diff --git a/0001-fix-metric-proxy-init-failed-error.patch b/0001-fix-metric-proxy-init-failed-error.patch new file mode 100644 index 0000000000000000000000000000000000000000..ca84d256b08f50312c9910ecd4ba85a97a7a5661 --- /dev/null +++ b/0001-fix-metric-proxy-init-failed-error.patch @@ -0,0 +1,46 @@ +From 833a9d721bed5b3e64ea49710a477a52b74c5255 Mon Sep 17 00:00:00 2001 +From: zhangdaolong +Date: Thu, 12 Oct 2023 14:28:06 +0800 +Subject: [PATCH 1/1] fix metric proxy init failed error +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +--- + zeus/database/proxy/metric.py | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/zeus/database/proxy/metric.py b/zeus/database/proxy/metric.py +index e899e26..5fa75e9 100644 +--- a/zeus/database/proxy/metric.py ++++ b/zeus/database/proxy/metric.py +@@ -21,6 +21,7 @@ from prometheus_api_client import PrometheusApiClientException + from vulcanus.database.proxy import PromDbProxy + from vulcanus.log.log import LOGGER + from vulcanus.restful.resp.state import SUCCEED, DATABASE_QUERY_ERROR, NO_DATA, PARAM_ERROR, PARTIAL_SUCCEED ++from zeus.conf import configuration + + + class MetricProxy(PromDbProxy): +@@ -28,16 +29,15 @@ class MetricProxy(PromDbProxy): + Proxy of prometheus time series database + """ + +- def __init__(self, configuration, host=None, port=None): ++ def __init__(self, host=None, port=None): + """ + Init MetricProxy + + Args: +- configuration (Config) + host (str) + port (int) + """ +- PromDbProxy.__init__(self, configuration, host, port) ++ PromDbProxy.__init__(self, host, port) + self.default_instance_port = configuration.agent.get('DEFAULT_INSTANCE_PORT') or 9100 + self.query_range_step = configuration.prometheus.get('QUERY_RANGE_STEP') or "15s" + +-- +2.33.0 + diff --git a/0001-fix-token-is-not-invalidated-after-being-refreshed.patch b/0001-fix-token-is-not-invalidated-after-being-refreshed.patch deleted file mode 100644 index 7f3b1495d387cdb691f76e98c17bf3c45d821e4c..0000000000000000000000000000000000000000 --- a/0001-fix-token-is-not-invalidated-after-being-refreshed.patch +++ /dev/null @@ -1,115 +0,0 @@ -From 9ab3df8bcd61a07a5eeade60053b30db84409610 Mon Sep 17 00:00:00 2001 -From: gongzt -Date: Thu, 27 Apr 2023 10:12:42 +0800 -Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E5=88=B7=E6=96=B0token?= - =?UTF-8?q?=E5=90=8E=EF=BC=8C=E6=97=A7=E7=9A=84token=E4=BB=8D=E7=84=B6?= - =?UTF-8?q?=E7=94=9F=E6=95=88=EF=BC=8C=E4=BB=A5=E5=8F=8A=E9=80=80=E5=87=BA?= - =?UTF-8?q?=E7=99=BB=E5=BD=95=E5=90=8E=E6=97=A7=E7=9A=84token=E6=9C=89?= - =?UTF-8?q?=E6=95=88?= -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - ---- - zeus/account_manager/view.py | 49 +++++++++++++++++++++++++++++------- - zeus/url.py | 4 ++- - 2 files changed, 43 insertions(+), 10 deletions(-) - -diff --git a/zeus/account_manager/view.py b/zeus/account_manager/view.py -index 68194d0..40a0658 100644 ---- a/zeus/account_manager/view.py -+++ b/zeus/account_manager/view.py -@@ -15,6 +15,8 @@ Time: - Author: - Description: Restful APIs for user - """ -+from jwt.exceptions import ExpiredSignatureError -+ - from vulcanus.conf.constant import REFRESH_TOKEN_EXP - from vulcanus.database.proxy import RedisProxy - from vulcanus.log.log import LOGGER -@@ -182,20 +184,49 @@ class RefreshToken(BaseResponse): - Returns: - dict: response body - """ -- status = self.verify_token(params.get("refresh_token"), params) -- if status != state.SUCCEED: -- return self.response(code=status, message="token refreshing failure.") - try: -- username = decode_token(params.get("refresh_token"))["key"] -+ refresh_token_info = decode_token(params.get("refresh_token")) -+ except ExpiredSignatureError: -+ return self.response(code=state.TOKEN_EXPIRE) -+ except ValueError: -+ self.response(code=state.TOKEN_ERROR, message="token refreshing failure.") -+ -+ username = refresh_token_info["key"] -+ old_refresh_token = RedisProxy.redis_connect.get("refresh_token_" + username) -+ if not old_refresh_token or old_refresh_token != params.get("refresh_token"): -+ return self.response(code=state.TOKEN_ERROR, message="Invalid token.") -+ -+ try: - token = generate_token(unique_iden=username) -- refresh_token = generate_token( -- unique_iden=username, minutes=REFRESH_TOKEN_EXP) -+ refresh_token = generate_token(unique_iden=username, minutes=REFRESH_TOKEN_EXP) - except ValueError: - LOGGER.error("Token generation failed,token refreshing failure.") - return self.response(code=state.GENERATION_TOKEN_ERROR) -- -+ # Remove an expired token -+ RedisProxy.redis_connect.delete("token_" + username) -+ RedisProxy.redis_connect.delete("refresh_token_" + username) -+ # Set a new token value - RedisProxy.redis_connect.set("token_" + username, token) -- RedisProxy.redis_connect.set( -- "refresh_token_" + username, refresh_token) -+ RedisProxy.redis_connect.set("refresh_token_" + username, refresh_token) - - return self.response(code=state.SUCCEED, data=dict(token=token, refresh_token=refresh_token)) -+ -+ -+class Logout(BaseResponse): -+ """ -+ Interface for logout. -+ Restful API: post -+ """ -+ -+ @BaseResponse.handle() -+ def post(self, **params): -+ """ -+ Refresh token -+ -+ Returns: -+ dict: response body -+ """ -+ username = params.get("username") -+ RedisProxy.redis_connect.delete("token_" + username) -+ RedisProxy.redis_connect.delete("refresh_token_" + username) -+ return self.response(code=state.SUCCEED) -\ No newline at end of file -diff --git a/zeus/url.py b/zeus/url.py -index ae31276..4f1e78e 100644 ---- a/zeus/url.py -+++ b/zeus/url.py -@@ -44,7 +44,8 @@ from vulcanus.conf.constant import ( - QUERY_METRIC_NAMES, - QUERY_METRIC_DATA, - QUERY_METRIC_LIST, -- REFRESH_TOKEN -+ REFRESH_TOKEN, -+ LOGOUT - ) - from zeus.account_manager import view as account_view - from zeus.agent_manager import view as agent_view -@@ -64,6 +65,7 @@ SPECIFIC_URLS = { - (account_view.AuthRedirectUrl, AUTH_REDIRECT_URL), - (account_view.BindAuthAccount, BIND_AUTH_ACCOUNT), - (account_view.RefreshToken, REFRESH_TOKEN), -+ (account_view.Logout, LOGOUT), - ], - "HOST_URLS": [ - (host_view.AddHost, ADD_HOST), --- -Gitee - diff --git a/0002-add-key-authentication-for-add-host-api.patch b/0002-add-key-authentication-for-add-host-api.patch new file mode 100644 index 0000000000000000000000000000000000000000..8a3c9e166e9936d4616345c3720d024990c7c2f2 --- /dev/null +++ b/0002-add-key-authentication-for-add-host-api.patch @@ -0,0 +1,298 @@ +From 7a8164696bb913a75cf79cf6b57c9973530efefa Mon Sep 17 00:00:00 2001 +From: rabbitali +Date: Sun, 15 Oct 2023 16:37:55 +0800 +Subject: [PATCH 1/1] add a way about key authentication for add host api +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +--- + database/zeus.sql | 2 +- + zeus/conf/constant.py | 6 +-- + zeus/database/table.py | 2 +- + zeus/function/verify/host.py | 4 +- + zeus/host_manager/view.py | 99 ++++++++++++++++++++++++++++-------- + 5 files changed, 85 insertions(+), 28 deletions(-) + +diff --git a/database/zeus.sql b/database/zeus.sql +index 3dc9f3c..7db734e 100644 +--- a/database/zeus.sql ++++ b/database/zeus.sql +@@ -42,7 +42,7 @@ CREATE TABLE IF NOT EXISTS `host` ( + `os_version` varchar(40) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL DEFAULT NULL, + `ssh_user` varchar(40) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL DEFAULT NULL, + `ssh_port` int(11) NULL DEFAULT NULL, +- `pkey` varchar(2048) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL DEFAULT NULL, ++ `pkey` varchar(4096) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL DEFAULT NULL, + `status` int(11) NULL DEFAULT NULL, + `user` varchar(40) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL DEFAULT NULL, + `host_group_id` int(11) NULL DEFAULT NULL, +diff --git a/zeus/conf/constant.py b/zeus/conf/constant.py +index 3175c65..bf8792a 100644 +--- a/zeus/conf/constant.py ++++ b/zeus/conf/constant.py +@@ -90,9 +90,9 @@ CHECK_IDENTIFY_SCENE = "/check/scene/identify" + CHECK_WORKFLOW_HOST_EXIST = '/check/workflow/host/exist' + + # host template file content +-HOST_TEMPLATE_FILE_CONTENT = """host_ip,ssh_port,ssh_user,password,host_name,host_group_name,management +-test_ip_1,22,root,password,test_host,test_host_group,False +-test_ip_2,22,root,password,test_host,test_host_group,False ++HOST_TEMPLATE_FILE_CONTENT = """host_ip,ssh_port,ssh_user,password,ssh_pkey,host_name,host_group_name,management ++test_ip_1,22,root,password,ssh_pkey,test_host,test_host_group,False ++test_ip_2,22,root,password,ssh_pkey,test_host,test_host_group,False + """ + + +diff --git a/zeus/database/table.py b/zeus/database/table.py +index 9596492..265eb45 100644 +--- a/zeus/database/table.py ++++ b/zeus/database/table.py +@@ -59,7 +59,7 @@ class Host(Base, MyBase): # pylint: disable=R0903 + os_version = Column(String(40)) + ssh_user = Column(String(40), default="root") + ssh_port = Column(Integer(), default=22) +- pkey = Column(String(2048)) ++ pkey = Column(String(4096)) + status = Column(Integer(), default=2) + + user = Column(String(40), ForeignKey('user.username')) +diff --git a/zeus/function/verify/host.py b/zeus/function/verify/host.py +index b054d62..d09eedd 100644 +--- a/zeus/function/verify/host.py ++++ b/zeus/function/verify/host.py +@@ -103,11 +103,12 @@ class AddHostSchema(Schema): + """ + + ssh_user = fields.String(required=True, validate=lambda s: len(s) > 0) +- password = fields.String(required=True, validate=lambda s: len(s) > 0) ++ password = fields.String(required=True, allow_none=True, validate=lambda s: len(s) >= 0) + host_name = fields.String( + required=True, validate=[validate.Length(min=1, max=50), ValidateRules.space_character_check] + ) + host_ip = fields.IP(required=True) ++ ssh_pkey = fields.String(required=True, allow_none=True, validate=lambda s: 4096 >= len(s) >= 0) + ssh_port = fields.Integer(required=True, validate=lambda s: 65535 >= s > 0) + host_group_name = fields.String(required=True, validate=lambda s: len(s) > 0) + management = fields.Boolean(required=True) +@@ -133,3 +134,4 @@ class UpdateHostSchema(Schema): + host_name = fields.String(required=False, validate=lambda s: len(s) > 0) + host_group_name = fields.String(required=False, validate=lambda s: len(s) > 0) + management = fields.Boolean(required=False) ++ ssh_pkey = fields.String(required=False, validate=lambda s: 4096 >= len(s) >= 0) +diff --git a/zeus/host_manager/view.py b/zeus/host_manager/view.py +index 768d2cd..95e1434 100644 +--- a/zeus/host_manager/view.py ++++ b/zeus/host_manager/view.py +@@ -16,12 +16,13 @@ Author: + Description: Restful APIs for host + """ + import json +-from io import BytesIO ++from io import BytesIO, StringIO + from typing import Iterable, List, Tuple, Union + import socket + + import gevent + import paramiko ++from paramiko.ssh_exception import SSHException + from flask import request, send_file + from marshmallow import Schema + from marshmallow.fields import Boolean +@@ -333,7 +334,8 @@ class AddHost(BaseResponse): + "host_ip":"127.0.0.1", + "ssh_port":"22", + "management":false, +- "username": "admin" ++ "username": "admin", ++ "ssh_pkey": "RSA key" + } + + Returns: +@@ -363,6 +365,7 @@ class AddHost(BaseResponse): + "ssh_port": host_info.get("ssh_port"), + "user": host_info.get("username"), + "management": host_info.get("management"), ++ "pkey": host_info.get("ssh_pkey"), + } + ) + if host in hosts: +@@ -384,7 +387,8 @@ class AddHost(BaseResponse): + "host_ip":"127.0.0.1", + "ssh_port":"22", + "management":false, +- "username": "admin" ++ "username": "admin", ++ "ssh_pkey": "RSA key" + } + + Returns: +@@ -396,15 +400,55 @@ class AddHost(BaseResponse): + if status != state.SUCCEED: + return self.response(code=status) + +- status, private_key = save_ssh_public_key_to_client( +- params.get('host_ip'), params.get('ssh_port'), params.get('ssh_user'), params.get('password') +- ) +- if status == state.SUCCEED: +- host.pkey = private_key +- host.status = HostStatus.ONLINE ++ if params.get("ssh_pkey"): ++ status = verify_ssh_login_info( ++ ClientConnectArgs( ++ params.get("host_ip"), params.get("ssh_port"), params.get("ssh_user"), params.get("ssh_pkey") ++ ) ++ ) ++ host.status = HostStatus.ONLINE if status == state.SUCCEED else HostStatus.UNESTABLISHED ++ else: ++ status, private_key = save_ssh_public_key_to_client( ++ params.get('host_ip'), params.get('ssh_port'), params.get('ssh_user'), params.get('password') ++ ) ++ if status == state.SUCCEED: ++ host.pkey = private_key ++ host.status = HostStatus.ONLINE + return self.response(code=self.proxy.add_host(host)) + + ++def verify_ssh_login_info(ssh_login_info: ClientConnectArgs) -> str: ++ """ ++ Verify that the ssh login information is correct ++ ++ Args: ++ ssh_login_info(ClientConnectArgs): e.g ++ ClientConnectArgs(host_ip='127.0.0.1', ssh_port=22, ssh_user='root', pkey=RSAKey string) ++ ++ Returns: ++ status code ++ """ ++ try: ++ client = SSH( ++ ip=ssh_login_info.host_ip, ++ username=ssh_login_info.ssh_user, ++ port=ssh_login_info.ssh_port, ++ pkey=paramiko.RSAKey.from_private_key(StringIO(ssh_login_info.pkey)), ++ ) ++ client.close() ++ except socket.error as error: ++ LOGGER.error(error) ++ return state.SSH_CONNECTION_ERROR ++ except SSHException as error: ++ LOGGER.error(error) ++ return state.SSH_AUTHENTICATION_ERROR ++ except Exception as error: ++ LOGGER.error(error) ++ return state.SSH_CONNECTION_ERROR ++ ++ return state.SUCCEED ++ ++ + def save_ssh_public_key_to_client(ip: str, port: int, username: str, password: str) -> tuple: + """ + generate RSA key pair,save public key to the target host machine +@@ -465,7 +509,7 @@ class GetHostTemplateFile(BaseResponse): + file = BytesIO() + file.write(HOST_TEMPLATE_FILE_CONTENT.encode('utf-8')) + file.seek(0) +- response = send_file(file,mimetype="application/octet-stream") ++ response = send_file(file, mimetype="application/octet-stream") + response.headers['Content-Disposition'] = 'attachment; filename=template.csv' + return response + +@@ -574,6 +618,7 @@ class AddHostBatch(BaseResponse): + continue + + password = host_info.pop("password") ++ pkey = host_info.pop("ssh_pkey", None) + host_info.update( + {"host_group_id": group_id_info.get(host_info['host_group_name']), "user": data["username"]} + ) +@@ -585,7 +630,7 @@ class AddHostBatch(BaseResponse): + ) + continue + +- valid_host.append((host, password)) ++ valid_host.append((host, password, pkey)) + return valid_host + + def save_key_to_client(self, host_connect_infos: List[tuple]) -> list: +@@ -598,8 +643,8 @@ class AddHostBatch(BaseResponse): + Returns: + host object list + """ +- # 30 connections are created at a time. +- tasks = [host_connect_infos[index : index + 30] for index in range(0, len(host_connect_infos), 30)] ++ # 100 connections are created at a time. ++ tasks = [host_connect_infos[index : index + 100] for index in range(0, len(host_connect_infos), 100)] + result = [] + + for task in tasks: +@@ -612,18 +657,23 @@ class AddHostBatch(BaseResponse): + return result + + @staticmethod +- def update_rsa_key_to_host(host: Host, password: str) -> Host: ++ def update_rsa_key_to_host(host: Host, password: str = None, pkey: str = None) -> Host: + """ + save ssh public key to client and update its private key in host + + Args: + host(Host): host object + password(str): password for ssh login ++ pkey(str): rsa key for ssh login + + Returns: + host object + """ +- status, pkey = save_ssh_public_key_to_client(host.host_ip, host.ssh_port, host.ssh_user, password) ++ if pkey: ++ status = verify_ssh_login_info(ClientConnectArgs(host.host_ip, host.ssh_port, host.ssh_user, pkey)) ++ else: ++ status, pkey = save_ssh_public_key_to_client(host.host_ip, host.ssh_port, host.ssh_user, password) ++ + if status == state.SUCCEED: + host.status = HostStatus.ONLINE + host.pkey = pkey +@@ -654,7 +704,7 @@ class AddHostBatch(BaseResponse): + new_host.update(update_info) + self.add_result.append(new_host) + else: +- for host, _ in hosts: ++ for host, _, _ in hosts: + new_host = { + "host_ip": host.host_ip, + "ssh_port": host.ssh_port, +@@ -789,9 +839,14 @@ class UpdateHost(BaseResponse): + """ + ssh_user = params.get("ssh_user") or self.host.ssh_user + ssh_port = params.get("ssh_port") or self.host.ssh_port +- status, private_key = save_ssh_public_key_to_client( +- self.host.host_ip, ssh_port, ssh_user, params.pop("password", None) +- ) ++ private_key = params.pop("ssh_pkey", None) ++ if private_key: ++ status = verify_ssh_login_info(ClientConnectArgs(self.host.host_ip, ssh_port, ssh_user, private_key)) ++ else: ++ status, private_key = save_ssh_public_key_to_client( ++ self.host.host_ip, ssh_port, ssh_user, params.pop("password", None) ++ ) ++ + params.update( + { + "ssh_user": ssh_user, +@@ -876,10 +931,10 @@ class UpdateHost(BaseResponse): + return self.response(code=state.PARAM_ERROR, message="there is a duplicate host ssh address in database!") + + if params.get("ssh_user") or params.get("ssh_port"): +- if not params.get("password"): +- return self.response(code=state.PARAM_ERROR, message="please update password") ++ if not params.get("password") or not params.get("ssh_pkey"): ++ return self.response(code=state.PARAM_ERROR, message="please update password or authentication key.") + self._save_ssh_key(params) +- elif params.get("password"): ++ elif params.get("password") or params.get("ssh_pkey"): + self._save_ssh_key(params) + + return self.response(callback.update_host_info(params.pop("host_id"), params)) +-- +2.33.0 + diff --git a/0002-update-args-validation-rules-and-update-add-host-by-batch.patch b/0002-update-args-validation-rules-and-update-add-host-by-batch.patch deleted file mode 100644 index 0653eeea58eb27d681d66f7d21f24cbd6f2368a5..0000000000000000000000000000000000000000 --- a/0002-update-args-validation-rules-and-update-add-host-by-batch.patch +++ /dev/null @@ -1,164 +0,0 @@ -From f392c0ca19c019a092c62ffb4fd6f1f2f1d2da5c Mon Sep 17 00:00:00 2001 -From: rabbitali -Date: Mon, 24 Apr 2023 15:35:07 +0800 -Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=B7=BB=E5=8A=A0=E4=B8=BB?= - =?UTF-8?q?=E6=9C=BA=E6=8E=A5=E5=8F=A3=E4=B8=BB=E6=9C=BA=E5=90=8D=E7=A7=B0?= - =?UTF-8?q?=E6=A0=A1=E9=AA=8C=E8=A7=84=E5=88=99;=E6=9B=B4=E6=96=B0?= - =?UTF-8?q?=E6=B3=A8=E5=86=8C=E7=94=A8=E6=88=B7=E6=8E=A5=E5=8F=A3=E7=9A=84?= - =?UTF-8?q?=E5=8F=82=E6=95=B0=E6=A0=A1=E9=AA=8C=E8=A7=84=E5=88=99,?= - =?UTF-8?q?=E4=B8=8E=E5=89=8D=E7=AB=AF=E4=BF=9D=E6=8C=81=E4=B8=80=E8=87=B4?= - =?UTF-8?q?;=E6=9B=B4=E6=96=B0=E6=89=B9=E9=87=8F=E6=B7=BB=E5=8A=A0?= - =?UTF-8?q?=E4=B8=BB=E6=9C=BA=E6=8E=A5=E5=8F=A3?= -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - ---- - aops-zeus.spec | 2 +- - setup.py | 3 ++- - zeus/function/verify/acount.py | 5 +++-- - zeus/function/verify/host.py | 4 +++- - zeus/host_manager/view.py | 38 ++++++++++++++++++++++++++-------- - 5 files changed, 38 insertions(+), 14 deletions(-) - -diff --git a/aops-zeus.spec b/aops-zeus.spec -index ab83ead..2a6f94d 100644 ---- a/aops-zeus.spec -+++ b/aops-zeus.spec -@@ -9,7 +9,7 @@ Source0: %{name}-%{version}.tar.gz - - BuildRequires: python3-setuptools - Requires: aops-vulcanus >= v1.2.0 --Requires: python3-marshmallow >= 3.13.0 python3-flask python3-flask-restful -+Requires: python3-marshmallow >= 3.13.0 python3-flask python3-flask-restful python3-gevent - Requires: python3-requests python3-uWSGI python3-sqlalchemy python3-werkzeug python3-PyMySQL - Requires: python3-paramiko >= 2.11.0 python3-redis python3-prometheus-api-client - Provides: aops-zeus -diff --git a/setup.py b/setup.py -index 46d4408..469ee11 100644 ---- a/setup.py -+++ b/setup.py -@@ -19,7 +19,8 @@ setup( - 'Werkzeug', - 'paramiko>=2.11.0', - "redis", -- 'prometheus_api_client' -+ 'prometheus_api_client', -+ 'gevent' - ], - author='cmd-lsw-yyy-zyc', - data_files=[ -diff --git a/zeus/function/verify/acount.py b/zeus/function/verify/acount.py -index b8bd67f..dfc3220 100644 ---- a/zeus/function/verify/acount.py -+++ b/zeus/function/verify/acount.py -@@ -15,6 +15,7 @@ Time: - Author: - Description: For host related interfaces - """ -+from vulcanus.restful.serialize.validate import ValidateRules - from marshmallow import Schema - from marshmallow import fields - -@@ -23,8 +24,8 @@ class LoginSchema(Schema): - """ - validators for parameter of /manage/account/login - """ -- username = fields.String(required=True, validate=lambda s: len(s) > 0) -- password = fields.String(required=True, validate=lambda s: len(s) > 0) -+ username = fields.String(required=True, validate=ValidateRules.account_name_check) -+ password = fields.String(required=True, validate=ValidateRules.account_password_check) - - - class AddUserSchema(LoginSchema): -diff --git a/zeus/function/verify/host.py b/zeus/function/verify/host.py -index f955975..4866947 100644 ---- a/zeus/function/verify/host.py -+++ b/zeus/function/verify/host.py -@@ -15,6 +15,7 @@ Time: - Author: - Description: For host related interfaces - """ -+from vulcanus.restful.serialize.validate import ValidateRules - from marshmallow import Schema - from marshmallow import fields - from marshmallow import validate -@@ -101,7 +102,8 @@ class AddHostSchema(Schema): - """ - ssh_user = fields.String(required=True, validate=lambda s: len(s) > 0) - password = fields.String(required=True, validate=lambda s: len(s) > 0) -- host_name = fields.String(required=True, validate=lambda s: len(s) > 0) -+ host_name = fields.String(required=True, -+ validate=[validate.Length(min=1, max=50), ValidateRules.space_character_check]) - host_ip = fields.IP(required=True) - ssh_port = fields.Integer(required=True, validate=lambda s: 65535 >= s > 0) - host_group_name = fields.String(required=True, validate=lambda s: len(s) > 0) -diff --git a/zeus/host_manager/view.py b/zeus/host_manager/view.py -index a5af075..8dd4c2b 100644 ---- a/zeus/host_manager/view.py -+++ b/zeus/host_manager/view.py -@@ -16,10 +16,12 @@ Author: - Description: Restful APIs for host - """ - import json --import socket - from io import BytesIO - from typing import Iterable, List, Tuple, Union -+from gevent import monkey; monkey.patch_all(ssl=False) -+import socket - -+import gevent - import paramiko - from flask import request, send_file - from marshmallow import Schema -@@ -523,14 +525,8 @@ class AddHostBatch(BaseResponse): - message="invalid host info or all hosts has been added", - data=self.add_result) - -- # Generate Rsa-key pair and save public_key on host -- multi_thread = MultiThreadHandler(lambda data: self.update_rsa_key_to_host(*data), -- valid_hosts, None) -- multi_thread.create_thread() -- result = multi_thread.get_result() -- -- # Add host -- status = proxy.add_host_batch(result) -+ # save public_key on host and add host to database -+ status = proxy.add_host_batch(self.save_key_to_client(valid_hosts)) - if status != state.SUCCEED: - self.update_add_result(valid_hosts, - {"result": self.add_failed, "reason": "Insert Database error"}) -@@ -605,6 +601,30 @@ class AddHostBatch(BaseResponse): - valid_host.append((host, password)) - return valid_host - -+ def save_key_to_client(self, host_connect_infos: List[tuple]) -> list: -+ """ -+ save key to client -+ -+ Args: -+ host_connect_infos (list): client connect info -+ -+ Returns: -+ host object list -+ """ -+ # 30 connections are created at a time. -+ tasks = [host_connect_infos[index:index + 30] for index in range(0, len(host_connect_infos), 30)] -+ result = [] -+ -+ for task in tasks: -+ jobs = [gevent.spawn(self.update_rsa_key_to_host, *host_connect_info) -+ for host_connect_info in task] -+ -+ gevent.joinall(jobs) -+ for job in jobs: -+ result.append(job.value) -+ -+ return result -+ - @staticmethod - def update_rsa_key_to_host(host: Host, password: str) -> Host: - """ --- -Gitee - diff --git a/0003-add-gevent-config-item-for-uwsgi.patch b/0003-add-gevent-config-item-for-uwsgi.patch deleted file mode 100644 index f8e789a73f595cf53f9fbef587d711a0437b5349..0000000000000000000000000000000000000000 --- a/0003-add-gevent-config-item-for-uwsgi.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 759e4a40e09e96b7d71b9537dbcf3e71d407389b Mon Sep 17 00:00:00 2001 -From: rabbitali -Date: Fri, 21 Apr 2023 14:32:31 +0800 -Subject: [PATCH] add gevent config item for uwsgi - ---- - conf/zeus.ini | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/conf/zeus.ini b/conf/zeus.ini -index d794001..15b3f47 100644 ---- a/conf/zeus.ini -+++ b/conf/zeus.ini -@@ -8,7 +8,9 @@ daemonize=/var/log/aops/uwsgi/zeus.log - http-timeout=600 - harakiri=600 - processes=2 --threads=4 -+; if gevent is used in the project, you should set gevent item here, its value is the maximum number of coroutine -+; concurrency. gevent and threads are conflicting items, and gevent is read with a higher priority than threads. -+gevent=100 - - [mysql] - ip=127.0.0.1 --- -Gitee - diff --git a/0004-update-validate-rules-of-username-field.patch b/0004-update-validate-rules-of-username-field.patch deleted file mode 100644 index 64ac89b2b86da9afd3a8ea39d79777502b8dc087..0000000000000000000000000000000000000000 --- a/0004-update-validate-rules-of-username-field.patch +++ /dev/null @@ -1,25 +0,0 @@ -From d990c0bf4e7d0c4391bfbf0c52b80f70ea71d272 Mon Sep 17 00:00:00 2001 -From: rabbitali -Date: Tue, 9 May 2023 11:08:58 +0800 -Subject: [PATCH] update validate rules of username field - ---- - zeus/function/verify/host.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/zeus/function/verify/host.py b/zeus/function/verify/host.py -index f955975..63fc330 100644 ---- a/zeus/function/verify/host.py -+++ b/zeus/function/verify/host.py -@@ -29,7 +29,7 @@ class HostSchema(Schema): - required=True, validate=lambda s: len(s) > 0) - host_ip = fields.IP(required=True) - management = fields.Boolean(required=True) -- username = fields.String(required=True, validate=lambda s: len(s) > 0) -+ username = fields.String(required=True, validate=lambda s: 32 >= len(s) > 0) - password = fields.String(required=True, validate=lambda s: len(s) > 0) - agent_port = fields.Integer(required=True, validate=lambda s: 65535 >= s >= 0) - os_version = fields.String(required=True, validate=lambda s: len(s) > 0) --- -Gitee - diff --git a/aops-zeus-v1.2.0.tar.gz b/aops-zeus-v1.3.1.tar.gz similarity index 40% rename from aops-zeus-v1.2.0.tar.gz rename to aops-zeus-v1.3.1.tar.gz index 00b0d42f50adf6ce3fb0404f57266b872854aff0..da95fe85b025d16ed980909ec8644da992876a23 100644 Binary files a/aops-zeus-v1.2.0.tar.gz and b/aops-zeus-v1.3.1.tar.gz differ diff --git a/aops-zeus.spec b/aops-zeus.spec index 6c38db0317177e7bf9ac222a410e90f97b028fe2..461c691841cb4bbb3cef8ff4167e110f526c7ece 100644 --- a/aops-zeus.spec +++ b/aops-zeus.spec @@ -1,21 +1,20 @@ Name: aops-zeus -Version: v1.2.0 -Release: 4 +Version: v1.3.1 +Release: 2 Summary: A host and user manager service which is the foundation of aops. License: MulanPSL2 URL: https://gitee.com/openeuler/%{name} Source0: %{name}-%{version}.tar.gz -Patch0001: 0001-fix-token-is-not-invalidated-after-being-refreshed.patch -Patch0002: 0002-update-args-validation-rules-and-update-add-host-by-batch.patch -Patch0003: 0003-add-gevent-config-item-for-uwsgi.patch -Patch0004: 0004-update-validate-rules-of-username-field.patch +Patch0001: 0001-fix-metric-proxy-init-failed-error.patch +Patch0002: 0002-add-key-authentication-for-add-host-api.patch +Patch0003: 0003-fix-python-prometheus-api-client-import-error.patch BuildRequires: python3-setuptools -Requires: aops-vulcanus >= v1.2.0 +Requires: aops-vulcanus >= v1.3.0 Requires: python3-marshmallow >= 3.13.0 python3-flask python3-flask-restful python3-gevent Requires: python3-requests python3-uWSGI python3-sqlalchemy python3-werkzeug python3-PyMySQL -Requires: python3-paramiko >= 2.11.0 python3-redis python3-prometheus-api-client +Requires: python3-paramiko >= 2.11.0 python3-redis python3-prometheus-api-client Provides: aops-zeus Conflicts: aops-manager @@ -34,6 +33,8 @@ A host and user manager service which is the foundation of aops. # install for aops-zeus %py3_install +mkdir -p %{buildroot}/opt/aops/ +cp -r database %{buildroot}/opt/aops/ %files @@ -43,9 +44,37 @@ A host and user manager service which is the foundation of aops. %attr(0755,root,root) /usr/lib/systemd/system/aops-zeus.service %{python3_sitelib}/aops_zeus*.egg-info %{python3_sitelib}/zeus/* +%attr(0755, root, root) /opt/aops/database/* %changelog +* Tue Oct 24 2023 wenxin - v1.3.1-2 +- fix bug: metric proxy init failed +- add a way about key authentication for add host api + +* Thu Sep 21 2023 wenxin - v1.3.1-1 +- update spec requires +- update version info in setup.py file + +* Tue Sep 19 2023 wenxin - v1.3.0-4 +- bugfix: cve fix result parsing error + +* Tue Sep 19 2023 wenxin - v1.3.0-3 +- update callback request headers +- fix bash file sync error + +* Wed Sep 13 2023 wenxin - v1.3.0-2 +- add file sync func + +* Tue Sep 05 2023 wenxin - v1.3.0-1 +- optimize the method of executing apollo tasks + +* Fri Jun 02 2023 wenxin - v1.2.1-2 +- update cve fix + +* Tue May 23 2023 wenxin - v1.2.1-1 +- add cve rollback api;update cve scan callback func + * Tue May 09 2023 wenxin - v1.2.0-4 - update validate rules of username field