From d6be0a82ace5d07d31a91a628369f71534834441 Mon Sep 17 00:00:00 2001
From: rabbitali <shusheng.wen@outlook.com>
Date: Wed, 13 Sep 2023 10:58:16 +0800
Subject: [PATCH 1/1] update func named set_hotpatch_status_by_dnf_plugin

---
 ceres/manages/vulnerability_manage.py | 30 ++++++++++++++++++++-------
 1 file changed, 22 insertions(+), 8 deletions(-)

diff --git a/ceres/manages/vulnerability_manage.py b/ceres/manages/vulnerability_manage.py
index f45c1f2..ab4b41c 100644
--- a/ceres/manages/vulnerability_manage.py
+++ b/ceres/manages/vulnerability_manage.py
@@ -615,12 +615,11 @@ class VulnerabilityManage:
         if not self.takeover and self.accepted:
             try:
                 hotpatch_name = hotpatch_pkg.rsplit(".", 1)[0].split("-", 1)[1]
-                status_set_result, log = self._set_hotpatch_status_by_dnf_plugin(hotpatch_name, "accept")
-                if not status_set_result:
-                    stdout += "\n" + log
+                _, log = self._set_hotpatch_status_by_dnf_plugin(hotpatch_name, "accept")
+                stdout += f"\n\n{log}"
             except IndexError as error:
                 LOGGER.error(error)
-                stdout += "\n" + "hotpatch status set failed due to can't get correct hotpatch name!"
+                stdout += f"\n\nhotpatch status set failed due to can't get correct hotpatch name!"
 
         return TaskExecuteRes.SUCCEED, stdout
 
@@ -637,12 +636,27 @@ class VulnerabilityManage:
             Tuple[bool, str]
             a tuple containing two elements (operation result, operation log).
         """
-        code, stdout, stderr = execute_shell_command(f"dnf hotpatch --{operation} {hotpatch}")
-        if code != CommandExitCode.SUCCEED:
+
+        # replace -ACC to /ACC or -SGL to /SGL
+        # Example: kernel-5.10.0-153.12.0.92.oe2203sp2-ACC-1-1 >> kernel-5.10.0-153.12.0.92.oe2203sp2/ACC-1-1
+        wait_to_remove_patch = re.sub(r'-(ACC|SGL)', r'/\1', hotpatch)
+        # Example of command execution result:
+        # Succeed:
+        # [root@openEuler ~]# dnf hotpatch --remove kernel-5.10.0-153.12.0.92.oe2203sp2/ACC-1-1
+        # Last metadata expiration check: 3:24:16 ago on Wed 13 Sep 2023 08:16:17 AM CST.
+        # Gonna remove this hot patch: kernel-5.10.0-153.12.0.92.oe2203sp2/ACC-1-1
+        # remove hot patch 'kernel-5.10.0-153.12.0.92.oe2203sp2/ACC-1-1' succeed
+        # Fail:
+        # [root@openEuler ~]# dnf hotpatch --accept kernel-5.10.0-153.12.0.92.oe2203sp2/ACC-1-1
+        # Last metadata expiration check: 3:25:24 ago on Wed 13 Sep 2023 08:16:17 AM CST.
+        # Gonna accept this hot patch: kernel-5.10.0-153.12.0.92.oe2203sp2/ACC-1-1
+        # accept hot patch 'kernel-5.10.0-153.12.0.92.oe2203sp2/ACC-1-1' failed, remain original status
+        code, stdout, stderr = execute_shell_command(f"dnf hotpatch --{operation} {wait_to_remove_patch}")
+        if code != CommandExitCode.SUCCEED or 'failed' in stdout:
             LOGGER.error(f"hotpatch {hotpatch} set status failed!")
-            return False, stderr
+            return False, stdout + stderr
 
-        return True, stdout
+        return True, stdout + stderr
 
     def cve_rollback(self, cves: List[dict]) -> Tuple[str, list]:
         """
-- 
2.33.0