feat: 添加MCP服务器测试套件和Kali Linux测试支持

refactor(consul): 将Consul集群作业文件移动到components目录 refactor(vault): 将Vault集群作业文件移动到components目录 refactor(nomad): 将Nomad NFS卷作业文件移动到components目录 fix(ssh): 修复浏览器主机的SSH密钥认证配置 fix(ansible): 更新Ansible配置以支持SSH密钥认证 test: 添加全面的MCP服务器测试脚本和报告 test: 添加Kali Linux测试套件和健康检查 test: 添加自动化测试运行脚本 docs: 更新README以包含测试说明和经验教训 docs: 添加Vault部署指南和测试文档 chore: 更新Makefile添加测试相关命令
2025-09-29 14:00:22 +00:00
parent f72b17a34f
commit c0064b2cad
72 changed files with 6326 additions and 109 deletions
--- a/tf/environments/staging/main.tf
+++ b/tf/environments/staging/main.tf
@@ -0,0 +1,155 @@
+# Staging环境主配置文件
+
+# 引入共享版本配置
+terraform {
+  required_version = ">= 1.6"
+  
+  required_providers {
+    # Oracle Cloud Infrastructure
+    oci = {
+      source  = "oracle/oci"
+      version = "~> 7.20"
+    }
+    
+    # 其他常用提供商
+    random = {
+      source  = "hashicorp/random"
+      version = "~> 3.1"
+    }
+    
+    tls = {
+      source  = "hashicorp/tls"
+      version = "~> 4.0"
+    }
+    
+    local = {
+      source  = "hashicorp/local"
+      version = "~> 2.1"
+    }
+    
+    # Consul Provider
+    consul = {
+      source  = "hashicorp/consul"
+      version = "~> 2.22.0"
+    }
+    
+    # HashiCorp Vault Provider
+    vault = {
+      source  = "hashicorp/vault"
+      version = "~> 4.0"
+    }
+  }
+  
+  # 后端配置
+  backend "local" {
+    path = "terraform.tfstate"
+  }
+}
+
+# Consul Provider配置
+provider "consul" {
+  address    = "100.116.158.95:8500"
+  scheme     = "http"
+  datacenter = "dc1"
+}
+
+# Vault Provider配置
+provider "vault" {
+  address = var.vault_config.address
+  token   = var.vault_token
+}
+
+# 从Consul获取Oracle Cloud配置
+data "consul_keys" "oracle_config" {
+  key {
+    name = "tenancy_ocid"
+    path = "config/staging/oracle/kr/tenancy_ocid"
+  }
+  key {
+    name = "user_ocid"
+    path = "config/staging/oracle/kr/user_ocid"
+  }
+  key {
+    name = "fingerprint"
+    path = "config/staging/oracle/kr/fingerprint"
+  }
+  key {
+    name = "private_key"
+    path = "config/staging/oracle/kr/private_key"
+  }
+}
+
+# 从Consul获取Oracle Cloud美国区域配置
+data "consul_keys" "oracle_config_us" {
+  key {
+    name = "tenancy_ocid"
+    path = "config/staging/oracle/us/tenancy_ocid"
+  }
+  key {
+    name = "user_ocid"
+    path = "config/staging/oracle/us/user_ocid"
+  }
+  key {
+    name = "fingerprint"
+    path = "config/staging/oracle/us/fingerprint"
+  }
+  key {
+    name = "private_key"
+    path = "config/staging/oracle/us/private_key"
+  }
+}
+
+# 使用从Consul获取的配置的OCI Provider
+provider "oci" {
+  tenancy_ocid     = data.consul_keys.oracle_config.var.tenancy_ocid
+  user_ocid        = data.consul_keys.oracle_config.var.user_ocid
+  fingerprint      = data.consul_keys.oracle_config.var.fingerprint
+  private_key      = data.consul_keys.oracle_config.var.private_key
+  region           = "ap-chuncheon-1"
+}
+
+# 美国区域的OCI Provider
+provider "oci" {
+  alias           = "us"
+  tenancy_ocid    = data.consul_keys.oracle_config_us.var.tenancy_ocid
+  user_ocid       = data.consul_keys.oracle_config_us.var.user_ocid
+  fingerprint     = data.consul_keys.oracle_config_us.var.fingerprint
+  private_key     = data.consul_keys.oracle_config_us.var.private_key
+  region          = "us-ashburn-1"
+}
+
+# Oracle Cloud 基础设施
+module "oracle_cloud" {
+  source = "../../providers/oracle-cloud"
+  
+  # 传递变量
+  environment    = var.environment
+  project_name   = var.project_name
+  owner          = var.owner
+  vpc_cidr       = var.vpc_cidr
+  availability_zones = var.availability_zones
+  common_tags    = var.common_tags
+  
+  # 使用从Consul获取的配置
+  oci_config = {
+    tenancy_ocid     = data.consul_keys.oracle_config.var.tenancy_ocid
+    user_ocid        = data.consul_keys.oracle_config.var.user_ocid
+    fingerprint      = data.consul_keys.oracle_config.var.fingerprint
+    private_key      = data.consul_keys.oracle_config.var.private_key
+    region           = "ap-chuncheon-1"
+  }
+  
+  # Staging环境特定配置
+  instance_count = 2
+  instance_size  = "VM.Standard.E2.1.Micro"
+  
+  providers = {
+    oci = oci
+  }
+}
+
+# 输出
+output "oracle_cloud_outputs" {
+  description = "Oracle Cloud 基础设施输出"
+  value       = module.oracle_cloud
+}
--- a/tf/environments/staging/variables.tf
+++ b/tf/environments/staging/variables.tf
@@ -0,0 +1,157 @@
+# Staging环境变量定义
+
+# 环境配置
+variable "environment" {
+  description = "部署环境"
+  type        = string
+  default     = "staging"
+}
+
+variable "project_name" {
+  description = "项目名称"
+  type        = string
+  default     = "mgmt"
+}
+
+variable "owner" {
+  description = "资源所有者"
+  type        = string
+  default     = "ben"
+}
+
+# 网络配置
+variable "vpc_cidr" {
+  description = "VPC CIDR 块"
+  type        = string
+  default     = "10.1.0.0/16"
+}
+
+variable "availability_zones" {
+  description = "可用区列表"
+  type        = list(string)
+  default     = ["a", "b", "c"]
+}
+
+# 标签配置
+variable "common_tags" {
+  description = "通用标签"
+  type        = map(string)
+  default = {
+    Project     = "mgmt"
+    ManagedBy   = "terraform"
+    Owner       = "ben"
+    Environment = "staging"
+  }
+}
+
+# 云服务商特定配置
+variable "cloud_providers" {
+  description = "启用的云服务商"
+  type        = list(string)
+  default     = ["oracle", "huawei", "google", "digitalocean", "aws"]
+}
+
+# Oracle Cloud 配置
+variable "oci_config" {
+  description = "Oracle Cloud 配置"
+  type = object({
+    tenancy_ocid     = string
+    user_ocid        = string
+    fingerprint      = string
+    private_key_path = string
+    region           = string
+  })
+  default = {
+    tenancy_ocid     = ""
+    user_ocid        = ""
+    fingerprint      = ""
+    private_key_path = "~/.oci/oci_api_key.pem"
+    region           = "ap-chuncheon-1"
+  }
+  sensitive = true
+}
+
+# 华为云配置
+variable "huawei_config" {
+  description = "华为云配置"
+  type = object({
+    access_key = string
+    secret_key = string
+    region     = string
+  })
+  default = {
+    access_key = ""
+    secret_key = ""
+    region     = "cn-north-4"
+  }
+  sensitive = true
+}
+
+# Google Cloud 配置
+variable "gcp_config" {
+  description = "Google Cloud 配置"
+  type = object({
+    project_id   = string
+    region       = string
+    zone         = string
+    credentials  = string
+  })
+  default = {
+    project_id   = ""
+    region       = "asia-northeast3"
+    zone         = "asia-northeast3-a"
+    credentials  = ""
+  }
+  sensitive = true
+}
+
+# DigitalOcean 配置
+variable "do_config" {
+  description = "DigitalOcean 配置"
+  type = object({
+    token  = string
+    region = string
+  })
+  default = {
+    token  = ""
+    region = "sgp1"
+  }
+  sensitive = true
+}
+
+# AWS 配置
+variable "aws_config" {
+  description = "AWS 配置"
+  type = object({
+    access_key = string
+    secret_key = string
+    region     = string
+  })
+  default = {
+    access_key = ""
+    secret_key = ""
+    region     = "ap-northeast-1"
+  }
+  sensitive = true
+}
+
+# Vault 配置
+variable "vault_config" {
+  description = "Vault 配置"
+  type = object({
+    address = string
+    token   = string
+  })
+  default = {
+    address = "http://100.116.158.95:8200"
+    token   = ""
+  }
+  sensitive = true
+}
+
+variable "vault_token" {
+  description = "Vault 访问令牌"
+  type        = string
+  default     = ""
+  sensitive   = true
+}