更新RMDC系统的模块SKILL

2026-02-02 15:06:28 +08:00
parent 93624efdab
commit a02ac14481
89 changed files with 8101 additions and 2417 deletions
--- a/1-AgentSkills/managing-observability/scripts/verify-observability.sh
+++ b/1-AgentSkills/managing-observability/scripts/verify-observability.sh
@@ -0,0 +1,128 @@
+#!/bin/bash
+# verify-observability.sh - 验证可观测性规范
+# 依赖: grep
+# 用法: ./verify-observability.sh [check-type]
+#   check-type: all|logging|audit|metrics (默认 all)
+
+set -e
+
+CHECK_TYPE=${1:-all}
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+PROJECT_ROOT="${SCRIPT_DIR}/../../.."
+
+echo "=== RMDC 可观测性验证 ==="
+echo "检查类型: ${CHECK_TYPE}"
+echo ""
+
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+NC='\033[0m'
+
+pass() { echo -e "${GREEN}[PASS]${NC} $1"; }
+fail() { echo -e "${RED}[FAIL]${NC} $1"; }
+warn() { echo -e "${YELLOW}[WARN]${NC} $1"; }
+
+# 1. 日志规范检查
+check_logging() {
+    echo "--- 日志规范检查 ---"
+
+    # 检查是否使用结构化日志
+    UNSTRUCTURED=$(grep -rn 'log\.\(Info\|Error\|Warn\)f\?' --include="*.go" "${PROJECT_ROOT}" 2>/dev/null | \
+        grep -v "WithFields" | grep -v "_test.go" | head -10)
+
+    if [ -n "$UNSTRUCTURED" ]; then
+        warn "发现非结构化日志调用:"
+        echo "$UNSTRUCTURED"
+    else
+        pass "日志调用规范"
+    fi
+
+    # 检查敏感信息泄露
+    SENSITIVE=$(grep -rn 'password\|token\|secret' --include="*.go" "${PROJECT_ROOT}" 2>/dev/null | \
+        grep -i 'log\.' | grep -v "Mask\|mask\|****" | head -5)
+
+    if [ -n "$SENSITIVE" ]; then
+        warn "可能泄露敏感信息的日志:"
+        echo "$SENSITIVE"
+    else
+        pass "未发现敏感信息泄露"
+    fi
+}
+
+# 2. 审计规范检查
+check_audit() {
+    echo "--- 审计规范检查 ---"
+
+    # 检查是否有审计记录
+    AUDIT_CALLS=$(grep -rn "audit\|Audit" --include="*.go" "${PROJECT_ROOT}" 2>/dev/null | \
+        grep -v "_test.go" | wc -l)
+
+    if [ "$AUDIT_CALLS" -gt 0 ]; then
+        pass "存在审计记录调用 ($AUDIT_CALLS 处)"
+    else
+        warn "未找到审计记录调用"
+    fi
+
+    # 检查关键操作是否有审计
+    for action in "Login\|login" "Create\|create" "Delete\|delete" "Update\|update"; do
+        ACTION_AUDIT=$(grep -rn "$action" --include="*.go" "${PROJECT_ROOT}" 2>/dev/null | \
+            grep -i "audit" | head -1)
+        if [ -n "$ACTION_AUDIT" ]; then
+            pass "操作 $action 有审计"
+        else
+            warn "操作 $action 可能缺少审计"
+        fi
+    done
+}
+
+# 3. 指标规范检查
+check_metrics() {
+    echo "--- 指标规范检查 ---"
+
+    # 检查是否使用 prometheus
+    PROM_USAGE=$(grep -rn "prometheus\|Prometheus" --include="*.go" "${PROJECT_ROOT}" 2>/dev/null | \
+        grep -v "_test.go" | wc -l)
+
+    if [ "$PROM_USAGE" -gt 0 ]; then
+        pass "使用 Prometheus 指标 ($PROM_USAGE 处)"
+    else
+        warn "未找到 Prometheus 指标使用"
+    fi
+
+    # 检查指标命名规范
+    METRICS=$(grep -rn 'prometheus\.New' --include="*.go" "${PROJECT_ROOT}" 2>/dev/null | \
+        grep -oE 'Name:\s*"[^"]+' | grep -oE '"[^"]+' | tr -d '"')
+
+    if [ -n "$METRICS" ]; then
+        echo "发现的指标:"
+        echo "$METRICS" | while read metric; do
+            if echo "$metric" | grep -qE "^rmdc_"; then
+                pass "  $metric"
+            else
+                warn "  $metric (建议以 rmdc_ 开头)"
+            fi
+        done
+    fi
+}
+
+# 执行检查
+case $CHECK_TYPE in
+    logging) check_logging ;;
+    audit)   check_audit ;;
+    metrics) check_metrics ;;
+    all)
+        check_logging
+        echo ""
+        check_audit
+        echo ""
+        check_metrics
+        echo ""
+        echo "=== 所有检查完成 ==="
+        ;;
+    *)
+        echo "未知检查类型: $CHECK_TYPE"
+        echo "可选: all|logging|audit|metrics"
+        exit 1
+        ;;
+esac