From fb5ca355f9c052f2a5f2aa32bc7ebdd43c306849 Mon Sep 17 00:00:00 2001 From: hanshuaikang <1758504262@qq.com> Date: Tue, 22 Aug 2023 15:10:37 +0800 Subject: [PATCH] =?UTF-8?q?feature:=20=E6=B5=81=E7=A8=8B=E6=9C=8D=E5=8A=A1?= =?UTF-8?q?=E6=94=AF=E6=8C=81=E5=9B=BD=E5=AF=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config/default.py | 25 +++++++++++++++++++++++++ requirements.txt | 2 +- 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/config/default.py b/config/default.py index b6f6ba285..b7e00b57a 100644 --- a/config/default.py +++ b/config/default.py @@ -41,6 +41,7 @@ BK_PAAS_HOST, BK_PAAS_INNER_HOST, RUN_VER, + APP_TOKEN, ) # 标准运维页面服务地址 @@ -909,3 +910,27 @@ def redirect_func(request): CLOSE_EVERY_DAY_TICKET_NOTIFY = bool( os.getenv("BKAPP_CLOSE_EVERY_DAY_TICKET_NOTIFY", False) ) + +# 国密相关的改造配置 +# BKPAAS_BK_CRYPTO_TYPE 为 PaaSV3 国密版本支持变量,可选值:CLASSIC-国际算法,SHANGMI-国家算法 +# 通过该值确定 SYMMETRIC_CIPHER_TYPE +if os.getenv("BKPAAS_BK_CRYPTO_TYPE") == "SHANGMI": + BKCRYPTO_SYMMETRIC_CIPHER_TYPE = "SM4" +else: + BKCRYPTO_SYMMETRIC_CIPHER_TYPE = "AES" + +# 开启 blueapps 内置数据表加密 +BLUEAPPS_ENABLE_DB_ENCRYPTION = True + +# 使用 APP_TOKEN 作为非对称密码的 Key +# 关于 BKCRYPTO 的配置,可参考:https://github.com/TencentBlueKing/crypto-python-sdk +BKCRYPTO = { + "SYMMETRIC_TYPE": BKCRYPTO_SYMMETRIC_CIPHER_TYPE, + "SYMMETRIC_CIPHERS": { + "blueapps": { + # 配置非对称加密密钥,如需延迟到 `default.py` 外 lazy 加载 key,可使用 `get_key_config_func` 配置 + # 详情参考:https://github.com/TencentBlueKing/crypto-python-sdk + "common": {"key": APP_TOKEN}, + }, + }, +} diff --git a/requirements.txt b/requirements.txt index 4c07570fb..1670fe432 100644 --- a/requirements.txt +++ b/requirements.txt @@ -124,6 +124,6 @@ jmespath==0.10.0 requests_toolbelt==0.9.1 apigw-manager[cryptography]==1.0.7 -blueapps[opentelemetry]==4.7.0 +blueapps[opentelemetry,bkcrypto]==4.8.0 drf-yasg==1.20.0