v1.8.8

.github/workflows/cd.yml

@@ -33,5 +33,3 @@ jobs:
         run: npm run release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SIEMBOT_JIRA_USER: ${{ secrets.SIEMBOT_JIRA_USER }}
-          SIEMBOT_JIRA_USER: ${{ secrets.SIEMBOT_JIRA_USER }}

.github/workflows/ci.yml

@@ -26,16 +26,10 @@ jobs:
         uses: ./
         with:
           token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
-          # microsoft_teams_webhook: ${{ secrets.MICROSOFT_TEAMS_WEBHOOK }}
-          # slack_webhook: ${{ secrets.SLACK_WEBHOOK }}
-          # pager_duty_integration_key: ${{ secrets.PAGER_DUTY_INTEGRATION_KEY }}
-          # zenduty_api_key: ${{ secrets.ZENDUTY_API_KEY }}
-          # zenduty_service_id: ${{ secrets.ZENDUTY_SERVICE_ID }}
-          # zenduty_escalation_policy_id: ${{ secrets.ZENDUTY_ESCALATION_POLICY_ID }}
+          siembot_jira_user: ${{ secrets.SIEMBOT_JIRA_USER }}
+          siembot_jira_pass: ${{ secrets.SIEMBOT_JIRA_PASS }}
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SIEMBOT_JIRA_USER: ${{ secrets.SIEMBOT_JIRA_USER }}
-          SIEMBOT_JIRA_PASS: ${{ secrets.SIEMBOT_JIRA_PASS }}
       - name: Install dependencies
         run: npm install
       - name: Build

src/fetch-alerts.ts

@@ -3,19 +3,19 @@ import { Repository } from '@octokit/graphql-schema'
 import { getOctokit } from '@actions/github'
 import JiraApi from 'jira-client'
 
-const jira = new JiraApi({
-  protocol: 'https',
-  host: 'wealthberry.atlassian.net',
-  username: process.env.SIEMBOT_JIRA_USER,
-  password: process.env.SIEMBOT_JIRA_PASS,
-  apiVersion: '2',
-  strictSSL: true,
-});
 
-console.log({  username: process.env.SIEMBOT_JIRA_USER,
-  password: process.env.SIEMBOT_JIRA_PASS})
+function registerIssue(summary: string, description: string, siembot_jira_user: string, siembot_jira_pass: string) {
+  console.log('jira credentials', siembot_jira_user, siembot_jira_pass);
+
+  const jira = new JiraApi({
+    protocol: 'https',
+    host: 'wealthberry.atlassian.net',
+    username: siembot_jira_user,
+    password: siembot_jira_pass,
+    apiVersion: '2',
+    strictSSL: true,
+  });
 
-function registerIssue(summary: string, description: string) {
   jira.searchJira('project = "WBP" AND statusCategory in ("To Do", "In Progress") AND summary ~ "' + summary + '" ORDER BY updated DESC')
     .then((data) => {
       if (data.issues && data.issues.length > 0) {
@@ -47,6 +47,8 @@ export const fetchAlerts = async (
   repositoryName: string,
   repositoryOwner: string,
   count: number,
+  siembot_jira_user: string,
+  siembot_jira_pass: string
 ): Promise<Alert[] | []> => {
   const octokit = getOctokit(gitHubPersonalAccessToken)
   const { repository } = await octokit.graphql<{
@@ -111,7 +113,9 @@ export const fetchAlerts = async (
       if (gitHubAlert && gitHubAlert.node && gitHubAlert.node.securityAdvisory) {
         registerIssue(
           "siem-bot-github-issue-" + gitHubAlert.node.securityAdvisory.id,
-          gitHubAlert.node.securityAdvisory.description + '\n\n' + JSON.stringify(gitHubAlert)
+          gitHubAlert.node.securityAdvisory.description + '\n\n' + JSON.stringify(gitHubAlert),
+          siembot_jira_user,
+          siembot_jira_pass
       );
         alerts.push(toAlert(gitHubAlert.node))
       }

src/main.ts

@@ -19,9 +19,13 @@ async function run(): Promise<void> {
     const zenDutyServiceId = getInput('zenduty_service_id')
     const zenDutyEscalationPolicyId = getInput('zenduty_escalation_policy_id')
     const count = parseInt(getInput('count'))
+
+    const siembot_jira_user = getInput('siembot_jira_user')
+    const siembot_jira_pass = getInput('siembot_jira_pass')
+
     const owner = context.repo.owner
     const repo = context.repo.repo
-    const alerts = await fetchAlerts(token, repo, owner, count)
+    const alerts = await fetchAlerts(token, repo, owner, count, siembot_jira_user, siembot_jira_pass)
     if (alerts.length > 0) {
       if (microsoftTeamsWebhookUrl) {
         await sendAlertsToMicrosoftTeams(microsoftTeamsWebhookUrl, alerts)