From 59e7778e4aac25639c41bbed251c9035ccb9d759 Mon Sep 17 00:00:00 2001 From: feng <1304903146@qq.com> Date: Tue, 11 Mar 2025 17:37:04 +0800 Subject: [PATCH] perf: change secret drop bulk record --- .../automations/change_secret_dashboard.py | 9 ++----- apps/accounts/automations/base/manager.py | 26 +++---------------- .../automations/change_secret/manager.py | 2 -- .../automations/push_account/manager.py | 2 -- apps/accounts/filters.py | 2 +- .../serializers/connection_token.py | 2 +- apps/i18n/lina/en.json | 3 ++- apps/i18n/lina/zh.json | 3 ++- 8 files changed, 11 insertions(+), 38 deletions(-) diff --git a/apps/accounts/api/automations/change_secret_dashboard.py b/apps/accounts/api/automations/change_secret_dashboard.py index 953dfce25..61ad372d4 100644 --- a/apps/accounts/api/automations/change_secret_dashboard.py +++ b/apps/accounts/api/automations/change_secret_dashboard.py @@ -79,13 +79,9 @@ class ChangeSecretDashboardApi(APIView): def change_secrets_queryset(self): return ChangeSecretAutomation.objects.all() - @lazyproperty - def change_secret_executions_queryset(self): - return AutomationExecution.objects.filter(automation__type=self.tp) - @lazyproperty def change_secret_records_queryset(self): - return ChangeSecretRecord.get_valid_records().filter(execution__automation__type=self.tp) + return ChangeSecretRecord.get_valid_records() def get_change_secret_asset_queryset(self): qs = self.change_secrets_queryset @@ -159,8 +155,7 @@ class ChangeSecretDashboardApi(APIView): if name == self.task_name and tp == self.tp: execution_ids.append(_id) - snapshots = self.change_secret_executions_queryset.filter( - id__in=execution_ids).values_list('id', 'snapshot') + snapshots = AutomationExecution.objects.filter(id__in=execution_ids).values_list('id', 'snapshot') asset_ids = {asset for i in snapshots for asset in i.get('assets', [])} account_ids = {account for i in snapshots for account in i.get('accounts', [])} diff --git a/apps/accounts/automations/base/manager.py b/apps/accounts/automations/base/manager.py index 8b6f56af8..f33ea358f 100644 --- a/apps/accounts/automations/base/manager.py +++ b/apps/accounts/automations/base/manager.py @@ -1,4 +1,3 @@ -import time from copy import deepcopy from django.conf import settings @@ -128,30 +127,11 @@ class BaseChangeSecretPushManager(AccountBasePlaybookManager): return inventory_hosts - def wait_and_save_recorder(self, recorder, max_retries=10, retry_interval=2): - recorder_model = type(recorder) - - for attempt in range(max_retries): - exist = recorder_model.objects.filter( - account_id=recorder.account_id, execution=self.execution - ).exists() - - if exist: - print(f"Data inserted, updating recorder status after {attempt + 1}th query") - recorder.save(update_fields=['error', 'status', 'date_finished']) - return True - - print(f"Data not ready, waiting {retry_interval} second(s) and retrying ({attempt + 1}/{max_retries})") - time.sleep(retry_interval) - - print("\033[31m The data is still not inserted, giving up saving the recorder status.\033[0m") - return False - - def save_record(self, recorder): - self.wait_and_save_recorder(recorder) + @staticmethod + def save_record(recorder): + recorder.save(update_fields=['error', 'status', 'date_finished']) def on_host_success(self, host, result): - recorder = self.name_recorder_mapper.get(host) if not recorder: return diff --git a/apps/accounts/automations/change_secret/manager.py b/apps/accounts/automations/change_secret/manager.py index 64f708773..2c56b1e73 100644 --- a/apps/accounts/automations/change_secret/manager.py +++ b/apps/accounts/automations/change_secret/manager.py @@ -11,7 +11,6 @@ from accounts.const import ( from accounts.models import ChangeSecretRecord from accounts.notifications import ChangeSecretExecutionTaskMsg, ChangeSecretReportMsg from accounts.serializers import ChangeSecretRecordBackUpSerializer -from common.decorators import bulk_create_decorator from common.utils import get_logger from common.utils.file import encrypt_and_compress_zip_file from common.utils.timezone import local_now_filename @@ -58,7 +57,6 @@ class ChangeSecretManager(BaseChangeSecretPushManager): self.name_recorder_mapper[name] = recorder return recorder - @bulk_create_decorator(ChangeSecretRecord) def create_record(self, asset, account, new_secret): recorder = ChangeSecretRecord( asset=asset, account=account, execution=self.execution, diff --git a/apps/accounts/automations/push_account/manager.py b/apps/accounts/automations/push_account/manager.py index 391f55ee3..2ba85a527 100644 --- a/apps/accounts/automations/push_account/manager.py +++ b/apps/accounts/automations/push_account/manager.py @@ -1,7 +1,6 @@ from django.utils.translation import gettext_lazy as _ from accounts.const import AutomationTypes -from common.decorators import bulk_create_decorator from common.utils import get_logger from common.utils.timezone import local_now_filename from ..base.manager import BaseChangeSecretPushManager @@ -46,7 +45,6 @@ class PushAccountManager(BaseChangeSecretPushManager): self.name_recorder_mapper[name] = recorder return recorder - @bulk_create_decorator(PushSecretRecord) def create_record(self, asset, account): recorder = PushSecretRecord( asset=asset, account=account, execution=self.execution, diff --git a/apps/accounts/filters.py b/apps/accounts/filters.py index f3c4b3d94..716f7394a 100644 --- a/apps/accounts/filters.py +++ b/apps/accounts/filters.py @@ -128,7 +128,7 @@ class AccountFilterSet(BaseFilterSet): model = Account fields = [ "id", "asset", "source_id", "secret_type", "category", - "type", "privileged", "secret_reset", "connectivity" + "type", "privileged", "secret_reset", "connectivity", 'is_active' ] diff --git a/apps/authentication/serializers/connection_token.py b/apps/authentication/serializers/connection_token.py index 6167360d1..f519f739e 100644 --- a/apps/authentication/serializers/connection_token.py +++ b/apps/authentication/serializers/connection_token.py @@ -28,7 +28,7 @@ class ConnectionTokenSerializer(CommonModelSerializer): 'connect_method', 'connect_options', 'protocol', 'actions', 'is_active', 'is_reusable', 'from_ticket', 'from_ticket_info', 'date_expired', 'date_created', 'date_updated', 'created_by', - 'updated_by', 'org_id', 'org_name','face_monitor_token', + 'updated_by', 'org_id', 'org_name', 'face_monitor_token', ] read_only_fields = [ # 普通 Token 不支持指定 user diff --git a/apps/i18n/lina/en.json b/apps/i18n/lina/en.json index 060d54378..79d025f4e 100644 --- a/apps/i18n/lina/en.json +++ b/apps/i18n/lina/en.json @@ -1515,5 +1515,6 @@ "Disabled": "Disabled", "IgnoreFail": "Ignore fail", "RiskDetectionDetail": "Risk detection detail", - "ApplicationDetail": "Application detail" + "ApplicationDetail": "Application detail", + "IpGroupHelpText": "* indicates match all. for example: 192.168.10.1, 192.168.1.0/24, 10.1.1.1-10.1.1.20, 2001:db8:2de::e13, 2001:db8:1a:1110::/64" } \ No newline at end of file diff --git a/apps/i18n/lina/zh.json b/apps/i18n/lina/zh.json index c20206277..9cb002074 100644 --- a/apps/i18n/lina/zh.json +++ b/apps/i18n/lina/zh.json @@ -1514,5 +1514,6 @@ "Disabled": "已禁用", "IgnoreFail": "忽略失败", "RiskDetectionDetail": "风险检测详情", - "ApplicationDetail": "应用详情" + "ApplicationDetail": "应用详情", + "IpGroupHelpText": "* 表示匹配所有。例如: 192.168.10.1, 192.168.1.0/24, 10.1.1.1-10.1.1.20, 2001:db8:2de::e13, 2001:db8:1a:1110::/64" } \ No newline at end of file