go-course/go18
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
go18/devcloud/cmdb/apps/secret/model.go

153 lines
3.4 KiB
Go
Raw Normal View History

update cmdb
2025-07-06 08:43:20 +08:00
package secret
import (
"encoding/base64"
"fmt"
"122.51.31.227/go-course/go18/devcloud/cmdb/apps/resource"
补充对接Task模块
2025-07-06 18:10:36 +08:00
"122.51.31.227/go-course/go18/devcloud/mcenter/apps/policy"
update cmdb
2025-07-06 08:43:20 +08:00
"github.com/google/uuid"
"github.com/infraboard/devops/pkg/model"
"github.com/infraboard/mcube/v2/crypto/cbc"
"github.com/infraboard/mcube/v2/tools/pretty"
"github.com/infraboard/mcube/v2/types"
)
func NewSecretSet() *types.Set[*Secret] {
return types.New[*Secret]()
}
func NewSecret(in *CreateSecretRequest) *Secret {
// hash版本的UUID
// Vendor Address ApiKey
uid := uuid.NewMD5(uuid.Nil, fmt.Appendf(nil, "%s.%s.%s", in.Vendor, in.Address, in.ApiKey)).String()
return &Secret{
Meta: *model.NewMeta().SetId(uid),
CreateSecretRequest: *in,
}
}
type Secret struct {
model.Meta
补充对接Task模块
2025-07-06 18:10:36 +08:00
// 资源范围, Namespace是继承的, Scope是API添加的
policy.ResourceLabel
// 资源定义
CreateSecretRequest
update cmdb
2025-07-06 08:43:20 +08:00
}
func (s *Secret) TableName() string {
return "secrets"
}
func (s *Secret) SetDefault() *Secret {
if s.SyncLimit == 0 {
s.SyncLimit = 10
}
return s
}
func (s *Secret) String() string {
return pretty.ToJSON(s)
}
func NewCreateSecretRequest() *CreateSecretRequest {
return &CreateSecretRequest{
Regions: []string{},
SyncLimit: 10,
}
}
type CreateSecretRequest struct {
补充对接Task模块
2025-07-06 18:10:36 +08:00
// 是否启用
Enabled *bool `json:"enabled" gorm:"column:enabled"`
update cmdb
2025-07-06 08:43:20 +08:00
// 名称
Name string `json:"name" gorm:"column:name"`
// 尝试
Vendor resource.VENDOR `json:"vendor" gorm:"column:vendor"`
// Vmware
Address string `json:"address" gorm:"column:address"`
// 需要被脱敏
// Musk
ApiKey string `json:"api_key" gorm:"column:api_key"`
// ApiKey
ApiSecret string `json:"api_secret" mask:",5,4" gorm:"column:api_secret"`
// 资源所在区域
Regions []string `json:"regions" gorm:"column:regions;serializer:json;type:json"`
// 资源列表
ResourceType []resource.TYPE `json:"resource_type" gorm:"column:resource_type;serializer:json;type:json"`
// 同步分页大小
SyncLimit int64 `json:"sync_limit" gorm:"column:sync_limit"`
//
isEncrypted bool `gorm:"-"`
}
补充对接Task模块
2025-07-06 18:10:36 +08:00
func (r *CreateSecretRequest) SetIsEncrypted(v bool) *CreateSecretRequest {
update cmdb
2025-07-06 08:43:20 +08:00
r.isEncrypted = v
补充对接Task模块
2025-07-06 18:10:36 +08:00
return r
}
func (r *CreateSecretRequest) SetEnabled(v bool) *CreateSecretRequest {
r.Enabled = &v
return r
}
func (r *CreateSecretRequest) GetEnabled() bool {
if r.Enabled == nil {
return false
}
return *r.Enabled
update cmdb
2025-07-06 08:43:20 +08:00
}
func (r *CreateSecretRequest) GetSyncLimit() int64 {
if r.SyncLimit == 0 {
return 10
}
return r.SyncLimit
}
func (r *CreateSecretRequest) EncryptedApiSecret() error {
if r.isEncrypted {
return nil
}
// Hash, 对称,非对称
// 对称加密 AES(cbc)
// @v1,xxxx@xxxxx
key, err := base64.StdEncoding.DecodeString(SECRET_KEY)
if err != nil {
return err
}
cipherText, err := cbc.MustNewAESCBCCihper(key).Encrypt([]byte(r.ApiSecret))
if err != nil {
return err
}
r.ApiSecret = base64.StdEncoding.EncodeToString(cipherText)
r.SetIsEncrypted(true)
return nil
}
func (r *CreateSecretRequest) DecryptedApiSecret() error {
if r.isEncrypted {
cipherdText, err := base64.StdEncoding.DecodeString(r.ApiSecret)
if err != nil {
return err
}
key, err := base64.StdEncoding.DecodeString(SECRET_KEY)
if err != nil {
return err
}
plainText, err := cbc.MustNewAESCBCCihper(key).Decrypt([]byte(cipherdText))
if err != nil {
return err
}
r.ApiSecret = string(plainText)
r.SetIsEncrypted(false)
}
return nil
}
Reference in New Issue Copy Permalink