From 324fbbc073a2b693df76cb8ad6593d74bddc69ca Mon Sep 17 00:00:00 2001
From: rabbitali <shusheng.wen@outlook.com>
Date: Wed, 13 Sep 2023 12:21:59 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E7=83=AD=E8=A1=A5=E4=B8=81?=
 =?UTF-8?q?=E7=8A=B6=E6=80=81=E8=AE=BE=E7=BD=AE=E5=A4=B1=E8=B4=A5=E7=9A=84?=
 =?UTF-8?q?=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

(cherry picked from commit a89ca1e81b75c35373620fe5238e712553809af7)
---
 ...ed-set-hotpatch-status-by-dnf-plugin.patch | 64 +++++++++++++++++++
 aops-ceres.spec                               |  8 ++-
 2 files changed, 70 insertions(+), 2 deletions(-)
 create mode 100644 0001-update-func-named-set-hotpatch-status-by-dnf-plugin.patch

diff --git a/0001-update-func-named-set-hotpatch-status-by-dnf-plugin.patch b/0001-update-func-named-set-hotpatch-status-by-dnf-plugin.patch
new file mode 100644
index 0000000..861f4dc
--- /dev/null
+++ b/0001-update-func-named-set-hotpatch-status-by-dnf-plugin.patch
@@ -0,0 +1,64 @@
+From d6be0a82ace5d07d31a91a628369f71534834441 Mon Sep 17 00:00:00 2001
+From: rabbitali <shusheng.wen@outlook.com>
+Date: Wed, 13 Sep 2023 10:58:16 +0800
+Subject: [PATCH 1/1] update func named set_hotpatch_status_by_dnf_plugin
+
+---
+ ceres/manages/vulnerability_manage.py | 30 ++++++++++++++++++++-------
+ 1 file changed, 22 insertions(+), 8 deletions(-)
+
+diff --git a/ceres/manages/vulnerability_manage.py b/ceres/manages/vulnerability_manage.py
+index f45c1f2..ab4b41c 100644
+--- a/ceres/manages/vulnerability_manage.py
++++ b/ceres/manages/vulnerability_manage.py
+@@ -615,12 +615,11 @@ class VulnerabilityManage:
+         if not self.takeover and self.accepted:
+             try:
+                 hotpatch_name = hotpatch_pkg.rsplit(".", 1)[0].split("-", 1)[1]
+-                status_set_result, log = self._set_hotpatch_status_by_dnf_plugin(hotpatch_name, "accept")
+-                if not status_set_result:
+-                    stdout += "\n" + log
++                _, log = self._set_hotpatch_status_by_dnf_plugin(hotpatch_name, "accept")
++                stdout += f"\n\n{log}"
+             except IndexError as error:
+                 LOGGER.error(error)
+-                stdout += "\n" + "hotpatch status set failed due to can't get correct hotpatch name!"
++                stdout += f"\n\nhotpatch status set failed due to can't get correct hotpatch name!"
+ 
+         return TaskExecuteRes.SUCCEED, stdout
+ 
+@@ -637,12 +636,27 @@ class VulnerabilityManage:
+             Tuple[bool, str]
+             a tuple containing two elements (operation result, operation log).
+         """
+-        code, stdout, stderr = execute_shell_command(f"dnf hotpatch --{operation} {hotpatch}")
+-        if code != CommandExitCode.SUCCEED:
++
++        # replace -ACC to /ACC or -SGL to /SGL
++        # Example: kernel-5.10.0-153.12.0.92.oe2203sp2-ACC-1-1 >> kernel-5.10.0-153.12.0.92.oe2203sp2/ACC-1-1
++        wait_to_remove_patch = re.sub(r'-(ACC|SGL)', r'/\1', hotpatch)
++        # Example of command execution result:
++        # Succeed:
++        # [root@openEuler ~]# dnf hotpatch --remove kernel-5.10.0-153.12.0.92.oe2203sp2/ACC-1-1
++        # Last metadata expiration check: 3:24:16 ago on Wed 13 Sep 2023 08:16:17 AM CST.
++        # Gonna remove this hot patch: kernel-5.10.0-153.12.0.92.oe2203sp2/ACC-1-1
++        # remove hot patch 'kernel-5.10.0-153.12.0.92.oe2203sp2/ACC-1-1' succeed
++        # Fail:
++        # [root@openEuler ~]# dnf hotpatch --accept kernel-5.10.0-153.12.0.92.oe2203sp2/ACC-1-1
++        # Last metadata expiration check: 3:25:24 ago on Wed 13 Sep 2023 08:16:17 AM CST.
++        # Gonna accept this hot patch: kernel-5.10.0-153.12.0.92.oe2203sp2/ACC-1-1
++        # accept hot patch 'kernel-5.10.0-153.12.0.92.oe2203sp2/ACC-1-1' failed, remain original status
++        code, stdout, stderr = execute_shell_command(f"dnf hotpatch --{operation} {wait_to_remove_patch}")
++        if code != CommandExitCode.SUCCEED or 'failed' in stdout:
+             LOGGER.error(f"hotpatch {hotpatch} set status failed!")
+-            return False, stderr
++            return False, stdout + stderr
+ 
+-        return True, stdout
++        return True, stdout + stderr
+ 
+     def cve_rollback(self, cves: List[dict]) -> Tuple[str, list]:
+         """
+-- 
+2.33.0
+
diff --git a/aops-ceres.spec b/aops-ceres.spec
index adb87fe..21f131c 100644
--- a/aops-ceres.spec
+++ b/aops-ceres.spec
@@ -1,10 +1,11 @@
 Name:		aops-ceres
 Version:	v1.3.1
-Release:	1
+Release:	2
 Summary:	An agent which needs to be adopted in client, it managers some plugins, such as gala-gopher(kpi collection), fluentd(log collection) and so on.
 License:	MulanPSL2
 URL:		https://gitee.com/openeuler/%{name}
 Source0:	%{name}-%{version}.tar.gz
+Patch0001:	0001-update-func-named-set-hotpatch-status-by-dnf-plugin.patch
 
 BuildRequires:  python3-setuptools
 Requires:   python3-requests  python3-jsonschema python3-libconf
@@ -18,7 +19,7 @@ An agent which needs to be adopted in client, it managers some plugins, such as
 
 
 %prep
-%autosetup -n %{name}-%{version}
+%autosetup -n %{name}-%{version} -p1
 
 
 # build for aops-ceres
@@ -39,6 +40,9 @@ An agent which needs to be adopted in client, it managers some plugins, such as
 
 
 %changelog
+* Wed Sep 13 2023 wenxin<shusheng.wen@outlook.com> - v1.3.1-2
+- update func named set_hotpatch_status_by_dnf_plugin
+
 * Mon Sep 11 2023 zhuyuncheng<zhu-yuncheng@huawei.com> - v1.3.1-1
 - update rollback task logic, better returned log
 - update status code and return None when installed_rpm or available_rpm is empty