Skip to content

Finding groups are not processed by jira_status_reconciliation synchronization command option. #14031

New issue
New issue
Open
Open
Finding groups are not processed by jira_status_reconciliation synchronization command option.#14031
Labels
bug
@thiswillnevelmatch

Description

@thiswillnevelmatch
thiswillnevelmatch
opened on Jan 5, 2026

Team was trying to implement periodic bidirectional(Jira->DefectDojo webhook approach wasn't an option due to network reachability) resynchronization between DefectDojo and Jira, by implementing a cronjob.
After running:

python3 manage.py jira_status_reconciliation

it was noticed that only standalone findings with Jira tickets are processed by "synchronizer", while findings that are pushed to Jira as finding groups were not processed at all.
Take a look at the following output:

defectdojo@defectdojo-django-7b88fdc76b-g2m5v:/app$ python3 manage.py jira_status_reconciliation -v 3
[05/Jan/2026 13:08:28] INFO [dojo.auditlog:246] Registering models with django-pghistory
[05/Jan/2026 13:08:28] INFO [dojo.auditlog:427] Successfully registered models with django-pghistory
[05/Jan/2026 13:08:28] INFO [dojo.auditlog:504] Configuring audit system: django-auditlog enabled
[05/Jan/2026 13:08:28] INFO [dojo.auditlog:160] Enabling django-auditlog: Registering models
[05/Jan/2026 13:08:28] INFO [dojo.auditlog:173] Successfully enabled django-auditlog
[05/Jan/2026 13:08:30] INFO [dojo.management.commands.jira_status_reconciliation:98] VM-348; https://truncated/finding/113416;Active, Verified;None;None;None;None;2026-01-05 10:57:26.336128+00:00;2026-01-05 02:57:26.820000-08:00;2026-01-05 10:57:24.255599+00:00;2026-01-05 02:57:26.820000-08:00;2026-01-05 10:57:24.220305+00:00;2026-01-05 02:57:26.820000-08:00;no action both sides are active/open;equal
[05/Jan/2026 13:08:30] INFO [dojo.management.commands.jira_status_reconciliation:98] VM-369; https://truncated/finding/113531;Active, Verified;None;None;None;None;2025-12-03 07:55:32.000345+00:00;2025-12-02 23:55:58.841000-08:00;2025-12-03 07:55:25.945094+00:00;2025-12-02 23:55:58.841000-08:00;2025-12-03 07:55:25.916496+00:00;2025-12-02 23:55:58.841000-08:00;no action both sides are active/open;equal
[05/Jan/2026 13:08:31] INFO [dojo.management.commands.jira_status_reconciliation:98] VM-370; https://truncated/finding/113739;Active, Verified;None;None;None;None;2026-01-05 08:51:41.871644+00:00;2025-12-03 01:26:02.987000-08:00;2025-12-03 08:26:54.365709+00:00;2025-12-03 01:26:02.987000-08:00;2025-12-03 08:27:47.235374+00:00;2025-12-03 01:26:02.987000-08:00;no action both sides are active/open;equal
[05/Jan/2026 13:08:31] INFO [dojo.management.commands.jira_status_reconciliation:98] VM-351; https://truncated/finding/53082;Active, Verified;None;None;None;None;2025-12-02 09:17:19.686577+00:00;2025-12-02 01:58:21.892000-08:00;2025-12-02 09:14:41.640717+00:00;2025-12-02 01:58:21.892000-08:00;2025-12-02 09:17:02.149502+00:00;2025-12-02 01:58:21.892000-08:00;no action both sides are active/open;equal
[05/Jan/2026 13:08:32] INFO [dojo.management.commands.jira_status_reconciliation:98] VM-352; https://truncated/finding/52934;Active, Verified;None;None;None;None;2025-12-02 09:36:27.801304+00:00;2025-12-02 01:58:22.108000-08:00;2025-12-02 08:47:01.971408+00:00;2025-12-02 01:58:22.108000-08:00;2025-12-02 09:36:21.578092+00:00;2025-12-02 01:58:22.108000-08:00;no action both sides are active/open;equal
[05/Jan/2026 13:08:33] INFO [dojo.management.commands.jira_status_reconciliation:98] VM-355; https://truncated/finding/82509;Active, Verified;None;None;None;None;2025-12-02 09:52:06.282985+00:00;2025-12-02 01:59:27.414000-08:00;2025-12-02 08:38:57.216853+00:00;2025-12-02 01:59:27.414000-08:00;2025-12-02 09:52:03.816101+00:00;2025-12-02 01:59:27.414000-08:00;no action both sides are active/open;equal
[05/Jan/2026 13:08:33] INFO [dojo.management.commands.jira_status_reconciliation:98] VM-359; https://truncated/finding/114194;Active, Verified;None;None;None;None;2025-12-02 11:57:51.421605+00:00;2025-12-02 04:13:40.219000-08:00;2025-12-02 11:52:51.373949+00:00;2025-12-02 04:13:40.219000-08:00;2025-12-02 11:52:51.487668+00:00;2025-12-02 04:13:40.219000-08:00;no action both sides are active/open;equal
[05/Jan/2026 13:08:34] INFO [dojo.management.commands.jira_status_reconciliation:98] VM-360; https://truncated/finding/114196;Active, Verified;None;None;None;None;2025-12-02 11:57:15.437049+00:00;2025-12-02 04:13:40.031000-08:00;2025-12-02 11:56:38.684770+00:00;2025-12-02 04:13:40.031000-08:00;2025-12-02 11:57:12.767483+00:00;2025-12-02 04:13:40.031000-08:00;no action both sides are active/open;equal
[05/Jan/2026 13:08:34] INFO [dojo.management.commands.jira_status_reconciliation:184] results (semicolon seperated)
[05/Jan/2026 13:08:34] INFO [dojo.management.commands.jira_status_reconciliation:186] jira_key;finding_url;resolution_or_status;find.jira_issue.jira_change;issue_from_jira.fields.updated;find.last_status_update;issue_from_jira.fields.updated;find.last_reviewed;issue_from_jira.fields.updated;flag1;flag2;flag3;action;change_made
[05/Jan/2026 13:08:34] INFO [dojo.management.commands.jira_status_reconciliation:186] VM-348; https://truncated/finding/113416;Active, Verified;None;None;None;None;2026-01-05 10:57:26.336128+00:00;2026-01-05 02:57:26.820000-08:00;2026-01-05 10:57:24.255599+00:00;2026-01-05 02:57:26.820000-08:00;2026-01-05 10:57:24.220305+00:00;2026-01-05 02:57:26.820000-08:00;no action both sides are active/open;equal
[05/Jan/2026 13:08:34] INFO [dojo.management.commands.jira_status_reconciliation:186] VM-369; https://truncated/finding/113531;Active, Verified;None;None;None;None;2025-12-03 07:55:32.000345+00:00;2025-12-02 23:55:58.841000-08:00;2025-12-03 07:55:25.945094+00:00;2025-12-02 23:55:58.841000-08:00;2025-12-03 07:55:25.916496+00:00;2025-12-02 23:55:58.841000-08:00;no action both sides are active/open;equal
[05/Jan/2026 13:08:34] INFO [dojo.management.commands.jira_status_reconciliation:186] VM-370; https://truncated/finding/113739;Active, Verified;None;None;None;None;2026-01-05 08:51:41.871644+00:00;2025-12-03 01:26:02.987000-08:00;2025-12-03 08:26:54.365709+00:00;2025-12-03 01:26:02.987000-08:00;2025-12-03 08:27:47.235374+00:00;2025-12-03 01:26:02.987000-08:00;no action both sides are active/open;equal
[05/Jan/2026 13:08:34] INFO [dojo.management.commands.jira_status_reconciliation:186] VM-351; https://truncated/finding/53082;Active, Verified;None;None;None;None;2025-12-02 09:17:19.686577+00:00;2025-12-02 01:58:21.892000-08:00;2025-12-02 09:14:41.640717+00:00;2025-12-02 01:58:21.892000-08:00;2025-12-02 09:17:02.149502+00:00;2025-12-02 01:58:21.892000-08:00;no action both sides are active/open;equal
[05/Jan/2026 13:08:34] INFO [dojo.management.commands.jira_status_reconciliation:186] VM-352; https://truncated/finding/52934;Active, Verified;None;None;None;None;2025-12-02 09:36:27.801304+00:00;2025-12-02 01:58:22.108000-08:00;2025-12-02 08:47:01.971408+00:00;2025-12-02 01:58:22.108000-08:00;2025-12-02 09:36:21.578092+00:00;2025-12-02 01:58:22.108000-08:00;no action both sides are active/open;equal
[05/Jan/2026 13:08:34] INFO [dojo.management.commands.jira_status_reconciliation:186] VM-355; https://truncated/finding/82509;Active, Verified;None;None;None;None;2025-12-02 09:52:06.282985+00:00;2025-12-02 01:59:27.414000-08:00;2025-12-02 08:38:57.216853+00:00;2025-12-02 01:59:27.414000-08:00;2025-12-02 09:52:03.816101+00:00;2025-12-02 01:59:27.414000-08:00;no action both sides are active/open;equal
[05/Jan/2026 13:08:34] INFO [dojo.management.commands.jira_status_reconciliation:186] VM-359; https://truncated/finding/114194;Active, Verified;None;None;None;None;2025-12-02 11:57:51.421605+00:00;2025-12-02 04:13:40.219000-08:00;2025-12-02 11:52:51.373949+00:00;2025-12-02 04:13:40.219000-08:00;2025-12-02 11:52:51.487668+00:00;2025-12-02 04:13:40.219000-08:00;no action both sides are active/open;equal
[05/Jan/2026 13:08:34] INFO [dojo.management.commands.jira_status_reconciliation:186] VM-360; https://truncated/finding/114196;Active, Verified;None;None;None;None;2025-12-02 11:57:15.437049+00:00;2025-12-02 04:13:40.031000-08:00;2025-12-02 11:56:38.684770+00:00;2025-12-02 04:13:40.031000-08:00;2025-12-02 11:57:12.767483+00:00;2025-12-02 04:13:40.031000-08:00;no action both sides are active/open;equal
defectdojo@defectdojo-django-7b88fdc76b-g2m5v:/app

It only contains the Jira tickets that are created for the single finding. While other findings(the findings that are grouped) are not proccesed:

Image

It's understandable that syncing status changes from Jira back to Defectdojo finding_groups is to say the least problematic and impractical to implement, however, achieving Defectdojo->Jira does seem to be beneficial to implement within jira_status_reconciliation command.

Bug description

  • manage.py jira_status_reconciliation doesn't perform at least defectdojo->Jira status synchronization for findings that are grouped.

Expected behavior

  • jira_status_reconciliation is capable of performing DefectDojo-Jira synchronization of a finding status in a Jira ticket, that is associated with finding_group.

Deployment method

  • Docker Compose
  • Kubernetes
  • GoDojo

Environment information

  • Operating System: [e.g. Ubuntu 24.04]
  • Helm version: 1.9.6
  • DefectDojo version: v. 2.54.0

Thanks, and appreciate your time and effort maintaining this project

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions