diff --git a/cmd/cloud-server/service/cvm/batch_associate.go b/cmd/cloud-server/service/cvm/batch_associate.go index f0c6352cfd..6cfc933c78 100644 --- a/cmd/cloud-server/service/cvm/batch_associate.go +++ b/cmd/cloud-server/service/cvm/batch_associate.go @@ -115,9 +115,13 @@ func (svc *cvmSvc) batchAssociateSecurityGroups(cts *rest.Contexts, validHandler func (svc *cvmSvc) deleteSecurityGroupAndCvmRelationship(kt *kit.Kit, cvmID string, sgIDs []string) error { batchDeleteReq := &proto.BatchDeleteReq{ - Filter: tools.ExpressionAnd(tools.RuleEqual("cvm_id", cvmID), tools.RuleIn("security_group_id", sgIDs)), + Filter: tools.ExpressionAnd( + tools.RuleEqual("res_id", cvmID), + tools.RuleEqual("res_type", enumor.CvmCloudResType), + tools.RuleIn("security_group_id", sgIDs), + ), } - err := svc.client.DataService().Global.SGCvmRel.BatchDeleteSgCvmRels(kt.Ctx, kt.Header(), batchDeleteReq) + err := svc.client.DataService().Global.SGCommonRel.BatchDeleteSgCommonRels(kt, batchDeleteReq) if err != nil { logs.Errorf("delete security group and cvm relationship failed, err: %v, req: %+v, rid: %s", err, batchDeleteReq, kt.Rid) diff --git a/cmd/cloud-server/service/cvm/query.go b/cmd/cloud-server/service/cvm/query.go index 9fb6e28d1b..86d4bd487d 100644 --- a/cmd/cloud-server/service/cvm/query.go +++ b/cmd/cloud-server/service/cvm/query.go @@ -297,7 +297,7 @@ func (svc *cvmSvc) listCvmSecurityGroups(cts *rest.Contexts, authHandler handler itemMap := convertToBatchListCvmSecurityGroupsRespItem(securityGroupsMap) cvmToSgMap := make(map[string][]cscvm.BatchListCvmSecurityGroupsRespItem, len(req.CvmIDs)) for _, rel := range rels { - cvmToSgMap[rel.CvmID] = append(cvmToSgMap[rel.CvmID], itemMap[rel.SecurityGroupID]) + cvmToSgMap[rel.ResID] = append(cvmToSgMap[rel.ResID], itemMap[rel.SecurityGroupID]) } result := make([]cscvm.BatchListCvmSecurityGroupsResp, len(req.CvmIDs)) @@ -346,26 +346,27 @@ func (svc *cvmSvc) getSecurityGroupsMap(kt *kit.Kit, sgIDs []string) (map[string return result, nil } -func (svc *cvmSvc) listCvmSecurityGroupRels(kt *kit.Kit, cvmIDs []string) ([]cloud.SecurityGroupCvmRel, error) { +func (svc *cvmSvc) listCvmSecurityGroupRels(kt *kit.Kit, cvmIDs []string) ([]cloud.SecurityGroupCommonRel, error) { - result := make([]cloud.SecurityGroupCvmRel, 0) + result := make([]cloud.SecurityGroupCommonRel, 0) req := &core.ListReq{ - Filter: tools.ContainersExpression("cvm_id", cvmIDs), - Page: core.NewDefaultBasePage(), + Filter: tools.ExpressionAnd( + tools.RuleIn("res_id", cvmIDs), + tools.RuleEqual("res_type", enumor.CvmCloudResType), + ), + Page: core.NewDefaultBasePage(), } for { - sgCvmRels, err := svc.client.DataService().Global.SGCvmRel.ListSgCvmRels(kt.Ctx, kt.Header(), req) + sgCvmRels, err := svc.client.DataService().Global.SGCommonRel.ListSgCommonRels(kt, req) if err != nil { return nil, err } if len(sgCvmRels.Details) == 0 { break } - for _, detail := range sgCvmRels.Details { - result = append(result, detail) - } + result = append(result, sgCvmRels.Details...) req.Page.Start += uint32(core.DefaultMaxPageLimit) } diff --git a/cmd/cloud-server/service/cvm/security_group_rule.go b/cmd/cloud-server/service/cvm/security_group_rule.go index 2bf880ce97..831c69817a 100644 --- a/cmd/cloud-server/service/cvm/security_group_rule.go +++ b/cmd/cloud-server/service/cvm/security_group_rule.go @@ -110,12 +110,13 @@ func (svc *cvmSvc) listCvmSecurityGroupRules(kt *kit.Kit, vendor enumor.Vendor, func (svc *cvmSvc) checkCvmAndSecurityGroupRel(kt *kit.Kit, cvmID, sgID string) error { checkReq := &core.ListReq{ Filter: tools.ExpressionAnd( - tools.RuleEqual("cvm_id", cvmID), + tools.RuleEqual("res_id", cvmID), tools.RuleEqual("security_group_id", sgID), + tools.RuleEqual("res_type", enumor.CvmCloudResType), ), Page: core.NewCountPage(), } - rels, err := svc.client.DataService().Global.SGCvmRel.ListSgCvmRels(kt.Ctx, kt.Header(), checkReq) + rels, err := svc.client.DataService().Global.SGCommonRel.ListSgCommonRels(kt, checkReq) if err != nil { logs.Errorf("check cvm and security group relation failed, err: %v, rid: %s", err, kt.Rid) return err diff --git a/cmd/cloud-server/service/security-group/query.go b/cmd/cloud-server/service/security-group/query.go index 04f4a25097..c206c34a30 100644 --- a/cmd/cloud-server/service/security-group/query.go +++ b/cmd/cloud-server/service/security-group/query.go @@ -141,10 +141,13 @@ func (svc *securityGroupSvc) getSecurityGroup(cts *rest.Contexts, validHandler h func (svc *securityGroupSvc) queryAssociateCvmCount(kt *kit.Kit, id string) (uint64, error) { cvmRelOpt := &core.ListReq{ - Filter: tools.EqualExpression("security_group_id", id), - Page: core.NewCountPage(), + Filter: tools.ExpressionAnd( + tools.RuleEqual("security_group_id", id), + tools.RuleEqual("res_type", enumor.CvmCloudResType), + ), + Page: core.NewCountPage(), } - cvmRelResult, err := svc.client.DataService().Global.SGCvmRel.ListSgCvmRels(kt.Ctx, kt.Header(), cvmRelOpt) + cvmRelResult, err := svc.client.DataService().Global.SGCommonRel.ListSgCommonRels(kt, cvmRelOpt) if err != nil { return 0, err } @@ -231,11 +234,13 @@ func (svc *securityGroupSvc) listSecurityGroup(cts *rest.Contexts, authHandler h } // ListSecurityGroupsByCvmID list security groups by cvm_id. +// Deprecated: use ListSecurityGroupsByResID instead. func (svc *securityGroupSvc) ListSecurityGroupsByCvmID(cts *rest.Contexts) (interface{}, error) { return svc.listSGByCvmID(cts, handler.ResOperateAuth) } // ListBizSecurityGroupsByCvmID list biz security groups by cvm_id. +// Deprecated: use ListBizSecurityGroupsByResID instead. func (svc *securityGroupSvc) ListBizSecurityGroupsByCvmID(cts *rest.Contexts) (interface{}, error) { return svc.listSGByCvmID(cts, handler.BizOperateAuth) } diff --git a/cmd/cloud-server/service/security-group/related_resource.go b/cmd/cloud-server/service/security-group/related_resource.go index aa745c5740..ae4ff332a7 100644 --- a/cmd/cloud-server/service/security-group/related_resource.go +++ b/cmd/cloud-server/service/security-group/related_resource.go @@ -70,15 +70,18 @@ func (svc *securityGroupSvc) listResourceIdBySecurityGroup(cts *rest.Contexts, v } // ListCvmIdBySecurityGroup list cvm id by security group +// Deprecated: table[security_group_cvm_rel] is deprecated. Use ListResourceIdBySecurityGroup instead. func (svc *securityGroupSvc) ListCvmIdBySecurityGroup(cts *rest.Contexts) (interface{}, error) { return svc.listCvmIDBySecurityGroup(cts, handler.ResOperateAuth) } // ListBizCvmIdBySecurityGroup list biz cvm id by security group +// Deprecated: table[security_group_cvm_rel] is deprecated. Use ListBizResourceIDBySecurityGroup instead. func (svc *securityGroupSvc) ListBizCvmIdBySecurityGroup(cts *rest.Contexts) (interface{}, error) { return svc.listCvmIDBySecurityGroup(cts, handler.BizOperateAuth) } +// Deprecated: table[security_group_cvm_rel] is deprecated. func (svc *securityGroupSvc) listCvmIDBySecurityGroup(cts *rest.Contexts, validHandler handler.ValidWithAuthHandler) (interface{}, error) { id := cts.PathParameter("id").String() if len(id) == 0 { diff --git a/cmd/data-service/service/cloud/security-group-common-rel/create.go b/cmd/data-service/service/cloud/security-group-common-rel/create.go index f34ebca272..26d9dc0d8f 100644 --- a/cmd/data-service/service/cloud/security-group-common-rel/create.go +++ b/cmd/data-service/service/cloud/security-group-common-rel/create.go @@ -24,13 +24,17 @@ import ( "hcm/pkg/api/core" protocloud "hcm/pkg/api/data-service/cloud" + "hcm/pkg/criteria/enumor" "hcm/pkg/criteria/errf" "hcm/pkg/dal/dao/orm" "hcm/pkg/dal/dao/tools" "hcm/pkg/dal/dao/types" tablecloud "hcm/pkg/dal/table/cloud" + "hcm/pkg/kit" "hcm/pkg/logs" "hcm/pkg/rest" + "hcm/pkg/tools/converter" + "hcm/pkg/tools/slice" "github.com/jmoiron/sqlx" ) @@ -59,6 +63,11 @@ func (svc *sgComRelSvc) BatchCreateSgCommonRels(cts *rest.Contexts) (interface{} }) } + // check relation resource is existed + if err := svc.checkRelationResourceExist(cts.Kit, req.Rels); err != nil { + logs.Errorf("check relation resource exist failed, err: %v, rid: %s", err, cts.Kit.Rid) + return nil, nil + } if err := svc.dao.SGCommonRel().BatchCreateWithTx(cts.Kit, txn, models); err != nil { return nil, fmt.Errorf("batch create sg common rels failed, err: %v", err) } @@ -125,6 +134,12 @@ func (svc *sgComRelSvc) BatchUpsertSgCommonRels(cts *rest.Contexts) (interface{} Creator: cts.Kit.User, }) } + // check relation resource is existed + if err := svc.checkRelationResourceExist(cts.Kit, req.Rels); err != nil { + logs.Errorf("check relation resource exist failed, err: %v, rid: %s", err, cts.Kit.Rid) + return nil, nil + } + if err := svc.dao.SGCommonRel().BatchCreateWithTx(cts.Kit, txn, models); err != nil { return nil, fmt.Errorf("batch create sg common rels failed, err: %v", err) } @@ -137,3 +152,51 @@ func (svc *sgComRelSvc) BatchUpsertSgCommonRels(cts *rest.Contexts) (interface{} return nil, nil } + +func (svc *sgComRelSvc) checkRelationResourceExist(kt *kit.Kit, rels []protocloud.SGCommonRelCreate) error { + // check relation resource is existed + // 校验关联资源是否存在 + sgIDs := make([]string, 0) + resTypeToResIDsMap := make(map[enumor.CloudResourceType][]string) + for _, rel := range rels { + sgIDs = append(sgIDs, rel.SecurityGroupID) + resTypeToResIDsMap[rel.ResType] = append(resTypeToResIDsMap[rel.ResType], rel.ResID) + } + + sgMap := make(map[string]tablecloud.SecurityGroupTable) + for _, ids := range slice.Split(sgIDs, int(core.DefaultMaxPageLimit)) { + listOpt := &types.ListOption{ + Filter: tools.ContainersExpression("id", ids), + Page: core.NewDefaultBasePage(), + } + resp, err := svc.dao.SecurityGroup().List(kt, listOpt) + if err != nil { + logs.Errorf("list security group failed, err: %v, ids: %v, rid: %s", err, ids, kt.Rid) + return err + } + for _, detail := range resp.Details { + sgMap[detail.ID] = detail + } + } + + if len(sgMap) != len(converter.StringSliceToMap(sgIDs)) { + logs.Errorf("get security group count not right, ids: %v, count: %d, rid: %s", sgIDs, len(sgMap), kt.Rid) + return fmt.Errorf("get security group count not right") + } + + for resType, resIDs := range resTypeToResIDsMap { + dbResp, err := svc.dao.Cloud().ListResourceIDs(kt, resType, tools.ContainersExpression("id", resIDs)) + if err != nil { + logs.Errorf("list resource ids failed, err: %v, resType: %s, resIDs: %v, rid: %s", + err, resType, resIDs, kt.Rid) + return err + } + if len(dbResp) != len(converter.StringSliceToMap(resIDs)) { + logs.Errorf("get resource count not right, err: %v, resType: %s, resIDs: %v, rid: %s", + err, resType, resIDs, kt.Rid) + return fmt.Errorf("get resource count not right") + } + } + + return nil +} diff --git a/cmd/hc-service/logics/res-sync/cvm-rel-manager/cvm_security_group_rel.go b/cmd/hc-service/logics/res-sync/cvm-rel-manager/cvm_security_group_rel.go index 80889c7884..02a1b234a3 100644 --- a/cmd/hc-service/logics/res-sync/cvm-rel-manager/cvm_security_group_rel.go +++ b/cmd/hc-service/logics/res-sync/cvm-rel-manager/cvm_security_group_rel.go @@ -20,10 +20,12 @@ package cvmrelmgr import ( + "sort" + "hcm/pkg/api/core" + "hcm/pkg/api/core/cloud" dataproto "hcm/pkg/api/data-service" datacloud "hcm/pkg/api/data-service/cloud" - "hcm/pkg/criteria/constant" "hcm/pkg/criteria/enumor" "hcm/pkg/dal/dao/tools" "hcm/pkg/kit" @@ -31,6 +33,9 @@ import ( "hcm/pkg/tools/slice" ) +// syncCvmSGRel sync cvm securityGroup rel. +// getCvmIDWithAssResIDMap CvmAppendAssResCloudID +// 根据上面两个方法可以得知 获取到的sg列表是有序的,按照这个顺序作为优先级写入关联关系表即可 func (mgr *CvmRelManger) syncCvmSGRel(kt *kit.Kit, cvmMap map[string]string, opt *SyncRelOption) error { if err := opt.Validate(); err != nil { @@ -43,119 +48,129 @@ func (mgr *CvmRelManger) syncCvmSGRel(kt *kit.Kit, cvmMap map[string]string, opt return err } - cvmIDs, cvmRelMapFromCloud, err := mgr.getCvmIDWithAssResIDMap(enumor.SecurityGroupCloudResType, cvmMap, + cvmIDs, cvmIDToSgIDMapFromCloud, err := mgr.getCvmIDWithAssResIDMap(enumor.SecurityGroupCloudResType, cvmMap, securityGroupMap) if err != nil { logs.Errorf("get cvm id with ass res id map failed, err: %v, rid: %s", err, kt.Rid) return err } - cvmRelMapFromDB, err := mgr.getCvmSGRelMapFromDB(kt, cvmIDs) + cvmIDToRelsFromDB, err := mgr.listCvmSGRelsFromDB(kt, cvmIDs) if err != nil { logs.Errorf("get cvm_sg_rel map from db failed, err: %v, rid: %s", err, kt.Rid) return err } - addRels, delIDs := diffCvmWithAssResRel(cvmRelMapFromCloud, cvmRelMapFromDB) - - if len(addRels) > 0 { - if err = mgr.createCvmSGRel(kt, addRels); err != nil { - return err - } - } - - if len(delIDs) > 0 { - if err = mgr.deleteCvmSGRel(kt, delIDs); err != nil { - return err - } + err = mgr.compareCvmSGRel(kt, cvmIDToSgIDMapFromCloud, cvmIDToRelsFromDB, opt.Vendor) + if err != nil { + logs.Errorf("compare cvm sg rel failed, err: %v, rid: %s", err, kt.Rid) + return err } - return nil } -func (mgr *CvmRelManger) getCvmSGRelMapFromDB(kt *kit.Kit, cvmIDs []string) ( - map[string]map[string]cvmRelInfo, error) { - - listReq := &core.ListReq{ - Filter: tools.ContainersExpression("cvm_id", cvmIDs), - Page: &core.BasePage{ - Start: 0, - Limit: core.DefaultMaxPageLimit, - }, - } - result := make(map[string]map[string]cvmRelInfo) - for { - respResult, err := mgr.dataCli.Global.SGCvmRel.ListSgCvmRels(kt.Ctx, kt.Header(), listReq) - if err != nil { - logs.Errorf("list securityGroup cvm rel failed, err: %v, rid: %s", err, kt.Rid) - return nil, err - } - - for _, rel := range respResult.Details { - if _, exist := result[rel.CvmID]; !exist { - result[rel.CvmID] = make(map[string]cvmRelInfo) - } - - result[rel.CvmID][rel.SecurityGroupID] = cvmRelInfo{ - RelID: rel.ID, - AssResID: rel.SecurityGroupID, +func (mgr *CvmRelManger) compareCvmSGRel(kt *kit.Kit, cvmIDToSgIDMapFromCloud map[string][]string, + cvmIDToSGRelsMapFromDB map[string][]cloud.SGCommonRelWithBaseSecurityGroup, vendor enumor.Vendor) error { + + for cvmID, sgIDs := range cvmIDToSgIDMapFromCloud { + localSGRels := cvmIDToSGRelsMapFromDB[cvmID] + // 按优先级从小到大排序 + sort.Slice(localSGRels, func(i, j int) bool { + return localSGRels[i].Priority < localSGRels[j].Priority + }) + localLen := len(localSGRels) + cloudLen := len(sgIDs) + // 找到所有相等的列表 + var idx int + var sgID string + var stayLocalIDs []string + for ; idx < cloudLen; idx++ { + sgID = sgIDs[idx] + if idx >= localLen || localSGRels[idx].ID != sgID || localSGRels[idx].Priority != int64(idx+1) { + // 剩下的全部加入新增列表里 + break } + // 加入可以保留的安全组id列表中 + stayLocalIDs = append(stayLocalIDs, sgID) } - - if len(respResult.Details) < int(core.DefaultMaxPageLimit) { - break + err := mgr.upsertSgRelForCvm(kt, cvmID, idx, stayLocalIDs, sgIDs[idx:], vendor) + if err != nil { + logs.Errorf("fail to upsert cvm(%s) security group rel, err: %v, rid: %s", cvmID, err, kt.Rid) + return err } - listReq.Page.Start += uint32(len(respResult.Details)) } - return result, nil + return nil } -func (mgr *CvmRelManger) deleteCvmSGRel(kt *kit.Kit, ids []uint64) error { - - split := slice.Split(ids, constant.BatchOperationMaxLimit) - for _, partIDs := range split { - batchDeleteReq := &dataproto.BatchDeleteReq{ - Filter: tools.ContainersExpression("id", partIDs), - } +func (mgr *CvmRelManger) upsertSgRelForCvm(kt *kit.Kit, cvmID string, startIdx int, stayLocalIDs []string, + sgIDs []string, vendor enumor.Vendor) error { + + createDel := &datacloud.SGCommonRelBatchUpsertReq{Rels: make([]datacloud.SGCommonRelCreate, 0)} + // 删除所有不在给定id中的安全组,防止误删 + createDel.DeleteReq = &dataproto.BatchDeleteReq{Filter: tools.ExpressionAnd( + tools.RuleEqual("res_type", enumor.CvmCloudResType), + tools.RuleEqual("res_id", cvmID), + )} + for i, sgID := range sgIDs { + // 填充云上id + createDel.Rels = append(createDel.Rels, datacloud.SGCommonRelCreate{ + SecurityGroupID: sgID, + Vendor: vendor, + ResID: cvmID, + ResType: enumor.CvmCloudResType, + Priority: int64(i + startIdx + 1), + }) - if err := mgr.dataCli.Global.SGCvmRel.BatchDeleteSgCvmRels(kt.Ctx, kt.Header(), batchDeleteReq); err != nil { - logs.Errorf("batch delete securityGroup_cvm_rel failed, err: %v, rid: %s", err, kt.Rid) + } + if len(stayLocalIDs) > 0 { + createDel.DeleteReq.Filter.Rules = append(createDel.DeleteReq.Filter.Rules, + tools.RuleNotIn("security_group_id", stayLocalIDs)) + } + if len(createDel.Rels) > 0 { + // 同时需要删除和创建 + err := mgr.dataCli.Global.SGCommonRel.BatchUpsertSgCommonRels(kt, createDel) + if err != nil { + logs.Errorf("fail to upsert cvm(%s) security group rel, err: %v, req: %+v, rid: %s", + cvmID, err, createDel, kt.Rid) return err } + return nil } - logs.Infof("delete cvm securityGroup rel success, count: %d, rid: %s", len(ids), kt.Rid) + // 只需要尝试删除多余关联关系即可 + err := mgr.dataCli.Global.SGCommonRel.BatchDeleteSgCommonRels(kt, createDel.DeleteReq) + if err != nil { + logs.Errorf("fail to delete cvm(%s) security group rel, err: %v, req: %+v, rid: %s", + cvmID, err, createDel.DeleteReq, kt.Rid) + return err + } return nil } -func (mgr *CvmRelManger) createCvmSGRel(kt *kit.Kit, addRels []cvmRelInfo) error { - split := slice.Split(addRels, constant.BatchOperationMaxLimit) +func (mgr *CvmRelManger) listCvmSGRelsFromDB(kt *kit.Kit, cvmIDs []string) ( + map[string][]cloud.SGCommonRelWithBaseSecurityGroup, error) { - for _, part := range split { - lists := make([]datacloud.SGCvmRelCreate, 0) - for _, one := range part { - rel := datacloud.SGCvmRelCreate{ - SecurityGroupID: one.AssResID, - CvmID: one.CvmID, - } - lists = append(lists, rel) - } - - createReq := &datacloud.SGCvmRelBatchCreateReq{ - Rels: lists, - } + listReq := &datacloud.SGCommonRelWithSecurityGroupListReq{ + ResIDs: cvmIDs, + ResType: enumor.CvmCloudResType, + } + result := make(map[string][]cloud.SGCommonRelWithBaseSecurityGroup) + respResult, err := mgr.dataCli.Global.SGCommonRel.ListWithSecurityGroup(kt, listReq) + if err != nil { + logs.Errorf("list securityGroup cvm rel failed, err: %v, rid: %s", err, kt.Rid) + return nil, err + } - if err := mgr.dataCli.Global.SGCvmRel.BatchCreateSgCvmRels(kt.Ctx, kt.Header(), createReq); err != nil { - logs.Errorf("batch create securityGroup_cvm_rel failed, err: %v, rid: %s", err, kt.Rid) - return err + for _, rel := range *respResult { + if _, exist := result[rel.ResID]; !exist { + result[rel.ResID] = make([]cloud.SGCommonRelWithBaseSecurityGroup, 0) } + result[rel.ResID] = append(result[rel.ResID], rel) } - logs.Infof("create cvm securityGroup rel success, count: %d, rid: %s", len(addRels), kt.Rid) - - return nil + return result, nil } func (mgr *CvmRelManger) getSGMap(kt *kit.Kit) (map[string]string, error) { diff --git a/cmd/hc-service/service/security-group/aws_security_group.go b/cmd/hc-service/service/security-group/aws_security_group.go index ff231466d2..267f778f14 100644 --- a/cmd/hc-service/service/security-group/aws_security_group.go +++ b/cmd/hc-service/service/security-group/aws_security_group.go @@ -27,6 +27,7 @@ import ( corecloud "hcm/pkg/api/core/cloud" protocloud "hcm/pkg/api/data-service/cloud" proto "hcm/pkg/api/hc-service" + "hcm/pkg/criteria/enumor" "hcm/pkg/criteria/errf" "hcm/pkg/dal/dao/tools" "hcm/pkg/kit" @@ -193,12 +194,8 @@ func (g *securityGroup) AwsSecurityGroupDisassociateCvm(cts *rest.Contexts) (int return nil, err } - deleteReq, err := buildSGCvmRelDeleteReq(req.SecurityGroupID, req.CvmID) - if err != nil { - logs.Errorf("build sg cvm rel delete req failed, err: %v, rid: %s", err, cts.Kit.Rid) - return nil, err - } - if err = g.dataCli.Global.SGCvmRel.BatchDeleteSgCvmRels(cts.Kit.Ctx, cts.Kit.Header(), deleteReq); err != nil { + deleteReq := buildSGCommonRelDeleteReq(enumor.Aws, req.CvmID, []string{req.SecurityGroupID}, enumor.CvmCloudResType) + if err = g.dataCli.Global.SGCommonRel.BatchDeleteSgCommonRels(cts.Kit, deleteReq); err != nil { logs.Errorf("request dataservice delete security group cvm rels failed, err: %v, req: %+v, rid: %s", err, deleteReq, cts.Kit.Rid) return nil, err diff --git a/cmd/hc-service/service/security-group/huawei_security_group.go b/cmd/hc-service/service/security-group/huawei_security_group.go index a63fbd7e51..4fabfcf0aa 100644 --- a/cmd/hc-service/service/security-group/huawei_security_group.go +++ b/cmd/hc-service/service/security-group/huawei_security_group.go @@ -28,6 +28,7 @@ import ( corecloud "hcm/pkg/api/core/cloud" protocloud "hcm/pkg/api/data-service/cloud" proto "hcm/pkg/api/hc-service" + "hcm/pkg/criteria/enumor" "hcm/pkg/criteria/errf" "hcm/pkg/dal/dao/tools" "hcm/pkg/logs" @@ -189,12 +190,9 @@ func (g *securityGroup) HuaWeiSecurityGroupDisassociateCvm(cts *rest.Contexts) ( return nil, err } - deleteReq, err := buildSGCvmRelDeleteReq(req.SecurityGroupID, req.CvmID) - if err != nil { - logs.Errorf("build sg cvm rel delete req failed, err: %v, rid: %s", err, cts.Kit.Rid) - return nil, err - } - if err = g.dataCli.Global.SGCvmRel.BatchDeleteSgCvmRels(cts.Kit.Ctx, cts.Kit.Header(), deleteReq); err != nil { + deleteReq := buildSGCommonRelDeleteReq( + enumor.HuaWei, req.CvmID, []string{req.SecurityGroupID}, enumor.CvmCloudResType) + if err = g.dataCli.Global.SGCommonRel.BatchDeleteSgCommonRels(cts.Kit, deleteReq); err != nil { logs.Errorf("request dataservice delete security group cvm rels failed, err: %v, req: %+v, rid: %s", err, deleteReq, cts.Kit.Rid) return nil, err diff --git a/cmd/hc-service/service/security-group/logics.go b/cmd/hc-service/service/security-group/logics.go index dc190c1d1d..979154510a 100644 --- a/cmd/hc-service/service/security-group/logics.go +++ b/cmd/hc-service/service/security-group/logics.go @@ -21,6 +21,7 @@ package securitygroup import ( "errors" + "hcm/pkg/api/core" corecloud "hcm/pkg/api/core/cloud" corecvm "hcm/pkg/api/core/cloud/cvm" @@ -34,26 +35,19 @@ import ( "hcm/pkg/runtime/filter" ) -func buildSGCvmRelDeleteReq(sgID string, cvmIDs ...string) (*dataproto.BatchDeleteReq, error) { - if len(cvmIDs) == 0 { +func buildSGCommonRelDeleteReqForMultiResource(vendor enumor.Vendor, resType enumor.CloudResourceType, + sgID string, resIDs ...string) (*dataproto.BatchDeleteReq, error) { + + if len(resIDs) == 0 { return nil, errors.New("cvmIDs is required") } return &dataproto.BatchDeleteReq{ - Filter: &filter.Expression{ - Op: filter.And, - Rules: []filter.RuleFactory{ - &filter.AtomRule{ - Field: "security_group_id", - Op: filter.Equal.Factory(), - Value: sgID, - }, - &filter.AtomRule{ - Field: "cvm_id", - Op: filter.In.Factory(), - Value: cvmIDs, - }, - }, - }, + Filter: tools.ExpressionAnd( + tools.RuleEqual("security_group_id", sgID), + tools.RuleIn("res_id", resIDs), + tools.RuleEqual("res_type", resType), + tools.RuleEqual("vendor", vendor), + ), }, nil } diff --git a/cmd/hc-service/service/security-group/tcloud_security_group.go b/cmd/hc-service/service/security-group/tcloud_security_group.go index fc914094f7..20393bad73 100644 --- a/cmd/hc-service/service/security-group/tcloud_security_group.go +++ b/cmd/hc-service/service/security-group/tcloud_security_group.go @@ -196,12 +196,9 @@ func (g *securityGroup) TCloudSecurityGroupDisassociateCvm(cts *rest.Contexts) ( return nil, err } - deleteReq, err := buildSGCvmRelDeleteReq(req.SecurityGroupID, req.CvmID) - if err != nil { - logs.Errorf("build sg cvm rel delete req failed, err: %v, rid: %s", err, cts.Kit.Rid) - return nil, err - } - if err = g.dataCli.Global.SGCvmRel.BatchDeleteSgCvmRels(cts.Kit.Ctx, cts.Kit.Header(), deleteReq); err != nil { + deleteReq := buildSGCommonRelDeleteReq( + enumor.TCloud, req.CvmID, []string{req.SecurityGroupID}, enumor.CvmCloudResType) + if err = g.dataCli.Global.SGCommonRel.BatchDeleteSgCommonRels(cts.Kit, deleteReq); err != nil { logs.Errorf("request dataservice delete security group cvm rels failed, err: %v, req: %+v, rid: %s", err, deleteReq, cts.Kit.Rid) return nil, err @@ -696,12 +693,13 @@ func (g *securityGroup) TCloudSGBatchDisassociateCvm(cts *rest.Contexts) (any, e return nil, err } - deleteReq, err := buildSGCvmRelDeleteReq(req.SecurityGroupID, req.CvmIDs...) + deleteReq, err := buildSGCommonRelDeleteReqForMultiResource(enumor.TCloud, enumor.CvmCloudResType, + req.SecurityGroupID, req.CvmIDs...) if err != nil { logs.Errorf("build sg cvm rel delete req failed, err: %v, rid: %s", err, cts.Kit.Rid) return nil, err } - if err = g.dataCli.Global.SGCvmRel.BatchDeleteSgCvmRels(cts.Kit.Ctx, cts.Kit.Header(), deleteReq); err != nil { + if err = g.dataCli.Global.SGCommonRel.BatchDeleteSgCommonRels(cts.Kit, deleteReq); err != nil { logs.Errorf("request dataservice delete security group cvm rels failed, err: %v, req: %+v, rid: %s", err, deleteReq, cts.Kit.Rid) return nil, err diff --git a/pkg/client/data-service/global/security_group_cvm_rel.go b/pkg/client/data-service/global/security_group_cvm_rel.go index 32b8e300e6..90283ddf63 100644 --- a/pkg/client/data-service/global/security_group_cvm_rel.go +++ b/pkg/client/data-service/global/security_group_cvm_rel.go @@ -44,6 +44,7 @@ type SGCvmRelClient struct { } // BatchCreateSgCvmRels security group cvm rels. +// Deprecated: use SGCommonRelClient's BatchCreateSgCommonRels instead. func (cli *SGCvmRelClient) BatchCreateSgCvmRels(ctx context.Context, h http.Header, request *protocloud.SGCvmRelBatchCreateReq) error { @@ -68,6 +69,7 @@ func (cli *SGCvmRelClient) BatchCreateSgCvmRels(ctx context.Context, h http.Head } // BatchDeleteSgCvmRels security group cvm rels. +// Deprecated: use SGCommonRelClient's BatchDeleteSgCommonRels instead. func (cli *SGCvmRelClient) BatchDeleteSgCvmRels(ctx context.Context, h http.Header, request *proto.BatchDeleteReq) error { resp := new(rest.BaseResp) @@ -91,6 +93,7 @@ func (cli *SGCvmRelClient) BatchDeleteSgCvmRels(ctx context.Context, h http.Head } // ListSgCvmRels security group cvm rels. +// Deprecated: use SGCommonRelClient's ListSgCommonRels instead. func (cli *SGCvmRelClient) ListSgCvmRels(ctx context.Context, h http.Header, request *core.ListReq) ( *protocloud.SGCvmRelListResult, error) { @@ -115,6 +118,7 @@ func (cli *SGCvmRelClient) ListSgCvmRels(ctx context.Context, h http.Header, req } // ListWithSecurityGroup security group cvm rels with security group. +// Deprecated: use SGCommonRelClient's ListWithSecurityGroup instead. func (cli *SGCvmRelClient) ListWithSecurityGroup(ctx context.Context, h http.Header, request *protocloud.SGCvmRelWithSecurityGroupListReq) ([]corecloud.SGCvmRelWithBaseSecurityGroup, error) { diff --git a/pkg/dal/dao/cloud/security-group-common-rel/security_group_common_rel.go b/pkg/dal/dao/cloud/security-group-common-rel/security_group_common_rel.go index 62f750e374..af0616175b 100644 --- a/pkg/dal/dao/cloud/security-group-common-rel/security_group_common_rel.go +++ b/pkg/dal/dao/cloud/security-group-common-rel/security_group_common_rel.go @@ -25,8 +25,6 @@ import ( "hcm/pkg/api/core" "hcm/pkg/criteria/enumor" "hcm/pkg/criteria/errf" - "hcm/pkg/dal/dao/cloud/load-balancer" - securitygroup "hcm/pkg/dal/dao/cloud/security-group" "hcm/pkg/dal/dao/orm" "hcm/pkg/dal/dao/tools" "hcm/pkg/dal/dao/types" @@ -35,7 +33,6 @@ import ( "hcm/pkg/kit" "hcm/pkg/logs" "hcm/pkg/runtime/filter" - "hcm/pkg/tools/converter" "github.com/jmoiron/sqlx" ) @@ -86,41 +83,12 @@ func (dao Dao) ListJoinSecurityGroup(kt *kit.Kit, resIDs []string, resType enumo // BatchCreateWithTx rels. func (dao Dao) BatchCreateWithTx(kt *kit.Kit, tx *sqlx.Tx, rels []cloud.SecurityGroupCommonRelTable) error { - // 校验关联资源是否存在 - sgIDs := make([]string, 0) - resIDs := make([]string, 0) - for _, rel := range rels { - sgIDs = append(sgIDs, rel.SecurityGroupID) - resIDs = append(resIDs, rel.ResID) - } - - sgMap, err := securitygroup.ListSecurityGroup(kt, dao.Orm, sgIDs) - if err != nil { - logs.Errorf("list security group failed, err: %v, ids: %v, rid: %s", err, sgIDs, kt.Rid) - return err - } - - if len(sgMap) != len(converter.StringSliceToMap(sgIDs)) { - logs.Errorf("get security group count not right, ids: %v, count: %d, rid: %s", sgIDs, len(sgMap), kt.Rid) - return fmt.Errorf("get security group count not right") - } - - resMap, err := loadbalancer.ListLbByIDs(kt, dao.Orm, resIDs) - if err != nil { - logs.Errorf("list clb by ids failed, err: %v, sgIDs: %v, resIDs: %v, rid: %s", err, sgIDs, resIDs, kt.Rid) - return err - } - - if len(resMap) != len(converter.StringSliceToMap(resIDs)) { - logs.Errorf("get clb count not right, err: %v, ids: %v, count: %d, rid: %s", err, resIDs, len(resMap), kt.Rid) - return fmt.Errorf("get clb count not right") - } tableName := table.SecurityGroupCommonRelTable sql := fmt.Sprintf(`INSERT INTO %s (%s) VALUES(%s)`, tableName, cloud.SecurityGroupCommonRelColumns.ColumnExpr(), cloud.SecurityGroupCommonRelColumns.ColonNameExpr()) - if err = dao.Orm.Txn(tx).BulkInsert(kt.Ctx, sql, rels); err != nil { + if err := dao.Orm.Txn(tx).BulkInsert(kt.Ctx, sql, rels); err != nil { logs.Errorf("insert %s failed, err: %v, rid: %s", tableName, err, kt.Rid) return fmt.Errorf("insert %s failed, err: %v", tableName, err) }