From 751b651627066c8b95e9253cd25ef018ada467da Mon Sep 17 00:00:00 2001 From: liuxiaohua Date: Thu, 20 Feb 2025 17:17:54 +0800 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20[2025-02-20]=20=E6=B7=BB=E5=8A=A0?= =?UTF-8?q?=20Metersphere=20SSO=20=E6=8E=A5=E5=85=A5=E6=8C=87=E5=8D=97?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- 教程/20250220-Metersphere安装及SSO接入指南.md | 213 ++++++++++++++++++ 材料/app.zip | Bin 0 -> 9669 bytes 2 files changed, 213 insertions(+) create mode 100644 教程/20250220-Metersphere安装及SSO接入指南.md create mode 100644 材料/app.zip diff --git a/教程/20250220-Metersphere安装及SSO接入指南.md b/教程/20250220-Metersphere安装及SSO接入指南.md new file mode 100644 index 0000000..cd993e9 --- /dev/null +++ b/教程/20250220-Metersphere安装及SSO接入指南.md @@ -0,0 +1,213 @@ + + + + + + + + + + + + + + + + +# Metersphere 安装及 SSO 接入指南 + +## Metersphere 安装启动 + +- 可以参考:https://metersphere.io/docs/v3.x/installation/offline_installation/ + +### 下载离线安装包 + +- 下载地址:https://community.fit2cloud.com/#/products/metersphere/downloads +- 版本:v3.6.1-lts + +### 解压安装包 + +```shell +# 解压安装包 +tar zxvf metersphere-offline-installer-v3.6.1-lts.tar.gz +``` + +### 执行安装脚本 + +```shell +# 进入安装包目录 +cd metersphere-offline-installer-v3.x.y +# 运行安装脚本 +/bin/bash install.sh +``` + +### 访问并登录 + +- URL: http://服务器IP:8081 +- 用户名: admin +- 初始密码: metersphere + +## Metersphere OIDC 配置 + +### 获取源码 + +```shell +git clone -b v3.6.1-lts --depth 1 https://github.com/metersphere/metersphere.git +``` + +### 添加代码 + +- `backend/app` 下 +- 将附件 [app.zip](../材料/app.zip) 中的增量代码拷贝到对应目录 +- 编译 `backend/app` + - Maven `settings.xml` 添加 mirror + - ```xml + nexusthis is my nexushttps://repository.fit2cloud.com/content/groups/public/* + ``` + - 进入目录 `backend/app` 执行 `mvn clean compile` + +### 将新增的文件加入镜像 + +#### 解压 `metersphere-offline-installer-v3.6.1-lts/images/metersphere.tar` + +```shell +cd metersphere-offline-installer-v3.6.1-lts/images/ +mkdir ./metersphere +tar zvf metersphere.tar -C ./metersphere +``` + +#### 进入 Metersphere 源码层 + +```shell +cd ./metersphere/8b79e2bdad1b9e90a7a5a44478c8b82a59d72e628f65b00cb7d9e77476910762/ + +tar zvf layer.tar + +cd /metersphere/io/metersphere/ +``` + +#### 拷贝 class 到刚刚的目录 + +- 拷贝 `target/classes/io/metersphere/exclude` 文件夹 +- 拷贝 `target/classes/io/metersphere/keycloak` 文件夹 + +### 重新打包镜像 + +#### 重新生成 layer.tar + +- 回到 `8b79e2bdad1b9e90a7a5a44478c8b82a59d72e628f65b00cb7d9e77476910762` 目录 +- ```shell + tar cvf layer.tar ./metersphere + + rm -rf metersphere + ``` + +#### 重新生成镜像包 + +- 回到 `metersphere-offline-installer-v3.6.1-lts/images/` 目录 +- ```shell + #!/bin/bash + + echo "into folder" + cd ./metersphere + + echo "tar metersphere.tar" + tar cvf metersphere.tar * + + echo "out folder" + cd ../ + + echo "replace metersphere.tar" + mv ./metersphere/metersphere.tar ./ + ``` + +### 替换 sha256 + +#### 获取 新的 sha256 + +```shell +docker images -a | grep metersphere-ce + +#- 移除已有镜像 +docker rmi registry.fit2cloud.com/metersphere/metersphere-ce:v3.6.1-lts + +#- 获取错误 +docker load -i metersphere.tar +``` + +#### 替换 sha256 + +- 新建脚本 `replace.sh` + +```shell +#!/bin/bash +old=$1 +new=$2 + +echo "old sha: $old, new sha: $new" +sed -i -E "s@${old}@${new}@g" ./metersphere/4873db853f2435741102f62cfd03cf0fb59f36df4e1467f3ad0e16582894d195.json +``` + +- 执行脚本 + +```shell +bash replace.sh oldsha newsha +``` + +- 重新生成 metersphere.tar + 参考 [重新生成 metersphere.tar](#重新生成镜像包) + +### 替换旧镜像 + +```shell +docker images -a | grep metersphere-ce + +#- 移除已有镜像 +docker rmi registry.fit2cloud.com/metersphere/metersphere-ce:v3.6.1-lts + +#- 获取错误 +docker load -i metersphere.tar +``` + +### 重启服务 + +```shell +msctl down -v + +msctl up -d --remove-orphans +``` + +### 数据库添加认证源 + +```sql +INSERT INTO `metersphere`.`auth_source` (`id`, `configuration`, `enable`, `create_time`, `update_time`, `description`, + `name`, `type`) +VALUES ('metersphere', + 0x7B22636C69656E744964223A226D65746572737068657265222C22736563726574223A22387566514636387A6F4869514739676D456D434A4776755939554F644D513769222C22726564697265637455726C223A22687474703A2F2F6C6F63616C2E6D657465727370686572652E636F6D2F73736F2F63616C6C6261636B2F6B6579636C6F616B222C226175746855726C223A22687474703A2F2F6B6579636C6F616B2E716966752E636F6D2F7265616C6D732F6B657966696C2F70726F746F636F6C2F6F70656E69642D636F6E6E6563742F61757468222C22746F6B656E55726C223A22687474703A2F2F6B6579636C6F616B2E716966752E636F6D2F7265616C6D732F6B657966696C2F70726F746F636F6C2F6F70656E69642D636F6E6E6563742F746F6B656E222C2275736572496E666F55726C223A22687474703A2F2F6B6579636C6F616B2E716966752E636F6D2F7265616C6D732F6B657966696C2F70726F746F636F6C2F6F70656E69642D636F6E6E6563742F75736572696E666F222C226D617070696E67223A227B5C227573657269645C223A5C227375625C222C5C22757365726E616D655C223A5C227072656665727265645F757365726E616D655C222C5C22656D61696C5C223A5C22656D61696C5C227D227D, + b'1', 0, 100, '企业微信登录', '企业微信', 'OIDC'); + + +UPDATE auth_source +SET configuration = '{\"clientId\":\"metersphere\",\"secret\":\"8ufQF68zoHiQG9gmEmCJGvuY9UOdMQ7i\",\"redirectUrl\":\"http://metersphere.xxx.com/sso/callback/keycloak\",\"authUrl\":\"http://keycloak.xxx.com/realms/keyfil/protocol/openid-connect/auth\",\"tokenUrl\":\"http://keycloak.xxx.com/realms/keyfil/protocol/openid-connect/token\",\"userInfoUrl\":\"http://keycloak.xxx.com/realms/keyfil/protocol/openid-connect/userinfo\",\"mapping\":\"{\\\"userid\\\":\\\"sub\\\",\\\"username\\\":\\\"preferred_username\\\",\\\"email\\\":\\\"email\\\"}\"}' +WHERE id = 'metersphere'; +``` + +- 替换 configuration 中的信息 + - `clientId` + - `secret` + - `redirectUrl` + - `authUrl` + - `tokenUrl` + - `userInfoUrl` + +### 测试 + diff --git a/材料/app.zip b/材料/app.zip new file mode 100644 index 0000000000000000000000000000000000000000..10558c4f008ddcd08cb8dfff30b25f1d4b566198 GIT binary patch literal 9669 zcmbta1yt1A*Bua~ySp1{>F#cju3=~x7=}h#8bm@$KuS796p%*57(hUzJ49L(5XldH zPv02tso(#%)-Vj~-m~{TXWx4d=Zv=61tdbir^h-%-{kWzfB!)G^fz~RZtbrl%)T3e z`u7M=2=G5fVZn`ZwRUv-kD>VA4|THkw*HUtL_Zzx2!@*y@*QWof1Bb8f`TBP?hYUb z2yXiKOJ@6>=^$UAi5iK#`-2SYby%u2mpX8A^@QACuS7vW!&9e9D&wQN3fe5 z*bNHug{rtYLLIGL9Q{EMu1`)%(Ct&bz>C|)y&<+VM*Og9uRyNG(a^y>4UX91Svv8F?$Hn-Wl2QRp1^KdL_zz7^W2!ug)My%|HNOp$OXktV73N@2rZa!KQ zN+n|T1WFGwkVxo=gjphuU8AJO^RyML6DP!UV8RvLP_C`TQhll^&ZJCT&YB}547sw~ z;TDA!n$pNl7o+6X);tj%{bOz`(YDU-jR{NHF${`4!b*Vg+?c%o*t!XoLDyR3G{{Nt zsJPQ^)b{;_FLM4XC{outo>H9$#O7S>GJh5neLr`Q!e5bAbaXiv&*wl?>G!$4l*VmS zdM*|ZsjKidMMt46Ry8PQ)pab26q^`xw$I+HzTez`y?iP!Scd|39YiV_pot=hJ7m^{(zbLJS2$jwYv~qWLQR7j z&`6Ln#o!I5@DF)xAF|7@W@PAlk||{|yOcunplNlC+Cw(gew>w9tQFY;b*w@;Z_oSq&$ zfR%R7iRa7kPwJ5)y->VWZlUOTZ=TPpw)x(Xuk*_4NTGfIL-Q&D;`gP7LzNu9fH(p< zehVPg6fVfYYT9$_5ZNqYKg6+5?j{&a=aGd-5fL$QdnL^{qNsj4B0$AkXWfv-MXMq| zR4lOBg4VL)p{8=G+6C_0d+&;_P6T@T1`ezy6;E>%reuuEJ?W|=dSRKVsZF1|JsL+Z zjtE9uT6q=6q_5r>pL%8SuDs6j#%p=;sP`(a1g9nYMF+2X?H&rRxenNhkP;q*m|X19 zjU$L@EJD0Bye~T97~I~CiO)2SYbZKB`JvVY`+fwgrU`ReWd4<-bsN$qj7Ni1JEX|e zJdQ?c1+!Qht67%y>(s}`2;XXNQ3K@}&bjvdkO2VA|51C|U{9zv1PlaudV>EJqF$%w zq%>};={u=-;c+|<*4FyiB-GASRo7_zBI?1OTw#t4b7${#Mp?5-HL1d=nShOaOTFP2 zZzePsk#td`B{mWj`N6ZjEzgXh&+w7B!Z9x=KW9-Uo#Ry1h<6?JpvqlN7Eo42Od}w9 zmSGgBr;^@@nyKBX;}LZa)w8eI0epkk?#4|49D24MakPiaz~}_sRH5D z4PFysdSa(?X4Q<>>1rnH>eyx&vXKfW_GPq`HHj)~ww+w7h@tT}`;d_FUy{m28ZzE> zZ6><}^JgDD;@=l+4pjwmlz$jSTbK|BgucY$ok6@Ud3Gg!*5V>}405rx+*St{Q)6>i zm!&~hpXC?n0RZ1$Y3#ovJ!g;~&;@Mm{2x~%*B{xjh5mC(qXKZC`X=vc)WW#Vw?p{( zc2NFfTWWt3l<|T(=z+Z;K#(rTMoA zFZjluCEnXiT+{e5cJg+YJ*wxkB6+3gjb^EA= zre!?Z7hx5l05R&eOnE5|zB{0qnt-vRjd;%{-{`hAV^JHsUQkHF9ZV@FsQ?qLiec>4 zJ?Vu_F(ce-Xe+V=8pv0O=k&rREofxl2}Q=#G9b1n3S=^wRU5`3>no&k)Vk56vN$fG zJ}rLG);&wB_~Dv-eAboJ=r+0-W1TI8@~Yu2uBzdiZnK^v%QpGe1V#$BqVfJuf%0s- zzB3zF)toRGBpf=4$s5^|P85>e2(U`4n3g5vPY$n@+z`;wBx#6MUDPV{J-AGr$V}6g z&Yn((6JaGSjHoG!`A&JK`O(1!H1O^F)4ZTPOJphTTkL++`m8~LQu7@~=CN>`RJ$c$pjn5@%6}Im>d!ApmD@g@eJsj8 zEsOsEGi?rxN>fRX_NXeAs9_`zENHs!JX*4cv^|u2V`&J<&N2i;ae=F>mo!wsD&q0Y;gKmk{SN(SfsWDLx8!SQ&Me z`VE%a=#4OZ7~A-wsOoPVz|x-I+BsCz%ZVzKu}d5FIl8T0k~*DWs#X%u2$h)-X=|yq zLz*Be=vC86`>0Fb~FaBnF@O7Vj(c`Cl4FYy?`8z#G(}%fD z^5C|hyp_Ub*H(6w6_Xy2!xU0UxP5uzw#?Kn`M^?-A!Eu~a@`{F$%pF75+W&GYM1JI zepn6_J02gto>l(5r+bKCCIaGhD<&XALC{L6Ct*K9xZ4%Kg+W=3?ob-LZPJZsp%aJWj3u6>dt^{v~1=6G!5r*SuRAU0( zmgOBB&X@Z=Xz zgH`7-F^&WHKN_`7Ja_lKX*GS^Uta(rf?+|;*Xq;bUe+sZXfw>QJ<4}{;MKlC4j zd7lKlE1|J%rn3&R4Gc<3VPsGkKBApPLQ8xd)6cKV6wlRF5i;w+4m~h!G&~CCK$#|Q z?vs@*OL0MGX#$yQIt7`K7LQ<8x$HhGC7L|!0~N%E-4T-AB(KpNxB7rQhacK9%4&MS zQqwnlk72!)a{RHP($pQ@-~lF*P*RHnfQ_i_iD{> z@LS;Fg1x-)m@6B;O;ah!PV}8;^_RUiDkWC&=}xIwJVu(ltgBSh>|ghaNbWO+A7Cok z%DyK=OX$;dNXok#T^z~Z;J`)S^AXCI6D{yEvic@-(MOi{CfI8IU{j1o0?vD9ZBwJJ zR2EU>eBX{1(%M60N9MB_H9FWpy?b7TbjV2rKPe)%sv{!4$l4D+PX`^?`IfThj2r?Gs&CynKj(tWiw;&V&0E|6QH z*9L8*F8@_q;z_P%hG|2>uKzlrWk}MV)(a~KrG&T8;v^x2y_+f|jVX{~D{kH_gTNrH z>WKWac58H+qmTHK!Lma4#RcD_awWJ|qet6KH5uHiqJ|`yQeCRQi5d$YZ8m5QmwBE* zPWem%7{hxB{l%gAfTPEmmoB~+pK41s;0I*yRSUgF;e$z1D!?|8G8t7(4Tbh@h zmaib=PE-U4AV-z_@?gTChgk1!v$TYI+in%GL*xZ%^>c(>k`- z&;S5C763r;e-bLZJnx&R)SSz+jbVpIow0~8R)!Pb6i+*LOs1ZePC89Rox*~gWYU_* zhl^6gW1$DlBXah_f;|tACE=c+3r%zWe&z<)hsT*vE#GZ1%}a>~OiukG@6F4 z`rR>Oiw>l@%<;e?d~_vqK{<%Zt$`n;VtdT9udylH`5|JHr;H4wLND-0prgakhH)v3 zPkD?fD#55qzQCb3`7xg8D?U}hX7dt@ivrOMxo?2bvb`)s1xyai7VI~|#Ig63c-xV# z_e5@dxJKC0ZjFGneiN5B!=m=OLh@U{1@{~#?TmMUOW{TGfXRUHIYlyN+=*Q*{=`n6UusFSdH{Ho2@g{>o_C1M-D@*P(eaEMCcRm)3 ztKN?<3gJW3C0k9$in%kA5qh0TexoT#>;c8QC9)jG7a^C8L!+iC>B4u@#p6@0`yq#d zT)o1!7^I_Y9g$#59C8Y9HXEV?L9aNG2bGY%Sq(J zkfU4RlFesjnxUH9bOWa4-IDvx?p=C&BlB3#3&`H8X@m5l*bFop4!L{+3jS?ih2;@jcq4zv)tIns)-zU7T#mm+*P1YL}@^c|KprQ$fgV;pYL#+#GV%$qBK z#%4Cvx<1z#_)*YOKB=8stHBo%$@)Q%1!a2^H1Avyp@EBj|C+&&GD5I;gwZmVEA$BW zf@@b^iYc%9;iZQsp?Je&ae;S%07e-vixPtKY+jSG*3hd$U}sEY9duB zj?U}oBx~|&)tV4Jo^c!1tD?n=9|&KQSfslkFo~w2sj}afZLbvPJ`oaejmfk!<#H9%9~G=$jl}@o}@vo+6!X;c3!l zWvvKdK04Wq+MaDYJw8}HYW^TK6Z~;!%QLe`m{7pAA4qq_*nzyCvgCz+xGibCQm%w# zZ{YxiXxWV#OYGK8LyL^5d@cQhO&by+YB47LValFUe9s+J-Fs??``B~cmYebz&pH%^ zFVUApA)`MU=g>>`WB?ei#|WtiP%3Kr^qgRZ_H?{^N@9lVJ}lMii6Wq1ae=&Ufo$(i zcO58c2qas8WWVKB>BAlw3DQr)dQnvBkQF#iU$>=Azc_i~NCtX6Onc;mtkw@)o z>c!Q&kx0I`=z|7d`z0_0=czWOBHE=t;f#$T9+U4CFCU%~;2oQE!Zsr0-52HdpH$e` zfgn(Day;QH%%$TcBbu)hS&uDW(%;Q6YJ>&G4Eyc6LE~oKEKP zEa31AdH)RYt=h5ya?n@<>>1Dl1tlb5R-xG|H{gsof+$vMW#7!DYegg_NrifR+fF$u z{;sPeDNQ@c5Vqz?iC+;7C#O)V#@O4E(t*ZRQ0dbWm)Y^5{K24{N6ZnsBYmqbZ^o|l zB+bf3i01Ahpuk#)C{J5JI zWF{yL1~{U>*786vk7Ma5u^O{*t%@F9M*gBvIC?KgG`0Axv)XgKa6^YrI?|IG6%X!h*rtRtABV|VILZk`QN949}wU!R$d`-%LOUV+VQn5OC@H;e2hv_&R1#taM9BCJ)6vOl5)M{#75g^~b)xR>lTNt+8{7J0!O$ zyzQ0wPF%UN=`QurSF0OPvZse1-OcUpPe861@+3i0t4D?T)NStRofm%V?#3Mw126;c zhcS>H-0O}UQAm)xfD(-k7-3H#MpQR8SfyY~R@aNuxzO_L&Xq=)CUTo&R^)tYPkm{# z1~!kg*Iij^iubSM42!=t2MhAWI!^gqTnkORCd%D0YSiwE3U>LJATcA^I}g~RJvyXE z*$T!U4;joMfOZjS1spC0?2w2NJI4?EF+<(1^(Sc8 znB{J=PNJ5S9NwQgefrAvfS(e$GN#aq&}%TGl1x@N9aY&NB5YA`{WZ}8035z+@{oL==s`f9pKC&%|53l9{r5>43i>ja zR5TU8&PD~GndqB{bIgGZ&Syc-Up&7t+tVH5=w{DlXAOjcA&wx=tFXIhAw0Oq0~YQm zER9&4@|=_m-C%Kb$UMZx-5(=h5=Bcu`_glfjWv9?!ITzTIsPown2nsfOCJj_-@6-k zEFI-xm5&rY0+E(+khGw1Kx@CdZK17(fG7p{x0W8`In7TG?q6@88+_;h+RvX50HlDH zK0E_R_~dz;>e~n2>h}diQ~K+g7B8z`6G1x)H2pLmVYP;!kfQ=eEpBj z<9}n`6OQ=jKIP};BRocG>7Orw=o^f}pJJRhEa72#5U%}lDL=L~;bSoJZ!qvpPI$=C z)LTA(8XUH7Rz`F#nJ;1g$9v~1gNOXm7=?$fqmB8+YJb)~{jyrx^Oc(Y3H0wYQ{n05 zjK_}4|L2DIStAji-p+ZMsdFMVMMU-yFNMW(j>3tm4<%)apYlz=pof5+>eH0>LpNka2Ky_{&jk;&VC z2l|@Y!6V{DC;w6uKPG@*miFmR;-dK1rF}*GJ{^Q-(DlZkU*V^_75Tj44mi*62mv$a MWzE5J901_|05J+`Hvj+t literal 0 HcmV?d00001