLASSIAN_EMAIL')
GITLAB_API_TOKEN = os.environ.get('GITLAB_API_TOKEN')
GITLAB_BASE_URL = 'https://gitlab.cee.redhat.com'
GITLAB_PROJECT_ID = 'hybrid-platforms/art/ocp-shipment-data'
Expand All @@ -28,7 +29,8 @@ def usage():
OCP_VERSION: The OCP versions to analyse if MicroShift version should be published. Format: "4.X.Z"

environment variables:
JIRA_API_TOKEN: API token for Jira access
ATLASSIAN_API_TOKEN: API token for Atlassian Cloud access
ATLASSIAN_EMAIL: Email address for Atlassian Cloud authentication
GITLAB_API_TOKEN: API token for GitLab access\
""")

Expand Down Expand Up @@ -207,18 +209,23 @@ def get_advisories(ocp_version: str) -> dict[str, str]:
return advisories_found


def search_microshift_tickets(affects_version: str, cve_id: str) -> jira.client.ResultList:
def get_jira_server() -> jira.JIRA:
"""Create and return a JIRA client connection for Atlassian Cloud."""
return jira.JIRA(server=ATLASSIAN_URL, basic_auth=(ATLASSIAN_EMAIL, ATLASSIAN_API_TOKEN))


def search_microshift_tickets(server: jira.JIRA, affects_version: str, cve_id: str) -> jira.client.ResultList:
"""
Query Jira for MicroShift ticket with CVE id and MicroShift version.

Parameters:
server (jira.JIRA): authenticated JIRA client
affects_version (str): MicroShift affected version with format: "X.Y"
cve_id (str): the CVE id with format: "CVE-YYYY-NNNNN"

Returns:
jira.client.ResultList: a list with all the Jira tickets matching the query
"""
server = jira.JIRA(server=JIRA_URL, token_auth=JIRA_API_TOKEN)
jira_tickets = server.search_issues(f'''
summary ~ "{cve_id}" and component = MicroShift and (affectedVersion = {affects_version} or affectedVersion = {affects_version}.z)
''')
Expand All @@ -240,6 +247,7 @@ def get_report(ocp_version: str) -> dict[str, dict]:
"""
result_json = {}
advisories = get_advisories(ocp_version)
server = get_jira_server()
for advisory_type, advisory_data in advisories.items():
advisory_name = advisory_data['name']
cve_list = advisory_data['cves']
Expand All @@ -249,7 +257,7 @@ def get_report(ocp_version: str) -> dict[str, dict]:
}

for cve in cve_list:
jira_tickets = search_microshift_tickets(".".join(ocp_version.split(".")[:2]), cve)
jira_tickets = search_microshift_tickets(server, ".".join(ocp_version.split(".")[:2]), cve)
advisory_dict['cves'][cve] = {}
if jira_tickets:
for ticket in jira_tickets:
Expand All @@ -270,12 +278,14 @@ def main():
usage()
raise ValueError('Invalid number of arguments')

if JIRA_API_TOKEN is None or GITLAB_API_TOKEN is None:
missing_tokens = []
if JIRA_API_TOKEN is None:
missing_tokens.append('JIRA_API_TOKEN')
if GITLAB_API_TOKEN is None:
missing_tokens.append('GITLAB_API_TOKEN')
missing_tokens = []
if not ATLASSIAN_API_TOKEN or not ATLASSIAN_API_TOKEN.strip():
missing_tokens.append('ATLASSIAN_API_TOKEN')
if not ATLASSIAN_EMAIL or not ATLASSIAN_EMAIL.strip():
missing_tokens.append('ATLASSIAN_EMAIL')
if not GITLAB_API_TOKEN or not GITLAB_API_TOKEN.strip():
missing_tokens.append('GITLAB_API_TOKEN')
if missing_tokens:
raise ValueError(f"Missing required environment variables: {', '.join(missing_tokens)}")

ocp_version = str(sys.argv[1])
Expand Down