Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: IAM权限中心切换APIGW标准化 (closed #2433) #2436

Open
wants to merge 1 commit into
base: v2.4.8-dev
Choose a base branch
from
Open

feat: IAM权限中心切换APIGW标准化 (closed #2433) #2436

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion apps/iam/handlers/permission.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,13 @@ def get_iam_client(cls):
return DummyIAM(
settings.APP_ID, settings.APP_TOKEN, settings.BK_IAM_INNER_HOST, settings.BK_PAAS_INNER_HOST
)
return IAM(settings.APP_ID, settings.APP_TOKEN, settings.BK_IAM_INNER_HOST, settings.BK_PAAS_INNER_HOST)
return IAM(
settings.APP_ID,
settings.APP_TOKEN,
settings.BK_IAM_INNER_HOST,
settings.BK_PAAS_INNER_HOST,
settings.BK_IAM_APIGATEWAY,
)

def make_request(self, action: Union[ActionMeta, str], resources: List[Resource] = None) -> Request:
"""
Expand Down
6 changes: 5 additions & 1 deletion apps/node_man/handlers/iam.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,11 @@ class IamHandler(APIModel):

if settings.USE_IAM:
_iam = IAM(
settings.APP_CODE, settings.SECRET_KEY, settings.BK_IAM_INNER_HOST, settings.BK_COMPONENT_API_OVERWRITE_URL
settings.APP_CODE,
settings.SECRET_KEY,
settings.BK_IAM_INNER_HOST,
settings.BK_COMPONENT_API_OVERWRITE_URL,
settings.BK_IAM_APIGATEWAY,
)
else:
_iam = object
Expand Down
12 changes: 11 additions & 1 deletion apps/node_man/iam_provider.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,9 @@ def list_instance_by_policy(self, filter, page, **options):
"""
return ListResult(results=[], count=0)

def search_instance(self, filter, page, **options):
pass


class CloudResourceProvider(ResourceProvider):
"""
Expand Down Expand Up @@ -320,6 +323,9 @@ def list_instance_by_policy(self, filter, page, **options):
"""
return ListResult(results=[], count=0)

def search_instance(self, filter, page, **options):
pass


class PackageResourceProvider(ResourceProvider):
"""
Expand Down Expand Up @@ -591,7 +597,11 @@ class IamRegister(object):

def __init__(self):
self._iam = IAM(
settings.APP_CODE, settings.SECRET_KEY, settings.BK_IAM_INNER_HOST, settings.BK_COMPONENT_API_OVERWRITE_URL
settings.APP_CODE,
settings.SECRET_KEY,
settings.BK_IAM_INNER_HOST,
settings.BK_COMPONENT_API_OVERWRITE_URL,
settings.BK_IAM_APIGATEWAY,
)

def register_system(self):
Expand Down
3 changes: 2 additions & 1 deletion apps/node_man/tests/utils.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1177,11 +1177,12 @@ def get_apply_data(self, *args, **kwargs):


class MockIAM(object):
def __init__(self, app_code, secret_key, bk_iam_inner_host, bk_component_api_url):
def __init__(self, app_code, secret_key, bk_iam_inner_host, bk_component_api_url, bk_apigateway_url):
self.app_code = app_code
self.secret_key = secret_key
self.bk_iam_inner_host = bk_iam_inner_host
self.bk_component_api_url = bk_component_api_url
self.bk_apigateway_url = bk_apigateway_url

class _client:
@staticmethod
Expand Down
4 changes: 4 additions & 0 deletions config/default.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -338,6 +338,10 @@
BK_IAM_CMDB_SYSTEM_ID = os.getenv("BKAPP_IAM_CMDB_SYSTEM_ID", "bk_cmdb")
BK_IAM_MIGRATION_JSON_PATH = os.path.join(PROJECT_ROOT, "support-files/bkiam")
BK_IAM_RESOURCE_API_HOST = env.BK_IAM_RESOURCE_API_HOST
# IAM网关名称
BK_IAM_APIGATEWAY_NAME = "bk-iam"
# IAM网关
BK_IAM_APIGATEWAY = BK_API_URL_TMPL.format(api_name=BK_IAM_APIGATEWAY_NAME) + "/" + env.ENVIRONMENT

BK_IAM_MIGRATION_APP_NAME = "iam_migrations"
BK_IAM_SKIP = False
Expand Down
2 changes: 1 addition & 1 deletion requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ django-versionlog==1.6.0
tencentcloud-sdk-python==3.0.1210

# Iam SDK
bk-iam==1.1.14
bk-iam==1.3.6

# 自监控
supervisor==4.2.2
Expand Down
10 changes: 5 additions & 5 deletions support-files/kubernetes/helm/bk-nodeman/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -347,11 +347,11 @@ externalRabbitMQ:
| `config.concurrentNumber` | 线程最大并发数 | `50` |
| `config.bkAppNavOpenSourceUrl` | 导航栏开源社区地址 | `https://github.com/TencentBlueKing/bk-nodeman` |
| `config.bkAppNavHelperUrl` | 导航栏技术支持地址 | `https://wpa1.qq.com/KziXGWJs?_type=wpa&qidian=true` |
| `config.bkAppSyncProcStatusTaskInterval` | 插件进程状态同步周期 | `20 * 60` |
| `config.bkAppScriptHooks` | Agent安装前置脚本 | `""` |
| `config.bkAppIEODActiveFirewallPolicyScriptInfo` | WINDOWS IEOD脚本内容 | `""` |
| `config.bkAppDefaultInstallChannelId` | 自动选择安装通道ID | `-1` |
| `config.bkAppAutomaticChoiceCloudId` | 自动选择安装通道对应云区域ID | `-1` |
| `config.bkAppSyncProcStatusTaskInterval` | 插件进程状态同步周期 | `20 * 60` |
| `config.bkAppScriptHooks` | Agent安装前置脚本 | `""` |
| `config.bkAppIEODActiveFirewallPolicyScriptInfo` | WINDOWS IEOD脚本内容 | `""` |
| `config.bkAppDefaultInstallChannelId` | 自动选择安装通道ID | `-1` |
| `config.bkAppAutomaticChoiceCloudId` | 自动选择安装通道对应云区域ID | `-1` |

## 额外的环境变量

Expand Down