texousliu/keyfil
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
keyfil/教程/20250220-Metersphere安装及SSO接入指南.md
liuxiaohua 31aa3a7b70
All checks were successful
Publish to Confluence / confluence (push) Successful in 59s
Details
[2025-02-20] 更新进度表
2025-02-20 18:36:41 +08:00

216 lines
5.8 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!-- Space: qifu -->
<!-- Parent: 后端技术&知识&规范 -->
<!-- Parent: 技术方案 -->
<!-- Parent: 基建 -->
<!-- Parent: 03-接入指南 -->
<!-- Title: 20250220-Metersphere安装及SSO接入指南 -->
<!-- Attachment: ../材料/app.zip -->
<!-- Macro: :anchor\((.*)\):
Template: ac:anchor
Anchor: ${1} -->
<!-- Macro: \!\[.*\]\((.+)\)\<\!\-\- width=(.*) \-\-\>
Template: ac:image
Url: ${1}
Width: ${2} -->
<!-- Macro: \<\!\-\- :toc: \-\-\>
Template: ac:toc
Printable: 'false'
MinLevel: 2
MaxLevel: 4 -->
<!-- Include: 杂项/声明文件.md -->
<!-- :toc: -->
# Metersphere 安装及 SSO 接入指南
## 附件列表
- [app.zip](../材料/app.zip)
## Metersphere 安装启动
- 可以参考https://metersphere.io/docs/v3.x/installation/offline_installation/
### 下载离线安装包
- 下载地址https://community.fit2cloud.com/#/products/metersphere/downloads
- 版本v3.6.1-lts
### 解压安装包
```shell
#- 解压安装包
tar zxvf metersphere-offline-installer-v3.6.1-lts.tar.gz
```
### 执行安装脚本
```shell
#- 进入安装包目录
cd metersphere-offline-installer-v3.x.y
#- 运行安装脚本
/bin/bash install.sh
```
### 访问并登录
- URL: http://服务器IP:8081
- 用户名: admin
- 初始密码: metersphere
## Metersphere OIDC 配置
### 获取源码
```shell
git clone -b v3.6.1-lts --depth 1 https://github.com/metersphere/metersphere.git
```
### 添加代码
- `backend/app`
- 将附件 [app.zip](../材料/app.zip) 中的增量代码拷贝到对应目录
- 编译 `backend/app`
- Maven `settings.xml` 添加 mirror
- ```xml
<mirror><id>nexus</id><name>this is my nexus</name><url>https://repository.fit2cloud.com/content/groups/public/</url><mirrorOf>*</mirrorOf></mirror>
```
- 进入目录 `backend/app` 执行 `mvn clean compile`
### 将新增的文件加入镜像
#### 解压 `metersphere-offline-installer-v3.6.1-lts/images/metersphere.tar`
```shell
cd metersphere-offline-installer-v3.6.1-lts/images/
mkdir ./metersphere
tar zvf metersphere.tar -C ./metersphere
```
#### 进入 Metersphere 源码层
```shell
cd ./metersphere/8b79e2bdad1b9e90a7a5a44478c8b82a59d72e628f65b00cb7d9e77476910762/
tar zvf layer.tar
cd /metersphere/io/metersphere/
```
#### 拷贝 class 到刚刚的目录
- 拷贝 `target/classes/io/metersphere/exclude` 文件夹
- 拷贝 `target/classes/io/metersphere/keycloak` 文件夹
### 重新打包镜像
#### 重新生成 layer.tar
- 回到 `8b79e2bdad1b9e90a7a5a44478c8b82a59d72e628f65b00cb7d9e77476910762` 目录
- ```shell
tar cvf layer.tar ./metersphere
rm -rf metersphere
```
#### 重新生成镜像包
- 回到 `metersphere-offline-installer-v3.6.1-lts/images/` 目录
- ```shell
#!/bin/bash
echo "into folder"
cd ./metersphere
echo "tar metersphere.tar"
tar cvf metersphere.tar *
echo "out folder"
cd ../
echo "replace metersphere.tar"
mv ./metersphere/metersphere.tar ./
```
### 替换 sha256
#### 获取 新的 sha256
```shell
docker images -a | grep metersphere-ce
#- 移除已有镜像
docker rmi registry.fit2cloud.com/metersphere/metersphere-ce:v3.6.1-lts
#- 获取错误
docker load -i metersphere.tar
```
#### 替换 sha256
- 新建脚本 `replace.sh`
```shell
#!/bin/bash
old=$1
new=$2
echo "old sha: $old, new sha: $new"
sed -i -E "s@${old}@${new}@g" ./metersphere/4873db853f2435741102f62cfd03cf0fb59f36df4e1467f3ad0e16582894d195.json
```
- 执行脚本
```shell
bash replace.sh oldsha newsha
```
- 重新生成 metersphere.tar
参考 [重新生成 metersphere.tar](#重新生成镜像包)
### 替换旧镜像
```shell
docker images -a | grep metersphere-ce
#- 移除已有镜像
docker rmi registry.fit2cloud.com/metersphere/metersphere-ce:v3.6.1-lts
#- 获取错误
docker load -i metersphere.tar
```
### 重启服务
```shell
msctl down -v
msctl up -d --remove-orphans
```
### 数据库添加认证源
```sql
INSERT INTO `metersphere`.`auth_source` (`id`, `configuration`, `enable`, `create_time`, `update_time`, `description`,
`name`, `type`)
VALUES ('metersphere',
0x7B22636C69656E744964223A226D65746572737068657265222C22736563726574223A22387566514636387A6F4869514739676D456D434A4776755939554F644D513769222C22726564697265637455726C223A22687474703A2F2F6C6F63616C2E6D657465727370686572652E636F6D2F73736F2F63616C6C6261636B2F6B6579636C6F616B222C226175746855726C223A22687474703A2F2F6B6579636C6F616B2E716966752E636F6D2F7265616C6D732F6B657966696C2F70726F746F636F6C2F6F70656E69642D636F6E6E6563742F61757468222C22746F6B656E55726C223A22687474703A2F2F6B6579636C6F616B2E716966752E636F6D2F7265616C6D732F6B657966696C2F70726F746F636F6C2F6F70656E69642D636F6E6E6563742F746F6B656E222C2275736572496E666F55726C223A22687474703A2F2F6B6579636C6F616B2E716966752E636F6D2F7265616C6D732F6B657966696C2F70726F746F636F6C2F6F70656E69642D636F6E6E6563742F75736572696E666F222C226D617070696E67223A227B5C227573657269645C223A5C227375625C222C5C22757365726E616D655C223A5C227072656665727265645F757365726E616D655C222C5C22656D61696C5C223A5C22656D61696C5C227D227D,
b'1', 0, 100, '企业微信登录', '企业微信', 'OIDC');
UPDATE auth_source
SET configuration = '{\"clientId\":\"metersphere\",\"secret\":\"8ufQF68zoHiQG9gmEmCJGvuY9UOdMQ7i\",\"redirectUrl\":\"http://metersphere.xxx.com/sso/callback/keycloak\",\"authUrl\":\"http://keycloak.xxx.com/realms/keyfil/protocol/openid-connect/auth\",\"tokenUrl\":\"http://keycloak.xxx.com/realms/keyfil/protocol/openid-connect/token\",\"userInfoUrl\":\"http://keycloak.xxx.com/realms/keyfil/protocol/openid-connect/userinfo\",\"mapping\":\"{\\\"userid\\\":\\\"sub\\\",\\\"username\\\":\\\"preferred_username\\\",\\\"email\\\":\\\"email\\\"}\"}'
WHERE id = 'metersphere';
```
- 替换 configuration 中的信息
- `clientId`
- `secret`
- `redirectUrl`
- `authUrl`
- `tokenUrl`
- `userInfoUrl`
### 测试
Reference in New Issue View Git Blame Copy Permalink