From fb695b0c5768ad7501fef5c05a642cacd3bb442d Mon Sep 17 00:00:00 2001 From: Vinceeee <491323832@qq.com> Date: Thu, 4 Dec 2025 14:54:20 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E6=94=AF=E6=8C=81=E8=93=9D=E9=B2=B8?= =?UTF-8?q?=E6=8F=92=E4=BB=B6=E6=A1=86=E6=9E=B6=E6=B7=BB=E5=8A=A0=E7=BD=91?= =?UTF-8?q?=E5=85=B3=E9=89=B4=E6=9D=83=20--story=3D129089299?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../management/commands/data/api-definition.yml | 8 ++++++++ .../bpf_service/management/commands/sync_plugin_apigw.py | 2 ++ .../bk-plugin-runtime/bk_plugin_runtime/config/default.py | 4 ++++ 3 files changed, 14 insertions(+) diff --git a/bk-plugin-framework/bk_plugin_framework/services/bpf_service/management/commands/data/api-definition.yml b/bk-plugin-framework/bk_plugin_framework/services/bpf_service/management/commands/data/api-definition.yml index aa271f3..3bfdd5d 100644 --- a/bk-plugin-framework/bk_plugin_framework/services/bpf_service/management/commands/data/api-definition.yml +++ b/bk-plugin-framework/bk_plugin_framework/services/bpf_service/management/commands/data/api-definition.yml @@ -23,5 +23,13 @@ stage: max_age: 86400 allow_credential: true +{% if settings.BK_APIGW_GRANTED_APPS %} +grant_permissions: + {% for app_code in settings.BK_APIGW_GRANTED_APPS %} + - bk_app_code: {{ app_code }} + grant_dimension: "gateway" + {% endfor %} +{% endif %} + release: comment: "auto release by bk-plugin-runtime" diff --git a/bk-plugin-framework/bk_plugin_framework/services/bpf_service/management/commands/sync_plugin_apigw.py b/bk-plugin-framework/bk_plugin_framework/services/bpf_service/management/commands/sync_plugin_apigw.py index d4594b8..eb224ab 100644 --- a/bk-plugin-framework/bk_plugin_framework/services/bpf_service/management/commands/sync_plugin_apigw.py +++ b/bk-plugin-framework/bk_plugin_framework/services/bpf_service/management/commands/sync_plugin_apigw.py @@ -27,6 +27,8 @@ def handle(self, *args, **kwargs): call_command("sync_apigw_resources", file=resources_file_path) print("[bk-plugin-framework]call sync_apigw_strategies with definition: %s" % definition_file_path) call_command("sync_apigw_strategies", file=definition_file_path) + print("[bk-plugin-framework]call grant_apigw_permissions with definition: %s" % definition_file_path) + call_command("grant_apigw_permissions", file=definition_file_path) # if getattr(settings, "BK_APIGW_CORS_ALLOW_ORIGINS"): # strategy_cors_file_path = os.path.join(__file__.rsplit("/", 1)[0], "data/api-strategy-cors.yml") diff --git a/runtime/bk-plugin-runtime/bk_plugin_runtime/config/default.py b/runtime/bk-plugin-runtime/bk_plugin_runtime/config/default.py index ed03fe5..5a60cde 100644 --- a/runtime/bk-plugin-runtime/bk_plugin_runtime/config/default.py +++ b/runtime/bk-plugin-runtime/bk_plugin_runtime/config/default.py @@ -253,3 +253,7 @@ def logging_addition_settings(logging_dict): BK_APIGW_CORS_ALLOW_METHODS = os.getenv("BK_APIGW_CORS_ALLOW_METHODS", "") BK_APIGW_CORS_ALLOW_HEADERS = os.getenv("BK_APIGW_CORS_ALLOW_HEADERS", "") BK_APIGW_DEFAULT_TIMEOUT = int(os.getenv("BK_APIGW_DEFAULT_TIMEOUT", "60")) +BK_APIGW_GRANTED_APPS = [BK_APP_CODE] + [ + each.strip() for each in os.getenv("BK_APIGW_GRANTED_APPS", "").split(",") + if each.strip() +]