perf: Dynamic update vault

2024-11-20 15:02:58 +08:00 · 2024-11-20 15:02:58 +08:00 · 9966ad4c71
parent 9cfe974c52
commit 9966ad4c71
7 changed files with 42 additions and 7 deletions
--- a/apps/accounts/backends/init.py
+++ b/apps/accounts/backends/init.py
@ -5,8 +5,7 @@ from django.utils.functional import LazyObject
 from common.utils import get_logger
 from ..const import VaultTypeChoices
-__all__ = ['vault_client', 'get_vault_client']
+__all__ = ['vault_client', 'get_vault_client', 'refresh_vault_client']
 logger = get_logger(__file__)
@ -38,3 +37,8 @@ class VaultClient(LazyObject):
 """ 为了安全, 页面修改配置, 重启服务后才会重新初始化 vault_client """
 vault_client = VaultClient()
 def refresh_vault_client():
    vault_client._wrapped = None
    vault_client._setup()
--- a/apps/accounts/signal_handlers.py
+++ b/apps/accounts/signal_handlers.py
@ -3,14 +3,17 @@ from collections import defaultdict
 from django.db.models.signals import post_delete
 from django.db.models.signals import pre_save, post_save
 from django.dispatch import receiver
 from django.utils.functional import LazyObject
 from django.utils.translation import gettext_noop
-from accounts.backends import vault_client
+from accounts.backends import vault_client, refresh_vault_client
 from accounts.const import Source
 from audits.const import ActivityChoices
 from audits.signal_handlers import create_activities
 from common.decorators import merge_delay_run
 from common.signals import django_ready
 from common.utils import get_logger, i18n_fmt
 from common.utils.connection import RedisPubSub
 from .models import Account, AccountTemplate
 from .tasks.push_account import push_accounts_to_assets_task
@ -91,3 +94,18 @@ class VaultSignalHandler(object):
 for model in (Account, AccountTemplate, Account.history.model):
    post_save.connect(VaultSignalHandler.save_to_vault, sender=model)
    post_delete.connect(VaultSignalHandler.delete_to_vault, sender=model)
 class VaultPubSub(LazyObject):
    def _setup(self):
        self._wrapped = RedisPubSub('refresh_vault')
 vault_pub_sub = VaultPubSub()
@receiver(django_ready)
 def subscribe_vault_change(sender, **kwargs):
    logger.debug("Start subscribe vault change")
    vault_pub_sub.subscribe(lambda name: refresh_vault_client())
--- a/apps/i18n/lina/en.json
+++ b/apps/i18n/lina/en.json
@ -178,6 +178,7 @@
    "Azure": "Azure (China)",
    "Azure_Int": "Azure (International)",
    "AzureKeyVault": "Azure vault",
    "HashicorpVault": "HCP vault",
    "Backup": "Backup",
    "BackupAccountsHelpText": "Backup account information externally. it can be stored in an external system or sent via email, supporting segmented delivery.",
    "BadConflictErrorMsg": "Refreshing, please try again later",
--- a/apps/i18n/lina/ja.json
+++ b/apps/i18n/lina/ja.json
@ -178,6 +178,7 @@
    "Azure": "Azure(中国)",
    "Azure_Int": "アジュール（インターナショナル）",
    "AzureKeyVault": "Azure vault",
    "HashicorpVault": "HCP vault",
    "Backup": "バックアップ",
    "BackupAccountsHelpText": "アカウント情報を外部にバックアップする。外部システムに保存するかメールを送信することもできます、セクション方式をサポートしています",
    "BadConflictErrorMsg": "更新中です、しばらくお待ちください",
--- a/apps/i18n/lina/zh.json
+++ b/apps/i18n/lina/zh.json
@ -178,6 +178,7 @@
    "Azure": "Azure (中国)",
    "Azure_Int": "Azure (国际)",
    "AzureKeyVault": "Azure vault",
    "HashicorpVault": "HCP vault",
    "Backup": "备份",
    "BackupAccountsHelpText": "备份账号信息到外部。可以存储到外部系统或发送邮件，支持分段方式",
    "BadConflictErrorMsg": "正在刷新中，请稍后再试",
--- a/apps/i18n/lina/zh_hant.json
+++ b/apps/i18n/lina/zh_hant.json
@ -239,6 +239,7 @@
    "Azure": "Azure (中國)",
    "Azure_Int": "Azure (國際)",
    "AzureKeyVault": "Azure vault",
    "HashicorpVault": "HCP vault",
    "Backup": "備份",
    "BackupAccountsHelpText": "備份帳號資訊至外部。可以儲存到外部系統或寄送郵件，支援分段方式",
    "BadConflictErrorMsg": "正在刷新中，請稍後再試",
--- a/apps/settings/serializers/feature.py
+++ b/apps/settings/serializers/feature.py
@ -1,9 +1,9 @@
 import uuid
 from django.utils import timezone
 from django.utils.translation import gettext_lazy as _
 from rest_framework import serializers
 from accounts.const import VaultTypeChoices
 from assets.const import Protocol
 from common.serializers.fields import EncryptedField
 from common.utils import date_expired_default
@ -43,7 +43,16 @@ class AnnouncementSettingSerializer(serializers.Serializer):
    ANNOUNCEMENT = AnnouncementSerializer(label=_("Announcement"))
-class VaultSettingSerializer(serializers.Serializer):
+class BaseVaultSettingSerializer(serializers.Serializer):
    def validate(self, data):
        from accounts.signal_handlers import vault_pub_sub
        data = super().validate(data)
        vault_pub_sub.publish('vault')
        return data
 class VaultSettingSerializer(BaseVaultSettingSerializer, serializers.Serializer):
    PREFIX_TITLE = _('Vault')
    VAULT_ENABLED = serializers.BooleanField(
@ -65,7 +74,7 @@ class VaultSettingSerializer(serializers.Serializer):
    )
-class HashicorpKVSerializer(serializers.Serializer):
+class HashicorpKVSerializer(BaseVaultSettingSerializer, serializers.Serializer):
    PREFIX_TITLE = _('HCP Vault')
    VAULT_HCP_HOST = serializers.CharField(
        max_length=256, allow_blank=True, required=False, label=_('Host')
@ -78,7 +87,7 @@ class HashicorpKVSerializer(serializers.Serializer):
    )
-class AzureKVSerializer(serializers.Serializer):
+class AzureKVSerializer(BaseVaultSettingSerializer, serializers.Serializer):
    PREFIX_TITLE = _('Azure Key Vault')
    VAULT_AZURE_HOST = serializers.CharField(
        max_length=256, allow_blank=True, required=False, label=_('Host')