!99 [sync] PR-98: 优化cve关联查询性能及适配20.03-sp3版本

From: @openeuler-sync-bot Reviewed-by: @zhu-yuncheng Signed-off-by: @zhu-yuncheng
2023-10-19 08:32:40 +00:00 · 2023-10-19 08:32:40 +00:00 · 02c8b39bbe
commit 02c8b39bbe
parent 108afbd8f7 2d264c869a
5 changed files with 23 additions and 115 deletions
--- a/0001-fix-updateinfo_parse.py-bug.patch
+++ b/0001-fix-updateinfo_parse.py-bug.patch
@ -1,30 +0,0 @@
-From 68d4c8cad42960391998868f15e2f99b40daa216 Mon Sep 17 00:00:00 2001
-From: wang-guangge <wangguangge@huawei.com>
-Date: Tue, 19 Sep 2023 13:58:04 +0800
-Subject: [PATCH] fix updateinfo_parse.py bug
-
---
- hotpatch/updateinfo_parse.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/hotpatch/updateinfo_parse.py b/hotpatch/updateinfo_parse.py
-index 42e3814..7bfba61 100644
--- a/hotpatch/updateinfo_parse.py
-+++ b/hotpatch/updateinfo_parse.py
-@@ -279,12 +279,12 @@ class HotpatchUpdateInfo(object):
-             hotpatch(Hotpatch)
-         """
-         hotpatch.state = self.UNRELATED
-+        is_find_installable_hp = False
-         for required_pkg_name, required_pkg_vere in hotpatch.required_pkgs_info.items():
-             inst_pkgs = self._inst_pkgs_query.filter(name=required_pkg_name)
-             # check whether the relevant target required package is installed on this machine
-             if not inst_pkgs:
-                 return
-            is_find_installable_hp = False
-             for inst_pkg in inst_pkgs:
-                 inst_pkg_vere = '%s-%s' % (inst_pkg.version, inst_pkg.release)
-                 if not self.version.larger_than(required_pkg_vere, inst_pkg_vere):
-- 
-2.33.0
-
--- a/0002-add-repair-status-of-the-cve-fixed-package.patch
+++ b/0002-add-repair-status-of-the-cve-fixed-package.patch
@ -1,67 +0,0 @@
-From 7797ac40d715c9e7d56f1d6c0053b699c42c4ac2 Mon Sep 17 00:00:00 2001
-From: gongzt <gong_zhengtang@163.com>
-Date: Tue, 19 Sep 2023 18:45:38 +0800
-Subject: Added the repair status of the cve fixed package
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
---
- apollo/database/proxy/cve.py | 19 +++++++++++++++----
- 1 file changed, 15 insertions(+), 4 deletions(-)
-
-diff --git a/apollo/database/proxy/cve.py b/apollo/database/proxy/cve.py
-index 95de25c..c6d017e 100644
--- a/apollo/database/proxy/cve.py
-+++ b/apollo/database/proxy/cve.py
-@@ -1562,21 +1562,25 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
- 
-         cve_fixed_packages = (
-             self.session.query(
-+                CveHostAssociation.id,
-                 CveHostAssociation.installed_rpm,
-                 CveHostAssociation.fixed_way,
-                 func.count(CveHostAssociation.host_id).label("host_num"),
-             )
-             .filter(*filters)
-            .group_by('installed_rpm', 'fixed_way')
-+            .group_by('installed_rpm', 'fixed_way', 'id')
-             .all()
-         )
-         if not cve_fixed_packages:
-             return NO_DATA, []
-+        cve_fixed_packages_status = (
-+            self.session.query(CveHostAssociation.id, CveHostAssociation.hp_status).filter(*filters).all()
-+        )
- 
-        return SUCCEED, self._cve_fixed_packages_row2dict(cve_fixed_packages)
-+        return SUCCEED, self._cve_fixed_packages_row2dict(cve_fixed_packages, cve_fixed_packages_status)
- 
-     @staticmethod
-    def _cve_fixed_packages_row2dict(rows):
-+    def _cve_fixed_packages_row2dict(rows, cve_fixed_packages_status):
-         """
-         Fixed cve package row data converted to dictionary
-         Args:
-@@ -1586,10 +1590,17 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
-             list
-         """
-         result = []
-+        cve_fixed_packages_status_dict = {
-+            cve_host_match.id: cve_host_match.hp_status for cve_host_match in cve_fixed_packages_status
-+        }
-         for row in rows:
-+            status = cve_fixed_packages_status_dict[row.id] if cve_fixed_packages_status_dict[row.id] else ""
-+            fixed_way = row.fixed_way
-+            if fixed_way != "coldpatch":
-+                fixed_way = fixed_way + f" ({status})"
-             fixed_rpm = {
-                 "installed_rpm": row.installed_rpm,
-                "fixed_way": row.fixed_way,
-+                "fixed_way": fixed_way,
-                 "host_num": row.host_num,
-             }
-             result.append(fixed_rpm)
-- 
-Gitee
-
--- a/aops-apollo-v1.3.2.tar.gz
+++ b/aops-apollo-v1.3.2.tar.gz
--- a/aops-apollo-v1.3.4.tar.gz
+++ b/aops-apollo-v1.3.4.tar.gz
--- a/aops-apollo.spec
+++ b/aops-apollo.spec
@ -1,32 +1,23 @@
 Name:		aops-apollo
-Version:	v1.3.2
-Release:	3
+Version:	v1.3.4
+Release:	1
 Summary:	Cve management service, monitor machine vulnerabilities and provide fix functions.
 License:	MulanPSL2
 URL:		https://gitee.com/openeuler/%{name}
 Source0:	%{name}-%{version}.tar.gz

-
 BuildRequires:  python3-setuptools
-Requires:   aops-vulcanus >= v1.2.0
+Requires:   aops-vulcanus >= v1.3.0
 Requires:   python3-elasticsearch python3-flask-restful python3-marshmallow >= 3.13.0
 Requires:   python3-sqlalchemy python3-PyMySQL python3-Flask-APScheduler >= 1.11.0
 Requires:   python3-PyYAML python3-flask python3-gevent
 Requires:   python3-retrying python3-lxml
 Provides:   aops-apollo
-Patch0001:  0001-fix-updateinfo_parse.py-bug.patch
-Patch0002:  0002-add-repair-status-of-the-cve-fixed-package.patch


 %description
 Cve management service, monitor machine vulnerabilities and provide fix functions.

-%package -n dnf-hotpatch-plugin
-Summary: dnf hotpatch plugin
-Requires: python3-hawkey python3-dnf syscare >= 1.0.1
-
-%description -n dnf-hotpatch-plugin
-dnf hotpatch plugin, it's about hotpatch query and fix

 %package -n aops-apollo-tool
 Summary: Small tools for aops-apollo, e.g. updateinfo.xml generater
@ -36,7 +27,7 @@ Requires: python3-rpm
 smalltools for aops-apollo, e.g.updateinfo.xml generater

 %prep
-%autosetup -n %{name}-%{version} -p1
+%autosetup -n %{name}-%{version}


 # build for aops-apollo
@ -57,9 +48,6 @@ pushd aops-apollo-tool
 %py3_install
 popd

-#install for aops-dnf-plugin
-cp -r hotpatch %{buildroot}/%{python3_sitelib}/dnf-plugins/
-

 %files
 %doc README.*
@ -71,8 +59,6 @@ cp -r hotpatch %{buildroot}/%{python3_sitelib}/dnf-plugins/
 %{python3_sitelib}/apollo/*
 %attr(0755, root, root) /opt/aops/database/*

-%files -n dnf-hotpatch-plugin
-%{python3_sitelib}/dnf-plugins/*

 %files -n aops-apollo-tool
 %attr(0644,root,root) %{_sysconfdir}/aops_apollo_tool/updateinfo_config.ini
@ -81,6 +67,25 @@ cp -r hotpatch %{buildroot}/%{python3_sitelib}/dnf-plugins/
 %{python3_sitelib}/aops_apollo_tool/*

 %changelog
+* Thu Oct 19 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.4-1
+- Remove hotpatch
+
+* Wed Oct 18 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.3-2
+- optimize cve query performance
+- fixed errors in 20.03-sp3, such as task progress, cve repair task, and host cve query
+
+* Thu Sep 21 2023 zhuyuncheng<zhuyuncheng@huawei.com> - v1.3.3-1
+- update typing and requires version
+
+* Thu Sep 21 2023 wangguangge<wangguangge@huawei.com> - v1.3.2-6
+- fix the hot_updateinfo.py bug
+
+* Wed Sep 20 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.2-5
+- add fixed and hp_status filter
+
+* Wed Sep 20 2023 wangguangge<wangguangge@huawei.com> - v1.3.2-4
+- fix the hotupgrade.py bug
+
 * Tue Sep 19 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.2-3
 - added the repair status of the cve fixed package