From abe3274ecbdbe5a5dfda9f0000b97811f6f100da Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Thu, 23 Jan 2025 16:14:02 +0800 Subject: [PATCH 1/2] update issue body when add new branch --- cve-vulner-manager/controllers/cve.go | 33 +++++++++++++++++++++--- cve-vulner-manager/models/cve.go | 20 +++++++++----- cve-vulner-manager/models/issue.go | 17 ++++++++++++ cve-vulner-manager/taskhandler/common.go | 5 ++-- 4 files changed, 63 insertions(+), 12 deletions(-) diff --git a/cve-vulner-manager/controllers/cve.go b/cve-vulner-manager/controllers/cve.go index 4fdea4a..3853746 100644 --- a/cve-vulner-manager/controllers/cve.go +++ b/cve-vulner-manager/controllers/cve.go @@ -408,7 +408,12 @@ func (u *UpdateAffectedBranchController) Post() { u.paramError(resp) } - issues, err := models.QueryIssueToUpdateAffected(cveNum) + affectedPackages, err := u.GetPackageByBranch(branch) + if err != nil { + u.paramError(resp) + } + + issues, err := models.QueryIssueToUpdateAffected(cveNum, affectedPackages) if err != nil { resp["errno"] = errcode.RecodeDbErr resp["errmsg"] = errcode.RecodeText(errcode.RecodeDbErr) @@ -424,13 +429,16 @@ func (u *UpdateAffectedBranchController) Post() { o := orm.NewOrm() for _, issue := range issues { - if strings.Contains(issue.AffectedVersion, branch) { + if issue.HasBranch(branch) { continue } appendStr := fmt.Sprintf(",%s:", branch) issue.AffectedVersion += appendStr issue.AbiVersion += appendStr + if issue.IsIssueWithAnalysisVersion() { + issue.AnalysisVersion += appendStr + } var vuln models.VulnCenter err = models.GetVulnCenterByCVEID(&vuln, issue.CveId) @@ -445,7 +453,7 @@ func (u *UpdateAffectedBranchController) Post() { continue } - err = models.UpdateIssueTemplate(&issue, "AffectedVersion", "AbiVersion") + err = models.UpdateIssueTemplate(&issue, "AffectedVersion", "AbiVersion", "AnalysisVersion") if err != nil { updateAffectedLog("update issue template", err) continue @@ -496,3 +504,22 @@ func (u *UpdateAffectedBranchController) Get() { resp["body"] = data u.success(resp) } + +func (u *UpdateAffectedBranchController) GetPackageByBranch(branch string) ([]string, error) { + data, err := models.QueryPackageByBranch(branch) + if err != nil { + return nil, err + } + + var packages []string + for _, v := range data { + split := strings.Split(v.Branchs, ",") + for _, b := range split { + if b == branch { + packages = append(packages, v.PackageName) + } + } + } + + return packages, nil +} diff --git a/cve-vulner-manager/models/cve.go b/cve-vulner-manager/models/cve.go index 1bee1d7..7f57603 100644 --- a/cve-vulner-manager/models/cve.go +++ b/cve-vulner-manager/models/cve.go @@ -1431,16 +1431,17 @@ func QueryCveIssueForSbom(pkgname, version string) (data []sbomIssue, err error) return } -func QueryIssueToUpdateAffected(cveNum string) (data []IssueTemplate, err error) { - o := orm.NewOrm() - var sql string +// QueryIssueToUpdateAffected 应该增加时间限制 +func QueryIssueToUpdateAffected(cveNum string, packages []string) (data []IssueTemplate, err error) { + qs := orm.NewOrm().QueryTable(IssueTemplate{}) + qs = qs.Filter("owner", "src-openeuler").Filter("status__in", 1, 2, 5) if cveNum != "" { - sql = fmt.Sprintf(`select * from cve_issue_template where owner = "%s" and status in (1,2,5) and cve_num = "%s"`, "src-openeuler", cveNum) + qs = qs.Filter("cve_num", cveNum) } else { - sql = fmt.Sprintf(`select * from cve_issue_template where owner = "%s" and status in (1,2,5)`, "src-openeuler") + qs = qs.Filter("owned_component__in", packages) } - _, err = o.Raw(sql).QueryRows(&data) + _, err = qs.All(&data) return } @@ -1453,3 +1454,10 @@ func QueryUpdatedAffected(page, pageSize int) (data []UpdatedAffectedBranch, err return } + +func QueryPackageByBranch(branch string) (data []OpenEulerRepoOrigin, err error) { + qs := orm.NewOrm().QueryTable(OpenEulerRepoOrigin{}) + _, err = qs.Filter("branch__contains", branch).All(&data) + + return +} diff --git a/cve-vulner-manager/models/issue.go b/cve-vulner-manager/models/issue.go index b42e3d9..f0285a4 100644 --- a/cve-vulner-manager/models/issue.go +++ b/cve-vulner-manager/models/issue.go @@ -808,3 +808,20 @@ func (t *IssueTemplate) HasAffected() bool { return false } + +func (t *IssueTemplate) HasBranch(branch string) bool { + split := strings.Split(t.AffectedVersion, ",") + for _, v := range split { + item := strings.Split(v, ":") + if len(item) == 0 { + continue + } + + if item[0] == branch { + return true + } + + } + + return false +} diff --git a/cve-vulner-manager/taskhandler/common.go b/cve-vulner-manager/taskhandler/common.go index cd6bb4a..7a9dab2 100644 --- a/cve-vulner-manager/taskhandler/common.go +++ b/cve-vulner-manager/taskhandler/common.go @@ -50,7 +50,7 @@ type IssueOptions struct { Token string `json:"access_token"` Repo string `json:"repo"` Title string `json:"title"` - State string `json:"state"` + State string `json:"state,omitempty"` IssueType string `json:"issue_type"` Body string `json:"body"` Assignee string `json:"assignee"` @@ -969,8 +969,7 @@ func CreateIssueBody(accessToken, owner, path, assignee string, StatusName = "rejected" return "" } else if its.StatusName == "已挂起" || strings.ToLower(its.StatusName) == "suspended" { - StatusName = "suspended" - return "" + StatusName = "" } else { StatusName = its.StatusName return "" -- Gitee From 9f39503eae65461a4e69de6c29683d83ff58c80a Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Tue, 11 Feb 2025 16:01:04 +0800 Subject: [PATCH 2/2] fix ci --- cve-vulner-manager/controllers/cve.go | 1 + cve-vulner-manager/models/cve.go | 30 ++++++++++++++++++++------- cve-vulner-manager/models/issue.go | 1 + 3 files changed, 25 insertions(+), 7 deletions(-) diff --git a/cve-vulner-manager/controllers/cve.go b/cve-vulner-manager/controllers/cve.go index 3853746..a2f4f4b 100644 --- a/cve-vulner-manager/controllers/cve.go +++ b/cve-vulner-manager/controllers/cve.go @@ -505,6 +505,7 @@ func (u *UpdateAffectedBranchController) Get() { u.success(resp) } +// GetPackageByBranch 根据分支获取包列表,返回包名数组和错误信息。 func (u *UpdateAffectedBranchController) GetPackageByBranch(branch string) ([]string, error) { data, err := models.QueryPackageByBranch(branch) if err != nil { diff --git a/cve-vulner-manager/models/cve.go b/cve-vulner-manager/models/cve.go index 7f57603..8e49e89 100644 --- a/cve-vulner-manager/models/cve.go +++ b/cve-vulner-manager/models/cve.go @@ -13,6 +13,17 @@ import ( "github.com/astaxie/beego/orm" ) +const ( + // StatusOpen indicates that the issue is currently open and being worked on. + StatusOpen = 1 + + // StatusProgress indicates that the issue is in progress. + StatusProgress = 2 + + // StatusSuspend indicates that the issue has been suspended. + StatusSuspend = 5 +) + type SaNuberCount struct { Count int64 } @@ -1432,18 +1443,20 @@ func QueryCveIssueForSbom(pkgname, version string) (data []sbomIssue, err error) } // QueryIssueToUpdateAffected 应该增加时间限制 -func QueryIssueToUpdateAffected(cveNum string, packages []string) (data []IssueTemplate, err error) { +func QueryIssueToUpdateAffected(cveNum string, packages []string) ([]IssueTemplate, error) { qs := orm.NewOrm().QueryTable(IssueTemplate{}) - qs = qs.Filter("owner", "src-openeuler").Filter("status__in", 1, 2, 5) + qs = qs.Filter("owner", "src-openeuler").Filter("status__in", StatusOpen, StatusProgress, StatusSuspend) if cveNum != "" { qs = qs.Filter("cve_num", cveNum) } else { qs = qs.Filter("owned_component__in", packages) } - _, err = qs.All(&data) + var data []IssueTemplate - return + _, err := qs.All(&data) + + return data, err } func QueryUpdatedAffected(page, pageSize int) (data []UpdatedAffectedBranch, err error) { @@ -1455,9 +1468,12 @@ func QueryUpdatedAffected(page, pageSize int) (data []UpdatedAffectedBranch, err return } -func QueryPackageByBranch(branch string) (data []OpenEulerRepoOrigin, err error) { +// QueryPackageByBranch 根据分支查询包信息 +func QueryPackageByBranch(branch string) ([]OpenEulerRepoOrigin, error) { + var data []OpenEulerRepoOrigin + qs := orm.NewOrm().QueryTable(OpenEulerRepoOrigin{}) - _, err = qs.Filter("branch__contains", branch).All(&data) + _, err := qs.Filter("branch__contains", branch).All(&data) - return + return data, err } diff --git a/cve-vulner-manager/models/issue.go b/cve-vulner-manager/models/issue.go index f0285a4..7730698 100644 --- a/cve-vulner-manager/models/issue.go +++ b/cve-vulner-manager/models/issue.go @@ -809,6 +809,7 @@ func (t *IssueTemplate) HasAffected() bool { return false } +// HasBranch issue的分析说明分支是否包含指定分支 func (t *IssueTemplate) HasBranch(branch string) bool { split := strings.Split(t.AffectedVersion, ",") for _, v := range split { -- Gitee