✨ [2025-02-20] 添加 Metersphere SSO 接入指南

2025-02-20 17:17:54 +08:00 · 2025-02-20 17:17:54 +08:00 · 751b651627
commit 751b651627
parent ae1e9444eb
2 changed files with 213 additions and 0 deletions
--- a/教程/20250220-Metersphere安装及SSO接入指南.md
+++ b/教程/20250220-Metersphere安装及SSO接入指南.md
@ -0,0 +1,213 @@
+<!-- Space: qifu -->
+<!-- Parent: 后端技术&知识&规范 -->
+<!-- Parent: 技术方案 -->
+<!-- Parent: 基建 -->
+<!-- Parent: 03-接入指南 -->
+<!-- Title: 20250220-Metersphere安装及SSO接入指南 -->
+
+<!-- Macro: :anchor\((.*)\):
+     Template: ac:anchor
+     Anchor: ${1} -->
+<!-- Macro: \!\[.*\]\((.+)\)\<\!\-\- width=(.*) \-\-\>
+     Template: ac:image
+     Url: ${1}
+     Width: ${2} -->
+<!-- Macro: \<\!\-\- :toc: \-\-\>
+     Template: ac:toc
+     Printable: 'false'
+     MinLevel: 2 
+     MaxLevel: 4 -->
+<!-- Include: 杂项/声明文件.md -->
+
+<!-- Attachment: ../材料/app.zip -->
+
+<!-- :toc: -->
+
+# Metersphere 安装及 SSO 接入指南
+
+## Metersphere 安装启动
+
+- 可以参考：https://metersphere.io/docs/v3.x/installation/offline_installation/
+
+### 下载离线安装包
+
+- 下载地址：https://community.fit2cloud.com/#/products/metersphere/downloads
+- 版本：v3.6.1-lts
+
+### 解压安装包
+
+```shell
+# 解压安装包
+tar zxvf metersphere-offline-installer-v3.6.1-lts.tar.gz 
+```
+
+### 执行安装脚本
+
+```shell
+# 进入安装包目录
+cd metersphere-offline-installer-v3.x.y
+# 运行安装脚本
+/bin/bash install.sh
+```
+
+### 访问并登录
+
+- URL: http://服务器IP:8081
+- 用户名: admin
+- 初始密码: metersphere
+
+## Metersphere OIDC 配置
+
+### 获取源码
+
+```shell
+git clone -b v3.6.1-lts --depth 1 https://github.com/metersphere/metersphere.git
+```
+
+### 添加代码
+
+- `backend/app` 下
+- 将附件 [app.zip](../材料/app.zip) 中的增量代码拷贝到对应目录
+- 编译 `backend/app`
+    - Maven `settings.xml` 添加 mirror
+    - ```xml
+      <mirror><id>nexus</id><name>this is my nexus</name><url>https://repository.fit2cloud.com/content/groups/public/</url><mirrorOf>*</mirrorOf></mirror>
+      ```
+    - 进入目录 `backend/app` 执行 `mvn clean compile`
+
+### 将新增的文件加入镜像
+
+#### 解压 `metersphere-offline-installer-v3.6.1-lts/images/metersphere.tar`
+
+```shell
+cd metersphere-offline-installer-v3.6.1-lts/images/
+mkdir ./metersphere
+tar zvf metersphere.tar -C ./metersphere
+```
+
+#### 进入 Metersphere 源码层
+
+```shell
+cd ./metersphere/8b79e2bdad1b9e90a7a5a44478c8b82a59d72e628f65b00cb7d9e77476910762/
+
+tar zvf layer.tar
+
+cd /metersphere/io/metersphere/
+```
+
+#### 拷贝 class 到刚刚的目录
+
+- 拷贝 `target/classes/io/metersphere/exclude` 文件夹
+- 拷贝 `target/classes/io/metersphere/keycloak` 文件夹
+
+### 重新打包镜像
+
+#### 重新生成 layer.tar
+
+- 回到 `8b79e2bdad1b9e90a7a5a44478c8b82a59d72e628f65b00cb7d9e77476910762` 目录
+- ```shell
+  tar cvf layer.tar ./metersphere
+
+  rm -rf metersphere
+  ```
+
+#### 重新生成镜像包
+
+- 回到 `metersphere-offline-installer-v3.6.1-lts/images/` 目录
+- ```shell
+  #!/bin/bash
+  
+  echo "into folder"
+  cd ./metersphere
+  
+  echo "tar metersphere.tar"
+  tar cvf metersphere.tar *
+  
+  echo "out folder"
+  cd ../
+
+  echo "replace metersphere.tar"
+  mv ./metersphere/metersphere.tar ./
+  ```
+
+### 替换 sha256
+
+#### 获取 新的 sha256
+
+```shell
+docker images -a | grep metersphere-ce
+
+#- 移除已有镜像
+docker rmi registry.fit2cloud.com/metersphere/metersphere-ce:v3.6.1-lts
+
+#- 获取错误
+docker load -i metersphere.tar
+```
+
+#### 替换 sha256
+
+- 新建脚本 `replace.sh`
+
+```shell
+#!/bin/bash
+old=$1
+new=$2
+
+echo "old sha: $old, new sha: $new"
+sed -i -E "s@${old}@${new}@g" ./metersphere/4873db853f2435741102f62cfd03cf0fb59f36df4e1467f3ad0e16582894d195.json
+```
+
+- 执行脚本
+
+```shell
+bash replace.sh oldsha newsha
+```
+
+- 重新生成 metersphere.tar
+  参考 [重新生成 metersphere.tar](#重新生成镜像包)
+
+### 替换旧镜像
+
+```shell
+docker images -a | grep metersphere-ce
+
+#- 移除已有镜像
+docker rmi registry.fit2cloud.com/metersphere/metersphere-ce:v3.6.1-lts
+
+#- 获取错误
+docker load -i metersphere.tar
+```
+
+### 重启服务
+
+```shell
+msctl down -v
+
+msctl up -d --remove-orphans
+```
+
+### 数据库添加认证源
+
+```sql
+INSERT INTO `metersphere`.`auth_source` (`id`, `configuration`, `enable`, `create_time`, `update_time`, `description`,
+                                         `name`, `type`)
+VALUES ('metersphere',
+        0x7B22636C69656E744964223A226D65746572737068657265222C22736563726574223A22387566514636387A6F4869514739676D456D434A4776755939554F644D513769222C22726564697265637455726C223A22687474703A2F2F6C6F63616C2E6D657465727370686572652E636F6D2F73736F2F63616C6C6261636B2F6B6579636C6F616B222C226175746855726C223A22687474703A2F2F6B6579636C6F616B2E716966752E636F6D2F7265616C6D732F6B657966696C2F70726F746F636F6C2F6F70656E69642D636F6E6E6563742F61757468222C22746F6B656E55726C223A22687474703A2F2F6B6579636C6F616B2E716966752E636F6D2F7265616C6D732F6B657966696C2F70726F746F636F6C2F6F70656E69642D636F6E6E6563742F746F6B656E222C2275736572496E666F55726C223A22687474703A2F2F6B6579636C6F616B2E716966752E636F6D2F7265616C6D732F6B657966696C2F70726F746F636F6C2F6F70656E69642D636F6E6E6563742F75736572696E666F222C226D617070696E67223A227B5C227573657269645C223A5C227375625C222C5C22757365726E616D655C223A5C227072656665727265645F757365726E616D655C222C5C22656D61696C5C223A5C22656D61696C5C227D227D,
+        b'1', 0, 100, '企业微信登录', '企业微信', 'OIDC');
+
+
+UPDATE auth_source
+SET configuration = '{\"clientId\":\"metersphere\",\"secret\":\"8ufQF68zoHiQG9gmEmCJGvuY9UOdMQ7i\",\"redirectUrl\":\"http://metersphere.xxx.com/sso/callback/keycloak\",\"authUrl\":\"http://keycloak.xxx.com/realms/keyfil/protocol/openid-connect/auth\",\"tokenUrl\":\"http://keycloak.xxx.com/realms/keyfil/protocol/openid-connect/token\",\"userInfoUrl\":\"http://keycloak.xxx.com/realms/keyfil/protocol/openid-connect/userinfo\",\"mapping\":\"{\\\"userid\\\":\\\"sub\\\",\\\"username\\\":\\\"preferred_username\\\",\\\"email\\\":\\\"email\\\"}\"}'
+WHERE id = 'metersphere';
+```
+
+- 替换 configuration 中的信息
+    - `clientId`
+    - `secret`
+    - `redirectUrl`
+    - `authUrl`
+    - `tokenUrl`
+    - `userInfoUrl`
+
+### 测试
+
--- a/材料/app.zip
+++ b/材料/app.zip