From f135125693120a27d5f8cc089ded5a9b1904bd48 Mon Sep 17 00:00:00 2001 From: Ethan-Zhang Date: Sat, 25 Oct 2025 00:02:12 +0800 Subject: [PATCH 1/2] =?UTF-8?q?Fix:=20=E9=81=97=E6=BC=8F=E8=84=9A=E6=9C=AC?= =?UTF-8?q?=E8=A1=A5=E5=85=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../9-other-script/get_client_credentials.py | 78 ++++++++++++++++--- .../modify_eulercopilot_yaml.py | 6 ++ 2 files changed, 75 insertions(+), 9 deletions(-) diff --git a/deploy/scripts/9-other-script/get_client_credentials.py b/deploy/scripts/9-other-script/get_client_credentials.py index e6e13eba..4846da9a 100755 --- a/deploy/scripts/9-other-script/get_client_credentials.py +++ b/deploy/scripts/9-other-script/get_client_credentials.py @@ -217,12 +217,17 @@ class AutheliaService(AuthServiceBase): alphabet = string.ascii_letters + string.digits return ''.join(secrets.choice(alphabet) for _ in range(64)) + def generate_uuid(self) -> str: + """生成UUID格式的客户端ID""" + import uuid + return str(uuid.uuid4()) + def get_or_create_client(self) -> Dict[str, str]: """获取或创建客户端凭证""" print(f"\n正在处理 authelia 客户端配置...") - # 生成客户端ID和密钥 - client_id = self.client_name.lower().replace(' ', '-') + # 生成客户端ID和密钥(使用UUID格式) + client_id = self.generate_uuid() client_secret = self.generate_client_secret() # 创建客户端配置 @@ -269,8 +274,8 @@ class AutheliaService(AuthServiceBase): "client_secret": client_secret } -def get_service_cluster_ip(namespace: str, service_name: str) -> str: - """获取Kubernetes服务的ClusterIP""" +def get_service_nodeport_info(namespace: str, service_name: str) -> tuple: + """获取Kubernetes服务的NodePort信息,返回(host_ip, nodeport)""" cmd = ["kubectl", "get", "service", service_name, "-n", namespace, "-o", "json"] result = subprocess.run(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE) @@ -287,12 +292,58 @@ def get_service_cluster_ip(namespace: str, service_name: str) -> str: sys.exit(1) service_info = json.loads(result.stdout.decode()) - return service_info['spec'].get('clusterIP', 'No Cluster IP found') + + # 检查服务类型 + service_type = service_info['spec'].get('type', 'ClusterIP') + if service_type != 'NodePort': + print(f"警告: 服务 {service_name} 不是 NodePort 类型,当前类型: {service_type}") + # 如果不是NodePort,返回ClusterIP作为fallback + cluster_ip = service_info['spec'].get('clusterIP', 'No Cluster IP found') + return cluster_ip, None + + # 获取NodePort + ports = service_info['spec'].get('ports', []) + if not ports: + print(f"错误: 服务 {service_name} 没有配置端口") + sys.exit(1) + + nodeport = ports[0].get('nodePort') + if not nodeport: + print(f"错误: 服务 {service_name} 没有配置 NodePort") + sys.exit(1) + + # 获取节点IP(使用当前主机IP) + try: + # 尝试获取当前主机的IP地址 + import socket + hostname = socket.gethostname() + host_ip = socket.gethostbyname(hostname) + + # 如果获取到的是localhost,尝试其他方法 + if host_ip.startswith('127.'): + # 尝试通过网络接口获取 + hostname_result = subprocess.run(['hostname', '-I'], capture_output=True, text=True) + if hostname_result.returncode == 0: + ips = hostname_result.stdout.strip().split() + if ips: + host_ip = ips[0] # 使用第一个IP + except Exception: + host_ip = "127.0.0.1" # fallback + + return host_ip, nodeport + +def get_service_cluster_ip(namespace: str, service_name: str) -> str: + """获取Kubernetes服务的ClusterIP(保留兼容性)""" + host_ip, nodeport = get_service_nodeport_info(namespace, service_name) + if nodeport is None: + return host_ip # 返回ClusterIP + return host_ip def detect_auth_service() -> Tuple[str, str]: """检测已部署的鉴权服务""" services_to_check = [ ("euler-copilot", "authhub-web-service", "authHub"), + ("euler-copilot", "authelia", "authelia"), ("authelia", "authelia-service", "authelia"), ("default", "authelia", "authelia") ] @@ -365,12 +416,21 @@ def main(): # 获取服务信息 print(f"\n正在查询服务信息: [命名空间: {namespace}] [服务名: {service_name}]") + # 获取NodePort信息 + host_ip, nodeport = get_service_nodeport_info(namespace, service_name) + if service_type.lower() == "authhub": - cluster_ip = get_service_cluster_ip(namespace, service_name) - service_url = f"http://{cluster_ip}:8000" + if nodeport: + service_url = f"http://{host_ip}:{nodeport}" + else: + # fallback to cluster IP for authhub + service_url = f"http://{host_ip}:8000" else: # authelia - cluster_ip = get_service_cluster_ip(namespace, service_name) - service_url = f"http://{cluster_ip}:9091" + if nodeport: + service_url = f"https://{host_ip}:{nodeport}" + else: + # fallback to cluster IP for authelia + service_url = f"https://{host_ip}:9091" print(f"✓ 服务地址: {service_url}") diff --git a/deploy/scripts/9-other-script/modify_eulercopilot_yaml.py b/deploy/scripts/9-other-script/modify_eulercopilot_yaml.py index 4f7ac247..3c63d9ae 100755 --- a/deploy/scripts/9-other-script/modify_eulercopilot_yaml.py +++ b/deploy/scripts/9-other-script/modify_eulercopilot_yaml.py @@ -79,6 +79,12 @@ def main(): yaml_processor = YAML() yaml_processor.preserve_quotes = True yaml_processor.indent(mapping=2, sequence=4, offset=2) + # 设置字符串的宽度限制,避免不必要的换行 + yaml_processor.width = 4096 + yaml_processor.map_indent = 2 + yaml_processor.sequence_indent = 4 + # 保持字符串为单行格式 + yaml_processor.default_style = None else: yaml_processor = yaml # 使用 PyYAML 模块 -- Gitee From d7d3e0b7b58a4a09fce118c35c3f96063cd1840c Mon Sep 17 00:00:00 2001 From: Ethan-Zhang Date: Sat, 25 Oct 2025 00:39:11 +0800 Subject: [PATCH 2/2] =?UTF-8?q?Fix:=20update=20auth=20config=E8=B7=AF?= =?UTF-8?q?=E5=BE=84=E9=94=99=E8=AF=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- deploy/scripts/9-other-script/update_auth_config.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/scripts/9-other-script/update_auth_config.sh b/deploy/scripts/9-other-script/update_auth_config.sh index 2cbcf2e4..91439aad 100755 --- a/deploy/scripts/9-other-script/update_auth_config.sh +++ b/deploy/scripts/9-other-script/update_auth_config.sh @@ -10,7 +10,7 @@ NC='\033[0m' # 脚本目录 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -CHART_DIR="$(dirname "$SCRIPT_DIR")/chart" +CHART_DIR="$(dirname "$(dirname "$SCRIPT_DIR")")/chart" VALUES_FILE="$CHART_DIR/euler_copilot/values.yaml" # 生成UUID -- Gitee