From af168dfd4886d994060af0d3a17f417d7d08daa2 Mon Sep 17 00:00:00 2001
From: young <954906362@qq.com>
Date: Tue, 9 May 2023 11:07:47 +0800
Subject: [PATCH] fix hotpatch fail show succeed bug
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ceres/manages/vulnerability_manage.py | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/ceres/manages/vulnerability_manage.py b/ceres/manages/vulnerability_manage.py
index 12c3bc1..a353dab 100644
--- a/ceres/manages/vulnerability_manage.py
+++ b/ceres/manages/vulnerability_manage.py
@@ -151,8 +151,10 @@ class VulnerabilityManage:
             scan_result = get_shell_data(
                 ["dnf", "updateinfo", "list", "cves", "--repo", repo_id])
             is_dnf_command = False
-
-        for scan_info in scan_result.strip().split("\n")[2:]:
+        # scan_result e.g.
+        # Last metadata expiration check: 4:31:51 ago on Tue 09 May 2023 05:50:28 AM CST.
+        # CVE-2021-32675 Low/sec.- -
+        for scan_info in scan_result.strip().split("\n")[1:]:
             cve = re.findall(r"CVE-[\d]{4}-[\d]+", scan_info)[0]
             result_list.append({
                 "cve_id": cve,
@@ -221,7 +223,8 @@ class VulnerabilityManage:
             command_execute_result: output from command execution
 
         """
-        if cve.get("hotpatch"):
+        hotpatch = cve.get("hotpatch")
+        if hotpatch:
             commond_args = ["dnf", "hotupgrade",
                             f"--cve={cve.get('cve_id')}", "-y"]
         else:
@@ -233,4 +236,7 @@ class VulnerabilityManage:
             LOGGER.error(f"Failed to fix cve {cve.get('cve_id')} by dnf")
             res = 'Host has no command dnf'
 
-        return "Apply hot patch succeed" in res or "Complete" in res, res
+        if hotpatch:
+            return "Apply hot patch succeed" in res, res
+        else:
+            return "Complete" in res, res
-- 
Gitee