def get_application_status(
self,
request,
cluster_id,
project_id=None,
category="application",
kind=2,
func=None,
ns_name=None,
inst_name=None,
):
"""获取application的状态"""
ret_data = {}
flag, resp = func(
request,
project_id,
cluster_id,
inst_name,
category=category,
project_kind=kind,
namespace=ns_name,
field=
"data.metadata.name,data.metadata.namespace,data.status,data.message,data.buildedInstance,data.instance,updateTime,createTime,data.metadata.labels", # noqa
)
if not flag:
raise error_codes.APIError.f(resp.data.get("message"))
for val in resp.get("data", []):
data = val.get("data", {})
metadata = data.get("metadata", {})
key_name = (metadata.get("namespace"), metadata.get("name"))
build_instance = data.get("buildedInstance") or 0
instance = data.get("instance") or 0
labels = metadata.get("labels", {})
source_type = labels.get("io.tencent.paas.source_type") or "other"
annotations = metadata.get('annotations') or {}
ret_data[key_name] = {
"name": metadata.get("name"),
"namespace": metadata.get("namespace"),
"backend_status": "BackendNormal",
"backend_status_message": _("请求失败,已通知管理员!"),
"category": category,
"application_status": data.get("status"),
"application_status_message": data.get("message"),
"task_group_count": "%s/%s" % (build_instance, instance),
"build_instance": build_instance,
"instance": instance,
"deployment_status": "",
"deployemnt_status_message": "",
"update_time": val.get("updateTime"),
"create_time": val.get("updateTime"),
"source_type": SOURCE_TYPE_MAP.get(source_type),
"version":
utils.get_instance_version_name(annotations, labels),
'hpa': False, # Application 默认都是未绑定
}
return ret_data
def get_k8s_category_info(self, request, project_id, resource_name, inst_name, cluster_id, ns_name):
"""获取分类的上报信息
{'BCS-K8S-15007': {'K8sDeployment': {'inst_list': ['bellke-test-deploy-1'], 'ns_list': ['abc1']}}}
"""
ret_data = {}
client = K8SClient(
request.user.token.access_token,
project_id, cluster_id, None
)
curr_func = FUNC_MAP[resource_name] % 'get'
resp = retry_requests(
getattr(client, curr_func),
params={
"name": inst_name,
"namespace": ns_name,
"field": ','.join(app_constants.RESOURCE_STATUS_FIELD_LIST)
}
)
if resp.get('code') != ErrorCode.NoError:
raise error_codes.APIError.f(resp.get('message'))
data = resp.get('data') or []
# 添加HPA绑定信息
data = get_deployment_hpa(request, project_id, cluster_id, ns_name, data)
for info in data:
spec = getitems(info, ['data', 'spec'], default={})
# 针对不同的模板获取不同的值
replicas, available = utils.get_k8s_desired_ready_instance_count(info, resource_name)
curr_key = (info['namespace'], info['resourceName'])
labels = getitems(info, ['data', 'metadata', 'labels'], default={})
source_type = labels.get('io.tencent.paas.source_type') or 'other'
annotations = getitems(info, ['data', 'metadata', 'annotations'], default={})
ret_data[curr_key] = {
'backend_status': 'BackendNormal',
'backend_status_message': _('请求失败,已通知管理员!'),
'category': resource_name,
'pod_count': f'{available}/{replicas}',
'build_instance': available,
'instance': replicas,
'status': utils.get_k8s_resource_status(resource_name, info, replicas, available),
'name': info['resourceName'],
'namespace': info['namespace'],
'create_at': info['createTime'],
'update_at': info['updateTime'],
'source_type': SOURCE_TYPE_MAP.get(source_type),
'version': get_instance_version_name(annotations, labels), # 标识应用的线上版本
'hpa': info['hpa'] # 是否绑定了HPA
}
if spec.get('paused'):
ret_data[curr_key]['status'] = 'Paused'
return ret_data
def get(self, request, project_id):
""" 获取项目下所有的服务 """
cluster_dicts = self.get_project_cluster_info(request, project_id)
cluster_data = cluster_dicts.get('results', {}) or {}
project_kind = request.project.kind
params = dict(request.GET.items())
params['env'] = 'mesos' if project_kind == MESOS_VALUE else 'k8s'
# 获取命名空间的id
namespace_dict = app_utils.get_ns_id_map(
request.user.token.access_token, project_id)
# 项目下的所有模板集id
all_template_id_list = Template.objects.filter(
project_id=project_id,
edit_mode=TemplateEditMode.PageForm.value).values_list('id',
flat=True)
all_template_id_list = [
str(template_id) for template_id in all_template_id_list
]
skip_namespace_list = list(K8S_SYS_NAMESPACE)
skip_namespace_list.extend(K8S_PLAT_NAMESPACE)
extended_routes = {}
if project_kind == ProjectKind.K8S.value:
extended_routes = get_svc_extended_routes(project_id)
data = []
for cluster_info in cluster_data:
cluster_id = cluster_info.get('cluster_id')
if params.get('cluster_id') and params['cluster_id'] != cluster_id:
continue
cluster_name = cluster_info.get('name')
code, cluster_services = self.get_services_by_cluster_id(
request,
params,
project_id,
cluster_id,
project_kind=project_kind)
if code != ErrorCode.NoError:
continue
for _s in cluster_services:
# NOTE: 兼容处理,因为key: clusterId已被前端使用;通过非bcs创建的service,不一定包含cluster_id
_s["clusterId"] = cluster_id
_s["cluster_id"] = cluster_id
_config = _s.get('data', {})
annotations = _config.get('metadata',
{}).get('annotations', {})
_s['update_time'] = annotations.get(ANNOTATIONS_UPDATE_TIME,
'')
_s['updator'] = annotations.get(ANNOTATIONS_UPDATOR, '')
_s['cluster_name'] = cluster_name
_s['status'] = 'Running'
_s['environment'] = cluster_info.get('environment')
_s['can_update'] = True
_s['can_update_msg'] = ''
_s['can_delete'] = True
_s['can_delete_msg'] = ''
namespace_id = namespace_dict.get(
(cluster_id, _s['namespace'])) if namespace_dict else None
_s['namespace_id'] = namespace_id
labels = _config.get('metadata', {}).get('labels', {})
template_id = labels.get(LABLE_TEMPLATE_ID)
# 资源来源
source_type = labels.get(SOURCE_TYPE_LABEL_KEY)
if not source_type:
source_type = "template" if template_id else "other"
_s['source_type'] = SOURCE_TYPE_MAP.get(source_type)
if project_kind == ProjectKind.K8S.value:
_s['access_info'] = get_svc_access_info(
_config, _s['clusterId'], extended_routes)
# 处理 k8s 的系统命名空间的数据
if project_kind == ProjectKind.K8S.value and _s[
'namespace'] in skip_namespace_list:
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s['can_delete_msg'] = _(
"不允许操作系统命名空间")
continue
# 非模板集创建,可以删除但是不可以更新
_s['can_update'] = False
_s['can_update_msg'] = _("所属模板集不存在,无法操作")
if template_id and template_id in all_template_id_list:
_s['can_update'] = True
_s['can_update_msg'] = ''
data += cluster_services
# 按时间倒序排列
data.sort(key=lambda x: x.get('createTime', ''), reverse=True)
if data:
# 检查是否用命名空间的使用权限
perm = bcs_perm.Namespace(request, project_id, bcs_perm.NO_RES)
data = perm.hook_perms(data,
ns_id_flag='namespace_id',
cluster_id_flag='clusterId',
ns_name_flag='namespace')
return APIResponse({
"code": ErrorCode.NoError,
"data": {
"data": data,
"length": len(data)
},
"message": "ok"
})
def handle_data(self,
request,
data,
project_kind,
s_cate,
access_token,
project_id,
cluster_id,
is_decode,
cluster_env,
cluster_name,
namespace_dict=None):
for _s in data:
_config = _s.get('data', {})
annotations = _config.get('metadata', {}).get('annotations', {})
_s['creator'] = annotations.get(ANNOTATIONS_CREATOR, '')
_s['create_time'] = _s.get('createTime', '')
_s['update_time'] = annotations.get(ANNOTATIONS_UPDATE_TIME,
_s['create_time'])
_s['updator'] = annotations.get(ANNOTATIONS_UPDATOR, _s['creator'])
_s['status'] = 'Running'
_s['can_update'] = True
_s['can_update_msg'] = ''
_s['can_delete'] = True
_s['can_delete_msg'] = ''
_s['namespace_id'] = namespace_dict.get(
(cluster_id, _s['namespace'])) if namespace_dict else None
_s['cluster_id'] = cluster_id
_s['environment'] = cluster_env
_s['cluster_name'] = cluster_name
_s['name'] = _s['resourceName']
labels = _config.get('metadata', {}).get('labels', {})
# 获取模板集信息
template_id = labels.get(LABLE_TEMPLATE_ID)
instance_id = labels.get(LABLE_INSTANCE_ID)
# 资源来源
source_type = labels.get(SOURCE_TYPE_LABEL_KEY)
if not source_type:
source_type = "template" if template_id else "other"
_s['source_type'] = SOURCE_TYPE_MAP.get(source_type)
if project_kind == 1:
# 处理 k8s 的系统命名空间的数据
if _s['namespace'] in constants.K8S_SYS_NAMESPACE:
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s['can_delete_msg'] = _(
"不允许操作系统命名空间")
continue
# 处理平台集群和命名空间下的数据
if _s['namespace'] in constants.K8S_PLAT_NAMESPACE and cluster_id in constants.K8S_PLAT_CLUSTER_ID:
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s['can_delete_msg'] = _(
"不允许操作平台命名空间")
continue
if _s['namespace'] in constants.K8S_COMPONENT_NAMESPACE:
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s['can_delete_msg'] = _(
"不允许操作平台命名空间")
continue
# 处理创建命名空间时生成的default-token-xxx
if s_cate == 'K8sSecret' and _s['name'].startswith(
'default-token'):
is_namespace_default_token = True
else:
is_namespace_default_token = False
# 处理系统默认生成的Secret
if s_cate == 'K8sSecret' and _s['name'] == '%s%s' % (
K8S_IMAGE_SECRET_PRFIX, _s['namespace']):
is_k8s_image_sercret = True
else:
is_k8s_image_sercret = False
is_mesos_image_sercret = True if (s_cate == 'secret' and _s['name']
== MESOS_IMAGE_SECRET) else False
if is_k8s_image_sercret or is_mesos_image_sercret or is_namespace_default_token:
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s['can_delete_msg'] = _("不允许操作系统数据")
continue
if template_id:
try:
template_id = int(template_id)
instance_id = int(instance_id)
except Exception:
template_id = 0
instance_id = 0
else:
# 非模板集创建,可以删除但是不可以更新
_s['can_update'] = False
_s['can_update_msg'] = _("不是由模板实例化生成,无法更新")
_s['instance_id'] = instance_id
# 更新的数据解码内容
if is_decode and _s['can_update']:
# 1. k8s Secret base64 解码内容
if s_cate == 'K8sSecret':
_d = _config.get('data')
for _key in _d:
if _d[_key]:
try:
_d[_key] = base64.b64decode(
_d[_key]).decode("utf-8")
except Exception:
pass
elif s_cate in ['secret', 'configmap']:
_d = _config.get('datas')
for _key in _d:
_type = _d[_key].get('type')
if _type != 'http' and _d[_key]['content']:
try:
_d[_key]['content'] = base64.b64decode(
_d[_key]['content']).decode("utf-8")
except Exception:
pass
# 兼容 k8s & mesos 数据格式
data = data_handler(data)
# 检查是否用命名空间的使用权限
perm = bcs_perm.Namespace(request, project_id, bcs_perm.NO_RES)
data = perm.hook_perms(data,
ns_id_flag='namespace_id',
cluster_id_flag='cluster_id',
ns_name_flag='namespace')
def get(self, request, project_id):
""" 获取项目下所有的服务 """
# 获取kind
logger.debug("get project kind: %s" % project_id)
project_kind = request.project.kind
logger.debug("get project clusters: %s" % project_id)
cluster_dicts = self.get_project_cluster_info(request, project_id)
cluster_data = cluster_dicts.get('results', {}) or {}
params = dict(request.GET.items())
params.update({
"env": "mesos" if project_kind == MESOS_VALUE else "k8s",
})
data = []
access_token = request.user.token.access_token
cluster = paas_cc.get_all_clusters(access_token,
project_id,
limit=constants.ALL_LIMIT)
cluster = cluster.get('data', {}).get('results') or []
cluster = {i['cluster_id']: i['name'] for i in cluster}
# 获取命名空间的id
namespace_dict = app_utils.get_ns_id_map(
request.user.token.access_token, project_id)
# 项目下的所有模板集id
all_template_id_list = Template.objects.filter(
project_id=project_id).values_list('id', flat=True)
all_template_id_list = [
str(template_id) for template_id in all_template_id_list
]
skip_namespace_list = constants.K8S_SYS_NAMESPACE
skip_namespace_list.extend(constants.K8S_PLAT_NAMESPACE)
for cluster_info in cluster_data:
cluster_id = cluster_info.get('cluster_id')
if params.get('cluster_id') and params['cluster_id'] != cluster_id:
continue
cluster_name = cluster_info.get('name')
code, cluster_services = self.get_services_by_cluster_id(
request,
params,
project_id,
cluster_id,
project_kind=project_kind)
if code != ErrorCode.NoError:
continue
for _s in cluster_services:
_config = _s.get('data', {})
annotations = _config.get('metadata',
{}).get('annotations', {})
_s['update_time'] = annotations.get(ANNOTATIONS_UPDATE_TIME,
'')
_s['updator'] = annotations.get(ANNOTATIONS_UPDATOR, '')
_s['cluster_name'] = cluster_name
_s['status'] = 'Running'
_s['environment'] = cluster_info.get('environment')
_s['can_update'] = True
_s['can_update_msg'] = ''
_s['can_delete'] = True
_s['can_delete_msg'] = ''
namespace_id = namespace_dict.get(
(cluster_id, _s['namespace'])) if namespace_dict else None
_s['namespace_id'] = namespace_id
labels = _config.get('metadata', {}).get('labels', {})
template_id = labels.get(LABLE_TEMPLATE_ID)
# 资源来源
source_type = labels.get(SOURCE_TYPE_LABEL_KEY)
if not source_type:
source_type = "template" if template_id else "other"
_s['source_type'] = SOURCE_TYPE_MAP.get(source_type)
# 处理 k8s 的系统命名空间的数据
if project_kind == 1 and _s['namespace'] in skip_namespace_list:
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s['can_delete_msg'] = _(
"不允许操作系统命名空间")
continue
# 非模板集创建,可以删除但是不可以更新
_s['can_update'] = False
_s['can_update_msg'] = _("所属模板集不存在,无法操作")
if template_id and template_id in all_template_id_list:
_s['can_update'] = True
_s['can_update_msg'] = ''
data += cluster_services
# 按时间倒序排列
data.sort(key=lambda x: x.get('createTime', ''), reverse=True)
if data:
# 检查是否用命名空间的使用权限
perm = bcs_perm.Namespace(request, project_id, bcs_perm.NO_RES)
data = perm.hook_perms(data,
ns_id_flag='namespace_id',
cluster_id_flag='clusterId',
ns_name_flag='namespace')
return APIResponse({
"code": ErrorCode.NoError,
"data": {
"data": data,
"length": len(data)
},
"message": "ok"
})
def get_k8s_category_info(self, request, project_id, resource_name,
inst_name, cluster_id, ns_name):
"""获取分类的上报信息
{'BCS-K8S-15007': {'K8sDeployment': {'inst_list': ['bellke-test-deploy-1'], 'ns_list': ['abc1']}}}
"""
ret_data = {}
client = K8SClient(request.user.token.access_token, project_id,
cluster_id, None)
field_list = [
'data.status', 'resourceName', 'namespace',
'data.spec.parallelism', 'data.spec.paused', 'createTime',
'updateTime', 'data.metadata.labels', 'data.spec.replicas'
]
curr_func = FUNC_MAP[resource_name] % 'get'
resp = getattr(client, curr_func)({
'name': inst_name,
'namespace': ns_name,
'field': ','.join(field_list)
})
if resp.get('code') != ErrorCode.NoError:
raise error_codes.APIError.f(resp.get('message'))
data = resp.get('data') or []
for info in data:
spec = getitems(info, ['data', 'spec'], default={})
# 针对不同的模板获取不同的值
replicas, available = utils.get_k8s_desired_ready_instance_count(
info, resource_name)
curr_key = (info['namespace'], info['resourceName'])
labels = getitems(info, ['data', 'metadata', 'labels'], default={})
source_type = labels.get('io.tencent.paas.source_type') or 'other'
ret_data[curr_key] = {
'backend_status':
'BackendNormal',
'backend_status_message':
'请求失败,已通知管理员!',
'category':
resource_name,
'pod_count':
f'{available}/{replicas}',
'build_instance':
available,
'instance':
replicas,
'status':
'Unready' if
(available != replicas or available <= 0) else 'Running',
'name':
info['resourceName'],
'namespace':
info['namespace'],
'create_at':
info['createTime'],
'update_at':
info['updateTime'],
'source_type':
SOURCE_TYPE_MAP.get(source_type),
'version':
labels.get('io.tencent.paas.version') # 标识应用的线上版本
}
if spec.get('paused'):
ret_data[curr_key]['status'] = 'Paused'
return ret_data
def get(self, request, project_id):
""" 获取项目下所有的服务 """
# 获取kind
logger.debug("get project kind: %s" % project_id)
flag, project_kind = self.get_project_kind(request, project_id)
if not flag:
return project_kind
logger.debug("get project clusters: %s" % project_id)
cluster_dicts = self.get_project_cluster_info(request, project_id)
cluster_data = cluster_dicts.get('results', {}) or {}
params = dict(request.GET.items())
params.update({
"env": "mesos" if project_kind == 2 else "k8s",
})
data = []
access_token = request.user.token.access_token
cluster = paas_cc.get_all_clusters(
access_token, project_id, limit=constants.ALL_LIMIT)
cluster = cluster.get('data', {}).get('results') or []
cluster = {i['cluster_id']: i['name'] for i in cluster}
# 获取命名空间的id
namespace_res = paas_cc.get_namespace_list(
access_token, project_id, limit=constants.ALL_LIMIT)
namespace_data = namespace_res.get('data', {}).get('results') or []
namespace_dict = {i['name']: i['id'] for i in namespace_data}
# 项目下的所有模板集id
all_template_id_list = Template.objects.filter(project_id=project_id).values_list('id', flat=True)
all_template_id_list = [str(template_id) for template_id in all_template_id_list]
skip_namespace_list = constants.K8S_SYS_NAMESPACE
skip_namespace_list.extend(constants.K8S_PLAT_NAMESPACE)
for cluster_info in cluster_data:
cluster_id = cluster_info.get('cluster_id')
cluster_name = cluster_info.get('name')
code, cluster_services = self.get_services_by_cluster_id(
request, params, project_id, cluster_id, project_kind=project_kind)
if code != ErrorCode.NoError:
continue
for _s in cluster_services:
_config = _s.get('data', {})
annotations = _config.get(
'metadata', {}).get('annotations', {})
_s['update_time'] = annotations.get(
ANNOTATIONS_UPDATE_TIME, '')
_s['updator'] = annotations.get(ANNOTATIONS_UPDATOR, '')
_s['cluster_name'] = cluster_name
_s['status'] = 'Running'
_s['environment'] = cluster_info.get('environment')
_s['can_update'] = True
_s['can_update_msg'] = ''
_s['can_delete'] = True
_s['can_delete_msg'] = ''
namespace_id = namespace_dict.get(_s['namespace'])
_s['namespace_id'] = namespace_id
labels = _config.get('metadata', {}).get('labels', {})
template_id = labels.get(LABLE_TEMPLATE_ID)
# 资源来源
source_type = labels.get(SOURCE_TYPE_LABEL_KEY)
if not source_type:
source_type = "template" if template_id else "other"
_s['source_type'] = SOURCE_TYPE_MAP.get(source_type)
# 处理 k8s 的系统命名空间的数据
if project_kind == 1 and _s['namespace'] in skip_namespace_list:
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s['can_delete_msg'] = u"不允许操作系统命名空间"
continue
# 非模板集创建,可以删除但是不可以更新
_s['can_update'] = False
_s['can_update_msg'] = u"所属模板集不存在,无法操作"
if template_id and template_id in all_template_id_list:
_s['can_update'] = True
_s['can_update_msg'] = ''
# if template_id:
# is_tempalte_exist = Template.objects.filter(id=template_id).exists()
# if is_tempalte_exist:
# _s['can_update'] = True
# _s['can_update_msg'] = ''
# 备注中的更新时间比 db 中的更新时间早的话,不允许更新 (watch 上报数据会有延迟)
if _s['can_update'] and _s['update_time']:
if project_kind == 2:
# mesos 相关数据
s_cate = 'service'
else:
s_cate = 'K8sService'
# 获取db中的更新时间
_instance_sets = InstanceConfig.objects.filter(
namespace=namespace_id,
category=s_cate,
name=_s['resourceName'],
is_deleted=False
)
if _instance_sets:
is_upateing = _instance_sets.filter(
updated__gt=_s['update_time'], oper_type='update').exists()
if is_upateing:
_s['status'] = 'updating'
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s['can_delete_msg'] = u"正在更新中,请稍后操作"
data += cluster_services
# 按时间倒序排列
data.sort(key=lambda x: x.get('createTime', ''), reverse=True)
if data:
# 检查是否用命名空间的使用权限
perm = bcs_perm.Namespace(request, project_id, bcs_perm.NO_RES)
data = perm.hook_perms(data, ns_id_flag='namespace_id', cluster_id_flag='clusterId',
ns_name_flag='namespace')
return APIResponse({
"code": ErrorCode.NoError,
"data": {
"data": data,
"length": len(data)
},
"message": "ok"
})
def handle_data(self, request, data, project_kind, s_cate, access_token,
project_id, cluster_id, is_decode, cluster_env,
cluster_name):
namespace_res = paas_cc.get_namespace_list(access_token,
project_id,
limit=constants.ALL_LIMIT)
namespace_data = namespace_res.get('data', {}).get('results') or []
namespace_dict = {i['name']: i['id'] for i in namespace_data}
for _s in data:
_config = _s.get('data', {})
annotations = _config.get('metadata', {}).get('annotations', {})
_s['creator'] = annotations.get(ANNOTATIONS_CREATOR, '')
_s['create_time'] = _s.get('createTime', '')
_s['update_time'] = annotations.get(ANNOTATIONS_UPDATE_TIME,
_s['create_time'])
_s['updator'] = annotations.get(ANNOTATIONS_UPDATOR, _s['creator'])
_s['status'] = 'Running'
_s['can_update'] = True
_s['can_update_msg'] = ''
_s['can_delete'] = True
_s['can_delete_msg'] = ''
_s['namespace_id'] = namespace_dict.get(_s['namespace'])
_s['cluster_id'] = cluster_id
_s['environment'] = cluster_env
_s['cluster_name'] = cluster_name
_s['name'] = _s['resourceName']
labels = _config.get('metadata', {}).get('labels', {})
# 获取模板集信息
template_id = labels.get(LABLE_TEMPLATE_ID)
instance_id = labels.get(LABLE_INSTANCE_ID)
# 资源来源
source_type = labels.get(SOURCE_TYPE_LABEL_KEY)
if not source_type:
source_type = "template" if template_id else "other"
_s['source_type'] = SOURCE_TYPE_MAP.get(source_type)
if project_kind == 1:
# 处理 k8s 的系统命名空间的数据
if _s['namespace'] in constants.K8S_SYS_NAMESPACE:
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s[
'can_delete_msg'] = u"不允许操作系统命名空间"
continue
# 处理平台集群和命名空间下的数据
if (_s['namespace'] in constants.K8S_PLAT_NAMESPACE
and cluster_id in constants.K8S_PLAT_CLUSTER_ID) or (
_s['namespace']
in constants.K8S_COMPONENT_NAMESPACE):
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s[
'can_delete_msg'] = u"不允许操作平台命名空间"
continue
# 处理创建命名空间时生成的default-token-xxx
is_namespace_default_token = True if (
s_cate == 'K8sSecret'
and _s['name'].startswith('default-token')) else False
# 处理系统默认生成的Secret
is_k8s_image_sercret = True if (
s_cate == 'K8sSecret' and _s['name'] == '%s%s' %
(K8S_IMAGE_SECRET_PRFIX, _s['namespace'])) else False
is_mesos_image_sercret = True if (s_cate == 'secret' and _s['name']
== MESOS_IMAGE_SECRET) else False
if is_k8s_image_sercret or is_mesos_image_sercret or is_namespace_default_token:
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s['can_delete_msg'] = u"不允许操作系统数据"
continue
if template_id:
try:
template_id = int(template_id)
instance_id = int(instance_id)
except Exception:
template_id = 0
instance_id = 0
else:
# 非模板集创建,可以删除但是不可以更新
_s['can_update'] = False
_s['can_update_msg'] = u"不是由模板实例化生成,无法更新"
_s['instance_id'] = instance_id
# 更新的数据解码内容
if is_decode and _s['can_update']:
# 1. k8s Secret base64 解码内容
if s_cate == 'K8sSecret':
_d = _config.get('data')
for _key in _d:
if _d[_key]:
try:
_d[_key] = base64.b64decode(
_d[_key]).decode("utf-8")
except Exception:
pass
elif s_cate in ['secret', 'configmap']:
_d = _config.get('datas')
for _key in _d:
_type = _d[_key].get('type')
if _type != 'http' and _d[_key]['content']:
try:
_d[_key]['content'] = base64.b64decode(
_d[_key]['content']).decode("utf-8")
except Exception:
pass
# 备注中的更新时间比 db 中的更新时间早的话,不允许更新 (watch 上报数据会有延迟)
if _s['can_update'] and _s['update_time']:
# 获取db中的更新时间
namespace_id = namespace_dict.get(_s['namespace'])
_instance_sets = InstanceConfig.objects.filter(
namespace=namespace_id,
category=s_cate,
name=_s['resourceName'],
is_deleted=False)
if _instance_sets:
is_upateing = _instance_sets.filter(
updated__gt=_s['update_time'],
oper_type='update').exists()
if is_upateing:
_s['status'] = 'updating'
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s[
'can_delete_msg'] = u"正在更新中,请稍后操作"
# 兼容 k8s & mesos 数据格式
data = data_handler(data, project_kind)
# 检查是否用命名空间的使用权限
perm = bcs_perm.Namespace(request, project_id, bcs_perm.NO_RES)
data = perm.hook_perms(data,
ns_id_flag='namespace_id',
cluster_id_flag='cluster_id',
ns_name_flag='namespace')
