forge/internal/controller/maker/app.user.go

package maker

import (
	"context"
	"fmt"
	"os"
	"path/filepath"

	"gitea.loveuer.com/yizhisec/pkg3/logger"
	"yizhisec.com/hsv2/forge/pkg/resource"
)

func (m *maker) AppUser(ctx context.Context, replica int) error {
	const (
		_config = `Version: "3"
Database:
  Elastic:
    Address: http://es-service.db-es:9200
  IPDB:
    Path: /etc/hs_user_management/ipdb/ip.ipdb
  Mysql:
    Address: mysql-cluster-mysql-master.db-mysql:3306
    DBName: mie
    Password: L0hMysql.
    UserName: root
  Redis:
    Address: redis-master.db-redis:6379
    Password: HybridScope0xRed1s.
DisabledFeatureFilePath: /etc/yizhisec/disabled_features
EnableTenant: false
Key:
  Token: TtKVnSzEHO3jRv/GWg3f5k3H1OVfMnPZ1Ke9E6MSCXk=
LicensePubKey: /etc/yizhisec/license/pub_key
Log:
  Dir: ./log
  Level: 1
  Name: hs_user_management
Sentry:
  TracesSampleRate: 1
Sso:
  DingTalk:
    ApiHost: oapi.dingtalk.com
    LoginUrl: https://oapi.dingtalk.com/connect/qrconnect
  Feishu:
    ApiHost: open.feishu.cn
    LoginUrl: https://open.feishu.cn/open-apis/authen/v1/index
  Proxy:
    CallbackHost: hssso.yizhisec.com:33443
    Cert:
      ClientCrt: /etc/hs_user_management/proxy/certs/client.crt
      ClientKey: /etc/hs_user_management/proxy/certs/client.key
    ServiceHost: hssso.yizhisec.com:33444
  RedirectPath:
    BoundFailed: /#/accountSettings/thirdAccount
    BoundSuccess: /#/accountSettings/thirdAccount
    LoginFailed: /#/thirdError
    LoginNeedBoundUser: /#/bind
    LoginSuccess: /#/
  WorkWeiXin:
    ApiHost: qyapi.weixin.qq.com
    LoginUrl: https://login.work.weixin.qq.com/wwlogin/sso/login
Storage:
  Avatar:
    ADSyncDir: ad
    Base: /data/storage/avatar
    LDAPSyncDir: ldap
    LocalDir: local
    SyncDir: sync
TranslationPath: translation.csv
Web:
  Host: 0.0.0.0
  Mode: release
  Port: 9013
WorkDir: /yizhisec/hs_user_management/workspace
YosGuard:
  Host: 172.17.0.1
  Port: 7788
ElinkLogin: false`
		_upsert = `#!/bin/bash

kubectl create configmap config-user --namespace hsv2 --from-file=config.yml=./config.yml --dry-run=client -o yaml | kubectl apply -f -
kubectl apply -f deployment.yaml
kubectl rollout restart deployment user-deployment -n hsv2`
	)
	var (
		err     error
		workdir = filepath.Join(m.workdir, "app", "user")
	)

	logger.Info("☑️ maker.AppUser: 开始构建 user 应用..., dir = %s", workdir)

	logger.Debug("☑️ maker.AppUser: 开始创建工作目录 = %s", workdir)
	if err = os.MkdirAll(workdir, 0755); err != nil {
		logger.Debug("❌ maker.AppUser: 创建目录失败: %v", err)
		return err
	}
	logger.Debug("✅ maker.AppUser: 创建工作目录成功 = %s", workdir)

	if replica < 1 {
		replica = 1
	}

	logger.Debug("☑️ maker.AppUser: 开始构建 yaml 资源文件")
	content := []byte(fmt.Sprintf(resource.YAMLAppUser, replica))
	if err = os.WriteFile(filepath.Join(workdir, "deployment.yaml"), []byte(content), 0644); err != nil {
		logger.Debug("❌ maker.AppUser: 写入 deployment.yaml 失败: %v", err)
		return err
	}
	logger.Debug("✅ maker.AppUser: 开始 yaml 资源文件成功")

	// 写入 config.yml
	logger.Debug("☑️ maker.AppUser: 开始构建 config 文件")
	if err = os.WriteFile(filepath.Join(workdir, "config.yml"), []byte(_config), 0644); err != nil {
		logger.Debug("❌ maker.AppUser: 写入 config.yml 失败: %v", err)
		return err
	}
	logger.Debug("✅ maker.AppUser: 构建 config 文件成功")

	logger.Debug("☑️ maker.AppUser: 开始构建 upsert.sh 脚本")
	if err = os.WriteFile(filepath.Join(workdir, "upsert.sh"), []byte(_upsert), 0755); err != nil {
		logger.Debug("❌ maker.AppUser: 写入 upsert.sh 失败: %v", err)
		return err
	}
	logger.Debug("✅ maker.AppUser: 构建 upsert.sh 脚本成功")

	logger.Info("✅ maker.AppUser: 构建 user 应用成功!!!")
	return nil
}