modify the interface of get_hotpatches_from_cve

(cherry picked from commit 97bdd4f97ac6bc54626d921989949c157e3e988d)

0010-modify-the-interface-of-get_hotpatches_from_cve.patch

@@ -0,0 +1,52 @@
+From 59a7c96963736f496e8a7574725b50d105b28c87 Mon Sep 17 00:00:00 2001
+From: wang-guangge <wangguangge@huawei.com>
+Date: Mon, 12 Jun 2023 12:22:08 +0800
+Subject: [PATCH] modify the interface of get_hotpatches_from_cve
+
+---
+ hotpatch/hotpatch_updateinfo.py | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/hotpatch/hotpatch_updateinfo.py b/hotpatch/hotpatch_updateinfo.py
+index 399e05c..4b39969 100644
+--- a/hotpatch/hotpatch_updateinfo.py
++++ b/hotpatch/hotpatch_updateinfo.py
+@@ -5,6 +5,7 @@ from typing import Optional
+ import gzip
+ import xml.etree.ElementTree as ET
+ import datetime
++import re
+ 
+ 
+ class HotpatchUpdateInfo(object):
+@@ -287,7 +288,8 @@ class HotpatchUpdateInfo(object):
+ 
+     def get_hotpatches_from_cve(self, cves: list[str]) -> dict():
+         """
+-        Get hotpatches from specified cve
++        Get hotpatches from specified cve. If there are several hotpatches for the same source package for a cve, only return the
++        hotpatch with the highest version.
+ 
+         Args: 
+             cves: [cve_id_1, cve_id_2]
+@@ -303,9 +305,16 @@ class HotpatchUpdateInfo(object):
+             mapping_cve_hotpatches[cve_id] = []
+             if cve_id not in self.hotpatch_cves:
+                 continue
++            # find the hotpatch with the highest version for the same source package
++            mapping_src_pkg_to_hotpatches = dict()
+             for hotpatch in self.hotpatch_cves[cve_id].hotpatches:
+                 if hotpatch.state == self.INSTALLABLE:
+-                    mapping_cve_hotpatches[cve_id].append(hotpatch.nevra)
++                    mapping_src_pkg_to_hotpatches.setdefault(hotpatch.src_pkg, []).append([hotpatch.hotpatch_name, hotpatch])
++            for src_pkg, hotpatches in mapping_src_pkg_to_hotpatches.items():
++                # extract the number in HPxxx and sort hotpatches in descending order according to the number
++                hotpatches = sorted(hotpatches, key=lambda x: int(re.findall("\d+", x[0])[0]), reverse=True)
++                mapping_cve_hotpatches[cve_id].append(hotpatches[0][1].nevra)
++                
+         return mapping_cve_hotpatches
+ 
+     def get_hotpatches_from_advisories(self, advisories: list[str]) -> dict():
+-- 
+2.33.0
+

aops-apollo.spec

@@ -1,6 +1,6 @@
 Name:		aops-apollo
 Version:	v1.2.1
-Release:	5
+Release:	6
 Summary:	Cve management service, monitor machine vulnerabilities and provide fix functions.
 License:	MulanPSL2
 URL:		https://gitee.com/openeuler/%{name}
@@ -14,7 +14,7 @@ Patch0006:	0006-update-hotpatch-status-related-operation-support.patch
 Patch0007:	0007-fix-hotpatch-status-filter-exception.patch
 Patch0008:	0008-update-validation-rules-for-paging-parameters.patch
 Patch0009:	0009-cve-fix-task-generate-api-return-500-when-request-without-auto-reboot.patch
-
+Patch0010:	0010-modify-the-interface-of-get_hotpatches_from_cve.patch
 
 BuildRequires:  python3-setuptools
 Requires:   aops-vulcanus >= v1.2.0
@@ -85,6 +85,9 @@ cp -r hotpatch %{buildroot}/%{python3_sitelib}/dnf-plugins/
 %{python3_sitelib}/aops_apollo_tool/*
 
 %changelog
+* Mon Jun 12 2023 wangguangge<wangguangge@huawei.com> - v1.2.1-6
+- modify the interface of get_hotpatches_from_cve
+
 * Fri Jun 09 2023 wenxin<shusheng.wen@outlook.com> - v1.2.1-5
 - fix issue: API return 500 when create cve fix task without parameter auto_reboot