Trying to resolve a set of issues false positive with a custom tag. One issue looks like this (when the object returned by issues/search is viewed in powershell:
...
status : REOPENED
message : 'PASSWORD' detected in this expression, review this potentially hard-coded credential.
effort : 30min
debt : 30min
author :
tags : {cert, cwe, owasp-a2, sans-top25-porous}
...
So 4 tags. Then I call issues/bulk_change with the following parameters: ‘issues’ set to the comma-separated issue key list, ‘do_transition’ set to ‘falsepositive’, ‘add_tags’ set to ‘cstm.icc’, and -comment set to a string. On a new call to issues/search on the relevant rule, the same issue looks like this:
...
flows : {}
resolution : FALSE-POSITIVE
status : RESOLVED
message : 'PASSWORD' detected in this expression, review this potentially hard-coded
credential.
effort : 30min
debt : 30min
author :
tags : {cert, cwe, owasp-a2, sans-top25-porous}
...
So the resolution was applied, but not the tag (there are still 4, and my custom tag isn’t there).
I’m able to loop through the keys and call issues/set_tags one-by-one with a tag list consisting of the original 4 tags plus my new one, and now the tags are there:
UPDATE: I discovered the add_tags option works … sometimes.
In my original example I called bulk_change with the following parameters:
issues: a comma-separated list of 100 issue keys
comment: a comment string
do_transition: falsepositive
add_tags: cstm.icc
type: CODE_SMELL
severity: INFO
The bulk_change returns a success status, but when I check the issues, everything has beren changed EXCEPT the tags (severity, type, status, resolution, comments are all what is expected, but tags still has the original value).
Now if I do the exact same thing to a different set of issues (same rule), but do_transition is ‘reopen’ rather than ‘falsepositive’, THEN the tag is added – though of course the status is still open and resolution is null, as expected.
Thanks for detailed information - it helped a lot!
Indeed, I can confirm the issue. The problem is that on issues which has resolution - you cannot set tags. The same situation is for single issue, you cannot add a tag once it is resolved.
The problem lays in the way we apply order of actions to be done on batch of issues. It appears that status change is before tags are added - hence this problem you encountered. First we change status and then try to apply new tags, which basically won’t work in that case.
As a workaround I would suggest to run bulk change twice, first add tags, then apply new status.