packages/aops-apollo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update version to 1.3.4-10

Browse Source
This commit is contained in:
rabbitali 2023-11-16 10:18:09 +08:00
parent 212cc0b269
commit cf35cca835
14 changed files with 570 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
0001-fix-param-error-and-compatible-with-mysql5.patch Normal file
View File

@ -0,0 +1,69 @@
From 1245772ace3a767e2e4909b44edbe34473563b0b Mon Sep 17 00:00:00 2001
From: gongzt <gong_zhengtang@163.com>
Date: Fri, 20 Oct 2023 15:15:15 +0800
Subject: fix param error and compatible with mysql 5.7
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
apollo/database/proxy/cve.py | 9 ++++++---
database/apollo.sql | 4 ++--
2 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/apollo/database/proxy/cve.py b/apollo/database/proxy/cve.py
index 257083a..8b56601 100644
--- a/apollo/database/proxy/cve.py
+++ b/apollo/database/proxy/cve.py
@@ -662,8 +662,9 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
@staticmethod
def _sort_and_page_cve_list(data) -> dict:
- start_limt = int(data["per_page"]) * (int(data["page"]) - 1)
- end_limt = int(data["per_page"]) * int(data["page"])
+ page, per_page = data.get('page', 1), data.get('per_page', 10)
+ start_limt = int(per_page) * (int(page) - 1)
+ end_limt = int(per_page) * int(page)
# sort by host num by default
order_by_filed = data.get('sort', "cve_host_user_count.host_num")
@@ -682,11 +683,13 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
Returns:
sqlalchemy.orm.query.Query: attention, two rows may have same cve id with different source package.
"""
- filters = {"username": data["username"], "search_key": None, "severity": None, "affected": True}
+ filters = {"username": data["username"], "search_key": None, "affected": True}
filters.update(data.get("filter", {}))
filters.update(self._sort_and_page_cve_list(data))
if filters["severity"]:
filters["severity"] = ",".join(["'" + serverity + "'" for serverity in filters["severity"]])
+ else:
+ filters["severity"] = None
# Call stored procedure: GET_CVE_LIST_PRO
pro_result_set = self.session.execute(
diff --git a/database/apollo.sql b/database/apollo.sql
index 4e87727..2e0d757 100644
--- a/database/apollo.sql
+++ b/database/apollo.sql
@@ -124,7 +124,7 @@ CREATE TABLE IF NOT EXISTS `task_rollback`(
PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_unicode_ci ROW_FORMAT = Dynamic;
-CREATE PROCEDURE GET_CVE_LIST_PRO(IN username VARCHAR(20), IN search_key VARCHAR(100), IN severity VARCHAR(20), IN fixed TINYINT, IN affected TINYINT,IN order_by_filed VARCHAR(50),IN order_by VARCHAR(20),IN start_limt INT,IN end_limt INT)
+CREATE PROCEDURE GET_CVE_LIST_PRO(IN username VARCHAR(20), IN search_key VARCHAR(100), IN severity VARCHAR(20), IN fixed TINYINT, IN affected TINYINT,IN order_by_filed VARCHAR(100),IN order_by VARCHAR(20),IN start_limt INT,IN end_limt INT)
BEGIN
DROP TABLE IF EXISTS cve_host_user_count;
@@ -183,7 +183,7 @@ BEGIN
SET @order_by_filed = 'cve_host_user_count.host_num';
END IF;
- SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', order_by_filed ,' ', order_by,' limit ',start_limt ,' ,', end_limt);
+ SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', @order_by_filed ,' ', order_by,' limit ',start_limt ,' ,', end_limt);
prepare stmt from @cve_list_sql;
EXECUTE stmt;
--
Gitee

30
0001-fix-updateinfo_parse.py-bug.patch
View File

@ -1,30 +0,0 @@
From 68d4c8cad42960391998868f15e2f99b40daa216 Mon Sep 17 00:00:00 2001
From: wang-guangge <wangguangge@huawei.com>
Date: Tue, 19 Sep 2023 13:58:04 +0800
Subject: [PATCH] fix updateinfo_parse.py bug
---
hotpatch/updateinfo_parse.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hotpatch/updateinfo_parse.py b/hotpatch/updateinfo_parse.py
index 42e3814..7bfba61 100644
--- a/hotpatch/updateinfo_parse.py
+++ b/hotpatch/updateinfo_parse.py
@@ -279,12 +279,12 @@ class HotpatchUpdateInfo(object):
hotpatch(Hotpatch)
"""
hotpatch.state = self.UNRELATED
+ is_find_installable_hp = False
for required_pkg_name, required_pkg_vere in hotpatch.required_pkgs_info.items():
inst_pkgs = self._inst_pkgs_query.filter(name=required_pkg_name)
# check whether the relevant target required package is installed on this machine
if not inst_pkgs:
return
- is_find_installable_hp = False
for inst_pkg in inst_pkgs:
inst_pkg_vere = '%s-%s' % (inst_pkg.version, inst_pkg.release)
if not self.version.larger_than(required_pkg_vere, inst_pkg_vere):
--
2.33.0

67
0002-add-repair-status-of-the-cve-fixed-package.patch
View File

@ -1,67 +0,0 @@
From 7797ac40d715c9e7d56f1d6c0053b699c42c4ac2 Mon Sep 17 00:00:00 2001
From: gongzt <gong_zhengtang@163.com>
Date: Tue, 19 Sep 2023 18:45:38 +0800
Subject: Added the repair status of the cve fixed package
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
apollo/database/proxy/cve.py | 19 +++++++++++++++----
1 file changed, 15 insertions(+), 4 deletions(-)
diff --git a/apollo/database/proxy/cve.py b/apollo/database/proxy/cve.py
index 95de25c..c6d017e 100644
--- a/apollo/database/proxy/cve.py
+++ b/apollo/database/proxy/cve.py
@@ -1562,21 +1562,25 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
cve_fixed_packages = (
self.session.query(
+ CveHostAssociation.id,
CveHostAssociation.installed_rpm,
CveHostAssociation.fixed_way,
func.count(CveHostAssociation.host_id).label("host_num"),
)
.filter(*filters)
- .group_by('installed_rpm', 'fixed_way')
+ .group_by('installed_rpm', 'fixed_way', 'id')
.all()
)
if not cve_fixed_packages:
return NO_DATA, []
+ cve_fixed_packages_status = (
+ self.session.query(CveHostAssociation.id, CveHostAssociation.hp_status).filter(*filters).all()
+ )
- return SUCCEED, self._cve_fixed_packages_row2dict(cve_fixed_packages)
+ return SUCCEED, self._cve_fixed_packages_row2dict(cve_fixed_packages, cve_fixed_packages_status)
@staticmethod
- def _cve_fixed_packages_row2dict(rows):
+ def _cve_fixed_packages_row2dict(rows, cve_fixed_packages_status):
"""
Fixed cve package row data converted to dictionary
Args:
@@ -1586,10 +1590,17 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
list
"""
result = []
+ cve_fixed_packages_status_dict = {
+ cve_host_match.id: cve_host_match.hp_status for cve_host_match in cve_fixed_packages_status
+ }
for row in rows:
+ status = cve_fixed_packages_status_dict[row.id] if cve_fixed_packages_status_dict[row.id] else ""
+ fixed_way = row.fixed_way
+ if fixed_way != "coldpatch":
+ fixed_way = fixed_way + f" ({status})"
fixed_rpm = {
"installed_rpm": row.installed_rpm,
- "fixed_way": row.fixed_way,
+ "fixed_way": fixed_way,
"host_num": row.host_num,
}
result.append(fixed_rpm)
--
Gitee

80
0002-fix-query-all-by-cve-list.patch Normal file
View File

@ -0,0 +1,80 @@
From 82efc83dabc56be1fc05a8f31277efca85494591 Mon Sep 17 00:00:00 2001
From: gongzt <gong_zhengtang@163.com>
Date: Fri, 20 Oct 2023 17:38:08 +0800
Subject: cve list支持查询全部数据
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
apollo/database/proxy/cve.py | 18 ++++++++++--------
database/apollo.sql | 6 +++++-
2 files changed, 15 insertions(+), 9 deletions(-)
diff --git a/apollo/database/proxy/cve.py b/apollo/database/proxy/cve.py
index 8b56601..afa4831 100644
--- a/apollo/database/proxy/cve.py
+++ b/apollo/database/proxy/cve.py
@@ -655,24 +655,26 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
description_dict = self._get_cve_description([cve_info["cve_id"] for cve_info in cve_list])
result['result'] = self._add_description_to_cve(cve_list, description_dict)
- result['total_page'] = math.ceil(total / data["per_page"])
+ result['total_page'] = math.ceil(total / data.get("per_page", total))
result['total_count'] = total
return result
@staticmethod
def _sort_and_page_cve_list(data) -> dict:
- page, per_page = data.get('page', 1), data.get('per_page', 10)
- start_limt = int(per_page) * (int(page) - 1)
- end_limt = int(per_page) * int(page)
+ sort_page = dict(start_limt=0, end_limt=0)
+ page, per_page = data.get('page'), data.get('per_page')
+ if all((page, per_page)):
+ sort_page['start_limt'] = int(per_page) * (int(page) - 1)
+ sort_page['end_limt'] = int(per_page) * int(page)
# sort by host num by default
order_by_filed = data.get('sort', "cve_host_user_count.host_num")
if order_by_filed == "host_num":
order_by_filed = "cve_host_user_count.host_num"
- order_by = "dsc" if data.get("direction") == "desc" else "asc"
-
- return {"start_limt": start_limt, "end_limt": end_limt, "order_by_filed": order_by_filed, "order_by": order_by}
+ sort_page["order_by_filed"] = order_by_filed
+ sort_page["order_by"] = "dsc" if data.get("direction") == "desc" else "asc"
+ return sort_page
def _query_cve_list(self, data):
"""
@@ -686,7 +688,7 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
filters = {"username": data["username"], "search_key": None, "affected": True}
filters.update(data.get("filter", {}))
filters.update(self._sort_and_page_cve_list(data))
- if filters["severity"]:
+ if filters.get("severity"):
filters["severity"] = ",".join(["'" + serverity + "'" for serverity in filters["severity"]])
else:
filters["severity"] = None
diff --git a/database/apollo.sql b/database/apollo.sql
index 2e0d757..a3c4ddc 100644
--- a/database/apollo.sql
+++ b/database/apollo.sql
@@ -183,7 +183,11 @@ BEGIN
SET @order_by_filed = 'cve_host_user_count.host_num';
END IF;
- SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', @order_by_filed ,' ', order_by,' limit ',start_limt ,' ,', end_limt);
+ SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', @order_by_filed ,' ', order_by);
+
+ IF end_limt!=0 THEN
+ SET @cve_list_sql = CONCAT(@cve_list_sql, ' limit ',start_limt ,' ,', end_limt);
+ END IF;
prepare stmt from @cve_list_sql;
EXECUTE stmt;
--
Gitee

63
0003-fix-cve-list-get-api-query-error.patch Normal file
View File

@ -0,0 +1,63 @@
From b5b9f18abefeed4906a9aa469e4d0a591a2a5809 Mon Sep 17 00:00:00 2001
From: root <root@localhost.localdomain>
Date: Fri, 20 Oct 2023 21:43:36 +0800
Subject: [PATCH 1/1] fix cve_list_get api query error
---
apollo/database/proxy/host.py | 13 ++++++++-----
database/apollo.sql | 10 ++++++----
2 files changed, 14 insertions(+), 9 deletions(-)
diff --git a/apollo/database/proxy/host.py b/apollo/database/proxy/host.py
index b3cabb6..2ce2005 100644
--- a/apollo/database/proxy/host.py
+++ b/apollo/database/proxy/host.py
@@ -126,15 +126,18 @@ class HostMysqlProxy(MysqlProxy):
Returns:
dict
"""
+ subquery = self.session.query(
+ CveHostAssociation.host_id, CveHostAssociation.cve_id, CveHostAssociation.fixed, CveHostAssociation.affected
+ ).filter(CveHostAssociation.host_id.in_(host_ids)).distinct().subquery()
+
host_cve_fixed_list = (
self.session.query(
- CveHostAssociation.host_id,
- func.COUNT(func.IF(CveHostAssociation.fixed == True, 1, None)).label("fixed_cve_num"),
- func.COUNT(func.IF(CveHostAssociation.fixed == False, 1, None)).label("unfixed_cve_num"),
+ subquery.c.host_id,
+ func.COUNT(func.IF(subquery.c.fixed == True, 1, None)).label("fixed_cve_num"),
+ func.COUNT(func.IF(subquery.c.fixed == False, 1, None)).label("unfixed_cve_num"),
)
- .filter(CveHostAssociation.host_id.in_(host_ids))
- .group_by(CveHostAssociation.host_id)
+ .group_by(subquery.c.host_id)
.all()
)
return host_cve_fixed_list
diff --git a/database/apollo.sql b/database/apollo.sql
index a3c4ddc..c756ad2 100644
--- a/database/apollo.sql
+++ b/database/apollo.sql
@@ -179,11 +179,13 @@ BEGIN
SET @cve_list_page_count_sql = CONCAT(@cve_list_page_count_sql, 'AND cve.severity IN (', severity, ') ');
END IF;
- IF order_by_filed IS NULL or order_by_filed ='' THEN
- SET @order_by_filed = 'cve_host_user_count.host_num';
- END IF;
+-- IF order_by_filed IS NULL or order_by_filed ='' THEN
+-- SET @order_by_filed = 'cve_host_user_count.host_num';
+-- END IF;
+-- MySql 5.7 version '@' index error
+
+ SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', order_by_filed ,' ', order_by);
- SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', @order_by_filed ,' ', order_by);
IF end_limt!=0 THEN
SET @cve_list_sql = CONCAT(@cve_list_sql, ' limit ',start_limt ,' ,', end_limt);
--
2.33.0

120
0004-fix-query-cve-list-error-and-sql-error.patch Normal file
View File

@ -0,0 +1,120 @@
From 95a541a7cd17486d60f0ef13a03756f6bbc799f0 Mon Sep 17 00:00:00 2001
From: gongzt <gong_zhengtang@163.com>
Date: Mon, 23 Oct 2023 09:44:30 +0800
Subject: Fixed many issues with cvelist queries (package fuzzy matching, page confusion, sorting is not supported) and rpm packet loss when generating repair tasks
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
apollo/database/proxy/cve.py | 19 ++++++++-----------
apollo/database/proxy/task.py | 6 ++++--
database/apollo.sql | 13 ++++---------
3 files changed, 16 insertions(+), 22 deletions(-)
diff --git a/apollo/database/proxy/cve.py b/apollo/database/proxy/cve.py
index afa4831..2b82cf6 100644
--- a/apollo/database/proxy/cve.py
+++ b/apollo/database/proxy/cve.py
@@ -655,25 +655,22 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
description_dict = self._get_cve_description([cve_info["cve_id"] for cve_info in cve_list])
result['result'] = self._add_description_to_cve(cve_list, description_dict)
- result['total_page'] = math.ceil(total / data.get("per_page", total))
- result['total_count'] = total
-
+ if total:
+ result['total_page'] = math.ceil(total / data.get("per_page", total))
+ result['total_count'] = total
return result
@staticmethod
def _sort_and_page_cve_list(data) -> dict:
- sort_page = dict(start_limt=0, end_limt=0)
+ sort_page = dict(start_limt=0, limt_size=0)
page, per_page = data.get('page'), data.get('per_page')
if all((page, per_page)):
sort_page['start_limt'] = int(per_page) * (int(page) - 1)
- sort_page['end_limt'] = int(per_page) * int(page)
+ sort_page['limt_size'] = int(per_page)
# sort by host num by default
- order_by_filed = data.get('sort', "cve_host_user_count.host_num")
- if order_by_filed == "host_num":
- order_by_filed = "cve_host_user_count.host_num"
- sort_page["order_by_filed"] = order_by_filed
- sort_page["order_by"] = "dsc" if data.get("direction") == "desc" else "asc"
+ sort_page["order_by_filed"] = data.get('sort', "host_num")
+ sort_page["order_by"] = "dsc" if data.get("direction") == "dsc" else "asc"
return sort_page
def _query_cve_list(self, data):
@@ -695,7 +692,7 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
# Call stored procedure: GET_CVE_LIST_PRO
pro_result_set = self.session.execute(
- "CALL GET_CVE_LIST_PRO(:username,:search_key,:severity,:fixed,:affected,:order_by_filed,:order_by,:start_limt,:end_limt)",
+ "CALL GET_CVE_LIST_PRO(:username,:search_key,:severity,:fixed,:affected,:order_by_filed,:order_by,:start_limt,:limt_size)",
filters,
)
cursor = pro_result_set.cursor
diff --git a/apollo/database/proxy/task.py b/apollo/database/proxy/task.py
index de151b2..b1d53c4 100644
--- a/apollo/database/proxy/task.py
+++ b/apollo/database/proxy/task.py
@@ -2832,9 +2832,11 @@ class TaskProxy(TaskMysqlProxy, TaskEsProxy):
)
cve_host_package_dict = dict()
for host_id in host_rpms["host_ids"]:
- filter_host_package = filter(lambda host_package: host_package.host_id == int(host_id), cve_host_packages)
+ filter_host_package = list(
+ filter(lambda host_package: host_package.host_id == int(host_id), cve_host_packages)
+ )
if not host_rpm_dict:
- installed_rpm = self._filter_installed_rpm(list(filter_host_package))
+ installed_rpm = self._filter_installed_rpm(filter_host_package)
cve_host_package_dict[host_id] = installed_rpm
continue
diff --git a/database/apollo.sql b/database/apollo.sql
index c756ad2..a87f85c 100644
--- a/database/apollo.sql
+++ b/database/apollo.sql
@@ -124,7 +124,7 @@ CREATE TABLE IF NOT EXISTS `task_rollback`(
PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_unicode_ci ROW_FORMAT = Dynamic;
-CREATE PROCEDURE GET_CVE_LIST_PRO(IN username VARCHAR(20), IN search_key VARCHAR(100), IN severity VARCHAR(20), IN fixed TINYINT, IN affected TINYINT,IN order_by_filed VARCHAR(100),IN order_by VARCHAR(20),IN start_limt INT,IN end_limt INT)
+CREATE PROCEDURE GET_CVE_LIST_PRO(IN username VARCHAR(20), IN search_key VARCHAR(100), IN severity VARCHAR(200), IN fixed TINYINT, IN affected TINYINT,IN order_by_filed VARCHAR(100),IN order_by VARCHAR(20),IN start_limt INT,IN limt_size INT)
BEGIN
DROP TABLE IF EXISTS cve_host_user_count;
@@ -135,9 +135,6 @@ BEGIN
cve_host_match FORCE INDEX (ix_cve_host_match_host_id)
WHERE 1=1 ';
- IF search_key is not null and search_key !='' THEN
- SET @tmp_cve_host_count_sql = CONCAT(@tmp_cve_host_count_sql, ' AND LOCATE("', search_key, '", cve_id) > 0 ');
- END IF;
IF fixed is not null THEN
SET @tmp_cve_host_count_sql = CONCAT(@tmp_cve_host_count_sql, ' AND fixed = ', fixed, ' ');
END IF;
@@ -183,12 +180,10 @@ BEGIN
-- SET @order_by_filed = 'cve_host_user_count.host_num';
-- END IF;
-- MySql 5.7 version '@' index error
+ SET @cve_list_sql = CONCAT('select s.* from ( ', @cve_list_sql,' ) as s ',' ORDER BY ', order_by_filed ,' ', order_by);
- SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', order_by_filed ,' ', order_by);
-
-
- IF end_limt!=0 THEN
- SET @cve_list_sql = CONCAT(@cve_list_sql, ' limit ',start_limt ,' ,', end_limt);
+ IF limt_size!=0 THEN
+ SET @cve_list_sql = CONCAT(@cve_list_sql, ' limit ',start_limt ,' ,', limt_size);
END IF;
prepare stmt from @cve_list_sql;
--
Gitee

56
0005-fix-the-severity-field-filtering-error.patch Normal file
View File

@ -0,0 +1,56 @@
From 93b6f17d081227f619cc22fb5ba6918937c8dd2e Mon Sep 17 00:00:00 2001
From: rabbitali <wenxin32@foxmail.com>
Date: Mon, 23 Oct 2023 11:16:47 +0800
Subject: [PATCH 1/1] fix the severity field filtering error
---
apollo/conf/constant.py | 4 ++--
apollo/database/proxy/cve.py | 2 +-
apollo/handler/cve_handler/manager/parse_unaffected.py | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/apollo/conf/constant.py b/apollo/conf/constant.py
index e2d91a6..878e86f 100644
--- a/apollo/conf/constant.py
+++ b/apollo/conf/constant.py
@@ -74,11 +74,11 @@ class CveSeverity:
HIGH = "High"
MEDIUM = "Medium"
LOW = "Low"
- NONE = "None"
+ UNKNOWN = "Unknown"
@staticmethod
def attribute():
- return [CveSeverity.CRITICAL, CveSeverity.HIGH, CveSeverity.MEDIUM, CveSeverity.LOW, CveSeverity.NONE]
+ return [CveSeverity.CRITICAL, CveSeverity.HIGH, CveSeverity.MEDIUM, CveSeverity.LOW, CveSeverity.UNKNOWN]
class TaskType:
diff --git a/apollo/database/proxy/cve.py b/apollo/database/proxy/cve.py
index 2b82cf6..f83784a 100644
--- a/apollo/database/proxy/cve.py
+++ b/apollo/database/proxy/cve.py
@@ -670,7 +670,7 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
# sort by host num by default
sort_page["order_by_filed"] = data.get('sort', "host_num")
- sort_page["order_by"] = "dsc" if data.get("direction") == "dsc" else "asc"
+ sort_page["order_by"] = data.get("direction", "asc")
return sort_page
def _query_cve_list(self, data):
diff --git a/apollo/handler/cve_handler/manager/parse_unaffected.py b/apollo/handler/cve_handler/manager/parse_unaffected.py
index b680123..e9eed57 100644
--- a/apollo/handler/cve_handler/manager/parse_unaffected.py
+++ b/apollo/handler/cve_handler/manager/parse_unaffected.py
@@ -137,5 +137,5 @@ def parse_cve_severity(cve_score: str) -> str:
elif cvss_score > CvssScore.NONE:
severity = CveSeverity.LOW
else:
- severity = CveSeverity.NONE
+ severity = CveSeverity.UNKNOWN
return severity
--
2.33.0

28
0006-fix-cve-list-by-host-count.patch Normal file
View File

@ -0,0 +1,28 @@
From c4e6df14e518206ee9f4de55b3ba45f9f6632d1b Mon Sep 17 00:00:00 2001
From: gongzt <gong_zhengtang@163.com>
Date: Mon, 23 Oct 2023 15:39:44 +0800
Subject: Fixed the problem that the number of hosts in the cve list repeated statistics
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
database/apollo.sql | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/database/apollo.sql b/database/apollo.sql
index a87f85c..b79707b 100644
--- a/database/apollo.sql
+++ b/database/apollo.sql
@@ -130,7 +130,7 @@ BEGIN
DROP TABLE IF EXISTS cve_host_user_count;
SET @tmp_cve_host_count_sql = 'CREATE TEMPORARY TABLE cve_host_user_count SELECT
cve_id,
- COUNT(host_id) AS host_num
+ COUNT(DISTINCT host_id) AS host_num
FROM
cve_host_match FORCE INDEX (ix_cve_host_match_host_id)
WHERE 1=1 ';
--
Gitee

41
0007-fix-data-correction-task-execution-error.patch Normal file
View File

@ -0,0 +1,41 @@
From fc2c7e76531306699e5c5dd0273dfe5fe521d2f8 Mon Sep 17 00:00:00 2001
From: rabbitali <wenxin32@foxmail.com>
Date: Tue, 24 Oct 2023 20:39:44 +0800
Subject: [PATCH 2/2] fix data correction task execution error
---
apollo/database/proxy/task.py | 2 +-
conf/apollo_crontab.yml | 5 ++---
2 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/apollo/database/proxy/task.py b/apollo/database/proxy/task.py
index b1d53c4..17cb274 100644
--- a/apollo/database/proxy/task.py
+++ b/apollo/database/proxy/task.py
@@ -3214,7 +3214,7 @@ class TaskProxy(TaskMysqlProxy, TaskEsProxy):
task_id_list = task_cve_id_list + task_repo_id_list
task_query = self.session.query(Task).filter(Task.task_id.in_(task_id_list)).all()
- running_task_list = [(task.task_id, task.task_type, task.create_time) for task in task_query]
+ running_task_list = [(task.task_id, task.create_time) for task in task_query]
return running_task_list, host_info_list
def update_host_status(self, host_id_list: list):
diff --git a/conf/apollo_crontab.yml b/conf/apollo_crontab.yml
index 29c17b4..4a1f1e9 100644
--- a/conf/apollo_crontab.yml
+++ b/conf/apollo_crontab.yml
@@ -44,6 +44,5 @@
type: data_correct
enable: true
timed:
- day_of_week: 0-6
- hour: 3
- trigger: cron
\ No newline at end of file
+ minutes: 20
+ trigger: interval
\ No newline at end of file
--
2.33.0

27
0008-update-apollo-database-proxy-host.py.patch Normal file
View File

@ -0,0 +1,27 @@
From a07a830d931dbcd60deb3c753414defe3e036a20 Mon Sep 17 00:00:00 2001
From: xuyongliang_01 <xuyongliang_yewu@cmss.chinamobile.com>
Date: Mon, 23 Oct 2023 06:35:14 +0000
Subject: [PATCH 1/2] update apollo/database/proxy/host.py.
Signed-off-by: xuyongliang_01 <xuyongliang_yewu@cmss.chinamobile.com>
---
apollo/database/proxy/host.py | 3 ---
1 file changed, 3 deletions(-)
diff --git a/apollo/database/proxy/host.py b/apollo/database/proxy/host.py
index 2ce2005..282193b 100644
--- a/apollo/database/proxy/host.py
+++ b/apollo/database/proxy/host.py
@@ -15,9 +15,6 @@ Time:
Author:
Description: Host table operation
"""
-import math
-from collections import defaultdict
-from typing import List, Tuple
from sqlalchemy import and_, case, func, or_
from sqlalchemy.exc import SQLAlchemyError
--
2.33.0

26
0009-fix-filename-bug-in-gen_updateinfo.py.patch Normal file
View File

@ -0,0 +1,26 @@
From 175d79fa735de0ac315c1c9b3893ff850a478b38 Mon Sep 17 00:00:00 2001
From: wang-guangge <wangguangge@huawei.com>
Date: Tue, 14 Nov 2023 15:03:21 +0800
Subject: [PATCH] fix filename bug in gen_updateinfo.py
---
aops-apollo-tool/aops_apollo_tool/gen_updateinfo.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/aops-apollo-tool/aops_apollo_tool/gen_updateinfo.py b/aops-apollo-tool/aops_apollo_tool/gen_updateinfo.py
index 26d0704..5785c7c 100644
--- a/aops-apollo-tool/aops_apollo_tool/gen_updateinfo.py
+++ b/aops-apollo-tool/aops_apollo_tool/gen_updateinfo.py
@@ -144,8 +144,8 @@ def generate_package_list(package_dir: str) -> Element:
filename.text = "%s-%s-%s.%s.rpm" % (
package.attrib['name'],
- package.attrib['release'],
package.attrib['version'],
+ package.attrib['release'],
package.attrib['arch'],
)
--
2.27.0

BIN
aops-apollo-v1.3.2.tar.gz
View File

Binary file not shown.

BIN
aops-apollo-v1.3.4.tar.gz Normal file
View File

Binary file not shown.

79
aops-apollo.spec
View File

@ -1,32 +1,32 @@
Name: aops-apollo Name: aops-apollo
Version: v1.3.2 Version: v1.3.4
Release: 3 Release: 10
Summary: Cve management service, monitor machine vulnerabilities and provide fix functions. Summary: Cve management service, monitor machine vulnerabilities and provide fix functions.
License: MulanPSL2 License: MulanPSL2
URL: https://gitee.com/openeuler/%{name} URL: https://gitee.com/openeuler/%{name}
Source0: %{name}-%{version}.tar.gz Source0: %{name}-%{version}.tar.gz
Patch0001: 0001-fix-param-error-and-compatible-with-mysql5.patch
Patch0002: 0002-fix-query-all-by-cve-list.patch
Patch0003: 0003-fix-cve-list-get-api-query-error.patch
Patch0004: 0004-fix-query-cve-list-error-and-sql-error.patch
Patch0005: 0005-fix-the-severity-field-filtering-error.patch
Patch0006: 0006-fix-cve-list-by-host-count.patch
Patch0007: 0007-fix-data-correction-task-execution-error.patch
Patch0008: 0008-update-apollo-database-proxy-host.py.patch
Patch0009: 0009-fix-filename-bug-in-gen_updateinfo.py.patch
BuildRequires: python3-setuptools BuildRequires: python3-setuptools
Requires: aops-vulcanus >= v1.2.0 Requires: aops-vulcanus >= v1.3.0
Requires: python3-elasticsearch python3-flask-restful python3-marshmallow >= 3.13.0 Requires: python3-elasticsearch >= 7 python3-flask-restful python3-marshmallow >= 3.13.0
Requires: python3-sqlalchemy python3-PyMySQL python3-Flask-APScheduler >= 1.11.0 Requires: python3-sqlalchemy python3-PyMySQL python3-Flask-APScheduler >= 1.11.0
Requires: python3-PyYAML python3-flask python3-gevent Requires: python3-PyYAML python3-flask python3-gevent python3-uWSGI
Requires: python3-retrying python3-lxml Requires: python3-retrying python3-lxml
Provides: aops-apollo Provides: aops-apollo
Patch0001: 0001-fix-updateinfo_parse.py-bug.patch
Patch0002: 0002-add-repair-status-of-the-cve-fixed-package.patch
%description %description
Cve management service, monitor machine vulnerabilities and provide fix functions. Cve management service, monitor machine vulnerabilities and provide fix functions.
%package -n dnf-hotpatch-plugin
Summary: dnf hotpatch plugin
Requires: python3-hawkey python3-dnf syscare >= 1.0.1
%description -n dnf-hotpatch-plugin
dnf hotpatch plugin, it's about hotpatch query and fix
%package -n aops-apollo-tool %package -n aops-apollo-tool
Summary: Small tools for aops-apollo, e.g. updateinfo.xml generater Summary: Small tools for aops-apollo, e.g. updateinfo.xml generater
@ -57,9 +57,6 @@ pushd aops-apollo-tool
%py3_install %py3_install
popd popd
#install for aops-dnf-plugin
cp -r hotpatch %{buildroot}/%{python3_sitelib}/dnf-plugins/
%files %files
%doc README.* %doc README.*
@ -71,8 +68,6 @@ cp -r hotpatch %{buildroot}/%{python3_sitelib}/dnf-plugins/
%{python3_sitelib}/apollo/* %{python3_sitelib}/apollo/*
%attr(0755, root, root) /opt/aops/database/* %attr(0755, root, root) /opt/aops/database/*
%files -n dnf-hotpatch-plugin
%{python3_sitelib}/dnf-plugins/*
%files -n aops-apollo-tool %files -n aops-apollo-tool
%attr(0644,root,root) %{_sysconfdir}/aops_apollo_tool/updateinfo_config.ini %attr(0644,root,root) %{_sysconfdir}/aops_apollo_tool/updateinfo_config.ini
@ -81,6 +76,52 @@ cp -r hotpatch %{buildroot}/%{python3_sitelib}/dnf-plugins/
%{python3_sitelib}/aops_apollo_tool/* %{python3_sitelib}/aops_apollo_tool/*
%changelog %changelog
* Tue Nov 14 2023 wangguangge<wangguangge@huawei.com> - v1.3.4-10
- fix filename bug in aops-apollo-tool
* Mon Nov 13 2023 wenxin<wenxin32@foxmail.com> - v1.3.4-9
- Update the installation dependencies
* Tue Oct 24 2023 wenxin<wenxin32@foxmail.com> - v1.3.4-8
- fix data correction task execution error
* Mon Oct 23 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.4-7
- fixed the problem that the number of hosts in the cve list repeated statistics
* Mon Oct 23 2023 wenxin<wenxin32@foxmail.com> - v1.3.4-6
- fix the severity field filtering error
* Mon Oct 23 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.4-5
- fixed many issues with cvelist queries (package fuzzy matching, page confusion, sorting is not supported) and rpm packet loss when generating repair tasks
* Fri Oct 20 2023 wenxin<wenxin32@foxmail.com> - v1.3.4-4
- fix cve_list_get api query error
* Fri Oct 20 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.4-3
- fix query all by cve list api
* Fri Oct 20 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.4-2
- fix param error and compatible with mysql 5.7
* Thu Oct 19 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.4-1
- Remove hotpatch
* Wed Oct 18 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.3-2
- optimize cve query performance
- fixed errors in 20.03-sp3, such as task progress, cve repair task, and host cve query
* Thu Sep 21 2023 zhuyuncheng<zhuyuncheng@huawei.com> - v1.3.3-1
- update typing and requires version
* Thu Sep 21 2023 wangguangge<wangguangge@huawei.com> - v1.3.2-6
- fix the hot_updateinfo.py bug
* Wed Sep 20 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.2-5
- add fixed and hp_status filter
* Wed Sep 20 2023 wangguangge<wangguangge@huawei.com> - v1.3.2-4
- fix the hotupgrade.py bug
* Tue Sep 19 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.2-3 * Tue Sep 19 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.2-3
- added the repair status of the cve fixed package - added the repair status of the cve fixed package