def project_get(project=None):
try:
rep = jsonify({'error': 'None', 'url': request.url})
Key = 'op_project_get_%s' %time.strftime('%H%M%S',time.localtime())
if project:
db_project = db_op.project_list
db_servers = db_idc.idc_servers
if project == 'all_list':
vals = db_project.query.with_entities(distinct(db_project.project)).all()
projects = [val[0] for val in vals]
rep = jsonify({project: projects, 'md5': Md5.Md5_make(str(projects)), 'url': request.url})
else:
projects = []
vals = db_project.query.with_entities(db_project.ip,db_project.ssh_port).filter(db_project.project==project).all()
if vals:
for ip,ssh_port in vals:
host_vals = db_servers.query.with_entities(db_servers.hostname,db_servers.ip).filter(and_(db_servers.ip==ip,db_servers.ssh_port==ssh_port)).all()
if host_vals:
RC.sadd(Key,list(host_vals[0]))
for val in RC.smembers(Key):
projects.append(eval(val))
RC.delete(Key)
rep = jsonify({project:projects,'md5':Md5.Md5_make(str(projects)),'url':request.url})
except Exception as e:
rep = jsonify({'error':str(e),'url':request.url})
finally:
return rep
def m_login():
try:
form = MyForm.MyFormInput()
if form.submit.data:
username = form.input.data
password = form.passwd.data
token = tools.Produce(24)
db_sso = db_op.user_sso
val = db_sso.query.with_entities(
db_sso.realName, db_sso.dingunionid,
db_sso.ticket).filter(db_sso.userName == username).all()
if val and password == '%sok' % username:
realName, dingunionid, ticket = val[0]
app_resp = make_response(redirect(url_for('mobile.mobile')))
app_resp.set_cookie('user', Md5.Md5_make(realName), path='/')
app_resp.set_cookie('dingId',
Md5.Md5_make(dingunionid),
path='/')
app_resp.set_cookie('ticket', Md5.Md5_make(ticket), path='/')
app_resp.set_cookie('token', token, path='/')
RC.set('OP_dingId_%s' % Md5.Md5_make(dingunionid), dingunionid)
RC.set('OP_user_%s' % Md5.Md5_make(realName), realName)
RC.set('OP_token_%s' % dingunionid, token)
RC.set('OP_ticket_%s' % Md5.Md5_make(ticket), ticket)
RC.set('OP_logout_ticket_%s' % ticket, ticket)
return app_resp
except Exception as e:
logging.error(e)
return render_template('mobile/m_login.html', form=form)
def login():
try:
db_sso = db_op.user_sso
ticket = tools.http_args(request,'ticket')
if ticket:
try:
cas_resp = cas_client.perform_service_validate(ticket=ticket,service_url=service_url)
if cas_resp and cas_resp.success:
try:
infos = cas_resp.attributes
departmentName = infos['departmentName']
mail = infos['mail']
mobilePhone = infos['mobilePhone']
userName = infos['userName']
realName = infos['realName']
dingunionid = infos['dingunionid']
token = tools.Produce(24)
update_time = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime())
except Exception as e:
logging.error(e)
else:
try:
val = db_sso.query.filter(db_sso.dingunionid == dingunionid).all()
if val:
db_sso.query.filter(db_sso.dingunionid == dingunionid).update({db_sso.department:departmentName,
db_sso.mail:mail,
db_sso.mobilePhone:mobilePhone,
db_sso.userName: userName,
db_sso.ticket: ticket,
db_sso.realName: realName,
db_sso.update_time:update_time})
db_op.DB.session.commit()
else:
c =db_sso(userName=userName,realName=realName,mail=mail,mobilePhone=mobilePhone,department=departmentName,
dingunionid=dingunionid,ticket=ticket,grade='9,10',update_time=update_time)
db_op.DB.session.add(c)
db_op.DB.session.commit()
except Exception as e:
logging.error(e)
else:
URL = url_for('main')
app_resp = make_response(redirect(URL))
app_resp.set_cookie('user', Md5.Md5_make(realName),path='/')
app_resp.set_cookie('dingId', Md5.Md5_make(dingunionid),path='/')
app_resp.set_cookie('ticket', Md5.Md5_make(ticket),path='/')
app_resp.set_cookie('token',token,path='/')
Redis.set('OP_dingId_%s' % Md5.Md5_make(dingunionid), dingunionid)
Redis.set('OP_user_%s' % Md5.Md5_make(realName), realName)
Redis.set('OP_token_%s' %dingunionid,token)
Redis.set('OP_ticket_%s' %Md5.Md5_make(ticket),ticket)
Redis.set('OP_logout_ticket_%s' %ticket, ticket)
Redis.set('OP_dingid_ticket_%s' %ticket, dingunionid)
return app_resp
except Exception as e:
logging.error(e)
except Exception as e:
logging.error(e)
return redirect(url_for('error'))
return redirect(cas_client.get_login_url(service_url=service_url))
def platform_token(action=None, id=None, args=None):
tools.Async_log(g.user, request.url)
db_token = db_op.platform_token
tm = time.strftime('%Y-%m-%d', time.localtime())
form = MyForm.Form_platform_token()
tables = ['第三方平台', '连接方式', 'Token', '颁发日期', '失效日期', '管理']
if action == 'add':
expire_date = "2999-12-30"
if id > 0:
expire_date = datetime.datetime.now() + datetime.timedelta(days=id)
expire_date = expire_date.strftime('%Y-%m-%d')
try:
c = db_token(platform=args,
channel='api',
token=Md5.Md5_make(tools.Produce(8, string.digits)),
award=tm,
expire=expire_date)
db_op.DB.session.add(c)
db_op.DB.session.commit()
return render_template_string('success')
except Exception as e:
logging.error(e)
return render_template_string('fail')
if action == 'modify':
try:
db_token.query.filter(db_token.id == id).update(
{db_token.expire: args})
db_op.DB.session.commit()
return render_template_string('success')
except Exception as e:
logging.error(e)
return render_template_string('fail')
if action == 'drop':
try:
v = db_token.query.filter(db_token.id == id).all()
for c in v:
db_op.DB.session.delete(c)
db_op.DB.session.commit()
return render_template_string('success')
except Exception as e:
logging.error(e)
return render_template_string('fail')
vals = db_token.query.with_entities(
db_token.id, db_token.platform, db_token.channel, db_token.token,
db_token.award, db_token.expire).order_by(desc(db_token.id)).all()
return render_template('platform_token.html',
form=form,
vals=vals,
tables=tables,
tm=tm)
def Publish_center(args):
try:
INFOS, Msg_Key, secret_key = args
server_lists_counts = 0
#获取上线操作参数
execute = INFOS['execute']
channel = INFOS['channel']
flow_number = INFOS['timestamp']
_flow_log(flow_number,
'Publish center(%s) start work ......' % os.getpid())
_flow_log(flow_number, INFOS)
_console_out(channel, Msg_Key, '-' * 100)
_console_out(channel, Msg_Key, "初始化代码分发参数及检测部署环境,检测进行中......")
#页面回滚操作需要将部分参数回写
if execute == 'rollback' and channel == 'web':
project = INFOS['project']
version = INFOS['version']
vals = db_publish.query.with_entities(
db_publish.package_url, db_publish.package_md5,
db_publish.package_type, db_publish.publish_type,
db_publish.restart, db_publish.check_url,
db_publish.gray).filter(
and_(db_publish.project == project,
db_publish.version == version,
db_publish.result == 'Success')).order_by(
desc(db_publish.date)).all()
if vals:
package_url, package_md5, package_type, publish_type, restart, check_url, gray = vals[
0]
INFOS['package_url'] = package_url
INFOS['package_md5'] = package_md5
INFOS['package_type'] = package_type
INFOS['publish_type'] = publish_type
INFOS['restart'] = restart
INFOS['check_url'] = check_url
INFOS['gray'] = int(gray)
else:
_Msg = "project:%s version:%s --->not relevant data Fail !" % (
project, version)
_flow_log(flow_number, _Msg)
raise _console_out(channel, Msg_Key, _Msg)
project = INFOS['project']
package_url = INFOS['package_url']
package_md5 = INFOS['package_md5']
package_type = INFOS['package_type']
publish_type = INFOS['publish_type']
gray = INFOS['gray']
web_path = '/opt/tomcat-%s/webapps/' % project
#判断代码包类型
Package_name = package_url.split('/')[-1]
os.system("/bin/mkdir -p %s" % web_path)
os.system("/bin/mkdir -p %s" % bak_path)
package_path = "%s%s" % (bak_path, Package_name)
package_name = Package_name.replace('.zip', '')
s_files = "%s%s" % (web_path, package_name)
#验证包规则
if project == '-'.join(package_name.split('-')[:-1]):
if package_name.endswith('.war'):
package_name = '%s.war' % project
else:
package_name = project
else:
_Msg = "%s package format Fail" % Package_name
_flow_log(flow_number, _Msg)
raise _console_out(channel, Msg_Key, _Msg)
if package_name.endswith('.war') and package_type == 'part':
_Msg = "%s package not allow part publish" % Package_name
_flow_log(flow_number, _Msg)
raise _console_out(channel, Msg_Key, _Msg)
d_files = "%s%s" % (web_path, package_name)
#删除旧包
if os.path.exists(package_path):
os.remove(package_path)
#获取代码压缩包
try:
urlretrieve(package_url, package_path)
except Exception as e:
msg = "package_url:%s --->check package url Fail !" % package_url
_flow_log(flow_number, 'Error:%s' % str(e))
_flow_log(flow_number, msg)
raise _console_out(channel, Msg_Key, msg)
#对压缩包进行md5对比
_flow_log(flow_number, "package_md5:%s" % Md5.Md5_file(package_path))
if package_md5 == Md5.Md5_file(package_path):
#解压缩代码包
try:
zip_file = zipfile.ZipFile(package_path)
if os.path.exists('%s%s' % (web_path, package_name)):
try:
shutil.rmtree('%s%s' % (web_path, package_name))
except:
os.remove('%s%s' % (web_path, package_name))
zip_file.extractall(web_path)
except Exception as e:
msg = "package:%s --->check unzip package Fail !" % package_name
_flow_log(flow_number, 'Error:%s' % str(e))
_flow_log(flow_number, msg)
raise _console_out(channel, Msg_Key, msg)
else:
_Msg = "package:%s --->check package md5 Fail !" % package_name
_flow_log(flow_number, _Msg)
raise _console_out(channel, Msg_Key, _Msg)
if os.path.exists(s_files):
shutil.move(s_files, d_files)
if os.path.exists(d_files):
#获取应用部署列表
vals = db_project.query.with_entities(
db_project.ip, db_project.ssh_port,
db_project.app_port).filter(
db_project.project == project).all()
if vals:
server_lists = [list(val) for val in vals]
#判断是否为灰度上线,并尝试获取服务器灰度标识
if int(gray) == 1:
gray_vals = db_project.query.with_entities(
db_project.ip, db_project.ssh_port,
db_project.app_port).filter(
and_(db_project.project == project,
db_project.gray == 1)).all()
if gray_vals:
server_lists = [list(val) for val in gray_vals]
else:
server_lists = [list(val) for val in vals][0]
server_lists_counts = len(server_lists)
#服务器和应用服务连通性检测
for infos in server_lists:
ip, ssh_port, app_port = infos
try:
try:
ssh = paramiko.SSHClient()
ssh_key = paramiko.RSAKey.from_private_key_file(
key_file)
ssh.set_missing_host_key_policy(
paramiko.AutoAddPolicy())
ssh.connect(ip,
int(ssh_port),
username,
pkey=ssh_key,
timeout=30)
except:
_Msg = "ip:%s ssh_port:%s --->check sshd Fail !" % (
ip, ssh_port)
_flow_log(flow_number, _Msg)
raise _console_out(channel, Msg_Key, _Msg)
else:
#检测线上代码包路径是否存在
cmd = "[ -d %s ] && echo ok" % web_path
stdin, stdout, stderr = ssh.exec_command(cmd)
result = str(stdout.read().strip(),
encoding='utf8')
if result != 'ok':
_Msg = "ip:%s ssh_port:%s web_path:%s --->check app path Fail !" % (
ip, ssh_port, web_path)
_flow_log(flow_number, _Msg)
raise _console_out(channel, Msg_Key, _Msg)
#创建备份目录
if package_name.endswith('.war'):
cmd = "/bin/mkdir -p %s" % bak_path
else:
cmd = "/bin/mkdir -p %s/%s" % (bak_path,
package_name)
stdin, stdout, stderr = ssh.exec_command(cmd)
result = stderr.read()
if result:
_Msg = "ip:%s ssh_port:%s bak_path:%s --->make bak path Fail !" % (
ip, ssh_port, bak_path)
_flow_log(flow_number, "Error:%s" % result)
_flow_log(flow_number, _Msg)
raise _console_out(channel, Msg_Key, _Msg)
ssh.close()
except:
raise
else:
if not tcpping(host=ip, port=app_port, timeout=3):
_Msg = "ip:%s app_port:%s --->check app port Fail !" % (
ip, app_port)
_flow_log(flow_number, _Msg)
raise _console_out(channel, Msg_Key, _Msg)
#部署列表写入redis队列
server_lists_key = '%s_server_lists_key' % secret_key
for info in server_lists:
Redis.sadd(server_lists_key, info)
#启动多个子控制中心并发执行
_console_out(channel, Msg_Key, "代码分发相关参数及运行环境检测全部通过!")
_console_out(channel, Msg_Key,
"启动代码分发模块,开始部署%s,执行过程稍后输出......" % package_name)
_console_out(channel, Msg_Key, '-' * 100)
for i in range(Publish_types[publish_type]):
Scheduler = produce.SchedulerPublish()
Scheduler = Scheduler.Scheduler_mem(
Publish_agent, [
server_lists_key, server_lists_counts, d_files,
project, package_name, package_path, Msg_Key,
secret_key, INFOS
])
Scheduler.start()
time.sleep(1)
else:
_Msg = "Error:not find app service lists!"
_flow_log(flow_number, _Msg)
raise _console_out(channel, Msg_Key, _Msg)
else:
_Msg = "package:%s --->move package Fail !" % package_name
_flow_log(flow_number, _Msg)
raise _console_out(channel, Msg_Key, _Msg)
except Exception as e:
if 'old-style' not in str(e):
_flow_log(flow_number, 'Error:%s' % str(e))
result = "代码分发环境检测到错误,不执行代码分发操作!"
_console_out(channel, Msg_Key, result)
_console_out(channel, Msg_Key, '-' * 100)
_console_out(
channel, Msg_Key, "_End_:0,0,0,%i,%i:%s" %
(server_lists_counts, server_lists_counts, flow_number))
#汇总结果后回调接口
_result_handle(result, server_lists_counts, INFOS)
Redis.expire(Msg_Key, 15)
finally:
db_op.DB.session.remove()
def Login(*args, **kwargs):
try:
user = Redis.get('OP_user_%s' %request.cookies.get('user'))
dingId = Redis.get('OP_dingId_%s' %request.cookies.get('dingId'))
token = request.cookies.get('token')
ticket = Redis.get('OP_ticket_%s' % request.cookies.get('ticket'))
except:
pass
else:
try:
if user and dingId and token and ticket and Redis.exists('OP_logout_ticket_%s' % ticket):
if token == Redis.get('OP_token_%s' %dingId):
g.user = user
g.dingId = dingId
g.secret_key = request.cookies.get('secret_key')
g.token = token
db_sso = db_op.user_sso
val = db_sso.query.with_entities(db_sso.grade,db_sso.mail,db_sso.mobilePhone,db_sso.department).filter(db_sso.dingunionid == dingId).all()
if val:
g.grade,g.mail,g.phone,g.department = val[0]
g.grade = g.grade.split(',')
if str(grade) in g.grade:
g.ip = request.headers.get('X-Forwarded-For')
if not g.ip:
g.ip = request.remote_addr
if ',' in g.ip:
g.ip = g.ip.split(',')[0]
session['remote_ip'] = g.ip
tm = time.strftime('%Y%m%d', time.localtime())
td = time.strftime('%Y-%m-%d', time.localtime())
g.date = td
g.ym = time.strftime('%Y', time.localtime())
g.active_users = Redis.scard('op_active_users_%s' % td)
#页面菜单缓存加速
menu_key = f'op_menu_{tm}'
user_menu_key = f'menu_{dingId}'
if Redis.hexists(menu_key,user_menu_key):
g.Base_Menu = eval(Redis.hget(menu_key,user_menu_key))
else:
# 生成用户权限对应的页面菜单
grades = g.grade
DB = db_op.op_menu
sub_val = defaultdict()
menu_md5 = defaultdict()
submenu = DB.query.with_entities(distinct(DB.Menu_name)).filter(DB.grade.in_(grades)).order_by(
DB.Menu_id).all()
if submenu:
submenu = [menu[0] for menu in submenu]
menu_md5 = {menu:Md5.Md5_make(menu) for menu in submenu}
for Menu in submenu:
val = DB.query.with_entities(DB.module_name, DB.action_name).filter(
and_(DB.grade.in_(grades), DB.Menu_name == Menu)).order_by(
DB.sub_id).all()
if val:
sub_val[Menu] = val
g.Base_Menu = {'submenu': submenu,'sub_val': sub_val,'menu_md5':menu_md5}
#缓存页面菜单1小时
Redis.hset(menu_key,user_menu_key,g.Base_Menu)
Redis.expire(menu_key,3600)
return func(*args, **kwargs)
except Exception as e:
logging.error(e)
return redirect(url_for('error'))
finally:
db_op.DB.session.remove()
return redirect(url_for('logout.logout'))