Merge branch 'main' into fix/escape-error-and-highphrase-missing-error

lldap,system-server: pub event async

.github/workflows/release-daemon.yaml

@@ -31,7 +31,7 @@ jobs:
 
       - name: install udev-devel
         run: |
-          sudo apt install -y libudev-dev
+          sudo apt update && sudo apt install -y libudev-dev
 
       - name: Install x86_64 cross-compiler
         run: sudo apt-get update && sudo apt-get install -y build-essential

.github/workflows/release-daily.yaml

@@ -150,6 +150,7 @@ jobs:
           cp .dist/install-wizard/install.sh build/base-package
           cp build/base-package/install.sh build/base-package/publicInstaller.sh
           cp .dist/install-wizard/install.ps1 build/base-package
+          cp .dist/install-wizard/joincluster.sh build/base-package
 
       - name: Release public files
         uses: softprops/action-gh-release@v1

.github/workflows/release.yaml

@@ -121,6 +121,7 @@ jobs:
           cp build/base-package/install.sh build/base-package/publicInstaller.latest
           cp .dist/install-wizard/install.ps1 build/insbase-packagetaller
           cp build/base-package/install.ps1 build/base-package/publicInstaller.latest.ps1
+          cp .dist/install-wizard/joincluster.sh build/base-package
 
       - name: Release public files
         uses: softprops/action-gh-release@v1

.gitignore

@@ -31,3 +31,4 @@ olares-cli-*.tar.gz
 .DS_Store
 cli/output
 daemon/output
+daemon/bin

apps/.olares/config/user/helm-charts/market/templates/market_deploy.yaml

@@ -62,7 +62,7 @@ spec:
       initContainers:
         - args:
           - -it
-          - authelia-backend.os-system:9091
+          - authelia-backend.os-framework:9091
           image: owncloudci/wait-for:latest
           imagePullPolicy: IfNotPresent
           name: check-auth
@@ -118,7 +118,7 @@ spec:
           - name: APP_SOTRE_SERVICE_SERVICE_PORT
             value: '443'
           - name: APP_SERVICE_SERVICE_HOST
-            value: app-service.os-system
+            value: app-service.os-framework
           - name: APP_SERVICE_SERVICE_PORT
             value: '6755'
           - name: REPO_URL_PORT
@@ -141,14 +141,16 @@ spec:
           - name: NATS_PORT
             value: '4222'
           - name: NATS_USERNAME
-            value: market-backend-{{ .Values.bfl.username}}
+            value: os-market-backend
           - name: NATS_PASSWORD
             valueFrom:
               secretKeyRef:
                 name: market-backend-nats-secret
                 key: nats_password
-          - name: NATS_SUBJECT_USER_APPLICATION
-            value: terminus.user.application.{{ .Values.bfl.username}}
+          - name: NATS_SUBJECT_APPLICATION
+            value: os.application
+          - name: NATS_SUBJECT_MARKET
+            value: os.market
         volumeMounts:
           - name: opt-data
             mountPath: /opt/app/data
@@ -271,7 +273,7 @@ spec:
   dataType: app
   deployment: market
   description: app store provider
-  endpoint: appstore-service.{{ .Release.Namespace }}
+  endpoint: appstore-service.{{ .Release.Namespace }}:81
   group: service.appstore
   kind: provider
   namespace: {{ .Release.Namespace }}
@@ -327,7 +329,7 @@ metadata:
   namespace: {{ .Release.Namespace }}
 spec:
   app: market-backend
-  appNamespace: user
+  appNamespace: os
   middleware: nats
   nats:
     password:
@@ -337,17 +339,17 @@ spec:
           name: market-backend-nats-secret
     refs:
       - appName: user-service
-        appNamespace: user
+        appNamespace: os
         subjects:
           - name: "application.*"
             perm:
               - pub
               - sub
       - appName: user-service
-        appNamespace: user
+        appNamespace: os
         subjects:
           - name: "market.*"
             perm:
               - pub
               - sub
-    user: market-backend-{{ .Values.bfl.username}}
+    user: os-market-backend

apps/.olares/config/user/helm-charts/studio/templates/deployment.yaml

@@ -140,12 +140,6 @@ spec:
             items:
               - key: san.cnf
                 path: san.cnf
-        - name: sidecar-configs-studio
-          configMap:
-            name: sidecar-configs-studio
-            items:
-              - key: envoy.yaml
-                path: envoy.yaml
         - name: certs
           emptyDir: {}
       initContainers:
@@ -169,61 +163,6 @@ spec:
               mountPath: /charts
             - name: data
               mountPath: /data
-        - name: terminus-sidecar-init
-          image: aboveos/openservicemesh-init:v1.2.3
-          imagePullPolicy: IfNotPresent
-          command:
-            - /bin/sh
-            - -c
-            - |
-              iptables-restore --noflush <<EOF
-              # sidecar interception rules
-              *nat
-              :PROXY_IN_REDIRECT - [0:0]
-              :PROXY_INBOUND - [0:0]
-              :PROXY_OUTBOUND - [0:0]
-              :PROXY_OUT_REDIRECT - [0:0]
-
-              -A PREROUTING -p tcp -j PROXY_INBOUND
-              -A OUTPUT -p tcp -j PROXY_OUTBOUND
-              -A PROXY_INBOUND -p tcp --dport 15000 -j RETURN
-              -A PROXY_INBOUND -p tcp --dport 8083 -j RETURN
-              -A PROXY_INBOUND -p tcp -j PROXY_IN_REDIRECT
-              -A PROXY_IN_REDIRECT -p tcp -j REDIRECT --to-port 15003
-
-
-              -A PROXY_OUTBOUND -p tcp --dport 5432 -j RETURN
-              -A PROXY_OUTBOUND -p tcp --dport 6379 -j RETURN
-              -A PROXY_OUTBOUND -p tcp --dport 27017 -j RETURN
-              -A PROXY_OUTBOUND -p tcp --dport 443 -j RETURN
-              -A PROXY_OUTBOUND -p tcp --dport 8080 -j RETURN
-
-              -A PROXY_OUTBOUND -d ${POD_IP}/32 -j RETURN
-
-              -A PROXY_OUTBOUND -o lo ! -d 127.0.0.1/32 -m owner --uid-owner 1555 -j PROXY_IN_REDIRECT
-              -A PROXY_OUTBOUND -o lo -m owner ! --uid-owner 1555 -j RETURN
-              -A PROXY_OUTBOUND -m owner --uid-owner 1555 -j RETURN
-              -A PROXY_OUTBOUND -d 127.0.0.1/32 -j RETURN
-
-              -A PROXY_OUTBOUND -j PROXY_OUT_REDIRECT
-              -A PROXY_OUT_REDIRECT -p tcp -j REDIRECT --to-port 15001
-
-              COMMIT
-              EOF
-          env:
-            - name: POD_IP
-              valueFrom:
-                fieldRef:
-                  apiVersion: v1
-                  fieldPath: status.podIP
-          securityContext:
-            privileged: true
-            capabilities:
-              add:
-                - NET_ADMIN
-            runAsNonRoot: false
-            runAsUser: 0
-
         - name: generate-certs
           image: beclab/openssl:v3
           imagePullPolicy: IfNotPresent
@@ -249,7 +188,7 @@ spec:
 
       containers:
         - name: studio
-          image: beclab/studio-server:v0.1.50
+          image: beclab/studio-server:v0.1.51
           imagePullPolicy: IfNotPresent
           args:
             - server
@@ -303,58 +242,6 @@ spec:
             limits:
               cpu: "0.5"
               memory: 1000Mi
-        - name: terminus-envoy-sidecar
-          image: bytetrade/envoy:v1.25.11.1
-          imagePullPolicy: IfNotPresent
-          securityContext:
-            allowPrivilegeEscalation: false
-            runAsUser: 1555
-          ports:
-            - name: proxy-admin
-              containerPort: 15000
-            - name: proxy-inbound
-              containerPort: 15003
-            - name: proxy-outbound
-              containerPort: 15001
-          resources:
-            requests:
-              cpu: "50m"
-              memory: 100Mi
-            limits:
-              cpu: "0.5"
-              memory: 200Mi
-          volumeMounts:
-            - name: sidecar-configs-studio
-              readOnly: true
-              mountPath: /etc/envoy/envoy.yaml
-              subPath: envoy.yaml
-          command:
-            - /usr/local/bin/envoy
-            - --log-level
-            - debug
-            - -c
-            - /etc/envoy/envoy.yaml
-          env:
-            - name: POD_UID
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.uid
-            - name: POD_NAME
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.name
-            - name: POD_NAMESPACE
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.namespace
-            - name: POD_IP
-              valueFrom:
-                fieldRef:
-                  fieldPath: status.podIP
-            - name: APP_KEY
-              value: {{ .Values.os.studio.appKey }}
-            - name: APP_SECRET
-              value: {{ .Values.os.studio.appSecret }}
         - name: chartmuseum
           image: aboveos/helm-chartmuseum:v0.15.0
           args:
@@ -404,146 +291,4 @@ spec:
             timeoutSeconds: 1
             periodSeconds: 10
             successThreshold: 1
-            failureThreshold: 3
-
----
-apiVersion: v1
-data:
-  envoy.yaml: |
-    admin:
-      access_log_path: "/dev/stdout"
-      address:
-        socket_address:
-          address: 0.0.0.0
-          port_value: 15000
-    static_resources:
-      listeners:
-        - name: listener_0
-          address:
-            socket_address:
-              address: 0.0.0.0
-              port_value: 15003
-          listener_filters:
-            - name: envoy.filters.listener.original_dst
-              typed_config:
-                "@type": type.googleapis.com/envoy.extensions.filters.listener.original_dst.v3.OriginalDst
-          filter_chains:
-            - filters:
-                - name: envoy.filters.network.http_connection_manager
-                  typed_config:
-                    "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
-                    stat_prefix: desktop_http
-                    upgrade_configs:
-                      - upgrade_type: websocket
-                      - upgrade_type: tailscale-control-protocol
-                    skip_xff_append: false
-                    codec_type: AUTO
-                    route_config:
-                      name: local_route
-                      virtual_hosts:
-                        - name: service
-                          domains: ["*"]
-                          routes:
-                            - match:
-                                prefix: "/"
-                              route:
-                                cluster: original_dst
-                                timeout: 1800s
-                    http_protocol_options:
-                      accept_http_10: true
-                    http_filters:
-                      - name: envoy.filters.http.router
-                        typed_config:
-                          "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
-        - name: listener_1
-          address:
-            socket_address:
-              address: 0.0.0.0
-              port_value: 15001
-          listener_filters:
-            - name: envoy.filters.listener.original_dst
-              typed_config:
-                "@type": type.googleapis.com/envoy.extensions.filters.listener.original_dst.v3.OriginalDst
-          filter_chains:
-            - filters:
-                - name: envoy.filters.network.http_connection_manager
-                  typed_config:
-                    "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
-                    stat_prefix: studio_out_http
-                    skip_xff_append: false
-                    codec_type: AUTO
-                    route_config:
-                      name: local_route
-                      virtual_hosts:
-                        - name: service
-                          domains: ["*"]
-                          routes:
-                            - match:
-                                prefix: "/server/intent/send"
-                              request_headers_to_add:
-                                - header:
-                                    key: X-App-Key
-                                    value: {{ .Values.os.studio.appKey }}
-                              route:
-                                cluster: system-server
-                                prefix_rewrite: /system-server/v2/legacy_api/api.intent/v2/server/intent/send
-                            - match:
-                                prefix: "/"
-                              route:
-                                cluster: original_dst
-                                timeout: 1800s
-                              typed_per_filter_config:
-                                envoy.filters.http.lua:
-                                  "@type": type.googleapis.com/envoy.extensions.filters.http.lua.v3.LuaPerRoute
-                                  disabled: true
-
-                    http_protocol_options:
-                      accept_http_10: true
-                    http_filters:
-                      - name: envoy.filters.http.lua
-                        typed_config:
-                          "@type": type.googleapis.com/envoy.extensions.filters.http.lua.v3.Lua
-                          inline_code:
-                            local sha = require("lib.sha2")
-                            function envoy_on_request(request_handle)
-                            local app_key = os.getenv("APP_KEY")
-                            local app_secret = os.getenv("APP_SECRET")
-                            local current_time = os.time()
-                            local minute_level_time = current_time - (current_time % 60)
-                            local time_string = tostring(minute_level_time)
-                            local s = app_key .. app_secret .. time_string
-                            request_handle:logInfo("originstring:" .. s)
-                            local hash = sha.sha256(s)
-                            request_handle:logInfo("Hello World.")
-                            request_handle:logInfo(hash)
-                            request_handle:headers():add("X-Auth-Signature",hash)
-                            end
-                      - name: envoy.filters.http.router
-                        typed_config:
-                          "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
-
-
-      clusters:
-        - name: original_dst
-          connect_timeout: 5000s
-          type: ORIGINAL_DST
-          lb_policy: CLUSTER_PROVIDED
-        - name: system-server
-          connect_timeout: 2s
-          type: LOGICAL_DNS
-          dns_lookup_family: V4_ONLY
-          dns_refresh_rate: 600s
-          lb_policy: ROUND_ROBIN
-          load_assignment:
-            cluster_name: system-server
-            endpoints:
-              - lb_endpoints:
-                  - endpoint:
-                      address:
-                        socket_address:
-                          address: system-server.user-system-{{ .Values.bfl.username }}
-                          port_value: 80
-kind: ConfigMap
-metadata:
-  name: sidecar-configs-studio
-  namespace: {{ .Release.Namespace }}
+            failureThreshold: 3

apps/.olares/config/user/helm-charts/system-apps/templates/system-frontend.yaml

@@ -165,7 +165,7 @@ metadata:
   namespace: {{ .Release.Namespace }}
 spec:
   type: ExternalName
-  externalName: vault-server.os-system.svc.cluster.local
+  externalName: vault-server.os-framework.svc.cluster.local
   ports:
     - protocol: TCP
       port: 3010
@@ -279,7 +279,7 @@ spec:
       initContainers:
         - args:
             - -it
-            - authelia-backend.os-system:9091,infisical-service:80,system-server.user-system-{{ .Values.bfl.username }}:80,nats.user-system-{{ .Values.bfl.username }}:4222
+            - authelia-backend.os-framework:9091,infisical-service:80,system-server.user-system-{{ .Values.bfl.username }}:80,nats.user-system-{{ .Values.bfl.username }}:4222
           image: owncloudci/wait-for:latest
           imagePullPolicy: IfNotPresent
           name: check-auth
@@ -316,7 +316,7 @@ spec:
                   apiVersion: v1
                   fieldPath: status.podIP
         - name: dashboard-init
-          image: beclab/dashboard-frontend-v1:v0.4.9
+          image: beclab/dashboard:v1.3.81
           imagePullPolicy: IfNotPresent
           command:
             - /bin/sh
@@ -328,7 +328,7 @@ spec:
             - mountPath: /www
               name: www-dir
         - name: control-hub-init
-          image: beclab/admin-console-frontend-v1:v0.5.8
+          image: beclab/control-hub:v1.3.80
           imagePullPolicy: IfNotPresent
           command:
             - /bin/sh
@@ -364,7 +364,7 @@ spec:
             - mountPath: /www
               name: www-dir
         - name: wise-init
-          image: beclab/wise:v1.3.55
+          image: beclab/wise:v1.3.79
           imagePullPolicy: IfNotPresent
           command:
             - /bin/sh
@@ -376,7 +376,7 @@ spec:
             - mountPath: /www
               name: www-dir
         - name: settings-init
-          image: beclab/settings:v1.3.69
+          image: beclab/settings:v1.3.80
           imagePullPolicy: IfNotPresent
           command:
             - /bin/sh
@@ -388,7 +388,7 @@ spec:
             - mountPath: /www
               name: www-dir
         - name: studio-init
-          image: beclab/studio:v0.2.16
+          image: beclab/studio:v1.3.73
           imagePullPolicy: IfNotPresent
           command:
             - /bin/sh
@@ -435,7 +435,7 @@ spec:
             - name: PGDB
               value: user_space_{{ .Values.bfl.username }}_cloud_drive_integration
         - name: files-frontend-init
-          image: beclab/files-frontend:v1.3.68
+          image: beclab/files-frontend:v1.3.79
           imagePullPolicy: IfNotPresent
           command:
             - /bin/sh
@@ -471,7 +471,7 @@ spec:
             - mountPath: /www
               name: www-dir
         - name: edge-desktop-init
-          image: beclab/desktop:v0.2.59
+          image: beclab/desktop:v1.3.81
           imagePullPolicy: IfNotPresent
           command:
             - /bin/sh
@@ -600,7 +600,7 @@ spec:
             - name: NATS_PASSWORD
               value: {{ $files_frontend_nats_password | b64dec }}
             - name: NATS_SUBJECT
-              value: terminus.os-system.files-notify
+              value: os.files-notify
             - name: apiServerURL
               value: http://bfl.{{ .Release.Namespace }}:8080
             - name: NATS_USERNAME_USERSERVICE
@@ -610,23 +610,20 @@ spec:
                 secretKeyRef:
                   key: nats_password
                   name: user-service-nats-secret
-            - name: NATS_SUBJECT_USER_APPS
-              value: terminus.user.*.{{ .Values.bfl.username}}
-        - name: terminus-ws-sidecar
-          image: 'beclab/ws-gateway:v1.0.5'
-          imagePullPolicy: IfNotPresent
-          command:
-            - /ws-gateway
-          env:
-            - name: WS_PORT
-              value: '3010'
-            - name: WS_URL
-              value: /websocket/message
-          resources: {}
-          terminationMessagePath: /dev/termination-log
-          terminationMessagePolicy: File
+            - name: NATS_SUBJECT_MARKET
+              value: os.market.{{ .Values.bfl.username}}
+            - name: NATS_SUBJECT_APPLICATION
+              value: os.application.{{ .Values.bfl.username}}
+            - name: NATS_SUBJECT_NOTIFICATION
+              value: os.notification.{{ .Values.bfl.username}}
+            - name: NATS_SUBJECT_FILES
+              value: os.files.{{ .Values.bfl.username}}
+            - name: NATS_SUBJECT_KNOWLEDGE
+              value: os.knowledge.{{ .Values.bfl.username}}
+            - name: NATS_SUBJECT_VAULT
+              value: os.vault.{{ .Values.bfl.username}}
         - name: user-service
-          image: beclab/user-service:v0.0.8
+          image: beclab/user-service:v0.0.18
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 3000
@@ -650,7 +647,7 @@ spec:
             - name: TERMINUSD_HOST
               value: $(NODE_IP):18088
             - name: APP_SERVICE_SERVICE_HOST
-              value: app-service.os-system
+              value: app-service.os-framework
             - name: APP_SERVICE_SERVICE_PORT
               value: '6755'
             - name: APP_SERVICE_CHAIN_ID
@@ -669,6 +666,30 @@ spec:
                   name: user-service-secrets
             - name: DATABASE_URL
               value: postgres://user_service_{{ .Values.bfl.username }}:$(DATABASE_PASSWORD)@citus-master-svc.user-system-{{ .Values.bfl.username }}/user_space_{{ .Values.bfl.username }}_user_service?sslmode=disable
+            - name: NATS_HOST
+              value: nats.user-system-{{ .Values.bfl.username }}
+            - name: NATS_PORT
+              value: '4222'
+            - name: NATS_USERNAME_USERSERVICE
+              value: user-service-{{ .Values.bfl.username }}
+            - name: NATS_PASSWORD_USERSESRVICE
+              valueFrom:
+                secretKeyRef:
+                  key: nats_password
+                  name: user-service-nats-secret
+            - name: NATS_SUBJECT_MARKET
+              value: os.market.{{ .Values.bfl.username}}
+            - name: NATS_SUBJECT_APPLICATION
+              value: os.application.{{ .Values.bfl.username}}
+            - name: NATS_SUBJECT_NOTIFICATION
+              value: os.notification.{{ .Values.bfl.username}}
+            - name: NATS_SUBJECT_FILES
+              value: os.files.{{ .Values.bfl.username}}
+            - name: NATS_SUBJECT_KNOWLEDGE
+              value: os.knowledge.{{ .Values.bfl.username}}
+            - name: NATS_SUBJECT_VAULT
+              value: os.vault.{{ .Values.bfl.username}}
+              
         - name: drive-server
           image: beclab/drive:v0.0.72
           imagePullPolicy: IfNotPresent
@@ -723,7 +744,7 @@ spec:
             path: '{{ .Values.userspace.userData }}'
         - name: terminus-sidecar-config
           configMap:
-            name: sidecar-ws-configs
+            name: user-service-sidecar-ws-configs
             items:
               - key: envoy.yaml
                 path: envoy.yaml
@@ -910,7 +931,7 @@ metadata:
   namespace: user-system-{{ .Values.bfl.username }}
 spec:
   app: files-frontend
-  appNamespace: user-space-{{ .Values.bfl.username }}
+  appNamespace: os
   middleware: nats
   nats:
     password:
@@ -920,16 +941,16 @@ spec:
           name: files-frontend-nats-secrets
     refs:
       - appName: files-server
-        appNamespace: os-system
+        appNamespace: os
         subjects:
           - name: files-notify
             perm:
               - pub
               - sub
-      - appName: user-files
-        appNamespace: "user.{{ .Values.bfl.username }}"
+      - appName: user-service
+        appNamespace: os
         subjects:
-          - name: files
+          - name: "files.*"
             perm:
               - pub
               - sub
@@ -994,7 +1015,7 @@ data:
                           http_service:
                             path_prefix: '/api/verify/'
                             server_uri:
-                              uri: authelia-backend.os-system:9091
+                              uri: authelia-backend.os-framework:9091
                               cluster: authelia
                               timeout: 2s
                             authorization_request:
@@ -1090,7 +1111,7 @@ data:
                   - endpoint:
                       address:
                         socket_address:
-                          address: files-service.os-system
+                          address: files-service.os-framework
                           port_value: 80
         - name: authelia
           connect_timeout: 2s
@@ -1105,7 +1126,7 @@ data:
                   - endpoint:
                       address:
                         socket_address:
-                          address: authelia-backend.os-system
+                          address: authelia-backend.os-framework
                           port_value: 9091
         - name: images
           connect_timeout: 5s
@@ -1444,7 +1465,7 @@ metadata:
   namespace: {{ .Release.Namespace }}
 spec:
   type: ExternalName
-  externalName: vault-server.os-system.svc.cluster.local
+  externalName: vault-server.os-framework.svc.cluster.local
   ports:
     - protocol: TCP
       port: 3000
@@ -1663,7 +1684,7 @@ data:
                       http_service:
                         path_prefix: '/api/verify/'
                         server_uri:
-                          uri: authelia-backend.os-system:9091
+                          uri: authelia-backend.os-framework:9091
                           cluster: authelia
                           timeout: 2s
                         authorization_request:
@@ -1761,7 +1782,7 @@ data:
                 - endpoint:
                     address:
                       socket_address:
-                        address: authelia-backend.os-system
+                        address: authelia-backend.os-framework
                         port_value: 9091
       - name: images
         connect_timeout: 5s
@@ -1840,7 +1861,7 @@ data:
                       http_service:
                         path_prefix: '/api/verify/'
                         server_uri:
-                          uri: authelia-backend.os-system:9091
+                          uri: authelia-backend.os-framework:9091
                           cluster: authelia
                           timeout: 2s
                         authorization_request:
@@ -1951,7 +1972,7 @@ data:
                 - endpoint:
                     address:
                       socket_address:
-                        address: authelia-backend.os-system
+                        address: authelia-backend.os-framework
                         port_value: 9091
       - name: images
         connect_timeout: 5s
@@ -1973,6 +1994,195 @@ metadata:
   name: sidecar-ws-configs
   namespace: {{ .Release.Namespace }}
 ---
+apiVersion: v1
+data:
+  envoy.yaml: |
+    admin:
+      access_log_path: "/dev/stdout"
+      address:
+        socket_address:
+          address: 0.0.0.0
+          port_value: 15000
+    static_resources:
+      listeners:
+      - name: listener_0
+        address:
+          socket_address:
+            address: 0.0.0.0
+            port_value: 15003
+        listener_filters:
+          - name: envoy.filters.listener.original_dst
+            typed_config:
+              "@type": type.googleapis.com/envoy.extensions.filters.listener.original_dst.v3.OriginalDst
+        filter_chains:
+          - filters:
+              - name: envoy.filters.network.http_connection_manager
+                typed_config:
+                  "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
+                  stat_prefix: desktop_http
+                  upgrade_configs:
+                  - upgrade_type: websocket      
+                  - upgrade_type: tailscale-control-protocol            
+                  skip_xff_append: false
+                  max_request_headers_kb: 500
+                  codec_type: AUTO
+                  route_config:
+                    name: local_route
+                    virtual_hosts:
+                      - name: service
+                        domains: ["*"]
+                        routes:
+                          - match:
+                              prefix: "/ws"
+                            route:
+                              cluster: ws_original_dst
+                          - match:
+                              prefix: "/"
+                            route:
+                              cluster: original_dst
+                              timeout: 180s
+                  http_protocol_options:
+                    accept_http_10: true
+                  http_filters:
+                  - name: envoy.filters.http.ext_authz
+                    typed_config:
+                      "@type": type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz
+                      http_service:
+                        path_prefix: '/api/verify/'
+                        server_uri:
+                          uri: authelia-backend.os-framework:9091
+                          cluster: authelia
+                          timeout: 2s
+                        authorization_request:
+                          allowed_headers:
+                            patterns:
+                              - exact: accept
+                              - exact: cookie
+                              - exact: proxy-authorization
+                              - prefix: x-unauth-
+                              - exact: x-authorization
+                              - exact: x-bfl-user
+                              - exact: x-real-ip
+                              - exact: terminus-nonce
+                          headers_to_add:
+                            - key: X-Forwarded-Method
+                              value: '%REQ(:METHOD)%'
+                            - key: X-Forwarded-Proto
+                              value: '%REQ(:SCHEME)%'
+                            - key: X-Forwarded-Host
+                              value: '%REQ(:AUTHORITY)%'
+                            - key: X-Forwarded-Uri
+                              value: '%REQ(:PATH)%'
+                            - key: X-Forwarded-For
+                              value: '%DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%'
+                        authorization_response:
+                          allowed_upstream_headers:
+                            patterns:
+                              - exact: authorization
+                              - exact: proxy-authorization
+                              - prefix: remote-
+                              - prefix: authelia-
+                          allowed_client_headers:
+                            patterns:
+                              - exact: set-cookie
+                          allowed_client_headers_on_success:
+                            patterns:
+                              - exact: set-cookie
+                      failure_mode_allow: false                      
+                  - name: envoy.filters.http.router
+                    typed_config:
+                      "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
+
+      - name: listener_image
+        address:
+          socket_address:
+            address: 127.0.0.1
+            port_value: 15080
+        filter_chains:
+          - filters:
+              - name: envoy.filters.network.http_connection_manager
+                typed_config:
+                  "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
+                  stat_prefix: tapr_http
+                  http_protocol_options:
+                    accept_http_10: true
+                  upgrade_configs:
+                  - upgrade_type: websocket                  
+                  skip_xff_append: false
+                  codec_type: AUTO
+                  route_config:
+                    name: local_route
+                    virtual_hosts:
+                      - name: service
+                        domains: ["*"]
+                        routes:
+                          - match:
+                              prefix: "/images/upload"
+                            route:
+                              cluster: images
+                  http_filters:
+                  - name: envoy.filters.http.router
+                    typed_config:
+                      "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
+        
+        
+      clusters:
+      - name: original_dst
+        connect_timeout: 5000s
+        type: ORIGINAL_DST
+        lb_policy: CLUSTER_PROVIDED
+        common_http_protocol_options:
+          idle_timeout: 10s
+      - name: ws_original_dst
+        connect_timeout: 5000s
+        type: LOGICAL_DNS
+        dns_lookup_family: V4_ONLY
+        dns_refresh_rate: 600s
+        lb_policy: ROUND_ROBIN
+        load_assignment:
+          cluster_name: ws_original_dst
+          endpoints:
+            - lb_endpoints:
+                - endpoint:
+                    address:
+                      socket_address:
+                        address: localhost
+                        port_value: 3100
+      - name: authelia
+        connect_timeout: 2s
+        type: LOGICAL_DNS
+        dns_lookup_family: V4_ONLY
+        dns_refresh_rate: 600s
+        lb_policy: ROUND_ROBIN
+        load_assignment:
+          cluster_name: authelia
+          endpoints:
+            - lb_endpoints:
+                - endpoint:
+                    address:
+                      socket_address:
+                        address: authelia-backend.os-framework
+                        port_value: 9091
+      - name: images
+        connect_timeout: 5s
+        type: LOGICAL_DNS
+        dns_lookup_family: V4_ONLY
+        dns_refresh_rate: 600s
+        lb_policy: ROUND_ROBIN
+        load_assignment:
+          cluster_name: images
+          endpoints:
+            - lb_endpoints:
+                - endpoint:
+                    address:
+                      socket_address:
+                        address: tapr-images-svc.user-system-{{ .Values.bfl.username }}
+                        port_value: 8080
+kind: ConfigMap
+metadata:
+  name: user-service-sidecar-ws-configs
+  namespace: {{ .Release.Namespace }}
+---
 kind: ConfigMap
 apiVersion: v1
 metadata:
@@ -2047,15 +2257,15 @@ data:
     }
   dashboard-control-hub.conf: |-
     upstream SettingsServer {
-        server monitoring-server.os-system;
+        server monitoring-server.os-framework;
     }
 
     upstream Middleware {
-        server middleware-service.os-system;
+        server middleware-service.os-platform;
     }
 
     upstream Analytics {
-        server analytics-server.os-system:3010;
+        server analytics-server.os-framework:3010;
     }
 
     upstream HamiServer {
@@ -2081,7 +2291,7 @@ data:
       }
 
       location /ws {
-        proxy_pass http://127.0.0.1:40010;
+        proxy_pass http://127.0.0.1:3100;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection "upgrade";
@@ -2348,15 +2558,15 @@ data:
     }
   wise.conf: |-
     upstream KnowledgeServer {
-        server rss-svc.os-system:3010;
+        server rss-svc.os-framework:3010;
     }
 
     upstream RSSServer {
-        server rss-server.os-system:3010;
+        server rss-server.os-framework:3010;
     }
 
     upstream ArgoworkflowsSever {
-        server argoworkflows-svc.os-system:2746;
+        server argoworkflows-svc.os-framework:2746;
     }
 
     server {
@@ -2384,7 +2594,7 @@ data:
       }
 
       location /ws {
-        proxy_pass http://rss-svc.os-system:40010;
+        proxy_pass http://127.0.0.1:3100;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection "upgrade";
@@ -2443,11 +2653,11 @@ data:
             add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
             add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
             add_header Access-Control-Allow-Origin $http_origin;
-            proxy_pass http://media-server-service.os-system:9090;
+            proxy_pass http://media-server-service.os-framework:9090;
         }
 
         location /api {
-            proxy_pass http://files-service.os-system:80;
+            proxy_pass http://files-service.os-framework:80;
             # rewrite ^/server(.*)$ $1 break;
 
             # Add original-request-related headers
@@ -2466,7 +2676,7 @@ data:
         }
 
         location /upload {
-            proxy_pass http://files-service.os-system:80;
+            proxy_pass http://files-service.os-framework:80;
             # rewrite ^/server(.*)$ $1 break;
 
             # Add original-request-related headers
@@ -2521,7 +2731,7 @@ data:
     }
   settings.conf: |-
     upstream SettingsServer_Monitoring {
-        server monitoring-server.os-system;
+        server monitoring-server.os-framework;
     }
 
     upstream InfisicalServer {
@@ -2529,7 +2739,7 @@ data:
     }
 
     upstream BackupServer {
-        server backup-server.os-system:8082;
+        server backup-server.os-framework:8082;
     }
 
     server {
@@ -2556,7 +2766,7 @@ data:
         }
 
         location /ws {
-          proxy_pass http://127.0.0.1:40010;
+          proxy_pass http://127.0.0.1:3100;
           proxy_http_version 1.1;
           proxy_set_header Upgrade $http_upgrade;
           proxy_set_header Connection "upgrade";
@@ -2590,13 +2800,13 @@ data:
         }
 
         location /apis/backup {
-            proxy_pass http://backup-server.os-system:8082;
+            proxy_pass http://backup-server.os-framework:8082;
            add_header Accept "application/json, text/plain, */*";
            add_header Content-Type "application/json; charset=utf-8";
         }
 
         location /api/resources {
-           proxy_pass http://files-service.os-system:80;
+           proxy_pass http://files-service.os-framework:80;
            # rewrite ^/server(.*)$ $1 break;
 
            # Add original-request-related headers
@@ -2658,15 +2868,15 @@ data:
     }
   studio.conf: |-
     upstream SettingsServerStudio {
-        server monitoring-server.os-system;
+        server monitoring-server.os-framework;
     }
 
     upstream MiddlewareStudio {
-        server middleware-service.os-system;
+        server middleware-service.os-platform;
     }
 
     upstream AnalyticsStudio {
-      server analytics-server.os-system:3010;
+      server analytics-server.os-framework:3010;
     }
 
     server {
@@ -2767,7 +2977,7 @@ data:
       }
 
       location /ws {
-        proxy_pass http://127.0.0.1:40010;
+        proxy_pass http://127.0.0.1:3100;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection "upgrade";
@@ -2863,7 +3073,7 @@ data:
             expires 0;
         }
         location /api/resources/AppData {
-            proxy_pass http://files-service.os-system:80;
+            proxy_pass http://files-service.os-framework:80;
             # rewrite ^/server(.*)$ $1 break;
             # Add original-request-related headers
             proxy_set_header X-Real-IP $remote_addr;
@@ -2877,7 +3087,7 @@ data:
             proxy_send_timeout 60s;
         }
         location /api/raw/AppData {
-            proxy_pass http://files-service.os-system:80;
+            proxy_pass http://files-service.os-framework:80;
             # rewrite ^/server(.*)$ $1 break;
             # Add original-request-related headers
             proxy_set_header X-Real-IP $remote_addr;
@@ -2891,7 +3101,7 @@ data:
             proxy_send_timeout 1800s;
         }
         location /api/raw {
-            proxy_pass http://files-service.os-system:80;
+            proxy_pass http://files-service.os-framework:80;
             # rewrite ^/server(.*)$ $1 break;
             # Add original-request-related headers
             proxy_set_header X-Real-IP $remote_addr;
@@ -2906,7 +3116,7 @@ data:
         }
 
         location /api/md5 {
-            proxy_pass http://files-service.os-system:80;
+            proxy_pass http://files-service.os-framework:80;
             # rewrite ^/server(.*)$ $1 break;
             # Add original-request-related headers
             proxy_set_header X-Real-IP $remote_addr;
@@ -2921,7 +3131,7 @@ data:
         }
         
         location /api/paste {
-            proxy_pass http://files-service.os-system:80;
+            proxy_pass http://files-service.os-framework:80;
             # rewrite ^/server(.*)$ $1 break;
             # Add original-request-related headers
             proxy_set_header X-Real-IP $remote_addr;
@@ -2936,7 +3146,7 @@ data:
         }
 
         location /api/cache {
-            proxy_pass http://files-service.os-system:80;
+            proxy_pass http://files-service.os-framework:80;
             # rewrite ^/server(.*)$ $1 break;
             # Add original-request-related headers
             proxy_set_header X-Real-IP $remote_addr;
@@ -2951,7 +3161,7 @@ data:
         }
 
         location /provider {
-            proxy_pass http://files-service.os-system:80;
+            proxy_pass http://files-service.os-framework:80;
             # rewrite ^/server(.*)$ $1 break;
             # Add original-request-related headers
             proxy_set_header X-Real-IP $remote_addr;
@@ -2966,7 +3176,7 @@ data:
         }
 
         location /api {
-            proxy_pass http://files-service.os-system:80;
+            proxy_pass http://files-service.os-framework:80;
             # rewrite ^/server(.*)$ $1 break;
             # Add original-request-related headers
             proxy_set_header X-Real-IP $remote_addr;
@@ -2982,7 +3192,7 @@ data:
         }
 
         location /share_link {
-            proxy_pass http://files-service.os-system:80;
+            proxy_pass http://files-service.os-framework:80;
             # rewrite ^/server(.*)$ $1 break;
             # Add original-request-related headers
             proxy_set_header X-Real-IP $remote_addr;
@@ -2998,7 +3208,7 @@ data:
         }
 
         location /upload {
-            proxy_pass http://files-service.os-system:80;
+            proxy_pass http://files-service.os-framework:80;
             # rewrite ^/server(.*)$ $1 break;
             # Add original-request-related headers
             proxy_set_header X-Real-IP $remote_addr;
@@ -3059,7 +3269,7 @@ data:
             add_header Access-Control-Allow-Headers "access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,content-type,x-auth,x-unauth-error,x-authorization";
             add_header Access-Control-Allow-Methods "PUT, GET, DELETE, POST, OPTIONS";
             add_header Access-Control-Allow-Origin $http_origin;  
-            proxy_pass http://media-server-service.os-system:9090;
+            proxy_pass http://media-server-service.os-framework:9090;
         }
         location /drive/ {
             proxy_pass http://127.0.0.1:8181;
@@ -3072,7 +3282,7 @@ data:
         location /api/raw/Home/ {
             expires 30d;
             add_header Cache-Control "public, max-age=2592000";
-            proxy_pass http://files-service.os-system:80;
+            proxy_pass http://files-service.os-framework:80;
             # rewrite ^/server(.*)$ $1 break;
             # Add original-request-related headers
             proxy_set_header X-Real-IP $remote_addr;
@@ -3093,7 +3303,7 @@ data:
         }
         location ~ ^/resources/Home/Pictures/(.*.(png|jpg|svg|gif|jpeg))$
         {
-            proxy_pass http://files-service.os-system:80/api/raw/Home/Pictures/$1;
+            proxy_pass http://files-service.os-framework:80/api/raw/Home/Pictures/$1;
             add_header Cache-Control "public, max-age=2592000";
             proxy_set_header X-Real-IP $remote_addr;
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -3199,7 +3409,7 @@ data:
             add_header X-Frame-Options SAMEORIGIN;
         }
         location /ws {
-            proxy_pass http://127.0.0.1:40010;
+            proxy_pass http://127.0.0.1:3100;
             proxy_http_version 1.1;
             proxy_set_header Upgrade $http_upgrade;
             proxy_set_header Connection "upgrade";
@@ -3214,9 +3424,6 @@ data:
     upstream AppstoreBackendServer {
       server appstore-svc:81;
     }
-    upstream AppstoreBackendWebScoket {
-      server appstore-svc:40010;
-    }
     server {
         listen 90;
         gzip off;
@@ -3234,7 +3441,7 @@ data:
         }
 
         location /ws {
-            proxy_pass http://AppstoreBackendWebScoket;
+            proxy_pass http://127.0.0.1:3100;
             proxy_http_version 1.1;
             proxy_set_header Upgrade $http_upgrade;
             proxy_set_header Connection "upgrade";
@@ -3368,7 +3575,7 @@ data:
             proxy_send_timeout 60s;
         }
         location /ws {
-            proxy_pass http://127.0.0.1:40010;
+            proxy_pass http://127.0.0.1:3100;
             proxy_http_version 1.1;
             proxy_set_header Upgrade $http_upgrade;
             proxy_set_header Connection "upgrade";
@@ -3387,7 +3594,7 @@ metadata:
   namespace: user-space-{{ .Values.bfl.username }}
 spec:
   app: user-service
-  appNamespace: user
+  appNamespace: os
   middleware: nats
   nats:
     password:
@@ -3401,6 +3608,9 @@ spec:
           - appName: files-server
             sub: allow
             pub: allow
+          - appName: files-frontend
+            sub: allow
+            pub: allow
         name: "files.*"
         permission:
           pub: allow
@@ -3452,6 +3662,9 @@ spec:
           - appName: knowledge
             sub: allow
             pub: allow
+          - appName: download
+            sub: allow
+            pub: allow
         name: "knowledge.*"
         permission:
           sub: allow

apps/.olares/config/user/helm-charts/wizard/templates/wizard_deploy.yaml

@@ -22,42 +22,10 @@ spec:
       initContainers:
       - args:
         - -it
-        - authelia-backend.os-system:9091
+        - authelia-backend.os-framework:9091
         image: owncloudci/wait-for:latest
         imagePullPolicy: IfNotPresent
         name: check-auth
-      # - name: terminus-sidecar-init
-      #   image: openservicemesh/init:v1.2.3
-      #   imagePullPolicy: IfNotPresent
-      #   securityContext:
-      #     privileged: true
-      #     capabilities: 
-      #       add:
-      #       - NET_ADMIN
-      #     runAsNonRoot: false
-      #     runAsUser: 0
-      #   command:
-      #   - /bin/sh
-      #   - -c
-      #   - |
-      #     iptables-restore --noflush <<EOF
-      #     # sidecar interception rules
-      #     *nat
-      #     :PROXY_IN_REDIRECT - [0:0]
-      #     :PROXY_INBOUND - [0:0]
-      #     -A PROXY_IN_REDIRECT -p tcp -j REDIRECT --to-port 15003
-      #     -A PROXY_INBOUND -p tcp --dport 15000 -j RETURN
-      #     -A PROXY_INBOUND -p tcp -j PROXY_IN_REDIRECT
-      #     -A PREROUTING -p tcp -j PROXY_INBOUND
-      #     COMMIT
-      #     EOF
-        
-      #   env:
-      #   - name: POD_IP
-      #     valueFrom:
-      #       fieldRef:
-      #         apiVersion: v1
-      #         fieldPath: status.podIP
 
       containers:
       - name: wizard
@@ -68,77 +36,11 @@ spec:
         env:
           - name: apiServerURL
             value: http://bfl.{{ .Release.Namespace }}:8080
-
-      # - name: wizard-server
-      #   image: aboveos/wizard-server:v0.4.2
-      #   imagePullPolicy: IfNotPresent
-      #   volumeMounts:
-      #   - name: userspace-dir
-      #     mountPath: /Home
-      #   ports:
-      #   - containerPort: 3000
-      #   env:
-      #   - name: OS_SYSTEM_SERVER
-      #     value: system-server.user-system-{{ .Values.bfl.username }}
-      #   - name: OS_APP_SECRET
-      #     value: '{{ .Values.os.desktop.appSecret }}'
-      #   - name: OS_APP_KEY
-      #     value: {{ .Values.os.desktop.appKey }}
-      #   - name: APP_SERVICE_SERVICE_HOST
-      #     value: app-service.os-system
-      #   - name: APP_SERVICE_SERVICE_PORT
-      #     value: '6755'
-
-      # - name: terminus-envoy-sidecar
-      #   image: bytetrade/envoy:v1.25.11
-      #   imagePullPolicy: IfNotPresent
-      #   securityContext:
-      #     allowPrivilegeEscalation: false
-      #     runAsUser: 1000
-      #   ports:
-      #   - name: proxy-admin
-      #     containerPort: 15000
-      #   - name: proxy-inbound
-      #     containerPort: 15003
-      #   volumeMounts:
-      #   - name: terminus-sidecar-config
-      #     readOnly: true
-      #     mountPath: /etc/envoy/envoy.yaml
-      #     subPath: envoy.yaml
-      #   command:
-      #   - /usr/local/bin/envoy
-      #   - --log-level
-      #   - debug
-      #   - -c
-      #   - /etc/envoy/envoy.yaml
-      #   env:
-      #   - name: POD_UID
-      #     valueFrom:
-      #       fieldRef:
-      #         fieldPath: metadata.uid
-      #   - name: POD_NAME
-      #     valueFrom:
-      #       fieldRef:
-      #         fieldPath: metadata.name
-      #   - name: POD_NAMESPACE
-      #     valueFrom:
-      #       fieldRef:
-      #         fieldPath: metadata.namespace
-      #   - name: POD_IP
-      #     valueFrom:
-      #       fieldRef:
-      #         fieldPath: status.podIP
       volumes:
       - name: userspace-dir
         hostPath:
           type: Directory
           path: "{{ .Values.userspace.userData }}"
-      # - name: terminus-sidecar-config
-      #   configMap:
-      #     name: sidecar-configs
-      #     items:
-      #     - key: envoy.yaml
-      #       path: envoy.yaml
 
 ---
 apiVersion: v1

build/base-package/publicRestoreInstaller.sh

@@ -1003,7 +1003,7 @@ _get_sts_bfl() {
 
 _get_deployment_backup_server() {
     local res
-    res=$($sh_c "${KUBECTL} -n os-system get deployment backup-server 2>/dev/null")
+    res=$($sh_c "${KUBECTL} -n os-framework get deployment backup 2>/dev/null")
     if [ "$?" -ne 0 ]; then
         echo 0
     fi

build/base-package/refresh_sts.sh

@@ -30,7 +30,7 @@ repaire_crd_terminus() {
 
     if [ ! -z "${AWS_SESSION_TOKEN_SETUP}" ]; then
         patch='[{"op":"add","path":"/metadata/annotations/bytetrade.io~1s3-sts","value":"'"$AWS_SESSION_TOKEN_SETUP"'"},{"op":"add","path":"/metadata/annotations/bytetrade.io~1s3-ak","value":"'"$AWS_ACCESS_KEY_ID_SETUP"'"},{"op":"add","path":"/metadata/annotations/bytetrade.io~1s3-sk","value":"'"$AWS_SECRET_ACCESS_KEY_SETUP"'"},{"op":"add","path":"/metadata/annotations/bytetrade.io~1cluster-id","value":"'"$CLUSTER_ID"'"}]'
-        $sh_c "${KUBECTL} patch terminus.sys.bytetrade.io terminus -n os-system --type='json' -p='$patch'"
+        $sh_c "${KUBECTL} patch terminus.sys.bytetrade.io terminus --type='json' -p='$patch'"
     fi
 }
 

build/base-package/upgrade_cmd.sh

@@ -1,616 +0,0 @@
-#!/usr/bin/env bash
-
-
-
-
-# Upgrading will be executed in  app-service container based on kubesphere/kubectl:v1.22.9
-# By default, the tool packages will be installed via apt during the docker build
-
-# env:
-# BASE_DIR
-
-
-function command_exists() {
-	command -v "$@" > /dev/null 2>&1
-}
-
-function get_shell_exec(){
-    user="$(id -un 2>/dev/null || true)"
-
-    sh_c='sh -c'
-	if [ "$user" != 'root' ]; then
-		if command_exists sudo && command_exists su; then
-			sh_c='sudo su -c'
-		else
-			cat >&2 <<-'EOF'
-			Error: this installer needs the ability to run commands as root.
-			We are unable to find either "sudo" or "su" available to make this happen.
-			EOF
-			exit 1
-		fi
-	fi
-}
-
-function get_bfl_api_port(){
-    local username=$1
-    $sh_c "${KUBECTL} get svc bfl -n user-space-${username} -o jsonpath='{.spec.ports[0].nodePort}'"
-}
-
-# function get_docs_port(){
-#     local username=$1
-#     $sh_c "${KUBECTL} get svc swagger-ui -n user-space-${username} -o jsonpath='{.spec.ports[0].nodePort}'"
-# }
-
-function get_desktop_port(){
-    local username=$1
-    $sh_c "${KUBECTL} get svc edge-desktop -n user-space-${username} -o jsonpath='{.spec.ports[0].nodePort}'"
-}
-
-function get_user_password(){
-    local username=$1
-    $sh_c "${KUBECTL} get user ${username} -o jsonpath='{.spec.password}'"
-}
-
-function get_user_email(){
-    local username=$1
-    $sh_c "${KUBECTL} get user ${username} -o jsonpath='{.spec.email}'"
-}
-
-
-function ensure_success() {
-    "$@"
-    local ret=$?
-
-    if [ $ret -ne 0 ]; then
-        echo "Fatal error, command: '$@'"
-        exit $ret
-    fi
-
-    return $ret
-}
-
-function validate_user(){
-    local username=$1
-    $sh_c "${KUBECTL} get ns user-space-${username} > /dev/null" 
-    local ret=$?
-    if [ $ret -ne 0 ]; then
-        echo "no"
-    else
-        echo "yes"
-    fi
-}
-
-function get_bfl_node(){
-    local username=$1
-    $sh_c "${KUBECTL} get pod  -n user-space-${username} -l 'tier=bfl' -o jsonpath='{.items[*].spec.nodeName}'"
-}
-
-function get_bfl_url() {
-    local username=$1
-    local user_bfl_port=$(get_bfl_api_port ${username})
-
-    bfl_ip=$(curl -s http://checkip.dyndns.org/ | grep -o "[[:digit:].]\+")
-    echo "http://$bfl_ip:${user_bfl_port}/bfl/apidocs.json"
-}
-
-function get_userspace_dir(){
-    local username=$1
-    local space_dir=$2
-    $sh_c "${KUBECTL} get pod  -n user-space-${username} -l 'tier=bfl' -o \
-    jsonpath='{range .items[0].spec.volumes[*]}{.name}{\" \"}{.persistentVolumeClaim.claimName}{\"\\n\"}{end}'" | \
-    while read pvc; do
-        local pvc_data=($pvc)
-        if [ ${#pvc_data[@]} -gt 1 ]; then
-            if [ "x${pvc_data[0]}" == "x${space_dir}" ]; then
-                local USERSPACE_PVC="${pvc_data[1]}"
-                local pv=$($sh_c "${KUBECTL} get pvc -n user-space-${username} ${pvc_data[1]} -o jsonpath='{.spec.volumeName}'")
-                local pv_path=$($sh_c "${KUBECTL} get pv ${pv} -o jsonpath='{.spec.hostPath.path}'")
-                local USERSPACE_PV_PATH="${pv_path}"
-
-                echo "${USERSPACE_PVC} ${USERSPACE_PV_PATH} ${pv}"
-                break
-            fi
-        fi
-    done 
-}
-
-function get_bfl_rand16(){
-    local username=$1
-    local prefix=$2
-
-    $sh_c "${KUBECTL} get sts -n user-space-${username} bfl -o jsonpath='{.metadata.annotations.${prefix}_rand16}'"
-}
-
-function gen_app_key_secret(){
-    local app=$1
-    local key="bytetrade_${app}_${RANDOM}"
-    local t=$(date +%s)
-    local secret=$(echo -n "${key}|${t}"|md5sum|cut -d" " -f1)
-
-    echo "${key} ${secret:0:16}"
-}
-
-function get_app_key_secret(){
-    local username=$1
-    local app=$2
-
-    local ks=$($sh_c "${KUBECTL} get appperm ${app} -n user-system-${username} -o jsonpath='{.spec.key} {.spec.secret}'")
-
-    if [ "x${ks}" == "x" ]; then
-        ks=$(gen_app_key_secret "${app}")
-    fi
-
-    echo "${ks}"
-}
-
-
-function get_app_settings(){
-    local username=$1
-    local apps=("vault" "desktop" "message" "wise" "search" "appstore" "notification" "dashboard" "settings" "studio" "profile" "agent" "files")
-    for a in ${apps[@]};do
-        ks=($(get_app_key_secret "$username" "$a"))
-        echo '
-  '${a}':
-    appKey: '${ks[0]}'    
-    appSecret: "'${ks[1]}'"    
-        '
-    done
-}
-
-
-
-function gen_bfl_values(){
-    local username=$1
-    local user_bfl_port=$(get_bfl_api_port ${username})
-
-    echo "Try to find the current bfl pv ..."
-    local pvc_path=($(get_userspace_dir ${username} "userspace-dir"))
-    local appcache_pvc_path=($(get_userspace_dir ${username} "appcache-dir"))
-    local dbdata_pvc_path=($(get_userspace_dir ${username} "dbdata-dir"))
-
-    local userspace_rand16=$(get_userspace_dir ${username} "userspace")
-    local appcache_rand16=$(get_userspace_dir ${username} "Cache")
-    local dbdata_rand16=$(get_userspace_dir ${username} "dbdata")
-
-    echo '
-bfl:
-  nodeport: '${user_bfl_port}'
-  username: '${username}'
-
-  userspace_rand16: '${userspace_rand16}'
-  userspace_pv: '${pvc_path[2]}'
-  userspace_pvc: '${pvc_path[0]}'
-
-  appcache_rand16: '${appcache_rand16}'
-  appcache_pv: '${appcache_pvc_path[2]}'
-  appcache_pvc: '${appcache_pvc_path[0]}'
-
-  dbdata_rand16: '${dbdata_rand16}'
-  dbdata_pv: '${dbdata_pvc_path[2]}'
-  dbdata_pvc: '${dbdata_pvc_path[0]}'
-  ' > ${BASE_DIR}/wizard/config/launcher/values.yaml
-}
-
-
-function gen_settings_values(){
-    local username=$1
-    # local userpwd="$(get_user_password ${username})"
-    # local useremail="$(get_user_email ${username})"
-
-    echo '
-namespace:
-  name: user-space-'${username}'
-  role: admin
-
-user:
-  name: '${username}'
-    ' > ${BASE_DIR}/wizard/config/settings/values.yaml
-}
-
-function gen_app_values(){
-    local username=$1
-
-    local bfl_node=$(get_bfl_node ${username})
-    local bfl_doc_url=$(get_bfl_url ${username})
-    local desktop_ports=$(get_desktop_port ${username})
-#    local docs_ports=$(get_docs_port ${username})
-
-    echo "Try to find pv ..."
-    local pvc_path=($(get_userspace_dir ${username} "userspace-dir"))
-    local appcache_pvc_path=($(get_userspace_dir ${username} "appcache-dir"))
-    local dbdata_pvc_path=($(get_userspace_dir ${username} "dbdata-dir"))
-
-    local app_perm_settings=$(get_app_settings ${username})
-    cat ${BASE_DIR}/wizard/config/launcher/values.yaml > ${BASE_DIR}/wizard/config/apps/values.yaml
-    cat << EOF >> ${BASE_DIR}/wizard/config/apps/values.yaml
-  url: '${bfl_doc_url}'
-  nodeName: ${bfl_node}
-pvc:
-  userspace: ${pvc_path[0]}
-userspace:
-  appCache: ${appcache_pvc_path[1]}
-  dbdata: ${dbdata_pvc_path[1]}
-  userData: ${pvc_path[1]}/Home
-  appData: ${pvc_path[1]}/Data
-
-desktop:
-  nodeport: ${desktop_ports}
-os:
-  ${app_perm_settings}
-EOF
-}
-
-function close_apps(){
-    local username=$1
-    local app_list=(
-        "vault-deployment"
-    )
-
-
-    for app in ${app_list[@]} ; do
-        $sh_c "${KUBECTL} scale deployment ${app} -n user-space-${username} --replicas=0"
-    done
-}
-
-repeat(){
-    for i in $(seq 1 $1); do
-        echo -n $2
-    done
-}
-
-function get_appservice_pod(){
-    $sh_c "${KUBECTL} get pod  -n os-system -l 'tier=app-service' -o jsonpath='{.items[*].metadata.name}'"
-}
-
-function get_appservice_status(){
-    $sh_c "${KUBECTL} get pod  -n os-system -l 'tier=app-service' -o jsonpath='{.items[*].status.phase}'"
-}
-
-function get_desktop_status(){
-    local username=$1
-    $sh_c "${KUBECTL} get pod  -n user-space-${username} -l 'app=edge-desktop' -o jsonpath='{.items[*].status.phase}'"
-}
-
-function get_vault_status(){
-    local username=$1
-    $sh_c "${KUBECTL} get pod  -n user-space-${username} -l 'app=vault' -o jsonpath='{.items[*].status.phase}'"
-}
-
-
-function get_bfl_status(){
-    local username=$1
-    $sh_c "${KUBECTL} get pod  -n user-space-${username} -l 'tier=bfl' -o jsonpath='{.items[*].status.phase}'"
-}
-
-function get_fileserver_status(){
-    $sh_c "${KUBECTL} get pod  -n os-system -l 'app=files' -o jsonpath='{.items[*].status.phase}'"
-}
-
-function get_filefe_status(){
-    local username=$1
-    $sh_c "${KUBECTL} get pod  -n user-space-${username} -l 'app=files' -o jsonpath='{.items[*].status.phase}'"
-}
-
-function check_fileserver(){
-    local status=$(get_fileserver_status)
-    local n=0
-    while [ "x${status}" != "xRunning" ]; do
-        n=$(expr $n + 1)
-        local dotn=$(($n % 10))
-        local dot=$(repeat $dotn '>')
-
-        echo -ne "\rWaiting for file-server starting ${dot}"
-        sleep 0.5
-
-        status=$(get_fileserver_status)
-        echo -ne "\rWaiting for file-server starting          "
-
-    done
-    echo
-}
-
-function check_appservice(){
-    local status=$(get_appservice_status)
-    local n=0
-    while [ "x${status}" != "xRunning" ]; do
-        n=$(expr $n + 1)
-        local dotn=$(($n % 10))
-        local dot=$(repeat $dotn '>')
-
-        echo -ne "\rWaiting for app-service starting ${dot}"
-        sleep 0.5
-
-        status=$(get_appservice_status)
-        echo -ne "\rWaiting for app-service starting          "
-
-    done
-    echo
-}
-
-function check_filesfe(){
-    local username=$1
-    local status=$(get_filefe_status ${username})
-    local n=0
-    while [ "x${status}" != "xRunning" ]; do
-        n=$(expr $n + 1)
-        local dotn=$(($n % 10))
-        local dot=$(repeat $dotn '>')
-
-        echo -ne "\rPlease waiting ${dot}"
-        sleep 0.5
-
-        status=$(get_filefe_status ${username})
-        echo -ne "\rPlease waiting          "
-
-    done
-    echo
-}
-
-function check_bfl(){
-    local username=$1
-    local status=$(get_bfl_status ${username})
-    local n=0
-    while [ "x${status}" != "xRunning" ]; do
-        n=$(expr $n + 1)
-        local dotn=$(($n % 10))
-        local dot=$(repeat $dotn '>')
-
-        echo -ne "\rPlease waiting ${dot}"
-        sleep 0.5
-
-        status=$(get_bfl_status ${username})
-        echo -ne "\rPlease waiting          "
-
-    done
-    echo
-}
-
-function check_desktop(){
-    local username=$1
-    local status=$(get_desktop_status ${username})
-    local n=0
-    while [ "x${status}" != "xRunning" ]; do
-        n=$(expr $n + 1)
-        local dotn=$(($n % 10))
-        local dot=$(repeat $dotn '>')
-
-        echo -ne "\rPlease waiting ${dot}"
-        sleep 0.5
-
-        status=$(get_desktop_status ${username})
-        echo -ne "\rPlease waiting          "
-
-    done
-    echo
-}
-
-function check_vault(){
-    local username=$1
-    local status=$(get_vault_status ${username})
-    local n=0
-    while [ "x${status}" != "xRunning" ]; do
-        n=$(expr $n + 1)
-        local dotn=$(($n % 10))
-        local dot=$(repeat $dotn '>')
-
-        echo -ne "\rPlease waiting ${dot}"
-        sleep 0.5
-
-        status=$(get_vault_status ${username})
-        echo -ne "\rPlease waiting          "
-
-    done
-    echo
-}
-
-function check_all(){
-    local pods=$@
-    for p in ${pods[@]}; do
-        local n=$(echo "${p}"|awk -F"@" '{print $1}')
-        local ns=$(echo "${p}"|awk -F"@" '{print $2}')
-        local s=$($sh_c "${KUBECTL} get pod  -n ${ns} -l 'app=${n}' -o jsonpath='{.items[*].status.phase}'")
-        echo -ne "\rPlease wait: ${p}"
-        while [ "x${s}" != "xRunning" ];do
-            echo -ne "\rPlease wait: ${p}"
-
-            s=$($sh_c "${KUBECTL} get pod  -n ${ns} -l 'app=${n}' -o jsonpath='{.items[*].status.phase}'")
-        done
-        echo
-    done
-}
-
-function upgrade_ksapi(){
-    local users=$@
-    local current_version="beclab/ks-apiserver:v3.3.0-ext-3"
-    local image=$($sh_c "${KUBECTL} get deploy ks-apiserver -n kubesphere-system -o jsonpath='{.spec.template.spec.containers[0].image}'")
-    if [ "x${image}" != "x${current_version}" ]; then
-        echo "upgrade ks-apiserver and restore token ..."
-
-        secret=$(echo -n "ks_redis_${RANDOM}"|md5sum|cut -d" " -f1)
-        $sh_c "${KUBECTL} -n kubesphere-system create secret generic redis-secret --from-literal=auth=${secret:0:12}"
-
-        local old_jwt=$($sh_c "${KUBECTL} get configmap  kubesphere-config -n kubesphere-system -o jsonpath='{.data.kubesphere\.yaml}'|grep jwtSecret|awk -F':' '{print \$2}'")
-        sed -i -e "s/__jwtkey__/${old_jwt}/" ${BASE_DIR}/deploy/cm-kubesphere-config.yaml
-
-        $sh_c "${KUBECTL} apply -f ${BASE_DIR}/deploy/redis-deploy.yaml"
-        $sh_c "${KUBECTL} apply -f ${BASE_DIR}/deploy/cm-kubesphere-config.yaml"
-        check_all "redis@kubesphere-system"
-
-        $sh_c "${KUBECTL} -n kubesphere-system set image deployment/ks-apiserver ks-apiserver=beclab/ks-apiserver:v3.3.0-ext-3"
-        $sh_c "${KUBECTL} patch deploy ks-apiserver -n kubesphere-system --patch-file=${BASE_DIR}/deploy/ks-apiserver-patch.yaml"
-
-        check_all "ks-apiserver@kubesphere-system"
-
-        for username in ${users[@]}; do
-            $sh_c "${KUBECTL} rollout restart deploy authelia-backend -n user-system-${username}"
-
-            check_all "authelia-backend@user-system-${username}"
-        done
-    fi
-}
-
-function upgrade_jfs(){
-    local users=$@
-    local JFS_VERSION="11.1.1"
-    local current_jfs_version=$(/usr/local/bin/juicefs --version|awk '{print $3}'|awk -F'+' '{print $1}')
-
-    if [ "x${JFS_VERSION}" != "x${current_jfs_version}" ]; then
-        echo "upgrade JuiceFS ..."
-        local juicefs_bin="/usr/local/bin/juicefs"
-        ensure_success $sh_c "curl ${CURL_TRY} -kLO https://github.com/beclab/juicefs-ext/releases/download/v${JFS_VERSION}/juicefs-v${JFS_VERSION}-linux-amd64.tar.gz"
-        ensure_success $sh_c "tar -zxf juicefs-v${JFS_VERSION}-linux-amd64.tar.gz"
-        ensure_success $sh_c "chmod +x juicefs"
-
-        ensure_success $sh_c "systemctl stop juicefs"
-        ensure_success $sh_c "mv juicefs ${juicefs_bin}"
-        ensure_success $sh_c "rm -f /tmp/JuiceFS-IPC.sock"
-        ensure_success $sh_c "systemctl start juicefs"
-
-        echo "restart pods ... "
-
-        ensure_success $sh_c "${KUBECTL} rollout restart sts app-service -n os-system"
-
-        local tf=$(mktemp)
-        ensure_success $sh_c "${KUBECTL} get deployment -A -o jsonpath='{range .items[*]}{.metadata.name} {.metadata.namespace} {.spec.template.spec.volumes}{\"\n\"}{end}' | grep '/olares/rootfs'" > $tf
-        while read dep; do
-            local depinfo=($dep)
-            ensure_success $sh_c "${KUBECTL} rollout restart deployment ${depinfo[0]} -n ${depinfo[1]}"
-        done < $tf
-
-        for user in ${users[@]}; do
-            ensure_success $sh_c "${KUBECTL} rollout restart sts bfl -n user-space-${user}"
-        done
-        
-        sleep 10  # waiting for restarting to begin
-    fi
-}
-
-
-function upgrade_terminus(){
-    HELM=$(command -v helm)
-    KUBECTL=$(command -v kubectl)
-
-    # find sudo 
-    get_shell_exec
-
-    # fetch user list
-    local users=()
-    local admin_user=""
-    local tf=$(mktemp)
-    ensure_success $sh_c "${KUBECTL} get user -o jsonpath='{range .items[*]}{.metadata.name} {.metadata.annotations.bytetrade\.io\/owner-role}{\"\n\"}{end}'" > $tf
-    while read userdata; do
-        local userinfo=($userdata)
-        local valid=$(validate_user "${userinfo[0]}")
-        if [ "x-${valid}" == "x-yes" ]; then
-            if [ "x-${userinfo[1]}" == "x-platform-admin" ]; then 
-                admin_user="${userinfo[0]}"
-            fi
-
-            i=${#users[@]}
-            users[$i]=${userinfo[0]}
-        fi
-    done < $tf
-
-    if [ "x${admin_user}" == "x" ]; then
-        echo "Admin user not found. Upgrading failed." >&2
-        exit -1
-    fi
-
-    # upgrade_jfs ${users[@]}
-    local selfhosted=$($sh_c "${KUBECTL} get terminus terminus -o jsonpath='{.spec.settings.selfhosted}'")
-    local domainname=$($sh_c "${KUBECTL} get terminus terminus -o jsonpath='{.spec.settings.domainName}'")
-    sed -i "s/#__DOMAIN_NAME__/${domainname}/" ${BASE_DIR}/wizard/config/settings/templates/terminus_cr.yaml
-    sed -i "s/#__SELFHOSTED__/${selfhosted}/" ${BASE_DIR}/wizard/config/settings/templates/terminus_cr.yaml
-
-    echo "Upgrading olares system components ... "
-    gen_settings_values ${admin_user}
-    ensure_success $sh_c "${HELM} upgrade -i settings ${BASE_DIR}/wizard/config/settings -n default --reuse-values"
-
-    # patch
-    ensure_success $sh_c "${KUBECTL} apply -f ${BASE_DIR}/deploy/patch-globalrole-workspace-manager.yaml"
-    # ensure_success $sh_c "$KUBECTL apply -f ${BASE_DIR}/deploy/patch-notification-manager.yaml"
-
-    # clear apps values.yaml
-    cat /dev/null > ${BASE_DIR}/wizard/config/apps/values.yaml
-    cat /dev/null > ${BASE_DIR}/wizard/config/launcher/values.yaml
-    local appservice_pod=$(get_appservice_pod)
-    local copy_charts=("launcher" "apps")
-    for cc in ${copy_charts[@]}; do
-        ensure_success $sh_c "${KUBECTL} cp ${BASE_DIR}/wizard/config/${cc} os-system/${appservice_pod}:/userapps"
-    done
-
-    local ks_redis_pwd=$($sh_c "${KUBECTL} get secret -n kubesphere-system redis-secret -o jsonpath='{.data.auth}' |base64 -d")
-    for user in ${users[@]}; do
-        echo "Upgrading user ${user} ... "
-        gen_bfl_values ${user}
-
-        # gen bfl app key and secret
-        bfl_ks=($(get_app_key_secret ${user} "bfl"))
-
-        # install launcher , and init pv
-        ensure_success $sh_c "${HELM} upgrade -i launcher-${user} ${BASE_DIR}/wizard/config/launcher -n user-space-${user} --set bfl.appKey=${bfl_ks[0]} --set bfl.appSecret=${bfl_ks[1]} -f ${BASE_DIR}/wizard/config/launcher/values.yaml --reuse-values"
-
-        gen_app_values ${user}
-        close_apps ${user}
-
-        for appdir in "${BASE_DIR}/wizard/config/apps"/*/; do
-          if [ -d "$appdir" ]; then
-            releasename=$(basename "$appdir")
-
-            # ignore wizard
-            # FIXME: unintitialized user's wizard should be upgrade
-            if [ x"${releasename}" == x"wizard" ]; then 
-                continue
-            fi
-
-            if [ "$user" != "$admin_user" ];then
-                releasename=${releasename}-${user}
-            fi
-            ensure_success $sh_c "${HELM} upgrade -i ${releasename} ${appdir} -n user-space-${user} --reuse-values --set kubesphere.redis_password=${ks_redis_pwd} -f ${BASE_DIR}/wizard/config/apps/values.yaml"
-          fi
-        done
-
-    done
-
-    # upgrade app service in the last. keep app service online longer
-    local terminus_is_cloud_version=$($sh_c "${KUBECTL} get cm -n os-system backup-config -o jsonpath='{.data.terminus-is-cloud-version}'")
-    local backup_cluster_bucket=$($sh_c "${KUBECTL} get cm -n os-system backup-config -o jsonpath='{.data.backup-cluster-bucket}'")
-    local backup_key_prefix=$($sh_c "${KUBECTL} get cm -n os-system backup-config -o jsonpath='{.data.backup-key-prefix}'")
-    local backup_secret=$($sh_c "${KUBECTL} get cm -n os-system backup-config -o jsonpath='{.data.backup-secret}'")
-    local backup_server_data=$($sh_c "${KUBECTL} get cm -n os-system backup-config -o jsonpath='{.data.backup-server-data}'")
-
-    ensure_success $sh_c "${HELM} upgrade -i system ${BASE_DIR}/wizard/config/system -n os-system --reuse-values \
-        --set kubesphere.redis_password=${ks_redis_pwd} --set backup.bucket=\"${backup_cluster_bucket}\" \
-        --set backup.key_prefix=\"${backup_key_prefix}\" --set backup.is_cloud_version=\"${terminus_is_cloud_version}\" \
-        --set backup.sync_secret=\"${backup_secret}\""
-
-    echo 'Waiting for App-Service ...'
-    sleep 2 # wait for controller reconiling
-    check_appservice
-    echo
-
-    echo 'Waiting for Vault ...'
-    check_vault ${admin_user}
-    echo
-
-    echo 'Starting BFL ...'
-    check_bfl ${admin_user}
-    echo
-
-    echo 'Starting files ...'
-    check_fileserver
-    check_filesfe ${admin_user}
-    echo
-
-    echo 'Starting Desktop ...'
-    check_desktop ${admin_user}
-    echo
-
-}
-
-
-echo "Start to upgrade olares ... "
-
-upgrade_terminus
-
-echo -e "\e[91m Success to upgrade olares.\e[0m Open your new desktop in the browser and have fun !"

build/base-package/wizard/config/account/templates/sync.yaml

@@ -5,7 +5,7 @@ metadata:
 spec:
   lldap:
     name: ldap
-    url: "http://lldap-service.os-system:17170"
+    url: "http://lldap-service.os-platform:17170"
     userBlacklist:
       - admin
       - terminus
@@ -15,4 +15,4 @@ spec:
     credentialsSecret:
       kind: Secret
       name: lldap-credentials
-      namespace: os-system
+      namespace: os-platform

build/base-package/wizard/config/os-chart-template/templates/_helpers.tpl

@@ -60,3 +60,29 @@ Create the name of the service account to use
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
+
+{{- define "opentelemetry-operator.fullname" -}}
+{{- "otel-opentelemetry-operator" }}
+{{- end }}
+
+{{- define "opentelemetry-operator.WebhookCert" -}}
+{{- $caCertEnc := "" }}
+{{- $certCrtEnc := "" }}
+{{- $certKeyEnc := "" }}
+{{- $prevSecret := (lookup "v1" "Secret" .Release.Namespace (printf "%s-controller-manager-service-cert" (include "opentelemetry-operator.fullname" .) )) }}
+{{- if $prevSecret }}
+{{- $certCrtEnc = index $prevSecret "data" "tls.crt" }}
+{{- $certKeyEnc = index $prevSecret "data" "tls.key" }}
+{{- $caCertEnc = index $prevSecret "data" "ca.crt" }}
+{{- else }}
+{{- $altNames := list ( printf "%s-webhook.%s" (include "opentelemetry-operator.fullname" .) .Release.Namespace ) ( printf "%s-webhook.%s.svc" (include "opentelemetry-operator.fullname" .) .Release.Namespace ) -}}
+{{- $tmpperioddays := 3650 }}
+{{- $ca := genCA "opentelemetry-operator-operator-ca" $tmpperioddays }}
+{{- $cert := genSignedCert (include "opentelemetry-operator.fullname" .) nil $altNames $tmpperioddays $ca }}
+{{- $certCrtEnc = b64enc $cert.Cert }}
+{{- $certKeyEnc = b64enc $cert.Key }}
+{{- $caCertEnc = b64enc $ca.Cert }}
+{{- end }}
+{{- $result := dict "crt" $certCrtEnc "key" $certKeyEnc "ca" $caCertEnc }}
+{{- $result | toYaml }}
+{{- end }}

build/base-package/wizard/config/settings/templates/system-serviceaccount.yaml

@@ -4,17 +4,31 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  namespace: os-system
+  namespace: os-platform
   name: os-internal
 
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: os-framework
+  name: os-internal
+
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: os-network
+  name: os-network-internal
+
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: os-internal-rb
+  name: os-platform:os-internal-rb
 subjects:
   - kind: ServiceAccount
-    namespace: os-system
+    namespace: os-platform
     name: os-internal
 roleRef:
   # kind: Role
@@ -22,6 +36,36 @@ roleRef:
   name: cluster-admin
   apiGroup: rbac.authorization.k8s.io
 
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: os-framework:os-internal-rb
+subjects:
+  - kind: ServiceAccount
+    namespace: os-framework
+    name: os-internal
+roleRef:
+  # kind: Role
+  kind: ClusterRole
+  name: cluster-admin
+  apiGroup: rbac.authorization.k8s.io
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: os-network:os-network-rb
+subjects:
+  - kind: ServiceAccount
+    namespace: os-network
+    name: os-network-internal
+roleRef:
+  # kind: Role
+  kind: ClusterRole
+  name: l4-proxy-role
+  apiGroup: rbac.authorization.k8s.io
+
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
@@ -194,4 +238,21 @@ rules:
   - update
   - patch
   - delete
-  - deletecollection
+  - deletecollection
+
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: l4-proxy-role
+rules:
+- apiGroups:
+  - '*'
+  resources:
+  - users
+  - applications
+  verbs:
+  - get
+  - list
+  - watch

build/base-package/wizard/config/settings/templates/system_namespace.yaml

@@ -1,5 +1,5 @@
 
-
+---
 apiVersion: v1
 kind: Namespace
 metadata:
@@ -7,4 +7,26 @@ metadata:
     kubesphere.io/creator: '{{ .Values.user.name }}'
   labels:
     kubesphere.io/workspace: system-workspace
-  name: os-system
+  name: os-network
+
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  annotations:
+    kubesphere.io/creator: '{{ .Values.user.name }}'
+  labels:
+    kubesphere.io/workspace: system-workspace
+  name: os-platform
+
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  annotations:
+    kubesphere.io/creator: '{{ .Values.user.name }}'
+  labels:
+    kubesphere.io/workspace: system-workspace
+  name: os-framework
+
+

build/package.sh

@@ -21,19 +21,26 @@ if [ ! -d ${DIST} ]; then
     mkdir -p ${DIST}
     cp -rf ${BUILD_TEMPLATE}/* ${DIST}/.
     cp -rf ${BUILD_TEMPLATE}/.env ${DIST}/.
+    cp -rf ${BUILD_TEMPLATE}/wizard/config/os-chart-template ${DIST}/wizard/config/os-framework
+    cp -rf ${BUILD_TEMPLATE}/wizard/config/os-chart-template ${DIST}/wizard/config/os-platform
+    rm -rf ${DIST}/wizard/config/os-chart-template
 fi
 
 APP_DIST=${DIST}/wizard/config/apps
-SYSTEM_DIST=${DIST}/wizard/config/system/templates
 SETTINGS_DIST=${DIST}/wizard/config/settings/templates
 CRD_DIST=${SETTINGS_DIST}/crds
-DEPLOY_DIST=${SYSTEM_DIST}/deploy
 mkdir -p ${APP_DIST}
 mkdir -p ${CRD_DIST}
-mkdir -p ${DEPLOY_DIST}
 
 for mod in "${PACKAGE_MODULE[@]}";do
     echo "packaging ${mod} ..."
+    SYSTEM_DIST=${DIST}/wizard/config/os-framework/templates
+    if [ ${mod} == "platform" ]; then
+        SYSTEM_DIST=${DIST}/wizard/config/os-platform/templates
+    fi
+    DEPLOY_DIST=${SYSTEM_DIST}/deploy
+    mkdir -p ${DEPLOY_DIST}
+
     find ${mod} -type d -name .olares | while read app; do
 
         # package user app charts to install wizard

cli/.goreleaser.yaml

@@ -15,8 +15,6 @@ builds:
     goarm:
       - 7
     ignore:
-      - goos: linux
-        goarch: arm64
       - goos: darwin
         goarch: arm
       - goos: windows
@@ -24,15 +22,11 @@ builds:
     ldflags:
       - -s
       - -w
-      - -X bytetrade.io/web3os/installer/version.VERSION={{ .Version }}
+      - -X github.com/beclab/Olares/cli/version.VERSION={{ .Version }}
 dist: ./output
 archives:
   - id: olares-cli
     name_template: "{{ .ProjectName }}-v{{ .Version }}_{{ .Os }}_{{ .Arch }}"
-    replacements:
-      linux: linux
-      amd64: amd64
-      arm: arm64
 checksum:
   name_template: "checksums.txt"
 release:

cli/apis/kubekey/v1alpha1/cluster_types.go

@@ -22,8 +22,8 @@ import (
 	"strconv"
 	"strings"
 
-	"bytetrade.io/web3os/installer/pkg/core/logger"
-	"bytetrade.io/web3os/installer/pkg/core/util"
+	"github.com/beclab/Olares/cli/pkg/core/logger"
+	"github.com/beclab/Olares/cli/pkg/core/util"
 	"github.com/pkg/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )

cli/apis/kubekey/v1alpha1/default.go

@@ -21,7 +21,7 @@ import (
 	"os"
 	"strings"
 
-	"bytetrade.io/web3os/installer/pkg/core/util"
+	"github.com/beclab/Olares/cli/pkg/core/util"
 )
 
 const (

cli/apis/kubekey/v1alpha2/cluster_types.go

@@ -22,9 +22,9 @@ import (
 	"strconv"
 	"strings"
 
-	"bytetrade.io/web3os/installer/pkg/core/connector"
-	"bytetrade.io/web3os/installer/pkg/core/logger"
-	"bytetrade.io/web3os/installer/pkg/core/util"
+	"github.com/beclab/Olares/cli/pkg/core/connector"
+	"github.com/beclab/Olares/cli/pkg/core/logger"
+	"github.com/beclab/Olares/cli/pkg/core/util"
 	"github.com/pkg/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"

cli/apis/kubekey/v1alpha2/default.go

@@ -21,7 +21,7 @@ import (
 	"os"
 	"strings"
 
-	"bytetrade.io/web3os/installer/pkg/core/util"
+	"github.com/beclab/Olares/cli/pkg/core/util"
 )
 
 const (

cli/clients/clientset/versioned/clientset.go

@@ -20,8 +20,8 @@ package versioned
 import (
 	"fmt"
 
-	kubekeyv1alpha1 "bytetrade.io/web3os/installer/clients/clientset/versioned/typed/kubekey/v1alpha1"
-	kubekeyv1alpha2 "bytetrade.io/web3os/installer/clients/clientset/versioned/typed/kubekey/v1alpha2"
+	kubekeyv1alpha1 "github.com/beclab/Olares/cli/clients/clientset/versioned/typed/kubekey/v1alpha1"
+	kubekeyv1alpha2 "github.com/beclab/Olares/cli/clients/clientset/versioned/typed/kubekey/v1alpha2"
 	discovery "k8s.io/client-go/discovery"
 	rest "k8s.io/client-go/rest"
 	flowcontrol "k8s.io/client-go/util/flowcontrol"

cli/clients/clientset/versioned/fake/clientset_generated.go

@@ -18,11 +18,11 @@ limitations under the License.
 package fake
 
 import (
-	clientset "bytetrade.io/web3os/installer/clients/clientset/versioned"
-	kubekeyv1alpha1 "bytetrade.io/web3os/installer/clients/clientset/versioned/typed/kubekey/v1alpha1"
-	fakekubekeyv1alpha1 "bytetrade.io/web3os/installer/clients/clientset/versioned/typed/kubekey/v1alpha1/fake"
-	kubekeyv1alpha2 "bytetrade.io/web3os/installer/clients/clientset/versioned/typed/kubekey/v1alpha2"
-	fakekubekeyv1alpha2 "bytetrade.io/web3os/installer/clients/clientset/versioned/typed/kubekey/v1alpha2/fake"
+	clientset "github.com/beclab/Olares/cli/clients/clientset/versioned"
+	kubekeyv1alpha1 "github.com/beclab/Olares/cli/clients/clientset/versioned/typed/kubekey/v1alpha1"
+	fakekubekeyv1alpha1 "github.com/beclab/Olares/cli/clients/clientset/versioned/typed/kubekey/v1alpha1/fake"
+	kubekeyv1alpha2 "github.com/beclab/Olares/cli/clients/clientset/versioned/typed/kubekey/v1alpha2"
+	fakekubekeyv1alpha2 "github.com/beclab/Olares/cli/clients/clientset/versioned/typed/kubekey/v1alpha2/fake"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/watch"
 	"k8s.io/client-go/discovery"

cli/clients/clientset/versioned/fake/register.go

@@ -18,8 +18,8 @@ limitations under the License.
 package fake
 
 import (
-	kubekeyv1alpha1 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha1"
-	kubekeyv1alpha2 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha2"
+	kubekeyv1alpha1 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha1"
+	kubekeyv1alpha2 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha2"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	schema "k8s.io/apimachinery/pkg/runtime/schema"

cli/clients/clientset/versioned/scheme/register.go

@@ -18,8 +18,8 @@ limitations under the License.
 package scheme
 
 import (
-	kubekeyv1alpha1 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha1"
-	kubekeyv1alpha2 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha2"
+	kubekeyv1alpha1 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha1"
+	kubekeyv1alpha2 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha2"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	schema "k8s.io/apimachinery/pkg/runtime/schema"

cli/clients/clientset/versioned/typed/kubekey/v1alpha1/cluster.go

@@ -21,8 +21,8 @@ import (
 	"context"
 	"time"
 
-	v1alpha1 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha1"
-	scheme "bytetrade.io/web3os/installer/clients/clientset/versioned/scheme"
+	v1alpha1 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha1"
+	scheme "github.com/beclab/Olares/cli/clients/clientset/versioned/scheme"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	types "k8s.io/apimachinery/pkg/types"
 	watch "k8s.io/apimachinery/pkg/watch"

cli/clients/clientset/versioned/typed/kubekey/v1alpha1/fake/fake_cluster.go

@@ -20,7 +20,7 @@ package fake
 import (
 	"context"
 
-	v1alpha1 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha1"
+	v1alpha1 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	labels "k8s.io/apimachinery/pkg/labels"
 	schema "k8s.io/apimachinery/pkg/runtime/schema"

cli/clients/clientset/versioned/typed/kubekey/v1alpha1/fake/fake_kubekey_client.go

@@ -18,7 +18,7 @@ limitations under the License.
 package fake
 
 import (
-	v1alpha1 "bytetrade.io/web3os/installer/clients/clientset/versioned/typed/kubekey/v1alpha1"
+	v1alpha1 "github.com/beclab/Olares/cli/clients/clientset/versioned/typed/kubekey/v1alpha1"
 	rest "k8s.io/client-go/rest"
 	testing "k8s.io/client-go/testing"
 )

cli/clients/clientset/versioned/typed/kubekey/v1alpha1/kubekey_client.go

@@ -18,8 +18,8 @@ limitations under the License.
 package v1alpha1
 
 import (
-	v1alpha1 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha1"
-	"bytetrade.io/web3os/installer/clients/clientset/versioned/scheme"
+	v1alpha1 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha1"
+	"github.com/beclab/Olares/cli/clients/clientset/versioned/scheme"
 	rest "k8s.io/client-go/rest"
 )
 

cli/clients/clientset/versioned/typed/kubekey/v1alpha2/cluster.go

@@ -21,8 +21,8 @@ import (
 	"context"
 	"time"
 
-	v1alpha2 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha2"
-	scheme "bytetrade.io/web3os/installer/clients/clientset/versioned/scheme"
+	v1alpha2 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha2"
+	scheme "github.com/beclab/Olares/cli/clients/clientset/versioned/scheme"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	types "k8s.io/apimachinery/pkg/types"
 	watch "k8s.io/apimachinery/pkg/watch"

cli/clients/clientset/versioned/typed/kubekey/v1alpha2/fake/fake_cluster.go

@@ -20,7 +20,7 @@ package fake
 import (
 	"context"
 
-	v1alpha2 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha2"
+	v1alpha2 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha2"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	labels "k8s.io/apimachinery/pkg/labels"
 	schema "k8s.io/apimachinery/pkg/runtime/schema"

cli/clients/clientset/versioned/typed/kubekey/v1alpha2/fake/fake_kubekey_client.go

@@ -18,7 +18,7 @@ limitations under the License.
 package fake
 
 import (
-	v1alpha2 "bytetrade.io/web3os/installer/clients/clientset/versioned/typed/kubekey/v1alpha2"
+	v1alpha2 "github.com/beclab/Olares/cli/clients/clientset/versioned/typed/kubekey/v1alpha2"
 	rest "k8s.io/client-go/rest"
 	testing "k8s.io/client-go/testing"
 )

cli/clients/clientset/versioned/typed/kubekey/v1alpha2/kubekey_client.go

@@ -18,8 +18,8 @@ limitations under the License.
 package v1alpha2
 
 import (
-	v1alpha2 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha2"
-	"bytetrade.io/web3os/installer/clients/clientset/versioned/scheme"
+	v1alpha2 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha2"
+	"github.com/beclab/Olares/cli/clients/clientset/versioned/scheme"
 	rest "k8s.io/client-go/rest"
 )
 

cli/clients/informers/externalversions/factory.go

@@ -22,9 +22,9 @@ import (
 	sync "sync"
 	time "time"
 
-	versioned "bytetrade.io/web3os/installer/clients/clientset/versioned"
-	internalinterfaces "bytetrade.io/web3os/installer/clients/informers/externalversions/internalinterfaces"
-	kubekey "bytetrade.io/web3os/installer/clients/informers/externalversions/kubekey"
+	versioned "github.com/beclab/Olares/cli/clients/clientset/versioned"
+	internalinterfaces "github.com/beclab/Olares/cli/clients/informers/externalversions/internalinterfaces"
+	kubekey "github.com/beclab/Olares/cli/clients/informers/externalversions/kubekey"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	schema "k8s.io/apimachinery/pkg/runtime/schema"

cli/clients/informers/externalversions/generic.go

@@ -20,8 +20,8 @@ package externalversions
 import (
 	"fmt"
 
-	v1alpha1 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha1"
-	v1alpha2 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha2"
+	v1alpha1 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha1"
+	v1alpha2 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha2"
 	schema "k8s.io/apimachinery/pkg/runtime/schema"
 	cache "k8s.io/client-go/tools/cache"
 )

cli/clients/informers/externalversions/internalinterfaces/factory_interfaces.go

@@ -20,7 +20,7 @@ package internalinterfaces
 import (
 	time "time"
 
-	versioned "bytetrade.io/web3os/installer/clients/clientset/versioned"
+	versioned "github.com/beclab/Olares/cli/clients/clientset/versioned"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	cache "k8s.io/client-go/tools/cache"

cli/clients/informers/externalversions/kubekey/interface.go

@@ -18,9 +18,9 @@ limitations under the License.
 package kubekey
 
 import (
-	internalinterfaces "bytetrade.io/web3os/installer/clients/informers/externalversions/internalinterfaces"
-	v1alpha1 "bytetrade.io/web3os/installer/clients/informers/externalversions/kubekey/v1alpha1"
-	v1alpha2 "bytetrade.io/web3os/installer/clients/informers/externalversions/kubekey/v1alpha2"
+	internalinterfaces "github.com/beclab/Olares/cli/clients/informers/externalversions/internalinterfaces"
+	v1alpha1 "github.com/beclab/Olares/cli/clients/informers/externalversions/kubekey/v1alpha1"
+	v1alpha2 "github.com/beclab/Olares/cli/clients/informers/externalversions/kubekey/v1alpha2"
 )
 
 // Interface provides access to each of this group's versions.

cli/clients/informers/externalversions/kubekey/v1alpha1/cluster.go

@@ -21,10 +21,10 @@ import (
 	"context"
 	time "time"
 
-	kubekeyv1alpha1 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha1"
-	versioned "bytetrade.io/web3os/installer/clients/clientset/versioned"
-	internalinterfaces "bytetrade.io/web3os/installer/clients/informers/externalversions/internalinterfaces"
-	v1alpha1 "bytetrade.io/web3os/installer/clients/listers/kubekey/v1alpha1"
+	kubekeyv1alpha1 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha1"
+	versioned "github.com/beclab/Olares/cli/clients/clientset/versioned"
+	internalinterfaces "github.com/beclab/Olares/cli/clients/informers/externalversions/internalinterfaces"
+	v1alpha1 "github.com/beclab/Olares/cli/clients/listers/kubekey/v1alpha1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"

cli/clients/informers/externalversions/kubekey/v1alpha1/interface.go

@@ -18,7 +18,7 @@ limitations under the License.
 package v1alpha1
 
 import (
-	internalinterfaces "bytetrade.io/web3os/installer/clients/informers/externalversions/internalinterfaces"
+	internalinterfaces "github.com/beclab/Olares/cli/clients/informers/externalversions/internalinterfaces"
 )
 
 // Interface provides access to all the informers in this group version.

cli/clients/informers/externalversions/kubekey/v1alpha2/cluster.go

@@ -21,10 +21,10 @@ import (
 	"context"
 	time "time"
 
-	kubekeyv1alpha2 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha2"
-	versioned "bytetrade.io/web3os/installer/clients/clientset/versioned"
-	internalinterfaces "bytetrade.io/web3os/installer/clients/informers/externalversions/internalinterfaces"
-	v1alpha2 "bytetrade.io/web3os/installer/clients/listers/kubekey/v1alpha2"
+	kubekeyv1alpha2 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha2"
+	versioned "github.com/beclab/Olares/cli/clients/clientset/versioned"
+	internalinterfaces "github.com/beclab/Olares/cli/clients/informers/externalversions/internalinterfaces"
+	v1alpha2 "github.com/beclab/Olares/cli/clients/listers/kubekey/v1alpha2"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	watch "k8s.io/apimachinery/pkg/watch"

cli/clients/informers/externalversions/kubekey/v1alpha2/interface.go

@@ -18,7 +18,7 @@ limitations under the License.
 package v1alpha2
 
 import (
-	internalinterfaces "bytetrade.io/web3os/installer/clients/informers/externalversions/internalinterfaces"
+	internalinterfaces "github.com/beclab/Olares/cli/clients/informers/externalversions/internalinterfaces"
 )
 
 // Interface provides access to all the informers in this group version.

cli/clients/listers/kubekey/v1alpha1/cluster.go

@@ -18,7 +18,7 @@ limitations under the License.
 package v1alpha1
 
 import (
-	v1alpha1 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha1"
+	v1alpha1 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/client-go/tools/cache"

cli/clients/listers/kubekey/v1alpha2/cluster.go

@@ -18,7 +18,7 @@ limitations under the License.
 package v1alpha2
 
 import (
-	v1alpha2 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha2"
+	v1alpha2 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha2"
 	"k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/client-go/tools/cache"

cli/cmd/ctl/gpu/disable.go

@@ -3,7 +3,7 @@ package gpu
 import (
 	"log"
 
-	"bytetrade.io/web3os/installer/pkg/pipelines"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
 	"github.com/spf13/cobra"
 )
 

cli/cmd/ctl/gpu/enable.go

@@ -3,7 +3,7 @@ package gpu
 import (
 	"log"
 
-	"bytetrade.io/web3os/installer/pkg/pipelines"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
 	"github.com/spf13/cobra"
 )
 

cli/cmd/ctl/gpu/install.go

@@ -3,8 +3,8 @@ package gpu
 import (
 	"log"
 
-	"bytetrade.io/web3os/installer/cmd/ctl/options"
-	"bytetrade.io/web3os/installer/pkg/pipelines"
+	"github.com/beclab/Olares/cli/cmd/ctl/options"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
 	"github.com/spf13/cobra"
 )
 

cli/cmd/ctl/gpu/status.go

@@ -3,7 +3,7 @@ package gpu
 import (
 	"log"
 
-	"bytetrade.io/web3os/installer/pkg/pipelines"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
 	"github.com/spf13/cobra"
 )
 

cli/cmd/ctl/gpu/uninstall.go

@@ -3,7 +3,7 @@ package gpu
 import (
 	"log"
 
-	"bytetrade.io/web3os/installer/pkg/pipelines"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
 	"github.com/spf13/cobra"
 )
 

cli/cmd/ctl/gpu/upgrade.go

@@ -3,8 +3,8 @@ package gpu
 import (
 	"log"
 
-	"bytetrade.io/web3os/installer/cmd/ctl/options"
-	"bytetrade.io/web3os/installer/pkg/pipelines"
+	"github.com/beclab/Olares/cli/cmd/ctl/options"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
 	"github.com/spf13/cobra"
 )
 

cli/cmd/ctl/node/add.go

@@ -1,10 +1,11 @@
 package node
 
 import (
-	"bytetrade.io/web3os/installer/cmd/ctl/options"
-	"bytetrade.io/web3os/installer/pkg/pipelines"
-	"github.com/spf13/cobra"
 	"log"
+
+	"github.com/beclab/Olares/cli/cmd/ctl/options"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
+	"github.com/spf13/cobra"
 )
 
 func NewCmdAddNode() *cobra.Command {

cli/cmd/ctl/node/masterinfo.go

@@ -1,10 +1,11 @@
 package node
 
 import (
-	"bytetrade.io/web3os/installer/cmd/ctl/options"
-	"bytetrade.io/web3os/installer/pkg/pipelines"
-	"github.com/spf13/cobra"
 	"log"
+
+	"github.com/beclab/Olares/cli/cmd/ctl/options"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
+	"github.com/spf13/cobra"
 )
 
 func NewCmdMasterInfo() *cobra.Command {

cli/cmd/ctl/options/cli_options.go

@@ -1,9 +1,9 @@
 package options
 
 import (
-	"bytetrade.io/web3os/installer/pkg/common"
-	cc "bytetrade.io/web3os/installer/pkg/core/common"
-	"bytetrade.io/web3os/installer/pkg/phase/cluster"
+	"github.com/beclab/Olares/cli/pkg/common"
+	cc "github.com/beclab/Olares/cli/pkg/core/common"
+	"github.com/beclab/Olares/cli/pkg/phase/cluster"
 	"github.com/spf13/cobra"
 )
 

cli/cmd/ctl/options/download_options.go

@@ -1,7 +1,7 @@
 package options
 
 import (
-	cc "bytetrade.io/web3os/installer/pkg/core/common"
+	cc "github.com/beclab/Olares/cli/pkg/core/common"
 	"github.com/spf13/cobra"
 )
 

cli/cmd/ctl/options/gpu_options.go

@@ -1,9 +1,10 @@
 package options
 
 import (
-	"bytetrade.io/web3os/installer/pkg/common"
-	cc "bytetrade.io/web3os/installer/pkg/core/common"
 	"fmt"
+
+	"github.com/beclab/Olares/cli/pkg/common"
+	cc "github.com/beclab/Olares/cli/pkg/core/common"
 	"github.com/spf13/cobra"
 )
 

cli/cmd/ctl/os/changeip.go

@@ -1,10 +1,11 @@
 package os
 
 import (
-	"bytetrade.io/web3os/installer/cmd/ctl/options"
-	"bytetrade.io/web3os/installer/pkg/pipelines"
-	"github.com/spf13/cobra"
 	"log"
+
+	"github.com/beclab/Olares/cli/cmd/ctl/options"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
+	"github.com/spf13/cobra"
 )
 
 func NewCmdChangeIP() *cobra.Command {

cli/cmd/ctl/os/download.go

@@ -1,10 +1,11 @@
 package os
 
 import (
-	"bytetrade.io/web3os/installer/cmd/ctl/options"
-	"bytetrade.io/web3os/installer/pkg/pipelines"
-	"github.com/spf13/cobra"
 	"log"
+
+	"github.com/beclab/Olares/cli/cmd/ctl/options"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
+	"github.com/spf13/cobra"
 )
 
 func NewCmdRootDownload() *cobra.Command {

cli/cmd/ctl/os/info.go

@@ -1,7 +1,7 @@
 package os
 
 import (
-	"bytetrade.io/web3os/installer/pkg/pipelines"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
 	"github.com/spf13/cobra"
 )
 

cli/cmd/ctl/os/install.go

@@ -3,8 +3,8 @@ package os
 import (
 	"log"
 
-	"bytetrade.io/web3os/installer/cmd/ctl/options"
-	"bytetrade.io/web3os/installer/pkg/pipelines"
+	"github.com/beclab/Olares/cli/cmd/ctl/options"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
 	"github.com/spf13/cobra"
 )
 

cli/cmd/ctl/os/logs.go

@@ -2,8 +2,6 @@ package os
 
 import (
 	"archive/tar"
-	"bytetrade.io/web3os/installer/pkg/common"
-	"bytetrade.io/web3os/installer/pkg/core/util"
 	"compress/gzip"
 	"fmt"
 	"io"
@@ -14,6 +12,9 @@ import (
 	"strings"
 	"time"
 
+	"github.com/beclab/Olares/cli/pkg/common"
+	"github.com/beclab/Olares/cli/pkg/core/util"
+
 	"github.com/spf13/cobra"
 )
 

cli/cmd/ctl/os/precheck.go

@@ -1,10 +1,11 @@
 package os
 
 import (
-	"bytetrade.io/web3os/installer/cmd/ctl/options"
-	"bytetrade.io/web3os/installer/pkg/pipelines"
-	"github.com/spf13/cobra"
 	"log"
+
+	"github.com/beclab/Olares/cli/cmd/ctl/options"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
+	"github.com/spf13/cobra"
 )
 
 func NewCmdPrecheck() *cobra.Command {

cli/cmd/ctl/os/prepare.go

@@ -3,8 +3,8 @@ package os
 import (
 	"log"
 
-	"bytetrade.io/web3os/installer/cmd/ctl/options"
-	"bytetrade.io/web3os/installer/pkg/pipelines"
+	"github.com/beclab/Olares/cli/cmd/ctl/options"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
 	"github.com/spf13/cobra"
 )
 

cli/cmd/ctl/os/release.go

@@ -1,9 +1,6 @@
 package os
 
 import (
-	"bytetrade.io/web3os/installer/pkg/core/common"
-	"bytetrade.io/web3os/installer/pkg/core/util"
-	"bytetrade.io/web3os/installer/pkg/release/builder"
 	"fmt"
 	"os"
 	"os/user"
@@ -11,6 +8,10 @@ import (
 	"strings"
 	"time"
 
+	"github.com/beclab/Olares/cli/pkg/core/common"
+	"github.com/beclab/Olares/cli/pkg/core/util"
+	"github.com/beclab/Olares/cli/pkg/release/builder"
+
 	"github.com/spf13/cobra"
 )
 

cli/cmd/ctl/os/startstop.go

@@ -3,9 +3,10 @@ package os
 import (
 	"time"
 
-	"bytetrade.io/web3os/installer/pkg/pipelines"
-	"github.com/spf13/cobra"
 	"log"
+
+	"github.com/beclab/Olares/cli/pkg/pipelines"
+	"github.com/spf13/cobra"
 )
 
 func NewCmdStart() *cobra.Command {

cli/cmd/ctl/os/storage.go

@@ -1,10 +1,11 @@
 package os
 
 import (
-	"bytetrade.io/web3os/installer/cmd/ctl/options"
-	"bytetrade.io/web3os/installer/pkg/pipelines"
-	"github.com/spf13/cobra"
 	"log"
+
+	"github.com/beclab/Olares/cli/cmd/ctl/options"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
+	"github.com/spf13/cobra"
 )
 
 func NewCmdInstallStorage() *cobra.Command {

cli/cmd/ctl/os/uninstall.go

@@ -1,10 +1,11 @@
 package os
 
 import (
-	"bytetrade.io/web3os/installer/cmd/ctl/options"
-	"bytetrade.io/web3os/installer/pkg/pipelines"
-	"github.com/spf13/cobra"
 	"log"
+
+	"github.com/beclab/Olares/cli/cmd/ctl/options"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
+	"github.com/spf13/cobra"
 )
 
 type UninstallOsOptions struct {

cli/cmd/ctl/os/upgrade.go

@@ -3,8 +3,8 @@ package os
 import (
 	"log"
 
-	"bytetrade.io/web3os/installer/cmd/ctl/options"
-	"bytetrade.io/web3os/installer/pkg/pipelines"
+	"github.com/beclab/Olares/cli/cmd/ctl/options"
+	"github.com/beclab/Olares/cli/pkg/pipelines"
 	"github.com/spf13/cobra"
 )
 

cli/cmd/ctl/osinfo/main.go

@@ -3,7 +3,7 @@ package osinfo
 import (
 	"fmt"
 
-	"bytetrade.io/web3os/installer/pkg/core/connector"
+	"github.com/beclab/Olares/cli/pkg/core/connector"
 	"github.com/spf13/cobra"
 )
 

cli/cmd/ctl/root.go

@@ -1,11 +1,11 @@
 package ctl
 
 import (
-	"bytetrade.io/web3os/installer/cmd/ctl/gpu"
-	"bytetrade.io/web3os/installer/cmd/ctl/node"
-	"bytetrade.io/web3os/installer/cmd/ctl/os"
-	"bytetrade.io/web3os/installer/cmd/ctl/osinfo"
-	"bytetrade.io/web3os/installer/version"
+	"github.com/beclab/Olares/cli/cmd/ctl/gpu"
+	"github.com/beclab/Olares/cli/cmd/ctl/node"
+	"github.com/beclab/Olares/cli/cmd/ctl/os"
+	"github.com/beclab/Olares/cli/cmd/ctl/osinfo"
+	"github.com/beclab/Olares/cli/version"
 	"github.com/spf13/cobra"
 )
 

cli/cmd/main.go

@@ -4,7 +4,7 @@ import (
 	"os"
 	"os/exec"
 
-	"bytetrade.io/web3os/installer/cmd/ctl"
+	"github.com/beclab/Olares/cli/cmd/ctl"
 )
 
 func main() {

cli/controllers/cluster_controller.go

@@ -18,7 +18,6 @@ package kubekey
 
 import (
 	"bytes"
-	"bytetrade.io/web3os/installer/pkg/core/logger"
 	"context"
 	"encoding/base64"
 	"encoding/json"
@@ -29,9 +28,11 @@ import (
 	"strings"
 	"time"
 
+	"github.com/beclab/Olares/cli/pkg/core/logger"
+
 	"sigs.k8s.io/yaml"
 
-	kubekeyv1alpha2 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha2"
+	kubekeyv1alpha2 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha2"
 	"github.com/pkg/errors"
 	"k8s.io/apimachinery/pkg/util/wait"
 

cli/controllers/update_cluster.go

@@ -22,14 +22,14 @@ import (
 	"fmt"
 	"text/template"
 
-	kubekeyapiv1alpha2 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha2"
-	"bytetrade.io/web3os/installer/pkg/addons"
-	"bytetrade.io/web3os/installer/pkg/common"
-	"bytetrade.io/web3os/installer/pkg/core/ending"
+	kubekeyapiv1alpha2 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha2"
+	"github.com/beclab/Olares/cli/pkg/addons"
+	"github.com/beclab/Olares/cli/pkg/common"
+	"github.com/beclab/Olares/cli/pkg/core/ending"
 	"github.com/pkg/errors"
 
-	kubekeyclientset "bytetrade.io/web3os/installer/clients/clientset/versioned"
-	"bytetrade.io/web3os/installer/pkg/core/util"
+	kubekeyclientset "github.com/beclab/Olares/cli/clients/clientset/versioned"
+	"github.com/beclab/Olares/cli/pkg/core/util"
 	"github.com/lithammer/dedent"
 	corev1 "k8s.io/api/core/v1"
 	kubeErr "k8s.io/apimachinery/pkg/api/errors"

cli/go.mod

@@ -1,4 +1,4 @@
-module bytetrade.io/web3os/installer
+module github.com/beclab/Olares/cli
 
 go 1.24.0
 
@@ -16,12 +16,15 @@ replace (
 require (
 	bytetrade.io/web3os/backups-sdk v0.0.0-00010101000000-000000000000
 	github.com/Masterminds/semver/v3 v3.3.0
+	github.com/PaesslerAG/jsonpath v0.1.1
+	github.com/alecthomas/assert/v2 v2.11.0
 	github.com/cavaliergopher/grab/v3 v3.0.1
 	github.com/containerd/containerd v1.7.27
-	github.com/containers/image/v5 v5.32.2
+	github.com/decentralized-identity/web5-go v0.25.0
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0
 	github.com/dominodatalab/os-release v0.0.0-20190522011736-bcdb4a3e3c2f
-	github.com/estesp/manifest-tool/v2 v2.1.6
 	github.com/go-playground/validator/v10 v10.22.0
+	github.com/google/uuid v1.6.0
 	github.com/jmoiron/sqlx v1.4.0
 	github.com/joho/godotenv v1.5.1
 	github.com/libp2p/go-netroute v0.2.2
@@ -29,15 +32,19 @@ require (
 	github.com/mattn/go-sqlite3 v1.14.22
 	github.com/mitchellh/mapstructure v1.5.0
 	github.com/modood/table v0.0.0-20220527013332-8d47e76dad33
-	github.com/opencontainers/image-spec v1.1.1
+	github.com/mr-tron/base58 v1.2.0
+	github.com/multiformats/go-varint v0.0.7
 	github.com/pelletier/go-toml v1.9.5
 	github.com/pkg/errors v0.9.1
 	github.com/pkg/sftp v1.13.6
 	github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d
+	github.com/santhosh-tekuri/jsonschema/v5 v5.3.1
 	github.com/schollz/progressbar/v3 v3.17.1
 	github.com/shirou/gopsutil/v4 v4.25.2
 	github.com/shurcooL/httpfs v0.0.0-20230704072500-f1e31cf0ba5c
 	github.com/spf13/cobra v1.9.1
+	github.com/stretchr/testify v1.10.0
+	github.com/syndtr/goleveldb v1.0.0
 	go.uber.org/zap v1.27.0
 	golang.org/x/crypto v0.37.0
 	golang.org/x/term v0.31.0
@@ -67,9 +74,12 @@ require (
 	github.com/Masterminds/squirrel v1.5.4 // indirect
 	github.com/Microsoft/go-winio v0.6.2 // indirect
 	github.com/Microsoft/hcsshim v0.11.7 // indirect
+	github.com/PaesslerAG/gval v1.0.0 // indirect
+	github.com/alecthomas/repr v0.4.0 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/blang/semver/v4 v4.0.0 // indirect
+	github.com/bshuster-repo/logrus-logstash-hook v1.0.2 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/chai2010/gettext-go v1.0.2 // indirect
 	github.com/containerd/cgroups v1.1.0 // indirect
@@ -84,7 +94,6 @@ require (
 	github.com/cyphar/filepath-securejoin v0.4.1 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/distribution/reference v0.6.0 // indirect
-	github.com/docker/distribution v2.8.2+incompatible // indirect
 	github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect
 	github.com/ebitengine/purego v0.8.4 // indirect
 	github.com/emicklei/go-restful/v3 v3.12.1 // indirect
@@ -107,17 +116,18 @@ require (
 	github.com/gobwas/glob v0.2.3 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+	github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db // indirect
 	github.com/google/btree v1.1.3 // indirect
 	github.com/google/gnostic-models v0.6.9 // indirect
 	github.com/google/go-cmp v0.7.0 // indirect
 	github.com/google/gopacket v1.1.19 // indirect
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
-	github.com/google/uuid v1.6.0 // indirect
 	github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 // indirect
 	github.com/gosuri/uitable v0.0.4 // indirect
 	github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/hexops/gotextdiff v1.0.3 // indirect
 	github.com/huandu/xstrings v1.5.0 // indirect
 	github.com/jonboulle/clockwork v0.4.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
@@ -150,9 +160,11 @@ require (
 	github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
 	github.com/olekukonko/tablewriter v0.0.5 // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
+	github.com/opencontainers/image-spec v1.1.1 // indirect
 	github.com/opencontainers/runtime-spec v1.1.0 // indirect
 	github.com/opencontainers/selinux v1.11.0 // indirect
 	github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
 	github.com/prometheus/client_golang v1.22.0 // indirect
 	github.com/prometheus/client_model v0.6.1 // indirect

cli/pkg/account/module.go

@@ -1 +0,0 @@
-package account

cli/pkg/account/tasks.go

@@ -1 +0,0 @@
-package account

cli/pkg/addons/addons.go

@@ -22,8 +22,8 @@ import (
 	"path/filepath"
 	"strings"
 
-	kubekeyapiv1alpha2 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha2"
-	"bytetrade.io/web3os/installer/pkg/common"
+	kubekeyapiv1alpha2 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha2"
+	"github.com/beclab/Olares/cli/pkg/common"
 	"github.com/pkg/errors"
 	"helm.sh/helm/v3/pkg/cli"
 	"helm.sh/helm/v3/pkg/getter"

cli/pkg/addons/charts.go

@@ -40,9 +40,9 @@ import (
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/util/homedir"
 
-	kubekeyapiv1alpha2 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha2"
-	"bytetrade.io/web3os/installer/pkg/common"
-	"bytetrade.io/web3os/installer/pkg/core/logger"
+	kubekeyapiv1alpha2 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha2"
+	"github.com/beclab/Olares/cli/pkg/common"
+	"github.com/beclab/Olares/cli/pkg/core/logger"
 )
 
 func debug(format string, v ...interface{}) {

cli/pkg/addons/module.go

@@ -17,8 +17,8 @@
 package addons
 
 import (
-	"bytetrade.io/web3os/installer/pkg/common"
-	"bytetrade.io/web3os/installer/pkg/core/task"
+	"github.com/beclab/Olares/cli/pkg/common"
+	"github.com/beclab/Olares/cli/pkg/core/task"
 )
 
 type AddonsModule struct {

cli/pkg/addons/tasks.go

@@ -20,9 +20,9 @@ import (
 	"fmt"
 	"path/filepath"
 
-	"bytetrade.io/web3os/installer/pkg/common"
-	"bytetrade.io/web3os/installer/pkg/core/connector"
-	"bytetrade.io/web3os/installer/pkg/core/logger"
+	"github.com/beclab/Olares/cli/pkg/common"
+	"github.com/beclab/Olares/cli/pkg/core/connector"
+	"github.com/beclab/Olares/cli/pkg/core/logger"
 )
 
 type Install struct {

cli/pkg/binaries/kubernetes.go

@@ -1,74 +0,0 @@
-/*
- Copyright 2021 The KubeSphere Authors.
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
-     http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-*/
-
-package binaries
-
-import (
-	"fmt"
-	"os/exec"
-
-	kubekeyapiv1alpha2 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha2"
-	"bytetrade.io/web3os/installer/pkg/common"
-	"bytetrade.io/web3os/installer/pkg/core/cache"
-	"bytetrade.io/web3os/installer/pkg/core/logger"
-	"bytetrade.io/web3os/installer/pkg/core/util"
-	"bytetrade.io/web3os/installer/pkg/files"
-	"github.com/pkg/errors"
-)
-
-// CriDownloadHTTP defines the kubernetes' binaries that need to be downloaded in advance and downloads them.
-func CriDownloadHTTP(kubeConf *common.KubeConf, path, arch, osType, osVersion, osPlatformFamily string, pipelineCache *cache.Cache) error {
-
-	binaries := []*files.KubeBinary{}
-	switch kubeConf.Arg.Type {
-	case common.Docker:
-		docker := files.NewKubeBinary("docker", arch, osType, osVersion, osPlatformFamily, kubekeyapiv1alpha2.DefaultDockerVersion, path, "")
-		binaries = append(binaries, docker)
-	case common.Containerd:
-		containerd := files.NewKubeBinary("containerd", arch, osType, osVersion, osPlatformFamily, kubekeyapiv1alpha2.DefaultContainerdVersion, path, "")
-		runc := files.NewKubeBinary("runc", arch, osType, osVersion, osPlatformFamily, kubekeyapiv1alpha2.DefaultRuncVersion, path, "")
-		crictl := files.NewKubeBinary("crictl", arch, osType, osVersion, osPlatformFamily, kubekeyapiv1alpha2.DefaultCrictlVersion, path, "")
-		binaries = append(binaries, containerd, runc, crictl)
-	default:
-	}
-	binariesMap := make(map[string]*files.KubeBinary)
-	for _, binary := range binaries {
-		if err := binary.CreateBaseDir(); err != nil {
-			return errors.Wrapf(errors.WithStack(err), "create file %s base dir failed", binary.FileName)
-		}
-
-		logger.Infof("%s downloading %s %s %s ...", common.LocalHost, arch, binary.ID, binary.Version)
-
-		binariesMap[binary.ID] = binary
-		if util.IsExist(binary.Path()) {
-			// download it again if it's incorrect
-			if err := binary.SHA256Check(); err != nil {
-				p := binary.Path()
-				_ = exec.Command("/bin/sh", "-c", fmt.Sprintf("rm -f %s", p)).Run()
-			} else {
-				logger.Infof("%s %s is existed", common.LocalHost, binary.ID)
-				continue
-			}
-		}
-
-		if err := binary.Download(); err != nil {
-			return fmt.Errorf("Failed to download %s binary: %s error: %w ", binary.ID, binary.Url, err)
-		}
-	}
-
-	pipelineCache.Set(common.KubeBinaries+"-"+arch, binariesMap)
-	return nil
-}

cli/pkg/binaries/module.go

@@ -1,55 +0,0 @@
-/*
- Copyright 2021 The KubeSphere Authors.
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
-     http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-*/
-
-package binaries
-
-import (
-	"bytetrade.io/web3os/installer/pkg/common"
-	"bytetrade.io/web3os/installer/pkg/core/task"
-)
-
-type CriBinariesModule struct {
-	common.KubeModule
-}
-
-func (i *CriBinariesModule) Init() {
-	i.Name = "CriBinariesModule"
-	i.Desc = "Download Cri package"
-	switch i.KubeConf.Arg.Type {
-	case common.Docker:
-		i.Tasks = CriBinaries(i)
-	case common.Containerd:
-		i.Tasks = CriBinaries(i)
-	default:
-	}
-
-}
-
-func CriBinaries(p *CriBinariesModule) []task.Interface {
-
-	download := &task.LocalTask{
-		Name:   "DownloadCriPackage",
-		Desc:   "Download Cri package",
-		Action: new(CriDownload),
-	}
-
-	p.Tasks = []task.Interface{
-		download,
-	}
-	return p.Tasks
-}
-
-// TODO: install helm

cli/pkg/binaries/prepares.go

@@ -3,9 +3,9 @@ package binaries
 import (
 	"strings"
 
-	"bytetrade.io/web3os/installer/pkg/core/connector"
-	"bytetrade.io/web3os/installer/pkg/core/logger"
-	"bytetrade.io/web3os/installer/pkg/core/prepare"
+	"github.com/beclab/Olares/cli/pkg/core/connector"
+	"github.com/beclab/Olares/cli/pkg/core/logger"
+	"github.com/beclab/Olares/cli/pkg/core/prepare"
 )
 
 type Ubuntu24AppArmorCheck struct {

cli/pkg/binaries/system.go

@@ -1,50 +1,11 @@
 package binaries
 
 import (
-	"bytetrade.io/web3os/installer/pkg/core/util"
-	"bytetrade.io/web3os/installer/pkg/manifest"
+	"github.com/beclab/Olares/cli/pkg/core/util"
+	"github.com/beclab/Olares/cli/pkg/manifest"
 	"github.com/pkg/errors"
 )
 
-func GetSocat(basePath string, manifestMap manifest.InstallationManifest) (string, string, error) {
-	socat, err := manifestMap.Get("socat")
-	if err != nil {
-		return "", "", err
-	}
-
-	path := socat.FilePath(basePath)
-	if !util.IsExist(path) {
-		return "", "", errors.Errorf("socat not found in %s", path)
-	}
-	return basePath, socat.Filename, nil
-}
-
-func GetFlex(basePath string, manifestMap manifest.InstallationManifest) (string, string, error) {
-	flex, err := manifestMap.Get("flex")
-	if err != nil {
-		return "", "", err
-	}
-
-	path := flex.FilePath(basePath)
-	if !util.IsExist(path) {
-		return "", "", errors.Errorf("flex not found in %s", path)
-	}
-	return basePath, flex.Filename, nil
-}
-
-func GetConntrack(basePath string, manifestMap manifest.InstallationManifest) (string, string, error) {
-	conntrack, err := manifestMap.Get("conntrack")
-	if err != nil {
-		return "", "", err
-	}
-
-	path := conntrack.FilePath(basePath)
-	if !util.IsExist(path) {
-		return "", "", errors.Errorf("conntrack not found in %s", path)
-	}
-	return basePath, conntrack.Filename, nil
-}
-
 func GetUbutun24AppArmor(basePath string, manifestMap manifest.InstallationManifest) (string, error) {
 	apparmor, err := manifestMap.Get("apparmor")
 	if err != nil {

cli/pkg/binaries/tasks.go

@@ -19,11 +19,10 @@ package binaries
 import (
 	"fmt"
 
-	"bytetrade.io/web3os/installer/pkg/common"
-	"bytetrade.io/web3os/installer/pkg/core/connector"
-	"bytetrade.io/web3os/installer/pkg/core/logger"
-	"bytetrade.io/web3os/installer/pkg/manifest"
-	"github.com/pkg/errors"
+	"github.com/beclab/Olares/cli/pkg/common"
+	"github.com/beclab/Olares/cli/pkg/core/connector"
+	"github.com/beclab/Olares/cli/pkg/core/logger"
+	"github.com/beclab/Olares/cli/pkg/manifest"
 )
 
 type InstallAppArmorTask struct {
@@ -44,36 +43,3 @@ func (t *InstallAppArmorTask) Execute(runtime connector.Runtime) error {
 
 	return nil
 }
-
-type CriDownload struct {
-	common.KubeAction
-	manifest.ManifestAction
-}
-
-func (d *CriDownload) Execute(runtime connector.Runtime) error {
-	cfg := d.KubeConf.Cluster
-	archMap := make(map[string]bool)
-	for _, host := range cfg.Hosts {
-		switch host.Arch {
-		case "amd64":
-			archMap["amd64"] = true
-		case "arm64":
-			archMap["arm64"] = true
-		default:
-			return errors.New(fmt.Sprintf("Unsupported architecture: %s", host.Arch))
-		}
-	}
-
-	var systemInfo = runtime.GetSystemInfo()
-	var osType = systemInfo.GetOsType()
-	var osPlatformFamily = systemInfo.GetOsPlatformFamily()
-	var osVersion = systemInfo.GetOsVersion()
-	for arch := range archMap {
-		if err := CriDownloadHTTP(d.KubeConf, runtime.GetWorkDir(), arch, osType, osVersion, osPlatformFamily, d.PipelineCache); err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-// TODO: install helm

cli/pkg/bootstrap/confirm/module.go

@@ -17,9 +17,8 @@
 package confirm
 
 import (
-	"bytetrade.io/web3os/installer/pkg/common"
-	"bytetrade.io/web3os/installer/pkg/core/module"
-	"bytetrade.io/web3os/installer/pkg/core/task"
+	"github.com/beclab/Olares/cli/pkg/common"
+	"github.com/beclab/Olares/cli/pkg/core/task"
 )
 
 type InstallConfirmModule struct {
@@ -45,105 +44,3 @@ func (i *InstallConfirmModule) Init() {
 		display,
 	}
 }
-
-type DeleteClusterConfirmModule struct {
-	common.KubeModule
-}
-
-func (d *DeleteClusterConfirmModule) Init() {
-	d.Name = "DeleteClusterConfirmModule"
-	d.Desc = "Display delete confirmation form"
-
-	display := &task.LocalTask{
-		Name:   "ConfirmForm",
-		Desc:   "Display confirmation form",
-		Action: &DeleteConfirm{Content: "cluster"},
-	}
-
-	d.Tasks = []task.Interface{
-		display,
-	}
-}
-
-type DeleteNodeConfirmModule struct {
-	common.KubeModule
-}
-
-func (d *DeleteNodeConfirmModule) Init() {
-	d.Name = "DeleteNodeConfirmModule"
-	d.Desc = "Display delete node confirmation form"
-
-	display := &task.LocalTask{
-		Name:   "ConfirmForm",
-		Desc:   "Display confirmation form",
-		Action: &DeleteConfirm{Content: "node"},
-	}
-
-	d.Tasks = []task.Interface{
-		display,
-	}
-}
-
-type UpgradeConfirmModule struct {
-	common.KubeModule
-	Skip bool
-}
-
-func (u *UpgradeConfirmModule) IsSkip() bool {
-	return u.Skip
-}
-
-func (u *UpgradeConfirmModule) Init() {
-	u.Name = "UpgradeConfirmModule"
-	u.Desc = "Display upgrade confirmation form"
-
-	display := &task.LocalTask{
-		Name:   "ConfirmForm",
-		Desc:   "Display confirmation form",
-		Action: new(UpgradeConfirm),
-	}
-
-	u.Tasks = []task.Interface{
-		display,
-	}
-}
-
-type CheckFileExistModule struct {
-	module.BaseTaskModule
-	FileName string
-}
-
-func (c *CheckFileExistModule) Init() {
-	c.Name = "CheckFileExist"
-	c.Desc = "Check file if is existed"
-
-	check := &task.LocalTask{
-		Name:   "CheckExist",
-		Desc:   "Check output file if existed",
-		Action: &CheckFile{FileName: c.FileName},
-	}
-
-	c.Tasks = []task.Interface{
-		check,
-	}
-}
-
-type MigrateCriConfirmModule struct {
-	common.KubeModule
-}
-
-func (d *MigrateCriConfirmModule) Init() {
-	d.Name = "MigrateCriConfirmModule"
-	d.Desc = "Display Migrate Cri form"
-
-	display := &task.LocalTask{
-		Name:   "ConfirmForm",
-		Desc:   "Display confirmation form",
-		Action: &MigrateCri{},
-	}
-
-	d.Tasks = []task.Interface{
-		display,
-	}
-
-}

cli/pkg/bootstrap/confirm/tasks.go

@@ -20,7 +20,6 @@ import (
 	"bufio"
 	"fmt"
 	"os"
-	"regexp"
 	"strings"
 
 	"github.com/mitchellh/mapstructure"
@@ -28,11 +27,9 @@ import (
 	"github.com/pkg/errors"
 	versionutil "k8s.io/apimachinery/pkg/util/version"
 
-	"bytetrade.io/web3os/installer/pkg/common"
-	"bytetrade.io/web3os/installer/pkg/core/action"
-	"bytetrade.io/web3os/installer/pkg/core/connector"
-	"bytetrade.io/web3os/installer/pkg/core/logger"
-	"bytetrade.io/web3os/installer/pkg/core/util"
+	"github.com/beclab/Olares/cli/pkg/common"
+	"github.com/beclab/Olares/cli/pkg/core/connector"
+	"github.com/beclab/Olares/cli/pkg/core/logger"
 )
 
 // PreCheckResults defines the items to be checked.
@@ -145,226 +142,3 @@ func (i *InstallationConfirm) Execute(runtime connector.Runtime) error {
 	}
 	return nil
 }
-
-type DeleteConfirm struct {
-	common.KubeAction
-	Content string
-}
-
-func (d *DeleteConfirm) Execute(runtime connector.Runtime) error {
-	reader := bufio.NewReader(os.Stdin)
-
-	confirmOK := false
-	for !confirmOK {
-		fmt.Printf("Are you sure to delete this %s? [yes/no]: ", d.Content)
-		input, err := reader.ReadString('\n')
-		if err != nil {
-			return err
-		}
-		input = strings.ToLower(strings.TrimSpace(input))
-
-		switch strings.ToLower(input) {
-		case "yes", "y":
-			confirmOK = true
-		case "no", "n":
-			os.Exit(0)
-		default:
-			continue
-		}
-	}
-
-	return nil
-}
-
-type UpgradeConfirm struct {
-	common.KubeAction
-}
-
-func (u *UpgradeConfirm) Execute(runtime connector.Runtime) error {
-	pre := make([]map[string]string, len(runtime.GetAllHosts()), len(runtime.GetAllHosts()))
-	for i, host := range runtime.GetAllHosts() {
-		if v, ok := host.GetCache().Get(common.NodePreCheck); ok {
-			pre[i] = v.(map[string]string)
-		} else {
-			return errors.New("get node check result failed by host cache")
-		}
-	}
-
-	results := make([]PreCheckResults, len(pre), len(pre))
-	for i := range pre {
-		var result PreCheckResults
-		_ = mapstructure.Decode(pre[i], &result)
-		results[i] = result
-	}
-	table.OutputA(results)
-	fmt.Println()
-
-	warningFlag := false
-	cmp, err := versionutil.MustParseSemantic(u.KubeConf.Cluster.Kubernetes.Version).Compare("v1.19.0")
-	if err != nil {
-		logger.Fatalf("Failed to compare kubernetes version: %v", err)
-	}
-	if cmp == 0 || cmp == 1 {
-		for _, result := range results {
-			if len(result.Docker) != 0 {
-				dockerVersion, err := RefineDockerVersion(result.Docker)
-				if err != nil {
-					logger.Fatalf("Failed to get docker version: %v", err)
-				}
-				cmp, err := versionutil.MustParseSemantic(dockerVersion).Compare("20.10.0")
-				if err != nil {
-					logger.Fatalf("Failed to compare docker version: %v", err)
-				}
-				warningFlag = warningFlag || (cmp == -1)
-			}
-		}
-		if warningFlag {
-			fmt.Println(`
-Warning:
-
-  An old Docker version may cause the failure of upgrade. It is recommended that you upgrade Docker to 20.10+ beforehand.
-
-  Issue: https://github.com/kubernetes/kubernetes/issues/101056`)
-			fmt.Print("\n")
-		}
-	}
-
-	nodeStats, ok := u.PipelineCache.GetMustString(common.ClusterNodeStatus)
-	if !ok {
-		return errors.New("get cluster nodes status failed by pipeline cache")
-	}
-	fmt.Println("Cluster nodes status:")
-	fmt.Println(nodeStats + "\n")
-
-	fmt.Println("Upgrade Confirmation:")
-	currentK8sVersion, ok := u.PipelineCache.GetMustString(common.K8sVersion)
-	if !ok {
-		return errors.New("get current Kubernetes version failed by pipeline cache")
-	}
-	fmt.Printf("kubernetes version: %s to %s\n", currentK8sVersion, u.KubeConf.Cluster.Kubernetes.Version)
-
-	if u.KubeConf.Cluster.KubeSphere.Enabled {
-		currentKsVersion, ok := u.PipelineCache.GetMustString(common.KubeSphereVersion)
-		if !ok {
-			return errors.New("get current KubeSphere version failed by pipeline cache")
-		}
-		fmt.Printf("kubesphere version: %s to %s\n", currentKsVersion, u.KubeConf.Cluster.KubeSphere.Version)
-	}
-	fmt.Println()
-
-	if k8sVersion, err := versionutil.ParseGeneric(u.KubeConf.Cluster.Kubernetes.Version); err == nil {
-		if cri, ok := u.PipelineCache.GetMustString(common.ClusterNodeCRIRuntimes); ok {
-			k8sV124 := versionutil.MustParseSemantic("v1.24.0")
-			if k8sVersion.AtLeast(k8sV124) && versionutil.MustParseSemantic(currentK8sVersion).LessThan(k8sV124) && strings.Contains(cri, "docker") {
-				fmt.Println("[Notice]")
-				fmt.Println("Pre-upgrade check failed. The container runtime of the current cluster is Docker.")
-				fmt.Println("Kubernetes v1.24 and later no longer support dockershim and Docker.")
-				fmt.Println("Make sure you have completed the migration from Docker to other container runtimes that are compatible with the Kubernetes CRI.")
-				fmt.Println("For more information, see:")
-				fmt.Println("https://kubernetes.io/docs/setup/production-environment/container-runtimes/#container-runtimes")
-				fmt.Println("https://kubernetes.io/blog/2022/02/17/dockershim-faq/")
-				fmt.Println("")
-			}
-		}
-	}
-
-	reader := bufio.NewReader(os.Stdin)
-	confirmOK := false
-	for !confirmOK {
-		fmt.Printf("Continue upgrading cluster? [yes/no]: ")
-		input, err := reader.ReadString('\n')
-		if err != nil {
-			return err
-		}
-		input = strings.ToLower(strings.TrimSpace(input))
-
-		switch input {
-		case "yes", "y":
-			confirmOK = true
-		case "no", "n":
-			os.Exit(0)
-		default:
-			continue
-		}
-	}
-	return nil
-}
-
-func RefineDockerVersion(version string) (string, error) {
-	var newVersionComponents []string
-	versionMatchRE := regexp.MustCompile(`^\s*v?([0-9]+(?:\.[0-9]+)*)(.*)*$`)
-	parts := versionMatchRE.FindStringSubmatch(version)
-	if parts == nil {
-		return "", fmt.Errorf("could not parse %q as version", version)
-	}
-	numbers, _ := parts[1], parts[2]
-	components := strings.Split(numbers, ".")
-
-	for index, c := range components {
-		newVersion := strings.TrimPrefix(c, "0")
-		if index == len(components)-1 && newVersion == "" {
-			newVersion = "0"
-		}
-		newVersionComponents = append(newVersionComponents, newVersion)
-	}
-	return strings.Join(newVersionComponents, "."), nil
-}
-
-type CheckFile struct {
-	action.BaseAction
-	FileName string
-}
-
-func (c *CheckFile) Execute(runtime connector.Runtime) error {
-	if util.IsExist(c.FileName) {
-		reader := bufio.NewReader(os.Stdin)
-		stop := false
-		for {
-			if stop {
-				break
-			}
-			fmt.Printf("%s already exists. Are you sure you want to overwrite this file? [yes/no]: ", c.FileName)
-			input, _ := reader.ReadString('\n')
-			input = strings.ToLower(strings.TrimSpace(input))
-
-			if input != "" {
-				switch input {
-				case "yes", "y":
-					stop = true
-				case "no", "n":
-					os.Exit(0)
-				}
-			}
-		}
-	}
-	return nil
-}
-
-type MigrateCri struct {
-	common.KubeAction
-}
-
-func (d *MigrateCri) Execute(runtime connector.Runtime) error {
-	reader := bufio.NewReader(os.Stdin)
-
-	confirmOK := false
-	for !confirmOK {
-		fmt.Printf("Are you sure to Migrate Cri? [yes/no]: ")
-		input, err := reader.ReadString('\n')
-		if err != nil {
-			return err
-		}
-		input = strings.ToLower(strings.TrimSpace(input))
-
-		switch strings.ToLower(input) {
-		case "yes", "y":
-			confirmOK = true
-		case "no", "n":
-			os.Exit(0)
-		default:
-			continue
-		}
-	}
-
-	return nil
-}

cli/pkg/bootstrap/download/module.go

@@ -1,8 +1,8 @@
 package download
 
 import (
-	"bytetrade.io/web3os/installer/pkg/common"
-	"bytetrade.io/web3os/installer/pkg/core/task"
+	"github.com/beclab/Olares/cli/pkg/common"
+	"github.com/beclab/Olares/cli/pkg/core/task"
 )
 
 type PackageDownloadModule struct {

cli/pkg/bootstrap/download/tasks.go

@@ -9,14 +9,14 @@ import (
 
 	"github.com/pkg/errors"
 
-	cc "bytetrade.io/web3os/installer/pkg/core/common"
+	cc "github.com/beclab/Olares/cli/pkg/core/common"
 
-	"bytetrade.io/web3os/installer/pkg/common"
-	"bytetrade.io/web3os/installer/pkg/core/connector"
-	"bytetrade.io/web3os/installer/pkg/core/logger"
-	"bytetrade.io/web3os/installer/pkg/files"
-	"bytetrade.io/web3os/installer/pkg/manifest"
-	"bytetrade.io/web3os/installer/pkg/utils"
+	"github.com/beclab/Olares/cli/pkg/common"
+	"github.com/beclab/Olares/cli/pkg/core/connector"
+	"github.com/beclab/Olares/cli/pkg/core/logger"
+	"github.com/beclab/Olares/cli/pkg/files"
+	"github.com/beclab/Olares/cli/pkg/manifest"
+	"github.com/beclab/Olares/cli/pkg/utils"
 )
 
 type PackageDownload struct {

cli/pkg/bootstrap/hello/hooks.go

@@ -1,49 +0,0 @@
-package hello
-
-import (
-	"context"
-	"fmt"
-	"time"
-
-	"bytetrade.io/web3os/installer/pkg/core/ending"
-	"bytetrade.io/web3os/installer/pkg/core/logger"
-	"bytetrade.io/web3os/installer/pkg/core/module"
-	"bytetrade.io/web3os/installer/pkg/core/util"
-)
-
-type HelloHook struct {
-	Module module.Module
-	Result *ending.ModuleResult
-}
-
-func (h *HelloHook) Init(module module.Module, result *ending.ModuleResult) {
-	fmt.Println("---hello hook / init---")
-	h.Module = module
-	h.Result = result
-	h.Result.StartTime = time.Now()
-}
-
-func (h *HelloHook) Try() error {
-	fmt.Println("---hello hook / try---", h.Result.StartTime.String())
-	_, _, err := util.Exec(context.Background(), "echo 'hello, world!!!!!'", true, false)
-
-	if err != nil {
-		h.Result.ErrResult(err)
-		return err
-	}
-
-	return nil
-}
-
-func (h *HelloHook) Catch(err error) error {
-	fmt.Println("---hello hook / Cache---", err)
-	time.Sleep(5 * time.Second)
-	return nil
-}
-
-func (h *HelloHook) Finally() {
-	fmt.Println("---hello hook / Finally---")
-	h.Result.EndTime = time.Now()
-	sayHello := h.Result.Status.String()
-	logger.Infof(">>>> %s %s", sayHello, h.Result.EndTime.String())
-}

cli/pkg/bootstrap/hello/module.go

@@ -1,18 +0,0 @@
-package hello
-
-import (
-	"bytetrade.io/web3os/installer/pkg/core/module"
-)
-
-type HelloModule struct {
-	module.BaseTaskModule
-}
-
-func (h *HelloModule) Init() {
-	h.Name = "HelloModule"
-	h.Desc = "Say Hello"
-
-	h.PostHook = []module.PostHookInterface{
-		&HelloHook{},
-	}
-}

cli/pkg/bootstrap/os/module.go

@@ -17,15 +17,16 @@
 package os
 
 import (
-	"bytetrade.io/web3os/installer/pkg/kubernetes"
 	"path/filepath"
 
-	"bytetrade.io/web3os/installer/pkg/bootstrap/os/templates"
-	"bytetrade.io/web3os/installer/pkg/common"
-	"bytetrade.io/web3os/installer/pkg/core/action"
-	"bytetrade.io/web3os/installer/pkg/core/prepare"
-	"bytetrade.io/web3os/installer/pkg/core/task"
-	"bytetrade.io/web3os/installer/pkg/core/util"
+	"github.com/beclab/Olares/cli/pkg/kubernetes"
+
+	"github.com/beclab/Olares/cli/pkg/bootstrap/os/templates"
+	"github.com/beclab/Olares/cli/pkg/common"
+	"github.com/beclab/Olares/cli/pkg/core/action"
+	"github.com/beclab/Olares/cli/pkg/core/prepare"
+	"github.com/beclab/Olares/cli/pkg/core/task"
+	"github.com/beclab/Olares/cli/pkg/core/util"
 )
 
 type PvePatchModule struct {
@@ -195,47 +196,6 @@ func (c *ConfigureOSModule) Init() {
 	}
 }
 
-type ClearNodeOSModule struct {
-	common.KubeModule
-}
-
-func (c *ClearNodeOSModule) Init() {
-	c.Name = "ClearNodeOSModule"
-
-	resetNetworkConfig := &task.RemoteTask{
-		Name:     "ResetNetworkConfig",
-		Desc:     "Reset os network config",
-		Hosts:    c.Runtime.GetHostsByRole(common.Worker),
-		Prepare:  new(DeleteNode),
-		Action:   new(ResetNetworkConfig),
-		Parallel: true,
-	}
-
-	removeFiles := &task.RemoteTask{
-		Name:     "RemoveFiles",
-		Desc:     "Remove node files",
-		Hosts:    c.Runtime.GetHostsByRole(common.Worker),
-		Prepare:  new(DeleteNode),
-		Action:   new(RemoveNodeFiles),
-		Parallel: true,
-	}
-
-	daemonReload := &task.RemoteTask{
-		Name:     "DaemonReload",
-		Desc:     "Systemd daemon reload",
-		Hosts:    c.Runtime.GetHostsByRole(common.Worker),
-		Prepare:  new(DeleteNode),
-		Action:   new(DaemonReload),
-		Parallel: true,
-	}
-
-	c.Tasks = []task.Interface{
-		resetNetworkConfig,
-		removeFiles,
-		daemonReload,
-	}
-}
-
 type ClearOSEnvironmentModule struct {
 	common.KubeModule
 }
@@ -285,157 +245,3 @@ func (c *ClearOSEnvironmentModule) Init() {
 		daemonReload,
 	}
 }
-
-type RepositoryOnlineModule struct {
-	common.KubeModule
-	Skip bool
-}
-
-func (r *RepositoryOnlineModule) IsSkip() bool {
-	return r.Skip
-}
-
-func (r *RepositoryOnlineModule) Init() {
-	r.Name = "RepositoryOnlineModule"
-
-	getOSData := &task.RemoteTask{
-		Name:     "GetOSData",
-		Desc:     "Get OS release",
-		Hosts:    r.Runtime.GetAllHosts(),
-		Action:   new(GetOSData),
-		Parallel: true,
-	}
-
-	newRepo := &task.RemoteTask{
-		Name:     "NewRepoClient",
-		Desc:     "New repository client",
-		Hosts:    r.Runtime.GetAllHosts(),
-		Action:   new(NewRepoClient),
-		Parallel: true,
-		Retry:    1,
-	}
-
-	install := &task.RemoteTask{
-		Name:     "InstallPackage",
-		Desc:     "Install packages",
-		Hosts:    r.Runtime.GetAllHosts(),
-		Action:   new(InstallPackage),
-		Parallel: true,
-		Retry:    1,
-	}
-
-	r.Tasks = []task.Interface{
-		getOSData,
-		newRepo,
-		install,
-	}
-}
-
-type RepositoryModule struct {
-	common.KubeModule
-	Skip bool
-}
-
-func (r *RepositoryModule) IsSkip() bool {
-	return r.Skip
-}
-
-func (r *RepositoryModule) Init() {
-	r.Name = "RepositoryModule"
-	r.Desc = "Install local repository"
-
-	getOSData := &task.RemoteTask{
-		Name:     "GetOSData",
-		Desc:     "Get OS release",
-		Hosts:    r.Runtime.GetAllHosts(),
-		Action:   new(GetOSData),
-		Parallel: true,
-	}
-
-	sync := &task.RemoteTask{
-		Name:     "SyncRepositoryISOFile",
-		Desc:     "Sync repository iso file to all nodes",
-		Hosts:    r.Runtime.GetAllHosts(),
-		Action:   new(SyncRepositoryFile),
-		Parallel: true,
-		Retry:    2,
-	}
-
-	mount := &task.RemoteTask{
-		Name:     "MountISO",
-		Desc:     "Mount iso file",
-		Hosts:    r.Runtime.GetAllHosts(),
-		Action:   new(MountISO),
-		Parallel: true,
-		Retry:    1,
-	}
-
-	newRepo := &task.RemoteTask{
-		Name:     "NewRepoClient",
-		Desc:     "New repository client",
-		Hosts:    r.Runtime.GetAllHosts(),
-		Action:   new(NewRepoClient),
-		Parallel: true,
-		Retry:    1,
-		Rollback: new(RollbackUmount),
-	}
-
-	backup := &task.RemoteTask{
-		Name:     "BackupOriginalRepository",
-		Desc:     "Backup original repository",
-		Hosts:    r.Runtime.GetAllHosts(),
-		Action:   new(BackupOriginalRepository),
-		Parallel: true,
-		Retry:    1,
-		Rollback: new(RecoverBackupSuccessNode),
-	}
-
-	add := &task.RemoteTask{
-		Name:     "AddLocalRepository",
-		Desc:     "Add local repository",
-		Hosts:    r.Runtime.GetAllHosts(),
-		Action:   new(AddLocalRepository),
-		Parallel: true,
-		Retry:    1,
-		Rollback: new(RecoverRepository),
-	}
-
-	install := &task.RemoteTask{
-		Name:     "InstallPackage",
-		Desc:     "Install packages",
-		Hosts:    r.Runtime.GetAllHosts(),
-		Action:   new(InstallPackage),
-		Parallel: true,
-		Retry:    1,
-		Rollback: new(RecoverRepository),
-	}
-
-	reset := &task.RemoteTask{
-		Name:     "ResetRepository",
-		Desc:     "Reset repository to the original repository",
-		Hosts:    r.Runtime.GetAllHosts(),
-		Action:   new(ResetRepository),
-		Parallel: true,
-		Retry:    1,
-	}
-
-	umount := &task.RemoteTask{
-		Name:     "UmountISO",
-		Desc:     "Umount ISO file",
-		Hosts:    r.Runtime.GetAllHosts(),
-		Action:   new(UmountISO),
-		Parallel: true,
-	}
-
-	r.Tasks = []task.Interface{
-		getOSData,
-		sync,
-		mount,
-		newRepo,
-		backup,
-		add,
-		install,
-		reset,
-		umount,
-	}
-}

cli/pkg/bootstrap/os/prepares.go

@@ -17,11 +17,11 @@
 package os
 
 import (
-	kubekeyv1alpha2 "bytetrade.io/web3os/installer/apis/kubekey/v1alpha2"
-	"bytetrade.io/web3os/installer/pkg/common"
-	"bytetrade.io/web3os/installer/pkg/core/connector"
-	"bytetrade.io/web3os/installer/pkg/core/logger"
-	"bytetrade.io/web3os/installer/pkg/core/util"
+	kubekeyv1alpha2 "github.com/beclab/Olares/cli/apis/kubekey/v1alpha2"
+	"github.com/beclab/Olares/cli/pkg/common"
+	"github.com/beclab/Olares/cli/pkg/core/connector"
+	"github.com/beclab/Olares/cli/pkg/core/logger"
+	"github.com/beclab/Olares/cli/pkg/core/util"
 )
 
 type CheckHwClock struct {
@@ -68,24 +68,6 @@ func (e *EtcdTypeIsKubeKey) PreCheck(_ connector.Runtime) (bool, error) {
 	return false, nil
 }
 
-type DeleteNode struct {
-	common.KubePrepare
-}
-
-func (d *DeleteNode) PreCheck(runtime connector.Runtime) (bool, error) {
-	nodeName, ok := d.PipelineCache.Get("dstNode")
-	if !ok {
-		return true, nil
-	}
-
-	host := runtime.RemoteHost()
-	if host.GetName() == nodeName {
-		return true, nil
-	}
-
-	return false, nil
-}
-
 type IsPveLxc struct {
 	common.KubePrepare
 }

cli/pkg/bootstrap/os/repository/repository.go

@@ -1,44 +0,0 @@
-/*
- Copyright 2021 The KubeSphere Authors.
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
-     http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-*/
-
-package repository
-
-import (
-	"fmt"
-	"strings"
-
-	"bytetrade.io/web3os/installer/pkg/core/connector"
-)
-
-type Interface interface {
-	Backup(runtime connector.Runtime) error
-	IsAlreadyBackUp() bool
-	Add(runtime connector.Runtime, path string) error
-	Update(runtime connector.Runtime) error
-	Install(runtime connector.Runtime, pkg ...string) error
-	Reset(runtime connector.Runtime) error
-}
-
-func New(os string) (Interface, error) {
-	switch strings.ToLower(os) {
-	case "ubuntu", "debian":
-		return NewDeb(), nil
-	case "centos", "rhel":
-		return NewRPM(), nil
-	default:
-		return nil, fmt.Errorf("unsupported operation system %s", os)
-	}
-}

cli/pkg/bootstrap/os/repository/repository_deb.go

@@ -1,106 +0,0 @@
-/*
- Copyright 2021 The KubeSphere Authors.
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
-     http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-*/
-
-package repository
-
-import (
-	"fmt"
-	"strings"
-
-	"bytetrade.io/web3os/installer/pkg/core/connector"
-)
-
-type Debian struct {
-	backup bool
-}
-
-func NewDeb() Interface {
-	return &Debian{}
-}
-
-func (d *Debian) Backup(runtime connector.Runtime) error {
-	if _, err := runtime.GetRunner().SudoCmd("mv /etc/apt/sources.list /etc/apt/sources.list.kubekey.bak", false, false); err != nil {
-		return err
-	}
-
-	if _, err := runtime.GetRunner().SudoCmd("mv /etc/apt/sources.list.d /etc/apt/sources.list.d.kubekey.bak", false, false); err != nil {
-		return err
-	}
-
-	if _, err := runtime.GetRunner().SudoCmd("mkdir -p /etc/apt/sources.list.d", false, false); err != nil {
-		return err
-	}
-	d.backup = true
-	return nil
-}
-
-func (d *Debian) IsAlreadyBackUp() bool {
-	return d.backup
-}
-
-func (d *Debian) Add(runtime connector.Runtime, path string) error {
-	if !d.IsAlreadyBackUp() {
-		return fmt.Errorf("linux repository must be backuped before")
-	}
-
-	if _, err := runtime.GetRunner().SudoCmd("rm -rf /etc/apt/sources.list.d/*", false, false); err != nil {
-		return err
-	}
-
-	if _, err := runtime.GetRunner().SudoCmd(fmt.Sprintf("echo 'deb [trusted=yes]  file://%s   /' > /etc/apt/sources.list.d/kubekey.list", path),
-		true, false); err != nil {
-		return err
-	}
-	return nil
-}
-
-func (d *Debian) Update(runtime connector.Runtime) error {
-	if _, err := runtime.GetRunner().Cmd("sudo apt-get update", true, false); err != nil {
-		return err
-	}
-	return nil
-}
-
-func (d *Debian) Install(runtime connector.Runtime, pkg ...string) error {
-	defaultPkg := []string{"socat", "conntrack", "ipset", "ebtables", "chrony", "ipvsadm"}
-	if len(pkg) == 0 {
-		pkg = defaultPkg
-	} else {
-		pkg = append(pkg, defaultPkg...)
-	}
-
-	str := strings.Join(pkg, " ")
-	if _, err := runtime.GetRunner().SudoCmd(fmt.Sprintf("apt install -y %s", str), true, false); err != nil {
-		return err
-	}
-	return nil
-}
-
-func (d *Debian) Reset(runtime connector.Runtime) error {
-	if _, err := runtime.GetRunner().SudoCmd("rm -rf /etc/apt/sources.list.d", false, false); err != nil {
-		return err
-	}
-
-	if _, err := runtime.GetRunner().SudoCmd("mv /etc/apt/sources.list.kubekey.bak /etc/apt/sources.list", false, false); err != nil {
-		return err
-	}
-
-	if _, err := runtime.GetRunner().SudoCmd("mv /etc/apt/sources.list.d.kubekey.bak /etc/apt/sources.list.d", false, false); err != nil {
-		return err
-	}
-
-	return nil
-}

cli/pkg/bootstrap/os/repository/repository_rpm.go

@@ -1,110 +0,0 @@
-/*
- Copyright 2021 The KubeSphere Authors.
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
-     http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-*/
-
-package repository
-
-import (
-	"fmt"
-	"strings"
-
-	"bytetrade.io/web3os/installer/pkg/core/connector"
-)
-
-type RedhatPackageManager struct {
-	backup bool
-}
-
-func NewRPM() Interface {
-	return &RedhatPackageManager{}
-}
-
-func (r *RedhatPackageManager) Backup(runtime connector.Runtime) error {
-	if _, err := runtime.GetRunner().SudoCmd("mv /etc/yum.repos.d /etc/yum.repos.d.kubekey.bak", false, false); err != nil {
-		return err
-	}
-
-	if _, err := runtime.GetRunner().SudoCmd("mkdir -p /etc/yum.repos.d", false, false); err != nil {
-		return err
-	}
-	r.backup = true
-	return nil
-}
-
-func (r *RedhatPackageManager) IsAlreadyBackUp() bool {
-	return r.backup
-}
-
-func (r *RedhatPackageManager) Add(runtime connector.Runtime, path string) error {
-	if !r.IsAlreadyBackUp() {
-		return fmt.Errorf("linux repository must be backuped before")
-	}
-
-	if _, err := runtime.GetRunner().SudoCmd("rm -rf /etc/yum.repos.d/*", false, false); err != nil {
-		return err
-	}
-
-	content := fmt.Sprintf(`cat << EOF > /etc/yum.repos.d/CentOS-local.repo
-[base-local]
-name=CentOS7.6-local
-
-baseurl=file://%s
-
-enabled=1 
-
-gpgcheck=1
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
-EOF
-`, path)
-	if _, err := runtime.GetRunner().SudoCmd(content, false, false); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (r *RedhatPackageManager) Update(runtime connector.Runtime) error {
-	if _, err := runtime.GetRunner().SudoCmd("yum clean all && yum makecache", true, false); err != nil {
-		return err
-	}
-	return nil
-}
-
-func (r *RedhatPackageManager) Install(runtime connector.Runtime, pkg ...string) error {
-	defaultPkg := []string{"openssl", "socat", "conntrack", "ipset", "ebtables", "chrony", "ipvsadm"}
-	if len(pkg) == 0 {
-		pkg = defaultPkg
-	} else {
-		pkg = append(pkg, defaultPkg...)
-	}
-
-	str := strings.Join(pkg, " ")
-	if _, err := runtime.GetRunner().SudoCmd(fmt.Sprintf("yum install -y %s", str), true, false); err != nil {
-		return err
-	}
-	return nil
-}
-
-func (r *RedhatPackageManager) Reset(runtime connector.Runtime) error {
-	if _, err := runtime.GetRunner().SudoCmd("rm -rf /etc/yum.repos.d", false, false); err != nil {
-		return err
-	}
-
-	if _, err := runtime.GetRunner().SudoCmd("mv /etc/yum.repos.d.kubekey.bak /etc/yum.repos.d", false, false); err != nil {
-		return err
-	}
-
-	return nil
-}

cli/pkg/bootstrap/os/rollback.go

@@ -1,89 +0,0 @@
-/*
- Copyright 2022 The KubeSphere Authors.
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
-     http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-*/
-
-package os
-
-import (
-	"fmt"
-	"path/filepath"
-
-	"bytetrade.io/web3os/installer/pkg/bootstrap/os/repository"
-	"bytetrade.io/web3os/installer/pkg/common"
-	"bytetrade.io/web3os/installer/pkg/core/connector"
-	"bytetrade.io/web3os/installer/pkg/core/ending"
-	"github.com/pkg/errors"
-)
-
-type RollbackUmount struct {
-	common.KubeRollback
-}
-
-func (r *RollbackUmount) Execute(runtime connector.Runtime, result *ending.ActionResult) error {
-	mountPath := filepath.Join(common.TmpDir, "iso")
-	umountCmd := fmt.Sprintf("umount %s", mountPath)
-	if _, err := runtime.GetRunner().SudoCmd(umountCmd, false, false); err != nil {
-		return errors.Wrapf(errors.WithStack(err), "umount %s failed", mountPath)
-	}
-	return nil
-}
-
-type RecoverBackupSuccessNode struct {
-	common.KubeRollback
-}
-
-func (r *RecoverBackupSuccessNode) Execute(runtime connector.Runtime, result *ending.ActionResult) error {
-	if result.Status == ending.SUCCESS {
-		host := runtime.RemoteHost()
-		repo, ok := host.GetCache().Get("repo")
-		if !ok {
-			return errors.New("get repo failed by host cache")
-		}
-
-		re := repo.(repository.Interface)
-		if err := re.Reset(runtime); err != nil {
-			return errors.Wrapf(errors.WithStack(err), "reset repository failed")
-		}
-	}
-
-	mountPath := filepath.Join(common.TmpDir, "iso")
-	umountCmd := fmt.Sprintf("umount %s", mountPath)
-	if _, err := runtime.GetRunner().SudoCmd(umountCmd, false, false); err != nil {
-		return errors.Wrapf(errors.WithStack(err), "umount %s failed", mountPath)
-	}
-	return nil
-}
-
-type RecoverRepository struct {
-	common.KubeRollback
-}
-
-func (r *RecoverRepository) Execute(runtime connector.Runtime, result *ending.ActionResult) error {
-	host := runtime.RemoteHost()
-	repo, ok := host.GetCache().Get("repo")
-	if !ok {
-		return errors.New("get repo failed by host cache")
-	}
-
-	re := repo.(repository.Interface)
-	_ = re.Reset(runtime)
-
-	mountPath := filepath.Join(common.TmpDir, "iso")
-	umountCmd := fmt.Sprintf("umount %s", mountPath)
-	if _, err := runtime.GetRunner().SudoCmd(umountCmd, false, false); err != nil {
-		return errors.Wrapf(errors.WithStack(err), "umount %s failed", mountPath)
-	}
-	return nil
-}