From ea221b7ea5694743f3bebd2215486e36b642ac08 Mon Sep 17 00:00:00 2001 From: zhangjianjun_code <7844966+zhangjianjun_code@user.noreply.gitee.com> Date: Wed, 4 Nov 2020 17:38:51 +0800 Subject: [PATCH] 1. Fix the bug of repeatedly creating issue; 2 Add new requirement processing to create the whitelist of the issue warehouse, the go part has been completed --- conf/app.conf | 4 +- conf/product_app.conf | 4 +- controllers/issue.go | 70 ++++++++ doc/excel/packagewhitelist.xlsx | Bin 0 -> 10143 bytes doc/md/packwhiteapi.md | 46 +++++ models/issue.go | 126 +++++++++++-- models/modeldb.go | 35 +++- routers/commentsRouter_controllers.go | 9 + routers/router.go | 5 + task/issuetask.go | 249 ++++++++++++++++++++------ taskhandler/createissue.go | 191 +++++++++++--------- taskhandler/cve.go | 5 +- 12 files changed, 592 insertions(+), 152 deletions(-) create mode 100644 doc/excel/packagewhitelist.xlsx create mode 100644 doc/md/packwhiteapi.md diff --git a/conf/app.conf b/conf/app.conf index 5155786..51b8331 100644 --- a/conf/app.conf +++ b/conf/app.conf @@ -25,7 +25,6 @@ fileDir = "download" rpUrl = "http://119.3.219.20:88/mkb/obs_update_info/openEuler-20.03-LTS.csv" [mysql] - dbhost = "${DB_URI||127.0.0.1}" dbport = 3306 dbuser = "${DB_USER||root}" @@ -72,6 +71,7 @@ printlog = 0 */20 * * * * #email = 1499273991@qq.com #redirect_uri = http://119.8.126.102:80/v1/issue/oauth/callback # -------jianjun gitee 配置 -------- +#owner = src-openeuler owner = cve-test path = jasper email = 7844966+zhangjianjun_code@user.noreply.gitee.com @@ -101,6 +101,8 @@ cveref = https://nvd.nist.gov/vuln/detail/ openeulernum = 3000 # Import cve as data after 2018 cve_number = 2018 +# Create an issue's warehouse whitelist;1: open; 2: close +issue_whitelist = 2 [reflink] comment_cmd = https://gitee.com/openeuler/cve-manager/blob/master/doc/md/manual.md diff --git a/conf/product_app.conf b/conf/product_app.conf index 72e9d6a..459c61b 100644 --- a/conf/product_app.conf +++ b/conf/product_app.conf @@ -60,7 +60,7 @@ genexcelflag = 1 genexcel = 00 00 04 * * * days = -30 prcnum = 50 -printlogflag = 2 +printlogflag = 1 printlog = 0 */10 * * * * @@ -94,6 +94,8 @@ cveref = https://nvd.nist.gov/vuln/detail/ openeulernum = 3000 # Import cve as data after 2018 cve_number = 2018 +# Create an issue's warehouse whitelist;1: open; 2: close +issue_whitelist = 2 [reflink] comment_cmd = https://gitee.com/openeuler/cve-manager/blob/master/doc/md/manual.md diff --git a/controllers/issue.go b/controllers/issue.go index 2d47c21..2f50b0c 100644 --- a/controllers/issue.go +++ b/controllers/issue.go @@ -2,6 +2,7 @@ package controllers import ( "cvevulner/errcode" + "cvevulner/models" "encoding/json" "github.com/astaxie/beego" "github.com/astaxie/beego/logs" @@ -16,6 +17,17 @@ func (c *IssueOathCallbackController) RetData(resp map[string]interface{}) { c.ServeJSON() } +type IssueRepoWhiteData struct { + RepoId int64 `json:"id"` + PackageName string `json:"packageName"` + Version string `json:"version"` + Branchs string `json:"branchs"` + Status int8 `json:"status"` + CreateTime string `json:"createTime"` + UpdateTime string `json:"updateTime"` + DeleteTime string `json:"deleteTime"` +} + // @Title UserLogin // @Description UserLogin // @Param body body models.User true "body for user content" @@ -33,3 +45,61 @@ func (c *IssueOathCallbackController) Post() { logs.Info("登录请求参数:", &req) return } + + +type CveIssueWhiteListController struct { + beego.Controller +} + +func (c *CveIssueWhiteListController) RetData(resp map[string]interface{}) { + c.Data["json"] = resp + c.ServeJSON() +} + + +// @Title Get issuewhitelist +// @Description get packages +// @Param status int true (0,1,2) +// @Success 200 {object} models.IssueRepoWhitelist +// @Failure 403 :status is err +// @router / [get] +func (u *CveIssueWhiteListController) Get() { + req := u.Ctx.Request + addr := req.RemoteAddr + logs.Info("Method: ", req.Method, "客户端请求的:addr: ", addr, "Header: ", req.Header, "body: ", req.Body) + resp := make(map[string]interface{}) + var ird []IssueRepoWhiteData + resp["errno"] = errcode.RecodeUnknowErr + resp["errmsg"] = errcode.RecodeText(errcode.RecodeUnknowErr) + resp["body"] = []IssueRepoWhiteData{} + defer u.RetData(resp) + status, err := u.GetInt8("status", 0) + if err != nil { + logs.Error("status, err: ", err, ", status: ", status) + resp["errno"] = errcode.RecodeParamErr + resp["errmsg"] = errcode.RecodeText(errcode.RecodeParamErr) + return + } + issueWhiteData, issueErr := models.QueryIssueWhitelist(status) + if issueErr == nil && len(issueWhiteData) > 0 { + for _, issues := range issueWhiteData { + var irda IssueRepoWhiteData + irda.CreateTime = issues.CreateTime + irda.Status = issues.Status + irda.Version = issues.Version + irda.PackageName = issues.PackageName + irda.UpdateTime = issues.UpdateTime + irda.RepoId = issues.RepoId + irda.DeleteTime = issues.DeleteTime + irda.Branchs = issues.Branchs + ird = append(ird, irda) + } + resp["body"] = ird + resp["errno"] = errcode.RecodeOk + resp["errmsg"] = errcode.RecodeText(errcode.RecodeOk) + } else { + resp["errno"] = errcode.RecodeNodata + resp["errmsg"] = errcode.RecodeText(errcode.RecodeNodata) + return + } +} \ No newline at end of file diff --git a/doc/excel/packagewhitelist.xlsx b/doc/excel/packagewhitelist.xlsx new file mode 100644 index 0000000000000000000000000000000000000000..1fc7a53c3b41641c9f00853377a5611a6d273ff2 GIT binary patch literal 10143 zcmeHtWl&w)vM%mq;RLtfu0ex43k&WL+}+*XA!u-dI|O%^pdq+xfZ&0kZ;_m{vy-#m zsrP=~synJ+&VrUPzV6whtGnf;A)ye!o>qwLhQQPF-wPh}VrcV5-rmO6fl(erh5`Bm z+z+zvh;ENO;9y`j5MW>^e<#zowPkR%vdoMhlY(T%2)gn=MyaXXj|ojo#SrX^Qmbl? zN#(K9qkwPvoO7wZ)QI85WEW51Rl=>uJTE7}4~aMe6U(8U^z1c>d}X$ZD~c6f=2Vb| z0&j4Et&tg92Dg`P068<^vlyr{cuVlUP8&ow^9+uQ)v50NWPlAe9+97s^M;pEU2dbI z4lV(HbNt-AhHz3?d#bjt`M`J*JXLLQA+o8xUyfVo`9Q`pbzlR>ZWMx;dibRk9Ratt zTRt(rPS)xwA%B(*3+lb&=OOR9%CVdbM?Wg(04u?b(0+#XZh2@|<&VnQy1tZNYtba@ z6d4DYU{N=ono}QfAFarz9!kDulCAvb;nB7S^ zX~>J&Ahw7?*EbhIZ~C=XBIS7n&wIB}@ef_e5ii@pwNO}ka3S9E+IpfCI|Q1|86 z9aj)QDe9RD2EY^Usz-OsgUR0VGa?Pa7c0*#a!#vV&CvI$a!&G8QdAw^mNAClR{KQj zs$9kN6cw|CXu}H}R%IpMR)v>p(Z;^?aHg+k8HODY-le(2E6RUPqqy!18!PFV=&j64 zF}{7IT`N*X3@v%iOKv30K%F{W<5_+ZhkINrSu}w4$gIPbpWTN^Z$jCh=ZoCt=caX(bffM0{JQk~b7?)4}zb{wUM8vogocgy-ogjeNu`12^LWExVv_co0g7QMi)(f7RS!i>yEQb_AX zM*m2Se$9w}t(t@4>eND~>IwM-*FQ%INDy4EmOtXdKNCFrN#J5*Z{c8SWaRi~EJ3mK z-!lWbw<0tc*z^CO{lUWg!_$?3Hj7M1ZGbr+6vs-V_mV9zcHs=_)ev~{Ww)HPECh&2 z^gzXph7RvU%lFS%EZfx3%wD~Um($SV{}g`M#a*19VJs;H&nARjGrw~&aJ5(qNaP$( z_orPJkj?6vJlMW|?;+ekns(;RiB7&Mlb!pBiK`3+|-`IlLAY*yf-OO2ik>4DTex>dPEQ9vnV*$QP}naY^`py=?w402i=JLEr?iB$>)8}WNwMIR?}eB zd);l1gpFMT%`R~3|rkr|uqGJH0;kCA(w<@dl!M|Q7oi;a4i+tfA{ z{w{u56lDU@1b@KNk)-sfHar2myaIZ{7%tG5R`RSw;-&4bs4^RktX;GFP7eL|_n0w# zGY`djNR-U!Up-=6Q*d?D;&;*E*k-1;QX{iq=X__wy1S3jvpLa9H^_DNTIxt#-my;% z3r@paGJcZRJ!983U$wnMDmkF8*fVl=QsTl156?VYE4|39@iQ~s)OB+nOU;tYPnjtA zf@$KB&ly2}uqh>^mBib!RVJEG?zXc6i5$(f-?>`Ke+n(4yr-JzDZX60P+8AZ`S{{_y2Tz|MOM#l<|V@GDlM*E2BR$-s=Z^lqeW5uoS$X8Ny#= zKZt)^P)F*kHhAp#KH?ibRbRanoWKg|?ZM^Trg(>=8nD(dDg!L(Y+kpRcI0gNe`G{r&xo#qLG{532C3 zh{W(_p(>y5DN2~vt9-kO3+s!P-C5ojn9(6Arzvc0)Nv~XQCF)ip`Vo{Nd5J^=sw#` zBPL1BzD>>t^r*etg%8uW?iCHhYz@~lqdEbfh?<+SFQ{q8(8u+l>PL-jdxfizmA%XV zaB)^D-m&Bb=CdN!pV#B7P?k@4lDcR1tXJK%s>e>5Y)h#jRp2&-olo!O7Oa=OxLc@x zv0m=J^5}r(LStj#=V?(HdNob8&+J)_+Rb{LIvl*BOoOQ^E%p6DeXcw!RGqel%7|HI4m3}IDsi;n;09g}L&vmC^ zRNv5axQ0Bqao}*RVNtuR<8%UJcv|Xk{WYlHe5?;oe$bTnov=lSa|`t)KFfw>3r0K4 zNxc+8Rt_=l+1?bL7_Ul%0e$y}racG&NE{V5G4r%o)Ndpyi=4P{;p~vDvbOsD&%WDR zOPmW$VY4X!k9(km4Mz9cyuTeCn8-~Wn8W~%`S@C|de-l6L$2CC)MW%May|=3)b+X_ zBGO$F?co1@_Nixl__QYU@v;SW+~=VV9}b5tVXtpD#>eC4x-TzA*ZaH*s-5~I8}4{I zRKhU|Kbw!x&$^$fV#|axPGuZY;0ha%r-X`+@EVF zKocL;4t^5^iH06@flq|4n7d3bMbPq9Ue|U=9AP=PD9Ef>^2TuuYRYnwBdU{enkBRA zQ?!+{buN~Pk%mp27dAY+pL*DdS2sSZPCt539!tCzesykFr2%F#{Cqk>N9chB^t)$p zn?Mm0An8Km zB(m8-vluC~+yx-rP#X&6#0OPA;EP!5eSzFSX->wpb;Si-KwC%6`?2O%A#=kd)eGywJgvDQ zwVPtH{SufdtXBP|qUfB|wMmH73KK`b6y(;ddhy9A?y@{7wiR1OiR-RjK}!LAaDL}qQfUP|n;!v;pOsO2HZFka5Q z{pQft$iQ#(jhVfYqR#cuhb+f!QEzMD-nqdS5dg)puoDvc_Okcczl=BmzH^$nlX24Y zyh-%^TwqPXjJUQiq}m;PUp-`56tMfEwoh0bKt32xa|L-G>Z$VNd=RP?&uv<=;wuG_i|%!B+^Vp- zo;7cRlI-zVsm4<#Ou>%M%Z!GGRQm{rG{-(^=78GG6mk;Tk#gBdx&-K;$98vAk!on$f^3#u}T zDuv1+_&jA7&_+ znjt{pgn52!W*dNUONq8kvWbU{0xBP~MXkBI3RrEo%7n!91F|URwu%MqY)1dcr3~lE zMr%J)%1aS=trsNsfN%UXo?1FHOrUYXzl@)7e1@C7yvVXc_V z6ld$q4)V*Bt!7P@_IEsEo@+`wqxob_&AB=3)Hv9m(nV!z%vIMDXquXz98O{cr(pVwZUii@?a^P)>vbpA)gha1%Ke_yG)fFd-+^v779bcH^3O}o!O_jq$l)oI z`K0w|v)GUM=+*fE>pvgtoI>wCjZKj}t;XR8aU@Sn&6JIUq>*b0fw3Q_q*wVomL1sU zH0VomG=&L0TR&Jsgk^IOOuv_Qm=%Wcy<@Ir^KDB)G}>|~1_30h)iX4r>he{=u7`^Mbw>n>fes_3IbK z3V10EwAR**J$}q^kU0m)%T@H|`{X1yJC}r7Ga@AB<(rqCiOZ_qC$%})I^T6JPKDQ} zVi>gJXUWa3KGCwSE_;%H|3O6b_gz}V%N1D1;UNE;X2&nS=nCn2{{YHR?QwBzi@0cVvv?g1fVF;(IM?MNNhSKlmq88~K1^-(B57}&i@W=_2Gi&6 z;{J3W3mD#86l(@0_=BG=ntQ-k8o)(aj9C?PI*)QU7&;qvsik=E2KNs8Mx5DKXXMGS zD?#4)^A;y3kVj;*O?04Pk^(*z(BMx6MdTXe@=Iz|gg9)xcfq~fjt>eWlC32jIfJ0n zluy;{`;>&Wp&$2k{=9gKZDN%rLI0UD5@e?qTC%GiTIcgY=M2Zr(h^f8C{>P^&&HVQ zJU{!Qle}uT^MrdtiVd?ixT@i}>fdtZb*`pzGDn;xu*T&KP_JIi5jS9Z09dh6yq!JZ zzI(0dEXje9)Kr+(=*Zr!b6FHTY%)uq>KB^oFpR|~ zsvup{Qs!S`h9pjPpq24N5#*hmrS@XNbY;qR*#VuLxZNd<{D$8qC6cG;Xad#4tJ_t? zeV_-}-|6OhYQxVeVXIlU_dj3*_u0Ih8!mERvpa`L-dO>*)Aa^O?)*z4^A+v(F~CbHr##A%JBT{6EH>vy9HU5{n~gV}Lt2z*9tiP3Xrh7a3a5#F5xyI1pYgrSJ7rC)-KJGTfU*qYL8$JSUzId+Tf zY&%brA|XbX##HNkPZBC~e`;H0@*QRcMv#tbUSe1ZN6fZY>ba~w+;GwDj2&@1xl&7ai%;vOli`8xuNNH-d@~S zeIF`QNR$-V1E;c0P?3n3Cu0;jdLa*Xf=?U)L@PO|5=(k$lvK6l&bG~j!U&e74G8yU zskE$790Xs5v-RD;UmG3^EIVa<&O0EM*IPkWx(nt=YmgH;MNas3=u^4dOhABQ`95Ux z5(-snNIK0nQs(C*`d3OpO4)CUjW2T|MS8w|!E-}BgF&_~344*mS!ArTB2ix>rWlsj z8C#zwp(v)p(L^mp!-Q4B8>?r-Zk6v_Mn^)8mo$teNn=67lbr7>!s=OSWEiF66Qiy91U<&YZJ(9h#n#Z)* zW`08*gi-JA&ItD3hapu3#&<0q6dGad-*%@l-Rv9;tsY1E_^`O&tsO>;Q*=B?fqfDG znqwe@Q93zdHe?(;H#1awo7VzBhfib|fuP7|wF17F2n~~1%QTt}j{dsr_HePXr%IIJ zb%VN1YQP`YTd6A}ZH}ld0zl12#XMfiv^KiPn(oz@fsS3w5nsC&Pfs7rc|mMHDINJ* zfCFnGoLh1#v>*0r)n)uEKi(rp6da)hDz!C|?%g_0HqXPNcv#cPB6uB5tCuHMQYFRv zM;;H`n~mu!N>&Z^FShywkLQdglthIz>R){4@l9EoA)HW+)~#q4?31J;PIoCybUjHs z%d1hO3-+Q4%zP+g9(iw;Lt?2m#~;!VYA(Wj?Dc7?;u@3!3s6R3ZSOL8Z_u)FR=wE@ zq6-u!ED1BiIIJZq8x_*u2&s1EmM}RM3Brg z;b$Aj;`CmykB@T_na7ZGEc=VonG*!&yKls#dVF$Q7jlfUMERt2PI|Ry;)ZwIN2f$Y z(O|eKzP~J{8zE#$Axl>;5ag_wqRacTG`gPXhGvp z{bshb=prZbdjkKTgurK_Lk;LvVO* zM79d!XEoH1>mLO6VDxggd7Wd8)#AZ@GmKeoxu=juUM5K&%P1)}7tyWeuJWW-B&W{C z8W*Y!yzk1Ggm;`}Yt+Mn#guiNLICHZTK08*#Vf%|$FJW*J`gSQ^lHLxjb*8ra!MSAV?vH z#Z(6Xx{89^oC62GbymLn^fE-&mF&KTK7RA%=^`e|)pf;(LrtB~bkm5fYvc=K@fj;k z@pU}#Rt~VN?uieJ8!bGVKrfF0`B{xA6${|&@|!fB)dihWi_G#PE8({o#pj4cCVK zD+k9EsHEv>K8}vpDznV6$}38YNq>|Z8kPQ_jDT!6T`#Xl#UMEzlhMIvv0qn~dZG-YK6*YC$)MrN7j}l`*y4ev%i809G{B7)Qie#`R(fyk~Xwl*@ z>OP#}V)7=g8!;Fdju*|4e63Oa2{Sf=GT+v;MZ57Qu3pPPv>$oQw?Kah_Ypt+B_T0C8 zk#&`Ot@|aIAZ@b9q`w&hG68(kEud$%zHDt$MI4zT5(PFKw(b~j-d&@@yjbt0j)?1G zyM0u*HyvoU)AQC2q?b3l}tQpLbXE`}wF1 zw~3@|(7@yfBvyPAM&c`Ar`jglh&y469+Dujg=-j&R{Q08Z;I=q^#t53!&|k+s8EmY zB8|A}A!$t2PqT3kI5MNV>MS>px0h!>dZYhbxdT<^z;x}6 zEdOjSd2l+nK7#(Y3Ni@dUo;F)l;!c`QoT$l{l}ml^-ep`1rv4Nk&*NeXz1meBJ(&w zfgZ1Z)ZQkjKsVD2806i2Orn?QuBnzS!uVF;xe5qV=*HGJoDx{P%cGbV7SKZ zonDO`yGVtUl^fF|i)sa>ybfR5*6OgMOC8XXB?>3c9{VmZJ-yrA6*s9_HzL6uNS=G} z_=07icPrWL6}zs4{TY3!%ah~&GnW6Vg8mbn#MfVOZb2~4fSMt=peHCm{3Lto?)}@# zf1ulzFk=40)q@@aQoQIF&4l6OYN>-P7cU?K`MgmySL_&p@pxIvRT zfI?zd`OM)s0J#su7qtm(o05% z`--lMI1(+1J+>N?7!SF!5+)%DQl@A@uRk1R338VTaRTD?LFa^wbsLsnu=j9gEGskg z%CYltV;zMre5Slb)%qH|J#(edS!@2P1tlSk;n1eL{@8GeZ3RsM+*TrEIqc~4uncFw>#E=*t_!xo%2A?ePEWd_ zARzi?mpY1jcql#V)47E!MPRTd4u3}s+pN^N`QbCSFO>ttwbA|I^n$v@ocBVadx@yo z$F%`^p#`rJv(?LrxaJP3r3vxJZoj)v14ll$Yo~TZ-k^RqI0VLzJMQN|%b!*P843&> zj2QG=k>nq3_EW$=e?U*c=;wNxjVUAi6`Fom`e$%@;`ym`;xC>bAJczR_Vl&>Tu;iL z*577!e%JTs)Xo#}PkoesXZzO-&z}(eIg0X&I~L^Le<}U 0 { + logs.Info("cve_issue_repo_whitelist 查询结果:", irw) + } else { + logs.Info("当前创建issue白名单为空, cur_time:", common.GetCurTime(), "err: ", err) + } + return irw, err + } else { + num, err := o.Raw("select repo_id,package_name,version,branchs,status,create_time,"+ + "update_time,delete_time"+ + " from cve_issue_repo_whitelist where status = ? ", status).QueryRows(&irw) + if err == nil && num > 0 { + logs.Info("cve_issue_repo_whitelist 查询结果:", irw) + } else { + logs.Info("当前创建issue白名单为空, cur_time:", common.GetCurTime(), "err: ", err) + } + return irw, err + } +} + +//QueryIssue query center +func QueryIssueByPackName(packName, version, days string, prcnum int) ([]VulnCenter, error) { + o := orm.NewOrm() + var vc []VulnCenter + num, err := o.Raw("select cve_id,cve_num,cve_desc,cve_version,repair_time,"+ + "pack_name,cve_url,cve_level,data_source,update_time,is_export,cve_detail_url"+ + " from cve_vuln_center where pack_name = ? and cve_version = ? and " + + "update_time >= ? and cve_status in (?, ?) "+ + "order by cve_id asc limit ?", packName, version, days, 0, 1, prcnum).QueryRows(&vc) + if err == nil && num > 0 { + logs.Info("cve_vuln_center 查询结果:", vc, "查询条件: packName: ", packName, ", version: ", version) + } else { + logs.Info("当前无cve,需要提交issue, cur_time:", common.GetCurTime(), "err: ", err) + } + return vc, err +} + //QueryIssue query center func QueryIssue(days string, prcnum int) ([]VulnCenter, error) { o := orm.NewOrm() @@ -178,7 +222,7 @@ func UpdatePackageByCveId(pkgStr string, cveId int64) error { return nil } -func ReplacePackageByCveId(pkgList []string,cveId int64) error { +func ReplacePackageByCveId(pkgList []string, cveId int64) error { //===== 先删除 再修改 ===== sec := struct { SecId int64 @@ -192,20 +236,20 @@ func ReplacePackageByCveId(pkgList []string,cveId int64) error { delPkgSql := `DELETE FROM cve_package WHERE sec_id = ?` _, err = o.Raw(delPkgSql, sec.SecId).Exec() if err != nil { - logs.Error("delete cve_package error:",err) + logs.Error("delete cve_package error:", err) } pkgData := make([]Package, 0) for _, v := range pkgList { - if strings.Trim(v," ")==""{ + if strings.Trim(v, " ") == "" { continue } platform := "source" - if strings.Contains(v,".x86_64."){ - platform = "x86_64" - } else if strings.Contains(v,".aarch64.") || strings.Contains(v,".aarch64."){ + if strings.Contains(v, ".x86_64.") { + platform = "x86_64" + } else if strings.Contains(v, ".aarch64.") || strings.Contains(v, ".aarch64.") { platform = "aarch64" } - pkgUrl := fmt.Sprintf(`https://repo.openeuler.org/openEuler-20.03-LTS/update/%s/Packages/%s`,platform, v) + pkgUrl := fmt.Sprintf(`https://repo.openeuler.org/openEuler-20.03-LTS/update/%s/Packages/%s`, platform, v) pv := Package{SecId: sec.SecId, PackName: v, PackUrl: pkgUrl} pkgData = append(pkgData, pv) } @@ -221,17 +265,51 @@ func QueryPackageByCveId(cveId int64) ([]Package, error) { return res, err } +func InsertIssueTemplate(it *IssueTemplate) (issTempId int64, err error) { + o := orm.NewOrm() + if issTempId, err = o.Insert(it); err == nil && issTempId > 0 { + logs.Info("insert cve_issue_template success, issTempId: ", issTempId, "cveNum: ", it.CveNum) + } else { + logs.Error("insert cve_issue_template failed, cveNum:", it.CveNum, "err: ", err) + return 0, err + } + return issTempId, nil +} + +func UpdateIssueTemplateAll(it *IssueTemplate) (issTempId int64, err error) { + o := orm.NewOrm() + if num, err := o.Update(it); err == nil { + logs.Info("update cve_issue_template success, num: ", num, "cveNum: ", it.CveNum) + } else { + logs.Error("update cve_issue_template failed, cveNum:", it.CveNum, "err: ", err) + return 0, err + } + return it.TemplateId, nil +} + +func DeleteIssueTemplate(issTempId int64) error { + o := orm.NewOrm() + var it = IssueTemplate{TemplateId: issTempId} + id, dErr := o.Delete(&it) + if dErr == nil && id > 0 { + logs.Info("delete cve_issue_template success, issTempId: ", issTempId) + } else { + logs.Error("delete cve_issue_template failed, issTempId: ", issTempId) + } + return dErr +} + func CreateIssueTemplate(it *IssueTemplate) (issTempId int64, err error) { o := orm.NewOrm() var localIt IssueTemplate errx := o.Raw("select *"+ " from cve_issue_template where cve_num = ? and issue_num = ?", it.CveNum, it.IssueNum).QueryRow(&localIt) - if errx != nil || localIt.IssueId == 0{ + if errx != nil || localIt.TemplateId == 0 { var issTempId int64 if issTempId, err = o.Insert(it); err == nil { logs.Info("insert cve_issue_template success, issTempId: ", issTempId, "cveNum: ", it.CveNum) } else { - logs.Error("insert issTempId failed, cveNum:", it.CveNum, "err: ", err) + logs.Error("insert cve_issue_template failed, cveNum:", it.CveNum, "err: ", err) return 0, err } return issTempId, nil @@ -240,7 +318,7 @@ func CreateIssueTemplate(it *IssueTemplate) (issTempId int64, err error) { if num, err := o.Update(it); err == nil { logs.Info("update cve_issue_template success, num: ", num, "cveNum: ", it.CveNum) } else { - logs.Error("update issTempId failed, cveNum:", it.CveNum, "err: ", err) + logs.Error("update cve_issue_template failed, cveNum:", it.CveNum, "err: ", err) return 0, err } return it.TemplateId, nil @@ -374,3 +452,31 @@ func GetIssueTplGroupByRepo() (list []IssueTemplate, err error) { _, err = o.QueryTable("cve_issue_template").GroupBy("repo").All(&list) return } + +func CreateIssueRecord(icr *IssueCreateRecord) (issueRecordId int64, err error) { + o := orm.NewOrm() + var localIcr IssueCreateRecord + errx := o.Raw("select *"+ + " from cve_issue_create_record where cve_id = ? and cve_num = ? and cve_version = ?", + icr.CveId, icr.CveNum, icr.CveVersion).QueryRow(&localIcr) + if errx != nil || localIcr.IssueRecordId == 0 { + var issueRecordId int64 + if issueRecordId, err = o.Insert(icr); err == nil { + logs.Info("insert cve_issue_create_record success, issueRecordId: ", issueRecordId, ", cveNum: ", icr.CveNum) + } else { + logs.Error("insert cve_issue_create_record failed, cveData:", icr, ", err: ", err) + return 0, err + } + return issueRecordId, nil + } else { + icr.IssueRecordId = localIcr.IssueRecordId + if num, err := o.Update(icr); err == nil { + logs.Info("update cve_issue_create_record success, num: ", num, ", cveNum: ", icr.CveNum) + } else { + logs.Error("update cve_issue_create_record failed, cveData:", icr, ", err: ", err) + return 0, err + } + return icr.IssueRecordId, nil + } +} + diff --git a/models/modeldb.go b/models/modeldb.go index ff54b79..e7cd474 100644 --- a/models/modeldb.go +++ b/models/modeldb.go @@ -38,7 +38,7 @@ type VulnCenter struct { CveNum string `orm:"size(256);column(cve_num);index" description:"cve编号"` Description string `orm:"size(8192);column(cve_desc)" description:"cve描述"` CveLevel string `orm:"size(32);column(cve_level)" description:"致命(Critical);严重(High);中等(Medium);一般(Low);其他"` - Status int8 `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化;2:已创建issue; 3: 数据创建失败"` + Status int8 `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化;2:已创建issue; 3: 数据创建失败; 4:不符合创建issue条件数据(cve年份不符合要求)"` CveVersion string `orm:"size(128);column(cve_version)" description:"cve归属版本"` RepairTime string `orm:"size(32);column(repair_time)" description:"cve修复时间"` PackName string `orm:"size(512);column(pack_name)" description:"cve对应得包名称"` @@ -292,7 +292,7 @@ type OriginUpstream struct { CnvdID string `orm:"size(256);column(cnvd_id);null" description:"Cnvd_id"` PublishedDate string `orm:"size(32);column(published_date);null" description:"漏洞发布日期"` VulStatus string `orm:"size(64);column(vul_status);null" description:"漏洞状态,REJECT, DISPUTED"` - Status int8 `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化;2:数据已处理"` + Status int8 `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化;2:数据已处理;3:错误数据;4:版本信息错误;5:cve年份不符合要求"` AffectedScope string `orm:"size(512);column(affected_scope);null" description:"影响范围推理"` Version string `orm:"size(64);column(version);index" description:"包对应的版本号"` AttackLink string `orm:"size(512);column(attack_link);null" description:"攻击链路推理"` @@ -327,7 +327,7 @@ type SecurityReviewer struct { } type IssueAssignee struct { - Id int64 `orm:"pk;auto"` + Id int64 `orm:"pk;auto"` Assignee string `orm:"unique" description:"码云空间地址"` } @@ -572,6 +572,34 @@ type EmailList struct { EmailType int8 `orm:"index;column(email_type);default(1)" description:"1: excel导出列表"` } +type IssueRepoWhitelist struct { + RepoId int64 `orm:"pk;auto;column(repo_id)"` + PackageName string `orm:"column(package_name);size(256);index" description:"包名称"` + Version string `orm:"size(64);column(version);index" description:"版本号"` + Branchs string `orm:"size(512);column(branchs);null" description:"仓库对应的分支"` + Status int8 `orm:"default(1);column(status)" description:"1: 新增; 2:删除"` + CreateTime string `orm:"size(32);column(create_time)"` + UpdateTime string `orm:"size(32);column(update_time);null"` + DeleteTime string `orm:"size(32);column(delete_time);null"` +} + +type IssueCreateRecord struct { + IssueRecordId int64 `orm:"pk;auto;column(id)"` + CveId int64 `orm:"index;column(cve_id)" description:"VulnCenter 外键"` + CveNum string `orm:"size(256);column(cve_num);index" description:"cve编号"` + Description string `orm:"size(8192);column(cve_desc)" description:"cve描述"` + CveLevel string `orm:"size(32);column(cve_level)" description:"致命(Critical);严重(High);中等(Medium);一般(Low);其他"` + Status int8 `orm:"default(1);column(status)" description:"1:已创建issue;2:未创建issue;3:创建失败; 4: 已导出"` + CveVersion string `orm:"size(128);column(cve_version)" description:"cve归属版本"` + RepairTime string `orm:"size(32);column(repair_time)" description:"cve修复时间"` + PackName string `orm:"size(512);column(pack_name)" description:"cve对应得包名称"` + NVDScore float64 `orm:"digits(10);decimals(1);column(nvd_score)" description:"nvd 评分"` + NvectorVule string `orm:"size(256);column(n_vector_value)" description:"nvd vector 原始值"` + CreateTime string `orm:"size(32);column(create_time)"` + UpdateTime string `orm:"size(32);column(update_time);null"` + DeleteTime string `orm:"size(32);column(delete_time);null"` +} + func CreateDb() bool { BConfig, err := config.NewConfig("ini", "conf/app.conf") if err != nil { @@ -594,6 +622,7 @@ func CreateDb() bool { new(OriginUpstreamFixSuggest), new(OriginUpstreamFixSuggestRefTag), new(OriginUpstreamFixSuggestRef), new(GiteOriginIssue), new(OriginExcel), new(ExportRecord), new(GitRepoGroups), new(GiteRepo), new(GiteRepoMember), new(GiteRepoBranch), new(PackageCpe), new(EmailList), new(IssueAssignee), + new(IssueRepoWhitelist), new(IssueCreateRecord), ) logs.Info("table create success!") errosyn := orm.RunSyncdb("default", false, true) diff --git a/routers/commentsRouter_controllers.go b/routers/commentsRouter_controllers.go index c9f06f0..e2a9396 100644 --- a/routers/commentsRouter_controllers.go +++ b/routers/commentsRouter_controllers.go @@ -25,6 +25,15 @@ func init() { Filters: nil, Params: nil}) + beego.GlobalControllerRouter["cvevulner/controllers:CveIssueWhiteListController"] = append(beego.GlobalControllerRouter["cvevulner/controllers:CveIssueWhiteListController"], + beego.ControllerComments{ + Method: "Get", + Router: "/", + AllowHTTPMethods: []string{"get"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + beego.GlobalControllerRouter["cvevulner/controllers:FileController"] = append(beego.GlobalControllerRouter["cvevulner/controllers:FileController"], beego.ControllerComments{ Method: "DownLoadExcelByFileCode", diff --git a/routers/router.go b/routers/router.go index 568a177..d072cc8 100644 --- a/routers/router.go +++ b/routers/router.go @@ -68,6 +68,11 @@ func init() { &controllers.CveErrorFeedBackController{}, ), ), + beego.NSNamespace("/cve/issue/whitelist", + beego.NSInclude( + &controllers.CveIssueWhiteListController{}, + ), + ), ) beego.AddNamespace(ns) } diff --git a/task/issuetask.go b/task/issuetask.go index 40d6225..2e6cf7f 100644 --- a/task/issuetask.go +++ b/task/issuetask.go @@ -59,6 +59,21 @@ func GetGiteeToken() error { return nil } +// Assemble issue record data +func GenIssueRecordData(icr *models.IssueCreateRecord, issueValue models.VulnCenter, sc models.Score, status int8) { + icr.CveId = issueValue.CveId + icr.CveNum = issueValue.CveNum + icr.Description = issueValue.Description + icr.CveLevel = issueValue.CveLevel + icr.Status = status + icr.CveVersion = issueValue.CveVersion + icr.RepairTime = issueValue.RepairTime + icr.PackName = issueValue.PackName + icr.NVDScore = sc.NVDScore + icr.NvectorVule = sc.NvectorVule + icr.CreateTime = common.GetCurTime() +} + //CreateIssue Create issue func CreateIssue() error { defer common.Catchs() @@ -83,69 +98,201 @@ func CreateIssue() error { logs.Error("config crontab::prcnum error:", ok) return ok } + issueWhitelist, ok := BConfig.Int("cve::issue_whitelist") + if ok != nil { + logs.Error("config cve::issue_whitelist error: ", ok) + return ok + } beforeTime := common.GetBeforeTime(days) - for ; ;{ - cveData, err := models.QueryIssue(beforeTime, prcnum) - if err == nil && len(cveData) > 0 { - logs.Info(cveData) - } else { - logs.Info("无cve数据可以使用, 当前时间: ", common.GetCurTime(), ", err: ", err) - return err - } - accessToken := os.Getenv("GITEE_TOKEN") - if accessToken == "" || len(accessToken) < 1 { - logs.Error("issue token 获取失败, 当前时间: ", common.GetCurTime()) - return err + if issueWhitelist == 1 { + issueWhiteData, issueErr := models.QueryIssueWhitelist(1) + if issueErr == nil && len(issueWhiteData) > 0 { + for _, issues := range issueWhiteData { + for ; ; { + cveData, err := models.QueryIssueByPackName(issues.PackageName, issues.Version, beforeTime, prcnum) + if err == nil && len(cveData) > 0 { + logs.Info(cveData) + } else { + logs.Info("无cve数据可以使用, 当前时间: ", common.GetCurTime(), ", err: ", err) + break + } + accessToken := os.Getenv("GITEE_TOKEN") + if accessToken == "" || len(accessToken) < 1 { + logs.Error("issue token 获取失败, 当前时间: ", common.GetCurTime(), ",err: ", err) + break + } + owner := BConfig.String("gitee::owner") + path := BConfig.String("gitee::path") + for index, issueValue := range cveData { + logs.Info("当前正在处理第:", index, "条cve数据, cveNum: ", issueValue.CveNum) + // Determine whether the issue has been processed + goi, oks := models.QueryIssueCveByNum(issueValue.CveNum, issueValue.PackName) + if oks { + if strings.ToLower(goi.State) == "closed" || strings.ToLower(goi.State) == "rejected" || + goi.State == "已完成" || goi.State == "已拒绝" { + models.UpdateIssueStatus(issueValue, 2) + logs.Info("cve数据已经已经提交过issue,不需要重复提交, cveData: ", issueValue) + continue + } + } + // Import cve as data after 2018 + cveNumList := strings.Split(issueValue.CveNum, "-") + if cveNumList != nil && len(cveNumList) > 1 { + cveYears, yearErr := strconv.Atoi(cveNumList[1]) + if yearErr == nil { + if cveYears <= years { + icr := models.IssueCreateRecord{} + models.UpdateIssueStatus(issueValue, 4) + logs.Info("cve: ", issueValue.CveNum, ",需要大于: ", + years, ",否则不需要在git上提交issue, cveData: ", issueValue) + sc, err := models.QueryIssueScore(issueValue.CveId) + if err != nil || sc.Id == 0 { + logs.Error("获取Score 失败, err: ", err, "cveId: ", issueValue.CveId) + continue + } + GenIssueRecordData(&icr, issueValue, sc, 2) + issueRecordId, issReErr := models.CreateIssueRecord(&icr) + if issReErr == nil && issueRecordId > 0 { + logs.Info("Issue record data created successfully, id:", issueRecordId) + } else { + logs.Error("Failed to create issue record data, err: ", issReErr) + } + continue + } + } + } + // Determine whether cve has been processed + issueExist := taskhandler.GetCveSecurityNotice(issueValue.CveNum) + if issueExist { + models.UpdateIssueStatus(issueValue, 2) + logs.Info("cve数据已经在官网上展示过,不需要在git上提交issue, cveData: ", issueValue) + continue + } + // Process each piece of cve data + if issueValue.Status == 0 { + err := ProcIssue(issueValue, accessToken, owner, path) + if err != nil { + logs.Error("创建issue失败, cvenum: ", issueValue.CveNum, "err,err: ", err) + continue + } + } else { + err := ProcUpdateIssue(issueValue, accessToken, owner, path) + if err != nil { + logs.Error("修改issue失败, cvenum: ", issueValue.CveNum, "err,err: ", err) + continue + } + } + // Collect issue record data + icr := models.IssueCreateRecord{} + sc, err := models.QueryIssueScore(issueValue.CveId) + if err != nil || sc.Id == 0 { + logs.Error("获取Score 失败, err: ", err, "cveId: ", issueValue.CveId) + continue + } + GenIssueRecordData(&icr, issueValue, sc, 1) + issueRecordId, issReErr := models.CreateIssueRecord(&icr) + if issReErr == nil && issueRecordId > 0 { + logs.Info("Issue record data created successfully, id:", issueRecordId) + } else { + logs.Error("Failed to create issue record data, err: ", issReErr) + } + } + } + } } - owner := BConfig.String("gitee::owner") - path := BConfig.String("gitee::path") - for index, issueValue := range cveData { - logs.Info("当前正在处理第:", index, "条cve数据, cveNum: ", issueValue.CveNum) - // Determine whether the issue has been processed - goi, oks := models.QueryIssueCveByNum(issueValue.CveNum, issueValue.PackName) - if oks { - if strings.ToLower(goi.State) == "closed" || strings.ToLower(goi.State) == "rejected" || - goi.State == "已完成" || goi.State == "已拒绝"{ + } else { + for ; ; { + cveData, err := models.QueryIssue(beforeTime, prcnum) + if err == nil && len(cveData) > 0 { + logs.Info(cveData) + } else { + logs.Info("无cve数据可以使用, 当前时间: ", common.GetCurTime(), ", err: ", err) + return err + } + accessToken := os.Getenv("GITEE_TOKEN") + if accessToken == "" || len(accessToken) < 1 { + logs.Error("issue token 获取失败, 当前时间: ", common.GetCurTime()) + return err + } + owner := BConfig.String("gitee::owner") + path := BConfig.String("gitee::path") + for index, issueValue := range cveData { + logs.Info("当前正在处理第:", index, "条cve数据, cveNum: ", issueValue.CveNum) + // Determine whether the issue has been processed + goi, oks := models.QueryIssueCveByNum(issueValue.CveNum, issueValue.PackName) + if oks { + if strings.ToLower(goi.State) == "closed" || strings.ToLower(goi.State) == "rejected" || + goi.State == "已完成" || goi.State == "已拒绝" { + models.UpdateIssueStatus(issueValue, 2) + logs.Info("cve数据已经已经提交过issue,不需要重复提交, cveData: ", issueValue) + continue + } + } + // Import cve as data after 2018 + cveNumList := strings.Split(issueValue.CveNum, "-") + if cveNumList != nil && len(cveNumList) > 1 { + cveYears, yearErr := strconv.Atoi(cveNumList[1]) + if yearErr == nil { + if cveYears <= years { + icr := models.IssueCreateRecord{} + models.UpdateIssueStatus(issueValue, 4) + logs.Info("cve: ", issueValue.CveNum, ",需要大于: ", + years, ",否则不需要在git上提交issue, cveData: ", issueValue) + sc, err := models.QueryIssueScore(issueValue.CveId) + if err != nil || sc.Id == 0 { + logs.Error("获取Score 失败, err: ", err, "cveId: ", issueValue.CveId) + continue + } + GenIssueRecordData(&icr, issueValue, sc, 2) + issueRecordId, issReErr := models.CreateIssueRecord(&icr) + if issReErr == nil && issueRecordId > 0 { + logs.Info("Issue record data created successfully, id:", issueRecordId) + } else { + logs.Error("Failed to create issue record data, err: ", issReErr) + } + continue + } + } + } + // Determine whether cve has been processed + issueExist := taskhandler.GetCveSecurityNotice(issueValue.CveNum) + if issueExist { models.UpdateIssueStatus(issueValue, 2) - logs.Info("cve数据已经已经提交过issue,不需要重复提交, cveData: ", issueValue) + logs.Info("cve数据已经在官网上展示过,不需要在git上提交issue, cveData: ", issueValue) continue } - } - // Import cve as data after 2018 - cveNumList := strings.Split(issueValue.CveNum, "-") - if cveNumList != nil && len(cveNumList) > 1 { - cveYears, yearErr := strconv.Atoi(cveNumList[1]) - if yearErr == nil { - if cveYears <= years { - //models.UpdateIssueStatus(issueValue, 2) - logs.Info("cve: ", issueValue.CveNum, ",需要大于: ", years, ",否则不需要在git上提交issue, cveData: ", issueValue) - //continue + // Process each piece of cve data + if issueValue.Status == 0 { + err := ProcIssue(issueValue, accessToken, owner, path) + if err != nil { + logs.Error("创建issue失败, cvenum: ", issueValue.CveNum, "err,err: ", err) + continue + } + } else { + err := ProcUpdateIssue(issueValue, accessToken, owner, path) + if err != nil { + logs.Error("修改issue失败, cvenum: ", issueValue.CveNum, "err,err: ", err) + continue } } - } - // Determine whether cve has been processed - issueExist := taskhandler.GetCveSecurityNotice(issueValue.CveNum) - if issueExist { - models.UpdateIssueStatus(issueValue, 2) - logs.Info("cve数据已经在官网上展示过,不需要在git上提交issue, cveData: ", issueValue) - continue - } - // Process each piece of cve data - if issueValue.Status == 0 { - err := ProcIssue(issueValue, accessToken, owner, path) - if err != nil { - logs.Error("创建issue失败, cvenum: ", issueValue.CveNum, "err,err: ", err) + // Collect issue record data + icr := models.IssueCreateRecord{} + sc, err := models.QueryIssueScore(issueValue.CveId) + if err != nil || sc.Id == 0 { + logs.Error("获取Score 失败, err: ", err, "cveId: ", issueValue.CveId) continue } - } else { - err := ProcUpdateIssue(issueValue, accessToken, owner, path) - if err != nil { - logs.Error("修改issue失败, cvenum: ", issueValue.CveNum, "err,err: ", err) - continue + GenIssueRecordData(&icr, issueValue, sc, 1) + issueRecordId, issReErr := models.CreateIssueRecord(&icr) + if issReErr == nil && issueRecordId > 0 { + logs.Info("Issue record data created successfully, id:", issueRecordId) + } else { + logs.Error("Failed to create issue record data, err: ", issReErr) } } } } + return nil } //ProcUpdateIssue Update issue @@ -169,7 +316,7 @@ func ProcUpdateIssue(issueValue models.VulnCenter, accessToken, owner, path stri gitYaml, ok := models.QueryCveOpeneulerdata(issueValue.PackName, issueValue.CveVersion) if !ok || gitYaml.MainTainer == "" || len(gitYaml.MainTainer) < 1 { assignee, assErr := taskhandler.GetCollaboratorInfo(accessToken, owner, path) - if assignee != "" && len(assignee) > 1{ + if assignee != "" && len(assignee) > 1 { lit.Assignee = assignee //return err } else { diff --git a/taskhandler/createissue.go b/taskhandler/createissue.go index df656a3..4cb80f6 100644 --- a/taskhandler/createissue.go +++ b/taskhandler/createissue.go @@ -24,37 +24,45 @@ func CreateIssueData(issueTemp *models.IssueTemplate, cve models.VulnCenter, sc issueTemp.NVDVector = sc.NvectorVule issueTemp.CveBrief = cve.Description issueTemp.CveLevel = cve.CveLevel - issueTemp.IssueId = int64(resp["id"].(float64)) - issueTemp.IssueNum = resp["number"].(string) - issueTemp.Assignee = assignee - issueTemp.StatusName = resp["state"].(string) - if strings.ToLower(resp["state"].(string)) == "open" || - resp["state"].(string) == "待办的" || - resp["state"].(string) == "开启的" { - issueTemp.Status = 1 - issueTemp.StatusName = "open" - issueTemp.IssueStatus = 1 - } else if strings.ToLower(resp["state"].(string)) == "started" || - strings.ToLower(resp["state"].(string)) == "progressing" || - strings.ToLower(resp["state"].(string)) == "进行中" { - issueTemp.Status = 2 - issueTemp.StatusName = "progressing" - issueTemp.IssueStatus = 3 - } else if strings.ToLower(resp["state"].(string)) == "closed" || resp["state"].(string) == "已完成" { - issueTemp.Status = 3 - issueTemp.StatusName = "closed" - issueTemp.IssueStatus = 2 - } else { - if strings.ToLower(resp["state"].(string)) == "rejected" || resp["state"].(string) == "已拒绝" { - issueTemp.StatusName = "rejected" - issueTemp.Status = 4 - } - if strings.ToLower(resp["state"].(string)) == "suspended" || resp["state"].(string) == "已挂起" { - issueTemp.StatusName = "suspended" - issueTemp.Status = 5 + if resp != nil && len(resp) > 0 { + issueTemp.IssueId = int64(resp["id"].(float64)) + issueTemp.IssueNum = resp["number"].(string) + issueTemp.StatusName = resp["state"].(string) + if strings.ToLower(resp["state"].(string)) == "open" || + resp["state"].(string) == "待办的" || + resp["state"].(string) == "开启的" { + issueTemp.Status = 1 + issueTemp.StatusName = "open" + issueTemp.IssueStatus = 1 + } else if strings.ToLower(resp["state"].(string)) == "started" || + strings.ToLower(resp["state"].(string)) == "progressing" || + strings.ToLower(resp["state"].(string)) == "进行中" { + issueTemp.Status = 2 + issueTemp.StatusName = "progressing" + issueTemp.IssueStatus = 3 + } else if strings.ToLower(resp["state"].(string)) == "closed" || resp["state"].(string) == "已完成" { + issueTemp.Status = 3 + issueTemp.StatusName = "closed" + issueTemp.IssueStatus = 2 + } else { + if strings.ToLower(resp["state"].(string)) == "rejected" || resp["state"].(string) == "已拒绝" { + issueTemp.StatusName = "rejected" + issueTemp.Status = 4 + } + if strings.ToLower(resp["state"].(string)) == "suspended" || resp["state"].(string) == "已挂起" { + issueTemp.StatusName = "suspended" + issueTemp.Status = 5 + } + issueTemp.IssueStatus = 6 } - issueTemp.IssueStatus = 6 + } else { + issueTemp.IssueId = 0 + issueTemp.IssueNum = "nil" + issueTemp.StatusName = "nil" + issueTemp.Status = 0 } + + issueTemp.Assignee = assignee issueTemp.IssueLabel = labels issueTemp.Owner = owner issueTemp.Repo = path @@ -136,66 +144,81 @@ func CreateIssueToGit(accessToken string, owner string, path string, assignee st issueType := "CVE和安全问题" labels := beego.AppConfig.String("labelUnFix") if accessToken != "" && owner != "" && path != "" { - url := "https://gitee.com/api/v5/repos/" + owner + "/issues" - score := strconv.FormatFloat(sc.NVDScore, 'f', 1, 64) - requestBody := CreateIssueBody(accessToken, owner, path, assignee, - cve, sc, "", score, labels, its, 2, issueType, "", brandArray) - logs.Info("isssue_body: ", requestBody) - if requestBody != "" && len(requestBody) > 1 { - resp, err := util.HTTPPost(url, requestBody) - if err != nil { - logs.Error("url: ", url, "创建issue失败, cveNum: ", cve.CveNum, "err: ", err) - return "", err - } - if _, ok := resp["id"]; !ok { - logs.Error("创建issue 失败, err: ", ok, "url: ", url) - return "", errors.New("创建issue失败") - } - var issueTemp models.IssueTemplate - CreateIssueData(&issueTemp, cve, sc, resp, path, assignee, issueType, labels, owner) - // Store issue data - issTempID, err := models.CreateIssueTemplate(&issueTemp) - if len(brandArray) > 0 { - var brandArrayTmp []string - for _, brand := range brandArray { - brandArrayTmp = append(brandArrayTmp, brand+":") + var issueTemp models.IssueTemplate + CreateIssueData(&issueTemp, cve, sc, nil, path, assignee, issueType, labels, owner) + // Store issue data + issTempID, templateErr := models.InsertIssueTemplate(&issueTemp) + if templateErr == nil && issTempID > 0 { + url := "https://gitee.com/api/v5/repos/" + owner + "/issues" + score := strconv.FormatFloat(sc.NVDScore, 'f', 1, 64) + requestBody := CreateIssueBody(accessToken, owner, path, assignee, + cve, sc, "", score, labels, its, 2, issueType, "", brandArray) + logs.Info("isssue_body: ", requestBody) + if requestBody != "" && len(requestBody) > 1 { + resp, err := util.HTTPPost(url, requestBody) + if err != nil { + logs.Error("url: ", url, "创建issue失败, cveNum: ", cve.CveNum, "err: ", err) + models.DeleteIssueTemplate(issTempID) + return "", err } - brandStr := strings.Join(brandArrayTmp, ",") - issueTemp.AffectedVersion = brandStr - } - if err != nil { - logs.Error("创建issue 模板的数据失败, cveNum: ", cve.CveNum, "err: ", err) - return "", err - } - logs.Info("创建issue 模板的数据成功, issTempID: ", issTempID, "cveNum: ", cve.CveNum) - // Create issue comment - affectedVersion := "" - if len(brandArray) > 0 { - for i, brand := range brandArray { - if brand == "" || len(brand) < 2 { - continue + if _, ok := resp["id"]; !ok { + logs.Error("创建issue 失败, err: ", ok, "url: ", url) + models.DeleteIssueTemplate(issTempID) + return "", errors.New("创建issue失败") + } + var issueTemps models.IssueTemplate + issueTemps.TemplateId = issTempID + CreateIssueData(&issueTemps, cve, sc, resp, path, assignee, issueType, labels, owner) + // Store issue data + issTempIDx, idxErr := models.UpdateIssueTemplateAll(&issueTemps) + if len(brandArray) > 0 { + var brandArrayTmp []string + for _, brand := range brandArray { + brandArrayTmp = append(brandArrayTmp, brand+":") + } + brandStr := strings.Join(brandArrayTmp, ",") + issueTemp.AffectedVersion = brandStr + } + if idxErr != nil { + logs.Error("创建issue 模板的数据失败, cveNum: ", cve, ",err: ", err) + models.DeleteIssueTemplate(issTempID) + return "", err + } + logs.Info("创建issue 模板的数据成功, issTempID: ", issTempIDx, "cveNum: ", cve.CveNum) + // Create issue comment + affectedVersion := "" + if len(brandArray) > 0 { + for i, brand := range brandArray { + if brand == "" || len(brand) < 2 { + continue + } + affectedVersion = affectedVersion + strconv.Itoa(i+1) + "." + brand + ":\n" } - affectedVersion = affectedVersion + strconv.Itoa(i+1) + "." + brand + ":\n" + } else { + affectedVersion = affectedVersion + "\n" } + errx := CreateIssueComment(accessToken, owner, path, assignee, cve, resp, affectedVersion) + logs.Info("issue评论创建结果, err: ", errx) + issueNum := resp["number"].(string) + issueID := int64(resp["id"].(float64)) + err = CreateDepositHooks(accessToken, owner, path, cve, issueNum, issueID) + if err != nil { + logs.Error("创建hooks 失败, cveNum: ", cve.CveNum, "err: ", err) + return "", err + } + logs.Info("创建hooks 成功, cveNum: ", cve.CveNum) + // Update issue status + models.UpdateIssueStatus(cve, 2) + // Update score status + models.UpdateIssueScore(cve, 2) + // Update score record status + models.UpdateIssueScoreRe(cve, 1) } else { - affectedVersion = affectedVersion + "\n" + models.DeleteIssueTemplate(issTempID) } - errx := CreateIssueComment(accessToken, owner, path, assignee, cve, resp, affectedVersion) - logs.Info("issue评论创建结果, err: ", errx) - issueNum := resp["number"].(string) - issueID := int64(resp["id"].(float64)) - err = CreateDepositHooks(accessToken, owner, path, cve, issueNum, issueID) - if err != nil { - logs.Error("创建hooks 失败, cveNum: ", cve.CveNum, "err: ", err) - return "", err - } - logs.Info("创建hooks 成功, cveNum: ", cve.CveNum) - // Update issue status - models.UpdateIssueStatus(cve, 2) - // Update score status - models.UpdateIssueScore(cve, 2) - // Update score record status - models.UpdateIssueScoreRe(cve, 1) + } else { + logs.Error("重复创建issue, cve: ", cve, ", templateErr: ", templateErr) + return "", nil } } } diff --git a/taskhandler/cve.go b/taskhandler/cve.go index 19feec8..929541c 100644 --- a/taskhandler/cve.go +++ b/taskhandler/cve.go @@ -695,7 +695,7 @@ func GenCveVuler(cveData models.OriginUpstream, cveRef string, openeulernum int) cveYears, yearErr := strconv.Atoi(cveNumList[1]) if yearErr == nil { if cveYears <= years { - models.UpdateOriginStatus(common.GetCurTime(), cveData.PackName, cveData.Version, cveData.CveId, 3) + models.UpdateOriginStatus(common.GetCurTime(), cveData.PackName, cveData.Version, cveData.CveId, 5) logs.Info("cve: ", cveData.CveNum, ",需要大于: ", years, ",否则不需要在git上提交issue, cveData: ", cveData) return false, errors.New("数据错误,暂时不处理") } @@ -1460,7 +1460,8 @@ func GenCveVulerByIssue(cveData models.GiteOriginIssue, cveRef string, openeuler strings.ToLower(cveData.State) == "progressing" || cveData.State == "进行中" || strings.ToLower(cveData.State) == "started" || cveData.State == "开启的" { lock.Lock() - upOk, upError := UpdateIssueCveGroups(cveData, hole, cveRef, openeulernum, 1, goe, cvd, owner) + // The worker template of the issue that is being processed will no longer be replaced with a new template + upOk, upError := UpdateIssueCveGroups(cveData, hole, cveRef, openeulernum, 2, goe, cvd, owner) logs.Info(upOk, upError) lock.Unlock() } else { -- Gitee