Merge branch 'master' of ssh://source.supwisdom.com:12388/institute/deploy-open-platform
diff --git "a/deploy-manifests/k8s-rancher/0.0.1.\345\237\272\347\241\200\346\225\260\346\215\256\350\277\201\347\247\273.md" "b/deploy-manifests/k8s-rancher/0.0.1.\345\237\272\347\241\200\346\225\260\346\215\256\350\277\201\347\247\273.md"
deleted file mode 100644
index 179bacb..0000000
--- "a/deploy-manifests/k8s-rancher/0.0.1.\345\237\272\347\241\200\346\225\260\346\215\256\350\277\201\347\247\273.md"
+++ /dev/null
@@ -1,302 +0,0 @@
-## 旧数据迁移到开发平台
-
-<br>
-
-### 1. 服务数据
-
- 来源:
- POA 中已经存在的 service、version、spec、scope 等数据,需要在开放平台中插入对应的数据。
-
-#### 1.1迁移服务:
- 将POA 中现有的 服务,导入开放平台的服务
-
-#### 具体操作:
-
- USE platform_openapi;
-
- SELECT * FROM SERVICE;
-
- 根据上面查询结果,来进行下面的插入操作,对应的字段做修改:
-
- Use develop_center;
-
- INSERT INTO `TB_DEV_SERVICE` (`ID`, `NAME`, `DESCRIPTION`, `ORIGIN`, `SYSTEM_ID`)
- VALUES (-ID-, -NAME-, -DESCRIPTION-, -ORIGIN-, -'1'-);
-
- 创建服务也可以参考使用以下语句:
- SELECT CONCAT('INSERT INTO \`TB_DEV_SERVICE\` (ID,DELETED, NAME, DESCRIPTION, ORIGIN, SYSTEM_ID)
- VALUES','(\'', ID, '\',\'0\',\'', NAME, '\',\'', DESCRIPTION, '\',\'', ORIGIN, '\',\'','1','\');') INFO
- FROM SERVICE;
-
- 这个语句对查询结果做了拼接,可以拿来直接使用
-
- 设置此服务的管理员和开发者,也可以不在这里设置开发者和管理员,在2.4.1来统一设置:
-
- INSERT INTO `TB_DEV_SERVICE_DEVELOPER` (`ID`, `DELETED`, `SERVICE_ID`, `DEVELOPER_ID`)
- VALUES (-ID-, -DELETED- ,-SERVICE_ID-, '150');
-
- INSERT INTO `TB_DEV_SERVICE_OPERATOR` (`ID`, `DELETED`, `SERVICE_ID`, `OPERATOR_ID`)
- VALUES (-ID-, -DELETED- ,-SERVICE_ID-, '151');
-
-#### 1.2迁移spec:
- 将POA 中现有的 spec,导入开放平台的spec
-
-#### 具体操作:
-
- 查询服务的spec信息
-
- USE platform_openapi;
- SELECT SERVICE_ID,API_VERSION,EDIT_VERSION
- FROM API_SPEC
- WHERE SERVICE_ID = -SERVICE_ID-;
-
- 根据查询结果插入以下数据:
-
- USER develop_center;
- INSERT INTO `TB_DEV_SERVICE_SPEC` (`ID`, `SERVICE_ID`, `API_VERSION`, `EDIT_VERSION`)
- VALUES (-ID-, -SERVICE_ID-, -API_VERSION-, -EDIT_VERSION-);
-
- TB_DEV_SERVICE_SPEC表中SCOPE_COUNT 列内容的设置:
-
- services/{serviceId}/apiVersions/{apiVersion}/apiSpecs/scopes
- 根据返回值设置SCOPE_COUNT;
-
-#### 1.3迁移scope:
- 将POA 中现有的 scope,导入开放平台的scope
-
-#### 具体操作:
-
- USE platform_openapi;
- SELECT * FROM API_VERSION
- WHERE SERVICE_ID = 'admincenter';
- 取结果中的SERVICE_ID,PUBLISHED,API_VERSION
-
-
- 根据查询结果访问
- services/{serviceId}/apiVersions/{apiVersion}/apiSpecs/scopes
-
- 获取scope的name 和description。
-
- INSERT INTO `TB_DEV_SERVICE_SCOPE` (`ID`, `COMPANY_ID`, `DELETED`, `SERVICE_ID`, `NAME`, `PUBLISHED`, `DESCRIPTION`, `API_VERSION`) VALUES (-ID-, '1', '0', -SERVICE_ID-, -NAME-, -PUBLISHED-, -DESCRIPTION-, -API_VERSION-);
-
-### 2. 应用数据
-
-来源:
- 应用数据的来源主要有三部分:
-
- 认证服务中的 service
- 消息服务的 应用(accessApp)
- POA 的 client
-
-说明:
- 需要将上述三类数据,整理为一份应用数据,对于有重复的应用数据,保留一份即可。建议先从认证服务的数据开始,认证服务中的应用数据比较全面。
-
-#### 2.1.1迁移cas 中的应用数据:
- 数据从 TB_SERVICE 表中获取。
-
-#### 2.1.2具体操作:
-
- #### 创建应用
-
- USE cas_server;
- SELECT S.NAME, S.DESCRIPTION, S.INFORMATION_URL,S.APPLICATION_ID APPLICATION_IDENTIFICATION
- FROM TB_SERVICE S
- WHERE S.DELETED = 0;
-
- 根据上面的查询结果,在开放平台数据库中创建应用:
- USE develop_center;
-
- INSERT INTO `TB_DEV_APPLICATION` (`ID`, `NAME`, `DESCRIPTION`, `URL`, `SYSTEM_ID`, `APPLICATION_IDENTIFICATION`) VALUES (-ID-, -NAME-, -DESCRIPTION-, -URL-, '1', -APPLICATION_IDENTIFICATION-);
-
-
- 建应用也可以参考使用以下语句:
- SELECT CONCAT('INSERT INTO \`TB_DEV_APPLICATION\` (ID, DELETED, NAME, DESCRIPTION, URL, SYSTEM_ID, APPLICATION_IDENTIFICATION)
- VALUES','(\'', ID, '\',\'1\',\'',NAME, '\',\'',DESCRIPTION,'\',\'', INFORMATION_URL,'\',\'','1', '\',\'',APPLICATION_ID , '\');')
- FROM TB_SERVICE
- WHERE DELETED = 0;
-
- 这个语句对查询结果做了拼接,可以拿来直接使用,使用这个也需要考虑应用是否已经存在。
-
-
- 除了ID以外,其他字段一一对应。
-
-
-#### 2.2.1迁移message 中的应用数据:
-
- 数据从 ACCESS_APP 表中获取。
-
-#### 2.2.2具体操作:
-
- 首先查询需要创建的应用:
-
- USE message;
- SELECT APP.NAME, APP.DESCRIPTION,APP.ENABLED,APP.APP_ID APPLICATION_IDENTIFICATION
- FROM ACCESS_APP APP
- WHERE DELETED = 0
-
- 在查询结果中,根据字段APPLICATION_IDENTIFICATION,在开放平台中对比,如果不存在此应用,那么需要创建应用,数据从上面查询中获取。
-
- 根据上面的查询结果,在开放平台数据库中创建应用:
- USE develop_center;
-
- INSERT INTO `TB_DEV_APPLICATION` (`ID`, `NAME`, `DESCRIPTION`, `SYSTEM_ID`, `APPLICATION_IDENTIFICATION`) VALUES (-ID-, -NAME-, -DESCRIPTION-, '1', -APPLICATION_IDENTIFICATION-);
-
- 除了ID以外,其他字段一一对应。
-
- 创建应用也可以参考使用以下语句:
- SELECT CONCAT('INSERT INTO \`TB_DEV_APPLICATION\` (ID,DELETED, NAME, DESCRIPTION, SYSTEM_ID, `APPLICATION_IDENTIFICATION`, URL)
- VALUES ','(\'',ID,'-message\',\'1\',\'',NAME,'\',\'', IFNULL(DESCRIPTION,''),'\',\'','1','\',\'',APP_ID,'\',\'',IFNULL(URL,''),'\');') INFO
- FROM ACCESS_APP
- WHERE DELETED = 0 AND APP_ID IS NOT NULL
- 这个语句对查询结果做了拼接,可以拿来直接使用,使用这个语句也需要考虑应用是否已经存在。
-
- 如果已经存在,那么不需要再添加。
-
-#### 2.3.1迁移platform_openapi 中的数据
-
- 根据 /clients 接口获取所有client 信息
-
-#### 2.3.2具体操作
-
- 根据 /clients 接口获取所有client 信息
-
- 根据返回数据中的clientName 来和应用表TB_DEV_APPLICATION 中的数据进行关联,对应表中的NAME;
-
- 如果应用表中没有的应用,需要进行创建:
- USE develop_center;
-
- INSERT INTO `TB_DEV_APPLICATION` (`ID`, `NAME`, `DESCRIPTION`, `SYSTEM_ID`, `APPLICATION_IDENTIFICATION`) VALUES (-ID-, -NAME-, -DESCRIPTION-, '1', -APPLICATION_IDENTIFICATION-);
-
-#### 2.4为应用和服务设置管理员和开发者
-
-#### 2.4.1具体操作
-
- SELECT CONCAT('INSERT INTO \`TB_DEV_APPLICATION_DEVELOPER\` (ID, DELETED, APPLICATION_ID, DEVELOPER_ID)
- VALUES','(\'',ID, '\',\'0' ,'\',\'',ID, '\',\'','150','\');')
- FROM TB_DEV_APPLICATION;
-
- SELECT CONCAT('INSERT INTO \`TB_DEV_APPLICATION_OPERATOR\` (ID, DELETED, APPLICATION_ID, OPERATOR_ID)
- VALUES','(\'',ID,'\',\'0' ,'\',\'',ID, '\',\'','151','\');')
- FROM TB_DEV_APPLICATION;
-
- SELECT CONCAT('INSERT INTO \`TB_DEV_SERVICE_DEVELOPER\` (ID, DELETED, SERVICE_ID, DEVELOPER_ID)
- VALUES','(\'',ID, '\',\'0' ,'\',\'',ID, '\',\'','150','\');')
- FROM TB_DEV_SERVICE;
-
- SELECT CONCAT('INSERT INTO \`TB_DEV_SERVICE_OPERATOR\` (ID, DELETED, SERVICE_ID, OPERATOR_ID)
- VALUES','(\'',ID, '\',\'0' ,'\',\'',ID, '\',\'','151','\');')
- FROM TB_DEV_SERVICE;
-
- 这个语句对查询结果做了拼接,结果是对应用的开发者和管理员,服务的开发者和管理员进行插入数据的语句。
-
- 如果有ID重复时,需要手动去修改ID,防止重复。
-
-
-
-### 3. 基础能力数据
-
-数据来源:
-
- 1.认证服务的 service
- 2.消息服务的应用
- 3.POA 中 client 的scope
-
-说明:
- 1.认证服务的 service ,已经在之前创建了对应的应用,也需要给此应用对应开通 CAS认证基础能力。
- 2.消息服务的应用,已经在之前创建了对应的应用,也需要给此应用对应开通消息基础能力。
- 3.POA 中 client 申请了 scope ,之前已经创建了对应的应用,也需要给次应用对应开通平台OpenAPI基础能力。同时在开放平台中添加应用和scope的关系。
-
-#### 3.1添加应用的CAS基础能力
-
- 先根据开放平台中所选应用的APPLICATION_IDENTIFICATION 字段,在cas数据库中查询基础能力信息:
-
- USE cas_server;
- SELECT S.LOGOUT_TYPE, S.APPLICATION_DOMAIN, S.ADD_TIME,
- S.DESCRIPTION, S.EXTERNAL_ID, S.INFORMATION_URL, S.ENABLED, S.REGISTERED_SERVICE_ID,
- S.COMPANY_ID, S.RESPONSE_TYPE, S.DELETED, S.SSO_ENABLED, S.LOGOUT_URL, S.NAME,
- S.ADD_ACCOUNT, S.APPLICATION_ID, S.SERVICE_ID
- FROM TB_SERVICE S
- WHERE S.DELETED = 0
- AND S.APPLICATION_ID = -APPLICATION_IDENTIFICATION-;
-
- 查询结果放入下面的ABILITY_SETTINGS 字段中。
-
- 下面插入数据中,APPLICATION_ID 对应所选应用的ID
- USE develop_center;
- INSERT INTO `TB_DEV_APPLICATION_ABILITY_USAGE` (`ID`, `COMPANY_ID`, `DELETED`, `APPLICATION_ID`, `ABILITY_ID`, `APPLY_TIME`,ABILITY_SETTINGS) VALUES (-ID-, '1', '0', -APPLICATION_ID-, 'cas', '2020-12-22 15:32:43',-ABILITY_SETTINGS-);
-
- -ABILITY_SETTINGS- 内容:
- {
- "logoutType": "",
- "applicationDomain": "",
- "addTime": 1608538919314,
- "description": "",
- "externalId": "",
- "informationUrl": "",
- "enabled": true,
- "registeredServiceId": 10060,
- "companyId": "",
- "responseType": "",
- "deleted": false,
- "ssoEnabled": true,
- "logoutUrl": "",
- "name": "",
- "id": "",
- "addAccount": "",
- "applicationId": "",
- "serviceId": "",
- "requireAllAttributes": true
- }
- 利用上面的查询将对应内容置换。
-
- 可以使用下面的查询语句生成 sql拼接语句来进行插入:
-
- SELECT CONCAT(
- 'INSERT INTO \`TB_DEV_APPLICATION_ABILITY_USAGE\`
- (ID, COMPANY_ID, DELETED, APPLICATION_ID, ABILITY_ID, APPLY_TIME,ABILITY_SETTINGS)
- VALUES (','\'',ID,'cas','\',\'',' 1\', \'0','\',\'', ID,'\',\'', 'cas\', \'2020-12-22 15:32:43\',\'',
- '{"logoutType":"',IFNULL(LOGOUT_TYPE,''),'","applicationDomain":"',IFNULL(APPLICATION_DOMAIN,''),'","addTime":1608538919314,"description":"',IFNULL(DESCRIPTION,''),
- '","externalId":"',IFNULL(EXTERNAL_ID,''),'","informationUrl":"',IFNULL(INFORMATION_URL,''),'","enabled":true,"registeredServiceId":',IFNULL(REGISTERED_SERVICE_ID,''),
- ',"companyId":"1","responseType":"',RESPONSE_TYPE,'","deleted":false,"ssoEnabled":',IF(SSO_ENABLED = 1,'true','false'),',"idTokenEnabled":',IF(ID_TOKEN_ENABLED = 1,'true','false'),
- ',"jwtAsServiceTicket":',IF(JWT_AS_SERVICE_TICKET = 1,'true','false'),',"logoutUrl":"',IFNULL(LOGOUT_URL,''),'","name":"',NAME,
- '","id":"',ID,'","addAccount":"admin","applicationId":"',IFNULL(APPLICATION_ID,''),'","serviceId":"',IFNULL(SERVICE_ID,''),'","requireAllAttributes":',IFNULL(REQUIRE_ALL_ATTRIBUTES,'1'),'}'
- '\');'
- )
- FROM TB_SERVICE
- WHERE DELETED = '0';
-
-
-#### 3.2添加应用的MESSAGE基础能力
-
- 先根据开放平台中所选应用的APPLICATION_IDENTIFICATION 字段,在message数据库中查询基础能力信息:
-
- USE develop_center;
- INSERT INTO `TB_DEV_APPLICATION_ABILITY_USAGE` (`ID`, `COMPANY_ID`, `DELETED`, `APPLICATION_ID`, `ABILITY_ID`, `APPLY_TIME`) VALUES (-ID-, '1', '0', -APPLICATION_ID-, 'message', '2020-12-31 15:32:43');
-
-
-#### 3.3.1添加应用的openapi基础能力。
-
- 根据 /clients 接口获取所有client 信息,主要是clientId,来添加应用的基础能力信息。需要替换对应的clientId信息。
-
- USE develop_center;
- INSERT INTO `TB_DEV_APPLICATION_ABILITY_USAGE` (`ID`, `COMPANY_ID`, `DELETED`, `APPLICATION_ID`, `ABILITY_ID`, `APPLY_TIME`,`ABILITY_SETTINGS`) VALUES (-ID-, '1', '0', -APPLICATION_ID-, 'platformApi', '2020-12-31 15:32:43','{\"clientId\":\"id123\"}');
-
-
-#### 3.3.2添加应用的scope。
-
- 根据 /clients 接口获取所有client 信息,可以看到此应用关联的scopes 列表。
-
- 根据scope名称来查询开放平台中的scope:
- SELECT S.ID
- FROM TB_DEV_SERVICE_SCOPE S
- WHERE S.NAME = -name-;
-
- 根据上面的应用id和scope的Id使用下面插入语句插入数据:
-
- INSERT INTO `TB_DEV_APPLICATION_SCOPE_USAGE` (`ID`, `APPLICATION_ID`, `ABILITY_ID`, `SCOPE_ID`, `APPLY_TIME`) VALUES (-ID-, -APPLICATION_ID-, 'platformApi', -SCOPE_ID-, '2020-12-31 11:33:19');
-
-
-
-
-
-
diff --git "a/deploy-manifests/k8s-rancher/0.0.1.\345\274\200\346\224\276\345\271\263\345\217\260\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214.md" "b/deploy-manifests/k8s-rancher/0.0.1.\345\274\200\346\224\276\345\271\263\345\217\260\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214.md"
index 4eeafb5..a6d9645 100644
--- "a/deploy-manifests/k8s-rancher/0.0.1.\345\274\200\346\224\276\345\271\263\345\217\260\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214.md"
+++ "b/deploy-manifests/k8s-rancher/0.0.1.\345\274\200\346\224\276\345\271\263\345\217\260\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214.md"
@@ -122,10 +122,8 @@
本产品安装需要的域名如下:
```
- dev-bff.paas.xxx.edu.cn 开放平台的后端api
-
dev-portal.paas.xxx.edu.cn 开放平台的前端前台UI
- dev-admin.paas.xxx.edu.cn 开放平台的前端后台UI
+ dev-admin-spa.paas.xxx.edu.cn 开放平台的前端后台UI
dev-center.paas.xxx.edu.cn 开放平台的网关api
@@ -162,16 +160,19 @@
open-platform
- 云平台
+ 开放平台
```
- open-platform
+ 0.open-platform
+
+ 此为 开放平台的基础环境, 文件服务minio 的部署,若已部署,可使用现有服务
+
+ 1.developer-center
此为 开放平台
-
- minio-sa
+ 2.minio-sa
此为 文件基础能力(此服务部署可选。如果已有,可以考虑不部署)。
diff --git a/deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.10.developer-center-minio.yaml b/deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.1.open-platform-minio.yaml
similarity index 90%
rename from deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.10.developer-center-minio.yaml
rename to deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.1.open-platform-minio.yaml
index 8206d04..d74ec4a 100644
--- a/deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.10.developer-center-minio.yaml
+++ b/deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.1.open-platform-minio.yaml
@@ -9,7 +9,7 @@
kind: PersistentVolumeClaim
metadata:
name: minio-data-pvc
- namespace: developer-center
+ namespace: open-platform
spec:
accessModes:
- ReadWriteMany
@@ -24,7 +24,7 @@
kind: Secret
metadata:
name: minio-env-secret
- namespace: developer-center
+ namespace: open-platform
type: Opaque
data:
# 修改 access_key,并使用 base64 工具进行编码
@@ -39,7 +39,7 @@
apiVersion: v1
kind: Service
metadata:
- namespace: developer-center
+ namespace: open-platform
name: minio-svc
labels:
app: minio
@@ -55,7 +55,7 @@
apiVersion: apps/v1
kind: Deployment
metadata:
- namespace: developer-center
+ namespace: open-platform
name: minio
spec:
selector:
@@ -100,11 +100,11 @@
kind: Ingress
metadata:
name: minio-ingress
- namespace: developer-center
+ namespace: open-platform
spec:
rules:
# 修改为学校的根域名
- - host: developer-center-minio-test.paas.newcapec.cn
+ - host: open-platform-minio.paas.xxx.edu.cn
http:
paths:
- path: /
diff --git a/deploy-manifests/k8s-rancher/open-platform/1.0.init.sql b/deploy-manifests/k8s-rancher/open-platform/1.0.init.sql
index 0e5fe44..e6096c8 100644
--- a/deploy-manifests/k8s-rancher/open-platform/1.0.init.sql
+++ b/deploy-manifests/k8s-rancher/open-platform/1.0.init.sql
@@ -11,13 +11,13 @@
`APPLICATION_DOMAIN`
)
VALUES ('13', '1', 0, 'admin', '2020-07-01 00:00:00',
- '开放平台管理端', '开放平台管理端', 'https://dev-admin.dev.supwisdom.com', 'https://dev-admin.dev.supwisdom.com/slo',
+ '开放平台管理端', '开放平台管理端', 'https://dev-admin.paas.xxx.edu.cn', 'https://dev-admin.paas.xxx.edu.cn/slo',
'REDIRECT', 'FRONT_CHANNEL',
- 13, '开放平台管理端', 13, 'https://dev-admin.dev.supwisdom.com/(.*)',
+ 13, '开放平台管理端', 13, 'https://dev-admin.paas.xxx.edu.cn/(.*)',
1, 1, 1,
'1', '1',
13, 13,
- 'dev-admin.dev.supwisdom.com'
+ 'dev-admin.paas.xxx.edu.cn'
);
@@ -35,6 +35,7 @@
VALUES ('151', '1', '0', 'defaultOperator', 'defaultOperator', '1',
'individual', '上海树维管理员', '1', '1', '151','151');
+
INSERT INTO `TB_DEV_ACCOUNT` (`ID`, `COMPANY_ID`, `DELETED`, `ADD_ACCOUNT`, `ADD_TIME`,
`USERNAME`, `PASSWORD`, `ENABLED`, `ACCOUNT_NON_EXPIRED`, `ACCOUNT_NON_LOCKED`, `CREDENTIALS_NON_EXPIRED`,
`IS_DEVELOPER`, `IS_OPERATOR`, `IS_SCOPE_AUDIT`, `IS_ADMINISTRATOR`, `IS_SCHOOL_ACCOUNT`,
@@ -68,26 +69,31 @@
VALUES ('150', 0,
'150', 'defaultDeveloper', '上海树维', 'defaultDeveloper', 'defaultDeveloper',
'20001', '150', null, 'defaultDeveloper@supwisdom.com',
- '30001', '40001', '50156', '310000');
-
-INSERT INTO `TB_B_ACCOUNT` (`ID`, `DELETED`, `USER_ID`,
- `ACCOUNT_NAME`, `ACCOUNT_EXPIRY_DATE`, `ORGANIZATION_ID`, `IDENTITY_TYPE_ID`,
- `ACTIVATION`, `STATE`, `IS_DATA_CENTER`, `CERTIFICATE_TYPE_ID`, `CERTIFICATE_NUMBER`, `USER_NAME`)
-VALUES ('150', 0, '150',
- 'defaultDeveloper', null, '1', 'D01',
- 1, 'NORMAL', 0, '20001', '150', '上海树维');
+ '30001', '40001', '50156', null);
INSERT INTO `TB_B_SAFETY`(`ID`, `DELETED`, `USER_ID`, `SCORE`, `PASSWORD_SCORE`, `SECURE_EMAIL`, `SECURE_PHONE`)
VALUES ('150', 0, '150', '0', '0', null, null);
+
+INSERT INTO `TB_B_ACCOUNT` (`ID`, `DELETED`, `USER_ID`,
+ `ACCOUNT_NAME`, `ACCOUNT_EXPIRY_DATE`, `ORGANIZATION_ID`, `IDENTITY_TYPE_ID`,
+ `ACTIVATION`, `STATE`, `IS_DATA_CENTER`,
+ `USER_UID`, `USER_NAME`, `CERTIFICATE_TYPE_ID`, `CERTIFICATE_NUMBER`)
+VALUES ('150', 0, '150',
+ 'defaultDeveloper', null, '0', 'D01',
+ 1, 'NORMAL', 0,
+ '150', '上海树维', '20001', '150');
+
INSERT INTO `TB_B_ACCOUNT_ORGANIZATION` (`ID`, `DELETED`,
`ROOT_ORGANIZATION_ID`, `ACCOUNT_ID`, `ORGANIZATION_ID`)
-VALUES ('150_1', 0,
- '0', '150', '1');
+VALUES ('150_0', 0,
+ '0', '150', '0');
+/*
INSERT INTO `TB_B_ACCOUNT_LABEL`(`ID`, `DELETED`,
`ACCOUNT_ID`, `LABEL_ID`)
VALUES ('150_1', 0, '150', '1');
+*/
commit;
@@ -99,57 +105,66 @@
VALUES ('151', 0,
'151', 'defaultOperator', '上海树维业务管理员', 'defaultOperator', 'defaultOperator',
'20001', '151', null, 'defaultOperator@supwisdom.com',
- '30001', '40001', '50156', '310000');
-
-INSERT INTO `TB_B_ACCOUNT` (`ID`, `DELETED`, `USER_ID`,
- `ACCOUNT_NAME`, `ACCOUNT_EXPIRY_DATE`, `ORGANIZATION_ID`, `IDENTITY_TYPE_ID`,
- `ACTIVATION`, `STATE`, `IS_DATA_CENTER`, `CERTIFICATE_TYPE_ID`, `CERTIFICATE_NUMBER`, `USER_NAME`)
-VALUES ('151', 0, '151',
- 'defaultOperator', null, '1', 'D02',
- 1, 'NORMAL', 0, '20001', '151', '上海树维业务管理员');
+ '30001', '40001', '50156', null);
INSERT INTO `TB_B_SAFETY`(`ID`, `DELETED`, `USER_ID`, `SCORE`, `PASSWORD_SCORE`, `SECURE_EMAIL`, `SECURE_PHONE`)
VALUES ('151', 0, '151', '0', '0', null, null);
+
+INSERT INTO `TB_B_ACCOUNT` (`ID`, `DELETED`, `USER_ID`,
+ `ACCOUNT_NAME`, `ACCOUNT_EXPIRY_DATE`, `ORGANIZATION_ID`, `IDENTITY_TYPE_ID`,
+ `ACTIVATION`, `STATE`, `IS_DATA_CENTER`,
+ `USER_UID`, `USER_NAME`, `CERTIFICATE_TYPE_ID`, `CERTIFICATE_NUMBER`)
+VALUES ('151', 0, '151',
+ 'defaultOperator', null, '0', 'D02',
+ 1, 'NORMAL', 0,
+ '151', '上海树维业务管理员', '20001', '151');
+
INSERT INTO `TB_B_ACCOUNT_ORGANIZATION` (`ID`, `DELETED`,
`ROOT_ORGANIZATION_ID`, `ACCOUNT_ID`, `ORGANIZATION_ID`)
-VALUES ('151_1', 0,
- '0', '151', '1');
+VALUES ('151_0', 0,
+ '0', '151', '0');
+/*
INSERT INTO `TB_B_ACCOUNT_LABEL`(`ID`, `DELETED`,
`ACCOUNT_ID`, `LABEL_ID`)
VALUES ('151_1', 0, '151', '1');
+*/
commit;
---- 平台管理员
+-- 平台管理员
INSERT INTO `TB_B_USER` (`ID`, `DELETED`,
`UID`, `PASSWORD`, `NAME`, `NAME_SPELLING`, `FULL_NAME_SPELLING`,
`CERTIFICATE_TYPE_ID`, `CERTIFICATE_NUMBER`, `PHONE_NUMBER`, `EMAIL`,
`GENDER_ID`, `NATION_ID`, `COUNTRY_ID`, `ADDRESS_ID`)
-VALUES ('152', 0,
- '152', 'openadmin', '开放平台管理员', 'openadmin', 'openadmin',
- '20001', '152', null, 'openadmin@supwisdom.com',
- '30001', '40001', '50156', '310000');
+VALUES ('13', 0,
+ '13', 'openadmin', '开放平台管理员', 'openadmin', 'openadmin',
+ '20001', '13', null, 'openadmin@supwisdom.com',
+ '30001', '40001', '50156', null);
+
+INSERT INTO `TB_B_SAFETY`(`ID`, `DELETED`, `USER_ID`, `SCORE`, `PASSWORD_SCORE`, `SECURE_EMAIL`, `SECURE_PHONE`)
+VALUES ('13', 0, '13', '0', '0', null, null);
+
INSERT INTO `TB_B_ACCOUNT` (`ID`, `DELETED`, `USER_ID`,
`ACCOUNT_NAME`, `ACCOUNT_EXPIRY_DATE`, `ORGANIZATION_ID`, `IDENTITY_TYPE_ID`,
- `ACTIVATION`, `STATE`, `IS_DATA_CENTER`, `CERTIFICATE_TYPE_ID`, `CERTIFICATE_NUMBER`, `USER_NAME`)
-VALUES ('152', 0, '152',
- 'openadmin', null, '1', 'D02',
- 1, 'NORMAL', 0, '20001', '152', '开放平台管理员');
-
-
-INSERT INTO `TB_B_SAFETY`(`ID`, `DELETED`, `USER_ID`, `SCORE`, `PASSWORD_SCORE`, `SECURE_EMAIL`, `SECURE_PHONE`)
-VALUES ('152', 0, '152', '0', '0', null, null);
+ `ACTIVATION`, `STATE`, `IS_DATA_CENTER`,
+ `USER_UID`, `USER_NAME`, `CERTIFICATE_TYPE_ID`, `CERTIFICATE_NUMBER`)
+VALUES ('13', 0, '13',
+ 'openadmin', null, '0', 'D02',
+ 1, 'NORMAL', 0,
+ '13', '开放平台管理员', '20001', '13');
INSERT INTO `TB_B_ACCOUNT_ORGANIZATION` (`ID`, `DELETED`,
`ROOT_ORGANIZATION_ID`, `ACCOUNT_ID`, `ORGANIZATION_ID`)
-VALUES ('152_1', 0,
- '0', '152', '1');
+VALUES ('13_0', 0,
+ '0', '13', '0');
+/*
INSERT INTO `TB_B_ACCOUNT_LABEL`(`ID`, `DELETED`,
`ACCOUNT_ID`, `LABEL_ID`)
-VALUES ('152_1', 0, '152', '1');
+VALUES ('13_1', 0, '13', '1');
+*/
-commit;
\ No newline at end of file
+commit;
diff --git a/deploy-manifests/k8s-rancher/open-platform/1.1.init-poa-service.sql b/deploy-manifests/k8s-rancher/open-platform/1.1.init-poa-service.sql
new file mode 100644
index 0000000..875dbcf
--- /dev/null
+++ b/deploy-manifests/k8s-rancher/open-platform/1.1.init-poa-service.sql
@@ -0,0 +1,82 @@
+-- 1.1.init-poa-service.sql
+
+/*
+SELECT CONCAT(
+ 'INSERT INTO \`TB_DEV_SERVICE\` (ID,DELETED, NAME, DESCRIPTION, ORIGIN, SYSTEM_ID) VALUES',
+ '(\'', ID, '\',\'0\',\'', NAME, '\',\'', DESCRIPTION, '\',\'', ORIGIN, '\',\'','1','\');') INFO
+FROM platform_openapi_test.SERVICE
+order by ID
+;
+*/
+
+INSERT INTO `TB_DEV_SERVICE` (ID,DELETED, NAME, DESCRIPTION, ORIGIN, SYSTEM_ID) VALUES('admincenter','0','管理中心','管理中心','http://admin-center-poa-svc.admin-center.svc.cluster.local:8080','1');
+INSERT INTO `TB_DEV_SERVICE` (ID,DELETED, NAME, DESCRIPTION, ORIGIN, SYSTEM_ID) VALUES('authz','0','授权服务','授权服务','http://user-authorization-poa-svc.user-authorization-service.svc.cluster.local:8080','1');
+INSERT INTO `TB_DEV_SERVICE` (ID,DELETED, NAME, DESCRIPTION, ORIGIN, SYSTEM_ID) VALUES('communicate','0','通信服务','通信服务','http://communicate-center-poa-svc.communicate-center.svc.cluster.local:8080','1');
+INSERT INTO `TB_DEV_SERVICE` (ID,DELETED, NAME, DESCRIPTION, ORIGIN, SYSTEM_ID) VALUES('echo','0','echo','echo server','http://echo.platform.nwpu.edu.cn','1');
+INSERT INTO `TB_DEV_SERVICE` (ID,DELETED, NAME, DESCRIPTION, ORIGIN, SYSTEM_ID) VALUES('messagecenter','0','消息服务','消息服务','http://message-service.paas.nwpu.edu.cn/center/api','1');
+INSERT INTO `TB_DEV_SERVICE` (ID,DELETED, NAME, DESCRIPTION, ORIGIN, SYSTEM_ID) VALUES('user','0','用户服务','用户服务','http://user-data-service-poa-svc.user-data-service.svc.cluster.local:8080','1');
+INSERT INTO `TB_DEV_SERVICE` (ID,DELETED, NAME, DESCRIPTION, ORIGIN, SYSTEM_ID) VALUES('userThirdparty','0','用户服务(第三方应用)','用户服务(第三方应用)','http://user-data-service-poa-svc.user-data-service.svc.cluster.local:8080','1');
+
+
+/*
+SELECT CONCAT(
+ 'INSERT INTO \`TB_DEV_SERVICE_SPEC\` (ID,DELETED, SERVICE_ID, API_VERSION, EDIT_VERSION, DESCRIPTION, SCOPE_COUNT) VALUES',
+ '(\'', SERVICE_ID,'_',EDIT_VERSION, '\',\'0\',\'', SERVICE_ID, '\',\'', API_VERSION, '\',\'', EDIT_VERSION, '\',\'','','\', 0);') as INSERT_SQL
+FROM platform_openapi_test.API_SPEC
+order by SERVICE_ID, API_VERSION
+;
+*/
+
+INSERT INTO `TB_DEV_SERVICE_SPEC` (ID,DELETED, SERVICE_ID, API_VERSION, EDIT_VERSION, DESCRIPTION, SCOPE_COUNT) VALUES('admincenter_1602519341813','0','admincenter','v1','1602519341813','', 2);
+INSERT INTO `TB_DEV_SERVICE_SPEC` (ID,DELETED, SERVICE_ID, API_VERSION, EDIT_VERSION, DESCRIPTION, SCOPE_COUNT) VALUES('authz_1609773572799','0','authz','v1','1609773572799','', 1);
+INSERT INTO `TB_DEV_SERVICE_SPEC` (ID,DELETED, SERVICE_ID, API_VERSION, EDIT_VERSION, DESCRIPTION, SCOPE_COUNT) VALUES('communicate_1609773573086','0','communicate','v1','1609773573086','', 2);
+INSERT INTO `TB_DEV_SERVICE_SPEC` (ID,DELETED, SERVICE_ID, API_VERSION, EDIT_VERSION, DESCRIPTION, SCOPE_COUNT) VALUES('echo_1575287118791','0','echo','v1','1575287118791','', 4);
+INSERT INTO `TB_DEV_SERVICE_SPEC` (ID,DELETED, SERVICE_ID, API_VERSION, EDIT_VERSION, DESCRIPTION, SCOPE_COUNT) VALUES('echo_1575432281641','0','echo','v1','1575432281641','', 4);
+INSERT INTO `TB_DEV_SERVICE_SPEC` (ID,DELETED, SERVICE_ID, API_VERSION, EDIT_VERSION, DESCRIPTION, SCOPE_COUNT) VALUES('echo_1575524533071','0','echo','v1','1575524533071','', 4);
+INSERT INTO `TB_DEV_SERVICE_SPEC` (ID,DELETED, SERVICE_ID, API_VERSION, EDIT_VERSION, DESCRIPTION, SCOPE_COUNT) VALUES('messagecenter_1597927983542','0','messagecenter','v1','1597927983542','', 3);
+INSERT INTO `TB_DEV_SERVICE_SPEC` (ID,DELETED, SERVICE_ID, API_VERSION, EDIT_VERSION, DESCRIPTION, SCOPE_COUNT) VALUES('user_1609773572180','0','user','v1','1609773572180','', 7);
+INSERT INTO `TB_DEV_SERVICE_SPEC` (ID,DELETED, SERVICE_ID, API_VERSION, EDIT_VERSION, DESCRIPTION, SCOPE_COUNT) VALUES('userThirdparty_1609773572595','0','userThirdparty','v1','1609773572595','', 1);
+
+
+
+/*
+SELECT CONCAT(
+ 'INSERT INTO \`TB_DEV_SERVICE_SCOPE\` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES',
+ '(\'', SERVICE_ID,'_',SCOPE, '\',\'0\',\'', SERVICE_ID, '\',\'', API_VERSION, '\',\'', SCOPE, '\',\'','','\', 1, 1);') as INSERT_SQL
+from (
+ select SERVICE_ID, API_VERSION, EDIT_VERSION, SCOPE
+ from platform_openapi_test.API
+ where EDIT_VERSION in
+ (
+ select max(EDIT_VERSION) as EDIT_VERSION
+ from platform_openapi_test.API
+ group by SERVICE_ID, API_VERSION, SCOPE
+ )
+ group by SERVICE_ID, API_VERSION, EDIT_VERSION, SCOPE
+) API_TMP
+order by SERVICE_ID, API_VERSION, EDIT_VERSION, SCOPE
+;
+*/
+
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('admincenter:v1:readAdminCenterPermission','0','admincenter','v1','admincenter:v1:readAdminCenterPermission','读取权限', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('admincenter:v1:readMenu','0','admincenter','v1','admincenter:v1:readMenu','读取后台菜单', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('authz:v1:readRole','0','authz','v1','authz:v1:readRole','读取角色', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('communicate:v1:communicationCheck','0','communicate','v1','communicate:v1:communicationCheck','检查', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('communicate:v1:communicationSend','0','communicate','v1','communicate:v1:communicationSend','发送', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('echo:v1:delete','0','echo','v1','echo:v1:delete','DELETE请求', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('echo:v1:get','0','echo','v1','echo:v1:get','GET请求', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('echo:v1:post','0','echo','v1','echo:v1:post','POST请求', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('echo:v1:put','0','echo','v1','echo:v1:put','PUT请求', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('messagecenter:v1:readMessage','0','messagecenter','v1','messagecenter:v1:readMessage','查询消息', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('messagecenter:v1:sendMessage','0','messagecenter','v1','messagecenter:v1:sendMessage','发送消息', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('messagecenter:v1:writeMessage','0','messagecenter','v1','messagecenter:v1:writeMessage','修改消息', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('user:v1:readGroup','0','user','v1','user:v1:readGroup','读取用户组', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('user:v1:readLabel','0','user','v1','user:v1:readLabel','读取用户标签', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('user:v1:readOrganization','0','user','v1','user:v1:readOrganization','读取组织机构', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('user:v1:readPost','0','user','v1','user:v1:readPost','读取岗位', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('user:v1:readUser','0','user','v1','user:v1:readUser','读取用户', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('user:v1:readUserSecret','0','user','v1','user:v1:readUserSecret','读取用户私密信息', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('user:v1:writePost','0','user','v1','user:v1:writePost','写入岗位', 1, 1);
+INSERT INTO `TB_DEV_SERVICE_SCOPE` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES('userThirdparty:v1:adminAppGroupWrite','0','userThirdparty','v1','userThirdparty:v1:adminAppGroupWrite','写入应用的用户组(普通)', 1, 1);
+
+
diff --git a/deploy-manifests/k8s-rancher/open-platform/0.open-platform/0.developer-center-base.yaml b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/0.developer-center-base.yaml
similarity index 79%
rename from deploy-manifests/k8s-rancher/open-platform/0.open-platform/0.developer-center-base.yaml
rename to deploy-manifests/k8s-rancher/open-platform/1.developer-center/0.developer-center-base.yaml
index b9d0a5c..9315ec7 100644
--- a/deploy-manifests/k8s-rancher/open-platform/0.open-platform/0.developer-center-base.yaml
+++ b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/0.developer-center-base.yaml
@@ -61,6 +61,22 @@
# redis-server
####################################################
+# 若存在存储,可使用PVC
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ namespace: developer-center
+ name: redis-data-pvc
+spec:
+ accessModes:
+ - ReadWriteMany
+ # 根据情况修改,修改 存储类 的名称
+ storageClassName: nfs-client
+ resources:
+ requests:
+ storage: 50Gi
+
---
apiVersion: v1
kind: Secret
@@ -131,8 +147,11 @@
secretKeyRef:
name: redis-server
key: REDIS_PASSWORD
+ # 若使用了学校搭设的私有仓库,请修改
image: bitnami/redis:4.0
+ # 若使用了学校搭设的私有仓库,请修改 为 Always
imagePullPolicy: IfNotPresent
+ # imagePullPolicy: Always
livenessProbe:
exec:
command:
@@ -160,17 +179,29 @@
volumeMounts:
- mountPath: /bitnami/redis/data
name: redis-data
+ resources:
+ requests:
+ memory: "1024Mi"
+ limits:
+ memory: "1024Mi"
dnsPolicy: ClusterFirst
restartPolicy: Always
securityContext:
- fsGroup: 1001
+ fsGroup: 0
# runAsUser: 1001
# https://github.com/bitnami/bitnami-docker-redis/issues/106#issuecomment-388884372
- runAsUser: 0
+ # runAsUser: 0
terminationGracePeriodSeconds: 30
volumes:
- - emptyDir: {}
- name: redis-data
+ # 若存在存储,可使用PVC,否则使用 emptyDir(注意空格)
+ # - name: redis-data
+ # emptyDir: {}
+ - name: redis-data
+ persistentVolumeClaim:
+ claimName: redis-data-pvc
+ # 若使用了学校搭设的私有仓库,请增加以下配置(取消注释即可,注意空格)
+ # imagePullSecrets:
+ # - name: harbor-registry
updateStrategy:
rollingUpdate:
partition: 0
diff --git a/deploy-manifests/k8s-rancher/open-platform/0.open-platform/1.developer-center-env.yaml b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/1.developer-center-env.yaml
similarity index 100%
rename from deploy-manifests/k8s-rancher/open-platform/0.open-platform/1.developer-center-env.yaml
rename to deploy-manifests/k8s-rancher/open-platform/1.developer-center/1.developer-center-env.yaml
diff --git a/deploy-manifests/k8s-rancher/open-platform/0.open-platform/2.developer-center-ingresses.yaml b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/2.developer-center-ingresses.yaml
similarity index 100%
rename from deploy-manifests/k8s-rancher/open-platform/0.open-platform/2.developer-center-ingresses.yaml
rename to deploy-manifests/k8s-rancher/open-platform/1.developer-center/2.developer-center-ingresses.yaml
diff --git a/deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.0.developer-center-backend-installer.yaml b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.0.developer-center-backend-installer.yaml
similarity index 100%
rename from deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.0.developer-center-backend-installer.yaml
rename to deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.0.developer-center-backend-installer.yaml
diff --git a/deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.2.developer-center-backend-sa.yaml b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.2.developer-center-backend-sa.yaml
similarity index 100%
rename from deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.2.developer-center-backend-sa.yaml
rename to deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.2.developer-center-backend-sa.yaml
diff --git a/deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.4.developer-center-bff.yaml b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.4.developer-center-bff.yaml
similarity index 94%
rename from deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.4.developer-center-bff.yaml
rename to deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.4.developer-center-bff.yaml
index 0ebf454..3820141 100644
--- a/deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.4.developer-center-bff.yaml
+++ b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.4.developer-center-bff.yaml
@@ -18,7 +18,7 @@
LOGGING_LEVEL_ROOT: INFO
#同环境中backend服务的地址
- DEVELOPER_CENTER_SA_SERVER_URL: http://developer-center-backend-sa-svc.developed-center.svc.cluster.local:8080
+ DEVELOPER_CENTER_SA_SERVER_URL: http://developer-center-backend-sa-svc.developer-center.svc.cluster.local:8080
DEVELOPER_CENTER_SA_CLIENT_AUTH_ENABLED: "false"
# DEVELOPER_CENTER_SA_CLIENT_AUTH_KEY_PASSWORD: ""
# DEVELOPER_CENTER_SA_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
@@ -27,7 +27,7 @@
# DEVELOPER_CENTER_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
#同环境中poa服务的地址
- PLATFORM_OPENAPI_SA_SERVER_URL: http://poa-sa-svc.poa.svc.cluster.local:8080
+ PLATFORM_OPENAPI_SA_SERVER_URL: http://poa-sa-svc.poa.svc.cluster.local:8443
PLATFORM_OPENAPI_SA_CLIENT_AUTH_ENABLED: "false"
# PLATFORM_OPENAPI_SA_CLIENT_AUTH_KEY_PASSWORD: ""
# PLATFORM_OPENAPI_SA_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
@@ -36,7 +36,7 @@
# PLATFORM_OPENAPI_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
#同环境中授权服务的地址
- USER_DATA_SERVICE_SERVER_URL: http://user-authorization-sa-svc.user-authorization-service.svc.cluster.local:8080
+ USER_AUTHZ_SA_SERVER_URL: http://user-authorization-sa-svc.user-authorization-service.svc.cluster.local:8080
USER_AUTHZ_SA_CLIENT_AUTH_ENABLED: "false"
# USER_AUTHZ_SA_CLIENT_AUTH_KEY_PASSWORD: ""
# USER_AUTHZ_SA_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
@@ -45,7 +45,7 @@
# USER_AUTHZ_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
#同环境中用户服务的地址
- USER_AUTHZ_SA_SERVER_URL: http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080
+ USER_DATA_SERVICE_SERVER_URL: http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080
USER_DATA_SERVICE_CLIENT_AUTH_ENABLED: "false"
# USER_DATA_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
# USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
@@ -63,7 +63,7 @@
# CAS_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
#同环境中消息服务的地址
- MESSAGE_MANAGER_SA_SERVER_URL: https://message-manager-test.paas.newcapec.cn
+ MESSAGE_MANAGER_SA_SERVER_URL: http://message-manager.paas.newcapec.cn
MESSAGE_MANAGER_SA_CLIENT_AUTH_ENABLED: "false"
# MESSAGE_MANAGER_SA_AUTH_KEY_PASSWORD: ""
# MESSAGE_MANAGER_SA_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
@@ -81,7 +81,7 @@
# MINIO_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
#本服务依赖到的文件上传服务
- TPAS_FILE_API_URL: http://agent-service-svc.thirdparty-agent-service-test.svc.cluster.local:8080/api/v1/tpas/file/minio
+ TPAS_FILE_API_URL: http://agent-service-svc.thirdparty-agent-service.svc.cluster.local:8080/api/v1/tpas/file/minio
TPAS_CLIENT_AUTH_ENABLED: "false"
#TPAS_CLIENT_AUTH_KEY_PASSWORD: ""
#TPAS_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
diff --git a/deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.5.developer-center-gateway-zuul.yaml b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.5.developer-center-gateway-zuul.yaml
similarity index 100%
rename from deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.5.developer-center-gateway-zuul.yaml
rename to deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.5.developer-center-gateway-zuul.yaml
diff --git a/deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.9.developer-center-admin-ui.yaml b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.9.developer-center-admin-ui.yaml
similarity index 100%
rename from deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.9.developer-center-admin-ui.yaml
rename to deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.9.developer-center-admin-ui.yaml
diff --git a/deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.9.developer-center-portal-ui.yaml b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.9.developer-center-portal-ui.yaml
similarity index 100%
rename from deploy-manifests/k8s-rancher/open-platform/0.open-platform/4.9.developer-center-portal-ui.yaml
rename to deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.9.developer-center-portal-ui.yaml
diff --git a/deploy-manifests/k8s-rancher/open-platform/1.minio-sa/01-namespace.yaml b/deploy-manifests/k8s-rancher/open-platform/2.minio-sa/01-namespace.yaml
similarity index 100%
rename from deploy-manifests/k8s-rancher/open-platform/1.minio-sa/01-namespace.yaml
rename to deploy-manifests/k8s-rancher/open-platform/2.minio-sa/01-namespace.yaml
diff --git a/deploy-manifests/k8s-rancher/open-platform/1.minio-sa/02-registry.yaml b/deploy-manifests/k8s-rancher/open-platform/2.minio-sa/02-registry.yaml
similarity index 100%
rename from deploy-manifests/k8s-rancher/open-platform/1.minio-sa/02-registry.yaml
rename to deploy-manifests/k8s-rancher/open-platform/2.minio-sa/02-registry.yaml
diff --git a/deploy-manifests/k8s-rancher/open-platform/1.minio-sa/03-1-configmap.yaml b/deploy-manifests/k8s-rancher/open-platform/2.minio-sa/03-1-configmap.yaml
similarity index 100%
rename from deploy-manifests/k8s-rancher/open-platform/1.minio-sa/03-1-configmap.yaml
rename to deploy-manifests/k8s-rancher/open-platform/2.minio-sa/03-1-configmap.yaml
diff --git a/deploy-manifests/k8s-rancher/open-platform/1.minio-sa/03-2-secret.yaml b/deploy-manifests/k8s-rancher/open-platform/2.minio-sa/03-2-secret.yaml
similarity index 100%
rename from deploy-manifests/k8s-rancher/open-platform/1.minio-sa/03-2-secret.yaml
rename to deploy-manifests/k8s-rancher/open-platform/2.minio-sa/03-2-secret.yaml
diff --git a/deploy-manifests/k8s-rancher/open-platform/1.minio-sa/03-3-svc.yaml b/deploy-manifests/k8s-rancher/open-platform/2.minio-sa/03-3-svc.yaml
similarity index 100%
rename from deploy-manifests/k8s-rancher/open-platform/1.minio-sa/03-3-svc.yaml
rename to deploy-manifests/k8s-rancher/open-platform/2.minio-sa/03-3-svc.yaml
diff --git a/deploy-manifests/k8s-rancher/open-platform/1.minio-sa/03-4-deployment.yaml b/deploy-manifests/k8s-rancher/open-platform/2.minio-sa/03-4-deployment.yaml
similarity index 100%
rename from deploy-manifests/k8s-rancher/open-platform/1.minio-sa/03-4-deployment.yaml
rename to deploy-manifests/k8s-rancher/open-platform/2.minio-sa/03-4-deployment.yaml
diff --git a/deploy-manifests/k8s-rancher/open-platform/1.minio-sa/04-ingress.yaml b/deploy-manifests/k8s-rancher/open-platform/2.minio-sa/04-ingress.yaml
similarity index 100%
rename from deploy-manifests/k8s-rancher/open-platform/1.minio-sa/04-ingress.yaml
rename to deploy-manifests/k8s-rancher/open-platform/2.minio-sa/04-ingress.yaml
diff --git a/design/.gitkeep b/design/.gitkeep
new file mode 100644
index 0000000..45adbb2
--- /dev/null
+++ b/design/.gitkeep
@@ -0,0 +1 @@
+.gitkeep
\ No newline at end of file
diff --git a/docs/.gitkeep b/docs/.gitkeep
new file mode 100644
index 0000000..45adbb2
--- /dev/null
+++ b/docs/.gitkeep
@@ -0,0 +1 @@
+.gitkeep
\ No newline at end of file
diff --git "a/docs/\345\274\200\346\224\276\345\271\263\345\217\260\345\210\235\345\247\213\346\225\260\346\215\256\350\277\201\347\247\273\346\223\215\344\275\234\350\257\264\346\230\216.md" "b/docs/\345\274\200\346\224\276\345\271\263\345\217\260\345\210\235\345\247\213\346\225\260\346\215\256\350\277\201\347\247\273\346\223\215\344\275\234\350\257\264\346\230\216.md"
new file mode 100644
index 0000000..bd0c4a5
--- /dev/null
+++ "b/docs/\345\274\200\346\224\276\345\271\263\345\217\260\345\210\235\345\247\213\346\225\260\346\215\256\350\277\201\347\247\273\346\223\215\344\275\234\350\257\264\346\230\216.md"
@@ -0,0 +1,403 @@
+
+## 旧数据迁移到开发平台
+
+### 1. 服务数据
+
+数据来源:
+
+POA 中已经存在的 service、version、spec、scope 等数据,需要在开放平台中插入对应的数据。
+
+#### 1.1 迁移服务 Service
+
+将POA 中现有的 服务,导入开放平台的服务
+
+具体操作:
+
+根据 platform_openapi 下 SERVICE 表的数据生成 insert 语句
+
+* 步骤 1,导入服务
+
+```sql
+use platform_openapi;
+
+select CONCAT(
+ 'INSERT INTO \`TB_DEV_SERVICE\` (ID, DELETED, NAME, DESCRIPTION, ORIGIN, SYSTEM_ID) VALUES',
+ '(\'', ID, '\',\'0\',\'', NAME, '\',\'', DESCRIPTION, '\',\'', ORIGIN, '\',\'','1','\');') as INSERT_SQL
+from platform_openapi.SERVICE
+order by ID
+;
+```
+
+* 步骤 2,设置服务的管理员和开发者
+
+通过 sql 脚本 设置服务的管理员和开发者
+
+**也可以在开放平台管理功能中进行设置**
+
+```sql
+INSERT INTO `TB_DEV_SERVICE_DEVELOPER` (`ID`, `DELETED`, `SERVICE_ID`, `DEVELOPER_ID`)
+VALUES ('<SERVICE_ID>_150', 0 , '<SERVICE_ID>', '150');
+
+INSERT INTO `TB_DEV_SERVICE_OPERATOR` (`ID`, `DELETED`, `SERVICE_ID`, `OPERATOR_ID`)
+VALUES ('<SERVICE_ID>_151', 0 , '<SERVICE_ID>', '151');
+```
+
+注,请将 `<SERVICE_ID>` 替换为 TB_DEV_SERVICE 表的 ID
+
+
+#### 1.2 迁移 Spec
+
+将POA 中现有的 spec,导入开放平台的spec
+
+具体操作:
+
+根据 platform_openapi 下 API_SPEC 表的数据生成 insert 语句
+
+```sql
+use platform_openapi;
+
+SELECT CONCAT(
+ 'INSERT INTO \`TB_DEV_SERVICE_SPEC\` (ID,DELETED, SERVICE_ID, API_VERSION, EDIT_VERSION, DESCRIPTION, SCOPE_COUNT) VALUES',
+ '(\'', SERVICE_ID,'_',EDIT_VERSION, '\',\'0\',\'', SERVICE_ID, '\',\'', API_VERSION, '\',\'', EDIT_VERSION, '\',\'','','\', 0);') as INSERT_SQL
+FROM platform_openapi.API_SPEC
+order by SERVICE_ID, API_VERSION
+;
+```
+
+注,请根据 poa-docs 中的 Scopes,补全 SCOPE_COUNT
+
+poa-docs 地址:`https://poa-docs.paas.xxx.edu.cn`
+
+
+#### 1.3 迁移 Scope
+
+将POA 中现有的 scope,导入开放平台的scope
+
+具体操作:
+
+根据 platform_openapi 下 API 表的数据生成 insert 语句
+
+```sql
+use platform_openapi;
+
+SELECT CONCAT(
+ 'INSERT INTO \`TB_DEV_SERVICE_SCOPE\` (ID, DELETED, SERVICE_ID, API_VERSION, NAME, DESCRIPTION, PUBLISHED, ENABLED) VALUES',
+ '(\'', SERVICE_ID,'_',SCOPE, '\',\'0\',\'', SERVICE_ID, '\',\'', API_VERSION, '\',\'', SCOPE, '\',\'','','\', 1, 1);') as INSERT_SQL
+from (
+ select SERVICE_ID, API_VERSION, EDIT_VERSION, SCOPE
+ from platform_openapi.API
+ where EDIT_VERSION in
+ (
+ select max(EDIT_VERSION) as EDIT_VERSION
+ from platform_openapi.API
+ group by SERVICE_ID, API_VERSION, SCOPE
+ )
+ group by SERVICE_ID, API_VERSION, EDIT_VERSION, SCOPE
+) API_TMP
+order by SERVICE_ID, API_VERSION, EDIT_VERSION, SCOPE
+;
+```
+
+注,请根据 poa-docs 中的 Scopes,补全 DESCRIPTION
+
+poa-docs 地址:`https://poa-docs.paas.xxx.edu.cn`
+
+
+### 2. 应用数据
+
+数据来源:
+
+应用数据的来源主要有三部分:
+
+* 认证服务中的 service
+* 消息服务的 应用(accessApp)
+* POA 的 client
+
+说明:
+
+需要将上述三类数据,整理为一份应用数据,对于有重复的应用数据,保留一份即可。建议先从认证服务的数据开始,认证服务中的应用数据比较全面。
+
+#### 2.1 迁移cas 中的应用数据
+
+数据从 cas_server.TB_SERVICE 表中获取
+
+具体操作:
+
+方式一,
+
+```sql
+use cas_server;
+
+select S.NAME, S.DESCRIPTION, S.INFORMATION_URL, S.APPLICATION_ID as APPLICATION_IDENTIFICATION
+from cas_server.TB_SERVICE S
+where S.DELETED = 0
+;
+```
+
+根据上面的查询结果,在开放平台数据库中创建应用:
+
+```sql
+use develop_center;
+
+INSERT INTO `TB_DEV_APPLICATION` (`ID`, `NAME`, `DESCRIPTION`, `URL`, `SYSTEM_ID`, `APPLICATION_IDENTIFICATION`)
+VALUES (-ID-, -NAME-, -DESCRIPTION-, -URL-, '1', -APPLICATION_IDENTIFICATION-)
+;
+```
+
+除了ID以外,其他字段一一对应。
+
+
+方式二,
+
+创建应用也可以参考使用以下语句:
+
+```sql
+select CONCAT(
+ 'INSERT INTO \`TB_DEV_APPLICATION\` (ID, DELETED, NAME, DESCRIPTION, URL, SYSTEM_ID, APPLICATION_IDENTIFICATION) VALUES',
+ '(\'', ID, '\',\'1\',\'',NAME, '\',\'',DESCRIPTION,'\',\'', INFORMATION_URL,'\',\'','1', '\',\'', APPLICATION_ID , '\');') as INSERT_SQL
+from cas_server.TB_SERVICE
+where DELETED = 0
+;
+```
+
+这个语句对查询结果做了拼接,可以拿来直接使用,使用这个也需要考虑应用是否已经存在。
+
+
+
+#### 2.2 迁移message 中的应用数据:
+
+数据从 message.ACCESS_APP 表中获取
+
+具体操作:
+
+方式一,
+
+首先查询需要创建的应用:
+
+```sql
+use message;
+
+select APP.NAME, APP.DESCRIPTION, APP.ENABLED, APP.APP_ID APPLICATION_IDENTIFICATION
+from message.ACCESS_APP APP
+where DELETED = 0
+;
+```
+
+在查询结果中,根据字段APPLICATION_IDENTIFICATION,在开放平台中对比,如果不存在此应用,那么需要创建应用,数据从上面查询中获取。
+
+根据上面的查询结果,在开放平台数据库中创建应用:
+
+```sql
+USE develop_center;
+
+INSERT INTO `TB_DEV_APPLICATION` (`ID`, `NAME`, `DESCRIPTION`, `SYSTEM_ID`, `APPLICATION_IDENTIFICATION`)
+VALUES (-ID-, -NAME-, -DESCRIPTION-, '1', -APPLICATION_IDENTIFICATION-)
+;
+```
+
+除了ID以外,其他字段一一对应。
+
+如果已经存在,那么不需要再添加。
+
+
+方式二,
+
+创建应用也可以参考使用以下语句:
+
+```sql
+select CONCAT(
+ 'INSERT INTO \`TB_DEV_APPLICATION\` (ID,DELETED, NAME, DESCRIPTION, SYSTEM_ID, `APPLICATION_IDENTIFICATION`, URL) VALUES ',
+ '(\'',ID,'-message\',\'1\',\'',NAME,'\',\'', IFNULL(DESCRIPTION,''),'\',\'','1','\',\'',APP_ID,'\',\'',IFNULL(URL,''),'\');') as INSERT_SQL
+from message.ACCESS_APP
+where DELETED = 0 AND APP_ID IS NOT NULL
+;
+```
+
+这个语句对查询结果做了拼接,可以拿来直接使用,使用这个语句也需要考虑应用是否已经存在。
+
+
+
+#### 2.3 迁移platform_openapi 中的数据
+
+根据 `https://poa-sa.paas.xxx.edu.cn/v1/clients` 接口获取所有client 信息
+
+具体操作:
+
+根据 /clients 接口获取所有client 信息
+
+根据返回数据中的clientName 来和应用表TB_DEV_APPLICATION 中的数据进行关联,对应表中的NAME;
+
+如果应用表中没有的应用,需要进行创建:
+
+```sql
+use develop_center;
+
+INSERT INTO `TB_DEV_APPLICATION` (`ID`, `NAME`, `DESCRIPTION`, `SYSTEM_ID`, `APPLICATION_IDENTIFICATION`)
+VALUES (-ID-, -NAME-, -DESCRIPTION-, '1', -APPLICATION_IDENTIFICATION-)
+;
+```
+
+
+#### 2.4 为应用和服务设置管理员和开发者
+
+具体操作:
+
+```sql
+SELECT CONCAT('INSERT INTO \`TB_DEV_APPLICATION_DEVELOPER\` (ID, DELETED, APPLICATION_ID, DEVELOPER_ID)
+ VALUES','(\'',ID, '\',\'0' ,'\',\'',ID, '\',\'','150','\');')
+FROM TB_DEV_APPLICATION;
+
+SELECT CONCAT('INSERT INTO \`TB_DEV_APPLICATION_OPERATOR\` (ID, DELETED, APPLICATION_ID, OPERATOR_ID)
+ VALUES','(\'',ID,'\',\'0' ,'\',\'',ID, '\',\'','151','\');')
+FROM TB_DEV_APPLICATION;
+
+SELECT CONCAT('INSERT INTO \`TB_DEV_SERVICE_DEVELOPER\` (ID, DELETED, SERVICE_ID, DEVELOPER_ID)
+ VALUES','(\'',ID, '\',\'0' ,'\',\'',ID, '\',\'','150','\');')
+FROM TB_DEV_SERVICE;
+
+SELECT CONCAT('INSERT INTO \`TB_DEV_SERVICE_OPERATOR\` (ID, DELETED, SERVICE_ID, OPERATOR_ID)
+ VALUES','(\'',ID, '\',\'0' ,'\',\'',ID, '\',\'','151','\');')
+FROM TB_DEV_SERVICE;
+```
+
+这个语句对查询结果做了拼接,结果是对应用的开发者和管理员,服务的开发者和管理员进行插入数据的语句。
+
+如果有ID重复时,需要手动去修改ID,防止重复。
+
+
+### 3. 基础能力数据
+
+数据来源:
+
+* 认证服务的 service
+* 消息服务的应用
+* POA 中 client 的scope
+
+说明:
+1. 认证服务的 service ,已经在之前创建了对应的应用,也需要给此应用对应开通 CAS认证基础能力。
+2. 消息服务的应用,已经在之前创建了对应的应用,也需要给此应用对应开通消息基础能力。
+3. POA 中 client 申请了 scope ,之前已经创建了对应的应用,也需要给次应用对应开通平台OpenAPI基础能力。同时在开放平台中添加应用和scope的关系。
+
+#### 3.1 添加应用的CAS基础能力
+
+先根据开放平台中所选应用的APPLICATION_IDENTIFICATION 字段,在cas数据库中查询基础能力信息:
+
+```sql
+use cas_server;
+
+select
+ S.LOGOUT_TYPE, S.APPLICATION_DOMAIN, S.ADD_TIME,
+ S.DESCRIPTION, S.EXTERNAL_ID, S.INFORMATION_URL, S.ENABLED, S.REGISTERED_SERVICE_ID,
+ S.COMPANY_ID, S.RESPONSE_TYPE, S.DELETED, S.SSO_ENABLED, S.LOGOUT_URL, S.NAME,
+ S.ADD_ACCOUNT, S.APPLICATION_ID, S.SERVICE_ID
+from TB_SERVICE S
+where S.DELETED = 0
+ and S.APPLICATION_ID = -APPLICATION_IDENTIFICATION-;
+```
+
+查询结果放入下面的ABILITY_SETTINGS 字段中。
+
+下面插入数据中,APPLICATION_ID 对应所选应用的ID
+
+```sql
+use develop_center;
+
+INSERT INTO `TB_DEV_APPLICATION_ABILITY_USAGE` (`ID`, `COMPANY_ID`, `DELETED`, `APPLICATION_ID`, `ABILITY_ID`, `APPLY_TIME`, `ABILITY_SETTINGS`)
+VALUES (-ID-, '1', '0', -APPLICATION_ID-, 'cas', '2020-12-22 15:32:43',-ABILITY_SETTINGS-)
+;
+```
+
+注,
+
+-ABILITY_SETTINGS- 内容:
+```
+{
+ "logoutType": "",
+ "applicationDomain": "",
+ "addTime": 1608538919314,
+ "description": "",
+ "externalId": "",
+ "informationUrl": "",
+ "enabled": true,
+ "registeredServiceId": 10060,
+ "companyId": "",
+ "responseType": "",
+ "deleted": false,
+ "ssoEnabled": true,
+ "logoutUrl": "",
+ "name": "",
+ "id": "",
+ "addAccount": "",
+ "applicationId": "",
+ "serviceId": "",
+ "requireAllAttributes": true
+}
+```
+利用上面的查询将对应内容置换。
+
+可以使用下面的查询语句生成 sql拼接语句来进行插入:
+
+```sql
+select CONCAT(
+ 'INSERT INTO \`TB_DEV_APPLICATION_ABILITY_USAGE\` (ID, COMPANY_ID, DELETED, APPLICATION_ID, ABILITY_ID, APPLY_TIME,ABILITY_SETTINGS) VALUES (',
+ '\'',ID,'cas','\',\'',' 1\', \'0','\',\'', ID,'\',\'', 'cas\', \'2020-12-22 15:32:43\',\'',
+ '{"logoutType":"',IFNULL(LOGOUT_TYPE,''),'","applicationDomain":"',IFNULL(APPLICATION_DOMAIN,''),'","addTime":1608538919314,"description":"',IFNULL(DESCRIPTION,''),
+ '","externalId":"',IFNULL(EXTERNAL_ID,''),'","informationUrl":"',IFNULL(INFORMATION_URL,''),'","enabled":true,"registeredServiceId":',IFNULL(REGISTERED_SERVICE_ID,''),
+ ',"companyId":"1","responseType":"',RESPONSE_TYPE,'","deleted":false,"ssoEnabled":',IF(SSO_ENABLED = 1,'true','false'),',"idTokenEnabled":',IF(ID_TOKEN_ENABLED = 1,'true','false'),
+ ',"jwtAsServiceTicket":',IF(JWT_AS_SERVICE_TICKET = 1,'true','false'),',"logoutUrl":"',IFNULL(LOGOUT_URL,''),'","name":"',NAME,
+ '","id":"',ID,'","addAccount":"admin","applicationId":"',IFNULL(APPLICATION_ID,''),'","serviceId":"',IFNULL(SERVICE_ID,''),'","requireAllAttributes":',IFNULL(REQUIRE_ALL_ATTRIBUTES,'1'),
+ '}',
+ '\');'
+) as INSERT_SQL
+from TB_SERVICE
+where DELETED = '0'
+;
+```
+
+
+#### 3.2 添加应用的MESSAGE基础能力
+
+先根据开放平台中所选应用的APPLICATION_IDENTIFICATION 字段,在message数据库中查询基础能力信息:
+
+```sql
+use develop_center;
+
+INSERT INTO `TB_DEV_APPLICATION_ABILITY_USAGE` (`ID`, `COMPANY_ID`, `DELETED`, `APPLICATION_ID`, `ABILITY_ID`, `APPLY_TIME`)
+VALUES (-ID-, '1', '0', -APPLICATION_ID-, 'message', '2020-12-31 15:32:43')
+;
+```
+
+#### 3.3 添加应用的openapi基础能力。
+
+* 开通
+
+根据 /clients 接口获取所有client 信息,主要是clientId,来添加应用的基础能力信息。需要替换对应的clientId信息。
+
+```sql
+use develop_center;
+
+INSERT INTO `TB_DEV_APPLICATION_ABILITY_USAGE` (`ID`, `COMPANY_ID`, `DELETED`, `APPLICATION_ID`, `ABILITY_ID`, `APPLY_TIME`,`ABILITY_SETTINGS`)
+VALUES (-ID-, '1', '0', -APPLICATION_ID-, 'platformApi', '2020-12-31 15:32:43','{\"clientId\":\"id123\"}');
+```
+
+* 添加 Scope
+
+根据 /clients 接口获取所有client 信息,可以看到此应用关联的scopes 列表。
+
+根据scope名称来查询开放平台中的scope:
+
+```sql
+select S.ID
+from TB_DEV_SERVICE_SCOPE S
+where S.NAME = -name-
+;
+```
+
+根据上面的应用id和scope的Id使用下面插入语句插入数据:
+
+```sql
+INSERT INTO `TB_DEV_APPLICATION_SCOPE_USAGE` (`ID`, `APPLICATION_ID`, `ABILITY_ID`, `SCOPE_ID`, `APPLY_TIME`)
+VALUES (-ID-, -APPLICATION_ID-, 'platformApi', -SCOPE_ID-, '2020-12-31 11:33:19')
+;
+```
+
diff --git a/project/.gitkeep b/project/.gitkeep
new file mode 100644
index 0000000..45adbb2
--- /dev/null
+++ b/project/.gitkeep
@@ -0,0 +1 @@
+.gitkeep
\ No newline at end of file
diff --git a/readme.md b/readme.md
index 6289fd7..032c383 100644
--- a/readme.md
+++ b/readme.md
@@ -1 +1,17 @@
-# readme.md
\ No newline at end of file
+# 开放平台产品
+
+
+## 目录说明
+
+| 目录 | 说明 |
+| - | - |
+| deploy-manifests/k8s-rancher | 基于rancher 的 k8s 部署脚本 |
+| design | 设计文档 |
+| docs | 实施文档 |
+| project | 预留,存放各项目的部署资料 |
+
+
+## 发布说明
+
+[ReleaseNodes 发布说明](ReleaseNodes.md)
+