diff --git a/plugins/.gitignore b/plugins/.gitignore new file mode 100644 index 0000000000000000000000000000000000000000..62c893550adb53d3a8fc29a1584ff831cb829062 --- /dev/null +++ b/plugins/.gitignore @@ -0,0 +1 @@ +.idea/ \ No newline at end of file diff --git a/plugins/Compatibility-AI-Infra/flows/get_all_docker_images_flow.yaml b/plugins/Compatibility-AI-Infra/flows/get_all_docker_images_flow.yaml new file mode 100644 index 0000000000000000000000000000000000000000..d1c4332203be24d3395d45eee2b1620b18d6f06c --- /dev/null +++ b/plugins/Compatibility-AI-Infra/flows/get_all_docker_images_flow.yaml @@ -0,0 +1,15 @@ +name: get_all_supported_AI_docker_images +description: "获取所有支持的docker容器镜像,输入为空,输出为支持的AI容器镜像列表,包括名字、tag、registry、repository" +steps: + - name: start + call_type: api + params: + endpoint: GET /docker/images + next: list2markdown + - name: list2markdown + call_type: llm + params: + user_prompt: | + 当前已有的docker容器及tag为:{data}。请将这份内容输出为markdown表格,表头为registry、repository、image_name、tag,请注意如果一个容器镜像有多个tag版本,请分多行展示。 +next_flow: + - docker_pull_specified_AI_docker_images \ No newline at end of file diff --git a/plugins/Compatibility-AI-Infra/flows/pull_images_flow.yaml b/plugins/Compatibility-AI-Infra/flows/pull_images_flow.yaml new file mode 100644 index 0000000000000000000000000000000000000000..277677924f152672e5f0b02305733347900d4e4b --- /dev/null +++ b/plugins/Compatibility-AI-Infra/flows/pull_images_flow.yaml @@ -0,0 +1,15 @@ +name: docker_pull_specified_AI_docker_images +description: "从dockerhub拉取指定的docker容器镜像,输入为容器镜像的名字和tag" +steps: + - name: start + call_type: api + params: + endpoint: POST /docker/pull + next: extract_key + - name: extract_key + call_type: extract + params: + keys: + - data.shell +next_flow: + - docker_run_specified_AI_docker_images \ No newline at end of file diff --git a/plugins/Compatibility-AI-Infra/flows/run_images_flow.yaml b/plugins/Compatibility-AI-Infra/flows/run_images_flow.yaml new file mode 100644 index 0000000000000000000000000000000000000000..54fe3ca39d9fe16b3c1bbcc506b7cf6f0e673ea9 --- /dev/null +++ b/plugins/Compatibility-AI-Infra/flows/run_images_flow.yaml @@ -0,0 +1,13 @@ +name: docker_run_specified_AI_docker_images +description: "运行指定的容器镜像,输入为容器镜像的名字和tag" +steps: + - name: start + call_type: api + params: + endpoint: POST /docker/run + next: extract_key + - name: extract_key + call_type: extract + params: + keys: + - data.shell diff --git a/plugins/Compatibility-AI-Infra/openapi.yaml b/plugins/Compatibility-AI-Infra/openapi.yaml new file mode 100644 index 0000000000000000000000000000000000000000..ac24173a5ceda05382b12798ccad8a42a5c83d5a --- /dev/null +++ b/plugins/Compatibility-AI-Infra/openapi.yaml @@ -0,0 +1,190 @@ +openapi: 3.0.2 +info: + title: compatibility-ai-infra + version: 0.1.0 +servers: + - url: http://192.168.10.43:10000 +paths: + /docker/images: + get: + description: 获取所有支持的AI容器信息,返回容器名字和tag + responses: + '200': + description: Successful Response + content: + application/json: + schema: + $ref: '#/components/schemas/ResponseData' + /docker/pull: + post: + description: 输入容器镜像名字和容器镜像tag,返回拉取该容器的shell命令 + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PullDockerImages' + required: true + responses: + '200': + description: Successful Response + content: + application/json: + schema: + $ref: '#/components/schemas/ResponseData' + '422': + description: Validation Error + content: + application/json: + schema: + $ref: '#/components/schemas/HTTPValidationError' + /docker/run: + post: + description: 输入容器名字和tag,返回运行该容器的shell命令 + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RunDockerImages' + required: true + responses: + '200': + description: Successful Response + content: + application/json: + schema: + $ref: '#/components/schemas/ResponseData' + '422': + description: Validation Error + content: + application/json: + schema: + $ref: '#/components/schemas/HTTPValidationError' +components: + schemas: + HTTPValidationError: + description: HTTP校验错误 + type: object + properties: + detail: + title: Detail + type: array + items: + $ref: '#/components/schemas/ValidationError' + PullDockerImages: + description: 生成容器拉取命令的接口的入参 + required: + - image_name + - image_tag + type: object + properties: + image_name: + description: 容器镜像的名字,不要包含转义符 + type: string + enum: + - cann + - oneapi-runtime + - oneapi-basekit + - llm-server + - mlflow + - llm + - tensorflow + - pytorch + - cuda + image_tag: + description: 容器镜像的tag,不要包含转义符 + type: string + enum: + - "8.0.RC1-oe2203sp4" + - "cann7.0.RC1.alpha002-oe2203sp2" + - "2024.2.0-oe2403lts" + - "1.0.0-oe2203sp3" + - "2.11.1-oe2203sp3" + - "2.13.1-oe2203sp3" + - "chatglm2_6b-pytorch2.1.0.a1-cann7.0.RC1.alpha002-oe2203sp2" + - "llama2-7b-q8_0-oe2203sp2" + - "chatglm2-6b-q8_0-oe2203sp2" + - "fastchat-pytorch2.1.0.a1-cann7.0.RC1.alpha002-oe2203sp2" + - "tensorflow2.15.0-oe2203sp2" + - "tensorflow2.15.0-cuda12.2.0-devel-cudnn8.9.5.30-oe2203sp2" + - "pytorch2.1.0-oe2203sp2" + - "pytorch2.1.0-cuda12.2.0-devel-cudnn8.9.5.30-oe2203sp2" + - "pytorch2.1.0.a1-cann7.0.RC1.alpha002-oe2203sp2" + - "cuda12.2.0-devel-cudnn8.9.5.30-oe2203sp2" + ResponseData: + description: 接口返回值的固定格式 + required: + - code + - message + - data + type: object + properties: + code: + description: 状态码 + type: integer + message: + description: 状态信息 + type: string + data: + description: 返回数据 + type: any + RunDockerImages: + description: 生成容器运行命令的接口的入参 + required: + - image_name + - image_tag + type: object + properties: + image_name: + description: 容器镜像的名字,不要包含转义符 + type: string + enum: + - cann + - oneapi-runtime + - oneapi-basekit + - llm-server + - mlflow + - llm + - tensorflow + - pytorch + - cuda + image_tag: + description: 容器镜像的tag,不要包含转义符 + type: string + enum: + - "8.0.RC1-oe2203sp4" + - "cann7.0.RC1.alpha002-oe2203sp2" + - "2024.2.0-oe2403lts" + - "1.0.0-oe2203sp3" + - "2.11.1-oe2203sp3" + - "2.13.1-oe2203sp3" + - "chatglm2_6b-pytorch2.1.0.a1-cann7.0.RC1.alpha002-oe2203sp2" + - "llama2-7b-q8_0-oe2203sp2" + - "chatglm2-6b-q8_0-oe2203sp2" + - "fastchat-pytorch2.1.0.a1-cann7.0.RC1.alpha002-oe2203sp2" + - "tensorflow2.15.0-oe2203sp2" + - "tensorflow2.15.0-cuda12.2.0-devel-cudnn8.9.5.30-oe2203sp2" + - "pytorch2.1.0-oe2203sp2" + - "pytorch2.1.0-cuda12.2.0-devel-cudnn8.9.5.30-oe2203sp2" + - "pytorch2.1.0.a1-cann7.0.RC1.alpha002-oe2203sp2" + - "cuda12.2.0-devel-cudnn8.9.5.30-oe2203sp2" + ValidationError: + description: 接口的入参校验错误时返回的内容格式 + required: + - loc + - msg + - type + type: object + properties: + loc: + title: Location + type: array + items: + anyOf: + - type: string + - type: integer + msg: + title: Message + type: string + type: + title: Error Type + type: string \ No newline at end of file diff --git a/plugins/Compatibility-AI-Infra/plugin.json b/plugins/Compatibility-AI-Infra/plugin.json new file mode 100644 index 0000000000000000000000000000000000000000..6136093d2313bd85ae2f2244adef96d48dad90bd --- /dev/null +++ b/plugins/Compatibility-AI-Infra/plugin.json @@ -0,0 +1,6 @@ +{ + "id": "ai_docker_images", + "name": "AI容器镜像", + "description": "该插件接受用户的输入,检查当前支持哪些AI容器,拉取容器,运行容器", + "predefined_question": "查看当前支持哪些AI容器,拉取指定的容器,运行指定的容器" +} \ No newline at end of file diff --git a/plugins/README.en.md b/plugins/README.en.md new file mode 100644 index 0000000000000000000000000000000000000000..1fb8f0d5736fd020b967b94821225d775206fc1d --- /dev/null +++ b/plugins/README.en.md @@ -0,0 +1,36 @@ +# euler-copilot-plugins + +#### Description +插件仓库 + +#### Software Architecture +Software architecture description + +#### Installation + +1. xxxx +2. xxxx +3. xxxx + +#### Instructions + +1. xxxx +2. xxxx +3. xxxx + +#### Contribution + +1. Fork the repository +2. Create Feat_xxx branch +3. Commit your code +4. Create Pull Request + + +#### Gitee Feature + +1. You can use Readme\_XXX.md to support different languages, such as Readme\_en.md, Readme\_zh.md +2. Gitee blog [blog.gitee.com](https://blog.gitee.com) +3. Explore open source project [https://gitee.com/explore](https://gitee.com/explore) +4. The most valuable open source project [GVP](https://gitee.com/gvp) +5. The manual of Gitee [https://gitee.com/help](https://gitee.com/help) +6. The most popular members [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/) diff --git a/plugins/README.md b/plugins/README.md new file mode 100644 index 0000000000000000000000000000000000000000..f5b1800bc7eb81978b3222cdbe734b8c3eb4e6d1 --- /dev/null +++ b/plugins/README.md @@ -0,0 +1,37 @@ +# euler-copilot-plugins + +#### 介绍 +插件仓库 + +#### 软件架构 +软件架构说明 + + +#### 安装教程 + +1. xxxx +2. xxxx +3. xxxx + +#### 使用说明 + +1. xxxx +2. xxxx +3. xxxx + +#### 参与贡献 + +1. Fork 本仓库 +2. 新建 Feat_xxx 分支 +3. 提交代码 +4. 新建 Pull Request + + +#### 特技 + +1. 使用 Readme\_XXX.md 来支持不同的语言,例如 Readme\_en.md, Readme\_zh.md +2. Gitee 官方博客 [blog.gitee.com](https://blog.gitee.com) +3. 你可以 [https://gitee.com/explore](https://gitee.com/explore) 这个地址来了解 Gitee 上的优秀开源项目 +4. [GVP](https://gitee.com/gvp) 全称是 Gitee 最有价值开源项目,是综合评定出的优秀开源项目 +5. Gitee 官方提供的使用手册 [https://gitee.com/help](https://gitee.com/help) +6. Gitee 封面人物是一档用来展示 Gitee 会员风采的栏目 [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/) diff --git a/plugins/aops-apollo/flows/execute_cve_scan.yaml b/plugins/aops-apollo/flows/execute_cve_scan.yaml new file mode 100644 index 0000000000000000000000000000000000000000..837527a44a198987f79bcf9f0ec88e87c7085b2f --- /dev/null +++ b/plugins/aops-apollo/flows/execute_cve_scan.yaml @@ -0,0 +1,10 @@ +name: execute_cve_scan +description: 对目标主机执行cve扫描;对目标主机执行漏洞扫描;扫描目标主机;主机ID可传入,没有声明主机ID的情况下 默认扫描所有主机 +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/host/scan + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/execute_task.yaml b/plugins/aops-apollo/flows/execute_task.yaml new file mode 100644 index 0000000000000000000000000000000000000000..8a00dc5f873f1fd83973c943549b62526c05e88f --- /dev/null +++ b/plugins/aops-apollo/flows/execute_task.yaml @@ -0,0 +1,10 @@ +name: execute_task +description: 执行任务,用户需要指定任务id +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/task/execute + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/generate_cve_fix_task.yaml b/plugins/aops-apollo/flows/generate_cve_fix_task.yaml new file mode 100644 index 0000000000000000000000000000000000000000..46eacec3b1270171df3114642fd2b9aa2136e43c --- /dev/null +++ b/plugins/aops-apollo/flows/generate_cve_fix_task.yaml @@ -0,0 +1,10 @@ +name: generate_cve_fix_task +description: 生成cve修复任务,任务信息,任务名称可以由用户指定,用户可以指定修复方式(热修复是:hotpatch,冷修复是:coldpatch)、受影响的软件包和可升级的软件包,传参传递主机id(host_id)而不是主机名(host_name);任务生成后,将生成的任务id返回给用户并通知用户需要执行生成的任务 +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/task/cve-fix/generate + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/generate_remove_hotpatch.yaml b/plugins/aops-apollo/flows/generate_remove_hotpatch.yaml new file mode 100644 index 0000000000000000000000000000000000000000..fdb4db2ebd633c5a2f324e0ee05fb0e226353002 --- /dev/null +++ b/plugins/aops-apollo/flows/generate_remove_hotpatch.yaml @@ -0,0 +1,10 @@ +name: generate_remove_hotpatch +description: 生成移除系统漏洞修复已生效的热补丁任务,待移除的热补丁信息通过/vulnerabilities/cve/list/get接口可查询任务信息,任务名称可以由用户指定;任务生成后将生成的任务id返回给用户并通知用户需要执行生成的任务 +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/task/hotpatch-remove/generate + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/generate_repo_set_task.yaml b/plugins/aops-apollo/flows/generate_repo_set_task.yaml new file mode 100644 index 0000000000000000000000000000000000000000..092f872e6e6b355df76e17af6f43a7083d2162d4 --- /dev/null +++ b/plugins/aops-apollo/flows/generate_repo_set_task.yaml @@ -0,0 +1,10 @@ +name: generate_repo_set_task +description: 生成设置repo源的任务,可以给目标主机添加指定repo源,该repo源需要在任务生成前已经被添加到aops系统的repo源列表中,任务名称可以由用户指定;生成任务后不代表设置repo成功,需要用户执行生成的任务 +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/task/repo/generate + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/generate_rollback_task.yaml b/plugins/aops-apollo/flows/generate_rollback_task.yaml new file mode 100644 index 0000000000000000000000000000000000000000..e385a76bac9a2209fecbd332b306a410ec0d28f8 --- /dev/null +++ b/plugins/aops-apollo/flows/generate_rollback_task.yaml @@ -0,0 +1,10 @@ +name: generate_rollback_task +description: 生成CVE回滚任务,传入的任务ID必须存在并且任务已经执行完成,否则任务生成失败,任务信息、任务名称用户可以自定义 +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/task/cve-rollback/generate + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/query_all_cve_info.yaml b/plugins/aops-apollo/flows/query_all_cve_info.yaml new file mode 100644 index 0000000000000000000000000000000000000000..b8556addbe44299578f230384faa977da5a9b0e4 --- /dev/null +++ b/plugins/aops-apollo/flows/query_all_cve_info.yaml @@ -0,0 +1,16 @@ +name: query_all_cve_info +description: 查看所有CVE(漏洞)信息| + 如果传入fixed参数为true,查询已修复的漏洞信息,传入fixed参数为false,查询未修复的漏洞信息。| + 查询结果用Markdown表格展示。输出结果必须包含以下文本内容:当前只展示了部分cve,具体详情在http://172.168.158.157/vulnerability/cves/cves-management查看 + +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/cve/list/get + next: end + - name: end + call_type: llm + params: + user_prompt: | + 查询api的返回值为{data},返回值中的data为cve信息。请将cve信息输出为markdown表格,并提示:当前只展示了部分cve,具体详情在http://172.168.158.157/vulnerability/cves/cves-management查看 diff --git a/plugins/aops-apollo/flows/query_all_host_info.yaml b/plugins/aops-apollo/flows/query_all_host_info.yaml new file mode 100644 index 0000000000000000000000000000000000000000..b1b6a4d418a82592d6e319db7b3444a70c32a984 --- /dev/null +++ b/plugins/aops-apollo/flows/query_all_host_info.yaml @@ -0,0 +1,10 @@ +name: query_all_host_info +description: 查看所有主机信息;不设置过滤条件查询所有主机列表,结果用表格展示,时间用yyyy-MM-dd HH:mm:ss格式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/host/list/get + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/query_all_task_info.yaml b/plugins/aops-apollo/flows/query_all_task_info.yaml new file mode 100644 index 0000000000000000000000000000000000000000..3119b4fa871be98cfeb62bc9a0f6d75ea75bc978 --- /dev/null +++ b/plugins/aops-apollo/flows/query_all_task_info.yaml @@ -0,0 +1,10 @@ +name: query_all_task_info +description: 查看所有任务基本信息或任务列表,结果用表格展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/task/list/get + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/query_cve_fix_packages.yaml b/plugins/aops-apollo/flows/query_cve_fix_packages.yaml new file mode 100644 index 0000000000000000000000000000000000000000..09a675b5c1cedcb2cf90ead4a27b3902b0444cad --- /dev/null +++ b/plugins/aops-apollo/flows/query_cve_fix_packages.yaml @@ -0,0 +1,10 @@ +name: query_cve_fix_packages +description: 查看已修复CVE ID的rpm包信息,用表格形式返回 +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/cve/fixed/packages/get + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/query_cve_host.yaml b/plugins/aops-apollo/flows/query_cve_host.yaml new file mode 100644 index 0000000000000000000000000000000000000000..920ac06d1e37f5cdebe54e53774df7820750243b --- /dev/null +++ b/plugins/aops-apollo/flows/query_cve_host.yaml @@ -0,0 +1,10 @@ +name: query_cve_host +description: 查看某个漏洞关联的主机信息,fixed为true查询已修复该漏洞(cve)的主机信息,fixed为false查询未修复该漏洞(cve)的主机信息,结果用表格展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/cve/host/get + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/query_cve_unfix_packages.yaml b/plugins/aops-apollo/flows/query_cve_unfix_packages.yaml new file mode 100644 index 0000000000000000000000000000000000000000..f5327592c79ed24b807770247334efa80841a484 --- /dev/null +++ b/plugins/aops-apollo/flows/query_cve_unfix_packages.yaml @@ -0,0 +1,10 @@ +name: query_cve_unfix_packages +description: 查看指定CVE ID 用于修复的rpm包信息,只用于查询CVE用于修复的rpm包信息,不适用执行cve修复任务,并用表格形式返回 +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/cve/unfixed/packages/get + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/query_host_cve_info.yaml b/plugins/aops-apollo/flows/query_host_cve_info.yaml new file mode 100644 index 0000000000000000000000000000000000000000..968c7e5a034d94886b01c5433626a4f6cb788784 --- /dev/null +++ b/plugins/aops-apollo/flows/query_host_cve_info.yaml @@ -0,0 +1,10 @@ +name: query_host_cve_info +description: 查看指定单个主机存在的漏洞(CVE)信息,并用Markdown表格展示。若返回结果中total_page字段的值大于1,则在输出的最后加入“目前只展示了部分CVE信息。其余CVE编号和信息,请去A-Ops CVE详情页面查看。” +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/host/cve/get + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/query_repo_list.yaml b/plugins/aops-apollo/flows/query_repo_list.yaml new file mode 100644 index 0000000000000000000000000000000000000000..efa1c69c47e1b2d63a56bcb4364d238330f8cca9 --- /dev/null +++ b/plugins/aops-apollo/flows/query_repo_list.yaml @@ -0,0 +1,10 @@ +name: query_repo_list +description: 查看当前aops系统存在的repo信息,结果用表格展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/repo/get + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/query_rpm_info_for_fix_task.yaml b/plugins/aops-apollo/flows/query_rpm_info_for_fix_task.yaml new file mode 100644 index 0000000000000000000000000000000000000000..9c7db9ca74dfb06f5e767327885e0c5270819ff5 --- /dev/null +++ b/plugins/aops-apollo/flows/query_rpm_info_for_fix_task.yaml @@ -0,0 +1,10 @@ +name: query_rpm_info_for_fix_task +description: 查看漏洞(CVE)修复任务中用于修复某CVE的软件包信息 +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/task/cve-fix/rpm/get + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/query_rpm_info_for_rollback_task.yaml b/plugins/aops-apollo/flows/query_rpm_info_for_rollback_task.yaml new file mode 100644 index 0000000000000000000000000000000000000000..3b580d0f82d31d9a4ed52458b15b583cf50f396a --- /dev/null +++ b/plugins/aops-apollo/flows/query_rpm_info_for_rollback_task.yaml @@ -0,0 +1,10 @@ +name: query_rpm_info_for_rollback_task +description: 查看回退任务中修复某CVE的软件包信息 +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/task/cve-rollback/info/get + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/query_specific_cve_info.yaml b/plugins/aops-apollo/flows/query_specific_cve_info.yaml new file mode 100644 index 0000000000000000000000000000000000000000..7a1ff0111fcec712a18c6454453fd4d4e48639e7 --- /dev/null +++ b/plugins/aops-apollo/flows/query_specific_cve_info.yaml @@ -0,0 +1,10 @@ +name: query_specific_cve_info +description: 查看指定CVE ID信息,结果用表格展示 +steps: + - name: start + call_type: api + params: + endpoint: GET /vulnerabilities/cve/info/get + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/query_specific_host_info.yaml b/plugins/aops-apollo/flows/query_specific_host_info.yaml new file mode 100644 index 0000000000000000000000000000000000000000..22172a67edbb8e73158a899f4c974d0952d4816e --- /dev/null +++ b/plugins/aops-apollo/flows/query_specific_host_info.yaml @@ -0,0 +1,10 @@ +name: query_specific_host_info +description: 查看指定主机信息,结果用表格展示 +steps: + - name: start + call_type: api + params: + endpoint: GET /vulnerabilities/host/info/get + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/query_task_detail_info.yaml b/plugins/aops-apollo/flows/query_task_detail_info.yaml new file mode 100644 index 0000000000000000000000000000000000000000..47674fb000899df6aaef3225c1d529d66a1e41df --- /dev/null +++ b/plugins/aops-apollo/flows/query_task_detail_info.yaml @@ -0,0 +1,43 @@ +name: query_task_detail_info +description: 查询任务的完整信息,用户必须指定需要查询的任务ID。 +steps: + - name: start + call_type: api + params: + endpoint: GET /vulnerabilities/task/info/get + next: flow_choice + - name: flow_choice + call_type: choice + params: + instruction: 返回值中task_type字段中包含哪种任务类型信息? + choices: + - step: query_cve_fix_task_info + description: 返回值的task_type为'cve fix'时,选择此项 + - step: query_repo_set_task_info + description: 返回值的task_type为'repo set'时,选择此项 + - step: query_hotpatch_remove_task_info + description: 返回值的task_type为'hotpatch remove'时,选择此项 + - step: query_rollback_task_info + description: 返回值的task_type为'cve rollback'时,选择此项 + - name: query_cve_fix_task_info + call_type: api + params: + endpoint: POST /vulnerabilities/task/cve-fix/info/get + next: end + - name: query_repo_set_task_info + call_type: api + params: + endpoint: POST /vulnerabilities/task/repo/info/get + next: end + - name: query_hotpatch_remove_task_info + call_type: api + params: + endpoint: POST /vulnerabilities/task/hotpatch-remove/info/get + next: end + - name: query_rollback_task_info + call_type: api + params: + endpoint: POST /vulnerabilities/task/cve-rollback/info/get + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/query_task_process.yaml b/plugins/aops-apollo/flows/query_task_process.yaml new file mode 100644 index 0000000000000000000000000000000000000000..1722480cd2802cf57d3d2e339268ca2ea643f950 --- /dev/null +++ b/plugins/aops-apollo/flows/query_task_process.yaml @@ -0,0 +1,10 @@ +name: query_task_process +description: 查看目标任务的执行进度 +steps: + - name: start + call_type: api + params: + endpoint: POST /vulnerabilities/task/progress/get + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/flows/query_task_report.yaml b/plugins/aops-apollo/flows/query_task_report.yaml new file mode 100644 index 0000000000000000000000000000000000000000..a0cda7cef50b0ffdc3970058be4a4d2c887129a9 --- /dev/null +++ b/plugins/aops-apollo/flows/query_task_report.yaml @@ -0,0 +1,43 @@ +name: query_task_report +description: 查询任务的执行报告或执行日志,必须指定需要查询的任务ID。 +steps: + - name: start + call_type: api + params: + endpoint: GET /vulnerabilities/task/info/get + next: flow_choice + - name: flow_choice + call_type: choice + params: + instruction: 返回值中task_type字段中包含哪种任务类型信息? + choices: + - step: query_cve_fix_task_report + description: 任务类型为 'cve fix'时,选择此项 + - step: query_repo_set_task_report + description: 任务类型为 'repo set'时,选择此项 + - step: query_hotpatch_remove_task_report + description: 任务类型为 'hotpatch remove'时,选择此项 + - step: query_rollback_task_report + description: 任务类型为 'cve rollback'时,选择此项 + - name: query_cve_fix_task_report + call_type: api + params: + endpoint: POST /vulnerabilities/task/cve-fix/result/get + next: end + - name: query_repo_set_task_report + call_type: api + params: + endpoint: POST /vulnerabilities/task/repo/result/get + next: end + - name: query_hotpatch_remove_task_report + call_type: api + params: + endpoint: POST /vulnerabilities/task/hotpatch-remove/result/get + next: end + - name: query_rollback_task_report + call_type: api + params: + endpoint: POST /vulnerabilities/task/cve-rollback/result/get + next: end + - name: end + call_type: none diff --git a/plugins/aops-apollo/openapi.yaml b/plugins/aops-apollo/openapi.yaml new file mode 100644 index 0000000000000000000000000000000000000000..718a07fd6834720fb59b63ad00c28985c71068aa --- /dev/null +++ b/plugins/aops-apollo/openapi.yaml @@ -0,0 +1,3046 @@ +openapi: 3.0.1 +info: + title: 漏洞管理软件包接口 + description: 漏洞管理软件包接口 + version: 2.0.0 +servers: + - url: http://116.63.164.87 +paths: + /vulnerabilities/repo/import: + post: + description: 向当前集群新增repo源信息 + requestBody: + description: 需要设置的repo源信息 + content: + application/json: + schema: + $ref: "#/components/schemas/RepoImportReq" + required: true + responses: + "200": + description: "http状态码,200表示正常返回" + content: + application/json: + schema: + $ref: "#/components/schemas/GeneralRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/repo/get: + post: + description: 查询数据库中的repo源信息 + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/RepoGetReq" + required: true + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/RepoGetRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/repo/delete: + delete: + summary: 删除repo源 + description: 根据传入的repo ID,删除对应repo源信息,如果被删除的repo id在使用中则不能删除。 + parameters: + - name: repo_id_list + in: query + style: deepObject + schema: + description: "repo id列表,非空" + minItems: 1 + type: array + items: + type: string + example: ["repo-id-1", "repo-id-2"] + required: true + responses: + "200": + description: "成功响应状态码,非200状态码视为异常状态码" + content: + application/json: + schema: + $ref: "#/components/schemas/RepoDeleteRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /repo/update: + post: + summary: 更新repo源 + description: 更新指定repo源内容 + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/RepoImportReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/GeneralRsp" + deprecated: true + x-codegen-request-body-name: param + /vulnerabilities/repo/template/get: + get: + description: "获取repo模板文件,文件内容为repo源示例信息" + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/GetRepoTemplateRsp" + /vulnerabilities/cve/overview: + get: + description: 统计当前用户可访问的主机上的所有CVE,并按照CVE等级进行统计,用于web界面饼图渲染 + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryOverviewRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/cve/list/get: + post: + description: 获取CVE列表,获取所有有权限访问的主机的CVE列表 + requestBody: + description: 查询条件 + content: + application/json: + schema: + $ref: "#/components/schemas/QueryCveListReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryCveListRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/cves/recommended: + get: + summary: 获取推荐修复cve汇总 + description: 查询输入CVE的筛选条件,包括集群id:cluster_id,cve安全等级:severity,cve最小分数:min_score,cve最大分数:max_score,是否含有热补丁:hot_patch + parameters: + - name: fixed + in: query + description: cve是否修复 + schema: + type: boolean + required: true + - name: cluster_id + in: query + description: cve所在集群的集群id + schema: + type: string + required: false + - name: min_score + in: query + description: cve最小分数 + schema: + type: integer + required: false + - name: max_score + in: query + description: cve最大分数 + schema: + type: integer + required: false + - name: hot_patch + in: query + description: 是否含有热补丁 + schema: + type: boolean + required: false + responses: + "200": + description: "http状态码信息" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryCvesRecommendedRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/cve/info/get: + get: + summary: 获取某CVE详细信息 + description: 查询输入CVE的详细信息,包括CVE公开时间,等级,CVSS评分,影响的软件包信息 + parameters: + - name: cve_id + in: query + description: 需要查询的CVE ID + schema: + type: string + example: CVE-2022-44033 + minLength: 1 + maxLength: 20 + required: true + responses: + "200": + description: "http状态码信息" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryCveInfoRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/cve/host/get: + post: + summary: 获取存在特定 CVE 漏洞的所有主机相关详细信息 + description: 获取存在特定 CVE 漏洞的所有主机相关详细信息 + requestBody: + description: 查询条件 + content: + application/json: + schema: + $ref: "#/components/schemas/QueryCveHostReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryCveHostRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/cve/task/host/get: + post: + summary: "获取多个cve对应的主机基本信息(id, ip, name)" + description: "获取多个cve对应的主机基本信息(id, ip, name)" + requestBody: + description: cve id 列表,不为空 + content: + application/json: + schema: + $ref: "#/components/schemas/QueryCveTaskHostReq" + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryCveTaskHostRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/cve/advisory/upload: + post: + description: 安全公告导入,用于解析openeuler官网发布安全公告信息中 受版本影响的CVE信息 + requestBody: + content: + multipart/form-data: + schema: + type: object + properties: + file: + type: string + format: binary + responses: + "200": + description: "" + content: + multipart/form-data: + schema: + $ref: "#/components/schemas/GeneralRsp" + "400": + description: "" + content: + multipart/form-data: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/cve/unaffected/upload: + post: + description: 安全公告导入,用于解析openeuler官网发布安全公告信息中 不受版本影响的CVE信息 + requestBody: + content: + multipart/form-data: + schema: + type: object + properties: + file: + type: string + format: binary + responses: + "200": + description: "" + content: + multipart/form-data: + schema: + $ref: "#/components/schemas/GeneralRsp" + "400": + description: "" + content: + multipart/form-data: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/cve/info/export: + post: + summary: 导出cve信息 + description: "以csv文件格式导出选中主机的cve统计信息" + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/ExportCveReq" + required: true + responses: + "200": + description: "" + content: + application/json: + schema: + type: string + format: binary + /vulnerabilities/cve/unfixed/packages/get: + post: + summary: 查询未修复CVE的关联软件包信息 + description: 查询未修复CVE的关联软件包信息 + requestBody: + description: CVE信息与主机ID列表 + content: + application/json: + schema: + $ref: "#/components/schemas/QueryUnfixedPackagesReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryUnfixedPackagesRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/cve/fixed/packages/get: + post: + summary: 查询已修复CVE的关联软件包信息 + description: 查询已修复CVE的关联软件包信息 + requestBody: + description: CVE信息与主机ID列表 + content: + application/json: + schema: + $ref: "#/components/schemas/QueryUnfixedPackagesReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryFixedPackagesRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/cve/packages/host/get: + post: + summary: 查询未修复CVE的关联软件包关联的主机数 + description: 查询未修复CVE的关联软件包关联的主机数 + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/QueryCvePackagesHostReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryCvePackagesHostRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/host/status/get: + post: + summary: 查询主机的扫描状态 + description: 查询状态为扫描状态的主机 + requestBody: + description: 主机id数组,数组为空表示查询所有主机 + content: + application/json: + schema: + $ref: "#/components/schemas/QueryHostStatusReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryHostScanStatusRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/host/list/get: + post: + summary: 获取主机列表 + description: 获取主机列表,支持主机名称检索,集群过滤,主机组过滤;查询结果分页返回 + requestBody: + description: 查询条件 + content: + application/json: + schema: + $ref: "#/components/schemas/QueryHostListReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryHostListRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/host/info/get: + get: + summary: 获取主机的详细信息 + description: 获取主机的详细信息,包括主机组,已修复与未修复的数量,上次漏洞扫描时间,重启后内核是否回变动等信息 + parameters: + - name: host_id + in: query + description: 主机ID + schema: + type: string + example: 3 + minLength: 1 + maxLength: 36 + required: true + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryHostInfoRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/host/cve/get: + post: + summary: 获取指定主机的详细cve信息 + description: 获取指定主机的详细cve信息,默认情况下查询受影响的CVE信息,支持CVE ID与CVE ID对应的二进制软件包包名过滤,支持通过CVE严重等级进行筛选 + requestBody: + description: 查询条件 + content: + application/json: + schema: + $ref: "#/components/schemas/QueryHostCveInfoReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryHostCveInfoRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/host/scan: + post: + summary: 扫描主机cve信息, + description: 扫描主机漏洞信息,对输入的主机生成CVE扫描任务并执行 + requestBody: + description: 主机id列表,为空表示所有 + content: + application/json: + schema: + $ref: "#/components/schemas/ScanHostReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/GeneralRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/task/list/get: + post: + summary: 获取任务列表 + description: 获取任务的列表,分页返回任务的基本信息;支持任务名称检索,通过任务类型筛选 + requestBody: + description: 查询条件 + content: + application/json: + schema: + $ref: "#/components/schemas/QueryTaskListReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryTaskListRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/task/progress/get: + post: + summary: 获取任务的最新进度 + description: 获取任务的执行进度,任务涉及主机的执行情况,哪些在执行中,那些已经执行完成,哪些执行失败 + requestBody: + description: "任务ID列表,非空" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryTaskProgressReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryTaskProgressRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/task/info/get: + get: + summary: 获取任务的基础信息 + description: 获取任务的基础信息 + parameters: + - name: task_id + in: query + description: 任务ID + schema: + type: string + example: 6e3a6122ec0611eeb4a35254001a9e0d + minLength: 1 + maxLength: 32 + required: true + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryTaskInfoRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/task/cve-fix/generate: + post: + summary: 生成漏洞修复任务 + description: 生成漏洞修复任务,任务名称,任务描述可以修改;其中热补丁与冷补丁单独生成任务;任务生成后不会自动执行, 需要手动触发; + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/GenerateCveTaskReq" + required: true + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/GenerateCveTaskRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/task/cve-fix/info/get: + post: + summary: 获取cve修复任务的详细信息 + description: 获取cve修复任务的详细信息 + requestBody: + description: 查询条件 + content: + application/json: + schema: + $ref: "#/components/schemas/QueryCveFixTaskInfoReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryCveFixTaskInfoRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/task/cve-fix/result/get: + post: + summary: 获取cve修复任务的最新结果 + description: 获取cve修复任务的任务执行报告,报告内容包括执行结果与远程执行日志信息 + requestBody: + description: 任务ID与CVE列表 + content: + application/json: + schema: + $ref: "#/components/schemas/QueryCveTaskResultReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryCveTaskResultRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/task/repo/generate: + post: + summary: 创建设置指定主机的update repo源的任务 + description: 创建设置repo源的任务,根据传入的REPO ID和主机 生成为每个主机设置指定repo源的任务,接口调用成功后返回任务ID信息;其中任务的描述信息和任务名称可以修改 + requestBody: + description: 任务信息 + content: + application/json: + schema: + $ref: "#/components/schemas/GenerateUpdateRepoTaskReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/GenerateUpdateRepoTaskRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/task/repo/info/get: + post: + summary: 获取repo设置任务的详细信息 + description: 获取repo设置任务的详细信息,包括任务名称,任务描述,涉及主机数量,上次执行时间,关联集群信息 + requestBody: + description: 查询条件 + content: + application/json: + schema: + $ref: "#/components/schemas/QueryRepoSetTaskInfoReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryRepoSetTaskInfoRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/task/repo/result/get: + post: + summary: 获取repo设置任务的执行报告 + description: 获取repo设置任务的执行报告 + requestBody: + description: 任务ID与主机ID列表 + content: + application/json: + schema: + $ref: "#/components/schemas/QueryRepoSetTaskResultReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/QueryRepoSetTaskResultRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/task/execute: + post: + summary: 执行任务 + dangerous: True + description: 执行任务;入参结构体的key值为任务ID对应的集群ID,即执行某个集群的某个任务ID + requestBody: + description: 任务ID + content: + application/json: + schema: + $ref: "#/components/schemas/ExecuteTaskReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/GeneralRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/task/delete: + delete: + summary: 删除任务 + description: 删除传入的任务 + parameters: + - name: task_list + in: query + description: 任务列表 + content: + application/json: + schema: + $ref: "#/components/schemas/DeleteTaskReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/DeleteTaskRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/task/cve-fix/rpm/get: + post: + summary: CVE修复任务RPM包信息查询 + description: CVE修复任务RPM包信息查询 + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/CveFixTaskRpmInfoQueryReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/CveFixTaskRpmInfoQueryRsp" + /vulnerabilities/task/cve-rollback/generate: + post: + summary: 生成漏洞回滚任务 + description: 生成漏洞回滚任务; + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/GenerateRollbackTaskReq" + required: true + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/GenerateRollbackTaskRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/task/cve-rollback/result/get: + post: + summary: CVE 回滚任务报告查询 + description: CVE 回滚任务报告查询 + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/CveRollbackTaskResultReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/CveRollbackTaskResultRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/task/cve-rollback/info/get: + post: + summary: CVE 回滚任务信息查询 + description: CVE 回滚任务信息查询 + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/CveRollbackTaskInfoQueryReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/CveRollbackTaskInfoQueryRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/task/cve-rollback/rpm/get: + post: + summary: CVE回滚任务rpm信息包查询 + description: CVE回滚任务rpm包信息查询 + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/CveRollbackRpmInfoQueryReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/CveRollbackRpmInfoQueryRsp" + "400": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorRsp" + /vulnerabilities/task/hotpatch-remove/generate: + post: + summary: 生成热补丁移除任务 + description: 生成热补丁移除任务。 + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/GenerateHotpatchRemoveTaskReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/GenerateHotpatchRemoveTaskRsp" + /vulnerabilities/task/hotpatch-remove/info/get: + post: + summary: 热补丁移除任务信息查询 + description: 热补丁移除任务信息查询 + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/HotpatchRemoveTaskInfoQueryReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/HotpatchRemoveTaskInfoQueryRsp" + /vulnerabilities/task/hotpatch-remove/result/get: + post: + summary: 热补丁移除任务报告查询 + description: 热补丁移除任务报告查询,返回此任务主机的执行结果以及执行日志 + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/HotpatchRemoveTaskResultQueryReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/HotpatchRemoveTaskResultQueryRsp" + /vulnerabilities/task/hotpatch-remove/status/get: + post: + summary: 热补丁移除任务-CVE关联主机信息查询 + description: 热补丁移除任务-CVE关联主机信息查询 + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/HotpatchRemoveTaskCveHostInfoQueryReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/HotpatchRemoveTaskCveHostInfoQueryRsp" + /vulnerabilities/task/hotpatch-remove/progress/get: + post: + summary: 热补丁移除任务-任务执行进度查询 + description: 热补丁移除任务-任务执行进度查询 + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/HotpatchRemoveTaskProcessQueryReq" + required: false + responses: + "200": + description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/HotpatchRemoveTaskProcessQueryRsp" +components: + schemas: + GetRepoTemplateRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + result: + type: string + DeleteTaskReq: + properties: + task_list: + type: array + description: 任务id列表 + items: + type: string + DeleteTaskRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + running_task: + type: array + items: + type: string + ExecuteTaskReq: + description: 指定某个集群的某个ID + type: object + required: + - task_id + properties: + task_id: + type: string + description: 任务id + minLength: 1 + maxLength: 32 + QueryRepoSetTaskResultReq: + required: + - task_id + type: object + properties: + task_id: + type: string + minLength: 1 + maxLength: 32 + QueryRepoSetTaskResultRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: array + items: + type: object + properties: + host_id: + type: integer + task_id: + type: string + task_type: + type: string + latest_execute_time: + type: integer + task_result: + type: array + items: + type: object + properties: + host_id: + type: string + host_name: + type: string + host_ip: + type: string + status: + type: string + check_items: + $ref: "#/components/schemas/CheckItemResultStruct" + log: + type: string + repo: + type: string + QueryRepoSetTaskInfoReq: + required: + - task_id + type: object + properties: + task_id: + type: string + description: 需要查询的任务ID + minLength: 1 + maxLength: 32 + filter: + type: object + properties: + host_name: + type: string + description: 需要检索的主机名 + minLength: 1 + maxLength: 50 + status: + type: array + items: + type: string + description: 该任务在目标主机的执行状态 + enum: + - succeed + - fail + - running + - unknown + + + QueryRepoSetTaskInfoRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + total_count: + type: integer + total_page: + type: integer + result: + type: array + items: + type: object + properties: + host_id: + type: string + host_name: + type: string + host_ip: + type: string + repo_name: + type: string + status: + type: string + GenerateUpdateRepoTaskReq: + required: + - description + - host_list + - repo_id + - task_name + type: object + properties: + task_name: + type: string + description: 任务名称 + minLength: 1 + maxLength: 20 + description: + type: string + description: 任务描述 + minLength: 1 + maxLength: 100 + repo_id: + description: 需要设置的repo源的repo id,用于判断给主机设置哪个repo + type: string + minLength: 1 + maxLength: 36 + host_list: + type: array + items: + type: string + description: 需要设置的主机ID列表,原则上主机ID列表与设置的repo存在于同一个集群中 + minLength: 1 + maxLength: 36 + GenerateUpdateRepoTaskRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + task_id: + type: string + QueryCveTaskResultReq: + type: object + required: + - task_id + properties: + task_id: + type: string + minLength: 1 + maxLength: 32 + QueryCveTaskResultRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: array + items: + type: object + allOf: + - $ref: "#/components/schemas/CallbackTaskBaseProperties" + - type: object + properties: + last_execution_time: + type: integer + task_type: + type: string + default: cve fix + task_result: + type: array + items: + type: object + properties: + timed: + type: boolean + rpms: + $ref: "#/components/schemas/RpmFixResult" + check_items: + $ref: "#/components/schemas/CheckItemResultStruct" + + QueryCveFixTaskInfoReq: + required: + - task_id + type: object + properties: + task_id: + type: string + description: 任务ID + minLength: 1 + maxLength: 32 + page: + type: integer + description: 当前页码 + example: 1 + minimum: 1 + maximum: 999999 + per_page: + type: integer + description: "每页数量,最大值50" + example: 10 + minimum: 1 + maximum: 999 +# filter: +# type: object +# properties: +# search_key: +# type: string +# description: 检索字段 +# minLength: 1 +# maxLength: 50 +# status: +# type: array +# description: 任务的执行状态列表 +# example: +# - fail +# - succeed +# - running +# - unknown +# items: +# type: string +# description: 任务执行状态 +# enum: +# - succeed +# - fail +# - running +# - unknown + QueryCveFixTaskInfoRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + total_count: + type: integer + total_page: + type: integer + result: + type: array + items: + type: object + properties: + cve_num: + type: integer + example: 12 + host_id: + type: integer + host_ip: + type: string + example: 127.0.0.1 + host_name: + type: string + example: Test_Host + status: + type: string + example: unknown + GenerateCveTaskReq: + required: + - description + - info + - task_name + - takeover + - accepted + type: object + properties: + task_name: + type: string + description: 任务名称,此字段用户可以自定义输入 + minLength: 1 + maxLength: 20 + description: + type: string + description: 任务描述信息,此字段用户可以自定义输入 + minLength: 1 + maxLength: 100 + accepted: + type: boolean + description: 默认为False,此字段适用热补丁修复,表示热补丁修复后设置热补丁的状态为accepted状态;当主机应用此补丁并设置accepted状态后,机器重启后会自动激活该补丁 + default: false + enum: + - true + - false + check_items: + type: array + description: 预设检查项,预留字段 + items: + type: string + minLength: 1 + maxLength: 32 + takeover: + type: boolean + description: 默认值为false + default: false + enum: + - true + - false + info: + type: array + description: 需要修复的主机与cve的信息 + minItems: 1 + items: + type: object + required: + - cve_id + - host_info + properties: + cve_id: + type: string + description: cveid编号 + minLength: 1 + maxLength: 20 + host_info: + type: array + minItems: 1 + items: + type: object + required: + - host_id + properties: + host_id: + type: string + description: 需要修复的主机ID,host_id + minLength: 1 + maxLength: 36 + rpms: + type: array + description: 可选参数,指定方式修复cve,未指定则不传 + default: [] + items: + required: + - available_rpm + - fix_way + - installed_rpm + type: object + properties: + installed_rpm: + type: string + description: 可选参数,当前主机被CVE影响的软件包 + minLength: 1 + maxLength: 100 + available_rpm: + type: string + description: 可选参数,可升级的软件包,修复展示CVE ID的漏洞问题 + minLength: 1 + maxLength: 100 + fix_way: + type: string + description: 可选参数,软件包的修复方式(hotpatch/coldpatch) + minLength: 1 + maxLength: 20 + enum: + - hotpatch + - coldpatch + GenerateCveTaskRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: array + items: + type: object + properties: + task_id: + type: string + description: 任务ID + fix_way: + type: string + description: 修复任务类型 + enum: + - hotpatch + - coldpatch + + QueryTaskInfoRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + task_name: + type: string + description: 任务名称 + description: + type: string + description: 任务的描述信息 + host_num: + type: integer + description: 此任务涉及主机数量 + latest_execute_time: + type: integer + description: 任务上次执行的时间 + takerover: + type: boolean + accept: + type: boolean + description: 此项仅在热补丁修复的任务下有效,为True的情况下,当热补丁修复成功时,会将应用的热补丁的状态设置为accepted,表示机器重启后会自动激活此补丁. + cluster_id: + type: string + description: 集群ID + cluster_name: + type: string + description: 集群名称 + task_type: + type: string + description: 任务类型 + + QueryTaskProgressReq: + type: object + required: + - task_list + properties: + task_list: + type: array + description: 任务id列表,不为空 + items: + type: string + description: 任务ID + minLength: 1 + maxLength: 32 + minItems: 1 + QueryTaskProgressRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: array + items: + type: object + properties: + task_id: + type: string + cluster_id: + type: string + succeed: + description: 值为1表示执行成功 + type: integer + fail: + description: 值为1表示执行失败 + type: integer + running: + description: 值为1表示执行中 + type: integer + unknown: + description: 值为1表示状态未知 + type: integer + QueryTaskListReq: + type: object + properties: + sort: + type: string + description: "可选host_num、create_time,不传入该字段的时候默认create_time" + enum: + - host_num + - create_time + direction: + type: string + description: 升序(asc),降序(desc),默认:desc + default: desc + enum: + - asc + - desc + page: + type: integer + description: 当前页码 + example: 1 + minimum: 1 + maximum: 999999 + per_page: + type: integer + description: "每页数量" + example: 10 + minimum: 1 + maximum: 999 + filter: + type: object + description: 可选参数,过滤条件 + properties: + task_name: + type: string + description: 任务名 + minLength: 1 + maxLength: 20 + task_type: + type: array + description: 任务类型,可选cve scan、cve fix、repo set、hotpatch remove + items: + type: string + enum: + - cve scan + - cve fix + - repo set + - hotpatch remove + cluster_list: + description: 集群列表 + type: array + items: + type: string + minLength: 1 + maxLength: 36 + QueryTaskListRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + total_count: + type: integer + total_page: + type: integer + result: + type: array + items: + type: object + properties: + task_id: + type: string + task_name: + type: string + task_type: + type: string + description: + type: string + host_num: + type: integer + create_time: + type: integer + cluster_id: + type: string + cluster_name: + type: string + QueryHostCveInfoReq: + required: + - host_id + type: object + properties: + host_id: + type: string + minLength: 1 + maxLength: 36 + cluster_id: + type: string + sort: + type: string + description: 可选publish_time、cvss_score + enum: + - publish_time + - cvss_score + direction: + type: string + description: 升序(asc),降序(desc),默认:asc + default: asc + enum: + - asc + - desc + page: + type: integer + description: 当前页码 + example: 1 + minimum: 1 + maximum: 999999 + per_page: + type: integer + description: "每页数量" + example: 10 + minimum: 1 + maximum: 999 + filter: + type: object + properties: + search_key: + type: string + example: CVE + severity: + type: array + items: + type: string + enum: + - Critical + - High + - Medium + - Low + - Unknown + affected: + type: boolean + description: 默认为True + default: true + fixed: + type: boolean + QueryCveTaskHostReq: + type: object + properties: + fixed: + type: boolean + description: 用于判断查询已修复的CVE还是未修复的CVE + enum: + - true + - false + default: false + cve_list: + type: array + items: + type: object + properties: + cve_id: + type: string + description: CVE ID信息 + rpms: + type: array + description: CVE关联的RPM信息,可能存在多个不同软件或者不同版本的软件存在同一个CVE的情况 + items: + type: object + properties: + available_rpm: + type: string + description: 可安装的软件包信息 + fix_way: + type: string + enum: + - coldpatch + - hotpatch + installed_rpm: + type: string + description: 当前系统已经安装的软件包信息,存在漏洞的软件包信息 + QueryHostCveInfoRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + total_count: + type: integer + total_page: + type: integer + result: + type: array + items: + type: object + properties: + cve_id: + type: string + publish_time: + type: string + severity: + type: string + description: + type: string + cvss_score: + type: string + status: + type: string + QueryHostInfoRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + result: + type: object + properties: + host_name: + type: string + host_ip: + type: string + host_group: + type: string + repo: + type: string + affected_cve_num: + type: integer + unaffected_cve_num: + type: integer + fixed_cve_num: + type: integer + last_scan: + type: timestamp + reboot: + type: boolean + cluster_id: + type: string + QueryHostListReq: + type: object + required: + - page + - per_page + properties: + sort: + type: string + description: 排序依据, 可选last_scan、cve_num + enum: + - last_scan + - cve_num + direction: + type: string + description: 排序方式,升序(asc),降序(desc),默认:asc + default: asc + enum: + - asc + - desc + page: + type: integer + description: 当前页码 + example: 1 + minimum: 1 + maximum: 999999 + per_page: + type: integer + description: "每页数量" + example: 10 + minimum: 1 + maximum: 999 + filter: + type: object + description: 可选参数,查询主机过滤条件,未指定过滤条件则不传 + properties: + host_name: + type: string + description: 可选参数,主机名,输入主机名进行模糊搜索,未指定则不传 + minLength: 1 + maxLength: 50 + host_group_ids: + type: array + items: + type: string + description: 可选参数,主机组 id,输入主机组ID进行搜索,未指定则不传 + example: aops + minLength: 1 + maxLength: 36 + repo: + type: array + items: + type: string + description: 可选参数,主机设置的repo ID,未指定则不传 + example: aops + minLength: 1 + maxLength: 36 + cluster_list: + type: array + items: + type: string + minLength: 1 + maxLength: 36 + description: 可选参数,集群ID列表,未指定则不传 + QueryHostListRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + total_count: + type: integer + description: 所有主机数量 + total_page: + type: integer + description: 分页查询总页数 + result: + type: array + items: + type: object + properties: + host_id: + type: string + description: 主机ID + host_name: + type: string + description: 主机名称 + host_ip: + type: string + description: 主机IP + host_group_id: + type: string + description: 主机所在主机组ID + host_group_name: + type: string + description: 主机所在主机组名称 + repo_id: + type: string + description: 主机已设置的rpm repoid + repo_name: + type: string + description: 主机已设置的rpm repo名 + unfixed_cve_num: + type: integer + description: 未修复CVE(漏洞)数量 + fixed_cve_num: + type: integer + description: 已修复CVE(漏洞)数量 + last_scan: + type: timestamp + description: 上次执行CVE扫描(漏洞扫描)的时间,用yyyy-MM-dd HH:mm:ss格式展示 + cluster_id: + type: string + description: 主机所在集群ID + cluster_name: + type: string + description: 主机所在集群名称 + QueryHostStatusReq: + type: object + properties: + host_list: + type: array + description: 主机id数组,数组为空表示查询所有主机 + items: + type: string + minLength: 1 + maxLength: 36 + example: [] + + ScanHostReq: + type: object + required: + - host_list + properties: + host_list: + type: array + default: [] + description: 主机id列表,为空表示所有 + items: + type: string + minLength: 1 + maxLength: 36 + filter: + description: 可选参数,过滤条件 + type: object + properties: + host_name: + description: 可选参数,主机名 + type: string + minLength: 1 + host_group: + description: 可选参数,主机所在的主机组 + type: array + items: + type: string + minLength: 1 + repo: + description: 可选参数,主机设置的rpm repo + type: array + items: + type: string +# status: +# description: 主机状态 +# type: array +# items: +# type: string +# enum: +# - scanning +# - done +# + QueryHostScanStatusRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: array + items: + type: object + properties: + host_id: + type: integer + cluster_id: + type: string + status: + type: integer + + QueryCveTaskHostRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + additionalProperties: + type: object + properties: + hosts: + type: array + items: + type: object + properties: + host_id: + type: integer + host_name: + type: string + host_ip: + type: string + cluster_id: + type: string + cluster_name: + type: string + package: + type: string + description: "cve的相关主机的基本信息, key为CVE ID" + QueryCveHostReq: + required: + - cve_id + type: object + properties: + cve_id: + type: string + description: cve_id + minLength: 1 + maxLength: 20 + sort: + type: string + description: 查询结果根据该字段进行排序,可选last_scan + enum: + - last_scan + direction: + type: string + description: 升序(asc),降序(desc),默认:asc + default: asc + enum: + - asc + - desc + page: + type: integer + description: 当前页码 + example: 1 + minimum: 1 + maximum: 999999 + per_page: + type: integer + description: "每页数量,最大值50" + example: 10 + minimum: 1 + maximum: 999 + filter: + required: + - fixed + type: object + properties: + host_name: + type: string + description: 可选参数,主机名,可模糊搜索 + minLength: 1 + host_group_ids: + type: array + minItems: 0 + description: 主机组id list + example: + - group1 + - group2 + items: + type: string + fixed: + type: boolean + description: 用于标识查询的主机是已经修复该漏洞的主机还是未修复该漏洞的主机,如果是true,标识查询已经修复的主机,如果是false,标识查询未修复该漏洞的主机 + enum: + - false + - true + repo: + type: array + minItems: 0 + example: + - repo1 + - repo2 + items: + type: string + minLength: 1 + cluster_list: + description: 集群列表信息,为空表示所有 + type: array + minItems: 0 + items: + type: string + minLength: 1 + maxLength: 36 + example: + - cluster_id_1 + - cluster_id_2 + QueryCveHostRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + total_count: + type: integer + description: 总数 + total_page: + type: integer + description: 总页数 + result: + type: array + description: CVE信息 + items: + type: object + properties: + host_id: + description: 主机id + type: string + host_name: + description: 主机名 + type: string + host_ip: + description: 主机ip + type: string + example: 127.0.0.1 + host_group: + description: 主机组名 + type: string + example: group_name + repo: + description: 主机repo名 + type: string + example: repo_name + last_scan: + description: 上次扫描时间 + type: timestamp + example: 1704308400 + cluster_id: + type: string + description: 集群ID + cluster_name: + type: string + description: 集群名称 + QueryCvesRecommendedRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + cluster_cve_num: + type: array + items: + type: object + properties: + cluster_id: + description: 集群id + type: string + cluster_name: + description: 集群名 + type: string + cve_num: + type: integer + description: cve数量 + hot_patch_num: + description: 热补丁数量 + type: string + packages: + type: array + description: 包含的软件包 + items: + type: string + severity_proportion: + type: array + description: cve安全等级占比 + items: + type: object + properties: + num: + description: cve数量 + type: integer + severity: + description: cve安全等级 + type: string + + QueryCveInfoRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + result: + type: object + properties: + cve_id: + description: cve id + type: string + example: CVE-2022-44033 + publish_time: + description: cve发布时间 + type: string + example: 2023-11-03 + severity: + type: string + example: Medium + description: 严重性等级,与CVSS评分对应。 + description: + description: cve描述 + type: string + cvss_score: + type: string + example: "6.4" + description: cve漏洞评分,用于评估漏洞风险程度.分数越高,则对应漏洞风险越大 + related_cve: + type: array + description: 关联的cve + items: + type: string + example: CVE-2022-45884 + package: + type: array + items: + type: object + properties: + os_version: + description: 受此漏洞cve影响的操作系统版本 + type: string + example: openEuler-20.03-LTS-SP1 + package: + type: string + example: kernel + description: 此漏洞影响的软件包 + QueryCveListReq: + type: object + required: + - page + - per_page + properties: + sort: + type: string + description: 可选cve_id、publish_time、cvss_score、host_num,cve_id为CVE编号,publish_time指漏洞公开的时间,cvss_score分数用于评估漏洞风险程度.分数越高,则对应漏洞风险越大,host_num为主机数量 + example: cve_id + default: cvss_score + enum: + - cve_id + - publish_time + - cvss_score + - host_num + direction: + type: string + description: 升序(asc),降序(desc),默认:desc + default: desc + enum: + - asc + - desc + page: + type: integer + description: 当前页码 + example: 1 + default: 1 + minimum: 1 + maximum: 999999 + per_page: + type: integer + description: "每页数量" + example: 10 + default: 5 + pattern: "5" + minimum: 1 + maximum: 999 + filter: + required: + - fixed + type: object + properties: + search_key: + type: string + description: "可模糊搜索,CVE ID或者软件包名, 传入此字段时必须携带有效值,或者不传入" + example: CVE-2022-34378 + minLength: 1 + maxLength: 40 + severity: + type: array + minItems: 0 + description: cve严重等级 + items: + type: string + enum: + - "Critical" + - "High" + - "Medium" + - "Low" + - "Unknown" + affected: + type: boolean + description: 该字段表示查询的CVE是否为受影响的CVE,默认为True + default: true + enum: + - true + - false + fixed: + type: boolean + default: false + enum: + - true + - false + description: 该字段用于区分查询已修复CVE还是未修复的CVE,false表示未修复,true表示已修复 + QueryCveListRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + total_count: + type: integer + description: 总数 + total_page: + type: integer + description: 总页数,total_page > 1 提示用户目前只展示了部分cve,其余cve请去cve页面查看 + result: + type: array + description: CVE信息 + items: + type: object + properties: + cve_id: + description: cve id + type: string + example: CVE-2022-44033 + publish_time: + description: cve 发布时间 + type: string + example: 2023-11-03 + severity: + description: cve 严重等级 + type: string + example: Medium + description: + description: cve描述,不需要翻译 + type: string + example: An issue was discovered in the Linux kernel... + cvss_score: + description: cve评分 + type: string + example: "6.4" + hosts_num: + description: 主机数 + type: integer + package: + description: 受影响的软件包 + type: string + example: kernel + QueryOverviewRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + result: + type: object + properties: + critical: + type: integer + high: + type: integer + medium: + type: integer + low: + type: integer + unknown: + type: integer + format: int32 + RepoDeleteRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + succeed_list: + type: array + items: + type: string + fail_list: + type: array + items: + type: string + RepoGetReq: + required: + - repo_id_list + type: object + properties: + repo_id_list: + default: [] + description: 查询的repo id 列表 + minItems: 0 + type: array + items: + type: string + minLength: 1 + maxLength: 36 + example: repo_id + RepoGetRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + result: + type: array + items: + $ref: "#/components/schemas/RepoData" + RepoImportReq: + required: + - repo_data + - repo_name + type: object + properties: + repo_name: + type: string + description: repo名字 + minLength: 1 + maxLength: 20 + repo_data: + type: string + description: repo内容 + minLength: 1 + maxLength: 512 + RepoData: + type: object + properties: + repo_id: + type: string + description: Repo id + repo_name: + type: string + repo_data: + type: string + repo_attr: + type: string + description: os版本 + cluster_id: + type: string + description: 集群id + cluster_name: + type: string + description: 集群名称 + GeneralRsp: + required: + - code + - label + - message + type: object + properties: + code: + maxLength: 36 + minLength: 8 + type: string + description: 业务状态码,200表示正常处理并返回,其它状态码参考message或label字段值 + example: "200" + message: + maxLength: 512 + minLength: 2 + type: string + description: 报错描述信息,简短描述 + example: operation succeed + label: + maxLength: 512 + minLength: 2 + type: string + description: 状态码对应的含义 + example: Succeed + description: 通用返回信息 + ErrorRsp: + required: + - code + - label + - msg + type: object + properties: + code: + maxLength: 36 + minLength: 8 + type: string + description: 错误码 + msg: + maxLength: 512 + minLength: 2 + type: string + description: 错误描述 + label: + maxLength: 512 + minLength: 2 + type: string + description: 错误状态码的含义 + description: 失败时返回的错误对象 + example: + code: "400" + msg: error msg + label: 请求出错 + + CallbackTaskBaseProperties: + type: object + properties: + task_id: + type: string + host_id: + type: integer + host_ip: + type: string + host_name: + type: string + status: + type: string + CheckItemResultStruct: + type: array + items: + type: object + properties: + item: + type: string + result: + type: boolean + log: + type: string + RpmFixResult: + type: array + items: + type: object + properties: + available_rpm: + type: string + result: + type: string + log: + type: string + ExportCveReq: + required: + - host_list + type: object + properties: + host_list: + type: array + description: 空表示全部 + items: + type: object + properties: + host_id: + type: integer + description: 主机ID + cluster_id: + type: string + description: 集群ID + GenerateRollbackTaskReq: + type: object + required: + - fix_task_id + properties: + fix_task_id: + type: string + description: 已修复的任务ID + minLength: 1 + maxLength: 32 + GenerateRollbackTaskRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + task_id: + type: string + + QueryUnfixedPackagesReq: + type: object + required: + - cve_id + properties: + cve_id: + type: string + example: CVE-2022-44033 + description: 需要被查询的CVE ID + minLength: 1 + maxLength: 20 + host_ids: + type: array + description: 可选参数,主机ID列表,用于限制查询的主机范围,例如需要查询此CVE存在于这些主机的那些软件包中 + example: + - 1 + - 2 + - 3 + items: + type: string + description: 主机ID信息 + minLength: 1 + maxLength: 36 + + QueryUnfixedPackagesRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: array + items: + type: object + properties: + installed_rpm: + type: string + example: kernel-5.10.0-153.12.0.92.oe2203sp2.aarch64 + description: 主机上安装的软件包, 存在对应漏洞的软件报名 + available_rpm: + type: string + description: 可升级的软件包,可以修复此漏洞(CVE)的软件包 + example: kernel-5.10.0-153.31.0.108.oe2203sp2.aarch64 + support_way: + type: string + description: 修复方式,hotpatch即实时patch,不重启或者中断运行的情况下将补丁应用到软件中。相反coldpatch则需要软件停止运行的情况下进行升级 + enum: + - hotpatch + - coldpatch + host_num: + type: integer + description: 影响主机数量,即存在同一个漏洞的主机数量 + example: 3 + QueryFixedPackagesReq: + allOf: + - $ref: "#/components/schemas/QueryUnfixedPackagesReq" + QueryFixedPackagesRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: array + items: + type: object + properties: + installed_rpm: + type: string + example: kernel-5.10.0-153.12.0.92.oe2203sp2.aarch64 + description: 主机上安装的软件包, 已经修复该CVE的软件包 + fixed_way: + type: string + description: 修复方式,热补丁或者冷不丁 + enum: + - hotpatch + - coldpatch + host_num: + type: integer + example: 3 + description: 涉及主机数量 + hp_status: + type: string + description: 如果是热补丁修复的主机,此项表示该热补丁在主机上的运行状态,仅激活(ACTIVED)还是被设置为ACCEPTED状态 + enum: + - ACCEPTED + - ACTIVED + QueryCvePackagesHostReq: + type: object + required: + - cve_id + - installed_rpm + - fixed + properties: + direction: + type: string + enum: + - asc + - desc + cve_id: + type: string + example: CVE-2022-44033 + minLength: 1 + maxLength: 20 + installed_rpm: + type: string + example: kernel-5.10.0-153.12.0.92.oe2203sp2.aarch64 + minLength: 1 + maxLength: 100 + available_rpm: + type: string + example: kernel-5.10.0-153.31.0.108.oe2203sp2.aarch64 + minLength: 1 + maxLength: 100 + hp_status: + type: string + enum: + - ACCEPTED + - ACTIVED + minLength: 1 + maxLength: 20 + fixed: + type: boolean + default: false + enum: + - true + - false + host_ids: + type: array + items: + type: string + minLength: 1 + maxLength: 36 + QueryCvePackagesHostRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + result: + type: array + items: + type: object + properties: + host_ip: + type: string + example: 127.0.0.1 + host_name: + type: string + example: Test_host + CveRollbackTaskResultReq: + type: object + required: + - task_id + properties: + task_id: + type: string + description: 任务ID + minLength: 1 + maxLength: 32 + CveRollbackResultAboutRpms: + type: array + items: + type: object + properties: + cves: + type: string + installed_rpm: + type: string + target_rpm: + type: string + CveRollbackTaskResultRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: array + items: + type: object + properties: + host_id: + type: integer + format: int32 + host_ip: + type: string + example: 127.0.0.1 + host_name: + type: string + example: Test_host + last_execution_time: + type: integer + task_type: + type: string + default: cve rollback + task_result: + type: array + items: + type: object + properties: + check_items: + $ref: "#/components/schemas/CheckItemResultStruct" + log: + type: string + rpms: + $ref: "#/components/schemas/CveRollbackResultAboutRpms" + result: + type: string + CveRollbackTaskInfoQueryReq: + type: object + required: + - task_id + properties: + page: + type: integer + example: 1 + minimum: 1 + maximum: 999999 + per_page: + type: integer + example: 10 + minimum: 1 + maximum: 999 + task_id: + type: string + description: 需要查询的任务ID + minLength: 1 + maxLength: 32 + filter: + type: object + properties: + search_key: + type: string + description: 检索关键词 + minLength: 1 + maxLength: 50 + status: + type: string + description: 任务执行状态 + enum: + - succeed + - fail + - running + - unknown + CveRollbackTaskInfoQueryRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + result: + type: array + items: + type: object + properties: + cve_num: + type: integer + host_id: + type: integer + host_ip: + type: string + example: 172.168.235.132 + host_name: + type: string + status: + type: string + CveRollbackRpmInfoQueryReq: + type: object + required: + - task_id + - host_id + properties: + task_id: + description: 需要查询的任务ID + type: string + minLength: 1 + maxLength: 32 + host_id: + type: string + description: 需要查询的主机ID + minLength: 1 + maxLength: 36 + CveRollbackRpmInfoQueryRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: array + items: + type: object + properties: + cves: + type: string + installed_rpm: + type: string + status: + type: string + target_rpm: + type: string + CveFixTaskRpmInfoQueryReq: + allOf: + - $ref: "#/components/schemas/CveRollbackRpmInfoQueryReq" + CveFixTaskRpmInfoQueryRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: array + items: + type: object + properties: + available_rpm: + type: string + cves: + type: string + installed_rpm: + type: string + status: + type: string + HotpatchRemoveInfoSchema: + type: object + required: + - host_id + - cves + properties: + host_id: + description: 主机id + type: string + minLength: 1 + maxLength: 36 + cves: + type: array + minItems: 1 + items: + type: object + properties: + cve_id: + type: string + description: 主机对应已通过热补丁修复的CVE ID + minLength: 1 + maxLength: 20 + GenerateHotpatchRemoveTaskReq: + type: object + required: + - task_name + - description + - info + properties: + task_name: + description: 任务名称 + type: string + minLength: 1 + maxLength: 20 + description: + description: 任务描述 + type: string + minLength: 1 + maxLength: 100 + info: + type: array + items: + $ref: "#/components/schemas/HotpatchRemoveInfoSchema" + minItems: 1 + GenerateHotpatchRemoveTaskRsp: + allOf: + - $ref: "#/components/schemas/GenerateUpdateRepoTaskRsp" + HotpatchRemoveTaskInfoQueryFilter: + type: object + description: 过滤条件 + properties: + cve_id: + type: string + description: 需要查询的CVE ID + minLength: 1 + maxLength: 20 + status: + type: string + description: 执行状态 + enum: + - succeed + - fail + - running + - unknown + HotpatchRemoveTaskInfoQueryReq: + type: object + required: + - task_id + properties: + page: + type: integer + example: 1 + description: 查询页数 + minimum: 1 + maximum: 999999 + per_page: + type: integer + description: 每页显示数量 + example: 10 + minimum: 1 + maximum: 999 + task_id: + type: string + description: 被查询的任务ID + minLength: 1 + maxLength: 32 + sort: + type: string + description: 排序依据 + enum: + - host_num + direction: + type: string + description: 排序规则 + default: asc + enum: + - asc + - desc + filter: + $ref: "#/components/schemas/HotpatchRemoveTaskInfoQueryFilter" + HotpatchRemoveTaskInfoQueryRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + result: + type: array + items: + type: object + properties: + cve_id: + type: string + host_num: + type: integer + package: + type: string + example: kernel + status: + type: string + enum: + - succeed + - fail + - running + - unknown + HotpatchRemoveTaskResultQueryReq: + type: object + properties: + task_id: + type: string + description: 需要查询的任务ID信息 + minLength: 1 + maxLength: 32 + required: + - task_id + HotpatchRemoveResultAboutCve: + type: object + properties: + cve_id: + type: string + log: + type: string + result: + type: string + HotpatchRemoveTaskResultQueryRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: array + items: + type: object + allOf: + - $ref: "#/components/schemas/CallbackTaskBaseProperties" + - type: object + properties: + last_execution_time: + type: integer + task_type: + type: string + default: cve fix + task_result: + type: array + items: + type: object + properties: + timed: + type: boolean + cves: + $ref: "#/components/schemas/HotpatchRemoveResultAboutCve" + HotpatchRemoveTaskCveHostInfoQueryReq: + type: object + properties: + task_id: + type: string + cve_list: + type: array + items: + type: string + HotpatchRemoveTaskCveHostInfoQueryRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: object + properties: + result: + type: object + HotpatchRemoveTaskProcessQueryReq: + type: object + properties: + task_id: + type: string + example: 0aaceac2adf311eeaa6c5254001a9e0d + cve_list: + type: array + example: + - CVE-2022-1001 + - CVE-2022-1002 + items: + type: string + HotpatchRemoveTaskProcessQueryRsp: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + result: + type: object +x-original-swagger-version: "2.0" diff --git a/plugins/aops-apollo/plugin.json b/plugins/aops-apollo/plugin.json new file mode 100644 index 0000000000000000000000000000000000000000..cc73f5bb523c8339761767790450310973280c2b --- /dev/null +++ b/plugins/aops-apollo/plugin.json @@ -0,0 +1,15 @@ +{ + "id": "Apollo", + "name": "CVE巡检", + "description": "这是一个对接受管理的主机进行CVE管理和CVE修复的工具。该工具可对受管理的主机操作系统中存在的CVE漏洞进行监控,并以冷补丁或热补丁的方式生成CVE修复任务并执行。同时,对于已经使用补丁修复的CVE,该工具也可对修复操作进行回滚。", + "automatic_flow": false, + "auth": { + "type": "oidc", + "args": { + "access-token": "" + }, + "domain": "aops", + "access_token_url": "http://116.63.164.87/accounts/accesstoken", + "token_expire_time": 1440 + } +} \ No newline at end of file diff --git a/plugins/euler-copilot-rca/flows/demarcation.yaml b/plugins/euler-copilot-rca/flows/demarcation.yaml new file mode 100644 index 0000000000000000000000000000000000000000..6831bdea203e1ffd360f765e5f85ebdce704a437 --- /dev/null +++ b/plugins/euler-copilot-rca/flows/demarcation.yaml @@ -0,0 +1,18 @@ +name: demarcation +description: 该工具的作用为针对已知异常事件进行定界分析。需从上下文中获取start_time(开始时间),end_time(结束时间),container_id(容器ID) +steps: + - name: start + call_type: api + params: + endpoint: POST /demarcation + next: report_gen + - name: report_gen + call_type: llm + params: + system_prompt: 你是一个系统智能助手,擅长分析系统的故障现象,最终生成分析报告。 + user_prompt: | + 您是一个专业的运维人员,擅长分析系统的故障现象,最终生成分析报告。当前异常检测结果为{data}。 + 将root_causes_metric_top3内容输出为表格形式,并为每个根因指标进行标号。 + 整个分析报告应该符合markdown规范 +next_flow: + - detection \ No newline at end of file diff --git a/plugins/euler-copilot-rca/flows/detection.yaml b/plugins/euler-copilot-rca/flows/detection.yaml new file mode 100644 index 0000000000000000000000000000000000000000..836c71423d63248cd84fe20593d6f848c9b35363 --- /dev/null +++ b/plugins/euler-copilot-rca/flows/detection.yaml @@ -0,0 +1,10 @@ +name: detection +description: 该工具的作用为针对已知容器ID和指标,执行profiling分析任务,得到任务ID。需从上下文中获取container_id(容器ID)和三个metric(指标)的其中一个。 +steps: + - name: start + call_type: api + params: + endpoint: POST /detection + next: end + - name: end + call_type: none diff --git a/plugins/euler-copilot-rca/flows/inspection.yaml b/plugins/euler-copilot-rca/flows/inspection.yaml new file mode 100644 index 0000000000000000000000000000000000000000..afaefe31106c5ec2016fb3f030fb363950b62516 --- /dev/null +++ b/plugins/euler-copilot-rca/flows/inspection.yaml @@ -0,0 +1,16 @@ +name: inspection +description: 该工具的作用为在指定机器上对容器进行异常事件检测。需从上下文中获取start_time(开始时间),end_time(结束时间),machine_id(机器IP) +steps: + - name: start + call_type: api + params: + endpoint: POST /inspection + next: list2markdown + - name: list2markdown + call_type: llm + params: + user_prompt: | + 您是一个专业的运维人员,擅长分析系统的故障现象,最终生成分析报告。当前的异常检测结果为{data}。请将anomaly_events_times_list的信息,输出为表格形式。整个分析报告请符合markdown规范。 + +next_flow: + - demarcation \ No newline at end of file diff --git a/plugins/euler-copilot-rca/flows/show_profiling.yaml b/plugins/euler-copilot-rca/flows/show_profiling.yaml new file mode 100644 index 0000000000000000000000000000000000000000..b82172eb272e6c0679dd32582e18e4ecda7dc2bf --- /dev/null +++ b/plugins/euler-copilot-rca/flows/show_profiling.yaml @@ -0,0 +1,36 @@ +name: show_profiling +description: 根据已知的智能诊断任务ID(task_id),获取报告的原始数据。随后根据原始数据,生成详细的报告。 +steps: + - name: start + call_type: api + params: + endpoint: POST /show_profiling + next: report_gen + - name: report_gen + call_type: llm + params: + system_prompt: | + 你是一个数据分析和性能分析的专家,请按以下的模板分析出应用的性能瓶颈: + + 1.分析topStackSelf字段中自身耗时排名前3的函数调用栈,分析结果中应该包含函数的耗时信息、函数调用栈的解释说明。 + 2.分析topStackTotal字段中总耗时排名前3的函数调用栈,分析结果中应该包含函数的耗时信息、函数调用栈的解释说明。 + 3.总结前两步的分析结果,并给出影响应用性能的瓶颈所在,同时给出建议。 + user_prompt: | + 现有定界分析结果:{data} + 上面提供了一个JSON对象,它包含了应用程序的Profiling分析报告。该JSON对象包括如下几个字段: + + - traceEvents:它是一个事件列表,列表中的每一项表示一个事件,每个事件以字典格式存储,事件的主要内容解释如下: + - cat 字段:表示事件的分类,它的值包括 syscall、python_gc、sample、pthread_sync,oncpu。其中,syscall 表示这是一个系统调用事件;python_gc 表示这是一个Python垃圾回收事件;sample表示这是一个cpu调用栈采样事件;oncpu表示这是一个OnCPU事件,它说明了pid字段所代表的进程正在占用cpu。 + - name字段:表示事件的名称; + - pid字段:表示事件的进程ID; + - tid字段:表示事件所在的线程ID; + - ts字段:表示事件发生的开始时间,它是一个时间戳格式,单位是微秒; + - dur字段:表示事件的耗时,单位是微秒; + - sf字段:表示事件的函数调用栈,内容是以分号(;)分隔的函数名列表,分号左边是调用方的函数名,分号右边是被调用的函数名。 + - args字段:表示每个事件特有的信息,内容主要包括:count字段,表示事件发生的计数;thread.name字段,表示事件所在的线程的名称;cpu字段,表示采样的cpu编号。 + - topStackSelf:表示应用程序在执行CPU操作期间,自身耗时排名前10的函数调用栈列表。自身耗时是指函数调用栈自身的耗时。列表中的每一项内容说明如下: + - stack:用字符串表示的一个函数调用栈,内容是以分号(;)分隔的函数名列表,分号左边是调用方的函数名,分号右边是被调用的函数名。 + - self_time:stack表示的函数调用栈的自身耗时,单位是毫秒。 + - topStackTotal:表示应用程序在执行CPU操作期间,总耗时排名前10的函数调用栈列表,总耗时是指函数调用栈累积的耗时,它包含了自身耗时。列表中的每一项内容说明如下: + - stack:用字符串表示的一个函数调用栈,内容是以分号(;)分隔的函数名列表,分号左边是调用方的函数名,分号右边是被调用的函数名。 + - total_time:stack表示的函数调用栈的总耗时,单位是毫秒。 \ No newline at end of file diff --git a/plugins/euler-copilot-rca/openapi.yaml b/plugins/euler-copilot-rca/openapi.yaml new file mode 100644 index 0000000000000000000000000000000000000000..9ebf2715d5ff61cd86150cfa9b208c2c48a2afa3 --- /dev/null +++ b/plugins/euler-copilot-rca/openapi.yaml @@ -0,0 +1,255 @@ +openapi: 3.0.2 +info: + title: 智能诊断 + version: 1.0.0 +servers: + - url: http://192.168.10.31:20030 +paths: + /inspection: + post: + description: 对指定机器进行异常检测,返回异常事件 + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InspectionRequestData' + required: true + responses: + '200': + description: Successful Response + content: + application/json: + schema: {} + '422': + description: Validation Error + content: + application/json: + schema: + $ref: '#/components/schemas/HTTPValidationError' + /demarcation: + post: + description: 对指定容器进行异常定界 + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DemarcationRequestData' + required: true + responses: + '200': + description: Successful Response + content: + application/json: + schema: {} + '422': + description: Validation Error + content: + application/json: + schema: + $ref: '#/components/schemas/HTTPValidationError' + /detection: + post: + description: 根据定界结果指标进行定位 + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DetectionRequestData' + required: true + responses: + '200': + description: Successful Response + content: + application/json: + schema: {} + '422': + description: Validation Error + content: + application/json: + schema: + $ref: '#/components/schemas/HTTPValidationError' + /show_profiling: + post: + description: 根据任务ID,获取Profiling结果 + requestBody: + content: + application/json: + schema: + type: object + description: 请求数据 + required: + - task_id + properties: + task_id: + type: string + description: 任务ID,为UUID类型 + responses: + '200': + description: Successful Response + content: + application/json: + schema: + $ref: "#/components/schemas/ShowProfilingResponse" + '422': + description: Validation Error + content: + application/json: + schema: + $ref: '#/components/schemas/HTTPValidationError' +components: + schemas: + HTTPValidationError: + type: object + description: HTTP 校验错误 + properties: + detail: + type: array + items: + $ref: '#/components/schemas/ValidationError' + title: Detail + InspectionRequestData: + type: object + description: 巡检接口入参 + required: + - machine_id + - start_time + - end_time + properties: + machine_id: + description: 机器IP。如果给定的信息没有指定任何机器IP,则默认为“default_0.0.0.0”。 + type: string + title: Machine_ID + default: default_0.0.0.0 + start_time: + description: 根据给定的信息提取出开始时间,如果给定的信息不包含开始时间,开始时间可以设置为当前时间往前推2分钟,最终解析出的时间以'%Y-%m-%d %H:%M:%S'格式输出 + type: string + title: Start_Time + default: '' + end_time: + description: 根据给定的信息提取出结束时间,如果给定的信息不包含结束时间,结束时间可以设置为当前时间,最终解析出的时间以'%Y-%m-%d %H:%M:%S'格式输出 + type: string + title: End_Time + default: '' + DemarcationRequestData: + type: object + description: 定界接口入参 + required: + - start_time + - end_time + - container_id + properties: + start_time: + description: 根据给定的信息提取出开始时间,如果给定的信息不包含开始时间,开始时间可以设置为当前时间往前推2分钟,最终解析出的时间以'%Y-%m-%d %H:%M:%S'格式输出 + type: string + title: Start_Time + default: '' + end_time: + description: 根据给定的信息提取出结束时间,如果给定的信息不包含结束时间,结束时间可以设置为当前时间,最终解析出的时间以'%Y-%m-%d %H:%M:%S'格式输出 + type: string + title: End_Time + default: '' + container_id: + description: 结合问题中指定的具体异常事件,根据给定信息提取容器ID + type: string + title: Container_ID + default: '' + DetectionRequestData: + type: object + description: 定位接口入参 + required: + - container_id + - metric + properties: + container_id: + description: 结合问题中指定的具体指标或者指标号,根据给定信息提取容器ID + type: string + title: Container_ID + default: '' + metric: + description: 结合问题中的具体指标或者指标号,根据给定信息提取具体指标值作为metric + type: string + title: Metric + default: '' + ShowProfilingResponse: + type: object + description: show profiling 的返回结果 + properties: + traceEvents: + type: array + items: + type: object + properties: + cat: + type: string + description: Event category (syscall, python_gc, sample, pthread_sync, oncpu) + name: + type: string + description: Event name + pid: + type: integer + format: int32 + description: Process ID + tid: + type: integer + format: int32 + description: Thread ID + ts: + type: integer + format: int64 + description: Timestamp of the event start in microseconds + dur: + type: integer + format: int32 + description: Duration of the event in microseconds + sf: + type: string + description: Call stack represented as a list of function names separated by semicolons + args: + type: object + additionalProperties: true + description: Additional event-specific information such as count, thread.name, and cpu + topStackSelf: + type: array + items: + type: object + properties: + stack: + type: string + description: Call stack represented as a list of function names separated by semicolons + self_time: + type: number + format: int + description: Exclusive time spent in the call stack in milliseconds + topStackTotal: + type: array + items: + type: object + properties: + stack: + type: string + description: Call stack represented as a list of function names separated by semicolons + total_time: + type: number + format: int + description: Total inclusive time spent in the call stack in milliseconds + ValidationError: + type: object + required: + - loc + - msg + - type + title: ValidationError + properties: + loc: + type: array + items: + anyOf: + - type: string + - type: integer + title: Location + msg: + type: string + title: Message + type: + type: string + title: Error Type \ No newline at end of file diff --git a/plugins/euler-copilot-rca/plugin.json b/plugins/euler-copilot-rca/plugin.json new file mode 100644 index 0000000000000000000000000000000000000000..b0ef2fd7aa0c13ad626a01d0fc7a4bf010ab3178 --- /dev/null +++ b/plugins/euler-copilot-rca/plugin.json @@ -0,0 +1,5 @@ +{ + "id": "rca", + "name": "智能诊断", + "description": "该插件具备以下功能:巡检,定界,定位" +} \ No newline at end of file diff --git a/plugins/euler-copilot-tune/flows/data_collection.yaml b/plugins/euler-copilot-tune/flows/data_collection.yaml new file mode 100644 index 0000000000000000000000000000000000000000..d2718f0dd059f3a8a34d02cbc67436c6fc274a28 --- /dev/null +++ b/plugins/euler-copilot-tune/flows/data_collection.yaml @@ -0,0 +1,15 @@ +name: data_collection +description: 采集某一指定ip主机的系统性能指标 +steps: + - name: start + call_type: api + params: + endpoint: POST /performance_metric + next: show_data + - name: show_data + call_type: llm + params: + user_prompt: | + 当前采集到系统性能指标为:{data}, 输出内容请符合markdown规范。 +next_flow: + - performance_analysis \ No newline at end of file diff --git a/plugins/euler-copilot-tune/flows/performance_analysis.yaml b/plugins/euler-copilot-tune/flows/performance_analysis.yaml new file mode 100644 index 0000000000000000000000000000000000000000..07e2a2ada9c54568be3f3bf13c5b2223e615037a --- /dev/null +++ b/plugins/euler-copilot-tune/flows/performance_analysis.yaml @@ -0,0 +1,15 @@ +name: performance_analysis +description: 分析性能指标并生成性能分析报告 +steps: + - name: start + call_type: api + params: + endpoint: POST /performance_report + next: extract_key + - name: extract_key + call_type: extract + params: + keys: + - data.output +next_flow: + - performance_tuning \ No newline at end of file diff --git a/plugins/euler-copilot-tune/flows/performance_tuning.yaml b/plugins/euler-copilot-tune/flows/performance_tuning.yaml new file mode 100644 index 0000000000000000000000000000000000000000..e938a0bf1bd83f971c4eaaff2d447a150fcf5560 --- /dev/null +++ b/plugins/euler-copilot-tune/flows/performance_tuning.yaml @@ -0,0 +1,13 @@ +name: performance_tuning +description: 基于性能能分析报告,生成操作系统和Mysql应用的性能优化建议,结果以shell脚本的形式返回 +steps: + - name: start + call_type: api + params: + endpoint: POST /optimization_suggestion + next: extract_key + - name: extract_key + call_type: extract + params: + keys: + - data.script \ No newline at end of file diff --git a/plugins/euler-copilot-tune/openapi.yaml b/plugins/euler-copilot-tune/openapi.yaml new file mode 100644 index 0000000000000000000000000000000000000000..ac6d20f792a584dd0c37943c8f783fbdc2a49d29 --- /dev/null +++ b/plugins/euler-copilot-tune/openapi.yaml @@ -0,0 +1,147 @@ +openapi: 3.0.2 +info: + title: 智能诊断 + version: 1.0.0 +servers: + - url: http://192.168.10.31:20000 +paths: + /performance_metric: + post: + description: 对指定机器进行性能指标采集,返回指标值 + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PerformanceMetricRequestData' + required: true + responses: + '200': + description: Successful Response + content: + application/json: + schema: {} + '422': + description: Validation Error + content: + application/json: + schema: + $ref: '#/components/schemas/HTTPValidationError' + /performance_report: + post: + description: 基于采集到的指标,对指定机器进行性能诊断,生成性能分析报告 + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PerformanceReportRequestData' + required: true + responses: + '200': + description: Successful Response + content: + application/json: + schema: {} + '422': + description: Validation Error + content: + application/json: + schema: + $ref: '#/components/schemas/HTTPValidationError' + /optimization_suggestion: + post: + description: 根据性能分析报告,以及指定的机器应用信息,生成调优建议 + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OptimizationSuggestionRequestData' + required: true + responses: + '200': + description: Successful Response + content: + application/json: + schema: {} + '422': + description: Validation Error + content: + application/json: + schema: + $ref: '#/components/schemas/HTTPValidationError' +components: + schemas: + HTTPValidationError: + type: object + description: HTTP 校验错误 + properties: + detail: + type: array + items: + $ref: '#/components/schemas/ValidationError' + OptimizationSuggestionRequestData: + type: object + description: 生成优化建议的接口的入参 + required: + - app + - ip + properties: + app: + type: string + description: 应用名称 + default: mysql + enum: + - mysql + - none + ip: + type: string + description: 点分十进制的ipv4地址, 例如192.168.10.43 + example: "192.168.10.43" + PerformanceMetricRequestData: + type: object + description: 性能指标采集的接口的入参 + required: + - app + - ip + properties: + ip: + type: string + description: 点分十进制的ipv4地址, 例如192.168.10.43 + example: "192.168.10.43" + app: + type: string + description: App + default: none + enum: + - mysql + - none + PerformanceReportRequestData: + type: object + description: 生成性能报告接口的入参 + required: + - ip + properties: + ip: + type: string + description: 点分十进制的ipv4地址, 例如192.168.10.43 + example: "192.168.10.43" + ValidationError: + type: object + required: + - loc + - msg + - type + title: ValidationError + properties: + loc: + type: array + items: + anyOf: + - type: string + - type: integer + title: Location + msg: + type: string + title: Message + type: + type: string + title: Error Type \ No newline at end of file diff --git a/plugins/euler-copilot-tune/plugin.json b/plugins/euler-copilot-tune/plugin.json new file mode 100644 index 0000000000000000000000000000000000000000..c4b95f57e6169a93dcaf7c08e2d328f5be6bf893 --- /dev/null +++ b/plugins/euler-copilot-tune/plugin.json @@ -0,0 +1,6 @@ +{ + "id": "tune", + "name": "智能性能优化", + "description": "该插件具备以下功能:采集系统性能指标,分析系统性能,推荐系统性能优化建议", + "automatic_flow": false +} \ No newline at end of file diff --git a/plugins/gala-ragdoll/flows/add_domain_host.yaml b/plugins/gala-ragdoll/flows/add_domain_host.yaml new file mode 100644 index 0000000000000000000000000000000000000000..5ba850e2d9d0df1593933f5bd1a93dab5fbd343e --- /dev/null +++ b/plugins/gala-ragdoll/flows/add_domain_host.yaml @@ -0,0 +1,11 @@ +name: 添加业务域主机 +description: 添加业务域主机,将业务域未添加的主机添加到业务域中,并将最终添加之后的主机列表查询接口结果以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/host/addHost + next: end + - name: end + call_type: none + diff --git a/plugins/gala-ragdoll/flows/create_domain.yaml b/plugins/gala-ragdoll/flows/create_domain.yaml new file mode 100644 index 0000000000000000000000000000000000000000..f1c46bdde1c3366425028f132ea532c4732fbe65 --- /dev/null +++ b/plugins/gala-ragdoll/flows/create_domain.yaml @@ -0,0 +1,11 @@ +name: 创建业务域 +description: 创建业务域,选择集群,填写业务域名称,业务域优先级可添加业务域,并将添加后的业务域列表以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/domain/createDomain + next: end + - name: end + call_type: none + diff --git a/plugins/gala-ragdoll/flows/create_domain_conf.yaml b/plugins/gala-ragdoll/flows/create_domain_conf.yaml new file mode 100644 index 0000000000000000000000000000000000000000..051609c9b3f59951370790aaa2e6d2399928473e --- /dev/null +++ b/plugins/gala-ragdoll/flows/create_domain_conf.yaml @@ -0,0 +1,28 @@ +name: 创建业务域配置 +description: 创建业务域配置,用户选择当前支持的配置文件路径,配置来源,配置内容或从主机导入或从本地导入三种方式进行配置文件内容的添加,并将添加之后的业务域配置列表以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/management/addManagementConf + next: get_management_conf + - name: get_management_conf + call_type: api + params: + endpoint: POST /conftrace/management/getManagementConf + next: generate_get_management_conf_response + - name: generate_get_management_conf_response + call_type: llm + params: + system_prompt: 你是一个擅长Linux系统性能优化,且能够根据具体情况撰写分析报告的智能助手。 + user_prompt: | + 用户指示: + {question} + + 参考信息: + {context} + + 如果没有添加成功,获取不到添加的配置文件,请检查配置内容是否写对 + next: end + - name: end + call_type: none diff --git a/plugins/gala-ragdoll/flows/delete_domain.yaml b/plugins/gala-ragdoll/flows/delete_domain.yaml new file mode 100644 index 0000000000000000000000000000000000000000..a3b0050b39b4d2764b6b2679a5cbda45d8dc7aaa --- /dev/null +++ b/plugins/gala-ragdoll/flows/delete_domain.yaml @@ -0,0 +1,28 @@ +name: 删除业务域 +description: 删除业务域,删除主机/home/confTraceTest/目录同为接口参数domain_name的目录,并同时删除domain表中的业务域数据,并将删除之后的业务域列表以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: DELETE /conftrace/domain/deleteDomain + next: query_domain + - name: query_domain + call_type: api + params: + endpoint: POST /conftrace/domain/queryDomain + next: generate_response + - name: generate_response + call_type: llm + params: + system_prompt: 你是一个擅长Linux系统性能优化,且能够根据具体情况撰写分析报告的智能助手。 + user_prompt: | + 用户指示: + {question} + + 参考信息: + {context} + + 根据上述信息,撰写系统性能分析报告。 + next: end + - name: end + call_type: none diff --git a/plugins/gala-ragdoll/flows/delete_domain_conf.yaml b/plugins/gala-ragdoll/flows/delete_domain_conf.yaml new file mode 100644 index 0000000000000000000000000000000000000000..06320471d1de3f146b4124626f7a11a8ac1e2168 --- /dev/null +++ b/plugins/gala-ragdoll/flows/delete_domain_conf.yaml @@ -0,0 +1,28 @@ +name: 删除或批量删除业务域配置 +description: 删除或批量删除业务域配置,用户点击删除按钮或选择要删除的配置,点击批量删除,将会当前选择的配置删除,并将删除之后的业务域配置以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/management/deleteManagementConf + next: get_management_conf + - name: get_management_conf + call_type: api + params: + endpoint: POST /conftrace/management/getManagementConf + next: generate_response + - name: generate_response + call_type: llm + params: + system_prompt: 你是一个擅长Linux系统性能优化,且能够根据具体情况撰写分析报告的智能助手。 + user_prompt: | + 用户指示: + {question} + + 参考信息: + {context} + + 根据上述信息,撰写系统性能分析报告。 + next: end + - name: end + call_type: none diff --git a/plugins/gala-ragdoll/flows/delete_domain_host.yaml b/plugins/gala-ragdoll/flows/delete_domain_host.yaml new file mode 100644 index 0000000000000000000000000000000000000000..c953206f1da2b0f733ee19373398ef20f237c018 --- /dev/null +++ b/plugins/gala-ragdoll/flows/delete_domain_host.yaml @@ -0,0 +1,28 @@ +name: 删除业务域主机 +description: 删除业务域主机,将从domain_host表中删除该主机,并从/home/confTraceTest/业务域名称/hostRecord.txt中删除主机信息,并将删除之后的业务域现有添加的主机以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: DELETE /conftrace/host/deleteHost + next: query_hosts_in_domain + - name: query_hosts_in_domain + call_type: api + params: + endpoint: POST /conftrace/host/getHost + next: generate_response + - name: generate_response + call_type: llm + params: + system_prompt: 你是一个擅长Linux系统性能优化,且能够根据具体情况撰写分析报告的智能助手。 + user_prompt: | + 用户指示: + {question} + + 参考信息: + {context} + + 根据上述信息,撰写系统性能分析报告。 + next: end + - name: end + call_type: none diff --git a/plugins/gala-ragdoll/flows/domain_batch_sync_conf.yaml b/plugins/gala-ragdoll/flows/domain_batch_sync_conf.yaml new file mode 100644 index 0000000000000000000000000000000000000000..b7d7321ab7a8022ae55386d54074906f4d30a7d5 --- /dev/null +++ b/plugins/gala-ragdoll/flows/domain_batch_sync_conf.yaml @@ -0,0 +1,10 @@ +name: 批量同步业务域主机配置 +description: 批量同步业务域主机配置,可以将业务域基线配置文件的内容同步到勾选的主机当前所有配置文件中,使得所有配置文件的基线内容和实际内容达到同步状态,并将同步结果以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/confs/batch/syncConf + next: end + - name: end + call_type: none \ No newline at end of file diff --git a/plugins/gala-ragdoll/flows/edit_domain_conf.yaml b/plugins/gala-ragdoll/flows/edit_domain_conf.yaml new file mode 100644 index 0000000000000000000000000000000000000000..87286b97419a4b61b2a32fe86fb149f31803588f --- /dev/null +++ b/plugins/gala-ragdoll/flows/edit_domain_conf.yaml @@ -0,0 +1,28 @@ +name: 编辑业务域配置 +description: 编辑业务域配置,用户选择当前支持的配置文件路径,配置来源,配置内容或从主机导入或从本地导入三种方式进行配置文件内容的修改,并将修改之后的业务域配置以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/management/addManagementConf + next: get_management_conf + - name: get_management_conf + call_type: api + params: + endpoint: POST /conftrace/management/getManagementConf + next: generate_response + - name: generate_response + call_type: llm + params: + system_prompt: 你是一个擅长Linux系统性能优化,且能够根据具体情况撰写分析报告的智能助手。 + user_prompt: | + 用户指示: + {question} + + 参考信息: + {context} + + 根据上述信息,撰写系统性能分析报告。 + next: end + - name: end + call_type: none \ No newline at end of file diff --git a/plugins/gala-ragdoll/flows/get_existent_host.yaml b/plugins/gala-ragdoll/flows/get_existent_host.yaml new file mode 100644 index 0000000000000000000000000000000000000000..07e990b53061209e44e8b9a351457e17e40073ff --- /dev/null +++ b/plugins/gala-ragdoll/flows/get_existent_host.yaml @@ -0,0 +1,10 @@ +name: 获取业务域主机 +description: 获取指定业务域的主机,以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/host/getHost + next: end + - name: end + call_type: none diff --git a/plugins/gala-ragdoll/flows/get_host_conf_sync_status.yaml b/plugins/gala-ragdoll/flows/get_host_conf_sync_status.yaml new file mode 100644 index 0000000000000000000000000000000000000000..f3ccaa0a8e56f4609d1c053afe49b04bc0e6a218 --- /dev/null +++ b/plugins/gala-ragdoll/flows/get_host_conf_sync_status.yaml @@ -0,0 +1,10 @@ +name: 查看主机状态详情 +description: 查看主机状态详情,可以查看主机当前所有基线配置文件的同步状态,将主机同步状态详情以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/confs/getDomainStatus + next: end + - name: end + call_type: none diff --git a/plugins/gala-ragdoll/flows/get_nonexistent_host.yaml b/plugins/gala-ragdoll/flows/get_nonexistent_host.yaml new file mode 100644 index 0000000000000000000000000000000000000000..35ff00b8f9986096f6bfe152c9690eaad869cd44 --- /dev/null +++ b/plugins/gala-ragdoll/flows/get_nonexistent_host.yaml @@ -0,0 +1,10 @@ +name: 获取当前未添加的业务域主机 +description: 获取当前未添加的业务域主机,过滤出业务域未添加的主机,未添加的主机以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/host/getNonexistentHost + next: end + - name: end + call_type: none diff --git a/plugins/gala-ragdoll/flows/host_batch_sync_conf.yaml b/plugins/gala-ragdoll/flows/host_batch_sync_conf.yaml new file mode 100644 index 0000000000000000000000000000000000000000..5b228a48270c825b613939a1011ead09ce6e8aec --- /dev/null +++ b/plugins/gala-ragdoll/flows/host_batch_sync_conf.yaml @@ -0,0 +1,10 @@ +name: 批量同步主机所有配置文件 +description: 批量同步主机所有配置文件,可以将业务域所有基线配置文件的内容同步到主机当前所有配置文件中,使得所有配置文件的基线内容和实际内容达到同步状态,将同步结果以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/confs/syncConf + next: end + - name: end + call_type: none \ No newline at end of file diff --git a/plugins/gala-ragdoll/flows/host_sync_conf.yaml b/plugins/gala-ragdoll/flows/host_sync_conf.yaml new file mode 100644 index 0000000000000000000000000000000000000000..52e0f48b34316cd9b1ddbcf2f1a1f05f92f91107 --- /dev/null +++ b/plugins/gala-ragdoll/flows/host_sync_conf.yaml @@ -0,0 +1,10 @@ +name: 同步主机单个配置文件 +description: 同步主机单个配置文件,可以将业务域基线配置文件的内容同步到主机当前单个配置文件中,使得单个配置文件的基线内容和实际内容达到同步状态,将同步结果以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/confs/syncConf + next: end + - name: end + call_type: none \ No newline at end of file diff --git a/plugins/gala-ragdoll/flows/query_cluster_list.yaml b/plugins/gala-ragdoll/flows/query_cluster_list.yaml new file mode 100644 index 0000000000000000000000000000000000000000..0781bf1b91947db2bd54fdc08014a146d26da672 --- /dev/null +++ b/plugins/gala-ragdoll/flows/query_cluster_list.yaml @@ -0,0 +1,10 @@ +name: 获取集群列表 +description: 获取当前的集群列表,集群列表结果以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: GET /accounts/cluster + next: end + - name: end + call_type: none diff --git a/plugins/gala-ragdoll/flows/query_conf_in_domain.yaml b/plugins/gala-ragdoll/flows/query_conf_in_domain.yaml new file mode 100644 index 0000000000000000000000000000000000000000..84dd093fc381e334df0e99f563eca68927375053 --- /dev/null +++ b/plugins/gala-ragdoll/flows/query_conf_in_domain.yaml @@ -0,0 +1,10 @@ +name: 查看业务域域内配置 +description: 查看业务域域内配置,可以查看当前业务域添加的所有基线配置文件和配置文件内容,域内配置列表以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/management/getManagementConf + next: end + - name: end + call_type: none diff --git a/plugins/gala-ragdoll/flows/query_domain.yaml b/plugins/gala-ragdoll/flows/query_domain.yaml new file mode 100644 index 0000000000000000000000000000000000000000..1e05b10f322939661f5a9a1b35d9d81ae1a2f762 --- /dev/null +++ b/plugins/gala-ragdoll/flows/query_domain.yaml @@ -0,0 +1,10 @@ +name: 查询业务域 +description: 查询集群下所有的业务域,查询结果根据page和per_page进行分页,查询结果可根据字段domain_id或domain_name进行升序或降序排序,结果以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/domain/queryDomain + next: end + - name: end + call_type: none diff --git a/plugins/gala-ragdoll/flows/query_domain_conf_change.yaml b/plugins/gala-ragdoll/flows/query_domain_conf_change.yaml new file mode 100644 index 0000000000000000000000000000000000000000..4d9269f7da8f851f8842227a55e3371b60365563 --- /dev/null +++ b/plugins/gala-ragdoll/flows/query_domain_conf_change.yaml @@ -0,0 +1,10 @@ +name: 查看指定业务域域内配置的配置变更日志 +description: 查看业务域配置的配置变更日志,可以查看当前单个配置文件的基线内容以及当前基线配置内容的变更历史(变更ID、变更时间、变更人、变更原因、变更详情),配置变更日志以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/management/queryManageConfChange + next: end + - name: end + call_type: none diff --git a/plugins/gala-ragdoll/flows/query_host_current_conf.yaml b/plugins/gala-ragdoll/flows/query_host_current_conf.yaml new file mode 100644 index 0000000000000000000000000000000000000000..a3a45c312b0b9c3d379ce5750ed318a49cbde3dd --- /dev/null +++ b/plugins/gala-ragdoll/flows/query_host_current_conf.yaml @@ -0,0 +1,10 @@ +name: 查看主机当前真实配置 +description: 查看主机当前实配置,可以看到当前所有配置的真实内容,如果真实内容与业务域基线内容不一致,可以进行差异对比,当前的真实配置内容以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/confs/queryRealConfs + next: end + - name: end + call_type: none diff --git a/plugins/gala-ragdoll/flows/query_host_sync_status.yaml b/plugins/gala-ragdoll/flows/query_host_sync_status.yaml new file mode 100644 index 0000000000000000000000000000000000000000..e97bdc157e22b6f2001ea1ffba27a7bb3824fea1 --- /dev/null +++ b/plugins/gala-ragdoll/flows/query_host_sync_status.yaml @@ -0,0 +1,10 @@ +name: 获取业务域主机同步状态 +description: 获取业务域主机同步状态,根据业务域可以查看当前业务域所有主机的同步状态,当前主机同步状态以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/host/sync/status/get + next: end + - name: end + call_type: none diff --git a/plugins/gala-ragdoll/flows/query_support_confs.yaml b/plugins/gala-ragdoll/flows/query_support_confs.yaml new file mode 100644 index 0000000000000000000000000000000000000000..682ca4d1dfa6951ca034d9db939e19ccd8f6c003 --- /dev/null +++ b/plugins/gala-ragdoll/flows/query_support_confs.yaml @@ -0,0 +1,10 @@ +name: 查看当前支持的业务域配置 +description: 查看当前支持的业务域配置,可以看到当前可以配置的业务域文件,如果业务域配置文件已经被添加,将不会出现在列表中,当前支持的配置文件以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/confs/querySupportedConfs + next: end + - name: end + call_type: none diff --git a/plugins/gala-ragdoll/flows/refresh_domain_detail.yaml b/plugins/gala-ragdoll/flows/refresh_domain_detail.yaml new file mode 100644 index 0000000000000000000000000000000000000000..9edf7389bd6de603082889a41a5fe7f910899251 --- /dev/null +++ b/plugins/gala-ragdoll/flows/refresh_domain_detail.yaml @@ -0,0 +1,15 @@ +name: 刷新业务域详情 +description: 刷新业务域详情,会查看当前业务域中各个主机的信息和同步状态,刷新后的业务域详情以表格形式展示 +steps: + - name: start + call_type: api + params: + endpoint: POST /conftrace/host/getHost + next: query_host_sync_status + - name: query_host_sync_status + call_type: api + params: + endpoint: POST /conftrace/host/sync/status/get + next: end + - name: end + call_type: none diff --git a/plugins/gala-ragdoll/openapi.yaml b/plugins/gala-ragdoll/openapi.yaml new file mode 100644 index 0000000000000000000000000000000000000000..b488496903ba426e9628fd61d430421ea7236ce2 --- /dev/null +++ b/plugins/gala-ragdoll/openapi.yaml @@ -0,0 +1,1367 @@ +openapi: 3.0.1 +info: + version: 2.0.0 + title: "gala-ragdoll接口文档" +servers: + - url: http://116.63.164.87 +paths: + /accounts/cluster: + get: + description: "用户管理集群信息查看" + responses: + "200": + description: "" + content: + application/json: + schema: + allOf: + - $ref: "#/components/schemas/GeneralRsp" + - type: object + properties: + data: + type: array + items: + properties: + cluster_id: + type: string + description: 集群id + cluster_ip: + type: string + description: 集群ip + cluster_name: + type: string + description: 集群用户名 + description: + type: string + description: 描述 + subcluster: + type: boolean + description: 是否为子集群 + synchronous_state: + type: string + description: 同步状态 + + /conftrace/domain/createDomain: + post: + description: '创建业务域' + requestBody: + description: "创建业务域请求体" + content: + application/json: + schema: + required: + - domainName + - clusterId + - priority + type: object + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + clusterId: + type: string + example: "38ed453d-00b4-4074-ab84-b9564d8593f3" + description: "业务域归属的集群ID" + priority: + type: integer + example: 0 + description: "业务域优先级" + responses: + '200': + description: "创建业务域的响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "All domain created successfully, 1 domain in total." + description: "响应信息" + /conftrace/domain/queryDomain: + post: + description: '查询集群下的业务域' + requestBody: + description: "查询集群下的业务域请求体" + content: + application/json: + schema: + type: object + properties: + cluster_list: + type: array + description: "集群ID列表,如果未指定,则为空" + items: + type: string + sort: + type: string + enum: + - "domain_id" + - "domain_name" + - "" + example: "domain_id" + description: "排序字段" + direction: + type: string + enum: + - "desc" + - "asc" + example: "desc" + description: "排序顺序,正序或倒序" + page: + type: integer + example: 1 + description: "页码" + minimum: 1 + maximum: 999999 + per_page: + type: integer + example: 10 + description: "每页展示数量" + default: 20 + minimum: 1 + maximum: 50 + responses: + '200': + description: "查询集群下的业务域响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + data: + type: object + properties: + domain_infos: + type: array + items: + type: object + properties: + cluster_id: + type: string + example: "38ed453d-00b4-4074-ab84-b9564d8593f3" + description: "集群ID" + cluster_name: + type: string + example: "local-cluster" + description: "集群名称" + domain_id: + type: string + example: "d1e48cd1-2a43-488f-af86-92f8fe52c9b8" + description: "业务域ID" + domain_name: + type: string + example: "aops" + description: "业务域名称" + priority: + type: integer + example: 0 + description: "业务域优先级" + total_count: + type: integer + example: 2 + description: "数据总数" + total_page: + type: integer + example: 1 + description: "总页数" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "operation succeed" + description: "响应信息" + /conftrace/domain/deleteDomain: + delete: + description: '删除业务域' + requestBody: + description: "删除业务域请求体" + content: + application/json: + schema: + type: object + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + domainId: + type: string + example: "64d781f3-2614-4a91-8596-fce7d6f1657e" + description: "业务域ID" + responses: + '200': + description: "删除业务域响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "All domain delete successfully, 1 domain in total." + description: "响应信息" + /conftrace/host/addHost: + post: + description: '添加业务域主机' + requestBody: + description: "添加业务域主机请求体" + content: + application/json: + schema: + required: + - domainName + - hostInfos + type: object + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + hostInfos: + type: array + items: + required: + - hostId + - ip + - ipv6 + type: object + properties: + hostId: + type: string + example: "372caa4d-66b8-47d7-85f3-48e485a4660d" + description: "主机ID" + ip: + type: string + example: "192.168.234.150" + description: "ip地址" + ipv6: + type: string + example: "ipv6" + default: "ipv6" + description: "ip地址类型(ipv6或ipv4)" + responses: + '200': + description: "添加业务域主机响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "All host add hosts successfully, 1 host in total." + description: "响应信息" + /conftrace/host/deleteHost: + delete: + description: '删除业务域主机' + requestBody: + description: "删除业务域主机请求体" + content: + application/json: + schema: + type: object + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + hostInfos: + type: array + items: + type: object + properties: + hostId: + type: string + example: "372caa4d-66b8-47d7-85f3-48e485a4660d" + description: "主机ID" + responses: + '200': + description: "删除业务域主机响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "All host delete successfully, 1 host in total." + description: "响应信息" + /conftrace/host/getHost: + post: + description: '查询业务域主机' + requestBody: + description: "查询业务域主机请求体" + content: + application/json: + schema: + required: + - domainName + type: object + properties: + domainName: + type: string + example: "aops" + description: "业务域名" + responses: + '200': + description: "查询业务域主机响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + data: + type: array + items: + type: object + properties: + hostId: + type: string + example: "d175eb94-d108-490b-b8de-27883ae0722b" + description: "主机ID" + ip: + type: string + example: "192.168.234.150" + description: "主机ip地址" + ipv6: + type: string + example: "ipv4" + description: "主机ip协议" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "Get host info in the domain successfully" + description: "响应信息" + /conftrace/host/getNonexistentHost: + post: + description: '获取集群内可添加的主机' + requestBody: + description: "获取集群内可添加的主机请求体" + content: + application/json: + schema: + required: + - clusterId + type: object + properties: + clusterId: + type: string + example: "7800c2cb-0fa4-4966-9c92-76917783298a" + description: "集群ID" + responses: + '200': + description: "获取集群内可添加的主机响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + data: + type: array + items: + type: object + properties: + cluster_id: + type: string + example: "38ed453d-00b4-4074-ab84-b9564d8593f3" + description: "集群ID" + host_group_id: + type: string + example: "9631b0de-1e2f-45f9-a7b7-d439662a09e6" + description: "主机组ID" + host_group_name: + type: string + example: "test" + description: "主机组名称" + host_id: + type: string + example: "d175eb94-d108-490b-b8de-27883ae0722b" + description: "主机ID" + host_ip: + type: string + example: "192.168.234.150" + description: "主机IP" + host_name: + type: string + example: "aops3" + description: "主机名称" + last_scan: + type: integer + example: 1722931419 + description: "漏洞扫描上次扫描的时间(时间戳)" + management: + type: boolean + example: true + description: "是否为管理节点" + os_version: + type: string + example: "" + description: "主机系统版本" + pkey: + type: string + example: "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAzteUuKzYpvOrW6hf5YHNqf3+s62u7KhFr5B2bF4BgDRIhLZ7\nEnU9pYqVRKwP3dYh7YNs5RDWm0XHCOAHACnoG24RXeZASKRx4Hnkg3DC9Gp2++uT\nwFoGgFjLsaL7ePQuiSp1Q4STPtM28mnHxDz7EojIoOy6m+ncAe/Vq/63cb26p41i\nrU2GXoHMUajdYNuIZAWnd4HRUNDN1rCFiF9jocuBQrzYKhRO+ioCppIbMpYUsbfz\nB6128MsF16IlpvqH5NX+fvgwhI2kwMMdCefnJg022PsPQiI2aj4cpko6fTwIZbrj\nIrhFoBVidsRqruT8X/E3yv34PS71+hK0WokWAQIDAQABAoIBAFoen5Oe635CKGT1\nBWMvnPX1zmVmxRIjdsk5ff9VLf43yWjZQOIX5tYbfVHATeFvjLS5UFa1cWuRiVia\nkzJFD/XzjOmGineb/mm5chC6rpZjVJgKWgOytaZyCb3JrxtR+HyW3SSfvK/gws33\nvKwJjbLTmeZTfjK0P8EwR756al7JbFSusnwQhQvj4XQsN+i/J84uE1oc9yvgrNzW\nNZ1gvGZptbFxGMQlOzIHL6VeRGuiWrhhvyqgXXyKx3wn+m/w6x8NlC47FZPi8Vs4\nJ10Muj90KOY0jhQkvDtzcy8JU0yZpL/ckGBZ2HQAqeVmvHq+0dDSU7+WX/CqS60o\n9JnnfKkCgYEA+CVoK+dGGIfjj3NJ6QFSArTzHoYvMC2d6fgAzQzxPCjFtw3dSaMs\nTGXyaM1litNxdtTEJ94G6hWVMfWjg/s6+obvqwakudusRL6XYzOYhKWaCXAxUMUc\nL6y1l/Lne/QxdaBfzfIs9K9NsFKvQSRBcFJesAs15gUcrzTqVLulHzcCgYEA1WOC\nlntozVEhxF9MG8JBYY8aRHHd58u3EgKzNo7rBvi5zC/BgKxUA5b5onNBYjfioKvx\nYIGR9ujfCqvdr+QOotSUDEAC9I/hRjRT+cShHsr8M9NI6GL/mosdRIoaqK2cqZn4\nFXx60AAjCXbK24dYiXTMrNlZlcBFzpDmuwHHYIcCgYEAwXTASwIKFtPSKCL0azA5\nVJznsVNhdIkLxL0xOqstYv5SbgzkCSWqQoF0RBplYJ7JpZ/osUAaWeKrpwBfE2UI\nrQoHzWjngXJuUkXYVmGCNV+5wEP0XojdGZnnFOgtaeiNqqt2JWP5gmUtBxrfQMTY\nM44z/cEvqv0vSLTTP23vJG8CgYEAtVYsKk9Tf29b37IQTmKlBxACBXoyVoIC4BZV\nT57iUXlbAw7uRLetaaOKHqgNPzc4qsuTgyx46zd4G2x0Jr4KRguaiFJ5cHU4vl1H\no7CaLz3WVwBNK9a9WgqwY4dtIjzvLh2++htfjpUfMTK3Lxl0ftM4AAdwntbXO7Rd\nrzvSv88CgYEArUWf9y7K1990KOULRovDNQu6hS2UUlqOv0PeUcadq/Q9HcXNJHof\nYLOevQgq7WRcm8SXXgysFJhzgquY7DE1BMQWcQ3HHInuRJ1gW2RFXo+MR+OZw/KB\nC3HujxAqiPcBOQVUUY3Qmsbco+ASt0uLcBj9iv/sgm6u7TZXxKOACuY=\n-----END RSA PRIVATE KEY-----\n" + description: "主机RSA私钥" + reboot: + type: boolean + example: false + description: "重启后内核是否变更" + repo_id: + type: string + example: "65a87f6c-53cb-11ef-9f55-2cf05d4c345e" + description: "yum源ID" + scene: + type: string + example: "normal" + description: "场景" + ssh_port: + type: integer + example: "22" + description: "ssh连接端口" + ssh_user: + type: string + example: "root" + description: "ssh连接用户" + status: + type: integer + example: 0 + description: "主机状态" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "get host succeed" + description: "响应信息" + /conftrace/management/addManagementConf: + post: + description: '添加业务域配置' + requestBody: + description: "添加业务域配置请求体" + content: + application/json: + schema: + oneOf: + - $ref: '#/components/schemas/addManagementConfByContent' + - $ref: '#/components/schemas/addManagementConfByHost' + responses: + '200': + description: "添加业务域配置响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "All confs add management conf successfully, 1 confs in total." + description: "响应信息" + /conftrace/management/getManagementConf: + post: + description: '获取业务域配置' + requestBody: + description: "获取业务域配置请求体" + content: + application/json: + schema: + required: + - domainName + type: object + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + responses: + '200': + description: "获取业务域配置响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + data: + type: object + properties: + confFiles: + type: array + items: + type: object + properties: + contents: + type: string + example: "[\n \"aops1\"\n]" + description: "配置文件基线内容" + filePath: + type: string + example: "/etc/hostname" + description: "配置文件路径" + domainName: + type: string + example: "aops" + description: "业务域名称" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "Get management configuration items and expected values in the domain successfully" + description: "响应信息" + /conftrace/management/deleteManagementConf: + delete: + description: '删除业务域配置' + requestBody: + description: "删除业务域配置请求体" + content: + application/json: + schema: + type: object + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + confFiles: + type: array + items: + type: object + properties: + filePath: + type: string + example: "/etc/hostname" + description: "配置文件路径" + responses: + '200': + description: "删除业务域配置响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "All confs delete management conf successfully, 1 confs in total." + description: "响应信息" + /conftrace/management/queryManageConfChange: + post: + description: '查询业务域配置历史记录' + requestBody: + description: "查询业务域配置历史记录请求体" + content: + application/json: + schema: + required: + - domainName + - confFiles + type: object + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + confFiles: + type: array + items: + type: object + properties: + filePath: + type: string + example: "/etc/hostname" + description: "配置文件地址" + responses: + '200': + description: "查询业务域配置历史记录响应" + content: + application/json: + schema: + $ref: '#/components/schemas/DomainConfChangeInfoRep' + /conftrace/management/uploadManagementConf: + post: + description: '本地通过上传配置文件进行配置添加' + requestBody: + description: "上传配置文件添加配置请求体" + content: + multipart/form-data: + schema: + type: object + properties: + filePath: + type: string + example: "/etc/hostname" + description: "配置文件路径" + domainName: + type: string + example: "aops" + description: "业务域名称" + file: + type: string + format: binary + description: "配置二进制文件" + responses: + '200': + description: "上传配置文件添加配置响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "All confs add management conf successfully, 1 confs in total." + description: "响应信息" + /conftrace/confs/getDomainStatus: + post: + dangerous: True + description: '获取业务域主机同步状态' + requestBody: + description: "获取业务域主机同步状态请求体" + content: + application/json: + schema: + required: + - domainName + - ip + type: object + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + ip: + type: string + example: "192.168.234.150" + description: "主机ip地址" + responses: + '200': + description: "获取业务域主机同步状态响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + data: + type: object + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + hostStatus: + type: array + items: + type: object + properties: + hostId: + type: string + example: "d175eb94-d108-490b-b8de-27883ae0722b" + description: "主机ID" + syncStatus: + type: array + items: + type: object + properties: + file_path: + type: string + example: "/etc/hostname" + description: "配置文件路径" + isSynced: + type: string + example: "SYNCHRONIZED" + description: "配置文件是否同步" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "successfully get the sync status of domain" + description: "响应信息" + /conftrace/confs/queryExpectedConfs: + post: + description: '查询业务域预期配置' + requestBody: + description: "查询业务域预期配置请求体" + content: + application/json: + schema: + required: + - domainNames + type: object + properties: + domainNames: + type: array + items: + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + responses: + '200': + description: "查询业务域预期配置响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + data: + type: array + items: + type: object + properties: + confBaseInfos: + type: array + items: + type: object + properties: + expectedContents: + type: string + example: "[\n \"111\"\n]\n" + description: "预期配置文件内容" + filePath: + type: string + example: "/etc/hostname" + description: "配置文件地址" + domainName: + type: string + example: "aops" + description: "业务域名称" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "Successfully get the expected configuration file information." + description: "响应信息" + /conftrace/confs/queryRealConfs: + post: + description: '获取业务域主机实际配置' + requestBody: + description: "获取业务域主机实际配置请求体" + content: + application/json: + schema: + required: + - domainName + - hostIds + type: object + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + hostIds: + type: array + items: + type: object + properties: + hostId: + type: string + example: "d175eb94-d108-490b-b8de-27883ae0722b" + description: "主机ID" + responses: + '200': + description: "获取业务域主机实际配置响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + data: + type: array + items: + type: object + properties: + confBaseInfos: + type: array + items: + type: object + properties: + confContents: + type: string + example: "[\n \"111\"\n]" + description: "配置文件实际内容" + fileAttr: + type: string + example: "0644" + description: "配置文件权限" + fileOwner: + type: string + example: "(root, root)" + description: "配置文件归属者" + filePath: + type: string + example: "/etc/hostname" + description: "配置文件地址" + path: + type: string + example: "/etc/hostname" + description: "配置文件地址" + domainName: + type: string + example: "aops" + description: "业务域名称" + hostID: + type: string + example: "d175eb94-d108-490b-b8de-27883ae0722b" + description: "主机ID" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "Successfully query real confs" + description: "响应信息" + /conftrace/confs/querySupportedConfs: + post: + description: '获取当前业务域支持添加的配置文件' + requestBody: + description: "获取当前业务域支持添加的配置文件请求体" + content: + application/json: + schema: + required: + - domainName + type: object + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + responses: + '200': + description: "获取当前业务域支持添加的配置文件响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + data: + type: array + items: + type: string + example: "/etc/sysctl.conf" + description: "配置文件地址" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "get supported conf succeed" + description: "响应信息" + /conftrace/confs/syncConf: + post: + dangerous: True + description: '同步基线配置内容到主机' + requestBody: + description: "同步基线配置内容到主机请求体" + content: + application/json: + schema: + required: + - domainName + - syncList + type: object + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + syncList: + type: array + items: + required: + - hostId + - syncConfigs + properties: + hostId: + type: string + example: "d175eb94-d108-490b-b8de-27883ae0722b" + description: "主机ID" + syncConfigs: + type: array + items: + type: string + example: "/etc/hostname" + responses: + '200': + description: "同步基线配置内容到主机响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + data: + type: array + items: + type: object + properties: + host_id: + type: string + example: "d175eb94-d108-490b-b8de-27883ae0722b" + description: "主机ID" + syncResult: + type: array + items: + type: object + properties: + filePath: + type: string + example: "/etc/hostname" + description: "配置文件地址" + result: + type: string + example: "SUCCESS" + description: "配置文件同步结果" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "batch sync config succeed" + description: "响应信息" + /conftrace/confs/batch/syncConf: + post: + description: '批量同步基线配置内容到主机' + requestBody: + description: "批量同步基线配置内容到主机请求体" + content: + application/json: + schema: + required: + - domainName + - hostIds + type: object + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + hostIds: + type: array + items: + type: string + example: "d175eb94-d108-490b-b8de-27883ae0722b" + responses: + '200': + description: "批量同步基线配置内容到主机响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + data: + type: array + items: + type: object + properties: + host_id: + type: string + example: "d175eb94-d108-490b-b8de-27883ae0722b" + description: "主机ID" + syncResult: + type: array + items: + type: object + properties: + filePath: + type: string + example: "/etc/hostname" + description: "配置文件地址" + result: + type: string + example: "SUCCESS" + description: "配置文件同步结果" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "batch sync config succeed" + description: "响应信息" + /conftrace/confs/domain/diff: + post: + description: '配置文件内容对比' + requestBody: + description: "配置文件内容对比请求体" + content: + application/json: + schema: + required: + - expectedConfsResp + - domainResult + type: object + properties: + expectedConfsResp: + type: array + items: + required: + - domainName + - confBaseInfos + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + confBaseInfos: + type: array + items: + required: + - expectedContents + - filePath + properties: + expectedContents: + type: string + example: "[\n \"aops\"\n]\n" + description: "配置文件预期内容" + filePath: + type: string + example: "/etc/hostname" + description: "配置文件地址" + domainResult: + type: object + additionalProperties: + type: object + additionalProperties: + type: array + items: + type: object + properties: + filePath: + type: string + example: "/etc/hostname" + description: "配置文件地址" + contents: + type: string + example: "aops" + description: "配置文件内容" + responses: + '200': + description: "配置文件内容对比响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + data: + type: array + items: + type: object + properties: + domain_name: + type: string + example: "aops" + description: "业务域名称" + host_id: + type: string + example: "d175eb94-d108-490b-b8de-27883ae0722b" + description: "主机ID" + sync_status: + type: integer + example: 1 + description: "配置文件内容同步状态" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "successfully compare conf diff" + description: "响应信息" + /conftrace/host/sync/status/get: + post: + description: '获取业务域所有主机同步状态' + requestBody: + description: "获取业务域所有主机同步状态请求体" + content: + application/json: + schema: + required: + - domainName + type: object + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + responses: + '200': + description: "获取业务域所有主机同步状态响应" + content: + application/json: + schema: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + data: + type: array + items: + type: object + properties: + host_id: + type: string + example: "d175eb94-d108-490b-b8de-27883ae0722b" + description: "主机ID" + host_ip: + type: string + example: "192.168.234.150" + description: "主机IP地址" + sync_status: + type: integer + example: 0 + description: "主机配置同步状态,值为0表示未同步,值为1表示已同步" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "Get host conf sync status in the domain successfully" + description: "响应标签" +components: + schemas: + GeneralRsp: + required: + - code + - label + - message + type: object + properties: + code: + maxLength: 36 + minLength: 8 + type: string + description: 业务状态码,200表示正常处理并返回,其它状态码参考message或label字段值 + example: "200" + message: + maxLength: 512 + minLength: 2 + type: string + description: 报错描述信息,简短描述 + example: operation succeed + label: + maxLength: 512 + minLength: 2 + type: string + description: 状态码对应的含义 + example: Succeed + description: 通用返回信息 + addManagementConfByContent: + type: object + properties: + domainName: + type: string + example: "aops" + confFiles: + type: array + items: + type: object + properties: + filePath: + type: string + example: "/etc/hostname" + description: "配置文件路径" + contents: + type: string + example: "aops1" + description: "配置文件路径" + addManagementConfByHost: + type: object + properties: + domainName: + type: string + example: "aops" + confFiles: + type: array + items: + type: object + properties: + filePath: + type: string + example: "/etc/hostname" + description: "配置文件路径" + hostId: + type: string + example: "d175eb94-d108-490b-b8de-27883ae0722b" + description: "主机ID" + DomainConfChangeInfoRep: + type: object + properties: + code: + type: string + example: "200" + description: "响应码" + label: + type: string + example: "Succeed" + description: "响应标签" + message: + type: string + example: "Succeed to query the changelog of the configure in the domain." + description: "响应信息" + data: + type: object + properties: + domainName: + type: string + example: "aops" + description: "业务域名称" + confBaseInfos: + type: array + items: + type: object + properties: + filePath: + type: string + example: "/etc/hostname" + description: "配置文件路径" + expectedContents: + type: string + example: "[\n \"aops1\"\n]\n" + description: "预期配置文件内容" + changeLog: + type: array + items: + properties: + date: + type: string + format: "date-time" + example: "Tue Aug 6 16:30:13 2024 +0800" + description: "时间" + author: + type: string + example: "user_name " + description: "操作人(作者)" + changeId: + type: string + example: "671417db0cc2426ccb8de68a3d3f9ce710c7218e" + description: "变化ID" + changeReason: + type: string + example: " Add the conf in aops domian, the path including : /etc/hostname" + description: "变化原因" + preValue: + type: string + example: "[\n \"111\"\n]\n" + description: "过去内容" + postValue: + type: string + example: "[\n \"aops1\"\n]\n" + description: "当前内容" + diff --git a/plugins/gala-ragdoll/plugin.json b/plugins/gala-ragdoll/plugin.json new file mode 100644 index 0000000000000000000000000000000000000000..cb6fd832e2daa3dadd3ed6e0e572b4bbbf072387 --- /dev/null +++ b/plugins/gala-ragdoll/plugin.json @@ -0,0 +1,14 @@ +{ + "id": "Ragdoll", + "name": "配置溯源", + "description": "配置溯源主要用于管理主机配置文件,通过git监测并记录配置文件的变动。包括配置文件的基线内容的添加、修改、删除、查看;基线内容与配置文件实际内容对比,呈现内容差异;查看基线内容变更历史记录;同步基线内容到主机配置文件;主机配置文件同步状态", + "auth": { + "type": "oidc", + "args": { + "access-token": "" + }, + "domain": "aops", + "access_token_url": "http://116.63.164.87/accounts/accesstoken", + "token_expire_time": 1440 + } +} \ No newline at end of file diff --git a/plugins/gala-ragdoll/start.png b/plugins/gala-ragdoll/start.png new file mode 100644 index 0000000000000000000000000000000000000000..0e9e0a6d755e5d7e3713fbfeac073dd48e99f162 Binary files /dev/null and b/plugins/gala-ragdoll/start.png differ diff --git a/plugins/gala-ragdoll/start.posm b/plugins/gala-ragdoll/start.posm new file mode 100644 index 0000000000000000000000000000000000000000..41b5e8a99f199e38cde4b0b8145d5599b66b9e70 Binary files /dev/null and b/plugins/gala-ragdoll/start.posm differ