From ce60e39342e620c97dba2dd87f5fd244a3d31dd9 Mon Sep 17 00:00:00 2001 From: zjm <1076115376@qq.com> Date: Tue, 20 Sep 2022 09:18:07 +0800 Subject: [PATCH 1/2] fix mindspore issue --- cve-vulner-manager/models/common.go | 14 +++++++- cve-vulner-manager/task/issue.go | 25 ++++++++++---- cve-vulner-manager/taskhandler/common.go | 33 +++++-------------- cve-vulner-manager/taskhandler/createissue.go | 2 ++ cve-vulner-manager/taskhandler/cve.go | 2 +- cve-vulner-manager/taskhandler/issue.go | 9 ++++- 6 files changed, 52 insertions(+), 33 deletions(-) diff --git a/cve-vulner-manager/models/common.go b/cve-vulner-manager/models/common.go index 586628d..ed4f988 100644 --- a/cve-vulner-manager/models/common.go +++ b/cve-vulner-manager/models/common.go @@ -2,8 +2,9 @@ package models import ( "fmt" - "github.com/astaxie/beego/logs" "time" + + "github.com/astaxie/beego/logs" ) //Time2Str format time to string @@ -43,6 +44,17 @@ func OpenEulerScoreProc(openEulerScore float64) (CveLevel string) { return CveLevel } +func MindSporeScoreProc(openEulerScore float64) (CveLevel string) { + if openEulerScore >= 9.0 { + CveLevel = "Critical" + } else if openEulerScore >= 7.0 && openEulerScore <= 8.9 { + CveLevel = "High" + } else if openEulerScore <= 7.0 { + CveLevel = "Medium" + } + return CveLevel +} + func SearchGaussCondSa(cveLevel, years, releaseFlag int, searchName string) string { conditStr := "" if cveLevel > 0 { diff --git a/cve-vulner-manager/task/issue.go b/cve-vulner-manager/task/issue.go index 29d0560..edd6a9e 100644 --- a/cve-vulner-manager/task/issue.go +++ b/cve-vulner-manager/task/issue.go @@ -251,21 +251,34 @@ func SetIssueProcParams() error { logs.Info("tmpErr:", tmpErr) continue } - if its.Status > 2 || (len(its.PlanStarted) > 1 && len(its.Deadline) > 1) { - continue + if vl.OrganizationID != 3 { + if its.Status > 2 || (len(its.PlanStarted) > 1 && len(its.Deadline) > 1) { + continue + } } authToken := tokenMap[vl.OrganizationID] - taskhandler.GetEntIssueDetail(vl, &its) + var priorityOld int = -1 + taskhandler.GetEntIssueDetail(vl, &its, &priorityOld) if len(its.PlanStarted) > 1 && len(its.Deadline) > 1 { its.UpdateTime = time.Now() models.UpdateIssueTemplate(&its, "PlanStarted", "Deadline", "UpdateTime") - continue + if vl.OrganizationID != 3 { + continue + } } - if its.NVDScore > 0 { - cveLevel := models.OpenEulerScoreProc(its.NVDScore) + if its.NVDScore > 0 || (its.NVDScore >= 0 && vl.OrganizationID == 3) { + var cveLevel string + if vl.OrganizationID == 3 { + cveLevel = models.MindSporeScoreProc(its.NVDScore) + } else { + cveLevel = models.OpenEulerScoreProc(its.NVDScore) + } deadLine := taskhandler.CvePlanCloseTime(its.CreateTime, cveLevel, false, true) planAt := common.GetSpecifiedTime(its.CreateTime, 0, false, true) priority := taskhandler.GetIssuePriority(cveLevel) + if priority <= priorityOld { + continue + } owner, accessToken := common.GetOwnerAndToken(vl.CveNum, vl.OrganizationID) issueErr, issueBody := taskhandler.GetGiteeIssue(accessToken, owner, its.Repo, its.IssueNum) if issueErr == nil && issueBody != nil { diff --git a/cve-vulner-manager/taskhandler/common.go b/cve-vulner-manager/taskhandler/common.go index dd33180..df9214d 100644 --- a/cve-vulner-manager/taskhandler/common.go +++ b/cve-vulner-manager/taskhandler/common.go @@ -29,9 +29,10 @@ const ( RepoInfoURL = "https://api.openeuler.org/pkgmanage/packages/packageInfo?table_name=openEuler_LTS_20.03&pkg_name=%s" perPage = 50 //IssueType Types of issues crawled - CIssueType = "CVE和安全问题" - GaussIssueType = "缺陷" - BranchRep = `(\(.*\))|((.*))` + CIssueType = "CVE和安全问题" + GaussIssueType = "缺陷" + MindSporeIssueType = "Bug-Report" + BranchRep = `(\(.*\))|((.*))` ) type GiteeToken struct { @@ -987,11 +988,7 @@ func CreateIssueBody(accessToken, owner, path, assignee string, genPatchInfo(cve.CveNum), cveAnalysis, openEulerScore, oVector, affectedVersion) } } - if cve.OrganizationID == 3 && assignee != "fangzhou0329" { - requestBody = fmt.Sprintf(`{"access_token": "%s","repo": "%s","title": "%s","state": "%s","body": "%s","assignee": "%s","labels": "%s","security_hole": "false","collaborators":"fangzhou0329"}`, accessToken, path, cve.CveNum, StatusName, body, assignee, labels) - } else { - requestBody = fmt.Sprintf(`{"access_token": "%s","repo": "%s","title": "%s","state": "%s","body": "%s","assignee": "%s","labels": "%s","security_hole": "false"}`, accessToken, path, cve.CveNum, StatusName, body, assignee, labels) - } + requestBody = fmt.Sprintf(`{"access_token": "%s","repo": "%s","title": "%s","state": "%s","body": "%s","assignee": "%s","labels": "%s","security_hole": "false"}`, accessToken, path, cve.CveNum, StatusName, body, assignee, labels) } else { nveScore := score + " " + cve.CveLevel nveVector := scoreType + "/" + sc.NvectorVule @@ -1006,11 +1003,7 @@ func CreateIssueBody(accessToken, owner, path, assignee string, cve.Description, cve.RepairTime, updateTime, cve.CveDetailUrl+"\n"+getCveDetail(cve.CveNum)+"\n", commentCmd, holeSource(cve.DataSource), genPatchInfo(cve.CveNum), cveAnalysis, openEulerScore, affectedVersion) } - if cve.OrganizationID == 3 && assignee != "fangzhou0329" { - requestBody = fmt.Sprintf(`{"access_token": "%s","repo": "%s","title": "%s","state": "%s","body": "%s","assignee": "%s","labels": "%s","security_hole": "false","collaborators":"fangzhou0329"}`, accessToken, path, cve.CveNum, StatusName, body, assignee, labels) - } else { - requestBody = fmt.Sprintf(`{"access_token": "%s","repo": "%s","title": "%s","state": "%s","body": "%s","assignee": "%s","labels": "%s","security_hole": "false"}`, accessToken, path, cve.CveNum, StatusName, body, assignee, labels) - } + requestBody = fmt.Sprintf(`{"access_token": "%s","repo": "%s","title": "%s","state": "%s","body": "%s","assignee": "%s","labels": "%s","security_hole": "false"}`, accessToken, path, cve.CveNum, StatusName, body, assignee, labels) } } else if flag == 2 { nveScore := score + " " + cve.CveLevel @@ -1027,7 +1020,7 @@ func CreateIssueBody(accessToken, owner, path, assignee string, genPatchInfo(cve.CveNum), cveAnalysis, openEulerScore, affectedVersion) } if cve.OrganizationID == 3 && assignee != "fangzhou0329" { - requestBody = fmt.Sprintf(`{"access_token": "%s","repo": "%s","title": "%s","issue_type": "%s","body": "%s","assignee": "%s","labels": "%s","security_hole": "false","collaborators":"fangzhou0329"}`, accessToken, path, cve.CveNum, issueType, body, assignee, labels) + requestBody = fmt.Sprintf(`{"access_token": "%s","repo": "%s","title": "%s","issue_type": "%s","body": "%s","assignee": "%s","labels": "%s","security_hole": "false","collaborators":"fangzhou0329","program":"67813"}`, accessToken, path, cve.CveNum, issueType, body, assignee, labels) } else { requestBody = fmt.Sprintf(`{"access_token": "%s","repo": "%s","title": "%s","issue_type": "%s","body": "%s","assignee": "%s","labels": "%s","security_hole": "false"}`, accessToken, path, cve.CveNum, issueType, body, assignee, labels) } @@ -1052,11 +1045,7 @@ func CreateIssueBody(accessToken, owner, path, assignee string, genPatchInfo(cve.CveNum), cveAnalysis, openEulerScore, oVector, affectedVersion) } } - if cve.OrganizationID == 3 && its.Assignee != "fangzhou0329" { - requestBody = fmt.Sprintf(`{"access_token": "%s","repo": "%s","title": "%s","state": "%s","body": "%s","assignee": "%s","labels": "%s","security_hole": "false","collaborators":"fangzhou0329"}`, accessToken, path, cve.CveNum, StatusName, body, its.Assignee, labels) - } else { - requestBody = fmt.Sprintf(`{"access_token": "%s","repo": "%s","title": "%s","state": "%s","body": "%s","assignee": "%s","labels": "%s","security_hole": "false"}`, accessToken, path, cve.CveNum, StatusName, body, its.Assignee, labels) - } + requestBody = fmt.Sprintf(`{"access_token": "%s","repo": "%s","title": "%s","state": "%s","body": "%s","assignee": "%s","labels": "%s","security_hole": "false"}`, accessToken, path, cve.CveNum, StatusName, body, its.Assignee, labels) } else { openEulerScore = " " nveScore := score + " " + cve.CveLevel @@ -1071,11 +1060,7 @@ func CreateIssueBody(accessToken, owner, path, assignee string, cve.Description, cve.RepairTime, updateTime, cve.CveDetailUrl+"\n"+getCveDetail(cve.CveNum)+"\n", commentCmd, holeSource(cve.DataSource), genPatchInfo(cve.CveNum), cveAnalysis, openEulerScore, affectedVersion) } - if cve.OrganizationID == 3 && its.Assignee != "fangzhou0329" { - requestBody = fmt.Sprintf(`{"access_token": "%s","repo": "%s","title": "%s","state": "%s","body": "%s","assignee": "%s","labels": "%s","security_hole": "false","collaborators":"fangzhou0329"}`, accessToken, path, cve.CveNum, StatusName, body, its.Assignee, labels) - } else { - requestBody = fmt.Sprintf(`{"access_token": "%s","repo": "%s","title": "%s","state": "%s","body": "%s","assignee": "%s","labels": "%s","security_hole": "false"}`, accessToken, path, cve.CveNum, StatusName, body, its.Assignee, labels) - } + requestBody = fmt.Sprintf(`{"access_token": "%s","repo": "%s","title": "%s","state": "%s","body": "%s","assignee": "%s","labels": "%s","security_hole": "false"}`, accessToken, path, cve.CveNum, StatusName, body, its.Assignee, labels) } } return requestBody diff --git a/cve-vulner-manager/taskhandler/createissue.go b/cve-vulner-manager/taskhandler/createissue.go index 26bc350..1be42d9 100644 --- a/cve-vulner-manager/taskhandler/createissue.go +++ b/cve-vulner-manager/taskhandler/createissue.go @@ -330,6 +330,8 @@ func CreateIssueToGit(accessToken, owner, path, assignee string, issueType = CIssueType if cve.OrganizationID == 2 { issueType = GaussIssueType + } else if cve.OrganizationID == 3 { + issueType = MindSporeIssueType } labels := beego.AppConfig.String("labelUnFix") if accessToken != "" && owner != "" && path != "" { diff --git a/cve-vulner-manager/taskhandler/cve.go b/cve-vulner-manager/taskhandler/cve.go index d8f2eb8..d9b7509 100644 --- a/cve-vulner-manager/taskhandler/cve.go +++ b/cve-vulner-manager/taskhandler/cve.go @@ -369,7 +369,7 @@ func UpdateCveGroups(cveData models.OriginUpstream, cveRef string, openeulerNum CveRes.Description = cveDesc.EnDescription } CveRes.CveVersion = pkList[1] - if len(cveData.PublishedDate) > 2 && CveRes.RepairTime != cveData.PublishedDate && len(cveData.PublishedDate) > 10 { + if len(cveData.PublishedDate) > 10 && CveRes.RepairTime != cveData.PublishedDate { CveRes.RepairTime = cveData.PublishedDate } //CveRes.PackName = pkList[0] diff --git a/cve-vulner-manager/taskhandler/issue.go b/cve-vulner-manager/taskhandler/issue.go index e3204b9..3eba8e9 100644 --- a/cve-vulner-manager/taskhandler/issue.go +++ b/cve-vulner-manager/taskhandler/issue.go @@ -231,7 +231,7 @@ func GiteeConstructor(res map[string]interface{}, giteeToken *GiteeTokenInfo) { } } -func GetEntIssueDetail(cve models.VulnCenter, its *models.IssueTemplate) { +func GetEntIssueDetail(cve models.VulnCenter, its *models.IssueTemplate, priority *int) { owner, accessToken := common.GetOwnerAndToken(cve.CveNum, cve.OrganizationID) if cve.OrganizationID == 2 { if len(cve.PackName) < 2 { @@ -243,6 +243,13 @@ func GetEntIssueDetail(cve models.VulnCenter, its *models.IssueTemplate) { logs.Error("issue is empty, err: ", issueErr, "IssueNum: ", its.IssueNum) return } else { + if cve.OrganizationID == 3 && issueBody != nil && issueBody["priority"] != nil { + if p, ok := issueBody["priority"]; ok { + if pri, ok1 := p.(float64); ok1 { + *priority = int(pri) + } + } + } if issueBody != nil && issueBody["plan_started_at"] != nil { if planAt, ok := issueBody["plan_started_at"]; !ok || planAt == nil { logs.Error("plan_started_at is empty, err: ", ok, "IssueNum: ", its.IssueNum) -- Gitee From 8e46902a94c7f5feb97240554c010b2e05945ed3 Mon Sep 17 00:00:00 2001 From: zjm <1076115376@qq.com> Date: Tue, 20 Sep 2022 19:25:26 +0800 Subject: [PATCH 2/2] remove the condition under which an issue is closed --- cve-vulner-manager/controllers/file.go | 2 +- cve-vulner-manager/models/cve.go | 21 ++++++++++++++++----- cve-vulner-manager/task/issue.go | 16 ++++++++-------- cve-vulner-manager/taskhandler/cve.go | 3 +++ cve-vulner-manager/taskhandler/excel.go | 2 +- 5 files changed, 29 insertions(+), 15 deletions(-) diff --git a/cve-vulner-manager/controllers/file.go b/cve-vulner-manager/controllers/file.go index a745ca4..744c2d9 100644 --- a/cve-vulner-manager/controllers/file.go +++ b/cve-vulner-manager/controllers/file.go @@ -148,7 +148,7 @@ func (f *FileController) TriggerCveData() { cves = strings.Split(cveNums, ",") } //cve pull_request freeze time changed to a month ago - startTime = common.TimeStrSub(startTime, -30) + startTime = common.TimeStrSub(startTime, -365) unaffectYear, yerr := beego.AppConfig.Int("excel::unaffect_year") if yerr != nil { unaffectYear = 2018 diff --git a/cve-vulner-manager/models/cve.go b/cve-vulner-manager/models/cve.go index 8772ed1..429a247 100644 --- a/cve-vulner-manager/models/cve.go +++ b/cve-vulner-manager/models/cve.go @@ -1083,10 +1083,22 @@ ORDER BY c.openeuler_score DESC return } -func GetIssueNumber(packName string) (issueTemp []IssueTemplate, err error) { - sql := `select * from cve_issue_template where status = 3 and issue_status = 2 and -cve_id in (select cve_id from cve_vuln_center where cve_status = 2 and +func GetIssueNumber(packName string, cves []string) (issueTemp []IssueTemplate, err error) { + var sql string + if len(cves) == 0 { + sql = `select * from cve_issue_template where cve_id in (select cve_id from cve_vuln_center where cve_status = 2 and is_export in (0,3) and pack_name in ('%s') and organizate_id = 1)` + } else { + var s string + for _, v := range cves { + s += "'" + v + "'," + } + if len(s) > 1 { + s = s[:len(s)-1] + } + sql = `select * from cve_issue_template where cve_id in (select cve_id from cve_vuln_center where cve_status = 2 and +is_export in (0,3) and pack_name in ('%s') and organizate_id = 1)` + ` and cve_num in (` + s + `)` + } sql = fmt.Sprintf(sql, packName) o := orm.NewOrm() _, err = o.Raw(sql).QueryRows(&issueTemp) @@ -1094,8 +1106,7 @@ is_export in (0,3) and pack_name in ('%s') and organizate_id = 1)` } func GetUnffectIssueNumber(startTime string) (issueTemp []IssueTemplate, err error) { - sql := `SELECT * FROM cve_issue_template WHERE STATUS = 3 AND issue_status in (2,6) AND -cve_id IN (SELECT DISTINCT cve_id FROM cve_vuln_center WHERE cve_status = 2 AND + sql := `SELECT * FROM cve_issue_template WHERE cve_id IN (SELECT DISTINCT cve_id FROM cve_vuln_center WHERE cve_status = 2 AND is_export IN (0,3) and organizate_id = 1) AND create_time >= '%s'` sql = fmt.Sprintf(sql, startTime) o := orm.NewOrm() diff --git a/cve-vulner-manager/task/issue.go b/cve-vulner-manager/task/issue.go index edd6a9e..49f81ba 100644 --- a/cve-vulner-manager/task/issue.go +++ b/cve-vulner-manager/task/issue.go @@ -243,18 +243,18 @@ func SetIssueProcParams() error { for _, vl := range vulnCve { cveId = vl.CveId if vl.Status > 2 { - continue + if vl.OrganizationID == 3 && vl.Status == 6 { + } else { + continue + } } its := models.IssueTemplate{CveId: vl.CveId, CveNum: vl.CveNum} - tmpErr := models.GetIssueTemplateByColName(&its, "CveId", "CveNum") - if its.TemplateId == 0 { - logs.Info("tmpErr:", tmpErr) + _ = models.GetIssueTemplateByColName(&its, "CveId", "CveNum") + if its.TemplateId == 0 || its.Status > 2 { continue } - if vl.OrganizationID != 3 { - if its.Status > 2 || (len(its.PlanStarted) > 1 && len(its.Deadline) > 1) { - continue - } + if len(its.PlanStarted) > 1 && len(its.Deadline) > 1 && vl.OrganizationID != 3 { + continue } authToken := tokenMap[vl.OrganizationID] var priorityOld int = -1 diff --git a/cve-vulner-manager/taskhandler/cve.go b/cve-vulner-manager/taskhandler/cve.go index d9b7509..954867d 100644 --- a/cve-vulner-manager/taskhandler/cve.go +++ b/cve-vulner-manager/taskhandler/cve.go @@ -372,6 +372,9 @@ func UpdateCveGroups(cveData models.OriginUpstream, cveRef string, openeulerNum if len(cveData.PublishedDate) > 10 && CveRes.RepairTime != cveData.PublishedDate { CveRes.RepairTime = cveData.PublishedDate } + if common.GetCveSource(cveData.CveNum) == 1 || common.GetCveSourceRecord(cveData.CveNum) == 1 { + CveRes.DataSource = 5 + } //CveRes.PackName = pkList[0] CveRes.RepoName = pkList[0] CveRes.CveUrl = cveRef + cveData.CveNum diff --git a/cve-vulner-manager/taskhandler/excel.go b/cve-vulner-manager/taskhandler/excel.go index 2813817..bc21da6 100644 --- a/cve-vulner-manager/taskhandler/excel.go +++ b/cve-vulner-manager/taskhandler/excel.go @@ -1124,7 +1124,7 @@ func getDateByGite(pkgList []models.ExcelPackage, startTime string, c chan<- []I //logs.Info("excel, v===>", v) rt := util.TimeStrToInt(v.PubTime, "20060102 15-04-05") + saTimeStampZone // Query the current issues that need to be dealt with - issueTemp, err := models.GetIssueNumber(v.Repo) + issueTemp, err := models.GetIssueNumber(v.Repo, cves) if err != nil || issueTemp == nil { logs.Info("No need to deal with ", v.Repo) continue -- Gitee