packages/aops-apollo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!27 修复baseclass.py bug,spec添加syscare依赖

Browse Source 
From: @wang-guangge 
Reviewed-by: @zhu-yuncheng, @Lostwayzxc 
Signed-off-by: @Lostwayzxc
This commit is contained in:
openeuler-ci-bot 2023-03-25 11:39:32 +00:00 committed by Gitee
commit 6f4ad9b531
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 72 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

95
0002-add-dnf-hot-patch-list-plugin.patch
View File

@ -1,23 +1,23 @@
From c791bdf5c051bb63e47457fdc0dca612412f9bf5 Mon Sep 17 00:00:00 2001 From b316b4ec37fdca20c314b9755a81416c1f10a68f Mon Sep 17 00:00:00 2001
From: wang-guangge <wangguangge@huawei.com> From: wang-guangge <wangguangge@huawei.com>
Date: Fri, 24 Mar 2023 22:56:26 +0800 Date: Fri, 24 Mar 2023 22:56:26 +0800
Subject: [PATCH] add dnf hot patch list plugin Subject: [PATCH] add dnf hot patch list plugin
--- ---
hotpatch/baseclass.py | 191 +++++++++++++++++++ hotpatch/baseclass.py | 192 +++++++++++++++++++
hotpatch/hotpatch.py | 164 ++++++++++++++++ hotpatch/hotpatch.py | 201 ++++++++++++++++++++
hotpatch/hotpatch_updateinfo.py | 322 ++++++++++++++++++++++++++++++++ hotpatch/hotpatch_updateinfo.py | 321 ++++++++++++++++++++++++++++++++
3 files changed, 677 insertions(+) 3 files changed, 714 insertions(+)
create mode 100644 hotpatch/baseclass.py create mode 100644 hotpatch/baseclass.py
create mode 100644 hotpatch/hotpatch.py create mode 100644 hotpatch/hotpatch.py
create mode 100644 hotpatch/hotpatch_updateinfo.py create mode 100644 hotpatch/hotpatch_updateinfo.py
diff --git a/hotpatch/baseclass.py b/hotpatch/baseclass.py diff --git a/hotpatch/baseclass.py b/hotpatch/baseclass.py
new file mode 100644 new file mode 100644
index 0000000..9793c40 index 0000000..6dd1330
--- /dev/null --- /dev/null
+++ b/hotpatch/baseclass.py +++ b/hotpatch/baseclass.py
@@ -0,0 +1,191 @@ @@ -0,0 +1,192 @@
+class Hotpatch(object): +class Hotpatch(object):
+ __slots__ = ['_name', '_version', '_cves', + __slots__ = ['_name', '_version', '_cves',
+ '_advisory', '_arch', '_filename', '_state'] + '_advisory', '_arch', '_filename', '_state']
@ -62,8 +62,10 @@ index 0000000..9793c40
+ @property + @property
+ def src_pkg_nevre(self): + def src_pkg_nevre(self):
+ src_pkg = self.name[self.name.index('-')+1:self.name.rindex('-')] + src_pkg = self.name[self.name.index('-')+1:self.name.rindex('-')]
+ src_pkg = src_pkg.split('-') + release_pos = src_pkg.rindex('-')
+ src_pkg_name, src_pkg_version, src_pkg_release = src_pkg[0], src_pkg[1], src_pkg[2] + version_pos = src_pkg.rindex('-', 0, release_pos)
+ src_pkg_name, src_pkg_version, src_pkg_release = src_pkg[
+ 0:version_pos], src_pkg[version_pos+1:release_pos], src_pkg[release_pos+1:]
+ return src_pkg_name, src_pkg_version, src_pkg_release + return src_pkg_name, src_pkg_version, src_pkg_release
+ +
+ @property + @property
@ -208,25 +210,63 @@ index 0000000..9793c40
+ +
+ def add_hotpatch(self, hotpatch: Hotpatch): + def add_hotpatch(self, hotpatch: Hotpatch):
+ self._hotpatches.append(hotpatch) + self._hotpatches.append(hotpatch)
+
diff --git a/hotpatch/hotpatch.py b/hotpatch/hotpatch.py diff --git a/hotpatch/hotpatch.py b/hotpatch/hotpatch.py
new file mode 100644 new file mode 100644
index 0000000..a3ad7bb index 0000000..80cc69b
--- /dev/null --- /dev/null
+++ b/hotpatch/hotpatch.py +++ b/hotpatch/hotpatch.py
@@ -0,0 +1,164 @@ @@ -0,0 +1,201 @@
+import dnf +import dnf
+from dnf.i18n import _ +from dnf.i18n import _
+from dnf.cli.commands.updateinfo import UpdateInfoCommand +from dnf.cli.commands.updateinfo import UpdateInfoCommand
+import hawkey +import hawkey
+from .hotpatch_updateinfo import HotpatchUpdateInfo +from .hotpatch_updateinfo import HotpatchUpdateInfo
+ +
+
+class Versions:
+ """
+ Version number processing
+ """
+
+ separator = (".", "-")
+ _connector = "&"
+
+ def _order(self, version, separator=None):
+ """
+ Version of the cutting
+ Args:
+ version: version
+ separator: separator
+
+ Returns:
+
+ """
+ if not separator:
+ separator = self._connector
+ return tuple([int(v) for v in version.split(separator) if v.isdigit()])
+
+ def lgt(self, version, compare_version):
+ """
+ Returns true if the size of the compared version is greater
+ than that of the compared version, or false otherwise
+
+ """
+ for separator in self.separator:
+ version = self._connector.join(
+ [v for v in version.split(separator)])
+ compare_version = self._connector.join(
+ [v for v in compare_version.split(separator)]
+ )
+ version = self._order(version)
+ compare_version = self._order(compare_version)
+ return version >= compare_version
+
+
+@dnf.plugin.register_command +@dnf.plugin.register_command
+class HotpatchCommand(dnf.cli.Command): +class HotpatchCommand(dnf.cli.Command):
+ aliases = ['hotpatch'] + aliases = ['hotpatch']
+ summary = _('show hotpatch info') + summary = _('show hotpatch info')
+ +
+
+ def __init__(self, cli): + def __init__(self, cli):
+ """ + """
+ Initialize the command + Initialize the command
@ -247,14 +287,12 @@ index 0000000..a3ad7bb
+ +
+ self.filter_cves = self.opts.cves if self.opts.cves else None + self.filter_cves = self.opts.cves if self.opts.cves else None
+ +
+
+ def run(self): + def run(self):
+ self.hp_hawkey = HotpatchUpdateInfo(self.cli.base, self.cli) + self.hp_hawkey = HotpatchUpdateInfo(self.cli.base, self.cli)
+ +
+ if self.opts._spec_action == 'list': + if self.opts._spec_action == 'list':
+ self.display() + self.display()
+ +
+
+ def get_mapping_nevra_cve(self) -> dict: + def get_mapping_nevra_cve(self) -> dict:
+ """ + """
+ Get cve nevra mapping based on the UpdateInfoCommand of 'dnf updateinfo list cves' + Get cve nevra mapping based on the UpdateInfoCommand of 'dnf updateinfo list cves'
@ -280,7 +318,8 @@ index 0000000..a3ad7bb
+ updateinfo.opts.availability = 'available' + updateinfo.opts.availability = 'available'
+ self.updateinfo = updateinfo + self.updateinfo = updateinfo
+ +
+ apkg_adv_insts = updateinfo.available_apkg_adv_insts(updateinfo.opts.spec) + apkg_adv_insts = updateinfo.available_apkg_adv_insts(
+ updateinfo.opts.spec)
+ +
+ mapping_nevra_cve = dict() + mapping_nevra_cve = dict()
+ for apkg, advisory, _ in apkg_adv_insts: + for apkg, advisory, _ in apkg_adv_insts:
@ -288,11 +327,11 @@ index 0000000..a3ad7bb
+ for ref in advisory.references: + for ref in advisory.references:
+ if ref.type != hawkey.REFERENCE_CVE: + if ref.type != hawkey.REFERENCE_CVE:
+ continue + continue
+ mapping_nevra_cve.setdefault((nevra, advisory.updated), dict())[ref.id] = (advisory.type, advisory.severity) + mapping_nevra_cve.setdefault((nevra, advisory.updated), dict())[
+ ref.id] = (advisory.type, advisory.severity)
+ +
+ return mapping_nevra_cve + return mapping_nevra_cve
+ +
+
+ def _filter_and_format_list_output(self, echo_lines: list, fixed_cve_id: set, fixed_coldpatches: set): + def _filter_and_format_list_output(self, echo_lines: list, fixed_cve_id: set, fixed_coldpatches: set):
+ """ + """
+ Only show specified cve information that have not been fixed, and format output + Only show specified cve information that have not been fixed, and format output
@ -311,7 +350,6 @@ index 0000000..a3ad7bb
+ return True + return True
+ return False + return False
+ +
+
+ idw = tiw = ciw = 0 + idw = tiw = ciw = 0
+ format_lines = set() + format_lines = set()
+ for echo_line in echo_lines: + for echo_line in echo_lines:
@ -331,9 +369,9 @@ index 0000000..a3ad7bb
+ tiw = max(tiw, len(type)) + tiw = max(tiw, len(type))
+ ciw = max(ciw, len(coldpatch)) + ciw = max(ciw, len(coldpatch))
+ format_lines.add((cve_id, type, coldpatch, hotpatch)) + format_lines.add((cve_id, type, coldpatch, hotpatch))
+ for format_line in sorted(format_lines, key = lambda x: x[2]): + for format_line in sorted(format_lines, key=lambda x: x[2]):
+ print('%-*s %-*s %-*s %s' % (idw, format_line[0], tiw, format_line[1], ciw, format_line[2], format_line[3])) + print('%-*s %-*s %-*s %s' %
+ + (idw, format_line[0], tiw, format_line[1], ciw, format_line[2], format_line[3]))
+ +
+ def display(self): + def display(self):
+ """ + """
@ -351,7 +389,6 @@ index 0000000..a3ad7bb
+ else: + else:
+ return updateinfo.TYPE2LABEL.get(typ, _('unknown')) + return updateinfo.TYPE2LABEL.get(typ, _('unknown'))
+ +
+
+ mapping_nevra_cve = self.get_mapping_nevra_cve() + mapping_nevra_cve = self.get_mapping_nevra_cve()
+ echo_lines = [] + echo_lines = []
+ fixed_cve_id = set() + fixed_cve_id = set()
@ -366,7 +403,7 @@ index 0000000..a3ad7bb
+ if cve_id in self.hp_hawkey.hotpatch_cves: + if cve_id in self.hp_hawkey.hotpatch_cves:
+ hotpatch = self.hp_hawkey.hotpatch_cves[cve_id].hotpatch + hotpatch = self.hp_hawkey.hotpatch_cves[cve_id].hotpatch
+ if hotpatch is not None and hotpatch.src_pkg_nevre[0] == pkg_name: + if hotpatch is not None and hotpatch.src_pkg_nevre[0] == pkg_name:
+ if hotpatch.state == self.hp_hawkey.INSTALLED : + if hotpatch.state == self.hp_hawkey.INSTALLED:
+ # record the fixed cves + # record the fixed cves
+ for cve_id in hotpatch.cves: + for cve_id in hotpatch.cves:
+ fixed_cve_id.add(cve_id) + fixed_cve_id.add(cve_id)
@ -378,13 +415,14 @@ index 0000000..a3ad7bb
+ +
+ echo_lines.append(echo_line) + echo_lines.append(echo_line)
+ +
+ self._filter_and_format_list_output(echo_lines, fixed_cve_id, fixed_coldpatches) + self._filter_and_format_list_output(
+ echo_lines, fixed_cve_id, fixed_coldpatches)
diff --git a/hotpatch/hotpatch_updateinfo.py b/hotpatch/hotpatch_updateinfo.py diff --git a/hotpatch/hotpatch_updateinfo.py b/hotpatch/hotpatch_updateinfo.py
new file mode 100644 new file mode 100644
index 0000000..bf04948 index 0000000..4e0b702
--- /dev/null --- /dev/null
+++ b/hotpatch/hotpatch_updateinfo.py +++ b/hotpatch/hotpatch_updateinfo.py
@@ -0,0 +1,322 @@ @@ -0,0 +1,321 @@
+from .baseclass import Hotpatch, Cve, Advisory +from .baseclass import Hotpatch, Cve, Advisory
+from .syscare import Syscare +from .syscare import Syscare
+import os +import os
@ -393,6 +431,7 @@ index 0000000..bf04948
+import xml.etree.ElementTree as ET +import xml.etree.ElementTree as ET
+import datetime +import datetime
+ +
+
+class HotpatchUpdateInfo(object): +class HotpatchUpdateInfo(object):
+ """ + """
+ Hotpatch relevant updateinfo processing + Hotpatch relevant updateinfo processing
@ -705,8 +744,6 @@ index 0000000..bf04948
+ mapping_advisory_hotpatches[advisory_id].append( + mapping_advisory_hotpatches[advisory_id].append(
+ hotpatch.nevra) + hotpatch.nevra)
+ return mapping_advisory_hotpatches + return mapping_advisory_hotpatches
+
+
-- --
2.33.0 2.33.0

9
aops-apollo.spec
View File

@ -1,6 +1,6 @@
Name: aops-apollo Name: aops-apollo
Version: v1.1.2 Version: v1.1.2
Release: 5 Release: 6
Summary: Cve management service, monitor machine vulnerabilities and provide fix functions. Summary: Cve management service, monitor machine vulnerabilities and provide fix functions.
License: MulanPSL2 License: MulanPSL2
URL: https://gitee.com/openeuler/%{name} URL: https://gitee.com/openeuler/%{name}
@ -22,7 +22,7 @@ Cve management service, monitor machine vulnerabilities and provide fix function
%package -n dnf-hotpatch-plugin %package -n dnf-hotpatch-plugin
Summary: dnf hotpatch plugin Summary: dnf hotpatch plugin
Requires: python3-hawkey python3-dnf Requires: python3-hawkey python3-dnf syscare
%description -n dnf-hotpatch-plugin %description -n dnf-hotpatch-plugin
dnf hotpatch plugin, it's about hotpatch query and fix dnf hotpatch plugin, it's about hotpatch query and fix
@ -54,7 +54,10 @@ cp -r hotpatch %{buildroot}/%{python3_sitelib}/dnf-plugins/
%changelog %changelog
* Sat Mar 54 2023 zhu-yuncheng<zhuyuncheng@huawei.com> - v1.1.2-5 * Sat Mar 25 2023 wangguangge<wangguangge@huawei.com> - v1.1.2-6
- fix baseclass.py bug and add syscare require in spec
* Sat Mar 25 2023 zhu-yuncheng<zhuyuncheng@huawei.com> - v1.1.2-5
- add dnf hot upgrade plugin - add dnf hot upgrade plugin
* Fri Mar 24 2023 wangguangge<wangguangge@huawei.com> - v1.1.2-4 * Fri Mar 24 2023 wangguangge<wangguangge@huawei.com> - v1.1.2-4