package maker import ( "context" "fmt" "os" "path/filepath" "gitea.loveuer.com/yizhisec/pkg3/logger" "yizhisec.com/hsv2/forge/pkg/resource" ) func (m *maker) AppUser(ctx context.Context, version string, replica int) error { const ( _config = `Version: "3" Database: Elastic: Address: http://es-service.db-es:9200 IPDB: Path: /etc/hs_user_management/ipdb/ip.ipdb Mysql: Address: mysql-cluster-mysql-master.db-mysql:3306 DBName: mie Password: L0hMysql. UserName: root Redis: Address: redis-master.db-redis:6379 Password: HybridScope0xRed1s. DisabledFeatureFilePath: /etc/yizhisec/disabled_features EnableTenant: false Key: Token: TtKVnSzEHO3jRv/GWg3f5k3H1OVfMnPZ1Ke9E6MSCXk= LicensePubKey: /etc/yizhisec/license/pub_key Log: Dir: ./log Level: 1 Name: hs_user_management Sentry: TracesSampleRate: 1 Sso: DingTalk: ApiHost: oapi.dingtalk.com LoginUrl: https://oapi.dingtalk.com/connect/qrconnect Feishu: ApiHost: open.feishu.cn LoginUrl: https://open.feishu.cn/open-apis/authen/v1/index Proxy: CallbackHost: hssso.yizhisec.com:33443 Cert: ClientCrt: /etc/hs_user_management/proxy/certs/client.crt ClientKey: /etc/hs_user_management/proxy/certs/client.key ServiceHost: hssso.yizhisec.com:33444 RedirectPath: BoundFailed: /#/accountSettings/thirdAccount BoundSuccess: /#/accountSettings/thirdAccount LoginFailed: /#/thirdError LoginNeedBoundUser: /#/bind LoginSuccess: /#/ WorkWeiXin: ApiHost: qyapi.weixin.qq.com LoginUrl: https://login.work.weixin.qq.com/wwlogin/sso/login Storage: Avatar: ADSyncDir: ad Base: /data/storage/avatar LDAPSyncDir: ldap LocalDir: local SyncDir: sync TranslationPath: translation.csv Web: Host: 0.0.0.0 Mode: release Port: 9013 WorkDir: /yizhisec/hs_user_management/workspace YosGuard: Host: 172.17.0.1 Port: 7788 ElinkLogin: false` _upsert = `#!/bin/bash kubectl create configmap config-user --namespace hsv2 --from-file=config.yml=./config.yml --dry-run=client -o yaml | kubectl apply -f - kubectl apply -f deployment.yaml kubectl rollout restart deployment user-deployment -n hsv2` ) var ( err error workdir = filepath.Join(m.workdir, "app", "user") ) logger.Info("☑️ maker.AppUser: 开始构建 user 应用..., version = %s, dir = %s", version, workdir) logger.Debug("☑️ maker.AppUser: 开始创建工作目录 = %s", workdir) _ = os.RemoveAll(workdir) if err = os.MkdirAll(workdir, 0755); err != nil { logger.Debug("❌ maker.AppUser: 创建目录失败: %v", err) return err } logger.Debug("✅ maker.AppUser: 创建工作目录成功 = %s", workdir) imgName := "hub.yizhisec.com/hybridscope/user_management:latest" logger.Debug("☑️ maker.AppUser: start pull image = %s", imgName) if err = m.Image(ctx, imgName, WithImageForcePull(true), WithImageSave(filepath.Join(workdir, "user.tar")), ); err != nil { logger.Debug("❌ maker.AppUser: 拉取镜像失败: %v", err) return err } logger.Debug("✅ maker.AppUser: pull image success = %s", imgName) if replica < 1 { replica = 1 } logger.Debug("☑️ maker.AppUser: 开始构建 yaml 资源文件") content := []byte(fmt.Sprintf(resource.YAMLAppUser, replica)) if err = os.WriteFile(filepath.Join(workdir, "deployment.yaml"), []byte(content), 0644); err != nil { logger.Debug("❌ maker.AppUser: 写入 deployment.yaml 失败: %v", err) return err } logger.Debug("✅ maker.AppUser: 开始 yaml 资源文件成功") // 写入 config.yml logger.Debug("☑️ maker.AppUser: 开始构建 config 文件") if err = os.WriteFile(filepath.Join(workdir, "config.yml"), []byte(_config), 0644); err != nil { logger.Debug("❌ maker.AppUser: 写入 config.yml 失败: %v", err) return err } logger.Debug("✅ maker.AppUser: 构建 config 文件成功") logger.Debug("☑️ maker.AppUser: 开始构建 upsert.sh 脚本") if err = os.WriteFile(filepath.Join(workdir, "upsert.sh"), []byte(_upsert), 0755); err != nil { logger.Debug("❌ maker.AppUser: 写入 upsert.sh 失败: %v", err) return err } logger.Debug("✅ maker.AppUser: 构建 upsert.sh 脚本成功") if err = os.WriteFile(filepath.Join(workdir, "version.txt"), []byte(version), 0644); err != nil { logger.Debug("❌ maker.AppUser: 写入 version.txt 失败: %v", err) return err } logger.Info("✅ maker.AppUser: 构建 user 应用成功!!! version = %s", version) return nil }