Integrations

Introduction

We provide several integrations to various tools to ease the use of our services in your workflow.

With the help of our integrations to issue/ticket systems your developers can easily be kept up-to-date about relevant vulnerabilities affecting your products and start dealing with them. Furthermore, thanks to integrations with different CI/build systems you will always know the security of your products at any given time. Lastly, with the help of our integrations to collaborations tools you can easily discuss and monitor the latest vulnerabilities.

Issue/ticket systems

Jira

We natively integrate with Jira using their Rest API available in Jira version 6 and newer. We support both the self-hosted version and Jira cloud.

In order to use our integration you need to be logged in as a company admin and then head over to website settings. At the website settings page you need to:
1. Click at the Integrations tab
2. Expand the Ticket/issue systems accordion
3. Scroll down to the Atlassian’s Jira API connections headline
4. Hit the plus button
5. Enter your ticket system host (The base address to your Jira instance)
6. Enter your Project ID. If you you don’t know your Project ID (Not the same as Project Key) you can get it by visiting jira_address.com/rest/api/2/project/your_project_key in a browser which supports displaying JSON (such as Firefox). Where jira_address is your system host entered in previous step and your_project_key is your Project Key which you can find in the projects overview, see image:
Jira projects overview
7. Enter any labels, comma separated, you want to add to created issues.
8. You can specify to create issues only for selected products which have one or more of the tags specified. By default issues are created when any product receives a (new) vulnerability.
9. Specify which action(s) should trigger a ticket to be created/updated. For each triggering action you can specify to add specific labels, these labels are then removed whenever another action is triggered (if multiple triggers are configured).
10. Enter your Jira username.
11. Enter your Jira password.
12. Optionally you can specify a Security ID to assign to all created and updated issues.
13. Enter the ID for “open” transition. You can get the ID by vising an existing issue in your chosen project and hover over the different statuses. While hovering the ID will be available in the displayed URL after the query parameter “action=”, see image:
Jira transition ID
14. Enter the ID for “close” transition. Get the ID in the same way as you did in 13., but for closing status.
15. Enter the ID for issue type you want to assign to new issues. In order to find the right ID you need to, similar to step 6, visit your Jira instance at your_jira.com/rest/api/2/issuetype/ in a supported browser.

See image for an example configuration:
Jira integration configuration example

GitLab

Getting started with GitLab is very easy and requires only a handful of things to be filled in. Our integration uses GitLab’s Rest API V4, available in GitLab 9.0 and newer.

In order to use our integration you need to be logged in as a company admin and then head over to website settings. At the website settings page you need to:
1. Click at the Integrations tab
2. Expand the Ticket/issue systems accordion
3. Scroll down to the Atlassian’s Jira API connections headline
4. Hit the plus button
5. Enter your ticket system host (The base address to your GitLab instance)
6. Enter your project ID, either its ID or its URL/namespace, see example image at the end.
7. Enter any labels, comma separated, you want to add to created issues.
8. You can specify to create issues only for selected products which have one or more of the tags specified. By default issues are created when any product receives a (new) vulnerability.
9. Specify which action(s) should trigger a ticket to be created/updated. For each triggering action you can specify to add specific labels, these labels are then removed whenever another action is triggered (if multiple triggers are configured).
10. Enter your private token/personal access token. You can create an access token by going to your GitLab profile, click Access Tokens and then create a token. It is important that the access token has the api scope checked.

Warning

The access token must have the api scope.

See image for an example configuration:

GitLab integration configuration example

GitHub

Planned

CI/Build systems

GitHub

With our CI integration to GitHub you can easily automatically upload your latest commits and pull requests to Debricked.

Installation

  1. Start by heading over to https://github.com/apps/debricked/.
  2. Click on install button in the top right corner.
    GitHub App - Homepage
  3. Choose your personal account or your organisations’ account.
    GitHub App - Choose where to install
  4. If you haven’t entered your password in a while you might be have to re-enter your personal account password.
    GitHub App - Confirm your password
  5. a) If installing to a personal account or an organisation account where you are an admin, you will be able to select which, or all, repositories which you want to install the integration to.
    GitHub App - Install to personal account
    b) If not, you will still be able to select which, or all, repositories which you want to install the integration to, but an organisation admin will have to approve your installation request.
    GitHub App - Request to install to organisation
  6. If installation was successful, you or your organisation admin will be redirected to Debricked’s service settings. If installation was added successfully, you should now have a new installation entry on the Integrations, GitHub CI tab, see image below.
    Debricked - Service settings

BitBake

Planned

GitLab

Planned

Travis

Planned

Jenkins

Planned

Collaboration tools

Slack

Planned

My XYZ is not supported!

If your favourite tool is not listed above you can either suggest it to us at our feedback page or create a custom integration using our Rest API.

Need assistance?

Contact our technical support at oscar.reimer@debricked.com

Updated on 2019-02-08

Was this article helpful?

Related Articles