diff --git a/dbm-ui/backend/db_meta/apps.py b/dbm-ui/backend/db_meta/apps.py index 771d660b66..16ab26de09 100644 --- a/dbm-ui/backend/db_meta/apps.py +++ b/dbm-ui/backend/db_meta/apps.py @@ -25,10 +25,11 @@ def init_db_meta(sender, **kwargs): from .models.spec import Spec try: - logical_city = LogicalCity.objects.create(name="default") - BKCity.objects.create(bk_idc_city_name="default", logical_city=logical_city) + if not LogicalCity.objects.count(): + logical_city = LogicalCity.objects.create(name="default") + BKCity.objects.create(bk_idc_city_name="default", logical_city=logical_city) except Exception as err: # pylint: disable=broad-except: - logger.warning(f"City init occur error: {err}, maybe already init, ignore...") + logger.warning(f"City init occur error: {err}, ignore...") # 初始化规格配置 try: diff --git a/dbm-ui/backend/db_meta/urls.py b/dbm-ui/backend/db_meta/urls.py index 989b67c9d2..2bbd3d2186 100644 --- a/dbm-ui/backend/db_meta/urls.py +++ b/dbm-ui/backend/db_meta/urls.py @@ -102,22 +102,4 @@ views.priv_manager.tendbsingle_biz_clusters, name="priv_manager-tendbsingle-biz_clusters", ), - path( - "fake/tendbha/create_cluster", views.fake.fake_create_tendbha_cluster, name="fake-tendbha-create_cluster" - ), - path( - "fake/tendbsingle/create_cluster", - views.fake.fake_create_tendbsingle, - name="fake-tendbsingle-create_cluster", - ), - path( - "fake/tendbha/reset_cluster", - views.fake.fake_reset_tendbha_cluster, - name="fake-tendbha-reset_cluster", - ), - path( - "fake/tendbcluster/reset_cluster", - views.fake.fake_reset_tendbcluster_cluster, - name="fake-tendbcluster-reset_cluster", - ), ] diff --git a/dbm-ui/backend/db_proxy/constants.py b/dbm-ui/backend/db_proxy/constants.py index b976cb3b76..375afe0304 100644 --- a/dbm-ui/backend/db_proxy/constants.py +++ b/dbm-ui/backend/db_proxy/constants.py @@ -13,7 +13,7 @@ from backend.configuration.constants import DBType from blue_krill.data_types.enum import EnumField, StructuredEnum -SWAGGER_TAG = _("透传服务") +SWAGGER_TAG = _("透传服务(proxypass)") NGINX_PUSH_TARGET_PATH = "/usr/local/bkdb/nginx-portable/conf/cluster_service/" diff --git a/dbm-ui/backend/db_proxy/urls.py b/dbm-ui/backend/db_proxy/urls.py index 488e4b25dc..ae2af4aa77 100644 --- a/dbm-ui/backend/db_proxy/urls.py +++ b/dbm-ui/backend/db_proxy/urls.py @@ -19,10 +19,10 @@ from backend.db_proxy.views.dns.views import DnsProxyPassViewSet from backend.db_proxy.views.dumper.views import DumperProxyPassViewSet from backend.db_proxy.views.hadb.views import HADBProxyPassViewSet +from backend.db_proxy.views.job_callback.views import JobCallBackViewSet from backend.db_proxy.views.jobapi.views import JobApiProxyPassViewSet from backend.db_proxy.views.nameservice.views import NameServiceProxyPassViewSet from backend.db_proxy.views.redis_dts.views import DtsApiProxyPassViewSet -from backend.db_proxy.views.views import JobCallBackViewSet routers = DefaultRouter(trailing_slash=True) routers.register(r"", DnsProxyPassViewSet, basename="dns") diff --git a/dbm-ui/backend/db_proxy/views/bkrepo/serializers.py b/dbm-ui/backend/db_proxy/views/bkrepo/serializers.py index 1ad10a217b..914bedbc57 100644 --- a/dbm-ui/backend/db_proxy/views/bkrepo/serializers.py +++ b/dbm-ui/backend/db_proxy/views/bkrepo/serializers.py @@ -11,8 +11,8 @@ from django.utils.translation import gettext_lazy as _ from rest_framework import serializers -from backend.db_proxy.views.serialiers import BaseProxyPassSerialier +from backend.db_proxy.views.serialiers import BaseProxyPassSerializer -class UploadSerializer(BaseProxyPassSerialier): +class UploadSerializer(BaseProxyPassSerializer): file = serializers.FileField(help_text=_("上传文件")) diff --git a/dbm-ui/backend/db_proxy/views/db_meta/serializers.py b/dbm-ui/backend/db_proxy/views/db_meta/serializers.py index 2658ecb4c6..8ade07ff2e 100644 --- a/dbm-ui/backend/db_proxy/views/db_meta/serializers.py +++ b/dbm-ui/backend/db_proxy/views/db_meta/serializers.py @@ -12,10 +12,10 @@ from rest_framework import serializers from backend.db_proxy.views import mock_data -from backend.db_proxy.views.serialiers import BaseProxyPassSerialier +from backend.db_proxy.views.serialiers import BaseProxyPassSerializer -class InstancesSerializer(BaseProxyPassSerialier): +class InstancesSerializer(BaseProxyPassSerializer): logical_city_ids = serializers.ListField( help_text=_("逻辑城市ID列表"), child=serializers.IntegerField(), allow_null=True, allow_empty=True, required=False ) @@ -33,7 +33,7 @@ class Meta: swagger_schema_fields = {"example": mock_data.INSTANCE_DATA_RESPONSE} -class SwapRoleSerializer(BaseProxyPassSerialier): +class SwapRoleSerializer(BaseProxyPassSerializer): class SwapEleSerializer(serializers.Serializer): class SwapInstanceSerializer(serializers.Serializer): ip = serializers.IPAddressField() @@ -46,7 +46,7 @@ class SwapInstanceSerializer(serializers.Serializer): bk_cloud_id = serializers.IntegerField() -class TendisClusterSwapSerializer(BaseProxyPassSerialier): +class TendisClusterSwapSerializer(BaseProxyPassSerializer): class PayloadSerializer(serializers.Serializer): class IpPortSerializer(serializers.Serializer): ip = serializers.CharField(help_text=_("实例IP")) @@ -60,7 +60,7 @@ class IpPortSerializer(serializers.Serializer): bk_cloud_id = serializers.IntegerField() -class UpdateStatusSerializer(BaseProxyPassSerialier): +class UpdateStatusSerializer(BaseProxyPassSerializer): class UpdateStatusEleSerializer(serializers.Serializer): ip = serializers.IPAddressField() port = serializers.IntegerField(min_value=1025, max_value=65535) @@ -72,23 +72,23 @@ class UpdateStatusEleSerializer(serializers.Serializer): bk_cloud_id = serializers.IntegerField() -class EntryDetailSerializer(BaseProxyPassSerialier): +class EntryDetailSerializer(BaseProxyPassSerializer): domains = serializers.ListField(help_text=_("查询的domain列表"), child=serializers.CharField()) -class MachinesClusterSerializer(BaseProxyPassSerialier): +class MachinesClusterSerializer(BaseProxyPassSerializer): hosts = serializers.ListField(help_text=_("查询的Hosts列表"), child=serializers.CharField()) -class ClusterDetailSerializer(BaseProxyPassSerialier): +class ClusterDetailSerializer(BaseProxyPassSerializer): cluster_ids = serializers.ListField(help_text=_("查询的集群IDs"), child=serializers.CharField()) -class BKCityNameSerializer(BaseProxyPassSerialier): +class BKCityNameSerializer(BaseProxyPassSerializer): logic_city_name = serializers.CharField(help_text=_("逻辑城市名称")) -class FakeTendbSingleCreateCluster(BaseProxyPassSerialier): +class FakeTendbSingleCreateCluster(BaseProxyPassSerializer): storage_instance = serializers.CharField(help_text=_("实例")) immute_domain = serializers.CharField(help_text=_("集群域名")) name = serializers.CharField(help_text=_("集群名"), required=False) @@ -96,7 +96,7 @@ class FakeTendbSingleCreateCluster(BaseProxyPassSerialier): db_module_id = serializers.IntegerField(help_text=_("模块ID"), required=False) -class FakeTendbHACreateCluster(BaseProxyPassSerialier): +class FakeTendbHACreateCluster(BaseProxyPassSerializer): proxies = serializers.ListField(help_text=_("代理列表")) master_instance = serializers.CharField(help_text=_("master实例")) slave_instance = serializers.CharField(help_text=_("slave实例")) @@ -107,7 +107,7 @@ class FakeTendbHACreateCluster(BaseProxyPassSerialier): slave_domain = serializers.CharField(help_text=_("从库域名"), required=False) -class FakeResetTendbHACluster(BaseProxyPassSerialier): +class FakeResetTendbHACluster(BaseProxyPassSerializer): proxies = serializers.ListField(help_text=_("proxy列表"), child=serializers.CharField()) master_instance = serializers.CharField(help_text=_("master实例")) slave_instance = serializers.CharField(help_text=_("slave实例")) @@ -115,20 +115,20 @@ class FakeResetTendbHACluster(BaseProxyPassSerialier): slave_domain = serializers.CharField(help_text=_("slave域名"), required=False) -class BizClusterSerializer(BaseProxyPassSerialier): +class BizClusterSerializer(BaseProxyPassSerializer): bk_biz_id = serializers.IntegerField(help_text=_("业务ID")) immute_domains = serializers.ListField(help_text=_("域名列表"), child=serializers.CharField()) -class ClusterInstanceSerializer(BaseProxyPassSerialier): +class ClusterInstanceSerializer(BaseProxyPassSerializer): immute_domain = serializers.CharField(help_text=_("域名列表")) -class InstanceDetailSLZ(BaseProxyPassSerialier): +class InstanceDetailSLZ(BaseProxyPassSerializer): ip = serializers.CharField(help_text=_("ip")) port = serializers.IntegerField(help_text=_("port")) bk_cloud_id = serializers.IntegerField(help_text=_("bk_cloud_id")) -class TendbInstancesSerializer(BaseProxyPassSerialier): +class TendbInstancesSerializer(BaseProxyPassSerializer): entry_name = serializers.CharField(help_text=_("访问入口")) diff --git a/dbm-ui/backend/db_proxy/views/db_remote_service/__init__.py b/dbm-ui/backend/db_proxy/views/db_remote_service/__init__.py new file mode 100644 index 0000000000..aa5085c628 --- /dev/null +++ b/dbm-ui/backend/db_proxy/views/db_remote_service/__init__.py @@ -0,0 +1,10 @@ +# -*- coding: utf-8 -*- +""" +TencentBlueKing is pleased to support the open source community by making 蓝鲸智云-DB管理系统(BlueKing-BK-DBM) available. +Copyright (C) 2017-2023 THL A29 Limited, a Tencent company. All rights reserved. +Licensed under the MIT License (the "License"); you may not use this file except in compliance with the License. +You may obtain a copy of the License at https://opensource.org/licenses/MIT +Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on +an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the +specific language governing permissions and limitations under the License. +""" diff --git a/dbm-ui/backend/db_proxy/views/db_remote_service/serializers.py b/dbm-ui/backend/db_proxy/views/db_remote_service/serializers.py index 49a0a68334..2c31c5fb54 100644 --- a/dbm-ui/backend/db_proxy/views/db_remote_service/serializers.py +++ b/dbm-ui/backend/db_proxy/views/db_remote_service/serializers.py @@ -12,10 +12,10 @@ from django.utils.translation import gettext_lazy as _ from rest_framework import serializers -from backend.db_proxy.views.serialiers import BaseProxyPassSerialier +from backend.db_proxy.views.serialiers import BaseProxyPassSerializer -class RPCSerializer(BaseProxyPassSerialier): +class RPCSerializer(BaseProxyPassSerializer): addresses = serializers.ListField(help_text=_("实例列表"), child=serializers.CharField()) cmds = serializers.ListField(help_text=_("SQL命令列表"), child=serializers.CharField()) force = serializers.BooleanField(help_text=_("是否强制执行"), required=False, default=False) diff --git a/dbm-ui/backend/db_proxy/views/db_remote_service/views.py b/dbm-ui/backend/db_proxy/views/db_remote_service/views.py index c84b5ee052..89c46d361e 100644 --- a/dbm-ui/backend/db_proxy/views/db_remote_service/views.py +++ b/dbm-ui/backend/db_proxy/views/db_remote_service/views.py @@ -27,10 +27,6 @@ class DRSApiProxyPassViewSet(BaseProxyPassViewSet): DBMeta接口的透传视图 """ - def get_permissions(self): - # TODO: 内部服务接口,是否需要鉴权? - return [AllowAny()] - @common_swagger_auto_schema( operation_summary=_("[db-remote-service]SQL远程执行"), request_body=RPCSerializer(), diff --git a/dbm-ui/backend/db_proxy/views/dbconfig/serializers.py b/dbm-ui/backend/db_proxy/views/dbconfig/serializers.py index fa6a1d42a9..328e500638 100644 --- a/dbm-ui/backend/db_proxy/views/dbconfig/serializers.py +++ b/dbm-ui/backend/db_proxy/views/dbconfig/serializers.py @@ -13,11 +13,11 @@ from backend.components.dbconfig.constants import FormatType, LevelName from backend.db_proxy.views import mock_data -from backend.db_proxy.views.serialiers import BaseProxyPassSerialier +from backend.db_proxy.views.serialiers import BaseProxyPassSerializer from backend.flow.consts import ConfigTypeEnum -class QueryConfItemSerializer(BaseProxyPassSerialier): +class QueryConfItemSerializer(BaseProxyPassSerializer): bk_biz_id = serializers.CharField(help_text=_("业务ID")) conf_file = serializers.CharField(help_text=_("conf_file 可以是,号分隔的多个文件名,返回结果是一个按照配置文件名组合的一个 list")) conf_name = serializers.CharField( @@ -39,7 +39,7 @@ class Meta: swagger_schema_fields = {"example": mock_data.QUERY_CONF_ITEM_DATA_RESPONSE} -class BatchGetConfItemSerializer(BaseProxyPassSerialier): +class BatchGetConfItemSerializer(BaseProxyPassSerializer): conf_file = serializers.CharField( help_text=_("配置文件名,一般配置类型与配置文件一一对应,但如 mysql 5.6, 5.7 两个版本同" "属 dbconf 配置,所以有 MySQL-5.5, MySQL-5.6 两个配置文件") ) diff --git a/dbm-ui/backend/db_proxy/views/dbconfig/views.py b/dbm-ui/backend/db_proxy/views/dbconfig/views.py index 8bac78add4..30fd179942 100644 --- a/dbm-ui/backend/db_proxy/views/dbconfig/views.py +++ b/dbm-ui/backend/db_proxy/views/dbconfig/views.py @@ -32,10 +32,6 @@ class DBConfigProxyPassViewSet(BaseProxyPassViewSet): DBConfig接口的透传视图 """ - def get_permissions(self): - # TODO: 内部服务接口,是否需要鉴权? - return [AllowAny()] - @common_swagger_auto_schema( operation_summary=_("[dbconfig]查询配置项列表"), request_body=QueryConfItemSerializer(), diff --git a/dbm-ui/backend/db_proxy/views/dbpriv/serializers.py b/dbm-ui/backend/db_proxy/views/dbpriv/serializers.py index 65ffb4ab0a..97ed5d33f9 100644 --- a/dbm-ui/backend/db_proxy/views/dbpriv/serializers.py +++ b/dbm-ui/backend/db_proxy/views/dbpriv/serializers.py @@ -12,10 +12,10 @@ from django.utils.translation import ugettext as _ from rest_framework import serializers -from backend.db_proxy.views.serialiers import BaseProxyPassSerialier +from backend.db_proxy.views.serialiers import BaseProxyPassSerializer -class ProxyPasswordSerializer(BaseProxyPassSerialier): +class ProxyPasswordSerializer(BaseProxyPassSerializer): class InstanceDetailSerializer(serializers.Serializer): ip = serializers.CharField(help_text=_("实例ip")) port = serializers.IntegerField(help_text=_("实例port")) diff --git a/dbm-ui/backend/db_proxy/views/dns/serializers.py b/dbm-ui/backend/db_proxy/views/dns/serializers.py index c3e08b4251..684fdeddfb 100644 --- a/dbm-ui/backend/db_proxy/views/dns/serializers.py +++ b/dbm-ui/backend/db_proxy/views/dns/serializers.py @@ -12,10 +12,10 @@ from rest_framework import serializers from backend.db_proxy.views import mock_data -from backend.db_proxy.views.serialiers import BaseProxyPassSerialier +from backend.db_proxy.views.serialiers import BaseProxyPassSerializer -class GetAllDomainListSerializer(BaseProxyPassSerialier): +class GetAllDomainListSerializer(BaseProxyPassSerializer): pass @@ -24,7 +24,7 @@ class Meta: swagger_schema_fields = {"example": mock_data.GET_ALL_DOMAIN_LIST_DATA_RESPONSE} -class GetDomainSerializer(BaseProxyPassSerialier): +class GetDomainSerializer(BaseProxyPassSerializer): app = serializers.CharField(help_text=_("GCS业务英文缩写"), required=False) domain_name = serializers.ListField(help_text=_("查询的域名列表"), child=serializers.CharField(), required=False) ip = serializers.ListField(help_text=_("查询的IP列表"), child=serializers.CharField(), required=False) @@ -36,7 +36,7 @@ class Meta: swagger_schema_fields = {"example": mock_data.GET_DOMAIN_DATA_RESPONSE} -class DeleteDomainSerializer(BaseProxyPassSerialier): +class DeleteDomainSerializer(BaseProxyPassSerializer): class DomainSerializer(serializers.Serializer): domain_name = serializers.CharField(help_text=_("查询的域名")) instances = serializers.ListField(help_text=_("实例列表"), child=serializers.CharField(), required=False) @@ -50,7 +50,7 @@ class Meta: swagger_schema_fields = {"example": mock_data.DELETE_DOMAIN_DATA_RESPONSE} -class BatchPostDomainSerializer(BaseProxyPassSerialier): +class BatchPostDomainSerializer(BaseProxyPassSerializer): class BatchPostInstanceSetSerializer(serializers.Serializer): old_instance = serializers.CharField(help_text=_("旧实例节点")) new_instance = serializers.CharField(help_text=_("新实例节点")) @@ -65,7 +65,7 @@ class Meta: swagger_schema_fields = {"example": mock_data.BATCH_DELETE_DOMAIN_DATA_RESPONSE} -class PostDomainSerializer(BaseProxyPassSerialier): +class PostDomainSerializer(BaseProxyPassSerializer): class PostInstanceSetSerializer(serializers.Serializer): instance = serializers.CharField(help_text=_("新的实例节点")) @@ -80,7 +80,7 @@ class Meta: swagger_schema_fields = {"example": mock_data.POST_DOMAIN_DATA_RESPONSE} -class PutDomainSerializer(BaseProxyPassSerialier): +class PutDomainSerializer(BaseProxyPassSerializer): class PutDomainDetailSerializer(serializers.Serializer): domain_name = serializers.CharField(help_text=_("查询的域名")) instances = serializers.ListField(help_text=_("实例列表"), child=serializers.CharField()) diff --git a/dbm-ui/backend/db_proxy/views/dns/views.py b/dbm-ui/backend/db_proxy/views/dns/views.py index 58d98ca55b..18291c6c5b 100644 --- a/dbm-ui/backend/db_proxy/views/dns/views.py +++ b/dbm-ui/backend/db_proxy/views/dns/views.py @@ -27,10 +27,6 @@ class DnsProxyPassViewSet(BaseProxyPassViewSet): Dns接口的透传视图 """ - def get_permissions(self): - # TODO: 内部服务接口,是否需要鉴权? - return [AllowAny()] - @common_swagger_auto_schema( operation_summary=_("[dns]获取所有ip、域名关系"), request_body=serializers.GetAllDomainListSerializer(), diff --git a/dbm-ui/backend/db_proxy/views/dumper/serializers.py b/dbm-ui/backend/db_proxy/views/dumper/serializers.py index 685bb9403f..8c53e8f14e 100644 --- a/dbm-ui/backend/db_proxy/views/dumper/serializers.py +++ b/dbm-ui/backend/db_proxy/views/dumper/serializers.py @@ -12,10 +12,10 @@ from django.utils.translation import gettext_lazy as _ from rest_framework import serializers -from backend.db_proxy.views.serialiers import BaseProxyPassSerialier +from backend.db_proxy.views.serialiers import BaseProxyPassSerializer -class DumperMigrateProxyPassSerializer(BaseProxyPassSerialier): +class DumperMigrateProxyPassSerializer(BaseProxyPassSerializer): class DumperSwitchInfoSerializer(serializers.Serializer): class SwitchInstanceSerializer(serializers.Serializer): host = serializers.CharField(help_text=_("主机IP")) diff --git a/dbm-ui/backend/db_proxy/views/hadb/serializers.py b/dbm-ui/backend/db_proxy/views/hadb/serializers.py index ae77252a2a..8d980747c1 100644 --- a/dbm-ui/backend/db_proxy/views/hadb/serializers.py +++ b/dbm-ui/backend/db_proxy/views/hadb/serializers.py @@ -12,10 +12,10 @@ from django.utils.translation import gettext_lazy as _ from rest_framework import serializers -from backend.db_proxy.views.serialiers import BaseProxyPassSerialier +from backend.db_proxy.views.serialiers import BaseProxyPassSerializer -class HADBProxyPassSerialier(BaseProxyPassSerialier): +class HADBProxyPassSerializer(BaseProxyPassSerializer): name = serializers.CharField(help_text=_("名字"), required=False) query_args = serializers.JSONField(help_text=_("查询参数"), required=False) set_args = serializers.JSONField(help_text=_("设置参数"), required=False) diff --git a/dbm-ui/backend/db_proxy/views/hadb/views.py b/dbm-ui/backend/db_proxy/views/hadb/views.py index 66f8ec152a..a18441d045 100644 --- a/dbm-ui/backend/db_proxy/views/hadb/views.py +++ b/dbm-ui/backend/db_proxy/views/hadb/views.py @@ -18,7 +18,7 @@ from backend.db_proxy.constants import SWAGGER_TAG from ..views import BaseProxyPassViewSet -from .serializers import HADBProxyPassSerialier +from .serializers import HADBProxyPassSerializer class HADBProxyPassViewSet(BaseProxyPassViewSet): @@ -28,60 +28,60 @@ class HADBProxyPassViewSet(BaseProxyPassViewSet): @common_swagger_auto_schema( operation_summary=_("[hadb]上报和查询ha的探测切换日志"), - request_body=HADBProxyPassSerialier(), + request_body=HADBProxyPassSerializer(), tags=[SWAGGER_TAG], ) - @action(methods=["POST"], detail=False, serializer_class=HADBProxyPassSerialier, url_path="hadb/halogs") + @action(methods=["POST"], detail=False, serializer_class=HADBProxyPassSerializer, url_path="hadb/halogs") def ha_logs(self, request): validated_data = self.params_validate(self.get_serializer_class()) return Response(HADBApi.ha_logs(params=validated_data)) @common_swagger_auto_schema( operation_summary=_("[hadb]上报和查询数据库实例的状态"), - request_body=HADBProxyPassSerialier(), + request_body=HADBProxyPassSerializer(), tags=[SWAGGER_TAG], ) - @action(methods=["POST"], detail=False, serializer_class=HADBProxyPassSerialier, url_path="hadb/dbstatus") + @action(methods=["POST"], detail=False, serializer_class=HADBProxyPassSerializer, url_path="hadb/dbstatus") def db_status(self, request): validated_data = self.params_validate(self.get_serializer_class()) return Response(HADBApi.db_status(params=validated_data)) @common_swagger_auto_schema( operation_summary=_("[hadb]上报和查询ha服务的状态"), - request_body=HADBProxyPassSerialier(), + request_body=HADBProxyPassSerializer(), tags=[SWAGGER_TAG], ) - @action(methods=["POST"], detail=False, serializer_class=HADBProxyPassSerialier, url_path="hadb/hastatus") + @action(methods=["POST"], detail=False, serializer_class=HADBProxyPassSerializer, url_path="hadb/hastatus") def ha_status(self, request): validated_data = self.params_validate(self.get_serializer_class()) return Response(HADBApi.ha_status(params=validated_data)) @common_swagger_auto_schema( operation_summary=_("[hadb]查询和上报切换队列"), - request_body=HADBProxyPassSerialier(), + request_body=HADBProxyPassSerializer(), tags=[SWAGGER_TAG], ) - @action(methods=["POST"], detail=False, serializer_class=HADBProxyPassSerialier, url_path="hadb/switchqueue") + @action(methods=["POST"], detail=False, serializer_class=HADBProxyPassSerializer, url_path="hadb/switchqueue") def switch_queue(self, request): validated_data = self.params_validate(self.get_serializer_class()) return Response(HADBApi.switch_queue(params=validated_data)) @common_swagger_auto_schema( operation_summary=_("[hadb]查询和上报切换日志"), - request_body=HADBProxyPassSerialier(), + request_body=HADBProxyPassSerializer(), tags=[SWAGGER_TAG], ) - @action(methods=["POST"], detail=False, serializer_class=HADBProxyPassSerialier, url_path="hadb/switchlogs") + @action(methods=["POST"], detail=False, serializer_class=HADBProxyPassSerializer, url_path="hadb/switchlogs") def switch_logs(self, request): validated_data = self.params_validate(self.get_serializer_class()) return Response(HADBApi.switch_logs(params=validated_data)) @common_swagger_auto_schema( operation_summary=_("[hadb]DBHA切换屏蔽配置"), - request_body=HADBProxyPassSerialier(), + request_body=HADBProxyPassSerializer(), tags=[SWAGGER_TAG], ) - @action(methods=["POST"], detail=False, serializer_class=HADBProxyPassSerialier, url_path="hadb/shieldconfig") + @action(methods=["POST"], detail=False, serializer_class=HADBProxyPassSerializer, url_path="hadb/shieldconfig") def shieldconfig(self, request): validated_data = self.params_validate(self.get_serializer_class()) return Response(HADBApi.shieldconfig(params=validated_data)) diff --git a/dbm-ui/backend/db_proxy/views/job_callback/__init__.py b/dbm-ui/backend/db_proxy/views/job_callback/__init__.py new file mode 100644 index 0000000000..aa5085c628 --- /dev/null +++ b/dbm-ui/backend/db_proxy/views/job_callback/__init__.py @@ -0,0 +1,10 @@ +# -*- coding: utf-8 -*- +""" +TencentBlueKing is pleased to support the open source community by making 蓝鲸智云-DB管理系统(BlueKing-BK-DBM) available. +Copyright (C) 2017-2023 THL A29 Limited, a Tencent company. All rights reserved. +Licensed under the MIT License (the "License"); you may not use this file except in compliance with the License. +You may obtain a copy of the License at https://opensource.org/licenses/MIT +Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on +an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the +specific language governing permissions and limitations under the License. +""" diff --git a/dbm-ui/backend/db_proxy/views/job_callback/serialiers.py b/dbm-ui/backend/db_proxy/views/job_callback/serialiers.py new file mode 100644 index 0000000000..f5d59d4b15 --- /dev/null +++ b/dbm-ui/backend/db_proxy/views/job_callback/serialiers.py @@ -0,0 +1,19 @@ +# -*- coding: utf-8 -*- +""" +TencentBlueKing is pleased to support the open source community by making 蓝鲸智云-DB管理系统(BlueKing-BK-DBM) available. +Copyright (C) 2017-2023 THL A29 Limited, a Tencent company. All rights reserved. +Licensed under the MIT License (the "License"); you may not use this file except in compliance with the License. +You may obtain a copy of the License at https://opensource.org/licenses/MIT +Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on +an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the +specific language governing permissions and limitations under the License. +""" + +from django.utils.translation import ugettext as _ +from rest_framework import serializers + + +class JobCallBackSerializer(serializers.Serializer): + job_instance_id = serializers.IntegerField(help_text=_("作业实例ID")) + status = serializers.IntegerField(help_text=_("作业状态码")) + step_instance_list = serializers.ListField(help_text=_("步骤块中包含的各个步骤执行状态"), child=serializers.DictField()) diff --git a/dbm-ui/backend/db_proxy/views/job_callback/views.py b/dbm-ui/backend/db_proxy/views/job_callback/views.py new file mode 100644 index 0000000000..b996f3bbc0 --- /dev/null +++ b/dbm-ui/backend/db_proxy/views/job_callback/views.py @@ -0,0 +1,106 @@ +# -*- coding: utf-8 -*- +""" +TencentBlueKing is pleased to support the open source community by making 蓝鲸智云-DB管理系统(BlueKing-BK-DBM) available. +Copyright (C) 2017-2023 THL A29 Limited, a Tencent company. All rights reserved. +Licensed under the MIT License (the "License"); you may not use this file except in compliance with the License. +You may obtain a copy of the License at https://opensource.org/licenses/MIT +Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on +an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the +specific language governing permissions and limitations under the License. +""" + +import base64 +import json +import logging + +from django.utils.translation import ugettext as _ +from rest_framework.decorators import action +from rest_framework.response import Response + +from backend import env +from backend.bk_web.swagger import common_swagger_auto_schema +from backend.components import JobApi +from backend.db_proxy.constants import SWAGGER_TAG, ExtensionType +from backend.db_proxy.exceptions import ProxyPassBaseException +from backend.db_proxy.models import ClusterExtension, DBExtension +from backend.db_proxy.nginxconf_tpl import restart_nginx_tpl +from backend.db_proxy.views.job_callback.serialiers import JobCallBackSerializer +from backend.db_proxy.views.views import BaseProxyPassViewSet +from backend.flow.consts import SUCCESS_LIST +from backend.flow.utils.script_template import fast_execute_script_common_kwargs +from backend.utils.redis import RedisConn + +logger = logging.getLogger("root") + + +class JobCallBackViewSet(BaseProxyPassViewSet): + """专门用于nginx文件下发回调的视图""" + + @common_swagger_auto_schema( + operation_summary=_("nginx文件下发job回调视图"), + request_body=JobCallBackSerializer(), + tags=[SWAGGER_TAG], + ) + @action(methods=["POST"], detail=False, serializer_class=JobCallBackSerializer, url_path="push_conf_callback") + def push_conf_callback(self, request): + logger.info(f"request data: {request.data}") + # job传递过来的参数是包裹在key中的一堆字符串,T_T... TODO: 后续他们说会改为json格式 + validated_data = json.loads(list(dict(request.data).keys())[0]) + job_inst_id = validated_data["job_instance_id"] + if validated_data["status"] not in SUCCESS_LIST: + logger.error(_("[{}]nginx配置文件下发失败").format(job_inst_id)) + return Response() + + logger.info(_("[{}]nginx配置文件下发成功").format(job_inst_id)) + + cache_ids = RedisConn.lrange(job_inst_id, 0, -1) + if not cache_ids: + logger.error(_("[{}]nginx文件下发job信息缓存已过期,请考虑是否下发时间过长").format(job_inst_id)) + return Response() + + bk_cloud_id, extension_ids = cache_ids[0], cache_ids[1:] + # 更新extension表的状态 + nginx_extensions = DBExtension.get_extension_in_cloud( + bk_cloud_id=bk_cloud_id, extension_type=ExtensionType.NGINX + ) + ClusterExtension.objects.filter(id__in=extension_ids).update(is_flush=True) + + # 重启nginx进程 + job_payload = { + "bk_biz_id": env.JOB_BLUEKING_BIZ_ID, + "task_name": "restart_nginx", + "script_content": str(base64.b64encode(restart_nginx_tpl.encode("utf-8")), "utf-8"), + "script_language": 1, + "target_server": { + "ip_list": [ + {"bk_cloud_id": nginx.details["bk_cloud_id"], "ip": nginx.details["ip"]} + for nginx in nginx_extensions + ] + }, + # 因为证书原因,让job请求http的地址 + "callback_url": f"{env.BK_SAAS_CALLBACK_URL}/apis/proxypass/restart_callback/", + } + logger.info(_("nginx重启参数:{}").format(job_payload)) + resp = JobApi.fast_execute_script( + {**fast_execute_script_common_kwargs, **job_payload}, use_admin=True, raw=True + ) + if not resp["result"]: + raise ProxyPassBaseException(_("nginx重启失败,错误信息: {}").format(resp["message"])) + + return Response() + + @common_swagger_auto_schema( + operation_summary=_("nginx重启job回调视图"), + request_body=JobCallBackSerializer(), + tags=[SWAGGER_TAG], + ) + @action(methods=["POST"], detail=False, serializer_class=JobCallBackSerializer, url_path="restart_callback") + def restart_callback(self, request): + validated_data = json.loads(list(dict(request.data).keys())[0]) + job_inst_id = validated_data["job_instance_id"] + if validated_data["status"] not in SUCCESS_LIST: + logger.error(_("[{}]nginx重启失败,请前往作业平台查看详情").format(job_inst_id)) + else: + logger.info(_("[{}]nginx重启成功").format(job_inst_id)) + + return Response() diff --git a/dbm-ui/backend/db_proxy/views/jobapi/serializers.py b/dbm-ui/backend/db_proxy/views/jobapi/serializers.py index 455baec237..3583b4d624 100644 --- a/dbm-ui/backend/db_proxy/views/jobapi/serializers.py +++ b/dbm-ui/backend/db_proxy/views/jobapi/serializers.py @@ -12,7 +12,7 @@ from rest_framework import serializers from backend.db_proxy.views import mock_data -from backend.db_proxy.views.serialiers import BaseProxyPassSerialier +from backend.db_proxy.views.serialiers import BaseProxyPassSerializer class ServerItemSerializer(serializers.Serializer): @@ -20,7 +20,7 @@ class ServerItemSerializer(serializers.Serializer): ip = serializers.IPAddressField(help_text=_("主机ip"), required=True) -class FastExecuteScriptSerializer(BaseProxyPassSerialier): +class FastExecuteScriptSerializer(BaseProxyPassSerializer): bk_cloud_id = serializers.IntegerField() ip_list = serializers.ListField(help_text=_("执行脚本的主机ip列表"), child=ServerItemSerializer(), required=True) script_content = serializers.CharField(help_text=_("脚本内容"), required=True) @@ -34,7 +34,7 @@ class Meta: swagger_schema_fields = {"example": mock_data.JOB_API_FAST_EXECUTE_SCRIPT_DATA_RESPONSE} -class JobInstanceStatusSerializer(BaseProxyPassSerialier): +class JobInstanceStatusSerializer(BaseProxyPassSerializer): job_instance_id = serializers.IntegerField(help_text=_("任务实例ID"), required=True) @@ -43,7 +43,7 @@ class Meta: swagger_schema_fields = {"example": mock_data.JOB_API_GET_JOB_INSTANCE_STATUS_DATA_RESPONSE} -class GetJobInstanceIpLogSerializer(BaseProxyPassSerialier): +class GetJobInstanceIpLogSerializer(BaseProxyPassSerializer): bk_cloud_id = serializers.IntegerField() job_instance_id = serializers.IntegerField(help_text=_("任务实例ID"), required=True) step_instance_id = serializers.IntegerField(help_text=_("步骤实例ID"), required=True) @@ -55,7 +55,7 @@ class Meta: swagger_schema_fields = {"example": mock_data.JOB_API_GET_JOB_INSTANCE_IP_LOG_DATA_RESPONSE} -class TransferFileSerializer(BaseProxyPassSerialier): +class TransferFileSerializer(BaseProxyPassSerializer): class SourceFileItemSerializer(serializers.Serializer): bk_cloud_id = serializers.IntegerField(help_text=_("云区域ID"), required=True) ip = serializers.IPAddressField(help_text=_("源主机ip"), required=True) diff --git a/dbm-ui/backend/db_proxy/views/nameservice/serializers.py b/dbm-ui/backend/db_proxy/views/nameservice/serializers.py index 684e48feaf..7e5c273c22 100644 --- a/dbm-ui/backend/db_proxy/views/nameservice/serializers.py +++ b/dbm-ui/backend/db_proxy/views/nameservice/serializers.py @@ -11,27 +11,27 @@ from django.utils.translation import gettext_lazy as _ from rest_framework import serializers -from backend.db_proxy.views.serialiers import BaseProxyPassSerialier +from backend.db_proxy.views.serialiers import BaseProxyPassSerializer -class CLBDeregisterPartTargetSerializer(BaseProxyPassSerialier): +class CLBDeregisterPartTargetSerializer(BaseProxyPassSerializer): region = serializers.CharField(help_text=_("中文区域名称")) loadbalancerid = serializers.CharField(help_text=_("clb的id")) listenerid = serializers.CharField(help_text=_("clb监听器的id")) ips = serializers.ListField(help_text=_("需要解绑的后端主机端口数组"), child=serializers.CharField()) -class CLBGetTargetPrivateIps(BaseProxyPassSerialier): +class CLBGetTargetPrivateIps(BaseProxyPassSerializer): region = serializers.CharField(help_text=_("中文区域名称")) loadbalancerid = serializers.CharField(help_text=_("clb的id")) listenerid = serializers.CharField(help_text=_("clb监听器的id")) -class PolarisDescribeTargetsSerializer(BaseProxyPassSerialier): +class PolarisDescribeTargetsSerializer(BaseProxyPassSerializer): servicename = serializers.CharField(help_text=_("北极星服务名称")) -class PolarisUnbindPartTargetsSerializer(BaseProxyPassSerialier): +class PolarisUnbindPartTargetsSerializer(BaseProxyPassSerializer): servicename = serializers.CharField(help_text=_("北极星服务名称")) servicetoken = serializers.CharField(help_text=_("北极星服务token")) ips = serializers.ListField(help_text=_("需要解绑的后端主机端口数组, 格式为“ip:port"), child=serializers.CharField()) diff --git a/dbm-ui/backend/db_proxy/views/redis_dts/serializers.py b/dbm-ui/backend/db_proxy/views/redis_dts/serializers.py index 164c9267eb..a5e24c1703 100644 --- a/dbm-ui/backend/db_proxy/views/redis_dts/serializers.py +++ b/dbm-ui/backend/db_proxy/views/redis_dts/serializers.py @@ -11,32 +11,32 @@ from django.utils.translation import gettext_lazy as _ from rest_framework import serializers -from backend.db_proxy.views.serialiers import BaseProxyPassSerialier +from backend.db_proxy.views.serialiers import BaseProxyPassSerializer -class IsDtsserverInBlacklistSerializer(BaseProxyPassSerialier): +class IsDtsserverInBlacklistSerializer(BaseProxyPassSerializer): ip = serializers.IPAddressField(help_text=_("DTS_server IP"), required=True) -class DtsJobSerializer(BaseProxyPassSerialier): +class DtsJobSerializer(BaseProxyPassSerializer): bill_id = serializers.IntegerField(help_text=_("任务ID"), required=True) src_cluster = serializers.CharField(help_text=_("源集群"), required=True) dst_cluster = serializers.CharField(help_text=_("目标集群"), required=True) -class DtsJobTasksSerializer(BaseProxyPassSerialier): +class DtsJobTasksSerializer(BaseProxyPassSerializer): bill_id = serializers.IntegerField(help_text=_("任务ID"), required=True) src_cluster = serializers.CharField(help_text=_("源集群"), required=True) dst_cluster = serializers.CharField(help_text=_("目标集群"), required=True) -class DtsDistributeLockSerializer(BaseProxyPassSerialier): +class DtsDistributeLockSerializer(BaseProxyPassSerializer): lockkey = serializers.CharField(help_text=_("锁key名"), required=True) holder = serializers.CharField(help_text=_("锁持有者"), required=True) ttl_sec = serializers.IntegerField(help_text=_("锁ttl时间(seconds)"), required=False) -class DtsServerMigatingTasksSerializer(BaseProxyPassSerialier): +class DtsServerMigatingTasksSerializer(BaseProxyPassSerializer): bk_cloud_id = serializers.IntegerField(help_text=_("云区域ID"), required=True) dts_server = serializers.IPAddressField(help_text=_("DTS_server IP"), required=True) db_type = serializers.CharField(help_text=_("db类型"), required=True) @@ -45,7 +45,7 @@ class DtsServerMigatingTasksSerializer(BaseProxyPassSerialier): ) -class DtsServerMaxSyncPortSerializer(BaseProxyPassSerialier): +class DtsServerMaxSyncPortSerializer(BaseProxyPassSerializer): bk_cloud_id = serializers.IntegerField(help_text=_("云区域ID"), required=True) dts_server = serializers.IPAddressField(help_text=_("DTS_server IP"), required=True) db_type = serializers.CharField(help_text=_("db类型"), required=True) @@ -54,7 +54,7 @@ class DtsServerMaxSyncPortSerializer(BaseProxyPassSerialier): ) -class DtsLast30DaysToExecTasksSerializer(BaseProxyPassSerialier): +class DtsLast30DaysToExecTasksSerializer(BaseProxyPassSerializer): bk_cloud_id = serializers.IntegerField(help_text=_("云区域ID"), required=True) dts_server = serializers.IPAddressField(help_text=_("DTS_server IP"), required=True) db_type = serializers.CharField(help_text=_("db类型"), required=True) @@ -63,20 +63,20 @@ class DtsLast30DaysToExecTasksSerializer(BaseProxyPassSerialier): status = serializers.IntegerField(help_text=_("任务状态"), required=False) -class DtsLast30DaysToScheduleJobsSerializer(BaseProxyPassSerialier): +class DtsLast30DaysToScheduleJobsSerializer(BaseProxyPassSerializer): bk_cloud_id = serializers.IntegerField(help_text=_("云区域ID"), required=True) max_data_size = serializers.IntegerField(help_text=_("最大数据量"), required=True) zone_name = serializers.CharField(help_text=_("城市名"), required=True) db_type = serializers.CharField(help_text=_("db类型"), required=True) -class DtsJobToScheduleTasksSerializer(BaseProxyPassSerialier): +class DtsJobToScheduleTasksSerializer(BaseProxyPassSerializer): bill_id = serializers.IntegerField(help_text=_("任务ID"), required=True) src_cluster = serializers.CharField(help_text=_("源集群"), required=True) dst_cluster = serializers.CharField(help_text=_("目标集群"), required=True) -class DtsJobSrcIPRunningTasksSerializer(BaseProxyPassSerialier): +class DtsJobSrcIPRunningTasksSerializer(BaseProxyPassSerializer): bill_id = serializers.IntegerField(help_text=_("任务ID"), required=True) src_cluster = serializers.CharField(help_text=_("源集群"), required=True) dst_cluster = serializers.CharField(help_text=_("目标集群"), required=True) @@ -86,11 +86,11 @@ class DtsJobSrcIPRunningTasksSerializer(BaseProxyPassSerialier): ) -class DtsTaskByTaskIDSerializer(BaseProxyPassSerialier): +class DtsTaskByTaskIDSerializer(BaseProxyPassSerializer): task_id = serializers.IntegerField(help_text=_("子任务ID"), required=True) -class DtsTasksUpdateSerializer(BaseProxyPassSerialier): +class DtsTasksUpdateSerializer(BaseProxyPassSerializer): task_ids = serializers.ListField( help_text=_("子任务ID列表"), child=serializers.IntegerField(), allow_empty=False, required=True ) @@ -104,7 +104,7 @@ class DtsDataCopyBaseItemSerializer(serializers.Serializer): dst_cluster_password = serializers.CharField(help_text=_("目标集群密码"), allow_blank=True) -class DtsTestRedisConnectionSerializer(BaseProxyPassSerialier): +class DtsTestRedisConnectionSerializer(BaseProxyPassSerializer): data_copy_type = serializers.CharField(help_text=_("数据复制类型"), required=True) infos = serializers.ListField( help_text=_("复制列表"), child=DtsDataCopyBaseItemSerializer(), allow_empty=False, required=True diff --git a/dbm-ui/backend/db_proxy/views/serialiers.py b/dbm-ui/backend/db_proxy/views/serialiers.py index 064e691cb6..303d4068ba 100644 --- a/dbm-ui/backend/db_proxy/views/serialiers.py +++ b/dbm-ui/backend/db_proxy/views/serialiers.py @@ -10,71 +10,16 @@ """ import logging -from bkoauth.jwt_client import JWTClient from django.utils.translation import ugettext as _ from rest_framework import serializers -from backend.core.encrypt.constants import AsymmetricCipherConfigType -from backend.core.encrypt.exceptions import RSADecryptException -from backend.core.encrypt.handlers import AsymmetricHandler -from backend.db_proxy.constants import DB_CLOUD_TOKEN_EXPIRE_TIME -from backend.utils.redis import RedisConn - logger = logging.getLogger("root") -class BaseProxyPassSerialier(serializers.Serializer): +class BaseProxyPassSerializer(serializers.Serializer): """ 所有透传接口的基类,每个透传接口必须包含加密的token,用于校验身份和获取参数信息 """ db_cloud_token = serializers.CharField(help_text=_("调用的校验token"), required=False) bk_cloud_id = serializers.IntegerField(help_text=_("请求服务所属的云区域ID"), required=False) - - @classmethod - def verify_token(cls, db_cloud_token, bk_cloud_id): - try: - token = AsymmetricHandler.decrypt(name=AsymmetricCipherConfigType.PROXYPASS.value, content=db_cloud_token) - except RSADecryptException: - raise serializers.ValidationError(_("token:{}解密失败,请检查token是否合法").format(db_cloud_token)) - except KeyError: - raise serializers.ValidationError(_("token:{}不存在,请传入校验token").format(db_cloud_token)) - - token_cloud_id = int(token.split("_")[0]) - if token_cloud_id != int(bk_cloud_id): - raise serializers.ValidationError( - _("解析的云区域ID{}与请求参数的云区域ID{}不相同,请检查token是否合法").format(token_cloud_id, bk_cloud_id) - ) - - def validate(self, attrs): - request = self.context["request"] - - # 如果带有jwt认证,则认为是apigw调用的,不进行token检验 - if JWTClient(request).is_valid: - return attrs - - # 如果是直连区域的内部调用,不进行token校验 - if getattr(request, "internal_call", None): - return attrs - - db_cloud_token, bk_cloud_id = attrs["db_cloud_token"], attrs["bk_cloud_id"] - cache_key = f"cache_db_cloud_token_{bk_cloud_id}" - # 判断是否在缓存集合中,不在cache中则走解密流程并cache。 - # 由于Redis的list不能直接判断元素是否存在,所以选择set存取 - if not RedisConn.sismember(cache_key, db_cloud_token): - self.verify_token(db_cloud_token, bk_cloud_id) - # 如果这个cache_key刚创建,则需要设置过期时间 - if not RedisConn.exists(cache_key): - RedisConn.sadd(cache_key, db_cloud_token) - RedisConn.expire(cache_key, DB_CLOUD_TOKEN_EXPIRE_TIME) - else: - RedisConn.sadd(cache_key, db_cloud_token) - - attrs.pop("db_cloud_token") - return attrs - - -class JobCallBackSerializer(serializers.Serializer): - job_instance_id = serializers.IntegerField(help_text=_("作业实例ID")) - status = serializers.IntegerField(help_text=_("作业状态码")) - step_instance_list = serializers.ListField(help_text=_("步骤块中包含的各个步骤执行状态"), child=serializers.DictField()) diff --git a/dbm-ui/backend/db_proxy/views/views.py b/dbm-ui/backend/db_proxy/views/views.py index 4e1fc40ee1..b33e105caf 100644 --- a/dbm-ui/backend/db_proxy/views/views.py +++ b/dbm-ui/backend/db_proxy/views/views.py @@ -9,27 +9,10 @@ specific language governing permissions and limitations under the License. """ -import base64 -import json import logging -from django.utils.translation import ugettext as _ -from rest_framework.decorators import action -from rest_framework.permissions import AllowAny -from rest_framework.response import Response - -from backend import env from backend.bk_web import viewsets -from backend.bk_web.swagger import common_swagger_auto_schema -from backend.components import JobApi -from backend.db_proxy.constants import SWAGGER_TAG, ExtensionType -from backend.db_proxy.exceptions import ProxyPassBaseException -from backend.db_proxy.models import ClusterExtension, DBExtension -from backend.db_proxy.nginxconf_tpl import restart_nginx_tpl -from backend.db_proxy.views.serialiers import JobCallBackSerializer -from backend.flow.consts import SUCCESS_LIST -from backend.flow.utils.script_template import fast_execute_script_common_kwargs -from backend.utils.redis import RedisConn +from backend.iam_app.handlers.drf_perm import ProxyPassPermission logger = logging.getLogger("root") @@ -40,82 +23,4 @@ class BaseProxyPassViewSet(viewsets.SystemViewSet): global_login_exempt = True def get_permissions(self): - return [AllowAny()] - - -class JobCallBackViewSet(viewsets.SystemViewSet): - """专门用于nginx文件下发回调的视图""" - - global_login_exempt = True - - def get_permissions(self): - return [AllowAny()] - - @common_swagger_auto_schema( - operation_summary=_("nginx文件下发job回调视图"), - request_body=JobCallBackSerializer(), - tags=[SWAGGER_TAG], - ) - @action(methods=["POST"], detail=False, serializer_class=JobCallBackSerializer, url_path="push_conf_callback") - def push_conf_callback(self, request): - logger.info(f"request data: {request.data}") - # job传递过来的参数是包裹在key中的一堆字符串,T_T... TODO: 后续他们说会改为json格式 - validated_data = json.loads(list(dict(request.data).keys())[0]) - job_inst_id = validated_data["job_instance_id"] - if validated_data["status"] not in SUCCESS_LIST: - logger.error(_("[{}]nginx配置文件下发失败").format(job_inst_id)) - return Response() - - logger.info(_("[{}]nginx配置文件下发成功").format(job_inst_id)) - - cache_ids = RedisConn.lrange(job_inst_id, 0, -1) - if not cache_ids: - logger.error(_("[{}]nginx文件下发job信息缓存已过期,请考虑是否下发时间过长").format(job_inst_id)) - return Response() - - bk_cloud_id, extension_ids = cache_ids[0], cache_ids[1:] - # 更新extension表的状态 - nginx_extensions = DBExtension.get_extension_in_cloud( - bk_cloud_id=bk_cloud_id, extension_type=ExtensionType.NGINX - ) - ClusterExtension.objects.filter(id__in=extension_ids).update(is_flush=True) - - # 重启nginx进程 - job_payload = { - "bk_biz_id": env.JOB_BLUEKING_BIZ_ID, - "task_name": "restart_nginx", - "script_content": str(base64.b64encode(restart_nginx_tpl.encode("utf-8")), "utf-8"), - "script_language": 1, - "target_server": { - "ip_list": [ - {"bk_cloud_id": nginx.details["bk_cloud_id"], "ip": nginx.details["ip"]} - for nginx in nginx_extensions - ] - }, - # 因为证书原因,让job请求http的地址 - "callback_url": f"{env.BK_SAAS_CALLBACK_URL}/apis/proxypass/restart_callback/", - } - logger.info(_("nginx重启参数:{}").format(job_payload)) - resp = JobApi.fast_execute_script( - {**fast_execute_script_common_kwargs, **job_payload}, use_admin=True, raw=True - ) - if not resp["result"]: - raise ProxyPassBaseException(_("nginx重启失败,错误信息: {}").format(resp["message"])) - - return Response() - - @common_swagger_auto_schema( - operation_summary=_("nginx重启job回调视图"), - request_body=JobCallBackSerializer(), - tags=[SWAGGER_TAG], - ) - @action(methods=["POST"], detail=False, serializer_class=JobCallBackSerializer, url_path="restart_callback") - def restart_callback(self, request): - validated_data = json.loads(list(dict(request.data).keys())[0]) - job_inst_id = validated_data["job_instance_id"] - if validated_data["status"] not in SUCCESS_LIST: - logger.error(_("[{}]nginx重启失败,请前往作业平台查看详情").format(job_inst_id)) - else: - logger.info(_("[{}]nginx重启成功").format(job_inst_id)) - - return Response() + return [ProxyPassPermission()] diff --git a/dbm-ui/backend/iam_app/handlers/drf_perm.py b/dbm-ui/backend/iam_app/handlers/drf_perm.py index e278393457..6fcd42db39 100644 --- a/dbm-ui/backend/iam_app/handlers/drf_perm.py +++ b/dbm-ui/backend/iam_app/handlers/drf_perm.py @@ -8,7 +8,7 @@ an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. """ - +import binascii import logging from typing import List @@ -16,15 +16,22 @@ from bk_audit.contrib.bk_audit.client import bk_audit_client from bk_audit.log.exporters import BaseExporter from bk_audit.log.models import AuditContext, AuditInstance +from django.utils.translation import ugettext as _ from iam import Resource from rest_framework import permissions +from rest_framework.exceptions import PermissionDenied from backend import env +from backend.core.encrypt.constants import AsymmetricCipherConfigType +from backend.core.encrypt.exceptions import RSADecryptException +from backend.core.encrypt.handlers import AsymmetricHandler +from backend.db_proxy.constants import DB_CLOUD_TOKEN_EXPIRE_TIME from backend.flow.models import FlowTree from backend.iam_app.dataclass.actions import ActionEnum, ActionMeta from backend.iam_app.dataclass.resources import BusinessResourceMeta from backend.iam_app.handlers.permission import Permission from backend.ticket.models import Ticket +from backend.utils.redis import RedisConn logger = logging.getLogger("root") @@ -216,3 +223,44 @@ def has_authenticated_permission(self, request, view): def has_permission(self, request, view): return permissions.IsAuthenticated().has_permission(request, view) + + +class ProxyPassPermission(permissions.BasePermission): + """ + 透传接口权限 + """ + + @classmethod + def verify_token(cls, db_cloud_token, bk_cloud_id): + try: + token = AsymmetricHandler.decrypt(name=AsymmetricCipherConfigType.PROXYPASS.value, content=db_cloud_token) + except (RSADecryptException, binascii.Error, KeyError, IndexError): + raise PermissionDenied(_("db_cloud_token:{}解密失败,请检查token是否合法").format(db_cloud_token)) + + token_cloud_id = int(token.split("_")[0]) + if token_cloud_id != int(bk_cloud_id): + raise PermissionDenied( + _("解析的云区域(ID:{})与请求参数的云区域(ID:{})不相同,请检查token是否合法").format(token_cloud_id, bk_cloud_id) + ) + + def has_permission(self, request, view): + + # 如果是直连区域的内部调用,不进行token校验 + if getattr(request, "internal_call", None): + return True + + db_cloud_token = request.data.get("db_cloud_token", "") + bk_cloud_id = request.data.get("bk_cloud_id") + cache_key = f"cache_db_cloud_token_{bk_cloud_id}" + # 判断是否在缓存集合中,不在cache中则走解密流程并cache。 + # 由于Redis的list不能直接判断元素是否存在,所以选择set存取 + if not RedisConn.sismember(cache_key, db_cloud_token): + self.verify_token(db_cloud_token, bk_cloud_id) + # 如果这个cache_key刚创建,则需要设置过期时间 + if not RedisConn.exists(cache_key): + RedisConn.sadd(cache_key, db_cloud_token) + RedisConn.expire(cache_key, DB_CLOUD_TOKEN_EXPIRE_TIME) + else: + RedisConn.sadd(cache_key, db_cloud_token) + request.data.pop("db_cloud_token") + return True diff --git a/helm-charts/bk-dbm/Chart.lock b/helm-charts/bk-dbm/Chart.lock index ada4d1050d..5c309b3dad 100644 --- a/helm-charts/bk-dbm/Chart.lock +++ b/helm-charts/bk-dbm/Chart.lock @@ -10,7 +10,7 @@ dependencies: version: 16.13.2 - name: etcd repository: https://charts.bitnami.com/bitnami - version: 9.7.3 + version: 9.7.5 - name: reloader repository: https://stakater.github.io/stakater-charts version: 1.0.52 @@ -19,7 +19,7 @@ dependencies: version: 7.9.8 - name: dbm repository: file://charts/dbm - version: 0.1.30 + version: 0.1.31 - name: dbconfig repository: file://charts/dbconfig version: 0.1.10 @@ -56,5 +56,5 @@ dependencies: - name: backup-consumer repository: file://charts/backup-consumer version: 0.0.3 -digest: sha256:916a9e0df182e58dfc4fc4e9951ec9629d016e9f45389207d373ac4e214440d2 -generated: "2023-12-01T21:34:25.22532+08:00" +digest: sha256:840f130e8876f8f38017173d8fb851dd802fccf61b263fe74ab4fbd4618994c9 +generated: "2023-12-09T16:28:41.795535+08:00" diff --git a/helm-charts/bk-dbm/Chart.yaml b/helm-charts/bk-dbm/Chart.yaml index 123f54d82c..512d8fcb3f 100644 --- a/helm-charts/bk-dbm/Chart.yaml +++ b/helm-charts/bk-dbm/Chart.yaml @@ -27,7 +27,7 @@ dependencies: - condition: dbm.enabled name: dbm repository: file://charts/dbm - version: 0.1.30 + version: 0.1.31 - condition: dbconfig.enabled name: dbconfig repository: file://charts/dbconfig @@ -79,5 +79,5 @@ dependencies: description: A Helm chart for bkdbm name: bk-dbm type: application -version: 1.3.0-alpha.16 -appVersion: 1.3.0-alpha.16 +version: 1.3.0-alpha.17 +appVersion: 1.3.0-alpha.17 diff --git a/helm-charts/bk-dbm/charts/dbm/Chart.yaml b/helm-charts/bk-dbm/charts/dbm/Chart.yaml index 9884fc90a3..6ba2543496 100644 --- a/helm-charts/bk-dbm/charts/dbm/Chart.yaml +++ b/helm-charts/bk-dbm/charts/dbm/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 -appVersion: 1.3.0-alpha.79 +appVersion: 1.3.0-alpha.110 description: A Helm chart for dbm name: dbm type: application -version: 0.1.30 +version: 0.1.31 diff --git a/helm-charts/bk-dbm/charts/dbm/templates/_helpers.tpl b/helm-charts/bk-dbm/charts/dbm/templates/_helpers.tpl index 5a93f0acd9..95f57f0945 100644 --- a/helm-charts/bk-dbm/charts/dbm/templates/_helpers.tpl +++ b/helm-charts/bk-dbm/charts/dbm/templates/_helpers.tpl @@ -134,6 +134,10 @@ environment variables {{- printf "%s-%s" (include "dbm.fullname" .) "saas-api" -}} {{- end -}} +{{- define "dbm.backend-api.fullname" -}} +{{- printf "%s-%s" (include "dbm.fullname" .) "backend-api" -}} +{{- end -}} + {{- define "dbm.celery-beater.fullname" -}} {{- printf "%s-%s" (include "dbm.fullname" .) "celery-beater" -}} {{- end -}} diff --git a/helm-charts/bk-dbm/charts/dbm/templates/deployments/backend-api/backend-api.yaml b/helm-charts/bk-dbm/charts/dbm/templates/deployments/backend-api/backend-api.yaml new file mode 100644 index 0000000000..2847bfed47 --- /dev/null +++ b/helm-charts/bk-dbm/charts/dbm/templates/deployments/backend-api/backend-api.yaml @@ -0,0 +1,83 @@ +{{- if .Values.enabled -}} +{{- $fullName := ( include "dbm.backend-api.fullname" .) -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ $fullName }} + labels: + {{- include "dbm.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.saas.api.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "dbm.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: "{{ $fullName }}" + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "dbm.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: "{{ $fullName }}" + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "dbm.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.global.imageRegistry | default .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - /bin/bash + - -c + args: + - export SERVICE_ONLY=true && gunicorn wsgi -w {{ .Values.saas.api.gunicornWorker }} -b :8000 --access-logfile - --error-logfile - --access-logformat '[%(h)s] %({request_id}i)s %(u)s %(t)s "%(r)s" %(s)s %(D)s %(b)s "%(f)s" "%(a)s"' + ports: + - name: http + containerPort: 8000 + protocol: TCP + livenessProbe: + httpGet: + path: {{ .Values.livenessProbe.path | default "/ping"}} + port: http + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds | default 5}} + periodSeconds: {{ .Values.livenessProbe.periodSeconds | default 30}} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds | default 5}} + successThreshold: {{ .Values.livenessProbe.successThreshold | default 1}} + failureThreshold: {{ .Values.livenessProbe.failureThreshold | default 1}} + readinessProbe: + httpGet: + path: {{ .Values.readinessProbe.path | default "/ping"}} + port: http + initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds | default 5}} + periodSeconds: {{ .Values.readinessProbe.periodSeconds | default 30}} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds | default 5}} + successThreshold: {{ .Values.readinessProbe.successThreshold | default 1}} + failureThreshold: {{ .Values.readinessProbe.failureThreshold | default 1}} + {{- include "dbm.container_env" . | nindent 10 }} + resources: + {{- toYaml .Values.saas.api.resources | nindent 12 }} + {{- include "dbm.initContainersWaitForMigrate" . | nindent 6 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end -}} diff --git a/helm-charts/bk-dbm/charts/dbm/templates/deployments/backend-api/service.yaml b/helm-charts/bk-dbm/charts/dbm/templates/deployments/backend-api/service.yaml new file mode 100644 index 0000000000..83e0289d33 --- /dev/null +++ b/helm-charts/bk-dbm/charts/dbm/templates/deployments/backend-api/service.yaml @@ -0,0 +1,19 @@ +{{- if .Values.enabled -}} +{{- $fullName := ( include "dbm.backend-api.fullname" .) -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ $fullName }} + labels: + {{- include "dbm.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "dbm.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: "{{ $fullName }}" +{{- end -}} diff --git a/helm-charts/bk-dbm/charts/dbm/templates/deployments/celery-beater.yaml b/helm-charts/bk-dbm/charts/dbm/templates/deployments/celery/celery-beater.yaml similarity index 100% rename from helm-charts/bk-dbm/charts/dbm/templates/deployments/celery-beater.yaml rename to helm-charts/bk-dbm/charts/dbm/templates/deployments/celery/celery-beater.yaml diff --git a/helm-charts/bk-dbm/charts/dbm/templates/deployments/celery-worker.yaml b/helm-charts/bk-dbm/charts/dbm/templates/deployments/celery/celery-worker.yaml similarity index 100% rename from helm-charts/bk-dbm/charts/dbm/templates/deployments/celery-worker.yaml rename to helm-charts/bk-dbm/charts/dbm/templates/deployments/celery/celery-worker.yaml diff --git a/helm-charts/bk-dbm/charts/dbm/templates/deployments/pipeline-worker.yaml b/helm-charts/bk-dbm/charts/dbm/templates/deployments/celery/pipeline-worker.yaml similarity index 100% rename from helm-charts/bk-dbm/charts/dbm/templates/deployments/pipeline-worker.yaml rename to helm-charts/bk-dbm/charts/dbm/templates/deployments/celery/pipeline-worker.yaml diff --git a/helm-charts/bk-dbm/charts/dbm/templates/deployments/saas-api.yaml b/helm-charts/bk-dbm/charts/dbm/templates/deployments/saas-api/saas-api.yaml similarity index 100% rename from helm-charts/bk-dbm/charts/dbm/templates/deployments/saas-api.yaml rename to helm-charts/bk-dbm/charts/dbm/templates/deployments/saas-api/saas-api.yaml diff --git a/helm-charts/bk-dbm/charts/dbm/templates/service.yaml b/helm-charts/bk-dbm/charts/dbm/templates/deployments/saas-api/service.yaml similarity index 97% rename from helm-charts/bk-dbm/charts/dbm/templates/service.yaml rename to helm-charts/bk-dbm/charts/dbm/templates/deployments/saas-api/service.yaml index bbf26f4adb..adbd4500fd 100644 --- a/helm-charts/bk-dbm/charts/dbm/templates/service.yaml +++ b/helm-charts/bk-dbm/charts/dbm/templates/deployments/saas-api/service.yaml @@ -16,4 +16,4 @@ spec: selector: {{- include "dbm.selectorLabels" . | nindent 4 }} app.kubernetes.io/component: "{{ $fullName }}" -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/helm-charts/bk-dbm/charts/dbm/templates/apigw-init-job.yaml b/helm-charts/bk-dbm/charts/dbm/templates/jobs/apigw-init-job.yaml similarity index 100% rename from helm-charts/bk-dbm/charts/dbm/templates/apigw-init-job.yaml rename to helm-charts/bk-dbm/charts/dbm/templates/jobs/apigw-init-job.yaml diff --git a/helm-charts/bk-dbm/charts/dbm/templates/bkcc-init-job.yaml b/helm-charts/bk-dbm/charts/dbm/templates/jobs/bkcc-init-job.yaml similarity index 100% rename from helm-charts/bk-dbm/charts/dbm/templates/bkcc-init-job.yaml rename to helm-charts/bk-dbm/charts/dbm/templates/jobs/bkcc-init-job.yaml diff --git a/helm-charts/bk-dbm/charts/dbm/templates/bkjob-init-job.yaml b/helm-charts/bk-dbm/charts/dbm/templates/jobs/bkjob-init-job.yaml similarity index 100% rename from helm-charts/bk-dbm/charts/dbm/templates/bkjob-init-job.yaml rename to helm-charts/bk-dbm/charts/dbm/templates/jobs/bkjob-init-job.yaml diff --git a/helm-charts/bk-dbm/charts/dbm/templates/bklog-init-job.yaml b/helm-charts/bk-dbm/charts/dbm/templates/jobs/bklog-init-job.yaml similarity index 100% rename from helm-charts/bk-dbm/charts/dbm/templates/bklog-init-job.yaml rename to helm-charts/bk-dbm/charts/dbm/templates/jobs/bklog-init-job.yaml diff --git a/helm-charts/bk-dbm/charts/dbm/templates/bkmonitor-init-job.yaml b/helm-charts/bk-dbm/charts/dbm/templates/jobs/bkmonitor-init-job.yaml similarity index 100% rename from helm-charts/bk-dbm/charts/dbm/templates/bkmonitor-init-job.yaml rename to helm-charts/bk-dbm/charts/dbm/templates/jobs/bkmonitor-init-job.yaml diff --git a/helm-charts/bk-dbm/charts/dbm/templates/itsm-init-job.yaml b/helm-charts/bk-dbm/charts/dbm/templates/jobs/itsm-init-job.yaml similarity index 100% rename from helm-charts/bk-dbm/charts/dbm/templates/itsm-init-job.yaml rename to helm-charts/bk-dbm/charts/dbm/templates/jobs/itsm-init-job.yaml diff --git a/helm-charts/bk-dbm/charts/dbm/templates/medium-init-job.yaml b/helm-charts/bk-dbm/charts/dbm/templates/jobs/medium-init-job.yaml similarity index 100% rename from helm-charts/bk-dbm/charts/dbm/templates/medium-init-job.yaml rename to helm-charts/bk-dbm/charts/dbm/templates/jobs/medium-init-job.yaml diff --git a/helm-charts/bk-dbm/charts/dbm/templates/migrate-job.yaml b/helm-charts/bk-dbm/charts/dbm/templates/jobs/migrate-job.yaml similarity index 100% rename from helm-charts/bk-dbm/charts/dbm/templates/migrate-job.yaml rename to helm-charts/bk-dbm/charts/dbm/templates/jobs/migrate-job.yaml diff --git a/helm-charts/bk-dbm/charts/dbm/templates/ssl-init-job.yaml b/helm-charts/bk-dbm/charts/dbm/templates/jobs/ssl-init-job.yaml similarity index 100% rename from helm-charts/bk-dbm/charts/dbm/templates/ssl-init-job.yaml rename to helm-charts/bk-dbm/charts/dbm/templates/jobs/ssl-init-job.yaml diff --git a/helm-charts/bk-dbm/templates/backup-consumer-configmap.yaml b/helm-charts/bk-dbm/templates/configmaps/backup-consumer-configmap.yaml similarity index 100% rename from helm-charts/bk-dbm/templates/backup-consumer-configmap.yaml rename to helm-charts/bk-dbm/templates/configmaps/backup-consumer-configmap.yaml diff --git a/helm-charts/bk-dbm/templates/backup-server-configmap.yaml b/helm-charts/bk-dbm/templates/configmaps/backup-server-configmap.yaml similarity index 100% rename from helm-charts/bk-dbm/templates/backup-server-configmap.yaml rename to helm-charts/bk-dbm/templates/configmaps/backup-server-configmap.yaml diff --git a/helm-charts/bk-dbm/templates/db-celery-service-configmap.yaml b/helm-charts/bk-dbm/templates/configmaps/db-celery-service-configmap.yaml similarity index 100% rename from helm-charts/bk-dbm/templates/db-celery-service-configmap.yaml rename to helm-charts/bk-dbm/templates/configmaps/db-celery-service-configmap.yaml diff --git a/helm-charts/bk-dbm/templates/db-dns-api-configmap.yaml b/helm-charts/bk-dbm/templates/configmaps/db-dns-api-configmap.yaml similarity index 100% rename from helm-charts/bk-dbm/templates/db-dns-api-configmap.yaml rename to helm-charts/bk-dbm/templates/configmaps/db-dns-api-configmap.yaml diff --git a/helm-charts/bk-dbm/templates/db-resource-configmap.yaml b/helm-charts/bk-dbm/templates/configmaps/db-resource-configmap.yaml similarity index 100% rename from helm-charts/bk-dbm/templates/db-resource-configmap.yaml rename to helm-charts/bk-dbm/templates/configmaps/db-resource-configmap.yaml diff --git a/helm-charts/bk-dbm/templates/dbconfig-configmap.yaml b/helm-charts/bk-dbm/templates/configmaps/dbconfig-configmap.yaml similarity index 100% rename from helm-charts/bk-dbm/templates/dbconfig-configmap.yaml rename to helm-charts/bk-dbm/templates/configmaps/dbconfig-configmap.yaml diff --git a/helm-charts/bk-dbm/templates/dbm-configmap.yaml b/helm-charts/bk-dbm/templates/configmaps/dbm-configmap.yaml similarity index 100% rename from helm-charts/bk-dbm/templates/dbm-configmap.yaml rename to helm-charts/bk-dbm/templates/configmaps/dbm-configmap.yaml diff --git a/helm-charts/bk-dbm/templates/dbmedium-configmap.yaml b/helm-charts/bk-dbm/templates/configmaps/dbmedium-configmap.yaml similarity index 100% rename from helm-charts/bk-dbm/templates/dbmedium-configmap.yaml rename to helm-charts/bk-dbm/templates/configmaps/dbmedium-configmap.yaml diff --git a/helm-charts/bk-dbm/templates/dbpartition-configmap.yaml b/helm-charts/bk-dbm/templates/configmaps/dbpartition-configmap.yaml similarity index 100% rename from helm-charts/bk-dbm/templates/dbpartition-configmap.yaml rename to helm-charts/bk-dbm/templates/configmaps/dbpartition-configmap.yaml diff --git a/helm-charts/bk-dbm/templates/dbpriv-configmap.yaml b/helm-charts/bk-dbm/templates/configmaps/dbpriv-configmap.yaml similarity index 100% rename from helm-charts/bk-dbm/templates/dbpriv-configmap.yaml rename to helm-charts/bk-dbm/templates/configmaps/dbpriv-configmap.yaml diff --git a/helm-charts/bk-dbm/templates/dbsimulation-configmap.yaml b/helm-charts/bk-dbm/templates/configmaps/dbsimulation-configmap.yaml similarity index 100% rename from helm-charts/bk-dbm/templates/dbsimulation-configmap.yaml rename to helm-charts/bk-dbm/templates/configmaps/dbsimulation-configmap.yaml diff --git a/helm-charts/bk-dbm/templates/grafana-env-configmap.yaml b/helm-charts/bk-dbm/templates/configmaps/grafana-env-configmap.yaml similarity index 100% rename from helm-charts/bk-dbm/templates/grafana-env-configmap.yaml rename to helm-charts/bk-dbm/templates/configmaps/grafana-env-configmap.yaml diff --git a/helm-charts/bk-dbm/templates/grafana-ini-configmap.yaml b/helm-charts/bk-dbm/templates/configmaps/grafana-ini-configmap.yaml similarity index 100% rename from helm-charts/bk-dbm/templates/grafana-ini-configmap.yaml rename to helm-charts/bk-dbm/templates/configmaps/grafana-ini-configmap.yaml diff --git a/helm-charts/bk-dbm/templates/hadb-api-configmap.yaml b/helm-charts/bk-dbm/templates/configmaps/hadb-api-configmap.yaml similarity index 100% rename from helm-charts/bk-dbm/templates/hadb-api-configmap.yaml rename to helm-charts/bk-dbm/templates/configmaps/hadb-api-configmap.yaml diff --git a/helm-charts/bk-dbm/templates/init-sql-configmap.yaml b/helm-charts/bk-dbm/templates/configmaps/init-sql-configmap.yaml similarity index 100% rename from helm-charts/bk-dbm/templates/init-sql-configmap.yaml rename to helm-charts/bk-dbm/templates/configmaps/init-sql-configmap.yaml