fix(mysql): 优化随机账号的添加 #9105

TencentBlueKing · Jan 17, 2025 · 1485770 · 1485770
1 parent 463490e
commit 1485770
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 5 deletions.
diff --git a/dbm-ui/backend/flow/plugins/components/collections/common/create_random_job_user.py b/dbm-ui/backend/flow/plugins/components/collections/common/create_random_job_user.py
@@ -19,7 +19,10 @@
 from backend.db_meta.exceptions import ClusterNotExistException
 from backend.db_meta.models import Cluster
 from backend.flow.plugins.components.collections.common.base_service import BaseService
-from backend.flow.utils.mysql.common.random_job_with_ticket_map import get_instance_with_random_job
+from backend.flow.utils.mysql.common.random_job_with_ticket_map import (
+    TICKET_TYPE_SENSITIVE_LIST,
+    get_instance_with_random_job,
+)
 from backend.flow.utils.mysql.get_mysql_sys_user import generate_mysql_tmp_user
 
 logger = logging.getLogger("flow")
@@ -94,11 +97,15 @@ def _execute(self, data, parent_data, callback=None) -> bool:
                 common_param["hosts"] = ["localhost", inst["instance"].split(":")[0]]
                 common_param["role"] = inst["priv_role"]
                 if not self.__add_priv(common_param):
-                    if inst["cmdb_status"] == InstanceStatus.RUNNING:
+                    if inst["cmdb_status"] == InstanceStatus.RUNNING or (
+                        inst["cmdb_status"] != InstanceStatus.RUNNING
+                        and global_data.get("ticket_type", "test") in TICKET_TYPE_SENSITIVE_LIST
+                    ):
                         # 如果实例是running状态，应该记录错误，并且返回异常
+                        # 如果实例非running状态，且单据类型加入敏感队列，则需要记录错误，并且返回异常
                         err_num = err_num + 1
                     else:
-                        # 如果是非running状态，标记warning信息，但不作异常处理
+                        # 如果是非running状态，默认标记warning信息，但不作异常处理
                         self.log_warning(f"[{inst['instance']} is not running in dbm [{inst['cmdb_status']}],ignore]")
                         continue
 

diff --git a/dbm-ui/backend/flow/plugins/components/collections/common/drop_random_job_user.py b/dbm-ui/backend/flow/plugins/components/collections/common/drop_random_job_user.py
@@ -19,7 +19,10 @@
 from backend.db_meta.exceptions import ClusterNotExistException
 from backend.db_meta.models import Cluster
 from backend.flow.plugins.components.collections.common.base_service import BaseService
-from backend.flow.utils.mysql.common.random_job_with_ticket_map import get_instance_with_random_job
+from backend.flow.utils.mysql.common.random_job_with_ticket_map import (
+    TICKET_TYPE_SENSITIVE_LIST,
+    get_instance_with_random_job,
+)
 from backend.flow.utils.mysql.get_mysql_sys_user import generate_mysql_tmp_user
 from backend.flow.utils.mysql.mysql_version_parse import mysql_version_parse
 from backend.ticket.constants import TicketType
@@ -69,8 +72,11 @@ def drop_jor_user(self, cluster: Cluster, root_id: str, ticket_type: TicketType)
             for info in resp[0]["cmd_results"]:
                 # 其实只是一行
                 if info["error_msg"]:
-                    if instance["cmdb_status"] == InstanceStatus.RUNNING.value:
+                    if instance["cmdb_status"] == InstanceStatus.RUNNING.value or (
+                        instance["cmdb_status"] != InstanceStatus.RUNNING and ticket_type in TICKET_TYPE_SENSITIVE_LIST
+                    ):
                         # 如果实例是running状态，应该记录错误，并且返回异常
+                        # 如果实例非running状态，且单据类型加入敏感队列，则需要记录错误，并且返回异常
                         self.log_error(
                             f"The result [drop user `{user}`] in {instance['instance']}" f" is [{info['error_msg']}]"
                         )

diff --git a/dbm-ui/backend/flow/utils/mysql/common/random_job_with_ticket_map.py b/dbm-ui/backend/flow/utils/mysql/common/random_job_with_ticket_map.py
@@ -51,8 +51,22 @@ class RuleDict:
     TicketType.TENDBCLUSTER_IMPORT_SQLFILE: RuleDict(is_tdbctl_primary_add=True),
     # tendb_cluster集群强制SQL执行添加账号规则
     TicketType.TENDBCLUSTER_FORCE_IMPORT_SQLFILE: RuleDict(is_tdbctl_primary_add=True),
+    # tendb_cluster模拟执行规则
+    TicketType.MYSQL_SEMANTIC_CHECK: RuleDict(
+        exec_storage_instance_role_list=[InstanceRole.BACKEND_MASTER, InstanceRole.ORPHAN]
+    ),
+    # tendb_cluster集群模拟执行添加账号规则
+    TicketType.TENDBCLUSTER_SEMANTIC_CHECK: RuleDict(is_tdbctl_primary_add=True),
 }
 
+"""
+定义单据类型是否强制添加临时账号的逻辑
+默认情况下，授权中如果UNAVAILABLE状态的实例授权失败了，只是告警级别，不异常退出
+这里则定义那些单据，如果UNAVAILABLE状态的实例授权失败，则异常退出
+需要开启的单据则在TICKET_TYPE_SENSITIVE_LIST 列表添加对应单据类型即可
+"""
+TICKET_TYPE_SENSITIVE_LIST = []
+
 
 def get_instance_with_random_job(cluster: Cluster, ticket_type: TicketType):
     """