From e1fe2965d4559c22587545a38da4fa8bbe5ada0b Mon Sep 17 00:00:00 2001 From: orenzhang Date: Mon, 9 Sep 2024 17:20:14 +0800 Subject: [PATCH] =?UTF-8?q?chore:=20=E5=A2=9E=E5=8A=A0=E5=8D=95=E5=85=83?= =?UTF-8?q?=E6=B5=8B=E8=AF=95=E5=92=8C=E4=BB=A3=E7=A0=81=E6=89=AB=E6=8F=8F?= =?UTF-8?q?=20--story=3D119460096?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/codeql.yml | 34 +++++++ .github/workflows/unittest.yml | 98 +++++++++++++++++++ src/backend/config/dev.py | 13 ++- .../web/risk/migrations/0010_iam_migrate.py | 7 ++ .../web/vision/migrations/0001_init.py | 7 ++ src/backend/tests/version/constants.py | 5 +- 6 files changed, 157 insertions(+), 7 deletions(-) create mode 100644 .github/workflows/codeql.yml create mode 100644 .github/workflows/unittest.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 00000000..2823e743 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,34 @@ +name: "CodeQL" + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "*" ] + +jobs: + analyze: + name: Analyze + runs-on: 'ubuntu-latest' + timeout-minutes: 360 + permissions: + actions: read + contents: read + security-events: write + strategy: + fail-fast: false + matrix: + language: [ "python", "javascript" ] + steps: + - name: Checkout repository + uses: actions/checkout@v3 + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + - name: Autobuild + uses: github/codeql-action/autobuild@v3 + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" diff --git a/.github/workflows/unittest.yml b/.github/workflows/unittest.yml new file mode 100644 index 00000000..6239a381 --- /dev/null +++ b/.github/workflows/unittest.yml @@ -0,0 +1,98 @@ +name: Unittest + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "*" ] + +jobs: + unittest: + runs-on: ubuntu-latest + services: + mysql: + image: mysql:8 + env: + MYSQL_ROOT_PASSWORD: root + ports: + - 3306:3306 + options: >- + --health-cmd="mysqladmin ping --silent" + --health-interval=10s + --health-timeout=5s + --health-retries=3 + redis: + image: redis:latest + ports: + - 6379:6379 + options: >- + --health-cmd="redis-cli ping" + --health-interval=10s + --health-timeout=5s + --health-retries=3 + env: + BKPAAS_APP_MODULE_NAME: "api" + BKAPP_DEPLOY_SERVICE: "web" + DJANGO_SETTINGS_MODULE: "settings" + BKAPP_IS_KUBERNETES: "True" + BKPAAS_MAJOR_VERSION: "3" + BKPAAS_ENGINE_REGION: "open" + BKPAAS_URL: "https://paas.example.com" + BKPAAS_BK_DOMAIN: "paas.example.com" + BKPAAS_APP_ID: "bk_audit" + BKPAAS_APP_SECRET: "bk_audit" + BKAPP_BK_APIGW_NAME: "bk-audit" + BK_API_URL_TMPL: "https://bkapi.paas.example.com/api/{api_name}" + BK_COMPONENT_API_URL: "https://bkapi.paas.example.com" + BKAPP_IAM_SYSTEM_ID: "bk-audit" + BKAPP_IAM_SYSTEM_NAME: "审计中心" + MYSQL_HOST: "127.0.0.1" + MYSQL_PORT: "3306" + MYSQL_NAME: "bk_audit" + MYSQL_USER: "root" + MYSQL_PASSWORD: "root" + REDIS_HOST: "127.0.0.1" + REDIS_PORT: "6379" + REDIS_DB: "0" + REDIS_PASSWORD: "" + REDIS_KEY_PREFIX: "bk_audit" + BKAPP_PLATFORM_AUTH_ACCESS_USERNAME: "admin" + BKAPP_PLATFORM_AUTH_ACCESS_TOKEN: "admin" + BKAPP_BK_IAM_APIGATEWAY_URL: "https://bkapi.paas.example.com/api/bk-iam/prod" + BKAPP_BK_IAM_RESOURCE_API_HOST: "https://bkaudit-api.paas.example.com/" + BKPAAS_IAM_URL: "http://bkiam.paas.example.com" + BKAPP_BK_AUDIT_SAAS_URL: "http://bkaudit.paas.example.com" + BKAPP_BK_AUDIT_PULLER_SAAS_URL: "http://bkaudit-puller.paas.example.com" + BKAPP_BK_ITSM_SAAS_URL: "http://apps.paas.example.com/bk--itsm" + BKAPP_BK_SOPS_SAAS_URL: "http://apps.paas.example.com/bk--sops" + BKAPP_BK_DATAWEB_SAAS_URL: "http://apps.paas.example.com/bk--dataweb" + BKAPP_ADMIN_USERNAMES: "admin" + BKAPP_SKIP_IAM_MIGRATION: "True" + steps: + - name: Checkout code + uses: actions/checkout@v3 + - name: Set up Python + uses: actions/setup-python@v3 + with: + python-version: '3.10' + - name: Install dependencies + run: | + cd src/backend + python -m pip install --upgrade pip + pip install -r requirements.txt + pip install -r requirements_dev.txt + - name: Create DB + run: | + mysql -h$MYSQL_HOST -u$MYSQL_USER -p$MYSQL_PASSWORD -P$MYSQL_PORT -e "CREATE DATABASE $MYSQL_NAME CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" + - name: Run migrations + run: | + cd src/backend + python manage.py migrate + - name: Run tests + run: | + cd src/backend + pytest --cov=. + - name: Upload coverage to Codecov + uses: codecov/codecov-action@v3 + with: + token: ${{ secrets.CODECOV_TOKEN }} diff --git a/src/backend/config/dev.py b/src/backend/config/dev.py index f0ec99d7..897a3c3f 100644 --- a/src/backend/config/dev.py +++ b/src/backend/config/dev.py @@ -58,11 +58,14 @@ DATABASES = { "default": { "ENGINE": "django.db.backends.mysql", - "NAME": APP_CODE, - "USER": "root", - "PASSWORD": "", - "HOST": "localhost", - "PORT": "3306", + "NAME": os.getenv("MYSQL_NAME", APP_CODE), + "USER": os.getenv("MYSQL_USER", "root"), + "PASSWORD": os.getenv("MYSQL_PASSWORD", ""), + "HOST": os.getenv("MYSQL_HOST", "localhost"), + "PORT": os.getenv("MYSQL_PORT", "3306"), + "OPTIONS": { + "charset": "utf8mb4", + }, }, } diff --git a/src/backend/services/web/risk/migrations/0010_iam_migrate.py b/src/backend/services/web/risk/migrations/0010_iam_migrate.py index 653da433..89f9a0d7 100644 --- a/src/backend/services/web/risk/migrations/0010_iam_migrate.py +++ b/src/backend/services/web/risk/migrations/0010_iam_migrate.py @@ -16,11 +16,18 @@ to the current version of the project delivered to anyone in the future. """ +import os + from django.db import migrations from iam.contrib.iam_migration.migrator import IAMMigrator +from core.utils.distutils import strtobool + def iam_migrate(*args, **kwargs): + if strtobool(os.getenv("BKAPP_SKIP_IAM_MIGRATION", "False")): + return + migrator = IAMMigrator("initial.json") migrator.migrate() diff --git a/src/backend/services/web/vision/migrations/0001_init.py b/src/backend/services/web/vision/migrations/0001_init.py index ccd0e85f..2bc3a8ef 100644 --- a/src/backend/services/web/vision/migrations/0001_init.py +++ b/src/backend/services/web/vision/migrations/0001_init.py @@ -16,11 +16,18 @@ to the current version of the project delivered to anyone in the future. """ +import os + from django.db import migrations from iam.contrib.iam_migration.migrator import IAMMigrator +from core.utils.distutils import strtobool + def iam_migrate(*args, **kwargs): + if strtobool(os.getenv("BKAPP_SKIP_IAM_MIGRATION", "False")): + return + migrator = IAMMigrator("initial.json") migrator.migrate() diff --git a/src/backend/tests/version/constants.py b/src/backend/tests/version/constants.py index 0f63ae6c..3008f11b 100644 --- a/src/backend/tests/version/constants.py +++ b/src/backend/tests/version/constants.py @@ -15,14 +15,15 @@ We undertake not to change the open source license (MIT license) applicable to the current version of the project delivered to anyone in the future. """ + from unittest import mock -from blueapps.account.components.bk_ticket.models import UserProxy +from django.contrib.auth import get_user_model class GetLocalRequestMock(mock.MagicMock): COOKIES = {"bk_token": ""} - user = UserProxy(username="admin") + user = get_user_model()(username="admin") # Version Info