ocean icon indicating copy to clipboard operation
ocean copied to clipboard

Published 20 hours ago โ€ข verified publisher icon port-labs

[Integration][Snyk] PORT-10776 Added ignore issue default action

Open oiadebayo opened this issue 1 year ago โ€ข 0 comments

Description

The following action allows the user to ignore a Snyk issue, and must provide one of the following reasons: wont-fix, not-vulnerable, or temporary-ignore.

What - Implemented the ability to ignore Snyk vulnerabilities through a default self service action that requires user input for the reason (wont-fix, not-vulnerable, temporary-ignore) and optionally an expiration. Added an ignored field to the Vulnerability blueprint, a required vulnerabilityId field to map vulnerabilities from Snyk, and created the webhook action for ignoring vulnerabilities.

Why - This functionality allows users to better manage vulnerabilities by marking issues they donโ€™t intend to fix, arenโ€™t vulnerable to, or wish to ignore temporarily, enhancing control over the vulnerability workflow.

How - The ignored field was added to the Vulnerability blueprint and mapped in the data source. The vulnerabilityId field is mapped to the Snyk vulnerability key. Created a webhook-triggered action that allows users to ignore a Snyk vulnerability with the necessary reasons and optional expiration. Utilized the Snyk API for ignoring vulnerabilities.

Type of change

Please leave one option from the following and delete the rest:

  • [ ] New feature (non-breaking change which adds functionality)

All tests should be run against the port production environment(using a testing org).

Core testing checklist

  • [ ] Integration able to create all default resources from scratch
  • [ ] Resync finishes successfully
  • [ ] Resync able to create entities
  • [ ] Resync able to update entities
  • [ ] Resync able to detect and delete entities
  • [ ] Scheduled resync able to abort existing resync and start a new one
  • [ ] Tested with at least 2 integrations from scratch
  • [ ] Tested with Kafka and Polling event listeners
  • [ ] Tested deletion of entities that don't pass the selector

Integration testing checklist

  • [ ] Integration able to create all default resources from scratch
  • [ ] Resync able to create entities
  • [ ] Resync able to update entities
  • [ ] Resync able to detect and delete entities
  • [ ] Resync finishes successfully
  • [ ] If new resource kind is added or updated in the integration, add example raw data, mapping and expected result to the examples folder in the integration directory.
  • [ ] If resource kind is updated, run the integration with the example data and check if the expected result is achieved
  • [ ] If new resource kind is added or updated, validate that live-events for that resource are working as expected
  • [ ] Docs PR link here

Preflight checklist

  • [ ] Handled rate limiting
  • [ ] Handled pagination
  • [ ] Implemented the code in async
  • [ ] Support Multi account

Screenshots

Include screenshots from your environment showing how the resources of the integration will look.

API Documentation

Provide links to the API documentation used for this integration.

oiadebayo avatar Oct 08 '24 10:10 oiadebayo