Jira Data Center

Prerequisites

RegScale CLI installed and configured (regscale init completed)
Jira Data Center (on-premises) instance accessible from the machine running the CLI
A Personal Access Token (PAT) or username/password credentials for Jira DC
A Security Plan or other parent record already created in RegScale

Configuration

Add the following keys to your init.yaml:

Key	Default	Required	Description
`jiraDcUrl`	`https://jira.example.com`	Yes	Base URL of your Jira DC instance
`jiraDcPat`	(empty)	Preferred	Personal Access Token (Bearer auth)
`jiraDcUsername`	(empty)	Fallback	Jira username (Basic auth — only when PAT is not available)
`jiraDcPassword`	(empty)	Fallback	Jira password (Basic auth — sensitive)
`jiraDcVerifySsl`	`true`	No	Set to `false` to skip TLS certificate verification
`jiraDcDefaultIssueType`	`Task`	No	Default Jira issue type used when creating tickets
`jiraDcDefaultPriority`	`Medium`	No	Default priority assigned to new Jira tickets
`jiraDcPageSize`	`50`	No	Number of issues fetched per API page
`jiraDcTimeoutSeconds`	`60`	No	HTTP request timeout in seconds
`jiraDcCustomFields`	`{}`	No	Map Jira custom field IDs to RegScale Issue attributes (see Custom Fields)
`jiraDcClosedTransitionName`	`Done`	No	Jira transition name applied when closing a ticket
`jiraDcClosedStatusCategory`	`done`	No	Fallback Jira status category used if the named transition is unavailable

Authentication priority: PAT (Bearer) is preferred. Only provide jiraDcUsername and jiraDcPassword for Jira instances that do not support PAT issuance.

Commands

`test_connection`

Verify connectivity and credentials to Jira Data Center before running any sync.

regscale jira_dc test_connection

Returns a JSON summary including the server title, version, deployment type, and active auth mode. Use --no-verify_ssl for self-signed certificates.

`sync_issues`

Bidirectional sync of issues between Jira DC and a RegScale parent record. Existing issues are updated; new Jira issues are created in RegScale and vice versa.

regscale jira_dc sync_issues \
  --regscale_id 42 \
  --regscale_module securityplans \
  --jira_project OPS \
  --jira_issue_type Bug

Options

Option	Required	Default	Description
`--regscale_id`	Yes	—	Target RegScale record ID
`--regscale_module`	Yes	—	RegScale parent module (e.g. `securityplans`)
`--jira_project`	Yes	—	Jira project key (e.g. `OPS`)
`--jira_issue_type`	Yes	—	Jira issue type to sync (case-sensitive)
`--sync_attachments`	No	`true`	Also sync file attachments
`--jql`	No	—	Custom JQL query to override the default filter
`--poams`	No	`false`	Create/update incoming issues as POAMs instead of standard issues
`--dry_run`	No	`false`	Preview counts as JSON without writing anything to RegScale
`--offset`	No	—	Skip the first N results (client-side)
`--limit`	No	—	Cap total imported items (client-side)
`--verify_ssl / --no-verify_ssl`	No	`true`	Toggle TLS verification

`sync_tasks`

Sync Jira DC Task-type issues into RegScale Tasks (not Issues).

regscale jira_dc sync_tasks \
  --regscale_id 42 \
  --regscale_module securityplans \
  --jira_project OPS

Options — same as sync_issues except --jira_issue_type and --poams are not applicable.

`sync_attachments`

Reconcile file attachments between Jira DC and RegScale independently of issue content. Useful for a targeted attachment-only refresh.

regscale jira_dc sync_attachments \
  --regscale_id 42 \
  --regscale_module securityplans \
  --jira_project OPS \
  --direction both

Options

Option	Required	Default	Description
`--regscale_id`	Yes	—	Target RegScale record ID
`--regscale_module`	Yes	—	RegScale parent module
`--jira_project`	Yes	—	Jira project key
`--direction`	No	`both`	`both`, `to_regscale`, or `to_jira`
`--verify_ssl / --no-verify_ssl`	No	`true`	Toggle TLS verification

`sync_comments`

Sync comments and worklogs between Jira DC and RegScale Issues.

regscale jira_dc sync_comments \
  --regscale_id 42 \
  --regscale_module securityplans \
  --jira_project OPS \
  --direction both

Options

Option	Required	Default	Description
`--regscale_id`	Yes	—	Target RegScale record ID
`--regscale_module`	Yes	—	RegScale parent module
`--jira_project`	Yes	—	Jira project key
`--direction`	No	`both`	`both`, `to_regscale`, or `to_jira`
`--since`	No	—	ISO-8601 watermark; only sync RegScale→Jira comments created after this date
`--verify_ssl / --no-verify_ssl`	No	`true`	Toggle TLS verification

`sync_closures`

Close Jira DC tickets whose linked RegScale Issue has reached a terminal status (Closed, Remediated, Resolved, or Cancelled). Applies the configured transition (jiraDcClosedTransitionName) to the Jira ticket.

regscale jira_dc sync_closures \
  --regscale_id 42 \
  --regscale_module securityplans \
  --jira_project OPS

`push_issues`

Push RegScale Issues that have no linked Jira ticket into Jira DC. Optionally update already-linked tickets. Supports filtering by label, status, severity, specific IDs, or scanner source.

regscale jira_dc push_issues \
  --regscale_id 42 \
  --regscale_module securityplans \
  --jira_project OPS \
  --jira_issue_type Bug

Options

Option	Required	Default	Description
`--regscale_id`	Yes	—	Target RegScale record ID
`--regscale_module`	Yes	—	RegScale parent module
`--jira_project`	Yes	—	Jira project key
`--jira_issue_type`	Yes	—	Issue type to create in Jira
`--update_existing`	No	`false`	Also update Jira tickets already linked to RegScale issues
`--dry_run`	No	`false`	Preview without writing
`--push_filter_label`	No	—	Only push issues whose label contains this text
`--push_filter_status`	No	—	Comma-separated RegScale statuses to include (default: `Open`)
`--push_filter_severity`	No	—	Comma-separated severities (e.g. `Critical,High`)
`--push_filter_ids`	No	—	Comma-separated RegScale Issue IDs to push
`--push_filter_source`	No	—	Comma-separated scanner/source tokens to match
`--verify_ssl / --no-verify_ssl`	No	`true`	Toggle TLS verification

`create_tickets_from_findings`

Create Jira tickets directly from open scanner findings in RegScale. Useful for routing vulnerability findings to the appropriate Jira project for remediation tracking.

regscale jira_dc create_tickets_from_findings \
  --regscale_id 42 \
  --regscale_module securityplans \
  --jira_project SEC \
  --source "AWS,Tenable" \
  --severity_gte High

Options

Option	Required	Default	Description
`--regscale_id`	Yes	—	Target RegScale record ID
`--regscale_module`	Yes	—	RegScale parent module
`--jira_project`	Yes	—	Jira project key
`--jira_issue_type`	No	`Task`	Jira issue type to create
`--source`	No	—	Comma-separated scanner/source tokens (e.g. `AWS,Qualys,Tenable,Wiz`)
`--severity_gte`	No	—	Minimum severity: `Low`, `Medium`, `High`, or `Critical`
`--verify_ssl / --no-verify_ssl`	No	`true`	Toggle TLS verification

`create_recurring_task`

Mirror recurring RegScale Tasks into Jira DC with idempotency labels so that duplicate tickets are not created on subsequent runs.

regscale jira_dc create_recurring_task \
  --regscale_id 42 \
  --regscale_module securityplans \
  --jira_project OPS \
  --cadence weekly

Options

Option	Required	Default	Description
`--regscale_id`	Yes	—	Target RegScale record ID
`--regscale_module`	Yes	—	RegScale parent module
`--jira_project`	Yes	—	Jira project key
`--jira_issue_type`	No	`Task`	Jira issue type
`--task_template`	No	—	Title substring used to match specific recurring tasks
`--cadence`	No	`weekly`	`daily`, `weekly`, or `monthly`
`--dry_run`	No	`false`	Preview without writing
`--verify_ssl / --no-verify_ssl`	No	`true`	Toggle TLS verification

`import_xml`

Import a Jira DC XML export file directly into RegScale. Useful for one-time migrations of historical Jira data.

regscale jira_dc import_xml \
  --file_path /path/to/jira-export.xml \
  --regscale_id 42 \
  --regscale_module securityplans

Options

Option	Required	Default	Description
`--file_path`	Yes	—	Path to the Jira DC XML export file
`--regscale_id`	Yes	—	Target RegScale record ID
`--regscale_module`	Yes	—	RegScale parent module
`--poams`	No	`false`	Import issues as POAMs
`--chunk_size`	No	`100`	Number of issues written per batch

`import_csv`

Import one or more Jira DC CSV export files from a folder into RegScale. Supports custom column mapping via an external mappings file.

regscale jira_dc import_csv \
  --folder_path /path/to/csv-exports/ \
  --regscale_id 42 \
  --regscale_module securityplans

Options

Option	Required	Default	Description
`--folder_path`	Yes	—	Directory containing Jira CSV export files
`--regscale_id`	Yes	—	Target RegScale record ID
`--regscale_module`	Yes	—	RegScale parent module
`--mappings_path`	No	—	Path to a custom column-mapping file
`--disable_mapping`	No	`false`	Skip column mapping and import raw column values
`--chunk_size`	No	`100`	Number of issues written per batch

Custom Fields

To map Jira custom fields to RegScale Issue attributes, add a jiraDcCustomFields dictionary to init.yaml:

jiraDcCustomFields:
  customfield_10500: source
  customfield_10800: identifiedRiskStatement

Keys are Jira custom field IDs (visible in Jira's field configuration); values are the corresponding RegScale Issue attribute names.

SSL / TLS Verification

All commands support --verify_ssl / --no-verify_ssl. For environments with self-signed or internal CA certificates, use --no-verify_ssl or set jiraDcVerifySsl: false in init.yaml.

Typical Workflows

Initial setup and connectivity check:

regscale jira_dc test_connection

Daily bidirectional issue sync:

regscale jira_dc sync_issues \
  --regscale_id <ssp_id> \
  --regscale_module securityplans \
  --jira_project SEC \
  --jira_issue_type Bug

Push all Critical/High open RegScale findings to Jira:

regscale jira_dc push_issues \
  --regscale_id <ssp_id> \
  --regscale_module securityplans \
  --jira_project SEC \
  --jira_issue_type Bug \
  --push_filter_severity Critical,High

Close resolved Jira tickets:

regscale jira_dc sync_closures \
  --regscale_id <ssp_id> \
  --regscale_module securityplans \
  --jira_project SEC

One-time migration from a Jira XML export:

regscale jira_dc import_xml \
  --file_path ./jira-backup.xml \
  --regscale_id <ssp_id> \
  --regscale_module securityplans