v1.0.0-beta.4

.drone.yml

@@ -21,7 +21,7 @@ steps:
       repo: sghharbor.com/micro/k8s-service
       registry: sghharbor.com
       tags:
-        - v1.0.0-beta.3
+        - v1.0.0-beta.4
 volumes:
   - name: docker-ca
     host:

k8s/k8s.yaml

@@ -19,21 +19,37 @@ spec:
         - name: private-harbor-reg
       containers:
         - name: k8s-service
-          image: sghharbor.com/micro/k8s-service:v1.0.0-beta.3
+          image: sghharbor.com/micro/k8s-service:v1.0.0-beta.4
           ports:
             - name: k8s-service
               containerPort: 8103
           env:
-            - name: ADDRESS
-              value: ":8103"
+            - name: PORT
+              value: "8100"
+              # jaeger
             - name: TRACING_ENABLE
               value: "true"
             - name: TRACING_JAEGER_URL
               value: "http://jaeger-collector.monitoring.svc.cluster.local:14268/api/traces"
+              # 注册中心
             - name: REGISTRY_ENABLE
               value: "true"
             - name: REGISTRY_CONSUL_URL
               value: "consul-api-service.monitoring.svc.cluster.local:8500"
+              # 数据库
+            - name: DATABASE_ENABLE
+              value: "true"
+            - name: DATABASE_MYSQL_USER
+              value: "root"
+            - name: DATABASE_MYSQL_PASSWORD
+              value: "xugang131500"
+            - name: DATABASE_MYSQL_HOST
+              value: "172.31.166.141"
+            - name: DATABASE_MYSQL_PORT
+              value: "3306"
+            - name: DATABASE_MYSQL_DATABASE
+              value: "sghblog"
+              # Redis
             - name: REDIS_ENABLE
               value: "true"
             - name: REDIS_URL

utils/middleware/middleware.go

@@ -176,7 +176,7 @@ func NewAuthWrapper(service micro.Service) server.HandlerWrapper {
 			// Fetch metadata from context (request headers).
 			md, b := metadata.FromContext(ctx)
 			if !b {
-				return errorcode.Unauthorized("authorization service", common.ErrorMessage[common.UnauthorizedErrorCode])
+				return errorcode.Unauthorized("kubernetes service", common.ErrorMessage[common.UnauthorizedErrorCode])
 				// errors.New("no metadata found")
 			}
 
@@ -191,7 +191,7 @@ func NewAuthWrapper(service micro.Service) server.HandlerWrapper {
 
 			if !ok || !strings.HasPrefix(authHeader, auth.BearerScheme) {
 				logrus.Error("no auth token provided")
-				return errorcode.Unauthorized("authorization service", common.ErrorMessage[common.UnauthorizedErrorCode])
+				return errorcode.Unauthorized("kubernetes service", common.ErrorMessage[common.UnauthorizedErrorCode])
 			}
 
 			// Extract auth token.
@@ -203,13 +203,13 @@ func NewAuthWrapper(service micro.Service) server.HandlerWrapper {
 			acc, err := a.Inspect(token)
 			fmt.Println("acc", acc)
 			if err != nil {
-				return errorcode.Unauthorized("authorization service", common.ErrorMessage[common.TokenInvalidErrorCode])
+				return errorcode.Unauthorized("kubernetes service", common.ErrorMessage[common.TokenInvalidErrorCode])
 			}
 
 			// 校验redis 存储数据
 			blacklisted, err := authutil.JWTAuthService.IsBlacklisted(token)
 			if err == nil && blacklisted {
-				return errorcode.Unauthorized("authorization service", common.ErrorMessage[common.ExpiredLonInAgainErrorCode])
+				return errorcode.Unauthorized("kubernetes service", common.ErrorMessage[common.ExpiredLonInAgainErrorCode])
 			}
 
 			// Create resource for current endpoint from request headers.
@@ -221,7 +221,7 @@ func NewAuthWrapper(service micro.Service) server.HandlerWrapper {
 			fmt.Println("acc.Scopes", acc.Scopes)
 			// Verify if account has access. 验证帐户是否具有访问权限。
 			if err = Verify(authutil.JWTAuthService.GetRuleItems(), acc, &currentResource); err != nil {
-				return errorcode.Unauthorized("authorization service", common.ErrorMessage[common.NoAccessErrorCode])
+				return errorcode.Unauthorized("kubernetes service", common.ErrorMessage[common.NoAccessErrorCode])
 			}
 			// 验证通过后记录操作日志x
 			logrus.Infof("User %s is performing operation %s body %v", acc.ID, req.Endpoint(), req.Body())