!64 [sync] PR-63: modify the interface of get_hotpatches_from_cve

From: @openeuler-sync-bot Reviewed-by: @zhu-yuncheng Signed-off-by: @zhu-yuncheng
2023-06-12 12:44:18 +00:00 · 2023-06-12 12:44:18 +00:00 · 9e4354d939
commit 9e4354d939
parent f8cf11cf84 013d8ab0cb
2 changed files with 57 additions and 2 deletions
--- a/0010-modify-the-interface-of-get_hotpatches_from_cve.patch
+++ b/0010-modify-the-interface-of-get_hotpatches_from_cve.patch
@ -0,0 +1,52 @@
 From 59a7c96963736f496e8a7574725b50d105b28c87 Mon Sep 17 00:00:00 2001
 From: wang-guangge <wangguangge@huawei.com>
 Date: Mon, 12 Jun 2023 12:22:08 +0800
 Subject: [PATCH] modify the interface of get_hotpatches_from_cve
 ---
 hotpatch/hotpatch_updateinfo.py | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)
 diff --git a/hotpatch/hotpatch_updateinfo.py b/hotpatch/hotpatch_updateinfo.py
 index 399e05c..4b39969 100644
 --- a/hotpatch/hotpatch_updateinfo.py
 +++ b/hotpatch/hotpatch_updateinfo.py
@@ -5,6 +5,7 @@ from typing import Optional
 import gzip
 import xml.etree.ElementTree as ET
 import datetime
 +import re
 class HotpatchUpdateInfo(object):
@@ -287,7 +288,8 @@ class HotpatchUpdateInfo(object):
     def get_hotpatches_from_cve(self, cves: list[str]) -> dict():
         """
 -        Get hotpatches from specified cve
 +        Get hotpatches from specified cve. If there are several hotpatches for the same source package for a cve, only return the
 +        hotpatch with the highest version.
         Args: 
             cves: [cve_id_1, cve_id_2]
@@ -303,9 +305,16 @@ class HotpatchUpdateInfo(object):
             mapping_cve_hotpatches[cve_id] = []
             if cve_id not in self.hotpatch_cves:
                 continue
 +            # find the hotpatch with the highest version for the same source package
 +            mapping_src_pkg_to_hotpatches = dict()
             for hotpatch in self.hotpatch_cves[cve_id].hotpatches:
                 if hotpatch.state == self.INSTALLABLE:
 -                    mapping_cve_hotpatches[cve_id].append(hotpatch.nevra)
 +                    mapping_src_pkg_to_hotpatches.setdefault(hotpatch.src_pkg, []).append([hotpatch.hotpatch_name, hotpatch])
 +            for src_pkg, hotpatches in mapping_src_pkg_to_hotpatches.items():
 +                # extract the number in HPxxx and sort hotpatches in descending order according to the number
 +                hotpatches = sorted(hotpatches, key=lambda x: int(re.findall("\d+", x[0])[0]), reverse=True)
 +                mapping_cve_hotpatches[cve_id].append(hotpatches[0][1].nevra)
 +                
         return mapping_cve_hotpatches
     def get_hotpatches_from_advisories(self, advisories: list[str]) -> dict():
 -- 
 2.33.0
--- a/aops-apollo.spec
+++ b/aops-apollo.spec
@ -1,6 +1,6 @@
 Name:		aops-apollo
 Version:	v1.2.1
-Release:	5
+Release:	6
 Summary:	Cve management service, monitor machine vulnerabilities and provide fix functions.
 License:	MulanPSL2
 URL:		https://gitee.com/openeuler/%{name}
@ -14,7 +14,7 @@ Patch0006:	0006-update-hotpatch-status-related-operation-support.patch
 Patch0007:	0007-fix-hotpatch-status-filter-exception.patch
 Patch0008:	0008-update-validation-rules-for-paging-parameters.patch
 Patch0009:	0009-cve-fix-task-generate-api-return-500-when-request-without-auto-reboot.patch
-
+Patch0010:	0010-modify-the-interface-of-get_hotpatches_from_cve.patch
 BuildRequires:  python3-setuptools
 Requires:   aops-vulcanus >= v1.2.0
@ -85,6 +85,9 @@ cp -r hotpatch %{buildroot}/%{python3_sitelib}/dnf-plugins/
 %{python3_sitelib}/aops_apollo_tool/*
 %changelog
 * Mon Jun 12 2023 wangguangge<wangguangge@huawei.com> - v1.2.1-6
 - modify the interface of get_hotpatches_from_cve
 * Fri Jun 09 2023 wenxin<shusheng.wen@outlook.com> - v1.2.1-5
 - fix issue: API return 500 when create cve fix task without parameter auto_reboot