优化
This commit is contained in:
dengqichen
parent
2fbd77b74e
commit
e6507ae8a6
@ -13,15 +13,6 @@ import java.util.Map;
|
||||
*/
|
||||
public interface IJenkinsServiceIntegration extends IExternalSystemIntegration {
|
||||
|
||||
/**
|
||||
* 测试Jenkins连接
|
||||
*
|
||||
* @param system Jenkins系统配置
|
||||
* @return 连接是否成功
|
||||
*/
|
||||
boolean testConnection(ExternalSystem system);
|
||||
|
||||
|
||||
/**
|
||||
* 使用参数触发构建
|
||||
*
|
||||
|
||||
@ -13,14 +13,6 @@ import java.util.List;
|
||||
*/
|
||||
public interface IK8sServiceIntegration extends IExternalSystemIntegration {
|
||||
|
||||
/**
|
||||
* 测试K8S连接
|
||||
*
|
||||
* @param system K8S系统配置
|
||||
* @return 连接是否成功
|
||||
*/
|
||||
boolean testConnection(ExternalSystem system);
|
||||
|
||||
/**
|
||||
* 查询所有命名空间
|
||||
*
|
||||
|
||||
@ -112,6 +112,37 @@ public abstract class BaseExternalSystemIntegration<C> {
|
||||
// 默认空实现,子类按需覆盖
|
||||
}
|
||||
|
||||
// ==================== 连接测试模板方法 ====================
|
||||
|
||||
/**
|
||||
* 测试连接(模板方法)
|
||||
* 统一处理连接失败时清除缓存的逻辑
|
||||
*
|
||||
* @param system 系统配置
|
||||
* @return 是否连接成功
|
||||
*/
|
||||
public final boolean testConnection(ExternalSystem system) {
|
||||
try {
|
||||
return doTestConnection(system);
|
||||
} catch (Exception e) {
|
||||
log.error("连接测试失败: systemId={}, systemName={}, systemType={}, error={}",
|
||||
system.getId(), system.getName(), getClass().getSimpleName(), e.getMessage(), e);
|
||||
// 连接失败时清除缓存,下次重新创建
|
||||
clearCredentialCache(system.getId());
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 执行实际的连接测试逻辑
|
||||
* 子类实现具体的测试逻辑,无需处理异常和缓存清理
|
||||
*
|
||||
* @param system 系统配置
|
||||
* @return 是否连接成功
|
||||
* @throws Exception 连接失败时抛出异常
|
||||
*/
|
||||
protected abstract boolean doTestConnection(ExternalSystem system) throws Exception;
|
||||
|
||||
// ==================== 通用凭证获取方法 ====================
|
||||
|
||||
/**
|
||||
|
||||
@ -85,27 +85,20 @@ public class GitServiceIntegrationImpl extends BaseExternalSystemIntegration<Htt
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean testConnection(ExternalSystem system) {
|
||||
try {
|
||||
String url = system.getUrl() + "/api/v4/version";
|
||||
// 使用基类统一的凭证获取方法
|
||||
HttpHeaders headers = getCredential(system);
|
||||
HttpEntity<String> entity = new HttpEntity<>(headers);
|
||||
protected boolean doTestConnection(ExternalSystem system) throws Exception {
|
||||
String url = system.getUrl() + "/api/v4/version";
|
||||
// 使用基类统一的凭证获取方法
|
||||
HttpHeaders headers = getCredential(system);
|
||||
HttpEntity<String> entity = new HttpEntity<>(headers);
|
||||
|
||||
ResponseEntity<String> response = restTemplate.exchange(
|
||||
url,
|
||||
HttpMethod.GET,
|
||||
entity,
|
||||
String.class
|
||||
);
|
||||
ResponseEntity<String> response = restTemplate.exchange(
|
||||
url,
|
||||
HttpMethod.GET,
|
||||
entity,
|
||||
String.class
|
||||
);
|
||||
|
||||
return response.getStatusCode() == HttpStatus.OK;
|
||||
} catch (Exception e) {
|
||||
log.error("Git connection test failed for system: {}", system.getName(), e);
|
||||
// 连接失败时清除缓存,下次重新创建
|
||||
clearCredentialCache(system.getId());
|
||||
return false;
|
||||
}
|
||||
return response.getStatusCode() == HttpStatus.OK;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -106,31 +106,26 @@ public class JenkinsServiceIntegrationImpl extends BaseExternalSystemIntegration
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean testConnection(ExternalSystem system) {
|
||||
try {
|
||||
// 直接使用原始系统信息构建URL(URL不需要解密)
|
||||
String url = system.getUrl() + "/api/json";
|
||||
protected boolean doTestConnection(ExternalSystem system) throws Exception {
|
||||
// 直接使用原始系统信息构建URL(URL不需要解密)
|
||||
String url = system.getUrl() + "/api/json";
|
||||
|
||||
// 创建请求头(内部自动处理解密和crumb)
|
||||
HttpHeaders headers = createHeaders(system);
|
||||
// 创建请求头(内部自动处理解密和crumb)
|
||||
HttpHeaders headers = createHeaders(system);
|
||||
|
||||
// 打印实际发送的请求头
|
||||
log.debug("Authorization头: {}", headers.getFirst("Authorization"));
|
||||
// 打印实际发送的请求头
|
||||
log.debug("Authorization头: {}", headers.getFirst("Authorization"));
|
||||
|
||||
HttpEntity<String> entity = new HttpEntity<>(headers);
|
||||
HttpEntity<String> entity = new HttpEntity<>(headers);
|
||||
|
||||
ResponseEntity<String> response = restTemplate.exchange(
|
||||
url,
|
||||
HttpMethod.GET,
|
||||
entity,
|
||||
String.class
|
||||
);
|
||||
ResponseEntity<String> response = restTemplate.exchange(
|
||||
url,
|
||||
HttpMethod.GET,
|
||||
entity,
|
||||
String.class
|
||||
);
|
||||
|
||||
return response.getStatusCode() == HttpStatus.OK;
|
||||
} catch (Exception e) {
|
||||
log.error("Failed to connect to Jenkins: {}", system.getUrl(), e);
|
||||
return false;
|
||||
}
|
||||
return response.getStatusCode() == HttpStatus.OK;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -111,31 +111,21 @@ public class K8sServiceIntegrationImpl extends BaseExternalSystemIntegration<Api
|
||||
* 测试K8S连接
|
||||
*/
|
||||
@Override
|
||||
public boolean testConnection(ExternalSystem system) {
|
||||
protected boolean doTestConnection(ExternalSystem system) throws Exception {
|
||||
log.info("测试K8S连接,集群: {}", system.getName());
|
||||
|
||||
try {
|
||||
String config = system.getConfig();
|
||||
if (config == null || config.trim().isEmpty()) {
|
||||
throw new BusinessException(ResponseCode.K8S_CONFIG_EMPTY);
|
||||
}
|
||||
|
||||
// 使用基类统一的凭证获取方法
|
||||
ApiClient apiClient = getCredential(system);
|
||||
VersionApi versionApi = new VersionApi(apiClient);
|
||||
VersionInfo version = versionApi.getCode();
|
||||
log.info("K8S集群连接成功,版本: {}", version.getGitVersion());
|
||||
|
||||
return true;
|
||||
|
||||
} catch (Exception e) {
|
||||
log.error("K8S连接测试失败,集群: {}, 错误: {}", system.getName(), e.getMessage(), e);
|
||||
|
||||
// 连接失败时清除缓存,下次重新创建
|
||||
clearCredentialCache(system.getId());
|
||||
|
||||
return false;
|
||||
String config = system.getConfig();
|
||||
if (config == null || config.trim().isEmpty()) {
|
||||
throw new BusinessException(ResponseCode.K8S_CONFIG_EMPTY);
|
||||
}
|
||||
|
||||
// 使用基类统一的凭证获取方法
|
||||
ApiClient apiClient = getCredential(system);
|
||||
VersionApi versionApi = new VersionApi(apiClient);
|
||||
VersionInfo version = versionApi.getCode();
|
||||
log.info("K8S集群连接成功,版本: {}", version.getGitVersion());
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -30,6 +30,7 @@ import jakarta.annotation.PostConstruct;
|
||||
import jakarta.annotation.Resource;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.data.domain.Page;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
@ -61,7 +62,7 @@ public class ExternalSystemServiceImpl extends BaseServiceImpl<ExternalSystem, E
|
||||
|
||||
@Resource
|
||||
private List<IExternalSystemIntegration> systemIntegrations;
|
||||
|
||||
|
||||
private Map<ExternalSystemTypeEnum, IExternalSystemIntegration> integrationMap;
|
||||
|
||||
@Resource
|
||||
@ -87,10 +88,10 @@ public class ExternalSystemServiceImpl extends BaseServiceImpl<ExternalSystem, E
|
||||
|
||||
@Resource
|
||||
private IRepositorySyncHistoryRepository repositorySyncHistoryRepository;
|
||||
|
||||
|
||||
@Resource
|
||||
private SensitiveDataEncryptor encryptor;
|
||||
|
||||
|
||||
@PostConstruct
|
||||
public void init() {
|
||||
integrationMap = systemIntegrations.stream()
|
||||
@ -106,10 +107,10 @@ public class ExternalSystemServiceImpl extends BaseServiceImpl<ExternalSystem, E
|
||||
if (externalSystemRepository.existsByNameAndDeletedFalse(dto.getName())) {
|
||||
throw new UniqueConstraintException(ResponseCode.EXTERNAL_SYSTEM_NAME_EXISTS, "name", dto.getName());
|
||||
}
|
||||
|
||||
|
||||
// 检查类型+URL组合唯一性
|
||||
if (externalSystemRepository.existsByTypeAndUrlAndDeletedFalse(dto.getType(), dto.getUrl())) {
|
||||
throw new UniqueConstraintException(ResponseCode.EXTERNAL_SYSTEM_TYPE_URL_EXISTS,
|
||||
throw new UniqueConstraintException(ResponseCode.EXTERNAL_SYSTEM_TYPE_URL_EXISTS,
|
||||
"type and url", dto.getType() + ":" + dto.getUrl());
|
||||
}
|
||||
|
||||
@ -127,10 +128,10 @@ public class ExternalSystemServiceImpl extends BaseServiceImpl<ExternalSystem, E
|
||||
public ExternalSystemDTO update(Long id, ExternalSystemDTO dto) {
|
||||
// 先验证Git认证
|
||||
validateGitAuth(dto);
|
||||
|
||||
|
||||
// 获取现有系统
|
||||
ExternalSystem existingSystem = findEntityById(id);
|
||||
|
||||
|
||||
// 密码处理
|
||||
if (SensitiveDataEncryptor.isMasked(dto.getPassword())) {
|
||||
// 如果是掩码,保留原密码
|
||||
@ -145,7 +146,7 @@ public class ExternalSystemServiceImpl extends BaseServiceImpl<ExternalSystem, E
|
||||
dto.setPassword(existingSystem.getPassword());
|
||||
log.debug("保留原密码(空值):系统ID={}", id);
|
||||
}
|
||||
|
||||
|
||||
// Token处理
|
||||
if (SensitiveDataEncryptor.isMasked(dto.getToken())) {
|
||||
// 如果是掩码,保留原Token
|
||||
@ -160,7 +161,7 @@ public class ExternalSystemServiceImpl extends BaseServiceImpl<ExternalSystem, E
|
||||
dto.setToken(existingSystem.getToken());
|
||||
log.debug("保留原Token(空值):系统ID={}", id);
|
||||
}
|
||||
|
||||
|
||||
// Config处理(如kubeconfig等敏感配置)
|
||||
if (SensitiveDataEncryptor.isMasked(dto.getConfig())) {
|
||||
// 如果是掩码,保留原Config
|
||||
@ -174,7 +175,7 @@ public class ExternalSystemServiceImpl extends BaseServiceImpl<ExternalSystem, E
|
||||
dto.setConfig(existingSystem.getConfig());
|
||||
log.debug("保留原Config(空值):系统ID={}", id);
|
||||
}
|
||||
|
||||
|
||||
return super.update(id, dto);
|
||||
}
|
||||
|
||||
@ -211,8 +212,8 @@ public class ExternalSystemServiceImpl extends BaseServiceImpl<ExternalSystem, E
|
||||
}
|
||||
|
||||
@Override
|
||||
public org.springframework.data.domain.Page<ExternalSystemDTO> page(ExternalSystemQuery query) {
|
||||
org.springframework.data.domain.Page<ExternalSystemDTO> page = super.page(query);
|
||||
public Page<ExternalSystemDTO> page(ExternalSystemQuery query) {
|
||||
Page<ExternalSystemDTO> page = super.page(query);
|
||||
// 查询后处理:用掩码替换敏感数据
|
||||
page.getContent().forEach(this::maskSensitiveData);
|
||||
return page;
|
||||
@ -233,12 +234,12 @@ public class ExternalSystemServiceImpl extends BaseServiceImpl<ExternalSystem, E
|
||||
if (!system.getEnabled()) {
|
||||
throw new BusinessException(ResponseCode.EXTERNAL_SYSTEM_DISABLED);
|
||||
}
|
||||
|
||||
|
||||
IExternalSystemIntegration integration = integrationMap.get(system.getType());
|
||||
if (integration == null) {
|
||||
throw new BusinessException(ResponseCode.EXTERNAL_SYSTEM_TYPE_NOT_SUPPORTED);
|
||||
}
|
||||
|
||||
|
||||
// 直接传入原始系统对象,Integration层会自动处理解密和缓存
|
||||
boolean success = integration.testConnection(system);
|
||||
if (success) {
|
||||
@ -372,36 +373,5 @@ public class ExternalSystemServiceImpl extends BaseServiceImpl<ExternalSystem, E
|
||||
dto.setConfig(SensitiveDataEncryptor.maskIfPresent(dto.getConfig()));
|
||||
}
|
||||
|
||||
/**
|
||||
* 解密系统信息用于实际调用外部系统
|
||||
* 创建一个临时对象,不影响原对象
|
||||
*
|
||||
* @deprecated 不再使用此方法,解密职责已移至Integration层统一处理
|
||||
* 保留此方法仅用于兼容性,实际上不应再调用
|
||||
*/
|
||||
@Deprecated
|
||||
private ExternalSystem decryptSystemForUse(ExternalSystem system) {
|
||||
log.warn("decryptSystemForUse方法已废弃,请直接使用Integration层的解密机制");
|
||||
ExternalSystem decrypted = new ExternalSystem();
|
||||
// 复制所有属性
|
||||
decrypted.setId(system.getId());
|
||||
decrypted.setName(system.getName());
|
||||
decrypted.setType(system.getType());
|
||||
decrypted.setUrl(system.getUrl());
|
||||
decrypted.setAuthType(system.getAuthType());
|
||||
decrypted.setUsername(system.getUsername());
|
||||
decrypted.setEnabled(system.getEnabled());
|
||||
decrypted.setConfig(system.getConfig());
|
||||
|
||||
// 解密敏感数据
|
||||
if (StringUtils.isNotBlank(system.getPassword())) {
|
||||
decrypted.setPassword(encryptor.decrypt(system.getPassword()));
|
||||
}
|
||||
if (StringUtils.isNotBlank(system.getToken())) {
|
||||
decrypted.setToken(encryptor.decrypt(system.getToken()));
|
||||
}
|
||||
|
||||
return decrypted;
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user