nodejs/AFFiNE
1
0
Fork 0
mirror of https://github.com/toeverything/AFFiNE.git synced 2026-03-13 09:43:53 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore(server): support elasticsearch apiKey (#12405)

Browse Source
This commit is contained in:
fengmk2
2025-05-21 08:35:51 +00:00
parent ff15779208
commit abfc994180
12 changed files with 36 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.docker/selfhost/schema.json
View File

@@ -825,6 +825,11 @@
"description": "Indexer search service endpoint\n@default \"http://localhost:9308\"\n@environment `AFFINE_INDEXER_SEARCH_ENDPOINT`",
"default": "http://localhost:9308"
},
"provider.apiKey": {
"type": "string",
"description": "Indexer search service api key. Optional for elasticsearch\n@default \"\"\n@environment `AFFINE_INDEXER_SEARCH_API_KEY`\n@link https://www.elastic.co/guide/server/current/api-key.html",
"default": ""
},
"provider.username": {
"type": "string",
"description": "Indexer search service auth username, if not set, basic auth will be disabled. Optional for elasticsearch\n@default \"\"\n@environment `AFFINE_INDEXER_SEARCH_USERNAME`\n@link https://www.elastic.co/guide/en/elasticsearch/reference/current/http-clients.html",

6
.github/actions/deploy/deploy.mjs vendored
View File

@@ -18,8 +18,7 @@ const {
STATIC_IP_NAME,
AFFINE_INDEXER_SEARCH_PROVIDER,
AFFINE_INDEXER_SEARCH_ENDPOINT,
AFFINE_INDEXER_SEARCH_USERNAME,
AFFINE_INDEXER_SEARCH_PASSWORD,
AFFINE_INDEXER_SEARCH_API_KEY,
} = process.env;
const buildType = BUILD_TYPE || 'canary';
@@ -88,8 +87,7 @@ const createHelmCommand = ({ isDryRun }) => {
const indexerOptions = [
`--set-string global.indexer.provider="${AFFINE_INDEXER_SEARCH_PROVIDER}"`,
`--set-string global.indexer.endpoint="${AFFINE_INDEXER_SEARCH_ENDPOINT}"`,
`--set-string global.indexer.username="${AFFINE_INDEXER_SEARCH_USERNAME}"`,
`--set-string global.indexer.password="${AFFINE_INDEXER_SEARCH_PASSWORD}"`,
`--set-string global.indexer.apiKey="${AFFINE_INDEXER_SEARCH_API_KEY}"`,
];
const serviceAnnotations = [
`--set-json web.serviceAccount.annotations="{ \\"iam.gke.io/gcp-service-account\\": \\"${APP_IAM_ACCOUNT}\\" }"`,

6
.github/helm/affine/charts/doc/templates/deployment.yaml vendored
View File

@@ -73,13 +73,11 @@ spec:
value: "{{ .Values.global.indexer.provider }}"
- name: AFFINE_INDEXER_SEARCH_ENDPOINT
value: "{{ .Values.global.indexer.endpoint }}"
- name: AFFINE_INDEXER_SEARCH_USERNAME
value: "{{ .Values.global.indexer.username }}"
- name: AFFINE_INDEXER_SEARCH_PASSWORD
- name: AFFINE_INDEXER_SEARCH_API_KEY
valueFrom:
secretKeyRef:
name: indexer
key: indexer-password
key: indexer-apiKey
- name: AFFINE_SERVER_PORT
value: "{{ .Values.global.docService.port }}"
- name: AFFINE_SERVER_SUB_PATH

6
.github/helm/affine/charts/graphql/templates/deployment.yaml vendored
View File

@@ -71,13 +71,11 @@ spec:
value: "{{ .Values.global.indexer.provider }}"
- name: AFFINE_INDEXER_SEARCH_ENDPOINT
value: "{{ .Values.global.indexer.endpoint }}"
- name: AFFINE_INDEXER_SEARCH_USERNAME
value: "{{ .Values.global.indexer.username }}"
- name: AFFINE_INDEXER_SEARCH_PASSWORD
- name: AFFINE_INDEXER_SEARCH_API_KEY
valueFrom:
secretKeyRef:
name: indexer
key: indexer-password
key: indexer-apiKey
- name: AFFINE_SERVER_PORT
value: "{{ .Values.service.port }}"
- name: AFFINE_SERVER_SUB_PATH

6
.github/helm/affine/charts/graphql/templates/migration.yaml vendored
View File

@@ -48,13 +48,11 @@ spec:
value: "{{ .Values.global.indexer.provider }}"
- name: AFFINE_INDEXER_SEARCH_ENDPOINT
value: "{{ .Values.global.indexer.endpoint }}"
- name: AFFINE_INDEXER_SEARCH_USERNAME
value: "{{ .Values.global.indexer.username }}"
- name: AFFINE_INDEXER_SEARCH_PASSWORD
- name: AFFINE_INDEXER_SEARCH_API_KEY
valueFrom:
secretKeyRef:
name: indexer
key: indexer-password
key: indexer-apiKey
resources:
requests:
cpu: '100m'

6
.github/helm/affine/charts/renderer/templates/deployment.yaml vendored
View File

@@ -73,13 +73,11 @@ spec:
value: "{{ .Values.global.indexer.provider }}"
- name: AFFINE_INDEXER_SEARCH_ENDPOINT
value: "{{ .Values.global.indexer.endpoint }}"
- name: AFFINE_INDEXER_SEARCH_USERNAME
value: "{{ .Values.global.indexer.username }}"
- name: AFFINE_INDEXER_SEARCH_PASSWORD
- name: AFFINE_INDEXER_SEARCH_API_KEY
valueFrom:
secretKeyRef:
name: indexer
key: indexer-password
key: indexer-apiKey
- name: AFFINE_SERVER_PORT
value: "{{ .Values.service.port }}"
- name: AFFINE_SERVER_SUB_PATH

6
.github/helm/affine/charts/sync/templates/deployment.yaml vendored
View File

@@ -73,13 +73,11 @@ spec:
value: "{{ .Values.global.indexer.provider }}"
- name: AFFINE_INDEXER_SEARCH_ENDPOINT
value: "{{ .Values.global.indexer.endpoint }}"
- name: AFFINE_INDEXER_SEARCH_USERNAME
value: "{{ .Values.global.indexer.username }}"
- name: AFFINE_INDEXER_SEARCH_PASSWORD
- name: AFFINE_INDEXER_SEARCH_API_KEY
valueFrom:
secretKeyRef:
name: indexer
key: indexer-password
key: indexer-apiKey
- name: AFFINE_SERVER_PORT
value: "{{ .Values.service.port }}"
- name: AFFINE_SERVER_HOST

4
.github/helm/affine/templates/indexer-secret.yaml vendored
View File

@@ -1,4 +1,4 @@
{{- if .Values.global.indexer.password -}}
{{- if .Values.global.indexer.apiKey -}}
apiVersion: v1
kind: Secret
metadata:
@@ -9,5 +9,5 @@ metadata:
"helm.sh/hook-delete-policy": before-hook-creation
type: Opaque
data:
indexer-password: {{ .Values.global.indexer.password | b64enc }}
indexer-apiKey: {{ .Values.global.indexer.apiKey | b64enc }}
{{- end }}

3
.github/workflows/deploy.yml vendored
View File

@@ -105,8 +105,7 @@ jobs:
STATIC_IP_NAME: ${{ secrets.STATIC_IP_NAME }}
AFFINE_INDEXER_SEARCH_PROVIDER: ${{ secrets.AFFINE_INDEXER_SEARCH_PROVIDER }}
AFFINE_INDEXER_SEARCH_ENDPOINT: ${{ secrets.AFFINE_INDEXER_SEARCH_ENDPOINT }}
AFFINE_INDEXER_SEARCH_USERNAME: ${{ secrets.AFFINE_INDEXER_SEARCH_USERNAME }}
AFFINE_INDEXER_SEARCH_PASSWORD: ${{ secrets.AFFINE_INDEXER_SEARCH_PASSWORD }}
AFFINE_INDEXER_SEARCH_API_KEY: ${{ secrets.AFFINE_INDEXER_SEARCH_API_KEY }}
deploy-done:
needs:

7
packages/backend/server/src/plugins/indexer/config.ts
View File

@@ -16,6 +16,7 @@ declare global {
provider: {
type: SearchProviderType;
endpoint: string;
apiKey: string;
username: string;
password: string;
};
@@ -50,6 +51,12 @@ defineModuleConfig('indexer', {
return z.string().url().safeParse(val);
},
},
'provider.apiKey': {
desc: 'Indexer search service api key. Optional for elasticsearch',
link: 'https://www.elastic.co/guide/server/current/api-key.html',
default: '',
env: ['AFFINE_INDEXER_SEARCH_API_KEY', 'string'],
},
'provider.username': {
desc: 'Indexer search service auth username, if not set, basic auth will be disabled. Optional for elasticsearch',
link: 'https://www.elastic.co/guide/en/elasticsearch/reference/current/http-clients.html',

4
packages/backend/server/src/plugins/indexer/providers/elasticsearch.ts
View File

@@ -248,7 +248,9 @@ export class ElasticsearchProvider extends SearchProvider {
const headers = {
'Content-Type': contentType,
} as Record<string, string>;
if (this.config.provider.password) {
if (this.config.provider.apiKey) {
headers.Authorization = `ApiKey ${this.config.provider.apiKey}`;
} else if (this.config.provider.password) {
headers.Authorization = `Basic ${Buffer.from(`${this.config.provider.username}:${this.config.provider.password}`).toString('base64')}`;
}
const response = await fetch(url, {

6
packages/frontend/admin/src/config.json
View File

@@ -279,6 +279,12 @@
"desc": "Indexer search service endpoint",
"env": "AFFINE_INDEXER_SEARCH_ENDPOINT"
},
"provider.apiKey": {
"type": "String",
"desc": "Indexer search service api key. Optional for elasticsearch",
"link": "https://www.elastic.co/guide/server/current/api-key.html",
"env": "AFFINE_INDEXER_SEARCH_API_KEY"
},
"provider.username": {
"type": "String",
"desc": "Indexer search service auth username, if not set, basic auth will be disabled. Optional for elasticsearch",