packages/aops-apollo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

修复hotpatch updateinfo命令及增加dnf全量修复

Browse Source 
(cherry picked from commit 5b8a5e2256e9f3d7fd5601fb33901550afe321fd)
This commit is contained in:
gongzt 2023-06-02 16:10:35 +08:00 committed by openeuler-sync-bot
parent c229ee0daf
commit e6f14c184f
4 changed files with 584 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
0002-fix-bug-and-update-the-code-of-parsing.patch Normal file
View File

@ -0,0 +1,91 @@
From 313271160b4826c9c2d2b3afe2f0489c4a95fef9 Mon Sep 17 00:00:00 2001
From: wang-guangge <wangguangge@huawei.com>
Date: Thu, 1 Jun 2023 21:31:58 +0800
Subject: [PATCH] fix bug and update the code of parsing src.rpm
---
.../aops_apollo_tool/gen_updateinfo.py | 42 ++++++++++++++-----
1 file changed, 32 insertions(+), 10 deletions(-)
mode change 100755 => 100644 aops-apollo-tool/aops_apollo_tool/gen_updateinfo.py
diff --git a/aops-apollo-tool/aops_apollo_tool/gen_updateinfo.py b/aops-apollo-tool/aops_apollo_tool/gen_updateinfo.py
old mode 100755
new mode 100644
index 26f3226..2204b10
--- a/aops-apollo-tool/aops_apollo_tool/gen_updateinfo.py
+++ b/aops-apollo-tool/aops_apollo_tool/gen_updateinfo.py
@@ -26,7 +26,7 @@ import rpm
import configparser
# get updateinfo global config
-UPDATEINFO_FILE = "/etc/gen_updateinfo/updateinfo_config.ini"
+UPDATEINFO_FILE = "/etc/aops_apollo_tool/updateinfo_config.ini"
CONF = configparser.ConfigParser()
CONF.read(filenames=UPDATEINFO_FILE)
@@ -69,6 +69,21 @@ def check_uniqueness_of_advisory_id(root: ET, advisory_id: str) -> int:
sys.exit(1)
existed_adv_id.add(update_adv_id)
+def parse_src_rpm_info_by_filename(filename: str) -> tuple:
+ """
+ Parse source rpm package information by filename, the filename should be 'name-version-release.src.rpm'.
+
+ Returns:
+ name, version, release
+ """
+ nevra_pos = filename.rindex('.src.rpm')
+ nevra = filename[:nevra_pos]
+ release_pos = nevra.rindex('-')
+ version_pos = nevra.rindex('-', 0, release_pos)
+ name, version, release = nevra[0:version_pos], nevra[
+ version_pos+1:release_pos], nevra[release_pos+1:]
+
+ return name, version, release
def generate_package_list(package_dir: str) -> Element:
"""
@@ -107,21 +122,27 @@ def generate_package_list(package_dir: str) -> Element:
except rpm.error:
print("error: %s cannot be successfully parsed" % package_path)
sys.exit(1)
+
+ filename = Element('filename')
+ if pkg.endswith('.src.rpm'):
+ # parse source rpm information by filename, and the arch information is not marked
+ name, version, release = parse_src_rpm_info_by_filename(pkg)
+ package.attrib['name'] = name
+ package.attrib['version'] = version
+ package.attrib['release'] = release
+ filename.text = pkg
- try:
+ else:
package.attrib['arch'] = pkg_info[rpm.RPMTAG_ARCH]
package.attrib['name'] = pkg_info[rpm.RPMTAG_NAME]
package.attrib['version'] = pkg_info[rpm.RPMTAG_VERSION]
package.attrib['release'] = pkg_info[rpm.RPMTAG_R]
- except rpm.error:
- print("error: key information is lost in %s" % package_path)
- sys.exit(1)
- filename = Element('filename')
- filename.text = "%s-%s-%s.%s.rpm" % (package.attrib['name'],
- package.attrib['release'],
- package.attrib['version'],
- package.attrib['arch'])
+ filename.text = "%s-%s-%s.%s.rpm" % (package.attrib['name'],
+ package.attrib['release'],
+ package.attrib['version'],
+ package.attrib['arch'])
+
package.append(filename)
collection.append(package)
@@ -306,3 +327,4 @@ def main():
main()
+
--
Gitee

381
0003-fix-hotpatch-updateinfo-for-search-hotpatch-info.patch Normal file
View File

@ -0,0 +1,381 @@
From faeec6eff1e80be893916d16fb6bd3cd8f0246c9 Mon Sep 17 00:00:00 2001
From: wang-guangge <wangguangge@huawei.com>
Date: Wed, 31 May 2023 18:06:22 +0800
Subject: [PATCH] fix hotpatch updateinfo for search hotpatch information
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
hotpatch/baseclass.py | 14 ++--
hotpatch/hot-updateinfo.py | 118 +++++++++-----------------------
hotpatch/hotpatch.py | 13 ++--
hotpatch/hotpatch_updateinfo.py | 58 ++++++++++------
4 files changed, 83 insertions(+), 120 deletions(-)
diff --git a/hotpatch/baseclass.py b/hotpatch/baseclass.py
index d88ef40..2542a03 100644
--- a/hotpatch/baseclass.py
+++ b/hotpatch/baseclass.py
@@ -115,7 +115,7 @@ class Hotpatch(object):
class Cve(object):
- __slots__ = ['_cve_id', '_hotpatch']
+ __slots__ = ['_cve_id', '_hotpatches']
def __init__(self,
id,
@@ -124,15 +124,14 @@ class Cve(object):
id: str
"""
self._cve_id = id
- self._hotpatch = None
+ self._hotpatches = []
@property
- def hotpatch(self):
- return self._hotpatch
+ def hotpatches(self):
+ return self._hotpatches
- @hotpatch.setter
- def hotpatch(self, hotpatch: Hotpatch):
- self._hotpatch = hotpatch
+ def add_hotpatch(self, hotpatch: Hotpatch):
+ self._hotpatches.append(hotpatch)
@property
def cve_id(self):
@@ -206,3 +205,4 @@ class Advisory(object):
def add_hotpatch(self, hotpatch: Hotpatch):
self._hotpatches.append(hotpatch)
+
diff --git a/hotpatch/hot-updateinfo.py b/hotpatch/hot-updateinfo.py
index 779337b..d1e6d58 100644
--- a/hotpatch/hot-updateinfo.py
+++ b/hotpatch/hot-updateinfo.py
@@ -4,46 +4,6 @@ from dnf.cli.commands.updateinfo import UpdateInfoCommand
import hawkey
from .hotpatch_updateinfo import HotpatchUpdateInfo
-
-class Versions:
- """
- Version number processing
- """
-
- separator = (".", "-")
- _connector = "&"
-
- def _order(self, version, separator=None):
- """
- Version of the cutting
- Args:
- version: version
- separator: separator
-
- Returns:
-
- """
- if not separator:
- separator = self._connector
- return tuple([int(v) for v in version.split(separator) if v.isdigit()])
-
- def lgt(self, version, compare_version):
- """
- Returns true if the size of the compared version is greater
- than that of the compared version, or false otherwise
-
- """
- for separator in self.separator:
- version = self._connector.join(
- [v for v in version.split(separator)])
- compare_version = self._connector.join(
- [v for v in compare_version.split(separator)]
- )
- version = self._order(version)
- compare_version = self._order(compare_version)
- return version >= compare_version
-
-
@dnf.plugin.register_command
class HotUpdateinfoCommand(dnf.cli.Command):
aliases = ['hot-updateinfo']
@@ -118,26 +78,13 @@ class HotUpdateinfoCommand(dnf.cli.Command):
return mapping_nevra_cve
- def _filter_and_format_list_output(self, echo_lines: list, fixed_cve_id: set, fixed_coldpatches: set):
+ def _filter_and_format_list_output(self, echo_lines: list, fixed_cve_id: set):
"""
Only show specified cve information that have not been fixed, and format output
"""
- def is_patch_fixed(coldpatch, fixed_coldpatches):
- """
- Check whether the coldpatch is fixed
- """
- for fixed_coldpatch in fixed_coldpatches:
- pkg_name, pkg_evr, _ = coldpatch
- fixed_pkg_name, fixed_pkg_evr, _ = fixed_coldpatch
- if pkg_name != fixed_pkg_name:
- continue
- if version.lgt(fixed_pkg_evr, pkg_evr):
- return True
- return False
idw = tiw = ciw = 0
format_lines = set()
- version = Versions()
for echo_line in echo_lines:
cve_id, adv_type, coldpatch, hotpatch = echo_line[0], echo_line[1], echo_line[2], echo_line[3]
if self.filter_cves is not None and cve_id not in self.filter_cves:
@@ -145,11 +92,8 @@ class HotUpdateinfoCommand(dnf.cli.Command):
if cve_id in fixed_cve_id:
continue
if not isinstance(coldpatch, str):
- if is_patch_fixed(coldpatch, fixed_coldpatches):
- continue
- else:
- pkg_name, pkg_evr, pkg_arch = coldpatch
- coldpatch = '%s-%s.%s' % (pkg_name, pkg_evr, pkg_arch)
+ pkg_name, pkg_evr, pkg_arch = coldpatch
+ coldpatch = '%s-%s.%s' % (pkg_name, pkg_evr, pkg_arch)
idw = max(idw, len(cve_id))
tiw = max(tiw, len(adv_type))
@@ -178,41 +122,43 @@ class HotUpdateinfoCommand(dnf.cli.Command):
mapping_nevra_cve = self.get_mapping_nevra_cve()
echo_lines = []
fixed_cve_id = set()
- fixed_coldpatches = set()
iterated_cve_id = set()
for ((nevra), aupdated), id2type in sorted(mapping_nevra_cve.items(), key=lambda x: x[0]):
pkg_name, pkg_evr, pkg_arch = nevra
for cve_id, atypesev in id2type.items():
iterated_cve_id.add(cve_id)
- label = type2label(self.updateinfo, *atypesev)
- echo_line = [cve_id, label, nevra, '-']
- echo_lines.append(echo_line)
- if cve_id not in self.hp_hawkey.hotpatch_cves:
+ label = type2label(self.updateinfo, *atypesev)
+ if cve_id not in self.hp_hawkey.hotpatch_cves or not self.hp_hawkey.hotpatch_cves[cve_id].hotpatches:
+ echo_line = [cve_id, label, nevra, '-']
+ echo_lines.append(echo_line)
continue
- hotpatch = self.hp_hawkey.hotpatch_cves[cve_id].hotpatch
- if hotpatch is None or hotpatch.src_pkg_nevre[0] != pkg_name:
- continue
- if hotpatch.state == self.hp_hawkey.INSTALLED:
- # record the fixed cves
- for cve_id in hotpatch.cves:
- fixed_cve_id.add(cve_id)
- # record the fixed coldpatch to filter the cves of the corresponding coldpatch with the lower version
- fixed_coldpatches.add((nevra))
- echo_lines.pop()
- elif hotpatch.state == self.hp_hawkey.INSTALLABLE:
- echo_lines[-1][3] = hotpatch.nevra
+
+ for hotpatch in self.hp_hawkey.hotpatch_cves[cve_id].hotpatches:
+ echo_line = [cve_id, label, nevra, '-']
+ echo_lines.append(echo_line)
+ if hotpatch.src_pkg_nevre[0] != pkg_name:
+ continue
+ if hotpatch.state == self.hp_hawkey.INSTALLED:
+ # record the fixed cves
+ for cve_id in hotpatch.cves:
+ fixed_cve_id.add(cve_id)
+ echo_lines.pop()
+ elif hotpatch.state == self.hp_hawkey.INSTALLABLE:
+ echo_lines[-1][3] = hotpatch.nevra
+
hp_cve_list = list(set(self.hp_hawkey.hotpatch_cves.keys()).difference(iterated_cve_id))
for cve_id in hp_cve_list:
- hotpatch = self.hp_hawkey.hotpatch_cves[cve_id].hotpatch
- if hotpatch is None:
- continue
- echo_line = [cve_id, hotpatch.advisory.severity + '/Sec.', '-', '-']
- if hotpatch.state == self.hp_hawkey.INSTALLED:
- continue
- elif hotpatch.state == self.hp_hawkey.INSTALLABLE:
- echo_line = [cve_id, hotpatch.advisory.severity + '/Sec.', '-', hotpatch.nevra]
- echo_lines.append(echo_line)
+ for hotpatch in self.hp_hawkey.hotpatch_cves[cve_id].hotpatches:
+ echo_line = [cve_id, hotpatch.advisory.severity + '/Sec.', '-', '-']
+ if hotpatch.state == self.hp_hawkey.INSTALLED:
+ # record the fixed cves
+ fixed_cve_id.add(cve_id)
+ continue
+ elif hotpatch.state == self.hp_hawkey.INSTALLABLE:
+ echo_line = [cve_id, hotpatch.advisory.severity + '/Sec.', '-', hotpatch.nevra]
+ echo_lines.append(echo_line)
self._filter_and_format_list_output(
- echo_lines, fixed_cve_id, fixed_coldpatches)
+ echo_lines, fixed_cve_id)
+
diff --git a/hotpatch/hotpatch.py b/hotpatch/hotpatch.py
index 0704a08..ccef636 100644
--- a/hotpatch/hotpatch.py
+++ b/hotpatch/hotpatch.py
@@ -102,12 +102,12 @@ class HotpatchCommand(dnf.cli.Command):
hotpatch_cves = self.hp_hawkey.hotpatch_cves
echo_lines = []
for cve_id in hotpatch_cves.keys():
- hotpatch = hotpatch_cves[cve_id].hotpatch
- status = self.hp_hawkey._get_hotpatch_status_in_syscare(hotpatch)
- if status == '':
- continue
- echo_line = [cve_id, hotpatch.syscare_name, status]
- echo_lines.append(echo_line)
+ for hotpatch in hotpatch_cves[cve_id].hotpatches:
+ status = self.hp_hawkey._get_hotpatch_status_in_syscare(hotpatch)
+ if status == '':
+ continue
+ echo_line = [cve_id, hotpatch.syscare_name, status]
+ echo_lines.append(echo_line)
self._filter_and_format_list_output(echo_lines)
@@ -133,3 +133,4 @@ class HotpatchCommand(dnf.cli.Command):
else:
logger.info(_("%s hot patch '%s' succeed"), operate, self.base.output.term.bold(target_patch))
+
diff --git a/hotpatch/hotpatch_updateinfo.py b/hotpatch/hotpatch_updateinfo.py
index 6689553..399e05c 100644
--- a/hotpatch/hotpatch_updateinfo.py
+++ b/hotpatch/hotpatch_updateinfo.py
@@ -67,7 +67,7 @@ class HotpatchUpdateInfo(object):
"""
Initialize hotpatch information from repos
"""
- # get xxx-hotpatch.xml.gz file paths by traversing the system_cachedir(/var/cache/dnf)
+ # get xxx-updateinfo.xml.gz file paths by traversing the system_cachedir(/var/cache/dnf)
system_cachedir = self.cli.base.conf.system_cachedir
all_repos = self.cli.base.repos
map_repo_updateinfoxml = {}
@@ -80,9 +80,9 @@ class HotpatchUpdateInfo(object):
continue
for xml_file in os.listdir(repodata_path):
- # the hotpatch relevant updateinfo is recorded in xxx-hotpatch.xml.gz
- if "hotpatch" in xml_file:
- repo_name = file.split("-")[0]
+ # the hotpatch relevant updateinfo is recorded in xxx-updateinfo.xml.gz
+ if "updateinfo" in xml_file:
+ repo_name = file.rsplit("-")[0]
cache_updateinfo_xml_path = os.path.join(
repodata_path, xml_file)
map_repo_updateinfoxml[repo_name] = cache_updateinfo_xml_path
@@ -99,7 +99,7 @@ class HotpatchUpdateInfo(object):
Parse the pkglist information, filter the hotpatches with different arches
"""
hotpatches = []
- hot_patch_collection = pkglist.find('collection')
+ hot_patch_collection = pkglist.find('hot_patch_collection')
arches = self.base.sack.list_arches()
if not hot_patch_collection:
return hotpatches
@@ -171,14 +171,19 @@ class HotpatchUpdateInfo(object):
advisory.cves = advisory_cves
for hotpatch_kwargs in advisory_hotpatches:
+ # parse the id string of the package to list
+ # e.g. parse the id of "CVE-2021-2023,CVE-2021-2024" to ["CVE-2021-2023", "CVE-2021-2024"]
+ hotpatch_ref_id = hotpatch_kwargs.pop('id')
+ hotpatch_ref_id = hotpatch_ref_id.split(',')
+
hotpatch = Hotpatch(**hotpatch_kwargs)
hotpatch.advisory = advisory
- hotpatch.cves = advisory_cves.keys()
+ hotpatch.cves = hotpatch_ref_id
advisory.add_hotpatch(hotpatch)
-
- for cve in advisory_cves.values():
- cve.hotpatch = hotpatch
+
+ for ref_id in hotpatch_ref_id:
+ advisory_cves[ref_id].add_hotpatch(hotpatch)
self._hotpatch_advisories[advisory_kwargs['id']] = advisory
@@ -213,9 +218,9 @@ class HotpatchUpdateInfo(object):
def _parse_and_store_from_xml(self, updateinfoxml):
"""
- Parse and store hotpatch update information from xxx-hotpatch.xml.gz
+ Parse and store hotpatch update information from xxx-updateinfo.xml.gz
- xxx-hotpatch.xml.gz e.g.
+ xxx-updateinfo.xml.gz e.g.
<?xml version="1.0" encoding="UTF-8"?>
<updates>
@@ -226,19 +231,26 @@ class HotpatchUpdateInfo(object):
<release>openEuler</release>
<issued date="2022-04-16"></issued>
<references>
- <reference href="https://nvd.nist.gov/vuln/detail/CVE-2021-46658" id="CVE-2021-1" title="CVE-2021-1" type="cve"></reference>
+ <reference href="https://nvd.nist.gov/vuln/detail/CVE-2021-1111" id="CVE-2021-1111" title="CVE-2021-1111" type="cve"></reference>
+ <reference href="https://nvd.nist.gov/vuln/detail/CVE-2021-1112" id="CVE-2021-1112" title="CVE-2021-1112" type="cve"></reference>
</references>
<description>patch-redis-6.2.5-1-HP001.(CVE-2022-24048)</description>
<pkglist>
- <collection>
+ <hot_patch_collection>
<name>openEuler</name>
- <package arch="aarch64" name="patch-redis-6.2.5-1-HP001" release="0" version="1">
- <filename>patch-redis-6.2.5-1-HP001-0-1.aarch64.rpm</filename>
+ <package arch="aarch64" name="patch-redis-6.2.5-1-HP001" release="1" version="1" id="CVE-2021-1111" >
+ <filename>patch-redis-6.2.5-1-HP001-1-1.aarch64.rpm</filename>
+ </package>
+ <package arch="x86_64" name="patch-redis-6.2.5-1-HP001" release="1" version="1" id="CVE-2021-1111">
+ <filename>patch-redis-6.2.5-1-HP001-1-1.x86_64.rpm</filename>
+ </package>
+ <package arch="aarch64" name="patch-redis-6.2.5-1-HP002" release="1" version="1" id="CVE-2021-1111,CVE-2021-1112">
+ <filename>patch-redis-6.2.5-1-HP002-1-1.aarch64.rpm</filename>
</package>
- <package arch="x86_64" name="patch-redis-6.2.5-1-HP001" release="0" version="1">
- <filename>patch-redis-6.2.5-1-HP001-0-1.x86_64.rpm</filename>
+ <package arch="x86_64" name="patch-redis-6.2.5-1-HP002" release="1" version="1" id="CVE-2021-1111,CVE-2021-1112">
+ <filename>patch-redis-6.2.5-1-HP002-1-1.x86_64.rpm</filename>
</package>
- <collection>
+ </hot_patch_collection>
</pkglist>
</update>
...
@@ -248,6 +260,9 @@ class HotpatchUpdateInfo(object):
tree = ET.parse(content)
root = tree.getroot()
for update in root.iter('update'):
+ # check whether the hotpatch relevant package information is in each advisory
+ if not update.find('pkglist/hot_patch_collection'):
+ continue
advisory = self._parse_advisory(update)
self._store_advisory_info(advisory)
@@ -288,9 +303,9 @@ class HotpatchUpdateInfo(object):
mapping_cve_hotpatches[cve_id] = []
if cve_id not in self.hotpatch_cves:
continue
- hotpatch = self.hotpatch_cves[cve_id].hotpatch
- if hotpatch is not None and hotpatch.state == self.INSTALLABLE:
- mapping_cve_hotpatches[cve_id].append(hotpatch.nevra)
+ for hotpatch in self.hotpatch_cves[cve_id].hotpatches:
+ if hotpatch.state == self.INSTALLABLE:
+ mapping_cve_hotpatches[cve_id].append(hotpatch.nevra)
return mapping_cve_hotpatches
def get_hotpatches_from_advisories(self, advisories: list[str]) -> dict():
@@ -317,3 +332,4 @@ class HotpatchUpdateInfo(object):
mapping_advisory_hotpatches[advisory_id].append(
hotpatch.nevra)
return mapping_advisory_hotpatches
+
--
Gitee

103
0004-add-dnf-full-repair.patch Normal file
View File

@ -0,0 +1,103 @@
From 1ce1c474dcbd3c4f8285f595e6a9071c81f88396 Mon Sep 17 00:00:00 2001
From: gongzt <gong_zhengtang@163.com>
Date: Fri, 2 Jun 2023 15:56:03 +0800
Subject: [PATCH 1/1] Add dnf full repair
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
hotpatch/hotupgrade.py | 57 +++++++++++++++++++++++++++++++++++++++---
1 file changed, 53 insertions(+), 4 deletions(-)
diff --git a/hotpatch/hotupgrade.py b/hotpatch/hotupgrade.py
index 4f6a6fb..6adafda 100644
--- a/hotpatch/hotupgrade.py
+++ b/hotpatch/hotupgrade.py
@@ -20,9 +20,11 @@ from dnf.cli.option_parser import OptionParser
from dnf.cli.output import Output
from dnfpluginscore import _, logger
-from .syscare import Syscare
+from .syscare import Syscare, cmd_output, SUCCEED
from .hotpatch_updateinfo import HotpatchUpdateInfo
+EMPTY_TAG = "-"
+
@dnf.plugin.register_command
class HotupgradeCommand(dnf.cli.Command):
@@ -61,7 +63,8 @@ class HotupgradeCommand(dnf.cli.Command):
advisory_pkgs = self.get_hotpatch_based_on_advisory(self.opts.advisory)
self.hp_list = cve_pkgs + advisory_pkgs
else:
- raise dnf.exceptions.Error(_('No qualified rpm package name or cve/advisory id.'))
+ self.hp_list = self.upgrade_all()
+ logger.info(_("Gonna apply these hot patches:%s"), self.hp_list)
hp_target_map = self._get_available_hotpatches(self.hp_list)
if not hp_target_map:
@@ -177,8 +180,8 @@ class HotupgradeCommand(dnf.cli.Command):
def _remove_hot_patches(self, target_patch_map: dict) -> None:
output = Output(self.base, dnf.conf.Conf())
logger.info(_("Gonna remove these hot patches: %s"), list(target_patch_map.values()))
- #remove_flag = output.userconfirm()
- #if not remove_flag:
+ # remove_flag = output.userconfirm()
+ # if not remove_flag:
# raise dnf.exceptions.Error(_('Operation aborted.'))
self.syscare.save()
@@ -266,3 +269,49 @@ class HotupgradeCommand(dnf.cli.Command):
for hp in advisory_hp_dict.values():
hp_list += hp
return list(set(hp_list))
+
+ @staticmethod
+ def get_hot_updateinfo_list():
+ """
+ Find all hotpatches and upgrade all
+ use command : dnf hot-updateinfo list cves
+ Last metadata expiration check: 0:48:26 ago on 2023年06月01日 星期四 20时29分55秒.
+ CVE-2023-3332 Low/Sec. - -
+ CVE-2023-3331 Low/Sec. - -
+ CVE-2023-1112 Important/Sec. - patch-redis-6.2.5-1-HP001-1-1.x86_64
+ CVE-2023-1111 Important/Sec. - patch-redis-6.2.5-1-HP001-1-1.x86_64
+
+ return:list
+ [["CVE-2023-3332","Low/Sec.", "-" ,"-"]]
+
+ """
+ cmd = ["dnf", "hot-updateinfo", "list", "cves"]
+
+ output, return_code = cmd_output(cmd)
+ if return_code != SUCCEED:
+ return []
+
+ content = output.split('\n')
+ if len(content) <= 2:
+ return []
+ result = []
+ for item in content[1:-1]:
+ tmp = item.split()
+ result.append(tmp)
+ return result
+
+ def upgrade_all(self):
+ """
+ upgrade all exist cve and hot patches
+
+ Return:
+ find all patches and return patches list
+ e.g.:
+ ['patch-redis-6.2.5-1-HP2-1-1.x86_64']
+ """
+ hotpatchs_info = self.get_hot_updateinfo_list()
+ hp_list = []
+ for item in hotpatchs_info:
+ if item[-1] != EMPTY_TAG:
+ hp_list.append(item[-1])
+ return list(set(hp_list))
--
2.33.0

10
aops-apollo.spec
View File

@ -1,11 +1,14 @@
Name: aops-apollo Name: aops-apollo
Version: v1.2.1 Version: v1.2.1
Release: 2 Release: 3
Summary: Cve management service, monitor machine vulnerabilities and provide fix functions. Summary: Cve management service, monitor machine vulnerabilities and provide fix functions.
License: MulanPSL2 License: MulanPSL2
URL: https://gitee.com/openeuler/%{name} URL: https://gitee.com/openeuler/%{name}
Source0: %{name}-%{version}.tar.gz Source0: %{name}-%{version}.tar.gz
Patch0001: 0001-fix-some-apis-which-has-filter-fault.patch Patch0001: 0001-fix-some-apis-which-has-filter-fault.patch
Patch0002: 0002-fix-bug-and-update-the-code-of-parsing.patch
Patch0003: 0003-fix-hotpatch-updateinfo-for-search-hotpatch-info.patch
Patch0004: 0004-add-dnf-full-repair.patch
BuildRequires: python3-setuptools BuildRequires: python3-setuptools
Requires: aops-vulcanus >= v1.2.0 Requires: aops-vulcanus >= v1.2.0
@ -76,6 +79,11 @@ cp -r hotpatch %{buildroot}/%{python3_sitelib}/dnf-plugins/
%{python3_sitelib}/aops_apollo_tool/* %{python3_sitelib}/aops_apollo_tool/*
%changelog %changelog
* Fri Jun 2 2023 gongzhengtang<gong_zhengtang@163.com> - v1.2.1-3
- fix bug and update the code of parsing src.rpm
- fix hotpatch updateinfo for search hotpatch information
- add dnf full repair
* Wed May 31 2023 wenxin<shusheng.wen@outlook.com> - v1.2.1-2 * Wed May 31 2023 wenxin<shusheng.wen@outlook.com> - v1.2.1-2
- fix issue that can not be filtered by CVE ID when query cve rollbak task info - fix issue that can not be filtered by CVE ID when query cve rollbak task info
- fix issue that can not be filtered by cve rollback when query task list - fix issue that can not be filtered by cve rollback when query task list