From b6053c1c2601fafa0752cdaac4501606bd020a20 Mon Sep 17 00:00:00 2001
From: Jiahui <4543bxy@gmail.com>
Date: Wed, 25 Sep 2024 18:13:43 +0800
Subject: [PATCH 01/63] fix get default property (#5108)

---
 service/account/common/account.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/service/account/common/account.go b/service/account/common/account.go
index a98f1a3b3b9..41473ec3533 100644
--- a/service/account/common/account.go
+++ b/service/account/common/account.go
@@ -3,10 +3,10 @@ package common
 import "time"
 
 type PropertyQuery struct {
-	Name      string  `json:"name,omitempty" bson:"name,omitempty" example:"cpu"`
+	Name      string  `json:"name" bson:"name" example:"cpu"`
 	Alias     string  `json:"alias,omitempty" bson:"alias,omitempty" example:"gpu-tesla-v100"`
-	UnitPrice float64 `json:"unit_price,omitempty" bson:"unit_price,omitempty" example:"10000"`
-	Unit      string  `json:"unit,omitempty" bson:"unit,omitempty" example:"1m"`
+	UnitPrice float64 `json:"unit_price" bson:"unit_price" example:"10000"`
+	Unit      string  `json:"unit" bson:"unit" example:"1m"`
 }
 
 type TimeCostsMap [][]interface{}

From 54a3bc28684df2f8427c2ff1cc3969a0dd79c534 Mon Sep 17 00:00:00 2001
From: xudaotutou <13435638964@163.com>
Date: Thu, 26 Sep 2024 11:44:29 +0800
Subject: [PATCH 02/63] style(costcenter): recharge discount (#5111)

---
 frontend/packages/ui/src/theme/colors.ts      |   4 +
 .../costcenter/public/locales/en/common.json  |   7 +-
 .../costcenter/public/locales/zh/common.json  |   7 +-
 .../src/components/RechargeModal.tsx          | 187 +++++++++++++-----
 .../src/components/icons/GiftIcon.tsx         |  36 ++++
 .../src/components/icons/HelpIcon.tsx         |  17 ++
 .../providers/costcenter/src/layout/index.tsx |   1 -
 .../costcenter/src/layout/sidebar.tsx         |  28 ++-
 .../costcenter/src/pages/api/price/bonus.ts   |  71 ++-----
 .../costcenter/src/pages/api/price/index.ts   |  61 ------
 .../providers/costcenter/src/service/auth.ts  |   1 -
 .../costcenter/src/service/request.ts         |   1 -
 12 files changed, 227 insertions(+), 194 deletions(-)
 create mode 100644 frontend/providers/costcenter/src/components/icons/GiftIcon.tsx
 create mode 100644 frontend/providers/costcenter/src/components/icons/HelpIcon.tsx
 delete mode 100644 frontend/providers/costcenter/src/pages/api/price/index.ts

diff --git a/frontend/packages/ui/src/theme/colors.ts b/frontend/packages/ui/src/theme/colors.ts
index 0857f17af1e..d53d379d28a 100644
--- a/frontend/packages/ui/src/theme/colors.ts
+++ b/frontend/packages/ui/src/theme/colors.ts
@@ -72,6 +72,10 @@ const baseColors = {
     800: '#005B9C',
     900: '#004B82'
   },
+  royalBlue: {
+    100: '#E1EAFF',
+    700: '#2B5FD9'
+  },
   yellow: {
     25: '#FFFDFA',
     50: '#FFFAEB',
diff --git a/frontend/providers/costcenter/public/locales/en/common.json b/frontend/providers/costcenter/public/locales/en/common.json
index f5c2d960d45..5eaf94ad580 100644
--- a/frontend/providers/costcenter/public/locales/en/common.json
+++ b/frontend/providers/costcenter/public/locales/en/common.json
@@ -87,7 +87,7 @@
   "Stripe Success": "pay with Stripe successfully",
   "Stripe Cancel": "cancel to pay with Stripe",
   "GPU Unit": "Card",
-	"port_unit": "",
+  "port_unit": "",
   "Gpu valuation": "GPU Price Table",
   "common valuation": "Basic Valuation",
   "Billing Details": "Billing Details",
@@ -233,5 +233,8 @@
   "duration": "duration",
   "GPU": "GPU",
   "usage": "usage",
-  "resource": "resource"
+  "resource": "resource",
+  "Double": "Double",
+  "first_recharge_tips": "Partial specifications can enjoy double the amount of the initial recharge.",
+  "first_recharge_title": "Double on First Recharge"
 }
diff --git a/frontend/providers/costcenter/public/locales/zh/common.json b/frontend/providers/costcenter/public/locales/zh/common.json
index 2678089b168..4fbce721f53 100644
--- a/frontend/providers/costcenter/public/locales/zh/common.json
+++ b/frontend/providers/costcenter/public/locales/zh/common.json
@@ -84,7 +84,7 @@
   "Stripe Success": "Stripe 支付完成",
   "Stripe Cancel": "Stripe 支付取消",
   "GPU Unit": "卡",
-	"port_unit": "个",
+  "port_unit": "个",
   "Name": "名称",
   "Price": "价格",
   "Unit": "单位",
@@ -233,5 +233,8 @@
   "duration": "时间",
   "GPU": "GPU",
   "usage": "用量",
-  "resource": "资源"
+  "resource": "资源",
+  "Double": "双倍",
+  "first_recharge_tips": "部分规格首次充值可享双倍赠送金额",
+  "first_recharge_title": "首充双倍"
 }
diff --git a/frontend/providers/costcenter/src/components/RechargeModal.tsx b/frontend/providers/costcenter/src/components/RechargeModal.tsx
index cbfa3d1a146..259f0743dda 100644
--- a/frontend/providers/costcenter/src/components/RechargeModal.tsx
+++ b/frontend/providers/costcenter/src/components/RechargeModal.tsx
@@ -5,9 +5,9 @@ import { default as CurrencySymbol, default as Currencysymbol } from '@/componen
 import OuterLink from '@/components/outerLink';
 import { useCustomToast } from '@/hooks/useCustomToast';
 import useEnvStore from '@/stores/env';
+import useSessionStore from '@/stores/session';
 import { ApiResp } from '@/types/api';
 import { Pay, Payment } from '@/types/payment';
-import { getFavorable } from '@/utils/favorable';
 import { deFormatMoney, formatMoney } from '@/utils/format';
 import {
   Box,
@@ -29,13 +29,16 @@ import {
   Text,
   useDisclosure
 } from '@chakra-ui/react';
+import { MyTooltip } from '@sealos/ui';
 import { Stripe } from '@stripe/stripe-js';
 import { useMutation, useQuery } from '@tanstack/react-query';
 import type { AxiosInstance } from 'axios';
 import { isNumber } from 'lodash';
 import { useTranslation } from 'next-i18next';
 import { QRCodeSVG } from 'qrcode.react';
-import { forwardRef, useCallback, useEffect, useImperativeHandle, useState } from 'react';
+import { forwardRef, useCallback, useEffect, useImperativeHandle, useMemo, useState } from 'react';
+import GiftIcon from './icons/GiftIcon';
+import HelpIcon from './icons/HelpIcon';
 const StripeForm = (props: {
   tradeNO?: string;
   complete: number;
@@ -122,10 +125,12 @@ const BonusBox = (props: {
   onClick: () => void;
   selected: boolean;
   bouns: number;
+  isFirst?: boolean;
   amount: number;
 }) => {
   const { t } = useTranslation();
   const currency = useEnvStore((s) => s.currency);
+
   return (
     <Flex
       width="140px"
@@ -151,26 +156,67 @@ const BonusBox = (props: {
         props.onClick();
       }}
     >
-      <Flex
-        position={'absolute'}
-        minW={'max-content'}
-        left="78px"
-        top="4px"
-        px={'13.5px'}
-        py={'2.5px'}
-        color={'purple.600'}
-        background="purple.100"
-        alignItems={'center'}
-        borderRadius="10px 10px 10px 0px"
-        zIndex={'99'}
-        fontStyle="normal"
-        fontWeight="500"
-        fontSize="12px"
-      >
-        <Text mr="4px">{t('Bonus')}</Text>
-        <CurrencySymbol boxSize={'10px'} mr={'2px'} />
-        <Text> {props.bouns}</Text>
-      </Flex>
+      {props.isFirst ? (
+        <Flex
+          position={'absolute'}
+          minW={'max-content'}
+          right={'-6px'}
+          top="-18px"
+          color={'royalBlue.700'}
+          background="royalBlue.100"
+          alignItems={'center'}
+          borderRadius="2px"
+          zIndex={'99'}
+          fontStyle="normal"
+          fontWeight="500"
+          fontSize="12px"
+          _before={{
+            position: 'absolute',
+            inset: 'auto',
+            borderRadius: '2px',
+            width: '50px',
+            height: '50px',
+            content: '""',
+            transform: 'rotate(45deg)',
+            zIndex: '-1',
+            bgColor: 'royalBlue.100'
+          }}
+          w="50px"
+          h="50px"
+          align={'center'}
+          justify={'center'}
+        >
+          <Flex flexDirection={'column'} align={'center'}>
+            <Text>{t('Double')}!</Text>
+            <Flex align={'center'}>
+              +
+              <CurrencySymbol boxSize={'10px'} mr={'2px'} />
+              <Text>{props.bouns}</Text>
+            </Flex>
+          </Flex>
+        </Flex>
+      ) : (
+        <Flex
+          position={'absolute'}
+          minW={'max-content'}
+          left="78px"
+          top="4px"
+          px={'13.5px'}
+          py={'2.5px'}
+          color={'purple.600'}
+          background="purple.100"
+          alignItems={'center'}
+          borderRadius="10px 10px 10px 0px"
+          zIndex={'99'}
+          fontStyle="normal"
+          fontWeight="500"
+          fontSize="12px"
+        >
+          <Text mr="4px">{t('Bonus')}</Text>
+          <CurrencySymbol boxSize={'10px'} mr={'2px'} />
+          <Text> {props.bouns}</Text>
+        </Flex>
+      )}
       <Flex align={'center'}>
         <Currencysymbol boxSize="20px" type={currency} />
         <Text ml="4px" fontStyle="normal" fontWeight="500" fontSize="24px">
@@ -283,33 +329,51 @@ const RechargeModal = forwardRef(
       cancalPay();
       _onClose();
     };
-
+    const { session } = useSessionStore();
     const { toast } = useCustomToast();
     const { data: bonuses, isSuccess } = useQuery(
-      ['bonus'],
+      ['bonus', session.user.id],
       () =>
-        request.get<
+        request.post<
           any,
           ApiResp<{
-            steps: number[];
-            ratios: number[];
-            specialDiscount: [number, number][];
+            discount: {
+              defaultSteps: Record<string, number>;
+              firstRechargeDiscount: Record<string, number>;
+            };
           }>
         >('/api/price/bonus'),
       {}
     );
-    const ratios = bonuses?.data?.ratios || [];
-    const steps = bonuses?.data?.steps || [];
-    const specialBonus = bonuses?.data?.specialDiscount;
+    const [defaultSteps, ratios, steps, specialBonus] = useMemo(() => {
+      const defaultSteps = Object.entries(bonuses?.data?.discount.defaultSteps || {}).toSorted(
+        (a, b) => +a[0] - +b[0]
+      );
+      const ratios = defaultSteps.map(([key, value]) => value);
+      const steps = defaultSteps.map(([key, value]) => +key);
+      const specialBonus = Object.entries(
+        bonuses?.data?.discount.firstRechargeDiscount || {}
+      ).toSorted((a, b) => +a[0] - +b[0]);
+      const temp: number[] = [];
+      specialBonus.forEach(([k, v]) => {
+        const step = +k;
+        if (steps.findIndex((v) => step === v) === -1) {
+          temp.push(+k);
+        }
+      });
+      steps.unshift(...temp);
+      ratios.unshift(...temp.map(() => 0));
+      return [defaultSteps, ratios, steps, specialBonus];
+    }, [bonuses?.data?.discount.defaultSteps, bonuses?.data?.discount.firstRechargeDiscount]);
     const [amount, setAmount] = useState(() => 0);
-    const getBonus = useCallback(
-      (amount: number) => {
-        if (isSuccess && ratios && steps && ratios.length === steps.length)
-          return getFavorable(steps, ratios, specialBonus)(amount);
-        else return 0;
-      },
-      [isSuccess, ratios, steps, specialBonus]
-    );
+    const getBonus = (amount: number) => {
+      let ratio = 0;
+      let specialIdx = specialBonus.findIndex(([k]) => +k === amount);
+      if (specialIdx >= 0) return Math.floor((amount * specialBonus[specialIdx][1]) / 100);
+      const step = [...steps].reverse().findIndex((step) => amount >= step);
+      if (ratios.length > step && step > -1) ratio = [...ratios].reverse()[step];
+      return Math.floor((amount * ratio) / 100);
+    };
     const { stripeEnabled, wechatEnabled } = useEnvStore();
     useEffect(() => {
       if (steps && steps.length > 0) {
@@ -346,7 +410,6 @@ const RechargeModal = forwardRef(
                 <ModalHeader
                   px={'20px'}
                   py={'12px'}
-                  pb={'18px'}
                   bg={'grayModern.25'}
                   borderBottom={'1px solid'}
                   fontWeight={500}
@@ -377,14 +440,31 @@ const RechargeModal = forwardRef(
                     </Text>
                   </Flex>
                   <Flex direction={'column'} mb={'20px'}>
-                    <Text color="grayModern.600" fontWeight={'normal'} mb={'16px'}>
-                      {t('Select Amount')}
-                    </Text>
+                    <Flex mb={'36px'} justify={'space-between'}>
+                      <Text color="grayModern.600" fontWeight={'normal'}>
+                        {t('Select Amount')}
+                      </Text>
+                      <Flex align={'center'}>
+                        <GiftIcon boxSize={'16px'} mr={'8px'}></GiftIcon>
+                        <Text
+                          mr={'4px'}
+                          color={'grayModern.900'}
+                          fontSize={'14px'}
+                          fontWeight={500}
+                        >
+                          {t('first_recharge_title')}!
+                        </Text>
+                        <MyTooltip label={<Text>{t('first_recharge_tips')}</Text>}>
+                          <HelpIcon boxSize={'16px'}></HelpIcon>
+                        </MyTooltip>
+                      </Flex>
+                    </Flex>
                     <Flex wrap={'wrap'} gap={'16px'}>
                       {steps.map((amount, index) => (
                         <BonusBox
                           key={index}
                           amount={amount}
+                          isFirst={specialBonus.findIndex((a) => +a[0] === amount) >= 0}
                           bouns={getBonus(amount)}
                           onClick={() => {
                             setSelectAmount(index);
@@ -419,11 +499,13 @@ const RechargeModal = forwardRef(
                       variant={'unstyled'}
                       onChange={(str, v) => {
                         const maxAmount = 10_000_000;
-                        if (!isNumber(v) || isNaN(v)) {
+                        if (!str || !isNumber(v) || isNaN(v)) {
                           setAmount(0);
+                          return;
                         }
                         if (v > maxAmount) {
                           setAmount(maxAmount);
+                          return;
                         }
                         setAmount(v);
                       }}
@@ -506,12 +588,13 @@ const RechargeModal = forwardRef(
             ) : (
               <>
                 <ModalHeader
-                  m={'24px'}
-                  p={'0'}
-                  position={'absolute'}
-                  display={'flex'}
-                  alignItems={'center'}
-                  height={'33px'}
+                  px={'20px'}
+                  py={'12px'}
+                  bg={'grayModern.25'}
+                  borderBottom={'1px solid'}
+                  fontWeight={500}
+                  fontSize={'16px'}
+                  borderColor={'grayModern.100'}
                 >
                   <Img
                     src={vector.src}
@@ -526,9 +609,9 @@ const RechargeModal = forwardRef(
                       cancalPay();
                     }}
                   ></Img>
-                  <Text>{t('Recharge Amount')}</Text>
+                  {t('Recharge Amount')}
                 </ModalHeader>
-                <ModalCloseButton top={'24px'} right={'24px'} />
+                <ModalCloseButton top={'8px'} right={'18px'} />
                 {payType === 'wechat' ? (
                   <WechatPayment
                     complete={complete}
diff --git a/frontend/providers/costcenter/src/components/icons/GiftIcon.tsx b/frontend/providers/costcenter/src/components/icons/GiftIcon.tsx
new file mode 100644
index 00000000000..7f87241c5c8
--- /dev/null
+++ b/frontend/providers/costcenter/src/components/icons/GiftIcon.tsx
@@ -0,0 +1,36 @@
+import { createIcon } from '@chakra-ui/react';
+
+const GiftIcon = createIcon({
+  displayName: 'GiftIcon',
+  viewBox: '0 0 16 16',
+  path: (
+    <g>
+      <g clip-path="url(#clip0_5543_2151)">
+        <path
+          fill-rule="evenodd"
+          clip-rule="evenodd"
+          d="M4.99972 1.99935C4.7345 1.99935 4.48015 2.10471 4.29261 2.29224C4.10507 2.47978 3.99972 2.73413 3.99972 2.99935C3.99972 3.26457 4.10507 3.51892 4.29261 3.70646C4.48015 3.89399 4.7345 3.99935 4.99972 3.99935H7.1024C7.02101 3.78643 6.91799 3.55229 6.79057 3.32063C6.37126 2.55824 5.79565 1.99935 4.99972 1.99935ZM7.33305 5.33268V8.66602H1.99972V6.79935C1.99972 6.41498 2.00024 6.1668 2.01567 5.97791C2.03047 5.7968 2.05558 5.72965 2.07238 5.69669C2.13629 5.57125 2.23828 5.46926 2.36372 5.40534C2.39669 5.38855 2.46383 5.36343 2.64494 5.34863C2.83383 5.3332 3.08201 5.33268 3.46638 5.33268H7.33305ZM2.89326 4.00299C2.74529 3.6924 2.66638 3.34994 2.66638 2.99935C2.66638 2.38051 2.91222 1.78702 3.3498 1.34943C3.78739 0.911848 4.38088 0.666016 4.99972 0.666016C6.53712 0.666016 7.4615 1.77379 7.95886 2.67807C7.97273 2.70328 7.98634 2.72847 7.99972 2.75363C8.01309 2.72847 8.02671 2.70328 8.04057 2.67807C8.53793 1.77379 9.46232 0.666016 10.9997 0.666016C11.6186 0.666016 12.212 0.911848 12.6496 1.34943C13.0872 1.78702 13.333 2.38051 13.333 2.99935C13.333 3.34994 13.2541 3.6924 13.1062 4.00299C13.235 4.00581 13.3541 4.01083 13.4631 4.01973C13.7266 4.04126 13.9888 4.08881 14.241 4.21734C14.6174 4.40908 14.9233 4.71504 15.1151 5.09137C15.2436 5.34362 15.2911 5.60577 15.3127 5.86933C15.3331 6.11904 15.3331 6.42221 15.333 6.77364V12.5584C15.3331 12.9098 15.3331 13.213 15.3127 13.4627C15.2911 13.7263 15.2436 13.9884 15.1151 14.2407C14.9233 14.617 14.6174 14.9229 14.241 15.1147C13.9888 15.2432 13.7266 15.2908 13.4631 15.3123C13.2134 15.3327 12.9102 15.3327 12.5588 15.3327H8.00065C8.00034 15.3327 8.00003 15.3327 7.99972 15.3327C7.99941 15.3327 7.9991 15.3327 7.99879 15.3327H3.44067C3.08925 15.3327 2.78608 15.3327 2.53636 15.3123C2.2728 15.2908 2.01065 15.2432 1.7584 15.1147C1.38208 14.9229 1.07612 14.617 0.88437 14.2407C0.755841 13.9884 0.708297 13.7263 0.686763 13.4627C0.66636 13.213 0.66637 12.9098 0.666382 12.5584L0.666383 9.33306C0.666383 9.33294 0.666383 9.33319 0.666383 9.33306C0.666383 9.33294 0.666383 9.33243 0.666383 9.3323L0.666382 6.77365C0.666371 6.42222 0.66636 6.11905 0.686763 5.86933C0.708297 5.60577 0.755841 5.34362 0.88437 5.09137C1.07612 4.71504 1.38208 4.40908 1.7584 4.21734C2.01066 4.08881 2.2728 4.04126 2.53636 4.01973C2.6453 4.01083 2.76441 4.00581 2.89326 4.00299ZM1.99972 9.99935V12.5327C1.99972 12.917 2.00023 13.1652 2.01567 13.3541C2.03047 13.5352 2.05558 13.6024 2.07238 13.6353C2.13629 13.7608 2.23828 13.8628 2.36372 13.9267C2.39669 13.9435 2.46383 13.9686 2.64494 13.9834C2.83383 13.9988 3.08201 13.9993 3.46638 13.9993H7.33305V9.99935H1.99972ZM8.66638 9.99935V13.9993H12.5331C12.9174 13.9993 13.1656 13.9988 13.3545 13.9834C13.5356 13.9686 13.6027 13.9435 13.6357 13.9267C13.7612 13.8628 13.8631 13.7608 13.9271 13.6353C13.9439 13.6024 13.969 13.5352 13.9838 13.3541C13.9992 13.1652 13.9997 12.9171 13.9997 12.5327V9.99935H8.66638ZM13.9997 8.66602V6.79935C13.9997 6.41498 13.9992 6.1668 13.9838 5.97791C13.969 5.7968 13.9439 5.72965 13.9271 5.69669C13.8631 5.57125 13.7612 5.46926 13.6357 5.40535C13.6027 5.38855 13.5356 5.36343 13.3545 5.34864C13.1656 5.3332 12.9174 5.33268 12.5331 5.33268L8.66638 5.33268V8.66602H13.9997ZM8.89704 3.99935C8.97842 3.78643 9.08144 3.55229 9.20886 3.32063C9.62817 2.55824 10.2038 1.99935 10.9997 1.99935C11.2649 1.99935 11.5193 2.10471 11.7068 2.29224C11.8944 2.47978 11.9997 2.73413 11.9997 2.99935C11.9997 3.26457 11.8944 3.51892 11.7068 3.70646C11.5193 3.89399 11.2649 3.99935 10.9997 3.99935H8.89704Z"
+          fill="url(#paint0_linear_5543_2151)"
+        />
+      </g>
+      <defs>
+        <linearGradient
+          id="paint0_linear_5543_2151"
+          x1="7.99972"
+          y1="1.14221"
+          x2="7.99972"
+          y2="14.8565"
+          gradientUnits="userSpaceOnUse"
+        >
+          <stop stop-color="#69AEFF" />
+          <stop offset="0.432292" stop-color="#6096FF" />
+          <stop offset="1" stop-color="#6C7FFF" />
+        </linearGradient>
+        <clipPath id="clip0_5543_2151">
+          <rect width="16" height="16" fill="white" />
+        </clipPath>
+      </defs>
+    </g>
+  )
+});
+export default GiftIcon;
diff --git a/frontend/providers/costcenter/src/components/icons/HelpIcon.tsx b/frontend/providers/costcenter/src/components/icons/HelpIcon.tsx
new file mode 100644
index 00000000000..245d97bb262
--- /dev/null
+++ b/frontend/providers/costcenter/src/components/icons/HelpIcon.tsx
@@ -0,0 +1,17 @@
+import { createIcon } from '@chakra-ui/react';
+
+export const HelpIcon = createIcon({
+  displayName: 'HelpIcon',
+  viewBox: '0 0 16 16',
+  path: (
+    <g fill="none" xmlns="http://www.w3.org/2000/svg">
+      <path
+        fill-rule="evenodd"
+        clip-rule="evenodd"
+        d="M8.00005 2.55678C4.99385 2.55678 2.55684 4.99379 2.55684 7.99998C2.55684 11.0062 4.99385 13.4432 8.00005 13.4432C11.0062 13.4432 13.4432 11.0062 13.4432 7.99998C13.4432 4.99379 11.0062 2.55678 8.00005 2.55678ZM1.22351 7.99998C1.22351 4.25741 4.25747 1.22345 8.00005 1.22345C11.7426 1.22345 14.7766 4.25741 14.7766 7.99998C14.7766 11.7426 11.7426 14.7765 8.00005 14.7765C4.25747 14.7765 1.22351 11.7426 1.22351 7.99998ZM8.14834 5.62577C7.87687 5.57921 7.59769 5.63022 7.36023 5.76978C7.12277 5.90934 6.94236 6.12843 6.85096 6.38825C6.72878 6.73558 6.34817 6.9181 6.00085 6.79591C5.65352 6.67373 5.471 6.29312 5.59318 5.9458C5.78908 5.38894 6.17572 4.91937 6.68465 4.62027C7.19358 4.32117 7.79194 4.21184 8.37375 4.31163C8.95556 4.41143 9.48328 4.71392 9.86345 5.16552C10.2435 5.61702 10.4516 6.18845 10.4508 6.77862C10.4505 7.74318 9.73585 8.37516 9.23745 8.70743C8.96791 8.88713 8.70311 9.01905 8.50833 9.10562C8.40999 9.14933 8.32711 9.18252 8.26726 9.20532C8.23728 9.21674 8.21291 9.22562 8.19509 9.23195L8.17333 9.23957L8.16632 9.24197L8.16381 9.24282L8.16281 9.24315C8.16261 9.24322 8.16199 9.24343 7.95117 8.61097L8.16199 9.24343C7.81269 9.35986 7.43514 9.17109 7.31871 8.82179C7.20232 8.47261 7.39093 8.0952 7.74 7.97863L7.74841 7.97567C7.75744 7.97246 7.77246 7.96701 7.7926 7.95934C7.83298 7.94395 7.89331 7.91987 7.96681 7.8872C8.1157 7.82103 8.30915 7.72383 8.49785 7.59803C8.91582 7.31938 9.11746 7.03509 9.11746 6.77801L9.11746 6.77702C9.11787 6.50159 9.02079 6.2349 8.84341 6.02419C8.66603 5.81347 8.41981 5.67234 8.14834 5.62577ZM7.33338 11.0549C7.33338 10.6867 7.63186 10.3883 8.00005 10.3883H8.00616C8.37435 10.3883 8.67282 10.6867 8.67282 11.0549C8.67282 11.4231 8.37435 11.7216 8.00616 11.7216H8.00005C7.63186 11.7216 7.33338 11.4231 7.33338 11.0549Z"
+        fill="#667085"
+      />
+    </g>
+  )
+});
+export default HelpIcon;
diff --git a/frontend/providers/costcenter/src/layout/index.tsx b/frontend/providers/costcenter/src/layout/index.tsx
index f08b791245b..2c58b4b04c1 100644
--- a/frontend/providers/costcenter/src/layout/index.tsx
+++ b/frontend/providers/costcenter/src/layout/index.tsx
@@ -2,7 +2,6 @@ import useSessionStore from '@/stores/session';
 import { Box, Flex, Link, Text } from '@chakra-ui/react';
 import { useEffect, useState } from 'react';
 import { createSealosApp, sealosApp } from 'sealos-desktop-sdk/app';
-import styles from './index.module.scss';
 import SideBar from './sidebar';
 
 export default function Layout({ children }: any) {
diff --git a/frontend/providers/costcenter/src/layout/sidebar.tsx b/frontend/providers/costcenter/src/layout/sidebar.tsx
index 7ca81b42aeb..7f9a59b14df 100644
--- a/frontend/providers/costcenter/src/layout/sidebar.tsx
+++ b/frontend/providers/costcenter/src/layout/sidebar.tsx
@@ -1,20 +1,20 @@
-import { Flex, Text, Img, Divider, Box } from '@chakra-ui/react';
-import { useRouter } from 'next/router';
+import dashbordIcon from '@/assert/dashboard.svg';
+import dashboard_a_icon from '@/assert/dashboard_black.svg';
 import letter_icon from '@/assert/format_letter_spacing_standard.svg';
 import letter_a_icon from '@/assert/format_letter_spacing_standard_black.svg';
-import receipt_icon from '@/assert/receipt_long.svg';
-import receipt_a_icon from '@/assert/receipt_long_black.svg';
+import invoice_a_icon from '@/assert/invoice-active.svg';
+import invoice_icon from '@/assert/invoice.svg';
 import layers_icon from '@/assert/layers.svg';
 import layers_a_icon from '@/assert/layers_black.svg';
 import linechart_icon from '@/assert/lineChart.svg';
 import linechart_a_icon from '@/assert/lineChart_black.svg';
-import invoice_icon from '@/assert/invoice.svg';
-import invoice_a_icon from '@/assert/invoice-active.svg';
-import dashbordIcon from '@/assert/dashboard.svg';
-import dashboard_a_icon from '@/assert/dashboard_black.svg';
-import type { StaticImageData } from 'next/image';
-import { useTranslation } from 'next-i18next';
+import receipt_icon from '@/assert/receipt_long.svg';
+import receipt_a_icon from '@/assert/receipt_long_black.svg';
 import useEnvStore from '@/stores/env';
+import { Box, Divider, Flex, Img, Text } from '@chakra-ui/react';
+import { useTranslation } from 'next-i18next';
+import type { StaticImageData } from 'next/image';
+import { useRouter } from 'next/router';
 
 type Menu = {
   id: string;
@@ -88,8 +88,6 @@ export default function SideBar() {
             return (
               <Box key={item.value}>
                 <Flex
-                  // py={'10px'}
-                  // px={['10px', '10px', '10px', '20px']}
                   {...([1, 3, 5].includes(idx)
                     ? {
                         mb: '32px'
@@ -113,13 +111,13 @@ export default function SideBar() {
                   <Text
                     color={router.route === item.url ? 'grayModern.900' : 'grayModern.500'}
                     ml="8px"
-                    // my="9px"
-                    // display={['none', 'none', 'none', 'flex']}
                   >
                     {t(item.value)}
                   </Text>
                 </Flex>
-                {[0, 2, 4].includes(idx) && <Divider my="20px" borderColor={'grayModern.250'} />}
+                {([0, 2].includes(idx) || (idx === 4 && invoiceEnabled)) && (
+                  <Divider my="20px" borderColor={'grayModern.250'} />
+                )}
               </Box>
             );
           })}
diff --git a/frontend/providers/costcenter/src/pages/api/price/bonus.ts b/frontend/providers/costcenter/src/pages/api/price/bonus.ts
index d35bbcb47da..b1dd15ecd18 100644
--- a/frontend/providers/costcenter/src/pages/api/price/bonus.ts
+++ b/frontend/providers/costcenter/src/pages/api/price/bonus.ts
@@ -1,7 +1,5 @@
-import { authSession } from '@/service/backend/auth';
-import { ApplyYaml, CRDMeta, GetCRD, GetUserDefaultNameSpace } from '@/service/backend/kubernetes';
+import { makeAPIClientByHeader } from '@/service/backend/region';
 import { jsonRes } from '@/service/backend/response';
-import * as yaml from 'js-yaml';
 import type { NextApiRequest, NextApiResponse } from 'next';
 
 export default async function handler(req: NextApiRequest, resp: NextApiResponse) {
@@ -9,69 +7,24 @@ export default async function handler(req: NextApiRequest, resp: NextApiResponse
     if (!global.AppConfig.costCenter.recharge.enabled) {
       throw new Error('recharge is not enabled');
     }
-    const kc = await authSession(req.headers);
-    const user = kc.getCurrentUser();
-    if (user === null) {
-      return jsonRes(resp, { code: 403, message: 'user null' });
-    }
-    const namespace = GetUserDefaultNameSpace(user.name);
-    const name = new Date().getTime() + 'bonusquery';
+    const client = await makeAPIClientByHeader(req, resp);
+    if (!client) return null;
 
-    const meta: CRDMeta = {
-      group: 'account.sealos.io',
-      version: 'v1',
-      namespace,
-      plural: 'billinginfoqueries'
-    };
-    const crdSchema = {
-      apiVersion: `account.sealos.io/v1`,
-      kind: 'BillingInfoQuery',
-      metadata: {
-        name,
-        namespace
-      },
-      spec: {
-        queryType: 'Recharge'
-      }
-    };
-    const result1 = await ApplyYaml(kc, yaml.dump(crdSchema));
-    const result = await new Promise<{
-      discountRates: number[];
-      discountSteps: number[];
-      specialDiscount: Record<string, number>;
-    }>((resolve, reject) => {
-      let retry = 3;
-      const wrap = () =>
-        GetCRD(kc, meta, name)
-          .then((res) => {
-            const body = res.body as { status: any };
-            if (!body.status) return Promise.reject();
-            const { result, status } = body.status as Record<string, string>;
-            if (status.toLocaleLowerCase() === 'completed') resolve(JSON.parse(result));
-            else return Promise.reject();
-          })
-          .catch(async (err) => {
-            if (retry-- >= 0) {
-              await new Promise((res) => setTimeout(res, 1000));
-              await wrap();
-            } else reject(err);
-          });
-      wrap();
-    });
-    if (!result)
+    const response = await client.post<{
+      discount: {
+        defaultSteps: Record<string, number>;
+        firstRechargeDiscount: Record<string, number>;
+      };
+    }>('/account/v1alpha1/recharge-discount');
+    const data = response.data;
+    if (!data || response.status !== 200)
       return jsonRes(resp, {
         code: 404,
         message: 'bonus is not found'
       });
     return jsonRes(resp, {
       code: 200,
-      data: {
-        ratios: result.discountRates,
-        steps: result.discountSteps,
-        specialDiscount: Object.entries(result.specialDiscount || {}).map<[number, number]>(
-          ([k, v]) => [+k, v]
-        )
-      }
+      data
     });
   } catch (error) {
     console.log(error);
diff --git a/frontend/providers/costcenter/src/pages/api/price/index.ts b/frontend/providers/costcenter/src/pages/api/price/index.ts
deleted file mode 100644
index fafbf57cd23..00000000000
--- a/frontend/providers/costcenter/src/pages/api/price/index.ts
+++ /dev/null
@@ -1,61 +0,0 @@
-import { authSession } from '@/service/backend/auth';
-import { CRDMeta, GetCRD, GetUserDefaultNameSpace } from '@/service/backend/kubernetes';
-import { jsonRes } from '@/service/backend/response';
-import type { NextApiRequest, NextApiResponse } from 'next';
-import { ApplyYaml } from '@/service/backend/kubernetes';
-import * as yaml from 'js-yaml';
-import { ValuationBillingRecord, ValuationData } from '@/types/valuation';
-export default async function handler(req: NextApiRequest, resp: NextApiResponse) {
-  try {
-    const kc = await authSession(req.headers);
-
-    // get user account payment amount
-    const user = kc.getCurrentUser();
-    if (user === null) {
-      return jsonRes(resp, { code: 403, message: 'user null' });
-    }
-    const namespace = GetUserDefaultNameSpace(user.name);
-    const name = 'price';
-    const crdSchema = {
-      apiVersion: `account.sealos.io/v1`,
-      kind: 'PriceQuery',
-      metadata: {
-        name,
-        namespace
-      },
-      spec: {}
-    };
-    const meta: CRDMeta = {
-      group: 'account.sealos.io',
-      version: 'v1',
-      namespace,
-      plural: 'pricequeries'
-    };
-    try {
-      await ApplyYaml(kc, yaml.dump(crdSchema));
-    } catch {}
-    const billingRecords = await new Promise<ValuationBillingRecord[]>((resolve, reject) => {
-      let retry = 3;
-      const wrap = () =>
-        GetCRD(kc, meta, name)
-          .then((res) => {
-            const crd = res.body as ValuationData;
-            resolve(crd.status.billingRecords);
-          })
-          .catch((err) => {
-            if (retry-- >= 0) wrap();
-            else reject(err);
-          });
-      wrap();
-    });
-    return jsonRes<{ billingRecords: ValuationBillingRecord[] }>(resp, {
-      code: 200,
-      data: {
-        billingRecords
-      }
-    });
-  } catch (error) {
-    console.log(error);
-    jsonRes(resp, { code: 500, message: 'get price error' });
-  }
-}
diff --git a/frontend/providers/costcenter/src/service/auth.ts b/frontend/providers/costcenter/src/service/auth.ts
index c2bc5ed42d1..c271967630a 100644
--- a/frontend/providers/costcenter/src/service/auth.ts
+++ b/frontend/providers/costcenter/src/service/auth.ts
@@ -21,7 +21,6 @@ export const verifyJWT = <T extends Object = AccessTokenPayload>(token: string,
     if (!token) return resolve(null);
     verify(token, secret, (err, payload) => {
       if (err) {
-        // console.log(err);
         resolve(null);
       } else if (!payload) {
         resolve(null);
diff --git a/frontend/providers/costcenter/src/service/request.ts b/frontend/providers/costcenter/src/service/request.ts
index 1a064104b90..541e505c283 100644
--- a/frontend/providers/costcenter/src/service/request.ts
+++ b/frontend/providers/costcenter/src/service/request.ts
@@ -14,7 +14,6 @@ request.interceptors.request.use(
     // auto append service prefix
     let _headers: RawAxiosRequestHeaders = config.headers || {};
     const session = useSessionStore.getState().session;
-
     if (config.url && config.url?.startsWith('/api/')) {
       _headers['Authorization'] = encodeURIComponent(session?.kubeconfig || '');
     }

From 8c0c34592369874ce178c956af713dba3c17a9ea Mon Sep 17 00:00:00 2001
From: yy <56745951+lingdie@users.noreply.github.com>
Date: Thu, 26 Sep 2024 14:52:49 +0800
Subject: [PATCH 03/63] devobx ignore extra ports. (#5112)

---
 controllers/devbox/internal/controller/devbox_controller.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/controllers/devbox/internal/controller/devbox_controller.go b/controllers/devbox/internal/controller/devbox_controller.go
index 530a059c9ae..a9e15005f92 100644
--- a/controllers/devbox/internal/controller/devbox_controller.go
+++ b/controllers/devbox/internal/controller/devbox_controller.go
@@ -503,7 +503,8 @@ func (r *DevboxReconciler) generateDevboxPod(devbox *devboxv1alpha1.Devbox, runt
 
 	// set up ports and env by using runtime ports and devbox extra ports
 	ports := runtime.Spec.Config.Ports
-	ports = append(ports, devbox.Spec.NetworkSpec.ExtraPorts...)
+	// TODO: add extra ports to pod, currently not support
+	// ports = append(ports, devbox.Spec.NetworkSpec.ExtraPorts...)
 
 	envs := runtime.Spec.Config.Env
 	envs = append(envs, devbox.Spec.ExtraEnvs...)

From 7b0be9352fa422f1abca8f232cd8c864db548f7e Mon Sep 17 00:00:00 2001
From: yy <56745951+lingdie@users.noreply.github.com>
Date: Thu, 26 Sep 2024 15:29:28 +0800
Subject: [PATCH 04/63] release: sealos v5.0.1 beta2 (#5110)

* add csi-s3

* set jwt token as env
---
 .github/workflows/cloud-release.yml           |  4 +--
 deploy/cloud/scripts/init.sh                  | 36 +++++++++++++++++--
 frontend/desktop/deploy/Kubefile              |  3 ++
 .../deploy/manifests/configmap.yaml.tmpl      |  6 ++--
 frontend/desktop/deploy/scripts/init.sh       |  3 --
 scripts/cloud/build-offline-tar.sh            |  1 +
 scripts/cloud/install.sh                      |  6 ++--
 7 files changed, 47 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/cloud-release.yml b/.github/workflows/cloud-release.yml
index a273309ba68..fae28f00e44 100644
--- a/.github/workflows/cloud-release.yml
+++ b/.github/workflows/cloud-release.yml
@@ -99,7 +99,7 @@ jobs:
           sudo mv /tmp/sealos /usr/bin/sealos
           sudo sealos version
       - name: Build
-        run: export CLOUD_VERSION=${{ github.event.release.tag_name }} && export ARCH=arm64 && bash ./scripts/cloud/build-offline-tar.sh
+        run: export CLOUD_VERSION=${{ github.event.release.tag_name }} && VERSION=${{ github.event.release.tag_name }} && export ARCH=arm64 && bash ./scripts/cloud/build-offline-tar.sh
       - name: Setup ossutil
         uses: manyuanrong/setup-ossutil@v2.0
         with:
@@ -111,4 +111,4 @@ jobs:
       - name: Upload
         run: |
           ossutil cp ./sealos-cloud.tar.gz oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ github.event.release.tag_name }}-arm64.tar.gz
-          ossutil cp ./sealos-cloud.tar.gz.md5 oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ github.event.release.tag_name }}-arm64.tar.gz.md5
\ No newline at end of file
+          ossutil cp ./sealos-cloud.tar.gz.md5 oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ github.event.release.tag_name }}-arm64.tar.gz.md5
diff --git a/deploy/cloud/scripts/init.sh b/deploy/cloud/scripts/init.sh
index a46e384c9d8..e52a10f1f23 100644
--- a/deploy/cloud/scripts/init.sh
+++ b/deploy/cloud/scripts/init.sh
@@ -10,9 +10,12 @@ cockroachdbGlobalUri=""
 localRegionUID=""
 
 tlsCrtPlaceholder="<tls-crt-placeholder>"
-tlsKeyPlaceholder="<tls-key-placeholder>"
 acmednsSecretPlaceholder="<acmedns-secret-placeholder>"
+
 saltKey=""
+jwtInternal=""
+jwtRegional=""
+jwtGlobal=""
 
 function prepare {
   # source .env
@@ -36,6 +39,9 @@ function prepare {
   # gen regionUID if not set or not found in secret
   gen_regionUID
 
+  # gen jwt tokens
+  gen_jwt_tokens
+
   # create tls secret
   create_tls_secret
 }
@@ -132,6 +138,7 @@ function gen_cockroachdbUri() {
   cockroachdbGlobalUri="$cockroachdbUri/global"
 }
 
+# TODO: use a better way to check saltKey
 function gen_saltKey() {
     password_salt=$(kubectl get configmap desktop-frontend-config -n sealos -o jsonpath='{.data.config\.yaml}' | grep "salt:" | awk '{print $2}' 2>/dev/null | tr -d '"' || true)
     if [[ -z "$password_salt" ]]; then
@@ -141,6 +148,28 @@ function gen_saltKey() {
     fi
 }
 
+# TODO: use a better way to check jwt tokens
+function gen_jwt_tokens() {
+    jwt_internal=$(kubectl get configmap desktop-frontend-config -n sealos -o jsonpath='{.data.config\.yaml}' | grep "internal:" | awk '{print $2}' 2>/dev/null | tr -d '"' || true)
+    if [[ -z "$jwt_internal" ]]; then
+        jwtInternal=$(tr -dc 'a-z0-9' </dev/urandom | head -c64)
+    else
+        jwtInternal=$jwt_internal
+    fi
+    jwt_regional=$(kubectl get configmap desktop-frontend-config -n sealos -o jsonpath='{.data.config\.yaml}' | grep "regional:" | awk '{print $2}' 2>/dev/null | tr -d '"' || true)
+    if [[ -z "$jwt_regional" ]]; then
+        jwtRegional=$(tr -dc 'a-z0-9' </dev/urandom | head -c64)
+    else
+        jwtRegional=$jwt_regional
+    fi
+    jwt_global=$(kubectl get configmap desktop-frontend-config -n sealos -o jsonpath='{.data.config\.yaml}' | grep "global:" | awk '{print $2}' 2>/dev/null | tr -d '"' || true)
+    if [[ -z "$jwt_global" ]]; then
+        jwtGlobal=$(tr -dc 'a-z0-9' </dev/urandom | head -c64)
+    else
+        jwtGlobal=$jwt_global
+    fi
+}
+
 function gen_regionUID(){
     uid=$(kubectl get configmap desktop-frontend-config -n sealos -o jsonpath='{.data.config\.yaml}' | grep "regionUID:" | awk '{print $2}' 2>/dev/null | tr -d '"' || true)
     if [[ -z "$uid" ]]; then
@@ -176,7 +205,10 @@ function sealos_run_desktop {
       --env regionUID="$localRegionUID" \
       --env databaseMongodbURI="${mongodbUri}/sealos-auth?authSource=admin" \
       --env databaseLocalCockroachdbURI="$cockroachdbLocalUri" \
-      --env databaseGlobalCockroachdbURI="$cockroachdbGlobalUri"
+      --env databaseGlobalCockroachdbURI="$cockroachdbGlobalUri" \
+      --env jwtInternal="$jwtInternal" \
+      --env jwtRegional="$jwtRegional" \
+      --env jwtGlobal="$jwtGlobal"
 }
 
 function sealos_run_controller {
diff --git a/frontend/desktop/deploy/Kubefile b/frontend/desktop/deploy/Kubefile
index cb8685bde5f..fe24acf60e3 100644
--- a/frontend/desktop/deploy/Kubefile
+++ b/frontend/desktop/deploy/Kubefile
@@ -13,5 +13,8 @@ ENV databaseMongodbURI=""
 ENV databaseGlobalCockroachdbURI=""
 ENV databaseLocalCockroachdbURI=""
 ENV passwordSalt="randomSalt"
+ENV jwtInternal=""
+ENV jwtRegional=""
+ENV jwtGlobal=""
 
 CMD ["bash scripts/init.sh"]
diff --git a/frontend/desktop/deploy/manifests/configmap.yaml.tmpl b/frontend/desktop/deploy/manifests/configmap.yaml.tmpl
index 77c3634b860..ac9e9c33a5f 100644
--- a/frontend/desktop/deploy/manifests/configmap.yaml.tmpl
+++ b/frontend/desktop/deploy/manifests/configmap.yaml.tmpl
@@ -43,9 +43,9 @@ data:
         invite:
           enabled: false
         jwt:
-          internal: "<your-internal-jwt-secret>"
-          regional: "<your-regional-jwt-secret>"
-          global: "<your-global-jwt-secret>"
+          internal: "{{ .jwtInternal }}"
+          regional: "{{ .jwtRegional }}"
+          global: "{{ .jwtGlobal }}"
         idp:
           password:
             enabled: true
diff --git a/frontend/desktop/deploy/scripts/init.sh b/frontend/desktop/deploy/scripts/init.sh
index b6ebb7a1476..2c2113eccfe 100644
--- a/frontend/desktop/deploy/scripts/init.sh
+++ b/frontend/desktop/deploy/scripts/init.sh
@@ -6,8 +6,5 @@ if [[ -n "$cm_exists" ]]; then
   echo "desktop-frontend-config already exists, skip create desktop config"
 else
   echo "create desktop config"
-    sed -i -e "s;<your-internal-jwt-secret>;$(tr -cd 'a-z0-9' </dev/urandom | head -c64);" manifests/configmap.yaml
-    sed -i -e "s;<your-regional-jwt-secret>;$(tr -cd 'a-z0-9' </dev/urandom | head -c64);" manifests/configmap.yaml
-    sed -i -e "s;<your-global-jwt-secret>;$(tr -cd 'a-z0-9' </dev/urandom | head -c64);" manifests/configmap.yaml
   kubectl apply -f manifests/configmap.yaml --validate=false
 fi
diff --git a/scripts/cloud/build-offline-tar.sh b/scripts/cloud/build-offline-tar.sh
index c24181a7ac8..5b5ad2b24ee 100644
--- a/scripts/cloud/build-offline-tar.sh
+++ b/scripts/cloud/build-offline-tar.sh
@@ -21,6 +21,7 @@ images=(
   docker.io/labring/kubeblocks-mongodb:v0.8.2
   docker.io/labring/kubeblocks-postgresql:v0.8.2
   docker.io/labring/kubeblocks-apecloud-mysql:v0.8.2
+  docker.io/labring/kubeblocks-csi-s3:v0.31.4
   docker.io/labring/cockroach:v2.12.0
   docker.io/labring/metrics-server:v0.6.4
 )
diff --git a/scripts/cloud/install.sh b/scripts/cloud/install.sh
index 3eef94c53eb..94250e69862 100644
--- a/scripts/cloud/install.sh
+++ b/scripts/cloud/install.sh
@@ -277,6 +277,7 @@ init() {
     pull_image "kubeblocks-apecloud-mysql" "v${kubeblocks_version#v:-0.8.2}"
     pull_image "kubeblocks-postgresql" "v${kubeblocks_version#v:-0.8.2}"
     pull_image "kubeblocks-mongodb" "v${kubeblocks_version#v:-0.8.2}"
+    pull_image "kubeblocks-csi-s3" "v0.31.4"
     pull_image "cockroach" "v2.12.0"
     pull_image "metrics-server" "v${metrics_server_version#v:-0.6.4}"
     pull_image "victoria-metrics-k8s-stack" "v${victoria_metrics_k8s_stack_version#v:-1.96.0}"
@@ -770,9 +771,10 @@ EOF
     sealos run ${image_registry}/${image_repository}/kubeblocks-apecloud-mysql:v${kubeblocks_version#v:-0.8.2} \
       ${image_registry}/${image_repository}/kubeblocks-postgresql:v${kubeblocks_version#v:-0.8.2} \
       ${image_registry}/${image_repository}/kubeblocks-mongodb:v${kubeblocks_version#v:-0.8.2} \
-      ${image_registry}/${image_repository}/kubeblocks-redis:v${kubeblocks_version#v:-0.8.2}
+      ${image_registry}/${image_repository}/kubeblocks-redis:v${kubeblocks_version#v:-0.8.2} \
+      ${image_registry}/${image_repository}/kubeblocks-csi-s3:v0.31.4
 
-    addons=("snapshot-controller" "csi-s3" "migration" "milvus" "weaviate")
+    addons=("snapshot-controller" "migration" "milvus" "weaviate")
 
     for addon in "${addons[@]}"; do
       kubectl patch addon $addon --type='merge' -p '{"spec":{"install":{"enabled":true,"resources":{},"tolerations":"[{\"effect\":\"NoSchedule\",\"key\":\"kb-controller\",\"operator\":\"Equal\",\"value\":\"true\"}]"}}}'

From 1243fd31e8f2f8828e35f1c47e6e6cd19155ae3e Mon Sep 17 00:00:00 2001
From: xudaotutou <13435638964@163.com>
Date: Thu, 26 Sep 2024 16:03:47 +0800
Subject: [PATCH 05/63] fix desktop and costcenter configs (#5114)

---
 deploy/cloud/scripts/init.sh                                 | 5 +++--
 frontend/desktop/deploy/manifests/configmap.yaml.tmpl        | 1 +
 frontend/desktop/deploy/manifests/rbac.yaml                  | 3 +++
 frontend/providers/costcenter/deploy/Kubefile                | 1 +
 .../costcenter/deploy/manifests/configmap.yaml.tmpl          | 4 ++++
 5 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/deploy/cloud/scripts/init.sh b/deploy/cloud/scripts/init.sh
index e52a10f1f23..1787b1a498c 100644
--- a/deploy/cloud/scripts/init.sh
+++ b/deploy/cloud/scripts/init.sh
@@ -289,8 +289,9 @@ function sealos_run_frontend {
   --env cloudPort="$cloudPort" \
   --env certSecretName="wildcard-cert" \
   --env transferEnabled="true" \
-  --env rechargeEnabled="false"
-
+  --env rechargeEnabled="false" \
+  --env jwtInternal="$jwtInternal"
+ 
   echo "run template frontend"
   sealos run tars/frontend-template.tar \
   --env cloudDomain=$cloudDomain \
diff --git a/frontend/desktop/deploy/manifests/configmap.yaml.tmpl b/frontend/desktop/deploy/manifests/configmap.yaml.tmpl
index ac9e9c33a5f..dd6d744efd6 100644
--- a/frontend/desktop/deploy/manifests/configmap.yaml.tmpl
+++ b/frontend/desktop/deploy/manifests/configmap.yaml.tmpl
@@ -39,6 +39,7 @@ data:
         proxyAddress: ""
         callbackURL: "https://{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}/callback"
         signUpEnabled: true
+        billingUrl: "http://account-service.account-system.svc:2333"
         baiduToken: ""
         invite:
           enabled: false
diff --git a/frontend/desktop/deploy/manifests/rbac.yaml b/frontend/desktop/deploy/manifests/rbac.yaml
index a42c1180a4f..5a3e98d49e7 100644
--- a/frontend/desktop/deploy/manifests/rbac.yaml
+++ b/frontend/desktop/deploy/manifests/rbac.yaml
@@ -89,6 +89,9 @@ rules:
   - apiGroups: ["notification.sealos.io"]
     resources: ["notifications"]
     verbs: ["list", "get", "create", "update", "patch", "watch"]
+  - apiGroups: [""]
+    resources: ["namespaces"]
+    verbs: ["patch"]
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
diff --git a/frontend/providers/costcenter/deploy/Kubefile b/frontend/providers/costcenter/deploy/Kubefile
index 9c6af5ae51c..139414db66a 100644
--- a/frontend/providers/costcenter/deploy/Kubefile
+++ b/frontend/providers/costcenter/deploy/Kubefile
@@ -10,5 +10,6 @@ ENV cloudDomain="127.0.0.1.nip.io"
 ENV cloudPort=""
 ENV transferEnabled="true"
 ENV rechargeEnabled="true"
+ENV jwtInternal=""
 
 CMD ["kubectl apply -f manifests"]
diff --git a/frontend/providers/costcenter/deploy/manifests/configmap.yaml.tmpl b/frontend/providers/costcenter/deploy/manifests/configmap.yaml.tmpl
index 8e7dba149b3..490f2207df2 100644
--- a/frontend/providers/costcenter/deploy/manifests/configmap.yaml.tmpl
+++ b/frontend/providers/costcenter/deploy/manifests/configmap.yaml.tmpl
@@ -15,6 +15,10 @@ data:
     costCenter:
       transferEnabled: true
       currencyType: "shellCoin"
+      auth:
+        jwt:
+          internal: "{{ .jwtInternal }}"
+          billing: "{{ .jwtInternal }}"
       invoice:
         enabled: false
         feiShuBotURL: ""

From 2fd2f07892660ce4fa0ad0e167082fbeb372d579 Mon Sep 17 00:00:00 2001
From: zijiren <84728412+zijiren233@users.noreply.github.com>
Date: Thu, 26 Sep 2024 16:09:26 +0800
Subject: [PATCH 06/63] fix: cronjob arm64 image (#5113)

---
 frontend/providers/cronjob/src/utils/json2Yaml.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frontend/providers/cronjob/src/utils/json2Yaml.ts b/frontend/providers/cronjob/src/utils/json2Yaml.ts
index 0a739dfbde8..982ea8ce2de 100644
--- a/frontend/providers/cronjob/src/utils/json2Yaml.ts
+++ b/frontend/providers/cronjob/src/utils/json2Yaml.ts
@@ -35,7 +35,7 @@ export const json2CronJob = (data: CronJobEditType) => {
   }
 
   if (data.jobType === 'launchpad') {
-    data.imageName = 'nowinkey/curl-kubectl:v1.0.4';
+    data.imageName = 'labring4docker/curl-kubectl:v1.0.0';
     data.runCMD = `["/bin/sh", "-c"]`;
     const resources = {
       requests: {

From b78691a56704884d1da0544a2779b8f42b45d3f1 Mon Sep 17 00:00:00 2001
From: xzy <ziyi@sealos.io>
Date: Thu, 26 Sep 2024 17:49:03 +0800
Subject: [PATCH 07/63] sync resourcequota objectstorage/size status used
 (#5102)

---
 .../controllers/objectstorageuser_controller.go        | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/controllers/objectstorage/controllers/objectstorageuser_controller.go b/controllers/objectstorage/controllers/objectstorageuser_controller.go
index adc3ccd0f28..722d912da05 100644
--- a/controllers/objectstorage/controllers/objectstorageuser_controller.go
+++ b/controllers/objectstorage/controllers/objectstorageuser_controller.go
@@ -20,6 +20,7 @@ import (
 	"bytes"
 	"context"
 	"fmt"
+	"strconv"
 	"strings"
 	"time"
 
@@ -148,6 +149,7 @@ func (r *ObjectStorageUserReconciler) Reconcile(ctx context.Context, req ctrl.Re
 	}
 
 	quota := resourceQuota.Spec.Hard.Name(ResourceObjectStorageSize, resource.BinarySI)
+	used := resourceQuota.Status.Used.Name(ResourceObjectStorageSize, resource.BinarySI)
 
 	updated := r.initObjectStorageUser(user, username, quota.Value())
 
@@ -201,6 +203,14 @@ func (r *ObjectStorageUserReconciler) Reconcile(ctx context.Context, req ctrl.Re
 		updated = true
 	}
 
+	if used.Value() != size {
+		resourceQuota.Status.Used[ResourceObjectStorageSize] = resource.MustParse(strconv.FormatInt(size, 10))
+		if err := r.Status().Update(ctx, resourceQuota); err != nil {
+			r.Logger.Error(err, "failed to update status", "name", resourceQuota.Name, "namespace", userNamespace)
+			return ctrl.Result{}, err
+		}
+	}
+
 	if user.Status.ObjectsCount != objectsCount {
 		user.Status.ObjectsCount = objectsCount
 		updated = true

From d21832075623248f831df5f04b7a8962c3c83fb6 Mon Sep 17 00:00:00 2001
From: Jiahui <4543bxy@gmail.com>
Date: Fri, 27 Sep 2024 14:51:17 +0800
Subject: [PATCH 08/63] fix scripts: init account jwt secret (#5117)

---
 deploy/cloud/scripts/init.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/deploy/cloud/scripts/init.sh b/deploy/cloud/scripts/init.sh
index 1787b1a498c..70f9c07e0a3 100644
--- a/deploy/cloud/scripts/init.sh
+++ b/deploy/cloud/scripts/init.sh
@@ -243,7 +243,8 @@ function sealos_run_controller {
   --env DEFAULT_NAMESPACE="account-system" \
   --env GLOBAL_COCKROACH_URI="$cockroachdbGlobalUri" \
   --env LOCAL_COCKROACH_URI="$cockroachdbLocalUri" \
-  --env LOCAL_REGION="$localRegionUID"
+  --env LOCAL_REGION="$localRegionUID" \
+  --env ACCOUNT_API_JWT_SECRET="$jwtInternal"
 
   sealos run tars/account-service.tar --env cloudDomain="$cloudDomain" --env cloudPort="$cloudPort"
 

From ebe7f51afe023810fc4e3538f4f2e46007d43002 Mon Sep 17 00:00:00 2001
From: jingyang <72259332+zjy365@users.noreply.github.com>
Date: Sat, 28 Sep 2024 12:01:32 +0800
Subject: [PATCH 09/63] feat: launchpad support secret userDomains (#5119)

* feat: support secret userDomains

* update deploy
---
 frontend/providers/applaunchpad/.env.template      |  9 +--------
 frontend/providers/applaunchpad/data/config.yaml   |  8 +++++---
 frontend/providers/applaunchpad/deploy/Kubefile    |  3 ++-
 .../applaunchpad/deploy/manifests/deploy.yaml.tmpl |  7 ++++++-
 .../providers/applaunchpad/src/api/platform.ts     |  1 -
 .../src/pages/api/platform/getInitData.ts          | 14 ++++++++------
 .../src/pages/api/v1alpha/createApp.ts             |  5 +++++
 .../app/edit/components/CustomAccessModal.tsx      |  4 ++--
 .../src/pages/app/edit/components/Form.tsx         |  2 +-
 .../providers/applaunchpad/src/store/static.ts     | 12 ++++--------
 frontend/providers/applaunchpad/src/types/app.d.ts |  4 ++--
 .../providers/applaunchpad/src/types/index.d.ts    | 11 +++++++----
 frontend/providers/applaunchpad/src/utils/adapt.ts |  4 ++--
 .../applaunchpad/src/utils/deployYaml2Json.ts      |  7 +++++--
 14 files changed, 50 insertions(+), 41 deletions(-)

diff --git a/frontend/providers/applaunchpad/.env.template b/frontend/providers/applaunchpad/.env.template
index a27352112d3..3285ba37b23 100644
--- a/frontend/providers/applaunchpad/.env.template
+++ b/frontend/providers/applaunchpad/.env.template
@@ -1,8 +1 @@
-NEXT_PUBLIC_MOCK_USER=
-SEALOS_DOMAIN="cloud.sealos.io"
-DOMAIN_PORT=
-FASTGPT_KEY=
-CURRENCY=
-MONITOR_URL=
-INGRESS_SECRET=
-GUIDE_ENABLED=
\ No newline at end of file
+NEXT_PUBLIC_MOCK_USER=
\ No newline at end of file
diff --git a/frontend/providers/applaunchpad/data/config.yaml b/frontend/providers/applaunchpad/data/config.yaml
index 13db2236905..f7ab8b485c6 100644
--- a/frontend/providers/applaunchpad/data/config.yaml
+++ b/frontend/providers/applaunchpad/data/config.yaml
@@ -2,19 +2,21 @@ cloud:
   domain: 127.0.0.1.nip.io
   desktopDomain: 127.0.0.1.nip.io
   port: ""
-  userDomain:
-    - 127.0.0.1.nip.io
+  userDomains:
+    - name: 127.0.0.1.nip.io
+      secretName: wildcard-cert
 common:
   guideEnabled: false
   apiEnabled: false
 launchpad:
-  ingressTlsSecretName: wildcard-cert
   eventAnalyze:
     enabled: false
     fastGPTKey: ""
   components:
     monitor:
       url: http://launchpad-monitor.sealos.svc.cluster.local:8428
+    billing:
+      url: "http://account-service.account-system.svc:2333"
   appResourceFormSliderConfig:
     default:
       cpu: [100, 200, 500, 1000, 2000, 3000, 4000, 8000]
diff --git a/frontend/providers/applaunchpad/deploy/Kubefile b/frontend/providers/applaunchpad/deploy/Kubefile
index e052ade7ab7..bc58eb95ca7 100644
--- a/frontend/providers/applaunchpad/deploy/Kubefile
+++ b/frontend/providers/applaunchpad/deploy/Kubefile
@@ -9,7 +9,8 @@ ENV cloudDomain="127.0.0.1.nip.io"
 ENV cloudPort=""
 
 ENV certSecretName="wildcard-cert"
-ENV ingressTlsSecretName="wildcard-cert"
+
 ENV monitorUrl="http://launchpad-monitor.sealos.svc.cluster.local:8428"
+ENV billingUrl="http://account-service.account-system.svc:2333"
 
 CMD ["kubectl apply -f manifests"]
diff --git a/frontend/providers/applaunchpad/deploy/manifests/deploy.yaml.tmpl b/frontend/providers/applaunchpad/deploy/manifests/deploy.yaml.tmpl
index 78793ae6eb3..4df46f43427 100644
--- a/frontend/providers/applaunchpad/deploy/manifests/deploy.yaml.tmpl
+++ b/frontend/providers/applaunchpad/deploy/manifests/deploy.yaml.tmpl
@@ -15,17 +15,22 @@ data:
     cloud:
       domain: {{ .cloudDomain }}
       port: {{ if .cloudPort }}:{{ .cloudPort }}{{ end }}
+      desktopDomain: {{ .cloudDomain }}
+      userDomains: 
+        - name: {{ .cloudDomain }}
+          secretName: {{ .certSecretName }}
     common:
       guideEnabled: false
       apiEnabled: false
     launchpad:
-      ingressTlsSecretName: {{ .ingressTlsSecretName }}
       eventAnalyze:
         enabled: false
         fastGPTKey: ""
       components:
         monitor:
           url: {{ .monitorUrl }}
+        billing:
+          url: {{ .billingUrl }}
       appResourceFormSliderConfig:
         default:
           cpu: [100, 200, 500, 1000, 2000, 3000, 4000, 8000]
diff --git a/frontend/providers/applaunchpad/src/api/platform.ts b/frontend/providers/applaunchpad/src/api/platform.ts
index e8fe277b932..c64afb13d50 100644
--- a/frontend/providers/applaunchpad/src/api/platform.ts
+++ b/frontend/providers/applaunchpad/src/api/platform.ts
@@ -1,6 +1,5 @@
 import type { Response as InitDataType } from '@/pages/api/platform/getInitData';
 import { GET, POST } from '@/services/request';
-import { EnvResponse } from '@/types';
 import type { AccountCRD, UserQuotaItemType, userPriceType } from '@/types/user';
 import { AuthCnamePrams } from './params';
 import { UpdateUserGuideParams } from '@/pages/api/guide/updateGuide';
diff --git a/frontend/providers/applaunchpad/src/pages/api/platform/getInitData.ts b/frontend/providers/applaunchpad/src/pages/api/platform/getInitData.ts
index f48dcbffff6..b3d6be33b70 100644
--- a/frontend/providers/applaunchpad/src/pages/api/platform/getInitData.ts
+++ b/frontend/providers/applaunchpad/src/pages/api/platform/getInitData.ts
@@ -10,13 +10,12 @@ import { getGpuNode } from './resourcePrice';
 export type Response = {
   SEALOS_DOMAIN: string;
   DOMAIN_PORT: string;
-  INGRESS_SECRET: string;
   SHOW_EVENT_ANALYZE: boolean;
   FORM_SLIDER_LIST_CONFIG: FormSliderListType;
   CURRENCY: Coin;
   guideEnabled: boolean;
   fileMangerConfig: FileMangerType;
-  SEALOS_USER_DOMAIN: string[];
+  SEALOS_USER_DOMAINS: { name: string; secretName: string }[];
   DESKTOP_DOMAIN: string;
 };
 
@@ -24,7 +23,12 @@ export const defaultAppConfig: AppConfigType = {
   cloud: {
     domain: 'cloud.sealos.io',
     port: '',
-    userDomain: ['cloud.sealos.io'],
+    userDomains: [
+      {
+        name: 'cloud.sealos.io',
+        secretName: 'wildcard-cert'
+      }
+    ],
     desktopDomain: 'cloud.sealos.io'
   },
   common: {
@@ -33,7 +37,6 @@ export const defaultAppConfig: AppConfigType = {
     gpuEnabled: false
   },
   launchpad: {
-    ingressTlsSecretName: 'wildcard-cert',
     eventAnalyze: {
       enabled: false,
       fastGPTKey: ''
@@ -83,13 +86,12 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
       data: {
         SEALOS_DOMAIN: global.AppConfig.cloud.domain,
         DOMAIN_PORT: global.AppConfig.cloud.port?.toString() || '',
-        INGRESS_SECRET: global.AppConfig.launchpad.ingressTlsSecretName,
         SHOW_EVENT_ANALYZE: global.AppConfig.launchpad.eventAnalyze.enabled,
         FORM_SLIDER_LIST_CONFIG: global.AppConfig.launchpad.appResourceFormSliderConfig,
         guideEnabled: global.AppConfig.common.guideEnabled,
         fileMangerConfig: global.AppConfig.launchpad.fileManger,
         CURRENCY: Coin.shellCoin,
-        SEALOS_USER_DOMAIN: global.AppConfig.cloud.userDomain || [],
+        SEALOS_USER_DOMAINS: global.AppConfig.cloud.userDomains || [],
         DESKTOP_DOMAIN: global.AppConfig.cloud.desktopDomain
       }
     });
diff --git a/frontend/providers/applaunchpad/src/pages/api/v1alpha/createApp.ts b/frontend/providers/applaunchpad/src/pages/api/v1alpha/createApp.ts
index dd6ff058b61..39e612a01e1 100644
--- a/frontend/providers/applaunchpad/src/pages/api/v1alpha/createApp.ts
+++ b/frontend/providers/applaunchpad/src/pages/api/v1alpha/createApp.ts
@@ -17,6 +17,11 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse<
       kubeconfig: await authSession(req.headers)
     });
 
+    appForm.networks = appForm.networks.map((network) => ({
+      ...network,
+      domain: global.AppConfig.cloud.domain
+    }));
+
     const parseYamls = formData2Yamls(appForm);
 
     const yamls = parseYamls.map((item) => item.value);
diff --git a/frontend/providers/applaunchpad/src/pages/app/edit/components/CustomAccessModal.tsx b/frontend/providers/applaunchpad/src/pages/app/edit/components/CustomAccessModal.tsx
index 66ff4e18c4d..86dfeafb451 100644
--- a/frontend/providers/applaunchpad/src/pages/app/edit/components/CustomAccessModal.tsx
+++ b/frontend/providers/applaunchpad/src/pages/app/edit/components/CustomAccessModal.tsx
@@ -19,7 +19,7 @@ import { Tip } from '@sealos/ui';
 import { InfoOutlineIcon } from '@chakra-ui/icons';
 import { useRequest } from '@/hooks/useRequest';
 import { postAuthCname } from '@/api/platform';
-import { SEALOS_USER_DOMAIN } from '@/store/static';
+import { SEALOS_USER_DOMAINS } from '@/store/static';
 
 export type CustomAccessModalParams = {
   publicDomain: string;
@@ -46,7 +46,7 @@ const CustomAccessModal = ({
   const completePublicDomain = useMemo(() => `${publicDomain}.${domain}`, [publicDomain, domain]);
 
   const cnameTips = useMemo(() => {
-    return SEALOS_USER_DOMAIN.map((item) => `${publicDomain}.${item}`).join(` ${t('or')} `);
+    return SEALOS_USER_DOMAINS.map((item) => `${publicDomain}.${item.name}`).join(` ${t('or')} `);
   }, [publicDomain, t]);
 
   const { mutate: authCNAME, isLoading } = useRequest({
diff --git a/frontend/providers/applaunchpad/src/pages/app/edit/components/Form.tsx b/frontend/providers/applaunchpad/src/pages/app/edit/components/Form.tsx
index ecf65c89678..e7480bd72c1 100644
--- a/frontend/providers/applaunchpad/src/pages/app/edit/components/Form.tsx
+++ b/frontend/providers/applaunchpad/src/pages/app/edit/components/Form.tsx
@@ -5,7 +5,7 @@ import { defaultSliderKey, ProtocolList } from '@/constants/app';
 import { GpuAmountMarkList } from '@/constants/editApp';
 import { useToast } from '@/hooks/useToast';
 import { useGlobalStore } from '@/store/global';
-import { SEALOS_DOMAIN, SEALOS_USER_DOMAIN } from '@/store/static';
+import { SEALOS_DOMAIN } from '@/store/static';
 import { useUserStore } from '@/store/user';
 import type { QueryType } from '@/types';
 import type { AppEditType } from '@/types/app';
diff --git a/frontend/providers/applaunchpad/src/store/static.ts b/frontend/providers/applaunchpad/src/store/static.ts
index 87a94ba236a..10c8bd2a79e 100644
--- a/frontend/providers/applaunchpad/src/store/static.ts
+++ b/frontend/providers/applaunchpad/src/store/static.ts
@@ -2,10 +2,9 @@ import { getInitData } from '@/api/platform';
 import { Coin } from '@/constants/app';
 
 export let SEALOS_DOMAIN = 'cloud.sealos.io';
-export let SEALOS_USER_DOMAIN = ['cloud.sealos.io'];
+export let SEALOS_USER_DOMAINS = [{ name: 'cloud.sealos.io', secretName: 'wildcard-cert' }];
 export let DESKTOP_DOMAIN = 'cloud.sealos.io';
 export let DOMAIN_PORT = '';
-export let INGRESS_SECRET = 'wildcard-cert';
 export let SHOW_EVENT_ANALYZE = false;
 export let CURRENCY = Coin.shellCoin;
 export let UPLOAD_LIMIT = 50;
@@ -15,9 +14,8 @@ export const loadInitData = async () => {
   try {
     const res = await getInitData();
     SEALOS_DOMAIN = res.SEALOS_DOMAIN;
-    SEALOS_USER_DOMAIN = res.SEALOS_USER_DOMAIN;
+    SEALOS_USER_DOMAINS = res.SEALOS_USER_DOMAINS;
     DOMAIN_PORT = res.DOMAIN_PORT;
-    INGRESS_SECRET = res.INGRESS_SECRET;
     SHOW_EVENT_ANALYZE = res.SHOW_EVENT_ANALYZE;
     CURRENCY = res.CURRENCY;
     UPLOAD_LIMIT = res.fileMangerConfig.uploadLimit;
@@ -27,7 +25,6 @@ export const loadInitData = async () => {
     return {
       SEALOS_DOMAIN,
       DOMAIN_PORT,
-      INGRESS_SECRET,
       CURRENCY,
       FORM_SLIDER_LIST_CONFIG: res.FORM_SLIDER_LIST_CONFIG,
       DESKTOP_DOMAIN: res.DESKTOP_DOMAIN
@@ -35,8 +32,7 @@ export const loadInitData = async () => {
   } catch (error) {}
 
   return {
-    SEALOS_DOMAIN,
-    INGRESS_SECRET
+    SEALOS_DOMAIN
   };
 };
 
@@ -45,7 +41,7 @@ export const serverLoadInitData = () => {
   try {
     SEALOS_DOMAIN = global.AppConfig.cloud.domain || 'cloud.sealos.io';
     DOMAIN_PORT = global.AppConfig.cloud.port || '';
-    INGRESS_SECRET = global.AppConfig.launchpad.ingressTlsSecretName || 'wildcard-cert';
     SHOW_EVENT_ANALYZE = global.AppConfig.launchpad.eventAnalyze.enabled;
+    SEALOS_USER_DOMAINS = global.AppConfig.cloud.userDomains;
   } catch (error) {}
 };
diff --git a/frontend/providers/applaunchpad/src/types/app.d.ts b/frontend/providers/applaunchpad/src/types/app.d.ts
index 952ea06bcb9..69db7c38f67 100644
--- a/frontend/providers/applaunchpad/src/types/app.d.ts
+++ b/frontend/providers/applaunchpad/src/types/app.d.ts
@@ -76,9 +76,9 @@ export interface AppEditType {
     port: number;
     protocol: ProtocolType;
     openPublicDomain: boolean;
-    publicDomain: string; // default domain // domainPrefix
+    publicDomain: string; //  domainPrefix
     customDomain: string; // custom domain
-    domain: string;
+    domain: string; // Main promoted domain
   }[];
   envs: {
     key: string;
diff --git a/frontend/providers/applaunchpad/src/types/index.d.ts b/frontend/providers/applaunchpad/src/types/index.d.ts
index 7f0a91ef042..8caee522f67 100644
--- a/frontend/providers/applaunchpad/src/types/index.d.ts
+++ b/frontend/providers/applaunchpad/src/types/index.d.ts
@@ -25,10 +25,14 @@ export type FileMangerType = {
 
 export type AppConfigType = {
   cloud: {
-    domain: string;
+    domain: string; // Main promoted domain
     port?: string;
-    userDomain: string[];
-    desktopDomain: string;
+    // List of domains available for users
+    userDomains: {
+      name: string;
+      secretName: string;
+    }[];
+    desktopDomain: string; // Domain for the desktop application
   };
   common: {
     guideEnabled: boolean;
@@ -36,7 +40,6 @@ export type AppConfigType = {
     gpuEnabled: boolean;
   };
   launchpad: {
-    ingressTlsSecretName: string;
     eventAnalyze: {
       enabled: boolean;
       fastGPTKey?: string;
diff --git a/frontend/providers/applaunchpad/src/utils/adapt.ts b/frontend/providers/applaunchpad/src/utils/adapt.ts
index c63fcc077de..0c05b3787f0 100644
--- a/frontend/providers/applaunchpad/src/utils/adapt.ts
+++ b/frontend/providers/applaunchpad/src/utils/adapt.ts
@@ -219,7 +219,7 @@ export enum YamlKindEnum {
 }
 
 export const adaptAppDetail = async (configs: DeployKindsType[]): Promise<AppDetailType> => {
-  const { SEALOS_DOMAIN, SEALOS_USER_DOMAIN } = await getInitData();
+  const { SEALOS_DOMAIN, SEALOS_USER_DOMAINS } = await getInitData();
   const deployKindsMap: {
     [YamlKindEnum.StatefulSet]?: V1StatefulSet;
     [YamlKindEnum.Deployment]?: V1Deployment;
@@ -314,7 +314,7 @@ export const adaptAppDetail = async (configs: DeployKindsType[]): Promise<AppDet
 
         const isCustomDomain =
           !domain.endsWith(SEALOS_DOMAIN) &&
-          !SEALOS_USER_DOMAIN.some((user) => domain.endsWith(user));
+          !SEALOS_USER_DOMAINS.some((item) => domain.endsWith(item.name));
 
         return {
           networkName: ingress?.metadata?.name || '',
diff --git a/frontend/providers/applaunchpad/src/utils/deployYaml2Json.ts b/frontend/providers/applaunchpad/src/utils/deployYaml2Json.ts
index 1dcd33e1eda..1f10a7a932e 100644
--- a/frontend/providers/applaunchpad/src/utils/deployYaml2Json.ts
+++ b/frontend/providers/applaunchpad/src/utils/deployYaml2Json.ts
@@ -7,7 +7,7 @@ import {
   minReplicasKey,
   publicDomainKey
 } from '@/constants/app';
-import { INGRESS_SECRET } from '@/store/static';
+import { SEALOS_USER_DOMAINS } from '@/store/static';
 import type { AppEditType } from '@/types/app';
 import { pathFormat, pathToNameFormat, str2Num, strToBase64 } from '@/utils/tools';
 import dayjs from 'dayjs';
@@ -274,7 +274,10 @@ export const json2Ingress = (data: AppEditType) => {
         ? network.customDomain
         : `${network.publicDomain}.${network.domain}`;
 
-      const secretName = network.customDomain ? network.networkName : INGRESS_SECRET;
+      const secretName = network.customDomain
+        ? network.networkName
+        : SEALOS_USER_DOMAINS.find((domain) => domain.name === network.domain)?.secretName ||
+          'wildcard-cert';
 
       const ingress = {
         apiVersion: 'networking.k8s.io/v1',

From d3ba17bc4925707a32ae999e88019aaf3af23800 Mon Sep 17 00:00:00 2001
From: zijiren <84728412+zijiren233@users.noreply.github.com>
Date: Sat, 28 Sep 2024 12:42:12 +0800
Subject: [PATCH 10/63] fix: node tls reject unauthorized (#5116)

* fix: node tls reject unauthorized

* fix: account use svc
---
 .../devbox/app/api/platform/resourcePrice/route.ts  |  7 +++++--
 .../devbox/deploy/manifests/deploy.yaml.tmpl        |  2 ++
 .../template/deploy/manifests/deploy.yaml.tmpl      |  2 ++
 .../src/pages/api/platform/resourcePrice.ts         | 13 +++++++------
 4 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/frontend/providers/devbox/app/api/platform/resourcePrice/route.ts b/frontend/providers/devbox/app/api/platform/resourcePrice/route.ts
index c921e88f894..6f14b6e4076 100644
--- a/frontend/providers/devbox/app/api/platform/resourcePrice/route.ts
+++ b/frontend/providers/devbox/app/api/platform/resourcePrice/route.ts
@@ -44,11 +44,14 @@ const valuationMap: Record<string, number> = {
 
 export async function GET(req: NextRequest) {
   try {
-    const { SEALOS_DOMAIN } = process.env
+    const { ACCOUNT_URL, SEALOS_DOMAIN } = process.env
+    const baseUrl = ACCOUNT_URL
+      ? ACCOUNT_URL
+      : `https://account-api.${SEALOS_DOMAIN}`;
     const getResourcePrice = async () => {
       try {
         const res = await fetch(
-          `https://account-api.${SEALOS_DOMAIN}/account/v1alpha1/properties`,
+          `${baseUrl}/account/v1alpha1/properties`,
           {
             method: 'POST'
           }
diff --git a/frontend/providers/devbox/deploy/manifests/deploy.yaml.tmpl b/frontend/providers/devbox/deploy/manifests/deploy.yaml.tmpl
index 7a1c0e08e68..6514f1538f2 100644
--- a/frontend/providers/devbox/deploy/manifests/deploy.yaml.tmpl
+++ b/frontend/providers/devbox/deploy/manifests/deploy.yaml.tmpl
@@ -49,6 +49,8 @@ spec:
               value: http://launchpad-monitor.sealos.svc.cluster.local:8428
             - name: SQUASH_ENABLE
               value: 'true'
+            - name: ACCOUNT_URL
+              value: http://account-service.account-system.svc.cluster.local:2333
           securityContext:
             runAsNonRoot: true
             runAsUser: 1001
diff --git a/frontend/providers/template/deploy/manifests/deploy.yaml.tmpl b/frontend/providers/template/deploy/manifests/deploy.yaml.tmpl
index 05621e26e09..743acd1c984 100644
--- a/frontend/providers/template/deploy/manifests/deploy.yaml.tmpl
+++ b/frontend/providers/template/deploy/manifests/deploy.yaml.tmpl
@@ -80,6 +80,8 @@ spec:
               value: {{ .templateRepoBranch }}
             - name: SHOW_AUTHOR
               value: "false"
+            - name: ACCOUNT_URL
+              value: http://account-service.account-system.svc.cluster.local:2333
           image: ghcr.io/labring/sealos-template-frontend:latest
           imagePullPolicy: Always
           volumeMounts:
diff --git a/frontend/providers/template/src/pages/api/platform/resourcePrice.ts b/frontend/providers/template/src/pages/api/platform/resourcePrice.ts
index d6efb4fe826..85b26b377a8 100644
--- a/frontend/providers/template/src/pages/api/platform/resourcePrice.ts
+++ b/frontend/providers/template/src/pages/api/platform/resourcePrice.ts
@@ -44,12 +44,13 @@ export function transformProperties(data: properties): userPriceType {
 }
 
 const getResourcePrice = async () => {
-  const res = await fetch(
-    `https://account-api.${process.env.SEALOS_CLOUD_DOMAIN}/account/v1alpha1/properties`,
-    {
-      method: 'POST'
-    }
-  );
+  const baseUrl = process.env.ACCOUNT_URL
+    ? process.env.ACCOUNT_URL
+    : `https://account-api.${process.env.SEALOS_CLOUD_DOMAIN}`;
+
+  const res = await fetch(`${baseUrl}/account/v1alpha1/properties`, {
+    method: 'POST'
+  });
   const data = await res.json();
   return transformProperties(data.data as properties);
 };

From 22d9a138f9a3f4cd04a4eb927639fd008972adff Mon Sep 17 00:00:00 2001
From: yy <56745951+lingdie@users.noreply.github.com>
Date: Sat, 28 Sep 2024 15:15:23 +0800
Subject: [PATCH 11/63] fix devbox phase generate. (#5120)

---
 controllers/devbox/.gitignore                 |  3 ++
 .../devbox/api/v1alpha1/devbox_types.go       |  6 ++--
 .../crd/bases/devbox.sealos.io_devboxes.yaml  |  4 ---
 .../devbox/deploy/manifests/deploy.yaml.tmpl  |  6 +---
 .../internal/controller/devbox_controller.go  | 35 +++++++------------
 .../internal/controller/helper/devbox.go      | 27 +++++++++++++-
 6 files changed, 45 insertions(+), 36 deletions(-)

diff --git a/controllers/devbox/.gitignore b/controllers/devbox/.gitignore
index ada68ff086c..fa6acefb0a0 100644
--- a/controllers/devbox/.gitignore
+++ b/controllers/devbox/.gitignore
@@ -25,3 +25,6 @@ go.work
 *.swp
 *.swo
 *~
+
+# ignore deploy.yaml
+deploy/manifests/deploy.yaml
diff --git a/controllers/devbox/api/v1alpha1/devbox_types.go b/controllers/devbox/api/v1alpha1/devbox_types.go
index facdbe59f9b..5c82533e142 100644
--- a/controllers/devbox/api/v1alpha1/devbox_types.go
+++ b/controllers/devbox/api/v1alpha1/devbox_types.go
@@ -163,16 +163,16 @@ const (
 	DevboxPhasePending DevboxPhase = "Pending"
 	//DevboxPhaseStopped means Devbox is stop and stopped success
 	DevboxPhaseStopped DevboxPhase = "Stopped"
-	//DevboxPhaseStopping means Devbox is stop and not stopped success
+	//DevboxPhaseStopping means Devbox is stopping
 	DevboxPhaseStopping DevboxPhase = "Stopping"
 	//DevboxPhaseError means Devbox is error
 	DevboxPhaseError DevboxPhase = "Error"
+	//DevboxPhaseUnknown means Devbox is unknown
+	DevboxPhaseUnknown DevboxPhase = "Unknown"
 )
 
 // DevboxStatus defines the observed state of Devbox
 type DevboxStatus struct {
-	// +kubebuilder:validation:Optional
-	DevboxPodPhase corev1.PodPhase `json:"podPhase"`
 	// +kubebuilder:validation:Optional
 	Network NetworkStatus `json:"network"`
 	// +kubebuilder:validation:Optional
diff --git a/controllers/devbox/config/crd/bases/devbox.sealos.io_devboxes.yaml b/controllers/devbox/config/crd/bases/devbox.sealos.io_devboxes.yaml
index 7c585d60f50..eaf11b9e577 100644
--- a/controllers/devbox/config/crd/bases/devbox.sealos.io_devboxes.yaml
+++ b/controllers/devbox/config/crd/bases/devbox.sealos.io_devboxes.yaml
@@ -2848,10 +2848,6 @@ spec:
                 type: object
               phase:
                 type: string
-              podPhase:
-                description: PodPhase is a label for the condition of a pod at the
-                  current time.
-                type: string
               state:
                 description: |-
                   ContainerState holds a possible state of container.
diff --git a/controllers/devbox/deploy/manifests/deploy.yaml.tmpl b/controllers/devbox/deploy/manifests/deploy.yaml.tmpl
index 753ca75c462..92d3b7c6a9d 100644
--- a/controllers/devbox/deploy/manifests/deploy.yaml.tmpl
+++ b/controllers/devbox/deploy/manifests/deploy.yaml.tmpl
@@ -2856,10 +2856,6 @@ spec:
                 type: object
               phase:
                 type: string
-              podPhase:
-                description: PodPhase is a label for the condition of a pod at the
-                  current time.
-                type: string
               state:
                 description: |-
                   ContainerState holds a possible state of container.
@@ -5639,7 +5635,7 @@ metadata:
   name: devbox-controller-manager
   namespace: devbox-system
 spec:
-  replicas: 1
+  replicas: 2
   selector:
     matchLabels:
       control-plane: controller-manager
diff --git a/controllers/devbox/internal/controller/devbox_controller.go b/controllers/devbox/internal/controller/devbox_controller.go
index a9e15005f92..a74fef4893e 100644
--- a/controllers/devbox/internal/controller/devbox_controller.go
+++ b/controllers/devbox/internal/controller/devbox_controller.go
@@ -202,6 +202,17 @@ func (r *DevboxReconciler) syncSecret(ctx context.Context, devbox *devboxv1alpha
 
 func (r *DevboxReconciler) syncPod(ctx context.Context, devbox *devboxv1alpha1.Devbox, recLabels map[string]string) error {
 	logger := log.FromContext(ctx)
+
+	var podList corev1.PodList
+	if err := r.List(ctx, &podList, client.InNamespace(devbox.Namespace), client.MatchingLabels(recLabels)); err != nil {
+		return err
+	}
+	// only one pod is allowed, if more than one pod found, return error
+	if len(podList.Items) > 1 {
+		return fmt.Errorf("more than one pod found")
+	}
+	logger.Info("pod list", "length", len(podList.Items))
+
 	// update devbox status after pod is created or updated
 	defer func() {
 		if err := retry.RetryOnConflict(retry.DefaultRetry, func() error {
@@ -214,6 +225,7 @@ func (r *DevboxReconciler) syncPod(ctx context.Context, devbox *devboxv1alpha1.D
 			// update devbox status with latestDevbox status
 			logger.Info("updating devbox status")
 			logger.Info("merge commit history", "devbox", devbox.Status.CommitHistory, "latestDevbox", latestDevbox.Status.CommitHistory)
+			devbox.Status.Phase = helper.GenerateDevboxPhase(devbox, podList)
 			helper.UpdateDevboxStatus(devbox, latestDevbox)
 			return r.Status().Update(ctx, latestDevbox)
 		}); err != nil {
@@ -225,17 +237,6 @@ func (r *DevboxReconciler) syncPod(ctx context.Context, devbox *devboxv1alpha1.D
 		r.Recorder.Eventf(devbox, corev1.EventTypeNormal, "Sync pod success", "Sync pod success")
 	}()
 
-	var podList corev1.PodList
-	if err := r.List(ctx, &podList, client.InNamespace(devbox.Namespace), client.MatchingLabels(recLabels)); err != nil {
-		return err
-	}
-	// only one pod is allowed, if more than one pod found, return error
-	if len(podList.Items) > 1 {
-		devbox.Status.Phase = devboxv1alpha1.DevboxPhaseError
-		return fmt.Errorf("more than one pod found")
-	}
-	logger.Info("pod list", "length", len(podList.Items))
-
 	switch devbox.Spec.State {
 	case devboxv1alpha1.DevboxStateRunning:
 		runtimecr, err := r.getRuntime(ctx, devbox)
@@ -249,14 +250,11 @@ func (r *DevboxReconciler) syncPod(ctx context.Context, devbox *devboxv1alpha1.D
 		case 0:
 			logger.Info("create pod")
 			logger.Info("next commit history", "commit", nextCommitHistory)
-			devbox.Status.Phase = devboxv1alpha1.DevboxPhasePending
 			return r.createPod(ctx, devbox, expectPod, nextCommitHistory)
 		case 1:
 			pod := &podList.Items[0]
-			devbox.Status.DevboxPodPhase = pod.Status.Phase
 			// check pod container size, if it is 0, it means the pod is not running, return an error
 			if len(pod.Status.ContainerStatuses) == 0 {
-				devbox.Status.Phase = devboxv1alpha1.DevboxPhasePending
 				return fmt.Errorf("pod container size is 0")
 			}
 			devbox.Status.State = pod.Status.ContainerStatuses[0].State
@@ -275,32 +273,26 @@ func (r *DevboxReconciler) syncPod(ctx context.Context, devbox *devboxv1alpha1.D
 				case corev1.PodPending, corev1.PodRunning:
 					// pod is running or pending, do nothing here
 					logger.Info("pod is running or pending")
-					devbox.Status.Phase = devboxv1alpha1.DevboxPhaseRunning
 					// update commit history status by pod status
 					helper.UpdateCommitHistory(devbox, pod, false)
 					return nil
 				case corev1.PodFailed, corev1.PodSucceeded:
 					// pod failed or succeeded, we need delete pod and remove finalizer
-					devbox.Status.Phase = devboxv1alpha1.DevboxPhaseStopped
 					logger.Info("pod failed or succeeded, recreate pod")
 					return r.deletePod(ctx, devbox, pod)
 				}
 			case false:
 				// pod not match expectations, delete pod anyway
 				logger.Info("pod not match expectations, recreate pod")
-				devbox.Status.Phase = devboxv1alpha1.DevboxPhasePending
 				return r.deletePod(ctx, devbox, pod)
 			}
 		}
 	case devboxv1alpha1.DevboxStateStopped:
 		switch len(podList.Items) {
 		case 0:
-			// update devbox status to stopped, no pod found, do nothing
-			devbox.Status.Phase = devboxv1alpha1.DevboxPhaseStopped
 			return nil
 		case 1:
 			pod := &podList.Items[0]
-			devbox.Status.DevboxPodPhase = pod.Status.Phase
 			// update state to empty since devbox is stopped
 			devbox.Status.State = corev1.ContainerState{}
 			// update commit predicated status by pod status, this should be done once find a pod
@@ -309,7 +301,6 @@ func (r *DevboxReconciler) syncPod(ctx context.Context, devbox *devboxv1alpha1.D
 			if !pod.DeletionTimestamp.IsZero() {
 				return r.handlePodDeleted(ctx, devbox, pod)
 			}
-			devbox.Status.Phase = devboxv1alpha1.DevboxPhaseStopped
 			// we need delete pod because devbox state is stopped
 			// we don't care about the pod status, just delete it
 			return r.deletePod(ctx, devbox, pod)
@@ -422,7 +413,6 @@ func (r *DevboxReconciler) createPod(ctx context.Context, devbox *devboxv1alpha1
 	nextCommitHistory.PredicatedStatus = devboxv1alpha1.CommitStatusPending
 	if err := r.Create(ctx, expectPod); err != nil {
 		logger.Error(err, "create pod failed")
-		devbox.Status.Phase = devboxv1alpha1.DevboxPhaseError
 		return err
 	}
 	devbox.Status.CommitHistory = append(devbox.Status.CommitHistory, nextCommitHistory)
@@ -439,7 +429,6 @@ func (r *DevboxReconciler) deletePod(ctx context.Context, devbox *devboxv1alpha1
 	}
 	if err := r.Delete(ctx, pod); err != nil {
 		logger.Error(err, "delete pod failed")
-		devbox.Status.Phase = devboxv1alpha1.DevboxPhaseError
 		return err
 	}
 	// update commit history status because pod has been deleted
diff --git a/controllers/devbox/internal/controller/helper/devbox.go b/controllers/devbox/internal/controller/helper/devbox.go
index 055763ac1cf..7ce9ac497f5 100644
--- a/controllers/devbox/internal/controller/helper/devbox.go
+++ b/controllers/devbox/internal/controller/helper/devbox.go
@@ -76,6 +76,32 @@ func GeneratePodAnnotations(devbox *devboxv1alpha1.Devbox, runtime *devboxv1alph
 	return annotations
 }
 
+func GenerateDevboxPhase(devbox *devboxv1alpha1.Devbox, podList corev1.PodList) devboxv1alpha1.DevboxPhase {
+	if len(podList.Items) > 1 {
+		return devboxv1alpha1.DevboxPhaseError
+	}
+	switch devbox.Spec.State {
+	case devboxv1alpha1.DevboxStateRunning:
+		if len(podList.Items) == 0 {
+			return devboxv1alpha1.DevboxPhasePending
+		}
+		switch podList.Items[0].Status.Phase {
+		case corev1.PodFailed, corev1.PodSucceeded:
+			return devboxv1alpha1.DevboxPhaseStopped
+		case corev1.PodPending:
+			return devboxv1alpha1.DevboxPhasePending
+		case corev1.PodRunning:
+			return devboxv1alpha1.DevboxPhaseRunning
+		}
+	case devboxv1alpha1.DevboxStateStopped:
+		if len(podList.Items) == 0 {
+			return devboxv1alpha1.DevboxPhaseStopped
+		}
+		return devboxv1alpha1.DevboxPhaseStopping
+	}
+	return devboxv1alpha1.DevboxPhaseUnknown
+}
+
 func MergeCommitHistory(devbox *devboxv1alpha1.Devbox, latestDevbox *devboxv1alpha1.Devbox) []*devboxv1alpha1.CommitHistory {
 	res := make([]*devboxv1alpha1.CommitHistory, 0)
 	historyMap := make(map[string]*devboxv1alpha1.CommitHistory)
@@ -127,7 +153,6 @@ func UpdatePredicatedCommitStatus(devbox *devboxv1alpha1.Devbox, pod *corev1.Pod
 // TODO: move this function to devbox types.go
 func UpdateDevboxStatus(current, latest *devboxv1alpha1.Devbox) {
 	latest.Status.Phase = current.Status.Phase
-	latest.Status.DevboxPodPhase = current.Status.DevboxPodPhase
 	latest.Status.State = current.Status.State
 	latest.Status.LastTerminationState = current.Status.LastTerminationState
 	latest.Status.CommitHistory = MergeCommitHistory(current, latest)

From 56ffcb829d61b2d5531fe4bb544e17bbe12032ba Mon Sep 17 00:00:00 2001
From: sealos-release-robot <sealos-release-robot@sealos.io>
Date: Sun, 29 Sep 2024 13:13:37 +0800
Subject: [PATCH 12/63] =?UTF-8?q?=F0=9F=A4=96=20add=20release=20changelog?=
 =?UTF-8?q?=20using=20rebot.=20(#5123)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 CHANGELOG/CHANGELOG-5.0.1-beta2.md | 32 ++++++++++++++++++++++++++++++
 CHANGELOG/CHANGELOG.md             |  1 +
 2 files changed, 33 insertions(+)
 create mode 100644 CHANGELOG/CHANGELOG-5.0.1-beta2.md

diff --git a/CHANGELOG/CHANGELOG-5.0.1-beta2.md b/CHANGELOG/CHANGELOG-5.0.1-beta2.md
new file mode 100644
index 00000000000..1864a514d6d
--- /dev/null
+++ b/CHANGELOG/CHANGELOG-5.0.1-beta2.md
@@ -0,0 +1,32 @@
+Welcome to the v5.0.1-beta2 release of Sealos!🎉🎉!
+
+
+
+## Changelog
+### New Features
+* ebe7f51afe023810fc4e3538f4f2e46007d43002: feat: launchpad support secret userDomains (#5119) (@zjy365)
+### Bug fixes
+* 2fd2f07892660ce4fa0ad0e167082fbeb372d579: fix: cronjob arm64 image (#5113) (@zijiren233)
+* d3ba17bc4925707a32ae999e88019aaf3af23800: fix: node tls reject unauthorized (#5116) (@zijiren233)
+* bc0b5f72006a173f9bcac0e287fd9893efe728af: fix: some ui adjust and bug fix (#5097) (@mlhiter)
+### Other work
+* 8c0c34592369874ce178c956af713dba3c17a9ea: devobx ignore extra ports. (#5112) (@lingdie)
+* 1243fd31e8f2f8828e35f1c47e6e6cd19155ae3e: fix desktop and costcenter configs (#5114) (@xudaotutou)
+* 22d9a138f9a3f4cd04a4eb927639fd008972adff: fix devbox phase generate. (#5120) (@lingdie)
+* b6053c1c2601fafa0752cdaac4501606bd020a20: fix get default property (#5108) (@bxy4543)
+* 7b025ae80d215cd1fe860ed08bc69dc132185be3: fix init user (#5104) (@bxy4543)
+* d21832075623248f831df5f04b7a8962c3c83fb6: fix scripts: init account jwt secret (#5117) (@bxy4543)
+* 3081c5dc1abf65d751de29b52b1febeb3dbbad9a: fix(account-service): fix concurrency issue and add real name info api (#5103) (@HUAHUAI23)
+* 7b0be9352fa422f1abca8f232cd8c864db548f7e: release: sealos v5.0.1 beta2 (#5110) (@lingdie)
+* 7a4b7b91fe63b3b4747fc99d2753c1b7a409fd39: sealos v5.0.1-beta2 (#5071) (@lingdie)
+* 54a3bc28684df2f8427c2ff1cc3969a0dd79c534: style(costcenter): recharge discount (#5111) (@xudaotutou)
+* b78691a56704884d1da0544a2779b8f42b45d3f1: sync resourcequota objectstorage/size status used (#5102) (@nowinkeyy)
+* c80c265fd6838bbf071cefcfa077a4e4d0274fa4: 🤖 add release changelog using rebot. (#5100) (@sealos-release-robot)
+
+**Full Changelog**: https://github.com/labring/sealos/compare/v5.0.1-beta1...v5.0.1-beta2
+
+See [the CHANGELOG](https://github.com/labring/sealos/blob/main/CHANGELOG/CHANGELOG.md) for more details.
+
+Your patronage towards Sealos is greatly appreciated 🎉🎉.
+
+If you encounter any problems during its usage, please create an issue in the [GitHub repository](https://github.com/labring/sealos), we're committed to resolving your problem as soon as possible.
diff --git a/CHANGELOG/CHANGELOG.md b/CHANGELOG/CHANGELOG.md
index eb182bc5957..8460ab33b5d 100644
--- a/CHANGELOG/CHANGELOG.md
+++ b/CHANGELOG/CHANGELOG.md
@@ -2,6 +2,7 @@
 
 All notable changes to this project will be documented in this file.
 
+- [CHANGELOG-5.0.1-beta2.md](./CHANGELOG-5.0.1-beta2.md)
 - [CHANGELOG-5.0.1-beta1.md](./CHANGELOG-5.0.1-beta1.md)
 - [CHANGELOG-5.0.0-beta5.md](./CHANGELOG-5.0.0-beta5.md)
 - [CHANGELOG-5.0.0-beta4.md](./CHANGELOG-5.0.0-beta4.md)

From a9154f858db2b50ce72e1e0a6fc8b15a954d37a0 Mon Sep 17 00:00:00 2001
From: xudaotutou <13435638964@163.com>
Date: Tue, 8 Oct 2024 10:20:41 +0800
Subject: [PATCH 13/63] fix invaild (#5118)

---
 .../desktop/public/locales/en/common.json     |   8 +-
 .../desktop/public/locales/zh/common.json     |   8 +-
 .../account/AccountCenter/AuthModifyList.tsx  |  15 +-
 .../account/AccountCenter/index.tsx           | 111 +++----
 .../src/components/signin/auth/AuthList.tsx   | 296 ++++++++++--------
 .../components/signin/auth/useProtocol.tsx    |   3 +-
 .../desktop/src/components/signin/index.tsx   | 138 ++++----
 .../src/pages/api/auth/email/bind/verify.ts   |  12 +-
 .../api/auth/email/changeBinding/newSms.ts    |  12 +-
 .../api/auth/email/changeBinding/oldSms.ts    |  11 +-
 .../api/auth/email/changeBinding/verifyNew.ts |  16 +-
 .../api/auth/email/changeBinding/verifyOld.ts |  10 +-
 .../src/pages/api/auth/email/unbind/sms.ts    |  10 +-
 .../src/pages/api/auth/email/unbind/verify.ts |  10 +-
 frontend/desktop/src/pages/api/auth/info.ts   |  44 ++-
 .../src/pages/api/auth/phone/bind/sms.ts      |   8 +-
 .../src/pages/api/auth/phone/bind/verify.ts   |  11 +-
 .../api/auth/phone/changeBinding/newSms.ts    |  10 +-
 .../api/auth/phone/changeBinding/oldSms.ts    |  10 +-
 .../api/auth/phone/changeBinding/verifyNew.ts |  12 +-
 .../api/auth/phone/changeBinding/verifyOld.ts |  10 +-
 .../desktop/src/pages/api/auth/phone/sms.ts   |   8 +-
 .../src/pages/api/auth/phone/unbind/sms.ts    |  10 +-
 .../src/pages/api/auth/phone/unbind/verify.ts |   8 +-
 .../src/pages/api/auth/phone/verify.ts        |   8 +-
 .../src/pages/api/platform/getAuthConfig.ts   |  13 +-
 frontend/desktop/src/services/enable.ts       |   3 +-
 frontend/desktop/src/types/system.ts          |  36 ++-
 28 files changed, 485 insertions(+), 366 deletions(-)

diff --git a/frontend/desktop/public/locales/en/common.json b/frontend/desktop/public/locales/en/common.json
index 694d80f1265..7b075e654e6 100644
--- a/frontend/desktop/public/locales/en/common.json
+++ b/frontend/desktop/public/locales/en/common.json
@@ -108,6 +108,10 @@
   "log_in": "Log In",
   "log_out": "Log Out",
   "login_to_your_account": "Login to your account",
+  "login_with_github": "Login with Github",
+  "login_with_google": "Login with Google",
+  "login_with_oauth2": "login with OAuth2.0",
+  "login_with_wechat": "Login with Wechat",
   "manage_team": "Manage Workspace",
   "member_list": "Member List",
   "memory": "Memory",
@@ -191,6 +195,7 @@
   "remaining_time": "Remaining Time: ",
   "remove": "Remove",
   "remove_member_tips": "Determine that you want to remove the member?",
+  "rename": "Rename",
   "scan_with_wechat": "Scan with WeChat",
   "sealos_copilot": "Sealos Copilot",
   "sealos_document": "Sealos Document",
@@ -233,6 +238,5 @@
   "you_can_use_the_kubectl_command_directly_from_the_terminal": "You can use the kubectl command directly from the terminal",
   "you_can_view_fees_through_the_fee_center": "You can view fees through the fee center",
   "you_have_not_purchased_the_license": "You have not purchased the License",
-  "yuan": "Yuan",
-  "rename": "Rename"
+  "yuan": "Yuan"
 }
diff --git a/frontend/desktop/public/locales/zh/common.json b/frontend/desktop/public/locales/zh/common.json
index f1f81e20464..a99e42166be 100644
--- a/frontend/desktop/public/locales/zh/common.json
+++ b/frontend/desktop/public/locales/zh/common.json
@@ -104,6 +104,10 @@
   "log_in": "登录",
   "log_out": "登出",
   "login_to_your_account": "登录您的帐户",
+  "login_with_github": "Github 登录",
+  "login_with_google": "Google 登录",
+  "login_with_oauth2": "OAuth2.0 登录",
+  "login_with_wechat": "Wechat 登录",
   "manage_team": "管理工作空间",
   "member_list": "成员列表",
   "memory": "内存",
@@ -187,6 +191,7 @@
   "remaining_time": "剩余激活时间: ",
   "remove": "移除",
   "remove_member_tips": "确认要移除该成员?",
+  "rename": "重命名",
   "scan_with_wechat": "微信扫码支付",
   "sealos_copilot": "Sealos 小助理",
   "search_apps": "搜索应用",
@@ -226,6 +231,5 @@
   "you_can_use_the_kubectl_command_directly_from_the_terminal": "您可通过终端直接使用 kubectl 命令",
   "you_can_view_fees_through_the_fee_center": "您可通过费用中心查看费用",
   "you_have_not_purchased_the_license": "您还没有购买 License",
-  "yuan": "元",
-  "rename": "重命名"
+  "yuan": "元"
 }
diff --git a/frontend/desktop/src/components/account/AccountCenter/AuthModifyList.tsx b/frontend/desktop/src/components/account/AccountCenter/AuthModifyList.tsx
index 53ba96f03dd..4d0d21927ad 100644
--- a/frontend/desktop/src/components/account/AccountCenter/AuthModifyList.tsx
+++ b/frontend/desktop/src/components/account/AccountCenter/AuthModifyList.tsx
@@ -1,12 +1,12 @@
 import { useConfigStore } from '@/stores/config';
 import useSessionStore, { OauthAction } from '@/stores/session';
 import { OauthProvider } from '@/types/user';
-import { Text, Image, Center } from '@chakra-ui/react';
+import { Center, Image, Text } from '@chakra-ui/react';
 import { useTranslation } from 'next-i18next';
 import router from 'next/router';
 import { useMemo } from 'react';
-import { ConfigItem } from './ConfigItem';
 import { BINDING_STATE_MODIFY_BEHAVIOR, BindingModifyButton } from './BindingModifyButton';
+import { ConfigItem } from './ConfigItem';
 
 export function AuthModifyList({
   isOnlyOne,
@@ -34,17 +34,19 @@ export function AuthModifyList({
       <T extends OauthAction>({
         url,
         provider,
-        clientId
+        clientId,
+        proxyAddress
       }: {
         url: string;
         provider: OauthProvider;
         clientId: string;
+        proxyAddress?: string;
       }) =>
       (action: T) => {
         const state = generateState(action);
         setProvider(provider);
-        if (conf.proxyAddress) {
-          const target = new URL(conf.proxyAddress);
+        if (proxyAddress) {
+          const target = new URL(proxyAddress);
           const callback = new URL(conf.callbackURL);
           target.searchParams.append(
             'oauthProxyState',
@@ -69,6 +71,7 @@ export function AuthModifyList({
           return actionCbGen({
             provider: 'GITHUB',
             clientId: githubConf.clientID,
+            proxyAddress: githubConf?.proxyAddress,
             url: `https://github.com/login/oauth/authorize?client_id=${githubConf?.clientID}&redirect_uri=${conf?.callbackURL}&scope=user:email%20read:user`
           })(action);
         }
@@ -83,6 +86,7 @@ export function AuthModifyList({
           return actionCbGen({
             provider: 'WECHAT',
             clientId: wechatConf.clientID,
+            proxyAddress: wechatConf?.proxyAddress,
             url: `https://open.weixin.qq.com/connect/qrconnect?appid=${wechatConf?.clientID}&redirect_uri=${conf?.callbackURL}&response_type=code&scope=snsapi_login&#wechat_redirect`
           })(action);
         }
@@ -99,6 +103,7 @@ export function AuthModifyList({
           return actionCbGen({
             provider: 'GOOGLE',
             clientId: googleConf.clientID,
+            proxyAddress: googleConf?.proxyAddress,
             url: `https://accounts.google.com/o/oauth2/v2/auth?client_id=${googleConf.clientID}&redirect_uri=${conf.callbackURL}&response_type=code&scope=${scope}&include_granted_scopes=true`
           })(action);
         }
diff --git a/frontend/desktop/src/components/account/AccountCenter/index.tsx b/frontend/desktop/src/components/account/AccountCenter/index.tsx
index fcc86cd3233..81ad850881c 100644
--- a/frontend/desktop/src/components/account/AccountCenter/index.tsx
+++ b/frontend/desktop/src/components/account/AccountCenter/index.tsx
@@ -1,39 +1,39 @@
+import { UserInfo } from '@/api/auth';
+import PasswordModify from '@/components/account/AccountCenter/PasswordModify';
+import { useConfigStore } from '@/stores/config';
+import useSessionStore from '@/stores/session';
+import { ValueOf } from '@/types';
 import {
+  Badge,
+  Center,
   Flex,
-  Text,
+  HStack,
+  IconButton,
+  IconButtonProps,
+  Image,
   Modal,
   ModalBody,
   ModalCloseButton,
   ModalContent,
-  ModalOverlay,
-  useDisclosure,
-  IconButton,
-  IconButtonProps,
   ModalHeader,
+  ModalOverlay,
   Spinner,
-  Image,
-  HStack,
-  VStack,
-  Center,
-  Badge
+  Text,
+  useDisclosure,
+  VStack
 } from '@chakra-ui/react';
-import { useMemo, useState } from 'react';
+import { CloseIcon, LeftArrowIcon, SettingIcon } from '@sealos/ui';
 import { useQuery } from '@tanstack/react-query';
-import useSessionStore from '@/stores/session';
 import { useTranslation } from 'next-i18next';
-import { SettingIcon, LeftArrowIcon, CloseIcon } from '@sealos/ui';
-import { UserInfo } from '@/api/auth';
-import PasswordModify from '@/components/account/AccountCenter/PasswordModify';
-import { PhoneBind, EmailBind } from './SmsModify/SmsBind';
-import { PhoneUnBind, EmailUnBind } from './SmsModify/SmsUnbind';
-import { PhoneChange, EmailChange } from './SmsModify/SmsChange';
-import { BindingModifyButton, BINDING_STATE_MODIFY_BEHAVIOR } from './BindingModifyButton';
-import { ConfigItem } from './ConfigItem';
+import { useMemo, useState } from 'react';
+import { RealNameAuthForm } from '../RealNameModal';
 import { AuthModifyList } from './AuthModifyList';
+import { BINDING_STATE_MODIFY_BEHAVIOR, BindingModifyButton } from './BindingModifyButton';
+import { ConfigItem } from './ConfigItem';
 import DeleteAccount from './DeleteAccountModal';
-import { ValueOf } from '@/types';
-import { RealNameAuthForm } from '../RealNameModal';
-import { useConfigStore } from '@/stores/config';
+import { EmailBind, PhoneBind } from './SmsModify/SmsBind';
+import { EmailChange, PhoneChange } from './SmsModify/SmsChange';
+import { EmailUnBind, PhoneUnBind } from './SmsModify/SmsUnbind';
 enum _PageState {
   INDEX = 0
   // WECHAT_BIND,
@@ -68,6 +68,7 @@ const PageState = Object.assign(
 export default function Index(props: Omit<IconButtonProps, 'aria-label'>) {
   const { commonConfig } = useConfigStore();
   const { session } = useSessionStore((s) => s);
+  const conf = useConfigStore();
   const { t } = useTranslation();
   const logo = '/images/default-user.svg';
   const { isOpen, onOpen, onClose } = useDisclosure();
@@ -236,7 +237,7 @@ export default function Index(props: Omit<IconButtonProps, 'aria-label'>) {
                       }
                     />
                   )}
-                  {providerState.PASSWORD.isBinding && (
+                  {conf.authConfig?.idp.password.enabled && providerState.PASSWORD.isBinding && (
                     <ConfigItem
                       LeftElement={<Text>{t('common:password')}</Text>}
                       RightElement={
@@ -252,40 +253,42 @@ export default function Index(props: Omit<IconButtonProps, 'aria-label'>) {
                       }
                     />
                   )}
-                  <ConfigItem
-                    LeftElement={<Text>{t('common:phone')}</Text>}
-                    RightElement={
-                      <>
-                        <Text>
-                          {providerState.PHONE.isBinding
-                            ? providerState.PHONE.id.replace(/(\d{3})\d+(\d{4})/, '$1****$2')
-                            : t('common:unbound')}
-                        </Text>
-                        <Flex gap={'5px'}>
-                          <BindingModifyButton
-                            modifyBehavior={
-                              providerState.PHONE.isBinding
-                                ? BINDING_STATE_MODIFY_BEHAVIOR.CHANGE_BINDING
-                                : BINDING_STATE_MODIFY_BEHAVIOR.BINDING
-                            }
-                            onClick={() => {
-                              providerState.PHONE.isBinding
-                                ? setPageState(PageState.PHONE_CHANGE_BIND)
-                                : setPageState(PageState.PHONE_BIND);
-                            }}
-                          />
-                          {providerState.PHONE.isBinding && providerState.total > 1 && (
+                  {conf.authConfig?.idp.sms.enabled && (
+                    <ConfigItem
+                      LeftElement={<Text>{t('common:phone')}</Text>}
+                      RightElement={
+                        <>
+                          <Text>
+                            {providerState.PHONE.isBinding
+                              ? providerState.PHONE.id.replace(/(\d{3})\d+(\d{4})/, '$1****$2')
+                              : t('common:unbound')}
+                          </Text>
+                          <Flex gap={'5px'}>
                             <BindingModifyButton
-                              modifyBehavior={BINDING_STATE_MODIFY_BEHAVIOR.UNBINDING}
+                              modifyBehavior={
+                                providerState.PHONE.isBinding
+                                  ? BINDING_STATE_MODIFY_BEHAVIOR.CHANGE_BINDING
+                                  : BINDING_STATE_MODIFY_BEHAVIOR.BINDING
+                              }
                               onClick={() => {
-                                setPageState(PageState.PHONE_UNBIND);
+                                providerState.PHONE.isBinding
+                                  ? setPageState(PageState.PHONE_CHANGE_BIND)
+                                  : setPageState(PageState.PHONE_BIND);
                               }}
                             />
-                          )}
-                        </Flex>
-                      </>
-                    }
-                  />
+                            {providerState.PHONE.isBinding && providerState.total > 1 && (
+                              <BindingModifyButton
+                                modifyBehavior={BINDING_STATE_MODIFY_BEHAVIOR.UNBINDING}
+                                onClick={() => {
+                                  setPageState(PageState.PHONE_UNBIND);
+                                }}
+                              />
+                            )}
+                          </Flex>
+                        </>
+                      }
+                    />
+                  )}
                   <ConfigItem
                     LeftElement={<Text>{t('common:email')}</Text>}
                     RightElement={
diff --git a/frontend/desktop/src/components/signin/auth/AuthList.tsx b/frontend/desktop/src/components/signin/auth/AuthList.tsx
index 6f9b7edb746..d353af996da 100644
--- a/frontend/desktop/src/components/signin/auth/AuthList.tsx
+++ b/frontend/desktop/src/components/signin/auth/AuthList.tsx
@@ -1,152 +1,204 @@
 import { useConfigStore } from '@/stores/config';
 import useSessionStore from '@/stores/session';
 import { OauthProvider } from '@/types/user';
-import { Button, Image, Flex, Icon, Center } from '@chakra-ui/react';
+import { Button, Center, Flex, FlexProps, Icon, Image, Text } from '@chakra-ui/react';
 import { GithubIcon, GoogleIcon, WechatIcon } from '@sealos/ui';
+import { useTranslation } from 'next-i18next';
 import { useRouter } from 'next/router';
 import { MouseEventHandler, useMemo } from 'react';
-const AuthList = () => {
+const AuthList = ({
+  zeroTab = false,
+  isAgreeCb,
+  ...props
+}: { zeroTab?: boolean; isAgreeCb: () => boolean } & FlexProps) => {
   const conf = useConfigStore().authConfig;
+  const { t } = useTranslation(['common']);
 
   const router = useRouter();
 
   const logo = useConfigStore().layoutConfig?.logo;
 
   const { generateState, setProvider } = useSessionStore();
-  const authList: { icon: typeof Icon; cb: MouseEventHandler; need: boolean }[] = useMemo(() => {
-    if (!conf) return [];
-    const oauthLogin = async ({ url, provider }: { url: string; provider?: OauthProvider }) => {
-      setProvider(provider);
-      window.location.href = url;
-    };
-    const oauthProxyLogin = async ({
-      state,
-      provider,
-      id
-    }: {
-      state: string;
-      provider: OauthProvider;
-      id: string;
-    }) => {
-      // if(!conf) return
-      setProvider(provider);
-      const target = new URL(conf.proxyAddress);
-      const callback = new URL(conf.callbackURL);
-      target.searchParams.append(
-        'oauthProxyState',
-        encodeURIComponent(callback.toString()) + '_' + state
-      );
-      target.searchParams.append('oauthProxyClientID', id);
-      target.searchParams.append('oauthProxyProvider', provider);
-      router.replace(target.toString());
-    };
-    return [
-      {
-        icon: GithubIcon,
-        cb: (e) => {
-          e.preventDefault();
-          const state = generateState();
-          const githubConf = conf?.idp.github;
-          if (conf?.proxyAddress)
-            oauthProxyLogin({
-              provider: 'GITHUB',
-              state,
-              id: githubConf?.clientID as string
-            });
-          else
-            oauthLogin({
-              provider: 'GITHUB',
-              url: `https://github.com/login/oauth/authorize?client_id=${githubConf?.clientID}&redirect_uri=${conf?.callbackURL}&scope=user:email%20read:user&state=${state}`
-            });
+  const authList: { icon: typeof Icon; cb: MouseEventHandler; need: boolean; text: string }[] =
+    useMemo(() => {
+      if (!conf) return [];
+      const oauthLogin = async ({ url, provider }: { url: string; provider?: OauthProvider }) => {
+        setProvider(provider);
+        window.location.href = url;
+      };
+      const oauthProxyLogin = async ({
+        state,
+        provider,
+        proxyAddress,
+        id
+      }: {
+        state: string;
+        proxyAddress: string;
+        provider: OauthProvider;
+        id: string;
+      }) => {
+        // if(!conf) return
+        setProvider(provider);
+        const target = new URL(proxyAddress);
+        const callback = new URL(conf.callbackURL);
+        target.searchParams.append(
+          'oauthProxyState',
+          encodeURIComponent(callback.toString()) + '_' + state
+        );
+        target.searchParams.append('oauthProxyClientID', id);
+        target.searchParams.append('oauthProxyProvider', provider);
+        router.replace(target.toString());
+      };
+      return [
+        {
+          icon: GithubIcon,
+          cb: (e) => {
+            e.preventDefault();
+            if (!isAgreeCb()) return;
+            const state = generateState();
+            const githubConf = conf?.idp.github;
+            if (githubConf.proxyAddress)
+              oauthProxyLogin({
+                provider: 'GITHUB',
+                state,
+                proxyAddress: githubConf.proxyAddress,
+                id: githubConf?.clientID as string
+              });
+            else
+              oauthLogin({
+                provider: 'GITHUB',
+                url: `https://github.com/login/oauth/authorize?client_id=${githubConf?.clientID}&redirect_uri=${conf?.callbackURL}&scope=user:email%20read:user&state=${state}`
+              });
+          },
+          text: t('login_with_github'),
+          need: conf.idp.github.enabled
         },
-        need: conf.idp.github.enabled
-      },
-      {
-        icon: WechatIcon,
-        cb: (e) => {
-          const wechatConf = conf?.idp.wechat;
-          e.preventDefault();
-          const state = generateState();
-          if (conf.proxyAddress)
-            oauthProxyLogin({
-              provider: 'WECHAT',
-              state,
-              id: conf.idp.wechat?.clientID
-            });
-          else
-            oauthLogin({
-              provider: 'WECHAT',
-              url: `https://open.weixin.qq.com/connect/qrconnect?appid=${wechatConf?.clientID}&redirect_uri=${conf?.callbackURL}&response_type=code&state=${state}&scope=snsapi_login&#wechat_redirect`
-            });
+        {
+          icon: WechatIcon,
+          cb: (e) => {
+            if (!isAgreeCb()) return;
+            const wechatConf = conf?.idp.wechat;
+            e.preventDefault();
+            const state = generateState();
+            if (wechatConf.proxyAddress)
+              oauthProxyLogin({
+                provider: 'WECHAT',
+                state,
+                proxyAddress: wechatConf.proxyAddress,
+                id: conf.idp.wechat?.clientID
+              });
+            else
+              oauthLogin({
+                provider: 'WECHAT',
+                url: `https://open.weixin.qq.com/connect/qrconnect?appid=${wechatConf?.clientID}&redirect_uri=${conf?.callbackURL}&response_type=code&state=${state}&scope=snsapi_login&#wechat_redirect`
+              });
+          },
+          text: t('login_with_wechat'),
+          need: conf?.idp.wechat?.enabled as boolean
         },
-        need: conf?.idp.wechat?.enabled as boolean
-      },
-      {
-        icon: GoogleIcon,
-        cb: (e) => {
-          e.preventDefault();
-          const state = generateState();
-          const googleConf = conf?.idp.google;
-          const scope = encodeURIComponent(
-            `https://www.googleapis.com/auth/userinfo.profile openid`
-          );
-          if (conf.proxyAddress)
-            oauthProxyLogin({
-              state,
-              provider: 'GOOGLE',
-              id: googleConf.clientID
-            });
-          else
-            oauthLogin({
-              provider: 'GOOGLE',
-              url: `https://accounts.google.com/o/oauth2/v2/auth?client_id=${googleConf.clientID}&redirect_uri=${conf.callbackURL}&response_type=code&state=${state}&scope=${scope}&include_granted_scopes=true`
-            });
+        {
+          icon: GoogleIcon,
+          cb: (e) => {
+            e.preventDefault();
+            if (!isAgreeCb()) return;
+            const state = generateState();
+            const googleConf = conf?.idp.google;
+            const scope = encodeURIComponent(
+              `https://www.googleapis.com/auth/userinfo.profile openid`
+            );
+            if (googleConf.proxyAddress)
+              oauthProxyLogin({
+                state,
+                provider: 'GOOGLE',
+                proxyAddress: googleConf.proxyAddress,
+                id: googleConf.clientID
+              });
+            else
+              oauthLogin({
+                provider: 'GOOGLE',
+                url: `https://accounts.google.com/o/oauth2/v2/auth?client_id=${googleConf.clientID}&redirect_uri=${conf.callbackURL}&response_type=code&state=${state}&scope=${scope}&include_granted_scopes=true`
+              });
+          },
+          text: t('login_with_google'),
+          need: conf.idp.google.enabled as boolean
         },
-        need: conf.idp.google.enabled as boolean
-      },
-      {
-        icon: () => (
-          <Center>
-            <Image alt="logo" width={'20px'} src={logo || '/logo.svg'}></Image>
-          </Center>
-        ),
-        cb: (e) => {
-          e.preventDefault();
-          const state = generateState();
-          const oauth2Conf = conf?.idp.oauth2;
-          if (conf.proxyAddress)
-            oauthProxyLogin({
-              provider: 'OAUTH2',
-              state,
-              id: oauth2Conf.clientID as string
-            });
-          else
-            oauthLogin({
-              provider: 'OAUTH2',
-              url: `${oauth2Conf?.authURL}?client_id=${oauth2Conf.clientID}&redirect_uri=${oauth2Conf.callbackURL}&response_type=code&state=${state}`
-            });
-        },
-        need: conf.idp.oauth2?.enabled as boolean
-      }
-    ];
-  }, [conf, logo, router]);
+        {
+          icon: () => (
+            <Center>
+              <Image alt="logo" width={'20px'} src={logo || '/logo.svg'}></Image>
+            </Center>
+          ),
+          cb: (e) => {
+            e.preventDefault();
+            const state = generateState();
+            const oauth2Conf = conf?.idp.oauth2;
+            if (oauth2Conf.proxyAddress)
+              oauthProxyLogin({
+                provider: 'OAUTH2',
+                state,
+                proxyAddress: oauth2Conf.proxyAddress,
+                id: oauth2Conf.clientID as string
+              });
+            else
+              oauthLogin({
+                provider: 'OAUTH2',
+                url: `${oauth2Conf?.authURL}?client_id=${oauth2Conf.clientID}&redirect_uri=${oauth2Conf.callbackURL}&response_type=code&state=${state}`
+              });
+          },
+          text: t('login_with_oauth2'),
+          need: conf.idp.oauth2?.enabled as boolean
+        }
+      ];
+    }, [conf, logo, router, isAgreeCb]);
 
   return (
-    <Flex gap={'14px'}>
+    <Flex
+      {...(zeroTab
+        ? {
+            gap: '16px',
+            flexDirection: 'column'
+          }
+        : {
+            gap: '14px'
+          })}
+      {...props}
+    >
       {authList
         .filter((item) => item.need)
         .map((item, index) => (
           <Button
             key={index}
             onClick={item.cb}
-            borderRadius={'full'}
+            {...(zeroTab
+              ? {
+                  h: '40px',
+                  w: '300px',
+                  gap: '10px',
+                  boxShadow: '0px 0px 1px 0px #13336B14; 0px 1px 2px 0px #13336B0D;',
+                  display: 'flex',
+                  bgColor: '#FFFFFFA6',
+                  borderRadius: '8px',
+                  justifyContent: 'center',
+                  alignItems: 'center',
+                  _hover: {
+                    bgColor: '#FFFFFF80'
+                  }
+                }
+              : {
+                  w: '32px',
+                  h: '32px',
+                  bgColor: 'rgba(255, 255, 255, 0.65)',
+                  borderRadius: 'full'
+                })}
             variant={'unstyled'}
             size={'xs'}
-            w="32px"
-            h="32px"
-            bgColor={'rgba(255, 255, 255, 0.65)'}
           >
-            <item.icon w="20px" h="20px" />
+            <item.icon boxSize="20px" />
+            {zeroTab && (
+              <Text fontWeight={500} fontSize={'14px'} color={'grayModern.900'}>
+                {item.text}
+              </Text>
+            )}
           </Button>
         ))}
     </Flex>
diff --git a/frontend/desktop/src/components/signin/auth/useProtocol.tsx b/frontend/desktop/src/components/signin/auth/useProtocol.tsx
index c381ee8cfdd..e8ba66c3e5b 100644
--- a/frontend/desktop/src/components/signin/auth/useProtocol.tsx
+++ b/frontend/desktop/src/components/signin/auth/useProtocol.tsx
@@ -1,4 +1,4 @@
-import { Checkbox, Flex, Link, Text, TextProps } from '@chakra-ui/react';
+import { Checkbox, Flex, Link, Text } from '@chakra-ui/react';
 import { useTranslation } from 'next-i18next';
 import { useState } from 'react';
 
@@ -12,7 +12,6 @@ const useProtocol = ({
   const { t, i18n } = useTranslation();
   const [isAgree, setIsAgree] = useState(false);
   const [isInvalid, setIsInvalid] = useState(false);
-
   const Protocol = () => (
     <Flex
       className="protocol"
diff --git a/frontend/desktop/src/components/signin/index.tsx b/frontend/desktop/src/components/signin/index.tsx
index bbf3d104c75..0b20f613347 100644
--- a/frontend/desktop/src/components/signin/index.tsx
+++ b/frontend/desktop/src/components/signin/index.tsx
@@ -18,6 +18,7 @@ import {
   Text,
   useDisclosure
 } from '@chakra-ui/react';
+import { Turnstile, TurnstileInstance } from '@marsidev/react-turnstile';
 import { useQueryClient } from '@tanstack/react-query';
 import { debounce } from 'lodash';
 import { useTranslation } from 'next-i18next';
@@ -25,15 +26,16 @@ import Head from 'next/head';
 import { useRouter } from 'next/router';
 import { useEffect, useMemo, useRef, useState } from 'react';
 import useWechat from './auth/useWechat';
-import { Turnstile, TurnstileInstance } from '@marsidev/react-turnstile';
-import { getBaiduId } from '@/utils/sessionConfig';
 
 export default function SigninComponent() {
   const conf = useConfigStore();
   const hasBaiduToken = conf.authConfig?.hasBaiduToken;
   const needPassword = conf.authConfig?.idp.password?.enabled;
   const needSms = conf.authConfig?.idp.sms?.enabled;
-  const needTabs = conf.authConfig?.idp.password?.enabled && conf.authConfig?.idp.sms?.enabled;
+  const needTabsCount =
+    0 +
+    (conf.authConfig?.idp.password?.enabled ? 1 : 0) +
+    (conf.authConfig?.idp.sms?.enabled ? 1 : 0);
   const disclosure = useDisclosure();
   const { t, i18n } = useTranslation();
   const [tabIndex, setTabIndex] = useState<LoginType>(LoginType.NONE);
@@ -119,15 +121,19 @@ export default function SigninComponent() {
     [loginConfig, tabIndex]
   );
 
-  const handleLogin = debounce(() => {
-    const selectedConfig = loginConfig[tabIndex];
-    if (isAgree && selectedConfig) {
-      const { login } = selectedConfig;
-      login();
+  const isAgreeCb = () => {
+    if (isAgree) {
+      return true;
     } else {
       setIsInvalid(true);
       showError(t('common:read_and_agree'));
+      return false;
     }
+  };
+  const handleLogin = debounce(() => {
+    const selectedConfig = loginConfig[tabIndex];
+    if (!isAgreeCb() || !selectedConfig) return;
+    selectedConfig.login();
   }, 500);
   return (
     <Box
@@ -143,17 +149,20 @@ export default function SigninComponent() {
         <title>{conf.layoutConfig?.meta.title || ''}</title>
         <meta name="description" content={conf.layoutConfig?.meta.description} />
       </Head>
+
       <Flex h="full" w="full" flexDir={'column'} justifyContent={'center'} alignItems={'center'}>
-        <Box mb="36px">
-          <Text
-            color={'#FFF'}
-            fontSize={'44px'}
-            fontWeight={700}
-            textShadow={'0px 2px 6px rgba(0, 0, 0, 0.30)'}
-          >
-            {conf.layoutConfig?.title}
-          </Text>
-        </Box>
+        {needTabsCount > 0 && (
+          <Box mb="36px">
+            <Text
+              color={'#FFF'}
+              fontSize={'44px'}
+              fontWeight={700}
+              textShadow={'0px 2px 6px rgba(0, 0, 0, 0.30)'}
+            >
+              {conf.layoutConfig?.title}
+            </Text>
+          </Box>
+        )}
         <Flex
           p="30px 48px"
           boxShadow="0px 15px 20px rgba(0, 0, 0, 0.2)"
@@ -166,7 +175,7 @@ export default function SigninComponent() {
         >
           <ErrorComponent />
 
-          {pageState === 0 && needTabs && (
+          {pageState === 0 && needTabsCount > 1 && (
             <Tabs
               index={tabIndex}
               onChange={(idx) => {
@@ -205,45 +214,60 @@ export default function SigninComponent() {
           )}
 
           {LoginComponent}
-
-          {tabIndex !== LoginType.WeChat && (
-            <>
-              <Protocol />
-              {!!conf.commonConfig?.cfSiteKey && (
-                <Turnstile
-                  options={{
-                    size: 'invisible'
+          {/* footer */}
+          {tabIndex !== LoginType.WeChat &&
+            (needTabsCount > 0 ? (
+              <>
+                <Protocol />
+                {!!conf.commonConfig?.cfSiteKey && (
+                  <Turnstile
+                    options={{
+                      size: 'invisible'
+                    }}
+                    ref={turnstileRef}
+                    siteKey={conf.commonConfig?.cfSiteKey}
+                  />
+                )}
+                <Button
+                  variant={'unstyled'}
+                  background="linear-gradient(90deg, #000000 0%, rgba(36, 40, 44, 0.9) 98.29%)"
+                  boxShadow="0px 4px 4px rgba(0, 0, 0, 0.25)"
+                  color="#fff"
+                  display={'flex'}
+                  justifyContent={'center'}
+                  alignItems={'center'}
+                  type="submit"
+                  _hover={{
+                    opacity: '0.85'
                   }}
-                  ref={turnstileRef}
-                  siteKey={conf.commonConfig?.cfSiteKey}
-                />
-              )}
-              <Button
-                variant={'unstyled'}
-                background="linear-gradient(90deg, #000000 0%, rgba(36, 40, 44, 0.9) 98.29%)"
-                boxShadow="0px 4px 4px rgba(0, 0, 0, 0.25)"
-                color="#fff"
-                display={'flex'}
-                justifyContent={'center'}
-                alignItems={'center'}
-                type="submit"
-                _hover={{
-                  opacity: '0.85'
-                }}
-                width="266px"
-                minH="42px"
-                mb="14px"
-                borderRadius="4px"
-                p="10px"
-                onClick={handleLogin}
-              >
-                {isLoading
-                  ? (t('common:loading') || 'Loading') + '...'
-                  : t('common:log_in') || 'Log In'}
-              </Button>
-              <AuthList />
-            </>
-          )}
+                  width="266px"
+                  minH="42px"
+                  mb="14px"
+                  borderRadius="4px"
+                  p="10px"
+                  onClick={handleLogin}
+                >
+                  {isLoading
+                    ? (t('common:loading') || 'Loading') + '...'
+                    : t('common:log_in') || 'Log In'}
+                </Button>
+                <AuthList isAgreeCb={isAgreeCb} />
+              </>
+            ) : (
+              <>
+                <Text
+                  color={'#FFF'}
+                  fontSize={'36px'}
+                  fontWeight={700}
+                  mb={'24px'}
+                  textShadow={'0px 2px 6px rgba(0, 0, 0, 0.30)'}
+                >
+                  {conf.layoutConfig?.title}
+                </Text>
+                <AuthList zeroTab isAgreeCb={isAgreeCb} />
+                <Protocol />
+              </>
+            ))}
         </Flex>
       </Flex>
       <Language disclosure={disclosure} i18n={i18n} />
diff --git a/frontend/desktop/src/pages/api/auth/email/bind/verify.ts b/frontend/desktop/src/pages/api/auth/email/bind/verify.ts
index 9c1f568d09c..5c10e97502f 100644
--- a/frontend/desktop/src/pages/api/auth/email/bind/verify.ts
+++ b/frontend/desktop/src/pages/api/auth/email/bind/verify.ts
@@ -1,13 +1,13 @@
-import { NextApiRequest, NextApiResponse } from 'next';
-import { enableSms } from '@/services/enable';
-import { verifyEmailCodeGuard, filterEmailVerifyParams } from '@/services/backend/middleware/sms';
 import { filterAccessToken } from '@/services/backend/middleware/access';
-import { bindEmailSvc, bindPhoneSvc } from '@/services/backend/svc/bindProvider';
 import { ErrorHandler } from '@/services/backend/middleware/error';
-import { bindEmailGuard, bindPhoneGuard } from '@/services/backend/middleware/oauth';
+import { bindEmailGuard } from '@/services/backend/middleware/oauth';
+import { filterEmailVerifyParams, verifyEmailCodeGuard } from '@/services/backend/middleware/sms';
+import { bindEmailSvc } from '@/services/backend/svc/bindProvider';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterAccessToken(
diff --git a/frontend/desktop/src/pages/api/auth/email/changeBinding/newSms.ts b/frontend/desktop/src/pages/api/auth/email/changeBinding/newSms.ts
index faf1647b9e6..0413e4c4e73 100644
--- a/frontend/desktop/src/pages/api/auth/email/changeBinding/newSms.ts
+++ b/frontend/desktop/src/pages/api/auth/email/changeBinding/newSms.ts
@@ -1,17 +1,15 @@
-import { NextApiRequest, NextApiResponse } from 'next';
-import { enableSms } from '@/services/enable';
 import { filterAccessToken } from '@/services/backend/middleware/access';
+import { ErrorHandler } from '@/services/backend/middleware/error';
 import {
-  verifyCodeUidGuard,
-  filterEmailParams,
-  sendEmailCodeGuard,
   filterCodeUid,
+  filterEmailParams,
   sendNewEmailCodeGuard
 } from '@/services/backend/middleware/sms';
 import { sendEmailCodeSvc } from '@/services/backend/svc/sms';
-import { ErrorHandler } from '@/services/backend/middleware/error';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterAccessToken(req, res, ({ userUid }) =>
diff --git a/frontend/desktop/src/pages/api/auth/email/changeBinding/oldSms.ts b/frontend/desktop/src/pages/api/auth/email/changeBinding/oldSms.ts
index 08958e261ee..d9c3dc24ddf 100644
--- a/frontend/desktop/src/pages/api/auth/email/changeBinding/oldSms.ts
+++ b/frontend/desktop/src/pages/api/auth/email/changeBinding/oldSms.ts
@@ -1,13 +1,12 @@
-import { NextApiRequest, NextApiResponse } from 'next';
-import { jsonRes } from '@/services/backend/response';
-import { enableSms } from '@/services/enable';
 import { filterAccessToken } from '@/services/backend/middleware/access';
-import { sendEmailCodeGuard, filterEmailParams } from '@/services/backend/middleware/sms';
-import { sendEmailCodeSvc } from '@/services/backend/svc/sms';
 import { ErrorHandler } from '@/services/backend/middleware/error';
 import { unbindEmailGuard } from '@/services/backend/middleware/oauth';
+import { filterEmailParams, sendEmailCodeGuard } from '@/services/backend/middleware/sms';
+import { sendEmailCodeSvc } from '@/services/backend/svc/sms';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterAccessToken(req, res, ({ userUid }) =>
diff --git a/frontend/desktop/src/pages/api/auth/email/changeBinding/verifyNew.ts b/frontend/desktop/src/pages/api/auth/email/changeBinding/verifyNew.ts
index b9e6c7d7356..b39eeba9cc5 100644
--- a/frontend/desktop/src/pages/api/auth/email/changeBinding/verifyNew.ts
+++ b/frontend/desktop/src/pages/api/auth/email/changeBinding/verifyNew.ts
@@ -1,18 +1,18 @@
-import { NextApiRequest, NextApiResponse } from 'next';
-import { enableSms } from '@/services/enable';
 import { filterAccessToken } from '@/services/backend/middleware/access';
+import { ErrorHandler } from '@/services/backend/middleware/error';
+import { bindEmailGuard, unbindEmailGuard } from '@/services/backend/middleware/oauth';
 import {
-  verifyCodeUidGuard,
-  verifyEmailCodeGuard,
+  filterCodeUid,
   filterEmailVerifyParams,
-  filterCodeUid
+  verifyCodeUidGuard,
+  verifyEmailCodeGuard
 } from '@/services/backend/middleware/sms';
 import { changeEmailBindingSvc } from '@/services/backend/svc/bindProvider';
-import { ErrorHandler } from '@/services/backend/middleware/error';
-import { bindEmailGuard, unbindEmailGuard } from '@/services/backend/middleware/oauth';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterAccessToken(req, res, ({ userUid }) =>
diff --git a/frontend/desktop/src/pages/api/auth/email/changeBinding/verifyOld.ts b/frontend/desktop/src/pages/api/auth/email/changeBinding/verifyOld.ts
index cb3adc68db8..0a27b76d207 100644
--- a/frontend/desktop/src/pages/api/auth/email/changeBinding/verifyOld.ts
+++ b/frontend/desktop/src/pages/api/auth/email/changeBinding/verifyOld.ts
@@ -1,13 +1,13 @@
-import { NextApiRequest, NextApiResponse } from 'next';
-import { jsonRes } from '@/services/backend/response';
-import { enableSms } from '@/services/enable';
 import { filterAccessToken } from '@/services/backend/middleware/access';
-import { filterEmailVerifyParams, verifyEmailCodeGuard } from '@/services/backend/middleware/sms';
 import { ErrorHandler } from '@/services/backend/middleware/error';
 import { unbindEmailGuard } from '@/services/backend/middleware/oauth';
+import { filterEmailVerifyParams, verifyEmailCodeGuard } from '@/services/backend/middleware/sms';
+import { jsonRes } from '@/services/backend/response';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterAccessToken(
diff --git a/frontend/desktop/src/pages/api/auth/email/unbind/sms.ts b/frontend/desktop/src/pages/api/auth/email/unbind/sms.ts
index 7c04a5f4bcd..dd7650de720 100644
--- a/frontend/desktop/src/pages/api/auth/email/unbind/sms.ts
+++ b/frontend/desktop/src/pages/api/auth/email/unbind/sms.ts
@@ -1,13 +1,13 @@
-import { NextApiRequest, NextApiResponse } from 'next';
 import { filterAccessToken } from '@/services/backend/middleware/access';
-import { sendEmailCodeGuard, filterEmailParams, filterCf } from '@/services/backend/middleware/sms';
-import { enableSms } from '@/services/enable';
-import { sendEmailCodeSvc } from '@/services/backend/svc/sms';
 import { ErrorHandler } from '@/services/backend/middleware/error';
 import { unbindEmailGuard } from '@/services/backend/middleware/oauth';
+import { filterCf, filterEmailParams, sendEmailCodeGuard } from '@/services/backend/middleware/sms';
+import { sendEmailCodeSvc } from '@/services/backend/svc/sms';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterAccessToken(req, res, ({ userUid }) =>
diff --git a/frontend/desktop/src/pages/api/auth/email/unbind/verify.ts b/frontend/desktop/src/pages/api/auth/email/unbind/verify.ts
index aef6f20822a..3ded4697279 100644
--- a/frontend/desktop/src/pages/api/auth/email/unbind/verify.ts
+++ b/frontend/desktop/src/pages/api/auth/email/unbind/verify.ts
@@ -1,12 +1,12 @@
-import { NextApiRequest, NextApiResponse } from 'next';
-import { enableSms } from '@/services/enable';
 import { filterAccessToken } from '@/services/backend/middleware/access';
-import { verifyEmailCodeGuard, filterEmailVerifyParams } from '@/services/backend/middleware/sms';
-import { unbindEmailSvc } from '@/services/backend/svc/bindProvider';
 import { ErrorHandler } from '@/services/backend/middleware/error';
+import { filterEmailVerifyParams, verifyEmailCodeGuard } from '@/services/backend/middleware/sms';
+import { unbindEmailSvc } from '@/services/backend/svc/bindProvider';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterAccessToken(req, res, ({ userUid }) =>
diff --git a/frontend/desktop/src/pages/api/auth/info.ts b/frontend/desktop/src/pages/api/auth/info.ts
index 634af869c80..afbb84b5d82 100644
--- a/frontend/desktop/src/pages/api/auth/info.ts
+++ b/frontend/desktop/src/pages/api/auth/info.ts
@@ -1,8 +1,15 @@
-import { NextApiRequest, NextApiResponse } from 'next';
-import { jsonRes } from '@/services/backend/response';
+import { verifyAccessToken } from '@/services/backend/auth';
 import { globalPrisma, prisma } from '@/services/backend/db/init';
+import { jsonRes } from '@/services/backend/response';
+import {
+  enableEmailSms,
+  enableGithub,
+  enableGoogle,
+  enablePassword,
+  enablePhoneSms
+} from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 import { ProviderType } from 'prisma/global/generated/client';
-import { verifyAccessToken } from '@/services/backend/auth';
 
 export default async function handler(req: NextApiRequest, res: NextApiResponse) {
   try {
@@ -62,14 +69,29 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
       userRestrictedLevel?: number;
     } = {
       ...globalData,
-      oauthProvider: globalData.oauthProvider.map((o) => ({
-        providerType: o.providerType,
-        providerId: (
-          [ProviderType.PHONE, ProviderType.PASSWORD, ProviderType.EMAIL] as ProviderType[]
-        ).includes(o.providerType)
-          ? o.providerId
-          : ''
-      }))
+      oauthProvider: globalData.oauthProvider
+        .filter((o) => {
+          if (o.providerType === ProviderType.GOOGLE) {
+            return enableGoogle();
+          } else if (o.providerType === ProviderType.GITHUB) {
+            return enableGithub();
+          } else if (o.providerType === ProviderType.PHONE) {
+            return enablePhoneSms();
+          } else if (o.providerType === ProviderType.EMAIL) {
+            return enableEmailSms();
+          } else if (o.providerType === ProviderType.PASSWORD) {
+            return enablePassword();
+          }
+          return true;
+        })
+        .map((o) => ({
+          providerType: o.providerType,
+          providerId: (
+            [ProviderType.PHONE, ProviderType.PASSWORD, ProviderType.EMAIL] as ProviderType[]
+          ).includes(o.providerType)
+            ? o.providerId
+            : ''
+        }))
     };
 
     if (realNameInfo && realNameInfo.isVerified) {
diff --git a/frontend/desktop/src/pages/api/auth/phone/bind/sms.ts b/frontend/desktop/src/pages/api/auth/phone/bind/sms.ts
index 04b4dfe2f33..d632cc130ac 100644
--- a/frontend/desktop/src/pages/api/auth/phone/bind/sms.ts
+++ b/frontend/desktop/src/pages/api/auth/phone/bind/sms.ts
@@ -1,12 +1,12 @@
-import { NextApiRequest, NextApiResponse } from 'next';
 import { filterAccessToken } from '@/services/backend/middleware/access';
-import { sendPhoneCodeGuard, filterPhoneParams, filterCf } from '@/services/backend/middleware/sms';
-import { enableSms } from '@/services/enable';
 import { ErrorHandler } from '@/services/backend/middleware/error';
+import { filterCf, filterPhoneParams, sendPhoneCodeGuard } from '@/services/backend/middleware/sms';
 import { sendPhoneCodeSvc } from '@/services/backend/svc/sms';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterCf(req, res, async () => {
diff --git a/frontend/desktop/src/pages/api/auth/phone/bind/verify.ts b/frontend/desktop/src/pages/api/auth/phone/bind/verify.ts
index 56c208cc893..f6f11f2c7d5 100644
--- a/frontend/desktop/src/pages/api/auth/phone/bind/verify.ts
+++ b/frontend/desktop/src/pages/api/auth/phone/bind/verify.ts
@@ -1,14 +1,13 @@
-import { NextApiRequest, NextApiResponse } from 'next';
-import { jsonRes } from '@/services/backend/response';
-import { enableSms } from '@/services/enable';
-import { filterPhoneVerifyParams, verifyPhoneCodeGuard } from '@/services/backend/middleware/sms';
 import { filterAccessToken } from '@/services/backend/middleware/access';
-import { bindPhoneSvc } from '@/services/backend/svc/bindProvider';
 import { ErrorHandler } from '@/services/backend/middleware/error';
 import { bindPhoneGuard } from '@/services/backend/middleware/oauth';
+import { filterPhoneVerifyParams, verifyPhoneCodeGuard } from '@/services/backend/middleware/sms';
+import { bindPhoneSvc } from '@/services/backend/svc/bindProvider';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterAccessToken(
diff --git a/frontend/desktop/src/pages/api/auth/phone/changeBinding/newSms.ts b/frontend/desktop/src/pages/api/auth/phone/changeBinding/newSms.ts
index 5b8e7b4525f..c7de8319f5e 100644
--- a/frontend/desktop/src/pages/api/auth/phone/changeBinding/newSms.ts
+++ b/frontend/desktop/src/pages/api/auth/phone/changeBinding/newSms.ts
@@ -1,15 +1,15 @@
-import { NextApiRequest, NextApiResponse } from 'next';
-import { enableSms } from '@/services/enable';
 import { filterAccessToken } from '@/services/backend/middleware/access';
+import { ErrorHandler } from '@/services/backend/middleware/error';
 import {
-  filterPhoneParams,
   filterCodeUid,
+  filterPhoneParams,
   sendNewPhoneCodeGuard
 } from '@/services/backend/middleware/sms';
-import { ErrorHandler } from '@/services/backend/middleware/error';
 import { sendPhoneCodeSvc } from '@/services/backend/svc/sms';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterAccessToken(req, res, ({ userUid }) =>
diff --git a/frontend/desktop/src/pages/api/auth/phone/changeBinding/oldSms.ts b/frontend/desktop/src/pages/api/auth/phone/changeBinding/oldSms.ts
index 30bd0065e35..745a3b75cb4 100644
--- a/frontend/desktop/src/pages/api/auth/phone/changeBinding/oldSms.ts
+++ b/frontend/desktop/src/pages/api/auth/phone/changeBinding/oldSms.ts
@@ -1,12 +1,12 @@
-import { NextApiRequest, NextApiResponse } from 'next';
-import { enableSms } from '@/services/enable';
 import { filterAccessToken } from '@/services/backend/middleware/access';
-import { sendPhoneCodeGuard, filterPhoneParams } from '@/services/backend/middleware/sms';
-import { sendPhoneCodeSvc } from '@/services/backend/svc/sms';
 import { ErrorHandler } from '@/services/backend/middleware/error';
 import { unbindPhoneGuard } from '@/services/backend/middleware/oauth';
+import { filterPhoneParams, sendPhoneCodeGuard } from '@/services/backend/middleware/sms';
+import { sendPhoneCodeSvc } from '@/services/backend/svc/sms';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterAccessToken(
diff --git a/frontend/desktop/src/pages/api/auth/phone/changeBinding/verifyNew.ts b/frontend/desktop/src/pages/api/auth/phone/changeBinding/verifyNew.ts
index 822acaa4428..f0bd3240b9c 100644
--- a/frontend/desktop/src/pages/api/auth/phone/changeBinding/verifyNew.ts
+++ b/frontend/desktop/src/pages/api/auth/phone/changeBinding/verifyNew.ts
@@ -1,18 +1,18 @@
-import next, { NextApiRequest, NextApiResponse } from 'next';
-import { enableSms } from '@/services/enable';
 import { filterAccessToken } from '@/services/backend/middleware/access';
+import { ErrorHandler } from '@/services/backend/middleware/error';
+import { bindPhoneGuard, unbindPhoneGuard } from '@/services/backend/middleware/oauth';
 import {
-  verifyCodeUidGuard,
   filterCodeUid,
   filterPhoneVerifyParams,
+  verifyCodeUidGuard,
   verifyPhoneCodeGuard
 } from '@/services/backend/middleware/sms';
 import { changePhoneBindingSvc } from '@/services/backend/svc/bindProvider';
-import { ErrorHandler } from '@/services/backend/middleware/error';
-import { bindPhoneGuard, unbindPhoneGuard } from '@/services/backend/middleware/oauth';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterAccessToken(
diff --git a/frontend/desktop/src/pages/api/auth/phone/changeBinding/verifyOld.ts b/frontend/desktop/src/pages/api/auth/phone/changeBinding/verifyOld.ts
index 0cde43b58b1..db8812a4e53 100644
--- a/frontend/desktop/src/pages/api/auth/phone/changeBinding/verifyOld.ts
+++ b/frontend/desktop/src/pages/api/auth/phone/changeBinding/verifyOld.ts
@@ -1,13 +1,13 @@
-import { NextApiRequest, NextApiResponse } from 'next';
-import { jsonRes } from '@/services/backend/response';
-import { enableSms } from '@/services/enable';
 import { filterAccessToken } from '@/services/backend/middleware/access';
-import { filterPhoneVerifyParams, verifyPhoneCodeGuard } from '@/services/backend/middleware/sms';
 import { ErrorHandler } from '@/services/backend/middleware/error';
 import { unbindPhoneGuard } from '@/services/backend/middleware/oauth';
+import { filterPhoneVerifyParams, verifyPhoneCodeGuard } from '@/services/backend/middleware/sms';
+import { jsonRes } from '@/services/backend/response';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterAccessToken(
diff --git a/frontend/desktop/src/pages/api/auth/phone/sms.ts b/frontend/desktop/src/pages/api/auth/phone/sms.ts
index c1456aebfad..bbc14a574c5 100644
--- a/frontend/desktop/src/pages/api/auth/phone/sms.ts
+++ b/frontend/desktop/src/pages/api/auth/phone/sms.ts
@@ -1,11 +1,11 @@
-import { NextApiRequest, NextApiResponse } from 'next';
-import { enableSms } from '@/services/enable';
+import { ErrorHandler } from '@/services/backend/middleware/error';
 import { filterCf, filterPhoneParams, sendPhoneCodeGuard } from '@/services/backend/middleware/sms';
 import { sendPhoneCodeSvc } from '@/services/backend/svc/sms';
-import { ErrorHandler } from '@/services/backend/middleware/error';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterCf(req, res, async () => {
diff --git a/frontend/desktop/src/pages/api/auth/phone/unbind/sms.ts b/frontend/desktop/src/pages/api/auth/phone/unbind/sms.ts
index b5aa6c8c757..a3e2bf9b5c3 100644
--- a/frontend/desktop/src/pages/api/auth/phone/unbind/sms.ts
+++ b/frontend/desktop/src/pages/api/auth/phone/unbind/sms.ts
@@ -1,13 +1,13 @@
-import { NextApiRequest, NextApiResponse } from 'next';
 import { filterAccessToken } from '@/services/backend/middleware/access';
-import { sendPhoneCodeGuard, filterPhoneParams, filterCf } from '@/services/backend/middleware/sms';
-import { enableSms } from '@/services/enable';
-import { sendPhoneCodeSvc } from '@/services/backend/svc/sms';
 import { ErrorHandler } from '@/services/backend/middleware/error';
 import { unbindPhoneGuard } from '@/services/backend/middleware/oauth';
+import { filterCf, filterPhoneParams, sendPhoneCodeGuard } from '@/services/backend/middleware/sms';
+import { sendPhoneCodeSvc } from '@/services/backend/svc/sms';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterAccessToken(req, res, async ({ userUid }) => {
diff --git a/frontend/desktop/src/pages/api/auth/phone/unbind/verify.ts b/frontend/desktop/src/pages/api/auth/phone/unbind/verify.ts
index 10edab96ce8..fd18a1ea7a4 100644
--- a/frontend/desktop/src/pages/api/auth/phone/unbind/verify.ts
+++ b/frontend/desktop/src/pages/api/auth/phone/unbind/verify.ts
@@ -1,12 +1,12 @@
-import { NextApiRequest, NextApiResponse } from 'next';
-import { enableSms } from '@/services/enable';
 import { filterAccessToken } from '@/services/backend/middleware/access';
+import { ErrorHandler } from '@/services/backend/middleware/error';
 import { filterPhoneVerifyParams, verifyPhoneCodeGuard } from '@/services/backend/middleware/sms';
 import { unbindPhoneSvc } from '@/services/backend/svc/bindProvider';
-import { ErrorHandler } from '@/services/backend/middleware/error';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterAccessToken(
diff --git a/frontend/desktop/src/pages/api/auth/phone/verify.ts b/frontend/desktop/src/pages/api/auth/phone/verify.ts
index 8eee1666e82..cde791744ba 100644
--- a/frontend/desktop/src/pages/api/auth/phone/verify.ts
+++ b/frontend/desktop/src/pages/api/auth/phone/verify.ts
@@ -1,11 +1,11 @@
-import { NextApiRequest, NextApiResponse } from 'next';
-import { enableSms } from '@/services/enable';
+import { ErrorHandler } from '@/services/backend/middleware/error';
 import { filterPhoneVerifyParams, verifyPhoneCodeGuard } from '@/services/backend/middleware/sms';
 import { getGlobalTokenByPhoneSvc } from '@/services/backend/svc/access';
-import { ErrorHandler } from '@/services/backend/middleware/error';
+import { enablePhoneSms } from '@/services/enable';
+import { NextApiRequest, NextApiResponse } from 'next';
 
 export default ErrorHandler(async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableSms()) {
+  if (!enablePhoneSms()) {
     throw new Error('SMS is not enabled');
   }
   await filterPhoneVerifyParams(
diff --git a/frontend/desktop/src/pages/api/platform/getAuthConfig.ts b/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
index b375b4b9c8c..82f094fa865 100644
--- a/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
+++ b/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
@@ -29,19 +29,22 @@ function genResAuthClientConfig(conf: AuthConfigType) {
         enabled: !!conf.idp.password?.enabled
       },
       sms: {
-        enabled: !!conf.idp.sms?.enabled
+        enabled: !!conf.idp.sms?.ali?.enabled
       },
       github: {
         enabled: !!conf.idp.github?.enabled,
+        proxyAddress: conf.idp.github?.proxyAddress || '',
         clientID: conf.idp.github?.clientID || ''
       },
       wechat: {
         enabled: !!conf.idp.wechat?.enabled,
-        clientID: conf.idp.wechat?.clientID || ''
+        clientID: conf.idp.wechat?.clientID || '',
+        proxyAddress: conf.idp.wechat?.proxyAddress || ''
       },
       google: {
         enabled: !!conf.idp.google?.enabled,
-        clientID: conf.idp.google?.clientID || ''
+        clientID: conf.idp.google?.clientID || '',
+        proxyAddress: conf.idp.google?.proxyAddress || ''
       },
       oauth2: {
         enabled: !!conf.idp.oauth2?.enabled,
@@ -49,10 +52,10 @@ function genResAuthClientConfig(conf: AuthConfigType) {
         clientID: conf.idp.oauth2?.clientID || '',
         authURL: conf.idp.oauth2?.authURL || '',
         tokenURL: conf.idp.oauth2?.tokenURL || '',
-        userInfoURL: conf.idp.oauth2?.userInfoURL || ''
+        userInfoURL: conf.idp.oauth2?.userInfoURL || '',
+        proxyAddress: conf.idp.oauth2?.proxyAddress || ''
       }
     },
-    proxyAddress: conf.proxyAddress || '',
     hasBaiduToken: !!conf.baiduToken,
     billingToken: ''
   };
diff --git a/frontend/desktop/src/services/enable.ts b/frontend/desktop/src/services/enable.ts
index 9b25892a39d..5f4caeb3a90 100644
--- a/frontend/desktop/src/services/enable.ts
+++ b/frontend/desktop/src/services/enable.ts
@@ -2,7 +2,8 @@
 export const enableRealNameAuth = () => global.AppConfig.common.realNameAuthEnabled || false;
 export const enablePassword = () => global.AppConfig.desktop.auth.idp.password?.enabled || false;
 export const enableGithub = () => global.AppConfig.desktop.auth.idp.github?.enabled || false;
-export const enableSms = () => global.AppConfig.desktop.auth.idp.sms?.ali?.enabled || false;
+export const enablePhoneSms = () => global.AppConfig.desktop.auth.idp.sms?.ali?.enabled || false;
+export const enableSms = () => global.AppConfig.desktop.auth.idp.sms?.enabled || false;
 export const enableEmailSms = () => global.AppConfig.desktop.auth.idp.sms?.email?.enabled || false;
 export const enableWechat = () => global.AppConfig.desktop.auth.idp.wechat?.enabled || false;
 export const enableGoogle = () => global.AppConfig.desktop.auth.idp.google?.enabled || false;
diff --git a/frontend/desktop/src/types/system.ts b/frontend/desktop/src/types/system.ts
index 5433c5109a5..598221e416b 100644
--- a/frontend/desktop/src/types/system.ts
+++ b/frontend/desktop/src/types/system.ts
@@ -71,7 +71,6 @@ export type LayoutConfigType = {
 
 export type AuthConfigType = {
   billingToken?: string;
-  proxyAddress?: string;
   callbackURL: string;
   signUpEnabled?: boolean;
   baiduToken?: string;
@@ -92,19 +91,32 @@ export type AuthConfigType = {
     };
     github?: {
       enabled: boolean;
+      proxyAddress?: string;
       clientID: string;
       clientSecret?: string;
     };
     wechat?: {
       enabled: boolean;
+      proxyAddress?: string;
       clientID: string;
       clientSecret?: string;
     };
     google?: {
       enabled: boolean;
+      proxyAddress?: string;
       clientID: string;
       clientSecret?: string;
     };
+    oauth2?: {
+      enabled: boolean;
+      callbackURL: string;
+      clientID: string;
+      proxyAddress?: string;
+      clientSecret?: string;
+      authURL: string;
+      tokenURL: string;
+      userInfoURL: string;
+    };
     sms?: {
       enabled: boolean;
       ali?: {
@@ -123,15 +135,6 @@ export type AuthConfigType = {
         password: string;
       };
     };
-    oauth2?: {
-      enabled: boolean;
-      callbackURL: string;
-      clientID: string;
-      clientSecret?: string;
-      authURL: string;
-      tokenURL: string;
-      userInfoURL: string;
-    };
   };
 };
 
@@ -239,15 +242,18 @@ export const DefaultAuthClientConfig: AuthClientConfigType = {
     },
     github: {
       enabled: false,
-      clientID: ''
+      clientID: '',
+      proxyAddress: ''
     },
     wechat: {
       enabled: false,
-      clientID: ''
+      clientID: '',
+      proxyAddress: ''
     },
     google: {
       enabled: false,
-      clientID: ''
+      clientID: '',
+      proxyAddress: ''
     },
     sms: {
       enabled: false
@@ -258,10 +264,10 @@ export const DefaultAuthClientConfig: AuthClientConfigType = {
       clientID: '',
       authURL: '',
       tokenURL: '',
-      userInfoURL: ''
+      userInfoURL: '',
+      proxyAddress: ''
     }
   },
-  proxyAddress: '',
   billingToken: ''
 };
 

From 6489ce6a6d7aaf2aa24ee3514bacab924b0f31a9 Mon Sep 17 00:00:00 2001
From: xudaotutou <13435638964@163.com>
Date: Tue, 8 Oct 2024 10:22:37 +0800
Subject: [PATCH 14/63] fix(desktop):fix merge user (#5101)

---
 .../mergeUser/NeedToMergeModal.tsx            | 42 ++++++++++---------
 .../services/backend/cronjob/mergeUserCr.ts   | 37 ++++++++++------
 2 files changed, 46 insertions(+), 33 deletions(-)

diff --git a/frontend/desktop/src/components/account/AccountCenter/mergeUser/NeedToMergeModal.tsx b/frontend/desktop/src/components/account/AccountCenter/mergeUser/NeedToMergeModal.tsx
index 703e7e177de..0bb7c6c6bf6 100644
--- a/frontend/desktop/src/components/account/AccountCenter/mergeUser/NeedToMergeModal.tsx
+++ b/frontend/desktop/src/components/account/AccountCenter/mergeUser/NeedToMergeModal.tsx
@@ -1,27 +1,27 @@
+import { mergeUserRequest } from '@/api/auth';
 import { useCustomToast } from '@/hooks/useCustomToast';
+import useCallbackStore, { MergeUserStatus } from '@/stores/callback';
+import { ValueOf } from '@/types';
+import { I18nErrorKey } from '@/types/i18next';
+import { USER_MERGE_STATUS } from '@/types/response/merge';
 import {
-  Text,
+  BoxProps,
   Button,
+  HStack,
   Modal,
-  ModalOverlay,
-  ModalContent,
+  ModalBody,
   ModalCloseButton,
+  ModalContent,
   ModalHeader,
+  ModalOverlay,
   Spinner,
-  ModalBody,
-  BoxProps,
-  VStack,
-  HStack
+  Text,
+  VStack
 } from '@chakra-ui/react';
 import { WarnTriangeIcon } from '@sealos/ui';
-import { useQueryClient, useMutation } from '@tanstack/react-query';
+import { useMutation, useQueryClient } from '@tanstack/react-query';
 import { useTranslation } from 'next-i18next';
-import { mergeUserRequest } from '@/api/auth';
-import useCallbackStore, { MergeUserStatus } from '@/stores/callback';
 import { useEffect, useState } from 'react';
-import { USER_MERGE_STATUS } from '@/types/response/merge';
-import { ValueOf } from '@/types';
-import { I18nErrorKey } from '@/types/i18next';
 
 function NeedToMerge({ ...props }: BoxProps & {}) {
   const { mergeUserStatus, mergeUserData, setMergeUserStatus, setMergeUserData } =
@@ -63,20 +63,22 @@ function NeedToMerge({ ...props }: BoxProps & {}) {
     <Modal isOpen={isOpen} onClose={onClose} isCentered>
       <ModalOverlay />
       <ModalContent
-        borderRadius={'12px'}
+        borderRadius={'10px'}
         maxW={'400px'}
         bgColor={'#FFF'}
         backdropFilter="blur(150px)"
-        p="24px"
       >
-        <ModalCloseButton right={'24px'} top="24px" p="0" />
+        <ModalCloseButton top={'8px'} right={'20px'} />
         <ModalHeader
+          px={'20px'}
+          py={'12px'}
           bg={'grayModern.25'}
-          borderBottomWidth={'1px'}
-          borderBottomColor={'grayModern.100'}
-          p="0"
+          borderBottom={'1px solid'}
+          fontWeight={500}
+          fontSize={'16px'}
           display={'flex'}
           gap={'10px'}
+          borderColor={'grayModern.100'}
         >
           <WarnTriangeIcon boxSize={'24px'} fill={'yellow.500'} />
           <Text>{t('common:merge_account_title')}</Text>
@@ -84,7 +86,7 @@ function NeedToMerge({ ...props }: BoxProps & {}) {
         {mutation.isLoading ? (
           <Spinner mx="auto" />
         ) : (
-          <ModalBody h="100%" w="100%" p="0" mt="22px" fontSize={'14px'}>
+          <ModalBody h="100%" w="100%" px="36px" pt="24px" pb="32px" fontSize={'14px'}>
             <VStack alignItems={'stretch'} gap={'0'}>
               <Text mb={'12px'}>
                 {mergeUserStatus === MergeUserStatus.CONFLICT
diff --git a/frontend/desktop/src/services/backend/cronjob/mergeUserCr.ts b/frontend/desktop/src/services/backend/cronjob/mergeUserCr.ts
index 82832f8643b..51a1e99707b 100644
--- a/frontend/desktop/src/services/backend/cronjob/mergeUserCr.ts
+++ b/frontend/desktop/src/services/backend/cronjob/mergeUserCr.ts
@@ -1,13 +1,13 @@
-import { globalPrisma, prisma } from '../db/init';
-import { TransactionStatus, TransactionType } from 'prisma/global/generated/client';
-import { JoinStatus } from 'prisma/region/generated/client';
-import { getBillingUrl, getCvmUrl, getRegionUid, getWorkorderUrl } from '@/services/enable';
 import { CronJobStatus } from '@/services/backend/cronjob/index';
 import { getUserKubeconfigNotPatch } from '@/services/backend/kubernetes/admin';
 import { mergeUserModifyBinding, mergeUserWorkspaceRole } from '@/services/backend/team';
-import axios from 'axios';
-import { generateCronJobToken } from '../auth';
+import { getBillingUrl, getCvmUrl, getRegionUid, getWorkorderUrl } from '@/services/enable';
 import { MergeUserEvent } from '@/types/db/event';
+import axios from 'axios';
+import { TransactionStatus, TransactionType } from 'prisma/global/generated/client';
+import { JoinStatus } from 'prisma/region/generated/client';
+import { generateBillingToken, generateCronJobToken } from '../auth';
+import { globalPrisma, prisma } from '../db/init';
 
 /**
  * |											|	user is exist | user is not exist 			|
@@ -190,13 +190,24 @@ export class MergeUserCrJob implements CronJobStatus {
     const kubeConfig = await getUserKubeconfigNotPatch(finalUserCr.crName);
     if (!kubeConfig) throw Error('the kubeconfig for ' + finalUserCr.crName + ' is not found');
     const [transferResult, workorderResult, cvmResult] = await Promise.all([
-      axios.post(billingUrl, {
-        kubeConfig,
-        owner: finalUserCr.crName,
-        userid: mergeUser.id,
-        toUser: user.id,
-        transferAll: true
-      }),
+      axios.post(
+        billingUrl,
+        {
+          userid: mergeUser.id,
+          toUser: user.id,
+          transferAll: true
+        },
+        {
+          headers: {
+            Authorization:
+              'Bearer ' +
+              generateBillingToken({
+                userUid: mergeUser.uid,
+                userId: mergeUser.id
+              })
+          }
+        }
+      ),
       axios.post(workorderUrl, {
         token: generateCronJobToken({
           userUid: user.id,

From 9817f6fb81b163f42c7d0b31f7e6350101b0f569 Mon Sep 17 00:00:00 2001
From: yy <56745951+lingdie@users.noreply.github.com>
Date: Tue, 8 Oct 2024 10:24:25 +0800
Subject: [PATCH 15/63] devbox cache improve. (#5122)

---
 controllers/devbox/cmd/main.go | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/controllers/devbox/cmd/main.go b/controllers/devbox/cmd/main.go
index 8dd3f3d7f0d..75e046aa587 100644
--- a/controllers/devbox/cmd/main.go
+++ b/controllers/devbox/cmd/main.go
@@ -24,11 +24,16 @@ import (
 	// Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.)
 	// to ensure that exec-entrypoint and run can make use of them.
 	_ "k8s.io/client-go/plugin/pkg/client/auth"
+	"k8s.io/client-go/rest"
 
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/runtime"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
 	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/cache"
+	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/healthz"
 	"sigs.k8s.io/controller-runtime/pkg/log/zap"
 	"sigs.k8s.io/controller-runtime/pkg/metrics/filters"
@@ -133,6 +138,11 @@ func main() {
 		metricsServerOptions.FilterProvider = filters.WithAuthenticationAndAuthorization
 	}
 
+	cacheObjLabelSelector := labels.SelectorFromSet(map[string]string{
+		"app.kubernetes.io/managed-by": "sealos",
+		"app.kubernetes.io/part-of":    "devbox",
+	})
+
 	mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
 		Scheme:                 scheme,
 		Metrics:                metricsServerOptions,
@@ -151,6 +161,15 @@ func main() {
 		// if you are doing or is intended to do any operation such as perform cleanups
 		// after the manager stops then its usage might be unsafe.
 		// LeaderElectionReleaseOnCancel: true,
+
+		NewCache: func(config *rest.Config, opts cache.Options) (cache.Cache, error) {
+			opts.ByObject = map[client.Object]cache.ByObject{
+				&corev1.Service{}: {Label: cacheObjLabelSelector},
+				&corev1.Pod{}:     {Label: cacheObjLabelSelector},
+				&corev1.Secret{}:  {Label: cacheObjLabelSelector},
+			}
+			return cache.New(config, opts)
+		},
 	})
 	if err != nil {
 		setupLog.Error(err, "unable to start manager")

From d9b34cd60044590b6a5807d1725398017a735e19 Mon Sep 17 00:00:00 2001
From: yy <56745951+lingdie@users.noreply.github.com>
Date: Tue, 8 Oct 2024 12:05:30 +0800
Subject: [PATCH 16/63] fix build offline scripts and ci. (#5125)

---
 .github/workflows/cloud-release.yml | 12 ++++++++++--
 scripts/cloud/build-offline-tar.sh  |  6 ++++--
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/cloud-release.yml b/.github/workflows/cloud-release.yml
index fae28f00e44..7c520b15c7c 100644
--- a/.github/workflows/cloud-release.yml
+++ b/.github/workflows/cloud-release.yml
@@ -67,7 +67,11 @@ jobs:
           sudo mv /tmp/sealos /usr/bin/sealos
           sudo sealos version
       - name: Build
-        run: export CLOUD_VERSION=${{ github.event.release.tag_name }} && export ARCH=amd64 && bash ./scripts/cloud/build-offline-tar.sh
+        run: |
+          export CLOUD_VERSION=${{ github.event.release.tag_name }}
+          export VERSION=${{ github.event.release.tag_name }}
+          export ARCH=amd64
+          bash ./scripts/cloud/build-offline-tar.sh
       - name: Setup ossutil
         uses: manyuanrong/setup-ossutil@v2.0
         with:
@@ -99,7 +103,11 @@ jobs:
           sudo mv /tmp/sealos /usr/bin/sealos
           sudo sealos version
       - name: Build
-        run: export CLOUD_VERSION=${{ github.event.release.tag_name }} && VERSION=${{ github.event.release.tag_name }} && export ARCH=arm64 && bash ./scripts/cloud/build-offline-tar.sh
+        run: |
+          export CLOUD_VERSION=${{ github.event.release.tag_name }}
+          export VERSION=${{ github.event.release.tag_name }}
+          export ARCH=arm64
+          bash ./scripts/cloud/build-offline-tar.sh
       - name: Setup ossutil
         uses: manyuanrong/setup-ossutil@v2.0
         with:
diff --git a/scripts/cloud/build-offline-tar.sh b/scripts/cloud/build-offline-tar.sh
index 5b5ad2b24ee..650def6aaa3 100644
--- a/scripts/cloud/build-offline-tar.sh
+++ b/scripts/cloud/build-offline-tar.sh
@@ -8,7 +8,6 @@ CLOUD_VERSION=${CLOUD_VERSION:-"latest"}
 mkdir -p output/tars
 
 images=(
-  docker.io/labring/sealos-cloud:$CLOUD_VERSION
   docker.io/labring/kubernetes:v1.28.11
   docker.io/labring/helm:v3.14.1
   docker.io/labring/cilium:v1.15.8
@@ -34,11 +33,14 @@ for image in "${images[@]}"; do
   fi
 done
 
+sealos pull --platform "linux/$ARCH" ghcr.io/labring/sealos-cloud:$CLOUD_VERSION
+sealos tag ghcr.io/labring/sealos-cloud:$CLOUD_VERSION docker.io/labring/sealos-cloud:$CLOUD_VERSION
+sealos save -o output/tars/sealos-cloud.tar docker.io/labring/sealos-cloud:$CLOUD_VERSION
 
 # get and save cli
 mkdir -p output/cli
 
-VERSION="v5.0.1-beta2"
+VERSION="v5.0.1"
 
 wget https://github.com/labring/sealos/releases/download/${VERSION}/sealos_${VERSION#v}_linux_${ARCH}.tar.gz \
    && tar zxvf sealos_${VERSION#v}_linux_${ARCH}.tar.gz sealos && chmod +x sealos && mv sealos output/cli

From 351e7616134950859fe559c57499b6fdff67fa0d Mon Sep 17 00:00:00 2001
From: Jiahui <4543bxy@gmail.com>
Date: Tue, 8 Oct 2024 15:02:23 +0800
Subject: [PATCH 17/63] Feat/active task (#5121)

* feat active task & first recharge discount
* sort discount step & add lock for payment
---
 .../account/controllers/account_controller.go |  30 ++-
 .../controllers/account_controller_test.go    |  85 ++++++--
 .../account/controllers/payment_controller.go |  67 +++---
 .../pkg/database/cockroach/accountv2.go       | 206 +++++++++++++++++-
 controllers/pkg/database/interface.go         |   4 +
 controllers/pkg/types/activity.go             |   6 +
 controllers/pkg/types/config.go               |  36 +++
 controllers/pkg/types/global.go               |  15 +-
 controllers/pkg/types/task.go                 |  80 +++++++
 service/account/api/api.go                    |  33 ++-
 service/account/dao/interface.go              |  18 ++
 service/account/helper/common.go              |   1 +
 service/account/helper/jwt.go                 |  16 +-
 service/account/helper/request.go             |  16 +-
 service/account/router/router.go              |  27 ++-
 15 files changed, 563 insertions(+), 77 deletions(-)
 create mode 100644 controllers/pkg/types/config.go
 create mode 100644 controllers/pkg/types/task.go

diff --git a/controllers/account/controllers/account_controller.go b/controllers/account/controllers/account_controller.go
index b20dbbaf664..43a9ef301ae 100644
--- a/controllers/account/controllers/account_controller.go
+++ b/controllers/account/controllers/account_controller.go
@@ -23,6 +23,7 @@ import (
 	"fmt"
 	"math"
 	"os"
+	"sort"
 	"strconv"
 	"strings"
 	"time"
@@ -276,14 +277,12 @@ const BaseUnit = 1_000_000
 //	return getAmountWithDiscount(amount, *discount), nil
 //}
 
-func getAmountWithDiscount(amount int64, discount pkgtypes.RechargeDiscount) int64 {
-	if discount.SpecialDiscount != nil && discount.SpecialDiscount[amount/BaseUnit] != 0 {
-		return amount + discount.SpecialDiscount[amount/BaseUnit]*BaseUnit
-	}
+func getAmountWithDiscount(amount int64, discount pkgtypes.UserRechargeDiscount) int64 {
 	var r float64
-	for i, s := range discount.DiscountSteps {
-		if amount >= s*BaseUnit {
-			r = discount.DiscountRates[i]
+	for _, step := range sortSteps(discount.DefaultSteps) {
+		ratio := discount.DefaultSteps[step]
+		if amount >= step*BaseUnit {
+			r = ratio
 		} else {
 			break
 		}
@@ -291,6 +290,23 @@ func getAmountWithDiscount(amount int64, discount pkgtypes.RechargeDiscount) int
 	return int64(math.Ceil(float64(amount) * r / 100))
 }
 
+func sortSteps(steps map[int64]float64) (keys []int64) {
+	for k := range steps {
+		keys = append(keys, k)
+	}
+	sort.Slice(keys, func(i, j int) bool {
+		return keys[i] < keys[j]
+	})
+	return
+}
+
+func getFirstRechargeDiscount(amount int64, discount pkgtypes.UserRechargeDiscount) (bool, int64) {
+	if discount.FirstRechargeSteps != nil && discount.FirstRechargeSteps[amount/BaseUnit] != 0 {
+		return true, int64(math.Ceil(float64(amount) * discount.FirstRechargeSteps[amount/BaseUnit] / 100))
+	}
+	return false, getAmountWithDiscount(amount, discount)
+}
+
 func (r *AccountReconciler) BillingCVM() error {
 	cvmMap, err := r.CVMDBClient.GetPendingStateInstance(os.Getenv("LOCAL_REGION"))
 	if err != nil {
diff --git a/controllers/account/controllers/account_controller_test.go b/controllers/account/controllers/account_controller_test.go
index d23bd5bfb29..48696aed680 100644
--- a/controllers/account/controllers/account_controller_test.go
+++ b/controllers/account/controllers/account_controller_test.go
@@ -18,6 +18,7 @@ package controllers
 
 import (
 	"context"
+	"encoding/json"
 	"os"
 	"testing"
 
@@ -26,8 +27,6 @@ import (
 	"github.com/labring/sealos/controllers/pkg/database"
 	"github.com/labring/sealos/controllers/pkg/database/cockroach"
 	"github.com/labring/sealos/controllers/pkg/database/mongo"
-
-	"github.com/labring/sealos/controllers/pkg/types"
 )
 
 //func Test_giveGift(t *testing.T) {
@@ -70,26 +69,26 @@ import (
 //	}
 //}
 
-func Test_getAmountWithDiscount(t *testing.T) {
-	type args struct {
-		amount   int64
-		discount types.RechargeDiscount
-	}
-	tests := []struct {
-		name string
-		args args
-		want int64
-	}{
-		// TODO: Add test cases.
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			if got := getAmountWithDiscount(tt.args.amount, tt.args.discount); got != tt.want {
-				t.Errorf("getAmountWithDiscount() = %v, want %v", got, tt.want)
-			}
-		})
-	}
-}
+//func Test_getAmountWithDiscount(t *testing.T) {
+//	type args struct {
+//		amount   int64
+//		discount types.RechargeDiscount
+//	}
+//	tests := []struct {
+//		name string
+//		args args
+//		want int64
+//	}{
+//		// TODO: Add test cases.
+//	}
+//	for _, tt := range tests {
+//		t.Run(tt.name, func(t *testing.T) {
+//			if got := getAmountWithDiscount(tt.args.amount, tt.args.discount); got != tt.want {
+//				t.Errorf("getAmountWithDiscount() = %v, want %v", got, tt.want)
+//			}
+//		})
+//	}
+//}
 
 func TestAccountReconciler_BillingCVM(t *testing.T) {
 	dbCtx := context.Background()
@@ -136,3 +135,45 @@ func TestAccountReconciler_BillingCVM(t *testing.T) {
 		t.Errorf("AccountReconciler.BillingCVM() error = %v", err)
 	}
 }
+
+func TestAccountV2_GetAccountConfig(t *testing.T) {
+	os.Setenv("LOCAL_REGION", "")
+	v2Account, err := cockroach.NewCockRoach("", "")
+	if err != nil {
+		t.Fatalf("unable to connect to cockroach: %v", err)
+	}
+	defer func() {
+		err := v2Account.Close()
+		if err != nil {
+			t.Errorf("unable to disconnect from cockroach: %v", err)
+		}
+	}()
+	err = v2Account.InitTables()
+	if err != nil {
+		t.Fatalf("unable to init tables: %v", err)
+	}
+
+	//if err = v2Account.InsertAccountConfig(&types.AccountConfig{
+	//	TaskProcessRegion: "192.160.0.55.nip.io",
+	//	FirstRechargeDiscountSteps: map[int64]float64{
+	//		8: 100, 32: 100, 128: 100, 256: 100, 512: 100, 1024: 100,
+	//	},
+	//	DefaultDiscountSteps: map[int64]float64{
+	//		//128,256,512,1024,2048,4096; 10,15,20,25,30,35
+	//		128: 10, 256: 15, 512: 20, 1024: 25, 2048: 30, 4096: 35,
+	//	},
+	//}); err != nil {
+	//	t.Fatalf("unable to insert account config: %v", err)
+	//}
+
+	aa, err := v2Account.GetAccountConfig()
+	if err != nil {
+		t.Fatalf("failed to get account config: %v", err)
+	}
+
+	data, err := json.MarshalIndent(aa, "", "  ")
+	if err != nil {
+		t.Fatalf("failed to marshal account config: %v", err)
+	}
+	t.Logf("success get account config:\n%s", string(data))
+}
diff --git a/controllers/account/controllers/payment_controller.go b/controllers/account/controllers/payment_controller.go
index 5f0ab3223b9..85e6eac7717 100644
--- a/controllers/account/controllers/payment_controller.go
+++ b/controllers/account/controllers/payment_controller.go
@@ -23,6 +23,8 @@ import (
 	"sync"
 	"time"
 
+	"github.com/google/uuid"
+
 	"sigs.k8s.io/controller-runtime/pkg/manager"
 
 	pkgtypes "github.com/labring/sealos/controllers/pkg/types"
@@ -47,6 +49,8 @@ type PaymentReconciler struct {
 	Logger            logr.Logger
 	reconcileDuration time.Duration
 	createDuration    time.Duration
+	accountConfig     pkgtypes.AccountConfig
+	userLock          map[uuid.UUID]*sync.Mutex
 	domain            string
 }
 
@@ -69,13 +73,14 @@ const (
 //+kubebuilder:rbac:groups=account.sealos.io,resources=payments/finalizers,verbs=update
 
 // SetupWithManager sets up the controller with the Manager.
-func (r *PaymentReconciler) SetupWithManager(mgr ctrl.Manager) error {
+func (r *PaymentReconciler) SetupWithManager(mgr ctrl.Manager) (err error) {
 	const controllerName = "payment_controller"
 	r.Logger = ctrl.Log.WithName(controllerName)
 	r.Logger.V(1).Info("init reconcile controller payment")
 	r.domain = os.Getenv("DOMAIN")
 	r.reconcileDuration = defaultReconcileDuration
 	r.createDuration = defaultCreateDuration
+	r.userLock = make(map[uuid.UUID]*sync.Mutex)
 	if duration := os.Getenv(EnvPaymentReconcileDuration); duration != "" {
 		reconcileDuration, err := time.ParseDuration(duration)
 		if err == nil {
@@ -88,6 +93,14 @@ func (r *PaymentReconciler) SetupWithManager(mgr ctrl.Manager) error {
 			r.createDuration = createDuration
 		}
 	}
+	r.accountConfig, err = r.Account.AccountV2.GetAccountConfig()
+	if err != nil {
+		return fmt.Errorf("get account config failed: %w", err)
+	}
+	if len(r.accountConfig.DefaultDiscountSteps) == 0 {
+		return fmt.Errorf("default discount steps is empty")
+	}
+	r.Logger.V(1).Info("account config", "config", r.accountConfig)
 	r.Logger.V(1).Info("reconcile duration", "reconcileDuration", r.reconcileDuration, "createDuration", r.createDuration)
 	if err := mgr.Add(r); err != nil {
 		return fmt.Errorf("add payment controller failed: %w", err)
@@ -142,22 +155,6 @@ func (r *PaymentReconciler) reconcilePayments(_ context.Context) (errs []error)
 }
 
 func (r *PaymentReconciler) reconcileCreatePayments(ctx context.Context) (errs []error) {
-	//paymentList := &accountv1.PaymentList{}
-	//listOpts := &client.ListOptions{
-	//	FieldSelector: fields.OneTermEqualSelector("status.tradeNO", ""),
-	//}
-	//// handler old payment
-	//err := r.Client.List(context.Background(), paymentList, listOpts)
-	//if err != nil {
-	//	errs = append(errs, fmt.Errorf("watch payment failed: %w", err))
-	//	return
-	//}
-	//for _, payment := range paymentList.Items {
-	//	if err := r.reconcileNewPayment(&payment); err != nil {
-	//		errs = append(errs, fmt.Errorf("reconcile payment failed: payment: %s, user: %s, err: %w", payment.Name, payment.Spec.UserID, err))
-	//	}
-	//}
-	// watch new payment
 	watcher, err := r.WatchClient.Watch(context.Background(), &accountv1.PaymentList{}, &client.ListOptions{})
 	if err != nil {
 		errs = append(errs, fmt.Errorf("watch payment failed: %w", err))
@@ -211,20 +208,34 @@ func (r *PaymentReconciler) reconcilePayment(payment *accountv1.Payment) error {
 		if err != nil {
 			return fmt.Errorf("get user failed: %w", err)
 		}
+		if r.userLock[user.UID] == nil {
+			r.userLock[user.UID] = &sync.Mutex{}
+		}
+		r.userLock[user.UID].Lock()
+		defer r.userLock[user.UID].Unlock()
+		userDiscount, err := r.Account.AccountV2.GetUserRechargeDiscount(&pkgtypes.UserQueryOpts{ID: payment.Spec.UserID})
+		if err != nil {
+			return fmt.Errorf("get user discount failed: %w", err)
+		}
 		//1¥ = 100WechatPayAmount; 1 WechatPayAmount = 10000 SealosAmount
 		payAmount := orderAmount * 10000
-		gift := getAmountWithDiscount(payAmount, r.Account.DefaultDiscount)
+		isFirstRecharge, gift := getFirstRechargeDiscount(payAmount, userDiscount)
+		paymentRaw := pkgtypes.PaymentRaw{
+			UserUID:         user.UID,
+			Amount:          payAmount,
+			Gift:            gift,
+			CreatedAt:       payment.CreationTimestamp.Time,
+			RegionUserOwner: getUsername(payment.Namespace),
+			Method:          payment.Spec.PaymentMethod,
+			TradeNO:         payment.Status.TradeNO,
+			CodeURL:         payment.Status.CodeURL,
+		}
+		if isFirstRecharge {
+			paymentRaw.ActivityType = pkgtypes.ActivityTypeFirstRecharge
+		}
+
 		if err = r.Account.AccountV2.Payment(&pkgtypes.Payment{
-			PaymentRaw: pkgtypes.PaymentRaw{
-				UserUID:         user.UID,
-				Amount:          payAmount,
-				Gift:            gift,
-				CreatedAt:       payment.CreationTimestamp.Time,
-				RegionUserOwner: getUsername(payment.Namespace),
-				Method:          payment.Spec.PaymentMethod,
-				TradeNO:         payment.Status.TradeNO,
-				CodeURL:         payment.Status.CodeURL,
-			},
+			PaymentRaw: paymentRaw,
 		}); err != nil {
 			return fmt.Errorf("payment failed: %w", err)
 		}
diff --git a/controllers/pkg/database/cockroach/accountv2.go b/controllers/pkg/database/cockroach/accountv2.go
index 09001941633..8b13cf5131a 100644
--- a/controllers/pkg/database/cockroach/accountv2.go
+++ b/controllers/pkg/database/cockroach/accountv2.go
@@ -15,6 +15,7 @@
 package cockroach
 
 import (
+	"encoding/json"
 	"errors"
 	"fmt"
 	"log"
@@ -46,6 +47,8 @@ type Cockroach struct {
 	activities  types.Activities
 	//TODO need init
 	defaultRechargeDiscount types.RechargeDiscount
+	accountConfig           *types.AccountConfig
+	tasks                   map[uuid.UUID]types.Task
 }
 
 const (
@@ -120,6 +123,174 @@ func (c *Cockroach) GetUser(ops *types.UserQueryOpts) (*types.User, error) {
 	return &user, nil
 }
 
+func cloneMap(m map[int64]float64) map[int64]float64 {
+	newMap := make(map[int64]float64, len(m))
+	for k, v := range m {
+		newMap[k] = v
+	}
+	return newMap
+}
+
+func (c *Cockroach) GetUserRechargeDiscount(ops *types.UserQueryOpts) (types.UserRechargeDiscount, error) {
+	if ops.UID == uuid.Nil {
+		user, err := c.GetUser(ops)
+		if err != nil {
+			return types.UserRechargeDiscount{}, fmt.Errorf("failed to get user cr: %v", err)
+		}
+		ops.UID = user.UID
+	}
+	cfg, err := c.GetAccountConfig()
+	if err != nil {
+		return types.UserRechargeDiscount{}, fmt.Errorf("failed to get account config: %v", err)
+	}
+	isFirstRecharge, err := c.IsNullRecharge(ops)
+	if err != nil {
+		return types.UserRechargeDiscount{}, fmt.Errorf("failed to check is null recharge: %v", err)
+	}
+	defaultSteps, firstRechargeSteps := cfg.DefaultDiscountSteps, cloneMap(cfg.FirstRechargeDiscountSteps)
+	if !isFirstRecharge && firstRechargeSteps != nil {
+		payments, err := c.getFirstRechargePayments(ops)
+		if err != nil {
+			return types.UserRechargeDiscount{}, fmt.Errorf("failed to get first recharge payments: %v", err)
+		}
+		if len(payments) == 0 {
+			firstRechargeSteps = map[int64]float64{}
+		} else {
+			for i := range payments {
+				delete(firstRechargeSteps, payments[i].Amount/BaseUnit)
+			}
+		}
+	}
+	return types.UserRechargeDiscount{
+		DefaultSteps:       defaultSteps,
+		FirstRechargeSteps: firstRechargeSteps,
+	}, nil
+}
+
+func (c *Cockroach) GetAccountConfig() (types.AccountConfig, error) {
+	if c.accountConfig == nil {
+		config := &types.Configs{}
+		if err := c.DB.Where(&types.Configs{}).First(config).Error; err != nil {
+			if errors.Is(err, gorm.ErrRecordNotFound) {
+				return types.AccountConfig{}, nil
+			}
+			return types.AccountConfig{}, fmt.Errorf("failed to get account config: %v", err)
+		}
+		var accountConfig types.AccountConfig
+		if err := json.Unmarshal([]byte(config.Data), &accountConfig); err != nil {
+			return types.AccountConfig{}, fmt.Errorf("failed to unmarshal account config: %v", err)
+		}
+		c.accountConfig = &accountConfig
+	}
+	return *c.accountConfig, nil
+}
+
+func (c *Cockroach) InsertAccountConfig(config *types.AccountConfig) error {
+	data, err := json.Marshal(config)
+	if err != nil {
+		return fmt.Errorf("failed to marshal account config: %v", err)
+	}
+	return c.DB.Model(&types.Configs{}).Create(&types.Configs{Type: types.AccountConfigType, Data: string(data)}).Error
+}
+
+func (c *Cockroach) IsNullRecharge(ops *types.UserQueryOpts) (bool, error) {
+	if ops.UID == uuid.Nil {
+		user, err := c.GetUser(ops)
+		if err != nil {
+			return false, fmt.Errorf("failed to get user: %v", err)
+		}
+		ops.UID = user.UID
+	}
+	var count int64
+	if err := c.DB.Model(&types.Payment{}).Where(&types.Payment{PaymentRaw: types.PaymentRaw{UserUID: ops.UID}}).
+		Count(&count).Error; err != nil {
+		return false, fmt.Errorf("failed to get payment count: %v", err)
+	}
+	return count == 0, nil
+}
+
+func (c *Cockroach) getFirstRechargePayments(ops *types.UserQueryOpts) ([]types.Payment, error) {
+	if ops.UID == uuid.Nil {
+		user, err := c.GetUser(ops)
+		if err != nil {
+			return nil, fmt.Errorf("failed to get user: %v", err)
+		}
+		ops.UID = user.UID
+	}
+	var payments []types.Payment
+	if err := c.DB.Model(&types.Payment{}).Where(&types.Payment{PaymentRaw: types.PaymentRaw{UserUID: ops.UID}}).Where(`"activityType" = ?`, types.ActivityTypeFirstRecharge).
+		Find(&payments).Error; err != nil {
+		return nil, fmt.Errorf("failed to get payment count: %v", err)
+	}
+	return payments, nil
+}
+
+func (c *Cockroach) ProcessPendingTaskRewards() error {
+	userTasks, err := c.getPendingRewardUserTask()
+	if err != nil {
+		return fmt.Errorf("failed to get pending reward user task: %w", err)
+	}
+	tasks, err := c.getTask()
+	if err != nil {
+		return fmt.Errorf("failed to get tasks: %w", err)
+	}
+	for i := range userTasks {
+		err = c.DB.Transaction(func(tx *gorm.DB) error {
+			task := tasks[userTasks[i].TaskID]
+			if task.Reward == 0 {
+				fmt.Printf("usertask %v reward is 0, skip\n", userTasks[i])
+				return nil
+			}
+			if err = c.updateBalanceRaw(tx, &types.UserQueryOpts{UID: userTasks[i].UserUID}, task.Reward, false, true, true); err != nil {
+				return fmt.Errorf("failed to update balance: %w", err)
+			}
+			msg := fmt.Sprintf("task %s reward", task.Title)
+			transaction := types.AccountTransaction{
+				Balance:   task.Reward,
+				Type:      string(task.TaskType) + "_Reward",
+				UserUID:   userTasks[i].UserUID,
+				ID:        uuid.New(),
+				Message:   &msg,
+				BillingID: userTasks[i].ID,
+			}
+			if err = tx.Save(&transaction).Error; err != nil {
+				return fmt.Errorf("failed to save transaction: %w", err)
+			}
+			return c.completeRewardUserTask(tx, &userTasks[i])
+		})
+		if err != nil {
+			return fmt.Errorf("failed to process reward pending user task %v rewards: %w", userTasks[i], err)
+		}
+	}
+	return nil
+}
+
+func (c *Cockroach) getTask() (map[uuid.UUID]types.Task, error) {
+	if len(c.tasks) != 0 {
+		return c.tasks, nil
+	}
+	c.tasks = make(map[uuid.UUID]types.Task)
+	var tasks []types.Task
+	if err := c.DB.Model(&types.Task{IsActive: true, IsNewUserTask: true}).Find(&tasks).Error; err != nil {
+		return nil, fmt.Errorf("failed to get tasks: %v", err)
+	}
+	for i := range tasks {
+		c.tasks[tasks[i].ID] = tasks[i]
+	}
+	return c.tasks, nil
+}
+
+func (c *Cockroach) getPendingRewardUserTask() ([]types.UserTask, error) {
+	var userTasks []types.UserTask
+	return userTasks, c.DB.Where(&types.UserTask{Status: types.TaskStatusCompleted, RewardStatus: types.TaskStatusNotCompleted}).
+		Find(&userTasks).Error
+}
+
+func (c *Cockroach) completeRewardUserTask(tx *gorm.DB, userTask *types.UserTask) error {
+	userTask.RewardStatus = types.TaskStatusCompleted
+	return tx.Model(userTask).Update("rewardStatus", types.TaskStatusCompleted).Error
+}
+
 func (c *Cockroach) GetUserCr(ops *types.UserQueryOpts) (*types.RegionUserCr, error) {
 	if ops.UID == uuid.Nil && ops.Owner == "" {
 		if ops.ID == "" {
@@ -314,6 +485,10 @@ func (c *Cockroach) GetUserOauthProvider(ops *types.UserQueryOpts) ([]types.Oaut
 }
 
 func (c *Cockroach) updateBalance(tx *gorm.DB, ops *types.UserQueryOpts, amount int64, isDeduction, add bool) error {
+	return c.updateBalanceRaw(tx, ops, amount, isDeduction, add, false)
+}
+
+func (c *Cockroach) updateBalanceRaw(tx *gorm.DB, ops *types.UserQueryOpts, amount int64, isDeduction, add bool, isActive bool) error {
 	if ops.UID == uuid.Nil {
 		user, err := c.GetUserCr(ops)
 		if err != nil {
@@ -334,6 +509,9 @@ func (c *Cockroach) updateBalance(tx *gorm.DB, ops *types.UserQueryOpts, amount
 	if err := c.updateWithAccount(isDeduction, add, account, amount); err != nil {
 		return err
 	}
+	if isActive {
+		account.ActivityBonus = account.ActivityBonus + amount
+	}
 	if err := tx.Save(account).Error; err != nil {
 		return fmt.Errorf("failed to update account balance: %w", err)
 	}
@@ -359,6 +537,12 @@ func (c *Cockroach) AddBalance(ops *types.UserQueryOpts, amount int64) error {
 	})
 }
 
+func (c *Cockroach) AddRewardBalance(ops *types.UserQueryOpts, amount int64, db *gorm.DB) error {
+	return db.Transaction(func(tx *gorm.DB) error {
+		return c.updateBalance(tx, ops, amount, false, true)
+	})
+}
+
 func (c *Cockroach) ReduceBalance(ops *types.UserQueryOpts, amount int64) error {
 	return c.DB.Transaction(func(tx *gorm.DB) error {
 		return c.updateBalance(tx, ops, amount, false, false)
@@ -856,6 +1040,7 @@ func (c *Cockroach) NewAccount(ops *types.UserQueryOpts) (*types.Account, error)
 	return account, nil
 }
 
+// //TODO: remove this method
 func (c *Cockroach) GetUserAccountRechargeDiscount(ops *types.UserQueryOpts) (*types.RechargeDiscount, error) {
 	userID := ops.UID
 	if userID == uuid.Nil {
@@ -958,7 +1143,7 @@ func (c *Cockroach) transferAccount(from, to *types.UserQueryOpts, amount int64,
 				return fmt.Errorf("insufficient balance in sender account, sender is %v, transfer amount %d, the transferable amount is: %d", sender, amount, sender.Balance-sender.DeductionBalance-MinBalance-sender.ActivityBonus)
 			}
 		} else {
-			amount = sender.Balance - sender.DeductionBalance - c.ZeroAccount.Balance
+			amount = sender.Balance - sender.DeductionBalance - c.ZeroAccount.Balance - sender.ActivityBonus
 			if amount <= 0 {
 				return ErrInsufficientBalance
 			}
@@ -987,7 +1172,24 @@ func (c *Cockroach) transferAccount(from, to *types.UserQueryOpts, amount int64,
 }
 
 func (c *Cockroach) InitTables() error {
-	return CreateTableIfNotExist(c.DB, types.Account{}, types.ErrorAccountCreate{}, types.ErrorPaymentCreate{}, types.Payment{}, types.Transfer{}, types.Region{}, types.Invoice{}, types.InvoicePayment{})
+	err := CreateTableIfNotExist(c.DB, types.Account{}, types.ErrorAccountCreate{}, types.ErrorPaymentCreate{}, types.Payment{}, types.Transfer{}, types.Region{}, types.Invoice{}, types.InvoicePayment{}, types.Configs{})
+	if err != nil {
+		return fmt.Errorf("failed to create table: %v", err)
+	}
+
+	// TODO: remove this after migration
+	if !c.DB.Migrator().HasColumn(&types.Payment{}, `activityType`) {
+		//if err := c.DB.Migrator().AddColumn(&types.Payment{PaymentRaw: types.PaymentRaw{}}, `PaymentRaw."activityType"`); err != nil {
+		//	return fmt.Errorf("failed to add column activityType: %v", err)
+		//}
+		fmt.Println("add column activityType")
+		tableName := types.Payment{}.TableName()
+		err := c.DB.Exec(`ALTER TABLE "?" ADD COLUMN "activityType" TEXT;`, gorm.Expr(tableName)).Error
+		if err != nil {
+			return fmt.Errorf("failed to add column activityType: %v", err)
+		}
+	}
+	return nil
 }
 
 func NewCockRoach(globalURI, localURI string) (*Cockroach, error) {
diff --git a/controllers/pkg/database/interface.go b/controllers/pkg/database/interface.go
index 642269f532f..b8d2f152418 100644
--- a/controllers/pkg/database/interface.go
+++ b/controllers/pkg/database/interface.go
@@ -95,10 +95,14 @@ type AccountV2 interface {
 	GetUserCr(user *types.UserQueryOpts) (*types.RegionUserCr, error)
 	GetUser(ops *types.UserQueryOpts) (*types.User, error)
 	GetAccount(user *types.UserQueryOpts) (*types.Account, error)
+	GetAccountConfig() (types.AccountConfig, error)
+	InsertAccountConfig(config *types.AccountConfig) error
 	GetRegions() ([]types.Region, error)
 	GetLocalRegion() types.Region
 	GetUserOauthProvider(ops *types.UserQueryOpts) ([]types.OauthProvider, error)
 	GetWorkspace(namespaces ...string) ([]types.Workspace, error)
+	GetUserRechargeDiscount(ops *types.UserQueryOpts) (types.UserRechargeDiscount, error)
+	//TODO will be removed this method
 	GetUserAccountRechargeDiscount(user *types.UserQueryOpts) (*types.RechargeDiscount, error)
 	SetAccountCreateLocalRegion(account *types.Account, region string) error
 	CreateUser(oAuth *types.OauthProvider, regionUserCr *types.RegionUserCr, user *types.User, workspace *types.Workspace, userWorkspace *types.UserWorkspace) error
diff --git a/controllers/pkg/types/activity.go b/controllers/pkg/types/activity.go
index ddf78ab5896..50b98410d30 100644
--- a/controllers/pkg/types/activity.go
+++ b/controllers/pkg/types/activity.go
@@ -23,6 +23,12 @@ import (
 	"gorm.io/gorm"
 )
 
+type UserRechargeDiscount struct {
+	DefaultSteps       map[int64]float64 `json:"defaultSteps,omitempty" bson:"defaultSteps,omitempty"`
+	FirstRechargeSteps map[int64]float64 `json:"firstRechargeDiscount,omitempty" bson:"firstRechargeDiscount,omitempty"`
+}
+
+// TODO the following structures will be deleted
 type Activity struct {
 	gorm.Model
 	ActivityType string `gorm:"uniqueIndex"`
diff --git a/controllers/pkg/types/config.go b/controllers/pkg/types/config.go
new file mode 100644
index 00000000000..a09983014de
--- /dev/null
+++ b/controllers/pkg/types/config.go
@@ -0,0 +1,36 @@
+/*
+Copyright 2024.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package types
+
+type Configs struct {
+	Type ConfigType `json:"type" gorm:"type:varchar(255);not null,primaryKey"`
+	Data string     `json:"data" gorm:"type:jsonb"`
+}
+
+type ConfigType string
+
+const AccountConfigType ConfigType = "account"
+
+type AccountConfig struct {
+	TaskProcessRegion          string            `json:"taskProcessRegion"`
+	FirstRechargeDiscountSteps map[int64]float64 `json:"firstRechargeDiscountSteps"`
+	DefaultDiscountSteps       map[int64]float64 `json:"defaultDiscountSteps"`
+}
+
+func (c Configs) TableName() string {
+	return "Configs"
+}
diff --git a/controllers/pkg/types/global.go b/controllers/pkg/types/global.go
index 38070d4d995..38a7ea92b8b 100644
--- a/controllers/pkg/types/global.go
+++ b/controllers/pkg/types/global.go
@@ -237,12 +237,19 @@ type PaymentRaw struct {
 	Gift            int64     `gorm:"type:bigint"`
 	TradeNO         string    `gorm:"type:text;unique;not null"`
 	// CodeURL is the codeURL of wechatpay
-	CodeURL    string `gorm:"type:text"`
-	InvoicedAt bool   `gorm:"type:boolean;default:false"`
-	Remark     string `gorm:"type:text"`
-	Message    string `gorm:"type:text;not null"`
+	CodeURL      string       `gorm:"type:text"`
+	InvoicedAt   bool         `gorm:"type:boolean;default:false"`
+	Remark       string       `gorm:"type:text"`
+	ActivityType ActivityType `gorm:"type:text;column:activityType"`
+	Message      string       `gorm:"type:text;not null"`
 }
 
+type ActivityType string
+
+const (
+	ActivityTypeFirstRecharge ActivityType = "FIRST_RECHARGE"
+)
+
 func (ErrorPaymentCreate) TableName() string {
 	return "ErrorPaymentCreate"
 }
diff --git a/controllers/pkg/types/task.go b/controllers/pkg/types/task.go
new file mode 100644
index 00000000000..3522281dd85
--- /dev/null
+++ b/controllers/pkg/types/task.go
@@ -0,0 +1,80 @@
+/*
+Copyright 2024.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package types
+
+import (
+	"time"
+
+	"github.com/google/uuid"
+)
+
+// Task represents the Task model in Go with GORM annotations.
+type Task struct {
+	ID            uuid.UUID `gorm:"column:id;type:uuid;default:gen_random_uuid();primary_key" json:"id"`
+	Title         string    `gorm:"column:title;type:text;not null" json:"title"`
+	Description   string    `gorm:"column:description;type:text;not null" json:"description"`
+	Reward        int64     `gorm:"column:reward;type:bigint;not null" json:"reward"`
+	Order         int       `gorm:"column:order;type:integer;not null" json:"order"`
+	IsActive      bool      `gorm:"column:isActive;type:boolean;default:true;not null" json:"isActive"`
+	IsNewUserTask bool      `gorm:"column:isNewUserTask;type:boolean;default:false;not null" json:"isNewUserTask"`
+	TaskType      TaskType  `gorm:"column:taskType;type:TaskType;not null" json:"taskType"`
+	CreatedAt     time.Time `gorm:"column:createdAt;type:timestamp(3) with time zone;default:current_timestamp();not null" json:"createdAt"`
+	UpdatedAt     time.Time `gorm:"column:updatedAt;type:timestamp(3) with time zone;not null" json:"updatedAt"`
+}
+
+// UserTask represents the UserTask model in Go with GORM annotations.
+type UserTask struct {
+	ID           uuid.UUID  `gorm:"column:id;type:uuid;default:gen_random_uuid();primary_key" json:"id"`
+	UserUID      uuid.UUID  `gorm:"column:userUid;type:uuid;not null" json:"userUid"`
+	TaskID       uuid.UUID  `gorm:"column:taskId;type:uuid;not null" json:"taskId"`
+	Status       TaskStatus `gorm:"column:status;type:TaskStatus;not null" json:"status"`
+	RewardStatus TaskStatus `gorm:"column:rewardStatus;type:TaskStatus;not null" json:"rewardStatus"`
+	CompletedAt  time.Time  `gorm:"column:completedAt;type:timestamp(3);not null" json:"completedAt"`
+	CreatedAt    time.Time  `gorm:"column:createdAt;type:timestamp(3) with time zone;default:current_timestamp();not null" json:"createdAt"`
+	UpdatedAt    time.Time  `gorm:"column:updatedAt;type:timestamp(3) with time zone;not null" json:"updatedAt"`
+
+	//User         User       `gorm:"foreignKey:UserUid;references:UID" json:"user"`
+	//Task         Task       `gorm:"foreignKey:TaskId;references:ID" json:"task"`
+}
+
+// TableName specifies the table name for GORM
+func (Task) TableName() string {
+	return "Task"
+}
+
+// TableName specifies the table name for GORM
+func (UserTask) TableName() string {
+	return "UserTask"
+}
+
+// TaskType represents the TaskType enum in Go.
+type TaskType string
+
+//const (
+//	TaskTypeLaunchpad  TaskType = "LAUNCHPAD"
+//	TaskTypeCostcenter TaskType = "COSTCENTER"
+//	TaskTypeDatabase   TaskType = "DATABASE"
+//	TaskTypeDesktop    TaskType = "DESKTOP"
+//)
+
+// TaskStatus represents the TaskStatus enum in Go.
+type TaskStatus string
+
+const (
+	TaskStatusNotCompleted TaskStatus = "NOT_COMPLETED"
+	TaskStatusCompleted    TaskStatus = "COMPLETED"
+)
diff --git a/service/account/api/api.go b/service/account/api/api.go
index d45b76bbe2c..51155b26c1b 100644
--- a/service/account/api/api.go
+++ b/service/account/api/api.go
@@ -726,8 +726,9 @@ func ParseAuthTokenUser(c *gin.Context) (auth *helper.Auth, err error) {
 		return nil, fmt.Errorf("invalid user: %v", user)
 	}
 	auth = &helper.Auth{
-		Owner:  user.UserCrName,
-		UserID: user.UserID,
+		Owner:   user.UserCrName,
+		UserID:  user.UserID,
+		UserUID: user.UserUID,
 	}
 	// if the user is not in the local region, get the user cr name from db
 	if dao.DBClient.GetLocalRegion().UID.String() != user.RegionUID {
@@ -977,6 +978,34 @@ func UserUsage(c *gin.Context) {
 	})
 }
 
+// GetRechargeDiscount
+// @Summary Get recharge discount
+// @Description Get recharge discount
+// @Tags RechargeDiscount
+// @Accept json
+// @Produce json
+// @Param request body helper.GetRechargeDiscountReq true "Get recharge discount request"
+// @Success 200 {object} map[string]interface{} "successfully get recharge discount"
+// @Failure 400 {object} map[string]interface{} "failed to parse get recharge discount request"
+// @Failure 401 {object} map[string]interface{} "authenticate error"
+// @Failure 500 {object} map[string]interface{} "failed to get recharge discount"
+// @Router /account/v1alpha1/recharge/discount [post]
+func GetRechargeDiscount(c *gin.Context) {
+	req := &helper.AuthBase{}
+	if err := authenticateRequest(c, req); err != nil {
+		c.JSON(http.StatusUnauthorized, helper.ErrorMessage{Error: fmt.Sprintf("authenticate error : %v", err)})
+		return
+	}
+	discount, err := dao.DBClient.GetRechargeDiscount(req)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("failed to get recharge discount : %v", err)})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{
+		"discount": discount,
+	})
+}
+
 // GetUserRealNameInfo
 // @Summary Get user real name information
 // @Description Retrieve the real name information for a user
diff --git a/service/account/dao/interface.go b/service/account/dao/interface.go
index 1fc3aa6705b..4aa2af419bd 100644
--- a/service/account/dao/interface.go
+++ b/service/account/dao/interface.go
@@ -57,6 +57,8 @@ type Interface interface {
 	GetRegions() ([]types.Region, error)
 	GetLocalRegion() types.Region
 	UseGiftCode(req *helper.UseGiftCodeReq) (*types.GiftCode, error)
+	GetRechargeDiscount(req helper.AuthReq) (helper.RechargeDiscountResp, error)
+	ProcessPendingTaskRewards() error
 	GetUserRealNameInfo(req *helper.GetRealNameInfoReq) (*types.UserRealNameInfo, error)
 }
 
@@ -1446,6 +1448,22 @@ func (m *Account) UseGiftCode(req *helper.UseGiftCodeReq) (*types.GiftCode, erro
 	return giftCode, nil
 }
 
+func (m *Account) GetRechargeDiscount(req helper.AuthReq) (helper.RechargeDiscountResp, error) {
+	userQuery := &types.UserQueryOpts{UID: req.GetAuth().UserUID}
+	userDiscount, err := m.ck.GetUserRechargeDiscount(userQuery)
+	if err != nil {
+		return helper.RechargeDiscountResp{}, fmt.Errorf("failed to get user recharge discount: %v", err)
+	}
+	return helper.RechargeDiscountResp{
+		DefaultSteps:       userDiscount.DefaultSteps,
+		FirstRechargeSteps: userDiscount.FirstRechargeSteps,
+	}, nil
+}
+
+func (m *Account) ProcessPendingTaskRewards() error {
+	return m.ck.ProcessPendingTaskRewards()
+}
+
 func (m *Account) GetUserRealNameInfo(req *helper.GetRealNameInfoReq) (*types.UserRealNameInfo, error) {
 	// get user info
 	userRealNameInfo, err := m.ck.GetUserRealNameInfoByUserID(req.UserID)
diff --git a/service/account/helper/common.go b/service/account/helper/common.go
index 7120ea26265..ba88c53a52c 100644
--- a/service/account/helper/common.go
+++ b/service/account/helper/common.go
@@ -28,6 +28,7 @@ const (
 	GetInvoicePayment             = "/invoice/get-payment"
 	UseGiftCode                   = "/gift-code/use"
 	UserUsage                     = "/user-usage"
+	GetRechargeDiscount           = "/recharge-discount"
 	GetUserRealNameInfo           = "/real-name-info"
 )
 
diff --git a/service/account/helper/jwt.go b/service/account/helper/jwt.go
index 002fee6d20a..dfef164d3e9 100644
--- a/service/account/helper/jwt.go
+++ b/service/account/helper/jwt.go
@@ -5,6 +5,8 @@ import (
 	"strings"
 	"time"
 
+	"github.com/google/uuid"
+
 	"github.com/gin-gonic/gin"
 
 	"github.com/golang-jwt/jwt"
@@ -21,13 +23,13 @@ type UserClaims struct {
 }
 
 type JwtUser struct {
-	UserUID      string `json:"userUid,omitempty"`
-	UserCrUID    string `json:"userCrUid,omitempty"`
-	UserCrName   string `json:"userCrName,omitempty"`
-	RegionUID    string `json:"regionUid,omitempty"`
-	UserID       string `json:"userId,omitempty"`
-	WorkspaceID  string `json:"workspaceId,omitempty"`
-	WorkspaceUID string `json:"workspaceUid,omitempty"`
+	UserUID      uuid.UUID `json:"userUid,omitempty"`
+	UserCrUID    string    `json:"userCrUid,omitempty"`
+	UserCrName   string    `json:"userCrName,omitempty"`
+	RegionUID    string    `json:"regionUid,omitempty"`
+	UserID       string    `json:"userId,omitempty"`
+	WorkspaceID  string    `json:"workspaceId,omitempty"`
+	WorkspaceUID string    `json:"workspaceUid,omitempty"`
 }
 
 func NewJWTManager(secretKey string, tokenDuration time.Duration) *JWTManager {
diff --git a/service/account/helper/request.go b/service/account/helper/request.go
index 0c264ff8b5f..4d2994de617 100644
--- a/service/account/helper/request.go
+++ b/service/account/helper/request.go
@@ -4,6 +4,8 @@ import (
 	"fmt"
 	"time"
 
+	"github.com/google/uuid"
+
 	"github.com/labring/sealos/service/account/common"
 
 	"github.com/dustin/go-humanize"
@@ -292,6 +294,11 @@ func (a *AuthBase) SetAuth(auth *Auth) {
 	a.Auth = auth
 }
 
+type RechargeDiscountResp struct {
+	DefaultSteps       map[int64]float64 `json:"defaultSteps,omitempty" bson:"defaultSteps,omitempty"`
+	FirstRechargeSteps map[int64]float64 `json:"firstRechargeDiscount,omitempty" bson:"firstRechargeDiscount,omitempty"`
+}
+
 type NamespaceBillingHistoryResp struct {
 	Data    NamespaceBillingHistoryRespData `json:"data,omitempty" bson:"data,omitempty"`
 	Message string                          `json:"message,omitempty" bson:"message" example:"successfully retrieved namespace list"`
@@ -320,10 +327,11 @@ type TimeRange struct {
 }
 
 type Auth struct {
-	Owner      string `json:"owner" bson:"owner" example:"admin"`
-	UserID     string `json:"userID" bson:"userID" example:"admin"`
-	KubeConfig string `json:"kubeConfig" bson:"kubeConfig"`
-	Token      string `json:"token" bson:"token" example:"token"`
+	Owner      string    `json:"owner" bson:"owner" example:"admin"`
+	UserUID    uuid.UUID `json:"userUID" bson:"userUID" example:"user-123"`
+	UserID     string    `json:"userID" bson:"userID" example:"admin"`
+	KubeConfig string    `json:"kubeConfig" bson:"kubeConfig"`
+	Token      string    `json:"token" bson:"token" example:"token"`
 }
 
 func ParseNamespaceBillingHistoryReq(c *gin.Context) (*NamespaceBillingHistoryReq, error) {
diff --git a/service/account/router/router.go b/service/account/router/router.go
index cd42df58836..4c875f5447a 100644
--- a/service/account/router/router.go
+++ b/service/account/router/router.go
@@ -7,6 +7,7 @@ import (
 	"os"
 	"os/signal"
 	"syscall"
+	"time"
 
 	"github.com/labring/sealos/controllers/pkg/utils/env"
 
@@ -30,8 +31,9 @@ func RegisterPayRouter() {
 	if err := dao.InitDB(); err != nil {
 		log.Fatalf("Error initializing database: %v", err)
 	}
+	ctx := context.Background()
 	defer func() {
-		if err := dao.DBClient.Disconnect(context.Background()); err != nil {
+		if err := dao.DBClient.Disconnect(ctx); err != nil {
 			log.Fatalf("Error disconnecting database: %v", err)
 		}
 	}()
@@ -63,6 +65,7 @@ func RegisterPayRouter() {
 		POST(helper.GetInvoicePayment, api.GetInvoicePayment).
 		POST(helper.UseGiftCode, api.UseGiftCode).
 		POST(helper.UserUsage, api.UserUsage).
+		POST(helper.GetRechargeDiscount, api.GetRechargeDiscount).
 		POST(helper.GetUserRealNameInfo, api.GetUserRealNameInfo)
 	docs.SwaggerInfo.Host = env.GetEnvWithDefault("SWAGGER_HOST", "localhost:2333")
 	router.GET("/swagger/*any", ginSwagger.WrapHandler(swaggerfiles.Handler))
@@ -80,9 +83,31 @@ func RegisterPayRouter() {
 		}
 	}()
 
+	// process task
+	if os.Getenv("REWARD_PROCESSING") == "true" {
+		fmt.Println("Start reward processing timer")
+		go startRewardProcessingTimer(ctx)
+	}
+
 	// Wait for interrupt signal.
 	<-interrupt
 
 	// Terminate procedure.
 	os.Exit(0)
 }
+
+func startRewardProcessingTimer(ctx context.Context) {
+	ticker := time.NewTicker(30 * time.Second)
+	defer ticker.Stop()
+	for {
+		select {
+		case <-ticker.C:
+			if err := dao.DBClient.ProcessPendingTaskRewards(); err != nil {
+				log.Printf("Error processing pending task rewards: %v", err)
+			}
+		case <-ctx.Done():
+			log.Println("Reward processing timer stopped")
+			return
+		}
+	}
+}

From 2b74a1281cdd72ec5f02a0cc9edf042639a1e054 Mon Sep 17 00:00:00 2001
From: jingyang <72259332+zjy365@users.noreply.github.com>
Date: Tue, 8 Oct 2024 16:52:21 +0800
Subject: [PATCH 18/63] feat: Implement app guide module (#5115)

* add user task table

* update desktop guide

* desktop guide done

* delete Deprecated API

* support verifyAppToken

* update desktop prisma

* launchpad guide

* update db

* add desktop api

* db guide done

* update launchpad api

* appstore done

* update

* fix desktop autolaunch

* fix desktop refresh

* update

* update desktop

* fix password login

* fix fontweight

* desktop add check

* update db

* update desktop

* checkDeductionBalanceAndCreateTasks

* update deploy

* update check

* update task title
---
 .../migration.sql                             |  41 ++
 frontend/desktop/prisma/global/schema.prisma  |  45 ++
 .../desktop/public/locales/en/common.json     |  21 +-
 .../desktop/public/locales/zh/common.json     |  21 +-
 frontend/desktop/src/api/platform.ts          |  14 +-
 .../src/components/desktop_content/apps.tsx   |   3 +-
 .../src/components/desktop_content/index.tsx  |  93 +++-
 .../desktop/src/components/icons/index.tsx    | 177 +++++++
 .../components/signin/auth/usePassword.tsx    |   2 +-
 .../src/components/task/floatButton.tsx       |  44 ++
 .../desktop/src/components/task/taskModal.tsx | 157 ++++++
 .../desktop/src/components/task/useDriver.tsx | 349 ++++++++++++++
 frontend/desktop/src/constants/account.ts     |   2 +
 frontend/desktop/src/hooks/useDriver.tsx      | 346 -------------
 .../src/pages/api/account/checkTask.ts        | 103 ++++
 .../src/pages/api/account/getAccount.ts       |  26 -
 .../desktop/src/pages/api/account/getTasks.ts |  49 ++
 .../src/pages/api/account/updateGuide.ts      |  35 --
 .../src/pages/api/account/updateTask.ts       |  52 ++
 .../pages/api/v1alpha/account/getAccount.ts   |   2 +-
 .../pages/api/v1alpha/account/updateGuide.ts  |   2 +-
 frontend/desktop/src/pages/index.tsx          |   5 +
 frontend/desktop/src/services/backend/auth.ts |  15 +
 .../src/services/backend/globalAuth.ts        |  75 ++-
 frontend/desktop/src/stores/desktopConfig.ts  |  18 +
 frontend/desktop/src/types/crd.ts             |   9 +
 frontend/desktop/src/types/task.ts            |  12 +
 frontend/packages/driver/src/overlay.ts       |  41 +-
 frontend/pnpm-lock.yaml                       |   6 +
 .../public/locales/en/common.json             |  20 +-
 .../public/locales/zh/common.json             |  23 +-
 .../applaunchpad/src/api/platform.ts          |  30 +-
 .../src/components/Icon/icons/gift.svg        |  10 +
 .../src/components/Icon/index.tsx             |   1 +
 .../src/hooks/useDetailDriver.tsx             | 454 ++++++++----------
 .../applaunchpad/src/hooks/useDriver.tsx      | 146 +++---
 .../api/guide/{getAccount.ts => checkTask.ts} |  16 +-
 .../src/pages/api/guide/getBonus.ts           |  35 +-
 .../src/pages/api/guide/getTasks.ts           |  55 +++
 .../src/pages/api/guide/updateGuide.ts        |  57 ---
 .../app/detail/components/AppBaseInfo.tsx     |  15 -
 .../app/detail/components/AppMainInfo.tsx     |   5 +-
 .../src/pages/app/detail/components/Pods.tsx  |   2 +-
 .../src/pages/app/edit/components/Form.tsx    |  10 +-
 .../applaunchpad/src/pages/app/edit/index.tsx |  17 +-
 .../applaunchpad/src/services/backend/auth.ts |  12 +
 .../applaunchpad/src/services/request.ts      |   5 +-
 .../providers/applaunchpad/src/store/guide.ts |  27 ++
 .../applaunchpad/src/styles/global.scss       |   1 +
 .../applaunchpad/src/types/user.d.ts          |  15 +
 .../providers/applaunchpad/src/utils/user.ts  |  15 +-
 frontend/providers/dbprovider/deploy/Kubefile |   2 +
 .../deploy/manifests/deploy.yaml.tmpl         |   4 +
 frontend/providers/dbprovider/package.json    |   1 +
 .../dbprovider/public/locales/en/common.json  |  23 +-
 .../dbprovider/public/locales/zh/common.json  |  23 +-
 .../providers/dbprovider/src/api/platform.ts  |  24 +-
 .../src/components/Icon/icons/gift.svg        |  10 +
 .../dbprovider/src/components/Icon/index.tsx  |   1 +
 .../providers/dbprovider/src/constants/db.ts  |   2 +-
 .../dbprovider/src/hooks/useDetailDriver.tsx  | 254 ++++++++++
 .../dbprovider/src/hooks/useDriver.tsx        | 132 +++++
 .../providers/dbprovider/src/pages/_app.tsx   |   1 +
 .../src/pages/api/guide/checkTask.ts          |  41 ++
 .../src/pages/api/guide/getBonus.ts           |  53 ++
 .../src/pages/api/guide/getTasks.ts           |  57 +++
 .../db/detail/components/AppBaseInfo.tsx      |   1 +
 .../dbprovider/src/pages/db/detail/index.tsx  |   2 +
 .../src/pages/db/edit/components/Header.tsx   |   8 +-
 .../dbprovider/src/pages/db/edit/index.tsx    |   4 +-
 .../dbprovider/src/services/backend/auth.ts   |  13 +
 .../dbprovider/src/services/request.ts        |   4 +-
 .../providers/dbprovider/src/store/guide.ts   |  27 ++
 .../dbprovider/src/styles/reset.scss          |   6 +
 .../providers/dbprovider/src/types/user.d.ts  |  15 +
 .../providers/dbprovider/src/utils/tools.ts   |   4 +
 .../providers/dbprovider/src/utils/user.ts    |  13 +
 frontend/providers/template/deploy/Kubefile   |   2 +
 .../deploy/manifests/deploy.yaml.tmpl         |   6 +
 frontend/providers/template/next.config.js    |  18 +-
 frontend/providers/template/package.json      |   1 +
 .../template/public/locales/en/common.json    |   9 +-
 .../template/public/locales/zh/common.json    |  13 +-
 .../providers/template/src/api/platform.ts    |  25 +-
 .../src/components/Icon/icons/gift.svg        |  10 +
 .../template/src/components/Icon/index.tsx    |   1 +
 .../src/components/layout/appmenu.tsx         |  97 ++--
 .../template/src/hooks/useDetailDriver.tsx    | 232 +++++++++
 .../providers/template/src/pages/_app.tsx     |   2 +
 .../template/src/pages/api/guide/checkTask.ts |  41 ++
 .../template/src/pages/api/guide/getBonus.ts  |  53 ++
 .../template/src/pages/api/guide/getTasks.ts  |  57 +++
 .../template/src/pages/instance/index.tsx     |   3 +
 .../template/src/services/backend/auth.ts     |  12 +
 .../template/src/services/request.ts          |   4 +-
 .../providers/template/src/store/guide.ts     |  27 ++
 .../providers/template/src/styles/reset.scss  |   6 +
 frontend/providers/template/src/types/user.ts |  15 +
 .../providers/template/src/utils/tools.ts     |   4 +
 frontend/providers/template/src/utils/user.ts |  13 +
 100 files changed, 3111 insertions(+), 1001 deletions(-)
 create mode 100644 frontend/desktop/prisma/global/migrations/20240926064719_add_user_task_table/migration.sql
 create mode 100644 frontend/desktop/src/components/task/floatButton.tsx
 create mode 100644 frontend/desktop/src/components/task/taskModal.tsx
 create mode 100644 frontend/desktop/src/components/task/useDriver.tsx
 delete mode 100644 frontend/desktop/src/hooks/useDriver.tsx
 create mode 100644 frontend/desktop/src/pages/api/account/checkTask.ts
 delete mode 100644 frontend/desktop/src/pages/api/account/getAccount.ts
 create mode 100644 frontend/desktop/src/pages/api/account/getTasks.ts
 delete mode 100644 frontend/desktop/src/pages/api/account/updateGuide.ts
 create mode 100644 frontend/desktop/src/pages/api/account/updateTask.ts
 create mode 100644 frontend/desktop/src/types/task.ts
 create mode 100644 frontend/providers/applaunchpad/src/components/Icon/icons/gift.svg
 rename frontend/providers/applaunchpad/src/pages/api/guide/{getAccount.ts => checkTask.ts} (66%)
 create mode 100644 frontend/providers/applaunchpad/src/pages/api/guide/getTasks.ts
 delete mode 100644 frontend/providers/applaunchpad/src/pages/api/guide/updateGuide.ts
 create mode 100644 frontend/providers/applaunchpad/src/store/guide.ts
 create mode 100644 frontend/providers/dbprovider/src/components/Icon/icons/gift.svg
 create mode 100644 frontend/providers/dbprovider/src/hooks/useDetailDriver.tsx
 create mode 100644 frontend/providers/dbprovider/src/hooks/useDriver.tsx
 create mode 100644 frontend/providers/dbprovider/src/pages/api/guide/checkTask.ts
 create mode 100644 frontend/providers/dbprovider/src/pages/api/guide/getBonus.ts
 create mode 100644 frontend/providers/dbprovider/src/pages/api/guide/getTasks.ts
 create mode 100644 frontend/providers/dbprovider/src/store/guide.ts
 create mode 100644 frontend/providers/template/src/components/Icon/icons/gift.svg
 create mode 100644 frontend/providers/template/src/hooks/useDetailDriver.tsx
 create mode 100644 frontend/providers/template/src/pages/api/guide/checkTask.ts
 create mode 100644 frontend/providers/template/src/pages/api/guide/getBonus.ts
 create mode 100644 frontend/providers/template/src/pages/api/guide/getTasks.ts
 create mode 100644 frontend/providers/template/src/store/guide.ts

diff --git a/frontend/desktop/prisma/global/migrations/20240926064719_add_user_task_table/migration.sql b/frontend/desktop/prisma/global/migrations/20240926064719_add_user_task_table/migration.sql
new file mode 100644
index 00000000000..41b6425f77a
--- /dev/null
+++ b/frontend/desktop/prisma/global/migrations/20240926064719_add_user_task_table/migration.sql
@@ -0,0 +1,41 @@
+-- CreateEnum
+CREATE TYPE "TaskType" AS ENUM ('LAUNCHPAD', 'COSTCENTER', 'DATABASE', 'DESKTOP', 'APPSTORE');
+
+-- CreateEnum
+CREATE TYPE "TaskStatus" AS ENUM ('NOT_COMPLETED', 'COMPLETED');
+
+-- CreateTable
+CREATE TABLE "Task" (
+    "id" UUID NOT NULL DEFAULT gen_random_uuid(),
+    "title" STRING NOT NULL,
+    "description" STRING NOT NULL,
+    "reward" INT8 NOT NULL,
+    "order" INT4 NOT NULL,
+    "isActive" BOOL NOT NULL DEFAULT true,
+    "isNewUserTask" BOOL NOT NULL DEFAULT false,
+    "taskType" "TaskType" NOT NULL,
+    "createdAt" TIMESTAMPTZ(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMPTZ(3) NOT NULL,
+
+    CONSTRAINT "Task_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "UserTask" (
+    "id" UUID NOT NULL DEFAULT gen_random_uuid(),
+    "userUid" UUID NOT NULL,
+    "taskId" UUID NOT NULL,
+    "status" "TaskStatus" NOT NULL,
+    "rewardStatus" "TaskStatus" NOT NULL,
+    "completedAt" TIMESTAMP(3) NOT NULL,
+    "createdAt" TIMESTAMPTZ(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMPTZ(3) NOT NULL,
+
+    CONSTRAINT "UserTask_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateIndex
+CREATE INDEX "UserTask_taskId_idx" ON "UserTask"("taskId");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "UserTask_userUid_taskId_key" ON "UserTask"("userUid", "taskId");
diff --git a/frontend/desktop/prisma/global/schema.prisma b/frontend/desktop/prisma/global/schema.prisma
index 40b28cc33c8..1cc93be5eb4 100644
--- a/frontend/desktop/prisma/global/schema.prisma
+++ b/frontend/desktop/prisma/global/schema.prisma
@@ -102,6 +102,7 @@ model User {
   newMergeUserTransactionInfo MergeUserTransactionInfo[] @relation("newUser")
   DeleteUserTransactionInfo   DeleteUserTransactionInfo?
   deleteUserLog               DeleteUserLog?
+  userTasks                   UserTask[]
 }
 
 model Transfer {
@@ -323,3 +324,47 @@ enum UserStatus {
   LOCK_USER
   DELETE_USER
 }
+
+model Task {
+  id            String     @id @default(dbgenerated("gen_random_uuid()")) @db.Uuid
+  title         String
+  description   String
+  reward        BigInt
+  order         Int
+  isActive      Boolean    @default(true)
+  isNewUserTask Boolean    @default(false)
+  taskType      TaskType   
+  createdAt     DateTime   @default(now()) @db.Timestamptz(3)
+  updatedAt     DateTime   @updatedAt @db.Timestamptz(3)
+  userTasks     UserTask[]
+}
+
+model UserTask {
+  id          String     @id @default(dbgenerated("gen_random_uuid()")) @db.Uuid
+  userUid     String     @db.Uuid
+  taskId      String     @db.Uuid
+  status      TaskStatus
+  rewardStatus TaskStatus
+  completedAt DateTime
+  createdAt   DateTime   @default(now()) @db.Timestamptz(3)
+  updatedAt   DateTime   @updatedAt @db.Timestamptz(3)
+
+  user        User       @relation(fields: [userUid], references: [uid])
+  task        Task       @relation(fields: [taskId], references: [id])
+
+  @@unique([userUid, taskId])
+  @@index([taskId])
+}
+
+enum TaskType {
+  LAUNCHPAD
+  COSTCENTER
+  DATABASE
+  DESKTOP
+  APPSTORE
+}
+
+enum TaskStatus {
+  NOT_COMPLETED
+  COMPLETED
+}
\ No newline at end of file
diff --git a/frontend/desktop/public/locales/en/common.json b/frontend/desktop/public/locales/en/common.json
index 7b075e654e6..be27e8ac0c1 100644
--- a/frontend/desktop/public/locales/en/common.json
+++ b/frontend/desktop/public/locales/en/common.json
@@ -14,6 +14,8 @@
   "and": "and",
   "app_info": "App Info",
   "app_launchpad": "App Launchpad",
+  "application_desktop": "Application desktop",
+  "application_desktop_tips": "Installed application portal",
   "avatar": "Avatar",
   "balance": "Balance",
   "bind": "Bind",
@@ -29,6 +31,7 @@
   "charge": "Charge",
   "click_anywhere_to_continue": "Click on any blank space to continue",
   "click_on_any_shadow_to_skip": "Click on any shadow to skip",
+  "completed": "Finish",
   "completed_the_deployment_of_an_nginx_for_the_first_time": "Completed the deployment of an nginx for the first time",
   "confirm": "Confirm",
   "confirm_again": "confirm again",
@@ -74,6 +77,9 @@
   "gift_amount": "Reward {{amount}} balance.",
   "github": "Github",
   "google": "Google",
+  "guide_applaunchpad": "Quickly deploy applications without cumbersome configuration",
+  "guide_dbprovider": "Create multiple databases in seconds to meet different application needs",
+  "guide_objectstorage": "Massive storage space, almost bare metal speed experience",
   "handle": "Handle",
   "have_read": "Have read",
   "healthy_pod": "Healthy Pod: {{count}}",
@@ -128,6 +134,7 @@
   "new_email": "New email",
   "new_phone": "New mobile number",
   "newpassword": "New Password",
+  "newuser_benefit": "Benefits",
   "next": "Next",
   "next_time": "Next",
   "nickname": "Nickname",
@@ -199,11 +206,13 @@
   "scan_with_wechat": "Scan with WeChat",
   "sealos_copilot": "Sealos Copilot",
   "sealos_document": "Sealos Document",
+  "sealos_newcomer_benefits": "Sealos Newbie Benefits",
   "search_apps": "Search Apps",
   "select_amount": "Select Amount",
   "service_agreement": "Service Agreement",
   "spend": "spend",
   "start_immediately": "Start",
+  "start_now": "Go Now",
   "start_your_sealos_journey": "Start your Sealos journey",
   "status": "Status",
   "storage": "Storage",
@@ -224,19 +233,29 @@
   "user_name": "User Name",
   "username": "Username",
   "username_tips": "Username must be 3-16 characters, including letters, numbers",
+  "usertask": {
+    "task_appstore_desc": "Provides prefabricated multiple types of application and tool templates, click to install, and automatically deploy",
+    "task_appstore_title": "App Store",
+    "task_database_desc": "Distributed storage, compatible with multi-language ecology, no need to build complex multi-node architecture by yourself",
+    "task_database_title": "Create DataBase",
+    "task_launchpad_desc": "Create a container cluster with one click, automatically deploy container applications, and provide intranet/extranet access addresses",
+    "task_launchpad_title": "Deploy App"
+  },
   "verification_code_login": "with Phone",
   "verifyCode_invalid": "Verification code format is incorrect",
   "verify_code_tips": "6-digit Verification Code",
   "verify_password": "Verify password",
   "verifycode": "verification",
   "view_discount_rules": "View recharge discount rules.",
+  "view_later": "Talk to You later",
   "waiting": "Waiting",
   "warning": "Warning",
   "wechat": "Wechat",
   "work_order": "Work Order",
   "year": "Year",
+  "you_can_complete_the_following_operations": "You can do the following",
   "you_can_use_the_kubectl_command_directly_from_the_terminal": "You can use the kubectl command directly from the terminal",
   "you_can_view_fees_through_the_fee_center": "You can view fees through the fee center",
   "you_have_not_purchased_the_license": "You have not purchased the License",
   "yuan": "Yuan"
-}
+}
\ No newline at end of file
diff --git a/frontend/desktop/public/locales/zh/common.json b/frontend/desktop/public/locales/zh/common.json
index a99e42166be..8f444358963 100644
--- a/frontend/desktop/public/locales/zh/common.json
+++ b/frontend/desktop/public/locales/zh/common.json
@@ -13,6 +13,8 @@
   "amount_forecast": "根据近一天消耗金额进行预测",
   "and": "和",
   "app_info": "应用信息",
+  "application_desktop": "应用桌面",
+  "application_desktop_tips": "已安装应用入口",
   "avatar": "头像",
   "balance": "余额",
   "bind": "绑定",
@@ -28,6 +30,7 @@
   "charge": "充值",
   "click_anywhere_to_continue": "点击任意空白继续",
   "click_on_any_shadow_to_skip": "点击任意阴影跳过",
+  "completed": "完成",
   "completed_the_deployment_of_an_nginx_for_the_first_time": "部署一个 nginx ，首次完成 将",
   "confirm": "确认",
   "confirm_again": "再次确认",
@@ -71,6 +74,9 @@
   "gift_amount": "赠送 {{amount}} 余额.",
   "github": "Github",
   "google": "Google",
+  "guide_applaunchpad": "快速部署应用，无需繁琐配置",
+  "guide_dbprovider": "多种数据库秒级创建，满足不同应用需求",
+  "guide_objectstorage": "海量存储空间，近乎裸机的速度体验",
   "handle": "操作",
   "have_read": "已读",
   "healthy_pod": "健康 Pod: {{count}}",
@@ -124,6 +130,7 @@
   "new_email": "新电子邮箱",
   "new_phone": "新手机号",
   "newpassword": "新密码",
+  "newuser_benefit": "新手福利",
   "next": "下一步",
   "next_time": "下次吧",
   "nickname": "昵称",
@@ -194,11 +201,13 @@
   "rename": "重命名",
   "scan_with_wechat": "微信扫码支付",
   "sealos_copilot": "Sealos 小助理",
+  "sealos_newcomer_benefits": "Sealos 新手福利",
   "search_apps": "搜索应用",
   "select_amount": "选择金额",
   "service_agreement": "服务协议",
   "spend": "花",
   "start_immediately": "立即开始",
+  "start_now": "立即前往",
   "start_your_sealos_journey": "开始您的 Sealos 之旅",
   "status": "状态",
   "storage": "存储",
@@ -217,19 +226,29 @@
   "user_name": "用户名",
   "username": "用户名",
   "username_tips": "用户名为3-16位的英文或数字的字符",
+  "usertask": {
+    "task_launchpad_desc": "一键创建容器集群，自动化 部署容器应用，并提供内 网/外网访问地址",
+    "task_launchpad_title": "部署应用",
+    "task_database_desc": "分布式存储，兼容多语言生态，无须自行构建复杂的多节点架构",
+    "task_database_title": "创建数据库",
+    "task_appstore_desc": "提供预制的多类型应用、工具模板，点击安装，自动部署",
+    "task_appstore_title": "应用商店"
+  },
   "verification_code_login": "手机号登录",
   "verifyCode_invalid": "验证码格式不对",
   "verify_code_tips": "6位验证码",
   "verify_password": "确认密码",
   "verifycode": "验证码",
   "view_discount_rules": "查看优惠规则",
+  "view_later": "稍后再说",
   "waiting": "等待中",
   "warning": "警告",
   "wechat": "微信",
   "work_order": "工单",
   "year": "年",
+  "you_can_complete_the_following_operations": "您可以完成以下操作",
   "you_can_use_the_kubectl_command_directly_from_the_terminal": "您可通过终端直接使用 kubectl 命令",
   "you_can_view_fees_through_the_fee_center": "您可通过费用中心查看费用",
   "you_have_not_purchased_the_license": "您还没有购买 License",
   "yuan": "元"
-}
+}
\ No newline at end of file
diff --git a/frontend/desktop/src/api/platform.ts b/frontend/desktop/src/api/platform.ts
index 723f8b48a9d..5549c306adb 100644
--- a/frontend/desktop/src/api/platform.ts
+++ b/frontend/desktop/src/api/platform.ts
@@ -8,7 +8,7 @@ import {
   CommonClientConfigType,
   TNotification
 } from '@/types';
-import { AccountCRD } from '@/types/user';
+import { UserTask } from '@/types/task';
 
 // handle baidu
 export const uploadConvertData = ({ newType, bdVid }: { newType: number[]; bdVid?: string }) => {
@@ -24,12 +24,16 @@ export const uploadConvertData = ({ newType, bdVid }: { newType: number[]; bdVid
   });
 };
 
-export const updateDesktopGuide = () => {
-  return request.post('/api/account/updateGuide');
+export const getUserTasks = () => {
+  return request.get<UserTask[]>('/api/account/getTasks');
 };
 
-export const getUserAccount = () => {
-  return request.get<AccountCRD>('/api/account/getAccount');
+export const checkUserTask = () => {
+  return request.get('/api/account/checkTask');
+};
+
+export const updateTask = (taskId: string) => {
+  return request.post('/api/account/updateTask', { taskId });
 };
 
 export const getAppConfig = () => {
diff --git a/frontend/desktop/src/components/desktop_content/apps.tsx b/frontend/desktop/src/components/desktop_content/apps.tsx
index 8e6db4630af..084c5ec4cee 100644
--- a/frontend/desktop/src/components/desktop_content/apps.tsx
+++ b/frontend/desktop/src/components/desktop_content/apps.tsx
@@ -109,6 +109,7 @@ export default function Apps() {
           gap={`${gridSpacing}px`}
           templateColumns={`repeat(auto-fill, minmax(${appWidth}px, 1fr))`}
           templateRows={`repeat(auto-fit, ${appHeight}px)`}
+          className="apps-container"
         >
           {paginatedApps &&
             paginatedApps.map((item: TApp, index) => (
@@ -121,9 +122,9 @@ export default function Apps() {
                 userSelect="none"
                 cursor={'pointer'}
                 onClick={(e) => handleDoubleClick(e, item)}
+                className={item.key}
               >
                 <Box
-                  className={item.key}
                   w="60px"
                   h="60px"
                   p={'8px'}
diff --git a/frontend/desktop/src/components/desktop_content/index.tsx b/frontend/desktop/src/components/desktop_content/index.tsx
index 79e6efeb4a1..55dad633f81 100644
--- a/frontend/desktop/src/components/desktop_content/index.tsx
+++ b/frontend/desktop/src/components/desktop_content/index.tsx
@@ -1,7 +1,6 @@
 import { getGlobalNotification } from '@/api/platform';
 import AppWindow from '@/components/app_window';
-// import useDriver from '@/hooks/useDriver';
-import { LicenseFrontendKey } from '@/constants/account';
+import useDriver from '@/components/task/useDriver';
 import useAppStore from '@/stores/app';
 import { useConfigStore } from '@/stores/config';
 import { useDesktopConfigStore } from '@/stores/desktopConfig';
@@ -26,6 +25,8 @@ import { useRealNameAuthNotification } from '../account/RealNameModal';
 import useSessionStore from '@/stores/session';
 import { useQuery } from '@tanstack/react-query';
 import { UserInfo } from '@/api/auth';
+import TaskModal from '../task/taskModal';
+import FloatingTaskButton from '../task/floatButton';
 
 const AppDock = dynamic(() => import('../AppDock'), { ssr: false });
 const FloatButton = dynamic(() => import('@/components/floating_button'), { ssr: false });
@@ -51,6 +52,11 @@ export default function Desktop(props: any) {
   const { session } = useSessionStore();
   const { commonConfig } = useConfigStore();
   const realNameAuthNotificationIdRef = useRef<string | number | undefined>();
+  const [isClient, setIsClient] = useState(false);
+
+  useEffect(() => {
+    setIsClient(true);
+  }, []);
 
   const infoData = useQuery({
     queryFn: UserInfo,
@@ -105,6 +111,9 @@ export default function Desktop(props: any) {
     [apps, openApp, runningInfo, setToHighestLayerById]
   );
 
+  const { taskComponentState, setTaskComponentState } = useDesktopConfigStore();
+  const { UserGuide, tasks, desktopGuide, handleCloseTaskModal } = useDriver();
+
   useEffect(() => {
     const cleanup = createMasterAPP();
     return cleanup;
@@ -234,22 +243,70 @@ export default function Desktop(props: any) {
           </Box>
         </Box>
 
-        {/* {showGuide ? (
-          <>
-            <UserGuide />
-            <Box
-              position="fixed"
-              top="0"
-              left="0"
-              width="100%"
-              height="100%"
-              backgroundColor="rgba(0, 0, 0, 0.7)" // 半透明黑色背景
-              zIndex="11000" // 保证蒙层在最上层
-            />
-          </>
-        ) : (
-          <></>
-        )} */}
+        {isClient && (
+          <Box>
+            {desktopGuide && (
+              <>
+                <UserGuide />
+                <Box
+                  position="fixed"
+                  top="0"
+                  left="0"
+                  width="100%"
+                  height="100%"
+                  backgroundColor="rgba(0, 0, 0, 0.7)"
+                  zIndex="11000"
+                />
+              </>
+            )}
+            {taskComponentState === 'modal' && tasks?.length > 0 && (
+              <TaskModal
+                isOpen={taskComponentState === 'modal'}
+                onClose={handleCloseTaskModal}
+                tasks={tasks || []}
+                onTaskClick={(task) => {
+                  switch (task.taskType) {
+                    case 'LAUNCHPAD':
+                      openDesktopApp({
+                        appKey: 'system-applaunchpad',
+                        pathname: '/app/edit',
+                        messageData: {
+                          type: 'InternalAppCall'
+                        }
+                      });
+                      break;
+                    case 'DATABASE':
+                      openDesktopApp({
+                        appKey: 'system-dbprovider',
+                        pathname: '/db/edit',
+                        messageData: { type: 'InternalAppCall' }
+                      });
+                      break;
+                    case 'APPSTORE':
+                      openDesktopApp({
+                        appKey: 'system-template',
+                        pathname: '/',
+                        messageData: {
+                          type: 'InternalAppCall'
+                        }
+                      });
+                      break;
+                    default:
+                      console.log(task.taskType);
+                  }
+                  setTaskComponentState('button');
+                }}
+              />
+            )}
+            {taskComponentState === 'button' && (
+              <FloatingTaskButton
+                onClick={() => {
+                  setTaskComponentState('modal');
+                }}
+              />
+            )}
+          </Box>
+        )}
       </Flex>
 
       {isAppBar ? <AppDock /> : <FloatButton />}
diff --git a/frontend/desktop/src/components/icons/index.tsx b/frontend/desktop/src/components/icons/index.tsx
index 96e183625c8..c4ba436bcdb 100644
--- a/frontend/desktop/src/components/icons/index.tsx
+++ b/frontend/desktop/src/components/icons/index.tsx
@@ -383,3 +383,180 @@ export function HelpIcon(props: IconProps) {
     </Icon>
   );
 }
+
+export function LaunchpadIcon(props: IconProps) {
+  return (
+    <Icon
+      xmlns="http://www.w3.org/2000/svg"
+      width="16px"
+      height="16px"
+      viewBox="0 0 16 16"
+      fill="none"
+      {...props}
+    >
+      <path
+        d="M2.86012 2C2.41829 2 2.06012 2.35817 2.06012 2.8V6.53333C2.06012 6.97516 2.41829 7.33333 2.86012 7.33333H6.59345C7.03528 7.33333 7.39345 6.97516 7.39345 6.53333V2.8C7.39345 2.35817 7.03528 2 6.59345 2H2.86012Z"
+        fill="#219BF4"
+      />
+      <path
+        d="M9.52679 2C9.08496 2 8.72679 2.35817 8.72679 2.8V6.53333C8.72679 6.97516 9.08496 7.33333 9.52679 7.33333H13.2601C13.7019 7.33333 14.0601 6.97516 14.0601 6.53333V2.8C14.0601 2.35817 13.7019 2 13.2601 2H9.52679Z"
+        fill="#219BF4"
+      />
+      <path
+        d="M8.72679 9.46667C8.72679 9.02484 9.08496 8.66667 9.52679 8.66667H13.2601C13.7019 8.66667 14.0601 9.02484 14.0601 9.46667V13.2C14.0601 13.6418 13.7019 14 13.2601 14H9.52679C9.08496 14 8.72679 13.6418 8.72679 13.2V9.46667Z"
+        fill="#219BF4"
+      />
+      <path
+        d="M2.86012 8.66667C2.41829 8.66667 2.06012 9.02484 2.06012 9.46667V13.2C2.06012 13.6418 2.41829 14 2.86012 14H6.59345C7.03528 14 7.39345 13.6418 7.39345 13.2V9.46667C7.39345 9.02484 7.03528 8.66667 6.59345 8.66667H2.86012Z"
+        fill="#219BF4"
+      />
+    </Icon>
+  );
+}
+
+export function DBproviderIcon(props: IconProps) {
+  return (
+    <Icon
+      xmlns="http://www.w3.org/2000/svg"
+      width="16px"
+      height="16px"
+      viewBox="0 0 16 16"
+      fill="none"
+      {...props}
+    >
+      <path
+        d="M14.07 4.13783V3.80338L14.0697 3.77205C14.0337 2.22354 11.327 1.33301 7.99331 1.33301C4.65947 1.33301 1.95232 2.21093 1.9166 3.77205V4.13783H1.91959C1.9176 4.16356 1.9166 4.18951 1.9166 4.21568C1.9166 5.39165 4.07865 6.34497 7.99331 6.34497C11.908 6.34497 14.07 5.39165 14.07 4.21568C14.07 4.18951 14.069 4.16356 14.067 4.13783H14.07Z"
+        fill="#219BF4"
+      />
+      <path
+        d="M1.9166 5.97485V8.34728C1.91646 8.35285 1.9165 8.35843 1.91655 8.36401L1.9166 8.37243C1.9166 9.54699 4.07865 10.4992 7.99331 10.4992C11.908 10.4992 14.07 9.54699 14.07 8.37243C14.07 8.36402 14.0699 8.35564 14.0697 8.34728L14.07 5.97485H14.0282C13.7105 7.04561 11.5928 7.87227 7.99331 7.87227C4.39381 7.87227 2.27608 7.04561 1.95842 5.97485H1.9166Z"
+        fill="#219BF4"
+      />
+      <path
+        d="M1.9166 9.89685V12.2816H1.91945C2.00819 13.6063 4.16088 14.6663 7.99331 14.6663C11.8257 14.6663 13.9784 13.6063 14.0672 12.2816H14.07V9.89685C14.07 11.1743 11.908 12.2098 7.99331 12.2098C4.07865 12.2098 1.9166 11.1743 1.9166 9.89685Z"
+        fill="#219BF4"
+      />
+    </Icon>
+  );
+}
+
+export function AppStoreIcon(props: IconProps) {
+  return (
+    <Icon
+      xmlns="http://www.w3.org/2000/svg"
+      width="16px"
+      height="16px"
+      viewBox="0 0 16 16"
+      fill="none"
+      {...props}
+    >
+      <path
+        fillRule="evenodd"
+        clipRule="evenodd"
+        d="M2.64775 1.66699C1.95309 1.66699 1.38995 2.2341 1.38995 2.93366V11.8003C1.38995 13.1995 2.51622 14.3337 3.90554 14.3337H12.0812C13.4705 14.3337 14.5968 13.1995 14.5968 11.8003V2.93366C14.5968 2.2341 14.0336 1.66699 13.339 1.66699H2.64775ZM5.09437 3.40628C5.07319 3.35477 5.05338 3.30277 5.03497 3.25033H5.64111C5.76935 3.54078 5.94963 3.80519 6.17309 4.03022C6.41215 4.27097 6.69596 4.46195 7.00831 4.59224C7.32066 4.72253 7.65544 4.78959 7.99352 4.78959C8.33161 4.78959 8.66639 4.72253 8.97874 4.59224C9.29109 4.46195 9.5749 4.27097 9.81396 4.03022C10.0374 3.80519 10.2177 3.54078 10.3459 3.25033H10.9521C10.9337 3.30277 10.9139 3.35477 10.8927 3.40628C10.735 3.78969 10.5038 4.13806 10.2124 4.43151C9.92105 4.72496 9.57512 4.95774 9.19439 5.11655C8.81367 5.27536 8.40562 5.3571 7.99352 5.3571C7.58143 5.3571 7.17338 5.27536 6.79266 5.11655C6.41193 4.95773 6.066 4.72496 5.77461 4.43151C5.48322 4.13806 5.25207 3.78969 5.09437 3.40628ZM5.79714 7.46537C5.79714 7.29048 5.93792 7.14871 6.11159 7.14871H7.39606C7.56972 7.14871 7.71051 7.29048 7.71051 7.46537V8.74182C7.71051 8.91671 7.56972 9.05849 7.39606 9.05849H6.11159C5.93792 9.05849 5.79714 8.91671 5.79714 8.74182V7.46537ZM8.59096 7.14871C8.41729 7.14871 8.27651 7.29048 8.27651 7.46537V8.74182C8.27651 8.91671 8.41729 9.05849 8.59096 9.05849H9.87543C10.0491 9.05849 10.1899 8.91671 10.1899 8.74182V7.46537C10.1899 7.29048 10.0491 7.14871 9.87543 7.14871H8.59096ZM5.79714 9.94515C5.79714 9.77026 5.93792 9.62849 6.11159 9.62849H7.39606C7.56972 9.62849 7.71051 9.77026 7.71051 9.94515V11.2216C7.71051 11.3965 7.56972 11.5383 7.39606 11.5383H6.11159C5.93792 11.5383 5.79714 11.3965 5.79714 11.2216V9.94515ZM8.59096 9.62849C8.41729 9.62849 8.27651 9.77026 8.27651 9.94515V11.2216C8.27651 11.3965 8.41729 11.5383 8.59096 11.5383H9.87543C10.0491 11.5383 10.1899 11.3965 10.1899 11.2216V9.94515C10.1899 9.77026 10.0491 9.62849 9.87543 9.62849H8.59096Z"
+        fill="#219BF4"
+      />
+    </Icon>
+  );
+}
+
+export function DriverStarIcon() {
+  return (
+    <Icon xmlns="http://www.w3.org/2000/svg" width="20" height="21" viewBox="0 0 20 21" fill="none">
+      <path
+        fillRule="evenodd"
+        clipRule="evenodd"
+        d="M3.74999 1.58789C4.0696 1.58789 4.32869 1.84699 4.32869 2.16659V3.67122H5.83332C6.15293 3.67122 6.41203 3.93032 6.41203 4.24993C6.41203 4.56954 6.15293 4.82863 5.83332 4.82863H4.32869V6.33326C4.32869 6.65287 4.0696 6.91196 3.74999 6.91196C3.43038 6.91196 3.17128 6.65287 3.17128 6.33326V4.82863H1.66666C1.34705 4.82863 1.08795 4.56954 1.08795 4.24993C1.08795 3.93032 1.34705 3.67122 1.66666 3.67122H3.17128V2.16659C3.17128 1.84699 3.43038 1.58789 3.74999 1.58789ZM10.8333 2.42122C11.0728 2.42122 11.2875 2.56869 11.3735 2.79218L12.8186 6.54957C13.0643 7.18827 13.1548 7.41187 13.2853 7.59548C13.4098 7.77051 13.5627 7.92344 13.7378 8.04791C13.9214 8.17846 14.145 8.269 14.7837 8.51465L18.5411 9.9598C18.7646 10.0458 18.912 10.2605 18.912 10.4999C18.912 10.7394 18.7646 10.9541 18.5411 11.0401L14.7837 12.4852C14.145 12.7309 13.9214 12.8214 13.7378 12.9519C13.5627 13.0764 13.4098 13.2293 13.2853 13.4044C13.1548 13.588 13.0643 13.8116 12.8186 14.4503L11.3735 18.2077C11.2875 18.4312 11.0728 18.5786 10.8333 18.5786C10.5939 18.5786 10.3792 18.4312 10.2932 18.2077L8.84804 14.4503C8.60239 13.8116 8.51186 13.588 8.3813 13.4044C8.25684 13.2293 8.10391 13.0764 7.92887 12.9519C7.74526 12.8214 7.52166 12.7309 6.88297 12.4852L3.12558 11.0401C2.90209 10.9541 2.75462 10.7394 2.75462 10.4999C2.75462 10.2605 2.90209 10.0458 3.12558 9.9598L6.88296 8.51465C7.52166 8.269 7.74526 8.17846 7.92887 8.04791C8.10391 7.92345 8.25684 7.77051 8.3813 7.59548C8.51186 7.41187 8.60239 7.18827 8.84804 6.54957L10.2932 2.79219C10.3791 2.56869 10.5939 2.42122 10.8333 2.42122ZM10.8333 4.61201L9.9283 6.96506C9.91949 6.98797 9.9108 7.01059 9.90222 7.03291C9.69245 7.57876 9.55023 7.94881 9.32456 8.26619C9.12512 8.54667 8.88006 8.79173 8.59958 8.99117C8.28221 9.21684 7.91216 9.35905 7.36631 9.56883C7.34398 9.5774 7.32137 9.5861 7.29845 9.59491L4.9454 10.4999L7.29845 11.4049C7.32137 11.4138 7.34398 11.4225 7.36631 11.431C7.91216 11.6408 8.28221 11.783 8.59958 12.0087C8.88006 12.2081 9.12512 12.4532 9.32456 12.7337C9.55023 13.051 9.69245 13.4211 9.90222 13.9669C9.9108 13.9893 9.91949 14.0119 9.9283 14.0348L10.8333 16.3878L11.7383 14.0348C11.7472 14.0119 11.7558 13.9893 11.7644 13.967C11.9742 13.4211 12.1164 13.051 12.3421 12.7337C12.5415 12.4532 12.7866 12.2081 13.0671 12.0087C13.3844 11.783 13.7545 11.6408 14.3003 11.431C14.3227 11.4225 14.3453 11.4138 14.3682 11.4049L16.7212 10.4999L14.3682 9.59491C14.3453 9.5861 14.3227 9.57741 14.3004 9.56883C13.7545 9.35906 13.3844 9.21684 13.0671 8.99117C12.7866 8.79173 12.5415 8.54667 12.3421 8.26619C12.1164 7.94881 11.9742 7.57876 11.7644 7.03291C11.7558 7.01059 11.7472 6.98797 11.7383 6.96505L10.8333 4.61201ZM3.74999 14.0879C4.0696 14.0879 4.32869 14.347 4.32869 14.6666V16.1712H5.83332C6.15293 16.1712 6.41203 16.4303 6.41203 16.7499C6.41203 17.0695 6.15293 17.3286 5.83332 17.3286H4.32869V18.8333C4.32869 19.1529 4.0696 19.412 3.74999 19.412C3.43038 19.412 3.17128 19.1529 3.17128 18.8333V17.3286H1.66666C1.34705 17.3286 1.08795 17.0695 1.08795 16.7499C1.08795 16.4303 1.34705 16.1712 1.66666 16.1712H3.17128V14.6666C3.17128 14.347 3.43038 14.0879 3.74999 14.0879Z"
+        fill="url(#paint0_linear_751_30516)"
+      />
+      <defs>
+        <linearGradient
+          id="paint0_linear_751_30516"
+          x1="9.99999"
+          y1="2.16659"
+          x2="9.99999"
+          y2="18.8333"
+          gradientUnits="userSpaceOnUse"
+        >
+          <stop stopColor="#69AEFF" />
+          <stop offset="0.432292" stopColor="#6096FF" />
+          <stop offset="1" stopColor="#6C7FFF" />
+        </linearGradient>
+      </defs>
+    </Icon>
+  );
+}
+
+export function IdeaIcon(props: IconProps) {
+  return (
+    <Icon
+      xmlns="http://www.w3.org/2000/svg"
+      width="16px"
+      height="17px"
+      viewBox="0 0 16 17"
+      fill="none"
+      {...props}
+    >
+      <g clipPath="url(#clip0_476_6070)">
+        <path
+          fillRule="evenodd"
+          clipRule="evenodd"
+          d="M7.99332 5.15158C6.36892 5.15158 5.05208 6.46841 5.05208 8.09281C5.05208 9.34731 5.83776 10.42 6.94621 10.8424L7.03206 10.8751C7.23883 10.9539 7.37547 11.1522 7.37547 11.3735V12.9745C7.37547 13.1218 7.49486 13.2412 7.64214 13.2412H8.34452C8.49179 13.2412 8.61118 13.1218 8.61118 12.9745V11.3735C8.61118 11.1522 8.74782 10.9539 8.95459 10.8751L9.04044 10.8424C10.1489 10.42 10.9346 9.3473 10.9346 8.09281C10.9346 6.46841 9.61772 5.15158 7.99332 5.15158ZM3.71875 8.09281C3.71875 5.73203 5.63254 3.81824 7.99332 3.81824C10.3541 3.81824 12.2679 5.73203 12.2679 8.09281C12.2679 9.75153 11.3233 11.1883 9.94452 11.8969V13.2656C9.94452 13.9885 9.35849 14.5745 8.63559 14.5745H7.35106C6.62816 14.5745 6.04214 13.9885 6.04214 13.2656V11.8969C4.6633 11.1883 3.71875 9.75154 3.71875 8.09281Z"
+          fill="currentColor"
+        />
+        <path
+          d="M7.32994 1.25651C7.32994 0.88832 7.62841 0.589844 7.9966 0.589844C8.36479 0.589844 8.66327 0.888321 8.66327 1.25651V2.26361C8.66327 2.6318 8.36479 2.93028 7.9966 2.93028C7.62841 2.93028 7.32994 2.6318 7.32994 2.26361V1.25651Z"
+          fill="currentColor"
+        />
+        <path
+          d="M12.4604 2.83205C12.7208 2.5717 13.1429 2.5717 13.4032 2.83205C13.6636 3.0924 13.6636 3.51451 13.4032 3.77486L12.6911 4.48699C12.4307 4.74734 12.0086 4.74734 11.7483 4.48699C11.4879 4.22664 11.4879 3.80453 11.7483 3.54418L12.4604 2.83205Z"
+          fill="currentColor"
+        />
+        <path
+          d="M14.9741 7.5739C15.3423 7.5739 15.6408 7.87238 15.6408 8.24057C15.6408 8.60876 15.3423 8.90724 14.9741 8.90724H13.967C13.5988 8.90724 13.3003 8.60876 13.3003 8.24057C13.3003 7.87238 13.5988 7.5739 13.967 7.5739H14.9741Z"
+          fill="currentColor"
+        />
+        <path
+          d="M13.3986 12.7043C13.6589 12.9647 13.6589 13.3868 13.3986 13.6472C13.1382 13.9075 12.7161 13.9075 12.4557 13.6472L11.7436 12.935C11.4833 12.6747 11.4833 12.2526 11.7436 11.9922C12.004 11.7319 12.4261 11.7319 12.6864 11.9922L13.3986 12.7043Z"
+          fill="currentColor"
+        />
+        <path
+          d="M3.52624 13.6425C3.2659 13.9028 2.84379 13.9028 2.58344 13.6425C2.32309 13.3821 2.32309 12.96 2.58344 12.6997L3.29556 11.9876C3.55591 11.7272 3.97802 11.7272 4.23837 11.9876C4.49872 12.2479 4.49872 12.67 4.23837 12.9304L3.52624 13.6425Z"
+          fill="currentColor"
+        />
+        <path
+          d="M1.01255 8.90065C0.644363 8.90065 0.345886 8.60217 0.345886 8.23398C0.345886 7.86579 0.644363 7.56732 1.01255 7.56732H2.01965C2.38784 7.56732 2.68632 7.86579 2.68632 8.23398C2.68632 8.60217 2.38784 8.90065 2.01965 8.90065H1.01255Z"
+          fill="currentColor"
+        />
+        <path
+          d="M2.5881 3.7702C2.32775 3.50985 2.32775 3.08774 2.5881 2.82739C2.84845 2.56704 3.27056 2.56704 3.53091 2.82739L4.24303 3.53952C4.50338 3.79987 4.50338 4.22198 4.24303 4.48233C3.98268 4.74268 3.56057 4.74268 3.30022 4.48233L2.5881 3.7702Z"
+          fill="currentColor"
+        />
+      </g>
+      <defs>
+        <clipPath id="clip0_476_6070">
+          <rect width="16" height="16" fill="white" transform="translate(-0.00665283 0.25)" />
+        </clipPath>
+      </defs>
+    </Icon>
+  );
+}
+
+export function RightArrowIcon(props: IconProps) {
+  return (
+    <Icon
+      xmlns="http://www.w3.org/2000/svg"
+      width="14px"
+      height="15px"
+      viewBox="0 0 14 15"
+      fill="currentcolor"
+      {...props}
+    >
+      <path
+        fillRule="evenodd"
+        clipRule="evenodd"
+        d="M7.74754 3.33785C7.51973 3.56565 7.51973 3.935 7.74754 4.1628L10.2517 6.66699H2.32668C2.00451 6.66699 1.74335 6.92816 1.74335 7.25033C1.74335 7.57249 2.00451 7.83366 2.32668 7.83366H10.2517L7.74754 10.3378C7.51973 10.5657 7.51973 10.935 7.74754 11.1628C7.97534 11.3906 8.34469 11.3906 8.57249 11.1628L12.0725 7.6628C12.3003 7.435 12.3003 7.06565 12.0725 6.83785L8.57249 3.33785C8.34469 3.11004 7.97534 3.11004 7.74754 3.33785Z"
+      />
+    </Icon>
+  );
+}
diff --git a/frontend/desktop/src/components/signin/auth/usePassword.tsx b/frontend/desktop/src/components/signin/auth/usePassword.tsx
index 1a33b6e718b..7c5324989cc 100644
--- a/frontend/desktop/src/components/signin/auth/usePassword.tsx
+++ b/frontend/desktop/src/components/signin/auth/usePassword.tsx
@@ -84,7 +84,7 @@ export default function usePassword({
                     const infoData = await UserInfo();
                     const payload = jwtDecode<AccessTokenPayload>(regionResult.data.token);
                     setSession({
-                      token: regionResult.data.token,
+                      token: regionResult.data.appToken, // fix cannot get appToken after login
                       user: {
                         k8s_username: payload.userCrName,
                         name: infoData.data?.info.nickname || '',
diff --git a/frontend/desktop/src/components/task/floatButton.tsx b/frontend/desktop/src/components/task/floatButton.tsx
new file mode 100644
index 00000000000..4a979ee2922
--- /dev/null
+++ b/frontend/desktop/src/components/task/floatButton.tsx
@@ -0,0 +1,44 @@
+import { Flex, Text } from '@chakra-ui/react';
+import { useTranslation } from 'next-i18next';
+import React from 'react';
+import { IdeaIcon } from '../icons';
+
+interface FloatingTaskButtonProps {
+  onClick: () => void;
+}
+
+const FloatingTaskButton: React.FC<FloatingTaskButtonProps> = ({ onClick }) => {
+  const { t } = useTranslation();
+
+  return (
+    <Flex
+      cursor={'pointer'}
+      flexDirection={'column'}
+      position="fixed"
+      bottom="80px"
+      right="0px"
+      zIndex={5}
+      borderRadius="var(--md, 8px) 0px 0px var(--md, 8px)"
+      border="1px solid rgba(255, 255, 255, 0.07)"
+      borderRight={'none'}
+      background="linear-gradient(0deg, rgba(49, 84, 231, 0.25) 0%, rgba(49, 84, 231, 0.25) 100%), rgba(220, 220, 224, 0.20)"
+      backgroundBlendMode="saturation, normal"
+      boxShadow="0px 12px 64px -4px rgba(0, 0, 0, 0.20)"
+      backdropFilter="blur(50px)"
+      padding="8px 6px"
+      alignItems="center"
+      gap="2px"
+      onClick={onClick}
+      _hover={{
+        bg: 'linear-gradient(0deg, rgba(49, 84, 231, 0.25) 0%, rgba(49, 84, 231, 0.25) 100%), rgba(220, 220, 224, 0.10)'
+      }}
+    >
+      <IdeaIcon color={'white'} width={'28px'} height={'28px'} />
+      <Text fontSize={'11px'} fontWeight={'500'} color={'white'}>
+        {t('common:newuser_benefit')}
+      </Text>
+    </Flex>
+  );
+};
+
+export default FloatingTaskButton;
diff --git a/frontend/desktop/src/components/task/taskModal.tsx b/frontend/desktop/src/components/task/taskModal.tsx
new file mode 100644
index 00000000000..b78c95413c4
--- /dev/null
+++ b/frontend/desktop/src/components/task/taskModal.tsx
@@ -0,0 +1,157 @@
+import { IdeaIcon, RightArrowIcon } from '@/components/icons';
+import { I18nCommonKey } from '@/types/i18next';
+import { UserTask } from '@/types/task';
+import { formatMoney } from '@/utils/format';
+import {
+  Box,
+  Button,
+  Flex,
+  HStack,
+  Image,
+  Modal,
+  ModalContent,
+  ModalOverlay,
+  Text,
+  VStack
+} from '@chakra-ui/react';
+import { useTranslation } from 'next-i18next';
+import React from 'react';
+
+interface TaskModalProps {
+  isOpen: boolean;
+  onClose: () => void;
+  tasks: UserTask[];
+  onTaskClick: (task: UserTask) => void;
+}
+
+const TaskModal: React.FC<TaskModalProps> = ({ isOpen, onClose, tasks, onTaskClick }) => {
+  const { t, i18n } = useTranslation();
+
+  const boxStyles = {
+    border: '1px solid rgba(60, 101, 172, 0.08)',
+    borderRadius: '6px',
+    padding: '16px 20px',
+    backgroundColor: '#FFFFFF',
+    width: '100%',
+    cursor: 'pointer'
+  };
+
+  return (
+    <Modal isOpen={isOpen} onClose={onClose} size="xl" isCentered closeOnOverlayClick={false}>
+      <ModalOverlay />
+      <ModalContent
+        maxW="900px"
+        w="90vw"
+        aspectRatio="3 / 2"
+        bg={'linear-gradient(180deg, #FFFDFD 9.04%, #F6F7FE 46.15%, #FAFAFF 87.5%)'}
+        borderRadius={'12px'}
+        overflow="hidden"
+      >
+        <Image
+          src="/images/driver-bg.png"
+          alt="background"
+          position="absolute"
+          top="0"
+          left="0"
+          width="100%"
+          height="100%"
+          objectFit="cover"
+          zIndex={-1}
+        />
+        <Box position="relative" zIndex={1} padding="16px" height="100%">
+          <Flex
+            height={'100%'}
+            flexDirection={'column'}
+            justifyContent={'center'}
+            alignItems={'center'}
+          >
+            <Box fontSize={'28px'} fontWeight={700} color={'grayModern.900'}>
+              {t('common:sealos_newcomer_benefits')}
+            </Box>
+            <VStack spacing={'12px'} mt={'48px'} w={'550px'} minW={'fit-content'} maxW={'600px'}>
+              {tasks.map((task) => (
+                <HStack key={task.id} {...boxStyles} onClick={() => onTaskClick(task)}>
+                  <Flex alignItems={'center'} width="100%">
+                    <Flex flex={1} alignItems={'center'} gap={'6px'}>
+                      <IdeaIcon />
+                      <Text
+                        lineHeight={'20px'}
+                        fontSize="14px"
+                        fontWeight={500}
+                        color="grayModern.900"
+                      >
+                        {task?.title?.[i18n.language]}
+                      </Text>
+                    </Flex>
+
+                    <Text
+                      flex={'0 0 80px'}
+                      fontWeight={500}
+                      color={'brightBlue.600'}
+                      fontSize={'12px'}
+                    >
+                      {t('common:balance')} +{formatMoney(Number(task.reward) || 0)}
+                    </Text>
+
+                    {task.isCompleted ? (
+                      <Text
+                        color={'green.600'}
+                        flex="0 0 70px"
+                        fontSize={'12px'}
+                        fontWeight={'500'}
+                      >
+                        {t('common:completed')}
+                      </Text>
+                    ) : (
+                      <Flex
+                        flex="0 0 70px"
+                        alignItems={'center'}
+                        gap={'4px'}
+                        _hover={{
+                          color: 'brightBlue.600'
+                        }}
+                      >
+                        <Text fontSize={'12px'} fontWeight={'500'}>
+                          {t('common:start_now')}
+                        </Text>
+                        <RightArrowIcon />
+                      </Flex>
+                    )}
+                  </Flex>
+                </HStack>
+              ))}
+            </VStack>
+
+            <Flex gap={'20px'} mt={'64px'}>
+              <Button
+                minW="140px"
+                variant={'solid'}
+                onClick={() => {
+                  const firstIncompleteTask = tasks.find((task) => !task.isCompleted);
+                  if (firstIncompleteTask) {
+                    onTaskClick(firstIncompleteTask);
+                  }
+                }}
+              >
+                {t('common:start_now')}
+              </Button>
+              <Button
+                minW="140px"
+                variant={'outline'}
+                onClick={onClose}
+                _hover={{
+                  bg: 'white',
+                  color: 'brightBlue.600'
+                }}
+              >
+                {t('common:view_later')}
+              </Button>
+            </Flex>
+          </Flex>
+        </Box>
+      </ModalContent>
+    </Modal>
+  );
+};
+
+export default TaskModal;
diff --git a/frontend/desktop/src/components/task/useDriver.tsx b/frontend/desktop/src/components/task/useDriver.tsx
new file mode 100644
index 00000000000..dcdbe41d02c
--- /dev/null
+++ b/frontend/desktop/src/components/task/useDriver.tsx
@@ -0,0 +1,349 @@
+import { checkUserTask, getUserTasks, updateTask } from '@/api/platform';
+import { AppStoreIcon, DBproviderIcon, DriverStarIcon, LaunchpadIcon } from '@/components/icons';
+import { useConfigStore } from '@/stores/config';
+import { useDesktopConfigStore } from '@/stores/desktopConfig';
+import { UserTask } from '@/types/task';
+import { Box, Button, Flex, FlexProps, Icon, Image, Text, useMediaQuery } from '@chakra-ui/react';
+import { driver } from '@sealos/driver';
+import { useTranslation } from 'next-i18next';
+import { useEffect, useState } from 'react';
+
+export default function useDriver() {
+  const { t } = useTranslation();
+  const [desktopGuide, setDesktopGuide] = useState(false);
+  const { layoutConfig } = useConfigStore();
+  const [tasks, setTasks] = useState<UserTask[]>([]);
+  const [isPC] = useMediaQuery('(min-width: 768px)', {
+    ssr: true,
+    fallback: false // return false on the server, and re-evaluate on the client side
+  });
+  const conf = useConfigStore().commonConfig;
+  const { taskComponentState, setTaskComponentState } = useDesktopConfigStore();
+  const { canShowGuide } = useDesktopConfigStore();
+
+  useEffect(() => {
+    const fetchUserTasks = async () => {
+      await checkUserTask();
+      const data = await getUserTasks();
+      setTasks(data.data);
+    };
+    fetchUserTasks();
+  }, [taskComponentState]);
+
+  useEffect(() => {
+    const handleUserGuide = async () => {
+      const data = await getUserTasks();
+      setTasks(data.data);
+      const desktopTask = data.data.find((task) => task.taskType === 'DESKTOP');
+      const allTasksCompleted = data.data.every((task) => task.isCompleted);
+
+      if (!desktopTask?.isCompleted && desktopTask?.id) {
+        setTaskComponentState('none');
+        setDesktopGuide(true);
+      } else if (allTasksCompleted) {
+        setTaskComponentState('none');
+      } else {
+        setTaskComponentState(taskComponentState !== 'none' ? taskComponentState : 'button');
+      }
+    };
+
+    if (isPC && conf?.guideEnabled && canShowGuide) {
+      handleUserGuide();
+    } else {
+      setDesktopGuide(false);
+    }
+    // eslint-disable-next-line react-hooks/exhaustive-deps
+  }, [conf?.guideEnabled, isPC, canShowGuide]);
+
+  const completeGuide = async () => {
+    try {
+      if (!tasks.length) return;
+      setDesktopGuide(false);
+      const desktopTask = tasks.find((task) => task.taskType === 'DESKTOP');
+      if (desktopTask) {
+        await updateTask(desktopTask.id);
+        setTaskComponentState('modal');
+      }
+    } catch (error) {}
+  };
+
+  const handleCloseTaskModal = () => {
+    setTaskComponentState('button');
+  };
+
+  const checkAllTasksCompleted = () => {
+    const allCompleted = tasks.every((task) => task.isCompleted);
+    if (allCompleted) {
+      setTaskComponentState('none');
+    }
+    return allCompleted;
+  };
+
+  const PopoverBodyInfo = (props: FlexProps) => (
+    <Flex
+      gap="4px"
+      id="popover-info"
+      position={'absolute'}
+      bottom={'-30px'}
+      color={'white'}
+      alignItems={'center'}
+      {...props}
+    >
+      <Text color={'#FFF'} fontSize={'13px'} fontWeight={500}>
+        {t('common:click_on_any_shadow_to_skip')}
+      </Text>
+      <Icon
+        xmlns="http://www.w3.org/2000/svg"
+        width="20"
+        height="20"
+        viewBox="0 0 20 20"
+        fill="white"
+      >
+        <path
+          fillRule="evenodd"
+          clipRule="evenodd"
+          d="M7.50001 0.97229C7.88354 0.97229 8.19445 1.2832 8.19445 1.66673V2.91673C8.19445 3.30027 7.88354 3.61118 7.50001 3.61118C7.11648 3.61118 6.80556 3.30027 6.80556 2.91673V1.66673C6.80556 1.2832 7.11648 0.97229 7.50001 0.97229ZM2.84229 2.84235C3.11349 2.57116 3.55319 2.57116 3.82439 2.84235L4.70827 3.72624C4.97947 3.99744 4.97947 4.43713 4.70827 4.70833C4.43707 4.97953 3.99737 4.97953 3.72618 4.70833L2.84229 3.82445C2.5711 3.55325 2.5711 3.11355 2.84229 2.84235ZM12.2083 2.84235C12.4795 3.11355 12.4795 3.55325 12.2083 3.82445L11.3244 4.70833C11.0532 4.97953 10.6135 4.97953 10.3423 4.70833C10.0711 4.43713 10.0711 3.99744 10.3423 3.72624L11.2262 2.84235C11.4974 2.57116 11.9371 2.57116 12.2083 2.84235ZM8.05107 6.36654C8.05921 6.36904 8.06735 6.37155 8.07548 6.37406L17.4584 9.26437C17.6747 9.33097 17.8794 9.394 18.0383 9.45881C18.183 9.51788 18.4465 9.63567 18.6129 9.8969C18.8034 10.1959 18.8398 10.5678 18.7109 10.8981C18.5983 11.1866 18.3627 11.3532 18.2321 11.4393C18.0888 11.5336 17.9002 11.6352 17.7009 11.7425L13.8279 13.828L11.7424 17.701C11.6351 17.9003 11.5336 18.0889 11.4392 18.2322C11.3531 18.3628 11.1865 18.5984 10.898 18.711C10.5677 18.8399 10.1958 18.8035 9.8968 18.613C9.63557 18.4466 9.51779 18.1831 9.45872 18.0384C9.39391 17.8795 9.33088 17.6748 9.26429 17.4586L6.37399 8.07554C6.37148 8.0674 6.36897 8.05926 6.36647 8.05112C6.31285 7.87717 6.25951 7.70409 6.2288 7.55823C6.19822 7.413 6.15971 7.17003 6.25365 6.91402C6.36609 6.60762 6.60756 6.36615 6.91396 6.25371C7.16997 6.15977 7.41294 6.19829 7.55817 6.22886C7.70404 6.25957 7.87712 6.31292 8.05107 6.36654ZM7.71679 7.71686L10.564 16.9599L12.609 13.1621C12.6112 13.158 12.6136 13.1535 12.6162 13.1486C12.6422 13.0999 12.6884 13.0133 12.7511 12.9339C12.8047 12.8661 12.866 12.8048 12.9339 12.7512C13.0132 12.6884 13.0999 12.6422 13.1485 12.6163C13.1535 12.6137 13.158 12.6112 13.1621 12.609L16.9598 10.5641L7.71679 7.71686ZM0.972229 7.50007C0.972229 7.11654 1.28314 6.80562 1.66667 6.80562H2.91667C3.3002 6.80562 3.61112 7.11654 3.61112 7.50007C3.61112 7.8836 3.3002 8.19451 2.91667 8.19451H1.66667C1.28314 8.19451 0.972229 7.8836 0.972229 7.50007ZM4.70827 10.3424C4.97947 10.6136 4.97947 11.0532 4.70827 11.3244L3.82439 12.2083C3.55319 12.4795 3.11349 12.4795 2.84229 12.2083C2.5711 11.9371 2.5711 11.4974 2.84229 11.2262L3.72618 10.3424C3.99737 10.0712 4.43707 10.0712 4.70827 10.3424Z"
+        />
+      </Icon>
+    </Flex>
+  );
+
+  const driverObj = driver({
+    showProgress: false,
+    allowClose: false,
+    allowClickMaskNextStep: true,
+    // allowPreviousStep: true,
+    isShowButtons: false,
+    allowKeyboardControl: false,
+    disableActiveInteraction: true,
+    steps: [
+      {
+        element: '.apps-container',
+        popover: {
+          side: 'left',
+          align: 'center',
+          borderRadius: '12px 12px 0px 12px',
+          PopoverBody: (
+            <Flex gap={'6px'}>
+              <DriverStarIcon />
+              <Flex flexDirection={'column'}>
+                <Text color={'grayModern.900'} fontSize={'13px'} fontWeight={500}>
+                  {t('common:application_desktop')}
+                </Text>
+                <Text fontSize={'12px'} color={'grayModern.600'} fontWeight={500}>
+                  {t('common:application_desktop_tips')}
+                </Text>
+              </Flex>
+              <PopoverBodyInfo />
+            </Flex>
+          )
+        }
+      },
+      {
+        element: '.system-applaunchpad',
+        popover: {
+          side: 'bottom',
+          align: 'start',
+          borderRadius: '0px 12px 12px 12px',
+          PopoverBody: (
+            <Flex gap={'6px'}>
+              <DriverStarIcon />
+              <Text color={'#24282C'} fontSize={'13px'} fontWeight={500}>
+                {t('common:guide_applaunchpad')}
+              </Text>
+              <PopoverBodyInfo />
+            </Flex>
+          )
+        }
+      },
+      {
+        element: '.system-dbprovider',
+        popover: {
+          side: 'bottom',
+          align: 'start',
+          borderRadius: '0px 12px 12px 12px',
+          PopoverBody: (
+            <Flex gap={'6px'}>
+              <DriverStarIcon />
+              <Text color={'#24282C'} fontSize={'13px'} fontWeight={500}>
+                {t('common:guide_dbprovider')}
+              </Text>
+              <PopoverBodyInfo />
+            </Flex>
+          )
+        }
+      },
+      {
+        element: '.system-objectstorage',
+        popover: {
+          side: 'bottom',
+          align: 'start',
+          borderRadius: '0px 12px 12px 12px',
+          PopoverBody: (
+            <Flex gap={'6px'}>
+              <DriverStarIcon />
+              <Text color={'#24282C'} fontSize={'13px'} fontWeight={500}>
+                {t('common:guide_objectstorage')}
+              </Text>
+              <PopoverBodyInfo />
+            </Flex>
+          )
+        }
+      },
+      {
+        element: '.system-template',
+        popover: {
+          side: 'left',
+          align: 'center',
+          borderRadius: '12px 12px 0px 12px',
+          PopoverBody: (
+            <Flex gap={'6px'}>
+              <DriverStarIcon />
+              <Text color={'#24282C'} fontSize={'13px'} fontWeight={500}>
+                {t('common:launch_various_third-party_applications_with_one_click')}
+              </Text>
+              <PopoverBodyInfo top={'-120px'} />
+            </Flex>
+          )
+        }
+      }
+    ],
+    onDestroyed: () => {
+      completeGuide();
+    }
+  });
+
+  const startGuide = () => {
+    setDesktopGuide(false);
+    driverObj.drive();
+  };
+
+  const boxStyles: FlexProps = {
+    border: '1px solid #69AEFF',
+    borderRadius: '8px',
+    padding: '24px',
+    backgroundColor: '#FFFFFF',
+    boxShadow: '0px 4px 40px 0px rgba(19, 51, 107, 0.10), 0px 0px 1px 0px rgba(19, 51, 107, 0.10)',
+    flexDirection: 'column',
+    maxW: '188px'
+  };
+
+  const UserGuide = () => (
+    <Box
+      zIndex={11100}
+      position="fixed"
+      top="50%"
+      left="50%"
+      transform="translate(-50%, -50%)"
+      bg={'linear-gradient(180deg, #FFFDFD 9.04%, #F6F7FE 46.15%, #FAFAFF 87.5%)'}
+      borderRadius={'12px'}
+      overflow="hidden"
+      width="90vw"
+      maxWidth="900px"
+      aspectRatio="3 / 2"
+    >
+      <Image
+        src="/images/driver-bg.png"
+        alt="driver"
+        position="absolute"
+        top="0"
+        left="0"
+        width="100%"
+        height="100%"
+        objectFit="cover"
+        zIndex={-1}
+      />
+      <Box position="relative" zIndex={1} padding="16px" height="100%">
+        <Flex
+          height={'100%'}
+          flexDirection={'column'}
+          justifyContent={'center'}
+          alignItems={'center'}
+        >
+          <Box fontSize={'28px'} fontWeight={500}>
+            {t('common:hello_welcome')}
+            <Text display={'inline'} color={'#0884DD'} px="8px">
+              {layoutConfig?.meta.title}
+            </Text>
+            👏
+          </Box>
+          <Box fontSize={'18px'} fontWeight={500} mt={'54px'}>
+            {t('common:you_can_complete_the_following_operations')}
+          </Box>
+          <Flex gap={'26px'} mt={'28px'}>
+            <Flex {...boxStyles}>
+              <Flex justifyContent={'start'} alignItems={'center'} gap={'6px'}>
+                <LaunchpadIcon />
+                <Text fontSize="14px" fontWeight={500} color="grayModern.900">
+                  {t('common:usertask.task_launchpad_title')}
+                </Text>
+              </Flex>
+              <Text fontSize="12px" fontWeight={400} color="grayModern.500" marginTop="12px">
+                {t('common:usertask.task_launchpad_desc')}
+              </Text>
+            </Flex>
+            <Flex {...boxStyles}>
+              <Flex alignItems={'center'} gap={'6px'}>
+                <DBproviderIcon />
+                <Text fontSize="14px" fontWeight={500} color="grayModern.900">
+                  {t('common:usertask.task_database_title')}
+                </Text>
+              </Flex>
+              <Text fontSize="12px" fontWeight={400} color="grayModern.500" marginTop="12px">
+                {t('common:usertask.task_database_desc')}
+              </Text>
+            </Flex>
+            <Flex {...boxStyles}>
+              <Flex alignItems={'center'} gap={'6px'}>
+                <AppStoreIcon />
+                <Text fontSize="14px" fontWeight={500} color="grayModern.900">
+                  {t('common:usertask.task_appstore_title')}
+                </Text>
+              </Flex>
+              <Text fontSize="12px" fontWeight={400} color="grayModern.500" marginTop="12px">
+                {t('common:usertask.task_appstore_desc')}
+              </Text>
+            </Flex>
+          </Flex>
+
+          <Button
+            minW="206px"
+            mt="46px"
+            variant={'solid'}
+            rightIcon={
+              <Icon
+                xmlns="http://www.w3.org/2000/svg"
+                width="16px"
+                height="16px"
+                viewBox="0 0 16 16"
+                fill="none"
+              >
+                <path
+                  d="M3.33331 8.00001H12.6666M12.6666 8.00001L7.99998 3.33334M12.6666 8.00001L7.99998 12.6667"
+                  stroke="white"
+                  strokeWidth="1.33333"
+                  strokeLinecap="round"
+                  strokeLinejoin="round"
+                />
+              </Icon>
+            }
+            onClick={() => {
+              startGuide();
+            }}
+          >
+            {t('common:start_your_sealos_journey')}
+          </Button>
+        </Flex>
+      </Box>
+    </Box>
+  );
+
+  return {
+    UserGuide,
+    desktopGuide,
+    tasks,
+    handleCloseTaskModal,
+    checkAllTasksCompleted,
+    setTaskComponentState
+  };
+}
diff --git a/frontend/desktop/src/constants/account.ts b/frontend/desktop/src/constants/account.ts
index 900ed14c22e..47b10618396 100644
--- a/frontend/desktop/src/constants/account.ts
+++ b/frontend/desktop/src/constants/account.ts
@@ -1,2 +1,4 @@
 export const GUIDE_DESKTOP_INDEX_KEY = 'frontend.guide.desktop.index';
 export const LicenseFrontendKey = 'cloud.sealos.io/license-frontend';
+
+export const templateDeployKey = 'cloud.sealos.io/deploy-on-sealos';
diff --git a/frontend/desktop/src/hooks/useDriver.tsx b/frontend/desktop/src/hooks/useDriver.tsx
deleted file mode 100644
index de363b85fb5..00000000000
--- a/frontend/desktop/src/hooks/useDriver.tsx
+++ /dev/null
@@ -1,346 +0,0 @@
-import { getPriceBonus, getUserAccount, updateDesktopGuide } from '@/api/platform';
-import { GUIDE_DESKTOP_INDEX_KEY } from '@/constants/account';
-import { formatMoney } from '@/utils/format';
-import { Box, Button, Flex, FlexProps, Icon, Image, Text } from '@chakra-ui/react';
-import { driver } from '@sealos/driver';
-import { useTranslation } from 'next-i18next';
-import { useRouter } from 'next/router';
-import { useEffect, useState } from 'react';
-import { useConfigStore } from '@/stores/config';
-
-export function DriverStarIcon() {
-  return (
-    <Icon
-      xmlns="http://www.w3.org/2000/svg"
-      width="20px"
-      height="20px"
-      viewBox="0 0 20 20"
-      fill="none"
-    >
-      <path
-        fillRule="evenodd"
-        clipRule="evenodd"
-        d="M3.74999 1.08789C4.0696 1.08789 4.32869 1.34699 4.32869 1.66659V3.17122H5.83332C6.15293 3.17122 6.41203 3.43032 6.41203 3.74993C6.41203 4.06954 6.15293 4.32863 5.83332 4.32863H4.32869V5.83326C4.32869 6.15287 4.0696 6.41196 3.74999 6.41196C3.43038 6.41196 3.17128 6.15287 3.17128 5.83326V4.32863H1.66666C1.34705 4.32863 1.08795 4.06954 1.08795 3.74993C1.08795 3.43032 1.34705 3.17122 1.66666 3.17122H3.17128V1.66659C3.17128 1.34699 3.43038 1.08789 3.74999 1.08789ZM10.8333 1.92122C11.0728 1.92122 11.2875 2.06869 11.3735 2.29218L12.8186 6.04957C13.0643 6.68827 13.1548 6.91187 13.2853 7.09548C13.4098 7.27051 13.5627 7.42344 13.7378 7.54791C13.9214 7.67846 14.145 7.769 14.7837 8.01465L18.5411 9.4598C18.7646 9.54576 18.912 9.76048 18.912 9.99993C18.912 10.2394 18.7646 10.4541 18.5411 10.5401L14.7837 11.9852C14.145 12.2309 13.9214 12.3214 13.7378 12.4519C13.5627 12.5764 13.4098 12.7293 13.2853 12.9044C13.1548 13.088 13.0643 13.3116 12.8186 13.9503L11.3735 17.7077C11.2875 17.9312 11.0728 18.0786 10.8333 18.0786C10.5939 18.0786 10.3792 17.9312 10.2932 17.7077L8.84804 13.9503C8.60239 13.3116 8.51186 13.088 8.3813 12.9044C8.25684 12.7293 8.10391 12.5764 7.92887 12.4519C7.74526 12.3214 7.52166 12.2309 6.88297 11.9852L3.12558 10.5401C2.90209 10.4541 2.75462 10.2394 2.75462 9.99993C2.75462 9.76048 2.90209 9.54576 3.12558 9.4598L6.88296 8.01465C7.52166 7.769 7.74526 7.67846 7.92887 7.54791C8.10391 7.42345 8.25684 7.27051 8.3813 7.09548C8.51186 6.91187 8.60239 6.68827 8.84804 6.04957L10.2932 2.29219C10.3791 2.06869 10.5939 1.92122 10.8333 1.92122ZM10.8333 4.11201L9.9283 6.46506C9.91949 6.48797 9.9108 6.51059 9.90222 6.53291C9.69245 7.07876 9.55023 7.44881 9.32456 7.76619C9.12512 8.04667 8.88006 8.29173 8.59958 8.49117C8.28221 8.71684 7.91216 8.85905 7.36631 9.06883C7.34398 9.0774 7.32137 9.0861 7.29845 9.09491L4.9454 9.99993L7.29845 10.9049C7.32137 10.9138 7.34398 10.9225 7.36631 10.931C7.91216 11.1408 8.28221 11.283 8.59958 11.5087C8.88006 11.7081 9.12512 11.9532 9.32456 12.2337C9.55023 12.551 9.69245 12.9211 9.90222 13.4669C9.9108 13.4893 9.91949 13.5119 9.9283 13.5348L10.8333 15.8878L11.7383 13.5348C11.7472 13.5119 11.7558 13.4893 11.7644 13.467C11.9742 12.9211 12.1164 12.551 12.3421 12.2337C12.5415 11.9532 12.7866 11.7081 13.0671 11.5087C13.3844 11.283 13.7545 11.1408 14.3003 10.931C14.3227 10.9225 14.3453 10.9138 14.3682 10.9049L16.7212 9.99993L14.3682 9.09491C14.3453 9.0861 14.3227 9.07741 14.3004 9.06883C13.7545 8.85906 13.3844 8.71684 13.0671 8.49117C12.7866 8.29173 12.5415 8.04667 12.3421 7.76619C12.1164 7.44881 11.9742 7.07876 11.7644 6.53291C11.7558 6.51059 11.7472 6.48797 11.7383 6.46505L10.8333 4.11201ZM3.74999 13.5879C4.0696 13.5879 4.32869 13.847 4.32869 14.1666V15.6712H5.83332C6.15293 15.6712 6.41203 15.9303 6.41203 16.2499C6.41203 16.5695 6.15293 16.8286 5.83332 16.8286H4.32869V18.3333C4.32869 18.6529 4.0696 18.912 3.74999 18.912C3.43038 18.912 3.17128 18.6529 3.17128 18.3333V16.8286H1.66666C1.34705 16.8286 1.08795 16.5695 1.08795 16.2499C1.08795 15.9303 1.34705 15.6712 1.66666 15.6712H3.17128V14.1666C3.17128 13.847 3.43038 13.5879 3.74999 13.5879Z"
-        fill="url(#paint0_linear_317_238)"
-      />
-      <defs>
-        <linearGradient
-          id="paint0_linear_317_238"
-          x1="9.99999"
-          y1="1.66659"
-          x2="9.99999"
-          y2="18.3333"
-          gradientUnits="userSpaceOnUse"
-        >
-          <stop stopColor="#69AEFF" />
-          <stop offset="0.432292" stopColor="#6096FF" />
-          <stop offset="1" stopColor="#6C7FFF" />
-        </linearGradient>
-      </defs>
-    </Icon>
-  );
-}
-
-export default function useDriver({ openDesktopApp }: { openDesktopApp: any }) {
-  const { t, i18n } = useTranslation();
-  const [showGuide, setShowGuide] = useState(false);
-  const [giftAmount, setGiftAmount] = useState(8);
-  const router = useRouter();
-
-  const conf = useConfigStore().commonConfig;
-  const handleSkipGuide = () => {
-    setShowGuide(false);
-    updateDesktopGuide().catch((err) => {
-      console.log(err);
-    });
-  };
-
-  useEffect(() => {
-    const handleUserGuide = async () => {
-      try {
-        if (!conf?.guideEnabled) return;
-        const { data } = await getUserAccount();
-        const bonus = await getPriceBonus();
-        if (bonus.data?.activities) {
-          const strategy = JSON.parse(bonus.data?.activities);
-          const rewardBalance = formatMoney(
-            strategy?.['beginner-guide']?.phases?.launchpad?.giveAmount || 8000000
-          );
-          setGiftAmount(rewardBalance);
-        }
-
-        if (data?.metadata?.annotations && !router.query?.openapp) {
-          const isGuidedDesktop = !!data.metadata.annotations?.[GUIDE_DESKTOP_INDEX_KEY];
-          !isGuidedDesktop ? setShowGuide(true) : '';
-        }
-      } catch (error) {}
-    };
-    conf?.guideEnabled && handleUserGuide();
-    // eslint-disable-next-line react-hooks/exhaustive-deps
-  }, [conf]);
-
-  const PopoverBodyInfo = (props: FlexProps) => (
-    <Flex
-      gap="4px"
-      id="popover-info"
-      position={'absolute'}
-      bottom={'-30px'}
-      color={'white'}
-      alignItems={'center'}
-      {...props}
-    >
-      <Text color={'#FFF'} fontSize={'13px'} fontWeight={500}>
-        {t('common:click_on_any_shadow_to_skip')}
-      </Text>
-      <Icon
-        xmlns="http://www.w3.org/2000/svg"
-        width="20"
-        height="20"
-        viewBox="0 0 20 20"
-        fill="white"
-      >
-        <path
-          fillRule="evenodd"
-          clipRule="evenodd"
-          d="M7.50001 0.97229C7.88354 0.97229 8.19445 1.2832 8.19445 1.66673V2.91673C8.19445 3.30027 7.88354 3.61118 7.50001 3.61118C7.11648 3.61118 6.80556 3.30027 6.80556 2.91673V1.66673C6.80556 1.2832 7.11648 0.97229 7.50001 0.97229ZM2.84229 2.84235C3.11349 2.57116 3.55319 2.57116 3.82439 2.84235L4.70827 3.72624C4.97947 3.99744 4.97947 4.43713 4.70827 4.70833C4.43707 4.97953 3.99737 4.97953 3.72618 4.70833L2.84229 3.82445C2.5711 3.55325 2.5711 3.11355 2.84229 2.84235ZM12.2083 2.84235C12.4795 3.11355 12.4795 3.55325 12.2083 3.82445L11.3244 4.70833C11.0532 4.97953 10.6135 4.97953 10.3423 4.70833C10.0711 4.43713 10.0711 3.99744 10.3423 3.72624L11.2262 2.84235C11.4974 2.57116 11.9371 2.57116 12.2083 2.84235ZM8.05107 6.36654C8.05921 6.36904 8.06735 6.37155 8.07548 6.37406L17.4584 9.26437C17.6747 9.33097 17.8794 9.394 18.0383 9.45881C18.183 9.51788 18.4465 9.63567 18.6129 9.8969C18.8034 10.1959 18.8398 10.5678 18.7109 10.8981C18.5983 11.1866 18.3627 11.3532 18.2321 11.4393C18.0888 11.5336 17.9002 11.6352 17.7009 11.7425L13.8279 13.828L11.7424 17.701C11.6351 17.9003 11.5336 18.0889 11.4392 18.2322C11.3531 18.3628 11.1865 18.5984 10.898 18.711C10.5677 18.8399 10.1958 18.8035 9.8968 18.613C9.63557 18.4466 9.51779 18.1831 9.45872 18.0384C9.39391 17.8795 9.33088 17.6748 9.26429 17.4586L6.37399 8.07554C6.37148 8.0674 6.36897 8.05926 6.36647 8.05112C6.31285 7.87717 6.25951 7.70409 6.2288 7.55823C6.19822 7.413 6.15971 7.17003 6.25365 6.91402C6.36609 6.60762 6.60756 6.36615 6.91396 6.25371C7.16997 6.15977 7.41294 6.19829 7.55817 6.22886C7.70404 6.25957 7.87712 6.31292 8.05107 6.36654ZM7.71679 7.71686L10.564 16.9599L12.609 13.1621C12.6112 13.158 12.6136 13.1535 12.6162 13.1486C12.6422 13.0999 12.6884 13.0133 12.7511 12.9339C12.8047 12.8661 12.866 12.8048 12.9339 12.7512C13.0132 12.6884 13.0999 12.6422 13.1485 12.6163C13.1535 12.6137 13.158 12.6112 13.1621 12.609L16.9598 10.5641L7.71679 7.71686ZM0.972229 7.50007C0.972229 7.11654 1.28314 6.80562 1.66667 6.80562H2.91667C3.3002 6.80562 3.61112 7.11654 3.61112 7.50007C3.61112 7.8836 3.3002 8.19451 2.91667 8.19451H1.66667C1.28314 8.19451 0.972229 7.8836 0.972229 7.50007ZM4.70827 10.3424C4.97947 10.6136 4.97947 11.0532 4.70827 11.3244L3.82439 12.2083C3.55319 12.4795 3.11349 12.4795 2.84229 12.2083C2.5711 11.9371 2.5711 11.4974 2.84229 11.2262L3.72618 10.3424C3.99737 10.0712 4.43707 10.0712 4.70827 10.3424Z"
-        />
-      </Icon>
-    </Flex>
-  );
-
-  const driverObj = driver({
-    showProgress: false,
-    allowClose: false,
-    allowClickMaskNextStep: true,
-    allowPreviousStep: true,
-    isShowButtons: false,
-    allowKeyboardControl: false,
-    disableActiveInteraction: true,
-    steps: [
-      {
-        element: '.floatButtonNav',
-        popover: {
-          side: 'left',
-          align: 'center',
-          borderRadius: '12px 12px 0px 12px',
-          PopoverBody: (
-            <Flex gap={'6px'}>
-              <DriverStarIcon />
-              <Text color={'#24282C'} fontSize={'13px'}>
-                {t('common:quick_application_switching_floating_ball')}
-              </Text>
-              <PopoverBodyInfo />
-            </Flex>
-          )
-        }
-      },
-      {
-        element: '.system-terminal',
-        popover: {
-          side: 'bottom',
-          align: 'start',
-          borderRadius: '0px 12px 12px 12px',
-          PopoverBody: (
-            <Flex gap={'6px'}>
-              <DriverStarIcon />
-              <Text color={'#24282C'} fontSize={'13px'}>
-                {t('common:you_can_use_the_kubectl_command_directly_from_the_terminal')}
-              </Text>
-              <PopoverBodyInfo />
-            </Flex>
-          )
-        }
-      },
-      {
-        element: '.system-dbprovider',
-        popover: {
-          side: 'bottom',
-          align: 'start',
-          borderRadius: '0px 12px 12px 12px',
-          PopoverBody: (
-            <Flex gap={'6px'}>
-              <DriverStarIcon />
-              <Text color={'#24282C'} fontSize={'13px'}>
-                {t('common:help_you_enable_high_availability_database')}
-              </Text>
-              <PopoverBodyInfo />
-            </Flex>
-          )
-        }
-      },
-      {
-        element: '.system-template',
-        popover: {
-          side: 'left',
-          align: 'center',
-          borderRadius: '12px 12px 0px 12px',
-          PopoverBody: (
-            <Flex gap={'6px'}>
-              <DriverStarIcon />
-              <Text color={'#24282C'} fontSize={'13px'}>
-                {t('common:launch_various_third-party_applications_with_one_click')}
-              </Text>
-              <PopoverBodyInfo top={'-120px'} />
-            </Flex>
-          )
-        }
-      },
-      {
-        element: '.system-costcenter',
-        popover: {
-          side: 'top',
-          align: 'start',
-          borderRadius: '12px 12px 12px 0px',
-          PopoverBody: (
-            <Flex gap={'6px'}>
-              <DriverStarIcon />
-              <Text color={'#24282C'} fontSize={'13px'}>
-                {t('common:you_can_view_fees_through_the_fee_center')}
-              </Text>
-              <PopoverBodyInfo top={'-120px'} />
-            </Flex>
-          )
-        }
-      },
-      {
-        element: '.system-applaunchpad',
-        popover: {
-          side: 'left',
-          align: 'start',
-          borderRadius: '12px 0px 12px 12px',
-          onPopoverRender: () => {
-            const svg = driverObj.getState('__overlaySvg');
-            if (svg) {
-              const pathElement = svg.querySelector('path');
-              if (pathElement) {
-                pathElement.style.pointerEvents = 'none';
-              }
-            }
-          },
-          PopoverBody: (
-            <Box color={'#24282C'} padding={'10px'}>
-              <Flex gap={'6px'}>
-                <DriverStarIcon />
-                <Text fontSize={'16px'} fontWeight={'600'}>
-                  {t('common:deploy_an_application')}
-                </Text>
-              </Flex>
-              <Box fontSize={'13px'} fontWeight={500} mt="12px">
-                {t('common:spend')}
-                <Text color={'#219BF4'} display={'inline'} px="2px">
-                  30s
-                </Text>
-                {t('common:completed_the_deployment_of_an_nginx_for_the_first_time')}
-                <Text color={'#219BF4'} display={'inline'} px="2px">
-                  {t('common:gift_amount', { amount: giftAmount })}
-                </Text>
-              </Box>
-              <Flex mt="20px">
-                <Button
-                  color={'#24282C'}
-                  fontSize={'12px'}
-                  p="4px 16px"
-                  border={'1px solid #DEE0E2'}
-                  bg="#FFF"
-                  ml="auto"
-                  borderRadius={'4px'}
-                  cursor={'pointer'}
-                  onClick={() => {
-                    driverObj.destroy();
-                  }}
-                >
-                  {t('common:next_time')}
-                </Button>
-                <Button
-                  ml="12px"
-                  color={'#FEFEFE'}
-                  fontSize={'12px'}
-                  p="4px 16px"
-                  bg="#000"
-                  borderRadius={'4px'}
-                  cursor={'pointer'}
-                  onClick={() => {
-                    driverObj.destroy();
-                    openDesktopApp({ appKey: 'system-applaunchpad', pathname: '/app/edit' });
-                  }}
-                >
-                  {t('common:start_immediately')}
-                </Button>
-              </Flex>
-            </Box>
-          )
-        }
-      }
-    ],
-    onDestroyed: () => {
-      console.log('onDestroyed');
-      handleSkipGuide();
-    }
-  });
-
-  const startGuide = () => {
-    setShowGuide(false);
-    driverObj.drive();
-  };
-
-  const UserGuide = () => (
-    <Box
-      zIndex={11100}
-      position="fixed"
-      top="50%"
-      left="50%"
-      transform="translate(-50%, -50%)"
-      bg={'linear-gradient(180deg, #FFFDFD 9.04%, #F6F7FE 46.15%, #FAFAFF 87.5%)'}
-      borderRadius={'12px'}
-    >
-      <Image src="/images/driver-bg.png" alt="driver" draggable="false" userSelect={'none'} />
-      <Flex
-        flexDirection={'column'}
-        justifyContent={'center'}
-        alignItems={'center'}
-        position={'absolute'}
-        top="50%"
-        left="50%"
-        transform="translate(-50%, -50%)"
-      >
-        <Box fontSize={'32px'} fontWeight={500}>
-          {t('common:hello_welcome')}
-          <Text display={'inline'} color={'#0884DD'} px="8px">
-            Sealos
-          </Text>
-          👏
-        </Box>
-        <Button
-          w="206px"
-          mt="46px"
-          variant={'primary'}
-          bg="#121416"
-          rightIcon={
-            <Icon
-              xmlns="http://www.w3.org/2000/svg"
-              width="16px"
-              height="16px"
-              viewBox="0 0 16 16"
-              fill="none"
-            >
-              <path
-                d="M3.33331 8.00001H12.6666M12.6666 8.00001L7.99998 3.33334M12.6666 8.00001L7.99998 12.6667"
-                stroke="white"
-                strokeWidth="1.33333"
-                strokeLinecap="round"
-                strokeLinejoin="round"
-              />
-            </Icon>
-          }
-          onClick={() => {
-            startGuide();
-          }}
-        >
-          {t('common:start_your_sealos_journey')}
-        </Button>
-      </Flex>
-    </Box>
-  );
-
-  return { UserGuide, showGuide, startGuide };
-}
diff --git a/frontend/desktop/src/pages/api/account/checkTask.ts b/frontend/desktop/src/pages/api/account/checkTask.ts
new file mode 100644
index 00000000000..fc854ce5026
--- /dev/null
+++ b/frontend/desktop/src/pages/api/account/checkTask.ts
@@ -0,0 +1,103 @@
+import { verifyAccessToken, verifyAppToken } from '@/services/backend/auth';
+import { globalPrisma } from '@/services/backend/db/init';
+import { getUserKubeconfigNotPatch } from '@/services/backend/kubernetes/admin';
+import { K8sApi } from '@/services/backend/kubernetes/user';
+import { jsonRes } from '@/services/backend/response';
+import { switchKubeconfigNamespace } from '@/utils/switchKubeconfigNamespace';
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { TaskStatus, TaskType } from 'prisma/global/generated/client';
+import * as k8s from '@kubernetes/client-node';
+import { templateDeployKey } from '@/constants/account';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  try {
+    const payload = (await verifyAccessToken(req.headers)) || (await verifyAppToken(req.headers));
+    if (!payload) return jsonRes(res, { code: 401, message: 'Failed to get info' });
+    const namespace = payload.workspaceId;
+    const _kc = await getUserKubeconfigNotPatch(payload.userCrName);
+    if (!_kc) return jsonRes(res, { code: 404, message: 'User is not found' });
+    const realKc = switchKubeconfigNamespace(_kc, namespace);
+    const kc = K8sApi(realKc);
+    if (!kc) return jsonRes(res, { code: 404, message: 'The kubeconfig is not found' });
+
+    const k8sApp = kc.makeApiClient(k8s.AppsV1Api);
+    const k8sCustomObjects = kc.makeApiClient(k8s.CustomObjectsApi);
+
+    const userTasks = await globalPrisma.userTask.findMany({
+      where: {
+        userUid: payload.userUid,
+        status: { not: TaskStatus.COMPLETED }
+      },
+      include: { task: true }
+    });
+
+    const [deployments, statefulsets, instances, clusters] = await Promise.all([
+      k8sApp.listNamespacedDeployment(
+        namespace,
+        undefined,
+        undefined,
+        undefined,
+        undefined,
+        `!${templateDeployKey}`
+      ),
+      k8sApp.listNamespacedStatefulSet(
+        namespace,
+        undefined,
+        undefined,
+        undefined,
+        undefined,
+        `!${templateDeployKey}`
+      ),
+      k8sCustomObjects.listNamespacedCustomObject(
+        'app.sealos.io',
+        'v1',
+        namespace,
+        'instances'
+      ) as any,
+      k8sCustomObjects.listNamespacedCustomObject(
+        'apps.kubeblocks.io',
+        'v1alpha1',
+        namespace,
+        'clusters',
+        undefined,
+        undefined,
+        undefined,
+        undefined,
+        `!${templateDeployKey}`
+      ) as any
+    ]);
+
+    const tasksToUpdate = userTasks.filter((userTask) => {
+      switch (userTask.task.taskType) {
+        case TaskType.LAUNCHPAD:
+          return deployments.body.items.length > 0 || statefulsets.body.items.length > 0;
+        case TaskType.APPSTORE:
+          return instances.body.items.length > 0;
+        case TaskType.DATABASE:
+          return clusters.body.items.length > 0;
+        default:
+          return false;
+      }
+    });
+
+    if (tasksToUpdate.length > 0) {
+      await globalPrisma.userTask.updateMany({
+        where: {
+          OR: tasksToUpdate.map((task) => ({
+            userUid: task.userUid,
+            taskId: task.taskId
+          }))
+        },
+        data: {
+          status: TaskStatus.COMPLETED,
+          completedAt: new Date()
+        }
+      });
+    }
+
+    jsonRes(res, { code: 200, data: `${tasksToUpdate.length} tasks updated successfully` });
+  } catch (error) {
+    console.error('Error processing request:', error);
+    jsonRes(res, { code: 500, message: 'Internal server error' });
+  }
+}
diff --git a/frontend/desktop/src/pages/api/account/getAccount.ts b/frontend/desktop/src/pages/api/account/getAccount.ts
deleted file mode 100644
index 7db135f8258..00000000000
--- a/frontend/desktop/src/pages/api/account/getAccount.ts
+++ /dev/null
@@ -1,26 +0,0 @@
-import { GetCRD, K8sApi } from '@/services/backend/kubernetes/user';
-import { jsonRes } from '@/services/backend/response';
-import { CRDMeta } from '@/types';
-import type { NextApiRequest, NextApiResponse } from 'next';
-import { getUserKubeconfigNotPatch, K8sApiDefault } from '@/services/backend/kubernetes/admin';
-import { verifyAccessToken } from '@/services/backend/auth';
-export const AccountMeta: CRDMeta = {
-  group: 'account.sealos.io',
-  version: 'v1',
-  namespace: 'sealos-system',
-  plural: 'accounts'
-};
-
-export default async function handler(req: NextApiRequest, res: NextApiResponse) {
-  try {
-    const payload = await verifyAccessToken(req.headers);
-    if (!payload) return jsonRes(res, { code: 401, message: 'token is invaild' });
-    const kc = await getUserKubeconfigNotPatch(payload.userCrName);
-    if (!kc) return jsonRes(res, { code: 404, message: ' kubeconfig is not found' });
-    const result = await GetCRD(K8sApiDefault(), AccountMeta, payload.userCrName);
-    jsonRes(res, { data: result?.body });
-  } catch (error) {
-    console.log(error);
-    jsonRes(res, { code: 500, data: error });
-  }
-}
diff --git a/frontend/desktop/src/pages/api/account/getTasks.ts b/frontend/desktop/src/pages/api/account/getTasks.ts
new file mode 100644
index 00000000000..0dab32e57cb
--- /dev/null
+++ b/frontend/desktop/src/pages/api/account/getTasks.ts
@@ -0,0 +1,49 @@
+import { verifyAccessToken, verifyAppToken } from '@/services/backend/auth';
+import { globalPrisma } from '@/services/backend/db/init';
+import { jsonRes } from '@/services/backend/response';
+import type { NextApiRequest, NextApiResponse } from 'next';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  try {
+    const payload = (await verifyAccessToken(req.headers)) || (await verifyAppToken(req.headers));
+    if (!payload) return jsonRes(res, { code: 401, message: 'Token is invaild' });
+
+    const userTasks = await globalPrisma.userTask.findMany({
+      where: {
+        userUid: payload.userUid,
+        task: {
+          isActive: true
+        }
+      },
+      include: {
+        task: true
+      },
+      orderBy: {
+        task: {
+          order: 'asc'
+        }
+      }
+    });
+
+    const tasks = userTasks.map((ut) => ({
+      id: ut.task.id,
+      title: JSON.parse(ut.task.title),
+      description: ut.task.description,
+      reward: ut.task.reward.toString(),
+      order: ut.task.order,
+      taskType: ut.task.taskType,
+      isCompleted: ut.status === 'COMPLETED',
+      completedAt: ut.completedAt
+    }));
+
+    const allTasksCompleted = tasks.every((task) => task.isCompleted);
+
+    jsonRes(res, {
+      code: 200,
+      data: allTasksCompleted ? [] : tasks,
+      message: allTasksCompleted ? 'All tasks completed' : 'Tasks fetched'
+    });
+  } catch (error) {
+    return jsonRes(res, { code: 500, message: 'error' });
+  }
+}
diff --git a/frontend/desktop/src/pages/api/account/updateGuide.ts b/frontend/desktop/src/pages/api/account/updateGuide.ts
deleted file mode 100644
index 8716e1afd02..00000000000
--- a/frontend/desktop/src/pages/api/account/updateGuide.ts
+++ /dev/null
@@ -1,35 +0,0 @@
-import { K8sApiDefault } from '@/services/backend/kubernetes/admin';
-import { UpdateCRD } from '@/services/backend/kubernetes/user';
-import { jsonRes } from '@/services/backend/response';
-import type { NextApiRequest, NextApiResponse } from 'next';
-import { AccountMeta } from './getAccount';
-import { GUIDE_DESKTOP_INDEX_KEY } from '@/constants/account';
-import { verifyAccessToken } from '@/services/backend/auth';
-
-// req header is kubeconfig
-export default async function handler(req: NextApiRequest, res: NextApiResponse) {
-  try {
-    const payload = await verifyAccessToken(req.headers);
-    if (!payload) return jsonRes(res, { code: 401, message: 'token is vaild' });
-
-    const defaultKc = K8sApiDefault();
-
-    if (!defaultKc) return jsonRes(res, { code: 401, message: 'No cluster permissions' });
-
-    const endTime = new Date().toISOString();
-
-    const jsonPatch = [
-      {
-        op: 'add',
-        path: `/metadata/annotations/${GUIDE_DESKTOP_INDEX_KEY}`,
-        value: endTime
-      }
-    ];
-
-    const reuslt = await UpdateCRD(defaultKc, AccountMeta, payload.userCrName, jsonPatch);
-
-    jsonRes(res, { data: reuslt?.body });
-  } catch (error) {
-    jsonRes(res, { code: 500, data: error });
-  }
-}
diff --git a/frontend/desktop/src/pages/api/account/updateTask.ts b/frontend/desktop/src/pages/api/account/updateTask.ts
new file mode 100644
index 00000000000..e010aad8e50
--- /dev/null
+++ b/frontend/desktop/src/pages/api/account/updateTask.ts
@@ -0,0 +1,52 @@
+import { verifyAccessToken, verifyAppToken } from '@/services/backend/auth';
+import { globalPrisma } from '@/services/backend/db/init';
+import { jsonRes } from '@/services/backend/response';
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { TaskStatus } from 'prisma/global/generated/client';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  try {
+    const payload = (await verifyAccessToken(req.headers)) || (await verifyAppToken(req.headers));
+    if (!payload) return jsonRes(res, { code: 401, message: 'Token is invalid' });
+
+    if (req.method !== 'POST') {
+      return jsonRes(res, { code: 405, message: 'Method not allowed' });
+    }
+
+    const { taskId } = req.body as { taskId: string };
+    if (!taskId) {
+      return jsonRes(res, { code: 400, message: 'Task ID is required' });
+    }
+
+    const task = await globalPrisma.userTask.findUnique({
+      where: {
+        userUid_taskId: {
+          userUid: payload.userUid,
+          taskId: taskId
+        }
+      }
+    });
+
+    if (!task) {
+      return jsonRes(res, { code: 404, message: 'Task not found' });
+    }
+
+    if (task.status === TaskStatus.COMPLETED) {
+      return jsonRes(res, { code: 200, message: 'Task is already completed' });
+    }
+
+    const updatedTask = await globalPrisma.userTask.update({
+      where: {
+        userUid_taskId: {
+          userUid: payload.userUid,
+          taskId: taskId
+        }
+      },
+      data: { status: TaskStatus.COMPLETED, completedAt: new Date() }
+    });
+
+    jsonRes(res, { code: 200, data: 'success' });
+  } catch (error) {
+    jsonRes(res, { code: 500, message: 'Internal server error' });
+  }
+}
diff --git a/frontend/desktop/src/pages/api/v1alpha/account/getAccount.ts b/frontend/desktop/src/pages/api/v1alpha/account/getAccount.ts
index 8949311f7aa..d1fe1de0d68 100644
--- a/frontend/desktop/src/pages/api/v1alpha/account/getAccount.ts
+++ b/frontend/desktop/src/pages/api/v1alpha/account/getAccount.ts
@@ -1,5 +1,5 @@
-import { AccountMeta } from '@/pages/api/account/getAccount';
 import { jsonRes } from '@/services/backend/response';
+import { AccountMeta } from '@/types';
 import type { NextApiRequest, NextApiResponse } from 'next';
 import { initK8s } from 'sealos-desktop-sdk/service';
 
diff --git a/frontend/desktop/src/pages/api/v1alpha/account/updateGuide.ts b/frontend/desktop/src/pages/api/v1alpha/account/updateGuide.ts
index 7f0e7b83ae6..117da5086d2 100644
--- a/frontend/desktop/src/pages/api/v1alpha/account/updateGuide.ts
+++ b/frontend/desktop/src/pages/api/v1alpha/account/updateGuide.ts
@@ -1,9 +1,9 @@
 import { K8sApiDefault } from '@/services/backend/kubernetes/admin';
 import { UpdateCRD } from '@/services/backend/kubernetes/user';
 import { jsonRes } from '@/services/backend/response';
+import { AccountMeta } from '@/types';
 import type { NextApiRequest, NextApiResponse } from 'next';
 import { initK8s } from 'sealos-desktop-sdk/service';
-import { AccountMeta } from '@/pages/api/account/getAccount';
 
 export type UpdateUserGuideParams = {
   activityType: 'beginner-guide';
diff --git a/frontend/desktop/src/pages/index.tsx b/frontend/desktop/src/pages/index.tsx
index cb125e75d70..e90c17333ea 100644
--- a/frontend/desktop/src/pages/index.tsx
+++ b/frontend/desktop/src/pages/index.tsx
@@ -3,6 +3,7 @@ import DesktopContent from '@/components/desktop_content';
 import useAppStore from '@/stores/app';
 import useCallbackStore from '@/stores/callback';
 import { useConfigStore } from '@/stores/config';
+import { useDesktopConfigStore } from '@/stores/desktopConfig';
 import useSessionStore from '@/stores/session';
 import { SemData } from '@/types/sem';
 import { NSType } from '@/types/team';
@@ -39,6 +40,8 @@ export default function Home({ sealos_cloud_domain }: { sealos_cloud_domain: str
   const { session } = useSessionStore();
   const { layoutConfig } = useConfigStore();
   const { workspaceInviteCode, setWorkspaceInviteCode } = useCallbackStore();
+  const { setCanShowGuide } = useDesktopConfigStore();
+
   useEffect(() => {
     colorMode === 'dark' ? toggleColorMode() : null;
   }, [colorMode, toggleColorMode]);
@@ -127,6 +130,7 @@ export default function Home({ sealos_cloud_domain }: { sealos_cloud_domain: str
           let appkey = '';
           let appRoute = '';
           if (!state.autolaunch) {
+            setCanShowGuide(true);
             const result = parseOpenappQuery((query?.openapp as string) || '');
             appQuery = result.appQuery;
             appkey = result.appkey;
@@ -141,6 +145,7 @@ export default function Home({ sealos_cloud_domain }: { sealos_cloud_domain: str
           }
           const app = state.installedApps.find((item) => item.key === appkey);
           if (!app) return;
+          setCanShowGuide(false);
           state.openApp(app, { raw: appQuery, pathname: appRoute }).then(() => {
             state.cancelAutoLaunch();
           });
diff --git a/frontend/desktop/src/services/backend/auth.ts b/frontend/desktop/src/services/backend/auth.ts
index 1c010924ac2..db660550487 100644
--- a/frontend/desktop/src/services/backend/auth.ts
+++ b/frontend/desktop/src/services/backend/auth.ts
@@ -25,6 +25,7 @@ const verifyToken = async <T extends Object>(header: IncomingHttpHeaders) => {
     return null;
   }
 };
+
 export const verifyAccessToken = async (header: IncomingHttpHeaders) =>
   verifyToken<AccessTokenPayload>(header).then(
     (payload) => {
@@ -36,6 +37,7 @@ export const verifyAccessToken = async (header: IncomingHttpHeaders) =>
     },
     (err) => null
   );
+
 export const verifyAuthenticationToken = async (header: IncomingHttpHeaders) => {
   try {
     if (!header?.authorization) {
@@ -63,6 +65,19 @@ export const verifyJWT = <T extends Object = JWTPayload>(token?: string, secret?
     });
   });
 
+export const verifyAppToken = async (header: IncomingHttpHeaders) => {
+  try {
+    if (!header?.authorization) {
+      throw new Error('缺少凭证');
+    }
+    const token = decodeURIComponent(header.authorization);
+    const payload = await verifyJWT<AccessTokenPayload>(token, internalJwtSecret());
+    return payload;
+  } catch (err) {
+    return null;
+  }
+};
+
 export const generateBillingToken = (props: BillingTokenPayload) =>
   sign(props, internalJwtSecret(), { expiresIn: '3600000' });
 export const generateAccessToken = (props: AccessTokenPayload) =>
diff --git a/frontend/desktop/src/services/backend/globalAuth.ts b/frontend/desktop/src/services/backend/globalAuth.ts
index 6878b0616c9..d746e259823 100644
--- a/frontend/desktop/src/services/backend/globalAuth.ts
+++ b/frontend/desktop/src/services/backend/globalAuth.ts
@@ -5,9 +5,20 @@ import { AuthConfigType } from '@/types';
 import { SemData } from '@/types/sem';
 import { hashPassword } from '@/utils/crypto';
 import { nanoid } from 'nanoid';
-import { ProviderType, User, UserStatus } from 'prisma/global/generated/client';
+import {
+  PrismaClient,
+  ProviderType,
+  TaskStatus,
+  User,
+  UserStatus
+} from 'prisma/global/generated/client';
 import { enableSignUp } from '../enable';
 
+type TransactionClient = Omit<
+  PrismaClient,
+  '$connect' | '$disconnect' | '$on' | '$transaction' | '$use' | '$extends'
+>;
+
 async function signIn({ provider, id }: { provider: ProviderType; id: string }) {
   const userProvider = await globalPrisma.oauthProvider.findUnique({
     where: {
@@ -21,6 +32,9 @@ async function signIn({ provider, id }: { provider: ProviderType; id: string })
     }
   });
   if (!userProvider) return null;
+
+  await checkDeductionBalanceAndCreateTasks(userProvider.user.uid);
+
   return {
     user: userProvider.user
   };
@@ -82,11 +96,65 @@ export async function signInByPassword({ id, password }: { id: string; password:
     }
   });
   if (!userProvider) return null;
+
+  await checkDeductionBalanceAndCreateTasks(userProvider.user.uid);
+
   return {
     user: userProvider.user
   };
 }
 
+/**
+ * Checks the deduction balance of a user and creates new tasks if the balance is zero.
+ *
+ * @param {string} userUid - The unique identifier of the user.
+ */
+async function checkDeductionBalanceAndCreateTasks(userUid: string) {
+  const account = await globalPrisma.account.findUnique({
+    where: { userUid }
+  });
+
+  // Check if the account exists, the deduction balance is not null, and the balance is zero.
+  if (
+    account &&
+    account.deduction_balance !== null &&
+    account.deduction_balance.toString() === '0'
+  ) {
+    const userTasks = await globalPrisma.userTask.findFirst({
+      where: { userUid }
+    });
+
+    // If no user tasks are found, create new tasks for the user.
+    if (!userTasks) {
+      await globalPrisma.$transaction(async (tx) => {
+        await createNewUserTasks(tx, userUid);
+      });
+    }
+  }
+}
+
+// Assign tasks to newly registered users
+async function createNewUserTasks(tx: TransactionClient, userUid: string) {
+  const newUserTasks = await tx.task.findMany({
+    where: {
+      isNewUserTask: true,
+      isActive: true
+    }
+  });
+
+  for (const task of newUserTasks) {
+    await tx.userTask.create({
+      data: {
+        userUid,
+        taskId: task.id,
+        status: TaskStatus.NOT_COMPLETED,
+        rewardStatus: task.taskType === 'DESKTOP' ? TaskStatus.COMPLETED : TaskStatus.NOT_COMPLETED,
+        completedAt: new Date(0)
+      }
+    });
+  }
+}
+
 async function signUp({
   provider,
   id,
@@ -128,6 +196,8 @@ async function signUp({
         });
       }
 
+      await createNewUserTasks(tx, user.uid);
+
       return { user };
     });
 
@@ -181,6 +251,8 @@ export async function signUpByPassword({
         });
       }
 
+      await createNewUserTasks(tx, user.uid);
+
       return { user };
     });
 
@@ -244,6 +316,7 @@ export const getGlobalToken = async ({
       }
     }
   });
+
   if (provider === ProviderType.PASSWORD) {
     if (!password) {
       return null;
diff --git a/frontend/desktop/src/stores/desktopConfig.ts b/frontend/desktop/src/stores/desktopConfig.ts
index 46d86518265..4c934ed1511 100644
--- a/frontend/desktop/src/stores/desktopConfig.ts
+++ b/frontend/desktop/src/stores/desktopConfig.ts
@@ -2,7 +2,11 @@ import { create } from 'zustand';
 import { persist } from 'zustand/middleware';
 import { immer } from 'zustand/middleware/immer';
 
+type TaskComponentState = 'none' | 'modal' | 'button';
+
 type State = {
+  canShowGuide: boolean;
+  setCanShowGuide: (value: boolean) => void;
   isAppBar: boolean;
   isNavbarVisible: boolean;
   isAnimationEnabled: boolean;
@@ -10,6 +14,8 @@ type State = {
   toggleNavbarVisibility: (forceState?: boolean) => void;
   temporarilyDisableAnimation: () => void;
   getTransitionValue: () => string;
+  taskComponentState: TaskComponentState;
+  setTaskComponentState: (state: TaskComponentState) => void;
 };
 
 export const useDesktopConfigStore = create<State>()(
@@ -18,6 +24,13 @@ export const useDesktopConfigStore = create<State>()(
       isAppBar: true,
       isNavbarVisible: true,
       isAnimationEnabled: true,
+      taskComponentState: 'none',
+      canShowGuide: false,
+      setCanShowGuide(value) {
+        set((state) => {
+          state.canShowGuide = value;
+        });
+      },
       toggleShape() {
         set((state) => {
           state.isAppBar = !state.isAppBar;
@@ -42,6 +55,11 @@ export const useDesktopConfigStore = create<State>()(
         return get().isAnimationEnabled
           ? 'transform 200ms ease-in-out, opacity 200ms ease-in-out'
           : 'none';
+      },
+      setTaskComponentState(s) {
+        set((state) => {
+          state.taskComponentState = s;
+        });
       }
     })),
     {
diff --git a/frontend/desktop/src/types/crd.ts b/frontend/desktop/src/types/crd.ts
index 3d1b57626bf..3a4f56f2a78 100644
--- a/frontend/desktop/src/types/crd.ts
+++ b/frontend/desktop/src/types/crd.ts
@@ -13,6 +13,7 @@ export const userCRD = {
   Version: 'v1',
   Resource: 'users'
 };
+
 export type UserCR = {
   apiVersion: 'user.sealos.io/v1';
   kind: 'User';
@@ -62,6 +63,7 @@ export type StatusCR = {
   };
   code: 404;
 };
+
 export type TAppCR = {
   apiVersion: 'app.sealos.io/v1';
   kind: 'App';
@@ -137,3 +139,10 @@ export type TNotification = {
     };
   };
 };
+
+export const AccountMeta: CRDMeta = {
+  group: 'account.sealos.io',
+  version: 'v1',
+  namespace: 'sealos-system',
+  plural: 'accounts'
+};
diff --git a/frontend/desktop/src/types/task.ts b/frontend/desktop/src/types/task.ts
new file mode 100644
index 00000000000..b0d1b04f02d
--- /dev/null
+++ b/frontend/desktop/src/types/task.ts
@@ -0,0 +1,12 @@
+import { TaskType } from 'prisma/global/generated/client';
+
+export type UserTask = {
+  id: string;
+  title: Record<string, string>;
+  description: string;
+  reward: string;
+  order: number;
+  taskType: TaskType;
+  isCompleted: boolean;
+  completedAt: string;
+};
diff --git a/frontend/packages/driver/src/overlay.ts b/frontend/packages/driver/src/overlay.ts
index 682153782ea..1f8b8d65b1c 100644
--- a/frontend/packages/driver/src/overlay.ts
+++ b/frontend/packages/driver/src/overlay.ts
@@ -111,47 +111,8 @@ function mountOverlay(stagePosition: StageDefinition) {
 
     document.body.appendChild(skipButton);
 
-    let countdown = 5;
-    let timeoutId: any;
-    let isButtonDisabled = true;
-
-    const updateButtonText = () => {
-      skipButton.innerText = `${getConfig('overlaySkipButton') || ''} (${countdown}s)`;
-    };
-
-    const countdownInterval = setInterval(() => {
-      countdown -= 1;
-      updateButtonText();
-    }, 1000);
-
-    timeoutId = setTimeout(() => {
-      console.log('Auto skipping after 5 seconds');
-      clearInterval(countdownInterval);
-      enableButton();
-      skipButton.innerText = getConfig('overlaySkipButton') || '';
-    }, 5000);
-
-    updateButtonText();
-
-    function disableButton() {
-      isButtonDisabled = true;
-      skipButton.style.pointerEvents = 'none';
-      skipButton.style.opacity = '0.5';
-    }
-
-    function enableButton() {
-      isButtonDisabled = false;
-      skipButton.style.pointerEvents = 'auto';
-      skipButton.style.opacity = '1';
-    }
-
     onDriverClick(skipButton, () => {
-      if (!isButtonDisabled) {
-        disableButton();
-        clearInterval(countdownInterval);
-        clearTimeout(timeoutId);
-        emit('skipButtonClick');
-      }
+      emit('skipButtonClick');
     });
 
     setState('__overlaySkipBtn', skipButton);
diff --git a/frontend/pnpm-lock.yaml b/frontend/pnpm-lock.yaml
index 00c0dfd2852..b91c087c361 100644
--- a/frontend/pnpm-lock.yaml
+++ b/frontend/pnpm-lock.yaml
@@ -1191,6 +1191,9 @@ importers:
       '@next/font':
         specifier: 13.1.6
         version: 13.1.6
+      '@sealos/driver':
+        specifier: workspace:^
+        version: link:../../packages/driver
       '@sealos/ui':
         specifier: workspace:^
         version: link:../../packages/ui
@@ -2163,6 +2166,9 @@ importers:
       '@replit/codemirror-vscode-keymap':
         specifier: ^6.0.2
         version: 6.0.2(@codemirror/autocomplete@6.11.1)(@codemirror/commands@6.3.2)(@codemirror/language@6.9.3)(@codemirror/lint@6.4.2)(@codemirror/search@6.5.5)(@codemirror/state@6.3.2)(@codemirror/view@6.22.1)
+      '@sealos/driver':
+        specifier: workspace:^
+        version: link:../../packages/driver
       '@sealos/ui':
         specifier: workspace:^
         version: link:../../packages/ui
diff --git a/frontend/providers/applaunchpad/public/locales/en/common.json b/frontend/providers/applaunchpad/public/locales/en/common.json
index d7868afe211..bafd64012a5 100644
--- a/frontend/providers/applaunchpad/public/locales/en/common.json
+++ b/frontend/providers/applaunchpad/public/locales/en/common.json
@@ -4,7 +4,6 @@
   "Add": "Add",
   "Add Port": "Add Port",
   "Add volume": "Add Storage",
-  "Adjust application configuration": "Adjust application configuration",
   "Advanced Configuration": "Advanced Config",
   "Age": "Age",
   "Amount": "Amount",
@@ -32,12 +31,11 @@
   "Balance": "Balance",
   "Basic Config": "Basic",
   "Basic Information": "Basic",
-  "Can help you deploy any Docker image": "Helps you deploy any Docker image",
+  "Can help you deploy any Docker image": "Rich image warehouse, supporting any Docker image",
   "Can not change storage path": "Storage mount path cannot be modified",
   "Cancel": "Cancel",
   "capacity": "capacity",
   "Card": "cards",
-  "Click here to visit the website": "Click here to open the site",
   "Click on any shadow to skip": "Click on any shadow to skip",
   "Click the Deploy Application button": "Click \\\"Deploy Application\\\"",
   "Cname auth error: customDomain's cname is not equal to publicDomain": "CNAME error. You must configure CNAME to the provided domain before binding.",
@@ -99,7 +97,6 @@
   "File Value can not empty": "File content is required",
   "filename": "File Name",
   "Filename can not empty": "File Name is required",
-  "First time completion guide benefits": "First-time user bonus",
   "Fixed instance": "Fixed",
   "Folder Name": "Folder Name",
   "gift amount tip": "Top up {{amount}} to get {{gift}} bonus",
@@ -188,7 +185,6 @@
   "Restarts Num": "Restarts",
   "Run command": "Command",
   "Running": "Running",
-  "Second-level domain name tips": "Public subdomain will be automatically assigned if enabled",
   "Separated by spaces": "Space separated, e.g.:",
   "show hidden files": "Show hidden files",
   "Size": "Size",
@@ -266,5 +262,15 @@
   "within_1_day": "Within 1 day",
   "terminated_logs": "Terminated logs",
   "no_logs_for_now": "No logs for now",
-  "or": "or"
-}
\ No newline at end of file
+  "or": "or",
+  "guide_deploy_storage": "Massive storage to meet various application needs",
+  "guide_detail_operate": "Log｜Terminal｜Details｜Restart",
+  "guide_detail_monitor": "Visual resource monitoring",
+  "guide_detail_update_button": "Adjust in real time as needed",
+  "guide_detail_network": "Provide intranet and extranet access addresses and automatically configure SSL certificates",
+  "first_charge": "First Recharge Discount",
+  "first_charge_tip": "For some specifications, you can enjoy double the gift amount when you recharge for the first time.",
+  "gift": "gift",
+  "balance": "balance",
+  "guide_deploy_button": "Complete creation and get it now"
+}
diff --git a/frontend/providers/applaunchpad/public/locales/zh/common.json b/frontend/providers/applaunchpad/public/locales/zh/common.json
index 8fb7cb20a65..56d12456d25 100644
--- a/frontend/providers/applaunchpad/public/locales/zh/common.json
+++ b/frontend/providers/applaunchpad/public/locales/zh/common.json
@@ -4,7 +4,6 @@
   "Add": "新增",
   "Add Port": "添加端口",
   "Add volume": "新增存储卷",
-  "Adjust application configuration": "调整应用配置",
   "Advanced Configuration": "高级配置",
   "Age": "启动时长",
   "Amount": "数量",
@@ -32,12 +31,11 @@
   "Balance": "余额",
   "Basic Config": "基础配置",
   "Basic Information": "基本信息",
-  "Can help you deploy any Docker image": "可以帮助您部署任意 Docker 镜像",
+  "Can help you deploy any Docker image": "丰富的镜像仓库，支持任意 Docker 镜像",
   "Can not change storage path": "不允许修改挂载路径",
   "Cancel": "取消",
   "capacity": "容量",
   "Card": "张",
-  "Click here to visit the website": "点击此处访问网站",
   "Click on any shadow to skip": "点击任意阴影跳过",
   "Click the Deploy Application button": "点击「部署应用」按钮",
   "Cname auth error: customDomain's cname is not equal to publicDomain": "CNAME 校验错误，你需要先 CNAME 到指定域名才能绑定",
@@ -99,7 +97,6 @@
   "File Value can not empty": "文件值不能为空",
   "filename": "文件名",
   "Filename can not empty": "文件名不能为空",
-  "First time completion guide benefits": "首次完成引导福利",
   "Fixed instance": "固定实例",
   "Folder Name": "文件夹名",
   "gift amount tip": "充值 {{amount}} 赠送 {{gift}} ",
@@ -179,7 +176,7 @@
   "Public Address": "公网地址",
   "Real-time Monitoring": "实时监控",
   "Reboot Success": "重启成功",
-  "receive": "获得",
+  "receive": "已获得",
   "rename": "重命名",
   "Replicas": "实例数",
   "Restart": "重启",
@@ -188,7 +185,6 @@
   "Restarts Num": "重启次数",
   "Run command": "运行命令",
   "Running": "运行中",
-  "Second-level domain name tips": "开启后将自动为您分配一个二级公网域名",
   "Separated by spaces": "以空格分开，如: ",
   "show hidden files": "显示隐藏文件",
   "Size": "文件大小",
@@ -266,5 +262,16 @@
   "within_1_day": "一天内",
   "terminated_logs": "中断前",
   "no_logs_for_now": "暂无日志",
-  "or": "或"
-}
\ No newline at end of file
+  "or": "或",
+  "guide_deploy_command": "丰富的命令集支持，简化服务器管理",
+  "guide_deploy_storage": "海量存储，满足各种应用需求",
+  "guide_detail_monitor": "可视化资源监控",
+  "guide_detail_operate": "日志｜终端｜详情｜重启",
+  "guide_detail_update_button": "按需实时调整",
+  "guide_detail_network": "提供内网和外网访问地址，并自动配置 SSL 证书",
+  "first_charge": "首充优惠",
+  "first_charge_tip": "部分规格首次充值可享双倍赠送金额",
+  "gift": "赠",
+  "balance": "余额",
+  "guide_deploy_button": "完成创建，立即获得"
+}
diff --git a/frontend/providers/applaunchpad/src/api/platform.ts b/frontend/providers/applaunchpad/src/api/platform.ts
index c64afb13d50..406773b8256 100644
--- a/frontend/providers/applaunchpad/src/api/platform.ts
+++ b/frontend/providers/applaunchpad/src/api/platform.ts
@@ -1,8 +1,8 @@
 import type { Response as InitDataType } from '@/pages/api/platform/getInitData';
 import { GET, POST } from '@/services/request';
-import type { AccountCRD, UserQuotaItemType, userPriceType } from '@/types/user';
+import type { UserQuotaItemType, UserTask, userPriceType } from '@/types/user';
+import { getUserSession } from '@/utils/user';
 import { AuthCnamePrams } from './params';
-import { UpdateUserGuideParams } from '@/pages/api/guide/updateGuide';
 
 export const getResourcePrice = () => GET<userPriceType>('/api/platform/resourcePrice');
 
@@ -15,12 +15,26 @@ export const getUserQuota = () =>
 
 export const postAuthCname = (data: AuthCnamePrams) => POST('/api/platform/authCname', data);
 
-export const updateDesktopGuide = (payload: UpdateUserGuideParams) =>
-  POST('/api/guide/updateGuide', payload);
-
-export const getUserAccount = () => GET<AccountCRD>('/api/guide/getAccount');
-
-export const getPriceBonus = () => GET('/api/guide/getBonus');
+export const getUserTasks = () =>
+  GET<{ needGuide: boolean; task: UserTask }>('/api/guide/getTasks', undefined, {
+    headers: {
+      Authorization: getUserSession()?.token
+    }
+  });
+
+export const checkUserTask = () =>
+  GET('/api/guide/checkTask', undefined, {
+    headers: {
+      Authorization: getUserSession()?.token
+    }
+  });
+
+export const getPriceBonus = () =>
+  GET<{ amount: number; gift: number }[]>('/api/guide/getBonus', undefined, {
+    headers: {
+      Authorization: getUserSession()?.token
+    }
+  });
 
 export const checkPermission = (payload: { appName: string }) =>
   GET('/api/platform/checkPermission', payload);
diff --git a/frontend/providers/applaunchpad/src/components/Icon/icons/gift.svg b/frontend/providers/applaunchpad/src/components/Icon/icons/gift.svg
new file mode 100644
index 00000000000..865d6307dbb
--- /dev/null
+++ b/frontend/providers/applaunchpad/src/components/Icon/icons/gift.svg
@@ -0,0 +1,10 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="21" height="20" viewBox="0 0 21 20" fill="none">
+  <path fill-rule="evenodd" clip-rule="evenodd" d="M6.74968 2.4987C6.41816 2.4987 6.10021 2.63039 5.86579 2.86481C5.63137 3.09924 5.49968 3.41718 5.49968 3.7487C5.49968 4.08022 5.63137 4.39816 5.86579 4.63258C6.10021 4.867 6.41816 4.9987 6.74968 4.9987H9.37803C9.2763 4.73254 9.14752 4.43988 8.98825 4.1503C8.46411 3.19732 7.74459 2.4987 6.74968 2.4987ZM9.66634 6.66536V10.832H2.99968V8.4987C2.99968 8.01824 3.00032 7.70801 3.01962 7.47189C3.03811 7.24551 3.06951 7.16158 3.0905 7.12037C3.1704 6.96357 3.29788 6.83609 3.45468 6.75619C3.49589 6.7352 3.57982 6.7038 3.80621 6.6853C4.04232 6.66601 4.35255 6.66537 4.83301 6.66537L9.66634 6.66536ZM4.11661 5.00325C3.93164 4.61502 3.83301 4.18694 3.83301 3.7487C3.83301 2.97515 4.1403 2.23328 4.68728 1.6863C5.23426 1.13932 5.97613 0.832031 6.74968 0.832031C8.67143 0.832031 9.82691 2.21674 10.4486 3.3471C10.4659 3.37861 10.483 3.4101 10.4997 3.44154C10.5164 3.4101 10.5334 3.37861 10.5507 3.3471C11.1724 2.21674 12.3279 0.832031 14.2497 0.832031C15.0232 0.832031 15.7651 1.13932 16.3121 1.6863C16.8591 2.23328 17.1663 2.97515 17.1663 3.7487C17.1663 4.18694 17.0677 4.61502 16.8827 5.00325C17.0438 5.00678 17.1927 5.01305 17.3289 5.02417C17.6583 5.05109 17.986 5.11052 18.3013 5.27118C18.7717 5.51087 19.1542 5.89332 19.3939 6.36372C19.5545 6.67904 19.614 7.00672 19.6409 7.33618C19.6664 7.64832 19.6664 8.02728 19.6663 8.46656V15.6975C19.6664 16.1368 19.6664 16.5157 19.6409 16.8279C19.614 17.1573 19.5545 17.485 19.3939 17.8003C19.1542 18.2707 18.7717 18.6532 18.3013 18.8929C17.986 19.0535 17.6583 19.113 17.3289 19.1399C17.0167 19.1654 16.6378 19.1654 16.1985 19.1654H10.5008C10.5005 19.1654 10.5001 19.1654 10.4997 19.1654C10.4993 19.1654 10.4989 19.1654 10.4985 19.1654H4.80087C4.36159 19.1654 3.98262 19.1654 3.67049 19.1399C3.34103 19.113 3.01335 19.0535 2.69803 18.8929C2.22763 18.6532 1.84518 18.2707 1.60549 17.8003C1.44483 17.485 1.3854 17.1573 1.35848 16.8279C1.33298 16.5157 1.33299 16.1368 1.33301 15.6975L1.33301 11.6658C1.33301 11.6657 1.33301 11.666 1.33301 11.6658C1.33301 11.6657 1.33301 11.665 1.33301 11.6649L1.33301 8.46658C1.33299 8.02729 1.33298 7.64832 1.35848 7.33617C1.3854 7.00672 1.44483 6.67904 1.60549 6.36372C1.84518 5.89332 2.22763 5.51087 2.69803 5.27118C3.01335 5.11052 3.34103 5.05109 3.67049 5.02417C3.80666 5.01305 3.95554 5.00678 4.11661 5.00325ZM2.99968 12.4987V15.6654C2.99968 16.1458 3.00032 16.4561 3.01962 16.6922C3.03811 16.9186 3.06951 17.0025 3.0905 17.0437C3.1704 17.2005 3.29788 17.328 3.45468 17.4079C3.49589 17.4289 3.57982 17.4603 3.80621 17.4788C4.04232 17.498 4.35255 17.4987 4.83301 17.4987H9.66634V12.4987H2.99968ZM11.333 12.4987V17.4987H16.1663C16.6468 17.4987 16.957 17.4981 17.1931 17.4788C17.4195 17.4603 17.5035 17.4289 17.5447 17.4079C17.7015 17.328 17.829 17.2005 17.9088 17.0437C17.9298 17.0025 17.9612 16.9186 17.9797 16.6922C17.999 16.4561 17.9997 16.1458 17.9997 15.6654V12.4987H11.333ZM17.9997 10.832V8.4987C17.9997 8.01824 17.999 7.70801 17.9797 7.4719C17.9612 7.24551 17.9298 7.16158 17.9088 7.12037C17.829 6.96357 17.7015 6.83609 17.5447 6.75619C17.5035 6.7352 17.4195 6.7038 17.1931 6.68531C16.957 6.66601 16.6468 6.66537 16.1663 6.66537L11.333 6.66536V10.832H17.9997ZM11.6213 4.9987C11.7231 4.73254 11.8518 4.43988 12.0111 4.1503C12.5352 3.19732 13.2548 2.4987 14.2497 2.4987C14.5812 2.4987 14.8991 2.63039 15.1336 2.86481C15.368 3.09924 15.4997 3.41718 15.4997 3.7487C15.4997 4.08022 15.368 4.39816 15.1336 4.63258C14.8991 4.867 14.5812 4.9987 14.2497 4.9987H11.6213Z" fill="url(#paint0_linear_787_31074)"/>
+  <defs>
+    <linearGradient id="paint0_linear_787_31074" x1="10.4997" y1="1.42727" x2="10.4997" y2="18.5701" gradientUnits="userSpaceOnUse">
+      <stop stop-color="#69AEFF"/>
+      <stop offset="0.432292" stop-color="#6096FF"/>
+      <stop offset="1" stop-color="#6C7FFF"/>
+    </linearGradient>
+  </defs>
+</svg>
\ No newline at end of file
diff --git a/frontend/providers/applaunchpad/src/components/Icon/index.tsx b/frontend/providers/applaunchpad/src/components/Icon/index.tsx
index 6f72e383a5e..bf1f410e152 100644
--- a/frontend/providers/applaunchpad/src/components/Icon/index.tsx
+++ b/frontend/providers/applaunchpad/src/components/Icon/index.tsx
@@ -29,6 +29,7 @@ const map = {
   noEvents: require('./icons/noEvents.svg').default,
   warning: require('./icons/warning.svg').default,
   analyze: require('./icons/analyze.svg').default,
+  gift: require('./icons/gift.svg').default,
   terminal: require('./icons/terminal.svg').default,
   log: require('./icons/log.svg').default,
   nvidia: require('./icons/gpu/nvidia.svg').default,
diff --git a/frontend/providers/applaunchpad/src/hooks/useDetailDriver.tsx b/frontend/providers/applaunchpad/src/hooks/useDetailDriver.tsx
index 2353e8ac15c..36ec95d5a70 100644
--- a/frontend/providers/applaunchpad/src/hooks/useDetailDriver.tsx
+++ b/frontend/providers/applaunchpad/src/hooks/useDetailDriver.tsx
@@ -1,22 +1,34 @@
-import { getInitData, getPriceBonus, getUserAccount, updateDesktopGuide } from '@/api/platform';
-import { GUIDE_LAUNCHPAD_DETAIL_KEY, GUIDE_LAUNCHPAD_GIFT_KEY } from '@/constants/account';
+import { checkUserTask, getPriceBonus, getUserTasks } from '@/api/platform';
+import MyIcon from '@/components/Icon';
+import { useGuideStore } from '@/store/guide';
 import { formatMoney } from '@/utils/tools';
-import { Flex, FlexProps, Icon, Text } from '@chakra-ui/react';
+import { Center, Flex, FlexProps, Icon, Text } from '@chakra-ui/react';
 import { DriveStep, driver } from '@sealos/driver';
+import { SealosCoin } from '@sealos/ui';
 import { useTranslation } from 'next-i18next';
 import { useEffect, useMemo, useState } from 'react';
 import { sealosApp } from 'sealos-desktop-sdk/app';
 import { DriverStarIcon } from './useDriver';
 
-export default function useDriver() {
+export default function useDetailDriver() {
   const { t, i18n } = useTranslation();
-  const [showGiftStep, setShowGiftStep] = useState(false);
-  const [activity, setActivity] = useState({
-    balance: 8,
-    limitDuration: '1',
-    amount: '8',
-    giftAmount: '8'
-  });
+  const [reward, setReward] = useState(5);
+  const { detailCompleted, setDetailCompleted } = useGuideStore();
+
+  const [rechargeOptions, setRechargeOptions] = useState([
+    { amount: 8, gift: 8 },
+    { amount: 32, gift: 32 },
+    { amount: 128, gift: 128 }
+  ]);
+
+  const openCostCenterApp = () => {
+    sealosApp.runEvents('openDesktopApp', {
+      appKey: 'system-costcenter',
+      query: {
+        openRecharge: 'true'
+      }
+    });
+  };
 
   const PopoverBodyInfo = (props: FlexProps) => {
     return (
@@ -51,296 +63,250 @@ export default function useDriver() {
 
   const baseSteps: DriveStep[] = [
     {
-      element: '.driver-detail-network-public',
+      element: '.driver-detail-monitor',
       popover: {
-        side: 'left',
+        side: 'bottom',
         align: 'start',
-        borderRadius: '12px 12px 0px 12px',
+        borderRadius: '0px 12px 12px 12px',
         PopoverBody: (
           <Flex gap={'6px'}>
             <DriverStarIcon />
-            <Text color={'#24282C'} fontSize={'12px'}>
-              {t('Click here to visit the website')}
+            <Text color={'#24282C'} fontSize={'12px'} fontWeight={500}>
+              {t('guide_detail_monitor')}
             </Text>
-            <PopoverBodyInfo top={'-120px'} />
+            <PopoverBodyInfo />
           </Flex>
         )
       }
     },
     {
-      element: '.driver-detail-terminal',
+      element: '.driver-detail-update-button',
       popover: {
-        side: 'left',
-        align: 'center',
+        side: 'bottom',
+        align: 'start',
         borderRadius: '12px 12px 0px 12px',
         PopoverBody: (
           <Flex gap={'6px'}>
             <DriverStarIcon />
-            <Text color={'#24282C'} fontSize={'12px'}>
-              {t('You can enter the container through the terminal')}
+            <Text color={'#24282C'} fontSize={'12px'} fontWeight={500}>
+              {t('guide_detail_update_button')}
             </Text>
-            <PopoverBodyInfo top={'-120px'} />
+            <PopoverBodyInfo top={'80px'} />
           </Flex>
         )
       }
     },
     {
-      element: '.driver-detail-update-button',
+      element: '.driver-detail-network',
       popover: {
-        side: 'bottom',
+        side: 'left',
         align: 'start',
         borderRadius: '12px 12px 0px 12px',
         PopoverBody: (
           <Flex gap={'6px'}>
             <DriverStarIcon />
-            <Text color={'#24282C'} fontSize={'12px'}>
-              {t('Adjust application configuration')}
+            <Text color={'#24282C'} fontSize={'12px'} fontWeight={500}>
+              {t('guide_detail_network')}
             </Text>
-            <PopoverBodyInfo top={'80px'} />
+            <PopoverBodyInfo top={'-120px'} />
           </Flex>
         )
       }
-    }
-  ];
-
-  const giftStep: DriveStep[] = [
+    },
     {
+      element: '.driver-detail-operate',
       popover: {
-        borderRadius: '12px 12px 12px 12px',
+        side: 'left',
+        align: 'center',
+        borderRadius: '12px 12px 0px 12px',
         PopoverBody: (
-          <Flex flexDirection={'column'} alignItems={'center'} padding={'27px 40px'} w="450px">
-            <Flex
-              w="100%"
-              color={'#24282C'}
-              fontSize={'14px'}
-              fontWeight={500}
-              bg="#F6EEFA"
-              borderRadius={'8px'}
-              p={'16px'}
-              alignItems={'center'}
-            >
-              <DriverStarIcon />
-              <Text ml="8px">{t('You have successfully deployed an application')}</Text>
-              <Text color={'#5A646E'} fontSize={'12px '} fontWeight={500} ml="auto">
-                {t('receive')}
-              </Text>
-              <Text ml="12px">{activity.balance}</Text>
-              <Icon w="16px" h={'16px'} viewBox="0 0 43 43" mx="4px">
-                <path
-                  fill="currentColor"
-                  fillRule="evenodd"
-                  clipRule="evenodd"
-                  d="M38.8452 16.3383C38.8452 16.3383 38.169 13.0791 34.6177 12.5018C34.6177 12.5018 32.91 5.22138 26.476 8.01336C26.476 8.01336 21.7775 1.34481 16.7833 8.01336C16.7833 8.01336 10.8267 4.86984 8.35511 12.513C8.35511 12.513 4.03522 12.6233 4.00011 18.5272C3.96499 24.4311 12.4728 30.8168 13.6867 31.3741C13.6867 31.3741 11.0158 34.2719 14.2876 36.284C18.8172 38.6577 27.3756 37.7936 29.4606 35.9326C30.7532 34.7789 30.6523 33.0064 29.4606 31.5498C29.4556 31.5548 40.4202 25.1038 38.8452 16.3383ZM31.6228 11.4841C29.9736 8.80397 26.7453 10.5751 26.7453 10.5751C27.9505 20.3212 24.1256 29.8479 24.1256 29.8479C27.7512 28.7132 33.6121 14.7169 31.6228 11.4841ZM21.1951 7.66792C21.1951 7.66792 18.5641 7.83387 18.1203 11.4413C17.6764 15.0488 18.7299 29.0557 21.5427 30.0673C21.5427 30.0673 23.5266 30.5865 24.8902 18.319C26.6924 6.40218 21.1951 7.66792 21.1951 7.66792ZM16.2936 10.5751C16.2936 10.5751 13.488 8.61467 11.4786 11.4841C9.49465 14.7169 15.3556 28.7132 18.9759 29.8479C18.9759 29.8479 15.2143 21.3388 16.2936 10.5751ZM8.87726 14.9454C8.87726 14.9454 6.13705 14.9454 6.43049 18.7633C6.79949 23.5643 12.9309 28.6588 15.2143 29.5044C15.2089 29.5044 10.0763 22.326 8.87726 14.9454ZM15.1097 34.6383C15.8744 35.9813 24.6742 36.3866 28.102 34.8719C28.102 34.8719 29.1783 33.7787 27.532 31.5994C27.4731 31.5216 26.8769 31.5791 26.5874 31.5627C26.2978 31.5463 26.0133 31.4758 25.6763 31.4068C25.6763 31.4068 24.6168 32.1662 22.9437 31.5994C22.9437 31.5994 21.7614 32.2601 20.3823 31.5994C20.3823 31.5994 18.6756 32.1821 17.6497 31.4068C17.6497 31.4068 16.9291 31.6032 15.8719 31.4068C15.8719 31.4068 14.3671 33.3342 15.1097 34.6383ZM34.2051 14.9533C32.8914 23.1395 27.9505 29.5113 27.9505 29.5113C30.9382 28.8784 36.0244 22.5811 36.6816 18.7633C37.3388 14.9454 34.2051 14.9533 34.2051 14.9533Z"
-                />
-              </Icon>
-              <Text>{t('Balance')}</Text>
-            </Flex>
-            <Flex
-              alignItems={'center'}
-              justifyContent={'center'}
-              color={'#24282C'}
-              fontSize={'14px'}
-              fontWeight={500}
-              mt="42px"
-            >
-              <Icon
-                xmlns="http://www.w3.org/2000/svg"
-                width="16px"
-                height="16px"
-                viewBox="0 0 16 16"
-                fill="none"
-              >
-                <g clipPath="url(#clip0_45_25863)">
-                  <path
-                    fillRule="evenodd"
-                    clipRule="evenodd"
-                    d="M4.99984 1.99984C4.73462 1.99984 4.48027 2.10519 4.29273 2.29273C4.10519 2.48027 3.99984 2.73462 3.99984 2.99984C3.99984 3.26505 4.10519 3.51941 4.29273 3.70694C4.48027 3.89448 4.73462 3.99984 4.99984 3.99984H7.10252C7.02114 3.78691 6.91811 3.55278 6.79069 3.32112C6.37138 2.55873 5.79577 1.99984 4.99984 1.99984ZM7.33317 5.33317V8.6665H1.99984V6.79984C1.99984 6.41547 2.00036 6.16729 2.01579 5.97839C2.03059 5.79729 2.05571 5.73014 2.0725 5.69718C2.13642 5.57174 2.2384 5.46975 2.36384 5.40583C2.39681 5.38904 2.46395 5.36392 2.64506 5.34912C2.83395 5.33369 3.08214 5.33317 3.46651 5.33317H7.33317ZM2.89338 4.00348C2.74541 3.69289 2.6665 3.35043 2.6665 2.99984C2.6665 2.381 2.91234 1.78751 3.34992 1.34992C3.78751 0.912337 4.381 0.666504 4.99984 0.666504C6.53724 0.666504 7.46163 1.77427 7.95898 2.67856C7.97285 2.70377 7.98646 2.72896 7.99984 2.75411C8.01321 2.72896 8.02683 2.70377 8.04069 2.67856C8.53805 1.77427 9.46244 0.666504 10.9998 0.666504C11.6187 0.666504 12.2122 0.912337 12.6498 1.34992C13.0873 1.78751 13.3332 2.381 13.3332 2.99984C13.3332 3.35043 13.2543 3.69289 13.1063 4.00348C13.2351 4.0063 13.3543 4.01132 13.4632 4.02022C13.7268 4.04175 13.9889 4.0893 14.2412 4.21783C14.6175 4.40957 14.9234 4.71553 15.1152 5.09186C15.2437 5.34411 15.2913 5.60626 15.3128 5.86982C15.3332 6.11953 15.3332 6.4227 15.3332 6.77413V12.5589C15.3332 12.9103 15.3332 13.2135 15.3128 13.4632C15.2913 13.7268 15.2437 13.9889 15.1152 14.2411C14.9234 14.6175 14.6175 14.9234 14.2412 15.1152C13.9889 15.2437 13.7268 15.2913 13.4632 15.3128C13.2135 15.3332 12.9103 15.3332 12.5588 15.3332H7.99984L3.44079 15.3332C3.08937 15.3332 2.7862 15.3332 2.53649 15.3128C2.27292 15.2913 2.01078 15.2437 1.75852 15.1152C1.3822 14.9234 1.07624 14.6175 0.884492 14.2411C0.755963 13.9889 0.708419 13.7268 0.686885 13.4632C0.666482 13.2135 0.666493 12.9103 0.666504 12.5589L0.666505 9.33357L0.666505 6.77414C0.666493 6.42271 0.666482 6.11953 0.686885 5.86982C0.708419 5.60626 0.755963 5.34411 0.884492 5.09186C1.07624 4.71553 1.3822 4.40957 1.75852 4.21782C2.01078 4.08929 2.27292 4.04175 2.53649 4.02022C2.64542 4.01132 2.76453 4.0063 2.89338 4.00348ZM1.99984 9.99984L1.99984 12.5332C1.99984 12.9175 2.00036 13.1657 2.01579 13.3546C2.03059 13.5357 2.05571 13.6029 2.0725 13.6358C2.13642 13.7613 2.2384 13.8633 2.36384 13.9272C2.39681 13.944 2.46395 13.9691 2.64506 13.9839C2.83395 13.9993 3.08214 13.9998 3.4665 13.9998H7.33317V9.99984H1.99984ZM8.6665 9.99984V13.9998H12.5332C12.9175 13.9998 13.1657 13.9993 13.3546 13.9839C13.5357 13.9691 13.6029 13.944 13.6358 13.9272C13.7613 13.8633 13.8633 13.7613 13.9272 13.6358C13.944 13.6029 13.9691 13.5357 13.9839 13.3546C13.9993 13.1657 13.9998 12.9175 13.9998 12.5332V9.99984H8.6665ZM13.9998 8.6665V6.79984C13.9998 6.41547 13.9993 6.16729 13.9839 5.97839C13.9691 5.79729 13.944 5.73014 13.9272 5.69718C13.8633 5.57174 13.7613 5.46975 13.6358 5.40583C13.6029 5.38904 13.5357 5.36392 13.3546 5.34912C13.1657 5.33369 12.9175 5.33317 12.5332 5.33317L8.6665 5.33317V8.6665H13.9998ZM8.89716 3.99984C8.97854 3.78691 9.08157 3.55278 9.20898 3.32112C9.62829 2.55873 10.2039 1.99984 10.9998 1.99984C11.2651 1.99984 11.5194 2.10519 11.7069 2.29273C11.8945 2.48027 11.9998 2.73462 11.9998 2.99984C11.9998 3.26505 11.8945 3.51941 11.7069 3.70694C11.5194 3.89448 11.2651 3.99984 10.9998 3.99984H8.89716Z"
-                    fill="url(#paint0_linear_45_25863)"
-                  />
-                </g>
-                <defs>
-                  <linearGradient
-                    id="paint0_linear_45_25863"
-                    x1="7.99984"
-                    y1="0.666504"
-                    x2="7.99984"
-                    y2="15.3332"
-                    gradientUnits="userSpaceOnUse"
-                  >
-                    <stop stopColor="#FFC3A4" />
-                    <stop offset="0.432292" stopColor="#FE8BA7" />
-                    <stop offset="1" stopColor="#8695FF" />
-                  </linearGradient>
-                  <clipPath id="clip0_45_25863">
-                    <rect width="16" height="16" fill="white" />
-                  </clipPath>
-                </defs>
-              </Icon>
-              <Text ml="8px">{t('First time completion guide benefits')}</Text>
-            </Flex>
-            <Flex
-              justifyContent={'center'}
-              fontSize={i18n.language === 'en' ? '18px' : '24px'}
-              fontWeight={500}
-              mt="16px"
-            >
-              <Text color={'#24282C'} pr="4px">
-                {t('gift time tip', { time: activity.limitDuration })}
-              </Text>
-              <Text color={'#219BF4'}>
-                {t('gift amount tip', {
-                  amount: activity.amount,
-                  gift: activity.giftAmount
-                })}
-              </Text>
-            </Flex>
-            <Flex
-              mt={'32px'}
-              bg="#24282C"
-              borderRadius={'4px'}
-              alignItems={'center'}
-              justifyContent={'center'}
-              w={'179px'}
-              h={'36px'}
-              color={'#FFF'}
-              fontSize={'12px'}
-              fontWeight={500}
-              cursor={'pointer'}
-              onClick={() => {
-                console.log('充值');
-                driverObj.destroy();
-                openCostCenterApp();
-              }}
-            >
-              {t('Go to recharge')}
-            </Flex>
-            <Text
-              mt="16px"
-              cursor={'pointer'}
-              color={'#7B838B'}
-              fontSize={'12px'}
-              fontWeight={500}
-              onClick={() => {
-                driverObj.destroy();
-              }}
-            >
-              {t('let me think again')}
+          <Flex gap={'6px'}>
+            <DriverStarIcon />
+            <Text color={'#24282C'} fontSize={'12px'} fontWeight={500}>
+              {t('guide_detail_operate')}
             </Text>
+            <PopoverBodyInfo top={'-120px'} />
           </Flex>
-        ),
-        onPopoverRender: () => {
-          const svg = driverObj.getState('__overlaySvg');
-          if (svg) {
-            const pathElement = svg.querySelector('path');
-            if (pathElement) {
-              pathElement.style.pointerEvents = 'none';
-            }
-          }
-        }
+        )
       }
     }
   ];
 
-  const driverConfig = useMemo(() => {
-    return {
-      disableActiveInteraction: true,
-      showProgress: false,
-      allowClose: false,
-      allowClickMaskNextStep: true,
-      allowPreviousStep: false,
-      isShowButtons: false,
-      allowKeyboardControl: false,
-      overlaySkipButton: t('skip') || 'skip',
-      steps: showGiftStep ? [...baseSteps, ...giftStep] : baseSteps,
-      onDestroyed: () => {
-        console.log('onDestroyed Detail');
-        updateGuideStatus();
-      },
-      interceptSkipButtonClick: () => {
-        const skipButton = driverObj.getState('__overlaySkipBtn');
-        skipButton?.remove();
-        if (driverObj.isLastStep()) {
-          driverObj.destroy();
-        } else {
-          driverObj.drive(3);
-        }
-      }
-    };
-    // eslint-disable-next-line react-hooks/exhaustive-deps
-  }, [showGiftStep]);
+  const giftStep: DriveStep[] = useMemo(
+    () => [
+      {
+        popover: {
+          borderRadius: '12px 12px 12px 12px',
+          PopoverBody: (
+            <Flex flexDirection={'column'} alignItems={'center'} padding={'27px 40px'} w="540px">
+              <Flex
+                w="100%"
+                color={'#24282C'}
+                fontSize={'14px'}
+                fontWeight={500}
+                bg="#F6EEFA"
+                borderRadius={'8px'}
+                p={'16px'}
+                alignItems={'center'}
+              >
+                <DriverStarIcon />
+                <Text fontWeight={500} ml="8px">
+                  {t('You have successfully deployed an application')}
+                </Text>
+                <Text
+                  ml="auto"
+                  mr={'12px'}
+                  color={'grayModern.900'}
+                  fontSize={'12px'}
+                  fontWeight={500}
+                >
+                  {t('receive')}
+                </Text>
+                <SealosCoin />
+                <Text mx="4px">{reward}</Text>
+                <Text fontSize={'14px'} fontWeight={500}>
+                  {t('Balance')}
+                </Text>
+              </Flex>
 
-  const driverObj = driver(driverConfig);
+              <Flex
+                alignItems={'center'}
+                justifyContent={'center'}
+                color={'#24282C'}
+                fontSize={'14px'}
+                fontWeight={500}
+                mt="42px"
+              >
+                <MyIcon name="gift" w={'20px'} h={'20px'} />
+                <Text fontSize={'20px'} fontWeight={500} ml="8px" mr={'4px'}>
+                  {t('first_charge')}
+                </Text>
+              </Flex>
 
-  const openCostCenterApp = () => {
-    sealosApp.runEvents('openDesktopApp', {
-      appKey: 'system-costcenter',
-      query: {
-        openRecharge: 'true'
+              <Flex
+                justifyContent={'center'}
+                fontSize={i18n.language === 'en' ? '18px' : '24px'}
+                fontWeight={500}
+                mt="28px"
+                gap={'16px'}
+              >
+                {rechargeOptions.map((item, index) => (
+                  <Center
+                    key={index}
+                    bg="#F4F4F7"
+                    borderRadius="2px"
+                    w={'100px'}
+                    h={'72px'}
+                    position={'relative'}
+                  >
+                    <SealosCoin w="14px" />
+                    <Text fontSize={'20px'} fontWeight={500} color={'rgba(17, 24, 36, 1)'} pl="4px">
+                      {item.amount}
+                    </Text>
+                    <Flex
+                      bg={'#F7E7FF'}
+                      position={'absolute'}
+                      top={0}
+                      right={'-15px'}
+                      borderRadius={'10px 10px 10px 0px'}
+                      color={'#9E53C1'}
+                      fontSize={'12px'}
+                      fontWeight={500}
+                      gap={'2px'}
+                      alignItems={'center'}
+                      justifyContent={'center'}
+                      w={'60px'}
+                      height={'20px'}
+                    >
+                      <Text>{t('gift')}</Text>
+                      <SealosCoin w="10px" />
+                      <Text>{item.gift}</Text>
+                    </Flex>
+                  </Center>
+                ))}
+              </Flex>
+
+              <Flex
+                mt={'40px'}
+                bg={'#111824'}
+                borderRadius={'6px'}
+                alignItems={'center'}
+                justifyContent={'center'}
+                w={'179px'}
+                h={'36px'}
+                color={'#FFF'}
+                fontSize={'14px'}
+                fontWeight={500}
+                cursor={'pointer'}
+                onClick={() => {
+                  driverObj.destroy();
+                  openCostCenterApp();
+                }}
+              >
+                {t('Go to recharge')}
+              </Flex>
+              <Text
+                mt="16px"
+                cursor={'pointer'}
+                color={'rgba(72, 82, 100, 1)'}
+                fontSize={'14px'}
+                fontWeight={500}
+                onClick={() => {
+                  driverObj.destroy();
+                }}
+              >
+                {t('let me think again')}
+              </Text>
+            </Flex>
+          )
+        }
       }
-    });
-  };
+    ],
+    [rechargeOptions, reward, t]
+  );
 
-  const updateGuideStatus = () => {
-    updateDesktopGuide({
-      activityType: 'beginner-guide',
-      phase: 'launchpad',
-      phasePage: 'detail',
-      shouldSendGift: false
-    }).catch((err) => {
-      console.log(err);
-    });
+  const driverObj = driver({
+    disableActiveInteraction: true,
+    showProgress: false,
+    allowClose: false,
+    allowClickMaskNextStep: true,
+    allowPreviousStep: false,
+    isShowButtons: false,
+    allowKeyboardControl: false,
+    steps: [...baseSteps, ...giftStep],
+    onDestroyed: () => {
+      console.log('onDestroyed Detail');
+      setDetailCompleted(true);
+      checkUserTask().then((err) => {
+        console.log(err);
+      });
+    },
+    interceptSkipButtonClick: () => {
+      driverObj.destroy();
+    }
+  });
+
+  const startGuide = () => {
+    driverObj.drive();
   };
 
   useEffect(() => {
     const handleUserGuide = async () => {
       try {
-        const { guideEnabled } = await getInitData();
-        const userAccount = await getUserAccount();
-
-        const bonus = await getPriceBonus();
-        if (bonus?.data?.activities) {
-          const strategy = JSON.parse(bonus.data?.activities);
-          const activity = {
-            balance: formatMoney(
-              strategy?.['beginner-guide']?.phases?.launchpad?.giveAmount || 8000000
-            ),
-            limitDuration: strategy?.[
-              'beginner-guide'
-            ]?.phases?.launchpad?.RechargeDiscount?.limitDuration?.replace('h', ''),
-            amount: Object.entries(
-              strategy?.['beginner-guide']?.phases?.launchpad?.RechargeDiscount?.specialDiscount
-            )[0][0],
-            giftAmount:
-              Object.entries(
-                strategy?.['beginner-guide']?.phases?.launchpad?.RechargeDiscount?.specialDiscount
-              )[0][1] + ''
-          };
-          setActivity(activity);
-        }
-
-        if (guideEnabled && userAccount?.metadata?.annotations) {
-          const showGiftStep = !!userAccount.metadata.annotations?.[GUIDE_LAUNCHPAD_GIFT_KEY];
-          const isGuided = !!userAccount.metadata.annotations?.[GUIDE_LAUNCHPAD_DETAIL_KEY];
-          if (!isGuided) {
-            setShowGiftStep(showGiftStep);
+        const [taskData, bonusData] = await Promise.all([getUserTasks(), getPriceBonus()]);
+        if (taskData.needGuide && !detailCompleted) {
+          setReward(formatMoney(Number(taskData.task.reward)));
+          setRechargeOptions(bonusData);
+          requestAnimationFrame(() => {
             startGuide();
-          }
+          });
         }
       } catch (error) {
         console.log(error);
       }
     };
     handleUserGuide();
-    // eslint-disable-next-line react-hooks/exhaustive-deps
   }, []);
 
-  const startGuide = () => {
-    driverObj.drive();
-  };
-
-  const closeGuide = () => {
-    driverObj.destroy();
-  };
-
-  return { startGuide, closeGuide };
+  return { startGuide };
 }
diff --git a/frontend/providers/applaunchpad/src/hooks/useDriver.tsx b/frontend/providers/applaunchpad/src/hooks/useDriver.tsx
index 85b6b1209ba..fcbd40fe68c 100644
--- a/frontend/providers/applaunchpad/src/hooks/useDriver.tsx
+++ b/frontend/providers/applaunchpad/src/hooks/useDriver.tsx
@@ -1,77 +1,48 @@
-import { getInitData, getUserAccount, updateDesktopGuide } from '@/api/platform';
-import { GUIDE_LAUNCHPAD_CREATE_KEY } from '@/constants/account';
+import { getUserTasks } from '@/api/platform';
+import { useGuideStore } from '@/store/guide';
+import { formatMoney } from '@/utils/tools';
 import { Flex, FlexProps, Icon, Text } from '@chakra-ui/react';
 import { driver } from '@sealos/driver';
+import { SealosCoin } from '@sealos/ui';
 import { useTranslation } from 'next-i18next';
-import { useEffect, useState } from 'react';
+import { useCallback, useEffect, useState } from 'react';
 
 export function DriverStarIcon() {
   return (
-    <Icon
-      width="20px"
-      height="20px"
-      viewBox="0 0 20 20"
-      fill="none"
-      xmlns="http://www.w3.org/2000/svg"
-    >
+    <Icon xmlns="http://www.w3.org/2000/svg" width="21" height="21" viewBox="0 0 21 21" fill="none">
       <path
         fillRule="evenodd"
         clipRule="evenodd"
-        d="M3.74999 1.08801C4.0696 1.08801 4.32869 1.34711 4.32869 1.66672V3.17135H5.83332C6.15293 3.17135 6.41203 3.43044 6.41203 3.75005C6.41203 4.06966 6.15293 4.32875 5.83332 4.32875H4.32869V5.83338C4.32869 6.15299 4.0696 6.41209 3.74999 6.41209C3.43038 6.41209 3.17128 6.15299 3.17128 5.83338V4.32875H1.66666C1.34705 4.32875 1.08795 4.06966 1.08795 3.75005C1.08795 3.43044 1.34705 3.17135 1.66666 3.17135H3.17128V1.66672C3.17128 1.34711 3.43038 1.08801 3.74999 1.08801ZM10.8333 1.92135C11.0728 1.92135 11.2875 2.06882 11.3735 2.29231L12.8186 6.04969C13.0643 6.68839 13.1548 6.91199 13.2853 7.0956C13.4098 7.27064 13.5627 7.42357 13.7378 7.54803C13.9214 7.67859 14.145 7.76912 14.7837 8.01477L18.5411 9.45992C18.7646 9.54588 18.912 9.7606 18.912 10C18.912 10.2395 18.7646 10.4542 18.5411 10.5402L14.7837 11.9853C14.145 12.231 13.9214 12.3215 13.7378 12.4521C13.5627 12.5765 13.4098 12.7295 13.2853 12.9045C13.1548 13.0881 13.0643 13.3117 12.8186 13.9504L11.3735 17.7078C11.2875 17.9313 11.0728 18.0788 10.8333 18.0788C10.5939 18.0788 10.3792 17.9313 10.2932 17.7078L8.84804 13.9504C8.60239 13.3117 8.51186 13.0881 8.3813 12.9045C8.25684 12.7295 8.10391 12.5765 7.92887 12.4521C7.74526 12.3215 7.52166 12.231 6.88297 11.9853L3.12558 10.5402C2.90209 10.4542 2.75462 10.2395 2.75462 10C2.75462 9.7606 2.90209 9.54588 3.12558 9.45992L6.88296 8.01477C7.52166 7.76912 7.74526 7.67859 7.92887 7.54803C8.10391 7.42357 8.25684 7.27064 8.3813 7.0956C8.51186 6.91199 8.60239 6.68839 8.84804 6.04969L10.2932 2.29231C10.3791 2.06882 10.5939 1.92135 10.8333 1.92135ZM10.8333 4.11213L9.9283 6.46518C9.91949 6.48809 9.9108 6.51071 9.90222 6.53303C9.69245 7.07888 9.55023 7.44893 9.32456 7.76631C9.12512 8.04679 8.88006 8.29185 8.59958 8.49129C8.28221 8.71696 7.91216 8.85917 7.36631 9.06895C7.34398 9.07753 7.32137 9.08622 7.29845 9.09503L4.9454 10L7.29845 10.9051C7.32137 10.9139 7.34398 10.9226 7.36631 10.9312C7.91216 11.1409 8.28221 11.2831 8.59958 11.5088C8.88006 11.7083 9.12512 11.9533 9.32456 12.2338C9.55023 12.5512 9.69245 12.9212 9.90222 13.4671C9.9108 13.4894 9.91949 13.512 9.9283 13.5349L10.8333 15.888L11.7383 13.5349C11.7472 13.512 11.7558 13.4894 11.7644 13.4671C11.9742 12.9212 12.1164 12.5512 12.3421 12.2338C12.5415 11.9533 12.7866 11.7083 13.0671 11.5088C13.3844 11.2831 13.7545 11.1409 14.3003 10.9311C14.3227 10.9226 14.3453 10.9139 14.3682 10.9051L16.7212 10L14.3682 9.09503C14.3453 9.08622 14.3227 9.07753 14.3004 9.06896C13.7545 8.85918 13.3844 8.71696 13.0671 8.49129C12.7866 8.29185 12.5415 8.04679 12.3421 7.76631C12.1164 7.44894 11.9742 7.07889 11.7644 6.53304C11.7558 6.51071 11.7472 6.4881 11.7383 6.46518L10.8333 4.11213ZM3.74999 13.588C4.0696 13.588 4.32869 13.8471 4.32869 14.1667V15.6713H5.83332C6.15293 15.6713 6.41203 15.9304 6.41203 16.25C6.41203 16.5697 6.15293 16.8288 5.83332 16.8288H4.32869V18.3334C4.32869 18.653 4.0696 18.9121 3.74999 18.9121C3.43038 18.9121 3.17128 18.653 3.17128 18.3334V16.8288H1.66666C1.34705 16.8288 1.08795 16.5697 1.08795 16.25C1.08795 15.9304 1.34705 15.6713 1.66666 15.6713H3.17128V14.1667C3.17128 13.8471 3.43038 13.588 3.74999 13.588Z"
-        fill="url(#paint0_linear_124_3715)"
+        d="M4.24999 1.58789C4.5696 1.58789 4.82869 1.84699 4.82869 2.16659V3.67122H6.33332C6.65293 3.67122 6.91203 3.93032 6.91203 4.24993C6.91203 4.56954 6.65293 4.82863 6.33332 4.82863H4.82869V6.33326C4.82869 6.65287 4.5696 6.91196 4.24999 6.91196C3.93038 6.91196 3.67128 6.65287 3.67128 6.33326V4.82863H2.16666C1.84705 4.82863 1.58795 4.56954 1.58795 4.24993C1.58795 3.93032 1.84705 3.67122 2.16666 3.67122H3.67128V2.16659C3.67128 1.84699 3.93038 1.58789 4.24999 1.58789ZM11.3333 2.42122C11.5728 2.42122 11.7875 2.56869 11.8735 2.79218L13.3186 6.54957C13.5643 7.18827 13.6548 7.41187 13.7853 7.59548C13.9098 7.77051 14.0627 7.92344 14.2378 8.04791C14.4214 8.17846 14.645 8.269 15.2837 8.51465L19.0411 9.9598C19.2646 10.0458 19.412 10.2605 19.412 10.4999C19.412 10.7394 19.2646 10.9541 19.0411 11.0401L15.2837 12.4852C14.645 12.7309 14.4214 12.8214 14.2378 12.9519C14.0627 13.0764 13.9098 13.2293 13.7853 13.4044C13.6548 13.588 13.5643 13.8116 13.3186 14.4503L11.8735 18.2077C11.7875 18.4312 11.5728 18.5786 11.3333 18.5786C11.0939 18.5786 10.8792 18.4312 10.7932 18.2077L9.34804 14.4503C9.10239 13.8116 9.01186 13.588 8.8813 13.4044C8.75684 13.2293 8.60391 13.0764 8.42887 12.9519C8.24526 12.8214 8.02166 12.7309 7.38297 12.4852L3.62558 11.0401C3.40209 10.9541 3.25462 10.7394 3.25462 10.4999C3.25462 10.2605 3.40209 10.0458 3.62558 9.9598L7.38296 8.51465C8.02166 8.269 8.24526 8.17846 8.42887 8.04791C8.60391 7.92345 8.75684 7.77051 8.8813 7.59548C9.01186 7.41187 9.10239 7.18827 9.34804 6.54957L10.7932 2.79219C10.8791 2.56869 11.0939 2.42122 11.3333 2.42122ZM11.3333 4.61201L10.4283 6.96506C10.4195 6.98797 10.4108 7.01059 10.4022 7.03291C10.1924 7.57876 10.0502 7.94881 9.82456 8.26619C9.62512 8.54667 9.38006 8.79173 9.09958 8.99117C8.78221 9.21684 8.41216 9.35905 7.86631 9.56883C7.84398 9.5774 7.82137 9.5861 7.79845 9.59491L5.4454 10.4999L7.79845 11.4049C7.82137 11.4138 7.84398 11.4225 7.86631 11.431C8.41216 11.6408 8.78221 11.783 9.09958 12.0087C9.38006 12.2081 9.62512 12.4532 9.82456 12.7337C10.0502 13.051 10.1924 13.4211 10.4022 13.9669C10.4108 13.9893 10.4195 14.0119 10.4283 14.0348L11.3333 16.3878L12.2383 14.0348C12.2472 14.0119 12.2558 13.9893 12.2644 13.967C12.4742 13.4211 12.6164 13.051 12.8421 12.7337C13.0415 12.4532 13.2866 12.2081 13.5671 12.0087C13.8844 11.783 14.2545 11.6408 14.8003 11.431C14.8227 11.4225 14.8453 11.4138 14.8682 11.4049L17.2212 10.4999L14.8682 9.59491C14.8453 9.5861 14.8227 9.57741 14.8004 9.56883C14.2545 9.35906 13.8844 9.21684 13.5671 8.99117C13.2866 8.79173 13.0415 8.54667 12.8421 8.26619C12.6164 7.94881 12.4742 7.57876 12.2644 7.03291C12.2558 7.01059 12.2472 6.98797 12.2383 6.96505L11.3333 4.61201ZM4.24999 14.0879C4.5696 14.0879 4.82869 14.347 4.82869 14.6666V16.1712H6.33332C6.65293 16.1712 6.91203 16.4303 6.91203 16.7499C6.91203 17.0695 6.65293 17.3286 6.33332 17.3286H4.82869V18.8333C4.82869 19.1529 4.5696 19.412 4.24999 19.412C3.93038 19.412 3.67128 19.1529 3.67128 18.8333V17.3286H2.16666C1.84705 17.3286 1.58795 17.0695 1.58795 16.7499C1.58795 16.4303 1.84705 16.1712 2.16666 16.1712H3.67128V14.6666C3.67128 14.347 3.93038 14.0879 4.24999 14.0879Z"
+        fill="url(#paint0_linear_864_3172)"
       />
       <defs>
         <linearGradient
-          id="paint0_linear_124_3715"
-          x1="9.99999"
-          y1="1.66672"
-          x2="9.99999"
-          y2="18.3334"
+          id="paint0_linear_864_3172"
+          x1="10.5"
+          y1="2.16659"
+          x2="10.5"
+          y2="18.8333"
           gradientUnits="userSpaceOnUse"
         >
-          <stop stopColor="#FFC3A4" />
-          <stop offset="0.432292" stopColor="#FE8BA7" />
-          <stop offset="1" stopColor="#8695FF" />
+          <stop stopColor="#69AEFF" />
+          <stop offset="0.432292" stopColor="#6096FF" />
+          <stop offset="1" stopColor="#6C7FFF" />
         </linearGradient>
       </defs>
     </Icon>
   );
 }
 
-export default function useDriver() {
+export default function useDriver({
+  setIsAdvancedOpen
+}: {
+  setIsAdvancedOpen: (val: boolean) => void;
+}) {
   const { t } = useTranslation();
-  const [isGuided, setIsGuided] = useState(true);
-
-  useEffect(() => {
-    const handleUserGuide = async () => {
-      try {
-        const { guideEnabled } = await getInitData();
-        const userAccount = await getUserAccount();
-        if (guideEnabled && userAccount?.metadata?.annotations) {
-          const isGuided = !!userAccount.metadata.annotations?.[GUIDE_LAUNCHPAD_CREATE_KEY];
-          if (!isGuided) {
-            startGuide();
-          }
-          setIsGuided(isGuided);
-        }
-      } catch (error) {
-        console.log(error);
-      }
-    };
-    handleUserGuide();
-    // eslint-disable-next-line react-hooks/exhaustive-deps
-  }, []);
-
-  const updateGuideStatus = () => {
-    updateDesktopGuide({
-      activityType: 'beginner-guide',
-      phase: 'launchpad',
-      phasePage: 'create',
-      shouldSendGift: false
-    }).catch((err) => {
-      console.log(err);
-    });
-  };
+  const [isGuided, setIsGuided] = useState(false);
+  const { createCompleted, setCreateCompleted } = useGuideStore();
+  const [reward, setReward] = useState(1);
 
   const PopoverBodyInfo = (props: FlexProps) => {
     return (
@@ -112,6 +83,7 @@ export default function useDriver() {
     isShowButtons: false,
     allowKeyboardControl: false,
     overlaySkipButton: t('skip') || 'skip',
+    disableActiveInteraction: true,
     steps: [
       {
         element: '.driver-deploy-image',
@@ -122,7 +94,7 @@ export default function useDriver() {
           PopoverBody: (
             <Flex gap={'6px'}>
               <DriverStarIcon />
-              <Text color={'#24282C'} fontSize={'13px'}>
+              <Text color={'#24282C'} fontSize={'13px'} fontWeight={500}>
                 {t('Can help you deploy any Docker image')}
               </Text>
               <PopoverBodyInfo />
@@ -131,16 +103,16 @@ export default function useDriver() {
         }
       },
       {
-        element: '.driver-deploy-instance',
+        element: '.driver-deploy-command',
         popover: {
-          side: 'top',
-          align: 'start',
-          borderRadius: '12px 12px 12px 0px',
+          side: 'right',
+          align: 'center',
+          borderRadius: '0px 12px 12px 12px',
           PopoverBody: (
             <Flex gap={'6px'}>
               <DriverStarIcon />
-              <Text color={'#24282C'} fontSize={'13px'}>
-                {t('Configurable number of instances or automatic horizontal scaling')}
+              <Text color={'#24282C'} fontSize={'13px'} fontWeight={500}>
+                {t('guide_deploy_command')}
               </Text>
               <PopoverBodyInfo top={'-120px'} />
             </Flex>
@@ -148,7 +120,7 @@ export default function useDriver() {
         }
       },
       {
-        element: '.driver-deploy-network-switch',
+        element: '.driver-deploy-storage',
         popover: {
           side: 'top',
           align: 'start',
@@ -156,8 +128,8 @@ export default function useDriver() {
           PopoverBody: (
             <Flex gap={'6px'}>
               <DriverStarIcon />
-              <Text color={'#24282C'} fontSize={'13px'}>
-                {t('Second-level domain name tips')}
+              <Text color={'#24282C'} fontSize={'13px'} fontWeight={500}>
+                {t('guide_deploy_storage')}
               </Text>
               <PopoverBodyInfo top={'-120px'} />
             </Flex>
@@ -171,37 +143,49 @@ export default function useDriver() {
           align: 'center',
           borderRadius: '12px 12px 0px 12px',
           PopoverBody: (
-            <Flex gap={'6px'}>
+            <Flex gap={'6px'} alignItems={'center'} fontSize={'13px'} fontWeight={500}>
               <DriverStarIcon />
-              <Text color={'#24282C'} fontSize={'13px'}>
-                {t('Click the Deploy Application button')}
-              </Text>
+              <Text color={'#24282C'}>{t('guide_deploy_button')}</Text>
+              <Text>{reward}</Text>
+              <SealosCoin />
+              <Text>{t('balance')}</Text>
             </Flex>
-          ),
-          onPopoverRender: () => {
-            const svg = driverObj.getState('__overlaySvg');
-            if (svg) {
-              const pathElement = svg.querySelector('path');
-              if (pathElement) {
-                pathElement.style.pointerEvents = 'none';
-              }
-            }
-          }
+          )
         }
       }
     ],
     onDestroyed: () => {
-      updateGuideStatus();
+      setCreateCompleted(true);
     }
   });
 
-  const startGuide = () => {
+  const startGuide = useCallback(() => {
     driverObj.drive();
-  };
+  }, [driverObj]);
 
   const closeGuide = () => {
     driverObj.destroy();
   };
 
-  return { driverObj, startGuide, closeGuide, isGuided };
+  useEffect(() => {
+    const handleUserGuide = async () => {
+      try {
+        const data = await getUserTasks();
+        if (data.needGuide && !createCompleted) {
+          setReward(formatMoney(Number(data.task.reward)));
+          setIsAdvancedOpen(true);
+          setIsGuided(true);
+          requestAnimationFrame(() => {
+            startGuide();
+          });
+        }
+      } catch (error) {
+        setIsGuided(false);
+      }
+    };
+    handleUserGuide();
+    // eslint-disable-next-line react-hooks/exhaustive-deps
+  }, []);
+
+  return { startGuide, closeGuide, isGuided };
 }
diff --git a/frontend/providers/applaunchpad/src/pages/api/guide/getAccount.ts b/frontend/providers/applaunchpad/src/pages/api/guide/checkTask.ts
similarity index 66%
rename from frontend/providers/applaunchpad/src/pages/api/guide/getAccount.ts
rename to frontend/providers/applaunchpad/src/pages/api/guide/checkTask.ts
index a20be083632..458be833a9b 100644
--- a/frontend/providers/applaunchpad/src/pages/api/guide/getAccount.ts
+++ b/frontend/providers/applaunchpad/src/pages/api/guide/checkTask.ts
@@ -1,4 +1,4 @@
-import { authSession } from '@/services/backend/auth';
+import { authAppToken } from '@/services/backend/auth';
 import { jsonRes } from '@/services/backend/response';
 import { ApiResp } from '@/services/kubernet';
 import type { NextApiRequest, NextApiResponse } from 'next';
@@ -6,15 +6,21 @@ import type { NextApiRequest, NextApiResponse } from 'next';
 export default async function handler(req: NextApiRequest, res: NextApiResponse<ApiResp>) {
   try {
     if (!global.AppConfig.common.guideEnabled) return jsonRes(res, { data: null });
-    const kubeconfig = await authSession(req.headers);
-    const domain = global.AppConfig.cloud.domain;
+    const token = await authAppToken(req.headers);
+    if (!token) {
+      return jsonRes(res, { code: 401, message: 'token is valid' });
+    }
+
+    const domain = global.AppConfig.cloud.desktopDomain;
 
-    const response = await fetch(`https://${domain}/api/v1alpha/account/getAccount`, {
+    const response = await fetch(`https://${domain}/api/account/checkTask`, {
       method: 'GET',
       headers: {
-        Authorization: encodeURIComponent(kubeconfig)
+        'Content-Type': 'application/json',
+        Authorization: token
       }
     });
+
     const result: {
       code: number;
       data: any;
diff --git a/frontend/providers/applaunchpad/src/pages/api/guide/getBonus.ts b/frontend/providers/applaunchpad/src/pages/api/guide/getBonus.ts
index 50dc5c8cea4..4ad97b2c826 100644
--- a/frontend/providers/applaunchpad/src/pages/api/guide/getBonus.ts
+++ b/frontend/providers/applaunchpad/src/pages/api/guide/getBonus.ts
@@ -1,22 +1,43 @@
-import { authSession } from '@/services/backend/auth';
-import { getK8s } from '@/services/backend/kubernetes';
+import { authAppToken } from '@/services/backend/auth';
 import { jsonRes } from '@/services/backend/response';
 import { ApiResp } from '@/services/kubernet';
 import type { NextApiRequest, NextApiResponse } from 'next';
 
 export default async function handler(req: NextApiRequest, res: NextApiResponse<ApiResp>) {
   try {
-    if (!global.AppConfig.common.guideEnabled) return jsonRes(res, { data: null });
-    const { k8sCore, namespace } = await getK8s({
-      kubeconfig: await authSession(req.headers)
+    const token = await authAppToken(req.headers);
+    if (!token) {
+      return jsonRes(res, { code: 401, message: '令牌无效' });
+    }
+
+    const url = global.AppConfig.launchpad.components.billing.url;
+
+    const response = await fetch(`${url}/account/v1alpha1/recharge-discount`, {
+      method: 'POST',
+      headers: {
+        Authorization: `Bearer ${token}`
+      }
     });
 
-    const result = await k8sCore.readNamespacedConfigMap('recharge-gift', 'sealos');
+    const result: {
+      discount: {
+        firstRechargeDiscount: Record<string, string>;
+      };
+    } = await response.json();
+
+    const rechargeOptions = Object.entries(result.discount.firstRechargeDiscount).map(
+      ([amount, rate]) => ({
+        amount: Number(amount),
+        gift: Math.floor((Number(amount) * Number(rate)) / 100)
+      })
+    );
 
     jsonRes(res, {
-      data: result.body
+      code: 200,
+      data: rechargeOptions
     });
   } catch (err: any) {
+    console.log(err);
     jsonRes(res, {
       code: 500,
       error: err
diff --git a/frontend/providers/applaunchpad/src/pages/api/guide/getTasks.ts b/frontend/providers/applaunchpad/src/pages/api/guide/getTasks.ts
new file mode 100644
index 00000000000..9321febd240
--- /dev/null
+++ b/frontend/providers/applaunchpad/src/pages/api/guide/getTasks.ts
@@ -0,0 +1,55 @@
+import { authAppToken } from '@/services/backend/auth';
+import { jsonRes } from '@/services/backend/response';
+import { ApiResp } from '@/services/kubernet';
+import { UserTask } from '@/types/user';
+import type { NextApiRequest, NextApiResponse } from 'next';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse<ApiResp>) {
+  try {
+    if (!global.AppConfig.common.guideEnabled)
+      return jsonRes(res, {
+        data: {
+          needGuide: false
+        }
+      });
+
+    const token = await authAppToken(req.headers);
+    if (!token) {
+      return jsonRes(res, { code: 401, message: 'token is valid' });
+    }
+
+    const domain = global.AppConfig.cloud.desktopDomain;
+    const response = await fetch(`https://${domain}/api/account/getTasks`, {
+      method: 'GET',
+      headers: {
+        Authorization: token
+      }
+    });
+    const result: {
+      code: number;
+      data: UserTask[];
+      message: string;
+    } = await response.json();
+
+    if (result.code !== 200) {
+      return jsonRes(res, {
+        code: 500,
+        message: 'desktop api is err'
+      });
+    }
+
+    const launchpadTask = result.data.find((task) => task.taskType === 'LAUNCHPAD');
+    const needGuide = launchpadTask ? !launchpadTask.isCompleted : false;
+
+    jsonRes(res, {
+      code: 200,
+      data: { needGuide, task: launchpadTask }
+    });
+  } catch (err: any) {
+    console.log(err);
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}
diff --git a/frontend/providers/applaunchpad/src/pages/api/guide/updateGuide.ts b/frontend/providers/applaunchpad/src/pages/api/guide/updateGuide.ts
deleted file mode 100644
index 7d46c77c43a..00000000000
--- a/frontend/providers/applaunchpad/src/pages/api/guide/updateGuide.ts
+++ /dev/null
@@ -1,57 +0,0 @@
-import { authSession } from '@/services/backend/auth';
-import { jsonRes } from '@/services/backend/response';
-import { ApiResp } from '@/services/kubernet';
-import type { NextApiRequest, NextApiResponse } from 'next';
-
-export type UpdateUserGuideParams = {
-  activityType: 'beginner-guide';
-  phase: 'launchpad' | 'database' | 'template' | 'terminal';
-  phasePage: 'create' | 'detail' | 'index';
-  shouldSendGift: boolean;
-};
-
-export default async function handler(req: NextApiRequest, res: NextApiResponse<ApiResp>) {
-  try {
-    if (!global.AppConfig.common.guideEnabled) return jsonRes(res, { data: null });
-    const { activityType, phase, phasePage, shouldSendGift } = req.body as UpdateUserGuideParams;
-
-    if (!activityType || !phase || !phasePage)
-      return jsonRes(res, { code: 400, message: 'Bad Request: Invalid parameters' });
-    const kubeconfig = await authSession(req.headers);
-    const domain = global.AppConfig.cloud.domain;
-
-    const payload = {
-      activityType,
-      phase,
-      phasePage,
-      shouldSendGift
-    };
-
-    const response = await fetch(`https://${domain}/api/v1alpha/account/updateGuide`, {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-        Authorization: encodeURIComponent(kubeconfig)
-      },
-      body: JSON.stringify(payload)
-    });
-
-    const result: {
-      code: number;
-      data: any;
-      message: string;
-    } = await response.json();
-
-    if (result.code !== 200) {
-      return jsonRes(res, { code: result.code, message: 'desktop api is err' });
-    } else {
-      return jsonRes(res, { data: result.data });
-    }
-  } catch (err: any) {
-    console.log(err);
-    jsonRes(res, {
-      code: 500,
-      error: err
-    });
-  }
-}
diff --git a/frontend/providers/applaunchpad/src/pages/app/detail/components/AppBaseInfo.tsx b/frontend/providers/applaunchpad/src/pages/app/detail/components/AppBaseInfo.tsx
index 89f98aae550..d5ad98246bb 100644
--- a/frontend/providers/applaunchpad/src/pages/app/detail/components/AppBaseInfo.tsx
+++ b/frontend/providers/applaunchpad/src/pages/app/detail/components/AppBaseInfo.tsx
@@ -238,21 +238,6 @@ const AppBaseInfo = ({ app = MOCK_APP_DETAIL }: { app: AppDetailType }) => {
               <Box flex={'0 0 80px'} w={0}>
                 {t(item.label)}
               </Box>
-              <MyTooltip label={item.value}>
-                <Box
-                  flex={'1 0 0'}
-                  w={'0'}
-                  textAlign={'right'}
-                  color={'grayModern.500'}
-                  textOverflow={'ellipsis'}
-                  overflow={'hidden'}
-                  whiteSpace={'nowrap'}
-                  onClick={() => copyData(item.value)}
-                  cursor={'pointer'}
-                >
-                  {t(item.value)}
-                </Box>
-              </MyTooltip>
             </Flex>
           ))}
           {/* env */}
diff --git a/frontend/providers/applaunchpad/src/pages/app/detail/components/AppMainInfo.tsx b/frontend/providers/applaunchpad/src/pages/app/detail/components/AppMainInfo.tsx
index 7b050b6afea..53efbbae50b 100644
--- a/frontend/providers/applaunchpad/src/pages/app/detail/components/AppMainInfo.tsx
+++ b/frontend/providers/applaunchpad/src/pages/app/detail/components/AppMainInfo.tsx
@@ -59,6 +59,7 @@ const AppMainInfo = ({ app = MOCK_APP_DETAIL }: { app: AppDetailType }) => {
           color={'grayModern.600'}
           fontWeight={'bold'}
           position={'relative'}
+          className="driver-detail-monitor"
         >
           <Button
             variant={'square'}
@@ -96,7 +97,7 @@ const AppMainInfo = ({ app = MOCK_APP_DETAIL }: { app: AppDetailType }) => {
             {t('Network Configuration')}({networks.length})
           </Box>
         </Flex>
-        <Flex mt={'12px'}>
+        <Flex mt={'12px'} className="driver-detail-network">
           <table className={'table-cross'}>
             <thead>
               <tr>
@@ -125,7 +126,7 @@ const AppMainInfo = ({ app = MOCK_APP_DETAIL }: { app: AppDetailType }) => {
                         </MyTooltip>
                       </Flex>
                     </th>
-                    <th className="driver-detail-network-public">
+                    <th>
                       <Flex alignItems={'center'} justifyContent={'space-between'}>
                         <MyTooltip
                           label={network.public ? t('Open Link') : ''}
diff --git a/frontend/providers/applaunchpad/src/pages/app/detail/components/Pods.tsx b/frontend/providers/applaunchpad/src/pages/app/detail/components/Pods.tsx
index d4b029ff9d5..2e3e8c55c90 100644
--- a/frontend/providers/applaunchpad/src/pages/app/detail/components/Pods.tsx
+++ b/frontend/providers/applaunchpad/src/pages/app/detail/components/Pods.tsx
@@ -186,7 +186,7 @@ const Pods = ({
       title: 'Operation',
       key: 'control',
       render: (item: PodDetailType, i: number) => (
-        <Flex alignItems={'center'}>
+        <Flex alignItems={'center'} className="driver-detail-operate">
           <MyTooltip label={t('Log')} offset={[0, 10]}>
             <Button variant={'square'} onClick={() => setLogsPodIndex(i)}>
               <MyIcon name="log" w="18px" h="18px" fill={'#485264'} />
diff --git a/frontend/providers/applaunchpad/src/pages/app/edit/components/Form.tsx b/frontend/providers/applaunchpad/src/pages/app/edit/components/Form.tsx
index e7480bd72c1..ab45455e271 100644
--- a/frontend/providers/applaunchpad/src/pages/app/edit/components/Form.tsx
+++ b/frontend/providers/applaunchpad/src/pages/app/edit/components/Form.tsx
@@ -59,7 +59,8 @@ const Form = ({
   defaultStorePathList,
   countGpuInventory,
   pxVal,
-  refresh
+  refresh,
+  isAdvancedOpen
 }: {
   formHook: UseFormReturn<AppEditType, any>;
   already: boolean;
@@ -67,6 +68,7 @@ const Form = ({
   countGpuInventory: (type?: string) => number;
   pxVal: number;
   refresh: boolean;
+  isAdvancedOpen: boolean;
 }) => {
   if (!formHook) return null;
   const { t } = useTranslation();
@@ -934,7 +936,7 @@ const Form = ({
             <Accordion
               id={'settings'}
               allowToggle
-              defaultIndex={navList[2].isSetting ? 0 : undefined}
+              index={isAdvancedOpen || navList[2].isSetting ? 0 : undefined}
             >
               <AccordionItem {...boxStyles}>
                 <AccordionButton
@@ -971,7 +973,7 @@ const Form = ({
                   </Flex>
                   {/* command && param */}
                   <FormControl mb={7}>
-                    <Flex alignItems={'center'}>
+                    <Flex alignItems={'center'} className="driver-deploy-command">
                       <Label>{t('Run command')}</Label>
                       <Input
                         w={'350px'}
@@ -1108,7 +1110,7 @@ const Form = ({
 
                   <Divider my={'30px'} borderColor={'#EFF0F1'} />
 
-                  <Box>
+                  <Box className="driver-deploy-storage">
                     <Flex alignItems={'center'} mb={'10px'}>
                       <Label className={styles.formSecondTitle} m={0}>
                         {t('Local Storage')}
diff --git a/frontend/providers/applaunchpad/src/pages/app/edit/index.tsx b/frontend/providers/applaunchpad/src/pages/app/edit/index.tsx
index b18cbc7cc5b..5607697e0bd 100644
--- a/frontend/providers/applaunchpad/src/pages/app/edit/index.tsx
+++ b/frontend/providers/applaunchpad/src/pages/app/edit/index.tsx
@@ -1,5 +1,5 @@
 import { postDeployApp, putApp } from '@/api/app';
-import { checkPermission, updateDesktopGuide } from '@/api/platform';
+import { checkPermission } from '@/api/platform';
 import { defaultSliderKey } from '@/constants/app';
 import { defaultEditVal, editModeMap } from '@/constants/editApp';
 import { useConfirm } from '@/hooks/useConfirm';
@@ -106,6 +106,7 @@ const EditApp = ({ appName, tabType }: { appName?: string; tabType: string }) =>
   const [yamlList, setYamlList] = useState<YamlItemType[]>([]);
   const [errorMessage, setErrorMessage] = useState('');
   const [already, setAlready] = useState(false);
+  const [isAdvancedOpen, setIsAdvancedOpen] = useState(false);
   const [defaultStorePathList, setDefaultStorePathList] = useState<string[]>([]); // default store will no be edit
   const [defaultGpuSource, setDefaultGpuSource] = useState<AppEditType['gpu']>({
     type: '',
@@ -127,7 +128,7 @@ const EditApp = ({ appName, tabType }: { appName?: string; tabType: string }) =>
   const formHook = useForm<AppEditType>({
     defaultValues: defaultEditVal
   });
-  const { isGuided, closeGuide } = useDriver();
+  const { isGuided, closeGuide } = useDriver({ setIsAdvancedOpen });
 
   const realTimeForm = useRef(defaultEditVal);
 
@@ -175,16 +176,7 @@ const EditApp = ({ appName, tabType }: { appName?: string; tabType: string }) =>
         }
 
         router.replace(`/app/detail?name=${formHook.getValues('appName')}`);
-        if (!isGuided) {
-          updateDesktopGuide({
-            activityType: 'beginner-guide',
-            phase: 'launchpad',
-            phasePage: 'create',
-            shouldSendGift: true
-          }).catch((err) => {
-            console.log(err);
-          });
-        }
+
         toast({
           title: t(applySuccess),
           status: 'success'
@@ -416,6 +408,7 @@ const EditApp = ({ appName, tabType }: { appName?: string; tabType: string }) =>
               countGpuInventory={countGpuInventory}
               pxVal={pxVal}
               refresh={forceUpdate}
+              isAdvancedOpen={isAdvancedOpen}
             />
           ) : (
             <Yaml yamlList={yamlList} pxVal={pxVal} />
diff --git a/frontend/providers/applaunchpad/src/services/backend/auth.ts b/frontend/providers/applaunchpad/src/services/backend/auth.ts
index 3cda726714e..c5ba664362f 100644
--- a/frontend/providers/applaunchpad/src/services/backend/auth.ts
+++ b/frontend/providers/applaunchpad/src/services/backend/auth.ts
@@ -12,3 +12,15 @@ export const authSession = async (header: IncomingHttpHeaders) => {
     return Promise.reject('unAuthorization');
   }
 };
+
+export const authAppToken = async (header: IncomingHttpHeaders) => {
+  if (!header) return Promise.reject('unAuthorization');
+  const { authorization } = header;
+  if (!authorization) return Promise.reject('unAuthorization');
+
+  try {
+    return Promise.resolve(authorization);
+  } catch (err) {
+    return Promise.reject('unAuthorization');
+  }
+};
diff --git a/frontend/providers/applaunchpad/src/services/request.ts b/frontend/providers/applaunchpad/src/services/request.ts
index ae632c91a6b..09c5bbe0483 100644
--- a/frontend/providers/applaunchpad/src/services/request.ts
+++ b/frontend/providers/applaunchpad/src/services/request.ts
@@ -24,7 +24,10 @@ request.interceptors.request.use(
     let _headers: AxiosHeaders = config.headers;
 
     //获取token，并将其添加至请求头中
-    _headers['Authorization'] = encodeURIComponent(getUserKubeConfig());
+    _headers['Authorization'] = config.headers.Authorization
+      ? config.headers.Authorization
+      : encodeURIComponent(getUserKubeConfig());
+
     if (!config.headers || config.headers['Content-Type'] === '') {
       _headers['Content-Type'] = 'application/json';
     }
diff --git a/frontend/providers/applaunchpad/src/store/guide.ts b/frontend/providers/applaunchpad/src/store/guide.ts
new file mode 100644
index 00000000000..c158b81df62
--- /dev/null
+++ b/frontend/providers/applaunchpad/src/store/guide.ts
@@ -0,0 +1,27 @@
+import { create } from 'zustand';
+import { persist, createJSONStorage } from 'zustand/middleware';
+
+interface GuideState {
+  createCompleted: boolean;
+  detailCompleted: boolean;
+  setCreateCompleted: (completed: boolean) => void;
+  setDetailCompleted: (completed: boolean) => void;
+  resetGuideState: (completed: boolean) => void;
+}
+
+export const useGuideStore = create<GuideState>()(
+  persist(
+    (set) => ({
+      createCompleted: false,
+      detailCompleted: false,
+      setCreateCompleted: (completed) => set({ createCompleted: completed }),
+      setDetailCompleted: (completed) => set({ detailCompleted: completed }),
+      resetGuideState: (completed) =>
+        set({ createCompleted: completed, detailCompleted: completed })
+    }),
+    {
+      name: 'user-guide',
+      storage: createJSONStorage(() => localStorage)
+    }
+  )
+);
diff --git a/frontend/providers/applaunchpad/src/styles/global.scss b/frontend/providers/applaunchpad/src/styles/global.scss
index 5b1578e8ea1..af9808bd3ec 100644
--- a/frontend/providers/applaunchpad/src/styles/global.scss
+++ b/frontend/providers/applaunchpad/src/styles/global.scss
@@ -31,4 +31,5 @@
 #driver-popover-content {
   padding: 14px;
   max-width: 600px;
+  border: 1px solid #94b5ff;
 }
diff --git a/frontend/providers/applaunchpad/src/types/user.d.ts b/frontend/providers/applaunchpad/src/types/user.d.ts
index 3fa463b6049..6c970f5b66d 100644
--- a/frontend/providers/applaunchpad/src/types/user.d.ts
+++ b/frontend/providers/applaunchpad/src/types/user.d.ts
@@ -52,3 +52,18 @@ export type AccountCRD = {
     encryptDeductionBalance: string;
   };
 };
+
+export enum TaskType {
+  LAUNCHPAD = 'LAUNCHPAD'
+}
+
+export type UserTask = {
+  id: string;
+  title: string;
+  description: string;
+  reward: string;
+  order: number;
+  taskType: TaskType;
+  isCompleted: boolean;
+  completedAt: string;
+};
diff --git a/frontend/providers/applaunchpad/src/utils/user.ts b/frontend/providers/applaunchpad/src/utils/user.ts
index 6065f52eb85..27a6d5f1364 100644
--- a/frontend/providers/applaunchpad/src/utils/user.ts
+++ b/frontend/providers/applaunchpad/src/utils/user.ts
@@ -1,5 +1,6 @@
 // use client;
 import yaml from 'js-yaml';
+import { SessionV1 } from 'sealos-desktop-sdk/*';
 
 export const getUserKubeConfig = () => {
   let kubeConfig: string =
@@ -11,11 +12,23 @@ export const getUserKubeConfig = () => {
       kubeConfig = JSON.parse(store)?.kubeconfig;
     }
   } catch (err) {
-    err;
+    console.log(err);
   }
   return kubeConfig;
 };
 
+export const getUserSession = () => {
+  try {
+    const store = localStorage.getItem('session');
+    if (store) {
+      return JSON.parse(store) as SessionV1;
+    }
+    return null;
+  } catch (err) {
+    return null;
+  }
+};
+
 export const getUserNamespace = () => {
   const kubeConfig = getUserKubeConfig();
   const json: any = yaml.load(kubeConfig);
diff --git a/frontend/providers/dbprovider/deploy/Kubefile b/frontend/providers/dbprovider/deploy/Kubefile
index ffb761baf08..90968d2e951 100644
--- a/frontend/providers/dbprovider/deploy/Kubefile
+++ b/frontend/providers/dbprovider/deploy/Kubefile
@@ -15,5 +15,7 @@ ENV minioSecretKey=""
 ENV minioPort=""
 ENV migrateFileImage=""
 ENV minioBucketName=""
+ENV guideEnabled="true"
+ENV billingUrl="http://account-service.account-system.svc:2333"
 
 CMD ["kubectl apply -f manifests"]
diff --git a/frontend/providers/dbprovider/deploy/manifests/deploy.yaml.tmpl b/frontend/providers/dbprovider/deploy/manifests/deploy.yaml.tmpl
index 64bb74e8690..a9cbe4de585 100644
--- a/frontend/providers/dbprovider/deploy/manifests/deploy.yaml.tmpl
+++ b/frontend/providers/dbprovider/deploy/manifests/deploy.yaml.tmpl
@@ -62,6 +62,10 @@ spec:
               value: "false"
             - name: SHOW_DOCUMENT
               value: "true"
+            - name: GUIDE_ENABLED
+              value: {{ .guideEnabled }}
+            - name: BILLING_URL
+              value: {{ .billingUrl }}
           securityContext:
             runAsNonRoot: true
             runAsUser: 1001
diff --git a/frontend/providers/dbprovider/package.json b/frontend/providers/dbprovider/package.json
index d10d6a235f0..49a886939f7 100644
--- a/frontend/providers/dbprovider/package.json
+++ b/frontend/providers/dbprovider/package.json
@@ -11,6 +11,7 @@
     "unlink-sdk": "yalc remove --all && pnpm install sealos-desktop-sdk"
   },
   "dependencies": {
+    "@sealos/driver": "workspace:^",
     "@chakra-ui/anatomy": "^2.2.1",
     "@chakra-ui/icons": "^2.1.1",
     "@chakra-ui/next-js": "^2.1.5",
diff --git a/frontend/providers/dbprovider/public/locales/en/common.json b/frontend/providers/dbprovider/public/locales/en/common.json
index fc863aaae8d..944825846ae 100644
--- a/frontend/providers/dbprovider/public/locales/en/common.json
+++ b/frontend/providers/dbprovider/public/locales/en/common.json
@@ -2,6 +2,7 @@
   "Auto": "Automatic",
   "Backup": "Backup",
   "Cancel": "Discard",
+  "Click on any shadow to skip": "Click on any shadow to skip",
   "Containers": "Containers",
   "Continue": "Continue",
   "Creating": "Creating",
@@ -79,6 +80,7 @@
   "backup_running": "Saving Backup",
   "backup_success_tip": "The backup task has been successfully created",
   "backup_time": "Backup Timestamp",
+  "balance": "balance",
   "basic": "Basic",
   "billing_standards": "Pricing Guidelines",
   "block_read_time": "Block Read Duration",
@@ -181,6 +183,11 @@
     "Uploading": "Uploading File ({{percent}}%)"
   },
   "file_upload_failed": "File upload failed",
+  "first_charge": "First deposit benefits",
+  "gift": "gift",
+  "go_to_recharge": "Go to recharge",
+  "guide_deploy_button": "Complete creation and get it now",
+  "guide_terminal_button": "Convenient terminal connection method improves data processing efficiency",
   "have_error": "Failed",
   "hits_ratio": "Hits Ratio",
   "import_through_file": "Import via File",
@@ -190,6 +197,7 @@
   "items_per_db": "Keys per DB",
   "jump_prompt": "Jump Notification",
   "key_evictions": "Keys Evicted",
+  "let_me_think_again": "Talk to you later",
   "limit_cpu": "CPU Limit",
   "limit_memory": "Memory Limit",
   "lost_file": "File Missing",
@@ -231,6 +239,7 @@
   "multi_replica_redis_tip": "Note: The price for multi-replica Redis includes HA nodes",
   "name": "Name",
   "no_data_available": "No Data Available",
+  "no_logs_for_now": "No logs for now",
   "not_allow_standalone_use": "This application is not allowed to be used alone. Click OK to go to Sealos Desktop for use.",
   "online_import": "Import Online",
   "operation": "Operation",
@@ -241,6 +250,7 @@
   "please_enter": "Please Enter",
   "prompt": "Prompt",
   "query_operations": "Query Operations",
+  "receive": "receive",
   "remark": "Note",
   "remark_tip": "Contains up to 10 Chinese characters and 30 English characters",
   "remind": "remind",
@@ -260,6 +270,7 @@
   "service_deletion_failed": "Failed to delete the service",
   "set_auto_backup_successful": "Automatic backup task set successfully",
   "single_node_tip": "Single-node DB for development and testing only",
+  "skip": "jump over",
   "slow_queries": "Slow Queries",
   "source_database": "Source Database",
   "start_backup": "Start Backup",
@@ -273,9 +284,11 @@
   "storage_max": "maximum storage",
   "storage_min": "Minimum storage",
   "storage_range": "Storage capacity:",
+  "streaming_logs": "Streaming logs",
   "submit_error": "Error submitting form",
   "successfully_closed_external_network_access": "Internet access disabled",
   "table_locks": "Table-level locks",
+  "terminated_logs": "Terminated logs",
   "total_price": "total_price",
   "total_price_tip": "The estimated cost does not include port fees and traffic fees, and is subject to actual usage.",
   "turn_on": "Enable",
@@ -288,11 +301,9 @@
   "upload_dump_file": "Upload Dump File",
   "use_docs": "Documentation",
   "version": "Version",
-  "yaml_file": "YAML",
-  "streaming_logs": "Streaming logs",
-  "within_5_minutes": "Within 5 minutes",
-  "within_1_hour": "Within 1 hour",
   "within_1_day": "Within 1 day",
-  "terminated_logs": "Terminated logs",
-  "no_logs_for_now": "No logs for now"
+  "within_1_hour": "Within 1 hour",
+  "within_5_minutes": "Within 5 minutes",
+  "yaml_file": "YAML",
+  "you_have_successfully_deployed_database": "You have successfully deployed and created a database!"
 }
diff --git a/frontend/providers/dbprovider/public/locales/zh/common.json b/frontend/providers/dbprovider/public/locales/zh/common.json
index c1957fb6ecb..38c656d93aa 100644
--- a/frontend/providers/dbprovider/public/locales/zh/common.json
+++ b/frontend/providers/dbprovider/public/locales/zh/common.json
@@ -2,6 +2,7 @@
   "Auto": "自动",
   "Backup": "备份",
   "Cancel": "取消",
+  "Click on any shadow to skip": "点击任意阴影跳过",
   "Containers": "容器",
   "Continue": "继续",
   "Creating": "创建中",
@@ -79,6 +80,7 @@
   "backup_running": "备份中",
   "backup_success_tip": "备份任务已经成功创建",
   "backup_time": "备份时间",
+  "balance": "余额",
   "basic": "基础配置",
   "billing_standards": "计费标准",
   "block_read_time": "读数据块时间",
@@ -181,6 +183,11 @@
     "Uploading": "正在上传文件，进度: {{percent}}%"
   },
   "file_upload_failed": "文件上传失败",
+  "first_charge": "首充福利",
+  "gift": "赠",
+  "go_to_recharge": "去充值",
+  "guide_deploy_button": "完成创建，立即获得",
+  "guide_terminal_button": "便捷的终端连接方式，提升数据处理效率",
   "have_error": "出现异常",
   "hits_ratio": "命中率",
   "import_through_file": "文件导入",
@@ -190,6 +197,7 @@
   "items_per_db": "键值数",
   "jump_prompt": "跳转提示",
   "key_evictions": "键驱逐数",
+  "let_me_think_again": "稍后再说",
   "limit_cpu": "最大 CPU",
   "limit_memory": "最大内存",
   "lost_file": "缺少文件",
@@ -231,6 +239,7 @@
   "multi_replica_redis_tip": "Redis 多副本包含 HA 节点，请悉知，预估价格已包含 HA 节点费用",
   "name": "名字",
   "no_data_available": "暂无数据",
+  "no_logs_for_now": "暂无日志",
   "not_allow_standalone_use": "该应用不允许单独使用，点击确认前往 Sealos Desktop 使用。",
   "online_import": "在线导入",
   "operation": "操作",
@@ -241,6 +250,7 @@
   "please_enter": "请输入",
   "prompt": "提示",
   "query_operations": "查询操作数",
+  "receive": "收到",
   "remark": "备注",
   "remark_tip": "最多包含10个中文字符，30个英文字符。",
   "remind": "提醒",
@@ -260,6 +270,7 @@
   "service_deletion_failed": "Service 删除失败",
   "set_auto_backup_successful": "设置自动备份任务成功",
   "single_node_tip": "单节点数据库仅适用开发测试",
+  "skip": "跳过",
   "slow_queries": "慢查询",
   "source_database": "源数据库",
   "start_backup": "开始备份",
@@ -273,9 +284,11 @@
   "storage_max": "最大存储",
   "storage_min": "最小存储",
   "storage_range": "容量范围: ",
+  "streaming_logs": "实时日志",
   "submit_error": "提交表单错误",
   "successfully_closed_external_network_access": "已关闭外网访问",
   "table_locks": "表锁",
+  "terminated_logs": "中断前",
   "total_price": "总价",
   "total_price_tip": "预估费用不包括端口费用和流量费用,以实际使用为准",
   "turn_on": "开启",
@@ -288,11 +301,9 @@
   "upload_dump_file": "点击上传 Dump 文件",
   "use_docs": "使用文档",
   "version": "版本",
-  "yaml_file": "YAML 文件",
-  "streaming_logs": "实时日志",
-  "within_5_minutes": "五分钟内",
-  "within_1_hour": "一小时内",
   "within_1_day": "一天内",
-  "terminated_logs": "中断前",
-  "no_logs_for_now": "暂无日志"
+  "within_1_hour": "一小时内",
+  "within_5_minutes": "五分钟内",
+  "yaml_file": "YAML 文件",
+  "you_have_successfully_deployed_database": "您已成功部署创建一个数据库！"
 }
diff --git a/frontend/providers/dbprovider/src/api/platform.ts b/frontend/providers/dbprovider/src/api/platform.ts
index bd376274914..2d94a25ba75 100644
--- a/frontend/providers/dbprovider/src/api/platform.ts
+++ b/frontend/providers/dbprovider/src/api/platform.ts
@@ -2,7 +2,8 @@ import { SystemEnvResponse } from '@/pages/api/getEnv';
 import type { Response as DBVersionMapType } from '@/pages/api/platform/getVersion';
 import type { Response as resourcePriceResponse } from '@/pages/api/platform/resourcePrice';
 import { GET, POST } from '@/services/request';
-import type { UserQuotaItemType } from '@/types/user';
+import type { UserQuotaItemType, UserTask } from '@/types/user';
+import { getUserSession } from '@/utils/user';
 import { AxiosProgressEvent } from 'axios';
 
 export const getResourcePrice = () => GET<resourcePriceResponse>('/api/platform/resourcePrice');
@@ -28,3 +29,24 @@ export const uploadFile = (
     onUploadProgress
   });
 };
+
+export const getUserTasks = () =>
+  GET<{ needGuide: boolean; task: UserTask }>('/api/guide/getTasks', undefined, {
+    headers: {
+      Authorization: getUserSession()?.token
+    }
+  });
+
+export const checkUserTask = () =>
+  GET('/api/guide/checkTask', undefined, {
+    headers: {
+      Authorization: getUserSession()?.token
+    }
+  });
+
+export const getPriceBonus = () =>
+  GET<{ amount: number; gift: number }[]>('/api/guide/getBonus', undefined, {
+    headers: {
+      Authorization: getUserSession()?.token
+    }
+  });
diff --git a/frontend/providers/dbprovider/src/components/Icon/icons/gift.svg b/frontend/providers/dbprovider/src/components/Icon/icons/gift.svg
new file mode 100644
index 00000000000..865d6307dbb
--- /dev/null
+++ b/frontend/providers/dbprovider/src/components/Icon/icons/gift.svg
@@ -0,0 +1,10 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="21" height="20" viewBox="0 0 21 20" fill="none">
+  <path fill-rule="evenodd" clip-rule="evenodd" d="M6.74968 2.4987C6.41816 2.4987 6.10021 2.63039 5.86579 2.86481C5.63137 3.09924 5.49968 3.41718 5.49968 3.7487C5.49968 4.08022 5.63137 4.39816 5.86579 4.63258C6.10021 4.867 6.41816 4.9987 6.74968 4.9987H9.37803C9.2763 4.73254 9.14752 4.43988 8.98825 4.1503C8.46411 3.19732 7.74459 2.4987 6.74968 2.4987ZM9.66634 6.66536V10.832H2.99968V8.4987C2.99968 8.01824 3.00032 7.70801 3.01962 7.47189C3.03811 7.24551 3.06951 7.16158 3.0905 7.12037C3.1704 6.96357 3.29788 6.83609 3.45468 6.75619C3.49589 6.7352 3.57982 6.7038 3.80621 6.6853C4.04232 6.66601 4.35255 6.66537 4.83301 6.66537L9.66634 6.66536ZM4.11661 5.00325C3.93164 4.61502 3.83301 4.18694 3.83301 3.7487C3.83301 2.97515 4.1403 2.23328 4.68728 1.6863C5.23426 1.13932 5.97613 0.832031 6.74968 0.832031C8.67143 0.832031 9.82691 2.21674 10.4486 3.3471C10.4659 3.37861 10.483 3.4101 10.4997 3.44154C10.5164 3.4101 10.5334 3.37861 10.5507 3.3471C11.1724 2.21674 12.3279 0.832031 14.2497 0.832031C15.0232 0.832031 15.7651 1.13932 16.3121 1.6863C16.8591 2.23328 17.1663 2.97515 17.1663 3.7487C17.1663 4.18694 17.0677 4.61502 16.8827 5.00325C17.0438 5.00678 17.1927 5.01305 17.3289 5.02417C17.6583 5.05109 17.986 5.11052 18.3013 5.27118C18.7717 5.51087 19.1542 5.89332 19.3939 6.36372C19.5545 6.67904 19.614 7.00672 19.6409 7.33618C19.6664 7.64832 19.6664 8.02728 19.6663 8.46656V15.6975C19.6664 16.1368 19.6664 16.5157 19.6409 16.8279C19.614 17.1573 19.5545 17.485 19.3939 17.8003C19.1542 18.2707 18.7717 18.6532 18.3013 18.8929C17.986 19.0535 17.6583 19.113 17.3289 19.1399C17.0167 19.1654 16.6378 19.1654 16.1985 19.1654H10.5008C10.5005 19.1654 10.5001 19.1654 10.4997 19.1654C10.4993 19.1654 10.4989 19.1654 10.4985 19.1654H4.80087C4.36159 19.1654 3.98262 19.1654 3.67049 19.1399C3.34103 19.113 3.01335 19.0535 2.69803 18.8929C2.22763 18.6532 1.84518 18.2707 1.60549 17.8003C1.44483 17.485 1.3854 17.1573 1.35848 16.8279C1.33298 16.5157 1.33299 16.1368 1.33301 15.6975L1.33301 11.6658C1.33301 11.6657 1.33301 11.666 1.33301 11.6658C1.33301 11.6657 1.33301 11.665 1.33301 11.6649L1.33301 8.46658C1.33299 8.02729 1.33298 7.64832 1.35848 7.33617C1.3854 7.00672 1.44483 6.67904 1.60549 6.36372C1.84518 5.89332 2.22763 5.51087 2.69803 5.27118C3.01335 5.11052 3.34103 5.05109 3.67049 5.02417C3.80666 5.01305 3.95554 5.00678 4.11661 5.00325ZM2.99968 12.4987V15.6654C2.99968 16.1458 3.00032 16.4561 3.01962 16.6922C3.03811 16.9186 3.06951 17.0025 3.0905 17.0437C3.1704 17.2005 3.29788 17.328 3.45468 17.4079C3.49589 17.4289 3.57982 17.4603 3.80621 17.4788C4.04232 17.498 4.35255 17.4987 4.83301 17.4987H9.66634V12.4987H2.99968ZM11.333 12.4987V17.4987H16.1663C16.6468 17.4987 16.957 17.4981 17.1931 17.4788C17.4195 17.4603 17.5035 17.4289 17.5447 17.4079C17.7015 17.328 17.829 17.2005 17.9088 17.0437C17.9298 17.0025 17.9612 16.9186 17.9797 16.6922C17.999 16.4561 17.9997 16.1458 17.9997 15.6654V12.4987H11.333ZM17.9997 10.832V8.4987C17.9997 8.01824 17.999 7.70801 17.9797 7.4719C17.9612 7.24551 17.9298 7.16158 17.9088 7.12037C17.829 6.96357 17.7015 6.83609 17.5447 6.75619C17.5035 6.7352 17.4195 6.7038 17.1931 6.68531C16.957 6.66601 16.6468 6.66537 16.1663 6.66537L11.333 6.66536V10.832H17.9997ZM11.6213 4.9987C11.7231 4.73254 11.8518 4.43988 12.0111 4.1503C12.5352 3.19732 13.2548 2.4987 14.2497 2.4987C14.5812 2.4987 14.8991 2.63039 15.1336 2.86481C15.368 3.09924 15.4997 3.41718 15.4997 3.7487C15.4997 4.08022 15.368 4.39816 15.1336 4.63258C14.8991 4.867 14.5812 4.9987 14.2497 4.9987H11.6213Z" fill="url(#paint0_linear_787_31074)"/>
+  <defs>
+    <linearGradient id="paint0_linear_787_31074" x1="10.4997" y1="1.42727" x2="10.4997" y2="18.5701" gradientUnits="userSpaceOnUse">
+      <stop stop-color="#69AEFF"/>
+      <stop offset="0.432292" stop-color="#6096FF"/>
+      <stop offset="1" stop-color="#6C7FFF"/>
+    </linearGradient>
+  </defs>
+</svg>
\ No newline at end of file
diff --git a/frontend/providers/dbprovider/src/components/Icon/index.tsx b/frontend/providers/dbprovider/src/components/Icon/index.tsx
index 9a0304e689a..1ceaa31a029 100644
--- a/frontend/providers/dbprovider/src/components/Icon/index.tsx
+++ b/frontend/providers/dbprovider/src/components/Icon/index.tsx
@@ -45,6 +45,7 @@ const map = {
   pods: require('./icons/pods.svg').default,
   upload: require('./icons/upload.svg').default,
   target: require('./icons/target.svg').default,
+  gift: require('./icons/gift.svg').default,
   help: require('./icons/help.svg').default,
   arrowDown: require('./icons/arrowDown.svg').default,
   docs: require('./icons/docs.svg').default
diff --git a/frontend/providers/dbprovider/src/constants/db.ts b/frontend/providers/dbprovider/src/constants/db.ts
index e0aeea3dbf4..7af586b0c04 100644
--- a/frontend/providers/dbprovider/src/constants/db.ts
+++ b/frontend/providers/dbprovider/src/constants/db.ts
@@ -265,7 +265,7 @@ export const DBBackupMethodNameMap = {
 export const defaultDBEditValue: DBEditType = {
   dbType: DBTypeEnum.postgresql,
   dbVersion: '',
-  dbName: '',
+  dbName: 'test-db',
   replicas: 1,
   cpu: CpuSlideMarkList[1].value,
   memory: MemorySlideMarkList[1].value,
diff --git a/frontend/providers/dbprovider/src/hooks/useDetailDriver.tsx b/frontend/providers/dbprovider/src/hooks/useDetailDriver.tsx
new file mode 100644
index 00000000000..7d875861e41
--- /dev/null
+++ b/frontend/providers/dbprovider/src/hooks/useDetailDriver.tsx
@@ -0,0 +1,254 @@
+import { checkUserTask, getPriceBonus, getUserTasks } from '@/api/platform';
+import MyIcon from '@/components/Icon';
+import { useGuideStore } from '@/store/guide';
+import { formatMoney } from '@/utils/tools';
+import { Center, Flex, FlexProps, Icon, Text } from '@chakra-ui/react';
+import { driver } from '@sealos/driver';
+import { SealosCoin } from '@sealos/ui';
+import { useTranslation } from 'next-i18next';
+import { useEffect, useState } from 'react';
+import { sealosApp } from 'sealos-desktop-sdk/app';
+import { DriverStarIcon } from './useDriver';
+
+export default function useDetailDriver() {
+  const { t, i18n } = useTranslation();
+  const [reward, setReward] = useState(5);
+  const { detailCompleted, setDetailCompleted } = useGuideStore();
+
+  const [rechargeOptions, setRechargeOptions] = useState([
+    { amount: 8, gift: 8 },
+    { amount: 32, gift: 32 },
+    { amount: 128, gift: 128 }
+  ]);
+
+  const openCostCenterApp = () => {
+    sealosApp.runEvents('openDesktopApp', {
+      appKey: 'system-costcenter',
+      query: {
+        openRecharge: 'true'
+      }
+    });
+  };
+
+  const PopoverBodyInfo = (props: FlexProps) => {
+    return (
+      <Flex
+        gap="4px"
+        id="popover-info"
+        position={'absolute'}
+        bottom={'-30px'}
+        color={'white'}
+        alignItems={'center'}
+        {...props}
+      >
+        <Text color={'#FFF'} fontSize={'12px'} fontWeight={500}>
+          {t('Click on any shadow to skip')}
+        </Text>
+        <Icon
+          xmlns="http://www.w3.org/2000/svg"
+          width="20"
+          height="20"
+          viewBox="0 0 20 20"
+          fill="white"
+        >
+          <path
+            fillRule="evenodd"
+            clipRule="evenodd"
+            d="M7.50001 0.97229C7.88354 0.97229 8.19445 1.2832 8.19445 1.66673V2.91673C8.19445 3.30027 7.88354 3.61118 7.50001 3.61118C7.11648 3.61118 6.80556 3.30027 6.80556 2.91673V1.66673C6.80556 1.2832 7.11648 0.97229 7.50001 0.97229ZM2.84229 2.84235C3.11349 2.57116 3.55319 2.57116 3.82439 2.84235L4.70827 3.72624C4.97947 3.99744 4.97947 4.43713 4.70827 4.70833C4.43707 4.97953 3.99737 4.97953 3.72618 4.70833L2.84229 3.82445C2.5711 3.55325 2.5711 3.11355 2.84229 2.84235ZM12.2083 2.84235C12.4795 3.11355 12.4795 3.55325 12.2083 3.82445L11.3244 4.70833C11.0532 4.97953 10.6135 4.97953 10.3423 4.70833C10.0711 4.43713 10.0711 3.99744 10.3423 3.72624L11.2262 2.84235C11.4974 2.57116 11.9371 2.57116 12.2083 2.84235ZM8.05107 6.36654C8.05921 6.36904 8.06735 6.37155 8.07548 6.37406L17.4584 9.26437C17.6747 9.33097 17.8794 9.394 18.0383 9.45881C18.183 9.51788 18.4465 9.63567 18.6129 9.8969C18.8034 10.1959 18.8398 10.5678 18.7109 10.8981C18.5983 11.1866 18.3627 11.3532 18.2321 11.4393C18.0888 11.5336 17.9002 11.6352 17.7009 11.7425L13.8279 13.828L11.7424 17.701C11.6351 17.9003 11.5336 18.0889 11.4392 18.2322C11.3531 18.3628 11.1865 18.5984 10.898 18.711C10.5677 18.8399 10.1958 18.8035 9.8968 18.613C9.63557 18.4466 9.51779 18.1831 9.45872 18.0384C9.39391 17.8795 9.33088 17.6748 9.26429 17.4586L6.37399 8.07554C6.37148 8.0674 6.36897 8.05926 6.36647 8.05112C6.31285 7.87717 6.25951 7.70409 6.2288 7.55823C6.19822 7.413 6.15971 7.17003 6.25365 6.91402C6.36609 6.60762 6.60756 6.36615 6.91396 6.25371C7.16997 6.15977 7.41294 6.19829 7.55817 6.22886C7.70404 6.25957 7.87712 6.31292 8.05107 6.36654ZM7.71679 7.71686L10.564 16.9599L12.609 13.1621C12.6112 13.158 12.6136 13.1535 12.6162 13.1486C12.6422 13.0999 12.6884 13.0133 12.7511 12.9339C12.8047 12.8661 12.866 12.8048 12.9339 12.7512C13.0132 12.6884 13.0999 12.6422 13.1485 12.6163C13.1535 12.6137 13.158 12.6112 13.1621 12.609L16.9598 10.5641L7.71679 7.71686ZM0.972229 7.50007C0.972229 7.11654 1.28314 6.80562 1.66667 6.80562H2.91667C3.3002 6.80562 3.61112 7.11654 3.61112 7.50007C3.61112 7.8836 3.3002 8.19451 2.91667 8.19451H1.66667C1.28314 8.19451 0.972229 7.8836 0.972229 7.50007ZM4.70827 10.3424C4.97947 10.6136 4.97947 11.0532 4.70827 11.3244L3.82439 12.2083C3.55319 12.4795 3.11349 12.4795 2.84229 12.2083C2.5711 11.9371 2.5711 11.4974 2.84229 11.2262L3.72618 10.3424C3.99737 10.0712 4.43707 10.0712 4.70827 10.3424Z"
+          />
+        </Icon>
+      </Flex>
+    );
+  };
+
+  const driverObj = driver({
+    disableActiveInteraction: true,
+    showProgress: false,
+    allowClose: false,
+    allowClickMaskNextStep: true,
+    allowPreviousStep: false,
+    isShowButtons: false,
+    allowKeyboardControl: false,
+    steps: [
+      {
+        element: '.driver-detail-terminal-button',
+        popover: {
+          side: 'bottom',
+          align: 'start',
+          borderRadius: '0px 12px 12px 12px',
+          PopoverBody: (
+            <Flex gap={'6px'}>
+              <DriverStarIcon />
+              <Text color={'#24282C'} fontSize={'12px'} fontWeight={500}>
+                {t('guide_terminal_button')}
+              </Text>
+              <PopoverBodyInfo />
+            </Flex>
+          )
+        }
+      },
+      {
+        popover: {
+          borderRadius: '12px 12px 12px 12px',
+          PopoverBody: (
+            <Flex flexDirection={'column'} alignItems={'center'} padding={'27px 40px'} w="540px">
+              <Flex
+                w="100%"
+                color={'#24282C'}
+                fontSize={'14px'}
+                fontWeight={500}
+                bg="#F6EEFA"
+                borderRadius={'8px'}
+                p={'16px'}
+                alignItems={'center'}
+              >
+                <DriverStarIcon />
+                <Text fontWeight={500} ml="8px">
+                  {t('you_have_successfully_deployed_database')}
+                </Text>
+                <Text
+                  ml="auto"
+                  mr={'12px'}
+                  color={'grayModern.900'}
+                  fontSize={'12px'}
+                  fontWeight={500}
+                >
+                  {t('receive')}
+                </Text>
+                <SealosCoin />
+                <Text mx="4px">{reward}</Text>
+                <Text fontSize={'14px'} fontWeight={500}>
+                  {t('balance')}
+                </Text>
+              </Flex>
+
+              <Flex
+                alignItems={'center'}
+                justifyContent={'center'}
+                color={'#24282C'}
+                fontSize={'14px'}
+                fontWeight={500}
+                mt="42px"
+              >
+                <MyIcon name="gift" w={'20px'} h={'20px'} />
+                <Text fontSize={'20px'} fontWeight={500} ml="8px" mr={'4px'}>
+                  {t('first_charge')}
+                </Text>
+              </Flex>
+
+              <Flex
+                justifyContent={'center'}
+                fontSize={i18n.language === 'en' ? '18px' : '24px'}
+                fontWeight={500}
+                mt="28px"
+                gap={'16px'}
+              >
+                {rechargeOptions.map((item, index) => (
+                  <Center
+                    key={index}
+                    bg="#F4F4F7"
+                    borderRadius="2px"
+                    w={'100px'}
+                    h={'72px'}
+                    position={'relative'}
+                  >
+                    <SealosCoin w="14px" />
+                    <Text fontSize={'20px'} fontWeight={500} color={'rgba(17, 24, 36, 1)'} pl="4px">
+                      {item.amount}
+                    </Text>
+                    <Flex
+                      bg={'#F7E7FF'}
+                      position={'absolute'}
+                      top={0}
+                      right={'-15px'}
+                      borderRadius={'10px 10px 10px 0px'}
+                      color={'#9E53C1'}
+                      fontSize={'12px'}
+                      fontWeight={500}
+                      gap={'2px'}
+                      alignItems={'center'}
+                      justifyContent={'center'}
+                      w={'60px'}
+                      height={'20px'}
+                    >
+                      <Text>{t('gift')}</Text>
+                      <SealosCoin w="10px" />
+                      <Text>{item.gift}</Text>
+                    </Flex>
+                  </Center>
+                ))}
+              </Flex>
+
+              <Flex
+                mt={'40px'}
+                bg={'#111824'}
+                borderRadius={'6px'}
+                alignItems={'center'}
+                justifyContent={'center'}
+                w={'179px'}
+                h={'36px'}
+                color={'#FFF'}
+                fontSize={'14px'}
+                fontWeight={500}
+                cursor={'pointer'}
+                onClick={() => {
+                  driverObj.destroy();
+                  openCostCenterApp();
+                }}
+              >
+                {t('go_to_recharge')}
+              </Flex>
+              <Text
+                mt="16px"
+                cursor={'pointer'}
+                color={'rgba(72, 82, 100, 1)'}
+                fontSize={'14px'}
+                fontWeight={500}
+                onClick={() => {
+                  driverObj.destroy();
+                }}
+              >
+                {t('let_me_think_again')}
+              </Text>
+            </Flex>
+          )
+        }
+      }
+    ],
+    onDestroyed: () => {
+      console.log('onDestroyed Detail');
+      setDetailCompleted(true);
+      checkUserTask().then((err) => {
+        console.log(err);
+      });
+    },
+    interceptSkipButtonClick: () => {
+      driverObj.destroy();
+    }
+  });
+
+  const startGuide = () => {
+    driverObj.drive();
+  };
+
+  useEffect(() => {
+    const handleUserGuide = async () => {
+      try {
+        const [taskData, bonusData] = await Promise.all([getUserTasks(), getPriceBonus()]);
+        if (taskData.needGuide && !detailCompleted) {
+          setReward(formatMoney(Number(taskData.task.reward)));
+          setRechargeOptions(bonusData);
+          requestAnimationFrame(() => {
+            startGuide();
+          });
+        }
+      } catch (error) {
+        console.log(error);
+      }
+    };
+    handleUserGuide();
+    // eslint-disable-next-line react-hooks/exhaustive-deps
+  }, []);
+
+  return { startGuide };
+}
diff --git a/frontend/providers/dbprovider/src/hooks/useDriver.tsx b/frontend/providers/dbprovider/src/hooks/useDriver.tsx
new file mode 100644
index 00000000000..d3ab08ea66b
--- /dev/null
+++ b/frontend/providers/dbprovider/src/hooks/useDriver.tsx
@@ -0,0 +1,132 @@
+import { getUserTasks } from '@/api/platform';
+import { useGuideStore } from '@/store/guide';
+import { formatMoney } from '@/utils/tools';
+import { Flex, FlexProps, Icon, Text } from '@chakra-ui/react';
+import { driver } from '@sealos/driver';
+import { SealosCoin } from '@sealos/ui';
+import { useTranslation } from 'next-i18next';
+import { useCallback, useEffect, useState } from 'react';
+
+export function DriverStarIcon() {
+  return (
+    <Icon xmlns="http://www.w3.org/2000/svg" width="21" height="21" viewBox="0 0 21 21" fill="none">
+      <path
+        fillRule="evenodd"
+        clipRule="evenodd"
+        d="M4.24999 1.58789C4.5696 1.58789 4.82869 1.84699 4.82869 2.16659V3.67122H6.33332C6.65293 3.67122 6.91203 3.93032 6.91203 4.24993C6.91203 4.56954 6.65293 4.82863 6.33332 4.82863H4.82869V6.33326C4.82869 6.65287 4.5696 6.91196 4.24999 6.91196C3.93038 6.91196 3.67128 6.65287 3.67128 6.33326V4.82863H2.16666C1.84705 4.82863 1.58795 4.56954 1.58795 4.24993C1.58795 3.93032 1.84705 3.67122 2.16666 3.67122H3.67128V2.16659C3.67128 1.84699 3.93038 1.58789 4.24999 1.58789ZM11.3333 2.42122C11.5728 2.42122 11.7875 2.56869 11.8735 2.79218L13.3186 6.54957C13.5643 7.18827 13.6548 7.41187 13.7853 7.59548C13.9098 7.77051 14.0627 7.92344 14.2378 8.04791C14.4214 8.17846 14.645 8.269 15.2837 8.51465L19.0411 9.9598C19.2646 10.0458 19.412 10.2605 19.412 10.4999C19.412 10.7394 19.2646 10.9541 19.0411 11.0401L15.2837 12.4852C14.645 12.7309 14.4214 12.8214 14.2378 12.9519C14.0627 13.0764 13.9098 13.2293 13.7853 13.4044C13.6548 13.588 13.5643 13.8116 13.3186 14.4503L11.8735 18.2077C11.7875 18.4312 11.5728 18.5786 11.3333 18.5786C11.0939 18.5786 10.8792 18.4312 10.7932 18.2077L9.34804 14.4503C9.10239 13.8116 9.01186 13.588 8.8813 13.4044C8.75684 13.2293 8.60391 13.0764 8.42887 12.9519C8.24526 12.8214 8.02166 12.7309 7.38297 12.4852L3.62558 11.0401C3.40209 10.9541 3.25462 10.7394 3.25462 10.4999C3.25462 10.2605 3.40209 10.0458 3.62558 9.9598L7.38296 8.51465C8.02166 8.269 8.24526 8.17846 8.42887 8.04791C8.60391 7.92345 8.75684 7.77051 8.8813 7.59548C9.01186 7.41187 9.10239 7.18827 9.34804 6.54957L10.7932 2.79219C10.8791 2.56869 11.0939 2.42122 11.3333 2.42122ZM11.3333 4.61201L10.4283 6.96506C10.4195 6.98797 10.4108 7.01059 10.4022 7.03291C10.1924 7.57876 10.0502 7.94881 9.82456 8.26619C9.62512 8.54667 9.38006 8.79173 9.09958 8.99117C8.78221 9.21684 8.41216 9.35905 7.86631 9.56883C7.84398 9.5774 7.82137 9.5861 7.79845 9.59491L5.4454 10.4999L7.79845 11.4049C7.82137 11.4138 7.84398 11.4225 7.86631 11.431C8.41216 11.6408 8.78221 11.783 9.09958 12.0087C9.38006 12.2081 9.62512 12.4532 9.82456 12.7337C10.0502 13.051 10.1924 13.4211 10.4022 13.9669C10.4108 13.9893 10.4195 14.0119 10.4283 14.0348L11.3333 16.3878L12.2383 14.0348C12.2472 14.0119 12.2558 13.9893 12.2644 13.967C12.4742 13.4211 12.6164 13.051 12.8421 12.7337C13.0415 12.4532 13.2866 12.2081 13.5671 12.0087C13.8844 11.783 14.2545 11.6408 14.8003 11.431C14.8227 11.4225 14.8453 11.4138 14.8682 11.4049L17.2212 10.4999L14.8682 9.59491C14.8453 9.5861 14.8227 9.57741 14.8004 9.56883C14.2545 9.35906 13.8844 9.21684 13.5671 8.99117C13.2866 8.79173 13.0415 8.54667 12.8421 8.26619C12.6164 7.94881 12.4742 7.57876 12.2644 7.03291C12.2558 7.01059 12.2472 6.98797 12.2383 6.96505L11.3333 4.61201ZM4.24999 14.0879C4.5696 14.0879 4.82869 14.347 4.82869 14.6666V16.1712H6.33332C6.65293 16.1712 6.91203 16.4303 6.91203 16.7499C6.91203 17.0695 6.65293 17.3286 6.33332 17.3286H4.82869V18.8333C4.82869 19.1529 4.5696 19.412 4.24999 19.412C3.93038 19.412 3.67128 19.1529 3.67128 18.8333V17.3286H2.16666C1.84705 17.3286 1.58795 17.0695 1.58795 16.7499C1.58795 16.4303 1.84705 16.1712 2.16666 16.1712H3.67128V14.6666C3.67128 14.347 3.93038 14.0879 4.24999 14.0879Z"
+        fill="url(#paint0_linear_864_3172)"
+      />
+      <defs>
+        <linearGradient
+          id="paint0_linear_864_3172"
+          x1="10.5"
+          y1="2.16659"
+          x2="10.5"
+          y2="18.8333"
+          gradientUnits="userSpaceOnUse"
+        >
+          <stop stopColor="#69AEFF" />
+          <stop offset="0.432292" stopColor="#6096FF" />
+          <stop offset="1" stopColor="#6C7FFF" />
+        </linearGradient>
+      </defs>
+    </Icon>
+  );
+}
+
+export default function useDriver() {
+  const { t } = useTranslation();
+  const [reward, setReward] = useState(1);
+  const { createCompleted, setCreateCompleted } = useGuideStore();
+
+  const PopoverBodyInfo = (props: FlexProps) => {
+    return (
+      <Flex
+        gap="4px"
+        id="popover-info"
+        position={'absolute'}
+        bottom={'-30px'}
+        color={'white'}
+        alignItems={'center'}
+        {...props}
+      >
+        <Text color={'#FFF'} fontSize={'12px'} fontWeight={500}>
+          {t('Click on any shadow to skip')}
+        </Text>
+        <Icon
+          xmlns="http://www.w3.org/2000/svg"
+          width="20"
+          height="20"
+          viewBox="0 0 20 20"
+          fill="white"
+        >
+          <path
+            fillRule="evenodd"
+            clipRule="evenodd"
+            d="M7.50001 0.97229C7.88354 0.97229 8.19445 1.2832 8.19445 1.66673V2.91673C8.19445 3.30027 7.88354 3.61118 7.50001 3.61118C7.11648 3.61118 6.80556 3.30027 6.80556 2.91673V1.66673C6.80556 1.2832 7.11648 0.97229 7.50001 0.97229ZM2.84229 2.84235C3.11349 2.57116 3.55319 2.57116 3.82439 2.84235L4.70827 3.72624C4.97947 3.99744 4.97947 4.43713 4.70827 4.70833C4.43707 4.97953 3.99737 4.97953 3.72618 4.70833L2.84229 3.82445C2.5711 3.55325 2.5711 3.11355 2.84229 2.84235ZM12.2083 2.84235C12.4795 3.11355 12.4795 3.55325 12.2083 3.82445L11.3244 4.70833C11.0532 4.97953 10.6135 4.97953 10.3423 4.70833C10.0711 4.43713 10.0711 3.99744 10.3423 3.72624L11.2262 2.84235C11.4974 2.57116 11.9371 2.57116 12.2083 2.84235ZM8.05107 6.36654C8.05921 6.36904 8.06735 6.37155 8.07548 6.37406L17.4584 9.26437C17.6747 9.33097 17.8794 9.394 18.0383 9.45881C18.183 9.51788 18.4465 9.63567 18.6129 9.8969C18.8034 10.1959 18.8398 10.5678 18.7109 10.8981C18.5983 11.1866 18.3627 11.3532 18.2321 11.4393C18.0888 11.5336 17.9002 11.6352 17.7009 11.7425L13.8279 13.828L11.7424 17.701C11.6351 17.9003 11.5336 18.0889 11.4392 18.2322C11.3531 18.3628 11.1865 18.5984 10.898 18.711C10.5677 18.8399 10.1958 18.8035 9.8968 18.613C9.63557 18.4466 9.51779 18.1831 9.45872 18.0384C9.39391 17.8795 9.33088 17.6748 9.26429 17.4586L6.37399 8.07554C6.37148 8.0674 6.36897 8.05926 6.36647 8.05112C6.31285 7.87717 6.25951 7.70409 6.2288 7.55823C6.19822 7.413 6.15971 7.17003 6.25365 6.91402C6.36609 6.60762 6.60756 6.36615 6.91396 6.25371C7.16997 6.15977 7.41294 6.19829 7.55817 6.22886C7.70404 6.25957 7.87712 6.31292 8.05107 6.36654ZM7.71679 7.71686L10.564 16.9599L12.609 13.1621C12.6112 13.158 12.6136 13.1535 12.6162 13.1486C12.6422 13.0999 12.6884 13.0133 12.7511 12.9339C12.8047 12.8661 12.866 12.8048 12.9339 12.7512C13.0132 12.6884 13.0999 12.6422 13.1485 12.6163C13.1535 12.6137 13.158 12.6112 13.1621 12.609L16.9598 10.5641L7.71679 7.71686ZM0.972229 7.50007C0.972229 7.11654 1.28314 6.80562 1.66667 6.80562H2.91667C3.3002 6.80562 3.61112 7.11654 3.61112 7.50007C3.61112 7.8836 3.3002 8.19451 2.91667 8.19451H1.66667C1.28314 8.19451 0.972229 7.8836 0.972229 7.50007ZM4.70827 10.3424C4.97947 10.6136 4.97947 11.0532 4.70827 11.3244L3.82439 12.2083C3.55319 12.4795 3.11349 12.4795 2.84229 12.2083C2.5711 11.9371 2.5711 11.4974 2.84229 11.2262L3.72618 10.3424C3.99737 10.0712 4.43707 10.0712 4.70827 10.3424Z"
+          />
+        </Icon>
+      </Flex>
+    );
+  };
+
+  const driverObj = driver({
+    showProgress: false,
+    allowClose: false,
+    allowClickMaskNextStep: true,
+    allowPreviousStep: false,
+    isShowButtons: false,
+    allowKeyboardControl: false,
+    overlaySkipButton: t('skip') || 'skip',
+    disableActiveInteraction: true,
+    steps: [
+      {
+        element: '.driver-deploy-button',
+        popover: {
+          side: 'left',
+          align: 'center',
+          borderRadius: '12px 12px 0px 12px',
+          PopoverBody: (
+            <Flex gap={'6px'} alignItems={'center'} fontSize={'13px'} fontWeight={500}>
+              <DriverStarIcon />
+              <Text color={'#24282C'}>{t('guide_deploy_button')}</Text>
+              <Text>{reward}</Text>
+              <SealosCoin />
+              <Text>{t('balance')}</Text>
+              <PopoverBodyInfo />
+            </Flex>
+          )
+        }
+      }
+    ],
+    onDestroyed: () => {
+      setCreateCompleted(true);
+    }
+  });
+
+  const startGuide = useCallback(() => {
+    driverObj.drive();
+  }, [driverObj]);
+
+  const closeGuide = () => {
+    driverObj.destroy();
+  };
+
+  useEffect(() => {
+    const handleUserGuide = async () => {
+      try {
+        const data = await getUserTasks();
+        if (data.needGuide && !createCompleted) {
+          setReward(formatMoney(Number(data.task.reward)));
+          requestAnimationFrame(() => {
+            startGuide();
+          });
+        }
+      } catch (error) {}
+    };
+    handleUserGuide();
+    // eslint-disable-next-line react-hooks/exhaustive-deps
+  }, []);
+
+  return { startGuide, closeGuide };
+}
diff --git a/frontend/providers/dbprovider/src/pages/_app.tsx b/frontend/providers/dbprovider/src/pages/_app.tsx
index 1f0caee74b3..0969754d8c5 100644
--- a/frontend/providers/dbprovider/src/pages/_app.tsx
+++ b/frontend/providers/dbprovider/src/pages/_app.tsx
@@ -17,6 +17,7 @@ import { EVENT_NAME } from 'sealos-desktop-sdk';
 import { createSealosApp, sealosApp } from 'sealos-desktop-sdk/app';
 import useEnvStore from '@/store/env';
 
+import '@sealos/driver/src/driver.css';
 import '@/styles/reset.scss';
 import 'nprogress/nprogress.css';
 
diff --git a/frontend/providers/dbprovider/src/pages/api/guide/checkTask.ts b/frontend/providers/dbprovider/src/pages/api/guide/checkTask.ts
new file mode 100644
index 00000000000..4c80bb72c8b
--- /dev/null
+++ b/frontend/providers/dbprovider/src/pages/api/guide/checkTask.ts
@@ -0,0 +1,41 @@
+import { authAppToken } from '@/services/backend/auth';
+import { jsonRes } from '@/services/backend/response';
+import { ApiResp } from '@/services/kubernet';
+import type { NextApiRequest, NextApiResponse } from 'next';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse<ApiResp>) {
+  try {
+    if (process.env.GUIDE_ENABLED !== 'true') return jsonRes(res, { data: null });
+    const token = await authAppToken(req.headers);
+    if (!token) {
+      return jsonRes(res, { code: 401, message: 'token is valid' });
+    }
+
+    const domain = process.env.DESKTOP_DOMAIN;
+    const response = await fetch(`https://${domain}/api/account/checkTask`, {
+      method: 'GET',
+      headers: {
+        'Content-Type': 'application/json',
+        Authorization: token
+      }
+    });
+
+    const result: {
+      code: number;
+      data: any;
+      message: string;
+    } = await response.json();
+
+    if (result.code !== 200) {
+      return jsonRes(res, { code: result.code, message: 'desktop api is err' });
+    } else {
+      return jsonRes(res, { data: result.data });
+    }
+  } catch (err: any) {
+    console.log(err);
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}
diff --git a/frontend/providers/dbprovider/src/pages/api/guide/getBonus.ts b/frontend/providers/dbprovider/src/pages/api/guide/getBonus.ts
new file mode 100644
index 00000000000..c52a23b5700
--- /dev/null
+++ b/frontend/providers/dbprovider/src/pages/api/guide/getBonus.ts
@@ -0,0 +1,53 @@
+import { authAppToken } from '@/services/backend/auth';
+import { jsonRes } from '@/services/backend/response';
+import { ApiResp } from '@/services/kubernet';
+import type { NextApiRequest, NextApiResponse } from 'next';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse<ApiResp>) {
+  try {
+    if (process.env.GUIDE_ENABLED !== 'true')
+      jsonRes(res, {
+        code: 500
+      });
+
+    const token = await authAppToken(req.headers);
+    if (!token) {
+      return jsonRes(res, { code: 401, message: 'token is valid' });
+    }
+
+    const url = process.env.BILLING_URL;
+    if (!url) {
+      return jsonRes(res, { code: 500, message: 'billing is error' });
+    }
+
+    const response = await fetch(`${url}/account/v1alpha1/recharge-discount`, {
+      method: 'POST',
+      headers: {
+        Authorization: `Bearer ${token}`
+      }
+    });
+    const result: {
+      discount: {
+        firstRechargeDiscount: Record<string, string>;
+      };
+    } = await response.json();
+
+    const rechargeOptions = Object.entries(result.discount.firstRechargeDiscount).map(
+      ([amount, rate]) => ({
+        amount: Number(amount),
+        gift: Math.floor((Number(amount) * Number(rate)) / 100)
+      })
+    );
+
+    jsonRes(res, {
+      code: 200,
+      data: rechargeOptions
+    });
+  } catch (err: any) {
+    console.log(err);
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}
diff --git a/frontend/providers/dbprovider/src/pages/api/guide/getTasks.ts b/frontend/providers/dbprovider/src/pages/api/guide/getTasks.ts
new file mode 100644
index 00000000000..c03270d7493
--- /dev/null
+++ b/frontend/providers/dbprovider/src/pages/api/guide/getTasks.ts
@@ -0,0 +1,57 @@
+import { authAppToken } from '@/services/backend/auth';
+import { jsonRes } from '@/services/backend/response';
+import { ApiResp } from '@/services/kubernet';
+import { UserTask } from '@/types/user';
+import type { NextApiRequest, NextApiResponse } from 'next';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse<ApiResp>) {
+  try {
+    if (process.env.GUIDE_ENABLED !== 'true') {
+      return jsonRes(res, {
+        data: {
+          needGuide: false
+        }
+      });
+    }
+
+    const token = await authAppToken(req.headers);
+    if (!token) {
+      return jsonRes(res, { code: 401, message: 'token is valid' });
+    }
+
+    const domain = process.env.DESKTOP_DOMAIN;
+    const response = await fetch(`https://${domain}/api/account/getTasks`, {
+      method: 'GET',
+      headers: {
+        Authorization: token
+      }
+    });
+
+    const result: {
+      code: number;
+      data: UserTask[];
+      message: string;
+    } = await response.json();
+
+    if (result.code !== 200) {
+      return jsonRes(res, {
+        code: 500,
+        message: 'desktop api is err'
+      });
+    }
+
+    const launchpadTask = result.data.find((task) => task.taskType === 'DATABASE');
+    const needGuide = launchpadTask ? !launchpadTask.isCompleted : false;
+
+    jsonRes(res, {
+      code: 200,
+      data: { needGuide, task: launchpadTask }
+    });
+  } catch (err: any) {
+    console.log(err);
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}
diff --git a/frontend/providers/dbprovider/src/pages/db/detail/components/AppBaseInfo.tsx b/frontend/providers/dbprovider/src/pages/db/detail/components/AppBaseInfo.tsx
index d71c680989f..3f3e8017f97 100644
--- a/frontend/providers/dbprovider/src/pages/db/detail/components/AppBaseInfo.tsx
+++ b/frontend/providers/dbprovider/src/pages/db/detail/components/AppBaseInfo.tsx
@@ -325,6 +325,7 @@ const AppBaseInfo = ({ db = defaultDBDetail }: { db: DBDetailType }) => {
             {['milvus', 'kafka'].indexOf(db.dbType) === -1 && (
               <>
                 <Center
+                  className="driver-detail-terminal-button"
                   gap={'6px'}
                   h="28px"
                   fontSize={'12px'}
diff --git a/frontend/providers/dbprovider/src/pages/db/detail/index.tsx b/frontend/providers/dbprovider/src/pages/db/detail/index.tsx
index 4be6c133abd..d04336682ea 100644
--- a/frontend/providers/dbprovider/src/pages/db/detail/index.tsx
+++ b/frontend/providers/dbprovider/src/pages/db/detail/index.tsx
@@ -19,6 +19,7 @@ import Monitor from './components/Monitor';
 import Pods from './components/Pods';
 import { I18nCommonKey } from '@/types/i18next';
 import ReconfigureTable from './components/Reconfigure/index';
+import useDetailDriver from '@/hooks/useDetailDriver';
 
 enum TabEnum {
   pod = 'pod',
@@ -38,6 +39,7 @@ const AppDetail = ({
   dbType: DBType;
   listType: `${TabEnum}`;
 }) => {
+  useDetailDriver();
   const BackupTableRef = useRef<ComponentRef>(null);
   const ReconfigureTableRef = useRef<ComponentRef>(null);
   const router = useRouter();
diff --git a/frontend/providers/dbprovider/src/pages/db/edit/components/Header.tsx b/frontend/providers/dbprovider/src/pages/db/edit/components/Header.tsx
index 24f9f2d7c8e..f1c2ebeff39 100644
--- a/frontend/providers/dbprovider/src/pages/db/edit/components/Header.tsx
+++ b/frontend/providers/dbprovider/src/pages/db/edit/components/Header.tsx
@@ -52,7 +52,13 @@ const Header = ({
       <Button h={'40px'} flex={'0 0 114px'} mr={5} variant={'outline'} onClick={handleExportYaml}>
         {t('Export')} Yaml
       </Button>
-      <Button flex={'0 0 114px'} h={'40px'} variant={'solid'} onClick={applyCb}>
+      <Button
+        className="driver-deploy-button"
+        flex={'0 0 114px'}
+        h={'40px'}
+        variant={'solid'}
+        onClick={applyCb}
+      >
         {t(applyBtnText)}
       </Button>
     </Flex>
diff --git a/frontend/providers/dbprovider/src/pages/db/edit/index.tsx b/frontend/providers/dbprovider/src/pages/db/edit/index.tsx
index cfb5497bd79..a986576c182 100644
--- a/frontend/providers/dbprovider/src/pages/db/edit/index.tsx
+++ b/frontend/providers/dbprovider/src/pages/db/edit/index.tsx
@@ -24,6 +24,7 @@ import { useForm } from 'react-hook-form';
 import Form from './components/Form';
 import Header from './components/Header';
 import Yaml from './components/Yaml';
+import useDriver from '@/hooks/useDriver';
 
 const ErrorModal = dynamic(() => import('@/components/ErrorModal'));
 
@@ -33,6 +34,7 @@ const defaultEdit = {
 };
 
 const EditApp = ({ dbName, tabType }: { dbName?: string; tabType?: 'form' | 'yaml' }) => {
+  const { startGuide } = useDriver();
   const { t } = useTranslation();
   const router = useRouter();
   const [yamlList, setYamlList] = useState<YamlItemType[]>([]);
@@ -126,7 +128,7 @@ const EditApp = ({ dbName, tabType }: { dbName?: string; tabType?: 'form' | 'yam
         title: t(applySuccess),
         status: 'success'
       });
-      router.push(lastRoute);
+      router.replace(`/db/detail?name=${formData.dbName}&dbType=${formData.dbType}`);
     } catch (error) {
       console.error(error);
       setErrorMessage(JSON.stringify(error));
diff --git a/frontend/providers/dbprovider/src/services/backend/auth.ts b/frontend/providers/dbprovider/src/services/backend/auth.ts
index acdfb175569..32d49ee6464 100644
--- a/frontend/providers/dbprovider/src/services/backend/auth.ts
+++ b/frontend/providers/dbprovider/src/services/backend/auth.ts
@@ -1,5 +1,6 @@
 import type { NextApiRequest } from 'next';
 import { ERROR_ENUM } from '../error';
+import { IncomingHttpHeaders } from 'http';
 
 export const authSession = async (req: NextApiRequest) => {
   if (!req.headers) return Promise.reject(ERROR_ENUM.unAuthorization);
@@ -13,3 +14,15 @@ export const authSession = async (req: NextApiRequest) => {
     return Promise.reject(ERROR_ENUM.unAuthorization);
   }
 };
+
+export const authAppToken = async (header: IncomingHttpHeaders) => {
+  if (!header) return Promise.reject('unAuthorization');
+  const { authorization } = header;
+  if (!authorization) return Promise.reject('unAuthorization');
+
+  try {
+    return Promise.resolve(authorization);
+  } catch (err) {
+    return Promise.reject('unAuthorization');
+  }
+};
diff --git a/frontend/providers/dbprovider/src/services/request.ts b/frontend/providers/dbprovider/src/services/request.ts
index 553be1c7438..676cdb9fbef 100644
--- a/frontend/providers/dbprovider/src/services/request.ts
+++ b/frontend/providers/dbprovider/src/services/request.ts
@@ -66,7 +66,9 @@ request.interceptors.request.use(
     let _headers: AxiosHeaders = config.headers;
 
     //获取token，并将其添加至请求头中
-    _headers['Authorization'] = encodeURIComponent(getUserKubeConfig());
+    _headers['Authorization'] = config.headers.Authorization
+      ? config.headers.Authorization
+      : encodeURIComponent(getUserKubeConfig());
     if (!config.headers || config.headers['Content-Type'] === '') {
       _headers['Content-Type'] = 'application/json';
     }
diff --git a/frontend/providers/dbprovider/src/store/guide.ts b/frontend/providers/dbprovider/src/store/guide.ts
new file mode 100644
index 00000000000..c158b81df62
--- /dev/null
+++ b/frontend/providers/dbprovider/src/store/guide.ts
@@ -0,0 +1,27 @@
+import { create } from 'zustand';
+import { persist, createJSONStorage } from 'zustand/middleware';
+
+interface GuideState {
+  createCompleted: boolean;
+  detailCompleted: boolean;
+  setCreateCompleted: (completed: boolean) => void;
+  setDetailCompleted: (completed: boolean) => void;
+  resetGuideState: (completed: boolean) => void;
+}
+
+export const useGuideStore = create<GuideState>()(
+  persist(
+    (set) => ({
+      createCompleted: false,
+      detailCompleted: false,
+      setCreateCompleted: (completed) => set({ createCompleted: completed }),
+      setDetailCompleted: (completed) => set({ detailCompleted: completed }),
+      resetGuideState: (completed) =>
+        set({ createCompleted: completed, detailCompleted: completed })
+    }),
+    {
+      name: 'user-guide',
+      storage: createJSONStorage(() => localStorage)
+    }
+  )
+);
diff --git a/frontend/providers/dbprovider/src/styles/reset.scss b/frontend/providers/dbprovider/src/styles/reset.scss
index fbc0258cc7d..800457818f5 100644
--- a/frontend/providers/dbprovider/src/styles/reset.scss
+++ b/frontend/providers/dbprovider/src/styles/reset.scss
@@ -137,3 +137,9 @@ div {
     }
   }
 }
+
+#driver-popover-content {
+  padding: 14px;
+  max-width: 600px;
+  border: 1px solid #94b5ff;
+}
diff --git a/frontend/providers/dbprovider/src/types/user.d.ts b/frontend/providers/dbprovider/src/types/user.d.ts
index 137c0cd9b00..2d7c9ff54c5 100644
--- a/frontend/providers/dbprovider/src/types/user.d.ts
+++ b/frontend/providers/dbprovider/src/types/user.d.ts
@@ -33,3 +33,18 @@ export type UserQuotaItemType = {
   used: number;
   limit: number;
 };
+
+export enum TaskType {
+  DATABASE = 'DATABASE'
+}
+
+export type UserTask = {
+  id: string;
+  title: string;
+  description: string;
+  reward: string;
+  order: number;
+  taskType: TaskType;
+  isCompleted: boolean;
+  completedAt: string;
+};
diff --git a/frontend/providers/dbprovider/src/utils/tools.ts b/frontend/providers/dbprovider/src/utils/tools.ts
index 74a0758e649..1fdf7148605 100644
--- a/frontend/providers/dbprovider/src/utils/tools.ts
+++ b/frontend/providers/dbprovider/src/utils/tools.ts
@@ -352,3 +352,7 @@ export const adjustDifferencesForIni = (
     };
   });
 };
+
+export const formatMoney = (mone: number) => {
+  return mone / 1000000;
+};
diff --git a/frontend/providers/dbprovider/src/utils/user.ts b/frontend/providers/dbprovider/src/utils/user.ts
index b0412963b70..10c658f01d4 100644
--- a/frontend/providers/dbprovider/src/utils/user.ts
+++ b/frontend/providers/dbprovider/src/utils/user.ts
@@ -1,5 +1,6 @@
 'client';
 import yaml from 'js-yaml';
+import { SessionV1 } from 'sealos-desktop-sdk/*';
 
 export const getUserKubeConfig = () => {
   let kubeConfig: string =
@@ -25,3 +26,15 @@ export const getUserNamespace = () => {
     return 'ns-';
   }
 };
+
+export const getUserSession = () => {
+  try {
+    const store = localStorage.getItem('session');
+    if (store) {
+      return JSON.parse(store) as SessionV1;
+    }
+    return null;
+  } catch (err) {
+    return null;
+  }
+};
diff --git a/frontend/providers/template/deploy/Kubefile b/frontend/providers/template/deploy/Kubefile
index b09929453fd..7b4f20808d5 100644
--- a/frontend/providers/template/deploy/Kubefile
+++ b/frontend/providers/template/deploy/Kubefile
@@ -12,5 +12,7 @@ ENV certSecretName="wildcard-cert"
 ENV templateRepoUrl="https://github.com/labring-actions/templates"
 ENV templateRepoBranch="main"
 ENV templateRepoPath="templates"
+ENV guideEnabled="true"
+ENV billingUrl="http://account-service.account-system.svc:2333"
 
 CMD ["kubectl apply -f manifests"]
\ No newline at end of file
diff --git a/frontend/providers/template/deploy/manifests/deploy.yaml.tmpl b/frontend/providers/template/deploy/manifests/deploy.yaml.tmpl
index 743acd1c984..0e1e18ac9f7 100644
--- a/frontend/providers/template/deploy/manifests/deploy.yaml.tmpl
+++ b/frontend/providers/template/deploy/manifests/deploy.yaml.tmpl
@@ -82,6 +82,12 @@ spec:
               value: "false"
             - name: ACCOUNT_URL
               value: http://account-service.account-system.svc.cluster.local:2333
+            - name: GUIDE_ENABLED
+              value: {{ .guideEnabled }}
+            - name: BILLING_URL
+              value: {{ .billingUrl }}
+            - name: DESKTOP_DOMAIN
+              value: {{ .cloudDomain }}
           image: ghcr.io/labring/sealos-template-frontend:latest
           imagePullPolicy: Always
           volumeMounts:
diff --git a/frontend/providers/template/next.config.js b/frontend/providers/template/next.config.js
index 545ed24da3c..04f45b60ae9 100644
--- a/frontend/providers/template/next.config.js
+++ b/frontend/providers/template/next.config.js
@@ -1,10 +1,10 @@
 /** @type {import('next').NextConfig} */
-const { i18n } = require('./next-i18next.config');
-const path = require('path');
+const { i18n } = require('./next-i18next.config')
+const path = require('path')
 
 const withBundleAnalyzer = require('@next/bundle-analyzer')({
   enabled: process.env.ANALYZE === 'true'
-});
+})
 
 const nextConfig = {
   i18n,
@@ -18,9 +18,9 @@ const nextConfig = {
         issuer: /\.[jt]sx?$/,
         use: ['@svgr/webpack']
       }
-    ]);
-    config.plugins = [...config.plugins];
-    return config;
+    ])
+    config.plugins = [...config.plugins]
+    return config
   },
   experimental: {
     // this includes files from the monorepo base two directories up
@@ -34,7 +34,7 @@ const nextConfig = {
       }
     ]
   },
-  transpilePackages: ['@sealos/ui', 'sealos-desktop-sdk']
-};
+  transpilePackages: ['@sealos/ui', 'sealos-desktop-sdk', '@sealos/driver']
+}
 
-module.exports = withBundleAnalyzer(nextConfig);
+module.exports = withBundleAnalyzer(nextConfig)
diff --git a/frontend/providers/template/package.json b/frontend/providers/template/package.json
index 69597cc556b..257558fc24d 100644
--- a/frontend/providers/template/package.json
+++ b/frontend/providers/template/package.json
@@ -8,6 +8,7 @@
     "start": "next start"
   },
   "dependencies": {
+    "@sealos/driver": "workspace:^",
     "@chakra-ui/anatomy": "^2.2.1",
     "@chakra-ui/icons": "^2.1.1",
     "@chakra-ui/next-js": "^2.1.5",
diff --git a/frontend/providers/template/public/locales/en/common.json b/frontend/providers/template/public/locales/en/common.json
index 0ab491a054a..9caef3112d0 100644
--- a/frontend/providers/template/public/locales/en/common.json
+++ b/frontend/providers/template/public/locales/en/common.json
@@ -184,6 +184,7 @@
     "The applied memory exceeds the quota": "Requested storage exceeds your quota. Please contact admin.",
     "The applied storage exceeds the quota": "The applied storage exceeds the quota"
   },
+  "balance": "balance",
   "capacity": "capacity",
   "common": {
     "Surplus": "Surplus",
@@ -208,12 +209,16 @@
   "file": "file",
   "file value": "File Content",
   "filename": "Filename",
+  "first_charge": "First recharge discount",
+  "gift": "gift",
+  "go_to_recharge": "Go to recharge",
   "gpu": "GPU",
   "grpcs": "gRPCS",
   "https": "HTTPS",
   "jump_message": "This app can't be used independently. Click 'OK' to use it in Sealos Desktop.",
   "jump_prompt": "Redirect Notice",
   "launchpad": "App Launchpad",
+  "let_me_think_again": "Talk to you later",
   "local storage": "Local Storage",
   "memory": "Memory",
   "mount path": "mount path",
@@ -227,10 +232,12 @@
   "private": "private",
   "protocol": "protocol",
   "public": "public",
+  "receive": "receive",
   "storage": "Storage",
   "success": "success",
   "target_value": "Target Value",
   "total_price_tip": "The estimated cost does not include traffic fees, and is subject to actual usage.",
   "users installed the app": "{{count}} users have installed this app",
-  "websocket": "WebSocket"
+  "websocket": "WebSocket",
+  "you_have_successfully_deployed_app": "You have successfully deployed an application!"
 }
diff --git a/frontend/providers/template/public/locales/zh/common.json b/frontend/providers/template/public/locales/zh/common.json
index 603b387c6b9..083d61716e1 100644
--- a/frontend/providers/template/public/locales/zh/common.json
+++ b/frontend/providers/template/public/locales/zh/common.json
@@ -164,7 +164,6 @@
   "TemplateNameError": "模板名称不能为空",
   "Templates": "模板市场",
   "Terminal": "终端",
-  "no_resource_type": "暂无此类型的资源",
   "Total": "总计",
   "TotalPrice": "总价",
   "Type": "类型",
@@ -185,6 +184,7 @@
     "The applied memory exceeds the quota": "申请的 '内存' 超出配额限制，请联系管理员",
     "The applied storage exceeds the quota": "申请的 '存储' 超出配额限制，请联系管理员"
   },
+  "balance": "余额",
   "capacity": "容量",
   "common": {
     "Surplus": "剩余",
@@ -209,16 +209,21 @@
   "file": "文件",
   "file value": "文件值",
   "filename": "文件名",
+  "first_charge": "首充优惠",
+  "gift": "赠",
+  "go_to_recharge": "去充值",
   "gpu": "GPU",
   "grpcs": "gRPCS",
   "https": "HTTPS",
   "jump_message": "该应用不允许单独使用，点击确认前往 Sealos Desktop 使用。",
   "jump_prompt": "跳转提示",
   "launchpad": "应用管理",
+  "let_me_think_again": "稍后再说",
   "local storage": "本地存储",
   "memory": "内存",
   "mount path": "挂载路径",
   "multiple instances do not share data": "存储卷不支持多个实例共享",
+  "no_resource_type": "暂无此类型的资源",
   "object_storage": "对象存储",
   "others": "其他资源",
   "pause_message": "暂停服务将停止计算 CPU 和内存等费用，但存储和外网端口仍将产生费用。是否现在暂停？",
@@ -227,10 +232,12 @@
   "private": "私有",
   "protocol": "协议",
   "public": "公共",
+  "receive": "收到",
   "storage": "存储卷",
   "success": "成功",
   "target_value": "目标值",
   "total_price_tip": "预估费用不包括流量费用,以实际使用为准",
   "users installed the app": "已有 {{count}} 名用户安装该应用",
-  "websocket": "WebSocket"
-}
\ No newline at end of file
+  "websocket": "WebSocket",
+  "you_have_successfully_deployed_app": "您已成功部署一个应用！"
+}
diff --git a/frontend/providers/template/src/api/platform.ts b/frontend/providers/template/src/api/platform.ts
index 18dabe3e050..68ca7ff8e26 100644
--- a/frontend/providers/template/src/api/platform.ts
+++ b/frontend/providers/template/src/api/platform.ts
@@ -1,7 +1,9 @@
 import { EnvResponse } from '@/types/index';
 import { GET } from '@/services/request';
 import { SystemConfigType, TemplateType } from '@/types/app';
-import type { UserQuotaItemType, userPriceType } from '@/types/user';
+import type { UserQuotaItemType, UserTask, userPriceType } from '@/types/user';
+import { getUserSession } from '@/utils/user';
+import useSessionStore from '@/store/session';
 
 export const updateRepo = () => GET('/api/updateRepo');
 
@@ -21,3 +23,24 @@ export const getUserQuota = () =>
   }>('/api/platform/getQuota');
 
 export const getResourcePrice = () => GET<userPriceType>('/api/platform/resourcePrice');
+
+export const getUserTasks = () =>
+  GET<{ needGuide: boolean; task: UserTask }>('/api/guide/getTasks', undefined, {
+    headers: {
+      Authorization: useSessionStore.getState().getSession()?.token
+    }
+  });
+
+export const checkUserTask = () =>
+  GET('/api/guide/checkTask', undefined, {
+    headers: {
+      Authorization: useSessionStore.getState().getSession()?.token
+    }
+  });
+
+export const getPriceBonus = () =>
+  GET<{ amount: number; gift: number }[]>('/api/guide/getBonus', undefined, {
+    headers: {
+      Authorization: useSessionStore.getState().getSession()?.token
+    }
+  });
diff --git a/frontend/providers/template/src/components/Icon/icons/gift.svg b/frontend/providers/template/src/components/Icon/icons/gift.svg
new file mode 100644
index 00000000000..865d6307dbb
--- /dev/null
+++ b/frontend/providers/template/src/components/Icon/icons/gift.svg
@@ -0,0 +1,10 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="21" height="20" viewBox="0 0 21 20" fill="none">
+  <path fill-rule="evenodd" clip-rule="evenodd" d="M6.74968 2.4987C6.41816 2.4987 6.10021 2.63039 5.86579 2.86481C5.63137 3.09924 5.49968 3.41718 5.49968 3.7487C5.49968 4.08022 5.63137 4.39816 5.86579 4.63258C6.10021 4.867 6.41816 4.9987 6.74968 4.9987H9.37803C9.2763 4.73254 9.14752 4.43988 8.98825 4.1503C8.46411 3.19732 7.74459 2.4987 6.74968 2.4987ZM9.66634 6.66536V10.832H2.99968V8.4987C2.99968 8.01824 3.00032 7.70801 3.01962 7.47189C3.03811 7.24551 3.06951 7.16158 3.0905 7.12037C3.1704 6.96357 3.29788 6.83609 3.45468 6.75619C3.49589 6.7352 3.57982 6.7038 3.80621 6.6853C4.04232 6.66601 4.35255 6.66537 4.83301 6.66537L9.66634 6.66536ZM4.11661 5.00325C3.93164 4.61502 3.83301 4.18694 3.83301 3.7487C3.83301 2.97515 4.1403 2.23328 4.68728 1.6863C5.23426 1.13932 5.97613 0.832031 6.74968 0.832031C8.67143 0.832031 9.82691 2.21674 10.4486 3.3471C10.4659 3.37861 10.483 3.4101 10.4997 3.44154C10.5164 3.4101 10.5334 3.37861 10.5507 3.3471C11.1724 2.21674 12.3279 0.832031 14.2497 0.832031C15.0232 0.832031 15.7651 1.13932 16.3121 1.6863C16.8591 2.23328 17.1663 2.97515 17.1663 3.7487C17.1663 4.18694 17.0677 4.61502 16.8827 5.00325C17.0438 5.00678 17.1927 5.01305 17.3289 5.02417C17.6583 5.05109 17.986 5.11052 18.3013 5.27118C18.7717 5.51087 19.1542 5.89332 19.3939 6.36372C19.5545 6.67904 19.614 7.00672 19.6409 7.33618C19.6664 7.64832 19.6664 8.02728 19.6663 8.46656V15.6975C19.6664 16.1368 19.6664 16.5157 19.6409 16.8279C19.614 17.1573 19.5545 17.485 19.3939 17.8003C19.1542 18.2707 18.7717 18.6532 18.3013 18.8929C17.986 19.0535 17.6583 19.113 17.3289 19.1399C17.0167 19.1654 16.6378 19.1654 16.1985 19.1654H10.5008C10.5005 19.1654 10.5001 19.1654 10.4997 19.1654C10.4993 19.1654 10.4989 19.1654 10.4985 19.1654H4.80087C4.36159 19.1654 3.98262 19.1654 3.67049 19.1399C3.34103 19.113 3.01335 19.0535 2.69803 18.8929C2.22763 18.6532 1.84518 18.2707 1.60549 17.8003C1.44483 17.485 1.3854 17.1573 1.35848 16.8279C1.33298 16.5157 1.33299 16.1368 1.33301 15.6975L1.33301 11.6658C1.33301 11.6657 1.33301 11.666 1.33301 11.6658C1.33301 11.6657 1.33301 11.665 1.33301 11.6649L1.33301 8.46658C1.33299 8.02729 1.33298 7.64832 1.35848 7.33617C1.3854 7.00672 1.44483 6.67904 1.60549 6.36372C1.84518 5.89332 2.22763 5.51087 2.69803 5.27118C3.01335 5.11052 3.34103 5.05109 3.67049 5.02417C3.80666 5.01305 3.95554 5.00678 4.11661 5.00325ZM2.99968 12.4987V15.6654C2.99968 16.1458 3.00032 16.4561 3.01962 16.6922C3.03811 16.9186 3.06951 17.0025 3.0905 17.0437C3.1704 17.2005 3.29788 17.328 3.45468 17.4079C3.49589 17.4289 3.57982 17.4603 3.80621 17.4788C4.04232 17.498 4.35255 17.4987 4.83301 17.4987H9.66634V12.4987H2.99968ZM11.333 12.4987V17.4987H16.1663C16.6468 17.4987 16.957 17.4981 17.1931 17.4788C17.4195 17.4603 17.5035 17.4289 17.5447 17.4079C17.7015 17.328 17.829 17.2005 17.9088 17.0437C17.9298 17.0025 17.9612 16.9186 17.9797 16.6922C17.999 16.4561 17.9997 16.1458 17.9997 15.6654V12.4987H11.333ZM17.9997 10.832V8.4987C17.9997 8.01824 17.999 7.70801 17.9797 7.4719C17.9612 7.24551 17.9298 7.16158 17.9088 7.12037C17.829 6.96357 17.7015 6.83609 17.5447 6.75619C17.5035 6.7352 17.4195 6.7038 17.1931 6.68531C16.957 6.66601 16.6468 6.66537 16.1663 6.66537L11.333 6.66536V10.832H17.9997ZM11.6213 4.9987C11.7231 4.73254 11.8518 4.43988 12.0111 4.1503C12.5352 3.19732 13.2548 2.4987 14.2497 2.4987C14.5812 2.4987 14.8991 2.63039 15.1336 2.86481C15.368 3.09924 15.4997 3.41718 15.4997 3.7487C15.4997 4.08022 15.368 4.39816 15.1336 4.63258C14.8991 4.867 14.5812 4.9987 14.2497 4.9987H11.6213Z" fill="url(#paint0_linear_787_31074)"/>
+  <defs>
+    <linearGradient id="paint0_linear_787_31074" x1="10.4997" y1="1.42727" x2="10.4997" y2="18.5701" gradientUnits="userSpaceOnUse">
+      <stop stop-color="#69AEFF"/>
+      <stop offset="0.432292" stop-color="#6096FF"/>
+      <stop offset="1" stop-color="#6C7FFF"/>
+    </linearGradient>
+  </defs>
+</svg>
\ No newline at end of file
diff --git a/frontend/providers/template/src/components/Icon/index.tsx b/frontend/providers/template/src/components/Icon/index.tsx
index 8be09d09888..f96a939db8f 100644
--- a/frontend/providers/template/src/components/Icon/index.tsx
+++ b/frontend/providers/template/src/components/Icon/index.tsx
@@ -36,6 +36,7 @@ const map = {
   sealosGrey: require('./icons/sealos-grey.svg').default,
   empty: require('./icons/empty.svg').default,
   dev: require('./icons/dev.svg').default,
+  gift: require('./icons/gift.svg').default,
   eyeShow: require('./icons/eyeShow.svg').default,
   tool: require('./icons/tool.svg').default,
   sealosCoin: require('./icons/sealosCoin.svg').default,
diff --git a/frontend/providers/template/src/components/layout/appmenu.tsx b/frontend/providers/template/src/components/layout/appmenu.tsx
index 379069a71c5..e72c4428c52 100644
--- a/frontend/providers/template/src/components/layout/appmenu.tsx
+++ b/frontend/providers/template/src/components/layout/appmenu.tsx
@@ -56,45 +56,44 @@ export default function AppMenu() {
       </InputGroup>
 
       <SideBar />
-
-      <Flex
-        cursor={'default'}
-        p="8px 4px"
-        mb="8px"
-        h="48px"
-        borderRadius={'4px'}
-        background={router.route === '/app' ? 'rgba(150, 153, 180, 0.15)' : ''}
-        _hover={{
-          background: 'rgba(150, 153, 180, 0.10)'
-        }}
-        alignItems={'center'}
-        onClick={() => {
-          router.replace('/app');
-          setAppType(ApplicationType.MyApp);
-        }}
-      >
-        <Icon
-          xmlns="http://www.w3.org/2000/svg"
-          width="32px"
-          height="32px"
-          viewBox="0 0 32 32"
-          fill="none"
+      {insideCloud ? (
+        <Flex
+          cursor={'default'}
+          p="8px 4px"
+          mb="8px"
+          h="48px"
+          borderRadius={'4px'}
+          background={router.route === '/app' ? 'rgba(150, 153, 180, 0.15)' : ''}
+          _hover={{
+            background: 'rgba(150, 153, 180, 0.10)'
+          }}
+          alignItems={'center'}
+          onClick={() => {
+            router.replace('/app');
+            setAppType(ApplicationType.MyApp);
+          }}
         >
-          <path
-            d="M32 16C32 24.8366 24.8366 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0C24.8366 0 32 7.16344 32 16Z"
-            fill="#9699B4"
-            fillOpacity="0.8"
-          />
-          <path
-            d="M16 16C17.934 16 19.5 14.434 19.5 12.5C19.5 10.566 17.934 9 16 9C15.5403 8.99987 15.0851 9.09031 14.6605 9.26615C14.2358 9.442 13.8499 9.6998 13.5248 10.0248C13.1998 10.3499 12.942 10.7358 12.7662 11.1605C12.5903 11.5852 12.4999 12.0403 12.5 12.5C12.5 14.434 14.066 16 16 16ZM16 17C13.664 17 9 18.34 9 21V23H23V21C23 18.34 18.336 17 16 17Z"
-            fill="#F0F0F5"
-          />
-        </Icon>
-        <Text ml="10px" fontSize={'14px'} fontWeight={500}>
-          {t('SideBar.My App')}
-        </Text>
+          <Icon
+            xmlns="http://www.w3.org/2000/svg"
+            width="32px"
+            height="32px"
+            viewBox="0 0 32 32"
+            fill="none"
+          >
+            <path
+              d="M32 16C32 24.8366 24.8366 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0C24.8366 0 32 7.16344 32 16Z"
+              fill="#9699B4"
+              fillOpacity="0.8"
+            />
+            <path
+              d="M16 16C17.934 16 19.5 14.434 19.5 12.5C19.5 10.566 17.934 9 16 9C15.5403 8.99987 15.0851 9.09031 14.6605 9.26615C14.2358 9.442 13.8499 9.6998 13.5248 10.0248C13.1998 10.3499 12.942 10.7358 12.7662 11.1605C12.5903 11.5852 12.4999 12.0403 12.5 12.5C12.5 14.434 14.066 16 16 16ZM16 17C13.664 17 9 18.34 9 21V23H23V21C23 18.34 18.336 17 16 17Z"
+              fill="#F0F0F5"
+            />
+          </Icon>
+          <Text ml="10px" fontSize={'14px'} fontWeight={500}>
+            {t('SideBar.My App')}
+          </Text>
 
-        {!insideCloud && (
           <Center
             ml="auto"
             bg="rgba(150, 153, 180, 0.15)"
@@ -114,8 +113,28 @@ export default function AppMenu() {
           >
             {i18n?.language === 'en' ? 'En' : '中'}
           </Center>
-        )}
-      </Flex>
+        </Flex>
+      ) : (
+        <Center
+          bg="rgba(150, 153, 180, 0.15)"
+          mb={'16px'}
+          color={'#485058'}
+          w="28px"
+          h="28px"
+          borderRadius={'50%'}
+          bottom={'28px'}
+          right={'16px'}
+          fontSize={'12px'}
+          fontWeight={500}
+          cursor={'pointer'}
+          onClick={(e) => {
+            e.stopPropagation();
+            changeI18n();
+          }}
+        >
+          {i18n?.language === 'en' ? 'En' : '中'}
+        </Center>
+      )}
     </Flex>
   );
 }
diff --git a/frontend/providers/template/src/hooks/useDetailDriver.tsx b/frontend/providers/template/src/hooks/useDetailDriver.tsx
new file mode 100644
index 00000000000..2e70cfdbc14
--- /dev/null
+++ b/frontend/providers/template/src/hooks/useDetailDriver.tsx
@@ -0,0 +1,232 @@
+import { checkUserTask, getPriceBonus, getUserTasks } from '@/api/platform';
+import MyIcon from '@/components/Icon';
+import { useGuideStore } from '@/store/guide';
+import { formatMoney } from '@/utils/tools';
+import { Center, Flex, Icon, Text } from '@chakra-ui/react';
+import { driver } from '@sealos/driver';
+import { SealosCoin } from '@sealos/ui';
+import { useTranslation } from 'next-i18next';
+import { useEffect, useState } from 'react';
+import { sealosApp } from 'sealos-desktop-sdk/app';
+
+export function DriverStarIcon() {
+  return (
+    <Icon xmlns="http://www.w3.org/2000/svg" width="21" height="21" viewBox="0 0 21 21" fill="none">
+      <path
+        fillRule="evenodd"
+        clipRule="evenodd"
+        d="M4.24999 1.58789C4.5696 1.58789 4.82869 1.84699 4.82869 2.16659V3.67122H6.33332C6.65293 3.67122 6.91203 3.93032 6.91203 4.24993C6.91203 4.56954 6.65293 4.82863 6.33332 4.82863H4.82869V6.33326C4.82869 6.65287 4.5696 6.91196 4.24999 6.91196C3.93038 6.91196 3.67128 6.65287 3.67128 6.33326V4.82863H2.16666C1.84705 4.82863 1.58795 4.56954 1.58795 4.24993C1.58795 3.93032 1.84705 3.67122 2.16666 3.67122H3.67128V2.16659C3.67128 1.84699 3.93038 1.58789 4.24999 1.58789ZM11.3333 2.42122C11.5728 2.42122 11.7875 2.56869 11.8735 2.79218L13.3186 6.54957C13.5643 7.18827 13.6548 7.41187 13.7853 7.59548C13.9098 7.77051 14.0627 7.92344 14.2378 8.04791C14.4214 8.17846 14.645 8.269 15.2837 8.51465L19.0411 9.9598C19.2646 10.0458 19.412 10.2605 19.412 10.4999C19.412 10.7394 19.2646 10.9541 19.0411 11.0401L15.2837 12.4852C14.645 12.7309 14.4214 12.8214 14.2378 12.9519C14.0627 13.0764 13.9098 13.2293 13.7853 13.4044C13.6548 13.588 13.5643 13.8116 13.3186 14.4503L11.8735 18.2077C11.7875 18.4312 11.5728 18.5786 11.3333 18.5786C11.0939 18.5786 10.8792 18.4312 10.7932 18.2077L9.34804 14.4503C9.10239 13.8116 9.01186 13.588 8.8813 13.4044C8.75684 13.2293 8.60391 13.0764 8.42887 12.9519C8.24526 12.8214 8.02166 12.7309 7.38297 12.4852L3.62558 11.0401C3.40209 10.9541 3.25462 10.7394 3.25462 10.4999C3.25462 10.2605 3.40209 10.0458 3.62558 9.9598L7.38296 8.51465C8.02166 8.269 8.24526 8.17846 8.42887 8.04791C8.60391 7.92345 8.75684 7.77051 8.8813 7.59548C9.01186 7.41187 9.10239 7.18827 9.34804 6.54957L10.7932 2.79219C10.8791 2.56869 11.0939 2.42122 11.3333 2.42122ZM11.3333 4.61201L10.4283 6.96506C10.4195 6.98797 10.4108 7.01059 10.4022 7.03291C10.1924 7.57876 10.0502 7.94881 9.82456 8.26619C9.62512 8.54667 9.38006 8.79173 9.09958 8.99117C8.78221 9.21684 8.41216 9.35905 7.86631 9.56883C7.84398 9.5774 7.82137 9.5861 7.79845 9.59491L5.4454 10.4999L7.79845 11.4049C7.82137 11.4138 7.84398 11.4225 7.86631 11.431C8.41216 11.6408 8.78221 11.783 9.09958 12.0087C9.38006 12.2081 9.62512 12.4532 9.82456 12.7337C10.0502 13.051 10.1924 13.4211 10.4022 13.9669C10.4108 13.9893 10.4195 14.0119 10.4283 14.0348L11.3333 16.3878L12.2383 14.0348C12.2472 14.0119 12.2558 13.9893 12.2644 13.967C12.4742 13.4211 12.6164 13.051 12.8421 12.7337C13.0415 12.4532 13.2866 12.2081 13.5671 12.0087C13.8844 11.783 14.2545 11.6408 14.8003 11.431C14.8227 11.4225 14.8453 11.4138 14.8682 11.4049L17.2212 10.4999L14.8682 9.59491C14.8453 9.5861 14.8227 9.57741 14.8004 9.56883C14.2545 9.35906 13.8844 9.21684 13.5671 8.99117C13.2866 8.79173 13.0415 8.54667 12.8421 8.26619C12.6164 7.94881 12.4742 7.57876 12.2644 7.03291C12.2558 7.01059 12.2472 6.98797 12.2383 6.96505L11.3333 4.61201ZM4.24999 14.0879C4.5696 14.0879 4.82869 14.347 4.82869 14.6666V16.1712H6.33332C6.65293 16.1712 6.91203 16.4303 6.91203 16.7499C6.91203 17.0695 6.65293 17.3286 6.33332 17.3286H4.82869V18.8333C4.82869 19.1529 4.5696 19.412 4.24999 19.412C3.93038 19.412 3.67128 19.1529 3.67128 18.8333V17.3286H2.16666C1.84705 17.3286 1.58795 17.0695 1.58795 16.7499C1.58795 16.4303 1.84705 16.1712 2.16666 16.1712H3.67128V14.6666C3.67128 14.347 3.93038 14.0879 4.24999 14.0879Z"
+        fill="url(#paint0_linear_864_3172)"
+      />
+      <defs>
+        <linearGradient
+          id="paint0_linear_864_3172"
+          x1="10.5"
+          y1="2.16659"
+          x2="10.5"
+          y2="18.8333"
+          gradientUnits="userSpaceOnUse"
+        >
+          <stop stopColor="#69AEFF" />
+          <stop offset="0.432292" stopColor="#6096FF" />
+          <stop offset="1" stopColor="#6C7FFF" />
+        </linearGradient>
+      </defs>
+    </Icon>
+  );
+}
+
+export default function useDetailDriver() {
+  const { t, i18n } = useTranslation();
+  const [reward, setReward] = useState(5);
+  const { detailCompleted, setDetailCompleted } = useGuideStore();
+
+  const [rechargeOptions, setRechargeOptions] = useState([
+    { amount: 8, gift: 8 },
+    { amount: 32, gift: 32 },
+    { amount: 128, gift: 128 }
+  ]);
+
+  const openCostCenterApp = () => {
+    sealosApp.runEvents('openDesktopApp', {
+      appKey: 'system-costcenter',
+      query: {
+        openRecharge: 'true'
+      }
+    });
+  };
+
+  const driverObj = driver({
+    disableActiveInteraction: true,
+    showProgress: false,
+    allowClose: false,
+    allowClickMaskNextStep: true,
+    allowPreviousStep: false,
+    isShowButtons: false,
+    allowKeyboardControl: false,
+    steps: [
+      {
+        popover: {
+          borderRadius: '12px 12px 12px 12px',
+          PopoverBody: (
+            <Flex flexDirection={'column'} alignItems={'center'} padding={'27px 40px'} w="540px">
+              <Flex
+                w="100%"
+                color={'#24282C'}
+                fontSize={'14px'}
+                fontWeight={500}
+                bg="#F6EEFA"
+                borderRadius={'8px'}
+                p={'16px'}
+                alignItems={'center'}
+              >
+                <DriverStarIcon />
+                <Text fontWeight={500} ml="8px">
+                  {t('you_have_successfully_deployed_app')}
+                </Text>
+                <Text
+                  ml="auto"
+                  mr={'12px'}
+                  color={'grayModern.900'}
+                  fontSize={'12px'}
+                  fontWeight={500}
+                >
+                  {t('receive')}
+                </Text>
+                <SealosCoin />
+                <Text mx="4px">{reward}</Text>
+                <Text fontSize={'14px'} fontWeight={500}>
+                  {t('balance')}
+                </Text>
+              </Flex>
+
+              <Flex
+                alignItems={'center'}
+                justifyContent={'center'}
+                color={'#24282C'}
+                fontSize={'14px'}
+                fontWeight={500}
+                mt="42px"
+              >
+                <MyIcon name="gift" w={'20px'} h={'20px'} />
+                <Text fontSize={'20px'} fontWeight={500} ml="8px" mr={'4px'}>
+                  {t('first_charge')}
+                </Text>
+              </Flex>
+
+              <Flex
+                justifyContent={'center'}
+                fontSize={i18n.language === 'en' ? '18px' : '24px'}
+                fontWeight={500}
+                mt="28px"
+                gap={'16px'}
+              >
+                {rechargeOptions.map((item, index) => (
+                  <Center
+                    key={index}
+                    bg="#F4F4F7"
+                    borderRadius="2px"
+                    w={'100px'}
+                    h={'72px'}
+                    position={'relative'}
+                  >
+                    <SealosCoin w="14px" />
+                    <Text fontSize={'20px'} fontWeight={500} color={'rgba(17, 24, 36, 1)'} pl="4px">
+                      {item.amount}
+                    </Text>
+                    <Flex
+                      bg={'#F7E7FF'}
+                      position={'absolute'}
+                      top={0}
+                      right={'-15px'}
+                      borderRadius={'10px 10px 10px 0px'}
+                      color={'#9E53C1'}
+                      fontSize={'12px'}
+                      fontWeight={500}
+                      gap={'2px'}
+                      alignItems={'center'}
+                      justifyContent={'center'}
+                      w={'60px'}
+                      height={'20px'}
+                    >
+                      <Text>{t('gift')}</Text>
+                      <SealosCoin w="10px" />
+                      <Text>{item.gift}</Text>
+                    </Flex>
+                  </Center>
+                ))}
+              </Flex>
+
+              <Flex
+                mt={'40px'}
+                bg={'#111824'}
+                borderRadius={'6px'}
+                alignItems={'center'}
+                justifyContent={'center'}
+                w={'179px'}
+                h={'36px'}
+                color={'#FFF'}
+                fontSize={'14px'}
+                fontWeight={500}
+                cursor={'pointer'}
+                onClick={() => {
+                  driverObj.destroy();
+                  openCostCenterApp();
+                }}
+              >
+                {t('go_to_recharge')}
+              </Flex>
+              <Text
+                mt="16px"
+                cursor={'pointer'}
+                color={'rgba(72, 82, 100, 1)'}
+                fontSize={'14px'}
+                fontWeight={500}
+                onClick={() => {
+                  driverObj.destroy();
+                }}
+              >
+                {t('let_me_think_again')}
+              </Text>
+            </Flex>
+          )
+        }
+      }
+    ],
+    onDestroyed: () => {
+      console.log('onDestroyed Detail');
+      setDetailCompleted(true);
+      checkUserTask().then((err) => {
+        console.log(err);
+      });
+    },
+    interceptSkipButtonClick: () => {
+      driverObj.destroy();
+    }
+  });
+
+  const startGuide = () => {
+    driverObj.drive();
+  };
+
+  useEffect(() => {
+    const handleUserGuide = async () => {
+      try {
+        const [taskData, bonusData] = await Promise.all([getUserTasks(), getPriceBonus()]);
+        if (taskData.needGuide && !detailCompleted) {
+          setReward(formatMoney(Number(taskData.task.reward)));
+          setRechargeOptions(bonusData);
+          requestAnimationFrame(() => {
+            startGuide();
+          });
+        }
+      } catch (error) {
+        console.log(error);
+      }
+    };
+    handleUserGuide();
+    // eslint-disable-next-line react-hooks/exhaustive-deps
+  }, []);
+
+  return { startGuide };
+}
diff --git a/frontend/providers/template/src/pages/_app.tsx b/frontend/providers/template/src/pages/_app.tsx
index 908e37d9c1f..ef4fae73f5d 100644
--- a/frontend/providers/template/src/pages/_app.tsx
+++ b/frontend/providers/template/src/pages/_app.tsx
@@ -16,6 +16,8 @@ import { createSealosApp, sealosApp } from 'sealos-desktop-sdk/app';
 import { useSystemConfigStore } from '@/store/config';
 import useSessionStore from '@/store/session';
 import { useUserStore } from '@/store/user';
+
+import '@sealos/driver/src/driver.css';
 import '@/styles/reset.scss';
 import 'nprogress/nprogress.css';
 
diff --git a/frontend/providers/template/src/pages/api/guide/checkTask.ts b/frontend/providers/template/src/pages/api/guide/checkTask.ts
new file mode 100644
index 00000000000..4c80bb72c8b
--- /dev/null
+++ b/frontend/providers/template/src/pages/api/guide/checkTask.ts
@@ -0,0 +1,41 @@
+import { authAppToken } from '@/services/backend/auth';
+import { jsonRes } from '@/services/backend/response';
+import { ApiResp } from '@/services/kubernet';
+import type { NextApiRequest, NextApiResponse } from 'next';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse<ApiResp>) {
+  try {
+    if (process.env.GUIDE_ENABLED !== 'true') return jsonRes(res, { data: null });
+    const token = await authAppToken(req.headers);
+    if (!token) {
+      return jsonRes(res, { code: 401, message: 'token is valid' });
+    }
+
+    const domain = process.env.DESKTOP_DOMAIN;
+    const response = await fetch(`https://${domain}/api/account/checkTask`, {
+      method: 'GET',
+      headers: {
+        'Content-Type': 'application/json',
+        Authorization: token
+      }
+    });
+
+    const result: {
+      code: number;
+      data: any;
+      message: string;
+    } = await response.json();
+
+    if (result.code !== 200) {
+      return jsonRes(res, { code: result.code, message: 'desktop api is err' });
+    } else {
+      return jsonRes(res, { data: result.data });
+    }
+  } catch (err: any) {
+    console.log(err);
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}
diff --git a/frontend/providers/template/src/pages/api/guide/getBonus.ts b/frontend/providers/template/src/pages/api/guide/getBonus.ts
new file mode 100644
index 00000000000..c52a23b5700
--- /dev/null
+++ b/frontend/providers/template/src/pages/api/guide/getBonus.ts
@@ -0,0 +1,53 @@
+import { authAppToken } from '@/services/backend/auth';
+import { jsonRes } from '@/services/backend/response';
+import { ApiResp } from '@/services/kubernet';
+import type { NextApiRequest, NextApiResponse } from 'next';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse<ApiResp>) {
+  try {
+    if (process.env.GUIDE_ENABLED !== 'true')
+      jsonRes(res, {
+        code: 500
+      });
+
+    const token = await authAppToken(req.headers);
+    if (!token) {
+      return jsonRes(res, { code: 401, message: 'token is valid' });
+    }
+
+    const url = process.env.BILLING_URL;
+    if (!url) {
+      return jsonRes(res, { code: 500, message: 'billing is error' });
+    }
+
+    const response = await fetch(`${url}/account/v1alpha1/recharge-discount`, {
+      method: 'POST',
+      headers: {
+        Authorization: `Bearer ${token}`
+      }
+    });
+    const result: {
+      discount: {
+        firstRechargeDiscount: Record<string, string>;
+      };
+    } = await response.json();
+
+    const rechargeOptions = Object.entries(result.discount.firstRechargeDiscount).map(
+      ([amount, rate]) => ({
+        amount: Number(amount),
+        gift: Math.floor((Number(amount) * Number(rate)) / 100)
+      })
+    );
+
+    jsonRes(res, {
+      code: 200,
+      data: rechargeOptions
+    });
+  } catch (err: any) {
+    console.log(err);
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}
diff --git a/frontend/providers/template/src/pages/api/guide/getTasks.ts b/frontend/providers/template/src/pages/api/guide/getTasks.ts
new file mode 100644
index 00000000000..79b7a7faa7d
--- /dev/null
+++ b/frontend/providers/template/src/pages/api/guide/getTasks.ts
@@ -0,0 +1,57 @@
+import { authAppToken } from '@/services/backend/auth';
+import { jsonRes } from '@/services/backend/response';
+import { ApiResp } from '@/services/kubernet';
+import { UserTask } from '@/types/user';
+import type { NextApiRequest, NextApiResponse } from 'next';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse<ApiResp>) {
+  try {
+    if (process.env.GUIDE_ENABLED !== 'true') {
+      return jsonRes(res, {
+        data: {
+          needGuide: false
+        }
+      });
+    }
+
+    const token = await authAppToken(req.headers);
+    if (!token) {
+      return jsonRes(res, { code: 401, message: 'token is valid' });
+    }
+
+    const domain = process.env.DESKTOP_DOMAIN;
+    const response = await fetch(`https://${domain}/api/account/getTasks`, {
+      method: 'GET',
+      headers: {
+        Authorization: token
+      }
+    });
+
+    const result: {
+      code: number;
+      data: UserTask[];
+      message: string;
+    } = await response.json();
+
+    if (result.code !== 200) {
+      return jsonRes(res, {
+        code: 500,
+        message: 'desktop api is err'
+      });
+    }
+
+    const launchpadTask = result.data.find((task) => task.taskType === 'APPSTORE');
+    const needGuide = launchpadTask ? !launchpadTask.isCompleted : false;
+
+    jsonRes(res, {
+      code: 200,
+      data: { needGuide, task: launchpadTask }
+    });
+  } catch (err: any) {
+    console.log(err);
+    jsonRes(res, {
+      code: 500,
+      error: err
+    });
+  }
+}
diff --git a/frontend/providers/template/src/pages/instance/index.tsx b/frontend/providers/template/src/pages/instance/index.tsx
index 3f46e6ea4b1..a9cd35007dc 100644
--- a/frontend/providers/template/src/pages/instance/index.tsx
+++ b/frontend/providers/template/src/pages/instance/index.tsx
@@ -9,8 +9,11 @@ import DBList from './components/dbList';
 import Header from './components/header';
 import OtherList from './components/otherList';
 import ObjStorageList from './components/objStorageList';
+import useDetailDriver from '@/hooks/useDetailDriver';
 
 export default function MyApp() {
+  useDetailDriver();
+
   const { setInstanceName, instanceName, resource } = useResourceStore();
   const router = useRouter();
 
diff --git a/frontend/providers/template/src/services/backend/auth.ts b/frontend/providers/template/src/services/backend/auth.ts
index ef4da6f5aac..ec43191b814 100644
--- a/frontend/providers/template/src/services/backend/auth.ts
+++ b/frontend/providers/template/src/services/backend/auth.ts
@@ -13,3 +13,15 @@ export const authSession = async (header: IncomingHttpHeaders) => {
     return Promise.reject(ERROR_ENUM.unAuthorization);
   }
 };
+
+export const authAppToken = async (header: IncomingHttpHeaders) => {
+  if (!header) return Promise.reject('unAuthorization');
+  const { authorization } = header;
+  if (!authorization) return Promise.reject('unAuthorization');
+
+  try {
+    return Promise.resolve(authorization);
+  } catch (err) {
+    return Promise.reject('unAuthorization');
+  }
+};
diff --git a/frontend/providers/template/src/services/request.ts b/frontend/providers/template/src/services/request.ts
index 9b953420707..45a86ac38d1 100644
--- a/frontend/providers/template/src/services/request.ts
+++ b/frontend/providers/template/src/services/request.ts
@@ -66,7 +66,9 @@ request.interceptors.request.use(
     let _headers: AxiosHeaders = config.headers;
 
     //获取token，并将其添加至请求头中
-    _headers['Authorization'] = encodeURIComponent(getUserKubeConfig());
+    _headers['Authorization'] = config.headers.Authorization
+      ? config.headers.Authorization
+      : encodeURIComponent(getUserKubeConfig());
     if (!config.headers || config.headers['Content-Type'] === '') {
       _headers['Content-Type'] = 'application/json';
     }
diff --git a/frontend/providers/template/src/store/guide.ts b/frontend/providers/template/src/store/guide.ts
new file mode 100644
index 00000000000..c158b81df62
--- /dev/null
+++ b/frontend/providers/template/src/store/guide.ts
@@ -0,0 +1,27 @@
+import { create } from 'zustand';
+import { persist, createJSONStorage } from 'zustand/middleware';
+
+interface GuideState {
+  createCompleted: boolean;
+  detailCompleted: boolean;
+  setCreateCompleted: (completed: boolean) => void;
+  setDetailCompleted: (completed: boolean) => void;
+  resetGuideState: (completed: boolean) => void;
+}
+
+export const useGuideStore = create<GuideState>()(
+  persist(
+    (set) => ({
+      createCompleted: false,
+      detailCompleted: false,
+      setCreateCompleted: (completed) => set({ createCompleted: completed }),
+      setDetailCompleted: (completed) => set({ detailCompleted: completed }),
+      resetGuideState: (completed) =>
+        set({ createCompleted: completed, detailCompleted: completed })
+    }),
+    {
+      name: 'user-guide',
+      storage: createJSONStorage(() => localStorage)
+    }
+  )
+);
diff --git a/frontend/providers/template/src/styles/reset.scss b/frontend/providers/template/src/styles/reset.scss
index 2dd7365c146..9903995d253 100644
--- a/frontend/providers/template/src/styles/reset.scss
+++ b/frontend/providers/template/src/styles/reset.scss
@@ -141,3 +141,9 @@ div {
 html {
   overflow: hidden !important;
 }
+
+#driver-popover-content {
+  padding: 14px;
+  max-width: 600px;
+  border: 1px solid #94b5ff;
+}
diff --git a/frontend/providers/template/src/types/user.ts b/frontend/providers/template/src/types/user.ts
index 6c51cb9b897..231f87bc791 100644
--- a/frontend/providers/template/src/types/user.ts
+++ b/frontend/providers/template/src/types/user.ts
@@ -36,3 +36,18 @@ export type userPriceType = {
   nodeports: number;
   gpu?: { alias: string; type: string; price: number; inventory: number; vm: number }[];
 };
+
+export enum TaskType {
+  APPSTORE = 'APPSTORE'
+}
+
+export type UserTask = {
+  id: string;
+  title: string;
+  description: string;
+  reward: string;
+  order: number;
+  taskType: TaskType;
+  isCompleted: boolean;
+  completedAt: string;
+};
diff --git a/frontend/providers/template/src/utils/tools.ts b/frontend/providers/template/src/utils/tools.ts
index d87572d5372..187bdcd3701 100644
--- a/frontend/providers/template/src/utils/tools.ts
+++ b/frontend/providers/template/src/utils/tools.ts
@@ -278,3 +278,7 @@ export function getTemplateEnvs(namespace?: string): EnvResponse {
   };
   return TemplateEnvs;
 }
+
+export const formatMoney = (mone: number) => {
+  return mone / 1000000;
+};
diff --git a/frontend/providers/template/src/utils/user.ts b/frontend/providers/template/src/utils/user.ts
index f2420d58c76..b40651d4545 100644
--- a/frontend/providers/template/src/utils/user.ts
+++ b/frontend/providers/template/src/utils/user.ts
@@ -1,4 +1,5 @@
 import useSessionStore from '@/store/session';
+import { SessionV1 } from 'sealos-desktop-sdk/*';
 
 // edge
 export const getUserKubeConfig = () => {
@@ -14,3 +15,15 @@ export const getUserKubeConfig = () => {
   }
   return kubeConfig;
 };
+
+export const getUserSession = () => {
+  try {
+    const store = localStorage.getItem('session');
+    if (store) {
+      return JSON.parse(store) as SessionV1;
+    }
+    return null;
+  } catch (err) {
+    return null;
+  }
+};

From aff50d3e31e640c205fb1e628309b1c66bd2b542 Mon Sep 17 00:00:00 2001
From: yy <56745951+lingdie@users.noreply.github.com>
Date: Wed, 9 Oct 2024 10:34:39 +0800
Subject: [PATCH 19/63] v5.0.1 docs. (#5126)

---
 .../docs/self-hosting/sealos/installation.md  | 110 +++++++++---------
 .../developer-guide/sealos/installation.md    |  64 +++++-----
 scripts/cloud/install.sh                      |   2 +-
 3 files changed, 88 insertions(+), 88 deletions(-)

diff --git a/docs/4.0/docs/self-hosting/sealos/installation.md b/docs/4.0/docs/self-hosting/sealos/installation.md
index 74725f792de..6f146822581 100644
--- a/docs/4.0/docs/self-hosting/sealos/installation.md
+++ b/docs/4.0/docs/self-hosting/sealos/installation.md
@@ -43,8 +43,8 @@ We advise using Ubuntu 22.04 LTS with a kernel version of 5.4 or higher. The spe
 |------------------|----------------|-----|--------|---------|------------|-------|
 | Ubuntu 22.04 LTS | ≥ 5.4          | 8C  | 16GB   | 100GB   | Odd Number | Any   |
 
-:::info 
-Kubernetes and Sealos Cloud Operating system require roughly 2 cores (2c) and 2GB of memory (2g) per Master node, and about 1 core (1c) and 1GB of memory (1g) per Node node. Ensure each node in your cluster is well-equipped for these system components. 
+:::info
+Kubernetes and Sealos Cloud Operating system require roughly 2 cores (2c) and 2GB of memory (2g) per Master node, and about 1 core (1c) and 1GB of memory (1g) per Node node. Ensure each node in your cluster is well-equipped for these system components.
 :::
 
 ### Network Considerations
@@ -83,14 +83,14 @@ There are different installation options based on your domain name needs:
 
 ### 1. No public domain, don't want custom domains
 
-If you don't have a public domain or need custom domains, you can use the free `nip.io` wildcard DNS service. `nip.io` maps dynamic IP addresses to fixed subdomains, useful for local dev environments.  
+If you don't have a public domain or need custom domains, you can use the free `nip.io` wildcard DNS service. `nip.io` maps dynamic IP addresses to fixed subdomains, useful for local dev environments.
 
-It works by taking any IP address as part of a `nip.io` subdomain, and resolving requests back to that IP. For example, if your intranet IP is `192.168.1.10`, you can use the domain `192.168.1.10.nip.io`. Requests to this domain will resolve to `192.168.1.10`, eliminating the need to modify local hosts or set up intranet DNS.   
+It works by taking any IP address as part of a `nip.io` subdomain, and resolving requests back to that IP. For example, if your intranet IP is `192.168.1.10`, you can use the domain `192.168.1.10.nip.io`. Requests to this domain will resolve to `192.168.1.10`, eliminating the need to modify local hosts or set up intranet DNS.
 
-To use nip.io for Sealos, run the below on the first master node and enter prompts: 
+To use nip.io for Sealos, run the below on the first master node and enter prompts:
 
 ```bash
-$ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.0-beta5/scripts/cloud/install.sh -o /tmp/install.sh && bash /tmp/install.sh
+$ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.1/scripts/cloud/install.sh -o /tmp/install.sh && SEALOS_VERSION=v5.0.1 && bash /tmp/install.sh
 ```
 
 When prompted for the Sealos Cloud domain name, use a format like `[ip].nip.io`, where [ip] is your Master node's IP.
@@ -105,112 +105,112 @@ admin Username: admin
 admin Password: sealos2023
 ```
 
-### 2. Have public domain, want public access  
+### 2. Have public domain, want public access
 
 If you have a public domain and want public Sealos access, you'll need a trusted public SSL/TLS certificate. You can use acme.sh to automatically issue certs, or get free certs from your domain provider or purchase commercial certificates.
 
-Place the certificate files in a directory on the first master, like `/root/certs/`.   
+Place the certificate files in a directory on the first master, like `/root/certs/`.
 
 :::info
 
-You'll also need to configure DNS records at your domain provider:  
+You'll also need to configure DNS records at your domain provider:
 
-```  
-cloud.example.io A <Master Node Public IP>  
+```
+cloud.example.io A <Master Node Public IP>
 *.cloud.example.io A <Master Node Public IP>
-```  
+```
 
-This maps your domain and subdomains to the first master's public IP.   
+This maps your domain and subdomains to the first master's public IP.
 
-:::  
+:::
 
-Then run below on the first master, entering prompts:  
+Then run below on the first master, entering prompts:
 
 ```bash
-$ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.0-beta5/scripts/cloud/install.sh -o /tmp/install.sh && bash /tmp/install.sh \  
---cloud-domain=<your_domain> \   
---cert-path=<your_crt> \  
+$ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.1/scripts/cloud/install.sh -o /tmp/install.sh && SEALOS_VERSION=v5.0.1 && bash /tmp/install.sh \
+--cloud-domain=<your_domain> \
+--cert-path=<your_crt> \
 --key-path=<your_key>
-```  
+```
 
-+ `<your_domain>` is your public domain  
++ `<your_domain>` is your public domain
 + `<your_crt>` is the certificate file path (`.crt` or `.pem`) e.g. `/root/certs/example.crt`
 + `<your_key>` is the private key file path (`.key` or `.pem`) e.g. `/root/certs/example.key`
 
-### 3. Have public domain, want internal access   
+### 3. Have public domain, want internal access
 
-If you have a public domain but only internal IPs, or only want internal Sealos access, you just need to configure DNS records resolving to the first master's internal IP:  
+If you have a public domain but only internal IPs, or only want internal Sealos access, you just need to configure DNS records resolving to the first master's internal IP:
 
-```  
-cloud.example.io A <Master Node Internal IP>  
-*.cloud.example.io A <Master Node Internal IP>   
-```  
+```
+cloud.example.io A <Master Node Internal IP>
+*.cloud.example.io A <Master Node Internal IP>
+```
 
-Then run the below on the first master, entering prompts:  
+Then run the below on the first master, entering prompts:
 
-```bash  
-$ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.0-beta5/scripts/cloud/install.sh -o /tmp/install.sh && bash /tmp/install.sh \ 
---cloud-domain=<your_domain>  
-```   
+```bash
+$ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.1/scripts/cloud/install.sh -o /tmp/install.sh && SEALOS_VERSION=v5.0.1 && bash /tmp/install.sh \
+--cloud-domain=<your_domain>
+```
 
-Where `<your_domain>` is your public domain.  
+Where `<your_domain>` is your public domain.
 
 The installer will use [cert-manager](https://cert-manager.io/docs/) to automatically sign certificates.
 
-### 4. No public domain, want custom domain   
+### 4. No public domain, want custom domain
 
-If you don't have a public domain but need a custom domain, set up internal DNS resolving a custom domain to the first master's internal IP.   
+If you don't have a public domain but need a custom domain, set up internal DNS resolving a custom domain to the first master's internal IP.
 
 :::note
 
-Assuming the first master internal IP is `192.168.1.10`, and your custom domain is `cloud.example.io`.  
+Assuming the first master internal IP is `192.168.1.10`, and your custom domain is `cloud.example.io`.
 
-:::  
+:::
 
 You can use CoreDNS, Reference configuration:
 
-```  
+```
 (global_cache) {
   cache {
     # [5, 60]
     success 65536 3600 300
     # [1, 10]
-    denial 8192 600 60 
+    denial 8192 600 60
     prefetch 1 60m 10%
-  }  
-}  
+  }
+}
 
 .:53 {
   errors
-  health    
-  ready  
+  health
+  ready
 
   import global_cache
-  
+
   template IN A cloud.example.io {
     answer "{{ .Name }} 60 IN A 192.168.1.10"
-    fallthrough  
+    fallthrough
   }
-   
+
   forward . 223.5.5.5
-   
+
   log
   loop
-   
+
   reload 6s
 }
-```  
+```
 
-This resolves `cloud.example.io` and subdomains to the first master internal IP.    
+This resolves `cloud.example.io` and subdomains to the first master internal IP.
 
-Then run below on the first master, entering prompts:  
+Then run below on the first master, entering prompts:
 
-```bash 
-$ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.0-beta5/scripts/cloud/install.sh -o /tmp/install.sh && bash /tmp/install.sh \   
---cloud-domain=<your_domain>  
-```  
+```bash
+$ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.1/scripts/cloud/install.sh -o /tmp/install.sh && SEALOS_VERSION=v5.0.1 && bash /tmp/install.sh \
+--cloud-domain=<your_domain>
+```
 
-Where `<your_domain>` is your custom domain.     
+Where `<your_domain>` is your custom domain.
 
 The installer uses [cert-manager](https://cert-manager.io/docs/) for certificates.
 
diff --git a/docs/5.0/docs/developer-guide/sealos/installation.md b/docs/5.0/docs/developer-guide/sealos/installation.md
index 8fab95e05c7..3c57bd39d58 100644
--- a/docs/5.0/docs/developer-guide/sealos/installation.md
+++ b/docs/5.0/docs/developer-guide/sealos/installation.md
@@ -109,7 +109,7 @@ resolve to `192.168.1.10`, eliminating the need to modify local hosts or set up
 To use nip.io for Sealos, run the below on the first master node and enter prompts:
 
 ```bash
-$ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.0-beta5/scripts/cloud/install.sh -o /tmp/install.sh && bash /tmp/install.sh
+$ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.1/scripts/cloud/install.sh -o /tmp/install.sh && SEALOS_VERSION=v5.0.1 && bash /tmp/install.sh
 ```
 
 When prompted for the Sealos Cloud domain name, use a format like `[ip].nip.io`, where [ip] is your Master node's IP.
@@ -135,10 +135,10 @@ Place the certificate files in a directory on the first master, like `/root/cert
 
 You'll also need to configure DNS records at your domain provider:
 
-```  
-cloud.example.io A <Master Node Public IP>  
+```
+cloud.example.io A <Master Node Public IP>
 *.cloud.example.io A <Master Node Public IP>
-```  
+```
 
 This maps your domain and subdomains to the first master's public IP.
 
@@ -147,11 +147,11 @@ This maps your domain and subdomains to the first master's public IP.
 Then run below on the first master, entering prompts:
 
 ```bash
-$ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.0-beta5/scripts/cloud/install.sh -o /tmp/install.sh && bash /tmp/install.sh \  
---cloud-domain=<your_domain> \   
---cert-path=<your_crt> \  
+$ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.1/scripts/cloud/install.sh -o /tmp/install.sh && SEALOS_VERSION=v5.0.1 && bash /tmp/install.sh \
+--cloud-domain=<your_domain> \
+--cert-path=<your_crt> \
 --key-path=<your_key>
-```  
+```
 
 + `<your_domain>` is your public domain
 + `<your_crt>` is the certificate file path (`.crt` or `.pem`) e.g. `/root/certs/example.crt`
@@ -162,17 +162,17 @@ $ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.0-beta5/script
 If you have a public domain but only internal IPs, or only want internal Sealos access, you just need to configure DNS
 records resolving to the first master's internal IP:
 
-```  
-cloud.example.io A <Master Node Internal IP>  
-*.cloud.example.io A <Master Node Internal IP>   
-```  
+```
+cloud.example.io A <Master Node Internal IP>
+*.cloud.example.io A <Master Node Internal IP>
+```
 
 Then run the below on the first master, entering prompts:
 
-```bash  
-$ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.0-beta5/scripts/cloud/install.sh -o /tmp/install.sh && bash /tmp/install.sh \ 
---cloud-domain=<your_domain>  
-```   
+```bash
+$ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.1/scripts/cloud/install.sh -o /tmp/install.sh && SEALOS_VERSION=v5.0.1 && bash /tmp/install.sh \
+--cloud-domain=<your_domain>
+```
 
 Where `<your_domain>` is your public domain.
 
@@ -191,46 +191,46 @@ Assuming the first master internal IP is `192.168.1.10`, and your custom domain
 
 You can use CoreDNS, Reference configuration:
 
-```  
+```
 (global_cache) {
   cache {
     # [5, 60]
     success 65536 3600 300
     # [1, 10]
-    denial 8192 600 60 
+    denial 8192 600 60
     prefetch 1 60m 10%
-  }  
-}  
+  }
+}
 
 .:53 {
   errors
-  health    
-  ready  
+  health
+  ready
 
   import global_cache
-  
+
   template IN A cloud.example.io {
     answer "{{ .Name }} 60 IN A 192.168.1.10"
-    fallthrough  
+    fallthrough
   }
-   
+
   forward . 223.5.5.5
-   
+
   log
   loop
-   
+
   reload 6s
 }
-```  
+```
 
 This resolves `cloud.example.io` and subdomains to the first master internal IP.
 
 Then run below on the first master, entering prompts:
 
-```bash 
-$ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.0-beta5/scripts/cloud/install.sh -o /tmp/install.sh && bash /tmp/install.sh \   
---cloud-domain=<your_domain>  
-```  
+```bash
+$ curl -sfL https://raw.githubusercontent.com/labring/sealos/v5.0.1/scripts/cloud/install.sh -o /tmp/install.sh && SEALOS_VERSION=v5.0.1 && bash /tmp/install.sh \
+--cloud-domain=<your_domain>
+```
 
 Where `<your_domain>` is your custom domain.
 
diff --git a/scripts/cloud/install.sh b/scripts/cloud/install.sh
index 94250e69862..31b23ef5305 100644
--- a/scripts/cloud/install.sh
+++ b/scripts/cloud/install.sh
@@ -8,7 +8,7 @@ RESET='\033[0m'
 
 # Configurations
 CLOUD_DIR="/root/.sealos/cloud"
-SEALOS_VERSION="v5.0.1-beta2"
+SEALOS_VERSION="v5.0.1"
 cloud_version="latest"
 #mongodb_version="mongodb-5.0"
 #master_ips=

From 1c6c05400d12b5028088f454e35c03636811bd91 Mon Sep 17 00:00:00 2001
From: xudaotutou <13435638964@163.com>
Date: Wed, 9 Oct 2024 11:53:36 +0800
Subject: [PATCH 20/63] style(costcenter): recharge discount (#5129)


From a90ad407b2d9c42b43f95cd6e2ec05a6c0f512bb Mon Sep 17 00:00:00 2001
From: jingyang <72259332+zjy365@users.noreply.github.com>
Date: Wed, 9 Oct 2024 14:37:17 +0800
Subject: [PATCH 21/63] fix:template add desktop domain (#5130)

---
 frontend/providers/template/.env.template              | 6 +++++-
 frontend/providers/template/src/pages/_app.tsx         | 2 +-
 frontend/providers/template/src/pages/deploy/index.tsx | 6 +++---
 frontend/providers/template/src/types/index.ts         | 1 +
 frontend/providers/template/src/utils/tools.ts         | 3 ++-
 5 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/frontend/providers/template/.env.template b/frontend/providers/template/.env.template
index 7344a111d51..20f25e664c4 100644
--- a/frontend/providers/template/.env.template
+++ b/frontend/providers/template/.env.template
@@ -6,4 +6,8 @@ TEMPLATE_REPO_BRANCH="main"
 # The CDN_URL environment variable is used to specify a CDN address; when set, it replaces raw.githubusercontent.com in the resource loading URL. If not set, the default address is used.
 CDN_URL=
 BLACKLIST_CATEGORIES=""
-SIDEBAR_MENU_COUNT=""
\ No newline at end of file
+SIDEBAR_MENU_COUNT=""
+
+DESKTOP_DOMAIN=""
+GUIDE_ENABLED="false"
+BILLING_URL=""
diff --git a/frontend/providers/template/src/pages/_app.tsx b/frontend/providers/template/src/pages/_app.tsx
index ef4fae73f5d..0290b83e6f2 100644
--- a/frontend/providers/template/src/pages/_app.tsx
+++ b/frontend/providers/template/src/pages/_app.tsx
@@ -130,7 +130,7 @@ const App = ({ Component, pageProps }: AppProps) => {
             type: string;
           }>
         ) => {
-          const whitelist = [`https://${envs.SEALOS_CLOUD_DOMAIN}`];
+          const whitelist = [`https://${envs.DESKTOP_DOMAIN}`];
           if (!whitelist.includes(e.origin)) {
             return;
           }
diff --git a/frontend/providers/template/src/pages/deploy/index.tsx b/frontend/providers/template/src/pages/deploy/index.tsx
index de5cf505ad6..7360c40a499 100644
--- a/frontend/providers/template/src/pages/deploy/index.tsx
+++ b/frontend/providers/template/src/pages/deploy/index.tsx
@@ -192,7 +192,7 @@ export default function EditApp({
 
     const queryString = params.toString();
 
-    const baseUrl = `https://${platformEnvs?.SEALOS_CLOUD_DOMAIN}/`;
+    const baseUrl = `https://${platformEnvs?.DESKTOP_DOMAIN}/`;
     const encodedTemplateQuery = encodeURIComponent(
       `?templateName=${templateName}&sealos_inside=true`
     );
@@ -270,7 +270,7 @@ export default function EditApp({
   );
 
   const copyTemplateLink = () => {
-    const str = `https://${platformEnvs?.SEALOS_CLOUD_DOMAIN}/?openapp=system-template%3FtemplateName%3D${appName}`;
+    const str = `https://${platformEnvs?.DESKTOP_DOMAIN}/?openapp=system-template%3FtemplateName%3D${appName}`;
     copyData(str);
   };
 
@@ -371,7 +371,7 @@ export default function EditApp({
           backgroundColor={'rgba(255, 255, 255, 0.90)'}
         >
           <Header
-            cloudDomain={platformEnvs?.SEALOS_CLOUD_DOMAIN || ''}
+            cloudDomain={platformEnvs?.DESKTOP_DOMAIN || ''}
             templateDetail={data?.templateYaml!}
             appName={appName || ''}
             title={title}
diff --git a/frontend/providers/template/src/types/index.ts b/frontend/providers/template/src/types/index.ts
index e86abfcb1e6..8dea4080139 100644
--- a/frontend/providers/template/src/types/index.ts
+++ b/frontend/providers/template/src/types/index.ts
@@ -27,4 +27,5 @@ export type EnvResponse = {
   SEALOS_NAMESPACE: string;
   SEALOS_SERVICE_ACCOUNT: string;
   SHOW_AUTHOR: string;
+  DESKTOP_DOMAIN: string;
 };
diff --git a/frontend/providers/template/src/utils/tools.ts b/frontend/providers/template/src/utils/tools.ts
index 187bdcd3701..6909320ccf9 100644
--- a/frontend/providers/template/src/utils/tools.ts
+++ b/frontend/providers/template/src/utils/tools.ts
@@ -274,7 +274,8 @@ export function getTemplateEnvs(namespace?: string): EnvResponse {
     TEMPLATE_REPO_BRANCH: process.env.TEMPLATE_REPO_BRANCH || 'main',
     SEALOS_NAMESPACE: namespace || '',
     SEALOS_SERVICE_ACCOUNT: namespace?.replace('ns-', '') || '',
-    SHOW_AUTHOR: process.env.SHOW_AUTHOR || 'false'
+    SHOW_AUTHOR: process.env.SHOW_AUTHOR || 'false',
+    DESKTOP_DOMAIN: process.env.DESKTOP_DOMAIN || 'cloud.sealos.io'
   };
   return TemplateEnvs;
 }

From 04311fd74eafc33bb7804b2d05923a59a8723512 Mon Sep 17 00:00:00 2001
From: sealos-release-robot <sealos-release-robot@sealos.io>
Date: Wed, 9 Oct 2024 16:14:45 +0800
Subject: [PATCH 22/63] =?UTF-8?q?=F0=9F=A4=96=20add=20release=20changelog?=
 =?UTF-8?q?=20using=20rebot.=20(#5127)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 CHANGELOG/CHANGELOG-5.0.1.md | 23 +++++++++++++++++++++++
 CHANGELOG/CHANGELOG.md       |  1 +
 2 files changed, 24 insertions(+)
 create mode 100644 CHANGELOG/CHANGELOG-5.0.1.md

diff --git a/CHANGELOG/CHANGELOG-5.0.1.md b/CHANGELOG/CHANGELOG-5.0.1.md
new file mode 100644
index 00000000000..d4d59318e2c
--- /dev/null
+++ b/CHANGELOG/CHANGELOG-5.0.1.md
@@ -0,0 +1,23 @@
+Welcome to the v5.0.1 release of Sealos!🎉🎉!
+
+
+
+## Changelog
+### New Features
+* 2b74a1281cdd72ec5f02a0cc9edf042639a1e054: feat: Implement app guide module (#5115) (@zjy365)
+### Bug fixes
+* 6489ce6a6d7aaf2aa24ee3514bacab924b0f31a9: fix(desktop):fix merge user (#5101) (@xudaotutou)
+### Other work
+* 351e7616134950859fe559c57499b6fdff67fa0d: Feat/active task (#5121) (@bxy4543)
+* 9817f6fb81b163f42c7d0b31f7e6350101b0f569: devbox cache improve. (#5122) (@lingdie)
+* d9b34cd60044590b6a5807d1725398017a735e19: fix build offline scripts and ci. (#5125) (@lingdie)
+* a9154f858db2b50ce72e1e0a6fc8b15a954d37a0: fix invaild (#5118) (@xudaotutou)
+* 56ffcb829d61b2d5531fe4bb544e17bbe12032ba: 🤖 add release changelog using rebot. (#5123) (@sealos-release-robot)
+
+**Full Changelog**: https://github.com/labring/sealos/compare/v5.0.1-beta3...v5.0.1
+
+See [the CHANGELOG](https://github.com/labring/sealos/blob/main/CHANGELOG/CHANGELOG.md) for more details.
+
+Your patronage towards Sealos is greatly appreciated 🎉🎉.
+
+If you encounter any problems during its usage, please create an issue in the [GitHub repository](https://github.com/labring/sealos), we're committed to resolving your problem as soon as possible.
diff --git a/CHANGELOG/CHANGELOG.md b/CHANGELOG/CHANGELOG.md
index 8460ab33b5d..cb9cbd44f48 100644
--- a/CHANGELOG/CHANGELOG.md
+++ b/CHANGELOG/CHANGELOG.md
@@ -4,6 +4,7 @@ All notable changes to this project will be documented in this file.
 
 - [CHANGELOG-5.0.1-beta2.md](./CHANGELOG-5.0.1-beta2.md)
 - [CHANGELOG-5.0.1-beta1.md](./CHANGELOG-5.0.1-beta1.md)
+- [CHANGELOG-5.0.1.md](./CHANGELOG-5.0.1.md)
 - [CHANGELOG-5.0.0-beta5.md](./CHANGELOG-5.0.0-beta5.md)
 - [CHANGELOG-5.0.0-beta4.md](./CHANGELOG-5.0.0-beta4.md)
 - [CHANGELOG-5.0.0-beta3.md](./CHANGELOG-5.0.0-beta3.md)

From fdf191378bd7b145f314378fdce758512093dd28 Mon Sep 17 00:00:00 2001
From: yy <56745951+lingdie@users.noreply.github.com>
Date: Wed, 9 Oct 2024 17:11:32 +0800
Subject: [PATCH 23/63] ci: cloud release add self hosted runner. (#5131)

* cloud release add self hosted runner.

* cloud release add self hosted runner.

* fix

* fix
---
 .github/workflows/cloud-release.yml | 37 +++++++++++++++++------------
 1 file changed, 22 insertions(+), 15 deletions(-)

diff --git a/.github/workflows/cloud-release.yml b/.github/workflows/cloud-release.yml
index 7c520b15c7c..5a8538be250 100644
--- a/.github/workflows/cloud-release.yml
+++ b/.github/workflows/cloud-release.yml
@@ -3,11 +3,18 @@ name: Release Cloud
 on:
   release:
     types: [ published ]
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: 'Tag for manual release'
+        required: false
+        default: ''
 
 env:
   # Common versions
   GO_VERSION: "1.20"
   DEFAULT_OWNER: "labring"
+  TAG: ${{ github.event.inputs.tag || github.event.release.tag_name }}
 
 jobs:
   save-sealos:
@@ -17,14 +24,14 @@ jobs:
     uses: ./.github/workflows/controllers.yml
     with:
       push_image: true
-      push_image_tag: ${{ github.event.release.tag_name }}
+      push_image_tag: ${{ env.TAG }}
     secrets: inherit
 
   release-frontends:
     uses: ./.github/workflows/frontend.yml
     with:
       push_image: true
-      push_image_tag: ${{ github.event.release.tag_name }}
+      push_image_tag: ${{ env.TAG }}
     secrets: inherit
 
   release-service:
@@ -33,7 +40,7 @@ jobs:
     uses: ./.github/workflows/services.yml
     with:
       push_image: true
-      push_image_tag: ${{ github.event.release.tag_name }}
+      push_image_tag: ${{ env.TAG }}
     secrets: inherit
 
   release-cloud:
@@ -45,14 +52,14 @@ jobs:
     uses: ./.github/workflows/cloud.yml
     with:
       push_image: true
-      push_image_tag: ${{ github.event.release.tag_name }}
-      build_from: ${{ github.event.release.tag_name }}
+      push_image_tag: ${{ env.TAG }}
+      build_from: ${{ env.TAG }}
     secrets: inherit
 
   release-amd-offline-tar:
     needs:
       - release-cloud
-    runs-on: ubuntu-latest
+    runs-on: self-hosted
     steps:
       - name: Checkout
         uses: actions/checkout@v3
@@ -68,8 +75,8 @@ jobs:
           sudo sealos version
       - name: Build
         run: |
-          export CLOUD_VERSION=${{ github.event.release.tag_name }}
-          export VERSION=${{ github.event.release.tag_name }}
+          export CLOUD_VERSION=${{ env.TAG }}
+          export VERSION=${{ env.TAG }}
           export ARCH=amd64
           bash ./scripts/cloud/build-offline-tar.sh
       - name: Setup ossutil
@@ -82,13 +89,13 @@ jobs:
         run: cat ./sealos-cloud.tar.gz.md5
       - name: Upload
         run: |
-          ossutil cp ./sealos-cloud.tar.gz oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ github.event.release.tag_name }}-amd64.tar.gz
-          ossutil cp ./sealos-cloud.tar.gz.md5 oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ github.event.release.tag_name }}-amd64.tar.gz.md5
+          ossutil cp ./sealos-cloud.tar.gz oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ env.TAG }}-amd64.tar.gz
+          ossutil cp ./sealos-cloud.tar.gz.md5 oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ env.TAG }}-amd64.tar.gz.md5
 
   release-arm-offline-tar:
     needs:
       - release-cloud
-    runs-on: ubuntu-latest
+    runs-on: self-hosted
     steps:
       - name: Checkout
         uses: actions/checkout@v3
@@ -104,8 +111,8 @@ jobs:
           sudo sealos version
       - name: Build
         run: |
-          export CLOUD_VERSION=${{ github.event.release.tag_name }}
-          export VERSION=${{ github.event.release.tag_name }}
+          export CLOUD_VERSION=${{ env.TAG }}
+          export VERSION=${{ env.TAG }}
           export ARCH=arm64
           bash ./scripts/cloud/build-offline-tar.sh
       - name: Setup ossutil
@@ -118,5 +125,5 @@ jobs:
         run: cat ./sealos-cloud.tar.gz.md5
       - name: Upload
         run: |
-          ossutil cp ./sealos-cloud.tar.gz oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ github.event.release.tag_name }}-arm64.tar.gz
-          ossutil cp ./sealos-cloud.tar.gz.md5 oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ github.event.release.tag_name }}-arm64.tar.gz.md5
+          ossutil cp ./sealos-cloud.tar.gz oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ env.TAG }}-arm64.tar.gz
+          ossutil cp ./sealos-cloud.tar.gz.md5 oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ env.TAG }}-arm64.tar.gz.md5

From 0704bd7f1f76e2240bfdc91b5ee67672a28e877e Mon Sep 17 00:00:00 2001
From: yy <56745951+lingdie@users.noreply.github.com>
Date: Wed, 9 Oct 2024 17:30:12 +0800
Subject: [PATCH 24/63] fix ci (#5132)

---
 .github/workflows/cloud-release.yml | 27 +++++++++++++--------------
 1 file changed, 13 insertions(+), 14 deletions(-)

diff --git a/.github/workflows/cloud-release.yml b/.github/workflows/cloud-release.yml
index 5a8538be250..c4326acdf86 100644
--- a/.github/workflows/cloud-release.yml
+++ b/.github/workflows/cloud-release.yml
@@ -14,7 +14,6 @@ env:
   # Common versions
   GO_VERSION: "1.20"
   DEFAULT_OWNER: "labring"
-  TAG: ${{ github.event.inputs.tag || github.event.release.tag_name }}
 
 jobs:
   save-sealos:
@@ -24,14 +23,14 @@ jobs:
     uses: ./.github/workflows/controllers.yml
     with:
       push_image: true
-      push_image_tag: ${{ env.TAG }}
+      push_image_tag: ${{ github.event.inputs.tag || github.event.release.tag_name }}
     secrets: inherit
 
   release-frontends:
     uses: ./.github/workflows/frontend.yml
     with:
       push_image: true
-      push_image_tag: ${{ env.TAG }}
+      push_image_tag: ${{ github.event.inputs.tag || github.event.release.tag_name }}
     secrets: inherit
 
   release-service:
@@ -40,7 +39,7 @@ jobs:
     uses: ./.github/workflows/services.yml
     with:
       push_image: true
-      push_image_tag: ${{ env.TAG }}
+      push_image_tag: ${{ github.event.inputs.tag || github.event.release.tag_name }}
     secrets: inherit
 
   release-cloud:
@@ -52,8 +51,8 @@ jobs:
     uses: ./.github/workflows/cloud.yml
     with:
       push_image: true
-      push_image_tag: ${{ env.TAG }}
-      build_from: ${{ env.TAG }}
+      push_image_tag: ${{ github.event.inputs.tag || github.event.release.tag_name }}
+      build_from: ${{ github.event.inputs.tag || github.event.release.tag_name }}
     secrets: inherit
 
   release-amd-offline-tar:
@@ -75,8 +74,8 @@ jobs:
           sudo sealos version
       - name: Build
         run: |
-          export CLOUD_VERSION=${{ env.TAG }}
-          export VERSION=${{ env.TAG }}
+          export CLOUD_VERSION=${{ github.event.inputs.tag || github.event.release.tag_name }}
+          export VERSION=${{ github.event.inputs.tag || github.event.release.tag_name }}
           export ARCH=amd64
           bash ./scripts/cloud/build-offline-tar.sh
       - name: Setup ossutil
@@ -89,8 +88,8 @@ jobs:
         run: cat ./sealos-cloud.tar.gz.md5
       - name: Upload
         run: |
-          ossutil cp ./sealos-cloud.tar.gz oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ env.TAG }}-amd64.tar.gz
-          ossutil cp ./sealos-cloud.tar.gz.md5 oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ env.TAG }}-amd64.tar.gz.md5
+          ossutil cp ./sealos-cloud.tar.gz oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ github.event.inputs.tag || github.event.release.tag_name }}-amd64.tar.gz
+          ossutil cp ./sealos-cloud.tar.gz.md5 oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ github.event.inputs.tag || github.event.release.tag_name }}-amd64.tar.gz.md5
 
   release-arm-offline-tar:
     needs:
@@ -111,8 +110,8 @@ jobs:
           sudo sealos version
       - name: Build
         run: |
-          export CLOUD_VERSION=${{ env.TAG }}
-          export VERSION=${{ env.TAG }}
+          export CLOUD_VERSION=${{ github.event.inputs.tag || github.event.release.tag_name }}
+          export VERSION=${{ github.event.inputs.tag || github.event.release.tag_name }}
           export ARCH=arm64
           bash ./scripts/cloud/build-offline-tar.sh
       - name: Setup ossutil
@@ -125,5 +124,5 @@ jobs:
         run: cat ./sealos-cloud.tar.gz.md5
       - name: Upload
         run: |
-          ossutil cp ./sealos-cloud.tar.gz oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ env.TAG }}-arm64.tar.gz
-          ossutil cp ./sealos-cloud.tar.gz.md5 oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ env.TAG }}-arm64.tar.gz.md5
+          ossutil cp ./sealos-cloud.tar.gz oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ github.event.inputs.tag || github.event.release.tag_name }}-arm64.tar.gz
+          ossutil cp ./sealos-cloud.tar.gz.md5 oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ github.event.inputs.tag || github.event.release.tag_name }}-arm64.tar.gz.md5

From a884a80fcbcbc3df4789ab87f7559a48d4d2c818 Mon Sep 17 00:00:00 2001
From: limbo <43649186+HUAHUAI23@users.noreply.github.com>
Date: Thu, 10 Oct 2024 14:02:51 +0800
Subject: [PATCH 25/63] feat(desktop): add face auth and enterprise auth
 (#5124)

* add face auth

* ok

* ok

* ok

* ok

* ok

* test

* ok

* ok

* ok

* ok
---
 frontend/desktop/.gitignore                   |    1 +
 frontend/desktop/.prettierrc.js               |    4 +-
 frontend/desktop/data/config.yaml             |    9 +
 frontend/desktop/package.json                 |    3 +
 .../migration.sql                             |   19 +
 frontend/desktop/prisma/global/schema.prisma  |   40 +-
 .../desktop/public/locales/en/common.json     |   31 +-
 .../desktop/public/locales/zh/common.json     |   32 +-
 frontend/desktop/src/api/auth.ts              |   32 +-
 .../account/AccountCenter/index.tsx           |   12 +-
 .../src/components/account/RealNameModal.tsx  | 1039 +++++++++++------
 .../src/components/desktop_content/index.tsx  |   12 +-
 .../desktop/src/components/icons/index.tsx    |   84 ++
 .../components/signin/auth/usePassword.tsx    |    3 +
 .../src/components/signin/auth/useWechat.tsx  |    5 +-
 .../api/account/enterpriseRealNameAuth.ts     |  245 ++++
 .../api/account/faceIdRealNameAuthCallback.ts |  308 +++++
 .../api/account/generateRealNameQRcodeUri.ts  |  210 ++++
 .../pages/api/account/getFaceAuthStatus.ts    |  144 +++
 .../src/pages/api/account/realNameAuth.ts     |  219 ----
 frontend/desktop/src/pages/api/auth/info.ts   |   69 +-
 .../src/pages/api/platform/getAuthConfig.ts   |    2 +-
 .../src/pages/api/platform/getCloudConfig.ts  |    2 +-
 .../src/pages/api/platform/getCommonConfig.ts |    6 +-
 .../src/pages/api/platform/getLayoutConfig.ts |    2 +-
 frontend/desktop/src/services/enable.ts       |    2 +
 frontend/desktop/src/types/session.ts         |    2 +
 frontend/desktop/src/types/system.ts          |   16 +
 frontend/desktop/src/utils/sessionConfig.ts   |    2 +
 frontend/pnpm-lock.yaml                       |    9 +
 30 files changed, 1889 insertions(+), 675 deletions(-)
 create mode 100644 frontend/desktop/prisma/global/migrations/20240928050904_add_enterprise_real_name_info_table/migration.sql
 create mode 100644 frontend/desktop/src/pages/api/account/enterpriseRealNameAuth.ts
 create mode 100644 frontend/desktop/src/pages/api/account/faceIdRealNameAuthCallback.ts
 create mode 100644 frontend/desktop/src/pages/api/account/generateRealNameQRcodeUri.ts
 create mode 100644 frontend/desktop/src/pages/api/account/getFaceAuthStatus.ts
 delete mode 100644 frontend/desktop/src/pages/api/account/realNameAuth.ts

diff --git a/frontend/desktop/.gitignore b/frontend/desktop/.gitignore
index 0ee16aefb7b..3d4d46cf7ef 100644
--- a/frontend/desktop/.gitignore
+++ b/frontend/desktop/.gitignore
@@ -42,4 +42,5 @@ yalc.lock
 
 config.yaml
 .env
+data/config.local.yaml
 #/prisma/region/generated/
diff --git a/frontend/desktop/.prettierrc.js b/frontend/desktop/.prettierrc.js
index b070d785ebd..3e3db788f64 100644
--- a/frontend/desktop/.prettierrc.js
+++ b/frontend/desktop/.prettierrc.js
@@ -19,10 +19,10 @@ module.exports = {
 	endOfLine: 'lf',
 	overrides: [
 		{
-			files: 'config.yaml.local',
+			files: 'config.local.yaml',
 			options: {
 				parser: 'yaml'
 			}
 		}
 	]
-};
+}
diff --git a/frontend/desktop/data/config.yaml b/frontend/desktop/data/config.yaml
index e19c486112f..6cf20f8afbe 100644
--- a/frontend/desktop/data/config.yaml
+++ b/frontend/desktop/data/config.yaml
@@ -4,6 +4,8 @@ cloud:
   regionUID: "thisiaregionuid"
   certSecretName: "wildcard-cert"
 common:
+  enterpriseSupportingMaterials: ""
+  enterpriseRealNameAuthEnabled: false
   realNameAuthEnabled: false
   guideEnabled: false
   apiEnabled: false
@@ -67,3 +69,10 @@ desktop:
 #          authURL: "{{ .oauth2AuthURL }}"
 #          tokenURL: "{{ .oauth2TokenURL }}"
 #          userInfoURL: "{{ .oauth2UserInfoURL }}"
+realNameOSS:
+  accessKey: ""
+  accessKeySecret: ""
+  endpoint: ""
+  realNameBucket: ""
+  enterpriseRealNameBucket: ""
+  ssl: true
diff --git a/frontend/desktop/package.json b/frontend/desktop/package.json
index 91603f41fc0..7a7be9f5ada 100644
--- a/frontend/desktop/package.json
+++ b/frontend/desktop/package.json
@@ -42,6 +42,7 @@
     "decimal.js": "^10.4.3",
     "eslint": "8.38.0",
     "eslint-config-next": "13.3.0",
+    "formidable": "^3.5.1",
     "framer-motion": "^10.16.4",
     "i18next": "^23.11.5",
     "immer": "^10.0.2",
@@ -65,6 +66,7 @@
     "react-contexify": "^6.0.0",
     "react-dom": "18.2.0",
     "react-draggable": "^4.4.6",
+    "react-dropzone": "^14.2.3",
     "react-hook-form": "^7.46.2",
     "react-i18next": "^14.1.2",
     "sass": "^1.68.0",
@@ -79,6 +81,7 @@
   "devDependencies": {
     "@testing-library/jest-dom": "^6.1.3",
     "@testing-library/react": "^14.0.0",
+    "@types/formidable": "^3.4.5",
     "@types/jest": "^29.5.10",
     "@types/js-cookie": "^3.0.4",
     "@types/js-yaml": "^4.0.6",
diff --git a/frontend/desktop/prisma/global/migrations/20240928050904_add_enterprise_real_name_info_table/migration.sql b/frontend/desktop/prisma/global/migrations/20240928050904_add_enterprise_real_name_info_table/migration.sql
new file mode 100644
index 00000000000..4d5e5d8b47d
--- /dev/null
+++ b/frontend/desktop/prisma/global/migrations/20240928050904_add_enterprise_real_name_info_table/migration.sql
@@ -0,0 +1,19 @@
+-- CreateTable
+CREATE TABLE "EnterpriseRealNameInfo" (
+    "id" UUID NOT NULL DEFAULT gen_random_uuid(),
+    "userUid" UUID NOT NULL,
+    "enterpriseName" STRING,
+    "enterpriseQualification" STRING,
+    "legalRepresentativePhone" STRING,
+    "isVerified" BOOL NOT NULL DEFAULT false,
+    "verificationStatus" STRING,
+    "createdAt" TIMESTAMPTZ(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMPTZ(3) NOT NULL,
+    "additionalInfo" JSONB,
+    "supportingMaterials" JSONB,
+
+    CONSTRAINT "EnterpriseRealNameInfo_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "EnterpriseRealNameInfo_userUid_key" ON "EnterpriseRealNameInfo"("userUid");
diff --git a/frontend/desktop/prisma/global/schema.prisma b/frontend/desktop/prisma/global/schema.prisma
index 1cc93be5eb4..00526b0c2a2 100644
--- a/frontend/desktop/prisma/global/schema.prisma
+++ b/frontend/desktop/prisma/global/schema.prisma
@@ -244,25 +244,41 @@ model UserRealNameInfo {
   @@map("UserRealNameInfo")
 }
 
+model EnterpriseRealNameInfo {
+  id                       String   @id @default(dbgenerated("gen_random_uuid()")) @db.Uuid
+  userUid                  String   @unique @db.Uuid
+  enterpriseName           String?
+  enterpriseQualification  String?
+  legalRepresentativePhone String?
+  isVerified               Boolean  @default(false)
+  verificationStatus       String?
+  createdAt                DateTime @default(now()) @db.Timestamptz(3)
+  updatedAt                DateTime @updatedAt @db.Timestamptz(3)
+  additionalInfo           Json?
+  supportingMaterials      Json?
+
+  @@map("EnterpriseRealNameInfo")
+}
+
 model RestrictedUser {
-  id               String   @id @default(dbgenerated("gen_random_uuid()")) @db.Uuid
-  userUid          String   @unique @db.Uuid
-  restrictedLevel  Int
-  createdAt        DateTime @default(now()) @db.Timestamptz(3)
-  updatedAt        DateTime @updatedAt @db.Timestamptz(3)
-  additionalInfo   Json?
+  id              String   @id @default(dbgenerated("gen_random_uuid()")) @db.Uuid
+  userUid         String   @unique @db.Uuid
+  restrictedLevel Int
+  createdAt       DateTime @default(now()) @db.Timestamptz(3)
+  updatedAt       DateTime @updatedAt @db.Timestamptz(3)
+  additionalInfo  Json?
 
   @@map("RestrictedUser")
 }
 
 model RealNameAuthProvider {
-  id        String   @id @default(dbgenerated("gen_random_uuid()")) @db.Uuid
-  backend   String
-  authType  String
+  id             String   @id @default(dbgenerated("gen_random_uuid()")) @db.Uuid
+  backend        String
+  authType       String
   maxFailedTimes Int
-  config    Json?
-  createdAt DateTime @default(now()) @db.Timestamptz(3)
-  updatedAt DateTime @updatedAt @db.Timestamptz(3)
+  config         Json?
+  createdAt      DateTime @default(now()) @db.Timestamptz(3)
+  updatedAt      DateTime @updatedAt @db.Timestamptz(3)
 
   @@map("RealNameAuthProvider")
 }
diff --git a/frontend/desktop/public/locales/en/common.json b/frontend/desktop/public/locales/en/common.json
index be27e8ac0c1..ce44ac4367d 100644
--- a/frontend/desktop/public/locales/en/common.json
+++ b/frontend/desktop/public/locales/en/common.json
@@ -14,6 +14,7 @@
   "and": "and",
   "app_info": "App Info",
   "app_launchpad": "App Launchpad",
+  "attachment": "appendix",
   "application_desktop": "Application desktop",
   "application_desktop_tips": "Installed application portal",
   "avatar": "Avatar",
@@ -22,6 +23,7 @@
   "bind_success": "Binding successful",
   "bonus": "Bonus",
   "bound": "Bound",
+  "business_license": "operating license",
   "cancel": "Cancel",
   "change": "Change",
   "change_binding": "Change Binding",
@@ -31,6 +33,7 @@
   "charge": "Charge",
   "click_anywhere_to_continue": "Click on any blank space to continue",
   "click_on_any_shadow_to_skip": "Click on any shadow to skip",
+  "click_to_upload_file": "Click to upload file",
   "completed": "Finish",
   "completed_the_deployment_of_an_nginx_for_the_first_time": "Completed the deployment of an nginx for the first time",
   "confirm": "Confirm",
@@ -64,9 +67,15 @@
   "emailchangesuccess": "Email modified successfully",
   "enter": "Enter",
   "enter_confirm": "Please enter {{value}} to confirm",
+  "enterprise_name": "Company name",
+  "enterprise_name_required": "Please enter the correct company name",
+  "enterprise_verification": "Enterprise real name",
   "expected_to_use_next_month": "Expected to use next month",
   "expected_used": "Expected used",
+  "face_recognition_failed": "Personal real name failed",
+  "face_recognition_success": "Personal real-name success",
   "failed_to_generate_invitation_link": "Failed to generate invitation link",
+  "failed_to_get_qr_code": "Failed to obtain real name QR code",
   "flow": "Traffic",
   "force_delete_keywords": "All resources cannot be recovered after account deletion.",
   "force_delete_tips": "There are still undeleted resources in your account. Once deleted, all resources will be unrecoverable. Please ensure you have backed up or transferred all important data.",
@@ -86,8 +95,6 @@
   "hello_welcome": "Hello, welcome to",
   "help_you_enable_high_availability_database": "Help you enable high availability database",
   "home": "home",
-  "idCard": "ID CARD",
-  "idCard_invalid": "INVAILD ID CARD FORMAT",
   "in_payment": "In Payment ...",
   "in_time": "In Time",
   "insufficient_balance": "Your account currently has outstanding payments",
@@ -130,7 +137,6 @@
   "more_apps": "More Apps",
   "name": "Name",
   "name_of_team": "Name of Workspace",
-  "name_required": "The name format is wrong",
   "new_email": "New email",
   "new_phone": "New mobile number",
   "newpassword": "New Password",
@@ -157,17 +163,16 @@
   "payment_result": "Payment Result",
   "payment_status": "Payment Status",
   "payment_successful": "Payment Successful",
+  "personal_verification": "Personal real name",
   "phone": "Phone",
-  "phone_invalid": "Invalid phone number format",
   "phone_number_tips": "Phone Number",
   "phonechangesuccess": "Mobile phone number modified successfully",
-  "placeholders_idCard": "Please enter your ID card number",
-  "placeholders_name": "Please enter your name",
-  "placeholders_phone": "Please enter your phone number",
-  "placeholders_verifycode": "please enter verification code",
   "please_enter": "Please enter",
   "please_enter_username": "Please enter your username",
+  "please_enter_your_enterprise_name": "Please enter your business name",
+  "please_fill_all_fields": "File cannot be empty",
   "please_read_and_agree_to_the_agreement": "Please read and agree to the agreement",
+  "please_upload_the_supporting_materials": "Please sign and seal near the download, and upload a photo",
   "privacy_policy": "Privacy Policy",
   "private_team_id_of_user": "User's ID",
   "purchase_history": "Purchase History",
@@ -180,11 +185,9 @@
   "read_and_agree": "Please read and agree to the agreement below",
   "realNameVerification": "Real Name Verification",
   "realName_verification": "Real Name Verification",
-  "realname_auth_failed_tips": "The mobile number has been occupied by another account. Please unbind the mobile number or merge the accounts first.",
   "realname_auth_now": "Click to verify your name",
   "realname_auth_reminder": "Real-name authentication reminder",
   "realname_auth_reminder_desc": "Domestic availability zones require real-name authentication, and use without real-name authentication will be restricted.",
-  "realname_auth_success": "Identity verification success",
   "realname_auth_tips_a": "1. Please ensure that the name, ID number and mobile phone number filled in are consistent.",
   "realname_auth_tips_b": "2. The number segments provided by some virtual operators may not pass verification. Please apply for a work order and pass manual verification.",
   "realname_info": "RealName",
@@ -203,6 +206,8 @@
   "remove": "Remove",
   "remove_member_tips": "Determine that you want to remove the member?",
   "rename": "Rename",
+  "retry_get_qr_code": "reacquire",
+  "scan_qr_code_for_face_recognition": "Use WeChat on your mobile phone to scan the QR code to complete identity verification",
   "scan_with_wechat": "Scan with WeChat",
   "sealos_copilot": "Sealos Copilot",
   "sealos_document": "Sealos Document",
@@ -217,6 +222,7 @@
   "status": "Status",
   "storage": "Storage",
   "submit_error": "Submit Error",
+  "supporting_materials": "Proof material",
   "switching_disc": "Switching Disc",
   "team": "Workspace",
   "terminal": "Terminal",
@@ -228,6 +234,7 @@
   "unbound": "Unbound",
   "under_active_development": "Under active development 🚧",
   "unread": "Unread",
+  "upload_success": "Upload successful",
   "used_last_month": "Used last month",
   "used_resources": "Used Resources",
   "user_name": "User Name",
@@ -242,13 +249,13 @@
     "task_launchpad_title": "Deploy App"
   },
   "verification_code_login": "with Phone",
-  "verifyCode_invalid": "Verification code format is incorrect",
   "verify_code_tips": "6-digit Verification Code",
   "verify_password": "Verify password",
   "verifycode": "verification",
   "view_discount_rules": "View recharge discount rules.",
   "view_later": "Talk to You later",
   "waiting": "Waiting",
+  "waiting_for_face_recognition": "Real name result query in progress...",
   "warning": "Warning",
   "wechat": "Wechat",
   "work_order": "Work Order",
@@ -258,4 +265,4 @@
   "you_can_view_fees_through_the_fee_center": "You can view fees through the fee center",
   "you_have_not_purchased_the_license": "You have not purchased the License",
   "yuan": "Yuan"
-}
\ No newline at end of file
+}
diff --git a/frontend/desktop/public/locales/zh/common.json b/frontend/desktop/public/locales/zh/common.json
index 8f444358963..cb7c1cb74a4 100644
--- a/frontend/desktop/public/locales/zh/common.json
+++ b/frontend/desktop/public/locales/zh/common.json
@@ -13,6 +13,7 @@
   "amount_forecast": "根据近一天消耗金额进行预测",
   "and": "和",
   "app_info": "应用信息",
+  "attachment": "附件",
   "application_desktop": "应用桌面",
   "application_desktop_tips": "已安装应用入口",
   "avatar": "头像",
@@ -21,6 +22,7 @@
   "bind_success": "绑定成功",
   "bonus": "赠",
   "bound": "已绑定",
+  "business_license": "营运执照",
   "cancel": "取消",
   "change": "变更",
   "change_binding": "改绑",
@@ -30,6 +32,7 @@
   "charge": "充值",
   "click_anywhere_to_continue": "点击任意空白继续",
   "click_on_any_shadow_to_skip": "点击任意阴影跳过",
+  "click_to_upload_file": "点击上传文件",
   "completed": "完成",
   "completed_the_deployment_of_an_nginx_for_the_first_time": "部署一个 nginx ，首次完成 将",
   "confirm": "确认",
@@ -61,9 +64,15 @@
   "emailchangesuccess": "电子邮箱修改成功",
   "enter": "输入",
   "enter_confirm": "请输入 {{value}} 确认",
+  "enterprise_name": "企业名称",
+  "enterprise_name_required": "请输入正确的企业名字",
+  "enterprise_verification": "企业实名",
   "expected_to_use_next_month": "下月预计使用",
   "expected_used": "预计还能使用",
+  "face_recognition_failed": "个人实名失败",
+  "face_recognition_success": "个人实名成功",
   "failed_to_generate_invitation_link": "生成邀请链接失败",
+  "failed_to_get_qr_code": "获取实名二维码失败",
   "flow": "流量",
   "force_delete_keywords": "注销后所有资源无法恢复",
   "force_delete_tips": "您的账号中仍有未删除的资源。一旦注销，所有资源将无法恢复。请确保已经备份或转移了所有重要数据。",
@@ -83,8 +92,6 @@
   "hello_welcome": "您好, 欢迎来到",
   "help_you_enable_high_availability_database": "帮您启用高可用数据库",
   "home": "首页",
-  "idCard": "身份证",
-  "idCard_invalid": "身份证格式不对",
   "in_payment": "支付中 ...",
   "in_time": "加入时间",
   "insufficient_balance": "您的账户目前存在未结清的款项",
@@ -126,7 +133,6 @@
   "more_apps": "更多应用",
   "name": "姓名",
   "name_of_team": "工作空间名称",
-  "name_required": "姓名格式不对",
   "new_email": "新电子邮箱",
   "new_phone": "新手机号",
   "newpassword": "新密码",
@@ -153,17 +159,17 @@
   "payment_result": "支付结果",
   "payment_status": "支付状态",
   "payment_successful": "支付成功",
+  "personal_verification": "个人实名",
   "phone": "手机号",
-  "phone_invalid": "电话号码格式不正确",
   "phone_number_tips": "手机号",
   "phonechangesuccess": "手机号修改成功",
-  "placeholders_idCard": "请输入您的身份证号码",
-  "placeholders_name": "请输入您的姓名",
-  "placeholders_phone": "请输入您的电话号码",
-  "placeholders_verifycode": "请输入验证码",
   "please_enter": "请输入",
   "please_enter_username": "请输入您的用户名",
+  "please_enter_your_enterprise_name": "请输入您的企业名称",
+  "please_fill_all_fields": "文件不能为空",
   "please_read_and_agree_to_the_agreement": "请阅读并同意协议",
+  "please_upload_the_business_license": "请上传企业的运营资质照片",
+  "please_upload_the_supporting_materials": "请在下载的附近上签名并盖好公章，上传照片",
   "privacy_policy": "隐私政策",
   "private_team_id_of_user": "用户ID",
   "purchase_history": "购买记录",
@@ -176,11 +182,9 @@
   "read_and_agree": "请阅读并同意下方协议",
   "realNameVerification": "实名认证",
   "realName_verification": "实名认证",
-  "realname_auth_failed_tips": "手机号已被其他账号占用，请先解绑该手机号，或者完成账号合并操作。",
   "realname_auth_now": "点击进行实名",
   "realname_auth_reminder": "实名认证提醒",
   "realname_auth_reminder_desc": "国内可用区需要实名认证，未实名认证将会被限制使用，",
-  "realname_auth_success": "实名认证成功",
   "realname_auth_tips_a": "1、请确保所填写的姓名、身份证号码和手机号码信息一致。",
   "realname_auth_tips_b": "2、部分虚拟运营商提供的号段可能无法验证通过，请申请工单通过人工协助认证。",
   "realname_info": "实名信息",
@@ -199,6 +203,8 @@
   "remove": "移除",
   "remove_member_tips": "确认要移除该成员?",
   "rename": "重命名",
+  "retry_get_qr_code": "重新获取",
+  "scan_qr_code_for_face_recognition": "使用手机微信扫描二维码，完成身份验证",
   "scan_with_wechat": "微信扫码支付",
   "sealos_copilot": "Sealos 小助理",
   "sealos_newcomer_benefits": "Sealos 新手福利",
@@ -212,6 +218,7 @@
   "status": "状态",
   "storage": "存储",
   "submit_error": "提交错误",
+  "supporting_materials": "证明材料",
   "switching_disc": "切换圆盘",
   "team": "工作空间",
   "the_invited_user_must_be_others": "只能邀请其他人",
@@ -221,6 +228,7 @@
   "unbound": "未绑定",
   "under_active_development": "正在积极开发中 🚧",
   "unread": "未读",
+  "upload_success": "上传成功",
   "used_last_month": "上月已使用",
   "used_resources": "已用资源",
   "user_name": "用户名",
@@ -235,13 +243,13 @@
     "task_appstore_title": "应用商店"
   },
   "verification_code_login": "手机号登录",
-  "verifyCode_invalid": "验证码格式不对",
   "verify_code_tips": "6位验证码",
   "verify_password": "确认密码",
   "verifycode": "验证码",
   "view_discount_rules": "查看优惠规则",
   "view_later": "稍后再说",
   "waiting": "等待中",
+  "waiting_for_face_recognition": "实名结果查询中...",
   "warning": "警告",
   "wechat": "微信",
   "work_order": "工单",
@@ -251,4 +259,4 @@
   "you_can_view_fees_through_the_fee_center": "您可通过费用中心查看费用",
   "you_have_not_purchased_the_license": "您还没有购买 License",
   "yuan": "元"
-}
\ No newline at end of file
+}
diff --git a/frontend/desktop/src/api/auth.ts b/frontend/desktop/src/api/auth.ts
index 0819d115c3e..33ee7e991d7 100644
--- a/frontend/desktop/src/api/auth.ts
+++ b/frontend/desktop/src/api/auth.ts
@@ -58,6 +58,8 @@ export const _UserInfo = (request: AxiosInstance) => () =>
     ApiResp<{
       info: {
         realName?: string;
+        enterpriseVerificationStatus?: string;
+        enterpriseRealName?: string;
         userRestrictedLevel?: number;
         uid: string;
         createdAt: Date;
@@ -158,9 +160,29 @@ export const _checkRemainResource = (request: AxiosInstance) => () =>
 
 export const _forceDeleteUser = (request: AxiosInstance) => (data: { code: string }) =>
   request.post<never, ApiResp<DELETE_USER_STATUS>>('/api/auth/delete/force', data);
-export const _realNameAuthRequest =
-  (request: AxiosInstance) => (data: { name: string; phone?: string; idCard: string }) =>
-    request.post<any, ApiResp<{ name: string }>>('/api/account/realNameAuth', data);
+
+export const _faceAuthGenerateQRcodeUriRequest = (request: AxiosInstance) => () =>
+  request.get<any, ApiResp<{ url: string; bizToken: string }>>(
+    '/api/account/generateRealNameQRcodeUri'
+  );
+
+export const _getFaceAuthStatusRequest = (request: AxiosInstance) => (data: { bizToken: string }) =>
+  request.post<any, ApiResp<{ status: string; realName: string }>>(
+    '/api/account/getFaceAuthStatus',
+    data
+  );
+
+export const _enterpriseRealNameAuthRequest = (request: AxiosInstance) => (data: FormData) => {
+  return request.post<any, ApiResp<{ status: string }>>(
+    '/api/account/enterpriseRealNameAuth',
+    data,
+    {
+      headers: {
+        'Content-Type': 'multipart/form-data'
+      }
+    }
+  );
+};
 
 export const _getAmount = (request: AxiosInstance) => () =>
   request<never, ApiResp<{ balance: number; deductionBalance: number }>>('/api/account/getAmount');
@@ -189,6 +211,8 @@ export const deleteUserRequest = _deleteUser(request);
 export const checkRemainResource = _checkRemainResource(request);
 export const forceDeleteUser = _forceDeleteUser(request);
 
-export const realNameAuthRequest = _realNameAuthRequest(request);
+export const enterpriseRealNameAuthRequest = _enterpriseRealNameAuthRequest(request);
+export const faceAuthGenerateQRcodeUriRequest = _faceAuthGenerateQRcodeUriRequest(request);
+export const getFaceAuthStatusRequest = _getFaceAuthStatusRequest(request);
 
 export const getAmount = _getAmount(request);
diff --git a/frontend/desktop/src/components/account/AccountCenter/index.tsx b/frontend/desktop/src/components/account/AccountCenter/index.tsx
index 81ad850881c..43a29c05a5e 100644
--- a/frontend/desktop/src/components/account/AccountCenter/index.tsx
+++ b/frontend/desktop/src/components/account/AccountCenter/index.tsx
@@ -222,8 +222,18 @@ export default function Index(props: Omit<IconButtonProps, 'aria-label'>) {
                     <ConfigItem
                       LeftElement={<Text>{t('common:realname_info')}</Text>}
                       RightElement={
+                        infoData.data.enterpriseVerificationStatus === 'Success' ||
                         infoData.data.realName ? (
-                          <Flex flex={1}>{infoData?.data.realName}</Flex>
+                          <Flex flex={1}>
+                            <Text
+                              maxWidth="200px"
+                              whiteSpace="nowrap"
+                              overflow="hidden"
+                              textOverflow="ellipsis"
+                            >
+                              {infoData?.data.enterpriseRealName || infoData?.data.realName}
+                            </Text>
+                          </Flex>
                         ) : (
                           <Badge
                             cursor="pointer"
diff --git a/frontend/desktop/src/components/account/RealNameModal.tsx b/frontend/desktop/src/components/account/RealNameModal.tsx
index 18d5531209a..a523d7d9bcc 100644
--- a/frontend/desktop/src/components/account/RealNameModal.tsx
+++ b/frontend/desktop/src/components/account/RealNameModal.tsx
@@ -9,40 +9,40 @@ import {
   useDisclosure,
   VStack,
   FormControl,
-  HStack,
   FormLabel,
   Button,
-  FormErrorMessage,
   Input,
   useToast,
-  FlexProps,
   UseToastOptions,
   Box,
   Flex,
   Center,
   Spinner,
-  InputGroup,
-  InputRightElement,
-  Link
+  Link,
+  FormErrorMessage,
+  HStack,
+  TabIndicator,
+  FlexProps
 } from '@chakra-ui/react';
 import { CloseIcon, useMessage, WarningIcon } from '@sealos/ui';
 import { useTranslation } from 'next-i18next';
-import React, { MouseEventHandler, ReactElement, useEffect, useState } from 'react';
+import React, { ReactElement, useCallback, useEffect, useState } from 'react';
+import { Tabs, TabList, TabPanels, Tab, TabPanel } from '@chakra-ui/react';
 import { useForm } from 'react-hook-form';
 import { z } from 'zod';
 import { zodResolver } from '@hookform/resolvers/zod';
-import { identityCodeValid } from '@/utils/tools';
 import {
-  getSmsBindCodeRequest,
-  realNameAuthRequest,
-  UserInfo,
-  verifySmsBindRequest
+  enterpriseRealNameAuthRequest,
+  faceAuthGenerateQRcodeUriRequest,
+  getFaceAuthStatusRequest
 } from '@/api/auth';
 import { useMutation, useQueryClient } from '@tanstack/react-query';
 import useSessionStore from '@/stores/session';
 import { useQuery } from '@tanstack/react-query';
-import { useTimer } from '@/hooks/useTimer';
-import { SmsType } from '@/services/backend/db/verifyCode';
+import QRCode from 'qrcode.react';
+import { useDropzone } from 'react-dropzone';
+import { useConfigStore } from '@/stores/config';
+import { DeleteIcon, PictureIcon, UploadIcon, AttachmentIcon } from '../icons';
 
 export function useRealNameAuthNotification(props?: UseToastOptions) {
   const { t } = useTranslation();
@@ -136,49 +136,538 @@ export function useRealNameAuthNotification(props?: UseToastOptions) {
   };
 }
 
+function RealNameModal(props: {
+  children: React.ReactElement;
+  onModalOpen?: () => void;
+  onModalClose?: () => void;
+  onFormSuccess?: () => void;
+}): ReactElement {
+  const { t } = useTranslation();
+  const { children } = props;
+  const { isOpen, onOpen, onClose } = useDisclosure();
+
+  const handleClose = () => {
+    onClose();
+    if (props.onModalClose && typeof props.onModalClose === 'function') {
+      props.onModalClose();
+    }
+  };
+
+  return (
+    <>
+      {children &&
+        React.cloneElement(children, {
+          onClick: () => {
+            onOpen();
+            if (props.onModalOpen && typeof props.onModalOpen === 'function') {
+              props.onModalOpen();
+            }
+          }
+        })}
+
+      <Modal isOpen={isOpen} onClose={handleClose} isCentered>
+        <ModalOverlay />
+        <ModalContent
+          borderRadius={'12px'}
+          maxW={'540px'}
+          bgColor={'#FFF'}
+          backdropFilter="blur(150px)"
+        >
+          <ModalCloseButton right={'20px'} top="12px" p="0" />
+          <ModalHeader
+            bg={'grayModern.25'}
+            borderBottomWidth={'1px'}
+            borderBottomColor={'grayModern.100'}
+            p="15px 20px"
+          >
+            <Text>{t('common:realName_verification')}</Text>
+          </ModalHeader>
+          <ModalBody w="100%" py="32px" px={'60px'}>
+            <Tabs position="relative" variant="unstyled" isLazy>
+              <TabList gap="12px">
+                <Tab
+                  display="flex"
+                  padding="8px 4px"
+                  justifyContent="center"
+                  alignItems="center"
+                  gap="10px"
+                  color="grayModern.500"
+                  fontWeight={500}
+                  _selected={{ color: 'grayModern.900' }}
+                  _focus={{ boxShadow: 'none' }}
+                >
+                  {t('common:personal_verification')}
+                </Tab>
+                <Tab
+                  display="flex"
+                  padding="8px 4px"
+                  justifyContent="center"
+                  alignItems="center"
+                  fontWeight={500}
+                  gap="10px"
+                  color="grayModern.500"
+                  _selected={{ color: 'grayModern.900' }}
+                  _focus={{ boxShadow: 'none' }}
+                >
+                  {t('common:enterprise_verification')}
+                </Tab>
+              </TabList>
+              <TabIndicator height="2px" bg="grayModern.900" borderRadius="1px" />
+              <TabPanels mt="28px">
+                <TabPanel p="0">
+                  <FaceIdRealNameAuthORcode
+                    onFormSuccess={() => {
+                      onClose();
+                      if (props.onFormSuccess && typeof props.onFormSuccess === 'function') {
+                        props.onFormSuccess();
+                      }
+                    }}
+                  />
+                </TabPanel>
+                <TabPanel p="0">
+                  <EnterpriseVerification
+                    onFormSuccess={() => {
+                      onClose();
+                      if (props.onFormSuccess && typeof props.onFormSuccess === 'function') {
+                        props.onFormSuccess();
+                      }
+                    }}
+                  />
+                </TabPanel>
+              </TabPanels>
+            </Tabs>
+          </ModalBody>
+        </ModalContent>
+      </Modal>
+    </>
+  );
+}
+
 export function RealNameAuthForm(
   props: FlexProps & {
     onFormSuccess?: () => void;
   }
-): ReactElement {
-  const { message } = useMessage();
+) {
   const { t } = useTranslation();
-  const { setSessionProp } = useSessionStore();
-  const { session } = useSessionStore((s) => s);
-  const [phoneNumber, setPhoneNumber] = useState<string | null>(null);
+  return (
+    <Tabs position="relative" variant="unstyled" isLazy>
+      <TabList gap="12px">
+        <Tab
+          display="flex"
+          padding="8px 4px"
+          justifyContent="center"
+          alignItems="center"
+          gap="10px"
+          color="grayModern.500"
+          fontWeight={500}
+          _selected={{ color: 'grayModern.900' }}
+          _focus={{ boxShadow: 'none' }}
+        >
+          {t('common:personal_verification')}
+        </Tab>
+        <Tab
+          display="flex"
+          padding="8px 4px"
+          justifyContent="center"
+          alignItems="center"
+          fontWeight={500}
+          gap="10px"
+          color="grayModern.500"
+          _selected={{ color: 'grayModern.900' }}
+          _focus={{ boxShadow: 'none' }}
+        >
+          {t('common:enterprise_verification')}
+        </Tab>
+      </TabList>
+      <TabIndicator height="2px" bg="grayModern.900" borderRadius="1px" />
+      <TabPanels mt="28px">
+        <TabPanel p="0">
+          <FaceIdRealNameAuthORcode
+            onFormSuccess={() => {
+              if (props.onFormSuccess && typeof props.onFormSuccess === 'function') {
+                props.onFormSuccess();
+              }
+            }}
+          />
+        </TabPanel>
+        <TabPanel p="0">
+          <EnterpriseVerification
+            onFormSuccess={() => {
+              if (props.onFormSuccess && typeof props.onFormSuccess === 'function') {
+                props.onFormSuccess();
+              }
+            }}
+          />
+        </TabPanel>
+      </TabPanels>
+    </Tabs>
+  );
+}
 
+export function FaceIdRealNameAuthORcode(
+  props: FlexProps & {
+    onFormSuccess?: () => void;
+  }
+) {
+  const { t } = useTranslation();
+  const { message } = useMessage();
   const queryClient = useQueryClient();
-  const infoData = useQuery({
-    queryFn: UserInfo,
-    queryKey: [session?.token, 'UserInfo'],
-    select(d) {
-      return d.data?.info;
+  const [isPolling, setIsPolling] = useState(false);
+  const { session } = useSessionStore((s) => s);
+  const { setSessionProp } = useSessionStore();
+  const [refetchCount, setRefetchCount] = useState(0);
+
+  const { data, isLoading, error, refetch } = useQuery(
+    ['faceIdAuth'],
+    faceAuthGenerateQRcodeUriRequest,
+    {
+      retry: false,
+      refetchOnWindowFocus: false
     }
-  });
+  );
+
+  const handleRefetch = useCallback(() => {
+    setRefetchCount((prev) => prev + 1);
+    refetch();
+  }, [refetch]);
+
+  useEffect(() => {
+    let intervalId: NodeJS.Timeout;
+
+    const bizToken = data?.data?.bizToken;
+
+    if (!bizToken) {
+      return;
+    }
+
+    const stopPolling = () => {
+      if (intervalId) clearInterval(intervalId);
+      setIsPolling(false);
+    };
+
+    const startPolling = () => {
+      if (!isPolling) {
+        setIsPolling(true);
+        intervalId = setInterval(async () => {
+          try {
+            const result = await getFaceAuthStatusRequest({ bizToken });
+            if (result.data?.status === 'Success') {
+              message({
+                title: t('common:face_recognition_success'),
+                status: 'success',
+                duration: 2000,
+                isClosable: true
+              });
+
+              setSessionProp('user', {
+                ...useSessionStore.getState().session!.user!,
+                realName: result.data?.realName
+              });
+
+              queryClient.invalidateQueries([session?.token, 'UserInfo']);
+
+              stopPolling();
+
+              if (props.onFormSuccess && typeof props.onFormSuccess === 'function') {
+                props.onFormSuccess();
+              }
+            }
+            if (result.data?.status === 'Failed') {
+              message({
+                title: t('common:face_recognition_failed'),
+                status: 'error',
+                duration: 2000,
+                isClosable: true
+              });
+
+              stopPolling();
+              handleRefetch();
+            }
+          } catch (error: any) {
+            console.error('Error checking face ID auth status:', error);
+            message({
+              title: error.message,
+              status: 'error',
+              duration: 2000,
+              isClosable: true
+            });
+          }
+        }, 2000);
+      }
+    };
+
+    startPolling();
+
+    return stopPolling;
+  }, [session?.token, data, data?.data?.bizToken, refetchCount]);
+
+  if (error) {
+    return (
+      <Box>
+        <Text color="red.500">{t('common:failed_to_get_qr_code')}</Text>
+        <Flex mt="28px">
+          <Button onClick={() => handleRefetch()}>{t('common:retry_get_qr_code')}</Button>
+        </Flex>
+      </Box>
+    );
+  }
+
+  if (isLoading) {
+    return (
+      <Center>
+        <Spinner />
+        <Text ml={3}>{t('common:loading')}</Text>
+      </Center>
+    );
+  }
+
+  return (
+    <Box>
+      {data?.data?.url && (
+        <>
+          <Flex flexDirection="column" alignItems="center" gap="16px" alignSelf="stretch">
+            <Text
+              color="grayModern.600"
+              fontFamily="PingFang SC"
+              fontSize="14px"
+              fontStyle="normal"
+              fontWeight={500}
+              lineHeight="20px"
+              letterSpacing="0.1px"
+              textAlign="center"
+            >
+              {t('common:scan_qr_code_for_face_recognition')}
+            </Text>
+            <Center>
+              <QRCode value={data.data.url} size={200} />
+            </Center>
+            {isPolling && (
+              <Text
+                color="grayModern.600"
+                fontFamily="PingFang SC"
+                fontSize="12px"
+                fontStyle="normal"
+                fontWeight={500}
+                lineHeight="20px" // 142.857%
+                letterSpacing="0.1px"
+                textAlign="center"
+              >
+                {t('common:waiting_for_face_recognition')}
+              </Text>
+            )}
+          </Flex>
+        </>
+      )}
+    </Box>
+  );
+}
 
-  const { seconds, startTimer, isRunning } = useTimer({
-    duration: 60,
-    step: 1
+function FileUploadBox({
+  onDrop,
+  file,
+  removeFile,
+  label,
+  description,
+  isAttachment
+}: {
+  onDrop: (acceptedFiles: File[]) => void;
+  file: File | null;
+  removeFile: () => void;
+  label: string;
+  description: string;
+  isAttachment?: boolean;
+}) {
+  const { commonConfig } = useConfigStore((s) => s);
+  const enterpriseSupportingMaterialsUri = commonConfig?.enterpriseSupportingMaterials;
+  const { getRootProps, getInputProps } = useDropzone({
+    onDrop,
+    maxFiles: 1,
+    accept: {
+      'image/*': ['.png', '.jpg', '.jpeg'],
+      'application/pdf': ['.pdf']
+    }
   });
-  const remainTime = 60 - seconds;
+  const { t } = useTranslation();
+
+  return (
+    <Box
+      h="116px"
+      display="flex"
+      justifyContent="space-between"
+      alignItems="flex-start"
+      alignSelf="stretch"
+      gap="var(--xs, 4px)"
+    >
+      <Text
+        mb={2}
+        color="grayModern.900"
+        fontFamily="PingFang SC"
+        fontSize="14px"
+        fontStyle="normal"
+        fontWeight={500}
+        lineHeight="20px"
+        letterSpacing="0.1px"
+      >
+        {label}
+      </Text>
+      <Box
+        w="328px"
+        h="116px"
+        display="flex"
+        flexDirection="column"
+        alignItems="flex-start"
+        gap="8px"
+      >
+        <Text
+          color="var(--light-general-on-surface-lowest, var(--Gray-Modern-500, #667085))"
+          fontFamily="PingFang SC"
+          fontSize="12px"
+          fontStyle="normal"
+          fontWeight={500}
+          lineHeight="16px"
+          letterSpacing="0.5px"
+        >
+          {description}
+        </Text>
+        <Box
+          id="upload-box"
+          h="64px"
+          display="flex"
+          alignItems="center"
+          justifyContent="center"
+          gap="10px"
+          width="100%"
+          borderRadius="var(--sm, 6px)"
+          border={
+            file
+              ? '1px dashed var(--Bright-Blue-500, #219BF4)'
+              : '1px dashed var(--Gray-Modern-300, #C4CBD7)'
+          }
+          bg={file ? 'var(--Bright-Blue-50, #F0FBFF)' : 'var(--Gray-Modern-25, #FBFBFC)'}
+          cursor="pointer"
+          {...getRootProps()}
+        >
+          <input {...getInputProps()} />
+          <Flex direction="column" alignItems="center" color="blue.500" gap="2px">
+            <UploadIcon width="20px" height="20px" />
+            <Text
+              color="var(--light-general-on-surface, var(--Gray-Modern-900, #111824))"
+              fontFamily="PingFang SC"
+              fontSize="10px"
+              fontStyle="normal"
+              fontWeight={500}
+              lineHeight="14px"
+              letterSpacing="0.2px"
+            >
+              {t('common:click_to_upload_file')}
+            </Text>
+          </Flex>
+        </Box>{' '}
+        <Flex
+          display="flex"
+          flexDirection="row"
+          alignItems="center" // Change to center for vertical alignment
+          justifyContent="space-between"
+          gap="4px"
+          alignSelf="stretch"
+          mt="-1.5"
+        >
+          <Flex flex="1" alignItems="center">
+            {file ? (
+              <Flex alignItems="center" justifyContent="flex-start" width="100%">
+                <Flex alignItems="center" gap="8px" minWidth="0">
+                  <PictureIcon h="16px" w="16px" flexShrink="0" />
+                  <Text
+                    flexShrink={1}
+                    maxWidth="200px"
+                    color="var(--light-general-on-surface-low, var(--Gray-Modern-600, #485264))"
+                    fontFamily="PingFang SC"
+                    fontSize="12px"
+                    fontStyle="normal"
+                    fontWeight={400}
+                    lineHeight="140%"
+                    whiteSpace="nowrap"
+                    overflow="hidden"
+                    textOverflow="ellipsis"
+                  >
+                    {file.name}
+                  </Text>
+                </Flex>
+                <Button
+                  size="sm"
+                  onClick={(e) => {
+                    e.stopPropagation();
+                    removeFile();
+                  }}
+                  variant="ghost"
+                  style={{
+                    display: 'flex',
+                    width: '24px',
+                    height: '24px',
+                    padding: 0,
+                    alignItems: 'center',
+                    justifyContent: 'center',
+                    minWidth: 'auto',
+                    flexShrink: 0
+                  }}
+                >
+                  <DeleteIcon h="16px" w="16px" />
+                </Button>
+              </Flex>
+            ) : null}
+          </Flex>
+          {isAttachment && (
+            <Link
+              gap="var(--sm, 6px)"
+              display="flex"
+              alignItems="center"
+              padding="var(--xs, 4px)"
+              ml="auto"
+              href={enterpriseSupportingMaterialsUri}
+              download
+              // mt={file ? '0' : '4px'}
+            >
+              <Flex alignItems="center" gap="6px">
+                <AttachmentIcon h="16px" w="16px" />
+                <Text
+                  color="var(--light-sealos-secondary-text, var(--Bright-Blue-600, #0884DD))"
+                  fontFamily="PingFang SC"
+                  fontSize="12px"
+                  fontWeight={500}
+                  lineHeight="16px"
+                  letterSpacing="0.5px"
+                >
+                  {t('common:attachment')}
+                </Text>
+              </Flex>
+            </Link>
+          )}
+        </Flex>
+      </Box>
+    </Box>
+  );
+}
+
+function EnterpriseVerification(
+  props: FlexProps & {
+    onFormSuccess?: () => void;
+  }
+) {
+  const { t } = useTranslation();
+  const { message } = useMessage();
+
+  const { session } = useSessionStore((s) => s);
+  const { setSessionProp } = useSessionStore();
+
+  const queryClient = useQueryClient();
 
   const schema = z.object({
-    name: z
-      .string()
-      .min(1, { message: t('common:name_required') })
-      .max(20, { message: t('common:name_required') }),
-    phone: z
+    enterpriseName: z
       .string()
-      .min(1, { message: t('common:phone_invalid') })
-      .regex(/^\d+$/, { message: t('common:phone_invalid') })
-      .max(16, { message: t('common:phone_invalid') }),
-    idCard: z.string().refine(identityCodeValid, { message: t('common:idCard_invalid') }),
-    verifyCode: z
-      .string()
-      .optional()
-      .refine((val) => (!phoneNumber ? /^\d{6}$/.test(val || '') : true), {
-        message: t('common:verifyCode_invalid')
-      })
+      .min(1, { message: t('common:enterprise_name_required') })
+      .max(50, { message: t('common:enterprise_name_required') }),
+    enterpriseQualification: z.instanceof(File).nullable(),
+    supportingMaterials: z.instanceof(File).nullable()
   });
 
   type FormData = z.infer<typeof schema>;
@@ -186,106 +675,58 @@ export function RealNameAuthForm(
   const {
     register,
     handleSubmit,
-    reset,
-    trigger,
-    getValues,
     setValue,
+    watch,
+    reset,
     formState: { errors }
   } = useForm<FormData>({
     resolver: zodResolver(schema),
-    mode: 'onChange'
+    defaultValues: {
+      enterpriseName: '',
+      enterpriseQualification: null,
+      supportingMaterials: null
+    }
   });
 
-  useEffect(() => {
-    if (infoData.isSuccess && infoData.data) {
-      const phoneProvider = infoData.data.oauthProvider.find((p) => p.providerType === 'PHONE');
-      const phoneNumber = phoneProvider?.providerId || null;
-      setPhoneNumber(phoneNumber);
-      if (phoneNumber) {
-        setValue('phone', phoneNumber, { shouldValidate: true });
-      }
-    }
-    // eslint-disable-next-line react-hooks/exhaustive-deps
-  }, [infoData.isSuccess, infoData.data]);
+  const enterpriseQualification = watch('enterpriseQualification');
+  const supportingMaterials = watch('supportingMaterials');
 
-  const getCodeMutation = useMutation({
-    mutationFn({ id, smsType }: { id: string; smsType: SmsType }) {
-      return getSmsBindCodeRequest(smsType)({ id });
-    },
-    onSuccess(data) {
-      startTimer();
-      message({
-        status: 'success',
-        title: t('common:already_sent_code'),
-        position: 'top',
-        duration: 2000,
-        isClosable: true
-      });
+  const onDropEnterpriseQualification = useCallback(
+    (acceptedFiles: File[]) => {
+      setValue('enterpriseQualification', acceptedFiles[0], { shouldValidate: true });
     },
-    onError(err) {
-      getCodeMutation.reset();
-      message({
-        status: 'error',
-        title: t('common:get_code_failed'),
-        position: 'top',
-        duration: 2000,
-        isClosable: true
-      });
-    }
-  });
+    [setValue]
+  );
 
-  const getCode: MouseEventHandler = async (e) => {
-    e.preventDefault();
-    if (isRunning) {
-      message({
-        status: 'warning',
-        title: t('common:already_sent_code'),
-        position: 'top',
-        duration: 2000,
-        isClosable: true
-      });
-      return;
-    }
-    if (!(await trigger('phone'))) {
-      message({
-        status: 'error',
-        title: t('common:invalid_phone_number'),
-        position: 'top',
-        duration: 2000,
-        isClosable: true
-      });
-      return;
-    }
-    const id = getValues('phone');
-    getCodeMutation.mutate({
-      id,
-      smsType: 'phone'
-    });
-  };
+  const onDropCertificateMaterial = useCallback(
+    (acceptedFiles: File[]) => {
+      setValue('supportingMaterials', acceptedFiles[0], { shouldValidate: true });
+    },
+    [setValue]
+  );
 
-  const verifyCodeAndSmsBindMutation = useMutation({
-    async mutationFn({ smsType, ...data }: { id: string; code: string; smsType: SmsType }) {
-      return verifySmsBindRequest('phone')(data);
-    }
-  });
+  const removeEnterpriseQualification = () =>
+    setValue('enterpriseQualification', null, { shouldValidate: true });
+  const removeSupportingMaterials = () =>
+    setValue('supportingMaterials', null, { shouldValidate: true });
 
-  const realNameAuthMutation = useMutation(realNameAuthRequest, {
+  const enterpriseRealNameAuthMutation = useMutation(enterpriseRealNameAuthRequest, {
     onSuccess: (data) => {
       if (data.code === 200) {
         message({
-          title: t('common:realname_auth_success'),
+          title: t('common:upload_success'),
           status: 'success',
           duration: 2000,
-          isClosable: true
+          isClosable: true,
+          position: 'top'
         });
 
+        queryClient.invalidateQueries([session?.token, 'UserInfo']);
         setSessionProp('user', {
           ...useSessionStore.getState().session!.user!,
-          realName: data.data?.name
+          enterpriseVerificationStatus: data.data?.status
         });
 
-        queryClient.invalidateQueries([session?.token, 'UserInfo']);
-
         reset();
 
         if (props.onFormSuccess && typeof props.onFormSuccess === 'function') {
@@ -312,42 +753,27 @@ export function RealNameAuthForm(
     }
   });
 
-  const onValidate = async (data: FormData) => {
-    if (!phoneNumber) {
-      try {
-        const verifyResult = await verifyCodeAndSmsBindMutation.mutateAsync({
-          id: data.phone,
-          code: data.verifyCode!,
-          smsType: 'phone'
-        });
-
-        if (verifyResult.code !== 200) {
-          message({
-            title: t('common:realname_auth_failed_tips'),
-            status: 'error',
-            position: 'top',
-            duration: 2000,
-            isClosable: true
-          });
+  const onValidate = async (data: {
+    enterpriseName: string;
+    enterpriseQualification: File | null;
+    supportingMaterials: File | null;
+  }) => {
+    if (!data.enterpriseQualification || !data.supportingMaterials) {
+      message({
+        title: t('common:please_fill_all_fields'),
+        status: 'warning',
+        position: 'top',
+        duration: 2000,
+        isClosable: true
+      });
 
-          return;
-        }
-      } catch (error) {
-        message({
-          title: (error as Error).message,
-          status: 'error',
-          position: 'top',
-          duration: 2000,
-          isClosable: true
-        });
-        return;
-      }
+      return;
     }
-
-    realNameAuthMutation.mutate({
-      name: data.name,
-      idCard: data.idCard
-    });
+    const formData = new FormData();
+    formData.append('enterpriseName', data.enterpriseName);
+    formData.append('enterpriseQualification', data.enterpriseQualification);
+    formData.append('supportingMaterials', data.supportingMaterials);
+    enterpriseRealNameAuthMutation.mutate(formData);
   };
 
   const onInvalid = () => {
@@ -366,226 +792,91 @@ export function RealNameAuthForm(
   const onSubmit = handleSubmit(onValidate, onInvalid);
 
   return (
-    <>
-      {infoData.isSuccess && infoData.data ? (
-        <VStack
-          w={'420px'}
-          alignItems={'stretch'}
-          fontSize={'14px'}
-          fontWeight={500}
-          gap={'30px'}
-          color={'grayModern.900'}
-        >
-          {/* Notification area */}
-          <Box bg="brightBlue.50" p={4} borderRadius="md" fontSize="12px" color="brightBlue.600">
-            <Text> {t('common:realname_auth_tips_a')}</Text>
-            <Text> {t('common:realname_auth_tips_b')}</Text>
-          </Box>
-
-          {/* Form area */}
-          <form onSubmit={onSubmit}>
-            <VStack alignItems={'stretch'} gap={'30px'}>
-              <FormControl isInvalid={!!errors.name}>
-                <HStack>
-                  <FormLabel w={'98px'} lineHeight="40px">
-                    {t('common:name')}
-                  </FormLabel>
-                  <Input
-                    flex={1}
-                    borderRadius="6px"
-                    border="1px solid #DEE0E2"
-                    color={'grayModern.500'}
-                    bgColor={'grayModern.50'}
-                    height="40px"
-                    pl={'12px'}
-                    fontSize={'14px'}
-                    _placeholder={{ color: 'grayModern.500' }}
-                    placeholder={t('common:placeholders_name')}
-                    {...register('name')}
-                  />
-                </HStack>
-                {errors.name && <FormErrorMessage>{errors.name.message}</FormErrorMessage>}
-              </FormControl>
-
-              <FormControl isInvalid={!!errors.phone}>
-                <HStack>
-                  <FormLabel w={'98px'} lineHeight="40px">
-                    {t('common:phone')}
-                  </FormLabel>
-                  <InputGroup flex={1}>
-                    <Input
-                      borderRadius="6px"
-                      border="1px solid #DEE0E2"
-                      color={'grayModern.500'}
-                      bgColor={'grayModern.50'}
-                      height="40px"
-                      pl={'12px'}
-                      pr={'72px'}
-                      fontSize={'14px'}
-                      _placeholder={{ color: 'grayModern.500' }}
-                      placeholder={t('common:placeholders_phone')}
-                      {...register('phone')}
-                      isReadOnly={!!phoneNumber}
-                    />
-                    {!phoneNumber && (
-                      <InputRightElement width="auto" h="100%">
-                        <Link
-                          onClick={getCode}
-                          color={'brightBlue.600'}
-                          fontSize={'11px'}
-                          pr="12px"
-                          pointerEvents={getCodeMutation.isLoading ? 'none' : 'auto'}
-                        >
-                          {t('common:get_code')}
-                        </Link>
-                      </InputRightElement>
-                    )}
-                  </InputGroup>
-                </HStack>
-                {errors.phone && <FormErrorMessage>{errors.phone.message}</FormErrorMessage>}
-              </FormControl>
-
-              {!phoneNumber && (
-                <FormControl isInvalid={!!errors.verifyCode}>
-                  <HStack>
-                    <FormLabel w={'98px'} lineHeight="40px">
-                      {t('common:verifycode')}
-                    </FormLabel>
-                    <InputGroup
-                      flex={1}
-                      borderRadius="6px"
-                      border="1px solid #DEE0E2"
-                      bgColor={'grayModern.50'}
-                    >
-                      <Input
-                        color={'grayModern.500'}
-                        height="40px"
-                        pl={'12px'}
-                        fontSize={'14px'}
-                        _placeholder={{ color: 'grayModern.500' }}
-                        autoComplete="one-time-code"
-                        placeholder={t('common:placeholders_verifycode')}
-                        {...register('verifyCode')}
-                      />
-                      <InputRightElement h="auto" width={'auto'} right={'12px'} insetY={'8px'}>
-                        {isRunning && <Text>{remainTime} s</Text>}
-                      </InputRightElement>
-                    </InputGroup>
-                  </HStack>
-                  {errors.verifyCode && (
-                    <FormErrorMessage>{errors.verifyCode.message}</FormErrorMessage>
-                  )}
-                </FormControl>
-              )}
-
-              <FormControl isInvalid={!!errors.idCard}>
-                <HStack>
-                  <FormLabel w={'98px'} lineHeight="40px">
-                    {t('common:idCard')}
-                  </FormLabel>
-                  <Input
-                    flex={1}
-                    borderRadius="6px"
-                    border="1px solid #DEE0E2"
-                    color={'grayModern.500'}
-                    bgColor={'grayModern.50'}
-                    height="40px"
-                    pl={'12px'}
-                    fontSize={'14px'}
-                    _placeholder={{ color: 'grayModern.500' }}
-                    placeholder={t('common:placeholders_idCard')}
-                    {...register('idCard')}
-                  />
-                </HStack>
-                {errors.idCard && <FormErrorMessage>{errors.idCard.message}</FormErrorMessage>}
-              </FormControl>
-
-              <Button
-                variant={'primary'}
-                ml="auto"
-                type="submit"
-                height="40px"
-                px="16px"
-                _active={{ transform: 'scale(0.95)' }}
-                isLoading={
-                  realNameAuthMutation.isLoading ||
-                  verifyCodeAndSmsBindMutation.isLoading ||
-                  getCodeMutation.isLoading
-                }
-              >
-                {t('common:confirm')}
-              </Button>
-            </VStack>
-          </form>
-        </VStack>
-      ) : (
-        <Center h="100%">
-          <Spinner />
-        </Center>
-      )}
-    </>
-  );
-}
-
-function RealNameModal(props: {
-  children: React.ReactElement;
-  onModalOpen?: () => void;
-  onModalClose?: () => void;
-  onFormSuccess?: () => void;
-}): ReactElement {
-  const { t } = useTranslation();
-  const { children } = props;
-  const { isOpen, onOpen, onClose } = useDisclosure();
-
-  const handleClose = () => {
-    onClose();
-    if (props.onModalClose && typeof props.onModalClose === 'function') {
-      props.onModalClose();
-    }
-  };
-
-  return (
-    <>
-      {children &&
-        React.cloneElement(children, {
-          onClick: () => {
-            onOpen();
-            if (props.onModalOpen && typeof props.onModalOpen === 'function') {
-              props.onModalOpen();
-            }
-          }
-        })}
-
-      <Modal isOpen={isOpen} onClose={handleClose} isCentered>
-        <ModalOverlay />
-        <ModalContent
-          borderRadius={'12px'}
-          maxW={'540px'}
-          bgColor={'#FFF'}
-          backdropFilter="blur(150px)"
-        >
-          <ModalCloseButton right={'20px'} top="12px" p="0" />
-          <ModalHeader
-            bg={'grayModern.25'}
-            borderBottomWidth={'1px'}
-            borderBottomColor={'grayModern.100'}
-            p="15px 20px"
+    <form onSubmit={onSubmit}>
+      <VStack
+        align="flex-start"
+        gap="24px"
+        sx={{
+          flexDirection: 'column'
+        }}
+      >
+        <FormControl isInvalid={!!errors.enterpriseName}>
+          <HStack
+            display="flex"
+            justifyContent="space-between"
+            alignItems="center"
+            alignSelf="stretch"
+            h="32px"
           >
-            <Text>{t('common:realName_verification')}</Text>
-          </ModalHeader>
-          <ModalBody w="100%" py="32px" px={'60px'}>
-            <RealNameAuthForm
-              onFormSuccess={() => {
-                onClose();
-                if (props.onFormSuccess && typeof props.onFormSuccess === 'function') {
-                  props.onFormSuccess();
-                }
-              }}
+            <FormLabel
+              color="grayModern.900"
+              fontFamily="PingFang SC"
+              fontSize="14px"
+              fontStyle="normal"
+              fontWeight={500}
+              lineHeight="20px"
+              letterSpacing="0.1px"
+            >
+              {t('common:enterprise_name')}
+            </FormLabel>
+            <Input
+              placeholder={t('common:please_enter_your_enterprise_name')}
+              {...register('enterpriseName')}
+              display="flex"
+              width="328px"
+              height="32px"
+              padding="8px 12px"
+              alignItems="center"
+              borderRadius="6px"
+              border="1px solid #E8EBF0"
+              background="#F7F8FA"
+              color="grayModern.500"
             />
-          </ModalBody>
-        </ModalContent>
-      </Modal>
-    </>
+          </HStack>
+          {errors.enterpriseName && (
+            <FormErrorMessage>{errors.enterpriseName.message}</FormErrorMessage>
+          )}
+        </FormControl>
+
+        <FileUploadBox
+          onDrop={onDropEnterpriseQualification}
+          file={enterpriseQualification}
+          removeFile={removeEnterpriseQualification}
+          label={t('common:business_license')}
+          description={t('common:please_upload_the_business_license')}
+        />
+
+        <FileUploadBox
+          onDrop={onDropCertificateMaterial}
+          file={supportingMaterials}
+          removeFile={removeSupportingMaterials}
+          label={t('common:supporting_materials')}
+          description={t('common:please_upload_the_supporting_materials')}
+          isAttachment={true}
+        />
+
+        <Flex alignItems="flex-end" gap="36px" alignSelf="stretch" flexDirection="column">
+          <Flex flexDirection="column" gap="16px" alignItems="flex-end">
+            <Button
+              type="submit"
+              colorScheme="blue"
+              // isDisabled={!enterpriseQualification || !supportingMaterials}
+              isLoading={enterpriseRealNameAuthMutation.isLoading}
+              display="flex"
+              padding="var(--xs, 4px)"
+              justifyContent="center"
+              alignItems="center"
+              gap="var(--sm, 6px)"
+              borderRadius="8px"
+              width="90px"
+            >
+              {t('common:confirm')}
+            </Button>
+          </Flex>
+        </Flex>
+      </VStack>
+    </form>
   );
 }
+
 export default RealNameModal;
diff --git a/frontend/desktop/src/components/desktop_content/index.tsx b/frontend/desktop/src/components/desktop_content/index.tsx
index 55dad633f81..41e2c06bd71 100644
--- a/frontend/desktop/src/components/desktop_content/index.tsx
+++ b/frontend/desktop/src/components/desktop_content/index.tsx
@@ -125,11 +125,13 @@ export default function Desktop(props: any) {
   }, [openDesktopApp]);
 
   useEffect(() => {
-    if (infoData.isSuccess && !infoData?.data?.realName && commonConfig?.realNameAuthEnabled) {
-      realNameAuthNotificationIdRef.current = realNameAuthNotification({
-        duration: null,
-        isClosable: true
-      });
+    if (infoData.isSuccess && commonConfig?.realNameAuthEnabled) {
+      if (!infoData?.data?.realName && infoData?.data?.enterpriseVerificationStatus !== 'Success') {
+        realNameAuthNotificationIdRef.current = realNameAuthNotification({
+          duration: null,
+          isClosable: true
+        });
+      }
     }
 
     return () => {
diff --git a/frontend/desktop/src/components/icons/index.tsx b/frontend/desktop/src/components/icons/index.tsx
index c4ba436bcdb..ca179965342 100644
--- a/frontend/desktop/src/components/icons/index.tsx
+++ b/frontend/desktop/src/components/icons/index.tsx
@@ -560,3 +560,87 @@ export function RightArrowIcon(props: IconProps) {
     </Icon>
   );
 }
+
+export function UploadIcon(props: IconProps) {
+  return (
+    <Icon
+      xmlns="http://www.w3.org/2000/svg"
+      width="21px" // Set width as per your original SVG
+      height="21px" // Set height as per your original SVG
+      viewBox="0 0 21 21"
+      fill="none"
+      {...props} // Spread props to allow customization
+    >
+      <path
+        fillRule="evenodd"
+        clipRule="evenodd"
+        d="M19.7377 12.6862C19.7377 14.9216 18.0184 16.7553 15.8301 16.9373V16.9521H5.73556V16.9512C3.42221 16.902 1.56201 15.0114 1.56201 12.6862C1.56201 10.6856 2.9392 9.00662 4.79727 8.54563C5.48431 5.95617 7.84424 4.04785 10.6499 4.04785C13.4555 4.04785 15.8155 5.95617 16.5025 8.54563C18.3606 9.00662 19.7377 10.6856 19.7377 12.6862ZM10.6499 15.1951C10.1897 15.1951 9.81656 14.822 9.81656 14.3617V11.0824L9.35839 11.5406C9.08506 11.8139 8.64192 11.8139 8.36859 11.5406C8.09527 11.2673 8.09527 10.8241 8.36859 10.5508L10.0317 8.88766C10.0505 8.86691 10.0703 8.84711 10.091 8.82834L10.1539 8.76549L10.155 8.76439C10.4283 8.49106 10.8715 8.49106 11.1448 8.76439L11.1459 8.76549L11.2087 8.82827C11.2295 8.84708 11.2493 8.86693 11.2681 8.88773L12.9301 10.5497C13.204 10.8236 13.204 11.2677 12.9301 11.5417C12.6562 11.8156 12.212 11.8156 11.9381 11.5417L11.4832 11.0868V14.3617C11.4832 14.822 11.1101 15.1951 10.6499 15.1951Z"
+        fill="#219BF4" // Set fill color as per your original SVG
+      />
+    </Icon>
+  );
+}
+
+export function PictureIcon(props: IconProps) {
+  return (
+    <Icon
+      xmlns="http://www.w3.org/2000/svg"
+      width="17px" // Set width as per your original SVG
+      height="17px" // Set height as per your original SVG
+      viewBox="0 0 17 17"
+      fill="none"
+      {...props} // Spread props to allow customization
+    >
+      <path
+        d="M5.9408 7.31934C6.49309 7.31934 6.9408 6.87163 6.9408 6.31934C6.9408 5.76706 6.49309 5.31934 5.9408 5.31934C5.38852 5.31934 4.9408 5.76706 4.9408 6.31934C4.9408 6.87163 5.38852 7.31934 5.9408 7.31934Z"
+        fill="#00A9A6"
+      />
+      <path
+        fillRule="evenodd"
+        clipRule="evenodd"
+        d="M1.98315 6.35172C1.98315 5.00759 1.98315 4.33553 2.24474 3.82214C2.47483 3.37055 2.84199 3.0034 3.29358 2.7733C3.80697 2.51172 4.47903 2.51172 5.82315 2.51172H11.4765C12.8206 2.51172 13.4927 2.51172 14.0061 2.7733C14.4577 3.0034 14.8248 3.37055 15.0549 3.82214C15.3165 4.33553 15.3165 5.00759 15.3165 6.35172V10.648C15.3165 11.9921 15.3165 12.6642 15.0549 13.1775C14.8248 13.6291 14.4577 13.9963 14.0061 14.2264C13.4927 14.488 12.8206 14.488 11.4765 14.488H5.82315C4.47903 14.488 3.80697 14.488 3.29358 14.2264C2.84199 13.9963 2.47483 13.6291 2.24474 13.1775C1.98315 12.6642 1.98315 11.9921 1.98315 10.648V6.35172ZM5.82315 3.84505H11.4765C12.1706 3.84505 12.6109 3.84609 12.9442 3.87332C13.262 3.89928 13.3633 3.94225 13.4007 3.96131C13.6015 4.06358 13.7646 4.22676 13.8669 4.42746C13.886 4.46487 13.9289 4.56623 13.9549 4.88398C13.9821 5.21729 13.9832 5.65765 13.9832 6.35172V10.648C13.9832 10.656 13.9832 10.664 13.9832 10.672L10.7493 7.43813C10.489 7.17778 10.0669 7.17778 9.80652 7.43813L4.14224 13.1024C3.98756 13.0789 3.9262 13.0523 3.8989 13.0384C3.69819 12.9361 3.53501 12.7729 3.43275 12.5722C3.41369 12.5348 3.37072 12.4335 3.34476 12.1157C3.31752 11.7824 3.31649 11.342 3.31649 10.648V6.35172C3.31649 5.65766 3.31752 5.2173 3.34476 4.88398C3.37072 4.56623 3.41369 4.46487 3.43275 4.42746C3.53501 4.22676 3.69819 4.06358 3.8989 3.96131C3.9363 3.94225 4.03766 3.89928 4.35541 3.87332C4.68873 3.84609 5.12909 3.84505 5.82315 3.84505ZM10.2779 8.85235L5.97563 13.1546H11.4765C12.1706 13.1546 12.6109 13.1536 12.9442 13.1264C13.262 13.1004 13.3633 13.0574 13.4007 13.0384C13.6015 12.9361 13.7646 12.7729 13.8669 12.5722C13.8751 12.5561 13.8878 12.5281 13.9016 12.476L10.2779 8.85235Z"
+        fill="#00A9A6"
+      />
+    </Icon>
+  );
+}
+
+export function DeleteIcon(props: IconProps) {
+  return (
+    <Icon
+      xmlns="http://www.w3.org/2000/svg"
+      width="17px" // Set width as per your original SVG
+      height="17px" // Set height as per your original SVG
+      viewBox="0 0 17 17"
+      fill="none"
+      {...props} // Spread props to allow customization
+    >
+      <path
+        fillRule="evenodd"
+        clipRule="evenodd"
+        d="M8.13248 1.68018H9.16751C9.49052 1.68016 9.77219 1.68015 10.0048 1.69916C10.2512 1.71929 10.5007 1.76404 10.742 1.88697C11.099 2.06887 11.3892 2.35911 11.5711 2.71611C11.694 2.95738 11.7388 3.20684 11.7589 3.45328C11.7749 3.64934 11.7774 3.88026 11.7778 4.14141H14.1878C14.556 4.14141 14.8544 4.43989 14.8544 4.80808C14.8544 5.17627 14.556 5.47474 14.1878 5.47474H13.6238V11.7267C13.6238 12.2205 13.6238 12.6311 13.5965 12.9662C13.5679 13.3153 13.5064 13.6407 13.35 13.9478C13.1091 14.4205 12.7247 14.8049 12.2519 15.0458C11.9448 15.2023 11.6194 15.2638 11.2704 15.2923C10.9352 15.3197 10.5247 15.3197 10.0309 15.3197H7.26909C6.77534 15.3197 6.36475 15.3197 6.02963 15.2923C5.68059 15.2638 5.35515 15.2023 5.04807 15.0458C4.5753 14.8049 4.19092 14.4205 3.95003 13.9478C3.79356 13.6407 3.73205 13.3153 3.70354 12.9662C3.67616 12.6311 3.67616 12.2205 3.67617 11.7267L3.67617 5.47474H3.11222C2.74403 5.47474 2.44556 5.17627 2.44556 4.80808C2.44556 4.43989 2.74403 4.14141 3.11222 4.14141H5.52216C5.52255 3.88026 5.52506 3.64934 5.54108 3.45328C5.56121 3.20684 5.60596 2.95738 5.72889 2.71611C5.91079 2.35911 6.20104 2.06887 6.55803 1.88697C6.7993 1.76404 7.04876 1.71929 7.2952 1.69916C7.5278 1.68015 7.80947 1.68016 8.13248 1.68018ZM5.00951 5.47474V11.6995C5.00951 12.2274 5.01002 12.5833 5.03244 12.8576C5.05422 13.1242 5.09331 13.2547 5.13804 13.3425C5.2511 13.5643 5.4315 13.7447 5.65339 13.8578C5.74118 13.9025 5.87162 13.9416 6.13821 13.9634C6.41257 13.9858 6.76841 13.9863 7.29632 13.9863H10.0037C10.5316 13.9863 10.8874 13.9858 11.1618 13.9634C11.4284 13.9416 11.5588 13.9025 11.6466 13.8578C11.8685 13.7447 12.0489 13.5643 12.162 13.3425C12.2067 13.2547 12.2458 13.1242 12.2676 12.8576C12.29 12.5833 12.2905 12.2274 12.2905 11.6995V5.47474H5.00951ZM10.4444 4.14141H6.85555C6.85602 3.88297 6.85839 3.70371 6.86998 3.56185C6.88338 3.39787 6.9057 3.34341 6.9169 3.32143C6.97097 3.21532 7.05724 3.12904 7.16335 3.07498C7.18533 3.06378 7.23979 3.04146 7.40377 3.02806C7.57553 3.01403 7.80214 3.01351 8.15775 3.01351H9.14224C9.49785 3.01351 9.72446 3.01403 9.89622 3.02806C10.0602 3.04146 10.1147 3.06378 10.1366 3.07498C10.2428 3.12905 10.329 3.21532 10.3831 3.32143C10.3943 3.34341 10.4166 3.39787 10.43 3.56185C10.4416 3.70371 10.444 3.88297 10.4444 4.14141ZM7.41938 7.5256C7.78757 7.5256 8.08605 7.82408 8.08605 8.19227V11.2688C8.08605 11.637 7.78757 11.9355 7.41938 11.9355C7.05119 11.9355 6.75271 11.637 6.75271 11.2688V8.19227C6.75271 7.82408 7.05119 7.5256 7.41938 7.5256ZM9.88061 7.5256C10.2488 7.5256 10.5473 7.82408 10.5473 8.19227V11.2688C10.5473 11.637 10.2488 11.9355 9.88061 11.9355C9.51242 11.9355 9.21395 11.637 9.21395 11.2688V8.19227C9.21395 7.82408 9.51242 7.5256 9.88061 7.5256Z"
+        fill="#667085"
+      />
+    </Icon>
+  );
+}
+
+export function AttachmentIcon(props: IconProps) {
+  return (
+    <Icon
+      xmlns="http://www.w3.org/2000/svg"
+      width="17px"
+      height="17px"
+      viewBox="0 0 17 17"
+      fill="none"
+      {...props}
+    >
+      <path
+        fillRule="evenodd"
+        clipRule="evenodd"
+        d="M15.9202 9.54936C15.9202 11.3969 14.4521 12.9016 12.6188 12.9603V12.9621H12.3508C11.9826 12.9621 11.6841 12.6636 11.6841 12.2954C11.6841 11.9273 11.9826 11.6288 12.3508 11.6288H12.5188C13.662 11.6227 14.5869 10.694 14.5869 9.54936C14.5869 8.57595 13.9168 7.75574 13.011 7.53099L12.2455 7.34109L12.0433 6.57883C11.6448 5.07708 10.2747 3.97201 8.64993 3.97201C7.02513 3.97201 5.65503 5.07708 5.25659 6.57883L5.05434 7.34109L4.28891 7.53099C3.38307 7.75574 2.71297 8.57595 2.71297 9.54936C2.71297 10.6978 3.64396 11.6288 4.79238 11.6288L4.79579 11.6288L4.98515 11.6288C5.35334 11.6288 5.65181 11.9273 5.65181 12.2954C5.65181 12.6636 5.35334 12.9621 4.98515 12.9621H4.79238H4.71848V12.9613C2.8678 12.922 1.37964 11.4095 1.37964 9.54936C1.37964 7.94886 2.48139 6.60569 3.96784 6.2369C4.51747 4.16533 6.40542 2.63867 8.64993 2.63867C10.8944 2.63867 12.7824 4.16533 13.332 6.2369C14.8185 6.60569 15.9202 7.94886 15.9202 9.54936ZM8.64992 7.80038C8.28173 7.80038 7.98325 8.09886 7.98325 8.46705V12.3437L7.61672 11.9771C7.39806 11.7585 7.04354 11.7585 6.82488 11.9771C6.60622 12.1958 6.60622 12.5503 6.82488 12.769L8.15536 14.0994C8.17039 14.116 8.18625 14.1319 8.20286 14.1469L8.25313 14.1972C8.47227 14.4163 8.82758 14.4163 9.04672 14.1972L9.09699 14.1469C9.1136 14.1319 9.12945 14.1161 9.14447 14.0994L10.4741 12.7698C10.6932 12.5507 10.6932 12.1954 10.4741 11.9762C10.2549 11.7571 9.89963 11.7571 9.68048 11.9762L9.31659 12.3401V8.46705C9.31659 8.09886 9.01811 7.80038 8.64992 7.80038Z"
+        fill="#0884DD"
+      />
+    </Icon>
+  );
+}
diff --git a/frontend/desktop/src/components/signin/auth/usePassword.tsx b/frontend/desktop/src/components/signin/auth/usePassword.tsx
index 7c5324989cc..be8ed7cecf7 100644
--- a/frontend/desktop/src/components/signin/auth/usePassword.tsx
+++ b/frontend/desktop/src/components/signin/auth/usePassword.tsx
@@ -95,6 +95,9 @@ export default function usePassword({
                         userId: payload.userId,
                         userUid: payload.userUid,
                         realName: infoData.data?.info.realName || undefined,
+                        enterpriseVerificationStatus:
+                          infoData.data?.info.enterpriseVerificationStatus || undefined,
+                        enterpriseRealName: infoData.data?.info.enterpriseRealName || undefined,
                         userRestrictedLevel: infoData.data?.info.userRestrictedLevel || undefined
                       },
                       kubeconfig: regionResult.data.kubeconfig
diff --git a/frontend/desktop/src/components/signin/auth/useWechat.tsx b/frontend/desktop/src/components/signin/auth/useWechat.tsx
index d0250048993..ea2084389d2 100644
--- a/frontend/desktop/src/components/signin/auth/useWechat.tsx
+++ b/frontend/desktop/src/components/signin/auth/useWechat.tsx
@@ -53,7 +53,10 @@ export default function useWechat() {
             userUid: payload.userUid,
             userId: payload.userId,
             realName: infoData.data?.info.realName || undefined,
-            userRestrictedLevel: infoData.data?.info.userRestrictedLevel || undefined
+            userRestrictedLevel: infoData.data?.info.userRestrictedLevel || undefined,
+            enterpriseVerificationStatus:
+              infoData.data?.info.enterpriseVerificationStatus || undefined,
+            enterpriseRealName: infoData.data?.info.enterpriseRealName || undefined
           },
           // @ts-ignore
           kubeconfig: result.data.kubeconfig
diff --git a/frontend/desktop/src/pages/api/account/enterpriseRealNameAuth.ts b/frontend/desktop/src/pages/api/account/enterpriseRealNameAuth.ts
new file mode 100644
index 00000000000..dcbb683ad37
--- /dev/null
+++ b/frontend/desktop/src/pages/api/account/enterpriseRealNameAuth.ts
@@ -0,0 +1,245 @@
+import { jsonRes } from '@/services/backend/response';
+import { enableEnterpriseRealNameAuth } from '@/services/enable';
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { verifyAccessToken } from '@/services/backend/auth';
+import { globalPrisma } from '@/services/backend/db/init';
+import { RealNameOSSConfigType } from '@/types';
+import * as Minio from 'minio';
+import formidable, { Fields, Files, File, Part } from 'formidable';
+import path from 'path';
+import Formidable from 'formidable/Formidable';
+import fs from 'fs/promises';
+
+export const config = {
+  api: {
+    bodyParser: false
+  }
+};
+
+const realNameOSS: RealNameOSSConfigType = global.AppConfig.realNameOSS;
+
+const MAX_FILE_SIZE = 10 * 1024 * 1024; // 10MB
+const ALLOWED_FILE_TYPES = ['image/jpeg', 'image/png', 'application/pdf'];
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  if (!enableEnterpriseRealNameAuth) {
+    console.error('enterpriseRealNameAuth: enterprise real name authentication not enabled');
+    return jsonRes(res, { code: 503, message: 'Enterprise real name authentication not enabled' });
+  }
+
+  if (req.method !== 'POST') {
+    console.error('enterpriseRealNameAuth: Method not allowed');
+    return jsonRes(res, { code: 405, message: 'Method not allowed' });
+  }
+
+  const payload = await verifyAccessToken(req.headers);
+  if (!payload) return jsonRes(res, { code: 401, message: 'Token is invalid' });
+
+  if (!realNameOSS) {
+    return jsonRes(res, {
+      code: 500,
+      message: 'Real name authentication oss configuration not found'
+    });
+  }
+
+  try {
+    const userUid = payload.userUid;
+
+    const form = formidable({
+      multiples: false,
+      keepExtensions: true,
+      maxFileSize: MAX_FILE_SIZE,
+      filter: function (part: Part): boolean {
+        return part.mimetype !== null && ALLOWED_FILE_TYPES.includes(part.mimetype);
+      },
+      filename: function (name: string, ext: string, part: Part, form: Formidable): string {
+        const sanitizedName = sanitizeFilename(part.originalFilename || 'unnamed');
+        return sanitizedName;
+      }
+    });
+
+    const formData = await parseFormData(req, form);
+    const { fields, files } = formData;
+
+    const enterpriseName = fields.enterpriseName?.[0];
+
+    if ((enterpriseName && enterpriseName.length < 1) || enterpriseName.length > 20) {
+      return jsonRes(res, {
+        code: 400,
+        message: 'Enterprise name must be between 1 and 20 characters'
+      });
+    }
+
+    if (!files.enterpriseQualification?.[0] || !files.supportingMaterials?.[0]) {
+      return jsonRes(res, {
+        code: 400,
+        message: 'Enterprise qualification and supporting materials are required'
+      });
+    }
+
+    if (
+      files &&
+      files.enterpriseQualification?.[0] &&
+      files.enterpriseQualification?.[0].size > MAX_FILE_SIZE
+    ) {
+      return jsonRes(res, {
+        code: 400,
+        message: 'Enterprise qualification file size exceeds the maximum limit'
+      });
+    }
+
+    if (
+      files &&
+      files.supportingMaterials?.[0] &&
+      files.supportingMaterials?.[0].size > MAX_FILE_SIZE
+    ) {
+      return jsonRes(res, {
+        code: 400,
+        message: 'Supporting materials file size exceeds the maximum limit'
+      });
+    }
+
+    // Check if EnterpriseRealNameInfo exists
+    const existingInfo = await globalPrisma.enterpriseRealNameInfo.findUnique({
+      where: { userUid }
+    });
+
+    if (!existingInfo) {
+      // Create new EnterpriseRealNameInfo
+      const ossPaths = await uploadFiles(userUid, files);
+      await createEnterpriseRealNameInfo(userUid, enterpriseName, ossPaths);
+      return jsonRes(res, {
+        code: 200,
+        message: 'Enterprise real name authentication submitted successfully',
+        data: { status: 'Pending' }
+      });
+    }
+
+    // Handle existing EnterpriseRealNameInfo cases
+    switch (existingInfo.verificationStatus) {
+      case 'Pending':
+        return jsonRes(res, { code: 400, message: 'Authentication is under review' });
+      case 'Success':
+        return jsonRes(res, { code: 400, message: 'Cannot authenticate multiple times' });
+      case 'Failed':
+        // Re-upload files and update EnterpriseRealNameInfo
+        const newOssPaths = await uploadFiles(userUid, files);
+        await updateEnterpriseRealNameInfo(existingInfo.id, enterpriseName, newOssPaths);
+        return jsonRes(res, {
+          code: 200,
+          data: { status: 'Pending' },
+          message: 'Enterprise real name authentication resubmitted successfully'
+        });
+      default:
+        return jsonRes(res, { code: 500, message: 'Invalid verification status' });
+    }
+  } catch (error) {
+    console.error('enterpriseRealNameAuth: Internal error', error);
+    return jsonRes(res, { code: 500, message: 'The server has encountered an error' });
+  }
+}
+
+// Helper functions
+async function parseFormData(req: NextApiRequest, form: Formidable): Promise<any> {
+  return new Promise((resolve, reject) => {
+    form.parse(req, (err: Error, fields: Fields, files: Files) => {
+      if (err) {
+        reject(err);
+      } else {
+        resolve({ fields, files });
+      }
+    });
+  });
+}
+
+function sanitizeFilename(filename: string): string {
+  // Remove any path components
+  const basename = path.basename(filename);
+  // Define a blacklist of malicious characters
+  const blacklist = /[<>:"/\\|?*\x00-\x1F]/g;
+  // Replace blacklisted characters with underscores
+  return basename.replace(blacklist, '_');
+}
+
+async function uploadFiles(userUid: string, files: Files): Promise<string[]> {
+  const minioConfig: Minio.ClientOptions = {
+    endPoint: realNameOSS.endpoint,
+    accessKey: realNameOSS.accessKey,
+    secretKey: realNameOSS.accessKeySecret,
+    useSSL: realNameOSS.ssl
+  };
+  const minioClient = new Minio.Client(minioConfig);
+
+  const filesToUpload = [
+    { file: files.enterpriseQualification?.[0], name: 'enterpriseQualification' },
+    { file: files.supportingMaterials?.[0], name: 'supportingMaterials' }
+  ].filter((item) => item.file !== null);
+
+  const uploadPromises = filesToUpload.map((item) =>
+    uploadFile(minioClient, userUid, item.file!, item.name)
+  );
+
+  return await Promise.all(uploadPromises);
+}
+
+async function uploadFile(
+  minioClient: Minio.Client,
+  userUid: string,
+  file: File,
+  fileType: string
+): Promise<string> {
+  const timestamp = Date.now();
+  const fileName = `${timestamp}_${fileType}_${file.newFilename}`;
+  const filePath = `/${userUid}/${fileName}`;
+  try {
+    await minioClient.fPutObject(realNameOSS.enterpriseRealNameBucket, filePath, file.filepath, {
+      'Content-Type': file.mimetype || 'application/octet-stream'
+    });
+
+    // Check if the file exists before attempting to delete it
+    try {
+      await fs.access(file.filepath);
+      // If no error is thrown, the file exists, so we can delete it
+      await fs.unlink(file.filepath);
+      console.debug(`File ${file.filepath} has been deleted.`);
+    } catch (accessError) {
+      // If an error is thrown, the file doesn't exist
+      console.debug(`File ${file.filepath} does not exist or is not accessible.`);
+    }
+  } catch (error) {
+    console.error('EnterpriseRealNameAuth uploadFile: Error uploading file', error);
+    throw error;
+  }
+
+  return filePath;
+}
+
+async function createEnterpriseRealNameInfo(
+  userUid: string,
+  enterpriseName: string,
+  ossPaths: string[]
+) {
+  await globalPrisma.enterpriseRealNameInfo.create({
+    data: {
+      userUid,
+      enterpriseName: enterpriseName,
+      supportingMaterials: { ossPaths: ossPaths }, // Remaining paths for supportingMaterials
+      verificationStatus: 'Pending'
+    }
+  });
+}
+
+async function updateEnterpriseRealNameInfo(
+  id: string,
+  enterpriseName: string,
+  ossPaths: string[]
+) {
+  await globalPrisma.enterpriseRealNameInfo.update({
+    where: { id },
+    data: {
+      enterpriseName: enterpriseName,
+      supportingMaterials: { ossPaths: ossPaths },
+      verificationStatus: 'Pending'
+    }
+  });
+}
diff --git a/frontend/desktop/src/pages/api/account/faceIdRealNameAuthCallback.ts b/frontend/desktop/src/pages/api/account/faceIdRealNameAuthCallback.ts
new file mode 100644
index 00000000000..c265dd6394d
--- /dev/null
+++ b/frontend/desktop/src/pages/api/account/faceIdRealNameAuthCallback.ts
@@ -0,0 +1,308 @@
+import { verifyAccessToken } from '@/services/backend/auth';
+import { jsonRes } from '@/services/backend/response';
+import { enableRealNameAuth } from '@/services/enable';
+import * as tcsdk from 'tencentcloud-sdk-nodejs';
+import { NextApiRequest, NextApiResponse } from 'next';
+import { globalPrisma } from '@/services/backend/db/init';
+import { GetDetectInfoEnhancedResponse } from 'tencentcloud-sdk-nodejs/tencentcloud/services/faceid/v20180301/faceid_models';
+import { RealNameOSSConfigType } from '@/types';
+import { Client, ClientOptions } from 'minio';
+
+type TencentCloudFaceAuthConfig = {
+  secretId: string;
+  secretKey: string;
+  ruleId: string;
+};
+
+type JsonValue = string | number | boolean | object | null;
+
+type RealNameAuthProvider = {
+  id: string;
+  backend: string;
+  authType: string;
+  maxFailedTimes: number;
+  config: JsonValue;
+  createdAt: Date;
+  updatedAt: Date;
+};
+
+type AdditionalInfo =
+  | {
+      faceRecognition?: {
+        callback?: {
+          bizToken?: string;
+          url?: string | null;
+          isUsed?: boolean;
+          createdAt?: number;
+        };
+      };
+      userMaterials?: string[];
+    }
+  | any;
+
+const realNameOSS: RealNameOSSConfigType = global.AppConfig.realNameOSS;
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  if (!enableRealNameAuth) {
+    console.error('faceidRealNameAuth: Real name authentication not enabled');
+    return jsonRes(res, { code: 503, message: 'Real name authentication not enabled' });
+  }
+
+  const bizToken = req.query?.BizToken as string;
+  const extraQuery = req.query?.Extra as string;
+
+  const regionToken = extraQuery?.split('regionToken=')[1];
+  if (!regionToken) {
+    return jsonRes(res, { code: 400, message: 'Token is required' });
+  }
+
+  req.headers['authorization'] = regionToken;
+
+  const payload = await verifyAccessToken(req.headers);
+  if (!payload) return jsonRes(res, { code: 401, message: 'Token is invaild' });
+
+  if (!realNameOSS) {
+    return jsonRes(res, {
+      code: 500,
+      message: 'Real name authentication oss configuration not found'
+    });
+  }
+
+  try {
+    const realNameAuthProvider: RealNameAuthProvider | null =
+      await globalPrisma.realNameAuthProvider.findFirst({
+        where: {
+          backend: 'TENCENTCLOUD',
+          authType: 'tcloudFaceAuth'
+        }
+      });
+
+    if (!realNameAuthProvider) {
+      throw new Error('faceidRealNameAuth: Real name authentication provider not found');
+    }
+
+    const config: TencentCloudFaceAuthConfig =
+      realNameAuthProvider.config as TencentCloudFaceAuthConfig;
+
+    if (!config) {
+      throw new Error('faceidRealNameAuth: Real name authentication configuration not found');
+    }
+
+    const userRealNameFaceAuthInfo = await getUserRealNameInfo(bizToken, config);
+    const isFaceRecognitionSuccess = userRealNameFaceAuthInfo.Text?.ErrCode === 0;
+
+    const userUid = payload.userUid;
+    const timestamp = Date.now();
+
+    // Fetch existing user real name info
+    const userRealNameInfo = await globalPrisma.userRealNameInfo.findUnique({
+      where: { userUid }
+    });
+
+    if (!userRealNameInfo || !userRealNameInfo.additionalInfo) {
+      return jsonRes(res, { code: 400, message: 'User real name info not found' });
+    }
+
+    let additionalInfo: AdditionalInfo = userRealNameInfo.additionalInfo;
+
+    additionalInfo.faceRecognition.callback.isUsed = true;
+
+    // Initialize or reset userMaterials array
+    additionalInfo.userMaterials = [];
+
+    const minioConfig: ClientOptions = {
+      endPoint: realNameOSS.endpoint,
+      accessKey: realNameOSS.accessKey,
+      secretKey: realNameOSS.accessKeySecret,
+      useSSL: realNameOSS.ssl
+    };
+    const minioClient = new Client(minioConfig);
+
+    if (userRealNameFaceAuthInfo.BestFrame?.BestFrame) {
+      const imageBuffer = Buffer.from(userRealNameFaceAuthInfo.BestFrame.BestFrame, 'base64');
+      const imagePath = `${userUid}/${timestamp}_bestframe.jpg`;
+      await uploadFile(
+        minioClient,
+        realNameOSS.realNameBucket,
+        imagePath,
+        imageBuffer,
+        'image/jpeg'
+      );
+      additionalInfo.userMaterials.push(imagePath);
+    }
+
+    if (userRealNameFaceAuthInfo.VideoData?.LivenessVideo) {
+      const videoBuffer = Buffer.from(userRealNameFaceAuthInfo.VideoData.LivenessVideo, 'base64');
+      const videoPath = `${userUid}/${timestamp}_video.mp4`;
+      await uploadFile(
+        minioClient,
+        realNameOSS.realNameBucket,
+        videoPath,
+        videoBuffer,
+        'video/mp4'
+      );
+      additionalInfo.userMaterials.push(videoPath);
+    }
+
+    if (isFaceRecognitionSuccess) {
+      await globalPrisma.userRealNameInfo.update({
+        where: { userUid },
+        data: {
+          realName: userRealNameFaceAuthInfo.Text?.Name,
+          idCard: userRealNameFaceAuthInfo.Text?.IdCard,
+          isVerified: true,
+          additionalInfo
+        }
+      });
+
+      res.setHeader('Content-Type', 'text/html');
+      return res.send(`
+        <!DOCTYPE html>
+        <html lang="en">
+        <head>
+          <meta charset="UTF-8">
+          <meta name="viewport" content="width=device-width, initial-scale=1.0">
+          <title>Real Name Authentication</title>
+          <style>
+            body, html {
+              height: 100%;
+              margin: 0;
+              display: flex;
+              justify-content: center;
+              align-items: center;
+            }
+            h1 {
+              text-align: center;
+            }
+          </style>
+        </head>
+        <body>
+          <h1>Real Name Authentication Successful</h1>
+        </body>
+        </html>
+      `);
+    } else {
+      await globalPrisma.userRealNameInfo.update({
+        where: { userUid },
+        data: {
+          isVerified: false,
+          idVerifyFailedTimes: { increment: 1 },
+          additionalInfo
+        }
+      });
+
+      res.setHeader('Content-Type', 'text/html');
+      return res.send(`
+        <!DOCTYPE html>
+        <html lang="en">
+        <head>
+          <meta charset="UTF-8">
+          <meta name="viewport" content="width=device-width, initial-scale=1.0">
+          <title>Real Name Authentication</title>
+          <style>
+            body, html {
+              height: 100%;
+              margin: 0;
+              display: flex;
+              justify-content: center;
+              align-items: center;
+            }
+            h1 {
+              text-align: center;
+              color: #ff0000; /* Red color for error message */
+            }
+          </style>
+        </head>
+        <body>
+          <h1>Real Name Authentication Failed</h1>
+        </body>
+        </html>
+      `);
+    }
+  } catch (error) {
+    console.error('faceidRealNameAuth: Internal error');
+    console.error(error);
+    res.setHeader('Content-Type', 'text/html');
+    return res.status(500).send(`
+      <!DOCTYPE html>
+      <html lang="en">
+      <head>
+        <meta charset="UTF-8">
+        <meta name="viewport" content="width=device-width, initial-scale=1.0">
+        <title>Server Error</title>
+        <style>
+          body, html {
+            height: 100%;
+            margin: 0;
+            display: flex;
+            justify-content: center;
+            align-items: center;
+            font-family: Arial, sans-serif;
+          }
+          .error-container {
+            text-align: center;
+            padding: 20px;
+            border: 1px solid #ff0000;
+            border-radius: 5px;
+          }
+          h1 {
+            color: #ff0000;
+            margin-bottom: 10px;
+          }
+          p {
+            color: #666;
+          }
+        </style>
+      </head>
+      <body>
+        <div class="error-container">
+          <h1>Server Error</h1>
+          <p>The server has encountered an error. Please try again later.</p>
+        </div>
+      </body>
+      </html>
+    `);
+  }
+}
+
+async function getUserRealNameInfo(
+  bizToken: string,
+  config: TencentCloudFaceAuthConfig
+): Promise<GetDetectInfoEnhancedResponse> {
+  const FaceClient = tcsdk.faceid.v20180301.Client;
+  const client = new FaceClient({
+    credential: {
+      secretId: config.secretId,
+      secretKey: config.secretKey
+    },
+    region: '',
+    profile: {
+      signMethod: 'HmacSHA256',
+      httpProfile: {
+        endpoint: 'faceid.tencentcloudapi.com',
+        reqMethod: 'POST',
+        reqTimeout: 30 // Request timeout, default 60s
+      }
+    }
+  });
+
+  const params = {
+    BizToken: bizToken,
+    InfoType: '0',
+    RuleId: config.ruleId,
+    BestFramesCount: 0
+  };
+
+  const data = await client.GetDetectInfoEnhanced(params);
+  return data;
+}
+
+async function uploadFile(
+  minioClient: Client,
+  bucket: string,
+  path: string,
+  buffer: Buffer,
+  contentType: string
+): Promise<void> {
+  await minioClient.putObject(bucket, path, buffer, buffer.length, { 'Content-Type': contentType });
+}
diff --git a/frontend/desktop/src/pages/api/account/generateRealNameQRcodeUri.ts b/frontend/desktop/src/pages/api/account/generateRealNameQRcodeUri.ts
new file mode 100644
index 00000000000..3120f8a859a
--- /dev/null
+++ b/frontend/desktop/src/pages/api/account/generateRealNameQRcodeUri.ts
@@ -0,0 +1,210 @@
+import { jsonRes } from '@/services/backend/response';
+import { enableRealNameAuth } from '@/services/enable';
+import type { NextApiRequest, NextApiResponse } from 'next';
+import * as tcsdk from 'tencentcloud-sdk-nodejs';
+import { verifyAccessToken } from '@/services/backend/auth';
+import { globalPrisma } from '@/services/backend/db/init';
+
+type TencentCloudFaceAuthConfig = {
+  secretId: string;
+  secretKey: string;
+  ruleId: string;
+};
+
+type JsonValue = string | number | boolean | object | null;
+
+type RealNameAuthProvider = {
+  id: string;
+  backend: string;
+  authType: string;
+  maxFailedTimes: number;
+  config: JsonValue;
+  createdAt: Date;
+  updatedAt: Date;
+};
+
+type AdditionalInfo =
+  | {
+      faceRecognition?: {
+        callback?: {
+          bizToken?: string;
+          url?: string | null;
+          isUsed?: boolean;
+          createdAt?: number;
+        };
+      };
+      userMaterials?: string[];
+    }
+  | any;
+
+type QRCodeUrlResult = {
+  url: string;
+  bizToken: string;
+};
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  if (!enableRealNameAuth) {
+    console.error('faceidRealNameAuth: Real name authentication not enabled');
+    return jsonRes(res, { code: 503, message: 'Real name authentication not enabled' });
+  }
+
+  if (req.method !== 'GET') {
+    console.error('faceidRealNameAuth: Method not allowed');
+    return jsonRes(res, { code: 405, message: 'Method not allowed' });
+  }
+
+  const payload = await verifyAccessToken(req.headers);
+  if (!payload) return jsonRes(res, { code: 401, message: 'Token is invaild' });
+
+  try {
+    const realNameAuthProvider: RealNameAuthProvider | null =
+      await globalPrisma.realNameAuthProvider.findFirst({
+        where: {
+          backend: 'TENCENTCLOUD',
+          authType: 'tcloudFaceAuth'
+        }
+      });
+
+    if (!realNameAuthProvider) {
+      throw new Error('faceidRealNameAuth: Real name authentication provider not found');
+    }
+
+    const config: TencentCloudFaceAuthConfig =
+      realNameAuthProvider.config as TencentCloudFaceAuthConfig;
+
+    if (!config) {
+      throw new Error('faceidRealNameAuth: Real name authentication configuration not found');
+    }
+
+    const realNameInfo = await globalPrisma.userRealNameInfo.findUnique({
+      where: {
+        userUid: payload.userUid
+      }
+    });
+
+    if (realNameInfo && realNameInfo.isVerified) {
+      console.info(`faceidRealNameAuth: User ${payload.userUid} has already been verified`);
+      return jsonRes(res, {
+        code: 409,
+        message: 'Identity verification has been completed, cannot be repeated.'
+      });
+    }
+
+    if (realNameInfo && realNameInfo.idVerifyFailedTimes >= realNameAuthProvider.maxFailedTimes) {
+      console.info(
+        `faceidRealNameAuth: User ${payload.userUid} has reached the maximum number of failed attempts`
+      );
+      return jsonRes(res, {
+        code: 429,
+        message: 'You have exceeded the maximum number of attempts. Please submit a ticket'
+      });
+    }
+
+    let urlResult: QRCodeUrlResult | null = null;
+    let additionalInfo: AdditionalInfo = realNameInfo?.additionalInfo || {};
+
+    const currentTime = new Date().getTime();
+    const urlCreatedAt = additionalInfo.faceRecognition?.callback?.createdAt || 0;
+    const urlExpirationTime = 7200 * 1000;
+
+    /* If the user has not been authenticated, or the authentication link has expired,
+     or the authentication link has already been used, 
+    the authentication link needs to be regenerated.
+    */
+
+    const shouldGenerateNewUrl =
+      !realNameInfo ||
+      !additionalInfo.faceRecognition?.callback?.url ||
+      additionalInfo.faceRecognition?.callback?.isUsed ||
+      currentTime - urlCreatedAt > urlExpirationTime;
+
+    if (shouldGenerateNewUrl) {
+      const redirectUrl = `https://${global.AppConfig?.cloud.domain}/api/account/faceIdRealNameAuthCallback`;
+      const regionToken = req.headers['authorization'] as string;
+      urlResult = await generateRealNameQRcodeUri(
+        redirectUrl,
+        regionToken,
+        config as TencentCloudFaceAuthConfig
+      );
+
+      additionalInfo = {
+        ...additionalInfo,
+        faceRecognition: {
+          ...additionalInfo.faceRecognition,
+          callback: {
+            bizToken: urlResult.bizToken,
+            url: urlResult.url,
+            isUsed: false,
+            createdAt: currentTime
+          }
+        }
+      };
+
+      await globalPrisma.userRealNameInfo.upsert({
+        where: { userUid: payload.userUid },
+        update: { additionalInfo },
+        create: {
+          userUid: payload.userUid,
+          isVerified: false,
+          idVerifyFailedTimes: 0,
+          additionalInfo
+        }
+      });
+    } else {
+      urlResult = {
+        url: additionalInfo.faceRecognition?.callback?.url || null,
+        bizToken: additionalInfo.faceRecognition?.callback?.bizToken || null
+      };
+    }
+
+    return jsonRes(res, {
+      code: 200,
+      message: 'success generate real name auth url',
+      data: { url: urlResult.url, bizToken: urlResult.bizToken }
+    });
+  } catch (error) {
+    console.error('faceidRealNameAuth: Internal error');
+    console.error(error);
+    return jsonRes(res, { code: 500, data: 'The server has encountered an error' });
+  }
+}
+
+async function generateRealNameQRcodeUri(
+  redirectUrl: string,
+  regionToken: string,
+  config: TencentCloudFaceAuthConfig
+): Promise<QRCodeUrlResult> {
+  const FaceClient = tcsdk.faceid.v20180301.Client;
+  const client = new FaceClient({
+    credential: {
+      secretId: config.secretId,
+      secretKey: config.secretKey
+    },
+    region: '',
+    profile: {
+      signMethod: 'HmacSHA256',
+      httpProfile: {
+        endpoint: 'faceid.tencentcloudapi.com',
+        reqMethod: 'POST',
+        reqTimeout: 30 // Request timeout, default 60s
+      }
+    }
+  });
+
+  const params = {
+    RuleId: config.ruleId,
+    RedirectUrl: redirectUrl,
+    Extra: `regionToken=${regionToken}`
+  };
+
+  const data = await client.DetectAuth(params);
+
+  if (!data.Url || !data.BizToken) {
+    throw new Error('Failed to generate QR code URL: Missing Url or BizToken');
+  }
+
+  return {
+    url: data.Url,
+    bizToken: data.BizToken
+  };
+}
diff --git a/frontend/desktop/src/pages/api/account/getFaceAuthStatus.ts b/frontend/desktop/src/pages/api/account/getFaceAuthStatus.ts
new file mode 100644
index 00000000000..2382381e913
--- /dev/null
+++ b/frontend/desktop/src/pages/api/account/getFaceAuthStatus.ts
@@ -0,0 +1,144 @@
+import { jsonRes } from '@/services/backend/response';
+import { enableRealNameAuth } from '@/services/enable';
+import type { NextApiRequest, NextApiResponse } from 'next';
+import * as tcsdk from 'tencentcloud-sdk-nodejs';
+import { verifyAccessToken } from '@/services/backend/auth';
+import { globalPrisma } from '@/services/backend/db/init';
+import { z } from 'zod';
+import { GetDetectInfoEnhancedResponse } from 'tencentcloud-sdk-nodejs/tencentcloud/services/faceid/v20180301/faceid_models';
+
+type TencentCloudFaceAuthConfig = {
+  secretId: string;
+  secretKey: string;
+  ruleId: string;
+};
+
+type JsonValue = string | number | boolean | object | null;
+
+type RealNameAuthProvider = {
+  id: string;
+  backend: string;
+  authType: string;
+  maxFailedTimes: number;
+  config: JsonValue;
+  createdAt: Date;
+  updatedAt: Date;
+};
+
+enum FaceAuthStatus {
+  SUCCESS = 'Success',
+  FAIL = 'Failed',
+  PENDING = 'Pending'
+}
+
+type FaceAuthResult = {
+  status: FaceAuthStatus;
+  realName?: string;
+};
+
+const bodySchema = z.object({
+  bizToken: z.string().length(36, { message: 'bizToken must be exactly 36 characters long' })
+});
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  if (!enableRealNameAuth) {
+    console.error('faceidRealNameAuth: Real name authentication not enabled');
+    return jsonRes(res, { code: 503, message: 'Real name authentication not enabled' });
+  }
+
+  if (req.method !== 'POST') {
+    console.error('realNameAuth: Method not allowed');
+    return jsonRes(res, { code: 405, message: 'Method not allowed' });
+  }
+
+  const payload = await verifyAccessToken(req.headers);
+  if (!payload) return jsonRes(res, { code: 401, message: 'Token is invaild' });
+
+  const faceAuthResult: FaceAuthResult = {
+    status: FaceAuthStatus.PENDING
+  };
+
+  try {
+    const { bizToken } = bodySchema.parse(req.body);
+
+    const realNameAuthProvider: RealNameAuthProvider | null =
+      await globalPrisma.realNameAuthProvider.findFirst({
+        where: {
+          backend: 'TENCENTCLOUD',
+          authType: 'tcloudFaceAuth'
+        }
+      });
+
+    if (!realNameAuthProvider) {
+      throw new Error('faceidRealNameAuth: Real name authentication provider not found');
+    }
+
+    const config: TencentCloudFaceAuthConfig =
+      realNameAuthProvider.config as TencentCloudFaceAuthConfig;
+
+    if (!config) {
+      throw new Error('faceidRealNameAuth: Real name authentication configuration not found');
+    }
+
+    const faceAuthInfo = await getUserRealNameInfo(bizToken, config);
+
+    const realNameInfo = await globalPrisma.userRealNameInfo.findUnique({
+      where: {
+        userUid: payload.userUid
+      }
+    });
+
+    if (faceAuthInfo.Text?.ErrCode !== null && faceAuthInfo.Text?.ErrCode === 0) {
+      if (realNameInfo && realNameInfo.realName && realNameInfo.isVerified) {
+        faceAuthResult.status = FaceAuthStatus.SUCCESS;
+        faceAuthResult.realName = realNameInfo.realName;
+      }
+    }
+
+    if (faceAuthInfo.Text?.ErrCode !== null && faceAuthInfo.Text?.ErrCode !== 0) {
+      faceAuthResult.status = FaceAuthStatus.FAIL;
+    }
+
+    return jsonRes(res, {
+      code: 200,
+      message: 'success get face auth result',
+      data: { status: faceAuthResult.status, realName: faceAuthResult.realName }
+    });
+  } catch (error) {
+    console.error('faceidRealNameAuth: Internal error');
+    console.error(error);
+    return jsonRes(res, { code: 500, data: 'The server has encountered an error' });
+  }
+}
+
+async function getUserRealNameInfo(
+  bizToken: string,
+  config: TencentCloudFaceAuthConfig
+): Promise<GetDetectInfoEnhancedResponse> {
+  const FaceClient = tcsdk.faceid.v20180301.Client;
+  const client = new FaceClient({
+    credential: {
+      secretId: config.secretId,
+      secretKey: config.secretKey
+    },
+    region: '',
+    profile: {
+      signMethod: 'HmacSHA256',
+      httpProfile: {
+        endpoint: 'faceid.tencentcloudapi.com',
+        reqMethod: 'POST',
+        reqTimeout: 30 // Request timeout, default 60s
+      }
+    }
+  });
+
+  const params = {
+    BizToken: bizToken,
+    InfoType: '0',
+    RuleId: config.ruleId,
+    BestFramesCount: 0
+  };
+
+  const data = await client.GetDetectInfoEnhanced(params);
+  return data;
+}
diff --git a/frontend/desktop/src/pages/api/account/realNameAuth.ts b/frontend/desktop/src/pages/api/account/realNameAuth.ts
deleted file mode 100644
index 100e718bf47..00000000000
--- a/frontend/desktop/src/pages/api/account/realNameAuth.ts
+++ /dev/null
@@ -1,219 +0,0 @@
-import { jsonRes } from '@/services/backend/response';
-import { enableRealNameAuth } from '@/services/enable';
-import { z } from 'zod';
-import type { NextApiRequest, NextApiResponse } from 'next';
-import * as tcsdk from 'tencentcloud-sdk-nodejs';
-import { verifyAccessToken } from '@/services/backend/auth';
-import { identityCodeValid } from '@/utils/tools';
-import { globalPrisma } from '@/services/backend/db/init';
-
-type TencentCloudPhone3efConfig = {
-  secretId: string;
-  secretKey: string;
-};
-
-// type OtherBackendConfig = { ... };
-
-// backend_authType
-type ConfigMap = {
-  TENCENTCLOUD_tcloudphone3ef: TencentCloudPhone3efConfig;
-  // 'OTHER_BACKEND_authType': OtherBackendConfig;
-};
-
-type RealNameAuthProvider = {
-  id: string;
-  backend: string;
-  authType: string;
-  maxFailedTimes: number;
-  config: ConfigType;
-  createdAt: Date;
-  updatedAt: Date;
-};
-
-type ConfigType = {
-  [K in keyof ConfigMap]: RealNameAuthProvider extends { backend: infer B; authType: infer A }
-    ? `${B extends string ? B : never}_${A extends string ? A : never}` extends K
-      ? ConfigMap[K]
-      : never
-    : never;
-}[keyof ConfigMap];
-
-const bodySchema = z.object({
-  name: z
-    .string()
-    .min(1, { message: 'Name must not be empty' })
-    .max(20, { message: 'Name must not exceed 20 characters' }),
-  idCard: z.string().refine(identityCodeValid, { message: 'Invalid ID card number' })
-});
-
-export default async function handler(req: NextApiRequest, res: NextApiResponse) {
-  if (!enableRealNameAuth) {
-    console.error('realNameAuth: Real name authentication not enabled');
-    return jsonRes(res, { code: 503, message: 'Real name authentication not enabled' });
-  }
-
-  if (req.method !== 'POST') {
-    console.error('realNameAuth: Method not allowed');
-    return jsonRes(res, { code: 405, message: 'Method not allowed' });
-  }
-
-  const payload = await verifyAccessToken(req.headers);
-  if (!payload) return jsonRes(res, { code: 401, message: 'Token is invaild' });
-
-  try {
-    const { name, idCard } = bodySchema.parse(req.body);
-
-    const oauthProvider = await globalPrisma.oauthProvider.findFirst({
-      where: {
-        userUid: payload.userUid,
-        providerType: 'PHONE'
-      }
-    });
-
-    if (!oauthProvider) {
-      console.error('realNameAuth: User has not bound phone number');
-      return jsonRes(res, { code: 400, message: 'Mobile number not bound' });
-    }
-
-    const phone = oauthProvider.providerId;
-
-    const realNameAuthProvider = (await globalPrisma.realNameAuthProvider.findFirst({
-      where: {
-        backend: 'TENCENTCLOUD',
-        authType: 'tcloudphone3ef'
-      }
-    })) as RealNameAuthProvider | null;
-
-    const config = realNameAuthProvider?.config;
-
-    if (!config) {
-      throw new Error('realNameAuth: Real name authentication configuration not found');
-    }
-
-    const realNameInfo = await globalPrisma.userRealNameInfo.findUnique({
-      where: {
-        userUid: payload.userUid
-      }
-    });
-
-    if (realNameInfo && realNameInfo.isVerified) {
-      console.info(`realNameAuth: User ${payload.userUid} has already been verified`);
-      return jsonRes(res, {
-        code: 409,
-        message: 'Identity verification has been completed, cannot be repeated.'
-      });
-    }
-
-    if (realNameInfo && realNameInfo.idVerifyFailedTimes >= realNameAuthProvider.maxFailedTimes) {
-      console.info(
-        `realNameAuth: User ${payload.userUid} has reached the maximum number of failed attempts`
-      );
-      return jsonRes(res, {
-        code: 429,
-        message: 'You have exceeded the maximum number of attempts. Please submit a ticket'
-      });
-    }
-
-    const { code, data } = await tcloudphone3efVerifyService(phone, name, idCard, config);
-
-    /* '-4' and '-5' are the results of chargeable interfaces, 
-    and the number of failures is recorded for subsequent limitation.
-    */
-    if (code === '-4' || code === '-5') {
-      await globalPrisma.userRealNameInfo.upsert({
-        where: { userUid: payload.userUid },
-        update: {
-          realName: name,
-          idCard: idCard,
-          phone: phone,
-          idVerifyFailedTimes: {
-            increment: 1
-          },
-          updatedAt: new Date()
-        },
-        create: {
-          userUid: payload.userUid,
-          realName: name,
-          idCard: idCard,
-          phone: phone,
-          idVerifyFailedTimes: 1,
-          isVerified: false,
-          createdAt: new Date(),
-          updatedAt: new Date()
-        }
-      });
-    }
-
-    if (code !== 0) {
-      console.info(
-        `realNameAuth: Real name authentication failed,useruid ${payload.userUid} code:${code} data:${data}`
-      );
-      return jsonRes(res, {
-        code: 400,
-        message:
-          'Identity verification failed. Please ensure that the name, ID number, and mobile number are consistent'
-      });
-    }
-
-    await globalPrisma.userRealNameInfo.upsert({
-      where: { userUid: payload.userUid },
-      update: {
-        realName: name,
-        idCard: idCard,
-        phone: phone,
-        isVerified: true,
-        updatedAt: new Date()
-      },
-      create: {
-        userUid: payload.userUid,
-        realName: name,
-        idCard: idCard,
-        phone: phone,
-        idVerifyFailedTimes: 0,
-        isVerified: true,
-        createdAt: new Date(),
-        updatedAt: new Date()
-      }
-    });
-
-    return jsonRes(res, { code: 200, message: 'Identity verification success', data: { name } });
-  } catch (error) {
-    console.error('realNameAuth: Internal error');
-    console.error(error);
-    return jsonRes(res, { code: 500, data: 'The server has encountered an error' });
-  }
-}
-
-async function tcloudphone3efVerifyService(
-  phone: string,
-  name: string,
-  idCard: string,
-  config: TencentCloudPhone3efConfig
-) {
-  const FaceClient = tcsdk.faceid.v20180301.Client;
-  const client = new FaceClient({
-    credential: {
-      secretId: config.secretId,
-      secretKey: config.secretKey
-    },
-    profile: {
-      signMethod: 'HmacSHA256',
-      httpProfile: {
-        reqMethod: 'POST',
-        reqTimeout: 30 // Request timeout, default 60s
-      }
-    }
-  });
-
-  const res = await client.PhoneVerification({
-    Phone: phone,
-    IdCard: idCard,
-    Name: name
-  });
-
-  if (res?.Result !== '0') {
-    return { code: res?.Result, data: res?.Description };
-  }
-
-  return { code: 0, data: res?.Description };
-}
diff --git a/frontend/desktop/src/pages/api/auth/info.ts b/frontend/desktop/src/pages/api/auth/info.ts
index afbb84b5d82..3390bf44440 100644
--- a/frontend/desktop/src/pages/api/auth/info.ts
+++ b/frontend/desktop/src/pages/api/auth/info.ts
@@ -19,36 +19,42 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
         code: 401,
         message: 'invalid token'
       });
-    const [regionData, globalData, realNameInfo, restrictedUser] = await Promise.all([
-      prisma.userCr.findUnique({
-        where: {
-          uid: regionUser.userCrUid
-        }
-      }),
-      globalPrisma.user.findUnique({
-        where: {
-          uid: regionUser.userUid
-        },
-        include: {
-          oauthProvider: {
-            select: {
-              providerType: true,
-              providerId: true
+    const [regionData, globalData, realNameInfo, enterpriseRealNameInfo, restrictedUser] =
+      await Promise.all([
+        prisma.userCr.findUnique({
+          where: {
+            uid: regionUser.userCrUid
+          }
+        }),
+        globalPrisma.user.findUnique({
+          where: {
+            uid: regionUser.userUid
+          },
+          include: {
+            oauthProvider: {
+              select: {
+                providerType: true,
+                providerId: true
+              }
             }
           }
-        }
-      }),
-      globalPrisma.userRealNameInfo.findUnique({
-        where: {
-          userUid: regionUser.userUid
-        }
-      }),
-      globalPrisma.restrictedUser.findUnique({
-        where: {
-          userUid: regionUser.userUid
-        }
-      })
-    ]);
+        }),
+        globalPrisma.userRealNameInfo.findUnique({
+          where: {
+            userUid: regionUser.userUid
+          }
+        }),
+        globalPrisma.enterpriseRealNameInfo.findUnique({
+          where: {
+            userUid: regionUser.userUid
+          }
+        }),
+        globalPrisma.restrictedUser.findUnique({
+          where: {
+            userUid: regionUser.userUid
+          }
+        })
+      ]);
 
     if (!regionData || !globalData)
       return jsonRes(res, {
@@ -66,6 +72,8 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
       id: string;
       name: string;
       realName?: string;
+      enterpriseVerificationStatus?: string;
+      enterpriseRealName?: string;
       userRestrictedLevel?: number;
     } = {
       ...globalData,
@@ -98,6 +106,11 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
       info.realName = realNameInfo.realName || undefined;
     }
 
+    if (enterpriseRealNameInfo) {
+      info.enterpriseVerificationStatus = enterpriseRealNameInfo.verificationStatus || undefined;
+      info.enterpriseRealName = enterpriseRealNameInfo.enterpriseName || undefined;
+    }
+
     if (restrictedUser) {
       info.userRestrictedLevel = restrictedUser.restrictedLevel;
     }
diff --git a/frontend/desktop/src/pages/api/platform/getAuthConfig.ts b/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
index 82f094fa865..fea71d05a62 100644
--- a/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
+++ b/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
@@ -66,7 +66,7 @@ export async function getAuthClientConfig(): Promise<AuthClientConfigType> {
   try {
     if (process.env.NODE_ENV === 'development' || !global.AppConfig) {
       const filename =
-        process.env.NODE_ENV === 'development' ? 'data/config.yaml.local' : '/app/data/config.yaml';
+        process.env.NODE_ENV === 'development' ? 'data/config.local.yaml' : '/app/data/config.yaml';
       global.AppConfig = yaml.load(readFileSync(filename, 'utf-8')) as AppConfigType;
     }
     return genResAuthClientConfig(global.AppConfig.desktop.auth);
diff --git a/frontend/desktop/src/pages/api/platform/getCloudConfig.ts b/frontend/desktop/src/pages/api/platform/getCloudConfig.ts
index 17eb1613e03..ab8baf4c9a4 100644
--- a/frontend/desktop/src/pages/api/platform/getCloudConfig.ts
+++ b/frontend/desktop/src/pages/api/platform/getCloudConfig.ts
@@ -25,7 +25,7 @@ export async function getCloudConfig(): Promise<CloudConfigType> {
     if (!global.AppConfig) {
       const filename =
         process.env.NODE_ENV === 'development'
-          ? process.env.CONFIG_PATH || 'data/config.yaml.local'
+          ? process.env.CONFIG_PATH || 'data/config.local.yaml'
           : '/app/data/config.yaml';
       global.AppConfig = yaml.load(readFileSync(filename, 'utf-8')) as AppConfigType;
     }
diff --git a/frontend/desktop/src/pages/api/platform/getCommonConfig.ts b/frontend/desktop/src/pages/api/platform/getCommonConfig.ts
index d9302c3ace0..1de2dd5b796 100644
--- a/frontend/desktop/src/pages/api/platform/getCommonConfig.ts
+++ b/frontend/desktop/src/pages/api/platform/getCommonConfig.ts
@@ -18,17 +18,19 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
 }
 function genResCommonClientConfig(common: CommonConfigType): CommonClientConfigType {
   return {
+    enterpriseRealNameAuthEnabled: !!common.enterpriseRealNameAuthEnabled,
     realNameAuthEnabled: !!common.realNameAuthEnabled,
     guideEnabled: !!common.guideEnabled,
     rechargeEnabled: !!common.rechargeEnabled,
-    cfSiteKey: common.cfSiteKey || ''
+    cfSiteKey: common.cfSiteKey || '',
+    enterpriseSupportingMaterials: common.enterpriseSupportingMaterials || ''
   };
 }
 export async function getCommonClientConfig(): Promise<CommonClientConfigType> {
   try {
     if (!global.AppConfig) {
       const filename =
-        process.env.NODE_ENV === 'development' ? 'data/config.yaml.local' : '/app/data/config.yaml';
+        process.env.NODE_ENV === 'development' ? 'data/config.local.yaml' : '/app/data/config.yaml';
       global.AppConfig = yaml.load(readFileSync(filename, 'utf-8')) as AppConfigType;
     }
     return genResCommonClientConfig(global.AppConfig.common);
diff --git a/frontend/desktop/src/pages/api/platform/getLayoutConfig.ts b/frontend/desktop/src/pages/api/platform/getLayoutConfig.ts
index d871a0cc1ce..28f77d7c4f7 100644
--- a/frontend/desktop/src/pages/api/platform/getLayoutConfig.ts
+++ b/frontend/desktop/src/pages/api/platform/getLayoutConfig.ts
@@ -16,7 +16,7 @@ export async function getLayoutConfig(): Promise<LayoutConfigType> {
   try {
     if (!global.AppConfig) {
       const filename =
-        process.env.NODE_ENV === 'development' ? 'data/config.yaml.local' : '/app/data/config.yaml';
+        process.env.NODE_ENV === 'development' ? 'data/config.local.yaml' : '/app/data/config.yaml';
       global.AppConfig = yaml.load(readFileSync(filename, 'utf-8')) as AppConfigType;
     }
     return global.AppConfig.desktop.layout || DefaultLayoutConfig;
diff --git a/frontend/desktop/src/services/enable.ts b/frontend/desktop/src/services/enable.ts
index 5f4caeb3a90..91f700d9a00 100644
--- a/frontend/desktop/src/services/enable.ts
+++ b/frontend/desktop/src/services/enable.ts
@@ -1,5 +1,7 @@
 // for service
 export const enableRealNameAuth = () => global.AppConfig.common.realNameAuthEnabled || false;
+export const enableEnterpriseRealNameAuth = () =>
+  global.AppConfig.common.enterpriseRealNameAuthEnabled || false;
 export const enablePassword = () => global.AppConfig.desktop.auth.idp.password?.enabled || false;
 export const enableGithub = () => global.AppConfig.desktop.auth.idp.github?.enabled || false;
 export const enablePhoneSms = () => global.AppConfig.desktop.auth.idp.sms?.ali?.enabled || false;
diff --git a/frontend/desktop/src/types/session.ts b/frontend/desktop/src/types/session.ts
index b80fd6f4d31..043a45bae71 100644
--- a/frontend/desktop/src/types/session.ts
+++ b/frontend/desktop/src/types/session.ts
@@ -8,6 +8,8 @@ export type OAuthToken = {
 export type UserInfo = {
   readonly userRestrictedLevel?: number;
   readonly realName?: string;
+  readonly enterpriseVerificationStatus?: string;
+  readonly enterpriseRealName?: string;
   readonly k8s_username: string;
   readonly name: string;
   readonly avatar: string;
diff --git a/frontend/desktop/src/types/system.ts b/frontend/desktop/src/types/system.ts
index 598221e416b..5f237ff2355 100644
--- a/frontend/desktop/src/types/system.ts
+++ b/frontend/desktop/src/types/system.ts
@@ -8,6 +8,8 @@ export type CloudConfigType = {
 };
 
 export type CommonConfigType = {
+  enterpriseRealNameAuthEnabled: boolean;
+  enterpriseSupportingMaterials: string;
   realNameAuthEnabled: boolean;
   guideEnabled: boolean;
   apiEnabled: boolean;
@@ -176,12 +178,24 @@ export type DesktopConfigType<T = AuthConfigType> = {
   };
 };
 
+export type RealNameOSSConfigType = {
+  accessKey: string;
+  accessKeySecret: string;
+  endpoint: string;
+  ssl?: boolean;
+  port?: number;
+  realNameBucket: string;
+  enterpriseRealNameBucket: string;
+};
+
 export type AppConfigType = {
   cloud: CloudConfigType;
   common: CommonConfigType;
   database: DatabaseConfigType;
   desktop: DesktopConfigType;
+  realNameOSS: RealNameOSSConfigType;
 };
+
 export type AppClientConfigType = {
   cloud: CloudConfigType;
   common: CommonClientConfigType;
@@ -189,6 +203,8 @@ export type AppClientConfigType = {
 };
 
 export const DefaultCommonClientConfig: CommonClientConfigType = {
+  enterpriseRealNameAuthEnabled: false,
+  enterpriseSupportingMaterials: '',
   realNameAuthEnabled: false,
   guideEnabled: false,
   rechargeEnabled: false,
diff --git a/frontend/desktop/src/utils/sessionConfig.ts b/frontend/desktop/src/utils/sessionConfig.ts
index bc9c47b5aac..c1c44563f6b 100644
--- a/frontend/desktop/src/utils/sessionConfig.ts
+++ b/frontend/desktop/src/utils/sessionConfig.ts
@@ -22,6 +22,8 @@ export const sessionConfig = async ({
     user: {
       userRestrictedLevel: infoData.data?.info.userRestrictedLevel || undefined,
       realName: infoData.data?.info.realName || undefined,
+      enterpriseVerificationStatus: infoData.data?.info.enterpriseVerificationStatus || undefined,
+      enterpriseRealName: infoData.data?.info.enterpriseRealName || undefined,
       k8s_username: payload.userCrName,
       name: infoData.data?.info.nickname || '',
       avatar: infoData.data?.info.avatarUri || '',
diff --git a/frontend/pnpm-lock.yaml b/frontend/pnpm-lock.yaml
index b91c087c361..b694e8c1fd9 100644
--- a/frontend/pnpm-lock.yaml
+++ b/frontend/pnpm-lock.yaml
@@ -135,6 +135,9 @@ importers:
       eslint-config-next:
         specifier: 13.3.0
         version: 13.3.0(eslint@8.38.0)(typescript@5.2.2)
+      formidable:
+        specifier: ^3.5.1
+        version: 3.5.1
       framer-motion:
         specifier: ^10.16.4
         version: 10.16.5(react-dom@18.2.0)(react@18.2.0)
@@ -204,6 +207,9 @@ importers:
       react-draggable:
         specifier: ^4.4.6
         version: 4.4.6(react-dom@18.2.0)(react@18.2.0)
+      react-dropzone:
+        specifier: ^14.2.3
+        version: 14.2.3(react@18.2.0)
       react-hook-form:
         specifier: ^7.46.2
         version: 7.48.2(react@18.2.0)
@@ -241,6 +247,9 @@ importers:
       '@testing-library/react':
         specifier: ^14.0.0
         version: 14.1.2(react-dom@18.2.0)(react@18.2.0)
+      '@types/formidable':
+        specifier: ^3.4.5
+        version: 3.4.5
       '@types/jest':
         specifier: ^29.5.10
         version: 29.5.10

From 7b0ffaffe61431a1873a1c55830be53805999184 Mon Sep 17 00:00:00 2001
From: yy <56745951+lingdie@users.noreply.github.com>
Date: Thu, 10 Oct 2024 15:09:33 +0800
Subject: [PATCH 26/63]  ci: cloud release add skip releases. (#5135)

* fix ci

* add skip releases.
---
 .github/workflows/cloud-release.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/.github/workflows/cloud-release.yml b/.github/workflows/cloud-release.yml
index c4326acdf86..a6715e4f9e0 100644
--- a/.github/workflows/cloud-release.yml
+++ b/.github/workflows/cloud-release.yml
@@ -9,6 +9,11 @@ on:
         description: 'Tag for manual release'
         required: false
         default: ''
+      build_offline_tar_only:
+        description: 'Build offline tar only'
+        required: false
+        default: false
+        type: boolean
 
 env:
   # Common versions
@@ -20,6 +25,7 @@ jobs:
     uses: ./.github/workflows/import-save-sealos.yml
 
   release-controllers:
+    if: ${{ github.event.inputs.build_offline_tar_only == false }}
     uses: ./.github/workflows/controllers.yml
     with:
       push_image: true
@@ -27,6 +33,7 @@ jobs:
     secrets: inherit
 
   release-frontends:
+    if: ${{ github.event.inputs.build_offline_tar_only == false }}
     uses: ./.github/workflows/frontend.yml
     with:
       push_image: true
@@ -34,6 +41,7 @@ jobs:
     secrets: inherit
 
   release-service:
+    if: ${{ github.event.inputs.build_offline_tar_only == false }}
     needs:
       - save-sealos
     uses: ./.github/workflows/services.yml
@@ -43,6 +51,7 @@ jobs:
     secrets: inherit
 
   release-cloud:
+    if: ${{ github.event.inputs.build_offline_tar_only == false }}
     needs:
       - save-sealos
       - release-controllers

From 88e418bca3ae926905aaeb406e809f04596568b1 Mon Sep 17 00:00:00 2001
From: zijiren <84728412+zijiren233@users.noreply.github.com>
Date: Thu, 10 Oct 2024 15:41:40 +0800
Subject: [PATCH 27/63] fix: bool conv to str (#5136)

---
 frontend/providers/dbprovider/deploy/manifests/deploy.yaml.tmpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frontend/providers/dbprovider/deploy/manifests/deploy.yaml.tmpl b/frontend/providers/dbprovider/deploy/manifests/deploy.yaml.tmpl
index a9cbe4de585..5e561f61ef3 100644
--- a/frontend/providers/dbprovider/deploy/manifests/deploy.yaml.tmpl
+++ b/frontend/providers/dbprovider/deploy/manifests/deploy.yaml.tmpl
@@ -63,7 +63,7 @@ spec:
             - name: SHOW_DOCUMENT
               value: "true"
             - name: GUIDE_ENABLED
-              value: {{ .guideEnabled }}
+              value: "{{ .guideEnabled }}"
             - name: BILLING_URL
               value: {{ .billingUrl }}
           securityContext:

From 70abe3191c98bdf2dc1a2fcb0a95a9bae0d44815 Mon Sep 17 00:00:00 2001
From: zijiren <84728412+zijiren233@users.noreply.github.com>
Date: Thu, 10 Oct 2024 16:04:36 +0800
Subject: [PATCH 28/63] fix: template deploy env bool conv to str (#5138)

---
 frontend/providers/template/deploy/manifests/deploy.yaml.tmpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frontend/providers/template/deploy/manifests/deploy.yaml.tmpl b/frontend/providers/template/deploy/manifests/deploy.yaml.tmpl
index 0e1e18ac9f7..6e9de5d6455 100644
--- a/frontend/providers/template/deploy/manifests/deploy.yaml.tmpl
+++ b/frontend/providers/template/deploy/manifests/deploy.yaml.tmpl
@@ -83,7 +83,7 @@ spec:
             - name: ACCOUNT_URL
               value: http://account-service.account-system.svc.cluster.local:2333
             - name: GUIDE_ENABLED
-              value: {{ .guideEnabled }}
+              value: "{{ .guideEnabled }}"
             - name: BILLING_URL
               value: {{ .billingUrl }}
             - name: DESKTOP_DOMAIN

From f55786bc310f7afb2660906797aa7a9ba40b014f Mon Sep 17 00:00:00 2001
From: limbo <43649186+HUAHUAI23@users.noreply.github.com>
Date: Thu, 10 Oct 2024 18:07:54 +0800
Subject: [PATCH 29/63] fix enterprise auth translation (#5142)

---
 frontend/desktop/public/locales/en/common.json |  7 ++++---
 frontend/desktop/public/locales/zh/common.json | 16 ++++++++--------
 2 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/frontend/desktop/public/locales/en/common.json b/frontend/desktop/public/locales/en/common.json
index ce44ac4367d..37b147b2df8 100644
--- a/frontend/desktop/public/locales/en/common.json
+++ b/frontend/desktop/public/locales/en/common.json
@@ -14,16 +14,16 @@
   "and": "and",
   "app_info": "App Info",
   "app_launchpad": "App Launchpad",
-  "attachment": "appendix",
   "application_desktop": "Application desktop",
   "application_desktop_tips": "Installed application portal",
+  "attachment": "appendix",
   "avatar": "Avatar",
   "balance": "Balance",
   "bind": "Bind",
   "bind_success": "Binding successful",
   "bonus": "Bonus",
   "bound": "Bound",
-  "business_license": "operating license",
+  "business_license": "business license",
   "cancel": "Cancel",
   "change": "Change",
   "change_binding": "Change Binding",
@@ -172,7 +172,8 @@
   "please_enter_your_enterprise_name": "Please enter your business name",
   "please_fill_all_fields": "File cannot be empty",
   "please_read_and_agree_to_the_agreement": "Please read and agree to the agreement",
-  "please_upload_the_supporting_materials": "Please sign and seal near the download, and upload a photo",
+  "please_upload_the_business_license": "Please upload a photo of your business license",
+  "please_upload_the_supporting_materials": "Please sign and stamp the downloaded attachment and upload a photo",
   "privacy_policy": "Privacy Policy",
   "private_team_id_of_user": "User's ID",
   "purchase_history": "Purchase History",
diff --git a/frontend/desktop/public/locales/zh/common.json b/frontend/desktop/public/locales/zh/common.json
index cb7c1cb74a4..55c9e609a63 100644
--- a/frontend/desktop/public/locales/zh/common.json
+++ b/frontend/desktop/public/locales/zh/common.json
@@ -13,16 +13,16 @@
   "amount_forecast": "根据近一天消耗金额进行预测",
   "and": "和",
   "app_info": "应用信息",
-  "attachment": "附件",
   "application_desktop": "应用桌面",
   "application_desktop_tips": "已安装应用入口",
+  "attachment": "附件",
   "avatar": "头像",
   "balance": "余额",
   "bind": "绑定",
   "bind_success": "绑定成功",
   "bonus": "赠",
   "bound": "已绑定",
-  "business_license": "营运执照",
+  "business_license": "营业执照",
   "cancel": "取消",
   "change": "变更",
   "change_binding": "改绑",
@@ -168,8 +168,8 @@
   "please_enter_your_enterprise_name": "请输入您的企业名称",
   "please_fill_all_fields": "文件不能为空",
   "please_read_and_agree_to_the_agreement": "请阅读并同意协议",
-  "please_upload_the_business_license": "请上传企业的运营资质照片",
-  "please_upload_the_supporting_materials": "请在下载的附近上签名并盖好公章，上传照片",
+  "please_upload_the_business_license": "请上传企业的营业执照照片",
+  "please_upload_the_supporting_materials": "请在下载的附件上签名并盖好公章，上传照片",
   "privacy_policy": "隐私政策",
   "private_team_id_of_user": "用户ID",
   "purchase_history": "购买记录",
@@ -235,12 +235,12 @@
   "username": "用户名",
   "username_tips": "用户名为3-16位的英文或数字的字符",
   "usertask": {
-    "task_launchpad_desc": "一键创建容器集群，自动化 部署容器应用，并提供内 网/外网访问地址",
-    "task_launchpad_title": "部署应用",
+    "task_appstore_desc": "提供预制的多类型应用、工具模板，点击安装，自动部署",
+    "task_appstore_title": "应用商店",
     "task_database_desc": "分布式存储，兼容多语言生态，无须自行构建复杂的多节点架构",
     "task_database_title": "创建数据库",
-    "task_appstore_desc": "提供预制的多类型应用、工具模板，点击安装，自动部署",
-    "task_appstore_title": "应用商店"
+    "task_launchpad_desc": "一键创建容器集群，自动化 部署容器应用，并提供内 网/外网访问地址",
+    "task_launchpad_title": "部署应用"
   },
   "verification_code_login": "手机号登录",
   "verify_code_tips": "6位验证码",

From b64cbf5b2d07a75caf09934697ea875055d14ac4 Mon Sep 17 00:00:00 2001
From: zijiren <84728412+zijiren233@users.noreply.github.com>
Date: Fri, 11 Oct 2024 10:48:19 +0800
Subject: [PATCH 30/63] fix: upgrade higress to 2.0.1 to fix
 higress-ca-root-cert appearing in other namespaces (#5133)

---
 scripts/cloud/install.sh | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/scripts/cloud/install.sh b/scripts/cloud/install.sh
index 31b23ef5305..8b4e8736bf3 100644
--- a/scripts/cloud/install.sh
+++ b/scripts/cloud/install.sh
@@ -31,7 +31,7 @@ cilium_version=${cilium_version:-"1.15.8"}
 cert_manager_version=${cert_manager_version:-"1.14.6"}
 helm_version=${helm_version:-"3.14.1"}
 openebs_version=${openebs_version:-"3.10.0"}
-higress_version=${higress_version:-"2.0.0"}
+higress_version=${higress_version:-"2.0.1"}
 kubeblocks_version=${kubeblocks_version:-"0.8.2"}
 metrics_server_version=${metrics_server_version:-"0.6.4"}
 victoria_metrics_k8s_stack_version=${victoria_metrics_k8s_stack_version:-"1.96.0"}
@@ -86,7 +86,7 @@ Options:
   --cert-manager-version            # Cert Manager version (default: 1.14.6)
   --helm-version                    # Helm version (default: 3.14.1)
   --openebs-version                 # OpenEBS version (default: 3.10.0)
-  --higress-version                 # Higress version (default: 2.0.0)
+  --higress-version                 # Higress version (default: 2.0.1)
   --kubeblocks-version              # Kubeblocks version (default: 0.8.2)
   --metrics-server-version          # Metrics Server version (default: 0.6.4)
   --cloud-version                   # Sealos Cloud version (default: latest)
@@ -155,7 +155,7 @@ Options:
   --cert-manager-version          # Cert Manager版本 (默认: 1.14.6)
   --helm-version                  # Helm版本 (默认: 3.14.1)
   --openebs-version               # OpenEBS版本 (默认: 3.10.0)
-  --higress-version               # Higress版本 (默认: 2.0.0)
+  --higress-version               # Higress版本 (默认: 2.0.1)
   --kubeblocks-version            # Kubeblocks版本 (默认: 0.8.2)
   --metrics-server-version        # Metrics Server版本 (默认: 0.6.4)
   --cloud-version                 # Sealos Cloud版本 (默认: latest)
@@ -271,7 +271,7 @@ init() {
     pull_image "cert-manager" "v${cert_manager_version#v:-1.14.6}"
     pull_image "helm" "v${helm_version#v:-3.14.1}"
     pull_image "openebs" "v${openebs_version#v:-3.10.0}"
-    pull_image "higress" "v${higress_version#v:-2.0.0}"
+    pull_image "higress" "v${higress_version#v:-2.0.1}"
     pull_image "kubeblocks" "v${kubeblocks_version#v:-0.8.2}"
     pull_image "kubeblocks-redis" "v${kubeblocks_version#v:-0.8.2}"
     pull_image "kubeblocks-apecloud-mysql" "v${kubeblocks_version#v:-0.8.2}"
@@ -441,7 +441,7 @@ spec:
         requests:
           cpu: 256m
           memory: 256Mi
-  match: ${image_registry}/${image_repository}/higress:v${higress_version#v:-2.0.0}
+  match: ${image_registry}/${image_repository}/higress:v${higress_version#v:-2.0.1}
   path: charts/higress/charts/higress-core/values.yaml
   strategy: merge
 "
@@ -454,7 +454,7 @@ metadata:
 spec:
   data: |
     replicaCount: 0
-  match: ${image_registry}/${image_repository}/higress:v${higress_version#v:-2.0.0}
+  match: ${image_registry}/${image_repository}/higress:v${higress_version#v:-2.0.1}
   path: charts/higress/charts/higress-console/values.yaml
   strategy: merge
 "
@@ -761,7 +761,7 @@ EOF
     sealos run "${image_registry}/${image_repository}/victoria-metrics-k8s-stack:v${victoria_metrics_k8s_stack_version#v:-1.96.0}"
 
     get_prompt "partner_installation"
-    sealos run ${image_registry}/${image_repository}/higress:v${higress_version#v:-2.0.0} --config-file $CLOUD_DIR/higress-config.yaml --config-file $CLOUD_DIR/higress-console-config.yaml
+    sealos run ${image_registry}/${image_repository}/higress:v${higress_version#v:-2.0.1} --config-file $CLOUD_DIR/higress-config.yaml --config-file $CLOUD_DIR/higress-console-config.yaml
     kubectl apply -f $CLOUD_DIR/higress-https.yaml
     kubectl apply -f $CLOUD_DIR/higress-plugins.yaml
     get_prompt "optimizing_h2_buffer"

From d9ff2d864ee660339d35ed72ffcce850c76b3af2 Mon Sep 17 00:00:00 2001
From: zzjin <zzjin@users.noreply.github.com>
Date: Fri, 11 Oct 2024 11:23:35 +0800
Subject: [PATCH 31/63] Unify devbox app-cr name. (#5145)

Signed-off-by: zzjin <tczzjin@gmail.com>
---
 frontend/providers/devbox/deploy/manifests/appcr.yaml.tmpl | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/frontend/providers/devbox/deploy/manifests/appcr.yaml.tmpl b/frontend/providers/devbox/deploy/manifests/appcr.yaml.tmpl
index 4de58237028..dcda26c247d 100644
--- a/frontend/providers/devbox/deploy/manifests/appcr.yaml.tmpl
+++ b/frontend/providers/devbox/deploy/manifests/appcr.yaml.tmpl
@@ -10,9 +10,9 @@ spec:
   icon: 'https://devbox.{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}/logo.svg'
   i18n:
     zh:
-      name: 云沙箱
+      name: Devbox
     zh-Hans:
-      name: 云沙箱
+      name: Devbox
   name: devbox
   type: iframe
   displayType: normal

From 66097b1a021f852eaaa9f07431e0edef6e46113e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=A6=B4=E8=8E=B2=E6=A6=B4=E8=8E=B2?= <78798447@qq.com>
Date: Fri, 11 Oct 2024 18:21:40 +0800
Subject: [PATCH 32/63] docs: update links (#5128)

---
 .../lifecycle-management/lifecycle-management.md     |  2 +-
 .../quick-start/deploy-kubernetes.md                 |  2 +-
 .../reference/sealos/commands/apply.md               |  2 +-
 .../reference/sealos/commands/build.md               | 12 ++++++------
 .../reference/sealos/commands/commands.md            |  4 ++--
 .../reference/sealos/commands/gen.md                 |  2 +-
 .../reference/sealos/commands/manifest.md            |  2 +-
 .../reference/sealos/commands/run.md                 |  2 +-
 .../lifecycle-management/reference/sealos/sealos.md  |  6 +++---
 docs/5.0/docs/developer-guide/sealos/installation.md |  2 +-
 .../lifecycle-management/lifecycle-management.md     |  2 +-
 .../quick-start/deploy-kubernetes.md                 |  2 +-
 .../lifecycle-management/quick-start/install-cli.md  |  2 +-
 .../reference/sealos/commands/apply.md               |  2 +-
 .../reference/sealos/commands/build.md               | 12 ++++++------
 .../reference/sealos/commands/commands.md            |  2 +-
 .../reference/sealos/commands/gen.md                 |  2 +-
 .../reference/sealos/commands/manifest.md            |  2 +-
 .../reference/sealos/commands/run.md                 |  2 +-
 .../lifecycle-management/reference/sealos/sealos.md  |  6 +++---
 .../zh-Hans/developer-guide/sealos/installation.md   |  2 +-
 21 files changed, 36 insertions(+), 36 deletions(-)

diff --git a/docs/5.0/docs/developer-guide/lifecycle-management/lifecycle-management.md b/docs/5.0/docs/developer-guide/lifecycle-management/lifecycle-management.md
index 81e46c7d4ed..630413ae83e 100644
--- a/docs/5.0/docs/developer-guide/lifecycle-management/lifecycle-management.md
+++ b/docs/5.0/docs/developer-guide/lifecycle-management/lifecycle-management.md
@@ -72,7 +72,7 @@ $ sealos run labring/redis-operator:3.1.4
 For cluster images not available in the Sealos ecosystem, users can easily build and customize their own cluster images.
 For example:
 
-[Building an Ingress Cluster Image](/self-hosting/lifecycle-management/quick-start/build-ingress-cluster-image.md)
+[Building an Ingress Cluster Image](/developer-guide/lifecycle-management/quick-start/build-ingress-cluster-image.md)
 
 You can also customize your own Kubernetes cluster:
 
diff --git a/docs/5.0/docs/developer-guide/lifecycle-management/quick-start/deploy-kubernetes.md b/docs/5.0/docs/developer-guide/lifecycle-management/quick-start/deploy-kubernetes.md
index e0acd3af8fb..abf24cf22a6 100644
--- a/docs/5.0/docs/developer-guide/lifecycle-management/quick-start/deploy-kubernetes.md
+++ b/docs/5.0/docs/developer-guide/lifecycle-management/quick-start/deploy-kubernetes.md
@@ -10,7 +10,7 @@ Sealos supports installing Kubernetes clusters on `amd64` and `arm64` architectu
 
 ## Prerequisites
 
-You'll first need to [download the Sealos CLI tool](/self-hosting/lifecycle-management/quick-start/install-cli.md).
+You'll first need to [download the Sealos CLI tool](/developer-guide/lifecycle-management/quick-start/install-cli.md).
 Sealos is a simple Golang binary that can be installed on most Linux operating systems.
 
 Here are some basic installation requirements:
diff --git a/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/apply.md b/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/apply.md
index 6131d3fe81b..4c79c068f7b 100644
--- a/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/apply.md
+++ b/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/apply.md
@@ -82,7 +82,7 @@ sealos apply -f Clusterfile --values values.yaml
 
 This command will apply the `Clusterfile` based on the values in the `values.yaml` file.
 
-**For more examples, please refer to the [Run Cluster](/self-hosting/lifecycle-management/operations/run-cluster/.md)
+**For more examples, please refer to the [Run Cluster](/developer-guide/lifecycle-management/operations/run-cluster/.md)
 section.**
 
 That's it for the usage guide of the `sealos apply` command. We hope this helps you. If you have any questions or
diff --git a/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/build.md b/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/build.md
index 67df5a4b660..665e2281fd4 100644
--- a/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/build.md
+++ b/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/build.md
@@ -76,12 +76,12 @@ process, greatly improving the convenience and efficiency of building images.
 
 Here are some detailed examples:
 
-- [Build with Image Manifests](/self-hosting/lifecycle-management/operations/build-image/build-image-image_list.md)
-- [Build with Deploy Manifests](/self-hosting/lifecycle-management/operations/build-image/build-image-manifests.md)
-- [Build with Helm Charts](/self-hosting/lifecycle-management/operations/build-image/build-image-helm_charts.md)
-- [Build with Binary](/self-hosting/lifecycle-management/operations/build-image/build-image-binary.md)
-- [Build with go-template](/self-hosting/lifecycle-management/operations/build-image/build-image-go_template.md)
-- [Build with exec and scp](/self-hosting/lifecycle-management/operations/build-image/build-image-scp_exec.md)
+- [Build with Image Manifests](/developer-guide/lifecycle-management/operations/build-image/build-image-image_list.md)
+- [Build with Deploy Manifests](/developer-guide/lifecycle-management/operations/build-image/build-image-manifests.md)
+- [Build with Helm Charts](/developer-guide/lifecycle-management/operations/build-image/build-image-helm_charts.md)
+- [Build with Binary](/developer-guide/lifecycle-management/operations/build-image/build-image-binary.md)
+- [Build with go-template](/developer-guide/lifecycle-management/operations/build-image/build-image-go_template.md)
+- [Build with exec and scp](/developer-guide/lifecycle-management/operations/build-image/build-image-scp_exec.md)
 
 With the `build` command in Sealos, you can build OCI images based on various instruction files to provide the required
 images for Sealos. This process includes handling various instructions in Dockerfiles or other instruction files, such
diff --git a/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/commands.md b/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/commands.md
index b9739326dd7..f387f4fb910 100644
--- a/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/commands.md
+++ b/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/commands.md
@@ -57,5 +57,5 @@ The `--debug` flag in Sealos is a global flag used to enable debug mode for more
 operation when issues occur.
 
 For installation instructions, please refer to
-the [Sealos Installation Guide](/self-hosting/lifecycle-management/quick-start/installation); for a quick start guide,
-please refer to the [Quick Start Guide](/self-hosting/lifecycle-management/quick-start/.md).
+the [Sealos Installation Guide](/developer-guide/lifecycle-management/quick-start/installation); for a quick start guide,
+please refer to the [Quick Start Guide](/developer-guide/lifecycle-management/quick-start/.md).
diff --git a/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/gen.md b/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/gen.md
index a9e358e84de..510cf229103 100644
--- a/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/gen.md
+++ b/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/gen.md
@@ -50,7 +50,7 @@ command to create or update the cluster based on this configuration file.
 
 Example explanations:
 
-- [Custom Configuration Installation](/self-hosting/lifecycle-management/operations/run-cluster/gen-apply-cluster.md)
+- [Custom Configuration Installation](/developer-guide/lifecycle-management/operations/run-cluster/gen-apply-cluster.md)
 
 That's the usage guide for the `sealos gen` command, and we hope it has been helpful. If you encounter any problems
 during usage, feel free to ask us.
diff --git a/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/manifest.md b/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/manifest.md
index 0fbb627dc2b..1326a68652d 100644
--- a/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/manifest.md
+++ b/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/manifest.md
@@ -31,4 +31,4 @@ multi-architecture Docker or OCI images. Users can create custom manifest lists
 convenient to deploy and run Docker images on different hardware architectures.
 
 Users who want to build multi-architecture images through the manifest command can refer to the
-document [Building Cluster Images that Support Multiple Architectures](/self-hosting/lifecycle-management/operations/build-image/build-multi-arch-image.md).
+document [Building Cluster Images that Support Multiple Architectures](/developer-guide/lifecycle-management/operations/build-image/build-multi-arch-image.md).
diff --git a/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/run.md b/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/run.md
index 1c0ad8589f0..c0d3089052c 100644
--- a/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/run.md
+++ b/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/commands/run.md
@@ -88,4 +88,4 @@ sealos run -e DashBoardPort=8443 mydashboard:latest  --masters 192.168.0.2,192.1
 These examples demonstrate the power and flexibility of the `sealos run` command, which can be customized and adjusted
 according to your needs.
 
-For more examples, please refer to [Run Cluster](/self-hosting/lifecycle-management/operations/run-cluster.md).
+For more examples, please refer to [Run Cluster](/developer-guide/lifecycle-management/operations/run-cluster.md).
diff --git a/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/sealos.md b/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/sealos.md
index 4982be8a0c9..e62e147d722 100644
--- a/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/sealos.md
+++ b/docs/5.0/docs/developer-guide/lifecycle-management/reference/sealos/sealos.md
@@ -13,7 +13,7 @@ images, and perform other functions. Below are detailed introductions to these c
 This chapter provides a user guide for using Sealos, as well as information related to cluster images.
 
 - Sealos User Guide: For detailed information about each command, including all supported parameters and subcommands,
-  please refer to the [sealos](/self-hosting/lifecycle-management/reference/sealos/commands.md) reference documentation.
+  please refer to the [sealos](/developer-guide/lifecycle-management/reference/sealos/commands.md) reference documentation.
 - Cluster Images:
-    - [Rootfs Cluster Images](/self-hosting/lifecycle-management/reference/sealos/kubernetes-cluster-image.md)
-    - [Application Cluster Images](/self-hosting/lifecycle-management/reference/sealos/app-cluster-image.md)
+    - [Rootfs Cluster Images](/developer-guide/lifecycle-management/reference/sealos/kubernetes-cluster-image.md)
+    - [Application Cluster Images](/developer-guide/lifecycle-management/reference/sealos/app-cluster-image.md)
diff --git a/docs/5.0/docs/developer-guide/sealos/installation.md b/docs/5.0/docs/developer-guide/sealos/installation.md
index 3c57bd39d58..65948142f03 100644
--- a/docs/5.0/docs/developer-guide/sealos/installation.md
+++ b/docs/5.0/docs/developer-guide/sealos/installation.md
@@ -87,7 +87,7 @@ This script is specifically designed for deploying Sealos clusters on "Kubernete
 not compatible with Kubernetes clusters set up in other ways.
 
 For instructions on deploying Kubernetes clusters using Sealos, refer
-to: [Installing Kubernetes Clusters](/self-hosting/lifecycle-management/quick-start/deploy-kubernetes.md). This method
+to: [Installing Kubernetes Clusters](/developer-guide/lifecycle-management/quick-start/deploy-kubernetes.md). This method
 is compatible with most Kubernetes versions available on [Docker Hub](https://hub.docker.com/r/labring/kubernetes/tags),
 except for version 1.28 and higher.
 :::
diff --git a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/lifecycle-management.md b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/lifecycle-management.md
index c5d05e571b2..9ade8de8d26 100644
--- a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/lifecycle-management.md
+++ b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/lifecycle-management.md
@@ -64,7 +64,7 @@ $ sealos run labring/redis-operator:3.1.4
 
 对于 Sealos 生态没有的集群镜像，用户可以方便地自己构建和定制属于自己的集群镜像。例如：
 
-[构建一个 ingress 集群镜像](/self-hosting/lifecycle-management/quick-start/build-ingress-cluster-image.md)
+[构建一个 ingress 集群镜像](/developer-guide/lifecycle-management/quick-start/build-ingress-cluster-image.md)
 
 您还可以定制一个完全属于自己的 Kubernetes：
 
diff --git a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/quick-start/deploy-kubernetes.md b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/quick-start/deploy-kubernetes.md
index 7d75fb25586..9079de5dea3 100644
--- a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/quick-start/deploy-kubernetes.md
+++ b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/quick-start/deploy-kubernetes.md
@@ -10,7 +10,7 @@ Sealos 支持安装 `amd64` 和 `arm64` 架构的 K8s 集群。
 
 ## 先决条件 
 
-首先需要[下载 Sealos 命令行工具](/self-hosting/lifecycle-management/quick-start/install-cli.md)，sealos 是一个简单的 Golang 二进制文件，可以安装在大多数 Linux 操作系统中。
+首先需要[下载 Sealos 命令行工具](/developer-guide/lifecycle-management/quick-start/install-cli.md)，sealos 是一个简单的 Golang 二进制文件，可以安装在大多数 Linux 操作系统中。
 
 以下是一些基本的安装要求： 
 
diff --git a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/quick-start/install-cli.md b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/quick-start/install-cli.md
index 878cdb44e2a..59a78822922 100644
--- a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/quick-start/install-cli.md
+++ b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/quick-start/install-cli.md
@@ -97,5 +97,5 @@ $ make build BINS=sealos
 
 ## 下一步
 
-[安装 K8s 集群](/self-hosting/lifecycle-management/quick-start/deploy-kubernetes.md)。
+[安装 K8s 集群](/developer-guide/lifecycle-management/quick-start/deploy-kubernetes.md)。
 
diff --git a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/apply.md b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/apply.md
index 4b0aac5a94c..cd0de789994 100644
--- a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/apply.md
+++ b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/apply.md
@@ -81,6 +81,6 @@ sealos apply -f Clusterfile --values values.yaml
 
 这条命令会根据 `values.yaml` 文件中的值应用 `Clusterfile`。
 
-**更多示例请参考[启动镜像](/self-hosting/lifecycle-management/operations/run-cluster/)**
+**更多示例请参考[启动镜像](/developer-guide/lifecycle-management/operations/run-cluster/)**
 
 以上就是 `sealos apply` 命令的使用指南，希望对你有所帮助。如果你在使用过程中遇到任何问题，欢迎向我们提问。
diff --git a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/build.md b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/build.md
index ec01d976a16..9420f6d6149 100644
--- a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/build.md
+++ b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/build.md
@@ -59,12 +59,12 @@ sealos build -t myapp:v1.0.0 -f Dockerfile .
 
 下面有一些详细的示例：
 
-- [基于镜像清单构建](/self-hosting/lifecycle-management/operations/build-image/build-image-image_list.md)
-- [基于部署清单构建](/self-hosting/lifecycle-management/operations/build-image/build-image-manifests.md)
-- [基于helm-charts构建](/self-hosting/lifecycle-management/operations/build-image/build-image-helm_charts.md)
-- [基于二进制构建](/self-hosting/lifecycle-management/operations/build-image/build-image-binary.md)
-- [基于go-template构建](/self-hosting/lifecycle-management/operations/build-image/build-image-go_template.md)
-- [基于exec和scp构建](/self-hosting/lifecycle-management/operations/build-image/build-image-scp_exec.md)
+- [基于镜像清单构建](/developer-guide/lifecycle-management/operations/build-image/build-image-image_list.md)
+- [基于部署清单构建](/developer-guide/lifecycle-management/operations/build-image/build-image-manifests.md)
+- [基于helm-charts构建](/developer-guide/lifecycle-management/operations/build-image/build-image-helm_charts.md)
+- [基于二进制构建](/developer-guide/lifecycle-management/operations/build-image/build-image-binary.md)
+- [基于go-template构建](/developer-guide/lifecycle-management/operations/build-image/build-image-go_template.md)
+- [基于exec和scp构建](/developer-guide/lifecycle-management/operations/build-image/build-image-scp_exec.md)
 
 通过 Sealos `build` 命令，可以基于多种指令文件构建 OCI 镜像，为sealos提供所需的镜像。这个过程包括处理 Dockerfile 或其他指令文件中的各种指令，如 `FROM`、`RUN`、`ADD` 等，以及处理镜像层次、镜像标签等。构建过程也包括拉取基础镜像、运行命令、保存结果等步骤。每一个步骤都可以通过上述的选项进行详细的控制和定制，以满足不同的构建需求。
 
diff --git a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/commands.md b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/commands.md
index d64a6ad183a..8d0b4f0aeff 100644
--- a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/commands.md
+++ b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/commands.md
@@ -55,4 +55,4 @@ description: 了解Sealos命令，包括Kubernetes集群管理、节点管理、
 
 Sealos 的 `--debug` 参数是一个全局参数，用于开启调试模式，以便在出现问题时能更详细地了解系统的运行情况。
 
-有关安装说明，请参见[下载 Sealos 命令行工具](/self-hosting/lifecycle-management/quick-start/install-cli.md)； 如需安装 Kubernetes 集群，请参见[安装 Kubernetes 集群](/self-hosting/lifecycle-management/quick-start/deploy-kubernetes.md)。
\ No newline at end of file
+有关安装说明，请参见[下载 Sealos 命令行工具](/developer-guide/lifecycle-management/quick-start/install-cli.md)； 如需安装 Kubernetes 集群，请参见[安装 Kubernetes 集群](/developer-guide/lifecycle-management/quick-start/deploy-kubernetes.md)。
\ No newline at end of file
diff --git a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/gen.md b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/gen.md
index 0d87d0607b2..c6e0ef99777 100644
--- a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/gen.md
+++ b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/gen.md
@@ -46,6 +46,6 @@ Sealos 的 `gen` 命令是用于生成 Kubernetes 集群的配置文件（Cluste
 
 示例说明：
 
-- [自定义配置安装](/self-hosting/lifecycle-management/operations/run-cluster/gen-apply-cluster.md)
+- [自定义配置安装](/developer-guide/lifecycle-management/operations/run-cluster/gen-apply-cluster.md)
 
 以上就是 `sealos gen` 命令的使用指南，希望对你有所帮助。如果你在使用过程中遇到任何问题，欢迎向我们提问。
diff --git a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/manifest.md b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/manifest.md
index c09226bbd43..0d638010a11 100644
--- a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/manifest.md
+++ b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/manifest.md
@@ -19,4 +19,4 @@ Sealos 的 `manifest` 命令用于创建、修改和推送 manifest 列表和镜
 
 通过 `sealos manifest` 命令，可以灵活地管理 manifest 列表或镜像索引，为多架构的 Docker 或 OCI 镜像提供支持。用户可以根据自己的需求，创建自定义的 manifest 列表，方便在不同的硬件架构上部署和运行 Docker 镜像。
 
-用户如果想通过manifest命令构建多架构镜像，可以参考文档[构建支持多架构的集群镜像](/self-hosting/lifecycle-management/operations/build-image/build-multi-arch-image.md)
+用户如果想通过manifest命令构建多架构镜像，可以参考文档[构建支持多架构的集群镜像](/developer-guide/lifecycle-management/operations/build-image/build-multi-arch-image.md)
diff --git a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/run.md b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/run.md
index 4901bda34b1..d5a44283aaa 100644
--- a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/run.md
+++ b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/commands/run.md
@@ -83,4 +83,4 @@ sealos run -e DashBoardPort=8443 mydashboard:latest  --masters 192.168.0.2,192.1
 
 这些示例展示了 `sealos run` 命令的强大和灵活性，可以根据您的需求进行定制和调整。
 
-更多示例请参考 [运行集群](/self-hosting/lifecycle-management/operations/run-cluster.md)。
+更多示例请参考 [运行集群](/developer-guide/lifecycle-management/operations/run-cluster.md)。
diff --git a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/sealos.md b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/sealos.md
index 9d17e9bcae1..5948b3cd081 100644
--- a/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/sealos.md
+++ b/docs/5.0/i18n/zh-Hans/developer-guide/lifecycle-management/reference/sealos/sealos.md
@@ -10,9 +10,9 @@ Sealos 是一个统一的云操作系统，用于管理云原生应用。它提
 
 本章节主要介绍 Sealos 的使用指南以及集群镜像相关说明。
 
-- Sealos使用指南： 有关每个命令的详细信息，包括所有受支持的参数和子命令， 请参阅 [sealos](/self-hosting/lifecycle-management/reference/sealos/commands.md) 参考文档。
+- Sealos使用指南： 有关每个命令的详细信息，包括所有受支持的参数和子命令， 请参阅 [sealos](/developer-guide/lifecycle-management/reference/sealos/commands.md) 参考文档。
 - 集群镜像:
-  - [Rootfs集群镜像](/self-hosting/lifecycle-management/reference/sealos/kubernetes-cluster-image.md)
-  - [Application集群镜像](/self-hosting/lifecycle-management/reference/sealos/app-cluster-image.md)
+  - [Rootfs集群镜像](/developer-guide/lifecycle-management/reference/sealos/kubernetes-cluster-image.md)
+  - [Application集群镜像](/developer-guide/lifecycle-management/reference/sealos/app-cluster-image.md)
 
 
diff --git a/docs/5.0/i18n/zh-Hans/developer-guide/sealos/installation.md b/docs/5.0/i18n/zh-Hans/developer-guide/sealos/installation.md
index c8808661e09..bbe924dd257 100644
--- a/docs/5.0/i18n/zh-Hans/developer-guide/sealos/installation.md
+++ b/docs/5.0/i18n/zh-Hans/developer-guide/sealos/installation.md
@@ -84,7 +84,7 @@ Sealos 需要使用证书来保证通信安全，默认在您不提供证书的
 该脚本只支持在 “使用 Sealos 安装的 Kubernetes 集群” 上部署 Sealos 集群，暂不支持其他方式部署的 Kubernetes。
 
 关于如何使用 Sealos 部署 Kubernetes
-集群，可以参考：[安装 Kubernetes 集群](/self-hosting/lifecycle-management/quick-start/deploy-kubernetes.md)
+集群，可以参考：[安装 Kubernetes 集群](/developer-guide/lifecycle-management/quick-start/deploy-kubernetes.md)
 ，支持 [Docker Hub](https://hub.docker.com/r/labring/kubernetes/tags) 中的几乎所有 Kubernetes 版本（**暂不支持 1.28 及以上版本
 **）。
 

From b38d6b1cdeb93a3d94d99f7e3343f3b1ea06b93b Mon Sep 17 00:00:00 2001
From: yangxg <yangxggo@163.com>
Date: Fri, 11 Oct 2024 18:24:41 +0800
Subject: [PATCH 33/63] fix: sealos reset panic (#5147)

Signed-off-by: yangxg <yangxggo@163.com>
---
 pkg/bootstrap/context.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/pkg/bootstrap/context.go b/pkg/bootstrap/context.go
index 83046018117..d89676af3db 100644
--- a/pkg/bootstrap/context.go
+++ b/pkg/bootstrap/context.go
@@ -68,7 +68,10 @@ func NewContextFrom(cluster *v2.Cluster) Context {
 	remoter := ssh.NewRemoteFromSSH(cluster.GetName(), execer)
 
 	rootfsImage := cluster.GetRootfsImage()
-	rootfsEnvs := v2.MergeEnvWithBuiltinKeys(rootfsImage.Env, *rootfsImage)
+	var rootfsEnvs map[string]string
+	if rootfsImage != nil {
+		rootfsEnvs = v2.MergeEnvWithBuiltinKeys(rootfsImage.Env, *rootfsImage)
+	}
 
 	// bootstrap process depends on the envs in the rootfs image
 	shellWrapper := func(host, shell string) string {

From 2e31c99ea803a53dc5dcaf2ee2538b020fa05b60 Mon Sep 17 00:00:00 2001
From: Jiahui <4543bxy@gmail.com>
Date: Sat, 12 Oct 2024 10:33:01 +0800
Subject: [PATCH 34/63] Modify the dbprovider cost estimate obtained through
 the account service (#5146)

---
 .../src/pages/api/platform/resourcePrice.ts   | 79 ++++++++-----------
 .../providers/dbprovider/src/types/user.d.ts  |  1 +
 2 files changed, 33 insertions(+), 47 deletions(-)

diff --git a/frontend/providers/dbprovider/src/pages/api/platform/resourcePrice.ts b/frontend/providers/dbprovider/src/pages/api/platform/resourcePrice.ts
index 0dcfa2d1f2d..05de97e0ee4 100644
--- a/frontend/providers/dbprovider/src/pages/api/platform/resourcePrice.ts
+++ b/frontend/providers/dbprovider/src/pages/api/platform/resourcePrice.ts
@@ -1,8 +1,7 @@
 import type { NextApiRequest, NextApiResponse } from 'next';
-import * as yaml from 'js-yaml';
-import { getK8s } from '@/services/backend/kubernetes';
 import { jsonRes } from '@/services/backend/response';
 import { authSession } from '@/services/backend/auth';
+import type { userPriceType } from '@/types/user';
 
 export type Response = {
   cpu: number;
@@ -10,6 +9,17 @@ export type Response = {
   storage: number;
   nodeports: number;
 };
+
+type ResourcePriceType = {
+  data: {
+    properties: {
+      name: string;
+      unit_price: number;
+      unit: string;
+    }[];
+  };
+};
+
 type ResourceType =
   | 'cpu'
   | 'infra-cpu'
@@ -21,75 +31,50 @@ type ResourceType =
   | 'infra-memory'
   | 'infra-disk'
   | 'services.nodeports';
-type PriceCrdType = {
-  apiVersion: 'account.sealos.io/v1';
-  kind: 'PriceQuery';
-  status: {
-    billingRecords: {
-      price: number;
-      resourceType: ResourceType;
-    }[];
-  };
-};
+
 const PRICE_SCALE = 1000000;
 
 export const valuationMap: Record<string, number> = {
   cpu: 1000,
   memory: 1024,
-  storage: 1024
+  storage: 1024,
+  'services.nodeports': 1000
 };
 
 export default async function handler(req: NextApiRequest, res: NextApiResponse) {
   try {
-    // source price
-    const { applyYamlList, k8sCustomObjects, namespace } = await getK8s({
-      kubeconfig: await authSession(req)
-    });
+    const priceResponse = await getResourcePrice();
 
-    const crdJson = {
-      apiVersion: `account.sealos.io/v1`,
-      kind: 'PriceQuery',
-      metadata: {
-        name: 'prices',
-        namespace
-      },
-      spec: {}
-    };
-
-    const crdYaml = yaml.dump(crdJson);
-
-    try {
-      await applyYamlList([crdYaml], 'replace');
-      await new Promise<void>((resolve) => setTimeout(() => resolve(), 1000));
-    } catch (error) {}
-
-    const { body: priceResponse } = (await k8sCustomObjects.getNamespacedCustomObject(
-      'account.sealos.io',
-      'v1',
-      namespace,
-      'pricequeries',
-      crdJson.metadata.name
-    )) as { body: PriceCrdType };
-
-    const data = {
+    const data: userPriceType = {
       cpu: countSourcePrice(priceResponse, 'cpu'),
       memory: countSourcePrice(priceResponse, 'memory'),
       storage: countSourcePrice(priceResponse, 'storage'),
       nodeports: countSourcePrice(priceResponse, 'services.nodeports')
     };
 
-    jsonRes(res, {
+    jsonRes<userPriceType>(res, {
       data
     });
   } catch (error) {
+    console.log(error);
     jsonRes(res, { code: 500, message: 'get price error' });
   }
 }
 
-function countSourcePrice(rawData: PriceCrdType, type: ResourceType) {
-  const rawPrice =
-    rawData?.status?.billingRecords.find((item) => item.resourceType === type)?.price || 1;
+function countSourcePrice(rawData: ResourcePriceType['data']['properties'], type: ResourceType) {
+  const rawPrice = rawData.find((item) => item.name === type)?.unit_price || 1;
   const sourceScale = rawPrice * (valuationMap[type] || 1);
   const unitScale = sourceScale / PRICE_SCALE;
   return unitScale;
 }
+
+const getResourcePrice = async () => {
+  const url = process.env.BILLING_URL;
+
+  const res = await fetch(`${url}/account/v1alpha1/properties`, {
+    method: 'POST'
+  });
+  const data: ResourcePriceType = await res.json();
+
+  return data.data.properties;
+};
diff --git a/frontend/providers/dbprovider/src/types/user.d.ts b/frontend/providers/dbprovider/src/types/user.d.ts
index 2d7c9ff54c5..6261dcd88d3 100644
--- a/frontend/providers/dbprovider/src/types/user.d.ts
+++ b/frontend/providers/dbprovider/src/types/user.d.ts
@@ -25,6 +25,7 @@ export type userPriceType = {
   cpu: number;
   memory: number;
   storage: number;
+  nodeports: number;
   gpu?: { alias: string; type: string; price: number; inventory: number; vm: number }[];
 };
 

From 98395f7dc1582013ee20a8f147573cd2227614ea Mon Sep 17 00:00:00 2001
From: Jiahui <4543bxy@gmail.com>
Date: Sat, 12 Oct 2024 15:40:07 +0800
Subject: [PATCH 35/63] remove unused code (#5134)

---
 controllers/account/Makefile                  |   4 +-
 controllers/account/PROJECT                   |  47 --
 .../account/api/v1/billinginfoquery_types.go  |  79 --
 .../api/v1/billingrecordquery_types.go        |  99 ---
 controllers/account/api/v1/debt_webhook.go    |   2 +-
 .../api/v1/namespacebillinghistory_types.go   |  65 --
 .../account/api/v1/pricequery_types.go        |  64 --
 controllers/account/api/v1/transfer_types.go  |  88 ---
 .../account/api/v1/zz_generated.deepcopy.go   | 583 +-------------
 .../crd/bases/account.sealos.io_accounts.yaml |  28 +-
 .../account.sealos.io_billinginfoqueries.yaml |  85 --
 ...ccount.sealos.io_billingrecordqueries.yaml | 153 ----
 .../crd/bases/account.sealos.io_debts.yaml    |  32 +-
 ...t.sealos.io_namespacebillinghistories.yaml |  91 ---
 .../crd/bases/account.sealos.io_payments.yaml |  34 +-
 .../bases/account.sealos.io_pricequeries.yaml |  80 --
 .../bases/account.sealos.io_transfers.yaml    |  82 --
 .../account/config/crd/kustomization.yaml     |   6 -
 .../cainjection_in_billinginfoqueries.yaml    |  21 -
 .../cainjection_in_billingrecordqueries.yaml  |  21 -
 ...njection_in_namespacebillinghistories.yaml |  21 -
 .../patches/cainjection_in_pricequeries.yaml  |  21 -
 .../webhook_in_billinginfoqueries.yaml        |  30 -
 .../webhook_in_billingrecordqueries.yaml      |  30 -
 .../webhook_in_namespacebillinghistories.yaml |  30 -
 .../crd/patches/webhook_in_pricequeries.yaml  |  30 -
 .../default/manager_auth_proxy_patch.yaml     |  45 +-
 .../rbac/billinginfoquery_editor_role.yaml    |  38 -
 .../rbac/billinginfoquery_viewer_role.yaml    |  34 -
 .../rbac/billingrecordquery_editor_role.yaml  |  38 -
 .../rbac/billingrecordquery_viewer_role.yaml  |  34 -
 .../namespacebillinghistory_editor_role.yaml  |  38 -
 .../namespacebillinghistory_viewer_role.yaml  |  34 -
 .../config/rbac/pricequery_editor_role.yaml   |  38 -
 .../config/rbac/pricequery_viewer_role.yaml   |  34 -
 controllers/account/config/rbac/role.yaml     | 113 +--
 .../config/rbac/transfer_editor_role.yaml     |  38 -
 .../config/rbac/transfer_viewer_role.yaml     |  34 -
 .../samples/account_v1_billinginfoquery.yaml  |  20 -
 .../account_v1_billingrecordquery.yaml        |  20 -
 .../account_v1_namespacebillinghistory.yaml   |  20 -
 .../config/samples/account_v1_pricequery.yaml |  20 -
 .../config/samples/account_v1_transfer.yaml   |  20 -
 .../account/config/webhook/manifests.yaml     |  43 +-
 .../account/controllers/account_controller.go |  54 +-
 .../controllers/account_controller_test.go    |  61 --
 .../account/controllers/accountv2_test.go     | 215 ------
 .../billinginfoquery_controller.go            | 195 -----
 .../billingrecordquery_controller.go          | 169 ----
 .../account/controllers/cache/cache.go        |   7 +-
 .../account/controllers/debt_controller.go    |   2 +-
 .../namespacebillinghistory_controller.go     | 123 ---
 .../controllers/transfer_controller.go        | 256 ------
 .../account/deploy/manifests/deploy.yaml      | 728 ++----------------
 controllers/account/main.go                   |  29 -
 .../pkg/database/cockroach/accountv2.go       | 219 +-----
 controllers/pkg/database/interface.go         |  26 -
 controllers/pkg/database/mongo/account.go     | 399 +---------
 .../pkg/database/mongo/account_test.go        | 235 ------
 controllers/pkg/database/mongo/user.go        |  15 -
 controllers/pkg/database/mongo/user_test.go   |  15 -
 controllers/pkg/metering/README.md            |  94 ---
 .../api/v1/extensionresourceprice_types.go    |  77 --
 .../pkg/metering/api/v1/groupversion_info.go  |  36 -
 .../pkg/metering/api/v1/resource_types.go     |  80 --
 .../metering/api/v1/zz_generated.deepcopy.go  | 285 -------
 ...mon.sealos.io_extensionresourceprices.yaml |  96 ---
 .../metering.common.sealos.io_resources.yaml  |  84 --
 .../metering/config/crd/kustomization.yaml    |  38 -
 ...cainjection_in_extensionresourceprice.yaml |  21 -
 .../crd/patches/cainjection_in_resources.yaml |  21 -
 controllers/pkg/resources/named.go            | 105 ---
 controllers/pkg/types/global.go               |  44 --
 73 files changed, 198 insertions(+), 6018 deletions(-)
 delete mode 100644 controllers/account/api/v1/billinginfoquery_types.go
 delete mode 100644 controllers/account/api/v1/billingrecordquery_types.go
 delete mode 100644 controllers/account/api/v1/namespacebillinghistory_types.go
 delete mode 100644 controllers/account/api/v1/pricequery_types.go
 delete mode 100644 controllers/account/api/v1/transfer_types.go
 delete mode 100644 controllers/account/config/crd/bases/account.sealos.io_billinginfoqueries.yaml
 delete mode 100644 controllers/account/config/crd/bases/account.sealos.io_billingrecordqueries.yaml
 delete mode 100644 controllers/account/config/crd/bases/account.sealos.io_namespacebillinghistories.yaml
 delete mode 100644 controllers/account/config/crd/bases/account.sealos.io_pricequeries.yaml
 delete mode 100644 controllers/account/config/crd/bases/account.sealos.io_transfers.yaml
 delete mode 100644 controllers/account/config/crd/patches/cainjection_in_billinginfoqueries.yaml
 delete mode 100644 controllers/account/config/crd/patches/cainjection_in_billingrecordqueries.yaml
 delete mode 100644 controllers/account/config/crd/patches/cainjection_in_namespacebillinghistories.yaml
 delete mode 100644 controllers/account/config/crd/patches/cainjection_in_pricequeries.yaml
 delete mode 100644 controllers/account/config/crd/patches/webhook_in_billinginfoqueries.yaml
 delete mode 100644 controllers/account/config/crd/patches/webhook_in_billingrecordqueries.yaml
 delete mode 100644 controllers/account/config/crd/patches/webhook_in_namespacebillinghistories.yaml
 delete mode 100644 controllers/account/config/crd/patches/webhook_in_pricequeries.yaml
 delete mode 100644 controllers/account/config/rbac/billinginfoquery_editor_role.yaml
 delete mode 100644 controllers/account/config/rbac/billinginfoquery_viewer_role.yaml
 delete mode 100644 controllers/account/config/rbac/billingrecordquery_editor_role.yaml
 delete mode 100644 controllers/account/config/rbac/billingrecordquery_viewer_role.yaml
 delete mode 100644 controllers/account/config/rbac/namespacebillinghistory_editor_role.yaml
 delete mode 100644 controllers/account/config/rbac/namespacebillinghistory_viewer_role.yaml
 delete mode 100644 controllers/account/config/rbac/pricequery_editor_role.yaml
 delete mode 100644 controllers/account/config/rbac/pricequery_viewer_role.yaml
 delete mode 100644 controllers/account/config/rbac/transfer_editor_role.yaml
 delete mode 100644 controllers/account/config/rbac/transfer_viewer_role.yaml
 delete mode 100644 controllers/account/config/samples/account_v1_billinginfoquery.yaml
 delete mode 100644 controllers/account/config/samples/account_v1_billingrecordquery.yaml
 delete mode 100644 controllers/account/config/samples/account_v1_namespacebillinghistory.yaml
 delete mode 100644 controllers/account/config/samples/account_v1_pricequery.yaml
 delete mode 100644 controllers/account/config/samples/account_v1_transfer.yaml
 delete mode 100644 controllers/account/controllers/billinginfoquery_controller.go
 delete mode 100644 controllers/account/controllers/billingrecordquery_controller.go
 delete mode 100644 controllers/account/controllers/namespacebillinghistory_controller.go
 delete mode 100644 controllers/account/controllers/transfer_controller.go
 delete mode 100644 controllers/pkg/database/mongo/user.go
 delete mode 100644 controllers/pkg/database/mongo/user_test.go
 delete mode 100644 controllers/pkg/metering/README.md
 delete mode 100644 controllers/pkg/metering/api/v1/extensionresourceprice_types.go
 delete mode 100644 controllers/pkg/metering/api/v1/groupversion_info.go
 delete mode 100644 controllers/pkg/metering/api/v1/resource_types.go
 delete mode 100644 controllers/pkg/metering/api/v1/zz_generated.deepcopy.go
 delete mode 100644 controllers/pkg/metering/config/crd/bases/metering.common.sealos.io_extensionresourceprices.yaml
 delete mode 100644 controllers/pkg/metering/config/crd/bases/metering.common.sealos.io_resources.yaml
 delete mode 100644 controllers/pkg/metering/config/crd/kustomization.yaml
 delete mode 100644 controllers/pkg/metering/config/crd/patches/cainjection_in_extensionresourceprice.yaml
 delete mode 100644 controllers/pkg/metering/config/crd/patches/cainjection_in_resources.yaml

diff --git a/controllers/account/Makefile b/controllers/account/Makefile
index 06035dfcf40..4ae4bcf65af 100644
--- a/controllers/account/Makefile
+++ b/controllers/account/Makefile
@@ -121,8 +121,8 @@ CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen
 ENVTEST ?= $(LOCALBIN)/setup-envtest
 
 ## Tool Versions
-KUSTOMIZE_VERSION ?= v4.2.0
-CONTROLLER_TOOLS_VERSION ?= v0.8.0
+KUSTOMIZE_VERSION ?= v5.3.0
+CONTROLLER_TOOLS_VERSION ?= v0.14.0
 
 KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"
 .PHONY: kustomize
diff --git a/controllers/account/PROJECT b/controllers/account/PROJECT
index a045cbb63ae..7ec96ae439b 100644
--- a/controllers/account/PROJECT
+++ b/controllers/account/PROJECT
@@ -5,13 +5,10 @@ projectName: account
 repo: github.com/labring/sealos/controllers/account
 resources:
 - api:
-    crdVersion: v1
-    namespaced: true
   controller: true
   domain: sealos.io
   group: account
   kind: Account
-  path: github.com/labring/sealos/controllers/account/api/v1
   version: v1
 - api:
     crdVersion: v1
@@ -39,23 +36,6 @@ resources:
   group: account
   kind: Billing
   version: v1
-- api:
-    crdVersion: v1
-    namespaced: true
-  controller: true
-  domain: sealos.io
-  group: account
-  kind: BillingRecordQuery
-  path: github.com/labring/sealos/controllers/account/api/v1
-  version: v1
-- api:
-    crdVersion: v1
-    namespaced: true
-  domain: sealos.io
-  group: account
-  kind: PriceQuery
-  path: github.com/labring/sealos/controllers/account/api/v1
-  version: v1
 - controller: true
   group: core
   kind: Pod
@@ -66,31 +46,4 @@ resources:
   kind: Namespace
   path: k8s.io/api/core/v1
   version: v1
-- api:
-    crdVersion: v1
-    namespaced: true
-  controller: true
-  domain: sealos.io
-  group: account
-  kind: Transfer
-  path: github.com/labring/sealos/controllers/account/api/v1
-  version: v1
-- api:
-    crdVersion: v1
-    namespaced: true
-  controller: true
-  domain: sealos.io
-  group: account
-  kind: NamespaceBillingHistory
-  path: github.com/labring/sealos/controllers/account/api/v1
-  version: v1
-- api:
-    crdVersion: v1
-    namespaced: true
-  controller: true
-  domain: sealos.io
-  group: account
-  kind: BillingInfoQuery
-  path: github.com/labring/sealos/controllers/account/api/v1
-  version: v1
 version: "3"
diff --git a/controllers/account/api/v1/billinginfoquery_types.go b/controllers/account/api/v1/billinginfoquery_types.go
deleted file mode 100644
index 05721066c3e..00000000000
--- a/controllers/account/api/v1/billinginfoquery_types.go
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
-Copyright 2023.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package v1
-
-import (
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-)
-
-// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
-// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
-
-const (
-	QueryTypeNamespacesHistory = "NamespacesHistory"
-	QueryTypeProperties        = "Properties"
-	QueryTypeAppType           = "AppType"
-	QueryTypeRecharge          = "Recharge"
-)
-
-// BillingInfoQuerySpec defines the desired state of BillingInfoQuery
-type BillingInfoQuerySpec struct {
-	QueryType string            `json:"queryType"`
-	Args      map[string]string `json:"args,omitempty"`
-}
-
-// BillingInfoQueryStatus defines the observed state of BillingInfoQuery
-type BillingInfoQueryStatus struct {
-	Result        string `json:"result"`
-	Status        Status `json:"status"`
-	StatusDetails string `json:"statusDetails"`
-}
-
-//+kubebuilder:object:root=true
-//+kubebuilder:subresource:status
-
-// BillingInfoQuery is the Schema for the billinginfoqueries API
-type BillingInfoQuery struct {
-	metav1.TypeMeta   `json:",inline"`
-	metav1.ObjectMeta `json:"metadata,omitempty"`
-
-	Spec   BillingInfoQuerySpec   `json:"spec,omitempty"`
-	Status BillingInfoQueryStatus `json:"status,omitempty"`
-}
-
-type BillingPropertiesForQuery struct {
-}
-
-type PropertyQuery struct {
-	Name      string  `json:"name" bson:"name"`
-	Alias     string  `json:"alias" bson:"alias"`
-	UnitPrice float64 `json:"unit_price" bson:"unit_price"`
-	Unit      string  `json:"unit" bson:"unit"`
-}
-
-//+kubebuilder:object:root=true
-
-// BillingInfoQueryList contains a list of BillingInfoQuery
-type BillingInfoQueryList struct {
-	metav1.TypeMeta `json:",inline"`
-	metav1.ListMeta `json:"metadata,omitempty"`
-	Items           []BillingInfoQuery `json:"items"`
-}
-
-func init() {
-	SchemeBuilder.Register(&BillingInfoQuery{}, &BillingInfoQueryList{})
-}
diff --git a/controllers/account/api/v1/billingrecordquery_types.go b/controllers/account/api/v1/billingrecordquery_types.go
deleted file mode 100644
index 853894f5cff..00000000000
--- a/controllers/account/api/v1/billingrecordquery_types.go
+++ /dev/null
@@ -1,99 +0,0 @@
-/*
-Copyright 2023.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package v1
-
-import (
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-
-	"github.com/labring/sealos/controllers/pkg/common"
-)
-
-// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
-// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
-
-// BillingRecordQuerySpec defines the desired state of BillingRecordQuery
-type BillingRecordQuerySpec struct {
-	// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
-	// Important: Run "make" to regenerate code after modifying this file
-	Page      int         `json:"page"`
-	PageSize  int         `json:"pageSize"`
-	Namespace string      `json:"namespace,omitempty"`
-	StartTime metav1.Time `json:"startTime"`
-	EndTime   metav1.Time `json:"endTime"`
-	OrderID   string      `json:"orderID,omitempty"`
-	Type      Type        `json:"type"`
-	AppType   string      `json:"appType,omitempty"`
-}
-
-// BillingRecordQueryStatus defines the observed state of BillingRecordQuery
-type BillingRecordQueryStatus struct {
-	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
-	// Important: Run "make" to regenerate code after modifying this file
-	TotalCount      int                      `json:"totalCount"`
-	PageLength      int                      `json:"pageLength"`
-	RechargeAmount  int64                    `json:"rechargeAmount"`
-	DeductionAmount int64                    `json:"deductionAmount,omitempty"`
-	Items           []BillingRecordQueryItem `json:"item,omitempty"`
-	Status          string                   `json:"status"`
-}
-
-type BillingRecordQueryItem struct {
-	Time                         metav1.Time `json:"time" bson:"time"`
-	BillingRecordQueryItemInline `json:",inline"`
-}
-
-type BillingRecordQueryItemInline struct {
-	Name      string      `json:"name,omitempty" bson:"name,omitempty"`
-	OrderID   string      `json:"order_id" bson:"order_id"`
-	Namespace string      `json:"namespace,omitempty" bson:"namespace,omitempty"`
-	Type      common.Type `json:"type" bson:"type"`
-	AppType   string      `json:"appType,omitempty" bson:"appType,omitempty"`
-	Costs     Costs       `json:"costs,omitempty" bson:"costs,omitempty"`
-	//Amount = PaymentAmount + GiftAmount
-	Amount int64 `json:"amount,omitempty" bson:"amount"`
-	// when Type = Recharge, PaymentAmount is the amount of recharge
-	Payment *PaymentForQuery `json:"payment,omitempty" bson:"payment,omitempty"`
-}
-
-type PaymentForQuery struct {
-	Amount int64 `json:"amount,omitempty" bson:"amount,omitempty"`
-}
-
-//+kubebuilder:object:root=true
-//+kubebuilder:subresource:status
-
-// BillingRecordQuery is the Schema for the billingrecordqueries API
-type BillingRecordQuery struct {
-	metav1.TypeMeta   `json:",inline"`
-	metav1.ObjectMeta `json:"metadata,omitempty"`
-
-	Spec   BillingRecordQuerySpec   `json:"spec,omitempty"`
-	Status BillingRecordQueryStatus `json:"status,omitempty"`
-}
-
-//+kubebuilder:object:root=true
-
-// BillingRecordQueryList contains a list of BillingRecordQuery
-type BillingRecordQueryList struct {
-	metav1.TypeMeta `json:",inline"`
-	metav1.ListMeta `json:"metadata,omitempty"`
-	Items           []BillingRecordQuery `json:"items"`
-}
-
-func init() {
-	SchemeBuilder.Register(&BillingRecordQuery{}, &BillingRecordQueryList{})
-}
diff --git a/controllers/account/api/v1/debt_webhook.go b/controllers/account/api/v1/debt_webhook.go
index 942a9f05bd8..cd475ba2935 100644
--- a/controllers/account/api/v1/debt_webhook.go
+++ b/controllers/account/api/v1/debt_webhook.go
@@ -54,7 +54,7 @@ const (
 
 var logger = logf.Log.WithName("debt-resource")
 
-//+kubebuilder:webhook:path=/validate-v1-sealos-cloud,mutating=false,failurePolicy=ignore,groups="*",resources=*,verbs=create;update;delete,versions=v1,name=debt.sealos.io,admissionReviewVersions=v1,sideEffects=None
+//+kubebuilder:webhook:path=/validate-v1-sealos-cloud,mutating=false,failurePolicy=ignore,groups="*",resources=*,verbs=create;update;delete,versions=v1,name=debt.sealos.io,admissionReviewVersions=v1,sideEffects=None,timeoutSeconds=10
 // +kubebuilder:object:generate=false
 
 type DebtValidate struct {
diff --git a/controllers/account/api/v1/namespacebillinghistory_types.go b/controllers/account/api/v1/namespacebillinghistory_types.go
deleted file mode 100644
index cb0db06d8f3..00000000000
--- a/controllers/account/api/v1/namespacebillinghistory_types.go
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
-Copyright 2023.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package v1
-
-import (
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-)
-
-// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
-// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
-
-// NamespaceBillingHistorySpec defines the desired state of NamespaceBillingHistory
-type NamespaceBillingHistorySpec struct {
-	StartTime metav1.Time `json:"startTime,omitempty"`
-	EndTime   metav1.Time `json:"endTime,omitempty"`
-	Type      Type        `json:"type"`
-}
-
-// NamespaceBillingHistoryStatus defines the observed state of NamespaceBillingHistory
-type NamespaceBillingHistoryStatus struct {
-	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
-	// Important: Run "make" to regenerate code after modifying this file
-	NamespaceList []string `json:"namespaceList,omitempty"`
-	Status        Status   `json:"status,omitempty"`
-	Detail        string   `json:"detail,omitempty"`
-}
-
-//+kubebuilder:object:root=true
-//+kubebuilder:subresource:status
-
-// NamespaceBillingHistory is the Schema for the namespacebillinghistories API
-type NamespaceBillingHistory struct {
-	metav1.TypeMeta   `json:",inline"`
-	metav1.ObjectMeta `json:"metadata,omitempty"`
-
-	Spec   NamespaceBillingHistorySpec   `json:"spec,omitempty"`
-	Status NamespaceBillingHistoryStatus `json:"status,omitempty"`
-}
-
-//+kubebuilder:object:root=true
-
-// NamespaceBillingHistoryList contains a list of NamespaceBillingHistory
-type NamespaceBillingHistoryList struct {
-	metav1.TypeMeta `json:",inline"`
-	metav1.ListMeta `json:"metadata,omitempty"`
-	Items           []NamespaceBillingHistory `json:"items"`
-}
-
-func init() {
-	SchemeBuilder.Register(&NamespaceBillingHistory{}, &NamespaceBillingHistoryList{})
-}
diff --git a/controllers/account/api/v1/pricequery_types.go b/controllers/account/api/v1/pricequery_types.go
deleted file mode 100644
index d887903063e..00000000000
--- a/controllers/account/api/v1/pricequery_types.go
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
-Copyright 2023.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package v1
-
-import (
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-)
-
-// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
-// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
-
-// PriceQuerySpec defines the desired state of PriceQuery
-type PriceQuerySpec struct {
-}
-
-// PriceQueryStatus defines the observed state of PriceQuery
-type PriceQueryStatus struct {
-	BillingRecords []BillingRecord `json:"billingRecords,omitempty"`
-}
-
-type BillingRecord struct {
-	ResourceType string `json:"resourceType"`
-	Price        string `json:"price"`
-	DiscountType string `json:"discountType,omitempty"`
-}
-
-//+kubebuilder:object:root=true
-//+kubebuilder:subresource:status
-
-// PriceQuery is the Schema for the pricequeries API
-type PriceQuery struct {
-	metav1.TypeMeta   `json:",inline"`
-	metav1.ObjectMeta `json:"metadata,omitempty"`
-
-	Spec   PriceQuerySpec   `json:"spec,omitempty"`
-	Status PriceQueryStatus `json:"status,omitempty"`
-}
-
-//+kubebuilder:object:root=true
-
-// PriceQueryList contains a list of PriceQuery
-type PriceQueryList struct {
-	metav1.TypeMeta `json:",inline"`
-	metav1.ListMeta `json:"metadata,omitempty"`
-	Items           []PriceQuery `json:"items"`
-}
-
-func init() {
-	SchemeBuilder.Register(&PriceQuery{}, &PriceQueryList{})
-}
diff --git a/controllers/account/api/v1/transfer_types.go b/controllers/account/api/v1/transfer_types.go
deleted file mode 100644
index ef4ac535d72..00000000000
--- a/controllers/account/api/v1/transfer_types.go
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
-Copyright 2023.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package v1
-
-import (
-	"fmt"
-
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-)
-
-type TransferState int
-
-const (
-	TransferStatePending TransferState = iota
-	TransferStateInProgress
-	TransferStateCompleted
-	TransferStateFailed
-)
-
-// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
-// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
-
-// TransferSpec defines the desired state of Transfer
-type TransferSpec struct {
-	From string `json:"from,omitempty"`
-	To   string `json:"to"`
-	// +kubebuilder:validation:Minimum=1000000
-	Amount int64 `json:"amount"`
-}
-
-// TransferStatus defines the observed state of Transfer
-type TransferStatus struct {
-	Reason   string        `json:"reason,omitempty"`
-	Progress TransferState `json:"progress,omitempty"`
-}
-
-//+kubebuilder:object:root=true
-//+kubebuilder:subresource:status
-
-// Transfer is the Schema for the transfers API
-type Transfer struct {
-	metav1.TypeMeta   `json:",inline"`
-	metav1.ObjectMeta `json:"metadata,omitempty"`
-
-	Spec   TransferSpec   `json:"spec,omitempty"`
-	Status TransferStatus `json:"status,omitempty"`
-}
-
-//+kubebuilder:object:root=true
-
-// TransferList contains a list of Transfer
-type TransferList struct {
-	metav1.TypeMeta `json:",inline"`
-	metav1.ListMeta `json:"metadata,omitempty"`
-	Items           []Transfer `json:"items"`
-}
-
-func init() {
-	SchemeBuilder.Register(&Transfer{}, &TransferList{})
-}
-
-func (t *Transfer) ToJSON() string {
-	return `{
-	"spec": {
-		"from": "` + t.Spec.From + `",
-		"to": "` + t.Spec.To + `",
-		"amount": ` + fmt.Sprint(t.Spec.Amount) + `
-	},
-	"status": {
-		"reason": "` + t.Status.Reason + `",
-		"progress": "` + string(rune(t.Status.Progress)) + `"
-	}
-}`
-}
diff --git a/controllers/account/api/v1/zz_generated.deepcopy.go b/controllers/account/api/v1/zz_generated.deepcopy.go
index 279d4cc627a..de436afff0d 100644
--- a/controllers/account/api/v1/zz_generated.deepcopy.go
+++ b/controllers/account/api/v1/zz_generated.deepcopy.go
@@ -1,5 +1,4 @@
 //go:build !ignore_autogenerated
-// +build !ignore_autogenerated
 
 /*
 Copyright 2023.
@@ -131,274 +130,6 @@ func (in *AccountStatus) DeepCopy() *AccountStatus {
 	return out
 }
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *BillingInfoQuery) DeepCopyInto(out *BillingInfoQuery) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-	in.Spec.DeepCopyInto(&out.Spec)
-	out.Status = in.Status
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BillingInfoQuery.
-func (in *BillingInfoQuery) DeepCopy() *BillingInfoQuery {
-	if in == nil {
-		return nil
-	}
-	out := new(BillingInfoQuery)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *BillingInfoQuery) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *BillingInfoQueryList) DeepCopyInto(out *BillingInfoQueryList) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ListMeta.DeepCopyInto(&out.ListMeta)
-	if in.Items != nil {
-		in, out := &in.Items, &out.Items
-		*out = make([]BillingInfoQuery, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BillingInfoQueryList.
-func (in *BillingInfoQueryList) DeepCopy() *BillingInfoQueryList {
-	if in == nil {
-		return nil
-	}
-	out := new(BillingInfoQueryList)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *BillingInfoQueryList) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *BillingInfoQuerySpec) DeepCopyInto(out *BillingInfoQuerySpec) {
-	*out = *in
-	if in.Args != nil {
-		in, out := &in.Args, &out.Args
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BillingInfoQuerySpec.
-func (in *BillingInfoQuerySpec) DeepCopy() *BillingInfoQuerySpec {
-	if in == nil {
-		return nil
-	}
-	out := new(BillingInfoQuerySpec)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *BillingInfoQueryStatus) DeepCopyInto(out *BillingInfoQueryStatus) {
-	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BillingInfoQueryStatus.
-func (in *BillingInfoQueryStatus) DeepCopy() *BillingInfoQueryStatus {
-	if in == nil {
-		return nil
-	}
-	out := new(BillingInfoQueryStatus)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *BillingPropertiesForQuery) DeepCopyInto(out *BillingPropertiesForQuery) {
-	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BillingPropertiesForQuery.
-func (in *BillingPropertiesForQuery) DeepCopy() *BillingPropertiesForQuery {
-	if in == nil {
-		return nil
-	}
-	out := new(BillingPropertiesForQuery)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *BillingRecord) DeepCopyInto(out *BillingRecord) {
-	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BillingRecord.
-func (in *BillingRecord) DeepCopy() *BillingRecord {
-	if in == nil {
-		return nil
-	}
-	out := new(BillingRecord)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *BillingRecordQuery) DeepCopyInto(out *BillingRecordQuery) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-	in.Spec.DeepCopyInto(&out.Spec)
-	in.Status.DeepCopyInto(&out.Status)
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BillingRecordQuery.
-func (in *BillingRecordQuery) DeepCopy() *BillingRecordQuery {
-	if in == nil {
-		return nil
-	}
-	out := new(BillingRecordQuery)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *BillingRecordQuery) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *BillingRecordQueryItem) DeepCopyInto(out *BillingRecordQueryItem) {
-	*out = *in
-	in.Time.DeepCopyInto(&out.Time)
-	in.BillingRecordQueryItemInline.DeepCopyInto(&out.BillingRecordQueryItemInline)
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BillingRecordQueryItem.
-func (in *BillingRecordQueryItem) DeepCopy() *BillingRecordQueryItem {
-	if in == nil {
-		return nil
-	}
-	out := new(BillingRecordQueryItem)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *BillingRecordQueryItemInline) DeepCopyInto(out *BillingRecordQueryItemInline) {
-	*out = *in
-	if in.Costs != nil {
-		in, out := &in.Costs, &out.Costs
-		*out = make(Costs, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
-	}
-	if in.Payment != nil {
-		in, out := &in.Payment, &out.Payment
-		*out = new(PaymentForQuery)
-		**out = **in
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BillingRecordQueryItemInline.
-func (in *BillingRecordQueryItemInline) DeepCopy() *BillingRecordQueryItemInline {
-	if in == nil {
-		return nil
-	}
-	out := new(BillingRecordQueryItemInline)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *BillingRecordQueryList) DeepCopyInto(out *BillingRecordQueryList) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ListMeta.DeepCopyInto(&out.ListMeta)
-	if in.Items != nil {
-		in, out := &in.Items, &out.Items
-		*out = make([]BillingRecordQuery, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BillingRecordQueryList.
-func (in *BillingRecordQueryList) DeepCopy() *BillingRecordQueryList {
-	if in == nil {
-		return nil
-	}
-	out := new(BillingRecordQueryList)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *BillingRecordQueryList) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *BillingRecordQuerySpec) DeepCopyInto(out *BillingRecordQuerySpec) {
-	*out = *in
-	in.StartTime.DeepCopyInto(&out.StartTime)
-	in.EndTime.DeepCopyInto(&out.EndTime)
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BillingRecordQuerySpec.
-func (in *BillingRecordQuerySpec) DeepCopy() *BillingRecordQuerySpec {
-	if in == nil {
-		return nil
-	}
-	out := new(BillingRecordQuerySpec)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *BillingRecordQueryStatus) DeepCopyInto(out *BillingRecordQueryStatus) {
-	*out = *in
-	if in.Items != nil {
-		in, out := &in.Items, &out.Items
-		*out = make([]BillingRecordQueryItem, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BillingRecordQueryStatus.
-func (in *BillingRecordQueryStatus) DeepCopy() *BillingRecordQueryStatus {
-	if in == nil {
-		return nil
-	}
-	out := new(BillingRecordQueryStatus)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *Charge) DeepCopyInto(out *Charge) {
 	*out = *in
@@ -516,7 +247,9 @@ func (in *DebtStatus) DeepCopyInto(out *DebtStatus) {
 	if in.DebtStatusRecords != nil {
 		in, out := &in.DebtStatusRecords, &out.DebtStatusRecords
 		*out = make([]DebtStatusRecord, len(*in))
-		copy(*out, *in)
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
 	}
 }
 
@@ -533,6 +266,7 @@ func (in *DebtStatus) DeepCopy() *DebtStatus {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *DebtStatusRecord) DeepCopyInto(out *DebtStatusRecord) {
 	*out = *in
+	in.UpdateTime.DeepCopyInto(&out.UpdateTime)
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DebtStatusRecord.
@@ -545,102 +279,6 @@ func (in *DebtStatusRecord) DeepCopy() *DebtStatusRecord {
 	return out
 }
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *NamespaceBillingHistory) DeepCopyInto(out *NamespaceBillingHistory) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-	in.Spec.DeepCopyInto(&out.Spec)
-	in.Status.DeepCopyInto(&out.Status)
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespaceBillingHistory.
-func (in *NamespaceBillingHistory) DeepCopy() *NamespaceBillingHistory {
-	if in == nil {
-		return nil
-	}
-	out := new(NamespaceBillingHistory)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *NamespaceBillingHistory) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *NamespaceBillingHistoryList) DeepCopyInto(out *NamespaceBillingHistoryList) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ListMeta.DeepCopyInto(&out.ListMeta)
-	if in.Items != nil {
-		in, out := &in.Items, &out.Items
-		*out = make([]NamespaceBillingHistory, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespaceBillingHistoryList.
-func (in *NamespaceBillingHistoryList) DeepCopy() *NamespaceBillingHistoryList {
-	if in == nil {
-		return nil
-	}
-	out := new(NamespaceBillingHistoryList)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *NamespaceBillingHistoryList) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *NamespaceBillingHistorySpec) DeepCopyInto(out *NamespaceBillingHistorySpec) {
-	*out = *in
-	in.StartTime.DeepCopyInto(&out.StartTime)
-	in.EndTime.DeepCopyInto(&out.EndTime)
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespaceBillingHistorySpec.
-func (in *NamespaceBillingHistorySpec) DeepCopy() *NamespaceBillingHistorySpec {
-	if in == nil {
-		return nil
-	}
-	out := new(NamespaceBillingHistorySpec)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *NamespaceBillingHistoryStatus) DeepCopyInto(out *NamespaceBillingHistoryStatus) {
-	*out = *in
-	if in.NamespaceList != nil {
-		in, out := &in.NamespaceList, &out.NamespaceList
-		*out = make([]string, len(*in))
-		copy(*out, *in)
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespaceBillingHistoryStatus.
-func (in *NamespaceBillingHistoryStatus) DeepCopy() *NamespaceBillingHistoryStatus {
-	if in == nil {
-		return nil
-	}
-	out := new(NamespaceBillingHistoryStatus)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *Payment) DeepCopyInto(out *Payment) {
 	*out = *in
@@ -668,21 +306,6 @@ func (in *Payment) DeepCopyObject() runtime.Object {
 	return nil
 }
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PaymentForQuery) DeepCopyInto(out *PaymentForQuery) {
-	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PaymentForQuery.
-func (in *PaymentForQuery) DeepCopy() *PaymentForQuery {
-	if in == nil {
-		return nil
-	}
-	out := new(PaymentForQuery)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *PaymentList) DeepCopyInto(out *PaymentList) {
 	*out = *in
@@ -744,201 +367,3 @@ func (in *PaymentStatus) DeepCopy() *PaymentStatus {
 	in.DeepCopyInto(out)
 	return out
 }
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PriceQuery) DeepCopyInto(out *PriceQuery) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-	out.Spec = in.Spec
-	in.Status.DeepCopyInto(&out.Status)
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriceQuery.
-func (in *PriceQuery) DeepCopy() *PriceQuery {
-	if in == nil {
-		return nil
-	}
-	out := new(PriceQuery)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *PriceQuery) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PriceQueryList) DeepCopyInto(out *PriceQueryList) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ListMeta.DeepCopyInto(&out.ListMeta)
-	if in.Items != nil {
-		in, out := &in.Items, &out.Items
-		*out = make([]PriceQuery, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriceQueryList.
-func (in *PriceQueryList) DeepCopy() *PriceQueryList {
-	if in == nil {
-		return nil
-	}
-	out := new(PriceQueryList)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *PriceQueryList) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PriceQuerySpec) DeepCopyInto(out *PriceQuerySpec) {
-	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriceQuerySpec.
-func (in *PriceQuerySpec) DeepCopy() *PriceQuerySpec {
-	if in == nil {
-		return nil
-	}
-	out := new(PriceQuerySpec)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PriceQueryStatus) DeepCopyInto(out *PriceQueryStatus) {
-	*out = *in
-	if in.BillingRecords != nil {
-		in, out := &in.BillingRecords, &out.BillingRecords
-		*out = make([]BillingRecord, len(*in))
-		copy(*out, *in)
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriceQueryStatus.
-func (in *PriceQueryStatus) DeepCopy() *PriceQueryStatus {
-	if in == nil {
-		return nil
-	}
-	out := new(PriceQueryStatus)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PropertyQuery) DeepCopyInto(out *PropertyQuery) {
-	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PropertyQuery.
-func (in *PropertyQuery) DeepCopy() *PropertyQuery {
-	if in == nil {
-		return nil
-	}
-	out := new(PropertyQuery)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *Transfer) DeepCopyInto(out *Transfer) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-	out.Spec = in.Spec
-	out.Status = in.Status
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Transfer.
-func (in *Transfer) DeepCopy() *Transfer {
-	if in == nil {
-		return nil
-	}
-	out := new(Transfer)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *Transfer) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *TransferList) DeepCopyInto(out *TransferList) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ListMeta.DeepCopyInto(&out.ListMeta)
-	if in.Items != nil {
-		in, out := &in.Items, &out.Items
-		*out = make([]Transfer, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TransferList.
-func (in *TransferList) DeepCopy() *TransferList {
-	if in == nil {
-		return nil
-	}
-	out := new(TransferList)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *TransferList) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *TransferSpec) DeepCopyInto(out *TransferSpec) {
-	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TransferSpec.
-func (in *TransferSpec) DeepCopy() *TransferSpec {
-	if in == nil {
-		return nil
-	}
-	out := new(TransferSpec)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *TransferStatus) DeepCopyInto(out *TransferStatus) {
-	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TransferStatus.
-func (in *TransferStatus) DeepCopy() *TransferStatus {
-	if in == nil {
-		return nil
-	}
-	out := new(TransferStatus)
-	in.DeepCopyInto(out)
-	return out
-}
diff --git a/controllers/account/config/crd/bases/account.sealos.io_accounts.yaml b/controllers/account/config/crd/bases/account.sealos.io_accounts.yaml
index ab6de6f2fb5..f47c776de17 100644
--- a/controllers/account/config/crd/bases/account.sealos.io_accounts.yaml
+++ b/controllers/account/config/crd/bases/account.sealos.io_accounts.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2023 sealos.
+# Copyright © 2024 sealos.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,8 +17,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
-  creationTimestamp: null
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: accounts.account.sealos.io
 spec:
   group: account.sealos.io
@@ -35,14 +34,19 @@ spec:
         description: Account is the Schema for the accounts API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
@@ -101,9 +105,3 @@ spec:
     storage: true
     subresources:
       status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
diff --git a/controllers/account/config/crd/bases/account.sealos.io_billinginfoqueries.yaml b/controllers/account/config/crd/bases/account.sealos.io_billinginfoqueries.yaml
deleted file mode 100644
index e5fcd756538..00000000000
--- a/controllers/account/config/crd/bases/account.sealos.io_billinginfoqueries.yaml
+++ /dev/null
@@ -1,85 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
-  creationTimestamp: null
-  name: billinginfoqueries.account.sealos.io
-spec:
-  group: account.sealos.io
-  names:
-    kind: BillingInfoQuery
-    listKind: BillingInfoQueryList
-    plural: billinginfoqueries
-    singular: billinginfoquery
-  scope: Namespaced
-  versions:
-  - name: v1
-    schema:
-      openAPIV3Schema:
-        description: BillingInfoQuery is the Schema for the billinginfoqueries API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: BillingInfoQuerySpec defines the desired state of BillingInfoQuery
-            properties:
-              args:
-                additionalProperties:
-                  type: string
-                type: object
-              queryType:
-                type: string
-            required:
-            - queryType
-            type: object
-          status:
-            description: BillingInfoQueryStatus defines the observed state of BillingInfoQuery
-            properties:
-              result:
-                type: string
-              status:
-                type: string
-              statusDetails:
-                type: string
-            required:
-            - result
-            - status
-            - statusDetails
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
diff --git a/controllers/account/config/crd/bases/account.sealos.io_billingrecordqueries.yaml b/controllers/account/config/crd/bases/account.sealos.io_billingrecordqueries.yaml
deleted file mode 100644
index 798603fc156..00000000000
--- a/controllers/account/config/crd/bases/account.sealos.io_billingrecordqueries.yaml
+++ /dev/null
@@ -1,153 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
-  creationTimestamp: null
-  name: billingrecordqueries.account.sealos.io
-spec:
-  group: account.sealos.io
-  names:
-    kind: BillingRecordQuery
-    listKind: BillingRecordQueryList
-    plural: billingrecordqueries
-    singular: billingrecordquery
-  scope: Namespaced
-  versions:
-  - name: v1
-    schema:
-      openAPIV3Schema:
-        description: BillingRecordQuery is the Schema for the billingrecordqueries
-          API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: BillingRecordQuerySpec defines the desired state of BillingRecordQuery
-            properties:
-              appType:
-                type: string
-              endTime:
-                format: date-time
-                type: string
-              namespace:
-                type: string
-              orderID:
-                type: string
-              page:
-                description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
-                  Important: Run "make" to regenerate code after modifying this file'
-                type: integer
-              pageSize:
-                type: integer
-              startTime:
-                format: date-time
-                type: string
-              type:
-                type: integer
-            required:
-            - endTime
-            - page
-            - pageSize
-            - startTime
-            - type
-            type: object
-          status:
-            description: BillingRecordQueryStatus defines the observed state of BillingRecordQuery
-            properties:
-              deductionAmount:
-                format: int64
-                type: integer
-              item:
-                items:
-                  properties:
-                    amount:
-                      description: Amount = PaymentAmount + GiftAmount
-                      format: int64
-                      type: integer
-                    appType:
-                      type: string
-                    costs:
-                      additionalProperties:
-                        format: int64
-                        type: integer
-                      type: object
-                    name:
-                      type: string
-                    namespace:
-                      type: string
-                    order_id:
-                      type: string
-                    payment:
-                      description: when Type = Recharge, PaymentAmount is the amount
-                        of recharge
-                      properties:
-                        amount:
-                          format: int64
-                          type: integer
-                      type: object
-                    time:
-                      format: date-time
-                      type: string
-                    type:
-                      type: integer
-                  required:
-                  - order_id
-                  - time
-                  - type
-                  type: object
-                type: array
-              pageLength:
-                type: integer
-              rechargeAmount:
-                format: int64
-                type: integer
-              status:
-                type: string
-              totalCount:
-                description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
-                  of cluster Important: Run "make" to regenerate code after modifying
-                  this file'
-                type: integer
-            required:
-            - pageLength
-            - rechargeAmount
-            - status
-            - totalCount
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
diff --git a/controllers/account/config/crd/bases/account.sealos.io_debts.yaml b/controllers/account/config/crd/bases/account.sealos.io_debts.yaml
index ae0db6f8040..262cfc5fd7e 100644
--- a/controllers/account/config/crd/bases/account.sealos.io_debts.yaml
+++ b/controllers/account/config/crd/bases/account.sealos.io_debts.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2023 sealos.
+# Copyright © 2024 sealos.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,8 +17,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
-  creationTimestamp: null
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: debts.account.sealos.io
 spec:
   group: account.sealos.io
@@ -39,24 +38,29 @@ spec:
         description: Debt is the Schema for the debts API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
           spec:
             description: DebtSpec defines the desired state of Debt
             properties:
-              userName:
-                type: string
               userID:
                 type: string
+              userName:
+                type: string
             type: object
           status:
             description: DebtStatus defines the observed state of Debt
@@ -85,9 +89,3 @@ spec:
     storage: true
     subresources:
       status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
diff --git a/controllers/account/config/crd/bases/account.sealos.io_namespacebillinghistories.yaml b/controllers/account/config/crd/bases/account.sealos.io_namespacebillinghistories.yaml
deleted file mode 100644
index 33d310f9169..00000000000
--- a/controllers/account/config/crd/bases/account.sealos.io_namespacebillinghistories.yaml
+++ /dev/null
@@ -1,91 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
-  creationTimestamp: null
-  name: namespacebillinghistories.account.sealos.io
-spec:
-  group: account.sealos.io
-  names:
-    kind: NamespaceBillingHistory
-    listKind: NamespaceBillingHistoryList
-    plural: namespacebillinghistories
-    singular: namespacebillinghistory
-  scope: Namespaced
-  versions:
-  - name: v1
-    schema:
-      openAPIV3Schema:
-        description: NamespaceBillingHistory is the Schema for the namespacebillinghistories
-          API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: NamespaceBillingHistorySpec defines the desired state of
-              NamespaceBillingHistory
-            properties:
-              endTime:
-                format: date-time
-                type: string
-              startTime:
-                format: date-time
-                type: string
-              type:
-                type: integer
-            required:
-            - type
-            type: object
-          status:
-            description: NamespaceBillingHistoryStatus defines the observed state
-              of NamespaceBillingHistory
-            properties:
-              detail:
-                type: string
-              namespaceList:
-                description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
-                  of cluster Important: Run "make" to regenerate code after modifying
-                  this file'
-                items:
-                  type: string
-                type: array
-              status:
-                type: string
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
diff --git a/controllers/account/config/crd/bases/account.sealos.io_payments.yaml b/controllers/account/config/crd/bases/account.sealos.io_payments.yaml
index d5e0ad03a3a..0d62f42da27 100644
--- a/controllers/account/config/crd/bases/account.sealos.io_payments.yaml
+++ b/controllers/account/config/crd/bases/account.sealos.io_payments.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2023 sealos.
+# Copyright © 2024 sealos.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,8 +17,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
-  creationTimestamp: null
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: payments.account.sealos.io
 spec:
   group: account.sealos.io
@@ -35,14 +34,19 @@ spec:
         description: Payment is the Schema for the payments API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
@@ -57,12 +61,12 @@ spec:
                 default: wechat
                 description: e.g. wechat, alipay, creditcard, etc.
                 type: string
-              userID:
-                description: UserID is the user id who want to recharge
-                type: string
               userCR:
                 description: UserCr is the user cr name who want to recharge
                 type: string
+              userID:
+                description: UserID is the user id who want to recharge
+                type: string
             type: object
           status:
             description: PaymentStatus defines the observed state of Payment
@@ -83,9 +87,3 @@ spec:
     storage: true
     subresources:
       status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
diff --git a/controllers/account/config/crd/bases/account.sealos.io_pricequeries.yaml b/controllers/account/config/crd/bases/account.sealos.io_pricequeries.yaml
deleted file mode 100644
index b73fddd52f5..00000000000
--- a/controllers/account/config/crd/bases/account.sealos.io_pricequeries.yaml
+++ /dev/null
@@ -1,80 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
-  creationTimestamp: null
-  name: pricequeries.account.sealos.io
-spec:
-  group: account.sealos.io
-  names:
-    kind: PriceQuery
-    listKind: PriceQueryList
-    plural: pricequeries
-    singular: pricequery
-  scope: Namespaced
-  versions:
-  - name: v1
-    schema:
-      openAPIV3Schema:
-        description: PriceQuery is the Schema for the pricequeries API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: PriceQuerySpec defines the desired state of PriceQuery
-            type: object
-          status:
-            description: PriceQueryStatus defines the observed state of PriceQuery
-            properties:
-              billingRecords:
-                items:
-                  properties:
-                    discountType:
-                      type: string
-                    price:
-                      type: string
-                    resourceType:
-                      type: string
-                  required:
-                  - price
-                  - resourceType
-                  type: object
-                type: array
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
diff --git a/controllers/account/config/crd/bases/account.sealos.io_transfers.yaml b/controllers/account/config/crd/bases/account.sealos.io_transfers.yaml
deleted file mode 100644
index f746906d384..00000000000
--- a/controllers/account/config/crd/bases/account.sealos.io_transfers.yaml
+++ /dev/null
@@ -1,82 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
-  creationTimestamp: null
-  name: transfers.account.sealos.io
-spec:
-  group: account.sealos.io
-  names:
-    kind: Transfer
-    listKind: TransferList
-    plural: transfers
-    singular: transfer
-  scope: Namespaced
-  versions:
-  - name: v1
-    schema:
-      openAPIV3Schema:
-        description: Transfer is the Schema for the transfers API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: TransferSpec defines the desired state of Transfer
-            properties:
-              amount:
-                format: int64
-                minimum: 1000000
-                type: integer
-              from:
-                type: string
-              to:
-                type: string
-            required:
-            - amount
-            - to
-            type: object
-          status:
-            description: TransferStatus defines the observed state of Transfer
-            properties:
-              progress:
-                type: integer
-              reason:
-                type: string
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
diff --git a/controllers/account/config/crd/kustomization.yaml b/controllers/account/config/crd/kustomization.yaml
index 2fecd447f98..c3ece071eb5 100644
--- a/controllers/account/config/crd/kustomization.yaml
+++ b/controllers/account/config/crd/kustomization.yaml
@@ -16,14 +16,8 @@
 # since it depends on service name and namespace that are out of this kustomize package.
 # It should be run by config/default
 resources:
-- bases/account.sealos.io_accounts.yaml
 - bases/account.sealos.io_payments.yaml
 - bases/account.sealos.io_debts.yaml
-- bases/account.sealos.io_billingrecordqueries.yaml
-- bases/account.sealos.io_pricequeries.yaml
-- bases/account.sealos.io_transfers.yaml
-- bases/account.sealos.io_namespacebillinghistories.yaml
-- bases/account.sealos.io_billinginfoqueries.yaml
 #+kubebuilder:scaffold:crdkustomizeresource
 
 patchesStrategicMerge:
diff --git a/controllers/account/config/crd/patches/cainjection_in_billinginfoqueries.yaml b/controllers/account/config/crd/patches/cainjection_in_billinginfoqueries.yaml
deleted file mode 100644
index bf5da442df1..00000000000
--- a/controllers/account/config/crd/patches/cainjection_in_billinginfoqueries.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# The following patch adds a directive for certmanager to inject CA into the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
-  name: billinginfoqueries.account.sealos.io
diff --git a/controllers/account/config/crd/patches/cainjection_in_billingrecordqueries.yaml b/controllers/account/config/crd/patches/cainjection_in_billingrecordqueries.yaml
deleted file mode 100644
index 086f6fb6228..00000000000
--- a/controllers/account/config/crd/patches/cainjection_in_billingrecordqueries.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# The following patch adds a directive for certmanager to inject CA into the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
-  name: billingrecordqueries.account.sealos.io
diff --git a/controllers/account/config/crd/patches/cainjection_in_namespacebillinghistories.yaml b/controllers/account/config/crd/patches/cainjection_in_namespacebillinghistories.yaml
deleted file mode 100644
index e7849ccc4d8..00000000000
--- a/controllers/account/config/crd/patches/cainjection_in_namespacebillinghistories.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# The following patch adds a directive for certmanager to inject CA into the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
-  name: namespacebillinghistories.account.sealos.io
diff --git a/controllers/account/config/crd/patches/cainjection_in_pricequeries.yaml b/controllers/account/config/crd/patches/cainjection_in_pricequeries.yaml
deleted file mode 100644
index 58fb3e5702c..00000000000
--- a/controllers/account/config/crd/patches/cainjection_in_pricequeries.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# The following patch adds a directive for certmanager to inject CA into the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
-  name: pricequeries.account.sealos.io
diff --git a/controllers/account/config/crd/patches/webhook_in_billinginfoqueries.yaml b/controllers/account/config/crd/patches/webhook_in_billinginfoqueries.yaml
deleted file mode 100644
index fd3f8f8fcd0..00000000000
--- a/controllers/account/config/crd/patches/webhook_in_billinginfoqueries.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# The following patch enables a conversion webhook for the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: billinginfoqueries.account.sealos.io
-spec:
-  conversion:
-    strategy: Webhook
-    webhook:
-      clientConfig:
-        service:
-          namespace: system
-          name: webhook-service
-          path: /convert
-      conversionReviewVersions:
-      - v1
diff --git a/controllers/account/config/crd/patches/webhook_in_billingrecordqueries.yaml b/controllers/account/config/crd/patches/webhook_in_billingrecordqueries.yaml
deleted file mode 100644
index 54615e7aac6..00000000000
--- a/controllers/account/config/crd/patches/webhook_in_billingrecordqueries.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# The following patch enables a conversion webhook for the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: billingrecordqueries.account.sealos.io
-spec:
-  conversion:
-    strategy: Webhook
-    webhook:
-      clientConfig:
-        service:
-          namespace: system
-          name: webhook-service
-          path: /convert
-      conversionReviewVersions:
-      - v1
diff --git a/controllers/account/config/crd/patches/webhook_in_namespacebillinghistories.yaml b/controllers/account/config/crd/patches/webhook_in_namespacebillinghistories.yaml
deleted file mode 100644
index 3361858e04c..00000000000
--- a/controllers/account/config/crd/patches/webhook_in_namespacebillinghistories.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# The following patch enables a conversion webhook for the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: namespacebillinghistories.account.sealos.io
-spec:
-  conversion:
-    strategy: Webhook
-    webhook:
-      clientConfig:
-        service:
-          namespace: system
-          name: webhook-service
-          path: /convert
-      conversionReviewVersions:
-      - v1
diff --git a/controllers/account/config/crd/patches/webhook_in_pricequeries.yaml b/controllers/account/config/crd/patches/webhook_in_pricequeries.yaml
deleted file mode 100644
index 5740f4c8963..00000000000
--- a/controllers/account/config/crd/patches/webhook_in_pricequeries.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# The following patch enables a conversion webhook for the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: pricequeries.account.sealos.io
-spec:
-  conversion:
-    strategy: Webhook
-    webhook:
-      clientConfig:
-        service:
-          namespace: system
-          name: webhook-service
-          path: /convert
-      conversionReviewVersions:
-      - v1
diff --git a/controllers/account/config/default/manager_auth_proxy_patch.yaml b/controllers/account/config/default/manager_auth_proxy_patch.yaml
index a3a0d8d5b0b..405c9093a9b 100644
--- a/controllers/account/config/default/manager_auth_proxy_patch.yaml
+++ b/controllers/account/config/default/manager_auth_proxy_patch.yaml
@@ -50,49 +50,38 @@ spec:
           - secretRef:
               name: payment-secret
               optional: true
+          - configMapRef:
+              name: account-manager-env
         securityContext:
           runAsNonRoot: true
           allowPrivilegeEscalation: false
         env:
-          - name: DOMAIN
-            value: '{{ .cloudDomain }}'
-          - name: PORT
-            value: '{{ .cloudPort }}'
           - name: ACCOUNT_NAMESPACE
-            value: "sealos-system"
+            value: sealos-system
           - name: NAMESPACE_NAME
-            value: "user-system"
-          - name: NEW_ACCOUNT_AMOUNT
-            value: "ri79LzQiQrs6CVa1ctE308+AseBXbOua0RIMCXAH5hc3irs="
+            value: user-system
           - name: WHITELIST
-            value: "notifications.Notification.notification.sealos.io/v1,payments.Payment.account.sealos.io/v1,billingrecordqueries.BillingRecordQuery.account.sealos.io/v1,billinginfoqueries.BillingInfoQuery.account.sealos.io/v1,pricequeries.PriceQuery.account.sealos.io/v1"
+            value: licenses.License.license.sealos.io/v1,notifications.Notification.notification.sealos.io/v1,payments.Payment.account.sealos.io/v1,billingrecordqueries.BillingRecordQuery.account.sealos.io/v1,billinginfoqueries.BillingInfoQuery.account.sealos.io/v1,pricequeries.PriceQuery.account.sealos.io/v1
           - name: ACCOUNT_SYSTEM_NAMESPACE
             valueFrom:
               fieldRef:
                 apiVersion: v1
                 fieldPath: metadata.namespace
-          - name: MONGO_URI
-            valueFrom:
-              secretKeyRef:
-                name: mongo-secret
-                key: MONGO_URI
-          - name: ApproachingDeletionPeriod
-            value: "345600"
-          - name: ImminentDeletionPeriod
-            value: "259200"
-          - name: FinalDeletionPeriod
-            value: "604800"
-          - name: DebtDetectionCycleSeconds
-            value: "30"
-          - name: OSAdminSecret
-            value: '{{ .OSAdminSecret }}'
-          - name: OSInternalEndpoint
-            value: '{{ .OSInternalEndpoint }}'
-          - name: oSNamespace
-            value: '{{ .OSNamespace }}'
         image: ghcr.io/labring/sealos-account-controller:latest
         imagePullPolicy: Always
         args:
         - "--health-probe-bind-address=:8081"
         - "--metrics-bind-address=127.0.0.1:8080"
         - "--leader-elect"
+      affinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - weight: 100
+              podAffinityTerm:
+                labelSelector:
+                  matchExpressions:
+                    - key: "control-plane"
+                      operator: In
+                      values:
+                        - controller-manager
+                topologyKey: "kubernetes.io/hostname"
\ No newline at end of file
diff --git a/controllers/account/config/rbac/billinginfoquery_editor_role.yaml b/controllers/account/config/rbac/billinginfoquery_editor_role.yaml
deleted file mode 100644
index 3e53d63f1ed..00000000000
--- a/controllers/account/config/rbac/billinginfoquery_editor_role.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# permissions for end users to edit billinginfoqueries.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: billinginfoquery-editor-role
-rules:
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billinginfoqueries
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billinginfoqueries/status
-  verbs:
-  - get
diff --git a/controllers/account/config/rbac/billinginfoquery_viewer_role.yaml b/controllers/account/config/rbac/billinginfoquery_viewer_role.yaml
deleted file mode 100644
index 0c779bd3971..00000000000
--- a/controllers/account/config/rbac/billinginfoquery_viewer_role.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# permissions for end users to view billinginfoqueries.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: billinginfoquery-viewer-role
-rules:
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billinginfoqueries
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billinginfoqueries/status
-  verbs:
-  - get
diff --git a/controllers/account/config/rbac/billingrecordquery_editor_role.yaml b/controllers/account/config/rbac/billingrecordquery_editor_role.yaml
deleted file mode 100644
index c4fca751b42..00000000000
--- a/controllers/account/config/rbac/billingrecordquery_editor_role.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# permissions for end users to edit billingrecordqueries.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: billingrecordquery-editor-role
-rules:
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billingrecordqueries
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billingrecordqueries/status
-  verbs:
-  - get
diff --git a/controllers/account/config/rbac/billingrecordquery_viewer_role.yaml b/controllers/account/config/rbac/billingrecordquery_viewer_role.yaml
deleted file mode 100644
index e9edac3624f..00000000000
--- a/controllers/account/config/rbac/billingrecordquery_viewer_role.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# permissions for end users to view billingrecordqueries.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: billingrecordquery-viewer-role
-rules:
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billingrecordqueries
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billingrecordqueries/status
-  verbs:
-  - get
diff --git a/controllers/account/config/rbac/namespacebillinghistory_editor_role.yaml b/controllers/account/config/rbac/namespacebillinghistory_editor_role.yaml
deleted file mode 100644
index 4a3625eff72..00000000000
--- a/controllers/account/config/rbac/namespacebillinghistory_editor_role.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# permissions for end users to edit namespacebillinghistories.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: namespacebillinghistory-editor-role
-rules:
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - namespacebillinghistories
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - namespacebillinghistories/status
-  verbs:
-  - get
diff --git a/controllers/account/config/rbac/namespacebillinghistory_viewer_role.yaml b/controllers/account/config/rbac/namespacebillinghistory_viewer_role.yaml
deleted file mode 100644
index 4bb420e4cc1..00000000000
--- a/controllers/account/config/rbac/namespacebillinghistory_viewer_role.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# permissions for end users to view namespacebillinghistories.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: namespacebillinghistory-viewer-role
-rules:
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - namespacebillinghistories
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - namespacebillinghistories/status
-  verbs:
-  - get
diff --git a/controllers/account/config/rbac/pricequery_editor_role.yaml b/controllers/account/config/rbac/pricequery_editor_role.yaml
deleted file mode 100644
index 56c1e4dfa04..00000000000
--- a/controllers/account/config/rbac/pricequery_editor_role.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# permissions for end users to edit pricequeries.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: pricequery-editor-role
-rules:
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - pricequeries
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - pricequeries/status
-  verbs:
-  - get
diff --git a/controllers/account/config/rbac/pricequery_viewer_role.yaml b/controllers/account/config/rbac/pricequery_viewer_role.yaml
deleted file mode 100644
index 218a7dfeb77..00000000000
--- a/controllers/account/config/rbac/pricequery_viewer_role.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# permissions for end users to view pricequeries.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: pricequery-viewer-role
-rules:
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - pricequeries
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - pricequeries/status
-  verbs:
-  - get
diff --git a/controllers/account/config/rbac/role.yaml b/controllers/account/config/rbac/role.yaml
index 5d6826128dd..723a2837e5d 100644
--- a/controllers/account/config/rbac/role.yaml
+++ b/controllers/account/config/rbac/role.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2023 sealos.
+# Copyright © 2024 sealos.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -16,7 +16,6 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  creationTimestamp: null
   name: manager-role
 rules:
 - apiGroups:
@@ -31,12 +30,6 @@ rules:
   - patch
   - update
   - watch
-- apiGroups:
-  - ""
-  resources:
-  - configmaps/status
-  verbs:
-  - get
 - apiGroups:
   - ""
   resources:
@@ -75,58 +68,6 @@ rules:
   - get
   - patch
   - update
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billinginfoqueries
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billinginfoqueries/finalizers
-  verbs:
-  - update
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billinginfoqueries/status
-  verbs:
-  - get
-  - patch
-  - update
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billingrecordqueries
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billingrecordqueries/finalizers
-  verbs:
-  - update
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billingrecordqueries/status
-  verbs:
-  - get
-  - patch
-  - update
 - apiGroups:
   - account.sealos.io
   resources:
@@ -153,32 +94,6 @@ rules:
   - get
   - patch
   - update
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - namespacebillinghistories
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - namespacebillinghistories/finalizers
-  verbs:
-  - update
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - namespacebillinghistories/status
-  verbs:
-  - get
-  - patch
-  - update
 - apiGroups:
   - account.sealos.io
   resources:
@@ -205,32 +120,6 @@ rules:
   - get
   - patch
   - update
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - pricequeries
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - pricequeries/finalizers
-  verbs:
-  - update
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - pricequeries/status
-  verbs:
-  - get
-  - patch
-  - update
 - apiGroups:
   - apps
   resources:
diff --git a/controllers/account/config/rbac/transfer_editor_role.yaml b/controllers/account/config/rbac/transfer_editor_role.yaml
deleted file mode 100644
index 6c8bfffef57..00000000000
--- a/controllers/account/config/rbac/transfer_editor_role.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# permissions for end users to edit transfers.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: transfer-editor-role
-rules:
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - transfers
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - transfers/status
-  verbs:
-  - get
diff --git a/controllers/account/config/rbac/transfer_viewer_role.yaml b/controllers/account/config/rbac/transfer_viewer_role.yaml
deleted file mode 100644
index 253667def01..00000000000
--- a/controllers/account/config/rbac/transfer_viewer_role.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# permissions for end users to view transfers.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: transfer-viewer-role
-rules:
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - transfers
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - transfers/status
-  verbs:
-  - get
diff --git a/controllers/account/config/samples/account_v1_billinginfoquery.yaml b/controllers/account/config/samples/account_v1_billinginfoquery.yaml
deleted file mode 100644
index 9a728da77b6..00000000000
--- a/controllers/account/config/samples/account_v1_billinginfoquery.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: account.sealos.io/v1
-kind: BillingInfoQuery
-metadata:
-  name: billinginfoquery-sample
-spec:
-  # TODO(user): Add fields here
diff --git a/controllers/account/config/samples/account_v1_billingrecordquery.yaml b/controllers/account/config/samples/account_v1_billingrecordquery.yaml
deleted file mode 100644
index 524b569511a..00000000000
--- a/controllers/account/config/samples/account_v1_billingrecordquery.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: account.sealos.io/v1
-kind: BillingRecordQuery
-metadata:
-  name: billingrecordquery-sample
-spec:
-  # TODO(user): Add fields here
diff --git a/controllers/account/config/samples/account_v1_namespacebillinghistory.yaml b/controllers/account/config/samples/account_v1_namespacebillinghistory.yaml
deleted file mode 100644
index de10eb0c693..00000000000
--- a/controllers/account/config/samples/account_v1_namespacebillinghistory.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: account.sealos.io/v1
-kind: NamespaceBillingHistory
-metadata:
-  name: namespacebillinghistory-sample
-spec:
-  # TODO(user): Add fields here
diff --git a/controllers/account/config/samples/account_v1_pricequery.yaml b/controllers/account/config/samples/account_v1_pricequery.yaml
deleted file mode 100644
index 23da8793581..00000000000
--- a/controllers/account/config/samples/account_v1_pricequery.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: account.sealos.io/v1
-kind: PriceQuery
-metadata:
-  name: pricequery-sample
-spec:
-  # TODO(user): Add fields here
diff --git a/controllers/account/config/samples/account_v1_transfer.yaml b/controllers/account/config/samples/account_v1_transfer.yaml
deleted file mode 100644
index dc584ca24cc..00000000000
--- a/controllers/account/config/samples/account_v1_transfer.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: account.sealos.io/v1
-kind: Transfer
-metadata:
-  name: transfer-sample
-spec:
-  # TODO(user): Add fields here
diff --git a/controllers/account/config/webhook/manifests.yaml b/controllers/account/config/webhook/manifests.yaml
index fe4fb619f2c..d48ea280383 100644
--- a/controllers/account/config/webhook/manifests.yaml
+++ b/controllers/account/config/webhook/manifests.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2023 sealos.
+# Copyright © 2024 sealos.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -16,27 +16,40 @@
 apiVersion: admissionregistration.k8s.io/v1
 kind: ValidatingWebhookConfiguration
 metadata:
-  creationTimestamp: null
   name: validating-webhook-configuration
 webhooks:
 - admissionReviewVersions:
-  - v1
+    - v1
   clientConfig:
     service:
-      name: webhook-service
-      namespace: system
+      name: account-webhook-service
+      namespace: account-system
       path: /validate-v1-sealos-cloud
+  timeoutSeconds: 10
   failurePolicy: Ignore
   name: debt.sealos.io
+  namespaceSelector:
+    matchExpressions:
+      - key: user.sealos.io/owner
+        operator: Exists
   rules:
-  - apiGroups:
-    - '*'
-    apiVersions:
-    - v1
-    operations:
-    - CREATE
-    - UPDATE
-    - DELETE
-    resources:
-    - '*'
+    - apiGroups:
+        - '*'
+      apiVersions:
+        - v1
+      operations:
+        - CREATE
+        - UPDATE
+        - DELETE
+      resources:
+        - '*'
+    - apiGroups:
+        - account.sealos.io
+      apiVersions:
+        - v1
+      operations:
+        - UPDATE
+      resources:
+        - payments/status
+      scope: '*'
   sideEffects: None
diff --git a/controllers/account/controllers/account_controller.go b/controllers/account/controllers/account_controller.go
index 43a9ef301ae..ff5d6c012d7 100644
--- a/controllers/account/controllers/account_controller.go
+++ b/controllers/account/controllers/account_controller.go
@@ -61,14 +61,10 @@ import (
 )
 
 const (
-	ACCOUNTNAMESPACEENV          = "ACCOUNT_NAMESPACE"
-	DEFAULTACCOUNTNAMESPACE      = "sealos-system"
-	AccountAnnotationNewAccount  = "account.sealos.io/new-account"
-	AccountAnnotationIgnoreQuota = "account.sealos.io/ignore-quota"
-	NEWACCOUNTAMOUNTENV          = "NEW_ACCOUNT_AMOUNT"
-	RECHARGEGIFT                 = "recharge-gift"
-	SEALOS                       = "sealos"
-	DefaultInitialBalance        = 5_000_000
+	ACCOUNTNAMESPACEENV     = "ACCOUNT_NAMESPACE"
+	DEFAULTACCOUNTNAMESPACE = "sealos-system"
+	RECHARGEGIFT            = "recharge-gift"
+	SEALOS                  = "sealos"
 )
 
 // AccountReconciler reconciles an Account object
@@ -233,50 +229,8 @@ func parseConfigList(s string, list interface{}, configName string) error {
 	return nil
 }
 
-//func GetUserOwner(user *userv1.User) string {
-//	own := user.Annotations[userv1.UserAnnotationOwnerKey]
-//	if own == "" {
-//		return user.Name
-//	}
-//	return own
-//}
-
 const BaseUnit = 1_000_000
 
-//func (r *AccountReconciler) getAmountWithRates(amount int64, account *pkgtypes.Account) (amt int64, err error) {
-//	//userActivities, err := pkgtypes.ParseUserActivities(account.Annotations)
-//	//if err != nil {
-//	//	return nil, 0, fmt.Errorf("parse user activities failed: %w", err)
-//	//}
-//	//
-//	//rechargeDiscount := pkgtypes.RechargeDiscount{
-//	//	DiscountSteps: r.RechargeStep,
-//	//	DiscountRates: r.RechargeRatio,
-//	//}
-//	//if len(userActivities) > 0 {
-//	//	if activityType, phase, _ := pkgtypes.GetUserActivityDiscount(r.Activities, &userActivities); phase != nil {
-//	//		if len(phase.RechargeDiscount.DiscountSteps) > 0 {
-//	//			rechargeDiscount.DiscountSteps = phase.RechargeDiscount.DiscountSteps
-//	//			rechargeDiscount.DiscountRates = phase.RechargeDiscount.DiscountRates
-//	//		}
-//	//		rechargeDiscount.SpecialDiscount = phase.RechargeDiscount.SpecialDiscount
-//	//		rechargeDiscount = phase.RechargeDiscount
-//	//		currentPhase := userActivities[activityType].Phases[userActivities[activityType].CurrentPhase]
-//	//		anno = pkgtypes.SetUserPhaseRechargeTimes(account.Annotations, activityType, currentPhase.Name, currentPhase.RechargeNums+1)
-//	//	}
-//	//}
-//	//return anno, getAmountWithDiscount(amount, rechargeDiscount), nil
-//
-//	discount, err := r.AccountV2.GetUserAccountRechargeDiscount(&pkgtypes.UserQueryOpts{UID: account.UserUID})
-//	if err != nil {
-//		return 0, fmt.Errorf("get user %s account recharge discount failed: %w", account.UserUID, err)
-//	}
-//	if discount == nil || discount.DiscountSteps == nil || discount.DiscountRates == nil {
-//		return getAmountWithDiscount(amount, r.DefaultDiscount), nil
-//	}
-//	return getAmountWithDiscount(amount, *discount), nil
-//}
-
 func getAmountWithDiscount(amount int64, discount pkgtypes.UserRechargeDiscount) int64 {
 	var r float64
 	for _, step := range sortSteps(discount.DefaultSteps) {
diff --git a/controllers/account/controllers/account_controller_test.go b/controllers/account/controllers/account_controller_test.go
index 48696aed680..dece29aaf2e 100644
--- a/controllers/account/controllers/account_controller_test.go
+++ b/controllers/account/controllers/account_controller_test.go
@@ -29,67 +29,6 @@ import (
 	"github.com/labring/sealos/controllers/pkg/database/mongo"
 )
 
-//func Test_giveGift(t *testing.T) {
-//	type args struct {
-//		amount int64
-//	}
-//	const BaseUnit = 1_000_000
-//	tests := []struct {
-//		name string
-//		args args
-//		want int64
-//	}{
-//		// [1-298] -> 0%, [299-598] -> 10%, [599-1998] -> 15%, [1999-4998] -> 20%, [4999-19998] -> 25%, [19999+] -> 30%
-//		{name: "0% less than 299", args: args{amount: 100 * BaseUnit}, want: 0 + 100*BaseUnit},
-//		{name: "10% between 299 and 599", args: args{amount: 299 * BaseUnit}, want: 29_900_000 + 299*BaseUnit},
-//		{name: "10% between 299 and 599", args: args{amount: 300 * BaseUnit}, want: 30_000_000 + 300*BaseUnit},
-//		{name: "15% between 599 and 1999", args: args{amount: 599 * BaseUnit}, want: 89_850_000 + 599*BaseUnit},
-//		{name: "15% between 599 and 1999", args: args{amount: 600 * BaseUnit}, want: 90_000_000 + 600*BaseUnit},
-//		{name: "20% between 1999 and 4999", args: args{amount: 1999 * BaseUnit}, want: 399_800_000 + 1999*BaseUnit},
-//		{name: "20% between 1999 and 4999", args: args{amount: 2000 * BaseUnit}, want: 400_000_000 + 2000*BaseUnit},
-//		{name: "25% between 4999 and 19999", args: args{amount: 4999 * BaseUnit}, want: 1249_750_000 + 4999*BaseUnit},
-//		{name: "25% between 4999 and 19999", args: args{amount: 5000 * BaseUnit}, want: 1250_000_000 + 5000*BaseUnit},
-//		{name: "30% more than 19999", args: args{amount: 19999 * BaseUnit}, want: 5999_700_000 + 19999*BaseUnit},
-//		{name: "30% more than 19999", args: args{amount: 20000 * BaseUnit}, want: 6000_000_000 + 20000*BaseUnit},
-//		{name: "30% more than 19999", args: args{amount: 99999 * BaseUnit}, want: 29999_700_000 + 99999*BaseUnit},
-//		{"0% less than 299", args{amount: 1 * BaseUnit}, 1 * BaseUnit},
-//	}
-//
-//	configMap := &corev1.ConfigMap{}
-//	configMap.Data = make(map[string]string)
-//	configMap.Data["steps"] = "299,599,1999,4999,19999"
-//	configMap.Data["ratios"] = "10.0,15.0,20.0,25.0,30.0"
-//
-//	for _, tt := range tests {
-//		t.Run(tt.name, func(t *testing.T) {
-//			if got, _ := giveGift(tt.args.amount, configMap); got != tt.want {
-//				t.Errorf("giveGift() = %v, want %v", got, tt.want)
-//			}
-//		})
-//	}
-//}
-
-//func Test_getAmountWithDiscount(t *testing.T) {
-//	type args struct {
-//		amount   int64
-//		discount types.RechargeDiscount
-//	}
-//	tests := []struct {
-//		name string
-//		args args
-//		want int64
-//	}{
-//		// TODO: Add test cases.
-//	}
-//	for _, tt := range tests {
-//		t.Run(tt.name, func(t *testing.T) {
-//			if got := getAmountWithDiscount(tt.args.amount, tt.args.discount); got != tt.want {
-//				t.Errorf("getAmountWithDiscount() = %v, want %v", got, tt.want)
-//			}
-//		})
-//	}
-//}
-
 func TestAccountReconciler_BillingCVM(t *testing.T) {
 	dbCtx := context.Background()
 	cvmDBClient, err := mongo.NewMongoInterface(dbCtx, os.Getenv(database.CVMMongoURI))
diff --git a/controllers/account/controllers/accountv2_test.go b/controllers/account/controllers/accountv2_test.go
index 62fd16ce21d..34f37ce058d 100644
--- a/controllers/account/controllers/accountv2_test.go
+++ b/controllers/account/controllers/accountv2_test.go
@@ -15,30 +15,11 @@
 package controllers
 
 import (
-	"context"
-	"os"
-	"path/filepath"
 	"testing"
-	"time"
 
 	"github.com/labring/sealos/controllers/pkg/database"
 
-	"github.com/labring/sealos/controllers/pkg/database/mongo"
-
-	"golang.org/x/sync/errgroup"
-
 	"github.com/labring/sealos/controllers/pkg/database/cockroach"
-	"github.com/labring/sealos/controllers/pkg/utils/logger"
-
-	"sigs.k8s.io/controller-runtime/pkg/client"
-
-	"k8s.io/client-go/tools/clientcmd"
-
-	"k8s.io/apimachinery/pkg/runtime"
-	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
-
-	accountv1 "github.com/labring/sealos/controllers/account/api/v1"
-
 	"github.com/labring/sealos/controllers/pkg/types"
 )
 
@@ -47,202 +28,6 @@ var (
 	testV2LocalDBURI  = ""
 )
 
-type testConfig struct {
-	RegionID      string
-	V1dbURI       string
-	V2GlobalDBURI string
-	V2LocalDBURI  string
-	Kubeconfig    string
-}
-
-var RegionsConfig = []testConfig{}
-
-func mkdirs(dirs ...string) error {
-	for _, dir := range dirs {
-		err := os.MkdirAll(dir, 0755)
-		if err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func TestAccount_V1ToV2(t *testing.T) {
-	for i := range RegionsConfig {
-		os.Unsetenv("LOCAL_REGION")
-		err := os.Setenv("LOCAL_REGION", RegionsConfig[i].RegionID)
-		if err != nil {
-			t.Fatalf("failed to set env: %v", err)
-		}
-		err = mkdirs(filepath.Join("transferv1tov2", "null_user_record", RegionsConfig[i].RegionID),
-			filepath.Join("transferv1tov2", "transfer_account_v1", RegionsConfig[i].RegionID),
-			filepath.Join("transferv1tov2", "transfer_account_v1_exist", RegionsConfig[i].RegionID))
-		if err != nil {
-			t.Fatalf("failed to create dir: %v", err)
-		}
-		scheme := runtime.NewScheme()
-		utilruntime.Must(accountv1.AddToScheme(scheme))
-		config, err := clientcmd.BuildConfigFromFlags("", RegionsConfig[i].Kubeconfig)
-		if err != nil {
-			t.Fatalf("Error building kubeconfig: %v\n", err)
-		}
-		clt, err := client.New(config, client.Options{Scheme: scheme})
-		if err != nil {
-			t.Fatalf("failed to new client: %v", err)
-		}
-		accounts := &accountv1.AccountList{}
-		err = clt.List(context.Background(), accounts)
-		if err != nil {
-			t.Fatalf("failed to get account: %v", err)
-		}
-		t.Logf("success get region account len: %d, startTime: %s", len(accounts.Items), time.Now().UTC().Format("2006-01-02 15:04:05"))
-		accountItf, err := database.NewAccountV2(RegionsConfig[i].V2GlobalDBURI, RegionsConfig[i].V2LocalDBURI)
-		if err != nil {
-			t.Fatalf("failed to new account : %v", err)
-		}
-		defer func() {
-			if err := accountItf.Close(); err != nil {
-				t.Errorf("failed close connection: %v", err)
-			}
-		}()
-		wg, ctx := errgroup.WithContext(context.Background())
-		wg.SetLimit(100)
-		for _, a := range accounts.Items {
-			account := a
-			wg.Go(func() error {
-				createAccount := &types.Account{
-					EncryptBalance:          *account.Status.EncryptBalance,
-					EncryptDeductionBalance: *account.Status.EncryptDeductionBalance,
-					Balance:                 account.Status.Balance,
-					DeductionBalance:        account.Status.DeductionBalance,
-					CreatedAt:               account.CreationTimestamp.Time,
-					CreateRegionID:          RegionsConfig[i].RegionID,
-					ActivityBonus:           account.Status.ActivityBonus,
-				}
-				_, err := accountItf.TransferAccountV1(account.Name, createAccount)
-				if err != nil {
-					logger.Error("failed to create account %s: %v", account.Name, err)
-					if err = accountItf.CreateErrorAccountCreate(createAccount, account.Name, err.Error()); err != nil {
-						logger.Error("failed to create err msg %s: %v", account.Name, err)
-						ctx.Done()
-					}
-					return err
-				}
-				//t.Logf("success create account %s", account.Name)
-				return nil
-			})
-		}
-		if err := wg.Wait(); err != nil {
-			t.Fatalf("failed to create account: %v", err)
-		}
-	}
-}
-
-func TestConvertPayment_V1ToV2(t *testing.T) {
-	for i := range RegionsConfig {
-		os.Unsetenv("LOCAL_REGION")
-		err := os.Setenv("LOCAL_REGION", RegionsConfig[i].RegionID)
-		if err != nil {
-			t.Fatalf("failed to set env: %v", err)
-		}
-		accountV2, err := database.NewAccountV2(RegionsConfig[i].V2GlobalDBURI, RegionsConfig[i].V2LocalDBURI)
-		if err != nil {
-			t.Fatalf("failed to new account : %v", err)
-		}
-		defer func() {
-			if err := accountV2.Close(); err != nil {
-				t.Errorf("failed close connection: %v", err)
-			}
-		}()
-		accountV1, err := mongo.NewMongoInterface(context.Background(), RegionsConfig[i].V1dbURI)
-		if err != nil {
-			t.Fatalf("failed to new account : %v", err)
-		}
-		defer func() {
-			if err := accountV1.Disconnect(context.Background()); err != nil {
-				t.Errorf("failed close connection: %v", err)
-			}
-		}()
-		billings, err := accountV1.GetAllPayment()
-		if err != nil {
-			t.Fatalf("failed to get billing: %v", err)
-		}
-		eg := errgroup.Group{}
-		eg.SetLimit(100)
-
-		for i := range billings {
-			bill := billings[i]
-			eg.Go(func() error {
-				payment := types.Payment{
-					ID: bill.OrderID,
-					PaymentRaw: types.PaymentRaw{
-						CreatedAt:       bill.Time,
-						Amount:          bill.Payment.Amount,
-						RegionUserOwner: bill.Owner,
-						Method:          bill.Payment.Method,
-						CodeURL:         bill.Payment.CodeURL,
-						TradeNO:         bill.Payment.TradeNO,
-						Gift:            bill.Amount - bill.Payment.Amount,
-					},
-				}
-				err = accountV2.SavePayment(&payment)
-				if err != nil {
-					//logger.Error("failed to create payment %s: %v", payment.CrName, err)
-					if err2 := accountV2.CreateErrorPaymentCreate(payment, err.Error()); err2 != nil {
-						logger.Error("failed to create err msg %s: %v", payment.ID, err2)
-					}
-				}
-				//logger.Info("success get payment %s", bill)
-				return nil
-			})
-		}
-		if err := eg.Wait(); err != nil {
-			t.Fatalf("failed to wait create payment: %v", err)
-			return
-		}
-	}
-	t.Logf("success convert payment")
-}
-
-//func TestAccountConvert(t *testing.T) {
-//	scheme := runtime.NewScheme()
-//	utilruntime.Must(accountv1.AddToScheme(scheme))
-//	config, err := clientcmd.BuildConfigFromFlags("", testConfig)
-//	if err != nil {
-//		t.Fatalf("Error building kubeconfig: %v\n", err)
-//	}
-//	clt, err := client.New(config, client.Options{Scheme: scheme})
-//	if err != nil {
-//		t.Fatalf("failed to new client: %v", err)
-//	}
-//	accounts := &accountv1.AccountList{}
-//	err = clt.List(context.Background(), accounts)
-//	if err != nil {
-//		t.Fatalf("failed to get account: %v", err)
-//	}
-//	for _, a := range accounts.Items {
-//		account := a
-//		if account.Status.EncryptBalance != nil || account.Status.EncryptDeductionBalance != nil {
-//			if account.Status.EncryptBalance != nil && account.Status.EncryptDeductionBalance != nil {
-//				continue
-//			}
-//			t.Logf("account %s already convert", account.Name)
-//			continue
-//		}
-//		accountCopy := &accountv1.Account{}
-//		err = json.Unmarshal([]byte(account.Annotations[v1.LastAppliedConfigAnnotation]), accountCopy)
-//		if err != nil {
-//			t.Fatalf("failed to unmarshal account %s: %v", account.Name, err)
-//		}
-//		account.Status = accountCopy.Status
-//		err = clt.Status().Update(context.Background(), &account)
-//		if err != nil {
-//			t.Fatalf("failed to update account %s: %v", account.Name, err)
-//		}
-//		t.Logf("success updata status account %s: %+v", account.Name, account.Status)
-//	}
-//}
-
 func TestAccountV2_CreateAccount(t *testing.T) {
 	account, err := database.NewAccountV2(testV2GlobalDBURI, testV2LocalDBURI)
 	if err != nil {
diff --git a/controllers/account/controllers/billinginfoquery_controller.go b/controllers/account/controllers/billinginfoquery_controller.go
deleted file mode 100644
index 98bff636665..00000000000
--- a/controllers/account/controllers/billinginfoquery_controller.go
+++ /dev/null
@@ -1,195 +0,0 @@
-/*
-Copyright 2023.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package controllers
-
-import (
-	"context"
-	"encoding/json"
-	"fmt"
-	"strings"
-	"time"
-
-	"github.com/labring/sealos/controllers/pkg/types"
-
-	userv1 "github.com/labring/sealos/controllers/user/api/v1"
-
-	"github.com/go-logr/logr"
-
-	"github.com/labring/sealos/controllers/pkg/resources"
-
-	"github.com/labring/sealos/controllers/pkg/database"
-
-	"k8s.io/apimachinery/pkg/runtime"
-	ctrl "sigs.k8s.io/controller-runtime"
-	"sigs.k8s.io/controller-runtime/pkg/client"
-
-	accountv1 "github.com/labring/sealos/controllers/account/api/v1"
-)
-
-// BillingInfoQueryReconciler reconciles a BillingInfoQuery object
-type BillingInfoQueryReconciler struct {
-	client.Client
-	logr.Logger
-	Scheme   *runtime.Scheme
-	DBClient database.Account
-	//TODO init
-	AccountV2              database.AccountV2
-	AccountSystemNamespace string
-	Properties             *resources.PropertyTypeLS
-	propertiesQuery        []accountv1.PropertyQuery
-	Activities             types.Activities
-	DefaultDiscount        types.RechargeDiscount
-	QueryFuncMap           map[string]func(context.Context, ctrl.Request, *accountv1.BillingInfoQuery) (string, error)
-}
-
-//+kubebuilder:rbac:groups=account.sealos.io,resources=billinginfoqueries,verbs=get;list;watch;create;update;patch;delete
-//+kubebuilder:rbac:groups=account.sealos.io,resources=billinginfoqueries/status,verbs=get;update;patch
-//+kubebuilder:rbac:groups=account.sealos.io,resources=billinginfoqueries/finalizers,verbs=update
-
-func (r *BillingInfoQueryReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctl ctrl.Result, err error) {
-	query := &accountv1.BillingInfoQuery{}
-	if err = r.Get(ctx, req.NamespacedName, query); err != nil {
-		return ctrl.Result{}, client.IgnoreNotFound(err)
-	}
-	if err := r.deleteTimeoutQueryCRList(ctx); err != nil {
-		r.Logger.Error(err, "delete timeout query error")
-	}
-	r.reconcileQuery(ctx, req, query)
-
-	return ctrl.Result{}, r.Status().Update(ctx, query)
-}
-
-func (r *BillingInfoQueryReconciler) reconcileQuery(ctx context.Context, req ctrl.Request, query *accountv1.BillingInfoQuery) {
-	var err error
-	queryFunc := r.QueryFuncMap[strings.ToLower(query.Spec.QueryType)]
-	if queryFunc == nil {
-		query.Status.Status = accountv1.Failed
-		query.Status.StatusDetails = fmt.Sprintf("query type %s not supported", query.Spec.QueryType)
-		return
-	}
-	if query.Status.Result, err = queryFunc(ctx, req, query); err != nil {
-		query.Status.Status = accountv1.Failed
-		query.Status.StatusDetails = err.Error()
-		return
-	}
-	query.Status.Status = accountv1.Completed
-}
-
-// timeout five minutes
-func (r *BillingInfoQueryReconciler) deleteTimeoutQueryCRList(ctx context.Context) error {
-	queryList := &accountv1.BillingInfoQueryList{}
-	err := r.List(ctx, queryList)
-	if err != nil {
-		return err
-	}
-
-	for _, query := range queryList.Items {
-		if time.Since(query.CreationTimestamp.Time) > time.Minute*6 {
-			if err := r.Delete(ctx, &query); client.IgnoreNotFound(err) != nil {
-				return fmt.Errorf("delete billinginfoquery error: %v", err)
-			}
-		}
-	}
-	return nil
-}
-
-func (r *BillingInfoQueryReconciler) NamespacesHistoryQuery(ctx context.Context, req ctrl.Request, _ *accountv1.BillingInfoQuery) (result string, err error) {
-	user := &userv1.User{}
-	if err = r.Get(ctx, client.ObjectKey{Namespace: req.Namespace, Name: getUsername(req.Namespace)}, user); err != nil {
-		return "", fmt.Errorf("get user failed: %w", err)
-	}
-	var nsList []string
-	owner, ok := user.GetAnnotations()[userv1.UserAnnotationOwnerKey]
-	if ok {
-		nsList, err = r.DBClient.GetBillingHistoryNamespaces(nil, nil, int(accountv1.QueryAllType), owner)
-		if err != nil {
-			return "", fmt.Errorf("get billing history namespaces failed: %w", err)
-		}
-	}
-
-	data, err := json.Marshal(nsList)
-	if err != nil {
-		return "", fmt.Errorf("marshal billing history namespaces failed: %w", err)
-	}
-	return string(data), nil
-}
-
-func (r *BillingInfoQueryReconciler) PropertiesQuery(_ context.Context, _ ctrl.Request, _ *accountv1.BillingInfoQuery) (result string, err error) {
-	data, err := json.Marshal(r.propertiesQuery)
-	if err != nil {
-		return "", fmt.Errorf("marshal properties query failed: %w", err)
-	}
-	return string(data), nil
-}
-
-func (r *BillingInfoQueryReconciler) AppTypeQuery(_ context.Context, _ ctrl.Request, _ *accountv1.BillingInfoQuery) (result string, err error) {
-	var appTypeList []string
-	for appType := range resources.AppType {
-		appTypeList = append(appTypeList, appType)
-	}
-	data, err := json.Marshal(appTypeList)
-	if err != nil {
-		return "", fmt.Errorf("marshal type query failed: %w", err)
-	}
-	return string(data), nil
-}
-
-func (r *BillingInfoQueryReconciler) RechargeQuery(_ context.Context, _ ctrl.Request, billingInfoQuery *accountv1.BillingInfoQuery) (result string, err error) {
-	//TODO get owner
-	userDiscount, err := r.AccountV2.GetUserAccountRechargeDiscount(&types.UserQueryOpts{Owner: getUsername(billingInfoQuery.Namespace)})
-	if err != nil {
-		return "", fmt.Errorf("parse user activities failed: %w", err)
-	}
-	if userDiscount == nil || len(userDiscount.DiscountRates) == 0 || len(userDiscount.DiscountSteps) == 0 {
-		userDiscount = &r.DefaultDiscount
-	}
-	data, err := json.Marshal(userDiscount)
-	if err != nil {
-		return "", fmt.Errorf("marshal recharge discount failed: %w", err)
-	}
-	return string(data), nil
-}
-
-func (r *BillingInfoQueryReconciler) ConvertPropertiesToQuery() error {
-	r.propertiesQuery = make([]accountv1.PropertyQuery, 0)
-	for _, types := range r.Properties.Types {
-		property := accountv1.PropertyQuery{
-			Name:      types.Name,
-			UnitPrice: types.UnitPrice,
-			Unit:      types.UnitString,
-			Alias:     types.Alias,
-		}
-		r.propertiesQuery = append(r.propertiesQuery, property)
-	}
-	return nil
-}
-
-// SetupWithManager sets up the controller with the Manager.
-func (r *BillingInfoQueryReconciler) SetupWithManager(mgr ctrl.Manager) error {
-	r.Logger = ctrl.Log.WithName("controllers").WithName("BillingInfoQuery")
-	if err := r.ConvertPropertiesToQuery(); err != nil {
-		return fmt.Errorf("convert properties to query failed: %w", err)
-	}
-	r.QueryFuncMap = make(map[string]func(context.Context, ctrl.Request, *accountv1.BillingInfoQuery) (string, error), 3)
-	r.QueryFuncMap[strings.ToLower(accountv1.QueryTypeNamespacesHistory)] = r.NamespacesHistoryQuery
-	r.QueryFuncMap[strings.ToLower(accountv1.QueryTypeProperties)] = r.PropertiesQuery
-	r.QueryFuncMap[strings.ToLower(accountv1.QueryTypeAppType)] = r.AppTypeQuery
-	r.QueryFuncMap[strings.ToLower(accountv1.QueryTypeRecharge)] = r.RechargeQuery
-	return ctrl.NewControllerManagedBy(mgr).
-		For(&accountv1.BillingInfoQuery{}).
-		Complete(r)
-}
diff --git a/controllers/account/controllers/billingrecordquery_controller.go b/controllers/account/controllers/billingrecordquery_controller.go
deleted file mode 100644
index 1a5b86f47bd..00000000000
--- a/controllers/account/controllers/billingrecordquery_controller.go
+++ /dev/null
@@ -1,169 +0,0 @@
-/*
-Copyright 2023.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package controllers
-
-import (
-	"context"
-	"fmt"
-	"os"
-	"strconv"
-	"time"
-
-	"github.com/labring/sealos/controllers/pkg/database/mongo"
-
-	"github.com/go-logr/logr"
-
-	accountv1 "github.com/labring/sealos/controllers/account/api/v1"
-	"github.com/labring/sealos/controllers/pkg/database"
-	"github.com/labring/sealos/controllers/pkg/resources"
-	"github.com/labring/sealos/controllers/pkg/utils/env"
-
-	"k8s.io/apimachinery/pkg/runtime"
-	ctrl "sigs.k8s.io/controller-runtime"
-	"sigs.k8s.io/controller-runtime/pkg/client"
-	"sigs.k8s.io/controller-runtime/pkg/controller"
-	"sigs.k8s.io/controller-runtime/pkg/handler"
-	"sigs.k8s.io/controller-runtime/pkg/log"
-)
-
-// BillingRecordQueryReconciler reconciles a BillingRecordQuery object
-type BillingRecordQueryReconciler struct {
-	client.Client
-	Scheme                 *runtime.Scheme
-	Logger                 logr.Logger
-	MongoDBURI             string
-	AccountSystemNamespace string
-}
-
-//+kubebuilder:rbac:groups=account.sealos.io,resources=billingrecordqueries,verbs=get;list;watch;create;update;patch;delete
-//+kubebuilder:rbac:groups=account.sealos.io,resources=billingrecordqueries/status,verbs=get;update;patch
-//+kubebuilder:rbac:groups=account.sealos.io,resources=billingrecordqueries/finalizers,verbs=update
-//+kubebuilder:rbac:groups=account.sealos.io,resources=pricequeries,verbs=get;list;watch;create;update;patch;delete
-//+kubebuilder:rbac:groups=account.sealos.io,resources=pricequeries/status,verbs=get;update;patch
-//+kubebuilder:rbac:groups=account.sealos.io,resources=pricequeries/finalizers,verbs=update
-//+kubebuilder:rbac:groups="",resources=configmaps,verbs=get;list;watch
-//+kubebuilder:rbac:groups="",resources=configmaps/status,verbs=get
-
-// Reconcile is part of the main kubernetes reconciliation loop which aims to
-// move the current state of the cluster closer to the desired state.
-// TODO(user): Modify the Reconcile function to compare the state specified by
-// the BillingRecordQuery object against the actual cluster state, and then
-// perform operations to make the cluster state reflect the state specified by
-// the user.
-//
-// For more details, check Reconcile and its Result here:
-// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.11.2/pkg/reconcile
-func (r *BillingRecordQueryReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
-	_ = log.FromContext(ctx)
-
-	dbCtx := context.Background()
-	dbClient, err := mongo.NewMongoInterface(dbCtx, r.MongoDBURI)
-	if err != nil {
-		r.Logger.Error(err, "connect mongo client failed")
-		return ctrl.Result{Requeue: true}, err
-	}
-	defer func() {
-		err := dbClient.Disconnect(ctx)
-		if err != nil {
-			r.Logger.V(5).Info("disconnect mongo client failed", "err", err)
-		}
-	}()
-
-	priceQuery := &accountv1.PriceQuery{}
-	err = r.Get(ctx, req.NamespacedName, priceQuery)
-	if err == nil {
-		return r.ReconcilePriceQuery(ctx, priceQuery)
-	} else if client.IgnoreNotFound(err) != nil {
-		return ctrl.Result{}, err
-	}
-
-	billingRecordQuery := &accountv1.BillingRecordQuery{}
-	err = r.Get(ctx, req.NamespacedName, billingRecordQuery)
-	if err != nil {
-		return ctrl.Result{}, client.IgnoreNotFound(err)
-	}
-
-	if time.Since(billingRecordQuery.CreationTimestamp.Time) > (3 * time.Minute) {
-		err = r.Delete(ctx, billingRecordQuery)
-		return ctrl.Result{}, err
-	}
-	//check options
-
-	if err = CheckOpts(billingRecordQuery); err != nil {
-		//TODO update status
-		return ctrl.Result{}, err
-	}
-
-	err = dbClient.QueryBillingRecords(billingRecordQuery, getUsername(billingRecordQuery.Namespace))
-	if err != nil {
-		r.Logger.Error(err, "query billing records failed")
-		return ctrl.Result{Requeue: true}, err
-	}
-	if err = r.Status().Update(ctx, billingRecordQuery); err != nil {
-		r.Logger.Error(err, "update billing record query status failed")
-		return ctrl.Result{Requeue: true}, err
-	}
-	return ctrl.Result{Requeue: true, RequeueAfter: time.Minute * 4}, nil
-}
-
-func CheckOpts(billingRecordQuery *accountv1.BillingRecordQuery) error {
-	if billingRecordQuery.Spec.Page < 1 || billingRecordQuery.Spec.PageSize < 1 {
-		return fmt.Errorf("page and pageSize must be greater than 0")
-	}
-	return nil
-}
-
-// SetupWithManager sets up the controller with the Manager.
-func (r *BillingRecordQueryReconciler) SetupWithManager(mgr ctrl.Manager, rateOpts controller.Options) error {
-	if r.MongoDBURI = os.Getenv(database.MongoURI); r.MongoDBURI == "" {
-		return fmt.Errorf("env %s is empty", database.MongoURI)
-	}
-	r.Logger = log.Log.WithName("billingrecordquery-controller")
-	r.AccountSystemNamespace = env.GetEnvWithDefault(ACCOUNTNAMESPACEENV, DEFAULTACCOUNTNAMESPACE)
-	return ctrl.NewControllerManagedBy(mgr).
-		For(&accountv1.BillingRecordQuery{}).
-		Watches(&accountv1.PriceQuery{}, &handler.EnqueueRequestForObject{}).
-		WithOptions(rateOpts).
-		Complete(r)
-}
-
-func (r *BillingRecordQueryReconciler) ReconcilePriceQuery(ctx context.Context, priceQuery *accountv1.PriceQuery) (ctrl.Result, error) {
-	// TODO query price
-	if time.Since(priceQuery.CreationTimestamp.Time) > (3 * time.Minute) {
-		err := r.Delete(ctx, priceQuery)
-		return ctrl.Result{}, err
-	}
-	priceQuery.Status.BillingRecords = make([]accountv1.BillingRecord, 0)
-	for _, property := range resources.DefaultPropertyTypeLS.Types {
-		displayName, displayPrice := property.Name, property.UnitPrice
-		if resources.IsGpuResource(property.Name) && property.Alias != "" {
-			displayName = string(resources.NewGpuResource(property.Alias))
-		}
-		if property.ViewPrice > 0 {
-			displayPrice = property.ViewPrice
-		}
-		priceQuery.Status.BillingRecords = append(priceQuery.Status.BillingRecords, accountv1.BillingRecord{
-			ResourceType: displayName,
-			Price:        strconv.FormatFloat(displayPrice, 'f', -1, 64),
-		})
-	}
-	if err := r.Status().Update(ctx, priceQuery); err != nil {
-		r.Logger.Error(err, "update price query status failed")
-		return ctrl.Result{Requeue: true}, err
-	}
-	return ctrl.Result{Requeue: true, RequeueAfter: time.Minute * 4}, nil
-}
diff --git a/controllers/account/controllers/cache/cache.go b/controllers/account/controllers/cache/cache.go
index 4498c2d0d08..c823e954700 100644
--- a/controllers/account/controllers/cache/cache.go
+++ b/controllers/account/controllers/cache/cache.go
@@ -27,10 +27,6 @@ import (
 )
 
 func SetupCache(mgr ctrl.Manager) error {
-	account := &accountv1.Account{}
-	accountNameFunc := func(obj client.Object) []string {
-		return []string{obj.(*accountv1.Account).Name}
-	}
 	ns := &corev1.Namespace{}
 	nsNameFunc := func(obj client.Object) []string {
 		return []string{obj.(*corev1.Namespace).Name}
@@ -45,8 +41,7 @@ func SetupCache(mgr ctrl.Manager) error {
 		extractValue client.IndexerFunc
 	}{
 		{ns, accountv1.Name, nsNameFunc},
-		{ns, accountv1.Owner, nsOwnerFunc},
-		{account, accountv1.Name, accountNameFunc}} {
+		{ns, accountv1.Owner, nsOwnerFunc}} {
 		if err := mgr.GetFieldIndexer().IndexField(context.TODO(), idx.obj, idx.field, idx.extractValue); err != nil {
 			return err
 		}
diff --git a/controllers/account/controllers/debt_controller.go b/controllers/account/controllers/debt_controller.go
index 91fa144d317..8a3de2cb7fc 100644
--- a/controllers/account/controllers/debt_controller.go
+++ b/controllers/account/controllers/debt_controller.go
@@ -783,7 +783,7 @@ func (r *DebtReconciler) SetupWithManager(mgr ctrl.Manager, rateOpts controller.
 	r.Logger.Info("set config", "DebtConfig", DebtConfig, "DebtDetectionCycle", r.DebtDetectionCycle,
 		"accountSystemNamespace", r.accountSystemNamespace)
 	return ctrl.NewControllerManagedBy(mgr).
-		For(&userv1.User{}, builder.WithPredicates(predicate.And(UserOwnerPredicate{}))).
+		For(&userv1.User{}, builder.WithPredicates(predicate.And(UserOwnerPredicate{})), builder.OnlyMetadata).
 		Watches(&accountv1.Payment{}, &handler.EnqueueRequestForObject{}).
 		WithOptions(rateOpts).
 		Complete(r)
diff --git a/controllers/account/controllers/namespacebillinghistory_controller.go b/controllers/account/controllers/namespacebillinghistory_controller.go
deleted file mode 100644
index 36abb44ff11..00000000000
--- a/controllers/account/controllers/namespacebillinghistory_controller.go
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
-Copyright 2023.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package controllers
-
-import (
-	"context"
-	"fmt"
-	"os"
-	"time"
-
-	"github.com/labring/sealos/controllers/pkg/database/mongo"
-
-	userv1 "github.com/labring/sealos/controllers/user/api/v1"
-
-	"github.com/go-logr/logr"
-	"sigs.k8s.io/controller-runtime/pkg/log"
-
-	"github.com/labring/sealos/controllers/pkg/database"
-
-	"k8s.io/apimachinery/pkg/runtime"
-	ctrl "sigs.k8s.io/controller-runtime"
-	"sigs.k8s.io/controller-runtime/pkg/client"
-
-	accountv1 "github.com/labring/sealos/controllers/account/api/v1"
-)
-
-// NamespaceBillingHistoryReconciler reconciles a NamespaceBillingHistory object
-type NamespaceBillingHistoryReconciler struct {
-	client.Client
-	Scheme     *runtime.Scheme
-	Logger     logr.Logger
-	MongoDBURI string
-}
-
-//+kubebuilder:rbac:groups=account.sealos.io,resources=namespacebillinghistories,verbs=get;list;watch;create;update;patch;delete
-//+kubebuilder:rbac:groups=account.sealos.io,resources=namespacebillinghistories/status,verbs=get;update;patch
-//+kubebuilder:rbac:groups=account.sealos.io,resources=namespacebillinghistories/finalizers,verbs=update
-
-// Reconcile is part of the main kubernetes reconciliation loop which aims to
-// move the current state of the cluster closer to the desired state.
-// TODO(user): Modify the Reconcile function to compare the state specified by
-// the NamespaceBillingHistory object against the actual cluster state, and then
-// perform operations to make the cluster state reflect the state specified by
-// the user.
-//
-// For more details, check Reconcile and its Result here:
-// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.11.2/pkg/reconcile
-func (r *NamespaceBillingHistoryReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
-	dbCtx := context.Background()
-	dbClient, err := mongo.NewMongoInterface(dbCtx, r.MongoDBURI)
-	if err != nil {
-		r.Logger.Error(err, "connect mongo client failed")
-		return ctrl.Result{Requeue: true}, err
-	}
-	defer func() {
-		err := dbClient.Disconnect(ctx)
-		if err != nil {
-			r.Logger.V(5).Info("disconnect mongo client failed", "err", err)
-		}
-	}()
-
-	nsHistory := &accountv1.NamespaceBillingHistory{}
-	err = r.Get(ctx, req.NamespacedName, nsHistory)
-	if err == nil {
-		// delete after 3 minutes
-		if time.Since(nsHistory.CreationTimestamp.Time) > 3*time.Minute {
-			return ctrl.Result{}, r.Delete(ctx, nsHistory)
-		}
-		if err = r.reconcile(ctx, req, dbClient, nsHistory); err != nil {
-			r.Logger.Error(err, "reconcile failed")
-			nsHistory.Status.Status = accountv1.Failed
-		}
-		if err = r.Status().Update(ctx, nsHistory); err == nil {
-			// return after 4 minutes
-			return ctrl.Result{RequeueAfter: 4 * time.Minute}, nil
-		}
-	}
-
-	return ctrl.Result{}, client.IgnoreNotFound(err)
-}
-
-func (r *NamespaceBillingHistoryReconciler) reconcile(ctx context.Context, req ctrl.Request, dbClient database.Account, nsHistory *accountv1.NamespaceBillingHistory) error {
-	user := &userv1.User{}
-	if err := r.Get(ctx, client.ObjectKey{Namespace: req.Namespace, Name: getUsername(req.Namespace)}, user); err != nil {
-		return fmt.Errorf("get user failed: %w", err)
-	}
-	owner, ok := user.GetAnnotations()[userv1.UserAnnotationOwnerKey]
-	if !ok {
-		return fmt.Errorf("user %s has no annotations %s", user.Name, userv1.UserLabelOwnerKey)
-	}
-	nsList, err := dbClient.GetBillingHistoryNamespaceList(&nsHistory.Spec, owner)
-	if err != nil {
-		return fmt.Errorf("get billing history namespace list failed: %w", err)
-	}
-	nsHistory.Status.NamespaceList = nsList
-	nsHistory.Status.Status = accountv1.Completed
-	return nil
-}
-
-// SetupWithManager sets up the controller with the Manager.
-func (r *NamespaceBillingHistoryReconciler) SetupWithManager(mgr ctrl.Manager) error {
-	if r.MongoDBURI = os.Getenv(database.MongoURI); r.MongoDBURI == "" {
-		return fmt.Errorf("env %s is empty", database.MongoURI)
-	}
-	r.Logger = log.Log.WithName("namespacebillinghistories-controller")
-	return ctrl.NewControllerManagedBy(mgr).
-		For(&accountv1.NamespaceBillingHistory{}).
-		Complete(r)
-}
diff --git a/controllers/account/controllers/transfer_controller.go b/controllers/account/controllers/transfer_controller.go
deleted file mode 100644
index 705c62b8330..00000000000
--- a/controllers/account/controllers/transfer_controller.go
+++ /dev/null
@@ -1,256 +0,0 @@
-/*
-Copyright 2023.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package controllers
-
-//
-//import (
-//	"context"
-//	"fmt"
-//	"os"
-//	"strconv"
-//	"time"
-//
-//	"github.com/labring/sealos/controllers/pkg/common"
-//
-//	"github.com/labring/sealos/controllers/pkg/resources"
-//
-//	"github.com/labring/sealos/controllers/pkg/database"
-//
-//	"github.com/labring/sealos/controllers/pkg/crypto"
-//
-//	"github.com/go-logr/logr"
-//	gonanoid "github.com/matoous/go-nanoid/v2"
-//	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-//	"sigs.k8s.io/controller-runtime/pkg/builder"
-//
-//	v1 "github.com/labring/sealos/controllers/pkg/notification/api/v1"
-//
-//	"k8s.io/apimachinery/pkg/runtime"
-//	ctrl "sigs.k8s.io/controller-runtime"
-//	"sigs.k8s.io/controller-runtime/pkg/client"
-//
-//	accountv1 "github.com/labring/sealos/controllers/account/api/v1"
-//)
-//
-//var MinBalance int64 = 10_000000
-//
-//// TransferReconciler reconciles a Transfer object
-//type TransferReconciler struct {
-//	Logger logr.Logger
-//	client.Client
-//	Scheme                 *runtime.Scheme
-//	AccountSystemNamespace string
-//	DBClient               database.Account
-//}
-//
-////TODO add user, account role
-////+kubebuilder:rbac:groups=account.sealos.io,resources=accounts,verbs=get;list;watch;create
-////+kubebuilder:rbac:groups=account.sealos.io,resources=accounts/status,verbs=get
-////+kubebuilder:rbac:groups=account.sealos.io,resources=transfers,verbs=get;list;watch;create;update;patch;delete
-////+kubebuilder:rbac:groups=account.sealos.io,resources=transfers/status,verbs=get;update;patch
-////+kubebuilder:rbac:groups=account.sealos.io,resources=transfers/finalizers,verbs=update
-////+kubebuilder:rbac:groups=notification.sealos.io,resources=notifications,verbs=get;list;watch;create;update;patch;delete
-//
-//// Reconcile is part of the main kubernetes reconciliation loop which aims to
-//// move the current state of the cluster closer to the desired state.
-//// TODO(user): Modify the Reconcile function to compare the state specified by
-//// the Transfer object against the actual cluster state, and then
-//// perform operations to make the cluster state reflect the state specified by
-//// the user.
-////
-//// For more details, check Reconcile and its Result here:
-//// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.11.2/pkg/reconcile
-//func (r *TransferReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
-//	transfer := accountv1.Transfer{}
-//	if err := r.Get(ctx, req.NamespacedName, &transfer); err != nil {
-//		return ctrl.Result{}, client.IgnoreNotFound(err)
-//	}
-//	transfer.Spec.From = getUsername(transfer.Namespace)
-//	if time.Since(transfer.CreationTimestamp.Time) > time.Minute*3 {
-//		return ctrl.Result{}, r.Delete(ctx, &transfer)
-//	}
-//	//TODO Error rollback required
-//	pipeLine := []func(ctx context.Context, transfer *accountv1.Transfer) error{
-//		r.check,
-//		r.transferSaver,
-//		r.transferAccount,
-//	}
-//	for _, f := range pipeLine {
-//		if err := f(ctx, &transfer); err != nil {
-//			transfer.Status.Reason = err.Error()
-//			transfer.Status.Progress = accountv1.TransferStateFailed
-//			break
-//		}
-//	}
-//	if transfer.Status.Progress != accountv1.TransferStateFailed {
-//		transfer.Status.Progress = accountv1.TransferStateCompleted
-//	}
-//	if err := r.Status().Update(ctx, &transfer); err != nil {
-//		return ctrl.Result{}, fmt.Errorf("update transfer status failed: %w", err)
-//	}
-//	return ctrl.Result{RequeueAfter: 3 * time.Minute}, nil
-//}
-//
-//// SetupWithManager sets up the controller with the Manager.
-//func (r *TransferReconciler) SetupWithManager(mgr ctrl.Manager) error {
-//	r.AccountSystemNamespace = os.Getenv(ACCOUNTNAMESPACEENV)
-//	if r.AccountSystemNamespace == "" {
-//		r.AccountSystemNamespace = DEFAULTACCOUNTNAMESPACE
-//	}
-//	r.Logger = ctrl.Log.WithName("transfer-controller")
-//	if m := os.Getenv("TRANSFERMINBALANCE"); m != "" {
-//		minBalance, err := strconv.ParseInt(m, 10, 64)
-//		if err != nil {
-//			r.Logger.Error(err, "parse min balance failed")
-//		} else {
-//			MinBalance = minBalance
-//		}
-//	}
-//	return ctrl.NewControllerManagedBy(mgr).
-//		For(&accountv1.Transfer{}, builder.WithPredicates(OnlyCreatePredicate{})).
-//		Complete(r)
-//}
-//
-//func (r *TransferReconciler) transferSaver(ctx context.Context, transfer *accountv1.Transfer) error {
-//	idOut, err := gonanoid.New(12)
-//	if err != nil {
-//		return fmt.Errorf("create id failed: %w", err)
-//	}
-//	idIn, err := gonanoid.New(12)
-//	if err != nil {
-//		return fmt.Errorf("create id failed: %w", err)
-//	}
-//	err = r.DBClient.SaveBillings(&resources.Billing{
-//		OrderID:   idOut,
-//		Amount:    transfer.Spec.Amount,
-//		Owner:     getUsername(transfer.Namespace),
-//		Type:      accountv1.TransferOut,
-//		Namespace: transfer.Namespace,
-//		Time:      transfer.CreationTimestamp.Time,
-//		Transfer: &resources.Transfer{
-//			To:     transfer.Spec.To,
-//			Amount: transfer.Spec.Amount,
-//		},
-//	}, &resources.Billing{
-//		OrderID:   idIn,
-//		Amount:    transfer.Spec.Amount,
-//		Owner:     getUsername(transfer.Spec.To),
-//		Type:      accountv1.TransferIn,
-//		Namespace: transfer.Namespace,
-//		Time:      transfer.CreationTimestamp.Time,
-//		Transfer: &resources.Transfer{
-//			From:   transfer.Spec.From,
-//			Amount: transfer.Spec.Amount,
-//		},
-//	})
-//	if err != nil {
-//		return fmt.Errorf("save billing failed: %w", err)
-//	}
-//	if err = r.sendNotice(ctx, transfer.Namespace, transfer.Spec.To, transfer.Spec.Amount, accountv1.TransferOut); err != nil {
-//		r.Logger.Error(err, "send notice failed")
-//	}
-//	if err := r.sendNotice(ctx, transfer.Spec.To, transfer.Namespace, transfer.Spec.Amount, accountv1.TransferIn); err != nil {
-//		r.Logger.Error(err, "send notice failed")
-//	}
-//	return nil
-//}
-//
-//func (r *TransferReconciler) transferAccount(ctx context.Context, transfer *accountv1.Transfer) error {
-//	from, to := transfer.Namespace, transfer.Spec.To
-//	var fromAccount, toAccount accountv1.Account
-//	if r.Get(ctx, client.ObjectKey{Namespace: r.AccountSystemNamespace, Name: getUsername(from)}, &fromAccount) != nil {
-//		return fmt.Errorf("owner %s account not found", from)
-//	}
-//	if r.Get(ctx, client.ObjectKey{Namespace: r.AccountSystemNamespace, Name: getUsername(to)}, &toAccount) != nil {
-//		return fmt.Errorf("owner %s account not found", to)
-//	}
-//	balance, _ := crypto.DecryptInt64(*fromAccount.Status.EncryptBalance)
-//	deductionBalance, _ := crypto.DecryptInt64(*fromAccount.Status.EncryptDeductionBalance)
-//	// check balance is enough ( balance - deductionBalance - transferAmount - MinBalance - ActivityBonus) activity give amount not included
-//	if balance < deductionBalance+transfer.Spec.Amount+MinBalance+fromAccount.Status.ActivityBonus {
-//		return fmt.Errorf("balance not enough")
-//	}
-//	if r.Get(ctx, client.ObjectKey{Namespace: r.AccountSystemNamespace, Name: getUsername(to)}, &accountv1.Account{}) != nil {
-//		return fmt.Errorf("user %s account not found", transfer.Spec.To)
-//	}
-//	err := crypto.RechargeBalance(toAccount.Status.EncryptBalance, transfer.Spec.Amount)
-//	if err != nil {
-//		return err
-//	}
-//	err = crypto.DeductBalance(fromAccount.Status.EncryptBalance, transfer.Spec.Amount)
-//	if err != nil {
-//		return err
-//	}
-//	if err = SyncAccountStatus(ctx, r.Client, &toAccount); err != nil {
-//		return fmt.Errorf("sync account status failed: %w", err)
-//	}
-//	if err = SyncAccountStatus(ctx, r.Client, &fromAccount); err != nil {
-//		return fmt.Errorf("sync account status failed: %w", err)
-//	}
-//	return nil
-//}
-//
-//const (
-//	TransferInNotification  = `You have a new transfer from %s, amount: %d`
-//	TransferOutNotification = `You have a new transfer to %s, amount: %d`
-//)
-//
-//var transferNotification = map[common.Type]string{
-//	accountv1.TransferIn:  TransferInNotification,
-//	accountv1.TransferOut: TransferOutNotification,
-//}
-//
-//func (r *TransferReconciler) sendNotice(ctx context.Context, namespace string, user string, amount int64, _type common.Type) error {
-//	now := time.Now().UTC().Unix()
-//	ntf := v1.Notification{
-//		ObjectMeta: metav1.ObjectMeta{
-//			Name:      "transfer-notice-" + strconv.FormatInt(now, 10),
-//			Namespace: GetUserNamespace(getUsername(namespace)),
-//		},
-//		Spec: v1.NotificationSpec{
-//			Title:      "Transfer Notice",
-//			Message:    fmt.Sprintf(transferNotification[_type], GetUserNamespace(getUsername(user)), convertAmount(amount)),
-//			From:       "Account-System",
-//			Timestamp:  now,
-//			Importance: v1.Low,
-//		},
-//	}
-//	return r.Create(ctx, &ntf)
-//}
-//
-//// Convert amount 1¥：1000000
-//func convertAmount(amount int64) int64 {
-//	return amount / 1_000_000
-//}
-//
-//func (r *TransferReconciler) check(_ context.Context, transfer *accountv1.Transfer) error {
-//	if transfer.Spec.Amount <= 0 {
-//		return fmt.Errorf("amount must be greater than 0")
-//	}
-//	if transfer.Status.Progress == accountv1.TransferStateFailed {
-//		return fmt.Errorf(transfer.Status.Reason)
-//	}
-//	if transfer.Status.Progress == accountv1.TransferStateCompleted {
-//		return fmt.Errorf("transfer already completed")
-//	}
-//	from := transfer.Namespace
-//	to := transfer.Spec.To
-//	if getUsername(from) == getUsername(to) {
-//		return fmt.Errorf("can not transfer to self")
-//	}
-//	return nil
-//}
diff --git a/controllers/account/deploy/manifests/deploy.yaml b/controllers/account/deploy/manifests/deploy.yaml
index 3ed178e2e76..0dbf09c8853 100644
--- a/controllers/account/deploy/manifests/deploy.yaml
+++ b/controllers/account/deploy/manifests/deploy.yaml
@@ -21,315 +21,10 @@ metadata:
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
-  creationTimestamp: null
-  name: accounts.account.sealos.io
-spec:
-  group: account.sealos.io
-  names:
-    kind: Account
-    listKind: AccountList
-    plural: accounts
-    singular: account
-  scope: Namespaced
-  versions:
-  - name: v1
-    schema:
-      openAPIV3Schema:
-        description: Account is the Schema for the accounts API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: AccountSpec defines the desired state of Account
-            type: object
-          status:
-            description: AccountStatus defines the observed state of Account
-            properties:
-              activityBonus:
-                description: 'ActivityBonus: for demonstration purposes only and does
-                  not participate in calculation'
-                format: int64
-                type: integer
-              balance:
-                description: Recharge amount
-                format: int64
-                type: integer
-              chargeList:
-                description: delete in the future
-                items:
-                  properties:
-                    accountBalanceName:
-                      type: string
-                    balance:
-                      format: int64
-                      type: integer
-                    deductionAmount:
-                      description: deduction info will Record in the Charge
-                      format: int64
-                      type: integer
-                    describe:
-                      type: string
-                    status:
-                      type: string
-                    time:
-                      format: date-time
-                      type: string
-                    tradeNO:
-                      type: string
-                  type: object
-                type: array
-              deductionBalance:
-                description: Deduction amount
-                format: int64
-                type: integer
-              encryptBalance:
-                description: EncryptBalance is to encrypt balance
-                type: string
-              encryptDeductionBalance:
-                description: EncryptDeductionBalance is to encrypt DeductionBalance
-                type: string
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
-  creationTimestamp: null
-  name: billinginfoqueries.account.sealos.io
-spec:
-  group: account.sealos.io
-  names:
-    kind: BillingInfoQuery
-    listKind: BillingInfoQueryList
-    plural: billinginfoqueries
-    singular: billinginfoquery
-  scope: Namespaced
-  versions:
-  - name: v1
-    schema:
-      openAPIV3Schema:
-        description: BillingInfoQuery is the Schema for the billinginfoqueries API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: BillingInfoQuerySpec defines the desired state of BillingInfoQuery
-            properties:
-              args:
-                additionalProperties:
-                  type: string
-                type: object
-              queryType:
-                type: string
-            required:
-            - queryType
-            type: object
-          status:
-            description: BillingInfoQueryStatus defines the observed state of BillingInfoQuery
-            properties:
-              result:
-                type: string
-              status:
-                type: string
-              statusDetails:
-                type: string
-            required:
-            - result
-            - status
-            - statusDetails
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
-  creationTimestamp: null
-  name: billingrecordqueries.account.sealos.io
-spec:
-  group: account.sealos.io
-  names:
-    kind: BillingRecordQuery
-    listKind: BillingRecordQueryList
-    plural: billingrecordqueries
-    singular: billingrecordquery
-  scope: Namespaced
-  versions:
-  - name: v1
-    schema:
-      openAPIV3Schema:
-        description: BillingRecordQuery is the Schema for the billingrecordqueries
-          API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: BillingRecordQuerySpec defines the desired state of BillingRecordQuery
-            properties:
-              appType:
-                type: string
-              endTime:
-                format: date-time
-                type: string
-              namespace:
-                type: string
-              orderID:
-                type: string
-              page:
-                description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
-                  Important: Run "make" to regenerate code after modifying this file'
-                type: integer
-              pageSize:
-                type: integer
-              startTime:
-                format: date-time
-                type: string
-              type:
-                type: integer
-            required:
-            - endTime
-            - page
-            - pageSize
-            - startTime
-            - type
-            type: object
-          status:
-            description: BillingRecordQueryStatus defines the observed state of BillingRecordQuery
-            properties:
-              deductionAmount:
-                format: int64
-                type: integer
-              item:
-                items:
-                  properties:
-                    amount:
-                      description: Amount = PaymentAmount + GiftAmount
-                      format: int64
-                      type: integer
-                    appType:
-                      type: string
-                    costs:
-                      additionalProperties:
-                        format: int64
-                        type: integer
-                      type: object
-                    name:
-                      type: string
-                    namespace:
-                      type: string
-                    order_id:
-                      type: string
-                    payment:
-                      description: when Type = Recharge, PaymentAmount is the amount
-                        of recharge
-                      properties:
-                        amount:
-                          format: int64
-                          type: integer
-                      type: object
-                    time:
-                      format: date-time
-                      type: string
-                    type:
-                      type: integer
-                  required:
-                  - order_id
-                  - time
-                  - type
-                  type: object
-                type: array
-              pageLength:
-                type: integer
-              rechargeAmount:
-                format: int64
-                type: integer
-              status:
-                type: string
-              totalCount:
-                description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
-                  of cluster Important: Run "make" to regenerate code after modifying
-                  this file'
-                type: integer
-            required:
-            - pageLength
-            - rechargeAmount
-            - status
-            - totalCount
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
 metadata:
   annotations:
     cert-manager.io/inject-ca-from: account-system/account-serving-cert
-    controller-gen.kubebuilder.io/version: v0.8.0
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: debts.account.sealos.io
 spec:
   conversion:
@@ -360,24 +55,29 @@ spec:
         description: Debt is the Schema for the debts API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
           spec:
             description: DebtSpec defines the desired state of Debt
             properties:
-              userName:
-                type: string
               userID:
                 type: string
+              userName:
+                type: string
             type: object
           status:
             description: DebtStatus defines the observed state of Debt
@@ -406,96 +106,12 @@ spec:
     storage: true
     subresources:
       status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
-  creationTimestamp: null
-  name: namespacebillinghistories.account.sealos.io
-spec:
-  group: account.sealos.io
-  names:
-    kind: NamespaceBillingHistory
-    listKind: NamespaceBillingHistoryList
-    plural: namespacebillinghistories
-    singular: namespacebillinghistory
-  scope: Namespaced
-  versions:
-  - name: v1
-    schema:
-      openAPIV3Schema:
-        description: NamespaceBillingHistory is the Schema for the namespacebillinghistories
-          API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: NamespaceBillingHistorySpec defines the desired state of
-              NamespaceBillingHistory
-            properties:
-              endTime:
-                format: date-time
-                type: string
-              startTime:
-                format: date-time
-                type: string
-              type:
-                type: integer
-            required:
-            - type
-            type: object
-          status:
-            description: NamespaceBillingHistoryStatus defines the observed state
-              of NamespaceBillingHistory
-            properties:
-              detail:
-                type: string
-              namespaceList:
-                description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
-                  of cluster Important: Run "make" to regenerate code after modifying
-                  this file'
-                items:
-                  type: string
-                type: array
-              status:
-                type: string
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
-  creationTimestamp: null
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: payments.account.sealos.io
 spec:
   group: account.sealos.io
@@ -512,14 +128,19 @@ spec:
         description: Payment is the Schema for the payments API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
@@ -534,12 +155,12 @@ spec:
                 default: wechat
                 description: e.g. wechat, alipay, creditcard, etc.
                 type: string
-              userID:
-                description: UserID is the user id who want to recharge
-                type: string
               userCR:
                 description: UserCr is the user cr name who want to recharge
                 type: string
+              userID:
+                description: UserID is the user id who want to recharge
+                type: string
             type: object
           status:
             description: PaymentStatus defines the observed state of Payment
@@ -560,146 +181,6 @@ spec:
     storage: true
     subresources:
       status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
-  creationTimestamp: null
-  name: pricequeries.account.sealos.io
-spec:
-  group: account.sealos.io
-  names:
-    kind: PriceQuery
-    listKind: PriceQueryList
-    plural: pricequeries
-    singular: pricequery
-  scope: Namespaced
-  versions:
-  - name: v1
-    schema:
-      openAPIV3Schema:
-        description: PriceQuery is the Schema for the pricequeries API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: PriceQuerySpec defines the desired state of PriceQuery
-            type: object
-          status:
-            description: PriceQueryStatus defines the observed state of PriceQuery
-            properties:
-              billingRecords:
-                items:
-                  properties:
-                    discountType:
-                      type: string
-                    price:
-                      type: string
-                    resourceType:
-                      type: string
-                  required:
-                  - price
-                  - resourceType
-                  type: object
-                type: array
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
-  creationTimestamp: null
-  name: transfers.account.sealos.io
-spec:
-  group: account.sealos.io
-  names:
-    kind: Transfer
-    listKind: TransferList
-    plural: transfers
-    singular: transfer
-  scope: Namespaced
-  versions:
-  - name: v1
-    schema:
-      openAPIV3Schema:
-        description: Transfer is the Schema for the transfers API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: TransferSpec defines the desired state of Transfer
-            properties:
-              amount:
-                format: int64
-                minimum: 1000000
-                type: integer
-              from:
-                type: string
-              to:
-                type: string
-            required:
-            - amount
-            - to
-            type: object
-          status:
-            description: TransferStatus defines the observed state of Transfer
-            properties:
-              progress:
-                type: integer
-              reason:
-                type: string
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
 ---
 apiVersion: v1
 kind: ServiceAccount
@@ -748,7 +229,6 @@ rules:
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  creationTimestamp: null
   name: account-manager-role
 rules:
 - apiGroups:
@@ -763,12 +243,6 @@ rules:
   - patch
   - update
   - watch
-- apiGroups:
-  - ""
-  resources:
-  - configmaps/status
-  verbs:
-  - get
 - apiGroups:
   - ""
   resources:
@@ -807,58 +281,6 @@ rules:
   - get
   - patch
   - update
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billinginfoqueries
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billinginfoqueries/finalizers
-  verbs:
-  - update
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billinginfoqueries/status
-  verbs:
-  - get
-  - patch
-  - update
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billingrecordqueries
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billingrecordqueries/finalizers
-  verbs:
-  - update
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - billingrecordqueries/status
-  verbs:
-  - get
-  - patch
-  - update
 - apiGroups:
   - account.sealos.io
   resources:
@@ -885,32 +307,6 @@ rules:
   - get
   - patch
   - update
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - namespacebillinghistories
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - namespacebillinghistories/finalizers
-  verbs:
-  - update
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - namespacebillinghistories/status
-  verbs:
-  - get
-  - patch
-  - update
 - apiGroups:
   - account.sealos.io
   resources:
@@ -937,32 +333,6 @@ rules:
   - get
   - patch
   - update
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - pricequeries
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - pricequeries/finalizers
-  verbs:
-  - update
-- apiGroups:
-  - account.sealos.io
-  resources:
-  - pricequeries/status
-  verbs:
-  - get
-  - patch
-  - update
 - apiGroups:
   - apps
   resources:
@@ -1183,8 +553,6 @@ rules:
   - get
   - list
   - watch
-  - create
-  - patch
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
@@ -1257,6 +625,20 @@ subjects:
 apiVersion: v1
 data:
   controller_manager_config.yaml: |
+    # Copyright © 2023 sealos.
+    #
+    # Licensed under the Apache License, Version 2.0 (the "License");
+    # you may not use this file except in compliance with the License.
+    # You may obtain a copy of the License at
+    #
+    #     http://www.apache.org/licenses/LICENSE-2.0
+    #
+    # Unless required by applicable law or agreed to in writing, software
+    # distributed under the License is distributed on an "AS IS" BASIS,
+    # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    # See the License for the specific language governing permissions and
+    # limitations under the License.
+
     apiVersion: controller-runtime.sigs.k8s.io/v1alpha1
     kind: ControllerManagerConfig
     health:
@@ -1321,6 +703,18 @@ spec:
       labels:
         control-plane: controller-manager
     spec:
+      affinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+          - podAffinityTerm:
+              labelSelector:
+                matchExpressions:
+                - key: control-plane
+                  operator: In
+                  values:
+                  - controller-manager
+              topologyKey: kubernetes.io/hostname
+            weight: 100
       containers:
       - args:
         - --health-probe-bind-address=:8081
@@ -1405,18 +799,6 @@ spec:
         runAsNonRoot: true
       serviceAccountName: account-controller-manager
       terminationGracePeriodSeconds: 10
-      affinity:
-        podAntiAffinity:
-          preferredDuringSchedulingIgnoredDuringExecution:
-          - weight: 100
-            podAffinityTerm:
-              labelSelector:
-                matchExpressions:
-                - key: "control-plane"
-                  operator: In
-                  values:
-                  - controller-manager
-              topologyKey: "kubernetes.io/hostname"
       volumes:
       - name: cert
         secret:
diff --git a/controllers/account/main.go b/controllers/account/main.go
index 291aa96c392..9f875848ac9 100644
--- a/controllers/account/main.go
+++ b/controllers/account/main.go
@@ -177,13 +177,6 @@ func main() {
 		AccountV2:   v2Account,
 		CVMDBClient: cvmDBClient,
 	}
-	billingInfoQueryReconciler := &controllers.BillingInfoQueryReconciler{
-		Client:     mgr.GetClient(),
-		Scheme:     mgr.GetScheme(),
-		DBClient:   dbClient,
-		Properties: resources.DefaultPropertyTypeLS,
-		AccountV2:  v2Account,
-	}
 	activities, discountSteps, discountRatios, err := controllers.RawParseRechargeConfig()
 	if err != nil {
 		setupLog.Error(err, "parse recharge config failed")
@@ -194,11 +187,6 @@ func main() {
 			DiscountRates: discountRatios,
 			DiscountSteps: discountSteps,
 		}
-		billingInfoQueryReconciler.Activities = activities
-		billingInfoQueryReconciler.DefaultDiscount = types.RechargeDiscount{
-			DiscountRates: discountRatios,
-			DiscountSteps: discountSteps,
-		}
 	}
 	setupManagerError := func(err error, controller string) {
 		setupLog.Error(err, "unable to create controller", "controller", controller)
@@ -230,13 +218,6 @@ func main() {
 		setupLog.Error(err, "unable to get property type")
 		os.Exit(1)
 	}
-
-	if err = (&controllers.BillingRecordQueryReconciler{
-		Client: mgr.GetClient(),
-		Scheme: mgr.GetScheme(),
-	}).SetupWithManager(mgr, rateOpts); err != nil {
-		setupManagerError(err, "BillingRecordQuery")
-	}
 	if err = (&controllers.BillingReconciler{
 		DBClient:   dbClient,
 		Properties: resources.DefaultPropertyTypeLS,
@@ -259,16 +240,6 @@ func main() {
 	}).SetupWithManager(mgr); err != nil {
 		setupManagerError(err, "Namespace")
 	}
-	if err = (&controllers.NamespaceBillingHistoryReconciler{
-		Client: mgr.GetClient(),
-		Scheme: mgr.GetScheme(),
-	}).SetupWithManager(mgr); err != nil {
-		setupManagerError(err, "NamespaceBillingHistory")
-	}
-	billingInfoQueryReconciler.AccountSystemNamespace = accountReconciler.AccountSystemNamespace
-	if err = (billingInfoQueryReconciler).SetupWithManager(mgr); err != nil {
-		setupManagerError(err, "BillingInfoQuery")
-	}
 
 	if err = (&controllers.PaymentReconciler{
 		Account:     accountReconciler,
diff --git a/controllers/pkg/database/cockroach/accountv2.go b/controllers/pkg/database/cockroach/accountv2.go
index 8b13cf5131a..121046d5328 100644
--- a/controllers/pkg/database/cockroach/accountv2.go
+++ b/controllers/pkg/database/cockroach/accountv2.go
@@ -20,7 +20,6 @@ import (
 	"fmt"
 	"log"
 	"os"
-	"path/filepath"
 	"time"
 
 	"gorm.io/gorm/clause"
@@ -40,15 +39,12 @@ import (
 )
 
 type Cockroach struct {
-	DB          *gorm.DB
-	Localdb     *gorm.DB
-	LocalRegion *types.Region
-	ZeroAccount *types.Account
-	activities  types.Activities
-	//TODO need init
-	defaultRechargeDiscount types.RechargeDiscount
-	accountConfig           *types.AccountConfig
-	tasks                   map[uuid.UUID]types.Task
+	DB            *gorm.DB
+	Localdb       *gorm.DB
+	LocalRegion   *types.Region
+	ZeroAccount   *types.Account
+	accountConfig *types.AccountConfig
+	tasks         map[uuid.UUID]types.Task
 }
 
 const (
@@ -593,153 +589,6 @@ func (c *Cockroach) CreateAccount(ops *types.UserQueryOpts, account *types.Accou
 	return account, nil
 }
 
-func (c *Cockroach) CreateErrorAccountCreate(account *types.Account, owner, errorMsg string) error {
-	accountErrSave := &types.ErrorAccountCreate{
-		Account:         *account,
-		UserCr:          owner,
-		ErrorTime:       time.Now().UTC(),
-		Message:         errorMsg,
-		RegionUserOwner: owner,
-		RegionUID:       c.LocalRegion.UID,
-	}
-	if err := c.DB.FirstOrCreate(accountErrSave, types.ErrorAccountCreate{UserCr: owner}).Error; err != nil {
-		return fmt.Errorf("failed to create error account create error msg: %w", err)
-	}
-	return nil
-}
-
-func (c *Cockroach) CreateErrorPaymentCreate(payment types.Payment, errorMsg string) error {
-	if err := c.DB.Create(&types.ErrorPaymentCreate{
-		PaymentRaw: payment.PaymentRaw, Message: errorMsg, CreateTime: time.Now().UTC()}).Error; err != nil {
-		return fmt.Errorf("failed to create error payment create error msg: %w", err)
-	}
-	return nil
-}
-
-// TransferAccountV1 account indicates the CRD value of the original account
-func (c *Cockroach) TransferAccountV1(owner string, account *types.Account) (*types.Account, error) {
-	//transfer := &types.TransferAccountV1{}
-	//// if existed, it indicates that the system has been migrated
-	//err := g.DB.Where(&types.TransferAccountV1{RegionUID: g.LocalRegion.UID, RegionUserOwner: owner}).First(transfer).Error
-	//if err == nil {
-	//	return nil, nil
-	//}
-	//if !errors.Is(err, gorm.ErrRecordNotFound) {
-	//	return nil, fmt.Errorf("failed to get transfer account: %w", err)
-	//}
-
-	if _, err := os.Stat(filepath.Join(transferAccountV1, c.LocalRegion.UID.String(), owner)); err == nil {
-		return nil, nil
-	} else if !os.IsNotExist(err) {
-		return nil, fmt.Errorf("failed to get transfer account: %v", err)
-	}
-
-	// if not existed, it indicates that the system has not been migrated
-
-	query := &types.UserQueryOpts{Owner: owner, IgnoreEmpty: true}
-	accountV2, err := c.GetAccount(query)
-	if err != nil {
-		if errors.Is(err, gorm.ErrRecordNotFound) {
-			if err = c.saveNullUserRecord(types.NullUserRecord{
-				CrName:   owner,
-				RegionID: c.LocalRegion.UID.String(),
-			}); err != nil {
-				return nil, fmt.Errorf("failed to save null user record: %v", err)
-			}
-			//nullUser := &types.NullUserRecord{
-			//	CrName:   owner,
-			//	RegionID: g.LocalRegion.UID.String(),
-			//}
-			//if err := g.DB.FirstOrCreate(nullUser, types.NullUserRecord{CrName: owner, RegionID: g.LocalRegion.UID.String()}).Error; err != nil {
-			//	return nil, fmt.Errorf("failed to create null user record: %v", err)
-			//}
-			return nil, nil
-		}
-		return nil, fmt.Errorf("failed to get account: %v", err)
-	}
-	transfer := types.TransferAccountV1{
-		RegionUID:       c.LocalRegion.UID,
-		RegionUserOwner: owner,
-	}
-	if accountV2 == nil {
-		accountV2 = &types.Account{
-			UserUID:                 query.UID,
-			ActivityBonus:           account.ActivityBonus,
-			EncryptDeductionBalance: account.EncryptDeductionBalance,
-			EncryptBalance:          account.EncryptBalance,
-			Balance:                 account.Balance,
-			DeductionBalance:        account.DeductionBalance,
-			CreateRegionID:          c.LocalRegion.UID.String(),
-			//TODO need init
-			CreatedAt: account.CreatedAt,
-		}
-		if err := c.DB.FirstOrCreate(accountV2).Error; err != nil {
-			return nil, fmt.Errorf("failed to create account: %w", err)
-		}
-	} else {
-		if accountV2.CreatedAt.After(account.CreatedAt) {
-			accountV2.CreatedAt = account.CreatedAt
-		}
-		if err := c.updateWithAccount(true, true, accountV2, account.DeductionBalance); err != nil {
-			return nil, fmt.Errorf("failed to update account DeductionBalance: %v", err)
-		}
-		if err := c.updateWithAccount(false, true, accountV2, account.Balance); err != nil {
-			return nil, fmt.Errorf("failed to update account Balance: %v", err)
-		}
-		if err := c.DB.Save(accountV2).Error; err != nil {
-			return nil, fmt.Errorf("failed to save account: %v", err)
-		}
-		transfer.Exist = true
-	}
-
-	transfer.Account = *accountV2
-	//if err := g.DB.Save(&transfer).Error; err != nil {
-	//	return fmt.Errorf("failed to save transfer account: %v", err)
-	//}
-	if err := c.saveTransferAccountV1(transfer); err != nil {
-		return nil, fmt.Errorf("failed to save transfer account: %v", err)
-	}
-	return accountV2, err
-}
-
-var (
-	transferV1toV2    = "transferv1tov2"
-	transferAccountV1 = filepath.Join(transferV1toV2, "transfer_account_v1")
-	transferV1Exist   = filepath.Join(transferV1toV2, "transfer_account_v1_exist")
-	nullUserRecord    = filepath.Join(transferV1toV2, "null_user_record")
-)
-
-func (c *Cockroach) saveTransferAccountV1(transfer types.TransferAccountV1) error {
-	name := transfer.RegionUserOwner
-	savePath := filepath.Join(transferAccountV1, transfer.RegionUID.String(), name)
-	file, err := os.Create(savePath)
-	if err != nil {
-		return fmt.Errorf("failed to create file: %v", err)
-	}
-	defer file.Close()
-	if !transfer.Exist {
-		return nil
-	}
-	saveExistPath := filepath.Join(transferV1Exist, transfer.RegionUID.String(), name)
-	existFile, err := os.Create(saveExistPath)
-	if err != nil {
-		return fmt.Errorf("failed to create file: %v", err)
-	}
-	return existFile.Close()
-}
-
-func (c *Cockroach) saveNullUserRecord(nullUser types.NullUserRecord) error {
-	savePath := filepath.Join(nullUserRecord, nullUser.RegionID, nullUser.CrName)
-	file, err := os.Create(savePath)
-	if err != nil {
-		if errors.Is(err, os.ErrExist) {
-			return nil
-		}
-		return fmt.Errorf("failed to create file: %v", err)
-	}
-	return file.Close()
-}
-
 func (c *Cockroach) Payment(payment *types.Payment) error {
 	return c.payment(payment, true)
 }
@@ -1040,57 +889,6 @@ func (c *Cockroach) NewAccount(ops *types.UserQueryOpts) (*types.Account, error)
 	return account, nil
 }
 
-// //TODO: remove this method
-func (c *Cockroach) GetUserAccountRechargeDiscount(ops *types.UserQueryOpts) (*types.RechargeDiscount, error) {
-	userID := ops.UID
-	if userID == uuid.Nil {
-		user, err := c.GetUserCr(ops)
-		if err != nil {
-			return nil, fmt.Errorf("failed to get user %v: %v", ops, err)
-		}
-		userID = user.UserUID
-	}
-	var userActivities []types.UserActivity
-	if !c.DB.Migrator().HasTable("UserActivities") {
-		return &c.defaultRechargeDiscount, nil
-	}
-	if err := c.DB.Table("UserActivities").Where(types.UserActivity{
-		UserID: userID,
-	}).Find(userActivities).Error; err != nil {
-		if err == gorm.ErrRecordNotFound {
-			return &c.defaultRechargeDiscount, nil
-		}
-		return nil, fmt.Errorf("failed to get user activities: %w", err)
-	}
-	if len(userActivities) == 0 {
-		return &c.defaultRechargeDiscount, nil
-	}
-	for _, activity := range userActivities {
-		currentPhase := activity.CurrentPhase
-		var userPhase types.UserPhase
-		err := c.DB.Table("UserPhase").Where(types.UserPhase{
-			UserActivityID: activity.UserID,
-			Name:           currentPhase,
-		}).First(&userPhase).Error
-		if err != nil {
-			return nil, fmt.Errorf("failed to get user %v phase: %v", ops, err)
-		}
-		for _, phase := range c.activities[activity.Name].Phases {
-			if phase.ID == userPhase.ID {
-				limitTime, err := time.ParseDuration(phase.RechargeDiscount.LimitDuration)
-				if err != nil {
-					return nil, fmt.Errorf("failed to get limitTime %s: %v", phase.RechargeDiscount.LimitDuration, err)
-				}
-				if userPhase.RechargeNums >= phase.RechargeDiscount.LimitTimes || userPhase.EndTime.Add(limitTime).After(time.Now()) {
-					return &c.defaultRechargeDiscount, nil
-				}
-				return &phase.RechargeDiscount.RechargeDiscount, nil
-			}
-		}
-	}
-	return &c.defaultRechargeDiscount, nil
-}
-
 const (
 	BaseUnit           = 1_000_000
 	MinBalance         = 10 * BaseUnit
@@ -1098,8 +896,7 @@ const (
 )
 
 var (
-	BaseBalance        = int64(DefaultBaseBalance)
-	EncryptBaseBalance string
+	BaseBalance = int64(DefaultBaseBalance)
 )
 
 func (c *Cockroach) TransferAccount(from, to *types.UserQueryOpts, amount int64) error {
@@ -1172,7 +969,7 @@ func (c *Cockroach) transferAccount(from, to *types.UserQueryOpts, amount int64,
 }
 
 func (c *Cockroach) InitTables() error {
-	err := CreateTableIfNotExist(c.DB, types.Account{}, types.ErrorAccountCreate{}, types.ErrorPaymentCreate{}, types.Payment{}, types.Transfer{}, types.Region{}, types.Invoice{}, types.InvoicePayment{}, types.Configs{})
+	err := CreateTableIfNotExist(c.DB, types.Account{}, types.Payment{}, types.Transfer{}, types.Region{}, types.Invoice{}, types.InvoicePayment{}, types.Configs{})
 	if err != nil {
 		return fmt.Errorf("failed to create table: %v", err)
 	}
diff --git a/controllers/pkg/database/interface.go b/controllers/pkg/database/interface.go
index b8d2f152418..53bd72d7284 100644
--- a/controllers/pkg/database/interface.go
+++ b/controllers/pkg/database/interface.go
@@ -28,7 +28,6 @@ import (
 
 	"github.com/labring/sealos/controllers/pkg/common"
 
-	accountv1 "github.com/labring/sealos/controllers/account/api/v1"
 	"github.com/labring/sealos/controllers/pkg/resources"
 )
 
@@ -45,16 +44,12 @@ type CVM interface {
 }
 
 type Account interface {
-	//InitDB() error
 	GetBillingLastUpdateTime(owner string, _type common.Type) (bool, time.Time, error)
-	GetBillingHistoryNamespaceList(ns *accountv1.NamespaceBillingHistorySpec, owner string) ([]string, error)
-	GetBillingHistoryNamespaces(startTime, endTime *time.Time, billType int, owner string) ([]string, error)
 	SaveBillings(billing ...*resources.Billing) error
 	SaveObjTraffic(obs ...*types.ObjectStorageTraffic) error
 	GetAllLatestObjTraffic(startTime, endTime time.Time) ([]types.ObjectStorageTraffic, error)
 	HandlerTimeObjBucketSentTraffic(startTime, endTime time.Time, bucket string) (int64, error)
 	GetTimeObjBucketBucket(startTime, endTime time.Time) ([]string, error)
-	QueryBillingRecords(billingRecordQuery *accountv1.BillingRecordQuery, owner string) error
 	GetUnsettingBillingHandler(owner string) ([]resources.BillingHandler, error)
 	UpdateBillingStatus(orderID string, status resources.BillingStatus) error
 	GetUpdateTimeForCategoryAndPropertyFromMetering(category string, property string) (time.Time, error)
@@ -62,7 +57,6 @@ type Account interface {
 	InitDefaultPropertyTypeLS() error
 	SavePropertyTypes(types []resources.PropertyType) error
 	GetBillingCount(accountType common.Type, startTime, endTime time.Time) (count, amount int64, err error)
-	//GetNodePortAmount(owner string, endTime time.Time) (int64, error)
 	GenerateBillingData(startTime, endTime time.Time, prols *resources.PropertyTypeLS, namespaces []string, owner string) (orderID []string, amount int64, err error)
 	InsertMonitor(ctx context.Context, monitors ...*resources.Monitor) error
 	GetDistinctMonitorCombinations(startTime, endTime time.Time) ([]resources.Monitor, error)
@@ -102,8 +96,6 @@ type AccountV2 interface {
 	GetUserOauthProvider(ops *types.UserQueryOpts) ([]types.OauthProvider, error)
 	GetWorkspace(namespaces ...string) ([]types.Workspace, error)
 	GetUserRechargeDiscount(ops *types.UserQueryOpts) (types.UserRechargeDiscount, error)
-	//TODO will be removed this method
-	GetUserAccountRechargeDiscount(user *types.UserQueryOpts) (*types.RechargeDiscount, error)
 	SetAccountCreateLocalRegion(account *types.Account, region string) error
 	CreateUser(oAuth *types.OauthProvider, regionUserCr *types.RegionUserCr, user *types.User, workspace *types.Workspace, userWorkspace *types.UserWorkspace) error
 	AddBalance(user *types.UserQueryOpts, balance int64) error
@@ -113,12 +105,9 @@ type AccountV2 interface {
 	Payment(payment *types.Payment) error
 	SavePayment(payment *types.Payment) error
 	GetUnInvoicedPaymentListWithIds(ids []string) ([]types.Payment, error)
-	CreateErrorPaymentCreate(payment types.Payment, errorMsg string) error
 	CreateAccount(ops *types.UserQueryOpts, account *types.Account) (*types.Account, error)
-	CreateErrorAccountCreate(account *types.Account, owner, errorMsg string) error
 	TransferAccount(from, to *types.UserQueryOpts, amount int64) error
 	TransferAccountAll(from, to *types.UserQueryOpts) error
-	TransferAccountV1(owner string, account *types.Account) (*types.Account, error)
 	AddDeductionBalance(user *types.UserQueryOpts, balance int64) error
 	AddDeductionBalanceWithFunc(ops *types.UserQueryOpts, amount int64, preDo, postDo func() error) error
 }
@@ -130,27 +119,12 @@ type Creator interface {
 	CreateTTLTrafficTimeSeries() error
 }
 
-type MeteringOwnerTimeResult struct {
-	//Owner  string           `bson:"owner"`
-	Time   time.Time        `bson:"time"`
-	Amount int64            `bson:"amount"`
-	Costs  map[string]int64 `bson:"costs"`
-}
-
-//func NewDBInterface(ctx context.Context, mongoURI string) (Interface, error) {
-//	return mongo.NewMongoInterface(ctx, mongoURI)
-//}
-
 const (
 	MongoURI           = "MONGO_URI"
 	CVMMongoURI        = "CVM_MONGO_URI"
 	GlobalCockroachURI = "GLOBAL_COCKROACH_URI"
 	LocalCockroachURI  = "LOCAL_COCKROACH_URI"
 	TrafficMongoURI    = "TRAFFIC_MONGO_URI"
-	//MongoUsername      = "MONGO_USERNAME"
-	//MongoPassword      = "MONGO_PASSWORD"
-	//RetentionDay       = "RETENTION_DAY"
-	//PermanentRetention = "PERMANENT_RETENTION"
 )
 
 var _ = AccountV2(&cockroach.Cockroach{})
diff --git a/controllers/pkg/database/mongo/account.go b/controllers/pkg/database/mongo/account.go
index 53c8adb3ac9..e8dc8ce38ef 100644
--- a/controllers/pkg/database/mongo/account.go
+++ b/controllers/pkg/database/mongo/account.go
@@ -31,7 +31,6 @@ import (
 
 	gonanoid "github.com/matoous/go-nanoid/v2"
 
-	accountv1 "github.com/labring/sealos/controllers/account/api/v1"
 	"github.com/labring/sealos/controllers/pkg/resources"
 	"github.com/labring/sealos/controllers/pkg/utils/logger"
 
@@ -83,11 +82,40 @@ type mongoDB struct {
 	TrafficConn       string
 }
 
+type BillingRecordQueryItem struct {
+	Time                         metav1.Time `json:"time" bson:"time"`
+	BillingRecordQueryItemInline `json:",inline"`
+}
+
+type BillingRecordQueryItemInline struct {
+	Name      string      `json:"name,omitempty" bson:"name,omitempty"`
+	OrderID   string      `json:"order_id" bson:"order_id"`
+	Namespace string      `json:"namespace,omitempty" bson:"namespace,omitempty"`
+	Type      common.Type `json:"type" bson:"type"`
+	AppType   string      `json:"appType,omitempty" bson:"appType,omitempty"`
+	Costs     Costs       `json:"costs,omitempty" bson:"costs,omitempty"`
+	//Amount = PaymentAmount + GiftAmount
+	Amount int64 `json:"amount,omitempty" bson:"amount"`
+	// when Type = Recharge, PaymentAmount is the amount of recharge
+	Payment *PaymentForQuery `json:"payment,omitempty" bson:"payment,omitempty"`
+}
+
+type Costs map[string]int64
+
+type PaymentForQuery struct {
+	Amount int64 `json:"amount,omitempty" bson:"amount,omitempty"`
+}
+
+const (
+	// Consumption 消费
+	Consumption common.Type = iota
+)
+
 type AccountBalanceSpecBSON struct {
 	// Time    metav1.Time `json:"time" bson:"time"`
 	// If the Time field is of the time. time type, it cannot be converted to json crd, so use metav1.Time. However, metav1.Time cannot be inserted into mongo, so you need to convert it to time.Time
-	Time                                   time.Time `json:"time" bson:"time"`
-	accountv1.BillingRecordQueryItemInline `json:",inline" bson:",inline"`
+	Time                         time.Time `json:"time" bson:"time"`
+	BillingRecordQueryItemInline `json:",inline" bson:",inline"`
 }
 
 func (m *mongoDB) Disconnect(ctx context.Context) error {
@@ -165,82 +193,6 @@ func (m *mongoDB) UpdateBillingStatus(orderID string, status resources.BillingSt
 	return nil
 }
 
-func (m *mongoDB) GetBillingHistoryNamespaces(startTime, endTime *time.Time, billType int, owner string) ([]string, error) {
-	filter := bson.M{
-		"owner": owner,
-	}
-	if startTime != nil && endTime != nil {
-		filter["time"] = bson.M{
-			"$gte": startTime.UTC(),
-			"$lte": endTime.UTC(),
-		}
-	}
-	if billType != -1 {
-		filter["type"] = billType
-	}
-
-	pipeline := mongo.Pipeline{
-		{{Key: "$match", Value: filter}},
-		{{Key: "$group", Value: bson.D{{Key: "_id", Value: nil}, {Key: "namespaces", Value: bson.D{{Key: "$addToSet", Value: "$namespace"}}}}}},
-	}
-
-	cur, err := m.getBillingCollection().Aggregate(context.Background(), pipeline)
-	if err != nil {
-		return nil, err
-	}
-	defer cur.Close(context.Background())
-
-	if !cur.Next(context.Background()) {
-		return []string{}, nil
-	}
-
-	var result struct {
-		Namespaces []string `bson:"namespaces"`
-	}
-	if err := cur.Decode(&result); err != nil {
-		return nil, err
-	}
-	return result.Namespaces, nil
-}
-
-func (m *mongoDB) GetBillingHistoryNamespaceList(nsHistorySpec *accountv1.NamespaceBillingHistorySpec, owner string) ([]string, error) {
-	filter := bson.M{
-		"owner": owner,
-	}
-	if nsHistorySpec.StartTime != nsHistorySpec.EndTime {
-		filter["time"] = bson.M{
-			"$gte": nsHistorySpec.StartTime.Time.UTC(),
-			"$lte": nsHistorySpec.EndTime.Time.UTC(),
-		}
-	}
-	if nsHistorySpec.Type != -1 {
-		filter["type"] = nsHistorySpec.Type
-	}
-
-	pipeline := mongo.Pipeline{
-		{{Key: "$match", Value: filter}},
-		{{Key: "$group", Value: bson.D{{Key: "_id", Value: nil}, {Key: "namespaces", Value: bson.D{{Key: "$addToSet", Value: "$namespace"}}}}}},
-	}
-
-	cur, err := m.getBillingCollection().Aggregate(context.Background(), pipeline)
-	if err != nil {
-		return nil, err
-	}
-	defer cur.Close(context.Background())
-
-	if !cur.Next(context.Background()) {
-		return []string{}, nil
-	}
-
-	var result struct {
-		Namespaces []string `bson:"namespaces"`
-	}
-	if err := cur.Decode(&result); err != nil {
-		return nil, err
-	}
-	return result.Namespaces, nil
-}
-
 func (m *mongoDB) SaveBillings(billing ...*resources.Billing) error {
 	billings := make([]interface{}, len(billing))
 	for i, b := range billing {
@@ -469,15 +421,6 @@ func (m *mongoDB) SavePropertyTypes(types []resources.PropertyType) error {
 	return err
 }
 
-/*
-		monitors = append(monitors, &common.Monitor{
-		Category: namespace.Name,
-		Used:     getResourceUsed(podResource),
-		Time:     timeStamp,
-		Type:     resourceMap[name].Type(),
-		Name:     resourceMap[name].Name(),
-	})
-*/
 func (m *mongoDB) GenerateBillingData(startTime, endTime time.Time, prols *resources.PropertyTypeLS, namespaces []string, owner string) (orderID []string, amount int64, err error) {
 	minutes := endTime.Sub(startTime).Minutes()
 
@@ -631,7 +574,7 @@ func (m *mongoDB) GenerateBillingData(startTime, endTime time.Time, prols *resou
 			}
 			billing := resources.Billing{
 				OrderID:   id,
-				Type:      accountv1.Consumption,
+				Type:      Consumption,
 				Namespace: ns,
 				AppType:   uint8(appType),
 				AppName:   appName,
@@ -678,284 +621,6 @@ func (m *mongoDB) GetUpdateTimeForCategoryAndPropertyFromMetering(category strin
 	return result.Time, nil
 }
 
-func (m *mongoDB) queryBillingRecordsByOrderID(billingRecordQuery *accountv1.BillingRecordQuery, owner string) error {
-	if billingRecordQuery.Spec.OrderID == "" {
-		return fmt.Errorf("order id is empty")
-	}
-	billingColl := m.getBillingCollection()
-	matchStage := bson.D{
-		primitive.E{Key: "$match", Value: bson.D{
-			primitive.E{Key: "order_id", Value: billingRecordQuery.Spec.OrderID},
-			primitive.E{Key: "owner", Value: owner},
-		}},
-	}
-	var billingRecords []accountv1.BillingRecordQueryItem
-	ctx := context.Background()
-
-	cursor, err := billingColl.Aggregate(ctx, bson.A{matchStage})
-	if err != nil {
-		return fmt.Errorf("failed to execute aggregate query: %w", err)
-	}
-	defer cursor.Close(ctx)
-
-	for cursor.Next(ctx) {
-		var bsonRecord resources.Billing
-		if err := cursor.Decode(&bsonRecord); err != nil {
-			return fmt.Errorf("failed to decode billing record: %w", err)
-		}
-		var billingRecord = accountv1.BillingRecordQueryItem{
-			Time: metav1.NewTime(bsonRecord.Time),
-			BillingRecordQueryItemInline: accountv1.BillingRecordQueryItemInline{
-				OrderID:   bsonRecord.OrderID,
-				Type:      bsonRecord.Type,
-				Amount:    bsonRecord.Amount,
-				Namespace: bsonRecord.Namespace,
-			},
-		}
-		switch bsonRecord.Type {
-		case accountv1.Recharge:
-			paymentAmount := billingRecord.Amount
-			if bsonRecord.Payment != nil {
-				paymentAmount = bsonRecord.Payment.Amount
-			}
-			billingRecord.Payment = &accountv1.PaymentForQuery{Amount: paymentAmount}
-			billingRecords = append(billingRecords, billingRecord)
-		case accountv1.TransferOut, accountv1.TransferIn:
-			billingRecords = append(billingRecords, billingRecord)
-		default:
-			for _, cost := range bsonRecord.AppCosts {
-				billingRecord = accountv1.BillingRecordQueryItem{
-					Time: metav1.NewTime(bsonRecord.Time),
-					BillingRecordQueryItemInline: accountv1.BillingRecordQueryItemInline{
-						OrderID:   bsonRecord.OrderID,
-						Type:      bsonRecord.Type,
-						Namespace: bsonRecord.Namespace,
-						AppType:   resources.AppTypeReverse[bsonRecord.AppType],
-						Costs:     resources.ConvertEnumUsedToString(cost.UsedAmount),
-						Amount:    cost.Amount,
-						Name:      cost.Name,
-					},
-				}
-				billingRecords = append(billingRecords, billingRecord)
-			}
-		}
-	}
-
-	billingRecordQuery.Status.Items = billingRecords
-	billingRecordQuery.Status.PageLength = 1
-	billingRecordQuery.Status.TotalCount = len(billingRecords)
-	return nil
-}
-
-func (m *mongoDB) QueryBillingRecords(billingRecordQuery *accountv1.BillingRecordQuery, owner string) (err error) {
-	if billingRecordQuery.Spec.OrderID != "" {
-		return m.queryBillingRecordsByOrderID(billingRecordQuery, owner)
-	}
-	if owner == "" {
-		return fmt.Errorf("owner is empty")
-	}
-
-	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
-	defer cancel()
-
-	billingColl := m.getBillingCollection()
-	timeMatchValue := bson.D{primitive.E{Key: "$gte", Value: billingRecordQuery.Spec.StartTime.Time}, primitive.E{Key: "$lte", Value: billingRecordQuery.Spec.EndTime.Time}}
-	matchValue := bson.D{
-		primitive.E{Key: "time", Value: timeMatchValue},
-		primitive.E{Key: "owner", Value: owner},
-	}
-	if billingRecordQuery.Spec.Type != -1 {
-		matchValue = append(matchValue, primitive.E{Key: "type", Value: billingRecordQuery.Spec.Type})
-	}
-	if billingRecordQuery.Spec.Namespace != "" {
-		matchValue = append(matchValue, primitive.E{Key: "namespace", Value: billingRecordQuery.Spec.Namespace})
-	}
-	if billingRecordQuery.Spec.AppType != "" {
-		matchValue = append(matchValue, primitive.E{Key: "app_type", Value: resources.AppType[strings.ToUpper(billingRecordQuery.Spec.AppType)]})
-	}
-	matchStage := bson.D{
-		primitive.E{
-			Key: "$match", Value: matchValue,
-		},
-	}
-
-	// Pipeline for getting the paginated data
-	pipeline := bson.A{
-		matchStage,
-		bson.D{primitive.E{Key: "$sort", Value: bson.D{primitive.E{Key: "time", Value: -1}}}},
-		bson.D{primitive.E{Key: "$skip", Value: (billingRecordQuery.Spec.Page - 1) * billingRecordQuery.Spec.PageSize}},
-		bson.D{primitive.E{Key: "$limit", Value: billingRecordQuery.Spec.PageSize}},
-	}
-
-	pipelineAll := bson.A{
-		matchStage,
-		bson.D{primitive.E{Key: "$group", Value: bson.D{
-			primitive.E{Key: "_id", Value: nil},
-			primitive.E{Key: "result", Value: bson.D{primitive.E{Key: "$sum", Value: 1}}},
-		}}},
-	}
-
-	pipelineCountAndAmount := bson.A{
-		matchStage,
-		bson.D{{Key: "$group", Value: bson.D{
-			primitive.E{Key: "_id", Value: nil},
-			primitive.E{Key: "result", Value: bson.D{primitive.E{Key: "$sum", Value: "$amount"}}},
-		}}},
-	}
-
-	pipelineRechargeAmount := bson.A{
-		bson.D{{Key: "$match", Value: bson.D{
-			{Key: "time", Value: timeMatchValue},
-			{Key: "owner", Value: owner},
-			{Key: "type", Value: accountv1.Recharge},
-		}}},
-		bson.D{{Key: "$group", Value: bson.D{
-			{Key: "_id", Value: nil},
-			{Key: "totalRechargeAmount", Value: bson.D{{Key: "$sum", Value: "$amount"}}},
-			{Key: "count", Value: bson.D{{Key: "$sum", Value: 1}}},
-		}}},
-	}
-
-	cursor, err := billingColl.Aggregate(ctx, pipeline)
-	if err != nil {
-		return fmt.Errorf("failed to execute aggregate query: %w", err)
-	}
-	defer cursor.Close(ctx)
-
-	var billingRecords []accountv1.BillingRecordQueryItem
-	for cursor.Next(ctx) {
-		var bsonRecord resources.Billing
-		if err := cursor.Decode(&bsonRecord); err != nil {
-			return fmt.Errorf("failed to decode billing record: %w", err)
-		}
-		billingRecord := accountv1.BillingRecordQueryItem{
-			Time: metav1.NewTime(bsonRecord.Time),
-			BillingRecordQueryItemInline: accountv1.BillingRecordQueryItemInline{
-				OrderID:   bsonRecord.OrderID,
-				Namespace: bsonRecord.Namespace,
-				Type:      bsonRecord.Type,
-				AppType:   resources.AppTypeReverse[bsonRecord.AppType],
-				Amount:    bsonRecord.Amount,
-			},
-		}
-		if len(bsonRecord.AppCosts) != 0 {
-			costs := make(map[string]int64)
-			for i := range bsonRecord.AppCosts {
-				for j := range bsonRecord.AppCosts[i].UsedAmount {
-					costs[resources.DefaultPropertyTypeLS.EnumMap[j].Name] += bsonRecord.AppCosts[i].UsedAmount[j]
-				}
-			}
-			billingRecord.Costs = costs
-		}
-		if bsonRecord.Type == accountv1.Recharge {
-			paymentAmount := billingRecord.Amount
-			if bsonRecord.Payment != nil {
-				paymentAmount = bsonRecord.Payment.Amount
-			}
-			billingRecord.Payment = &accountv1.PaymentForQuery{Amount: paymentAmount}
-		}
-		billingRecords = append(billingRecords, billingRecord)
-	}
-
-	totalCount := 0
-
-	// total quantity
-	cursorAll, err := billingColl.Aggregate(ctx, pipelineAll)
-	if err != nil {
-		return fmt.Errorf("failed to execute aggregate all query: %w", err)
-	}
-	defer cursorAll.Close(ctx)
-	for cursorAll.Next(ctx) {
-		var result struct {
-			Result int64 `bson:"result"`
-		}
-		if err := cursorAll.Decode(&result); err != nil {
-			return fmt.Errorf("failed to decode query count record: %w", err)
-		}
-		totalCount = int(result.Result)
-	}
-
-	// Costs Executing the second pipeline for getting the total count, recharge and deduction amount
-	cursorCountAndAmount, err := billingColl.Aggregate(ctx, pipelineCountAndAmount)
-	if err != nil {
-		return fmt.Errorf("failed to execute aggregate query for count and amount: %w", err)
-	}
-	defer cursorCountAndAmount.Close(ctx)
-
-	totalDeductionAmount, totalRechargeAmount := int64(0), int64(0)
-
-	for cursorCountAndAmount.Next(ctx) {
-		var result struct {
-			Result int64 `bson:"result"`
-		}
-		if err := cursorCountAndAmount.Decode(&result); err != nil {
-			return fmt.Errorf("failed to decode billing record: %w", err)
-		}
-		totalDeductionAmount = result.Result
-	}
-
-	// the total amount
-	cursorRechargeAmount, err := billingColl.Aggregate(ctx, pipelineRechargeAmount)
-	if err != nil {
-		return fmt.Errorf("failed to execute aggregate query for recharge amount: %w", err)
-	}
-	defer cursorRechargeAmount.Close(ctx)
-
-	for cursorRechargeAmount.Next(ctx) {
-		var result struct {
-			TotalRechargeAmount int64 `bson:"totalRechargeAmount"`
-			Count               int   `bson:"count"`
-		}
-		if err := cursorRechargeAmount.Decode(&result); err != nil {
-			return fmt.Errorf("failed to decode recharge amount record: %w", err)
-		}
-		totalRechargeAmount = result.TotalRechargeAmount
-	}
-
-	totalPages := (totalCount + billingRecordQuery.Spec.PageSize - 1) / billingRecordQuery.Spec.PageSize
-	if totalCount == 0 {
-		totalPages = 1
-		totalCount = len(billingRecords)
-	}
-	billingRecordQuery.Status.Items, billingRecordQuery.Status.PageLength, billingRecordQuery.Status.TotalCount,
-		billingRecordQuery.Status.RechargeAmount, billingRecordQuery.Status.DeductionAmount = billingRecords, totalPages, totalCount, totalRechargeAmount, totalDeductionAmount
-	return nil
-}
-
-//func (m *mongoDB) GetNodePortAmount(owner string, endTime time.Time) (int64, error) {
-//	filter := bson.M{
-//		"owner": owner,
-//		"time": bson.M{
-//			"$lte": endTime,
-//		},
-//		"type":          accountv1.Consumption,
-//		"used_amount.4": bson.M{"$ne": 0},
-//	}
-//
-//	cursor, err := m.getBillingCollection().Find(context.Background(), filter)
-//	if err != nil {
-//		return 0, fmt.Errorf("failed to execute aggregate query: %w", err)
-//	}
-//	defer cursor.Close(context.Background())
-//
-//	var billings []resources.Billing
-//	if err := cursor.All(context.Background(), &billings); err != nil {
-//		return 0, fmt.Errorf("failed to decode all billing record: %w", err)
-//	}
-//	amountTotal := int64(0)
-//	for i := range billings {
-//		for j := range billings[i].AppCosts {
-//			amount := billings[i].AppCosts[j].UsedAmount[4]
-//			if amount > 0 {
-//				amountTotal += amount
-//			}
-//		}
-//	}
-//
-//	return amountTotal, nil
-//
-//}
-
 func (m *mongoDB) GetBillingCount(accountType common.Type, startTime, endTime time.Time) (count, amount int64, err error) {
 	pipeline := bson.A{
 		bson.M{
diff --git a/controllers/pkg/database/mongo/account_test.go b/controllers/pkg/database/mongo/account_test.go
index f8480747a61..82f3f94f121 100644
--- a/controllers/pkg/database/mongo/account_test.go
+++ b/controllers/pkg/database/mongo/account_test.go
@@ -26,222 +26,11 @@ import (
 
 	"github.com/labring/sealos/controllers/pkg/resources"
 
-	"github.com/dustin/go-humanize"
-	"sigs.k8s.io/yaml"
-
 	"go.mongodb.org/mongo-driver/mongo"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-
-	accountv1 "github.com/labring/sealos/controllers/account/api/v1"
 )
 
-func TestMongoDB_QueryBillingRecords(t *testing.T) {
-	dbCTX := context.Background()
-
-	m, err := NewMongoInterface(dbCTX, os.Getenv("MONGODB_URI"))
-	if err != nil {
-		t.Errorf("failed to connect mongo: error = %v", err)
-	}
-	defer func() {
-		if err = m.Disconnect(dbCTX); err != nil {
-			t.Errorf("failed to disconnect mongo: error = %v", err)
-		}
-	}()
-
-	testTime := time.Date(2021, 1, 1, 0, 0, 0, 0, time.Local)
-	startTime, endTime := metav1.Time{Time: testTime}, metav1.Time{Time: testTime.Add(3 * humanize.Day)}
-	// page 1 pageSize 1 type -1
-	query1 := &accountv1.BillingRecordQuery{
-		Spec: accountv1.BillingRecordQuerySpec{
-			StartTime: startTime,
-			EndTime:   endTime,
-			Page:      1,
-			PageSize:  1,
-			//OrderID:   "random_order_id_1",
-			OrderID: "",
-			Type:    -1,
-		},
-	}
-	// page 1 pageSize 5 type 1
-	query2 := &accountv1.BillingRecordQuery{
-		Spec: accountv1.BillingRecordQuerySpec{
-			StartTime: startTime,
-			EndTime:   endTime,
-			Page:      1,
-			PageSize:  5,
-			//OrderID:   "random_order_id_1",
-			OrderID: "",
-			Type:    1,
-		},
-	}
-	// page 1 pageSize 5 type 0
-	query3 := &accountv1.BillingRecordQuery{
-		Spec: accountv1.BillingRecordQuerySpec{
-			StartTime: startTime,
-			EndTime:   endTime,
-			Page:      1,
-			PageSize:  5,
-			//OrderID:   "random_order_id_1",
-			OrderID: "",
-			Type:    0,
-		},
-	}
-	// only orderID
-
-	query4 := &accountv1.BillingRecordQuery{
-		Spec: accountv1.BillingRecordQuerySpec{
-			OrderID: "random_order_id_recharge19",
-		},
-	}
-
-	query5 := &accountv1.BillingRecordQuery{
-		Spec: accountv1.BillingRecordQuerySpec{
-			StartTime: startTime,
-			EndTime:   endTime,
-			Page:      2,
-			PageSize:  5,
-			Namespace: "ns-vd1k1dk3",
-			Type:      1,
-		},
-	}
-
-	billingRecordQueryList := []*accountv1.BillingRecordQuery{
-		query1, query2, query3, query4, query5,
-	}
-	for _, billingRecordQuery := range billingRecordQueryList {
-		err = m.QueryBillingRecords(billingRecordQuery, "vd1k1dk3")
-		if err != nil {
-			t.Errorf("failed to query billing records: error = %v", err)
-		}
-		data, err := yaml.Marshal(billingRecordQuery)
-		if err != nil {
-			t.Errorf("failed to marshal billingRecordQuery: error = %v", err)
-		}
-		t.Logf("billingRecordQuery: %s\n", string(data))
-	}
-}
-
-func TestMongoDB_QueryBillingRecords1(t *testing.T) {
-	dbCTX := context.Background()
-	m, err := NewMongoInterface(dbCTX, os.Getenv("MONGODB_URI"))
-	if err != nil {
-		t.Errorf("failed to connect mongo: error = %v", err)
-	}
-	defer func() {
-		if err = m.Disconnect(dbCTX); err != nil {
-			t.Errorf("failed to disconnect mongo: error = %v", err)
-		}
-	}()
-	//now := time.Now().UTC()
-	billquery := &accountv1.BillingRecordQuery{
-		Spec: accountv1.BillingRecordQuerySpec{
-			StartTime: metav1.Time{Time: time.Now().UTC().Add(-time.Hour * 24 * 30)},
-			EndTime:   metav1.Time{Time: time.Now().UTC().Add(time.Hour * 24 * 30)},
-			Page:      1,
-			PageSize:  5,
-			Type:      1,
-		},
-	}
-	err = m.QueryBillingRecords(billquery, "")
-	if err != nil {
-		t.Errorf("failed to query billing records: error = %v", err)
-	}
-	data, err := yaml.Marshal(billquery)
-	if err != nil {
-		t.Errorf("failed to marshal billingRecordQuery: error = %v", err)
-	}
-	t.Logf("billingRecordQuery: %s\n", string(data))
-}
-
 var testTime = time.Date(2023, 5, 9, 5, 0, 0, 0, time.UTC)
 
-func TestMongoDB_QueryBillingRecords2(t *testing.T) {
-	dbCTX := context.Background()
-
-	os.Setenv("MONGODB_URI", "mongodb://root:lv4nfcgz@127.0.0.1:64110/sealos-resources?authSource=admin&directConnection=true")
-	m, err := NewMongoInterface(dbCTX, os.Getenv("MONGODB_URI"))
-	if err != nil {
-		t.Errorf("failed to connect mongo: error = %v", err)
-	}
-	defer func() {
-		if err = m.Disconnect(dbCTX); err != nil {
-			t.Errorf("failed to disconnect mongo: error = %v", err)
-		}
-	}()
-	now := time.Now().UTC()
-	testTime := time.Date(now.Year(), now.Month(), now.Day(), now.Hour(), 0, 0, 0, time.Local).UTC()
-	startTime, endTime := metav1.Time{Time: testTime}, metav1.Time{Time: testTime.Add(3 * humanize.Day)}
-	// page 1 pageSize 1 type -1
-	query1 := &accountv1.BillingRecordQuery{
-		Spec: accountv1.BillingRecordQuerySpec{
-			StartTime: startTime,
-			EndTime:   endTime,
-			Page:      1,
-			PageSize:  15,
-			//OrderID:   "random_order_id_1",
-			OrderID: "",
-			Type:    -1,
-		},
-	}
-	//// page 1 pageSize 5 type 1
-	//query2 := &accountv1.BillingRecordQuery{
-	//	Spec: accountv1.BillingRecordQuerySpec{
-	//		StartTime: startTime,
-	//		EndTime:   endTime,
-	//		Page:      1,
-	//		PageSize:  5,
-	//		//OrderID:   "random_order_id_1",
-	//		OrderID: "",
-	//		Type:    1,
-	//	},
-	//}
-	//// page 1 pageSize 5 type 0
-	//query3 := &accountv1.BillingRecordQuery{
-	//	Spec: accountv1.BillingRecordQuerySpec{
-	//		StartTime: startTime,
-	//		EndTime:   endTime,
-	//		Page:      1,
-	//		PageSize:  5,
-	//		//OrderID:   "random_order_id_1",
-	//		OrderID: "",
-	//		Type:    0,
-	//	},
-	//}
-	//// only orderID
-	//
-	//query4 := &accountv1.BillingRecordQuery{
-	//	Spec: accountv1.BillingRecordQuerySpec{
-	//		OrderID: "random_order_id_recharge19",
-	//	},
-	//}
-	//
-	//query5 := &accountv1.BillingRecordQuery{
-	//	Spec: accountv1.BillingRecordQuerySpec{
-	//		StartTime: startTime,
-	//		EndTime:   endTime,
-	//		Page:      2,
-	//		PageSize:  5,
-	//		Namespace: "ns-vd1k1dk3",
-	//		Type:      1,
-	//	},
-	//}
-
-	billingRecordQueryList := []*accountv1.BillingRecordQuery{
-		query1, /*query2, query3, query4, query5,*/
-	}
-	for _, billingRecordQuery := range billingRecordQueryList {
-		err = m.QueryBillingRecords(billingRecordQuery, "1jc12uh6")
-		if err != nil {
-			t.Errorf("failed to query billing records: error = %v", err)
-		}
-		data, err := yaml.Marshal(billingRecordQuery)
-		if err != nil {
-			t.Errorf("failed to marshal billingRecordQuery: error = %v", err)
-		}
-		t.Logf("billingRecordQuery: %s\n", string(data))
-	}
-}
-
 func TestMongoDB_SaveBillingsWithAccountBalance(t *testing.T) {
 	type fields struct {
 		URL          string
@@ -498,30 +287,6 @@ func TestMongoDB_DropMonitorCollectionsOlderThan(t *testing.T) {
 	}
 }
 
-func TestMongoDB_GetBillingHistoryNamespaceList(t *testing.T) {
-	dbCTX := context.Background()
-	m, err := NewMongoInterface(dbCTX, os.Getenv("MONGODB_URI"))
-	if err != nil {
-		t.Errorf("failed to connect mongo: error = %v", err)
-	}
-	defer func() {
-		if err = m.Disconnect(dbCTX); err != nil {
-			t.Errorf("failed to disconnect mongo: error = %v", err)
-		}
-	}()
-	queryTime := time.Now().UTC()
-	billRecord := &accountv1.NamespaceBillingHistorySpec{
-		StartTime: metav1.Time{Time: queryTime.Add(-time.Hour * 24 * 30)},
-		EndTime:   metav1.Time{Time: queryTime},
-		Type:      -1,
-	}
-	namespaceList, err := m.GetBillingHistoryNamespaceList(billRecord, "")
-	if err != nil {
-		t.Fatalf("failed to get billing history namespace list: %v", err)
-	}
-	t.Logf("namespaceList: %v", namespaceList)
-}
-
 /*
 info generate billing data used {2 ns-7uyfrr47 pay-xy map[0:325 1:166 2:0]}
 
diff --git a/controllers/pkg/database/mongo/user.go b/controllers/pkg/database/mongo/user.go
deleted file mode 100644
index 1473771fca2..00000000000
--- a/controllers/pkg/database/mongo/user.go
+++ /dev/null
@@ -1,15 +0,0 @@
-// Copyright © 2023 sealos.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package mongo
diff --git a/controllers/pkg/database/mongo/user_test.go b/controllers/pkg/database/mongo/user_test.go
deleted file mode 100644
index 1473771fca2..00000000000
--- a/controllers/pkg/database/mongo/user_test.go
+++ /dev/null
@@ -1,15 +0,0 @@
-// Copyright © 2023 sealos.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package mongo
diff --git a/controllers/pkg/metering/README.md b/controllers/pkg/metering/README.md
deleted file mode 100644
index dfddf436164..00000000000
--- a/controllers/pkg/metering/README.md
+++ /dev/null
@@ -1,94 +0,0 @@
-# metering
-// TODO(user): Add simple overview of use/purpose
-
-## Description
-// TODO(user): An in-depth paragraph about your project and overview of use
-
-## Getting Started
-You’ll need a Kubernetes cluster to run against. You can use [KIND](https://sigs.k8s.io/kind) to get a local cluster for testing, or run against a remote cluster.
-**Note:** Your controller will automatically use the current context in your kubeconfig file (i.e. whatever cluster `kubectl cluster-info` shows).
-
-### Running on the cluster
-1. Install Instances of Custom Resources:
-
-```sh
-kubectl apply -f config/samples/
-```
-
-2. Build and push your image to the location specified by `IMG`:
-
-```sh
-make docker-build docker-push IMG=<some-registry>/metering:tag
-```
-
-3. Deploy the controller to the cluster with the image specified by `IMG`:
-
-```sh
-make deploy IMG=<some-registry>/metering:tag
-```
-
-### Uninstall CRDs
-To delete the CRDs from the cluster:
-
-```sh
-make uninstall
-```
-
-### Undeploy controller
-UnDeploy the controller from the cluster:
-
-```sh
-make undeploy
-```
-
-## Contributing
-// TODO(user): Add detailed information on how you would like others to contribute to this project
-
-### How it works
-This project aims to follow the Kubernetes [Operator pattern](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/).
-
-It uses [Controllers](https://kubernetes.io/docs/concepts/architecture/controller/),
-which provide a reconcile function responsible for synchronizing resources until the desired state is reached on the cluster.
-
-### Test It Out
-1. Install the CRDs into the cluster:
-
-```sh
-make install
-```
-
-2. Run your controller (this will run in the foreground, so switch to a new terminal if you want to leave it running):
-
-```sh
-make run
-```
-
-**NOTE:** You can also run this in one step by running: `make install run`
-
-### Modifying the API definitions
-If you are editing the API definitions, generate the manifests such as CRs or CRDs using:
-
-```sh
-make manifests
-```
-
-**NOTE:** Run `make --help` for more information on all potential `make` targets
-
-More information can be found via the [Kubebuilder Documentation](https://book.kubebuilder.io/introduction.html)
-
-## License
-
-Copyright 2023.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
diff --git a/controllers/pkg/metering/api/v1/extensionresourceprice_types.go b/controllers/pkg/metering/api/v1/extensionresourceprice_types.go
deleted file mode 100644
index 18ad8802fec..00000000000
--- a/controllers/pkg/metering/api/v1/extensionresourceprice_types.go
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
-Copyright 2022.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package v1
-
-import (
-	v1 "k8s.io/api/core/v1"
-	"k8s.io/apimachinery/pkg/api/resource"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-)
-
-const ExtensionResourcePricePrefix = "extensionresourceprice-"
-
-// ExtensionResourcePriceSpec defines the desired state of ExtensionResourcePrice
-type ExtensionResourcePriceSpec struct {
-	ResourceName      string                            `json:"resourceName,omitempty"`
-	Resources         map[v1.ResourceName]ResourcePrice `json:"resources,omitempty"`
-	GroupVersionKinds []GroupVersionKind                `json:"groupVersionKinds"`
-}
-
-type GroupVersionKind struct {
-	Group   string `json:"group,omitempty"`
-	Version string `json:"version,omitempty"`
-	Kind    string `json:"kind,omitempty"`
-}
-
-type ResourcePrice struct {
-	Unit     *resource.Quantity `json:"unit"`
-	Price    int64              `json:"price"` // 100 = 1¥
-	Describe string             `json:"describe,omitempty"`
-}
-
-// ExtensionResourcePriceStatus defines the observed state of ExtensionResourcePrice
-type ExtensionResourcePriceStatus struct {
-}
-
-//+kubebuilder:object:root=true
-//+kubebuilder:subresource:status
-
-// ExtensionResourcePrice is the Schema for the extensionresourceprices API
-type ExtensionResourcePrice struct {
-	metav1.TypeMeta   `json:",inline"`
-	metav1.ObjectMeta `json:"metadata,omitempty"`
-
-	Spec   ExtensionResourcePriceSpec   `json:"spec,omitempty"`
-	Status ExtensionResourcePriceStatus `json:"status,omitempty"`
-}
-
-//+kubebuilder:object:root=true
-
-// ExtensionResourcePriceList contains a list of ExtensionResourcePrice
-type ExtensionResourcePriceList struct {
-	metav1.TypeMeta `json:",inline"`
-	metav1.ListMeta `json:"metadata,omitempty"`
-	Items           []ExtensionResourcePrice `json:"items"`
-}
-
-func init() {
-	SchemeBuilder.Register(&ExtensionResourcePrice{}, &ExtensionResourcePriceList{})
-}
-
-func GetExtensionResourcePriceName(resourceControllerName string) string {
-	return ExtensionResourcePricePrefix + resourceControllerName
-}
diff --git a/controllers/pkg/metering/api/v1/groupversion_info.go b/controllers/pkg/metering/api/v1/groupversion_info.go
deleted file mode 100644
index 4aec0ee1259..00000000000
--- a/controllers/pkg/metering/api/v1/groupversion_info.go
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
-Copyright 2023.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-// Package v1 contains API Schema definitions for the metering v1 API group
-// +kubebuilder:object:generate=true
-// +groupName=metering.common.sealos.io
-package v1
-
-import (
-	"k8s.io/apimachinery/pkg/runtime/schema"
-	"sigs.k8s.io/controller-runtime/pkg/scheme"
-)
-
-var (
-	// GroupVersion is group version used to register these objects
-	GroupVersion = schema.GroupVersion{Group: "metering.common.sealos.io", Version: "v1"}
-
-	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
-	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
-
-	// AddToScheme adds the types in this group-version to the given scheme.
-	AddToScheme = SchemeBuilder.AddToScheme
-)
diff --git a/controllers/pkg/metering/api/v1/resource_types.go b/controllers/pkg/metering/api/v1/resource_types.go
deleted file mode 100644
index 0c8fc60746d..00000000000
--- a/controllers/pkg/metering/api/v1/resource_types.go
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
-Copyright 2022.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package v1
-
-import (
-	v1 "k8s.io/api/core/v1"
-	"k8s.io/apimachinery/pkg/api/resource"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-)
-
-type Status string
-
-const (
-	Complete Status = "complete"
-	Create   Status = "create"
-)
-
-// ResourceSpec defines the desired state of Resource
-type ResourceSpec struct {
-	Resources map[v1.ResourceName]ResourceInfo `json:"resources,omitempty"`
-}
-
-type ResourceInfo struct {
-	ResourceName string             `json:"resourceName,omitempty"`
-	Used         *resource.Quantity `json:"used,omitempty"`
-	Timestamp    int64              `json:"time,omitempty"`
-	Namespace    string             `json:"namespace,omitempty"`
-	Cost         int64              `json:"cost,omitempty"`
-}
-
-type ResourceInfoList []ResourceInfo
-
-type ResourcePriceAndUsed struct {
-	ResourcePrice `json:",inline"`
-	Used          *resource.Quantity `json:"used,omitempty"`
-}
-
-// ResourceStatus defines the observed state of Resource
-type ResourceStatus struct {
-	Status Status `json:"status,omitempty"`
-}
-
-//+kubebuilder:object:root=true
-//+kubebuilder:subresource:status
-
-// Resource is the Schema for the resources API
-type Resource struct {
-	metav1.TypeMeta   `json:",inline"`
-	metav1.ObjectMeta `json:"metadata,omitempty"`
-
-	Spec   ResourceSpec   `json:"spec,omitempty"`
-	Status ResourceStatus `json:"status,omitempty"`
-}
-
-//+kubebuilder:object:root=true
-
-// ResourceList contains a list of Resource
-type ResourceList struct {
-	metav1.TypeMeta `json:",inline"`
-	metav1.ListMeta `json:"metadata,omitempty"`
-	Items           []Resource `json:"items"`
-}
-
-func init() {
-	SchemeBuilder.Register(&Resource{}, &ResourceList{})
-}
diff --git a/controllers/pkg/metering/api/v1/zz_generated.deepcopy.go b/controllers/pkg/metering/api/v1/zz_generated.deepcopy.go
deleted file mode 100644
index 6f28bfd4486..00000000000
--- a/controllers/pkg/metering/api/v1/zz_generated.deepcopy.go
+++ /dev/null
@@ -1,285 +0,0 @@
-//go:build !ignore_autogenerated
-// +build !ignore_autogenerated
-
-// Code generated by controller-gen. DO NOT EDIT.
-
-package v1
-
-import (
-	corev1 "k8s.io/api/core/v1"
-	runtime "k8s.io/apimachinery/pkg/runtime"
-)
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ExtensionResourcePrice) DeepCopyInto(out *ExtensionResourcePrice) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-	in.Spec.DeepCopyInto(&out.Spec)
-	out.Status = in.Status
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionResourcePrice.
-func (in *ExtensionResourcePrice) DeepCopy() *ExtensionResourcePrice {
-	if in == nil {
-		return nil
-	}
-	out := new(ExtensionResourcePrice)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *ExtensionResourcePrice) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ExtensionResourcePriceList) DeepCopyInto(out *ExtensionResourcePriceList) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ListMeta.DeepCopyInto(&out.ListMeta)
-	if in.Items != nil {
-		in, out := &in.Items, &out.Items
-		*out = make([]ExtensionResourcePrice, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionResourcePriceList.
-func (in *ExtensionResourcePriceList) DeepCopy() *ExtensionResourcePriceList {
-	if in == nil {
-		return nil
-	}
-	out := new(ExtensionResourcePriceList)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *ExtensionResourcePriceList) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ExtensionResourcePriceSpec) DeepCopyInto(out *ExtensionResourcePriceSpec) {
-	*out = *in
-	if in.Resources != nil {
-		in, out := &in.Resources, &out.Resources
-		*out = make(map[corev1.ResourceName]ResourcePrice, len(*in))
-		for key, val := range *in {
-			(*out)[key] = *val.DeepCopy()
-		}
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionResourcePriceSpec.
-func (in *ExtensionResourcePriceSpec) DeepCopy() *ExtensionResourcePriceSpec {
-	if in == nil {
-		return nil
-	}
-	out := new(ExtensionResourcePriceSpec)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ExtensionResourcePriceStatus) DeepCopyInto(out *ExtensionResourcePriceStatus) {
-	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionResourcePriceStatus.
-func (in *ExtensionResourcePriceStatus) DeepCopy() *ExtensionResourcePriceStatus {
-	if in == nil {
-		return nil
-	}
-	out := new(ExtensionResourcePriceStatus)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *Resource) DeepCopyInto(out *Resource) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-	in.Spec.DeepCopyInto(&out.Spec)
-	out.Status = in.Status
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Resource.
-func (in *Resource) DeepCopy() *Resource {
-	if in == nil {
-		return nil
-	}
-	out := new(Resource)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *Resource) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ResourceInfo) DeepCopyInto(out *ResourceInfo) {
-	*out = *in
-	if in.Used != nil {
-		in, out := &in.Used, &out.Used
-		x := (*in).DeepCopy()
-		*out = &x
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceInfo.
-func (in *ResourceInfo) DeepCopy() *ResourceInfo {
-	if in == nil {
-		return nil
-	}
-	out := new(ResourceInfo)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in ResourceInfoList) DeepCopyInto(out *ResourceInfoList) {
-	{
-		in := &in
-		*out = make(ResourceInfoList, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceInfoList.
-func (in ResourceInfoList) DeepCopy() ResourceInfoList {
-	if in == nil {
-		return nil
-	}
-	out := new(ResourceInfoList)
-	in.DeepCopyInto(out)
-	return *out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ResourceList) DeepCopyInto(out *ResourceList) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ListMeta.DeepCopyInto(&out.ListMeta)
-	if in.Items != nil {
-		in, out := &in.Items, &out.Items
-		*out = make([]Resource, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceList.
-func (in *ResourceList) DeepCopy() *ResourceList {
-	if in == nil {
-		return nil
-	}
-	out := new(ResourceList)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *ResourceList) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ResourcePrice) DeepCopyInto(out *ResourcePrice) {
-	*out = *in
-	if in.Unit != nil {
-		in, out := &in.Unit, &out.Unit
-		x := (*in).DeepCopy()
-		*out = &x
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourcePrice.
-func (in *ResourcePrice) DeepCopy() *ResourcePrice {
-	if in == nil {
-		return nil
-	}
-	out := new(ResourcePrice)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ResourcePriceAndUsed) DeepCopyInto(out *ResourcePriceAndUsed) {
-	*out = *in
-	in.ResourcePrice.DeepCopyInto(&out.ResourcePrice)
-	if in.Used != nil {
-		in, out := &in.Used, &out.Used
-		x := (*in).DeepCopy()
-		*out = &x
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourcePriceAndUsed.
-func (in *ResourcePriceAndUsed) DeepCopy() *ResourcePriceAndUsed {
-	if in == nil {
-		return nil
-	}
-	out := new(ResourcePriceAndUsed)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ResourceSpec) DeepCopyInto(out *ResourceSpec) {
-	*out = *in
-	if in.Resources != nil {
-		in, out := &in.Resources, &out.Resources
-		*out = make(map[corev1.ResourceName]ResourceInfo, len(*in))
-		for key, val := range *in {
-			(*out)[key] = *val.DeepCopy()
-		}
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceSpec.
-func (in *ResourceSpec) DeepCopy() *ResourceSpec {
-	if in == nil {
-		return nil
-	}
-	out := new(ResourceSpec)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ResourceStatus) DeepCopyInto(out *ResourceStatus) {
-	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceStatus.
-func (in *ResourceStatus) DeepCopy() *ResourceStatus {
-	if in == nil {
-		return nil
-	}
-	out := new(ResourceStatus)
-	in.DeepCopyInto(out)
-	return out
-}
diff --git a/controllers/pkg/metering/config/crd/bases/metering.common.sealos.io_extensionresourceprices.yaml b/controllers/pkg/metering/config/crd/bases/metering.common.sealos.io_extensionresourceprices.yaml
deleted file mode 100644
index 35f69b51d79..00000000000
--- a/controllers/pkg/metering/config/crd/bases/metering.common.sealos.io_extensionresourceprices.yaml
+++ /dev/null
@@ -1,96 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.11.3
-  creationTimestamp: null
-  name: extensionresourceprices.metering.common.sealos.io
-spec:
-  group: metering.common.sealos.io
-  names:
-    kind: ExtensionResourcePrice
-    listKind: ExtensionResourcePriceList
-    plural: extensionresourceprices
-    singular: extensionresourceprice
-  scope: Namespaced
-  versions:
-  - name: v1
-    schema:
-      openAPIV3Schema:
-        description: ExtensionResourcePrice is the Schema for the extensionresourceprices
-          API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: ExtensionResourcePriceSpec defines the desired state of ExtensionResourcePrice
-            properties:
-              groupVersionKinds:
-                items:
-                  properties:
-                    group:
-                      type: string
-                    kind:
-                      type: string
-                    version:
-                      type: string
-                  type: object
-                type: array
-              resourceName:
-                type: string
-              resources:
-                additionalProperties:
-                  properties:
-                    describe:
-                      type: string
-                    price:
-                      format: int64
-                      type: integer
-                    unit:
-                      anyOf:
-                      - type: integer
-                      - type: string
-                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                      x-kubernetes-int-or-string: true
-                  required:
-                  - price
-                  - unit
-                  type: object
-                type: object
-            required:
-            - groupVersionKinds
-            type: object
-          status:
-            description: ExtensionResourcePriceStatus defines the observed state of
-              ExtensionResourcePrice
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
diff --git a/controllers/pkg/metering/config/crd/bases/metering.common.sealos.io_resources.yaml b/controllers/pkg/metering/config/crd/bases/metering.common.sealos.io_resources.yaml
deleted file mode 100644
index d52f19b0e92..00000000000
--- a/controllers/pkg/metering/config/crd/bases/metering.common.sealos.io_resources.yaml
+++ /dev/null
@@ -1,84 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.11.3
-  creationTimestamp: null
-  name: resources.metering.common.sealos.io
-spec:
-  group: metering.common.sealos.io
-  names:
-    kind: Resource
-    listKind: ResourceList
-    plural: resources
-    singular: resource
-  scope: Namespaced
-  versions:
-  - name: v1
-    schema:
-      openAPIV3Schema:
-        description: Resource is the Schema for the resources API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: ResourceSpec defines the desired state of Resource
-            properties:
-              resources:
-                additionalProperties:
-                  properties:
-                    cost:
-                      format: int64
-                      type: integer
-                    namespace:
-                      type: string
-                    resourceName:
-                      type: string
-                    time:
-                      format: int64
-                      type: integer
-                    used:
-                      anyOf:
-                      - type: integer
-                      - type: string
-                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                      x-kubernetes-int-or-string: true
-                  type: object
-                type: object
-            type: object
-          status:
-            description: ResourceStatus defines the observed state of Resource
-            properties:
-              status:
-                type: string
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
diff --git a/controllers/pkg/metering/config/crd/kustomization.yaml b/controllers/pkg/metering/config/crd/kustomization.yaml
deleted file mode 100644
index 4b6586b42a2..00000000000
--- a/controllers/pkg/metering/config/crd/kustomization.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# This kustomization.yaml is not intended to be run by itself,
-# since it depends on service name and namespace that are out of this kustomize package.
-# It should be run by config/default
-resources:
-- bases/metering.common.sealos.io_resources.yaml
-- bases/metering.common.sealos.io_extensionresourceprices.yaml
-#+kubebuilder:scaffold:crdkustomizeresource
-
-patchesStrategicMerge:
-# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
-# patches here are for enabling the conversion webhook for each CRD
-#- patches/webhook_in_resources.yaml
-#- patches/webhook_in_extensionresourceprice.yaml
-#+kubebuilder:scaffold:crdkustomizewebhookpatch
-
-# [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix.
-# patches here are for enabling the CA injection for each CRD
-#- patches/cainjection_in_resources.yaml
-#- patches/cainjection_in_extensionresourceprice.yaml
-#+kubebuilder:scaffold:crdkustomizecainjectionpatch
-
-# the following config is for teaching kustomize how to do kustomization for CRDs.
-configurations:
-- kustomizeconfig.yaml
diff --git a/controllers/pkg/metering/config/crd/patches/cainjection_in_extensionresourceprice.yaml b/controllers/pkg/metering/config/crd/patches/cainjection_in_extensionresourceprice.yaml
deleted file mode 100644
index 8339ef6b7e4..00000000000
--- a/controllers/pkg/metering/config/crd/patches/cainjection_in_extensionresourceprice.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# The following patch adds a directive for certmanager to inject CA into the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
-  name: extensionresourceprice.metering.common.sealos.io
diff --git a/controllers/pkg/metering/config/crd/patches/cainjection_in_resources.yaml b/controllers/pkg/metering/config/crd/patches/cainjection_in_resources.yaml
deleted file mode 100644
index 7c078e0bf8f..00000000000
--- a/controllers/pkg/metering/config/crd/patches/cainjection_in_resources.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# The following patch adds a directive for certmanager to inject CA into the CRD
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
-  name: resources.metering.common.sealos.io
diff --git a/controllers/pkg/resources/named.go b/controllers/pkg/resources/named.go
index 5e214a12ccd..cd02083d466 100644
--- a/controllers/pkg/resources/named.go
+++ b/controllers/pkg/resources/named.go
@@ -21,29 +21,11 @@ import (
 
 	corev1 "k8s.io/api/core/v1"
 
-	sealos_networkmanager "github.com/dinoallo/sealos-networkmanager-protoapi"
-
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
-/*
-AppType (sort by label) :
-	Database： app.kubernetes.io/instance=gitea  app.kubernetes.io/managed-by=kubeblocks apps.kubeblocks.io/component-name
-	AppLaunchpad：app: xxx
-	Terminal： TerminalID: xxx
-	Cronjob：job-name: xxx
-	Other: in addition to the above all labels
-*/
-
-const (
-	Pod = "Pod"
-	PVC = "PVC"
-)
-
 const (
 	DBPodLabelInstanceKey       = "app.kubernetes.io/instance"
-	DBPodLabelManagedByKey      = "app.kubernetes.io/managed-by"
-	DBPodLabelManagedByValue    = "kubeblocks"
 	DBPodLabelComponentNameKey  = "apps.kubeblocks.io/component-name"
 	TerminalIDLabelKey          = "TerminalID"
 	AppLabelKey                 = "app"
@@ -154,93 +136,6 @@ func (r *ResourceNamed) ParentName() string {
 	return r.parentName
 }
 
-func (r *ResourceNamed) Labels() map[string]string {
-	label := make(map[string]string)
-	switch r.Type() {
-	case db:
-		label[DBPodLabelComponentNameKey] = r.labels[DBPodLabelComponentNameKey]
-		label[DBPodLabelInstanceKey] = r.labels[DBPodLabelInstanceKey]
-	case terminal:
-		label[TerminalIDLabelKey] = r.labels[TerminalIDLabelKey]
-	case app:
-		label[AppLabelKey] = r.labels[AppLabelKey]
-	case job:
-		label[JobNameLabelKey] = r.labels[JobNameLabelKey]
-		//case other:
-		//default:
-	}
-	return label
-}
-
-var notExistLabels = func() map[uint8][]*sealos_networkmanager.Label {
-	labels := make(map[uint8][]*sealos_networkmanager.Label)
-	for k := range AppTypeReverse {
-		labels[k] = getNotExistLabels(k)
-	}
-	return labels
-}()
-
-func (r *ResourceNamed) GetNotExistLabels() []*sealos_networkmanager.Label {
-	return notExistLabels[r.Type()]
-}
-
-func getNotExistLabels(tp uint8) []*sealos_networkmanager.Label {
-	var labels []*sealos_networkmanager.Label
-	for appType := range AppTypeReverse {
-		if tp == appType {
-			continue
-		}
-		switch appType {
-		case db:
-			labels = append(labels, &sealos_networkmanager.Label{
-				Key: DBPodLabelComponentNameKey,
-			}, &sealos_networkmanager.Label{
-				Key: DBPodLabelManagedByKey,
-			})
-		case app:
-			labels = append(labels, &sealos_networkmanager.Label{
-				Key: AppLabelKey,
-			})
-		case terminal:
-			labels = append(labels, &sealos_networkmanager.Label{
-				Key: TerminalIDLabelKey,
-			})
-		case job:
-			labels = append(labels, &sealos_networkmanager.Label{
-				Key: JobNameLabelKey,
-			})
-		}
-	}
-	return labels
-}
-
-func (r *ResourceNamed) GetInLabels() []*sealos_networkmanager.Label {
-	var labelsEqual []*sealos_networkmanager.Label
-	switch r.Type() {
-	case db:
-		labelsEqual = append(labelsEqual, &sealos_networkmanager.Label{
-			Key:   DBPodLabelComponentNameKey,
-			Value: []string{r.labels[DBPodLabelComponentNameKey]},
-		})
-	case terminal:
-		labelsEqual = append(labelsEqual, &sealos_networkmanager.Label{
-			Key:   TerminalIDLabelKey,
-			Value: []string{r.labels[TerminalIDLabelKey]},
-		})
-	case app:
-		labelsEqual = append(labelsEqual, &sealos_networkmanager.Label{
-			Key:   AppLabelKey,
-			Value: []string{r.labels[AppLabelKey]},
-		})
-	case job:
-		labelsEqual = append(labelsEqual, &sealos_networkmanager.Label{
-			Key:   JobNameLabelKey,
-			Value: []string{r.labels[JobNameLabelKey]},
-		})
-	}
-	return labelsEqual
-}
-
 func (r *ResourceNamed) TypeString() string {
 	return r._type
 }
diff --git a/controllers/pkg/types/global.go b/controllers/pkg/types/global.go
index 38a7ea92b8b..12ce3a8db7a 100644
--- a/controllers/pkg/types/global.go
+++ b/controllers/pkg/types/global.go
@@ -187,46 +187,6 @@ func (RegionUserCr) TableName() string {
 	return "UserCr"
 }
 
-type TransferAccountV1 struct {
-	//RealUser   RealUser
-	RegionUID       uuid.UUID `gorm:"column:regionUid;type:uuid;not null"`
-	RegionUserOwner string    `gorm:"column:regionUserOwner;type:text;not null"`
-	Exist           bool      `gorm:"type:boolean;default:false"`
-	Account
-}
-
-func (TransferAccountV1) TableName() string {
-	return "TransferAccountV1"
-}
-
-type NullUserRecord struct {
-	CrName   string `gorm:"column:crName;type:text;not null;unique"`
-	RegionID string `gorm:"type:text;not null"`
-}
-
-func (NullUserRecord) TableName() string {
-	return "NullUserRecord"
-}
-
-type ErrorAccountCreate struct {
-	Account
-	UserCr          string    `gorm:"column:userCr;type:text;not null;unique"`
-	ErrorTime       time.Time `gorm:"type:timestamp(3) with time zone;default:current_timestamp()"`
-	RegionUID       uuid.UUID `gorm:"column:regionUid;type:uuid;not null"`
-	RegionUserOwner string    `gorm:"column:regionUserOwner;type:text;not null"`
-	Message         string    `gorm:"type:text;not null"`
-}
-
-func (ErrorAccountCreate) TableName() string {
-	return "ErrorAccountCreate"
-}
-
-type ErrorPaymentCreate struct {
-	PaymentRaw
-	CreateTime time.Time `gorm:"type:timestamp(3) with time zone;default:current_timestamp()"`
-	Message    string    `gorm:"type:text;not null"`
-}
-
 type PaymentRaw struct {
 	UserUID         uuid.UUID `gorm:"column:userUid;type:uuid;not null"`
 	RegionUID       uuid.UUID `gorm:"column:regionUid;type:uuid;not null"`
@@ -250,10 +210,6 @@ const (
 	ActivityTypeFirstRecharge ActivityType = "FIRST_RECHARGE"
 )
 
-func (ErrorPaymentCreate) TableName() string {
-	return "ErrorPaymentCreate"
-}
-
 type Payment struct {
 	ID string `gorm:"type:text;primary_key"`
 	PaymentRaw

From f4ad702e914ef7710420c44a17b29f755429d595 Mon Sep 17 00:00:00 2001
From: limbo <43649186+HUAHUAI23@users.noreply.github.com>
Date: Sat, 12 Oct 2024 16:12:36 +0800
Subject: [PATCH 36/63] feat(desktop): hidden enterprise auth (#5149)

---
 .../src/components/account/RealNameModal.tsx     | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/frontend/desktop/src/components/account/RealNameModal.tsx b/frontend/desktop/src/components/account/RealNameModal.tsx
index a523d7d9bcc..31f591fdaef 100644
--- a/frontend/desktop/src/components/account/RealNameModal.tsx
+++ b/frontend/desktop/src/components/account/RealNameModal.tsx
@@ -198,7 +198,7 @@ function RealNameModal(props: {
                 >
                   {t('common:personal_verification')}
                 </Tab>
-                <Tab
+                {/* <Tab
                   display="flex"
                   padding="8px 4px"
                   justifyContent="center"
@@ -210,7 +210,7 @@ function RealNameModal(props: {
                   _focus={{ boxShadow: 'none' }}
                 >
                   {t('common:enterprise_verification')}
-                </Tab>
+                </Tab> */}
               </TabList>
               <TabIndicator height="2px" bg="grayModern.900" borderRadius="1px" />
               <TabPanels mt="28px">
@@ -224,7 +224,7 @@ function RealNameModal(props: {
                     }}
                   />
                 </TabPanel>
-                <TabPanel p="0">
+                {/* <TabPanel p="0">
                   <EnterpriseVerification
                     onFormSuccess={() => {
                       onClose();
@@ -233,7 +233,7 @@ function RealNameModal(props: {
                       }
                     }}
                   />
-                </TabPanel>
+                </TabPanel> */}
               </TabPanels>
             </Tabs>
           </ModalBody>
@@ -265,7 +265,7 @@ export function RealNameAuthForm(
         >
           {t('common:personal_verification')}
         </Tab>
-        <Tab
+        {/* <Tab
           display="flex"
           padding="8px 4px"
           justifyContent="center"
@@ -277,7 +277,7 @@ export function RealNameAuthForm(
           _focus={{ boxShadow: 'none' }}
         >
           {t('common:enterprise_verification')}
-        </Tab>
+        </Tab> */}
       </TabList>
       <TabIndicator height="2px" bg="grayModern.900" borderRadius="1px" />
       <TabPanels mt="28px">
@@ -290,7 +290,7 @@ export function RealNameAuthForm(
             }}
           />
         </TabPanel>
-        <TabPanel p="0">
+        {/* <TabPanel p="0">
           <EnterpriseVerification
             onFormSuccess={() => {
               if (props.onFormSuccess && typeof props.onFormSuccess === 'function') {
@@ -298,7 +298,7 @@ export function RealNameAuthForm(
               }
             }}
           />
-        </TabPanel>
+        </TabPanel> */}
       </TabPanels>
     </Tabs>
   );

From ed4e7b12bd24921e777d3ba86a1f1846f5726108 Mon Sep 17 00:00:00 2001
From: Jiahui <4543bxy@gmail.com>
Date: Sat, 12 Oct 2024 16:22:46 +0800
Subject: [PATCH 37/63] fix the payment controller start error (#5150)

---
 controllers/account/controllers/payment_controller.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/controllers/account/controllers/payment_controller.go b/controllers/account/controllers/payment_controller.go
index 85e6eac7717..1a016bc44a7 100644
--- a/controllers/account/controllers/payment_controller.go
+++ b/controllers/account/controllers/payment_controller.go
@@ -98,7 +98,7 @@ func (r *PaymentReconciler) SetupWithManager(mgr ctrl.Manager) (err error) {
 		return fmt.Errorf("get account config failed: %w", err)
 	}
 	if len(r.accountConfig.DefaultDiscountSteps) == 0 {
-		return fmt.Errorf("default discount steps is empty")
+		r.Logger.Info("default discount steps is empty, use default value")
 	}
 	r.Logger.V(1).Info("account config", "config", r.accountConfig)
 	r.Logger.V(1).Info("reconcile duration", "reconcileDuration", r.reconcileDuration, "createDuration", r.createDuration)

From 4613b47797c8e93cb189d58deebad5e0a0c3fce0 Mon Sep 17 00:00:00 2001
From: Jiahui <4543bxy@gmail.com>
Date: Tue, 15 Oct 2024 16:52:53 +0800
Subject: [PATCH 38/63] fix the init job to create user permissions (#5153)

---
 controllers/account/config/rbac/role.yaml             | 1 +
 controllers/account/controllers/account_controller.go | 2 +-
 controllers/account/deploy/manifests/deploy.yaml      | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/controllers/account/config/rbac/role.yaml b/controllers/account/config/rbac/role.yaml
index 723a2837e5d..ae3b9773c50 100644
--- a/controllers/account/config/rbac/role.yaml
+++ b/controllers/account/config/rbac/role.yaml
@@ -337,6 +337,7 @@ rules:
   resources:
   - users
   verbs:
+  - create
   - get
   - list
   - watch
diff --git a/controllers/account/controllers/account_controller.go b/controllers/account/controllers/account_controller.go
index ff5d6c012d7..7024d150cfb 100644
--- a/controllers/account/controllers/account_controller.go
+++ b/controllers/account/controllers/account_controller.go
@@ -86,7 +86,7 @@ type AccountReconciler struct {
 //+kubebuilder:rbac:groups=account.sealos.io,resources=accounts/finalizers,verbs=update
 //+kubebuilder:rbac:groups=core,resources=resourcequotas,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=core,resources=limitranges,verbs=get;list;watch;create;update;patch;delete
-//+kubebuilder:rbac:groups=user.sealos.io,resources=users,verbs=get;list;watch
+//+kubebuilder:rbac:groups=user.sealos.io,resources=users,verbs=create;get;list;watch
 //+kubebuilder:rbac:groups=rbac.authorization.k8s.io,resources=rolebindings,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=rbac.authorization.k8s.io,resources=roles,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups="",resources=configmaps,verbs=get;list;watch;create;update;patch;delete
diff --git a/controllers/account/deploy/manifests/deploy.yaml b/controllers/account/deploy/manifests/deploy.yaml
index 0dbf09c8853..6ae9808efe5 100644
--- a/controllers/account/deploy/manifests/deploy.yaml
+++ b/controllers/account/deploy/manifests/deploy.yaml
@@ -550,6 +550,7 @@ rules:
   resources:
   - users
   verbs:
+  - create
   - get
   - list
   - watch

From 5b27a38e530330e085fc6d2a7d1c47096412a6a5 Mon Sep 17 00:00:00 2001
From: yangxg <yangxggo@163.com>
Date: Tue, 15 Oct 2024 23:47:22 +0800
Subject: [PATCH 39/63] opt: remove --masters and --nodes options for reset
 (#5148)

* opt: remove --masters and --nodes options for reset

Signed-off-by: yangxg <yangxggo@163.com>

* fix failed checks

Signed-off-by: yangxg <yangxggo@163.com>

---------

Signed-off-by: yangxg <yangxggo@163.com>
---
 cmd/sealos/cmd/reset.go |  4 ++--
 pkg/apply/args.go       | 12 ++++++++++--
 pkg/apply/args_test.go  | 10 +++++-----
 pkg/apply/reset.go      | 34 +++++++---------------------------
 pkg/apply/reset_test.go | 24 ++++--------------------
 5 files changed, 28 insertions(+), 56 deletions(-)

diff --git a/cmd/sealos/cmd/reset.go b/cmd/sealos/cmd/reset.go
index c08506878ef..e98c6a83148 100644
--- a/cmd/sealos/cmd/reset.go
+++ b/cmd/sealos/cmd/reset.go
@@ -31,8 +31,8 @@ reset you current cluster:
 
 func newResetCmd() *cobra.Command {
 	resetArgs := &apply.ResetArgs{
-		Cluster: &apply.Cluster{},
-		SSH:     &apply.SSH{},
+		ClusterName: &apply.ClusterName{},
+		SSH:         &apply.SSH{},
 	}
 
 	var resetCmd = &cobra.Command{
diff --git a/pkg/apply/args.go b/pkg/apply/args.go
index d5ec84182a2..c42e6cb42d6 100644
--- a/pkg/apply/args.go
+++ b/pkg/apply/args.go
@@ -37,6 +37,14 @@ func (c *Cluster) RegisterFlags(fs *pflag.FlagSet, verb, action string) {
 	fs.StringVar(&c.ClusterName, "cluster", "default", fmt.Sprintf("name of cluster to applied %s action", action))
 }
 
+type ClusterName struct {
+	ClusterName string
+}
+
+func (c *ClusterName) RegisterFlags(fs *pflag.FlagSet, _, action string) {
+	fs.StringVar(&c.ClusterName, "cluster", "default", fmt.Sprintf("name of cluster to applied %s action", action))
+}
+
 type SSH struct {
 	User       string
 	Password   string
@@ -85,12 +93,12 @@ func (arg *Args) RegisterFlags(fs *pflag.FlagSet) {
 }
 
 type ResetArgs struct {
-	*Cluster
+	*ClusterName
 	*SSH
 }
 
 func (arg *ResetArgs) RegisterFlags(fs *pflag.FlagSet) {
-	arg.Cluster.RegisterFlags(fs, "be reset", "reset")
+	arg.ClusterName.RegisterFlags(fs, "be reset", "reset")
 	arg.SSH.RegisterFlags(fs)
 }
 
diff --git a/pkg/apply/args_test.go b/pkg/apply/args_test.go
index 2216e1bef20..a22dc4d88d8 100644
--- a/pkg/apply/args_test.go
+++ b/pkg/apply/args_test.go
@@ -175,16 +175,16 @@ func TestParseResetArgsFlagsCorrect(t *testing.T) {
 	}{
 		{
 			[]string{
-				"--masters", "10.74.22.22:22", "--nodes", "10.74.22.44:22", "--cluster", "default",
+				"--cluster", "default",
 				"-u", "root", "-p", "s3cret", "--port", "2222",
 			},
 			&ResetArgs{
-				Cluster: &Cluster{},
-				SSH:     &SSH{},
+				ClusterName: &ClusterName{},
+				SSH:         &SSH{},
 			},
 			&ResetArgs{
-				Cluster: &Cluster{Masters: "10.74.22.22:22", Nodes: "10.74.22.44:22", ClusterName: "default"},
-				SSH:     &SSH{User: "root", Password: "s3cret", Port: 2222, Pk: path.Join(constants.GetHomeDir(), ".ssh", "id_rsa")},
+				ClusterName: &ClusterName{ClusterName: "default"},
+				SSH:         &SSH{User: "root", Password: "s3cret", Port: 2222, Pk: path.Join(constants.GetHomeDir(), ".ssh", "id_rsa")},
 			},
 		},
 	}
diff --git a/pkg/apply/reset.go b/pkg/apply/reset.go
index 74773a36e67..e308acec2c5 100644
--- a/pkg/apply/reset.go
+++ b/pkg/apply/reset.go
@@ -23,15 +23,12 @@ import (
 	"github.com/labring/sealos/pkg/apply/applydrivers"
 	"github.com/labring/sealos/pkg/clusterfile"
 	"github.com/labring/sealos/pkg/constants"
-	"github.com/labring/sealos/pkg/exec"
 	"github.com/labring/sealos/pkg/ssh"
-	v2 "github.com/labring/sealos/pkg/types/v1beta1"
 	"github.com/labring/sealos/pkg/utils/logger"
-	stringsutil "github.com/labring/sealos/pkg/utils/strings"
 )
 
 func NewApplierFromResetArgs(cmd *cobra.Command, args *ResetArgs) (applydrivers.Interface, error) {
-	clusterPath := constants.Clusterfile(args.ClusterName)
+	clusterPath := constants.Clusterfile(args.ClusterName.ClusterName)
 	cf := clusterfile.NewClusterFile(clusterPath)
 	err := cf.Process()
 	// incase we want to reset force
@@ -40,7 +37,7 @@ func NewApplierFromResetArgs(cmd *cobra.Command, args *ResetArgs) (applydrivers.
 	}
 	cluster := cf.GetCluster()
 	if cluster == nil {
-		cluster = initCluster(args.ClusterName)
+		return nil, errors.New("clusterfile must exist")
 	}
 	c := &ClusterArgs{
 		clusterName: cluster.Name,
@@ -53,36 +50,19 @@ func NewApplierFromResetArgs(cmd *cobra.Command, args *ResetArgs) (applydrivers.
 }
 
 func (r *ClusterArgs) resetArgs(cmd *cobra.Command, args *ResetArgs) error {
-	if args.Cluster.ClusterName == "" {
+	if args.ClusterName.ClusterName == "" {
 		return fmt.Errorf("cluster name can not be empty")
 	}
-	if err := PreProcessIPList(args.Cluster); err != nil {
-		return err
-	}
 	override := getSSHFromCommand(cmd)
 	if override != nil {
 		ssh.OverSSHConfig(&r.cluster.Spec.SSH, override)
 	}
 
-	if len(args.Cluster.Masters) > 0 {
-		masters := stringsutil.FilterNonEmptyFromString(args.Cluster.Masters, ",")
-		nodes := stringsutil.FilterNonEmptyFromString(args.Cluster.Nodes, ",")
-		r.hosts = []v2.Host{}
-
-		sshClient := ssh.NewCacheClientFromCluster(r.cluster, true)
-		execer, err := exec.New(sshClient)
-		if err != nil {
-			return err
-		}
-		r.setHostWithIpsPort(masters, []string{v2.MASTER, GetHostArch(execer, masters[0])})
-		if len(nodes) > 0 {
-			r.setHostWithIpsPort(nodes, []string{v2.NODE, GetHostArch(execer, nodes[0])})
-		}
-		r.cluster.Spec.Hosts = r.hosts
+	if r.cluster.ObjectMeta.CreationTimestamp.IsZero() {
+		return errors.New("creation time must be specified in clusterfile")
 	}
-
-	if r.cluster.ObjectMeta.CreationTimestamp.IsZero() && len(r.cluster.Spec.Hosts) == 0 {
-		return errors.New("must specified '--masters' or '--nodes' when clusterfile is not exists")
+	if len(r.cluster.Spec.Hosts) == 0 {
+		return errors.New("host must not be empty in clusterfile")
 	}
 	logger.Debug("cluster info: %v", r.cluster)
 	return nil
diff --git a/pkg/apply/reset_test.go b/pkg/apply/reset_test.go
index 607387be1bc..d4f398b8f0d 100644
--- a/pkg/apply/reset_test.go
+++ b/pkg/apply/reset_test.go
@@ -35,22 +35,8 @@ func TestNewApplierFromResetArgs(t *testing.T) {
 			name: "error",
 			args: args{
 				args: &ResetArgs{
-					Cluster: &Cluster{},
-					SSH:     &SSH{},
-				},
-			},
-			wantErr: true,
-		},
-		{
-			name: "error duplicate",
-			args: args{
-				args: &ResetArgs{
-					Cluster: &Cluster{
-						Masters:     "192.158.1.1",
-						Nodes:       "192.158.1.1",
-						ClusterName: "default",
-					},
-					SSH: &SSH{},
+					ClusterName: &ClusterName{},
+					SSH:         &SSH{},
 				},
 			},
 			wantErr: true,
@@ -59,15 +45,13 @@ func TestNewApplierFromResetArgs(t *testing.T) {
 			name: "success",
 			args: args{
 				args: &ResetArgs{
-					Cluster: &Cluster{
-						Masters:     "192.158.1.1",
-						Nodes:       "192.158.1.2",
+					ClusterName: &ClusterName{
 						ClusterName: "default",
 					},
 					SSH: &SSH{},
 				},
 			},
-			wantErr: false,
+			wantErr: true, // clusterfile must exist
 		},
 	}
 	for _, tt := range tests {

From 561a630d712e06de3998bd610458c8b382863bc7 Mon Sep 17 00:00:00 2001
From: xzy <ziyi@sealos.io>
Date: Wed, 16 Oct 2024 18:16:54 +0800
Subject: [PATCH 40/63] fix minioKubeblocksPassword env error (#5157)

---
 deploy/objectstorage/Kubefile  | 2 +-
 deploy/objectstorage/README.md | 8 +++++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/deploy/objectstorage/Kubefile b/deploy/objectstorage/Kubefile
index c8de4664538..01c581d7cfe 100644
--- a/deploy/objectstorage/Kubefile
+++ b/deploy/objectstorage/Kubefile
@@ -11,6 +11,6 @@ ENV minioStorageSize=${minioStorageSize:-1Gi}
 ENV promStorageSize=${promStorageSize:-1Gi}
 ENV minioAdminUser=${minioAdminUser:-"username"}
 ENV minioAdminPassword=${minioAdminPassword:-"passw0rd"}
-ENV minioKubeblocksPassword=${minioAdminPassword:-"kubeblocks"}
+ENV minioKubeblocksPassword=${minioKubeblocksPassword:-"kubeblocks"}
 
 CMD ["bash scripts/init.sh"]
diff --git a/deploy/objectstorage/README.md b/deploy/objectstorage/README.md
index a7c9bd9c561..9e0fee22bcb 100644
--- a/deploy/objectstorage/README.md
+++ b/deploy/objectstorage/README.md
@@ -2,7 +2,13 @@
 
 ## version
 
-date: 2024.9.10
+### date: 2024.10.16
+
+log: fix minioKubeblocksPassword env error
+
+### date: 2024.9.10
+
+log: update controller and frontend image
 
 ## components
 

From 13068953ef92b06ee43dc1f9e3488765b8833570 Mon Sep 17 00:00:00 2001
From: zzjin <zzjin@users.noreply.github.com>
Date: Wed, 16 Oct 2024 21:36:48 +0800
Subject: [PATCH 41/63] Update devbox controller, add support init request
 ephemeral storage. (#5156)

* Update devbox controller, add support init request ephemeral storage.

Signed-off-by: zzjin <tczzjin@gmail.com>

* Fix controller reconcile ignore.

Signed-off-by: zzjin <tczzjin@gmail.com>

* Fix typo.

Signed-off-by: zzjin <tczzjin@gmail.com>

---------

Signed-off-by: zzjin <tczzjin@gmail.com>
---
 controllers/devbox/cmd/main.go                | 19 +++++++------
 .../internal/controller/devbox_controller.go  |  7 +++--
 .../internal/controller/helper/devbox.go      | 28 +++++++++++++++----
 3 files changed, 37 insertions(+), 17 deletions(-)

diff --git a/controllers/devbox/cmd/main.go b/controllers/devbox/cmd/main.go
index 75e046aa587..fba7e1dd261 100644
--- a/controllers/devbox/cmd/main.go
+++ b/controllers/devbox/cmd/main.go
@@ -69,7 +69,8 @@ func main() {
 	var registryUser string
 	var registryPassword string
 	var authAddr string
-	var ephemeralStorage string
+	var requestEphemeralStorage string
+	var limitEphemeralStorage string
 	var debugMode bool
 	flag.StringVar(&registryAddr, "registry-addr", "sealos.hub:5000", "The address of the registry")
 	flag.StringVar(&registryUser, "registry-user", "admin", "The user of the registry")
@@ -86,7 +87,8 @@ func main() {
 	flag.BoolVar(&enableHTTP2, "enable-http2", false,
 		"If set, HTTP/2 will be enabled for the metrics and webhook servers")
 	flag.BoolVar(&debugMode, "debug", false, "If set, debug mode will be enabled")
-	flag.StringVar(&ephemeralStorage, "ephemeral-storage", "2000Mi", "The maximum value of equatorial storage in devbox.")
+	flag.StringVar(&requestEphemeralStorage, "request-ephemeral-storage", "500Mi", "The request value of ephemeral storage in devbox.")
+	flag.StringVar(&limitEphemeralStorage, "limit-ephemeral-storage", "10Gi", "The limit value of ephemeral storage in devbox.")
 	opts := zap.Options{
 		Development: true,
 	}
@@ -177,12 +179,13 @@ func main() {
 	}
 
 	if err = (&controller.DevboxReconciler{
-		Client:              mgr.GetClient(),
-		Scheme:              mgr.GetScheme(),
-		CommitImageRegistry: registryAddr,
-		Recorder:            mgr.GetEventRecorderFor("devbox-controller"),
-		EquatorialStorage:   ephemeralStorage,
-		DebugMode:           debugMode,
+		Client:                  mgr.GetClient(),
+		Scheme:                  mgr.GetScheme(),
+		CommitImageRegistry:     registryAddr,
+		Recorder:                mgr.GetEventRecorderFor("devbox-controller"),
+		RequestEphemeralStorage: requestEphemeralStorage,
+		LimitEphemeralStorage:   limitEphemeralStorage,
+		DebugMode:               debugMode,
 	}).SetupWithManager(mgr); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", "Devbox")
 		os.Exit(1)
diff --git a/controllers/devbox/internal/controller/devbox_controller.go b/controllers/devbox/internal/controller/devbox_controller.go
index a74fef4893e..8cef15bade5 100644
--- a/controllers/devbox/internal/controller/devbox_controller.go
+++ b/controllers/devbox/internal/controller/devbox_controller.go
@@ -44,8 +44,9 @@ import (
 
 // DevboxReconciler reconciles a Devbox object
 type DevboxReconciler struct {
-	CommitImageRegistry string
-	EquatorialStorage   string
+	CommitImageRegistry     string
+	RequestEphemeralStorage string
+	LimitEphemeralStorage   string
 
 	DebugMode bool
 
@@ -526,7 +527,7 @@ func (r *DevboxReconciler) generateDevboxPod(devbox *devboxv1alpha1.Devbox, runt
 			WorkingDir: helper.GenerateWorkingDir(devbox, runtime),
 			Command:    helper.GenerateCommand(devbox, runtime),
 			Args:       helper.GenerateDevboxArgs(devbox, runtime),
-			Resources:  helper.GenerateResourceRequirements(devbox, r.EquatorialStorage),
+			Resources:  helper.GenerateResourceRequirements(devbox, r.RequestEphemeralStorage, r.LimitEphemeralStorage),
 		},
 	}
 
diff --git a/controllers/devbox/internal/controller/helper/devbox.go b/controllers/devbox/internal/controller/helper/devbox.go
index 7ce9ac497f5..a84032eb48a 100644
--- a/controllers/devbox/internal/controller/helper/devbox.go
+++ b/controllers/devbox/internal/controller/helper/devbox.go
@@ -218,6 +218,16 @@ func PodMatchExpectations(expectPod *corev1.Pod, pod *corev1.Pod) bool {
 		return false
 	}
 
+	// Check Ephemeral Storage changes
+	if container.Resources.Requests.StorageEphemeral().Cmp(*expectContainer.Resources.Requests.StorageEphemeral()) != 0 {
+		slog.Info("Ephemeral-Storage requests are not equal")
+		return false
+	}
+	if container.Resources.Limits.StorageEphemeral().Cmp(*expectContainer.Resources.Limits.StorageEphemeral()) != 0 {
+		slog.Info("Ephemeral-Storage limits are not equal")
+		return false
+	}
+
 	// Check environment variables
 	if len(container.Env) != len(expectContainer.Env) {
 		return false
@@ -370,18 +380,19 @@ func GenerateSSHVolume(devbox *devboxv1alpha1.Devbox) corev1.Volume {
 	}
 }
 
-func GenerateResourceRequirements(devbox *devboxv1alpha1.Devbox, equatorialStorage string) corev1.ResourceRequirements {
+func GenerateResourceRequirements(devbox *devboxv1alpha1.Devbox, requestEphemeralStorage, limitEphemeralStorage string) corev1.ResourceRequirements {
 	return corev1.ResourceRequirements{
 		Requests: calculateResourceRequest(
 			corev1.ResourceList{
-				corev1.ResourceCPU:    devbox.Spec.Resource["cpu"],
-				corev1.ResourceMemory: devbox.Spec.Resource["memory"],
+				corev1.ResourceCPU:              devbox.Spec.Resource["cpu"],
+				corev1.ResourceMemory:           devbox.Spec.Resource["memory"],
+				corev1.ResourceEphemeralStorage: resource.MustParse(requestEphemeralStorage),
 			},
 		),
 		Limits: corev1.ResourceList{
-			"cpu":               devbox.Spec.Resource["cpu"],
-			"memory":            devbox.Spec.Resource["memory"],
-			"ephemeral-storage": resource.MustParse(equatorialStorage),
+			corev1.ResourceCPU:              devbox.Spec.Resource["cpu"],
+			corev1.ResourceMemory:           devbox.Spec.Resource["memory"],
+			corev1.ResourceEphemeralStorage: resource.MustParse(limitEphemeralStorage),
 		},
 	}
 }
@@ -403,6 +414,11 @@ func calculateResourceRequest(limit corev1.ResourceList) corev1.ResourceList {
 		memoryRequest := memoryValue / rate
 		request[corev1.ResourceMemory] = *resource.NewQuantity(int64(memoryRequest), resource.BinarySI)
 	}
+
+	if ephemeralStorage, ok := limit[corev1.ResourceEphemeralStorage]; ok {
+		request[corev1.ResourceEphemeralStorage] = ephemeralStorage
+	}
+
 	return request
 }
 

From 3c67bd1d190b0f015aab95f08bc94c7c545c20ab Mon Sep 17 00:00:00 2001
From: jingyang <72259332+zjy365@users.noreply.github.com>
Date: Thu, 17 Oct 2024 13:59:38 +0800
Subject: [PATCH 42/63] fix: add dbType to getDBSecret query parameters (#5158)

* feat: add Kafka and Milvus connection string support

* fix: add dbType to getDBSecret query parameters
---
 .../dbprovider/src/pages/api/platform/resourcePrice.ts        | 1 -
 .../dbprovider/src/pages/db/detail/components/AppBaseInfo.tsx | 4 ++--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/frontend/providers/dbprovider/src/pages/api/platform/resourcePrice.ts b/frontend/providers/dbprovider/src/pages/api/platform/resourcePrice.ts
index 05de97e0ee4..bf26ccb9f09 100644
--- a/frontend/providers/dbprovider/src/pages/api/platform/resourcePrice.ts
+++ b/frontend/providers/dbprovider/src/pages/api/platform/resourcePrice.ts
@@ -56,7 +56,6 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
       data
     });
   } catch (error) {
-    console.log(error);
     jsonRes(res, { code: 500, message: 'get price error' });
   }
 }
diff --git a/frontend/providers/dbprovider/src/pages/db/detail/components/AppBaseInfo.tsx b/frontend/providers/dbprovider/src/pages/db/detail/components/AppBaseInfo.tsx
index 3f3e8017f97..3dd01fb4f25 100644
--- a/frontend/providers/dbprovider/src/pages/db/detail/components/AppBaseInfo.tsx
+++ b/frontend/providers/dbprovider/src/pages/db/detail/components/AppBaseInfo.tsx
@@ -59,7 +59,7 @@ const AppBaseInfo = ({ db = defaultDBDetail }: { db: DBDetailType }) => {
   );
 
   const { data: secret } = useQuery(
-    ['getDBSecret', db.dbName],
+    ['getDBSecret', db.dbName, db.dbType],
     () => (db.dbName ? getDBSecret({ dbName: db.dbName, dbType: db.dbType }) : null),
     {
       enabled: supportConnectDB
@@ -67,7 +67,7 @@ const AppBaseInfo = ({ db = defaultDBDetail }: { db: DBDetailType }) => {
   );
 
   const { data: service, refetch } = useQuery(
-    ['getDBService', db.dbName],
+    ['getDBService', db.dbName, db.dbType],
     () => (db.dbName ? getDBServiceByName(`${db.dbName}-export`) : null),
     {
       enabled: supportConnectDB,

From 4c7d6a93eaa0ee268d64a7a3e5d846f520d3244f Mon Sep 17 00:00:00 2001
From: yy <56745951+lingdie@users.noreply.github.com>
Date: Thu, 17 Oct 2024 16:42:56 +0800
Subject: [PATCH 43/63] Devbox offline deploy. (#5159)

* add devbox offline install scripts

* devbox-offline

* fix kubefile
---
 deploy/devbox/Kubefile                        | 11 +++++++
 deploy/devbox/init.sh                         | 33 +++++++++++++++++++
 deploy/devbox/scripts/init.sh                 |  6 ++++
 deploy/objectstorage/init.sh                  |  2 +-
 frontend/providers/devbox/deploy/Kubefile     |  8 +----
 .../devbox/deploy/manifests/deploy.yaml.tmpl  |  8 ++---
 .../devbox/deploy/manifests/rbac.yaml         | 30 -----------------
 .../deploy/scripts/update-backup-label.sh     | 30 -----------------
 8 files changed, 56 insertions(+), 72 deletions(-)
 create mode 100644 deploy/devbox/Kubefile
 create mode 100644 deploy/devbox/init.sh
 create mode 100644 deploy/devbox/scripts/init.sh
 delete mode 100644 frontend/providers/devbox/deploy/manifests/rbac.yaml
 delete mode 100644 frontend/providers/devbox/deploy/scripts/update-backup-label.sh

diff --git a/deploy/devbox/Kubefile b/deploy/devbox/Kubefile
new file mode 100644
index 00000000000..b3edf5f36b7
--- /dev/null
+++ b/deploy/devbox/Kubefile
@@ -0,0 +1,11 @@
+FROM scratch
+COPY tars tars
+COPY scripts scripts
+
+ENV cloudDomain=${cloudDomain:-"127.0.0.1.nip.io"}
+ENV cloudPort=""
+ENV registryAddr=${registryAddr:-"sealos.hub:5000"}
+ENV registryUser=${registryUser:-"admin"}
+ENV registryPassword=${registryPassword:-"passw0rd"}
+
+CMD ["bash scripts/init.sh"]
diff --git a/deploy/devbox/init.sh b/deploy/devbox/init.sh
new file mode 100644
index 00000000000..875547bca3d
--- /dev/null
+++ b/deploy/devbox/init.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+readonly ARCH=${1:-amd64}
+set -e
+
+mkdir -p tars
+
+RetryPullImageInterval=3
+RetrySleepSeconds=3
+
+
+retryPullImage() {
+    local image=$1
+    local retry=0
+    local retryMax=3
+    set +e
+    while [ $retry -lt $RetryPullImageInterval ]; do
+        sealos pull --policy=always --platform=linux/"${ARCH}" $image >/dev/null && break
+        retry=$(($retry + 1))
+        echo "retry pull image $image, retry times: $retry"
+        sleep $RetrySleepSeconds
+    done
+    set -e
+    if [ $retry -eq $retryMax ]; then
+        echo "pull image $image failed"
+        exit 1
+    fi
+}
+
+retryPullImage ghcr.io/labring/sealos-cloud-devbox-controller:latest
+retryPullImage ghcr.io/labring/sealos-cloud-devbox-frontend:latest
+
+sealos save -o tars/devbox-controller.tar ghcr.io/labring/sealos-cloud-devbox-controller:latest
+sealos save -o tars/devbox-frontend.tar ghcr.io/labring/sealos-cloud-devbox-frontend:latest
diff --git a/deploy/devbox/scripts/init.sh b/deploy/devbox/scripts/init.sh
new file mode 100644
index 00000000000..54e779f940c
--- /dev/null
+++ b/deploy/devbox/scripts/init.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+set -e
+
+sealos run tars/devbox-controller.tar -e cloudDomain=${cloudDomain} -e cloudPort=${cloudPort} -e registryAddr=${registryAddr} -e registryUser=${registryUser} -e registryPassword=${registryPassword}
+sealos run tars/devbox-frontend.tar -e cloudDomain=${cloudDomain} -e cloudPort=${cloudPort}
diff --git a/deploy/objectstorage/init.sh b/deploy/objectstorage/init.sh
index 5fbe719077d..9e1b22eba1c 100644
--- a/deploy/objectstorage/init.sh
+++ b/deploy/objectstorage/init.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 set -e
-export readonly ARCH=${1:-amd64}
+readonly ARCH=${1:-amd64}
 mkdir -p tars
 
 RetryPullImageInterval=3
diff --git a/frontend/providers/devbox/deploy/Kubefile b/frontend/providers/devbox/deploy/Kubefile
index ffb761baf08..b5729882e69 100644
--- a/frontend/providers/devbox/deploy/Kubefile
+++ b/frontend/providers/devbox/deploy/Kubefile
@@ -8,12 +8,6 @@ COPY manifests manifests
 ENV cloudDomain="127.0.0.1.nip.io"
 ENV cloudPort=""
 ENV certSecretName="wildcard-cert"
-ENV monitorUrl="http://database-monitor.sealos.svc.cluster.local:9090"
-ENV minioUrl=""
-ENV minioAccessKey=""
-ENV minioSecretKey=""
-ENV minioPort=""
-ENV migrateFileImage=""
-ENV minioBucketName=""
+ENV registryAddr="sealos.hub:5000"
 
 CMD ["kubectl apply -f manifests"]
diff --git a/frontend/providers/devbox/deploy/manifests/deploy.yaml.tmpl b/frontend/providers/devbox/deploy/manifests/deploy.yaml.tmpl
index 6514f1538f2..4790c8b5b86 100644
--- a/frontend/providers/devbox/deploy/manifests/deploy.yaml.tmpl
+++ b/frontend/providers/devbox/deploy/manifests/deploy.yaml.tmpl
@@ -38,17 +38,17 @@ spec:
         - name: devbox-frontend
           env:
             - name: SEALOS_DOMAIN
-              value: { { .cloudDomain } }
+              value: {{ .cloudDomain }}
             - name: INGRESS_SECRET
               value: wildcard-cert
             - name: REGISTRY_ADDR
-              value: hub.{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}
+              value: {{ .registryAddr }}
             - name: DEVBOX_AFFINITY_ENABLE
               value: 'true'
             - name: MONITOR_URL
               value: http://launchpad-monitor.sealos.svc.cluster.local:8428
             - name: SQUASH_ENABLE
-              value: 'true'
+              value: 'false'
             - name: ACCOUNT_URL
               value: http://account-service.account-system.svc.cluster.local:2333
           securityContext:
@@ -63,7 +63,7 @@ spec:
               cpu: 2000m
               memory: 2048Mi
             requests:
-              cpu: 10m
+              cpu: 100m
               memory: 128Mi
           # do not modify this image, it is used for CI/CD
           image: ghcr.io/labring/sealos-devbox-frontend:latest
diff --git a/frontend/providers/devbox/deploy/manifests/rbac.yaml b/frontend/providers/devbox/deploy/manifests/rbac.yaml
deleted file mode 100644
index ff8e7b80519..00000000000
--- a/frontend/providers/devbox/deploy/manifests/rbac.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: cluster-version-reader
-  namespace: devbox-frontend
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: cluster-version-reader
-rules:
-  - apiGroups: ['apps.kubeblocks.io']
-    resources: ['clusterversions']
-    verbs: ['get', 'watch', 'list']
-  - apiGroups: ['dataprotection.kubeblocks.io']
-    resources: ['backuprepos']
-    verbs: ['get', 'watch', 'list']
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: cluster-version-reader-rolebinding
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: cluster-version-reader
-subjects:
-  - kind: ServiceAccount
-    name: cluster-version-reader
-    namespace: devbox-frontend
diff --git a/frontend/providers/devbox/deploy/scripts/update-backup-label.sh b/frontend/providers/devbox/deploy/scripts/update-backup-label.sh
deleted file mode 100644
index 016a6fa8c98..00000000000
--- a/frontend/providers/devbox/deploy/scripts/update-backup-label.sh
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/bash
-
-encodeToHex() {
-  local input="$1"
-  input=$(echo "$input" | cut -c -30)
-  echo -n "$input" | xxd -p | tr -d '\n'
-}
-
-decodeFromHex() {
-  local input="$1"
-  echo -n "$input" | xxd -r -p
-}
-
-backups=$(kubectl get Backup -A -o json | jq -c '.items[]')
-
-echo "$backups" | while IFS= read -r backup; do
-  namespace=$(echo "$backup" | jq -r '.metadata.namespace')
-  name=$(echo "$backup" | jq -r '.metadata.name')
-
-  current_value=$(echo "$backup" | jq -r '.metadata.labels["backup-remark"] // empty')
-  if [ -n "$current_value" ]; then
-    encoded_value=$(encodeToHex "$current_value")
-
-    kubectl patch Backup "$name" -n "$namespace" --type='json' -p="[{\"op\": \"replace\", \"path\": \"/metadata/labels/backup-remark\", \"value\": \"$encoded_value\"}]"
-
-    echo "Updated $namespace/$name: backup-remark before: $current_value, after: $encoded_value"
-  else
-    echo "No non-empty backup-remark label found for $namespace/$name"
-  fi
-done
\ No newline at end of file

From b300570422443f184ca663a0c5e27588f3fbd8ed Mon Sep 17 00:00:00 2001
From: jingyang <72259332+zjy365@users.noreply.github.com>
Date: Mon, 21 Oct 2024 10:49:44 +0800
Subject: [PATCH 44/63] fix:workorder overflow issue (#5160)

* fix:workorder overflow issue

* feat paste upload file

* update

* add message

* fix job
---
 .../template/src/pages/api/resource/delJob.ts | 19 ++++++++++++---
 .../workorder/public/locales/en/common.json   |  5 ++--
 .../workorder/public/locales/zh/common.json   |  5 ++--
 .../detail/components/AppBaseInfo.tsx         |  4 ++--
 .../detail/components/AppMainInfo.tsx         | 24 +++++++++++++++++--
 .../workorder/detail/components/Header.tsx    |  3 ++-
 .../src/pages/workorder/detail/index.tsx      |  1 +
 .../workorder/src/pages/workorders/index.tsx  | 19 +++++++++++----
 8 files changed, 64 insertions(+), 16 deletions(-)

diff --git a/frontend/providers/template/src/pages/api/resource/delJob.ts b/frontend/providers/template/src/pages/api/resource/delJob.ts
index 8429d117824..20b1584054d 100644
--- a/frontend/providers/template/src/pages/api/resource/delJob.ts
+++ b/frontend/providers/template/src/pages/api/resource/delJob.ts
@@ -7,6 +7,7 @@ import { jsonRes } from '@/services/backend/response';
 export default async function handler(req: NextApiRequest, res: NextApiResponse<ApiResp>) {
   try {
     const { instanceName } = req.query as { instanceName: string };
+
     if (!instanceName) {
       throw new Error('Job name is empty');
     }
@@ -15,10 +16,22 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse<
       kubeconfig: await authSession(req.headers)
     });
 
-    // 删除 Job
-    const result = await k8sBatch.deleteNamespacedJob(instanceName, namespace);
+    const deleteOptions = {
+      propagationPolicy: 'Foreground'
+    };
+
+    const result = await k8sBatch.deleteNamespacedJob(
+      instanceName,
+      namespace,
+      undefined,
+      undefined,
+      undefined,
+      undefined,
+      deleteOptions.propagationPolicy,
+      deleteOptions
+    );
 
-    jsonRes(res, { data: result });
+    jsonRes(res, { data: 'success' });
   } catch (err: any) {
     jsonRes(res, {
       code: 500,
diff --git a/frontend/providers/workorder/public/locales/en/common.json b/frontend/providers/workorder/public/locales/en/common.json
index 8b064dd7c91..543ecf3656c 100644
--- a/frontend/providers/workorder/public/locales/en/common.json
+++ b/frontend/providers/workorder/public/locales/en/common.json
@@ -63,5 +63,6 @@
   "userId": "userId",
   "other": "other",
   "fastgpt": "FastGPT",
-  "account_center": "Account Center"
-}
\ No newline at end of file
+  "account_center": "Account Center",
+  "input_placeholder": "Enter your message here, you can paste the picture and upload it directly"
+}
diff --git a/frontend/providers/workorder/public/locales/zh/common.json b/frontend/providers/workorder/public/locales/zh/common.json
index bc20ce70b92..fa4ffd93fd4 100644
--- a/frontend/providers/workorder/public/locales/zh/common.json
+++ b/frontend/providers/workorder/public/locales/zh/common.json
@@ -63,5 +63,6 @@
   "userId": "用户ID",
   "other": "其他",
   "fastgpt": "FastGPT",
-  "account_center": "账号中心"
-}
\ No newline at end of file
+  "account_center": "账号中心",
+  "input_placeholder": "在此输入消息，可粘贴图片直接上传"
+}
diff --git a/frontend/providers/workorder/src/pages/workorder/detail/components/AppBaseInfo.tsx b/frontend/providers/workorder/src/pages/workorder/detail/components/AppBaseInfo.tsx
index 9d11d1acb96..465f58060e3 100644
--- a/frontend/providers/workorder/src/pages/workorder/detail/components/AppBaseInfo.tsx
+++ b/frontend/providers/workorder/src/pages/workorder/detail/components/AppBaseInfo.tsx
@@ -126,8 +126,8 @@ const AppBaseInfo = ({ app }: { app: WorkOrderDB }) => {
           </Icon>
           <Text>{t('Description')}</Text>
         </Flex>
-        <Flex mt="12px" p={'16px'} borderRadius={'4px'} bg="#F8FAFB">
-          <Text color={'#24282C'}>{app?.description} </Text>
+        <Flex mt="12px" p={'16px'} borderRadius={'4px'} bg="#F8FAFB" overflow={'hidden'}>
+          <Text color={'#24282C'}>{app?.description}</Text>
         </Flex>
       </Box>
 
diff --git a/frontend/providers/workorder/src/pages/workorder/detail/components/AppMainInfo.tsx b/frontend/providers/workorder/src/pages/workorder/detail/components/AppMainInfo.tsx
index 5516700fa9a..51a6f45698f 100644
--- a/frontend/providers/workorder/src/pages/workorder/detail/components/AppMainInfo.tsx
+++ b/frontend/providers/workorder/src/pages/workorder/detail/components/AppMainInfo.tsx
@@ -23,7 +23,7 @@ import {
 import { fetchEventSource } from '@fortaine/fetch-event-source';
 import { throttle } from 'lodash';
 import { useTranslation } from 'next-i18next';
-import { useEffect, useLayoutEffect, useRef, useState } from 'react';
+import { useCallback, useEffect, useLayoutEffect, useRef, useState } from 'react';
 
 const statusAnimation = keyframes`
   0% {
@@ -331,6 +331,25 @@ const AppMainInfo = ({
     }
   }, [app?.dialogs, isManuallyHandled]);
 
+  const handlePaste = useCallback(async (e: React.ClipboardEvent) => {
+    const items = e.clipboardData.items;
+    const files: File[] = [];
+
+    for (let i = 0; i < items.length; i++) {
+      if (items[i].type.indexOf('image') !== -1) {
+        const blob = items[i].getAsFile();
+        if (blob) {
+          files.push(blob);
+        }
+      }
+    }
+
+    if (files.length > 0) {
+      e.preventDefault();
+      await uploadFiles(files);
+    }
+  }, []);
+
   return (
     <>
       <Text fontSize={'18px'} fontWeight={500} color={'#24282C'} mt="24px" ml="36px">
@@ -449,6 +468,7 @@ const AppMainInfo = ({
         }
         border={'1px solid #EAEBF0'}
         flexDirection={'column'}
+        onPaste={handlePaste}
       >
         {uploadedFiles && (
           <Flex alignItems={'center'} gap={'4px'} wrap={'wrap'} mb={'4px'}>
@@ -517,7 +537,7 @@ const AppMainInfo = ({
 
         <Textarea
           ref={TextareaDom}
-          placeholder="在这里输入你的消息..."
+          placeholder={t('input_placeholder')}
           variant={'unstyled'}
           value={text}
           p={'0'}
diff --git a/frontend/providers/workorder/src/pages/workorder/detail/components/Header.tsx b/frontend/providers/workorder/src/pages/workorder/detail/components/Header.tsx
index 734c772077d..27f08e3b39d 100644
--- a/frontend/providers/workorder/src/pages/workorder/detail/components/Header.tsx
+++ b/frontend/providers/workorder/src/pages/workorder/detail/components/Header.tsx
@@ -53,9 +53,10 @@ const Header = ({
         alignItems={'center'}
         cursor={'pointer'}
         onClick={() => {
-          router.replace({
+          router.push({
             pathname: '/workorders',
             query: {
+              page: router.query?.page,
               status: router.query?.status
             }
           });
diff --git a/frontend/providers/workorder/src/pages/workorder/detail/index.tsx b/frontend/providers/workorder/src/pages/workorder/detail/index.tsx
index 714dcf3eced..f886a8e28bc 100644
--- a/frontend/providers/workorder/src/pages/workorder/detail/index.tsx
+++ b/frontend/providers/workorder/src/pages/workorder/detail/index.tsx
@@ -96,6 +96,7 @@ export default function OrderDetail({ orderId }: { orderId: string }) {
           border={'1px solid #DEE0E2'}
           borderRadius={'md'}
           flexDirection={'column'}
+          overflow={'hidden'}
         >
           {workOrderDetail && workOrderDetail.dialogs?.length ? (
             <AppMainInfo
diff --git a/frontend/providers/workorder/src/pages/workorders/index.tsx b/frontend/providers/workorder/src/pages/workorders/index.tsx
index 3658fe02654..6b0bd09ad4f 100644
--- a/frontend/providers/workorder/src/pages/workorders/index.tsx
+++ b/frontend/providers/workorder/src/pages/workorders/index.tsx
@@ -21,9 +21,12 @@ function Home() {
   const { Loading } = useLoading();
   const { t } = useTranslation();
   const [initialized, setInitialized] = useState(false);
-  const [page, setPage] = useState(1);
-  const [pageSize, setPageSize] = useState(10);
   const router = useRouter();
+  const [page, setPage] = useState(() => {
+    const queryPage = Number(router.query.page);
+    return !isNaN(queryPage) && queryPage > 0 ? queryPage : 1;
+  });
+  const [pageSize, setPageSize] = useState(10);
   const [orderStatus, setOrderStatus] = useState<WorkOrderStatus>(
     (router.query?.status as WorkOrderStatus) || WorkOrderStatus.All
   );
@@ -169,9 +172,17 @@ function Home() {
       {!!data?.totalCount && (
         <Pagination
           totalItems={data?.totalCount || 0}
-          itemsPerPage={10}
+          itemsPerPage={pageSize}
           currentPage={page}
-          setCurrentPage={setPage}
+          setCurrentPage={(page) => {
+            router.push({
+              query: {
+                ...router.query,
+                page: page.toString()
+              }
+            });
+            setPage(page);
+          }}
         />
       )}
     </Flex>

From e1df7ce037f4a7996efa78bf94d44c31d5e9e227 Mon Sep 17 00:00:00 2001
From: zijiren <84728412+zijiren233@users.noreply.github.com>
Date: Mon, 21 Oct 2024 14:31:08 +0800
Subject: [PATCH 45/63] fix: controller tolerations (#5162)

---
 scripts/cloud/install.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/scripts/cloud/install.sh b/scripts/cloud/install.sh
index 8b4e8736bf3..ec69a168c54 100644
--- a/scripts/cloud/install.sh
+++ b/scripts/cloud/install.sh
@@ -437,6 +437,10 @@ spec:
         enabled: true
       nodeSelector:
         node-role.kubernetes.io/control-plane: ''
+      tolerations:
+        - key: node-role.kubernetes.io/control-plane
+          operator: Exists
+          effect: NoSchedule
       resources:
         requests:
           cpu: 256m

From 2e4544941de1c984a26321fcb6dc560898c23d29 Mon Sep 17 00:00:00 2001
From: Jiahui <4543bxy@gmail.com>
Date: Mon, 21 Oct 2024 15:43:07 +0800
Subject: [PATCH 46/63] operationrequest cr change to the user-system (#5144)

* operationrequest cr change to the user-system

* make pre-deploy

* move out using adapt rolebinding

* test

* operationrequest controller add user lock && add crd printcolumn: creationTimestamp
---
 controllers/user/Makefile                     |  4 +-
 .../user/api/v1/deleterequest_types.go        |  1 +
 .../user/api/v1/operationrequest_types.go     |  6 +-
 .../bases/user.sealos.io_deleterequests.yaml  | 23 +++--
 .../user.sealos.io_operationrequests.yaml     | 29 +++++--
 .../crd/bases/user.sealos.io_users.yaml       | 34 +++++---
 controllers/user/config/rbac/role.yaml        |  1 -
 .../user/config/webhook/manifests.yaml        |  2 -
 .../operationrequest_controller.go            | 62 +++++++++----
 .../user/deploy/manifests/deploy.yaml.tmpl    | 87 ++++++++++++-------
 controllers/user/main.go                      | 14 +--
 11 files changed, 172 insertions(+), 91 deletions(-)

diff --git a/controllers/user/Makefile b/controllers/user/Makefile
index 3fada975794..b585fcd4c90 100644
--- a/controllers/user/Makefile
+++ b/controllers/user/Makefile
@@ -123,8 +123,8 @@ CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen
 ENVTEST ?= $(LOCALBIN)/setup-envtest
 
 ## Tool Versions
-KUSTOMIZE_VERSION ?= v3.8.7
-CONTROLLER_TOOLS_VERSION ?= v0.10.0
+KUSTOMIZE_VERSION ?= v5.3.0
+CONTROLLER_TOOLS_VERSION ?= v0.14.0
 
 KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"
 .PHONY: kustomize
diff --git a/controllers/user/api/v1/deleterequest_types.go b/controllers/user/api/v1/deleterequest_types.go
index 387badd52a2..7b4ca3dd1fb 100644
--- a/controllers/user/api/v1/deleterequest_types.go
+++ b/controllers/user/api/v1/deleterequest_types.go
@@ -36,6 +36,7 @@ type DeleteRequestStatus struct {
 // +kubebuilder:resource:scope=Cluster
 //+kubebuilder:printcolumn:name="User",type="string",JSONPath=".spec.user"
 //+kubebuilder:printcolumn:name="Phase",type="string",JSONPath=".status.phase"
+//+kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
 
 // DeleteRequest is the Schema for the deleterequests API
 type DeleteRequest struct {
diff --git a/controllers/user/api/v1/operationrequest_types.go b/controllers/user/api/v1/operationrequest_types.go
index 481345252e1..8b0d2adf294 100644
--- a/controllers/user/api/v1/operationrequest_types.go
+++ b/controllers/user/api/v1/operationrequest_types.go
@@ -22,7 +22,9 @@ import (
 
 // OperationrequestSpec defines the desired state of Operationrequest
 type OperationrequestSpec struct {
-	User string `json:"user,omitempty"`
+	// Namespace is the workspace that needs to be operated.
+	Namespace string `json:"namespace,omitempty"`
+	User      string `json:"user,omitempty"`
 	// +kubebuilder:validation:Enum=Owner;Manager;Developer
 	Role RoleType `json:"role,omitempty"`
 	// +kubebuilder:validation:Enum=Grant;Update;Deprive
@@ -56,9 +58,11 @@ const (
 )
 
 //+kubebuilder:printcolumn:name="Action",type="string",JSONPath=".spec.action"
+//+kubebuilder:printcolumn:name="Namespace",type="string",JSONPath=".spec.namespace"
 //+kubebuilder:printcolumn:name="User",type="string",JSONPath=".spec.user"
 //+kubebuilder:printcolumn:name="Role",type="string",JSONPath=".spec.role"
 //+kubebuilder:printcolumn:name="Phase",type="string",JSONPath=".status.phase"
+//+kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
 //+kubebuilder:object:root=true
 //+kubebuilder:subresource:status
 
diff --git a/controllers/user/config/crd/bases/user.sealos.io_deleterequests.yaml b/controllers/user/config/crd/bases/user.sealos.io_deleterequests.yaml
index a457df17460..575311e7219 100644
--- a/controllers/user/config/crd/bases/user.sealos.io_deleterequests.yaml
+++ b/controllers/user/config/crd/bases/user.sealos.io_deleterequests.yaml
@@ -17,8 +17,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.10.0
-  creationTimestamp: null
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: deleterequests.user.sealos.io
 spec:
   group: user.sealos.io
@@ -36,20 +35,28 @@ spec:
     - jsonPath: .status.phase
       name: Phase
       type: string
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
     name: v1
     schema:
       openAPIV3Schema:
         description: DeleteRequest is the Schema for the deleterequests API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
diff --git a/controllers/user/config/crd/bases/user.sealos.io_operationrequests.yaml b/controllers/user/config/crd/bases/user.sealos.io_operationrequests.yaml
index 96537708dec..cfabdc44c85 100644
--- a/controllers/user/config/crd/bases/user.sealos.io_operationrequests.yaml
+++ b/controllers/user/config/crd/bases/user.sealos.io_operationrequests.yaml
@@ -17,8 +17,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.10.0
-  creationTimestamp: null
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: operationrequests.user.sealos.io
 spec:
   group: user.sealos.io
@@ -33,6 +32,9 @@ spec:
     - jsonPath: .spec.action
       name: Action
       type: string
+    - jsonPath: .spec.namespace
+      name: Namespace
+      type: string
     - jsonPath: .spec.user
       name: User
       type: string
@@ -42,20 +44,28 @@ spec:
     - jsonPath: .status.phase
       name: Phase
       type: string
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
     name: v1
     schema:
       openAPIV3Schema:
         description: Operationrequest is the Schema for the operation requests API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
@@ -68,6 +78,9 @@ spec:
                 - Update
                 - Deprive
                 type: string
+              namespace:
+                description: Namespace is the workspace that needs to be operated.
+                type: string
               role:
                 enum:
                 - Owner
diff --git a/controllers/user/config/crd/bases/user.sealos.io_users.yaml b/controllers/user/config/crd/bases/user.sealos.io_users.yaml
index 74a0a38c674..b11d6470840 100644
--- a/controllers/user/config/crd/bases/user.sealos.io_users.yaml
+++ b/controllers/user/config/crd/bases/user.sealos.io_users.yaml
@@ -17,8 +17,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.10.0
-  creationTimestamp: null
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: users.user.sealos.io
 spec:
   group: user.sealos.io
@@ -45,14 +44,19 @@ spec:
         description: User is the Schema for the users API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
@@ -61,12 +65,14 @@ spec:
             properties:
               csrExpirationSeconds:
                 default: 7200
-                description: "expirationSeconds is the requested duration of validity
-                  of the issued certificate. The certificate signer may issue a certificate
-                  with a different validity duration so a client must check the delta
-                  between the notBefore and notAfter fields in the issued certificate
-                  to determine the actual duration. \n The minimum valid value for
-                  expirationSeconds is 600, i.e. 10 minutes."
+                description: |-
+                  expirationSeconds is the requested duration of validity of the issued
+                  certificate. The certificate signer may issue a certificate with a different
+                  validity duration so a client must check the delta between the notBefore and
+                  notAfter fields in the issued certificate to determine the actual duration.
+
+
+                  The minimum valid value for expirationSeconds is 600, i.e. 10 minutes.
                 format: int32
                 type: integer
             type: object
diff --git a/controllers/user/config/rbac/role.yaml b/controllers/user/config/rbac/role.yaml
index a08d957d42f..4ce169d6ed5 100644
--- a/controllers/user/config/rbac/role.yaml
+++ b/controllers/user/config/rbac/role.yaml
@@ -16,7 +16,6 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  creationTimestamp: null
   name: manager-role
 rules:
 - apiGroups:
diff --git a/controllers/user/config/webhook/manifests.yaml b/controllers/user/config/webhook/manifests.yaml
index 7048ff3da51..f79982aeb70 100644
--- a/controllers/user/config/webhook/manifests.yaml
+++ b/controllers/user/config/webhook/manifests.yaml
@@ -16,7 +16,6 @@
 apiVersion: admissionregistration.k8s.io/v1
 kind: MutatingWebhookConfiguration
 metadata:
-  creationTimestamp: null
   name: mutating-webhook-configuration
 webhooks:
 - admissionReviewVersions:
@@ -63,7 +62,6 @@ webhooks:
 apiVersion: admissionregistration.k8s.io/v1
 kind: ValidatingWebhookConfiguration
 metadata:
-  creationTimestamp: null
   name: validating-webhook-configuration
 webhooks:
 - admissionReviewVersions:
diff --git a/controllers/user/controllers/operationrequest_controller.go b/controllers/user/controllers/operationrequest_controller.go
index d9bcab550d8..1691fd51436 100644
--- a/controllers/user/controllers/operationrequest_controller.go
+++ b/controllers/user/controllers/operationrequest_controller.go
@@ -19,8 +19,13 @@ package controllers
 import (
 	"context"
 	"fmt"
+	"sync"
 	"time"
 
+	"sigs.k8s.io/controller-runtime/pkg/builder"
+	"sigs.k8s.io/controller-runtime/pkg/event"
+	"sigs.k8s.io/controller-runtime/pkg/predicate"
+
 	"github.com/go-logr/logr"
 
 	util "github.com/labring/operator-sdk/controller"
@@ -48,6 +53,7 @@ type OperationReqReconciler struct {
 	Logger   logr.Logger
 	Scheme   *runtime.Scheme
 	Recorder record.EventRecorder
+	userLock map[string]*sync.Mutex
 
 	// expirationTime is the time duration of the request is expired
 	expirationTime time.Duration
@@ -68,9 +74,10 @@ func (r *OperationReqReconciler) SetupWithManager(mgr ctrl.Manager, opts util.Ra
 	r.Scheme = mgr.GetScheme()
 	r.expirationTime = expTime
 	r.retentionTime = retTime
+	r.userLock = make(map[string]*sync.Mutex)
 	r.Logger.V(1).Info("init reconcile operationrequest controller")
 	return ctrl.NewControllerManagedBy(mgr).
-		For(&userv1.Operationrequest{}).
+		For(&userv1.Operationrequest{}, builder.WithPredicates(namespaceOnlyPredicate(config.GetUserSystemNamespace()))).
 		WithOptions(controller.Options{
 			MaxConcurrentReconciles: util.GetConcurrent(opts),
 			RateLimiter:             util.GetRateLimiter(opts),
@@ -78,6 +85,23 @@ func (r *OperationReqReconciler) SetupWithManager(mgr ctrl.Manager, opts util.Ra
 		Complete(r)
 }
 
+func namespaceOnlyPredicate(namespace string) predicate.Predicate {
+	return predicate.Funcs{
+		CreateFunc: func(e event.CreateEvent) bool {
+			return e.Object.GetNamespace() == namespace
+		},
+		DeleteFunc: func(e event.DeleteEvent) bool {
+			return e.Object.GetNamespace() == namespace
+		},
+		UpdateFunc: func(e event.UpdateEvent) bool {
+			return e.ObjectNew.GetNamespace() == namespace
+		},
+		GenericFunc: func(e event.GenericEvent) bool {
+			return e.Object.GetNamespace() == namespace
+		},
+	}
+}
+
 // +kubebuilder:rbac:groups=user.sealos.io,resources=operationrequests,verbs=get;list;watch;create;update;patch;delete
 // +kubebuilder:rbac:groups=user.sealos.io,resources=operationrequests/status,verbs=get;update;patch
 // +kubebuilder:rbac:groups=user.sealos.io,resources=operationrequests/finalizers,verbs=update
@@ -91,6 +115,13 @@ func (r *OperationReqReconciler) Reconcile(ctx context.Context, req ctrl.Request
 }
 
 func (r *OperationReqReconciler) reconcile(ctx context.Context, request *userv1.Operationrequest) (ctrl.Result, error) {
+	userLock, ok := r.userLock[request.Spec.User]
+	if !ok {
+		userLock = &sync.Mutex{}
+		r.userLock[request.Spec.User] = userLock
+	}
+	userLock.Lock()
+	defer userLock.Unlock()
 	r.Logger.V(1).Info("start reconcile controller operationRequest", getLog(request)...)
 	// count the time cost of handling the request
 	startTime := time.Now()
@@ -136,17 +167,10 @@ func (r *OperationReqReconciler) reconcile(ctx context.Context, request *userv1.
 	)
 
 	user := &userv1.User{}
-	if err := r.Get(ctx, client.ObjectKey{Name: config.GetUserNameByNamespace(request.Namespace)}, user); err != nil {
+	if err := r.Get(ctx, client.ObjectKey{Name: config.GetUserNameByNamespace(request.Spec.Namespace)}, user); err != nil {
 		r.Recorder.Eventf(request, v1.EventTypeWarning, "Failed to get user", "Failed to get user %s", request.Spec.User)
 		return ctrl.Result{}, err
 	}
-	if request.Spec.Role == userv1.OwnerRoleType {
-		if user.Name == user.Annotations[userv1.UserAnnotationOwnerKey] {
-			// 不允许转移个人空间
-			r.Recorder.Eventf(request, v1.EventTypeWarning, "Failed to grant role", "Failed to grant role %s to user %s, cannot transfer personal workspace", request.Spec.Role, request.Spec.User)
-			return ctrl.Result{}, r.updateRequestStatus(ctx, request, userv1.RequestFailed)
-		}
-	}
 	bindUser := &userv1.User{}
 	if err := r.Get(ctx, client.ObjectKey{Name: request.Spec.User}, bindUser); err != nil {
 		r.Recorder.Eventf(request, v1.EventTypeWarning, "Failed to get bind user", "Failed to get bind user %s", request.Spec.User)
@@ -184,8 +208,12 @@ func (r *OperationReqReconciler) reconcile(ctx context.Context, request *userv1.
 			r.Recorder.Eventf(request, v1.EventTypeWarning, "Failed to delete rolebinding", "Failed to delete rolebinding %s/%s", rolebinding.Namespace, rolebinding.Name)
 			return ctrl.Result{}, err
 		}
-		if _, err := ctrl.CreateOrUpdate(ctx, r.Client, rolebinding, setUpOwnerReferenceFc); err != nil {
-			r.Recorder.Eventf(request, v1.EventTypeWarning, "Failed to create/update rolebinding", "Failed to create rolebinding %s/%s", rolebinding.Namespace, rolebinding.Name)
+		if err := r.Create(ctx, rolebinding); err != nil {
+			r.Recorder.Eventf(request, v1.EventTypeWarning, "Failed to create rolebinding", "Failed to create rolebinding %s/%s", rolebinding.Namespace, rolebinding.Name)
+			return ctrl.Result{}, err
+		}
+		if err = setUpOwnerReferenceFc(); err != nil {
+			r.Recorder.Eventf(request, v1.EventTypeWarning, "Failed to set owner reference", "Failed to set owner reference for rolebinding %s/%s", rolebinding.Namespace, rolebinding.Name)
 			return ctrl.Result{}, err
 		}
 		if request.Spec.Role == userv1.OwnerRoleType {
@@ -206,7 +234,7 @@ func (r *OperationReqReconciler) reconcile(ctx context.Context, request *userv1.
 		return ctrl.Result{}, err
 	}
 
-	r.Recorder.Eventf(request, v1.EventTypeNormal, "Completed", "Completed operation request %s/%s", request.Namespace, request.Name)
+	r.Recorder.Eventf(request, v1.EventTypeNormal, "Completed", "Completed operation request %s/%s", request.Spec.Namespace, request.Name)
 	return ctrl.Result{RequeueAfter: OperationReqRequeueDuration}, nil
 }
 
@@ -234,9 +262,9 @@ func (r *OperationReqReconciler) isExpired(request *userv1.Operationrequest) boo
 func (r *OperationReqReconciler) deleteRequest(ctx context.Context, request *userv1.Operationrequest) error {
 	r.Logger.V(1).Info("deleting OperationRequest", "request", request)
 	if err := r.Delete(ctx, request); client.IgnoreNotFound(err) != nil {
-		r.Recorder.Eventf(request, v1.EventTypeWarning, "Failed to delete OperationRequest", "Failed to delete OperationRequest %s/%s", request.Namespace, request.Name)
+		r.Recorder.Eventf(request, v1.EventTypeWarning, "Failed to delete OperationRequest", "Failed to delete OperationRequest %s/%s", request.Spec.Namespace, request.Name)
 		r.Logger.Error(err, "Failed to delete OperationRequest", getLog(request)...)
-		return fmt.Errorf("failed to delete OperationRequest %s/%s: %w", request.Namespace, request.Name, err)
+		return fmt.Errorf("failed to delete OperationRequest %s/%s: %w", request.Spec.Namespace, request.Name, err)
 	}
 	r.Logger.V(1).Info("delete OperationRequest success", getLog(request)...)
 	return nil
@@ -245,7 +273,7 @@ func (r *OperationReqReconciler) deleteRequest(ctx context.Context, request *use
 func (r *OperationReqReconciler) updateRequestStatus(ctx context.Context, request *userv1.Operationrequest, phase userv1.RequestPhase) error {
 	request.Status.Phase = phase
 	if err := r.Status().Update(ctx, request); err != nil {
-		r.Recorder.Eventf(request, v1.EventTypeWarning, "Failed to update OperationRequest status", "Failed to update OperationRequest status %s/%s", request.Namespace, request.Name)
+		r.Recorder.Eventf(request, v1.EventTypeWarning, "Failed to update OperationRequest status", "Failed to update OperationRequest status %s/%s", request.Spec.Namespace, request.Name)
 		r.Logger.V(1).Info("update OperationRequest status failed", getLog(request)...)
 		return err
 	}
@@ -257,7 +285,7 @@ func conventRequestToRolebinding(request *userv1.Operationrequest) *rbacv1.RoleB
 	return &rbacv1.RoleBinding{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      config.GetGroupRoleBindingName(request.Spec.User),
-			Namespace: request.Namespace,
+			Namespace: request.Spec.Namespace,
 			Annotations: map[string]string{
 				userAnnotationOwnerKey: request.Spec.User,
 			},
@@ -283,7 +311,7 @@ func conventRequestToRolebinding(request *userv1.Operationrequest) *rbacv1.RoleB
 func getLog(request *userv1.Operationrequest, kv ...interface{}) []interface{} {
 	return append([]interface{}{
 		"request.name", request.Name,
-		"request.namespace", request.Namespace,
+		"request.Spec.Namespace", request.Spec.Namespace,
 		"request.user", request.Spec.User,
 		"request.role", request.Spec.Role,
 		"request.action", request.Spec.Action,
diff --git a/controllers/user/deploy/manifests/deploy.yaml.tmpl b/controllers/user/deploy/manifests/deploy.yaml.tmpl
index 7ab425ebe02..c9a83881014 100644
--- a/controllers/user/deploy/manifests/deploy.yaml.tmpl
+++ b/controllers/user/deploy/manifests/deploy.yaml.tmpl
@@ -9,8 +9,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.10.0
-  creationTimestamp: null
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: deleterequests.user.sealos.io
 spec:
   group: user.sealos.io
@@ -28,20 +27,28 @@ spec:
     - jsonPath: .status.phase
       name: Phase
       type: string
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
     name: v1
     schema:
       openAPIV3Schema:
         description: DeleteRequest is the Schema for the deleterequests API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
@@ -72,8 +79,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.10.0
-  creationTimestamp: null
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: operationrequests.user.sealos.io
 spec:
   group: user.sealos.io
@@ -88,6 +94,9 @@ spec:
     - jsonPath: .spec.action
       name: Action
       type: string
+    - jsonPath: .spec.namespace
+      name: Namespace
+      type: string
     - jsonPath: .spec.user
       name: User
       type: string
@@ -97,20 +106,28 @@ spec:
     - jsonPath: .status.phase
       name: Phase
       type: string
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
     name: v1
     schema:
       openAPIV3Schema:
         description: Operationrequest is the Schema for the operation requests API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
@@ -123,6 +140,9 @@ spec:
                 - Update
                 - Deprive
                 type: string
+              namespace:
+                description: Namespace is the workspace that needs to be operated.
+                type: string
               role:
                 enum:
                 - Owner
@@ -155,8 +175,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.10.0
-  creationTimestamp: null
+    controller-gen.kubebuilder.io/version: v0.14.0
   name: users.user.sealos.io
 spec:
   group: user.sealos.io
@@ -183,14 +202,19 @@ spec:
         description: User is the Schema for the users API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
             type: string
           metadata:
             type: object
@@ -199,12 +223,14 @@ spec:
             properties:
               csrExpirationSeconds:
                 default: 7200
-                description: "expirationSeconds is the requested duration of validity
-                  of the issued certificate. The certificate signer may issue a certificate
-                  with a different validity duration so a client must check the delta
-                  between the notBefore and notAfter fields in the issued certificate
-                  to determine the actual duration. \n The minimum valid value for
-                  expirationSeconds is 600, i.e. 10 minutes."
+                description: |-
+                  expirationSeconds is the requested duration of validity of the issued
+                  certificate. The certificate signer may issue a certificate with a different
+                  validity duration so a client must check the delta between the notBefore and
+                  notAfter fields in the issued certificate to determine the actual duration.
+
+
+                  The minimum valid value for expirationSeconds is 600, i.e. 10 minutes.
                 format: int32
                 type: integer
             type: object
@@ -315,7 +341,6 @@ rules:
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  creationTimestamp: null
   name: user-manager-role
 rules:
 - apiGroups:
diff --git a/controllers/user/main.go b/controllers/user/main.go
index f52448906a0..7aee541e0e2 100644
--- a/controllers/user/main.go
+++ b/controllers/user/main.go
@@ -161,13 +161,13 @@ func main() {
 		setupLog.Error(err, "unable to create controller", "controller", "DeleteRequest")
 		os.Exit(1)
 	}
-	if err = (&controllers.AdaptRoleBindingReconciler{
-		Client: mgr.GetClient(),
-		Scheme: mgr.GetScheme(),
-	}).SetupWithManager(mgr); err != nil {
-		setupLog.Error(err, "unable to create controller", "controller", "AdaptRoleBinding")
-		os.Exit(1)
-	}
+	//if err = (&controllers.AdaptRoleBindingReconciler{
+	//	Client: mgr.GetClient(),
+	//	Scheme: mgr.GetScheme(),
+	//}).SetupWithManager(mgr); err != nil {
+	//	setupLog.Error(err, "unable to create controller", "controller", "AdaptRoleBinding")
+	//	os.Exit(1)
+	//}
 	//+kubebuilder:scaffold:builder
 
 	if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil {

From e2cf3030388878877acb9f2017c2f2c92645eda1 Mon Sep 17 00:00:00 2001
From: xudaotutou <13435638964@163.com>
Date: Mon, 21 Oct 2024 23:17:34 +0800
Subject: [PATCH 47/63] fix(desktop): fix operationRequest (#5161)

---
 .../desktop/public/locales/en/common.json     |  1 +
 .../desktop/public/locales/zh/common.json     |  1 +
 .../src/components/team/DissolveTeam.tsx      | 25 +++++++--------
 .../src/components/team/ModifyRole.tsx        | 30 +++++++++---------
 frontend/desktop/src/constants/account.ts     |  2 ++
 .../desktop/src/pages/WorkspaceInvite.tsx     | 31 +++++++------------
 .../src/pages/api/auth/namespace/abdicate.ts  | 10 +++---
 .../src/services/backend/svc/mergeUser.ts     |  1 +
 frontend/desktop/src/types/team.ts            | 11 +++++--
 .../costcenter/public/locales/en/applist.json | 21 +++++++------
 .../costcenter/public/locales/zh/applist.json |  3 +-
 11 files changed, 70 insertions(+), 66 deletions(-)

diff --git a/frontend/desktop/public/locales/en/common.json b/frontend/desktop/public/locales/en/common.json
index 37b147b2df8..c99e8045966 100644
--- a/frontend/desktop/public/locales/en/common.json
+++ b/frontend/desktop/public/locales/en/common.json
@@ -133,6 +133,7 @@
   "merge_account_tips2": "The account you are trying to bind has been used by another user. You can choose to merge accounts to manage your information and settings in a unified way. After the merge is completed, your private workspace may be converted into a regular workspace. Do you want to merge accounts now?",
   "merge_account_title": "Account has been bound",
   "message_center": "Message Center",
+	"modify_member": "Modify Member",
   "monitor": "Monitor",
   "more_apps": "More Apps",
   "name": "Name",
diff --git a/frontend/desktop/public/locales/zh/common.json b/frontend/desktop/public/locales/zh/common.json
index 55c9e609a63..da5db1fdae7 100644
--- a/frontend/desktop/public/locales/zh/common.json
+++ b/frontend/desktop/public/locales/zh/common.json
@@ -129,6 +129,7 @@
   "merge_account_tips2": "您尝试绑定的账号已被其他用户使用。您可以选择合并账户,以统一管理您的信息和设置。 在合并完成后，个人空间有可能转化为普通的工作空间，是否现在合并账户?",
   "merge_account_title": "账户已被绑定",
   "message_center": "消息中心",
+  "modify_member": "修改权限",
   "monitor": "监控",
   "more_apps": "更多应用",
   "name": "姓名",
diff --git a/frontend/desktop/src/components/team/DissolveTeam.tsx b/frontend/desktop/src/components/team/DissolveTeam.tsx
index 0843eab2a18..af3d225da07 100644
--- a/frontend/desktop/src/components/team/DissolveTeam.tsx
+++ b/frontend/desktop/src/components/team/DissolveTeam.tsx
@@ -1,26 +1,25 @@
+import { deleteTeamRequest } from '@/api/namespace';
+import { useCustomToast } from '@/hooks/useCustomToast';
+import useSessionStore from '@/stores/session';
+import { ApiResp } from '@/types';
 import {
   Button,
-  Image,
+  ButtonProps,
   Modal,
   ModalBody,
   ModalCloseButton,
   ModalContent,
   ModalHeader,
   ModalOverlay,
-  useDisclosure,
-  Text,
   Spinner,
-  ButtonProps
+  Text,
+  useDisclosure
 } from '@chakra-ui/react';
-import CustomInput from './Input';
-import { useState } from 'react';
-import { useCustomToast } from '@/hooks/useCustomToast';
+import { DeleteIcon } from '@sealos/ui';
 import { useMutation, useQueryClient } from '@tanstack/react-query';
-import { deleteTeamRequest } from '@/api/namespace';
-import useSessionStore from '@/stores/session';
-import { ApiResp } from '@/types';
 import { useTranslation } from 'next-i18next';
-import { DeleteIcon } from '@sealos/ui';
+import { useState } from 'react';
+import CustomInput from './Input';
 export default function DissolveTeam({
   nsid,
   ns_uid,
@@ -95,7 +94,7 @@ export default function DissolveTeam({
         >
           <ModalCloseButton right={'24px'} top="16px" p="0" />
           <ModalHeader bg={'white'} border={'none'} p="0">
-            Warning
+            {t('common:warning')}
           </ModalHeader>
           {mutation.isLoading ? (
             <Spinner mx="auto" />
@@ -108,7 +107,7 @@ export default function DissolveTeam({
                   e.preventDefault();
                   setTeamName(e.target.value);
                 }}
-                placeholder={t('common:name_of_team') || ''}
+                placeholder={t('common:team') || '' + ' ID'}
                 value={teamName}
               />
               <Button
diff --git a/frontend/desktop/src/components/team/ModifyRole.tsx b/frontend/desktop/src/components/team/ModifyRole.tsx
index 85e3fbfbe5d..94159f64a26 100644
--- a/frontend/desktop/src/components/team/ModifyRole.tsx
+++ b/frontend/desktop/src/components/team/ModifyRole.tsx
@@ -1,28 +1,28 @@
+import { modifyRoleRequest } from '@/api/namespace';
+import { useCustomToast } from '@/hooks/useCustomToast';
+import { ApiResp } from '@/types';
+import { ROLE_LIST, UserRole } from '@/types/team';
 import {
   Button,
+  ButtonProps,
+  Menu,
+  MenuButton,
+  MenuItem,
+  MenuList,
   Modal,
   ModalBody,
   ModalCloseButton,
   ModalContent,
   ModalHeader,
   ModalOverlay,
-  useDisclosure,
-  Menu,
-  MenuButton,
-  MenuList,
-  MenuItem,
-  Text,
   Spinner,
-  ButtonProps
+  Text,
+  useDisclosure
 } from '@chakra-ui/react';
-import { useState } from 'react';
-import { ROLE_LIST, UserRole } from '@/types/team';
+import { ExpanMoreIcon } from '@sealos/ui';
 import { useMutation, useQueryClient } from '@tanstack/react-query';
-import { modifyRoleRequest } from '@/api/namespace';
-import { useCustomToast } from '@/hooks/useCustomToast';
-import { ApiResp } from '@/types';
 import { useTranslation } from 'next-i18next';
-import { ExpanMoreIcon } from '@sealos/ui';
+import { useState } from 'react';
 export default function ModifyRole({
   ns_uid,
   k8s_username,
@@ -39,7 +39,7 @@ export default function ModifyRole({
 }) {
   const { onOpen, isOpen, onClose } = useDisclosure();
   const [role, setRole] = useState(currentRole);
-  const { t } = useTranslation();
+  const { t } = useTranslation(['common']);
   const queryClient = useQueryClient();
   const { toast } = useCustomToast({ status: 'error' });
   const mutation = useMutation({
@@ -83,7 +83,7 @@ export default function ModifyRole({
         >
           <ModalCloseButton right={'24px'} top="24px" p="0" />
           <ModalHeader bg={'white'} border={'none'} p="0">
-            modify member
+            {t('modify_member')}
           </ModalHeader>
           {mutation.isLoading ? (
             <Spinner mx="auto" />
diff --git a/frontend/desktop/src/constants/account.ts b/frontend/desktop/src/constants/account.ts
index 47b10618396..0ccc4f735e7 100644
--- a/frontend/desktop/src/constants/account.ts
+++ b/frontend/desktop/src/constants/account.ts
@@ -2,3 +2,5 @@ export const GUIDE_DESKTOP_INDEX_KEY = 'frontend.guide.desktop.index';
 export const LicenseFrontendKey = 'cloud.sealos.io/license-frontend';
 
 export const templateDeployKey = 'cloud.sealos.io/deploy-on-sealos';
+
+export const userSystemNamespace = 'user-system' as const;
diff --git a/frontend/desktop/src/pages/WorkspaceInvite.tsx b/frontend/desktop/src/pages/WorkspaceInvite.tsx
index 602265d8010..6179d0985a2 100644
--- a/frontend/desktop/src/pages/WorkspaceInvite.tsx
+++ b/frontend/desktop/src/pages/WorkspaceInvite.tsx
@@ -1,22 +1,17 @@
-import type { NextPage } from 'next';
-import { useRouter } from 'next/router';
-import useSessionStore from '@/stores/session';
-import { Button, Flex, HStack, Image, Spinner, Text, VStack } from '@chakra-ui/react';
-import { isString } from 'lodash';
-import { dehydrate, QueryClient, useMutation, useQuery } from '@tanstack/react-query';
-import {
-  getInviteCodeInfoRequest,
-  nsListRequest,
-  reciveAction,
-  verifyInviteCodeRequest
-} from '@/api/namespace';
+import { getInviteCodeInfoRequest, reciveAction, verifyInviteCodeRequest } from '@/api/namespace';
 import useCallbackStore from '@/stores/callback';
-import { useEffect } from 'react';
-import { useTranslation } from 'next-i18next';
+import { useConfigStore } from '@/stores/config';
+import useSessionStore from '@/stores/session';
 import { ROLE_LIST } from '@/types/team';
 import { compareFirstLanguages } from '@/utils/tools';
+import { Button, Flex, Image, Text, VStack } from '@chakra-ui/react';
+import { dehydrate, QueryClient, useMutation, useQuery } from '@tanstack/react-query';
+import { isString } from 'lodash';
+import type { NextPage } from 'next';
+import { useTranslation } from 'next-i18next';
 import { serverSideTranslations } from 'next-i18next/serverSideTranslations';
-import { useConfigStore } from '@/stores/config';
+import { useRouter } from 'next/router';
+import { useEffect } from 'react';
 
 const Callback: NextPage = () => {
   const router = useRouter();
@@ -70,17 +65,16 @@ const Callback: NextPage = () => {
       return () => clearTimeout(tag);
     }
   }, [statusCode, isValid, router]);
-  const acceptHandle = async () => {
+  const acceptHandle = async () =>
     verifyMutation
       .mutateAsync({
         code: inviteCode as string,
         action: reciveAction.Accepte
       })
-      .then(() => {
+      .finally(() => {
         reset();
         return;
       });
-  };
   const cancelHandle = () => {
     if (!isValid) return;
     reset();
@@ -113,7 +107,6 @@ const Callback: NextPage = () => {
           color={'white'}
           gap={'8px'}
         >
-          {' '}
           <Image boxSize={'34px'} borderRadius="full" src={logo} alt="logo" />
           <Text fontWeight={700} fontSize={'24px'}>
             Sealos
diff --git a/frontend/desktop/src/pages/api/auth/namespace/abdicate.ts b/frontend/desktop/src/pages/api/auth/namespace/abdicate.ts
index 568a8639663..e0ad3a47c80 100644
--- a/frontend/desktop/src/pages/api/auth/namespace/abdicate.ts
+++ b/frontend/desktop/src/pages/api/auth/namespace/abdicate.ts
@@ -1,12 +1,12 @@
+import { verifyAccessToken } from '@/services/backend/auth';
+import { prisma } from '@/services/backend/db/init';
 import { jsonRes } from '@/services/backend/response';
 import { modifyWorkspaceRole } from '@/services/backend/team';
 import { UserRole } from '@/types/team';
-import { NextApiRequest, NextApiResponse } from 'next';
-import { prisma } from '@/services/backend/db/init';
 import { retrySerially } from '@/utils/tools';
-import { validate as uuidValidate } from 'uuid';
+import { NextApiRequest, NextApiResponse } from 'next';
 import { JoinStatus, Role } from 'prisma/region/generated/client';
-import { verifyAccessToken } from '@/services/backend/auth';
+import { validate as uuidValidate } from 'uuid';
 
 export default async function handler(req: NextApiRequest, res: NextApiResponse) {
   try {
@@ -45,7 +45,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
     // modify K8S
     await modifyWorkspaceRole({
       action: 'Change',
-      pre_k8s_username: payload.userCrUid,
+      pre_k8s_username: payload.userCrName,
       k8s_username: target.userCr.crName,
       role: UserRole.Owner,
       workspaceId: target.workspace.id
diff --git a/frontend/desktop/src/services/backend/svc/mergeUser.ts b/frontend/desktop/src/services/backend/svc/mergeUser.ts
index d49403ad982..3a413ccda38 100644
--- a/frontend/desktop/src/services/backend/svc/mergeUser.ts
+++ b/frontend/desktop/src/services/backend/svc/mergeUser.ts
@@ -10,6 +10,7 @@ export const mergeUserSvc =
   (userUid: string, mergeUserUid: string) => async (res: NextApiResponse) => {
     const user = await globalPrisma.user.findUnique({
       where: {
+        status: UserStatus.NORMAL_USER,
         uid: userUid
       },
       include: {
diff --git a/frontend/desktop/src/types/team.ts b/frontend/desktop/src/types/team.ts
index 1447cfe99b5..211c46bd6dd 100644
--- a/frontend/desktop/src/types/team.ts
+++ b/frontend/desktop/src/types/team.ts
@@ -1,3 +1,4 @@
+import { userSystemNamespace } from '@/constants/account';
 import { UUID, createHash } from 'crypto';
 import * as yaml from 'js-yaml';
 export type RoleAction = 'Grant' | 'Deprive' | 'Change' | 'Create' | 'Modify';
@@ -22,9 +23,10 @@ type CRD = {
   kind: 'Operationrequest';
   metadata: {
     name: string;
-    namespace: string;
+    namespace: typeof userSystemNamespace;
   };
   spec: {
+    namespace: string;
     user: string;
     action: 'Deprive' | 'Grant' | 'Update';
     role: RoleType;
@@ -38,9 +40,10 @@ export const generateRequestCrd = ({
     kind: 'Operationrequest',
     metadata: {
       name: props.name,
-      namespace: props.namespace
+      namespace: userSystemNamespace
     },
     spec: {
+      namespace: props.namespace,
       user: props.user,
       action: props.action,
       role: props.role
@@ -58,6 +61,7 @@ type DeleteCRD = {
   kind: 'DeleteRequest';
   metadata: {
     name: string;
+    namespace: typeof userSystemNamespace;
   };
   spec: {
     user: string;
@@ -71,7 +75,8 @@ export const deleteRequestCrd = (props: DeleteCRD['spec']) => {
     apiVersion: 'user.sealos.io/v1',
     kind: 'DeleteRequest',
     metadata: {
-      name
+      name,
+      namespace: userSystemNamespace
     },
     spec: {
       user: props.user
diff --git a/frontend/providers/costcenter/public/locales/en/applist.json b/frontend/providers/costcenter/public/locales/en/applist.json
index 467fb03a914..46072e42cbb 100644
--- a/frontend/providers/costcenter/public/locales/en/applist.json
+++ b/frontend/providers/costcenter/public/locales/en/applist.json
@@ -1,13 +1,14 @@
 {
-	"TERMINAL": "TERMINAL",
-	"JOB":"JOB",
-	"OTHER": "OTHER",
-	"OBJECT-STORAGE": "OBJECT-STORAGE",
-	"CLOUD-VM":"CLOUD-VM",
-	"DB": "DATABASE",
-	"APP": "APP",
+	"TERMINAL": "Terminal",
+	"JOB":"CronJob",
+	"OTHER": "Other",
+	"OBJECT-STORAGE": "Object Storage",
+	"CLOUD-VM":"Cloud Server",
+	"DB": "Database",
+	"APP": "APP Launchpad",
 	"All APP": "ALL APP",
-	"APP-STORE": "APP-STORE",
-	"DB-BACKUP": "DB-BACKUP",
-	"all_app_type": "ALL APP TYPE"
+	"APP-STORE": "APP Store",
+	"DB-BACKUP": "Database Backup",
+	"all_app_type": "ALL APP TYPE",
+	"DEV-BOX": "Devbox"
 }
\ No newline at end of file
diff --git a/frontend/providers/costcenter/public/locales/zh/applist.json b/frontend/providers/costcenter/public/locales/zh/applist.json
index 2f4f1a5a27e..42e365d65ed 100644
--- a/frontend/providers/costcenter/public/locales/zh/applist.json
+++ b/frontend/providers/costcenter/public/locales/zh/applist.json
@@ -9,5 +9,6 @@
 	"All APP": "所有应用",
 	"APP-STORE": "应用商店",
 	"DB-BACKUP":"数据库备份",
-	"all_app_type": "所有应用类型"
+	"all_app_type": "所有应用类型",
+	"DEV-BOX": "Devbox"
 }
\ No newline at end of file

From 3cc67c4688b0e725668e13cbaaec5bc873b5fae1 Mon Sep 17 00:00:00 2001
From: yy <56745951+lingdie@users.noreply.github.com>
Date: Tue, 22 Oct 2024 10:46:22 +0800
Subject: [PATCH 48/63] fix: ci seg. (#5164)

---
 .github/workflows/cloud-release.yml | 22 ++++++++++++++--------
 1 file changed, 14 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/cloud-release.yml b/.github/workflows/cloud-release.yml
index a6715e4f9e0..4d8c3454548 100644
--- a/.github/workflows/cloud-release.yml
+++ b/.github/workflows/cloud-release.yml
@@ -68,6 +68,9 @@ jobs:
     needs:
       - release-cloud
     runs-on: self-hosted
+    env:
+      RELEASE_TAG: ${{ github.event.inputs.tag || github.event.release.tag_name }}
+      OSS_BUCKET: ${{ secrets.OSS_BUCKET }}
     steps:
       - name: Checkout
         uses: actions/checkout@v3
@@ -83,8 +86,8 @@ jobs:
           sudo sealos version
       - name: Build
         run: |
-          export CLOUD_VERSION=${{ github.event.inputs.tag || github.event.release.tag_name }}
-          export VERSION=${{ github.event.inputs.tag || github.event.release.tag_name }}
+          export CLOUD_VERSION="$RELEASE_TAG"
+          export VERSION="$RELEASE_TAG"
           export ARCH=amd64
           bash ./scripts/cloud/build-offline-tar.sh
       - name: Setup ossutil
@@ -97,13 +100,16 @@ jobs:
         run: cat ./sealos-cloud.tar.gz.md5
       - name: Upload
         run: |
-          ossutil cp ./sealos-cloud.tar.gz oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ github.event.inputs.tag || github.event.release.tag_name }}-amd64.tar.gz
-          ossutil cp ./sealos-cloud.tar.gz.md5 oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ github.event.inputs.tag || github.event.release.tag_name }}-amd64.tar.gz.md5
+          ossutil cp ./sealos-cloud.tar.gz "oss://$OSS_BUCKET/cloud/sealos-cloud-$RELEASE_TAG-amd64.tar.gz"
+          ossutil cp ./sealos-cloud.tar.gz.md5 "oss://$OSS_BUCKET/cloud/sealos-cloud-$RELEASE_TAG-amd64.tar.gz.md5"
 
   release-arm-offline-tar:
     needs:
       - release-cloud
     runs-on: self-hosted
+    env:
+      RELEASE_TAG: ${{ github.event.inputs.tag || github.event.release.tag_name }}
+      OSS_BUCKET: ${{ secrets.OSS_BUCKET }}
     steps:
       - name: Checkout
         uses: actions/checkout@v3
@@ -119,8 +125,8 @@ jobs:
           sudo sealos version
       - name: Build
         run: |
-          export CLOUD_VERSION=${{ github.event.inputs.tag || github.event.release.tag_name }}
-          export VERSION=${{ github.event.inputs.tag || github.event.release.tag_name }}
+          export CLOUD_VERSION="$RELEASE_TAG"
+          export VERSION="$RELEASE_TAG"
           export ARCH=arm64
           bash ./scripts/cloud/build-offline-tar.sh
       - name: Setup ossutil
@@ -133,5 +139,5 @@ jobs:
         run: cat ./sealos-cloud.tar.gz.md5
       - name: Upload
         run: |
-          ossutil cp ./sealos-cloud.tar.gz oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ github.event.inputs.tag || github.event.release.tag_name }}-arm64.tar.gz
-          ossutil cp ./sealos-cloud.tar.gz.md5 oss://${{ secrets.OSS_BUCKET }}/cloud/sealos-cloud-${{ github.event.inputs.tag || github.event.release.tag_name }}-arm64.tar.gz.md5
+          ossutil cp ./sealos-cloud.tar.gz "oss://$OSS_BUCKET/cloud/sealos-cloud-$RELEASE_TAG-arm64.tar.gz"
+          ossutil cp ./sealos-cloud.tar.gz.md5 "oss://$OSS_BUCKET/cloud/sealos-cloud-$RELEASE_TAG-arm64.tar.gz.md5"

From 0c58f5cb5e516bab88aa477e7fa36fcc3250f972 Mon Sep 17 00:00:00 2001
From: yy <56745951+lingdie@users.noreply.github.com>
Date: Tue, 22 Oct 2024 11:31:14 +0800
Subject: [PATCH 49/63] docs: add v5.0.1 zh-hans docs. (#5165)

---
 .../developer-guide/sealos/installation.md    | 22 +++++++++----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/docs/5.0/i18n/zh-Hans/developer-guide/sealos/installation.md b/docs/5.0/i18n/zh-Hans/developer-guide/sealos/installation.md
index bbe924dd257..6da7063433f 100644
--- a/docs/5.0/i18n/zh-Hans/developer-guide/sealos/installation.md
+++ b/docs/5.0/i18n/zh-Hans/developer-guide/sealos/installation.md
@@ -102,9 +102,9 @@ Sealos 需要使用证书来保证通信安全，默认在您不提供证书的
 
 使用 nip.io 作为 Sealos 的域名非常简单，只需在第一个 Master 节点上执行以下命令，并根据提示输入参数：
 
-```bash 
-$ curl -sfL https://mirror.ghproxy.com/https://raw.githubusercontent.com/labring/sealos/v5.0.0/scripts/cloud/install.sh -o /tmp/install.sh && bash /tmp/install.sh \
-  --cloud-version=v5.0.0 \
+```bash
+$ curl -sfL https://mirror.ghproxy.com/https://raw.githubusercontent.com/labring/sealos/v5.0.1/scripts/cloud/install.sh -o /tmp/install.sh && SEALOS_VERSION=v5.0.1 && bash /tmp/install.sh \
+  --cloud-version=v5.0.1 \
   --image-registry=registry.cn-shanghai.aliyuncs.com --zh \
   --proxy-prefix=https://mirror.ghproxy.com
 ```
@@ -147,8 +147,8 @@ cloud.example.io   A   192.168.1.10
 然后在第一个 Master 节点上执行以下命令，并根据提示输入参数：
 
 ```bash
-$ curl -sfL https://mirror.ghproxy.com/https://raw.githubusercontent.com/labring/sealos/v5.0.0/scripts/cloud/install.sh -o /tmp/install.sh && bash /tmp/install.sh \
-  --cloud-version=v5.0.0 \
+$ curl -sfL https://mirror.ghproxy.com/https://raw.githubusercontent.com/labring/sealos/v5.0.1/scripts/cloud/install.sh -o /tmp/install.sh && SEALOS_VERSION=v5.0.1 && bash /tmp/install.sh \
+  --cloud-version=v5.0.1 \
   --image-registry=registry.cn-shanghai.aliyuncs.com --zh \
   --proxy-prefix=https://mirror.ghproxy.com \
   --cloud-domain=<your_domain> \
@@ -174,8 +174,8 @@ cloud.example.io   A   192.168.1.10
 然后在第一个 Master 节点上执行以下命令，并根据提示输入参数：
 
 ```bash
-$ curl -sfL https://mirror.ghproxy.com/https://raw.githubusercontent.com/labring/sealos/v5.0.0/scripts/cloud/install.sh -o /tmp/install.sh && bash /tmp/install.sh \
-  --cloud-version=v5.0.0 \
+$ curl -sfL https://mirror.ghproxy.com/https://raw.githubusercontent.com/labring/sealos/v5.0.1/scripts/cloud/install.sh -o /tmp/install.sh && SEALOS_VERSION=v5.0.1 && bash /tmp/install.sh \
+  --cloud-version=v5.0.1 \
   --image-registry=registry.cn-shanghai.aliyuncs.com --zh \
   --proxy-prefix=https://mirror.ghproxy.com \
   --cloud-domain=<your_domain>
@@ -233,8 +233,8 @@ $ curl -sfL https://mirror.ghproxy.com/https://raw.githubusercontent.com/labring
 然后在第一个 Master 节点上执行以下命令，并根据提示输入参数：
 
 ```bash
-$ curl -sfL https://mirror.ghproxy.com/https://raw.githubusercontent.com/labring/sealos/v5.0.0/scripts/cloud/install.sh -o /tmp/install.sh && bash /tmp/install.sh \
-  --cloud-version=v5.0.0 \
+$ curl -sfL https://mirror.ghproxy.com/https://raw.githubusercontent.com/labring/sealos/v5.0.1/scripts/cloud/install.sh -o /tmp/install.sh && SEALOS_VERSION=v5.0.1 && bash /tmp/install.sh \
+  --cloud-version=v5.0.1 \
   --image-registry=registry.cn-shanghai.aliyuncs.com --zh \
   --proxy-prefix=https://mirror.ghproxy.com \
   --cloud-domain=<your_domain>
@@ -355,7 +355,7 @@ Linux 不同发行版更新根证书存储的命令不一样，用来保存私
   # update-ca-certificates 会添加 /etc/ca-certificates.conf 配置文件中指定的证书
   #   另外所有 /usr/local/share/ca-certificates/*.crt 会被列为隐式信任
   $ sudo update-ca-certificates
-  
+
   # - 删除
   $ sudo rm /usr/local/share/ca-certificates/root_ca.crt
   $ sudo update-ca-certificates --fresh
@@ -431,4 +431,4 @@ Linux 不同发行版更新根证书存储的命令不一样，用来保存私
 
 选择刚刚下载的 License 文件进行上传，然后点击右下角的「激活 License」，便可激活 License。
 
-   ![](images/sealos-cost-center.jpg)
\ No newline at end of file
+   ![](images/sealos-cost-center.jpg)

From 5e84ccb90dcaad63531702966386ec3271c4fc4a Mon Sep 17 00:00:00 2001
From: yy <56745951+lingdie@users.noreply.github.com>
Date: Tue, 22 Oct 2024 16:27:59 +0800
Subject: [PATCH 50/63] feat: add jwt secret in devbox secret. (#5166)

---
 .../devbox/internal/controller/devbox_controller.go    | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/controllers/devbox/internal/controller/devbox_controller.go b/controllers/devbox/internal/controller/devbox_controller.go
index 8cef15bade5..5fb887bd0fc 100644
--- a/controllers/devbox/internal/controller/devbox_controller.go
+++ b/controllers/devbox/internal/controller/devbox_controller.go
@@ -170,6 +170,15 @@ func (r *DevboxReconciler) syncSecret(ctx context.Context, devbox *devboxv1alpha
 	err := r.Get(ctx, client.ObjectKey{Namespace: devbox.Namespace, Name: devbox.Name}, devboxSecret)
 	if err == nil {
 		// Secret already exists, no need to create
+
+		// TODO: delete this code after we have a way to sync secret to devbox
+		// check if SEALOS_DEVBOX_JWT_SECRET is exist, if not exist, create it
+		if _, ok := devboxSecret.Data["SEALOS_DEVBOX_JWT_SECRET"]; !ok {
+			devboxSecret.Data["SEALOS_DEVBOX_JWT_SECRET"] = []byte(rand.String(32))
+			if err := r.Update(ctx, devboxSecret); err != nil {
+				return fmt.Errorf("failed to update secret: %w", err)
+			}
+		}
 		return nil
 	}
 	if client.IgnoreNotFound(err) != nil {
@@ -186,6 +195,7 @@ func (r *DevboxReconciler) syncSecret(ctx context.Context, devbox *devboxv1alpha
 		ObjectMeta: objectMeta,
 		Data: map[string][]byte{
 			"SEALOS_DEVBOX_PASSWORD":    []byte(rand.String(12)),
+			"SEALOS_DEVBOX_JWT_SECRET":  []byte(rand.String(32)),
 			"SEALOS_DEVBOX_PUBLIC_KEY":  publicKey,
 			"SEALOS_DEVBOX_PRIVATE_KEY": privateKey,
 		},

From 32f6973cbd08d4a0b67cb93bd3027baa84455db4 Mon Sep 17 00:00:00 2001
From: yy <56745951+lingdie@users.noreply.github.com>
Date: Wed, 23 Oct 2024 16:02:25 +0800
Subject: [PATCH 51/63] feat:  add runtime version and state. (#5169)

* feat: add jwt secret in devbox secret.

* add runtime version and state.
---
 .../devbox/api/v1alpha1/runtime_types.go      | 22 ++++++++++++++++--
 .../crd/bases/devbox.sealos.io_runtimes.yaml  | 23 ++++++++++++++++++-
 .../devbox/deploy/manifests/deploy.yaml.tmpl  | 23 ++++++++++++++++++-
 3 files changed, 64 insertions(+), 4 deletions(-)

diff --git a/controllers/devbox/api/v1alpha1/runtime_types.go b/controllers/devbox/api/v1alpha1/runtime_types.go
index cf1e6bf8045..52791dbf79b 100644
--- a/controllers/devbox/api/v1alpha1/runtime_types.go
+++ b/controllers/devbox/api/v1alpha1/runtime_types.go
@@ -72,12 +72,19 @@ type Component struct {
 	Version string `json:"version"`
 }
 
+type RuntimeState string
+
+const (
+	RuntimeStateActive     RuntimeState = "active"
+	RuntimeStateDeprecated RuntimeState = "deprecated"
+)
+
 // RuntimeSpec defines the desired state of Runtime
 type RuntimeSpec struct {
-	// +kubebuilder:validation:Required
-	Version string `json:"version"`
 	// +kubebuilder:validation:Required
 	ClassRef string `json:"classRef"`
+	// +kubebuilder:validation:Required
+	Version string `json:"version"`
 
 	// +kubebuilder:validation:Optional
 	Components []Component `json:"components,omitempty"`
@@ -88,6 +95,13 @@ type RuntimeSpec struct {
 
 	// +kubebuilder:validation:Required
 	Config Config `json:"config"`
+
+	// +kubebuilder:validation:Optional
+	RuntimeVersion string `json:"runtimeVersion,omitempty"`
+	// +kubebuilder:validation:Optional
+	// +kubebuilder:validation:Enum=active;deprecated
+	// +kubebuilder:default=active
+	State RuntimeState `json:"state,omitempty"`
 }
 
 // RuntimeStatus defines the observed state of Runtime
@@ -98,6 +112,10 @@ type RuntimeStatus struct {
 
 // +kubebuilder:object:root=true
 // +kubebuilder:subresource:status
+// +kubebuilder:printcolumn:name="Class",type=string,JSONPath=`.spec.classRef`
+// +kubebuilder:printcolumn:name="Version",type=string,JSONPath=`.spec.version`
+// +kubebuilder:printcolumn:name="RuntimeVersion",type=string,JSONPath=`.spec.runtimeVersion`
+// +kubebuilder:printcolumn:name="State",type=string,JSONPath=`.spec.state`
 
 // Runtime is the Schema for the runtimes API
 type Runtime struct {
diff --git a/controllers/devbox/config/crd/bases/devbox.sealos.io_runtimes.yaml b/controllers/devbox/config/crd/bases/devbox.sealos.io_runtimes.yaml
index bfaaa6eccbf..00ed31895c3 100644
--- a/controllers/devbox/config/crd/bases/devbox.sealos.io_runtimes.yaml
+++ b/controllers/devbox/config/crd/bases/devbox.sealos.io_runtimes.yaml
@@ -28,7 +28,20 @@ spec:
     singular: runtime
   scope: Namespaced
   versions:
-  - name: v1alpha1
+  - additionalPrinterColumns:
+    - jsonPath: .spec.classRef
+      name: Class
+      type: string
+    - jsonPath: .spec.version
+      name: Version
+      type: string
+    - jsonPath: .spec.runtimeVersion
+      name: RuntimeVersion
+      type: string
+    - jsonPath: .spec.state
+      name: State
+      type: string
+    name: v1alpha1
     schema:
       openAPIV3Schema:
         description: Runtime is the Schema for the runtimes API
@@ -2002,6 +2015,14 @@ spec:
                 type: object
               description:
                 type: string
+              runtimeVersion:
+                type: string
+              state:
+                default: active
+                enum:
+                - active
+                - deprecated
+                type: string
               version:
                 type: string
             required:
diff --git a/controllers/devbox/deploy/manifests/deploy.yaml.tmpl b/controllers/devbox/deploy/manifests/deploy.yaml.tmpl
index 92d3b7c6a9d..7286e29b5b8 100644
--- a/controllers/devbox/deploy/manifests/deploy.yaml.tmpl
+++ b/controllers/devbox/deploy/manifests/deploy.yaml.tmpl
@@ -3129,7 +3129,20 @@ spec:
     singular: runtime
   scope: Namespaced
   versions:
-  - name: v1alpha1
+  - additionalPrinterColumns:
+    - jsonPath: .spec.classRef
+      name: Class
+      type: string
+    - jsonPath: .spec.version
+      name: Version
+      type: string
+    - jsonPath: .spec.runtimeVersion
+      name: RuntimeVersion
+      type: string
+    - jsonPath: .spec.state
+      name: State
+      type: string
+    name: v1alpha1
     schema:
       openAPIV3Schema:
         description: Runtime is the Schema for the runtimes API
@@ -5103,6 +5116,14 @@ spec:
                 type: object
               description:
                 type: string
+              runtimeVersion:
+                type: string
+              state:
+                default: active
+                enum:
+                - active
+                - deprecated
+                type: string
               version:
                 type: string
             required:

From 786c5189481736c7b8b7194ad4c4f52c22ac9919 Mon Sep 17 00:00:00 2001
From: xzy <ziyi@sealos.io>
Date: Wed, 23 Oct 2024 18:29:43 +0800
Subject: [PATCH 52/63] update password (#4952)

---
 .../api/v1/objectstorageuser_types.go         |  4 ++++
 ...torage.sealos.io_objectstoragebuckets.yaml | 14 -----------
 ...tstorage.sealos.io_objectstorageusers.yaml | 23 ++++++++-----------
 .../objectstorage/config/rbac/role.yaml       | 14 -----------
 .../objectstorageuser_controller.go           | 16 +++++++++++++
 5 files changed, 29 insertions(+), 42 deletions(-)

diff --git a/controllers/objectstorage/api/v1/objectstorageuser_types.go b/controllers/objectstorage/api/v1/objectstorageuser_types.go
index 4728948d9fd..98d582a71ea 100644
--- a/controllers/objectstorage/api/v1/objectstorageuser_types.go
+++ b/controllers/objectstorage/api/v1/objectstorageuser_types.go
@@ -22,6 +22,8 @@ import (
 
 // ObjectStorageUserSpec defines the desired state of ObjectStorageUser
 type ObjectStorageUserSpec struct {
+	// +kubebuilder:default=0
+	SecretKeyVersion int64 `json:"secretKeyVersion,omitempty"`
 }
 
 // ObjectStorageUserStatus defines the observed state of ObjectStorageUser
@@ -34,6 +36,8 @@ type ObjectStorageUserStatus struct {
 	SecretKey    string `json:"secretKey,omitempty"`
 	Internal     string `json:"internal,omitempty"`
 	External     string `json:"external,omitempty"`
+	// +kubebuilder:default=0
+	SecretKeyVersion int64 `json:"secretKeyVersion,omitempty"`
 }
 
 //+kubebuilder:object:root=true
diff --git a/controllers/objectstorage/config/crd/bases/objectstorage.sealos.io_objectstoragebuckets.yaml b/controllers/objectstorage/config/crd/bases/objectstorage.sealos.io_objectstoragebuckets.yaml
index 254bd7fcfc7..3812e65198a 100644
--- a/controllers/objectstorage/config/crd/bases/objectstorage.sealos.io_objectstoragebuckets.yaml
+++ b/controllers/objectstorage/config/crd/bases/objectstorage.sealos.io_objectstoragebuckets.yaml
@@ -1,17 +1,3 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
diff --git a/controllers/objectstorage/config/crd/bases/objectstorage.sealos.io_objectstorageusers.yaml b/controllers/objectstorage/config/crd/bases/objectstorage.sealos.io_objectstorageusers.yaml
index d4f1fa1e20e..c305ca5f830 100644
--- a/controllers/objectstorage/config/crd/bases/objectstorage.sealos.io_objectstorageusers.yaml
+++ b/controllers/objectstorage/config/crd/bases/objectstorage.sealos.io_objectstorageusers.yaml
@@ -1,17 +1,3 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
@@ -48,6 +34,11 @@ spec:
               type: object
             spec:
               description: ObjectStorageUserSpec defines the desired state of ObjectStorageUser
+              properties:
+                secretKeyVersion:
+                  default: 0
+                  format: int64
+                  type: integer
               type: object
             status:
               description: ObjectStorageUserStatus defines the observed state of ObjectStorageUser
@@ -66,6 +57,10 @@ spec:
                   type: integer
                 secretKey:
                   type: string
+                secretKeyVersion:
+                  default: 0
+                  format: int64
+                  type: integer
                 size:
                   description: unit is byte
                   format: int64
diff --git a/controllers/objectstorage/config/rbac/role.yaml b/controllers/objectstorage/config/rbac/role.yaml
index c0deac9fd3e..1d012ee74ac 100644
--- a/controllers/objectstorage/config/rbac/role.yaml
+++ b/controllers/objectstorage/config/rbac/role.yaml
@@ -1,17 +1,3 @@
-# Copyright © 2023 sealos.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
diff --git a/controllers/objectstorage/controllers/objectstorageuser_controller.go b/controllers/objectstorage/controllers/objectstorageuser_controller.go
index 722d912da05..0b85da99b4d 100644
--- a/controllers/objectstorage/controllers/objectstorageuser_controller.go
+++ b/controllers/objectstorage/controllers/objectstorageuser_controller.go
@@ -153,6 +153,15 @@ func (r *ObjectStorageUserReconciler) Reconcile(ctx context.Context, req ctrl.Re
 
 	updated := r.initObjectStorageUser(user, username, quota.Value())
 
+	pwdUpdated := false
+
+	if user.Spec.SecretKeyVersion > user.Status.SecretKeyVersion {
+		user.Status.SecretKey = rand.String(16)
+		user.Status.SecretKeyVersion = user.Spec.SecretKeyVersion
+		pwdUpdated = true
+		updated = true
+	}
+
 	accessKey := user.Status.AccessKey
 	secretKey := user.Status.SecretKey
 
@@ -170,6 +179,13 @@ func (r *ObjectStorageUserReconciler) Reconcile(ctx context.Context, req ctrl.Re
 		}
 	}
 
+	if pwdUpdated {
+		if err := r.OSAdminClient.SetUser(ctx, accessKey, secretKey, madmin.AccountEnabled); err != nil {
+			r.Logger.Error(err, "failed to set user secret key", "name", accessKey)
+		}
+		r.Logger.V(1).Info("[user] password change info", "name", user.Name, "spec secret key version", user.Spec.SecretKeyVersion)
+	}
+
 	secret := &corev1.Secret{}
 	if err := r.Get(ctx, client.ObjectKey{Name: OSKeySecret, Namespace: userNamespace}, secret); err != nil {
 		if !errors.IsNotFound(err) {

From a46c48a420fb465c7e2d5e61f3552d538558383e Mon Sep 17 00:00:00 2001
From: jingyang <72259332+zjy365@users.noreply.github.com>
Date: Thu, 24 Oct 2024 10:56:46 +0800
Subject: [PATCH 53/63] feat: add 1024 activity banner (#5171)

---
 docs/website/docusaurus.config.js             | 52 +++++++++----------
 .../src/components/SaleBanner/index.tsx       | 19 +++----
 .../src/pages/components/Header/index.scss    |  2 +-
 docs/website/src/pages/index.tsx              |  1 +
 4 files changed, 36 insertions(+), 38 deletions(-)

diff --git a/docs/website/docusaurus.config.js b/docs/website/docusaurus.config.js
index 19dc5010ad9..eccc6c41755 100644
--- a/docs/website/docusaurus.config.js
+++ b/docs/website/docusaurus.config.js
@@ -75,32 +75,32 @@ const config = {
 
   themeConfig: { // @type {import('@docusaurus/preset-classic').ThemeConfig}
     metadata: [{ name: 'title', content: 'Sealos by 环界云' }],
-    announcementBar: {
-      id: 'sealos_tip',
-      content: `
-      <div class="sealos-banner-box">
-        <div>${isDomesticSite ? 'If you are an international user, please visit 👉' : '如果您是国内用户，请直接访问 👉 '}</div>
-        <div class="sealos-banner-btn" onclick="window.open('${isDomesticSite ? 'https://sealos.io' : 'https://sealos.run'}', '_blank');">
-          ${isDomesticSite ? 'International Site' : '国内官网'}
-        </div>
-        <svg 
-          onclick="handleBannerClose()"
-          width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
-          <g clip-path="url(#clip0_1145_366)">
-            <path d="M12 22C6.477 22 2 17.523 2 12C2 6.477 6.477 2 12 2C17.523 2 22 6.477 22 12C22 17.523 17.523 22 12 22Z" fill="white" fill-opacity="0.16"/>
-            <path d="M12 21.75C6.61507 21.75 2.25 17.3849 2.25 12C2.25 6.61507 6.61507 2.25 12 2.25C17.3849 2.25 21.75 6.61507 21.75 12C21.75 17.3849 17.3849 21.75 12 21.75Z" stroke="white" stroke-opacity="0.1" stroke-width="0.5"/>
-            <path d="M9.17184 7.75696L11.9998 10.586L14.8278 7.75696L16.2428 9.17196L13.4138 12L16.2428 14.828L14.8278 16.243L11.9998 13.414L9.17184 16.243L7.75684 14.828L10.5858 12L7.75684 9.17196L9.17184 7.75696Z" fill="white"/>
-          </g>
-          <defs>
-            <clipPath id="clip0_1145_366">
-              <rect width="24" height="24" fill="white"/>
-            </clipPath>
-          </defs>
-        </svg>
-      </div>
-      `,
-      isCloseable: true,
-    },
+    // announcementBar: {
+    //   id: 'sealos_tip',
+    //   content: `
+    //   <div class="sealos-banner-box">
+    //     <div>${isDomesticSite ? 'If you are an international user, please visit 👉' : '如果您是国内用户，请直接访问 👉 '}</div>
+    //     <div class="sealos-banner-btn" onclick="window.open('${isDomesticSite ? 'https://sealos.io' : 'https://sealos.run'}', '_blank');">
+    //       ${isDomesticSite ? 'International Site' : '国内官网'}
+    //     </div>
+    //     <svg 
+    //       onclick="handleBannerClose()"
+    //       width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
+    //       <g clip-path="url(#clip0_1145_366)">
+    //         <path d="M12 22C6.477 22 2 17.523 2 12C2 6.477 6.477 2 12 2C17.523 2 22 6.477 22 12C22 17.523 17.523 22 12 22Z" fill="white" fill-opacity="0.16"/>
+    //         <path d="M12 21.75C6.61507 21.75 2.25 17.3849 2.25 12C2.25 6.61507 6.61507 2.25 12 2.25C17.3849 2.25 21.75 6.61507 21.75 12C21.75 17.3849 17.3849 21.75 12 21.75Z" stroke="white" stroke-opacity="0.1" stroke-width="0.5"/>
+    //         <path d="M9.17184 7.75696L11.9998 10.586L14.8278 7.75696L16.2428 9.17196L13.4138 12L16.2428 14.828L14.8278 16.243L11.9998 13.414L9.17184 16.243L7.75684 14.828L10.5858 12L7.75684 9.17196L9.17184 7.75696Z" fill="white"/>
+    //       </g>
+    //       <defs>
+    //         <clipPath id="clip0_1145_366">
+    //           <rect width="24" height="24" fill="white"/>
+    //         </clipPath>
+    //       </defs>
+    //     </svg>
+    //   </div>
+    //   `,
+    //   isCloseable: true,
+    // },
     algolia: {
       // Algolia 提供的应用 ID
       appId: "SLTSB7B9Y0",
diff --git a/docs/website/src/components/SaleBanner/index.tsx b/docs/website/src/components/SaleBanner/index.tsx
index cc5c8437a32..9bd6c86363b 100644
--- a/docs/website/src/components/SaleBanner/index.tsx
+++ b/docs/website/src/components/SaleBanner/index.tsx
@@ -13,11 +13,8 @@ export default function SaleBanner() {
     setIsBannerVisible(false);
   };
 
-  const goDetailFeishu = () => {
-    window.open(
-      `https://fael3z0zfze.feishu.cn/wiki/SzKowEuQji5coRkm5o8cm8oJn3L?from=from_copylink`,
-      '_blank'
-    );
+  const goDetail = () => {
+    window.open(`https://mp.weixin.qq.com/s/jzOfviMgXD85r2zMQWskvA`, '_blank');
   };
 
   useEffect(() => {
@@ -36,8 +33,8 @@ export default function SaleBanner() {
   return (
     <>
       <div className="sealos-banner-box">
-        <Translate>🎉Sealos 6.18 福利大放送！充值优惠限时开启，多充多送还有精美周边！</Translate>
-        <div className="sealos-banner-btn" onClick={goDetailFeishu}>
+        <Translate>🎉 1024 程序员节福利 Sealos 免费送你云资源</Translate>
+        <div className="sealos-banner-btn" onClick={goDetail}>
           活动详情
           <DrawIcon />
         </div>
@@ -50,13 +47,13 @@ export default function SaleBanner() {
             <span className="txt">Sealos</span>
           </div>
           <div className="sealos-banner-body">
-            <div className="banner-title">🎉Sealos 6.18 福利大放送！</div>
-            <div className="banner-subtitle">充值优惠限时开启</div>
-            <div className="banner-subtitle">多充多送还有精美周边！</div>
+            <div className="banner-title">🎉 Sealos 免费送你云资源</div>
+            <div className="banner-subtitle">1024 充值优惠限时开启</div>
+            <div className="banner-subtitle">体验Devbox，即送20余额</div>
             <div
               className="btn"
               onClick={() => {
-                window.open(`${cloudUrl}/?openapp=system-costcenter?openRecharge=true`, '_blank');
+                window.open(`${cloudUrl}/?openapp=system-devbox?openRecharge=true`, '_blank');
                 closeBanner();
               }}
             >
diff --git a/docs/website/src/pages/components/Header/index.scss b/docs/website/src/pages/components/Header/index.scss
index e2fb98dc33c..e7485d3068c 100644
--- a/docs/website/src/pages/components/Header/index.scss
+++ b/docs/website/src/pages/components/Header/index.scss
@@ -6,7 +6,7 @@
   justify-content: center;
   align-items: center;
   flex-direction: column;
-  // padding-top: 48px; // sale
+  padding-top: 48px; // sale
 
   .header-img {
     width: 100%;
diff --git a/docs/website/src/pages/index.tsx b/docs/website/src/pages/index.tsx
index 7e5c5ebef25..3ca262d0ba2 100644
--- a/docs/website/src/pages/index.tsx
+++ b/docs/website/src/pages/index.tsx
@@ -97,6 +97,7 @@ const Home = () => {
       </Helmet>
       <Layout>
         <div className="home">
+          <SaleBanner />
           <HomeHeader isPc={isPc} />
           <Capability isPc={isPc} />
           <Introduce isPc={isPc} />

From 4f2b768d1e3544fc73d22755a7bb610d3895be50 Mon Sep 17 00:00:00 2001
From: xzy <ziyi@sealos.io>
Date: Thu, 24 Oct 2024 15:54:03 +0800
Subject: [PATCH 54/63] add license (#5173)

---
 ...jectstorage.sealos.io_objectstoragebuckets.yaml | 14 ++++++++++++++
 ...objectstorage.sealos.io_objectstorageusers.yaml | 14 ++++++++++++++
 controllers/objectstorage/config/rbac/role.yaml    | 14 ++++++++++++++
 3 files changed, 42 insertions(+)

diff --git a/controllers/objectstorage/config/crd/bases/objectstorage.sealos.io_objectstoragebuckets.yaml b/controllers/objectstorage/config/crd/bases/objectstorage.sealos.io_objectstoragebuckets.yaml
index 3812e65198a..254bd7fcfc7 100644
--- a/controllers/objectstorage/config/crd/bases/objectstorage.sealos.io_objectstoragebuckets.yaml
+++ b/controllers/objectstorage/config/crd/bases/objectstorage.sealos.io_objectstoragebuckets.yaml
@@ -1,3 +1,17 @@
+# Copyright © 2023 sealos.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
diff --git a/controllers/objectstorage/config/crd/bases/objectstorage.sealos.io_objectstorageusers.yaml b/controllers/objectstorage/config/crd/bases/objectstorage.sealos.io_objectstorageusers.yaml
index c305ca5f830..8766ee1fb2c 100644
--- a/controllers/objectstorage/config/crd/bases/objectstorage.sealos.io_objectstorageusers.yaml
+++ b/controllers/objectstorage/config/crd/bases/objectstorage.sealos.io_objectstorageusers.yaml
@@ -1,3 +1,17 @@
+# Copyright © 2023 sealos.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
diff --git a/controllers/objectstorage/config/rbac/role.yaml b/controllers/objectstorage/config/rbac/role.yaml
index 1d012ee74ac..c0deac9fd3e 100644
--- a/controllers/objectstorage/config/rbac/role.yaml
+++ b/controllers/objectstorage/config/rbac/role.yaml
@@ -1,3 +1,17 @@
+# Copyright © 2023 sealos.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole

From b57e851c8332a6f44d2c68dea1e790db418dc3dc Mon Sep 17 00:00:00 2001
From: zzjin <zzjin@users.noreply.github.com>
Date: Thu, 24 Oct 2024 17:49:01 +0800
Subject: [PATCH 55/63] Add terminal auth secret (#5170)

* Add terminal auth secret, do not allow direct access from internal network.

Signed-off-by: zzjin <tczzjin@gmail.com>

* Do not reconcile when terminal CR spec not changed.

Signed-off-by: zzjin <tczzjin@gmail.com>

---------

Signed-off-by: zzjin <tczzjin@gmail.com>
---
 controllers/terminal/api/v1/terminal_types.go |  2 +-
 .../bases/terminal.sealos.io_terminals.yaml   |  7 +++--
 controllers/terminal/controllers/ingress.go   | 12 ++++++++-
 .../controllers/terminal_controller.go        | 26 +++++++++++++++++--
 .../deploy/manifests/deploy.yaml.tmpl         |  7 +++--
 frontend/providers/terminal/.env.template     |  2 +-
 frontend/providers/terminal/deploy/Kubefile   |  2 +-
 .../terminal/deploy/images/shim/imagelist     |  2 +-
 8 files changed, 45 insertions(+), 15 deletions(-)

diff --git a/controllers/terminal/api/v1/terminal_types.go b/controllers/terminal/api/v1/terminal_types.go
index 49701dd8bcf..97b6dca1006 100644
--- a/controllers/terminal/api/v1/terminal_types.go
+++ b/controllers/terminal/api/v1/terminal_types.go
@@ -56,6 +56,7 @@ type TerminalSpec struct {
 type TerminalStatus struct {
 	AvailableReplicas int32  `json:"availableReplicas"`
 	ServiceName       string `json:"serviceName"`
+	SecretHeader      string `json:"secretHeader"`
 	Domain            string `json:"domain"`
 }
 
@@ -64,7 +65,6 @@ type TerminalStatus struct {
 //+kubebuilder:printcolumn:name="User",type=string,JSONPath=".spec.user"
 //+kubebuilder:printcolumn:name="Keepalived",type=string,JSONPath=".spec.keepalived"
 //+kubebuilder:printcolumn:name="Domain",type=string,JSONPath=".status.domain"
-//+kubebuilder:printcolumn:name="APIServer",priority=1,type=string,JSONPath=".spec.apiServer"
 //+kubebuilder:printcolumn:name="LastUpdateTime",priority=1,type=string,JSONPath=".metadata.annotations.lastUpdateTime"
 //+kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
 
diff --git a/controllers/terminal/config/crd/bases/terminal.sealos.io_terminals.yaml b/controllers/terminal/config/crd/bases/terminal.sealos.io_terminals.yaml
index bb422284113..4ef9bcee596 100644
--- a/controllers/terminal/config/crd/bases/terminal.sealos.io_terminals.yaml
+++ b/controllers/terminal/config/crd/bases/terminal.sealos.io_terminals.yaml
@@ -38,10 +38,6 @@ spec:
     - jsonPath: .status.domain
       name: Domain
       type: string
-    - jsonPath: .spec.apiServer
-      name: APIServer
-      priority: 1
-      type: string
     - jsonPath: .metadata.annotations.lastUpdateTime
       name: LastUpdateTime
       priority: 1
@@ -107,11 +103,14 @@ spec:
                 type: integer
               domain:
                 type: string
+              secretHeader:
+                type: string
               serviceName:
                 type: string
             required:
             - availableReplicas
             - domain
+            - secretHeader
             - serviceName
             type: object
         type: object
diff --git a/controllers/terminal/controllers/ingress.go b/controllers/terminal/controllers/ingress.go
index 5f51091e5be..4ddaa93d563 100644
--- a/controllers/terminal/controllers/ingress.go
+++ b/controllers/terminal/controllers/ingress.go
@@ -37,6 +37,15 @@ if ($flag = '02'){ return 403; }`
 func (r *TerminalReconciler) createNginxIngress(terminal *terminalv1.Terminal, host string) *networkingv1.Ingress {
 	cors := fmt.Sprintf("https://%s,https://*.%s", r.CtrConfig.Global.CloudDomain+r.getPort(), r.CtrConfig.Global.CloudDomain+r.getPort())
 
+	secretHeader := terminal.Status.SecretHeader
+	configurationSnippet := safeConfigurationSnippet + `
+proxy_set_header Authorization "";
+proxy_set_header ` + secretHeader + ` "1";`
+
+	higressReqHeaderUpdate := `
+Authorization ""
+` + secretHeader + ` "1"`
+
 	objectMeta := metav1.ObjectMeta{
 		Name:      terminal.Name,
 		Namespace: terminal.Namespace,
@@ -50,7 +59,8 @@ func (r *TerminalReconciler) createNginxIngress(terminal *terminalv1.Terminal, h
 			"nginx.ingress.kubernetes.io/cors-allow-origin":      cors,
 			"nginx.ingress.kubernetes.io/cors-allow-methods":     "PUT, GET, POST, PATCH, OPTIONS",
 			"nginx.ingress.kubernetes.io/cors-allow-credentials": "false",
-			"nginx.ingress.kubernetes.io/configuration-snippet":  safeConfigurationSnippet,
+			"nginx.ingress.kubernetes.io/configuration-snippet":  configurationSnippet,
+			"higress.io/request-header-control-update":           higressReqHeaderUpdate,
 		},
 	}
 
diff --git a/controllers/terminal/controllers/terminal_controller.go b/controllers/terminal/controllers/terminal_controller.go
index 355d034924a..8035da62a65 100644
--- a/controllers/terminal/controllers/terminal_controller.go
+++ b/controllers/terminal/controllers/terminal_controller.go
@@ -18,6 +18,7 @@ package controllers
 
 import (
 	"context"
+	"strings"
 	"time"
 
 	"github.com/jaevor/go-nanoid"
@@ -32,9 +33,11 @@ import (
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/record"
 	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/builder"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 	"sigs.k8s.io/controller-runtime/pkg/log"
+	"sigs.k8s.io/controller-runtime/pkg/predicate"
 
 	"github.com/labring/sealos/controllers/pkg/utils/label"
 	terminalv1 "github.com/labring/sealos/controllers/terminal/api/v1"
@@ -65,6 +68,10 @@ const (
 	MemoryLimit   = "256Mi"
 )
 
+const (
+	SecretHeaderPrefix = "X-SEALOS-"
+)
+
 // TerminalReconciler reconciles a Terminal object
 type TerminalReconciler struct {
 	client.Client
@@ -123,6 +130,13 @@ func (r *TerminalReconciler) Reconcile(ctx context.Context, req ctrl.Request) (c
 		}
 	}
 
+	if terminal.Status.SecretHeader == "" {
+		terminal.Status.SecretHeader = r.generateSecretHeader()
+		if err := r.Status().Update(ctx, terminal); err != nil {
+			return ctrl.Result{}, err
+		}
+	}
+
 	recLabels := label.RecommendedLabels(&label.Recommended{
 		Name:      terminal.Name,
 		ManagedBy: label.DefaultManagedBy,
@@ -262,6 +276,8 @@ func (r *TerminalReconciler) syncDeployment(ctx context.Context, terminal *termi
 		{Name: "USER_TOKEN", Value: terminal.Spec.Token},
 		{Name: "NAMESPACE", Value: terminal.Namespace},
 		{Name: "USER_NAME", Value: terminal.Spec.User},
+		// Add secret header
+		{Name: "AUTH_HEADER", Value: terminal.Status.SecretHeader},
 	}
 
 	containers = []corev1.Container{
@@ -377,12 +393,18 @@ func (r *TerminalReconciler) getPort() string {
 	return ":" + r.CtrConfig.Global.CloudPort
 }
 
+func (r *TerminalReconciler) generateSecretHeader() string {
+	return SecretHeaderPrefix + strings.ToUpper(rand.String(5))
+}
+
 // SetupWithManager sets up the controller with the Manager.
 func (r *TerminalReconciler) SetupWithManager(mgr ctrl.Manager) error {
 	r.recorder = mgr.GetEventRecorderFor("sealos-terminal-controller")
 	r.Config = mgr.GetConfig()
 	return ctrl.NewControllerManagedBy(mgr).
-		For(&terminalv1.Terminal{}).
-		Owns(&appsv1.Deployment{}).Owns(&corev1.Service{}).Owns(&networkingv1.Ingress{}).
+		For(&terminalv1.Terminal{}, builder.WithPredicates(predicate.GenerationChangedPredicate{})).
+		Owns(&appsv1.Deployment{}, builder.WithPredicates(predicate.ResourceVersionChangedPredicate{})).
+		Owns(&corev1.Service{}, builder.WithPredicates(predicate.GenerationChangedPredicate{})).
+		Owns(&networkingv1.Ingress{}, builder.WithPredicates(predicate.GenerationChangedPredicate{})).
 		Complete(r)
 }
diff --git a/controllers/terminal/deploy/manifests/deploy.yaml.tmpl b/controllers/terminal/deploy/manifests/deploy.yaml.tmpl
index 51e6eb50941..c92a9e8c6c8 100644
--- a/controllers/terminal/deploy/manifests/deploy.yaml.tmpl
+++ b/controllers/terminal/deploy/manifests/deploy.yaml.tmpl
@@ -31,10 +31,6 @@ spec:
     - jsonPath: .status.domain
       name: Domain
       type: string
-    - jsonPath: .spec.apiServer
-      name: APIServer
-      priority: 1
-      type: string
     - jsonPath: .metadata.annotations.lastUpdateTime
       name: LastUpdateTime
       priority: 1
@@ -91,11 +87,14 @@ spec:
                 type: integer
               domain:
                 type: string
+              secretHeader:
+                type: string
               serviceName:
                 type: string
             required:
             - availableReplicas
             - domain
+            - secretHeader
             - serviceName
             type: object
         type: object
diff --git a/frontend/providers/terminal/.env.template b/frontend/providers/terminal/.env.template
index db591eb4dfa..ab07b515a07 100644
--- a/frontend/providers/terminal/.env.template
+++ b/frontend/providers/terminal/.env.template
@@ -1,4 +1,4 @@
 NEXT_PUBLIC_MOCK_KUBECONFIG=""
 SITE="cloud.sealos.io"
-TTYD_IMAGE="docker.io/labring4docker/terminal:1.20.4-6"
+TTYD_IMAGE="docker.io/labring4docker/terminal:1.23.2-1"
 KEEPALIVED="30m"
\ No newline at end of file
diff --git a/frontend/providers/terminal/deploy/Kubefile b/frontend/providers/terminal/deploy/Kubefile
index 148e9ca00c0..56eeff728d9 100644
--- a/frontend/providers/terminal/deploy/Kubefile
+++ b/frontend/providers/terminal/deploy/Kubefile
@@ -8,7 +8,7 @@ COPY manifests manifests
 ENV certSecretName="wildcard-cert"
 ENV cloudDomain="127.0.0.1.nip.io"
 ENV cloudPort=""
-ENV ttydImage="docker.io/labring4docker/terminal:1.20.4-6"
+ENV ttydImage="docker.io/labring4docker/terminal:1.23.2-1"
 ENV keepalived="30m"
 
 
diff --git a/frontend/providers/terminal/deploy/images/shim/imagelist b/frontend/providers/terminal/deploy/images/shim/imagelist
index 766831d1440..94c80fe764a 100644
--- a/frontend/providers/terminal/deploy/images/shim/imagelist
+++ b/frontend/providers/terminal/deploy/images/shim/imagelist
@@ -1 +1 @@
-docker.io/labring4docker/terminal:1.20.4-6
\ No newline at end of file
+docker.io/labring4docker/terminal:1.23.2-1
\ No newline at end of file

From d6af196e6592fab3d0d5a7b9e8b236f15c143656 Mon Sep 17 00:00:00 2001
From: xudaotutou <13435638964@163.com>
Date: Fri, 25 Oct 2024 20:26:34 +0800
Subject: [PATCH 56/63] style(costcenter): fix ratio (#5175)

---
 .../src/components/RechargeModal.tsx          | 47 ++++++++++++-------
 1 file changed, 30 insertions(+), 17 deletions(-)

diff --git a/frontend/providers/costcenter/src/components/RechargeModal.tsx b/frontend/providers/costcenter/src/components/RechargeModal.tsx
index 259f0743dda..24529ddc6b6 100644
--- a/frontend/providers/costcenter/src/components/RechargeModal.tsx
+++ b/frontend/providers/costcenter/src/components/RechargeModal.tsx
@@ -662,27 +662,40 @@ const RechargeModal = forwardRef(
                   {steps &&
                     ratios &&
                     steps.length === ratios.length &&
-                    steps.map((step, idx) => (
-                      <>
-                        <Text key={idx} px={'24px'} color={'grayModern.900'}>
-                          {step + '<='}
-                          {t('Recharge Amount')}
-                          {idx < steps.length - 1 ? `< ${steps[idx + 1]}` : ''}
-                        </Text>
-                        <Text px={'24px'} color={'grayModern.900'}>
-                          {t('Bonus')}
-                          {ratios[idx].toFixed(2)}%
-                        </Text>
-                      </>
-                    ))}
+                    steps
+                      .map(
+                        (step, idx, steps) =>
+                          [
+                            step,
+                            idx < steps.length - 1 ? steps[idx + 1] : undefined,
+                            ratios[idx]
+                          ] as const
+                      )
+                      .filter(([_, _2, ratio], idx) => {
+                        return ratio > 0;
+                      })
+                      .map(([pre, next, ratio], idx) => (
+                        <>
+                          <Text key={idx} pl={'24px'} color={'grayModern.900'}>
+                            {pre}
+                            {' <= '}
+                            {t('Recharge Amount')}
+                            {next ? `< ${next}` : ''}
+                          </Text>
+                          <Text px={'24px'} color={'grayModern.900'}>
+                            {t('Bonus')}
+                            {ratio.toFixed(2)}%
+                          </Text>
+                        </>
+                      ))}
                   {specialBonus &&
                     specialBonus.map(([k, v], i) => (
                       <>
-                        <Text key={i} px={'24px'} color={'grayModern.900'}>
-                          {k + '='} {t('Recharge Amount')}{' '}
+                        <Text key={i} pl={'24px'} color={'grayModern.900'}>
+                          {k} = {t('Recharge Amount')}{' '}
                         </Text>
-                        <Text px={'24px'} color={'grayModern.900'}>
-                          {t('Bonus')} {v}
+                        <Text pl={'24px'} color={'grayModern.900'}>
+                          {t('Bonus')} {v} %
                         </Text>
                       </>
                     ))}

From d1caf03170aaecedba9c0ca708b1e4db5a415383 Mon Sep 17 00:00:00 2001
From: jingyang <72259332+zjy365@users.noreply.github.com>
Date: Mon, 28 Oct 2024 13:19:40 +0800
Subject: [PATCH 57/63] fix:desktop getResource API and optimize alert icon
 (#5172)

* fix:desktop getResource API and optimize alert icon

* update banner
---
 .../src/pages/components/Header/index.scss        |  2 +-
 docs/website/src/pages/index.tsx                  |  2 +-
 frontend/desktop/src/components/account/index.tsx |  2 +-
 .../desktop/src/components/notification/index.tsx | 15 +++++++++++++--
 .../desktop/src/pages/api/desktop/getResource.ts  | 11 ++++++-----
 frontend/desktop/src/types/crd.ts                 |  2 +-
 .../ui/src/components/icons/NotificationIcon.tsx  |  4 ++--
 7 files changed, 25 insertions(+), 13 deletions(-)

diff --git a/docs/website/src/pages/components/Header/index.scss b/docs/website/src/pages/components/Header/index.scss
index e7485d3068c..e2fb98dc33c 100644
--- a/docs/website/src/pages/components/Header/index.scss
+++ b/docs/website/src/pages/components/Header/index.scss
@@ -6,7 +6,7 @@
   justify-content: center;
   align-items: center;
   flex-direction: column;
-  padding-top: 48px; // sale
+  // padding-top: 48px; // sale
 
   .header-img {
     width: 100%;
diff --git a/docs/website/src/pages/index.tsx b/docs/website/src/pages/index.tsx
index 3ca262d0ba2..88c4eac6dc6 100644
--- a/docs/website/src/pages/index.tsx
+++ b/docs/website/src/pages/index.tsx
@@ -97,7 +97,7 @@ const Home = () => {
       </Helmet>
       <Layout>
         <div className="home">
-          <SaleBanner />
+          {/* <SaleBanner /> */}
           <HomeHeader isPc={isPc} />
           <Capability isPc={isPc} />
           <Introduce isPc={isPc} />
diff --git a/frontend/desktop/src/components/account/index.tsx b/frontend/desktop/src/components/account/index.tsx
index 39c3052913d..fa907229490 100644
--- a/frontend/desktop/src/components/account/index.tsx
+++ b/frontend/desktop/src/components/account/index.tsx
@@ -144,7 +144,7 @@ export default function Account() {
 
           <CustomTooltip placement={'bottom'} label={t('common:notification')}>
             <Center cursor={'pointer'} {...baseItemStyle} onClick={() => showDisclosure.onOpen()}>
-              <NotificationIcon />
+              <NotificationIcon color={'white'} />
             </Center>
           </CustomTooltip>
           <Notification key={'notification'} disclosure={showDisclosure} onAmount={onAmount} />
diff --git a/frontend/desktop/src/components/notification/index.tsx b/frontend/desktop/src/components/notification/index.tsx
index b06b1b2be7d..0d0f704bcc8 100644
--- a/frontend/desktop/src/components/notification/index.tsx
+++ b/frontend/desktop/src/components/notification/index.tsx
@@ -3,7 +3,7 @@ import request from '@/services/request';
 import useAppStore from '@/stores/app';
 import { formatTime } from '@/utils/tools';
 import { Box, Button, Flex, Text, UseDisclosureReturn } from '@chakra-ui/react';
-import { ClearOutlineIcon, CloseIcon, WarnIcon, useMessage } from '@sealos/ui';
+import { ClearOutlineIcon, CloseIcon, NotificationIcon, WarnIcon, useMessage } from '@sealos/ui';
 import { useMutation, useQuery } from '@tanstack/react-query';
 import clsx from 'clsx';
 import { produce } from 'immer';
@@ -143,6 +143,17 @@ export default function Notification(props: NotificationProps) {
     }
   }, [i18n.language, refetch]);
 
+  const getNotificationIcon = (from: string | undefined) => {
+    switch (from) {
+      case 'Debt-System':
+        return <WarnIcon />;
+      case 'Active-System':
+        return '🎉';
+      default:
+        return <NotificationIcon color={'brightBlue.300'} />;
+    }
+  };
+
   return disclosure.isOpen ? (
     <>
       <Box className={styles.bg} onClick={resetMessageState} cursor={'auto'}></Box>
@@ -316,7 +327,7 @@ export default function Notification(props: NotificationProps) {
           color={'white'}
         >
           <Flex alignItems={'center'}>
-            <WarnIcon />
+            {getNotificationIcon(MessageConfig.popupMessage?.i18n['en']?.from)}
             <Text fontSize={'16px'} fontWeight={600} ml="10px">
               {MessageConfig.popupMessage?.i18n[i18n.language]?.title}
             </Text>
diff --git a/frontend/desktop/src/pages/api/desktop/getResource.ts b/frontend/desktop/src/pages/api/desktop/getResource.ts
index f8dc202a7f2..8e569580b53 100644
--- a/frontend/desktop/src/pages/api/desktop/getResource.ts
+++ b/frontend/desktop/src/pages/api/desktop/getResource.ts
@@ -27,14 +27,15 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
 
     for (const pod of result.body.items) {
       if (pod.status?.phase === 'Succeeded') continue;
+      if (!pod?.spec) continue;
+
       totalPodCount++;
 
-      if (pod.status?.phase === 'Running') {
-        runningPodCount++;
-      }
-      if (!pod?.spec) continue;
+      if (pod.status?.phase !== 'Running') continue;
+
+      runningPodCount++;
 
-      for (const container of pod.spec.containers) {
+      for (const container of pod?.spec.containers) {
         if (!container?.resources) continue;
         const limits = container?.resources.limits as {
           cpu: string;
diff --git a/frontend/desktop/src/types/crd.ts b/frontend/desktop/src/types/crd.ts
index 3a4f56f2a78..29dfc31595e 100644
--- a/frontend/desktop/src/types/crd.ts
+++ b/frontend/desktop/src/types/crd.ts
@@ -133,7 +133,7 @@ export type TNotification = {
   desktopPopup: boolean;
   i18n: {
     [key in string]: {
-      from: string;
+      from: string; // Debt-System Active-System
       message: string;
       title: string;
     };
diff --git a/frontend/packages/ui/src/components/icons/NotificationIcon.tsx b/frontend/packages/ui/src/components/icons/NotificationIcon.tsx
index f9ef5a22227..7e388bea317 100644
--- a/frontend/packages/ui/src/components/icons/NotificationIcon.tsx
+++ b/frontend/packages/ui/src/components/icons/NotificationIcon.tsx
@@ -7,13 +7,13 @@ export default function NotificationIcon(props: IconProps) {
       width="21px"
       height="20px"
       viewBox="0 0 21 20"
-      fill="none"
+      {...props}
     >
       <path
         fillRule="evenodd"
         clipRule="evenodd"
         d="M10.6247 2.81193C9.96309 2.81193 9.42672 3.3483 9.42672 4.00993C9.42672 4.18651 9.46461 4.35374 9.53298 4.5044C9.89085 4.44143 10.2565 4.40927 10.6247 4.40927C10.993 4.40927 11.3586 4.44143 11.7165 4.5044C11.7848 4.35374 11.8227 4.18651 11.8227 4.00993C11.8227 3.3483 11.2864 2.81193 10.6247 2.81193ZM13.2449 4.98549C13.3581 4.68167 13.4201 4.35287 13.4201 4.00993C13.4201 2.46611 12.1685 1.2146 10.6247 1.2146C9.0809 1.2146 7.82939 2.46611 7.82939 4.00993C7.82939 4.35287 7.89136 4.68167 8.00455 4.98549C7.53661 5.20494 7.10096 5.48473 6.71319 5.8208C5.65525 6.73768 5.03405 8.00783 5.03405 9.361C5.03405 11.0443 4.61854 12.2361 4.12939 13.0634L4.12128 13.0771C3.80675 13.609 3.5611 14.0245 3.39633 14.3227C3.31398 14.4718 3.24151 14.6099 3.18883 14.7282C3.1627 14.7869 3.13388 14.8574 3.11143 14.9322C3.09468 14.9879 3.05348 15.1325 3.07062 15.3078C3.08002 15.4041 3.10161 15.5952 3.21289 15.7903C3.32417 15.9853 3.4777 16.1012 3.55575 16.1583C3.68293 16.2513 3.8102 16.2912 3.87358 16.3087C3.94839 16.3294 4.02108 16.3417 4.08135 16.3497C4.20185 16.3659 4.34216 16.3741 4.48841 16.3792C4.77993 16.3893 5.18754 16.3893 5.70115 16.3893H7.5307C7.88534 17.7672 9.13614 18.7853 10.6247 18.7853C12.1133 18.7853 13.3641 17.7672 13.7187 16.3893H15.5483C16.0619 16.3893 16.4695 16.3893 16.761 16.3792C16.9073 16.3741 17.0476 16.3659 17.1681 16.3497C17.2284 16.3417 17.3011 16.3294 17.3759 16.3087C17.4392 16.2912 17.5665 16.2513 17.6937 16.1583C17.7717 16.1012 17.9253 15.9853 18.0366 15.7903C18.1478 15.5952 18.1694 15.4041 18.1788 15.3078C18.196 15.1325 18.1548 14.9879 18.138 14.9322C18.1156 14.8574 18.0867 14.7869 18.0606 14.7282C18.0079 14.6099 17.9355 14.4718 17.8531 14.3227C17.6883 14.0245 17.4427 13.609 17.1281 13.077L17.1201 13.0634C16.6309 12.2361 16.2154 11.0443 16.2154 9.361C16.2154 8.00783 15.5942 6.73768 14.5363 5.8208C14.1485 5.48473 13.7128 5.20494 13.2449 4.98549ZM11.834 6.16481C11.8442 6.16777 11.8543 6.17053 11.8645 6.17309C12.479 6.34249 13.0377 6.63576 13.4901 7.02788C14.2295 7.6687 14.6181 8.51125 14.6181 9.361C14.6181 11.3225 15.1064 12.7963 15.7451 13.8764C15.9648 14.2479 16.1429 14.5491 16.2821 14.7903C16.075 14.7919 15.8264 14.7919 15.53 14.7919H5.71946C5.42304 14.7919 5.1744 14.7919 4.96732 14.7903C5.10659 14.5491 5.28465 14.2479 5.50434 13.8764C6.14302 12.7963 6.63139 11.3225 6.63139 9.361C6.63139 8.51125 7.01993 7.6687 7.75934 7.02788C8.21179 6.63576 8.7704 6.34249 9.38493 6.17309C9.39513 6.17054 9.40529 6.16777 9.41541 6.16481C9.80105 6.06138 10.2083 6.0066 10.6247 6.0066C11.0412 6.0066 11.4484 6.06138 11.834 6.16481ZM9.24108 16.3893C9.51727 16.8667 10.0335 17.1879 10.6247 17.1879C11.216 17.1879 11.7322 16.8667 12.0084 16.3893H9.24108Z"
-        fill="white"
+        fill="currentColor"
       />
     </Icon>
   );

From b300a0c9457692de4c2f2f1bbc075847e75ca10c Mon Sep 17 00:00:00 2001
From: jingyang <72259332+zjy365@users.noreply.github.com>
Date: Mon, 28 Oct 2024 14:31:39 +0800
Subject: [PATCH 58/63] feat: support devbox token to fetch details API (#5154)

* feat: support devbox token to fetch details API

* update

* update ingress

* support runtime state
---
 frontend/pnpm-lock.yaml                       |   6 +
 .../app/api/getSSHConnectionInfo/route.ts     |  10 +-
 .../app/api/platform/getRuntime/route.ts      |  10 +-
 .../app/api/v1/getDevboxDetail/route.ts       |  99 +++++++++++++++++
 frontend/providers/devbox/package.json        |   2 +
 .../providers/devbox/services/backend/auth.ts |  43 +++++++
 .../devbox/services/backend/kubernetes.ts     |  10 +-
 frontend/providers/devbox/types/cluster.d.ts  | 105 ++++++++++++++++++
 frontend/providers/devbox/types/ingress.d.ts  |   6 +
 frontend/providers/devbox/types/k8s.d.ts      |   2 +
 frontend/providers/devbox/utils/adapt.ts      |  30 ++++-
 11 files changed, 314 insertions(+), 9 deletions(-)
 create mode 100644 frontend/providers/devbox/app/api/v1/getDevboxDetail/route.ts
 create mode 100644 frontend/providers/devbox/types/cluster.d.ts
 create mode 100644 frontend/providers/devbox/types/ingress.d.ts

diff --git a/frontend/pnpm-lock.yaml b/frontend/pnpm-lock.yaml
index b694e8c1fd9..db919018e26 100644
--- a/frontend/pnpm-lock.yaml
+++ b/frontend/pnpm-lock.yaml
@@ -1372,6 +1372,9 @@ importers:
       '@tanstack/react-query':
         specifier: ^4.35.3
         version: 4.36.1(react-dom@18.2.0)(react@18.2.0)
+      '@types/jsonwebtoken':
+        specifier: ^9.0.3
+        version: 9.0.5
       axios:
         specifier: ^1.7.3
         version: 1.7.3
@@ -1405,6 +1408,9 @@ importers:
       js-yaml:
         specifier: ^4.1.0
         version: 4.1.0
+      jsonwebtoken:
+        specifier: ^9.0.2
+        version: 9.0.2
       jszip:
         specifier: ^3.10.1
         version: 3.10.1
diff --git a/frontend/providers/devbox/app/api/getSSHConnectionInfo/route.ts b/frontend/providers/devbox/app/api/getSSHConnectionInfo/route.ts
index 260e302ae6f..780d9a78567 100644
--- a/frontend/providers/devbox/app/api/getSSHConnectionInfo/route.ts
+++ b/frontend/providers/devbox/app/api/getSSHConnectionInfo/route.ts
@@ -2,7 +2,7 @@ import { NextRequest } from 'next/server'
 
 import { KBRuntimeType } from '@/types/k8s'
 import { runtimeNamespace } from '@/stores/static'
-import { authSession } from '@/services/backend/auth'
+import { authSession, generateAccessToken } from '@/services/backend/auth'
 import { jsonRes } from '@/services/backend/response'
 import { getK8s } from '@/services/backend/kubernetes'
 
@@ -24,6 +24,12 @@ export async function GET(req: NextRequest) {
     const base64PublicKey = response.body.data?.['SEALOS_DEVBOX_PUBLIC_KEY'] as string
     const base64PrivateKey = response.body.data?.['SEALOS_DEVBOX_PRIVATE_KEY'] as string
 
+    const jwtSecret = Buffer.from(
+      response.body.data?.['SEALOS_DEVBOX_JWT_SECRET'] as string,
+      'base64'
+    ).toString('utf-8')
+    const token = generateAccessToken({ namespace, devboxName }, jwtSecret)
+
     const { body: runtime } = (await k8sCustomObjects.getNamespacedCustomObject(
       'devbox.sealos.io',
       'v1alpha1',
@@ -34,7 +40,7 @@ export async function GET(req: NextRequest) {
 
     const userName = runtime.spec.config.user
 
-    return jsonRes({ data: { base64PublicKey, base64PrivateKey, userName } })
+    return jsonRes({ data: { base64PublicKey, base64PrivateKey, userName, token } })
   } catch (err: any) {
     return jsonRes({
       code: 500,
diff --git a/frontend/providers/devbox/app/api/platform/getRuntime/route.ts b/frontend/providers/devbox/app/api/platform/getRuntime/route.ts
index d6dc0f79fed..e87040863aa 100644
--- a/frontend/providers/devbox/app/api/platform/getRuntime/route.ts
+++ b/frontend/providers/devbox/app/api/platform/getRuntime/route.ts
@@ -31,13 +31,15 @@ export async function GET(req: NextRequest) {
       runtimeNamespace,
       'runtimeclasses'
     )) as { body: { items: KBRuntimeClassType[] } }
-    const { body: runtimes } = (await k8sCustomObjects.listNamespacedCustomObject(
+    const { body: _runtimes } = (await k8sCustomObjects.listNamespacedCustomObject(
       'devbox.sealos.io',
       'v1alpha1',
       runtimeNamespace,
       'runtimes'
     )) as { body: { items: KBRuntimeType[] } }
 
+    let runtimes = _runtimes?.items?.filter((item) => item.spec.state === 'active')
+
     // runtimeClasses
     const languageList = runtimeClasses?.items.filter((item: any) => item.spec.kind === 'Language')
     languageTypeList.push(
@@ -72,7 +74,7 @@ export async function GET(req: NextRequest) {
     // runtimeVersions and runtimeNamespaceMap
     languageList.forEach((item: any) => {
       const language = item.metadata.name
-      const versions = runtimes?.items.filter((runtime: any) => runtime.spec.classRef === language)
+      const versions = runtimes.filter((runtime: any) => runtime.spec.classRef === language)
       languageVersionMap[language] = []
       versions.forEach((version: any) => {
         runtimeNamespaceMap[version.metadata.name] = item.metadata.namespace
@@ -93,7 +95,7 @@ export async function GET(req: NextRequest) {
 
     frameworkList.forEach((item: any) => {
       const framework = item.metadata.name
-      const versions = runtimes?.items.filter((runtime: any) => runtime.spec.classRef === framework)
+      const versions = runtimes.filter((runtime: any) => runtime.spec.classRef === framework)
       frameworkVersionMap[framework] = []
       versions.forEach((version: any) => {
         runtimeNamespaceMap[version.metadata.name] = item.metadata.namespace
@@ -113,7 +115,7 @@ export async function GET(req: NextRequest) {
     })
     osList.forEach((item: any) => {
       const os = item.metadata.name
-      const versions = runtimes?.items.filter((runtime: any) => runtime.spec.classRef === os)
+      const versions = runtimes.filter((runtime: any) => runtime.spec.classRef === os)
       osVersionMap[os] = []
       versions.forEach((version: any) => {
         runtimeNamespaceMap[version.metadata.name] = item.metadata.namespace
diff --git a/frontend/providers/devbox/app/api/v1/getDevboxDetail/route.ts b/frontend/providers/devbox/app/api/v1/getDevboxDetail/route.ts
new file mode 100644
index 00000000000..9d3d62f2b65
--- /dev/null
+++ b/frontend/providers/devbox/app/api/v1/getDevboxDetail/route.ts
@@ -0,0 +1,99 @@
+import { NextRequest } from 'next/server'
+
+import { devboxKey } from '@/constants/devbox'
+import { getPayloadWithoutVerification, verifyToken } from '@/services/backend/auth'
+import { getK8s } from '@/services/backend/kubernetes'
+import { jsonRes } from '@/services/backend/response'
+import { KBDevboxType } from '@/types/k8s'
+import { adaptDBListItem, adaptDevboxListItem, adaptIngressListItem } from '@/utils/adapt'
+import { KbPgClusterType } from '@/types/cluster'
+import { V1Ingress } from '@kubernetes/client-node'
+
+export const dynamic = 'force-dynamic'
+
+export async function GET(req: NextRequest) {
+  try {
+    const { payload, token } = getPayloadWithoutVerification(req.headers)
+    if (!payload || !token) {
+      return jsonRes({
+        code: 401,
+        error: 'Unauthorized'
+      })
+    }
+    const devboxName = payload.devboxName
+    const namespace = payload.namespace
+
+    const { k8sCore, k8sCustomObjects, k8sNetworkingApp } = await getK8s({
+      useDefaultConfig: true
+    })
+
+    const response = await k8sCore.readNamespacedSecret(devboxName, namespace)
+
+    const jwtSecret = Buffer.from(
+      response.body.data?.['SEALOS_DEVBOX_JWT_SECRET'] as string,
+      'base64'
+    ).toString('utf-8')
+
+    if (!verifyToken(token, jwtSecret)) {
+      return jsonRes({
+        code: 401,
+        error: 'Unauthorized'
+      })
+    }
+
+    const results = await Promise.allSettled([
+      k8sCustomObjects.getNamespacedCustomObject(
+        'devbox.sealos.io',
+        'v1alpha1',
+        namespace,
+        'devboxes',
+        devboxName
+      ),
+      k8sCustomObjects.listNamespacedCustomObject(
+        'apps.kubeblocks.io',
+        'v1alpha1',
+        namespace,
+        'clusters'
+      ),
+      k8sNetworkingApp.listNamespacedIngress(
+        namespace,
+        undefined,
+        undefined,
+        undefined,
+        undefined,
+        `${devboxKey}=${devboxName}`
+      )
+    ])
+
+    const [devboxResult, clustersResult, ingressesResult] = results
+
+    let devbox, clusters, ingresses
+
+    if (devboxResult.status === 'fulfilled') {
+      devbox = adaptDevboxListItem(devboxResult.value.body as KBDevboxType)
+    }
+
+    if (clustersResult.status === 'fulfilled') {
+      clusters = (clustersResult.value.body as { items: KbPgClusterType[] }).items.map(
+        adaptDBListItem
+      )
+    }
+
+    if (ingressesResult.status === 'fulfilled') {
+      ingresses = ingressesResult.value.body.items.map(adaptIngressListItem)
+    }
+
+    return jsonRes({
+      data: {
+        devbox,
+        clusters,
+        ingresses
+      }
+    })
+  } catch (err: any) {
+    return jsonRes({
+      code: 500,
+      error: err?.body || err
+    })
+  }
+}
diff --git a/frontend/providers/devbox/package.json b/frontend/providers/devbox/package.json
index 3faabd5bece..16c93a7e8e3 100644
--- a/frontend/providers/devbox/package.json
+++ b/frontend/providers/devbox/package.json
@@ -18,6 +18,7 @@
     "@kubernetes/client-node": "^0.21.0",
     "@sealos/ui": "workspace:^",
     "@tanstack/react-query": "^4.35.3",
+    "@types/jsonwebtoken": "^9.0.3",
     "axios": "^1.7.3",
     "date-fns": "^2.30.0",
     "dayjs": "^1.11.10",
@@ -29,6 +30,7 @@
     "ini": "^4.1.3",
     "js-cookie": "^3.0.5",
     "js-yaml": "^4.1.0",
+    "jsonwebtoken": "^9.0.2",
     "jszip": "^3.10.1",
     "lodash": "^4.17.21",
     "nanoid": "^4.0.2",
diff --git a/frontend/providers/devbox/services/backend/auth.ts b/frontend/providers/devbox/services/backend/auth.ts
index 08eb41caae5..d9853a3dac2 100644
--- a/frontend/providers/devbox/services/backend/auth.ts
+++ b/frontend/providers/devbox/services/backend/auth.ts
@@ -1,5 +1,11 @@
+import { decode, JwtPayload, sign, verify } from 'jsonwebtoken'
 import { ERROR_ENUM } from '../error'
 
+interface CustomJwtPayload extends JwtPayload {
+  namespace: string
+  devboxName: string
+}
+
 export const authSession = async (headers: Headers) => {
   if (!headers) return Promise.reject(ERROR_ENUM.unAuthorization)
 
@@ -14,3 +20,40 @@ export const authSession = async (headers: Headers) => {
     return Promise.reject(ERROR_ENUM.unAuthorization)
   }
 }
+
+export const getPayloadWithoutVerification = <T = CustomJwtPayload>(
+  headers: Headers
+): { payload: T | null; token: string | null } => {
+  try {
+    const authHeader = headers.get('authorization')
+    if (!authHeader) {
+      return { payload: null, token: null }
+    }
+    const token = authHeader.startsWith('Bearer ') ? authHeader.slice(7) : authHeader
+    const payload = decode(token) as T
+    return { payload, token }
+  } catch (err) {
+    console.log(err)
+    return { payload: null, token: null }
+  }
+}
+
+export const verifyToken = async (
+  token: string,
+  secret: string
+): Promise<CustomJwtPayload | null> => {
+  try {
+    const payload = verify(token, secret) as CustomJwtPayload
+    return payload
+  } catch (err) {
+    return null
+  }
+}
+
+export const generateAccessToken = (
+  payload: {
+    namespace: string
+    devboxName: string
+  },
+  secret: string
+) => sign(payload, secret, { expiresIn: '365d' })
diff --git a/frontend/providers/devbox/services/backend/kubernetes.ts b/frontend/providers/devbox/services/backend/kubernetes.ts
index 364374879e2..d7e0f481adc 100644
--- a/frontend/providers/devbox/services/backend/kubernetes.ts
+++ b/frontend/providers/devbox/services/backend/kubernetes.ts
@@ -253,8 +253,14 @@ export async function getUserBalance(kc: k8s.KubeConfig) {
   return 5
 }
 
-export async function getK8s({ kubeconfig }: { kubeconfig: string }) {
-  const kc = K8sApi(kubeconfig)
+export async function getK8s({
+  kubeconfig,
+  useDefaultConfig = false
+}: {
+  kubeconfig?: string
+  useDefaultConfig?: boolean
+}) {
+  const kc = useDefaultConfig ? K8sApiDefault() : K8sApi(kubeconfig)
   const kube_user = kc.getCurrentUser()
   const client = k8s.KubernetesObjectApi.makeApiClient(kc)
 
diff --git a/frontend/providers/devbox/types/cluster.d.ts b/frontend/providers/devbox/types/cluster.d.ts
new file mode 100644
index 00000000000..bf68c14030d
--- /dev/null
+++ b/frontend/providers/devbox/types/cluster.d.ts
@@ -0,0 +1,105 @@
+export enum DBTypeEnum {
+  postgresql = 'postgresql',
+  mongodb = 'mongodb',
+  mysql = 'apecloud-mysql',
+  redis = 'redis',
+  kafka = 'kafka',
+  qdrant = 'qdrant',
+  nebula = 'nebula',
+  weaviate = 'weaviate',
+  milvus = 'milvus'
+}
+
+export enum DBStatusEnum {
+  Creating = 'Creating',
+  Starting = 'Starting',
+  Stopping = 'Stopping',
+  Stopped = 'Stopped',
+  Running = 'Running',
+  Updating = 'Updating',
+  SpecUpdating = 'SpecUpdating',
+  Rebooting = 'Rebooting',
+  Upgrade = 'Upgrade',
+  VerticalScaling = 'VerticalScaling',
+  VolumeExpanding = 'VolumeExpanding',
+  Failed = 'Failed',
+  UnKnow = 'UnKnow',
+  Deleting = 'Deleting'
+}
+
+export type KbPgClusterType = {
+  apiVersion: 'apps.kubeblocks.io/v1alpha1'
+  kind: 'Cluster'
+  metadata: {
+    annotations: Record<string, string>
+    creationTimestamp: Date
+    labels: {
+      'clusterdefinition.kubeblocks.io/name': `${DBTypeEnum}`
+      'clusterversion.kubeblocks.io/name': string
+      'sealos-db-provider/postgresql': string
+      [key: string]: string
+    }
+    name: string
+    namespace: string
+    uid: string
+  }
+  spec: KubeBlockClusterSpec
+  status?: KubeBlockClusterStatus
+}
+
+export interface KubeBlockClusterSpec {
+  clusterDefinitionRef: `${DBTypeEnum}`
+  clusterVersionRef: string
+  terminationPolicy: string
+  componentSpecs: {
+    componentDefRef: `${DBTypeEnum}`
+    name: `${DBTypeEnum}`
+    replicas: number
+    resources: {
+      limits: {
+        cpu: string
+        memory: string
+      }
+      requests: {
+        cpu: string
+        memory: string
+      }
+    }
+    volumeClaimTemplates: {
+      name: 'data'
+      spec: {
+        accessModes: ['ReadWriteOnce']
+        resources: {
+          requests: {
+            storage: string
+          }
+        }
+      }
+    }[]
+  }[]
+  backup: {
+    enabled: boolean
+    cronExpression: string
+    method: string
+    pitrEnabled: boolean
+    repoName: string
+    retentionPeriod: string
+  }
+}
+export interface KubeBlockClusterStatus {
+  clusterDefGeneration: number
+  components: object
+  conditions: k8s.V1Condition[]
+  observedGeneration: number
+  phase: `${DBStatusEnum}`
+}
+
+export interface DBListItemType {
+  id: string
+  name: string
+  dbType: string
+  createTime: string
+  cpu: number
+  memory: number
+  storage: string
+}
diff --git a/frontend/providers/devbox/types/ingress.d.ts b/frontend/providers/devbox/types/ingress.d.ts
new file mode 100644
index 00000000000..3848c743b00
--- /dev/null
+++ b/frontend/providers/devbox/types/ingress.d.ts
@@ -0,0 +1,6 @@
+export interface IngressListItemType {
+  name: string
+  namespace: string
+  host: string
+  port: number
+}
diff --git a/frontend/providers/devbox/types/k8s.d.ts b/frontend/providers/devbox/types/k8s.d.ts
index c064f49a1f5..298b1644a28 100644
--- a/frontend/providers/devbox/types/k8s.d.ts
+++ b/frontend/providers/devbox/types/k8s.d.ts
@@ -150,6 +150,8 @@ export type KBRuntimeType = {
       kind: string // language
       version: string // v1.22.5
     }[]
+    state: string
+    runtimeVersion: string
   }
 }
 
diff --git a/frontend/providers/devbox/utils/adapt.ts b/frontend/providers/devbox/utils/adapt.ts
index 13ba2b9219d..4c1c44f8c08 100644
--- a/frontend/providers/devbox/utils/adapt.ts
+++ b/frontend/providers/devbox/utils/adapt.ts
@@ -9,7 +9,9 @@ import {
 import { calculateUptime, cpuFormatToM, formatPodTime, memoryFormatToMi } from '@/utils/tools'
 import { KBDevboxType, KBDevboxReleaseType } from '@/types/k8s'
 import { DevboxListItemType, DevboxVersionListItemType, PodDetailType } from '@/types/devbox'
-import { V1Pod } from '@kubernetes/client-node'
+import { V1Ingress, V1Pod } from '@kubernetes/client-node'
+import { DBListItemType, KbPgClusterType } from '@/types/cluster'
+import { IngressListItemType } from '@/types/ingress'
 
 export const adaptDevboxListItem = (devbox: KBDevboxType): DevboxListItemType => {
   return {
@@ -117,3 +119,29 @@ export const adaptPod = (pod: V1Pod): PodDetailType => {
     memory: memoryFormatToMi(pod.spec?.containers?.[0]?.resources?.limits?.memory || '0')
   }
 }
+
+export const adaptDBListItem = (db: KbPgClusterType): DBListItemType => {
+  return {
+    id: db.metadata?.uid || ``,
+    name: db.metadata?.name || 'db name',
+    dbType: db?.metadata?.labels['clusterdefinition.kubeblocks.io/name'] || 'postgresql',
+    createTime: dayjs(db.metadata?.creationTimestamp).format('YYYY/MM/DD HH:mm'),
+    cpu: cpuFormatToM(db.spec?.componentSpecs?.[0]?.resources?.limits?.cpu),
+    memory: cpuFormatToM(db.spec?.componentSpecs?.[0]?.resources?.limits?.memory),
+    storage:
+      db.spec?.componentSpecs?.[0]?.volumeClaimTemplates?.[0]?.spec?.resources?.requests?.storage ||
+      '-'
+  }
+}
+
+export const adaptIngressListItem = (ingress: V1Ingress): IngressListItemType => {
+  const firstRule = ingress.spec?.rules?.[0]
+  const firstPath = firstRule?.http?.paths?.[0]
+
+  return {
+    name: ingress.metadata?.name || '',
+    namespace: ingress.metadata?.namespace || '',
+    host: firstRule?.host || '',
+    port: firstPath?.backend?.service?.port?.number || 0
+  }
+}

From d1424a77108cc4b873e09ae400b9ee5a73de66c6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=B0=A2=E9=87=91=E8=99=8E?= <1050780355@qq.com>
Date: Mon, 28 Oct 2024 14:57:11 +0800
Subject: [PATCH 59/63] add quota monitor (#5167)

* add quota monitor
---
 service/exceptionmonitor/api/api.go           |   7 +
 .../helper/monitor/quota_monitor.go           | 127 ++++++++++++++++++
 .../helper/notification/feishu.go             |  96 ++++++++++++-
 service/exceptionmonitor/main.go              |   1 +
 4 files changed, 227 insertions(+), 4 deletions(-)
 create mode 100644 service/exceptionmonitor/helper/monitor/quota_monitor.go

diff --git a/service/exceptionmonitor/api/api.go b/service/exceptionmonitor/api/api.go
index 0a13961c5ff..1bc49255969 100644
--- a/service/exceptionmonitor/api/api.go
+++ b/service/exceptionmonitor/api/api.go
@@ -64,10 +64,12 @@ var (
 	DiskMonitor                       bool
 	CPUMemMonitor                     bool
 	BackupMonitor                     bool
+	QuotaMonitor                      bool
 	DatabaseDiskMonitorThreshold      float64
 	DatabaseExceptionMonitorThreshold float64
 	DatabaseCPUMonitorThreshold       float64
 	DatabaseMemMonitorThreshold       float64
+	QuotaThreshold                    float64
 	APPID                             string
 	APPSECRET                         string
 	DatabaseStatusMessageIDMap        = make(map[string]string)
@@ -75,6 +77,7 @@ var (
 	DatabaseCPUMessageIDMap           = make(map[string]string)
 	DatabaseMemMessageIDMap           = make(map[string]string)
 	DatabaseBackupMessageIDMap        = make(map[string]string)
+	QuotaMessageIDMap                 = make(map[string]string)
 )
 
 func GetENV() error {
@@ -91,10 +94,12 @@ func GetENV() error {
 	DiskMonitor, _ = strconv.ParseBool(getEnvWithCheck("DiskMonitor", &missingEnvVars))
 	CPUMemMonitor, _ = strconv.ParseBool(getEnvWithCheck("CPUMemMonitor", &missingEnvVars))
 	BackupMonitor, _ = strconv.ParseBool(getEnvWithCheck("BackupMonitor", &missingEnvVars))
+	QuotaMonitor, _ = strconv.ParseBool(getEnvWithCheck("QuotaMonitor", &missingEnvVars))
 	DatabaseDiskMonitorThreshold, _ = strconv.ParseFloat(getEnvWithCheck("DatabaseDiskMonitorThreshold", &missingEnvVars), 64)
 	DatabaseExceptionMonitorThreshold, _ = strconv.ParseFloat(getEnvWithCheck("DatabaseExceptionMonitorThreshold", &missingEnvVars), 64)
 	DatabaseCPUMonitorThreshold, _ = strconv.ParseFloat(getEnvWithCheck("DatabaseCPUMonitorThreshold", &missingEnvVars), 64)
 	DatabaseMemMonitorThreshold, _ = strconv.ParseFloat(getEnvWithCheck("DatabaseMemMonitorThreshold", &missingEnvVars), 64)
+	QuotaThreshold, _ = strconv.ParseFloat(getEnvWithCheck("QuotaThreshold", &missingEnvVars), 64)
 
 	if clusterNS != "" {
 		ClusterNS = strings.Split(clusterNS, ",")
@@ -112,6 +117,8 @@ func GetENV() error {
 		"FeishuWebhookURLImportant",
 		//Backup
 		"FeishuWebhookURLBackup",
+		//Quota
+		"FeishuWebhookURLQuota",
 	}, FeishuWebhookURLMap, &missingEnvVars)
 
 	// Get ClusterRegionMap
diff --git a/service/exceptionmonitor/helper/monitor/quota_monitor.go b/service/exceptionmonitor/helper/monitor/quota_monitor.go
new file mode 100644
index 00000000000..87a201381ff
--- /dev/null
+++ b/service/exceptionmonitor/helper/monitor/quota_monitor.go
@@ -0,0 +1,127 @@
+package monitor
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"strings"
+	"time"
+
+	"github.com/labring/sealos/service/exceptionmonitor/api"
+	"github.com/labring/sealos/service/exceptionmonitor/helper/notification"
+	v1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/api/resource"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+func QuotaMonitor() {
+	for api.QuotaMonitor {
+		if err := checkQuota(); err != nil {
+			log.Printf("Failed to check qouta: %v", err)
+		}
+		time.Sleep(3 * time.Hour)
+	}
+}
+
+func checkQuota() error {
+	namespaceList, _ := api.ClientSet.CoreV1().Namespaces().List(context.Background(), metav1.ListOptions{})
+
+	fmt.Println(len(namespaceList.Items))
+	for _, ns := range namespaceList.Items {
+		if !strings.Contains(ns.Name, "ns-") {
+			continue
+		}
+		quotaList, err := api.ClientSet.CoreV1().ResourceQuotas(ns.Name).List(context.Background(), metav1.ListOptions{})
+		if err != nil {
+			log.Printf("Failed to check quota: %v", err)
+		}
+		//user debt
+		if len(quotaList.Items) != 1 || quotaList.Items[0].Name != "quota-"+ns.Name {
+			continue
+		}
+		nsQuota := notification.NameSpaceQuota{
+			NameSpace: ns.Name,
+		}
+		notificationInfo := notification.Info{
+			ExceptionType:    "Quota",
+			PerformanceType:  "Quota",
+			NotificationType: "exception",
+		}
+		send := processQuota(quotaList, &nsQuota)
+		if send {
+			message := notification.GetQuotaMessage(&nsQuota)
+			if err := notification.SendFeishuNotification(notificationInfo, message, api.FeishuWebhookURLMap["FeishuWebhookURLQuota"]); err != nil {
+				log.Printf("Error sending exception notification:%v", err)
+			}
+		}
+	}
+	return nil
+}
+
+func processQuota(quotaList *v1.ResourceQuotaList, nsQuota *notification.NameSpaceQuota) bool {
+	send := false
+	for resourceName, hardQuantity := range quotaList.Items[0].Status.Hard {
+		usedQuantity, exists := quotaList.Items[0].Status.Used[resourceName]
+		if !exists {
+			usedQuantity = *resource.NewQuantity(0, hardQuantity.Format)
+		}
+
+		hardValue, err := quantityToFloat64(hardQuantity, string(resourceName))
+		if err != nil {
+			log.Printf("Analytic hard constraint error : %s , %v\n", resourceName, err)
+			continue
+		}
+
+		usedValue, err := quantityToFloat64(usedQuantity, string(resourceName))
+		if err != nil {
+			fmt.Printf("Analytic usage error :  %s , %v\n", resourceName, err)
+			continue
+		}
+
+		// usage
+		utilization := (usedValue / hardValue) * 100
+		if utilization > api.QuotaThreshold {
+			send = true
+			switch resourceName {
+			case "limits.cpu":
+				nsQuota.CPULimit = hardQuantity.String()
+				nsQuota.CPUUsage = fmt.Sprintf("%.2f%%", utilization)
+			case "limits.memory":
+				nsQuota.MemLimit = hardQuantity.String()
+				nsQuota.MemUsage = fmt.Sprintf("%.2f%%", utilization)
+			case "limits.nvidia.com/gpu":
+				nsQuota.GPULimit = hardQuantity.String()
+				nsQuota.GPUUsage = fmt.Sprintf("%.2f%%", utilization)
+			case "limits.ephemeral-storage":
+				nsQuota.EphemeralStorageLimit = hardQuantity.String()
+				nsQuota.EphemeralStorageUsage = fmt.Sprintf("%.2f%%", utilization)
+			case "objectstorage/size":
+				nsQuota.ObjectStorageLimit = hardQuantity.String()
+				nsQuota.ObjectStorageUsage = fmt.Sprintf("%.2f%%", utilization)
+			case "services.nodeports":
+				nsQuota.NodePortLimit = hardQuantity.String()
+				nsQuota.NodePortUsage = fmt.Sprintf("%.2f%%", utilization)
+			case "requests.storage":
+				nsQuota.StorageLimit = hardQuantity.String()
+				nsQuota.StorageUsage = fmt.Sprintf("%.2f%%", utilization)
+			}
+		}
+	}
+	return send
+}
+
+func quantityToFloat64(q resource.Quantity, resourceName string) (float64, error) {
+	switch resourceName {
+	case "limits.cpu", "requests.cpu", "cpu",
+		"limits.nvidia.com/gpu", "requests.nvidia.com/gpu":
+		return float64(q.MilliValue()), nil
+	case "limits.memory", "requests.memory", "memory",
+		"limits.ephemeral-storage", "requests.ephemeral-storage",
+		"requests.storage", "objectstorage/size":
+		return float64(q.Value()), nil
+	case "services.nodeports":
+		return float64(q.Value()), nil
+	default:
+		return q.AsApproximateFloat64(), nil
+	}
+}
diff --git a/service/exceptionmonitor/helper/notification/feishu.go b/service/exceptionmonitor/helper/notification/feishu.go
index 90d419af832..312547f9866 100644
--- a/service/exceptionmonitor/helper/notification/feishu.go
+++ b/service/exceptionmonitor/helper/notification/feishu.go
@@ -35,6 +35,24 @@ type Info struct {
 	ExceptionType       string
 }
 
+type NameSpaceQuota struct {
+	NameSpace             string
+	CPULimit              string
+	MemLimit              string
+	GPULimit              string
+	EphemeralStorageLimit string
+	ObjectStorageLimit    string
+	NodePortLimit         string
+	StorageLimit          string
+	CPUUsage              string
+	MemUsage              string
+	GPUUsage              string
+	EphemeralStorageUsage string
+	ObjectStorageUsage    string
+	NodePortUsage         string
+	StorageUsage          string
+}
+
 func InitFeishuClient() {
 	feiShuClient = lark.NewClient(api.APPID, api.APPSECRET)
 }
@@ -201,6 +219,8 @@ func getMessageIDMap(performanceType string) map[string]string {
 		return api.DatabaseCPUMessageIDMap
 	case "Backup":
 		return api.DatabaseBackupMessageIDMap
+	case "Quota":
+		return api.QuotaMessageIDMap
 	default:
 		return api.DatabaseStatusMessageIDMap
 	}
@@ -248,7 +268,7 @@ func createFeishuNotification(notification Info, message, feishuWebHook string,
 
 	respStr := larkcore.Prettify(resp)
 	messageID := extractAndPrintMessageID(respStr)
-	if notification.DatabaseClusterName == "Backup" {
+	if notification.PerformanceType == "Backup" || notification.PerformanceType == "Quota" {
 		return nil
 	}
 	if messageID == "" {
@@ -297,7 +317,75 @@ func createCard(headerTemplate, headerTitle string, elements []map[string]string
 	return card
 }
 
-func createElements(namespace, backupName, status, startTime, reason string, includeReason bool) []map[string]string {
+func GetQuotaMessage(nsQuota *NameSpaceQuota) string {
+	var card map[string]interface{}
+	elements := createQuotaElements(nsQuota)
+	card = createCard("red", "Quota阀值通知", elements)
+
+	databaseMessage, err := marshalCard(card)
+	if err != nil {
+		fmt.Println(err)
+		return ""
+	}
+	return databaseMessage
+}
+
+func createQuotaElements(nsQuota *NameSpaceQuota) []map[string]string {
+	elements := []map[string]string{
+		{"label": "集群环境", "value": api.ClusterName},
+		{"label": "命名空间", "value": nsQuota.NameSpace},
+	}
+	addNonEmptyFieldsToElements(nsQuota, &elements)
+	return elements
+}
+
+func addNonEmptyFieldsToElements(nsQuota *NameSpaceQuota, elements *[]map[string]string) {
+	fields := map[string]string{
+		"CPULimit":              "CPU总量",
+		"CPUUsage":              "CPU使用率",
+		"MemLimit":              "内存总量",
+		"MemUsage":              "内存使用率",
+		"GPULimit":              "GPU总量",
+		"GPUUsage":              "GPU使用率",
+		"EphemeralStorageLimit": "临时存储总量",
+		"EphemeralStorageUsage": "临时存储使用率",
+		"ObjectStorageLimit":    "对象存储总量",
+		"ObjectStorageUsage":    "对象存储使用率",
+		"NodePortLimit":         "节点端口总量",
+		"NodePortUsage":         "节点端口使用率",
+		"StorageLimit":          "存储总量",
+		"StorageUsage":          "存储使用率",
+	}
+
+	quotaValues := map[string]string{
+		"CPULimit":              nsQuota.CPULimit,
+		"CPUUsage":              nsQuota.CPUUsage,
+		"MemLimit":              nsQuota.MemLimit,
+		"MemUsage":              nsQuota.MemUsage,
+		"GPULimit":              nsQuota.GPULimit,
+		"GPUUsage":              nsQuota.GPUUsage,
+		"EphemeralStorageLimit": nsQuota.EphemeralStorageLimit,
+		"EphemeralStorageUsage": nsQuota.EphemeralStorageUsage,
+		"ObjectStorageLimit":    nsQuota.ObjectStorageLimit,
+		"ObjectStorageUsage":    nsQuota.ObjectStorageUsage,
+		"NodePortLimit":         nsQuota.NodePortLimit,
+		"NodePortUsage":         nsQuota.NodePortUsage,
+		"StorageLimit":          nsQuota.StorageLimit,
+		"StorageUsage":          nsQuota.StorageUsage,
+	}
+
+	for field, label := range fields {
+		value := quotaValues[field]
+		if value != "" {
+			*elements = append(*elements, map[string]string{
+				"label": label,
+				"value": value,
+			})
+		}
+	}
+}
+
+func createBackupElements(namespace, backupName, status, startTime, reason string, includeReason bool) []map[string]string {
 	elements := []map[string]string{
 		{"label": "集群环境", "value": api.ClusterName},
 		{"label": "命名空间", "value": namespace},
@@ -322,10 +410,10 @@ func marshalCard(card map[string]interface{}) (string, error) {
 func GetBackupMessage(notificationType, namespace, backupName, status, startTime, reason string) string {
 	var card map[string]interface{}
 	if notificationType == ExceptionType {
-		elements := createElements(namespace, backupName, status, startTime, reason, true)
+		elements := createBackupElements(namespace, backupName, status, startTime, reason, true)
 		card = createCard("red", "备份异常通知", elements)
 	} else {
-		elements := createElements(namespace, backupName, status, startTime, "", false)
+		elements := createBackupElements(namespace, backupName, status, startTime, "", false)
 		card = createCard("blue", "备份恢复通知", elements)
 	}
 
diff --git a/service/exceptionmonitor/main.go b/service/exceptionmonitor/main.go
index 943d49fdc12..fe518bc0006 100644
--- a/service/exceptionmonitor/main.go
+++ b/service/exceptionmonitor/main.go
@@ -18,6 +18,7 @@ func main() {
 	go monitor.DatabaseExceptionMonitor()
 	go monitor.DatabasePerformanceMonitor()
 	go monitor.DatabaseBackupMonitor()
+	go monitor.QuotaMonitor()
 	select {}
 }
 

From 3c33459b0e066c73d26b12db581932cf5bf9f63e Mon Sep 17 00:00:00 2001
From: Jiahui <4543bxy@gmail.com>
Date: Tue, 29 Oct 2024 10:38:27 +0800
Subject: [PATCH 60/63] fix GetRealNameInfoReq (#5178)

---
 service/account/api/api.go | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/service/account/api/api.go b/service/account/api/api.go
index 51155b26c1b..0928529fbfd 100644
--- a/service/account/api/api.go
+++ b/service/account/api/api.go
@@ -1012,20 +1012,13 @@ func GetRechargeDiscount(c *gin.Context) {
 // @Tags GetUserRealNameInfo
 // @Accept json
 // @Produce json
-// @Param request body helper.GetRealNameInfoReq true "Get real name info request"
 // @Success 200 {object} helper.GetRealNameInfoResp "Successfully retrieved user real name info"
 // @Failure 400 {object} helper.ErrorMessage "Failed to parse get real name info request"
 // @Failure 401 {object} helper.ErrorMessage "Authentication error"
 // @Failure 500 {object} helper.ErrorMessage "Failed to get user real name info or info not found/verified"
 // @Router /account/v1alpha1/real-name-info [post]
 func GetUserRealNameInfo(c *gin.Context) {
-	// Parse the get real name info request
-	req, err := helper.ParseGetRealNameInfoReq(c)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, helper.ErrorMessage{Error: fmt.Sprintf("failed to parse get real name info request: %v", err)})
-		return
-	}
-
+	req := &helper.GetRealNameInfoReq{}
 	if err := authenticateRequest(c, req); err != nil {
 		c.JSON(http.StatusUnauthorized, helper.ErrorMessage{Error: fmt.Sprintf("authenticate error : %v", err)})
 		return

From 2ca25f5850f003856e04ccfa43c325e79ef5e9f6 Mon Sep 17 00:00:00 2001
From: limbo <43649186+HUAHUAI23@users.noreply.github.com>
Date: Tue, 29 Oct 2024 14:34:52 +0800
Subject: [PATCH 61/63] feat(costcenter): add recharge limit for non real name
 user (#5174)

* feat(costcenter): add recharge limit for non real name user

* ok
---
 .../providers/costcenter/src/pages/_app.tsx   |  1 +
 .../src/pages/api/account/gift-code.ts        |  9 +++++
 .../src/pages/api/account/payment/index.ts    | 13 ++++++++
 .../src/pages/api/account/payment/stripe.ts   | 13 ++++++++
 .../src/pages/api/platform/getAppConfig.ts    |  2 ++
 .../costcenter/src/service/backend/region.ts  |  7 ++--
 .../providers/costcenter/src/stores/env.ts    |  2 ++
 .../providers/costcenter/src/types/config.ts  |  2 ++
 .../providers/costcenter/src/utils/tools.ts   | 33 ++++++++++++++++++-
 9 files changed, 79 insertions(+), 3 deletions(-)

diff --git a/frontend/providers/costcenter/src/pages/_app.tsx b/frontend/providers/costcenter/src/pages/_app.tsx
index a8ea00fb23c..184a002bb54 100644
--- a/frontend/providers/costcenter/src/pages/_app.tsx
+++ b/frontend/providers/costcenter/src/pages/_app.tsx
@@ -61,6 +61,7 @@ const App = ({ Component, pageProps }: AppProps) => {
     (async () => {
       try {
         const { data } = await request<any, ApiResp<initDataRes>>('/api/platform/getAppConfig');
+        state.setEnv('realNameRechargeLimit', !!data?.REALNAME_RECHARGE_LIMIT);
         state.setEnv('invoiceEnabled', !!data?.INVOICE_ENABLED);
         state.setEnv('transferEnabled', !!data?.TRANSFER_ENABLED);
         state.setEnv('rechargeEnabled', !!data?.RECHARGE_ENABLED);
diff --git a/frontend/providers/costcenter/src/pages/api/account/gift-code.ts b/frontend/providers/costcenter/src/pages/api/account/gift-code.ts
index 6a4a7d6836d..4646fb50fb8 100644
--- a/frontend/providers/costcenter/src/pages/api/account/gift-code.ts
+++ b/frontend/providers/costcenter/src/pages/api/account/gift-code.ts
@@ -1,5 +1,6 @@
 import { makeAPIClientByHeader } from '@/service/backend/region';
 import { jsonRes } from '@/service/backend/response';
+import { checkSealosUserIsRealName } from '@/utils/tools';
 import type { NextApiRequest, NextApiResponse } from 'next';
 
 export default async function handler(req: NextApiRequest, resp: NextApiResponse) {
@@ -28,6 +29,14 @@ export default async function handler(req: NextApiRequest, resp: NextApiResponse
     const client = await makeAPIClientByHeader(req, resp);
     if (!client) return;
 
+    const isRealName = await checkSealosUserIsRealName(client);
+    if (!isRealName) {
+      return jsonRes(resp, {
+        code: 403,
+        message: 'recharge is not allowed for non-real-name user'
+      });
+    }
+
     const response = await client.post('/account/v1alpha1/gift-code/use', body);
     const responseData = await response.data;
     if (response.status !== 200) {
diff --git a/frontend/providers/costcenter/src/pages/api/account/payment/index.ts b/frontend/providers/costcenter/src/pages/api/account/payment/index.ts
index 5016066c8d8..f87d5f42839 100644
--- a/frontend/providers/costcenter/src/pages/api/account/payment/index.ts
+++ b/frontend/providers/costcenter/src/pages/api/account/payment/index.ts
@@ -1,8 +1,10 @@
 import { generatePaymentCrd, PaymentForm } from '@/constants/payment';
 import { authSession } from '@/service/backend/auth';
 import { ApplyYaml, GetUserDefaultNameSpace } from '@/service/backend/kubernetes';
+import { makeAPIClientByHeader } from '@/service/backend/region';
 import { jsonRes } from '@/service/backend/response';
 import { deFormatMoney } from '@/utils/format';
+import { checkSealosUserIsRealName } from '@/utils/tools';
 import crypto from 'crypto';
 import type { NextApiRequest, NextApiResponse } from 'next';
 
@@ -38,6 +40,17 @@ export default async function handler(req: NextApiRequest, resp: NextApiResponse
       return jsonRes(resp, { code: 401, message: 'user not found' });
     }
 
+    const client = await makeAPIClientByHeader(req, resp);
+    if (!client) return;
+
+    const isRealName = await checkSealosUserIsRealName(client);
+    if (!isRealName) {
+      return jsonRes(resp, {
+        code: 403,
+        message: 'recharge is not allowed for non-real-name user'
+      });
+    }
+
     // do payment
     const paymentName = crypto.randomUUID();
     const namespace = GetUserDefaultNameSpace(kubeUser.name);
diff --git a/frontend/providers/costcenter/src/pages/api/account/payment/stripe.ts b/frontend/providers/costcenter/src/pages/api/account/payment/stripe.ts
index 87a4a5ea774..3b991e50917 100644
--- a/frontend/providers/costcenter/src/pages/api/account/payment/stripe.ts
+++ b/frontend/providers/costcenter/src/pages/api/account/payment/stripe.ts
@@ -1,7 +1,9 @@
 import { generatePaymentCrd, PaymentForm } from '@/constants/payment';
 import { authSession } from '@/service/backend/auth';
 import { ApplyYaml, GetUserDefaultNameSpace } from '@/service/backend/kubernetes';
+import { makeAPIClientByHeader } from '@/service/backend/region';
 import { jsonRes } from '@/service/backend/response';
+import { checkSealosUserIsRealName } from '@/utils/tools';
 import crypto from 'crypto';
 import type { NextApiRequest, NextApiResponse } from 'next';
 
@@ -23,6 +25,17 @@ export default async function handler(req: NextApiRequest, resp: NextApiResponse
       });
     }
 
+    const client = await makeAPIClientByHeader(req, resp);
+    if (!client) return;
+
+    const isRealName = await checkSealosUserIsRealName(client);
+    if (!isRealName) {
+      return jsonRes(resp, {
+        code: 403,
+        message: 'recharge is not allowed for non-real-name user'
+      });
+    }
+
     const k8s_username = kc.getUsers()[0].name;
     // do payment
     const paymentName = crypto.randomUUID();
diff --git a/frontend/providers/costcenter/src/pages/api/platform/getAppConfig.ts b/frontend/providers/costcenter/src/pages/api/platform/getAppConfig.ts
index e08e1416f4c..024d627bba0 100644
--- a/frontend/providers/costcenter/src/pages/api/platform/getAppConfig.ts
+++ b/frontend/providers/costcenter/src/pages/api/platform/getAppConfig.ts
@@ -5,6 +5,7 @@ import { jsonRes } from '@/service/backend/response';
 import { AppConfigType, DefaultAppConfig } from '@/types/config';
 
 export type Response = {
+  REALNAME_RECHARGE_LIMIT: boolean;
   RECHARGE_ENABLED: boolean;
   TRANSFER_ENABLED: boolean;
   STRIPE_ENABLED: boolean;
@@ -45,6 +46,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
     initAppConfig();
     jsonRes<Response>(res, {
       data: {
+        REALNAME_RECHARGE_LIMIT: global.AppConfig.costCenter.realNameRechargeLimit,
         RECHARGE_ENABLED: global.AppConfig.costCenter.recharge.enabled,
         TRANSFER_ENABLED: global.AppConfig.costCenter.transferEnabled,
         STRIPE_ENABLED: global.AppConfig.costCenter.recharge.payMethods.stripe.enabled,
diff --git a/frontend/providers/costcenter/src/service/backend/region.ts b/frontend/providers/costcenter/src/service/backend/region.ts
index cf4e2a35ffd..9a846f234f4 100644
--- a/frontend/providers/costcenter/src/service/backend/region.ts
+++ b/frontend/providers/costcenter/src/service/backend/region.ts
@@ -1,5 +1,5 @@
 import { Region } from '@/types/region';
-import axios from 'axios';
+import axios, { AxiosInstance } from 'axios';
 import { NextApiRequest, NextApiResponse } from 'next';
 import { AccessTokenPayload, generateBillingToken, verifyInternalToken } from '../auth';
 import { jsonRes } from './response';
@@ -53,7 +53,10 @@ export async function makeRegionListAPIClientByHeader(req: NextApiRequest, res:
   });
   return clientList;
 }
-export function makeAPIClient(region: Region | undefined | null, payload?: AccessTokenPayload) {
+export function makeAPIClient(
+  region: Region | undefined | null,
+  payload?: AccessTokenPayload
+): AxiosInstance {
   const baseURL = region?.accountSvc
     ? `http://${region?.accountSvc}`
     : global.AppConfig.costCenter.components.accountService.url;
diff --git a/frontend/providers/costcenter/src/stores/env.ts b/frontend/providers/costcenter/src/stores/env.ts
index 6f7c160c85c..9f5d9c60512 100644
--- a/frontend/providers/costcenter/src/stores/env.ts
+++ b/frontend/providers/costcenter/src/stores/env.ts
@@ -1,6 +1,7 @@
 import { loadStripe } from '@stripe/stripe-js';
 import { create } from 'zustand';
 type EnvState = {
+  realNameRechargeLimit: boolean;
   rechargeEnabled: boolean;
   transferEnabled: boolean;
   invoiceEnabled: boolean;
@@ -18,6 +19,7 @@ type EnvState = {
 };
 
 const useEnvStore = create<EnvState>((set, get) => ({
+  realNameRechargeLimit: false,
   rechargeEnabled: false,
   transferEnabled: false,
   invoiceEnabled: false,
diff --git a/frontend/providers/costcenter/src/types/config.ts b/frontend/providers/costcenter/src/types/config.ts
index df379ccd82f..d5262f00802 100644
--- a/frontend/providers/costcenter/src/types/config.ts
+++ b/frontend/providers/costcenter/src/types/config.ts
@@ -57,6 +57,7 @@ export type AppConfigType = {
     domain: string;
   };
   costCenter: {
+    realNameRechargeLimit: boolean;
     transferEnabled: boolean;
     giftCodeEnabled: boolean;
     currencyType: string;
@@ -75,6 +76,7 @@ export type AppConfigType = {
 
 export var DefaultAppConfig: AppConfigType = {
   costCenter: {
+    realNameRechargeLimit: false,
     giftCodeEnabled: true,
     transferEnabled: true,
     currencyType: 'shellCoin',
diff --git a/frontend/providers/costcenter/src/utils/tools.ts b/frontend/providers/costcenter/src/utils/tools.ts
index 10af19e8a2d..146dca38042 100644
--- a/frontend/providers/costcenter/src/utils/tools.ts
+++ b/frontend/providers/costcenter/src/utils/tools.ts
@@ -1,4 +1,6 @@
 import { NextApiRequest } from 'next';
+import { AxiosInstance } from 'axios';
+import crypto from 'crypto';
 
 export const retrySerially = <T>(fn: () => Promise<T>, times: number) =>
   new Promise((res, rej) => {
@@ -16,7 +18,6 @@ export const retrySerially = <T>(fn: () => Promise<T>, times: number) =>
     };
     attempt();
   });
-import crypto from 'crypto';
 export function genSign(secret: string, timestamp: number | string) {
   const stringToSign = `${timestamp}\n${secret}`;
   const hmac = crypto.createHmac('sha256', stringToSign);
@@ -54,3 +55,33 @@ export function getClientIPFromRequest(req: NextApiRequest) {
 
   return undefined;
 }
+
+type RealNameInfoResponse = {
+  data: {
+    userID: string;
+    isRealName: boolean;
+  };
+  error?: string;
+  message: string;
+};
+
+export const checkSealosUserIsRealName = async (client: AxiosInstance): Promise<boolean> => {
+  try {
+    if (!global.AppConfig.costCenter.realNameRechargeLimit) {
+      return true;
+    }
+
+    const response = await client.post('/account/v1alpha1/real-name-info');
+    const realNameInfoData: RealNameInfoResponse = await response.data;
+
+    if (realNameInfoData.error) {
+      console.error(realNameInfoData.error);
+      return false;
+    }
+
+    return realNameInfoData.data.isRealName;
+  } catch (error) {
+    console.error(error);
+    return false;
+  }
+};

From 0fe154f2cfd92d83e2c1638a9778bd58085e9e4c Mon Sep 17 00:00:00 2001
From: jingyang <72259332+zjy365@users.noreply.github.com>
Date: Thu, 31 Oct 2024 15:17:08 +0800
Subject: [PATCH 62/63] docs: Update docs scripts (#5181)

* docs: Update docs scripts

* update

* fix noscript
---
 docs/website/docusaurus.config.js | 153 ++++++++++++++++++++++++------
 docs/website/src/pages/index.tsx  |  33 -------
 2 files changed, 122 insertions(+), 64 deletions(-)

diff --git a/docs/website/docusaurus.config.js b/docs/website/docusaurus.config.js
index eccc6c41755..8ba2a26c79c 100644
--- a/docs/website/docusaurus.config.js
+++ b/docs/website/docusaurus.config.js
@@ -75,32 +75,32 @@ const config = {
 
   themeConfig: { // @type {import('@docusaurus/preset-classic').ThemeConfig}
     metadata: [{ name: 'title', content: 'Sealos by 环界云' }],
-    // announcementBar: {
-    //   id: 'sealos_tip',
-    //   content: `
-    //   <div class="sealos-banner-box">
-    //     <div>${isDomesticSite ? 'If you are an international user, please visit 👉' : '如果您是国内用户，请直接访问 👉 '}</div>
-    //     <div class="sealos-banner-btn" onclick="window.open('${isDomesticSite ? 'https://sealos.io' : 'https://sealos.run'}', '_blank');">
-    //       ${isDomesticSite ? 'International Site' : '国内官网'}
-    //     </div>
-    //     <svg 
-    //       onclick="handleBannerClose()"
-    //       width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
-    //       <g clip-path="url(#clip0_1145_366)">
-    //         <path d="M12 22C6.477 22 2 17.523 2 12C2 6.477 6.477 2 12 2C17.523 2 22 6.477 22 12C22 17.523 17.523 22 12 22Z" fill="white" fill-opacity="0.16"/>
-    //         <path d="M12 21.75C6.61507 21.75 2.25 17.3849 2.25 12C2.25 6.61507 6.61507 2.25 12 2.25C17.3849 2.25 21.75 6.61507 21.75 12C21.75 17.3849 17.3849 21.75 12 21.75Z" stroke="white" stroke-opacity="0.1" stroke-width="0.5"/>
-    //         <path d="M9.17184 7.75696L11.9998 10.586L14.8278 7.75696L16.2428 9.17196L13.4138 12L16.2428 14.828L14.8278 16.243L11.9998 13.414L9.17184 16.243L7.75684 14.828L10.5858 12L7.75684 9.17196L9.17184 7.75696Z" fill="white"/>
-    //       </g>
-    //       <defs>
-    //         <clipPath id="clip0_1145_366">
-    //           <rect width="24" height="24" fill="white"/>
-    //         </clipPath>
-    //       </defs>
-    //     </svg>
-    //   </div>
-    //   `,
-    //   isCloseable: true,
-    // },
+    announcementBar: {
+      id: 'sealos_tip',
+      content: `
+      <div class="sealos-banner-box">
+        <div>${isDomesticSite ? 'If you are an international user, please visit 👉' : '如果您是国内用户，请直接访问 👉 '}</div>
+        <div class="sealos-banner-btn" onclick="window.open('${isDomesticSite ? 'https://sealos.io' : 'https://sealos.run'}', '_blank');">
+          ${isDomesticSite ? 'International Site' : '国内官网'}
+        </div>
+        <svg 
+          onclick="handleBannerClose()"
+          width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
+          <g clip-path="url(#clip0_1145_366)">
+            <path d="M12 22C6.477 22 2 17.523 2 12C2 6.477 6.477 2 12 2C17.523 2 22 6.477 22 12C22 17.523 17.523 22 12 22Z" fill="white" fill-opacity="0.16"/>
+            <path d="M12 21.75C6.61507 21.75 2.25 17.3849 2.25 12C2.25 6.61507 6.61507 2.25 12 2.25C17.3849 2.25 21.75 6.61507 21.75 12C21.75 17.3849 17.3849 21.75 12 21.75Z" stroke="white" stroke-opacity="0.1" stroke-width="0.5"/>
+            <path d="M9.17184 7.75696L11.9998 10.586L14.8278 7.75696L16.2428 9.17196L13.4138 12L16.2428 14.828L14.8278 16.243L11.9998 13.414L9.17184 16.243L7.75684 14.828L10.5858 12L7.75684 9.17196L9.17184 7.75696Z" fill="white"/>
+          </g>
+          <defs>
+            <clipPath id="clip0_1145_366">
+              <rect width="24" height="24" fill="white"/>
+            </clipPath>
+          </defs>
+        </svg>
+      </div>
+      `,
+      isCloseable: true,
+    },
     algolia: {
       // Algolia 提供的应用 ID
       appId: "SLTSB7B9Y0",
@@ -251,11 +251,7 @@ const config = {
     {
       src: "/global.js",
       async: true
-    },
-    ...(isDomesticSite ? [{
-      src: 'https://hm.baidu.com/hm.js?d8e8ecf669c47dc2512d3f1417e761f9',
-      async: true,
-    }] : [])
+    }
   ],
   headTags: [
     {
@@ -279,6 +275,101 @@ const config = {
         },
       }
     },
+    function gtmPlugin (context, options) {
+      return {
+        name: 'docusaurus-gtm-plugin',
+        injectHtmlTags () {
+          return {
+            headTags: [
+              {
+                tagName: 'script',
+                innerHTML: `
+                  (function() {
+                    const hostname = window.location.hostname;
+                    if (hostname !== 'sealos.run') {
+                      (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
+                      new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
+                      j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
+                      'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
+                      })(window,document,'script','dataLayer','GTM-5953N4CP');
+                    }
+                  })();
+                `,
+              },
+            ],
+            preBodyTags: [
+              {
+                tagName: 'script',
+                innerHTML: `
+                  if (window.location.hostname !== 'sealos.run') {
+                    document.write('<noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5953N4CP" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>');
+                  }
+                `,
+              },
+            ]
+          }
+        },
+      }
+    },
+    function umamiPlugin (context, options) {
+      return {
+        name: 'docusaurus-umami-plugin',
+        injectHtmlTags () {
+          return {
+            headTags: [
+              {
+                tagName: 'script',
+                innerHTML: `
+                  (function() {
+                    const hostname = window.location.hostname;
+                    if (hostname === 'sealos.run') {
+                      const script1 = document.createElement('script');
+                      script1.src = 'https://umami.cloud.sealos.io/oishii';
+                      script1.setAttribute('data-website-id', 'e5a8009f-7cb6-4841-9522-d23b96216b7a');
+                      script1.async = true;
+                      document.head.appendChild(script1);
+                    } else {
+                      const script2 = document.createElement('script');
+                      script2.src = 'https://umami.cloud.sealos.io/oishii';
+                      script2.setAttribute('data-website-id', 'a1c29ace-b288-431a-a2eb-8617d1d5b5ed');
+                      script2.async = true;
+                      document.head.appendChild(script2);
+                    }
+                  })();
+                `,
+              },
+            ],
+          }
+        },
+      }
+    },
+    function baiduPlugin (context, options) {
+      return {
+        name: 'docusaurus-baidu-plugin',
+        injectHtmlTags () {
+          return {
+            headTags: [
+              {
+                tagName: 'script',
+                innerHTML: `
+                  (function() {
+                    const hostname = window.location.hostname;
+                    if (hostname === 'sealos.run') {
+                      var _hmt = _hmt || [];
+                      var hm = document.createElement("script");
+                      hm.src = "https://hm.baidu.com/hm.js?d8e8ecf669c47dc2512d3f1417e761f9";
+                      hm.async = true;
+                      var s = document.getElementsByTagName("script")[0]; 
+                      s.parentNode.insertBefore(hm, s);
+                    }
+                  })();
+                `,
+              },
+            ],
+          }
+        },
+      }
+    }
   ]
 }
 
diff --git a/docs/website/src/pages/index.tsx b/docs/website/src/pages/index.tsx
index 88c4eac6dc6..519f0a6cfe6 100644
--- a/docs/website/src/pages/index.tsx
+++ b/docs/website/src/pages/index.tsx
@@ -1,7 +1,6 @@
 import '@site/src/css/animate.css';
 import Layout from '@theme/Layout';
 import React, { useEffect, useMemo } from 'react';
-import { Helmet } from 'react-helmet';
 import { PC_MIN_WIDTH } from '../constants/platform';
 import useWindow from '../hooks/useWindow';
 import Capability from './components/Capability';
@@ -20,26 +19,6 @@ const Home = () => {
   const isPc = useMemo(() => screenWidth > PC_MIN_WIDTH, [screenWidth]);
   const { i18n } = useDocusaurusContext();
 
-  useEffect(() => {
-    const loadUmamiScript = () => {
-      const hostname = window.location.hostname;
-      if (hostname === 'sealos.run') {
-        const script1 = document.createElement('script');
-        script1.src = 'https://umami.cloud.sealos.io/oishii';
-        script1.setAttribute('data-website-id', 'e5a8009f-7cb6-4841-9522-d23b96216b7a');
-        script1.async = true;
-        document.head.appendChild(script1);
-      } else {
-        const script2 = document.createElement('script');
-        script2.src = 'https://umami.cloud.sealos.io/oishii';
-        script2.setAttribute('data-website-id', 'a1c29ace-b288-431a-a2eb-8617d1d5b5ed');
-        script2.async = true;
-        document.head.appendChild(script2);
-      }
-    };
-    loadUmamiScript();
-  }, []);
-
   useEffect(() => {
     const urlParams = new URLSearchParams(window.location.search);
     const params: Record<string, string> = {};
@@ -83,18 +62,6 @@ const Home = () => {
           }
         />
       </Head>
-      <Helmet>
-        <script async src="https://www.googletagmanager.com/gtag/js?id=AW-786053845" />
-        <script async>
-          {`
-            window.dataLayer = window.dataLayer || [];
-            function gtag(){dataLayer.push(arguments);}
-            gtag('js', new Date());
-            gtag('config', 'AW-786053845');
-            gtag('event', 'conversion', {'send_to': 'AW-786053845/LpbTCJ-8-coYENX16PYC'});
-          `}
-        </script>
-      </Helmet>
       <Layout>
         <div className="home">
           {/* <SaleBanner /> */}

From e6a2f8b3faf9b9122451f8b8b8f58eb403f71686 Mon Sep 17 00:00:00 2001
From: yy <56745951+lingdie@users.noreply.github.com>
Date: Thu, 31 Oct 2024 16:53:45 +0800
Subject: [PATCH 63/63] change devbox to stop if exceeded quota (#5182)

---
 .../internal/controller/devbox_controller.go     | 16 +++++++++++++---
 .../devbox/internal/controller/helper/devbox.go  |  5 +++++
 2 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/controllers/devbox/internal/controller/devbox_controller.go b/controllers/devbox/internal/controller/devbox_controller.go
index 5fb887bd0fc..0de5776e765 100644
--- a/controllers/devbox/internal/controller/devbox_controller.go
+++ b/controllers/devbox/internal/controller/devbox_controller.go
@@ -261,7 +261,19 @@ func (r *DevboxReconciler) syncPod(ctx context.Context, devbox *devboxv1alpha1.D
 		case 0:
 			logger.Info("create pod")
 			logger.Info("next commit history", "commit", nextCommitHistory)
-			return r.createPod(ctx, devbox, expectPod, nextCommitHistory)
+			err := r.createPod(ctx, devbox, expectPod, nextCommitHistory)
+			if err != nil && helper.IsExceededQuotaError(err) {
+				logger.Info("devbox is exceeded quota, change devbox state to Stopped")
+				r.Recorder.Eventf(devbox, corev1.EventTypeWarning, "Devbox is exceeded quota", "Devbox is exceeded quota")
+				devbox.Spec.State = devboxv1alpha1.DevboxStateStopped
+				_ = r.Update(ctx, devbox)
+				return nil
+			}
+			if err != nil {
+				logger.Error(err, "create pod failed")
+				return err
+			}
+			return nil
 		case 1:
 			pod := &podList.Items[0]
 			// check pod container size, if it is 0, it means the pod is not running, return an error
@@ -419,11 +431,9 @@ func (r *DevboxReconciler) getRuntime(ctx context.Context, devbox *devboxv1alpha
 
 // create a new pod, add predicated status to nextCommitHistory
 func (r *DevboxReconciler) createPod(ctx context.Context, devbox *devboxv1alpha1.Devbox, expectPod *corev1.Pod, nextCommitHistory *devboxv1alpha1.CommitHistory) error {
-	logger := log.FromContext(ctx)
 	nextCommitHistory.Status = devboxv1alpha1.CommitStatusPending
 	nextCommitHistory.PredicatedStatus = devboxv1alpha1.CommitStatusPending
 	if err := r.Create(ctx, expectPod); err != nil {
-		logger.Error(err, "create pod failed")
 		return err
 	}
 	devbox.Status.CommitHistory = append(devbox.Status.CommitHistory, nextCommitHistory)
diff --git a/controllers/devbox/internal/controller/helper/devbox.go b/controllers/devbox/internal/controller/helper/devbox.go
index a84032eb48a..eb969bc56f0 100644
--- a/controllers/devbox/internal/controller/helper/devbox.go
+++ b/controllers/devbox/internal/controller/helper/devbox.go
@@ -18,6 +18,7 @@ import (
 	"fmt"
 	"log/slog"
 	"sort"
+	"strings"
 
 	"crypto/ed25519"
 	"crypto/rand"
@@ -397,6 +398,10 @@ func GenerateResourceRequirements(devbox *devboxv1alpha1.Devbox, requestEphemera
 	}
 }
 
+func IsExceededQuotaError(err error) bool {
+	return strings.Contains(err.Error(), "exceeded quota")
+}
+
 func calculateResourceRequest(limit corev1.ResourceList) corev1.ResourceList {
 	if limit == nil {
 		return nil