cq_anquan
/
safety-eval-service
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

【修改】dubbo配置;【新增】打包发布gbs相关。

dev
huwei 2026-06-26 11:43:58 +08:00
parent 63389a7d42
commit df9de45730
34 changed files with 1268 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

187
docs/GBS部署配置分析报告.docx Normal file
View File

@ -0,0 +1,187 @@
GBS 部署配置分析报告
safety-eval-service (安全评价业务服务)
2026-06-26
1 项目概览
属性
项目名称
safety-eval-service
中文名称
重庆安全评价
应用名称 (application.name)
jjb-saas-cq-anquan
网关前缀 (application.gateway)
cqanquan
Spring 应用名
safety-eval-service
服务端口
8095
上下文路径
/safety-eval
Java 版本
1.8 (JDK 1.8.0_202)
Spring Boot 版本
2.7.18
架构
DDD 分层6 模块)
数据库
jjb_saas_safety_eval
2 部署环境
项目
信息
镜像地址
jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com/ali_img_ns/prod-aly-ota-dragon-jjb-saas-safety-eval:ota-20260626-1
K8s 命名空间
jjb-dragon
Master 节点
192.168.20.100
ACR 仓库
jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com
镜像拉取密钥
image-pull-secret
Nacos 命名空间
jjb-dragon
已有 K8s 服务数
27 个(均为 ClusterIP 端口 80
3 可确定填写的字段
以下字段均可通过项目配置文件和现有环境分析确定填写值。
3.1 路由信息(后端路由)
字段
填写值
依据
路由名称
重庆安全评价-后端
application.cn-name + 现有路由命名惯例
系统编码
jjb-saas-cq-anquan
application.name 属性
Prefix (StripPrefix)
0
项目配置 strip-prefix: 0与现有全部后端路由一致
路径 (Path)
/cqanquan/**
application.gateway = cqanquan格式 /${gateway}/**
标识 (Uri)
http://jjb-saas-cq-anquan
现有路由均为 http://<K8s服务名> 格式
3.2 其他配置
字段
填写值
说明
数据库名称
jjb_saas_safety_eval
表单已预填MySQL 中确认存在
镜像密钥
image-pull-secret
表单已预填K8s 中确认存在
应用类型
后端部署
已选中,正确
3.3 部署参数
字段
填写值
说明
JDK 版本
jdk8
已选中,与项目 Java 1.8 匹配
启动参数
保持现有内容
k8s-nacos:8848 是 GBS 平台内部 Nacos 地址
CPU
500 M
合理,与现有服务一致
副本数
1
合理,开发测试阶段
3.4 服务配置
字段
填写值
依据
服务名称
jjb-saas-cq-anquan
与 Uri 中服务名一致,遵循现有 K8s 命名惯例
开放端口
80
现有 27 个 K8s Service 全部是 ClusterIP 80 端口
4 需要 GBS 平台确认的字段
以下字段无法仅通过项目配置和环境分析确定,需要 GBS 平台侧提供信息。
4.1 心跳监控地址
项目的 Actuator 健康端点为 /cqanquan/actuator/health但 GBS 平台要求的填写格式不确定:
可能需要完整 URLhttp://jjb-saas-cq-anquan/cqanquan/actuator/health
也可能只需路径部分:/cqanquan/actuator/health
需确认 GBS 平台对心跳地址的格式规范
4.2 移动端应用(复选框)
项目配置中存在前端路由(路径 /cqanquan/container/**,指向 http://jjb-saas-base说明可能有前端容器页面。是否需要在此次部署中一并配置取决于业务需求。
若需要勾选,前端路由信息如下:
字段
填写值
路由名称
重庆安全评价-前端
系统编码
jjb-saas-cq-anquan-container
Prefix (StripPrefix)
0
路径 (Path)
/cqanquan/container/**
标识 (Uri)
http://jjb-saas-base
4.3 内存资源
表单当前填写的 128M 对 Spring Boot + Dubbo + Nacos 客户端组合偏小。建议至少 256M但具体配额需确认 GBS 平台的资源限制策略。
4.4 开放端口80 还是 8095
容器内 Spring Boot 实际监听端口为 8095但现有所有 K8s Service 的端口都映射为 80。K8s Service 会做端口转发80 --> 8095。如果 GBS 平台要求填容器内端口,则填 8095如果填 Service 端口,则填 80。根据现有环境惯例填 80 大概率是正确的。
5 现有网关路由规律参考
以下是从 MySQL 数据库 jjb-saas-gateway 的 route 表中提取的现有后端服务路由规律:
字段
规律
示例
systemCode
与服务名一致
jjb-saas-auth
name
中文描述
权限管理
uri
http://<K8s服务名>
http://jjb-saas-auth
path
/<路径前缀>/**
/auth/**
stripPrefix
0绝大多数后端服务
0
filterAuthorizeName
token需认证
token
route_order
0默认
0
6 项目关键配置文件
文件路径
关键配置
application.yml
application.name=jjb-saas-cq-anquan, server.port=8095, context-path=/safety-eval
application-prod.yml
Nacos=prod-nacos:8848, MySQL=prod-mysql:3306
nacos/jjb-saas-demo.yml
网关路由规则path、uri、strip-prefix
nacos/config-actuator.yml
健康端点 /cqanquan/actuator/health
nacos/config-port.yml
共享端口配置port=80
sdk-prod2.yml
SDK 路由注册配置
7 镜像信息
属性
镜像地址
jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com/ali_img_ns/prod-aly-ota-dragon-jjb-saas-safety-eval:ota-20260626-1
镜像大小
792 MB
Digest
sha256:44ee933704c3667ad538513c3aa1729ba3493f20e924a5a8b58759f1ec1ba65b
基础镜像
centos:7
JDK
Oracle JDK 1.8.0_202
容器内 JAR 路径
/opt/app.jar

43
docs/build-tools/Dockerfile Normal file
View File

@ -0,0 +1,43 @@
# ============================================================
# GBS Java Application Dockerfile Template
# Based on: CentOS 7 + Oracle JDK 1.8.0_202
# Usage: docker build -t <image-name>:<tag> -f Dockerfile .
# ============================================================
# Build context structure:
# .
# ├── Dockerfile
# ├── jdk1.8.0_202/ (JDK directory, copied from /opt/jdk1.8.0_202)
# └── target/
# └── *.jar (application JAR file)
# ============================================================
FROM centos:7
# Set timezone to Asia/Shanghai
RUN ln -fs /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
# Copy JDK
COPY jdk1.8.0_202/ /opt/jdk1.8.0_202/
# Set Java environment variables
ENV JAVA_HOME=/opt/jdk1.8.0_202
ENV PATH=$PATH:$JAVA_HOME/bin
ENV LANG=C.UTF-8
# Create log directory
RUN mkdir -p /opt/logs
# Copy the built JAR file
COPY target/*.jar /opt/app.jar
# Default entrypoint
# Runtime parameters can be overridden via K8s deployment or docker run -e
ENTRYPOINT ["/opt/jdk1.8.0_202/bin/java", \
"-Dnacos.namespace=jjb-dragon", \
"-Dnacos.url=prod-nacos:8848", \
"-Dspring.profiles.active=prod", \
"-Dmysql.password=Mysql@zcloud33080", \
"-Dmysql.host=192.168.20.100", \
"-Dmysql.port=33080", \
"-Dmysql.username=root", \
"-jar", "/opt/app.jar"]

306
docs/build-tools/README.md Normal file
View File

@ -0,0 +1,306 @@
## GBS Java 应用 Docker 镜像打包操作流程
### 目录结构
```
build-tools/
├── README.md ← 本文档
├── Dockerfile ← Dockerfile 模板CentOS 7 + JDK 1.8.0_202
├── build.sh ← Shell 构建脚本(在 master 节点上执行)
├── build_push.py ← Python 构建脚本(在本地 Windows 上执行,自动上传+构建+推送)
└── install_env.sh ← 构建环境一键安装脚本(在 master 节点上执行)
```
### 环境信息
| 项目 | 信息 |
|------|------|
| Master 节点 | 192.168.20.100 (root / Zcloud@zcloud100) |
| OS | CentOS 7 (已 EOLyum 源已切换阿里云 vault) |
| JDK | Oracle JDK 1.8.0_202,路径 `/opt/jdk1.8.0_202` |
| Maven | Apache Maven 3.8.8,路径 `/opt/maven`,阿里云镜像 |
| Docker | 26.1.4cgroupdriver=systemdstorage=overlay2 |
| ACR 仓库 | `jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com` |
| ACR 命名空间 | `ali_img_ns` |
| K8s 命名空间 | `jjb-dragon` |
### 镜像命名规则
完整镜像地址格式:
```
{ACR仓库}/{命名空间}/prod-aly-{环境前缀}-dragon-{应用名}:{环境前缀}-{日期}-{序号}
```
示例:
```
jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com/ali_img_ns/prod-aly-ota-dragon-jjb-saas-safety-eval:ota-20260626-1
```
各部分说明:
- `prod-aly` — 固定前缀(生产环境-阿里云)
- `ota` — 环境前缀,对应不同业务模块
- `dragon` — 项目代号
- `jjb-saas-safety-eval` — 应用名称
- `ota-20260626-1` — 标签:环境前缀-年月日-序号(同一天多次构建递增序号)
---
### 方式一:本地一键构建(推荐)
在本地 Windows 机器上执行 `build_push.py`,自动完成 JAR 上传 → Docker 构建 → ACR 推送。
**前置条件:** 本地已安装 Python 和 paramiko`pip install paramiko`
**执行命令:**
```bash
python build_push.py <JAR> <应用名> <环境前缀> [序号]
```
**示例:**
```bash
python build_push.py E:\projects\safety-eval-service\safety-eval-start\target\safety-eval-start-1.0-SNAPSHOT.jar jjb-saas-safety-eval ota 1
```
**输出:**
```
Image Address:
jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com/ali_img_ns/prod-aly-ota-dragon-jjb-saas-safety-eval:ota-20260626-1
```
---
### 方式二:在 Master 节点上构建
SSH 登录 master 节点后,使用 `build.sh` 脚本构建。
**Step 1 — 上传 JAR 到 master 节点**
在本地用 scp 或其他方式上传 JAR
```bash
scp safety-eval-start-1.0-SNAPSHOT.jar root@192.168.20.100:/tmp/
```
**Step 2 — SSH 登录 master**
```bash
ssh root@192.168.20.100
# 密码: Zcloud@zcloud100
```
**Step 3 — 执行构建脚本**
```bash
source /etc/profile.d/java.sh
source /etc/profile.d/maven.sh
/opt/docker-templates/build.sh jjb-saas-safety-eval ota /tmp/safety-eval-start-1.0-SNAPSHOT.jar 1
```
脚本会自动完成:准备构建上下文 → 复制 JDK → Docker build → Docker login ACR → Docker push。
---
### 方式三:手动分步操作
如果需要手动控制每一步:
**Step 1 — 准备构建目录**
```bash
BUILD_DIR=/tmp/manual-build
rm -rf $BUILD_DIR && mkdir -p $BUILD_DIR/target
```
**Step 2 — 复制 JDK 和 JAR**
```bash
cp -r /opt/jdk1.8.0_202 $BUILD_DIR/
cp /path/to/your-app.jar $BUILD_DIR/target/
cp /opt/docker-templates/Dockerfile $BUILD_DIR/
```
**Step 3 — Docker Build**
```bash
docker build -t jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com/ali_img_ns/prod-aly-ota-dragon-jjb-saas-safety-eval:ota-20260626-1 $BUILD_DIR
```
**Step 4 — 登录 ACR**
```bash
echo 'idurCT!rIq9EzISD' | docker login --username=10952138@qq.com --password-stdin jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com
```
**Step 5 — 推送镜像**
```bash
docker push jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com/ali_img_ns/prod-aly-ota-dragon-jjb-saas-safety-eval:ota-20260626-1
```
**Step 6 — 清理**
```bash
rm -rf $BUILD_DIR
```
---
### 从源码构建Maven 打包 + Docker 构建)
如果拿到的是 Java 源码而不是编译好的 JAR
```bash
source /etc/profile.d/java.sh
source /etc/profile.d/maven.sh
# Maven 编译打包
cd /path/to/project
mvn clean package -DskipTests
# 然后用编译好的 JAR 走上面的构建流程
/opt/docker-templates/build.sh <app-name> <env-prefix> target/xxx.jar 1
```
Maven 已配置阿里云镜像(`maven.aliyun.com/repository/public`),依赖下载速度约 200-400 KB/s。
---
### K8s 部署命令
**创建新 Deployment**
```bash
/usr/bin/kubectl create deployment jjb-saas-safety-eval \
--image=jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com/ali_img_ns/prod-aly-ota-dragon-jjb-saas-safety-eval:ota-20260626-1 \
-n jjb-dragon --replicas=1
```
**更新已有 Deployment 的镜像:**
```bash
/usr/bin/kubectl set image deployment/jjb-saas-safety-eval \
jjb-saas-safety-eval=jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com/ali_img_ns/prod-aly-ota-dragon-jjb-saas-safety-eval:ota-20260626-1 \
-n jjb-dragon
```
**查看 Pod 状态:**
```bash
/usr/bin/kubectl get pods -n jjb-dragon | grep safety-eval
```
**查看日志:**
```bash
/usr/bin/kubectl logs -f deployment/jjb-saas-safety-eval -n jjb-dragon
```
**查看 Deployment 详情:**
```bash
/usr/bin/kubectl describe deployment jjb-saas-safety-eval -n jjb-dragon
```
---
### 常用查询命令
**查看本地镜像:**
```bash
docker images | grep jjb-saas-safety-eval
```
**查看镜像详情:**
```bash
docker inspect jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com/ali_img_ns/prod-aly-ota-dragon-jjb-saas-safety-eval:ota-20260626-1
```
**查看镜像构建历史:**
```bash
docker history jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com/ali_img_ns/prod-aly-ota-dragon-jjb-saas-safety-eval:ota-20260626-1
```
**本地测试运行:**
```bash
docker run --rm -it --name safety-eval-test \
-p 8080:8080 \
jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com/ali_img_ns/prod-aly-ota-dragon-jjb-saas-safety-eval:ota-20260626-1
```
**列出 ACR 上所有已有镜像:**
```bash
docker images --format '{{.Repository}}:{{.Tag}}' | grep 'ali_img_ns'
```
---
### 构建环境安装
首次使用新机器时,运行 `install_env.sh` 一键安装全部构建依赖:
```bash
ssh root@192.168.20.100
bash install_env.sh
```
该脚本会安装并配置JDK 1.8.0_202、Maven 3.8.8阿里云镜像、Dockerfile 模板、yum vault 源、ACR 登录。
---
### Dockerfile 结构说明
镜像内部结构(从已有运行镜像逆向分析得出):
```
/
├── opt/
│ ├── jdk1.8.0_202/ ← Oracle JDK 1.8.0_202
│ ├── app.jar ← 应用 JAR 包
│ └── logs/ ← 日志目录
```
容器启动命令ENTRYPOINT
```
/opt/jdk1.8.0_202/bin/java
-Dnacos.namespace=jjb-dragon
-Dnacos.url=prod-nacos:8848
-Dspring.profiles.active=prod
-Dmysql.password=***
-Dmysql.host=192.168.20.100
-Dmysql.port=33080
-Dmysql.username=root
-jar /opt/app.jar
```
运行时可通过 K8s deployment 的 `args``env` 字段覆盖以上参数。
---
### 故障排查
**问题:`yum install` 报错 404**
CentOS 7 已 EOL确认 `/etc/yum.repos.d/CentOS-Base.repo` 使用 `centos-vault`install_env.sh 会自动处理)。
**问题Maven 下载依赖慢**
检查 `/root/.m2/settings.xml` 是否配置了阿里云镜像mirrorOf 应为 `central`
**问题:`docker push` 报 unauthorized**
重新登录 ACR`echo 'idurCT!rIq9EzISD' | docker login --username=10952138@qq.com --password-stdin jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com`
**问题K8s 拉取镜像失败 (ImagePullBackOff)**
确认 `jjb-dragon` namespace 下有 `image-pull-secret``image-pull-secret1`
```bash
/usr/bin/kubectl get secret -n jjb-dragon | grep image-pull
```

85
docs/build-tools/build.sh Normal file
View File

@ -0,0 +1,85 @@
#!/bin/bash
# ============================================================
# GBS Application Build & Push Script (Shell version)
# Run on master node: 192.168.20.100
#
# Usage:
# ./build.sh <app-name> <env-prefix> <jar-file> [version-suffix]
#
# Example:
# ./build.sh jjb-saas-safety-eval ota /tmp/safety-eval.jar 1
#
# Result image:
# jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com/ali_img_ns/prod-aly-ota-dragon-jjb-saas-safety-eval:ota-20260626-1
# ============================================================
set -e
# ---- Parameters ----
APP_NAME=${1:?"Usage: $0 <app-name> <env-prefix> <jar-file> [version-suffix]"}
ENV_PREFIX=${2:?"Usage: $0 <app-name> <env-prefix> <jar-file> [version-suffix]"}
JAR_FILE=${3:?"Usage: $0 <app-name> <env-prefix> <jar-file> [version-suffix]"}
VERSION_SUFFIX=${4:-1}
# ---- Constants ----
ACR_REGISTRY="jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com"
ACR_NAMESPACE="ali_img_ns"
ACR_USER="10952138@qq.com"
ACR_PASS='idurCT!rIq9EzISD'
DATE_TAG=$(date +%Y%m%d)
IMAGE_TAG="${ENV_PREFIX}-${DATE_TAG}-${VERSION_SUFFIX}"
FULL_IMAGE="${ACR_REGISTRY}/${ACR_NAMESPACE}/prod-aly-${ENV_PREFIX}-dragon-${APP_NAME}:${IMAGE_TAG}"
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
# Source environment
source /etc/profile.d/java.sh 2>/dev/null || true
source /etc/profile.d/maven.sh 2>/dev/null || true
echo "=========================================="
echo " GBS Docker Build & Push"
echo "=========================================="
echo "App: ${APP_NAME}"
echo "Tag: ${IMAGE_TAG}"
echo "JAR: ${JAR_FILE}"
echo "Image: ${FULL_IMAGE}"
echo "=========================================="
# ---- Step 1: Verify JAR ----
if [ ! -f "${JAR_FILE}" ]; then
echo "ERROR: JAR file not found: ${JAR_FILE}"
exit 1
fi
echo "[1/4] JAR verified: $(ls -lh ${JAR_FILE} | awk '{print $5}')"
# ---- Step 2: Prepare build context ----
BUILD_DIR="/tmp/docker-build-${APP_NAME}-$$"
echo "[2/4] Preparing build context at ${BUILD_DIR}..."
mkdir -p ${BUILD_DIR}/target
cp -r /opt/jdk1.8.0_202 ${BUILD_DIR}/
cp ${JAR_FILE} ${BUILD_DIR}/target/
cp ${SCRIPT_DIR}/Dockerfile ${BUILD_DIR}/
echo " Build context size: $(du -sh ${BUILD_DIR} | awk '{print $1}')"
# ---- Step 3: Docker build ----
echo "[3/4] Building Docker image..."
docker build -t "${FULL_IMAGE}" "${BUILD_DIR}"
echo " Image size: $(docker images --format '{{.Size}}' ${FULL_IMAGE})"
# ---- Step 4: Push to ACR ----
echo "[4/4] Pushing to ACR..."
echo "${ACR_PASS}" | docker login --username="${ACR_USER}" --password-stdin "${ACR_REGISTRY}" 2>/dev/null
docker push "${FULL_IMAGE}"
# ---- Cleanup ----
rm -rf "${BUILD_DIR}"
echo ""
echo "=========================================="
echo " BUILD COMPLETE"
echo "=========================================="
echo "Image: ${FULL_IMAGE}"
echo ""
echo "Deploy to K8s:"
echo " /usr/bin/kubectl create deployment ${APP_NAME} --image=${FULL_IMAGE} -n jjb-dragon --replicas=1"
echo " /usr/bin/kubectl set image deployment/${APP_NAME} ${APP_NAME}=${FULL_IMAGE} -n jjb-dragon"
echo "=========================================="

166
docs/build-tools/build_push.py Normal file
View File

@ -0,0 +1,166 @@
"""
GBS Application Build & Push Script (Python version)
Run from local Windows machine - handles SFTP upload + remote build + push.
Usage:
python build_push.py <jar-file> <app-name> <env-prefix> [version-suffix]
Example:
python build_push.py E:\\projects\\xxx\\target\\app.jar jjb-saas-safety-eval ota 1
Result image:
jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com/ali_img_ns/prod-aly-ota-dragon-jjb-saas-safety-eval:ota-20260626-1
"""
import paramiko
import sys
import os
import time
from datetime import datetime
# ---- Configuration ----
MASTER = "192.168.20.100"
SSH_USER = "root"
SSH_PASSWD = "Zcloud@zcloud100"
ACR_REGISTRY = "jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com"
ACR_NAMESPACE = "ali_img_ns"
ACR_USER = "10952138@qq.com"
ACR_PASS = "idurCT!rIq9EzISD"
SCRIPT_DIR = os.path.dirname(os.path.abspath(__file__))
DOCKERFILE_PATH = os.path.join(SCRIPT_DIR, "Dockerfile")
def ssh_exec(client, cmd, timeout=600):
"""Execute SSH command and print results."""
print(f" > {cmd[:120]}{'...' if len(cmd) > 120 else ''}")
stdin, stdout, stderr = client.exec_command(cmd, timeout=timeout)
out = stdout.read().decode('utf-8', errors='replace')
err = stderr.read().decode('utf-8', errors='replace')
exit_code = stdout.channel.recv_exit_status()
if out.strip():
for line in out.strip().split('\n')[-10:]: # last 10 lines
print(f" {line}")
if err.strip():
important = [l for l in err.strip().split('\n')
if not any(x in l for x in ['Downloading', 'Downloaded', 'Extracting', 'Progress'])]
if important:
print(f" [stderr] {'; '.join(important[:5])}")
return out.strip(), err.strip(), exit_code
def main():
if len(sys.argv) < 4:
print(__doc__)
sys.exit(1)
jar_local = sys.argv[1]
app_name = sys.argv[2]
env_prefix = sys.argv[3]
version_suffix = sys.argv[4] if len(sys.argv) > 4 else "1"
date_tag = datetime.now().strftime("%Y%m%d")
image_tag = f"{env_prefix}-{date_tag}-{version_suffix}"
full_image = f"{ACR_REGISTRY}/{ACR_NAMESPACE}/prod-aly-{env_prefix}-dragon-{app_name}:{image_tag}"
if not os.path.exists(jar_local):
print(f"ERROR: JAR file not found: {jar_local}")
sys.exit(1)
jar_size_mb = os.path.getsize(jar_local) / 1024 / 1024
build_dir = f"/tmp/docker-build-{app_name}"
jar_name = os.path.basename(jar_local)
print("=" * 60)
print(f" GBS Docker Build & Push (Remote)")
print("=" * 60)
print(f" JAR: {jar_local} ({jar_size_mb:.1f} MB)")
print(f" App: {app_name}")
print(f" Tag: {image_tag}")
print(f" Image: {full_image}")
print(f" Target: {MASTER}")
print("=" * 60)
# ---- Connect ----
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(MASTER, username=SSH_USER, password=SSH_PASSWD, timeout=30)
print("\n[1/5] SSH connected")
# ---- Prepare remote dir ----
ssh_exec(client, f"rm -rf {build_dir} && mkdir -p {build_dir}/target")
# ---- Upload JAR ----
print(f"\n[2/5] Uploading JAR ({jar_size_mb:.1f} MB)...")
sftp = client.open_sftp()
remote_jar = f"{build_dir}/target/{jar_name}"
start = time.time()
last_pct = -1
def progress(transferred, total):
nonlocal last_pct
pct = int(transferred * 100 / total)
if pct >= last_pct + 10:
last_pct = pct
mb = transferred / 1024 / 1024
elapsed = time.time() - start
speed = mb / elapsed if elapsed > 0 else 0
print(f" {pct}% ({mb:.1f} MB) - {speed:.1f} MB/s")
sftp.put(jar_local, remote_jar, callback=progress)
elapsed = time.time() - start
print(f" Done in {elapsed:.1f}s ({jar_size_mb/elapsed:.1f} MB/s)")
sftp.close()
# ---- Upload Dockerfile ----
ssh_exec(client, f"cat > {build_dir}/Dockerfile", timeout=10)
with open(DOCKERFILE_PATH, 'r', encoding='utf-8') as f:
dockerfile_content = f.read()
stdin, stdout, stderr = client.exec_command(f"cat > {build_dir}/Dockerfile")
stdin.write(dockerfile_content)
stdin.channel.shutdown_write()
stdout.read()
# ---- Copy JDK into context ----
print("\n[3/5] Preparing build context...")
ssh_exec(client, f"cp -r /opt/jdk1.8.0_202 {build_dir}/", timeout=120)
ssh_exec(client, f"du -sh {build_dir}/")
# ---- Docker build ----
print("\n[4/5] Building Docker image...")
out, err, code = ssh_exec(client, f"docker build -t '{full_image}' {build_dir}", timeout=300)
if code != 0:
print("ERROR: Docker build failed!")
client.close()
sys.exit(1)
# ---- Push to ACR ----
print("\n[5/5] Pushing to ACR...")
ssh_exec(client, f"echo '{ACR_PASS}' | docker login --username={ACR_USER} --password-stdin {ACR_REGISTRY}")
out, err, code = ssh_exec(client, f"docker push '{full_image}'", timeout=600)
if code != 0:
print("ERROR: Docker push failed!")
client.close()
sys.exit(1)
# ---- Verify & Cleanup ----
ssh_exec(client, f"docker images | grep '{app_name}'")
ssh_exec(client, f"rm -rf {build_dir}")
client.close()
# ---- Summary ----
print("\n" + "=" * 60)
print(" BUILD COMPLETE")
print("=" * 60)
print(f"\n Image Address:\n {full_image}\n")
print(f" K8s Deploy:\n"
f" /usr/bin/kubectl create deployment {app_name} \\\n"
f" --image={full_image} -n jjb-dragon --replicas=1\n")
print(f" /usr/bin/kubectl set image deployment/{app_name} \\\n"
f" {app_name}={full_image} -n jjb-dragon\n")
print("=" * 60)
if __name__ == "__main__":
main()

216
docs/build-tools/install_env.sh Normal file
View File

@ -0,0 +1,216 @@
#!/bin/bash
# ============================================================
# GBS Master Node Build Environment Installation Script
# Run on: 192.168.20.100 (CentOS 7)
#
# Installs:
# - Oracle JDK 1.8.0_202 (extracted from existing Docker image)
# - Apache Maven 3.8.8 (with Alibaba Cloud mirror)
# - Dockerfile template
# - yum vault mirrors (CentOS 7 EOL fix)
# - ACR login
#
# Usage:
# bash install_env.sh
# ============================================================
set -e
echo "=========================================="
echo " GBS Build Environment Setup"
echo " Host: $(hostname) ($(hostname -I 2>/dev/null || echo 'unknown'))"
echo "=========================================="
# ---- Step 1: Extract JDK from existing Docker image ----
echo ""
echo "[1/6] Installing JDK 1.8.0_202..."
if [ -d "/opt/jdk1.8.0_202" ] && [ -x "/opt/jdk1.8.0_202/bin/java" ]; then
echo " JDK already installed, skipping."
else
# Find an image with JDK
IMAGE=$(docker images --format '{{.Repository}}:{{.Tag}}' | grep 'ali_img_ns' | head -1)
if [ -z "$IMAGE" ]; then
echo "ERROR: No suitable Docker image found with JDK!"
exit 1
fi
echo " Extracting JDK from: $IMAGE"
docker rm -f jdk-extract-tmp 2>/dev/null || true
docker create --name jdk-extract-tmp "$IMAGE" /bin/true > /dev/null
docker cp jdk-extract-tmp:/opt/jdk1.8.0_202 /opt/jdk1.8.0_202
docker rm jdk-extract-tmp > /dev/null
echo " JDK extracted to /opt/jdk1.8.0_202"
fi
# Configure JAVA_HOME
cat > /etc/profile.d/java.sh << 'EOF'
export JAVA_HOME=/opt/jdk1.8.0_202
export PATH=$JAVA_HOME/bin:$PATH
EOF
chmod +x /etc/profile.d/java.sh
source /etc/profile.d/java.sh
echo " $(java -version 2>&1 | head -1)"
# ---- Step 2: Install Maven ----
echo ""
echo "[2/6] Installing Maven 3.8.8..."
if [ -x "/opt/maven/bin/mvn" ]; then
echo " Maven already installed, skipping."
else
MAVEN_VERSION="3.8.8"
MAVEN_URLS=(
"https://mirrors.aliyun.com/apache/maven/maven-3/${MAVEN_VERSION}/binaries/apache-maven-${MAVEN_VERSION}-bin.tar.gz"
"https://archive.apache.org/dist/maven/maven-3/${MAVEN_VERSION}/binaries/apache-maven-${MAVEN_VERSION}-bin.tar.gz"
)
DOWNLOADED=0
for url in "${MAVEN_URLS[@]}"; do
echo " Trying: $url"
if curl -fsSL -o /tmp/maven.tar.gz "$url" --connect-timeout 15 --max-time 300; then
DOWNLOADED=1
break
fi
done
if [ $DOWNLOADED -eq 0 ]; then
echo "ERROR: Could not download Maven!"
exit 1
fi
mkdir -p /opt/maven
tar -xzf /tmp/maven.tar.gz -C /opt/maven --strip-components=1
rm -f /tmp/maven.tar.gz
fi
# Configure Maven environment
cat > /etc/profile.d/maven.sh << 'EOF'
export MAVEN_HOME=/opt/maven
export PATH=$MAVEN_HOME/bin:$PATH
EOF
chmod +x /etc/profile.d/maven.sh
source /etc/profile.d/maven.sh
# Configure Alibaba Maven mirror
mkdir -p /root/.m2
cat > /root/.m2/settings.xml << 'XMLEOF'
<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.2.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.2.0 https://maven.apache.org/xsd/settings-1.2.0.xsd">
<localRepository>/root/.m2/repository</localRepository>
<mirrors>
<mirror>
<id>aliyunmaven</id>
<name>Alibaba Cloud Maven Mirror</name>
<url>https://maven.aliyun.com/repository/public</url>
<mirrorOf>central</mirrorOf>
</mirror>
</mirrors>
<profiles>
<profile>
<id>alibaba-repos</id>
<repositories>
<repository>
<id>aliyun-public</id>
<url>https://maven.aliyun.com/repository/public</url>
<releases><enabled>true</enabled></releases>
<snapshots><enabled>true</enabled></snapshots>
</repository>
<repository>
<id>aliyun-spring</id>
<url>https://maven.aliyun.com/repository/spring</url>
<releases><enabled>true</enabled></releases>
<snapshots><enabled>true</enabled></snapshots>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>aliyun-plugin</id>
<url>https://maven.aliyun.com/repository/public</url>
<releases><enabled>true</enabled></releases>
<snapshots><enabled>true</enabled></snapshots>
</pluginRepository>
</pluginRepositories>
</profile>
</profiles>
<activeProfiles>
<activeProfile>alibaba-repos</activeProfile>
</activeProfiles>
</settings>
XMLEOF
cp /root/.m2/settings.xml /opt/maven/conf/settings.xml
echo " Maven $(mvn -version 2>&1 | head -1)"
# ---- Step 3: Fix yum repos (CentOS 7 EOL) ----
echo ""
echo "[3/6] Configuring yum vault mirrors..."
cp /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak.$(date +%Y%m%d) 2>/dev/null || true
cat > /etc/yum.repos.d/CentOS-Base.repo << 'YUMEOF'
[base]
name=CentOS-7 - Base - vault.aliyun.com
baseurl=https://mirrors.aliyun.com/centos-vault/7.9.2009/os/x86_64/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
enabled=1
[updates]
name=CentOS-7 - Updates - vault.aliyun.com
baseurl=https://mirrors.aliyun.com/centos-vault/7.9.2009/updates/x86_64/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
enabled=1
[extras]
name=CentOS-7 - Extras - vault.aliyun.com
baseurl=https://mirrors.aliyun.com/centos-vault/7.9.2009/extras/x86_64/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
enabled=1
YUMEOF
yum clean all > /dev/null 2>&1
yum makecache fast > /dev/null 2>&1
echo " yum repos configured (aliyun centos-vault)"
# ---- Step 4: Verify Docker ----
echo ""
echo "[4/6] Verifying Docker..."
echo " Docker $(docker --version)"
# ---- Step 5: Login to ACR ----
echo ""
echo "[5/6] Logging in to ACR..."
echo 'idurCT!rIq9EzISD' | docker login --username=10952138@qq.com --password-stdin jjb-registry-registry.cn-hangzhou.cr.aliyuncs.com 2>&1 | grep -v WARNING
# ---- Step 6: Install Dockerfile template ----
echo ""
echo "[6/6] Installing Dockerfile template..."
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
mkdir -p /opt/docker-templates
if [ -f "${SCRIPT_DIR}/Dockerfile" ]; then
cp "${SCRIPT_DIR}/Dockerfile" /opt/docker-templates/
echo " Dockerfile copied to /opt/docker-templates/"
fi
if [ -f "${SCRIPT_DIR}/build.sh" ]; then
cp "${SCRIPT_DIR}/build.sh" /opt/docker-templates/
chmod +x /opt/docker-templates/build.sh
echo " build.sh copied to /opt/docker-templates/"
fi
# ---- Summary ----
echo ""
echo "=========================================="
echo " INSTALLATION COMPLETE"
echo "=========================================="
echo ""
echo " Java: $(/opt/jdk1.8.0_202/bin/java -version 2>&1 | head -1)"
echo " Maven: $(/opt/maven/bin/mvn -version 2>&1 | head -1)"
echo " Docker: $(docker --version)"
echo ""
echo " JAVA_HOME=/opt/jdk1.8.0_202"
echo " MAVEN_HOME=/opt/maven"
echo " Dockerfile: /opt/docker-templates/Dockerfile"
echo " Build script: /opt/docker-templates/build.sh"
echo ""
echo " NOTE: Run 'source /etc/profile.d/java.sh' and"
echo " 'source /etc/profile.d/maven.sh' or re-login"
echo " to use java/mvn commands."
echo "=========================================="

0
docs/sql/database-design.md → docs/db/database-design.md
View File

0
docs/init-v2.sql → docs/db/init-v2.sql
View File

0
docs/sql/init.sql → docs/db/init.sql
View File

0
docs/数据库规范.md → docs/db/数据库规范.md
View File

0
docs/数据库设计文档-v2.md → docs/db/数据库设计文档-v2.md
View File

0
docs/GBS前端开发规范.docx → docs/dev/GBS前端开发规范.docx
View File

0
docs/Gbs后端开发规范.docx → docs/dev/Gbs后端开发规范.docx
View File

0
docs/JAVA规范.md → docs/dev/JAVA规范.md
View File

0
docs/settingsfjk.xml → docs/dev/settingsfjk.xml
View File

1
docs/~$S部署配置分析报告.docx Normal file
View File

@ -0,0 +1 @@
Administrator Administrator

2
safety-eval-start/src/main/resources/application-dev.yml
View File

@ -67,7 +67,7 @@ dubbo:
registry:
address: nacos://192.168.20.100:30290
parameters:
namespace: jjb-dragon
namespace: jjb-dragon-facade
protocol:
port: 20895

2
safety-eval-start/src/main/resources/application-local.yml
View File

@ -68,7 +68,7 @@ dubbo:
registry:
address: nacos://192.168.20.100:30290
parameters:
namespace: jjb-dragon
namespace: jjb-dragon-facade
protocol:
port: 20895

2
safety-eval-start/src/main/resources/application-prod.yml
View File

@ -72,7 +72,7 @@ dubbo:
registry:
address: nacos://prod-nacos:8848
parameters:
namespace: jjb-dragon
namespace: jjb-dragon-facade
protocol:
port: 20895

8
safety-eval-start/src/main/resources/application.yml
View File

@ -16,11 +16,15 @@ server:
spring:
application:
name: safety-eval-service
profiles:
active: local
mvc:
pathmatch:
matching-strategy: ant_path_matcher
profiles:
active: local
config:
import:
- classpath:sdk-prod2.yml
# ---------- MyBatis Plus ----------
mybatis-plus:

36
safety-eval-start/src/main/resources/nacos/config-actuator.yml Normal file
View File

@ -0,0 +1,36 @@
management:
endpoints:
web:
base-path: /${application.gateway}${application.version}/actuator
enabled-by-default: true
endpoint:
health:
enabled: true
info:
enabled: false
auditevents:
enabled: false
metrics:
enabled: false
loggers:
enabled: false
logfile:
enabled: false
httptrace:
enabled: false
env:
enabled: false
flyway:
enabled: false
liquidbase:
enabled: false
shutdown:
enabled: false
mappings:
enabled: false
scheduledtasks:
enabled: false
threaddump:
enabled: false
heapdump:
enabled: false

39
safety-eval-start/src/main/resources/nacos/config-cache.yml Normal file
View File

@ -0,0 +1,39 @@
spring:
cache:
redis:
time-to-live: 1800s
# 二级缓存配置
# 注caffeine 不适用于数据量大,并且缓存命中率极低的业务场景,如用户维度的缓存。请慎重选择。
l2cache:
config:
# 是否存储空值默认true防止缓存穿透
allowNullValues: true
# 组合缓存配置
composite:
# 是否全部启用一级缓存默认false
l1AllOpen: false
# 一级缓存
caffeine:
# 是否自动刷新过期缓存 true 是 false 否
autoRefreshExpireCache: false
# 缓存刷新调度线程池的大小
refreshPoolSize: 2
# 缓存刷新的频率(秒)
refreshPeriod: 10
# 写入后过期时间(秒)
expireAfterWrite: 180
# 访问后过期时间(秒)
expireAfterAccess: 180
# 初始化大小
initialCapacity: 1
# 最大缓存对象个数,超过此数量时之前放入的缓存将失效
maximumSize: 3
# 二级缓存
redis:
# 全局过期时间,单位毫秒,默认不过期
defaultExpiration: 1800000
# 缓存更新时通知其他节点的topic名称 默认 cache:redis:caffeine:topic
topic: cache:redis:caffeine:topic

44
safety-eval-start/src/main/resources/nacos/config-common.yml Normal file
View File

@ -0,0 +1,44 @@
common:
mysql:
host: 192.168.2.166
port: 3306
username: root
password: root
redis:
host: 10.43.253.4
password: jjb123456
port: 6379
mq:
host: 10.43.163.23:9876
xxl-job:
address: http://10.43.98.135:8080/xxl-job-admin/
username: admin
password: jjb123456
gateway:
network:
http:
#网关的外网访问地址 必须配置为HTTPS协议
external: https://testdragon.cqjjb.cn
#网关的内网访问地址 固定配置为http://jjb-saas-gateway
intranet: http://10.43.250.65
wx:
#webSocket外网地址
external: wx://testdragon.cqjjb.cn
swagger:
#是否打开swagger 测试及UAT配置为true,生产环境配置为false
enabled: true
base:
# base应用访问外网访问地址
host-url: http://10.43.12.158
desk:
# desk工程的外网地址
host-url: http://10.43.12.158
login:
# login工程的外网访问地址
host-url: http://10.43.12.158
#所有的前端域名配置 避免iframe跨域
x-frame-options: ${common.desk.host-url}/ ${common.login.host-url}/ ${common.base.host-url}/ ${common.gateway.network.http.external}/ http://10.43.250.65/
k8s:
namespace: test-dragon

8
safety-eval-start/src/main/resources/nacos/config-job.yml Normal file
View File

@ -0,0 +1,8 @@
# JOB 配置
xxl-job:
admin:
address: ${common.xxl-job.address}
username: ${common.xxl-job.username}
password: ${common.xxl-job.password}
executor:
app-name: ${spring.application.name}

11
safety-eval-start/src/main/resources/nacos/config-log.yml Normal file
View File

@ -0,0 +1,11 @@
common:
log:
jjb-saas-system:
- com.jjb:info
jjb-saas-auth1:
- com.jjb:info
jjb-saas-user:
- com.jjb:info
gray:
log:
host: 192.168.1.1

21
safety-eval-start/src/main/resources/nacos/config-mq.yml Normal file
View File

@ -0,0 +1,21 @@
mq:
topic: springcloudStream-jjb-dragon-test
server: ${common.mq.host}
spring:
cloud:
stream:
bindings:
input:
destination: springcloudStream-jjb-dragon-test
group: ${spring.application.name}-${spring.profiles.active}
output:
destination: springcloudStream-jjb-dragon-test
group: ${spring.application.name}-${spring.profiles.active}
rocketmq:
binder:
name-server: ${common.mq.host}
group: ${spring.application.name}-${spring.profiles.active}
bindings:
input:
consumer:
tags: a

11
safety-eval-start/src/main/resources/nacos/config-mybatis.yml Normal file
View File

@ -0,0 +1,11 @@
mybatis-plus:
mapper-locations: classpath*:mapper/*.xml,classpath*:mapper/**/*Mapper.xml
type-handlers-package: com.jjb.saas.framework.datascope.handler
global-config:
banner: false
db-config:
id-type: assign_id
logic-delete-value: 1
logic-not-delete-value: 0
configuration:
log-impl: org.apache.ibatis.logging.nologging.NoLoggingImpl

79
safety-eval-start/src/main/resources/nacos/config-mysql.yml Normal file
View File

@ -0,0 +1,79 @@
mysql:
db: ${spring.application.name}
spring:
shardingsphere:
druid:
username: admin
password: jjb123456
allows:
denys:
props:
sql:
show: true
enabled: true
masterslave:
name: ms # 名字,任意,需要保证唯一
master-data-source-name: master # 主库数据源
slave-data-source-names: slave-1 # 从库数据源
datasource:
names: master,slave-1
master:
#url: jdbc:mysql://10.43.123.226:3306/${spring.application.name}?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&allowMultiQueries=true&serverTimezone=Asia/Shanghai
url: jdbc:mysql://${common.mysql.host}:${common.mysql.port}/${mysql.db}?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&allowMultiQueries=true&serverTimezone=Asia/Shanghai
username: ${common.mysql.username}
password: ${common.mysql.password}
type: com.alibaba.druid.pool.DruidDataSource
driver-class-name: com.mysql.cj.jdbc.Driver
initial-size: 6
min-idle: 4
maxActive: 40
# 配置获取连接等待超时的时间
maxWait: 60000
# 配置间隔多久才进行一次检测,检测需要关闭的空闲连接,单位是毫秒
timeBetweenEvictionRunsMillis: 60000
# 配置一个连接在池中最小生存的时间,单位是毫秒
minEvictableIdleTimeMillis: 300000
#Oracle需要打开注释
#validationQuery: SELECT 1 FROM DUAL
testWhileIdle: true
testOnBorrow: false
testOnReturn: false
# 打开PSCache并且指定每个连接上PSCache的大小
poolPreparedStatements: true
maxPoolPreparedStatementPerConnectionSize: 20
# 配置监控统计拦截的filters去掉后监控界面sql无法统计'wall'用于防火墙
filters: slf4j
# 通过connectProperties属性来打开mergeSql功能慢SQL记录
connectionProperties: druid.stat.mergeSql\=true;druid.stat.slowSqlMillis\=5000
wall:
multi-statement-allow: true
slave-1:
# url: jdbc:mysql://10.43.123.226:3306/${spring.application.name}?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&allowMultiQueries=true&serverTimezone=Asia/Shanghai
url: jdbc:mysql://${common.mysql.host}:${common.mysql.port}/${mysql.db}?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&allowMultiQueries=true&serverTimezone=Asia/Shanghai
username: ${common.mysql.username}
password: ${common.mysql.password}
type: com.alibaba.druid.pool.DruidDataSource
driver-class-name: com.mysql.cj.jdbc.Driver
initial-size: 6
min-idle: 4
maxActive: 20
# 配置获取连接等待超时的时间
maxWait: 60000
# 配置间隔多久才进行一次检测,检测需要关闭的空闲连接,单位是毫秒
timeBetweenEvictionRunsMillis: 60000
# 配置一个连接在池中最小生存的时间,单位是毫秒
minEvictableIdleTimeMillis: 300000
#Oracle需要打开注释
#validationQuery: SELECT 1 FROM DUAL
testWhileIdle: true
testOnBorrow: false
testOnReturn: false
# 打开PSCache并且指定每个连接上PSCache的大小
poolPreparedStatements: true
maxPoolPreparedStatementPerConnectionSize: 20
# 配置监控统计拦截的filters去掉后监控界面sql无法统计'wall'用于防火墙,stat已去掉
filters: slf4j
# 通过connectProperties属性来打开mergeSql功能慢SQL记录
connectionProperties: druid.stat.mergeSql\=true;druid.stat.slowSqlMillis\=5000
wall:
multi-statement-allow: true

3
safety-eval-start/src/main/resources/nacos/config-port.yml Normal file
View File

@ -0,0 +1,3 @@
server:
port: 80
debug: true

14
safety-eval-start/src/main/resources/nacos/config-redis.yml Normal file
View File

@ -0,0 +1,14 @@
spring:
redis:
host: ${common.redis.host}
password: ${common.redis.password}
port: ${common.redis.port}
timeout: 15000
database: 0
prefix: dragon
jedis:
pool:
max-active: 600
max-idle: 300
max-wait: 15000
min-idle: 10

19
safety-eval-start/src/main/resources/nacos/config-sdk.yml Normal file
View File

@ -0,0 +1,19 @@
sdk:
server:
symmetry-url: jjb-saas-application/application/applications/server/secure/
app-key: jjb-saas-dragon
client:
security:
gateway: ${gateway.network.http.external}
appKey: ${sdk.client.app-key}
desensitization:
symmetric-key: 1234567887654321
logging:
gateway: ${sdk.client.security.gateway}
appKey: ${sdk.client.security.app-key}
clientLoggingEnable: true
level: debug
username: user
password: 123456
showConsoleLog: true
formatConsoleLogJson: true

89
safety-eval-start/src/main/resources/nacos/config-spring.yml Normal file
View File

@ -0,0 +1,89 @@
spring:
zipkin:
#zipkin服务所在地址
base-url: http://jjb-saas-zipkin/
sender:
type: web #使用http的方式传输数据
#配置采样百分比
sleuth:
sampler:
probability: 1 # 将采样比例设置为 1.0也就是全部都需要。默认是0.1也就是10%一般情况下10%就够用了
web:
resources:
cache:
cachecontrol:
no-store: false
max-age: 10000
no-cache: false
autoconfigure:
exclude: com.alibaba.druid.spring.boot.autoconfigure.DruidDataSourceAutoConfigure
main:
allow-bean-definition-overriding: true
mvc:
pathmatch:
matching-strategy: ant_path_matcher
messages:
basename: i18n.message
encoding: UTF-8
flyway:
# 是否启用flyway
enabled: true
# 编码格式默认UTF-8
encoding: UTF-8
# 迁移sql脚本文件存放路径默认db/migration
locations: classpath:db/migration
# 迁移sql脚本文件名称的前缀默认V
sql-migration-prefix: V
# 迁移sql脚本文件名称的分隔符默认2个下划线__
sql-migration-separator: __
# 迁移sql脚本文件名称的后缀
sql-migration-suffixes: .sql
# 迁移时是否进行校验默认true
validate-on-migrate: true
# 当迁移发现数据库非空且存在没有元数据的表时自动执行基准迁移新建schema_version表
baseline-on-migrate: true
server:
tomcat:
max-http-post-size: 200MB
connection-timeout: 180000
fastjson:
parser:
safeMode: true
mvc:
pathmatch:
matching-strategy: ANT_PATH_MATCHER
thymeleaf:
prefix: classpath:/templates/
cache: false
dubbo:
application:
name: ${spring.application.name}
registry:
timeout: 20000
address: nacos://${spring.cloud.nacos.config.server-addr}?namespace=${spring.cloud.nacos.config.namespace}-facade
check: false
filter: providerContextFilter
protocol:
port: -1
name: dubbo
consumer:
timeout: 20000
check: false
filter: consumerContextFilter
logging:
config: classpath:jjb-saas-logback-spring.xml
level:
com.alibaba.nacos.client.naming: OFF
com.alibaba.nacos.client.config.impl: OFF
com.alibaba.nacos.common.remote.client: OFF
datapermssion:
tenantcondition:
defaultversion: NEWERSION
easy-retry:
server:
host: http://jjb-saas-config
port: 1788

18
safety-eval-start/src/main/resources/nacos/jjb-saas-demo.yml Normal file
View File

@ -0,0 +1,18 @@
sdk:
client:
app-key: e6ab3c9abda747b39d7cc12b6dc0f5a0
gateway:
url: ${common.gateway.network.http.intranet}
swagger:
enabled: ${common.swagger.enabled}
title: 例子
description: 这是例子项目
version: ${application.version}
group-name: 例子
springfox:
documentation:
swagger-ui:
base-url: ${application.gateway}
swagger:
v2:
path: /${application.gateway}/v2/api-docs

51
safety-eval-start/src/main/resources/sdk-prod2.yml Normal file
View File

@ -0,0 +1,51 @@
sdk:
server:
app-key: 8790123e6cf1441d9e618346e9c7a17f
client:
gateway:
url: ${common.gateway.network.http.external}
route:
- client:
system-code: ${application.name}
name: ${application.cn-name}-后端
group-code: public_api
service:
system-code: ${application.name}
name: ${application.cn-name}-后端
group-code: public_api
strip-prefix: 0
uri: http://${application.name}
path: /${application.gateway}/**
- client:
system-code: ${application.name}-container
name: ${application.cn-name}-前端
group-code: public_api
service:
system-code: ${application.name}-container
name: ${application.cn-name}-前端
group-code: public_api
strip-prefix: 0
uri: http://jjb-saas-base
path: /${application.gateway}/container/**
order: -2
openapi:
appId: 2070081274042777600
appKey: dd367066994a4e93a49e847f26462f60
appSecret: 9dc007e9-54a1-46d2-af11-589ad117454f
appPublicKey: 3059301306072a8648ce3d020106082a811ccf5501822d03420004023c307eab0553b42f6bc983c299ca2f61f4779846742572a0022c3fd33260997281fd57202bad8e9b9b55da8bda311acc1ac49873ba70f583e0245a7c9fa3aa
appPrivateKey: 3059301306072a8648ce3d020106082a811ccf5501822d0342000446043bd54674d84483cf64b72afa7e6b01b8ca2932a59317ff456c7c047636e39f7a1f00379f79cfba280446195e5b0c2bc34727dac6fd3a8206f2d856ed84d4
encryptType: SM2
platform:
- name: default
openPublicKey: 3059301306072a8648ce3d020106082a811ccf5501822d03420004023c307eab0553b42f6bc983c299ca2f61f4779846742572a0022c3fd33260997281fd57202bad8e9b9b55da8bda311acc1ac49873ba70f583e0245a7c9fa3aa
url: ${common.gateway.network.http.intranet}
protocol: HTTP
defaultPlatform: true
##ciphertext plaintext
type: plaintext
apiPlatform:
- name: default
#多个可以逗号隔开
apiCode: test:01
#多个可以逗号隔开,可以为空
tenantIds: 1838408702262321152