From 9ad22dc0eb77675da4170d70489fb1006e6584d8 Mon Sep 17 00:00:00 2001 From: liheavy Date: Tue, 28 Dec 2021 11:05:32 +0800 Subject: [PATCH] =?UTF-8?q?readme=E6=9B=B4=E6=96=B0=EF=BC=8C=E7=BC=96?= =?UTF-8?q?=E8=AF=91=E4=BE=9D=E8=B5=96=E6=8F=90=E5=89=8D=E5=AE=89=E8=A3=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cve-agency-manager/cve_tracking/README.md | 84 +++++++++++++++++-- .../cve_tracking/core/verification/packing.sh | 4 +- 2 files changed, 79 insertions(+), 9 deletions(-) diff --git a/cve-agency-manager/cve_tracking/README.md b/cve-agency-manager/cve_tracking/README.md index c9903c9..b8b953f 100644 --- a/cve-agency-manager/cve_tracking/README.md +++ b/cve-agency-manager/cve_tracking/README.md @@ -1,23 +1,91 @@ # cve_tracking #### 介绍 -cve补丁自动获取工具 +cve补丁自动获取工具,该工具将会根据cve和rpm包自动在上游社区查找补丁并反馈结果,同时也可以下载查找到的补丁以及验证补丁的可用性。 #### 软件架构 -软件架构说明 +python可执行代码 #### 安装教程 -1. xxxx -2. xxxx -3. xxxx +1. 下载代码 + + ```shell + git clone https://gitee.com/openeuler/cve-manager.git + ``` + +2. 进入工具执行目录 + + ```shell + cd xxx(上述代码下载目录)/cve-manager/cve-agency-manager/cve_tracking + ``` + +3. 在config.ini中设置GITEE_TOKEN(gitee的私人令牌)和GITLAB_TOKEN(gitlab的私人令牌,默认设置了一个临时令牌,可临时使用),GITHUB_TOKEN(github的私人令牌)可不设置。 + +4. 安装依赖包 + + ``` + pip3 install -r requirements.txt + ``` + +3. 根据使用说明执行工具 #### 使用说明 -1. xxxx -2. xxxx -3. xxxx +1. 补丁查找及评论issue + + ```shell + python3 main.py comment -c cve_num -r rpm_name -i issue_num + ``` + + > 参数说明: + > + > -c cve的编号 + > + > -r rpm包名称 + > + > -i 需要评论的issue编号 + > + > 注意:默认仓库为src-openeuler,如果要更改,请修改main.py同目录下constant.py中的DEFAULT_OWNER的值。 + +2. 补丁查找及下载(验证) + + ``` + python3 main.py -c cve_num -r rpm_name [-f patch_save_path] [-s source_path] [-p] [-b branch] + ``` + + > 参数说明: + > + > -c cve的编号 + > + > -r rpm包名称 + > + > -f 补丁文件的下载目录,不设置默认为/opt/cve_tracking/patches + > + > -s 源码包下载路径,不设置默认为/opt/cve_tracking/source_code + > + > -b 源码包所在的gitee的src-openeuler仓库的分支,默认为master + > + > -p 是否进行补丁应用,默认为不应用,若需要应用,添加该参数。 + +3. 补丁验证 + + ``` + python3 main.py packing -r rpm_name -f patch_save_path -s source_path -b branch [-nd] + ``` + + > 参数说明: + > + > -r rpm包名称 + > + > -f 补丁文件路径 + > + > -s 源码包路径,如果无需下载指定为本地源码包的路径;如果需要下载指定为需要下载源码包的路径即可 + > + > -b 源码包所在gitee中src-openeuler仓库的分支,不设置默认为master + > + > -nd 是否需要下载源代码,默认为需要下载,若无需下载添加该参数 #### 参与贡献 diff --git a/cve-agency-manager/cve_tracking/core/verification/packing.sh b/cve-agency-manager/cve_tracking/core/verification/packing.sh index 9b8f8ee..8ab7db4 100644 --- a/cve-agency-manager/cve_tracking/core/verification/packing.sh +++ b/cve-agency-manager/cve_tracking/core/verification/packing.sh @@ -103,7 +103,7 @@ function update_spec() { fi # add %patch last_patch_apply=$(grep "%patch.* " ${spec_file} | sed -n '$p') - if [[ -n ${last_patch_apply} ]];then + if [[ -n ${last_patch_apply} ]]; then last_patch_apply_row=$(grep -n "${last_patch_apply}" ${spec_file} | awk -F ':' '{print $1}') last_patch_apply_num=$(echo ${last_patch_apply} | awk -F ' ' '{print $1}' | awk -F 'patch' '{print $2}') ignore_level_num=$(echo ${last_patch_apply} | awk -F ' ' '{print $2}') @@ -135,6 +135,8 @@ function mv_source_file() { function rpm_build() { echo "[INFO] Start to rpmbuild" install_rpm rpm-build rpm + apt-get build-dep ${rpm_name} >/dev/null 2>&1 + dnf builddep ${root_build_path}/SPECS/${spec_file} >/dev/null 2>&1 rpmbuild -bp ${root_build_path}/SPECS/${spec_file} >./result.log 2>&1 if [[ $? -eq 0 ]]; then echo "[INFO] build success !!!" -- Gitee