def get(self, request, project_id):
"""获取项目下所有的secrets"""
params = dict(request.GET.items())
is_decode = str2bool(request.GET.get('decode'))
cluster_id = params['cluster_id']
code, cluster_secrets = self.get_secrets_by_cluster_id(request, params, project_id, cluster_id)
if code != ErrorCode.NoError:
return Response({'code': code, 'message': cluster_secrets})
self.handle_data(
cluster_secrets,
self.cate,
cluster_id,
is_decode,
namespace_dict=app_utils.get_ns_id_map(request.user.token.access_token, project_id),
)
# 按时间倒序排列
cluster_secrets.sort(key=lambda x: x.get('createTime', ''), reverse=True)
return PermsResponse(
cluster_secrets,
NamespaceRequest(project_id=project_id, cluster_id=cluster_id),
)
def get(self, request):
context = {
"DEVOPS_HOST":
settings.DEVOPS_HOST,
"DEVOPS_BCS_HOST":
settings.DEVOPS_BCS_HOST,
"DEVOPS_BCS_API_URL":
settings.DEVOPS_BCS_API_URL,
"DEVOPS_ARTIFACTORY_HOST":
settings.DEVOPS_ARTIFACTORY_HOST,
"RUN_ENV":
settings.RUN_ENV,
# 去除末尾的 /, 前端约定
"STATIC_URL":
settings.SITE_STATIC_URL,
# 去除开头的 . document.domain需要
"SESSION_COOKIE_DOMAIN":
settings.SESSION_COOKIE_DOMAIN.lstrip("."),
"REGION":
settings.REGION,
"BK_CC_HOST":
settings.BK_CC_HOST,
"SITE_URL":
settings.SITE_URL[:-1],
"BK_IAM_APP_URL":
settings.BK_IAM_APP_URL,
"SUPPORT_MESOS":
str2bool(os.environ.get("BKAPP_SUPPORT_MESOS", "false"))
}
response = super(VueTemplateView, self).get(request, **context)
return response
def __call__(self, wrapped, instance, args, kwargs):
resp = wrapped(*args, **kwargs)
if not isinstance(resp, PermsResponse):
return resp
if not resp.resource_data:
return resp
request = args[0]
with_perms = True
if not self.force_add: # 根据前端请求,决定是否返回权限数据
with_perms = str2bool(request.query_params.get('with_perms', True))
if not with_perms:
return resp
perms = self._calc_perms(request.user.username, resp)
annots = getattr(resp, 'web_annotations', None) or {}
resp.web_annotations = {'perms': perms, **annots}
return resp
def __call__(self, wrapped, instance, args, kwargs):
resp = wrapped(*args, **kwargs)
if not isinstance(resp, PermsResponse):
raise TypeError(
'response_perms decorator only support PermsResponse')
if not resp.resource_data:
return resp
request = args[0]
with_perms = True
if not self.force_add: # 根据前端请求,决定是否返回权限数据
with_perms = str2bool(request.query_params.get('with_perms', True))
if not with_perms:
return resp
perms = self._calc_perms(request, resp)
annots = getattr(resp, 'web_annotations', None) or {}
resp.web_annotations = {"perms": perms, **annots}
return resp
def test_str2bool(source, value):
assert str2bool(source) == value
def list(self, request, project_id):
"""命名空间列表
权限控制: 必须有对应集群的使用权限
"""
access_token = request.user.token.access_token
valid_group_by = ['env_type', 'cluster_id', 'cluster_name']
group_by = request.GET.get('group_by')
cluster_id = request.GET.get('cluster_id')
# 获取全部namespace,前台分页
result = paas_cc.get_namespace_list(access_token,
project_id,
limit=LIMIT_FOR_ALL_DATA)
if result.get('code') != 0:
raise error_codes.APIError.f(result.get('message', ''))
results = result["data"]["results"] or []
# 针对k8s集群过滤掉平台命名空间
results = self._ignore_ns_for_k8s(results)
# 补充cluster_name字段
cluster_list = get_clusters(access_token, project_id)
# 添加共享集群
cluster_list = append_shared_clusters(cluster_list)
# TODO: 后续发现cluster_id不存在时,再处理
cluster_dict = {i["cluster_id"]: i for i in (cluster_list or [])}
# no_vars=1 不显示变量
no_vars = request.GET.get('no_vars')
if no_vars == '1':
project_var = []
else:
project_var = NameSpaceVariable.get_project_ns_vars(project_id)
for i in results:
# ns_vars = NameSpaceVariable.get_ns_vars(i['id'], project_id)
ns_id = i['id']
ns_vars = []
for _var in project_var:
_ns_values = _var['ns_values']
_ns_value_ids = _ns_values.keys()
ns_vars.append({
'id':
_var['id'],
'key':
_var['key'],
'name':
_var['name'],
'value':
_ns_values.get(ns_id)
if ns_id in _ns_value_ids else _var['default_value'],
})
i['ns_vars'] = ns_vars
if i['cluster_id'] in cluster_dict:
i['cluster_name'] = cluster_dict[i['cluster_id']]['name']
i['environment'] = cluster_dict[i['cluster_id']]['environment']
else:
i['cluster_name'] = i['cluster_id']
i['environment'] = None
if cluster_id:
results = filter(lambda x: x['cluster_id'] == cluster_id, results)
if group_by and group_by in valid_group_by:
# 分组, 排序
results = [{
'name':
k,
'results':
sorted(list(v), key=lambda x: x['id'], reverse=True)
} for k, v in groupby(sorted(results, key=lambda x: x[group_by]),
key=lambda x: x[group_by])]
if group_by == 'env_type':
ordering = [i.value for i in EnvType]
results = sorted(results,
key=lambda x: ordering.index(x['name']))
else:
results = sorted(results,
key=lambda x: x['name'],
reverse=True)
# 过滤带有ns的集群id
cluster_ids_with_ns = []
# 按集群分组时,添加集群环境信息
for r in results:
r_ns_list = r.get('results') or []
r_ns = r_ns_list[0] if r_ns_list else {}
r['environment'] = r_ns.get('environment', '')
r['environment_name'] = get_cluster_env_name(
r['environment'])
r["cluster_id"] = r_ns.get("cluster_id")
if get_cluster_type(r["cluster_id"]) == ClusterType.SHARED:
r["is_shared"] = True
cluster_ids_with_ns.append(r_ns.get("cluster_id"))
# 添加无命名空间集群ID
results.extend(
self.get_clusters_without_ns(cluster_dict,
cluster_ids_with_ns))
else:
results = sorted(results, key=lambda x: x['id'], reverse=True)
with_perms = str2bool(request.query_params.get('with_perms', True))
if not with_perms:
return response.Response(results)
namespace_list = []
for namespace in results:
namespace['iam_ns_id'] = calc_iam_ns_id(namespace['cluster_id'],
namespace['name'])
namespace_list.append(namespace)
return PermsResponse(
namespace_list,
NamespaceRequest(project_id=project_id, cluster_id=cluster_id))
def get(self, request, project_code: Optional[str] = None):
# 缓存项目类型
@cache.region.cache_on_arguments(expiration_time=60 * 60)
def cached_project_info(project_code):
"""缓存项目类型"""
result = paas_cc.get_project(request.user.token.access_token,
project_code)
if result['code'] != 0:
return {}
return result['data']
project = cached_project_info(project_code)
kind = self.get_project_kind(project)
if not self.is_orchestration_match(kind):
return HttpResponseRedirect(
redirect_to=self.make_redirect_url(project_code, kind))
request_domain = request.get_host().split(':')[0]
session_cookie_domain = get_cookie_domain_by_host(
settings.SESSION_COOKIE_DOMAIN, request_domain)
context = {
"DEVOPS_HOST": settings.DEVOPS_HOST,
"DEVOPS_BCS_HOST": settings.DEVOPS_BCS_HOST,
"DEVOPS_BCS_API_URL": settings.DEVOPS_BCS_API_URL,
"DEVOPS_ARTIFACTORY_HOST": settings.DEVOPS_ARTIFACTORY_HOST,
"BKMONITOR_URL": make_bkmonitor_url(project), # 蓝鲸监控跳转链接
"BKLOG_URL": make_bklog_url(project), # 日志平台跳转链接
"LOGIN_FULL": settings.LOGIN_FULL,
"RUN_ENV": settings.RUN_ENV,
# 去除末尾的 /, 前端约定
"STATIC_URL": settings.SITE_STATIC_URL,
# 去除开头的 . document.domain需要
"SESSION_COOKIE_DOMAIN": session_cookie_domain.lstrip("."),
"REGION": settings.REGION,
"BK_CC_HOST": settings.BK_CC_HOST,
"SITE_URL": settings.SITE_URL[:-1],
"BK_IAM_APP_URL": settings.BK_IAM_APP_URL,
"SUPPORT_MESOS": str2bool(settings.SUPPORT_MESOS),
"CONTAINER_ORCHESTRATION": "", # 前端路由, 默认地址不变
"BCS_API_HOST": settings.BCS_API_HOST,
}
# mesos 需要修改 API 和静态资源路径
if kind == "mesos":
context["DEVOPS_BCS_API_URL"] = os.path.join(
context["DEVOPS_BCS_API_URL"], "mesos")
context["STATIC_URL"] = os.path.join(context["STATIC_URL"],
"mesos")
context["CONTAINER_ORCHESTRATION"] = kind
# 特定版本多域名的支持
try:
from .views_ext import replace_host
except ImportError:
pass
else:
context['DEVOPS_HOST'] = replace_host(context['DEVOPS_HOST'],
request_domain)
context['DEVOPS_BCS_API_URL'] = replace_host(
context['DEVOPS_BCS_API_URL'], request_domain)
context['DEVOPS_BCS_HOST'] = replace_host(
context['DEVOPS_BCS_HOST'], request_domain)
# 增加扩展的字段渲染前端页面,用于多版本
ext_context = getattr(settings, 'EXT_CONTEXT', {})
if ext_context:
context.update(ext_context)
headers = {"X-Container-Orchestration": kind.upper()}
ext_headers = getattr(settings, 'EXT_HEADERS', {})
if ext_headers:
headers.update(ext_headers[session_cookie_domain])
return Response(context, headers=headers)
def get(self, request, project_code: str):
# 缓存 项目类型
@cache.region.cache_on_arguments(expiration_time=60 * 60)
def cached_project_kind(project_code):
"""缓存项目类型"""
result = paas_cc.get_project(request.user.token.access_token,
project_code)
if result['code'] != 0:
return ""
# 未开启容器服务
if result['data']['kind'] == 0:
return ""
# mesos
if result['data']['kind'] != ProjectKindID:
return "mesos"
# 包含 k8s, tke
return "k8s"
kind = cached_project_kind(project_code)
if not self.is_orchestration_match(kind):
return HttpResponseRedirect(
redirect_to=self.make_redirect_url(project_code, kind))
context = {
"DEVOPS_HOST":
settings.DEVOPS_HOST,
"DEVOPS_BCS_HOST":
settings.DEVOPS_BCS_HOST,
"DEVOPS_BCS_API_URL":
settings.DEVOPS_BCS_API_URL,
"DEVOPS_ARTIFACTORY_HOST":
settings.DEVOPS_ARTIFACTORY_HOST,
"RUN_ENV":
settings.RUN_ENV,
# 去除末尾的 /, 前端约定
"STATIC_URL":
settings.SITE_STATIC_URL,
# 去除开头的 . document.domain需要
"SESSION_COOKIE_DOMAIN":
settings.SESSION_COOKIE_DOMAIN.lstrip("."),
"REGION":
settings.REGION,
"BK_CC_HOST":
settings.BK_CC_HOST,
"SITE_URL":
settings.SITE_URL[:-1],
"BK_IAM_APP_URL":
settings.BK_IAM_APP_URL,
"SUPPORT_MESOS":
str2bool(os.environ.get("BKAPP_SUPPORT_MESOS", "false")),
"CONTAINER_ORCHESTRATION":
"", # 前端路由, 默认地址不变
}
# mesos 需要修改 API 和静态资源路径
if kind == "mesos":
context["DEVOPS_BCS_API_URL"] = os.path.join(
context["DEVOPS_BCS_API_URL"], "mesos")
context["STATIC_URL"] = os.path.join(context["STATIC_URL"],
"mesos")
context["CONTAINER_ORCHESTRATION"] = kind
# 增加扩展的字段渲染前端页面,用于多版本
ext_context = getattr(settings, 'EXT_CONTEXT', {})
if ext_context:
context.update(ext_context)
headers = {"X-Container-Orchestration": kind.upper()}
return Response(context, headers=headers)
