- Configuring Jira On-Premise
- Installing Ruby
- Accessing On-Prem Crowdcontrol Jira Integration Files
- Running Bundle Command
- Updating Configuration YAML File
- Running On-Prem Crowdcontrol Jira Integration
You must perform the following:
- Configure Jira On-Prem on your system
- Install Ruby
- Access On-Prem Crowdcontrol Jira integration files
- Run bundle command
- Update configuration YAML file
- Run On-Prem Crowdcontrol Jira integration
Clients must allow list the following IPs. The IPs are a cluster of proxies that provide high availability for outgoing integration requests.IPs:
- 52.1.126.10
- 52.86.183.27
- 52.86.229.29
Port:
- 443
The port may vary depending on your Jira configuration. The default port used for Jira is 443 SSL / TL. If you have any issues, send an email to support@bugcrowd.com.
Configuring Jira On-Premise
After installing Jira On-Prem on your system, you must configure and start the application. For more information, see Jira documentation.
Installing Ruby
Install Ruby 2.4 or later on your system.
Add an argument command to your profile. In case you are using the common ~/.bash_profile, then add the following:
echo 'eval "$(rbenv init -)"' >> ~/.bash_profile'
Accessing On-Prem Crowdcontrol Jira Integration Files
To access the On-Prem Crowdcontrol Jira Integration files, send an email to your account manager. After you get access, clone the files to your system.
Running Bundle Command
Run bundle
from the cloned repository.
All the bundle gems are installed.
Updating Configuration YAML File
The configuration YAML file (config.yml
) is required to integrate Crowdcontrol with Jira On-Prem. This file is available in the /config
subdirectory.
General Settings
Specify the following general settings:
- Update frequency: Time to wait (in seconds) between scraping all submissions and child objects before starting again from the top.
- Download directory: Location of the downloaded files. It can be a relative value or an absolute path.
Crowdcontrol values
Specify the following values for Crowdcontrol:
- Base URI: Base URL of Crowdcontrol.
-
Crowdcontrol bounty ID: Crowdcontrol bounty ID is the parent key. If you do not know the bounty ID, leave it blank within single quotes and run the
bin/start
command. The available bounties in Crowdcontrol will be displayed in the following format: (ProgramName => ID) Copy the required ID and paste it as the value for Crowdcontrol bounty ID. - Jira project ID: Jira project ID that must map to the bounty ID. To get the Jira project ID, in Jira hover your mouse on the project name to view the project ID. Usually, it is 10000 onwards.
- Priorities: Crowdcontrol IDs that must be mapped to Jira priority IDs.
- Issue Type: Issue type ID in Jira that must be used for all submissions.
- HTTP Authentication Header: Used for connecting to the Crowdcontrol API. Obtain this value from Crowdcontrol application.
- Submissions per page: Number of submissions to request and process at a time before calling the Crowdcontrol API again. If it is a very high value, the local memory usage may increase. If it is a very low value, may bombard Crowdcontrol API with requests.
- Submission Types: Submission with the specified states that must be pushed to Jira. For example, push submissions with Unresolved status to Jira.
- Timestamp format: Format of the ‘created_at’ timestamp in Crowdcontrol notes, which is mapped to the Note created at in Jira comment.
- Timeout: Set a timeout (in seconds) value for all Crowdcontrol API requests.
- VRT cache duration: Time (in seconds) required to locally cache (in RAM) the vulnerability rating names. This must be a higher value unless rating names update frequently.
Jira On-Prem values
Provide the following connection details for the Jira API client.
- Username: User name to log into Jira On-Prem.
- Password: Password associated with the user name.
- Site: Link where Jira On-Prem is hosted.
- Context Path: Jira installation location in the server. Usually, the path is not specified and it is blank.
- Use SSL: Set it to true if you want to use SSL authentication for connecting Jira to Crowdcontrol. Else, set it to false.
The Read Timeout, Authentication Type, and HTTP Debug values are hardcoded and must not be changed.
Sample config.yml File
The following code provides a sample configuration file.
#General settings for this script
general:
update_frequency: 10
downloads_directory: 'downloads'
#Crowd Control API credentials
crowd_control:
base_uri: 'https://api.bugcrowd.com/'
bounties:
'ce734644-3dc5-45c7-bbe2-9a6500aad1cd':
project_id: '10000'
priorities:
1: '1'
2: '2'
3: '3'
4: '4'
5: '5'
issuetype: '10002'
http_auth_header: 'onaxmjzzkr:grKdykxpXUEL0PnarY_lAwmyrljqHFJwyPsl4M49eaQVKYAJ-Us6-Wezf'
submissions_per_page: 100
submission_types:
- unresolved
timestamp_format: '%F %T'
timeout: 10
vrt_cache_duration: 86400
# Jira API credentials
jira:
username: user.one
password: userone_10
site: https://localhost:8080/
context_path: ''
read_timeout: 10
auth_type: :basic
use_ssl: false
http_debug: true
Running On-Prem Crowdcontrol Jira Integration
Run bin/start
from the cloned repository.
INFO Sync2Jira::SyncedObject: Connecting to local database
INFO Sync2Jira::CrowdControl: Fetching vulnerability ratings
INFO Sync2Jira::Synchronizers::Submission [ID 2]: Creating on Jira
The Jira tickets are created for each Crowdcontrol submission for a program. For example, if you have specified the issue type as Task in the config.yml file, then each submission will be created as Task in Jira.
For any issues with using On-Prem Crowdcontrol Jira Integration, send an email to support@bugcrowd.com.