Update README and Jira UAT test script
This commit is contained in:
root
52
README.md
52
README.md
@@ -20,6 +20,7 @@ A self-hosted vulnerability management dashboard for the NTS-AEO-STEAM and NTS-A
|
||||
- [Compliance — AEO Posture](#compliance--aeo-posture)
|
||||
- [Knowledge Base](#knowledge-base)
|
||||
- [Exports](#exports)
|
||||
- [Jira Tickets](#jira-tickets)
|
||||
- [Archer Risk Acceptance Tickets](#archer-risk-acceptance-tickets)
|
||||
- [Admin Panel](#admin-panel)
|
||||
- [Scripts](#scripts)
|
||||
@@ -192,6 +193,20 @@ IVANTI_FIRST_NAME=
|
||||
IVANTI_LAST_NAME=
|
||||
# Set to 'true' if your network has SSL inspection / self-signed certs
|
||||
IVANTI_SKIP_TLS=false
|
||||
|
||||
# Jira Data Center REST API (required for Jira Tickets page)
|
||||
# VPN or Charter Network connection required for all Jira instances.
|
||||
# Service accounts use Basic Auth (JIRA_API_USER + JIRA_API_TOKEN).
|
||||
# PATs require ATLSUP approval — set JIRA_AUTH_METHOD=pat to use JIRA_PAT instead.
|
||||
# Rate limits: 1440 requests/day, burst of 60/minute.
|
||||
JIRA_BASE_URL=https://jira.charter.com
|
||||
JIRA_AUTH_METHOD=basic
|
||||
JIRA_API_USER=your-service-account
|
||||
JIRA_API_TOKEN=your-api-token
|
||||
# JIRA_PAT=your-pat-token
|
||||
JIRA_PROJECT_KEY=VULN
|
||||
JIRA_ISSUE_TYPE=Task
|
||||
JIRA_SKIP_TLS=false
|
||||
```
|
||||
|
||||
**`SESSION_SECRET` is required.** The server will exit on startup if it is not set. Generate one with `openssl rand -base64 32`.
|
||||
@@ -472,6 +487,29 @@ Bulk export tools for reports and data extracts. Available to Admin, Standard_Us
|
||||
|
||||
---
|
||||
|
||||
### Jira Tickets
|
||||
|
||||
A dedicated page for managing Jira Data Center tickets linked to CVE/vendor pairs. Accessible from the navigation drawer. Requires a configured Jira API connection (see [Configuration](#configuration)).
|
||||
|
||||
**Ticket list**
|
||||
- View all tracked Jira tickets with status, CVE ID, vendor, summary, and Jira key
|
||||
- Filter by status or search by keyword
|
||||
- Click a Jira key to open the issue in Jira Data Center
|
||||
|
||||
**Jira API operations (Admin/Standard_User)**
|
||||
- **Lookup** — search for any Jira issue by key and view its current status, assignee, and summary
|
||||
- **Create in Jira** — create a new Jira issue directly from the dashboard with project key, issue type, summary, and description; the resulting ticket is automatically linked to a CVE/vendor pair in the local database
|
||||
- **Sync** — refresh a single ticket's status and summary from Jira, or bulk-sync all tracked tickets via JQL search
|
||||
- **Create / Edit / Delete** — manage local ticket records linking Jira keys to CVE/vendor pairs
|
||||
|
||||
**Connection test (Admin)** — verify Jira API credentials and connectivity from the page header.
|
||||
|
||||
**Rate limit monitoring (Admin)** — view current burst and daily rate limit usage against Charter's posted limits (60/minute burst, 1 440/day).
|
||||
|
||||
All Jira API calls are proxied through the backend. Credentials are never exposed to the browser. Rate limits are enforced client-side with inter-request delays (1s for GETs, 2s for writes). See `docs/jira-api-use-cases.md` for the full API compliance summary.
|
||||
|
||||
---
|
||||
|
||||
### Archer Risk Acceptance Tickets
|
||||
|
||||
Track Archer exception tickets (EXC numbers) linked to specific CVE/vendor pairs.
|
||||
@@ -578,6 +616,13 @@ All endpoints are prefixed with `/api`. All endpoints except `/api/auth/login` a
|
||||
| POST | `/api/jira-tickets` | Admin, Standard_User | Create a JIRA ticket |
|
||||
| PUT | `/api/jira-tickets/:id` | Admin, Standard_User | Update a JIRA ticket |
|
||||
| DELETE | `/api/jira-tickets/:id` | Admin, Standard_User | Delete a JIRA ticket (ownership + compliance check for Standard_User) |
|
||||
| GET | `/api/jira-tickets/connection-test` | Admin | Test Jira API connectivity and credentials |
|
||||
| GET | `/api/jira-tickets/rate-limit` | Admin | Get current burst and daily rate limit usage |
|
||||
| GET | `/api/jira-tickets/lookup/:issueKey` | Any | Look up a single Jira issue by key |
|
||||
| POST | `/api/jira-tickets/search` | Any | JQL search for Jira issues |
|
||||
| POST | `/api/jira-tickets/create-in-jira` | Admin, Standard_User | Create an issue in Jira and link it locally |
|
||||
| POST | `/api/jira-tickets/sync-all` | Admin | Bulk-sync all tracked tickets via JQL |
|
||||
| POST | `/api/jira-tickets/:id/sync` | Admin, Standard_User | Sync a single ticket's status from Jira |
|
||||
|
||||
### Ivanti — Host Findings
|
||||
|
||||
@@ -717,13 +762,15 @@ cve-dashboard/
|
||||
│ │ ├── ivantiFindings.js # Ivanti host findings sync, notes, overrides, FP counts
|
||||
│ │ ├── ivantiTodoQueue.js # Ivanti Queue — personal FP/Archer/CARD staging list
|
||||
│ │ ├── ivantiArchive.js # Finding archive for severity score drift
|
||||
│ │ ├── jiraTickets.js # Jira ticket CRUD + Jira REST API integration (lookup, sync, create)
|
||||
│ │ └── compliance.js # AEO compliance upload, diff, device tracking, notes
|
||||
│ ├── middleware/
|
||||
│ │ └── auth.js # requireAuth and requireGroup middleware
|
||||
│ ├── helpers/
|
||||
│ │ ├── auditLog.js # logAudit helper (fire-and-forget)
|
||||
│ │ ├── driftChecker.js # Schema drift detection: compareSchemaToDrift(), loadConfig(), reconcileConfig()
|
||||
│ │ └── ivantiApi.js # Ivanti API HTTP helpers (multipart, JSON, form POST)
|
||||
│ │ ├── ivantiApi.js # Ivanti API HTTP helpers (multipart, JSON, form POST)
|
||||
│ │ └── jiraApi.js # Jira Data Center REST API helpers (Basic/PAT auth, rate limiting)
|
||||
│ ├── migrations/ # Sequential migration scripts (run manually with node)
|
||||
│ └── scripts/
|
||||
│ ├── compliance_config.json # Shared parser config (metric_categories, core_cols, skip_sheets)
|
||||
@@ -740,7 +787,7 @@ cve-dashboard/
|
||||
│ └── AuthContext.js # Auth state provider (login, logout, group helpers)
|
||||
└── components/
|
||||
├── LoginForm.js # Login page
|
||||
├── NavDrawer.js # Side navigation drawer (Admin Panel link for Admin group)
|
||||
├── NavDrawer.js # Side navigation drawer (pages + Admin Panel link for Admin group)
|
||||
├── UserMenu.js # User dropdown in header (shows group badge)
|
||||
├── CalendarWidget.js # Due-date calendar with Ivanti finding indicators
|
||||
├── UserManagement.js # Admin user management modal (quick-access from UserMenu)
|
||||
@@ -760,6 +807,7 @@ cve-dashboard/
|
||||
├── ComplianceChartsPanel.js # Compliance trend charts
|
||||
├── IvantiCountsChart.js # Ivanti counts history chart
|
||||
├── ArchiveSummaryBar.js # Finding archive summary
|
||||
├── JiraPage.js # Jira ticket management and Jira API integration
|
||||
├── KnowledgeBasePage.js # Knowledge base page
|
||||
└── ExportsPage.js # Exports page (group-gated)
|
||||
```
|
||||
|
||||
Reference in New Issue
Block a user