TencentBlueKing · yuyudeqiu · Nov 20, 2024
diff --git a/bcs-services/bcs-helm-manager/internal/app/app.go b/bcs-services/bcs-helm-manager/internal/app/app.go
@@ -143,6 +143,7 @@ func (hm *HelmManager) Init() error {
 		hm.initRegistry,
 		hm.initJWTClient,
 		hm.initIAMClient,
+		hm.initSharedClusterConf,
 		hm.InitComponentConfig,
 		hm.initDiscovery,
 		hm.initMicro,
@@ -604,6 +605,14 @@ func (hm *HelmManager) initIAMClient() error {
 	return nil
 }
 
+// initSharedClusterConf init conf value for shared cluster
+func (hm *HelmManager) initSharedClusterConf() error {
+	if hm.opt.SharedCluster.AnnotationKeyProjCode == "" {
+		hm.opt.SharedCluster.AnnotationKeyProjCode = common.AnnotationKeyProjectCode
+	}
+	return nil
+}
+
 func (hm *HelmManager) initCryptor() error {
 	if !hm.opt.Encrypt.Enable {
 		return nil

diff --git a/bcs-services/bcs-helm-manager/internal/auth/iam.go b/bcs-services/bcs-helm-manager/internal/auth/iam.go
@@ -26,6 +26,7 @@ import (
 	"k8s.io/client-go/kubernetes"
 
 	"github.com/Tencent/bk-bcs/bcs-services/bcs-helm-manager/internal/component"
+	"github.com/Tencent/bk-bcs/bcs-services/bcs-helm-manager/internal/options"
 )
 
 var (
@@ -37,9 +38,6 @@ var (
 	ClusterIamClient *cluster.BCSClusterPerm
 	// NamespaceIamClient namespace iam client
 	NamespaceIamClient *namespace.BCSNamespacePerm
-
-	// ProjCodeAnnoKey 项目 Code 在命名空间 Annotations 中的 Key
-	ProjCodeAnnoKey = "io.tencent.bcs.projectcode"
 )
 
 // InitPermClient new a perm client
@@ -105,7 +103,7 @@ func ReleaseResourcePermCheck(projectCode, clusterID string, namespaceCreated, c
 		if err != nil {
 			return false, "", nil, err
 		}
-		if ns.Annotations[ProjCodeAnnoKey] != projectCode {
+		if ns.Annotations[options.GlobalOptions.SharedCluster.AnnotationKeyProjCode] != projectCode {
 			return false, "", nil, fmt.Errorf("命名空间 %s 在该共享集群中不属于指定项目", v)
 		}
 	}

diff --git a/bcs-services/bcs-helm-manager/internal/common/constant.go b/bcs-services/bcs-helm-manager/internal/common/constant.go
@@ -51,3 +51,9 @@ const (
 	// LangCookieName 语言版本 Cookie 名称
 	LangCookieName = "blueking_language"
 )
+
+// shared cluster
+const (
+	// AnnotationKeyProjectCode namespace 的 projectcode 注解 key 默认值
+	AnnotationKeyProjectCode = "io.tencent.bcs.projectcode"
+)
diff --git a/bcs-services/bcs-helm-manager/internal/options/options.go b/bcs-services/bcs-helm-manager/internal/options/options.go
@@ -160,21 +160,27 @@ type EncryptSecret struct {
 	Secret string `json:"secret" yaml:"secret"`
 }
 
+// SharedClusterConfig options of shared cluster config
+type SharedClusterConfig struct {
+	AnnotationKeyProjCode string `json:"annotationKeyProjCode" yaml:"annotationKeyProjCode"`
+}
+
 // HelmManagerOptions options of helm manager
 type HelmManagerOptions struct {
-	Etcd          EtcdOption         `json:"etcd" yaml:"etcd"`
-	BcsLog        LogConfig          `json:"log" yaml:"log"`
-	Swagger       SwaggerConfig      `json:"swagger" yaml:"swagger"`
-	Mongo         MongoConfig        `json:"mongo" yaml:"mongo"`
-	Repo          RepoConfig         `json:"repo" yaml:"repo"`
-	Release       ReleaseConfig      `json:"release" yaml:"release"`
-	IAM           IAMConfig          `json:"iam" yaml:"iam"`
-	JWT           JWTConfig          `json:"jwt" yaml:"jwt"`
-	Credentials   []Credential       `json:"credentials" yaml:"credentials"`
-	Encrypt       Encrypt            `json:"encrypt" yaml:"encrypt"`
-	Debug         bool               `json:"debug" yaml:"debug"`
-	TLS           TLS                `json:"tls" yaml:"tls"`
-	TracingConfig conf.TracingConfig `json:"tracingConfig" yaml:"tracingConfig"`
+	Etcd          EtcdOption          `json:"etcd" yaml:"etcd"`
+	BcsLog        LogConfig           `json:"log" yaml:"log"`
+	Swagger       SwaggerConfig       `json:"swagger" yaml:"swagger"`
+	Mongo         MongoConfig         `json:"mongo" yaml:"mongo"`
+	Repo          RepoConfig          `json:"repo" yaml:"repo"`
+	Release       ReleaseConfig       `json:"release" yaml:"release"`
+	IAM           IAMConfig           `json:"iam" yaml:"iam"`
+	JWT           JWTConfig           `json:"jwt" yaml:"jwt"`
+	Credentials   []Credential        `json:"credentials" yaml:"credentials"`
+	Encrypt       Encrypt             `json:"encrypt" yaml:"encrypt"`
+	Debug         bool                `json:"debug" yaml:"debug"`
+	TLS           TLS                 `json:"tls" yaml:"tls"`
+	TracingConfig conf.TracingConfig  `json:"tracingConfig" yaml:"tracingConfig"`
+	SharedCluster SharedClusterConfig `json:"sharedCluster" yaml:"sharedCluster"`
 	ServerConfig
 }