适配最新qmth-boot:1.0.4，增加配置导出接口的加密参数，用于输出带加密后敏感信息的配置文件

src/main/java/com/qmth/ops/api/controller/admin/PropertyController.java

@@ -91,7 +91,7 @@ public class PropertyController {
         if (!userPermissionService.hasPermission(adminSession.getUser(), Permission.PROPERTY_EDIT, env.getId())) {
             for (PropertyItem item : list) {
                 //包含密钥/密码类信息
-                if (item.getKey().contains("secret") || item.getKey().contains("password")) {
+                if (item.containSecret()) {
                     //直接引用其他变量时不隐藏
                     if (!(item.getValue().startsWith("${") && item.getValue().endsWith("}"))) {
                         item.setValue("***");

src/main/java/com/qmth/ops/api/controller/export/PropertyExportController.java

@@ -49,13 +49,14 @@ public class PropertyExportController {
     @RequestMapping("/{appCode}/{moduleCode}/{envCode}/{branchName}")
     public void exportPropertyFile(@PathVariable String appCode, @PathVariable String moduleCode,
             @PathVariable String envCode, @PathVariable String branchName, @RequestParam String secret,
-            HttpServletResponse response) throws IOException {
+            @RequestParam(required = false, defaultValue = "false") Boolean encrypt, HttpServletResponse response)
+            throws IOException {
         exportPropertyFile(appCode, moduleCode, envCode, new BranchName(branchName).getVersionNumber(), secret,
-                response);
+                encrypt != null ? encrypt : false, response);
     }
 
     private void exportPropertyFile(String appCode, String moduleCode, String envCode, VersionNumber versionNumber,
-            String exportSecret, HttpServletResponse response) throws IOException {
+            String exportSecret, boolean encrypt, HttpServletResponse response) throws IOException {
         User user = userService.findByExportSecret(exportSecret);
         if (user == null || !user.hasRole(Role.OPS)) {
             throw new UnauthorizedException("鉴权失败");
@@ -76,7 +77,7 @@ public class PropertyExportController {
         if (version == null) {
             throw new ParameterException("version不存在");
         }
-        List<PropertyItem> list = propertyService.mergePropertyList(appCode, version, module.getId(), env.getId());
+        List<PropertyItem> list = propertyService.mergePropertyList(appCode, version, module, env.getId(), encrypt);
         response.reset();
         response.setContentType("application/octet-stream");
         response.setHeader("Content-Disposition", "attachment; filename=application.properties");

src/main/java/com/qmth/ops/biz/domain/PropertyItem.java

@@ -100,4 +100,13 @@ public class PropertyItem implements Serializable {
     public void setUpdateTime(Long updateTime) {
         this.updateTime = updateTime;
     }
+
+    /**
+     * 是否密钥/密码类配置
+     *
+     * @return
+     */
+    public boolean containSecret() {
+        return key.toLowerCase().contains("secret") || key.toLowerCase().contains("password");
+    }
 }

src/main/java/com/qmth/ops/biz/service/PropertyService.java

@@ -5,6 +5,8 @@ import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.qmth.boot.core.exception.ParameterException;
 import com.qmth.boot.core.exception.StatusException;
+import com.qmth.boot.core.security.service.EncryptService;
+import com.qmth.boot.core.security.service.impl.DefaultEncryptService;
 import com.qmth.ops.biz.dao.PropertyItemDao;
 import com.qmth.ops.biz.domain.*;
 import com.qmth.ops.biz.utils.PropertyFileUtil;
@@ -31,6 +33,8 @@ public class PropertyService extends ServiceImpl<PropertyItemDao, PropertyItem>
 
     private static final String APP_CODE_KEY = "com.qmth.solar.app-code";
 
+    private static final String MODULE_CODE_KEY = "com.qmth.solar.module-code";
+
     @Resource
     private EnvService envService;
 
@@ -217,10 +221,12 @@ public class PropertyService extends ServiceImpl<PropertyItemDao, PropertyItem>
                         .eq(PropertyItem::getKey, key));
     }
 
-    public List<PropertyItem> mergePropertyList(String appCode, Version version, Long moduleId, Long envId) {
-        List<PropertyItem> list = listBaseline(version.getId(), moduleId);
+    public List<PropertyItem> mergePropertyList(String appCode, Version version, Module module, Long envId,
+            boolean encrypt) {
+        EncryptService encryptService = new DefaultEncryptService(() -> appCode);
+        List<PropertyItem> list = listBaseline(version.getId(), module.getId());
         //获取环境定义配置项
-        Map<String, PropertyItem> itemMap = listPropertyItem(version.getId(), moduleId, envId).stream()
+        Map<String, PropertyItem> itemMap = listPropertyItem(version.getId(), module.getId(), envId).stream()
                 .collect(Collectors.toMap(PropertyItem::getKey, Function.identity()));
         //遍历基线
         for (PropertyItem item : list) {
@@ -239,13 +245,17 @@ public class PropertyService extends ServiceImpl<PropertyItemDao, PropertyItem>
         if (!itemMap.isEmpty()) {
             list.addAll(itemMap.values());
         }
-        //强制增加appCode与appVersion配置项，自动根据当前app和version填充
+        //强制增加appCode,moduleCode,appVersion配置项，自动根据当前app,module,version填充
         boolean hasCode = false;
+        boolean hasModule = false;
         boolean hasVersion = false;
         for (PropertyItem item : list) {
             if (item.getKey().equals(APP_CODE_KEY)) {
                 item.setValue(appCode);
                 hasCode = true;
+            } else if (item.getKey().equals(MODULE_CODE_KEY)) {
+                item.setValue(module.getCode());
+                hasModule = true;
             } else if (item.getKey().equals(APP_VERSION_KEY)) {
                 item.setValue(version.getName());
                 hasVersion = true;
@@ -257,12 +267,26 @@ public class PropertyService extends ServiceImpl<PropertyItemDao, PropertyItem>
             item.setValue(appCode);
             list.add(item);
         }
+        if (!hasModule) {
+            PropertyItem item = new PropertyItem();
+            item.setKey(MODULE_CODE_KEY);
+            item.setValue(module.getCode());
+            list.add(item);
+        }
         if (!hasVersion) {
             PropertyItem item = new PropertyItem();
             item.setKey(APP_VERSION_KEY);
             item.setValue(version.getName());
             list.add(item);
         }
+        //对敏感配置值进行加密处理
+        if (encrypt) {
+            for (PropertyItem item : list) {
+                if (item.containSecret()) {
+                    item.setValue("ENC(" + encryptService.encrypt(item.getValue()) + ")");
+                }
+            }
+        }
         list.sort(Comparator.comparing(PropertyItem::getKey));
         return list;
     }

src/main/resources/application.properties

@@ -1,4 +1,5 @@
 server.port=8080
+##spring.resources.static-locations=classpath:/static/,file:/Users/luoshi/develop/project/ops-web/,file:/Users/luoshi/develop/data/
 
 com.qmth.api.global-auth=false
 com.qmth.api.http-trace=true