Merge pull request #77 from schubergphilis/fix-step-function-definition

mayur7436 · web-flow · commit ed4b39e87a21 · 2025-10-09T09:56:46.000+02:00
fix: Jira close ticket step function definition update
diff --git a/files/step-function-artifacts/securityhub-findings-manager-orchestrator.json.tpl b/files/step-function-artifacts/securityhub-findings-manager-orchestrator.json.tpl
@@ -78,15 +78,16 @@
                   }
                 ]
               },
-              {
-                "Variable": "$.detail.findings[0].Severity.Normalized",
-                "NumericGreaterThanEquals": ${finding_severity_normalized}
-              },
               %{~ if jira_autoclose_enabled }
               {
                 "Or": [
                   {
+                    "Comment": "CREATE JIRA TICKET: Requires severity >= threshold",
                     "And": [
+                      {
+                        "Variable": "$.detail.findings[0].Severity.Normalized",
+                        "NumericGreaterThanEquals": ${finding_severity_normalized}
+                      },
                       {
                         "Variable": "$.detail.findings[0].Workflow.Status",
                         "StringEquals": "NEW"
@@ -126,6 +127,7 @@
                     ]
                   },
                   {
+                    "Comment": "CLOSE JIRA TICKET: Works at ANY severity (ticket already exists)",
                     "And": [
                       {
                         "Or": [
@@ -185,8 +187,16 @@
               }
               %{ else }
               {
-                "Variable": "$.detail.findings[0].Workflow.Status",
-                "StringEquals": "NEW"
+                "And": [
+                  {
+                    "Variable": "$.detail.findings[0].Severity.Normalized",
+                    "NumericGreaterThanEquals": ${finding_severity_normalized}
+                  },
+                  {
+                    "Variable": "$.detail.findings[0].Workflow.Status",
+                    "StringEquals": "NEW"
+                  }
+                ]
               }
               %{ endif ~}
             ],

Original file line number	Diff line number	Diff line change
`@@ -78,15 +78,16 @@`
`78`	`78`	`}`
`79`	`79`	`]`
`80`	`80`	`},`
`81`		`- {`
`82`		`- "Variable": "$.detail.findings[0].Severity.Normalized",`
`83`		`- "NumericGreaterThanEquals": ${finding_severity_normalized}`
`84`		`- },`
`85`	`81`	`%{~ if jira_autoclose_enabled }`
`86`	`82`	`{`
`87`	`83`	`"Or": [`
`88`	`84`	`{`
	`85`	`+ "Comment": "CREATE JIRA TICKET: Requires severity >= threshold",`
`89`	`86`	`"And": [`
	`87`	`+ {`
	`88`	`+ "Variable": "$.detail.findings[0].Severity.Normalized",`
	`89`	`+ "NumericGreaterThanEquals": ${finding_severity_normalized}`
	`90`	`+ },`
`90`	`91`	`{`
`91`	`92`	`"Variable": "$.detail.findings[0].Workflow.Status",`
`92`	`93`	`"StringEquals": "NEW"`
`@@ -126,6 +127,7 @@`
`126`	`127`	`]`
`127`	`128`	`},`
`128`	`129`	`{`
	`130`	`+ "Comment": "CLOSE JIRA TICKET: Works at ANY severity (ticket already exists)",`
`129`	`131`	`"And": [`
`130`	`132`	`{`
`131`	`133`	`"Or": [`
`@@ -185,8 +187,16 @@`
`185`	`187`	`}`
`186`	`188`	`%{ else }`
`187`	`189`	`{`
`188`		`- "Variable": "$.detail.findings[0].Workflow.Status",`
`189`		`- "StringEquals": "NEW"`
	`190`	`+ "And": [`
	`191`	`+ {`
	`192`	`+ "Variable": "$.detail.findings[0].Severity.Normalized",`
	`193`	`+ "NumericGreaterThanEquals": ${finding_severity_normalized}`
	`194`	`+ },`
	`195`	`+ {`
	`196`	`+ "Variable": "$.detail.findings[0].Workflow.Status",`
	`197`	`+ "StringEquals": "NEW"`
	`198`	`+ }`
	`199`	`+ ]`
`190`	`200`	`}`
`191`	`201`	`%{ endif ~}`
`192`	`202`	`],`