Skip to content

Commit

Permalink
feat: 上云环境针对0区域限制新增主机校验提到API层级 (closed TencentBlueKing#2501)
Browse files Browse the repository at this point in the history
  • Loading branch information
jpyoung3 committed Dec 9, 2024
1 parent 847a5d7 commit f5f4160
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 1 deletion.
6 changes: 6 additions & 0 deletions apps/node_man/exceptions.py
Original file line number Diff line number Diff line change
Expand Up @@ -220,3 +220,9 @@ class YunTiPolicyConfigNotExistsError(NodeManBaseException):
MESSAGE = _("云梯策略配置不存在")
MESSAGE_TPL = _("云梯策略配置不存在")
ERROR_CODE = 43


class LimitAddHostError(NodeManBaseException):
MESSAGE = _("管控区域已被管理员限制新增主机")
MESSAGE_TPL = _("管控区域【ID:{id}】已被管理员限制新增主机【IP:{ip}】")
ERROR_CODE = 44
13 changes: 12 additions & 1 deletion apps/node_man/handlers/validator.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,9 @@
from django.utils.translation import ugettext_lazy as _

from apps.adapters.api.gse import get_gse_api_helper
from apps.backend.components.collections.base import DBHelperMixin
from apps.node_man import constants as const
from apps.node_man import tools
from apps.node_man import exceptions, models, tools
from apps.node_man.exceptions import (
ApIDNotExistsError,
CloudNotExistError,
Expand Down Expand Up @@ -435,6 +436,16 @@ def install_validate(
:param host_infos_gby_ip_key: DB中内网IP信息
:return: 列表,ip被占用及其原因
"""
add_host_biz_blacklist: typing.List[int] = models.GlobalSettings.get_config(
models.GlobalSettings.KeyEnum.ADD_HOST_BIZ_BLACKLIST.value, default=[]
)
if job_type in const.JobType.INSTALL_AGENT:
for host in hosts:
except_bk_cloud_id = host.get("bk_cloud_id")
bk_biz_id = host.get("bk_biz_id")
if except_bk_cloud_id in DBHelperMixin().add_host_cloud_blacklist and bk_biz_id in add_host_biz_blacklist:
raise exceptions.LimitAddHostError(id=except_bk_cloud_id, ip=host["inner_ip"] or host["inner_ipv6"])

accept_list = []
ip_filter_list = []
proxy_not_alive = []
Expand Down
2 changes: 2 additions & 0 deletions apps/node_man/models.py
Original file line number Diff line number Diff line change
Expand Up @@ -170,6 +170,8 @@ class KeyEnum(Enum):
INSTALL_CHANNEL_ID_NETWORK_SEGMENT = "INSTALL_CHANNEL_ID_NETWORK_SEGMENT"
# 需要执行清理订阅的APP_CODE
NEED_CLEAN_SUBSCRIPTION_APP_CODE = "NEED_CLEAN_SUBSCRIPTION_APP_CODE"
# 业务新增主机黑名单,用于限制指定业务通过安装 Agent 新增主机,配置样例:[1, 2]
ADD_HOST_BIZ_BLACKLIST = "ADD_HOST_BIZ_BLACKLIST"

key = models.CharField(_("键"), max_length=255, db_index=True, primary_key=True)
v_json = JSONField(_("值"))
Expand Down

0 comments on commit f5f4160

Please sign in to comment.