From 157db520766b05c81cf8d1422411c1c6c92fc0ba Mon Sep 17 00:00:00 2001 From: owenlxu Date: Wed, 5 Mar 2025 17:24:52 +0800 Subject: [PATCH 01/12] =?UTF-8?q?feat:=20=E6=94=AF=E6=8C=81=E5=A4=9A?= =?UTF-8?q?=E7=A7=9F=E6=88=B7=E9=A1=B9=E7=9B=AE=E5=88=9D=E5=A7=8B=E5=8C=96?= =?UTF-8?q?=20#2957?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../bkrepo/common/api/constant/Constants.kt | 8 + .../properties/EnableMultiTenantProperties.kt | 8 + .../resolve/ArtifactResolverConfiguration.kt | 8 +- .../ArtifactInfoMethodArgumentResolver.kt | 15 +- .../metadata/MetadataAutoConfiguration.kt | 2 + .../bkrepo/common/metadata/model/TProject.kt | 6 + .../project/impl/CenterProjectServiceImpl.kt | 7 +- .../project/impl/EdgeProjectServiceImpl.kt | 7 +- .../project/impl/ProjectServiceImpl.kt | 19 +- .../project/impl/RProjectServiceImpl.kt | 3 +- .../metadata/util/ProjectServiceHelper.kt | 48 ++- .../templates/init-job/init-mongodb.yaml | 2 + .../kubernetes/images/init/init-mongodb.sh | 10 +- support-files/sql/init-data-tenant.js | 371 ++++++++++++++++++ 14 files changed, 493 insertions(+), 21 deletions(-) create mode 100644 src/backend/common/common-artifact/artifact-api/src/main/kotlin/com/tencent/bkrepo/common/artifact/properties/EnableMultiTenantProperties.kt create mode 100644 support-files/sql/init-data-tenant.js diff --git a/src/backend/common/common-api/src/main/kotlin/com/tencent/bkrepo/common/api/constant/Constants.kt b/src/backend/common/common-api/src/main/kotlin/com/tencent/bkrepo/common/api/constant/Constants.kt index 291cf4e373..c80f15e5c7 100644 --- a/src/backend/common/common-api/src/main/kotlin/com/tencent/bkrepo/common/api/constant/Constants.kt +++ b/src/backend/common/common-api/src/main/kotlin/com/tencent/bkrepo/common/api/constant/Constants.kt @@ -105,6 +105,8 @@ const val AUTH_HEADER_UID = "X-BKREPO-UID" const val OAUTH_AUTH_PREFIX = "Oauth " const val TEMPORARY_TOKEN_AUTH_PREFIX = "Temporary " + + /** * micro service header user id key */ @@ -175,3 +177,9 @@ const val AUDIT_REQUEST_KEY = "http_request" const val AUDIT_SHARE_USER_ID = "audit_share_user_id" const val HTTP_RESPONSE_CODE = "http_response_code" const val HTTP_METHOD = "http_method" + + +/** + * 多租户相关 + */ +const val TENANT_ID = "X-Bk-Tenant-Id" diff --git a/src/backend/common/common-artifact/artifact-api/src/main/kotlin/com/tencent/bkrepo/common/artifact/properties/EnableMultiTenantProperties.kt b/src/backend/common/common-artifact/artifact-api/src/main/kotlin/com/tencent/bkrepo/common/artifact/properties/EnableMultiTenantProperties.kt new file mode 100644 index 0000000000..c933dcf3ba --- /dev/null +++ b/src/backend/common/common-artifact/artifact-api/src/main/kotlin/com/tencent/bkrepo/common/artifact/properties/EnableMultiTenantProperties.kt @@ -0,0 +1,8 @@ +package com.tencent.bkrepo.common.artifact.properties + +import org.springframework.boot.context.properties.ConfigurationProperties + +@ConfigurationProperties("multitenant") +data class EnableMultiTenantProperties( + var enabled: Boolean = false +) diff --git a/src/backend/common/common-artifact/artifact-service/src/main/kotlin/com/tencent/bkrepo/common/artifact/resolve/ArtifactResolverConfiguration.kt b/src/backend/common/common-artifact/artifact-service/src/main/kotlin/com/tencent/bkrepo/common/artifact/resolve/ArtifactResolverConfiguration.kt index 5bb8d5741b..5d656d5664 100644 --- a/src/backend/common/common-artifact/artifact-service/src/main/kotlin/com/tencent/bkrepo/common/artifact/resolve/ArtifactResolverConfiguration.kt +++ b/src/backend/common/common-artifact/artifact-service/src/main/kotlin/com/tencent/bkrepo/common/artifact/resolve/ArtifactResolverConfiguration.kt @@ -27,6 +27,7 @@ package com.tencent.bkrepo.common.artifact.resolve +import com.tencent.bkrepo.common.artifact.properties.EnableMultiTenantProperties import com.tencent.bkrepo.common.artifact.resolve.file.ArtifactFileCleanInterceptor import com.tencent.bkrepo.common.artifact.resolve.file.ArtifactFileFactory import com.tencent.bkrepo.common.artifact.resolve.file.UploadConfigElement @@ -41,6 +42,7 @@ import com.tencent.bkrepo.common.artifact.resolve.response.DefaultArtifactResour import com.tencent.bkrepo.common.storage.config.StorageProperties import com.tencent.bkrepo.common.ratelimiter.service.RequestLimitCheckService import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean +import org.springframework.boot.context.properties.EnableConfigurationProperties import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration import org.springframework.context.annotation.Import @@ -50,6 +52,7 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer @Configuration @Import(ArtifactFileFactory::class) +@EnableConfigurationProperties(EnableMultiTenantProperties::class) class ArtifactResolverConfiguration { @Bean @@ -59,7 +62,10 @@ class ArtifactResolverConfiguration { fun resolverMap(resolverList: List) = ResolverMap(resolverList) @Bean - fun artifactInfoMethodArgumentResolver(resolverMap: ResolverMap) = ArtifactInfoMethodArgumentResolver(resolverMap) + fun artifactInfoMethodArgumentResolver( + resolverMap: ResolverMap, + enableMultiTenantProperties: EnableMultiTenantProperties + ) = ArtifactInfoMethodArgumentResolver(resolverMap, enableMultiTenantProperties) @Bean fun artifactFileMethodArgumentResolver() = ArtifactFileMethodArgumentResolver() diff --git a/src/backend/common/common-artifact/artifact-service/src/main/kotlin/com/tencent/bkrepo/common/artifact/resolve/path/ArtifactInfoMethodArgumentResolver.kt b/src/backend/common/common-artifact/artifact-service/src/main/kotlin/com/tencent/bkrepo/common/artifact/resolve/path/ArtifactInfoMethodArgumentResolver.kt index b45ffd9de1..c491083cdf 100644 --- a/src/backend/common/common-artifact/artifact-service/src/main/kotlin/com/tencent/bkrepo/common/artifact/resolve/path/ArtifactInfoMethodArgumentResolver.kt +++ b/src/backend/common/common-artifact/artifact-service/src/main/kotlin/com/tencent/bkrepo/common/artifact/resolve/path/ArtifactInfoMethodArgumentResolver.kt @@ -31,11 +31,13 @@ package com.tencent.bkrepo.common.artifact.resolve.path +import com.tencent.bkrepo.common.api.constant.TENANT_ID import com.tencent.bkrepo.common.artifact.api.ArtifactInfo import com.tencent.bkrepo.common.artifact.constant.ARTIFACT_INFO_KEY import com.tencent.bkrepo.common.artifact.constant.PROJECT_ID import com.tencent.bkrepo.common.artifact.constant.REPO_NAME import com.tencent.bkrepo.common.artifact.path.PathUtils +import com.tencent.bkrepo.common.artifact.properties.EnableMultiTenantProperties import org.springframework.core.MethodParameter import org.springframework.util.AntPathMatcher import org.springframework.web.bind.support.WebDataBinderFactory @@ -51,10 +53,13 @@ import kotlin.reflect.KClass */ @Suppress("UNCHECKED_CAST") class ArtifactInfoMethodArgumentResolver( - private val resolverMap: ResolverMap + private val resolverMap: ResolverMap, + private val enableMultiTenant: EnableMultiTenantProperties ) : HandlerMethodArgumentResolver { private val antPathMatcher = AntPathMatcher() + + override fun supportsParameter(parameter: MethodParameter): Boolean { return ArtifactInfo::class.java.isAssignableFrom(parameter.parameterType) } @@ -65,9 +70,15 @@ class ArtifactInfoMethodArgumentResolver( nativeWebRequest: NativeWebRequest, factory: WebDataBinderFactory? ): Any { + val attributes = nativeWebRequest.getAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE, 0) as Map<*, *> - val projectId = attributes[PROJECT_ID].toString() + var projectId = attributes[PROJECT_ID].toString() val repoName = attributes[REPO_NAME].toString() + val tenantId = nativeWebRequest.getHeader(TENANT_ID) + if (enableMultiTenant.enabled && !tenantId.isNullOrEmpty()) { + projectId = "$projectId:$tenantId" + } + val request = nativeWebRequest.getNativeRequest(HttpServletRequest::class.java)!! val artifactUri = AntPathMatcher.DEFAULT_PATH_SEPARATOR + antPathMatcher.extractPathWithinPattern( diff --git a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/MetadataAutoConfiguration.kt b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/MetadataAutoConfiguration.kt index 0d346f2a12..dfe98aed63 100644 --- a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/MetadataAutoConfiguration.kt +++ b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/MetadataAutoConfiguration.kt @@ -34,6 +34,7 @@ import com.tencent.bkrepo.common.api.pojo.ClusterArchitecture import com.tencent.bkrepo.common.api.pojo.ClusterNodeType import com.tencent.bkrepo.common.artifact.event.base.ArtifactEvent import com.tencent.bkrepo.common.artifact.properties.ArtifactEventProperties +import com.tencent.bkrepo.common.artifact.properties.EnableMultiTenantProperties import com.tencent.bkrepo.common.artifact.properties.RouterControllerProperties import com.tencent.bkrepo.common.metadata.condition.SyncCondition import com.tencent.bkrepo.common.metadata.config.RepositoryProperties @@ -70,6 +71,7 @@ import java.util.function.Consumer RouterControllerProperties::class, ArtifactEventProperties::class, RepositoryProperties::class, + EnableMultiTenantProperties::class ) class MetadataAutoConfiguration { diff --git a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/model/TProject.kt b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/model/TProject.kt index fd24a968a4..b0733b1d28 100644 --- a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/model/TProject.kt +++ b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/model/TProject.kt @@ -59,4 +59,10 @@ data class TProject( * 项目新建仓库默认使用的存储凭据,为null时表示未配置,将会使用全局默认存储凭据 */ var credentialsKey: String? = null, + + /** + * 多租户相关配置 + */ + var projectCode: String? = null, + var tenantId: String? = null ) diff --git a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/CenterProjectServiceImpl.kt b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/CenterProjectServiceImpl.kt index b69fdb8d1e..99dee71acd 100644 --- a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/CenterProjectServiceImpl.kt +++ b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/CenterProjectServiceImpl.kt @@ -29,6 +29,7 @@ package com.tencent.bkrepo.common.metadata.service.project.impl import com.tencent.bkrepo.auth.api.ServiceBkiamV3ResourceClient import com.tencent.bkrepo.auth.api.ServicePermissionClient +import com.tencent.bkrepo.common.artifact.properties.EnableMultiTenantProperties import com.tencent.bkrepo.common.metadata.condition.SyncCondition import com.tencent.bkrepo.common.metadata.config.RepositoryProperties import com.tencent.bkrepo.common.service.cluster.condition.CommitEdgeCenterCondition @@ -47,11 +48,13 @@ class CenterProjectServiceImpl( serviceBkiamV3ResourceClient: ServiceBkiamV3ResourceClient, storageCredentialService: StorageCredentialService, repositoryProperties: RepositoryProperties, - ) : ProjectServiceImpl( + enableMultiTenant: EnableMultiTenantProperties +) : ProjectServiceImpl( projectDao, servicePermissionClient, projectMetricsDao, serviceBkiamV3ResourceClient, storageCredentialService, - repositoryProperties + repositoryProperties, + enableMultiTenant ) diff --git a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/EdgeProjectServiceImpl.kt b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/EdgeProjectServiceImpl.kt index e467b2e28e..a1ffaa0ab9 100644 --- a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/EdgeProjectServiceImpl.kt +++ b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/EdgeProjectServiceImpl.kt @@ -30,6 +30,7 @@ package com.tencent.bkrepo.common.metadata.service.project.impl import com.tencent.bkrepo.auth.api.ServiceBkiamV3ResourceClient import com.tencent.bkrepo.auth.api.ServicePermissionClient import com.tencent.bkrepo.common.artifact.message.ArtifactMessageCode +import com.tencent.bkrepo.common.artifact.properties.EnableMultiTenantProperties import com.tencent.bkrepo.common.metadata.condition.SyncCondition import com.tencent.bkrepo.common.metadata.config.RepositoryProperties import com.tencent.bkrepo.common.metadata.util.ClusterUtils.reportMetadataToCenter @@ -56,13 +57,15 @@ class EdgeProjectServiceImpl( projectMetricsDao: ProjectMetricsDao, storageCredentialService: StorageCredentialService, repositoryProperties: RepositoryProperties, - ) : ProjectServiceImpl( + enableMultiTenant: EnableMultiTenantProperties +) : ProjectServiceImpl( projectDao, servicePermissionClient, projectMetricsDao, serviceBkiamV3ResourceClient, storageCredentialService, - repositoryProperties + repositoryProperties, + enableMultiTenant ) { private val centerProjectClient: ClusterProjectClient by lazy { diff --git a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/ProjectServiceImpl.kt b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/ProjectServiceImpl.kt index d7a6994332..48faf81b08 100644 --- a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/ProjectServiceImpl.kt +++ b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/ProjectServiceImpl.kt @@ -36,6 +36,7 @@ import com.tencent.bkrepo.common.api.exception.ErrorCodeException import com.tencent.bkrepo.common.api.message.CommonMessageCode import com.tencent.bkrepo.common.api.pojo.Page import com.tencent.bkrepo.common.artifact.message.ArtifactMessageCode +import com.tencent.bkrepo.common.artifact.properties.EnableMultiTenantProperties import com.tencent.bkrepo.common.metadata.condition.SyncCondition import com.tencent.bkrepo.common.metadata.config.RepositoryProperties import com.tencent.bkrepo.common.metadata.dao.project.ProjectDao @@ -86,6 +87,7 @@ class ProjectServiceImpl( private val serviceBkiamV3ResourceClient: ServiceBkiamV3ResourceClient, private val storageCredentialService: StorageCredentialService, private val repositoryProperties: RepositoryProperties, + private val enableMultiTenant: EnableMultiTenantProperties ) : ProjectService { @Autowired @@ -115,6 +117,10 @@ class ProjectServiceImpl( } override fun listPermissionProject(userId: String, option: ProjectListOption?): List { + // 校验租户信息 + if (enableMultiTenant.enabled) { + validateTenantId() + } var names = servicePermissionClient.listPermissionProject(userId).data.orEmpty() option?.names?.let { names = names.intersect(option.names!!).toList() } val query = buildListQuery(names, option) @@ -158,10 +164,15 @@ class ProjectServiceImpl( override fun createProject(request: ProjectCreateRequest): ProjectInfo { val name = request.name validateParameter(request) + if (checkExist(name)) { throw ErrorCodeException(ArtifactMessageCode.PROJECT_EXISTED, name) } - val project = request.buildProject() + // 校验租户信息 + if (enableMultiTenant.enabled) { + validateTenantId() + } + val project = request.buildProject(ProjectServiceHelper.getTenantId()) return try { projectDao.insert(project) resourcePermissionListener.handle(buildCreatedEvent(request)) @@ -222,6 +233,12 @@ class ProjectServiceImpl( } } + private fun validateTenantId() { + if (ProjectServiceHelper.getTenantId().isNullOrEmpty()) { + throw ErrorCodeException(CommonMessageCode.PARAMETER_INVALID, "tenantId") + } + } + private fun checkCredentialsKey(key: String) { storageCredentialService.findByKey(key) ?: throw ErrorCodeException(CommonMessageCode.RESOURCE_NOT_FOUND, key) } diff --git a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/RProjectServiceImpl.kt b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/RProjectServiceImpl.kt index 6cad7f1c35..bae570cca3 100644 --- a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/RProjectServiceImpl.kt +++ b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/RProjectServiceImpl.kt @@ -160,7 +160,8 @@ class RProjectServiceImpl( if (checkExist(name)) { throw ErrorCodeException(ArtifactMessageCode.PROJECT_EXISTED, name) } - val project = buildProject() + // TODO ,多租户暂时不涉及 + val project = buildProject(null) return try { projectDao.insert(project) resourcePermissionListener.handle(buildCreatedEvent(request)) diff --git a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/util/ProjectServiceHelper.kt b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/util/ProjectServiceHelper.kt index 7838dc5c41..5c87a44455 100644 --- a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/util/ProjectServiceHelper.kt +++ b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/util/ProjectServiceHelper.kt @@ -29,12 +29,14 @@ package com.tencent.bkrepo.common.metadata.util import com.tencent.bkrepo.common.api.constant.CLOSED_SOURCE_PREFIX import com.tencent.bkrepo.common.api.constant.CODE_PROJECT_PREFIX +import com.tencent.bkrepo.common.api.constant.TENANT_ID import com.tencent.bkrepo.common.api.exception.ErrorCodeException import com.tencent.bkrepo.common.api.message.CommonMessageCode import com.tencent.bkrepo.common.api.util.EscapeUtils import com.tencent.bkrepo.common.api.util.Preconditions import com.tencent.bkrepo.common.metadata.model.TProject import com.tencent.bkrepo.common.metadata.model.TProjectMetrics +import com.tencent.bkrepo.common.service.util.HttpContextHolder import com.tencent.bkrepo.repository.pojo.project.ProjectCreateRequest import com.tencent.bkrepo.repository.pojo.project.ProjectInfo import com.tencent.bkrepo.repository.pojo.project.ProjectListOption @@ -96,17 +98,35 @@ object ProjectServiceHelper { } } - fun ProjectCreateRequest.buildProject() = TProject( - name = name, - displayName = displayName, - description = description.orEmpty(), - createdBy = operator, - createdDate = LocalDateTime.now(), - lastModifiedBy = operator, - lastModifiedDate = LocalDateTime.now(), - metadata = metadata, - credentialsKey = credentialsKey, - ) + fun ProjectCreateRequest.buildProject(tenantId: String?): TProject { + if (tenantId != null) { + return TProject( + name = "$tenantId-$name", + displayName = displayName, + description = description.orEmpty(), + createdBy = operator, + createdDate = LocalDateTime.now(), + lastModifiedBy = operator, + lastModifiedDate = LocalDateTime.now(), + metadata = metadata, + credentialsKey = credentialsKey, + projectCode = name, + tenantId = tenantId + ) + } else { + return TProject( + name = name, + displayName = displayName, + description = description.orEmpty(), + createdBy = operator, + createdDate = LocalDateTime.now(), + lastModifiedBy = operator, + lastModifiedDate = LocalDateTime.now(), + metadata = metadata, + credentialsKey = credentialsKey, + ) + } + } fun checkPropertyAndDirection(option: ProjectListOption) { Preconditions.checkArgument( @@ -126,6 +146,10 @@ object ProjectServiceHelper { return enabled } + fun getTenantId(): String? { + return HttpContextHolder.getRequest().getHeader(TENANT_ID) + } + fun buildListQuery(): Query { val criteria1 = TProject::name.regex("^$CLOSED_SOURCE_PREFIX") val criteria2 = TProject::name.regex("^$CODE_PROJECT_PREFIX") @@ -147,9 +171,11 @@ object ProjectServiceHelper { names: List, option: ProjectListOption? ): Query { + val tenantId = getTenantId() val query = Query.query( where(TProject::name).`in`(names) .apply { option?.displayNames?.let { and(TProject::displayName).`in`(option.displayNames!!) } } + .apply { tenantId?.let { and(TProject::tenantId).`is`(tenantId) } } ) if (option?.sortProperty?.isNotEmpty() == true) { checkPropertyAndDirection(option) diff --git a/support-files/kubernetes/charts/bkrepo/templates/init-job/init-mongodb.yaml b/support-files/kubernetes/charts/bkrepo/templates/init-job/init-mongodb.yaml index 9521b8ea53..9fccc229f5 100644 --- a/support-files/kubernetes/charts/bkrepo/templates/init-job/init-mongodb.yaml +++ b/support-files/kubernetes/charts/bkrepo/templates/init-job/init-mongodb.yaml @@ -57,5 +57,7 @@ spec: value: {{ .Values.gateway.accessKey }} - name: BK_REPO_SECRETKEY value: {{ .Values.gateway.secretKey }} + - name: BK_REPO_ENABLE_MULTI_TENANT_MODE + value: {{ .Values.gateway.enableMultiTenantMode }} restartPolicy: OnFailure {{- end }} diff --git a/support-files/kubernetes/images/init/init-mongodb.sh b/support-files/kubernetes/images/init/init-mongodb.sh index 77d3b387bd..4a7cf56d3d 100644 --- a/support-files/kubernetes/images/init/init-mongodb.sh +++ b/support-files/kubernetes/images/init/init-mongodb.sh @@ -4,12 +4,16 @@ username=$BK_REPO_USERNAME password_md5=$(echo -n $BK_REPO_PASSWORD | md5sum | cut -d ' ' -f1) sed -i "s/\"admin\"/\"$username\"/g" init-data.js sed -i "s/5f4dcc3b5aa765d61d8327deb882cf99/$password_md5/g" init-data.js +sed -i "s/5f4dcc3b5aa765d61d8327deb882cf99/$password_md5/g" init-data-tenant.js access_key=$BK_REPO_ACCESSKEY secret_key=$BK_REPO_SECRETKEY +multi_tenant=$BK_REPO_ENABLE_MULTI_TENANT_MODE if [ "$access_key" != "" ] && [ "$secret_key" != "" ]; then sed -i "s/18b61c9c-901b-4ea3-89c3-1f74be944b66/$access_key/g" init-data.js + sed -i "s/18b61c9c-901b-4ea3-89c3-1f74be944b66/$access_key/g" init-data-tenant.js sed -i "s/Us8ZGDXPqk86cwMukYABQqCZLAkM3K/$secret_key/g" init-data.js + sed -i "s/Us8ZGDXPqk86cwMukYABQqCZLAkM3K/$secret_key/g" init-data-tenant.js fi @@ -21,6 +25,10 @@ if [ "$bcs_access_key" != "" ] && [ "$bcs_secret_key" != "" ]; then sed -i "s/e041dd34cd89466648a9b196150f75/$bcs_secret_key/g" init-data-ext.js mongo --ipv6 $BK_REPO_MONGODB_URI init-data.js && mongo --ipv6 $BK_REPO_MONGODB_URI init-data-ext.js else - mongo --ipv6 $BK_REPO_MONGODB_URI init-data.js + if [ "$multi_tenant" != "true" ]; then + mongo --ipv6 $BK_REPO_MONGODB_URI init-data.js + else + mongo --ipv6 $BK_REPO_MONGODB_URI init-data-tenant.js + fi fi diff --git a/support-files/sql/init-data-tenant.js b/support-files/sql/init-data-tenant.js new file mode 100644 index 0000000000..52514e878c --- /dev/null +++ b/support-files/sql/init-data-tenant.js @@ -0,0 +1,371 @@ +db.user.updateOne( + {userId: "admin"}, + { + $setOnInsert: { + userId: "admin", + name: "admin", + pwd: "5f4dcc3b5aa765d61d8327deb882cf99", + admin: true, + locked: false, + tokens: [], + roles: [], + asstUsers: [], + group: false + } + }, + {upsert: true} +); + +db.user.updateOne( + {userId: "system"}, + { + $setOnInsert: { + userId: "system", + name: "system", + pwd: "5f4dcc3b5aa765d61d8327deb882cf99", + admin: true, + locked: false, + tokens: [], + roles: [], + asstUsers: [], + group: false + } + }, + {upsert: true} +); + +db.account.updateOne( + {appId: "bkdevops"}, + { + $setOnInsert: { + appId: "bkdevops", + locked: "false", + credentials: [{ + accessKey: "18b61c9c-901b-4ea3-89c3-1f74be944b66", + secretKey: "Us8ZGDXPqk86cwMukYABQqCZLAkM3K", + createdAt: new Date(), + status: "ENABLE" + }] + } + }, + {upsert: true} +); + +db.project.updateOne( + {name: "system-blueking"}, + { + $setOnInsert: { + name: "system-blueking", + displayName: "blueking", + description: "", + createdBy: "admin", + createdDate: new Date(), + lastModifiedBy: "admin", + lastModifiedDate: new Date(), + projectCode: "blueking", + tenantId: "system" + } + }, + {upsert: true} +); + +db.repository.updateOne( + { + projectId: "system-blueking", + name: "generic-local" + }, + { + $setOnInsert: { + projectId: "system-blueking", + name: "generic-local", + type: "GENERIC", + category: "LOCAL", + public: false, + description: "generic local repository", + configuration: "{}", + display: true, + createdBy: "admin", + createdDate: new Date(), + lastModifiedBy: "admin", + lastModifiedDate: new Date() + } + }, + {upsert: true} +); + +db.repository.updateOne( + { + projectId: "system-blueking", + name: "maven-local" + }, + { + $setOnInsert: { + projectId: "system-blueking", + name: "maven-local", + type: "MAVEN", + category: "LOCAL", + public: false, + description: "maven local repository", + configuration: "{}", + display: true, + createdBy: "admin", + createdDate: new Date(), + lastModifiedBy: "admin", + lastModifiedDate: new Date() + } + }, + {upsert: true} +); + +db.repository.updateOne( + { + projectId: "system-blueking", + name: "docker-local" + }, + { + $setOnInsert: { + projectId: "system-blueking", + name: "docker-local", + type: "DOCKER", + category: "LOCAL", + public: false, + description: "docker local repository", + configuration: "{}", + display: true, + createdBy: "admin", + createdDate: new Date(), + lastModifiedBy: "admin", + lastModifiedDate: new Date() + } + }, + {upsert: true} +); + +db.repository.updateOne( + { + projectId: "system-blueking", + name: "npm-local" + }, + { + $setOnInsert: { + projectId: "system-blueking", + name: "npm-local", + type: "NPM", + category: "LOCAL", + public: false, + description: "npm local repository", + configuration: "{}", + display: true, + createdBy: "admin", + createdDate: new Date(), + lastModifiedBy: "admin", + lastModifiedDate: new Date() + } + }, + {upsert: true} +); + +db.repository.updateOne( + { + projectId: "system-blueking", + name: "pypi-local" + }, + { + $setOnInsert: { + projectId: "system-blueking", + name: "pypi-local", + type: "PYPI", + category: "LOCAL", + public: false, + description: "pypi local repository", + configuration: "{}", + display: true, + createdBy: "admin", + createdDate: new Date(), + lastModifiedBy: "admin", + lastModifiedDate: new Date() + } + }, + {upsert: true} +); + +db.repository.updateOne( + { + projectId: "system-blueking", + name: "helm-local" + }, + { + $setOnInsert: { + projectId: "system-blueking", + name: "helm-local", + type: "HELM", + category: "LOCAL", + public: false, + description: "helm local repository", + configuration: "{}", + display: true, + createdBy: "admin", + createdDate: new Date(), + lastModifiedBy: "admin", + lastModifiedDate: new Date() + } + }, + {upsert: true} +); + +db.execution_cluster.updateOne( + { + "name": "docker" + }, + { + $setOnInsert: { + name: "docker", + type: "docker", + description: "docker executor", + config: '{"name" : "docker", "host" : "unix:///var/run/docker.sock", "version" : "1.23", "connectTimeout" : 5000, "readTimeout" : 0, "maxTaskCount" : 1, "type" : "docker", "description" : "docker executor"}', + createdBy: "admin", + createdDate: new Date(), + lastModifiedBy: "admin", + lastModifiedDate: new Date() + } + }, + { + upsert: true + } +); + +db.scanner.updateOne( + { + name: "bkrepo-trivy" + }, + { + $setOnInsert: { + name: "bkrepo-trivy", + type: "standard", + version: "0.0.35", + description: "", + config: "{\n \"name\" : \"bkrepo-trivy\",\n \"image\" : \"ghcr.io/tencentblueking/ci-repoanalysis/bkrepo-trivy:0.0.35\",\n \"cmd\" : \"/bkrepo-trivy\",\n \"version\" : \"0.0.35\",\n \"args\" : [ {\n \"type\" : \"BOOLEAN\",\n \"key\" : \"scanSensitive\",\n \"value\" : \"true\",\n \"des\" : \"\"\n } ],\n \"type\" : \"standard\",\n \"description\" : \"\",\n \"rootPath\" : \"/standard\",\n \"cleanWorkDir\" : true,\n \"maxScanDurationPerMb\" : 6000,\n \"supportFileNameExt\" : [],\n \"supportPackageTypes\" : [ \"DOCKER\" ],\n \"supportDispatchers\" : [ \"docker\", \"k8s\" ],\n \"supportScanTypes\" : [ \"SENSITIVE\", \"SECURITY\" ]\n}", + supportFileNameExt: [], + supportPackageTypes: ["DOCKER"], + supportScanTypes: ["SECURITY", "SENSITIVE"], + createdBy: "admin", + createdDate: new Date(), + lastModifiedBy: "admin", + lastModifiedDate: new Date() + } + }, + {upsert: true} +); + +db.scanner.updateOne( + { + name: "bkrepo-dependency-check" + }, + { + $setOnInsert: { + name: "bkrepo-dependency-check", + type: "standard", + version: "0.0.5", + description: "dependency-check分析工具", + config: "{\n \"name\" : \"bkrepo-dependency-check\",\n \"image\" : \"ghcr.io/tencentblueking/ci-repoanalysis/bkrepo-dependency-check:0.0.5\",\n \"cmd\" : \"/bkrepo-dependency-check\",\n \"version\" : \"0.0.5\",\n \"args\" : [ {\n \"type\" : \"BOOLEAN\",\n \"key\" : \"offline\",\n \"value\" : \"false\",\n \"des\" : \"\"\n } ],\n \"type\" : \"standard\",\n \"description\" : \"dependency-check\",\n \"rootPath\" : \"/standard\",\n \"cleanWorkDir\" : true,\n \"maxScanDurationPerMb\" : 6000,\n \"supportFileNameExt\" : [ \"tar\", \"zip\", \"exe\", \"jar\" ],\n \"supportPackageTypes\" : [ \"GENERIC\", \"MAVEN\" ],\n \"supportScanTypes\" : [ \"SECURITY\" ],\n \"supportDispatchers\" : [ \"docker\", \"k8s\" ],\n \"memory\" : 34359738368\n}", + supportFileNameExt: ["tar", "zip", "exe", "jar"], + supportPackageTypes: ["GENERIC", "MAVEN"], + supportScanTypes: ["SECURITY"], + createdBy: "admin", + createdDate: new Date(), + lastModifiedBy: "admin", + lastModifiedDate: new Date() + } + }, + {upsert: true} +); + +db.scan_plan.updateOne( + { + projectId: "system-blueking", + name: "ImageScan", + type: "DOCKER" + }, + { + $setOnInsert: { + projectId: "system-blueking", + name: "ImageScan", + type: "DOCKER", + repoNames: [], + scanner: "bkrepo-trivy", + scanTypes: ["SENSITIVE", "SECURITY"], + description: "", + scanOnNewArtifact: false, + rule: "{\n \"rules\" : [ {\n \"field\" : \"projectId\",\n \"value\" : \"blueking\",\n \"operation\" : \"EQ\"\n }, {\n \"field\" : \"type\",\n \"value\" : \"DOCKER\",\n \"operation\" : \"EQ\"\n } ],\n \"relation\" : \"AND\"\n}", + scanResultOverview: {}, + scanQuality: {}, + readOnly: false, + latestScanTaskId: null, + createdBy: "admin", + createdDate: new Date(), + lastModifiedBy: "admin", + lastModifiedDate: new Date() + } + }, + {upsert: true} +); + +db.scan_plan.updateOne( + { + projectId: "system-blueking", + name: "MavenScan", + type: "MAVEN" + }, + { + $setOnInsert: { + projectId: "system-blueking", + name: "MavenScan", + type: "MAVEN", + repoNames: [], + scanner: "bkrepo-dependency-check", + scanTypes: ["SECURITY"], + description: "", + scanOnNewArtifact: false, + rule: "{\n \"rules\" : [ {\n \"field\" : \"projectId\",\n \"value\" : \"blueking\",\n \"operation\" : \"EQ\"\n }, {\n \"field\" : \"type\",\n \"value\" : \"MAVEN\",\n \"operation\" : \"EQ\"\n } ],\n \"relation\" : \"AND\"\n}", + scanResultOverview: {}, + scanQuality: {}, + readOnly: false, + latestScanTaskId: null, + createdBy: "admin", + createdDate: new Date(), + lastModifiedBy: "admin", + lastModifiedDate: new Date() + } + }, + {upsert: true} +); + +db.scan_plan.updateOne( + { + projectId: "system-blueking", + name: "GenericScan", + type: "MAVEN" + }, + { + $setOnInsert: { + projectId: "system-blueking", + name: "GenericScan", + type: "GENERIC", + repoNames: [], + scanner: "bkrepo-dependency-check", + scanTypes: ["SECURITY"], + description: "", + scanOnNewArtifact: false, + rule: "{\n \"rules\" : [ {\n \"field\" : \"projectId\",\n \"value\" : \"blueking\",\n \"operation\" : \"EQ\"\n }, {\n \"field\" : \"type\",\n \"value\" : \"GENERIC\",\n \"operation\" : \"EQ\"\n } ],\n \"relation\" : \"AND\"\n}", + scanResultOverview: {}, + scanQuality: {}, + readOnly: false, + latestScanTaskId: null, + createdBy: "admin", + createdDate: new Date(), + lastModifiedBy: "admin", + lastModifiedDate: new Date() + } + }, + {upsert: true} +); From dea9498ae604fc7821f51adc5e5de8cc043d9e2a Mon Sep 17 00:00:00 2001 From: owenlxu Date: Thu, 6 Mar 2025 17:19:21 +0800 Subject: [PATCH 02/12] =?UTF-8?q?feat:=20=E6=94=AF=E6=8C=81=E5=A4=9A?= =?UTF-8?q?=E7=A7=9F=E6=88=B7=E9=83=A8=E7=BD=B2=20#2957?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/tencent/bkrepo/auth/controller/user/UserController.kt | 2 +- src/gateway/lua/auth/auth_web.lua | 2 +- src/gateway/vhosts/bkrepo.web.conf | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/controller/user/UserController.kt b/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/controller/user/UserController.kt index c93d84c76c..a3b1dd8eb6 100644 --- a/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/controller/user/UserController.kt +++ b/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/controller/user/UserController.kt @@ -269,7 +269,7 @@ class UserController @Autowired constructor( fun userInfo( @RequestHeader("x-bkrepo-uid") bkUserId: String?, @RequestHeader("x-bkrepo-display-name") displayName: String?, - @RequestHeader("x-bkrepo-tenant-id") tenantId: String?, + @RequestHeader("x-bk-tenant-id") tenantId: String?, ): Response> { val name = if (displayName == null) "" else String(Base64.getDecoder().decode(displayName)) val result = mapOf( diff --git a/src/gateway/lua/auth/auth_web.lua b/src/gateway/lua/auth/auth_web.lua index df71bc3eed..feb02ecc29 100644 --- a/src/gateway/lua/auth/auth_web.lua +++ b/src/gateway/lua/auth/auth_web.lua @@ -46,7 +46,7 @@ elseif config.auth_mode == "" or config.auth_mode == "token" then username, display_name, tenant_id = oauthUtil:verify_bk_token_muti_tenant(config.oauth.apigw_url, bk_token) -- 设置多租户相关信息 -- ngx.header["x-bkrepo-display-name"] = ngx.encode_base64(display_name) - ngx.header["x-bkrepo-tenant-id"] = tenant_id + ngx.header["x-bk-tenant-id"] = tenant_id else username = oauthUtil:verify_bk_token(config.oauth.apigw_url, bk_token) end diff --git a/src/gateway/vhosts/bkrepo.web.conf b/src/gateway/vhosts/bkrepo.web.conf index 6947d1053d..6178c1e67b 100644 --- a/src/gateway/vhosts/bkrepo.web.conf +++ b/src/gateway/vhosts/bkrepo.web.conf @@ -25,7 +25,7 @@ location ~ ^/web/([\w-_]+)/(.*)$ { proxy_set_header X-DEVOPS-ACCESS-TOKEN $accessToken; proxy_set_header X-BKREPO-UID $uid; proxy_set_header X-BKREPO-DISPLAY-NAME $display_name; - proxy_set_header X-BKREPO-TENANT-ID $tenant_id; + proxy_set_header X-BK-TENANT-ID $tenant_id; proxy_set_header X-BKREPO-BK-TOKEN $bk_token; proxy_set_header X-BKREPO-BK-TICKET $bk_token; proxy_set_header X-BKREPO-ACCESS-TOKEN $accessToken; From c9c4fd931c46fac36d306ed161cb5c4642cb84b6 Mon Sep 17 00:00:00 2001 From: owenlxu Date: Thu, 6 Mar 2025 17:46:16 +0800 Subject: [PATCH 03/12] =?UTF-8?q?feat:=20=E6=94=AF=E6=8C=81=E5=A4=9A?= =?UTF-8?q?=E7=A7=9F=E6=88=B7=E9=83=A8=E7=BD=B2=20#2957?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../kubernetes/charts/bkrepo/templates/configmap-common.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/support-files/kubernetes/charts/bkrepo/templates/configmap-common.yaml b/support-files/kubernetes/charts/bkrepo/templates/configmap-common.yaml index 2525e32538..ebdcf2d00c 100644 --- a/support-files/kubernetes/charts/bkrepo/templates/configmap-common.yaml +++ b/support-files/kubernetes/charts/bkrepo/templates/configmap-common.yaml @@ -45,6 +45,7 @@ data: router.controller.enabled: true router.controller.supportServices: generic {{- end }} + multitenant.enable: {{ .Values.gateway.enableMultiTenantMode }} cluster: region: {{ .Values.common.region }} architecture: {{ .Values.cluster.architecture }} From eee6afc93c4e26e9c08752039d90bb6f7fd22f26 Mon Sep 17 00:00:00 2001 From: owenlxu Date: Thu, 6 Mar 2025 20:23:04 +0800 Subject: [PATCH 04/12] =?UTF-8?q?feat:=20=E6=94=AF=E6=8C=81=E5=A4=9A?= =?UTF-8?q?=E7=A7=9F=E6=88=B7=E9=A1=B9=E7=9B=AE=E5=88=9D=E5=A7=8B=E5=8C=96?= =?UTF-8?q?=20#2957?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../common/metadata/service/project/impl/ProjectServiceImpl.kt | 1 + 1 file changed, 1 insertion(+) diff --git a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/ProjectServiceImpl.kt b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/ProjectServiceImpl.kt index 48faf81b08..6517193bbf 100644 --- a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/ProjectServiceImpl.kt +++ b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/service/project/impl/ProjectServiceImpl.kt @@ -170,6 +170,7 @@ class ProjectServiceImpl( } // 校验租户信息 if (enableMultiTenant.enabled) { + logger.info("check tenant") validateTenantId() } val project = request.buildProject(ProjectServiceHelper.getTenantId()) From 19ac5cd6ae10c28643f5f926d3daa5d43a9959ab Mon Sep 17 00:00:00 2001 From: owenlxu Date: Fri, 7 Mar 2025 10:43:38 +0800 Subject: [PATCH 05/12] =?UTF-8?q?feat:=20=E6=94=AF=E6=8C=81=E5=A4=9A?= =?UTF-8?q?=E7=A7=9F=E6=88=B7=E9=83=A8=E7=BD=B2=20#2957?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../kubernetes/charts/bkrepo/templates/configmap-common.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/support-files/kubernetes/charts/bkrepo/templates/configmap-common.yaml b/support-files/kubernetes/charts/bkrepo/templates/configmap-common.yaml index ebdcf2d00c..527321e075 100644 --- a/support-files/kubernetes/charts/bkrepo/templates/configmap-common.yaml +++ b/support-files/kubernetes/charts/bkrepo/templates/configmap-common.yaml @@ -45,7 +45,7 @@ data: router.controller.enabled: true router.controller.supportServices: generic {{- end }} - multitenant.enable: {{ .Values.gateway.enableMultiTenantMode }} + multitenant.enabled: {{ .Values.gateway.enableMultiTenantMode }} cluster: region: {{ .Values.common.region }} architecture: {{ .Values.cluster.architecture }} From d0a067536fcff740c3fb595777637b3c74d3f44e Mon Sep 17 00:00:00 2001 From: owenlxu Date: Fri, 7 Mar 2025 11:54:15 +0800 Subject: [PATCH 06/12] =?UTF-8?q?feat:=20=E6=94=AF=E6=8C=81=E5=A4=9A?= =?UTF-8?q?=E7=A7=9F=E6=88=B7=E9=83=A8=E7=BD=B2=20#2957?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/gateway/lua/auth/auth_web.lua | 1 + 1 file changed, 1 insertion(+) diff --git a/src/gateway/lua/auth/auth_web.lua b/src/gateway/lua/auth/auth_web.lua index feb02ecc29..eedda312e4 100644 --- a/src/gateway/lua/auth/auth_web.lua +++ b/src/gateway/lua/auth/auth_web.lua @@ -61,6 +61,7 @@ elseif config.auth_mode == "ticket" then end if bk_ticket ~= nil then username = oauthUtil:verify_ticket(bk_ticket, "ticket") + ngx.header["x-bk-tenant-id"] = "system" token = bk_ticket else -- 校验移动网关登录态 From 25cc3836fd21bef34ec33946af2bf0aaa9e3708b Mon Sep 17 00:00:00 2001 From: owenlxu Date: Fri, 7 Mar 2025 14:41:15 +0800 Subject: [PATCH 07/12] =?UTF-8?q?feat:=20=E6=94=AF=E6=8C=81=E5=A4=9A?= =?UTF-8?q?=E7=A7=9F=E6=88=B7=E9=83=A8=E7=BD=B2=20#2957?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/gateway/lua/auth/auth_web.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/gateway/lua/auth/auth_web.lua b/src/gateway/lua/auth/auth_web.lua index eedda312e4..63fe69b115 100644 --- a/src/gateway/lua/auth/auth_web.lua +++ b/src/gateway/lua/auth/auth_web.lua @@ -46,7 +46,7 @@ elseif config.auth_mode == "" or config.auth_mode == "token" then username, display_name, tenant_id = oauthUtil:verify_bk_token_muti_tenant(config.oauth.apigw_url, bk_token) -- 设置多租户相关信息 -- ngx.header["x-bkrepo-display-name"] = ngx.encode_base64(display_name) - ngx.header["x-bk-tenant-id"] = tenant_id + ngx.header["x-bkrepo-tenant-id"] = tenant_id else username = oauthUtil:verify_bk_token(config.oauth.apigw_url, bk_token) end From 84db2c6c55a22b0527fee8c17ae2115fc95dd3db Mon Sep 17 00:00:00 2001 From: owenlxu Date: Fri, 7 Mar 2025 17:22:29 +0800 Subject: [PATCH 08/12] =?UTF-8?q?feat:=20=E6=94=AF=E6=8C=81=E5=A4=9A?= =?UTF-8?q?=E7=A7=9F=E6=88=B7=E9=A1=B9=E7=9B=AE=E5=88=9D=E5=A7=8B=E5=8C=96?= =?UTF-8?q?=20#2957?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../src/test/kotlin/com/tencent/bkrepo/job/batch/JobBaseTest.kt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/backend/job/biz-job/src/test/kotlin/com/tencent/bkrepo/job/batch/JobBaseTest.kt b/src/backend/job/biz-job/src/test/kotlin/com/tencent/bkrepo/job/batch/JobBaseTest.kt index c158dbbabd..fb5e4abf6e 100644 --- a/src/backend/job/biz-job/src/test/kotlin/com/tencent/bkrepo/job/batch/JobBaseTest.kt +++ b/src/backend/job/biz-job/src/test/kotlin/com/tencent/bkrepo/job/batch/JobBaseTest.kt @@ -28,6 +28,7 @@ package com.tencent.bkrepo.job.batch import com.tencent.bkrepo.common.artifact.event.base.ArtifactEvent +import com.tencent.bkrepo.common.artifact.properties.EnableMultiTenantProperties import com.tencent.bkrepo.common.artifact.properties.RouterControllerProperties import com.tencent.bkrepo.common.job.JobAutoConfiguration import com.tencent.bkrepo.common.metadata.properties.ProjectUsageStatisticsProperties @@ -64,6 +65,7 @@ import org.springframework.test.context.TestPropertySource StorageAutoConfiguration::class, RouterControllerProperties::class, ProjectUsageStatisticsProperties::class, + EnableMultiTenantProperties::class ) @TestPropertySource( locations = [ From 568b89dda85aa0977a954a7f3cf5aaa7092bc671 Mon Sep 17 00:00:00 2001 From: owenlxu Date: Fri, 7 Mar 2025 19:45:29 +0800 Subject: [PATCH 09/12] =?UTF-8?q?feat:=20=E6=94=AF=E6=8C=81=E5=A4=9A?= =?UTF-8?q?=E7=A7=9F=E6=88=B7=E9=A1=B9=E7=9B=AE=E5=88=9D=E5=A7=8B=E5=8C=96?= =?UTF-8?q?=20#2957?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../bkrepo/common/metadata/util/ProjectServiceHelper.kt | 2 +- .../com/tencent/bkrepo/repository/service/ServiceBaseTest.kt | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/util/ProjectServiceHelper.kt b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/util/ProjectServiceHelper.kt index 5c87a44455..d26eec6618 100644 --- a/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/util/ProjectServiceHelper.kt +++ b/src/backend/common/common-metadata/metadata-service/src/main/kotlin/com/tencent/bkrepo/common/metadata/util/ProjectServiceHelper.kt @@ -147,7 +147,7 @@ object ProjectServiceHelper { } fun getTenantId(): String? { - return HttpContextHolder.getRequest().getHeader(TENANT_ID) + return HttpContextHolder.getRequestOrNull()?.getHeader(TENANT_ID) } fun buildListQuery(): Query { diff --git a/src/backend/repository/biz-repository/src/test/kotlin/com/tencent/bkrepo/repository/service/ServiceBaseTest.kt b/src/backend/repository/biz-repository/src/test/kotlin/com/tencent/bkrepo/repository/service/ServiceBaseTest.kt index dc990601b3..8cfef56bf3 100644 --- a/src/backend/repository/biz-repository/src/test/kotlin/com/tencent/bkrepo/repository/service/ServiceBaseTest.kt +++ b/src/backend/repository/biz-repository/src/test/kotlin/com/tencent/bkrepo/repository/service/ServiceBaseTest.kt @@ -42,6 +42,7 @@ import com.tencent.bkrepo.common.artifact.event.project.ProjectCreatedEvent import com.tencent.bkrepo.common.artifact.pojo.RepositoryCategory import com.tencent.bkrepo.common.artifact.pojo.RepositoryType import com.tencent.bkrepo.common.artifact.pojo.configuration.local.LocalConfiguration +import com.tencent.bkrepo.common.artifact.properties.EnableMultiTenantProperties import com.tencent.bkrepo.common.artifact.properties.RouterControllerProperties import com.tencent.bkrepo.common.metadata.config.RepositoryProperties import com.tencent.bkrepo.common.metadata.dao.node.NodeDao @@ -99,7 +100,8 @@ import org.springframework.test.context.TestPropertySource SpringContextUtils::class, NodeDao::class, RouterControllerProperties::class, - RepositoryProperties::class + RepositoryProperties::class, + EnableMultiTenantProperties::class, ) @ComponentScan(value = ["com.tencent.bkrepo.repository.service", "com.tencent.bkrepo.common.metadata"]) @TestPropertySource(locations = ["classpath:bootstrap-ut.properties", "classpath:center-ut.properties"]) From 851c3452cc9694edff7e08e04e5faa3df4a17e4f Mon Sep 17 00:00:00 2001 From: owenlxu Date: Mon, 10 Mar 2025 16:25:54 +0800 Subject: [PATCH 10/12] =?UTF-8?q?feat:=20=E6=94=AF=E6=8C=81=E5=A4=9A?= =?UTF-8?q?=E7=A7=9F=E6=88=B7=E9=83=A8=E7=BD=B2=20#2957?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- scripts/build-images.sh | 1 + src/backend/build.sh | 1 + support-files/kubernetes/images/build.sh | 1 + 3 files changed, 3 insertions(+) diff --git a/scripts/build-images.sh b/scripts/build-images.sh index c7041d56be..42e8201ab5 100755 --- a/scripts/build-images.sh +++ b/scripts/build-images.sh @@ -217,6 +217,7 @@ if [[ $ALL -eq 1 || $INIT -eq 1 ]] ; then rm -rf $tmp_dir/* cp -rf $IMAGE_DIR/init/init-mongodb.sh $tmp_dir/ cp -rf $ROOT_DIR/support-files/sql/init-data.js $tmp_dir/ + cp -rf $ROOT_DIR/support-files/sql/init-data-tenant.js $tmp_dir/ cp -rf $ROOT_DIR/support-files/sql/init-data-ext.js $tmp_dir/ docker build -f $IMAGE_DIR/init/init.Dockerfile -t $REGISTRY/$NAMESPACE/bkrepo-init:$VERSION $tmp_dir --no-cache --network=host if [[ $PUSH -eq 1 ]] ; then diff --git a/src/backend/build.sh b/src/backend/build.sh index d55b9bad66..e11813cbfe 100755 --- a/src/backend/build.sh +++ b/src/backend/build.sh @@ -167,6 +167,7 @@ if [[ $ALL -eq 1 || $INIT -eq 1 ]] ; then rm -rf $tmp_dir/* cp -rf init/init-mongodb.sh $tmp_dir/ cp -rf $ROOT_DIR/support-files/sql/init-data.js $tmp_dir/ + cp -rf $ROOT_DIR/support-files/sql/init-data-tenant.js $tmp_dir/ cp -rf $ROOT_DIR/support-files/sql/init-data-ext.js $tmp_dir/ docker build -f init/init.Dockerfile -t $REGISTRY/bkrepo-init:$VERSION $tmp_dir --no-cache --network=host if [[ $PUSH -eq 1 ]] ; then diff --git a/support-files/kubernetes/images/build.sh b/support-files/kubernetes/images/build.sh index c2aa1cbb13..3b631e1954 100755 --- a/support-files/kubernetes/images/build.sh +++ b/support-files/kubernetes/images/build.sh @@ -149,6 +149,7 @@ if [[ $ALL -eq 1 || $INIT -eq 1 ]] ; then rm -rf $tmp_dir/* cp -rf init/init-mongodb.sh $tmp_dir/ cp -rf $ROOT_DIR/support-files/sql/init-data.js $tmp_dir/ + cp -rf $ROOT_DIR/support-files/sql/init-data-tenant.js $tmp_dir/ cp -rf $ROOT_DIR/support-files/sql/init-data-ext.js $tmp_dir/ fi From 90e290d4311f9ec7e67bdfc2bf5b65248900e0a6 Mon Sep 17 00:00:00 2001 From: owenlxu Date: Mon, 10 Mar 2025 20:02:48 +0800 Subject: [PATCH 11/12] =?UTF-8?q?feat:=20=E6=94=AF=E6=8C=81=E5=A4=9A?= =?UTF-8?q?=E7=A7=9F=E6=88=B7=E9=83=A8=E7=BD=B2=20#2957?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../charts/bkrepo/templates/init-job/init-mongodb.yaml | 2 +- support-files/kubernetes/images/init/init-mongodb.sh | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/support-files/kubernetes/charts/bkrepo/templates/init-job/init-mongodb.yaml b/support-files/kubernetes/charts/bkrepo/templates/init-job/init-mongodb.yaml index 9fccc229f5..c8833b1a28 100644 --- a/support-files/kubernetes/charts/bkrepo/templates/init-job/init-mongodb.yaml +++ b/support-files/kubernetes/charts/bkrepo/templates/init-job/init-mongodb.yaml @@ -58,6 +58,6 @@ spec: - name: BK_REPO_SECRETKEY value: {{ .Values.gateway.secretKey }} - name: BK_REPO_ENABLE_MULTI_TENANT_MODE - value: {{ .Values.gateway.enableMultiTenantMode }} + value: {{ default "false" .Values.gateway.enableMultiTenantMode | quote }} restartPolicy: OnFailure {{- end }} diff --git a/support-files/kubernetes/images/init/init-mongodb.sh b/support-files/kubernetes/images/init/init-mongodb.sh index 4a7cf56d3d..e92a64473a 100644 --- a/support-files/kubernetes/images/init/init-mongodb.sh +++ b/support-files/kubernetes/images/init/init-mongodb.sh @@ -28,7 +28,8 @@ else if [ "$multi_tenant" != "true" ]; then mongo --ipv6 $BK_REPO_MONGODB_URI init-data.js else - mongo --ipv6 $BK_REPO_MONGODB_URI init-data-tenant.js + echo "aaaaa" + mongo --ipv6 $BK_REPO_MONGODB_URI init-data-tenant.js fi fi From 16eddd3d989991d41cf0ddeecd4907ab8904c264 Mon Sep 17 00:00:00 2001 From: owenlxu Date: Tue, 11 Mar 2025 09:46:26 +0800 Subject: [PATCH 12/12] =?UTF-8?q?feat:=20=E6=94=AF=E6=8C=81=E5=A4=9A?= =?UTF-8?q?=E7=A7=9F=E6=88=B7=E9=83=A8=E7=BD=B2=20#2957?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../charts/bkrepo/templates/init-job/init-mongodb.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/support-files/kubernetes/charts/bkrepo/templates/init-job/init-mongodb.yaml b/support-files/kubernetes/charts/bkrepo/templates/init-job/init-mongodb.yaml index c8833b1a28..a5e122961c 100644 --- a/support-files/kubernetes/charts/bkrepo/templates/init-job/init-mongodb.yaml +++ b/support-files/kubernetes/charts/bkrepo/templates/init-job/init-mongodb.yaml @@ -26,6 +26,13 @@ spec: - name: wait-for-mongodb image: {{ include "bkrepo.images.image" ( dict "imageRoot" .Values.init.mongodb.image "global" .Values.global "bkrepo" .Values.common) }} imagePullPolicy: {{ .Values.init.mongodb.image.pullPolicy }} + resources: + limits: + cpu: "1" + memory: "1Gi" + requests: + cpu: "0.5" + memory: "500Mi" command: - "/bin/sh" - "-c"