Exemplo n.º 1
0
def list_auth_projects(access_token: str, username: str = '') -> Dict:
    """获取用户有权限(project_view)的所有项目"""
    if not username:
        authorization = ssm.get_authorization_by_access_token(access_token)
        username = authorization['identity']['username']

    perm_filter = ProjectFilter().make_view_perm_filter(username)
    if not perm_filter:
        return {'code': 0, 'data': []}

    # 如果是 any, 表示所有项目
    if ProjectFilter.op_is_any(perm_filter):
        if settings.REGION != 'ce':
            # 非 ce 版本可能项目很多, PaaSCCClient 接口拉取超时, 降级处理不返回
            logger.error(f'{username} project filter match any!')
            return {'code': 0, 'data': []}

        client = PaaSCCClient(auth=ComponentAuth(access_token))
        projects = client.list_all_projects()

    else:
        project_id_list = perm_filter.get('value')
        if not project_id_list:
            return {'code': 0, 'data': []}

        client = PaaSCCClient(auth=ComponentAuth(access_token))
        projects = client.list_projects_by_ids(project_id_list)

    for p in projects:
        p['project_code'] = p['english_name']

    return {'code': 0, 'data': projects}
Exemplo n.º 2
0
 def test_update_node_list(self, project_id, cluster_id, requests_mock):
     requests_mock.patch(
         ANY,
         json={
             "code":
             0,
             "data": [{
                 "inner_ip": "127.0.0.1",
                 "cluster_id": cluster_id,
                 "project_id": project_id,
                 "status": "normal"
             }],
         },
     )
     client = PaaSCCClient(ComponentAuth('token'))
     resp = client.update_node_list(
         project_id, cluster_id,
         [UpdateNodesData(inner_ip="127.0.0.1", status="normal")])
     assert resp == [{
         "inner_ip": "127.0.0.1",
         "cluster_id": cluster_id,
         "project_id": project_id,
         "status": "normal"
     }]
     assert requests_mock.called
     assert requests_mock.request_history[0].method == "PATCH"
Exemplo n.º 3
0
    def test_get_node_list(self, project_id, cluster_id, requests_mock):
        requests_mock.get(ANY, json={"code": 0, "data": {"count": 1, "results": [{"inner_ip": "127.0.0.1"}]}})
        client = PaaSCCClient(ComponentAuth("token"))
        resp = client.get_node_list(project_id, cluster_id)

        assert resp == {"count": 1, "results": [{"inner_ip": "127.0.0.1"}]}
        assert "desire_all_data" in requests_mock.last_request.qs
Exemplo n.º 4
0
def convert_ip_used_data(
    access_token: str, project_id: str, cluster_id: str, ip_used_data: Dict[str, bool]
) -> Dict[str, bool]:
    """转换为ip信息
    NOTE: 历史数据可能为{ip_id: 是否使用},需要把ip_id转换为ip

    :param access_token: access_token
    :param project_id: 项目ID
    :param cluster_id: 集群ID
    :param ip_used_data: IP信息,格式为{ip: True}

    :return: 返回IP信息
    """
    nodes = PaaSCCClient(auth=ComponentAuth(access_token)).get_node_list(project_id, cluster_id)
    node_id_ip = {info["id"]: info["inner_ip"] for info in nodes["results"] or []}
    # 通过ip id, 获取ip
    _ip_used_data = {}
    for ip, used in ip_used_data.items():
        try:
            # 临时数据中IP为节点ID,需要转换为对应的IP
            ip_id = int(ip)
            if node_id_ip.get(ip_id):
                _ip_used_data[node_id_ip[ip_id]] = used
        except ValueError:
            _ip_used_data[ip] = used
    return _ip_used_data
Exemplo n.º 5
0
 def test_list_all_projects(self, requests_mock):
     requests_mock.get(
         ANY,
         json={
             'code': 0,
             'data': [
                 {
                     'description': 'asdfsdf',
                     'english_name': 'a1',
                     'project_id': 'e5e7c623798f41f18211c8b25895ef6f',
                     'project_name': 'asdfasdf',
                 },
                 {
                     'description': 'public scan',
                     'english_name': 'CODE_716498',
                     'project_id': '47ceebac77214c77b794f7a6bb63ba14',
                     'project_name': 'CODE_716498',
                 },
             ],
         },
     )
     client = PaaSCCClient(ComponentAuth("token"))
     data = client.list_all_projects()
     assert len(data) == 2
     assert "desire_all_data" in requests_mock.last_request.qs
Exemplo n.º 6
0
    def test_get_cluster_simple(self, project_id, cluster_id, requests_mock):
        requests_mock.get(ANY, json={'foo': 'bar'})

        client = PaaSCCClient(ComponentAuth('token'))
        resp = client.get_cluster(project_id, cluster_id)
        assert resp == {'foo': 'bar'}
        assert requests_mock.called
Exemplo n.º 7
0
    def test_get_cluster_by_id(self, cluster_id, requests_mock):
        requests_mock.get(ANY, json={'code': 0, 'data': {'cluster_id': cluster_id}})

        client = PaaSCCClient(ComponentAuth('token'))
        resp = client.get_cluster_by_id(cluster_id)
        assert resp == {'cluster_id': cluster_id}
        assert requests_mock.called
Exemplo n.º 8
0
 def test_delete_cluster(self, project_id, cluster_id, requests_mock):
     requests_mock.delete(ANY, json={"code": 0, "data": None})
     client = PaaSCCClient(ComponentAuth('token'))
     resp = client.delete_cluster(project_id, cluster_id)
     assert resp is None
     assert requests_mock.called
     assert requests_mock.request_history[0].method == "DELETE"
Exemplo n.º 9
0
 def test_update_cluster(self, project_id, cluster_id, requests_mock):
     requests_mock.put(
         ANY, json={"code": 0, "data": {"cluster_id": cluster_id, "project_id": project_id, "status": "normal"}}
     )
     client = PaaSCCClient(ComponentAuth('token'))
     resp = client.update_cluster(project_id, cluster_id, {"status": "normal"})
     assert resp == {"cluster_id": cluster_id, "project_id": project_id, "status": "normal"}
     assert requests_mock.called
Exemplo n.º 10
0
def get_cluster_namespaces(ctx_cluster: CtxCluster, namespace: str) -> Dict:
    """获取集群下的命名空间信息
    :returns: 返回集群下的命名空间信息,格式: {"count": 1, "results": []}
    """
    client = paas_cc.PaaSCCClient(
        ComponentAuth(ctx_cluster.context.auth.access_token))
    return client.get_cluster_namespace_list(project_id=ctx_cluster.project_id,
                                             cluster_id=ctx_cluster.id)
Exemplo n.º 11
0
    def filter_namespaces(self, cluster_id: str):
        paas_cc = PaaSCCClient(auth=ComponentAuth(self.access_token))
        ns_data = paas_cc.get_cluster_namespace_list(
            project_id=self.project_id, cluster_id=cluster_id)
        ns_list = ns_data['results'] or []

        # 过滤掉 k8s 系统和 bcs 平台使用的命名空间
        return [ns for ns in ns_list if ns['name'] not in K8S_PLAT_NAMESPACE]
Exemplo n.º 12
0
    def _list_namespaces(self, cluster_id: str, shared_cluster_ids: List[str]) -> List[Dict]:
        paas_cc = PaaSCCClient(auth=ComponentAuth(get_system_token()))
        if cluster_id not in shared_cluster_ids:
            cluster = paas_cc.get_cluster_by_id(cluster_id=cluster_id)
            ns_data = paas_cc.get_cluster_namespace_list(project_id=cluster['project_id'], cluster_id=cluster_id)
            return ns_data['results'] or []

        # 共享集群获取
        ns_data = paas_cc.list_namespaces_in_shared_cluster(cluster_id)
        return ns_data['results'] or []
Exemplo n.º 13
0
def query_bcs_cc_nodes(ctx_cluster: CtxCluster) -> List:
    """查询bcs cc中的节点数据"""
    client = PaaSCCClient(
        ComponentAuth(access_token=ctx_cluster.context.auth.access_token))
    node_data = client.get_node_list(ctx_cluster.project_id, ctx_cluster.id)
    return {
        node["inner_ip"]: node
        for node in (node_data.get("results") or [])
        if node["status"] not in [NodeStatus.Removed]
    }
Exemplo n.º 14
0
    def test_get_cluster_simple(self, project_id, cluster_id, requests_mock):
        requests_mock.get(ANY, json={'id': 'foo-id'})

        client = BcsApiClient(ComponentAuth('fake_token'))
        result = client.query_cluster_id('stag', project_id, cluster_id)
        assert result == 'foo-id'

        req_history = requests_mock.request_history[0]
        # Assert token was in request headers and access_token was in query string
        assert req_history.headers.get('Authorization') == BCS_AUTH_TOKEN
        assert 'access_token=fake_token' in req_history.url
Exemplo n.º 15
0
def get_ns_id(access_token: str, project_id: str, cluster_id: str,
              namespace: str) -> int:
    """获取命名空间ID"""
    client = PaaSCCClient(ComponentAuth(access_token))
    data = client.get_cluster_namespace_list(project_id, cluster_id)
    # 匹配命名空间名称
    for ns in data.get("results") or []:
        if ns["name"] == namespace:
            return ns["id"]
    raise ValidationError(
        _("集群:{}下没有查询到命名空间:{}").format(cluster_id, namespace))
Exemplo n.º 16
0
    def _get_project_id(self, access_token, project_id_or_code: str) -> str:
        cache_key = f'BK_DEVOPS_BCS:PROJECT_ID:{project_id_or_code}'
        project_id = region.get(cache_key, expiration_time=EXPIRATION_TIME)

        if not project_id:
            paas_cc = PaaSCCClient(auth=ComponentAuth(access_token))
            project_data = paas_cc.get_project(project_id_or_code)
            project_id = project_data['project_id']
            region.set(cache_key, project_id)

        return project_id
Exemplo n.º 17
0
def cache_api_host(access_token, project_id, cluster_id, env):
    """cached api host
    cache performance, importance, cluster id shoud be unique
    """
    if cluster_id:
        client = paas_cc.PaaSCCClient(auth=ComponentAuth(access_token))
        cluster = client.get_cluster_by_id(cluster_id)
        stag = settings.BCS_API_ENV[cluster['environment']]
    else:
        stag = env

    return f"{BCS_API_PRE_URL}/{stag}"
Exemplo n.º 18
0
 def _get_namespace_id(self):
     """获取命名空间ID,用于权限相关验证"""
     client = PaaSCCClient(
         ComponentAuth(
             access_token=self.ctx_cluster.context.auth.access_token))
     namespaces = client.get_cluster_namespace_list(
         project_id=self.ctx_cluster.project_id,
         cluster_id=self.ctx_cluster.id)
     for ns in namespaces["results"]:
         if self.namespace != ns["name"]:
             continue
         return ns["id"]
     return -1
Exemplo n.º 19
0
    def fetch_instance_info(self, filter_obj: FancyDict,
                            **options) -> ListResult:
        """
        批量获取集群属性详情

        :param filter_obj: 查询参数字典
        :return: ListResult 类型的实例列表
        """
        cluster_ids = filter_obj.ids
        paas_cc = PaaSCCClient(auth=ComponentAuth(get_system_token()))
        cluster_list = paas_cc.list_clusters(cluster_ids)
        results = [{
            'id': cluster['cluster_id'],
            'display_name': cluster['name']
        } for cluster in cluster_list]
        return ListResult(results=results, count=len(results))
Exemplo n.º 20
0
    def _get_enabled_project(self, access_token,
                             project_id_or_code: str) -> Optional[FancyDict]:
        cache_key = f"BK_DEVOPS_BCS:ENABLED_BCS_PROJECT:{project_id_or_code}"
        project = region.get(cache_key, expiration_time=EXPIRATION_TIME)
        if project and isinstance(project, FancyDict):
            return project

        paas_cc = PaaSCCClient(auth=ComponentAuth(access_token))
        project_data = paas_cc.get_project(project_id_or_code)
        project = FancyDict(**project_data)

        self._refine_project(project)

        # 用户绑定了项目, 并且选择了编排类型
        if project.cc_app_id != 0 and project.kind in ClusterType:
            region.set(cache_key, project)
            return project

        return None
Exemplo n.º 21
0
    def _get_enabled_project(self, access_token,
                             project_id_or_code: str) -> Optional[FancyDict]:
        cache_key = bcs_project_cache_key.format(
            project_id_or_code=project_id_or_code)
        project = region.get(cache_key, expiration_time=EXPIRATION_TIME)
        if project and isinstance(project, FancyDict):
            return project

        paas_cc = PaaSCCClient(auth=ComponentAuth(access_token))
        project_data = paas_cc.get_project(project_id_or_code)
        project = FancyDict(**project_data)

        self._refine_project(project)

        # 项目绑定了业务,即开启容器服务
        if project.cc_app_id != 0:
            region.set(cache_key, project)
            return project

        return None
Exemplo n.º 22
0
 def from_token(cls, access_token: str) -> 'ModelContext':
     """根据当前 token 生成 context 对象"""
     auth = ComponentAuth(access_token)
     return cls(auth)
Exemplo n.º 23
0
 def __init__(self, auth: ComponentAuth):
     self._config = PaaSCCConfig(host=BCS_CC_API_PRE_URL)
     self._client = BaseHttpClient(auth.to_header_api_auth())
Exemplo n.º 24
0
    def test_get_cluster_credentials(self, requests_mock):
        requests_mock.get(ANY, json={'name': 'foo'})

        client = BcsApiClient(ComponentAuth('fake_token'))
        resp = client.get_cluster_credentials('stag', 'fake-bcs-cluster-foo')
        assert resp == {'name': 'foo'}
Exemplo n.º 25
0
 def _list_namespaces(self, cluster_id: str) -> List[Dict]:
     paas_cc = PaaSCCClient(auth=ComponentAuth(get_system_token()))
     cluster = paas_cc.get_cluster_by_id(cluster_id=cluster_id)
     ns_data = paas_cc.get_cluster_namespace_list(
         project_id=cluster['project_id'], cluster_id=cluster_id)
     return ns_data['results']