fix: entrance policy update by upgrade (#2295)

framework/app-service/.olares/config/cluster/deploy/appservice_deploy.yaml

@@ -170,7 +170,7 @@ spec:
       priorityClassName: "system-cluster-critical"
       containers:
       - name: app-service
-        image: beclab/app-service:0.4.67
+        image: beclab/app-service:0.4.68
         imagePullPolicy: IfNotPresent
         securityContext:
           runAsUser: 0
@@ -228,6 +228,8 @@ spec:
           valueFrom:
             fieldRef:
               fieldPath: status.hostIP
+        - name: OLARESD_HOST
+          value: $(HOSTIP):18088
         volumeMounts:
         - mountPath: /charts
           name: charts-store

framework/app-service/controllers/application_controller.go

@@ -376,6 +376,14 @@ func (r *ApplicationReconciler) createApplication(ctx context.Context, req ctrl.
 
 func (r *ApplicationReconciler) updateApplication(ctx context.Context, req ctrl.Request,
 	deployment client.Object, app *appv1alpha1.Application, name string) error {
+	// Skip update if triggered by app modification (not deployment change)
+	if app.Annotations != nil {
+		if lastVersion := app.Annotations[deploymentResourceVersionAnnotation]; lastVersion == deployment.GetResourceVersion() {
+			klog.Infof("skip updateApplication: deployment %s not changed, triggered by app modification", deployment.GetName())
+			return nil
+		}
+	}
+
 	appCopy := app.DeepCopy()
 	appNames := getAppName(deployment)
 	isMultiApp := len(appNames) > 1
@@ -406,7 +414,7 @@ func (r *ApplicationReconciler) updateApplication(ctx context.Context, req ctrl.
 	} else {
 		appid = appv1alpha1.AppName(name).GetAppID()
 	}
-	_, sharedEntrances := r.getAppSettings(ctx, name, appid, owner, deployment, isMultiApp, entrancesMap[name])
+	settings, sharedEntrances := r.getAppSettings(ctx, name, appid, owner, deployment, isMultiApp, entrancesMap[name])
 
 	appCopy.Spec.Name = name
 	appCopy.Spec.Namespace = deployment.GetNamespace()
@@ -415,7 +423,21 @@ func (r *ApplicationReconciler) updateApplication(ctx context.Context, req ctrl.
 	appCopy.Spec.Icon = icon
 	appCopy.Spec.SharedEntrances = sharedEntrances
 	appCopy.Spec.Ports = servicePortsMap[name]
-	appCopy.Spec.Entrances = entrancesMap[name]
+
+	// Merge entrances: preserve authLevel from existing, update other fields
+	appCopy.Spec.Entrances = mergeEntrances(app.Spec.Entrances, entrancesMap[name])
+
+	if appCopy.Spec.Settings == nil {
+		appCopy.Spec.Settings = make(map[string]string)
+	}
+	if settings["defaultThirdLevelDomainConfig"] != "" {
+		appCopy.Spec.Settings["defaultThirdLevelDomainConfig"] = settings["defaultThirdLevelDomainConfig"]
+	}
+	
+	if incomingPolicy := settings[applicationSettingsPolicyKey]; incomingPolicy != "" {
+		existingPolicy := appCopy.Spec.Settings[applicationSettingsPolicyKey]
+		appCopy.Spec.Settings[applicationSettingsPolicyKey] = mergePolicySettings(existingPolicy, incomingPolicy)
+	}
 
 	if tailScale != nil {
 		appCopy.Spec.TailScale = *tailScale
@@ -436,6 +458,13 @@ func (r *ApplicationReconciler) updateApplication(ctx context.Context, req ctrl.
 		}
 	}
 
+	// Record deployment resourceVersion to detect app-only modifications
+	if appCopy.Annotations == nil {
+		appCopy.Annotations = make(map[string]string)
+	}
+	klog.Infof("deploymentname: %s, version: %v", deployment.GetName(), deployment.GetResourceVersion())
+	appCopy.Annotations[deploymentResourceVersionAnnotation] = deployment.GetResourceVersion()
+
 	err = r.Patch(ctx, appCopy, client.MergeFrom(app))
 	if err != nil {
 		klog.Infof("update spec failed %v", err)

framework/app-service/controllers/types.go

@@ -1,10 +1,17 @@
 package controllers
 
+import (
+	"encoding/json"
+
+	appv1alpha1 "bytetrade.io/web3os/app-service/api/app.bytetrade.io/v1alpha1"
+)
+
 const (
-	applicationSettingsPolicyKey = "policy"
-	namespaceFinalizer           = "finalizers.bytetrade.io/namespaces"
-	userFinalizer                = "finalizers.bytetrade.io/users"
-	creator                      = "bytetrade.io/creator"
+	applicationSettingsPolicyKey        = "policy"
+	namespaceFinalizer                  = "finalizers.bytetrade.io/namespaces"
+	userFinalizer                       = "finalizers.bytetrade.io/users"
+	creator                             = "bytetrade.io/creator"
+	deploymentResourceVersionAnnotation = "bytetrade.io/deployment-resource-version"
 )
 
 type applicationSettingsSubPolicy struct {
@@ -20,3 +27,59 @@ type applicationSettingsPolicy struct {
 	OneTime       bool                            `json:"one_time"`
 	Duration      int32                           `json:"valid_duration"`
 }
+
+// mergeEntrances merges new entrances with existing ones.
+// Preserves authLevel from existing entrances, other fields are updated from new entrances.
+func mergeEntrances(existing, incoming []appv1alpha1.Entrance) []appv1alpha1.Entrance {
+	if len(existing) == 0 {
+		return incoming
+	}
+
+	existingByName := make(map[string]*appv1alpha1.Entrance, len(existing))
+	for i := range existing {
+		existingByName[existing[i].Name] = &existing[i]
+	}
+
+	merged := make([]appv1alpha1.Entrance, 0, len(incoming))
+	for _, entry := range incoming {
+		if old, exists := existingByName[entry.Name]; exists {
+			entry.AuthLevel = old.AuthLevel
+		}
+		merged = append(merged, entry)
+	}
+
+	return merged
+}
+
+func mergePolicySettings(existingPolicy, incomingPolicy string) string {
+	if incomingPolicy == "" {
+		return existingPolicy
+	}
+	if existingPolicy == "" {
+		return incomingPolicy
+	}
+
+	var existing, incoming map[string]applicationSettingsPolicy
+	if err := json.Unmarshal([]byte(existingPolicy), &existing); err != nil {
+		return incomingPolicy
+	}
+	if err := json.Unmarshal([]byte(incomingPolicy), &incoming); err != nil {
+		return existingPolicy
+	}
+
+	merged := make(map[string]applicationSettingsPolicy, len(incoming))
+	for name, incomingEntry := range incoming {
+		if existingEntry, exists := existing[name]; exists {
+			incomingEntry.DefaultPolicy = existingEntry.DefaultPolicy
+			incomingEntry.SubPolicies = existingEntry.SubPolicies
+		}
+		merged[name] = incomingEntry
+	}
+
+	result, err := json.Marshal(merged)
+	if err != nil {
+		return existingPolicy
+	}
+
+	return string(result)
+}

framework/app-service/controllers/types_test.go

@@ -0,0 +1,303 @@
+package controllers
+
+import (
+	"encoding/json"
+
+	appv1alpha1 "bytetrade.io/web3os/app-service/api/app.bytetrade.io/v1alpha1"
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+)
+
+var _ = Describe("mergeEntrances", func() {
+	It("should return incoming when existing is empty", func() {
+		incoming := []appv1alpha1.Entrance{
+			{Name: "web", Host: "web-svc", Port: 8080, AuthLevel: "public"},
+		}
+
+		result := mergeEntrances(nil, incoming)
+
+		Expect(result).To(Equal(incoming))
+	})
+
+	It("should return incoming when existing is empty slice", func() {
+		existing := []appv1alpha1.Entrance{}
+		incoming := []appv1alpha1.Entrance{
+			{Name: "web", Host: "web-svc", Port: 8080, AuthLevel: "public"},
+		}
+
+		result := mergeEntrances(existing, incoming)
+
+		Expect(result).To(Equal(incoming))
+	})
+
+	It("should preserve authLevel from existing entrances", func() {
+		existing := []appv1alpha1.Entrance{
+			{Name: "web", Host: "old-svc", Port: 80, AuthLevel: "private"},
+		}
+		incoming := []appv1alpha1.Entrance{
+			{Name: "web", Host: "new-svc", Port: 8080, AuthLevel: "public"},
+		}
+
+		result := mergeEntrances(existing, incoming)
+
+		Expect(result).To(HaveLen(1))
+		Expect(result[0].Name).To(Equal("web"))
+		Expect(result[0].Host).To(Equal("new-svc"))
+		Expect(result[0].Port).To(Equal(int32(8080)))
+		Expect(result[0].AuthLevel).To(Equal("private")) // preserved from existing
+	})
+
+	It("should update other fields from incoming", func() {
+		existing := []appv1alpha1.Entrance{
+			{Name: "web", Host: "old-svc", Port: 80, AuthLevel: "private", Title: "Old Title", Icon: "old-icon"},
+		}
+		incoming := []appv1alpha1.Entrance{
+			{Name: "web", Host: "new-svc", Port: 8080, AuthLevel: "public", Title: "New Title", Icon: "new-icon"},
+		}
+
+		result := mergeEntrances(existing, incoming)
+
+		Expect(result).To(HaveLen(1))
+		Expect(result[0].Host).To(Equal("new-svc"))
+		Expect(result[0].Port).To(Equal(int32(8080)))
+		Expect(result[0].Title).To(Equal("New Title"))
+		Expect(result[0].Icon).To(Equal("new-icon"))
+		Expect(result[0].AuthLevel).To(Equal("private")) // preserved
+	})
+
+	It("should handle new entrance not in existing", func() {
+		existing := []appv1alpha1.Entrance{
+			{Name: "web", Host: "web-svc", Port: 80, AuthLevel: "private"},
+		}
+		incoming := []appv1alpha1.Entrance{
+			{Name: "web", Host: "web-svc", Port: 80, AuthLevel: "public"},
+			{Name: "api", Host: "api-svc", Port: 3000, AuthLevel: "public"},
+		}
+
+		result := mergeEntrances(existing, incoming)
+
+		Expect(result).To(HaveLen(2))
+		// web entrance preserves authLevel
+		Expect(result[0].Name).To(Equal("web"))
+		Expect(result[0].AuthLevel).To(Equal("private"))
+		// api entrance uses incoming authLevel (no existing)
+		Expect(result[1].Name).To(Equal("api"))
+		Expect(result[1].AuthLevel).To(Equal("public"))
+	})
+
+	It("should handle removed entrance from existing", func() {
+		existing := []appv1alpha1.Entrance{
+			{Name: "web", Host: "web-svc", Port: 80, AuthLevel: "private"},
+			{Name: "api", Host: "api-svc", Port: 3000, AuthLevel: "private"},
+		}
+		incoming := []appv1alpha1.Entrance{
+			{Name: "web", Host: "web-svc", Port: 80, AuthLevel: "public"},
+		}
+
+		result := mergeEntrances(existing, incoming)
+
+		Expect(result).To(HaveLen(1))
+		Expect(result[0].Name).To(Equal("web"))
+		Expect(result[0].AuthLevel).To(Equal("private"))
+	})
+
+	It("should handle multiple entrances correctly", func() {
+		existing := []appv1alpha1.Entrance{
+			{Name: "web", Host: "web-svc", Port: 80, AuthLevel: "private"},
+			{Name: "admin", Host: "admin-svc", Port: 9000, AuthLevel: "internal"},
+		}
+		incoming := []appv1alpha1.Entrance{
+			{Name: "web", Host: "web-new", Port: 8080, AuthLevel: "public"},
+			{Name: "admin", Host: "admin-new", Port: 9090, AuthLevel: "public"},
+			{Name: "api", Host: "api-svc", Port: 3000, AuthLevel: "public"},
+		}
+
+		result := mergeEntrances(existing, incoming)
+
+		Expect(result).To(HaveLen(3))
+		// web: authLevel preserved
+		Expect(result[0].Name).To(Equal("web"))
+		Expect(result[0].Host).To(Equal("web-new"))
+		Expect(result[0].AuthLevel).To(Equal("private"))
+		// admin: authLevel preserved
+		Expect(result[1].Name).To(Equal("admin"))
+		Expect(result[1].Host).To(Equal("admin-new"))
+		Expect(result[1].AuthLevel).To(Equal("internal"))
+		// api: new entrance, uses incoming authLevel
+		Expect(result[2].Name).To(Equal("api"))
+		Expect(result[2].AuthLevel).To(Equal("public"))
+	})
+})
+
+var _ = Describe("mergePolicySettings", func() {
+	It("should return existing when incoming is empty", func() {
+		existing := `{"calibreweb-svc":{"default_policy":"system","sub_policies":null,"one_time":false,"valid_duration":0}}`
+
+		result := mergePolicySettings(existing, "")
+
+		Expect(result).To(Equal(existing))
+	})
+
+	It("should return incoming when existing is empty", func() {
+		incoming := `{"calibreweb-svc":{"default_policy":"system","one_time":false,"sub_policies":[{"one_time":true,"policy":"one_factor","uri":"/api/send","valid_duration":0}],"valid_duration":0}}`
+
+		result := mergePolicySettings("", incoming)
+
+		Expect(result).To(Equal(incoming))
+	})
+
+	It("should preserve default_policy from existing", func() {
+		existing := `{"calibreweb-svc":{"default_policy":"private","sub_policies":null,"one_time":false,"valid_duration":0}}`
+		incoming := `{"calibreweb-svc":{"default_policy":"system","sub_policies":null,"one_time":false,"valid_duration":0}}`
+
+		result := mergePolicySettings(existing, incoming)
+
+		var resultPolicy map[string]applicationSettingsPolicy
+		err := json.Unmarshal([]byte(result), &resultPolicy)
+		Expect(err).NotTo(HaveOccurred())
+
+		Expect(resultPolicy["calibreweb-svc"].DefaultPolicy).To(Equal("private"))
+	})
+
+	It("should preserve sub_policies from existing", func() {
+		existing := `{"calibreweb-svc":{"default_policy":"system","sub_policies":[{"uri":"/api/send","policy":"one_factor","one_time":true,"valid_duration":0}],"one_time":false,"valid_duration":0}}`
+		incoming := `{"calibreweb-svc":{"default_policy":"system","sub_policies":[{"uri":"/api/new","policy":"two_factor","one_time":false,"valid_duration":3600}],"one_time":false,"valid_duration":0}}`
+
+		result := mergePolicySettings(existing, incoming)
+
+		var resultPolicy map[string]applicationSettingsPolicy
+		err := json.Unmarshal([]byte(result), &resultPolicy)
+		Expect(err).NotTo(HaveOccurred())
+
+		// sub_policies preserved from existing
+		Expect(resultPolicy["calibreweb-svc"].SubPolicies).To(HaveLen(1))
+		Expect(resultPolicy["calibreweb-svc"].SubPolicies[0].URI).To(Equal("/api/send"))
+		Expect(resultPolicy["calibreweb-svc"].SubPolicies[0].Policy).To(Equal("one_factor"))
+		Expect(resultPolicy["calibreweb-svc"].SubPolicies[0].OneTime).To(BeTrue())
+	})
+
+	It("should preserve both default_policy and sub_policies from existing", func() {
+		existing := `{"calibreweb-svc":{"default_policy":"public","sub_policies":[{"uri":"/api/send","policy":"one_factor","one_time":true,"valid_duration":0}],"one_time":false,"valid_duration":0}}`
+		incoming := `{"calibreweb-svc":{"default_policy":"system","sub_policies":[{"uri":"/api/new","policy":"two_factor","one_time":false,"valid_duration":3600}],"one_time":true,"valid_duration":1800}}`
+
+		result := mergePolicySettings(existing, incoming)
+
+		var resultPolicy map[string]applicationSettingsPolicy
+		err := json.Unmarshal([]byte(result), &resultPolicy)
+		Expect(err).NotTo(HaveOccurred())
+
+		// default_policy preserved from existing
+		Expect(resultPolicy["calibreweb-svc"].DefaultPolicy).To(Equal("public"))
+		// sub_policies preserved from existing
+		Expect(resultPolicy["calibreweb-svc"].SubPolicies).To(HaveLen(1))
+		Expect(resultPolicy["calibreweb-svc"].SubPolicies[0].URI).To(Equal("/api/send"))
+		// other fields use incoming
+		Expect(resultPolicy["calibreweb-svc"].OneTime).To(BeTrue())
+		Expect(resultPolicy["calibreweb-svc"].Duration).To(Equal(int32(1800)))
+	})
+
+	It("should preserve null sub_policies from existing", func() {
+		existing := `{"calibreweb-svc":{"default_policy":"system","sub_policies":null,"one_time":false,"valid_duration":0}}`
+		incoming := `{"calibreweb-svc":{"default_policy":"system","sub_policies":[{"uri":"/api/send","policy":"one_factor","one_time":true,"valid_duration":0}],"one_time":false,"valid_duration":0}}`
+
+		result := mergePolicySettings(existing, incoming)
+
+		var resultPolicy map[string]applicationSettingsPolicy
+		err := json.Unmarshal([]byte(result), &resultPolicy)
+		Expect(err).NotTo(HaveOccurred())
+
+		// sub_policies preserved as null from existing
+		Expect(resultPolicy["calibreweb-svc"].SubPolicies).To(BeNil())
+	})
+
+	It("should add new entrance policy with incoming values", func() {
+		existing := `{"calibreweb-svc":{"default_policy":"private","sub_policies":[{"uri":"/old","policy":"one_factor","one_time":false,"valid_duration":0}],"one_time":false,"valid_duration":0}}`
+		incoming := `{"calibreweb-svc":{"default_policy":"system","sub_policies":null,"one_time":false,"valid_duration":0},"api-svc":{"default_policy":"public","sub_policies":[{"uri":"/api","policy":"two_factor","one_time":true,"valid_duration":3600}],"one_time":false,"valid_duration":0}}`
+
+		result := mergePolicySettings(existing, incoming)
+
+		var resultPolicy map[string]applicationSettingsPolicy
+		err := json.Unmarshal([]byte(result), &resultPolicy)
+		Expect(err).NotTo(HaveOccurred())
+
+		// existing entry: preserved default_policy and sub_policies
+		Expect(resultPolicy["calibreweb-svc"].DefaultPolicy).To(Equal("private"))
+		Expect(resultPolicy["calibreweb-svc"].SubPolicies).To(HaveLen(1))
+		Expect(resultPolicy["calibreweb-svc"].SubPolicies[0].URI).To(Equal("/old"))
+		// new entry: uses incoming values
+		Expect(resultPolicy).To(HaveKey("api-svc"))
+		Expect(resultPolicy["api-svc"].DefaultPolicy).To(Equal("public"))
+		Expect(resultPolicy["api-svc"].SubPolicies).To(HaveLen(1))
+		Expect(resultPolicy["api-svc"].SubPolicies[0].URI).To(Equal("/api"))
+	})
+
+	It("should delete entrance policy not in incoming", func() {
+		existing := `{"calibreweb-svc":{"default_policy":"system","sub_policies":null,"one_time":false,"valid_duration":0},"api-svc":{"default_policy":"public","sub_policies":null,"one_time":false,"valid_duration":0}}`
+		incoming := `{"calibreweb-svc":{"default_policy":"system","sub_policies":null,"one_time":false,"valid_duration":0}}`
+
+		result := mergePolicySettings(existing, incoming)
+
+		var resultPolicy map[string]applicationSettingsPolicy
+		err := json.Unmarshal([]byte(result), &resultPolicy)
+		Expect(err).NotTo(HaveOccurred())
+
+		Expect(resultPolicy).To(HaveKey("calibreweb-svc"))
+		Expect(resultPolicy).NotTo(HaveKey("api-svc"))
+	})
+
+	It("should handle add, preserve, and delete together", func() {
+		existing := `{
+			"web-svc":{"default_policy":"private","sub_policies":[{"uri":"/web","policy":"one_factor","one_time":false,"valid_duration":0}],"one_time":false,"valid_duration":0},
+			"admin-svc":{"default_policy":"internal","sub_policies":[{"uri":"/admin","policy":"two_factor","one_time":true,"valid_duration":3600}],"one_time":false,"valid_duration":0},
+			"legacy-svc":{"default_policy":"public","sub_policies":null,"one_time":false,"valid_duration":0}
+		}`
+		incoming := `{
+			"web-svc":{"default_policy":"system","sub_policies":null,"one_time":true,"valid_duration":1800},
+			"admin-svc":{"default_policy":"system","sub_policies":[{"uri":"/new","policy":"one_factor","one_time":false,"valid_duration":0}],"one_time":false,"valid_duration":0},
+			"api-svc":{"default_policy":"system","sub_policies":[{"uri":"/api","policy":"one_factor","one_time":false,"valid_duration":0}],"one_time":false,"valid_duration":0}
+		}`
+
+		result := mergePolicySettings(existing, incoming)
+
+		var resultPolicy map[string]applicationSettingsPolicy
+		err := json.Unmarshal([]byte(result), &resultPolicy)
+		Expect(err).NotTo(HaveOccurred())
+
+		// web-svc: default_policy and sub_policies preserved, other fields from incoming
+		Expect(resultPolicy["web-svc"].DefaultPolicy).To(Equal("private"))
+		Expect(resultPolicy["web-svc"].SubPolicies).To(HaveLen(1))
+		Expect(resultPolicy["web-svc"].SubPolicies[0].URI).To(Equal("/web"))
+		Expect(resultPolicy["web-svc"].OneTime).To(BeTrue())
+		Expect(resultPolicy["web-svc"].Duration).To(Equal(int32(1800)))
+		// admin-svc: default_policy and sub_policies preserved
+		Expect(resultPolicy["admin-svc"].DefaultPolicy).To(Equal("internal"))
+		Expect(resultPolicy["admin-svc"].SubPolicies).To(HaveLen(1))
+		Expect(resultPolicy["admin-svc"].SubPolicies[0].URI).To(Equal("/admin"))
+		Expect(resultPolicy["admin-svc"].SubPolicies[0].Policy).To(Equal("two_factor"))
+		// api-svc: new entry, uses incoming values
+		Expect(resultPolicy).To(HaveKey("api-svc"))
+		Expect(resultPolicy["api-svc"].DefaultPolicy).To(Equal("system"))
+		Expect(resultPolicy["api-svc"].SubPolicies).To(HaveLen(1))
+		Expect(resultPolicy["api-svc"].SubPolicies[0].URI).To(Equal("/api"))
+		// legacy-svc: deleted (not in incoming)
+		Expect(resultPolicy).NotTo(HaveKey("legacy-svc"))
+	})
+
+	It("should return incoming when existing JSON is invalid", func() {
+		existing := `invalid json`
+		incoming := `{"calibreweb-svc":{"default_policy":"system","sub_policies":null,"one_time":false,"valid_duration":0}}`
+
+		result := mergePolicySettings(existing, incoming)
+
+		Expect(result).To(Equal(incoming))
+	})
+
+	It("should return existing when incoming JSON is invalid", func() {
+		existing := `{"calibreweb-svc":{"default_policy":"system","sub_policies":null,"one_time":false,"valid_duration":0}}`
+		incoming := `invalid json`
+
+		result := mergePolicySettings(existing, incoming)
+
+		Expect(result).To(Equal(existing))
+	})
+})

framework/app-service/pkg/appinstaller/helm_utils.go

@@ -6,7 +6,7 @@ import (
 	"os"
 	"path/filepath"
 
-	"k8s.io/apimachinery/pkg/api/errors"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
 
 	"bytetrade.io/web3os/app-service/api/app.bytetrade.io/v1alpha1"
 	"bytetrade.io/web3os/app-service/pkg/appcfg"
@@ -258,6 +258,13 @@ func (h *HelmOps) SetValues() (values map[string]interface{}, err error) {
 
 	klog.Infof("values[node]: %#v", values["nodes"])
 
+	deviceName, err := utils.GetDeviceName()
+	if err != nil {
+		klog.Errorf("failed to get deviceName %v", err)
+		return values, err
+	}
+
+	values["deviceName"] = deviceName
 	return values, err
 }
 
@@ -296,7 +303,7 @@ func (h *HelmOps) getInstalledApps(ctx context.Context) (installed bool, app []*
 func (h *HelmOps) AddEnvironmentVariables(values map[string]interface{}) error {
 	values[constants.OlaresEnvHelmValuesKey] = make(map[string]interface{})
 	appEnv, err := h.client.AppClient.SysV1alpha1().AppEnvs(h.app.Namespace).Get(h.ctx, apputils.FormatAppEnvName(h.app.AppName, h.app.OwnerName), metav1.GetOptions{})
-	if errors.IsNotFound(err) {
+	if apierrors.IsNotFound(err) {
 		return nil
 	}
 	if err != nil {

framework/app-service/pkg/appstate/downloading_app.go

@@ -181,6 +181,14 @@ func (p *DownloadingApp) exec(ctx context.Context) error {
 	}
 	values["nodes"] = nodeInfo
 
+	deviceName, err := utils.GetDeviceName()
+	if err != nil {
+		klog.Errorf("failed to get deviceName %v", err)
+		return err
+	}
+
+	values["deviceName"] = deviceName
+
 	refs, err := p.getRefsForImageManager(appConfig, values)
 	if err != nil {
 		klog.Errorf("get image refs from resources failed %v", err)

framework/app-service/pkg/appstate/upgrading_app.go

@@ -235,6 +235,14 @@ func (p *UpgradingApp) exec(ctx context.Context) error {
 	}
 	values["nodes"] = nodeInfo
 
+	deviceName, err := utils.GetDeviceName()
+	if err != nil {
+		klog.Errorf("failed to get deviceName %v", err)
+		return err
+	}
+
+	values["deviceName"] = deviceName
+
 	refs, err := p.getRefsForImageManager(appConfig, values)
 	if err != nil {
 		klog.Errorf("get image refs from resources failed %v", err)

framework/app-service/pkg/utils/k8sutil.go

@@ -4,8 +4,11 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"github.com/go-resty/resty/v2"
 	"net"
+	"net/http"
 	"net/url"
+	"os"
 	"strconv"
 	"strings"
 	"time"
@@ -399,3 +402,69 @@ func GetNodeInfo(ctx context.Context) (ret []api.NodeInfo, err error) {
 	}
 	return
 }
+
+type SystemStatusResponse struct {
+	Code    int    `json:"code"`
+	Message string `json:"message"`
+	Data    struct {
+		TerminusdState            string `json:"terminusdState"`
+		TerminusState             string `json:"terminusState"`
+		TerminusName              string `json:"terminusName"`
+		TerminusVersion           string `json:"terminusVersion"`
+		InstalledTime             int64  `json:"installedTime"`
+		InitializedTime           int64  `json:"initializedTime"`
+		OlaresdVersion            string `json:"olaresdVersion"`
+		DeviceName                string `json:"device_name"`
+		HostName                  string `json:"host_name"`
+		OsType                    string `json:"os_type"`
+		OsArch                    string `json:"os_arch"`
+		OsInfo                    string `json:"os_info"`
+		OsVersion                 string `json:"os_version"`
+		CpuInfo                   string `json:"cpu_info"`
+		GpuInfo                   string `json:"gpu_info"`
+		Memory                    string `json:"memory"`
+		Disk                      string `json:"disk"`
+		WifiConnected             bool   `json:"wifiConnected"`
+		WiredConnected            bool   `json:"wiredConnected"`
+		HostIp                    string `json:"hostIp"`
+		ExternalIp                string `json:"externalIp"`
+		InstallingState           string `json:"installingState"`
+		InstallingProgress        string `json:"installingProgress"`
+		UninstallingState         string `json:"uninstallingState"`
+		UninstallingProgress      string `json:"uninstallingProgress"`
+		UpgradingTarget           string `json:"upgradingTarget"`
+		UpgradingRetryNum         int    `json:"upgradingRetryNum"`
+		UpgradingState            string `json:"upgradingState"`
+		UpgradingStep             string `json:"upgradingStep"`
+		UpgradingProgress         string `json:"upgradingProgress"`
+		UpgradingError            string `json:"upgradingError"`
+		UpgradingDownloadState    string `json:"upgradingDownloadState"`
+		UpgradingDownloadStep     string `json:"upgradingDownloadStep"`
+		UpgradingDownloadProgress string `json:"upgradingDownloadProgress"`
+		UpgradingDownloadError    string `json:"upgradingDownloadError"`
+		CollectingLogsState       string `json:"collectingLogsState"`
+		CollectingLogsError       string `json:"collectingLogsError"`
+		DefaultFrpServer          string `json:"defaultFrpServer"`
+		FrpEnable                 string `json:"frpEnable"`
+	} `json:"data"`
+}
+
+func GetDeviceName() (string, error) {
+	url := fmt.Sprintf("http://%s/system/status", os.Getenv("OLARESD_HOST"))
+	var result SystemStatusResponse
+	client := resty.New()
+	resp, err := client.R().SetResult(&result).Get(url)
+	if err != nil {
+		klog.Errorf("failed to send request to olaresd %v", err)
+		return "", err
+	}
+	if resp.StatusCode() != http.StatusOK {
+		klog.Errorf("failed to get system status from olaresd %v", err)
+		return "", errors.New(string(resp.Body()))
+	}
+	if result.Code != http.StatusOK {
+		return "", fmt.Errorf("not exepcted result code: %v,message: %v", result.Code, result.Message)
+	}
+	klog.Infof("getDeviceName: %#v", result.Data)
+	return result.Data.DeviceName, nil
+}