From 3bd32976321dd0756bd0dcb2d0ee378620bf83f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B1=88=E8=BD=A9?= Date: Wed, 29 Nov 2023 14:53:41 +0800 Subject: [PATCH] =?UTF-8?q?fix(region):=20=E5=8F=AA=E8=AF=BB=E8=B4=A6?= =?UTF-8?q?=E5=8F=B7=E5=A2=9E=E9=87=8F=E6=9B=B4=E6=96=B0=E6=A0=87=E7=AD=BE?= =?UTF-8?q?=20(#18811)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pkg/cloudcommon/db/interface.go | 4 +-- pkg/cloudcommon/db/metadata.go | 15 ++++++++ pkg/cloudcommon/db/standalone_anon.go | 26 ++++++++++---- pkg/compute/guestdrivers/managedvirtual.go | 2 +- pkg/compute/hostdrivers/managedvirtual.go | 4 ++- pkg/compute/models/app.go | 9 +++-- pkg/compute/models/buckets.go | 15 ++++++-- pkg/compute/models/cdn_domains.go | 7 ++-- pkg/compute/models/cloudregions.go | 4 +-- pkg/compute/models/cloudsync.go | 2 +- pkg/compute/models/dbinstances.go | 9 +++-- pkg/compute/models/disks.go | 10 +++--- pkg/compute/models/dnszones.go | 6 ++-- pkg/compute/models/elastic_search.go | 10 ++++-- pkg/compute/models/elasticcache_instances.go | 9 +++-- pkg/compute/models/elasticips.go | 9 +++-- pkg/compute/models/external_projects.go | 4 +-- pkg/compute/models/filesystem.go | 9 +++-- pkg/compute/models/globalvpcs.go | 2 +- pkg/compute/models/guests.go | 15 ++++++-- pkg/compute/models/hosts.go | 4 ++- pkg/compute/models/ipv6_gateways.go | 7 ++-- pkg/compute/models/kafka.go | 10 ++++-- pkg/compute/models/kube_clusters.go | 6 ++-- pkg/compute/models/kube_node_pools.go | 6 ++-- pkg/compute/models/kube_nodes.go | 9 +++-- .../models/loadbalancerbackendgroups.go | 4 ++- pkg/compute/models/loadbalancerbackends.go | 6 ++-- pkg/compute/models/loadbalancercachedacls.go | 10 +++--- .../models/loadbalancercachedcertificates.go | 4 +-- .../models/loadbalancerlistenerrules.go | 4 +-- pkg/compute/models/loadbalancerlisteners.go | 6 ++-- pkg/compute/models/loadbalancers.go | 9 +++-- pkg/compute/models/miscresources.go | 7 ++-- pkg/compute/models/modelarts_pools.go | 8 ++--- pkg/compute/models/mongodb.go | 9 +++-- pkg/compute/models/natdtable.go | 12 ++++--- pkg/compute/models/natgateways.go | 15 ++++++-- pkg/compute/models/natstable.go | 12 ++++--- pkg/compute/models/networkinterfaces.go | 6 ++-- pkg/compute/models/networks.go | 2 +- pkg/compute/models/routetables.go | 7 ++-- pkg/compute/models/secgroups.go | 10 ++++-- pkg/compute/models/snapshotpolicy.go | 2 +- pkg/compute/models/snapshots.go | 6 ++-- pkg/compute/models/sslcertificate.go | 8 +++-- pkg/compute/models/storages.go | 36 ++++++++++--------- pkg/compute/models/syncutils.go | 24 ++++++------- pkg/compute/models/tablestores.go | 7 ++-- pkg/compute/models/vpc_peering_connections.go | 4 ++- pkg/compute/models/vpcs.go | 2 +- pkg/compute/models/waf_instances.go | 9 +++-- pkg/compute/models/wires.go | 4 +-- pkg/compute/models/zones.go | 4 +-- pkg/compute/regiondrivers/managedvirtual.go | 4 ++- 55 files changed, 310 insertions(+), 144 deletions(-) diff --git a/pkg/cloudcommon/db/interface.go b/pkg/cloudcommon/db/interface.go index 1b621caa1b7..b8e8da5fa57 100644 --- a/pkg/cloudcommon/db/interface.go +++ b/pkg/cloudcommon/db/interface.go @@ -296,9 +296,9 @@ type IStandaloneModel interface { SetUserMetadataValues(ctx context.Context, dictstore map[string]string, userCred mcclient.TokenCredential) error SetUserMetadataAll(ctx context.Context, dictstore map[string]string, userCred mcclient.TokenCredential) error - SetCloudMetadataAll(ctx context.Context, dictstore map[string]string, userCred mcclient.TokenCredential) error + SetCloudMetadataAll(ctx context.Context, dictstore map[string]string, userCred mcclient.TokenCredential, readOnly bool) error SetOrganizationMetadataAll(ctx context.Context, dictstore map[string]string, userCred mcclient.TokenCredential) error - SetSysCloudMetadataAll(ctx context.Context, dictstore map[string]string, userCred mcclient.TokenCredential) error + SetSysCloudMetadataAll(ctx context.Context, dictstore map[string]string, userCred mcclient.TokenCredential, readOnly bool) error RemoveMetadata(ctx context.Context, key string, userCred mcclient.TokenCredential) error RemoveAllMetadata(ctx context.Context, userCred mcclient.TokenCredential) error diff --git a/pkg/cloudcommon/db/metadata.go b/pkg/cloudcommon/db/metadata.go index b6c54d74b9a..90751fee90c 100644 --- a/pkg/cloudcommon/db/metadata.go +++ b/pkg/cloudcommon/db/metadata.go @@ -642,6 +642,21 @@ func (manager *SMetadataManager) rawSetValues(ctx context.Context, objType strin return changes, nil } +func (manager *SMetadataManager) SetAllWithoutDelelte(ctx context.Context, obj IModel, store map[string]interface{}, userCred mcclient.TokenCredential) error { + lockman.LockObject(ctx, obj) + defer lockman.ReleaseObject(ctx, obj) + + changes, err := manager.rawSetValues(ctx, obj.Keyword(), obj.GetId(), infMap2StrMap(store), false, "") + if err != nil { + return errors.Wrap(err, "setValues") + } + + if len(changes) > 0 { + OpsLog.LogEvent(obj.GetIModel(), ACT_SET_METADATA, jsonutils.Marshal(changes), userCred) + } + return nil +} + func (manager *SMetadataManager) SetAll(ctx context.Context, obj IModel, store map[string]interface{}, userCred mcclient.TokenCredential, delRange string) error { lockman.LockObject(ctx, obj) defer lockman.ReleaseObject(ctx, obj) diff --git a/pkg/cloudcommon/db/standalone_anon.go b/pkg/cloudcommon/db/standalone_anon.go index 563e51e81be..c9d84b683c9 100644 --- a/pkg/cloudcommon/db/standalone_anon.go +++ b/pkg/cloudcommon/db/standalone_anon.go @@ -321,20 +321,30 @@ func (model *SStandaloneAnonResourceBase) SetUserMetadataAll(ctx context.Context return nil } -func (model *SStandaloneAnonResourceBase) SetCloudMetadataAll(ctx context.Context, dictstore map[string]string, userCred mcclient.TokenCredential) error { +func (model *SStandaloneAnonResourceBase) SetCloudMetadataAll(ctx context.Context, dictstore map[string]string, userCred mcclient.TokenCredential, readOnly bool) error { var err error dictStore, err := ensurePrefixString(dictstore, CLOUD_TAG_PREFIX) if err != nil { return errors.Wrap(err, "ensurePrefix") } - err = Metadata.SetAll(ctx, model, dictStore, userCred, CLOUD_TAG_PREFIX) - if err != nil { - return errors.Wrap(err, "SetAll") + if readOnly { + err = Metadata.SetAllWithoutDelelte(ctx, model, dictStore, userCred) + if err != nil { + return errors.Wrap(err, "SetAll") + } + } else { + err = Metadata.SetAll(ctx, model, dictStore, userCred, CLOUD_TAG_PREFIX) + if err != nil { + return errors.Wrap(err, "SetAll") + } } userTags := map[string]interface{}{} for k, v := range dictstore { userTags[strings.Replace(k, CLOUD_TAG_PREFIX, USER_TAG_PREFIX, 1)] = v } + if readOnly { + return Metadata.SetAllWithoutDelelte(ctx, model, userTags, userCred) + } return Metadata.SetAll(ctx, model, userTags, userCred, USER_TAG_PREFIX) } @@ -494,12 +504,16 @@ func (model *SStandaloneAnonResourceBase) IsInSameClass(ctx context.Context, pMo return IsInSameClass(ctx, model, pModel) } -func (model *SStandaloneAnonResourceBase) SetSysCloudMetadataAll(ctx context.Context, dictstore map[string]string, userCred mcclient.TokenCredential) error { +func (model *SStandaloneAnonResourceBase) SetSysCloudMetadataAll(ctx context.Context, dictstore map[string]string, userCred mcclient.TokenCredential, readOnly bool) error { dictStore, err := ensurePrefixString(dictstore, SYS_CLOUD_TAG_PREFIX) if err != nil { return errors.Wrap(err, "ensurePrefixString") } - err = Metadata.SetAll(ctx, model, dictStore, userCred, SYS_CLOUD_TAG_PREFIX) + if readOnly { + err = Metadata.SetAllWithoutDelelte(ctx, model, dictStore, userCred) + } else { + err = Metadata.SetAll(ctx, model, dictStore, userCred, SYS_CLOUD_TAG_PREFIX) + } if err != nil { return errors.Wrap(err, "SetAll") } diff --git a/pkg/compute/guestdrivers/managedvirtual.go b/pkg/compute/guestdrivers/managedvirtual.go index 22aa5b358e1..a4fc71e65db 100644 --- a/pkg/compute/guestdrivers/managedvirtual.go +++ b/pkg/compute/guestdrivers/managedvirtual.go @@ -1417,7 +1417,7 @@ func (drv *SManagedVirtualizedGuestDriver) RequestRemoteUpdate(ctx context.Conte // sync back cloud metadata iVM.Refresh() guest.SyncOsInfo(ctx, userCred, iVM) - err = models.SyncVirtualResourceMetadata(ctx, userCred, guest, iVM) + err = models.SyncVirtualResourceMetadata(ctx, userCred, guest, iVM, false) if err != nil { return errors.Wrap(err, "syncVirtualResourceMetadata") } diff --git a/pkg/compute/hostdrivers/managedvirtual.go b/pkg/compute/hostdrivers/managedvirtual.go index 1e138e9e3d0..33f885e557b 100644 --- a/pkg/compute/hostdrivers/managedvirtual.go +++ b/pkg/compute/hostdrivers/managedvirtual.go @@ -272,7 +272,9 @@ func (self *SManagedVirtualizationHostDriver) RequestAllocateDiskOnStorage(ctx c cloudprovider.WaitStatus(iDisk, api.DISK_READY, time.Second*5, time.Minute*5) - models.SyncVirtualResourceMetadata(ctx, task.GetUserCred(), disk, iDisk) + if account := host.GetCloudaccount(); account != nil { + models.SyncVirtualResourceMetadata(ctx, task.GetUserCred(), disk, iDisk, account.ReadOnly) + } data := jsonutils.NewDict() data.Add(jsonutils.NewInt(int64(iDisk.GetDiskSizeMB())), "disk_size") diff --git a/pkg/compute/models/app.go b/pkg/compute/models/app.go index 6d8748105bb..006c4a2f3ba 100644 --- a/pkg/compute/models/app.go +++ b/pkg/compute/models/app.go @@ -295,7 +295,7 @@ func (self *SCloudregion) newFromCloudApp(ctx context.Context, userCred mcclient return &app, errors.Wrap(result.AllError(), "unable to SyncAppEnvironments") } SyncCloudProject(ctx, userCred, &app, provider.GetOwnerId(), ext, provider.Id) - syncVirtualResourceMetadata(ctx, userCred, &app, ext) + syncVirtualResourceMetadata(ctx, userCred, &app, ext, false) db.OpsLog.LogEvent(&app, db.ACT_CREATE, app.GetShortDesc(ctx), userCred) notifyclient.EventNotify(ctx, userCred, notifyclient.SEventNotifyParam{ @@ -372,7 +372,9 @@ func (a *SApp) SyncWithCloudApp(ctx context.Context, userCred mcclient.TokenCred Action: notifyclient.ActionSyncUpdate, }) } - syncVirtualResourceMetadata(ctx, userCred, a, ext) + if account, _ := provider.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, a, ext, account.ReadOnly) + } return nil } @@ -448,6 +450,9 @@ func (self *SApp) OnMetadataUpdated(ctx context.Context, userCred mcclient.Token if len(self.ExternalId) == 0 { return } + if account := self.GetCloudaccount(); account != nil && account.ReadOnly { + return + } err := self.StartRemoteUpdateTask(ctx, userCred, true, "") if err != nil { log.Errorf("StartRemoteUpdateTask fail: %s", err) diff --git a/pkg/compute/models/buckets.go b/pkg/compute/models/buckets.go index 13a20715885..d232fc184c8 100644 --- a/pkg/compute/models/buckets.go +++ b/pkg/compute/models/buckets.go @@ -245,7 +245,7 @@ func (manager *SBucketManager) newFromCloudBucket( }) bucket.SyncShareState(ctx, userCred, provider.getAccountShareInfo()) - syncVirtualResourceMetadata(ctx, userCred, &bucket, extBucket) + syncVirtualResourceMetadata(ctx, userCred, &bucket, extBucket, false) db.OpsLog.LogEvent(&bucket, db.ACT_CREATE, bucket.GetShortDesc(ctx), userCred) return &bucket, nil @@ -318,7 +318,9 @@ func (bucket *SBucket) syncWithCloudBucket( return errors.Wrap(err, "db.UpdateWithLock") } - syncVirtualResourceMetadata(ctx, userCred, bucket, extBucket) + if account := bucket.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, bucket, extBucket, account.ReadOnly) + } db.OpsLog.LogSyncUpdate(bucket, diff, userCred) if len(diff) > 0 { @@ -1738,6 +1740,9 @@ func (bucket *SBucket) OnMetadataUpdated(ctx context.Context, userCred mcclient. if len(bucket.ExternalId) == 0 { return } + if account := bucket.GetCloudaccount(); account != nil && account.ReadOnly { + return + } iBucket, err := bucket.GetIBucket(ctx) if err != nil { return @@ -1754,7 +1759,11 @@ func (bucket *SBucket) OnMetadataUpdated(ctx context.Context, userCred mcclient. if diff.IsChanged() { logclient.AddSimpleActionLog(bucket, logclient.ACT_UPDATE_TAGS, diff, userCred, true) } - syncVirtualResourceMetadata(ctx, userCred, bucket, iBucket) + readOnly := false + if account := bucket.GetCloudaccount(); account != nil { + readOnly = account.ReadOnly + } + syncVirtualResourceMetadata(ctx, userCred, bucket, iBucket, readOnly) } func (manager *SBucketManager) ListItemExportKeys(ctx context.Context, diff --git a/pkg/compute/models/cdn_domains.go b/pkg/compute/models/cdn_domains.go index 5c1973ec309..1bae9023fff 100644 --- a/pkg/compute/models/cdn_domains.go +++ b/pkg/compute/models/cdn_domains.go @@ -286,7 +286,10 @@ func (self *SCDNDomain) SyncWithCloudCDNDomain(ctx context.Context, userCred mcc }) } - syncVirtualResourceMetadata(ctx, userCred, self, ext) + if account := self.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, self, ext, account.ReadOnly) + } + if provider := self.GetCloudprovider(); provider != nil { SyncCloudProject(ctx, userCred, self, provider.GetOwnerId(), ext, self.ManagerId) } @@ -319,7 +322,7 @@ func (self *SCloudprovider) newFromCloudCDNDomain(ctx context.Context, userCred return nil, err } - syncVirtualResourceMetadata(ctx, userCred, &domain, ext) + syncVirtualResourceMetadata(ctx, userCred, &domain, ext, false) SyncCloudProject(ctx, userCred, &domain, self.GetOwnerId(), ext, self.Id) db.OpsLog.LogEvent(&domain, db.ACT_CREATE, domain.GetShortDesc(ctx), userCred) diff --git a/pkg/compute/models/cloudregions.go b/pkg/compute/models/cloudregions.go index 4c68ab1a433..a7904c00411 100644 --- a/pkg/compute/models/cloudregions.go +++ b/pkg/compute/models/cloudregions.go @@ -539,7 +539,7 @@ func (manager *SCloudregionManager) SyncRegions( if err != nil { syncResult.UpdateError(err) } else { - syncMetadata(ctx, userCred, &commondb[i], commonext[i]) + syncMetadata(ctx, userCred, &commondb[i], commonext[i], false) cpr := CloudproviderRegionManager.FetchByIdsOrCreate(cloudProvider.Id, commondb[i].Id) cpr.setCapabilities(ctx, userCred, commonext[i].GetCapabilities()) cloudProviderRegions = append(cloudProviderRegions, *cpr) @@ -553,7 +553,7 @@ func (manager *SCloudregionManager) SyncRegions( if err != nil { syncResult.AddError(err) } else { - syncMetadata(ctx, userCred, new, added[i]) + syncMetadata(ctx, userCred, new, added[i], false) cpr := CloudproviderRegionManager.FetchByIdsOrCreate(cloudProvider.Id, new.Id) cpr.setCapabilities(ctx, userCred, added[i].GetCapabilities()) cloudProviderRegions = append(cloudProviderRegions, *cpr) diff --git a/pkg/compute/models/cloudsync.go b/pkg/compute/models/cloudsync.go index 17ab1d36860..709a56130e2 100644 --- a/pkg/compute/models/cloudsync.go +++ b/pkg/compute/models/cloudsync.go @@ -1007,7 +1007,7 @@ func syncHostStorages(ctx context.Context, userCred mcclient.TokenCredential, sy newCacheIds := make([]sStoragecacheSyncPair, 0) for i := 0; i < len(localStorages); i += 1 { - syncMetadata(ctx, userCred, &localStorages[i], remoteStorages[i]) + syncMetadata(ctx, userCred, &localStorages[i], remoteStorages[i], false) if !isInCache(storageCachePairs, localStorages[i].StoragecacheId) && !isInCache(newCacheIds, localStorages[i].StoragecacheId) { cachePair, err := syncStorageCaches(ctx, userCred, provider, &localStorages[i], remoteStorages[i], xor) if err != nil { diff --git a/pkg/compute/models/dbinstances.go b/pkg/compute/models/dbinstances.go index 66f72927625..760a3a9abd4 100644 --- a/pkg/compute/models/dbinstances.go +++ b/pkg/compute/models/dbinstances.go @@ -1735,7 +1735,9 @@ func (self *SDBInstance) SyncWithCloudDBInstance(ctx context.Context, userCred m if err != nil { return err } - syncVirtualResourceMetadata(ctx, userCred, self, ext) + if account := self.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, self, ext, account.ReadOnly) + } SyncCloudProject(ctx, userCred, self, provider.GetOwnerId(), ext, provider.Id) db.OpsLog.LogSyncUpdate(self, diff, userCred) if len(diff) > 0 { @@ -1832,7 +1834,7 @@ func (manager *SDBInstanceManager) newFromCloudDBInstance(ctx context.Context, u return nil, errors.Wrapf(err, "newFromCloudDBInstance.Insert") } - syncVirtualResourceMetadata(ctx, userCred, &instance, extInstance) + syncVirtualResourceMetadata(ctx, userCred, &instance, extInstance, false) SyncCloudProject(ctx, userCred, &instance, provider.GetOwnerId(), extInstance, provider.Id) db.OpsLog.LogEvent(&instance, db.ACT_CREATE, instance.GetShortDesc(ctx), userCred) @@ -2088,6 +2090,9 @@ func (self *SDBInstance) OnMetadataUpdated(ctx context.Context, userCred mcclien if len(self.ExternalId) == 0 { return } + if account := self.GetCloudaccount(); account != nil && account.ReadOnly { + return + } err := self.StartRemoteUpdateTask(ctx, userCred, true, "") if err != nil { log.Errorf("StartRemoteUpdateTask fail: %s", err) diff --git a/pkg/compute/models/disks.go b/pkg/compute/models/disks.go index 42d6824cdd9..6ea49b36c0a 100644 --- a/pkg/compute/models/disks.go +++ b/pkg/compute/models/disks.go @@ -1746,7 +1746,9 @@ func (self *SDisk) syncWithCloudDisk(ctx context.Context, userCred mcclient.Toke }) } - syncVirtualResourceMetadata(ctx, userCred, self, extDisk) + if account := storage.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, self, extDisk, account.ReadOnly) + } if len(guests) == 0 { SyncCloudProject(ctx, userCred, self, syncOwnerId, extDisk, storage.ManagerId) @@ -1823,7 +1825,7 @@ func (manager *SDiskManager) newFromCloudDisk(ctx context.Context, userCred mccl log.Warningln("SyncAttachDiskExt:", err) } - syncVirtualResourceMetadata(ctx, userCred, &disk, extDisk) + syncVirtualResourceMetadata(ctx, userCred, &disk, extDisk, false) SyncCloudProject(ctx, userCred, &disk, syncOwnerId, extDisk, storage.ManagerId) @@ -3100,7 +3102,7 @@ func (self *SDisk) syncSnapshots(ctx context.Context, userCred mcclient.TokenCre if err != nil { syncResult.UpdateError(err) } else { - syncMetadata(ctx, userCred, &commondb[i], commonext[i]) + syncMetadata(ctx, userCred, &commondb[i], commonext[i], account.ReadOnly) syncResult.Update() } if !hasCreating && commonext[i].GetStatus() == api.SNAPSHOT_CREATING { @@ -3112,7 +3114,7 @@ func (self *SDisk) syncSnapshots(ctx context.Context, userCred mcclient.TokenCre if err != nil { syncResult.AddError(err) } else { - syncMetadata(ctx, userCred, local, added[i]) + syncMetadata(ctx, userCred, local, added[i], false) syncResult.Add() } if !hasCreating && added[i].GetStatus() == api.SNAPSHOT_CREATING { diff --git a/pkg/compute/models/dnszones.go b/pkg/compute/models/dnszones.go index 0d3111afb29..f19df338088 100644 --- a/pkg/compute/models/dnszones.go +++ b/pkg/compute/models/dnszones.go @@ -508,8 +508,10 @@ func (self *SDnsZone) syncWithDnsZone(ctx context.Context, userCred mcclient.Tok } privider := self.GetCloudprovider() - syncVirtualResourceMetadata(ctx, userCred, self, ext) if privider != nil { + if account, _ := provider.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, self, ext, account.ReadOnly) + } SyncCloudProject(ctx, userCred, self, provider.GetOwnerId(), ext, self.ManagerId) } @@ -531,7 +533,7 @@ func (self *SCloudprovider) newFromCloudDnsZone(ctx context.Context, userCred mc return nil, errors.Wrapf(err, "Insert") } - syncVirtualResourceMetadata(ctx, userCred, zone, ext) + syncVirtualResourceMetadata(ctx, userCred, zone, ext, false) SyncCloudProject(ctx, userCred, zone, self.GetOwnerId(), ext, self.Id) return zone, nil diff --git a/pkg/compute/models/elastic_search.go b/pkg/compute/models/elastic_search.go index 4171e79b759..8bf2f3a903e 100644 --- a/pkg/compute/models/elastic_search.go +++ b/pkg/compute/models/elastic_search.go @@ -507,7 +507,10 @@ func (self *SElasticSearch) SyncWithCloudElasticSearch(ctx context.Context, user }) } - syncVirtualResourceMetadata(ctx, userCred, self, ext) + if account := self.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, self, ext, account.ReadOnly) + } + if provider := self.GetCloudprovider(); provider != nil { SyncCloudProject(ctx, userCred, self, provider.GetOwnerId(), ext, provider.Id) } @@ -610,7 +613,7 @@ func (self *SCloudregion) newFromCloudElasticSearch(ctx context.Context, userCre Action: notifyclient.ActionSyncCreate, }) // 同步标签 - syncVirtualResourceMetadata(ctx, userCred, &es, ext) + syncVirtualResourceMetadata(ctx, userCred, &es, ext, false) // 同步项目归属 SyncCloudProject(ctx, userCred, &es, provider.GetOwnerId(), ext, provider.Id) @@ -696,6 +699,9 @@ func (self *SElasticSearch) OnMetadataUpdated(ctx context.Context, userCred mccl if len(self.ExternalId) == 0 { return } + if account := self.GetCloudaccount(); account != nil && account.ReadOnly { + return + } err := self.StartRemoteUpdateTask(ctx, userCred, true, "") if err != nil { log.Errorf("StartRemoteUpdateTask fail: %s", err) diff --git a/pkg/compute/models/elasticcache_instances.go b/pkg/compute/models/elasticcache_instances.go index d1b4dc8d7c6..f62f10c141f 100644 --- a/pkg/compute/models/elasticcache_instances.go +++ b/pkg/compute/models/elasticcache_instances.go @@ -638,7 +638,9 @@ func (self *SElasticcache) SyncWithCloudElasticcache(ctx context.Context, userCr return errors.Wrapf(err, "syncWithCloudElasticcache.Update") } SyncCloudProject(ctx, userCred, self, provider.GetOwnerId(), extInstance, provider.Id) - syncVirtualResourceMetadata(ctx, userCred, self, extInstance) + if account := self.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, self, extInstance, account.ReadOnly) + } db.OpsLog.LogSyncUpdate(self, diff, userCred) if len(diff) > 0 { notifyclient.EventNotify(ctx, userCred, notifyclient.SEventNotifyParam{ @@ -765,7 +767,7 @@ func (self *SCloudregion) newFromCloudElasticcache(ctx context.Context, userCred } SyncCloudProject(ctx, userCred, &instance, provider.GetOwnerId(), extInstance, provider.Id) - syncVirtualResourceMetadata(ctx, userCred, &instance, extInstance) + syncVirtualResourceMetadata(ctx, userCred, &instance, extInstance, false) db.OpsLog.LogEvent(&instance, db.ACT_CREATE, instance.GetShortDesc(ctx), userCred) notifyclient.EventNotify(ctx, userCred, notifyclient.SEventNotifyParam{ @@ -1718,6 +1720,9 @@ func (self *SElasticcache) OnMetadataUpdated(ctx context.Context, userCred mccli if len(self.ExternalId) == 0 { return } + if account := self.GetCloudaccount(); account != nil && account.ReadOnly { + return + } err := self.StartRemoteUpdateTask(ctx, userCred, true, "") if err != nil { log.Errorf("StartRemoteUpdateTask fail: %s", err) diff --git a/pkg/compute/models/elasticips.go b/pkg/compute/models/elasticips.go index 72ca12bfd40..b1d0c86c12f 100644 --- a/pkg/compute/models/elasticips.go +++ b/pkg/compute/models/elasticips.go @@ -576,7 +576,9 @@ func (self *SElasticip) SyncWithCloudEip(ctx context.Context, userCred mcclient. //if err != nil { // return errors.Wrap(err, "fail to sync associated instance of EIP") //} - syncVirtualResourceMetadata(ctx, userCred, self, ext) + if account := self.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, self, ext, account.ReadOnly) + } // eip有绑定资源,并且绑定资源是项目资源,eip项目信息跟随绑定资源 if res := self.GetAssociateResource(); res != nil && len(res.GetOwnerId().GetProjectId()) > 0 { @@ -643,7 +645,7 @@ func (manager *SElasticipManager) newFromCloudEip(ctx context.Context, userCred // return nil, errors.Wrap(err, "fail to sync associated instance of EIP") //} - syncVirtualResourceMetadata(ctx, userCred, &eip, extEip) + syncVirtualResourceMetadata(ctx, userCred, &eip, extEip, false) if res := eip.GetAssociateResource(); res != nil { eip.SyncCloudProjectId(userCred, res.GetOwnerId()) @@ -1958,6 +1960,9 @@ func (self *SElasticip) OnMetadataUpdated(ctx context.Context, userCred mcclient if len(self.ExternalId) == 0 { return } + if account := self.GetCloudaccount(); account != nil && account.ReadOnly { + return + } err := self.StartRemoteUpdateTask(ctx, userCred, true, "") if err != nil { log.Errorf("StartRemoteUpdateTask fail: %s", err) diff --git a/pkg/compute/models/external_projects.go b/pkg/compute/models/external_projects.go index eedb646b449..2c5b176ff60 100644 --- a/pkg/compute/models/external_projects.go +++ b/pkg/compute/models/external_projects.go @@ -473,7 +473,7 @@ func (self *SExternalProject) SyncWithCloudProject(ctx context.Context, userCred if len(tags) > 0 { identity.Projects.PerformAction(s, self.ProjectId, "user-metadata", jsonutils.Marshal(tags)) } - syncMetadata(ctx, userCred, self, ext) + syncMetadata(ctx, userCred, self, ext, account.ReadOnly) db.OpsLog.LogSyncUpdate(self, diff, userCred) return nil } @@ -616,7 +616,7 @@ func (manager *SExternalProjectManager) newFromCloudProject(ctx context.Context, identity.Projects.PerformAction(s, project.ProjectId, "user-metadata", jsonutils.Marshal(tags)) } - syncMetadata(ctx, userCred, &project, extProject) + syncMetadata(ctx, userCred, &project, extProject, account.ReadOnly) db.OpsLog.LogEvent(&project, db.ACT_CREATE, project.GetShortDesc(ctx), userCred) return &project, nil } diff --git a/pkg/compute/models/filesystem.go b/pkg/compute/models/filesystem.go index 3d939f323e9..b21da2316d6 100644 --- a/pkg/compute/models/filesystem.go +++ b/pkg/compute/models/filesystem.go @@ -370,7 +370,7 @@ func (fileSystem *SCloudregion) SyncFileSystems( result.AddError(err) continue } - syncMetadata(ctx, userCred, newFs, added[i]) + syncMetadata(ctx, userCred, newFs, added[i], false) localFSs = append(localFSs, *newFs) remoteFSs = append(remoteFSs, added[i]) result.Add() @@ -486,7 +486,9 @@ func (fileSystem *SFileSystem) SyncWithCloudFileSystem(ctx context.Context, user Action: notifyclient.ActionSyncUpdate, }) } - syncMetadata(ctx, userCred, fileSystem, fs) + if account := fileSystem.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, fileSystem, fs, account.ReadOnly) + } return nil } @@ -645,6 +647,9 @@ func (fileSystem *SFileSystem) OnMetadataUpdated(ctx context.Context, userCred m if len(fileSystem.ExternalId) == 0 { return } + if account := fileSystem.GetCloudaccount(); account != nil && account.ReadOnly { + return + } fileSystem.StartRemoteUpdateTask(ctx, userCred, true, "") } diff --git a/pkg/compute/models/globalvpcs.go b/pkg/compute/models/globalvpcs.go index 2579ce16fe1..deaa5bf1db7 100644 --- a/pkg/compute/models/globalvpcs.go +++ b/pkg/compute/models/globalvpcs.go @@ -532,7 +532,7 @@ func (self *SGlobalVpc) newFromCloudSecurityGroup( return nil }) - syncVirtualResourceMetadata(ctx, userCred, ret, ext) + syncVirtualResourceMetadata(ctx, userCred, ret, ext, false) SyncCloudProject(ctx, userCred, ret, syncOwnerId, ext, ret.ManagerId) rules, err := ext.GetRules() diff --git a/pkg/compute/models/guests.go b/pkg/compute/models/guests.go index bb4a4f6809f..fa0c3662b13 100644 --- a/pkg/compute/models/guests.go +++ b/pkg/compute/models/guests.go @@ -3098,7 +3098,9 @@ func (g *SGuest) syncWithCloudVM(ctx context.Context, userCred mcclient.TokenCre g.SyncOsInfo(ctx, userCred, extVM) - syncVirtualResourceMetadata(ctx, userCred, g, extVM) + if account := host.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, g, extVM, account.ReadOnly) + } SyncCloudProject(ctx, userCred, g, syncOwnerId, extVM, host.ManagerId) if provider.GetFactory().IsSupportPrepaidResources() && recycle { @@ -3205,7 +3207,7 @@ func (manager *SGuestManager) newCloudVM(ctx context.Context, userCred mcclient. guest.SyncOsInfo(ctx, userCred, extVM) - syncVirtualResourceMetadata(ctx, userCred, &guest, extVM) + syncVirtualResourceMetadata(ctx, userCred, &guest, extVM, false) SyncCloudProject(ctx, userCred, &guest, syncOwnerId, extVM, host.ManagerId) db.OpsLog.LogEvent(&guest, db.ACT_CREATE, guest.GetShortDesc(ctx), userCred) @@ -6536,7 +6538,14 @@ func (guest *SGuest) OnMetadataUpdated(ctx context.Context, userCred mcclient.To if len(guest.ExternalId) == 0 { return } - err := guest.StartRemoteUpdateTask(ctx, userCred, true, "") + host, err := guest.GetHost() + if err != nil { + return + } + if account := host.GetCloudaccount(); account != nil && account.ReadOnly { + return + } + err = guest.StartRemoteUpdateTask(ctx, userCred, true, "") if err != nil { log.Errorf("StartRemoteUpdateTask fail: %s", err) } diff --git a/pkg/compute/models/hosts.go b/pkg/compute/models/hosts.go index eff714397f8..3cfa9dca42c 100644 --- a/pkg/compute/models/hosts.go +++ b/pkg/compute/models/hosts.go @@ -1943,7 +1943,9 @@ func (hh *SHost) syncWithCloudHost(ctx context.Context, userCred mcclient.TokenC SyncCloudDomain(userCred, hh, provider.GetOwnerId()) hh.SyncShareState(ctx, userCred, provider.getAccountShareInfo()) } - syncMetadata(ctx, userCred, hh, extHost) + if account := hh.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, hh, extHost, account.ReadOnly) + } if err := hh.syncSchedtags(ctx, userCred, extHost); err != nil { log.Errorf("syncSchedtags fail: %v", err) diff --git a/pkg/compute/models/ipv6_gateways.go b/pkg/compute/models/ipv6_gateways.go index 91a242d18e9..683d7eee35b 100644 --- a/pkg/compute/models/ipv6_gateways.go +++ b/pkg/compute/models/ipv6_gateways.go @@ -177,7 +177,10 @@ func (self *SIPv6Gateway) SyncWithCloudIPv6Gateway(ctx context.Context, userCred }) } - syncVirtualResourceMetadata(ctx, userCred, self, ext) + if account, _ := provider.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, self, ext, account.ReadOnly) + } + SyncCloudProject(ctx, userCred, self, provider.GetOwnerId(), ext, provider.Id) return nil } @@ -210,7 +213,7 @@ func (self *SVpc) newFromCloudIPv6Gateway(ctx context.Context, userCred mcclient return nil, errors.Wrapf(err, "Insert") } - syncVirtualResourceMetadata(ctx, userCred, ret, ext) + syncVirtualResourceMetadata(ctx, userCred, ret, ext, false) SyncCloudProject(ctx, userCred, ret, provider.GetOwnerId(), ext, self.ManagerId) db.OpsLog.LogEvent(ret, db.ACT_CREATE, ret.GetShortDesc(ctx), userCred) diff --git a/pkg/compute/models/kafka.go b/pkg/compute/models/kafka.go index b5f27a7818a..48b7834d582 100644 --- a/pkg/compute/models/kafka.go +++ b/pkg/compute/models/kafka.go @@ -503,8 +503,9 @@ func (self *SKafka) SyncWithCloudKafka(ctx context.Context, userCred mcclient.To Action: notifyclient.ActionSyncUpdate, }) } - - syncVirtualResourceMetadata(ctx, userCred, self, ext) + if account := self.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, self, ext, account.ReadOnly) + } if provider := self.GetCloudprovider(); provider != nil { SyncCloudProject(ctx, userCred, self, provider.GetOwnerId(), ext, provider.Id) } @@ -608,7 +609,7 @@ func (self *SCloudregion) newFromCloudKafka(ctx context.Context, userCred mcclie }) // 同步标签 - syncVirtualResourceMetadata(ctx, userCred, &kafka, ext) + syncVirtualResourceMetadata(ctx, userCred, &kafka, ext, false) // 同步项目归属 SyncCloudProject(ctx, userCred, &kafka, provider.GetOwnerId(), ext, provider.Id) @@ -691,6 +692,9 @@ func (self *SKafka) OnMetadataUpdated(ctx context.Context, userCred mcclient.Tok if len(self.ExternalId) == 0 { return } + if account := self.GetCloudaccount(); account != nil && account.ReadOnly { + return + } err := self.StartRemoteUpdateTask(ctx, userCred, true, "") if err != nil { log.Errorf("StartRemoteUpdateTask fail: %s", err) diff --git a/pkg/compute/models/kube_clusters.go b/pkg/compute/models/kube_clusters.go index 92bc80738de..c124c82df9c 100644 --- a/pkg/compute/models/kube_clusters.go +++ b/pkg/compute/models/kube_clusters.go @@ -360,7 +360,9 @@ func (self *SKubeCluster) SyncWithCloudKubeCluster(ctx context.Context, userCred return err } - syncMetadata(ctx, userCred, self, ext) + if account, _ := provider.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, self, ext, account.ReadOnly) + } if provider != nil { SyncCloudDomain(userCred, self, provider.GetOwnerId()) @@ -426,7 +428,7 @@ func (self *SCloudregion) newFromCloudKubeCluster(ctx context.Context, userCred return nil, errors.Wrapf(err, "Insert") } - syncMetadata(ctx, userCred, &cluster, ext) + syncMetadata(ctx, userCred, &cluster, ext, false) SyncCloudDomain(userCred, &cluster, provider.GetOwnerId()) if provider != nil { diff --git a/pkg/compute/models/kube_node_pools.go b/pkg/compute/models/kube_node_pools.go index c185eb066d5..3f78f9b6b97 100644 --- a/pkg/compute/models/kube_node_pools.go +++ b/pkg/compute/models/kube_node_pools.go @@ -467,7 +467,9 @@ func (self *SKubeNodePool) SyncWithCloudKubeNodePool(ctx context.Context, userCr return errors.Wrapf(err, "UpdateWithLock") } - syncMetadata(ctx, userCred, self, ext) + if account := cluster.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, self, ext, account.ReadOnly) + } return nil } @@ -515,7 +517,7 @@ func (self *SKubeCluster) newFromCloudKubeNodePool(ctx context.Context, userCred return nil, errors.Wrapf(err, "Insert") } - syncMetadata(ctx, userCred, &pool, ext) + syncMetadata(ctx, userCred, &pool, ext, false) return &pool, nil } diff --git a/pkg/compute/models/kube_nodes.go b/pkg/compute/models/kube_nodes.go index 2958619c07a..5a038deabd9 100644 --- a/pkg/compute/models/kube_nodes.go +++ b/pkg/compute/models/kube_nodes.go @@ -299,7 +299,12 @@ func (self *SKubeNode) SyncWithCloudKubeNode(ctx context.Context, userCred mccli return errors.Wrapf(err, "UpdateWithLock") } - syncMetadata(ctx, userCred, self, ext) + cluster, err := self.GetKubeCluster() + if err == nil { + if account := cluster.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, self, ext, account.ReadOnly) + } + } return nil } @@ -340,7 +345,7 @@ func (self *SKubeCluster) newFromCloudKubeNode(ctx context.Context, userCred mcc return nil, errors.Wrapf(err, "Insert") } - syncMetadata(ctx, userCred, &node, ext) + syncMetadata(ctx, userCred, &node, ext, false) return &node, nil } diff --git a/pkg/compute/models/loadbalancerbackendgroups.go b/pkg/compute/models/loadbalancerbackendgroups.go index c7feead4b78..95761e5def3 100644 --- a/pkg/compute/models/loadbalancerbackendgroups.go +++ b/pkg/compute/models/loadbalancerbackendgroups.go @@ -717,7 +717,9 @@ func (lbbg *SLoadbalancerBackendGroup) SyncWithCloudLoadbalancerBackendgroup( Action: notifyclient.ActionSyncUpdate, }) } - syncMetadata(ctx, userCred, lbbg, ext) + if account := lb.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, lbbg, ext, account.ReadOnly) + } db.OpsLog.LogSyncUpdate(lbbg, diff, userCred) if ext.IsDefault() { diff --git a/pkg/compute/models/loadbalancerbackends.go b/pkg/compute/models/loadbalancerbackends.go index cd16f36f44c..962ae561346 100644 --- a/pkg/compute/models/loadbalancerbackends.go +++ b/pkg/compute/models/loadbalancerbackends.go @@ -633,7 +633,9 @@ func (lbb *SLoadbalancerBackend) SyncWithCloudLoadbalancerBackend(ctx context.Co if err != nil { return err } - syncMetadata(ctx, userCred, lbb, ext) + if account, _ := provider.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, lbb, ext, account.ReadOnly) + } db.OpsLog.LogSyncUpdate(lbb, diff, userCred) return nil } @@ -655,7 +657,7 @@ func (lbbg *SLoadbalancerBackendGroup) newFromCloudLoadbalancerBackend(ctx conte if err != nil { return nil, errors.Wrapf(err, "Insert") } - syncMetadata(ctx, userCred, lbb, ext) + syncMetadata(ctx, userCred, lbb, ext, false) db.OpsLog.LogEvent(lbb, db.ACT_CREATE, lbb.GetShortDesc(ctx), userCred) return lbb, nil } diff --git a/pkg/compute/models/loadbalancercachedacls.go b/pkg/compute/models/loadbalancercachedacls.go index 6f98099aa71..0d3a44ce342 100644 --- a/pkg/compute/models/loadbalancercachedacls.go +++ b/pkg/compute/models/loadbalancercachedacls.go @@ -216,7 +216,7 @@ func (self *SCachedLoadbalancerAcl) syncRemoveCloudLoadbalanceAcl(ctx context.Co return self.RealDelete(ctx, userCred) } -func (acl *SCachedLoadbalancerAcl) SyncWithCloudLoadbalancerAcl(ctx context.Context, userCred mcclient.TokenCredential, extAcl cloudprovider.ICloudLoadbalancerAcl, projectId mcclient.IIdentityProvider) error { +func (acl *SCachedLoadbalancerAcl) SyncWithCloudLoadbalancerAcl(ctx context.Context, userCred mcclient.TokenCredential, extAcl cloudprovider.ICloudLoadbalancerAcl, provider *SCloudprovider) error { diff, err := db.UpdateWithLock(ctx, acl, func() error { // todo: 华为云acl没有name字段应此不需要同步名称 if options.Options.EnableSyncName && !utils.IsInStringArray(acl.GetProviderName(), []string{api.CLOUD_PROVIDER_HUAWEI, api.CLOUD_PROVIDER_HCSO, api.CLOUD_PROVIDER_HCS}) { @@ -227,7 +227,9 @@ func (acl *SCachedLoadbalancerAcl) SyncWithCloudLoadbalancerAcl(ctx context.Cont if err != nil { return errors.Wrap(err, "cacheLoadbalancerAcl.sync.Update") } - syncMetadata(ctx, userCred, acl, extAcl) + if account, _ := provider.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, acl, extAcl, account.ReadOnly) + } db.OpsLog.LogSyncUpdate(acl, diff, userCred) return nil } @@ -431,7 +433,7 @@ func (man *SCachedLoadbalancerAclManager) SyncLoadbalancerAcls( } if !syncRange.Xor { for i := 0; i < len(commondb); i++ { - err = commondb[i].SyncWithCloudLoadbalancerAcl(ctx, userCred, commonext[i], provider.GetOwnerId()) + err = commondb[i].SyncWithCloudLoadbalancerAcl(ctx, userCred, commonext[i], provider) if err != nil { syncResult.UpdateError(err) } else { @@ -505,7 +507,7 @@ func (man *SCachedLoadbalancerAclManager) newFromCloudLoadbalancerAcl(ctx contex if err != nil { return nil, errors.Wrap(err, "Insert") } - syncMetadata(ctx, userCred, &acl, extAcl) + syncMetadata(ctx, userCred, &acl, extAcl, false) db.OpsLog.LogEvent(&acl, db.ACT_CREATE, acl.GetShortDesc(ctx), userCred) return &acl, nil diff --git a/pkg/compute/models/loadbalancercachedcertificates.go b/pkg/compute/models/loadbalancercachedcertificates.go index d1204554304..42501de5add 100644 --- a/pkg/compute/models/loadbalancercachedcertificates.go +++ b/pkg/compute/models/loadbalancercachedcertificates.go @@ -322,7 +322,7 @@ func (self *SCloudprovider) newFromCloudLoadbalancerCertificate(ctx context.Cont return errors.Wrapf(err, "Insert cache lbert") } - syncMetadata(ctx, userCred, lbcert, ext) + syncMetadata(ctx, userCred, lbcert, ext, false) db.OpsLog.LogEvent(lbcert, db.ACT_CREATE, lbcert.GetShortDesc(ctx), userCred) notifyclient.EventNotify(ctx, userCred, notifyclient.SEventNotifyParam{ Obj: lbcert, @@ -341,7 +341,7 @@ func (lbcert *SCachedLoadbalancerCertificate) SyncWithCloudLoadbalancerCertifica return errors.Wrapf(err, "db.Update") } - syncMetadata(ctx, userCred, lbcert, ext) + syncMetadata(ctx, userCred, lbcert, ext, false) db.OpsLog.LogSyncUpdate(lbcert, diff, userCred) if len(diff) > 0 { notifyclient.EventNotify(ctx, userCred, notifyclient.SEventNotifyParam{ diff --git a/pkg/compute/models/loadbalancerlistenerrules.go b/pkg/compute/models/loadbalancerlistenerrules.go index 48d205dbade..f9f9dd4c0cf 100644 --- a/pkg/compute/models/loadbalancerlistenerrules.go +++ b/pkg/compute/models/loadbalancerlistenerrules.go @@ -724,7 +724,7 @@ func (man *SLoadbalancerListenerRuleManager) SyncLoadbalancerListenerRules(ctx c if err != nil { syncResult.UpdateError(err) } else { - syncMetadata(ctx, userCred, &commondb[i], commonext[i]) + syncMetadata(ctx, userCred, &commondb[i], commonext[i], false) syncResult.Update() } } @@ -733,7 +733,7 @@ func (man *SLoadbalancerListenerRuleManager) SyncLoadbalancerListenerRules(ctx c if err != nil { syncResult.AddError(err) } else { - syncMetadata(ctx, userCred, local, added[i]) + syncMetadata(ctx, userCred, local, added[i], false) syncResult.Add() } } diff --git a/pkg/compute/models/loadbalancerlisteners.go b/pkg/compute/models/loadbalancerlisteners.go index 959d37933ef..54b0539a21a 100644 --- a/pkg/compute/models/loadbalancerlisteners.go +++ b/pkg/compute/models/loadbalancerlisteners.go @@ -962,7 +962,9 @@ func (lblis *SLoadbalancerListener) SyncWithCloudLoadbalancerListener(ctx contex if err != nil { return err } - syncMetadata(ctx, userCred, lblis, extListener) + if account, _ := provider.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, lblis, extListener, account.ReadOnly) + } if len(diff) > 0 { notifyclient.EventNotify(ctx, userCred, notifyclient.SEventNotifyParam{ @@ -1005,7 +1007,7 @@ func (man *SLoadbalancerListenerManager) newFromCloudLoadbalancerListener(ctx co if err != nil { return nil, errors.Wrapf(err, "Insert") } - syncMetadata(ctx, userCred, lblis, extListener) + syncMetadata(ctx, userCred, lblis, extListener, false) err = lblis.updateBackendGroupId(ctx, extListener, lb.ManagerId) if err != nil { diff --git a/pkg/compute/models/loadbalancers.go b/pkg/compute/models/loadbalancers.go index 506663c3ced..eef1ccc59ea 100644 --- a/pkg/compute/models/loadbalancers.go +++ b/pkg/compute/models/loadbalancers.go @@ -1131,7 +1131,7 @@ func (region *SCloudregion) newFromCloudLoadbalancer(ctx context.Context, userCr return nil, errors.Wrapf(err, "Insert") } - syncVirtualResourceMetadata(ctx, userCred, &lb, ext) + syncVirtualResourceMetadata(ctx, userCred, &lb, ext, false) SyncCloudProject(ctx, userCred, &lb, syncOwnerId, ext, provider.Id) db.OpsLog.LogEvent(&lb, db.ACT_CREATE, lb.GetShortDesc(ctx), userCred) @@ -1343,7 +1343,9 @@ func (lb *SLoadbalancer) syncWithCloudLoadbalancer(ctx context.Context, userCred } networkIds := getExtLbNetworkIds(ext, lb.ManagerId) - syncVirtualResourceMetadata(ctx, userCred, lb, ext) + if account := lb.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, lb, ext, account.ReadOnly) + } provider := lb.GetCloudprovider() SyncCloudProject(ctx, userCred, lb, provider.GetOwnerId(), ext, lb.ManagerId) lb.syncLoadbalancerNetwork(ctx, userCred, networkIds) @@ -1499,6 +1501,9 @@ func (self *SLoadbalancer) OnMetadataUpdated(ctx context.Context, userCred mccli if len(self.ExternalId) == 0 { return } + if account := self.GetCloudaccount(); account != nil && account.ReadOnly { + return + } err := self.StartRemoteUpdateTask(ctx, userCred, true, "") if err != nil { log.Errorf("StartRemoteUpdateTask fail: %s", err) diff --git a/pkg/compute/models/miscresources.go b/pkg/compute/models/miscresources.go index 72ac185425e..2d20796fecf 100644 --- a/pkg/compute/models/miscresources.go +++ b/pkg/compute/models/miscresources.go @@ -189,8 +189,9 @@ func (self *SMiscResource) SyncWithCloudMiscResource(ctx context.Context, userCr if err != nil { return err } - - syncVirtualResourceMetadata(ctx, userCred, self, ext) + if account := self.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, self, ext, account.ReadOnly) + } SyncCloudProject(ctx, userCred, self, provider.GetOwnerId(), ext, provider.Id) db.OpsLog.LogSyncUpdate(self, diff, userCred) @@ -228,7 +229,7 @@ func (self *SCloudregion) newFromCloudMiscResource(ctx context.Context, userCred return nil, errors.Wrapf(err, "Insert") } - syncVirtualResourceMetadata(ctx, userCred, &misc, ext) + syncVirtualResourceMetadata(ctx, userCred, &misc, ext, false) SyncCloudProject(ctx, userCred, &misc, provider.GetOwnerId(), ext, provider.Id) db.OpsLog.LogEvent(&misc, db.ACT_CREATE, misc.GetShortDesc(ctx), userCred) diff --git a/pkg/compute/models/modelarts_pools.go b/pkg/compute/models/modelarts_pools.go index 775f0dd191d..720ee643527 100644 --- a/pkg/compute/models/modelarts_pools.go +++ b/pkg/compute/models/modelarts_pools.go @@ -457,10 +457,10 @@ func (self *SModelartsPool) SyncWithCloudModelartsPool(ctx context.Context, user return errors.Wrapf(err, "db.Update") } - err = syncVirtualResourceMetadata(ctx, userCred, self, ext) - if err != nil { - return errors.Wrapf(err, "syncVirtualResourceMetadata") + if account := self.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, self, ext, account.ReadOnly) } + if provider := self.GetCloudprovider(); provider != nil { SyncCloudProject(ctx, userCred, self, provider.GetOwnerId(), ext, provider.Id) } @@ -514,7 +514,7 @@ func (self *SCloudregion) newFromCloudModelartsPool(ctx context.Context, userCre } // 同步标签 - syncVirtualResourceMetadata(ctx, userCred, &pool, ext) + syncVirtualResourceMetadata(ctx, userCred, &pool, ext, false) // 同步项目归属 SyncCloudProject(ctx, userCred, &pool, provider.GetOwnerId(), ext, provider.Id) diff --git a/pkg/compute/models/mongodb.go b/pkg/compute/models/mongodb.go index 166adf88141..cb7d69dd2ff 100644 --- a/pkg/compute/models/mongodb.go +++ b/pkg/compute/models/mongodb.go @@ -568,7 +568,9 @@ func (self *SMongoDB) SyncWithCloudMongoDB(ctx context.Context, userCred mcclien Action: notifyclient.ActionSyncUpdate, }) } - syncVirtualResourceMetadata(ctx, userCred, self, ext) + if account := self.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, self, ext, account.ReadOnly) + } if provider := self.GetCloudprovider(); provider != nil { SyncCloudProject(ctx, userCred, self, provider.GetOwnerId(), ext, provider.Id) } @@ -664,7 +666,7 @@ func (self *SCloudregion) newFromCloudMongoDB(ctx context.Context, userCred mccl Action: notifyclient.ActionSyncCreate, }) - syncVirtualResourceMetadata(ctx, userCred, &ins, ext) + syncVirtualResourceMetadata(ctx, userCred, &ins, ext, false) SyncCloudProject(ctx, userCred, &ins, provider.GetOwnerId(), ext, provider.Id) db.OpsLog.LogEvent(&ins, db.ACT_CREATE, ins.GetShortDesc(ctx), userCred) @@ -835,6 +837,9 @@ func (self *SMongoDB) OnMetadataUpdated(ctx context.Context, userCred mcclient.T if len(self.ExternalId) == 0 { return } + if account := self.GetCloudaccount(); account != nil && account.ReadOnly { + return + } err := self.StartRemoteUpdateTask(ctx, userCred, true, "") if err != nil { log.Errorf("StartRemoteUpdateTask fail: %s", err) diff --git a/pkg/compute/models/natdtable.go b/pkg/compute/models/natdtable.go index 2f285d552a7..b3c29b4ad08 100644 --- a/pkg/compute/models/natdtable.go +++ b/pkg/compute/models/natdtable.go @@ -216,7 +216,7 @@ func (manager *SNatDEntryManager) SyncNatDTable( if !xor { for i := 0; i < len(commondb); i += 1 { - err := commondb[i].SyncWithCloudNatDTable(ctx, userCred, commonext[i], syncOwnerId) + err := commondb[i].SyncWithCloudNatDTable(ctx, userCred, commonext[i], provider) if err != nil { result.UpdateError(err) continue @@ -255,7 +255,7 @@ func (self *SNatDEntry) syncRemoveCloudNatDTable(ctx context.Context, userCred m return self.RealDelete(ctx, userCred) } -func (self *SNatDEntry) SyncWithCloudNatDTable(ctx context.Context, userCred mcclient.TokenCredential, extEntry cloudprovider.ICloudNatDEntry, syncOwnerId mcclient.IIdentityProvider) error { +func (self *SNatDEntry) SyncWithCloudNatDTable(ctx context.Context, userCred mcclient.TokenCredential, extEntry cloudprovider.ICloudNatDEntry, provider *SCloudprovider) error { diff, err := db.UpdateWithLock(ctx, self, func() error { self.Status = extEntry.GetStatus() self.ExternalIP = extEntry.GetExternalIp() @@ -269,9 +269,11 @@ func (self *SNatDEntry) SyncWithCloudNatDTable(ctx context.Context, userCred mcc return err } - SyncCloudDomain(userCred, self, syncOwnerId) + SyncCloudDomain(userCred, self, provider.GetOwnerId()) - syncMetadata(ctx, userCred, self, extEntry) + if account, _ := provider.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, self, extEntry, account.ReadOnly) + } db.OpsLog.LogSyncUpdate(self, diff, userCred) return nil } @@ -307,7 +309,7 @@ func (manager *SNatDEntryManager) newFromCloudNatDTable(ctx context.Context, use } SyncCloudDomain(userCred, &table, ownerId) - syncMetadata(ctx, userCred, &table, extEntry) + syncMetadata(ctx, userCred, &table, extEntry, false) db.OpsLog.LogEvent(&table, db.ACT_CREATE, table.GetShortDesc(ctx), userCred) diff --git a/pkg/compute/models/natgateways.go b/pkg/compute/models/natgateways.go index 08b466d0e01..6286d0dc2ab 100644 --- a/pkg/compute/models/natgateways.go +++ b/pkg/compute/models/natgateways.go @@ -532,7 +532,9 @@ func (self *SNatGateway) SyncWithCloudNatGateway(ctx context.Context, userCred m return err } - syncMetadata(ctx, userCred, self, extNat) + if account, _ := provider.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, self, extNat, account.ReadOnly) + } SyncCloudDomain(userCred, self, provider.GetOwnerId()) db.OpsLog.LogSyncUpdate(self, diff, userCred) @@ -598,7 +600,7 @@ func (manager *SNatGatewayManager) newFromCloudNatGateway(ctx context.Context, u } SyncCloudDomain(userCred, &nat, provider.GetOwnerId()) - syncMetadata(ctx, userCred, &nat, extNat) + syncMetadata(ctx, userCred, &nat, extNat, false) db.OpsLog.LogEvent(&nat, db.ACT_CREATE, nat.GetShortDesc(ctx), userCred) notifyclient.EventNotify(ctx, userCred, notifyclient.SEventNotifyParam{ @@ -1113,7 +1115,14 @@ func (self *SNatGateway) OnMetadataUpdated(ctx context.Context, userCred mcclien if len(self.ExternalId) == 0 { return } - err := self.StartRemoteUpdateTask(ctx, userCred, true, "") + vpc, err := self.GetVpc() + if err != nil { + return + } + if account := vpc.GetCloudaccount(); account != nil && account.ReadOnly { + return + } + err = self.StartRemoteUpdateTask(ctx, userCred, true, "") if err != nil { log.Errorf("StartRemoteUpdateTask fail: %s", err) } diff --git a/pkg/compute/models/natstable.go b/pkg/compute/models/natstable.go index fff32f5488a..aade8f37ff4 100644 --- a/pkg/compute/models/natstable.go +++ b/pkg/compute/models/natstable.go @@ -270,7 +270,7 @@ func (manager *SNatSEntryManager) SyncNatSTable( if !xor { for i := 0; i < len(commondb); i += 1 { - err := commondb[i].SyncWithCloudNatSTable(ctx, userCred, commonext[i], syncOwnerId, provider.Id) + err := commondb[i].SyncWithCloudNatSTable(ctx, userCred, commonext[i], syncOwnerId, provider) if err != nil { result.UpdateError(err) continue @@ -301,7 +301,7 @@ func (self *SNatSEntry) syncRemoveCloudNatSTable(ctx context.Context, userCred m return self.RealDelete(ctx, userCred) } -func (self *SNatSEntry) SyncWithCloudNatSTable(ctx context.Context, userCred mcclient.TokenCredential, extEntry cloudprovider.ICloudNatSEntry, syncOwnerId mcclient.IIdentityProvider, managerId string) error { +func (self *SNatSEntry) SyncWithCloudNatSTable(ctx context.Context, userCred mcclient.TokenCredential, extEntry cloudprovider.ICloudNatSEntry, syncOwnerId mcclient.IIdentityProvider, provider *SCloudprovider) error { diff, err := db.UpdateWithLock(ctx, self, func() error { self.Status = extEntry.GetStatus() self.IP = extEntry.GetIP() @@ -312,7 +312,7 @@ func (self *SNatSEntry) SyncWithCloudNatSTable(ctx context.Context, userCred mcc vpc := VpcManager.Query().SubQuery() return q.Join(wire, sqlchemy.Equals(wire.Field("id"), q.Field("wire_id"))). Join(vpc, sqlchemy.Equals(vpc.Field("id"), wire.Field("vpc_id"))). - Filter(sqlchemy.Equals(vpc.Field("manager_id"), managerId)) + Filter(sqlchemy.Equals(vpc.Field("manager_id"), provider.Id)) }) if err != nil { return errors.Wrapf(err, "search network by externalId: %s", extNetworkId) @@ -326,7 +326,9 @@ func (self *SNatSEntry) SyncWithCloudNatSTable(ctx context.Context, userCred mcc } SyncCloudDomain(userCred, self, syncOwnerId) - syncMetadata(ctx, userCred, self, extEntry) + if account, _ := provider.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, self, extEntry, account.ReadOnly) + } db.OpsLog.LogSyncUpdate(self, diff, userCred) return nil @@ -374,7 +376,7 @@ func (manager *SNatSEntryManager) newFromCloudNatSTable(ctx context.Context, use } SyncCloudDomain(userCred, &table, ownerId) - syncMetadata(ctx, userCred, &table, extEntry) + syncMetadata(ctx, userCred, &table, extEntry, false) db.OpsLog.LogEvent(&table, db.ACT_CREATE, table.GetShortDesc(ctx), userCred) diff --git a/pkg/compute/models/networkinterfaces.go b/pkg/compute/models/networkinterfaces.go index 1a4097dd731..f4272fa6f1e 100644 --- a/pkg/compute/models/networkinterfaces.go +++ b/pkg/compute/models/networkinterfaces.go @@ -272,7 +272,7 @@ func (manager *SNetworkInterfaceManager) SyncNetworkInterfaces( syncResult.AddError(err) continue } - syncMetadata(ctx, userCred, new, added[i]) + syncMetadata(ctx, userCred, new, added[i], false) localResources = append(localResources, *new) remoteResources = append(remoteResources, added[i]) syncResult.Add() @@ -302,7 +302,9 @@ func (self *SNetworkInterface) SyncWithCloudNetworkInterface(ctx context.Context } SyncCloudDomain(userCred, self, provider.GetOwnerId()) - syncMetadata(ctx, userCred, self, ext) + if account, _ := provider.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, self, ext, account.ReadOnly) + } db.OpsLog.LogSyncUpdate(self, diff, userCred) return nil } diff --git a/pkg/compute/models/networks.go b/pkg/compute/models/networks.go index 124546d6fb6..e1f8b1d0f53 100644 --- a/pkg/compute/models/networks.go +++ b/pkg/compute/models/networks.go @@ -741,7 +741,7 @@ func (manager *SNetworkManager) newFromCloudNetwork(ctx context.Context, userCre } vpc, _ := wire.GetVpc() - syncVirtualResourceMetadata(ctx, userCred, &net, extNet) + syncVirtualResourceMetadata(ctx, userCred, &net, extNet, false) SyncCloudProject(ctx, userCred, &net, syncOwnerId, extNet, vpc.ManagerId) if provider != nil { diff --git a/pkg/compute/models/routetables.go b/pkg/compute/models/routetables.go index b668066b158..81c212d0c05 100644 --- a/pkg/compute/models/routetables.go +++ b/pkg/compute/models/routetables.go @@ -413,7 +413,7 @@ func (man *SRouteTableManager) SyncRouteTables( syncResult.AddError(err) continue } - syncMetadata(ctx, userCred, routeTableNew, added[i]) + syncMetadata(ctx, userCred, routeTableNew, added[i], false) localRouteTables = append(localRouteTables, *routeTableNew) remoteRouteTables = append(remoteRouteTables, added[i]) syncResult.Add() @@ -529,8 +529,11 @@ func (self *SRouteTable) SyncWithCloudRouteTable(ctx context.Context, userCred m if provider != nil { SyncCloudDomain(userCred, self, provider.GetOwnerId()) self.SyncShareState(ctx, userCred, provider.getAccountShareInfo()) + if account, _ := provider.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, self, cloudRouteTable, account.ReadOnly) + } } - syncMetadata(ctx, userCred, self, cloudRouteTable) + db.OpsLog.LogSyncUpdate(self, diff, userCred) return nil } diff --git a/pkg/compute/models/secgroups.go b/pkg/compute/models/secgroups.go index a1591c00b5e..e33f0ec6f9b 100644 --- a/pkg/compute/models/secgroups.go +++ b/pkg/compute/models/secgroups.go @@ -1060,6 +1060,9 @@ func (self *SSecurityGroup) OnMetadataUpdated(ctx context.Context, userCred mccl if len(self.ExternalId) == 0 { return } + if account := self.GetCloudaccount(); account != nil && account.ReadOnly { + return + } err := self.StartRemoteUpdateTask(ctx, userCred, true, "") if err != nil { log.Errorf("StartRemoteUpdateTask fail: %s", err) @@ -1269,7 +1272,10 @@ func (self *SSecurityGroup) SyncWithCloudSecurityGroup( return errors.Wrapf(err, "db.Update") } - syncVirtualResourceMetadata(ctx, userCred, self, ext) + if account := self.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, self, ext, account.ReadOnly) + } + SyncCloudProject(ctx, userCred, self, syncOwnerId, ext, self.ManagerId) if !syncRule { @@ -1335,7 +1341,7 @@ func (self *SCloudregion) newFromCloudSecurityGroup( return errors.Wrapf(err, "Insert") } - syncVirtualResourceMetadata(ctx, userCred, ret, ext) + syncVirtualResourceMetadata(ctx, userCred, ret, ext, false) SyncCloudProject(ctx, userCred, ret, syncOwnerId, ext, ret.ManagerId) rules, err := ext.GetRules() diff --git a/pkg/compute/models/snapshotpolicy.go b/pkg/compute/models/snapshotpolicy.go index e780f9e93b1..d321b8ec080 100644 --- a/pkg/compute/models/snapshotpolicy.go +++ b/pkg/compute/models/snapshotpolicy.go @@ -493,7 +493,7 @@ func (manager *SSnapshotPolicyManager) allNewFromCloudSnapshotPolicy( if err != nil { syncResult.AddError(err) } else { - syncVirtualResourceMetadata(ctx, userCred, local, added[i]) + syncVirtualResourceMetadata(ctx, userCred, local, added[i], false) syncResult.Add() } } diff --git a/pkg/compute/models/snapshots.go b/pkg/compute/models/snapshots.go index 9bf74b8ae07..09141f68915 100644 --- a/pkg/compute/models/snapshots.go +++ b/pkg/compute/models/snapshots.go @@ -995,7 +995,9 @@ func (self *SSnapshot) SyncWithCloudSnapshot(ctx context.Context, userCred mccli } db.OpsLog.LogSyncUpdate(self, diff, userCred) - syncVirtualResourceMetadata(ctx, userCred, self, ext) + if account := self.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, self, ext, account.ReadOnly) + } // bugfix for now: disk, _ := self.GetDisk() @@ -1049,7 +1051,7 @@ func (manager *SSnapshotManager) newFromCloudSnapshot(ctx context.Context, userC return nil, errors.Wrapf(err, "Insert") } - syncVirtualResourceMetadata(ctx, userCred, &snapshot, extSnapshot) + syncVirtualResourceMetadata(ctx, userCred, &snapshot, extSnapshot, false) // bugfix for now: if localDisk != nil { diff --git a/pkg/compute/models/sslcertificate.go b/pkg/compute/models/sslcertificate.go index 9284759dded..5247a715c26 100644 --- a/pkg/compute/models/sslcertificate.go +++ b/pkg/compute/models/sslcertificate.go @@ -298,8 +298,10 @@ func (s *SSSLCertificate) SyncWithCloudSSLCertificate(ctx context.Context, userC }) } - _ = syncVirtualResourceMetadata(ctx, userCred, s, ext) - //_ = syncMetadata(ctx, userCred, s, ext) + if account := s.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, s, ext, account.ReadOnly) + } + if provider := s.GetCloudprovider(); provider != nil { SyncCloudProject(ctx, userCred, s, provider.GetOwnerId(), ext, provider.Id) } @@ -361,7 +363,7 @@ func (r *SCloudprovider) newFromCloudSSLCertificate( Action: notifyclient.ActionSyncCreate, }) // 同步标签 - _ = syncVirtualResourceMetadata(ctx, userCred, &s, ext) + _ = syncVirtualResourceMetadata(ctx, userCred, &s, ext, false) // 同步项目归属 SyncCloudProject(ctx, userCred, &s, r.GetOwnerId(), ext, r.Id) diff --git a/pkg/compute/models/storages.go b/pkg/compute/models/storages.go index 2e7ec6b496c..4c74daa3108 100644 --- a/pkg/compute/models/storages.go +++ b/pkg/compute/models/storages.go @@ -920,7 +920,6 @@ func (manager *SStorageManager) SyncStorages(ctx context.Context, userCred mccli syncResult.UpdateError(err) continue } - syncMetadata(ctx, userCred, &commondb[i], commonext[i]) } localStorages = append(localStorages, commondb[i]) @@ -928,15 +927,14 @@ func (manager *SStorageManager) SyncStorages(ctx context.Context, userCred mccli syncResult.Update() } for i := 0; i < len(added); i += 1 { - new, err := manager.newFromCloudStorage(ctx, userCred, added[i], provider, zone) + storage, err := manager.newFromCloudStorage(ctx, userCred, added[i], provider, zone) if err != nil { syncResult.AddError(err) - } else { - syncMetadata(ctx, userCred, new, added[i]) - localStorages = append(localStorages, *new) - remoteStorages = append(remoteStorages, added[i]) - syncResult.Add() + continue } + localStorages = append(localStorages, *storage) + remoteStorages = append(remoteStorages, added[i]) + syncResult.Add() } return localStorages, remoteStorages, syncResult @@ -1008,25 +1006,25 @@ func (sm *SStorageManager) SyncCapacityUsedForEsxiStorage(ctx context.Context, u } } -func (self *SStorage) syncWithCloudStorage(ctx context.Context, userCred mcclient.TokenCredential, extStorage cloudprovider.ICloudStorage, provider *SCloudprovider) error { +func (self *SStorage) syncWithCloudStorage(ctx context.Context, userCred mcclient.TokenCredential, ext cloudprovider.ICloudStorage, provider *SCloudprovider) error { diff, err := db.UpdateWithLock(ctx, self, func() error { // self.Name = extStorage.GetName() - self.Status = extStorage.GetStatus() - self.StorageType = extStorage.GetStorageType() - self.MediumType = extStorage.GetMediumType() - if capacity := extStorage.GetCapacityMB(); capacity != 0 { + self.Status = ext.GetStatus() + self.StorageType = ext.GetStorageType() + self.MediumType = ext.GetMediumType() + if capacity := ext.GetCapacityMB(); capacity != 0 { self.Capacity = capacity } - if capacity := extStorage.GetCapacityUsedMB(); capacity != 0 { + if capacity := ext.GetCapacityUsedMB(); capacity != 0 { self.ActualCapacityUsed = capacity } - self.StorageConf = extStorage.GetStorageConf() + self.StorageConf = ext.GetStorageConf() - self.Enabled = tristate.NewFromBool(extStorage.GetEnabled()) + self.Enabled = tristate.NewFromBool(ext.GetEnabled()) - self.IsEmulated = extStorage.IsEmulated() + self.IsEmulated = ext.IsEmulated() - self.IsSysDiskStore = tristate.NewFromBool(extStorage.IsSysDiskStore()) + self.IsSysDiskStore = tristate.NewFromBool(ext.IsSysDiskStore()) return nil }) @@ -1038,6 +1036,9 @@ func (self *SStorage) syncWithCloudStorage(ctx context.Context, userCred mcclien if provider != nil { SyncCloudDomain(userCred, self, provider.GetOwnerId()) self.SyncShareState(ctx, userCred, provider.getAccountShareInfo()) + if account, _ := provider.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, self, ext, account.ReadOnly) + } } db.OpsLog.LogSyncUpdate(self, diff, userCred) @@ -1082,6 +1083,7 @@ func (manager *SStorageManager) newFromCloudStorage(ctx context.Context, userCre } SyncCloudDomain(userCred, &storage, provider.GetOwnerId()) + syncMetadata(ctx, userCred, &storage, extStorage, false) if provider != nil { storage.SyncShareState(ctx, userCred, provider.getAccountShareInfo()) diff --git a/pkg/compute/models/syncutils.go b/pkg/compute/models/syncutils.go index 5bc60d50072..baba469d0b7 100644 --- a/pkg/compute/models/syncutils.go +++ b/pkg/compute/models/syncutils.go @@ -26,8 +26,8 @@ import ( ) type IMetadataSetter interface { - SetCloudMetadataAll(ctx context.Context, meta map[string]string, userCred mcclient.TokenCredential) error - SetSysCloudMetadataAll(ctx context.Context, meta map[string]string, userCred mcclient.TokenCredential) error + SetCloudMetadataAll(ctx context.Context, meta map[string]string, userCred mcclient.TokenCredential, readOnly bool) error + SetSysCloudMetadataAll(ctx context.Context, meta map[string]string, userCred mcclient.TokenCredential, readOnly bool) error Keyword() string GetName() string GetCloudproviderId() string @@ -38,13 +38,13 @@ type IVirtualResourceMetadataSetter interface { SetSystemInfo(isSystem bool) error } -func syncMetadata(ctx context.Context, userCred mcclient.TokenCredential, model IMetadataSetter, remote cloudprovider.ICloudResource) error { +func syncMetadata(ctx context.Context, userCred mcclient.TokenCredential, model IMetadataSetter, remote cloudprovider.ICloudResource, readOnly bool) error { sysTags := remote.GetSysTags() sysStore := make(map[string]string, 0) for key, value := range sysTags { sysStore[db.SYS_CLOUD_TAG_PREFIX+key] = value } - model.SetSysCloudMetadataAll(ctx, sysStore, userCred) + model.SetSysCloudMetadataAll(ctx, sysStore, userCred, readOnly) tags, err := remote.GetTags() if err == nil { @@ -52,12 +52,12 @@ func syncMetadata(ctx context.Context, userCred mcclient.TokenCredential, model for key, value := range tags { store[db.CLOUD_TAG_PREFIX+key] = value } - model.SetCloudMetadataAll(ctx, store, userCred) + model.SetCloudMetadataAll(ctx, store, userCred, readOnly) } return nil } -func syncVirtualResourceMetadata(ctx context.Context, userCred mcclient.TokenCredential, model IVirtualResourceMetadataSetter, remote cloudprovider.IVirtualResource) error { +func syncVirtualResourceMetadata(ctx context.Context, userCred mcclient.TokenCredential, model IVirtualResourceMetadataSetter, remote cloudprovider.IVirtualResource, readOnly bool) error { sysTags := remote.GetSysTags() sysStore := make(map[string]string, 0) for key, value := range sysTags { @@ -76,7 +76,7 @@ func syncVirtualResourceMetadata(ctx context.Context, userCred mcclient.TokenCre } } - model.SetSysCloudMetadataAll(ctx, sysStore, userCred) + model.SetSysCloudMetadataAll(ctx, sysStore, userCred, readOnly) tags, err := remote.GetTags() if err == nil { @@ -84,15 +84,15 @@ func syncVirtualResourceMetadata(ctx context.Context, userCred mcclient.TokenCre for key, value := range tags { store[db.CLOUD_TAG_PREFIX+key] = value } - model.SetCloudMetadataAll(ctx, store, userCred) + model.SetCloudMetadataAll(ctx, store, userCred, readOnly) } return nil } -func SyncMetadata(ctx context.Context, userCred mcclient.TokenCredential, model IMetadataSetter, remote cloudprovider.ICloudResource) error { - return syncMetadata(ctx, userCred, model, remote) +func SyncMetadata(ctx context.Context, userCred mcclient.TokenCredential, model IMetadataSetter, remote cloudprovider.ICloudResource, readOnly bool) error { + return syncMetadata(ctx, userCred, model, remote, readOnly) } -func SyncVirtualResourceMetadata(ctx context.Context, userCred mcclient.TokenCredential, model IVirtualResourceMetadataSetter, remote cloudprovider.IVirtualResource) error { - return syncVirtualResourceMetadata(ctx, userCred, model, remote) +func SyncVirtualResourceMetadata(ctx context.Context, userCred mcclient.TokenCredential, model IVirtualResourceMetadataSetter, remote cloudprovider.IVirtualResource, readOnly bool) error { + return syncVirtualResourceMetadata(ctx, userCred, model, remote, readOnly) } diff --git a/pkg/compute/models/tablestores.go b/pkg/compute/models/tablestores.go index 3f48fa2e348..40f28e176ff 100644 --- a/pkg/compute/models/tablestores.go +++ b/pkg/compute/models/tablestores.go @@ -175,7 +175,10 @@ func (self *STablestore) SyncWithCloudTablestore(ctx context.Context, userCred m }) } - syncVirtualResourceMetadata(ctx, userCred, self, ext) + if account, _ := provider.GetCloudaccount(); account != nil { + syncVirtualResourceMetadata(ctx, userCred, self, ext, account.ReadOnly) + } + SyncCloudProject(ctx, userCred, self, provider.GetOwnerId(), ext, provider.Id) return nil } @@ -208,7 +211,7 @@ func (self *SCloudregion) newFromCloudTablestore(ctx context.Context, userCred m return nil, errors.Wrapf(err, "Insert") } - syncVirtualResourceMetadata(ctx, userCred, ret, ext) + syncVirtualResourceMetadata(ctx, userCred, ret, ext, false) SyncCloudProject(ctx, userCred, ret, provider.GetOwnerId(), ext, provider.Id) db.OpsLog.LogEvent(ret, db.ACT_CREATE, ret.GetShortDesc(ctx), userCred) diff --git a/pkg/compute/models/vpc_peering_connections.go b/pkg/compute/models/vpc_peering_connections.go index 1f2502d3e38..20f1ab25fb9 100644 --- a/pkg/compute/models/vpc_peering_connections.go +++ b/pkg/compute/models/vpc_peering_connections.go @@ -382,7 +382,9 @@ func (self *SVpcPeeringConnection) SyncWithCloudPeerConnection(ctx context.Conte self.SyncShareState(ctx, userCred, provider.getAccountShareInfo()) } - syncMetadata(ctx, userCred, self, ext) + if account, _ := provider.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, self, ext, account.ReadOnly) + } return nil } diff --git a/pkg/compute/models/vpcs.go b/pkg/compute/models/vpcs.go index 9e928bf388c..cfc65fdbe12 100644 --- a/pkg/compute/models/vpcs.go +++ b/pkg/compute/models/vpcs.go @@ -712,7 +712,7 @@ func (manager *SVpcManager) newFromCloudVpc(ctx context.Context, userCred mcclie return nil, errors.Wrapf(err, "Insert") } - syncMetadata(ctx, userCred, &vpc, extVPC) + syncMetadata(ctx, userCred, &vpc, extVPC, false) SyncCloudDomain(userCred, &vpc, provider.GetOwnerId()) if provider != nil { diff --git a/pkg/compute/models/waf_instances.go b/pkg/compute/models/waf_instances.go index e028d89ed3b..4649db192b6 100644 --- a/pkg/compute/models/waf_instances.go +++ b/pkg/compute/models/waf_instances.go @@ -439,7 +439,9 @@ func (self *SWafInstance) SyncWithCloudWafInstance(ctx context.Context, userCred Action: notifyclient.ActionSyncUpdate, }) } - syncMetadata(ctx, userCred, self, ext) + if account := self.GetCloudaccount(); account != nil { + syncMetadata(ctx, userCred, self, ext, account.ReadOnly) + } return err } @@ -468,7 +470,7 @@ func (self *SCloudregion) newFromCloudWafInstance(ctx context.Context, userCred if err != nil { return nil, err } - syncMetadata(ctx, userCred, waf, ext) + syncMetadata(ctx, userCred, waf, ext, false) notifyclient.EventNotify(ctx, userCred, notifyclient.SEventNotifyParam{ Obj: waf, Action: notifyclient.ActionSyncCreate, @@ -519,6 +521,9 @@ func (self *SWafInstance) OnMetadataUpdated(ctx context.Context, userCred mcclie if len(self.ExternalId) == 0 { return } + if account := self.GetCloudaccount(); account != nil && account.ReadOnly { + return + } err := self.StartRemoteUpdateTask(ctx, userCred, true, "") if err != nil { log.Errorf("StartRemoteUpdateTask fail: %s", err) diff --git a/pkg/compute/models/wires.go b/pkg/compute/models/wires.go index 701c9c75ca7..208a1c35413 100644 --- a/pkg/compute/models/wires.go +++ b/pkg/compute/models/wires.go @@ -416,7 +416,7 @@ func (swire *SWire) syncWithCloudWire(ctx context.Context, userCred mcclient.Tok } else if swire.IsEmulated { swire.SaveSharedInfo(apis.TOwnerSource(vpc.PublicSrc), ctx, userCred, vpc.GetSharedInfo()) } - syncMetadata(ctx, userCred, swire, extWire) + syncMetadata(ctx, userCred, swire, extWire, false) db.OpsLog.LogSyncUpdate(swire, diff, userCred) return err @@ -490,7 +490,7 @@ func (manager *SWireManager) newFromCloudWire(ctx context.Context, userCred mccl wire.SyncShareState(ctx, userCred, provider.getAccountShareInfo()) } - syncMetadata(ctx, userCred, &wire, extWire) + syncMetadata(ctx, userCred, &wire, extWire, false) db.OpsLog.LogEvent(&wire, db.ACT_CREATE, wire.GetShortDesc(ctx), userCred) return &wire, nil } diff --git a/pkg/compute/models/zones.go b/pkg/compute/models/zones.go index dbb81a14175..549d30dba1f 100644 --- a/pkg/compute/models/zones.go +++ b/pkg/compute/models/zones.go @@ -368,7 +368,7 @@ func (self *SZone) syncWithCloudZone(ctx context.Context, userCred mcclient.Toke log.Errorf("syncWithCloudZone error %s", err) return err } - syncMetadata(ctx, userCred, self, extZone) + syncMetadata(ctx, userCred, self, extZone, false) db.OpsLog.LogSyncUpdate(self, diff, userCred) return nil } @@ -404,7 +404,7 @@ func (manager *SZoneManager) newFromCloudZone(ctx context.Context, userCred mccl if err != nil { return nil, errors.Wrap(err, "SyncI18ns") } - syncMetadata(ctx, userCred, &zone, extZone) + syncMetadata(ctx, userCred, &zone, extZone, false) db.OpsLog.LogEvent(&zone, db.ACT_CREATE, zone.GetShortDesc(ctx), userCred) return &zone, nil diff --git a/pkg/compute/regiondrivers/managedvirtual.go b/pkg/compute/regiondrivers/managedvirtual.go index 72dd1afe15b..a2bd97345e2 100644 --- a/pkg/compute/regiondrivers/managedvirtual.go +++ b/pkg/compute/regiondrivers/managedvirtual.go @@ -2790,7 +2790,9 @@ func (self *SManagedVirtualizationRegionDriver) RequestSyncElasticcacheStatus(ct if err != nil { return nil, errors.Wrap(err, "elasticcache.GetIElasticcache") } - models.SyncVirtualResourceMetadata(ctx, userCred, elasticcache, iElasticcache) + if account := elasticcache.GetCloudaccount(); account != nil { + models.SyncVirtualResourceMetadata(ctx, userCred, elasticcache, iElasticcache, account.ReadOnly) + } return nil, elasticcache.SetStatus(userCred, iElasticcache.GetStatus(), "syncstatus") }) return nil