[PR CHECKER] JIRA check for PR Headers #32
Conversation
PlaidCat
requested review from
bmastbergen,
kerneltoast,
roxanan1996,
shreeya-patel98 and
thefossguy-ciq
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
There was a problem hiding this comment.
Pull Request Overview
This PR introduces a JIRA validation system for checking vulnerability tickets in PR commits. The system validates that VULN tickets have correct status, time logging, LTS product alignment with target branches, and CVE consistency between commits and JIRA tickets.
- Adds configuration mapping for JIRA fields and product-to-branch relationships
- Implements comprehensive JIRA ticket validation for vulnerability management
- Provides detailed error and warning reporting for PR compliance
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| release_config.py | Configuration file defining JIRA field mappings and product-to-branch release mappings |
| jira_pr_check.py | Main validation script that parses PR commits, validates VULN tickets against JIRA, and reports compliance issues |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
|
At first glance, I would have split the code into some functions for better readability and ease for testing. No time for tests now but we need to do that in the future at some point. That's also a reason we should use python more instead of bash, in my opinion. |
PlaidCat
force-pushed
the
{jmaple}_pr_jira_test
branch
from
f7311e2 to
c88d92b
Compare
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
This is the first start at a parse and check status of vulns in a PR. It requires a jira url, user, token, target merge branch and the current branch name. It will look for VULNS in the CIQ header and check their LTS product versus the target branch, if they're in the correct status and if they have any time logged.
PlaidCat
force-pushed
the
{jmaple}_pr_jira_test
branch
from
c88d92b to
ee1f119
Compare
Thanks I'm gonna wait until tomorrow afternoon to merge to give other reviewers the chance to object |
|
Ship it. I would personally refactor it, but it can be done later. |
4 participants
This is the first start at a parse and check status of vulns in a PR.
It requires a jira url, user, token, target merge branch and the current branch name. It will look for VULNS in the CIQ header and check their LTS product versus the target branch, if they're in the correct status and if they have any time logged.
It will also make sure that the CVE's commit match the VULNS.
Please see this DRAFT PR for a test example:
ctrliq/kernel-src-tree#615 (comment)
After merging this I will fixup the checkout of this temp branch before submitting this to the each of the branches
ctrliq/kernel-src-tree@487b0da
Note this was all ClaudeCode generated iteratively, locally tested and tested with failure conditions in the above draft PR