xuqmGroup/XuqmGroup-Server
0
0
派生 0
代码 工单 合并请求 版本发布 百科 动态

fix: use docker ps labels to list services and fetch logs

浏览代码 
Replace compose-file-path-dependent `docker compose -f <path>` calls
with label-based `docker ps` queries so the ops log viewer works on
both public cloud and private deployments regardless of compose file
location.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
这个提交包含在:
XuqmGroup 2026-05-22 23:43:39 +08:00
父节点 5e788fe26b
当前提交 26261263a0
共有 1 个文件被更改,包括 28 次插入13 次删除
显示统计 下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

41
tenant-service/src/main/java/com/xuqm/tenant/service/SystemUpdateService.java
查看文件

@ -60,15 +60,16 @@ public class SystemUpdateService {
// 公开接口
/**
* 返回当前正在运行的服务名列表docker compose ps --filter status=running
* 结果已过滤为 ALLOWED_LOG_SERVICES 白名单内的服务防止枚举非预期服务
* 返回当前正在运行的服务名列表
* 使用 docker ps --format "{{.Label \"com.docker.compose.service\"}}" 枚举运行中容器的服务标签
* 不依赖 compose 文件路径公有云/私有云均可用
* 结果已过滤为 ALLOWED_LOG_SERVICES 白名单内的服务
*/
public List<String> getRunningServices() {
String composeFile = deployRoot + "/docker-compose.yml";
try {
Process p = new ProcessBuilder(
"docker", "compose", "-f", composeFile,
"ps", "--services", "--filter", "status=running"
"docker", "ps",
"--format", "{{.Label \"com.docker.compose.service\"}}"
).redirectErrorStream(true).start();
String out = new String(p.getInputStream().readAllBytes(), StandardCharsets.UTF_8).trim();
p.waitFor();
@ -76,6 +77,7 @@ public class SystemUpdateService {
return Arrays.stream(out.split("\n"))
.map(String::trim)
.filter(s -> !s.isEmpty() && ALLOWED_LOG_SERVICES.contains(s))
.distinct()
.collect(Collectors.toList());
} catch (Exception e) {
log.error("failed to list running services", e);
@ -85,23 +87,36 @@ public class SystemUpdateService {
/**
* 获取指定服务最近 N 行日志上限 1000
* service 名称校验白名单防止注入
* 通过 docker ps 标签找到容器 ID 后使用 docker logs不依赖 compose 文件路径
*/
public String getServiceLogs(String service, int lines) {
if (!ALLOWED_LOG_SERVICES.contains(service)) {
throw new IllegalArgumentException("不允许查看此服务的日志: " + service);
}
int safeLines = Math.min(Math.max(lines, 10), 1000);
String composeFile = deployRoot + "/docker-compose.yml";
try {
Process p = new ProcessBuilder(
"docker", "compose", "-f", composeFile,
"logs", "--tail", String.valueOf(safeLines), "--no-color", service
// 找到对应服务的容器 ID可能有多个取第一个
Process psProc = new ProcessBuilder(
"docker", "ps",
"--filter", "label=com.docker.compose.service=" + service,
"--format", "{{.ID}}"
).redirectErrorStream(true).start();
String out = new String(p.getInputStream().readAllBytes(), StandardCharsets.UTF_8);
int exitCode = p.waitFor();
String containerId = new String(psProc.getInputStream().readAllBytes(), StandardCharsets.UTF_8).trim();
psProc.waitFor();
if (containerId.isEmpty()) {
return "(服务 " + service + " 当前没有运行中的容器)";
}
// 取第一行如有多个容器
String firstId = containerId.split("\n")[0].trim();
Process logsProc = new ProcessBuilder(
"docker", "logs", "--tail", String.valueOf(safeLines), "--timestamps", firstId
).redirectErrorStream(true).start();
String out = new String(logsProc.getInputStream().readAllBytes(), StandardCharsets.UTF_8);
int exitCode = logsProc.waitFor();
if (exitCode != 0 && out.isBlank()) {
throw new RuntimeException("docker compose logs 返回非零退出码: " + exitCode);
throw new RuntimeException("docker logs 返回非零退出码: " + exitCode);
}
return out;
} catch (IllegalArgumentException e) {