diff --git a/.idea/.gitignore b/.idea/.gitignore new file mode 100644 index 0000000000000000000000000000000000000000..359bb5307e8535ab7d59faf27a7377033291821e --- /dev/null +++ b/.idea/.gitignore @@ -0,0 +1,3 @@ +# 默认忽略的文件 +/shelf/ +/workspace.xml diff --git a/.idea/anolis-docs.iml b/.idea/anolis-docs.iml new file mode 100644 index 0000000000000000000000000000000000000000..d0876a78d06ac03b5d78c8dcdb95570281c6f1d6 --- /dev/null +++ b/.idea/anolis-docs.iml @@ -0,0 +1,8 @@ + + + + + + + + \ No newline at end of file diff --git a/.idea/inspectionProfiles/profiles_settings.xml b/.idea/inspectionProfiles/profiles_settings.xml new file mode 100644 index 0000000000000000000000000000000000000000..105ce2da2d6447d11dfe32bfb846c3d5b199fc99 --- /dev/null +++ b/.idea/inspectionProfiles/profiles_settings.xml @@ -0,0 +1,6 @@ + + + + \ No newline at end of file diff --git a/.idea/misc.xml b/.idea/misc.xml new file mode 100644 index 0000000000000000000000000000000000000000..65531ca992813bbfedbe43dfae5a5f4337168ed8 --- /dev/null +++ b/.idea/misc.xml @@ -0,0 +1,4 @@ + + + + \ No newline at end of file diff --git a/.idea/modules.xml b/.idea/modules.xml new file mode 100644 index 0000000000000000000000000000000000000000..7707d85c567706ef33afaf5bdf6b1ca9a8a0af58 --- /dev/null +++ b/.idea/modules.xml @@ -0,0 +1,8 @@ + + + + + + + + \ No newline at end of file diff --git a/.idea/vcs.xml b/.idea/vcs.xml new file mode 100644 index 0000000000000000000000000000000000000000..94a25f7f4cb416c083d265558da75d457237d671 --- /dev/null +++ b/.idea/vcs.xml @@ -0,0 +1,6 @@ + + + + + + \ No newline at end of file diff --git "a/INFRA_DOCS/Bugzilla\347\263\273\347\273\237/Bugzilla\347\224\250\346\210\267\346\226\207\346\241\243.md" "b/INFRA_DOCS/Bugzilla\347\263\273\347\273\237/Bugzilla\347\224\250\346\210\267\346\226\207\346\241\243.md" new file mode 100644 index 0000000000000000000000000000000000000000..6076d9eb8468e7775018769f6bd3bad92d5ca670 --- /dev/null +++ "b/INFRA_DOCS/Bugzilla\347\263\273\347\273\237/Bugzilla\347\224\250\346\210\267\346\226\207\346\241\243.md" @@ -0,0 +1,242 @@ +## 一. Bugzilla初识 +Bugzilla是一个缺陷管理系统,可以用来管理Bug,也可以用来管理需求。Bugzilla可以通过浏览器页面创建Bug,也可以通过api接口创建Bug。 + +- **1.1 首页** + +![image.png](https://oss.openanolis.cn/blog/vnyrodeytjdirmwvclsl) +## 二. Bug生命周期 + +- **2.1 新建Bug** + - **2.1.1 路径** + + 首页->New/File a Bug->Select a classification->Select a product->Bug创建页面。具体如下:首先,在首页点击New或File a Bug按钮,进行创建Bug。 + ![image.png](https://oss.openanolis.cn/blog/wzzgfkzzdtcjdszhtitj) + 然后会提示让选择一个classification, classification是Bug的一级分类。 + ![image.png](https://oss.openanolis.cn/blog/jhezhtkdurrdfdemionv) + 选择完classification分类后会提示选择一个product,product是Bug的二级分类。 + ![image.png](https://oss.openanolis.cn/blog/jgnutqwmfwiamimclhvv) + + - **2.1.2 创建页面** + + 选择完product产品后会进入Bug创建页面,创建页面有一些参数需要填充,具体参数含义如下图所示: + ![image.png](https://oss.openanolis.cn/blog/qhsbjoqiqjqyjzjsvwpc) + +- **2.2 编辑Bug** + - **2.2.1 路径** + - 首页->Search Bug/My Bugs->Bugs List->Click the Bug->Bug编辑页面。具体如下: + + 首先在首页点击My Bugs或Open Bugs assign to me or reported by me 进入Bug List 列表页。 + ![image.png](https://oss.openanolis.cn/blog/lbgdrwslbapzgoanzmez) + 然后在Bug List列表页点击Bug ID或Summary进入Bug编辑页面。 + ![image.png](https://oss.openanolis.cn/blog/jjcaxwoopxfdqkupkvqm) + + - **2.2.2 编辑页面** + + Bug编辑页面也进行Bug一些字段的修改,编辑页面的字段同Bug创建。 + ![image.png](https://oss.openanolis.cn/blog/oekldlyxclvagcqlejru) + +- **2.3 关闭Bug** + - **2.3.1 路径** + - Bug编辑页面->Status->Resolved、Fixed->Save Changes + + 在Bug页面编辑Status状态,当状态被修改为[RESOLVED,FIXED]时表示Bug关闭,至此Bug的生命周期结束。 + ![image.png](https://oss.openanolis.cn/blog/fghfimqbzadgazdcnspj) + +## 三. Bugzilla Restful Api + +Bugzilla 提供了对外开放的restful api接口,通过接口可以方便的对Bug进行一些操作。官方接口描述如下:[https://bugzilla.readthedocs.io/en/5.0/api/index.html#apis](https://bugzilla.readthedocs.io/en/5.0/api/index.html#apis)。 + +- **3.1 官方Api** + + 官方api包括对Bug、评论、组件、产品等的操作,具体如下: + ![image.png](https://oss.openanolis.cn/blog/hhlrvwjkwfhderonmtqa) + +- **3.2 额外的Api** + +除了官方Api之外,还单独定制了一部分Api,包括User、Bug、子组件等。 + + - **3.2.1 Sub Component Api** + + - **Get Sub Components** + + 查询现有的子组件详情 + + - **Request**: + ```json + https://bugzilla.openanolis.cn/rest/subcomponent?ids=(bug_id) + ``` + - **Params Description**: + + | **name** | **type** | **description** | + | --- | --- | --- | + | bug_id | int | Bug ID | + + - **Response**: + ```json + { + "subcomponents": [ + { + "default_cc": [ + "xxx@163.com" + ], + "is_active": true, + "default_docs_contact": "", + "id": 10, + "component_name": "user", + "level": 0, + "description": "rest api create subcomponent", + "default_qa_contact": "xxx@163.com", + "default_to_private": false, + "product_id": 2, + "sort_key": 0, + "parent_id": null, + "product_name": "testfarm", + "name_tree": [ + "sub_user3_9" + ], + "default_assignee": "xxx@163.com", + "name": "sub_user3_9", + "agile_team": "", + "component_id": 2 + } + ] + } + ``` + + - **Post Sub Component** + + 添加子组件 + + - **Request**: + ```json + https://bugzilla.openanolis.cn/rest/subcomponent + ``` + + - **Body Description**: + + | **name** | **type** | **description** | + | --- | --- | --- | + | api_key | string | api auth key | + | product | string | 产品名 | + | component | string | 组件名 | + | subcomponent | string | 子组件名 | + | description | string | 描述 | + | default_assignee | string | 默认指派人邮箱 | + | default_docs_contact | string | 默认Docs邮箱 | + | default_qa_contact | string | 默认QA邮箱 | + | default_cc | list | 抄送邮箱列表 | + + - **Response**: + ```json + { + id: 23 + } + ``` + + - **Delete Sub Component** + + 删除子组件 + + - **Request**: + ```json + https://bugzilla.openanolis.cn/rest/subcomponent?api_key=(api_key)&ids=(sub_component_id)&component=(component)&product=(product) + ``` + + - **Params Description**: + + | **name** | **type** | **description** | + | --- | --- | --- | + | api_key | string | api auth key | + | product | string | 产品名 | + | component | string | 组件名 | + | sub_component_id | int | 子组件id | + + - **Response**: + ```json + { + Deleted: [23] + } + ``` + + - **3.2.2 Component Api** + - **Get Components** + + 查询现有的所有组件 + + - **Request**: + ```json + https://bugzilla.openanolis.cn/rest/component + ``` + + - **Params Description**: + + | **name** | **type** | **description** | + | --- | --- | --- | + | | | | + + - **Response**: + + ```json + { + "components" : [ + { + "id" : 3, // component id + "name" : "com_123" // component name + }, + { + "id" : 4, + "name" : "product-length" + }, + { + "id" : 1, + "name" : "TestComponent" + }, + { + "id" : 2, + "name" : "user" + }, + { + "id" : 5, + "name" : "user2" + } + ] + } + ``` + +## 三. Bugzilla python 命令行插件 + +python-bugzilla-cli 命令行插件支持通过python命令行去操作Bugzilla,比如创建、编辑Bug, 子组件等。 + +- 3.1 插件安装: + - 在命令行执行命令:pip install python-bugzilla-anolis 安装命令行插件,插件地址:[https://pypi.org/project/python-bugzilla-anolis/](https://pypi.org/project/python-bugzilla-anolis/) + + ![image.png](https://oss.openanolis.cn/blog/havgigzzthanbpnspetz) + +- 3.2 插件配置: + - 生成api_key: [https://bugzilla.openanolis.cn/userprefs.cgi?tab=apikey](https://bugzilla.openanolis.cn/userprefs.cgi?tab=apikey),生成的api_key需要有bug edit权限,api_key权限 和当前帐号权限一致。 + + ![image.png](https://oss.openanolis.cn/blog/qzupjlpwybxcfynwaryo) + + - 配置bugzillarc文件,配置url和api_key,python-bugzilla-cli插件可自动读取配置的参数,在使用命令时无需额外携带参数,bugzillarc文件内容如下: + + ![image.png](https://oss.openanolis.cn/blog/qlvjgwoqhaxvzolnyuzw) + +- 3.3 插件使用: + - 配置好bugzillarc文件之后,就可以使用bugzilla-anolis命令操作Bugzilla了,使用bugzilla-anolis命令查看当前支持的所有参数: + + ![image.png](https://oss.openanolis.cn/blog/bujocdnxusyfpvgslvxz) + + - 执行sub component相关命令: + - 查询: + ```json + bugzilla-anolis getsubcomponent --ids=10 --ids=11 + ``` + ![image.png](https://oss.openanolis.cn/blog/rdzzgstvtvxddhixabgx) + + - 添加:bugzilla-anolis addsubcomponent --product=testfarm --component=user --subcomponent=sub_user77_5 --description="rest api create subcomponent" --default_assignee=shankailun@163.com --default_docs_contact=shankailun@163.com --default_qa_contact=shankailun@163.com --default_cc="shankailun@163.com,1174224378@qq.com" + + ![image.png](https://oss.openanolis.cn/blog/jdhfqzdhqnxvcizrrrsn) + + - 删除:bugzilla-anolis deletesubcomponent --ids=39 --product=testfarm --component=user + + ![image.png](https://oss.openanolis.cn/blog/jwdznaajpwrcmxhmhicw) diff --git "a/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/CI-META\344\273\223\345\272\223\351\205\215\347\275\256\350\247\204\350\214\203.md" "b/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/CI-META\344\273\223\345\272\223\351\205\215\347\275\256\350\247\204\350\214\203.md" index aa0163a4b9aed7d034e6939c8620cadb354c29ac..4d18257de463b8b45c98327e77c4be04429f00ed 100644 --- "a/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/CI-META\344\273\223\345\272\223\351\205\215\347\275\256\350\247\204\350\214\203.md" +++ "b/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/CI-META\344\273\223\345\272\223\351\205\215\347\275\256\350\247\204\350\214\203.md" @@ -1,6 +1,5 @@ # 简介 - [CI-META仓库](https://gitee.com/anolis/ci-meta)做为OpenAnolis社区PackageCI测试流程的配置中心,提供了全局配置和自定义配置,全局配置默认对Gitee上的OpenAnolis企业账户下的所有仓库生效,自定义配置允许开发者通过自定义形式接入社区测试流程,本文主要介绍CI-META仓库配置规范。 # 目录结构 diff --git "a/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/\345\206\205\346\240\270\344\273\243\347\240\201\351\227\250\347\246\201\347\263\273\347\273\237\344\275\277\347\224\250\346\214\207\345\215\227.md" "b/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/\345\206\205\346\240\270\344\273\243\347\240\201\351\227\250\347\246\201\347\263\273\347\273\237\344\275\277\347\224\250\346\214\207\345\215\227.md" index 5b395da0fe47866e7dcc1b5ea67c4d3cdd55bd74..bd9377d571c3f2d2af9b1795fe602c68fa6acbef 100644 --- "a/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/\345\206\205\346\240\270\344\273\243\347\240\201\351\227\250\347\246\201\347\263\273\347\273\237\344\275\277\347\224\250\346\214\207\345\215\227.md" +++ "b/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/\345\206\205\346\240\270\344\273\243\347\240\201\351\227\250\347\246\201\347\263\273\347\273\237\344\275\277\347\224\250\346\214\207\345\215\227.md" @@ -63,3 +63,4 @@ | 否 | 是 | 否 | 否 | | 否 | 否 | 是 | 否 | | 否 | 否 | 否(error报错) | 否 | + diff --git "a/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/\351\276\231\350\234\245\345\206\205\346\240\270CI\346\234\215\345\212\241-KernelCI.md" "b/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/\351\276\231\350\234\245\345\206\205\346\240\270CI\346\234\215\345\212\241-KernelCI.md" new file mode 100644 index 0000000000000000000000000000000000000000..0608a99b2eecf674255be5ead9a2c1b84bf0ac9c --- /dev/null +++ "b/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/\351\276\231\350\234\245\345\206\205\346\240\270CI\346\234\215\345\212\241-KernelCI.md" @@ -0,0 +1,84 @@ + +# 服务介绍 +为保障龙蜥社区内核代码的质量,每当有新的内核代码仓库代码合入请求,即PR请求时,都会自动触发bot里的KernelCI流程(内核代码门禁系统),并由bot通过评论方式实时反馈流程进度,开发者可根据bot的回复,在PR中评论相应的命令,以推进流程继续,直至通过评审和测试,最终合入内核代码仓库。更多内核代码开发流程,请参考[Cloud Kernel开发流程](https://openanolis.cn/sig/Cloud-Kernel/doc/607596680293474815)。 + +# PR 规范 + +- 内核CI服务仅支持龙蜥社区官方[内核仓库](https://gitee.com/anolis/cloud-kernel),及其它已被管理员审批的内核仓库。 +- 向内核仓库提交PR,请遵守[社区规范](https://openanolis.cn/sig/Cloud-Kernel/doc/607605992881480196)。 +- 为保证PR review质量,每个PR的commit数量请不要超过25个。 + +# 操作流程 + +1. 每当内核仓库有新的PR提交时,bot首先会检查PR提交者的贡献者协议(CLA协议)签署情况,如果已签署,则会自动进入代码测试流程。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2022/png/28856758/1653584171830-16d6f12d-a4dc-426a-8ff5-e93bd91620c1.png#clientId=u69fad9a3-bda9-4&errorMessage=unknown%20error&from=paste&height=141&id=SmlPp&name=image.png&originHeight=282&originWidth=1746&originalType=binary&ratio=1&rotation=0&showTitle=false&size=143475&status=error&style=none&taskId=ucacd180f-47fe-4910-8a8e-b53987befd8&title=&width=873) + +2. 如果未签署,则会评论PR提示提交者未签署CLA协议。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2022/png/28856758/1653584416737-f1a82789-85d4-49d5-887e-8c1b949dca3f.png#clientId=u69fad9a3-bda9-4&errorMessage=unknown%20error&from=paste&height=160&id=wV9Sf&name=image.png&originHeight=320&originWidth=1740&originalType=binary&ratio=1&rotation=0&showTitle=false&size=195377&status=error&style=none&taskId=u7f8ed7c5-c23a-410e-abee-290983d196b&title=&width=870) + +3. 当开发者签署CLA协议之后,可以在PR中评论/check-cla重新检查协议签署情况,评论/check-cla不会触发测试流程,如需测试,评论/retest即可进入测试流程。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2022/png/28856758/1653584503259-d1fb4700-00ed-4852-9c68-c9baec30b35b.png#clientId=u69fad9a3-bda9-4&errorMessage=unknown%20error&from=paste&height=278&id=wFTwV&name=image.png&originHeight=556&originWidth=1766&originalType=binary&ratio=1&rotation=0&showTitle=false&size=196642&status=error&style=none&taskId=u134459b8-a67d-4c78-87c7-3171f2e4cbd&title=&width=883) + +4. 当测试完成之后,会把测试结果和详细结果链接一起评论到PR中。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2022/png/28856758/1653584761977-c682b4be-7d2d-473d-adcc-8109904ff2cd.png#clientId=u69fad9a3-bda9-4&errorMessage=unknown%20error&from=paste&height=276&id=yOgnc&name=image.png&originHeight=552&originWidth=1740&originalType=binary&ratio=1&rotation=0&showTitle=false&size=264370&status=error&style=none&taskId=u7c9b6e15-5a9d-4f8d-9a03-c31ca9a6345&title=&width=870) + +5. 如果测试失败,开发者可在修改代码之后,评论/retest重新进入代码测试流程。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2023/png/28856758/1677121622562-c0ffd198-a124-4456-bed3-9a81717b368a.png#clientId=ucd86df8e-644d-4&from=paste&height=600&id=R2nYg&name=image.png&originHeight=1200&originWidth=1650&originalType=binary&ratio=2&rotation=0&showTitle=false&size=542157&status=done&style=none&taskId=u44d508d9-ca90-4268-9055-2bb7297ccef&title=&width=825) + +6. maintainer可以评论/skip-test帮助开发者跳过某些可以忽略测试失败的场景。 +7. 当代码测试通过后,需由maintainer进行review,review不通过,则请开发者按照maintainer的意见和建议进行修改,如果有代码修改,则需要评论/retest重新进行测试。 +8. 当代码测试和review均通过时,可由maintainer评论/merge进行自动合入,合入后将会对本次PR的commit进行自动签名。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2023/png/28856758/1677122175219-2edb14fa-f5b4-4451-9590-bfd06e53179e.png#clientId=ucd86df8e-644d-4&from=paste&height=453&id=U5vnw&name=image.png&originHeight=906&originWidth=1532&originalType=binary&ratio=2&rotation=0&showTitle=false&size=359777&status=done&style=none&taskId=u998bc880-2735-4c36-b544-732464bbd06&title=&width=766) + +# 可用命令 +| 回复命令 | 功能 | 可使用人员 | +| --- | --- | --- | +| /check-cla | 检查PR提交者签署CLA协议情况 | PR提交者,openanolis企业成员 | +| /retest | 重新进入代码测试流程 | PR提交者,openanolis企业成员 | +| /skip-test | 跳过代码测试流程 | maintainer | +| /merge | 进行代码合入和自动签名 | maintainer | + + +# 标签说明 +每次bot操作均会在PR上打上状态标签,开发者可根据标签信息判断当前流程,并进行后续操作: + +| 标签 | 说明 | +| --- | --- | +| anolis_cla_pass | PR提交者已签署CLA协议 | +| anolis_cla_fail | PR提交者未签署CLA协议 | +| anolis_testing | 代码测试中 | +| code_update | 代码测试中发生了代码更新 | +| anolis_test_pass | 代码测试通过 | +| anolis_test_fail | 代码测试未通过 | +| anolis_merge_pass | 自动签名成功 | +| anolis_merge_fail | 自动签名失败 | + + +# 检测项 +| 检测项 | 检测目标 | 检测范围 | +| --- | --- | --- | +| review检测 | 检查每个commit log是否包含规范字段,例如#ANBZ等 | 每一个commit | +| checkpatch检测 | 与上游社区的checkpatch检测保持一致,范围根据情况有一定适配 | 每一个龙蜥自研的commit | +| build检测 | anolis_defconfig | 每一个commit,区分aarch64与x86_64 | +| kconfig检测 | 检测所有的config文件是否有新的config选项未设置,防止编译出错 | 只检测所有提交中的最后一个commit,区分aarch64与x86_64 | +| 全量build检测 | allnoconfig,allyesconfig,defconfig,anolis_defconfig,anolis-debug_defconfig | 只检测所有提交中的最后一个commit,区分aarch64与x86_64 | +| 启动检测 | 检测PR代码所构建出的内核rpm安装之后能否正常启动 | 只检测所有提交中的最后一个commit,区分aarch64与x86_64 | + + +# 接入方式 +KernelCI测试服务不但为龙蜥内核提供服务,还可以开放给合作企业,为合作企业的内核仓库提供测试服务。目前主要由SIG组形式进行合作,有需要的企业可以向内核SIG组提出申请,通过后由管理员进行配置,配置好后即可生效。具体接入流程如下: + +1. 合作企业内核SIG组向龙蜥内核SIG组提出接入申请 +2. 需要准备的材料有: + - 接入门禁的仓库分支和检测版本 + - maintainer邮箱列表 + - 在T-One上创建本SIG组的WorkSpace +3. 等待审批 +4. 通过后由管理员进行配置 +5. 配置完成,立即生效 diff --git "a/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/\351\276\231\350\234\245\345\256\271\345\231\250CI\346\234\215\345\212\241-DockerCI.md" "b/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/\351\276\231\350\234\245\345\256\271\345\231\250CI\346\234\215\345\212\241-DockerCI.md" new file mode 100644 index 0000000000000000000000000000000000000000..4dec56506e500a35b5a652f2047d3400bcd791e4 --- /dev/null +++ "b/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/\351\276\231\350\234\245\345\256\271\345\231\250CI\346\234\215\345\212\241-DockerCI.md" @@ -0,0 +1,133 @@ + +# 服务介绍 +为了支持龙蜥社区容器镜像的构建发布流程,bot为社区容器镜像仓库提供了基于龙蜥系统的DockerCI测试服务,每当有新的PR提交时,bot会自动检测PR中的Dockerfile文件修改,并触发ABS容器镜像构建任务,当测试镜像构建成功时,会触发T-One容器镜像测试任务,测试项包含基础镜像测试和应用镜像测试,同时还允许开发着在仓库中引入自定义测试用例,当测试和review均通过,PR将被maintainer合入,同时系统会自动将测试镜像推送至官方正式仓库。 + +# PR 规范 + +- 容器CI服务仅支持龙蜥社区官方[容器仓库](https://gitee.com/anolis/docker-images),和github上的容器仓库。 +- 为保证容器发布质量,向容器仓库提交PR时,每个PR中限制最多包含一个Dockerfile文件。 +- 应用镜像Dockerfile存储目录限制为:应用名/应用版本/操作系统版本/Dockerfile,例如:nginx/1.14.1/8.6/Dockerfile。 +- 当PR中不包含Dockerfile时,不触发构建和发布流程,由maintainer自行考虑合入。 + +# 操作流程 + +1. 每当容器仓库有新的PR提交时,bot首先会检查PR提交者的贡献者协议(CLA协议)签署情况,如果已签署,则会自动进入代码测试流程。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2022/png/28856758/1653584171830-16d6f12d-a4dc-426a-8ff5-e93bd91620c1.png#clientId=u69fad9a3-bda9-4&errorMessage=unknown%20error&from=paste&height=141&id=u0a9e8f87&name=image.png&originHeight=282&originWidth=1746&originalType=binary&ratio=1&rotation=0&showTitle=false&size=143475&status=error&style=none&taskId=ucacd180f-47fe-4910-8a8e-b53987befd8&title=&width=873) + +2. 如果未签署,则会评论PR提示提交者未签署CLA协议。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2022/png/28856758/1653584416737-f1a82789-85d4-49d5-887e-8c1b949dca3f.png#clientId=u69fad9a3-bda9-4&errorMessage=unknown%20error&from=paste&height=160&id=u7365980b&name=image.png&originHeight=320&originWidth=1740&originalType=binary&ratio=1&rotation=0&showTitle=false&size=195377&status=error&style=none&taskId=u7f8ed7c5-c23a-410e-abee-290983d196b&title=&width=870) + +3. 当开发者签署CLA协议之后,可以在PR中评论/check-cla重新检查协议签署情况,评论/check-cla不会触发测试流程,如需测试,评论/retest即可进入测试流程。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2022/png/28856758/1653584503259-d1fb4700-00ed-4852-9c68-c9baec30b35b.png#clientId=u69fad9a3-bda9-4&errorMessage=unknown%20error&from=paste&height=278&id=u48661e02&name=image.png&originHeight=556&originWidth=1766&originalType=binary&ratio=1&rotation=0&showTitle=false&size=196642&status=error&style=none&taskId=u134459b8-a67d-4c78-87c7-3171f2e4cbd&title=&width=883) + +4. 当测试完成之后,会把测试结果和详细结果链接一起评论到PR中。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2023/png/28856758/1677123711013-3ce7aba0-9467-4d11-ae9c-054494f6232a.png#clientId=uc5190962-43ed-4&from=paste&height=545&id=uceeb48aa&name=image.png&originHeight=1090&originWidth=1446&originalType=binary&ratio=2&rotation=0&showTitle=false&size=522042&status=done&style=none&taskId=u2fe84899-483d-4aa0-931f-dfed904610a&title=&width=723) + +5. 如果测试失败,开发者可在修改代码之后,评论/retest重新进入代码测试流程,或者当有新的代码提交时,也会自动触发重新测试。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2023/png/28856758/1677123859843-7ed789bf-12bc-4950-960b-908188e7e486.png#clientId=uc5190962-43ed-4&from=paste&height=838&id=u7de105f3&name=image.png&originHeight=1676&originWidth=1522&originalType=binary&ratio=2&rotation=0&showTitle=false&size=783240&status=done&style=none&taskId=u652976ef-01a9-48c1-be0b-86ac9d5586c&title=&width=761) + +6. maintainer可以评论/skip-test帮助开发者跳过某些可以忽略测试失败的场景。 +7. 当代码测试通过后,需由maintainer进行review,通过之后,可由maintainer评论/merge进行自动合入,并将测试镜像推送到正式仓库中。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2023/png/28856758/1677123913431-70594fdb-96c2-4824-9f40-6e9034b40fec.png#clientId=uc5190962-43ed-4&from=paste&height=593&id=ue5da9dd0&name=image.png&originHeight=1186&originWidth=1454&originalType=binary&ratio=2&rotation=0&showTitle=false&size=427587&status=done&style=none&taskId=u27bf5e52-80a3-429a-bc59-1f71e26dc50&title=&width=727) + +# 可用命令 +| 回复命令 | 功能 | 可使用人员 | +| --- | --- | --- | +| /check-cla | 检查PR提交者签署CLA协议情况 | PR提交者,openanolis企业成员 | +| /retest | 重新进入代码测试流程 | PR提交者,openanolis企业成员 | +| /skip-test | 跳过代码测试流程 | maintainer | +| /merge | 进行代码合入 | maintainer | + + +# 标签说明 +每次bot操作均会在PR上打上状态标签,开发者可根据标签信息判断当前流程,并进行后续操作: + +| 标签 | 说明 | +| --- | --- | +| anolis_cla_pass | PR提交者已签署CLA协议 | +| anolis_cla_fail | PR提交者未签署CLA协议 | +| anolis_testing | 代码测试中 | +| code_update | 代码测试中发生了代码更新 | +| anolis_test_pass | 代码测试通过 | +| anolis_test_fail | 代码测试未通过 | + + +# 检测项 +| 测试类型 | 测试项 | 描述 | +| --- | --- | --- | +| 启动测试 | test_container_startup | 使用被测容器镜像启动容器,检查内核、编程语言等是否符合预期 | +| 应用容器状态检查 | test_container_basic | 启动应用容器后,检查容器的启动状态是否符合预期 | +| 应用容器网络端口检查 | test_container_network | 启动应用容器后,检查容器的网络端口是否能正常访问 | +| 应用容器服务检查 | test_container_service | 启动应用容器后,检查容器内的应用服务是否开启且状态正常 | +| 应用容器进程检查 | test_container_process | 启动应用容器后,检查容器的应用进程存在且处于运行状态 | + + +# 接入方式 +目前暂不支持其它类型的容器仓库接入,但是支持每个应用自定义测试用例,方便开发者进行测试使用。 + +- 自定义测试功能接入 + +需要在应用的Dockerfile文件的同级目录创建配置文件ci.yaml,生效优先级为:源仓库中Dockerfile同级的ci.yaml > 合入仓库中Dockerfile同级的ci.yaml > CI-META仓库中的[全局容器测试配置](https://gitee.com/anolis/ci-meta/blob/master/packages/d/docker-images/ci.yaml),详细参数配置含义请参考CI-META仓库配置规范,以下是默认ci.yaml配置: +```yaml +repo: + git_url: https://gitee.com/anolis/docker-images + trigger_mode: pr +test: + docker_build: + test_type: docker #1-6行为配置容器构建,无需修改 + docker_base_test: #指定测试case,可按需修改 + tone_test: base_test #测试case名称 + base_test: #测试case详细配置 + tone_workspace: container_ci_test #测试case工作空间 + tone_project: default_container_ci_test #测试case项目 + tone_test_suite: image-ci-test #测试case suite + tone_test_conf: group=container_startup_test #测试case conf + server_config: #测试case机器配置,可按需修改 + x86_64: anolis-container-func-test-x86 + aarch64: anolis-container-func-test-arm64 + docker_app_test: + tone_test: app_test + app_test: + tone_workspace: container_ci_test + tone_project: default_container_ci_test + tone_test_suite: image-ci-test + tone_test_conf: group=application_container_func_test + server_config: + x86_64: anolis-container-test-x86 + aarch64: anolis-container-test-arm64 + parallel: #任务调度逻辑,上下串行,左右并行 + - docker_build + - docker_base_test, docker_app_test +``` + +- 自定义测试脚本接入 + +ci.yaml中支持接入自定义测试脚本,详细参数配置含义请参考CI-META仓库配置规范,以下是自定义测试脚本接入例子: +```yaml +test: #ci.yaml中的test + test_task: #自定义测试任务名称 + tone_test: script #自定义测试任务类型,固定为script + entry: test.sh #测试脚本需要放到ci.yaml同级目录中 + server_config: {product}-anck-x86_64 #自定义测试脚本使用机器配置 +``` + +- 开源测试case接入 + +如果用户将自己的测试用例贡献到开源T-One的测试用例库中,则可以在ci.yaml中直接配置测试case,具体贡献方式请参考T-One测试用例集成文档,以下是开源测试case接入例子: +```yaml +test: #ci.yaml中的test + test_task: #测试任务名称 + tone_test: self_test #开源测试case名称 + self_test: #开源测试case配置 + tone_workspace: self_test #开源测试case工作空间 + tone_project: self_test #开源测试case项目 + tone_test_suite: self_test #开源测试case suite + tone_test_conf: self_test #开源测试case conf + server_config: {product}-anck-x86_64 #开源测试case机器配置 +``` diff --git "a/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/\351\276\231\350\234\245\350\275\257\344\273\266\345\214\205CI\346\234\215\345\212\241-PackageCI.md" "b/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/\351\276\231\350\234\245\350\275\257\344\273\266\345\214\205CI\346\234\215\345\212\241-PackageCI.md" new file mode 100644 index 0000000000000000000000000000000000000000..3584b0a1afbc7d93a5a37312736ec50ed923cd9d --- /dev/null +++ "b/INFRA_DOCS/CI\345\217\212\344\273\243\347\240\201\351\227\250\347\246\201/\351\276\231\350\234\245\350\275\257\344\273\266\345\214\205CI\346\234\215\345\212\241-PackageCI.md" @@ -0,0 +1,80 @@ + +# 服务介绍 +为了扩展龙蜥操作系统的能力,增强龙蜥系统软件包的兼容度,bot为社区OS软件包和其他主流平台的软件包提供了基于龙蜥系统的PackageCI测试服务,测试项不但包含官方统一的测试用例,还允许开发者自定义测试用例,并且同时支持PR级和Nightly级的CI流程,其中PR测试默认对Gitee上的OpenAnolis企业账户下的所有仓库生效,Nightly测试或者其他主流平台则需要通过注册进行服务接入。 + +# PR 规范 + +- 软件包CI服务支持龙蜥社区[官方仓库](https://gitee.com/openanolis)下所有仓库接入,及其它在CI-META[配置仓库](https://gitee.com/anolis/ci-meta)中注册的软件包仓库。 +- 暂未对软件包PR做规范检查,请自觉遵守社区规范。 + +# 操作流程 + +## PR流程 + +1. 每当软件包仓库有新的PR提交时,bot首先会检查PR提交者的贡献者协议(CLA协议)签署情况,如果已签署,则会自动进入CI测试流程。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2022/png/28856758/1653589644396-f695b137-38af-4dcc-8996-8068f450b5d8.png#clientId=u69fad9a3-bda9-4&errorMessage=unknown%20error&from=paste&height=127&id=W7axP&name=image.png&originHeight=254&originWidth=1716&originalType=binary&ratio=1&rotation=0&showTitle=false&size=109875&status=error&style=none&taskId=u0be67b93-214d-4049-af53-c44e532a864&title=&width=858) + +2. 如果未签署,则会评论PR提示提交者未签署CLA协议。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2022/png/28856758/1653589592953-2a9a003f-32e3-41f1-9878-2f0bbe64b11e.png#clientId=u69fad9a3-bda9-4&errorMessage=unknown%20error&from=paste&height=153&id=y7QgR&name=image.png&originHeight=306&originWidth=1730&originalType=binary&ratio=1&rotation=0&showTitle=false&size=162925&status=error&style=none&taskId=u67455779-cf28-4029-9691-01bfd91516a&title=&width=865) + +3. 当开发者签署CLA协议之后,可以在PR中评论/check-cla重新检查协议签署情况,评论/check-cla不会触发测试流程,如需测试,评论/retest即可进入测试流程。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2022/png/28856758/1653584503259-d1fb4700-00ed-4852-9c68-c9baec30b35b.png#clientId=u69fad9a3-bda9-4&errorMessage=unknown%20error&from=paste&height=278&id=sQ2lx&name=image.png&originHeight=556&originWidth=1766&originalType=binary&ratio=1&rotation=0&showTitle=false&size=196642&status=error&style=none&taskId=u134459b8-a67d-4c78-87c7-3171f2e4cbd&title=&width=883) + +4. 当测试完成之后,会把测试结果和详细结果链接一起评论到PR中。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2023/png/28856758/1677122840696-10f795d4-ef41-487b-b9e8-7e15ebc4efa1.png#clientId=uc86325b6-3082-4&from=paste&height=513&id=Agv7g&name=image.png&originHeight=1026&originWidth=1066&originalType=binary&ratio=2&rotation=0&showTitle=false&size=350252&status=done&style=none&taskId=u88b136b4-0369-4334-8e9c-ad3847fcbfc&title=&width=533) + +5. 如果测试失败,开发者可在修改代码之后,评论/retest重新进入代码测试流程,或者当有新的代码提交时,也会自动触发重新测试。 + +![image.png](https://intranetproxy.alipay.com/skylark/lark/0/2023/png/28856758/1677123092022-c6892bca-5aa3-497b-99f0-4b9294e49273.png#clientId=uc86325b6-3082-4&from=paste&height=837&id=Rz4QM&name=image.png&originHeight=1674&originWidth=1466&originalType=binary&ratio=2&rotation=0&showTitle=false&size=704176&status=done&style=none&taskId=u937ed7e6-2a33-44ac-a619-cebb610dbff&title=&width=733) + +6. maintainer可以评论/skip-test帮助开发者跳过某些可以忽略测试失败的场景。 +7. 当CI测试通过之后,由maintainer进行评审,评审通过后将进行PR合入。 + +## Nightly流程 +(待后续实现) + +# 可用命令 +| 回复命令 | 功能 | 可使用人员 | +| --- | --- | --- | +| /check-cla | 检查PR提交者签署CLA协议情况 | PR提交者,openanolis企业成员 | +| /retest | 重新进入代码测试流程 | PR提交者,openanolis企业成员 | +| /skip-test | 跳过代码测试流程 | maintainer | + + +# 标签说明 +每次bot操作均会在PR上打上状态标签,开发者可根据标签信息判断当前流程,并进行后续操作: + +| 标签 | 说明 | +| --- | --- | +| anolis_cla_pass | PR提交者已签署CLA协议 | +| anolis_cla_fail | PR提交者未签署CLA协议 | +| anolis_testing | 代码测试中 | +| code_update | 代码测试中发生了代码更新 | +| anolis_test_pass | 代码测试通过 | +| anolis_test_fail | 代码测试未通过 | + + +# 检测项 +| 测试类型 | 测试项 | 描述 | +| --- | --- | --- | +| 合规检查 | check_license
许可证检查 | 对spec文件和源码中的许可证进行检查 | +| 代码检查 | check_spec_file
Spec检查 | 对spec文件进行格式检查 | +| 代码检查 | check_code_style
编码规范 | 对源文件做检查,目前支持c/c++,python,shell | +| 构建测试 | abs_build
ABS构建 | 调用ABS构建服务进行软件包构建,回传rpm包链接 | +| 冒烟测试 | pkg_smoke_test
RPM Smoke | 下载rpm软件包,安装测试,命令行测试,LDD检查等,依赖构建测试结果 | +| 兼容性测试 | check_abi_diff
ABI兼容性测试 | 对rpm包的前后版本进行abidiff检查,依赖构建测试结果 | +| 依赖测试 | check_pkg_dependency
软件包依赖测试 | 对rpm包的前后版本进行依赖包检查,依赖构建测试结果 | + +# 接入方式 +在OpenAnolis企业账户下的所有仓库默认接入PackageCI流程,对每个PR进行测试。
同时,如果您有以下需求: + +1. OpenAnolis企业里的仓库想在PR中运行其他的CI测试 +2. 其他平台的软件包仓库也想进行PackageCI测试 +3. 想针对某个仓库进行Nightly级别的CI测试 +4. 等等 + +通过在anolis/ci-meta仓库中提交PR进行注册,即可接入PackageCI流程,满足您的个性化测试需求,详细接入规范请参考《CI-META仓库配置规范》。 diff --git a/INFRA_DOCS/assets/anolis_pypi/pypi-1.png b/INFRA_DOCS/assets/anolis_pypi/pypi-1.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/anolis_pypi/pypi-10.png b/INFRA_DOCS/assets/anolis_pypi/pypi-10.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/anolis_pypi/pypi-11.png b/INFRA_DOCS/assets/anolis_pypi/pypi-11.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/anolis_pypi/pypi-2.png b/INFRA_DOCS/assets/anolis_pypi/pypi-2.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/anolis_pypi/pypi-3.png b/INFRA_DOCS/assets/anolis_pypi/pypi-3.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/anolis_pypi/pypi-4.png b/INFRA_DOCS/assets/anolis_pypi/pypi-4.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/anolis_pypi/pypi-5.png b/INFRA_DOCS/assets/anolis_pypi/pypi-5.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/anolis_pypi/pypi-6.png b/INFRA_DOCS/assets/anolis_pypi/pypi-6.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/anolis_pypi/pypi-7.png b/INFRA_DOCS/assets/anolis_pypi/pypi-7.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/anolis_pypi/pypi-8.png b/INFRA_DOCS/assets/anolis_pypi/pypi-8.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/anolis_pypi/pypi-9.png b/INFRA_DOCS/assets/anolis_pypi/pypi-9.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/addsubcomponent.png b/INFRA_DOCS/assets/bugzilla/addsubcomponent.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/api-key.png b/INFRA_DOCS/assets/bugzilla/api-key.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/api.png b/INFRA_DOCS/assets/bugzilla/api.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/bug-list-2.png b/INFRA_DOCS/assets/bugzilla/bug-list-2.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/bug-list.png b/INFRA_DOCS/assets/bugzilla/bug-list.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/bugstatus.png b/INFRA_DOCS/assets/bugzilla/bugstatus.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/bugzilla-anolis.png b/INFRA_DOCS/assets/bugzilla/bugzilla-anolis.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/bugzillarc.png b/INFRA_DOCS/assets/bugzilla/bugzillarc.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/classification.png b/INFRA_DOCS/assets/bugzilla/classification.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/deletesubcomponent.png b/INFRA_DOCS/assets/bugzilla/deletesubcomponent.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/edit-param.png b/INFRA_DOCS/assets/bugzilla/edit-param.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/mainpage11.png b/INFRA_DOCS/assets/bugzilla/mainpage11.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/new.png b/INFRA_DOCS/assets/bugzilla/new.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/param-info.png b/INFRA_DOCS/assets/bugzilla/param-info.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/plugin.png b/INFRA_DOCS/assets/bugzilla/plugin.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/product.png b/INFRA_DOCS/assets/bugzilla/product.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/bugzilla/sub component.png b/INFRA_DOCS/assets/bugzilla/sub component.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/cr-images/big-file.png b/INFRA_DOCS/assets/cr-images/big-file.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/cr-images/build.png b/INFRA_DOCS/assets/cr-images/build.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/cr-images/check-cla-2.png b/INFRA_DOCS/assets/cr-images/check-cla-2.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/cr-images/check-cla.png b/INFRA_DOCS/assets/cr-images/check-cla.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/cr-images/pr_link.png b/INFRA_DOCS/assets/cr-images/pr_link.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/cr-images/repo_config.png b/INFRA_DOCS/assets/cr-images/repo_config.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/cr-images/start.png b/INFRA_DOCS/assets/cr-images/start.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/dingding_qrcode_20230220.png b/INFRA_DOCS/assets/dingding_qrcode_20230220.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/infra/2023-05/img-1.png b/INFRA_DOCS/assets/infra/2023-05/img-1.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/infra/2023-05/img-2.png b/INFRA_DOCS/assets/infra/2023-05/img-2.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/infra/2023-05/img-3.png b/INFRA_DOCS/assets/infra/2023-05/img-3.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/infra/2023-05/img-4.png b/INFRA_DOCS/assets/infra/2023-05/img-4.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/infra/2023-05/img-5.png b/INFRA_DOCS/assets/infra/2023-05/img-5.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/infra/2023-05/img-6.png b/INFRA_DOCS/assets/infra/2023-05/img-6.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/assets/infra/2023-05/img-7.png b/INFRA_DOCS/assets/infra/2023-05/img-7.png new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image1.jpg" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image1.jpg" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image10.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image10.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image11.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image11.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image12.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image12.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image13.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image13.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image14.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image14.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image15.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image15.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image16.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image16.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image17.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image17.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image18.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image18.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image19.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image19.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image2.jpg" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image2.jpg" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image20.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image20.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image21.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image21.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image22.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image22.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image23.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image23.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image3.jpg" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image3.jpg" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image4.jpg" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image4.jpg" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image5.jpg" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image5.jpg" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image6.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image6.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image8.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image8.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image9.png" "b/INFRA_DOCS/assets/\346\236\204\345\273\272\345\271\263\345\217\260ABS/image9.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image1.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image1.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image10png.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image10png.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image12.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image12.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image13.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image13.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image14.jpg" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image14.jpg" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image15.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image15.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image16.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image16.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image17.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image17.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image18.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image18.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image19.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image19.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image2.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image2.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image3.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image3.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image4.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image4.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image5.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image5.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image6.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image6.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image7.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image7.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image8.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image8.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image9.png" "b/INFRA_DOCS/assets/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/image9.png" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/INFRA_DOCS/maintainers.yaml b/INFRA_DOCS/maintainers.yaml index 666710f68b89921da1cd9684581c2583a4d4d78c..cf9a146c244aa0d5bb955e352aa0819ddd557864 100644 --- a/INFRA_DOCS/maintainers.yaml +++ b/INFRA_DOCS/maintainers.yaml @@ -3,6 +3,9 @@ maintainers: - default_group: &default_group - openanolis_id: shankailun10 gitee_id: shankailun09 + - TSE_group: &TSE_group + - openanolis_id: shankailun10 + gitee_id: shankailun09 # 指定文档目录对应的用户组 paths: diff --git a/INFRA_DOCS/menu.yaml b/INFRA_DOCS/menu.yaml index f9205f2f61b389e09ee542bc157624a6344468bd..f2e4c889c7c36d52486ba0e8d609352c4d1d65b8 100644 --- a/INFRA_DOCS/menu.yaml +++ b/INFRA_DOCS/menu.yaml @@ -1,6 +1,9 @@ INFRA_DOCS: - 社区管理流程: - CLA 签署操作手册: ./社区管理流程/CLA 签署操作手册.md + Bugzilla系统: + Bugzilla用户文档: ../Bugzilla系统/Bugzilla用户文档.md CI及代码门禁: CI-META仓库配置规范: ../CI及代码门禁/CI-META仓库配置规范.md - 内核代码门禁系统使用指南: /CI及代码门禁/内核代码门禁系统使用指南.md \ No newline at end of file + 内核代码门禁系统使用指南: ../CI及代码门禁/内核代码门禁系统使用指南.md + 龙蜥内核CI服务-KernelCI: ../CI及代码门禁/龙蜥内核CI服务-KernelCI.md + 龙蜥容器CI服务-DockerCI: ../CI及代码门禁/龙蜥容器CI服务-DockerCI.md + 龙蜥软件包CI服务-PackageCI: ../CI及代码门禁/龙蜥软件包CI服务-PackageCI.md \ No newline at end of file diff --git "a/INFRA_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/ANAS\347\224\250\346\210\267API\350\257\264\346\230\216\346\226\207\346\241\243.md" "b/INFRA_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/ANAS\347\224\250\346\210\267API\350\257\264\346\230\216\346\226\207\346\241\243.md" new file mode 100644 index 0000000000000000000000000000000000000000..82ab50e9abdaf484b9ed04ec490dde1bc0cb4de9 --- /dev/null +++ "b/INFRA_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/ANAS\347\224\250\346\210\267API\350\257\264\346\230\216\346\226\207\346\241\243.md" @@ -0,0 +1,2254 @@ +## 接口描述 +### 1). response结构 +**1. 成功** +```json +{ + "status": { + "code": 200, + "message": "" + }, + "data": null +} +``` + +**2. 失败** +```json +{ + "status": { + "code": 404, + "message": "未找到。", + "redirect_url": null + }, + "data": null +} +``` +### 2). 主要错误码 +> 目前系统已有的,会不断完善 + +**1). 2xx** +200 (成功) +201 (已创建) +204 (已删除) + +**2). 4xx** +400 (错误请求,针对validate error) +403 (没权限) +404 (未找到) +460 (普通错误,用于不做特殊展示的错误) + +**3). 5xx** +500(服务器发生未知错误) + +### 3). 签名算法 +**配置说明** +```python +# 服务器地址 +hostname = +# 服务器鉴权名称 +sys_name = +# 服务器鉴权token +token = +``` + +sys_name和token需要向@永超(sam.zyc) 申请 +```python +hostname = 'https://anas.openanolis.cn' +sys_name = '' +token = '' +``` +**使用HTTP调用** +1. 接口签名方式 +调用接口时,需要对请求进行签名,方可认证通过。接口请求需携带以下参数作为请求头: + * Timestamp:请求时间戳,单位毫秒,为发送请求时的时间(此参数会进行校验,请保证使用当前时间),300秒超时 + * Token:服务器鉴权token + * Signature:签名,请求签名 + +签名计算方法为: +`sha256(sys_name + ":" + token + ":" + timestamp)` + +2. python3 demo +```python +import base64 +import hashlib +import requests +import time + + +class ErrataApiDemo(object): + """portal api demo""" + def __init__(self, hostname, sys_name, token): + self.hostname = hostname + self.sys_name = sys_name + self.token = token + + def get_sign_headers(self): + timestamp = str(round(time.time() * 1000)) + sign_items = [self.sys_name, self.token, timestamp] + hash_obj = hashlib.sha256() + hash_obj.update(':'.join(sign_items).encode('utf-8')) + signature = hash_obj.digest() + signature = base64.b64encode(signature) + return {'Timestamp': timestamp, 'Token': self.token, 'Signature': signature} + + def get_errata_list(self): + headers = {} + headers.update(self.get_sign_headers()) + params = { + 'page_num': 1, + 'page_size': 20 + } + resp = requests.get('{}/api/v1/errata/'.format(self.hostname), params=params, headers=headers, verify=False) + if resp.ok: + return resp.json() + return None + + +if __name__ == '__main__': + protal_client = ErrataApiDemo('https://anas.openanolis.cn', 'test', 'xxxxxxxxxxxxx') + resp = protal_client.get_errata_list() + print(resp) + +``` +返回: +```json +{ + "total": 5, + "page_num": 1, + "total_page": 1, + "page_size": 20, + "previous": null, + "next": null, + "data": [ + { + "id": 7, + "gmt_created": "2022-01-04 12:20:19", + "gmt_modified": "2022-01-21 18:04:14", + "advisory_id": "ANBA-2022:0001", + "publish_date": "2022-01-04", + "product": [ + { + "product_id": 7, + "name_version": "Anolis 8.4", + "product_package_info": { + "arm": [ + "11" + ] + } + } + ], + "publisher": "hxk01075255", + "affected_packages": [ + "11" + ], + "advisory_type": "Bug Fix Advisory", + "severity": "Important", + "is_publish": true, + "synpopsis": "11", + "description": "11", + "solution": "11", + "issue": "11", + "source": "manual", + "cve": [] + }, + { + "id": 6, + "gmt_created": "2021-12-30 15:21:54", + "gmt_modified": "2021-12-30 15:52:40", + "advisory_id": "ANBA-2021:0006", + "publish_date": "2021-12-23", + "product": [ + { + "product_id": 7, + "name_version": "Anolis 8.4", + "product_package_info": { + "arm": [ + "rh-maven36-log4j12-1.2.17-23.3.el7.src.rpm\t" + ], + "x86": [ + "rh-maven36-log4j12-1.2.17-23.3.el7.src.rpm\t" + ] + } + }, + { + "product_id": 8, + "name_version": "anolis 10.3.5", + "product_package_info": { + "arm": [ + "rh-maven36-log4j12-javadoc-1.2.17-23.3.el7.noarch.rpm\t", + "rh-maven36-log4j12-javadoc-1.2.17-23.3.el7.noarch.rpm" + ], + "x86": [ + "rh-maven36-log4j12-1.2.17-23.3.el7.src.rpm\t", + "rh-maven36-log4j12-1.2.17-23.3.el7.src.rpm" + ] + } + }, + { + "product_id": 9, + "name_version": "Anolis 8.2", + "product_package_info": { + "arm": [ + "rh-maven36-log4j12-1.2.17-23.3.el7.src.rpm\t" + ], + "x86": [ + "rh-maven36-log4j12-1.2.17-23.3.el7.src.rpm\t" + ] + } + } + ], + "publisher": "wb-cy860729", + "affected_packages": [ + "rh-maven36-log4j12", + "rh-maven36-log4j12-javadoc" + ], + "advisory_type": "Bug Fix Advisory", + "severity": "Critical", + "is_publish": true, + "synpopsis": "An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", + "description": "Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.", + "solution": "An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", + "issue": "An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n\nhttps://access.redhat.com/articles/11258", + "source": "manual", + "cve": [] + }, + { + "id": 3, + "gmt_created": "2021-12-29 09:55:25", + "gmt_modified": "2021-12-29 09:55:25", + "advisory_id": "ANEA-2021:0003", + "publish_date": "2021-07-21", + "product": [ + { + "product_id": 6, + "name_version": "Anolis 8.2", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + }, + { + "product_id": 7, + "name_version": "Anolis 8.4", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ], + "x86": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + } + ], + "publisher": "wb-cy860729", + "affected_packages": [ + "nodejs" + ], + "advisory_type": "Enhancement Advisory", + "severity": "Critical", + "is_publish": true, + "synpopsis": "synpopsis", + "description": "description", + "solution": "solution", + "issue": "issue", + "source": "manual", + "cve": [] + }, + { + "id": 2, + "gmt_created": "2021-12-28 19:13:15", + "gmt_modified": "2021-12-28 19:13:15", + "advisory_id": "ANEA-2021:0002", + "publish_date": "2021-07-21", + "product": [ + { + "product_id": 6, + "name_version": "Anolis 8.2", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + }, + { + "product_id": 7, + "name_version": "Anolis 8.4", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ], + "x86": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + } + ], + "publisher": "wb-cy860729", + "affected_packages": [ + "nodejs" + ], + "advisory_type": "Enhancement Advisory", + "severity": "Critical", + "is_publish": true, + "synpopsis": "synpopsis", + "description": "description", + "solution": "solution", + "issue": "issue", + "source": "manual", + "cve": [] + }, + { + "id": 1, + "gmt_created": "2021-12-28 19:06:48", + "gmt_modified": "2021-12-29 18:34:22", + "advisory_id": "ANEA-2021:0001", + "publish_date": "2021-07-21", + "product": [ + { + "product_id": 7, + "name_version": "Anolis 8.4", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + }, + { + "product_id": 9, + "name_version": "Anolis 8.2", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ], + "x86": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + } + ], + "publisher": "wb-cy860729", + "affected_packages": [ + "nodejs" + ], + "advisory_type": "Enhancement Advisory", + "severity": "Critical", + "is_publish": true, + "synpopsis": "synpopsis", + "description": "description", + "solution": "solution", + "issue": "issue", + "source": "manual", + "cve": [] + } + ] +} +``` + +## Errata接口 +### 1) Errata列表 +> 获取Errata列表 +> url: /api/v1/errata/ +> 请求方式: GET +> 支持格式: application/json + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| :--- | :---- | :----- | -------------------- | +| page_num | 否 | int | 当前页 | +| page_size | 否 | int | 每页条数20-100 | + +**返回字段** + +| 返回字段 | 字段类型 | 说明 | +| :----------- | :------- | :--------- | +| total | int | 总条数 | +| page_num | int | 当前页 | +| total_page | int | 总页数 | +| page_size | int | 每页条数 | +| previous | string | 上一页 | +| next | string | 下一页 | +| data | list | 列表数据 | +| id | int | | +| gmt_created | date | 创建时间 | +| gmt_modified | date | 更新时间 | +| advisory_id | str | advisory ID | +| advisory_type | str | advisory类型 | +| severity | 否 | str | ANSA的严重等级, 只能是下面四种之一 Critical, Important, Moderate, Low,ANBA/ANEA下无严重等级 | +| is_publish | bool | 是否发布 | +| publisher | str | 发布人 | +| synpopsis | str | 简介 | +| solution | str | 描述 | +| description | str | 解决方案 | +| issue | str | Issue | +| source | str | 来源,值为manual(手动)或者添加者的(sys_name) | +| cve | list | 关联的cve | +| affected_packages | list | 受影响的包 | +| product | list | 关联的产品和package信息 | +| modules | list | errata修复的modules信息 | + + +**接口示例** +> 地址:/api/v1/errata/?page_num=1&page_size=20 +``` json +{ + "total": 4, // 总个数 + "page_num": 1, // 当前页 + "total_page": 1, // 总页数 + "page_size": 20, // 每页条数 + "previous": null, // 上一页url + "next": null, // 下一页url + "data": [ + { + "id": 6, + "gmt_created": "2021-12-30 15:21:54", // 创建时间 + "gmt_modified": "2021-12-30 15:52:40", // 更新时间 + "advisory_id": "ANBA-2021:0006", // advisory ID + "publish_date": "2021-12-23", // 发布时间 + "product": [ // 关联的产品和package信息 + { + "product_id": 7, // 产品id + "name_version": "Anolis 8.4", // 产品名称及版本 + "product_package_info": { // package信息 + "arm": [ // 架构 + "rh-maven36-log4j12-1.2.17-23.3.el7.src.rpm" // 包名 + ], + "x86": [ + "rh-maven36-log4j12-1.2.17-23.3.el7.src.rpm" + ] + } + } + ], + "publisher": "wb-cy860729", // 发布人 + "affected_packages": [ // 受影响的包 + "rh-maven36-log4j12", + "rh-maven36-log4j12-javadoc" + ], + "advisory_type": "Bug Fix Advisory", // advisory类型 + "severity": "Critical", // 严重级别 + "is_publish": true, // 是否发布 + "synpopsis": "An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", + // 简介 + "description": "Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.", + // 描述 + "solution": "An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", + // 解决方案 + "issue": "An update for rh-maven36-log4j12 is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n\nhttps://access.redhat.com/articles/11258", + // Issue + "source": "manual", // 来源 + "cve": [] // 关联的cve + }, + { + "id": 3, + "gmt_created": "2021-12-29 09:55:25", + "gmt_modified": "2021-12-29 09:55:25", + "advisory_id": "ANEA-2021:0003", + "publish_date": "2021-07-21", + "product": [ + { + "product_id": 6, + "name_version": "Anolis 8.2", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + }, + { + "product_id": 7, + "name_version": "Anolis 8.4", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ], + "x86": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + } + ], + "publisher": "wb-cy860729", + "affected_packages": [ + "nodejs" + ], + "advisory_type": "Enhancement Advisory", + "severity": "Critical", + "is_publish": true, + "synpopsis": "synpopsis", + "description": "description", + "solution": "solution", + "issue": "issue", + "source": "manual", + "cve": [] + }, + { + "id": 2, + "gmt_created": "2021-12-28 19:13:15", + "gmt_modified": "2021-12-28 19:13:15", + "advisory_id": "ANEA-2021:0002", + "publish_date": "2021-07-21", + "product": [ + { + "product_id": 6, + "name_version": "Anolis 8.2", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + }, + { + "product_id": 7, + "name_version": "Anolis 8.4", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ], + "x86": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + } + ], + "publisher": "wb-cy860729", + "affected_packages": [ + "nodejs" + ], + "advisory_type": "Enhancement Advisory", + "severity": "Critical", + "is_publish": true, + "synpopsis": "synpopsis", + "description": "description", + "solution": "solution", + "issue": "issue", + "source": "manual", + "cve": [] + }, + { + "id": 1, + "gmt_created": "2021-12-28 19:06:48", + "gmt_modified": "2021-12-29 18:34:22", + "advisory_id": "ANEA-2021:0001", + "publish_date": "2021-07-21", + "product": [ + { + "product_id": 7, + "name_version": "Anolis 8.4", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + }, + { + "product_id": 9, + "name_version": "Anolis 8.2", + "product_package_info": { + "arm": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ], + "x86": [ + "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "nodejs-14.17.1-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + ] + } + } + ], + "publisher": "wb-cy860729", + "affected_packages": [ + "nodejs" + ], + "advisory_type": "Enhancement Advisory", + "severity": "Critical", + "is_publish": true, + "synpopsis": "synpopsis", + "description": "description", + "solution": "solution", + "issue": "issue", + "source": "manual", + "cve": [], + "modules": ["container-tools:an8", "container-tools:an7"] + } + ] +} +``` + + +### 2). 添加 +> 功能描述: 添加 errata +> url: /api/v1/errata/ +> 请求方式: POST +> 支持格式: application/json + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| :--- | :---- | :----- | -------------------- | +| advisory_id | 否 | str | errata官方公告id, 唯一性,如:ANEA-2022:0027| +| advisory_type | 是 | str | advisory类型, 只能是下面三种之一 Enhancement Advisory, Bug Fix Advisory, Security Advisory | +| severity | 否 | str | ANSA的严重等级, 只能是下面四种之一 Critical, Important, Moderate, Low,ANBA/ANEA下无严重等级 | +| is_publish | 否 | bool | 是否发布,默认false | +| publish_date | 是 | str | 发布时间 格式"Y-m-d" 2021-07-21| +| synpopsis | 是 | str | 简介 | +| description | 是 | str | 描述 | +| solution | 是 | str | 解决方案 | +| issue | 否 | str | Issue | +| cve | 否 | list | 关联的cve, 如`["CVE-2021-45257", "CVE-2021-45258"]`,CVE id必须已存在 | +| product | 是| list | 关联的product,一个errata只能关联一个产品,没有给空列表[] | +| modules | 否| list | errata修复的modules信息,若是package,该字段无需填写;若是module,该字段填写module名及版本,如:ruby:2.5 | + +**接口示例** + +> 方式:POST +> 地址:/api/v1/errata/ +> 参数: +``` json +{ + "advisory_id": "ANEA-2022:0028", // 非必填, errata官方公告id,唯一 + "advisory_type": "Enhancement Advisory", // 必填, advisory类型, 只能是下面三种之一 Enhancement Advisory, Bug Fix Advisory, Security Advisory + "severity": "Critical", // 必填,严重等级, 只能是下面四种之一 Critical, Important, Medium, Low + "publish_date": "2021-07-21", // 必填,发布时间 格式"Y-m-d" 2021-07-21 + "synpopsis": "synpopsis", // 必填, + "description": "description", // 必填, + "solution": "solution", // 必填, + "issue": "issue", // 必填, + "is_publish": true, // 选填,不填默认不发布,如需添加即发布,请设为true + "cve": [ + "CVE-2020-12131", + "CVE-2020-12132" + ], // 关联的cve, CVE id必须已存在 + "modules": ["ruby:2.5", "ruby:2.6"], // errata修复的modules信息, 若是no-module,该字段无需填写 + "product": [ + { + "name_version": "Anolis8.2", // name_version必填,name_version必须存在 + "product_package_info": { // 必填 + "aarch64": [ // 架构必须在['aarch64', 'x86_64', 'src', 'noarch']之中 + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", // 文件名称 + "rpm_name": "nodejs", // 包名称 + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" // 软件包下载URL + } + ] // "aarch64"、"x86_64"、"src"、"noarch"至少有一个,并且包名不能为空,包名长度、文件名称长度不能超过128 + , + "x86_64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + }, + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ] + , + "loongarch64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + }, + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ] + } + }, + { + "name_version": "Anolis8.4", + "product_package_info": { + "aarch64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ], + "x86_64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + }, + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ] + } + } + ] +} + + ``` + +成功返回: + +``` json +{ + "status": { + "code": 201, + "message": "" + }, + "data": { + "id": 40, + "gmt_created": "2022-02-09 17:16:22", + "gmt_modified": "2022-02-09 17:16:22", + "advisory_id": "ANEA-2022:0028", + "publish_date": "2021-07-21", + "modules": ["ruby:2.5", "ruby:2.6"], + "product": [ + { + "product_id": 2, + "name_version": "Anolis8.2", + "product_package_info": { + "aarch64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ], + "x86_64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + }, + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ] + , + "loongarch64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + }, + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ] + } + }, + { + "product_id": 1, + "name_version": "Anolis8.4", + "product_package_info": { + "aarch64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ], + "x86_64": [ + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + }, + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_name": "nodejs", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ] + } + } + ], + "publisher": "test", + "affected_packages": [ + "nodejs" + ], + "advisory_type": "Enhancement Advisory", + "severity": "Critical", + "is_publish": true, + "synpopsis": "synpopsis", + "description": "description", + "solution": "solution", + "issue": "issue", + "source": "test", + "cve": [ + { + "id": 1, + "cve_id": "CVE-2020-12131" + }, + { + "id": 2, + "cve_id": "CVE-2020-12132" + } + ] + } +} +``` + +错误返回: +```json +{ + "status": { + "code": 400, + "message": { + "advisory_id": [ + "advisory_id不能重复" + ], + "product": { + "0": { + "product_package_info": { + "aarch64": { + "0": { + "non_field_errors": [ + "无效数据。期待为字典类型,得到的是 str 。" + ] + } + }, + "x86_64": { + "0": { + "non_field_errors": [ + "无效数据。期待为字典类型,得到的是 str 。" + ] + }, + "1": { + "non_field_errors": [ + "无效数据。期待为字典类型,得到的是 str 。" + ] + } + } + } + }, + "1": { + "product_package_info": { + "x86_64": { + "0": { + "rpm_filename": [ + "不能超过128个字符" + ], + "rpm_url": [ + "输入的URL不合法" + ] + } + } + } + } + }, + "cve": [ + "属性 cve_id 为 123test 的对象不存在。" + ], + "advisory_type": [ + "只能是((1, 'Bug Fix Advisory'), (2, 'Enhancement Advisory'), (3, 'Security Advisory')), 其中之一" + ], + "severity": [ + "“Critical-test” 不是合法选项。" + ] + }, + "redirect_url": null + }, + "data": null +} +``` + +### 3). 详情 +> 功能描述: 获取errata详情 +> URL: /api/v1/errata/{advisory_id}/ +> 请求方式: GET +> 支持格式: application/json + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| :--- | :---- | :----- | -------------------- | +| advisory_id | 是 | str | | + +**接口示例** +> 地址:/api/v1/errata/ANEA-2022:0013/ +返回 +``` json +{ + "status": { + "code": 204, + "message": "" + }, + "data": null +} +``` +### 4). 编辑 +> 功能描述: 编辑 errata +> url: /api/v1/errata/{advisory_id}/ +> 请求方式: PUT +> 支持格式: application/json + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| :--- | :---- | :----- | -------------------- | +| advisory_id | 否 | str | errata官方公告id, 唯一性,如:ANEA-2022:0027| +| advisory_type | 是 | str | advisory类型, 只能是下面三种之一 Enhancement Advisory, Bug Fix Advisory, Security Advisory | +| severity | 是 | str | 严重等级, 只能是下面四种之一 Critical, Important, Medium, Low | +| is_publish | 否 | bool | 是否发布,默认false | +| publish_date | 是 | str | 发布时间 格式"Y-m-d" 2021-07-21| +| synpopsis | 是 | str | 简介 | +| description | 是 | str | 描述 | +| solution | 是 | str | 解决方案 | +| issue | 是 | str | Issue | +| cve | 否 | list | 关联的cve, 如`["CVE-2021-45257", "CVE-2021-45258"]`,CVE id必须已存在 | +| product | 是 | list | 关联的product | +| modules | 否| list | errata修复的modules信息,若是package,该字段无需填写;若是module,该字段填写module名及版本,如:ruby:2.5 | + + +**接口示例** +> 方式:PUT +> 地址:/api/v1/errata/ANBA-2022:0026/ +> 参数: +``` json +{ + "advisory_id": "ANBA-2022:0026", + "publish_date": "2022-02-09", + "product": [ + { + "product_id": 2, + "name_version": "Anolis8.4", + "product_package_info": { + "aarch64": [ + { + "rpm_name": "curl", + "rpm_filename": "curl-7.61.1-.1.an8_internal.aarch64.rpm", + "rpm_url": "http://build.openanolis.cn/kojifiles/packages/curl/7.61.1/.1.an8_internal/aarch64/curl-7.61.1-.1.an8_internal.aarch64.rpm" + } + ], + "x86_64": [ + { + "rpm_name": "curl", + "rpm_filename": "curl-7.61.1-.1.an8_internal.x86_64.rpm", + "rpm_url": "http://build.openanolis.cn/kojifiles/packages/curl/7.61.1/.1.an8_internal/x86_64/curl-7.61.1-.1.an8_internal.x86_64.rpm" + } + ] + } + } + ], + "publisher": "hxk01075255", + "affected_packages": [ + "curl" + ], + "advisory_type": "Bug Fix Advisory", + "severity": "Critical", + "is_publish": false, + "synpopsis": "aaa", + "description": "bbb", + "solution": "ccc", + "issue": "ddd", + "source": "manual", + "cve": [], + "modules": ["container-tools:an8", "container-tools:an7"] +} + + ``` + +成功返回: + +``` json +{ + "status": { + "code": 200, + "message": "" + }, + "data": { + "id": 57, + "gmt_created": "2022-02-09 18:41:13", + "gmt_modified": "2022-02-09 18:43:42", + "advisory_id": "ANBA-2022:0026", + "publish_date": "2022-02-09", + "product": [ + { + "product_id": 2, + "name_version": "Anolis8.4", + "product_package_info": { + "aarch64": [ + { + "rpm_name": "curl", + "rpm_filename": "curl-7.61.1-.1.an8_internal.aarch64.rpm", + "rpm_url": "http://build.openanolis.cn/kojifiles/packages/curl/7.61.1/.1.an8_internal/aarch64/curl-7.61.1-.1.an8_internal.aarch64.rpm" + } + ], + "x86_64": [ + { + "rpm_name": "curl", + "rpm_filename": "curl-7.61.1-.1.an8_internal.x86_64.rpm", + "rpm_url": "http://build.openanolis.cn/kojifiles/packages/curl/7.61.1/.1.an8_internal/x86_64/curl-7.61.1-.1.an8_internal.x86_64.rpm" + } + ] + } + } + ], + "publisher": "hxk01075255", + "affected_packages": [ + "curl" + ], + "advisory_type": "Bug Fix Advisory", + "severity": "Critical", + "is_publish": false, + "synpopsis": "aaa", + "description": "bbb", + "solution": "ccc", + "issue": "ddd", + "source": "manual", + "cve": [], + "modules": ["container-tools:an8", "container-tools:an7"] + } +} +``` + +### 5). 删除 +> 功能描述: 删除errata详情 +> URL: /api/v1/errata/{advisory_id}/ +> 请求方式: DELETE +> 支持格式: application/json + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| :--- | :---- | :----- | -------------------- | +| advisory_id | 是 | str | | + +**接口示例** +> 地址:/api/v1/errata/ANBA-2022:0007/ + +返回: +``` json +{ + "status": { + "code": 204, + "message": "" + }, + "data": null +} +``` + +## CVE接口 +### 1) CVE列表 +> 获取Errata列表 +> url: /api/v1/cve/ +> 请求方式: GET +> 支持格式: application/json + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| :--- | :---- | :----- | -------------------- | +| page_num | 否 | int | 当前页 | +| page_size | 否 | int | 每页条数20-100 | + +**返回字段** + +| 返回字段 | 字段类型 | 说明 | +| :----------- | :------- | :--------- | +| total | int | 总条数 | +| page_num | int | 当前页 | +| total_page | int | 总页数 | +| page_size | int | 每页条数 | +| previous | string | 上一页 | +| next | string | 下一页 | +| data | list | 列表数据 | +| id | int | | +| gmt_created | date | 创建时间 | +| gmt_modified | date | 更新时间 | +| cve_id | str | CEV的标识ID | +| publisher | str | 发布人 | +| affected_errata | list | 受影响的errata | +| score | float | cvss评分 | +| severity | 是 | string | 漏洞等级,可选['Critical', 'Important', 'Low', 'None', 'Moderate',] | +| status | int | 是否发布 | +| source | str | cve来源 可选 ['Mitre', 'NVD'] | +| publish_date | date | 发布时间 | +| abstract | str | 概要 | +| description | str | 备注 | +| issue | 否 | string | issue | +| acknowledgements | 否 | string | 致谢 | +| acknowledgements_en | 否 | string | 英文致谢 | +| reference | 否 | string | 自定义参考链接 | +| diagnose | 否 | string | cve diagnose脚本 | +| statement | 否 | string | 龙蜥声明 | +| mitigation | 否 | string | CVE缓解方案 | +| creator | str | 系统创建人 | +| cve_source_link | 否 | string | cve源链接 | +| publish_third_party_token | str | 关联的第三方发布系统 | +|cvss | json | nvd/cnvd/openanolis 的cvss度量评分公式 | +| product | 是 | json | cve关联的产品、包、修复状态 | + + +**接口示例** +> 地址:/api/v1/cve/?page_num=1&page_size=20 +``` json +{ + "status": { + "code": 200, + "message": "" + }, + "data": { + "total": 3, + "page_num": 1, + "total_page": 1, + "page_size": 20, + "previous": null, + "next": null, + "data": [ + { + "id": 4, + "gmt_created": "2022-01-24 21:11:40", // 创建时间 + "gmt_modified": "2022-01-24 21:11:40", // 更新时间 + "cve_id": "CVE-2020-12134", // CEV的标识ID + "publisher": "test", // 发布人 + "affected_errata": [], // 受影响的errata + "score": 4.3, // cvss评分 + "severity": "Moderate", // 漏洞等级 + "status": 2, // 是否发布 + "source": "NVD", // cve来源 + "publish_date": "2021-12-21 15:48:22", // 发布时间 + "cvss": { + "nvd_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", + "cnvd_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", + "openanolis_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" + }, // nvd/cnvd/openanolis 的cvss度量评分公式 + // 概要 + "abstract": "A flaw was discovered in processing setsockopt IPT_SO_SET_REPLACE (or IP6T_SO_SET_REPLACE) for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled with CONFIG_USER_NS and CONFIG_NET_NS and the user is granted elevated privileges.", + // 说明 + "description": "A flaw was discovered in processing setsockopt IPT_SO_SET_REPLACE (or IP6T_SO_SET_REPLACE) for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space.", + "creator": null, // 系统创建人 + "publish_third_party_token": "test" // 关联的第三方发布系统 + }, + { + "id": 3, + "gmt_created": "2022-01-24 21:11:35", + "gmt_modified": "2022-01-24 21:11:35", + "cve_id": "CVE-2020-12133", + "publisher": "test", + "affected_errata": [], + "score": 4.3, + "severity": "Moderate", + "status": 2, + "source": "RHEL", + "publish_date": "2021-12-21 15:48:22", + "cvss": { + "nvd_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", + "cnvd_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", + "openanolis_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" + }, + "abstract": "A flaw was discovered in processing setsockopt IPT_SO_SET_REPLACE (or IP6T_SO_SET_REPLACE) for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled with CONFIG_USER_NS and CONFIG_NET_NS and the user is granted elevated privileges.", + "description": "A flaw was discovered in processing setsockopt IPT_SO_SET_REPLACE (or IP6T_SO_SET_REPLACE) for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space.", + "creator": null, + "publish_third_party_token": 1 + }, + { + "id": 2, + "gmt_created": "2022-01-24 21:05:10", + "gmt_modified": "2022-01-24 21:05:10", + "cve_id": "CVE-2020-12132", + "publisher": "test", + "affected_errata": [], + "score": 4.3, + "severity": "Moderate", + "status": 2, + "source": "NVD", + "publish_date": "2021-12-21 15:48:22", + "cvss": { + "nvd_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", + "cnvd_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", + "openanolis_cvss": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" + }, + "abstract": "A flaw was discovered in processing setsockopt IPT_SO_SET_REPLACE (or IP6T_SO_SET_REPLACE) for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled with CONFIG_USER_NS and CONFIG_NET_NS and the user is granted elevated privileges.", + "description": "A flaw was discovered in processing setsockopt IPT_SO_SET_REPLACE (or IP6T_SO_SET_REPLACE) for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space.", + "creator": null, + "publish_third_party_token": "test" + } + ] + } +} +``` + +### 2). 添加 +> 功能描述: 添加 cve +> url: /api/v1/cve/ +> 请求方式: POST +> 支持格式: application/json + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| :--- | :---- | :----- | -------------------- | +| cve_id | 是 | string | cve 编号 | +| score | 是 | float | cvss评分分值 | +| severity | 是 | string | 漏洞等级,可选['Critical', 'Important', 'Low', 'None', 'Moderate',] | +| source | str | cve来源 可选 ['Mitre', 'NVD'] | +| publish_date | 否 | string | 发布日期 格式"2021-12-21 15:48:22" | +| abstract | 否 | string | 概要 | +| description | 否 | string | 备注 | +| issue | 否 | string | issue | +| acknowledgements | 否 | string | 致谢 | +| acknowledgements_en | 否 | string | 英文致谢 | +| reference | 否 | string | 自定义参考链接 | +| diagnose | 否 | string | cve diagnose脚本 | +| statement | 否 | string | 龙蜥声明 | +| mitigation | 否 | string | CVE缓解方案 | +| status | 是 | int | 可选值1、2,status=1表示保存并发布,status=2表示仅保存 | +| cve_source_link | 否 | string | cve源链接 | +| cvss | 否 | json | nvd/openanolis 的cvss度量评分公式 | +| product | 是 | json | cve关联的产品、包、修复状态 ,没有给空列表[]| +| rpm_name | 是 | str | cve关联的软件包名 | +| rpm_status | 是 | str | cve关联包的修复状态,可选项为:fixed、investigation、unaffected、not_fix、out_scope、affected | +| advisory_id | 否 | str | cve下已修复的包/modules关联的errata(用advisory_id关联),只能在系统已有的errata中选择 | + + +**接口示例** +> 方式:POST +> 地址:/api/v1/cve/ +> 参数: +``` json +{ + "cve_id": "CVE-2022-25636", + "source": "Mitre", + "publish_date": "2022-04-29 11:14:32", + "abstract": "net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.", + "description": "URL=https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636 \ncvss3=7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "issue": "Fastento was created by content marketing experts and news engineers who believe in the future of media.", + "acknowledgements": "致谢:Fastento was created by content marketing experts and news engineers who believe in the future of media.", +"acknowledgements_en": "acknowledgements:Fastento was created by content marketing experts and news engineers who believe in the future of media.", + "reference": "自定义参考链接.", + "diagnose": "cve diagnose脚本", + "cve_source_link": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636", + "score": "7.8", + "severity": "Important", + "cvss": { + "nvd_cvss": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "openanolis_cvss": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" + }, + "product": [ + { + "product_id": 12, + "name_version": "Anolis8.2", + "product_package_info": { + "src": [ + { + "rpm_name": "nodejs", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0592" + }, + { + "rpm_name": "python", + "rpm_status": "fixed" + } + ] + } + { + "product_id": 13, + "name_version": "Anolis8.5", + "product_package_info": { + "src": [ + { + "rpm_name": "nodejs", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0591" + }, + { + "rpm_name": "python", + "rpm_status": "fixed" + } + ] + } + } + ], + "status": 1 +} + ``` + +成功返回: + +``` json +{ + "status": { + "code": 201, + "message": "" + }, + "data": { + "id": 52, + "gmt_created": "2022-04-29 11:16:37", + "gmt_modified": "2022-04-29", + "cve_id": "CVE-2022-25636", + "creator": "zhuxiao", + "publisher": "zhuxiao", + "publish_third_party_token": null, + "publish_date": "2022-04-29", + "cvss": { + "nvd_cvss": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "openanolis_cvss": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" + }, + "product": [ + { + "product_id": 12, + "name_version": "Anolis8.2", + "product_package_info": { + "aarch64": [ + { + "rpm_name": "python", + "rpm_status": "fixed" + } + ], + "x86_64": [ + { + "rpm_name": "python", + "rpm_status": "fixed" + } + ], + "src": [ + { + "rpm_name": "python", + "rpm_status": "fixed" + }, + { + "rpm_name": "java", + "rpm_status": "unaffected" + } + ], + "noarch": [ + { + "rpm_name": "java", + "rpm_status": "unaffected" + } + ] + } + }, + { + "product_id": 13, + "name_version": "Anolis8.5", + "product_package_info": { + "aarch64": [ + { + "rpm_name": "python", + "rpm_status": "fixed" + } + ], + "x86_64": [ + { + "rpm_name": "python", + "rpm_status": "fixed" + } + ], + "src": [ + { + "rpm_name": "python", + "rpm_status": "fixed" + }, + { + "rpm_name": "java", + "rpm_status": "unaffected" + } + ], + "noarch": [ + { + "rpm_name": "java", + "rpm_status": "unaffected" + } + ] + } + } + ], + "product_package": [ + { + "name_version": "Anolis8.2", + "rpm_name": "python", + "rpm_status": "fixed" + }, + { + "name_version": "Anolis8.2", + "rpm_name": "java", + "rpm_status": "unaffected" + }, + { + "name_version": "Anolis8.5", + "rpm_name": "java", + "rpm_status": "unaffected" + }, + { + "name_version": "Anolis8.5", + "rpm_name": "python", + "rpm_status": "fixed" + } + ], + "affected_packages": [ + "java", + "python" + ], + "score": 7.8, + "severity": "Important", + "status": 1, + "source": "Mitre", + "cve_source_link": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636", + "abstract": "net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.", + "description": "URL=https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636 \ncvss3=7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "acknowledgements": "致谢:Fastento was created by content marketing experts and news engineers who believe in the future of media.", + "acknowledgements_en": "acknowledgements:Fastento was created by content marketing experts and news engineers who believe in the future of media.", + "errata": [] + } +} +``` + +错误返回: +```json +{ + "status": { + "code": 400, + "message": { + "cve_id": [ + "cve 编号不能重复" + ], + "cvss": { + "nvd_cvss": [ + "cvss向量字符串不符合规则,请检查后正确输入" + ], + "cnvd_cvss": [ + "cvss向量字符串不符合规则,请检查后正确输入" + ], + "openanolis_cvss": [ + "cvss向量字符串不符合规则,请检查后正确输入" + ] + } + }, + "redirect_url": null + }, + "data": null +} +``` + +### 3). 详情 +> 功能描述: 获取cve详情 +> URL: /api/v1/cve/{cve_id}/ +> 请求方式: GET +> 支持格式: application/json + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| :--- | :---- | :----- | -------------------- | +| id | 是 | int | | + +**接口示例** +> 地址:/api/v1/cve/CVE-2022-46882/ +``` json +{ + "status": { + "code": 200, + "message": "" + }, + "data": { + "id": 17649, + "gmt_created": "2022-12-19 11:24:46", + "gmt_modified": "2022-12-19", + "cve_id": "CVE-2022-46882", + "creator": null, + "publisher": "distro-team", + "publish_third_party_token": "distro-team", + "publish_date": "2022-12-17", + "cvss": { + "nvd_cvss": "", + "openanolis_cvss": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" + }, + "product": [ + { + "product_id": 5, + "name_version": "Anolis OS 8", + "product_package_info": { + "src": [ + { + "rpm_name": "thunderbird", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0829" + }, + { + "rpm_name": "firefox", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0830" + } + ] + } + } + ], + "affected_packages": [ + "thunderbird", + "firefox" + ], + "score": 6.1, + "severity": "Moderate", + "product_package": [ + { + "name_version": "Anolis OS 8", + "rpm_name": "thunderbird", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0829", + "publish_date": "2022-12-17" + }, + { + "name_version": "Anolis OS 8", + "rpm_name": "firefox", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0830", + "publish_date": "2022-12-17" + } + ], + "status": 1, + "source": "Mitre", + "cve_source_link": "", + "abstract": "The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free in WebGL extensions could have led to a potentially exploitable crash.", + "description": null, + "issue": null, + "acknowledgements": "", + "acknowledgements_en": "", + "reference": null, + "diagnose": null, + "statement": null, + "mitigation": null, + "update_user": "distro-team", + "errata": [ + { + "id": 6894, + "advisory_id": "ANSA-2022:0829", + "publish_date": "2022-12-17", + "product_package": { + "name_version": [ + "Anolis OS 8" + ], + "rpm_name": [ + "thunderbird" + ] + } + }, + { + "id": 6895, + "advisory_id": "ANSA-2022:0830", + "publish_date": "2022-12-17", + "product_package": { + "name_version": [ + "Anolis OS 8" + ], + "rpm_name": [ + "firefox" + ] + } + } + ] + } +} +``` + +### 4). 编辑 +> 功能描述: cve编辑 +> URL: /api/v1/cve/{cve_id}/ +> 请求方式: PUT +> 支持格式: application/json + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| :--- | :---- | :----- | -------------------- | +| cve_id | 是 | string | cve 编号 | +| score | 是 | float | cvss评分分值 | +| severity | 是 | string | 漏洞等级,可选['Critical', 'Important', 'Low', 'None', 'Moderate',] | +| source | str | cve来源 可选 ['Mitre', 'NVD'] | +| publish_date | 否 | string | 发布日期 格式"2021-12-21 15:48:22" | +| abstract | 否 | string | 概要 | +| description | 否 | string | 备注 | +| issue | 否 | string | issue | +| acknowledgements | 否 | string | 致谢 | +| reference | 否 | string | 自定义参考链接 | +| diagnose | 否 | string | cve diagnose脚本 | +| statement | 否 | string | 龙蜥声明 | +| mitigation | 否 | string | CVE缓解方案 | +| status | 是 | int | 可选值1、2,status=1表示保存并发布,status=2表示仅保存 | +| cve_source_link | 否 | string | cve源链接 | +| cvss | 否 | json | nvd/openanolis 的cvss度量评分公式 | +| product | 是 | json | cve关联的产品、包、修复状态 | +| rpm_name | 是 | str | cve关联的软件包名 | +| rpm_status | 是 | str | cve关联包的修复状态,可选项为:fixed、investigation、unaffected、not_fix、out_scope、affected | +| advisory_id | 否 | str | cve下已修复的包/modules关联的errata(用advisory_id关联),只能在系统已有的errata中选择 | + +**接口示例** +> 地址:/api/v1/cve/CVE-2020-12138/ +``` json +{ + "cve_id": "CVE-2022-25636", + "source": "NVD", + "publish_date": "2022-04-29 11:33:50", + "abstract": "net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.", + "description": "URL=https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636 \ncvss3=7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "cve_source_link": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636", + "score": "7.8", + "severity": "Important", + "cvss": { + "nvd_cvss": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "openanolis_cvss": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" + }, + "product": [ + { + "product_id": 12, + "name_version": "Anolis8.2", + "product_package_info": { + "src": [ + { + "rpm_name": "python", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0592" + }, + { + "rpm_name": "java", + "rpm_status": "unaffected" + } + ] + } + }, + { + "product_id": 13, + "name_version": "Anolis8.5", + "product_package_info": { + "src": [ + { + "rpm_name": "python", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0591" + }, + { + "rpm_name": "java", + "rpm_status": "unaffected" + } + ] + } + ], + "status": 1 +} +``` +成功返回 +``` +{ + "status": { + "code": 200, + "message": "" + }, + "data": { + "id": 52, + "gmt_created": "2022-04-29 11:16:37", + "gmt_modified": "2022-04-29", + "cve_id": "CVE-2022-25636", + "creator": "zhuxiao", + "publisher": "zhuxiao", + "publish_third_party_token": null, + "publish_date": "2022-04-29", + "cvss": { + "nvd_cvss": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "openanolis_cvss": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" + }, + "product": [ + { + "product_id": 12, + "name_version": "Anolis8.2", + "product_package_info": { + "src": [ + { + "rpm_name": "python", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0592" + }, + { + "rpm_name": "java", + "rpm_status": "unaffected" + } + ] + }, + { + "product_id": 13, + "name_version": "Anolis8.5", + "product_package_info": { + "src": [ + { + "rpm_name": "python", + "rpm_status": "fixed", + "advisory_id": "ANSA-2022:0591" + }, + { + "rpm_name": "java", + "rpm_status": "unaffected" + } + ] + } + } + ], + "product_package": [ + { + "name_version": "Anolis8.2", + "rpm_name": "python", + "rpm_status": "fixed" + }, + { + "name_version": "Anolis8.2", + "rpm_name": "java", + "rpm_status": "unaffected" + }, + { + "name_version": "Anolis8.5", + "rpm_name": "java", + "rpm_status": "unaffected" + }, + { + "name_version": "Anolis8.5", + "rpm_name": "python", + "rpm_status": "fixed" + } + ], + "affected_packages": [ + "java", + "python" + ], + "score": 7.8, + "severity": "Important", + "status": 1, + "source": "NVD", + "cve_source_link": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636", + "abstract": "net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.", + "description": "URL=https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25636 \ncvss3=7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "errata": [] + } +} +``` + +### 5). 删除 +> 功能描述: 删除cve +> URL: /api/v1/cve/{cve_id}/ +> 请求方式: DELETE +> 支持格式: application/json + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| :--- | :---- | :----- | -------------------- | +| cve_id | 是 | string | cve 编号 | + +**接口示例** +> 地址:/api/v1/cve/CVE-2020-12134/ +``` json +{ + "status": { + "code": 204, + "message": "" + }, + "data": null +} +``` + +## product查询接口 +### 1) product列表 +> 获取产品列表 +> url: /api/v1/product/ +> 请求方式: GET +> 支持格式: application/json + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| :--- | :---- | :----- | -------------------- | +| page_num | 否 | int | 当前页 | +| page_size | 否 | int | 每页条数20-100 | + +**返回字段** + +| 返回字段 | 字段类型 | 说明 | +| :----------- | :------- | :--------- | +| total | int | 总条数 | +| page_num | int | 当前页 | +| total_page | int | 总页数 | +| page_size | int | 每页条数 | +| previous | string | 上一页 | +| next | string | 下一页 | +| data | list | 列表数据 | +| id | int | 产品在数据库的id | +| gmt_created | date | 创建时间 | +| gmt_modified | date | 更新时间 | +| name_version | str | 产品名称 | +| creator | str | 产品创建者 | + +**接口示例** +> 地址:/api/v1/product/?page_num=1&page_size=20 +``` json +{ + "status": { + "code": 200, + "message": "" + }, + "data": { + "total": 2, + "page_num": 1, + "total_page": 1, + "page_size": 20, + "previous": null, + "next": null, + "data": [ + { + "id": 1, + "gmt_created": "2022-01-25 16:05:38", + "gmt_modified": "2022-01-25 16:05:39", + "name_version": "Anolis8.4", + "creator": "张康" + }, + { + "id": 2, + "gmt_created": "2022-01-25 16:06:13", + "gmt_modified": "2022-01-25 16:06:14", + "name_version": "Anolis8.2", + "creator": "朱潇" + } + ] + } +} +``` + +## 软件包查询接口 +### 1) 软件包下载链接列表 +> 通过cve_id列表查询关联包的下载链接 +> url: /api/v1/package/ +> 请求方式: GET +> 支持格式: application/json + +**请求参数** + +| 参数 | 必选 | 类型 | 说明 | +| :--- | :---- | :----- | -------------------- | +| cve_id_list | 是 | list | 待查询的cve_id列表,如['CVE-2022-122202', 'CVE-2022-111712'] | + +**返回字段** + +| 返回字段 | 字段类型 | 说明 | +| :----------- | :------- | :--------- | +| data | list | 列表数据 | +| rpm_filename | string | 软件包名 | +| rpm_url | string | 软件包下载链接 | + +**接口示例** +> 地址:/api/v1/package/?cve_id_list=CVE-2022-122202&cve_id_list=CVE-2022-111712 +``` json +{ + "status": { + "code": 200, + "message": "" + }, + "data": [ + { + "CVE-2022-122202": [ + { + "rpm_filename": "python", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + }, + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ] + }, + { + "CVE-2022-111712": [ + { + "rpm_filename": "python", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + }, + { + "rpm_filename": "nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm", + "rpm_url": "http://mirrors.openanolis.cn/anolis/8.4/AppStream/aarch64/os/Packages/nodejs-14.17.5-1.module+an8.4.0+10386+02ee7ad9.aarch64.rpm" + } + ] + } + ] +} + +``` +## 安全数据API +安全数据API对外提供了安全数据的访问接口,目前API支持CVE、OVAL格式的数据访问。 +Base URL: + https://anas.openanolis.cn/api/securitydata + +### 1) Errata接口 +#### 1.1)Errata列表 + +> 列出所有的Errata,以指定的数据格式返回信息 +> json:/errata.json +> xml: /errata.xml +> 请求方式: GET +> 支持格式: application/json + +**返回数据说明** + +| 参数名称 | 参数类型 | 参数说明 | +| :----------- | :------- | :--------- | +| advisory_id | str | advisory ID | +| advisory_type | str | advisory类型 | +| severity | str | ANSA的严重等级, 只能是下面四种之一 Critical, Important, Moderate, Low,ANBA/ANEA下无严重等级 | +| publish_date | str | 发布时间 | +| synpopsis | str | 简介 | +| solution | str | 解决方案 | +| description | str | 描述 | +| issue | str | Issue | +| source | str | 来源,值为manual(手动)或者添加者的(sys_name) | +| cve | list | 关联的cve | +| product | list | 关联的产品和package信息 | +| modules | list | errata修复的modules信息 | + +#### 1.2)单条Errata + +> 列出一条Errata,以指定的数据格式返回信息 +> json:/errata/xxx.json +> xml: /errata/xxx.xml +> 请求方式: GET +> 支持格式: application/json + +**json接口示例** +> 地址:https://anas.openanolis.cn/api/securitydata/errata/ANSA-2023:0139.json +> 返回: +``` +{ + "advisory_id": "ANSA-2023:0139", + "advisory_type": "Security Advisory", + "severity": "Important", + "publish_date": "2023-04-26 00:00:00", + "synpopsis": "java-1.8.0-openjdk security update", + "description": "Package updates are available for Anolis 8 that fix the following vulnerabilities:\n\nCVE-2023-21930:\nVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).\n\nCVE-2023-21937:\nVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).\n\nCVE-2023-21938:\nVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).\n\nCVE-2023-21939:\nVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).\n\nCVE-2023-21954:\nVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).\n\nCVE-2023-21967:\nVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).\n\nCVE-2023-21968:\nVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", + "solution": "请您尽快将升级到修复后的版本。修复命令如下:\nyum update --advisory ANSA-2023:0139", + "issue": null, + "source": "distro-team", + "modules": [], + "product": [ + { + "product_id": 5, + "name_version": "Anolis OS 8", + "product_package_info": { + "aarch64": [ + { + "rpm_name": "java-1.8.0-openjdk", + "rpm_filename": "java-1.8.0-openjdk-1.8.0.372.b07-1.0.1.an8.aarch64.rpm", + "rpm_url": "https://mirrors.openanolis.cn/anolis/8.8/AppStream/aarch64/os/Packages/java-1.8.0-openjdk-1.8.0.372.b07-1.0.1.an8.aarch64.rpm" + }, + { + "rpm_name": "java-1.8.0-openjdk-accessibility", + "rpm_filename": "java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.0.1.an8.aarch64.rpm", + "rpm_url": "https://mirrors.openanolis.cn/anolis/8.8/AppStream/aarch64/os/Packages/java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.0.1.an8.aarch64.rpm" + }, + { + "rpm_name": "java-1.8.0-openjdk-demo", + "rpm_filename": "java-1.8.0-openjdk-demo-1.8.0.372.b07-1.0.1.an8.aarch64.rpm", + "rpm_url": "https://mirrors.openanolis.cn/anolis/8.8/AppStream/aarch64/os/Packages/java-1.8.0-openjdk-demo-1.8.0.372.b07-1.0.1.an8.aarch64.rpm" + }, + { + "rpm_name": "java-1.8.0-openjdk-headless", + "rpm_filename": "java-1.8.0-openjdk-headless-1.8.0.372.b07-1.0.1.an8.aarch64.rpm", + "rpm_url": "https://mirrors.openanolis.cn/anolis/8.8/AppStream/aarch64/os/Packages/java-1.8.0-openjdk-headless-1.8.0.372.b07-1.0.1.an8.aarch64.rpm" + }, + { + "rpm_name": "java-1.8.0-openjdk-src", + "rpm_filename": "java-1.8.0-openjdk-src-1.8.0.372.b07-1.0.1.an8.aarch64.rpm", + "rpm_url": "https://mirrors.openanolis.cn/anolis/8.8/AppStream/aarch64/os/Packages/java-1.8.0-openjdk-src-1.8.0.372.b07-1.0.1.an8.aarch64.rpm" + } + ], + "x86_64": [ + { + "rpm_name": "java-1.8.0-openjdk", + "rpm_filename": "java-1.8.0-openjdk-1.8.0.372.b07-1.0.1.an8.x86_64.rpm", + "rpm_url": "https://mirrors.openanolis.cn/anolis/8.8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-1.8.0.372.b07-1.0.1.an8.x86_64.rpm" + }, + { + "rpm_name": "java-1.8.0-openjdk-accessibility", + "rpm_filename": "java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.0.1.an8.x86_64.rpm", + "rpm_url": "https://mirrors.openanolis.cn/anolis/8.8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.0.1.an8.x86_64.rpm" + }, + { + "rpm_name": "java-1.8.0-openjdk-demo", + "rpm_filename": "java-1.8.0-openjdk-demo-1.8.0.372.b07-1.0.1.an8.x86_64.rpm", + "rpm_url": "https://mirrors.openanolis.cn/anolis/8.8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-demo-1.8.0.372.b07-1.0.1.an8.x86_64.rpm" + }, + { + "rpm_name": "java-1.8.0-openjdk-headless", + "rpm_filename": "java-1.8.0-openjdk-headless-1.8.0.372.b07-1.0.1.an8.x86_64.rpm", + "rpm_url": "https://mirrors.openanolis.cn/anolis/8.8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-headless-1.8.0.372.b07-1.0.1.an8.x86_64.rpm" + }, + { + "rpm_name": "java-1.8.0-openjdk-src", + "rpm_filename": "java-1.8.0-openjdk-src-1.8.0.372.b07-1.0.1.an8.x86_64.rpm", + "rpm_url": "https://mirrors.openanolis.cn/anolis/8.8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-src-1.8.0.372.b07-1.0.1.an8.x86_64.rpm" + } + ], + "src": [ + { + "rpm_name": "java-1.8.0-openjdk", + "rpm_filename": "java-1.8.0-openjdk-1.8.0.372.b07-1.0.1.an8.src.rpm", + "rpm_url": "https://mirrors.openanolis.cn/anolis/8.8/AppStream/source/Packages/java-1.8.0-openjdk-1.8.0.372.b07-1.0.1.an8.src.rpm" + } + ], + "noarch": [ + { + "rpm_name": "java-1.8.0-openjdk-javadoc", + "rpm_filename": "java-1.8.0-openjdk-javadoc-1.8.0.372.b07-1.0.1.an8.noarch.rpm", + "rpm_url": "https://mirrors.openanolis.cn/anolis/8.8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-javadoc-1.8.0.372.b07-1.0.1.an8.noarch.rpm" + }, + { + "rpm_name": "java-1.8.0-openjdk-javadoc-zip", + "rpm_filename": "java-1.8.0-openjdk-javadoc-zip-1.8.0.372.b07-1.0.1.an8.noarch.rpm", + "rpm_url": "https://mirrors.openanolis.cn/anolis/8.8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-javadoc-zip-1.8.0.372.b07-1.0.1.an8.noarch.rpm" + } + ], + "loongarch64": [] + } + } + ], + "cve": [ + "CVE-2023-21930", + "CVE-2023-21937", + "CVE-2023-21938", + "CVE-2023-21939", + "CVE-2023-21954", + "CVE-2023-21967", + "CVE-2023-21968" + ] +} +``` + +**xml接口示例** +> 地址:https://anas.openanolis.cn/api/securitydata/errata/ANSA-2023:0139.xml +> 返回: +``` + +ANSA-2023:0139 +Security Advisory +Important +2023-04-26 00:00:00 +java-1.8.0-openjdk security update +Package updates are available for Anolis 8 that fix the following vulnerabilities: CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N). CVE-2023-21937: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). CVE-2023-21938: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). CVE-2023-21939: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). CVE-2023-21954: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N). CVE-2023-21967: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). CVE-2023-21968: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). +请您尽快将升级到修复后的版本。修复命令如下: yum update --advisory ANSA-2023:0139 + +distro-team + + + +5 +Anolis OS 8 + + + +java-1.8.0-openjdk +java-1.8.0-openjdk-1.8.0.372.b07-1.0.1.an8.aarch64.rpm +https://mirrors.openanolis.cn/anolis/8.8/AppStream/aarch64/os/Packages/java-1.8.0-openjdk-1.8.0.372.b07-1.0.1.an8.aarch64.rpm + + +java-1.8.0-openjdk-accessibility +java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.0.1.an8.aarch64.rpm +https://mirrors.openanolis.cn/anolis/8.8/AppStream/aarch64/os/Packages/java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.0.1.an8.aarch64.rpm + + +java-1.8.0-openjdk-demo +java-1.8.0-openjdk-demo-1.8.0.372.b07-1.0.1.an8.aarch64.rpm +https://mirrors.openanolis.cn/anolis/8.8/AppStream/aarch64/os/Packages/java-1.8.0-openjdk-demo-1.8.0.372.b07-1.0.1.an8.aarch64.rpm + + +java-1.8.0-openjdk-headless +java-1.8.0-openjdk-headless-1.8.0.372.b07-1.0.1.an8.aarch64.rpm +https://mirrors.openanolis.cn/anolis/8.8/AppStream/aarch64/os/Packages/java-1.8.0-openjdk-headless-1.8.0.372.b07-1.0.1.an8.aarch64.rpm + + +java-1.8.0-openjdk-src +java-1.8.0-openjdk-src-1.8.0.372.b07-1.0.1.an8.aarch64.rpm +https://mirrors.openanolis.cn/anolis/8.8/AppStream/aarch64/os/Packages/java-1.8.0-openjdk-src-1.8.0.372.b07-1.0.1.an8.aarch64.rpm + + + + +java-1.8.0-openjdk +java-1.8.0-openjdk-1.8.0.372.b07-1.0.1.an8.x86_64.rpm +https://mirrors.openanolis.cn/anolis/8.8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-1.8.0.372.b07-1.0.1.an8.x86_64.rpm + + +java-1.8.0-openjdk-accessibility +java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.0.1.an8.x86_64.rpm +https://mirrors.openanolis.cn/anolis/8.8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.0.1.an8.x86_64.rpm + + +java-1.8.0-openjdk-demo +java-1.8.0-openjdk-demo-1.8.0.372.b07-1.0.1.an8.x86_64.rpm +https://mirrors.openanolis.cn/anolis/8.8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-demo-1.8.0.372.b07-1.0.1.an8.x86_64.rpm + + +java-1.8.0-openjdk-headless +java-1.8.0-openjdk-headless-1.8.0.372.b07-1.0.1.an8.x86_64.rpm +https://mirrors.openanolis.cn/anolis/8.8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-headless-1.8.0.372.b07-1.0.1.an8.x86_64.rpm + + +java-1.8.0-openjdk-src +java-1.8.0-openjdk-src-1.8.0.372.b07-1.0.1.an8.x86_64.rpm +https://mirrors.openanolis.cn/anolis/8.8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-src-1.8.0.372.b07-1.0.1.an8.x86_64.rpm + + + + +java-1.8.0-openjdk +java-1.8.0-openjdk-1.8.0.372.b07-1.0.1.an8.src.rpm +https://mirrors.openanolis.cn/anolis/8.8/AppStream/source/Packages/java-1.8.0-openjdk-1.8.0.372.b07-1.0.1.an8.src.rpm + + + + +java-1.8.0-openjdk-javadoc +java-1.8.0-openjdk-javadoc-1.8.0.372.b07-1.0.1.an8.noarch.rpm +https://mirrors.openanolis.cn/anolis/8.8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-javadoc-1.8.0.372.b07-1.0.1.an8.noarch.rpm + + +java-1.8.0-openjdk-javadoc-zip +java-1.8.0-openjdk-javadoc-zip-1.8.0.372.b07-1.0.1.an8.noarch.rpm +https://mirrors.openanolis.cn/anolis/8.8/AppStream/x86_64/os/Packages/java-1.8.0-openjdk-javadoc-zip-1.8.0.372.b07-1.0.1.an8.noarch.rpm + + + + + + + +CVE-2023-21930 +CVE-2023-21937 +CVE-2023-21938 +CVE-2023-21939 +CVE-2023-21954 +CVE-2023-21967 +CVE-2023-21968 + + +``` + +### 2) CVE接口 +#### 2.1)CVE列表 + +> 列出所有的CVE,以指定的数据格式返回信息 +> json:/cve.json +> xml: /cve.xml +> 请求方式: GET +> 支持格式: application/json + +**返回数据说明** + +| 参数名称 | 参数类型 | 参数说明 | +| :----------- | :------- | :--------- | +| name | str | CVE ID| +| threat_severity | str | 严重等级 | +| publish_date | str | 发布时间 | +| bugzilla | str | bugzilla链接 | +| details | str | 漏洞细节 | +| description | str | 漏洞描述 | +| reference | str | 参考链接 | +| statement | str | 漏洞声明 | +| diagnose | str | 漏洞诊断 | +| mitigation | str | 缓解方案 | +| acknowledgement | str | 致谢 | +| cvss_score | float | CVSS评分 | +| cvss_scoring_vector | str | CVSS向量 | +| source | str | CVE数据源 | +| csaw | str | - | +| package_state | list(product) | - | +| product | | | +| product_name | str | 产品名称 | +| fix_state | str | 状态 | +| package_name | str | 软件名称 | +| advisory | str | 修复该产品的errata | +| cpe | str | cpe | + +#### 2.2)单条CVE + +> 列出一条CVE,以指定的数据格式返回信息 +> json:/cve/xxx.json +> xml: /cve/xxx.xml +> 请求方式: GET +> 支持格式: application/json + +**json接口示例** +> 地址:https://anas.openanolis.cn/api/securitydata/cve/CVE-2023-37464.json +> 返回: +``` +{ + "threat_severity": "Important", + "public_date": "2023-04-22 09:48:22", + "bugzilla": null, + "details": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.", + "description": null, + "reference": null, + "statement": null, + "diagnose": null, + "mitigation": null, + "acknowledgement": "", + "package_state": [ + { + "product_name": "Anolis OS 8", + "fix_state": "fixed", + "package_name": "webkit2gtk3", + "advisory": "ANSA-2023:0131", + "cpe": null + } + ], + "cvss_score": 8.8, + "cvss_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "source": "Mitre", + "name": "CVE-2023-28205", + "csaw": null +} +``` + +**xml接口示例** +> 地址:https://anas.openanolis.cn/api/securitydata/cve/CVE-2023-37464.xml +> 返回: +``` + +Important +2023-04-22 09:48:22 + +
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
+ + + + + + + + +Anolis OS 8 +fixed +webkit2gtk3 +ANSA-2023:0131 + + + +8.8 +CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H +Mitre + + +``` \ No newline at end of file diff --git "a/INFRA_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/ANAS\351\211\264\346\235\203\345\244\261\350\264\245\350\207\252\345\212\251\346\216\222\346\237\245\346\211\213\345\206\214.md" "b/INFRA_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/ANAS\351\211\264\346\235\203\345\244\261\350\264\245\350\207\252\345\212\251\346\216\222\346\237\245\346\211\213\345\206\214.md" new file mode 100644 index 0000000000000000000000000000000000000000..d832c7a704e24cbe7faa723791ac8da5808d9a4e --- /dev/null +++ "b/INFRA_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/ANAS\351\211\264\346\235\203\345\244\261\350\264\245\350\207\252\345\212\251\346\216\222\346\237\245\346\211\213\345\206\214.md" @@ -0,0 +1,91 @@ +## ANAS用户使用手册 +### API鉴权 +请参考[ANAS用户API说明文档](https://openanolis.cn/sig/SIG-Infra/doc/799607241553337888) + +### API自助异常排查 +#### 鉴权类异常 +##### Token缺失 +- 异常描述 + - 请求头缺失token,导致请求发送异常 +- 返回结果 + ```json + { + 'status': { + 'code': 403, + 'message': 'headers缺少token, 帮助文档: ***', + 'redirect_url': None + }, + 'data': None + } +- 修复方案 + - 请求头缺失token,如果没有可用token请联系安全开发团队 + +##### Timestamp缺失 +- 异常描述 + - 请求头缺失timestamp,导致请求发送异常 +- 返回结果 + ```json + { + 'status': { + 'code': 403, + 'message': 'headers缺少timestamp, 帮助文档: ***', + 'redirect_url': None + }, + 'data': None + } +- 修复方案 + - timestamp如何加密且需要加到headers中,如何加密请查看上文API鉴权 + +##### 加密签名signature缺失 +- 异常描述 + - 请求头缺失signature,导致请求发送异常 +- 返回结果 + ```json + { + 'status': { + 'code': 403, + 'message': 'headers缺少singnature, 帮助文档: ***', + 'redirect_url': None + }, + 'data': None + } +- 修复方案 + - 请将加密签名加到headers请求头中,如何加密请查看上文API鉴权 + + +##### 请求签名过期 +- 异常描述 + - 请求的时间与服务器时间超过最大过期时间,因而导致签名过期 +- 返回结果 + ```json + { + 'status': { + 'code': 403, + 'message': '请求签名已过期, 帮助文档: ***', + 'redirect_url': None + }, + 'data': None + } +- 修复方案 + - 先排查下发送请求机器的时间,是否已校准机器的时间,当前设置的最大过期时间为5分钟 + - 确认请求环境是否为请求预期环境 + - 如仍未解决,请联系安全开发团队 + + +##### 加密签名校验异常 +- 异常描述 + - 加密签名由token、sysname、timestamp加密生成,如果token或者sysname填写错误会导致此异常 +- 返回结果 + ```json + { + 'status': { + 'code': 403, + 'message': '请求加密签名校验异常, 帮助文档: ***', + 'redirect_url': None + }, + 'data': None + } +- 修复方案 + - 优先排查是否token及sysname是否填写正确 + - 确认请求环境是否为请求预期环境 + - 如仍未解决,请联系安全开发团队 \ No newline at end of file diff --git "a/INFRA_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/OpenAnolis\345\256\211\345\205\250\346\225\260\346\215\256API\346\226\207\346\241\243.md" "b/INFRA_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/OpenAnolis\345\256\211\345\205\250\346\225\260\346\215\256API\346\226\207\346\241\243.md" new file mode 100644 index 0000000000000000000000000000000000000000..d46d51adeffc711e1bdaafc399b08589ce75f313 --- /dev/null +++ "b/INFRA_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/OpenAnolis\345\256\211\345\205\250\346\225\260\346\215\256API\346\226\207\346\241\243.md" @@ -0,0 +1,91 @@ +## OpenAnolis安全数据API文档1.0 + +欢迎联系龙蜥安全团队邮件列表:ansa-announce@lists.openanolis.cn + +### 1. 简介 + +OpenAnolis安全数据API对外提供了安全数据的访问接口,通过指定的参数查询OpenAnolis社区安全相关数据。目前API支持CVE、OVAL格式的数据访问,其他数据类型敬请期待。 + +安全数据API提供了OpenAnolis社区的安全相关数据和信息,以更好地支持业务需求和指标衡量,如您对安全数据API有任何的疑问,欢迎联系[龙蜥安全团队](https://lists.openanolis.cn/postorius/lists/ansa-announce.lists.openanolis.cn/),或者在[OpenAnolis Bugzilla](https://bugzilla.openanolis.cn/)向我们提出issue。 + +**`Base URL`** + +> https://anas.openanolis.cn/api/securitydata + +**`数据格式`** + +对外数据接口支持JSON、XML格式的数据,数据格式可以通过访问url的后缀来标识,如.xml、.json。 + +### 2. CVE接口 +#### 2.1 CVE列表 + +**简介** + +列出所有的CVE,以指定的数据格式返回信息 + +**`JSON`** +> GET /cve.json + +**`XML`** +> GET /cve.xml + +#### 2.2 单条CVE +**简介** + +获取一条CVE的信息 +`JSON` + +> GET /cve/.json + +`XML` + +> GET /cve/.xml + +**示例** + +/cve/CVE-2022-2795.xml + +#### 2.3 CVE数据格式 +| **参数名称** | **参数说明** | **备注** | **参数类型** | +| --- | --- | --- | --- | +| name | CVE ID | | string | +| threat_severity | 严重等级 | | string | +| public_date | 发布时间 | | datetime | +| bugzilla | bugzilla链接 | | string | +| details | 漏洞细节 | | string | +| description | 漏洞描述 | | string | +| reference | 参考链接 | | string | +| statement | 漏洞声明 | | string | +| diagnose | 漏洞诊断 | | string | +| mitigation | 缓解方案 | | string | +| acknowledgement | 致谢 | | string | +| cvss_score | CVSS评分 | | float | +| cvss_scoring_vector | CVSS向量 | | str | +| source | CVE数据源 | | str | +| csaw | | | | +| package_state | - | | list(product) | +| product | | | | +| product_name | 产品名称 | | string | +| fix_state | 状态 | | string | +| package_name | 软件名称 | | string | +| cpe | cpe | | string | + +### 3. OVAL接口 +#### 3.1 OVAL列表 +**简介** + +返回产品下所有的OVAL数据列表,OVAL数据接口目前仅支持XML格式 + +`XML` +> GET /oval/.xml + +**示例** + +/oval/anolis-7.xml + +/oval/anolis-8.xml + +### 4. OVAL文件下载 +您可以直接访问[Anolis OS 安全漏洞数据中心](https://anas.openanolis.cn/data)浏览并下载最新的以及历史的OVAL文件。 + +Anolis OS安全漏洞数据中心正在不断完善和优化中,如您有宝贵的建议,欢迎您联系龙蜥安全团队:ansa-announce@lists.openanolis.cn。 diff --git "a/INFRA_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/\351\276\231\350\234\245\346\223\215\344\275\234\347\263\273\347\273\237\346\274\217\346\264\236\350\257\204\345\210\206\345\256\232\347\272\247\350\257\264\346\230\216.md" "b/INFRA_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/\351\276\231\350\234\245\346\223\215\344\275\234\347\263\273\347\273\237\346\274\217\346\264\236\350\257\204\345\210\206\345\256\232\347\272\247\350\257\264\346\230\216.md" new file mode 100644 index 0000000000000000000000000000000000000000..1110e2e8311be5bbd3b5781e0d57dddc23777bb0 --- /dev/null +++ "b/INFRA_DOCS/\345\256\211\345\205\250\347\256\241\347\220\206\347\263\273\347\273\237/\351\276\231\350\234\245\346\223\215\344\275\234\347\263\273\347\273\237\346\274\217\346\264\236\350\257\204\345\210\206\345\256\232\347\272\247\350\257\264\346\230\216.md" @@ -0,0 +1,68 @@ +# 龙蜥操作系统漏洞评分定级说明 +### 漏洞评分 +龙蜥安全团队采用业界标准的漏洞评分体系 CVSSv3.1 为龙蜥操作系统产品相关的安全漏洞的安全威胁影响程度打分。该评分体系为非营利组织 [FIRST.org](https://www.first.org/cvss/v3.1/specification-document) 发布的通用安全漏洞评估标准,从漏洞被利用的攻击途径、攻击复杂度、鉴权、交互,以及漏洞被利用后对系统的机密性、完整性、可用性造成的危害程度等,全方位的反映漏洞的安全威胁影响。 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
评估维度评价指标评分说明
可利用性Attack Vector(AV)攻击途径N:网络;A:邻接;L:本地;P:物理漏洞攻击的方式,与攻击目标的远近程度
Attack Complexity(AC)攻击复杂度L:低;H:高漏洞攻击的难易程序,攻击成功条件复杂性。
Privileges Rquired(PR)所需权限N:无;L:低;H:高漏洞攻击是否需要用户鉴权。
User Interaction(UI)用户交互N:无;R:需要漏洞攻击是否需要人工干预,是否能自动完成。
范围Scope(S)范围U:不变;C:改变漏洞攻击影响范围,是否影响不同权限组件。
影响性Confidentiality(C)机密性H:高;L:低;N:无漏洞攻击是否造成数据机密泄漏,泄漏程度。
Integrity(I)完整性H:高;L:低;N:无漏洞攻击对目标数据的可信性,真实性影响,是否能够操作数据。
Availability(A)可用性H:高;L:低;N:无漏洞攻击对目标数据的可用性影响。
+ + +最新的 CVSS 相关咨询可以在 [https://www.first.org/cvss/](https://www.first.org/cvss/) 这里找到。龙蜥社区当前使用的CVSSv3.1评分计算器可以在这里 [https://www.first.org/cvss/calculator/3.1](https://www.first.org/cvss/calculator/3.1)。 +### 漏洞定级 +龙蜥操作系统采用业界常用的四级标准来为龙蜥操作系统相关的安全漏洞定级,简洁的漏洞定级能方便龙蜥操作系统用户、运维人员以及三方安全厂商快速识别漏洞安全威胁影响程度,制定便捷、高效的安全修复策略。 + +| **严重等级** | **定级说明** | +| --- | --- | +| **超危/Critical** | 未经身份验证即可轻易通过远程在无需用户交互的情况下发起攻击并导致系统受损的漏洞 | +| **高危/Important** | 通过本地用户获得权限,未经身份验证的远程用户查看非授权资源,经过身份验证的远程用户执行任意代码,或未经身份验证的远程用户在不知情的情况下造成拒绝服务等手段,危害系统资源的机密性、完整性或可用性的漏洞。 | +| **中危/Medorate** | 利用难度大,或针对不太常用的系统配置下,可能危害系统资源的机密性、完整性或可用性的漏洞。 | +| **低危/Low** | 被利用可能性不大,或即便成功利用也只会造成很小的安全影响的漏洞 | + diff --git "a/INFRA_DOCS/\346\236\204\345\273\272\345\271\263\345\217\260ABS/LifseaOS \351\225\234\345\203\217.md" "b/INFRA_DOCS/\346\236\204\345\273\272\345\271\263\345\217\260ABS/LifseaOS \351\225\234\345\203\217.md" new file mode 100644 index 0000000000000000000000000000000000000000..bbd37119efc88b08fc7c9c3c40cb24800b52034a --- /dev/null +++ "b/INFRA_DOCS/\346\236\204\345\273\272\345\271\263\345\217\260ABS/LifseaOS \351\225\234\345\203\217.md" @@ -0,0 +1 @@ +### 敬请期待 \ No newline at end of file diff --git "a/INFRA_DOCS/\346\236\204\345\273\272\345\271\263\345\217\260ABS/\344\272\221\345\216\237\347\224\237.md" "b/INFRA_DOCS/\346\236\204\345\273\272\345\271\263\345\217\260ABS/\344\272\221\345\216\237\347\224\237.md" new file mode 100644 index 0000000000000000000000000000000000000000..614fe3e75ea5f82e9d96ade278cf112ef5d95bcb --- /dev/null +++ "b/INFRA_DOCS/\346\236\204\345\273\272\345\271\263\345\217\260ABS/\344\272\221\345\216\237\347\224\237.md" @@ -0,0 +1,54 @@ +# 云原生 +基于微服务架构提高灵活性和可维护性,借助敏捷方法和运维自动化,利用云平台设施实现弹性伸缩、动态调度、优化资源利用率。为方便项目拥有者构建管理, ABS提供了「Docker镜像」、「云原生ACNS版本」构建功能。 + +### Docker镜像 +持续交付提供镜像构建推送至镜像仓库服务,支持不同产品类型和OS架构的镜像文件,并存储于Docker镜像仓库,用于后续的部署任务。 +##### 新建 +点击 「+ 新建」>「Docker镜像」,进入新建页面。 +![输入图片说明](../assets/构建平台ABS/image9.png) + +根据需求填写对应的设置参数。 +![输入图片说明](../assets/构建平台ABS/image8.png) + +配置参数: + +| 名称 |描述 | +|---|---| +| 镜像名称 | 该产出物为镜像所用名的名称,支持自定义命名。产出物可用于后续部署任务。 | +| 描述 | 概述镜像的内容。 | +| 仓库地址 | 用户所用的仓库地址 | +| 分支名称 | 用户所用的分支 | +| Dockerfile文件路径 | Dockerfile存放的路径URL。| + +##### 删除 +点击镜像详情,右侧的「删除」按钮,即可完成删除。 +![输入图片说明](../assets/构建平台ABS/image12.png) + + +### 云原生ACNS版本 +龙蜥云原生套件是龙蜥社区社区云原生SIG输出的基于kubernetes发行版本为基础而集成的套件能力,可以提供一键式部署、开箱即用、以及丰富的云原生基础能力。 +##### 新建 +点击 「+ 新建」>「云原生ACNS版本」,进入新建页面。 +![输入图片说明](../assets/构建平台ABS/image10.png) +根据需求填写对应的设置参数。 + +![输入图片说明](../assets/构建平台ABS/image11.png) + +配置参数: + +| 名称 |描述 | +|---|---| +| 构建名称 | 该产出物为构建所用名的名称。 | +| 描述 | 概述构建的内容。 | +| 产品及版本 | 目前仅支持基于anolis-cloud-native仓库产品的ACNS构建。| +| 镜像名称 | 默认:anolis-cloud-native | +| 架构 | 目前仅支持x86_84。 | +| 仓库地址 | 使用默认。 | +| 分支名称 | 使用默认。 | + +##### 删除 +点击镜像详情,右侧的「删除」按钮,即可完成删除。 +![输入图片说明](../assets/构建平台ABS/image13.png) + + + diff --git "a/INFRA_DOCS/\346\236\204\345\273\272\345\271\263\345\217\260ABS/\345\206\205\346\240\270\346\272\220\347\240\201.md" "b/INFRA_DOCS/\346\236\204\345\273\272\345\271\263\345\217\260ABS/\345\206\205\346\240\270\346\272\220\347\240\201.md" new file mode 100644 index 0000000000000000000000000000000000000000..ee0ccead900e1387742bd55e42cdefbf65aa7be1 --- /dev/null +++ "b/INFRA_DOCS/\346\236\204\345\273\272\345\271\263\345\217\260ABS/\345\206\205\346\240\270\346\272\220\347\240\201.md" @@ -0,0 +1,27 @@ +# 内核源码 +### 介绍 +支持Anolis OS及Upstream的内核源码构建,支持上游看护内核构建流程。 + +#### 新建 + 在内核源码标签页, 「+ 新建」 ,可以进入表单填写页,根据需求填写对应的设置参数。 +![输入图片说明](../assets/构建平台ABS/image22.png) + +配置参数: + +| 名称 | 描述 | +|------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| 构建名称 | 该产出物为构建所用名的名称,支持自定义命名。 | +| 描述 | 概述构建的内容。 | +| 构建模式 | 根据不同产品支持程度不同, 有些可能只生成全量包:
基础包: 只生成三个rpm文件(kernel, kernel-headers, kernel-devel), 构建速度最快。
全量包: 生成最全的rpm包(包含基础包以外的包), 构建速度最慢。
覆盖率包: 生成覆盖率测试的包(目前没有产品支持, 属于预留模式)。 | +| 产品及版本 | 可选择Anolis OS产品内核的版本。(系统预设,管理员可在后台配置) | + +注: +以下为跟随配置项获取,可手动修改。 +- OS架构:选择架构类型。 +- 仓库地址:默认产品的仓库地址。 +- 分支名称:默认的仓库分支。 +- Commit ID:选填项。 +#### 删除 +选择要删除的构建记录,在详情页右上角选择「删除」即可 。 +![输入图片说明](../assets/构建平台ABS/image23.png) + diff --git "a/INFRA_DOCS/\346\236\204\345\273\272\345\271\263\345\217\260ABS/\350\275\257\344\273\266\345\214\205\346\236\204\345\273\272.md" "b/INFRA_DOCS/\346\236\204\345\273\272\345\271\263\345\217\260ABS/\350\275\257\344\273\266\345\214\205\346\236\204\345\273\272.md" new file mode 100644 index 0000000000000000000000000000000000000000..13a88b3d0e926b02574abcd858d0c1df7146e84f --- /dev/null +++ "b/INFRA_DOCS/\346\236\204\345\273\272\345\271\263\345\217\260ABS/\350\275\257\344\273\266\345\214\205\346\236\204\345\273\272.md" @@ -0,0 +1,64 @@ +# 软件包构建 +### 介绍 +两种构建模式:\ +1.测试构建:服务开发者进行测试,不作为正式官方发布使用。\ +2.生产构建:服务于官方产品正式构建及发布使用。 + +### 添加软件包 +ABS 提供了添加软件包的功能。你可以在项目 **从外部导入**或**从平台上选择**,将软件包添加到项目中。 + + +#### 从外部倒入 + 点击 「+ 添加软件包」 >「从外部导入」 ,项目拥有者可以从Gitee仓库导入到ABS平台。 +![输入图片说明](../assets/构建平台ABS/image14.png) + +Tips:\ + a. 目前只支持Gitee仓库的单个软件包导入。\ + b. 不可重复的导入相同分支下的软件包。\ + c. 软件包描述暂不支持后期修改内容。请项目拥有者谨慎填写。 + +#### 从平台上选择 + 点击 「+ 添加软件包」>「从外部导入」,项目拥有者可以从ABS平台上公开软件包导入。 +![输入图片说明](../assets/构建平台ABS/image15.png) + + +### 构建软件包 +#### 需要完成基础设置 +创建项目,并将软件包添加到该项目。 +![输入图片说明](../assets/构建平台ABS/image15.png) +#### 项目配置产品和OS架构 +![输入图片说明](../assets/构建平台ABS/image16.png) +#### 开始构建 +##### 测试构建 +准备阶段完成后,在软件包详情页右上角点击「测试构建」即可开始。 + +![输入图片说明](../assets/构建平台ABS/image17.png) + +##### 生产构建 +准备阶段完成后,在软件包详情页右上角点击「生产构建」即可开始。 + +![输入图片说明](../assets/构建平台ABS/image19.png) +然后,选择配置的产品类型。 + +![输入图片说明](../assets/构建平台ABS/image21.png)\ +确定后,跳到官方项目下构建。结束后,可查看构建结果。 + +Tips:\ +个人项目的构建默认属于**测试构建**,rpm包如果有maintainer/contributor权限可以提交**生产构建**。 + +#### 构建结果 +构建结束后,可查看构建结果。 + +![输入图片说明](../assets/构建平台ABS/image18.png)\ +Tips:\ +成功构建的软件包不可重复构建。 + +构建结果分四个部分: +- **结果状态** + - 根据需求展现软件包构建的龙蜥产品上和OS架构,可通过「Tab标签」切换查看详细构建信息。同时,点击「x86_64」或「Arrch64」查看详细构建日志。 +- **代码库** + - 将记录导入软件包的代码库、分支及提交信息,不受其他分支的影响。 +- **RPM包下载** + - 包含了当前产品和OS架构中的软件包、src源码包。提供用户下载到本地。 +- **YUM源** + - 用户可通过配置网络yum源,从指定的服务器下载并且安装。 \ No newline at end of file diff --git "a/INFRA_DOCS/\346\236\204\345\273\272\345\271\263\345\217\260ABS/\351\225\234\345\203\217.md" "b/INFRA_DOCS/\346\236\204\345\273\272\345\271\263\345\217\260ABS/\351\225\234\345\203\217.md" new file mode 100644 index 0000000000000000000000000000000000000000..43420d1a8def7902931182eb3540df36b09458a8 --- /dev/null +++ "b/INFRA_DOCS/\346\236\204\345\273\272\345\271\263\345\217\260ABS/\351\225\234\345\203\217.md" @@ -0,0 +1,63 @@ +# 镜像 + +### ISO镜像 +ABS提供了Rebrand镜像构建推送至镜像仓库服务,并存储于服务器仓库,用于后续的下载和部署任务。一键构建基于Anolis OS发行版的ISO镜像。目前该功能可以支持用户自定义替换ISO镜像中的「logo文字信息」、「图片信息」等信息。 + +#### 一.镜像列表 +镜像列表将不同阶段和架构类型的镜像集合,每个镜像有不同的构建状态组成。 +镜像列表分为4个部分: +1. **搜索框:** 通过搜索功能,可以在快速通过镜像名称全局范围内查找镜像。 +2. **新建镜像:** 可新建ISO镜像和VHD镜像。 +3. **排序:** 按照条件筛选查找镜像。 +4. **镜像总览:** 主要提供了镜像维度和构建状态总览两个视角。 +![输入图片说明](../assets/构建平台ABS/image1.jpg) + + +#### 二.如何新建镜像和删除 + +##### 新建 +点击 「+ 新建Rebrand镜像」 ,可以进入表单填写页,根据需求填写对应的设置参数。 +![输入图片说明](../assets/构建平台ABS/image2.jpg) + +基本格式如下: + +| 名称 | 描述 | +|------|------| +| 镜像名称 | 生成镜像文件的名称。 | +| OS 架构 | 生成的镜像能够在此架构上安装,支持x86_64和aarch64架构,更多类型正在接入中。 | +| 产品及版本 | 基于此产品进行镜像构建,支持Anolis OS 8.4,更多产品类型正在接入中。 | +| 镜像类型 | 生成镜像的文件格式,支持ISO镜像,更多镜像类型正在接入中。 | +| 构建模式 | 这里是列表文本生成镜像的模式,支持最小化镜像和全量镜像。| +| 描述 | 用于本次生成镜像的描述说明。 | +| 系统信息 |用于修改需要rebrand包的配置信息,包含名称配置和图标配置。 | +| 名称配置 | 用于修改anolis-release包中的信息,包含产品名称、系统名称、系统ID、官方地址等参数。 | +| 图标配置 | 用于修改anolis-logos包中的信息,包含产品名称、系统LOGO、系统ICON、桌面背景图等参数。 | +| 产品名称 | 对应DIST字段,例如Anolis OS 8的产品名称为;an8。| +| 系统名称 | 勾选名称配置后为必填项,在os-release中对应NAME字段。 | +| 系统ID | 勾选名称配置后为必填项,在os-release中对应ID字段。 | +| 官方地址 | 勾选名称配置后为必填项,在os-release中对应HOME_URL字段。 | +| 系统LOGO | 勾选图标配置后为必填项,svg类型图片,大小不超过1MB,尺寸不限。 | +| 系统ICON | 勾选图标配置后为必填项,svg类型图片,大小不超过1MB,尺寸不限。 | +| 桌面背景图 | 勾选图标配置后为必填项,png类型图片,大小不超过10MB,尺寸不限,推荐使用1920x1200px,其它尺寸可能造成显示的图片变形或模糊等问题。 | + +注: +1. 最小化镜像:是指仅包含操作系统发行版的基础应用软件包的镜像,这些基础应用软件包可以保证操作系统正常启动。容量大约为1G左右。 +2. 全量镜像:是指包含了操作系统发行版的所有应用软件包的镜像。容量大约为8G左右。 +3. 选择最小化镜像模式如果替换了图标配置,在镜像安装之后并不会立即显示图片信息,需要用户手动安装桌面应用之后(例如 KDE 或者 GNOME 等),才会正常显示替换之后的图片信息。 +4. 仅支持1个构建一个镜像同时构建,如需构建多个镜像,请在上一个镜像构建完成后,再次进行构建镜像。 + +##### 删除 +选择要删除的镜像,在详情页右上角选择「删除」即可。 + +![输入图片说明](../assets/构建平台ABS/image3.jpg) + + +### VHD镜像 +#### 敬请期待 + + + + + + + diff --git "a/INFRA_DOCS/\346\265\213\350\257\225\345\271\263\345\217\260T-One/T-One\346\226\207\346\241\243.md" "b/INFRA_DOCS/\346\265\213\350\257\225\345\271\263\345\217\260T-One/T-One\346\226\207\346\241\243.md" new file mode 100644 index 0000000000000000000000000000000000000000..ae360d1d152ebeb5e3002610cfb7b41f3596a293 --- /dev/null +++ "b/INFRA_DOCS/\346\265\213\350\257\225\345\271\263\345\217\260T-One/T-One\346\226\207\346\241\243.md" @@ -0,0 +1,7 @@ +T-One 系统的相关材料: + +部署手册(SIG):https://openanolis.cn/sig/t-one/doc/477143281756406096 + +社区版系统链接:https://tone.openanolis.cn/ + +T-One 帮助文档:https://tone.openanolis.cn/help_doc/2 \ No newline at end of file diff --git "a/INFRA_DOCS/\347\244\276\345\214\272\347\256\241\347\220\206\346\265\201\347\250\213/CLA \347\255\276\347\275\262\346\223\215\344\275\234\346\211\213\345\206\214.md" "b/INFRA_DOCS/\347\244\276\345\214\272\347\256\241\347\220\206\346\265\201\347\250\213/CLA \347\255\276\347\275\262\346\223\215\344\275\234\346\211\213\345\206\214.md" index b28b04f643122b019e912540f228c8ed20be9eeb..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 100644 --- "a/INFRA_DOCS/\347\244\276\345\214\272\347\256\241\347\220\206\346\265\201\347\250\213/CLA \347\255\276\347\275\262\346\223\215\344\275\234\346\211\213\345\206\214.md" +++ "b/INFRA_DOCS/\347\244\276\345\214\272\347\256\241\347\220\206\346\265\201\347\250\213/CLA \347\255\276\347\275\262\346\223\215\344\275\234\346\211\213\345\206\214.md" @@ -1,3 +0,0 @@ - - - diff --git "a/INFRA_DOCS/\347\244\276\345\214\272\347\256\241\347\220\206\346\265\201\347\250\213/FAQ.md" "b/INFRA_DOCS/\347\244\276\345\214\272\347\256\241\347\220\206\346\265\201\347\250\213/FAQ.md" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/\347\244\276\345\214\272\347\256\241\347\220\206\346\265\201\347\250\213/SIG \347\256\241\347\220\206.md" "b/INFRA_DOCS/\347\244\276\345\214\272\347\256\241\347\220\206\346\265\201\347\250\213/SIG \347\256\241\347\220\206.md" new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git "a/INFRA_DOCS/\350\275\257\344\273\266\345\210\266\345\223\201\344\270\255\345\277\203PackageCenter/pkgcenter API\346\226\207\346\241\243.md" "b/INFRA_DOCS/\350\275\257\344\273\266\345\210\266\345\223\201\344\270\255\345\277\203PackageCenter/pkgcenter API\346\226\207\346\241\243.md" new file mode 100644 index 0000000000000000000000000000000000000000..64cf45b05ef28bfcc916d6ba7630774c0dd4ae03 --- /dev/null +++ "b/INFRA_DOCS/\350\275\257\344\273\266\345\210\266\345\223\201\344\270\255\345\277\203PackageCenter/pkgcenter API\346\226\207\346\241\243.md" @@ -0,0 +1,1503 @@ +### Base Url +https://package.openanolis.cn + +### token签名算法 +#### 配置说明 +```python +# 服务器地址 +hostname = +# 服务器鉴权名称 +sys_name = +# 服务器鉴权token +token = +``` + +sys_name和token需要向[@佐祐(chenyuao.cya)](/chenyuao.cya) 申请 + +```python +hostname = 'https://package.openanolis.cn' +sys_name = '' +token = '' +``` +#### 使用HTTP调用 + +1. 接口签名方式 +调用接口时,需要对请求进行签名,方可认证通过。接口请求需携带以下参数作为请求头: + - Timestamp:请求时间戳,单位毫秒,为发送请求时的时间(此参数会进行校验,请保证使用当前时间),300秒超时 + - Token:服务器鉴权token + - Signature:签名,请求签名 + +签名计算方法为: +`sha256(sys_name + ":" + token + ":" + timestamp)` + +2. python3 demo + +```python +import base64 +import hashlib +import requests +import time + + +class PackageCenterApiDemo: + """package-center api demo""" + def __init__(self, hostname, sys_name, token): + self.hostname = hostname + self.sys_name = sys_name + self.token = token + + def get_sign_headers(self): + timestamp = str(round(time.time() * 1000)) + sign_items = [self.sys_name, self.token, timestamp] + hash_obj = hashlib.sha256() + hash_obj.update(':'.join(sign_items).encode('utf-8')) + signature = hash_obj.digest() + signature = base64.b64encode(signature) + return {'Timestamp': timestamp, 'Token': self.token, 'Signature': signature} + + def get_package_list(self): + """ + 调用标签管理列表API + """ + headers = {} + headers.update(self.get_sign_headers()) + params = { + 'page_num': 1, + 'page_size': 20, + + } + resp = requests.get('{}/openapi/label/'.format(self.hostname), params=params, headers=headers, verify=False) + if resp.ok: + return resp.json() + + +if __name__ == '__main__': + package_client = PackageCenterApiDemo('https://package.openanolis.cn', 'test', 'xxxxxxxxxxxxxxxxxx') + package_list = package_client.get_package_list() + print(package_list) + + + + +``` + +返回: + +```json +{ + "code": 200, + "msg": "success", + "data": [ + { + "label_name": "测试", + "desc": "测试标签", + "colour": "#B3312C", + "id": 2, + "gmt_created": "2023-05-29 18:22:28", + "gmt_modified": "2023-05-29 18:22:28", + "pkg_count": 3 + }, + { + "label_name": "长度测试标签", + "desc": "文字长度测试标签", + "colour": "#539F34", + "id": 3, + "gmt_created": "2023-05-30 18:05:04", + "gmt_modified": "2023-05-30 18:05:04", + "pkg_count": 4 + }, + { + "label_name": "文字测试标签", + "desc": "文字长度标签测试", + "colour": "#7B7B7B", + "id": 4, + "gmt_created": "2023-05-30 18:06:01", + "gmt_modified": "2023-05-30 18:06:01", + "pkg_count": 1 + }, + { + "label_name": "Linux", + "desc": null, + "colour": "#DD9BD7", + "id": 5, + "gmt_created": "2023-05-31 10:26:13", + "gmt_modified": "2023-05-31 11:00:11", + "pkg_count": 3 + } + ] +} +``` +### 软件包列表 + +- 功能:获取所有软件包列表,默认100条 +- 方式:GET +- api:/openapi/package +##### 请求参数解析 +| **参数** | **是否必填** | **类型** | **备注(默认精准匹配)** | +| --- | --- | --- | --- | +| page_num | 否 | int | 页数 | +| page_size | 否 | int | 每页的个数 | +| name | 否 | str | 支持模糊搜索的软件包名称 | +| maturity | 否 | str | 按照软件包成熟度筛选,可选(stable,system) | +| label | 否 | str | 按照软件包的标签筛选,支持查询多个标签 | + +##### 响应参数解析 + +- 请求示例: + +/openapi/package/?page_num=1&page_size=5&maturity=system&name=python +```json +{ + "code": 200, + "msg": "success", + "data": { + "data": [ + { + "name": "python-itsdangerous", + "meta_type": "rpm", + "maintainer": null, + "contributors": "[\"HelloWorld_lvcongqing\", \"mgb01105731\", \"zhangbinchen\", \"geliwei\", \"qingxiyingyue\"]", + "sig_group": null, + "repo_url": "https://gitee.com/src-anolis-os/python-itsdangerous", + "upstream_source_library": null, + "id": 3, + "gmt_created": "2023-05-25 14:04:22", + "gmt_modified": "2023-05-26 07:29:51", + "maturity": [ + "system" + ], + "licenses": [ + "BSD" + ], + "label": [] + }, + { + "name": "python-jwcrypto", + "meta_type": "rpm", + "maintainer": null, + "contributors": "[\"jiangbojacob\", \"hongwei-qin\", \"zhangbinchen\", \"geliwei\"]", + "sig_group": null, + "repo_url": "https://gitee.com/src-anolis-os/python-jwcrypto", + "upstream_source_library": null, + "id": 8, + "gmt_created": "2023-05-25 14:04:30", + "gmt_modified": "2023-05-26 07:30:01", + "maturity": [ + "system" + ], + "licenses": [ + "LGPLv3+" + ], + "label": [] + }, + { + "name": "python-docutils", + "meta_type": "rpm", + "maintainer": null, + "contributors": "[\"jiangbojacob\", \"fundawang\", \"zhangbinchen\", \"geliwei\"]", + "sig_group": null, + "repo_url": "https://gitee.com/src-anolis-os/python-docutils", + "upstream_source_library": null, + "id": 11, + "gmt_created": "2023-05-25 14:04:35", + "gmt_modified": "2023-05-26 07:30:04", + "maturity": [ + "system" + ], + "licenses": [ + "BSD", + "GPLv3+", + "Public Domain", + "Python" + ], + "label": [] + }, + { + "name": "python-cpio", + "meta_type": "rpm", + "maintainer": null, + "contributors": "[\"zhangbinchen\", \"geliwei\"]", + "sig_group": null, + "repo_url": "https://gitee.com/src-anolis-os/python-cpio", + "upstream_source_library": null, + "id": 15, + "gmt_created": "2023-05-25 14:04:43", + "gmt_modified": "2023-05-25 14:04:43", + "maturity": [ + "system" + ], + "licenses": [ + "LGPLv2+" + ], + "label": [] + }, + { + "name": "python-augeas", + "meta_type": "rpm", + "maintainer": null, + "contributors": "[\"zhangbinchen\", \"geliwei\"]", + "sig_group": null, + "repo_url": "https://gitee.com/src-anolis-os/python-augeas", + "upstream_source_library": null, + "id": 19, + "gmt_created": "2023-05-25 14:04:50", + "gmt_modified": "2023-05-25 14:04:50", + "maturity": [ + "system" + ], + "licenses": [ + "LGPLv2+" + ], + "label": [] + } + ], + "page_num": 1, + "page_size": 5, + "total": 66, + "total_page": 14 + } +} +``` +dataObject + +| **参数** | **类型** | **备注** | +| --- | --- | --- | +| id | int | id | +| name | str | 软件包名称 | +| meta_type | str | 软件包类型 | +| maintainer | str | 拥有者 | +| contributors | list[str,str] | 贡献者 | +| sig_group | str | sig组 | +| repo_url | str | 仓库地址 | +| upstream_source_library | str | 上游源码仓库 | +| gmt_created | str | 创建时间 | +| gmt_modified | str | 修改时间 | +| maturity | list | 成熟度 | +| licenses | list | 软件许可证 | +| label | list[LabelObject] | 给软件打的标签列表 | + + +### 软件包详情总览 + +- 根据软件名查询软件详细信息 +- 方式:get +- api:/openapi/package/detail/{name} +- 例如:/api/package/detail/python +##### 请求参数解析 +| **参数** | **是否必填** | **类型** | **备注** | +| --- | --- | --- | --- | +| name | 是 | str | 软件包名称 | + +##### 响应参数解析 +```json +{ + "code": 200, + "msg": "success", + "data": { + "name": "python", + "meta_type": "rpm", + "maintainer": null, + "contributors": [ + "", + "anolis-bot", + "xzyangha", + "zhangbinchen" + ], + "sig_group": null, + "repo_url": "https://gitee.com/src-anolis-os/python", + "upstream_source_library": null, + "id": 4006, + "gmt_created": "2023-05-25 16:01:45", + "gmt_modified": "2023-05-26 09:09:20", + "product_system": [ + { + "product": "Anolis OS 7", + "version": "2.7.5-90.0.1.an7", + "history_version": [ + "2.7.5-90.0.1.an7" + ], + "arch": [], + "desc": "Python is an interpreted, interactive, object-oriented programming\nlanguage often compared to Tcl, Perl, Scheme or Java. Python includes\nmodules, classes, exceptions, very high level dynamic data types and\ndynamic typing. Python supports interfaces to many system calls and\nlibraries, as well as to various windowing systems (X11, Motif, Tk,\nMac and MFC).\n\nProgrammers can write new built-in modules for Python in C or C++.\nPython can be used as an extension language for applications that need\na programmable interface.\n\nNote that documentation for Python is provided in the python-docs\npackage.\n\nThis package provides the \"python\" executable; most of the actual\nimplementation is within the \"python-libs\" package.", + "maturity": "system", + "license": [ + "Python" + ], + "organization": "http://www.python.org/" + } + ], + "cve": [ + { + "cve_num": "CVE-2017-20052", + "nvd_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20052" + }, + { + "cve_num": "CVE-2020-14380", + "nvd_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14380" + }, + { + "cve_num": "CVE-2021-28861", + "nvd_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861" + }, + { + "cve_num": "CVE-2021-3654", + "nvd_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3654" + }, + { + "cve_num": "CVE-2022-40899", + "nvd_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40899" + }, + { + "cve_num": "CVE-2022-45061", + "nvd_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45061" + }, + { + "cve_num": "CVE-2023-23931", + "nvd_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23931" + }, + { + "cve_num": "CVE-2023-24329", + "nvd_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24329" + }, + { + "cve_num": "CVE-2023-27043", + "nvd_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27043" + } + ], + "label": [] + } +} +``` +dataObject + +| **参数** | **类型** | **备注** | +| --- | --- | --- | +| id | int | id | +| name | str | 软件包名称 | +| meta_type | str | 软件包类型 | +| maintainer | str | 拥有者 | +| contributors | list[str,str] | 贡献者 | +| sig_group | str | sig组 | +| repo_url | str | 仓库地址 | +| upstream_source_library | str | 上游源码仓库 | +| gmt_created | str | 创建时间 | +| gmt_modified | str | 修改时间 | +| product_system | list[ProductSystemObject] | 产品版本信息 | +| cve | list[CveObject] | 关联的cve数据 | + +ProductSystemObject + +| **参数** | **类型** | **备注** | +| --- | --- | --- | +| product | str | 产品名称 | +| version | str | 包的版本-release ,格式(version-release) | +| history_version | list | 包的历史版本-release ,格式(version-release) | +| arch | list | 支持的产品架构 | +| desc | str | 描述 | +| maturity | str | 成熟度 | +| license | list | 软件许可证 | +| organization | str | 组织 | + +CveObject + +| cve_num | str | cve名称 | +| --- | --- | --- | +| nvd_url | str | nvd原始链接 | + +### 软件包详情-构建信息 + +- 功能:根据软件名称查询构建信息 +- 方式:get +- api:/openapi/package/build_list/{name} +- 例如:/openapi/package/build_list/perl-File-Fetch +##### 请求参数解析 +| **参数** | **是否必填** | **类型** | **备注** | +| --- | --- | --- | --- | +| name | 是 | str | 软件包名称 | +| version_release | 否 | str | 筛选特定版本-release的构建信息,格式version-release | + +##### 响应参数解析 +```json +{ + "code": 200, + "msg": "success", + "data": [ + { + "is_formal": false, + "build_id": 24604, + "pull_request": null, + "product": "Anolis 8", + "from_branch": "a8", + "branch": null, + "bugzilla_id": null, + "rpm_level": { + "src": [ + { + "name": "perl-File-Fetch-0.56-2.0.1.an8.src.rpm", + "url": "https://abs.openanolis.cn/download/cobratoxin-abs-test/perl-File-Fetch/0.56-2.0.1.an8/src/Packages/perl-File-Fetch-0.56-2.0.1.an8.src.rpm" + } + ], + "noarch": [ + { + "name": "perl-File-Fetch-doc-0.56-2.0.1.an8.noarch.rpm", + "url": "https://abs.openanolis.cn/download/cobratoxin-abs-test/perl-File-Fetch/0.56-2.0.1.an8/noarch/Packages/perl-File-Fetch-doc-0.56-2.0.1.an8.noarch.rpm" + } + ] + }, + "rpm_list": [ + "https://abs.openanolis.cn/download/cobratoxin-abs-test/perl-File-Fetch/0.56-2.0.1.an8/src/Packages/perl-File-Fetch-0.56-2.0.1.an8.src.rpm", + "https://abs.openanolis.cn/download/cobratoxin-abs-test/perl-File-Fetch/0.56-2.0.1.an8/noarch/Packages/perl-File-Fetch-0.56-2.0.1.an8.noarch.rpm", + "https://abs.openanolis.cn/download/cobratoxin-abs-test/perl-File-Fetch/0.56-2.0.1.an8/noarch/Packages/perl-File-Fetch-doc-0.56-2.0.1.an8.noarch.rpm" + ], + "build_status": [ + { + "arch": "x86_64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=604050" + }, + { + "arch": "aarch64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=604050" + } + ], + "build_tag": "dist-an8", + "build_start_time": "2023-04-21 08:51:07", + "build_end_time": "2023-04-21 08:54:26", + "id": 1538 + }, + { + "is_formal": false, + "build_id": 23847, + "pull_request": "https://gitee.com/src-anolis-os/perl-File-Fetch/pulls/5", + "product": "Anolis 23", + "from_branch": "a23", + "branch": "a23", + "bugzilla_id": null, + "rpm_level": { + "src": [ + { + "name": "perl-File-Fetch-1.04-4.an23.src.rpm", + "url": "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/c163e7ca491d017a6a36d4755028160e6fd70b1c/perl-File-Fetch-1.04-4.an23.src.rpm" + } + ], + "noarch": [ + { + "name": "perl-File-Fetch-tests-1.04-4.an23.noarch.rpm", + "url": "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/c163e7ca491d017a6a36d4755028160e6fd70b1c/perl-File-Fetch-tests-1.04-4.an23.noarch.rpm" + } + ] + }, + "rpm_list": [ + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/c163e7ca491d017a6a36d4755028160e6fd70b1c/perl-File-Fetch-1.04-4.an23.src.rpm", + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/c163e7ca491d017a6a36d4755028160e6fd70b1c/perl-File-Fetch-1.04-4.an23.noarch.rpm", + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/c163e7ca491d017a6a36d4755028160e6fd70b1c/perl-File-Fetch-doc-1.04-4.an23.noarch.rpm", + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/c163e7ca491d017a6a36d4755028160e6fd70b1c/perl-File-Fetch-tests-1.04-4.an23.noarch.rpm" + ], + "build_status": [ + { + "arch": "x86_64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=598641" + }, + { + "arch": "aarch64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=598641" + } + ], + "build_tag": "dist-an23", + "build_start_time": "2023-04-14 10:04:06", + "build_end_time": "2023-04-14 10:06:15", + "id": 1539 + }, + { + "is_formal": false, + "build_id": 23515, + "pull_request": "https://gitee.com/src-anolis-os/perl-File-Fetch/pulls/5", + "product": "Anolis 23", + "from_branch": "a23", + "branch": "a23", + "bugzilla_id": null, + "rpm_level": { + "src": [ + { + "name": "perl-File-Fetch-1.04-4.an23.src.rpm", + "url": "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/58dc1f892f9bb22e6a109f5dca2ab74f879f3579/perl-File-Fetch-1.04-4.an23.src.rpm" + } + ], + "noarch": [ + { + "name": "perl-File-Fetch-tests-1.04-4.an23.noarch.rpm", + "url": "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/58dc1f892f9bb22e6a109f5dca2ab74f879f3579/perl-File-Fetch-tests-1.04-4.an23.noarch.rpm" + } + ] + }, + "rpm_list": [ + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/58dc1f892f9bb22e6a109f5dca2ab74f879f3579/perl-File-Fetch-1.04-4.an23.src.rpm", + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/58dc1f892f9bb22e6a109f5dca2ab74f879f3579/perl-File-Fetch-1.04-4.an23.noarch.rpm", + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/58dc1f892f9bb22e6a109f5dca2ab74f879f3579/perl-File-Fetch-doc-1.04-4.an23.noarch.rpm", + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/58dc1f892f9bb22e6a109f5dca2ab74f879f3579/perl-File-Fetch-tests-1.04-4.an23.noarch.rpm" + ], + "build_status": [ + { + "arch": "x86_64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=595923" + }, + { + "arch": "aarch64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=595923" + } + ], + "build_tag": "dist-an23", + "build_start_time": "2023-04-12 09:59:04", + "build_end_time": "2023-04-12 10:01:53", + "id": 1540 + }, + { + "is_formal": false, + "build_id": 23466, + "pull_request": "https://gitee.com/src-anolis-os/perl-File-Fetch/pulls/5", + "product": "Anolis 23", + "from_branch": "a23", + "branch": "a23", + "bugzilla_id": null, + "rpm_level": { + "src": [ + { + "name": "perl-File-Fetch-1.04-3.an23.src.rpm", + "url": "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/cdfc421fc3cdc9b19a21b1a0b26d46dfb967e6c5/perl-File-Fetch-1.04-3.an23.src.rpm" + } + ], + "noarch": [ + { + "name": "perl-File-Fetch-tests-1.04-3.an23.noarch.rpm", + "url": "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/cdfc421fc3cdc9b19a21b1a0b26d46dfb967e6c5/perl-File-Fetch-tests-1.04-3.an23.noarch.rpm" + } + ] + }, + "rpm_list": [ + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/cdfc421fc3cdc9b19a21b1a0b26d46dfb967e6c5/perl-File-Fetch-1.04-3.an23.src.rpm", + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/cdfc421fc3cdc9b19a21b1a0b26d46dfb967e6c5/perl-File-Fetch-1.04-3.an23.noarch.rpm", + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/cdfc421fc3cdc9b19a21b1a0b26d46dfb967e6c5/perl-File-Fetch-doc-1.04-3.an23.noarch.rpm", + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/cdfc421fc3cdc9b19a21b1a0b26d46dfb967e6c5/perl-File-Fetch-tests-1.04-3.an23.noarch.rpm" + ], + "build_status": [ + { + "arch": "x86_64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=595563" + }, + { + "arch": "aarch64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=595563" + } + ], + "build_tag": "dist-an23", + "build_start_time": "2023-04-11 18:32:32", + "build_end_time": "2023-04-11 18:34:15", + "id": 1541 + }, + { + "is_formal": false, + "build_id": 18800, + "pull_request": null, + "product": "Anolis 8", + "from_branch": "a23", + "branch": null, + "bugzilla_id": null, + "rpm_level": { + "src": [ + { + "name": "perl-File-Fetch-1.04-3.an8.src.rpm", + "url": "https://abs.openanolis.cn/download/abs-/perl-File-Fetch/1.04-3.an8/src/Packages/perl-File-Fetch-1.04-3.an8.src.rpm" + } + ], + "noarch": [ + { + "name": "perl-File-Fetch-tests-1.04-3.an8.noarch.rpm", + "url": "https://abs.openanolis.cn/download/abs-/perl-File-Fetch/1.04-3.an8/noarch/Packages/perl-File-Fetch-tests-1.04-3.an8.noarch.rpm" + } + ] + }, + "rpm_list": [ + "https://abs.openanolis.cn/download/abs-/perl-File-Fetch/1.04-3.an8/src/Packages/perl-File-Fetch-1.04-3.an8.src.rpm", + "https://abs.openanolis.cn/download/abs-/perl-File-Fetch/1.04-3.an8/noarch/Packages/perl-File-Fetch-1.04-3.an8.noarch.rpm", + "https://abs.openanolis.cn/download/abs-/perl-File-Fetch/1.04-3.an8/noarch/Packages/perl-File-Fetch-doc-1.04-3.an8.noarch.rpm", + "https://abs.openanolis.cn/download/abs-/perl-File-Fetch/1.04-3.an8/noarch/Packages/perl-File-Fetch-tests-1.04-3.an8.noarch.rpm" + ], + "build_status": [ + { + "arch": "x86_64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=546009" + }, + { + "arch": "aarch64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=546009" + } + ], + "build_tag": "dist-an8", + "build_start_time": "2023-02-23 18:10:25", + "build_end_time": "2023-02-23 18:13:55", + "id": 1542 + }, + { + "is_formal": false, + "build_id": 18800, + "pull_request": null, + "product": "Anolis 23", + "from_branch": "a23", + "branch": null, + "bugzilla_id": null, + "rpm_level": { + "src": [ + { + "name": "perl-File-Fetch-1.04-3.an23.src.rpm", + "url": "https://abs.openanolis.cn/download/abs-/perl-File-Fetch/1.04-3.an23/src/Packages/perl-File-Fetch-1.04-3.an23.src.rpm" + } + ], + "noarch": [ + { + "name": "perl-File-Fetch-tests-1.04-3.an23.noarch.rpm", + "url": "https://abs.openanolis.cn/download/abs-/perl-File-Fetch/1.04-3.an23/noarch/Packages/perl-File-Fetch-tests-1.04-3.an23.noarch.rpm" + } + ] + }, + "rpm_list": [ + "https://abs.openanolis.cn/download/abs-/perl-File-Fetch/1.04-3.an23/src/Packages/perl-File-Fetch-1.04-3.an23.src.rpm", + "https://abs.openanolis.cn/download/abs-/perl-File-Fetch/1.04-3.an23/noarch/Packages/perl-File-Fetch-1.04-3.an23.noarch.rpm", + "https://abs.openanolis.cn/download/abs-/perl-File-Fetch/1.04-3.an23/noarch/Packages/perl-File-Fetch-doc-1.04-3.an23.noarch.rpm", + "https://abs.openanolis.cn/download/abs-/perl-File-Fetch/1.04-3.an23/noarch/Packages/perl-File-Fetch-tests-1.04-3.an23.noarch.rpm" + ], + "build_status": [ + { + "arch": "x86_64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=546010" + }, + { + "arch": "aarch64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=546010" + } + ], + "build_tag": "dist-an23", + "build_start_time": "2023-02-23 18:10:26", + "build_end_time": "2023-02-23 18:14:43", + "id": 1543 + }, + { + "is_formal": false, + "build_id": 18173, + "pull_request": null, + "product": "Anolis 8", + "from_branch": "a8", + "branch": null, + "bugzilla_id": null, + "rpm_level": { + "src": [ + { + "name": "perl-File-Fetch-0.56-2.0.1.an8.src.rpm", + "url": "https://abs.openanolis.cn/download/ful9-ABS-test/perl-File-Fetch/0.56-2.0.1.an8/src/Packages/perl-File-Fetch-0.56-2.0.1.an8.src.rpm" + } + ], + "noarch": [ + { + "name": "perl-File-Fetch-doc-0.56-2.0.1.an8.noarch.rpm", + "url": "https://abs.openanolis.cn/download/ful9-ABS-test/perl-File-Fetch/0.56-2.0.1.an8/noarch/Packages/perl-File-Fetch-doc-0.56-2.0.1.an8.noarch.rpm" + } + ] + }, + "rpm_list": [ + "https://abs.openanolis.cn/download/ful9-ABS-test/perl-File-Fetch/0.56-2.0.1.an8/src/Packages/perl-File-Fetch-0.56-2.0.1.an8.src.rpm", + "https://abs.openanolis.cn/download/ful9-ABS-test/perl-File-Fetch/0.56-2.0.1.an8/noarch/Packages/perl-File-Fetch-0.56-2.0.1.an8.noarch.rpm", + "https://abs.openanolis.cn/download/ful9-ABS-test/perl-File-Fetch/0.56-2.0.1.an8/noarch/Packages/perl-File-Fetch-doc-0.56-2.0.1.an8.noarch.rpm" + ], + "build_status": [ + { + "arch": "x86_64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=538119" + }, + { + "arch": "aarch64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=538119" + } + ], + "build_tag": "dist-an8", + "build_start_time": "2023-02-16 08:52:25", + "build_end_time": "2023-02-16 08:56:48", + "id": 1544 + }, + { + "is_formal": false, + "build_id": 18173, + "pull_request": null, + "product": "Anolis 23", + "from_branch": "a8", + "branch": null, + "bugzilla_id": null, + "rpm_level": { + "src": [ + { + "name": "perl-File-Fetch-0.56-2.0.1.an23.src.rpm", + "url": "https://abs.openanolis.cn/download/ful9-ABS-test/perl-File-Fetch/0.56-2.0.1.an23/src/Packages/perl-File-Fetch-0.56-2.0.1.an23.src.rpm" + } + ], + "noarch": [ + { + "name": "perl-File-Fetch-doc-0.56-2.0.1.an23.noarch.rpm", + "url": "https://abs.openanolis.cn/download/ful9-ABS-test/perl-File-Fetch/0.56-2.0.1.an23/noarch/Packages/perl-File-Fetch-doc-0.56-2.0.1.an23.noarch.rpm" + } + ] + }, + "rpm_list": [ + "https://abs.openanolis.cn/download/ful9-ABS-test/perl-File-Fetch/0.56-2.0.1.an23/src/Packages/perl-File-Fetch-0.56-2.0.1.an23.src.rpm", + "https://abs.openanolis.cn/download/ful9-ABS-test/perl-File-Fetch/0.56-2.0.1.an23/noarch/Packages/perl-File-Fetch-0.56-2.0.1.an23.noarch.rpm", + "https://abs.openanolis.cn/download/ful9-ABS-test/perl-File-Fetch/0.56-2.0.1.an23/noarch/Packages/perl-File-Fetch-doc-0.56-2.0.1.an23.noarch.rpm" + ], + "build_status": [ + { + "arch": "x86_64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=538120" + }, + { + "arch": "aarch64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=538120" + } + ], + "build_tag": "dist-an23", + "build_start_time": "2023-02-16 08:52:25", + "build_end_time": "2023-02-16 09:02:23", + "id": 1545 + }, + { + "is_formal": false, + "build_id": 16820, + "pull_request": "https://gitee.com/src-anolis-os/perl-File-Fetch/pulls/4", + "product": "Anolis 23", + "from_branch": "a23", + "branch": "a23", + "bugzilla_id": null, + "rpm_level": { + "src": [ + { + "name": "perl-File-Fetch-1.04-3.an23.src.rpm", + "url": "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/b22d6df44d60e7102b3587a410dcea6aa14b4dcd/perl-File-Fetch-1.04-3.an23.src.rpm" + } + ], + "noarch": [ + { + "name": "perl-File-Fetch-tests-1.04-3.an23.noarch.rpm", + "url": "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/b22d6df44d60e7102b3587a410dcea6aa14b4dcd/perl-File-Fetch-tests-1.04-3.an23.noarch.rpm" + } + ] + }, + "rpm_list": [ + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/b22d6df44d60e7102b3587a410dcea6aa14b4dcd/perl-File-Fetch-1.04-3.an23.src.rpm", + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/b22d6df44d60e7102b3587a410dcea6aa14b4dcd/perl-File-Fetch-1.04-3.an23.noarch.rpm", + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/b22d6df44d60e7102b3587a410dcea6aa14b4dcd/perl-File-Fetch-doc-1.04-3.an23.noarch.rpm", + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/b22d6df44d60e7102b3587a410dcea6aa14b4dcd/perl-File-Fetch-tests-1.04-3.an23.noarch.rpm" + ], + "build_status": [ + { + "arch": "x86_64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=527685" + }, + { + "arch": "aarch64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=527685" + } + ], + "build_tag": "dist-an23", + "build_start_time": "2023-02-07 13:34:47", + "build_end_time": "2023-02-07 13:38:09", + "id": 1546 + }, + { + "is_formal": false, + "build_id": 15529, + "pull_request": "https://gitee.com/src-anolis-os/perl-File-Fetch/pulls/3", + "product": "Anolis 23", + "from_branch": "a23", + "branch": "a23", + "bugzilla_id": null, + "rpm_level": { + "src": [ + { + "name": "perl-File-Fetch-1.04-2.an23.src.rpm", + "url": "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/e9b9252f6ede60376d37f8c6941a63977a685100/perl-File-Fetch-1.04-2.an23.src.rpm" + } + ], + "noarch": [ + { + "name": "perl-File-Fetch-tests-1.04-2.an23.noarch.rpm", + "url": "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/e9b9252f6ede60376d37f8c6941a63977a685100/perl-File-Fetch-tests-1.04-2.an23.noarch.rpm" + } + ] + }, + "rpm_list": [ + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/e9b9252f6ede60376d37f8c6941a63977a685100/perl-File-Fetch-1.04-2.an23.src.rpm", + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/e9b9252f6ede60376d37f8c6941a63977a685100/perl-File-Fetch-1.04-2.an23.noarch.rpm", + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/e9b9252f6ede60376d37f8c6941a63977a685100/perl-File-Fetch-tests-1.04-2.an23.noarch.rpm" + ], + "build_status": [ + { + "arch": "x86_64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=515305" + }, + { + "arch": "aarch64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=515305" + } + ], + "build_tag": "dist-an23", + "build_start_time": "2023-01-31 10:23:55", + "build_end_time": "2023-01-31 10:26:57", + "id": 1547 + }, + { + "is_formal": false, + "build_id": 9409, + "pull_request": null, + "product": "Anolis 8", + "from_branch": "a23", + "branch": null, + "bugzilla_id": null, + "rpm_level": { + "src": [ + { + "name": "perl-File-Fetch-1.04-1.an8.src.rpm", + "url": "https://abs.openanolis.cn/download/ABS-test-perl-File-Fetch/perl-File-Fetch/1.04-1.an8/src/Packages/perl-File-Fetch-1.04-1.an8.src.rpm" + } + ], + "noarch": [ + { + "name": "perl-File-Fetch-tests-1.04-1.an8.noarch.rpm", + "url": "https://abs.openanolis.cn/download/ABS-test-perl-File-Fetch/perl-File-Fetch/1.04-1.an8/noarch/Packages/perl-File-Fetch-tests-1.04-1.an8.noarch.rpm" + } + ] + }, + "rpm_list": [ + "https://abs.openanolis.cn/download/ABS-test-perl-File-Fetch/perl-File-Fetch/1.04-1.an8/src/Packages/perl-File-Fetch-1.04-1.an8.src.rpm", + "https://abs.openanolis.cn/download/ABS-test-perl-File-Fetch/perl-File-Fetch/1.04-1.an8/noarch/Packages/perl-File-Fetch-1.04-1.an8.noarch.rpm", + "https://abs.openanolis.cn/download/ABS-test-perl-File-Fetch/perl-File-Fetch/1.04-1.an8/noarch/Packages/perl-File-Fetch-tests-1.04-1.an8.noarch.rpm" + ], + "build_status": [ + { + "arch": "x86_64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=439325" + }, + { + "arch": "aarch64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=439325" + } + ], + "build_tag": "dist-an8", + "build_start_time": "2022-11-08 11:11:43", + "build_end_time": "2022-11-08 11:19:26", + "id": 1548 + }, + { + "is_formal": false, + "build_id": 9409, + "pull_request": null, + "product": "Anolis 23", + "from_branch": "a23", + "branch": null, + "bugzilla_id": null, + "rpm_level": { + "src": [ + { + "name": "perl-File-Fetch-1.04-1.an23.src.rpm", + "url": "https://abs.openanolis.cn/download/ABS-test-perl-File-Fetch/perl-File-Fetch/1.04-1.an23/src/Packages/perl-File-Fetch-1.04-1.an23.src.rpm" + } + ], + "noarch": [ + { + "name": "perl-File-Fetch-tests-1.04-1.an23.noarch.rpm", + "url": "https://abs.openanolis.cn/download/ABS-test-perl-File-Fetch/perl-File-Fetch/1.04-1.an23/noarch/Packages/perl-File-Fetch-tests-1.04-1.an23.noarch.rpm" + } + ] + }, + "rpm_list": [ + "https://abs.openanolis.cn/download/ABS-test-perl-File-Fetch/perl-File-Fetch/1.04-1.an23/src/Packages/perl-File-Fetch-1.04-1.an23.src.rpm", + "https://abs.openanolis.cn/download/ABS-test-perl-File-Fetch/perl-File-Fetch/1.04-1.an23/noarch/Packages/perl-File-Fetch-1.04-1.an23.noarch.rpm", + "https://abs.openanolis.cn/download/ABS-test-perl-File-Fetch/perl-File-Fetch/1.04-1.an23/noarch/Packages/perl-File-Fetch-tests-1.04-1.an23.noarch.rpm" + ], + "build_status": [ + { + "arch": "x86_64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=439327" + }, + { + "arch": "aarch64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=439327" + } + ], + "build_tag": "dist-an23", + "build_start_time": "2022-11-08 11:11:44", + "build_end_time": "2022-11-08 11:19:47", + "id": 1549 + }, + { + "is_formal": false, + "build_id": 9317, + "pull_request": null, + "product": "Anolis 23", + "from_branch": "a23", + "branch": null, + "bugzilla_id": null, + "rpm_level": { + "src": [ + { + "name": "perl-File-Fetch-1.04-1.an23.src.rpm", + "url": "https://abs.openanolis.cn/download/anolis-rpm-test/perl-File-Fetch/1.04-1.an23/src/Packages/perl-File-Fetch-1.04-1.an23.src.rpm" + } + ], + "noarch": [ + { + "name": "perl-File-Fetch-tests-1.04-1.an23.noarch.rpm", + "url": "https://abs.openanolis.cn/download/anolis-rpm-test/perl-File-Fetch/1.04-1.an23/noarch/Packages/perl-File-Fetch-tests-1.04-1.an23.noarch.rpm" + } + ] + }, + "rpm_list": [ + "https://abs.openanolis.cn/download/anolis-rpm-test/perl-File-Fetch/1.04-1.an23/src/Packages/perl-File-Fetch-1.04-1.an23.src.rpm", + "https://abs.openanolis.cn/download/anolis-rpm-test/perl-File-Fetch/1.04-1.an23/noarch/Packages/perl-File-Fetch-1.04-1.an23.noarch.rpm", + "https://abs.openanolis.cn/download/anolis-rpm-test/perl-File-Fetch/1.04-1.an23/noarch/Packages/perl-File-Fetch-tests-1.04-1.an23.noarch.rpm" + ], + "build_status": [ + { + "arch": "x86_64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=437713" + }, + { + "arch": "aarch64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=437713" + } + ], + "build_tag": "dist-an23", + "build_start_time": "2022-11-07 13:42:16", + "build_end_time": "2022-11-07 13:51:08", + "id": 1550 + }, + { + "is_formal": false, + "build_id": 5669, + "pull_request": null, + "product": "Anolis 8", + "from_branch": "a23", + "branch": null, + "bugzilla_id": null, + "rpm_level": { + "src": [ + { + "name": "perl-File-Fetch-1.04-1.an8.src.rpm", + "url": "https://abs.openanolis.cn/download/janos-package-test/perl-File-Fetch/1.04-1.an8/src/Packages/perl-File-Fetch-1.04-1.an8.src.rpm" + } + ], + "noarch": [ + { + "name": "perl-File-Fetch-tests-1.04-1.an8.noarch.rpm", + "url": "https://abs.openanolis.cn/download/janos-package-test/perl-File-Fetch/1.04-1.an8/noarch/Packages/perl-File-Fetch-tests-1.04-1.an8.noarch.rpm" + } + ] + }, + "rpm_list": [ + "https://abs.openanolis.cn/download/janos-package-test/perl-File-Fetch/1.04-1.an8/src/Packages/perl-File-Fetch-1.04-1.an8.src.rpm", + "https://abs.openanolis.cn/download/janos-package-test/perl-File-Fetch/1.04-1.an8/noarch/Packages/perl-File-Fetch-1.04-1.an8.noarch.rpm", + "https://abs.openanolis.cn/download/janos-package-test/perl-File-Fetch/1.04-1.an8/noarch/Packages/perl-File-Fetch-tests-1.04-1.an8.noarch.rpm" + ], + "build_status": [ + { + "arch": "x86_64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=354977" + }, + { + "arch": "aarch64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=354977" + } + ], + "build_tag": "dist-an8", + "build_start_time": "2022-09-15 18:17:11", + "build_end_time": "2022-09-15 18:23:49", + "id": 1551 + }, + { + "is_formal": false, + "build_id": 5669, + "pull_request": null, + "product": "Anolis 23", + "from_branch": "a23", + "branch": null, + "bugzilla_id": null, + "rpm_level": { + "src": [ + { + "name": "perl-File-Fetch-1.04-1.an23.src.rpm", + "url": "https://abs.openanolis.cn/download/janos-package-test/perl-File-Fetch/1.04-1.an23/src/Packages/perl-File-Fetch-1.04-1.an23.src.rpm" + } + ], + "noarch": [ + { + "name": "perl-File-Fetch-tests-1.04-1.an23.noarch.rpm", + "url": "https://abs.openanolis.cn/download/janos-package-test/perl-File-Fetch/1.04-1.an23/noarch/Packages/perl-File-Fetch-tests-1.04-1.an23.noarch.rpm" + } + ] + }, + "rpm_list": [ + "https://abs.openanolis.cn/download/janos-package-test/perl-File-Fetch/1.04-1.an23/src/Packages/perl-File-Fetch-1.04-1.an23.src.rpm", + "https://abs.openanolis.cn/download/janos-package-test/perl-File-Fetch/1.04-1.an23/noarch/Packages/perl-File-Fetch-1.04-1.an23.noarch.rpm", + "https://abs.openanolis.cn/download/janos-package-test/perl-File-Fetch/1.04-1.an23/noarch/Packages/perl-File-Fetch-tests-1.04-1.an23.noarch.rpm" + ], + "build_status": [ + { + "arch": "x86_64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=354978" + }, + { + "arch": "aarch64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=354978" + } + ], + "build_tag": "dist-an23", + "build_start_time": "2022-09-15 18:17:12", + "build_end_time": "2022-09-15 18:24:22", + "id": 1552 + }, + { + "is_formal": false, + "build_id": 3211, + "pull_request": null, + "product": "Anolis 8", + "from_branch": "a8-dev", + "branch": null, + "bugzilla_id": null, + "rpm_level": { + "src": [ + { + "name": "perl-File-Fetch-0.56-2.0.1.an8.src.rpm", + "url": "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/7d115c10ec3f535bfc661c51668a367efac74973/perl-File-Fetch-0.56-2.0.1.an8.src.rpm" + } + ], + "noarch": [ + { + "name": "perl-File-Fetch-doc-0.56-2.0.1.an8.noarch.rpm", + "url": "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/7d115c10ec3f535bfc661c51668a367efac74973/perl-File-Fetch-doc-0.56-2.0.1.an8.noarch.rpm" + } + ] + }, + "rpm_list": [ + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/7d115c10ec3f535bfc661c51668a367efac74973/perl-File-Fetch-0.56-2.0.1.an8.src.rpm", + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/7d115c10ec3f535bfc661c51668a367efac74973/perl-File-Fetch-0.56-2.0.1.an8.noarch.rpm", + "https://abs.openanolis.cn/download/OpenAnolis/perl-File-Fetch/7d115c10ec3f535bfc661c51668a367efac74973/perl-File-Fetch-doc-0.56-2.0.1.an8.noarch.rpm" + ], + "build_status": [ + { + "arch": "x86_64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=315963" + }, + { + "arch": "aarch64", + "status": "success", + "result": "查看", + "url": "http://8.131.87.1/taskinfo?taskID=315963" + } + ], + "build_tag": "dist-an8", + "build_start_time": "2022-07-19 11:38:37", + "build_end_time": "2022-07-19 11:49:31", + "id": 1553 + } + ] +} +``` +dataObject + +| **参数** | **类型** | **备注** | +| --- | --- | --- | +| is_formal | bool | False 测试构建, True 正式 | +| build_id | int | abs构建id | +| pull_request | str | | +| product | str | 产品 | +| from_branch | str | 来源分支 | +| branch | str | 目标分支 | +| bugzilla_id | int | 暂无 | +| rpm_level | list[obj] | 不同架构的构建产品下载地址 | +| build_status | list[obj] | 不同架构构建的koji记录 | +| build_tag | str | koji构建标签 | +| build_start_time | str | 构建开始时间 | +| build_end_time | str | 构建结束时间 | + + +### 软件包详情-依赖 + +- 功能:根据软件名查询软件依赖关系 +- 方式:get +- api:/openapi/package/depend_list/{name} +- 例如:/openapi/package/depend_list/perl-File-Fetch?version_release=0.56-2.0.1.an8&requires_type=requires&levle=1 +##### 请求参数解析 +| **参数** | **是否必填** | **类型** | **备注** | +| --- | --- | --- | --- | +| name | 否 | str | 查询的软件包包名 | +| version_release | 否 | str | 版本-release | +| levle | 否 | int | 查询层级,默认1 | +| depend_type | 否 | str | requires 安装依赖 +build_requires 构建依赖 +self_depend 自依赖 +be_depend 被依赖 | + +##### 响应参数解析 +```json +{ + "code": 200, + "msg": "ok", + "data": { + "relation_list": [ + { + "source": "perl-File-Fetch", + "target": "perl-Params-Check" + }, + { + "source": "perl-File-Fetch", + "target": "perl-Locale-Maketext-Simple" + }, + { + "source": "perl-File-Fetch", + "target": "perl-IPC-Cmd" + }, + { + "source": "perl-File-Fetch", + "target": "perl-Module-Load-Conditional" + } + ], + "requires_obj": [ + { + "name": "perl-File-Fetch", + "release": "2.0.1.an8", + "version": "0.56", + "id": "perl-File-Fetch" + }, + { + "name": "perl-Params-Check", + "release": "395.0.1.an8", + "version": "= 0.38", + "id": "perl-Params-Check" + }, + { + "name": "perl-Locale-Maketext-Simple", + "release": "421.0.1.an8", + "version": "= 0.21", + "id": "perl-Locale-Maketext-Simple" + }, + { + "name": "perl-IPC-Cmd", + "release": "1.0.1.an8", + "version": "= 1.02", + "id": "perl-IPC-Cmd" + }, + { + "name": "perl-Module-Load-Conditional", + "release": "395.0.1.an8", + "version": "= 0.68", + "id": "perl-Module-Load-Conditional" + } + ], + "table_list": [ + { + "name": "perl-File-Fetch", + "version": "0.56", + "release": "2.0.1.an8", + "other_name": "perl-Params-Check", + "other_version": "=0.38", + "other_release": "395.0.1.an8" + }, + { + "name": "perl-File-Fetch", + "version": "0.56", + "release": "2.0.1.an8", + "other_name": "perl-Locale-Maketext-Simple", + "other_version": "=0.21", + "other_release": "421.0.1.an8" + }, + { + "name": "perl-File-Fetch", + "version": "0.56", + "release": "2.0.1.an8", + "other_name": "perl-IPC-Cmd", + "other_version": "=1.02", + "other_release": "1.0.1.an8" + }, + { + "name": "perl-File-Fetch", + "version": "0.56", + "release": "2.0.1.an8", + "other_name": "perl-Module-Load-Conditional", + "other_version": "=0.68", + "other_release": "395.0.1.an8" + } + ] + } +} +``` +dataObject + +| **参数** | **类型** | **备注** | +| --- | --- | --- | +| relation_list | list | 关系列表 | +| requires_obj | list | 关系对象 | +| table_list | list | 依赖表 | + + +### 包的版本列表 + +- 功能:查询软件包的版本列表 +- 方式:get +- api:/openapi/package/nvr/{name} +- 例如:/openapi/package/nvr/perl-File-Fetch +##### 请求参数解析 +| **参数** | **是否必填** | **类型** | **备注** | +| --- | --- | --- | --- | +| name | 是 | str | 软件包名称 | + +##### 响应参数解析 +```json +{ + "code": 200, + "msg": "success", + "data": [ + { + "id": 748, + "nvr": "0.42-2.an7" + }, + { + "id": 749, + "nvr": "0.56-2.0.1.an8" + }, + { + "id": 750, + "nvr": "1.04-1.an23" + }, + { + "id": 751, + "nvr": "1.04-3.an23" + } + ] +} +``` +dataObject + +| **参数** | **类型** | **备注** | +| --- | --- | --- | +| id | int | + | +| nvr | str | 版本-release | + +### 标签管理 +#### 查询 + +- 方式:get +- api:/openapi/label +- 例如:/openapi/label/ +##### 请求参数解析 +无 +##### 响应参数解析 +```json +{ + "code": 200, + "msg": "success", + "data": [ + { + "label_name": "标签名2", + "desc": "描述2", + "id": 1, + "gmt_created": "2023-03-29 10:49:12", + "gmt_modified": "2023-03-29 10:49:12" + }, + { + "label_name": "标签名3", + "desc": "描述3", + "id": 2, + "gmt_created": "2023-03-29 10:49:51", + "gmt_modified": "2023-03-29 10:49:51" + } + ] +} +``` +#### 新增 + +- 方式:post +- api:/openapi/label +- 例如:/openapi/label + +##### 请求参数解析 +```json +{ + "label_name": "标签名", + "desc": "描述" +} +``` +##### 响应参数解析 +```json +{ + "code": 200, + "msg": "success", + "data": [ + { + "label_name": "标签名2", + "desc": "描述2", + "id": 1, + "gmt_created": "2023-03-29 10:49:12", + "gmt_modified": "2023-03-29 10:49:12" + }, + { + "label_name": "标签名3", + "desc": "描述3", + "id": 2, + "gmt_created": "2023-03-29 10:49:51", + "gmt_modified": "2023-03-29 10:49:51" + }, + { + "label_name": "标签名", + "desc": "描述", + "id": 3, + "gmt_created": "2023-03-29 11:19:38", + "gmt_modified": "2023-03-29 11:19:38" + } + ] +} +``` +#### 修改 + +- 方式:put +- api:/openapi/label/{id} +- 例如:/openapi/label/1 +| **参数** | **是否必填** | **类型** | **备注** | +| --- | --- | --- | --- | +| id | 是 | int | 软件包id | + +##### 请求参数解析 +```json +{ + "label_name": "新标签名", + "desc": "新的描述" +} +``` +##### 响应参数解析 +```json +{ + "code": 200, + "msg": "success", + "data": [ + { + "label_name": "新标签名", + "desc": "新的描述", + "id": 1, + "gmt_created": "2023-03-29 10:49:12", + "gmt_modified": "2023-03-29 11:26:52" + }, + { + "label_name": "标签名3", + "desc": "描述3", + "id": 2, + "gmt_created": "2023-03-29 10:49:51", + "gmt_modified": "2023-03-29 10:49:51" + }, + { + "label_name": "标签名", + "desc": "描述", + "id": 3, + "gmt_created": "2023-03-29 11:19:38", + "gmt_modified": "2023-03-29 11:19:38" + } + ] +} +``` +#### 删除 + +- 方式:delete +- api:/openapi/label/{id} +- 例如:/openapi/label/3 +##### 请求参数解析 +| **参数** | **是否必填** | **类型** | **备注** | +| --- | --- | --- | --- | +| id | 是 | int | 标签id | + +##### 响应参数解析 +```json +{ + "code": 200, + "msg": "success", + "data": [ + { + "label_name": "新标签名", + "desc": "新的描述", + "id": 1, + "gmt_created": "2023-03-29 10:49:12", + "gmt_modified": "2023-03-29 11:26:52" + }, + { + "label_name": "标签名3", + "desc": "描述3", + "id": 2, + "gmt_created": "2023-03-29 10:49:51", + "gmt_modified": "2023-03-29 10:49:51" + } + ] +} +``` + diff --git "a/INFRA_DOCS/\351\225\234\345\203\217\345\210\266\344\275\234\345\271\263\345\217\260/\347\224\250\346\210\267\346\226\207\346\241\243.md" "b/INFRA_DOCS/\351\225\234\345\203\217\345\210\266\344\275\234\345\271\263\345\217\260/\347\224\250\346\210\267\346\226\207\346\241\243.md" new file mode 100644 index 0000000000000000000000000000000000000000..2ca23bce64a4fb2002a40c0a35636506c57991aa --- /dev/null +++ "b/INFRA_DOCS/\351\225\234\345\203\217\345\210\266\344\275\234\345\271\263\345\217\260/\347\224\250\346\210\267\346\226\207\346\241\243.md" @@ -0,0 +1,525 @@ + +# 服务介绍 +为了支持龙蜥社区容器镜像 2.0 的构建发布流程,bot为社区容器镜像仓库提供了基于龙蜥系统的DockerCI测试服务,每当有新的PR提交时,bot会自动检测PR中的Dockerfile文件修改,并触发ABS容器镜像构建任务,当测试镜像构建成功时,会触发T-One容器镜像测试任务,测试项包含基础镜像测试和应用镜像测试、语言镜像测试、AI 镜像测试以及其他镜像测试。同时系统会自动将测试镜像推送至官方正式仓库,当镜像发布成功,PR将被maintainer合入。 + +# PR规范 + +- 容器镜像 2.0 CI 服务仅支持龙蜥社区官方[容器仓库](https://gitee.com/anolis/anolis-container ) 作为主仓库及在镜像平台上配置的分仓库。 +- 向容器仓库提交PR时,每个PR中允许包含多个Dockerfile文件。 +- 在仓库根目录下需要配置 version-base.yml 文件,目录限制为:根目录/version-base.yml +- 每个应用下都需要包含 version.yml、buildspec.yml 配置文件,且目录限制为:应用类型/应用名/version.yml 和 应用类型/应用名/buildspec.yml +- 当 PR 中包含 version.yml、buildspec.yml、Dockerfile 文件时会触发构建检测,检测结果分为新增 TAG 和更新 TAG。 + 1. 其中新增 TAG 判定规则为 PR 中相较于目标仓库主分支 master 存在新增的 TAG,且 TAG 在 ACR 仓库对应的应用下不存在。 + 2. 其中更新 TAG 判定规则为 PR 中存在以 /Dockerfile 修改的 Dockerfile 文件,且 Dockerfile 文件中对应的 TAG 在目标仓库主分支 master 中已存在或在 ACR 仓库对应的应用下已存在。 +- 当镜像发布完成时或 PR 中不存在需要构建的镜像时在 PR 由 PR 提交者在仓库下输入合入指令自行考虑合入。 + +# 镜像仓库 +镜像仓库支持主仓库、分仓库配置,只有配置的镜像仓库才允许接收仓库的 PR 回调并触发构建、测试、发布流程。公网支持配置 gitee 开源仓库。 +## 主仓库 +- 容器镜像 2.0 CI服务仅支持龙蜥社区官方[容器仓库](https://gitee.com/anolis/anolis-container ) 作为主仓库。 +## 分仓库配置 +- 在[镜像平台](https://cr.openanolis.cn) 平台上配置分仓库,添加仓库基本信息,并在分仓库下配置 webhook 回调,配置联系超哥。镜像平台添加仓库信息: +![image.png](../assets/cr-images/repo_config.png) +- 分仓库下添加 webhook 信息,webhook 地址:, 事件回调勾选 ***新建/评论/重新打开 PR*** +![image.png](../assets/cr-images/pr_link.png) +## 仓库目录 +仓库的目录结构如下: + +```yaml +├── README.md +├── LICENSE +├── version-base.yml # baseos 版本依赖关系 +├── BASE # 基础类 +│ ├── anolisos +│ │ ├── buildspec.yml # 构建脚本 +│ │ ├── version.yml # 版本依赖关系,可覆盖 version-base.yml 中的配置 +│ │ ├── Dockerfile +│ ├── alinux +│ │ ├── buildspec.yml # 构建脚本 +│ │ ├── version.yml # 版本依赖关系 +│ │ ├── Dockerfile +├── LANGUAGE # 语言类 +│ ├── dragonwell +│ │ ├── buildspec.yml # 构建脚本 +│ │ ├── version.yml # 版本依赖关系 +│ │ ├── Dockerfile +│ ├── golang +│ ├── node +│ ├── python +│ ├── version-base.yml +├── APPLICATION # 应用类 +│ ├── maven +│ ├── haproxy +│ ├── mariadb +│ ├── mysql +│ ├── httpd +│ ├── memcached +│ ├── grafana +│ ├── redis +│ ├── nginx +├── OTHER # 其他类 +├── AI # AI 类 +│ ├── mxnet # AI 框架,目录结构同 tensorflow +│ ├── pytorch # AI 框架,目录结构同 tensorflow +│ ├── tensorflow +│ │ ├── buildspec.yml # 构建脚本 +│ │ ├── version.yml # BaseOS version、AI version、Python version Cuda version 依赖关系 +│ │ ├── Dockerfiles # Dockerfile 文件 +│ │ │ ├── Dockerfile-training.cpu # cpu 训练通用版本 +│ │ │ ├── Dockerfile-training.gpu # gpu 训练通用版本 +│ │ │ ├── Dockerfile-inference.cpu # cpu 推理通用版本 +│ │ │ ├── Dockerfile-inference.gpu # gpu 推理通用版本 +``` + +其中文件: version-base.yml、version.yml、buildspec.yml 位置是固定的,如下所示: + +```yaml +├── version-base.yml +├── 应用分类 +│ ├── 应用名 +│ │ ├── buildspec.yml # 构建脚本 +│ │ ├── version.yml # 版本依赖关系,可覆盖 version-base.yml 中的配置 +``` + +# PR 构建指令 +当开发者在镜像仓库下往主分支 master 上提完一个 PR 时,支持输入特定指令进行相关操作。 +## webhook 触发时机 +- 目标分支:主分支 master +- 提 PR 时 +- PR 重新打开时 +- 构建指令 + +## 构建指令 +- **/check-cla**:检查 cla 签署情况 +![image.png](../assets/cr-images/check-cla.png) +![image.png](../assets/cr-images/check-cla-2.png) +- **/start**:进入构建流程,在进入构建前会先行查看改动的镜像信息 +![image.png](../assets/cr-images/start.png) +- **/build**:执行构建操作 +![img.png](../assets/cr-images/build.png) +- **/merge**:合入当前 PR + +# YAML 书写规范 + +## yml 语法 +### 符号说明: +- & 表示变量赋值,示例:name: &NAME maven,定义一个 &NAME 变量,值等于 maven +- * 表示变量取值,示例:names: *NAME ,表示取值,等价于 names: maven +- [] 表示列表, 支持使用下标方式访问,下标取值 [0, 数组长度 - 1]。示例:versions: &VERSIONS [1.3, 4.5] ,定义一个 &VERSIONS数组,值等于 [1.3, 4.5]。数组访问示例: + +```yaml +示例1,数组按下标访问: +tags: &DATA *VERSIONS[0] # &DATA = 1.5 +tags: &DATA *VERSIONS[1] # &DATA = 4.5 +tags: &DATA *VERSIONS[2] # 异常,会报错 +``` + +- !join [] 表示字符串拼接, 用于变量赋值。当 [] 中存在数组变量时,字符串会存在多个,且连接方式从最后一个数组往前开始拆分。使用举例如下: + +```yaml +# 示例 1: 定义一个 &TAG 变量,取值为 maven1.21; +tag: &TAG !join [*NAME, "1.21"] +# 示例 2: [] 中只包含一个数组。 +# 结果:&TAG 是一个数组,取值为 [maven1.3, maven4.5] +tag: &TAG !join [*NAME, *VERSIONS] +# 示例 3: [] 中只包含多个数组,拼接顺序为先从最后一个数组进行拆分 +# 结果:&TAG 是一个数组,取值为 [maven1.3arg1, maven1.3arg2, maven4.5arg1, maven4.5arg2] +arg: &ARG [arg1, arg2] +tag: &TAG !join [*NAME, *VERSIONS, *ARG] +``` + +- () 定义一个元组,元组表示一组数据,支持使用下标方式访问。使用举例: + +```yaml +# 示例1,元素为字符串 +tags: &TAG (test_tag, arg1) +# 示例2,元素为数组 +tags: &TAG (test_tag, [arg1, arg2, arg3]) +# 示例3,元组下标访问 +tags: &TAG_DATA *TAG[0] # &TAG_DATA = test_tag +# 示例3,元组下标超出访问,取边界值 +tags: &TAG_DATA *TAG[2] # &TAG_DATA = [arg1, arg2, arg3] +``` + +### 变量引用说明 +- 变量需要遵循先定义再使用原则 +- 所有变量的作用域在当前构建事务中都是全局的,即在定义处到文件结尾 +- 变量允许重新赋值进行覆盖 + +## version-base.yml +version-base.yml 主要用来配置 BaseOS 的版本基本信息,包括 AnolisOS7/8/23、ALinux2/3 等。举例如下: + +```yaml +Dependency: # 必有字段 + AnolisOS: # 以下名称、变量均可自定义 + Anolis7: # baseos 表示一个字符串,并使用 [baseos 名称, 版本, 镜像公网地址] + 7: &AnolisOS7 [anolisos, 7, registry.openanolis.cn/openanolis/anolisos:7] + Anolis8: + 8.4: &AnolisOS8.4 [anolisos, 8.4, registry.openanolis.cn/openanolis/anolisos:8.4] + 8.6: &AnolisOS8.6 [anolisos, 8.6, registry.openanolis.cn/openanolis/anolisos:8.6] + 8.8: &AnolisOS8.8 [anolisos, 8.8, registry.openanolis.cn/openanolis/anolisos:8.8] + Anolis23: + 23: &AnolisOS23 [anolisos, 23, registry.openanolis.cn/openanolis/anolisos:23] + ALinux: + Alinux2: + 2: &Alinux2 [alinux, 2, alibaba-cloud-linux-3-registry.cn-hangzhou.cr.aliyuncs.com/alinux3/alinux3:220901.1] + Alinux3: + 3.7: &Alinux3 [alinux, 3, alibaba-cloud-linux-3-registry.cn-hangzhou.cr.aliyuncs.com/alinux3/alinux3:220901.1] +``` + +其中 Dependency: 是必有字段,BaseOS 的版本信息支持使用数组表示: + +```yaml +[baseos 名称, 版本, 镜像公网地址] +``` + +如需要另外版本信息或镜像信息有更改可在 version-base.yml 下进行编辑 + +## version.yml +version.yml 主要定义应用版本与 BaseOS 版本、Python 版本、Cuda 版本等的依赖关系。并可以使用 BaseDependency 继承 version-base.yml 中的 BaseOS 信息, 也在 version.yml 中进行重写。 +- 基础类、语言类、应用类 version.yml 文件格式如下: + +```yaml +# 继承 version-base.yml 中的配置,可复写 +BaseDependency: ../version-base.yml +Dependency: + AnolisOS: + Anolis8: # 重写 AnolisOS8.8 的信息,如无需重写,可省略 + 8.8: &AnolisOS8.8 [anolisos, 8.8, registry.hub.docker.com/openanolis/anolisos:8.8] + # 应用名 + name: maven + # 镜像类型,应用类:application,语言类:language,基础类:base + image_type: application + # 应用版本列表 + versions: + 3.5.4-openjdk-8: + # 应用版本关联的 BaseOS 版本 + baseos_version: [*AnolisOS8.6, *AnolisOS8.8] + 3.5.4-openjdk-11: + baseos_version: [*AnolisOS8.8] + 3.5.4-openjdk-17: + baseos_version: [*AnolisOS8.6, *AnolisOS8.8] +``` + +- AI 类 version.yml 文件格式如下: + +```yaml +# 继承 version-base.yml 中的配置,可复写 +BaseDependency: ../version-base.yml +Dependency: + # 应用名 + name: Tensorflow + # 镜像类型,ai_base: ai 基础类、training: 训练类、inference: 推理类 + image_type: [training, inference] + # 应用版本列表 + versions: + 1.15: + # AI 框架版本对 python 版本的要求 + python_version: [2.7, 2.8] + # gpu 对 cuda 版本的要求 + cuda_version: [8.0,9.0,9.1,9.2,10.0] + # 对 baseos 的要求,all 表示所有, *AnolisOS8.6 表示 Anolis8.6 版本 + baseos_version: [*AnolisOS8.6, *AnolisOS8.8] + 2.12: + python_version: [3.5,3.6,3.7] + cuda_version: 10.0 + baseos_version: *AnolisOS7 +``` + +## buildspec.yml +buildspec.yml 文件主要定义构建所需的一些配置信息,包括镜像仓库、测试配置、dockerfile 路径、ARGS、TAGS等。 +**buildspec.yml 文件字段自动赋值说明**: +- 文件中的 &NAME 自动赋值 version.yml 中的 name 字段。定义 name: &NAME +- 文件中的 &VERSION 自动赋值 version.yml 中的 versions 字段,当 versions 中存在多个值时,&VERSION 会依次取 versions 中的多个值。定义 versions: &VERSION +- 文件中的 &IMAGE_TYPE 自动赋值 version.yml 中的 image_type 字段,当 image_type 中存在多个值时,&IMAGE_TYPE 会依次取 image_type 中的多个值。定义 image_type: &IMAGE_TYPE +- 文件中的 &PYTHON_VERSION 自动赋值 version.yml 中的 python_version 字段,当 python_version 中存在多个值时,&PYTHON_VERSION 会依次取 python_version 中的多个值。定义 python_version: &PYTHON_VERSION +- 文件中的 &CUDA_VERSION 自动赋值 version.yml 中的 cuda_version 字段,当 cuda_version 中存在多个值时,&CUDA_VERSION 会依次取 cuda_version 中的多个值。定义 cuda_version: &CUDA_VERSION +- 文件中的 &BASEOS_VERSION 自动赋值 version.yml 中的 baseos_version 字段,当 baseos_version 中存在多个值时,&BASEOS_VERSION 会依次取 baseos_version 中的多个值。定义 baseos_version: &BASEOS_VERSION +### buildspec.yml 文件中 repository_info、t-one、images: 定义说明: +- repository_info 用来定义推送的仓库地址,支持 dockerhub、acr 测试、生产配置,格式如下: + +```yaml +repository_info: + dockerhub: &DOCKERHUB_PROD registry.hub.docker.com/openanolis + acr: &ACR_PROD anolis-registry.cn-zhangjiakou.cr.aliyuncs.com/openanolis +``` + +此处配置的仓库地址精确到命名空间,推送时地址: 仓库地址/应用名:应用tag +- t-one 用来定义测试配置,支持两种方式,一种是模版方式,workspace 和 template ,一种是参数方式。 +模版格式如下: + +```yaml +# 定义镜像测试信息 +t-one: + # 配置测试信息 workspace 和模版 + workspace: &WORKSPACE common_workspace + template: &TEMPLATE ai-image-test +``` + +模版方式引用,test_config 是个数组,数组长度固定为 2 + +```yaml +# test_config 是个数组,数组长度固定为 2 +test_config: [*WORKSPACE, *TEMPLATE] +``` + +参数格式如下: + +```yaml +# 定义镜像测试信息 +t-one: + # workspace + workspace: &WORKSPACE packageci + # 项目 + project: &PROJECT Anolis_Packages + # 测试套 + test_suite: &TEST_SUITE anolis-ci-test + # 执行测试 group, 多个用数组表示,如: [group=rpm_test, group=docker_test] + test_conf: &TEST_CONF group=rpm_test + # 执行测试 case, 多个用数组表示 [pkg_smoke_test,check_abi_diff,check_pkg_dependency] + test_case: &TEST_CASE app_container + # 云上ECS配置,支持一个 test_suite 在指定 tag ecs 上执行, ECS 对应的 TAG 需提前在 ws 上进行配置 + # cloud_server_tag 和 cloud_create_server 二选一 + cloud_server_tag: &CLOUD_SERVER_TAG [tag1] + # 实时创建的云上ECS机器规格, 元数据格式: [机器规格,镜像name], 只支持一维数组。如: [ecs.g6.large, anolisos_8_2_x64_20G_anck_alibase_20211008.vhd] + cloud_create_server: &CLOUD_CREATE_SERVER [ecs.g6.large, anolisos_8_2_x64_20G_anck_alibase_20211008.vhd] +``` + +参数方式引用,test_config 是个数组,数组长度固定为 7,若有一项空缺,请用 '' 表示 + +```yaml +# test_config 是个数组,数组长度固定为 7,若有一项空缺请留空,如: [1,'',3,4,5,[tag1, tag2],''] +test_config: [*WORKSPACE, *PROJECT, *TEST_SUITE, *TEST_CONF, *TEST_CASE, *CLOUD_SERVER_TAG, ''] +``` + +- images 用来定义构建镜像的信息 ,包括自定义的分组名称,build 参数(可以省略,默认为 true 进行构建,为 false 时则不构建,device_type 定义构建时需要的设备类型,取值 cpu/gpu,arch_type 定义构建时需要的cpu 架构,取值 x86/arm,格式如下: + +```yaml +# 构建镜像配置 +images: + # # 分组名称,支持自定义 + BuildGrafanaECSApplicationDockerImage: + # 定义是否构建参数,build 可以省略,省略默认 true,为 false 时则不进行构建 + build: true + # 定义是否测试,test 可以省略,省略默认 true,为 false 时则不进行测试 + test: true + # 指定镜像构建平台,可以省略, 不填默认 [linux/amd64, linux/arm64] + platform: [linux/amd64, linux/arm64] + # 指定构建机器所属地域,目前支持 cn-shanghai、cn-hongkong, 不填默认 cn-shanghai + region: cn-shanghai + # 定义 CPU 机器, 可以省略,默认 cpu + device_type: &DEVICE_TYPE cpu + # 定义 x86 机器, 可以省略,默认 x86 + arch_type: &ARCH_TYPE x86 + docker_file: + # dockerfile 路径 + path: APPLICATION/grafana/7.5.11/8.6/Dockerfile + # 给传递给 dockerfile 的构建参数赋值 + variable: + - &ARG1 [ (DOCKER_VERSION, 1.15), (DOCKER_BASEOS_VERSION, registry.openanolis.cn/openanolis/anolisos:8.6) ] + - &ARG2 [ (DOCKER_VERSION, 2.12), (DOCKER_BASEOS_VERSION, registry.openanolis.cn/openanolis/anolisos:8.8) ] + scene: + # 传递给 dockerfile 的构建参数,没有构建参数此处设置为 [],否则会校验不通过 + args: [] + # dockerfile 构建指定的 TAG + tags: [[ 7.5.11-8.6, 7.5.11-8.6-nydus ]] + # dockerfile 构建需要推送的镜像仓库 + registry: [[ *ACR_TEST ]] + # 测试配置,支持模版和参数两种方式 + test_config: [*WORKSPACE, *TEMPLATE] +``` + +buildspec.yml 文件中 dockerfile 下 args、tags、registry、test_config 关系定义说明: +1. 在 dockerfile 字段下允许使用 - &ARG 定义变量方式向 Dockerfile 传递变量,格式为: + +```yaml +- &ARG [(变量名1, 变量值), (变量名2, 变量值)] +``` + +其中 &ARG 定义为数组格式,数组的每一个元素为一个元组,元组包含两个元素,格式为 (变量名, 变量值),其中变量名需要和 Dockerfile 中定义的 ARG 变量名保持一致。- &ARG 可以定义多组。每一组 - &ARG 会生成一个 Dockerfile,格式如下: + +```yaml +docker_file: + path: xx./xx/Dockerfile + variable: + - &ARG1 [(变量名1, 变量值), (变量名2, 变量值)] + - &ARG2 [(变量名3, 变量值), (变量名4, 变量值)] +``` +2. 在 dockerfile 下使用字段 scene 字段定义 args 、tags、registry、test_config 之间的依赖关系。 + - args、tags、registry、test_config 均使用数组表示 + - args 只允许使用一维数组表示,数组的每一个元素表示传递给 Dockerfile 的一组参数 + - args、tags、registry、test_config 元素对应关系按下标对应,即 args[0] 对应 tags[0]、registry[0]、test_config[0],依次类推 + - tags 和 registry 对应的数组可以是二维数组,表示在一个 args 参数下可以定义多个 tags 和 registry + - 当 tags 和 registry 下标相等的情况下只允许出现一个数组,也就是只允许定义一个 tag 对应多个 registry 或者一个 registry 对应多个 tag + - test_config 用来指定每个 args 的测试配置,用一个元组来表示,元组的格式: + +```yaml +[workspace 名称,模版名称] +``` + +当 test_config 和 args 、tags、registry 一起配置单独指定每个 args 测试时只允许是一维数组,可以省略。当不需要在每个 args 单独配置时该配置可以省略,会使用下面的 test_config 统一配置, 如果下面的 test_config 也为空则取上面的 t-one 配置的统一的测试配置。 + +```yaml +docker_file: + path: xx./xx/Dockerfile + variable: + - &ARG1 [(变量名1, 变量值), (变量名1, 变量值)] + - &ARG2 [(变量名1, 变量值), (变量名1, 变量值)] + scene: + # 如下定义: ARG1 对应 tag1、对应两个 registry [*ACR_PROD], 对应测试配置 (*WORKSPACE, *TEMPLATE) + # ARG2 对应两个 tag [tag2, tag3]、对应 ACR_PROD, 对应测试配置 (*WORKSPACE, *TEMPLATE) + args: [*ARG1, *ARG2] + tags: [tag1, [tag2, tag3]] + registry: [[*ACR_PROD], *ACR_PROD] + # 每个 dockerfile 需要配置单独的测试脚本时, 可以这样对应,省略时可在下面统一配置 + test_config: [(*WORKSPACE, *TEMPLATE),(*WORKSPACE, *TEMPLATE)] +``` +3. 为了相同tag带历史版本,每个tag可通过添加"%timestamp"单独配置是否带时间戳,例如: + - 不带时间戳:grafana-7.5.11 + - 带时间戳:grafana-7.5.11%timestamp + + +### buildspec.yml 举例 +- 基础类、语言类、应用类 buildspec.yml 文件格式如下: + +```yaml +# 应用名, 自动取值 version.yml 中的 name 字段 +name: &NAME +# 应用类型, 自动取值 version.yml 中的 image_type 字段 +image_type: &IMAGE_TYPE +# 应用版本, 自动取值 version.yml 中的 versions 下的字段 +version: &VERSION +# python 版本,自动取值 version.yml 中的 python_version 字段 +python_version: &PYTHON_VERSION +# baseos_version 版本,自动取值 version.yml 中的 baseos_version 字段 +baseos_version: &BASEOS_VERSION +# cuda 版本, 自动取值 version.yml 中的 cuda_version 字段 +cuda_version: &CUDA_VERSION + +# 定义镜像仓库信息,当需要推送多个镜像地址时,用数组表示,用数组下标取值 +repository_info: + # dockerhub 配置 + dockerhub: &DOCKERHUB_PROD registry.hub.docker.com/openanolis + # acr 配置 + acr: &ACR_PROD anolis-registry.cn-zhangjiakou.cr.aliyuncs.com/openanolis + +# 定义镜像测试信息,当需要配置多个测试模版时,用数组表示,用数组下标取值 +t-one: + # 配置测试信息 workspace 和模版 + workspace: &WORKSPACE common_workspace + template: &TEMPLATE ai-image-test + +# 构建镜像配置 +images: + # 分组名称,支持自定义 + BuildGrafanaECSApplicationDockerImage: + # 定义是否构建参数 + build: true + docker_file: + path: APPLICATION/grafana/7.5.11/8.6/Dockerfile + variable: + - &ARG1 [(DOCKER_VERSION, 7.5.11), (DOCKER_BASEOS_VERSION, registry.openanolis.cn/openanolis/anolisos:8.6)] + - &ARG2 [(DOCKER_VERSION, 7.5.11), (DOCKER_BASEOS_VERSION, registry.openanolis.cn/openanolis/anolisos:8.8)] + - &ARG3 [(DOCKER_VERSION, 7.5.12), (DOCKER_BASEOS_VERSION, registry.openanolis.cn/openanolis/anolisos:8.6)] + scene: + args: [*ARG1, *ARG2, *ARG3] + tags: [grafana-7.5.11, [grafana-7.5.11, grafana-7.5.11-nydus], grafana-7.5.11-nydus] + registry: [*ACR_TEST, *ACR_TEST, [*ACR_TEST, *ACR_PROD]] + # 测试配置 + test_config: [*WORKSPACE, *TEMPLAT] +``` + +- AI 类 buildspec.yml 文件格式如下: + +```yaml +# 指定 AI 框架为 tensorflow +name: &NAME +# 镜像类型,类型取值在 version.yml 中定义 +image_type: &IMAGE_TYPE +# AI 框架版本,版本取值在 version.yml 中定义 +version: &VERSION +# 定义 python 版本,版本取值在 version.yml 中定义 +python_version: &PYTHON_VERSION +# BaseOS 版本, 版本取值在 version.yml 中定义(取之是一个具体的地址) +baseos_version: &BASEOS_VERSION +# cuda 版本, 版本取值在 version.yml 中定义 +cuda_version: &CUDA_VERSION + +# 定义镜像仓库信息,当需要推送多个镜像地址时:仓库地址,仓库名可填写多个,用英文逗号分隔 +repository_info: + # 支持定义多个,用英文逗号分隔,多个引用时 *REPOSITORY_TEST 代表一个数组,*REPOSITORY_TEST[i] 代表具体的值 + dockerhub: &DOCKERHUB_PROD registry.hub.docker.com/openanolis + acr: &ACR_PROD registry.hub.docker.com/openanolis + +# 定义镜像测试信息 +t-one: + # 配置测试信息 workspace 和模版 + workspace: &WORKSPACE common_workspace + template: &TEMPLATE ai-image-test + +# 构建镜像配置 +images: + # 在 CPU ECS 构建一个 Tensorflow 训练镜像 + BuildTensorflowECSCpuTrainingDockerImage: + # 定义是否构建参数 + build: true + # 定义 CPU 机器 + device_type: &DEVICE_TYPE cpu + # 定义 x86 机器 + arch_type: &ARCH_TYPE x86 + # 构建使用的 dockerfile 文件路径 + docker_file: + path: !join [ AI/, *NAME, /Dockerfiles, /Dockerfile-, *IMAGE_TYPE,., *DEVICE_TYPE] + variable: + - &ARG1 [(DOCKER_VERSION, 7.5.11), (DOCKER_BASEOS_VERSION, registry.openanolis.cn/openanolis/anolisos:8.6)] + - &ARG2 [(DOCKER_VERSION, 7.5.11), (DOCKER_BASEOS_VERSION, registry.openanolis.cn/openanolis/anolisos:8.8)] + - &ARG3 [(DOCKER_VERSION, 7.5.12), (DOCKER_BASEOS_VERSION, registry.openanolis.cn/openanolis/anolisos:8.6)] + scene: # 矩阵同一列只能是 tags 或 repository 出现多个值(1对N 或 N对1 或1对1) + args: [*ARG1, *ARG2, *ARG3] + tags: [grafana-7.5.11, [grafana-7.5.11, grafana-7.5.11-nydus], grafana-7.5.11-nydus] + registry: [*ACR_PROD, [*ACR_PROD], [*ACR_PROD]] + # 测试配置, 支持测试跳过需求 + test_config: [*WORKSPACE, *TEMPLATE] + # 在 NVIDIA CUDA 11.2 GPU ECS 上使用python3.9 构建一个 Tensorflow2.12 的训练镜像 + BuildTensorflowECSGpuTrainingDockerImage: + build: true + device_type: &DEVICE_TYPE gpu + arch_type: &ARCH_TYPE arm + # 构建使用的 dockerfile 文件路径 + docker_file: + path: !join [ AI/, *NAME, /Dockerfiles, /Dockerfile-, *IMAGE_TYPE,., *DEVICE_TYPE ] + variable: + - &ARG1 [(DOCKER_VERSION, 7.5.11), (DOCKER_BASEOS_VERSION, registry.openanolis.cn/openanolis/anolisos:8.6)] + - &ARG2 [(DOCKER_VERSION, 7.5.11), (DOCKER_BASEOS_VERSION, registry.openanolis.cn/openanolis/anolisos:8.8)] + - &ARG3 [(DOCKER_VERSION, 7.5.12), (DOCKER_BASEOS_VERSION, registry.openanolis.cn/openanolis/anolisos:8.6)] + scene: # 矩阵同一列只能是 tags 或 repository 出现多个值(1对N 或 N对1 或1对1) + args: [*ARG1, *ARG2, *ARG3] + tags: [grafana-7.5.11, [grafana-7.5.11, grafana-7.5.11-nydus], grafana-7.5.11-nydus] + registry: [*ACR_PROD, *ACR_PROD, [*ACR_PROD, *ACR_PROD]] + # 测试配置 + test_config: [*WORKSPACE, *TEMPLATE] +``` + +# 大文件上传 +管理配置-大文件上传支持上传大文件到 OSS 上,并得到 OSS 文件下载地址。常见使用场景:baseos 镜像构建,需要下载大文件。 +![img.png](../assets/cr-images/big-file.png) + +# 自助任务增加批量构建 +自助任务增加批量构建功能,可按 baseos、buildspec、dockerfile 三种模式批量构建镜像,其中 baseos 模式的判定规则取决于容器镜像仓库 +下 dockerfile 使用的 From baseos 版本,dockerfile 中支持使用 ARG 变量的解析,比如: + +``` +FROM registry.openanolis.cn/openanolis/anolisos:8.6 +和 +ARG BASEOS = registry.openanolis.cn/openanolis/anolisos:8.6 +FROM ${BASEOS} +是等价的,FROM 后的参数也可来自 buildspec.yml 中的 scene args 配置 +``` + +buildspec 模式按照容器镜像仓库应用下的 buildspec.yml 进行批量触发构建;dockerfile 模式按照容器镜像仓库应用下的 dockerfile 进行批量 +触发构建,构建规则同镜像仓库 master 分支各构建、测试、发布配置一致。 + +# 镜像平台权限说明 +- 镜像制品、镜像制作中心无权限限制 + 1. 其中镜像制作中心中镜像重新构建、停止、发布功能只有 PR 提交者有权限 +- 管理配置-大文件上传需要镜像管理员权限 diff --git "a/INFRA_DOCS/\351\276\231\350\234\245 PyPI \344\273\223/\347\224\250\346\210\267\346\226\207\346\241\243.md" "b/INFRA_DOCS/\351\276\231\350\234\245 PyPI \344\273\223/\347\224\250\346\210\267\346\226\207\346\241\243.md" new file mode 100644 index 0000000000000000000000000000000000000000..53a201b377800322dd66b2c1c1d3f4b1a0750209 --- /dev/null +++ "b/INFRA_DOCS/\351\276\231\350\234\245 PyPI \344\273\223/\347\224\250\346\210\267\346\226\207\346\241\243.md" @@ -0,0 +1,54 @@ +# 平台介绍 +[龙蜥 PyPI 仓](https://pypi.openanolis.cn ) 是龙蜥官方 PyPI 仓库,用于存放 whl 包,支持命令上传、pip 安装等。 + +## whl 包上传 +whl 包上传支持龙蜥 PyPI 仓平台上传和命令行上传两种方式 + +### 平台上传 +平台上传需要软件包管理员权限,拥有软件包管理员权限的用户可以对 whl 包进行管理 + +#### 添加软件包 +在 [龙蜥 PyPI 仓](https://pypi.openanolis.cn ) 平台上添加软件包,填写软件包名称、软件包描述,其中软件包名称不允许重复 +![image.png](../assets/anolis_pypi/pypi-1.png) +![image.png](../assets/anolis_pypi/pypi-2.png) + +#### 添加版本 +点击软件包名称,添加软件包下的版本 +![image.png](../assets/anolis_pypi/pypi-3.png) +![image.png](../assets/anolis_pypi/pypi-4.png) + +其中版本不允许重复,仓库类型支持选择开发仓和正式仓,上传文件为源码包和 whl 包 + +#### 版本上下线 +在版本列表有版本上下线按钮,上线表示需要将该版本推送到对应 PyPI 仓库(开发仓、正式仓),下线表示将该版本从 PyPI 仓库移除 +![image.png](../assets/anolis_pypi/pypi-5.png) +已上线的软件包版本可以在首页查看 +![image.png](../assets/anolis_pypi/pypi-6.png) + +### 命令行上传 +龙蜥 PyPI 仓支持使用命令行上传的方式,命令行上传需要鉴权 + +#### 获取上传 Token +在首页个人中心下点击【获取上传密钥】 +![image.png](../assets/anolis_pypi/pypi-7.png) +![image.png](../assets/anolis_pypi/pypi-8.png) + +#### twine 命令上传 +在拿到上传密钥后使用 twine 命令进行上传,或其他上传方式,下述以 twine 举例: + +```yaml +twine upload ./dist/* --repository-url https://pypi.openanolis.cn/dev -u 【用户名】 -p 【密码】 +``` + +![image.png](../assets/anolis_pypi/pypi-9.png) + +其中上传到 开发仓地址: [https://pypi.openanolis.cn/dev](https://pypi.openanolis.cn/dev ),上传到正式仓地址:[https://pypi.openanolis.cn/prod](https://pypi.openanolis.cn/prod ), +上传成功后在访问 [https://pypi.openanolis.cn/dev/simple](https://pypi.openanolis.cn/dev/simple ) 或者 [https://pypi.openanolis.cn/prod/simple](https://pypi.openanolis.cn/prod/simple ) 即可查看上传后的包 + +![image.png](../assets/anolis_pypi/pypi-10.png) + +## whl 包下载 +whl 包下载支持 pip install 的方式直接安装, 在pip install 的时候使用 -i 参数指定 PyPI 仓库地址,开发仓 [https://pypi.openanolis.cn/dev/simple](https://pypi.openanolis.cn/dev/simple ),正式仓:[https://pypi.openanolis.cn/prod/simple](https://pypi.openanolis.cn/prod/simple ) +![image.png](../assets/anolis_pypi/pypi-11.png) + +也可以在 pip 配置文件中将仓库地址、上传密钥进行配置 \ No newline at end of file diff --git "a/INFRA_DOCS/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244\347\224\237\346\200\201\350\256\276\345\244\207\344\270\223\345\214\272\346\214\207\345\215\227.md" "b/INFRA_DOCS/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244\347\224\237\346\200\201\350\256\276\345\244\207\344\270\223\345\214\272\346\214\207\345\215\227.md" new file mode 100644 index 0000000000000000000000000000000000000000..b6fedb853340696856b271e3863b6bbd1aa053b2 --- /dev/null +++ "b/INFRA_DOCS/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244\347\224\237\346\200\201\350\256\276\345\244\207\344\270\223\345\214\272\346\214\207\345\215\227.md" @@ -0,0 +1,37 @@ +## 概述 +龙蜥社区致力于为社区开发者提供更好的、多样的机器体验环境,欢迎各位生态合作厂商通过捐赠的方式把机器捐赠给龙蜥社区,捐赠的机器将会在龙蜥实验室-生态设备专区开放出来供社区开发者使用。 + +## 捐赠指南 +### 加入钉钉群 +捐赠前需要加入钉钉群: OpenAnolis Infra SIG(群号 41373753) +![SIG钉钉群](../assets/龙蜥实验室/image13.png) +### 群中咨询 +加群后,即可在群中咨询机器捐赠相关事宜,随后会有专人对接确定捐赠细节。 + + +## 使用指南 +### 加入钉钉群 +成为生态专区用户前,需要先加入钉钉群:OpenAnolis Infra SIG(群号 41373753) +![SIG钉钉群](../assets/龙蜥实验室/image13.png) +### 申请权限 +加群后,在钉钉群中联系管理员申请成为生态设备专区用户,等待申请通过。 +### 预约机器 +用户权限申请通过并登录龙蜥社区帐号之后,前往【龙蜥实验室生态设备专区】页面,用户可选择所需的机器规格,预约使用日期和具体时间段,点击【确认】预约完成后会跳转到【我的机器-生态设备专区机器】页面,等待预约审批完成。 +![生态设备专区](../assets/龙蜥实验室/image14.jpg) +![生态设备专区](../assets/龙蜥实验室/image15.png) +![生态设备专区](../assets/龙蜥实验室/image16.png) +![生态设备专区](../assets/龙蜥实验室/image17.png) +### 使用机器 +预约申请通过且当前时间到达所预约的开始时间之后,用户可在【我的机器-生态设备专区机器】页面点击该条预约进入webssh访问页面。然后,用户在webssh页面点击【立即使用】即可使用机器。 +![生态设备专区](../assets/龙蜥实验室/image18.png) +![生态设备专区](../assets/龙蜥实验室/image19.png) + +### 机器归还 +用户在使用过程中,机器可以通过两种方式归还: +- 提前归还:为了避免资源浪费,用户机器体验完毕但还未到达预约截止时间的,可以点击【归还机器】提前归还机器。 +- 超时归还:借用机器时间到期后,系统会自动回收机器。 +注意:生态设备专区机器仅供用户短时间体验使用,不建议在使用过程中存放重要数据,机器一旦归还,用户数据将会被全部删除,无法找回。 + +## 免责声明 +1. 此服务是免费的服务,请提前规划好使用时间,请不要把重要材料保存在短期借用的机器上。社区不承担任何关于用户资料丢失的责任。 +2. 严禁使用此服务进行任何商业行为或者违法行为,一旦发现会立即回收相应机器并对帐户进行封停,同时也保留进一步追责的权利。 \ No newline at end of file diff --git "a/INFRA_DOCS/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244\350\257\276\347\250\213\346\216\245\345\205\245\346\214\207\345\257\274.md" "b/INFRA_DOCS/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244\350\257\276\347\250\213\346\216\245\345\205\245\346\214\207\345\257\274.md" new file mode 100644 index 0000000000000000000000000000000000000000..757eaada8906bad388c372d11dcd3402fedfad3a --- /dev/null +++ "b/INFRA_DOCS/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244/\351\276\231\350\234\245\345\256\236\351\252\214\345\256\244\350\257\276\347\250\213\346\216\245\345\205\245\346\214\207\345\257\274.md" @@ -0,0 +1,35 @@ +龙蜥实验室【创作中心】服务于实验室课程学习中心,用户可通过在创作中心创作课程,提交 PR ,管理员审核,最终进行上架。 + +一、登录[龙蜥实验室](https://lab.openanolis.cn/),如果没有注册过龙蜥社区需要先进行注册。实验室首页如下图所示: +![image.png](https://oss.openanolis.cn/blog/qjoovhpirjgpxbvwcarp) +二、打开创作中心,把鼠标放在右上角个人头像上会出现下拉选择框,选择【创作中心】 +![image.png](https://oss.openanolis.cn/blog/iuhzoxmcziyxdqalmkcx) +三、创作课程,点击右上角【创作课程】按钮 +![image.png](https://oss.openanolis.cn/blog/grnbwrykgbilbnqsdpsr) +打开创作课程后填写课程信息,其中字段描述如下: + +1. 课程名称:课程展示的标题;2. 课程描述:课程描述;3. 课程分类:选择课程学习;4. 课程难度:分为初级、中级、高级等,选择对应的课程难度;5: 课程总时长:输入一个数字,比如30,代表用户学习完课程需要花费30min;6:课程封面图:可以上传自定义的课程封面,如果不上传则有默认封面图提供;7. 课程领域: 目前提供内核、编译器、云原生、CentOS 迁移、算法、IO、DDE等领域分类,选择一个课程所属的领域。 + +![image.png](https://oss.openanolis.cn/blog/zagpbtiwqioabfmwecsr) +填完课程基本信息后添加保存即可。 + +三、添加章节,创作完课程之后为课程添加一个章节,在课程最后侧点击【添加章节】按钮 +![image.png](https://oss.openanolis.cn/blog/rddrdzvroktifkvfugwf) +打开添加章节后填写章节信息,其中字段描述如下: + +1. 章节名称:章节展示的标题;2. 章节描述:章节描述;3. 章节难度:分为初级、中级、高级等,选择对应的章节难度;5: 章节总时长:输入一个数字,比如30,代表用户学习完章节需要花费30min,此时实验室提供的机器使用时长也是30min,超过30min后机器会被自动释放;6:章节封面图:可以上传自定义的章节封面,如果不上传则有默认封面图提供;7. 排序: 章节在课程中的顺序,值为1表示是课程的第一个章节,依次类推;8. 最大并发数:章节允许同时体验的最大人数,0默认不限制,由于实验室机器资源有限,一般取值不超过10个;9. cpu架构:机器的cpu机构,目前有x86和arm 两种;10. 镜像:机器安装的系统镜像,一般选择AnolisOS 8 版本或AnolisOS 7 版本;11. 机器规格:机器提供的规格大小,一般为2c4g或2c8g(c代表cpu, g 代表内存), 其他特殊机器规格申请会被严格审核,如神龙架构的bare_metal和第七代机器ecs.g7.xlarge等。 + +![image.png](https://oss.openanolis.cn/blog/hoqhmeqwianznppvlndk) +四、添加步骤,填写完章节信息之后,点击【添加 Steps】按钮,为章节添加一个步骤,其中 +步骤类型分为START、STEPS、FINISH, START表示步骤开始,顺序为1,STEPS 为步骤正文,FINISH 为步骤结束。右侧是一个 Markdown 输入框,用于输入步骤内容,支持预览,上传图片等操作。 +![image.png](https://oss.openanolis.cn/blog/uzneppbbgxzttulkvqiz) +添加完步骤后点击保存即可,如果步骤内容中有 shell 命令, 请使用 [[ ]] 替代markdown中的代码格式,这样审核通过后可以在页面上直接点击命令将命令自动粘贴到右侧的终端内。 + +五、提交审核,课程编写完成之后可以通过【预览】功能进行预览,没有问题之后点击【下载配置】按钮进行配置下载,下载完之后点击【提交审核】按钮 +![image.png](https://oss.openanolis.cn/blog/syvxymjumleeyarstugz) +点击完提交审核按钮之后,将下载下来的配置在gitee仓库(https://gitee.com/anolis/anolis-lab-courses),anolis-courses 目录下提交一个课程pr,并将pr链接填进输入框,点击确定即可。 +![image.png](https://oss.openanolis.cn/blog/xxstihbdkpgnyoseuclf) +![image.png](https://oss.openanolis.cn/blog/ezsreejpfrukrvlxlkth) +六、提交审核之后等待管理员审核,管理员审核通过之后在实验室课程中心就能看到了 +![image.png](https://oss.openanolis.cn/blog/anamxvcefkymizldwtel) +以上就是龙蜥实验室创作中心创作课程的完整过程,如使用过程中有问题,欢迎联系[基础设施 SIG 组](https://openanolis.cn/sig/SIG-Infra)。