Add finding group support to jira_status_reconciliation command #14267
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The jira_status_reconciliation management command only processed individual findings with direct JIRA issues. Finding groups that were pushed to JIRA as groups were completely skipped because their JIRA issue is attached to the Finding_Group model, not to individual findings. This adds a second processing loop for Finding_Group objects with JIRA issues, supporting all three modes (reconcile, push_status_to_jira, import_status_from_jira). The group's aggregate status is derived from its member findings. To avoid pushing the same JIRA issue twice, we use push_status_to_jira directly on the group object (not push_finding_group_to_jira which would also push individual finding JIRA issues already handled by the existing loop). Also adds --include-findings/--no-include-findings and --include-finding-groups/--no-include-finding-groups flags so users can control which types are processed. Closes DefectDojo#14031
3 tasks
rossops
approved these changes
Feb 9, 2026
Jino-T
approved these changes
Feb 9, 2026
Maffooch
approved these changes
Feb 9, 2026
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
jira_status_reconciliationmanagement command, fixing Finding groups are not processed by jira_status_reconciliation synchronization command option. #14031 where grouped findings pushed to JIRA as groups were completely skipped during reconciliation--include-findings/--no-include-findingsand--include-finding-groups/--no-include-finding-groupsCLI flags so users can control which types to reconcilepush_status_to_jiradirectly on the group object (notpush_finding_group_to_jirawhich would also push individual finding JIRA issues already handled by the existing loop)How It Works
The JIRA_Issue model has separate OneToOneField relationships to Finding and Finding_Group. A JIRA issue is linked to either a Finding or a Finding_Group, never both. The existing findings loop and the new finding groups loop operate on mutually exclusive sets of JIRA issues.
For finding groups, the reconciliation:
last_status_updateandlast_reviewedfrom the max values across all findings in the groupany(f.active for f in group.findings.all())push_status_to_jira(),process_resolution_from_jira(),_safely_get_obj_status_for_jira()all already support Finding_Group objects