Workflows

​

Jira Ticketing Integration

The Ghost Platform can be configured to send authenticated webhooks for finding lifecycle events directly into Atlassian Jira’s Automation system to drive almost any ticketing and notification workflow. This guide will help you configure a workflow that ensures a ticket exists with all the relevant details for a finding set to “pinned” and then ensures that ticket is closed in Jira with a comment when the finding is closed/remediated according to the Ghost Platform.

​

Configure the Automation in Jira to Receive Incoming Webhooks

1. As a Jira user with administrative privileges, go to the Jira Admin Settings —> Automation —> Global automation view.
2. Choose Import Rules and upload the Ghost-JIRA-Ticket-Automation.json
3. Select the rule named Copy of Ghost and the desired target project.
4. Open the Copy of Ghost rule, select Rule Details and rename the rule as desired.
5. Select the When: Incoming Webhook action step and click Regenerate. This will create a unique URL and Secret for this workflow. Save it in a secure location.
6. Optionally, modify the configuration of the step named Then: Create a new to suit your organization’s requirements.
7. When ready, toggle the Enabled field to make this workflow active.

​

Configure the Ghost Platform to Send Webhooks to Jira

1. Create a new Secret for the Webhook Secret by clicking the + New Secret button in the Integrations —> Secrets view. Paste in the Secret value that was previously generated in Jira. Provide a description name such as Jira Automation Secret.
   Creating a Secret is a secure, one-way operation. This means the Ghost platform can only create (write) secrets, but not read them. The service that sends the actual webhook events is granted read access to the secret.
2. Create a new Filter for the Webhook Secret by clicking the “New Filter” button in the Integrations —> Filters view.
   • Provide a descriptive name such as “Jira Ticket Filter”
   • Optionally, give a description
   • Select the Finding Pinned and Finding Closed Event Types
   • Optionally, add filters as needed
3. Create a new Destination for the Webhook Secret by clicking the “New Destination” button in the Integrations —> Destinations view.
   • Provide a descriptive name such as “Jira Automation”
   • Paste in the generated URL from the Jira Webhook workflow as the URL
   • Select the filter created in the prior step in the Event Filters listing. e.g. Jira Ticket Filter
   • Under Auth Headers, click + Add
     • Key is X-Automation-Webhook-Token
     • For Select Secret, select the Ghost Platform secret. e.g. Jira Automation Secret
   • Click Create
   • Select the menu for this Destination and choose View, then click Test Connection. The connection status will be shown.

​

Verifying the Workflow

1. View the details of a Finding Code —> Findings and select a finding to use to test the workflow.
2. Click Pin to set the finding to “Pinned”.
3. View the Webhook logs in the Ghost Platform Integrations —> Webhooks —> Logs and confirm the Status shows successful delivery.
4. In Jira, under the Jira Admin Settings —> Automation —> Global automation view, view the Audit Log tab to see the workflow logs inside the automation rule.
5. If successful, a new work item for this finding should be in your project’s backlog.

​

Filtering Work Items in Jira

When the automation creates a new work item, it assigns two labels: Ghost and the finding-<id>. These can be used to locate findings with JQL queries.

​

Disabling the Webhook

To stop webhook events from being generated by the Ghost Platform, visit Integrations —> Destinations, click the click the context menu (), and select Disable. Toggle to Enable to re-enable the flow of events.

​

Appendix: Workflow Diagram

The following diagram illustrates the interactions of the Ghost Platform and the Jira Automation workflow: