Merge branch 'master' of https://github.com/KubeOperator/KubeOperator

pkg/constant/message.go

@@ -20,6 +20,7 @@ const (
 //message type
 const (
 	ClusterInstall      = "CLUSTER_INSTALL"
+	ClusterImport       = "CLUSTER_IMPORT"
 	ClusterUnInstall    = "CLUSTER_UN_INSTALL"
 	ClusterUpgrade      = "CLUSTER_UPGRADE"
 	ClusterDelete       = "CLUSTER_DELETE"

pkg/constant/rbac.go

@@ -192,6 +192,7 @@ var Roles = loader.AdvancedRules{
 			"/api/v1/settings",
 			"/api/v1/settings/{**}",
 			"/api/v1/settings/{**}/{**}",
+			"/api/v1/settings/registry/change/password",
 		},
 		Method: []string{"POST", "DELETE", "PUT", "PATCH"},
 		Permission: &grbac.Permission{

pkg/constant/system_log.go

@@ -108,6 +108,7 @@ const (
 	DELETE_CREDENTIALS    = "删除凭证|Delete credentials"
 	CREATE_REGISTRY       = "添加仓库信息|Create registry"
 	UPDATE_REGISTRY       = "更新仓库信息|Delete registry"
+	UPDATE_NEXUS_PASSWORD = "更新 Nexus 仓库密码|Update nexus password"
 	DELETE_REGISTRY       = "删除仓库信息|Delete registry"
 	CREATE_BACKUP_ACCOUNT = "添加备份账号|Create backup account"
 	UPDATE_BACKUP_ACCOUNT = "修改备份账号信息|Update backup account information"

pkg/controller/cluster.go

@@ -88,6 +88,16 @@ func (c ClusterController) Get() (*dto.ClusterPage, error) {
 	}
 }
 
+// Search Cluster
+// @Tags clusters
+// @Summary Search cluster
+// @Description 过滤集群
+// @Accept  json
+// @Produce  json
+// @Param conditions body condition.Conditions true "conditions"
+// @Success 200 {object} page.Page
+// @Security ApiKeyAuth
+// @Router /clusters/search [post]
 func (c ClusterController) PostSearch() (*dto.ClusterPage, error) {
 	page, _ := c.Ctx.Values().GetBool("page")
 	var conditions condition.Conditions
@@ -195,6 +205,16 @@ func (c ClusterController) PostInitBy(name string) error {
 	return c.ClusterInitService.Init(name)
 }
 
+// Load Cluster Info for import
+// @Tags clusters
+// @Summary Load cluster info
+// @Description Upgrade a cluster
+// @Param request body dto.ClusterLoad true "request"
+// @Accept  json
+// @Produce  json
+// @Success 200 {object} dto.ClusterLoadInfo
+// @Security ApiKeyAuth
+// @Router /clusters/load [post]
 func (c ClusterController) PostLoad() (dto.ClusterLoadInfo, error) {
 	var req dto.ClusterLoad
 	var data dto.ClusterLoadInfo
@@ -330,6 +350,16 @@ func (c ClusterController) GetToolPortBy(clusterName, namespace, toolName, toolV
 	return tool, nil
 }
 
+func (c ClusterController) PostToolSyncBy(clusterName string) (*[]dto.ClusterTool, error) {
+	cts, err := c.ClusterToolService.SyncStatus(clusterName)
+	if err != nil {
+		logger.Log.Info(fmt.Sprintf("%+v", err))
+		return nil, err
+	}
+
+	return &cts, nil
+}
+
 func (c ClusterController) PostToolEnableBy(clusterName string) (*dto.ClusterTool, error) {
 	var req dto.ClusterTool
 	if err := c.Ctx.ReadJSON(&req); err != nil {
@@ -384,6 +414,8 @@ func (c ClusterController) PostToolDisableBy(clusterName string) (*dto.ClusterTo
 // @Tags clusters
 // @Summary Delete a cluster
 // @Description delete a cluster by name
+// @Param force query string true  "是否强制（true, false）"
+// @Param uninstall query string true  "是否卸载（true, false）"
 // @Accept  json
 // @Produce  json
 // @Security ApiKeyAuth
@@ -402,6 +434,7 @@ func (c ClusterController) DeleteBy(name string) error {
 // @Tags clusters
 // @Summary Import a cluster
 // @Description import a cluster
+// @Param request body dto.ClusterImport true "request"
 // @Accept  json
 // @Produce  json
 // @Security ApiKeyAuth

pkg/controller/system_setting.go

@@ -2,6 +2,7 @@ package controller
 
 import (
 	"errors"
+
 	"github.com/KubeOperator/KubeOperator/pkg/controller/condition"
 
 	"github.com/KubeOperator/KubeOperator/pkg/constant"
@@ -124,6 +125,38 @@ func (s SystemSettingController) PostCheckBy(typeName string) error {
 	return nil
 }
 
+// Change Nexus Password
+// @Tags SystemSetting
+// @Summary Change user password
+// @Description 更新 Nexus 密码
+// @Accept  json
+// @Produce  json
+// @Param request body dto.RepoChangePassword true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Router /settings/registry/change/password [post]
+func (s *SystemSettingController) PostRegistryChangePassword() error {
+	var req dto.RepoChangePassword
+	err := s.Ctx.ReadJSON(&req)
+	if err != nil {
+		return err
+	}
+	validate := validator.New()
+	err = validate.Struct(req)
+	if err != nil {
+		return err
+	}
+	err = s.SystemSettingService.ChangePassword(req)
+	if err != nil {
+		return err
+	}
+
+	operator := s.Ctx.Values().GetString("operator")
+	go kolog.Save(operator, constant.UPDATE_NEXUS_PASSWORD, "-")
+
+	return err
+}
+
 // List Registry
 // @Tags SystemSetting
 // @Summary Show all Registry

pkg/dto/system_registry.go

@@ -35,3 +35,9 @@ type SystemRegistryBatchOp struct {
 	Operation string           `json:"operation" validate:"required"`
 	Items     []SystemRegistry `json:"items" validate:"required"`
 }
+
+type RepoChangePassword struct {
+	ID       string `json:"id"`
+	Password string `json:"password"`
+	Original string `json:"original"`
+}

pkg/router/proxy/prometheus.go

+package proxy
+
+import (
+	"crypto/tls"
+	"fmt"
+	"net/http"
+	"net/http/httputil"
+	"net/url"
+
+	"github.com/KubeOperator/KubeOperator/pkg/constant"
+	"github.com/kataras/iris/v12/context"
+)
+
+func PrometheusProxy(ctx context.Context) {
+	clusterName := ctx.Params().Get("cluster_name")
+	proxyPath := ctx.Params().Get("p")
+	if clusterName == "" {
+		_, _ = ctx.JSON(http.StatusBadRequest)
+		return
+	}
+	endpoint, err := clusterService.GetRouterEndpoint(clusterName)
+	if err != nil {
+		_, _ = ctx.JSON(http.StatusInternalServerError)
+		return
+	}
+	host := fmt.Sprintf(constant.DefaultPrometheusIngress)
+	u, err := url.Parse(fmt.Sprintf("http://%s", endpoint.Address))
+	if err != nil {
+		_, _ = ctx.JSON(http.StatusInternalServerError)
+		return
+	}
+	proxy := httputil.NewSingleHostReverseProxy(u)
+	proxy.Transport = &http.Transport{
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+	}
+	req := ctx.Request()
+	req.Host = host
+	req.URL.Path = proxyPath
+	proxy.ServeHTTP(ctx.ResponseWriter(), req)
+}

pkg/router/proxy/proxy.go

@@ -19,6 +19,7 @@ func RegisterProxy(parent iris.Party) {
 	proxy.Any("/grafana/{cluster_name}/{p:path}", GrafanaProxy)
 	proxy.Any("/grafana/{cluster_name}", GrafanaProxy)
 	proxy.Any("/chartmuseum/{cluster_name}/{p:path}", ChartmuseumProxy)
+	proxy.Any("/prometheus/{cluster_name}/{p:path}", PrometheusProxy)
 	proxy.Any("/dashboard/{cluster_name}/{p:path}", DashboardProxy)
 	proxy.Any("/registry/{cluster_name}/{p:path}", RegistryProxy)
 	proxy.Any("/kubeapps/{cluster_name}/{p:path}", KubeappsProxy)

pkg/service/backup_account.go

@@ -46,11 +46,30 @@ func NewBackupAccountService() BackupAccountService {
 }
 
 func (b backupAccountService) Get(name string) (*dto.BackupAccount, error) {
-	var backupAccountDTO dto.BackupAccount
+	var (
+		backupAccountDTO dto.BackupAccount
+		projectResources []model.ProjectResource
+		clusterResources []model.ClusterResource
+	)
 	mo, err := b.backupAccountRepo.Get(name)
 	if err != nil {
 		return nil, err
 	}
+	if err := db.DB.Where("resource_id = ?", mo.ID).Preload("Project").Find(&projectResources).Error; err != nil {
+		return nil, err
+	}
+	if err := db.DB.Where("resource_id = ?", mo.ID).Preload("Cluster").Find(&clusterResources).Error; err != nil {
+		return nil, err
+	}
+	var projects string
+	for _, pr := range projectResources {
+		projects += (pr.Project.Name + ",")
+	}
+	var clusters string
+	for _, cr := range clusterResources {
+		clusters += (cr.Cluster.Name + ",")
+	}
+
 	vars := make(map[string]interface{})
 	if err := json.Unmarshal([]byte(mo.Credential), &vars); err != nil {
 		return nil, err
@@ -58,6 +77,8 @@ func (b backupAccountService) Get(name string) (*dto.BackupAccount, error) {
 	backupAccountDTO = dto.BackupAccount{
 		CredentialVars: vars,
 		BackupAccount:  *mo,
+		Projects:       projects,
+		Clusters:       clusters,
 	}
 	return &backupAccountDTO, nil
 }

pkg/service/cluster_health.go

@@ -74,7 +74,7 @@ func (c clusterHealthService) HealthCheck(clusterName string) (*dto.ClusterHealt
 	}
 	results := dto.ClusterHealth{Level: StatusError}
 	results.Level = StatusError
-	if clu.Source == constant.ClusterSourceLocal {
+	if clu.Source != constant.ClusterSourceExternal {
 		sshclient, sshResult := checkHostSSHConnected(clu.Cluster)
 		results.Hooks = append(results.Hooks, sshResult)
 		if sshResult.Level == StatusError {

pkg/service/cluster_import.go

@@ -30,6 +30,7 @@ type clusterImportService struct {
 	clusterRepo               repository.ClusterRepository
 	projectRepository         repository.ProjectRepository
 	projectResourceRepository repository.ProjectResourceRepository
+	messageService            MessageService
 }
 
 func NewClusterImportService() *clusterImportService {
@@ -37,6 +38,7 @@ func NewClusterImportService() *clusterImportService {
 		clusterRepo:               repository.NewClusterRepository(),
 		projectRepository:         repository.NewProjectRepository(),
 		projectResourceRepository: repository.NewProjectResourceRepository(),
+		messageService:            NewMessageService(),
 	}
 }
 
@@ -156,6 +158,7 @@ func (c clusterImportService) Import(clusterImport dto.ClusterImport) error {
 				Architecture: node.Architecture,
 			}
 			if err := tx.Create(&host).Error; err != nil {
+				_ = c.messageService.SendMessage(constant.System, false, GetContent(constant.ClusterImport, false, err.Error()), cluster.Name, constant.ClusterImport)
 				tx.Rollback()
 				return err
 			}
@@ -169,6 +172,7 @@ func (c clusterImportService) Import(clusterImport dto.ClusterImport) error {
 			}
 			if err := tx.Create(&node).Error; err != nil {
 				tx.Rollback()
+				_ = c.messageService.SendMessage(constant.System, false, GetContent(constant.ClusterImport, false, err.Error()), cluster.Name, constant.ClusterImport)
 				return err
 			}
 			clusterResource := model.ClusterResource{
@@ -178,6 +182,7 @@ func (c clusterImportService) Import(clusterImport dto.ClusterImport) error {
 			}
 			if err := tx.Create(&clusterResource).Error; err != nil {
 				tx.Rollback()
+				_ = c.messageService.SendMessage(constant.System, false, GetContent(constant.ClusterImport, false, err.Error()), cluster.Name, constant.ClusterImport)
 				return err
 			}
 			projectResource := model.ProjectResource{
@@ -187,18 +192,21 @@ func (c clusterImportService) Import(clusterImport dto.ClusterImport) error {
 			}
 			if err := tx.Create(&projectResource).Error; err != nil {
 				tx.Rollback()
+				_ = c.messageService.SendMessage(constant.System, false, GetContent(constant.ClusterImport, false, err.Error()), cluster.Name, constant.ClusterImport)
 				return err
 			}
 		}
 	} else {
 		if err := gatherClusterInfo(&cluster); err != nil {
 			tx.Rollback()
+			_ = c.messageService.SendMessage(constant.System, false, GetContent(constant.ClusterImport, false, err.Error()), cluster.Name, constant.ClusterImport)
 			return err
 		}
 		for _, node := range cluster.Nodes {
 			node.ClusterID = cluster.ID
 			if err := tx.Create(&node).Error; err != nil {
 				tx.Rollback()
+				_ = c.messageService.SendMessage(constant.System, false, GetContent(constant.ClusterImport, false, err.Error()), cluster.Name, constant.ClusterImport)
 				return fmt.Errorf("can not save node %s", err.Error())
 			}
 		}
@@ -206,6 +214,7 @@ func (c clusterImportService) Import(clusterImport dto.ClusterImport) error {
 
 	if err := tx.Save(&cluster.Spec).Error; err != nil {
 		tx.Rollback()
+		_ = c.messageService.SendMessage(constant.System, false, GetContent(constant.ClusterImport, false, err.Error()), cluster.Name, constant.ClusterImport)
 		return fmt.Errorf("can not update spec %s", err.Error())
 	}
 
@@ -215,10 +224,12 @@ func (c clusterImportService) Import(clusterImport dto.ClusterImport) error {
 	)
 	if err := tx.Where("name = ?", cluster.Spec.Version).Order("created_at ASC").First(&manifest).Error; err != nil {
 		tx.Rollback()
+		_ = c.messageService.SendMessage(constant.System, false, GetContent(constant.ClusterImport, false, err.Error()), cluster.Name, constant.ClusterImport)
 		return fmt.Errorf("can find manifest version: %s", err.Error())
 	}
 	if err := json.Unmarshal([]byte(manifest.ToolVars), &toolVars); err != nil {
 		tx.Rollback()
+		_ = c.messageService.SendMessage(constant.System, false, GetContent(constant.ClusterImport, false, err.Error()), cluster.Name, constant.ClusterImport)
 		return fmt.Errorf("unmarshal manifest.toolvar error %s", err.Error())
 	}
 	for _, tool := range cluster.PrepareTools() {
@@ -231,6 +242,7 @@ func (c clusterImportService) Import(clusterImport dto.ClusterImport) error {
 		tool.ClusterID = cluster.ID
 		if err := tx.Create(&tool).Error; err != nil {
 			tx.Rollback()
+			_ = c.messageService.SendMessage(constant.System, false, GetContent(constant.ClusterImport, false, err.Error()), cluster.Name, constant.ClusterImport)
 			return fmt.Errorf("can not save tool %s", err.Error())
 		}
 	}
@@ -239,6 +251,7 @@ func (c clusterImportService) Import(clusterImport dto.ClusterImport) error {
 		istio.ClusterID = cluster.ID
 		if err := tx.Create(&istio).Error; err != nil {
 			tx.Rollback()
+			_ = c.messageService.SendMessage(constant.System, false, GetContent(constant.ClusterImport, false, err.Error()), cluster.Name, constant.ClusterImport)
 			return fmt.Errorf("can not save istio %s", err.Error())
 		}
 	}
@@ -248,9 +261,11 @@ func (c clusterImportService) Import(clusterImport dto.ClusterImport) error {
 		ResourceType: constant.ResourceCluster,
 	}); err != nil {
 		tx.Rollback()
+		_ = c.messageService.SendMessage(constant.System, false, GetContent(constant.ClusterImport, false, err.Error()), cluster.Name, constant.ClusterImport)
 		return fmt.Errorf("can not create project resource %s", err.Error())
 	}
 	tx.Commit()
+	_ = c.messageService.SendMessage(constant.System, true, GetContent(constant.ClusterImport, true, ""), cluster.Name, constant.ClusterImport)
 
 	hostService := NewHostService()
 	go hostService.SyncList(synchosts)

pkg/service/cluster_tool.go

@@ -12,7 +12,9 @@ import (
 	"github.com/KubeOperator/KubeOperator/pkg/model"
 	"github.com/KubeOperator/KubeOperator/pkg/repository"
 	"github.com/KubeOperator/KubeOperator/pkg/service/cluster/tools"
+	helm2 "github.com/KubeOperator/KubeOperator/pkg/util/helm"
 	kubernetesUtil "github.com/KubeOperator/KubeOperator/pkg/util/kubernetes"
+	appv1 "k8s.io/api/apps/v1"
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
@@ -20,6 +22,7 @@ import (
 type ClusterToolService interface {
 	List(clusterName string) ([]dto.ClusterTool, error)
 	GetNodePort(clusterName, toolName, toolVersion, namespace string) (dto.ClusterTool, error)
+	SyncStatus(clusterName string) ([]dto.ClusterTool, error)
 	Enable(clusterName string, tool dto.ClusterTool) (dto.ClusterTool, error)
 	Upgrade(clusterName string, tool dto.ClusterTool) (dto.ClusterTool, error)
 	Disable(clusterName string, tool dto.ClusterTool) (dto.ClusterTool, error)
@@ -85,6 +88,122 @@ func (c clusterToolService) GetNodePort(clusterName, toolName, toolVersion, name
 	return tool, fmt.Errorf("can't get nodeport %s(%s) from cluster %s", svcName, namespace, clusterName)
 }
 
+func (c clusterToolService) SyncStatus(clusterName string) ([]dto.ClusterTool, error) {
+	var (
+		cluster   model.Cluster
+		tools     []model.ClusterTool
+		backTools []dto.ClusterTool
+	)
+	if err := db.DB.Where("name = ?", clusterName).Preload("Spec").Preload("Secret").Find(&cluster).Error; err != nil {
+		return backTools, err
+	}
+	if err := db.DB.Where("cluster_id = ?", cluster.ID).Find(&tools).Error; err != nil {
+		return backTools, err
+	}
+	kubeClient, err := kubernetesUtil.NewKubernetesClient(&kubernetesUtil.Config{
+		Hosts: []kubernetesUtil.Host{kubernetesUtil.Host(fmt.Sprintf("%s:%d", cluster.Spec.KubeRouter, cluster.Spec.KubeApiServerPort))},
+		Token: cluster.Secret.KubernetesToken,
+	})
+	if err != nil {
+		return backTools, err
+	}
+	var (
+		allDeployments  []appv1.Deployment
+		allStatefulsets []appv1.StatefulSet
+	)
+	namespaceList, err := kubeClient.CoreV1().Namespaces().List(context.Background(), metav1.ListOptions{})
+	if err != nil {
+		return backTools, err
+	}
+	for _, ns := range namespaceList.Items {
+		deployments, err := kubeClient.AppsV1().Deployments(ns.Name).List(context.TODO(), metav1.ListOptions{})
+		if err != nil {
+			return backTools, err
+		}
+		allDeployments = append(allDeployments, deployments.Items...)
+		statefulsets, err := kubeClient.AppsV1().StatefulSets(ns.Name).List(context.TODO(), metav1.ListOptions{})
+		if err != nil {
+			return backTools, err
+		}
+		allStatefulsets = append(allStatefulsets, statefulsets.Items...)
+	}
+	for _, tool := range tools {
+		dtoItem := dto.ClusterTool{
+			ClusterTool: tool,
+			Vars:        map[string]interface{}{},
+		}
+		isEnable := false
+		sourceName := ""
+		sourceType := "deployment"
+		switch tool.Name {
+		case "registry":
+			sourceName = constant.DefaultRegistryDeploymentName
+		case "chartmuseum":
+			sourceName = constant.DefaultChartmuseumDeploymentName
+		case "kubepi":
+			sourceName = constant.DefaultKubePiDeploymentName
+		case "kubeapps":
+			sourceName = constant.DefaultKubeappsDeploymentName
+		case "grafana":
+			sourceName = constant.DefaultGrafanaDeploymentName
+		case "prometheus":
+			sourceName = constant.DefaultPrometheusDeploymentName
+		case "logging":
+			sourceName = constant.DefaultLoggingStateSetsfulName
+			sourceType = "statefulset"
+		case "loki":
+			sourceName = constant.DefaultLokiStateSetsfulName
+			sourceType = "statefulset"
+		}
+		if sourceType == "deployment" {
+			for _, deploy := range allDeployments {
+				if deploy.ObjectMeta.Name == sourceName {
+					if deploy.Status.ReadyReplicas > 0 {
+						isEnable = true
+						tool.Status = constant.StatusRunning
+					} else {
+						tool.Status = constant.StatusWaiting
+					}
+					dtoItem.Vars["namespace"] = deploy.ObjectMeta.Namespace
+					buf, _ := json.Marshal(&dtoItem.Vars)
+					tool.Vars = string(buf)
+					_ = db.DB.Model(&model.ClusterTool{}).Updates(&tool)
+					break
+				}
+			}
+		}
+		if sourceType == "statefulset" {
+			for _, statefulset := range allStatefulsets {
+				if statefulset.ObjectMeta.Name == sourceName {
+					if statefulset.Status.ReadyReplicas > 0 {
+						isEnable = true
+						tool.Status = constant.StatusRunning
+					} else {
+						tool.Status = constant.StatusWaiting
+					}
+					dtoItem.Vars["namespace"] = statefulset.ObjectMeta.Namespace
+					buf, _ := json.Marshal(&dtoItem.Vars)
+					tool.Vars = string(buf)
+					_ = db.DB.Model(&model.ClusterTool{}).Updates(&tool)
+					break
+				}
+			}
+		}
+		if !isEnable {
+			if tool.Status != constant.StatusWaiting {
+				tool.Status = constant.StatusWaiting
+				_ = db.DB.Model(&model.ClusterTool{}).Updates(&tool)
+			}
+		}
+		dtoItem.ClusterTool = tool
+		backTools = append(backTools, dtoItem)
+	}
+
+	var h helm2.Client
+	err = h.SyncRepoCharts(cluster.Spec.Architectures)
+	return backTools, err
+}
+
 func (c clusterToolService) Disable(clusterName string, tool dto.ClusterTool) (dto.ClusterTool, error) {
 	cluster, hosts, err := c.getBaseParams(clusterName)
 	if err != nil {

pkg/service/cluster_upgrade.go

@@ -47,7 +47,7 @@ func (c *clusterUpgradeService) Upgrade(upgrade dto.ClusterUpgrade) error {
 	if err != nil {
 		return fmt.Errorf("can not get cluster %s error %s", upgrade.ClusterName, err.Error())
 	}
-	if !(cluster.Source == constant.ClusterSourceLocal) {
+	if cluster.Source == constant.ClusterSourceExternal {
 		return errors.New("CLUSTER_IS_NOT_LOCAL")
 	}
 	if cluster.Status != constant.StatusRunning && cluster.Status != constant.StatusFailed {

pkg/service/system_setting.go

@@ -35,6 +35,7 @@ type SystemSettingService interface {
 	UpdateRegistry(arch string, creation dto.SystemRegistryUpdate) (*dto.SystemRegistry, error)
 	BatchRegistry(op dto.SystemRegistryBatchOp) error
 	DeleteRegistry(id string) error
+	ChangePassword(repo dto.RepoChangePassword) error
 }
 
 type systemSettingService struct {
@@ -285,8 +286,7 @@ func (s systemSettingService) UpdateRegistry(arch string, creation dto.SystemReg
 		RegistryHostedPort: creation.RegistryHostedPort,
 		NexusPassword:      creation.NexusPassword,
 	}
-	err := s.systemRegistryRepo.Save(&systemRegistry)
-	if err != nil {
+	if err := s.systemRegistryRepo.Save(&systemRegistry); err != nil {
 		return nil, err
 	}
 	return &dto.SystemRegistry{SystemRegistry: systemRegistry}, nil
@@ -315,3 +315,36 @@ func (s systemSettingService) DeleteRegistry(id string) error {
 	}
 	return nil
 }
+
+func (u *systemSettingService) ChangePassword(ch dto.RepoChangePassword) error {
+	repo, err := u.GetRegistryByID(ch.ID)
+	if err != nil {
+		return err
+	}
+	success, err := validateOldPassword(repo, ch.Original)
+	if err != nil {
+		return err
+	}
+	if !success {
+		return errOriginalNotMatch
+	}
+	repo.NexusPassword, err = encrypt.StringEncrypt(ch.Password)
+	if err != nil {
+		return err
+	}
+	if err := db.DB.Model(&model.SystemRegistry{}).Where("id = ?", repo.ID).Update(map[string]interface{}{"nexus_password": repo.NexusPassword}).Error; err != nil {
+		return err
+	}
+	return err
+}
+
+func validateOldPassword(repo dto.SystemRegistry, password string) (bool, error) {
+	oldPassword, err := encrypt.StringDecrypt(repo.NexusPassword)
+	if err != nil {
+		return false, err
+	}
+	if oldPassword != password {
+		return false, err
+	}
+	return true, err
+}

pkg/util/helm/helm.go

@@ -43,6 +43,7 @@ type Interface interface {
 	Uninstall(name string) (*release.UninstallReleaseResponse, error)
 	List() ([]*release.Release, error)
 	GetRepoIP(arch string) (string, string, int, int, error)
+	SyncRepoCharts(arch string) error
 }
 
 type Config struct {
@@ -176,6 +177,7 @@ func GetSettings() *cli.EnvSettings {
 
 }
 
+// 每次启用或升级的时候执行，存在 nexus 则不采取操作
 func updateRepo(arch string) error {
 	repos, err := ListRepo()
 	if err != nil {
@@ -189,70 +191,47 @@ func updateRepo(arch string) error {
 		}
 	}
 	if !flag {
-		r := repository.NewSystemSettingRepository()
-		p, err := r.Get("REGISTRY_PROTOCOL")
-		if err != nil {
-			return fmt.Errorf("load system repo failed: %v", err)
-		}
-		var c Client
-		repoIP, nexusPsw, repoPort, _, err := c.GetRepoIP(arch)
-		if err != nil {
-			return fmt.Errorf("load system repo of arch %s failed: %v", arch, err)
-		}
-		url := fmt.Sprintf("%s://%s:%d/repository/applications", p.Value, repoIP, repoPort)
-		err = addRepo("nexus", url, "admin", nexusPsw)
-		if err != nil {
-			return fmt.Errorf("add helm repo %s failed: %v", url, err)
-		}
-		logger.Log.Infof("my nexus addr is %s", url)
-	}
-	settings := GetSettings()
-	repoFile := settings.RepositoryConfig
-	repoCache := settings.RepositoryCache
-	f, err := repo.LoadFile(repoFile)
-	if err != nil {
-		return fmt.Errorf("load file of repo %s failed: %v", repoFile, err)
-	}
-	var rps []*repo.ChartRepository
-	for _, cfg := range f.Repositories {
-		r, err := repo.NewChartRepository(cfg, getter.All(settings))
-		if err != nil {
+		if err := addRepo(arch); err != nil {
 			return err
 		}
-		if repoCache != "" {
-			r.CachePath = repoCache
+		if err := updateCharts(); err != nil {
+			return err
 		}
-		rps = append(rps, r)
 	}
-	updateCharts(rps)
 	return nil
 }
 
-func updateCharts(repos []*repo.ChartRepository) {
-	logger.Log.Debug("Hang tight while we grab the latest from your chart repositories...")
-	var wg sync.WaitGroup
-	for _, re := range repos {
-		wg.Add(1)
-		go func(re *repo.ChartRepository) {
-			defer wg.Done()
-			if _, err := re.DownloadIndexFile(); err != nil {
-				logger.Log.Debugf("...Unable to get an update from the %q chart repository (%s):\n\t%s\n", re.Config.Name, re.Config.URL, err)
-			} else {
-				logger.Log.Debugf("...Successfully got an update from the %q chart repository\n", re.Config.Name)
-			}
-		}(re)
+func (c Client) SyncRepoCharts(arch string) error {
+	if err := addRepo(arch); err != nil {
+		return err
 	}
-	wg.Wait()
-	logger.Log.Debugf("Update Complete. ⎈ Happy Helming!⎈ ")
+	if err := updateCharts(); err != nil {
+		return err
+	}
+	return nil
 }
 
-func addRepo(name string, url string, username string, password string) error {
+func addRepo(arch string) error {
+	username := "admin"
+	name := "nexus"
+	repository := repository.NewSystemSettingRepository()
+	p, err := repository.Get("REGISTRY_PROTOCOL")
+	if err != nil {
+		return fmt.Errorf("load system repo failed: %v", err)
+	}
+	var c Client
+	repoIP, password, repoPort, _, err := c.GetRepoIP(arch)
+	if err != nil {
+		return fmt.Errorf("load system repo of arch %s failed: %v", arch, err)
+	}
+	url := fmt.Sprintf("%s://%s:%d/repository/applications", p.Value, repoIP, repoPort)
+	logger.Log.Infof("my helm repo url is %s", url)
+
 	settings := GetSettings()
 
 	repoFile := settings.RepositoryConfig
 
-	err := os.MkdirAll(filepath.Dir(repoFile), os.ModePerm)
-	if err != nil && !os.IsExist(err) {
+	if err := os.MkdirAll(filepath.Dir(repoFile), os.ModePerm); err != nil && !os.IsExist(err) {
 		return err
 	}
 
@@ -281,10 +260,6 @@ func addRepo(name string, url string, username string, password string) error {
 		return err
 	}
 
-	if f.Has(name) {
-		return errors.Errorf("repository name (%s) already exists, please specify a different name", name)
-	}
-
 	e := repo.Entry{
 		Name:                  name,
 		URL:                   url,
@@ -310,6 +285,44 @@ func addRepo(name string, url string, username string, password string) error {
 	return nil
 }
 
+func updateCharts() error {
+	logger.Log.Debug("Hang tight while we grab the latest from your chart repositories...")
+	settings := GetSettings()
+	repoFile := settings.RepositoryConfig
+	repoCache := settings.RepositoryCache
+	f, err := repo.LoadFile(repoFile)
+	if err != nil {
+		return fmt.Errorf("load file of repo %s failed: %v", repoFile, err)
+	}
+	var rps []*repo.ChartRepository
+	for _, cfg := range f.Repositories {
+		r, err := repo.NewChartRepository(cfg, getter.All(settings))
+		if err != nil {
+			return fmt.Errorf("get new chart repository failed, err: %v", err.Error())
+		}
+		if repoCache != "" {
+			r.CachePath = repoCache
+		}
+		rps = append(rps, r)
+	}
+
+	var wg sync.WaitGroup
+	for _, re := range rps {
+		wg.Add(1)
+		go func(re *repo.ChartRepository) {
+			defer wg.Done()
+			if _, err := re.DownloadIndexFile(); err != nil {
+				logger.Log.Debugf("...Unable to get an update from the %q chart repository (%s):\n\t%s\n", re.Config.Name, re.Config.URL, err)
+			} else {
+				logger.Log.Debugf("...Successfully got an update from the %q chart repository\n", re.Config.Name)
+			}
+		}(re)
+	}
+	wg.Wait()
+	logger.Log.Debugf("Update Complete. ⎈ Happy Helming!⎈ ")
+	return nil
+}
+
 func (c Client) GetRepoIP(arch string) (string, string, int, int, error) {
 	var repo model.SystemRegistry
 	switch arch {
@@ -322,16 +335,7 @@ func (c Client) GetRepoIP(arch string) (string, string, int, int, error) {
 			return repo.Hostname, repo.NexusPassword, repo.RepoPort, repo.RegistryPort, fmt.Errorf("decrypt password %s failed, err: %v", p, err)
 		}
 		return repo.Hostname, p, repo.RepoPort, repo.RegistryPort, nil
-	case "arm64":
-		if err := db.DB.Where("architecture = ?", constant.ArchitectureOfARM64).First(&repo).Error; err != nil {
-			return "", "", 0, 0, err
-		}
-		p, err := encrypt.StringDecrypt(repo.NexusPassword)
-		if err != nil {
-			return repo.Hostname, repo.NexusPassword, repo.RepoPort, repo.RegistryPort, fmt.Errorf("decrypt password %s failed, err: %v", p, err)
-		}
-		return repo.Hostname, p, repo.RepoPort, repo.RegistryPort, nil
-	case "all":
+	case "arm64", "all":
 		if err := db.DB.Where("architecture = ?", constant.ArchitectureOfARM64).First(&repo).Error; err != nil {
 			return "", "", 0, 0, err
 		}