chore: 更新部署脚本
diff --git a/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.0.developer-center-backend-installer.yaml b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.0.developer-center-backend-installer.yaml
index 95ede68..f6ab7ce 100644
--- a/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.0.developer-center-backend-installer.yaml
+++ b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.0.developer-center-backend-installer.yaml
@@ -29,7 +29,7 @@
containers:
- name: developer-center-backend-installer
# 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/developer-center/developer-center-backend-installer:1.0.0-SNAPSHOT
+ image: harbor.supwisdom.com/developer-center/developer-center-backend-installer:1.0.1-SNAPSHOT
imagePullPolicy: Always
envFrom:
- configMapRef:
diff --git a/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.2.developer-center-backend-sa.yaml b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.2.developer-center-backend-sa.yaml
index 98534fd..976aa22 100644
--- a/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.2.developer-center-backend-sa.yaml
+++ b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.2.developer-center-backend-sa.yaml
@@ -14,6 +14,16 @@
SERVER_MAXHTTPHEADERSIZE: "10240"
+
+ SERVER_TOMCAT_ACCEPT_COUNT: "5000"
+ SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
+ SERVER_TOMCAT_MAX_THREADS: "800"
+ SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
+
+ SPRING_DATASOURCE_DRUID_INITIAL_SIZE: "10"
+ SPRING_DATASOURCE_DRUID_MAX_ACTIVE: "20"
+ SPRING_DATASOURCE_DRUID_MIN_IDLE: "10"
+
---
apiVersion: v1
kind: Secret
@@ -65,7 +75,8 @@
spec:
containers:
- name: developer-center-backend-sa
- image: harbor.supwisdom.com/developer-center/developer-center-backend-sa:1.0.0-SNAPSHOT-DEV
+ # 若使用了学校搭设的私有仓库,请修改
+ image: harbor.supwisdom.com/developer-center/developer-center-backend-sa:1.0.1-SNAPSHOT
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.4.developer-center-bff.yaml b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.4.developer-center-bff.yaml
index c43f1cf..c99c18f 100644
--- a/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.4.developer-center-bff.yaml
+++ b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.4.developer-center-bff.yaml
@@ -15,6 +15,13 @@
SERVER_MAXHTTPHEADERSIZE: "10240"
+
+ SERVER_TOMCAT_ACCEPT_COUNT: "5000"
+ SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
+ SERVER_TOMCAT_MAX_THREADS: "800"
+ SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
+
+
LOGGING_LEVEL_ROOT: INFO
#同环境中backend服务的地址
@@ -26,6 +33,16 @@
# DEVELOPER_CENTER_SA_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
# DEVELOPER_CENTER_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+ #本服务依赖到的文件上传服务
+ TPAS_FILE_API_URL: http://agent-service-svc.thirdparty-agent-service.svc.cluster.local:8080/api/v1/tpas/file/minio
+ TPAS_CLIENT_AUTH_ENABLED: "false"
+ #TPAS_CLIENT_AUTH_KEY_PASSWORD: ""
+ #TPAS_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
+ #TPAS_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+ #TPAS_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
+ #TPAS_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+
+
#同环境中poa服务的地址
PLATFORM_OPENAPI_SA_SERVER_URL: http://poa-sa-svc.poa.svc.cluster.local:8443
PLATFORM_OPENAPI_SA_CLIENT_AUTH_ENABLED: "false"
@@ -62,14 +79,13 @@
# CAS_SA_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
# CAS_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
- #同环境中消息服务的地址
- MESSAGE_MANAGER_SA_SERVER_URL: http://message-service-manager.message-service.svc.cluster.local:8080/manager
- MESSAGE_MANAGER_SA_CLIENT_AUTH_ENABLED: "false"
- # MESSAGE_MANAGER_SA_AUTH_KEY_PASSWORD: ""
- # MESSAGE_MANAGER_SA_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
- # MESSAGE_MANAGER_SA_AUTH_KEYSTORE_PASSWORD: ""
- # MESSAGE_MANAGER_SA_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
- # MESSAGE_MANAGER_SA_AUTH_TRUSTSTORE_PASSWORD: ""
+ UNIAUTH_SA_SERVER_URL: http://uniauth.paas.newcapec.cn
+ UNIAUTH_SA_CLIENT_AUTH_ENABLED: "false"
+ # UNIAUTH_SA_CLIENT_AUTH_KEY_PASSWORD: ""
+ # UNIAUTH_SA_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
+ # UNIAUTH_SA_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+ # UNIAUTH_SA_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
+ # UNIAUTH_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
#同环境中文件服务的地址
MINIO_SA_SERVER_URL: http://minio-sa-svc.developer-center-minio-sa.svc.cluster.local:9090
@@ -80,14 +96,14 @@
# MINIO_SA_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
# MINIO_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
- #本服务依赖到的文件上传服务
- TPAS_FILE_API_URL: http://agent-service-svc.thirdparty-agent-service.svc.cluster.local:8080/api/v1/tpas/file/minio
- TPAS_CLIENT_AUTH_ENABLED: "false"
- #TPAS_CLIENT_AUTH_KEY_PASSWORD: ""
- #TPAS_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
- #TPAS_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
- #TPAS_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
- #TPAS_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+ #同环境中消息服务的地址
+ MESSAGE_MANAGER_SERVER_URL: http://message-service-manager.message-service.svc.cluster.local:8080/manager
+ MESSAGE_MANAGER_CLIENT_AUTH_ENABLED: "false"
+ # MESSAGE_MANAGER_AUTH_KEY_PASSWORD: ""
+ # MESSAGE_MANAGER_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
+ # MESSAGE_MANAGER_AUTH_KEYSTORE_PASSWORD: ""
+ # MESSAGE_MANAGER_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
+ # MESSAGE_MANAGER_AUTH_TRUSTSTORE_PASSWORD: ""
FLOW_SERVER_URL: https://formflow.paas.newcapec.cn/formflow
FLOW_CLIENT_AUTH_ENABLED: "false"
@@ -96,15 +112,6 @@
# FLOW_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
# FLOW_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
# FLOW_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
- FLOW_KEYS: TtcTmxwbGJ6VnZhVE0xV1dGR05XRTJOVFZaY1djMVlTdEg=
- FLOW_SCOPE_APPID: 76d2415e-8238-417b-8189-d8e1aeb6d246
- FLOW_SCOPE_SONFORM: sonform_colorful_egg_1608702557368
- FLOW_APIVERSION_APPID: ""
- FLOW_ABILITY_MESSAGE_APPID: ""
- FLOW_ABILITY_TTC_APPID: ""
- FLOW_ABILITY_MINIO_APPID: ""
- FLOW_ABILITY_AUTH_APPID: ""
- FLOW_ABILITY_CAS_APPID: ""
TTC_SERVER_URL: https://formflow.paas.newcapec.cn/ttc
TTC_CLIENT_AUTH_ENABLED: "false"
@@ -114,36 +121,70 @@
# TTC_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
# TTC_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
- UNIAUTH_SERVER_URL: http://uniauth.paas.newcapec.cn
- UNIAUTH_CLIENT_AUTH_ENABLED: "false"
- # UNIAUTH_CLIENT_AUTH_KEY_PASSWORD: ""
- # UNIAUTH_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
- # UNIAUTH_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
- # UNIAUTH_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
- # UNIAUTH_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
- DEVELOPER_CENTER_BFF_SERVER_URL: https://dev-bff.dev.supwisdom.com
+ FLOW_KEYS: "TtcTmxwbGJ6VnZhVE0xV1dGR05XRTJOVFZaY1djMVlTdEg="
- DEVELOPER_CENTER_PORTAL_SERVER_URL: https://dev-portal.dev.supwisdom.com
+ FLOW_ABILITY_MESSAGE_APPID: "32d20532-b37a-402d-88a6-d5475e764e4e"
+ FLOW_ABILITY_TTC_APPID: "f74f0f9b-8a1f-41e6-b488-c8874228cc31"
+ FLOW_ABILITY_MINIO_APPID: "11ce12f3-7eef-404e-a087-738147090850"
+ FLOW_ABILITY_AUTH_APPID: "fc8a8d1-9455-4f69-b999-b866f89c9472"
+ FLOW_ABILITY_CAS_APPID: "73b541e5-1344-44bf-9fad-c5f1b033e9fc"
- MINIO_BASIC_AUTH_SA_PASSWORD: saadmin
- MINIO_BASIC_AUTH_SA_USERNAME: saadmin
+ FLOW_APIVERSION_APPID: "6a7fc2f9-fcc0-4a2d-9f67-0943213a7aad"
- POA_DOCS_URL: https://poa-docs.paas.xxx.edu.cn/
+ FLOW_SCOPE_APPID: 315b8be1-649f-401c-80c3-419ff395d7ae
+ FLOW_SCOPE_SONFORM: sonform_colorful_egg_1616843524737_3
+ FLOW_SCOPE_API_SONFORM: sonform_colorful_egg_1616843524737_4
+
+ FLOW_APPLICATION_SCOPES_APPID: 4661bc95-38dd-4e88-9514-dc93f1e95223
+ FLOW_APPLICATION_SCOPES_SCOPES_SONFORM: sonform_colorful_egg_1616498573794
+ FLOW_APPLICATION_SCOPES_API_FIELDS_SONFORM: sonform_colorful_egg_1616556009894
+
+
POA_SA_API_SEPCS_UPLOAD_CHECK_CASE: "false"
- USER_IDENTITY_TYPE_DEVELOPER_ENTERPRISE: D02
+ MINIO_SA_BASIC_AUTH_PASSWORD: saadmin
+ MINIO_SA_BASIC_AUTH_USERNAME: saadmin
+
+ UNIAUTH_SA_BASIC_AUTH_USERNAME: saadmin
+ UNIAUTH_SA_BASIC_AUTH_PASSWORD: saadminfoobar
+
USER_IDENTITY_TYPE_DEVELOPER_INDIVIDUAL: D01
- USER_ORGANIZATION: "1"
+ USER_IDENTITY_TYPE_DEVELOPER_ENTERPRISE: D02
+ USER_ORGANIZATION: "0"
USER_AUTHZ_BUSINESSDOMAINID: "1"
USER_AUTHZ_SYSTEMID: "1"
- DEVELOPER_CENTER_BFF_NONCE_STORE_IMPL: redis
- DEVELOPER_CENTER_BFF_SERVER_PREFIX: http://dev-portal.paas.xxx.edu.cn
+ # 用于替换 OAS 文档 里的 变量 ${POA_SERVER_URL}
+ POA_SERVER_URL: https://poa.paas.newcapec.cn
- SMS_TEMPLATE_APPLY_ACCOUNT_REGISTER_SEND_CODE_BY_MOBILE : {prefix}:您当前正在注册账号,须验证手机有效,验证码{code},有效期5分钟,请尽快完成验证。
+ POA_DOCS_SERVER_URL: https://poa-docs.paas.newcapec.cn
+
+ FORM_DESIGN_SERVER_URL: https://form-design.paas.newcapec.cn
+
+ DEV_CENTER_SERVER_URL: http://dev-center.paas.newcapec.cn
+ DEV_PORTAL_SERVER_URL: http://dev-portal.paas.newcapec.cn
+
+
+ DEVELOPER_CENTER_BFF_NONCE_STORE_IMPL: redis
+ # DEVELOPER_CENTER_BFF_SERVER_PREFIX: http://dev-portal.paas.xxx.edu.cn
+
+ SMS_TEMPLATE_APPLY_ACCOUNT_REGISTER_SEND_CODE_BY_MOBILE: "{prefix}:您当前正在注册账号,须验证手机有效,验证码{code},有效期5分钟,请尽快完成验证。"
+
+
+ # 基础能力开通后,自动添加scopes
+ ABILITY_POA_SCOPES_AUTO_USER_AUTH: "authz:v1:readRole"
+ ABILITY_POA_SCOPES_AUTO_MESSAGE: "messagecenter:v1:readMessage,messagecenter:v1:writeMessage,messagecenter:v1:sendMessage"
+ ABILITY_POA_SCOPES_AUTO_TTC: "ttc:v1:writeTtc"
+
+
+ # POA API 对接配置
+ POA_API_SERVER_URL: https://poa.paas.newcapec.cn
+ POA_API_CLIENT_ID: "0f7nyWBXiyXGPqu82uVO3yl9poE="
+ POA_API_CLIENT_SECRET: "EBfCN4bpnDI7vGqNRkIFb58lcx_wAl7oXzXURq5CO70="
+ POA_API_SCOPES: "user:v1:readGroup"
---
@@ -197,7 +238,8 @@
spec:
containers:
- name: developer-center-bff
- image: harbor.supwisdom.com/developer-center/developer-center-bff:1.0.0-SNAPSHOT-DEV
+ # 若使用了学校搭设的私有仓库,请修改
+ image: harbor.supwisdom.com/developer-center/developer-center-bff:1.0.1-SNAPSHOT
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.5.developer-center-gateway-zuul.yaml b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.5.developer-center-gateway-zuul.yaml
index 51cb49d..f295efd 100644
--- a/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.5.developer-center-gateway-zuul.yaml
+++ b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.5.developer-center-gateway-zuul.yaml
@@ -15,19 +15,42 @@
SERVER_MAXHTTPHEADERSIZE: "10240"
- # SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
- # SERVER_TOMCAT_ACCEPT_COUNT: "5000"
- # SERVER_TOMCAT_MAX_THREADS: "800"
- # SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
- # SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800"
+
+ SERVER_TOMCAT_ACCEPT_COUNT: "5000"
+ SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
+ SERVER_TOMCAT_MAX_THREADS: "800"
+ SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
+
+ SPRING_DATASOURCE_DRUID_INITIAL_SIZE: "10"
+ SPRING_DATASOURCE_DRUID_MAX_ACTIVE: "20"
+ SPRING_DATASOURCE_DRUID_MIN_IDLE: "10"
+
+ SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800"
+ SPRING_REDIS_JEDIS_POOL_MAXIDLE: "100"
+ SPRING_REDIS_JEDIS_POOL_MINIDLE: "100"
+
ZUUL_HOST_MAX_PER_ROUTE_CONNECTIONS: "1000"
ZUUL_HOST_MAX_TOTAL_CONNECTIONS: "1000"
+
ZUUL_SEMAPHORE_MAX_SEMAPHORES: "10000"
+ ##
+ # infras security
+ #
INFRAS_SECURITY_BASIC_ENABLED: "false"
- INFRAS_SECURITY_JWT_ENABLED: "true"
+
+ ##
+ # security idtoken
+ #
+ INFRAS_SECURITY_IDTOKEN_ENABLED: "true"
+ # 这里依赖cas 服务
+ INFRAS_SECURITY_IDTOKEN_SIGNING_KEY_URL: "http://cas-server-site-webapp-svc.cas-server.svc.cluster.local:8080/cas/jwt/publicKey"
+ # 对接 uniauth认证时,使用以下配置
+ #INFRAS_SECURITY_IDTOKEN_SIGNING_KEY_URL: "http://uniauth-prod-backend.uniauth.svc.cluster.local:9090/idtoken/publicKey"
+
+ INFRAS_SECURITY_JWT_ENABLED: "false"
INFRAS_SECURITY_JWT_TOKEN_GENERATE_TYPE: cas
INFRAS_SECURITY_JWT_TOKEN_DECRYPT_KEY_PRIVATE_KEY_PEM_PKCS8: ""
@@ -40,7 +63,7 @@
#INFRAS_SECURITY_JWT_PRIVATE_KEY_PEM_PKCS8: ""
- INFRAS_SECURITY_CAS_ENABLED: "true"
+ INFRAS_SECURITY_CAS_ENABLED: "false"
#这里的地址对应ingress配置文件里网关服务的对外地址
APP_SERVER_HOST_URL: "https://dev-center-test.paas.newcapec.cn"
#APP_LOGIN_URL: "/cas/login"
@@ -144,7 +167,8 @@
spec:
containers:
- name: developer-center-gateway-zuul
- image: harbor.supwisdom.com/developer-center/developer-center-gateway-zuul:1.0.0-SNAPSHOT-DEV
+ # 若使用了学校搭设的私有仓库,请修改
+ image: harbor.supwisdom.com/developer-center/developer-center-gateway-zuul:1.0.1-SNAPSHOT
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.9.developer-center-portal-ui.yaml b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.9.developer-center-portal-ui.yaml
index 8c98689..73c5b28 100644
--- a/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.9.developer-center-portal-ui.yaml
+++ b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.9.developer-center-portal-ui.yaml
@@ -75,6 +75,7 @@
spec:
containers:
- name: developer-center-portal-ui
+ # 若使用了学校搭设的私有仓库,请修改
image: harbor.supwisdom.com/developer-center/developer-center-portal-ui:0.0.2
imagePullPolicy: Always
ports: