diff --git a/conf/app.conf b/conf/app.conf index 2f539474d4bd9f6b1ab6dd6e1e72b5aab06128e1..ad97d182bc0545128acbf15c975e1234c79413e4 100644 --- a/conf/app.conf +++ b/conf/app.conf @@ -57,7 +57,7 @@ createissue = * * 05 * * * test = 0/10 * * * * * gittokenflag = 2 issueoath = * * */20 * * * -genexcelflag = 1 +genexcelflag = 2 genexcel = 0 */10 * * * * days = -30 prcnum = 50 @@ -67,13 +67,13 @@ printlog = 0 */20 * * * * [gitee] #owner = cve-test -owner = src-openeuler -path = test +#owner = src-openeuler +#path = test #email = 1499273991@qq.com #redirect_uri = http://119.8.126.102:80/v1/issue/oauth/callback # -------jianjun gitee 配置 -------- -#owner = cve-test -#path = jasper +owner = cve-test +path = jasper email = 7844966+zhangjianjun_code@user.noreply.gitee.com redirect_uri = http://159.138.2.2:80/v1/issue/oauth/callback @@ -99,6 +99,8 @@ apiurl = https://api.openeuler.org/pkgmanage [cve] cveref = https://nvd.nist.gov/vuln/detail/ openeulernum = 3000 +# Import cve as data after 2018 +cve_number = 2018 [reflink] comment_cmd = https://gitee.com/openeuler/cve-manager/blob/master/doc/md/manual.md diff --git a/conf/product_app.conf b/conf/product_app.conf index 4e7f56556bd0fda230a74005ff23c9c61f93fadf..832c90ec1a3dc7eda120b1274bc7bf5e2dfd4055 100644 --- a/conf/product_app.conf +++ b/conf/product_app.conf @@ -43,7 +43,7 @@ maxlines=50000 maxsize=204800 [crontab] -ymalflag = 1 +ymalflag = 2 getymal = 00 00 01 * * 1 cveflag = 1 getcve = 00 00 03 * * * @@ -67,7 +67,8 @@ printlog = 0 */10 * * * * [gitee] owner = src-openeuler path = jasper -email = 7844966+zhangjianjun_code@user.noreply.gitee.com +#email = 7844966+zhangjianjun_code@user.noreply.gitee.com +email = ***** #redirect_uri = https://api.openeuler.org/cve-manager/v1/issue/oauth/callback scope = user_info projects pull_requests issues notes keys hook groups gists enterprises emails @@ -91,6 +92,8 @@ apiurl = https://api.openeuler.org/pkgmanage [cve] cveref = https://nvd.nist.gov/vuln/detail/ openeulernum = 3000 +# Import cve as data after 2018 +cve_number = 2018 [reflink] comment_cmd = https://gitee.com/openeuler/cve-manager/blob/master/doc/md/manual.md diff --git a/cve-py/controller/timertaskcontroller.py b/cve-py/controller/timertaskcontroller.py index 9c04eea823235d4ee85665c56e6d389be4b3925d..f8259bfd87d4ca9b5bea86e0e6a5be8d49306074 100644 --- a/cve-py/controller/timertaskcontroller.py +++ b/cve-py/controller/timertaskcontroller.py @@ -42,3 +42,9 @@ def timertask(): print("Err:", err) +def initExce(): + """ + import excel data + :return:None + """ + taskcontroller.runtabletask() \ No newline at end of file diff --git a/cve-py/main.py b/cve-py/main.py index 966cf7eb2bc011cb5f3096efdd223c95bff60f94..b40a4ae9f0811e1ff850db3182cb3d5016ba4311 100644 --- a/cve-py/main.py +++ b/cve-py/main.py @@ -20,6 +20,8 @@ from controller import timertaskcontroller if __name__ == '__main__': + print("import excel start:") + timertaskcontroller.initExce() print("The program starts, waiting for the timing task to execute") timertaskcontroller.timertask() diff --git a/cve-py/newexcels/20.03-CVE-10-10.xlsx b/cve-py/newexcels/20.03-CVE-10-10.xlsx deleted file mode 100644 index 67c3c08c98677dac89f2f5f3e30f53f8679c1f26..0000000000000000000000000000000000000000 Binary files a/cve-py/newexcels/20.03-CVE-10-10.xlsx and /dev/null differ diff --git a/cve-py/newexcels/20.09-CVE-2019.xlsx b/cve-py/newexcels/20.09-CVE-2019.xlsx new file mode 100644 index 0000000000000000000000000000000000000000..5e2f6b3aff988c31130c190c63e3b9c6f563eaf3 Binary files /dev/null and b/cve-py/newexcels/20.09-CVE-2019.xlsx differ diff --git a/doc/sql/db_struct.sql b/doc/sql/db_struct.sql index 4f6404fb561b503ca8907c610e062d935ef4cc1a..a643cd440224a2d593333cd5aa85290cd4349ce2 100644 --- a/doc/sql/db_struct.sql +++ b/doc/sql/db_struct.sql @@ -52,7 +52,7 @@ CREATE TABLE `cve_export_record` ( `state` tinyint NOT NULL DEFAULT '0', PRIMARY KEY (`id`), UNIQUE KEY `file_name` (`file_name`) -) ENGINE=InnoDB AUTO_INCREMENT=16 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=17 DEFAULT CHARSET=utf8; /*Table structure for table `cve_git_open_euler` */ @@ -241,7 +241,7 @@ CREATE TABLE `cve_gite_origin_issue` ( PRIMARY KEY (`id`), UNIQUE KEY `issue_id` (`issue_id`), UNIQUE KEY `number` (`number`) -) ENGINE=InnoDB AUTO_INCREMENT=691 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=591 DEFAULT CHARSET=utf8; /*Table structure for table `cve_gite_repo` */ @@ -262,7 +262,7 @@ CREATE TABLE `cve_gite_repo` ( `delete_time` varchar(255) DEFAULT NULL, PRIMARY KEY (`repo_id`), KEY `cve_gite_repo_group_id` (`group_id`) -) ENGINE=InnoDB AUTO_INCREMENT=14269 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=28649 DEFAULT CHARSET=utf8; /*Table structure for table `cve_gite_repo_branch` */ @@ -293,7 +293,7 @@ CREATE TABLE `cve_gite_repo_member` ( PRIMARY KEY (`repo_id`), KEY `cve_gite_repo_member_group_id` (`group_id`), CONSTRAINT `member_groups_group_id` FOREIGN KEY (`group_id`) REFERENCES `cve_git_repo_groups` (`group_id`) -) ENGINE=InnoDB AUTO_INCREMENT=884 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=1766 DEFAULT CHARSET=utf8; /*Table structure for table `cve_ip_white` */ @@ -308,6 +308,17 @@ CREATE TABLE `cve_ip_white` ( KEY `cve_ip_white_machine_ip` (`machine_ip`) ) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=utf8; +/*Table structure for table `cve_issue_assignee` */ + +DROP TABLE IF EXISTS `cve_issue_assignee`; + +CREATE TABLE `cve_issue_assignee` ( + `id` bigint NOT NULL AUTO_INCREMENT, + `assignee` varchar(255) NOT NULL DEFAULT '', + PRIMARY KEY (`id`), + UNIQUE KEY `assignee` (`assignee`) +) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; + /*Table structure for table `cve_issue_hooks` */ DROP TABLE IF EXISTS `cve_issue_hooks`; @@ -334,7 +345,7 @@ CREATE TABLE `cve_issue_hooks` ( UNIQUE KEY `cve_issue_hooks_owner_repo_status_un` (`owner`,`repo`,`hook_url`,`status`), KEY `cve_issue_hooks_Cve_id` (`cve_id`), KEY `cve_issue_hooks_issue_num` (`issue_num`) -) ENGINE=InnoDB AUTO_INCREMENT=114 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=21 DEFAULT CHARSET=utf8; /*Table structure for table `cve_issue_template` */ @@ -380,7 +391,7 @@ CREATE TABLE `cve_issue_template` ( UNIQUE KEY `cve_issue_template_cvn_issnu` (`cve_num`,`issue_num`), KEY `cve_issue_template_cve_id` (`cve_id`), KEY `cve_issue_template_issue_num` (`issue_num`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=619 DEFAULT CHARSET=utf8; /*Table structure for table `cve_open_euler_s_a` */ @@ -394,7 +405,7 @@ CREATE TABLE `cve_open_euler_s_a` ( PRIMARY KEY (`openeuler_id`), UNIQUE KEY `openeuler_sa_num` (`openeuler_sa_num`), KEY `cve_open_euler_s_a_cve_id` (`cve_id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=1949 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_excel` */ @@ -429,7 +440,7 @@ CREATE TABLE `cve_origin_excel` ( `delete_time` datetime DEFAULT NULL, PRIMARY KEY (`cve_id`) USING BTREE, UNIQUE KEY `cve_origin_excel_num_un` (`cve_num`) -) ENGINE=InnoDB AUTO_INCREMENT=152 DEFAULT CHARSET=utf8 ROW_FORMAT=DYNAMIC; +) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8 ROW_FORMAT=DYNAMIC; /*Table structure for table `cve_origin_upstream` */ @@ -462,7 +473,7 @@ CREATE TABLE `cve_origin_upstream` ( KEY `cve_origin_upstream_cve_packname` (`cve_packname`), KEY `cve_origin_upstream_git_packname` (`git_packname`), KEY `cve_origin_upstream_version` (`version`) -) ENGINE=InnoDB AUTO_INCREMENT=1393 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=1457 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_config` */ @@ -474,7 +485,7 @@ CREATE TABLE `cve_origin_upstream_config` ( `nodes` varchar(32) DEFAULT NULL, PRIMARY KEY (`conf_id`), KEY `cve_origin_upstream_config_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=2810 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=4237 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_config_node` */ @@ -486,7 +497,7 @@ CREATE TABLE `cve_origin_upstream_config_node` ( `operator` varchar(256) DEFAULT NULL, PRIMARY KEY (`node_id`), KEY `cve_origin_upstream_config_node_conf_id` (`conf_id`) -) ENGINE=InnoDB AUTO_INCREMENT=5303 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=8024 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_config_node_cpe` */ @@ -500,7 +511,7 @@ CREATE TABLE `cve_origin_upstream_config_node_cpe` ( `vulner_able` varchar(64) DEFAULT NULL, PRIMARY KEY (`cpe_id`), KEY `cve_origin_upstream_config_node_cpe_node_id` (`node_id`) -) ENGINE=InnoDB AUTO_INCREMENT=163418 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=246346 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_desc` */ @@ -513,7 +524,7 @@ CREATE TABLE `cve_origin_upstream_desc` ( `zh_desc` text CHARACTER SET utf8 COLLATE utf8_general_ci, PRIMARY KEY (`desc_id`), KEY `cve_origin_upstream_desc_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=2810 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=4237 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_event` */ @@ -528,7 +539,7 @@ CREATE TABLE `cve_origin_upstream_event` ( `description` text CHARACTER SET utf8 COLLATE utf8_general_ci, PRIMARY KEY (`event_id`), KEY `cve_origin_upstream_event_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=2810 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=4237 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_fix_suggest` */ @@ -540,7 +551,7 @@ CREATE TABLE `cve_origin_upstream_fix_suggest` ( `detail` varchar(1024) DEFAULT NULL, PRIMARY KEY (`fix_id`), KEY `cve_origin_upstream_fix_suggest_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=2798 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=4219 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_fix_suggest_ref` */ @@ -578,7 +589,7 @@ CREATE TABLE `cve_origin_upstream_impact` ( `impact` varchar(32) DEFAULT NULL, PRIMARY KEY (`impact_id`), KEY `cve_origin_upstream_impact_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=2810 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=4237 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_impact_score` */ @@ -594,7 +605,7 @@ CREATE TABLE `cve_origin_upstream_impact_score` ( `score_status` tinyint DEFAULT '1', PRIMARY KEY (`score_id`), KEY `cve_origin_upstream_impact_score_impact_id` (`impact_id`) -) ENGINE=InnoDB AUTO_INCREMENT=5619 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=8473 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_impact_score_v2` */ @@ -623,7 +634,7 @@ CREATE TABLE `cve_origin_upstream_impact_score_v2` ( `cve_level` varchar(32) DEFAULT NULL, PRIMARY KEY (`v2_id`), KEY `cve_origin_upstream_impact_score_v2_score_id` (`score_id`) -) ENGINE=InnoDB AUTO_INCREMENT=2810 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=4237 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_impact_score_v3` */ @@ -649,7 +660,7 @@ CREATE TABLE `cve_origin_upstream_impact_score_v3` ( `cve_level` varchar(32) DEFAULT NULL, PRIMARY KEY (`v3_id`), KEY `cve_origin_upstream_impact_score_v3_score_id` (`score_id`) -) ENGINE=InnoDB AUTO_INCREMENT=2810 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=4237 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_poc` */ @@ -666,7 +677,7 @@ CREATE TABLE `cve_origin_upstream_poc` ( `desc` text CHARACTER SET utf8 COLLATE utf8_general_ci, PRIMARY KEY (`poc_id`), KEY `cve_origin_upstream_poc_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=2810 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=4237 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_reference` */ @@ -681,7 +692,7 @@ CREATE TABLE `cve_origin_upstream_reference` ( `tags` text CHARACTER SET utf8 COLLATE utf8_general_ci, PRIMARY KEY (`ref_id`), KEY `cve_origin_upstream_reference_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=55467 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=83782 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_vul_type` */ @@ -695,7 +706,7 @@ CREATE TABLE `cve_origin_upstream_vul_type` ( `zh_desc` text CHARACTER SET utf8 COLLATE utf8_general_ci, PRIMARY KEY (`vul_id`), KEY `cve_origin_upstream_vul_type_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=2798 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=4219 DEFAULT CHARSET=utf8; /*Table structure for table `cve_other_user` */ @@ -783,7 +794,7 @@ CREATE TABLE `cve_score` ( PRIMARY KEY (`id`), UNIQUE KEY `openeuler_id` (`openeuler_id`), KEY `cve_score_cve_id` (`cve_id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=1949 DEFAULT CHARSET=utf8; /*Table structure for table `cve_score_record` */ @@ -798,7 +809,7 @@ CREATE TABLE `cve_score_record` ( `create_time` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (`id`), KEY `cve_score_record_cve_id` (`cve_id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=1951 DEFAULT CHARSET=utf8; /*Table structure for table `cve_security_notice` */ @@ -824,7 +835,7 @@ CREATE TABLE `cve_security_notice` ( PRIMARY KEY (`sec_id`), UNIQUE KEY `openeuler_id` (`openeuler_id`), KEY `cve_security_notice_cve_id` (`cve_id`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=1949 DEFAULT CHARSET=utf8; /*Table structure for table `cve_security_reviewer` */ @@ -833,6 +844,7 @@ DROP TABLE IF EXISTS `cve_security_reviewer`; CREATE TABLE `cve_security_reviewer` ( `id` bigint NOT NULL AUTO_INCREMENT, `name_space` varchar(255) NOT NULL DEFAULT '', + `status` tinyint NOT NULL DEFAULT '0', PRIMARY KEY (`id`), UNIQUE KEY `name_space` (`name_space`) ) ENGINE=InnoDB AUTO_INCREMENT=6 DEFAULT CHARSET=utf8; @@ -860,7 +872,7 @@ CREATE TABLE `cve_vuln_center` ( PRIMARY KEY (`cve_id`), UNIQUE KEY `cve_vuln_center_num_pack_v_un` (`cve_num`,`cve_version`,`pack_name`), KEY `cve_vuln_center_cve_num` (`cve_num`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=1955 DEFAULT CHARSET=utf8; /*!40101 SET SQL_MODE=@OLD_SQL_MODE */; /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */; diff --git a/git b/git new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/models/modeldb.go b/models/modeldb.go index d925465f987703c4815d0cf8980c9f7bf34207f3..330d936cc7fc112e29e387041c81ceb778a1f4e6 100644 --- a/models/modeldb.go +++ b/models/modeldb.go @@ -326,6 +326,11 @@ type SecurityReviewer struct { NameSpace string `orm:"unique" description:"码云空间地址"` } +type IssueAssignee struct { + Id int64 `orm:"pk;auto"` + Assignee string `orm:"unique" description:"码云空间地址"` +} + type OriginUpstreamConfigNodeCpe struct { CpeId int64 `orm:"pk;auto;column(cpe_id)"` NodeId int64 `orm:"index;column(node_id)" description:"OriginUpstreamConfigNode 外键"` @@ -517,7 +522,7 @@ type GiteRepo struct { OrgId int64 OrgPath string `orm:"size(128);column(org_path);null" description:"组织名称"` Path string `orm:"size(512);column(path);null" description:"仓库名称"` - Status int8 `orm:"default(0);column(status);null" description:"1: 正常;2:已删除"` + Status int8 `orm:"default(0);column(status);null" description:"0: 正常;1:已删除"` Public bool Private bool Fork bool @@ -550,7 +555,7 @@ type ExportRecord struct { Id int64 `orm:"pk;auto"` FileName string `orm:"unique"` FileCode string - State int8 ` description:"0:文件生成中;1 文件可下载;2 文件不可下载"` + State int8 ` description:"0:文件生成中;1 文件可下载;2 文件不可下载"` CreateTime int64 `orm:"column(create_time)" description:"时间戳"` } @@ -588,7 +593,7 @@ func CreateDb() bool { new(OriginUpstreamPoc), new(OriginUpstreamEvent), new(OriginUpstreamReference), new(OriginUpstreamVulType), new(OriginUpstreamFixSuggest), new(OriginUpstreamFixSuggestRefTag), new(OriginUpstreamFixSuggestRef), new(GiteOriginIssue), new(OriginExcel), new(ExportRecord), new(GitRepoGroups), - new(GiteRepo), new(GiteRepoMember), new(GiteRepoBranch), new(PackageCpe), new(EmailList), + new(GiteRepo), new(GiteRepoMember), new(GiteRepoBranch), new(PackageCpe), new(EmailList), new(IssueAssignee), ) logs.Info("table create success!") errosyn := orm.RunSyncdb("default", false, true) diff --git a/models/uploadcve.go b/models/uploadcve.go index 12dd07f5bde4d26763b5a8a32393671bbfed6251..8b0c9e43c37b13bfc7bc4a602685b315c3a670f7 100644 --- a/models/uploadcve.go +++ b/models/uploadcve.go @@ -31,7 +31,7 @@ func QueryOriginRepo(pkgName string) (GiteRepo, bool) { logs.Error("pkgName: ", pkgName, ",无法 获取组织, err: ", errx) return gr, false } - err := o.Raw("select * from cve_gite_repo where path = ? and org_path = ? and status = ?", pkgName, repoOrg, 1).QueryRow(&gr) + err := o.Raw("select * from cve_gite_repo where path = ? and org_path = ? and status = ?", pkgName, repoOrg, 0).QueryRow(&gr) if err != nil { logs.Info("pkgName", pkgName, "repoOrg", repoOrg, ", cve_gite_repo 无对应数据") return gr, false @@ -44,7 +44,7 @@ func QueryOriginRepo(pkgName string) (GiteRepo, bool) { func QueryRepoMember(groupId int64, memberType string) ([]GiteRepoMember, bool) { o := orm.NewOrm() var grm []GiteRepoMember - num, err := o.Raw("select * from cve_gite_repo_member where group_id = ? and member_type = ?", groupId, memberType).QueryRows(&grm) + num, err := o.Raw("select * from cve_gite_repo_member where group_id = ?", groupId).QueryRows(&grm) if err != nil || num == 0 { logs.Info("groupId", groupId, ",memberType", memberType, ", cve_gite_repo_member 无对应数据") return grm, false @@ -54,39 +54,94 @@ func QueryRepoMember(groupId int64, memberType string) ([]GiteRepoMember, bool) } } +func QueryAssignee() ([]IssueAssignee, bool) { + o := orm.NewOrm() + var iae []IssueAssignee + num, err := o.Raw("select * from cve_isssueA_asignee").QueryRows(&iae) + if err != nil || num == 0 { + return iae, false + } else { + return iae, true + } +} + func QueryCveOpeneulerdata(pkgName string, version string) (GitOpenEuler, bool) { goe, ok := QueryYamlData(pkgName, version) if !ok || goe.GitId == 0 { gr, okrg := QueryOriginRepo(pkgName) if !okrg || gr.RepoId == 0 { + aie, aieOk := QueryAssignee() + if aieOk { + for _, a := range aie { + if a.Assignee != "" && len(a.Assignee) > 1 { + goe.MainTainer = a.Assignee + break + } + } + return goe, true + } return goe, ok } grm, okgrm := QueryRepoMember(gr.GroupId, "Maintainer") if !okgrm { + aie, aieOk := QueryAssignee() + if aieOk { + for _, a := range aie { + if a.Assignee != "" && len(a.Assignee) > 1 { + goe.MainTainer = a.Assignee + break + } + } + return goe, true + } return goe, ok } for _, g := range grm { - goe.MainTainer = g.MemberName - break + if g.MemberName != "" && len(g.MemberName) > 1 { + goe.MainTainer = g.MemberName + break + } } return goe, true } else { if goe.MainTainer == "" || len(goe.MainTainer) == 0 { gr, okrg := QueryOriginRepo(pkgName) if !okrg || gr.RepoId == 0 { + aie, aieOk := QueryAssignee() + if aieOk { + for _, a := range aie { + if a.Assignee != "" && len(a.Assignee) > 1 { + goe.MainTainer = a.Assignee + break + } + } + return goe, true + } return goe, ok } grm, okgrm := QueryRepoMember(gr.GroupId, "Maintainer") if !okgrm { + aie, aieOk := QueryAssignee() + if aieOk { + for _, a := range aie { + if a.Assignee != "" && len(a.Assignee) > 1 { + goe.MainTainer = a.Assignee + break + } + } + return goe, true + } return goe, ok } for _, g := range grm { - goe.MainTainer = g.MemberName - break + if g.MemberName != "" && len(g.MemberName) > 1 { + goe.MainTainer = g.MemberName + break + } } } } - return goe, ok + return goe, true } func QueryCveOpeneulerDetaildata(pkgName string, version string) (GitPackageInfo, bool) { diff --git a/task/issuetask.go b/task/issuetask.go index bd3c7b7f7e1899ce9c09ba82ec451c25c313f923..9e789221564e0b080ddfccd4dad6706a18d9e0b3 100644 --- a/task/issuetask.go +++ b/task/issuetask.go @@ -9,6 +9,7 @@ import ( "github.com/astaxie/beego/config" "github.com/astaxie/beego/logs" "os" + "strconv" "strings" ) @@ -72,6 +73,11 @@ func CreateIssue() error { logs.Error("config crontab::days error:", ok) return ok } + years, ok := BConfig.Int("cve::cve_number") + if ok != nil { + logs.Error("config cve::years error:", ok) + return ok + } prcnum, ok := BConfig.Int("crontab::prcnum") if ok != nil { logs.Error("config crontab::prcnum error:", ok) @@ -105,6 +111,18 @@ func CreateIssue() error { continue } } + // Import cve as data after 2018 + cveNumList := strings.Split(issueValue.CveNum, "-") + if cveNumList != nil && len(cveNumList) > 1 { + cveYears, yearErr := strconv.Atoi(cveNumList[1]) + if yearErr == nil { + if cveYears <= years { + models.UpdateIssueStatus(issueValue, 2) + logs.Info("cve: ", issueValue.CveNum, ",需要大于: ", years, ",否则不需要在git上提交issue, cveData: ", issueValue) + continue + } + } + } // Determine whether cve has been processed issueExist := taskhandler.GetCveSecurityNotice(issueValue.CveNum) if issueExist { @@ -147,6 +165,21 @@ func ProcUpdateIssue(issueValue models.VulnCenter, accessToken, owner, path stri lit.NVDVector = sr.NvectorVule lit.CveBrief = issueValue.Description lit.CveLevel = issueValue.CveLevel + if lit.Assignee == "" || len(lit.Assignee) < 2 { + gitYaml, ok := models.QueryCveOpeneulerdata(issueValue.PackName, issueValue.CveVersion) + if !ok || gitYaml.MainTainer == "" || len(gitYaml.MainTainer) < 1 { + assignee, assErr := taskhandler.GetCollaboratorInfo(accessToken, owner, path) + if assignee != "" && len(assignee) > 1{ + lit.Assignee = assignee + //return err + } else { + logs.Error("获取仓库: owner:", owner, "path:", path, "分析人失败", "assErr:", assErr, + ", cveid: ", issueValue.CveId, ",创建无maintainer的issue") + } + } else { + lit.Assignee = gitYaml.MainTainer + } + } path = lit.Repo _, err := taskhandler.UpdateIssueToGit(accessToken, owner, path, issueValue, lit) diff --git a/taskhandler/cve.go b/taskhandler/cve.go index c37cca07ecdd068bc3dbd6428e74d2f15ac489e5..17c6a284b414517588284b449bd86a25a9362f1d 100644 --- a/taskhandler/cve.go +++ b/taskhandler/cve.go @@ -8,6 +8,7 @@ import ( "errors" "fmt" "github.com/astaxie/beego" + "github.com/astaxie/beego/config" "github.com/astaxie/beego/logs" "io" "io/ioutil" @@ -679,6 +680,28 @@ func GenCveVuler(cveData models.OriginUpstream, cveRef string, openeulernum int) models.UpdateOriginStatus(common.GetCurTime(), cveData.PackName, cveData.Version, cveData.CveId, 3) return false, errors.New("数据错误,暂时不处理") } + BConfig, err := config.NewConfig("ini", "conf/app.conf") + if err != nil { + logs.Error("config init error:", err) + return false, err + } + years, confOk := BConfig.Int("cve::cve_number") + if confOk != nil { + logs.Error("config cve::years error:", confOk) + return false, errors.New("数据错误,暂时不处理") + } + // Import cve as data after 2018 + cveNumList := strings.Split(cveData.CveNum, "-") + if cveNumList != nil && len(cveNumList) > 1 { + cveYears, yearErr := strconv.Atoi(cveNumList[1]) + if yearErr == nil { + if cveYears <= years { + models.UpdateOriginStatus(common.GetCurTime(), cveData.PackName, cveData.Version, cveData.CveId, 3) + logs.Info("cve: ", cveData.CveNum, ",需要大于: ", years, ",否则不需要在git上提交issue, cveData: ", cveData) + return false, errors.New("数据错误,暂时不处理") + } + } + } cveDesc, ok := models.QueryCveDesc(cveData.CveId) if !ok { logs.Error("当前数据描述为空暂不处理, data: ", cveData)