feat(front): add front app build command and minio support

- Add new command "front" with flags for replica count and vendor - Implement front app build logic in maker.AppFront method - Add minio to make command list - Add minio and minio-init images to image list - Change EMQX dependency path to "dependency/emqx" - Update app OEM logic to use model.GetVendor for vendor info - Fix app OEM download and rename logic with updated vendor fields - Modify nginx deployment manifest to allow configurable replicas - Update user app mysql address to mysql-cluster-mysql-master.db-mysql:3306 - Add server_license_init.conf generation script for configmap upsert - Clean and reformat imports across several files - Remove unused package files for make.mysql.go, make.redis.go, make.longhorn.go
2025-11-27 17:35:01 +08:00
parent fdad0eb36c
commit 38def02bf4
21 changed files with 532 additions and 41 deletions
--- a/pkg/resource/resource.go
+++ b/pkg/resource/resource.go
@@ -20,6 +20,9 @@ var (
 	//go:embed yaml/emqx.yaml
 	YAMLEMQX []byte

+	//go:embed yaml/minio.yaml
+	YAMLMinIO string
+
 	//go:embed sql/yosguard.create.sql
 	SQLYosguard []byte

@@ -56,6 +59,12 @@ var (
 	//go:embed yaml/app.oem.yaml
 	YAMLAppOEM string

+	//go:embed yaml/app.front.user.yaml
+	YAMLAppFrontUser string
+
+	//go:embed yaml/app.front.admin.yaml
+	YAMLAppFrontAdmin string
+
 	//go:embed yaml/app.nginx.yaml
 	YAMLAppNGINX string

--- a/pkg/resource/yaml/app.front.admin.yaml
+++ b/pkg/resource/yaml/app.front.admin.yaml
@@ -0,0 +1,42 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: front-admin-deployment
+  namespace: hsv2
+spec:
+  replicas: %d
+  selector:
+    matchLabels:
+      app: front-admin
+  template:
+    metadata:
+      labels:
+        app: front-admin
+    spec:
+      topologySpreadConstraints:
+      - maxSkew: 1 
+        topologyKey: kubernetes.io/hostname 
+        whenUnsatisfiable: ScheduleAnyway 
+        labelSelector:
+          matchLabels:
+            app: front-admin
+      containers:
+      - name: front-admin
+        image: hub.yizhisec.com/build/hybirdscope/front/admin:latest
+        imagePullPolicy: IfNotPresent
+        ports:
+        - containerPort: 80
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: front-admin-service
+  namespace: hsv2
+spec:
+  selector:
+    app: front-admin
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 80
+  type: ClusterIP
--- a/pkg/resource/yaml/app.front.user.yaml
+++ b/pkg/resource/yaml/app.front.user.yaml
@@ -0,0 +1,42 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: front-user-deployment
+  namespace: hsv2
+spec:
+  replicas: %d
+  selector:
+    matchLabels:
+      app: front-user
+  template:
+    metadata:
+      labels:
+        app: front-user
+    spec:
+      topologySpreadConstraints:
+      - maxSkew: 1 
+        topologyKey: kubernetes.io/hostname 
+        whenUnsatisfiable: ScheduleAnyway 
+        labelSelector:
+          matchLabels:
+            app: front-user
+      containers:
+      - name: front-user
+        image: hub.yizhisec.com/hybridscope/v2/front-user:latest
+        imagePullPolicy: IfNotPresent
+        ports:
+        - containerPort: 80
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: front-user-service
+  namespace: hsv2
+spec:
+  selector:
+    app: front-user
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 80
+  type: ClusterIP
--- a/pkg/resource/yaml/app.nginx.yaml
+++ b/pkg/resource/yaml/app.nginx.yaml
@@ -4,7 +4,7 @@ metadata:
  name: nginx-deployment
  namespace: hsv2
 spec:
-  replicas: 2
+  replicas: %d
  selector:
    matchLabels:
      app: nginx
--- a/pkg/resource/yaml/app.user.yaml
+++ b/pkg/resource/yaml/app.user.yaml
@@ -1,3 +1,4 @@
+apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: user-deployment
--- a/pkg/resource/yaml/minio.yaml
+++ b/pkg/resource/yaml/minio.yaml
@@ -0,0 +1,184 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: db-minio
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: minio-init-job
+  namespace: db-minio
+spec:
+  template:
+    spec:
+      restartPolicy: OnFailure
+      containers:
+        - name: minio-init
+          image: hub.yizhisec.com/hybridscope/v3/minio-init:latest
+          command:
+            - /bin/sh
+            - -c
+          args:
+            - |
+              #!/bin/sh
+              set -e
+
+              # Function to add timestamp to log messages
+              log() {
+                echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1"
+              }
+
+              log "Starting MinIO initialization..."
+              log "Environment: MINIO_ROOT_USER=admin, MINIO_ROOT_PASSWORD=YizhiSEC@123"
+              log "Target MinIO endpoint: http://minio-service:9000"
+
+              # 等待 MinIO 服务就绪
+              log "Phase 1: Waiting for MinIO service to be ready..."
+              log "Checking network connectivity to minio-service:9000..."
+
+              # 首先等待服务可达
+              RETRY_COUNT=0
+              until timeout 10 nc -z minio-service 9000; do
+                RETRY_COUNT=$((RETRY_COUNT + 1))
+                log "Attempt $RETRY_COUNT: MinIO service is not reachable - sleeping 5 seconds..."
+                sleep 5
+              done
+
+              log "✓ Network connectivity to MinIO service established"
+              log "Phase 2: Waiting for MinIO API to respond..."
+
+              # 然后等待 MinIO API 响应
+              RETRY_COUNT=0
+              until mc alias set minio http://minio-service:9000 admin YizhiSEC@123; do
+                RETRY_COUNT=$((RETRY_COUNT + 1))
+                log "Attempt $RETRY_COUNT: MinIO API is not ready - sleeping 5 seconds..."
+                sleep 5
+              done
+
+              log "✓ MinIO API is ready and responding"
+
+              # 创建服务账户
+              log "Phase 3: Creating service account..."
+              if mc admin user svcacct add minio admin --access-key "pU3bsxic6LGNQbKLhsTf" --secret-key "GGmvLzY4IZUsV1taKA27YpTgN3ieES2DzCrKQe6p"; then
+                log "✓ User created successfully"
+              else
+                log "✗ Failed to create user"
+                exit 1
+              fi
+
+              # 创建存储桶
+              log "Phase 4: Creating storage buckets..."
+              log "Creating bucket: hsv2"
+
+              if mc mb minio/hsv2; then
+                log "✓ Bucket 'hsv2' created successfully"
+              else
+                log "ℹ Bucket 'hsv2' already exists or creation failed"
+              fi
+
+              # 上传 ipv4.ipdb 文件
+              log "Phase 5: Uploading ipv4.ipdb file..."
+              log "Checking if /data/ipv4.ipdb exists..."
+
+              if [ -f "/data/ipv4.ipdb" ]; then
+                log "✓ Found ipv4.ipdb file, uploading to hsv2 bucket..."
+                if mc cp /data/ipv4.ipdb minio/hsv2/db/ipv4.ipdb; then
+                  log "✓ Successfully uploaded ipv4.ipdb to hsv2/db/ipv4.ipdb"
+                else
+                  log "✗ Failed to upload ipv4.ipdb file"
+                  exit 1
+                fi
+              else
+                log "⚠ Warning: /data/ipv4.ipdb file not found, skipping upload"
+              fi
+
+              log "🎉 MinIO initialization completed successfully!"
+              log "Summary:"
+              log "  - MinIO service: Ready"
+              log "  - Service account: Created for API access"
+              log "  - Bucket 'hsv2': Available"
+              log "  - File 'db/ipv4.ipdb': Uploaded to hsv2 bucket"
+
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: minio
+  namespace: db-minio
+  labels:
+    app: minio
+spec:
+  serviceName: minio-service
+  replicas: 1
+  selector:
+    matchLabels:
+      app: minio
+  template:
+    metadata:
+      labels:
+        app: minio
+    spec:
+      containers:
+        - name: minio
+          image: hub.yizhisec.com/external/minio:RELEASE.2025-03-12T18-04-18Z
+          command:
+            - /bin/sh
+            - -c
+          args:
+            - minio server /data --console-address ":9001"
+          env:
+            - name: MINIO_ROOT_USER
+              value: "admin"
+            - name: MINIO_ROOT_PASSWORD
+              value: "YizhiSEC@123"
+          ports:
+            - containerPort: 9000
+              name: api
+            - containerPort: 9001
+              name: console
+          volumeMounts:
+            - name: minio-data
+              mountPath: /data
+          readinessProbe:
+            httpGet:
+              path: /minio/health/ready
+              port: 9001
+            initialDelaySeconds: 15
+            timeoutSeconds: 2
+          livenessProbe:
+            httpGet:
+              path: /minio/health/live
+              port: 9001
+            initialDelaySeconds: 30
+      volumes:
+        - name: minio-data
+          persistentVolumeClaim:
+            claimName: minio-data
+  volumeClaimTemplates:
+    - metadata:
+        name: minio-data
+      spec:
+        accessModes: ["ReadWriteOnce"]
+        storageClassName: longhorn
+        resources:
+          requests:
+            storage: %s
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: minio-service
+  namespace: db-minio
+spec:
+  type: ClusterIP
+  selector:
+    app: minio
+  ports:
+    - name: api
+      port: 9000
+      protocol: TCP
+      targetPort: api
+    - name: console
+      port: 9001
+      protocol: TCP
+      targetPort: console