Creating and Updating Code Issues

Use OpsLevel's API to create Code Issues for any code quality or code scanning tool.

OpsLevel automatically creates Code Issues and Code Issue Projects through our native integrations with the most common code quality and scanning tools, including Snyk, GitHub Advanced Security , and SonarQube . If you want to send Code Issues from other sources, you can do so with the Code Issues API.

Each Code Issue represents one specific instance of an identified issue in a certain location. The same issue may be identified in multiple locations (for instance, if a library containing a CVE is detected in several places) or multiple times in the same location (for instance, if there are several times that plaintext passwords are detected in a repository). All Code Issues are linked to Code Issue Projects, which can then be attached to either a repository or a component. If a Code Issue Project is attached to a repository, the issues it contains will be inherited by all components that are linked to that repository.

Creating a Code Issue Project

You'll need to attach your Code Issue Projects to an integration - see instructions for how to create a Custom Integration.

Now let's create your first code issue project. We will use Code issue project name to try to map it to existing Component in OpsLevel. If there is an exact match, it will be linked automatically. If not, we will create a Component Recommendation.

mutation createCodeIssuProject($identifier: CodeIssueProjectIdentifierInput!, $name: String!, $url: String) {
  codeIssueProjectUpsert(input: {identifier: $identifier, name: $name, url: $url}) {
    codeIssueProject {
      id
      name
      externalUrl
      integration {
        id
        name
      }
    }
    errors {
      message
      path
    }
  }
}

# Variables
{
  "identifier": {
    "integration": {
      "id": "Z2lkOi8vb3BzbGV2ZWwvSW50ZWdyYXRpb25zOjpDdXN0b21JbnRlZ3JhdGlvbi84OTU0" # Custom Integration GID
    },
    "externalId": "code-issue-project-id-in-your-system"
  },
  "url": "https://google.com", #url to code issue project
  "name": "Blockchain" # Name of Code issue Project in your system
}

Connecting a Code Issue Project to a Component or Repository

mutation($code_issue_project_ids: [ID!]!, $resource_id: ID!) {
  codeIssueProjectResourceConnect(input: {
                                  codeIssueProjectIds: $code_issue_project_ids,
                                  resourceId: $resource_id
                                  }) {
    resource {
      ... on Service {
        id
        name
      }
      ... on Repository {
        id
        name
      }
    }
    errors {
      message
      path
    }
  }
}

# Variables 
{
  resourceId: "service-or-repository-gid"
  codeIssueProjectIds: [ "code-issue-project-gid-1", ...]
}

Disconnecting a Code IssueProject from a Component or Repository

mutation($code_issue_project_id: ID!, $resource_id: ID!) {
  codeIssueProjectResourceDisconnect(input: {
                                     codeIssueProjectId: $code_issue_project_id,
                                     resourceId: $resource_id
                                     }) {
    disconnectedCodeIssueProjectResourceId
    codeIssueProject {
      id
      name
    }
    errors {
      message
      path
    }
  }
}
# Variables 
{
  resourceId: "service-or-repository-gid"
  codeIssueProjectId: "code-issue-project-gid"
}

Updating a Code Issue

To create or update Code Issues in OpsLevel, you need to and provide the externalId of the Code Issue. You can provide custom issue type and severity as well.

mutation($input: CodeIssueInput!) {
    codeIssueUpsert(input: $input) {
      codeIssue {
        id
        name
        externalUrl
        issueType
        severity
        cves {
          identifier
          url
        }
      }
      errors {
        message
        path
      }
    }
  }
  
# Variables 
{
  "input":{
  "identifier": {
    "codeIssueProject": {
      "integration": {
        "id": "abcdef"
      },
      "externalId": "custom-id"
    },
    "externalId": "abc-2"
  },
  "name": "something is off #3",
  "issueCategory": "error",
  "severity":"unreal"
  }
}

Deleting a Code Issue

mutation($input: CodeIssueIdentifierInput!) {
  codeIssueDelete(input: $input) {
    deletedId
    deletedAlias
    errors {
      message
      path
    }
  }
}
# Variables
{
  input: {
    codeIssueProject: {
      externalId: "code-issue-project-external-id"
      integration: {
        id: "integration-gid"
      },
    },
    externalId: "code-issue-gid"
  }
}