diff --git a/helm-charts/core/codecc/templates/_helpers.tpl b/helm-charts/core/codecc/templates/_helpers.tpl
index e0aaac8253d..7dc5196f0ad 100644
--- a/helm-charts/core/codecc/templates/_helpers.tpl
+++ b/helm-charts/core/codecc/templates/_helpers.tpl
@@ -21,12 +21,16 @@ Create a default fully qualified mongodb subchart.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 */}}
 {{- define "codecc.mongodb.fullname" -}}
+{{- if eq .Values.mongodb.enabled true -}}
 {{- if .Values.mongodb.fullnameOverride -}}
 {{- .Values.mongodb.fullnameOverride | trunc 63 | trimSuffix "-" -}}
 {{- else -}}
 {{- $name := default "mongodb" .Values.mongodb.nameOverride -}}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
+{{- else -}}
+{{- .Values.externalMongodb.host -}}
+{{- end -}}
 {{- end -}}
 
 {{- define "codecc.redis.fullname" -}}
@@ -48,34 +52,97 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
 {{- end -}}
 {{- end -}}
 
+
+{{/*
+Return the mongodb username
+*/}}
+{{- define "codecc.mongodb.username" -}}
+{{- if eq .Values.mongodb.enabled true -}}
+{{- .Values.mongodb.auth.username -}}
+{{- else -}}
+{{- .Values.externalMongodb.username -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the mongodb password
+*/}}
+{{- define "codecc.mongodb.password" -}}
+{{- if eq .Values.mongodb.enabled true -}}
+{{- .Values.mongodb.auth.password -}}
+{{- else -}}
+{{- .Values.externalMongodb.password -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the mongodb port
+*/}}
+{{- define "codecc.mongodb.port" -}}
+{{- if eq .Values.mongodb.enabled true -}}
+27017
+{{- else -}}
+{{- .Values.externalMongodb.port -}}
+{{- end -}}
+{{- end -}}
+
 {{/*
 Return the mongodb connection uri
 */}}
 {{- define "codecc.defect.mongodbUri" -}}
 {{- if eq .Values.mongodb.enabled true -}}
-{{- printf "mongodb://%s:%s@%s:27017/db_defect" .Values.mongodb.auth.username .Values.mongodb.auth.password (include "codecc.mongodb.fullname" .) -}}
+{{- printf "mongodb://%s:%s@%s:%s/db_defect" .Values.mongodb.auth.username .Values.mongodb.auth.password (include "codecc.mongodb.fullname" .) (include "codecc.mongodb.port" .) -}}
 {{- else -}}
-{{- .Values.externalMongodb.defectUrl -}}
+{{- printf "mongodb://%s:%s@%s:%s/db_defect?%s" .Values.externalMongodb.username (.Values.externalMongodb.password | urlquery) (include "codecc.mongodb.fullname" .) (include "codecc.mongodb.port" .) .Values.externalMongodb.extraUrlParams -}}
 {{- end -}}
 {{- end -}}
 
 
 {{- define "codecc.task.mongodbUri" -}}
 {{- if eq .Values.mongodb.enabled true -}}
-{{- printf "mongodb://%s:%s@%s:27017/db_task" .Values.mongodb.auth.username .Values.mongodb.auth.password (include "codecc.mongodb.fullname" .) -}}
+{{- printf "mongodb://%s:%s@%s:%s/db_task" .Values.mongodb.auth.username .Values.mongodb.auth.password (include "codecc.mongodb.fullname" .) (include "codecc.mongodb.port" .) -}}
 {{- else -}}
-{{- .Values.externalMongodb.taskUrl -}}
+{{- printf "mongodb://%s:%s@%s:%s/db_task?%s" .Values.externalMongodb.username (.Values.externalMongodb.password | urlquery) (include "codecc.mongodb.fullname" .) (include "codecc.mongodb.port" .) .Values.externalMongodb.extraUrlParams -}}
 {{- end -}}
 {{- end -}}
 
 {{- define "codecc.quartz.mongodbUri" -}}
 {{- if eq .Values.mongodb.enabled true -}}
-{{- printf "mongodb://%s:%s@%s:27017/db_quartz" .Values.mongodb.auth.username .Values.mongodb.auth.password (include "codecc.mongodb.fullname" .) -}}
+{{- printf "mongodb://%s:%s@%s:%s/db_quartz" .Values.mongodb.auth.username .Values.mongodb.auth.password (include "codecc.mongodb.fullname" .) (include "codecc.mongodb.port" .) -}}
+{{- else -}}
+{{- printf "mongodb://%s:%s@%s:%s/db_quartz?%s" .Values.externalMongodb.username (.Values.externalMongodb.password | urlquery) (include "codecc.mongodb.fullname" .) (include "codecc.mongodb.port" .) .Values.externalMongodb.extraUrlParams -}}
+{{- end -}}
+{{- end -}}
+
+
+{{/*
+Return the mongodb auth ab
+*/}}
+{{- define "codecc.mongodb.defectAuthDB" -}}
+{{- if eq .Values.mongodb.enabled true -}}
+db_defect
 {{- else -}}
-{{- .Values.externalMongodb.quartzUrl -}}
+{{- .Values.externalRedis.authDB -}}
 {{- end -}}
 {{- end -}}
 
+{{- define "codecc.mongodb.taskAuthDB" -}}
+{{- if eq .Values.mongodb.enabled true -}}
+db_task
+{{- else -}}
+{{- .Values.externalRedis.authDB -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "codecc.mongodb.quartzAuthDB" -}}
+{{- if eq .Values.mongodb.enabled true -}}
+db_quartz
+{{- else -}}
+{{- .Values.externalRedis.authDB -}}
+{{- end -}}
+{{- end -}}
+
+
 {{- define "codecc.redis.host" -}}
 {{- if eq .Values.redis.enabled true -}}
 {{- (include "codecc.redis.fullname" .) -}}
diff --git a/helm-charts/core/codecc/templates/job/init-mongodb.yaml b/helm-charts/core/codecc/templates/job/init-mongodb.yaml
index 9dec1accba5..dbdcfdf832a 100644
--- a/helm-charts/core/codecc/templates/job/init-mongodb.yaml
+++ b/helm-charts/core/codecc/templates/job/init-mongodb.yaml
@@ -44,10 +44,18 @@ spec:
           command: ['/bin/sh','-c','/data/workspace/init-mongodb.sh']
           env:
             - name: CODECC_USERNAME
-              value: {{ .Values.mongodb.auth.username }}
+              value: {{ include "codecc.mongodb.username" . }}
             - name: CODECC_PASSWORD
-              value: {{ .Values.mongodb.auth.password }}
+              value: {{ include "codecc.mongodb.password" . }}
             - name: CODECC_HOST
               value: {{ include "codecc.mongodb.fullname" . }}
+            - name: CODECC_PORT
+              value: {{ include "codecc.mongodb.port" . | quote }}
+            - name: CODECC_AUTH_DB_DEFECT
+              value: {{ include "codecc.mongodb.defectAuthDB" . }}
+            - name: CODECC_AUTH_DB_TASK
+              value: {{ include "codecc.mongodb.taskAuthDB" . }}
+            - name: CODECC_AUTH_DB_QUARTZ
+              value: {{ include "codecc.mongodb.quartzAuthDB" . }}
       restartPolicy: OnFailure
 {{- end }}
diff --git a/helm-charts/core/codecc/values.yaml b/helm-charts/core/codecc/values.yaml
index 99130575fa1..2b3155b2cc9 100644
--- a/helm-charts/core/codecc/values.yaml
+++ b/helm-charts/core/codecc/values.yaml
@@ -88,10 +88,14 @@ mongodb:
       EOF
 ## 如果mongodb.enabled为false，bkrepo将使用下面的参数连接外部mongodb
 externalMongodb:
-  ## mongodb 标准连接字符串
-  defectUrl: mongodb://codecc:codecc@localhost:27017/db_defect
-  taskUrl: mongodb://codecc:codecc@localhost:27017/db_task
-  quartzUrl: mongodb://codecc:codecc@localhost:27017/db_task
+  ## mongodb 帐号密码与
+  host: localhost
+  username: codecc
+  password: codecc
+  port: 27017
+  extraUrlParams: ""
+  authDB: admin
+    
 
 redis:
   enabled: true
diff --git a/src/backend/codecc/build.gradle.kts b/src/backend/codecc/build.gradle.kts
index cc1407adbb6..daf115a17dd 100644
--- a/src/backend/codecc/build.gradle.kts
+++ b/src/backend/codecc/build.gradle.kts
@@ -153,6 +153,44 @@ allprojects {
                 entry("jersey-media-multipart")
             }
 
+            /**
+             * 蓝盾依赖
+             */
+            dependencySet("com.tencent.bk.devops.ci.common:${Versions.devopsVersion}") {
+                entry("common-auth-api")
+                entry("common-auth-v3")
+                entry("common-redis")
+                entry("common-pipeline")
+            }
+            dependencySet("com.tencent.bk.devops.ci.auth:${Versions.devopsVersion}") {
+                entry("api-auth")
+            }
+            dependencySet("com.tencent.bk.devops.ci.project:${Versions.devopsVersion}") {
+                entry("api-project")
+            }
+            dependencySet("com.tencent.bk.devops.ci.process:${Versions.devopsVersion}") {
+                entry("api-process")
+            }
+            dependencySet("com.tencent.bk.devops.ci.log:${Versions.devopsVersion}") {
+                entry("api-log")
+            }
+            dependencySet("com.tencent.bk.devops.ci.quality:${Versions.devopsVersion}") {
+                entry("api-quality")
+            }
+            dependencySet("com.tencent.bk.devops.ci.repository:${Versions.devopsVersion}") {
+                entry("api-repository")
+            }
+            dependencySet("com.tencent.bk.devops.ci.notify:${Versions.devopsVersion}") {
+                entry("api-notify")
+            }
+            dependencySet("com.tencent.bk.devops.ci.image:${Versions.devopsVersion}") {
+                entry("api-image")
+            }
+            dependencySet("com.tencent.bk.devops.ci.plugin:${Versions.devopsVersion}") {
+                entry("api-plugin")
+                entry("api-codecc")
+                entry("common-codecc")
+            }
         }
     }
 
diff --git a/src/backend/codecc/core/apiquery/biz-apiquery/build.gradle.kts b/src/backend/codecc/core/apiquery/biz-apiquery/build.gradle.kts
index f017829a778..a40a61eca17 100644
--- a/src/backend/codecc/core/apiquery/biz-apiquery/build.gradle.kts
+++ b/src/backend/codecc/core/apiquery/biz-apiquery/build.gradle.kts
@@ -8,7 +8,7 @@ dependencies {
     api(project(":core:apiquery:api-apiquery"))
     api(project(":core:defect:api-defect"))
     api(project(":core:task:api-task"))
-    api(project(":core:common:common-auth-api"))
+    api(project(":core:common:common-auth:common-auth-api"))
     api(project(":core:schedule:api-schedule"))
     api("io.jsonwebtoken:jjwt")
     api(group = "net.sf.json-lib", name = "json-lib", classifier = "jdk15")
diff --git a/src/backend/codecc/core/apiquery/biz-apiquery/src/main/java/com/tencent/bk/codecc/apiquery/resources/OpDefectRestResourceImpl.java b/src/backend/codecc/core/apiquery/biz-apiquery/src/main/java/com/tencent/bk/codecc/apiquery/resources/OpDefectRestResourceImpl.java
index 831515f0f28..3f6cabd5f23 100644
--- a/src/backend/codecc/core/apiquery/biz-apiquery/src/main/java/com/tencent/bk/codecc/apiquery/resources/OpDefectRestResourceImpl.java
+++ b/src/backend/codecc/core/apiquery/biz-apiquery/src/main/java/com/tencent/bk/codecc/apiquery/resources/OpDefectRestResourceImpl.java
@@ -27,7 +27,6 @@
 import com.tencent.devops.common.api.exception.CodeCCException;
 import com.tencent.devops.common.api.pojo.Page;
 import com.tencent.devops.common.api.pojo.Result;
-import com.tencent.devops.common.auth.api.external.AuthExPermissionApi;
 import com.tencent.devops.common.auth.api.util.AuthApiUtils;
 import com.tencent.devops.common.constant.ComConstants;
 import com.tencent.devops.common.constant.CommonMessageCode;
diff --git a/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/DefectDBMongoConfig.kt b/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/DefectDBMongoConfig.kt
index 3715dbe296e..62fbac9f958 100644
--- a/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/DefectDBMongoConfig.kt
+++ b/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/DefectDBMongoConfig.kt
@@ -1,6 +1,12 @@
 package com.tencent.bk.codecc.apiquery
 
+import com.fasterxml.jackson.core.JsonProcessingException
+import com.mongodb.DBObjectCodecProvider
+import com.mongodb.DBRefCodecProvider
+import com.mongodb.client.gridfs.codecs.GridFSFileCodecProvider
+import com.mongodb.client.model.geojson.codecs.GeoJsonCodecProvider
 import com.tencent.bk.codecc.apiquery.pojo.CodeCCMongoProperties
+import org.bson.conversions.Bson
 import org.springframework.boot.context.properties.ConfigurationProperties
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
@@ -10,6 +16,12 @@ import org.springframework.data.mongodb.core.convert.DefaultDbRefResolver
 import org.springframework.data.mongodb.core.convert.MappingMongoConverter
 import org.springframework.data.mongodb.core.mapping.MongoMappingContext
 import org.springframework.data.mongodb.repository.config.EnableMongoRepositories
+import java.io.IOException
+import com.tencent.devops.common.api.codecc.util.JsonUtil
+import org.bson.Document
+import org.bson.codecs.*
+import org.bson.codecs.configuration.CodecRegistries
+import org.bson.codecs.configuration.CodecRegistry
 
 @Configuration
 @EnableMongoRepositories(
@@ -20,6 +32,20 @@ class DefectDBMongoConfig {
 
     companion object {
         const val MONGO_TEMPLATE = "defectMongoTemplate"
+        private val DEFAULT_REGISTRY: CodecRegistry = CodecRegistries.fromProviders(
+            listOf(
+                ValueCodecProvider(),
+                BsonValueCodecProvider(),
+                DocumentCodecProvider(),
+                DBRefCodecProvider(),
+                DBObjectCodecProvider(),
+                BsonValueCodecProvider(),
+                GeoJsonCodecProvider(),
+                GridFSFileCodecProvider()
+            )
+        )
+        private val DEFAULT_BSON_TYPE_CLASS_MAP = BsonTypeClassMap()
+        val documentCodec = DocumentCodec(DEFAULT_REGISTRY,DEFAULT_BSON_TYPE_CLASS_MAP)
     }
 
     @ConfigurationProperties(prefix = "spring.data.mongodb.defectdb")
@@ -39,11 +65,29 @@ class DefectDBMongoConfig {
         mongoMappingContext: MongoMappingContext
     ): MappingMongoConverter {
         val dbRefResolver = DefaultDbRefResolver(defectMongoDbFactory)
-        return MappingMongoConverter(dbRefResolver, mongoMappingContext)
+        return object : MappingMongoConverter(dbRefResolver, mongoMappingContext) {
+            override fun <S : Any?> read(clazz: Class<S>, bson: Bson): S {
+                val string = (bson as Document).toJson(documentCodec)
+                try {
+                    return JsonUtil.getObjectMapper().readValue(string, clazz)
+                } catch (e: IOException) {
+                    throw RuntimeException(string, e)
+                }
+            }
+
+            override fun write(obj: Any, bson: Bson) {
+                var string: String? = null
+                try {
+                    string = JsonUtil.getObjectMapper().writeValueAsString(obj)
+                } catch (e: JsonProcessingException) {
+                    throw RuntimeException(string, e)
+                }
+                (bson as Document).putAll(Document.parse(string, documentCodec))
+            }
+        }
     }
 
     @Bean(MONGO_TEMPLATE)
-    fun mongoTemplate(defectMongoDbFactory: SimpleMongoClientDatabaseFactory,
-                      defectMappingMongoConverter: MappingMongoConverter) =
+    fun mongoTemplate(defectMongoDbFactory: SimpleMongoClientDatabaseFactory, defectMappingMongoConverter: MappingMongoConverter) =
         MongoTemplate(defectMongoDbFactory, defectMappingMongoConverter)
 }
\ No newline at end of file
diff --git a/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/TaskDBMongoConfig.kt b/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/TaskDBMongoConfig.kt
index 8c80fd616f1..102f811fc4e 100644
--- a/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/TaskDBMongoConfig.kt
+++ b/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/TaskDBMongoConfig.kt
@@ -1,6 +1,17 @@
 package com.tencent.bk.codecc.apiquery
 
+import com.fasterxml.jackson.core.JsonProcessingException
+import com.mongodb.DBObjectCodecProvider
+import com.mongodb.DBRefCodecProvider
+import com.mongodb.client.gridfs.codecs.GridFSFileCodecProvider
+import com.mongodb.client.model.geojson.codecs.GeoJsonCodecProvider
 import com.tencent.bk.codecc.apiquery.pojo.CodeCCMongoProperties
+import com.tencent.devops.common.api.codecc.util.JsonUtil
+import org.bson.Document
+import org.bson.codecs.*
+import org.bson.codecs.configuration.CodecRegistries
+import org.bson.codecs.configuration.CodecRegistry
+import org.bson.conversions.Bson
 import org.springframework.boot.context.properties.ConfigurationProperties
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
@@ -10,6 +21,8 @@ import org.springframework.data.mongodb.core.convert.DefaultDbRefResolver
 import org.springframework.data.mongodb.core.convert.MappingMongoConverter
 import org.springframework.data.mongodb.core.mapping.MongoMappingContext
 import org.springframework.data.mongodb.repository.config.EnableMongoRepositories
+import java.io.IOException
+
 
 @Configuration
 @EnableMongoRepositories(
@@ -20,8 +33,23 @@ class TaskDBMongoConfig {
 
     companion object {
         const val MONGO_TEMPLATE = "taskMongoTemplate"
+        private val DEFAULT_REGISTRY: CodecRegistry = CodecRegistries.fromProviders(
+            listOf(
+                ValueCodecProvider(),
+                BsonValueCodecProvider(),
+                DocumentCodecProvider(),
+                DBRefCodecProvider(),
+                DBObjectCodecProvider(),
+                BsonValueCodecProvider(),
+                GeoJsonCodecProvider(),
+                GridFSFileCodecProvider()
+            )
+        )
+        private val DEFAULT_BSON_TYPE_CLASS_MAP = BsonTypeClassMap()
+        val documentCodec = DocumentCodec(DEFAULT_REGISTRY,DEFAULT_BSON_TYPE_CLASS_MAP)
     }
 
+
     @Bean
     @ConfigurationProperties(prefix = "spring.data.mongodb.taskdb")
     fun taskMongoProperties() = CodeCCMongoProperties()
@@ -36,11 +64,29 @@ class TaskDBMongoConfig {
         mongoMappingContext: MongoMappingContext
     ): MappingMongoConverter {
         val dbRefResolver = DefaultDbRefResolver(taskMongoDbFactory)
-        return MappingMongoConverter(dbRefResolver, mongoMappingContext)
+        return object : MappingMongoConverter(dbRefResolver, mongoMappingContext) {
+            override fun <S : Any?> read(clazz: Class<S>, bson: Bson): S {
+                val string = (bson as Document).toJson(documentCodec)
+                try {
+                    return JsonUtil.getObjectMapper().readValue(string, clazz)
+                } catch (e: IOException) {
+                    throw RuntimeException(string, e)
+                }
+            }
+
+            override fun write(obj: Any, bson: Bson) {
+                var string: String? = null
+                try {
+                    string = JsonUtil.getObjectMapper().writeValueAsString(obj)
+                } catch (e: JsonProcessingException) {
+                    throw RuntimeException(string, e)
+                }
+                (bson as Document).putAll(Document.parse(string, documentCodec))
+            }
+        }
     }
 
     @Bean(MONGO_TEMPLATE)
-    fun mongoTemplate(taskMongoDbFactory: SimpleMongoClientDatabaseFactory,
-                      taskMappingMongoConverter: MappingMongoConverter) =
+    fun mongoTemplate(taskMongoDbFactory: SimpleMongoClientDatabaseFactory, taskMappingMongoConverter: MappingMongoConverter) =
         MongoTemplate(taskMongoDbFactory, taskMappingMongoConverter)
 }
\ No newline at end of file
diff --git a/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/aspect/ApiAspect.kt b/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/aspect/ApiAspect.kt
index 3403e404a2f..359866321dc 100644
--- a/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/aspect/ApiAspect.kt
+++ b/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/aspect/ApiAspect.kt
@@ -1,5 +1,6 @@
 package com.tencent.bk.codecc.apiquery.aspect
 
+import com.tencent.bk.codecc.apiquery.config.ApiGatewayAuthProperties
 import com.tencent.bk.codecc.apiquery.exception.PermissionForbiddenException
 import com.tencent.bk.codecc.apiquery.service.AppCodeService
 import com.tencent.bk.codecc.apiquery.task.TaskQueryReq
@@ -9,6 +10,7 @@ import org.aspectj.lang.annotation.Before
 import org.aspectj.lang.reflect.MethodSignature
 import org.slf4j.LoggerFactory
 import org.springframework.stereotype.Component
+import org.springframework.util.StringUtils
 
 @Aspect
 @Component
@@ -30,6 +32,11 @@ class ApiAspect(
     ) // 所有controller包下面的所有方法的所有参数
     fun beforeMethod(jp: JoinPoint) {
 
+        val enabled = ApiGatewayAuthProperties.properties?.enabled ?: ""
+        if(!StringUtils.hasLength(enabled) || enabled == "false"){
+            return
+        }
+
         val methodName: String = jp.signature.name
         logger.info("【前置增强】the method 【$methodName】")
         // 参数value
diff --git a/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/config/ApiGatewayAuthProperties.kt b/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/config/ApiGatewayAuthProperties.kt
new file mode 100644
index 00000000000..ac2fb978d90
--- /dev/null
+++ b/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/config/ApiGatewayAuthProperties.kt
@@ -0,0 +1,23 @@
+package com.tencent.bk.codecc.apiquery.config
+
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.boot.context.properties.ConfigurationProperties
+import org.springframework.stereotype.Component
+import javax.annotation.PostConstruct
+
+@Component
+class ApiGatewayAuthProperties {
+
+    @Value("\${api.gateway.auth.enabled:false}")
+    val enabled: String? = null
+
+    companion object{
+        var properties: ApiGatewayAuthProperties? = null
+    }
+
+    @PostConstruct
+    private fun init(){
+        ApiGatewayAuthProperties.properties = this;
+    }
+
+}
\ No newline at end of file
diff --git a/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/filter/ApiFilter.kt b/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/filter/ApiFilter.kt
index a5fbb92dbdd..3f00a7f7f2f 100644
--- a/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/filter/ApiFilter.kt
+++ b/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/filter/ApiFilter.kt
@@ -1,5 +1,6 @@
 package com.tencent.bk.codecc.apiquery.filter
 
+import com.tencent.bk.codecc.apiquery.config.ApiGatewayAuthProperties
 import com.tencent.bk.codecc.apiquery.utils.ApiGatewayPubFile
 import com.tencent.devops.common.api.auth.AUTH_HEADER_DEVOPS_APP_CODE
 import com.tencent.devops.common.api.auth.AUTH_HEADER_DEVOPS_USER_ID
@@ -18,12 +19,19 @@ import javax.ws.rs.core.Response
 import javax.ws.rs.ext.Provider
 import org.bouncycastle.jce.provider.BouncyCastleProvider
 import org.bouncycastle.util.io.pem.PemReader
+import org.springframework.util.StringUtils
 
 @Provider
 @PreMatching
 @RequestFilter
 class ApiFilter : ContainerRequestFilter {
     fun verifyJWT(requestContext: ContainerRequestContext): Boolean {
+
+        val enabled = ApiGatewayAuthProperties.properties?.enabled ?: ""
+        if(!StringUtils.hasLength(enabled) || enabled == "false"){
+            return true
+        }
+
         val uriPath = requestContext.uriInfo.requestUri.path
         // op开头的接口不鉴权
         if (uriPath.startsWith("/api/op")) {
diff --git a/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/service/impl/TaskServiceImpl.kt b/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/service/impl/TaskServiceImpl.kt
index acb0b2f5c21..853a261dbfc 100644
--- a/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/service/impl/TaskServiceImpl.kt
+++ b/src/backend/codecc/core/apiquery/biz-apiquery/src/main/kotlin/com/tencent/bk/codecc/apiquery/service/impl/TaskServiceImpl.kt
@@ -128,7 +128,7 @@ class TaskServiceImpl @Autowired constructor(
         val pageable = PageUtils.convertPageSizeToPageable(pageNum, pageSize, sortField, sortType)
         // 获取任务列表
         val taskList = taskDao.findByPipelineIdList(taskQueryReq.pipelineIdList!!, pageable)
-        if (!taskList.isNullOrEmpty()) {
+        if (taskList.isNotEmpty()) {
             taskList.forEach {
                 val pipelineTaskVO = PipelineTaskVO()
                 BeanUtils.copyProperties(it, pipelineTaskVO)
diff --git a/src/backend/codecc/core/codeccjob/biz-codeccjob/build.gradle.kts b/src/backend/codecc/core/codeccjob/biz-codeccjob/build.gradle.kts
index a9155cd796e..dcac4b65fb3 100644
--- a/src/backend/codecc/core/codeccjob/biz-codeccjob/build.gradle.kts
+++ b/src/backend/codecc/core/codeccjob/biz-codeccjob/build.gradle.kts
@@ -12,13 +12,13 @@ dependencies {
     api(project(":core:codeccjob:api-codeccjob"))
     api(project(":core:defect:api-defect"))
     api(project(":core:defect:model-defect"))
-    api(project(":core:common:common-auth-api"))
+    api(project(":core:common:common-auth:common-auth-api"))
     api("org.springframework.boot:spring-boot-starter-websocket")
     api(group="javax.websocket", name="javax.websocket-api", version= "1.1")
     api("io.undertow:undertow-servlet")
     api("io.undertow:undertow-websockets-jsr")
     api("org.redisson:redisson")
-    api(group= "com.tencent.bk.devops.ci.project", name= "api-project", version= Versions.devopsVersion) {
+    api(group= "com.tencent.bk.devops.ci.project", name= "api-project") {
         isChanging = true
         exclude(group = "com.tencent.bk.devops.ci.project", module = "model-project")
         exclude(group = "com.tencent.bk.devops.ci.project", module = "common-api")
diff --git a/src/backend/codecc/core/codeccjob/biz-codeccjob/src/main/java/com/tencent/bk/codecc/codeccjob/consumer/WebsocketConsumer.java b/src/backend/codecc/core/codeccjob/biz-codeccjob/src/main/java/com/tencent/bk/codecc/codeccjob/consumer/WebsocketConsumer.java
index c59f99f5fa8..0dae9955aad 100644
--- a/src/backend/codecc/core/codeccjob/biz-codeccjob/src/main/java/com/tencent/bk/codecc/codeccjob/consumer/WebsocketConsumer.java
+++ b/src/backend/codecc/core/codeccjob/biz-codeccjob/src/main/java/com/tencent/bk/codecc/codeccjob/consumer/WebsocketConsumer.java
@@ -48,9 +48,7 @@ public class WebsocketConsumer {
     @Autowired
     private ObjectMapper objectMapper;
 
-    @RabbitListener(bindings = @QueueBinding(
-            value = @Queue,
-            exchange = @Exchange(value = EXCHANGE_TASKLOG_DEFECT_WEBSOCKET, durable = "true", delayed = "true", type = ExchangeTypes.FANOUT)))
+
     public void sendWebsocketMsg(WebsocketDTO websocketDTO) {
         TaskLogVO taskLogVO = websocketDTO.getTaskLogVO();
         TaskOverviewVO.LastAnalysis lastAnalysis = websocketDTO.getLastAnalysisResultList();
diff --git a/src/backend/codecc/core/codeccjob/biz-codeccjob/src/main/kotlin/com/tencent/bk/codecc/codeccjob/config/WebSocketMQConfig.kt b/src/backend/codecc/core/codeccjob/biz-codeccjob/src/main/kotlin/com/tencent/bk/codecc/codeccjob/config/WebSocketMQConfig.kt
new file mode 100644
index 00000000000..63890d1c696
--- /dev/null
+++ b/src/backend/codecc/core/codeccjob/biz-codeccjob/src/main/kotlin/com/tencent/bk/codecc/codeccjob/config/WebSocketMQConfig.kt
@@ -0,0 +1,75 @@
+package com.tencent.bk.codecc.codeccjob.config
+
+import com.tencent.bk.codecc.codeccjob.consumer.WebsocketConsumer
+import com.tencent.devops.common.util.IPUtils
+import com.tencent.devops.common.web.mq.EXCHANGE_TASKLOG_DEFECT_WEBSOCKET
+import com.tencent.devops.common.web.mq.QUEUE_TASKLOG_DEFECT_WEBSOCKET
+import org.springframework.amqp.core.Binding
+import org.springframework.amqp.core.BindingBuilder
+import org.springframework.amqp.core.FanoutExchange
+import org.springframework.amqp.core.Queue
+import org.springframework.amqp.rabbit.connection.ConnectionFactory
+import org.springframework.amqp.rabbit.core.RabbitAdmin
+import org.springframework.amqp.rabbit.listener.SimpleMessageListenerContainer
+import org.springframework.amqp.rabbit.listener.adapter.MessageListenerAdapter
+import org.springframework.amqp.support.converter.Jackson2JsonMessageConverter
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+
+@Configuration
+class WebSocketMQConfig {
+
+    @Value("\${server.port:#{null}}")
+    private val localPort: String? = null
+
+    @Bean
+    fun rabbitAdmin(@Autowired connectionFactory: ConnectionFactory): RabbitAdmin {
+        val rabbitAdmin = RabbitAdmin(connectionFactory)
+        rabbitAdmin.isAutoStartup = true
+        return rabbitAdmin
+    }
+    
+    @Bean
+    fun websocketDefectExchange() : FanoutExchange{
+        return FanoutExchange(EXCHANGE_TASKLOG_DEFECT_WEBSOCKET, true, false)
+    }
+
+    @Bean
+    fun websocketDefectQueue() : Queue {
+        return Queue("$QUEUE_TASKLOG_DEFECT_WEBSOCKET${IPUtils.getInnerIP().replace(".", "")}$localPort")
+    }
+
+    @Bean
+    fun websocketDefectBind(
+        websocketDefectExchange: FanoutExchange,
+        websocketDefectQueue: Queue
+    ) : Binding {
+        return BindingBuilder.bind(websocketDefectQueue)
+            .to(websocketDefectExchange)
+    }
+
+    @Bean
+    open fun externalJobListenerContainer(
+        @Autowired connectionFactory: ConnectionFactory,
+        @Autowired websocketDefectQueue: Queue,
+        @Autowired rabbitAdmin: RabbitAdmin,
+        @Autowired websocketConsumer: WebsocketConsumer,
+        @Autowired messageConverter: Jackson2JsonMessageConverter
+    ): SimpleMessageListenerContainer {
+        rabbitAdmin.declareQueue(websocketDefectQueue)
+        val container = SimpleMessageListenerContainer(connectionFactory)
+        container.setQueueNames(websocketDefectQueue.name)
+        container.setConcurrentConsumers(5)
+        container.setMaxConcurrentConsumers(16)
+        container.setPrefetchCount(1)
+        container.setAmqpAdmin(rabbitAdmin)
+        container.setStartConsumerMinInterval(10000)
+        container.setConsecutiveActiveTrigger(5)
+        val adapter = MessageListenerAdapter(websocketConsumer, websocketConsumer::sendWebsocketMsg.name)
+        adapter.setMessageConverter(messageConverter)
+        container.setMessageListener(adapter)
+        return container
+    }
+}
\ No newline at end of file
diff --git a/src/backend/codecc/core/codeccjob/biz-codeccjob/src/main/kotlin/com/tencent/bk/codecc/codeccjob/service/impl/JobAuthTaskServiceImpl.kt b/src/backend/codecc/core/codeccjob/biz-codeccjob/src/main/kotlin/com/tencent/bk/codecc/codeccjob/service/impl/JobAuthTaskServiceImpl.kt
index c897cd9a7a7..239aa90bfc8 100644
--- a/src/backend/codecc/core/codeccjob/biz-codeccjob/src/main/kotlin/com/tencent/bk/codecc/codeccjob/service/impl/JobAuthTaskServiceImpl.kt
+++ b/src/backend/codecc/core/codeccjob/biz-codeccjob/src/main/kotlin/com/tencent/bk/codecc/codeccjob/service/impl/JobAuthTaskServiceImpl.kt
@@ -88,6 +88,13 @@ class JobAuthTaskServiceImpl @Autowired constructor(
             ?: setOf()
     }
 
+    override fun queryPipelineListByProjectId(projectId: String): Set<String> {
+        val request = QueryTaskListReqVO()
+        request.projectId = projectId
+        return client.get(ServiceTaskRestResource::class.java)
+            .batchGetTaskList(request).data?.map { it.pipelineId }?.toSet() ?: setOf()
+    }
+
     override fun queryTaskListForUser(user: String, projectId: String, actions: Set<String>): Set<String> {
         val request = QueryTaskListReqVO()
         request.projectId = projectId
@@ -107,6 +114,11 @@ class JobAuthTaskServiceImpl @Autowired constructor(
         return client.get(ServiceTaskRestResource::class.java).queryTaskListByPipelineIds(pipelineIds).data ?: setOf()
     }
 
+    override fun queryPipelineIdsByTaskIds(taskIds: Set<Long>): Set<String> {
+        return client.get(ServiceTaskRestResource::class.java).getTaskInfosByIds(taskIds.toList()).data
+            ?.filter { it != null && !it.pipelineId.isNullOrEmpty() }?.map { it.pipelineId }?.toSet() ?: emptySet()
+    }
+
     companion object {
         private val logger = LoggerFactory.getLogger(JobAuthTaskServiceImpl::class.java)
     }
diff --git a/src/backend/codecc/core/codeccjob/boot-codeccjob/build.gradle.kts b/src/backend/codecc/core/codeccjob/boot-codeccjob/build.gradle.kts
index bedd5ca27c5..bf2012ab287 100644
--- a/src/backend/codecc/core/codeccjob/boot-codeccjob/build.gradle.kts
+++ b/src/backend/codecc/core/codeccjob/boot-codeccjob/build.gradle.kts
@@ -1,5 +1,4 @@
 dependencies {
     api(project(":core:codeccjob:biz-codeccjob"))
-    api(project(":core:common:common-auth-v3"))
-    api(project(":core:common:common-auth-mock"))
+    api(project(":core:common:common-auth"))
 }
diff --git a/src/backend/codecc/core/common/common-auth-mock/build.gradle.kts b/src/backend/codecc/core/common/common-auth-mock/build.gradle.kts
deleted file mode 100644
index b46fe5e89a0..00000000000
--- a/src/backend/codecc/core/common/common-auth-mock/build.gradle.kts
+++ /dev/null
@@ -1,4 +0,0 @@
-
-dependencies {
-    api(project(":core:common:common-auth-api"))
-}
diff --git a/src/backend/codecc/core/common/common-auth/build.gradle.kts b/src/backend/codecc/core/common/common-auth/build.gradle.kts
new file mode 100644
index 00000000000..9c6e9a644b1
--- /dev/null
+++ b/src/backend/codecc/core/common/common-auth/build.gradle.kts
@@ -0,0 +1,6 @@
+dependencies {
+    api(project(":core:common:common-auth:common-auth-api"))
+    api(project(":core:common:common-auth:common-auth-github"))
+    api(project(":core:common:common-auth:common-auth-mock"))
+    api(project(":core:common:common-auth:common-auth-v3"))
+}
\ No newline at end of file
diff --git a/src/backend/codecc/core/common/common-auth-api/build.gradle.kts b/src/backend/codecc/core/common/common-auth/common-auth-api/build.gradle.kts
similarity index 92%
rename from src/backend/codecc/core/common/common-auth-api/build.gradle.kts
rename to src/backend/codecc/core/common/common-auth/common-auth-api/build.gradle.kts
index 014a415e13b..1dcf6ec059f 100644
--- a/src/backend/codecc/core/common/common-auth-api/build.gradle.kts
+++ b/src/backend/codecc/core/common/common-auth/common-auth-api/build.gradle.kts
@@ -47,4 +47,10 @@ dependencies {
         exclude(group = "org.json", module = "json")
     }
     api("org.apache.httpcomponents:httpclient")
+    api(group = "com.tencent.bk.devops.ci.common", name = "common-auth-api"){
+        isChanging=true
+    }
+    api(group = "com.tencent.bk.devops.ci.auth", name = "api-auth"){
+        isChanging=true
+    }
 }
diff --git a/src/backend/codecc/core/common/common-auth-api/lib/iam-sdk-1.0.1.jar b/src/backend/codecc/core/common/common-auth/common-auth-api/lib/iam-sdk-1.0.1.jar
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/lib/iam-sdk-1.0.1.jar
rename to src/backend/codecc/core/common/common-auth/common-auth-api/lib/iam-sdk-1.0.1.jar
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AbstractAuthExPermissionApi.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AbstractAuthExPermissionApi.kt
similarity index 88%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AbstractAuthExPermissionApi.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AbstractAuthExPermissionApi.kt
index 122f5746458..6c79f45a0e3 100644
--- a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AbstractAuthExPermissionApi.kt
+++ b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AbstractAuthExPermissionApi.kt
@@ -26,15 +26,10 @@
 
 package com.tencent.devops.common.auth.api.external
 
-import com.tencent.devops.common.auth.api.pojo.external.KEY_ADMIN_MEMBER
 import com.tencent.devops.common.auth.api.util.AuthApiUtils
 import com.tencent.devops.common.client.Client
-import com.tencent.devops.common.constant.ComConstants
-import com.tencent.devops.common.service.utils.SpringContextUtil
-import com.tencent.devops.common.util.List2StrUtil
 import org.slf4j.LoggerFactory
 import org.springframework.beans.factory.annotation.Autowired
-import org.springframework.beans.factory.annotation.Value
 import org.springframework.data.redis.core.RedisTemplate
 
 abstract class AbstractAuthExPermissionApi @Autowired constructor(
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AuthExPermissionApi.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AuthExPermissionApi.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AuthExPermissionApi.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AuthExPermissionApi.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AuthExRegisterApi.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AuthExRegisterApi.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AuthExRegisterApi.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AuthExRegisterApi.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AuthTaskService.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AuthTaskService.kt
similarity index 88%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AuthTaskService.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AuthTaskService.kt
index ffe49b073f7..06a49dd4d6e 100644
--- a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AuthTaskService.kt
+++ b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/AuthTaskService.kt
@@ -36,9 +36,13 @@ interface AuthTaskService {
 
     fun queryPipelineListForUser(user: String, projectId: String): Set<String>
 
+    fun queryPipelineListByProjectId(projectId: String): Set<String>
+
     fun queryTaskListForUser(user: String, projectId: String, actions: Set<String>): Set<String>
 
     fun queryTaskUserListForAction(taskId: String, projectId: String, actions: Set<String>): List<String>
 
     fun queryTaskListByPipelineIds(pipelineIds: Set<String>): Set<String>
+
+    fun queryPipelineIdsByTaskIds(taskIds: Set<Long>): Set<String>
 }
\ No newline at end of file
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/PermissionService.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/PermissionService.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/PermissionService.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/external/PermissionService.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/AuthExConstants.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/AuthExConstants.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/AuthExConstants.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/AuthExConstants.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/AuthExPropertiesData.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/AuthExPropertiesData.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/AuthExPropertiesData.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/AuthExPropertiesData.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/AuthExResponse.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/AuthExResponse.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/AuthExResponse.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/AuthExResponse.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/AuthRole.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/AuthRole.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/AuthRole.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/AuthRole.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/CodeCCAuthAction.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/CodeCCAuthAction.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/CodeCCAuthAction.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/CodeCCAuthAction.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/OwnerInfo.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/OwnerInfo.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/OwnerInfo.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/OwnerInfo.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/PipelineAuthAction.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/PipelineAuthAction.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/PipelineAuthAction.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/PipelineAuthAction.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/callback/AuthConstants.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/callback/AuthConstants.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/callback/AuthConstants.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/callback/AuthConstants.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/callback/FetchInstanceInfo.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/callback/FetchInstanceInfo.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/callback/FetchInstanceInfo.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/callback/FetchInstanceInfo.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/callback/ListInstanceInfo.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/callback/ListInstanceInfo.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/callback/ListInstanceInfo.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/callback/ListInstanceInfo.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/callback/SearchInstanceInfo.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/callback/SearchInstanceInfo.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/callback/SearchInstanceInfo.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/callback/SearchInstanceInfo.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExBatchResouceActionModel.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExBatchResouceActionModel.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExBatchResouceActionModel.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExBatchResouceActionModel.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExPrincipalModel.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExPrincipalModel.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExPrincipalModel.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExPrincipalModel.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExResourceActionModel.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExResourceActionModel.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExResourceActionModel.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExResourceActionModel.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExResourceListModel.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExResourceListModel.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExResourceListModel.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExResourceListModel.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExSingleDeleteModel.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExSingleDeleteModel.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExSingleDeleteModel.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExSingleDeleteModel.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExSingleRegModel.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExSingleRegModel.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExSingleRegModel.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExSingleRegModel.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExSingleResourceModel.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExSingleResourceModel.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExSingleResourceModel.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExSingleResourceModel.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExSingleVerifyModel.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExSingleVerifyModel.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExSingleVerifyModel.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExSingleVerifyModel.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExTypeActionModel.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExTypeActionModel.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExTypeActionModel.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/model/BkAuthExTypeActionModel.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExBatchAuthorizedUserRequest.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExBatchAuthorizedUserRequest.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExBatchAuthorizedUserRequest.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExBatchAuthorizedUserRequest.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExBatchAuthorizedUserV1Request.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExBatchAuthorizedUserV1Request.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExBatchAuthorizedUserV1Request.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExBatchAuthorizedUserV1Request.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExBatchPermissionVerityRequest.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExBatchPermissionVerityRequest.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExBatchPermissionVerityRequest.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExBatchPermissionVerityRequest.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExBatchPermissionVerityV1Request.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExBatchPermissionVerityV1Request.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExBatchPermissionVerityV1Request.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExBatchPermissionVerityV1Request.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExPermissionVerifyRequest.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExPermissionVerifyRequest.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExPermissionVerifyRequest.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExPermissionVerifyRequest.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExResourceListRequest.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExResourceListRequest.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExResourceListRequest.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExResourceListRequest.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExResourceListV1Request.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExResourceListV1Request.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExResourceListV1Request.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/request/BkAuthExResourceListV1Request.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/response/AuthMgrResourceResponse.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/response/AuthMgrResourceResponse.kt
similarity index 81%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/response/AuthMgrResourceResponse.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/response/AuthMgrResourceResponse.kt
index c1f686df22c..4c01b39c50d 100644
--- a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/response/AuthMgrResourceResponse.kt
+++ b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/response/AuthMgrResourceResponse.kt
@@ -1,7 +1,5 @@
 package com.tencent.devops.common.auth.api.pojo.external.response;
 
-import io.swagger.annotations.ApiModel;
-
 data class AuthMgrResourceResponse(
     val policy: List<AuthTaskPolicy>,
     val role: List<AuthTaskRole>
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/response/AuthTaskPolicy.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/response/AuthTaskPolicy.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/response/AuthTaskPolicy.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/response/AuthTaskPolicy.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/response/AuthTaskRole.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/response/AuthTaskRole.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/response/AuthTaskRole.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/pojo/external/response/AuthTaskRole.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/util/AuthApiUtils.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/util/AuthApiUtils.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/util/AuthApiUtils.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/util/AuthApiUtils.kt
diff --git a/src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/util/PermissionUtil.kt b/src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/util/PermissionUtil.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/util/PermissionUtil.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-api/src/main/kotlin/com/tencent/devops/common/auth/api/util/PermissionUtil.kt
diff --git a/src/backend/codecc/core/common/common-auth/common-auth-github/build.gradle.kts b/src/backend/codecc/core/common/common-auth/common-auth-github/build.gradle.kts
new file mode 100644
index 00000000000..4950f077a26
--- /dev/null
+++ b/src/backend/codecc/core/common/common-auth/common-auth-github/build.gradle.kts
@@ -0,0 +1,4 @@
+
+dependencies {
+    api(project(":core:common:common-auth:common-auth-api"))
+}
diff --git a/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/kotlin/com/tencent/devops/common/auth/GithubAuthExAutoConfiguration.kt b/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/kotlin/com/tencent/devops/common/auth/GithubAuthExAutoConfiguration.kt
new file mode 100644
index 00000000000..4200b9db588
--- /dev/null
+++ b/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/kotlin/com/tencent/devops/common/auth/GithubAuthExAutoConfiguration.kt
@@ -0,0 +1,74 @@
+/*
+ * Tencent is pleased to support the open source community by making BK-CODECC 蓝鲸代码检查平台 available.
+ *
+ * Copyright (C) 2019 THL A29 Limited, a Tencent company.  All rights reserved.
+ *
+ * BK-CODECC 蓝鲸代码检查平台 is licensed under the MIT license.
+ *
+ * A copy of the MIT License is included in this file.
+ *
+ *
+ * Terms of the MIT License:
+ * ---------------------------------------------------
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation
+ * files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy,
+ * modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the
+ * Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
+ * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
+ * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+ * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+package com.tencent.devops.common.auth
+
+import com.tencent.devops.common.auth.api.GithubAuthExPermissionApi
+import com.tencent.devops.common.auth.api.GithubAuthExRegisterApi
+import com.tencent.devops.common.auth.api.external.AuthTaskService
+import com.tencent.devops.common.auth.pojo.GithubAuthProperties
+import com.tencent.devops.common.client.Client
+import org.slf4j.LoggerFactory
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.boot.autoconfigure.AutoConfigureOrder
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
+import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication
+import org.springframework.boot.context.properties.ConfigurationProperties
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.context.annotation.Primary
+import org.springframework.core.Ordered
+import org.springframework.data.redis.core.RedisTemplate
+
+@Configuration
+@ConditionalOnWebApplication
+@ConditionalOnProperty(prefix = "auth", name = ["idProvider"], havingValue = "github")
+@AutoConfigureOrder(Ordered.LOWEST_PRECEDENCE)
+class GithubAuthExAutoConfiguration() {
+
+    private val logger = LoggerFactory.getLogger(GithubAuthExAutoConfiguration::class.java)
+
+    init {
+        logger.info("use github auth config")
+    }
+
+    @Bean
+    fun authExPermissionApi(
+        redisTemplate: RedisTemplate<String, String>, client: Client, authTaskService: AuthTaskService,
+        properties: GithubAuthProperties
+    ) = GithubAuthExPermissionApi(client, redisTemplate, authTaskService, properties)
+
+    @Bean
+    @Primary
+    fun authExRegisterApi(redisTemplate: RedisTemplate<String, String>, authTaskService: AuthTaskService,
+                          client: Client, properties: GithubAuthProperties) =
+        GithubAuthExRegisterApi(client, authTaskService, properties)
+
+    @Bean
+    @ConfigurationProperties(prefix = "auth.github")
+    fun githubAuthProperties() = GithubAuthProperties()
+
+}
\ No newline at end of file
diff --git a/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/kotlin/com/tencent/devops/common/auth/api/GithubAuthExPermissionApi.kt b/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/kotlin/com/tencent/devops/common/auth/api/GithubAuthExPermissionApi.kt
new file mode 100644
index 00000000000..64bc7feb61b
--- /dev/null
+++ b/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/kotlin/com/tencent/devops/common/auth/api/GithubAuthExPermissionApi.kt
@@ -0,0 +1,83 @@
+package com.tencent.devops.common.auth.api
+
+import com.tencent.devops.auth.api.service.ServicePermissionAuthResource
+import com.tencent.devops.common.auth.api.external.AbstractAuthExPermissionApi
+import com.tencent.devops.common.auth.api.external.AuthTaskService
+import com.tencent.devops.common.auth.api.pojo.external.CodeCCAuthAction
+import com.tencent.devops.common.auth.api.pojo.external.model.BkAuthExResourceActionModel
+import com.tencent.devops.common.auth.pojo.GithubAuthProperties
+import com.tencent.devops.common.auth.utils.AuthActionConvertUtils
+import com.tencent.devops.common.client.Client
+import org.springframework.data.redis.core.RedisTemplate
+
+class GithubAuthExPermissionApi(client: Client,
+                                redisTemplate: RedisTemplate<String, String>,
+                                private val authTaskService: AuthTaskService,
+                                private val properties : GithubAuthProperties)
+    : AbstractAuthExPermissionApi(
+    client,
+    redisTemplate) {
+
+    override fun  queryPipelineListForUser(user: String, projectId: String, actions: Set<String>): Set<String> {
+        val result = client.getDevopsService(ServicePermissionAuthResource::class.java)
+            .getUserResourcesByPermissions(
+                user, properties.token ?: "", actions.toList(), projectId,
+                properties.pipelineResourceType ?: "pipeline"
+            )
+        if (result.isNotOk() || result.data.isNullOrEmpty()) {
+            return emptySet()
+        }
+        result.data!!.all { entry -> entry.value.contains("*")}
+        return authTaskService.queryPipelineListByProjectId(projectId)
+    }
+
+    override fun queryTaskListForUser(user: String, projectId: String, actions: Set<String>): Set<String> {
+        val codeccActions = actions.mapNotNull { it ->
+            var action: CodeCCAuthAction? = null
+            for (value in CodeCCAuthAction.values()) {
+                if (value.actionName == it) {
+                    action = value
+                    break
+                }
+            }
+            action
+        }.toList()
+        val pipelineActions = AuthActionConvertUtils.covert(codeccActions).map { it.actionName }.toSet()
+        val pipelineIds = queryPipelineListForUser(user, projectId, pipelineActions)
+        return if (pipelineIds.isEmpty()) {
+            emptySet()
+        } else {
+            authTaskService.queryTaskListByPipelineIds(pipelineIds)
+        }
+    }
+
+    override fun queryTaskUserListForAction(taskId: String, projectId: String, actions: Set<String>): List<String> {
+        return authTaskService.queryTaskUserListForAction(taskId, projectId, actions)
+    }
+
+    override fun validatePipelineBatchPermission(user: String, pipelineId: String, projectId: String, actions: Set<String>): List<BkAuthExResourceActionModel> {
+        val pipelineIds = queryPipelineListForUser(user,projectId,actions)
+        if(pipelineIds.isNotEmpty() && pipelineIds.contains(pipelineId)){
+            return listOf(BkAuthExResourceActionModel("", "", listOf(), true))
+        }
+        return listOf(BkAuthExResourceActionModel("", "", listOf(), false))
+    }
+
+    override fun validateTaskBatchPermission(user: String, taskId: String, projectId: String, actions: Set<String>): List<BkAuthExResourceActionModel> {
+        val taskIds = queryTaskListForUser(user,projectId,actions)
+        if(taskIds.isNotEmpty() && taskIds.contains(taskId)){
+            return listOf(BkAuthExResourceActionModel("", "", listOf(), true))
+        }
+        return listOf(BkAuthExResourceActionModel(isPass = true))
+    }
+
+    override fun validateGongfengPermission(user: String, taskId: String, projectId: String, actions: List<CodeCCAuthAction>): Boolean {
+        return true
+    }
+
+    override fun authProjectManager(projectId: String, user: String): Boolean {
+        return false
+    }
+
+
+}
\ No newline at end of file
diff --git a/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/kotlin/com/tencent/devops/common/auth/api/GithubAuthExRegisterApi.kt b/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/kotlin/com/tencent/devops/common/auth/api/GithubAuthExRegisterApi.kt
new file mode 100644
index 00000000000..0efc53659a0
--- /dev/null
+++ b/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/kotlin/com/tencent/devops/common/auth/api/GithubAuthExRegisterApi.kt
@@ -0,0 +1,56 @@
+package com.tencent.devops.common.auth.api
+
+import com.alibaba.fastjson.JSONObject
+import com.tencent.devops.auth.api.service.ServicePermissionAuthResource
+import com.tencent.devops.auth.pojo.dto.GrantInstanceDTO
+import com.tencent.devops.common.auth.api.external.AuthExRegisterApi
+import com.tencent.devops.common.auth.api.external.AuthTaskService
+import com.tencent.devops.common.auth.api.pojo.external.PipelineAuthAction
+import com.tencent.devops.common.auth.pojo.GithubAuthProperties
+import com.tencent.devops.common.client.Client
+import org.slf4j.LoggerFactory
+
+class GithubAuthExRegisterApi(
+    private val client: Client,
+    private val authTaskService: AuthTaskService,
+    private val properties: GithubAuthProperties
+) : AuthExRegisterApi {
+
+    companion object {
+        private val logger = LoggerFactory.getLogger(this::class.java)
+    }
+
+    override fun registerCodeCCTask(user: String, taskId: String, taskName: String, projectId: String): Boolean {
+        val pipelineId = authTaskService.getTaskPipelineId(taskId.toLong())
+        if (pipelineId.isEmpty()) {
+            return true
+        }
+        PipelineAuthAction.values().forEach {
+            registerCodeCCTaskPermission(user, pipelineId, it.actionName, projectId)
+        }
+        return true
+    }
+
+    private fun registerCodeCCTaskPermission(user: String, pipelineId: String, action: String, projectId: String) {
+        val grantInstanceDTO = GrantInstanceDTO(
+            properties.pipelineResourceType ?: "pipelineId",
+            pipelineId,
+            null,
+            action,
+            user
+        )
+        val result = client.getDevopsService(ServicePermissionAuthResource::class.java).grantInstancePermission(
+            user, properties.token ?: "", projectId, grantInstanceDTO
+        )
+        if (result.isNotOk()) {
+            logger.error(
+                "registerCodeCCTaskPermission $user $pipelineId $action $projectId fail," +
+                        " result ${JSONObject.toJSONString(result)}"
+            )
+        }
+    }
+
+    override fun deleteCodeCCTask(taskId: String, projectId: String): Boolean {
+        return true
+    }
+}
\ No newline at end of file
diff --git a/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/kotlin/com/tencent/devops/common/auth/pojo/GithubAuthProperties.kt b/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/kotlin/com/tencent/devops/common/auth/pojo/GithubAuthProperties.kt
new file mode 100644
index 00000000000..2225fb9bd9b
--- /dev/null
+++ b/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/kotlin/com/tencent/devops/common/auth/pojo/GithubAuthProperties.kt
@@ -0,0 +1,10 @@
+package com.tencent.devops.common.auth.pojo
+
+data class GithubAuthProperties(
+    var token : String? = null,
+
+    /**
+     * 流水线资源类型
+     */
+    val pipelineResourceType: String? = "pipeline"
+)
diff --git a/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/kotlin/com/tencent/devops/common/auth/utils/AuthActionConvertUtils.kt b/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/kotlin/com/tencent/devops/common/auth/utils/AuthActionConvertUtils.kt
new file mode 100644
index 00000000000..8e7c3c8ba01
--- /dev/null
+++ b/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/kotlin/com/tencent/devops/common/auth/utils/AuthActionConvertUtils.kt
@@ -0,0 +1,63 @@
+package com.tencent.devops.common.auth.utils
+
+import com.tencent.devops.common.auth.api.pojo.external.CodeCCAuthAction
+import com.tencent.devops.common.auth.api.pojo.external.PipelineAuthAction
+
+class AuthActionConvertUtils {
+
+
+    companion object {
+
+        fun covert(actions: List<CodeCCAuthAction>): List<PipelineAuthAction> {
+            if (actions.isEmpty()) {
+                return emptyList()
+            }
+            val pipelineActions = mutableSetOf<PipelineAuthAction>()
+            actions.forEach {
+                pipelineActions.addAll(covert(it))
+            }
+            return pipelineActions.toList()
+        }
+
+        fun covert(action: CodeCCAuthAction?): List<PipelineAuthAction> {
+            if (action == null) {
+                return emptyList()
+            }
+            return when (action) {
+                CodeCCAuthAction.TASK_MANAGE ->
+                    listOf<PipelineAuthAction>(
+                        PipelineAuthAction.DELETE,
+                        PipelineAuthAction.DOWNLOAD,
+                        PipelineAuthAction.EDIT,
+                        PipelineAuthAction.EXECUTE,
+                        PipelineAuthAction.LIST,
+                        PipelineAuthAction.SHARE,
+                        PipelineAuthAction.VIEW
+                    )
+                CodeCCAuthAction.ANALYZE ->
+                    listOf<PipelineAuthAction>(
+                        PipelineAuthAction.DOWNLOAD,
+                        PipelineAuthAction.EXECUTE,
+                        PipelineAuthAction.LIST,
+                        PipelineAuthAction.SHARE,
+                        PipelineAuthAction.VIEW
+                    )
+                CodeCCAuthAction.DEFECT_MANAGE ->
+                    listOf<PipelineAuthAction>(
+                        PipelineAuthAction.EXECUTE,
+                        PipelineAuthAction.LIST,
+                        PipelineAuthAction.SHARE,
+                        PipelineAuthAction.VIEW
+                    )
+                else ->
+                    listOf<PipelineAuthAction>(
+                        PipelineAuthAction.LIST,
+                        PipelineAuthAction.VIEW
+                    )
+            }
+        }
+
+    }
+
+
+}
\ No newline at end of file
diff --git a/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/resources/META-INF/spring.factories b/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/resources/META-INF/spring.factories
new file mode 100644
index 00000000000..6c197ac00d1
--- /dev/null
+++ b/src/backend/codecc/core/common/common-auth/common-auth-github/src/main/resources/META-INF/spring.factories
@@ -0,0 +1,2 @@
+org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
+com.tencent.devops.common.auth.GithubAuthExAutoConfiguration
\ No newline at end of file
diff --git a/src/backend/codecc/core/common/common-auth/common-auth-mock/build.gradle.kts b/src/backend/codecc/core/common/common-auth/common-auth-mock/build.gradle.kts
new file mode 100644
index 00000000000..4950f077a26
--- /dev/null
+++ b/src/backend/codecc/core/common/common-auth/common-auth-mock/build.gradle.kts
@@ -0,0 +1,4 @@
+
+dependencies {
+    api(project(":core:common:common-auth:common-auth-api"))
+}
diff --git a/src/backend/codecc/core/common/common-auth-mock/src/main/kotlin/com/tencent/devops/common/auth/MockAuthExAutoConfiguration.kt b/src/backend/codecc/core/common/common-auth/common-auth-mock/src/main/kotlin/com/tencent/devops/common/auth/MockAuthExAutoConfiguration.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-mock/src/main/kotlin/com/tencent/devops/common/auth/MockAuthExAutoConfiguration.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-mock/src/main/kotlin/com/tencent/devops/common/auth/MockAuthExAutoConfiguration.kt
diff --git a/src/backend/codecc/core/common/common-auth-mock/src/main/kotlin/com/tencent/devops/common/auth/api/MockAuthExPermissionApi.kt b/src/backend/codecc/core/common/common-auth/common-auth-mock/src/main/kotlin/com/tencent/devops/common/auth/api/MockAuthExPermissionApi.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-mock/src/main/kotlin/com/tencent/devops/common/auth/api/MockAuthExPermissionApi.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-mock/src/main/kotlin/com/tencent/devops/common/auth/api/MockAuthExPermissionApi.kt
diff --git a/src/backend/codecc/core/common/common-auth-mock/src/main/kotlin/com/tencent/devops/common/auth/api/MockAuthExRegisterApi.kt b/src/backend/codecc/core/common/common-auth/common-auth-mock/src/main/kotlin/com/tencent/devops/common/auth/api/MockAuthExRegisterApi.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-mock/src/main/kotlin/com/tencent/devops/common/auth/api/MockAuthExRegisterApi.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-mock/src/main/kotlin/com/tencent/devops/common/auth/api/MockAuthExRegisterApi.kt
diff --git a/src/backend/codecc/core/common/common-auth-mock/src/main/resources/META-INF/spring.factories b/src/backend/codecc/core/common/common-auth/common-auth-mock/src/main/resources/META-INF/spring.factories
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-mock/src/main/resources/META-INF/spring.factories
rename to src/backend/codecc/core/common/common-auth/common-auth-mock/src/main/resources/META-INF/spring.factories
diff --git a/src/backend/codecc/core/common/common-auth-v3/build.gradle.kts b/src/backend/codecc/core/common/common-auth/common-auth-v3/build.gradle.kts
similarity index 59%
rename from src/backend/codecc/core/common/common-auth-v3/build.gradle.kts
rename to src/backend/codecc/core/common/common-auth/common-auth-v3/build.gradle.kts
index 1490f94aaf6..426cbc0383b 100644
--- a/src/backend/codecc/core/common/common-auth-v3/build.gradle.kts
+++ b/src/backend/codecc/core/common/common-auth/common-auth-v3/build.gradle.kts
@@ -1,9 +1,9 @@
 dependencies {
-    api(project(":core:common:common-auth-api"))
-    api(group = "com.tencent.bk.devops.ci.process", name = "api-process", version = Versions.devopsVersion){
+    api(project(":core:common:common-auth:common-auth-api"))
+    api(group = "com.tencent.bk.devops.ci.process", name = "api-process"){
         isChanging=true
     }
-    api(group = "com.tencent.bk.devops.ci.common", name = "common-auth-v3", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.common", name = "common-auth-v3"){
         isChanging=true
     }
 }
diff --git a/src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/V3AuthExAutoConfiguration.kt b/src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/V3AuthExAutoConfiguration.kt
similarity index 96%
rename from src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/V3AuthExAutoConfiguration.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/V3AuthExAutoConfiguration.kt
index bc054ce2441..96da73c584e 100644
--- a/src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/V3AuthExAutoConfiguration.kt
+++ b/src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/V3AuthExAutoConfiguration.kt
@@ -33,7 +33,6 @@ import com.tencent.bk.sdk.iam.service.impl.PolicyServiceImpl
 import com.tencent.bk.sdk.iam.service.impl.TokenServiceImpl
 import com.tencent.devops.common.auth.api.*
 import com.tencent.devops.common.auth.api.external.AuthTaskService
-import com.tencent.devops.common.auth.code.PipelineAuthServiceCode
 import com.tencent.devops.common.auth.service.IamEsbService
 import com.tencent.devops.common.auth.utils.CodeCCAuthResourceApi
 import com.tencent.devops.common.client.Client
@@ -41,12 +40,10 @@ import com.tencent.devops.common.redis.RedisOperation
 import org.slf4j.LoggerFactory
 import org.springframework.beans.factory.annotation.Value
 import org.springframework.boot.autoconfigure.AutoConfigureOrder
-import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
 import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
-import org.springframework.context.annotation.Primary
 import org.springframework.core.Ordered
 import org.springframework.data.redis.core.RedisTemplate
 
diff --git a/src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/CodeCCV3AuthPermissionApi.kt b/src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/CodeCCV3AuthPermissionApi.kt
similarity index 99%
rename from src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/CodeCCV3AuthPermissionApi.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/CodeCCV3AuthPermissionApi.kt
index 6f629454d6a..53551880653 100644
--- a/src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/CodeCCV3AuthPermissionApi.kt
+++ b/src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/CodeCCV3AuthPermissionApi.kt
@@ -4,7 +4,6 @@ import com.tencent.bk.sdk.iam.constants.ExpressionOperationEnum
 import com.tencent.bk.sdk.iam.dto.InstanceDTO
 import com.tencent.bk.sdk.iam.dto.PathInfoDTO
 import com.tencent.bk.sdk.iam.dto.action.ActionDTO
-import com.tencent.bk.sdk.iam.dto.expression.ExpressionDTO
 import com.tencent.bk.sdk.iam.helper.AuthHelper
 import com.tencent.bk.sdk.iam.service.PolicyService
 import com.tencent.devops.common.api.util.OwnerUtils
diff --git a/src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/V3AuthExPermissionApi.kt b/src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/V3AuthExPermissionApi.kt
similarity index 94%
rename from src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/V3AuthExPermissionApi.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/V3AuthExPermissionApi.kt
index 3bb96bedbe2..0a554d4f1ba 100644
--- a/src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/V3AuthExPermissionApi.kt
+++ b/src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/V3AuthExPermissionApi.kt
@@ -2,11 +2,8 @@ package com.tencent.devops.common.auth.api
 
 import com.tencent.devops.common.auth.api.external.AbstractAuthExPermissionApi
 import com.tencent.devops.common.auth.api.external.AuthTaskService
-import com.tencent.devops.common.auth.api.pojo.BkAuthGroup
 import com.tencent.devops.common.auth.api.pojo.external.CodeCCAuthAction
 import com.tencent.devops.common.auth.api.pojo.external.model.BkAuthExResourceActionModel
-import com.tencent.devops.common.auth.code.BluekingV3PipelineAuthServiceCode
-import com.tencent.devops.common.auth.code.PipelineAuthServiceCode
 import com.tencent.devops.common.auth.pojo.CodeCCAuthServiceCode
 import com.tencent.devops.common.client.Client
 import org.slf4j.LoggerFactory
diff --git a/src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/V3AuthExRegisterApi.kt b/src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/V3AuthExRegisterApi.kt
similarity index 86%
rename from src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/V3AuthExRegisterApi.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/V3AuthExRegisterApi.kt
index 1681e661bc9..5018cf83821 100644
--- a/src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/V3AuthExRegisterApi.kt
+++ b/src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/api/V3AuthExRegisterApi.kt
@@ -2,10 +2,8 @@ package com.tencent.devops.common.auth.api
 
 import com.tencent.devops.common.auth.api.external.AuthExRegisterApi
 import com.tencent.devops.common.auth.pojo.CodeCCAuthResourceType
-import com.tencent.devops.common.auth.pojo.CodeCCAuthServiceCode
 import com.tencent.devops.common.auth.utils.CodeCCAuthResourceApi
 import org.springframework.beans.factory.annotation.Autowired
-import org.springframework.beans.factory.annotation.Qualifier
 
 class V3AuthExRegisterApi @Autowired constructor(
     private val authResourceApi: CodeCCAuthResourceApi
diff --git a/src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/pojo/CodeCCAuthResourceType.kt b/src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/pojo/CodeCCAuthResourceType.kt
similarity index 97%
rename from src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/pojo/CodeCCAuthResourceType.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/pojo/CodeCCAuthResourceType.kt
index c46030f5716..09da0346a50 100644
--- a/src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/pojo/CodeCCAuthResourceType.kt
+++ b/src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/pojo/CodeCCAuthResourceType.kt
@@ -28,5 +28,5 @@ package com.tencent.devops.common.auth.pojo
  */
 
 enum class CodeCCAuthResourceType(val value: String) {
-    CODECC_TASK("codecc_task"); // codecc任务
+    CODECC_TASK("CODECC_TASK"); // codecc任务
 }
\ No newline at end of file
diff --git a/src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/pojo/CodeCCAuthServiceCode.kt b/src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/pojo/CodeCCAuthServiceCode.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/pojo/CodeCCAuthServiceCode.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/pojo/CodeCCAuthServiceCode.kt
diff --git a/src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/utils/AuthStrUtils.kt b/src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/utils/AuthStrUtils.kt
similarity index 99%
rename from src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/utils/AuthStrUtils.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/utils/AuthStrUtils.kt
index 28d8679dc08..ecb55b1b113 100644
--- a/src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/utils/AuthStrUtils.kt
+++ b/src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/utils/AuthStrUtils.kt
@@ -30,7 +30,6 @@ package com.tencent.devops.common.auth.utils
 
 import com.tencent.bk.sdk.iam.constants.ExpressionOperationEnum
 import com.tencent.bk.sdk.iam.dto.expression.ExpressionDTO
-import com.tencent.devops.common.auth.api.AuthResourceType
 
 object AuthStrUtils {
 
diff --git a/src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/utils/CodeCCAuthResourceApi.kt b/src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/utils/CodeCCAuthResourceApi.kt
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/utils/CodeCCAuthResourceApi.kt
rename to src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/utils/CodeCCAuthResourceApi.kt
index 9c04f2599f6..68bd8117301 100644
--- a/src/backend/codecc/core/common/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/utils/CodeCCAuthResourceApi.kt
+++ b/src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/kotlin/com/tencent/devops/common/auth/utils/CodeCCAuthResourceApi.kt
@@ -3,8 +3,8 @@ package com.tencent.devops.common.auth.utils
 import com.tencent.bk.sdk.iam.config.IamConfiguration
 import com.tencent.devops.common.auth.api.AuthResourceType
 import com.tencent.devops.common.auth.api.pojo.AncestorsApiReq
-import com.tencent.devops.common.auth.pojo.CodeCCAuthResourceType
 import com.tencent.devops.common.auth.api.pojo.EsbCreateApiReq
+import com.tencent.devops.common.auth.pojo.CodeCCAuthResourceType
 import com.tencent.devops.common.auth.service.IamEsbService
 import org.slf4j.LoggerFactory
 import org.springframework.beans.factory.annotation.Autowired
diff --git a/src/backend/codecc/core/common/common-auth-v3/src/main/resources/META-INF/spring.factories b/src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/resources/META-INF/spring.factories
similarity index 100%
rename from src/backend/codecc/core/common/common-auth-v3/src/main/resources/META-INF/spring.factories
rename to src/backend/codecc/core/common/common-auth/common-auth-v3/src/main/resources/META-INF/spring.factories
diff --git a/src/backend/codecc/core/common/common-client/common-client-base/src/main/kotlin/com/tencent/devops/common/client/Client.kt b/src/backend/codecc/core/common/common-client/common-client-base/src/main/kotlin/com/tencent/devops/common/client/Client.kt
index fac4030ca52..dc10e5c8679 100644
--- a/src/backend/codecc/core/common/common-client/common-client-base/src/main/kotlin/com/tencent/devops/common/client/Client.kt
+++ b/src/backend/codecc/core/common/common-client/common-client-base/src/main/kotlin/com/tencent/devops/common/client/Client.kt
@@ -109,6 +109,26 @@ abstract class Client constructor(
             feignProxy.javaClass.interfaces, devopsProxy))
     }
 
+    fun <T : Any> getDevopsService(clz: Class<T>, projectId: String): T {
+        // 获取为feign定义的拦截器
+        DevopsProxy.projectIdThreadLocal.set(projectId)
+        val feignProxy = Feign.builder()
+            .client(feignClient)
+            .errorDecoder(clientErrorDecoder)
+            .encoder(jacksonEncoder)
+            .decoder(jacksonDecoder)
+            .contract(jaxRsContract)
+            .options(Request.Options(10000, 30000))
+            .requestInterceptor(SpringContextUtil.getBean(
+                RequestInterceptor::class.java, "devopsRequestInterceptor"))
+            .target(DevopsServiceTarget(findServiceName(clz.kotlin,"", ""),  clz,
+                allProperties.devopsDevUrl
+                    ?: ""))
+        val devopsProxy = DevopsProxy(feignProxy, clz)
+        return clz.cast(
+            Proxy.newProxyInstance(feignProxy.javaClass.classLoader, feignProxy.javaClass.interfaces, devopsProxy))
+    }
+
     fun <T : Any> get(clz: Class<T>): T = get(clz.kotlin)
 
     abstract fun <T : Any> get(clz: KClass<T>): T
diff --git a/src/backend/codecc/core/common/common-client/common-client-base/src/main/kotlin/com/tencent/devops/common/client/discovery/DiscoveryUtils.kt b/src/backend/codecc/core/common/common-client/common-client-base/src/main/kotlin/com/tencent/devops/common/client/discovery/DiscoveryUtils.kt
new file mode 100644
index 00000000000..c63549dc5de
--- /dev/null
+++ b/src/backend/codecc/core/common/common-client/common-client-base/src/main/kotlin/com/tencent/devops/common/client/discovery/DiscoveryUtils.kt
@@ -0,0 +1,12 @@
+package com.tencent.devops.common.client.discovery
+
+import org.springframework.cloud.client.ServiceInstance
+
+interface DiscoveryUtils {
+
+    fun getInstanceTags(instance : ServiceInstance) : List<String>
+
+    fun getRegistrationTags(instance : ServiceInstance) : List<String>
+
+    fun getRegistration() : ServiceInstance
+}
\ No newline at end of file
diff --git a/src/backend/codecc/core/common/common-client/common-client-consul/src/main/kotlin/com/tencent/devops/common/client/discovery/ConsulDiscoveryUtils.kt b/src/backend/codecc/core/common/common-client/common-client-consul/src/main/kotlin/com/tencent/devops/common/client/discovery/ConsulDiscoveryUtils.kt
new file mode 100644
index 00000000000..2d06c97c8bb
--- /dev/null
+++ b/src/backend/codecc/core/common/common-client/common-client-consul/src/main/kotlin/com/tencent/devops/common/client/discovery/ConsulDiscoveryUtils.kt
@@ -0,0 +1,31 @@
+package com.tencent.devops.common.client.discovery
+
+import org.springframework.cloud.client.ServiceInstance
+import org.springframework.cloud.client.serviceregistry.Registration
+import org.springframework.cloud.consul.discovery.ConsulServiceInstance
+import org.springframework.cloud.consul.serviceregistry.ConsulRegistration
+
+class ConsulDiscoveryUtils constructor(
+    private val registration: Registration
+) : DiscoveryUtils {
+
+    override fun getInstanceTags(instance: ServiceInstance): List<String> {
+        return if (instance is ConsulServiceInstance) {
+            instance.tags
+        } else {
+            instance.metadata.values.toList()
+        }
+    }
+
+    override fun getRegistrationTags(instance: ServiceInstance): List<String> {
+        return if (instance is ConsulRegistration) {
+            instance.service.tags
+        } else {
+            instance.metadata.values.toList()
+        }
+    }
+
+    override fun getRegistration(): ServiceInstance {
+        return registration
+    }
+}
\ No newline at end of file
diff --git a/src/backend/codecc/core/common/common-client/common-client-k8s/src/main/kotlin/com/tencent/devops/common/client/discovery/KubernetesDiscoveryUtils.kt b/src/backend/codecc/core/common/common-client/common-client-k8s/src/main/kotlin/com/tencent/devops/common/client/discovery/KubernetesDiscoveryUtils.kt
new file mode 100644
index 00000000000..5df81876ffa
--- /dev/null
+++ b/src/backend/codecc/core/common/common-client/common-client-k8s/src/main/kotlin/com/tencent/devops/common/client/discovery/KubernetesDiscoveryUtils.kt
@@ -0,0 +1,27 @@
+package com.tencent.devops.common.client.discovery
+
+import com.tencent.devops.common.service.Profile
+import org.springframework.cloud.client.ServiceInstance
+import org.springframework.cloud.client.discovery.DiscoveryClient
+import java.net.InetAddress
+
+class KubernetesDiscoveryUtils constructor(
+    private val discoveryClient: DiscoveryClient,
+    private val profile: Profile
+): DiscoveryUtils {
+
+    override fun getInstanceTags(instance: ServiceInstance): List<String> {
+        return instance.metadata.values.toList()
+    }
+
+    override fun getRegistrationTags(instance: ServiceInstance): List<String> {
+        return instance.metadata.values.toList()
+    }
+
+    override fun getRegistration(): ServiceInstance {
+        val instances = discoveryClient.getInstances(profile.getApplicationName()) ?: emptyList()
+        val ip = InetAddress.getLocalHost().hostAddress
+        val localInstance = instances.firstOrNull { instance -> instance.host == ip }
+        return localInstance!!
+    }
+}
\ No newline at end of file
diff --git a/src/backend/codecc/core/common/common-web/build.gradle.kts b/src/backend/codecc/core/common/common-web/build.gradle.kts
index 4763b4968af..2512710c699 100644
--- a/src/backend/codecc/core/common/common-web/build.gradle.kts
+++ b/src/backend/codecc/core/common/common-web/build.gradle.kts
@@ -5,7 +5,7 @@ plugins {
 dependencies {
     api(project(":core:common:common-api"))
     api(project(":core:common:common-service"))
-    api(project(":core:common::common-auth-api"))
+    api(project(":core:common:common-auth:common-auth-api"))
     api("org.springframework.boot:spring-boot-starter-amqp")
     api("org.springframework.boot:spring-boot-starter-aop")
     api("org.springframework.boot:spring-boot-starter-web")
diff --git a/src/backend/codecc/core/common/common-web/src/main/kotlin/com/tencent/devops/common/web/mq/Constants.kt b/src/backend/codecc/core/common/common-web/src/main/kotlin/com/tencent/devops/common/web/mq/Constants.kt
index 59635e6e7dc..d5f504b046a 100644
--- a/src/backend/codecc/core/common/common-web/src/main/kotlin/com/tencent/devops/common/web/mq/Constants.kt
+++ b/src/backend/codecc/core/common/common-web/src/main/kotlin/com/tencent/devops/common/web/mq/Constants.kt
@@ -325,7 +325,7 @@ const val QUEUE_KAFKA_DATA_CLOC_DEFECT = "queue.kafka.data.cloc.defect"
 
 const val EXCHANGE_TASKLOG_DEFECT_WEBSOCKET = "exchange.tasklog.defect.websocket"
 const val ROUTE_TASKLOG_DEFECT_WEBSOCKET = "route.tasklog.defect.websocket"
-const val QUEUE_TASKLOG_DEFECT_WEBSOCKET = "queue.tasklog.defect.websocket"
+const val QUEUE_TASKLOG_DEFECT_WEBSOCKET = "queue.tasklog.defect.websocket."
 
 
 const val ROUTE_KAFKA_DATA_TRIGGER_TASK = "route.kafka.data.trigger.task"
diff --git a/src/backend/codecc/core/common/common-web/src/main/kotlin/com/tencent/devops/common/web/security/filter/PermissionAuthFilter.kt b/src/backend/codecc/core/common/common-web/src/main/kotlin/com/tencent/devops/common/web/security/filter/PermissionAuthFilter.kt
index d673cb09e81..6e017aea446 100644
--- a/src/backend/codecc/core/common/common-web/src/main/kotlin/com/tencent/devops/common/web/security/filter/PermissionAuthFilter.kt
+++ b/src/backend/codecc/core/common/common-web/src/main/kotlin/com/tencent/devops/common/web/security/filter/PermissionAuthFilter.kt
@@ -85,12 +85,12 @@ class PermissionAuthFilter(
                             isPass))
                 } else {
                     // 普通流水线在蓝鲸权限中心鉴权
-                    val pipelieActions = PermissionUtil.getPipelinePermissionsFromActions(actions)
-                    val pipelinePermissionAuthResult = authExPermissionApi.validatePipelineBatchPermission(
+                    val codeccActions = PermissionUtil.getCodeCCPermissionsFromActions(actions)
+                    val pipelinePermissionAuthResult = authExPermissionApi.validateTaskBatchPermission(
                             user,
                             taskId,
                             projectId,
-                            pipelieActions
+                            codeccActions
                     )
                     var pipelineAuthPass = true
                     pipelinePermissionAuthResult.forEach {
diff --git a/src/backend/codecc/core/defect/biz-defect-migration/build.gradle.kts b/src/backend/codecc/core/defect/biz-defect-migration/build.gradle.kts
index 2e870fcdf74..43e8c468d26 100644
--- a/src/backend/codecc/core/defect/biz-defect-migration/build.gradle.kts
+++ b/src/backend/codecc/core/defect/biz-defect-migration/build.gradle.kts
@@ -4,22 +4,22 @@ plugins {
 
 dependencies {
     api(project(":core:defect:biz-defect"))
-    api(group = "com.tencent.bk.devops.ci.log", name = "api-log", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.log", name = "api-log"){
         isChanging = true
     }
-    api(group = "com.tencent.bk.devops.ci.quality", name = "api-quality", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.quality", name = "api-quality"){
         isChanging = true
     }
-    api(group = "com.tencent.bk.devops.ci.process", name = "api-process", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.process", name = "api-process"){
         isChanging = true
     }
-    api(group= "com.tencent.bk.devops.ci.repository", name = "api-repository", version = Versions.devopsVersion){
+    api(group= "com.tencent.bk.devops.ci.repository", name = "api-repository"){
         isChanging = true
     }
-    api(group = "com.tencent.bk.devops.ci.plugin", name="api-plugin", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.plugin", name="api-plugin"){
         isChanging = true
     }
-    api(group = "com.tencent.bk.devops.ci.plugin", name="api-codecc", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.plugin", name="api-codecc"){
         isChanging = true
     }
 }
diff --git a/src/backend/codecc/core/defect/biz-defect-migration/src/main/kotlin/com/tencent/bk/codecc/defect/service/impl/PipelineScmServiceImpl.kt b/src/backend/codecc/core/defect/biz-defect-migration/src/main/kotlin/com/tencent/bk/codecc/defect/service/impl/PipelineScmServiceImpl.kt
index fd7e9b9bc52..3c64df9afe0 100644
--- a/src/backend/codecc/core/defect/biz-defect-migration/src/main/kotlin/com/tencent/bk/codecc/defect/service/impl/PipelineScmServiceImpl.kt
+++ b/src/backend/codecc/core/defect/biz-defect-migration/src/main/kotlin/com/tencent/bk/codecc/defect/service/impl/PipelineScmServiceImpl.kt
@@ -9,12 +9,19 @@ import com.tencent.devops.common.api.exception.CodeCCException
 import com.tencent.devops.common.api.pojo.Result
 import com.tencent.devops.common.api.codecc.util.JsonUtil
 import com.tencent.devops.common.client.Client
+import com.tencent.devops.common.client.proxy.DevopsProxy
 import com.tencent.devops.common.constant.ComConstants
 import com.tencent.devops.common.constant.CommonMessageCode
 import com.tencent.devops.common.util.HttpPathUrlUtil
+import com.tencent.devops.common.util.OkhttpUtils
 import com.tencent.devops.repository.api.ExternalCodeccRepoResource
+import com.tencent.devops.repository.api.ServiceGithubResource
+import com.tencent.devops.repository.api.ServiceOauthResource
 import com.tencent.devops.repository.api.ServiceRepositoryResource
 import com.tencent.devops.repository.api.scm.ServiceGitResource
+import com.tencent.devops.repository.pojo.enums.RepoAuthType
+import com.tencent.devops.repository.pojo.github.GithubToken
+import com.tencent.devops.repository.pojo.oauth.GitToken
 import org.apache.commons.collections.CollectionUtils
 import org.apache.commons.lang.math.NumberUtils
 import org.apache.commons.lang3.RandomStringUtils
@@ -32,6 +39,7 @@ class PipelineScmServiceImpl @Autowired constructor(
 
     companion object {
         private val logger = LoggerFactory.getLogger(PipelineScmServiceImpl::class.java)
+        private val FILE_TOO_LARGE_CONTENT = "当前告警代码文件大小超过1M，不能在平台查看代码详情，可以根据告警行号在IDE查看";
     }
 
     @Value("\${codecc.privatetoken:#{null}}")
@@ -203,4 +211,92 @@ class PipelineScmServiceImpl @Autowired constructor(
         return client.getDevopsService(ServiceGitResource::class.java).getAuthUrl(authParamJsonStr = authParamJsonStr).data
                 ?: ""
     }
+
+    override fun getStreamFileContent(
+        projectId: String,
+        userId: String,
+        repoUrl: String,
+        filePath: String,
+        reversion: String?,
+        branch: String?
+    ): String? {
+        if (projectId.startsWith("github_")) {
+            return getGithubFileContent(repoUrl, reversion ?: branch ?: "", filePath)
+        }
+        val token = try {
+            val tokenResult = client.getDevopsService(ServiceOauthResource::class.java, projectId).gitGet(userId)
+            if (tokenResult.data == null || tokenResult.isNotOk()) {
+                logger.error("can not get user repository token: $userId $repoUrl $filePath $reversion $branch")
+                throw CodeCCException(errorCode = CommonMessageCode.OAUTH_TOKEN_IS_INVALID)
+            }
+            tokenResult.data!!.accessToken
+        } catch (e: CodeCCException) {
+            if (e.errorCode == CommonMessageCode.OAUTH_TOKEN_IS_INVALID) {
+                throw e
+            } else {
+                ""
+            }
+        } finally {
+            DevopsProxy.projectIdThreadLocal.remove()
+        }
+        if (token.isBlank()) {
+            return ""
+        }
+
+        val fileContent = try {
+            logger.info("get file content: $repoUrl | $filePath | $reversion | $branch | $token")
+            val result = client.getDevopsService(ExternalCodeccRepoResource::class.java, projectId)
+                .getGitFileContentCommon(
+                    repoUrl = repoUrl,
+                    filePath = filePath.removePrefix("/"),
+                    ref = if(!reversion.isNullOrBlank()) reversion else branch,
+                    token = token,
+                    authType = RepoAuthType.OAUTH
+                )
+            if (result.isNotOk()) {
+                logger.error("get file content fail!")
+                throw CodeCCException(CommonMessageCode.CODE_NORMAL_CONTENT_ERROR)
+            }
+            result.data
+        } catch (e: CodeCCException) {
+            return if (e.errorCode == CommonMessageCode.FILE_CONTENT_TOO_LARGE) {
+                FILE_TOO_LARGE_CONTENT
+            } else {
+                throw e
+            }
+        } catch (e: Exception) {
+            logger.error(
+                "get git file content fail!, repoUrl: {}, filePath: {}, token: {}",
+                repoUrl,
+                filePath,
+                token,
+                e
+            )
+            throw CodeCCException(CommonMessageCode.CODE_CONTENT_ERROR)
+        } finally {
+            DevopsProxy.projectIdThreadLocal.remove()
+        }
+
+
+        return fileContent
+    }
+
+    /**
+     * 获取 Github 文本内容
+     * 等待蓝盾支持后，切换到蓝盾的版本
+     */
+    private fun getGithubFileContent(repoUrl: String, ref: String, filePath: String): String {
+        val headerIndex = if (repoUrl.startsWith("https://")) {
+            8
+        } else if (repoUrl.startsWith("http://")) {
+            7
+        } else {
+            0
+        }
+        val startIndex = repoUrl.indexOf("/", headerIndex)
+        val endIndex = repoUrl.lastIndexOf(".git")
+        val projectName = repoUrl.substring(startIndex + 1, endIndex)
+        val url = "https://raw.githubusercontent.com/$projectName/$ref/$filePath"
+        return OkhttpUtils.doGet(url)
+    }
 }
\ No newline at end of file
diff --git a/src/backend/codecc/core/defect/biz-defect/build.gradle.kts b/src/backend/codecc/core/defect/biz-defect/build.gradle.kts
index 380fdc96d3d..0dbdcf8d132 100644
--- a/src/backend/codecc/core/defect/biz-defect/build.gradle.kts
+++ b/src/backend/codecc/core/defect/biz-defect/build.gradle.kts
@@ -11,12 +11,12 @@ dependencies {
     api(project(":core:defect:model-defect"))
     api(project(":core:defect:api-defect"))
     api(project(":core:task:api-task"))
-    api(project(":core:common:common-auth-api"))
+    api(project(":core:common:common-auth:common-auth-api"))
     api(project(":core:schedule:api-schedule"))
     api(project(":core:coverity:api-coverity"))
     api("org.apache.httpcomponents:httpclient")
     api("org.redisson:redisson")
-    api(group = "com.tencent.bk.devops.ci.process", name = "api-process", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.process", name = "api-process"){
         isChanging = true
     }
 }
diff --git a/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/dao/mongorepository/LintStatisticRepository.java b/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/dao/mongorepository/LintStatisticRepository.java
index e159f67ec61..8e5e6a7f7ba 100644
--- a/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/dao/mongorepository/LintStatisticRepository.java
+++ b/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/dao/mongorepository/LintStatisticRepository.java
@@ -69,7 +69,7 @@ public interface LintStatisticRepository extends MongoRepository<LintStatisticEn
      * @param buildId
      * @return
      */
-    LintStatisticEntity findByTaskIdAndToolNameAndBuildId(long taskId, String toolName, String buildId);
+    LintStatisticEntity findFirstByTaskIdAndToolNameAndBuildId(long taskId, String toolName, String buildId);
 
     /**
      * 通过任务id和工具名查询每次分析的统计信息
diff --git a/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/resources/UserCheckerRestResourceImpl.java b/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/resources/UserCheckerRestResourceImpl.java
index 128a5ed5eb8..21281c04dbf 100644
--- a/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/resources/UserCheckerRestResourceImpl.java
+++ b/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/resources/UserCheckerRestResourceImpl.java
@@ -33,7 +33,6 @@
 import com.tencent.bk.codecc.defect.vo.*;
 import com.tencent.bk.codecc.defect.vo.checkerset.*;
 import com.tencent.bk.codecc.defect.vo.enums.CheckerListSortType;
-import com.tencent.devops.common.api.checkerset.CheckerSetVO;
 import com.tencent.devops.common.api.pojo.Result;
 import com.tencent.devops.common.auth.api.pojo.external.CodeCCAuthAction;
 import com.tencent.devops.common.web.RestResource;
diff --git a/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/AbstractAnalyzeTaskBizService.java b/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/AbstractAnalyzeTaskBizService.java
index 202948158ea..7d63f84cb91 100644
--- a/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/AbstractAnalyzeTaskBizService.java
+++ b/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/AbstractAnalyzeTaskBizService.java
@@ -234,7 +234,7 @@ private void postHandleGrayReportInfo(TaskLogEntity taskLogEntity,
                 && uploadTaskLogStepVO.getFlag() == ComConstants.StepFlag.SUCC.value())
         {
             GrayTaskStatVO grayTaskStatVO = null;
-            LintStatisticEntity lintStatisticEntity = lintStatisticRepository.findByTaskIdAndToolNameAndBuildId(
+            LintStatisticEntity lintStatisticEntity = lintStatisticRepository.findFirstByTaskIdAndToolNameAndBuildId(
                     taskLogEntity.getTaskId(), taskLogEntity.getToolName(), taskLogEntity.getBuildId());
             if (null != lintStatisticEntity && StringUtils.isNotBlank(lintStatisticEntity.getEntityId()))
             {
diff --git a/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/AbstractQueryWarningBizService.java b/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/AbstractQueryWarningBizService.java
index ca514a5733b..629cd242ba2 100644
--- a/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/AbstractQueryWarningBizService.java
+++ b/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/AbstractQueryWarningBizService.java
@@ -34,7 +34,6 @@
 import com.tencent.bk.codecc.defect.model.CodeCommentEntity;
 import com.tencent.bk.codecc.defect.model.DefectEntity;
 import com.tencent.bk.codecc.defect.model.LintStatisticEntity;
-import com.tencent.bk.codecc.defect.model.StatisticEntity;
 import com.tencent.bk.codecc.defect.utils.ConvertUtil;
 import com.tencent.bk.codecc.defect.vo.*;
 import com.tencent.bk.codecc.defect.vo.admin.DeptTaskDefectReqVO;
@@ -721,9 +720,9 @@ protected String getFileContent(long taskId, String projectId, String userId, St
 
             content = pipelineScmService.getFileContentOauth(oauthUserId, GitUtil.INSTANCE.getProjectName(url),
                 relPath, (revision != null ? revision : branch));
-        }
-        else
-        {
+        } else if(projectId.startsWith("git_") || projectId.startsWith("github_")){
+            content = pipelineScmService.getStreamFileContent(projectId, userId, url, relPath, revision, branch);
+        }else {
             content = pipelineScmService.getFileContent(taskId, repoId, relPath, revision, branch, subModule, createFrom);
         }
 
diff --git a/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/impl/GetTaskLogServiceImpl.java b/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/impl/GetTaskLogServiceImpl.java
index cc4795f091a..1371ae530d5 100644
--- a/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/impl/GetTaskLogServiceImpl.java
+++ b/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/impl/GetTaskLogServiceImpl.java
@@ -79,7 +79,6 @@
 import org.springframework.web.context.request.ServletRequestAttributes;
 
 import javax.servlet.http.HttpServletRequest;
-import java.util.Collections;
 import java.util.List;
 import java.util.Map;
 import java.util.Objects;
diff --git a/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/impl/LintQueryStatisticBizServiceImpl.java b/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/impl/LintQueryStatisticBizServiceImpl.java
index 1252196f83f..4632c565bca 100644
--- a/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/impl/LintQueryStatisticBizServiceImpl.java
+++ b/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/impl/LintQueryStatisticBizServiceImpl.java
@@ -64,7 +64,7 @@ public BaseLastAnalysisResultVO processBiz(ToolLastAnalysisResultVO arg, boolean
         if (isLast) {
             statisticEntity = lintStatisticRepository.findFirstByTaskIdAndToolNameOrderByTimeDesc(taskId, toolName);
         } else {
-            statisticEntity = lintStatisticRepository.findByTaskIdAndToolNameAndBuildId(taskId, toolName, buildId);
+            statisticEntity = lintStatisticRepository.findFirstByTaskIdAndToolNameAndBuildId(taskId, toolName, buildId);
         }
         LintLastAnalysisResultVO lastAnalysisResultVO = new LintLastAnalysisResultVO();
         if (statisticEntity != null) {
diff --git a/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/impl/pipelinereport/LINTCheckReportBizServiceImpl.java b/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/impl/pipelinereport/LINTCheckReportBizServiceImpl.java
index ebc9fb98bb3..17919233b83 100644
--- a/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/impl/pipelinereport/LINTCheckReportBizServiceImpl.java
+++ b/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/impl/pipelinereport/LINTCheckReportBizServiceImpl.java
@@ -143,7 +143,7 @@ public ToolSnapShotEntity getReport(long taskId, String projectId, String toolNa
         }
 
         //最近一次分析概要信息
-        LintStatisticEntity lintStatisticEntity = lintStatisticRepository.findByTaskIdAndToolNameAndBuildId(taskId, toolName, buildId);
+        LintStatisticEntity lintStatisticEntity = lintStatisticRepository.findFirstByTaskIdAndToolNameAndBuildId(taskId, toolName, buildId);
         if (lintStatisticEntity == null)
         {
             log.info("no analysis result found! task id: {}, tool name: {}", taskId, toolName);
diff --git a/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/statistic/LintDefectStatisticService.java b/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/statistic/LintDefectStatisticService.java
index cebc20d8ca9..7d532bb76a6 100644
--- a/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/statistic/LintDefectStatisticService.java
+++ b/src/backend/codecc/core/defect/biz-defect/src/main/java/com/tencent/bk/codecc/defect/service/statistic/LintDefectStatisticService.java
@@ -214,7 +214,7 @@ else if (ComConstants.PROMPT_IN_DB == defect.getSeverity() || ComConstants.PROMP
         fileCount = filePathSet.size();
         int defectChange;
         int fileChange;
-        LintStatisticEntity lastLintStatisticEntity = lintStatisticRepository.findByTaskIdAndToolNameAndBuildId(taskId, toolName, baseBuildId);
+        LintStatisticEntity lastLintStatisticEntity = lintStatisticRepository.findFirstByTaskIdAndToolNameAndBuildId(taskId, toolName, baseBuildId);
         if (lastLintStatisticEntity == null)
         {
             defectChange = defectCount;
diff --git a/src/backend/codecc/core/defect/biz-defect/src/main/kotlin/com/tencent/bk/codecc/defect/service/PipelineScmService.kt b/src/backend/codecc/core/defect/biz-defect/src/main/kotlin/com/tencent/bk/codecc/defect/service/PipelineScmService.kt
index 17801cade5f..5dac04fb220 100644
--- a/src/backend/codecc/core/defect/biz-defect/src/main/kotlin/com/tencent/bk/codecc/defect/service/PipelineScmService.kt
+++ b/src/backend/codecc/core/defect/biz-defect/src/main/kotlin/com/tencent/bk/codecc/defect/service/PipelineScmService.kt
@@ -60,4 +60,13 @@ interface PipelineScmService {
      * @return
      */
     fun getOauthUrl(userId: String, projectId: String, taskId: Long, toolName: String): String
+
+    fun getStreamFileContent(
+        projectId: String,
+        userId: String,
+        repoUrl: String,
+        filePath: String,
+        reversion: String?,
+        branch: String?
+    ): String?
 }
\ No newline at end of file
diff --git a/src/backend/codecc/core/defect/biz-defect/src/main/kotlin/com/tencent/bk/codecc/defect/service/impl/AbstractClusterDefectService.kt b/src/backend/codecc/core/defect/biz-defect/src/main/kotlin/com/tencent/bk/codecc/defect/service/impl/AbstractClusterDefectService.kt
index add382c0b03..70119f8f743 100644
--- a/src/backend/codecc/core/defect/biz-defect/src/main/kotlin/com/tencent/bk/codecc/defect/service/impl/AbstractClusterDefectService.kt
+++ b/src/backend/codecc/core/defect/biz-defect/src/main/kotlin/com/tencent/bk/codecc/defect/service/impl/AbstractClusterDefectService.kt
@@ -80,7 +80,7 @@ abstract class AbstractClusterDefectService constructor(
     @LINT
     fun getLintStatistic(clusterResultVO: BaseClusterResultVO, taskId: Long, buildId: String, toolName: String) {
         logger.info("lint statistic")
-        val lintStatistic = lintStatisticRepository.findByTaskIdAndToolNameAndBuildId(
+        val lintStatistic = lintStatisticRepository.findFirstByTaskIdAndToolNameAndBuildId(
                 taskId,
                 toolName,
                 buildId
diff --git a/src/backend/codecc/core/defect/biz-defect/src/main/kotlin/com/tencent/bk/codecc/defect/service/impl/CodeScoringServiceImpl.kt b/src/backend/codecc/core/defect/biz-defect/src/main/kotlin/com/tencent/bk/codecc/defect/service/impl/CodeScoringServiceImpl.kt
index d99d6b4d4d1..736932df6c5 100644
--- a/src/backend/codecc/core/defect/biz-defect/src/main/kotlin/com/tencent/bk/codecc/defect/service/impl/CodeScoringServiceImpl.kt
+++ b/src/backend/codecc/core/defect/biz-defect/src/main/kotlin/com/tencent/bk/codecc/defect/service/impl/CodeScoringServiceImpl.kt
@@ -285,7 +285,7 @@ class CodeScoringServiceImpl @Autowired constructor(
      * @param buildId
      */
     private fun getSecurityDefectNum(taskId: Long, buildId: String, toolName: String): Pair<Double, Double>? {
-        val res = lintStatisticRepository.findByTaskIdAndToolNameAndBuildId(
+        val res = lintStatisticRepository.findFirstByTaskIdAndToolNameAndBuildId(
             taskId,
             toolName,
             buildId
@@ -300,7 +300,7 @@ class CodeScoringServiceImpl @Autowired constructor(
      * @param buildId
      */
     private fun getLintDefectNum(toolName: String, taskId: Long, buildId: String): Pair<Double, Double> {
-        val res: LintStatisticEntity? = lintStatisticRepository.findByTaskIdAndToolNameAndBuildId(
+        val res: LintStatisticEntity? = lintStatisticRepository.findFirstByTaskIdAndToolNameAndBuildId(
             taskId,
             toolName,
             buildId
@@ -754,7 +754,7 @@ class CodeScoringServiceImpl @Autowired constructor(
      * 获取特定构建的告警信息
      */
     fun getLintStatInfo(taskId: Long, toolName: String, buildId: String): GrayTaskStatVO? {
-        val lintStatisticEntity = lintStatisticRepository.findByTaskIdAndToolNameAndBuildId(taskId, toolName, buildId)
+        val lintStatisticEntity = lintStatisticRepository.findFirstByTaskIdAndToolNameAndBuildId(taskId, toolName, buildId)
         return if (null == lintStatisticEntity || lintStatisticEntity.entityId.isNullOrBlank()) {
             null
         } else {
diff --git a/src/backend/codecc/core/defect/biz-defect/src/main/kotlin/com/tencent/bk/codecc/defect/service/impl/DefectAuthTaskServiceImpl.kt b/src/backend/codecc/core/defect/biz-defect/src/main/kotlin/com/tencent/bk/codecc/defect/service/impl/DefectAuthTaskServiceImpl.kt
index 0c95523d661..6eb0984ac35 100644
--- a/src/backend/codecc/core/defect/biz-defect/src/main/kotlin/com/tencent/bk/codecc/defect/service/impl/DefectAuthTaskServiceImpl.kt
+++ b/src/backend/codecc/core/defect/biz-defect/src/main/kotlin/com/tencent/bk/codecc/defect/service/impl/DefectAuthTaskServiceImpl.kt
@@ -8,9 +8,7 @@ import com.tencent.devops.common.auth.api.pojo.external.KEY_PIPELINE_ID
 import com.tencent.devops.common.auth.api.pojo.external.PREFIX_TASK_INFO
 import com.tencent.devops.common.client.Client
 import com.tencent.devops.common.pojo.GongfengBaseInfo
-import org.slf4j.LoggerFactory
 import org.springframework.beans.factory.annotation.Autowired
-import org.springframework.beans.factory.annotation.Value
 import org.springframework.context.annotation.Primary
 import org.springframework.data.redis.core.RedisTemplate
 import org.springframework.stereotype.Component
@@ -88,6 +86,13 @@ class DefectAuthTaskServiceImpl @Autowired constructor(
             ?: setOf()
     }
 
+    override fun queryPipelineListByProjectId(projectId: String): Set<String> {
+        val request = QueryTaskListReqVO()
+        request.projectId = projectId
+        return client.get(ServiceTaskRestResource::class.java)
+            .batchGetTaskList(request).data?.map { it.pipelineId }?.toSet() ?: setOf()
+    }
+
     override fun queryTaskListForUser(user: String, projectId: String, actions: Set<String>): Set<String> {
         val request = QueryTaskListReqVO()
         request.projectId = projectId
@@ -106,4 +111,9 @@ class DefectAuthTaskServiceImpl @Autowired constructor(
     override fun queryTaskListByPipelineIds(pipelineIds: Set<String>): Set<String> {
         return client.get(ServiceTaskRestResource::class.java).queryTaskListByPipelineIds(pipelineIds).data ?: setOf()
     }
+
+    override fun queryPipelineIdsByTaskIds(taskIds: Set<Long>): Set<String> {
+        return client.get(ServiceTaskRestResource::class.java).getTaskInfosByIds(taskIds.toList()).data
+            ?.filter { it != null && !it.pipelineId.isNullOrEmpty() }?.map { it.pipelineId }?.toSet() ?: emptySet()
+    }
 }
\ No newline at end of file
diff --git a/src/backend/codecc/core/defect/boot-defect/build.gradle.kts b/src/backend/codecc/core/defect/boot-defect/build.gradle.kts
index bee045aca09..2fe2ab3caf9 100644
--- a/src/backend/codecc/core/defect/boot-defect/build.gradle.kts
+++ b/src/backend/codecc/core/defect/boot-defect/build.gradle.kts
@@ -1,7 +1,6 @@
 dependencies {
     api(project(":core:defect:biz-defect-migration"))
-    api(project(":core:common:common-auth-v3"))
-    api(project(":core:common:common-auth-mock"))
+    api(project(":core:common:common-auth"))
     api("org.springframework.boot:spring-boot-starter-test")
     api("org.springframework.boot:spring-boot-starter-undertow")
 }
diff --git a/src/backend/codecc/core/openapi/biz-openapi/build.gradle.kts b/src/backend/codecc/core/openapi/biz-openapi/build.gradle.kts
index 3789dc5665a..909e194f139 100644
--- a/src/backend/codecc/core/openapi/biz-openapi/build.gradle.kts
+++ b/src/backend/codecc/core/openapi/biz-openapi/build.gradle.kts
@@ -5,7 +5,7 @@ dependencies {
     api(project(":core:openapi:api-openapi"))
     api(project(":core:openapi:model-openapi"))
     api(project(":core:common:common-client"))
-    api(group = "com.tencent.bk.devops.ci.project", name="api-project", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.project", name="api-project"){
         isChanging=true
         exclude(group="com.tencent.bk.devops.ci.project", module = "model-project")
         exclude(group="com.tencent.bk.devops.ci.common", module = "common-api")
diff --git a/src/backend/codecc/core/openapi/biz-openapi/src/main/kotlin/com/tencent/bk/codecc/openapi/aspect/ApiAspect.kt b/src/backend/codecc/core/openapi/biz-openapi/src/main/kotlin/com/tencent/bk/codecc/openapi/aspect/ApiAspect.kt
index 7f537c7257a..00a03b59a01 100644
--- a/src/backend/codecc/core/openapi/biz-openapi/src/main/kotlin/com/tencent/bk/codecc/openapi/aspect/ApiAspect.kt
+++ b/src/backend/codecc/core/openapi/biz-openapi/src/main/kotlin/com/tencent/bk/codecc/openapi/aspect/ApiAspect.kt
@@ -1,5 +1,6 @@
 package com.tencent.bk.codecc.openapi.aspect
 
+import com.tencent.bk.codecc.openapi.config.ApiGatewayAuthProperties
 import com.tencent.bk.codecc.openapi.exception.PermissionForbiddenException
 import com.tencent.bk.codecc.openapi.service.AppCodeService
 import com.tencent.bk.codecc.openapi.filter.ApiFilter
@@ -10,6 +11,7 @@ import org.aspectj.lang.annotation.Before
 import org.aspectj.lang.reflect.MethodSignature
 import org.slf4j.LoggerFactory
 import org.springframework.stereotype.Component
+import org.springframework.util.StringUtils
 
 @Aspect
 @Component
@@ -30,7 +32,10 @@ class ApiAspect(
         "execution(* com.tencent.bk.codecc.openapi.resources.*.*(..))"
     ) // 所有controller包下面的所有方法的所有参数
     fun beforeMethod(jp: JoinPoint) {
-
+        val enabled = ApiGatewayAuthProperties.properties?.enabled ?: ""
+        if(!StringUtils.hasLength(enabled) || enabled == "false"){
+            return
+        }
         val methodName: String = jp.signature.name
         logger.info("【前置增强】the method 【$methodName】")
         // 参数value
diff --git a/src/backend/codecc/core/openapi/biz-openapi/src/main/kotlin/com/tencent/bk/codecc/openapi/config/ApiGatewayAuthProperties.kt b/src/backend/codecc/core/openapi/biz-openapi/src/main/kotlin/com/tencent/bk/codecc/openapi/config/ApiGatewayAuthProperties.kt
new file mode 100644
index 00000000000..e674b890b37
--- /dev/null
+++ b/src/backend/codecc/core/openapi/biz-openapi/src/main/kotlin/com/tencent/bk/codecc/openapi/config/ApiGatewayAuthProperties.kt
@@ -0,0 +1,23 @@
+package com.tencent.bk.codecc.openapi.config
+
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.boot.context.properties.ConfigurationProperties
+import org.springframework.stereotype.Component
+import javax.annotation.PostConstruct
+
+@Component
+class ApiGatewayAuthProperties {
+
+    @Value("\${api.gateway.auth.enabled:false}")
+    val enabled: String? = null
+
+    companion object{
+        var properties: ApiGatewayAuthProperties? = null
+    }
+
+    @PostConstruct
+    private fun init(){
+        ApiGatewayAuthProperties.properties = this;
+    }
+
+}
\ No newline at end of file
diff --git a/src/backend/codecc/core/openapi/biz-openapi/src/main/kotlin/com/tencent/bk/codecc/openapi/filter/ApiFilter.kt b/src/backend/codecc/core/openapi/biz-openapi/src/main/kotlin/com/tencent/bk/codecc/openapi/filter/ApiFilter.kt
index d875e7debd8..0b4ddb4162b 100644
--- a/src/backend/codecc/core/openapi/biz-openapi/src/main/kotlin/com/tencent/bk/codecc/openapi/filter/ApiFilter.kt
+++ b/src/backend/codecc/core/openapi/biz-openapi/src/main/kotlin/com/tencent/bk/codecc/openapi/filter/ApiFilter.kt
@@ -1,5 +1,6 @@
 package com.tencent.bk.codecc.openapi.filter
 
+import com.tencent.bk.codecc.openapi.config.ApiGatewayAuthProperties
 import com.tencent.devops.common.api.auth.AUTH_HEADER_DEVOPS_APP_CODE
 import com.tencent.devops.common.api.auth.AUTH_HEADER_DEVOPS_USER_ID
 import com.tencent.devops.common.service.utils.SpringContextUtil
@@ -10,6 +11,7 @@ import net.sf.json.JSONObject
 import org.bouncycastle.jce.provider.BouncyCastleProvider
 import org.bouncycastle.util.io.pem.PemReader
 import org.slf4j.LoggerFactory
+import org.springframework.util.StringUtils
 import java.io.ByteArrayInputStream
 import java.io.InputStreamReader
 import java.security.Security
@@ -24,6 +26,10 @@ import javax.ws.rs.ext.Provider
 @RequestFilter
 class ApiFilter : ContainerRequestFilter {
     fun verifyJWT(requestContext: ContainerRequestContext): Boolean {
+        val enabled = ApiGatewayAuthProperties.properties?.enabled ?: ""
+        if(!StringUtils.hasLength(enabled) || enabled == "false"){
+            return true
+        }
         val bkApiJwt = requestContext.getHeaderString("X-Bkapi-JWT")
         val apigwtType = requestContext.getHeaderString("X-DEVOPS-APIGW-TYPE")
         if (bkApiJwt.isNullOrBlank()) {
diff --git a/src/backend/codecc/core/quartz/biz-quartz/build.gradle.kts b/src/backend/codecc/core/quartz/biz-quartz/build.gradle.kts
index 8647fecd217..fb8ef8e0094 100644
--- a/src/backend/codecc/core/quartz/biz-quartz/build.gradle.kts
+++ b/src/backend/codecc/core/quartz/biz-quartz/build.gradle.kts
@@ -13,7 +13,7 @@ dependencies {
     api("org.quartz-scheduler:quartz-jobs:2.2.3")
     api("org.reflections:reflections")
     api("org.codehaus.groovy:groovy:2.5.3")
-    api(group = "com.tencent.bk.devops.ci.common", name="common-redis", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.common", name="common-redis"){
         isChanging = true
     }
 }
diff --git a/src/backend/codecc/core/quartz/biz-quartz/src/main/kotlin/com/tencent/bk/codecc/quartz/service/impl/ShardingRouterServiceImpl.kt b/src/backend/codecc/core/quartz/biz-quartz/src/main/kotlin/com/tencent/bk/codecc/quartz/service/impl/ShardingRouterServiceImpl.kt
index 5b17a120413..54f02971cec 100644
--- a/src/backend/codecc/core/quartz/biz-quartz/src/main/kotlin/com/tencent/bk/codecc/quartz/service/impl/ShardingRouterServiceImpl.kt
+++ b/src/backend/codecc/core/quartz/biz-quartz/src/main/kotlin/com/tencent/bk/codecc/quartz/service/impl/ShardingRouterServiceImpl.kt
@@ -9,23 +9,22 @@ import com.tencent.bk.codecc.quartz.service.JobManageService
 import com.tencent.bk.codecc.quartz.service.ShardingRouterService
 import com.tencent.bk.codecc.quartz.strategy.router.EnumRouterStrategy
 import com.tencent.bk.codecc.quartz.strategy.sharding.EnumShardingStrategy
+import com.tencent.devops.common.client.discovery.DiscoveryUtils
 import com.tencent.devops.common.service.Profile
 import org.quartz.Scheduler
 import org.quartz.impl.matchers.GroupMatcher
 import org.slf4j.LoggerFactory
 import org.springframework.beans.factory.annotation.Autowired
-import org.springframework.cloud.client.ServiceInstance
 import org.springframework.cloud.client.discovery.DiscoveryClient
-import org.springframework.cloud.client.serviceregistry.Registration
 import org.springframework.stereotype.Service
 
 @Service
 class ShardingRouterServiceImpl @Autowired constructor(
     private val discoveryClient: DiscoveryClient,
-    private val registration: Registration,
     private val profile: Profile,
     private val scheduler : Scheduler,
-    private val jobManageService: JobManageService
+    private val jobManageService: JobManageService,
+    private val discoveryUtils: DiscoveryUtils
 ) : ShardingRouterService {
 
     companion object {
@@ -42,9 +41,10 @@ class ShardingRouterServiceImpl @Autowired constructor(
             discoveryClient.getInstances(serviceName)
         //取本地服务
         logger.info("successfully get instance list and local instance!")
-        getInstanceList(instances, registration)
         //按照特定分片算法计算分片信息
-        val shardingResult = enumShardingStrategy.getShardingStrategy().shardInstances(instances, registration)
+        val shardingResult = enumShardingStrategy.getShardingStrategy().shardInstances(
+            instances, discoveryUtils
+        )
         logger.info("shard info: ${shardingResult.currentShard}, node info: ${shardingResult.currentNode}")
         //缓存分片信息
         enumShardingStrategy.getShardingStrategy().setPreviousShardingResultIfNull(shardingResult)
@@ -92,9 +92,10 @@ class ShardingRouterServiceImpl @Autowired constructor(
         val instances =
             discoveryClient.getInstances(serviceName)
         //取本地服务
-        getInstanceList(instances, registration)
         val oldShardingResult = enumShardingStrategy.getShardingStrategy().getShardingResult()!!
-        val newShardingResult = enumShardingStrategy.getShardingStrategy().shardInstances(instances, registration)
+        val newShardingResult = enumShardingStrategy.getShardingStrategy().shardInstances(
+            instances, discoveryUtils
+        )
         val jobsNeedToAdd = mutableListOf<JobInstanceEntity>()
         val jobsNeedToRemove = mutableListOf<JobInstanceEntity>()
         var shardChangeFlag = 0
@@ -166,16 +167,4 @@ class ShardingRouterServiceImpl @Autowired constructor(
         }
         return JobInstancesChangeInfo(jobsNeedToAdd, jobsNeedToRemove)
     }
-
-    private fun getInstanceList(
-        instances: MutableList<ServiceInstance>,
-        localInstance: ServiceInstance
-    ) {
-        val specificInstance = instances.find { it.host == localInstance.host && it.port == localInstance.port }
-        if (null == specificInstance) {
-            instances.add(localInstance)
-        } else {
-            instances[instances.indexOf(specificInstance)] = localInstance
-        }
-    }
-}
\ No newline at end of file
+}
diff --git a/src/backend/codecc/core/quartz/biz-quartz/src/main/kotlin/com/tencent/bk/codecc/quartz/strategy/sharding/AbstractShardingStrategy.kt b/src/backend/codecc/core/quartz/biz-quartz/src/main/kotlin/com/tencent/bk/codecc/quartz/strategy/sharding/AbstractShardingStrategy.kt
index 8fec8585e1c..bbe3d5959d2 100644
--- a/src/backend/codecc/core/quartz/biz-quartz/src/main/kotlin/com/tencent/bk/codecc/quartz/strategy/sharding/AbstractShardingStrategy.kt
+++ b/src/backend/codecc/core/quartz/biz-quartz/src/main/kotlin/com/tencent/bk/codecc/quartz/strategy/sharding/AbstractShardingStrategy.kt
@@ -1,6 +1,7 @@
 package com.tencent.bk.codecc.quartz.strategy.sharding
 
 import com.tencent.bk.codecc.quartz.pojo.ShardingResult
+import com.tencent.devops.common.client.discovery.DiscoveryUtils
 import org.springframework.cloud.client.ServiceInstance
 
 abstract class AbstractShardingStrategy {
@@ -9,7 +10,7 @@ abstract class AbstractShardingStrategy {
 
     abstract fun shardInstances(
         instanceList: List<ServiceInstance>,
-        localInstance: ServiceInstance
+        discoveryUtils : DiscoveryUtils
     ): ShardingResult
 
     fun setPreviousShardingResultIfNull(shardingResult: ShardingResult) {
diff --git a/src/backend/codecc/core/quartz/biz-quartz/src/main/kotlin/com/tencent/bk/codecc/quartz/strategy/sharding/impl/AscendShardingStrategy.kt b/src/backend/codecc/core/quartz/biz-quartz/src/main/kotlin/com/tencent/bk/codecc/quartz/strategy/sharding/impl/AscendShardingStrategy.kt
index d7111fadf2b..1520bf58eab 100644
--- a/src/backend/codecc/core/quartz/biz-quartz/src/main/kotlin/com/tencent/bk/codecc/quartz/strategy/sharding/impl/AscendShardingStrategy.kt
+++ b/src/backend/codecc/core/quartz/biz-quartz/src/main/kotlin/com/tencent/bk/codecc/quartz/strategy/sharding/impl/AscendShardingStrategy.kt
@@ -4,14 +4,18 @@ import com.tencent.bk.codecc.quartz.pojo.NodeInfo
 import com.tencent.bk.codecc.quartz.pojo.ShardInfo
 import com.tencent.bk.codecc.quartz.pojo.ShardingResult
 import com.tencent.bk.codecc.quartz.strategy.sharding.AbstractShardingStrategy
+import com.tencent.devops.common.client.discovery.DiscoveryUtils
 import org.springframework.cloud.client.ServiceInstance
 
 class AscendShardingStrategy : AbstractShardingStrategy() {
 
-    override fun shardInstances(instanceList: List<ServiceInstance>, localInstance: ServiceInstance): ShardingResult {
+    override fun shardInstances(instanceList: List<ServiceInstance>,
+                                discoveryUtils : DiscoveryUtils
+    ): ShardingResult {
         //获取分片map
-        val shardMap = instanceList.groupBy { originInstances -> originInstances.metadata.values.firstOrNull() ?: "" }
-            .entries.sortedBy { it.key }
+        val shardMap = instanceList.groupBy { originInstances ->
+            discoveryUtils.getInstanceTags(originInstances).firstOrNull() ?: ""
+        }.entries.sortedBy { it.key }
         //获取分片总数
         val currentShardCount = shardMap.size
         //处理每个分片节点信息
@@ -28,8 +32,11 @@ class AscendShardingStrategy : AbstractShardingStrategy() {
                     )
                 })
         }
+        val localInstance = discoveryUtils.getRegistration()
         //获取当前分片
-        val currentShard = shardList.find { it.tag == localInstance.metadata.values.firstOrNull() ?: "" }!!
+        val currentShard = shardList.find {
+            it.tag == (discoveryUtils.getRegistrationTags(localInstance).firstOrNull() ?: "")
+        }!!
         //获取节点数
         val currentNode =
             shardList[currentShard.shardNum - 1].nodeList.find { it.host == localInstance.host && it.port == localInstance.port }!!
diff --git a/src/backend/codecc/core/quartz/biz-quartz/src/main/kotlin/com/tencent/bk/codecc/quartz/strategy/sharding/impl/StandaloneShardingStrategy.kt b/src/backend/codecc/core/quartz/biz-quartz/src/main/kotlin/com/tencent/bk/codecc/quartz/strategy/sharding/impl/StandaloneShardingStrategy.kt
index 4e62e3cfca7..8324c4f61b7 100644
--- a/src/backend/codecc/core/quartz/biz-quartz/src/main/kotlin/com/tencent/bk/codecc/quartz/strategy/sharding/impl/StandaloneShardingStrategy.kt
+++ b/src/backend/codecc/core/quartz/biz-quartz/src/main/kotlin/com/tencent/bk/codecc/quartz/strategy/sharding/impl/StandaloneShardingStrategy.kt
@@ -4,11 +4,13 @@ import com.tencent.bk.codecc.quartz.pojo.NodeInfo
 import com.tencent.bk.codecc.quartz.pojo.ShardInfo
 import com.tencent.bk.codecc.quartz.pojo.ShardingResult
 import com.tencent.bk.codecc.quartz.strategy.sharding.AbstractShardingStrategy
+import com.tencent.devops.common.client.discovery.DiscoveryUtils
 import org.springframework.cloud.client.ServiceInstance
 
 class StandaloneShardingStrategy : AbstractShardingStrategy() {
 
-    override fun shardInstances(instanceList: List<ServiceInstance>, localInstance: ServiceInstance): ShardingResult {
+    override fun shardInstances(instanceList: List<ServiceInstance>,
+                                discoveryUtils : DiscoveryUtils): ShardingResult {
         val shardList = instanceList.mapIndexed { index, serviceInstance ->
             ShardInfo(
                 shardNum = index + 1,
@@ -23,7 +25,7 @@ class StandaloneShardingStrategy : AbstractShardingStrategy() {
                 )
             )
         }
-
+        val localInstance = discoveryUtils.getRegistration()
         val currentShard = shardList.find { it.tag == "${localInstance.host}:${localInstance.port}" }!!
         val currentShardCount = shardList.size
         val currentNode = currentShard.nodeList[0]
diff --git a/src/backend/codecc/core/quartz/sdk-quartz/build.gradle.kts b/src/backend/codecc/core/quartz/sdk-quartz/build.gradle.kts
index 1e23a269b48..6d95bf0a467 100644
--- a/src/backend/codecc/core/quartz/sdk-quartz/build.gradle.kts
+++ b/src/backend/codecc/core/quartz/sdk-quartz/build.gradle.kts
@@ -4,7 +4,7 @@ dependencies {
     api(project(":core:common:common-client"))
     api(project(":core:task:api-task"))
     api(project(":core:defect:api-defect"))
-    api(group = "com.tencent.bk.devops.ci.process", name="api-process", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.process", name="api-process"){
         isChanging=true
     }
 }
diff --git a/src/backend/codecc/core/task/api-task/build.gradle.kts b/src/backend/codecc/core/task/api-task/build.gradle.kts
index d8f3b27cc53..1ab9195ac5d 100644
--- a/src/backend/codecc/core/task/api-task/build.gradle.kts
+++ b/src/backend/codecc/core/task/api-task/build.gradle.kts
@@ -1,4 +1,4 @@
 dependencies {
     api(project(":core:common:common-api"))
-    api(project(":core:common:common-auth-api"))
+    api(project(":core:common:common-auth:common-auth-api"))
 }
diff --git a/src/backend/codecc/core/task/biz-task-migration/build.gradle.kts b/src/backend/codecc/core/task/biz-task-migration/build.gradle.kts
index fa3c79ee8ac..7fa018a8885 100644
--- a/src/backend/codecc/core/task/biz-task-migration/build.gradle.kts
+++ b/src/backend/codecc/core/task/biz-task-migration/build.gradle.kts
@@ -6,34 +6,34 @@ plugins {
 dependencies {
     api(project(":core:task:biz-task"))
     api(group = "org.apache.lucene", name = "lucene-core", version = "8.6.0")
-    api(group = "com.tencent.bk.devops.ci.process", name = "api-process", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.process", name = "api-process"){
         isChanging=true
     }
-    api(group = "com.tencent.bk.devops.ci.repository", name = "api-repository", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.repository", name = "api-repository"){
         isChanging=true
     }
-    api(group = "com.tencent.bk.devops.ci.project", name = "api-project", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.project", name = "api-project"){
         isChanging=true
         exclude(group="com.tencent.bk.devops.ci.project", module = "model-project")
         exclude(group="com.tencent.bk.devops.ci.common", module = "common-api")
         exclude(group="com.tencent.bk.devops.ci.common", module = "common-auth")
     }
-    api(group = "com.tencent.bk.devops.ci.plugin", name = "api-plugin", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.plugin", name = "api-plugin"){
         isChanging=true
     }
-    api(group = "com.tencent.bk.devops.ci.notify", name = "api-notify", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.notify", name = "api-notify"){
         isChanging=true
     }
-    api(group = "com.tencent.bk.devops.ci.plugin", name = "common-codecc", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.plugin", name = "common-codecc"){
         isChanging=true
     }
-    api(group = "com.tencent.bk.devops.ci.plugin", name = "api-codecc", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.plugin", name = "api-codecc"){
         isChanging=true
     }
-    api(group = "com.tencent.bk.devops.ci.project", name = "api-project", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.project", name = "api-project"){
         isChanging=true
     }
-    api(group = "com.tencent.bk.devops.ci.common", name = "common-pipeline", version = Versions.devopsVersion)
+    api(group = "com.tencent.bk.devops.ci.common", name = "common-pipeline")
     api(group = "com.vdurmont", name = "emoji-java",version = "5.1.1")
     api(group = "org.apache.commons", name = "commons-csv",version = "1.9.0")
 }
diff --git a/src/backend/codecc/core/task/biz-task-migration/src/main/kotlin/com/tencent/bk/codecc/task/service/impl/PipelineServiceImpl.kt b/src/backend/codecc/core/task/biz-task-migration/src/main/kotlin/com/tencent/bk/codecc/task/service/impl/PipelineServiceImpl.kt
index a8cb40211c1..fbb0032c249 100644
--- a/src/backend/codecc/core/task/biz-task-migration/src/main/kotlin/com/tencent/bk/codecc/task/service/impl/PipelineServiceImpl.kt
+++ b/src/backend/codecc/core/task/biz-task-migration/src/main/kotlin/com/tencent/bk/codecc/task/service/impl/PipelineServiceImpl.kt
@@ -1195,7 +1195,13 @@ open class PipelineServiceImpl @Autowired constructor(
             logger.error("get repo list fail!")
             throw CodeCCException(CommonMessageCode.BLUE_SHIELD_INTERNAL_ERROR)
         }
-        return repoResult.data!!.map { (repositoryHashId, aliasName, url, type, _, _, _, authType) ->
+        val supportRepoType = listOf<String>(ScmType.CODE_GIT.name,
+            ScmType.CODE_GITLAB.name,
+            ScmType.CODE_SVN.name,
+            ScmType.GITHUB.name)
+        return repoResult.data!!.filter { repo ->
+            supportRepoType.contains(repo.type.name)
+        }.map { (repositoryHashId, aliasName, url, type, _, _, _, authType) ->
             val repoInfoVO = RepoInfoVO()
             repoInfoVO.repoHashId = repositoryHashId
             repoInfoVO.url = url
diff --git a/src/backend/codecc/core/task/biz-task/build.gradle.kts b/src/backend/codecc/core/task/biz-task/build.gradle.kts
index ff220d41064..ad45a0a87d8 100644
--- a/src/backend/codecc/core/task/biz-task/build.gradle.kts
+++ b/src/backend/codecc/core/task/biz-task/build.gradle.kts
@@ -4,7 +4,7 @@ dependencies {
     api(project(":core:common:common-client"))
     api(project(":core:common:common-util"))
     api(project(":core:common:common-db"))
-    api(project(":core:common:common-auth-api"))
+    api(project(":core:common:common-auth:common-auth-api"))
     api(project(":core:common:common-redis"))
     api(project(":core:task:model-task"))
     api(project(":core:task:api-task"))
@@ -12,13 +12,13 @@ dependencies {
     api(project(":core:quartz:api-quartz"))
     api("org.json:json:20180130")
     api("org.redisson:redisson")
-    api(group = "com.tencent.bk.devops.ci.image", name = "api-image", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.image", name = "api-image"){
         isChanging=true
     }
-    api(group = "com.tencent.bk.devops.ci.project", name = "api-project", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.project", name = "api-project"){
         isChanging=true
     }
-    api(group = "com.tencent.bk.devops.ci.process", name = "api-process", version = Versions.devopsVersion){
+    api(group = "com.tencent.bk.devops.ci.process", name = "api-process"){
         isChanging=true
     }
 }
diff --git a/src/backend/codecc/core/task/biz-task/src/main/java/com/tencent/bk/codecc/task/resources/ServiceTaskRestResourceImpl.java b/src/backend/codecc/core/task/biz-task/src/main/java/com/tencent/bk/codecc/task/resources/ServiceTaskRestResourceImpl.java
index 6a920f598e5..6938d235314 100644
--- a/src/backend/codecc/core/task/biz-task/src/main/java/com/tencent/bk/codecc/task/resources/ServiceTaskRestResourceImpl.java
+++ b/src/backend/codecc/core/task/biz-task/src/main/java/com/tencent/bk/codecc/task/resources/ServiceTaskRestResourceImpl.java
@@ -53,7 +53,6 @@
 import com.tencent.bk.codecc.task.vo.scanconfiguration.ScanConfigurationVO;
 import com.tencent.bk.codecc.task.vo.tianyi.QueryMyTasksReqVO;
 import com.tencent.bk.codecc.task.vo.tianyi.TaskInfoVO;
-import com.tencent.devops.common.api.CommonPageVO;
 import com.tencent.devops.common.api.QueryTaskListReqVO;
 import com.tencent.devops.common.api.ToolMetaBaseVO;
 import com.tencent.devops.common.api.exception.CodeCCException;
diff --git a/src/backend/codecc/core/task/biz-task/src/main/java/com/tencent/bk/codecc/task/resources/UserTaskRestResourceImpl.java b/src/backend/codecc/core/task/biz-task/src/main/java/com/tencent/bk/codecc/task/resources/UserTaskRestResourceImpl.java
index 047b08766b4..335c33af694 100644
--- a/src/backend/codecc/core/task/biz-task/src/main/java/com/tencent/bk/codecc/task/resources/UserTaskRestResourceImpl.java
+++ b/src/backend/codecc/core/task/biz-task/src/main/java/com/tencent/bk/codecc/task/resources/UserTaskRestResourceImpl.java
@@ -57,7 +57,6 @@
 import com.tencent.bk.codecc.task.vo.TreeNodeTaskVO;
 import com.tencent.bk.codecc.task.vo.path.CodeYmlFilterPathVO;
 import com.tencent.bk.codecc.task.vo.scanconfiguration.ScanConfigurationVO;
-import com.tencent.devops.common.api.enums.RepositoryType;
 import com.tencent.devops.common.api.exception.CodeCCException;
 import com.tencent.devops.common.api.pojo.Result;
 import com.tencent.devops.common.auth.api.pojo.external.CodeCCAuthAction;
@@ -67,8 +66,6 @@
 import com.tencent.devops.common.web.security.AuthMethod;
 import java.util.List;
 
-import com.tencent.devops.repository.api.ServiceRepositoryResource;
-import com.tencent.devops.repository.pojo.Repository;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
diff --git a/src/backend/codecc/core/task/biz-task/src/main/kotlin/com/tencent/bk/codecc/task/schedule/AccessTokenRefreshJob.kt b/src/backend/codecc/core/task/biz-task/src/main/kotlin/com/tencent/bk/codecc/task/schedule/AccessTokenRefreshJob.kt
index 93dbeab7be0..be8958091ac 100644
--- a/src/backend/codecc/core/task/biz-task/src/main/kotlin/com/tencent/bk/codecc/task/schedule/AccessTokenRefreshJob.kt
+++ b/src/backend/codecc/core/task/biz-task/src/main/kotlin/com/tencent/bk/codecc/task/schedule/AccessTokenRefreshJob.kt
@@ -1,10 +1,5 @@
 package com.tencent.bk.codecc.task.schedule
 
-import com.tencent.devops.common.auth.api.pojo.external.KEY_BACKEND_ACCESS_TOKEN
-import com.tencent.devops.common.redis.lock.RedisLock
-import com.tencent.devops.common.util.OkhttpUtils
-import org.apache.commons.lang.StringUtils
-import org.json.JSONObject
 import org.slf4j.LoggerFactory
 import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.beans.factory.annotation.Value
diff --git a/src/backend/codecc/core/task/biz-task/src/main/kotlin/com/tencent/bk/codecc/task/service/impl/AuthTaskServiceImpl.kt b/src/backend/codecc/core/task/biz-task/src/main/kotlin/com/tencent/bk/codecc/task/service/impl/AuthTaskServiceImpl.kt
index 6eece171ac3..5eac04ec2b4 100644
--- a/src/backend/codecc/core/task/biz-task/src/main/kotlin/com/tencent/bk/codecc/task/service/impl/AuthTaskServiceImpl.kt
+++ b/src/backend/codecc/core/task/biz-task/src/main/kotlin/com/tencent/bk/codecc/task/service/impl/AuthTaskServiceImpl.kt
@@ -70,6 +70,10 @@ class AuthTaskServiceImpl @Autowired constructor(
         return taskRepository.findByProjectId(projectId).filter { it.taskMember.contains(user) }.map { it.pipelineId }.toSet()
     }
 
+    override fun queryPipelineListByProjectId(projectId: String): Set<String> {
+        return taskRepository.findByProjectId(projectId).map { it.pipelineId }.toSet()
+    }
+
     override fun queryTaskListForUser(user: String, projectId: String, actions: Set<String>): Set<String> {
         return taskRepository.findByProjectId(projectId).map { it.taskId.toString() }.toSet()
     }
@@ -83,4 +87,8 @@ class AuthTaskServiceImpl @Autowired constructor(
     override fun queryTaskListByPipelineIds(pipelineIds: Set<String>): Set<String> {
         return taskRepository.findByPipelineIdIn(pipelineIds).map { it.taskId.toString() }.toSet()
     }
+
+    override fun queryPipelineIdsByTaskIds(taskIds: Set<Long>): Set<String> {
+        return taskRepository.findByTaskIdIn(taskIds).filter { it.pipelineId != null }.map { it.pipelineId }.toSet()
+    }
 }
\ No newline at end of file
diff --git a/src/backend/codecc/core/task/boot-task/build.gradle.kts b/src/backend/codecc/core/task/boot-task/build.gradle.kts
index 0d98c4bedd0..1c4549cb030 100644
--- a/src/backend/codecc/core/task/boot-task/build.gradle.kts
+++ b/src/backend/codecc/core/task/boot-task/build.gradle.kts
@@ -1,5 +1,4 @@
 dependencies {
-    api(project(":core:common:common-auth-v3"))
-    api(project(":core:common:common-auth-mock"))
+    api(project(":core:common:common-auth"))
     api(project(":core:task:biz-task-migration"))
 }
diff --git a/src/backend/codecc/core/task/build.gradle.kts b/src/backend/codecc/core/task/build.gradle.kts
index b682bc53e9c..c87783f58b3 100644
--- a/src/backend/codecc/core/task/build.gradle.kts
+++ b/src/backend/codecc/core/task/build.gradle.kts
@@ -9,7 +9,7 @@ subprojects {
 
     dependencies {
         api("org.glassfish.jersey.ext:jersey-bean-validation")
-        api(group = "com.tencent.bk.devops.ci.repository", name = "api-repository", version = Versions.devopsVersion){
+        api(group = "com.tencent.bk.devops.ci.repository", name = "api-repository"){
             isChanging = true
         }
     }
diff --git a/src/backend/codecc/settings.gradle.kts b/src/backend/codecc/settings.gradle.kts
index 93280393173..6a4d6580167 100644
--- a/src/backend/codecc/settings.gradle.kts
+++ b/src/backend/codecc/settings.gradle.kts
@@ -37,9 +37,11 @@ include (":core:common:common-db")
 include (":core:common:common-service")
 include (":core:common:common-web")
 include (":core:common:common-util")
-include (":core:common:common-auth-api")
-include (":core:common:common-auth-mock")
-include (":core:common:common-auth-v3")
+include (":core:common:common-auth")
+include (":core:common:common-auth:common-auth-api")
+include (":core:common:common-auth:common-auth-mock")
+include (":core:common:common-auth:common-auth-v3")
+include (":core:common:common-auth:common-auth-github")
 include (":core:common:common-redis")
 include (":core:common:common-event")
 include( "core:common:common-storage")
diff --git a/support-files/codecc/kubernetes/images/build.sh b/support-files/codecc/kubernetes/images/build.sh
index f69a6b4f131..387f87ae1fc 100644
--- a/support-files/codecc/kubernetes/images/build.sh
+++ b/support-files/codecc/kubernetes/images/build.sh
@@ -15,17 +15,19 @@ INIT=0
 VERSION=latest
 PUSH=0
 REGISTRY=docker.io
+NAMESPACE=bkce/codecc
+PERFIX=
 USERNAME=
 PASSWORD=
-BACKENDS=(task defect apiquery codeccjob openapi)
-DEFECT_BACKENDS=(defect report opensourcereport asyncreport)
+BACKENDS=(task defect apiquery codeccjob openapi quartz schedule)
+DEFECT_BACKENDS=(defect report asyncreport)
 
 cd $(dirname $0)
 WORKING_DIR=$(pwd)
-ROOT_DIR=${WORKING_DIR%/*/*/*}
+ROOT_DIR=${WORKING_DIR%/*/*/*/*}
 BACKEND_DIR=$ROOT_DIR/src/backend/codecc
-FRONTEND_DIR=$ROOT_DIR/src/frontend
-GATEWAY_DIR=$ROOT_DIR/support-files/kubernetes/images/gateway/conf
+FRONTEND_DIR=$ROOT_DIR/src/frontend/devops-codecc
+GATEWAY_DIR=$ROOT_DIR/support-files/codecc/kubernetes/images/gateway
 
 usage () {
     cat <<EOF
@@ -90,6 +92,14 @@ while (( $# > 0 )); do
             shift
             REGISTRY=$1
             ;;
+        -n | --namespace )
+            shift
+            NAMESPACE=$1
+            ;;
+        --perfix )
+            shift
+            PERFIX=$1
+            ;;
         --username )
             shift
             USERNAME=$1
@@ -132,14 +142,14 @@ if [[ $ALL -eq 1 || $GATEWAY -eq 1 ]] ; then
     cd $WORKING_DIR
     rm -rf tmp/*
     cp -rf $FRONTEND_DIR/dist tmp/frontend
-    cp -rf $GATEWAY_DIR tmp/gateway
-    cp -rf gateway/startup.sh tmp/
-    cp -rf $ROOT_DIR/scripts/render_tpl tmp/
-    cp -rf $ROOT_DIR/scripts/codecc.env tmp/
-    cp -rf $ROOT_DIR/support-files/templates tmp/
-    docker build -f gateway/gateway.Dockerfile -t $REGISTRY/bkce/codecc/gateway:$VERSION tmp --network=host
+    cp -rf $GATEWAY_DIR/conf tmp/gateway
+    cp -rf $GATEWAY_DIR/startup.sh tmp/
+    cp -rf $GATEWAY_DIR/scripts/render_tpl tmp/
+    cp -rf $GATEWAY_DIR/scripts/codecc.env tmp/
+    cp -rf $GATEWAY_DIR/templates tmp/
+    docker build -f gateway/gateway.Dockerfile -t $REGISTRY/$NAMESPACE/${PERFIX}gateway:$VERSION tmp --network=host
     if [[ $PUSH -eq 1 ]] ; then
-        docker push $REGISTRY/bkce/codecc/gateway:$VERSION
+        docker push $REGISTRY/$NAMESPACE/${PERFIX}gateway:$VERSION
     fi
 fi
 
@@ -156,18 +166,18 @@ if [[ $ALL -eq 1 || $BACKEND -eq 1 ]] ; then
                 rm -rf tmp/*
                 cp backend/startup.sh tmp/
                 cp $BACKEND_DIR/release/boot-$SERVICE.jar tmp/app.jar
-                docker build -f backend/backend.Dockerfile -t $REGISTRY/bkce/codecc/$SERVICE_NAME:$VERSION tmp --network=host
+                docker build -f backend/backend.Dockerfile -t $REGISTRY/$NAMESPACE/${PERFIX}$SERVICE_NAME:$VERSION tmp --network=host
                 if [[ $PUSH -eq 1 ]] ; then
-                    docker push $REGISTRY/bkce/codecc/$SERVICE_NAME:$VERSION
+                    docker push $REGISTRY/$NAMESPACE/${PERFIX}$SERVICE_NAME:$VERSION
                 fi
             done
         else
             rm -rf tmp/*
             cp backend/startup.sh tmp/
             cp $BACKEND_DIR/release/boot-$SERVICE.jar tmp/app.jar
-            docker build -f backend/backend.Dockerfile -t $REGISTRY/bkce/codecc/$SERVICE:$VERSION tmp --network=host
+            docker build -f backend/backend.Dockerfile -t $REGISTRY/$NAMESPACE/${PERFIX}$SERVICE:$VERSION tmp --network=host
             if [[ $PUSH -eq 1 ]] ; then
-                docker push $REGISTRY/bkce/codecc/$SERVICE:$VERSION
+                docker push $REGISTRY/$NAMESPACE/${PERFIX}$SERVICE:$VERSION
             fi            
         fi
     done
@@ -175,13 +185,30 @@ fi
 
 # 构建init镜像
 if [[ $ALL -eq 1 || $INIT -eq 1 ]] ; then
-    log "构建init镜像..."
+    log "构建mongo镜像..."
     rm -rf tmp/*
     cp -rf mongodb/init-mongodb.sh tmp/
     cp -rf mongodb/nosql tmp/
-    docker build -f mongodb/init.Dockerfile -t $REGISTRY/bkce/codecc/codecc-init:$VERSION tmp --no-cache --network=host
+    docker build -f mongodb/init.Dockerfile -t $REGISTRY/$NAMESPACE/${PERFIX}mongo-init:$VERSION tmp --no-cache --network=host
+    if [[ $PUSH -eq 1 ]] ; then
+        docker push $REGISTRY/$NAMESPACE/${PERFIX}mongo-init:$VERSION
+    fi
+
+    log "构建storage镜像..."
+    rm -rf tmp/*
+    cp -rf storage/init-storage.sh tmp/
+    docker build -f storage/init.Dockerfile -t $REGISTRY/$NAMESPACE/${PERFIX}storage-init:$VERSION tmp --no-cache --network=host
+    if [[ $PUSH -eq 1 ]] ; then
+        docker push $REGISTRY/$NAMESPACE/${PERFIX}storage-init:$VERSION
+    fi
+
+    log "构建entrance镜像..."
+    rm -rf tmp/*
+    cp -rf entrance/init-entrance.sh tmp/
+    docker build -f entrance/init.Dockerfile -t $REGISTRY/$NAMESPACE/${PERFIX}entrance-init:$VERSION tmp --no-cache --network=host
     if [[ $PUSH -eq 1 ]] ; then
-        docker push $REGISTRY/bkce/codecc/codecc-init:$VERSION
+        docker push $REGISTRY/$NAMESPACE/${PERFIX}entrance-init:$VERSION
     fi
+    
 fi
 echo "BUILD SUCCESSFUL!"
diff --git a/support-files/codecc/kubernetes/images/gateway/conf/lua/auth/auth_user-github.lua b/support-files/codecc/kubernetes/images/gateway/conf/lua/auth/auth_user-github.lua
new file mode 100644
index 00000000000..8b905dc592d
--- /dev/null
+++ b/support-files/codecc/kubernetes/images/gateway/conf/lua/auth/auth_user-github.lua
@@ -0,0 +1,71 @@
+-- Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available.
+-- Copyright (C) 2019 THL A29 Limited, a Tencent company.  All rights reserved.
+-- BK-CI 蓝鲸持续集成平台 is licensed under the MIT license.
+-- A copy of the MIT License is included in this file.
+-- Terms of the MIT License:
+-- ---------------------------------------------------
+-- Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+-- The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+-- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+--- Github登录对接
+--- 获取Cookie中bk_token
+local ci_login_token, err = cookieUtil:get_cookie("X-DEVOPS-CI-LOGIN-TOKEN")
+if not ci_login_token then
+    ngx.log(ngx.STDERR, "failed to read user request ci_login_token: ", err)
+    ngx.exit(401)
+    return
+end
+
+--- 校验信息
+local user_cache = ngx.shared.user_info_store
+local user_cache_value = user_cache:get(ci_login_token)
+if user_cache_value == nil then
+    --- 初始化HTTP连接
+    local httpc = http.new()
+    --- 开始连接
+    httpc:set_timeout(3000)
+    httpc:connect(config.bkci.host, config.bkci.port)
+    local res, err = httpc:request({
+        path = '/auth/api/external/third/login/verifyToken',
+        method = "GET",
+        headers = {
+            ["Host"] = config.bkci.host,
+            ["Accept"] = "application/json",
+            ["Content-Type"] = "application/json",
+            ["X-DEVOPS-CI-LOGIN-TOKEN"] = ci_login_token
+        }
+    })
+    --- 判断是否出错了
+    if not res then
+        ngx.log(ngx.ERR, "failed to request get_ticket: ", err)
+        ngx.exit(401)
+        return
+    end
+    --- 判断返回的状态码是否是200
+    if res.status ~= 200 then
+        ngx.log(ngx.STDERR, "failed to request get_ticket, status: ", res.status)
+        ngx.exit(401)
+        return
+    end
+    --- 获取所有回复
+    local responseBody = res:read_body()
+    --- 设置HTTP保持连接
+    httpc:set_keepalive(60000, 5)
+    --- 转换JSON的返回数据为TABLE
+    local result = json.decode(responseBody)
+    --- 判断JSON转换是否成功
+    if result == nil then
+        ngx.log(ngx.ERR, "failed to parse get_ticket response：", responseBody)
+        ngx.exit(500)
+        return
+    end
+    local user_id = result.data
+    user_cache:set(ci_login_token, user_id, 60)
+    user_cache_value = user_id
+end
+
+--- 设置用户信息
+ngx.header["x-devops-uid"] = user_cache_value
+ngx.header["x-devops-bk-token"] = ci_login_token
+ngx.header["x-devops-access-token"] = ci_login_token
+ngx.exit(200)
diff --git a/support-files/codecc/kubernetes/images/gateway/templates/gateway#lua#init.lua b/support-files/codecc/kubernetes/images/gateway/templates/gateway#lua#init.lua
index 2da2a625260..64e13084013 100644
--- a/support-files/codecc/kubernetes/images/gateway/templates/gateway#lua#init.lua
+++ b/support-files/codecc/kubernetes/images/gateway/templates/gateway#lua#init.lua
@@ -50,7 +50,8 @@ config = {
     url = "__BK_CI_GATEWAY_SSM_TOKEN_URL__",     -- 接口路径
     app_code = "__BK_CI_APP_CODE__",
     app_secret = "__BK_CI_APP_TOKEN__"
-  }
+  },
+  bkci = {host = "__BK_CI_FQDN__", port = 80},
 }
   
 require("init_common")
diff --git a/support-files/codecc/kubernetes/images/mongodb/init-mongodb.sh b/support-files/codecc/kubernetes/images/mongodb/init-mongodb.sh
index cc066f3e1b3..d3a66db1d0e 100644
--- a/support-files/codecc/kubernetes/images/mongodb/init-mongodb.sh
+++ b/support-files/codecc/kubernetes/images/mongodb/init-mongodb.sh
@@ -1,10 +1,10 @@
 #!/bin/bash
 
-mongoimport --host $CODECC_HOST --port 27017 --username $CODECC_USERNAME --password $CODECC_PASSWORD  --authenticationDatabase db_defect --db db_defect --collection t_checker_detail nosql/0001_codecc_db_defect_t_checker_detail_mongo.json
-mongoimport --host $CODECC_HOST --port 27017 --username $CODECC_USERNAME --password $CODECC_PASSWORD  --authenticationDatabase db_task --db db_task --collection t_base_data nosql/0001_codecc_db_task_t_base_data_mongo.json
-mongoimport --host $CODECC_HOST --port 27017 --username $CODECC_USERNAME --password $CODECC_PASSWORD  --authenticationDatabase db_defect --db db_defect --collection t_checker_set nosql/0002_codecc_db_defect_t_checker_set_mongo.json
-mongoimport --host $CODECC_HOST --port 27017 --username $CODECC_USERNAME --password $CODECC_PASSWORD  --authenticationDatabase db_task --db db_task --collection t_tool_meta nosql/0002_codecc_db_task_t_tool_meta_mongo.json
-mongoimport --host $CODECC_HOST --port 27017 --username $CODECC_USERNAME --password $CODECC_PASSWORD  --authenticationDatabase db_defect --db db_defect --collection t_red_line_meta nosql/0003_codecc_db_defect_t_red_line_meta_mongo.json
-mongoimport --host $CODECC_HOST --port 27017 --username $CODECC_USERNAME --password $CODECC_PASSWORD  --authenticationDatabase db_defect --db db_defect --collection t_checker_package nosql/0004_codecc_db_defect_t_checker_package_mongo.json
-mongoimport --host $CODECC_HOST --port 27017 --username $CODECC_USERNAME --password $CODECC_PASSWORD  --authenticationDatabase db_defect --db db_defect --collection t_checker_detail nosql/0006_codecc_db_defect_t_checker_detail_mongo.json
-mongoimport --host $CODECC_HOST --port 27017 --username $CODECC_USERNAME --password $CODECC_PASSWORD  --authenticationDatabase db_quartz --db db_quartz --collection t_job_instance nosql/0007_codecc_db_quartz_t_job_instance_mongo.json
\ No newline at end of file
+mongoimport --host $CODECC_HOST --port $CODECC_PORT --username $CODECC_USERNAME --password $CODECC_PASSWORD  --authenticationDatabase $CODECC_AUTH_DB_DEFECT --db db_defect --collection t_checker_detail nosql/0001_codecc_db_defect_t_checker_detail_mongo.json
+mongoimport --host $CODECC_HOST --port $CODECC_PORT --username $CODECC_USERNAME --password $CODECC_PASSWORD  --authenticationDatabase $CODECC_AUTH_DB_TASK --db db_task --collection t_base_data nosql/0001_codecc_db_task_t_base_data_mongo.json
+mongoimport --host $CODECC_HOST --port $CODECC_PORT --username $CODECC_USERNAME --password $CODECC_PASSWORD  --authenticationDatabase $CODECC_AUTH_DB_DEFECT --db db_defect --collection t_checker_set nosql/0002_codecc_db_defect_t_checker_set_mongo.json
+mongoimport --host $CODECC_HOST --port $CODECC_PORT --username $CODECC_USERNAME --password $CODECC_PASSWORD  --authenticationDatabase $CODECC_AUTH_DB_TASK --db db_task --collection t_tool_meta nosql/0002_codecc_db_task_t_tool_meta_mongo.json
+mongoimport --host $CODECC_HOST --port $CODECC_PORT --username $CODECC_USERNAME --password $CODECC_PASSWORD  --authenticationDatabase $CODECC_AUTH_DB_DEFECT --db db_defect --collection t_red_line_meta nosql/0003_codecc_db_defect_t_red_line_meta_mongo.json
+mongoimport --host $CODECC_HOST --port $CODECC_PORT --username $CODECC_USERNAME --password $CODECC_PASSWORD  --authenticationDatabase $CODECC_AUTH_DB_DEFECT --db db_defect --collection t_checker_package nosql/0004_codecc_db_defect_t_checker_package_mongo.json
+mongoimport --host $CODECC_HOST --port $CODECC_PORT --username $CODECC_USERNAME --password $CODECC_PASSWORD  --authenticationDatabase $CODECC_AUTH_DB_DEFECT --db db_defect --collection t_checker_detail nosql/0006_codecc_db_defect_t_checker_detail_mongo.json
+mongoimport --host $CODECC_HOST --port $CODECC_PORT --username $CODECC_USERNAME --password $CODECC_PASSWORD  --authenticationDatabase $CODECC_AUTH_DB_QUARTZ --db db_quartz --collection t_job_instance nosql/0007_codecc_db_quartz_t_job_instance_mongo.json
\ No newline at end of file
diff --git a/support-files/codecc/kubernetes/images/storage/init-storage.sh b/support-files/codecc/kubernetes/images/storage/init-storage.sh
index 8abe9335333..95398f4185c 100644
--- a/support-files/codecc/kubernetes/images/storage/init-storage.sh
+++ b/support-files/codecc/kubernetes/images/storage/init-storage.sh
@@ -9,7 +9,7 @@ cp -r /data/workspace/script_download ${BK_CODECC_FILE_DATA_PATH}/download
 # create default bkrepo project|repo|user 
 if [[ "$BK_CODECC_STORAGE_TYPE" == "bkrepo" ]];then
     # get authorization header
-    authorization=$(echo $BK_CODECC_STORAGE_BKREPO_ADMIN_USERNAME:$BK_CODECC_STORAGE_BKREPO_ADMIN_PASSWORD | base64)
+    authorization=$(echo -n $BK_CODECC_STORAGE_BKREPO_ADMIN_USERNAME:$BK_CODECC_STORAGE_BKREPO_ADMIN_PASSWORD | base64)
     #create bkrepo project for codecc
     curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' --header "Authorization: Basic $authorization" -d "{
         \"name\": \"$BK_CODECC_STORAGE_BKREPO_PROJECT\",
@@ -35,4 +35,4 @@ if [[ "$BK_CODECC_STORAGE_TYPE" == "bkrepo" ]];then
         \"userId\": \"$BK_CODECC_STORAGE_BKREPO_USERNAME\",
         \"group\": false
     }" "${BK_CODECC_STORAGE_BKREPO_SCHEMA}://$BK_CODECC_STORAGE_BKREPO_HOST/auth/api/user/create/repo"
-fi
\ No newline at end of file
+fi  
\ No newline at end of file
diff --git a/support-files/codecc/templates/gateway#core#lua#init.lua b/support-files/codecc/templates/gateway#core#lua#init.lua
index a1955ee9849..7075a451f7a 100644
--- a/support-files/codecc/templates/gateway#core#lua#init.lua
+++ b/support-files/codecc/templates/gateway#core#lua#init.lua
@@ -92,7 +92,8 @@ config = {
     url = "__BK_CI_GATEWAY_SSM_TOKEN_URL__",     -- 接口路径
     app_code = "__BK_CI_APP_CODE__",
     app_secret = "__BK_CI_APP_TOKEN__",
-  }
+  },
+  bkci = {host = "__BK_CI_FQDN__", port = 80},
 }
   
 require("init_common")