diff --git a/cve-vulner-manager/controllers/file.go b/cve-vulner-manager/controllers/file.go index 72dd9a09a32a3687a668d7c3a1cfd23213ed524c..5fdf90b6b4b7c0709403b9af4d89550c2d0eec27 100644 --- a/cve-vulner-manager/controllers/file.go +++ b/cve-vulner-manager/controllers/file.go @@ -15,6 +15,7 @@ import ( "cvevulner/common" "cvevulner/cve-ddd/adapter" + "cvevulner/cve-ddd/infrastructure/obsimpl" "cvevulner/models" "cvevulner/taskhandler" "cvevulner/util" @@ -397,6 +398,10 @@ func uploadCvrfFile(cvrfFileList map[string][]string, totalFileSlice []string, d if dirErr != nil { logs.Error("dirErr: ", dirErr) } + + // set upload dirname of hotpatch + obsimpl.SetDynamicDir(obsDir) + indexFilePath := filepath.Join(dir, "index.txt") indexObjectName := downloadCvrfDir + "index.txt" downObsErr := taskhandler.ObsDownloadFile(indexObjectName, indexFilePath) @@ -408,7 +413,7 @@ func uploadCvrfFile(cvrfFileList map[string][]string, totalFileSlice []string, d SaveFileToDb(saFileStr) totalSlice := make([]string, 0) saNumber := int64(1000) - sfl := models.GetCvrfAllFile() + sfl := models.GetCvrfAllFile(models.SaFileRecordSa) curYears := strconv.Itoa(time.Now().Year()) var oldyear string saDir := beego.AppConfig.DefaultString("saFileDir", "download/sa") @@ -582,6 +587,8 @@ func SaveFileRecord(fileName string) { af.Status = 1 af.FileName = fileName af.CreateTime = common.GetCurTime() + af.SaType = af.GenSaType() + models.InsertCvrfFileRecord(&af) } diff --git a/cve-vulner-manager/cve-ddd/app/hotpatch.go b/cve-vulner-manager/cve-ddd/app/hotpatch.go index 3a1750ec06f0525c1fd41af67c803b66d4a603ba..7069a28f189cd06bb495c5068f36382949a9c1c5 100644 --- a/cve-vulner-manager/cve-ddd/app/hotpatch.go +++ b/cve-vulner-manager/cve-ddd/app/hotpatch.go @@ -4,6 +4,7 @@ import ( "fmt" "strconv" "strings" + "time" "github.com/sirupsen/logrus" @@ -12,9 +13,15 @@ import ( "cvevulner/cve-ddd/domain/obs" "cvevulner/cve-ddd/domain/repository" "cvevulner/cve-ddd/domain/updateinfo" + "cvevulner/models" "cvevulner/util" ) +const ( + indexFileName = "index.txt" + updateFixedFileName = "update_fixed.txt" +) + type HotPatchService interface { GenerateBulletins([]CmdToGenerateBulletins) error } @@ -38,6 +45,11 @@ type hotPatchService struct { func (h *hotPatchService) GenerateBulletins(cmds []CmdToGenerateBulletins) error { var cvesForUpdateInfo domain.Cves + var uploadFileName []string + id, err := h.generateBulletinId() + if err != nil { + return err + } for _, cmd := range cmds { if exist := h.repository.IssueNumExist(cmd.HotIssueNum); exist { @@ -67,11 +79,8 @@ func (h *hotPatchService) GenerateBulletins(cmds []CmdToGenerateBulletins) error for _, b := range bulletins { b.PatchUrl = cmd.PatchUrl - id, err := h.generateBulletinId() - if err != nil { - return err - } - b.Identification = id + id++ + b.Identification = fmt.Sprintf("openEuler-HotPatchSA-%d-%d", util.Year(), id) xmlData, err := h.bulletin.Generate(&b) if err != nil { @@ -81,17 +90,15 @@ func (h *hotPatchService) GenerateBulletins(cmds []CmdToGenerateBulletins) error } fileName := fmt.Sprintf("cvrf-%s.xml", b.Identification) - if err := h.obs.UploadBulletin(fileName, xmlData); err != nil { + if err := h.obs.UploadToDynamicDir(fileName, xmlData); err != nil { logrus.Errorf("component: %s, upload to obs error: %s", b.Component, err.Error()) continue } - cvesForUpdateInfo = append(cvesForUpdateInfo, b.Cves...) + uploadFileName = append(uploadFileName, fileName) - if err := h.repository.SetMaxBulletinID(b.Identification); err != nil { - logrus.Errorf("set max bulletin id %s error %s", b.Identification, err.Error()) - } + cvesForUpdateInfo = append(cvesForUpdateInfo, b.Cves...) } if err := h.repository.SaveIssueNum(cmd.HotIssueNum); err != nil { @@ -99,41 +106,36 @@ func (h *hotPatchService) GenerateBulletins(cmds []CmdToGenerateBulletins) error } } - if len(cvesForUpdateInfo) == 0 { - return nil - } + h.appendHotPatchToFiles(uploadFileName) return h.uploadUpdateInfo(cvesForUpdateInfo) } -func (h *hotPatchService) generateBulletinId() (string, error) { - bulletinNumFormat := "openEuler-HotPatchSA-%d-%d" - +func (h *hotPatchService) generateBulletinId() (int, error) { maxID, err := h.repository.MaxBulletinID() if err != nil { - return "", err + return 0, err } thisYear := util.Year() if maxID == "" { - return fmt.Sprintf(bulletinNumFormat, thisYear, 1001), nil + return 1000, nil } - split := strings.Split(maxID, "-") - if split[2] != strconv.Itoa(thisYear) { - return fmt.Sprintf(bulletinNumFormat, thisYear, 1001), nil + split := strings.Split(strings.Trim(maxID, ".xml"), "-") + if split[3] != strconv.Itoa(thisYear) { + return 1000, nil } - num, err := strconv.Atoi(split[3]) - if err != nil { - return "", err - } - - return fmt.Sprintf(bulletinNumFormat, thisYear, num+1), nil + return strconv.Atoi(split[4]) } func (h *hotPatchService) uploadUpdateInfo(cves domain.Cves) error { + if len(cves) == 0 { + return nil + } + for version, v := range cves.GroupByVersion() { bytes, err := h.updateInfo.Generate(v) if err != nil { @@ -151,3 +153,39 @@ func (h *hotPatchService) uploadUpdateInfo(cves domain.Cves) error { return nil } + +func (h *hotPatchService) appendHotPatchToFiles(files []string) { + if len(files) == 0 { + return + } + + var appendContent string + for _, v := range files { + appendContent += fmt.Sprintf("\n%d/%s", time.Now().Year(), v) + } + + h.updateFileByContent(updateFixedFileName, appendContent) + + var oldContent string + oldRecords := models.GetCvrfAllFile(models.SaFileRecordHotPatch) + for _, v := range oldRecords { + oldContent += fmt.Sprintf("\n%d/%s", time.Now().Year(), v.FileName) + } + + h.updateFileByContent(indexFileName, oldContent+appendContent) +} + +func (h *hotPatchService) updateFileByContent(file, newContent string) { + oldContent, err := h.obs.DownloadFromDynamicDir(file) + if err != nil { + logrus.Errorf("download %s error: %s", file, err.Error()) + + return + } + + oldContent = append(oldContent, newContent...) + + if err = h.obs.UploadToDynamicDir(file, oldContent); err != nil { + logrus.Errorf("upload %s error: %s", file, err.Error()) + } +} diff --git a/cve-vulner-manager/cve-ddd/domain/obs/obs.go b/cve-vulner-manager/cve-ddd/domain/obs/obs.go index 6aa040561f07d8df46479caad8b8695628d1de38..4308c715cb073e24685e3aedac897f02946e1664 100644 --- a/cve-vulner-manager/cve-ddd/domain/obs/obs.go +++ b/cve-vulner-manager/cve-ddd/domain/obs/obs.go @@ -1,6 +1,7 @@ package obs type OBS interface { - UploadBulletin(fileName string, data []byte) error + UploadToDynamicDir(fileName string, data []byte) error + DownloadFromDynamicDir(fileName string) ([]byte, error) UploadUpdateInfo(fileName string, data []byte) error } diff --git a/cve-vulner-manager/cve-ddd/domain/repository/cve.go b/cve-vulner-manager/cve-ddd/domain/repository/cve.go index b84d3f59c5d476dc1acd3a87b75c28df632b1688..70d61b7bbfdf199588e8c89bbde80af0746e00a4 100644 --- a/cve-vulner-manager/cve-ddd/domain/repository/cve.go +++ b/cve-vulner-manager/cve-ddd/domain/repository/cve.go @@ -11,7 +11,6 @@ type Option struct { type CveRepository interface { FindCves(option Option) (domain.Cves, error) MaxBulletinID() (string, error) - SetMaxBulletinID(string) error IssueNumExist(num string) bool SaveIssueNum(num string) error } diff --git a/cve-vulner-manager/cve-ddd/infrastructure/obsimpl/impl.go b/cve-vulner-manager/cve-ddd/infrastructure/obsimpl/impl.go index 73c80e54833cc19d4ac78cb71b8fce7750080387..5e1ab20023d998ee33f5a98dc741e8d8ad31e4ff 100644 --- a/cve-vulner-manager/cve-ddd/infrastructure/obsimpl/impl.go +++ b/cve-vulner-manager/cve-ddd/infrastructure/obsimpl/impl.go @@ -3,6 +3,8 @@ package obsimpl import ( "bytes" "fmt" + "io/ioutil" + "strings" "time" "github.com/astaxie/beego" @@ -11,6 +13,12 @@ import ( var instance *obsImpl +var dynamicDir string + +func SetDynamicDir(dir string) { + dynamicDir = dir +} + func Init() error { cfg := Config{ AccessKey: beego.AppConfig.String("obs::access_key_id"), @@ -43,11 +51,10 @@ type obsImpl struct { cli *obs.ObsClient } -func (impl obsImpl) UploadBulletin(fileName string, data []byte) error { +func (impl obsImpl) UploadToDynamicDir(fileName string, data []byte) error { input := &obs.PutObjectInput{} input.Bucket = impl.cfg.Bucket - nowStr := time.Now().Format("2006-01-02") - input.Key = fmt.Sprintf("%s%s-%s/%s", impl.cfg.Directory, nowStr, "hotpatch", fileName) + input.Key = impl.getDynamicDir() + fileName input.Body = bytes.NewReader(data) _, err := impl.cli.PutObject(input) @@ -55,6 +62,19 @@ func (impl obsImpl) UploadBulletin(fileName string, data []byte) error { return err } +func (impl obsImpl) DownloadFromDynamicDir(fileName string) ([]byte, error) { + input := &obs.GetObjectInput{} + input.Bucket = impl.cfg.Bucket + input.Key = impl.getDynamicDir() + fileName + output, err := impl.cli.GetObject(input) + if err != nil { + return nil, err + } + defer output.Body.Close() + + return ioutil.ReadAll(output.Body) +} + func (impl obsImpl) UploadUpdateInfo(fileName string, data []byte) error { input := &obs.PutObjectInput{} input.Bucket = impl.cfg.Bucket @@ -66,3 +86,12 @@ func (impl obsImpl) UploadUpdateInfo(fileName string, data []byte) error { return err } + +func (impl obsImpl) getDynamicDir() string { + todayStr := time.Now().Format("2006-01-02") + if strings.Contains(dynamicDir, todayStr) { + return dynamicDir + } + + return fmt.Sprintf("%s%s-%s/", impl.cfg.UpdateInfoDir, todayStr, "hotpatch") +} diff --git a/cve-vulner-manager/cve-ddd/infrastructure/repositoryimpl/impl.go b/cve-vulner-manager/cve-ddd/infrastructure/repositoryimpl/impl.go index b3072f28d2af2a77f3355801c4cae2059e1937bc..ce6b5e39cc16a21c8483cb4a9287308bc8b2262f 100644 --- a/cve-vulner-manager/cve-ddd/infrastructure/repositoryimpl/impl.go +++ b/cve-vulner-manager/cve-ddd/infrastructure/repositoryimpl/impl.go @@ -64,10 +64,13 @@ where a.cve_num in (%s) and a.organizate_id = 1 and a.pack_name = "%s" } func (impl repositoryImpl) MaxBulletinID() (string, error) { - var hotPatch models.HotPatch + var saFileRecord models.SaFileRecord o := orm.NewOrm() - err := o.QueryTable(&hotPatch).Filter("type", 2).One(&hotPatch) + err := o.QueryTable(&saFileRecord). + Filter("sa_type", models.SaFileRecordHotPatch). + OrderBy("-file_name"). + One(&saFileRecord) if errors.Is(err, orm.ErrNoRows) { return "", nil } @@ -76,45 +79,16 @@ func (impl repositoryImpl) MaxBulletinID() (string, error) { return "", err } - return hotPatch.MaxID, nil -} - -func (impl repositoryImpl) SetMaxBulletinID(id string) error { - hotPatch := models.HotPatch{ - Type: 2, - } - now := time.Now().Format(time.RFC3339) - - o := orm.NewOrm() - err := o.Read(&hotPatch, "type") - if errors.Is(err, orm.ErrNoRows) { - hotPatch.MaxID = id - hotPatch.CreateTime = now - hotPatch.UpdateTime = now - - _, err := o.Insert(&hotPatch) - - return err - - } else if err == nil { - hotPatch.MaxID = id - hotPatch.UpdateTime = now - _, err := o.Update(&hotPatch) - - return err - } - - return err + return saFileRecord.FileName, nil } func (impl repositoryImpl) IssueNumExist(num string) bool { hotPatch := models.HotPatch{ - Type: 1, IssueNum: num, } o := orm.NewOrm() - if err := o.Read(&hotPatch, "type", "issue_num"); err != nil { + if err := o.Read(&hotPatch, "issue_num"); err != nil { return false } @@ -125,7 +99,6 @@ func (impl repositoryImpl) SaveIssueNum(num string) error { now := time.Now().Format(time.RFC3339) hotPatch := models.HotPatch{ - Type: 1, IssueNum: num, CreateTime: now, UpdateTime: now, diff --git a/cve-vulner-manager/master b/cve-vulner-manager/master deleted file mode 100644 index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..0000000000000000000000000000000000000000 diff --git a/cve-vulner-manager/models/excel.go b/cve-vulner-manager/models/excel.go index a6ebe9766b4406bd41095488489407600ca66d12..43d76ec669fb3c66288088c1c28f413e6679eb4b 100644 --- a/cve-vulner-manager/models/excel.go +++ b/cve-vulner-manager/models/excel.go @@ -102,10 +102,10 @@ func GetCvrfFileName(afl *SaFileList, colName ...string) error { return err } -func GetCvrfAllFile() []SaFileRecord { +func GetCvrfAllFile(t string) []SaFileRecord { o := orm.NewOrm() var afl []SaFileRecord - num, err := o.Raw("SELECT * FROM cve_sa_file_record order by file_id asc").QueryRows(&afl) + num, err := o.Raw("SELECT * FROM cve_sa_file_record where sa_type = ? order by file_id asc", t).QueryRows(&afl) if err == nil { logs.Info("cve_sa_file_record nums: ", num) } else { diff --git a/cve-vulner-manager/models/function.go b/cve-vulner-manager/models/function.go new file mode 100644 index 0000000000000000000000000000000000000000..640289eb2fc2ba93274051e69820e5be16151ebc --- /dev/null +++ b/cve-vulner-manager/models/function.go @@ -0,0 +1,16 @@ +package models + +import "strings" + +const ( + SaFileRecordSa = "sa" + SaFileRecordHotPatch = "hotPatch" +) + +func (sa *SaFileRecord) GenSaType() string { + if strings.Contains(sa.FileName, "HotPatchSA") { + return SaFileRecordHotPatch + } + + return SaFileRecordSa +} diff --git a/cve-vulner-manager/models/giteeissue.go b/cve-vulner-manager/models/giteeissue.go index a86404d5a95541d06d32a62f34c6417ac0d1ac51..0742fc622bfe41cbe43acfe636b933ba818b3e0d 100644 --- a/cve-vulner-manager/models/giteeissue.go +++ b/cve-vulner-manager/models/giteeissue.go @@ -1,12 +1,14 @@ package models import ( - "cvevulner/common" - "cvevulner/util" "errors" + "strings" + "github.com/astaxie/beego/logs" "github.com/astaxie/beego/orm" - "strings" + + "cvevulner/common" + "cvevulner/util" ) //Loophole issue body model @@ -230,7 +232,7 @@ func parseOldTplToLoopHole(lp *Loophole, body string) { if len(sm) > 0 && len(sm[0]) > 1 { for _, v := range sm[0][1:] { if v != "" { - lp.Version = util.TrimString(v) + lp.Version = strings.Split(util.TrimString(v), ",")[0] break } } @@ -328,7 +330,7 @@ func parseNewTplToLoopHole(lp *Loophole, body string) { if len(sm) > 0 && len(sm[0]) > 1 { for _, v := range sm[0][1:] { if v != "" { - lp.Version = util.TrimString(v) + lp.Version = strings.Split(util.TrimString(v), ",")[0] break } } diff --git a/cve-vulner-manager/models/modeldb.go b/cve-vulner-manager/models/modeldb.go index 48b73db121b32108c8a75727be80da5aa018549f..db4dde32eb60b0921d8c44ba22146b30d5cf9cef 100644 --- a/cve-vulner-manager/models/modeldb.go +++ b/cve-vulner-manager/models/modeldb.go @@ -763,6 +763,7 @@ type IssueStatisticsMailList struct { type SaFileRecord struct { FileId int64 `orm:"pk;auto;column(file_id)"` + SaType string `orm:"size(255);column(sa_type)" description:"sa的类型"` FileName string `orm:"size(512);column(file_name)" description:"sa的cvrf文件名称"` Status int8 `orm:"default(1);column(status)" description:"1:正常可用;2:已删除"` SaNumber int64 `orm:"column(sa_number)" description:"当前数字"` @@ -1055,8 +1056,6 @@ type IssueDeleteRecord struct { type HotPatch struct { Id int64 `orm:"pk;auto;column(id)"` - Type int64 `orm:"column(type)"` - MaxID string `orm:"size(256);column(max_id);"` IssueNum string `orm:"size(256);column(issue_num);index"` CreateTime string `orm:"size(32);column(created_at)"` UpdateTime string `orm:"size(32);column(updated_at);null"` diff --git a/cve-vulner-manager/tests/createrepo.go b/cve-vulner-manager/tests/createrepo.go index 01ff0d44242060083e4fe12e43958b80a34c9d37..f19ef9d29484132c44eb5b1ed2d9a77d73bee8da 100644 --- a/cve-vulner-manager/tests/createrepo.go +++ b/cve-vulner-manager/tests/createrepo.go @@ -1,21 +1,23 @@ package test import ( - "cvevulner/common" - "cvevulner/models" - "cvevulner/util" "errors" "fmt" + "os" + "github.com/astaxie/beego/logs" "github.com/astaxie/beego/orm" - "os" + + "cvevulner/common" + "cvevulner/models" + "cvevulner/util" ) func QueryOriginCveExcelData() ([]models.OriginExcel, int64, error) { o := orm.NewOrm() var coe []models.OriginExcel num, err := o.Raw("select cve_id,cve_num,cve_url, cve_version, pack_name," + - "score_type,nvd_score,cve_level,cve_desc,repair_time,vector_value,attack_vector,access_vector,attack_complexity,"+ + "score_type,nvd_score,cve_level,cve_desc,repair_time,vector_value,attack_vector,access_vector,attack_complexity," + "access_complexity,privilege_required,user_interaction,scope,confidentiality,integrity,availability,authentication," + "cve_status,create_time from cve_origin_excel GROUP BY pack_name").QueryRows(&coe) if err == nil && num > 0 { @@ -28,7 +30,7 @@ func QueryOriginCveExcelData() ([]models.OriginExcel, int64, error) { func UpdateExcelDataPkName(originPackName, packName string) (id int64) { o := orm.NewOrm() - _ = o.Raw("UPDATE cve_origin_excel SET pack_name = ?" + + _ = o.Raw("UPDATE cve_origin_excel SET pack_name = ?"+ " WHERE pack_name = ?", packName, originPackName).QueryRow() return } @@ -42,7 +44,7 @@ func CreateRepo() { } } -func PostRepo(packName string) error{ +func PostRepo(packName string) error { url := "https://gitee.com/api/v5/user/repos" accessToken := os.Getenv("GITEE_TOKEN") requestBody := fmt.Sprintf(`{ @@ -56,9 +58,9 @@ func PostRepo(packName string) error{ "private": "false" }`, accessToken, packName, packName) logs.Info("isssue_body: ", requestBody) - resp, err := util.HttpPost(url, requestBody) + resp, err := util.HTTPPost(url, requestBody) if err != nil { - logs.Error("创建",packName,"失败, err: ", err) + logs.Error("创建", packName, "失败, err: ", err) return err } if _, ok := resp["id"]; !ok { @@ -70,7 +72,7 @@ func PostRepo(packName string) error{ return nil } -func CreateBrand(packName string) error{ +func CreateBrand(packName string) error { url := "https://gitee.com/api/v5/repos/zhangjianjun_code/" + packName + "/branches" accessToken := os.Getenv("GITEE_TOKEN") requestBody := fmt.Sprintf(`{ @@ -79,9 +81,9 @@ func CreateBrand(packName string) error{ "branch_name": "openEuler-20.03-LTS" }`, accessToken) logs.Info("isssue_body: ", requestBody) - resp, err := util.HttpPost(url, requestBody) + resp, err := util.HTTPPost(url, requestBody) if err != nil { - logs.Error("创建分支:openEuler-20.03-LTS",packName,"失败, err: ", err) + logs.Error("创建分支:openEuler-20.03-LTS", packName, "失败, err: ", err) return err } if _, ok := resp["id"]; !ok { @@ -94,4 +96,4 @@ func CreateBrand(packName string) error{ func Init() { CreateRepo() -} \ No newline at end of file +} diff --git a/cve-vulner-manager/tests/createrepo_test.go b/cve-vulner-manager/tests/createrepo_test.go index 3750e661b5ac7ca605af6cc22c5a6425fd45df94..52cbc0aa780cb29688f8616eb7b361318f5628b2 100644 --- a/cve-vulner-manager/tests/createrepo_test.go +++ b/cve-vulner-manager/tests/createrepo_test.go @@ -1,144 +1,143 @@ package test -import ( - "cvevulner/common" - "cvevulner/models" - "cvevulner/util" - "errors" - "fmt" - "github.com/astaxie/beego/logs" - "github.com/astaxie/beego/orm" - "os" -) - -func QueryOriginCveExcelData() ([]models.OriginExcel, int64, error) { - o := orm.NewOrm() - var coe []models.OriginExcel - num, err := o.Raw("select cve_id,cve_num,cve_url, cve_version, pack_name," + - "score_type,nvd_score,cve_level,cve_desc,repair_time,vector_value,attack_vector,access_vector,attack_complexity,"+ - "access_complexity,privilege_required,user_interaction,scope,confidentiality,integrity,availability,authentication," + - "cve_status,create_time from cve_origin_excel GROUP BY pack_name").QueryRows(&coe) - if err == nil && num > 0 { - logs.Info("cve_origin_excel 查询结果: ", num) - } else { - logs.Info("当前无新增或者更新的cve, cur_time:", common.GetCurTime(), "err: ", err) - } - return coe, num, err -} - -func QueryOriginCveCenterData() ([]models.VulnCenter, int64, error) { - o := orm.NewOrm() - var coe []models.VulnCenter - num, err := o.Raw("select * from cve_vuln_center GROUP BY pack_name").QueryRows(&coe) - if err == nil && num > 0 { - logs.Info("cve_vuln_center 查询结果: ", num) - } else { - logs.Info("当前无新增或者更新的cve, cur_time:", common.GetCurTime(), "err: ", err) - } - return coe, num, err -} - -func UpdateExcelDataPkName(originPackName, packName string) (id int64) { - o := orm.NewOrm() - _ = o.Raw("UPDATE cve_origin_excel SET pack_name = ?" + - " WHERE pack_name = ?", packName, originPackName).QueryRow() - return -} - -func CreateRepo() { - //coe, num, err := QueryOriginCveExcelData() - coe, num, err := QueryOriginCveCenterData() - if err == nil && num > 0 { - for _, qc := range coe { - //PostRepo(qc.PackName) - PostGroupRepo(qc.PackName) - //CreateBrand(qc.PackName) - } - } -} - -func PostGroupRepo(packName string) error { - url := "https://gitee.com/api/v5/orgs/cve-test/repos" - accessToken := os.Getenv("GITEE_TOKEN") - requestBody := fmt.Sprintf(`{ - "access_token": "%s", - "name": "%s", - "has_issues": "true", - "has_wiki": "true", - "can_comment": "true", - "auto_init": "true", - "path": "%s", - "private": "false" - }`, accessToken, packName, packName) - logs.Info("isssue_body: ", requestBody) - resp, err := util.HTTPPost(url, requestBody) - if err != nil { - logs.Error("创建",packName,"失败, err: ", err) - return err - } - if _, ok := resp["id"]; !ok { - logs.Error("创建issue 失败, err: ", ok, "url: ", url) - return errors.New("创建仓库失败") - } - errb := CreateBrand(packName) - logs.Info(errb) - return nil -} - -func PostRepo(packName string) error{ - url := "https://gitee.com/api/v5/user/repos" - accessToken := os.Getenv("GITEE_TOKEN") - requestBody := fmt.Sprintf(`{ - "access_token": "%s", - "name": "%s", - "has_issues": "true", - "has_wiki": "true", - "can_comment": "true", - "auto_init": "true", - "path": "%s", - "private": "false" - }`, accessToken, packName, packName) - logs.Info("isssue_body: ", requestBody) - resp, err := util.HTTPPost(url, requestBody) - if err != nil { - logs.Error("创建",packName,"失败, err: ", err) - return err - } - if _, ok := resp["id"]; !ok { - logs.Error("创建issue 失败, err: ", ok, "url: ", url) - return errors.New("创建仓库失败") - } - errb := CreateBrand(packName) - logs.Info(errb) - return nil -} - -func CreateBrand(packName string) error{ - url := "https://gitee.com/api/v5/repos/cve-test/" + packName + "/branches" - accessToken := os.Getenv("GITEE_TOKEN") - requestBody := fmt.Sprintf(`{ - "access_token": "%s", - "refs": "master", - "branch_name": "openEuler-20.03-LTS" - }`, accessToken) - logs.Info("isssue_body: ", requestBody) - resp, err := util.HTTPPost(url, requestBody) - if err != nil { - logs.Error("创建分支:openEuler-20.03-LTS",packName,"失败, err: ", err) - return err - } - if _, ok := resp["id"]; !ok { - logs.Error("创建分支:openEuler-20.03-LTS 失败, err: ", ok, "url: ", url) - return errors.New("创建分支失败") - } - - return nil -} - -<<<<<<< HEAD - -======= -func Init() { - CreateRepo() -} ->>>>>>> dcc533bfb3e46ca7de687eb69f20e183f2353c67 +// +//import ( +// "cvevulner/common" +// "cvevulner/models" +// "cvevulner/util" +// "errors" +// "fmt" +// "github.com/astaxie/beego/logs" +// "github.com/astaxie/beego/orm" +// "os" +//) +// +//func QueryOriginCveExcelData() ([]models.OriginExcel, int64, error) { +// o := orm.NewOrm() +// var coe []models.OriginExcel +// num, err := o.Raw("select cve_id,cve_num,cve_url, cve_version, pack_name," + +// "score_type,nvd_score,cve_level,cve_desc,repair_time,vector_value,attack_vector,access_vector,attack_complexity,"+ +// "access_complexity,privilege_required,user_interaction,scope,confidentiality,integrity,availability,authentication," + +// "cve_status,create_time from cve_origin_excel GROUP BY pack_name").QueryRows(&coe) +// if err == nil && num > 0 { +// logs.Info("cve_origin_excel 查询结果: ", num) +// } else { +// logs.Info("当前无新增或者更新的cve, cur_time:", common.GetCurTime(), "err: ", err) +// } +// return coe, num, err +//} +// +//func QueryOriginCveCenterData() ([]models.VulnCenter, int64, error) { +// o := orm.NewOrm() +// var coe []models.VulnCenter +// num, err := o.Raw("select * from cve_vuln_center GROUP BY pack_name").QueryRows(&coe) +// if err == nil && num > 0 { +// logs.Info("cve_vuln_center 查询结果: ", num) +// } else { +// logs.Info("当前无新增或者更新的cve, cur_time:", common.GetCurTime(), "err: ", err) +// } +// return coe, num, err +//} +// +//func UpdateExcelDataPkName(originPackName, packName string) (id int64) { +// o := orm.NewOrm() +// _ = o.Raw("UPDATE cve_origin_excel SET pack_name = ?" + +// " WHERE pack_name = ?", packName, originPackName).QueryRow() +// return +//} +// +//func CreateRepo() { +// //coe, num, err := QueryOriginCveExcelData() +// coe, num, err := QueryOriginCveCenterData() +// if err == nil && num > 0 { +// for _, qc := range coe { +// //PostRepo(qc.PackName) +// PostGroupRepo(qc.PackName) +// //CreateBrand(qc.PackName) +// } +// } +//} +// +//func PostGroupRepo(packName string) error { +// url := "https://gitee.com/api/v5/orgs/cve-test/repos" +// accessToken := os.Getenv("GITEE_TOKEN") +// requestBody := fmt.Sprintf(`{ +// "access_token": "%s", +// "name": "%s", +// "has_issues": "true", +// "has_wiki": "true", +// "can_comment": "true", +// "auto_init": "true", +// "path": "%s", +// "private": "false" +// }`, accessToken, packName, packName) +// logs.Info("isssue_body: ", requestBody) +// resp, err := util.HTTPPost(url, requestBody) +// if err != nil { +// logs.Error("创建",packName,"失败, err: ", err) +// return err +// } +// if _, ok := resp["id"]; !ok { +// logs.Error("创建issue 失败, err: ", ok, "url: ", url) +// return errors.New("创建仓库失败") +// } +// errb := CreateBrand(packName) +// logs.Info(errb) +// return nil +//} +// +//func PostRepo(packName string) error{ +// url := "https://gitee.com/api/v5/user/repos" +// accessToken := os.Getenv("GITEE_TOKEN") +// requestBody := fmt.Sprintf(`{ +// "access_token": "%s", +// "name": "%s", +// "has_issues": "true", +// "has_wiki": "true", +// "can_comment": "true", +// "auto_init": "true", +// "path": "%s", +// "private": "false" +// }`, accessToken, packName, packName) +// logs.Info("isssue_body: ", requestBody) +// resp, err := util.HTTPPost(url, requestBody) +// if err != nil { +// logs.Error("创建",packName,"失败, err: ", err) +// return err +// } +// if _, ok := resp["id"]; !ok { +// logs.Error("创建issue 失败, err: ", ok, "url: ", url) +// return errors.New("创建仓库失败") +// } +// errb := CreateBrand(packName) +// logs.Info(errb) +// return nil +//} +// +//func CreateBrand(packName string) error{ +// url := "https://gitee.com/api/v5/repos/cve-test/" + packName + "/branches" +// accessToken := os.Getenv("GITEE_TOKEN") +// requestBody := fmt.Sprintf(`{ +// "access_token": "%s", +// "refs": "master", +// "branch_name": "openEuler-20.03-LTS" +// }`, accessToken) +// logs.Info("isssue_body: ", requestBody) +// resp, err := util.HTTPPost(url, requestBody) +// if err != nil { +// logs.Error("创建分支:openEuler-20.03-LTS",packName,"失败, err: ", err) +// return err +// } +// if _, ok := resp["id"]; !ok { +// logs.Error("创建分支:openEuler-20.03-LTS 失败, err: ", ok, "url: ", url) +// return errors.New("创建分支失败") +// } +// +// return nil +//} +// +// +//func Init() { +// CreateRepo() +//} +//