business_unit
Advanced field support
Table of Contents
An Issue Tracker integration is pre-configured to map SD Elements fields to certain fields by default. Supported integrations allow users to change or override this mapping by using the Custom Fields Mapping within the section Advanced Issue Tracker Options.
For example, the placeholders, such as $task_title and $project allow users
to use a Countermeasure’s title and the SD Elements project name in a field mapping.
Refer to the list of placeholders below for a complete list.
| Advanced Fields (Default or Custom) will only be synced over on the initial sync and cannot be updated. |
List of placeholders/macros
Use placeholders with the Custom Fields Mapping configuration to fine-tune an integration. The table below lists available placeholders and their meaning.
| Placeholder | Description | Example |
|---|---|---|
Name of the business unit associated with the SD Elements project |
General |
|
business_unit_id |
Identifier for the business unit associated with the SD Elements project |
1234 |
business_unit_slug |
Slug representing the business unit associated with the SD Elements project |
general |
application |
Name of the application associated with the SD Elements project |
Web application |
application_id |
Identifier for the application associated with the SD Elements project |
1234 |
application_slug |
Slug representing the application associated with the SD Elements project |
web_application |
application_custom_attr_X |
Placeholder for application custom attribute having slug X |
Depends on application custom attribute values |
project |
Project name |
Release Q1 2016 |
project_id |
Project identifier |
1234 |
project_slug |
Project slug |
release_q1_2016 |
project_custom_attr_X |
Placeholder for project custom attribute having slug X |
Depends on project custom attribute values |
issue_tracker_project |
The ID/name of the project in the remote issue tracker |
A Jira project key |
context |
User-defined value assigned when creating project connections |
Some project context |
issue_tracker_user |
The username used to authenticate to a server. Not available if the integration uses tokens to authenticate |
jira_user |
id |
SD Elements project Countermeasure identifier |
1-T21 |
task_id |
SD Elements Countermeasure identifier |
T21 |
task_title |
SD Elements Countermeasure title |
Ensure confidential data is sent over an encrypted channel |
task_url |
Application link to the SD Elements project Countermeasure |
|
task_content |
SD Elements Countermeasure description (format: Markdown) |
Confidential data *must always be sent over an encrypted channel* for a *security-sensitive* application. Use TLS …. |
task_richcontent |
SD Elements Countermeasure description formatted, for the Issue Tracker tool |
Confidential data must always be sent over an encrypted channel for a security-sensitive application. Use TLS …. (formatted for the Issue Tracker) |
task_phase |
Phase associated with the SD Elements Countermeasure |
Requirements |
task_status |
SD Elements Countermeasure status |
TODO |
task_priority |
SD Elements Countermeasure status |
10 |
task_priority_translated |
Issue Tracker priority corresponding to the SD Elements Countermeasure priority. The value is based on the configured priority mapping Custom Priority Mapping. |
Blocker |
task_tags |
List of tags assigned to the SD Elements Countermeasure |
SD-Elements, task-tag1, task-tag2, task-tag3 |
problem_content |
Description of the Weakness associated with the SD Elements Countermeasure |
Many communication channels can *be "sniffed"* by attackers during data transmission…. |
problem_richcontent |
Description of the Weakness associated with the SD Elements Countermeasure, formatted for the Issue Tracker tool |
Many communication channels can be "sniffed" by attackers during data transmission…. (formatted for the Issue Tracker) |
problem_id |
SD Elements Weakness identifier |
P216 |
problem_title |
SD Elements Weakness title |
Cleartext Transmission of Sensitive Information |
Depending on the Integration and Field, you may need to provide the Value parameter in an "array format".
For example, the Rally "Tags" field and the Jira "Labels" field expect an array and must be in this format: ["placeholder1", "placeholder2", …]. Therefore ["${task_id}", "${task_tags}", "SDE"] works, but "${task_id}", "${task_tags}", "SDE" does not.
Example
Consider the default Atlassian JIRA field mapping:
| JIRA Field | Value |
|---|---|
Summary |
${task_id}: ${task_title} |
Description |
${task_richcontent} |
Labels |
${task_tags} |
Priority |
${task_priority_translated} |
Reporter |
${issue_tracker_user} |
To modify this configuration, you can enter the following into "Custom Field Mapping":
| JIRA Field | Value |
|---|---|
Description |
${task_richcontent} ${problem_richcontent} |
Custom Severity Field |
${task_priority_translated} |
Custom Field2 |
My Own Text |
Labels |
["L1", "${task_tags}", "L2"] |
The settings above achieve the following results:
-
The new setting overrides the default "Description" field mapping.
-
The "Priority" settings are left intact.
-
Adds a new mapping to field "Custom Severity Field" with a Countermeasure’s priority value.
-
Adds a new mapping to field "CustomField2" with the value "My Own Text".
-
Updates the "Labels" field configuration to include two extra labels: "L1" and "L2".
String Replacement
Use string replacement to replace SD Elements Countermeasure text with your own when you sync using Issue Tracker Integration. You can define string replacements as you create a new issue tracker connection.
String replacement finds substrings within the Countermeasure description (as they are found in the macros "task_content" and "task_richcontent") and replaces them with the provided value. It works with substrings, words, phrases, or sentences as long as the string token matches the value you indicate.
| String matching is case-sensitive. |
String replacements occur as listed without reference to one another. Replacements can also occur in any order, and new strings can be replaced from other configured replacements.
For example, if "vulnerability" is replaced with "weakness", and "weakness" is replaced with "flaw", instances of "vulnerability" can become "flaw" or "weakness" depending on the order of replacements.