From 30eaba3bce57d257b90ccc4ba64de93f6389b29c Mon Sep 17 00:00:00 2001 From: =?utf8?q?=E5=88=98=E6=B4=AA=E9=9D=92?= Date: Mon, 14 Mar 2022 16:17:16 +0800 Subject: [PATCH] =?utf8?q?chore:=20nwpu=20=E5=8D=87=E7=BA=A71.3?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- ...1\243\357\274\210V1.2-V1.3\357\274\211.md" | 240 ++++++++++++++++++ ...-minio.yaml => 1.authx-service-minio.yaml} | 2 +- .../2.authx-service-ingresses.yaml | 22 ++ .../4.4.authx-service-bff.yaml | 2 +- .../0.authx-service/4.9.authx-management.yaml | 61 +++++ .../4.0.user-data-service-installer.yaml | 2 +- .../4.1.user-data-service-poa.yaml | 2 +- .../4.2.user-data-service-goa.yaml | 6 +- .../4.3.user-data-service-biz.yaml | 2 +- .../5.user-data-service-datax-job.yaml | 2 +- .../9.api-docs-installer.yaml | 2 +- .../4.0.user-authorization-installer.yaml | 2 +- .../4.1.user-authorization-poa.yaml | 2 +- .../4.2.user-authorization-sa.yaml | 2 +- .../5.user-authorization-datax-job.yaml | 2 +- .../9.api-docs-installer.yaml | 2 +- .../4.0.cas-server-installer.yaml | 2 +- .../4.cas-server/4.2.cas-server-sa-api.yaml | 2 +- .../4.3.cas-server-security-engine.yaml | 6 +- .../4.5.cas-server-site-webapp.yaml | 2 +- .../4.6.cas-server-site-scheme.yaml | 2 +- .../4.cas-server/5.cas-server-datax-job.yaml | 2 +- .../4.0.token-server-installer.yaml | 2 +- .../5.token-server/4.1.token-server.yaml | 2 +- .../5.token-server/9.api-docs-installer.yaml | 2 +- .../4.4.personal-security-center-bff.yaml | 2 +- .../4.5.personal-security-center-zuul.yaml | 2 +- 27 files changed, 355 insertions(+), 24 deletions(-) create mode 100644 "project/nwpu/k8s-rancher/0.1.3.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\215\207\347\272\247\346\226\207\346\241\243\357\274\210V1.2-V1.3\357\274\211.md" rename project/nwpu/k8s-rancher/1.authx-service/0.authx-service/{2.authx-service-minio.yaml => 1.authx-service-minio.yaml} (99%) create mode 100644 project/nwpu/k8s-rancher/1.authx-service/0.authx-service/2.authx-service-ingresses.yaml create mode 100644 project/nwpu/k8s-rancher/1.authx-service/0.authx-service/4.9.authx-management.yaml diff --git "a/project/nwpu/k8s-rancher/0.1.3.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\215\207\347\272\247\346\226\207\346\241\243\357\274\210V1.2-V1.3\357\274\211.md" "b/project/nwpu/k8s-rancher/0.1.3.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\215\207\347\272\247\346\226\207\346\241\243\357\274\210V1.2-V1.3\357\274\211.md" new file mode 100644 index 0000000..4cf2e08 --- /dev/null +++ "b/project/nwpu/k8s-rancher/0.1.3.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\215\207\347\272\247\346\226\207\346\241\243\357\274\210V1.2-V1.3\357\274\211.md" @@ -0,0 +1,240 @@ + +# 认证授权服务升级文档(V1.2 ~ V1.3) + + +## 部署变更说明 + +对本次升级进行的简要说明,具体的升级步骤,详见 **升级说明** + +1. 新增 authx-service/authx-management ,用户认证授权管理前端 + +2. 新增 authx-service/authx-ingress ,提供 authx-management 的外网域名访问,暂用 `admin-platform.paas.nwpu.edu.cn` + + + +## 升级说明 + +1. 将 工作负载 下的服务 升级到 1.3.x 版本 + +2. 部署 Deployment authx-service/authx-management + + 部署yaml 位于 1.authx-service/0.authx-service/4.9.authx-management.yaml + +3. 部署 Ingress authx-service/authx-management-ingress + + 部署yaml 位于 1.authx-service/0.authx-service/2.authx-service-ingresses.yaml + + 若无发提供新域名的,可以使用 admin-platform.paas.nwpu.edu.cn + +4. 部署成功后,须修改 admin-platform 的相关配置 + + 修改 ConfigMap admin-platform/admin-platform-spa-env 下的配置项 `CAS_SERVER_SPA_URL`, `USER_SERVER_SPA_URL`, `AUTH_SERVER_SPA_URL` + + ``` + CAS_SERVER_SPA_URL: http://admin-platform.paas.nwpu.edu.cn/authx-management/cas-server + USER_SERVER_SPA_URL: http://admin-platform.paas.nwpu.edu.cn/authx-management/user-server + AUTH_SERVER_SPA_URL: http://admin-platform.paas.nwpu.edu.cn/authx-management/auth-server + ``` + + http://admin-platform.paas.nwpu.edu.cn/cas-server-spa + http://admin-platform.paas.nwpu.edu.cn/user-server-spa + http://admin-platform.paas.nwpu.edu.cn/auth-server-spa + + + +## 初始化数据 + + +### 创建菜单 + +#### 方式一,手动导入 + +**将 origin 修改为正确的 学校域名** + +进入 云平台 - 基础管理 - 菜单管理,导入 + +所属应用 选择 用户授权 + +菜单列表(JSON)如下,(复制后粘贴) + + +* 认证管理 + +```json +[ + { + "id": "22000", "parentIdOrCode":"20000", "code": "journalManage", "name": "日志管理", "memo": "", "status": "1", + "icon": "su-icon-taocanguanli", "origin": "http://admin-platform.paas.nwpu.edu.cn", "url": "/cas-server/journalManage", "target": "", + "order": 22000, "resourceIdOrCodes": [] + } +] +``` + + +* 授权管理 + +```json +[ + { + "id": "41100", "parentIdOrCode":"40000", "code": "accountAuthorizationAudit", "name": "账号授权审计", "memo": "", "status": "1", + "icon": "su-icon-zhsqsj", "origin": "http://admin-platform.paas.nwpu.edu.cn", "url": "/auth-server/accountAuthorizationAudit", "target": "", + "order": 41100, "resourceIdOrCodes": [] + }, + { + "id": "41200", "parentIdOrCode":"40000", "code": "userAudit", "name": "用户规则权限审计", "memo": "", "status": "0", + "icon": "su-icon-yhgzqxsj", "origin": "http://admin-platform.paas.nwpu.edu.cn", "url": "/auth-server/userAudit", "target": "", + "order": 41200, "resourceIdOrCodes": [] + }, + { + "id": "41300", "parentIdOrCode":"40000", "code": "rolePermissionAudit", "name": "角色授权审计", "memo": "", "status": "1", + "icon": "su-icon-jszsqsj", "origin": "http://admin-platform.paas.nwpu.edu.cn", "url": "/auth-server/rolePermissionAudits", "target": "", + "order": 41300, "resourceIdOrCodes": [] + }, + { + "id": "41350", "parentIdOrCode":"40000", "code": "roleGroupPermissionAudit", "name": "角色组授权审计", "memo": "", "status": "1", + "icon": "su-icon-jszsqsj", "origin": "http://admin-platform.paas.nwpu.edu.cn", "url": "/auth-server/roleGroupPermissionAudit", "target": "", + "order": 41350, "resourceIdOrCodes": [] + }, + { + "id": "41400", "parentIdOrCode":"40000", "code": "authOperationsAudit", "name": "权限操作审计", "memo": "", "status": "1", + "icon": "su-icon-qxczsj", "origin": "http://admin-platform.paas.nwpu.edu.cn", "url": "/auth-server/authOperationsAudit", "target": "", + "order": 41400, "resourceIdOrCodes": [] + }, + { + "id": "41500", "parentIdOrCode":"40000", "code": "authStatisticalMonitor", "name": "授权统计监控", "memo": "", "status": "1", + "icon": "su-icon-sqtjjk", "origin": "http://admin-platform.paas.nwpu.edu.cn", "url": "/auth-server/authStatisticalMonitor", "target": "", + "order": 41500, "resourceIdOrCodes": [] + } +] +``` + + +#### 方式二,bash脚本 + +**将 origin 修改为正确的 学校域名** + +进入 admin-center-sa 下的 pod, 执行命令行 + + +* 认证管理 + +```bash +curl -i -s -X POST "http://localhost:8080/v1/admin/menus/importMenu" -H 'Content-Type: application/json' \ +-d \ +' +{ + "applicationId": "10", + "menuList": + [ + { + "id": "22000", "parentIdOrCode":"20000", "code": "journalManage", "name": "日志管理", "memo": "", "status": "1", + "icon": "su-icon-taocanguanli", "origin": "http://admin-platform.paas.nwpu.edu.cn", "url": "/cas-server/journalManage", "target": "", + "order": 22000, "resourceIdOrCodes": [] + } + ] +} +' +``` + +* 授权管理 + +```bash +curl -i -s -X POST "http://localhost:8080/v1/admin/menus/importMenu" -H 'Content-Type: application/json' \ +-d \ +' +{ + "applicationId": "10", + "menuList": + [ + { + "id": "41100", "parentIdOrCode":"40000", "code": "accountAuthorizationAudit", "name": "账号授权审计", "memo": "", "status": "1", + "icon": "su-icon-zhsqsj", "origin": "http://admin-platform.paas.nwpu.edu.cn", "url": "/auth-server/accountAuthorizationAudit", "target": "", + "order": 41100, "resourceIdOrCodes": [] + }, + { + "id": "41200", "parentIdOrCode":"40000", "code": "userAudit", "name": "用户规则权限审计", "memo": "", "status": "0", + "icon": "su-icon-yhgzqxsj", "origin": "http://admin-platform.paas.nwpu.edu.cn", "url": "/auth-server/userAudit", "target": "", + "order": 41200, "resourceIdOrCodes": [] + }, + { + "id": "41300", "parentIdOrCode":"40000", "code": "rolePermissionAudit", "name": "角色授权审计", "memo": "", "status": "1", + "icon": "su-icon-jszsqsj", "origin": "http://admin-platform.paas.nwpu.edu.cn", "url": "/auth-server/rolePermissionAudits", "target": "", + "order": 41300, "resourceIdOrCodes": [] + }, + { + "id": "41350", "parentIdOrCode":"40000", "code": "roleGroupPermissionAudit", "name": "角色组授权审计", "memo": "", "status": "1", + "icon": "su-icon-jszsqsj", "origin": "http://admin-platform.paas.nwpu.edu.cn", "url": "/auth-server/roleGroupPermissionAudit", "target": "", + "order": 41350, "resourceIdOrCodes": [] + }, + { + "id": "41400", "parentIdOrCode":"40000", "code": "authOperationsAudit", "name": "权限操作审计", "memo": "", "status": "1", + "icon": "su-icon-qxczsj", "origin": "http://admin-platform.paas.nwpu.edu.cn", "url": "/auth-server/authOperationsAudit", "target": "", + "order": 41400, "resourceIdOrCodes": [] + }, + { + "id": "41500", "parentIdOrCode":"40000", "code": "authStatisticalMonitor", "name": "授权统计监控", "memo": "", "status": "1", + "icon": "su-icon-sqtjjk", "origin": "http://admin-platform.paas.nwpu.edu.cn", "url": "/auth-server/authStatisticalMonitor", "target": "", + "order": 41500, "resourceIdOrCodes": [] + } + ] +} +' +``` + + +### 关联角色权限 + +角色由授权服务进行初始化 + + +#### 方式一,手动导入(暂不支持) + +进入 云平台 - 基础管理 - 角色权限,导入 + +角色权限(JSON)如下,(复制后粘贴) + +```json +[ + { + "roleId": "20", "roleCode":"cas-admin", + "permissionIdOrCodes": ["1", "20000", "20100", "20200", "20300", "20400", "20500", "20600", "20700", "20800", "20900", "21000", "21100", "22000"] + }, + { + "roleId": "40", "roleCode": "user-authz-admin", + "permissionIdOrCodes": ["1", "40000", "40050", "40100", "40200", "40300", "40500", "40900", "41100", "41200", "41300", "41350", "41400", "41500"] + } +] +``` + + +#### 方式二,bash脚本 + +进入 admin-center-sa 下的 pod, 执行命令行 + +```bash +curl -i -s -X POST "http://localhost:8080/v1/admin/rolePermissions/importRolePermission" -H 'Content-Type: application/json' \ +-d \ +' +{ + "roleCodeIdMap": { + "cas-admin": "20", + "user-admin": "30", + "user-authz-admin": "40", + "user-authz-grant-admin": "41", + "user-authz-man-grant-admin": "42" + }, + "rolePermissionList": + [ + { + "roleId": "20", "roleCode":"cas-admin", + "permissionIdOrCodes": ["1", "20000", "20100", "20200", "20300", "20400", "20500", "20600", "20700", "20800", "20900", "21000", "21100", "22000"] + }, + { + "roleId": "40", "roleCode": "user-authz-admin", + "permissionIdOrCodes": ["1", "40000", "40050", "40100", "40200", "40300", "40500", "40900", "41100", "41200", "41300", "41350", "41400", "41500"] + } + ] +} +' +``` + diff --git a/project/nwpu/k8s-rancher/1.authx-service/0.authx-service/2.authx-service-minio.yaml b/project/nwpu/k8s-rancher/1.authx-service/0.authx-service/1.authx-service-minio.yaml similarity index 99% rename from project/nwpu/k8s-rancher/1.authx-service/0.authx-service/2.authx-service-minio.yaml rename to project/nwpu/k8s-rancher/1.authx-service/0.authx-service/1.authx-service-minio.yaml index 3e6aa0b..46762d7 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/0.authx-service/2.authx-service-minio.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/0.authx-service/1.authx-service-minio.yaml @@ -1,4 +1,4 @@ -# 2.authx-service-minio.yaml +# 1.authx-service-minio.yaml #################################################### # minio diff --git a/project/nwpu/k8s-rancher/1.authx-service/0.authx-service/2.authx-service-ingresses.yaml b/project/nwpu/k8s-rancher/1.authx-service/0.authx-service/2.authx-service-ingresses.yaml new file mode 100644 index 0000000..b78a861 --- /dev/null +++ b/project/nwpu/k8s-rancher/1.authx-service/0.authx-service/2.authx-service-ingresses.yaml @@ -0,0 +1,22 @@ +# 2.authx-service-ingresses.yaml + +# 用户授权管理前端 +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + namespace: authx-service + name: authx-management-ingress + annotations: + nginx.ingress.kubernetes.io/use-regex: "true" + nginx.ingress.kubernetes.io/rewrite-target: /$1 +spec: + rules: + # 修改为学校的根域名 + - host: admin-platform.paas.nwpu.edu.cn + http: + paths: + - path: /authx-management/(.*) + backend: + serviceName: authx-management-svc + servicePort: http diff --git a/project/nwpu/k8s-rancher/1.authx-service/0.authx-service/4.4.authx-service-bff.yaml b/project/nwpu/k8s-rancher/1.authx-service/0.authx-service/4.4.authx-service-bff.yaml index 106a222..5d56fbf 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/0.authx-service/4.4.authx-service-bff.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/0.authx-service/4.4.authx-service-bff.yaml @@ -102,7 +102,7 @@ spec: spec: containers: - name: authx-service-bff - image: paas.harbor.nwpu.edu.cn/authx-service/authx-service-bff:1.2.10-RELEASE + image: paas.harbor.nwpu.edu.cn/authx-service/authx-service-bff:1.3.6-RELEASE imagePullPolicy: Always ports: - containerPort: 8080 diff --git a/project/nwpu/k8s-rancher/1.authx-service/0.authx-service/4.9.authx-management.yaml b/project/nwpu/k8s-rancher/1.authx-service/0.authx-service/4.9.authx-management.yaml new file mode 100644 index 0000000..7a0fda4 --- /dev/null +++ b/project/nwpu/k8s-rancher/1.authx-service/0.authx-service/4.9.authx-management.yaml @@ -0,0 +1,61 @@ +# 4.9.authx-management.yaml + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: authx-service + name: authx-management-env +data: + + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: authx-service + name: authx-management-svc + labels: + app: authx-management-svc +spec: + ports: + - port: 80 + targetPort: http + protocol: TCP + name: http + selector: + app: authx-management + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: authx-service + name: authx-management +spec: + selector: + matchLabels: + app: authx-management + replicas: 1 + template: + metadata: + labels: + app: authx-management + spec: + containers: + - name: authx-management + image: paas.harbor.nwpu.edu.cn/authx-service/authx-management:1.3.6-RELEASE + imagePullPolicy: Always + ports: + - containerPort: 80 + name: http + envFrom: + - configMapRef: + name: authx-management-env + resources: + requests: + memory: "128Mi" + limits: + memory: "256Mi" + imagePullSecrets: + - name: harbor-registry diff --git a/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/4.0.user-data-service-installer.yaml b/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/4.0.user-data-service-installer.yaml index 7654c6f..efbf7d7 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/4.0.user-data-service-installer.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/4.0.user-data-service-installer.yaml @@ -28,7 +28,7 @@ spec: containers: - name: user-data-service-installer # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/goa/installer:1.2.10-RELEASE + image: paas.harbor.nwpu.edu.cn/goa/installer:1.3.6-RELEASE imagePullPolicy: Always env: - name: DB_TYPE diff --git a/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/4.1.user-data-service-poa.yaml b/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/4.1.user-data-service-poa.yaml index 3f93f40..ef4e6c1 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/4.1.user-data-service-poa.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/4.1.user-data-service-poa.yaml @@ -92,7 +92,7 @@ spec: containers: - name: user-data-service-poa # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/goa/poa-api:1.2.10-RELEASE + image: paas.harbor.nwpu.edu.cn/goa/poa-api:1.3.6-RELEASE imagePullPolicy: Always ports: - containerPort: 8080 diff --git a/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/4.2.user-data-service-goa.yaml b/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/4.2.user-data-service-goa.yaml index 37c911f..e11a8fc 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/4.2.user-data-service-goa.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/4.2.user-data-service-goa.yaml @@ -65,6 +65,10 @@ data: JOBS_RABBITMQ_ACCOUNTGROUPUSERSVC2JOBSRABBITSENDER_ENABLED: "false" + #ipaddr + IPADDR_API_URL: http://ipaddr.ipaddr.svc.cluster.local:9090/v1/find + + LOGGING_LEVEL_COM_SUPWISDOM_GOA: INFO LOGGING_LEVEL_COM_SUPWISDOM_INSTITUTE_GOA_COMMON_LOG: INFO @@ -110,7 +114,7 @@ spec: containers: - name: user-data-service-goa # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/goa/goa-api:1.2.10-RELEASE + image: paas.harbor.nwpu.edu.cn/goa/goa-api:1.3.6-RELEASE imagePullPolicy: Always ports: - containerPort: 8080 diff --git a/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/4.3.user-data-service-biz.yaml b/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/4.3.user-data-service-biz.yaml index 2f72655..3da7391 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/4.3.user-data-service-biz.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/4.3.user-data-service-biz.yaml @@ -96,7 +96,7 @@ spec: containers: - name: user-data-service-biz # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/goa/biz-api:1.2.10-RELEASE + image: paas.harbor.nwpu.edu.cn/goa/biz-api:1.3.6-RELEASE imagePullPolicy: Always ports: - containerPort: 8080 diff --git a/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/5.user-data-service-datax-job.yaml b/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/5.user-data-service-datax-job.yaml index 361c963..782a16e 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/5.user-data-service-datax-job.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/5.user-data-service-datax-job.yaml @@ -41,7 +41,7 @@ spec: containers: - name: user-data-service-datax-job # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/goa/datax-job:1.2.10-RELEASE + image: paas.harbor.nwpu.edu.cn/goa/datax-job:1.3.6-RELEASE imagePullPolicy: Always envFrom: - configMapRef: diff --git a/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/9.api-docs-installer.yaml b/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/9.api-docs-installer.yaml index 53ff777..3b891ad 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/9.api-docs-installer.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/2.user-data-service/9.api-docs-installer.yaml @@ -38,7 +38,7 @@ spec: containers: - name: api-docs-installer # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/goa/api-docs-installer:1.2.10-RELEASE + image: paas.harbor.nwpu.edu.cn/goa/api-docs-installer:1.3.6-RELEASE imagePullPolicy: Always envFrom: - configMapRef: diff --git a/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/4.0.user-authorization-installer.yaml b/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/4.0.user-authorization-installer.yaml index c0d200e..23833c8 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/4.0.user-authorization-installer.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/4.0.user-authorization-installer.yaml @@ -28,7 +28,7 @@ spec: containers: - name: user-authorization-installer # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/user-authorization-service/user-authorization-installer:1.2.10-RELEASE + image: paas.harbor.nwpu.edu.cn/user-authorization-service/user-authorization-installer:1.3.6-RELEASE imagePullPolicy: Always env: - name: DB_TYPE diff --git a/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/4.1.user-authorization-poa.yaml b/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/4.1.user-authorization-poa.yaml index f565f74..4c9355f 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/4.1.user-authorization-poa.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/4.1.user-authorization-poa.yaml @@ -78,7 +78,7 @@ spec: containers: - name: user-authorization-poa # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/user-authorization-service/user-authorization-poa:1.2.10-RELEASE + image: paas.harbor.nwpu.edu.cn/user-authorization-service/user-authorization-poa:1.3.6-RELEASE imagePullPolicy: Always ports: - containerPort: 8080 diff --git a/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/4.2.user-authorization-sa.yaml b/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/4.2.user-authorization-sa.yaml index b014153..e74484a 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/4.2.user-authorization-sa.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/4.2.user-authorization-sa.yaml @@ -80,7 +80,7 @@ spec: containers: - name: user-authorization-sa # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/user-authorization-service/user-authorization-sa:1.2.10-RELEASE + image: paas.harbor.nwpu.edu.cn/user-authorization-service/user-authorization-sa:1.3.6-RELEASE imagePullPolicy: Always ports: - containerPort: 8080 diff --git a/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/5.user-authorization-datax-job.yaml b/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/5.user-authorization-datax-job.yaml index 4510580..d57ba7c 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/5.user-authorization-datax-job.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/5.user-authorization-datax-job.yaml @@ -41,7 +41,7 @@ spec: containers: - name: user-authorization-datax-job # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/user-authorization-service/user-authorization-datax-job:1.2.10-RELEASE + image: paas.harbor.nwpu.edu.cn/user-authorization-service/user-authorization-datax-job:1.3.6-RELEASE imagePullPolicy: Always envFrom: - configMapRef: diff --git a/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/9.api-docs-installer.yaml b/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/9.api-docs-installer.yaml index ab9b73b..e45a4f5 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/9.api-docs-installer.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/3.user-authorization-service/9.api-docs-installer.yaml @@ -38,7 +38,7 @@ spec: containers: - name: api-docs-installer # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/user-authorization-service/api-docs-installer:1.2.10-RELEASE + image: paas.harbor.nwpu.edu.cn/user-authorization-service/api-docs-installer:1.3.6-RELEASE imagePullPolicy: Always envFrom: - configMapRef: diff --git a/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.0.cas-server-installer.yaml b/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.0.cas-server-installer.yaml index 28b9f01..37321f9 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.0.cas-server-installer.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.0.cas-server-installer.yaml @@ -28,7 +28,7 @@ spec: containers: - name: cas-server-installer # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/cas-server/cas-server-installer:1.2.9-SNAPSHOT + image: paas.harbor.nwpu.edu.cn/cas-server/cas-server-installer:1.3.4-RELEASE imagePullPolicy: Always env: - name: DB_TYPE diff --git a/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml b/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml index ef0abb4..8e13081 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml @@ -95,7 +95,7 @@ spec: containers: - name: cas-server-sa-api # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/cas-server/cas-server-sa-api:1.2.9-SNAPSHOT + image: paas.harbor.nwpu.edu.cn/cas-server/cas-server-sa-api:1.3.4-RELEASE imagePullPolicy: Always ports: - containerPort: 8080 diff --git a/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml b/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml index 0e7e2c5..8a37597 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml @@ -25,6 +25,10 @@ data: #CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore + #ipaddr + IPADDR_API_URL: http://ipaddr.ipaddr.svc.cluster.local:9090/v1/find + + --- apiVersion: v1 kind: Service @@ -62,7 +66,7 @@ spec: containers: - name: cas-server-security-engine # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/cas-server/cas-server-security-engine:1.2.9-SNAPSHOT + image: paas.harbor.nwpu.edu.cn/cas-server/cas-server-security-engine:1.3.4-RELEASE imagePullPolicy: Always ports: - containerPort: 6060 diff --git a/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml b/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml index 7bb240d..b932091 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml @@ -228,7 +228,7 @@ spec: containers: - name: cas-server-site-webapp # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/cas-server/cas-server-site-webapp:1.2.9-SNAPSHOT + image: paas.harbor.nwpu.edu.cn/cas-server/cas-server-site-webapp:1.3.4-RELEASE imagePullPolicy: Always ports: - containerPort: 8080 diff --git a/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.6.cas-server-site-scheme.yaml b/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.6.cas-server-site-scheme.yaml index f377837..16f6fee 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.6.cas-server-site-scheme.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/4.6.cas-server-site-scheme.yaml @@ -95,7 +95,7 @@ spec: memory: "256Mi" - name: cas-server-site-scheme-generator # 根据情况修改镜像地址 - image: paas.harbor.nwpu.edu.cn/cas-server/cas-server-site-scheme:1.2.9-SNAPSHOT + image: paas.harbor.nwpu.edu.cn/cas-server/cas-server-site-scheme:1.3.4-RELEASE imagePullPolicy: Always envFrom: - configMapRef: diff --git a/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/5.cas-server-datax-job.yaml b/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/5.cas-server-datax-job.yaml index ab86d7b..13a1c6f 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/5.cas-server-datax-job.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/4.cas-server/5.cas-server-datax-job.yaml @@ -42,7 +42,7 @@ spec: containers: - name: cas-server-datax-job # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/cas-server/cas-server-datax-job:1.2.9-SNAPSHOT + image: paas.harbor.nwpu.edu.cn/cas-server/cas-server-datax-job:1.3.4-RELEASE imagePullPolicy: Always envFrom: - configMapRef: diff --git a/project/nwpu/k8s-rancher/1.authx-service/5.token-server/4.0.token-server-installer.yaml b/project/nwpu/k8s-rancher/1.authx-service/5.token-server/4.0.token-server-installer.yaml index f04a28e..e8681a9 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/5.token-server/4.0.token-server-installer.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/5.token-server/4.0.token-server-installer.yaml @@ -28,7 +28,7 @@ spec: containers: - name: token-server-installer # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/token-server/token-server-installer:1.2.8-RELEASE + image: paas.harbor.nwpu.edu.cn/token-server/token-server-installer:1.3.4-RELEASE imagePullPolicy: Always envFrom: - configMapRef: diff --git a/project/nwpu/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml b/project/nwpu/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml index 71f50d2..c065ccd 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml @@ -168,7 +168,7 @@ spec: containers: - name: token-server # 若使用了学校搭设的私有仓库,请 **修改** - image: paas.harbor.nwpu.edu.cn/token-server/token-server:1.2.8-RELEASE + image: paas.harbor.nwpu.edu.cn/token-server/token-server:1.3.4-RELEASE imagePullPolicy: Always ports: - containerPort: 8080 diff --git a/project/nwpu/k8s-rancher/1.authx-service/5.token-server/9.api-docs-installer.yaml b/project/nwpu/k8s-rancher/1.authx-service/5.token-server/9.api-docs-installer.yaml index e5c876b..169135d 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/5.token-server/9.api-docs-installer.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/5.token-server/9.api-docs-installer.yaml @@ -38,7 +38,7 @@ spec: containers: - name: api-docs-installer # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/token-server/api-docs-installer:1.2.8-RELEASE + image: paas.harbor.nwpu.edu.cn/token-server/api-docs-installer:1.3.4-RELEASE imagePullPolicy: Always envFrom: - configMapRef: diff --git a/project/nwpu/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml b/project/nwpu/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml index 513dfea..c5490dc 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml @@ -218,7 +218,7 @@ spec: containers: - name: personal-security-center-bff # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/personal-security-center/personal-security-bff:1.2.10-RELEASE + image: paas.harbor.nwpu.edu.cn/personal-security-center/personal-security-bff:1.3.6-RELEASE imagePullPolicy: Always ports: - containerPort: 8080 diff --git a/project/nwpu/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml b/project/nwpu/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml index 936bc4e..9cf30a0 100644 --- a/project/nwpu/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml +++ b/project/nwpu/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml @@ -152,7 +152,7 @@ spec: containers: - name: personal-security-center-zuul # 若使用了学校搭设的私有仓库,请修改 - image: paas.harbor.nwpu.edu.cn/personal-security-center/personal-security-zuul:1.2.10-RELEASE + image: paas.harbor.nwpu.edu.cn/personal-security-center/personal-security-zuul:1.3.6-RELEASE imagePullPolicy: Always ports: - containerPort: 8080 -- 2.17.1