feat(ops): add object storage management and site-mapping CSV import/export

Ship the Ops backstage 对象存储 page (browse / upload / move / delete /
folder ops) backed by a new object-storage service + handler, with the
shared storage client extended with List/Stat/Copy/Usage/DownloadURL so
both MinIO and Aliyun providers cover the new surface. Add
ForcePathStyle to the object-storage config and treat r2/s3/custom_s3
as external providers so Cloudflare R2 and other S3-compatibles can
share the MinIO client path without spinning up the bundled MinIO.

Also add CSV import/export + template download to the site-domain
mappings page, raise gin MaxMultipartMemory to 8 MiB for the new
multipart endpoints, register Ops swagger routes, and extend the
descriptions-parity test to cover the ops router.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-05-26 01:19:01 +08:00
parent 5f6e9f11da
commit 7d8e82c69f
37 changed files with 5111 additions and 66 deletions
+15 -11
View File
@@ -285,17 +285,18 @@ type QdrantConfig struct {
}
type ObjectStorageConfig struct {
Provider string `mapstructure:"provider"`
Endpoint string `mapstructure:"endpoint"`
AccessKey string `mapstructure:"access_key"`
SecretKey string `mapstructure:"secret_key"`
Bucket string `mapstructure:"bucket"`
UseSSL bool `mapstructure:"use_ssl"`
PublicBaseURL string `mapstructure:"public_base_url"`
BucketACL string `mapstructure:"bucket_acl"`
ObjectACL string `mapstructure:"object_acl"`
SignedURLTTL time.Duration `mapstructure:"signed_url_ttl"`
Region string `mapstructure:"region"`
Provider string `mapstructure:"provider"`
Endpoint string `mapstructure:"endpoint"`
AccessKey string `mapstructure:"access_key"`
SecretKey string `mapstructure:"secret_key"`
Bucket string `mapstructure:"bucket"`
UseSSL bool `mapstructure:"use_ssl"`
PublicBaseURL string `mapstructure:"public_base_url"`
BucketACL string `mapstructure:"bucket_acl"`
ObjectACL string `mapstructure:"object_acl"`
SignedURLTTL time.Duration `mapstructure:"signed_url_ttl"`
Region string `mapstructure:"region"`
ForcePathStyle bool `mapstructure:"force_path_style"`
}
type JWTConfig struct {
@@ -971,6 +972,9 @@ func applyEnvOverrides(cfg *Config) {
if region, ok := lookupNonEmptyEnv("OBJECT_STORAGE_REGION"); ok {
cfg.ObjectStorage.Region = region
}
if forcePathStyle, ok := lookupBoolEnv("OBJECT_STORAGE_FORCE_PATH_STYLE"); ok {
cfg.ObjectStorage.ForcePathStyle = forcePathStyle
}
if useSSL, ok := lookupBoolEnv("OBJECT_STORAGE_USE_SSL"); ok {
cfg.ObjectStorage.UseSSL = useSSL
}
@@ -112,12 +112,14 @@ func TestLoadAppliesObjectStorageEnvOverrides(t *testing.T) {
t.Setenv("OBJECT_STORAGE_BUCKET_ACL", "private")
t.Setenv("OBJECT_STORAGE_OBJECT_ACL", "public-read")
t.Setenv("OBJECT_STORAGE_SIGNED_URL_TTL", "45m")
t.Setenv("OBJECT_STORAGE_FORCE_PATH_STYLE", "true")
configPath := writeTestConfig(t, `
object_storage:
bucket_acl: public-read
object_acl: private
signed_url_ttl: 10m
force_path_style: false
`)
cfg, err := Load(configPath)
@@ -134,6 +136,9 @@ object_storage:
if cfg.ObjectStorage.SignedURLTTL != 45*time.Minute {
t.Fatalf("expected env signed url ttl, got %s", cfg.ObjectStorage.SignedURLTTL)
}
if !cfg.ObjectStorage.ForcePathStyle {
t.Fatal("expected env force path style true")
}
}
func TestLoadAppliesBrandLibraryDefaults(t *testing.T) {