From 992e34d652c2cc8841e3ee808df22568771151db Mon Sep 17 00:00:00 2001 From: fit2bot <68588906+fit2bot@users.noreply.github.com> Date: Wed, 30 Aug 2023 15:15:49 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20mysql=20=E8=AF=81=E4=B9=A6=20(#11465)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: feng <1304903146@qq.com> --- .../change_secret/database/mysql/main.yml | 12 ++++++++++++ .../gather_accounts/database/mysql/main.yml | 4 ++++ .../automations/push_account/database/mysql/main.yml | 12 ++++++++++++ .../verify_account/database/mongodb/main.yml | 2 +- .../verify_account/database/mysql/main.yml | 4 ++++ apps/assets/automations/ping/database/mysql/main.yml | 4 ++++ apps/ops/ansible/inventory.py | 5 +++-- 7 files changed, 40 insertions(+), 3 deletions(-) diff --git a/apps/accounts/automations/change_secret/database/mysql/main.yml b/apps/accounts/automations/change_secret/database/mysql/main.yml index 2c6965df9..4af4a606d 100644 --- a/apps/accounts/automations/change_secret/database/mysql/main.yml +++ b/apps/accounts/automations/change_secret/database/mysql/main.yml @@ -11,6 +11,10 @@ login_password: "{{ jms_account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" + check_hostname: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert }}" + client_cert: "{{ jms_asset.secret_info.client_cert }}" + client_key: "{{ jms_asset.secret_info.client_key }}" filter: version register: db_info @@ -24,6 +28,10 @@ login_password: "{{ jms_account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" + check_hostname: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert }}" + client_cert: "{{ jms_asset.secret_info.client_cert }}" + client_key: "{{ jms_asset.secret_info.client_key }}" name: "{{ account.username }}" password: "{{ account.secret }}" host: "%" @@ -37,4 +45,8 @@ login_password: "{{ account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" + check_hostname: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert }}" + client_cert: "{{ jms_asset.secret_info.client_cert }}" + client_key: "{{ jms_asset.secret_info.client_key }}" filter: version diff --git a/apps/accounts/automations/gather_accounts/database/mysql/main.yml b/apps/accounts/automations/gather_accounts/database/mysql/main.yml index cc934f20f..178062cf9 100644 --- a/apps/accounts/automations/gather_accounts/database/mysql/main.yml +++ b/apps/accounts/automations/gather_accounts/database/mysql/main.yml @@ -10,6 +10,10 @@ login_password: "{{ jms_account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" + check_hostname: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert }}" + client_cert: "{{ jms_asset.secret_info.client_cert }}" + client_key: "{{ jms_asset.secret_info.client_key }}" filter: users register: db_info diff --git a/apps/accounts/automations/push_account/database/mysql/main.yml b/apps/accounts/automations/push_account/database/mysql/main.yml index 2c6965df9..4af4a606d 100644 --- a/apps/accounts/automations/push_account/database/mysql/main.yml +++ b/apps/accounts/automations/push_account/database/mysql/main.yml @@ -11,6 +11,10 @@ login_password: "{{ jms_account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" + check_hostname: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert }}" + client_cert: "{{ jms_asset.secret_info.client_cert }}" + client_key: "{{ jms_asset.secret_info.client_key }}" filter: version register: db_info @@ -24,6 +28,10 @@ login_password: "{{ jms_account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" + check_hostname: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert }}" + client_cert: "{{ jms_asset.secret_info.client_cert }}" + client_key: "{{ jms_asset.secret_info.client_key }}" name: "{{ account.username }}" password: "{{ account.secret }}" host: "%" @@ -37,4 +45,8 @@ login_password: "{{ account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" + check_hostname: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert }}" + client_cert: "{{ jms_asset.secret_info.client_cert }}" + client_key: "{{ jms_asset.secret_info.client_key }}" filter: version diff --git a/apps/accounts/automations/verify_account/database/mongodb/main.yml b/apps/accounts/automations/verify_account/database/mongodb/main.yml index 483bfc127..63a5df53c 100644 --- a/apps/accounts/automations/verify_account/database/mongodb/main.yml +++ b/apps/accounts/automations/verify_account/database/mongodb/main.yml @@ -15,4 +15,4 @@ ssl_ca_certs: "{{ jms_asset.secret_info.ca_cert }}" ssl_certfile: "{{ jms_asset.secret_info.client_key }}" connection_options: - - tlsAllowInvalidHostnames: "{{ jms_asset.spec_info.allow_invalid_cert}}" + - tlsAllowInvalidHostnames: "{{ jms_asset.spec_info.allow_invalid_cert }}" diff --git a/apps/accounts/automations/verify_account/database/mysql/main.yml b/apps/accounts/automations/verify_account/database/mysql/main.yml index 59c13d98a..82343b916 100644 --- a/apps/accounts/automations/verify_account/database/mysql/main.yml +++ b/apps/accounts/automations/verify_account/database/mysql/main.yml @@ -10,4 +10,8 @@ login_password: "{{ account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" + check_hostname: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert }}" + client_cert: "{{ jms_asset.secret_info.client_cert }}" + client_key: "{{ jms_asset.secret_info.client_key }}" filter: version diff --git a/apps/assets/automations/ping/database/mysql/main.yml b/apps/assets/automations/ping/database/mysql/main.yml index ec7ca9432..bd34a3914 100644 --- a/apps/assets/automations/ping/database/mysql/main.yml +++ b/apps/assets/automations/ping/database/mysql/main.yml @@ -10,4 +10,8 @@ login_password: "{{ jms_account.secret }}" login_host: "{{ jms_asset.address }}" login_port: "{{ jms_asset.port }}" + check_hostname: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}" + ca_cert: "{{ jms_asset.secret_info.ca_cert }}" + client_cert: "{{ jms_asset.secret_info.client_cert }}" + client_key: "{{ jms_asset.secret_info.client_key }}" filter: version diff --git a/apps/ops/ansible/inventory.py b/apps/ops/ansible/inventory.py index 6bbbb0be9..a0c5a19dc 100644 --- a/apps/ops/ansible/inventory.py +++ b/apps/ops/ansible/inventory.py @@ -163,12 +163,13 @@ class JMSInventory: protocol = self.get_primary_protocol(ansible_config, protocols) + tp, category = asset.type, asset.category name = asset.name.replace(' ', '_').replace('[', '_').replace(']', '_') host = { 'name': name, 'jms_asset': { 'id': str(asset.id), 'name': asset.name, 'address': asset.address, - 'type': asset.type, 'category': asset.category, + 'type': tp, 'category': category, 'protocol': protocol.name, 'port': protocol.port, 'spec_info': asset.spec_info, 'secret_info': asset.secret_info, 'protocols': [{'name': p.name, 'port': p.port} for p in protocols], @@ -180,7 +181,7 @@ class JMSInventory: } if account else None } - if host['jms_account'] and asset.platform.type == 'oracle': + if host['jms_account'] and tp == 'oracle': host['jms_account']['mode'] = 'sysdba' if account.privileged else None ansible_config = self.fill_ansible_config(ansible_config, protocol)