diff --git a/cve-vulner-manager/controllers/cve.go b/cve-vulner-manager/controllers/cve.go index 4fdea4ad5ad84ce8aa6972ceddb12b4776d00557..a2f4f4b7ad76dfaa3d1652196b1c9245795f02a8 100644 --- a/cve-vulner-manager/controllers/cve.go +++ b/cve-vulner-manager/controllers/cve.go @@ -408,7 +408,12 @@ func (u *UpdateAffectedBranchController) Post() { u.paramError(resp) } - issues, err := models.QueryIssueToUpdateAffected(cveNum) + affectedPackages, err := u.GetPackageByBranch(branch) + if err != nil { + u.paramError(resp) + } + + issues, err := models.QueryIssueToUpdateAffected(cveNum, affectedPackages) if err != nil { resp["errno"] = errcode.RecodeDbErr resp["errmsg"] = errcode.RecodeText(errcode.RecodeDbErr) @@ -424,13 +429,16 @@ func (u *UpdateAffectedBranchController) Post() { o := orm.NewOrm() for _, issue := range issues { - if strings.Contains(issue.AffectedVersion, branch) { + if issue.HasBranch(branch) { continue } appendStr := fmt.Sprintf(",%s:", branch) issue.AffectedVersion += appendStr issue.AbiVersion += appendStr + if issue.IsIssueWithAnalysisVersion() { + issue.AnalysisVersion += appendStr + } var vuln models.VulnCenter err = models.GetVulnCenterByCVEID(&vuln, issue.CveId) @@ -445,7 +453,7 @@ func (u *UpdateAffectedBranchController) Post() { continue } - err = models.UpdateIssueTemplate(&issue, "AffectedVersion", "AbiVersion") + err = models.UpdateIssueTemplate(&issue, "AffectedVersion", "AbiVersion", "AnalysisVersion") if err != nil { updateAffectedLog("update issue template", err) continue @@ -496,3 +504,23 @@ func (u *UpdateAffectedBranchController) Get() { resp["body"] = data u.success(resp) } + +// GetPackageByBranch 根据分支获取包列表,返回包名数组和错误信息。 +func (u *UpdateAffectedBranchController) GetPackageByBranch(branch string) ([]string, error) { + data, err := models.QueryPackageByBranch(branch) + if err != nil { + return nil, err + } + + var packages []string + for _, v := range data { + split := strings.Split(v.Branchs, ",") + for _, b := range split { + if b == branch { + packages = append(packages, v.PackageName) + } + } + } + + return packages, nil +} diff --git a/cve-vulner-manager/models/cve.go b/cve-vulner-manager/models/cve.go index 1bee1d73ef48d961f621c6fdafd522e42c83653e..8e49e8908ceda1564ac303af8ec1058cda10436b 100644 --- a/cve-vulner-manager/models/cve.go +++ b/cve-vulner-manager/models/cve.go @@ -13,6 +13,17 @@ import ( "github.com/astaxie/beego/orm" ) +const ( + // StatusOpen indicates that the issue is currently open and being worked on. + StatusOpen = 1 + + // StatusProgress indicates that the issue is in progress. + StatusProgress = 2 + + // StatusSuspend indicates that the issue has been suspended. + StatusSuspend = 5 +) + type SaNuberCount struct { Count int64 } @@ -1431,18 +1442,21 @@ func QueryCveIssueForSbom(pkgname, version string) (data []sbomIssue, err error) return } -func QueryIssueToUpdateAffected(cveNum string) (data []IssueTemplate, err error) { - o := orm.NewOrm() - var sql string +// QueryIssueToUpdateAffected 应该增加时间限制 +func QueryIssueToUpdateAffected(cveNum string, packages []string) ([]IssueTemplate, error) { + qs := orm.NewOrm().QueryTable(IssueTemplate{}) + qs = qs.Filter("owner", "src-openeuler").Filter("status__in", StatusOpen, StatusProgress, StatusSuspend) if cveNum != "" { - sql = fmt.Sprintf(`select * from cve_issue_template where owner = "%s" and status in (1,2,5) and cve_num = "%s"`, "src-openeuler", cveNum) + qs = qs.Filter("cve_num", cveNum) } else { - sql = fmt.Sprintf(`select * from cve_issue_template where owner = "%s" and status in (1,2,5)`, "src-openeuler") + qs = qs.Filter("owned_component__in", packages) } - _, err = o.Raw(sql).QueryRows(&data) + var data []IssueTemplate - return + _, err := qs.All(&data) + + return data, err } func QueryUpdatedAffected(page, pageSize int) (data []UpdatedAffectedBranch, err error) { @@ -1453,3 +1467,13 @@ func QueryUpdatedAffected(page, pageSize int) (data []UpdatedAffectedBranch, err return } + +// QueryPackageByBranch 根据分支查询包信息 +func QueryPackageByBranch(branch string) ([]OpenEulerRepoOrigin, error) { + var data []OpenEulerRepoOrigin + + qs := orm.NewOrm().QueryTable(OpenEulerRepoOrigin{}) + _, err := qs.Filter("branch__contains", branch).All(&data) + + return data, err +} diff --git a/cve-vulner-manager/models/issue.go b/cve-vulner-manager/models/issue.go index b42e3d9b0740ea64c34bbd0e62560bfcc5a0bf84..77306983a873d33c9420842b010d5c748c62923b 100644 --- a/cve-vulner-manager/models/issue.go +++ b/cve-vulner-manager/models/issue.go @@ -808,3 +808,21 @@ func (t *IssueTemplate) HasAffected() bool { return false } + +// HasBranch issue的分析说明分支是否包含指定分支 +func (t *IssueTemplate) HasBranch(branch string) bool { + split := strings.Split(t.AffectedVersion, ",") + for _, v := range split { + item := strings.Split(v, ":") + if len(item) == 0 { + continue + } + + if item[0] == branch { + return true + } + + } + + return false +} diff --git a/cve-vulner-manager/taskhandler/common.go b/cve-vulner-manager/taskhandler/common.go index cd6bb4a33b46c792fc9da292023470c19a054574..7a9dab2cd60506347266d1b5d98556608c7fbeed 100644 --- a/cve-vulner-manager/taskhandler/common.go +++ b/cve-vulner-manager/taskhandler/common.go @@ -50,7 +50,7 @@ type IssueOptions struct { Token string `json:"access_token"` Repo string `json:"repo"` Title string `json:"title"` - State string `json:"state"` + State string `json:"state,omitempty"` IssueType string `json:"issue_type"` Body string `json:"body"` Assignee string `json:"assignee"` @@ -969,8 +969,7 @@ func CreateIssueBody(accessToken, owner, path, assignee string, StatusName = "rejected" return "" } else if its.StatusName == "已挂起" || strings.ToLower(its.StatusName) == "suspended" { - StatusName = "suspended" - return "" + StatusName = "" } else { StatusName = its.StatusName return ""