Conversation
…workflows - Updated aquasec-scan.yml to include severity-priority-map and project-number inputs. - Enhanced promote_alerts.py with functions to parse severity-priority mappings and set priority in GitHub Projects. - Modified sync_security_alerts.sh to accept severity-priority-map and project-number as command-line arguments. - Adjusted aquasec-night-scan.yml to pass severity-priority-map and project-number for priority tracking.
- Implemented core orchestration for syncing security alerts with GitHub issues in `issue_sync.py`. - Created data models for issues and notifications in `models.py`. - Added priority mapping functionality in `priority.py` to resolve severity to priority values. - Developed structured lifecycle event handling in `sec_events.py` for managing security event comments. - Introduced metadata handling for issues in `secmeta.py`, including parsing and rendering of metadata blocks. - Built Teams notification system in `teams.py` to notify about new and reopened issues. - Added Markdown templates for issue bodies in `templates.py` to standardize issue content.
…tle handling in parent and child issue workflows
tmikula-dev
left a comment
tmikula-dev
left a comment
There was a problem hiding this comment.
Could you please explain, why you decided to have a github/security/root stuff structure? From first PoV, I see no such a need to have that deep folder structure.
I am also aware, that this is only PoC and init, but the current project distribution of files is strange. Having issues, teams, models builders inside of the utils file is not the best one. Just mentioning, I am not sure in what develop phase you are.
I also see that some new methods have docstring, some have just a comment with # NOTE, many have no method docstring. May be updated for future Code health.
And in the end, this PR is such a big to do a full review on +1500 rows, so manny consequences to take a look for. This is what I found during first look.
- Moved common utilities to a new shared module, including functions for logging, date handling, and command execution. - Consolidated GitHub issue operations into a dedicated shared module for better organization and reuse. - Introduced a new priority mapping module to handle severity-to-priority resolution. - Updated issue builder and sync utilities to utilize shared components, reducing code duplication. - Removed the obsolete priority.py file and integrated its functionality into the new shared priority module. - Enhanced template rendering capabilities by creating a shared template module for Markdown processing. - Cleaned up imports and improved code readability across various modules.
… issue synchronization
…ation for sec_events and secmeta
There is planned to host more topic related solutions. This one is for github and security. Nect one will be github and repo creation.
I was planning to keep it simple, but wrong and waiting for another topic. Not valid anymore. See the current state.
Address here - a06baa2.
I know, the solution start growing form initial one script by adding change requests from author. |
2 participants
Release Notes:
Closes #2