From 43367a2cf93d4c682b643c854a2a3fb33a406584 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Fri, 18 Jul 2025 10:26:50 +0800 Subject: [PATCH 1/2] check hotpatch with test result --- .../cve-ddd/app/refactor_hotpatch.go | 20 +++++++++++++------ .../cve-ddd/domain/hot_patch_issue.go | 15 ++++++++++++++ .../cve-ddd/domain/testresult/result.go | 1 + .../infrastructure/testresultimpl/impl.go | 19 ++++++++++++++++++ cve-vulner-manager/routers/new_router.go | 1 + 5 files changed, 50 insertions(+), 6 deletions(-) diff --git a/cve-vulner-manager/cve-ddd/app/refactor_hotpatch.go b/cve-vulner-manager/cve-ddd/app/refactor_hotpatch.go index 6bffe55..4997277 100644 --- a/cve-vulner-manager/cve-ddd/app/refactor_hotpatch.go +++ b/cve-vulner-manager/cve-ddd/app/refactor_hotpatch.go @@ -14,6 +14,7 @@ import ( "cvevulner/cve-ddd/domain/obs" "cvevulner/cve-ddd/domain/repository" "cvevulner/cve-ddd/domain/service" + "cvevulner/cve-ddd/domain/testresult" "cvevulner/cve-ddd/domain/updateinfo" ) @@ -33,7 +34,7 @@ func NewRefactorHotPatchService( u updateinfo.UpdateInfo, h hotpatch.HotPatch, l *logrus.Entry, - + t testresult.Result, ) *refactorHotPatchService { return &refactorHotPatchService{ repository: r, @@ -42,17 +43,18 @@ func NewRefactorHotPatchService( updateInfo: u, hotPatch: h, log: l, + testResult: t, } } type refactorHotPatchService struct { - repository repository.CveRepository - bulletin bulletin.Bulletin obs obs.OBS - updateInfo updateinfo.UpdateInfo + log *logrus.Entry hotPatch hotpatch.HotPatch - - log *logrus.Entry + bulletin bulletin.Bulletin + testResult testresult.Result + updateInfo updateinfo.UpdateInfo + repository repository.CveRepository } func (h *refactorHotPatchService) GenerateBulletins(uploadDir, date string) error { @@ -73,6 +75,12 @@ func (h *refactorHotPatchService) GenerateBulletins(uploadDir, date string) erro hotDate := "hotpatch_" + date for _, issue := range issues { + isHotPatchExists := h.testResult.IsHotPatchExist(&issue, hotDate) + if !isHotPatchExists { + h.log.Errorf("hot patch source rpm of %s not exist", issue.HotIssueNum) + continue + } + isPublished, err1 := h.hotPatch.IsPublished(issue.CveNum[0], issue.Component, issue.Branch) if err1 != nil { h.log.Errorf("check whether hotpatch %s is published, occurred error: %s", issue.HotIssueNum, err1.Error()) diff --git a/cve-vulner-manager/cve-ddd/domain/hot_patch_issue.go b/cve-vulner-manager/cve-ddd/domain/hot_patch_issue.go index 0016b35..9a1efcd 100644 --- a/cve-vulner-manager/cve-ddd/domain/hot_patch_issue.go +++ b/cve-vulner-manager/cve-ddd/domain/hot_patch_issue.go @@ -1,5 +1,10 @@ package domain +import ( + "path/filepath" + "strings" +) + type HotPatchIssue struct { Type string Branch string @@ -8,3 +13,13 @@ type HotPatchIssue struct { PatchUrl []string HotIssueNum string } + +func (h *HotPatchIssue) SourcePatchName() string { + for _, v := range h.PatchUrl { + if strings.Contains(v, "source/Packages") { + return filepath.Base(v) + } + } + + return "" +} diff --git a/cve-vulner-manager/cve-ddd/domain/testresult/result.go b/cve-vulner-manager/cve-ddd/domain/testresult/result.go index 350673b..a39a84e 100644 --- a/cve-vulner-manager/cve-ddd/domain/testresult/result.go +++ b/cve-vulner-manager/cve-ddd/domain/testresult/result.go @@ -7,5 +7,6 @@ import ( type Result interface { Init([]string, string) Filter(domain.Cves) domain.Cves + IsHotPatchExist(*domain.HotPatchIssue, string) bool GenerateProductTree(string, []string) domain.ProductTree } diff --git a/cve-vulner-manager/cve-ddd/infrastructure/testresultimpl/impl.go b/cve-vulner-manager/cve-ddd/infrastructure/testresultimpl/impl.go index 45af6a1..55dc398 100644 --- a/cve-vulner-manager/cve-ddd/infrastructure/testresultimpl/impl.go +++ b/cve-vulner-manager/cve-ddd/infrastructure/testresultimpl/impl.go @@ -125,6 +125,25 @@ func (impl *testResultImpl) Filter(cves domain.Cves) domain.Cves { return filtered } +func (impl *testResultImpl) IsHotPatchExist(patch *domain.HotPatchIssue, hotDate string) bool { + patchName := patch.SourcePatchName() + if patchName == "" { + return false + } + + url := fmt.Sprintf("%s/repo.openeuler.org/%s/%s/source/Packages/%s", + beego.AppConfig.String("testResult::host"), patch.Branch, hotDate, patchName, + ) + + resp, err := http.Head(url) + if err != nil { + impl.log.Errorf("check hotPatch rpm %s failed: %s", url, err.Error()) + return false + } + + return resp.StatusCode == http.StatusOK +} + func (impl *testResultImpl) GenerateProductTree(component string, affectedVersion []string) domain.ProductTree { tree := make(domain.ProductTree) diff --git a/cve-vulner-manager/routers/new_router.go b/cve-vulner-manager/routers/new_router.go index 928acbb..202c36a 100644 --- a/cve-vulner-manager/routers/new_router.go +++ b/cve-vulner-manager/routers/new_router.go @@ -72,6 +72,7 @@ func initNewRouter() { updateinfoimpl.NewUpdateInfoImpl(logBulletin), hotpatchimpl.NewHotPatchImpl(logHotPatchBulletin), logHotPatchBulletin, + testresultimpl.NewTestResultImpl(logHotPatchBulletin), ) NewCveController := controller.NewCveController( -- Gitee From 85b49603d5a29c8e0e6b398d9f1ddba78c726508 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Mon, 28 Jul 2025 15:55:54 +0800 Subject: [PATCH 2/2] fix ci --- cve-vulner-manager/cve-ddd/domain/hot_patch_issue.go | 1 + 1 file changed, 1 insertion(+) diff --git a/cve-vulner-manager/cve-ddd/domain/hot_patch_issue.go b/cve-vulner-manager/cve-ddd/domain/hot_patch_issue.go index 9a1efcd..4a6f0dd 100644 --- a/cve-vulner-manager/cve-ddd/domain/hot_patch_issue.go +++ b/cve-vulner-manager/cve-ddd/domain/hot_patch_issue.go @@ -14,6 +14,7 @@ type HotPatchIssue struct { HotIssueNum string } +// SourcePatchName get rpm name of source arch func (h *HotPatchIssue) SourcePatchName() string { for _, v := range h.PatchUrl { if strings.Contains(v, "source/Packages") { -- Gitee