mirror of
https://github.com/woodchen-ink/certimate.git
synced 2025-07-18 17:31:55 +08:00
refactor: clean code
This commit is contained in:
Fu Diwei
parent
aeaa45b713
commit
26fa8e75bd
@ -9,6 +9,7 @@ import (
|
||||
aliyunAlb "github.com/alibabacloud-go/alb-20200616/v2/client"
|
||||
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
|
||||
"github.com/alibabacloud-go/tea/tea"
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/domain"
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
@ -24,7 +25,9 @@ type AliyunALBDeployer struct {
|
||||
|
||||
func NewAliyunALBDeployer(option *DeployerOption) (Deployer, error) {
|
||||
access := &domain.AliyunAccess{}
|
||||
json.Unmarshal([]byte(option.Access), access)
|
||||
if err := json.Unmarshal([]byte(option.Access), access); err != nil {
|
||||
return nil, xerrors.Wrap(err, "failed to get access")
|
||||
}
|
||||
|
||||
client, err := (&AliyunALBDeployer{}).createSdkClient(
|
||||
access.AccessKeyId,
|
||||
@ -32,7 +35,7 @@ func NewAliyunALBDeployer(option *DeployerOption) (Deployer, error) {
|
||||
option.DeployConfig.GetConfigAsString("region"),
|
||||
)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, xerrors.Wrap(err, "failed to create sdk client")
|
||||
}
|
||||
|
||||
uploader, err := uploader.NewAliyunCASUploader(&uploader.AliyunCASUploaderConfig{
|
||||
@ -41,7 +44,7 @@ func NewAliyunALBDeployer(option *DeployerOption) (Deployer, error) {
|
||||
Region: option.DeployConfig.GetConfigAsString("region"),
|
||||
})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, xerrors.Wrap(err, "failed to create ssl uploader")
|
||||
}
|
||||
|
||||
return &AliyunALBDeployer{
|
||||
@ -119,7 +122,7 @@ func (d *AliyunALBDeployer) deployToLoadbalancer(ctx context.Context) error {
|
||||
}
|
||||
getLoadBalancerAttributeResp, err := d.sdkClient.GetLoadBalancerAttribute(getLoadBalancerAttributeReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'alb.GetLoadBalancerAttribute': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'alb.GetLoadBalancerAttribute'")
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已查询到 ALB 负载均衡实例", getLoadBalancerAttributeResp))
|
||||
@ -138,7 +141,7 @@ func (d *AliyunALBDeployer) deployToLoadbalancer(ctx context.Context) error {
|
||||
}
|
||||
listListenersResp, err := d.sdkClient.ListListeners(listListenersReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'alb.ListListeners': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'alb.ListListeners'")
|
||||
}
|
||||
|
||||
if listListenersResp.Body.Listeners != nil {
|
||||
@ -170,7 +173,7 @@ func (d *AliyunALBDeployer) deployToLoadbalancer(ctx context.Context) error {
|
||||
}
|
||||
listListenersResp, err := d.sdkClient.ListListeners(listListenersReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'alb.ListListeners': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'alb.ListListeners'")
|
||||
}
|
||||
|
||||
if listListenersResp.Body.Listeners != nil {
|
||||
@ -190,17 +193,17 @@ func (d *AliyunALBDeployer) deployToLoadbalancer(ctx context.Context) error {
|
||||
d.infos = append(d.infos, toStr("已查询到 ALB 负载均衡实例下的全部 QUIC 监听", aliListenerIds))
|
||||
|
||||
// 上传证书到 SSL
|
||||
uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已上传证书", uploadResult))
|
||||
d.infos = append(d.infos, toStr("已上传证书", upres))
|
||||
|
||||
// 批量更新监听证书
|
||||
var errs []error
|
||||
for _, aliListenerId := range aliListenerIds {
|
||||
if err := d.updateListenerCertificate(ctx, aliListenerId, uploadResult.CertId); err != nil {
|
||||
if err := d.updateListenerCertificate(ctx, aliListenerId, upres.CertId); err != nil {
|
||||
errs = append(errs, err)
|
||||
}
|
||||
}
|
||||
@ -218,15 +221,15 @@ func (d *AliyunALBDeployer) deployToListener(ctx context.Context) error {
|
||||
}
|
||||
|
||||
// 上传证书到 SSL
|
||||
uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已上传证书", uploadResult))
|
||||
d.infos = append(d.infos, toStr("已上传证书", upres))
|
||||
|
||||
// 更新监听
|
||||
if err := d.updateListenerCertificate(ctx, aliListenerId, uploadResult.CertId); err != nil {
|
||||
if err := d.updateListenerCertificate(ctx, aliListenerId, upres.CertId); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
@ -241,7 +244,7 @@ func (d *AliyunALBDeployer) updateListenerCertificate(ctx context.Context, aliLi
|
||||
}
|
||||
getListenerAttributeResp, err := d.sdkClient.GetListenerAttribute(getListenerAttributeReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'alb.GetListenerAttribute': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'alb.GetListenerAttribute'")
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已查询到 ALB 监听配置", getListenerAttributeResp))
|
||||
@ -256,7 +259,7 @@ func (d *AliyunALBDeployer) updateListenerCertificate(ctx context.Context, aliLi
|
||||
}
|
||||
updateListenerAttributeResp, err := d.sdkClient.UpdateListenerAttribute(updateListenerAttributeReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'alb.UpdateListenerAttribute': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'alb.UpdateListenerAttribute'")
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已更新 ALB 监听配置", updateListenerAttributeResp))
|
||||
|
||||
@ -8,6 +8,7 @@ import (
|
||||
aliyunCdn "github.com/alibabacloud-go/cdn-20180510/v5/client"
|
||||
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
|
||||
"github.com/alibabacloud-go/tea/tea"
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/domain"
|
||||
"github.com/usual2970/certimate/internal/utils/rand"
|
||||
@ -22,14 +23,16 @@ type AliyunCDNDeployer struct {
|
||||
|
||||
func NewAliyunCDNDeployer(option *DeployerOption) (Deployer, error) {
|
||||
access := &domain.AliyunAccess{}
|
||||
json.Unmarshal([]byte(option.Access), access)
|
||||
if err := json.Unmarshal([]byte(option.Access), access); err != nil {
|
||||
return nil, xerrors.Wrap(err, "failed to get access")
|
||||
}
|
||||
|
||||
client, err := (&AliyunCDNDeployer{}).createSdkClient(
|
||||
access.AccessKeyId,
|
||||
access.AccessKeySecret,
|
||||
)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, xerrors.Wrap(err, "failed to create sdk client")
|
||||
}
|
||||
|
||||
return &AliyunCDNDeployer{
|
||||
@ -63,7 +66,7 @@ func (d *AliyunCDNDeployer) Deploy(ctx context.Context) error {
|
||||
}
|
||||
setCdnDomainSSLCertificateResp, err := d.sdkClient.SetCdnDomainSSLCertificate(setCdnDomainSSLCertificateReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'cdn.SetCdnDomainSSLCertificate': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'cdn.SetCdnDomainSSLCertificate'")
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已设置 CDN 域名证书", setCdnDomainSSLCertificateResp))
|
||||
|
||||
@ -9,6 +9,7 @@ import (
|
||||
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
|
||||
aliyunSlb "github.com/alibabacloud-go/slb-20140515/v4/client"
|
||||
"github.com/alibabacloud-go/tea/tea"
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/domain"
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
@ -24,7 +25,9 @@ type AliyunCLBDeployer struct {
|
||||
|
||||
func NewAliyunCLBDeployer(option *DeployerOption) (Deployer, error) {
|
||||
access := &domain.AliyunAccess{}
|
||||
json.Unmarshal([]byte(option.Access), access)
|
||||
if err := json.Unmarshal([]byte(option.Access), access); err != nil {
|
||||
return nil, xerrors.Wrap(err, "failed to get access")
|
||||
}
|
||||
|
||||
client, err := (&AliyunCLBDeployer{}).createSdkClient(
|
||||
access.AccessKeyId,
|
||||
@ -32,7 +35,7 @@ func NewAliyunCLBDeployer(option *DeployerOption) (Deployer, error) {
|
||||
option.DeployConfig.GetConfigAsString("region"),
|
||||
)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, xerrors.Wrap(err, "failed to create sdk client")
|
||||
}
|
||||
|
||||
uploader, err := uploader.NewAliyunSLBUploader(&uploader.AliyunSLBUploaderConfig{
|
||||
@ -41,7 +44,7 @@ func NewAliyunCLBDeployer(option *DeployerOption) (Deployer, error) {
|
||||
Region: option.DeployConfig.GetConfigAsString("region"),
|
||||
})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, xerrors.Wrap(err, "failed to create ssl uploader")
|
||||
}
|
||||
|
||||
return &AliyunCLBDeployer{
|
||||
@ -123,7 +126,7 @@ func (d *AliyunCLBDeployer) deployToLoadbalancer(ctx context.Context) error {
|
||||
}
|
||||
describeLoadBalancerAttributeResp, err := d.sdkClient.DescribeLoadBalancerAttribute(describeLoadBalancerAttributeReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'slb.DescribeLoadBalancerAttribute': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeLoadBalancerAttribute'")
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已查询到 CLB 负载均衡实例", describeLoadBalancerAttributeResp))
|
||||
@ -143,7 +146,7 @@ func (d *AliyunCLBDeployer) deployToLoadbalancer(ctx context.Context) error {
|
||||
}
|
||||
describeLoadBalancerListenersResp, err := d.sdkClient.DescribeLoadBalancerListeners(describeLoadBalancerListenersReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'slb.DescribeLoadBalancerListeners': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeLoadBalancerListeners'")
|
||||
}
|
||||
|
||||
if describeLoadBalancerListenersResp.Body.Listeners != nil {
|
||||
@ -163,17 +166,17 @@ func (d *AliyunCLBDeployer) deployToLoadbalancer(ctx context.Context) error {
|
||||
d.infos = append(d.infos, toStr("已查询到 CLB 负载均衡实例下的全部 HTTPS 监听", aliListenerPorts))
|
||||
|
||||
// 上传证书到 SLB
|
||||
uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已上传证书", uploadResult))
|
||||
d.infos = append(d.infos, toStr("已上传证书", upres))
|
||||
|
||||
// 批量更新监听证书
|
||||
var errs []error
|
||||
for _, aliListenerPort := range aliListenerPorts {
|
||||
if err := d.updateListenerCertificate(ctx, aliLoadbalancerId, aliListenerPort, uploadResult.CertId); err != nil {
|
||||
if err := d.updateListenerCertificate(ctx, aliLoadbalancerId, aliListenerPort, upres.CertId); err != nil {
|
||||
errs = append(errs, err)
|
||||
}
|
||||
}
|
||||
@ -196,15 +199,15 @@ func (d *AliyunCLBDeployer) deployToListener(ctx context.Context) error {
|
||||
}
|
||||
|
||||
// 上传证书到 SLB
|
||||
uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已上传证书", uploadResult))
|
||||
d.infos = append(d.infos, toStr("已上传证书", upres))
|
||||
|
||||
// 更新监听
|
||||
if err := d.updateListenerCertificate(ctx, aliLoadbalancerId, aliListenerPort, uploadResult.CertId); err != nil {
|
||||
if err := d.updateListenerCertificate(ctx, aliLoadbalancerId, aliListenerPort, upres.CertId); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
@ -220,7 +223,7 @@ func (d *AliyunCLBDeployer) updateListenerCertificate(ctx context.Context, aliLo
|
||||
}
|
||||
describeLoadBalancerHTTPSListenerAttributeResp, err := d.sdkClient.DescribeLoadBalancerHTTPSListenerAttribute(describeLoadBalancerHTTPSListenerAttributeReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'slb.DescribeLoadBalancerHTTPSListenerAttribute': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeLoadBalancerHTTPSListenerAttribute'")
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已查询到 CLB HTTPS 监听配置", describeLoadBalancerHTTPSListenerAttributeResp))
|
||||
@ -234,7 +237,7 @@ func (d *AliyunCLBDeployer) updateListenerCertificate(ctx context.Context, aliLo
|
||||
}
|
||||
describeDomainExtensionsResp, err := d.sdkClient.DescribeDomainExtensions(describeDomainExtensionsReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'slb.DescribeDomainExtensions': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeDomainExtensions'")
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已查询到 CLB 扩展域名", describeDomainExtensionsResp))
|
||||
@ -256,7 +259,7 @@ func (d *AliyunCLBDeployer) updateListenerCertificate(ctx context.Context, aliLo
|
||||
}
|
||||
_, err := d.sdkClient.SetDomainExtensionAttribute(setDomainExtensionAttributeReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'slb.SetDomainExtensionAttribute': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'slb.SetDomainExtensionAttribute'")
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -273,7 +276,7 @@ func (d *AliyunCLBDeployer) updateListenerCertificate(ctx context.Context, aliLo
|
||||
}
|
||||
setLoadBalancerHTTPSListenerAttributeResp, err := d.sdkClient.SetLoadBalancerHTTPSListenerAttribute(setLoadBalancerHTTPSListenerAttributeReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'slb.SetLoadBalancerHTTPSListenerAttribute': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'slb.SetLoadBalancerHTTPSListenerAttribute'")
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已更新 CLB HTTPS 监听配置", setLoadBalancerHTTPSListenerAttributeResp))
|
||||
|
||||
@ -9,6 +9,7 @@ import (
|
||||
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
|
||||
aliyunDcdn "github.com/alibabacloud-go/dcdn-20180115/v3/client"
|
||||
"github.com/alibabacloud-go/tea/tea"
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/domain"
|
||||
"github.com/usual2970/certimate/internal/utils/rand"
|
||||
@ -23,14 +24,16 @@ type AliyunDCDNDeployer struct {
|
||||
|
||||
func NewAliyunDCDNDeployer(option *DeployerOption) (Deployer, error) {
|
||||
access := &domain.AliyunAccess{}
|
||||
json.Unmarshal([]byte(option.Access), access)
|
||||
if err := json.Unmarshal([]byte(option.Access), access); err != nil {
|
||||
return nil, xerrors.Wrap(err, "failed to get access")
|
||||
}
|
||||
|
||||
client, err := (&AliyunDCDNDeployer{}).createSdkClient(
|
||||
access.AccessKeyId,
|
||||
access.AccessKeySecret,
|
||||
)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, xerrors.Wrap(err, "failed to create sdk client")
|
||||
}
|
||||
|
||||
return &AliyunDCDNDeployer{
|
||||
@ -70,7 +73,7 @@ func (d *AliyunDCDNDeployer) Deploy(ctx context.Context) error {
|
||||
}
|
||||
setDcdnDomainSSLCertificateResp, err := d.sdkClient.SetDcdnDomainSSLCertificate(setDcdnDomainSSLCertificateReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'dcdn.SetDcdnDomainSSLCertificate': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'dcdn.SetDcdnDomainSSLCertificate'")
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已配置 DCDN 域名证书", setDcdnDomainSSLCertificateResp))
|
||||
|
||||
@ -9,6 +9,7 @@ import (
|
||||
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
|
||||
aliyunNlb "github.com/alibabacloud-go/nlb-20220430/v2/client"
|
||||
"github.com/alibabacloud-go/tea/tea"
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/domain"
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
@ -24,7 +25,9 @@ type AliyunNLBDeployer struct {
|
||||
|
||||
func NewAliyunNLBDeployer(option *DeployerOption) (Deployer, error) {
|
||||
access := &domain.AliyunAccess{}
|
||||
json.Unmarshal([]byte(option.Access), access)
|
||||
if err := json.Unmarshal([]byte(option.Access), access); err != nil {
|
||||
return nil, xerrors.Wrap(err, "failed to get access")
|
||||
}
|
||||
|
||||
client, err := (&AliyunNLBDeployer{}).createSdkClient(
|
||||
access.AccessKeyId,
|
||||
@ -32,7 +35,7 @@ func NewAliyunNLBDeployer(option *DeployerOption) (Deployer, error) {
|
||||
option.DeployConfig.GetConfigAsString("region"),
|
||||
)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, xerrors.Wrap(err, "failed to create sdk client")
|
||||
}
|
||||
|
||||
uploader, err := uploader.NewAliyunCASUploader(&uploader.AliyunCASUploaderConfig{
|
||||
@ -41,7 +44,7 @@ func NewAliyunNLBDeployer(option *DeployerOption) (Deployer, error) {
|
||||
Region: option.DeployConfig.GetConfigAsString("region"),
|
||||
})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, xerrors.Wrap(err, "failed to create ssl uploader")
|
||||
}
|
||||
|
||||
return &AliyunNLBDeployer{
|
||||
@ -117,7 +120,7 @@ func (d *AliyunNLBDeployer) deployToLoadbalancer(ctx context.Context) error {
|
||||
}
|
||||
getLoadBalancerAttributeResp, err := d.sdkClient.GetLoadBalancerAttribute(getLoadBalancerAttributeReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'nlb.GetLoadBalancerAttribute': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'nlb.GetLoadBalancerAttribute'")
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已查询到 NLB 负载均衡实例", getLoadBalancerAttributeResp))
|
||||
@ -136,7 +139,7 @@ func (d *AliyunNLBDeployer) deployToLoadbalancer(ctx context.Context) error {
|
||||
}
|
||||
listListenersResp, err := d.sdkClient.ListListeners(listListenersReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'nlb.ListListeners': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'nlb.ListListeners'")
|
||||
}
|
||||
|
||||
if listListenersResp.Body.Listeners != nil {
|
||||
@ -156,17 +159,17 @@ func (d *AliyunNLBDeployer) deployToLoadbalancer(ctx context.Context) error {
|
||||
d.infos = append(d.infos, toStr("已查询到 NLB 负载均衡实例下的全部 TCPSSL 监听", aliListenerIds))
|
||||
|
||||
// 上传证书到 SSL
|
||||
uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已上传证书", uploadResult))
|
||||
d.infos = append(d.infos, toStr("已上传证书", upres))
|
||||
|
||||
// 批量更新监听证书
|
||||
var errs []error
|
||||
for _, aliListenerId := range aliListenerIds {
|
||||
if err := d.updateListenerCertificate(ctx, aliListenerId, uploadResult.CertId); err != nil {
|
||||
if err := d.updateListenerCertificate(ctx, aliListenerId, upres.CertId); err != nil {
|
||||
errs = append(errs, err)
|
||||
}
|
||||
}
|
||||
@ -184,15 +187,15 @@ func (d *AliyunNLBDeployer) deployToListener(ctx context.Context) error {
|
||||
}
|
||||
|
||||
// 上传证书到 SSL
|
||||
uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已上传证书", uploadResult))
|
||||
d.infos = append(d.infos, toStr("已上传证书", upres))
|
||||
|
||||
// 更新监听
|
||||
if err := d.updateListenerCertificate(ctx, aliListenerId, uploadResult.CertId); err != nil {
|
||||
if err := d.updateListenerCertificate(ctx, aliListenerId, upres.CertId); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
@ -207,7 +210,7 @@ func (d *AliyunNLBDeployer) updateListenerCertificate(ctx context.Context, aliLi
|
||||
}
|
||||
getListenerAttributeResp, err := d.sdkClient.GetListenerAttribute(getListenerAttributeReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'nlb.GetListenerAttribute': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'nlb.GetListenerAttribute'")
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已查询到 NLB 监听配置", getListenerAttributeResp))
|
||||
@ -220,7 +223,7 @@ func (d *AliyunNLBDeployer) updateListenerCertificate(ctx context.Context, aliLi
|
||||
}
|
||||
updateListenerAttributeResp, err := d.sdkClient.UpdateListenerAttribute(updateListenerAttributeReq)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'nlb.UpdateListenerAttribute': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'nlb.UpdateListenerAttribute'")
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已更新 NLB 监听配置", updateListenerAttributeResp))
|
||||
|
||||
@ -7,6 +7,7 @@ import (
|
||||
"fmt"
|
||||
|
||||
"github.com/aliyun/aliyun-oss-go-sdk/oss"
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/domain"
|
||||
)
|
||||
@ -20,7 +21,9 @@ type AliyunOSSDeployer struct {
|
||||
|
||||
func NewAliyunOSSDeployer(option *DeployerOption) (Deployer, error) {
|
||||
access := &domain.AliyunAccess{}
|
||||
json.Unmarshal([]byte(option.Access), access)
|
||||
if err := json.Unmarshal([]byte(option.Access), access); err != nil {
|
||||
return nil, xerrors.Wrap(err, "failed to get access")
|
||||
}
|
||||
|
||||
client, err := (&AliyunOSSDeployer{}).createSdkClient(
|
||||
access.AccessKeyId,
|
||||
@ -28,7 +31,7 @@ func NewAliyunOSSDeployer(option *DeployerOption) (Deployer, error) {
|
||||
option.DeployConfig.GetConfigAsString("endpoint"),
|
||||
)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, xerrors.Wrap(err, "failed to create sdk client")
|
||||
}
|
||||
|
||||
return &AliyunOSSDeployer{
|
||||
@ -63,7 +66,7 @@ func (d *AliyunOSSDeployer) Deploy(ctx context.Context) error {
|
||||
},
|
||||
})
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute sdk request 'oss.PutBucketCnameWithCertificate': %w", err)
|
||||
return xerrors.Wrap(err, "failed to execute sdk request 'oss.PutBucketCnameWithCertificate'")
|
||||
}
|
||||
|
||||
return nil
|
||||
|
||||
@ -204,7 +204,7 @@ func convertPEMToPFX(certificate string, privateKey string, password string) ([]
|
||||
|
||||
pfxData, err := pkcs12.LegacyRC2.Encode(privkey, cert, nil, password)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to encode as pfx %w", err)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return pfxData, nil
|
||||
|
||||
@ -10,6 +10,7 @@ import (
|
||||
hcCdn "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2"
|
||||
hcCdnModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/model"
|
||||
hcCdnRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/region"
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/domain"
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
@ -27,7 +28,7 @@ type HuaweiCloudCDNDeployer struct {
|
||||
func NewHuaweiCloudCDNDeployer(option *DeployerOption) (Deployer, error) {
|
||||
access := &domain.HuaweiCloudAccess{}
|
||||
if err := json.Unmarshal([]byte(option.Access), access); err != nil {
|
||||
return nil, err
|
||||
return nil, xerrors.Wrap(err, "failed to get access")
|
||||
}
|
||||
|
||||
client, err := (&HuaweiCloudCDNDeployer{}).createSdkClient(
|
||||
@ -36,7 +37,7 @@ func NewHuaweiCloudCDNDeployer(option *DeployerOption) (Deployer, error) {
|
||||
option.DeployConfig.GetConfigAsString("region"),
|
||||
)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, xerrors.Wrap(err, "failed to create sdk client")
|
||||
}
|
||||
|
||||
// TODO: SCM 服务与 DNS 服务所支持的区域可能不一致,这里暂时不传而是使用默认值,仅支持华为云国内版
|
||||
@ -46,7 +47,7 @@ func NewHuaweiCloudCDNDeployer(option *DeployerOption) (Deployer, error) {
|
||||
Region: "",
|
||||
})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, xerrors.Wrap(err, "failed to create ssl uploader")
|
||||
}
|
||||
|
||||
return &HuaweiCloudCDNDeployer{
|
||||
@ -87,16 +88,16 @@ func (d *HuaweiCloudCDNDeployer) Deploy(ctx context.Context) error {
|
||||
var updateDomainMultiCertificatesResp *hcCdnModel.UpdateDomainMultiCertificatesResponse
|
||||
if d.option.DeployConfig.GetConfigAsBool("useSCM") {
|
||||
// 上传证书到 SCM
|
||||
uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已上传证书", uploadResult))
|
||||
d.infos = append(d.infos, toStr("已上传证书", upres))
|
||||
|
||||
updateDomainMultiCertificatesReqBodyContent.CertificateType = cast.Int32Ptr(2)
|
||||
updateDomainMultiCertificatesReqBodyContent.SCMCertificateId = cast.StringPtr(uploadResult.CertId)
|
||||
updateDomainMultiCertificatesReqBodyContent.CertName = cast.StringPtr(uploadResult.CertName)
|
||||
updateDomainMultiCertificatesReqBodyContent.SCMCertificateId = cast.StringPtr(upres.CertId)
|
||||
updateDomainMultiCertificatesReqBodyContent.CertName = cast.StringPtr(upres.CertName)
|
||||
} else {
|
||||
updateDomainMultiCertificatesReqBodyContent.CertificateType = cast.Int32Ptr(0)
|
||||
updateDomainMultiCertificatesReqBodyContent.CertName = cast.StringPtr(fmt.Sprintf("certimate-%d", time.Now().UnixMilli()))
|
||||
|
||||
@ -16,6 +16,7 @@ import (
|
||||
hcIam "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3"
|
||||
hcIamModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/model"
|
||||
hcIamRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/region"
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/domain"
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
@ -33,7 +34,7 @@ type HuaweiCloudELBDeployer struct {
|
||||
func NewHuaweiCloudELBDeployer(option *DeployerOption) (Deployer, error) {
|
||||
access := &domain.HuaweiCloudAccess{}
|
||||
if err := json.Unmarshal([]byte(option.Access), access); err != nil {
|
||||
return nil, err
|
||||
return nil, xerrors.Wrap(err, "failed to get access")
|
||||
}
|
||||
|
||||
client, err := (&HuaweiCloudELBDeployer{}).createSdkClient(
|
||||
@ -42,7 +43,7 @@ func NewHuaweiCloudELBDeployer(option *DeployerOption) (Deployer, error) {
|
||||
option.DeployConfig.GetConfigAsString("region"),
|
||||
)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, xerrors.Wrap(err, "failed to create sdk client")
|
||||
}
|
||||
|
||||
uploader, err := uploader.NewHuaweiCloudELBUploader(&uploader.HuaweiCloudELBUploaderConfig{
|
||||
@ -51,7 +52,7 @@ func NewHuaweiCloudELBDeployer(option *DeployerOption) (Deployer, error) {
|
||||
Region: option.DeployConfig.GetConfigAsString("region"),
|
||||
})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, xerrors.Wrap(err, "failed to create ssl uploader")
|
||||
}
|
||||
|
||||
return &HuaweiCloudELBDeployer{
|
||||
@ -73,14 +74,17 @@ func (d *HuaweiCloudELBDeployer) GetInfo() []string {
|
||||
func (d *HuaweiCloudELBDeployer) Deploy(ctx context.Context) error {
|
||||
switch d.option.DeployConfig.GetConfigAsString("resourceType") {
|
||||
case "certificate":
|
||||
// 部署到指定证书
|
||||
if err := d.deployToCertificate(ctx); err != nil {
|
||||
return err
|
||||
}
|
||||
case "loadbalancer":
|
||||
// 部署到指定负载均衡器
|
||||
if err := d.deployToLoadbalancer(ctx); err != nil {
|
||||
return err
|
||||
}
|
||||
case "listener":
|
||||
// 部署到指定监听器
|
||||
if err := d.deployToListener(ctx); err != nil {
|
||||
return err
|
||||
}
|
||||
@ -254,17 +258,17 @@ func (d *HuaweiCloudELBDeployer) deployToLoadbalancer(ctx context.Context) error
|
||||
d.infos = append(d.infos, toStr("已查询到 ELB 负载均衡器下的监听器", hcListenerIds))
|
||||
|
||||
// 上传证书到 SCM
|
||||
uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已上传证书", uploadResult))
|
||||
d.infos = append(d.infos, toStr("已上传证书", upres))
|
||||
|
||||
// 批量更新监听器证书
|
||||
var errs []error
|
||||
for _, hcListenerId := range hcListenerIds {
|
||||
if err := d.updateListenerCertificate(ctx, hcListenerId, uploadResult.CertId); err != nil {
|
||||
if err := d.updateListenerCertificate(ctx, hcListenerId, upres.CertId); err != nil {
|
||||
errs = append(errs, err)
|
||||
}
|
||||
}
|
||||
@ -282,15 +286,15 @@ func (d *HuaweiCloudELBDeployer) deployToListener(ctx context.Context) error {
|
||||
}
|
||||
|
||||
// 上传证书到 SCM
|
||||
uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("已上传证书", uploadResult))
|
||||
d.infos = append(d.infos, toStr("已上传证书", upres))
|
||||
|
||||
// 更新监听器证书
|
||||
if err := d.updateListenerCertificate(ctx, hcListenerId, uploadResult.CertId); err != nil {
|
||||
if err := d.updateListenerCertificate(ctx, hcListenerId, upres.CertId); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
|
||||
@ -3,9 +3,11 @@ package deployer
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
xerrors "github.com/pkg/errors"
|
||||
k8sCore "k8s.io/api/core/v1"
|
||||
k8sMeta "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/client-go/kubernetes"
|
||||
@ -19,12 +21,25 @@ import (
|
||||
type K8sSecretDeployer struct {
|
||||
option *DeployerOption
|
||||
infos []string
|
||||
|
||||
k8sClient *kubernetes.Clientset
|
||||
}
|
||||
|
||||
func NewK8sSecretDeployer(option *DeployerOption) (Deployer, error) {
|
||||
access := &domain.KubernetesAccess{}
|
||||
if err := json.Unmarshal([]byte(option.Access), access); err != nil {
|
||||
return nil, xerrors.Wrap(err, "failed to get access")
|
||||
}
|
||||
|
||||
client, err := (&K8sSecretDeployer{}).createK8sClient(access)
|
||||
if err != nil {
|
||||
return nil, xerrors.Wrap(err, "failed to create k8s client")
|
||||
}
|
||||
|
||||
return &K8sSecretDeployer{
|
||||
option: option,
|
||||
infos: make([]string, 0),
|
||||
k8sClient: client,
|
||||
}, nil
|
||||
}
|
||||
|
||||
@ -37,41 +52,20 @@ func (d *K8sSecretDeployer) GetInfo() []string {
|
||||
}
|
||||
|
||||
func (d *K8sSecretDeployer) Deploy(ctx context.Context) error {
|
||||
access := &domain.KubernetesAccess{}
|
||||
if err := json.Unmarshal([]byte(d.option.Access), access); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
client, err := d.createClient(access)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("kubeClient create success.", nil))
|
||||
|
||||
namespace := d.option.DeployConfig.GetConfigAsString("namespace")
|
||||
secretName := d.option.DeployConfig.GetConfigAsString("secretName")
|
||||
secretDataKeyForCrt := d.option.DeployConfig.GetConfigOrDefaultAsString("secretDataKeyForCrt", "tls.crt")
|
||||
secretDataKeyForKey := d.option.DeployConfig.GetConfigOrDefaultAsString("secretDataKeyForKey", "tls.key")
|
||||
if namespace == "" {
|
||||
namespace = "default"
|
||||
}
|
||||
|
||||
secretName := d.option.DeployConfig.GetConfigAsString("secretName")
|
||||
if secretName == "" {
|
||||
return fmt.Errorf("k8s secret name is empty")
|
||||
}
|
||||
|
||||
secretDataKeyForCrt := d.option.DeployConfig.GetConfigAsString("secretDataKeyForCrt")
|
||||
if secretDataKeyForCrt == "" {
|
||||
namespace = "tls.crt"
|
||||
}
|
||||
|
||||
secretDataKeyForKey := d.option.DeployConfig.GetConfigAsString("secretDataKeyForKey")
|
||||
if secretDataKeyForKey == "" {
|
||||
namespace = "tls.key"
|
||||
return errors.New("`secretName` is required")
|
||||
}
|
||||
|
||||
certX509, err := x509.ParseCertificateFromPEM(d.option.Certificate.Certificate)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to parse certificate: %w", err)
|
||||
return err
|
||||
}
|
||||
|
||||
secretPayload := k8sCore.Secret{
|
||||
@ -90,17 +84,16 @@ func (d *K8sSecretDeployer) Deploy(ctx context.Context) error {
|
||||
},
|
||||
Type: k8sCore.SecretType("kubernetes.io/tls"),
|
||||
}
|
||||
|
||||
secretPayload.Data = make(map[string][]byte)
|
||||
secretPayload.Data[secretDataKeyForCrt] = []byte(d.option.Certificate.Certificate)
|
||||
secretPayload.Data[secretDataKeyForKey] = []byte(d.option.Certificate.PrivateKey)
|
||||
|
||||
// 获取 Secret 实例
|
||||
_, err = client.CoreV1().Secrets(namespace).Get(context.TODO(), secretName, k8sMeta.GetOptions{})
|
||||
_, err = d.k8sClient.CoreV1().Secrets(namespace).Get(context.TODO(), secretName, k8sMeta.GetOptions{})
|
||||
if err != nil {
|
||||
_, err = client.CoreV1().Secrets(namespace).Create(context.TODO(), &secretPayload, k8sMeta.CreateOptions{})
|
||||
_, err = d.k8sClient.CoreV1().Secrets(namespace).Create(context.TODO(), &secretPayload, k8sMeta.CreateOptions{})
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to create k8s secret: %w", err)
|
||||
return xerrors.Wrap(err, "failed to create k8s secret")
|
||||
} else {
|
||||
d.infos = append(d.infos, toStr("Certificate has been created in K8s Secret", nil))
|
||||
return nil
|
||||
@ -108,9 +101,9 @@ func (d *K8sSecretDeployer) Deploy(ctx context.Context) error {
|
||||
}
|
||||
|
||||
// 更新 Secret 实例
|
||||
_, err = client.CoreV1().Secrets(namespace).Update(context.TODO(), &secretPayload, k8sMetaV1.UpdateOptions{})
|
||||
_, err = d.k8sClient.CoreV1().Secrets(namespace).Update(context.TODO(), &secretPayload, k8sMeta.UpdateOptions{})
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to update k8s secret: %w", err)
|
||||
return xerrors.Wrap(err, "failed to update k8s secret")
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("Certificate has been updated to K8s Secret", nil))
|
||||
@ -118,7 +111,7 @@ func (d *K8sSecretDeployer) Deploy(ctx context.Context) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (d *K8sSecretDeployer) createClient(access *domain.KubernetesAccess) (*kubernetes.Clientset, error) {
|
||||
func (d *K8sSecretDeployer) createK8sClient(access *domain.KubernetesAccess) (*kubernetes.Clientset, error) {
|
||||
var config *rest.Config
|
||||
var err error
|
||||
if access.KubeConfig == "" {
|
||||
@ -129,7 +122,6 @@ func (d *K8sSecretDeployer) createClient(access *domain.KubernetesAccess) (*kube
|
||||
return nil, err
|
||||
}
|
||||
config, err = kubeConfig.ClientConfig()
|
||||
|
||||
}
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@ -139,5 +131,6 @@ func (d *K8sSecretDeployer) createClient(access *domain.KubernetesAccess) (*kube
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return client, nil
|
||||
}
|
||||
|
||||
@ -3,12 +3,13 @@ package deployer
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"os/exec"
|
||||
"runtime"
|
||||
|
||||
"github.com/usual2970/certimate/internal/domain"
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/fs"
|
||||
)
|
||||
|
||||
@ -45,17 +46,12 @@ func (d *LocalDeployer) GetInfo() []string {
|
||||
}
|
||||
|
||||
func (d *LocalDeployer) Deploy(ctx context.Context) error {
|
||||
access := &domain.LocalAccess{}
|
||||
if err := json.Unmarshal([]byte(d.option.Access), access); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// 执行前置命令
|
||||
preCommand := d.option.DeployConfig.GetConfigAsString("preCommand")
|
||||
if preCommand != "" {
|
||||
stdout, stderr, err := d.execCommand(preCommand)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to run pre-command: %w, stdout: %s, stderr: %s", err, stdout, stderr)
|
||||
return xerrors.Wrapf(err, "failed to run pre-command, stdout: %s, stderr: %s", stdout, stderr)
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("执行前置命令成功", stdout))
|
||||
@ -65,13 +61,13 @@ func (d *LocalDeployer) Deploy(ctx context.Context) error {
|
||||
switch d.option.DeployConfig.GetConfigOrDefaultAsString("format", certFormatPEM) {
|
||||
case certFormatPEM:
|
||||
if err := fs.WriteFileString(d.option.DeployConfig.GetConfigAsString("certPath"), d.option.Certificate.Certificate); err != nil {
|
||||
return fmt.Errorf("failed to save certificate file: %w", err)
|
||||
return err
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("保存证书成功", nil))
|
||||
|
||||
if err := fs.WriteFileString(d.option.DeployConfig.GetConfigAsString("keyPath"), d.option.Certificate.PrivateKey); err != nil {
|
||||
return fmt.Errorf("failed to save private key file: %w", err)
|
||||
return err
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("保存私钥成功", nil))
|
||||
@ -83,11 +79,11 @@ func (d *LocalDeployer) Deploy(ctx context.Context) error {
|
||||
d.option.DeployConfig.GetConfigAsString("pfxPassword"),
|
||||
)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to convert pem to pfx %w", err)
|
||||
return err
|
||||
}
|
||||
|
||||
if err := fs.WriteFile(d.option.DeployConfig.GetConfigAsString("certPath"), pfxData); err != nil {
|
||||
return fmt.Errorf("failed to save certificate file: %w", err)
|
||||
return err
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("保存证书成功", nil))
|
||||
@ -101,11 +97,11 @@ func (d *LocalDeployer) Deploy(ctx context.Context) error {
|
||||
d.option.DeployConfig.GetConfigAsString("jksStorepass"),
|
||||
)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to convert pem to pfx %w", err)
|
||||
return err
|
||||
}
|
||||
|
||||
if err := fs.WriteFile(d.option.DeployConfig.GetConfigAsString("certPath"), jksData); err != nil {
|
||||
return fmt.Errorf("failed to save certificate file: %w", err)
|
||||
return err
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("保存证书成功", nil))
|
||||
@ -116,7 +112,7 @@ func (d *LocalDeployer) Deploy(ctx context.Context) error {
|
||||
if command != "" {
|
||||
stdout, stderr, err := d.execCommand(command)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to run command: %w, stdout: %s, stderr: %s", err, stdout, stderr)
|
||||
return xerrors.Wrapf(err, "failed to run command, stdout: %s, stderr: %s", stdout, stderr)
|
||||
}
|
||||
|
||||
d.infos = append(d.infos, toStr("执行命令成功", stdout))
|
||||
@ -146,7 +142,7 @@ func (d *LocalDeployer) execCommand(command string) (string, string, error) {
|
||||
}
|
||||
|
||||
default:
|
||||
return "", "", fmt.Errorf("unsupported shell")
|
||||
return "", "", errors.New("unsupported shell")
|
||||
}
|
||||
|
||||
var stdoutBuf bytes.Buffer
|
||||
@ -156,7 +152,7 @@ func (d *LocalDeployer) execCommand(command string) (string, string, error) {
|
||||
|
||||
err := cmd.Run()
|
||||
if err != nil {
|
||||
return "", "", fmt.Errorf("failed to execute script: %w", err)
|
||||
return "", "", xerrors.Wrap(err, "failed to execute shell script")
|
||||
}
|
||||
|
||||
return stdoutBuf.String(), stderrBuf.String(), err
|
||||
|
||||
@ -24,7 +24,9 @@ type QiniuCDNDeployer struct {
|
||||
|
||||
func NewQiniuCDNDeployer(option *DeployerOption) (*QiniuCDNDeployer, error) {
|
||||
access := &domain.QiniuAccess{}
|
||||
json.Unmarshal([]byte(option.Access), access)
|
||||
if err := json.Unmarshal([]byte(option.Access), access); err != nil {
|
||||
return nil, fmt.Errorf("failed to get access: %w", err)
|
||||
}
|
||||
|
||||
return &QiniuCDNDeployer{
|
||||
option: option,
|
||||
|
||||
@ -9,6 +9,7 @@ import (
|
||||
aliyunCas "github.com/alibabacloud-go/cas-20200407/v3/client"
|
||||
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
|
||||
"github.com/alibabacloud-go/tea/tea"
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/x509"
|
||||
)
|
||||
@ -31,7 +32,7 @@ func NewAliyunCASUploader(config *AliyunCASUploaderConfig) (Uploader, error) {
|
||||
config.Region,
|
||||
)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create sdk client: %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to create sdk client")
|
||||
}
|
||||
|
||||
return &AliyunCASUploader{
|
||||
@ -60,7 +61,7 @@ func (u *AliyunCASUploader) Upload(ctx context.Context, certPem string, privkeyP
|
||||
}
|
||||
listUserCertificateOrderResp, err := u.sdkClient.ListUserCertificateOrder(listUserCertificateOrderReq)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request 'cas.ListUserCertificateOrder': %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.ListUserCertificateOrder'")
|
||||
}
|
||||
|
||||
if listUserCertificateOrderResp.Body.CertificateOrderList != nil {
|
||||
@ -71,7 +72,7 @@ func (u *AliyunCASUploader) Upload(ctx context.Context, certPem string, privkeyP
|
||||
}
|
||||
getUserCertificateDetailResp, err := u.sdkClient.GetUserCertificateDetail(getUserCertificateDetailReq)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request 'cas.GetUserCertificateDetail': %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.GetUserCertificateDetail'")
|
||||
}
|
||||
|
||||
var isSameCert bool
|
||||
@ -120,7 +121,7 @@ func (u *AliyunCASUploader) Upload(ctx context.Context, certPem string, privkeyP
|
||||
}
|
||||
uploadUserCertificateResp, err := u.sdkClient.UploadUserCertificate(uploadUserCertificateReq)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request 'cas.UploadUserCertificate': %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.UploadUserCertificate'")
|
||||
}
|
||||
|
||||
certId = fmt.Sprintf("%d", tea.Int64Value(uploadUserCertificateResp.Body.CertId))
|
||||
|
||||
@ -11,6 +11,7 @@ import (
|
||||
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
|
||||
aliyunSlb "github.com/alibabacloud-go/slb-20140515/v4/client"
|
||||
"github.com/alibabacloud-go/tea/tea"
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/x509"
|
||||
)
|
||||
@ -33,7 +34,7 @@ func NewAliyunSLBUploader(config *AliyunSLBUploaderConfig) (Uploader, error) {
|
||||
config.Region,
|
||||
)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create sdk client: %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to create sdk client")
|
||||
}
|
||||
|
||||
return &AliyunSLBUploader{
|
||||
@ -56,7 +57,7 @@ func (u *AliyunSLBUploader) Upload(ctx context.Context, certPem string, privkeyP
|
||||
}
|
||||
describeServerCertificatesResp, err := u.sdkClient.DescribeServerCertificates(describeServerCertificatesReq)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request 'slb.DescribeServerCertificates': %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeServerCertificates'")
|
||||
}
|
||||
|
||||
if describeServerCertificatesResp.Body.ServerCertificates != nil && describeServerCertificatesResp.Body.ServerCertificates.ServerCertificate != nil {
|
||||
@ -90,7 +91,7 @@ func (u *AliyunSLBUploader) Upload(ctx context.Context, certPem string, privkeyP
|
||||
}
|
||||
uploadServerCertificateResp, err := u.sdkClient.UploadServerCertificate(uploadServerCertificateReq)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request 'slb.UploadServerCertificate': %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to execute sdk request 'slb.UploadServerCertificate'")
|
||||
}
|
||||
|
||||
certId = *uploadServerCertificateResp.Body.ServerCertificateId
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
@ -13,6 +14,7 @@ import (
|
||||
hcIam "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3"
|
||||
hcIamModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/model"
|
||||
hcIamRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/region"
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/cast"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/x509"
|
||||
@ -36,7 +38,7 @@ func NewHuaweiCloudELBUploader(config *HuaweiCloudELBUploaderConfig) (Uploader,
|
||||
config.Region,
|
||||
)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create sdk client: %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to create sdk client: %w")
|
||||
}
|
||||
|
||||
return &HuaweiCloudELBUploader{
|
||||
@ -65,7 +67,7 @@ func (u *HuaweiCloudELBUploader) Upload(ctx context.Context, certPem string, pri
|
||||
}
|
||||
listCertificatesResp, err := u.sdkClient.ListCertificates(listCertificatesReq)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request 'elb.ListCertificates': %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to execute sdk request 'elb.ListCertificates'")
|
||||
}
|
||||
|
||||
if listCertificatesResp.Certificates != nil {
|
||||
@ -107,7 +109,7 @@ func (u *HuaweiCloudELBUploader) Upload(ctx context.Context, certPem string, pri
|
||||
// REF: https://support.huaweicloud.com/api-iam/iam_06_0001.html
|
||||
projectId, err := u.getSdkProjectId(u.config.Region, u.config.AccessKeyId, u.config.SecretAccessKey)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to get SDK project id: %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to get SDK project id")
|
||||
}
|
||||
|
||||
// 生成新证书名(需符合华为云命名规则)
|
||||
@ -128,7 +130,7 @@ func (u *HuaweiCloudELBUploader) Upload(ctx context.Context, certPem string, pri
|
||||
}
|
||||
createCertificateResp, err := u.sdkClient.CreateCertificate(createCertificateReq)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request 'elb.CreateCertificate': %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to execute sdk request 'elb.CreateCertificate'")
|
||||
}
|
||||
|
||||
certId = createCertificateResp.Certificate.Id
|
||||
@ -207,7 +209,7 @@ func (u *HuaweiCloudELBUploader) getSdkProjectId(accessKeyId, secretAccessKey, r
|
||||
if err != nil {
|
||||
return "", err
|
||||
} else if response.Projects == nil || len(*response.Projects) == 0 {
|
||||
return "", fmt.Errorf("no project found")
|
||||
return "", errors.New("no project found")
|
||||
}
|
||||
|
||||
return (*response.Projects)[0].Id, nil
|
||||
|
||||
@ -9,6 +9,7 @@ import (
|
||||
hcScm "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3"
|
||||
hcScmModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3/model"
|
||||
hcScmRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3/region"
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/cast"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/x509"
|
||||
@ -32,7 +33,7 @@ func NewHuaweiCloudSCMUploader(config *HuaweiCloudSCMUploaderConfig) (Uploader,
|
||||
config.Region,
|
||||
)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create sdk client: %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to create sdk client")
|
||||
}
|
||||
|
||||
return &HuaweiCloudSCMUploader{
|
||||
@ -63,7 +64,7 @@ func (u *HuaweiCloudSCMUploader) Upload(ctx context.Context, certPem string, pri
|
||||
}
|
||||
listCertificatesResp, err := u.sdkClient.ListCertificates(listCertificatesReq)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request 'scm.ListCertificates': %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to execute sdk request 'scm.ListCertificates'")
|
||||
}
|
||||
|
||||
if listCertificatesResp.Certificates != nil {
|
||||
@ -76,7 +77,7 @@ func (u *HuaweiCloudSCMUploader) Upload(ctx context.Context, certPem string, pri
|
||||
if exportCertificateResp != nil && exportCertificateResp.HttpStatusCode == 404 {
|
||||
continue
|
||||
}
|
||||
return nil, fmt.Errorf("failed to execute sdk request 'scm.ExportCertificate': %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to execute sdk request 'scm.ExportCertificate'")
|
||||
}
|
||||
|
||||
var isSameCert bool
|
||||
@ -127,7 +128,7 @@ func (u *HuaweiCloudSCMUploader) Upload(ctx context.Context, certPem string, pri
|
||||
}
|
||||
importCertificateResp, err := u.sdkClient.ImportCertificate(importCertificateReq)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request 'scm.ImportCertificate': %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to execute sdk request 'scm.ImportCertificate'")
|
||||
}
|
||||
|
||||
certId = *importCertificateResp.CertificateId
|
||||
|
||||
@ -5,15 +5,13 @@ import (
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
xerrors "github.com/pkg/errors"
|
||||
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
|
||||
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
|
||||
tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/cast"
|
||||
)
|
||||
|
||||
type TencentCloudSSLUploaderConfig struct {
|
||||
Region string `json:"region"`
|
||||
SecretId string `json:"secretId"`
|
||||
SecretKey string `json:"secretKey"`
|
||||
}
|
||||
@ -25,12 +23,11 @@ type TencentCloudSSLUploader struct {
|
||||
|
||||
func NewTencentCloudSSLUploader(config *TencentCloudSSLUploaderConfig) (Uploader, error) {
|
||||
client, err := (&TencentCloudSSLUploader{}).createSdkClient(
|
||||
config.Region,
|
||||
config.SecretId,
|
||||
config.SecretKey,
|
||||
)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create sdk client: %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to create sdk client")
|
||||
}
|
||||
|
||||
return &TencentCloudSSLUploader{
|
||||
@ -40,33 +37,38 @@ func NewTencentCloudSSLUploader(config *TencentCloudSSLUploaderConfig) (Uploader
|
||||
}
|
||||
|
||||
func (u *TencentCloudSSLUploader) Upload(ctx context.Context, certPem string, privkeyPem string) (res *UploadResult, err error) {
|
||||
defer func() {
|
||||
if r := recover(); r != nil {
|
||||
fmt.Printf("Recovered from panic: %+v", r)
|
||||
fmt.Println()
|
||||
}
|
||||
}()
|
||||
|
||||
// 生成新证书名(需符合腾讯云命名规则)
|
||||
var certId, certName string
|
||||
certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli())
|
||||
|
||||
// 上传新证书
|
||||
// REF: https://cloud.tencent.com/document/product/400/41665
|
||||
uploadCertificateReq := &tcSsl.UploadCertificateRequest{
|
||||
Alias: cast.StringPtr(certName),
|
||||
CertificatePublicKey: cast.StringPtr(certPem),
|
||||
CertificatePrivateKey: cast.StringPtr(privkeyPem),
|
||||
Repeatable: cast.BoolPtr(false),
|
||||
}
|
||||
uploadCertificateReq := tcSsl.NewUploadCertificateRequest()
|
||||
uploadCertificateReq.Alias = common.StringPtr(certName)
|
||||
uploadCertificateReq.CertificatePublicKey = common.StringPtr(certPem)
|
||||
uploadCertificateReq.CertificatePrivateKey = common.StringPtr(privkeyPem)
|
||||
uploadCertificateReq.Repeatable = common.BoolPtr(false)
|
||||
uploadCertificateResp, err := u.sdkClient.UploadCertificate(uploadCertificateReq)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request 'ssl.UploadCertificate': %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.UploadCertificate'")
|
||||
}
|
||||
|
||||
// 获取证书详情
|
||||
// REF: https://cloud.tencent.com/document/api/400/41673
|
||||
//
|
||||
// P.S. 上传重复证书会返回上一次的证书 ID,这里需要重新获取一遍证书名(https://github.com/usual2970/certimate/pull/227)
|
||||
describeCertificateDetailReq := &tcSsl.DescribeCertificateDetailRequest{
|
||||
CertificateId: uploadCertificateResp.Response.CertificateId,
|
||||
}
|
||||
describeCertificateDetailReq := tcSsl.NewDescribeCertificateDetailRequest()
|
||||
describeCertificateDetailReq.CertificateId = uploadCertificateResp.Response.CertificateId
|
||||
describeCertificateDetailResp, err := u.sdkClient.DescribeCertificateDetail(describeCertificateDetailReq)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to execute sdk request 'ssl.DescribeCertificateDetail': %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.DescribeCertificateDetail'")
|
||||
}
|
||||
|
||||
certId = *describeCertificateDetailResp.Response.CertificateId
|
||||
@ -77,13 +79,9 @@ func (u *TencentCloudSSLUploader) Upload(ctx context.Context, certPem string, pr
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (u *TencentCloudSSLUploader) createSdkClient(region, secretId, secretKey string) (*tcSsl.Client, error) {
|
||||
if region == "" {
|
||||
region = "ap-guangzhou" // SSL 服务默认区域:广州
|
||||
}
|
||||
|
||||
func (u *TencentCloudSSLUploader) createSdkClient(secretId, secretKey string) (*tcSsl.Client, error) {
|
||||
credential := common.NewCredential(secretId, secretKey)
|
||||
client, err := tcSsl.NewClient(credential, region, profile.NewClientProfile())
|
||||
client, err := tcSsl.NewClient(credential, "", profile.NewClientProfile())
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
@ -1,9 +1,10 @@
|
||||
package fs
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"path/filepath"
|
||||
|
||||
xerrors "github.com/pkg/errors"
|
||||
)
|
||||
|
||||
// 与 [WriteFile] 类似,但写入的是字符串内容。
|
||||
@ -33,18 +34,18 @@ func WriteFile(path string, data []byte) error {
|
||||
|
||||
err := os.MkdirAll(dir, os.ModePerm)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to create directory: %w", err)
|
||||
return xerrors.Wrap(err, "failed to create directory")
|
||||
}
|
||||
|
||||
file, err := os.Create(path)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to create file: %w", err)
|
||||
return xerrors.Wrap(err, "failed to create file")
|
||||
}
|
||||
defer file.Close()
|
||||
|
||||
_, err = file.Write(data)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to write file: %w", err)
|
||||
return xerrors.Wrap(err, "failed to write file")
|
||||
}
|
||||
|
||||
return nil
|
||||
|
||||
@ -5,7 +5,9 @@ import (
|
||||
"crypto/rsa"
|
||||
"crypto/x509"
|
||||
"encoding/pem"
|
||||
"fmt"
|
||||
"errors"
|
||||
|
||||
xerrors "github.com/pkg/errors"
|
||||
)
|
||||
|
||||
// 比较两个 x509.Certificate 对象,判断它们是否是同一张证书。
|
||||
@ -38,12 +40,12 @@ func ParseCertificateFromPEM(certPem string) (cert *x509.Certificate, err error)
|
||||
|
||||
block, _ := pem.Decode(pemData)
|
||||
if block == nil {
|
||||
return nil, fmt.Errorf("failed to decode PEM block")
|
||||
return nil, errors.New("failed to decode PEM block")
|
||||
}
|
||||
|
||||
cert, err = x509.ParseCertificate(block.Bytes)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to parse certificate: %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to parse certificate")
|
||||
}
|
||||
|
||||
return cert, nil
|
||||
@ -62,12 +64,12 @@ func ParseECPrivateKeyFromPEM(privkeyPem string) (privkey *ecdsa.PrivateKey, err
|
||||
|
||||
block, _ := pem.Decode(pemData)
|
||||
if block == nil {
|
||||
return nil, fmt.Errorf("failed to decode PEM block")
|
||||
return nil, errors.New("failed to decode PEM block")
|
||||
}
|
||||
|
||||
privkey, err = x509.ParseECPrivateKey(block.Bytes)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to parse private key: %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to parse private key")
|
||||
}
|
||||
|
||||
return privkey, nil
|
||||
@ -86,12 +88,12 @@ func ParsePKCS1PrivateKeyFromPEM(privkeyPem string) (privkey *rsa.PrivateKey, er
|
||||
|
||||
block, _ := pem.Decode(pemData)
|
||||
if block == nil {
|
||||
return nil, fmt.Errorf("failed to decode PEM block")
|
||||
return nil, errors.New("failed to decode PEM block")
|
||||
}
|
||||
|
||||
privkey, err = x509.ParsePKCS1PrivateKey(block.Bytes)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to parse private key: %w", err)
|
||||
return nil, xerrors.Wrap(err, "failed to parse private key")
|
||||
}
|
||||
|
||||
return privkey, nil
|
||||
@ -108,7 +110,7 @@ func ParsePKCS1PrivateKeyFromPEM(privkeyPem string) (privkey *rsa.PrivateKey, er
|
||||
func ConvertECPrivateKeyToPEM(privkey *ecdsa.PrivateKey) (privkeyPem string, err error) {
|
||||
data, err := x509.MarshalECPrivateKey(privkey)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("failed to marshal EC private key: %w", err)
|
||||
return "", xerrors.Wrap(err, "failed to marshal EC private key")
|
||||
}
|
||||
|
||||
block := &pem.Block{
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user