Merge branch '276898-add-filtering-jira-issues-on-vulnerability-id' into 'master'

Add filtering Jira issues on GitLab Vulnerability ID

See merge request gitlab-org/gitlab!47198

ee/app/finders/projects/integrations/jira/issues_finder.rb

@@ -13,7 +13,7 @@ module Projects
           def valid_params
             @valid_params ||= %i[page per_page search state status author_username assignee_username]
             # to permit array params you need to init them to an empty array
-            @valid_params << { labels: [] }
+            @valid_params << { labels: [], vulnerability_ids: [] }
           end
         end
 

ee/app/services/jira/jql_builder_service.rb

@@ -18,6 +18,7 @@ module Jira
       @assignee = params[:assignee_username]
       @sort = params[:sort] || DEFAULT_SORT
       @sort_direction = params[:sort_direction] || DEFAULT_SORT_DIRECTION
+      @vulnerability_ids = params[:vulnerability_ids]
     end
 
     def execute
@@ -29,7 +30,7 @@ module Jira
 
     private
 
-    attr_reader :jira_project_key, :sort, :sort_direction, :search, :labels, :status, :reporter, :assignee, :state
+    attr_reader :jira_project_key, :sort, :sort_direction, :search, :labels, :status, :reporter, :assignee, :state, :vulnerability_ids
 
     def jql_filters
       [
@@ -39,7 +40,8 @@ module Jira
         by_reporter,
         by_assignee,
         by_open_and_closed,
-        by_summary_and_description
+        by_summary_and_description,
+        by_vulnerability_ids
       ].compact.join(' AND ')
     end
 
@@ -93,6 +95,15 @@ module Jira
       end
     end
 
+    def by_vulnerability_ids
+      return if vulnerability_ids.blank?
+
+      vulnerability_ids
+        .map { |vulnerability_id| %Q[description ~ "/-/security/vulnerabilities/#{vulnerability_id}"] }
+        .join(' OR ')
+        .then { |query| "(#{query})" }
+    end
+
     def escape_quotes(param)
       param.gsub('\\', '\\\\\\').gsub('"', '\\"')
     end

ee/changelogs/unreleased/276898-add-filtering-jira-issues-on-vulnerability-id.yml

+---
+title: Add filtering Jira issues on GitLab Vulnerability ID
+merge_request: 47198
+author:
+type: added

ee/spec/services/jira/jql_builder_service_spec.rb

@@ -109,5 +109,13 @@ RSpec.describe Jira::JqlBuilderService do
         expect(subject).to eq('project = PROJECT_KEY order by created DESC')
       end
     end
+
+    context 'with vulnerability_ids params' do
+      let(:params) { { vulnerability_ids: [1, 25] } }
+
+      it 'builds jql' do
+        expect(subject).to eq('project = PROJECT_KEY AND (description ~ "/-/security/vulnerabilities/1" OR description ~ "/-/security/vulnerabilities/25") order by created DESC')
+      end
+    end
   end
 end