TencentBlueKing · Luwad777 · May 22, 2024 · May 22, 2024
diff --git a/bcs-services/bcs-cluster-manager/internal/cloudprovider/aws/api/utils.go b/bcs-services/bcs-cluster-manager/internal/cloudprovider/aws/api/utils.go
@@ -23,6 +23,7 @@ import (
 	proto "github.com/Tencent/bk-bcs/bcs-services/bcs-cluster-manager/api/clustermanager"
 	"github.com/Tencent/bk-bcs/bcs-services/bcs-cluster-manager/internal/cloudprovider"
 	"github.com/Tencent/bk-bcs/bcs-services/bcs-cluster-manager/internal/cloudprovider/utils"
+	"github.com/Tencent/bk-bcs/bcs-services/bcs-cluster-manager/internal/remote/encrypt"
 	"github.com/Tencent/bk-bcs/bcs-services/bcs-cluster-manager/internal/types"
 
 	"github.com/aws/aws-sdk-go/aws"
@@ -188,7 +189,7 @@ func GetClusterKubeConfig(opt *cloudprovider.CommonOption, cluster *eks.Cluster)
 		return "", fmt.Errorf("GetClusterKubeConfig marsh kubeconfig failed, %v", err)
 	}
 
-	return base64.StdEncoding.EncodeToString(configByte), nil
+	return encrypt.Encrypt(nil, string(configByte))
 }
 
 // MapToTaints converts a map of string-string to a slice of Taint

diff --git a/bcs-services/bcs-cluster-manager/internal/cloudprovider/aws/cloud.go b/bcs-services/bcs-cluster-manager/internal/cloudprovider/aws/cloud.go
@@ -60,7 +60,7 @@ func (c *CloudInfoManager) SyncClusterCloudInfo(cls *cmproto.Cluster,
 		return err
 	}
 
-	cluster, err := client.GetEksCluster(cls.ClusterName)
+	cluster, err := client.GetEksCluster(opt.ImportMode.CloudID)
 	if err != nil {
 		return err
 	}

diff --git a/bcs-services/bcs-cluster-manager/internal/cloudprovider/aws/cluster.go b/bcs-services/bcs-cluster-manager/internal/cloudprovider/aws/cluster.go
@@ -22,6 +22,7 @@ import (
 	proto "github.com/Tencent/bk-bcs/bcs-services/bcs-cluster-manager/api/clustermanager"
 	"github.com/Tencent/bk-bcs/bcs-services/bcs-cluster-manager/internal/cloudprovider"
 	"github.com/Tencent/bk-bcs/bcs-services/bcs-cluster-manager/internal/cloudprovider/aws/api"
+	"github.com/Tencent/bk-bcs/bcs-services/bcs-cluster-manager/internal/remote/encrypt"
 )
 
 func init() {
@@ -112,12 +113,19 @@ func (c *Cluster) ListCluster(opt *cloudprovider.ListClusterOption) ([]*proto.Cl
 
 	cloudClusterList := make([]*proto.CloudClusterInfo, 0)
 	for _, v := range clusters {
+		cluster, err := cli.GetEksCluster(*v)
+		if err != nil {
+			return nil, err
+		}
+
 		cloudClusterList = append(cloudClusterList, &proto.CloudClusterInfo{
-			ClusterID:   *v,
-			ClusterName: *v,
+			ClusterID:      *v,
+			ClusterName:    *v,
+			ClusterStatus:  *cluster.Status,
+			ClusterVersion: *cluster.Version,
+			Location:       opt.CommonOption.Region,
 		})
 	}
-
 	return cloudClusterList, nil
 }
 
@@ -166,7 +174,36 @@ func (c *Cluster) ListProjects(opt *cloudprovider.CommonOption) ([]*proto.CloudP
 // CheckClusterEndpointStatus check cluster endpoint status
 func (c *Cluster) CheckClusterEndpointStatus(clusterID string, isExtranet bool,
 	opt *cloudprovider.CheckEndpointStatusOption) (bool, error) {
-	return false, cloudprovider.ErrCloudNotImplemented
+	if opt == nil || len(opt.Account.SecretID) == 0 || len(opt.Account.SecretKey) == 0 || len(opt.Region) == 0 {
+		return false, fmt.Errorf("cloud CheckClusterEndpointStatus lost authoration")
+	}
+
+	client, err := api.NewEksClient(&opt.CommonOption)
+	if err != nil {
+		return false, fmt.Errorf("CheckClusterEndpointStatus get eks client failed, %v", err)
+	}
+
+	cluster, err := client.GetEksCluster(clusterID)
+	if err != nil {
+		return false, fmt.Errorf("CheckClusterEndpointStatus get cluster failed, %v", err)
+	}
+
+	kubeConfig, err := api.GetClusterKubeConfig(&opt.CommonOption, cluster)
+	if err != nil {
+		return false, fmt.Errorf("CheckClusterEndpointStatus get kubeConfig failed, %v", err)
+	}
+
+	data, err := encrypt.Decrypt(nil, kubeConfig)
+	if err != nil {
+		return false, fmt.Errorf("decode kube config failed: %v", err)
+	}
+
+	_, err = cloudprovider.GetCRDByKubeConfig(data)
+	if err != nil {
+		return false, fmt.Errorf("CheckClusterEndpointStatus get CRDB failed, %v", err)
+	}
+
+	return true, nil
 }
 
 // AddSubnetsToCluster add subnets to cluster

diff --git a/bcs-services/bcs-cluster-manager/internal/cloudprovider/aws/tasks/import_cluster.go b/bcs-services/bcs-cluster-manager/internal/cloudprovider/aws/tasks/import_cluster.go
@@ -14,7 +14,6 @@ package tasks
 
 import (
 	"context"
-	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"time"
@@ -28,6 +27,7 @@ import (
 	proto "github.com/Tencent/bk-bcs/bcs-services/bcs-cluster-manager/api/clustermanager"
 	"github.com/Tencent/bk-bcs/bcs-services/bcs-cluster-manager/internal/cloudprovider"
 	"github.com/Tencent/bk-bcs/bcs-services/bcs-cluster-manager/internal/common"
+	"github.com/Tencent/bk-bcs/bcs-services/bcs-cluster-manager/internal/remote/encrypt"
 	"github.com/Tencent/bk-bcs/bcs-services/bcs-cluster-manager/internal/types"
 	"github.com/Tencent/bk-bcs/bcs-services/bcs-cluster-manager/internal/utils"
 )
@@ -79,12 +79,12 @@ func RegisterClusterKubeConfigTask(taskID string, stepName string) error {
 }
 
 func importClusterCredential(ctx context.Context, data *cloudprovider.CloudDependBasicInfo) error { // nolint
-	configByte, err := base64.StdEncoding.DecodeString(data.Cluster.KubeConfig)
+	configByte, err := encrypt.Decrypt(nil, data.Cluster.KubeConfig)
 	if err != nil {
 		return fmt.Errorf("failed to decode kubeconfig, %v", err)
 	}
 	typesConfig := &types.Config{}
-	err = json.Unmarshal(configByte, typesConfig)
+	err = json.Unmarshal([]byte(configByte), typesConfig)
 	if err != nil {
 		return fmt.Errorf("failed to unmarshal kubeconfig, %v", err)
 	}
@@ -149,10 +149,11 @@ func ImportClusterNodesTask(taskID string, stepName string) error {
 }
 
 func importClusterInstances(data *cloudprovider.CloudDependBasicInfo) error {
-	kubeConfigByte, err := base64.StdEncoding.DecodeString(data.Cluster.KubeConfig)
+	kubeConfig, err := encrypt.Decrypt(nil, data.Cluster.KubeConfig)
 	if err != nil {
 		return fmt.Errorf("decode kube config failed: %v", err)
 	}
+	kubeConfigByte := []byte(kubeConfig)
 
 	config, err := clientcmd.RESTConfigFromKubeConfig(kubeConfigByte)
 	if err != nil {

diff --git a/bcs-services/bcs-cluster-manager/internal/cloudprovider/aws/validate.go b/bcs-services/bcs-cluster-manager/internal/cloudprovider/aws/validate.go
@@ -17,6 +17,9 @@ import (
 	"fmt"
 	"sync"
 
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/ec2"
+
 	"github.com/Tencent/bk-bcs/bcs-common/common/blog"
 
 	proto "github.com/Tencent/bk-bcs/bcs-services/bcs-cluster-manager/api/clustermanager"
@@ -28,6 +31,10 @@ import (
 
 var validateMgr sync.Once
 
+const (
+	defaultRegion = "ap-southeast-1"
+)
+
 func init() {
 	validateMgr.Do(func() {
 		// init Cluster
@@ -263,7 +270,30 @@ func (c *CloudValidate) DeleteNodesFromClusterValidate(req *proto.DeleteNodesReq
 
 // CreateCloudAccountValidate create cloud account validate
 func (c *CloudValidate) CreateCloudAccountValidate(account *proto.Account) error {
-	return cloudprovider.ErrCloudNotImplemented
+	// call cloud interface to check accout
+	if c == nil || account == nil {
+		return fmt.Errorf("%s CreateCloudAccountValidate request is empty", cloudName)
+	}
+
+	if len(account.SecretID) == 0 || len(account.SecretKey) == 0 {
+		return fmt.Errorf("%s CreateCloudAccountValidate request lost valid crendential info", cloudName)
+	}
+
+	client, err := api.GetEc2Client(&cloudprovider.CommonOption{Account: account, Region: defaultRegion})
+	if err != nil {
+		return err
+	}
+
+	input := &ec2.DescribeRegionsInput{
+		AllRegions: aws.Bool(true),
+	}
+
+	_, err = client.DescribeRegions(input)
+	if err != nil {
+		return err
+	}
+
+	return nil
 }
 
 // ListCloudVpcsValidate list cloudAccount validate