yunionio · gzericlee · Apr 26, 2023
diff --git a/cmd/bingocli/main.go b/cmd/bingocli/main.go
@@ -96,12 +96,11 @@ func newClient(options *BaseOptions) (*bingocloud.SRegion, error) {
 			options.Endpoint,
 			options.AccessKey,
 			options.SecretKey,
-		).Debug(options.Debug).
-			CloudproviderConfig(
-				cloudprovider.ProviderConfig{
-					ProxyFunc: proxyFunc,
-				},
-			),
+		).Debug(options.Debug).SetCloudproviderConfig(
+			cloudprovider.ProviderConfig{
+				ProxyFunc: proxyFunc,
+			},
+		),
 	)
 	if err != nil {
 		return nil, err

diff --git a/pkg/cloudprovider/cloudprovider.go b/pkg/cloudprovider/cloudprovider.go
@@ -174,6 +174,8 @@ type ProviderConfig struct {
 
 	AliyunResourceGroupIds []string
 
+	ManagerProviderConfig *ProviderConfig
+
 	UpdatePermission func(service, permission string)
 }
 

diff --git a/pkg/cloudprovider/disk.go b/pkg/cloudprovider/disk.go
@@ -19,4 +19,5 @@ type DiskCreateConfig struct {
 	SizeGb    int
 	Desc      string
 	ProjectId string
+	ZoneId    string
 }
diff --git a/pkg/cloudprovider/resources.go b/pkg/cloudprovider/resources.go
@@ -86,6 +86,7 @@ type ICloudRegion interface {
 	GetISecurityGroupById(secgroupId string) (ICloudSecurityGroup, error)
 	GetISecurityGroupByName(opts *SecurityGroupFilterOptions) (ICloudSecurityGroup, error)
 	CreateISecurityGroup(conf *SecurityGroupCreateInput) (ICloudSecurityGroup, error)
+	GetISecurityGroups() ([]ICloudSecurityGroup, error)
 
 	CreateIVpc(opts *VpcCreateOptions) (ICloudVpc, error)
 	CreateInternetGateway() (ICloudInternetGateway, error)
@@ -607,6 +608,7 @@ type ICloudVpc interface {
 	ProposeJoinICloudInterVpcNetwork(opts *SVpcJointInterVpcNetworkOption) error
 
 	GetICloudIPv6Gateways() ([]ICloudIPv6Gateway, error)
+	IsPublic() bool
 }
 
 type ICloudInternetGateway interface {

diff --git a/pkg/cloudprovider/subaccount.go b/pkg/cloudprovider/subaccount.go
@@ -22,13 +22,16 @@ import (
 )
 
 type SSubAccount struct {
+	Id string // ID
 	// 若Account不为空，可不传
 	Name string
 	// 描述信息
 	Desc string
 	// 输入必填，若为空，需要指定子账号名称
 	Account          string
+	Secret           string // 子账号SK
 	HealthStatus     string // 云端服务健康状态。例如欠费、项目冻结都属于不健康状态。
+	IsSubAccount     bool   // 是否子账号
 	DefaultProjectId string // 默认云订阅项目Id
 }
 

diff --git a/pkg/multicloud/aliyun/region.go b/pkg/multicloud/aliyun/region.go
@@ -125,6 +125,10 @@ func (self *SRegion) GetOssClient() (*oss.Client, error) {
 	return self.ossClient, nil
 }
 
+func (self *SRegion) GetISecurityGroups() ([]cloudprovider.ICloudSecurityGroup, error) {
+	return nil, nil
+}
+
 func (self *SRegion) ecsRequest(apiName string, params map[string]string) (jsonutils.JSONObject, error) {
 	client, err := self.getSdkClient()
 	if err != nil {
@@ -297,7 +301,7 @@ func (self *SRegion) _lbRequest(client *sdk.Client, apiName string, domain strin
 	return jsonRequest(client, domain, ALIYUN_API_VERSION_LB, apiName, params, self.client.debug)
 }
 
-/////////////////////////////////////////////////////////////////////////////
+// ///////////////////////////////////////////////////////////////////////////
 func (self *SRegion) GetId() string {
 	return self.RegionId
 }

diff --git a/pkg/multicloud/aliyun/vpc.go b/pkg/multicloud/aliyun/vpc.go
@@ -84,6 +84,10 @@ func (self *SVpc) IsEmulated() bool {
 	return false
 }
 
+func (self *SVpc) IsPublic() bool {
+	return false
+}
+
 func (self *SVpc) GetIsDefault() bool {
 	return self.IsDefault
 }

diff --git a/pkg/multicloud/apsara/region.go b/pkg/multicloud/apsara/region.go
@@ -149,6 +149,10 @@ func (self *SRegion) tagRequest(serviceType string, action string, params map[st
 	}
 }
 
+func (self *SRegion) GetISecurityGroups() ([]cloudprovider.ICloudSecurityGroup, error) {
+	return nil, nil
+}
+
 func (self *SRegion) lbRequest(apiName string, params map[string]string) (jsonutils.JSONObject, error) {
 	client, err := self.getSdkClient()
 	if err != nil {
@@ -158,7 +162,7 @@ func (self *SRegion) lbRequest(apiName string, params map[string]string) (jsonut
 	return self.productRequest(client, APSARA_PRODUCT_SLB, domain, APSARA_API_VERSION_LB, apiName, params, self.client.debug)
 }
 
-/////////////////////////////////////////////////////////////////////////////
+// ///////////////////////////////////////////////////////////////////////////
 func (self *SRegion) GetId() string {
 	return self.RegionId
 }

diff --git a/pkg/multicloud/apsara/vpc.go b/pkg/multicloud/apsara/vpc.go
@@ -85,6 +85,10 @@ func (self *SVpc) IsEmulated() bool {
 	return false
 }
 
+func (self *SVpc) IsPublic() bool {
+	return false
+}
+
 func (self *SVpc) GetIsDefault() bool {
 	return self.IsDefault
 }

diff --git a/pkg/multicloud/aws/region.go b/pkg/multicloud/aws/region.go
@@ -270,7 +270,7 @@ func (self *SAwsClient) monitorRequest(regionId, apiName string, params map[stri
 	return self.request(regionId, CLOUDWATCH_SERVICE_NAME, CLOUDWATCH_SERVICE_ID, "2010-08-01", apiName, params, retval, true)
 }
 
-/////////////////////////////////////////////////////////////////////////////
+// ///////////////////////////////////////////////////////////////////////////
 func (self *SRegion) fetchZones() error {
 	ec2Client, err := self.getEc2Client()
 	if err != nil {
@@ -416,6 +416,10 @@ func (self *SRegion) GetIZones() ([]cloudprovider.ICloudZone, error) {
 	return self.izones, nil
 }
 
+func (self *SRegion) GetISecurityGroups() ([]cloudprovider.ICloudSecurityGroup, error) {
+	return nil, nil
+}
+
 func (self *SRegion) GetIVpcs() ([]cloudprovider.ICloudVpc, error) {
 	if self.ivpcs == nil {
 		err := self.fetchInfrastructure()

diff --git a/pkg/multicloud/aws/vpc.go b/pkg/multicloud/aws/vpc.go
@@ -94,6 +94,10 @@ func (self *SVpc) IsEmulated() bool {
 	return false
 }
 
+func (self *SVpc) IsPublic() bool {
+	return false
+}
+
 func (self *SVpc) GetRegion() cloudprovider.ICloudRegion {
 	return self.region
 }

diff --git a/pkg/multicloud/azure/classic_vpc.go b/pkg/multicloud/azure/classic_vpc.go
@@ -76,6 +76,10 @@ func (self *SClassicVpc) GetIsDefault() bool {
 	return false
 }
 
+func (self *SClassicVpc) IsPublic() bool {
+	return false
+}
+
 func (self *SClassicVpc) GetCidrBlock() string {
 	if len(self.Properties.AddressSpace.AddressPrefixes) > 0 {
 		return self.Properties.AddressSpace.AddressPrefixes[0]

diff --git a/pkg/multicloud/azure/region.go b/pkg/multicloud/azure/region.go
@@ -53,7 +53,7 @@ type SRegion struct {
 	Longitude   string
 }
 
-/////////////////////////////////////////////////////////////////////////////
+// ///////////////////////////////////////////////////////////////////////////
 func (self *SRegion) Refresh() error {
 	// do nothing
 	return nil
@@ -104,6 +104,10 @@ func (self *SRegion) GetName() string {
 	return fmt.Sprintf("%s %s", CLOUD_PROVIDER_AZURE_CN, self.DisplayName)
 }
 
+func (self *SRegion) GetISecurityGroups() ([]cloudprovider.ICloudSecurityGroup, error) {
+	return nil, nil
+}
+
 func (self *SRegion) GetI18n() cloudprovider.SModelI18nTable {
 	en := fmt.Sprintf("%s %s", CLOUD_PROVIDER_AZURE_EN, self.DisplayName)
 	table := cloudprovider.SModelI18nTable{}

diff --git a/pkg/multicloud/azure/vpc.go b/pkg/multicloud/azure/vpc.go
@@ -75,6 +75,10 @@ func (self *SVpc) IsEmulated() bool {
 	return false
 }
 
+func (self *SVpc) IsPublic() bool {
+	return false
+}
+
 func (self *SVpc) GetIsDefault() bool {
 	return true
 }

diff --git a/pkg/multicloud/bingocloud/account.go b/pkg/multicloud/bingocloud/account.go
@@ -1,12 +1,63 @@
 package bingocloud
 
+import (
+	"crypto/aes"
+	"crypto/cipher"
+	"encoding/base64"
+	"fmt"
+	"unicode/utf8"
+)
+
 type SAccount struct {
-	AccessKeyId     string
-	SecretAccessKey string
-	Arn             string
-	DeptId          string
-	DeptName        string
-	IsEncrypted     string
-	UserId          string
-	UserName        string
+	Id          string `json:"Id"`
+	AccessKeyId string `json:"AccessKeyId"`
+	Arn         string `json:"Arn"`
+	FullName    string `json:"FullName"`
+	IsAdmin     string `json:"IsAdmin"`
+	IsEncrypted string `json:"IsEncrypted"`
+	SecurityKey string `json:"SecurityKey"`
+	Status      string `json:"Status"`
+	Type        string `json:"Type"`
+	UserId      string `json:"UserId"`
+	UserName    string `json:"UserName"`
+}
+
+func (self *SAccount) decryptKeys(masterSecretKey string) (string, string) {
+	if len(self.SecurityKey) == len(masterSecretKey) {
+		return self.AccessKeyId, self.SecurityKey
+	}
+
+	secretKeyBytes, err := base64.StdEncoding.DecodeString(self.SecurityKey)
+	if err != nil {
+		return "", ""
+	}
+	var adminSecretKey = ""
+	if len(masterSecretKey) >= 32 {
+		adminSecretKey = masterSecretKey[0:32]
+	} else {
+		adminSecretKey = fmt.Sprintf("%s%032s", masterSecretKey, "")[0:32]
+	}
+	decryptVal, err := aesCrtCrypt([]byte(secretKeyBytes), []byte(adminSecretKey), make([]byte, 16))
+	if err != nil {
+		return "", ""
+	}
+
+	decryptSecret := fmt.Sprintf("%s", decryptVal)
+
+	if !utf8.ValidString(decryptSecret) {
+		return self.AccessKeyId, self.SecurityKey
+	}
+
+	return self.AccessKeyId, decryptSecret
+}
+
+func aesCrtCrypt(val, key, iv []byte) ([]byte, error) {
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+	blockMode := cipher.NewCTR(block, iv)
+	body := make([]byte, len(val))
+	blockMode.XORKeyStream(body, val)
+	return body, nil
 }
-Original file line number
+Diff line change
@@ Expand Up / @@ -174,6 +174,8 @@ type ProviderConfig struct { @@
     	AliyunResourceGroupIds []string
+    	ManagerProviderConfig *ProviderConfig
     	UpdatePermission func(service, permission string)
     }
@@ Expand Down @@