From 430200b02600d2225683b6ffbc718ef6d3b51be6 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Mon, 4 Nov 2024 16:30:52 +0800 Subject: [PATCH 1/6] fix reason when issue created by people --- cve-vulner-manager/taskhandler/createissue.go | 28 ++++++++++--------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/cve-vulner-manager/taskhandler/createissue.go b/cve-vulner-manager/taskhandler/createissue.go index 53de98a..f98b6b4 100644 --- a/cve-vulner-manager/taskhandler/createissue.go +++ b/cve-vulner-manager/taskhandler/createissue.go @@ -160,6 +160,15 @@ func OPenCheckWhetherIssue(cveNumber, repoPath, owner, accessToken string, organ return false, "" } +func brandArrayToString(brandArray []string) string { + var brandArrayTmp []string + for _, brand := range brandArray { + brandArrayTmp = append(brandArrayTmp, brand+":") + } + + return strings.Join(brandArrayTmp, ",") +} + func CreateIssueToGit(accessToken, owner, path, assignee string, cve models.VulnCenter, sc models.Score, brandArray []string) (string, error) { defer common.Catchs() @@ -226,14 +235,7 @@ func CreateIssueToGit(accessToken, owner, path, assignee string, brandStr := strings.Join(brandArryTmp, ",") it.AffectedVersion = brandStr } else { - if len(brandArray) > 0 { - var brandArryTmp []string - for _, brand := range brandArray { - brandArryTmp = append(brandArryTmp, brand+":") - } - brandStr := strings.Join(brandArryTmp, ",") - it.AffectedVersion = brandStr - } + it.AffectedVersion = brandArrayToString(brandArray) } if len(assigneeGite) > 1 { it.Assignee = assigneeGite @@ -305,6 +307,10 @@ func CreateIssueToGit(accessToken, owner, path, assignee string, if its.TemplateId == 0 { its.CreateTime = time.Now() CreateIssueData(&its, cve, sc, issueRsp, path, assignee, issueRsp["issue_type"].(string), "", owner) + brandStr := brandArrayToString(brandArray) + its.AffectedVersion = brandStr + its.AbiVersion = brandStr + its.AnalysisVersion = brandStr // Store issue data issTempID, templateErr := models.InsertIssueTemplate(&its) if issTempID == 0 { @@ -367,11 +373,7 @@ func CreateIssueToGit(accessToken, owner, path, assignee string, issueTemp.TemplateId = issTempID CreateIssueData(&issueTemp, cve, sc, resp, path, assignee, issueType, labels, owner) if len(brandArray) > 0 { - var brandArrayTmp []string - for _, brand := range brandArray { - brandArrayTmp = append(brandArrayTmp, brand+":") - } - brandStr := strings.Join(brandArrayTmp, ",") + brandStr := brandArrayToString(brandArray) issueTemp.AffectedVersion = brandStr issueTemp.AbiVersion = brandStr issueTemp.AnalysisVersion = brandStr -- Gitee From 198fc3cbdaa388f3504ec32c1645072c585a0f5d Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Mon, 11 Nov 2024 19:54:23 +0800 Subject: [PATCH 2/6] fix assigner --- cve-vulner-manager/main.go | 3 +++ cve-vulner-manager/taskhandler/assist.go | 31 ++++++++++++------------ 2 files changed, 18 insertions(+), 16 deletions(-) diff --git a/cve-vulner-manager/main.go b/cve-vulner-manager/main.go index 0c6a1b5..9bff947 100644 --- a/cve-vulner-manager/main.go +++ b/cve-vulner-manager/main.go @@ -1,6 +1,8 @@ package main import ( + "time" + "github.com/astaxie/beego" "cvevulner/common" @@ -35,6 +37,7 @@ func main() { } taskhandler.InitReleaseDate() + taskhandler.InitAssignerCache(time.Now().Format("20060102")) // Initialize a scheduled task taskOk := task.InitTask() diff --git a/cve-vulner-manager/taskhandler/assist.go b/cve-vulner-manager/taskhandler/assist.go index 50b8cba..8cdc546 100644 --- a/cve-vulner-manager/taskhandler/assist.go +++ b/cve-vulner-manager/taskhandler/assist.go @@ -19,6 +19,8 @@ import ( "cvevulner/util" ) +const keyOfDate = "key_of_date" + var mutex sync.Mutex var assignerOfOpeneulerRepoCache map[string]string @@ -84,32 +86,29 @@ func GetCollaboratorInfo(accessToken string, owner string, path string) (string, func GetAssignerOfOpeneuler(repo string) string { mutex.Lock() defer mutex.Unlock() - keyOfDate := "key_of_date" today := time.Now().Format("20060102") - initCache := func() { - assignerOfOpeneulerRepoCache = make(map[string]string) - assignerOfOpeneulerRepoCache[keyOfDate] = today - initAssignerCache() - } - - if len(assignerOfOpeneulerRepoCache) == 0 { - initCache() - } - date, ok := assignerOfOpeneulerRepoCache[keyOfDate] if !ok || date != today { - initCache() + InitAssignerCache(today) } - if assigner, ok := assignerOfOpeneulerRepoCache[repo]; ok { - return assigner + var ret string + assigner, ok := assignerOfOpeneulerRepoCache[repo] + + if ok { + ret = assigner } - return "" + logs.Error("get assigner of ", repo, " ,result is ", ret) + + return ret } -func initAssignerCache() { +func InitAssignerCache(today string) { + assignerOfOpeneulerRepoCache = make(map[string]string) + assignerOfOpeneulerRepoCache[keyOfDate] = today + cli := utils.NewHttpClient(3) for _, sig := range getSig() { url := fmt.Sprintf("https://www.openeuler.org/api-dsapi/query/sig/repo/committers?community=openeuler&sig=%s", sig) -- Gitee From 13087bdab8869cbbe13be553ee422647f95d5214 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Tue, 12 Nov 2024 10:39:32 +0800 Subject: [PATCH 3/6] add token for gitee api --- cve-vulner-manager/taskhandler/assist.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cve-vulner-manager/taskhandler/assist.go b/cve-vulner-manager/taskhandler/assist.go index 8cdc546..c0d6b62 100644 --- a/cve-vulner-manager/taskhandler/assist.go +++ b/cve-vulner-manager/taskhandler/assist.go @@ -173,7 +173,8 @@ type ResCommitter struct { } func getSig() []string { - url := "https://gitee.com/api/v5/repos/openeuler/community/contents/sig" + url := "https://gitee.com/api/v5/repos/openeuler/community/contents/sig?access_token=" + + beego.AppConfig.String("gitee::git_token") request, err := http.NewRequest(http.MethodGet, url, nil) if err != nil { logs.Error("new request of sig url error: %s ", err.Error()) -- Gitee From 8894ad99d84625dc6adbbd66fce63ceea7d2ea89 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Thu, 14 Nov 2024 16:15:58 +0800 Subject: [PATCH 4/6] add branch 2403 SP1 --- cve-vulner-manager/conf/product_app.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cve-vulner-manager/conf/product_app.conf b/cve-vulner-manager/conf/product_app.conf index 8609bc6..f264b56 100644 --- a/cve-vulner-manager/conf/product_app.conf +++ b/cve-vulner-manager/conf/product_app.conf @@ -179,7 +179,7 @@ cve_number_t = 2018 # Create an issue's repo whitelist;1: open; 2: close issue_whitelist = 2 # List of affected branches: openEuler-20.03-LTS,openEuler-20.03-LTS-SP1 -affected_branchs = "openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,master,openEuler-24.03-LTS,openEuler-24.03-LTS-Next" +affected_branchs = "openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,master,openEuler-24.03-LTS,openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-Next" abandoned_branchs = "openEuler-20.03-LTS,openEuler-21.03,openEuler-21.09,openEuler-20.09" # Close the highest privilege of issue:1:open;2:close close_issue_privilege = 2 -- Gitee From b1b9104ee8456d844b460c1102d305ab4d464e4d Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Thu, 14 Nov 2024 17:09:23 +0800 Subject: [PATCH 5/6] fix ci --- cve-vulner-manager/taskhandler/assist.go | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/cve-vulner-manager/taskhandler/assist.go b/cve-vulner-manager/taskhandler/assist.go index c0d6b62..d024774 100644 --- a/cve-vulner-manager/taskhandler/assist.go +++ b/cve-vulner-manager/taskhandler/assist.go @@ -19,7 +19,11 @@ import ( "cvevulner/util" ) -const keyOfDate = "key_of_date" +const ( + keyOfDate = "key_of_date" + retryTimes = 3 + splitLen = 2 +) var mutex sync.Mutex var assignerOfOpeneulerRepoCache map[string]string @@ -105,11 +109,12 @@ func GetAssignerOfOpeneuler(repo string) string { return ret } +// InitAssignerCache initializes the assigner cache with today's date. func InitAssignerCache(today string) { assignerOfOpeneulerRepoCache = make(map[string]string) assignerOfOpeneulerRepoCache[keyOfDate] = today - cli := utils.NewHttpClient(3) + cli := utils.NewHttpClient(retryTimes) for _, sig := range getSig() { url := fmt.Sprintf("https://www.openeuler.org/api-dsapi/query/sig/repo/committers?community=openeuler&sig=%s", sig) @@ -148,7 +153,7 @@ func InitAssignerCache(today string) { } split := strings.Split(v.Repo, "/") - if len(split) < 2 { + if len(split) < splitLen { continue } -- Gitee From d09a68c855e8a568258521e840e9ab000527ad34 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Fri, 15 Nov 2024 09:28:02 +0800 Subject: [PATCH 6/6] put host in conf --- cve-vulner-manager/conf/app.conf | 2 +- cve-vulner-manager/conf/product_app.conf | 1 + cve-vulner-manager/taskhandler/assist.go | 6 ++++-- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/cve-vulner-manager/conf/app.conf b/cve-vulner-manager/conf/app.conf index 7e68e84..2728bd2 100644 --- a/cve-vulner-manager/conf/app.conf +++ b/cve-vulner-manager/conf/app.conf @@ -144,7 +144,7 @@ path = jasper email = 7844966+zhangjianjun_code@user.noreply.gitee.com redirect_uri = http://159.138.2.2:80/v1/issue/oauth/callback owner_openuler= openeuler - +host = https://gitee.com scope = user_info projects pull_requests issues notes keys hook groups gists enterprises emails # Obtain first from the system environment variables, use the default value if it fails **** diff --git a/cve-vulner-manager/conf/product_app.conf b/cve-vulner-manager/conf/product_app.conf index f264b56..6e6767a 100644 --- a/cve-vulner-manager/conf/product_app.conf +++ b/cve-vulner-manager/conf/product_app.conf @@ -152,6 +152,7 @@ password = "${GITEE_PASSWORD||****}" git_token = "${GITEE_TOKEN||xxx}" # openeuler owner owner_openuler= openeuler +host = https://gitee.com [hook] diff --git a/cve-vulner-manager/taskhandler/assist.go b/cve-vulner-manager/taskhandler/assist.go index d024774..b222e32 100644 --- a/cve-vulner-manager/taskhandler/assist.go +++ b/cve-vulner-manager/taskhandler/assist.go @@ -178,8 +178,10 @@ type ResCommitter struct { } func getSig() []string { - url := "https://gitee.com/api/v5/repos/openeuler/community/contents/sig?access_token=" + - beego.AppConfig.String("gitee::git_token") + url := fmt.Sprintf("%s/api/v5/repos/openeuler/community/contents/sig?access_token=%s", + beego.AppConfig.String("gitee::host"), + beego.AppConfig.String("gitee::git_token"), + ) request, err := http.NewRequest(http.MethodGet, url, nil) if err != nil { logs.Error("new request of sig url error: %s ", err.Error()) -- Gitee