From 8838f29ed10b590d90a8feae03946d8abcf8c8fa Mon Sep 17 00:00:00 2001 From: yjieliang Date: Thu, 9 Jan 2025 11:27:25 +0800 Subject: [PATCH] =?UTF-8?q?feat=EF=BC=9A=E6=B5=81=E6=B0=B4=E7=BA=BF?= =?UTF-8?q?=E6=9F=A5=E7=9C=8B=E5=92=8C=E6=9E=84=E5=BB=BA=E8=AF=A6=E6=83=85?= =?UTF-8?q?=E6=9F=A5=E7=9C=8B=E9=85=8D=E7=BD=AE=E7=95=8C=E9=9D=A2=E6=95=8F?= =?UTF-8?q?=E6=84=9F=E5=AD=97=E6=AE=B5=E5=B1=95=E7=A4=BA=E4=BC=98=E5=8C=96?= =?UTF-8?q?=20#11019?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../engine/service/PipelineInfoService.kt | 44 ++++++++++++++++++- .../service/PipelineRepositoryService.kt | 37 ++-------------- .../record/PipelineBuildRecordService.kt | 6 ++- .../pipeline/PipelineTransferYamlService.kt | 5 ++- 4 files changed, 53 insertions(+), 39 deletions(-) diff --git a/src/backend/ci/core/process/biz-base/src/main/kotlin/com/tencent/devops/process/engine/service/PipelineInfoService.kt b/src/backend/ci/core/process/biz-base/src/main/kotlin/com/tencent/devops/process/engine/service/PipelineInfoService.kt index 3afdbb85a6e..6700c7f37f7 100644 --- a/src/backend/ci/core/process/biz-base/src/main/kotlin/com/tencent/devops/process/engine/service/PipelineInfoService.kt +++ b/src/backend/ci/core/process/biz-base/src/main/kotlin/com/tencent/devops/process/engine/service/PipelineInfoService.kt @@ -27,7 +27,16 @@ package com.tencent.devops.process.engine.service +import com.tencent.devops.common.api.constant.KEY_VERSION +import com.tencent.devops.common.api.util.JsonUtil +import com.tencent.devops.common.pipeline.pojo.element.Element +import com.tencent.devops.common.pipeline.pojo.element.market.MarketBuildAtomElement +import com.tencent.devops.common.pipeline.pojo.element.market.MarketBuildLessAtomElement +import com.tencent.devops.common.redis.RedisOperation import com.tencent.devops.process.engine.dao.PipelineInfoDao +import com.tencent.devops.store.pojo.common.ATOM_SENSITIVE_PARAM_KEY_PREFIX +import com.tencent.devops.store.pojo.common.STORE_NORMAL_PROJECT_RUN_INFO_KEY_PREFIX +import com.tencent.devops.store.pojo.common.enums.StoreTypeEnum import org.jooq.DSLContext import org.springframework.beans.factory.annotation.Autowired import org.springframework.stereotype.Service @@ -35,10 +44,43 @@ import org.springframework.stereotype.Service @Service class PipelineInfoService @Autowired constructor( private val dslContext: DSLContext, - private val pipelineInfoDao: PipelineInfoDao + private val pipelineInfoDao: PipelineInfoDao, + private val redisOperation: RedisOperation ) { fun getPipelineName(projectId: String, pipelineId: String): String? { return pipelineInfoDao.getPipelineInfo(dslContext, projectId, pipelineId)?.pipelineName } + + // 敏感入参解析 + fun transferSensitiveParam(projectTestAtomCodes: List, element: Element) { + if (element is MarketBuildAtomElement || element is MarketBuildLessAtomElement) { + val atomCode = element.getAtomCode() + val version = element.version + val hashKey = if (version.contains(".*")) { + var latestVersion: String? = null + if (projectTestAtomCodes.contains(atomCode)) { + latestVersion = version + } + if (latestVersion.isNullOrBlank()) { + val atomRunInfoStr = redisOperation.hget( + key = "$STORE_NORMAL_PROJECT_RUN_INFO_KEY_PREFIX:${StoreTypeEnum.ATOM.name}:$atomCode", + hashKey = version + ) + val atomRunInfo = atomRunInfoStr?.let { JsonUtil.toMap(it) } + latestVersion = atomRunInfo?.get(KEY_VERSION).toString() + } + latestVersion + } else { + version + } + val param = redisOperation.hget( + key = "$ATOM_SENSITIVE_PARAM_KEY_PREFIX:$atomCode", + hashKey = hashKey + ) + if (!param.isNullOrBlank()) { + element.transferSensitiveParam(param.split(",")) + } + } + } } diff --git a/src/backend/ci/core/process/biz-base/src/main/kotlin/com/tencent/devops/process/engine/service/PipelineRepositoryService.kt b/src/backend/ci/core/process/biz-base/src/main/kotlin/com/tencent/devops/process/engine/service/PipelineRepositoryService.kt index 7ae25609163..f8746a953b0 100644 --- a/src/backend/ci/core/process/biz-base/src/main/kotlin/com/tencent/devops/process/engine/service/PipelineRepositoryService.kt +++ b/src/backend/ci/core/process/biz-base/src/main/kotlin/com/tencent/devops/process/engine/service/PipelineRepositoryService.kt @@ -172,7 +172,8 @@ class PipelineRepositoryService constructor( private val transferService: PipelineTransferYamlService, private val redisOperation: RedisOperation, private val pipelineYamlInfoDao: PipelineYamlInfoDao, - private val pipelineAsCodeService: PipelineAsCodeService + private val pipelineAsCodeService: PipelineAsCodeService, + private val pipelineInfoService: PipelineInfoService ) { companion object { @@ -1358,7 +1359,7 @@ class PipelineRepositoryService constructor( } e.additionalOptions?.customEnv = null if (checkPermission != true) { - transferSensitiveParam(testAtomCodes ?: emptyList(), e) + pipelineInfoService.transferSensitiveParam(testAtomCodes ?: emptyList(), e) } } } @@ -1367,38 +1368,6 @@ class PipelineRepositoryService constructor( return resource } - // 敏感入参解析 - fun transferSensitiveParam(projectTestAtomCodes: List, element: Element) { - if (element is MarketBuildAtomElement || element is MarketBuildLessAtomElement) { - val atomCode = element.getAtomCode() - val version = element.version - val hashKey = if (version.contains(".*")) { - var latestVersion: String? = null - if (projectTestAtomCodes.contains(atomCode)) { - latestVersion = version - } - if (latestVersion.isNullOrBlank()) { - val atomRunInfoStr = redisOperation.hget( - key = "$STORE_NORMAL_PROJECT_RUN_INFO_KEY_PREFIX:${StoreTypeEnum.ATOM.name}:$atomCode", - hashKey = version - ) - val atomRunInfo = atomRunInfoStr?.let { JsonUtil.toMap(it) } - latestVersion = atomRunInfo?.get(KEY_VERSION).toString() - } - latestVersion - } else { - version - } - val param = redisOperation.hget( - key = "$ATOM_SENSITIVE_PARAM_KEY_PREFIX:$atomCode", - hashKey = hashKey - ) - if (!param.isNullOrBlank()) { - element.transferSensitiveParam(param.split(",")) - } - } - } - fun getDraftVersionResource( projectId: String, pipelineId: String diff --git a/src/backend/ci/core/process/biz-base/src/main/kotlin/com/tencent/devops/process/engine/service/record/PipelineBuildRecordService.kt b/src/backend/ci/core/process/biz-base/src/main/kotlin/com/tencent/devops/process/engine/service/record/PipelineBuildRecordService.kt index fd3981af93d..0a2a00ad226 100644 --- a/src/backend/ci/core/process/biz-base/src/main/kotlin/com/tencent/devops/process/engine/service/record/PipelineBuildRecordService.kt +++ b/src/backend/ci/core/process/biz-base/src/main/kotlin/com/tencent/devops/process/engine/service/record/PipelineBuildRecordService.kt @@ -67,6 +67,7 @@ import com.tencent.devops.process.engine.dao.PipelineTriggerReviewDao import com.tencent.devops.process.engine.pojo.BuildInfo import com.tencent.devops.process.engine.service.PipelineBuildDetailService import com.tencent.devops.process.engine.service.PipelineElementService +import com.tencent.devops.process.engine.service.PipelineInfoService import com.tencent.devops.process.engine.service.PipelineRepositoryService import com.tencent.devops.process.engine.utils.ContainerUtils import com.tencent.devops.process.pojo.BuildStageStatus @@ -108,6 +109,7 @@ class PipelineBuildRecordService @Autowired constructor( private val recordContainerDao: BuildRecordContainerDao, private val recordTaskDao: BuildRecordTaskDao, private val client: Client, + private val pipelineInfoService: PipelineInfoService, recordModelService: PipelineRecordModelService, pipelineResourceDao: PipelineResourceDao, pipelineBuildDao: PipelineBuildDao, @@ -115,7 +117,7 @@ class PipelineBuildRecordService @Autowired constructor( pipelineElementService: PipelineElementService, redisOperation: RedisOperation, stageTagService: StageTagService, - pipelineEventDispatcher: PipelineEventDispatcher, + pipelineEventDispatcher: PipelineEventDispatcher ) : BaseBuildRecordService( dslContext = dslContext, buildRecordModelDao = recordModelDao, @@ -262,7 +264,7 @@ class PipelineBuildRecordService @Autowired constructor( } if (sensitiveFlag != true) { container.elements.forEach { e -> - pipelineRepositoryService.transferSensitiveParam(testAtomCodes, e) + pipelineInfoService.transferSensitiveParam(testAtomCodes, e) } } } diff --git a/src/backend/ci/core/process/biz-base/src/main/kotlin/com/tencent/devops/process/service/pipeline/PipelineTransferYamlService.kt b/src/backend/ci/core/process/biz-base/src/main/kotlin/com/tencent/devops/process/service/pipeline/PipelineTransferYamlService.kt index c9cb533c2be..81c3e5c1f90 100644 --- a/src/backend/ci/core/process/biz-base/src/main/kotlin/com/tencent/devops/process/service/pipeline/PipelineTransferYamlService.kt +++ b/src/backend/ci/core/process/biz-base/src/main/kotlin/com/tencent/devops/process/service/pipeline/PipelineTransferYamlService.kt @@ -49,6 +49,7 @@ import com.tencent.devops.common.pipeline.pojo.transfer.TransferResponse import com.tencent.devops.common.pipeline.pojo.transfer.YamlWithVersion import com.tencent.devops.process.engine.dao.PipelineInfoDao import com.tencent.devops.process.engine.dao.PipelineYamlInfoDao +import com.tencent.devops.process.engine.service.PipelineInfoService import com.tencent.devops.process.engine.service.PipelineRepositoryService import com.tencent.devops.process.pojo.pipeline.PipelineResourceVersion import com.tencent.devops.process.yaml.pojo.TemplatePath @@ -90,7 +91,7 @@ class PipelineTransferYamlService @Autowired constructor( private val pipelineYamlInfoDao: PipelineYamlInfoDao, private val client: Client, private val yamlSchemaCheck: CodeSchemaCheck, - private val pipelineRepositoryService: PipelineRepositoryService + private val pipelineInfoService: PipelineInfoService ) { companion object { @@ -230,7 +231,7 @@ class PipelineTransferYamlService @Autowired constructor( private fun transferElementSensitiveParam(projectTestAtomCodes: List?, containers: List) { containers.forEach { it.elements.forEach { e -> - pipelineRepositoryService.transferSensitiveParam( + pipelineInfoService.transferSensitiveParam( projectTestAtomCodes = projectTestAtomCodes ?: emptyList(), element = e )