From ec634e058febd3a4d82589725f87bbe047c70721 Mon Sep 17 00:00:00 2001 From: zhangjianjun_code <7844966+zhangjianjun_code@user.noreply.gitee.com> Date: Sat, 31 Oct 2020 19:33:25 +0800 Subject: [PATCH 1/2] 1. Optimize the status of issue compatibility; 2. Modify the configuration file --- conf/app.conf | 2 +- conf/product_app.conf | 2 +- cve-py/controller/timertaskcontroller.py | 7 ------ cve-py/main.py | 2 -- doc/sql/db_struct.sql | 4 ++-- task/issuetask.go | 4 ++-- taskhandler/cve.go | 27 +++++++++++++++++------- 7 files changed, 25 insertions(+), 23 deletions(-) diff --git a/conf/app.conf b/conf/app.conf index ad97d18..219bf56 100644 --- a/conf/app.conf +++ b/conf/app.conf @@ -52,7 +52,7 @@ oricveflag = 2 oricvecheck = 00 00 05 * * * getissueflag = 2 getissue = 00 00 05 * * * -issueflag = 2 +issueflag = 1 createissue = * * 05 * * * test = 0/10 * * * * * gittokenflag = 2 diff --git a/conf/product_app.conf b/conf/product_app.conf index 832c90e..72e9d6a 100644 --- a/conf/product_app.conf +++ b/conf/product_app.conf @@ -43,7 +43,7 @@ maxlines=50000 maxsize=204800 [crontab] -ymalflag = 2 +ymalflag = 1 getymal = 00 00 01 * * 1 cveflag = 1 getcve = 00 00 03 * * * diff --git a/cve-py/controller/timertaskcontroller.py b/cve-py/controller/timertaskcontroller.py index f8259bf..9dd7563 100644 --- a/cve-py/controller/timertaskcontroller.py +++ b/cve-py/controller/timertaskcontroller.py @@ -41,10 +41,3 @@ def timertask(): except SystemExit as err: print("Err:", err) - -def initExce(): - """ - import excel data - :return:None - """ - taskcontroller.runtabletask() \ No newline at end of file diff --git a/cve-py/main.py b/cve-py/main.py index b40a4ae..966cf7e 100644 --- a/cve-py/main.py +++ b/cve-py/main.py @@ -20,8 +20,6 @@ from controller import timertaskcontroller if __name__ == '__main__': - print("import excel start:") - timertaskcontroller.initExce() print("The program starts, waiting for the timing task to execute") timertaskcontroller.timertask() diff --git a/doc/sql/db_struct.sql b/doc/sql/db_struct.sql index a643cd4..420bfe8 100644 --- a/doc/sql/db_struct.sql +++ b/doc/sql/db_struct.sql @@ -47,7 +47,7 @@ DROP TABLE IF EXISTS `cve_export_record`; CREATE TABLE `cve_export_record` ( `id` bigint NOT NULL AUTO_INCREMENT, `file_name` varchar(255) NOT NULL DEFAULT '', - `create_time` datetime NOT NULL, + `create_time` bigint NOT NULL, `file_code` varchar(255) NOT NULL DEFAULT '', `state` tinyint NOT NULL DEFAULT '0', PRIMARY KEY (`id`), @@ -391,7 +391,7 @@ CREATE TABLE `cve_issue_template` ( UNIQUE KEY `cve_issue_template_cvn_issnu` (`cve_num`,`issue_num`), KEY `cve_issue_template_cve_id` (`cve_id`), KEY `cve_issue_template_issue_num` (`issue_num`) -) ENGINE=InnoDB AUTO_INCREMENT=619 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=625 DEFAULT CHARSET=utf8; /*Table structure for table `cve_open_euler_s_a` */ diff --git a/task/issuetask.go b/task/issuetask.go index 9e78922..40d6225 100644 --- a/task/issuetask.go +++ b/task/issuetask.go @@ -117,9 +117,9 @@ func CreateIssue() error { cveYears, yearErr := strconv.Atoi(cveNumList[1]) if yearErr == nil { if cveYears <= years { - models.UpdateIssueStatus(issueValue, 2) + //models.UpdateIssueStatus(issueValue, 2) logs.Info("cve: ", issueValue.CveNum, ",需要大于: ", years, ",否则不需要在git上提交issue, cveData: ", issueValue) - continue + //continue } } } diff --git a/taskhandler/cve.go b/taskhandler/cve.go index 17c6a28..296947f 100644 --- a/taskhandler/cve.go +++ b/taskhandler/cve.go @@ -1221,7 +1221,7 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c score.Oavailability = vectorO.Availability } } - if vul.Status == 0 { + if vul.Status == 0 || vul.Status == 1 { accessToken := os.Getenv("GITEE_TOKEN") hookError := CreateDepositHooks(accessToken, owner, cveData.RepoPath, vul, cveData.Number, cveData.IssueId) logs.Info(hookError) @@ -1300,13 +1300,14 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c issueTemp.IssueId = cveData.IssueId issueTemp.IssueNum = cveData.Number issueTemp.Assignee = cveData.IssueAssignee - if strings.ToLower(cveData.State) == "open" { + if strings.ToLower(cveData.State) == "open" || cveData.State == "待办的"{ issueTemp.Status = 1 issueTemp.IssueStatus = 1 - } else if strings.ToLower(cveData.State) == "progressing" { + } else if strings.ToLower(cveData.State) == "progressing" || + strings.ToLower(cveData.State) == "started" || cveData.State == "进行中" { issueTemp.Status = 2 issueTemp.IssueStatus = 3 - } else if strings.ToLower(cveData.State) == "closed" { + } else if strings.ToLower(cveData.State) == "closed" || cveData.State == "已完成" { issueTemp.Status = 3 issueTemp.IssueStatus = 2 } else { @@ -1436,10 +1437,20 @@ func GenCveVulerByIssue(cveData models.GiteOriginIssue, cveRef string, openeuler logs.Info("处理issue状态为开启、处理中状态的数据:", cveData) cvd, ok := models.QueryCveByNum(cveData.CveNumber, cveData.RepoPath, hole.Version) if ok && cvd.CveNum != "" { - lock.Lock() - upOk, upError := UpdateIssueCveGroups(cveData, hole, cveRef, openeulernum, 1, goe, cvd, owner) - logs.Info(upOk, upError) - lock.Unlock() + if strings.ToLower(cveData.State) == "open" || cveData.State == "待办的" || + strings.ToLower(cveData.State) == "progressing" || cveData.State == "进行中" || + strings.ToLower(cveData.State) == "started" { + lock.Lock() + upOk, upError := UpdateIssueCveGroups(cveData, hole, cveRef, openeulernum, 1, goe, cvd, owner) + logs.Info(upOk, upError) + lock.Unlock() + } else { + lock.Lock() + upOk, upError := UpdateIssueCveGroups(cveData, hole, cveRef, openeulernum, 2, goe, cvd, owner) + logs.Info(upOk, upError) + lock.Unlock() + } + } else { lock.Lock() okx, errx := InsertIssueCveGroups(cveData, hole, cveRef, openeulernum, 2, goe, owner) -- Gitee From a334a5934ae139bf2badbe77a84372c07f77ec78 Mon Sep 17 00:00:00 2001 From: zhangjianjun_code <7844966+zhangjianjun_code@user.noreply.gitee.com> Date: Mon, 2 Nov 2020 15:18:04 +0800 Subject: [PATCH 2/2] 1. Solve the problem that the issue template cannot be modified when the issue status is rejected and suspended, and the content of the template is not modified for issues with suspended and rejected status; --- conf/app.conf | 4 +- cve-py/controller/timertaskcontroller.py | 2 +- cve-py/emailtask/sendingtask.py | 2 +- cve-py/main.py | 1 + cve-py/newexcels/20.03-CVE-10-10.xlsx | Bin 0 -> 12859 bytes .../problemexcels/error_data_2020-11-02.xls | Bin 0 -> 5632 bytes cve-py/tabletask/toexcel.py | 8 +- models/modeldb.go | 2 +- taskhandler/common.go | 12 +- taskhandler/createissue.go | 231 ++++++++++-------- taskhandler/cve.go | 56 +++-- 11 files changed, 189 insertions(+), 129 deletions(-) create mode 100644 cve-py/newexcels/20.03-CVE-10-10.xlsx create mode 100644 cve-py/problemexcels/error_data_2020-11-02.xls diff --git a/conf/app.conf b/conf/app.conf index 219bf56..5155786 100644 --- a/conf/app.conf +++ b/conf/app.conf @@ -46,13 +46,13 @@ maxsize=204800 [crontab] ymalflag = 2 getymal = 00 00 23 * * * -cveflag = 1 +cveflag = 2 getcve = 00 00 01 * * * oricveflag = 2 oricvecheck = 00 00 05 * * * getissueflag = 2 getissue = 00 00 05 * * * -issueflag = 1 +issueflag = 2 createissue = * * 05 * * * test = 0/10 * * * * * gittokenflag = 2 diff --git a/cve-py/controller/timertaskcontroller.py b/cve-py/controller/timertaskcontroller.py index 9dd7563..8559590 100644 --- a/cve-py/controller/timertaskcontroller.py +++ b/cve-py/controller/timertaskcontroller.py @@ -35,7 +35,7 @@ def timertask(): scheduler.add_job(taskcontroller.runmappeingtask, 'cron', day_of_week='0-6', hour=7, minute=30) # Download files timing task scheduler.add_job(taskcontroller.rundownloadtask, 'cron', day_of_week='0-6', hour=0, minute=1) - # Delete files timed tasks that are more than one month old + # Delete ,iles timed tasks that are more than one month old scheduler.add_job(taskcontroller.rundelfiletask, 'cron', day_of_week='0-6', hour=9, minute=30) scheduler.start() except SystemExit as err: diff --git a/cve-py/emailtask/sendingtask.py b/cve-py/emailtask/sendingtask.py index f3fca57..3cc47f6 100644 --- a/cve-py/emailtask/sendingtask.py +++ b/cve-py/emailtask/sendingtask.py @@ -28,7 +28,7 @@ def sending(): mysql.close() print(result) for i in result: - subject = "Form error data feedback" + subject = "Form error data feedback(人工CVE漏洞数据错误反馈)" content = "The submitted CVE data is wrong, please check the format and content, please refer to the attachment" sendemail.send_email("smtp.gmail.com", 587, os.getenv("CVE_EMAIL_SENDADDR"), diff --git a/cve-py/main.py b/cve-py/main.py index 966cf7e..6b05b88 100644 --- a/cve-py/main.py +++ b/cve-py/main.py @@ -20,6 +20,7 @@ from controller import timertaskcontroller if __name__ == '__main__': + print("The program starts, waiting for the timing task to execute") timertaskcontroller.timertask() diff --git a/cve-py/newexcels/20.03-CVE-10-10.xlsx b/cve-py/newexcels/20.03-CVE-10-10.xlsx new file mode 100644 index 0000000000000000000000000000000000000000..67c3c08c98677dac89f2f5f3e30f53f8679c1f26 GIT binary patch literal 12859 zcmaJ{1yo(hvc)C16WrY$f?M$5?(XjH?k*RCCuj)n5w z0dax=0U`cXOwZPq&eh5?Gp<7dlo2ub*#8*O{)<^eXrg6!_L>NdYD@2dCHAbeps}X< z$LzoK zB!?1O9+2QGAZHEpD+v)hpu&~DG$I@{H|Z3Ef&5j$qU!?jTJlu**wSWE)IUnTV{u$= zwF1A_=fcB>o<*!j{w{X|zrkrYJ?G2hE$O|2p zEPP?w3~z1fuwrv9^B4#taPVtzJ1GLrb^D}@Fbh#ZYV1`fD=7aPSU6LLj&<&V(>iwF ziKh`ifd*T1v}m>?mYxyDECStqUOpA-H35-Ah~^|*77b;PfMGJkMQ@<^u25-8^q7uq@i$! zHNr;9?Xsl#c?xe*RAX7lcOxhBv%CG#H~d{8DhRJfVoY@Yj`JY(kMPSEjLRT^fKdL1 zvy+3PjnymCHAz}Axniin$Lw>@y0eB=3DIzh&|-C0V8C*dwMq}oy9B7==t`tI{uz(Q zk~Sk3`OJ3o&g;^oNyW`09>W=ci92=S`s6$gXi77OwU+iN#M96C@md)f@0Q#XN=S<& zJuwvg=QYESkM<|Nv{h^Cf0qRWQxqv7lbAW&vlt<8e{}UgZRq#9lqyc~?TO1!o^kD+ zAb{dAl%DP)97tS=oAG zAz5M|5hw;#nA*=JaNeU*OlllO1ser+SD6}YtH<)Vhpor5%PYQ6AqX9}NNlcbJuL=; zX45Um{DhF2nZV+G2kJQoci6wzzz`#u@9Zf`XcZlql#Fhu1V*R*ks`68Azamrg832i zEoV1qiJhMG+!m`FM0oy6pvUg@itx?NIU#qnq7O&6sm@jAZ!|sW&yVw!WWL|A6yisM{WM^3`7_9fi4f)Y~^na^ZKJKRCXK z$}j7=>%w5ys^ni&G}fPm?F&b}0J+Aqx+qR>S35~&#=)6Zdp0?LMkV1MSG6oxfNZdi zDd>)gK%*vE+MRHnx#zE zrztdHhD^j2ln$5mu4#pt<0^E<3^CaN^=P_mmgA!Bw)WY3KYu4In9A*PljR7QtHkZ| z@X6tP;;ic$okRUjz;%Q^B5ERB4w5?QpkoQWqK0uBTXtu?Bf0IT3-_aTK^8-UOR+@| z&o3Id_uO>eG1<>pk98Q^^)v49zEE03aYmX7aI>9bi&>&2c<#Bahq@0mR!LrhJ;rb6i6R`She?JLXNR|x3otx{IF9{k3E0-S~Bs|nF>J&c@*#&vK zZB-p=l4JJ;e|d$V8RXmkOvM6jTT4vqQSeI44>$VFiIG)%jvJ_t^gZ+{lpGHS!Hs(G@n)^IYBhV{QEBNrnG8OD;C{ z77nIHMvlMFC`L7D6AB~{5DhjE5axf${-N^6JhrF}STBg8E@ABOA!?#RBT5pH@=;TU zl5!^Fhgnb_F=ZFUb*HZ}Z1jaUoe|0C*Snz#B;>-4Vv0qeO0T2Sp4l#5m`KfOZ(_Lj z$K7Dcl#)x^VOF9-QJkT|7;Kz-YQ=IdWcds$8rs)+bD{uQa`bUDkcY!y<9Qw%6^rA| zFUFKsp*6ka!e7N!Zl3a`B6SoLXf4;d#6Q=kC4q{ z?-0BMxXPq|HWoI$MwG-dU&!(BqZmNTCr--75)(nygr+fQ-UAsJO|^`(vS0~<`TtdLVdK?2Bh+oXAZ97=Du_5zXh2V$!N z0beODMw&PEB924+4yJIsCrsppOVNs@0V+3W>FLyVa;8)&lsPR((%&=~@*uo_mOVB(Uk*&IXQ(Lg7)imd%NEs+HySgHsE`uGeDD1`ERn?Z(61Ew zWYL&0M8@k-Vd8r@L4gx=jB1(N{HfL2tNf|W+8g|-U38;kYsEhzR-GB^%fRZCj@h7d z&yye-0r|~HE|&M-5`w*c$i2g)^rj>!%u2w4QWymZ;>YmAD9ja!#wg4ug%2#+Rm34; zX5|_2V_?nP;!jOaz85mS6EeOR+TuVIyZX%{-^$~od!@$y)e_A+GfB4qF?WYCV_=TjW05>j{) z3Ik!u?BJMj{Tb8dBW zYIZ9*H|(8jTR#t^RSh+nwe|JPS^Z&{41az6&PDqMN00dJ8q_Mnr$P%hSg7GhjY=BJ zAQR0EHb?TsJoanA(8tWE$KlShyd^CT5eJ>EuDm4-$S*ed&5K8tHcrmv_{|TGt_CGl zk0m4ZG#?U~^~N`0y3h2BWO8^=i)lOXWkE6Ok?E)Sh4HMnRoPGo8M$*?O-tF>Pnl|08EoCV*AsL zGa4)5$MN#EXwtQYa+fu0M@{w@oYgel41EOLL)+~&5>0_IT9f`{``^p8UNo) zt=H}MOC{xKYGh^f+x8nN%9cIkWzQ1-l5b!4Eq{vrA^bS1F= z?u_-`sd)A)w&{fESB=SaSDxiecV`n;W|=)~^B6I)P=9v;K}`;VYnp7_l!@PKN?MBb6;oLE% zc}UQr->06YRyV(mTTU8sS!sx5R}>@i*Y%=dw;g~i$9ExENpKX}FXrCbM(6h6Hu({$>Xo$>kThtBVo)MZA1DvkpRm6M5v+-+K>hfUG>uk7NSKh1xh z*7Edw+VdYAa&B5OEv!_{g)qe5hq<}jQ}?py?!b=iW=B7{yi)#DwY3V@w>E=*(jqxj z(-^^?9XsY)={pU7cqzZfX*f71L+OdTx<7@=`(A)$W2`_e(ycVPTRrgDehkzXf~nLr za*~G7;6Mn|#g+vX)dIpbVD(!h?%C$I*sY*^dedC><$LJh#MB9o$Ag8Lk*w^Q5j^}Q zA9u&+kUU6)=p!E+Gfo&6TO3r3*1Nlem9`ti$E%G26$C!&-T|Vglw)4^r}Iyn{C(LC z!t}g85Bn3n^mtwmXBi=+C$xScA~(LG!nxQRh==D;j?BS!q~t<&wP*o|3MSz2e$LRl zhUgcYLT_8>Z2-A&npn|Ez}ZTlQ>nT#L8p1g8hFa~GzA#+)-0KUC^5rG^j>Aga_Ap1;!xwnrc&f@-vq`YA0El>%{ryr`AhOD z@4$;#Nl8jGWebtVZbdkof_bMU?ZTEjTUL2s*Kkr#xM$$hi-|!EN(AB~Zl#`5Wl`ZI z#o?@mqQQCNmQ+afJxSe&XsS@1IPzn@UqXtjv>cKKzC#Ci!wI!eIo;D`h|tMXa8c&D z;W}swTc3-Qcge{IA5L)4=&vN8K*>d3)l&r=+p`N@yt@JJm0a@5K<-^4$MDx+u@z2- z49!XlN7m6MT?|`!ii~1pRDzIbR45|GdRCh=M%}C3JgK#;Yo?v;`W|nxt@>3v_#Pv9 z$BH}Z8p^PH4gIoKu&r!#*{4;Ieqi(b%fPujtdcrAN$m_loq126lbO2> zH1_Cc$N=|DPN(<>g5DZ__N(c#biP~rjLvfDF>7PkY;m_xzobA5Fhc(}=_vo)BT` zB96Zk+i%&)OSh9pr-lhP<*{Vgsal6trna>(uk`U-FaszWs_1;9J73m0l}GPzpa-s5 z-|bt|x39#+t!*|oDEL8$PflwC``*Yk68WTYa)`tjSd-&cVzz>hF-w-$`&EfKJ@mmM^0?eLgW~B>n5EaA{;zMBk z@(^%QE(LWw45|&;p!nE39^j~eB3wjT+isW%L`7S1t0x%y?B@kQ6^oR5r?~v#1Q7I_ z`?xpYgdVcVQWu&0rO8KH$t04{X`xi1)F{+fu{elqqpY^l$A@@t2q&dk#Rq&laAWwc zd4{s}vNHhst(-|TD;`$x4@;Rb(#Epi%Q_2l`VT%vq}D;6YfY824^*|(eGbh^ty8hKzE|31Ca5C$d`2bD5PGWn6N)G;*#O^i0QR_NE z4Vw8QX5-5iGeRB+2<~Uza&UCBG;(;|eV0*luO+5L#iTb&@LQ(G#eize*)QF zwphW~=8|c$TiX?jTEAI52RLLo97TL-aXK_yrK|(k?m&1;PO-Bp**#c~Iy`nJ-?d<0 zi3%wN%k>^RHMhH{?-emCezEeoq}J%%nRK{{!6BE=hW442kICJ+F)v^`z~c-Uwq@pU z_Pi;;4-Ak2)9LK|e!}6%)k27j<%%XWVV)$=dpUJT>%&q3IVQUcLCj}fgw9hCtJ69G zYI~Vp9J@6yfKaih*qWnxyOl&eFTKg?_>c$pv@o-R1wLkhy#cCoT9y&6F75~oH^Ypz zJSlHgg(7%9Q@%+7L?7N4cJtioDhBT=WbD0mn0^}vP#qlH(x*TsHgW9cXY#?Q2<0v6 zLRwzlgXD#&))UMhOFJz4vGBbt8d7gsF1FDRBTxcN(Vu^v+1q3_mbz!V&HL$sw{`C` z3cR16@M!fY=V05-cfWl|LM}BzuD)l;onqk(zlDx@&9-d-M|(8{SMSAPQ@~?f%$I~6 zl=Q+Odr?Ey```t*0KL(eM105A!+Mw+zO|eI$DLWc;76rIoD&JD$cPvS-cA-8RxE(H z-9f};@H!2HRsX!9BNPIHda)Jz0@fto#-gT*`A)H?`aoifB8V3>&sRC!xbh#y;Vj|q z70O!WOnx_0xnX?d+LBH=1D}{vbiZQnv)xgrhkj+6V6)okN$GPZG_IPSo7ry~AQe}J zE~LyhyOLi@Gs%g1DjO}J2;P!M+p4byPOAJmnb>E)8$Pgk)=ybN$;fDhy;x5|zs5L% zC~954JtokkCSt(JQPtwK7)C^XVRe(+)ypmuqerscNdh8QBUnDraK~@}*n^KrAEgzIVY0aJi-bBv^ zO*XZkV^oTtOgvqTUw9tojZ#^uUB*`IK2dQob>9YmhwWZAX39dV(5qC_UdgckT(i?V z(VLXskj&sPyM zdlaZgo0ZQa_N0y}{S?8@L$%YW+Ch|JK!VvvqyoAOc0`nd(s_0W;$eg*t_TardWYqU z5!PYn9SuMF>~)V&9O&2AGX9 z0ljw>@<2sgnFqZ&G5OcjC_uYEn>{kUg#kS#t}Fbe!2wIHDs>f;it+TYCQ?{I0~5VP zNo3VI?ND554fA_`eWU2ET()qd_vr>%K1uMRPU0;~hCN3)}A5;Xm5r-iLC4lQ>4 z15wt}-N!%ZZNds?8-O~c5}u(We_p|bg9nWEESO_{p7IYw!wW`kXHEoq+aw!Z2{g0o z)LgPDAIQ1f;Ye9wEIYm$05>xTePvD=R%_es2D)JwsQFH`CE6uLt2Vn+lxR;Dmxdzl zJ*WAesbqFDU+Q~lk16n{vq_5O2B=F?TRO+SXd}|mX6j4Hceaz69+KQPoRy*320t;<7Dsds)t3ZePeqR}-!@+p*y&E)h#^^)%n)^NhYjW{X$ z{aAvq)W{^x+&~eSlP8n7CGx7L00^#TkQg{(dDTJjG3@F#v|j#sls=pSXXPwv%uoMin~P%qy5N$^F<8 zze{O~8XlSt$uXS{j^(Yel~ILzWbNODFiV z?uL6sXF8dNy6)Za`*m`@`<$zFVF-|p{#C10v$sO`>6JN=e9xA5G4B#qK1Sj5)!*y{ z?0(^uYj+5AqHs&qPiST&oU29=%H(b0YrSWP<3BJ$u3!Vkb{Kbuo)!j)a!dnT7Dz+K zTxmLg*ljtb_pv*D@&JUH%5;&OF3(oyCs`0-jaP_DHOFx;eZQGF2cuQ5HA=yjZ#%O^ z;hcy@Q)Uq}j8e7Ve%e0jel$r~84b-2f|HTJ>csHzgjmjecx(Zq!xLsy zy3vbbSw8*rQEH^E-qrSL?a`%>SzTmLY>Df3Mu&cQxqwP!56BYQiOCCW56bAY5lYBf z!i@3u!$D2deB3Q!t&!J+3smQYa{CpwSQ*U zU@ze!a#;-y6sAyMhojO~GH#?bGZUEFKd2&Mb8P^G0l9~5?cRRW0q|uL5jm}jRtp=R zogVgo#EU+DwD!Cn-sl`DD(%AqqKO+S9Vft1F^iK^GTRdS&J9y5My(JYpqQkF-IWW5 zmpIFCyFIsY<%81f3LSi2$pYGg@Ns;D9d zpZsRtOq^AcTk-}P(jmbx z&creT!c<}>Q)5k4X5Ub3237ew<7A!b$UZg6bbn+AQ?&p~6k9O|@(G-m@1~1c`qH*4 zjD>5J`_CC!zB5$EaGiibEDy`{UbTP8nmCSZ-hp`hT2Q&pexe|ZczsjMzN8@#m|=1G+|YE{HHw@}3Ha&2jlmvhL%Ml(@l%~JBN30tY8rK-t-omI%< z8FlZiyX5*5%2K+U!a9K)(vmR--p!jkue$xg){?JkW@I)NfuiN`JoQwOQBfVoRSvXC z_h(%06_MQNKovi7a=Svm$F_>t-#`Do$o&S7e0}zEy;TMV1oX<7csZPLFx9g+GE{K1 zH?ubRqt=a5)QA8uV0zJC@PU1t59uP&Hpan8F-jH8F&Z$3oKGR_sh^+fBKtacHN##t z5rS;8ASi1;d|Up0&_-q*$Q#PaowN>EfCEU-e(K^(58JbRxx)!4(x_4|AYLDv8yaO1 z^^4ACkLs#^!5l)@N+;LYQtb9Ujv{@2fnv=>SV!AlYbgB&0J9xrw4!HNz13|SvT`k#9GlakpGtl~mUP6To2wC+!iDz0;42G542!44)! zJnda5Bv16qD>e77b<_8Awg(#v{DS91hOZ$OYs*%ZS-fvrbbCaURJdMFZ6{)SVrD7l zuG~@Q$&dDI%DbE!0m?lZof?nGigrImrs%{=dt|F{(+jO432FXYZ!lz5qEtB4~Lf+340+Q zApDGx*UL418ykzC_nkT)zA?PeJER}rYknww_eIj24F!v8#$3bqWayc^jAnH_97hjX zS#FXB>x}qNx9xnL;_!hz?dXjNZwHr|qf~%(4Dx6ZlKdBgy9Y-P&cZIYa&Q$CZr!mZX+-kEeeSgM-Nf4c*0VU z6w=@!qGDl7$yH^Ft{$vAmz0v;DVpl2m$lT;N$)N!#HoscinQ}j+@$W;Nd#BGLKu}U7%ua{DZwn&TTn@wHZ-On(JsSjt_01dB8LxC}516Uq#?be3 z!m?hyT1cj+uMh}Rk-#M5qY_^h`VrRvLHDHT8CLVAJk;oMR8+)pDT-*O8#$nY81~35 zA2HoNiH^2NvTD*6^J;M}X zS9#L%ghrUDHx%PCoh)O~A_F}0X4?=iMIazJN9>(=2aa7NLQ2bwY2idPgHjd37dJKA z>}b+@HD&O_NwbG;`6ni}zjefoX;cr0aRrj*?mv?-^>%F}yYaH>h}oafmbm=;nKs7H zSpVw$tX?5%eycR1=g_>oX59_6JpLf%D}jP6=Njddbn zd3j!fC0!+GI#aU3b%x&nHQ7A1-;%anWU*2B*7IDgRR~0Fts8zvARj8~7SOPm7v|t5 zg%JMSxDz5+`3P^aEPbRAfX}eR-GVQwR{oaDD6lME$VnnAeqE#Hof5PONpwQ=37|l& zcI$wy?L&X*<3p$CS1Rw8dp3P_^o!!EGnjuz|35bh|AhDa=Tj)q7pxUuI2l+!@%}0H z*JbHvY$ptucQL?iVz18YV7Z^ zCG|Xx!@uuru$V%CC~jen6=tMxOdGLK!MfpUS>g#Gs->$db1~KB_ZM>asCsUnuC&Z8 zJ`xX$AO=Nqc+O=tLUT?gTFFb0`5|PYW=P>=Q`M9F*~RW5zjG0EJm?eG7Q{D3A225@ zck!o{1q_kQA0;EL?;Jfz1r>}yw?5(+aw8jHOBjMi*pqZ+f9d45eA6jJ{fSd9(w+9n zd%!jM-8V|FM0d>u*5IXNSXX1%;o9RG3$jGFqzlcmcv6k{$GcJ4pgxr80^zghdKl%PIM2UX_dpTP>8s-ITmKU&ze}esA8ox*rf1o}U&tuWafEau&_#7~1 zJzy`Mo;-_}j>?oMC|-p>K8GGhO5A^YbKMeK;FlQBm`8Htwz56i%zHsLmxC}r7avAr z0P#SkY`V-G3%qXncz;#)Wo8GyjNJC7pDH@+`pjmyNBn?}bppyY5xG1gWuec&X+)d$<8McbZ6p^l z?k`y8g8#e<(-5+;b~Lhf)KPS^HFD5;&8B6E1J>Ud5Jj$&?hxYYl=OFUi>W{&c$JkR z6z_n`c?gwp7S1r=_^gEaNhl_U=%Vz0-OhT4;K86?O_m|Ve`wi%ClX_%Tc9v6BYDN? z)_<%PET>8uStVOZN`MXb4<|F7fg@q|N`fxx&=Jz0FVfA3jYe6>s zHxIQlP3z-xP;6UYCv-bIP!#oz^{<+VJi>poGJ{Gq+D&PQR4t-4N5)~x9PI7 zhFk$PSFS>Am@DEt&QFk~>&rzf0@QsyL|yD-@o?n;9LVjsgdF|0@9-Jr#noWrsWpoJ zAdQJ=pBEEI0zdzlIoGar1eOW0F`pFqCpRx*LT1^fFbzAgF&7!9Quk zzfaan>;nM<5xo5VN(BV;4^#Kkz(13cUi0$L_R2tpB>k18|L*knJpHQk(<$|zI)A)l z|I69y()qK!I(uz@VMhPm-|yV$SK*)j$p5PLAExy05dBX5{iPlJ66Jq7{eL3x@9MuZ zT7Rh@y_6}x)c@qS{;xs5EKmPwuY*Q?0sLhz^S>1Sj?&o6cwZF$e+B$IO1~$ZS4Tfl zy7{Zxf2E)Q<^Gj>__MwCm-T0V|5_rvmT<4#_~(FnElz&6S9JxlKYIUn^?x4A@5Rci zk)LA;{dXgOHTllD|wF{?qXO%joa+e&3w_vL{6N&s){sE&P6m^UH!Z z`cDgg-st=T$^J};Y~KS>O~d;Fd4@XKT2U)6qbAAUFR`)=!(0h5>X`{MVnQTD$& z{mO&<*=VY`_!)adsWg-x@piO7VJG8{3M#G9eofLKdI^RbAV^db@PzrPq$%rETdV?V^8f?xo2wyMyxHEqsVjzq!e9>vsxe zm>#76BL?4NU!b>_R!^PB zScH*2@0Ly70pt$7Vfy^uSQ>PMet|Zd-}nxT9kmm*9BUc;Z&sYxy`Nqt#OZVfOn=`LM1SK2aC%ETu>W^?a7YmSgXiRA`QL-MY`1^U-A(iyZGOoJ{5ItMf;nF& zDd{SeHr}B>Ph7$XH9Xju-cU8Qk8pD#%=&pLi-U)(ZK&czMm8#l@Vbp|Ie4P*?}AOgZfoF^XySx1LSt>?FDfiDNOK(|nC z+A<7H1T*yXKn4p{k9&Z9xVs@PgQHltGLC{+K}0a@+*6lV=1+_DuJ*b@20^r*h*$!FLuzBGO2B5=FR%=p*$b*V zJ?Z!1m=|bxQ9Vp#!dh=s8s|j4zG(h`oM`#k#nsyK%HoaMt*4Q#T?hQ^;#zG5zg%8k zyoOD;s?zl+?(HJF5v?PTt5L{XYc2G;GVCZHrfa&>HM1<#D~)>POkLD3EY_dEMEA<7 ze&If4RlmTaU%z_oyYH7^V#T76h&Ntztw4#g-vUYTM&)AI?5T|=_J@RU!komK&jAf; ze%2o#+-X;)2vGUVi zr@D>9C1Dw{Oxe+vWPK%KT?uy9E=i6yT+xP?EZR7>1dbzY_z?Pxvn0g=xJ`Atf>yUH z=o%EXx}z={IHky5#tz+c8Jjkjl>NwkI%vuzb5%J+Q}oUc|N85jty@b?V|fl1PJDBD zl;140N#Eoi=!`=V35rEJj^~u=@wmyq#ck+ArhMGwv$*!);&t-Yk-YHf=S`b$o7$6@ z=Zs0eS$b@&Jcsh_zkKG$CvN{~X&&WQuHOCH>?^-pdWp*Tv%$w4{O@@>?VNVL|01WK zEN%TdxTf({?++%om%Q=o-IR;h1JZG<$t33>y-Um)5sp_RiyRxT?vTSYtanKc$enrFc7qrqgkNY0v!Q5QlO(iM+@{Y z(8C3K1n7|h9RoTB#QZa_{jp+n=H0G|Ip2!01HMZ%SB%G;GqRpC=gc=NcRSx~8)=O9 zZHeadaa_aqsRE7j?LzA#zFla2#J3Brm*`DMl~?XU>tMeah50^RpmDxkv@TJls2k_o zE%eZJZ)Vtf%X~BY%$*C3TfSZBd&IYE_{N(y z@56jEvVEBEi|!1)&g9Z1&hli>mo4;x{N+u}>*j-zkHZN(eDv{w$KQ3{#lyc3(g%}) zr||(N!e<;oSMXtnKk95C^8bE1N)yf&GpwceN_Sqr@bkA`{jIb0y^z~}&U`@XQOo$z pd#~<0*5TSv%+G%8*k~uCy-(~^bHBFxo_~D(_dD4R?f;|s{{^2^^|=55 literal 0 HcmV?d00001 diff --git a/cve-py/tabletask/toexcel.py b/cve-py/tabletask/toexcel.py index 8e790cc..73b8ab9 100644 --- a/cve-py/tabletask/toexcel.py +++ b/cve-py/tabletask/toexcel.py @@ -18,6 +18,7 @@ import os import xlwt from dbConnecttion.MysqlConn import Mysql import time +import shutil def cur_date(): @@ -41,7 +42,7 @@ class MysqlToExcel(object): :return results: list """ mysql = Mysql() - sql = "select * from cve_origin_excel where cve_status = 3 or cve_status=4 or cve_status=5" + sql = "select * from cve_origin_excel where cve_status = 3 or cve_status=4" results = mysql.getMany(sql) print(results) mysql.dispose() @@ -50,8 +51,9 @@ class MysqlToExcel(object): def generate_table(self): """Generate excel sheet, File already exists, delete""" - if os.path.exists(self.file_name): - os.remove(self.file_name) + if os.listdir("./problemexcels"): + shutil.rmtree("./problemexcels") + os.mkdir("./problemexcels") results = self.get_results() if not results: print("The query result is empty, no error data") diff --git a/models/modeldb.go b/models/modeldb.go index 330d936..ff54b79 100644 --- a/models/modeldb.go +++ b/models/modeldb.go @@ -150,7 +150,7 @@ type IssueTemplate struct { IssueId int64 `orm:"column(issue_id)" description:"issue的id"` IssueNum string `orm:"size(64);column(issue_num);index" description:"issue编号"` Assignee string `orm:"size(128);column(issue_assignee)" description:"issue所属责任人"` - Status int8 `orm:"default(0);column(status)" description:"1:待办的;2:进行中;3:已完成;4:已拒绝"` + Status int8 `orm:"default(0);column(status)" description:"1:待办的;2:进行中;3:已完成;4:已拒绝;5: 已挂起"` StatusName string `orm:"size(128);column(status_name)" description:"issue状态名称"` IssueStatus int8 `orm:"default(0);column(issue_status)" description:"1:待分析;2:已正常关闭;3已分析,待修复;4:已修复;5:已发布;6:已异常关闭"` IssueLabel string `orm:"size(256);column(issue_label)" description:"issue标签, cve/Undisclosed, cve/Disclosed"` diff --git a/taskhandler/common.go b/taskhandler/common.go index f731e29..100cd28 100644 --- a/taskhandler/common.go +++ b/taskhandler/common.go @@ -4,6 +4,7 @@ import ( "cvevulner/common" "cvevulner/models" "fmt" + "github.com/astaxie/beego" "github.com/astaxie/beego/config" "github.com/astaxie/beego/logs" "reflect" @@ -330,12 +331,19 @@ func CreateIssueBody(accessToken string, owner string, path string, assignee str } StatusName := "" if its.StatusName != "" && len(its.StatusName) > 1 { - if its.StatusName == "待办的" { + if its.StatusName == "待办的" || its.StatusName == "开启的"{ StatusName = "open" } else if its.StatusName == "进行中" || strings.ToLower(its.StatusName) == "started" { StatusName = "progressing" - } else if its.StatusName == "已完成" || its.StatusName == "已拒绝"{ + } else if its.StatusName == "已完成" { StatusName = "closed" + labels = beego.AppConfig.String("labelFixed") + } else if its.StatusName == "已拒绝" || strings.ToLower(its.StatusName) == "rejected" { + StatusName = "rejected" + return "" + }else if its.StatusName == "已挂起" || strings.ToLower(its.StatusName) == "suspended" { + StatusName = "suspended" + return "" } else { StatusName = its.StatusName } diff --git a/taskhandler/createissue.go b/taskhandler/createissue.go index 4f1dc7a..df656a3 100644 --- a/taskhandler/createissue.go +++ b/taskhandler/createissue.go @@ -28,24 +28,33 @@ func CreateIssueData(issueTemp *models.IssueTemplate, cve models.VulnCenter, sc issueTemp.IssueNum = resp["number"].(string) issueTemp.Assignee = assignee issueTemp.StatusName = resp["state"].(string) - if strings.ToLower(resp["state"].(string)) == "open" || resp["state"].(string) == "待办的" { + if strings.ToLower(resp["state"].(string)) == "open" || + resp["state"].(string) == "待办的" || + resp["state"].(string) == "开启的" { issueTemp.Status = 1 issueTemp.StatusName = "open" + issueTemp.IssueStatus = 1 } else if strings.ToLower(resp["state"].(string)) == "started" || strings.ToLower(resp["state"].(string)) == "progressing" || strings.ToLower(resp["state"].(string)) == "进行中" { issueTemp.Status = 2 issueTemp.StatusName = "progressing" + issueTemp.IssueStatus = 3 } else if strings.ToLower(resp["state"].(string)) == "closed" || resp["state"].(string) == "已完成" { issueTemp.Status = 3 issueTemp.StatusName = "closed" + issueTemp.IssueStatus = 2 } else { if strings.ToLower(resp["state"].(string)) == "rejected" || resp["state"].(string) == "已拒绝" { issueTemp.StatusName = "rejected" + issueTemp.Status = 4 } - issueTemp.Status = 4 + if strings.ToLower(resp["state"].(string)) == "suspended" || resp["state"].(string) == "已挂起" { + issueTemp.StatusName = "suspended" + issueTemp.Status = 5 + } + issueTemp.IssueStatus = 6 } - issueTemp.IssueStatus = 1 issueTemp.IssueLabel = labels issueTemp.Owner = owner issueTemp.Repo = path @@ -70,42 +79,52 @@ func CreateIssueToGit(accessToken string, owner string, path string, assignee st its.Assignee = assignee } issueType := its.IssueType - labels := its.IssueLabel + labels := "" + if its.IssueLabel != "" && len(its.IssueLabel) > 1 { + labels = its.IssueLabel + } else { + labels = beego.AppConfig.String("labelUnFix") + } + if accessToken != "" && owner != "" && path != "" { url := "https://gitee.com/api/v5/repos/" + owner + "/issues/" + its.IssueNum score := strconv.FormatFloat(sc.NVDScore, 'f', 1, 64) OpenEulerScore := strconv.FormatFloat(its.OpenEulerScore, 'f', 1, 64) requestBody := CreateIssueBody(accessToken, owner, path, its.Assignee, cve, sc, OpenEulerScore, score, labels, its, 1, its.IssueType, "", brandArray) - logs.Info("isssue_body: ", requestBody) - resp, err := util.HTTPPatch(url, requestBody) - if err != nil { - logs.Error("创建issue失败, cveNum: ", cve.CveNum, "err: ", err) - return "", err - } - if _, ok := resp["id"]; !ok { - logs.Error("创建issue 失败, err: ", ok, "url: ", url) - return "", errors.New("创建issue失败") - } - logs.Info("issue 创建成功,cveNum: ", cve.CveNum, "issueNum: ", resp["number"].(string)) - // Structure data - var issueTemp models.IssueTemplate - CreateIssueData(&issueTemp, cve, sc, resp, path, its.Assignee, issueType, labels, owner) - if len(brandArray) > 0 { - var brandArryTmp []string - for _, brand := range brandArray { - brandArryTmp = append(brandArryTmp, brand+":") + if requestBody != "" && len(requestBody) > 1 { + logs.Info("isssue_body: ", requestBody) + resp, err := util.HTTPPatch(url, requestBody) + if err != nil { + logs.Error("创建issue失败, cveNum: ", cve.CveNum, "err: ", err) + return "", err } - brandStr := strings.Join(brandArryTmp, ",") - issueTemp.AffectedVersion = brandStr - } - // Store issue data - issTempID, err := models.CreateIssueTemplate(&issueTemp) - if err != nil { - logs.Error("创建issue 模板的数据失败, cveNum: ", cve.CveNum, "err: ", err) - return "", err + if _, ok := resp["id"]; !ok { + logs.Error("创建issue 失败, err: ", ok, "url: ", url) + return "", errors.New("创建issue失败") + } + logs.Info("issue 创建成功,cveNum: ", cve.CveNum, "issueNum: ", resp["number"].(string)) + // Structure data + var issueTemp models.IssueTemplate + CreateIssueData(&issueTemp, cve, sc, resp, path, its.Assignee, issueType, labels, owner) + if len(brandArray) > 0 { + var brandArryTmp []string + for _, brand := range brandArray { + brandArryTmp = append(brandArryTmp, brand+":") + } + brandStr := strings.Join(brandArryTmp, ",") + issueTemp.AffectedVersion = brandStr + } + // Store issue data + issTempID, err := models.CreateIssueTemplate(&issueTemp) + if err != nil { + logs.Error("创建issue 模板的数据失败, cveNum: ", cve.CveNum, "err: ", err) + return "", err + } + logs.Info("创建issue 模板的数据成功, issTempID: ", issTempID, "cveNum: ", cve.CveNum) + } else { + logs.Info("不需要更新issue模板及issue状态, its: ", its) } - logs.Info("创建issue 模板的数据成功, issTempID: ", issTempID, "cveNum: ", cve.CveNum) // Update issue status models.UpdateIssueStatus(cve, 2) // Update score status @@ -122,60 +141,62 @@ func CreateIssueToGit(accessToken string, owner string, path string, assignee st requestBody := CreateIssueBody(accessToken, owner, path, assignee, cve, sc, "", score, labels, its, 2, issueType, "", brandArray) logs.Info("isssue_body: ", requestBody) - resp, err := util.HTTPPost(url, requestBody) - if err != nil { - logs.Error("url: ", url, "创建issue失败, cveNum: ", cve.CveNum, "err: ", err) - return "", err - } - if _, ok := resp["id"]; !ok { - logs.Error("创建issue 失败, err: ", ok, "url: ", url) - return "", errors.New("创建issue失败") - } - var issueTemp models.IssueTemplate - CreateIssueData(&issueTemp, cve, sc, resp, path, assignee, issueType, labels, owner) - // Store issue data - issTempID, err := models.CreateIssueTemplate(&issueTemp) - if len(brandArray) > 0 { - var brandArrayTmp []string - for _, brand := range brandArray { - brandArrayTmp = append(brandArrayTmp, brand+":") + if requestBody != "" && len(requestBody) > 1 { + resp, err := util.HTTPPost(url, requestBody) + if err != nil { + logs.Error("url: ", url, "创建issue失败, cveNum: ", cve.CveNum, "err: ", err) + return "", err } - brandStr := strings.Join(brandArrayTmp, ",") - issueTemp.AffectedVersion = brandStr - } - if err != nil { - logs.Error("创建issue 模板的数据失败, cveNum: ", cve.CveNum, "err: ", err) - return "", err - } - logs.Info("创建issue 模板的数据成功, issTempID: ", issTempID, "cveNum: ", cve.CveNum) - // Create issue comment - affectedVersion := "" - if len(brandArray) > 0 { - for i, brand := range brandArray { - if brand == "" || len(brand) < 2 { - continue + if _, ok := resp["id"]; !ok { + logs.Error("创建issue 失败, err: ", ok, "url: ", url) + return "", errors.New("创建issue失败") + } + var issueTemp models.IssueTemplate + CreateIssueData(&issueTemp, cve, sc, resp, path, assignee, issueType, labels, owner) + // Store issue data + issTempID, err := models.CreateIssueTemplate(&issueTemp) + if len(brandArray) > 0 { + var brandArrayTmp []string + for _, brand := range brandArray { + brandArrayTmp = append(brandArrayTmp, brand+":") } - affectedVersion = affectedVersion + strconv.Itoa(i+1) + "." + brand + ":\n" + brandStr := strings.Join(brandArrayTmp, ",") + issueTemp.AffectedVersion = brandStr } - } else { - affectedVersion = affectedVersion + "\n" - } - errx := CreateIssueComment(accessToken, owner, path, assignee, cve, resp, affectedVersion) - logs.Info("issue评论创建结果, err: ", errx) - issueNum := resp["number"].(string) - issueID := int64(resp["id"].(float64)) - err = CreateDepositHooks(accessToken, owner, path, cve, issueNum, issueID) - if err != nil { - logs.Error("创建hooks 失败, cveNum: ", cve.CveNum, "err: ", err) - return "", err + if err != nil { + logs.Error("创建issue 模板的数据失败, cveNum: ", cve.CveNum, "err: ", err) + return "", err + } + logs.Info("创建issue 模板的数据成功, issTempID: ", issTempID, "cveNum: ", cve.CveNum) + // Create issue comment + affectedVersion := "" + if len(brandArray) > 0 { + for i, brand := range brandArray { + if brand == "" || len(brand) < 2 { + continue + } + affectedVersion = affectedVersion + strconv.Itoa(i+1) + "." + brand + ":\n" + } + } else { + affectedVersion = affectedVersion + "\n" + } + errx := CreateIssueComment(accessToken, owner, path, assignee, cve, resp, affectedVersion) + logs.Info("issue评论创建结果, err: ", errx) + issueNum := resp["number"].(string) + issueID := int64(resp["id"].(float64)) + err = CreateDepositHooks(accessToken, owner, path, cve, issueNum, issueID) + if err != nil { + logs.Error("创建hooks 失败, cveNum: ", cve.CveNum, "err: ", err) + return "", err + } + logs.Info("创建hooks 成功, cveNum: ", cve.CveNum) + // Update issue status + models.UpdateIssueStatus(cve, 2) + // Update score status + models.UpdateIssueScore(cve, 2) + // Update score record status + models.UpdateIssueScoreRe(cve, 1) } - logs.Info("创建hooks 成功, cveNum: ", cve.CveNum) - // Update issue status - models.UpdateIssueStatus(cve, 2) - // Update score status - models.UpdateIssueScore(cve, 2) - // Update score record status - models.UpdateIssueScoreRe(cve, 1) } } branchs := "" @@ -204,7 +225,13 @@ func CreateIssueToGit(accessToken string, owner string, path string, assignee st func UpdateIssueToGit(accessToken string, owner string, path string, cve models.VulnCenter, its models.IssueTemplate) (string, error) { logs.Info("更新模板请求参数: cve: ", cve, ",its: ", its, ", owner: ", owner, ",path: ", path) - labels := its.IssueLabel + //labels := its.IssueLabel + labels := "" + if its.IssueLabel != "" && len(its.IssueLabel) > 1 { + labels = its.IssueLabel + } else { + labels = beego.AppConfig.String("labelUnFix") + } pkgList, err := models.QueryPackageByCveId(its.CveId) pkgLink := "" var brandArray []string @@ -225,24 +252,26 @@ func UpdateIssueToGit(accessToken string, owner string, path string, requestBody := CreateIssueBody(accessToken, owner, path, its.Assignee, cve, sc, OpenEulerScore, score, labels, its, 3, its.IssueType, pkgLink, brandArray) logs.Info("isssue_body: ", requestBody) - resp, err := util.HTTPPatch(url, requestBody) - if err != nil { - logs.Error("更新issue失败, cveNum: ", cve.CveNum, "err: ", err) - return "", err - } - if _, ok := resp["id"]; !ok { - logs.Error("创建issue 失败, err: ", ok, "url: ", url) - return "", errors.New("创建issue失败") - } - // Store security bulletin related information - var sec models.SecurityNotice - CreateSecNoticeData(&sec, cve, path, its.AffectedVersion, its.OpenEulerScore) - secId, err := models.UpdateSecNotice(&sec) - if err != nil { - logs.Error("更新安全信息失败,CveNum: ", cve.CveNum, ",path: ", path, ",err: ", err) - return "", err - } else { - logs.Info("更新安全信息成功, secId: ", secId, ",cveNum: ", cve.CveNum) + if requestBody != "" && len(requestBody) > 1 { + resp, err := util.HTTPPatch(url, requestBody) + if err != nil { + logs.Error("更新issue失败, cveNum: ", cve.CveNum, "err: ", err) + return "", err + } + if _, ok := resp["id"]; !ok { + logs.Error("创建issue 失败, err: ", ok, "url: ", url) + return "", errors.New("创建issue失败") + } + // Store security bulletin related information + var sec models.SecurityNotice + CreateSecNoticeData(&sec, cve, path, its.AffectedVersion, its.OpenEulerScore) + secId, err := models.UpdateSecNotice(&sec) + if err != nil { + logs.Error("更新安全信息失败,CveNum: ", cve.CveNum, ",path: ", path, ",err: ", err) + return "", err + } else { + logs.Info("更新安全信息成功, secId: ", secId, ",cveNum: ", cve.CveNum) + } } } return "", nil @@ -505,7 +534,7 @@ func CreateSecNoticeData(sec *models.SecurityNotice, iss models.VulnCenter, path sec.CveNum = iss.CveNum opScoreLeve := openEulerScoreProc(opScore) sec.Introduction = "An update for " + path + " is now available for " + branchs + "." - sec.Theme = sec.Introduction[:len(sec.Introduction) - 1] + ";\n\n" + "openEuler Security has rated this" + + sec.Theme = sec.Introduction[:len(sec.Introduction)-1] + ";\n\n" + "openEuler Security has rated this" + " update as having a security impact of " + opScoreLeve + ". A Common Vunlnerability" + " Scoring System(CVSS)base score,which gives a detailed severity rating," + " is available for each vulnerability from the CVElink(s) in the References section." diff --git a/taskhandler/cve.go b/taskhandler/cve.go index 296947f..19feec8 100644 --- a/taskhandler/cve.go +++ b/taskhandler/cve.go @@ -22,7 +22,6 @@ import ( "time" ) - var GetCveDetailUrl = "https://openeuler.org/api-cve/cve-security-notice-server/cvedatabase/getByCveId?cveId=%s" var ( @@ -1057,15 +1056,22 @@ func InsertIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c issueTemp.IssueId = cveData.IssueId issueTemp.IssueNum = cveData.Number issueTemp.Assignee = cveData.IssueAssignee - if strings.ToLower(cveData.State) == "open" { + if strings.ToLower(cveData.State) == "open" || cveData.State == "待办的" || cveData.State == "开启的" { issueTemp.Status = 1 issueTemp.IssueStatus = 1 - } else if strings.ToLower(cveData.State) == "progressing" { + } else if strings.ToLower(cveData.State) == "progressing" || + strings.ToLower(cveData.State) == "started" || cveData.State == "进行中" { issueTemp.Status = 2 issueTemp.IssueStatus = 3 - } else if strings.ToLower(cveData.State) == "closed" { + } else if strings.ToLower(cveData.State) == "closed" || cveData.State == "已完成" { issueTemp.Status = 3 issueTemp.IssueStatus = 2 + } else if strings.ToLower(cveData.State) == "rejected" || cveData.State == "已拒绝" { + issueTemp.Status = 4 + issueTemp.IssueStatus = 6 + } else if strings.ToLower(cveData.State) == "suspended" || cveData.State == "已挂起" { + issueTemp.Status = 5 + issueTemp.IssueStatus = 6 } else { issueTemp.Status = 4 issueTemp.IssueStatus = 6 @@ -1130,8 +1136,8 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c opScoreLeve = openEulerScoreProc(opScore) } sec.Introduction = "An update for " + lop.Components + " is now available for " + lop.InfProduct + "." - sec.Theme = sec.Introduction[:len(sec.Introduction) - 1] + ";\n\n" + "openEuler Security has rated this" + - " update as having a security impact of "+ opScoreLeve + ". A Common Vunlnerability" + + sec.Theme = sec.Introduction[:len(sec.Introduction)-1] + ";\n\n" + "openEuler Security has rated this" + + " update as having a security impact of " + opScoreLeve + ". A Common Vunlnerability" + " Scoring System(CVSS)base score,which gives a detailed severity rating," + " is available for each vulnerability from the CVElink(s) in the References section." sec.AffectProduct = lop.InfProduct @@ -1300,7 +1306,7 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c issueTemp.IssueId = cveData.IssueId issueTemp.IssueNum = cveData.Number issueTemp.Assignee = cveData.IssueAssignee - if strings.ToLower(cveData.State) == "open" || cveData.State == "待办的"{ + if strings.ToLower(cveData.State) == "open" || cveData.State == "待办的" || cveData.State == "开启的" { issueTemp.Status = 1 issueTemp.IssueStatus = 1 } else if strings.ToLower(cveData.State) == "progressing" || @@ -1310,6 +1316,12 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c } else if strings.ToLower(cveData.State) == "closed" || cveData.State == "已完成" { issueTemp.Status = 3 issueTemp.IssueStatus = 2 + } else if strings.ToLower(cveData.State) == "rejected" || cveData.State == "已拒绝" { + issueTemp.Status = 4 + issueTemp.IssueStatus = 6 + } else if strings.ToLower(cveData.State) == "suspended" || cveData.State == "已挂起" { + issueTemp.Status = 5 + issueTemp.IssueStatus = 6 } else { issueTemp.Status = 4 issueTemp.IssueStatus = 6 @@ -1346,15 +1358,22 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c issueTemp.IssueId = cveData.IssueId issueTemp.IssueNum = cveData.Number issueTemp.Assignee = cveData.IssueAssignee - if strings.ToLower(cveData.State) == "open" { + if strings.ToLower(cveData.State) == "open" || cveData.State == "待办的" || cveData.State == "开启的" { issueTemp.Status = 1 issueTemp.IssueStatus = 1 - } else if strings.ToLower(cveData.State) == "progressing" { + } else if strings.ToLower(cveData.State) == "progressing" || + strings.ToLower(cveData.State) == "started" || cveData.State == "进行中" { issueTemp.Status = 2 issueTemp.IssueStatus = 3 - } else if strings.ToLower(cveData.State) == "closed" { + } else if strings.ToLower(cveData.State) == "closed" || cveData.State == "已完成" { issueTemp.Status = 3 issueTemp.IssueStatus = 2 + } else if strings.ToLower(cveData.State) == "rejected" || cveData.State == "已拒绝" { + issueTemp.Status = 4 + issueTemp.IssueStatus = 6 + } else if strings.ToLower(cveData.State) == "suspended" || cveData.State == "已挂起" { + issueTemp.Status = 5 + issueTemp.IssueStatus = 6 } else { issueTemp.Status = 4 issueTemp.IssueStatus = 6 @@ -1439,7 +1458,7 @@ func GenCveVulerByIssue(cveData models.GiteOriginIssue, cveRef string, openeuler if ok && cvd.CveNum != "" { if strings.ToLower(cveData.State) == "open" || cveData.State == "待办的" || strings.ToLower(cveData.State) == "progressing" || cveData.State == "进行中" || - strings.ToLower(cveData.State) == "started" { + strings.ToLower(cveData.State) == "started" || cveData.State == "开启的" { lock.Lock() upOk, upError := UpdateIssueCveGroups(cveData, hole, cveRef, openeulernum, 1, goe, cvd, owner) logs.Info(upOk, upError) @@ -1528,11 +1547,11 @@ func GetCveSecurityNotice(cveNumber string) bool { } defer resp.Body.Close() body, err := ioutil.ReadAll(resp.Body) - if err != nil || body == nil{ + if err != nil || body == nil { logs.Error(err) return false } - logs.Info("url: ", req.URL.String(),"获取官网数据: ", body) + logs.Info("url: ", req.URL.String(), "获取官网数据: ", body) var detail models.RespCveDetail err = json.Unmarshal(body, &detail) if err != nil { @@ -1585,12 +1604,13 @@ func GenerateExcelTask1() error { if err != nil { return err } - er := models.ExportRecord{FileName: fn,FileCode: common.EncryptMd5(fn),State: 1} + er := models.ExportRecord{FileName: fn, FileCode: common.EncryptMd5(fn), State: 1} err = er.Insert() return err } + //GenerateExcelTrigger generate cve&security notice excel file by pr merge and influence package release. -func GenerateExcelTrigger(fileName, startTime,fileCode string) { +func GenerateExcelTrigger(fileName, startTime, fileCode string) { //FilterCveExported() logs.Error("start。。。。。") dir := beego.AppConfig.DefaultString("fileDir", "download") @@ -1601,12 +1621,12 @@ func GenerateExcelTrigger(fileName, startTime,fileCode string) { fr := models.ExportRecord{FileName: fileName} err = fr.Read("file_name") if err != nil { - logs.Error("sddds",err) + logs.Error("sddds", err) return } fileName = filepath.Join(dir, fileName) du := "http://119.3.219.20:88/mkb/obs_update_info/openEuler-20.03-LTS.csv" - du = beego.AppConfig.DefaultString("rpUrl",du) + du = beego.AppConfig.DefaultString("rpUrl", du) localPath := filepath.Join(dir, "release-package.CSV") err = downloadPackageFile(localPath, du) if err != nil { @@ -1645,7 +1665,7 @@ func downloadPackageFile(localPath, url string) error { defer pkgLock.Unlock() if ex, _ := util.IsExistPath(localPath); ex { err := os.Remove(localPath) - if err != nil{ + if err != nil { logs.Error(err) } } -- Gitee