[Buganizer ID: 475592230] Feature: Implement PagerDuty bidirectional status synchronization job#684
Open
Arabindaksha-Mishra wants to merge 9 commits intomainfrom
Open
[Buganizer ID: 475592230] Feature: Implement PagerDuty bidirectional status synchronization job#684Arabindaksha-Mishra wants to merge 9 commits intomainfrom
Arabindaksha-Mishra wants to merge 9 commits intomainfrom
Conversation
Contributor
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request introduces a significant feature to automate the synchronization of incident statuses between Google SecOps and PagerDuty. By establishing a bidirectional flow, it ensures that incident resolution, classification, and closure actions are consistently reflected across both systems, thereby streamlining incident response workflows and reducing manual intervention for security operations teams. Highlights
🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console. Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Code Review
This pull request introduces a new SyncIncidents job for the PagerDuty integration and updates the PagerDutyConnector to support proxy settings and filtered incident fetching. It also includes a bug fix in the incident acknowledgment logic, updates to the SOAR platform client, and version bumps for several packages. Feedback identifies style guide violations regarding the verify_ssl default value, redundant types in docstrings, and the absence of unit tests for the new job. Additionally, suggestions were provided to replace magic numbers with constants, initialize the manager with proxy settings in the sync job, and use timezone-aware UTC timestamps instead of the deprecated utcnow() method.
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 4 potential issues.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 3aae5d2. Configure here.
| timeout=10, | ||
| ) | ||
| response.raise_for_status() | ||
| return response.json() |
There was a problem hiding this comment.
New write methods missing required PagerDuty From header
High Severity
resolve_incident and add_incident_note are missing the From header, which PagerDuty API v2 requires for write operations (PUT/POST) when using account-level API keys. Every other write method in PagerDutyManager (create_incident, snooze_incident, run_response_play) includes a From header with a valid user email. These new methods don't accept an email parameter and don't set the header, so the SyncIncidents job will fail when trying to resolve incidents or add notes in PagerDuty.
Additional Locations (2)
Reviewed by Cursor Bugbot for commit 3aae5d2. Configure here.
| self.verify_ssl: bool = verify_ssl | ||
|
|
||
| self.requests_session: requests.Session = requests.Session() | ||
| self.requests_session.verify: bool = self.verify_ssl |
There was a problem hiding this comment.
Proxy parameters accepted but never applied to session
High Severity
PagerDutyManager.__init__ accepts proxy_address, proxy_username, and proxy_password parameters but never configures self.requests_session.proxies with them. The connector extracts these values from user configuration and passes them in, but they are silently discarded. Users behind a proxy will be unable to connect to PagerDuty despite configuring proxy settings.
Reviewed by Cursor Bugbot for commit 3aae5d2. Configure here.
| param_name="max_hours_backwards", | ||
| input_type=int, default_value=24, | ||
| ) | ||
| services = siemplify.extract_connector_param(param_name="Services") |
There was a problem hiding this comment.
Connector Services parameter missing from YAML configuration
Medium Severity
The connector extracts a Services parameter via extract_connector_param(param_name="Services") but this parameter is not defined in the connector's YAML configuration file. Users have no way to configure service-based filtering through the UI since the parameter won't appear in the connector settings.
Reviewed by Cursor Bugbot for commit 3aae5d2. Configure here.
| except Exception as e: | ||
| self.logger.error( | ||
| f"Failed to close alert {alert.identifier} or case in SecOps: {e}" | ||
| ) |
There was a problem hiding this comment.
Stale local state prevents case closure with multiple alerts
Medium Severity
The open_alerts list is recomputed from job_case.case_detail.alerts on each loop iteration, but sync_product_status_to_case only closes alerts on the server — it doesn't update the local case_detail.alerts status. When multiple alerts are in alerts_to_close_in_soar, every iteration sees the same stale open_alerts count, so the "last open alert → close case" branch never triggers. On the next job run, all alerts are already closed, so _should_close_alert_in_secops returns False for all of them, and the case remains open permanently.
Reviewed by Cursor Bugbot for commit 3aae5d2. Configure here.
Arabindaksha-Mishra
force-pushed
the
PagerDutyJob
branch
from
3aae5d2 to
eee9def
Compare
|
You have used all of your free Bugbot PR reviews. To receive reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial. |
|
❌ Marketplace Validation Failed Click to view the full reportValidation Report🧩 IntegrationsPre-Build Stagepager_duty
|
|
❌ Marketplace Validation Failed Click to view the full reportValidation Report🧩 IntegrationsPre-Build Stagepager_duty
|
|
You have used all of your free Bugbot PR reviews. To receive reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial. |
|
❌ Marketplace Validation Failed Click to view the full reportValidation Report🧩 IntegrationsPre-Build Stagepager_duty
|
1 similar comment
|
❌ Marketplace Validation Failed Click to view the full reportValidation Report🧩 IntegrationsPre-Build Stagepager_duty
|
Arabindaksha-Mishra
force-pushed
the
PagerDutyJob
branch
from
28daaff to
a41ae2b
Compare
|
You have used all of your free Bugbot PR reviews. To receive reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial. |
|
❌ Marketplace Validation Failed Click to view the full reportValidation Report🧩 IntegrationsPre-Build Stagepager_duty
|
1 similar comment
|
❌ Marketplace Validation Failed Click to view the full reportValidation Report🧩 IntegrationsPre-Build Stagepager_duty
|
|
You have used all of your free Bugbot PR reviews. To receive reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial. |
|
❌ Marketplace Validation Failed Click to view the full reportValidation Report🧩 IntegrationsPre-Build Stagepager_duty
|
1 similar comment
|
❌ Marketplace Validation Failed Click to view the full reportValidation Report🧩 IntegrationsPre-Build Stagepager_duty
|
|
You have used all of your free Bugbot PR reviews. To receive reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial. |
|
❌ Marketplace Validation Failed Click to view the full reportValidation Report🧩 IntegrationsPre-Build Stagepager_duty
|
1 similar comment
|
❌ Marketplace Validation Failed Click to view the full reportValidation Report🧩 IntegrationsPre-Build Stagepager_duty
|
|
You have used all of your free Bugbot PR reviews. To receive reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial. |
|
You have used all of your free Bugbot PR reviews. To receive reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial. |
|
❌ Marketplace Validation Failed Click to view the full reportValidation Report🧩 IntegrationsPre-Build Stagepager_duty
|
1 similar comment
|
❌ Marketplace Validation Failed Click to view the full reportValidation Report🧩 IntegrationsPre-Build Stagepager_duty
|
|
You have used all of your free Bugbot PR reviews. To receive reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial. |
|
❌ Marketplace Validation Failed Click to view the full reportValidation Report🧩 IntegrationsPre-Build Stagepager_duty
|
1 similar comment
|
❌ Marketplace Validation Failed Click to view the full reportValidation Report🧩 IntegrationsPre-Build Stagepager_duty
|
Arabindaksha-Mishra
force-pushed
the
PagerDutyJob
branch
from
43ea1a9 to
35c0822
Compare
|
You have used all of your free Bugbot PR reviews. To receive reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial. |
Arabindaksha-Mishra
force-pushed
the
PagerDutyJob
branch
from
35c0822 to
7910b29
Compare
|
You have used all of your free Bugbot PR reviews. To receive reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial. |
Arabindaksha-Mishra
force-pushed
the
PagerDutyJob
branch
from
7910b29 to
f28ae39
Compare
|
You have used all of your free Bugbot PR reviews. To receive reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial. |
Arabindaksha-Mishra
force-pushed
the
PagerDutyJob
branch
from
f28ae39 to
937e0d1
Compare
|
You have used all of your free Bugbot PR reviews. To receive reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial. |
|
❌ Marketplace Validation Failed Click to view the full reportValidation Report🧩 IntegrationsPre-Build Stagepager_duty
|
1 similar comment
|
❌ Marketplace Validation Failed Click to view the full reportValidation Report🧩 IntegrationsPre-Build Stagepager_duty
|
|
❌ Integration Tests Failed Click to view the full report🧩 pager_duty
❌ Failed Teststests/test_jobs/test_sync_incidents.py::test_sync_status_soar_to_pagerduty_successtests/test_jobs/test_sync_incidents.py::test_sync_status_pagerduty_to_soar_close_alert_successtests/test_jobs/test_sync_incidents.py::test_sync_status_soar_to_pagerduty_failure |
Arabindaksha-Mishra
force-pushed
the
PagerDutyJob
branch
3 times, most recently
from
6943b82 to
17adf0d
Compare
Arabindaksha-Mishra
force-pushed
the
PagerDutyJob
branch
from
17adf0d to
345736b
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
[Buganizer ID: 475592230] Feature: Implement PagerDuty bidirectional status synchronization job
Description
What problem does this PR solve?
This PR adds a new SyncIncidents job to bidirectionally synchronize PagerDuty incident resolution with Google SecOps alert/case status.
How does this PR solve the problem?
SyncIncidentsjob to handle the status synchronization, including adding classification notes to PagerDuty before resolving incidents and optionally closing the whole case when the last open alert is resolved.PagerDutyManagerwith incident get, resolve, and add_note APIs, and includes typed refactors.Any other relevant information (e.g., design choices, tradeoffs, known issues):
Checklist:
Please ensure you have completed the following items before submitting your PR.
This helps us review your contribution faster and more efficiently.
General Checks:
Open-Source Specific Checks:
For Google Team Members and Reviewers Only:
Note
Medium Risk
Introduces new bidirectional status-sync automation that can resolve PagerDuty incidents and close SecOps alerts/cases, so mis-mapping IDs/statuses could cause unintended closures. Also updates connector query behavior and bumps shared dependency wheels, which may affect integration runtime behavior.
Overview
Adds a new
SyncIncidentsjob to bidirectionally synchronize PagerDuty incident resolution with Google SecOps alert/case status, including adding a classification note to PagerDuty before resolving incidents and optionally closing the whole case when the last open alert is resolved.Updates the PagerDuty connector to fetch incidents using a configurable lookback window and optional service filtering, adds proxy parameters, and adjusts acknowledgement to use the PagerDuty incident
id.Extends
PagerDutyManagerwith incidentget,resolve, andadd_noteAPIs (plus typed refactors), and bumps integration/package versions and dependency wheel pins (tipcommon,integration-testing,requests) with corresponding release note entries.Reviewed by Cursor Bugbot for commit 3aae5d2. Bugbot is set up for automated code reviews on this repo. Configure here.