diff --git a/cve-vulner-manager/controllers/upload.go b/cve-vulner-manager/controllers/upload.go index bf65606b0fa5c7d9519164eaa7a9d7bcfe25cd91..6c806b11ea61add1fbaf36ab4cb8103e15aceafa 100644 --- a/cve-vulner-manager/controllers/upload.go +++ b/cve-vulner-manager/controllers/upload.go @@ -1,10 +1,14 @@ package controllers import ( + "bytes" "encoding/json" "fmt" + "net/http" "strings" + "github.com/opensourceways/server-common-lib/utils" + "cvevulner/common" "cvevulner/errcode" "cvevulner/models" @@ -137,6 +141,20 @@ func (u *CveErrorFeedBackController) Get() { } } +func forwardToCveManagerNG(body []byte) { + ngUrl := "http://cve-manager-ng-service.cve-manager-ng:8080/api/v1/cve/upload" + req, err := http.NewRequest(http.MethodPost, ngUrl, bytes.NewBuffer(body)) + if err != nil { + logs.Error("new request when forward to ng failed: ", err) + return + } + + client := utils.NewHttpClient(3) + if _, err = client.ForwardTo(req, nil); err != nil { + logs.Error("forward to ng failed: ", err) + } +} + // @Title UserUpload // @Description UserUpload // @Param body body models.OriginUpstream true "body for user content" @@ -144,6 +162,7 @@ func (u *CveErrorFeedBackController) Get() { // @Failure 403 body is empty // @router / [post] func (u *UserUploadController) Post() { + forwardToCveManagerNG(u.Ctx.Input.RequestBody) var uploaddata common.UploadData var ResDataList []ResultData req := u.Ctx.Request diff --git a/cve-vulner-manager/cve-ddd/app/bulletin.go b/cve-vulner-manager/cve-ddd/app/bulletin.go index 0c5b514526d2a53b024db52ddee32fb24d208a5f..ef2f2c8d93ac232a14bdf362c57f012cc7fbf983 100644 --- a/cve-vulner-manager/cve-ddd/app/bulletin.go +++ b/cve-vulner-manager/cve-ddd/app/bulletin.go @@ -31,7 +31,8 @@ const ( fileIndex = "index.txt" fileUpdateFixed = "update_fixed.txt" - updateinfoRootDir = "earlyupdateinfo/" + updateInfoEarlyDir = "earlyupdateinfo" + updateInfoRootDir = "updateinfo" ) type BulletinService interface { @@ -130,6 +131,9 @@ func (b *bulletinService) GenerateBulletins(cveNum []string, date string) (strin var updateFixedFiles []string + // 将正式目录的updateinfo文件同步到early目录,这样每次提前生成的文件都是以正式目录为基准的 + service.SyncUpdateInfoToEarlyDir(b.obs, b.log, handleBranch, updateInfoRootDir, updateInfoEarlyDir) + for _, v := range bulletins { maxColdPatchId++ @@ -151,7 +155,7 @@ func (b *bulletinService) GenerateBulletins(cveNum []string, date string) (strin updateFixedFiles = append(updateFixedFiles, v.PathAppendToIndexFile()) - service.UploadUpdateInfoFile(b.obs, b.updateinfo, b.log, &v, date, updateinfoRootDir) + service.UploadUpdateInfoFile(b.obs, b.updateinfo, b.log, &v, date, updateInfoEarlyDir) } b.uploadIndexAndFixed(uploadDir, indexContent, updateFixedFiles) diff --git a/cve-vulner-manager/cve-ddd/app/refactor_hotpatch.go b/cve-vulner-manager/cve-ddd/app/refactor_hotpatch.go index fe52ee1b9cfba36a98b159a57e731b30e1a3ae2f..83da28a02ea3f404c91dd1bc28c4ec5e24311181 100644 --- a/cve-vulner-manager/cve-ddd/app/refactor_hotpatch.go +++ b/cve-vulner-manager/cve-ddd/app/refactor_hotpatch.go @@ -20,7 +20,8 @@ import ( const ( fileHotPatch = "update_hot_patch.txt" - hotPatchUpdateInfoDir = "hotpatch-early-updateinfo/" + hotPatchUpdateInfoDir = "updateinfo-hotpatch" + hotPatchEarlyUpdateInfoDir = "hotpatch-early-updateinfo" ) type RefactorHotPatchService interface { @@ -106,6 +107,10 @@ func (h *refactorHotPatchService) GenerateBulletins(uploadDir, date string) erro cves[k].Component = issue.Component } + // 将正式目录的updateinfo文件同步到early目录,这样每次提前生成的文件都是以正式目录为基准的 + service.SyncUpdateInfoToEarlyDir(h.obs, h.log, domain.GetMaintainVersion(), + hotPatchUpdateInfoDir, hotPatchEarlyUpdateInfoDir) + bulletins := cves.GenerateBulletins() for _, b := range bulletins { b.PatchUrl = issue.PatchUrl @@ -130,7 +135,7 @@ func (h *refactorHotPatchService) GenerateBulletins(uploadDir, date string) erro cvesForUpdateInfo = append(cvesForUpdateInfo, b.Cves...) - service.UploadUpdateInfoFile(h.obs, h.updateInfo, h.log, &b, date, hotPatchUpdateInfoDir) + service.UploadUpdateInfoFile(h.obs, h.updateInfo, h.log, &b, date, hotPatchEarlyUpdateInfoDir) } } diff --git a/cve-vulner-manager/cve-ddd/domain/config.go b/cve-vulner-manager/cve-ddd/domain/config.go index f44aeea1920a038e206b1be51864a5cf84a650c5..889d9d3c4342119d7998070b4947344abc4fefe6 100644 --- a/cve-vulner-manager/cve-ddd/domain/config.go +++ b/cve-vulner-manager/cve-ddd/domain/config.go @@ -7,3 +7,7 @@ var maintainVersion sets.Set[string] func InitMaintainVersion(version []string) { maintainVersion = sets.New(version...) } + +func GetMaintainVersion() []string { + return maintainVersion.UnsortedList() +} diff --git a/cve-vulner-manager/cve-ddd/domain/service/service.go b/cve-vulner-manager/cve-ddd/domain/service/service.go index c56af6897d3eeb3f7bc968b59646b74c6925d916..2f02c2f5db887d68d19ea96c5ddf38703e29323c 100644 --- a/cve-vulner-manager/cve-ddd/domain/service/service.go +++ b/cve-vulner-manager/cve-ddd/domain/service/service.go @@ -2,6 +2,8 @@ package service import ( + "fmt" + "github.com/sirupsen/logrus" "cvevulner/cve-ddd/domain" @@ -9,12 +11,33 @@ import ( "cvevulner/cve-ddd/domain/updateinfo" ) -// UploadUpdateInfoFile upload updateinfo file +const ( + updateInfoFileName = "updateinfo.xml" +) + +// SyncUpdateInfoToEarlyDir 将正式目录的updateinfo文件同步到early目录,这样每次提前生成的文件都是以正式目录为基准的 +func SyncUpdateInfoToEarlyDir(obs obs.OBS, log *logrus.Entry, branches []string, officialDir, earlyDir string) { + for _, b := range branches { + officialPath := fmt.Sprintf("%s/%s/%s", officialDir, b, updateInfoFileName) + downloadBys, err := obs.Download(officialPath) + if err != nil { + log.Errorf("sync download %s failed: %s", officialPath, err.Error()) + continue + } + + earlyPath := fmt.Sprintf("%s/%s/%s", earlyDir, b, updateInfoFileName) + if err = obs.Upload(earlyPath, downloadBys); err != nil { + log.Errorf("sync upload %s failed: %s", earlyPath, err.Error()) + } + } +} + +// UploadUpdateInfoFile 用以以前生成updateinfo文件,以便测试验证文件正确性 func UploadUpdateInfoFile(obs obs.OBS, updateinfo updateinfo.UpdateInfo, - log *logrus.Entry, bulletin *domain.SecurityBulletin, date, UpdateInfoDir string, + log *logrus.Entry, bulletin *domain.SecurityBulletin, date, earlyDir string, ) { for _, branch := range bulletin.AffectedVersion { - filePath := UpdateInfoDir + branch + "/updateinfo.xml" + filePath := fmt.Sprintf("%s/%s/%s", earlyDir, branch, updateInfoFileName) downloadBys, err := obs.Download(filePath) if err != nil { log.Errorf("download %s failed: %s", filePath, err.Error()) diff --git a/cve-vulner-manager/cve-ddd/infrastructure/updateinfoimpl/repodata.go b/cve-vulner-manager/cve-ddd/infrastructure/updateinfoimpl/repodata.go index cac9c28aa1534bc2ebc756c0be3f6a51193cf161..60b6271765a73c58b31bef077728cf0d3b49aca8 100644 --- a/cve-vulner-manager/cve-ddd/infrastructure/updateinfoimpl/repodata.go +++ b/cve-vulner-manager/cve-ddd/infrastructure/updateinfoimpl/repodata.go @@ -52,7 +52,7 @@ func (impl updateInfoImpl) getEpochOfRpm(branch, date, arch string) (map[string] epochOfRpm := make(map[string]string) for _, v := range primaryXml.Package { - rpmName := strings.Trim(v.Location.Href, "Packages/") + rpmName := strings.TrimPrefix(v.Location.Href, "Packages/") epochOfRpm[rpmName] = v.Version.Epoch } diff --git a/cve-vulner-manager/taskhandler/cve.go b/cve-vulner-manager/taskhandler/cve.go index ecedbda9a3ddab2caa3401f05046fc1056e9b696..a89451e55a86e0e2333ec2775c3ceb4cc25628f0 100644 --- a/cve-vulner-manager/taskhandler/cve.go +++ b/cve-vulner-manager/taskhandler/cve.go @@ -921,17 +921,6 @@ func GenCveVuler(cveData models.OriginUpstream, cveRef string, openeulernum int) if len(versionList) > 0 { for _, ver := range versionList { if ver != "" && len(ver) > 0 { - opy := models.OpenGussYaml{PackageName: key, Version: ver} - gaussErr := models.GetOpengaussYaml(&opy, "PackageName", "Version") - if gaussErr == nil && opy.Id > 0 { - openGausVersion = append(openGausVersion, ver) - gaussFlag = true - } - if flag, ids := judgeSocpe(key, ver); flag && len(ids) > 0 { - mindSporeids = append(mindSporeids, ids...) - mindSporeVersion = append(mindSporeVersion, ver) - sporeFlag = true - } olky := models.OpenLookengYaml{PackageName: key, Version: ver} looKengErr := models.GetOpenLookengYaml(&olky, "PackageName", "Version") if looKengErr == nil && olky.Id > 0 {