Merge pull request #964 from pikasTech/fix/sub2api-codex-pool-validate-target-sentinel-scope
修复 codex-pool validate 按 target sentinel 范围校验
This commit is contained in:
@@ -31,6 +31,7 @@ export function remotePythonScript(mode: "sync" | "validate" | "trace" | "cleanu
|
||||
set -u
|
||||
python3 - <<'PY'
|
||||
import base64
|
||||
import hashlib
|
||||
import json
|
||||
import re
|
||||
import secrets
|
||||
@@ -1022,6 +1023,16 @@ def safe_kube_json(args, label):
|
||||
return None, {"label": label, "exitCode": proc.returncode, "error": str(exc), "stdoutTail": text(proc.stdout, 1000)}
|
||||
|
||||
def sentinel_runtime_status():
|
||||
if not TARGET_SENTINEL_ENABLED:
|
||||
return {
|
||||
"ok": True,
|
||||
"action": "skipped-target-disabled",
|
||||
"desired": {
|
||||
"monitorEnabled": SENTINEL_CONFIG.get("monitor", {}).get("enabled"),
|
||||
"actionsEnabled": SENTINEL_CONFIG.get("actions", {}).get("enabled"),
|
||||
},
|
||||
"valuesPrinted": False,
|
||||
}
|
||||
cfg = SENTINEL_CONFIG
|
||||
cronjob_name = cfg.get("cronJobName")
|
||||
secret_name = cfg.get("credentialsSecretName")
|
||||
@@ -2349,6 +2360,9 @@ def api_key_preview(api_key):
|
||||
return "***"
|
||||
return api_key[:10] + "..." + api_key[-4:]
|
||||
|
||||
def secret_fingerprint(value):
|
||||
return "sha256:" + hashlib.sha256(value.encode("utf-8")).hexdigest()[:16]
|
||||
|
||||
def run_sync():
|
||||
global MANUAL_ACCOUNT_PROTECTIONS
|
||||
payload = json.loads(base64.b64decode(PAYLOAD_B64).decode("utf-8"))
|
||||
@@ -2427,7 +2441,7 @@ def run_sync():
|
||||
"sub2apiId": api_key_result["id"],
|
||||
"groupId": api_key_result["groupId"],
|
||||
"userId": api_key_result["userId"],
|
||||
"keyPreview": api_key_preview(api_key),
|
||||
"apiKeyFingerprint": secret_fingerprint(api_key),
|
||||
"valuesPrinted": False,
|
||||
},
|
||||
"ownerBalance": owner_balance,
|
||||
@@ -2473,7 +2487,7 @@ def run_validate():
|
||||
"sub2apiId": key_item.get("id") if isinstance(key_item, dict) else None,
|
||||
"userId": key_item.get("user_id") if isinstance(key_item, dict) else None,
|
||||
"groupId": key_item.get("group_id") if isinstance(key_item, dict) else None,
|
||||
"keyPreview": api_key_preview(api_key),
|
||||
"apiKeyFingerprint": secret_fingerprint(api_key),
|
||||
"valuesPrinted": False,
|
||||
},
|
||||
"ownerBalance": owner_balance,
|
||||
|
||||
Reference in New Issue
Block a user