fix: harden ops runbooks and execution

2026-03-15 11:09:26 +08:00
parent 27b038898d
commit 36f11fa846
10 changed files with 1912 additions and 101 deletions
--- a/cmd/main.go
+++ b/cmd/main.go
@@ -9,15 +9,17 @@ import (
 	"syscall"
 	"time"

-	"xiaji-go/config"
-	"xiaji-go/internal/bot"
-	"xiaji-go/internal/channel"
-	"xiaji-go/internal/feishu"
-	"xiaji-go/internal/qq"
-	"xiaji-go/internal/service"
-	"xiaji-go/internal/web"
-	"xiaji-go/models"
-	"xiaji-go/version"
+	"ops-assistant/config"
+	"ops-assistant/internal/bot"
+	"ops-assistant/internal/channel"
+	"ops-assistant/internal/core/ops"
+	"ops-assistant/internal/core/runbook"
+	"ops-assistant/internal/feishu"
+	"ops-assistant/internal/qq"
+	"ops-assistant/internal/service"
+	"ops-assistant/internal/web"
+	"ops-assistant/models"
+	"ops-assistant/version"

 	"github.com/gin-gonic/gin"
 	"gorm.io/driver/sqlite"
@@ -55,6 +57,10 @@ func main() {
 		log.Fatalf("初始化渠道密钥加密失败: %v", err)
 	}

+	if config.IsWeakPassword(cfg.Admin.Password) {
+		log.Printf("⚠️ admin 密码过弱或为默认值，请尽快修改")
+	}
+
 	// DB 渠道配置覆盖 YAML 配置
 	if err := channel.ApplyChannelConfig(db, cfg); err != nil {
 		log.Printf("⚠️ 渠道配置加载失败，继续使用 YAML: %v", err)
@@ -63,11 +69,17 @@ func main() {
 	finance := service.NewFinanceService(db)
 	defer finance.Close()

+	if err := runbook.SeedDefaultTargets(db); err != nil {
+		log.Printf("⚠️ 初始化ops targets失败: %v", err)
+	}
+
+	opsSvc := ops.BuildDefault(db, cfg.Database.Path, ".")
+
 	ctx, cancel := context.WithCancel(context.Background())
 	defer cancel()

 	if cfg.Telegram.Enabled {
-		tgBot, err := bot.NewTGBot(db, cfg.Telegram.Token, finance)
+		tgBot, err := bot.NewTGBot(db, cfg.Telegram.Token, finance, opsSvc)
 		if err != nil {
 			log.Printf("⚠️ TG Bot 启动失败: %v", err)
 		} else {
@@ -76,7 +88,7 @@ func main() {
 	}

 	if cfg.QQBot.Enabled {
-		qqBot := qq.NewQQBot(db, cfg.QQBot.AppID, cfg.QQBot.Secret, finance)
+		qqBot := qq.NewQQBot(db, cfg.QQBot.AppID, cfg.QQBot.Secret, finance, opsSvc)
 		go qqBot.Start(ctx)
 	}

@@ -91,11 +103,11 @@ func main() {
 		return fmt.Sprintf("reload ok: tg=%v qq=%v feishu=%v", cfg.Telegram.Enabled, cfg.QQBot.Enabled, cfg.Feishu.Enabled), nil
 	}

-	webServer := web.NewWebServer(db, finance, cfg.Server.Port, cfg.Admin.Username, cfg.Admin.Password, cfg.Server.Key, reloadFn)
+	webServer := web.NewWebServer(db, cfg.Database.Path, ".", finance, cfg.Server.Port, cfg.Admin.Username, cfg.Admin.Password, cfg.Server.Key, reloadFn)
 	webServer.RegisterRoutes(engine)

 	if cfg.Feishu.Enabled {
-		fsBot := feishu.NewBot(db, finance, cfg.Feishu.AppID, cfg.Feishu.AppSecret, cfg.Feishu.VerificationToken, cfg.Feishu.EncryptKey)
+		fsBot := feishu.NewBot(db, finance, opsSvc, cfg.Feishu.AppID, cfg.Feishu.AppSecret, cfg.Feishu.VerificationToken, cfg.Feishu.EncryptKey)
 		fsBot.RegisterRoutes(engine)
 		go fsBot.Start(ctx)
 	}
@@ -108,7 +120,7 @@ func main() {
 		}
 	}()

-	log.Println("🦞 Xiaji-Go 已全面启动")
+	log.Println("🛠️ Ops-Assistant 已全面启动")
 	sig := make(chan os.Signal, 1)
 	signal.Notify(sig, syscall.SIGINT, syscall.SIGTERM)
 	<-sig
@@ -122,5 +134,5 @@ func main() {
 		sqlDB.Close()
 	}

-	log.Println("👋 Xiaji-Go 已关闭")
+	log.Println("👋 Ops-Assistant 已关闭")
 }