diff --git a/.github/ISSUE_TEMPLATE/1-bug_report.yml b/.github/ISSUE_TEMPLATE/1-bug_report.yml index 983614c6..8dd9bca0 100644 --- a/.github/ISSUE_TEMPLATE/1-bug_report.yml +++ b/.github/ISSUE_TEMPLATE/1-bug_report.yml @@ -11,14 +11,14 @@ body: **在提交 Issue 之前,请确认以下事项**: 1. 我**确认**已尝试过使用当前最新版本,并能复现问题。由于开发者精力有限,非当前最新版本的问题将被直接关闭,感谢理解。 - 2. 我**确认**已搜索过[已有的 Issues](https://github.com/usual2970/certimate/issues)(包括已关闭的),没有类似的问题。 + 2. 我**确认**已搜索过[已有的 Issues](https://github.com/certimate-go/certimate/issues)(包括已关闭的),没有类似的问题。 3. 我**确认**已阅读过[文档](https://docs.certimate.me/),没有类似的问题。 4. 请**务必**按照模板规范详细描述问题,否则 Issue 将会被直接关闭。 5. 请保持每个 Issue 只包含一个缺陷报告。如果有多个缺陷,请分别提交 Issue。 **Before you submit the issue, please make sure of the following checklist**: 1. Yes, I'm using the latest release and can reproduce the issue. Issues that are not in the latest version will be closed directly. - 2. Yes, I've searched for [existing issues](https://github.com/usual2970/certimate/issues) (including closed ones) on GitHub and didn't find any similar. + 2. Yes, I've searched for [existing issues](https://github.com/certimate-go/certimate/issues) (including closed ones) on GitHub and didn't find any similar. 3. Yes, I've read the [documentation](https://docs.certimate.me/en/) and didn't find any similar. 4. Please describe the problem in detail according to the template specification, otherwise the issue will be closed directly. 5. Please limit one report per issue. @@ -76,5 +76,5 @@ body: attributes: label: 贡献 / Contribution options: - - label: 我乐意为此贡献代码! / I am interested in contributing to this issue! + - label: 我乐意为此贡献 PR! / I am interested in contributing a PR for this! required: false diff --git a/.github/ISSUE_TEMPLATE/2-feature_request.yml b/.github/ISSUE_TEMPLATE/2-feature_request.yml index 150f23a4..fdfbc9bb 100644 --- a/.github/ISSUE_TEMPLATE/2-feature_request.yml +++ b/.github/ISSUE_TEMPLATE/2-feature_request.yml @@ -11,14 +11,14 @@ body: **在提交 Issue 之前,请确认以下事项**: 1. 我**确认**是基于当前最新大版本而提出的新功能请求或改进意见。 - 2. 我**确认**已搜索过[已有的 Issues](https://github.com/usual2970/certimate/issues)(包括已关闭的),没有类似的问题。 + 2. 我**确认**已搜索过[已有的 Issues](https://github.com/certimate-go/certimate/issues)(包括已关闭的),没有类似的问题。 3. 我**确认**已阅读过[文档](https://docs.certimate.me/),没有类似的问题。 4. 请**务必**按照模板规范详细描述问题,否则 Issue 将会被直接关闭。 5. 请保持每个 Issue 只包含一个功能请求。如果有多个需求,请分别提交 Issue。 **Before you submit the issue, please make sure of the following checklist**: 1. Yes, I'm using the latest release. - 2. Yes, I've searched for [existing issues](https://github.com/usual2970/certimate/issues) (including closed ones) on GitHub and didn't find any similar. + 2. Yes, I've searched for [existing issues](https://github.com/certimate-go/certimate/issues) (including closed ones) on GitHub and didn't find any similar. 3. Yes, I've read the [documentation](https://docs.certimate.me/en/) and didn't find any similar. 4. Please describe the problem in detail according to the template specification, otherwise the issue will be closed directly. 5. Please limit one request per issue. @@ -48,5 +48,5 @@ body: attributes: label: 贡献 / Contribution options: - - label: 我乐意为此贡献代码! / I am interested in contributing to this issue! + - label: 我乐意为此贡献 PR! / I am interested in contributing a PR for this! required: false diff --git a/.github/ISSUE_TEMPLATE/3-questions.yml b/.github/ISSUE_TEMPLATE/3-questions.yml index 98fc013c..2f91b86a 100644 --- a/.github/ISSUE_TEMPLATE/3-questions.yml +++ b/.github/ISSUE_TEMPLATE/3-questions.yml @@ -9,14 +9,14 @@ body: **在提交 Issue 之前,请确认以下事项**: 1. 我**确认**正在使用的是当前最新版本。 - 2. 我**确认**已搜索过[已有的 Issues](https://github.com/usual2970/certimate/issues)(包括已关闭的),没有类似的问题。 + 2. 我**确认**已搜索过[已有的 Issues](https://github.com/certimate-go/certimate/issues)(包括已关闭的),没有类似的问题。 3. 我**确认**已阅读过[文档](https://docs.certimate.me/),没有类似的问题。 4. 请**务必**按照模板规范详细描述问题,否则 Issue 将会被直接关闭。 5. 请保持每个 Issue 只包含一个问题求助。如果有多个问题,请分别提交 Issue。 **Before you submit the issue, please make sure of the following checklist**: 1. Yes, I'm using the latest release. - 2. Yes, I've searched for [existing issues](https://github.com/usual2970/certimate/issues) (including closed ones) on GitHub and didn't find any similar. + 2. Yes, I've searched for [existing issues](https://github.com/certimate-go/certimate/issues) (including closed ones) on GitHub and didn't find any similar. 3. Yes, I've read the [documentation](https://docs.certimate.me/en/) and didn't find any similar. 4. Please describe the problem in detail according to the template specification, otherwise the issue will be closed directly. 5. Please limit one question per issue. diff --git a/.github/workflows/push_image.yml b/.github/workflows/push_image.yml index d700c13b..30351163 100644 --- a/.github/workflows/push_image.yml +++ b/.github/workflows/push_image.yml @@ -32,8 +32,8 @@ jobs: uses: docker/metadata-action@v5 with: images: | - usual2970/certimate - registry.cn-shanghai.aliyuncs.com/usual2970/certimate + certimate/certimate + registry.cn-shanghai.aliyuncs.com/certimate/certimate tags: | type=ref,event=branch type=ref,event=pr @@ -61,4 +61,3 @@ jobs: platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.meta.outputs.tags }} - diff --git a/.github/workflows/push_image_next.yml b/.github/workflows/push_image_next.yml index 3a7074e3..635c238a 100644 --- a/.github/workflows/push_image_next.yml +++ b/.github/workflows/push_image_next.yml @@ -31,8 +31,8 @@ jobs: uses: docker/metadata-action@v5 with: images: | - usual2970/certimate - registry.cn-shanghai.aliyuncs.com/usual2970/certimate + certimate/certimate + registry.cn-shanghai.aliyuncs.com/certimate/certimate tags: | type=ref,event=tag,pattern={{version}} flavor: | diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6bc6ca37..d08fa380 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -65,7 +65,7 @@ jobs: go env -w GOARCH=$ARCH go env -u GOARM fi - go build -ldflags="-s -w -X github.com/usual2970/certimate.Version=${GITHUB_REF#refs/tags/}" -o dist/linux/certimate_${GITHUB_REF#refs/tags/}_linux_$ARCH + go build -ldflags="-s -w -X github.com/certimate-go/certimate.Version=${GITHUB_REF#refs/tags/}" -o dist/linux/certimate_${GITHUB_REF#refs/tags/}_linux_$ARCH done - name: Upload Linux binaries @@ -103,7 +103,7 @@ jobs: mkdir -p dist/darwin for ARCH in amd64 arm64; do go env -w GOARCH=$ARCH - go build -ldflags="-s -w -X github.com/usual2970/certimate.Version=${GITHUB_REF#refs/tags/}" -o dist/darwin/certimate_${GITHUB_REF#refs/tags/}_darwin_$ARCH + go build -ldflags="-s -w -X github.com/certimate-go/certimate.Version=${GITHUB_REF#refs/tags/}" -o dist/darwin/certimate_${GITHUB_REF#refs/tags/}_darwin_$ARCH done - name: Upload macOS binaries @@ -141,7 +141,7 @@ jobs: mkdir -p dist/windows for ARCH in amd64 arm64; do go env -w GOARCH=$ARCH - go build -ldflags="-s -w -X github.com/usual2970/certimate.Version=${GITHUB_REF#refs/tags/}" -o dist/windows/certimate_${GITHUB_REF#refs/tags/}_windows_$ARCH.exe + go build -ldflags="-s -w -X github.com/certimate-go/certimate.Version=${GITHUB_REF#refs/tags/}" -o dist/windows/certimate_${GITHUB_REF#refs/tags/}_windows_$ARCH.exe done - name: Upload Windows binaries @@ -174,7 +174,6 @@ jobs: find dist -type f -not -name "*.exe" -exec chmod +x {} \; - # 为每个二进制文件创建 zip 包 cd dist for bin in certimate_*; do if [[ "$bin" == *".exe" ]]; then @@ -185,7 +184,7 @@ jobs: tmpdir=$(mktemp -d) cp "$bin" "${tmpdir}/${entrypoint}" - cp ../README.md ../LICENSE.md ../CHANGELOG.md "$tmpdir" + cp ../LICENSE ../README.md ../CHANGELOG.md "$tmpdir" if [[ "$bin" == *".exe" ]]; then zip -j "${bin%.exe}.zip" "$tmpdir"/* @@ -196,7 +195,6 @@ jobs: rm -rf "$tmpdir" done - # 创建校验和文件 sha256sum *.zip > checksums.txt - name: Create Release diff --git a/.goreleaser.yml b/.goreleaser.yml index 65ce8d48..b131d4a3 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -11,7 +11,7 @@ builds: main: ./ binary: certimate ldflags: - - -s -w -X github.com/usual2970/certimate.Version={{ .Version }} + - -s -w -X github.com/certimate-go/certimate.Version={{ .Version }} env: - CGO_ENABLED=0 goos: @@ -41,9 +41,9 @@ archives: builds: [build_noncgo] format: "zip" files: - - CHANGELOG.md - - LICENSE.md + - LICENSE - README.md + - CHANGELOG.md checksum: name_template: "checksums.txt" diff --git a/CHANGELOG.md b/CHANGELOG.md index c0249c2e..f4061885 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1 +1 @@ -A full changelog of past releases is available on [GitHub Releases](https://github.com/usual2970/certimate/releases) page. +A full changelog of past releases is available on [GitHub Releases](https://github.com/certimate-go/certimate/releases) page. diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 7327a41d..20e2bc7e 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,78 +1,106 @@ -# 向 Certimate 贡献代码 +# 贡献指南 -感谢你抽出时间来改进 Certimate!以下是向 Certimate 主仓库提交 PR(Pull Request)时的操作指南。 +非常感谢你抽出时间来帮助改进 Certimate!以下是向 Certimate 提交 Pull Request 时的操作指南。 -- [向 Certimate 贡献代码](#向-certimate-贡献代码) - - [前提条件](#前提条件) - - [修改 Go 代码](#修改-go-代码) - - [修改管理页面 (Admin UI)](#修改管理页面-admin-ui) +我们需要保持敏捷和快速迭代,同时也希望确保贡献者能获得尽可能流畅的参与体验。这份贡献指南旨在帮助你熟悉代码库和我们的工作方式,让你可以尽快进入有趣的开发环节。 -## 前提条件 +索引: -- Go 1.24+ (用于修改 Go 代码) -- Node 20+ (用于修改 UI) +- [开发](#开发) + - [要求](#要求) + - [后端代码](#后端代码) + - [前端代码](#前端代码) +- [提交 PR](#提交-pr) + - [提交流程](#提交流程) +- [获取帮助](#获取帮助) -如果还没有这样做,你可以 fork Certimate 的主仓库,并克隆到本地以便进行修改: +--- -```bash -git clone https://github.com/your_username/certimate.git -``` +## 开发 -> **重要提示:** -> 建议为每个 Bug 修复或新功能创建一个从 `main` 分支派生的新分支。如果你计划提交多个 PR,请保持不同的改动在独立分支中,以便更容易进行代码审查并最终合并。 -> 保持一个 PR 只实现一个功能。 +### 要求 -## 修改 Go 代码 +- Go 1.24+(用于修改后端代码) +- Node.js 22.0+(用于修改前端代码) -假设你已经对 Certimate 的 Go 代码做了一些修改,现在你想要运行它: +### 后端代码 -1. 进入根目录 -2. 运行以下命令启动服务: +Certimate 的后端代码是使用 Golang 开发的,是一个基于 [Pocketbase](https://github.com/pocketbase/pocketbase) 构建的单体应用。 +假设你已经对 Certimate 的后端代码做出了一些修改,现在你想要运行它,请遵循以下步骤: + +1. 进入根目录; +2. 安装依赖: + ```bash + go mod vendor + ``` +3. 启动本地开发服务: ```bash go run main.go serve ``` -这将启动一个 Web 服务器,默认运行在 `http://localhost:8090`,并使用来自 `ui/dist` 的预构建管理页面。 +这将启动一个 Web 服务器,默认运行在 `http://localhost:8090`,并使用来自 `/ui/dist` 的预构建管理页面。 -> 如果你遇到报错 `ui/embed.go:10:12: pattern all:dist: no matching files found` 请先参考 [构建 Admin UI](#修改管理页面-admin-ui) +> 如果你遇到报错 `ui/embed.go: pattern all:dist: no matching files found`,请参考“[前端代码](#前端代码)”这一小节构建 WebUI。 -**在向主仓库提交 PR 之前,建议你:** +**在向主仓库提交 PR 之前,你应该:** -- 使用 [gofumpt](https://github.com/mvdan/gofumpt) 对你的代码进行格式化。 +- 使用 [gofumpt](https://github.com/mvdan/gofumpt) 格式化你的代码。推荐使用 VSCode,并安装 gofumpt 插件,以便在保存时自动格式化。 +- 为你的改动添加单元测试或集成测试(使用 Go 标准库中的 `testing` 包)。 -- 为你的改动添加单元测试或集成测试(Certimate 使用 Go 的标准 `testing` 包)。你可以通过以下命令运行测试(在项目根目录下): +### 前端代码 - ```bash - go test ./... - ``` +Certimate 的前端代码是使用 TypeScript 开发的,是一个基于 [React](https://github.com/facebook/react) 和 [Vite](https://github.com/vitejs/vite) 构建的单页应用。 -## 修改管理页面 (Admin UI) - -Certimate 的管理页面是一个基于 React 和 Vite 构建的单页应用(SPA)。 - -要启动 Admin UI: - -1. 进入 `ui` 项目目录。 - -2. 运行 `npm install` 安装依赖。 +假设你已经对 Certimate 的前端代码做出了一些修改,现在你想要运行它,请遵循以下步骤: +1. 进入 `/ui` 目录; +2. 安装依赖: + ```bash + npm install + ``` 3. 启动 Vite 开发服务器: - ```bash npm run dev ``` -你可以通过浏览器访问 `http://localhost:5173` 来查看运行中的管理页面。 +这将启动一个 Web 服务器,默认运行在 `http://localhost:5173`,你可以通过浏览器访问来查看运行中的 WebUI。 -由于 Admin UI 只是一个客户端应用,运行时需要 Certimate 的后端服务作为支撑。你可以手动运行 Certimate,或者使用预构建的可执行文件。 - -所有对 Admin UI 的修改将会自动反映在浏览器中,无需手动刷新页面。 - -完成修改后,运行以下命令来构建 Admin UI,以便它能被嵌入到 Go 包中: +完成修改后,运行以下命令来构建 WebUI,以便它能被嵌入到 Go 包中: ```bash npm run build ``` -完成所有步骤后,你可以将改动提交 PR 到 Certimate 主仓库。 +**在向主仓库提交 PR 之前,你应该:** + +- 使用 [ESLint](https://github.com/eslint/eslint) 格式化你的代码。推荐使用 VSCode,并安装 ESLint+Prettier 插件,以便在保存时自动格式化。 + +## 提交 PR + +在提交 PR 之前,请先创建一个 Issue 来讨论你的修改方案,并等待来自项目维护者的反馈。这样做有助于: + +- 让我们充分理解你的修改内容; +- 评估修改是否符合项目路线图; +- 避免重复工作; +- 防止你投入时间到可能无法被合并的修改中。 + +### 提交流程 + +1. Fork 本仓库; +2. 在提交 PR 之前,请先发起 Issue 讨论你想要做的修改; +3. 为你的修改创建一个新的分支; +4. 请为你的修改添加相应的测试; +5. 确保你的代码能通过现有的测试; +6. 请在 PR 描述中关联相关 Issue; +7. 等待合并! + +> [!IMPORTANT] +> +> 建议为每个新功能或 Bug 修复创建一个从 `main` 分支派生的新分支。如果你计划提交多个 PR,请保持不同的改动在独立分支中,以便更容易进行代码审查并最终合并。 +> +> 保持一个 PR 只实现一个功能或修复。 + +## 获取帮助 + +如果你在贡献过程中遇到困难或问题,可以通过 GitHub Issues 向我们提问。 diff --git a/CONTRIBUTING_EN.md b/CONTRIBUTING_EN.md index d09de8ad..da5bf210 100644 --- a/CONTRIBUTING_EN.md +++ b/CONTRIBUTING_EN.md @@ -1,83 +1,106 @@ -# Contributing to Certimate +# Contribution Guide -Thank you for taking the time to improve Certimate! Below is a guide for submitting a PR (Pull Request) to the main Certimate repository. +Thank you for taking the time to improve Certimate! Below is a guide for submitting a PR (Pull Request) to the Certimate repository. -- [Contributing to Certimate](#contributing-to-certimate) +We need to be nimble and ship fast given where we are, but we also want to make sure that contributors like you get as smooth an experience at contributing as possible. We've assembled this contribution guide for that purpose, aiming at getting you familiarized with the codebase & how we work with contributors, so you could quickly jump to the fun part. + +Index: + +- [Development](#development) - [Prerequisites](#prerequisites) - - [Making Changes in the Go Code](#making-changes-in-the-go-code) - - [Making Changes in the Admin UI](#making-changes-in-the-admin-ui) + - [Backend Code](#backend-code) + - [Frontend Code](#frontend-code) +- [Submitting PR](#submitting-pr) + - [Pull Request Process](#pull-request-process) +- [Getting Help](#getting-help) -## Prerequisites +--- -- Go 1.24+ (for Go code changes) -- Node 20+ (for Admin UI changes) +## Development -If you haven't done so already, you can fork the Certimate repository and clone your fork to work locally: +### Prerequisites -```bash -git clone https://github.com/your_username/certimate.git -``` +- Go 1.24+ (for backend code changes) +- Node.js 22.0+ (for frontend code changes) -> **Important:** -> It is recommended to create a new branch from `main` for each bug fix or feature. If you plan to submit multiple PRs, ensure the changes are in separate branches for easier review and eventual merge. -> Keep each PR focused on a single feature or fix. +### Backend Code -## Making Changes in the Go Code +The backend code of Certimate is developed using Golang. It is a monolithic application based on [Pocketbase](https://github.com/pocketbase/pocketbase). -Once you have made changes to the Go code in Certimate, follow these steps to run the project: +Once you have made changes to the backend code in Certimate, follow these steps to run the project: 1. Navigate to the root directory. - -2. Start the service by running: - +2. Install dependencies: + ```bash + go mod vendor + ``` +3. Start the local development server: ```bash go run main.go serve ``` -This will start a web server at `http://localhost:8090` using the prebuilt Admin UI located in `ui/dist`. +This will start a web server at `http://localhost:8090` using the prebuilt WebUI located in `/ui/dist`. -> if you encounter an error `ui/embed.go:10:12: pattern all:dist: no matching files found`, please refer to [build Admin UI](#making-changes-in-the-admin-ui) +> If you encounter an error `ui/embed.go: pattern all:dist: no matching files found`, please refer to _[Frontend Code](#frontend-code)_ and build WebUI first. -**Before submitting a PR to the main repository, consider:** +**Before submitting a PR to the main repository, you should:** -- Format your source code by using [gofumpt](https://github.com/mvdan/gofumpt). +- Format your source code by using [gofumpt](https://github.com/mvdan/gofumpt). Recommended using VSCode and installing the gofumpt plugin to automatically format when saving. +- Adding unit or integration tests for your changes (with go standard library `testing` package). -- Adding unit or integration tests for your changes. Certimate uses Go’s standard `testing` package. You can run tests using the following command (while in the root project directory): +### Frontend Code - ```bash - go test ./... - ``` +The frontend code of Certimate is developed using TypeScript. It is a SPA based on [React](https://github.com/facebook/react) and [Vite](https://github.com/vitejs/vite). -## Making Changes in the Admin UI - -Certimate’s Admin UI is a single-page application (SPA) built using React and Vite. - -To start the Admin UI: - -1. Navigate to the `ui` project directory. - -2. Install the necessary dependencies by running: +Once you have made changes to the backend code in Certimate, follow these steps to run the project: +1. Navigate to the `/ui` directory. +2. Install dependencies: ```bash npm install ``` - -3. Start the Vite development server: - +3. Start the local development server: ```bash npm run dev ``` -You can now access the running Admin UI at `http://localhost:5173` in your browser. +This will start a web server at `http://localhost:5173`. You can now access the WebUI in your browser. -Since the Admin UI is a client-side application, you will also need to have the Certimate backend running. You can either manually run Certimate or use a prebuilt executable. - -Any changes you make in the Admin UI will be automatically reflected in the browser without requiring a page reload. - -After completing your changes, build the Admin UI so it can be embedded into the Go package: +After completing your changes, build the WebUI so it can be embedded into the Go package: ```bash npm run build ``` -Once all steps are completed, you are ready to submit a PR to the main Certimate repository. +**Before submitting a PR to the main repository, you should:** + +- Format your source code by using [ESLint](https://github.com/eslint/eslint). Recommended using VSCode and installing the ESLint plugin to automatically format when saving. + +## Submitting PR + +Before opening a Pull Request, please open an issue to discuss the change and get feedback from the maintainers. This will helps us: + +- To understand the context of the change. +- To ensure it fits into Certimate's roadmap. +- To prevent us from duplicating work. +- To prevent you from spending time on a change that we may not be able to accept. + +### Pull Request Process + +1. Fork the repository. +2. Before you draft a PR, please open an issue to discuss the changes you want to make. +3. Create a new branch for your changes. +4. Please add tests for your changes accordingly. +5. Ensure your code passes the existing tests. +6. Please link the issue in the PR description. +7. Get merged! + +> [!IMPORTANT] +> +> It is recommended to create a new branch from `main` for each bug fix or feature. If you plan to submit multiple PRs, ensure the changes are in separate branches for easier review and eventual merge. +> +> Keep each PR focused on a single feature or fix. + +## Getting Help + +If you ever get stuck or get a burning question while contributing, simply shoot your queries our way via the GitHub issues. diff --git a/LICENSE.md b/LICENSE similarity index 97% rename from LICENSE.md rename to LICENSE index 9262263d..4022eb9c 100644 --- a/LICENSE.md +++ b/LICENSE @@ -1,5 +1,6 @@ MIT License +Copyright (c) 2025 certimate-go Copyright (c) 2024 Yoan.Liu Permission is hereby granted, free of charge, to any person obtaining a copy diff --git a/README.md b/README.md index 020e023c..3fe6a5c4 100644 --- a/README.md +++ b/README.md @@ -2,11 +2,11 @@
-[![Stars](https://img.shields.io/github/stars/usual2970/certimate?style=flat)](https://github.com/usual2970/certimate) -[![Forks](https://img.shields.io/github/forks/usual2970/certimate?style=flat)](https://github.com/usual2970/certimate) -[![Docker Pulls](https://img.shields.io/docker/pulls/usual2970/certimate?style=flat)](https://hub.docker.com/r/usual2970/certimate) -[![Release](https://img.shields.io/github/v/release/usual2970/certimate?sort=semver)](https://github.com/usual2970/certimate/releases) -[![License](https://img.shields.io/github/license/usual2970/certimate)](https://mit-license.org/) +[![Stars](https://img.shields.io/github/stars/certimate-go/certimate?style=flat)](https://github.com/certimate-go/certimate) +[![Forks](https://img.shields.io/github/forks/certimate-go/certimate?style=flat)](https://github.com/certimate-go/certimate) +[![Docker Pulls](https://img.shields.io/docker/pulls/certimate/certimate?style=flat)](https://hub.docker.com/r/certimate/certimate) +[![Release](https://img.shields.io/github/v/release/certimate-go/certimate?style=flat&sort=semver)](https://github.com/certimate-go/certimate/releases) +[![License](https://img.shields.io/github/license/certimate-go/certimate?style=flat)](https://mit-license.org/)
@@ -48,7 +48,7 @@ Certimate 旨在为用户提供一个安全、简便的 SSL 证书管理解决 **5 分钟部署 Certimate!** -以二进制部署为例,从 [GitHub Releases](https://github.com/usual2970/certimate/releases) 页面下载预先编译好的二进制可执行文件压缩包,解压缩后在终端中执行: +以二进制部署为例,从 [GitHub Releases](https://github.com/certimate-go/certimate/releases) 页面下载预先编译好的二进制可执行文件压缩包,解压缩后在终端中执行: ```bash ./certimate serve @@ -71,10 +71,10 @@ Certimate 旨在为用户提供一个安全、简便的 SSL 证书管理解决 相关文章: -- [使用 CNAME 完成 ACME DNS-01 质询](https://docs.certimate.me/blog/cname) -- [v0.3.0:第二个不向后兼容的大版本](https://docs.certimate.me/blog/v0.3.0) -- [v0.2.0:第一个不向后兼容的大版本](https://docs.certimate.me/blog/v0.2.0) -- [Why Certimate?](https://docs.certimate.me/blog/why-certimate) +- [《使用 CNAME 完成 ACME DNS-01 质询》](https://docs.certimate.me/blog/cname) +- [《v0.3.0:第二个不向后兼容的大版本》](https://docs.certimate.me/blog/v0.3.0) +- [《v0.2.0:第一个不向后兼容的大版本》](https://docs.certimate.me/blog/v0.2.0) +- [《Why Certimate?》](https://docs.certimate.me/blog/why-certimate) ## ⭐ 运行界面 @@ -82,18 +82,19 @@ Certimate 旨在为用户提供一个安全、简便的 SSL 证书管理解决 ## 🤝 参与贡献 -Certimate 是一个免费且开源的项目,采用 [MIT License](./LICENSE.md)。你可以使用它做任何你想做的事,甚至把它当作一个付费服务提供给用户。 +Certimate 是一个免费且开源的项目。我们欢迎任何人为 Certimate 做出贡献,以帮助改善 Certimate。包括但不限于:提交代码、反馈缺陷、交流想法,或分享你基于 Certimate 的使用案例。同时,我们也欢迎用户在个人博客或社交媒体上分享 Certimate。 -你可以通过以下方式来支持 Certimate 的开发: +如果你想要贡献代码,请先阅读我们的[贡献指南](./CONTRIBUTING.md)。 -- 提交代码:如果你发现了 Bug 或有新的功能需求,而你又有相关经验,可以[提交代码](CONTRIBUTING.md)给我们。 -- 提交 Issue:功能建议或者 Bug 可以[提交 Issue](https://github.com/usual2970/certimate/issues) 给我们。 +请在 https://github.com/certimate-go/certimate 提交 [Issues](https://github.com/certimate-go/certimate/issues) 和 [Pull Requests](https://github.com/certimate-go/certimate/pulls)。 -支持更多提供商、UI 的优化改进、Bug 修复、文档完善等,欢迎大家参与贡献。 +#### 感谢以下贡献者对 Certimate 做出的贡献: + +[![Contributors](https://contrib.rocks/image?repo=certimate-go/certimate)](https://github.com/certimate-go/certimate/graphs/contributors) ## ⛔ 免责声明 -Certimate 基于 [MIT License](https://opensource.org/licenses/MIT) 发布,完全免费提供,旨在“按现状”供用户使用。作者及贡献者不对使用本软件所产生的任何直接或间接后果承担责任,包括但不限于性能下降、数据丢失、服务中断、或任何其他类型的损害。 +Certimate 遵循 [MIT License](https://opensource.org/licenses/MIT) 开源协议,完全免费提供,旨在“按现状”供用户使用。作者及贡献者不对使用本软件所产生的任何直接或间接后果承担责任,包括但不限于性能下降、数据丢失、服务中断、或任何其他类型的损害。 **无任何保证**:本软件不提供任何明示或暗示的保证,包括但不限于对特定用途的适用性、无侵权性、商用性及可靠性的保证。 @@ -104,8 +105,8 @@ Certimate 基于 [MIT License](https://opensource.org/licenses/MIT) 发布,完 - [Telegram](https://t.me/+ZXphsppxUg41YmVl) - 微信群聊(超 200 人需邀请入群,可先加作者好友) - + ## 🚀 Star 趋势图 -[![Stargazers over time](https://starchart.cc/usual2970/certimate.svg?variant=adaptive)](https://starchart.cc/usual2970/certimate) +[![Stargazers over time](https://starchart.cc/certimate-go/certimate.svg?variant=adaptive)](https://starchart.cc/certimate-go/certimate) diff --git a/README_EN.md b/README_EN.md index 864ce5e3..2b50f83a 100644 --- a/README_EN.md +++ b/README_EN.md @@ -2,11 +2,11 @@
-[![Stars](https://img.shields.io/github/stars/usual2970/certimate?style=flat)](https://github.com/usual2970/certimate) -[![Forks](https://img.shields.io/github/forks/usual2970/certimate?style=flat)](https://github.com/usual2970/certimate) -[![Docker Pulls](https://img.shields.io/docker/pulls/usual2970/certimate?style=flat)](https://hub.docker.com/r/usual2970/certimate) -[![Release](https://img.shields.io/github/v/release/usual2970/certimate?style=flat&sort=semver)](https://github.com/usual2970/certimate/releases) -[![License](https://img.shields.io/github/license/usual2970/certimate?style=flat)](https://mit-license.org/) +[![Stars](https://img.shields.io/github/stars/certimate-go/certimate?style=flat)](https://github.com/certimate-go/certimate) +[![Forks](https://img.shields.io/github/forks/certimate-go/certimate?style=flat)](https://github.com/certimate-go/certimate) +[![Docker Pulls](https://img.shields.io/docker/pulls/certimate/certimate?style=flat)](https://hub.docker.com/r/certimate/certimate) +[![Release](https://img.shields.io/github/v/release/certimate-go/certimate?style=flat&sort=semver)](https://github.com/certimate-go/certimate/releases) +[![License](https://img.shields.io/github/license/certimate-go/certimate?style=flat)](https://mit-license.org/)
@@ -48,7 +48,7 @@ Certimate aims to provide users with a secure and user-friendly SSL certificate **Deploy Certimate in 5 minutes!** -Download the archived package of precompiled binary files directly from [GitHub Releases](https://github.com/usual2970/certimate/releases), extract and then execute: +Download the archived package of precompiled binary files directly from [GitHub Releases](https://github.com/certimate-go/certimate/releases), extract and then execute: ```bash ./certimate serve @@ -65,14 +65,14 @@ Work with Certimate right now. Or read other content in the documentation to lea ## 📄 Documentation -Please visit the documentation site [docs.certimate.me](https://docs.certimate.me/en/). +For full documentation, please visit [docs.certimate.me](https://docs.certimate.me/en/). Related articles: -- [使用 CNAME 完成 ACME DNS-01 质询](https://docs.certimate.me/blog/cname) -- [v0.3.0:第二个不向后兼容的大版本](https://docs.certimate.me/blog/v0.3.0) -- [v0.2.0:第一个不向后兼容的大版本](https://docs.certimate.me/blog/v0.2.0) -- [Why Certimate?](https://docs.certimate.me/blog/why-certimate) +- [_使用 CNAME 完成 ACME DNS-01 质询_](https://docs.certimate.me/blog/cname) +- [_v0.3.0:第二个不向后兼容的大版本_](https://docs.certimate.me/blog/v0.3.0) +- [_v0.2.0:第一个不向后兼容的大版本_](https://docs.certimate.me/blog/v0.2.0) +- [_Why Certimate?_](https://docs.certimate.me/blog/why-certimate) ## ⭐ Screenshot @@ -80,18 +80,19 @@ Related articles: ## 🤝 Contributing -Certimate is a free and open-source project, licensed under the [MIT License](./LICENSE.md). You can use it for anything you want, even offering it as a paid service to users. +Certimate is a free and open-source project, and your feedback and contributions are needed and always welcome. Contributions include but are not limited to: submitting code, reporting bugs, sharing ideas, or showcasing your use cases based on Certimate. We also encourage users to share Certimate on personal blogs or social media. -You can support the development of Certimate in the following ways: +For those who'd like to contribute code, see our [Contribution Guide](./CONTRIBUTING_EN.md). -- **Submit Code**: If you find a bug or have new feature requests, and you have relevant experience, [you can submit code to us](CONTRIBUTING_EN.md). -- **Submit an Issue**: For feature suggestions or bugs, you can [submit an issue](https://github.com/usual2970/certimate/issues) to us. +[Issues](https://github.com/certimate-go/certimate/issues) and [Pull Requests](https://github.com/certimate-go/certimate/pulls) are opened at https://github.com/certimate-go/certimate. -Support for more service providers, UI enhancements, bug fixes, and documentation improvements are all welcome. We encourage everyone to contribute. +#### Contributors + +[![Contributors](https://contrib.rocks/image?repo=certimate-go/certimate)](https://github.com/certimate-go/certimate/graphs/contributors) ## ⛔ Disclaimer -This software is provided under the [MIT License](https://opensource.org/licenses/MIT) and distributed “as-is” without any warranty of any kind. The authors and contributors are not responsible for any damages or losses resulting from the use or inability to use this software, including but not limited to data loss, business interruption, or any other potential harm. +This repository is available under the [MIT License](https://opensource.org/licenses/MIT), and distributed “as-is” without any warranty of any kind. The authors and contributors are not responsible for any damages or losses resulting from the use or inability to use this software, including but not limited to data loss, business interruption, or any other potential harm. **No Warranties**: This software comes without any express or implied warranties, including but not limited to implied warranties of merchantability, fitness for a particular purpose, and non-infringement. @@ -102,8 +103,8 @@ This software is provided under the [MIT License](https://opensource.org/license - [Telegram](https://t.me/+ZXphsppxUg41YmVl) - Wechat Group - + ## 🚀 Star History -[![Stargazers over time](https://starchart.cc/usual2970/certimate.svg?variant=adaptive)](https://starchart.cc/usual2970/certimate) +[![Stargazers over time](https://starchart.cc/certimate-go/certimate.svg?variant=adaptive)](https://starchart.cc/certimate-go/certimate) diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index c685e77c..2c112e2b 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -1,8 +1,8 @@ version: "3.0" services: certimate: - image: registry.cn-shanghai.aliyuncs.com/usual2970/certimate:latest - container_name: certimate_server + image: certimate/certimate:latest + container_name: certimate ports: - 8090:8090 volumes: diff --git a/go.mod b/go.mod index ee794b86..399f6f86 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/usual2970/certimate +module github.com/certimate-go/certimate go 1.24.0 @@ -219,8 +219,8 @@ require ( modernc.org/sqlite v1.37.1 // indirect ) -replace github.com/Edgio/edgio-api v0.0.0-workspace => ./internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace +replace github.com/Edgio/edgio-api v0.0.0-workspace => ./pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace -replace gitlab.ecloud.com/ecloud/ecloudsdkcore v1.0.0 => ./internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0 +replace gitlab.ecloud.com/ecloud/ecloudsdkcore v1.0.0 => ./pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0 -replace gitlab.ecloud.com/ecloud/ecloudsdkclouddns v1.0.1 => ./internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1 +replace gitlab.ecloud.com/ecloud/ecloudsdkclouddns v1.0.1 => ./pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1 diff --git a/internal/applicant/acme_ca.go b/internal/applicant/acme_ca.go index 36c0a0a4..76e44ac7 100644 --- a/internal/applicant/acme_ca.go +++ b/internal/applicant/acme_ca.go @@ -1,6 +1,6 @@ package applicant -import "github.com/usual2970/certimate/internal/domain" +import "github.com/certimate-go/certimate/internal/domain" const ( caLetsEncrypt = string(domain.CAProviderTypeLetsEncrypt) diff --git a/internal/applicant/acme_user.go b/internal/applicant/acme_user.go index e6e13cb7..c1c89a1f 100644 --- a/internal/applicant/acme_user.go +++ b/internal/applicant/acme_user.go @@ -13,10 +13,10 @@ import ( "github.com/go-acme/lego/v4/registration" "golang.org/x/sync/singleflight" - "github.com/usual2970/certimate/internal/domain" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - maputil "github.com/usual2970/certimate/internal/pkg/utils/map" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xmaps "github.com/certimate-go/certimate/pkg/utils/maps" ) type acmeUser struct { @@ -51,7 +51,7 @@ func newAcmeUser(ca, caAccessId, email string) (*acmeUser, error) { return nil, err } - keyPEM, err := certutil.ConvertECPrivateKeyToPEM(key) + keyPEM, err := xcert.ConvertECPrivateKeyToPEM(key) if err != nil { return nil, err } @@ -75,7 +75,7 @@ func (u acmeUser) GetRegistration() *registration.Resource { } func (u *acmeUser) GetPrivateKey() crypto.PrivateKey { - rs, _ := certutil.ParseECPrivateKeyFromPEM(u.privkey) + rs, _ := xcert.ParseECPrivateKeyFromPEM(u.privkey) return rs } @@ -120,7 +120,7 @@ func registerAcmeUser(client *lego.Client, user *acmeUser, userRegisterOptions m case caGoogleTrustServices: { access := domain.AccessConfigForGoogleTrustServices{} - if err := maputil.Populate(userRegisterOptions, &access); err != nil { + if err := xmaps.Populate(userRegisterOptions, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -134,7 +134,7 @@ func registerAcmeUser(client *lego.Client, user *acmeUser, userRegisterOptions m case caSSLCom: { access := domain.AccessConfigForSSLCom{} - if err := maputil.Populate(userRegisterOptions, &access); err != nil { + if err := xmaps.Populate(userRegisterOptions, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -148,7 +148,7 @@ func registerAcmeUser(client *lego.Client, user *acmeUser, userRegisterOptions m case caZeroSSL: { access := domain.AccessConfigForZeroSSL{} - if err := maputil.Populate(userRegisterOptions, &access); err != nil { + if err := xmaps.Populate(userRegisterOptions, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -162,7 +162,7 @@ func registerAcmeUser(client *lego.Client, user *acmeUser, userRegisterOptions m case caCustom: { access := domain.AccessConfigForACMECA{} - if err := maputil.Populate(userRegisterOptions, &access); err != nil { + if err := xmaps.Populate(userRegisterOptions, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } diff --git a/internal/applicant/applicant.go b/internal/applicant/applicant.go index d361cf83..6040b902 100644 --- a/internal/applicant/applicant.go +++ b/internal/applicant/applicant.go @@ -19,10 +19,10 @@ import ( "golang.org/x/exp/slices" "golang.org/x/time/rate" - "github.com/usual2970/certimate/internal/domain" - maputil "github.com/usual2970/certimate/internal/pkg/utils/map" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" + xmaps "github.com/certimate-go/certimate/pkg/utils/maps" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) type ApplyResult struct { @@ -55,7 +55,7 @@ func NewWithWorkflowNode(config ApplicantWithWorkflowNodeConfig) (Applicant, err nodeCfg := config.Node.GetConfigForApply() options := &applicantProviderOptions{ - Domains: sliceutil.Filter(strings.Split(nodeCfg.Domains, ";"), func(s string) bool { return s != "" }), + Domains: xslices.Filter(strings.Split(nodeCfg.Domains, ";"), func(s string) bool { return s != "" }), ContactEmail: nodeCfg.ContactEmail, Provider: domain.ACMEDns01ProviderType(nodeCfg.Provider), ProviderAccessConfig: make(map[string]any), @@ -64,7 +64,7 @@ func NewWithWorkflowNode(config ApplicantWithWorkflowNodeConfig) (Applicant, err CAProviderAccessConfig: make(map[string]any), CAProviderServiceConfig: nodeCfg.CAProviderConfig, KeyAlgorithm: nodeCfg.KeyAlgorithm, - Nameservers: sliceutil.Filter(strings.Split(nodeCfg.Nameservers, ";"), func(s string) bool { return s != "" }), + Nameservers: xslices.Filter(strings.Split(nodeCfg.Nameservers, ";"), func(s string) bool { return s != "" }), DnsPropagationWait: nodeCfg.DnsPropagationWait, DnsPropagationTimeout: nodeCfg.DnsPropagationTimeout, DnsTTL: nodeCfg.DnsTTL, @@ -189,7 +189,7 @@ func applyUseLego(legoProvider challenge.Provider, options *applicantProviderOpt } case caCustom: - caDirURL := maputil.GetString(options.CAProviderAccessConfig, "endpoint") + caDirURL := xmaps.GetString(options.CAProviderAccessConfig, "endpoint") if caDirURL != "" { config.CADirURL = caDirURL } else { diff --git a/internal/applicant/providers.go b/internal/applicant/providers.go index 3dbfd79e..1d5177bf 100644 --- a/internal/applicant/providers.go +++ b/internal/applicant/providers.go @@ -5,46 +5,46 @@ import ( "github.com/go-acme/lego/v4/challenge" - "github.com/usual2970/certimate/internal/domain" - pACMEHttpReq "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/acmehttpreq" - pAliyun "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun" - pAliyunESA "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun-esa" - pAWSRoute53 "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/aws-route53" - pAzureDNS "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/azure-dns" - pBaiduCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud" - pBunny "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/bunny" - pCloudflare "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudflare" - pClouDNS "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudns" - pCMCCCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud" - pConstellix "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/constellix" - pCTCCCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/ctcccloud" - pDeSEC "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/desec" - pDigitalOcean "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/digitalocean" - pDNSLA "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla" - pDuckDNS "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/duckdns" - pDynv6 "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/dynv6" - pGcore "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/gcore" - pGname "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname" - pGoDaddy "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/godaddy" - pHetzner "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/hetzner" - pHuaweiCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/huaweicloud" - pJDCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/jdcloud" - pNamecheap "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/namecheap" - pNameDotCom "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/namedotcom" - pNameSilo "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/namesilo" - pNetcup "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/netcup" - pNetlify "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/netlify" - pNS1 "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/ns1" - pPorkbun "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/porkbun" - pPowerDNS "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/powerdns" - pRainYun "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/rainyun" - pTencentCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud" - pTencentCloudEO "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud-eo" - pUCloudUDNR "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr" - pVercel "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/vercel" - pVolcEngine "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/volcengine" - pWestcn "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/westcn" - maputil "github.com/usual2970/certimate/internal/pkg/utils/map" + "github.com/certimate-go/certimate/internal/domain" + pACMEHttpReq "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/acmehttpreq" + pAliyun "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/aliyun" + pAliyunESA "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa" + pAWSRoute53 "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/aws-route53" + pAzureDNS "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/azure-dns" + pBaiduCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/baiducloud" + pBunny "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/bunny" + pCloudflare "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/cloudflare" + pClouDNS "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/cloudns" + pCMCCCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/cmcccloud" + pConstellix "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/constellix" + pCTCCCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud" + pDeSEC "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/desec" + pDigitalOcean "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/digitalocean" + pDNSLA "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/dnsla" + pDuckDNS "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/duckdns" + pDynv6 "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/dynv6" + pGcore "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/gcore" + pGname "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/gname" + pGoDaddy "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/godaddy" + pHetzner "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/hetzner" + pHuaweiCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/huaweicloud" + pJDCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/jdcloud" + pNamecheap "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/namecheap" + pNameDotCom "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/namedotcom" + pNameSilo "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/namesilo" + pNetcup "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/netcup" + pNetlify "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/netlify" + pNS1 "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/ns1" + pPorkbun "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/porkbun" + pPowerDNS "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/powerdns" + pRainYun "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/rainyun" + pTencentCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud" + pTencentCloudEO "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud-eo" + pUCloudUDNR "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr" + pVercel "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/vercel" + pVolcEngine "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/volcengine" + pWestcn "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/westcn" + xmaps "github.com/certimate-go/certimate/pkg/utils/maps" ) type applicantProviderOptions struct { @@ -76,7 +76,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeACMEHttpReq: { access := domain.AccessConfigForACMEHttpReq{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -93,7 +93,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeAliyun, domain.ACMEDns01ProviderTypeAliyunDNS, domain.ACMEDns01ProviderTypeAliyunESA: { access := domain.AccessConfigForAliyun{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -111,7 +111,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi applicant, err := pAliyunESA.NewChallengeProvider(&pAliyunESA.ChallengeProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), DnsPropagationTimeout: options.DnsPropagationTimeout, DnsTTL: options.DnsTTL, }) @@ -125,15 +125,15 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeAWS, domain.ACMEDns01ProviderTypeAWSRoute53: { access := domain.AccessConfigForAWS{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } applicant, err := pAWSRoute53.NewChallengeProvider(&pAWSRoute53.ChallengeProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - HostedZoneId: maputil.GetString(options.ProviderServiceConfig, "hostedZoneId"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + HostedZoneId: xmaps.GetString(options.ProviderServiceConfig, "hostedZoneId"), DnsPropagationTimeout: options.DnsPropagationTimeout, DnsTTL: options.DnsTTL, }) @@ -143,7 +143,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeAzure, domain.ACMEDns01ProviderTypeAzureDNS: { access := domain.AccessConfigForAzure{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -161,7 +161,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeBaiduCloud, domain.ACMEDns01ProviderTypeBaiduCloudDNS: { access := domain.AccessConfigForBaiduCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -177,7 +177,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeBunny: { access := domain.AccessConfigForBunny{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -192,7 +192,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeCloudflare: { access := domain.AccessConfigForCloudflare{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -208,7 +208,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeClouDNS: { access := domain.AccessConfigForClouDNS{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -224,7 +224,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeCMCCCloud, domain.ACMEDns01ProviderTypeCMCCCloudDNS: { access := domain.AccessConfigForCMCCCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -240,7 +240,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeConstellix: { access := domain.AccessConfigForConstellix{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -256,7 +256,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeCTCCCloud, domain.ACMEDns01ProviderTypeCTCCCloudSmartDNS: { access := domain.AccessConfigForCTCCCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -272,7 +272,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeDeSEC: { access := domain.AccessConfigForDeSEC{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -287,7 +287,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeDigitalOcean: { access := domain.AccessConfigForDigitalOcean{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -302,7 +302,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeDNSLA: { access := domain.AccessConfigForDNSLA{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -318,7 +318,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeDuckDNS: { access := domain.AccessConfigForDuckDNS{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -332,7 +332,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeDynv6: { access := domain.AccessConfigForDynv6{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -347,7 +347,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeGcore: { access := domain.AccessConfigForGcore{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -362,7 +362,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeGname: { access := domain.AccessConfigForGname{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -378,7 +378,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeGoDaddy: { access := domain.AccessConfigForGoDaddy{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -394,7 +394,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeHetzner: { access := domain.AccessConfigForHetzner{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -409,14 +409,14 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeHuaweiCloud, domain.ACMEDns01ProviderTypeHuaweiCloudDNS: { access := domain.AccessConfigForHuaweiCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } applicant, err := pHuaweiCloud.NewChallengeProvider(&pHuaweiCloud.ChallengeProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), DnsPropagationTimeout: options.DnsPropagationTimeout, DnsTTL: options.DnsTTL, }) @@ -426,14 +426,14 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeJDCloud, domain.ACMEDns01ProviderTypeJDCloudDNS: { access := domain.AccessConfigForJDCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } applicant, err := pJDCloud.NewChallengeProvider(&pJDCloud.ChallengeProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - RegionId: maputil.GetString(options.ProviderServiceConfig, "regionId"), + RegionId: xmaps.GetString(options.ProviderServiceConfig, "regionId"), DnsPropagationTimeout: options.DnsPropagationTimeout, DnsTTL: options.DnsTTL, }) @@ -443,7 +443,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeNamecheap: { access := domain.AccessConfigForNamecheap{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -459,7 +459,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeNameDotCom: { access := domain.AccessConfigForNameDotCom{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -475,7 +475,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeNameSilo: { access := domain.AccessConfigForNameSilo{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -490,7 +490,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeNetcup: { access := domain.AccessConfigForNetcup{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -507,7 +507,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeNetlify: { access := domain.AccessConfigForNetlify{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -522,7 +522,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeNS1: { access := domain.AccessConfigForNS1{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -537,7 +537,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypePorkbun: { access := domain.AccessConfigForPorkbun{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -553,7 +553,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypePowerDNS: { access := domain.AccessConfigForPowerDNS{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -570,7 +570,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeRainYun: { access := domain.AccessConfigForRainYun{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -585,7 +585,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeTencentCloud, domain.ACMEDns01ProviderTypeTencentCloudDNS, domain.ACMEDns01ProviderTypeTencentCloudEO: { access := domain.AccessConfigForTencentCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -603,7 +603,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi applicant, err := pTencentCloudEO.NewChallengeProvider(&pTencentCloudEO.ChallengeProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - ZoneId: maputil.GetString(options.ProviderServiceConfig, "zoneId"), + ZoneId: xmaps.GetString(options.ProviderServiceConfig, "zoneId"), DnsPropagationTimeout: options.DnsPropagationTimeout, DnsTTL: options.DnsTTL, }) @@ -617,7 +617,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeUCloudUDNR: { access := domain.AccessConfigForUCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -633,7 +633,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeVercel: { access := domain.AccessConfigForVercel{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -649,7 +649,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeVolcEngine, domain.ACMEDns01ProviderTypeVolcEngineDNS: { access := domain.AccessConfigForVolcEngine{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -665,7 +665,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeWestcn: { access := domain.AccessConfigForWestcn{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } diff --git a/internal/certificate/service.go b/internal/certificate/service.go index ffb30d0f..5cea386d 100644 --- a/internal/certificate/service.go +++ b/internal/certificate/service.go @@ -13,12 +13,12 @@ import ( "github.com/go-acme/lego/v4/certcrypto" "github.com/pocketbase/dbx" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/domain/dtos" - "github.com/usual2970/certimate/internal/notify" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain/dtos" + "github.com/certimate-go/certimate/internal/notify" + "github.com/certimate-go/certimate/internal/repository" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) const ( @@ -145,7 +145,7 @@ func (s *CertificateService) ArchiveFile(ctx context.Context, req *dtos.Certific { const pfxPassword = "certimate" - certPFX, err := certutil.TransformCertificateFromPEMToPFX(certificate.Certificate, certificate.PrivateKey, pfxPassword) + certPFX, err := xcert.TransformCertificateFromPEMToPFX(certificate.Certificate, certificate.PrivateKey, pfxPassword) if err != nil { return nil, err } @@ -183,7 +183,7 @@ func (s *CertificateService) ArchiveFile(ctx context.Context, req *dtos.Certific { const jksPassword = "certimate" - certJKS, err := certutil.TransformCertificateFromPEMToJKS(certificate.Certificate, certificate.PrivateKey, jksPassword, jksPassword, jksPassword) + certJKS, err := xcert.TransformCertificateFromPEMToJKS(certificate.Certificate, certificate.PrivateKey, jksPassword, jksPassword, jksPassword) if err != nil { return nil, err } @@ -223,7 +223,7 @@ func (s *CertificateService) ArchiveFile(ctx context.Context, req *dtos.Certific } func (s *CertificateService) ValidateCertificate(ctx context.Context, req *dtos.CertificateValidateCertificateReq) (*dtos.CertificateValidateCertificateResp, error) { - certX509, err := certutil.ParseCertificateFromPEM(req.Certificate) + certX509, err := xcert.ParseCertificateFromPEM(req.Certificate) if err != nil { return nil, err } else if time.Now().After(certX509.NotAfter) { diff --git a/internal/deployer/deployer.go b/internal/deployer/deployer.go index c73120ba..be98eee2 100644 --- a/internal/deployer/deployer.go +++ b/internal/deployer/deployer.go @@ -5,9 +5,9 @@ import ( "fmt" "log/slog" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" + "github.com/certimate-go/certimate/pkg/core" ) type Deployer interface { @@ -46,20 +46,22 @@ func NewWithWorkflowNode(config DeployerWithWorkflowNodeConfig) (Deployer, error } } - deployerProvider, err := createDeployerProvider(options) + deployer, err := createSSLDeployerProvider(options) if err != nil { return nil, err + } else { + deployer.SetLogger(config.Logger) } return &deployerImpl{ - provider: deployerProvider.WithLogger(config.Logger), + provider: deployer, certPEM: config.CertificatePEM, privkeyPEM: config.PrivateKeyPEM, }, nil } type deployerImpl struct { - provider deployer.Deployer + provider core.SSLDeployer certPEM string privkeyPEM string } diff --git a/internal/deployer/providers.go b/internal/deployer/providers.go index 8479cade..19362290 100644 --- a/internal/deployer/providers.go +++ b/internal/deployer/providers.go @@ -5,106 +5,106 @@ import ( "net/http" "strings" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - p1PanelConsole "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/1panel-console" - p1PanelSite "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/1panel-site" - pAliyunALB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-alb" - pAliyunAPIGW "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-apigw" - pAliyunCAS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-cas" - pAliyunCASDeploy "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-cas-deploy" - pAliyunCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-cdn" - pAliyunCLB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-clb" - pAliyunDCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-dcdn" - pAliyunDDoS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-ddos" - pAliyunESA "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-esa" - pAliyunFC "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-fc" - pAliyunGA "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-ga" - pAliyunLive "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-live" - pAliyunNLB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-nlb" - pAliyunOSS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-oss" - pAliyunVOD "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-vod" - pAliyunWAF "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-waf" - pAPISIX "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/apisix" - pAWSACM "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aws-acm" - pAWSCloudFront "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aws-cloudfront" - pAWSIAM "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aws-iam" - pAzureKeyVault "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/azure-keyvault" - pBaiduCloudAppBLB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baiducloud-appblb" - pBaiduCloudBLB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baiducloud-blb" - pBaiduCloudCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baiducloud-cdn" - pBaiduCloudCert "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baiducloud-cert" - pBaishanCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baishan-cdn" - pBaotaPanelConsole "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotapanel-console" - pBaotaPanelSite "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotapanel-site" - pBaotaWAFConsole "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotawaf-console" - pBaotaWAFSite "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotawaf-site" - pBunnyCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/bunny-cdn" - pBytePlusCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/byteplus-cdn" - pCacheFly "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/cachefly" - pCdnfly "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/cdnfly" - pCTCCCloudAO "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ctcccloud-ao" - pCTCCCloudCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ctcccloud-cdn" - pCTCCCloudCMS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ctcccloud-cms" - pCTCCCloudELB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ctcccloud-elb" - pCTCCCloudICDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ctcccloud-icdn" - pCTCCCloudLVDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ctcccloud-lvdn" - pDogeCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/dogecloud-cdn" - pEdgioApplications "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/edgio-applications" - pFlexCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/flexcdn" - pGcoreCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/gcore-cdn" - pGoEdge "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/goedge" - pHuaweiCloudCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/huaweicloud-cdn" - pHuaweiCloudELB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/huaweicloud-elb" - pHuaweiCloudSCM "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/huaweicloud-scm" - pHuaweiCloudWAF "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/huaweicloud-waf" - pJDCloudALB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/jdcloud-alb" - pJDCloudCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/jdcloud-cdn" - pJDCloudLive "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/jdcloud-live" - pJDCloudVOD "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/jdcloud-vod" - pK8sSecret "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/k8s-secret" - pLeCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/lecdn" - pLocal "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/local" - pNetlifySite "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/netlify-site" - pProxmoxVE "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/proxmoxve" - pQiniuCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/qiniu-cdn" - pQiniuPili "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/qiniu-pili" - pRainYunRCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/rainyun-rcdn" - pRatPanelConsole "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ratpanel-console" - pRatPanelSite "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ratpanel-site" - pSafeLine "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/safeline" - pSSH "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ssh" - pTencentCloudCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-cdn" - pTencentCloudCLB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-clb" - pTencentCloudCOS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-cos" - pTencentCloudCSS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-css" - pTencentCloudECDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-ecdn" - pTencentCloudEO "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-eo" - pTencentCloudGAAP "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-gaap" - pTencentCloudSCF "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-scf" - pTencentCloudSSL "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-ssl" - pTencentCloudSSLDeploy "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-ssl-deploy" - pTencentCloudVOD "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-vod" - pTencentCloudWAF "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-waf" - pUCloudUCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ucloud-ucdn" - pUCloudUS3 "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ucloud-us3" - pUniCloudWebHost "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/unicloud-webhost" - pUpyunCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/upyun-cdn" - pVolcEngineALB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-alb" - pVolcEngineCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-cdn" - pVolcEngineCertCenter "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-certcenter" - pVolcEngineCLB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-clb" - pVolcEngineDCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-dcdn" - pVolcEngineImageX "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-imagex" - pVolcEngineLive "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-live" - pVolcEngineTOS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-tos" - pWangsuCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/wangsu-cdn" - pWangsuCDNPro "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/wangsu-cdnpro" - pWangsuCertificate "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/wangsu-certificate" - pWebhook "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/webhook" - httputil "github.com/usual2970/certimate/internal/pkg/utils/http" - maputil "github.com/usual2970/certimate/internal/pkg/utils/map" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/pkg/core" + p1PanelConsole "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/1panel-console" + p1PanelSite "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/1panel-site" + pAliyunALB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-alb" + pAliyunAPIGW "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-apigw" + pAliyunCAS "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-cas" + pAliyunCASDeploy "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-cas-deploy" + pAliyunCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-cdn" + pAliyunCLB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-clb" + pAliyunDCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-dcdn" + pAliyunDDoS "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-ddos" + pAliyunESA "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-esa" + pAliyunFC "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-fc" + pAliyunGA "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-ga" + pAliyunLive "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-live" + pAliyunNLB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-nlb" + pAliyunOSS "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-oss" + pAliyunVOD "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-vod" + pAliyunWAF "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-waf" + pAPISIX "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/apisix" + pAWSACM "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aws-acm" + pAWSCloudFront "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aws-cloudfront" + pAWSIAM "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aws-iam" + pAzureKeyVault "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/azure-keyvault" + pBaiduCloudAppBLB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baiducloud-appblb" + pBaiduCloudBLB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baiducloud-blb" + pBaiduCloudCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baiducloud-cdn" + pBaiduCloudCert "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baiducloud-cert" + pBaishanCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baishan-cdn" + pBaotaPanelConsole "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baotapanel-console" + pBaotaPanelSite "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baotapanel-site" + pBaotaWAFConsole "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baotawaf-console" + pBaotaWAFSite "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baotawaf-site" + pBunnyCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/bunny-cdn" + pBytePlusCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/byteplus-cdn" + pCacheFly "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/cachefly" + pCdnfly "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/cdnfly" + pCTCCCloudAO "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-ao" + pCTCCCloudCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-cdn" + pCTCCCloudCMS "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-cms" + pCTCCCloudELB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-elb" + pCTCCCloudICDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-icdn" + pCTCCCloudLVDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-lvdn" + pDogeCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/dogecloud-cdn" + pEdgioApplications "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/edgio-applications" + pFlexCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/flexcdn" + pGcoreCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/gcore-cdn" + pGoEdge "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/goedge" + pHuaweiCloudCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/huaweicloud-cdn" + pHuaweiCloudELB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/huaweicloud-elb" + pHuaweiCloudSCM "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/huaweicloud-scm" + pHuaweiCloudWAF "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/huaweicloud-waf" + pJDCloudALB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/jdcloud-alb" + pJDCloudCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/jdcloud-cdn" + pJDCloudLive "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/jdcloud-live" + pJDCloudVOD "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/jdcloud-vod" + pK8sSecret "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/k8s-secret" + pLeCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/lecdn" + pLocal "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/local" + pNetlifySite "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/netlify-site" + pProxmoxVE "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/proxmoxve" + pQiniuCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/qiniu-cdn" + pQiniuPili "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/qiniu-pili" + pRainYunRCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/rainyun-rcdn" + pRatPanelConsole "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ratpanel-console" + pRatPanelSite "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ratpanel-site" + pSafeLine "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/safeline" + pSSH "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ssh" + pTencentCloudCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-cdn" + pTencentCloudCLB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-clb" + pTencentCloudCOS "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-cos" + pTencentCloudCSS "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-css" + pTencentCloudECDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-ecdn" + pTencentCloudEO "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-eo" + pTencentCloudGAAP "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-gaap" + pTencentCloudSCF "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-scf" + pTencentCloudSSL "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-ssl" + pTencentCloudSSLDeploy "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-ssl-deploy" + pTencentCloudVOD "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-vod" + pTencentCloudWAF "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-waf" + pUCloudUCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ucloud-ucdn" + pUCloudUS3 "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ucloud-us3" + pUniCloudWebHost "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/unicloud-webhost" + pUpyunCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/upyun-cdn" + pVolcEngineALB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-alb" + pVolcEngineCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-cdn" + pVolcEngineCertCenter "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-certcenter" + pVolcEngineCLB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-clb" + pVolcEngineDCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-dcdn" + pVolcEngineImageX "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-imagex" + pVolcEngineLive "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-live" + pVolcEngineTOS "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-tos" + pWangsuCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/wangsu-cdn" + pWangsuCDNPro "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/wangsu-cdnpro" + pWangsuCertificate "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/wangsu-certificate" + pWebhook "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/webhook" + xhttp "github.com/certimate-go/certimate/pkg/utils/http" + xmaps "github.com/certimate-go/certimate/pkg/utils/maps" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) type deployerProviderOptions struct { @@ -113,7 +113,7 @@ type deployerProviderOptions struct { ProviderServiceConfig map[string]any } -func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer, error) { +func createSSLDeployerProvider(options *deployerProviderOptions) (core.SSLDeployer, error) { /* 注意:如果追加新的常量值,请保持以 ASCII 排序。 NOTICE: If you add new constant, please keep ASCII order. @@ -122,30 +122,30 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderType1PanelConsole, domain.DeploymentProviderType1PanelSite: { access := domain.AccessConfigFor1Panel{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderType1PanelConsole: - deployer, err := p1PanelConsole.NewDeployer(&p1PanelConsole.DeployerConfig{ + deployer, err := p1PanelConsole.NewSSLDeployerProvider(&p1PanelConsole.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiVersion: access.ApiVersion, ApiKey: access.ApiKey, AllowInsecureConnections: access.AllowInsecureConnections, - AutoRestart: maputil.GetBool(options.ProviderServiceConfig, "autoRestart"), + AutoRestart: xmaps.GetBool(options.ProviderServiceConfig, "autoRestart"), }) return deployer, err case domain.DeploymentProviderType1PanelSite: - deployer, err := p1PanelSite.NewDeployer(&p1PanelSite.DeployerConfig{ + deployer, err := p1PanelSite.NewSSLDeployerProvider(&p1PanelSite.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiVersion: access.ApiVersion, ApiKey: access.ApiKey, AllowInsecureConnections: access.AllowInsecureConnections, - ResourceType: p1PanelSite.ResourceType(maputil.GetOrDefaultString(options.ProviderServiceConfig, "resourceType", string(p1PanelSite.RESOURCE_TYPE_WEBSITE))), - WebsiteId: maputil.GetInt64(options.ProviderServiceConfig, "websiteId"), - CertificateId: maputil.GetInt64(options.ProviderServiceConfig, "certificateId"), + ResourceType: p1PanelSite.ResourceType(xmaps.GetOrDefaultString(options.ProviderServiceConfig, "resourceType", string(p1PanelSite.RESOURCE_TYPE_WEBSITE))), + WebsiteId: xmaps.GetInt64(options.ProviderServiceConfig, "websiteId"), + CertificateId: xmaps.GetInt64(options.ProviderServiceConfig, "certificateId"), }) return deployer, err @@ -157,181 +157,181 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeAliyunALB, domain.DeploymentProviderTypeAliyunAPIGW, domain.DeploymentProviderTypeAliyunCAS, domain.DeploymentProviderTypeAliyunCASDeploy, domain.DeploymentProviderTypeAliyunCDN, domain.DeploymentProviderTypeAliyunCLB, domain.DeploymentProviderTypeAliyunDCDN, domain.DeploymentProviderTypeAliyunDDoS, domain.DeploymentProviderTypeAliyunESA, domain.DeploymentProviderTypeAliyunFC, domain.DeploymentProviderTypeAliyunGA, domain.DeploymentProviderTypeAliyunLive, domain.DeploymentProviderTypeAliyunNLB, domain.DeploymentProviderTypeAliyunOSS, domain.DeploymentProviderTypeAliyunVOD, domain.DeploymentProviderTypeAliyunWAF: { access := domain.AccessConfigForAliyun{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeAliyunALB: - deployer, err := pAliyunALB.NewDeployer(&pAliyunALB.DeployerConfig{ + deployer, err := pAliyunALB.NewSSLDeployerProvider(&pAliyunALB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pAliyunALB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pAliyunALB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunAPIGW: - deployer, err := pAliyunAPIGW.NewDeployer(&pAliyunAPIGW.DeployerConfig{ + deployer, err := pAliyunAPIGW.NewSSLDeployerProvider(&pAliyunAPIGW.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ServiceType: pAliyunAPIGW.ServiceType(maputil.GetString(options.ProviderServiceConfig, "serviceType")), - GatewayId: maputil.GetString(options.ProviderServiceConfig, "gatewayId"), - GroupId: maputil.GetString(options.ProviderServiceConfig, "groupId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ServiceType: pAliyunAPIGW.ServiceType(xmaps.GetString(options.ProviderServiceConfig, "serviceType")), + GatewayId: xmaps.GetString(options.ProviderServiceConfig, "gatewayId"), + GroupId: xmaps.GetString(options.ProviderServiceConfig, "groupId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunCAS: - deployer, err := pAliyunCAS.NewDeployer(&pAliyunCAS.DeployerConfig{ + deployer, err := pAliyunCAS.NewSSLDeployerProvider(&pAliyunCAS.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), }) return deployer, err case domain.DeploymentProviderTypeAliyunCASDeploy: - deployer, err := pAliyunCASDeploy.NewDeployer(&pAliyunCASDeploy.DeployerConfig{ + deployer, err := pAliyunCASDeploy.NewSSLDeployerProvider(&pAliyunCASDeploy.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceIds: sliceutil.Filter(strings.Split(maputil.GetString(options.ProviderServiceConfig, "resourceIds"), ";"), func(s string) bool { return s != "" }), - ContactIds: sliceutil.Filter(strings.Split(maputil.GetString(options.ProviderServiceConfig, "contactIds"), ";"), func(s string) bool { return s != "" }), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceIds: xslices.Filter(strings.Split(xmaps.GetString(options.ProviderServiceConfig, "resourceIds"), ";"), func(s string) bool { return s != "" }), + ContactIds: xslices.Filter(strings.Split(xmaps.GetString(options.ProviderServiceConfig, "contactIds"), ";"), func(s string) bool { return s != "" }), }) return deployer, err case domain.DeploymentProviderTypeAliyunCDN: - deployer, err := pAliyunCDN.NewDeployer(&pAliyunCDN.DeployerConfig{ + deployer, err := pAliyunCDN.NewSSLDeployerProvider(&pAliyunCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunCLB: - deployer, err := pAliyunCLB.NewDeployer(&pAliyunCLB.DeployerConfig{ + deployer, err := pAliyunCLB.NewSSLDeployerProvider(&pAliyunCLB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pAliyunCLB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerPort: maputil.GetOrDefaultInt32(options.ProviderServiceConfig, "listenerPort", 443), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pAliyunCLB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerPort: xmaps.GetOrDefaultInt32(options.ProviderServiceConfig, "listenerPort", 443), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunDCDN: - deployer, err := pAliyunDCDN.NewDeployer(&pAliyunDCDN.DeployerConfig{ + deployer, err := pAliyunDCDN.NewSSLDeployerProvider(&pAliyunDCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunDDoS: - deployer, err := pAliyunDDoS.NewDeployer(&pAliyunDDoS.DeployerConfig{ + deployer, err := pAliyunDDoS.NewSSLDeployerProvider(&pAliyunDDoS.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunESA: - deployer, err := pAliyunESA.NewDeployer(&pAliyunESA.DeployerConfig{ + deployer, err := pAliyunESA.NewSSLDeployerProvider(&pAliyunESA.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - SiteId: maputil.GetInt64(options.ProviderServiceConfig, "siteId"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + SiteId: xmaps.GetInt64(options.ProviderServiceConfig, "siteId"), }) return deployer, err case domain.DeploymentProviderTypeAliyunFC: - deployer, err := pAliyunFC.NewDeployer(&pAliyunFC.DeployerConfig{ + deployer, err := pAliyunFC.NewSSLDeployerProvider(&pAliyunFC.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ServiceVersion: maputil.GetOrDefaultString(options.ProviderServiceConfig, "serviceVersion", "3.0"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ServiceVersion: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "serviceVersion", "3.0"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunGA: - deployer, err := pAliyunGA.NewDeployer(&pAliyunGA.DeployerConfig{ + deployer, err := pAliyunGA.NewSSLDeployerProvider(&pAliyunGA.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - ResourceType: pAliyunGA.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - AcceleratorId: maputil.GetString(options.ProviderServiceConfig, "acceleratorId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + ResourceType: pAliyunGA.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + AcceleratorId: xmaps.GetString(options.ProviderServiceConfig, "acceleratorId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunLive: - deployer, err := pAliyunLive.NewDeployer(&pAliyunLive.DeployerConfig{ + deployer, err := pAliyunLive.NewSSLDeployerProvider(&pAliyunLive.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunNLB: - deployer, err := pAliyunNLB.NewDeployer(&pAliyunNLB.DeployerConfig{ + deployer, err := pAliyunNLB.NewSSLDeployerProvider(&pAliyunNLB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pAliyunNLB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pAliyunNLB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), }) return deployer, err case domain.DeploymentProviderTypeAliyunOSS: - deployer, err := pAliyunOSS.NewDeployer(&pAliyunOSS.DeployerConfig{ + deployer, err := pAliyunOSS.NewSSLDeployerProvider(&pAliyunOSS.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Bucket: maputil.GetString(options.ProviderServiceConfig, "bucket"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Bucket: xmaps.GetString(options.ProviderServiceConfig, "bucket"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunVOD: - deployer, err := pAliyunVOD.NewDeployer(&pAliyunVOD.DeployerConfig{ + deployer, err := pAliyunVOD.NewSSLDeployerProvider(&pAliyunVOD.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunWAF: - deployer, err := pAliyunWAF.NewDeployer(&pAliyunWAF.DeployerConfig{ + deployer, err := pAliyunWAF.NewSSLDeployerProvider(&pAliyunWAF.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ServiceVersion: maputil.GetOrDefaultString(options.ProviderServiceConfig, "serviceVersion", "3.0"), - InstanceId: maputil.GetString(options.ProviderServiceConfig, "instanceId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ServiceVersion: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "serviceVersion", "3.0"), + InstanceId: xmaps.GetString(options.ProviderServiceConfig, "instanceId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -343,16 +343,16 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeAPISIX: { access := domain.AccessConfigForAPISIX{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pAPISIX.NewDeployer(&pAPISIX.DeployerConfig{ + deployer, err := pAPISIX.NewSSLDeployerProvider(&pAPISIX.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiKey: access.ApiKey, AllowInsecureConnections: access.AllowInsecureConnections, - ResourceType: pAPISIX.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - CertificateId: maputil.GetString(options.ProviderServiceConfig, "certificateId"), + ResourceType: pAPISIX.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + CertificateId: xmaps.GetString(options.ProviderServiceConfig, "certificateId"), }) return deployer, err } @@ -360,36 +360,36 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeAWSACM, domain.DeploymentProviderTypeAWSCloudFront, domain.DeploymentProviderTypeAWSIAM: { access := domain.AccessConfigForAWS{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeAWSACM: - deployer, err := pAWSACM.NewDeployer(&pAWSACM.DeployerConfig{ + deployer, err := pAWSACM.NewSSLDeployerProvider(&pAWSACM.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - CertificateArn: maputil.GetString(options.ProviderServiceConfig, "certificateArn"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + CertificateArn: xmaps.GetString(options.ProviderServiceConfig, "certificateArn"), }) return deployer, err case domain.DeploymentProviderTypeAWSCloudFront: - deployer, err := pAWSCloudFront.NewDeployer(&pAWSCloudFront.DeployerConfig{ + deployer, err := pAWSCloudFront.NewSSLDeployerProvider(&pAWSCloudFront.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - DistributionId: maputil.GetString(options.ProviderServiceConfig, "distributionId"), - CertificateSource: maputil.GetOrDefaultString(options.ProviderServiceConfig, "certificateSource", "ACM"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + DistributionId: xmaps.GetString(options.ProviderServiceConfig, "distributionId"), + CertificateSource: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "certificateSource", "ACM"), }) return deployer, err case domain.DeploymentProviderTypeAWSIAM: - deployer, err := pAWSIAM.NewDeployer(&pAWSIAM.DeployerConfig{ + deployer, err := pAWSIAM.NewSSLDeployerProvider(&pAWSIAM.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - CertificatePath: maputil.GetOrDefaultString(options.ProviderServiceConfig, "certificatePath", "/"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + CertificatePath: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "certificatePath", "/"), }) return deployer, err @@ -401,19 +401,19 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeAzureKeyVault: { access := domain.AccessConfigForAzure{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeAzureKeyVault: - deployer, err := pAzureKeyVault.NewDeployer(&pAzureKeyVault.DeployerConfig{ + deployer, err := pAzureKeyVault.NewSSLDeployerProvider(&pAzureKeyVault.SSLDeployerProviderConfig{ TenantId: access.TenantId, ClientId: access.ClientId, ClientSecret: access.ClientSecret, CloudName: access.CloudName, - KeyVaultName: maputil.GetString(options.ProviderServiceConfig, "keyvaultName"), - CertificateName: maputil.GetString(options.ProviderServiceConfig, "certificateName"), + KeyVaultName: xmaps.GetString(options.ProviderServiceConfig, "keyvaultName"), + CertificateName: xmaps.GetString(options.ProviderServiceConfig, "certificateName"), }) return deployer, err @@ -425,45 +425,45 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeBaiduCloudAppBLB, domain.DeploymentProviderTypeBaiduCloudBLB, domain.DeploymentProviderTypeBaiduCloudCDN, domain.DeploymentProviderTypeBaiduCloudCert: { access := domain.AccessConfigForBaiduCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeBaiduCloudAppBLB: - deployer, err := pBaiduCloudAppBLB.NewDeployer(&pBaiduCloudAppBLB.DeployerConfig{ + deployer, err := pBaiduCloudAppBLB.NewSSLDeployerProvider(&pBaiduCloudAppBLB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pBaiduCloudAppBLB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerPort: maputil.GetInt32(options.ProviderServiceConfig, "listenerPort"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pBaiduCloudAppBLB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerPort: xmaps.GetInt32(options.ProviderServiceConfig, "listenerPort"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeBaiduCloudBLB: - deployer, err := pBaiduCloudBLB.NewDeployer(&pBaiduCloudBLB.DeployerConfig{ + deployer, err := pBaiduCloudBLB.NewSSLDeployerProvider(&pBaiduCloudBLB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pBaiduCloudBLB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerPort: maputil.GetInt32(options.ProviderServiceConfig, "listenerPort"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pBaiduCloudBLB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerPort: xmaps.GetInt32(options.ProviderServiceConfig, "listenerPort"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeBaiduCloudCDN: - deployer, err := pBaiduCloudCDN.NewDeployer(&pBaiduCloudCDN.DeployerConfig{ + deployer, err := pBaiduCloudCDN.NewSSLDeployerProvider(&pBaiduCloudCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeBaiduCloudCert: - deployer, err := pBaiduCloudCert.NewDeployer(&pBaiduCloudCert.DeployerConfig{ + deployer, err := pBaiduCloudCert.NewSSLDeployerProvider(&pBaiduCloudCert.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, }) @@ -477,16 +477,16 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeBaishanCDN: { access := domain.AccessConfigForBaishan{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeBaishanCDN: - deployer, err := pBaishanCDN.NewDeployer(&pBaishanCDN.DeployerConfig{ + deployer, err := pBaishanCDN.NewSSLDeployerProvider(&pBaishanCDN.SSLDeployerProviderConfig{ ApiToken: access.ApiToken, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), - CertificateId: maputil.GetString(options.ProviderServiceConfig, "certificateId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), + CertificateId: xmaps.GetString(options.ProviderServiceConfig, "certificateId"), }) return deployer, err @@ -498,28 +498,28 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeBaotaPanelConsole, domain.DeploymentProviderTypeBaotaPanelSite: { access := domain.AccessConfigForBaotaPanel{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeBaotaPanelConsole: - deployer, err := pBaotaPanelConsole.NewDeployer(&pBaotaPanelConsole.DeployerConfig{ + deployer, err := pBaotaPanelConsole.NewSSLDeployerProvider(&pBaotaPanelConsole.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiKey: access.ApiKey, AllowInsecureConnections: access.AllowInsecureConnections, - AutoRestart: maputil.GetBool(options.ProviderServiceConfig, "autoRestart"), + AutoRestart: xmaps.GetBool(options.ProviderServiceConfig, "autoRestart"), }) return deployer, err case domain.DeploymentProviderTypeBaotaPanelSite: - deployer, err := pBaotaPanelSite.NewDeployer(&pBaotaPanelSite.DeployerConfig{ + deployer, err := pBaotaPanelSite.NewSSLDeployerProvider(&pBaotaPanelSite.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiKey: access.ApiKey, AllowInsecureConnections: access.AllowInsecureConnections, - SiteType: maputil.GetOrDefaultString(options.ProviderServiceConfig, "siteType", "other"), - SiteName: maputil.GetString(options.ProviderServiceConfig, "siteName"), - SiteNames: sliceutil.Filter(strings.Split(maputil.GetString(options.ProviderServiceConfig, "siteNames"), ";"), func(s string) bool { return s != "" }), + SiteType: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "siteType", "other"), + SiteName: xmaps.GetString(options.ProviderServiceConfig, "siteName"), + SiteNames: xslices.Filter(strings.Split(xmaps.GetString(options.ProviderServiceConfig, "siteNames"), ";"), func(s string) bool { return s != "" }), }) return deployer, err @@ -531,13 +531,13 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeBaotaWAFConsole, domain.DeploymentProviderTypeBaotaWAFSite: { access := domain.AccessConfigForBaotaWAF{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeBaotaWAFConsole: - deployer, err := pBaotaWAFConsole.NewDeployer(&pBaotaWAFConsole.DeployerConfig{ + deployer, err := pBaotaWAFConsole.NewSSLDeployerProvider(&pBaotaWAFConsole.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiKey: access.ApiKey, AllowInsecureConnections: access.AllowInsecureConnections, @@ -545,12 +545,12 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer return deployer, err case domain.DeploymentProviderTypeBaotaWAFSite: - deployer, err := pBaotaWAFSite.NewDeployer(&pBaotaWAFSite.DeployerConfig{ + deployer, err := pBaotaWAFSite.NewSSLDeployerProvider(&pBaotaWAFSite.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiKey: access.ApiKey, AllowInsecureConnections: access.AllowInsecureConnections, - SiteName: maputil.GetString(options.ProviderServiceConfig, "siteName"), - SitePort: maputil.GetOrDefaultInt32(options.ProviderServiceConfig, "sitePort", 443), + SiteName: xmaps.GetString(options.ProviderServiceConfig, "siteName"), + SitePort: xmaps.GetOrDefaultInt32(options.ProviderServiceConfig, "sitePort", 443), }) return deployer, err @@ -562,14 +562,14 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeBunnyCDN: { access := domain.AccessConfigForBunny{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pBunnyCDN.NewDeployer(&pBunnyCDN.DeployerConfig{ + deployer, err := pBunnyCDN.NewSSLDeployerProvider(&pBunnyCDN.SSLDeployerProviderConfig{ ApiKey: access.ApiKey, - PullZoneId: maputil.GetString(options.ProviderServiceConfig, "pullZoneId"), - Hostname: maputil.GetString(options.ProviderServiceConfig, "hostname"), + PullZoneId: xmaps.GetString(options.ProviderServiceConfig, "pullZoneId"), + Hostname: xmaps.GetString(options.ProviderServiceConfig, "hostname"), }) return deployer, err } @@ -577,16 +577,16 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeBytePlusCDN: { access := domain.AccessConfigForBytePlus{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeBytePlusCDN: - deployer, err := pBytePlusCDN.NewDeployer(&pBytePlusCDN.DeployerConfig{ + deployer, err := pBytePlusCDN.NewSSLDeployerProvider(&pBytePlusCDN.SSLDeployerProviderConfig{ AccessKey: access.AccessKey, SecretKey: access.SecretKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -598,11 +598,11 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeCacheFly: { access := domain.AccessConfigForCacheFly{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pCacheFly.NewDeployer(&pCacheFly.DeployerConfig{ + deployer, err := pCacheFly.NewSSLDeployerProvider(&pCacheFly.SSLDeployerProviderConfig{ ApiToken: access.ApiToken, }) return deployer, err @@ -611,18 +611,18 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeCdnfly: { access := domain.AccessConfigForCdnfly{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pCdnfly.NewDeployer(&pCdnfly.DeployerConfig{ + deployer, err := pCdnfly.NewSSLDeployerProvider(&pCdnfly.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiKey: access.ApiKey, ApiSecret: access.ApiSecret, AllowInsecureConnections: access.AllowInsecureConnections, - ResourceType: pCdnfly.ResourceType(maputil.GetOrDefaultString(options.ProviderServiceConfig, "resourceType", string(pCdnfly.RESOURCE_TYPE_SITE))), - SiteId: maputil.GetString(options.ProviderServiceConfig, "siteId"), - CertificateId: maputil.GetString(options.ProviderServiceConfig, "certificateId"), + ResourceType: pCdnfly.ResourceType(xmaps.GetOrDefaultString(options.ProviderServiceConfig, "resourceType", string(pCdnfly.RESOURCE_TYPE_SITE))), + SiteId: xmaps.GetString(options.ProviderServiceConfig, "siteId"), + CertificateId: xmaps.GetString(options.ProviderServiceConfig, "certificateId"), }) return deployer, err } @@ -630,58 +630,58 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeCTCCCloudAO, domain.DeploymentProviderTypeCTCCCloudCDN, domain.DeploymentProviderTypeCTCCCloudCMS, domain.DeploymentProviderTypeCTCCCloudELB, domain.DeploymentProviderTypeCTCCCloudICDN, domain.DeploymentProviderTypeCTCCCloudLVDN: { access := domain.AccessConfigForCTCCCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeCTCCCloudAO: - deployer, err := pCTCCCloudAO.NewDeployer(&pCTCCCloudAO.DeployerConfig{ + deployer, err := pCTCCCloudAO.NewSSLDeployerProvider(&pCTCCCloudAO.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeCTCCCloudCDN: - deployer, err := pCTCCCloudCDN.NewDeployer(&pCTCCCloudCDN.DeployerConfig{ + deployer, err := pCTCCCloudCDN.NewSSLDeployerProvider(&pCTCCCloudCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeCTCCCloudCMS: - deployer, err := pCTCCCloudCMS.NewDeployer(&pCTCCCloudCMS.DeployerConfig{ + deployer, err := pCTCCCloudCMS.NewSSLDeployerProvider(&pCTCCCloudCMS.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, }) return deployer, err case domain.DeploymentProviderTypeCTCCCloudELB: - deployer, err := pCTCCCloudELB.NewDeployer(&pCTCCCloudELB.DeployerConfig{ + deployer, err := pCTCCCloudELB.NewSSLDeployerProvider(&pCTCCCloudELB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - RegionId: maputil.GetString(options.ProviderServiceConfig, "regionId"), - ResourceType: pCTCCCloudELB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), + RegionId: xmaps.GetString(options.ProviderServiceConfig, "regionId"), + ResourceType: pCTCCCloudELB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), }) return deployer, err case domain.DeploymentProviderTypeCTCCCloudICDN: - deployer, err := pCTCCCloudICDN.NewDeployer(&pCTCCCloudICDN.DeployerConfig{ + deployer, err := pCTCCCloudICDN.NewSSLDeployerProvider(&pCTCCCloudICDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeCTCCCloudLVDN: - deployer, err := pCTCCCloudLVDN.NewDeployer(&pCTCCCloudLVDN.DeployerConfig{ + deployer, err := pCTCCCloudLVDN.NewSSLDeployerProvider(&pCTCCCloudLVDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -693,14 +693,14 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeDogeCloudCDN: { access := domain.AccessConfigForDogeCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pDogeCDN.NewDeployer(&pDogeCDN.DeployerConfig{ + deployer, err := pDogeCDN.NewSSLDeployerProvider(&pDogeCDN.SSLDeployerProviderConfig{ AccessKey: access.AccessKey, SecretKey: access.SecretKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err } @@ -708,14 +708,14 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeEdgioApplications: { access := domain.AccessConfigForEdgio{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pEdgioApplications.NewDeployer(&pEdgioApplications.DeployerConfig{ + deployer, err := pEdgioApplications.NewSSLDeployerProvider(&pEdgioApplications.SSLDeployerProviderConfig{ ClientId: access.ClientId, ClientSecret: access.ClientSecret, - EnvironmentId: maputil.GetString(options.ProviderServiceConfig, "environmentId"), + EnvironmentId: xmaps.GetString(options.ProviderServiceConfig, "environmentId"), }) return deployer, err } @@ -723,18 +723,18 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeFlexCDN: { access := domain.AccessConfigForFlexCDN{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pFlexCDN.NewDeployer(&pFlexCDN.DeployerConfig{ + deployer, err := pFlexCDN.NewSSLDeployerProvider(&pFlexCDN.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiRole: access.ApiRole, AccessKeyId: access.AccessKeyId, AccessKey: access.AccessKey, AllowInsecureConnections: access.AllowInsecureConnections, - ResourceType: pFlexCDN.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - CertificateId: maputil.GetInt64(options.ProviderServiceConfig, "certificateId"), + ResourceType: pFlexCDN.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + CertificateId: xmaps.GetInt64(options.ProviderServiceConfig, "certificateId"), }) return deployer, err } @@ -742,16 +742,16 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeGcoreCDN: { access := domain.AccessConfigForGcore{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeGcoreCDN: - deployer, err := pGcoreCDN.NewDeployer(&pGcoreCDN.DeployerConfig{ + deployer, err := pGcoreCDN.NewSSLDeployerProvider(&pGcoreCDN.SSLDeployerProviderConfig{ ApiToken: access.ApiToken, - ResourceId: maputil.GetInt64(options.ProviderServiceConfig, "resourceId"), - CertificateId: maputil.GetInt64(options.ProviderServiceConfig, "certificateId"), + ResourceId: xmaps.GetInt64(options.ProviderServiceConfig, "resourceId"), + CertificateId: xmaps.GetInt64(options.ProviderServiceConfig, "certificateId"), }) return deployer, err @@ -763,18 +763,18 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeGoEdge: { access := domain.AccessConfigForGoEdge{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pGoEdge.NewDeployer(&pGoEdge.DeployerConfig{ + deployer, err := pGoEdge.NewSSLDeployerProvider(&pGoEdge.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiRole: access.ApiRole, AccessKeyId: access.AccessKeyId, AccessKey: access.AccessKey, AllowInsecureConnections: access.AllowInsecureConnections, - ResourceType: pGoEdge.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - CertificateId: maputil.GetInt64(options.ProviderServiceConfig, "certificateId"), + ResourceType: pGoEdge.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + CertificateId: xmaps.GetInt64(options.ProviderServiceConfig, "certificateId"), }) return deployer, err } @@ -782,36 +782,36 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeHuaweiCloudCDN, domain.DeploymentProviderTypeHuaweiCloudELB, domain.DeploymentProviderTypeHuaweiCloudSCM, domain.DeploymentProviderTypeHuaweiCloudWAF: { access := domain.AccessConfigForHuaweiCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeHuaweiCloudCDN: - deployer, err := pHuaweiCloudCDN.NewDeployer(&pHuaweiCloudCDN.DeployerConfig{ + deployer, err := pHuaweiCloudCDN.NewSSLDeployerProvider(&pHuaweiCloudCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, EnterpriseProjectId: access.EnterpriseProjectId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeHuaweiCloudELB: - deployer, err := pHuaweiCloudELB.NewDeployer(&pHuaweiCloudELB.DeployerConfig{ + deployer, err := pHuaweiCloudELB.NewSSLDeployerProvider(&pHuaweiCloudELB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, EnterpriseProjectId: access.EnterpriseProjectId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pHuaweiCloudELB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - CertificateId: maputil.GetString(options.ProviderServiceConfig, "certificateId"), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pHuaweiCloudELB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + CertificateId: xmaps.GetString(options.ProviderServiceConfig, "certificateId"), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), }) return deployer, err case domain.DeploymentProviderTypeHuaweiCloudSCM: - deployer, err := pHuaweiCloudSCM.NewDeployer(&pHuaweiCloudSCM.DeployerConfig{ + deployer, err := pHuaweiCloudSCM.NewSSLDeployerProvider(&pHuaweiCloudSCM.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, EnterpriseProjectId: access.EnterpriseProjectId, @@ -819,14 +819,14 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer return deployer, err case domain.DeploymentProviderTypeHuaweiCloudWAF: - deployer, err := pHuaweiCloudWAF.NewDeployer(&pHuaweiCloudWAF.DeployerConfig{ + deployer, err := pHuaweiCloudWAF.NewSSLDeployerProvider(&pHuaweiCloudWAF.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, EnterpriseProjectId: access.EnterpriseProjectId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pHuaweiCloudWAF.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - CertificateId: maputil.GetString(options.ProviderServiceConfig, "certificateId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pHuaweiCloudWAF.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + CertificateId: xmaps.GetString(options.ProviderServiceConfig, "certificateId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -838,43 +838,43 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeJDCloudALB, domain.DeploymentProviderTypeJDCloudCDN, domain.DeploymentProviderTypeJDCloudLive, domain.DeploymentProviderTypeJDCloudVOD: { access := domain.AccessConfigForJDCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeJDCloudALB: - deployer, err := pJDCloudALB.NewDeployer(&pJDCloudALB.DeployerConfig{ + deployer, err := pJDCloudALB.NewSSLDeployerProvider(&pJDCloudALB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - RegionId: maputil.GetString(options.ProviderServiceConfig, "regionId"), - ResourceType: pJDCloudALB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), + RegionId: xmaps.GetString(options.ProviderServiceConfig, "regionId"), + ResourceType: pJDCloudALB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), }) return deployer, err case domain.DeploymentProviderTypeJDCloudCDN: - deployer, err := pJDCloudCDN.NewDeployer(&pJDCloudCDN.DeployerConfig{ + deployer, err := pJDCloudCDN.NewSSLDeployerProvider(&pJDCloudCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeJDCloudLive: - deployer, err := pJDCloudLive.NewDeployer(&pJDCloudLive.DeployerConfig{ + deployer, err := pJDCloudLive.NewSSLDeployerProvider(&pJDCloudLive.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeJDCloudVOD: - deployer, err := pJDCloudVOD.NewDeployer(&pJDCloudVOD.DeployerConfig{ + deployer, err := pJDCloudVOD.NewSSLDeployerProvider(&pJDCloudVOD.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -886,39 +886,39 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeLeCDN: { access := domain.AccessConfigForLeCDN{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pLeCDN.NewDeployer(&pLeCDN.DeployerConfig{ + deployer, err := pLeCDN.NewSSLDeployerProvider(&pLeCDN.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiVersion: access.ApiVersion, ApiRole: access.ApiRole, Username: access.Username, Password: access.Password, AllowInsecureConnections: access.AllowInsecureConnections, - ResourceType: pLeCDN.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - CertificateId: maputil.GetInt64(options.ProviderServiceConfig, "certificateId"), - ClientId: maputil.GetInt64(options.ProviderServiceConfig, "clientId"), + ResourceType: pLeCDN.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + CertificateId: xmaps.GetInt64(options.ProviderServiceConfig, "certificateId"), + ClientId: xmaps.GetInt64(options.ProviderServiceConfig, "clientId"), }) return deployer, err } case domain.DeploymentProviderTypeLocal: { - deployer, err := pLocal.NewDeployer(&pLocal.DeployerConfig{ - ShellEnv: pLocal.ShellEnvType(maputil.GetString(options.ProviderServiceConfig, "shellEnv")), - PreCommand: maputil.GetString(options.ProviderServiceConfig, "preCommand"), - PostCommand: maputil.GetString(options.ProviderServiceConfig, "postCommand"), - OutputFormat: pLocal.OutputFormatType(maputil.GetOrDefaultString(options.ProviderServiceConfig, "format", string(pLocal.OUTPUT_FORMAT_PEM))), - OutputCertPath: maputil.GetString(options.ProviderServiceConfig, "certPath"), - OutputServerCertPath: maputil.GetString(options.ProviderServiceConfig, "certPathForServerOnly"), - OutputIntermediaCertPath: maputil.GetString(options.ProviderServiceConfig, "certPathForIntermediaOnly"), - OutputKeyPath: maputil.GetString(options.ProviderServiceConfig, "keyPath"), - PfxPassword: maputil.GetString(options.ProviderServiceConfig, "pfxPassword"), - JksAlias: maputil.GetString(options.ProviderServiceConfig, "jksAlias"), - JksKeypass: maputil.GetString(options.ProviderServiceConfig, "jksKeypass"), - JksStorepass: maputil.GetString(options.ProviderServiceConfig, "jksStorepass"), + deployer, err := pLocal.NewSSLDeployerProvider(&pLocal.SSLDeployerProviderConfig{ + ShellEnv: pLocal.ShellEnvType(xmaps.GetString(options.ProviderServiceConfig, "shellEnv")), + PreCommand: xmaps.GetString(options.ProviderServiceConfig, "preCommand"), + PostCommand: xmaps.GetString(options.ProviderServiceConfig, "postCommand"), + OutputFormat: pLocal.OutputFormatType(xmaps.GetOrDefaultString(options.ProviderServiceConfig, "format", string(pLocal.OUTPUT_FORMAT_PEM))), + OutputCertPath: xmaps.GetString(options.ProviderServiceConfig, "certPath"), + OutputServerCertPath: xmaps.GetString(options.ProviderServiceConfig, "certPathForServerOnly"), + OutputIntermediaCertPath: xmaps.GetString(options.ProviderServiceConfig, "certPathForIntermediaOnly"), + OutputKeyPath: xmaps.GetString(options.ProviderServiceConfig, "keyPath"), + PfxPassword: xmaps.GetString(options.ProviderServiceConfig, "pfxPassword"), + JksAlias: xmaps.GetString(options.ProviderServiceConfig, "jksAlias"), + JksKeypass: xmaps.GetString(options.ProviderServiceConfig, "jksKeypass"), + JksStorepass: xmaps.GetString(options.ProviderServiceConfig, "jksStorepass"), }) return deployer, err } @@ -926,17 +926,17 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeKubernetesSecret: { access := domain.AccessConfigForKubernetes{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pK8sSecret.NewDeployer(&pK8sSecret.DeployerConfig{ + deployer, err := pK8sSecret.NewSSLDeployerProvider(&pK8sSecret.SSLDeployerProviderConfig{ KubeConfig: access.KubeConfig, - Namespace: maputil.GetOrDefaultString(options.ProviderServiceConfig, "namespace", "default"), - SecretName: maputil.GetString(options.ProviderServiceConfig, "secretName"), - SecretType: maputil.GetOrDefaultString(options.ProviderServiceConfig, "secretType", "kubernetes.io/tls"), - SecretDataKeyForCrt: maputil.GetOrDefaultString(options.ProviderServiceConfig, "secretDataKeyForCrt", "tls.crt"), - SecretDataKeyForKey: maputil.GetOrDefaultString(options.ProviderServiceConfig, "secretDataKeyForKey", "tls.key"), + Namespace: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "namespace", "default"), + SecretName: xmaps.GetString(options.ProviderServiceConfig, "secretName"), + SecretType: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "secretType", "kubernetes.io/tls"), + SecretDataKeyForCrt: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "secretDataKeyForCrt", "tls.crt"), + SecretDataKeyForKey: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "secretDataKeyForKey", "tls.key"), }) return deployer, err } @@ -944,13 +944,13 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeNetlifySite: { access := domain.AccessConfigForNetlify{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pNetlifySite.NewDeployer(&pNetlifySite.DeployerConfig{ + deployer, err := pNetlifySite.NewSSLDeployerProvider(&pNetlifySite.SSLDeployerProviderConfig{ ApiToken: access.ApiToken, - SiteId: maputil.GetString(options.ProviderServiceConfig, "siteId"), + SiteId: xmaps.GetString(options.ProviderServiceConfig, "siteId"), }) return deployer, err } @@ -958,17 +958,17 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeProxmoxVE: { access := domain.AccessConfigForProxmoxVE{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pProxmoxVE.NewDeployer(&pProxmoxVE.DeployerConfig{ + deployer, err := pProxmoxVE.NewSSLDeployerProvider(&pProxmoxVE.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiToken: access.ApiToken, ApiTokenSecret: access.ApiTokenSecret, AllowInsecureConnections: access.AllowInsecureConnections, - NodeName: maputil.GetString(options.ProviderServiceConfig, "nodeName"), - AutoRestart: maputil.GetBool(options.ProviderServiceConfig, "autoRestart"), + NodeName: xmaps.GetString(options.ProviderServiceConfig, "nodeName"), + AutoRestart: xmaps.GetBool(options.ProviderServiceConfig, "autoRestart"), }) return deployer, err } @@ -976,25 +976,25 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeQiniuCDN, domain.DeploymentProviderTypeQiniuKodo, domain.DeploymentProviderTypeQiniuPili: { access := domain.AccessConfigForQiniu{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeQiniuCDN, domain.DeploymentProviderTypeQiniuKodo: - deployer, err := pQiniuCDN.NewDeployer(&pQiniuCDN.DeployerConfig{ + deployer, err := pQiniuCDN.NewSSLDeployerProvider(&pQiniuCDN.SSLDeployerProviderConfig{ AccessKey: access.AccessKey, SecretKey: access.SecretKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeQiniuPili: - deployer, err := pQiniuPili.NewDeployer(&pQiniuPili.DeployerConfig{ + deployer, err := pQiniuPili.NewSSLDeployerProvider(&pQiniuPili.SSLDeployerProviderConfig{ AccessKey: access.AccessKey, SecretKey: access.SecretKey, - Hub: maputil.GetString(options.ProviderServiceConfig, "hub"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Hub: xmaps.GetString(options.ProviderServiceConfig, "hub"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -1006,16 +1006,16 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeRainYunRCDN: { access := domain.AccessConfigForRainYun{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeTencentCloudCDN: - deployer, err := pRainYunRCDN.NewDeployer(&pRainYunRCDN.DeployerConfig{ + deployer, err := pRainYunRCDN.NewSSLDeployerProvider(&pRainYunRCDN.SSLDeployerProviderConfig{ ApiKey: access.ApiKey, - InstanceId: maputil.GetInt32(options.ProviderServiceConfig, "instanceId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + InstanceId: xmaps.GetInt32(options.ProviderServiceConfig, "instanceId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -1027,13 +1027,13 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeRatPanelConsole, domain.DeploymentProviderTypeRatPanelSite: { access := domain.AccessConfigForRatPanel{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeRatPanelConsole: - deployer, err := pRatPanelConsole.NewDeployer(&pRatPanelConsole.DeployerConfig{ + deployer, err := pRatPanelConsole.NewSSLDeployerProvider(&pRatPanelConsole.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, AccessTokenId: access.AccessTokenId, AccessToken: access.AccessToken, @@ -1042,12 +1042,12 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer return deployer, err case domain.DeploymentProviderTypeRatPanelSite: - deployer, err := pRatPanelSite.NewDeployer(&pRatPanelSite.DeployerConfig{ + deployer, err := pRatPanelSite.NewSSLDeployerProvider(&pRatPanelSite.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, AccessTokenId: access.AccessTokenId, AccessToken: access.AccessToken, AllowInsecureConnections: access.AllowInsecureConnections, - SiteName: maputil.GetString(options.ProviderServiceConfig, "siteName"), + SiteName: xmaps.GetString(options.ProviderServiceConfig, "siteName"), }) return deployer, err @@ -1059,16 +1059,16 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeSafeLine: { access := domain.AccessConfigForSafeLine{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pSafeLine.NewDeployer(&pSafeLine.DeployerConfig{ + deployer, err := pSafeLine.NewSSLDeployerProvider(&pSafeLine.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiToken: access.ApiToken, AllowInsecureConnections: access.AllowInsecureConnections, - ResourceType: pSafeLine.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - CertificateId: maputil.GetInt32(options.ProviderServiceConfig, "certificateId"), + ResourceType: pSafeLine.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + CertificateId: xmaps.GetInt32(options.ProviderServiceConfig, "certificateId"), }) return deployer, err } @@ -1076,7 +1076,7 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeSSH: { access := domain.AccessConfigForSSH{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -1093,7 +1093,7 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer } } - deployer, err := pSSH.NewDeployer(&pSSH.DeployerConfig{ + deployer, err := pSSH.NewSSLDeployerProvider(&pSSH.SSLDeployerProviderConfig{ SshHost: access.Host, SshPort: access.Port, SshAuthMethod: access.AuthMethod, @@ -1102,18 +1102,18 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer SshKey: access.Key, SshKeyPassphrase: access.KeyPassphrase, JumpServers: jumpServers, - UseSCP: maputil.GetBool(options.ProviderServiceConfig, "useSCP"), - PreCommand: maputil.GetString(options.ProviderServiceConfig, "preCommand"), - PostCommand: maputil.GetString(options.ProviderServiceConfig, "postCommand"), - OutputFormat: pSSH.OutputFormatType(maputil.GetOrDefaultString(options.ProviderServiceConfig, "format", string(pSSH.OUTPUT_FORMAT_PEM))), - OutputCertPath: maputil.GetString(options.ProviderServiceConfig, "certPath"), - OutputServerCertPath: maputil.GetString(options.ProviderServiceConfig, "certPathForServerOnly"), - OutputIntermediaCertPath: maputil.GetString(options.ProviderServiceConfig, "certPathForIntermediaOnly"), - OutputKeyPath: maputil.GetString(options.ProviderServiceConfig, "keyPath"), - PfxPassword: maputil.GetString(options.ProviderServiceConfig, "pfxPassword"), - JksAlias: maputil.GetString(options.ProviderServiceConfig, "jksAlias"), - JksKeypass: maputil.GetString(options.ProviderServiceConfig, "jksKeypass"), - JksStorepass: maputil.GetString(options.ProviderServiceConfig, "jksStorepass"), + UseSCP: xmaps.GetBool(options.ProviderServiceConfig, "useSCP"), + PreCommand: xmaps.GetString(options.ProviderServiceConfig, "preCommand"), + PostCommand: xmaps.GetString(options.ProviderServiceConfig, "postCommand"), + OutputFormat: pSSH.OutputFormatType(xmaps.GetOrDefaultString(options.ProviderServiceConfig, "format", string(pSSH.OUTPUT_FORMAT_PEM))), + OutputCertPath: xmaps.GetString(options.ProviderServiceConfig, "certPath"), + OutputServerCertPath: xmaps.GetString(options.ProviderServiceConfig, "certPathForServerOnly"), + OutputIntermediaCertPath: xmaps.GetString(options.ProviderServiceConfig, "certPathForIntermediaOnly"), + OutputKeyPath: xmaps.GetString(options.ProviderServiceConfig, "keyPath"), + PfxPassword: xmaps.GetString(options.ProviderServiceConfig, "pfxPassword"), + JksAlias: xmaps.GetString(options.ProviderServiceConfig, "jksAlias"), + JksKeypass: xmaps.GetString(options.ProviderServiceConfig, "jksKeypass"), + JksStorepass: xmaps.GetString(options.ProviderServiceConfig, "jksStorepass"), }) return deployer, err } @@ -1121,118 +1121,118 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeTencentCloudCDN, domain.DeploymentProviderTypeTencentCloudCLB, domain.DeploymentProviderTypeTencentCloudCOS, domain.DeploymentProviderTypeTencentCloudCSS, domain.DeploymentProviderTypeTencentCloudECDN, domain.DeploymentProviderTypeTencentCloudEO, domain.DeploymentProviderTypeTencentCloudGAAP, domain.DeploymentProviderTypeTencentCloudSCF, domain.DeploymentProviderTypeTencentCloudSSL, domain.DeploymentProviderTypeTencentCloudSSLDeploy, domain.DeploymentProviderTypeTencentCloudVOD, domain.DeploymentProviderTypeTencentCloudWAF: { access := domain.AccessConfigForTencentCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeTencentCloudCDN: - deployer, err := pTencentCloudCDN.NewDeployer(&pTencentCloudCDN.DeployerConfig{ + deployer, err := pTencentCloudCDN.NewSSLDeployerProvider(&pTencentCloudCDN.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudCLB: - deployer, err := pTencentCloudCLB.NewDeployer(&pTencentCloudCLB.DeployerConfig{ + deployer, err := pTencentCloudCLB.NewSSLDeployerProvider(&pTencentCloudCLB.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pTencentCloudCLB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pTencentCloudCLB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudCOS: - deployer, err := pTencentCloudCOS.NewDeployer(&pTencentCloudCOS.DeployerConfig{ + deployer, err := pTencentCloudCOS.NewSSLDeployerProvider(&pTencentCloudCOS.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Bucket: maputil.GetString(options.ProviderServiceConfig, "bucket"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Bucket: xmaps.GetString(options.ProviderServiceConfig, "bucket"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudCSS: - deployer, err := pTencentCloudCSS.NewDeployer(&pTencentCloudCSS.DeployerConfig{ + deployer, err := pTencentCloudCSS.NewSSLDeployerProvider(&pTencentCloudCSS.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudECDN: - deployer, err := pTencentCloudECDN.NewDeployer(&pTencentCloudECDN.DeployerConfig{ + deployer, err := pTencentCloudECDN.NewSSLDeployerProvider(&pTencentCloudECDN.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudEO: - deployer, err := pTencentCloudEO.NewDeployer(&pTencentCloudEO.DeployerConfig{ + deployer, err := pTencentCloudEO.NewSSLDeployerProvider(&pTencentCloudEO.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - ZoneId: maputil.GetString(options.ProviderServiceConfig, "zoneId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + ZoneId: xmaps.GetString(options.ProviderServiceConfig, "zoneId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudGAAP: - deployer, err := pTencentCloudGAAP.NewDeployer(&pTencentCloudGAAP.DeployerConfig{ + deployer, err := pTencentCloudGAAP.NewSSLDeployerProvider(&pTencentCloudGAAP.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - ResourceType: pTencentCloudGAAP.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - ProxyId: maputil.GetString(options.ProviderServiceConfig, "proxyId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), + ResourceType: pTencentCloudGAAP.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + ProxyId: xmaps.GetString(options.ProviderServiceConfig, "proxyId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudSCF: - deployer, err := pTencentCloudSCF.NewDeployer(&pTencentCloudSCF.DeployerConfig{ + deployer, err := pTencentCloudSCF.NewSSLDeployerProvider(&pTencentCloudSCF.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudSSL: - deployer, err := pTencentCloudSSL.NewDeployer(&pTencentCloudSSL.DeployerConfig{ + deployer, err := pTencentCloudSSL.NewSSLDeployerProvider(&pTencentCloudSSL.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, }) return deployer, err case domain.DeploymentProviderTypeTencentCloudSSLDeploy: - deployer, err := pTencentCloudSSLDeploy.NewDeployer(&pTencentCloudSSLDeploy.DeployerConfig{ + deployer, err := pTencentCloudSSLDeploy.NewSSLDeployerProvider(&pTencentCloudSSLDeploy.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: maputil.GetString(options.ProviderServiceConfig, "resourceType"), - ResourceIds: sliceutil.Filter(strings.Split(maputil.GetString(options.ProviderServiceConfig, "resourceIds"), ";"), func(s string) bool { return s != "" }), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: xmaps.GetString(options.ProviderServiceConfig, "resourceType"), + ResourceIds: xslices.Filter(strings.Split(xmaps.GetString(options.ProviderServiceConfig, "resourceIds"), ";"), func(s string) bool { return s != "" }), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudVOD: - deployer, err := pTencentCloudVOD.NewDeployer(&pTencentCloudVOD.DeployerConfig{ + deployer, err := pTencentCloudVOD.NewSSLDeployerProvider(&pTencentCloudVOD.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - SubAppId: maputil.GetInt64(options.ProviderServiceConfig, "subAppId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + SubAppId: xmaps.GetInt64(options.ProviderServiceConfig, "subAppId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudWAF: - deployer, err := pTencentCloudWAF.NewDeployer(&pTencentCloudWAF.DeployerConfig{ + deployer, err := pTencentCloudWAF.NewSSLDeployerProvider(&pTencentCloudWAF.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), - DomainId: maputil.GetString(options.ProviderServiceConfig, "domainId"), - InstanceId: maputil.GetString(options.ProviderServiceConfig, "instanceId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), + DomainId: xmaps.GetString(options.ProviderServiceConfig, "domainId"), + InstanceId: xmaps.GetString(options.ProviderServiceConfig, "instanceId"), }) return deployer, err @@ -1244,28 +1244,28 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeUCloudUCDN, domain.DeploymentProviderTypeUCloudUS3: { access := domain.AccessConfigForUCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeUCloudUCDN: - deployer, err := pUCloudUCDN.NewDeployer(&pUCloudUCDN.DeployerConfig{ + deployer, err := pUCloudUCDN.NewSSLDeployerProvider(&pUCloudUCDN.SSLDeployerProviderConfig{ PrivateKey: access.PrivateKey, PublicKey: access.PublicKey, ProjectId: access.ProjectId, - DomainId: maputil.GetString(options.ProviderServiceConfig, "domainId"), + DomainId: xmaps.GetString(options.ProviderServiceConfig, "domainId"), }) return deployer, err case domain.DeploymentProviderTypeUCloudUS3: - deployer, err := pUCloudUS3.NewDeployer(&pUCloudUS3.DeployerConfig{ + deployer, err := pUCloudUS3.NewSSLDeployerProvider(&pUCloudUS3.SSLDeployerProviderConfig{ PrivateKey: access.PrivateKey, PublicKey: access.PublicKey, ProjectId: access.ProjectId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Bucket: maputil.GetString(options.ProviderServiceConfig, "bucket"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Bucket: xmaps.GetString(options.ProviderServiceConfig, "bucket"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -1277,16 +1277,16 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeUniCloudWebHost: { access := domain.AccessConfigForUniCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pUniCloudWebHost.NewDeployer(&pUniCloudWebHost.DeployerConfig{ + deployer, err := pUniCloudWebHost.NewSSLDeployerProvider(&pUniCloudWebHost.SSLDeployerProviderConfig{ Username: access.Username, Password: access.Password, - SpaceProvider: maputil.GetString(options.ProviderServiceConfig, "spaceProvider"), - SpaceId: maputil.GetString(options.ProviderServiceConfig, "spaceId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + SpaceProvider: xmaps.GetString(options.ProviderServiceConfig, "spaceProvider"), + SpaceId: xmaps.GetString(options.ProviderServiceConfig, "spaceId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err } @@ -1294,16 +1294,16 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeUpyunCDN, domain.DeploymentProviderTypeUpyunFile: { access := domain.AccessConfigForUpyun{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeUpyunCDN, domain.DeploymentProviderTypeUpyunFile: - deployer, err := pUpyunCDN.NewDeployer(&pUpyunCDN.DeployerConfig{ + deployer, err := pUpyunCDN.NewSSLDeployerProvider(&pUpyunCDN.SSLDeployerProviderConfig{ Username: access.Username, Password: access.Password, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -1315,83 +1315,83 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeVolcEngineALB, domain.DeploymentProviderTypeVolcEngineCDN, domain.DeploymentProviderTypeVolcEngineCertCenter, domain.DeploymentProviderTypeVolcEngineCLB, domain.DeploymentProviderTypeVolcEngineDCDN, domain.DeploymentProviderTypeVolcEngineImageX, domain.DeploymentProviderTypeVolcEngineLive, domain.DeploymentProviderTypeVolcEngineTOS: { access := domain.AccessConfigForVolcEngine{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeVolcEngineALB: - deployer, err := pVolcEngineALB.NewDeployer(&pVolcEngineALB.DeployerConfig{ + deployer, err := pVolcEngineALB.NewSSLDeployerProvider(&pVolcEngineALB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pVolcEngineALB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pVolcEngineALB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeVolcEngineCDN: - deployer, err := pVolcEngineCDN.NewDeployer(&pVolcEngineCDN.DeployerConfig{ + deployer, err := pVolcEngineCDN.NewSSLDeployerProvider(&pVolcEngineCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.SecretAccessKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeVolcEngineCertCenter: - deployer, err := pVolcEngineCertCenter.NewDeployer(&pVolcEngineCertCenter.DeployerConfig{ + deployer, err := pVolcEngineCertCenter.NewSSLDeployerProvider(&pVolcEngineCertCenter.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), }) return deployer, err case domain.DeploymentProviderTypeVolcEngineCLB: - deployer, err := pVolcEngineCLB.NewDeployer(&pVolcEngineCLB.DeployerConfig{ + deployer, err := pVolcEngineCLB.NewSSLDeployerProvider(&pVolcEngineCLB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pVolcEngineCLB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pVolcEngineCLB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), }) return deployer, err case domain.DeploymentProviderTypeVolcEngineDCDN: - deployer, err := pVolcEngineDCDN.NewDeployer(&pVolcEngineDCDN.DeployerConfig{ + deployer, err := pVolcEngineDCDN.NewSSLDeployerProvider(&pVolcEngineDCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.SecretAccessKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeVolcEngineImageX: - deployer, err := pVolcEngineImageX.NewDeployer(&pVolcEngineImageX.DeployerConfig{ + deployer, err := pVolcEngineImageX.NewSSLDeployerProvider(&pVolcEngineImageX.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ServiceId: maputil.GetString(options.ProviderServiceConfig, "serviceId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ServiceId: xmaps.GetString(options.ProviderServiceConfig, "serviceId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeVolcEngineLive: - deployer, err := pVolcEngineLive.NewDeployer(&pVolcEngineLive.DeployerConfig{ + deployer, err := pVolcEngineLive.NewSSLDeployerProvider(&pVolcEngineLive.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.SecretAccessKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeVolcEngineTOS: - deployer, err := pVolcEngineTOS.NewDeployer(&pVolcEngineTOS.DeployerConfig{ + deployer, err := pVolcEngineTOS.NewSSLDeployerProvider(&pVolcEngineTOS.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Bucket: maputil.GetString(options.ProviderServiceConfig, "bucket"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Bucket: xmaps.GetString(options.ProviderServiceConfig, "bucket"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -1403,36 +1403,36 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeWangsuCDN, domain.DeploymentProviderTypeWangsuCDNPro, domain.DeploymentProviderTypeWangsuCertificate: { access := domain.AccessConfigForWangsu{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeWangsuCDN: - deployer, err := pWangsuCDN.NewDeployer(&pWangsuCDN.DeployerConfig{ + deployer, err := pWangsuCDN.NewSSLDeployerProvider(&pWangsuCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - Domains: sliceutil.Filter(strings.Split(maputil.GetString(options.ProviderServiceConfig, "domains"), ";"), func(s string) bool { return s != "" }), + Domains: xslices.Filter(strings.Split(xmaps.GetString(options.ProviderServiceConfig, "domains"), ";"), func(s string) bool { return s != "" }), }) return deployer, err case domain.DeploymentProviderTypeWangsuCDNPro: - deployer, err := pWangsuCDNPro.NewDeployer(&pWangsuCDNPro.DeployerConfig{ + deployer, err := pWangsuCDNPro.NewSSLDeployerProvider(&pWangsuCDNPro.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ApiKey: access.ApiKey, - Environment: maputil.GetOrDefaultString(options.ProviderServiceConfig, "environment", "production"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), - CertificateId: maputil.GetString(options.ProviderServiceConfig, "certificateId"), - WebhookId: maputil.GetString(options.ProviderServiceConfig, "webhookId"), + Environment: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "environment", "production"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), + CertificateId: xmaps.GetString(options.ProviderServiceConfig, "certificateId"), + WebhookId: xmaps.GetString(options.ProviderServiceConfig, "webhookId"), }) return deployer, err case domain.DeploymentProviderTypeWangsuCertificate: - deployer, err := pWangsuCertificate.NewDeployer(&pWangsuCertificate.DeployerConfig{ + deployer, err := pWangsuCertificate.NewSSLDeployerProvider(&pWangsuCertificate.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - CertificateId: maputil.GetString(options.ProviderServiceConfig, "certificateId"), + CertificateId: xmaps.GetString(options.ProviderServiceConfig, "certificateId"), }) return deployer, err @@ -1444,13 +1444,13 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeWebhook: { access := domain.AccessConfigForWebhook{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } mergedHeaders := make(map[string]string) if defaultHeadersString := access.HeadersString; defaultHeadersString != "" { - h, err := httputil.ParseHeaders(defaultHeadersString) + h, err := xhttp.ParseHeaders(defaultHeadersString) if err != nil { return nil, fmt.Errorf("failed to parse webhook headers: %w", err) } @@ -1458,8 +1458,8 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer mergedHeaders[http.CanonicalHeaderKey(key)] = h.Get(key) } } - if extendedHeadersString := maputil.GetString(options.ProviderServiceConfig, "headers"); extendedHeadersString != "" { - h, err := httputil.ParseHeaders(extendedHeadersString) + if extendedHeadersString := xmaps.GetString(options.ProviderServiceConfig, "headers"); extendedHeadersString != "" { + h, err := xhttp.ParseHeaders(extendedHeadersString) if err != nil { return nil, fmt.Errorf("failed to parse webhook headers: %w", err) } @@ -1468,9 +1468,9 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer } } - deployer, err := pWebhook.NewDeployer(&pWebhook.DeployerConfig{ + deployer, err := pWebhook.NewSSLDeployerProvider(&pWebhook.SSLDeployerProviderConfig{ WebhookUrl: access.Url, - WebhookData: maputil.GetOrDefaultString(options.ProviderServiceConfig, "webhookData", access.DefaultDataForDeployment), + WebhookData: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "webhookData", access.DefaultDataForDeployment), Method: access.Method, Headers: mergedHeaders, AllowInsecureConnections: access.AllowInsecureConnections, diff --git a/internal/domain/certificate.go b/internal/domain/certificate.go index b2b48fcd..6ade5c5f 100644 --- a/internal/domain/certificate.go +++ b/internal/domain/certificate.go @@ -8,7 +8,7 @@ import ( "strings" "time" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) const CollectionNameCertificate = "certificate" @@ -106,10 +106,10 @@ func (c *Certificate) PopulateFromPEM(certPEM, privkeyPEM string) *Certificate { c.Certificate = certPEM c.PrivateKey = privkeyPEM - _, issuerCertPEM, _ := certutil.ExtractCertificatesFromPEM(certPEM) + _, issuerCertPEM, _ := xcert.ExtractCertificatesFromPEM(certPEM) c.IssuerCertificate = issuerCertPEM - certX509, _ := certutil.ParseCertificateFromPEM(certPEM) + certX509, _ := xcert.ParseCertificateFromPEM(certPEM) if certX509 != nil { c.PopulateFromX509(certX509) } diff --git a/internal/domain/dtos/notify.go b/internal/domain/dtos/notify.go index ab72fff1..395aebf1 100644 --- a/internal/domain/dtos/notify.go +++ b/internal/domain/dtos/notify.go @@ -1,6 +1,6 @@ package dtos -import "github.com/usual2970/certimate/internal/domain" +import "github.com/certimate-go/certimate/internal/domain" type NotifyTestPushReq struct { Channel domain.NotifyChannelType `json:"channel"` diff --git a/internal/domain/dtos/workflow.go b/internal/domain/dtos/workflow.go index b0f75f58..55b12954 100644 --- a/internal/domain/dtos/workflow.go +++ b/internal/domain/dtos/workflow.go @@ -1,6 +1,6 @@ package dtos -import "github.com/usual2970/certimate/internal/domain" +import "github.com/certimate-go/certimate/internal/domain" type WorkflowStartRunReq struct { WorkflowId string `json:"-"` diff --git a/internal/domain/workflow.go b/internal/domain/workflow.go index 256ad08d..50997019 100644 --- a/internal/domain/workflow.go +++ b/internal/domain/workflow.go @@ -4,8 +4,8 @@ import ( "encoding/json" "time" - "github.com/usual2970/certimate/internal/domain/expr" - maputil "github.com/usual2970/certimate/internal/pkg/utils/map" + "github.com/certimate-go/certimate/internal/domain/expr" + xmaps "github.com/certimate-go/certimate/pkg/utils/maps" ) const CollectionNameWorkflow = "workflow" @@ -121,62 +121,62 @@ type WorkflowNodeConfigForCondition struct { func (n *WorkflowNode) GetConfigForApply() WorkflowNodeConfigForApply { return WorkflowNodeConfigForApply{ - Domains: maputil.GetString(n.Config, "domains"), - ContactEmail: maputil.GetString(n.Config, "contactEmail"), - Provider: maputil.GetString(n.Config, "provider"), - ProviderAccessId: maputil.GetString(n.Config, "providerAccessId"), - ProviderConfig: maputil.GetKVMapAny(n.Config, "providerConfig"), - CAProvider: maputil.GetString(n.Config, "caProvider"), - CAProviderAccessId: maputil.GetString(n.Config, "caProviderAccessId"), - CAProviderConfig: maputil.GetKVMapAny(n.Config, "caProviderConfig"), - KeyAlgorithm: maputil.GetOrDefaultString(n.Config, "keyAlgorithm", string(CertificateKeyAlgorithmTypeRSA2048)), - Nameservers: maputil.GetString(n.Config, "nameservers"), - DnsPropagationWait: maputil.GetInt32(n.Config, "dnsPropagationWait"), - DnsPropagationTimeout: maputil.GetInt32(n.Config, "dnsPropagationTimeout"), - DnsTTL: maputil.GetInt32(n.Config, "dnsTTL"), - DisableFollowCNAME: maputil.GetBool(n.Config, "disableFollowCNAME"), - DisableARI: maputil.GetBool(n.Config, "disableARI"), - SkipBeforeExpiryDays: maputil.GetOrDefaultInt32(n.Config, "skipBeforeExpiryDays", 30), + Domains: xmaps.GetString(n.Config, "domains"), + ContactEmail: xmaps.GetString(n.Config, "contactEmail"), + Provider: xmaps.GetString(n.Config, "provider"), + ProviderAccessId: xmaps.GetString(n.Config, "providerAccessId"), + ProviderConfig: xmaps.GetKVMapAny(n.Config, "providerConfig"), + CAProvider: xmaps.GetString(n.Config, "caProvider"), + CAProviderAccessId: xmaps.GetString(n.Config, "caProviderAccessId"), + CAProviderConfig: xmaps.GetKVMapAny(n.Config, "caProviderConfig"), + KeyAlgorithm: xmaps.GetOrDefaultString(n.Config, "keyAlgorithm", string(CertificateKeyAlgorithmTypeRSA2048)), + Nameservers: xmaps.GetString(n.Config, "nameservers"), + DnsPropagationWait: xmaps.GetInt32(n.Config, "dnsPropagationWait"), + DnsPropagationTimeout: xmaps.GetInt32(n.Config, "dnsPropagationTimeout"), + DnsTTL: xmaps.GetInt32(n.Config, "dnsTTL"), + DisableFollowCNAME: xmaps.GetBool(n.Config, "disableFollowCNAME"), + DisableARI: xmaps.GetBool(n.Config, "disableARI"), + SkipBeforeExpiryDays: xmaps.GetOrDefaultInt32(n.Config, "skipBeforeExpiryDays", 30), } } func (n *WorkflowNode) GetConfigForUpload() WorkflowNodeConfigForUpload { return WorkflowNodeConfigForUpload{ - Certificate: maputil.GetString(n.Config, "certificate"), - PrivateKey: maputil.GetString(n.Config, "privateKey"), - Domains: maputil.GetString(n.Config, "domains"), + Certificate: xmaps.GetString(n.Config, "certificate"), + PrivateKey: xmaps.GetString(n.Config, "privateKey"), + Domains: xmaps.GetString(n.Config, "domains"), } } func (n *WorkflowNode) GetConfigForMonitor() WorkflowNodeConfigForMonitor { - host := maputil.GetString(n.Config, "host") + host := xmaps.GetString(n.Config, "host") return WorkflowNodeConfigForMonitor{ Host: host, - Port: maputil.GetOrDefaultInt32(n.Config, "port", 443), - Domain: maputil.GetOrDefaultString(n.Config, "domain", host), - RequestPath: maputil.GetString(n.Config, "path"), + Port: xmaps.GetOrDefaultInt32(n.Config, "port", 443), + Domain: xmaps.GetOrDefaultString(n.Config, "domain", host), + RequestPath: xmaps.GetString(n.Config, "path"), } } func (n *WorkflowNode) GetConfigForDeploy() WorkflowNodeConfigForDeploy { return WorkflowNodeConfigForDeploy{ - Certificate: maputil.GetString(n.Config, "certificate"), - Provider: maputil.GetString(n.Config, "provider"), - ProviderAccessId: maputil.GetString(n.Config, "providerAccessId"), - ProviderConfig: maputil.GetKVMapAny(n.Config, "providerConfig"), - SkipOnLastSucceeded: maputil.GetBool(n.Config, "skipOnLastSucceeded"), + Certificate: xmaps.GetString(n.Config, "certificate"), + Provider: xmaps.GetString(n.Config, "provider"), + ProviderAccessId: xmaps.GetString(n.Config, "providerAccessId"), + ProviderConfig: xmaps.GetKVMapAny(n.Config, "providerConfig"), + SkipOnLastSucceeded: xmaps.GetBool(n.Config, "skipOnLastSucceeded"), } } func (n *WorkflowNode) GetConfigForNotify() WorkflowNodeConfigForNotify { return WorkflowNodeConfigForNotify{ - Channel: maputil.GetString(n.Config, "channel"), - Provider: maputil.GetString(n.Config, "provider"), - ProviderAccessId: maputil.GetString(n.Config, "providerAccessId"), - ProviderConfig: maputil.GetKVMapAny(n.Config, "providerConfig"), - Subject: maputil.GetString(n.Config, "subject"), - Message: maputil.GetString(n.Config, "message"), - SkipOnAllPrevSkipped: maputil.GetBool(n.Config, "skipOnAllPrevSkipped"), + Channel: xmaps.GetString(n.Config, "channel"), + Provider: xmaps.GetString(n.Config, "provider"), + ProviderAccessId: xmaps.GetString(n.Config, "providerAccessId"), + ProviderConfig: xmaps.GetKVMapAny(n.Config, "providerConfig"), + Subject: xmaps.GetString(n.Config, "subject"), + Message: xmaps.GetString(n.Config, "message"), + SkipOnAllPrevSkipped: xmaps.GetBool(n.Config, "skipOnAllPrevSkipped"), } } diff --git a/internal/notify/notifier.go b/internal/notify/notifier.go index 5e957841..975b7ab2 100644 --- a/internal/notify/notifier.go +++ b/internal/notify/notifier.go @@ -5,9 +5,9 @@ import ( "fmt" "log/slog" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/pkg/core/notifier" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" + "github.com/certimate-go/certimate/pkg/core" ) type Notifier interface { @@ -46,20 +46,22 @@ func NewWithWorkflowNode(config NotifierWithWorkflowNodeConfig) (Notifier, error } } - notifierProvider, err := createNotifierProvider(options) + notifier, err := createNotifierProvider(options) if err != nil { return nil, err + } else { + notifier.SetLogger(config.Logger) } return ¬ifierImpl{ - provider: notifierProvider.WithLogger(config.Logger), + provider: notifier, subject: config.Subject, message: config.Message, }, nil } type notifierImpl struct { - provider notifier.Notifier + provider core.Notifier subject string message string } diff --git a/internal/notify/notify.go b/internal/notify/notify.go index 92970341..c4af9e19 100644 --- a/internal/notify/notify.go +++ b/internal/notify/notify.go @@ -7,10 +7,10 @@ import ( "golang.org/x/sync/errgroup" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/pkg/core/notifier" - maputil "github.com/usual2970/certimate/internal/pkg/utils/map" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" + "github.com/certimate-go/certimate/pkg/core" + xmaps "github.com/certimate-go/certimate/pkg/utils/maps" ) // Deprecated: v0.4.x 将废弃 @@ -51,7 +51,7 @@ func SendToChannel(subject, message string, channel string, channelConfig map[st } // Deprecated: v0.4.x 将废弃 -func getEnabledNotifiers() ([]notifier.Notifier, error) { +func getEnabledNotifiers() ([]core.Notifier, error) { settingsRepo := repository.NewSettingsRepository() settings, err := settingsRepo.GetByName(context.Background(), "notifyChannels") if err != nil { @@ -63,9 +63,9 @@ func getEnabledNotifiers() ([]notifier.Notifier, error) { return nil, fmt.Errorf("unmarshal notifyChannels error: %w", err) } - notifiers := make([]notifier.Notifier, 0) + notifiers := make([]core.Notifier, 0) for k, v := range rs { - if !maputil.GetBool(v, "enabled") { + if !xmaps.GetBool(v, "enabled") { continue } diff --git a/internal/notify/providers.go b/internal/notify/providers.go index 808d1717..872f5d26 100644 --- a/internal/notify/providers.go +++ b/internal/notify/providers.go @@ -4,19 +4,19 @@ import ( "fmt" "net/http" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/pkg/core/notifier" - pDingTalkBot "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/dingtalkbot" - pDiscordBot "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/discordbot" - pEmail "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/email" - pLarkBot "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/larkbot" - pMattermost "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/mattermost" - pSlackBot "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/slackbot" - pTelegramBot "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/telegrambot" - pWebhook "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/webhook" - pWeComBot "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/wecombot" - httputil "github.com/usual2970/certimate/internal/pkg/utils/http" - maputil "github.com/usual2970/certimate/internal/pkg/utils/map" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/pkg/core" + pDingTalkBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/dingtalkbot" + pDiscordBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/discordbot" + pEmail "github.com/certimate-go/certimate/pkg/core/notifier/providers/email" + pLarkBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/larkbot" + pMattermost "github.com/certimate-go/certimate/pkg/core/notifier/providers/mattermost" + pSlackBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/slackbot" + pTelegramBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/telegrambot" + pWebhook "github.com/certimate-go/certimate/pkg/core/notifier/providers/webhook" + pWeComBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/wecombot" + xhttp "github.com/certimate-go/certimate/pkg/utils/http" + xmaps "github.com/certimate-go/certimate/pkg/utils/maps" ) type notifierProviderOptions struct { @@ -25,7 +25,7 @@ type notifierProviderOptions struct { ProviderServiceConfig map[string]any } -func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier, error) { +func createNotifierProvider(options *notifierProviderOptions) (core.Notifier, error) { /* 注意:如果追加新的常量值,请保持以 ASCII 排序。 NOTICE: If you add new constant, please keep ASCII order. @@ -34,11 +34,11 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier case domain.NotificationProviderTypeDingTalkBot: { access := domain.AccessConfigForDingTalkBot{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - return pDingTalkBot.NewNotifier(&pDingTalkBot.NotifierConfig{ + return pDingTalkBot.NewNotifierProvider(&pDingTalkBot.NotifierProviderConfig{ WebhookUrl: access.WebhookUrl, Secret: access.Secret, }) @@ -47,43 +47,43 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier case domain.NotificationProviderTypeDiscordBot: { access := domain.AccessConfigForDiscordBot{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - return pDiscordBot.NewNotifier(&pDiscordBot.NotifierConfig{ + return pDiscordBot.NewNotifierProvider(&pDiscordBot.NotifierProviderConfig{ BotToken: access.BotToken, - ChannelId: maputil.GetOrDefaultString(options.ProviderServiceConfig, "channelId", access.DefaultChannelId), + ChannelId: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "channelId", access.DefaultChannelId), }) } case domain.NotificationProviderTypeEmail: { access := domain.AccessConfigForEmail{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - return pEmail.NewNotifier(&pEmail.NotifierConfig{ + return pEmail.NewNotifierProvider(&pEmail.NotifierProviderConfig{ SmtpHost: access.SmtpHost, SmtpPort: access.SmtpPort, SmtpTls: access.SmtpTls, Username: access.Username, Password: access.Password, - SenderAddress: maputil.GetOrDefaultString(options.ProviderServiceConfig, "senderAddress", access.DefaultSenderAddress), - SenderName: maputil.GetOrDefaultString(options.ProviderServiceConfig, "senderName", access.DefaultSenderName), - ReceiverAddress: maputil.GetOrDefaultString(options.ProviderServiceConfig, "receiverAddress", access.DefaultReceiverAddress), + SenderAddress: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "senderAddress", access.DefaultSenderAddress), + SenderName: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "senderName", access.DefaultSenderName), + ReceiverAddress: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "receiverAddress", access.DefaultReceiverAddress), }) } case domain.NotificationProviderTypeLarkBot: { access := domain.AccessConfigForLarkBot{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - return pLarkBot.NewNotifier(&pLarkBot.NotifierConfig{ + return pLarkBot.NewNotifierProvider(&pLarkBot.NotifierProviderConfig{ WebhookUrl: access.WebhookUrl, }) } @@ -91,54 +91,54 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier case domain.NotificationProviderTypeMattermost: { access := domain.AccessConfigForMattermost{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - return pMattermost.NewNotifier(&pMattermost.NotifierConfig{ + return pMattermost.NewNotifierProvider(&pMattermost.NotifierProviderConfig{ ServerUrl: access.ServerUrl, Username: access.Username, Password: access.Password, - ChannelId: maputil.GetOrDefaultString(options.ProviderServiceConfig, "channelId", access.DefaultChannelId), + ChannelId: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "channelId", access.DefaultChannelId), }) } case domain.NotificationProviderTypeSlackBot: { access := domain.AccessConfigForSlackBot{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - return pSlackBot.NewNotifier(&pSlackBot.NotifierConfig{ + return pSlackBot.NewNotifierProvider(&pSlackBot.NotifierProviderConfig{ BotToken: access.BotToken, - ChannelId: maputil.GetOrDefaultString(options.ProviderServiceConfig, "channelId", access.DefaultChannelId), + ChannelId: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "channelId", access.DefaultChannelId), }) } case domain.NotificationProviderTypeTelegramBot: { access := domain.AccessConfigForTelegramBot{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - return pTelegramBot.NewNotifier(&pTelegramBot.NotifierConfig{ + return pTelegramBot.NewNotifierProvider(&pTelegramBot.NotifierProviderConfig{ BotToken: access.BotToken, - ChatId: maputil.GetOrDefaultInt64(options.ProviderServiceConfig, "chatId", access.DefaultChatId), + ChatId: xmaps.GetOrDefaultInt64(options.ProviderServiceConfig, "chatId", access.DefaultChatId), }) } case domain.NotificationProviderTypeWebhook: { access := domain.AccessConfigForWebhook{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } mergedHeaders := make(map[string]string) if defaultHeadersString := access.HeadersString; defaultHeadersString != "" { - h, err := httputil.ParseHeaders(defaultHeadersString) + h, err := xhttp.ParseHeaders(defaultHeadersString) if err != nil { return nil, fmt.Errorf("failed to parse webhook headers: %w", err) } @@ -146,8 +146,8 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier mergedHeaders[http.CanonicalHeaderKey(key)] = h.Get(key) } } - if extendedHeadersString := maputil.GetString(options.ProviderServiceConfig, "headers"); extendedHeadersString != "" { - h, err := httputil.ParseHeaders(extendedHeadersString) + if extendedHeadersString := xmaps.GetString(options.ProviderServiceConfig, "headers"); extendedHeadersString != "" { + h, err := xhttp.ParseHeaders(extendedHeadersString) if err != nil { return nil, fmt.Errorf("failed to parse webhook headers: %w", err) } @@ -156,9 +156,9 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier } } - return pWebhook.NewNotifier(&pWebhook.NotifierConfig{ + return pWebhook.NewNotifierProvider(&pWebhook.NotifierProviderConfig{ WebhookUrl: access.Url, - WebhookData: maputil.GetOrDefaultString(options.ProviderServiceConfig, "webhookData", access.DefaultDataForNotification), + WebhookData: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "webhookData", access.DefaultDataForNotification), Method: access.Method, Headers: mergedHeaders, AllowInsecureConnections: access.AllowInsecureConnections, @@ -168,11 +168,11 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier case domain.NotificationProviderTypeWeComBot: { access := domain.AccessConfigForWeComBot{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - return pWeComBot.NewNotifier(&pWeComBot.NotifierConfig{ + return pWeComBot.NewNotifierProvider(&pWeComBot.NotifierProviderConfig{ WebhookUrl: access.WebhookUrl, }) } diff --git a/internal/notify/providers_deprecated.go b/internal/notify/providers_deprecated.go index d2d926a6..00855dc8 100644 --- a/internal/notify/providers_deprecated.go +++ b/internal/notify/providers_deprecated.go @@ -3,104 +3,104 @@ package notify import ( "fmt" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/pkg/core/notifier" - pBark "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/bark" - pDingTalk "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/dingtalkbot" - pEmail "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/email" - pGotify "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/gotify" - pLark "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/larkbot" - pMattermost "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/mattermost" - pPushover "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/pushover" - pPushPlus "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/pushplus" - pServerChan "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/serverchan" - pTelegram "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/telegrambot" - pWebhook "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/webhook" - pWeCom "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/wecombot" - maputil "github.com/usual2970/certimate/internal/pkg/utils/map" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/pkg/core" + pBark "github.com/certimate-go/certimate/pkg/core/notifier/providers/bark" + pDingTalk "github.com/certimate-go/certimate/pkg/core/notifier/providers/dingtalkbot" + pEmail "github.com/certimate-go/certimate/pkg/core/notifier/providers/email" + pGotify "github.com/certimate-go/certimate/pkg/core/notifier/providers/gotify" + pLark "github.com/certimate-go/certimate/pkg/core/notifier/providers/larkbot" + pMattermost "github.com/certimate-go/certimate/pkg/core/notifier/providers/mattermost" + pPushover "github.com/certimate-go/certimate/pkg/core/notifier/providers/pushover" + pPushPlus "github.com/certimate-go/certimate/pkg/core/notifier/providers/pushplus" + pServerChan "github.com/certimate-go/certimate/pkg/core/notifier/providers/serverchan" + pTelegram "github.com/certimate-go/certimate/pkg/core/notifier/providers/telegrambot" + pWebhook "github.com/certimate-go/certimate/pkg/core/notifier/providers/webhook" + pWeCom "github.com/certimate-go/certimate/pkg/core/notifier/providers/wecombot" + xmaps "github.com/certimate-go/certimate/pkg/utils/maps" ) // Deprecated: v0.4.x 将废弃 -func createNotifierProviderUseGlobalSettings(channel domain.NotifyChannelType, channelConfig map[string]any) (notifier.Notifier, error) { +func createNotifierProviderUseGlobalSettings(channel domain.NotifyChannelType, channelConfig map[string]any) (core.Notifier, error) { /* 注意:如果追加新的常量值,请保持以 ASCII 排序。 NOTICE: If you add new constant, please keep ASCII order. */ switch channel { case domain.NotifyChannelTypeBark: - return pBark.NewNotifier(&pBark.NotifierConfig{ - DeviceKey: maputil.GetString(channelConfig, "deviceKey"), - ServerUrl: maputil.GetString(channelConfig, "serverUrl"), + return pBark.NewNotifierProvider(&pBark.NotifierProviderConfig{ + DeviceKey: xmaps.GetString(channelConfig, "deviceKey"), + ServerUrl: xmaps.GetString(channelConfig, "serverUrl"), }) case domain.NotifyChannelTypeDingTalk: - return pDingTalk.NewNotifier(&pDingTalk.NotifierConfig{ - WebhookUrl: "https://oapi.dingtalk.com/robot/send?access_token=" + maputil.GetString(channelConfig, "accessToken"), - Secret: maputil.GetString(channelConfig, "secret"), + return pDingTalk.NewNotifierProvider(&pDingTalk.NotifierProviderConfig{ + WebhookUrl: "https://oapi.dingtalk.com/robot/send?access_token=" + xmaps.GetString(channelConfig, "accessToken"), + Secret: xmaps.GetString(channelConfig, "secret"), }) case domain.NotifyChannelTypeEmail: - return pEmail.NewNotifier(&pEmail.NotifierConfig{ - SmtpHost: maputil.GetString(channelConfig, "smtpHost"), - SmtpPort: maputil.GetInt32(channelConfig, "smtpPort"), - SmtpTls: maputil.GetOrDefaultBool(channelConfig, "smtpTLS", true), - Username: maputil.GetOrDefaultString(channelConfig, "username", maputil.GetString(channelConfig, "senderAddress")), - Password: maputil.GetString(channelConfig, "password"), - SenderAddress: maputil.GetString(channelConfig, "senderAddress"), - ReceiverAddress: maputil.GetString(channelConfig, "receiverAddress"), + return pEmail.NewNotifierProvider(&pEmail.NotifierProviderConfig{ + SmtpHost: xmaps.GetString(channelConfig, "smtpHost"), + SmtpPort: xmaps.GetInt32(channelConfig, "smtpPort"), + SmtpTls: xmaps.GetOrDefaultBool(channelConfig, "smtpTLS", true), + Username: xmaps.GetOrDefaultString(channelConfig, "username", xmaps.GetString(channelConfig, "senderAddress")), + Password: xmaps.GetString(channelConfig, "password"), + SenderAddress: xmaps.GetString(channelConfig, "senderAddress"), + ReceiverAddress: xmaps.GetString(channelConfig, "receiverAddress"), }) case domain.NotifyChannelTypeGotify: - return pGotify.NewNotifier(&pGotify.NotifierConfig{ - ServerUrl: maputil.GetString(channelConfig, "url"), - Token: maputil.GetString(channelConfig, "token"), - Priority: maputil.GetOrDefaultInt64(channelConfig, "priority", 1), + return pGotify.NewNotifierProvider(&pGotify.NotifierProviderConfig{ + ServerUrl: xmaps.GetString(channelConfig, "url"), + Token: xmaps.GetString(channelConfig, "token"), + Priority: xmaps.GetOrDefaultInt64(channelConfig, "priority", 1), }) case domain.NotifyChannelTypeLark: - return pLark.NewNotifier(&pLark.NotifierConfig{ - WebhookUrl: maputil.GetString(channelConfig, "webhookUrl"), + return pLark.NewNotifierProvider(&pLark.NotifierProviderConfig{ + WebhookUrl: xmaps.GetString(channelConfig, "webhookUrl"), }) case domain.NotifyChannelTypeMattermost: - return pMattermost.NewNotifier(&pMattermost.NotifierConfig{ - ServerUrl: maputil.GetString(channelConfig, "serverUrl"), - ChannelId: maputil.GetString(channelConfig, "channelId"), - Username: maputil.GetString(channelConfig, "username"), - Password: maputil.GetString(channelConfig, "password"), + return pMattermost.NewNotifierProvider(&pMattermost.NotifierProviderConfig{ + ServerUrl: xmaps.GetString(channelConfig, "serverUrl"), + ChannelId: xmaps.GetString(channelConfig, "channelId"), + Username: xmaps.GetString(channelConfig, "username"), + Password: xmaps.GetString(channelConfig, "password"), }) case domain.NotifyChannelTypePushover: - return pPushover.NewNotifier(&pPushover.NotifierConfig{ - Token: maputil.GetString(channelConfig, "token"), - User: maputil.GetString(channelConfig, "user"), + return pPushover.NewNotifierProvider(&pPushover.NotifierProviderConfig{ + Token: xmaps.GetString(channelConfig, "token"), + User: xmaps.GetString(channelConfig, "user"), }) case domain.NotifyChannelTypePushPlus: - return pPushPlus.NewNotifier(&pPushPlus.NotifierConfig{ - Token: maputil.GetString(channelConfig, "token"), + return pPushPlus.NewNotifierProvider(&pPushPlus.NotifierProviderConfig{ + Token: xmaps.GetString(channelConfig, "token"), }) case domain.NotifyChannelTypeServerChan: - return pServerChan.NewNotifier(&pServerChan.NotifierConfig{ - ServerUrl: maputil.GetString(channelConfig, "url"), + return pServerChan.NewNotifierProvider(&pServerChan.NotifierProviderConfig{ + ServerUrl: xmaps.GetString(channelConfig, "url"), }) case domain.NotifyChannelTypeTelegram: - return pTelegram.NewNotifier(&pTelegram.NotifierConfig{ - BotToken: maputil.GetString(channelConfig, "apiToken"), - ChatId: maputil.GetInt64(channelConfig, "chatId"), + return pTelegram.NewNotifierProvider(&pTelegram.NotifierProviderConfig{ + BotToken: xmaps.GetString(channelConfig, "apiToken"), + ChatId: xmaps.GetInt64(channelConfig, "chatId"), }) case domain.NotifyChannelTypeWebhook: - return pWebhook.NewNotifier(&pWebhook.NotifierConfig{ - WebhookUrl: maputil.GetString(channelConfig, "url"), - AllowInsecureConnections: maputil.GetBool(channelConfig, "allowInsecureConnections"), + return pWebhook.NewNotifierProvider(&pWebhook.NotifierProviderConfig{ + WebhookUrl: xmaps.GetString(channelConfig, "url"), + AllowInsecureConnections: xmaps.GetBool(channelConfig, "allowInsecureConnections"), }) case domain.NotifyChannelTypeWeCom: - return pWeCom.NewNotifier(&pWeCom.NotifierConfig{ - WebhookUrl: maputil.GetString(channelConfig, "webhookUrl"), + return pWeCom.NewNotifierProvider(&pWeCom.NotifierProviderConfig{ + WebhookUrl: xmaps.GetString(channelConfig, "webhookUrl"), }) } diff --git a/internal/notify/service.go b/internal/notify/service.go index 1d1f6c25..26d5b856 100644 --- a/internal/notify/service.go +++ b/internal/notify/service.go @@ -4,8 +4,8 @@ import ( "context" "fmt" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/domain/dtos" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain/dtos" ) // Deprecated: v0.4.x 将废弃 diff --git a/internal/pkg/core/deployer/providers/1panel-console/1panel_console.go b/internal/pkg/core/deployer/providers/1panel-console/1panel_console.go deleted file mode 100644 index 81d0a247..00000000 --- a/internal/pkg/core/deployer/providers/1panel-console/1panel_console.go +++ /dev/null @@ -1,109 +0,0 @@ -package onepanelconsole - -import ( - "context" - "crypto/tls" - "errors" - "fmt" - "log/slog" - "net/url" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - onepanelsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/1panel" -) - -type DeployerConfig struct { - // 1Panel 服务地址。 - ServerUrl string `json:"serverUrl"` - // 1Panel 版本。 - // 可取值 "v1"、"v2"。 - ApiVersion string `json:"apiVersion"` - // 1Panel 接口密钥。 - ApiKey string `json:"apiKey"` - // 是否允许不安全的连接。 - AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` - // 是否自动重启。 - AutoRestart bool `json:"autoRestart"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *onepanelsdk.Client -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ServerUrl, config.ApiVersion, config.ApiKey, config.AllowInsecureConnections) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 设置面板 SSL 证书 - SSLEnable := "enable" - if d.config.ApiVersion == "v2" { - SSLEnable = "Enable" - } - - updateSystemSSLReq := &onepanelsdk.UpdateSystemSSLRequest{ - Cert: certPEM, - Key: privkeyPEM, - SSL: SSLEnable, - SSLType: "import-paste", - } - if d.config.AutoRestart { - updateSystemSSLReq.AutoRestart = "true" - } else { - updateSystemSSLReq.AutoRestart = "false" - } - updateSystemSSLResp, err := d.sdkClient.UpdateSystemSSL(updateSystemSSLReq) - d.logger.Debug("sdk request '1panel.UpdateSystemSSL'", slog.Any("request", updateSystemSSLReq), slog.Any("response", updateSystemSSLResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request '1panel.UpdateSystemSSL': %w", err) - } - - return &deployer.DeployResult{}, nil -} - -func createSdkClient(serverUrl, apiVersion, apiKey string, skipTlsVerify bool) (*onepanelsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid 1panel server url") - } - - if apiVersion == "" { - return nil, errors.New("invalid 1panel api version") - } - - if apiKey == "" { - return nil, errors.New("invalid 1panel api key") - } - - client := onepanelsdk.NewClient(serverUrl, apiVersion, apiKey) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil -} diff --git a/internal/pkg/core/deployer/providers/1panel-site/1panel_site.go b/internal/pkg/core/deployer/providers/1panel-site/1panel_site.go deleted file mode 100644 index 0f721c3f..00000000 --- a/internal/pkg/core/deployer/providers/1panel-site/1panel_site.go +++ /dev/null @@ -1,200 +0,0 @@ -package onepanelsite - -import ( - "context" - "crypto/tls" - "errors" - "fmt" - "log/slog" - "net/url" - "strconv" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/1panel-ssl" - onepanelsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/1panel" -) - -type DeployerConfig struct { - // 1Panel 服务地址。 - ServerUrl string `json:"serverUrl"` - // 1Panel 版本。 - // 可取值 "v1"、"v2"。 - ApiVersion string `json:"apiVersion"` - // 1Panel 接口密钥。 - ApiKey string `json:"apiKey"` - // 是否允许不安全的连接。 - AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` - // 部署资源类型。 - ResourceType ResourceType `json:"resourceType"` - // 网站 ID。 - // 部署资源类型为 [RESOURCE_TYPE_WEBSITE] 时必填。 - WebsiteId int64 `json:"websiteId,omitempty"` - // 证书 ID。 - // 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时必填。 - CertificateId int64 `json:"certificateId,omitempty"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *onepanelsdk.Client - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ServerUrl, config.ApiVersion, config.ApiKey, config.AllowInsecureConnections) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - ServerUrl: config.ServerUrl, - ApiVersion: config.ApiVersion, - ApiKey: config.ApiKey, - AllowInsecureConnections: config.AllowInsecureConnections, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - d.sslUploader.WithLogger(logger) - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 根据部署资源类型决定部署方式 - switch d.config.ResourceType { - case RESOURCE_TYPE_WEBSITE: - if err := d.deployToWebsite(ctx, certPEM, privkeyPEM); err != nil { - return nil, err - } - - case RESOURCE_TYPE_CERTIFICATE: - if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil { - return nil, err - } - - default: - return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) - } - - return &deployer.DeployResult{}, nil -} - -func (d *DeployerProvider) deployToWebsite(ctx context.Context, certPEM string, privkeyPEM string) error { - if d.config.WebsiteId == 0 { - return errors.New("config `websiteId` is required") - } - - // 获取网站 HTTPS 配置 - getHttpsConfReq := &onepanelsdk.GetHttpsConfRequest{ - WebsiteID: d.config.WebsiteId, - } - getHttpsConfResp, err := d.sdkClient.GetHttpsConf(getHttpsConfReq) - d.logger.Debug("sdk request '1panel.GetHttpsConf'", slog.Any("request", getHttpsConfReq), slog.Any("response", getHttpsConfResp)) - if err != nil { - return fmt.Errorf("failed to execute sdk request '1panel.GetHttpsConf': %w", err) - } - - // 上传证书到面板 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - // 修改网站 HTTPS 配置 - certId, _ := strconv.ParseInt(upres.CertId, 10, 64) - updateHttpsConfReq := &onepanelsdk.UpdateHttpsConfRequest{ - WebsiteID: d.config.WebsiteId, - Type: "existed", - WebsiteSSLID: certId, - Enable: getHttpsConfResp.Data.Enable, - HttpConfig: getHttpsConfResp.Data.HttpConfig, - SSLProtocol: getHttpsConfResp.Data.SSLProtocol, - Algorithm: getHttpsConfResp.Data.Algorithm, - Hsts: getHttpsConfResp.Data.Hsts, - } - updateHttpsConfResp, err := d.sdkClient.UpdateHttpsConf(updateHttpsConfReq) - d.logger.Debug("sdk request '1panel.UpdateHttpsConf'", slog.Any("request", updateHttpsConfReq), slog.Any("response", updateHttpsConfResp)) - if err != nil { - return fmt.Errorf("failed to execute sdk request '1panel.UpdateHttpsConf': %w", err) - } - - return nil -} - -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { - if d.config.CertificateId == 0 { - return errors.New("config `certificateId` is required") - } - - // 获取证书详情 - getWebsiteSSLReq := &onepanelsdk.GetWebsiteSSLRequest{ - SSLID: d.config.CertificateId, - } - getWebsiteSSLResp, err := d.sdkClient.GetWebsiteSSL(getWebsiteSSLReq) - d.logger.Debug("sdk request '1panel.GetWebsiteSSL'", slog.Any("request", getWebsiteSSLReq), slog.Any("response", getWebsiteSSLResp)) - if err != nil { - return fmt.Errorf("failed to execute sdk request '1panel.GetWebsiteSSL': %w", err) - } - - // 更新证书 - uploadWebsiteSSLReq := &onepanelsdk.UploadWebsiteSSLRequest{ - Type: "paste", - SSLID: d.config.CertificateId, - Description: getWebsiteSSLResp.Data.Description, - Certificate: certPEM, - PrivateKey: privkeyPEM, - } - uploadWebsiteSSLResp, err := d.sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq) - d.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp)) - if err != nil { - return fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err) - } - - return nil -} - -func createSdkClient(serverUrl, apiVersion, apiKey string, skipTlsVerify bool) (*onepanelsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid 1panel server url") - } - - if apiVersion == "" { - return nil, errors.New("invalid 1panel api version") - } - - if apiKey == "" { - return nil, errors.New("invalid 1panel api key") - } - - client := onepanelsdk.NewClient(serverUrl, apiVersion, apiKey) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil -} diff --git a/internal/pkg/core/deployer/providers/aliyun-cas/aliyun_cas.go b/internal/pkg/core/deployer/providers/aliyun-cas/aliyun_cas.go deleted file mode 100644 index f1cc8811..00000000 --- a/internal/pkg/core/deployer/providers/aliyun-cas/aliyun_cas.go +++ /dev/null @@ -1,74 +0,0 @@ -package aliyuncas - -import ( - "context" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" -) - -type DeployerConfig struct { - // 阿里云 AccessKeyId。 - AccessKeyId string `json:"accessKeyId"` - // 阿里云 AccessKeySecret。 - AccessKeySecret string `json:"accessKeySecret"` - // 阿里云资源组 ID。 - ResourceGroupId string `json:"resourceGroupId,omitempty"` - // 阿里云地域。 - Region string `json:"region"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKeyId: config.AccessKeyId, - AccessKeySecret: config.AccessKeySecret, - ResourceGroupId: config.ResourceGroupId, - Region: config.Region, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - d.sslUploader.WithLogger(logger) - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/apisix/apisix.go b/internal/pkg/core/deployer/providers/apisix/apisix.go deleted file mode 100644 index 922b3597..00000000 --- a/internal/pkg/core/deployer/providers/apisix/apisix.go +++ /dev/null @@ -1,125 +0,0 @@ -package apisix - -import ( - "context" - "crypto/tls" - "errors" - "fmt" - "log/slog" - "net/url" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - apisixsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/apisix" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" -) - -type DeployerConfig struct { - // APISIX 服务地址。 - ServerUrl string `json:"serverUrl"` - // APISIX Admin API Key。 - ApiKey string `json:"apiKey"` - // 是否允许不安全的连接。 - AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` - // 部署资源类型。 - ResourceType ResourceType `json:"resourceType"` - // 证书 ID。 - // 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时必填。 - CertificateId string `json:"certificateId,omitempty"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *apisixsdk.Client -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 根据部署资源类型决定部署方式 - switch d.config.ResourceType { - case RESOURCE_TYPE_CERTIFICATE: - if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil { - return nil, err - } - - default: - return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) - } - - return &deployer.DeployResult{}, nil -} - -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { - if d.config.CertificateId == "" { - return errors.New("config `certificateId` is required") - } - - // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) - if err != nil { - return err - } - - // 更新 SSL 证书 - // REF: https://apisix.apache.org/zh/docs/apisix/admin-api/#ssl - updateSSLReq := &apisixsdk.UpdateSSLRequest{ - ID: d.config.CertificateId, - Cert: typeutil.ToPtr(certPEM), - Key: typeutil.ToPtr(privkeyPEM), - SNIs: typeutil.ToPtr(certX509.DNSNames), - Type: typeutil.ToPtr("server"), - Status: typeutil.ToPtr(int32(1)), - } - updateSSLResp, err := d.sdkClient.UpdateSSL(updateSSLReq) - d.logger.Debug("sdk request 'apisix.UpdateSSL'", slog.Any("request", updateSSLReq), slog.Any("response", updateSSLResp)) - if err != nil { - return fmt.Errorf("failed to execute sdk request 'apisix.UpdateSSL': %w", err) - } - - return nil -} - -func createSdkClient(serverUrl, apiKey string, skipTlsVerify bool) (*apisixsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid apisix server url") - } - - if apiKey == "" { - return nil, errors.New("invalid apisix api key") - } - - client := apisixsdk.NewClient(serverUrl, apiKey) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil -} diff --git a/internal/pkg/core/deployer/providers/aws-iam/aws_iam.go b/internal/pkg/core/deployer/providers/aws-iam/aws_iam.go deleted file mode 100644 index ef6440d3..00000000 --- a/internal/pkg/core/deployer/providers/aws-iam/aws_iam.go +++ /dev/null @@ -1,75 +0,0 @@ -package awsiam - -import ( - "context" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aws-iam" -) - -type DeployerConfig struct { - // AWS AccessKeyId。 - AccessKeyId string `json:"accessKeyId"` - // AWS SecretAccessKey。 - SecretAccessKey string `json:"secretAccessKey"` - // AWS 区域。 - Region string `json:"region"` - // IAM 证书路径。 - // 选填。 - CertificatePath string `json:"certificatePath,omitempty"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKeyId: config.AccessKeyId, - SecretAccessKey: config.SecretAccessKey, - Region: config.Region, - CertificatePath: config.CertificatePath, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - d.sslUploader.WithLogger(logger) - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 IAM - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/baiducloud-cert/baiducloud_cert.go b/internal/pkg/core/deployer/providers/baiducloud-cert/baiducloud_cert.go deleted file mode 100644 index f2295593..00000000 --- a/internal/pkg/core/deployer/providers/baiducloud-cert/baiducloud_cert.go +++ /dev/null @@ -1,67 +0,0 @@ -package baiducloudcert - -import ( - "context" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/baiducloud-cert" -) - -type DeployerConfig struct { - // 百度智能云 AccessKeyId。 - AccessKeyId string `json:"accessKeyId"` - // 百度智能云 SecretAccessKey。 - SecretAccessKey string `json:"secretAccessKey"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKeyId: config.AccessKeyId, - SecretAccessKey: config.SecretAccessKey, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/baotawaf-console/baotawaf_console.go b/internal/pkg/core/deployer/providers/baotawaf-console/baotawaf_console.go deleted file mode 100644 index dbdbf811..00000000 --- a/internal/pkg/core/deployer/providers/baotawaf-console/baotawaf_console.go +++ /dev/null @@ -1,88 +0,0 @@ -package baotapanelconsole - -import ( - "context" - "crypto/tls" - "errors" - "fmt" - "log/slog" - "net/url" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - btsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/btwaf" -) - -type DeployerConfig struct { - // 堡塔云 WAF 服务地址。 - ServerUrl string `json:"serverUrl"` - // 堡塔云 WAF 接口密钥。 - ApiKey string `json:"apiKey"` - // 是否允许不安全的连接。 - AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *btsdk.Client -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 设置面板 SSL - configSetSSLReq := &btsdk.ConfigSetSSLRequest{ - CertContent: certPEM, - KeyContent: privkeyPEM, - } - configSetSSLResp, err := d.sdkClient.ConfigSetSSL(configSetSSLReq) - d.logger.Debug("sdk request 'bt.ConfigSetSSL'", slog.Any("request", configSetSSLReq), slog.Any("response", configSetSSLResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'bt.ConfigSetSSL': %w", err) - } - - return &deployer.DeployResult{}, nil -} - -func createSdkClient(serverUrl, apiKey string, skipTlsVerify bool) (*btsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid baota server url") - } - - if apiKey == "" { - return nil, errors.New("invalid baota api key") - } - - client := btsdk.NewClient(serverUrl, apiKey) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil -} diff --git a/internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn.go b/internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn.go deleted file mode 100644 index cdc39baa..00000000 --- a/internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn.go +++ /dev/null @@ -1,66 +0,0 @@ -package bunnycdn - -import ( - "context" - "encoding/base64" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - bunnysdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/bunny" -) - -type DeployerConfig struct { - // Bunny API Key。 - ApiKey string `json:"apiKey"` - // Bunny Pull Zone ID。 - PullZoneId string `json:"pullZoneId"` - // Bunny CDN Hostname(支持泛域名)。 - Hostname string `json:"hostname"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *bunnysdk.Client -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: bunnysdk.NewClient(config.ApiKey), - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书 - createCertificateReq := &bunnysdk.AddCustomCertificateRequest{ - Hostname: d.config.Hostname, - PullZoneId: d.config.PullZoneId, - Certificate: base64.StdEncoding.EncodeToString([]byte(certPEM)), - CertificateKey: base64.StdEncoding.EncodeToString([]byte(privkeyPEM)), - } - createCertificateResp, err := d.sdkClient.AddCustomCertificate(createCertificateReq) - d.logger.Debug("sdk request 'bunny.AddCustomCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'bunny.AddCustomCertificate': %w", err) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/cachefly/cachefly.go b/internal/pkg/core/deployer/providers/cachefly/cachefly.go deleted file mode 100644 index fa1cce13..00000000 --- a/internal/pkg/core/deployer/providers/cachefly/cachefly.go +++ /dev/null @@ -1,75 +0,0 @@ -package cachefly - -import ( - "context" - "errors" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - cfsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/cachefly" -) - -type DeployerConfig struct { - // CacheFly API Token。 - ApiToken string `json:"apiToken"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *cfsdk.Client -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ApiToken) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书 - // REF: https://api.cachefly.com/api/2.5/docs#tag/Certificates/paths/~1certificates/post - createCertificateReq := &cfsdk.CreateCertificateRequest{ - Certificate: certPEM, - CertificateKey: privkeyPEM, - } - createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) - d.logger.Debug("sdk request 'cachefly.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'cachefly.CreateCertificate': %w", err) - } - - return &deployer.DeployResult{}, nil -} - -func createSdkClient(apiToken string) (*cfsdk.Client, error) { - if apiToken == "" { - return nil, errors.New("invalid cachefly api token") - } - - client := cfsdk.NewClient(apiToken) - return client, nil -} diff --git a/internal/pkg/core/deployer/providers/ctcccloud-cms/ctcccloud_cms.go b/internal/pkg/core/deployer/providers/ctcccloud-cms/ctcccloud_cms.go deleted file mode 100644 index 62b4084b..00000000 --- a/internal/pkg/core/deployer/providers/ctcccloud-cms/ctcccloud_cms.go +++ /dev/null @@ -1,67 +0,0 @@ -package ctcccloudcms - -import ( - "context" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ctcccloud-cms" -) - -type DeployerConfig struct { - // 天翼云 AccessKeyId。 - AccessKeyId string `json:"accessKeyId"` - // 天翼云 SecretAccessKey。 - SecretAccessKey string `json:"secretAccessKey"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKeyId: config.AccessKeyId, - SecretAccessKey: config.SecretAccessKey, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CMS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn.go b/internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn.go deleted file mode 100644 index 9401285f..00000000 --- a/internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn.go +++ /dev/null @@ -1,85 +0,0 @@ -package dogecloudcdn - -import ( - "context" - "fmt" - "log/slog" - "strconv" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/dogecloud" - dogesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/dogecloud" -) - -type DeployerConfig struct { - // 多吉云 AccessKey。 - AccessKey string `json:"accessKey"` - // 多吉云 SecretKey。 - SecretKey string `json:"secretKey"` - // 加速域名(不支持泛域名)。 - Domain string `json:"domain"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *dogesdk.Client - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client := dogesdk.NewClient(config.AccessKey, config.SecretKey) - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKey: config.AccessKey, - SecretKey: config.SecretKey, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - d.sslUploader.WithLogger(logger) - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CDN - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - // 绑定证书 - // REF: https://docs.dogecloud.com/cdn/api-cert-bind - bindCdnCertId, _ := strconv.ParseInt(upres.CertId, 10, 64) - bindCdnCertResp, err := d.sdkClient.BindCdnCertWithDomain(bindCdnCertId, d.config.Domain) - d.logger.Debug("sdk request 'cdn.BindCdnCert'", slog.Int64("request.certId", bindCdnCertId), slog.String("request.domain", d.config.Domain), slog.Any("response", bindCdnCertResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'cdn.BindCdnCert': %w", err) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/huaweicloud-scm/huaweicloud_scm.go b/internal/pkg/core/deployer/providers/huaweicloud-scm/huaweicloud_scm.go deleted file mode 100644 index 0ba5816a..00000000 --- a/internal/pkg/core/deployer/providers/huaweicloud-scm/huaweicloud_scm.go +++ /dev/null @@ -1,71 +0,0 @@ -package huaweicloudscm - -import ( - "context" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-scm" -) - -type DeployerConfig struct { - // 华为云 AccessKeyId。 - AccessKeyId string `json:"accessKeyId"` - // 华为云 SecretAccessKey。 - SecretAccessKey string `json:"secretAccessKey"` - // 华为云企业项目 ID。 - EnterpriseProjectId string `json:"enterpriseProjectId,omitempty"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKeyId: config.AccessKeyId, - SecretAccessKey: config.SecretAccessKey, - EnterpriseProjectId: config.EnterpriseProjectId, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - d.sslUploader.WithLogger(logger) - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SCM - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/lecdn/lecdn.go b/internal/pkg/core/deployer/providers/lecdn/lecdn.go deleted file mode 100644 index 4d9f4302..00000000 --- a/internal/pkg/core/deployer/providers/lecdn/lecdn.go +++ /dev/null @@ -1,176 +0,0 @@ -package lecdn - -import ( - "context" - "crypto/tls" - "errors" - "fmt" - "log/slog" - "net/url" - "time" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - leclientsdkv3 "github.com/usual2970/certimate/internal/pkg/sdk3rd/lecdn/v3/client" - lemastersdkv3 "github.com/usual2970/certimate/internal/pkg/sdk3rd/lecdn/v3/master" -) - -type DeployerConfig struct { - // LeCDN 服务地址。 - ServerUrl string `json:"serverUrl"` - // LeCDN 版本。 - // 可取值 "v3"。 - ApiVersion string `json:"apiVersion"` - // LeCDN 用户角色。 - // 可取值 "client"、"master"。 - ApiRole string `json:"apiRole"` - // LeCDN 用户名。 - Username string `json:"accessKeyId"` - // LeCDN 用户密码。 - Password string `json:"accessKey"` - // 是否允许不安全的连接。 - AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` - // 部署资源类型。 - ResourceType ResourceType `json:"resourceType"` - // 证书 ID。 - // 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时必填。 - CertificateId int64 `json:"certificateId,omitempty"` - // 客户 ID。 - // 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时选填。 - ClientId int64 `json:"clientId,omitempty"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient interface{} -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -const ( - apiVersionV3 = "v3" - - apiRoleClient = "client" - apiRoleMaster = "master" -) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ServerUrl, config.ApiVersion, config.ApiRole, config.Username, config.Password, config.AllowInsecureConnections) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 根据部署资源类型决定部署方式 - switch d.config.ResourceType { - case RESOURCE_TYPE_CERTIFICATE: - if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil { - return nil, err - } - - default: - return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) - } - - return &deployer.DeployResult{}, nil -} - -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { - if d.config.CertificateId == 0 { - return errors.New("config `certificateId` is required") - } - - // 修改证书 - // REF: https://wdk0pwf8ul.feishu.cn/wiki/YE1XwCRIHiLYeKkPupgcXrlgnDd - switch sdkClient := d.sdkClient.(type) { - case *leclientsdkv3.Client: - updateSSLCertReq := &leclientsdkv3.UpdateCertificateRequest{ - Name: fmt.Sprintf("certimate-%d", time.Now().UnixMilli()), - Description: "upload from certimate", - Type: "upload", - SSLPEM: certPEM, - SSLKey: privkeyPEM, - AutoRenewal: false, - } - updateSSLCertResp, err := sdkClient.UpdateCertificate(d.config.CertificateId, updateSSLCertReq) - d.logger.Debug("sdk request 'lecdn.UpdateCertificate'", slog.Int64("certId", d.config.CertificateId), slog.Any("request", updateSSLCertReq), slog.Any("response", updateSSLCertResp)) - if err != nil { - return fmt.Errorf("failed to execute sdk request 'lecdn.UpdateCertificate': %w", err) - } - - case *lemastersdkv3.Client: - updateSSLCertReq := &lemastersdkv3.UpdateCertificateRequest{ - ClientId: d.config.ClientId, - Name: fmt.Sprintf("certimate-%d", time.Now().UnixMilli()), - Description: "upload from certimate", - Type: "upload", - SSLPEM: certPEM, - SSLKey: privkeyPEM, - AutoRenewal: false, - } - updateSSLCertResp, err := sdkClient.UpdateCertificate(d.config.CertificateId, updateSSLCertReq) - d.logger.Debug("sdk request 'lecdn.UpdateCertificate'", slog.Int64("certId", d.config.CertificateId), slog.Any("request", updateSSLCertReq), slog.Any("response", updateSSLCertResp)) - if err != nil { - return fmt.Errorf("failed to execute sdk request 'lecdn.UpdateCertificate': %w", err) - } - - default: - panic("sdk client is not implemented") - } - - return nil -} - -func createSdkClient(serverUrl, apiVersion, apiRole, username, password string, skipTlsVerify bool) (interface{}, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid lecdn server url") - } - - if username == "" { - return nil, errors.New("invalid lecdn username") - } - - if password == "" { - return nil, errors.New("invalid lecdn password") - } - - if apiVersion == apiVersionV3 && apiRole == apiRoleClient { - // v3 版客户端 - client := leclientsdkv3.NewClient(serverUrl, username, password) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil - } else if apiVersion == apiVersionV3 && apiRole == apiRoleMaster { - // v3 版主控端 - client := lemastersdkv3.NewClient(serverUrl, username, password) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil - } - - return nil, fmt.Errorf("invalid lecdn api version or user role") -} diff --git a/internal/pkg/core/deployer/providers/rainyun-rcdn/rainyun_rcdn.go b/internal/pkg/core/deployer/providers/rainyun-rcdn/rainyun_rcdn.go deleted file mode 100644 index 99321f82..00000000 --- a/internal/pkg/core/deployer/providers/rainyun-rcdn/rainyun_rcdn.go +++ /dev/null @@ -1,101 +0,0 @@ -package rainyunrcdn - -import ( - "context" - "errors" - "fmt" - "log/slog" - "strconv" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/rainyun-sslcenter" - rainyunsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/rainyun" -) - -type DeployerConfig struct { - // 雨云 API 密钥。 - ApiKey string `json:"apiKey"` - // RCDN 实例 ID。 - InstanceId int32 `json:"instanceId"` - // 加速域名(支持泛域名)。 - Domain string `json:"domain"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *rainyunsdk.Client - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ApiKey) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - ApiKey: config.ApiKey, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - d.sslUploader.WithLogger(logger) - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL 证书 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - // RCDN SSL 绑定域名 - // REF: https://apifox.com/apidoc/shared/a4595cc8-44c5-4678-a2a3-eed7738dab03/api-184214120 - certId, _ := strconv.Atoi(upres.CertId) - rcdnInstanceSslBindReq := &rainyunsdk.RcdnInstanceSslBindRequest{ - CertId: int32(certId), - Domains: []string{d.config.Domain}, - } - rcdnInstanceSslBindResp, err := d.sdkClient.RcdnInstanceSslBind(d.config.InstanceId, rcdnInstanceSslBindReq) - d.logger.Debug("sdk request 'rcdn.InstanceSslBind'", slog.Any("instanceId", d.config.InstanceId), slog.Any("request", rcdnInstanceSslBindReq), slog.Any("response", rcdnInstanceSslBindResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'rcdn.InstanceSslBind': %w", err) - } - - return &deployer.DeployResult{}, nil -} - -func createSdkClient(apiKey string) (*rainyunsdk.Client, error) { - if apiKey == "" { - return nil, errors.New("invalid rainyun api key") - } - - client := rainyunsdk.NewClient(apiKey) - return client, nil -} diff --git a/internal/pkg/core/deployer/providers/ratpanel-console/ratpanel_console.go b/internal/pkg/core/deployer/providers/ratpanel-console/ratpanel_console.go deleted file mode 100644 index 85e7f530..00000000 --- a/internal/pkg/core/deployer/providers/ratpanel-console/ratpanel_console.go +++ /dev/null @@ -1,94 +0,0 @@ -package ratpanelconsole - -import ( - "context" - "crypto/tls" - "errors" - "fmt" - "log/slog" - "net/url" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - rpsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/ratpanel" -) - -type DeployerConfig struct { - // 耗子面板服务地址。 - ServerUrl string `json:"serverUrl"` - // 耗子面板访问令牌 ID。 - AccessTokenId int32 `json:"accessTokenId"` - // 耗子面板访问令牌。 - AccessToken string `json:"accessToken"` - // 是否允许不安全的连接。 - AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *rpsdk.Client -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ServerUrl, config.AccessTokenId, config.AccessToken, config.AllowInsecureConnections) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 设置面板 SSL 证书 - settingCertReq := &rpsdk.SettingCertRequest{ - Certificate: certPEM, - PrivateKey: privkeyPEM, - } - settingCertResp, err := d.sdkClient.SettingCert(settingCertReq) - d.logger.Debug("sdk request 'ratpanel.SettingCert'", slog.Any("request", settingCertReq), slog.Any("response", settingCertResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'ratpanel.SettingCert': %w", err) - } - - return &deployer.DeployResult{}, nil -} - -func createSdkClient(serverUrl string, accessTokenId int32, accessToken string, skipTlsVerify bool) (*rpsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid ratpanel server url") - } - - if accessTokenId == 0 { - return nil, errors.New("invalid ratpanel access token id") - } - - if accessToken == "" { - return nil, errors.New("invalid ratpanel access token") - } - - client := rpsdk.NewClient(serverUrl, accessTokenId, accessToken) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil -} diff --git a/internal/pkg/core/deployer/providers/ratpanel-site/ratpanel_site.go b/internal/pkg/core/deployer/providers/ratpanel-site/ratpanel_site.go deleted file mode 100644 index 7e30daf6..00000000 --- a/internal/pkg/core/deployer/providers/ratpanel-site/ratpanel_site.go +++ /dev/null @@ -1,101 +0,0 @@ -package ratpanelsite - -import ( - "context" - "crypto/tls" - "errors" - "fmt" - "log/slog" - "net/url" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - rpsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/ratpanel" -) - -type DeployerConfig struct { - // 耗子面板服务地址。 - ServerUrl string `json:"serverUrl"` - // 耗子面板访问令牌 ID。 - AccessTokenId int32 `json:"accessTokenId"` - // 耗子面板访问令牌。 - AccessToken string `json:"accessToken"` - // 是否允许不安全的连接。 - AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` - // 网站名称。 - SiteName string `json:"siteName"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *rpsdk.Client -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ServerUrl, config.AccessTokenId, config.AccessToken, config.AllowInsecureConnections) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - if d.config.SiteName == "" { - return nil, errors.New("config `siteName` is required") - } - - // 设置站点 SSL 证书 - websiteCertReq := &rpsdk.WebsiteCertRequest{ - SiteName: d.config.SiteName, - Certificate: certPEM, - PrivateKey: privkeyPEM, - } - websiteCertResp, err := d.sdkClient.WebsiteCert(websiteCertReq) - d.logger.Debug("sdk request 'ratpanel.WebsiteCert'", slog.Any("request", websiteCertReq), slog.Any("response", websiteCertResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'ratpanel.WebsiteCert': %w", err) - } - - return &deployer.DeployResult{}, nil -} - -func createSdkClient(serverUrl string, accessTokenId int32, accessToken string, skipTlsVerify bool) (*rpsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid ratpanel server url") - } - - if accessTokenId == 0 { - return nil, errors.New("invalid ratpanel access token id") - } - - if accessToken == "" { - return nil, errors.New("invalid ratpanel access token") - } - - client := rpsdk.NewClient(serverUrl, accessTokenId, accessToken) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil -} diff --git a/internal/pkg/core/deployer/providers/tencentcloud-ssl/tencentcloud_ssl.go b/internal/pkg/core/deployer/providers/tencentcloud-ssl/tencentcloud_ssl.go deleted file mode 100644 index 09ac14cd..00000000 --- a/internal/pkg/core/deployer/providers/tencentcloud-ssl/tencentcloud_ssl.go +++ /dev/null @@ -1,68 +0,0 @@ -package tencentcloudssl - -import ( - "context" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" -) - -type DeployerConfig struct { - // 腾讯云 SecretId。 - SecretId string `json:"secretId"` - // 腾讯云 SecretKey。 - SecretKey string `json:"secretKey"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - SecretId: config.SecretId, - SecretKey: config.SecretKey, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - d.sslUploader.WithLogger(logger) - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/volcengine-certcenter/volcengine_certcenter.go b/internal/pkg/core/deployer/providers/volcengine-certcenter/volcengine_certcenter.go deleted file mode 100644 index 8bb40d5b..00000000 --- a/internal/pkg/core/deployer/providers/volcengine-certcenter/volcengine_certcenter.go +++ /dev/null @@ -1,71 +0,0 @@ -package volcenginecertcenter - -import ( - "context" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" -) - -type DeployerConfig struct { - // 火山引擎 AccessKeyId。 - AccessKeyId string `json:"accessKeyId"` - // 火山引擎 AccessKeySecret。 - AccessKeySecret string `json:"accessKeySecret"` - // 火山引擎地域。 - Region string `json:"region"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKeyId: config.AccessKeyId, - AccessKeySecret: config.AccessKeySecret, - Region: config.Region, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - d.sslUploader.WithLogger(logger) - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到证书中心 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/wangsu-cdn/wangsu_cdn.go b/internal/pkg/core/deployer/providers/wangsu-cdn/wangsu_cdn.go deleted file mode 100644 index 3be2b119..00000000 --- a/internal/pkg/core/deployer/providers/wangsu-cdn/wangsu_cdn.go +++ /dev/null @@ -1,109 +0,0 @@ -package wangsucdn - -import ( - "context" - "errors" - "fmt" - "log/slog" - "strconv" - "strings" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/wangsu-certificate" - wangsusdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/cdn" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" -) - -type DeployerConfig struct { - // 网宿云 AccessKeyId。 - AccessKeyId string `json:"accessKeyId"` - // 网宿云 AccessKeySecret。 - AccessKeySecret string `json:"accessKeySecret"` - // 加速域名数组(支持泛域名)。 - Domains []string `json:"domains"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *wangsusdk.Client - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKeyId: config.AccessKeyId, - AccessKeySecret: config.AccessKeySecret, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到证书管理 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - // 批量修改域名证书配置 - // REF: https://www.wangsu.com/document/api-doc/37447 - certId, _ := strconv.ParseInt(upres.CertId, 10, 64) - batchUpdateCertificateConfigReq := &wangsusdk.BatchUpdateCertificateConfigRequest{ - CertificateId: certId, - DomainNames: sliceutil.Map(d.config.Domains, func(domain string) string { - // "*.example.com" → ".example.com",适配网宿云 CDN 要求的泛域名格式 - return strings.TrimPrefix(domain, "*") - }), - } - batchUpdateCertificateConfigResp, err := d.sdkClient.BatchUpdateCertificateConfig(batchUpdateCertificateConfigReq) - d.logger.Debug("sdk request 'cdn.BatchUpdateCertificateConfig'", slog.Any("request", batchUpdateCertificateConfigReq), slog.Any("response", batchUpdateCertificateConfigResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'cdn.BatchUpdateCertificateConfig': %w", err) - } - - return &deployer.DeployResult{}, nil -} - -func createSdkClient(accessKeyId, accessKeySecret string) (*wangsusdk.Client, error) { - if accessKeyId == "" { - return nil, errors.New("invalid wangsu access key id") - } - - if accessKeySecret == "" { - return nil, errors.New("invalid wangsu access key secret") - } - - return wangsusdk.NewClient(accessKeyId, accessKeySecret), nil -} diff --git a/internal/pkg/core/deployer/providers/wangsu-certificate/wangsu_certificate.go b/internal/pkg/core/deployer/providers/wangsu-certificate/wangsu_certificate.go deleted file mode 100644 index 51fa7076..00000000 --- a/internal/pkg/core/deployer/providers/wangsu-certificate/wangsu_certificate.go +++ /dev/null @@ -1,109 +0,0 @@ -package wangsucertificate - -import ( - "context" - "errors" - "fmt" - "log/slog" - "time" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/wangsu-certificate" - wangsusdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/certificate" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" -) - -type DeployerConfig struct { - // 网宿云 AccessKeyId。 - AccessKeyId string `json:"accessKeyId"` - // 网宿云 AccessKeySecret。 - AccessKeySecret string `json:"accessKeySecret"` - // 证书 ID。 - // 选填。零值时表示新建证书;否则表示更新证书。 - CertificateId string `json:"certificateId,omitempty"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *wangsusdk.Client - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKeyId: config.AccessKeyId, - AccessKeySecret: config.AccessKeySecret, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - if d.config.CertificateId == "" { - // 上传证书到证书管理 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - } else { - // 修改证书 - // REF: https://www.wangsu.com/document/api-doc/25568?productCode=certificatemanagement - updateCertificateReq := &wangsusdk.UpdateCertificateRequest{ - Name: typeutil.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), - Certificate: typeutil.ToPtr(certPEM), - PrivateKey: typeutil.ToPtr(privkeyPEM), - Comment: typeutil.ToPtr("upload from certimate"), - } - updateCertificateResp, err := d.sdkClient.UpdateCertificate(d.config.CertificateId, updateCertificateReq) - d.logger.Debug("sdk request 'certificatemanagement.UpdateCertificate'", slog.Any("request", updateCertificateReq), slog.Any("response", updateCertificateResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'certificatemanagement.CreateCertificate': %w", err) - } - } - - return &deployer.DeployResult{}, nil -} - -func createSdkClient(accessKeyId, accessKeySecret string) (*wangsusdk.Client, error) { - if accessKeyId == "" { - return nil, errors.New("invalid wangsu access key id") - } - - if accessKeySecret == "" { - return nil, errors.New("invalid wangsu access key secret") - } - - return wangsusdk.NewClient(accessKeyId, accessKeySecret), nil -} diff --git a/internal/pkg/core/uploader/providers/1panel-ssl/1panel_ssl.go b/internal/pkg/core/uploader/providers/1panel-ssl/1panel_ssl.go deleted file mode 100644 index 77ce16f0..00000000 --- a/internal/pkg/core/uploader/providers/1panel-ssl/1panel_ssl.go +++ /dev/null @@ -1,157 +0,0 @@ -package onepanelssl - -import ( - "context" - "crypto/tls" - "errors" - "fmt" - "log/slog" - "net/url" - "strings" - "time" - - "github.com/usual2970/certimate/internal/pkg/core/uploader" - onepanelsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/1panel" -) - -type UploaderConfig struct { - // 1Panel 服务地址。 - ServerUrl string `json:"serverUrl"` - // 1Panel 版本。 - ApiVersion string `json:"apiVersion"` - // 1Panel 接口密钥。 - ApiKey string `json:"apiKey"` - // 是否允许不安全的连接。 - AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` -} - -type UploaderProvider struct { - config *UploaderConfig - logger *slog.Logger - sdkClient *onepanelsdk.Client -} - -var _ uploader.Uploader = (*UploaderProvider)(nil) - -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ServerUrl, config.ApiVersion, config.ApiKey, config.AllowInsecureConnections) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &UploaderProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { - if logger == nil { - u.logger = slog.New(slog.DiscardHandler) - } else { - u.logger = logger - } - return u -} - -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { - // 遍历证书列表,避免重复上传 - if res, err := u.findCertIfExists(ctx, certPEM, privkeyPEM); err != nil { - return nil, err - } else if res != nil { - u.logger.Info("ssl certificate already exists") - return res, nil - } - - // 生成新证书名(需符合 1Panel 命名规则) - certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) - - // 上传证书 - uploadWebsiteSSLReq := &onepanelsdk.UploadWebsiteSSLRequest{ - Type: "paste", - Description: certName, - Certificate: certPEM, - PrivateKey: privkeyPEM, - } - uploadWebsiteSSLResp, err := u.sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq) - u.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err) - } - - // 遍历证书列表,获取刚刚上传证书 ID - if res, err := u.findCertIfExists(ctx, certPEM, privkeyPEM); err != nil { - return nil, err - } else if res == nil { - return nil, fmt.Errorf("no ssl certificate found, may be upload failed (code: %d, message: %s)", uploadWebsiteSSLResp.GetCode(), uploadWebsiteSSLResp.GetMessage()) - } else { - return res, nil - } -} - -func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { - searchWebsiteSSLPageNumber := int32(1) - searchWebsiteSSLPageSize := int32(100) - for { - select { - case <-ctx.Done(): - return nil, ctx.Err() - default: - } - - searchWebsiteSSLReq := &onepanelsdk.SearchWebsiteSSLRequest{ - Page: searchWebsiteSSLPageNumber, - PageSize: searchWebsiteSSLPageSize, - } - searchWebsiteSSLResp, err := u.sdkClient.SearchWebsiteSSL(searchWebsiteSSLReq) - u.logger.Debug("sdk request '1panel.SearchWebsiteSSL'", slog.Any("request", searchWebsiteSSLReq), slog.Any("response", searchWebsiteSSLResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request '1panel.SearchWebsiteSSL': %w", err) - } - - for _, sslItem := range searchWebsiteSSLResp.Data.Items { - if strings.TrimSpace(sslItem.PEM) == strings.TrimSpace(certPEM) && - strings.TrimSpace(sslItem.PrivateKey) == strings.TrimSpace(privkeyPEM) { - // 如果已存在相同证书,直接返回 - return &uploader.UploadResult{ - CertId: fmt.Sprintf("%d", sslItem.ID), - CertName: sslItem.Description, - }, nil - } - } - - if len(searchWebsiteSSLResp.Data.Items) < int(searchWebsiteSSLPageSize) { - break - } else { - searchWebsiteSSLPageNumber++ - } - } - - return nil, nil -} - -func createSdkClient(serverUrl, apiVersion, apiKey string, skipTlsVerify bool) (*onepanelsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid 1panel server url") - } - - if apiVersion == "" { - return nil, errors.New("invalid 1panel api version") - } - - if apiKey == "" { - return nil, errors.New("invalid 1panel api key") - } - - client := onepanelsdk.NewClient(serverUrl, apiVersion, apiKey) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil -} diff --git a/internal/pkg/core/uploader/providers/dogecloud/dogecloud.go b/internal/pkg/core/uploader/providers/dogecloud/dogecloud.go deleted file mode 100644 index 1b0b963f..00000000 --- a/internal/pkg/core/uploader/providers/dogecloud/dogecloud.go +++ /dev/null @@ -1,77 +0,0 @@ -package dogecloud - -import ( - "context" - "fmt" - "log/slog" - "time" - - "github.com/usual2970/certimate/internal/pkg/core/uploader" - dogesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/dogecloud" -) - -type UploaderConfig struct { - // 多吉云 AccessKey。 - AccessKey string `json:"accessKey"` - // 多吉云 SecretKey。 - SecretKey string `json:"secretKey"` -} - -type UploaderProvider struct { - config *UploaderConfig - logger *slog.Logger - sdkClient *dogesdk.Client -} - -var _ uploader.Uploader = (*UploaderProvider)(nil) - -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.AccessKey, config.SecretKey) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &UploaderProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { - if logger == nil { - u.logger = slog.New(slog.DiscardHandler) - } else { - u.logger = logger - } - return u -} - -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { - // 生成新证书名(需符合多吉云命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) - - // 上传新证书 - // REF: https://docs.dogecloud.com/cdn/api-cert-upload - uploadSslCertResp, err := u.sdkClient.UploadCdnCert(certName, certPEM, privkeyPEM) - u.logger.Debug("sdk request 'cdn.UploadCdnCert'", slog.Any("response", uploadSslCertResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'cdn.UploadCdnCert': %w", err) - } - - certId = fmt.Sprintf("%d", uploadSslCertResp.Data.Id) - return &uploader.UploadResult{ - CertId: certId, - CertName: certName, - }, nil -} - -func createSdkClient(accessKey, secretKey string) (*dogesdk.Client, error) { - client := dogesdk.NewClient(accessKey, secretKey) - return client, nil -} diff --git a/internal/pkg/core/uploader/providers/gcore-cdn/gcore_cdn.go b/internal/pkg/core/uploader/providers/gcore-cdn/gcore_cdn.go deleted file mode 100644 index f3127602..00000000 --- a/internal/pkg/core/uploader/providers/gcore-cdn/gcore_cdn.go +++ /dev/null @@ -1,95 +0,0 @@ -package gcorecdn - -import ( - "context" - "errors" - "fmt" - "log/slog" - "time" - - "github.com/G-Core/gcorelabscdn-go/gcore/provider" - "github.com/G-Core/gcorelabscdn-go/sslcerts" - - "github.com/usual2970/certimate/internal/pkg/core/uploader" - gcoresdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/gcore/common" -) - -type UploaderConfig struct { - // Gcore API Token。 - ApiToken string `json:"apiToken"` -} - -type UploaderProvider struct { - config *UploaderConfig - logger *slog.Logger - sdkClient *sslcerts.Service -} - -var _ uploader.Uploader = (*UploaderProvider)(nil) - -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ApiToken) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &UploaderProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { - if logger == nil { - u.logger = slog.New(slog.DiscardHandler) - } else { - u.logger = logger - } - return u -} - -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { - // 生成新证书名(需符合 Gcore 命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate_%d", time.Now().UnixMilli()) - - // 新增证书 - // REF: https://api.gcore.com/docs/cdn#tag/SSL-certificates/operation/add_ssl_certificates - createCertificateReq := &sslcerts.CreateRequest{ - Name: certName, - Cert: certPEM, - PrivateKey: privkeyPEM, - Automated: false, - ValidateRootCA: false, - } - createCertificateResp, err := u.sdkClient.Create(context.TODO(), createCertificateReq) - u.logger.Debug("sdk request 'sslcerts.Create'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'sslcerts.Create': %w", err) - } - - certId = fmt.Sprintf("%d", createCertificateResp.ID) - certName = createCertificateResp.Name - return &uploader.UploadResult{ - CertId: certId, - CertName: certName, - }, nil -} - -func createSdkClient(apiToken string) (*sslcerts.Service, error) { - if apiToken == "" { - return nil, errors.New("invalid gcore api token") - } - - requester := provider.NewClient( - gcoresdk.BASE_URL, - provider.WithSigner(gcoresdk.NewAuthRequestSigner(apiToken)), - ) - service := sslcerts.NewService(requester) - return service, nil -} diff --git a/internal/pkg/core/uploader/providers/qiniu-sslcert/qiniu_sslcert.go b/internal/pkg/core/uploader/providers/qiniu-sslcert/qiniu_sslcert.go deleted file mode 100644 index 99a1a0b5..00000000 --- a/internal/pkg/core/uploader/providers/qiniu-sslcert/qiniu_sslcert.go +++ /dev/null @@ -1,96 +0,0 @@ -package qiniusslcert - -import ( - "context" - "errors" - "fmt" - "log/slog" - "time" - - "github.com/qiniu/go-sdk/v7/auth" - - "github.com/usual2970/certimate/internal/pkg/core/uploader" - qiniusdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/qiniu" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" -) - -type UploaderConfig struct { - // 七牛云 AccessKey。 - AccessKey string `json:"accessKey"` - // 七牛云 SecretKey。 - SecretKey string `json:"secretKey"` -} - -type UploaderProvider struct { - config *UploaderConfig - logger *slog.Logger - sdkClient *qiniusdk.Client -} - -var _ uploader.Uploader = (*UploaderProvider)(nil) - -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.AccessKey, config.SecretKey) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &UploaderProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { - if logger == nil { - u.logger = slog.New(slog.DiscardHandler) - } else { - u.logger = logger - } - return u -} - -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { - // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) - if err != nil { - return nil, err - } - - // 生成新证书名(需符合七牛云命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) - - // 上传新证书 - // REF: https://developer.qiniu.com/fusion/8593/interface-related-certificate - uploadSslCertResp, err := u.sdkClient.UploadSslCert(context.TODO(), certName, certX509.Subject.CommonName, certPEM, privkeyPEM) - u.logger.Debug("sdk request 'cdn.UploadSslCert'", slog.Any("response", uploadSslCertResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'cdn.UploadSslCert': %w", err) - } - - certId = uploadSslCertResp.CertID - return &uploader.UploadResult{ - CertId: certId, - CertName: certName, - }, nil -} - -func createSdkClient(accessKey, secretKey string) (*qiniusdk.Client, error) { - if secretKey == "" { - return nil, errors.New("invalid qiniu access key") - } - - if secretKey == "" { - return nil, errors.New("invalid qiniu secret key") - } - - credential := auth.New(accessKey, secretKey) - client := qiniusdk.NewClient(credential) - return client, nil -} diff --git a/internal/pkg/core/uploader/providers/upyun-ssl/upyun_ssl.go b/internal/pkg/core/uploader/providers/upyun-ssl/upyun_ssl.go deleted file mode 100644 index 6b45e130..00000000 --- a/internal/pkg/core/uploader/providers/upyun-ssl/upyun_ssl.go +++ /dev/null @@ -1,82 +0,0 @@ -package upyunssl - -import ( - "context" - "errors" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/uploader" - upyunsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/upyun/console" -) - -type UploaderConfig struct { - // 又拍云账号用户名。 - Username string `json:"username"` - // 又拍云账号密码。 - Password string `json:"password"` -} - -type UploaderProvider struct { - config *UploaderConfig - logger *slog.Logger - sdkClient *upyunsdk.Client -} - -var _ uploader.Uploader = (*UploaderProvider)(nil) - -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.Username, config.Password) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &UploaderProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { - if logger == nil { - u.logger = slog.New(slog.DiscardHandler) - } else { - u.logger = logger - } - return u -} - -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { - // 上传证书 - uploadHttpsCertificateReq := &upyunsdk.UploadHttpsCertificateRequest{ - Certificate: certPEM, - PrivateKey: privkeyPEM, - } - uploadHttpsCertificateResp, err := u.sdkClient.UploadHttpsCertificate(uploadHttpsCertificateReq) - u.logger.Debug("sdk request 'console.UploadHttpsCertificate'", slog.Any("response", uploadHttpsCertificateResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'console.UploadHttpsCertificate': %w", err) - } - - return &uploader.UploadResult{ - CertId: uploadHttpsCertificateResp.Data.Result.CertificateId, - }, nil -} - -func createSdkClient(username, password string) (*upyunsdk.Client, error) { - if username == "" { - return nil, errors.New("invalid upyun username") - } - - if password == "" { - return nil, errors.New("invalid upyun password") - } - - client := upyunsdk.NewClient(username, password) - return client, nil -} diff --git a/internal/pkg/core/uploader/uploader.go b/internal/pkg/core/uploader/uploader.go deleted file mode 100644 index 0a1681a7..00000000 --- a/internal/pkg/core/uploader/uploader.go +++ /dev/null @@ -1,32 +0,0 @@ -package uploader - -import ( - "context" - "log/slog" -) - -// 表示定义证书上传器的抽象类型接口。 -// 云服务商通常会提供 SSL 证书管理服务,可供用户集中管理证书。 -// 注意与 `Deployer` 区分,“上传”通常为“部署”的前置操作。 -type Uploader interface { - WithLogger(logger *slog.Logger) Uploader - - // 上传证书。 - // - // 入参: - // - ctx:上下文。 - // - certPEM:证书 PEM 内容。 - // - privkeyPEM:私钥 PEM 内容。 - // - // 出参: - // - res:上传结果。 - // - err: 错误。 - Upload(ctx context.Context, certPEM string, privkeyPEM string) (_res *UploadResult, _err error) -} - -// 表示证书上传结果的数据结构,包含上传后的证书 ID、名称和其他数据。 -type UploadResult struct { - CertId string `json:"certId"` - CertName string `json:"certName,omitzero"` - ExtendedData map[string]any `json:"extendedData,omitempty"` -} diff --git a/internal/pkg/sdk3rd/1panel/api.go b/internal/pkg/sdk3rd/1panel/api.go deleted file mode 100644 index 91eff206..00000000 --- a/internal/pkg/sdk3rd/1panel/api.go +++ /dev/null @@ -1,60 +0,0 @@ -package onepanel - -import ( - "fmt" - "net/http" -) - -func (c *Client) UpdateSystemSSL(req *UpdateSystemSSLRequest) (*UpdateSystemSSLResponse, error) { - resp := &UpdateSystemSSLResponse{} - - path := "/settings/ssl/update" - if c.version == "v2" { - path = "/core" + path - } - - err := c.sendRequestWithResult(http.MethodPost, path, req, resp) - return resp, err -} - -func (c *Client) SearchWebsiteSSL(req *SearchWebsiteSSLRequest) (*SearchWebsiteSSLResponse, error) { - resp := &SearchWebsiteSSLResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/websites/ssl/search", req, resp) - return resp, err -} - -func (c *Client) GetWebsiteSSL(req *GetWebsiteSSLRequest) (*GetWebsiteSSLResponse, error) { - if req.SSLID == 0 { - return nil, fmt.Errorf("1panel api error: invalid parameter: SSLID") - } - - resp := &GetWebsiteSSLResponse{} - err := c.sendRequestWithResult(http.MethodGet, fmt.Sprintf("/websites/ssl/%d", req.SSLID), req, resp) - return resp, err -} - -func (c *Client) UploadWebsiteSSL(req *UploadWebsiteSSLRequest) (*UploadWebsiteSSLResponse, error) { - resp := &UploadWebsiteSSLResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/websites/ssl/upload", req, resp) - return resp, err -} - -func (c *Client) GetHttpsConf(req *GetHttpsConfRequest) (*GetHttpsConfResponse, error) { - if req.WebsiteID == 0 { - return nil, fmt.Errorf("1panel api error: invalid parameter: WebsiteID") - } - - resp := &GetHttpsConfResponse{} - err := c.sendRequestWithResult(http.MethodGet, fmt.Sprintf("/websites/%d/https", req.WebsiteID), req, resp) - return resp, err -} - -func (c *Client) UpdateHttpsConf(req *UpdateHttpsConfRequest) (*UpdateHttpsConfResponse, error) { - if req.WebsiteID == 0 { - return nil, fmt.Errorf("1panel api error: invalid parameter: WebsiteID") - } - - resp := &UpdateHttpsConfResponse{} - err := c.sendRequestWithResult(http.MethodPost, fmt.Sprintf("/websites/%d/https", req.WebsiteID), req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/1panel/client.go b/internal/pkg/sdk3rd/1panel/client.go deleted file mode 100644 index 5d9acb6d..00000000 --- a/internal/pkg/sdk3rd/1panel/client.go +++ /dev/null @@ -1,101 +0,0 @@ -package onepanel - -import ( - "crypto/md5" - "crypto/tls" - "encoding/hex" - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client - version string -} - -func NewClient(serverUrl, apiVersion, apiKey string) *Client { - if apiVersion == "" { - apiVersion = "v1" - } - - client := resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")+"/api/"+apiVersion). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - timestamp := fmt.Sprintf("%d", time.Now().Unix()) - tokenMd5 := md5.Sum([]byte("1panel" + apiKey + timestamp)) - tokenMd5Hex := hex.EncodeToString(tokenMd5[:]) - req.Header.Set("1Panel-Timestamp", timestamp) - req.Header.Set("1Panel-Token", tokenMd5Hex) - - return nil - }) - - return &Client{ - client: client, - version: apiVersion, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("1panel api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("1panel api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("1panel api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode/100 != 2 { - return fmt.Errorf("1panel api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/1panel/models.go b/internal/pkg/sdk3rd/1panel/models.go deleted file mode 100644 index 57ea5154..00000000 --- a/internal/pkg/sdk3rd/1panel/models.go +++ /dev/null @@ -1,131 +0,0 @@ -package onepanel - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code *int32 `json:"code,omitempty"` - Message *string `json:"message,omitempty"` -} - -func (r *baseResponse) GetCode() int32 { - if r.Code != nil { - return *r.Code - } - return 0 -} - -func (r *baseResponse) GetMessage() string { - if r.Message != nil { - return *r.Message - } - return "" -} - -type UpdateSystemSSLRequest struct { - Cert string `json:"cert"` - Key string `json:"key"` - SSLType string `json:"sslType"` - SSL string `json:"ssl"` - SSLID int64 `json:"sslID"` - AutoRestart string `json:"autoRestart"` -} - -type UpdateSystemSSLResponse struct { - baseResponse -} - -type SearchWebsiteSSLRequest struct { - Page int32 `json:"page"` - PageSize int32 `json:"pageSize"` -} - -type SearchWebsiteSSLResponse struct { - baseResponse - Data *struct { - Items []*struct { - ID int64 `json:"id"` - PEM string `json:"pem"` - PrivateKey string `json:"privateKey"` - Domains string `json:"domains"` - Description string `json:"description"` - Status string `json:"status"` - UpdatedAt string `json:"updatedAt"` - CreatedAt string `json:"createdAt"` - } `json:"items"` - Total int32 `json:"total"` - } `json:"data,omitempty"` -} - -type GetWebsiteSSLRequest struct { - SSLID int64 `json:"-"` -} - -type GetWebsiteSSLResponse struct { - baseResponse - Data *struct { - ID int64 `json:"id"` - Provider string `json:"provider"` - Description string `json:"description"` - PrimaryDomain string `json:"primaryDomain"` - Domains string `json:"domains"` - Type string `json:"type"` - Organization string `json:"organization"` - Status string `json:"status"` - StartDate string `json:"startDate"` - ExpireDate string `json:"expireDate"` - CreatedAt string `json:"createdAt"` - UpdatedAt string `json:"updatedAt"` - } `json:"data,omitempty"` -} - -type UploadWebsiteSSLRequest struct { - Type string `json:"type"` - SSLID int64 `json:"sslID"` - Certificate string `json:"certificate"` - CertificatePath string `json:"certificatePath"` - PrivateKey string `json:"privateKey"` - PrivateKeyPath string `json:"privateKeyPath"` - Description string `json:"description"` -} - -type UploadWebsiteSSLResponse struct { - baseResponse -} - -type GetHttpsConfRequest struct { - WebsiteID int64 `json:"-"` -} - -type GetHttpsConfResponse struct { - baseResponse - Data *struct { - Enable bool `json:"enable"` - HttpConfig string `json:"httpConfig"` - SSLProtocol []string `json:"SSLProtocol"` - Algorithm string `json:"algorithm"` - Hsts bool `json:"hsts"` - } `json:"data,omitempty"` -} - -type UpdateHttpsConfRequest struct { - WebsiteID int64 `json:"websiteId"` - Enable bool `json:"enable"` - Type string `json:"type"` - WebsiteSSLID int64 `json:"websiteSSLId"` - PrivateKey string `json:"privateKey"` - Certificate string `json:"certificate"` - PrivateKeyPath string `json:"privateKeyPath"` - CertificatePath string `json:"certificatePath"` - ImportType string `json:"importType"` - HttpConfig string `json:"httpConfig"` - SSLProtocol []string `json:"SSLProtocol"` - Algorithm string `json:"algorithm"` - Hsts bool `json:"hsts"` -} - -type UpdateHttpsConfResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/apisix/api.go b/internal/pkg/sdk3rd/apisix/api.go deleted file mode 100644 index 7ebfba04..00000000 --- a/internal/pkg/sdk3rd/apisix/api.go +++ /dev/null @@ -1,16 +0,0 @@ -package apisix - -import ( - "fmt" - "net/http" -) - -func (c *Client) UpdateSSL(req *UpdateSSLRequest) (*UpdateSSLResponse, error) { - if req.ID == "" { - return nil, fmt.Errorf("1panel api error: invalid parameter: ID") - } - - resp := &UpdateSSLResponse{} - err := c.sendRequestWithResult(http.MethodGet, fmt.Sprintf("/ssls/%s", req.ID), req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/apisix/client.go b/internal/pkg/sdk3rd/apisix/client.go deleted file mode 100644 index 66784824..00000000 --- a/internal/pkg/sdk3rd/apisix/client.go +++ /dev/null @@ -1,87 +0,0 @@ -package apisix - -import ( - "crypto/tls" - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(serverUrl, apiKey string) *Client { - client := resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")+"/apisix/admin"). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - req.Header.Set("X-API-KEY", apiKey) - - return nil - }) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("apisix api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("apisix api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result interface{}) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("apisix api error: failed to unmarshal response: %w", err) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/apisix/models.go b/internal/pkg/sdk3rd/apisix/models.go deleted file mode 100644 index 960c8489..00000000 --- a/internal/pkg/sdk3rd/apisix/models.go +++ /dev/null @@ -1,12 +0,0 @@ -package apisix - -type UpdateSSLRequest struct { - ID string `json:"-"` - Cert *string `json:"cert,omitempty"` - Key *string `json:"key,omitempty"` - SNIs *[]string `json:"snis,omitempty"` - Type *string `json:"type,omitempty"` - Status *int32 `json:"status,omitempty"` -} - -type UpdateSSLResponse struct{} diff --git a/internal/pkg/sdk3rd/baishan/api.go b/internal/pkg/sdk3rd/baishan/api.go deleted file mode 100644 index dba90fad..00000000 --- a/internal/pkg/sdk3rd/baishan/api.go +++ /dev/null @@ -1,23 +0,0 @@ -package baishan - -import ( - "net/http" -) - -func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { - resp := &CreateCertificateResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/v2/domain/certificate", req, resp) - return resp, err -} - -func (c *Client) GetDomainConfig(req *GetDomainConfigRequest) (*GetDomainConfigResponse, error) { - resp := &GetDomainConfigResponse{} - err := c.sendRequestWithResult(http.MethodGet, "/v2/domain/config", req, resp) - return resp, err -} - -func (c *Client) SetDomainConfig(req *SetDomainConfigRequest) (*SetDomainConfigResponse, error) { - resp := &SetDomainConfigResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/v2/domain/config", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/baishan/client.go b/internal/pkg/sdk3rd/baishan/client.go deleted file mode 100644 index 7922096e..00000000 --- a/internal/pkg/sdk3rd/baishan/client.go +++ /dev/null @@ -1,93 +0,0 @@ -package baishan - -import ( - "encoding/json" - "fmt" - "net/http" - "net/url" - "reflect" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(apiToken string) *Client { - client := resty.New(). - SetBaseURL("https://cdn.api.baishan.com"). - SetHeader("User-Agent", "certimate"). - SetHeader("Token", apiToken) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := url.Values{} - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - rv := reflect.ValueOf(v) - switch rv.Kind() { - case reflect.Slice, reflect.Array: - for i := 0; i < rv.Len(); i++ { - qs.Add(fmt.Sprintf("%s[]", k), fmt.Sprintf("%v", rv.Index(i).Interface())) - } - case reflect.Map: - for _, rk := range rv.MapKeys() { - qs.Add(fmt.Sprintf("%s[%s]", k, rk.Interface()), fmt.Sprintf("%v", rv.MapIndex(rk).Interface())) - } - default: - qs.Set(k, fmt.Sprintf("%v", v)) - } - } - } - } - - req = req.SetQueryParamsFromValues(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("baishan api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("baishan api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("baishan api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != 0 { - return fmt.Errorf("baishan api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/baishan/models.go b/internal/pkg/sdk3rd/baishan/models.go deleted file mode 100644 index 457729e8..00000000 --- a/internal/pkg/sdk3rd/baishan/models.go +++ /dev/null @@ -1,82 +0,0 @@ -package baishan - -import "encoding/json" - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code *int32 `json:"code,omitempty"` - Message *string `json:"message,omitempty"` -} - -func (r *baseResponse) GetCode() int32 { - if r.Code != nil { - return *r.Code - } - return 0 -} - -func (r *baseResponse) GetMessage() string { - if r.Message != nil { - return *r.Message - } - return "" -} - -type CreateCertificateRequest struct { - CertificateId *string `json:"cert_id,omitempty"` - Certificate string `json:"certificate"` - Key string `json:"key"` - Name string `json:"name"` -} - -type CreateCertificateResponse struct { - baseResponse - Data *DomainCertificate `json:"data,omitempty"` -} - -type GetDomainConfigRequest struct { - Domains string `json:"domains"` - Config []string `json:"config"` -} - -type GetDomainConfigResponse struct { - baseResponse - Data []*struct { - Domain string `json:"domain"` - Config *DomainConfig `json:"config"` - } `json:"data,omitempty"` -} - -type SetDomainConfigRequest struct { - Domains string `json:"domains"` - Config *DomainConfig `json:"config"` -} - -type SetDomainConfigResponse struct { - baseResponse - Data *struct { - Config *DomainConfig `json:"config"` - } `json:"data,omitempty"` -} - -type DomainCertificate struct { - CertId json.Number `json:"cert_id"` - Name string `json:"name"` - CertStartTime string `json:"cert_start_time"` - CertExpireTime string `json:"cert_expire_time"` -} - -type DomainConfig struct { - Https *DomainConfigHttps `json:"https"` -} - -type DomainConfigHttps struct { - CertId json.Number `json:"cert_id"` - ForceHttps *string `json:"force_https,omitempty"` - EnableHttp2 *string `json:"http2,omitempty"` - EnableOcsp *string `json:"ocsp,omitempty"` -} diff --git a/internal/pkg/sdk3rd/btpanel/api.go b/internal/pkg/sdk3rd/btpanel/api.go deleted file mode 100644 index 926e03e5..00000000 --- a/internal/pkg/sdk3rd/btpanel/api.go +++ /dev/null @@ -1,31 +0,0 @@ -package btpanel - -func (c *Client) ConfigSavePanelSSL(req *ConfigSavePanelSSLRequest) (*ConfigSavePanelSSLResponse, error) { - resp := &ConfigSavePanelSSLResponse{} - err := c.sendRequestWithResult("/config?action=SavePanelSSL", req, resp) - return resp, err -} - -func (c *Client) SiteSetSSL(req *SiteSetSSLRequest) (*SiteSetSSLResponse, error) { - resp := &SiteSetSSLResponse{} - err := c.sendRequestWithResult("/site?action=SetSSL", req, resp) - return resp, err -} - -func (c *Client) SystemServiceAdmin(req *SystemServiceAdminRequest) (*SystemServiceAdminResponse, error) { - resp := &SystemServiceAdminResponse{} - err := c.sendRequestWithResult("/system?action=ServiceAdmin", req, resp) - return resp, err -} - -func (c *Client) SSLCertSaveCert(req *SSLCertSaveCertRequest) (*SSLCertSaveCertResponse, error) { - resp := &SSLCertSaveCertResponse{} - err := c.sendRequestWithResult("/ssl/cert/save_cert", req, resp) - return resp, err -} - -func (c *Client) SSLSetBatchCertToSite(req *SSLSetBatchCertToSiteRequest) (*SSLSetBatchCertToSiteResponse, error) { - resp := &SSLSetBatchCertToSiteResponse{} - err := c.sendRequestWithResult("/ssl?action=SetBatchCertToSite", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/btpanel/client.go b/internal/pkg/sdk3rd/btpanel/client.go deleted file mode 100644 index 7faa46c0..00000000 --- a/internal/pkg/sdk3rd/btpanel/client.go +++ /dev/null @@ -1,110 +0,0 @@ -package btpanel - -import ( - "crypto/md5" - "crypto/tls" - "encoding/hex" - "encoding/json" - "fmt" - "reflect" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - apiKey string - - client *resty.Client -} - -func NewClient(serverUrl, apiKey string) *Client { - client := resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")). - SetHeader("Content-Type", "application/x-www-form-urlencoded"). - SetHeader("User-Agent", "certimate") - - return &Client{ - apiKey: apiKey, - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) generateSignature(timestamp string) string { - keyMd5 := md5.Sum([]byte(c.apiKey)) - keyMd5Hex := strings.ToLower(hex.EncodeToString(keyMd5[:])) - - signMd5 := md5.Sum([]byte(timestamp + keyMd5Hex)) - signMd5Hex := strings.ToLower(hex.EncodeToString(signMd5[:])) - return signMd5Hex -} - -func (c *Client) sendRequest(path string, params interface{}) (*resty.Response, error) { - timestamp := time.Now().Unix() - - data := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - switch reflect.Indirect(reflect.ValueOf(v)).Kind() { - case reflect.String: - data[k] = v.(string) - case reflect.Bool, reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Float32, reflect.Float64: - data[k] = fmt.Sprintf("%v", v) - default: - if t, ok := v.(time.Time); ok { - data[k] = t.Format(time.RFC3339) - } else { - jbytes, _ := json.Marshal(v) - data[k] = string(jbytes) - } - } - } - } - } - data["request_time"] = fmt.Sprintf("%d", timestamp) - data["request_token"] = c.generateSignature(fmt.Sprintf("%d", timestamp)) - - req := c.client.R().SetFormData(data) - resp, err := req.Post(path) - if err != nil { - return resp, fmt.Errorf("baota api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("baota api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(path, params) - if err != nil { - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("baota api error: failed to unmarshal response: %w", err) - } else if errstatus := result.GetStatus(); errstatus != nil && !*errstatus { - if result.GetMessage() == nil { - return fmt.Errorf("baota api error: unknown error") - } else { - return fmt.Errorf("baota api error: message='%s'", *result.GetMessage()) - } - } - - return nil -} diff --git a/internal/pkg/sdk3rd/btpanel/models.go b/internal/pkg/sdk3rd/btpanel/models.go deleted file mode 100644 index 923efeda..00000000 --- a/internal/pkg/sdk3rd/btpanel/models.go +++ /dev/null @@ -1,75 +0,0 @@ -package btpanel - -type BaseResponse interface { - GetStatus() *bool - GetMessage() *string -} - -type baseResponse struct { - Status *bool `json:"status,omitempty"` - Message *string `json:"msg,omitempty"` -} - -func (r *baseResponse) GetStatus() *bool { - return r.Status -} - -func (r *baseResponse) GetMessage() *string { - return r.Message -} - -type ConfigSavePanelSSLRequest struct { - PrivateKey string `json:"privateKey"` - Certificate string `json:"certPem"` -} - -type ConfigSavePanelSSLResponse struct { - baseResponse -} - -type SiteSetSSLRequest struct { - Type string `json:"type"` - SiteName string `json:"siteName"` - PrivateKey string `json:"key"` - Certificate string `json:"csr"` -} - -type SiteSetSSLResponse struct { - baseResponse -} - -type SystemServiceAdminRequest struct { - Name string `json:"name"` - Type string `json:"type"` -} - -type SystemServiceAdminResponse struct { - baseResponse -} - -type SSLCertSaveCertRequest struct { - PrivateKey string `json:"key"` - Certificate string `json:"csr"` -} - -type SSLCertSaveCertResponse struct { - baseResponse - SSLHash string `json:"ssl_hash"` -} - -type SSLSetBatchCertToSiteRequest struct { - BatchInfo []*SSLSetBatchCertToSiteRequestBatchInfo `json:"BatchInfo"` -} - -type SSLSetBatchCertToSiteRequestBatchInfo struct { - SSLHash string `json:"ssl_hash"` - SiteName string `json:"siteName"` - CertName string `json:"certName"` -} - -type SSLSetBatchCertToSiteResponse struct { - baseResponse - TotalCount int32 `json:"total"` - SuccessCount int32 `json:"success"` - FailedCount int32 `json:"faild"` -} diff --git a/internal/pkg/sdk3rd/btwaf/api.go b/internal/pkg/sdk3rd/btwaf/api.go deleted file mode 100644 index bc35dee5..00000000 --- a/internal/pkg/sdk3rd/btwaf/api.go +++ /dev/null @@ -1,19 +0,0 @@ -package btwaf - -func (c *Client) GetSiteList(req *GetSiteListRequest) (*GetSiteListResponse, error) { - resp := &GetSiteListResponse{} - err := c.sendRequestWithResult("/wafmastersite/get_site_list", req, resp) - return resp, err -} - -func (c *Client) ModifySite(req *ModifySiteRequest) (*ModifySiteResponse, error) { - resp := &ModifySiteResponse{} - err := c.sendRequestWithResult("/wafmastersite/modify_site", req, resp) - return resp, err -} - -func (c *Client) ConfigSetSSL(req *ConfigSetSSLRequest) (*ConfigSetSSLResponse, error) { - resp := &ConfigSetSSLResponse{} - err := c.sendRequestWithResult("/config/set_cert", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/btwaf/client.go b/internal/pkg/sdk3rd/btwaf/client.go deleted file mode 100644 index 4bf76b16..00000000 --- a/internal/pkg/sdk3rd/btwaf/client.go +++ /dev/null @@ -1,77 +0,0 @@ -package btwaf - -import ( - "crypto/md5" - "crypto/tls" - "encoding/hex" - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(serverUrl, apiKey string) *Client { - client := resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")+"/api"). - SetHeader("Content-Type", "application/json"). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - timestamp := fmt.Sprintf("%d", time.Now().Unix()) - keyMd5 := md5.Sum([]byte(apiKey)) - keyMd5Hex := strings.ToLower(hex.EncodeToString(keyMd5[:])) - signMd5 := md5.Sum([]byte(timestamp + keyMd5Hex)) - signMd5Hex := strings.ToLower(hex.EncodeToString(signMd5[:])) - req.Header.Set("waf_request_time", timestamp) - req.Header.Set("waf_request_token", signMd5Hex) - - return nil - }) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(path string, params interface{}) (*resty.Response, error) { - req := c.client.R().SetBody(params) - resp, err := req.Post(path) - if err != nil { - return resp, fmt.Errorf("baota api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("baota api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(path, params) - if err != nil { - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("baota api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != 0 { - return fmt.Errorf("baota api error: code='%d'", errcode) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/btwaf/models.go b/internal/pkg/sdk3rd/btwaf/models.go deleted file mode 100644 index 6217e1a5..00000000 --- a/internal/pkg/sdk3rd/btwaf/models.go +++ /dev/null @@ -1,67 +0,0 @@ -package btwaf - -type BaseResponse interface { - GetCode() int32 -} - -type baseResponse struct { - Code *int32 `json:"code,omitempty"` -} - -func (r *baseResponse) GetCode() int32 { - if r.Code != nil { - return *r.Code - } - return 0 -} - -type GetSiteListRequest struct { - Page *int32 `json:"p,omitempty"` - PageSize *int32 `json:"p_size,omitempty"` - SiteName *string `json:"site_name,omitempty"` -} - -type GetSiteListResponse struct { - baseResponse - Result *struct { - List []*struct { - SiteId string `json:"site_id"` - SiteName string `json:"site_name"` - Type string `json:"types"` - Status int32 `json:"status"` - CreateTime int64 `json:"create_time"` - UpdateTime int64 `json:"update_time"` - } `json:"list"` - Total int32 `json:"total"` - } `json:"res,omitempty"` -} - -type SiteServerInfo struct { - ListenSSLPorts *[]int32 `json:"listen_ssl_port,omitempty"` - SSL *SiteServerSSLInfo `json:"ssl,omitempty"` -} - -type SiteServerSSLInfo struct { - IsSSL *int32 `json:"is_ssl,omitempty"` - FullChain *string `json:"full_chain,omitempty"` - PrivateKey *string `json:"private_key,omitempty"` -} - -type ModifySiteRequest struct { - SiteId string `json:"site_id"` - Type *string `json:"types,omitempty"` - Server *SiteServerInfo `json:"server,omitempty"` -} - -type ModifySiteResponse struct { - baseResponse -} - -type ConfigSetSSLRequest struct { - CertContent string `json:"certContent"` - KeyContent string `json:"keyContent"` -} - -type ConfigSetSSLResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/bunny/api.go b/internal/pkg/sdk3rd/bunny/api.go deleted file mode 100644 index 01f27606..00000000 --- a/internal/pkg/sdk3rd/bunny/api.go +++ /dev/null @@ -1,16 +0,0 @@ -package bunny - -import ( - "fmt" - "net/http" - "net/url" -) - -func (c *Client) AddCustomCertificate(req *AddCustomCertificateRequest) ([]byte, error) { - if req.PullZoneId == "" { - return nil, fmt.Errorf("bunny api error: invalid parameter: PullZoneId") - } - - resp, err := c.sendRequest(http.MethodPost, fmt.Sprintf("/pullzone/%s/addCertificate", url.PathEscape(req.PullZoneId)), req) - return resp.Body(), err -} diff --git a/internal/pkg/sdk3rd/bunny/client.go b/internal/pkg/sdk3rd/bunny/client.go deleted file mode 100644 index 1efa2236..00000000 --- a/internal/pkg/sdk3rd/bunny/client.go +++ /dev/null @@ -1,61 +0,0 @@ -package bunny - -import ( - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(apiToken string) *Client { - client := resty.New(). - SetBaseURL("https://api.bunny.net"). - SetHeader("User-Agent", "certimate"). - SetHeader("AccessKey", apiToken) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("bunny api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("bunny api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} diff --git a/internal/pkg/sdk3rd/bunny/models.go b/internal/pkg/sdk3rd/bunny/models.go deleted file mode 100644 index 3920eba1..00000000 --- a/internal/pkg/sdk3rd/bunny/models.go +++ /dev/null @@ -1,8 +0,0 @@ -package bunny - -type AddCustomCertificateRequest struct { - Hostname string `json:"Hostname"` - PullZoneId string `json:"-"` - Certificate string `json:"Certificate"` - CertificateKey string `json:"CertificateKey"` -} diff --git a/internal/pkg/sdk3rd/cachefly/api.go b/internal/pkg/sdk3rd/cachefly/api.go deleted file mode 100644 index 0b4ae265..00000000 --- a/internal/pkg/sdk3rd/cachefly/api.go +++ /dev/null @@ -1,11 +0,0 @@ -package cachefly - -import ( - "net/http" -) - -func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { - resp := &CreateCertificateResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/certificates", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/cachefly/client.go b/internal/pkg/sdk3rd/cachefly/client.go deleted file mode 100644 index cf29e833..00000000 --- a/internal/pkg/sdk3rd/cachefly/client.go +++ /dev/null @@ -1,76 +0,0 @@ -package cachefly - -import ( - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(apiToken string) *Client { - client := resty.New(). - SetBaseURL("https://api.cachefly.com/api/2.5"). - SetHeader("X-CF-Authorization", "Bearer "+apiToken) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("cachefly api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("cachefly api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("cachefly api error: failed to unmarshal response: %w", err) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/cachefly/models.go b/internal/pkg/sdk3rd/cachefly/models.go deleted file mode 100644 index bcab441a..00000000 --- a/internal/pkg/sdk3rd/cachefly/models.go +++ /dev/null @@ -1,38 +0,0 @@ -package cachefly - -type BaseResponse interface { - GetMessage() string -} - -type baseResponse struct { - Message *string `json:"message,omitempty"` -} - -func (r *baseResponse) GetMessage() string { - if r.Message != nil { - return *r.Message - } - return "" -} - -type CreateCertificateRequest struct { - Certificate string `json:"certificate"` - CertificateKey string `json:"certificateKey"` - Password *string `json:"password"` -} - -type CreateCertificateResponse struct { - baseResponse - Id string `json:"_id"` - SubjectCommonName string `json:"subjectCommonName"` - SubjectNames []string `json:"subjectNames"` - Expired bool `json:"expired"` - Expiring bool `json:"expiring"` - InUse bool `json:"inUse"` - Managed bool `json:"managed"` - Services []string `json:"services"` - Domains []string `json:"domains"` - NotBefore string `json:"notBefore"` - NotAfter string `json:"notAfter"` - CreatedAt string `json:"createdAt"` -} diff --git a/internal/pkg/sdk3rd/cdnfly/api.go b/internal/pkg/sdk3rd/cdnfly/api.go deleted file mode 100644 index ee827b8c..00000000 --- a/internal/pkg/sdk3rd/cdnfly/api.go +++ /dev/null @@ -1,43 +0,0 @@ -package cdnfly - -import ( - "fmt" - "net/http" - "net/url" -) - -func (c *Client) GetSite(req *GetSiteRequest) (*GetSiteResponse, error) { - if req.Id == "" { - return nil, fmt.Errorf("cdnfly api error: invalid parameter: Id") - } - - resp := &GetSiteResponse{} - err := c.sendRequestWithResult(http.MethodGet, fmt.Sprintf("/v1/sites/%s", url.PathEscape(req.Id)), req, resp) - return resp, err -} - -func (c *Client) UpdateSite(req *UpdateSiteRequest) (*UpdateSiteResponse, error) { - if req.Id == "" { - return nil, fmt.Errorf("cdnfly api error: invalid parameter: Id") - } - - resp := &UpdateSiteResponse{} - err := c.sendRequestWithResult(http.MethodPut, fmt.Sprintf("/v1/sites/%s", url.PathEscape(req.Id)), req, resp) - return resp, err -} - -func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { - resp := &CreateCertificateResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/v1/certs", req, resp) - return resp, err -} - -func (c *Client) UpdateCertificate(req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { - if req.Id == "" { - return nil, fmt.Errorf("cdnfly api error: invalid parameter: Id") - } - - resp := &UpdateCertificateResponse{} - err := c.sendRequestWithResult(http.MethodPut, fmt.Sprintf("/v1/certs/%s", url.PathEscape(req.Id)), req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/cdnfly/client.go b/internal/pkg/sdk3rd/cdnfly/client.go deleted file mode 100644 index 6026d246..00000000 --- a/internal/pkg/sdk3rd/cdnfly/client.go +++ /dev/null @@ -1,86 +0,0 @@ -package cdnfly - -import ( - "crypto/tls" - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(serverUrl, apiKey, apiSecret string) *Client { - client := resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")). - SetHeader("User-Agent", "certimate"). - SetHeader("API-Key", apiKey). - SetHeader("API-Secret", apiSecret) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("cdnfly api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("cdnfly api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("cdnfly api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != "" && errcode != "0" { - return fmt.Errorf("cdnfly api error: code='%s', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/cdnfly/models.go b/internal/pkg/sdk3rd/cdnfly/models.go deleted file mode 100644 index d676becd..00000000 --- a/internal/pkg/sdk3rd/cdnfly/models.go +++ /dev/null @@ -1,84 +0,0 @@ -package cdnfly - -import "fmt" - -type BaseResponse interface { - GetCode() string - GetMessage() string -} - -type baseResponse struct { - Code any `json:"code"` - Message string `json:"msg"` -} - -func (r *baseResponse) GetCode() string { - if r.Code == nil { - return "" - } - - if code, ok := r.Code.(int); ok { - return fmt.Sprintf("%d", code) - } - - if code, ok := r.Code.(string); ok { - return code - } - - return "" -} - -func (r *baseResponse) GetMessage() string { - return r.Message -} - -type GetSiteRequest struct { - Id string `json:"-"` -} - -type GetSiteResponse struct { - baseResponse - Data *struct { - Id int64 `json:"id"` - Name string `json:"name"` - Domain string `json:"domain"` - HttpsListen string `json:"https_listen"` - } `json:"data,omitempty"` -} - -type UpdateSiteRequest struct { - Id string `json:"-"` - HttpsListen *string `json:"https_listen,omitempty"` - Enable *bool `json:"enable,omitempty"` -} - -type UpdateSiteResponse struct { - baseResponse -} - -type CreateCertificateRequest struct { - Name string `json:"name"` - Description *string `json:"des,omitempty"` - Type string `json:"type"` - Cert string `json:"cert"` - Key string `json:"key"` -} - -type CreateCertificateResponse struct { - baseResponse - Data string `json:"data"` -} - -type UpdateCertificateRequest struct { - Id string `json:"-"` - Name *string `json:"name,omitempty"` - Description *string `json:"des,omitempty"` - Type *string `json:"type,omitempty"` - Cert *string `json:"cert,omitempty"` - Key *string `json:"key,omitempty"` - Enable *bool `json:"enable,omitempty"` -} - -type UpdateCertificateResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/ctyun/cdn/client.go b/internal/pkg/sdk3rd/ctyun/cdn/client.go deleted file mode 100644 index 77402a4e..00000000 --- a/internal/pkg/sdk3rd/ctyun/cdn/client.go +++ /dev/null @@ -1,49 +0,0 @@ -package cdn - -import ( - "fmt" - "time" - - "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/openapi" -) - -const endpoint = "https://ctcdn-global.ctapi.ctyun.cn" - -type Client struct { - client *openapi.Client -} - -func NewClient(accessKeyId, secretAccessKey string) (*Client, error) { - client, err := openapi.NewClient(endpoint, accessKeyId, secretAccessKey) - if err != nil { - return nil, err - } - - return &Client{client: client}, nil -} - -func (c *Client) SetTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) newRequest(method string, path string) (*resty.Request, error) { - return c.client.NewRequest(method, path) -} - -func (c *Client) doRequest(request *resty.Request) (*resty.Response, error) { - return c.client.DoRequest(request) -} - -func (c *Client) doRequestWithResult(request *resty.Request, result baseResultInterface) (*resty.Response, error) { - response, err := c.client.DoRequestWithResult(request, result) - if err == nil { - statusCode := result.GetStatusCode() - if statusCode != "" && statusCode != "100000" { - return response, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", statusCode, result.GetMessage(), result.GetMessage(), result.GetErrorMessage()) - } - } - - return response, err -} diff --git a/internal/pkg/sdk3rd/ctyun/icdn/client.go b/internal/pkg/sdk3rd/ctyun/icdn/client.go deleted file mode 100644 index 5f3e0084..00000000 --- a/internal/pkg/sdk3rd/ctyun/icdn/client.go +++ /dev/null @@ -1,49 +0,0 @@ -package icdn - -import ( - "fmt" - "time" - - "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/openapi" -) - -const endpoint = "https://icdn-global.ctapi.ctyun.cn" - -type Client struct { - client *openapi.Client -} - -func NewClient(accessKeyId, secretAccessKey string) (*Client, error) { - client, err := openapi.NewClient(endpoint, accessKeyId, secretAccessKey) - if err != nil { - return nil, err - } - - return &Client{client: client}, nil -} - -func (c *Client) SetTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) newRequest(method string, path string) (*resty.Request, error) { - return c.client.NewRequest(method, path) -} - -func (c *Client) doRequest(request *resty.Request) (*resty.Response, error) { - return c.client.DoRequest(request) -} - -func (c *Client) doRequestWithResult(request *resty.Request, result baseResultInterface) (*resty.Response, error) { - response, err := c.client.DoRequestWithResult(request, result) - if err == nil { - statusCode := result.GetStatusCode() - if statusCode != "" && statusCode != "100000" { - return response, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", statusCode, result.GetMessage(), result.GetMessage(), result.GetErrorMessage()) - } - } - - return response, err -} diff --git a/internal/pkg/sdk3rd/ctyun/lvdn/client.go b/internal/pkg/sdk3rd/ctyun/lvdn/client.go deleted file mode 100644 index 5542bad9..00000000 --- a/internal/pkg/sdk3rd/ctyun/lvdn/client.go +++ /dev/null @@ -1,49 +0,0 @@ -package lvdn - -import ( - "fmt" - "time" - - "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/openapi" -) - -const endpoint = "https://ctlvdn-global.ctapi.ctyun.cn" - -type Client struct { - client *openapi.Client -} - -func NewClient(accessKeyId, secretAccessKey string) (*Client, error) { - client, err := openapi.NewClient(endpoint, accessKeyId, secretAccessKey) - if err != nil { - return nil, err - } - - return &Client{client: client}, nil -} - -func (c *Client) SetTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) newRequest(method string, path string) (*resty.Request, error) { - return c.client.NewRequest(method, path) -} - -func (c *Client) doRequest(request *resty.Request) (*resty.Response, error) { - return c.client.DoRequest(request) -} - -func (c *Client) doRequestWithResult(request *resty.Request, result baseResultInterface) (*resty.Response, error) { - response, err := c.client.DoRequestWithResult(request, result) - if err == nil { - statusCode := result.GetStatusCode() - if statusCode != "" && statusCode != "100000" { - return response, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", statusCode, result.GetMessage(), result.GetMessage(), result.GetErrorMessage()) - } - } - - return response, err -} diff --git a/internal/pkg/sdk3rd/dcloud/unicloud/api.go b/internal/pkg/sdk3rd/dcloud/unicloud/api.go deleted file mode 100644 index 1cd90b15..00000000 --- a/internal/pkg/sdk3rd/dcloud/unicloud/api.go +++ /dev/null @@ -1,78 +0,0 @@ -package unicloud - -import ( - "fmt" - "net/http" - "regexp" - "time" -) - -func (c *Client) ensureServerlessJwtTokenExists() error { - c.serverlessJwtTokenMtx.Lock() - defer c.serverlessJwtTokenMtx.Unlock() - if c.serverlessJwtToken != "" && c.serverlessJwtTokenExp.After(time.Now()) { - return nil - } - - params := &loginParams{ - Password: c.password, - } - if regexp.MustCompile("^1\\d{10}$").MatchString(c.username) { - params.Mobile = c.username - } else if regexp.MustCompile("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$").MatchString(c.username) { - params.Email = c.username - } else { - params.Username = c.username - } - - resp := &loginResponse{} - if err := c.invokeServerlessWithResult( - uniIdentityEndpoint, uniIdentityClientSecret, uniIdentityAppId, uniIdentitySpaceId, - "uni-id-co", "login", "", params, nil, - resp); err != nil { - return err - } else if resp.Data == nil || resp.Data.NewToken == nil || resp.Data.NewToken.Token == "" { - return fmt.Errorf("unicloud api error: received empty token") - } - - c.serverlessJwtToken = resp.Data.NewToken.Token - c.serverlessJwtTokenExp = time.UnixMilli(resp.Data.NewToken.TokenExpired) - - return nil -} - -func (c *Client) ensureApiUserTokenExists() error { - if err := c.ensureServerlessJwtTokenExists(); err != nil { - return err - } - - c.apiUserTokenMtx.Lock() - defer c.apiUserTokenMtx.Unlock() - if c.apiUserToken != "" { - return nil - } - - resp := &getUserTokenResponse{} - if err := c.invokeServerlessWithResult( - uniConsoleEndpoint, uniConsoleClientSecret, uniConsoleAppId, uniConsoleSpaceId, - "uni-cloud-kernel", "", "user/getUserToken", nil, map[string]any{"isLogin": true}, - resp); err != nil { - return err - } else if resp.Data == nil || resp.Data.Data == nil || resp.Data.Data.Data == nil || resp.Data.Data.Data.Token == "" { - return fmt.Errorf("unicloud api error: received empty user token") - } - - c.apiUserToken = resp.Data.Data.Data.Token - - return nil -} - -func (c *Client) CreateDomainWithCert(req *CreateDomainWithCertRequest) (*CreateDomainWithCertResponse, error) { - if err := c.ensureApiUserTokenExists(); err != nil { - return nil, err - } - - resp := &CreateDomainWithCertResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/host/create-domain-with-cert", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/dcloud/unicloud/models.go b/internal/pkg/sdk3rd/dcloud/unicloud/models.go deleted file mode 100644 index 05b02db6..00000000 --- a/internal/pkg/sdk3rd/dcloud/unicloud/models.go +++ /dev/null @@ -1,103 +0,0 @@ -package unicloud - -type BaseResponse interface { - GetSuccess() bool - GetErrorCode() string - GetErrorMessage() string - - GetReturnCode() int32 - GetReturnDesc() string -} - -type baseResponse struct { - Success *bool `json:"success,omitempty"` - Header *map[string]string `json:"header,omitempty"` - Error *struct { - Code string `json:"code"` - Message string `json:"message"` - } `json:"error,omitempty"` - - ReturnCode *int32 `json:"ret,omitempty"` - ReturnDesc *string `json:"desc,omitempty"` -} - -func (r *baseResponse) GetReturnCode() int32 { - if r.ReturnCode != nil { - return *r.ReturnCode - } - return 0 -} - -func (r *baseResponse) GetReturnDesc() string { - if r.ReturnDesc != nil { - return *r.ReturnDesc - } - return "" -} - -func (r *baseResponse) GetSuccess() bool { - if r.Success != nil { - return *r.Success - } - return false -} - -func (r *baseResponse) GetErrorCode() string { - if r.Error != nil { - return r.Error.Code - } - return "" -} - -func (r *baseResponse) GetErrorMessage() string { - if r.Error != nil { - return r.Error.Message - } - return "" -} - -type loginParams struct { - Email string `json:"email,omitempty"` - Mobile string `json:"mobile,omitempty"` - Username string `json:"username,omitempty"` - Password string `json:"password"` -} - -type loginResponse struct { - baseResponse - Data *struct { - Code int32 `json:"errCode"` - UID string `json:"uid"` - NewToken *struct { - Token string `json:"token"` - TokenExpired int64 `json:"tokenExpired"` - } `json:"newToken,omitempty"` - } `json:"data,omitempty"` -} - -type getUserTokenResponse struct { - baseResponse - Data *struct { - Code int32 `json:"code"` - Data *struct { - Result int32 `json:"ret"` - Description string `json:"desc"` - Data *struct { - Email string `json:"email"` - Token string `json:"token"` - } `json:"data,omitempty"` - } `json:"data,omitempty"` - } `json:"data,omitempty"` -} - -type CreateDomainWithCertRequest struct { - Provider string `json:"provider"` - SpaceId string `json:"spaceId"` - Domain string `json:"domain"` - Cert string `json:"cert"` - Key string `json:"key"` -} - -type CreateDomainWithCertResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/dnsla/api.go b/internal/pkg/sdk3rd/dnsla/api.go deleted file mode 100644 index 6f999ce7..00000000 --- a/internal/pkg/sdk3rd/dnsla/api.go +++ /dev/null @@ -1,41 +0,0 @@ -package dnsla - -import ( - "fmt" - "net/http" - "net/url" -) - -func (c *Client) ListDomains(req *ListDomainsRequest) (*ListDomainsResponse, error) { - resp := &ListDomainsResponse{} - err := c.sendRequestWithResult(http.MethodGet, "/domainList", req, resp) - return resp, err -} - -func (c *Client) ListRecords(req *ListRecordsRequest) (*ListRecordsResponse, error) { - resp := &ListRecordsResponse{} - err := c.sendRequestWithResult(http.MethodGet, "/recordList", req, resp) - return resp, err -} - -func (c *Client) CreateRecord(req *CreateRecordRequest) (*CreateRecordResponse, error) { - resp := &CreateRecordResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/record", req, resp) - return resp, err -} - -func (c *Client) UpdateRecord(req *UpdateRecordRequest) (*UpdateRecordResponse, error) { - resp := &UpdateRecordResponse{} - err := c.sendRequestWithResult(http.MethodPut, "/record", req, resp) - return resp, err -} - -func (c *Client) DeleteRecord(req *DeleteRecordRequest) (*DeleteRecordResponse, error) { - if req.Id == "" { - return nil, fmt.Errorf("dnsla api error: invalid parameter: Id") - } - - resp := &DeleteRecordResponse{} - err := c.sendRequestWithResult(http.MethodDelete, fmt.Sprintf("/record?id=%s", url.QueryEscape(req.Id)), req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/dnsla/client.go b/internal/pkg/sdk3rd/dnsla/client.go deleted file mode 100644 index accd36d9..00000000 --- a/internal/pkg/sdk3rd/dnsla/client.go +++ /dev/null @@ -1,79 +0,0 @@ -package dnsla - -import ( - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(apiId, apiSecret string) *Client { - client := resty.New(). - SetBaseURL("https://api.dns.la/api"). - SetBasicAuth(apiId, apiSecret). - SetHeader("User-Agent", "certimate") - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("dnsla api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("dnsla api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("dnsla api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode/100 != 2 { - return fmt.Errorf("dnsla api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/dnsla/models.go b/internal/pkg/sdk3rd/dnsla/models.go deleted file mode 100644 index 38fd623b..00000000 --- a/internal/pkg/sdk3rd/dnsla/models.go +++ /dev/null @@ -1,131 +0,0 @@ -package dnsla - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code *int32 `json:"code,omitempty"` - Message *string `json:"message,omitempty"` -} - -func (r *baseResponse) GetCode() int32 { - if r.Code != nil { - return *r.Code - } - return 0 -} - -func (r *baseResponse) GetMessage() string { - if r.Message != nil { - return *r.Message - } - return "" -} - -type DomainInfo struct { - Id string `json:"id"` - GroupId string `json:"groupId"` - GroupName string `json:"groupName"` - Domain string `json:"domain"` - DisplayDomain string `json:"displayDomain"` - CreatedAt int64 `json:"createdAt"` - UpdatedAt int64 `json:"updatedAt"` -} - -type RecordInfo struct { - Id string `json:"id"` - DomainId string `json:"domainId"` - GroupId string `json:"groupId"` - GroupName string `json:"groupName"` - LineId string `json:"lineId"` - LineCode string `json:"lineCode"` - LineName string `json:"lineName"` - Type int32 `json:"type"` - Host string `json:"host"` - DisplayHost string `json:"displayHost"` - Data string `json:"data"` - DisplayData string `json:"displayData"` - Ttl int32 `json:"ttl"` - Weight int32 `json:"weight"` - Preference int32 `json:"preference"` - CreatedAt int64 `json:"createdAt"` - UpdatedAt int64 `json:"updatedAt"` -} - -type ListDomainsRequest struct { - PageIndex int32 `json:"pageIndex"` - PageSize int32 `json:"pageSize"` - GroupId *string `json:"groupId,omitempty"` -} - -type ListDomainsResponse struct { - baseResponse - Data *struct { - Total int32 `json:"total"` - Results []*DomainInfo `json:"results"` - } `json:"data,omitempty"` -} - -type ListRecordsRequest struct { - PageIndex int32 `json:"pageIndex"` - PageSize int32 `json:"pageSize"` - DomainId string `json:"domainId"` - GroupId *string `json:"groupId,omitempty"` - LineId *string `json:"lineId,omitempty"` - Type *int32 `json:"type,omitempty"` - Host *string `json:"host,omitempty"` - Data *string `json:"data,omitempty"` -} - -type ListRecordsResponse struct { - baseResponse - Data *struct { - Total int32 `json:"total"` - Results []*RecordInfo `json:"results"` - } `json:"data,omitempty"` -} - -type CreateRecordRequest struct { - DomainId string `json:"domainId"` - GroupId *string `json:"groupId,omitempty"` - LineId *string `json:"lineId,omitempty"` - Type int32 `json:"type"` - Host string `json:"host"` - Data string `json:"data"` - Ttl int32 `json:"ttl"` - Weight *int32 `json:"weight,omitempty"` - Preference *int32 `json:"preference,omitempty"` -} - -type CreateRecordResponse struct { - baseResponse - Data *struct { - Id string `json:"id"` - } `json:"data,omitempty"` -} - -type UpdateRecordRequest struct { - Id string `json:"id"` - GroupId *string `json:"groupId,omitempty"` - LineId *string `json:"lineId,omitempty"` - Type *int32 `json:"type,omitempty"` - Host *string `json:"host,omitempty"` - Data *string `json:"data,omitempty"` - Ttl *int32 `json:"ttl,omitempty"` - Weight *int32 `json:"weight,omitempty"` - Preference *int32 `json:"preference,omitempty"` -} - -type UpdateRecordResponse struct { - baseResponse -} - -type DeleteRecordRequest struct { - Id string `json:"-"` -} - -type DeleteRecordResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/dogecloud/client.go b/internal/pkg/sdk3rd/dogecloud/client.go deleted file mode 100644 index 75342907..00000000 --- a/internal/pkg/sdk3rd/dogecloud/client.go +++ /dev/null @@ -1,183 +0,0 @@ -package dogecloud - -import ( - "crypto/hmac" - "crypto/sha1" - "encoding/hex" - "encoding/json" - "fmt" - "io" - "net/http" - "net/url" - "strings" -) - -const dogeHost = "https://api.dogecloud.com" - -type Client struct { - accessKey string - secretKey string -} - -func NewClient(accessKey, secretKey string) *Client { - return &Client{accessKey: accessKey, secretKey: secretKey} -} - -func (c *Client) UploadCdnCert(note, cert, private string) (*UploadCdnCertResponse, error) { - req := &UploadCdnCertRequest{ - Note: note, - Certificate: cert, - PrivateKey: private, - } - - reqBts, err := json.Marshal(req) - if err != nil { - return nil, err - } - - reqMap := make(map[string]interface{}) - err = json.Unmarshal(reqBts, &reqMap) - if err != nil { - return nil, err - } - - respBts, err := c.sendReq(http.MethodPost, "cdn/cert/upload.json", reqMap, true) - if err != nil { - return nil, err - } - - resp := &UploadCdnCertResponse{} - err = json.Unmarshal(respBts, resp) - if err != nil { - return nil, err - } - if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 { - return nil, fmt.Errorf("dogecloud api error, code: %d, msg: %s", *resp.Code, *resp.Message) - } - - return resp, nil -} - -func (c *Client) BindCdnCertWithDomain(certId int64, domain string) (*BindCdnCertResponse, error) { - req := &BindCdnCertRequest{ - CertId: certId, - Domain: &domain, - } - - reqBts, err := json.Marshal(req) - if err != nil { - return nil, err - } - - reqMap := make(map[string]interface{}) - err = json.Unmarshal(reqBts, &reqMap) - if err != nil { - return nil, err - } - - respBts, err := c.sendReq(http.MethodPost, "cdn/cert/bind.json", reqMap, true) - if err != nil { - return nil, err - } - - resp := &BindCdnCertResponse{} - err = json.Unmarshal(respBts, resp) - if err != nil { - return nil, err - } - if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 { - return nil, fmt.Errorf("dogecloud api error, code: %d, msg: %s", *resp.Code, *resp.Message) - } - - return resp, nil -} - -func (c *Client) BindCdnCertWithDomainId(certId int64, domainId int64) (*BindCdnCertResponse, error) { - req := &BindCdnCertRequest{ - CertId: certId, - DomainId: &domainId, - } - - reqBts, err := json.Marshal(req) - if err != nil { - return nil, err - } - - reqMap := make(map[string]interface{}) - err = json.Unmarshal(reqBts, &reqMap) - if err != nil { - return nil, err - } - - respBts, err := c.sendReq(http.MethodPost, "cdn/cert/bind.json", reqMap, true) - if err != nil { - return nil, err - } - - resp := &BindCdnCertResponse{} - err = json.Unmarshal(respBts, resp) - if err != nil { - return nil, err - } - if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 { - return nil, fmt.Errorf("dogecloud api error, code: %d, msg: %s", *resp.Code, *resp.Message) - } - - return resp, nil -} - -// 调用多吉云的 API。 -// https://docs.dogecloud.com/cdn/api-access-token?id=go -// -// 入参: -// - method:GET 或 POST -// - path:是调用的 API 接口地址,包含 URL 请求参数 QueryString,例如:/console/vfetch/add.json?url=xxx&a=1&b=2 -// - data:POST 的数据,对象,例如 {a: 1, b: 2},传递此参数表示不是 GET 请求而是 POST 请求 -// - jsonMode:数据 data 是否以 JSON 格式请求,默认为 false 则使用表单形式(a=1&b=2) -func (c *Client) sendReq(method string, path string, data map[string]interface{}, jsonMode bool) ([]byte, error) { - body := "" - mime := "" - if jsonMode { - _body, err := json.Marshal(data) - if err != nil { - return nil, err - } - body = string(_body) - mime = "application/json" - } else { - values := url.Values{} - for k, v := range data { - values.Set(k, v.(string)) - } - body = values.Encode() - mime = "application/x-www-form-urlencoded" - } - - path = strings.TrimPrefix(path, "/") - signStr := "/" + path + "\n" + body - hmacObj := hmac.New(sha1.New, []byte(c.secretKey)) - hmacObj.Write([]byte(signStr)) - sign := hex.EncodeToString(hmacObj.Sum(nil)) - auth := fmt.Sprintf("TOKEN %s:%s", c.accessKey, sign) - - req, err := http.NewRequest(method, fmt.Sprintf("%s/%s", dogeHost, path), strings.NewReader(body)) - if err != nil { - return nil, err - } - req.Header.Set("Content-Type", mime) - req.Header.Set("Authorization", auth) - - client := http.Client{} - resp, err := client.Do(req) - if err != nil { - return nil, err - } - defer resp.Body.Close() - - bytes, err := io.ReadAll(resp.Body) - if err != nil { - return nil, err - } - - return bytes, nil -} diff --git a/internal/pkg/sdk3rd/dogecloud/models.go b/internal/pkg/sdk3rd/dogecloud/models.go deleted file mode 100644 index 8dd78a3b..00000000 --- a/internal/pkg/sdk3rd/dogecloud/models.go +++ /dev/null @@ -1,31 +0,0 @@ -package dogecloud - -type BaseResponse struct { - Code *int `json:"code,omitempty"` - Message *string `json:"msg,omitempty"` -} - -type UploadCdnCertRequest struct { - Note string `json:"note"` - Certificate string `json:"cert"` - PrivateKey string `json:"private"` -} - -type UploadCdnCertResponseData struct { - Id int64 `json:"id"` -} - -type UploadCdnCertResponse struct { - BaseResponse - Data *UploadCdnCertResponseData `json:"data,omitempty"` -} - -type BindCdnCertRequest struct { - CertId int64 `json:"id"` - DomainId *int64 `json:"did,omitempty"` - Domain *string `json:"domain,omitempty"` -} - -type BindCdnCertResponse struct { - BaseResponse -} diff --git a/internal/pkg/sdk3rd/flexcdn/api.go b/internal/pkg/sdk3rd/flexcdn/api.go deleted file mode 100644 index 5008fdf4..00000000 --- a/internal/pkg/sdk3rd/flexcdn/api.go +++ /dev/null @@ -1,48 +0,0 @@ -package flexcdn - -import ( - "encoding/json" - "fmt" - "net/http" - "time" -) - -func (c *Client) ensureAccessTokenExists() error { - c.accessTokenMtx.Lock() - defer c.accessTokenMtx.Unlock() - if c.accessToken != "" && c.accessTokenExp.After(time.Now()) { - return nil - } - - req := &getAPIAccessTokenRequest{ - Type: c.apiRole, - AccessKeyId: c.accessKeyId, - AccessKey: c.accessKey, - } - res, err := c.sendRequest(http.MethodPost, "/APIAccessTokenService/getAPIAccessToken", req) - if err != nil { - return err - } - - resp := &getAPIAccessTokenResponse{} - if err := json.Unmarshal(res.Body(), &resp); err != nil { - return fmt.Errorf("flexcdn api error: failed to unmarshal response: %w", err) - } else if resp.GetCode() != 200 { - return fmt.Errorf("flexcdn get access token failed: code='%d', message='%s'", resp.GetCode(), resp.GetMessage()) - } - - c.accessToken = resp.Data.Token - c.accessTokenExp = time.Unix(resp.Data.ExpiresAt, 0) - - return nil -} - -func (c *Client) UpdateSSLCert(req *UpdateSSLCertRequest) (*UpdateSSLCertResponse, error) { - if err := c.ensureAccessTokenExists(); err != nil { - return nil, err - } - - resp := &UpdateSSLCertResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/SSLCertService/updateSSLCert", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/flexcdn/client.go b/internal/pkg/sdk3rd/flexcdn/client.go deleted file mode 100644 index 0844ffa5..00000000 --- a/internal/pkg/sdk3rd/flexcdn/client.go +++ /dev/null @@ -1,103 +0,0 @@ -package flexcdn - -import ( - "crypto/tls" - "encoding/json" - "fmt" - "net/http" - "strings" - "sync" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - apiRole string - accessKeyId string - accessKey string - - accessToken string - accessTokenExp time.Time - accessTokenMtx sync.Mutex - - client *resty.Client -} - -func NewClient(serverUrl, apiRole, accessKeyId, accessKey string) *Client { - client := &Client{ - apiRole: apiRole, - accessKeyId: accessKeyId, - accessKey: accessKey, - } - client.client = resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - if client.accessToken != "" { - req.Header.Set("X-Cloud-Access-Token", client.accessToken) - } - - return nil - }) - - return client -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("flexcdn api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("flexcdn api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("flexcdn api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != 200 { - return fmt.Errorf("flexcdn api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/flexcdn/models.go b/internal/pkg/sdk3rd/flexcdn/models.go deleted file mode 100644 index c976eccc..00000000 --- a/internal/pkg/sdk3rd/flexcdn/models.go +++ /dev/null @@ -1,52 +0,0 @@ -package flexcdn - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code int32 `json:"code"` - Message string `json:"message"` -} - -func (r *baseResponse) GetCode() int32 { - return r.Code -} - -func (r *baseResponse) GetMessage() string { - return r.Message -} - -type getAPIAccessTokenRequest struct { - Type string `json:"type"` - AccessKeyId string `json:"accessKeyId"` - AccessKey string `json:"accessKey"` -} - -type getAPIAccessTokenResponse struct { - baseResponse - Data *struct { - Token string `json:"token"` - ExpiresAt int64 `json:"expiresAt"` - } `json:"data,omitempty"` -} - -type UpdateSSLCertRequest struct { - SSLCertId int64 `json:"sslCertId"` - IsOn bool `json:"isOn"` - Name string `json:"name"` - Description string `json:"description"` - ServerName string `json:"serverName"` - IsCA bool `json:"isCA"` - CertData string `json:"certData"` - KeyData string `json:"keyData"` - TimeBeginAt int64 `json:"timeBeginAt"` - TimeEndAt int64 `json:"timeEndAt"` - DNSNames []string `json:"dnsNames"` - CommonNames []string `json:"commonNames"` -} - -type UpdateSSLCertResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/gname/api.go b/internal/pkg/sdk3rd/gname/api.go deleted file mode 100644 index 16b80065..00000000 --- a/internal/pkg/sdk3rd/gname/api.go +++ /dev/null @@ -1,25 +0,0 @@ -package gname - -func (c *Client) AddDomainResolution(req *AddDomainResolutionRequest) (*AddDomainResolutionResponse, error) { - resp := &AddDomainResolutionResponse{} - err := c.sendRequestWithResult("/api/resolution/add", req, resp) - return resp, err -} - -func (c *Client) ModifyDomainResolution(req *ModifyDomainResolutionRequest) (*ModifyDomainResolutionResponse, error) { - resp := &ModifyDomainResolutionResponse{} - err := c.sendRequestWithResult("/api/resolution/edit", req, resp) - return resp, err -} - -func (c *Client) DeleteDomainResolution(req *DeleteDomainResolutionRequest) (*DeleteDomainResolutionResponse, error) { - resp := &DeleteDomainResolutionResponse{} - err := c.sendRequestWithResult("/api/resolution/delete", req, resp) - return resp, err -} - -func (c *Client) ListDomainResolution(req *ListDomainResolutionRequest) (*ListDomainResolutionResponse, error) { - resp := &ListDomainResolutionResponse{} - err := c.sendRequestWithResult("/api/resolution/list", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/gname/client.go b/internal/pkg/sdk3rd/gname/client.go deleted file mode 100644 index 843785a5..00000000 --- a/internal/pkg/sdk3rd/gname/client.go +++ /dev/null @@ -1,104 +0,0 @@ -package gname - -import ( - "crypto/md5" - "encoding/json" - "fmt" - "net/url" - "sort" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - appId string - appKey string - - client *resty.Client -} - -func NewClient(appId, appKey string) *Client { - client := resty.New(). - SetBaseURL("http://api.gname.com"). - SetHeader("Content-Type", "application/x-www-form-urlencoded"). - SetHeader("User-Agent", "certimate") - - return &Client{ - appId: appId, - appKey: appKey, - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) generateSignature(params map[string]string) string { - // Step 1: Sort parameters by ASCII order - var keys []string - for k := range params { - keys = append(keys, k) - } - sort.Strings(keys) - - // Step 2: Create string A with URL-encoded values - var pairs []string - for _, k := range keys { - encodedValue := url.QueryEscape(params[k]) - pairs = append(pairs, fmt.Sprintf("%s=%s", k, encodedValue)) - } - stringA := strings.Join(pairs, "&") - - // Step 3: Append appkey to create string B - stringB := stringA + c.appKey - - // Step 4: Calculate MD5 and convert to uppercase - hash := md5.Sum([]byte(stringB)) - return strings.ToUpper(fmt.Sprintf("%x", hash)) -} - -func (c *Client) sendRequest(path string, params interface{}) (*resty.Response, error) { - data := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - data[k] = fmt.Sprintf("%v", v) - } - } - } - data["appid"] = c.appId - data["gntime"] = fmt.Sprintf("%d", time.Now().Unix()) - data["gntoken"] = c.generateSignature(data) - - req := c.client.R().SetFormData(data) - resp, err := req.Post(path) - if err != nil { - return resp, fmt.Errorf("gname api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("gname api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(path, params) - if err != nil { - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("gname api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != 1 { - return fmt.Errorf("gname api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/gname/models.go b/internal/pkg/sdk3rd/gname/models.go deleted file mode 100644 index a50b609b..00000000 --- a/internal/pkg/sdk3rd/gname/models.go +++ /dev/null @@ -1,81 +0,0 @@ -package gname - -import "encoding/json" - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code int32 `json:"code"` - Message string `json:"msg"` -} - -func (r *baseResponse) GetCode() int32 { - return r.Code -} - -func (r *baseResponse) GetMessage() string { - return r.Message -} - -type AddDomainResolutionRequest struct { - ZoneName string `json:"ym"` - RecordType string `json:"lx"` - RecordName string `json:"zj"` - RecordValue string `json:"jlz"` - MX int32 `json:"mx"` - TTL int32 `json:"ttl"` -} - -type AddDomainResolutionResponse struct { - baseResponse - Data json.Number `json:"data"` -} - -type ModifyDomainResolutionRequest struct { - ID int64 `json:"jxid"` - ZoneName string `json:"ym"` - RecordType string `json:"lx"` - RecordName string `json:"zj"` - RecordValue string `json:"jlz"` - MX int32 `json:"mx"` - TTL int32 `json:"ttl"` -} - -type ModifyDomainResolutionResponse struct { - baseResponse -} - -type DeleteDomainResolutionRequest struct { - ZoneName string `json:"ym"` - RecordID int64 `json:"jxid"` -} - -type DeleteDomainResolutionResponse struct { - baseResponse -} - -type ListDomainResolutionRequest struct { - ZoneName string `json:"ym"` - Page *int32 `json:"page,omitempty"` - PageSize *int32 `json:"limit,omitempty"` -} - -type ListDomainResolutionResponse struct { - baseResponse - Count int32 `json:"count"` - Data []*ResolutionRecord `json:"data"` - Page int32 `json:"page"` - PageSize int32 `json:"pagesize"` -} - -type ResolutionRecord struct { - ID json.Number `json:"id"` - ZoneName string `json:"ym"` - RecordType string `json:"lx"` - RecordName string `json:"zjt"` - RecordValue string `json:"jxz"` - MX int32 `json:"mx"` -} diff --git a/internal/pkg/sdk3rd/goedge/api.go b/internal/pkg/sdk3rd/goedge/api.go deleted file mode 100644 index 4589f70c..00000000 --- a/internal/pkg/sdk3rd/goedge/api.go +++ /dev/null @@ -1,48 +0,0 @@ -package goedge - -import ( - "encoding/json" - "fmt" - "net/http" - "time" -) - -func (c *Client) ensureAccessTokenExists() error { - c.accessTokenMtx.Lock() - defer c.accessTokenMtx.Unlock() - if c.accessToken != "" && c.accessTokenExp.After(time.Now()) { - return nil - } - - req := &getAPIAccessTokenRequest{ - Type: c.apiRole, - AccessKeyId: c.accessKeyId, - AccessKey: c.accessKey, - } - res, err := c.sendRequest(http.MethodPost, "/APIAccessTokenService/getAPIAccessToken", req) - if err != nil { - return err - } - - resp := &getAPIAccessTokenResponse{} - if err := json.Unmarshal(res.Body(), &resp); err != nil { - return fmt.Errorf("goedge api error: failed to unmarshal response: %w", err) - } else if resp.GetCode() != 200 { - return fmt.Errorf("goedge get access token failed: code='%d', message='%s'", resp.GetCode(), resp.GetMessage()) - } - - c.accessToken = resp.Data.Token - c.accessTokenExp = time.Unix(resp.Data.ExpiresAt, 0) - - return nil -} - -func (c *Client) UpdateSSLCert(req *UpdateSSLCertRequest) (*UpdateSSLCertResponse, error) { - if err := c.ensureAccessTokenExists(); err != nil { - return nil, err - } - - resp := &UpdateSSLCertResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/SSLCertService/updateSSLCert", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/goedge/client.go b/internal/pkg/sdk3rd/goedge/client.go deleted file mode 100644 index bc87734a..00000000 --- a/internal/pkg/sdk3rd/goedge/client.go +++ /dev/null @@ -1,103 +0,0 @@ -package goedge - -import ( - "crypto/tls" - "encoding/json" - "fmt" - "net/http" - "strings" - "sync" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - apiRole string - accessKeyId string - accessKey string - - accessToken string - accessTokenExp time.Time - accessTokenMtx sync.Mutex - - client *resty.Client -} - -func NewClient(serverUrl, apiRole, accessKeyId, accessKey string) *Client { - client := &Client{ - apiRole: apiRole, - accessKeyId: accessKeyId, - accessKey: accessKey, - } - client.client = resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - if client.accessToken != "" { - req.Header.Set("X-Edge-Access-Token", client.accessToken) - } - - return nil - }) - - return client -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("goedge api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("goedge api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("goedge api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != 200 { - return fmt.Errorf("goedge api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/goedge/models.go b/internal/pkg/sdk3rd/goedge/models.go deleted file mode 100644 index d19bb558..00000000 --- a/internal/pkg/sdk3rd/goedge/models.go +++ /dev/null @@ -1,52 +0,0 @@ -package goedge - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code int32 `json:"code"` - Message string `json:"message"` -} - -func (r *baseResponse) GetCode() int32 { - return r.Code -} - -func (r *baseResponse) GetMessage() string { - return r.Message -} - -type getAPIAccessTokenRequest struct { - Type string `json:"type"` - AccessKeyId string `json:"accessKeyId"` - AccessKey string `json:"accessKey"` -} - -type getAPIAccessTokenResponse struct { - baseResponse - Data *struct { - Token string `json:"token"` - ExpiresAt int64 `json:"expiresAt"` - } `json:"data,omitempty"` -} - -type UpdateSSLCertRequest struct { - SSLCertId int64 `json:"sslCertId"` - IsOn bool `json:"isOn"` - Name string `json:"name"` - Description string `json:"description"` - ServerName string `json:"serverName"` - IsCA bool `json:"isCA"` - CertData string `json:"certData"` - KeyData string `json:"keyData"` - TimeBeginAt int64 `json:"timeBeginAt"` - TimeEndAt int64 `json:"timeEndAt"` - DNSNames []string `json:"dnsNames"` - CommonNames []string `json:"commonNames"` -} - -type UpdateSSLCertResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/lecdn/v3/client/api.go b/internal/pkg/sdk3rd/lecdn/v3/client/api.go deleted file mode 100644 index 89f9cdc0..00000000 --- a/internal/pkg/sdk3rd/lecdn/v3/client/api.go +++ /dev/null @@ -1,50 +0,0 @@ -package client - -import ( - "encoding/json" - "fmt" - "net/http" -) - -func (c *Client) ensureAccessTokenExists() error { - c.accessTokenMtx.Lock() - defer c.accessTokenMtx.Unlock() - if c.accessToken != "" { - return nil - } - - req := &loginRequest{ - Email: c.username, - Username: c.username, - Password: c.password, - } - res, err := c.sendRequest(http.MethodPost, "/login", req) - if err != nil { - return err - } - - resp := &loginResponse{} - if err := json.Unmarshal(res.Body(), &resp); err != nil { - return fmt.Errorf("lecdn api error: failed to unmarshal response: %w", err) - } else if resp.GetCode() != 200 { - return fmt.Errorf("lecdn get token failed: code='%d', message='%s'", resp.GetCode(), resp.GetMessage()) - } - - c.accessToken = resp.Data.Token - - return nil -} - -func (c *Client) UpdateCertificate(certId int64, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { - if certId == 0 { - return nil, fmt.Errorf("lecdn api error: invalid parameter: CertId") - } - - if err := c.ensureAccessTokenExists(); err != nil { - return nil, err - } - - resp := &UpdateCertificateResponse{} - err := c.sendRequestWithResult(http.MethodPut, fmt.Sprintf("/certificate/%d", certId), req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/lecdn/v3/client/client.go b/internal/pkg/sdk3rd/lecdn/v3/client/client.go deleted file mode 100644 index 4af04d4f..00000000 --- a/internal/pkg/sdk3rd/lecdn/v3/client/client.go +++ /dev/null @@ -1,100 +0,0 @@ -package client - -import ( - "crypto/tls" - "encoding/json" - "fmt" - "net/http" - "strings" - "sync" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - username string - password string - - accessToken string - accessTokenMtx sync.Mutex - - client *resty.Client -} - -func NewClient(serverUrl, username, password string) *Client { - client := &Client{ - username: username, - password: password, - } - client.client = resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")+"/prod-api"). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - if client.accessToken != "" { - req.Header.Set("Authorization", "Bearer "+client.accessToken) - } - - return nil - }) - - return client -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("lecdn api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("lecdn api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("lecdn api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != 200 { - return fmt.Errorf("lecdn api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/lecdn/v3/client/models.go b/internal/pkg/sdk3rd/lecdn/v3/client/models.go deleted file mode 100644 index 6d63ea79..00000000 --- a/internal/pkg/sdk3rd/lecdn/v3/client/models.go +++ /dev/null @@ -1,47 +0,0 @@ -package client - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code int32 `json:"code"` - Message string `json:"msg"` -} - -func (r *baseResponse) GetCode() int32 { - return r.Code -} - -func (r *baseResponse) GetMessage() string { - return r.Message -} - -type loginRequest struct { - Email string `json:"email"` - Username string `json:"username"` - Password string `json:"password"` -} - -type loginResponse struct { - baseResponse - Data *struct { - UserId int64 `json:"user_id"` - Username string `json:"username"` - Token string `json:"token"` - } `json:"data,omitempty"` -} - -type UpdateCertificateRequest struct { - Name string `json:"name"` - Description string `json:"description"` - Type string `json:"type"` - SSLPEM string `json:"ssl_pem"` - SSLKey string `json:"ssl_key"` - AutoRenewal bool `json:"auto_renewal"` -} - -type UpdateCertificateResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/lecdn/v3/master/api.go b/internal/pkg/sdk3rd/lecdn/v3/master/api.go deleted file mode 100644 index 00f24a70..00000000 --- a/internal/pkg/sdk3rd/lecdn/v3/master/api.go +++ /dev/null @@ -1,49 +0,0 @@ -package master - -import ( - "encoding/json" - "fmt" - "net/http" -) - -func (c *Client) ensureAccessTokenExists() error { - c.accessTokenMtx.Lock() - defer c.accessTokenMtx.Unlock() - if c.accessToken != "" { - return nil - } - - req := &loginRequest{ - Username: c.username, - Password: c.password, - } - res, err := c.sendRequest(http.MethodPost, "/auth/login", req) - if err != nil { - return err - } - - resp := &loginResponse{} - if err := json.Unmarshal(res.Body(), &resp); err != nil { - return fmt.Errorf("lecdn api error: failed to unmarshal response: %w", err) - } else if resp.GetCode() != 200 { - return fmt.Errorf("lecdn get token failed: code='%d', message='%s'", resp.GetCode(), resp.GetMessage()) - } - - c.accessToken = resp.Data.Token - - return nil -} - -func (c *Client) UpdateCertificate(certId int64, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { - if certId == 0 { - return nil, fmt.Errorf("lecdn api error: invalid parameter: CertId") - } - - if err := c.ensureAccessTokenExists(); err != nil { - return nil, err - } - - resp := &UpdateCertificateResponse{} - err := c.sendRequestWithResult(http.MethodPut, fmt.Sprintf("/certificate/%d", certId), req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/lecdn/v3/master/client.go b/internal/pkg/sdk3rd/lecdn/v3/master/client.go deleted file mode 100644 index dc033634..00000000 --- a/internal/pkg/sdk3rd/lecdn/v3/master/client.go +++ /dev/null @@ -1,100 +0,0 @@ -package master - -import ( - "crypto/tls" - "encoding/json" - "fmt" - "net/http" - "strings" - "sync" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - username string - password string - - accessToken string - accessTokenMtx sync.Mutex - - client *resty.Client -} - -func NewClient(serverUrl, username, password string) *Client { - client := &Client{ - username: username, - password: password, - } - client.client = resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")+"/prod-api"). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - if client.accessToken != "" { - req.Header.Set("Authorization", "Bearer "+client.accessToken) - } - - return nil - }) - - return client -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("lecdn api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("lecdn api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("lecdn api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != 200 { - return fmt.Errorf("lecdn api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/lecdn/v3/master/models.go b/internal/pkg/sdk3rd/lecdn/v3/master/models.go deleted file mode 100644 index 2e896f42..00000000 --- a/internal/pkg/sdk3rd/lecdn/v3/master/models.go +++ /dev/null @@ -1,47 +0,0 @@ -package master - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code int32 `json:"code"` - Message string `json:"message"` -} - -func (r *baseResponse) GetCode() int32 { - return r.Code -} - -func (r *baseResponse) GetMessage() string { - return r.Message -} - -type loginRequest struct { - Username string `json:"username"` - Password string `json:"password"` -} - -type loginResponse struct { - baseResponse - Data *struct { - UserId int64 `json:"user_id"` - Username string `json:"username"` - Token string `json:"token"` - } `json:"data,omitempty"` -} - -type UpdateCertificateRequest struct { - ClientId int64 `json:"client_id"` - Name string `json:"name"` - Description string `json:"description"` - Type string `json:"type"` - SSLPEM string `json:"ssl_pem"` - SSLKey string `json:"ssl_key"` - AutoRenewal bool `json:"auto_renewal"` -} - -type UpdateCertificateResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/netlify/api.go b/internal/pkg/sdk3rd/netlify/api.go deleted file mode 100644 index 095ff303..00000000 --- a/internal/pkg/sdk3rd/netlify/api.go +++ /dev/null @@ -1,17 +0,0 @@ -package netlify - -import ( - "fmt" - "net/http" - "net/url" -) - -func (c *Client) ProvisionSiteTLSCertificate(siteId string, params *ProvisionSiteTLSCertificateParams) (*ProvisionSiteTLSCertificateResponse, error) { - if siteId == "" { - return nil, fmt.Errorf("netlify api error: invalid parameter: SiteId") - } - - resp := &ProvisionSiteTLSCertificateResponse{} - err := c.sendRequestWithResult(http.MethodPost, fmt.Sprintf("/sites/%s/ssl", url.PathEscape(siteId)), params, nil, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/netlify/client.go b/internal/pkg/sdk3rd/netlify/client.go deleted file mode 100644 index bf3f4ad6..00000000 --- a/internal/pkg/sdk3rd/netlify/client.go +++ /dev/null @@ -1,93 +0,0 @@ -package netlify - -import ( - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(apiToken string) *Client { - client := resty.New(). - SetBaseURL("https://api.netlify.com/api/v1"). - SetHeader("Authorization", "Bearer "+apiToken). - SetHeader("User-Agent", "certimate") - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) sendRequest(method string, path string, queryParams interface{}, payloadParams interface{}) (*resty.Response, error) { - req := c.client.R() - - if queryParams != nil { - qs := make(map[string]string) - temp := make(map[string]any) - jsonb, _ := json.Marshal(queryParams) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - req = req.SetQueryParams(qs) - } - - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if payloadParams != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(payloadParams) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(payloadParams) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("netlify api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("netlify api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, queryParams interface{}, payloadParams interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, queryParams, payloadParams) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("netlify api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != 0 { - return fmt.Errorf("netlify api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/netlify/models.go b/internal/pkg/sdk3rd/netlify/models.go deleted file mode 100644 index 3ff2d216..00000000 --- a/internal/pkg/sdk3rd/netlify/models.go +++ /dev/null @@ -1,40 +0,0 @@ -package netlify - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code *int32 `json:"code,omitempty"` - Message *string `json:"message,omitempty"` -} - -func (r *baseResponse) GetCode() int32 { - if r.Code != nil { - return *r.Code - } - return 0 -} - -func (r *baseResponse) GetMessage() string { - if r.Message != nil { - return *r.Message - } - return "" -} - -type ProvisionSiteTLSCertificateParams struct { - Certificate string `json:"certificate"` - CACertificates string `json:"ca_certificates"` - Key string `json:"key"` -} - -type ProvisionSiteTLSCertificateResponse struct { - baseResponse - Domains []string `json:"domains,omitempty"` - State string `json:"state,omitempty"` - ExpiresAt string `json:"expires_at,omitempty"` - CreatedAt string `json:"created_at,omitempty"` - UpdatedAt string `json:"updated_at,omitempty"` -} diff --git a/internal/pkg/sdk3rd/qiniu/client.go b/internal/pkg/sdk3rd/qiniu/client.go deleted file mode 100644 index 0d777aa3..00000000 --- a/internal/pkg/sdk3rd/qiniu/client.go +++ /dev/null @@ -1,85 +0,0 @@ -package qiniu - -import ( - "context" - "fmt" - "net/http" - "strings" - - "github.com/qiniu/go-sdk/v7/auth" - "github.com/qiniu/go-sdk/v7/client" -) - -const qiniuHost = "https://api.qiniu.com" - -type Client struct { - client *client.Client -} - -func NewClient(mac *auth.Credentials) *Client { - if mac == nil { - mac = auth.Default() - } - - client := client.DefaultClient - client.Transport = newTransport(mac, nil) - return &Client{client: &client} -} - -func (c *Client) GetDomainInfo(ctx context.Context, domain string) (*GetDomainInfoResponse, error) { - resp := new(GetDomainInfoResponse) - if err := c.client.Call(ctx, resp, http.MethodGet, c.urlf("domain/%s", domain), nil); err != nil { - return nil, err - } - return resp, nil -} - -func (c *Client) ModifyDomainHttpsConf(ctx context.Context, domain string, certId string, forceHttps bool, http2Enable bool) (*ModifyDomainHttpsConfResponse, error) { - req := &ModifyDomainHttpsConfRequest{ - DomainInfoHttpsData: DomainInfoHttpsData{ - CertID: certId, - ForceHttps: forceHttps, - Http2Enable: http2Enable, - }, - } - resp := new(ModifyDomainHttpsConfResponse) - if err := c.client.CallWithJson(ctx, resp, http.MethodPut, c.urlf("domain/%s/httpsconf", domain), nil, req); err != nil { - return nil, err - } - return resp, nil -} - -func (c *Client) EnableDomainHttps(ctx context.Context, domain string, certId string, forceHttps bool, http2Enable bool) (*EnableDomainHttpsResponse, error) { - req := &EnableDomainHttpsRequest{ - DomainInfoHttpsData: DomainInfoHttpsData{ - CertID: certId, - ForceHttps: forceHttps, - Http2Enable: http2Enable, - }, - } - resp := new(EnableDomainHttpsResponse) - if err := c.client.CallWithJson(ctx, resp, http.MethodPut, c.urlf("domain/%s/sslize", domain), nil, req); err != nil { - return nil, err - } - return resp, nil -} - -func (c *Client) UploadSslCert(ctx context.Context, name string, commonName string, certificate string, privateKey string) (*UploadSslCertResponse, error) { - req := &UploadSslCertRequest{ - Name: name, - CommonName: commonName, - Certificate: certificate, - PrivateKey: privateKey, - } - resp := new(UploadSslCertResponse) - if err := c.client.CallWithJson(ctx, resp, http.MethodPost, c.urlf("sslcert"), nil, req); err != nil { - return nil, err - } - return resp, nil -} - -func (c *Client) urlf(pathf string, pathargs ...any) string { - path := fmt.Sprintf(pathf, pathargs...) - path = strings.TrimPrefix(path, "/") - return qiniuHost + "/" + path -} diff --git a/internal/pkg/sdk3rd/qiniu/models.go b/internal/pkg/sdk3rd/qiniu/models.go deleted file mode 100644 index 1c832caf..00000000 --- a/internal/pkg/sdk3rd/qiniu/models.go +++ /dev/null @@ -1,54 +0,0 @@ -package qiniu - -type BaseResponse struct { - Code *int `json:"code,omitempty"` - Error *string `json:"error,omitempty"` -} - -type UploadSslCertRequest struct { - Name string `json:"name"` - CommonName string `json:"common_name"` - Certificate string `json:"ca"` - PrivateKey string `json:"pri"` -} - -type UploadSslCertResponse struct { - BaseResponse - CertID string `json:"certID"` -} - -type DomainInfoHttpsData struct { - CertID string `json:"certId"` - ForceHttps bool `json:"forceHttps"` - Http2Enable bool `json:"http2Enable"` -} - -type GetDomainInfoResponse struct { - BaseResponse - Name string `json:"name"` - Type string `json:"type"` - CName string `json:"cname"` - Https *DomainInfoHttpsData `json:"https"` - PareDomain string `json:"pareDomain"` - OperationType string `json:"operationType"` - OperatingState string `json:"operatingState"` - OperatingStateDesc string `json:"operatingStateDesc"` - CreateAt string `json:"createAt"` - ModifyAt string `json:"modifyAt"` -} - -type ModifyDomainHttpsConfRequest struct { - DomainInfoHttpsData -} - -type ModifyDomainHttpsConfResponse struct { - BaseResponse -} - -type EnableDomainHttpsRequest struct { - DomainInfoHttpsData -} - -type EnableDomainHttpsResponse struct { - BaseResponse -} diff --git a/internal/pkg/sdk3rd/rainyun/api.go b/internal/pkg/sdk3rd/rainyun/api.go deleted file mode 100644 index cdb0eccb..00000000 --- a/internal/pkg/sdk3rd/rainyun/api.go +++ /dev/null @@ -1,38 +0,0 @@ -package rainyun - -import ( - "fmt" - "net/http" -) - -func (c *Client) SslCenterList(req *SslCenterListRequest) (*SslCenterListResponse, error) { - resp := &SslCenterListResponse{} - err := c.sendRequestWithResult(http.MethodGet, "/product/sslcenter", req, resp) - return resp, err -} - -func (c *Client) SslCenterGet(id int32) (*SslCenterGetResponse, error) { - if id == 0 { - return nil, fmt.Errorf("rainyun api error: invalid parameter: id") - } - - resp := &SslCenterGetResponse{} - err := c.sendRequestWithResult(http.MethodGet, fmt.Sprintf("/product/sslcenter/%d", id), nil, resp) - return resp, err -} - -func (c *Client) SslCenterCreate(req *SslCenterCreateRequest) (*SslCenterCreateResponse, error) { - resp := &SslCenterCreateResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/product/sslcenter/", req, resp) - return resp, err -} - -func (c *Client) RcdnInstanceSslBind(id int32, req *RcdnInstanceSslBindRequest) (*RcdnInstanceSslBindResponse, error) { - if id == 0 { - return nil, fmt.Errorf("rainyun api error: invalid parameter: id") - } - - resp := &RcdnInstanceSslBindResponse{} - err := c.sendRequestWithResult(http.MethodPost, fmt.Sprintf("/product/rcdn/instance/%d/ssl_bind", id), req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/rainyun/client.go b/internal/pkg/sdk3rd/rainyun/client.go deleted file mode 100644 index cf9e1895..00000000 --- a/internal/pkg/sdk3rd/rainyun/client.go +++ /dev/null @@ -1,70 +0,0 @@ -package rainyun - -import ( - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(apiKey string) *Client { - client := resty.New(). - SetBaseURL("https://api.v2.rainyun.com"). - SetHeader("User-Agent", "certimate"). - SetHeader("X-API-Key", apiKey) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - if params != nil { - jsonb, _ := json.Marshal(params) - req = req.SetQueryParam("options", string(jsonb)) - } - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("rainyun api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("rainyun api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("rainyun api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode/100 != 2 { - return fmt.Errorf("rainyun api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/rainyun/models.go b/internal/pkg/sdk3rd/rainyun/models.go deleted file mode 100644 index e6ef4671..00000000 --- a/internal/pkg/sdk3rd/rainyun/models.go +++ /dev/null @@ -1,83 +0,0 @@ -package rainyun - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code *int32 `json:"code,omitempty"` - Message *string `json:"message,omitempty"` -} - -func (r *baseResponse) GetCode() int32 { - if r.Code != nil { - return *r.Code - } - return 0 -} - -func (r *baseResponse) GetMessage() string { - if r.Message != nil { - return *r.Message - } - return "" -} - -type SslCenterListFilters struct { - Domain *string `json:"Domain,omitempty"` -} - -type SslCenterListRequest struct { - Filters *SslCenterListFilters `json:"columnFilters,omitempty"` - Sort []*string `json:"sort,omitempty"` - Page *int32 `json:"page,omitempty"` - PerPage *int32 `json:"perPage,omitempty"` -} - -type SslCenterListResponse struct { - baseResponse - Data *struct { - TotalRecords int32 `json:"TotalRecords"` - Records []*struct { - ID int32 `json:"ID"` - UID int32 `json:"UID"` - Domain string `json:"Domain"` - Issuer string `json:"Issuer"` - StartDate int64 `json:"StartDate"` - ExpireDate int64 `json:"ExpDate"` - UploadTime int64 `json:"UploadTime"` - } `json:"Records"` - } `json:"data,omitempty"` -} - -type SslCenterGetResponse struct { - baseResponse - Data *struct { - Cert string `json:"Cert"` - Key string `json:"Key"` - Domain string `json:"DomainName"` - Issuer string `json:"Issuer"` - StartDate int64 `json:"StartDate"` - ExpireDate int64 `json:"ExpDate"` - RemainDays int32 `json:"RemainDays"` - } `json:"data,omitempty"` -} - -type SslCenterCreateRequest struct { - Cert string `json:"cert"` - Key string `json:"key"` -} - -type SslCenterCreateResponse struct { - baseResponse -} - -type RcdnInstanceSslBindRequest struct { - CertId int32 `json:"cert_id"` - Domains []string `json:"domains"` -} - -type RcdnInstanceSslBindResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/ratpanel/api.go b/internal/pkg/sdk3rd/ratpanel/api.go deleted file mode 100644 index 17f8110f..00000000 --- a/internal/pkg/sdk3rd/ratpanel/api.go +++ /dev/null @@ -1,15 +0,0 @@ -package ratpanelsdk - -import "net/http" - -func (c *Client) SettingCert(req *SettingCertRequest) (*SettingCertResponse, error) { - resp := &SettingCertResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/setting/cert", req, resp) - return resp, err -} - -func (c *Client) WebsiteCert(req *WebsiteCertRequest) (*WebsiteCertResponse, error) { - resp := &WebsiteCertResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/website/cert", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/ratpanel/client.go b/internal/pkg/sdk3rd/ratpanel/client.go deleted file mode 100644 index e1abb6c5..00000000 --- a/internal/pkg/sdk3rd/ratpanel/client.go +++ /dev/null @@ -1,142 +0,0 @@ -package ratpanelsdk - -import ( - "bytes" - "crypto/hmac" - "crypto/sha256" - "crypto/tls" - "encoding/hex" - "encoding/json" - "fmt" - "io" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(serverUrl string, accessTokenId int32, accessToken string) *Client { - client := resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")+"/api"). - SetHeader("Accept", "application/json"). - SetHeader("Content-Type", "application/json"). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - var body []byte - var err error - - if req.Body != nil { - body, err = io.ReadAll(req.Body) - if err != nil { - return err - } - req.Body = io.NopCloser(bytes.NewReader(body)) - } - - canonicalPath := req.URL.Path - if !strings.HasPrefix(canonicalPath, "/api") { - index := strings.Index(canonicalPath, "/api") - if index != -1 { - canonicalPath = canonicalPath[index:] - } - } - - canonicalRequest := fmt.Sprintf("%s\n%s\n%s\n%s", - req.Method, - canonicalPath, - req.URL.Query().Encode(), - sha256Sum(string(body))) - - timestamp := time.Now().Unix() - req.Header.Set("X-Timestamp", fmt.Sprintf("%d", timestamp)) - - stringToSign := fmt.Sprintf("%s\n%d\n%s", - "HMAC-SHA256", - timestamp, - sha256Sum(canonicalRequest)) - signature := hmacSha256(stringToSign, accessToken) - req.Header.Set("Authorization", fmt.Sprintf("HMAC-SHA256 Credential=%d, Signature=%s", accessTokenId, signature)) - - return nil - }) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("ratpanel api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("ratpanel api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.Body()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err = json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("ratpanel api error: failed to unmarshal response: %w", err) - } else if errmsg := result.GetMessage(); errmsg != "success" { - return fmt.Errorf("ratpanel api error: message='%s'", errmsg) - } - - return nil -} - -func sha256Sum(str string) string { - sum := sha256.Sum256([]byte(str)) - dst := make([]byte, hex.EncodedLen(len(sum))) - hex.Encode(dst, sum[:]) - return string(dst) -} - -func hmacSha256(data string, secret string) string { - h := hmac.New(sha256.New, []byte(secret)) - h.Write([]byte(data)) - return hex.EncodeToString(h.Sum(nil)) -} diff --git a/internal/pkg/sdk3rd/ratpanel/models.go b/internal/pkg/sdk3rd/ratpanel/models.go deleted file mode 100644 index bf5f53fb..00000000 --- a/internal/pkg/sdk3rd/ratpanel/models.go +++ /dev/null @@ -1,35 +0,0 @@ -package ratpanelsdk - -type BaseResponse interface { - GetMessage() string -} - -type baseResponse struct { - Message *string `json:"msg,omitempty"` -} - -func (r *baseResponse) GetMessage() string { - if r.Message != nil { - return *r.Message - } - return "" -} - -type SettingCertRequest struct { - Certificate string `json:"cert"` - PrivateKey string `json:"key"` -} - -type SettingCertResponse struct { - baseResponse -} - -type WebsiteCertRequest struct { - SiteName string `json:"name"` - Certificate string `json:"cert"` - PrivateKey string `json:"key"` -} - -type WebsiteCertResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/safeline/api.go b/internal/pkg/sdk3rd/safeline/api.go deleted file mode 100644 index 52024370..00000000 --- a/internal/pkg/sdk3rd/safeline/api.go +++ /dev/null @@ -1,7 +0,0 @@ -package safeline - -func (c *Client) UpdateCertificate(req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { - resp := &UpdateCertificateResponse{} - err := c.sendRequestWithResult("/api/open/cert", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/safeline/client.go b/internal/pkg/sdk3rd/safeline/client.go deleted file mode 100644 index 05ee6d1a..00000000 --- a/internal/pkg/sdk3rd/safeline/client.go +++ /dev/null @@ -1,71 +0,0 @@ -package safeline - -import ( - "crypto/tls" - "encoding/json" - "fmt" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(serverUrl, apiToken string) *Client { - client := resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")). - SetHeader("Content-Type", "application/json"). - SetHeader("User-Agent", "certimate"). - SetHeader("X-SLCE-API-TOKEN", apiToken) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(path string, params interface{}) (*resty.Response, error) { - req := c.client.R().SetBody(params) - resp, err := req.Post(path) - if err != nil { - return resp, fmt.Errorf("safeline api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("safeline api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("safeline api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetErrCode(); errcode != nil && *errcode != "" { - if result.GetErrMsg() == nil { - return fmt.Errorf("safeline api error: code='%s'", *errcode) - } else { - return fmt.Errorf("safeline api error: code='%s', message='%s'", *errcode, *result.GetErrMsg()) - } - } - - return nil -} diff --git a/internal/pkg/sdk3rd/safeline/models.go b/internal/pkg/sdk3rd/safeline/models.go deleted file mode 100644 index f37b4348..00000000 --- a/internal/pkg/sdk3rd/safeline/models.go +++ /dev/null @@ -1,34 +0,0 @@ -package safeline - -type BaseResponse interface { - GetErrCode() *string - GetErrMsg() *string -} - -type baseResponse struct { - ErrCode *string `json:"err,omitempty"` - ErrMsg *string `json:"msg,omitempty"` -} - -func (r *baseResponse) GetErrCode() *string { - return r.ErrCode -} - -func (r *baseResponse) GetErrMsg() *string { - return r.ErrMsg -} - -type UpdateCertificateRequest struct { - Id int32 `json:"id"` - Type int32 `json:"type"` - Manual *UpdateCertificateRequestBodyManul `json:"manual"` -} - -type UpdateCertificateRequestBodyManul struct { - Crt string `json:"crt"` - Key string `json:"key"` -} - -type UpdateCertificateResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/ucloud/udnr/apis.go b/internal/pkg/sdk3rd/ucloud/udnr/apis.go deleted file mode 100644 index af878e5b..00000000 --- a/internal/pkg/sdk3rd/ucloud/udnr/apis.go +++ /dev/null @@ -1,115 +0,0 @@ -package udnr - -import ( - "github.com/ucloud/ucloud-sdk-go/ucloud/request" - "github.com/ucloud/ucloud-sdk-go/ucloud/response" -) - -type QueryDomainDNSRequest struct { - request.CommonBase - - Dn *string `required:"true"` -} - -type QueryDomainDNSResponse struct { - response.CommonBase - - Data []DomainDNSRecord -} - -func (c *UDNRClient) NewQueryDomainDNSRequest() *QueryDomainDNSRequest { - req := &QueryDomainDNSRequest{} - - c.Client.SetupRequest(req) - - req.SetRetryable(false) - return req -} - -func (c *UDNRClient) QueryDomainDNS(req *QueryDomainDNSRequest) (*QueryDomainDNSResponse, error) { - var err error - var res QueryDomainDNSResponse - - reqCopier := *req - - err = c.Client.InvokeAction("UdnrDomainDNSQuery", &reqCopier, &res) - if err != nil { - return &res, err - } - - return &res, nil -} - -type AddDomainDNSRequest struct { - request.CommonBase - - Dn *string `required:"true"` - DnsType *string `required:"true"` - RecordName *string `required:"true"` - Content *string `required:"true"` - TTL *int `required:"true"` - Prio *int `required:"false"` -} - -type AddDomainDNSResponse struct { - response.CommonBase -} - -func (c *UDNRClient) NewAddDomainDNSRequest() *AddDomainDNSRequest { - req := &AddDomainDNSRequest{} - - c.Client.SetupRequest(req) - - req.SetRetryable(false) - return req -} - -func (c *UDNRClient) AddDomainDNS(req *AddDomainDNSRequest) (*AddDomainDNSResponse, error) { - var err error - var res AddDomainDNSResponse - - reqCopier := *req - - err = c.Client.InvokeAction("UdnrDomainDNSAdd", &reqCopier, &res) - if err != nil { - return &res, err - } - - return &res, nil -} - -type DeleteDomainDNSRequest struct { - request.CommonBase - - Dn *string `required:"true"` - DnsType *string `required:"true"` - RecordName *string `required:"true"` - Content *string `required:"true"` -} - -type DeleteDomainDNSResponse struct { - response.CommonBase -} - -func (c *UDNRClient) NewDeleteDomainDNSRequest() *DeleteDomainDNSRequest { - req := &DeleteDomainDNSRequest{} - - c.Client.SetupRequest(req) - - req.SetRetryable(false) - return req -} - -func (c *UDNRClient) DeleteDomainDNS(req *DeleteDomainDNSRequest) (*DeleteDomainDNSResponse, error) { - var err error - var res DeleteDomainDNSResponse - - reqCopier := *req - - err = c.Client.InvokeAction("UdnrDeleteDnsRecord", &reqCopier, &res) - if err != nil { - return &res, err - } - - return &res, nil -} diff --git a/internal/pkg/sdk3rd/ucloud/ussl/apis.go b/internal/pkg/sdk3rd/ucloud/ussl/apis.go deleted file mode 100644 index d9ec7674..00000000 --- a/internal/pkg/sdk3rd/ucloud/ussl/apis.go +++ /dev/null @@ -1,161 +0,0 @@ -package ussl - -import ( - "github.com/ucloud/ucloud-sdk-go/ucloud/request" - "github.com/ucloud/ucloud-sdk-go/ucloud/response" -) - -type UploadNormalCertificateRequest struct { - request.CommonBase - - CertificateName *string `required:"true"` - SslPublicKey *string `required:"true"` - SslPrivateKey *string `required:"true"` - SslMD5 *string `required:"true"` - SslCaKey *string `required:"false"` -} - -type UploadNormalCertificateResponse struct { - response.CommonBase - - CertificateID int - LongResourceID string -} - -func (c *USSLClient) NewUploadNormalCertificateRequest() *UploadNormalCertificateRequest { - req := &UploadNormalCertificateRequest{} - - c.Client.SetupRequest(req) - - req.SetRetryable(false) - return req -} - -func (c *USSLClient) UploadNormalCertificate(req *UploadNormalCertificateRequest) (*UploadNormalCertificateResponse, error) { - var err error - var res UploadNormalCertificateResponse - - reqCopier := *req - - err = c.Client.InvokeAction("UploadNormalCertificate", &reqCopier, &res) - if err != nil { - return &res, err - } - - return &res, nil -} - -type GetCertificateListRequest struct { - request.CommonBase - - Mode *string `required:"true"` - StateCode *string `required:"false"` - Brand *string `required:"false"` - CaOrganization *string `required:"false"` - Domain *string `required:"false"` - Sort *string `required:"false"` - Page *int `required:"false"` - PageSize *int `required:"false"` -} - -type GetCertificateListResponse struct { - response.CommonBase - - CertificateList []*CertificateListItem - TotalCount int -} - -func (c *USSLClient) NewGetCertificateListRequest() *GetCertificateListRequest { - req := &GetCertificateListRequest{} - - c.Client.SetupRequest(req) - - req.SetRetryable(false) - return req -} - -func (c *USSLClient) GetCertificateList(req *GetCertificateListRequest) (*GetCertificateListResponse, error) { - var err error - var res GetCertificateListResponse - - reqCopier := *req - - err = c.Client.InvokeAction("GetCertificateList", &reqCopier, &res) - if err != nil { - return &res, err - } - - return &res, nil -} - -type GetCertificateDetailInfoRequest struct { - request.CommonBase - - CertificateID *int `required:"true"` -} - -type GetCertificateDetailInfoResponse struct { - response.CommonBase - - CertificateInfo *CertificateInfo -} - -func (c *USSLClient) NewGetCertificateDetailInfoRequest() *GetCertificateDetailInfoRequest { - req := &GetCertificateDetailInfoRequest{} - - c.Client.SetupRequest(req) - - req.SetRetryable(false) - return req -} - -func (c *USSLClient) GetCertificateDetailInfo(req *GetCertificateDetailInfoRequest) (*GetCertificateDetailInfoResponse, error) { - var err error - var res GetCertificateDetailInfoResponse - - reqCopier := *req - - err = c.Client.InvokeAction("GetCertificateDetailInfo", &reqCopier, &res) - if err != nil { - return &res, err - } - - return &res, nil -} - -type DownloadCertificateRequest struct { - request.CommonBase - - CertificateID *int `required:"true"` -} - -type DownloadCertificateResponse struct { - response.CommonBase - - CertificateUrl string - CertCA *CertificateDownloadInfo - Certificate *CertificateDownloadInfo -} - -func (c *USSLClient) NewDownloadCertificateRequest() *DownloadCertificateRequest { - req := &DownloadCertificateRequest{} - - c.Client.SetupRequest(req) - - req.SetRetryable(false) - return req -} - -func (c *USSLClient) DownloadCertificate(req *DownloadCertificateRequest) (*DownloadCertificateResponse, error) { - var err error - var res DownloadCertificateResponse - - reqCopier := *req - - err = c.Client.InvokeAction("DownloadCertificate", &reqCopier, &res) - if err != nil { - return &res, err - } - - return &res, nil -} diff --git a/internal/pkg/sdk3rd/upyun/console/api.go b/internal/pkg/sdk3rd/upyun/console/api.go deleted file mode 100644 index ce62d3a6..00000000 --- a/internal/pkg/sdk3rd/upyun/console/api.go +++ /dev/null @@ -1,83 +0,0 @@ -package console - -import ( - "encoding/json" - "errors" - "fmt" - "net/http" -) - -func (c *Client) ensureCookieExists() error { - if c.loginCookie != "" { - return nil - } - - req := &signinRequest{Username: c.username, Password: c.password} - res, err := c.sendRequest(http.MethodPost, "/accounts/signin/", req) - if err != nil { - return err - } - - resp := &signinResponse{} - if err := json.Unmarshal(res.Body(), &resp); err != nil { - return fmt.Errorf("upyun api error: failed to unmarshal response: %w", err) - } else if !resp.Data.Result { - return errors.New("upyun console signin failed") - } - - c.loginCookie = res.Header().Get("Set-Cookie") - - return nil -} - -func (c *Client) UploadHttpsCertificate(req *UploadHttpsCertificateRequest) (*UploadHttpsCertificateResponse, error) { - if err := c.ensureCookieExists(); err != nil { - return nil, err - } - - resp := &UploadHttpsCertificateResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/api/https/certificate/", req, resp) - return resp, err -} - -func (c *Client) GetHttpsCertificateManager(certificateId string) (*GetHttpsCertificateManagerResponse, error) { - if err := c.ensureCookieExists(); err != nil { - return nil, err - } - - req := &GetHttpsCertificateManagerRequest{CertificateId: certificateId} - resp := &GetHttpsCertificateManagerResponse{} - err := c.sendRequestWithResult(http.MethodGet, "/api/https/certificate/manager/", req, resp) - return resp, err -} - -func (c *Client) UpdateHttpsCertificateManager(req *UpdateHttpsCertificateManagerRequest) (*UpdateHttpsCertificateManagerResponse, error) { - if err := c.ensureCookieExists(); err != nil { - return nil, err - } - - resp := &UpdateHttpsCertificateManagerResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/api/https/certificate/manager", req, resp) - return resp, err -} - -func (c *Client) GetHttpsServiceManager(domain string) (*GetHttpsServiceManagerResponse, error) { - if err := c.ensureCookieExists(); err != nil { - return nil, err - } - - req := &GetHttpsServiceManagerRequest{Domain: domain} - resp := &GetHttpsServiceManagerResponse{} - err := c.sendRequestWithResult(http.MethodGet, "/api/https/services/manager", req, resp) - return resp, err -} - -func (c *Client) MigrateHttpsDomain(req *MigrateHttpsDomainRequest) (*MigrateHttpsDomainResponse, error) { - if err := c.ensureCookieExists(); err != nil { - return nil, err - } - - resp := &MigrateHttpsDomainResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/api/https/migrate/domain", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/upyun/console/client.go b/internal/pkg/sdk3rd/upyun/console/client.go deleted file mode 100644 index e9202d91..00000000 --- a/internal/pkg/sdk3rd/upyun/console/client.go +++ /dev/null @@ -1,99 +0,0 @@ -package console - -import ( - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - username string - password string - - loginCookie string - - client *resty.Client -} - -func NewClient(username, password string) *Client { - client := &Client{ - username: username, - password: password, - } - client.client = resty.New(). - SetBaseURL("https://console.upyun.com"). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - if client.loginCookie != "" { - req.Header.Set("Cookie", client.loginCookie) - } - - return nil - }) - - return client -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("upyun api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("upyun api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result interface{}) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("upyun api error: failed to unmarshal response: %w", err) - } - - tresp := &baseResponse{} - if err := json.Unmarshal(resp.Body(), &tresp); err != nil { - return fmt.Errorf("upyun api error: failed to unmarshal response: %w", err) - } else if tdata := tresp.GetData(); tdata == nil { - return fmt.Errorf("upyun api error: empty data") - } else if errcode := tdata.GetErrorCode(); errcode > 0 { - return fmt.Errorf("upyun api error: code='%d', message='%s'", errcode, tdata.GetErrorMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/upyun/console/models.go b/internal/pkg/sdk3rd/upyun/console/models.go deleted file mode 100644 index 12f2ab34..00000000 --- a/internal/pkg/sdk3rd/upyun/console/models.go +++ /dev/null @@ -1,141 +0,0 @@ -package console - -import ( - "encoding/json" -) - -type baseResponse struct { - Data *baseResponseData `json:"data,omitempty"` -} - -func (r *baseResponse) GetData() *baseResponseData { - return r.Data -} - -type baseResponseData struct { - ErrorCode json.Number `json:"error_code"` - ErrorMessage string `json:"message"` -} - -func (r *baseResponseData) GetErrorCode() int32 { - if r.ErrorCode.String() == "" { - return 0 - } - - errcode, err := r.ErrorCode.Int64() - if err != nil { - return -1 - } - - return int32(errcode) -} - -func (r *baseResponseData) GetErrorMessage() string { - return r.ErrorMessage -} - -type signinRequest struct { - Username string `json:"username"` - Password string `json:"password"` -} - -type signinResponse struct { - baseResponse - Data *struct { - baseResponseData - Result bool `json:"result"` - } `json:"data,omitempty"` -} - -type UploadHttpsCertificateRequest struct { - Certificate string `json:"certificate"` - PrivateKey string `json:"private_key"` -} - -type UploadHttpsCertificateResponse struct { - baseResponse - Data *struct { - baseResponseData - Status int32 `json:"status"` - Result struct { - CertificateId string `json:"certificate_id"` - CommonName string `json:"commonName"` - Serial string `json:"serial"` - } `json:"result"` - } `json:"data,omitempty"` -} - -type GetHttpsCertificateManagerRequest struct { - CertificateId string `json:"certificate_id"` -} - -type GetHttpsCertificateManagerResponse struct { - baseResponse - Data *struct { - baseResponseData - AuthenticateNum int32 `json:"authenticate_num"` - AuthenticateDomains []string `json:"authenticate_domain"` - Domains []HttpsCertificateManagerDomain `json:"domains"` - } `json:"data,omitempty"` -} - -type HttpsCertificateManagerDomain struct { - Name string `json:"name"` - Type string `json:"type"` - BucketId int64 `json:"bucket_id"` - BucketName string `json:"bucket_name"` -} - -type UpdateHttpsCertificateManagerRequest struct { - CertificateId string `json:"certificate_id"` - Domain string `json:"domain"` - Https bool `json:"https"` - ForceHttps bool `json:"force_https"` -} - -type UpdateHttpsCertificateManagerResponse struct { - baseResponse - Data *struct { - baseResponseData - Status bool `json:"status"` - } `json:"data,omitempty"` -} - -type GetHttpsServiceManagerRequest struct { - Domain string `json:"domain"` -} - -type GetHttpsServiceManagerResponse struct { - baseResponse - Data *struct { - baseResponseData - Status int32 `json:"status"` - Domains []HttpsServiceManagerDomain `json:"result"` - } `json:"data,omitempty"` -} - -type HttpsServiceManagerDomain struct { - CertificateId string `json:"certificate_id"` - CommonName string `json:"commonName"` - Https bool `json:"https"` - ForceHttps bool `json:"force_https"` - PaymentType string `json:"payment_type"` - DomainType string `json:"domain_type"` - Validity struct { - Start int64 `json:"start"` - End int64 `json:"end"` - } `json:"validity"` -} - -type MigrateHttpsDomainRequest struct { - CertificateId string `json:"crt_id"` - Domain string `json:"domain_name"` -} - -type MigrateHttpsDomainResponse struct { - baseResponse - Data *struct { - baseResponseData - Status bool `json:"status"` - } `json:"data,omitempty"` -} diff --git a/internal/pkg/sdk3rd/wangsu/cdn/api.go b/internal/pkg/sdk3rd/wangsu/cdn/api.go deleted file mode 100644 index 997c05bf..00000000 --- a/internal/pkg/sdk3rd/wangsu/cdn/api.go +++ /dev/null @@ -1,15 +0,0 @@ -package cdn - -import ( - "net/http" -) - -func (c *Client) BatchUpdateCertificateConfig(req *BatchUpdateCertificateConfigRequest) (*BatchUpdateCertificateConfigResponse, error) { - resp := &BatchUpdateCertificateConfigResponse{} - _, err := c.client.SendRequestWithResult(http.MethodPut, "/api/config/certificate/batch", req, resp) - if err != nil { - return resp, err - } - - return resp, err -} diff --git a/internal/pkg/sdk3rd/wangsu/cdn/client.go b/internal/pkg/sdk3rd/wangsu/cdn/client.go deleted file mode 100644 index ac53e171..00000000 --- a/internal/pkg/sdk3rd/wangsu/cdn/client.go +++ /dev/null @@ -1,20 +0,0 @@ -package cdn - -import ( - "time" - - "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/openapi" -) - -type Client struct { - client *openapi.Client -} - -func NewClient(accessKey, secretKey string) *Client { - return &Client{client: openapi.NewClient(accessKey, secretKey)} -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.WithTimeout(timeout) - return c -} diff --git a/internal/pkg/sdk3rd/wangsu/cdn/models.go b/internal/pkg/sdk3rd/wangsu/cdn/models.go deleted file mode 100644 index 5bf934af..00000000 --- a/internal/pkg/sdk3rd/wangsu/cdn/models.go +++ /dev/null @@ -1,26 +0,0 @@ -package cdn - -import ( - "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/openapi" -) - -type baseResponse struct { - RequestId *string `json:"requestId,omitempty"` - Code *string `json:"code,omitempty"` - Message *string `json:"message,omitempty"` -} - -var _ openapi.Result = (*baseResponse)(nil) - -func (r *baseResponse) SetRequestId(requestId string) { - r.RequestId = &requestId -} - -type BatchUpdateCertificateConfigRequest struct { - CertificateId int64 `json:"certificateId" required:"true"` - DomainNames []string `json:"domainNames" required:"true"` -} - -type BatchUpdateCertificateConfigResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/wangsu/cdnpro/api.go b/internal/pkg/sdk3rd/wangsu/cdnpro/api.go deleted file mode 100644 index c45e6921..00000000 --- a/internal/pkg/sdk3rd/wangsu/cdnpro/api.go +++ /dev/null @@ -1,70 +0,0 @@ -package cdnpro - -import ( - "fmt" - "net/http" - "net/url" - - "github.com/go-resty/resty/v2" -) - -func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { - resp := &CreateCertificateResponse{} - rres, err := c.client.SendRequestWithResult(http.MethodPost, "/cdn/certificates", req, resp, func(r *resty.Request) { - r.SetHeader("X-CNC-Timestamp", fmt.Sprintf("%d", req.Timestamp)) - }) - if err != nil { - return resp, err - } - - resp.CertificateUrl = rres.Header().Get("Location") - return resp, err -} - -func (c *Client) UpdateCertificate(certificateId string, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { - if certificateId == "" { - return nil, fmt.Errorf("wangsu api error: invalid parameter: certificateId") - } - - resp := &UpdateCertificateResponse{} - rres, err := c.client.SendRequestWithResult(http.MethodPatch, fmt.Sprintf("/cdn/certificates/%s", url.PathEscape(certificateId)), req, resp, func(r *resty.Request) { - r.SetHeader("X-CNC-Timestamp", fmt.Sprintf("%d", req.Timestamp)) - }) - if err != nil { - return resp, err - } - - resp.CertificateUrl = rres.Header().Get("Location") - return resp, err -} - -func (c *Client) GetHostnameDetail(hostname string) (*GetHostnameDetailResponse, error) { - if hostname == "" { - return nil, fmt.Errorf("wangsu api error: invalid parameter: hostname") - } - - resp := &GetHostnameDetailResponse{} - _, err := c.client.SendRequestWithResult(http.MethodGet, fmt.Sprintf("/cdn/hostnames/%s", url.PathEscape(hostname)), nil, resp) - return resp, err -} - -func (c *Client) CreateDeploymentTask(req *CreateDeploymentTaskRequest) (*CreateDeploymentTaskResponse, error) { - resp := &CreateDeploymentTaskResponse{} - rres, err := c.client.SendRequestWithResult(http.MethodPost, "/cdn/deploymentTasks", req, resp) - if err != nil { - return resp, err - } - - resp.DeploymentTaskUrl = rres.Header().Get("Location") - return resp, err -} - -func (c *Client) GetDeploymentTaskDetail(deploymentTaskId string) (*GetDeploymentTaskDetailResponse, error) { - if deploymentTaskId == "" { - return nil, fmt.Errorf("wangsu api error: invalid parameter: deploymentTaskId") - } - - resp := &GetDeploymentTaskDetailResponse{} - _, err := c.client.SendRequestWithResult(http.MethodGet, fmt.Sprintf("/cdn/deploymentTasks/%s", url.PathEscape(deploymentTaskId)), nil, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/wangsu/cdnpro/client.go b/internal/pkg/sdk3rd/wangsu/cdnpro/client.go deleted file mode 100644 index b5c0f530..00000000 --- a/internal/pkg/sdk3rd/wangsu/cdnpro/client.go +++ /dev/null @@ -1,20 +0,0 @@ -package cdnpro - -import ( - "time" - - "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/openapi" -) - -type Client struct { - client *openapi.Client -} - -func NewClient(accessKey, secretKey string) *Client { - return &Client{client: openapi.NewClient(accessKey, secretKey)} -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.WithTimeout(timeout) - return c -} diff --git a/internal/pkg/sdk3rd/wangsu/cdnpro/models.go b/internal/pkg/sdk3rd/wangsu/cdnpro/models.go deleted file mode 100644 index 9cb1e648..00000000 --- a/internal/pkg/sdk3rd/wangsu/cdnpro/models.go +++ /dev/null @@ -1,108 +0,0 @@ -package cdnpro - -import ( - "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/openapi" -) - -type baseResponse struct { - RequestId *string `json:"requestId,omitempty"` - Code *string `json:"code,omitempty"` - Message *string `json:"message,omitempty"` -} - -var _ openapi.Result = (*baseResponse)(nil) - -func (r *baseResponse) SetRequestId(requestId string) { - r.RequestId = &requestId -} - -type CertificateVersion struct { - Comments *string `json:"comments,omitempty"` - PrivateKey *string `json:"privateKey,omitempty"` - Certificate *string `json:"certificate,omitempty"` - ChainCert *string `json:"chainCert,omitempty"` - IdentificationInfo *CertificateVersionIdentificationInfo `json:"identificationInfo,omitempty"` -} - -type CertificateVersionIdentificationInfo struct { - Country *string `json:"country,omitempty"` - State *string `json:"state,omitempty"` - City *string `json:"city,omitempty"` - Company *string `json:"company,omitempty"` - Department *string `json:"department,omitempty"` - CommonName *string `json:"commonName,omitempty" required:"true"` - Email *string `json:"email,omitempty"` - SubjectAlternativeNames *[]string `json:"subjectAlternativeNames,omitempty" required:"true"` -} - -type CreateCertificateRequest struct { - Timestamp int64 `json:"-"` - Name *string `json:"name,omitempty" required:"true"` - Description *string `json:"description,omitempty"` - AutoRenew *string `json:"autoRenew,omitempty"` - ForceRenew *bool `json:"forceRenew,omitempty"` - NewVersion *CertificateVersion `json:"newVersion,omitempty" required:"true"` -} - -type CreateCertificateResponse struct { - baseResponse - CertificateUrl string `json:"location,omitempty"` -} - -type UpdateCertificateRequest struct { - Timestamp int64 `json:"-"` - Name *string `json:"name,omitempty"` - Description *string `json:"description,omitempty"` - AutoRenew *string `json:"autoRenew,omitempty"` - ForceRenew *bool `json:"forceRenew,omitempty"` - NewVersion *CertificateVersion `json:"newVersion,omitempty" required:"true"` -} - -type UpdateCertificateResponse struct { - baseResponse - CertificateUrl string `json:"location,omitempty"` -} - -type HostnameProperty struct { - PropertyId string `json:"propertyId"` - Version int32 `json:"version"` - CertificateId *string `json:"certificateId,omitempty"` -} - -type GetHostnameDetailResponse struct { - baseResponse - Hostname string `json:"hostname"` - PropertyInProduction *HostnameProperty `json:"propertyInProduction,omitempty"` - PropertyInStaging *HostnameProperty `json:"propertyInStaging,omitempty"` -} - -type DeploymentTaskAction struct { - Action *string `json:"action,omitempty" required:"true"` - PropertyId *string `json:"propertyId,omitempty"` - CertificateId *string `json:"certificateId,omitempty"` - Version *int32 `json:"version,omitempty"` -} - -type CreateDeploymentTaskRequest struct { - Name *string `json:"name,omitempty"` - Target *string `json:"target,omitempty" required:"true"` - Actions *[]DeploymentTaskAction `json:"actions,omitempty" required:"true"` - Webhook *string `json:"webhook,omitempty"` -} - -type CreateDeploymentTaskResponse struct { - baseResponse - DeploymentTaskUrl string `json:"location,omitempty"` -} - -type GetDeploymentTaskDetailResponse struct { - baseResponse - Name string `json:"name"` - Target string `json:"target"` - Actions []DeploymentTaskAction `json:"actions"` - Status string `json:"status"` - StatusDetails string `json:"statusDetails"` - SubmissionTime string `json:"submissionTime"` - FinishTime string `json:"finishTime"` - ApiRequestId string `json:"apiRequestId"` -} diff --git a/internal/pkg/sdk3rd/wangsu/certificate/api.go b/internal/pkg/sdk3rd/wangsu/certificate/api.go deleted file mode 100644 index 22172d4e..00000000 --- a/internal/pkg/sdk3rd/wangsu/certificate/api.go +++ /dev/null @@ -1,42 +0,0 @@ -package certificate - -import ( - "fmt" - "net/http" - "net/url" -) - -func (c *Client) ListCertificates() (*ListCertificatesResponse, error) { - resp := &ListCertificatesResponse{} - _, err := c.client.SendRequestWithResult(http.MethodGet, "/api/ssl/certificate", nil, resp) - if err != nil { - return resp, err - } - - return resp, err -} - -func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { - resp := &CreateCertificateResponse{} - rres, err := c.client.SendRequestWithResult(http.MethodPost, "/api/certificate", req, resp) - if err != nil { - return resp, err - } - - resp.CertificateUrl = rres.Header().Get("Location") - return resp, err -} - -func (c *Client) UpdateCertificate(certificateId string, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { - if certificateId == "" { - return nil, fmt.Errorf("wangsu api error: invalid parameter: certificateId") - } - - resp := &UpdateCertificateResponse{} - _, err := c.client.SendRequestWithResult(http.MethodPut, fmt.Sprintf("/api/certificate/%s", url.PathEscape(certificateId)), req, resp) - if err != nil { - return resp, err - } - - return resp, err -} diff --git a/internal/pkg/sdk3rd/wangsu/certificate/client.go b/internal/pkg/sdk3rd/wangsu/certificate/client.go deleted file mode 100644 index 19f4cfaa..00000000 --- a/internal/pkg/sdk3rd/wangsu/certificate/client.go +++ /dev/null @@ -1,20 +0,0 @@ -package certificate - -import ( - "time" - - "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/openapi" -) - -type Client struct { - client *openapi.Client -} - -func NewClient(accessKey, secretKey string) *Client { - return &Client{client: openapi.NewClient(accessKey, secretKey)} -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.WithTimeout(timeout) - return c -} diff --git a/internal/pkg/sdk3rd/wangsu/certificate/models.go b/internal/pkg/sdk3rd/wangsu/certificate/models.go deleted file mode 100644 index 4e882e7c..00000000 --- a/internal/pkg/sdk3rd/wangsu/certificate/models.go +++ /dev/null @@ -1,52 +0,0 @@ -package certificate - -import ( - "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/openapi" -) - -type baseResponse struct { - RequestId *string `json:"requestId,omitempty"` - Code *string `json:"code,omitempty"` - Message *string `json:"message,omitempty"` -} - -var _ openapi.Result = (*baseResponse)(nil) - -func (r *baseResponse) SetRequestId(requestId string) { - r.RequestId = &requestId -} - -type CreateCertificateRequest struct { - Name *string `json:"name,omitempty" required:"true"` - Certificate *string `json:"certificate,omitempty" required:"true"` - PrivateKey *string `json:"privateKey,omitempty"` - Comment *string `json:"comment,omitempty" ` -} - -type CreateCertificateResponse struct { - baseResponse - CertificateUrl string `json:"location,omitempty"` -} - -type UpdateCertificateRequest struct { - Name *string `json:"name,omitempty" required:"true"` - Certificate *string `json:"certificate,omitempty"` - PrivateKey *string `json:"privateKey,omitempty"` - Comment *string `json:"comment,omitempty" ` -} - -type UpdateCertificateResponse struct { - baseResponse -} - -type ListCertificatesResponse struct { - baseResponse - Certificates []*struct { - CertificateId string `json:"certificate-id"` - Name string `json:"name"` - Comment string `json:"comment"` - ValidityFrom string `json:"certificate-validity-from"` - ValidityTo string `json:"certificate-validity-to"` - Serial string `json:"certificate-serial"` - } `json:"ssl-certificates,omitempty"` -} diff --git a/internal/repository/access.go b/internal/repository/access.go index 16cc7378..a0e7e935 100644 --- a/internal/repository/access.go +++ b/internal/repository/access.go @@ -8,8 +8,8 @@ import ( "github.com/pocketbase/pocketbase/core" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" ) type AccessRepository struct{} diff --git a/internal/repository/acme_account.go b/internal/repository/acme_account.go index 020f1aeb..7b46e77c 100644 --- a/internal/repository/acme_account.go +++ b/internal/repository/acme_account.go @@ -11,8 +11,8 @@ import ( "github.com/pocketbase/pocketbase/core" "golang.org/x/sync/singleflight" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" ) type AcmeAccountRepository struct{} diff --git a/internal/repository/certificate.go b/internal/repository/certificate.go index 1d2897bf..11426dbe 100644 --- a/internal/repository/certificate.go +++ b/internal/repository/certificate.go @@ -6,10 +6,10 @@ import ( "errors" "fmt" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" "github.com/pocketbase/dbx" "github.com/pocketbase/pocketbase/core" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" ) type CertificateRepository struct{} diff --git a/internal/repository/settings.go b/internal/repository/settings.go index 713b900a..b4d22780 100644 --- a/internal/repository/settings.go +++ b/internal/repository/settings.go @@ -5,9 +5,9 @@ import ( "database/sql" "errors" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" "github.com/pocketbase/dbx" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" ) type SettingsRepository struct{} diff --git a/internal/repository/statistics.go b/internal/repository/statistics.go index 395feb09..74abf692 100644 --- a/internal/repository/statistics.go +++ b/internal/repository/statistics.go @@ -3,8 +3,8 @@ package repository import ( "context" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" ) type StatisticsRepository struct{} diff --git a/internal/repository/workflow.go b/internal/repository/workflow.go index baa5e21b..3367644b 100644 --- a/internal/repository/workflow.go +++ b/internal/repository/workflow.go @@ -6,10 +6,10 @@ import ( "errors" "fmt" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" "github.com/pocketbase/dbx" "github.com/pocketbase/pocketbase/core" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" ) type WorkflowRepository struct{} diff --git a/internal/repository/workflow_log.go b/internal/repository/workflow_log.go index 0b801231..11bad327 100644 --- a/internal/repository/workflow_log.go +++ b/internal/repository/workflow_log.go @@ -6,10 +6,10 @@ import ( "errors" "fmt" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" "github.com/pocketbase/dbx" "github.com/pocketbase/pocketbase/core" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" ) type WorkflowLogRepository struct{} diff --git a/internal/repository/workflow_output.go b/internal/repository/workflow_output.go index 4cee625c..5b8b72fb 100644 --- a/internal/repository/workflow_output.go +++ b/internal/repository/workflow_output.go @@ -6,10 +6,10 @@ import ( "errors" "fmt" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" "github.com/pocketbase/dbx" "github.com/pocketbase/pocketbase/core" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" ) type WorkflowOutputRepository struct{} diff --git a/internal/repository/workflow_run.go b/internal/repository/workflow_run.go index 19a06747..01051be9 100644 --- a/internal/repository/workflow_run.go +++ b/internal/repository/workflow_run.go @@ -6,10 +6,10 @@ import ( "errors" "fmt" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" "github.com/pocketbase/dbx" "github.com/pocketbase/pocketbase/core" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" ) type WorkflowRunRepository struct{} diff --git a/internal/rest/handlers/certificate.go b/internal/rest/handlers/certificate.go index 01b2b06d..192ea9fe 100644 --- a/internal/rest/handlers/certificate.go +++ b/internal/rest/handlers/certificate.go @@ -6,8 +6,8 @@ import ( "github.com/pocketbase/pocketbase/core" "github.com/pocketbase/pocketbase/tools/router" - "github.com/usual2970/certimate/internal/domain/dtos" - "github.com/usual2970/certimate/internal/rest/resp" + "github.com/certimate-go/certimate/internal/domain/dtos" + "github.com/certimate-go/certimate/internal/rest/resp" ) type certificateService interface { diff --git a/internal/rest/handlers/notify.go b/internal/rest/handlers/notify.go index eed8b8cc..a20863e3 100644 --- a/internal/rest/handlers/notify.go +++ b/internal/rest/handlers/notify.go @@ -6,8 +6,8 @@ import ( "github.com/pocketbase/pocketbase/core" "github.com/pocketbase/pocketbase/tools/router" - "github.com/usual2970/certimate/internal/domain/dtos" - "github.com/usual2970/certimate/internal/rest/resp" + "github.com/certimate-go/certimate/internal/domain/dtos" + "github.com/certimate-go/certimate/internal/rest/resp" ) type notifyService interface { diff --git a/internal/rest/handlers/statistics.go b/internal/rest/handlers/statistics.go index 65853cae..0e141be4 100644 --- a/internal/rest/handlers/statistics.go +++ b/internal/rest/handlers/statistics.go @@ -6,8 +6,8 @@ import ( "github.com/pocketbase/pocketbase/core" "github.com/pocketbase/pocketbase/tools/router" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/rest/resp" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/rest/resp" ) type statisticsService interface { diff --git a/internal/rest/handlers/workflow.go b/internal/rest/handlers/workflow.go index bad474f0..2c88d582 100644 --- a/internal/rest/handlers/workflow.go +++ b/internal/rest/handlers/workflow.go @@ -6,8 +6,8 @@ import ( "github.com/pocketbase/pocketbase/core" "github.com/pocketbase/pocketbase/tools/router" - "github.com/usual2970/certimate/internal/domain/dtos" - "github.com/usual2970/certimate/internal/rest/resp" + "github.com/certimate-go/certimate/internal/domain/dtos" + "github.com/certimate-go/certimate/internal/rest/resp" ) type workflowService interface { diff --git a/internal/rest/resp/resp.go b/internal/rest/resp/resp.go index 3b0ae91b..2073056f 100644 --- a/internal/rest/resp/resp.go +++ b/internal/rest/resp/resp.go @@ -5,7 +5,7 @@ import ( "github.com/pocketbase/pocketbase/core" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain" ) type Response struct { diff --git a/internal/rest/routes/routes.go b/internal/rest/routes/routes.go index 6172bc12..4f021ba5 100644 --- a/internal/rest/routes/routes.go +++ b/internal/rest/routes/routes.go @@ -7,12 +7,12 @@ import ( "github.com/pocketbase/pocketbase/core" "github.com/pocketbase/pocketbase/tools/router" - "github.com/usual2970/certimate/internal/certificate" - "github.com/usual2970/certimate/internal/notify" - "github.com/usual2970/certimate/internal/repository" - "github.com/usual2970/certimate/internal/rest/handlers" - "github.com/usual2970/certimate/internal/statistics" - "github.com/usual2970/certimate/internal/workflow" + "github.com/certimate-go/certimate/internal/certificate" + "github.com/certimate-go/certimate/internal/notify" + "github.com/certimate-go/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/rest/handlers" + "github.com/certimate-go/certimate/internal/statistics" + "github.com/certimate-go/certimate/internal/workflow" ) var ( diff --git a/internal/scheduler/scheduler.go b/internal/scheduler/scheduler.go index ba4ee9c3..0bfce2b0 100644 --- a/internal/scheduler/scheduler.go +++ b/internal/scheduler/scheduler.go @@ -1,10 +1,10 @@ package scheduler import ( - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/certificate" - "github.com/usual2970/certimate/internal/repository" - "github.com/usual2970/certimate/internal/workflow" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/certificate" + "github.com/certimate-go/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/workflow" ) func Register() { diff --git a/internal/statistics/service.go b/internal/statistics/service.go index 44388ba9..ea041a15 100644 --- a/internal/statistics/service.go +++ b/internal/statistics/service.go @@ -3,7 +3,7 @@ package statistics import ( "context" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain" ) type statisticsRepository interface { diff --git a/internal/workflow/dispatcher/dispatcher.go b/internal/workflow/dispatcher/dispatcher.go index ae03e40d..3ba74e80 100644 --- a/internal/workflow/dispatcher/dispatcher.go +++ b/internal/workflow/dispatcher/dispatcher.go @@ -12,9 +12,9 @@ import ( "sync" "time" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) var maxWorkers = 1 @@ -126,7 +126,7 @@ func (d *WorkflowDispatcher) Cancel(runId string) { // 移除排队中的 WorkflowRun d.queueMutex.Lock() - d.queue = sliceutil.Filter(d.queue, func(d *WorkflowWorkerData) bool { + d.queue = xslices.Filter(d.queue, func(d *WorkflowWorkerData) bool { return d.RunId != runId }) d.queueMutex.Unlock() diff --git a/internal/workflow/dispatcher/invoker.go b/internal/workflow/dispatcher/invoker.go index c1d1260e..8fbf3134 100644 --- a/internal/workflow/dispatcher/invoker.go +++ b/internal/workflow/dispatcher/invoker.go @@ -5,9 +5,9 @@ import ( "errors" "log/slog" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/pkg/logging" - nodes "github.com/usual2970/certimate/internal/workflow/node-processor" + "github.com/certimate-go/certimate/internal/domain" + nodes "github.com/certimate-go/certimate/internal/workflow/node-processor" + "github.com/certimate-go/certimate/pkg/logging" ) type workflowInvoker struct { diff --git a/internal/workflow/dispatcher/singleton.go b/internal/workflow/dispatcher/singleton.go index e5a77655..8e5a7865 100644 --- a/internal/workflow/dispatcher/singleton.go +++ b/internal/workflow/dispatcher/singleton.go @@ -4,8 +4,8 @@ import ( "context" "sync" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" ) type workflowRepository interface { diff --git a/internal/workflow/event.go b/internal/workflow/event.go index ec850af9..9451377c 100644 --- a/internal/workflow/event.go +++ b/internal/workflow/event.go @@ -6,10 +6,10 @@ import ( "github.com/pocketbase/pocketbase/core" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/domain/dtos" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain/dtos" + "github.com/certimate-go/certimate/internal/repository" ) func Register() { diff --git a/internal/workflow/node-processor/apply_node.go b/internal/workflow/node-processor/apply_node.go index c44c302b..5f73d308 100644 --- a/internal/workflow/node-processor/apply_node.go +++ b/internal/workflow/node-processor/apply_node.go @@ -9,10 +9,10 @@ import ( "golang.org/x/exp/maps" - "github.com/usual2970/certimate/internal/applicant" - "github.com/usual2970/certimate/internal/domain" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/applicant" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) type applyNode struct { @@ -72,7 +72,7 @@ func (n *applyNode) Process(ctx context.Context) error { } // 解析证书并生成实体 - certX509, err := certutil.ParseCertificateFromPEM(applyResult.FullChainCertificate) + certX509, err := xcert.ParseCertificateFromPEM(applyResult.FullChainCertificate) if err != nil { n.logger.Warn("failed to parse certificate, may be the CA responded error") return err diff --git a/internal/workflow/node-processor/condition_node.go b/internal/workflow/node-processor/condition_node.go index 023f9e1a..3b87ddf9 100644 --- a/internal/workflow/node-processor/condition_node.go +++ b/internal/workflow/node-processor/condition_node.go @@ -5,8 +5,8 @@ import ( "errors" "fmt" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/domain/expr" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain/expr" ) type conditionNode struct { diff --git a/internal/workflow/node-processor/deploy_node.go b/internal/workflow/node-processor/deploy_node.go index 30a7c4e7..973fe1f7 100644 --- a/internal/workflow/node-processor/deploy_node.go +++ b/internal/workflow/node-processor/deploy_node.go @@ -7,10 +7,11 @@ import ( "strconv" "strings" - "github.com/usual2970/certimate/internal/deployer" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/repository" "golang.org/x/exp/maps" + + "github.com/certimate-go/certimate/internal/deployer" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" ) type deployNode struct { diff --git a/internal/workflow/node-processor/execute_failure_node.go b/internal/workflow/node-processor/execute_failure_node.go index 40be18ed..38892241 100644 --- a/internal/workflow/node-processor/execute_failure_node.go +++ b/internal/workflow/node-processor/execute_failure_node.go @@ -3,7 +3,7 @@ package nodeprocessor import ( "context" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain" ) type executeFailureNode struct { diff --git a/internal/workflow/node-processor/execute_success_node.go b/internal/workflow/node-processor/execute_success_node.go index 2cd78ff3..47a8645e 100644 --- a/internal/workflow/node-processor/execute_success_node.go +++ b/internal/workflow/node-processor/execute_success_node.go @@ -3,7 +3,7 @@ package nodeprocessor import ( "context" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain" ) type executeSuccessNode struct { diff --git a/internal/workflow/node-processor/monitor_node.go b/internal/workflow/node-processor/monitor_node.go index b1c4ca53..e9f046f2 100644 --- a/internal/workflow/node-processor/monitor_node.go +++ b/internal/workflow/node-processor/monitor_node.go @@ -13,8 +13,8 @@ import ( "strings" "time" - "github.com/usual2970/certimate/internal/domain" - httputil "github.com/usual2970/certimate/internal/pkg/utils/http" + "github.com/certimate-go/certimate/internal/domain" + xhttp "github.com/certimate-go/certimate/pkg/utils/http" ) type monitorNode struct { @@ -116,7 +116,7 @@ func (n *monitorNode) Process(ctx context.Context) error { } func (n *monitorNode) tryRetrievePeerCertificates(ctx context.Context, addr, domain, requestPath string) ([]*x509.Certificate, error) { - transport := httputil.NewDefaultTransport() + transport := xhttp.NewDefaultTransport() if transport.TLSClientConfig == nil { transport.TLSClientConfig = &tls.Config{} } diff --git a/internal/workflow/node-processor/monitor_node_test.go b/internal/workflow/node-processor/monitor_node_test.go index 1cc0c876..53afb21c 100644 --- a/internal/workflow/node-processor/monitor_node_test.go +++ b/internal/workflow/node-processor/monitor_node_test.go @@ -5,8 +5,8 @@ import ( "log/slog" "testing" - "github.com/usual2970/certimate/internal/domain" - nodeprocessor "github.com/usual2970/certimate/internal/workflow/node-processor" + "github.com/certimate-go/certimate/internal/domain" + nodeprocessor "github.com/certimate-go/certimate/internal/workflow/node-processor" ) func Test_MonitorNode(t *testing.T) { diff --git a/internal/workflow/node-processor/notify_node.go b/internal/workflow/node-processor/notify_node.go index 2cba06cf..3fe6df0e 100644 --- a/internal/workflow/node-processor/notify_node.go +++ b/internal/workflow/node-processor/notify_node.go @@ -6,9 +6,9 @@ import ( "log/slog" "strconv" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/notify" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/notify" + "github.com/certimate-go/certimate/internal/repository" ) type notifyNode struct { diff --git a/internal/workflow/node-processor/processor.go b/internal/workflow/node-processor/processor.go index fed8f98e..10e0de9b 100644 --- a/internal/workflow/node-processor/processor.go +++ b/internal/workflow/node-processor/processor.go @@ -6,7 +6,7 @@ import ( "io" "log/slog" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain" ) type NodeProcessor interface { diff --git a/internal/workflow/node-processor/start_node.go b/internal/workflow/node-processor/start_node.go index bdfea1b7..b9142003 100644 --- a/internal/workflow/node-processor/start_node.go +++ b/internal/workflow/node-processor/start_node.go @@ -3,7 +3,7 @@ package nodeprocessor import ( "context" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain" ) type startNode struct { diff --git a/internal/workflow/node-processor/upload_node.go b/internal/workflow/node-processor/upload_node.go index 053af435..be28241c 100644 --- a/internal/workflow/node-processor/upload_node.go +++ b/internal/workflow/node-processor/upload_node.go @@ -8,8 +8,8 @@ import ( "strings" "time" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" ) type uploadNode struct { diff --git a/internal/workflow/service.go b/internal/workflow/service.go index f234be63..9085cc25 100644 --- a/internal/workflow/service.go +++ b/internal/workflow/service.go @@ -9,10 +9,10 @@ import ( "github.com/pocketbase/dbx" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/domain/dtos" - "github.com/usual2970/certimate/internal/workflow/dispatcher" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain/dtos" + "github.com/certimate-go/certimate/internal/workflow/dispatcher" ) type workflowRepository interface { diff --git a/main.go b/main.go index 18e88bed..7184d781 100644 --- a/main.go +++ b/main.go @@ -13,13 +13,13 @@ import ( "github.com/pocketbase/pocketbase/plugins/migratecmd" "github.com/pocketbase/pocketbase/tools/hook" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/rest/routes" - "github.com/usual2970/certimate/internal/scheduler" - "github.com/usual2970/certimate/internal/workflow" - "github.com/usual2970/certimate/ui" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/rest/routes" + "github.com/certimate-go/certimate/internal/scheduler" + "github.com/certimate-go/certimate/internal/workflow" + "github.com/certimate-go/certimate/ui" - _ "github.com/usual2970/certimate/migrations" + _ "github.com/certimate-go/certimate/migrations" ) func main() { diff --git a/migrations/1739462400_collections_snapshot.go b/migrations/1739462400_collections_snapshot.go index 2f78e7b9..1ec20348 100644 --- a/migrations/1739462400_collections_snapshot.go +++ b/migrations/1739462400_collections_snapshot.go @@ -6,7 +6,8 @@ import ( "github.com/pocketbase/pocketbase/core" m "github.com/pocketbase/pocketbase/migrations" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) func init() { @@ -1753,21 +1754,21 @@ func init() { case "certificate": { if record.GetString("issuer") == "" { - cert, _ := certutil.ParseCertificateFromPEM(record.GetString("certificate")) + cert, _ := xcert.ParseCertificateFromPEM(record.GetString("certificate")) if cert != nil { record.Set("issuer", strings.Join(cert.Issuer.Organization, ";")) changed = true } } if record.GetString("serialNumber") == "" { - cert, _ := certutil.ParseCertificateFromPEM(record.GetString("certificate")) + cert, _ := xcert.ParseCertificateFromPEM(record.GetString("certificate")) if cert != nil { record.Set("serialNumber", strings.ToUpper(cert.SerialNumber.Text(16))) changed = true } } if record.GetString("keyAlgorithm") == "" { - cert, _ := certutil.ParseCertificateFromPEM(record.GetString("certificate")) + cert, _ := xcert.ParseCertificateFromPEM(record.GetString("certificate")) if cert != nil { switch cert.SignatureAlgorithm { case x509.SHA256WithRSA, x509.SHA256WithRSAPSS: diff --git a/migrations/tracer.go b/migrations/tracer.go index 04f58e54..113ed08c 100644 --- a/migrations/tracer.go +++ b/migrations/tracer.go @@ -1,4 +1,4 @@ -package migrations +package migrations import ( "fmt" diff --git a/pkg/core/core.go b/pkg/core/core.go new file mode 100644 index 00000000..e83a1900 --- /dev/null +++ b/pkg/core/core.go @@ -0,0 +1,9 @@ +package core + +import ( + "log/slog" +) + +type WithLogger interface { + SetLogger(logger *slog.Logger) +} diff --git a/internal/pkg/core/notifier/notifier.go b/pkg/core/notifier.go similarity index 88% rename from internal/pkg/core/notifier/notifier.go rename to pkg/core/notifier.go index f04084aa..4e1dbe62 100644 --- a/internal/pkg/core/notifier/notifier.go +++ b/pkg/core/notifier.go @@ -1,13 +1,12 @@ -package notifier +package core import ( "context" - "log/slog" ) // 表示定义消息通知器的抽象类型接口。 type Notifier interface { - WithLogger(logger *slog.Logger) Notifier + WithLogger // 发送通知。 // diff --git a/internal/pkg/core/notifier/providers/bark/bark.go b/pkg/core/notifier/providers/bark/bark.go similarity index 73% rename from internal/pkg/core/notifier/providers/bark/bark.go rename to pkg/core/notifier/providers/bark/bark.go index 805a72b0..0378bd90 100644 --- a/internal/pkg/core/notifier/providers/bark/bark.go +++ b/pkg/core/notifier/providers/bark/bark.go @@ -2,15 +2,16 @@ package bark import ( "context" + "errors" "fmt" "log/slog" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // Bark 服务地址。 // 零值时使用官方服务器。 ServerUrl string `json:"serverUrl"` @@ -19,16 +20,16 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -40,16 +41,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { const defaultServerURL = "https://api.day.app/" serverUrl := defaultServerURL if n.config.ServerUrl != "" { @@ -72,5 +72,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("bark api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/bark/bark_test.go b/pkg/core/notifier/providers/bark/bark_test.go similarity index 87% rename from internal/pkg/core/notifier/providers/bark/bark_test.go rename to pkg/core/notifier/providers/bark/bark_test.go index f90448a9..6a1bc7cd 100644 --- a/internal/pkg/core/notifier/providers/bark/bark_test.go +++ b/pkg/core/notifier/providers/bark/bark_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/bark" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/bark" ) const ( @@ -44,7 +44,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("DEVICEKEY: %v", fDeviceKey), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ ServerUrl: fServerUrl, DeviceKey: fDeviceKey, }) diff --git a/internal/pkg/core/notifier/providers/dingtalkbot/dingtalkbot.go b/pkg/core/notifier/providers/dingtalkbot/dingtalkbot.go similarity index 69% rename from internal/pkg/core/notifier/providers/dingtalkbot/dingtalkbot.go rename to pkg/core/notifier/providers/dingtalkbot/dingtalkbot.go index 81358ef4..7cdbfc49 100644 --- a/internal/pkg/core/notifier/providers/dingtalkbot/dingtalkbot.go +++ b/pkg/core/notifier/providers/dingtalkbot/dingtalkbot.go @@ -2,16 +2,17 @@ package dingtalkbot import ( "context" + "errors" "fmt" "log/slog" "net/url" "github.com/blinkbean/dingtalk" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // 钉钉机器人的 Webhook 地址。 WebhookUrl string `json:"webhookUrl"` // 钉钉机器人的 Secret。 @@ -19,15 +20,15 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } return &NotifierProvider{ @@ -36,16 +37,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { webhookUrl, err := url.Parse(n.config.WebhookUrl) if err != nil { return nil, fmt.Errorf("dingtalk api error: invalid webhook url: %w", err) @@ -62,5 +62,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("dingtalk api error: %w", err) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/dingtalkbot/dingtalkbot_test.go b/pkg/core/notifier/providers/dingtalkbot/dingtalkbot_test.go similarity index 87% rename from internal/pkg/core/notifier/providers/dingtalkbot/dingtalkbot_test.go rename to pkg/core/notifier/providers/dingtalkbot/dingtalkbot_test.go index de3b6ba0..c838a4f2 100644 --- a/internal/pkg/core/notifier/providers/dingtalkbot/dingtalkbot_test.go +++ b/pkg/core/notifier/providers/dingtalkbot/dingtalkbot_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/dingtalkbot" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/dingtalkbot" ) const ( @@ -44,7 +44,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("SECRET: %v", fSecret), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ WebhookUrl: fWebhookUrl, Secret: fSecret, }) diff --git a/internal/pkg/core/notifier/providers/discordbot/discordbot.go b/pkg/core/notifier/providers/discordbot/discordbot.go similarity index 73% rename from internal/pkg/core/notifier/providers/discordbot/discordbot.go rename to pkg/core/notifier/providers/discordbot/discordbot.go index 704e7c79..6d5ec9fc 100644 --- a/internal/pkg/core/notifier/providers/discordbot/discordbot.go +++ b/pkg/core/notifier/providers/discordbot/discordbot.go @@ -2,15 +2,16 @@ package discordbot import ( "context" + "errors" "fmt" "log/slog" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // Discord Bot API Token。 BotToken string `json:"botToken"` // Discord Channel ID。 @@ -18,16 +19,16 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -39,16 +40,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { // REF: https://discord.com/developers/docs/resources/message#create-message req := n.httpClient.R(). SetContext(ctx). @@ -65,5 +65,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("discord api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/discordbot/discordbot_test.go b/pkg/core/notifier/providers/discordbot/discordbot_test.go similarity index 82% rename from internal/pkg/core/notifier/providers/discordbot/discordbot_test.go rename to pkg/core/notifier/providers/discordbot/discordbot_test.go index 42edf95e..511bdc62 100644 --- a/internal/pkg/core/notifier/providers/discordbot/discordbot_test.go +++ b/pkg/core/notifier/providers/discordbot/discordbot_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/discordbot" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/discordbot" ) const ( @@ -24,7 +24,7 @@ func init() { argsPrefix := "CERTIMATE_NOTIFIER_DISCORDBOT_" flag.StringVar(&fApiToken, argsPrefix+"APITOKEN", "", "") - flag.StringVar(&fChannelId, argsPrefix+"CHANNELID", 0, "") + flag.StringVar(&fChannelId, argsPrefix+"CHANNELID", "", "") } /* @@ -44,7 +44,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("CHANNELID: %v", fChannelId), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ BotToken: fApiToken, ChannelId: fChannelId, }) diff --git a/internal/pkg/core/notifier/providers/email/email.go b/pkg/core/notifier/providers/email/email.go similarity index 82% rename from internal/pkg/core/notifier/providers/email/email.go rename to pkg/core/notifier/providers/email/email.go index bd7e8880..631e8995 100644 --- a/internal/pkg/core/notifier/providers/email/email.go +++ b/pkg/core/notifier/providers/email/email.go @@ -3,6 +3,7 @@ package email import ( "context" "crypto/tls" + "errors" "log/slog" "net" "net/smtp" @@ -10,10 +11,10 @@ import ( "github.com/domodwyer/mailyak/v3" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // SMTP 服务器地址。 SmtpHost string `json:"smtpHost"` // SMTP 服务器端口。 @@ -34,15 +35,15 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } return &NotifierProvider{ @@ -51,16 +52,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { var smtpAuth smtp.Auth if n.config.Username != "" || n.config.Password != "" { smtpAuth = smtp.PlainAuth("", n.config.Username, n.config.Password, n.config.SmtpHost) @@ -98,7 +98,7 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, err } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } func newTlsConfig() *tls.Config { diff --git a/internal/pkg/core/notifier/providers/email/email_test.go b/pkg/core/notifier/providers/email/email_test.go similarity index 93% rename from internal/pkg/core/notifier/providers/email/email_test.go rename to pkg/core/notifier/providers/email/email_test.go index cf0669ca..3d99a198 100644 --- a/internal/pkg/core/notifier/providers/email/email_test.go +++ b/pkg/core/notifier/providers/email/email_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/email" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/email" ) const ( @@ -64,7 +64,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("RECEIVERADDRESS: %v", fReceiverAddress), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ SmtpHost: fSmtpHost, SmtpPort: int32(fSmtpPort), SmtpTls: fSmtpTLS, diff --git a/internal/pkg/core/notifier/providers/gotify/gotify.go b/pkg/core/notifier/providers/gotify/gotify.go similarity index 74% rename from internal/pkg/core/notifier/providers/gotify/gotify.go rename to pkg/core/notifier/providers/gotify/gotify.go index 75d8737b..97d69ba9 100644 --- a/internal/pkg/core/notifier/providers/gotify/gotify.go +++ b/pkg/core/notifier/providers/gotify/gotify.go @@ -2,16 +2,17 @@ package gotify import ( "context" + "errors" "fmt" "log/slog" "strings" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // Gotify 服务地址。 ServerUrl string `json:"serverUrl"` // Gotify Token。 @@ -21,16 +22,16 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -42,16 +43,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { serverUrl := strings.TrimRight(n.config.ServerUrl, "/") // REF: https://gotify.net/api-docs#/message/createMessage @@ -72,5 +72,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("gotify api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/gotify/gotify_test.go b/pkg/core/notifier/providers/gotify/gotify_test.go similarity index 88% rename from internal/pkg/core/notifier/providers/gotify/gotify_test.go rename to pkg/core/notifier/providers/gotify/gotify_test.go index eb0ffd6b..a96142b2 100644 --- a/internal/pkg/core/notifier/providers/gotify/gotify_test.go +++ b/pkg/core/notifier/providers/gotify/gotify_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/gotify" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/gotify" ) const ( @@ -47,7 +47,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("PRIORITY: %d", fPriority), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ ServerUrl: fUrl, Token: fToken, Priority: fPriority, diff --git a/internal/pkg/core/notifier/providers/larkbot/larkbot.go b/pkg/core/notifier/providers/larkbot/larkbot.go similarity index 65% rename from internal/pkg/core/notifier/providers/larkbot/larkbot.go rename to pkg/core/notifier/providers/larkbot/larkbot.go index 8c5022c0..96a570d2 100644 --- a/internal/pkg/core/notifier/providers/larkbot/larkbot.go +++ b/pkg/core/notifier/providers/larkbot/larkbot.go @@ -2,29 +2,30 @@ package larkbot import ( "context" + "errors" "fmt" "log/slog" "github.com/go-lark/lark" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // 飞书机器人 Webhook 地址。 WebhookUrl string `json:"webhookUrl"` } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } return &NotifierProvider{ @@ -33,16 +34,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { bot := lark.NewNotificationBot(n.config.WebhookUrl) content := lark.NewPostBuilder(). Title(subject). @@ -56,5 +56,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("lark api error: code='%d', message='%s'", resp.Code, resp.Msg) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/larkbot/larkbot_test.go b/pkg/core/notifier/providers/larkbot/larkbot_test.go similarity index 84% rename from internal/pkg/core/notifier/providers/larkbot/larkbot_test.go rename to pkg/core/notifier/providers/larkbot/larkbot_test.go index 2deba768..8fd73bb8 100644 --- a/internal/pkg/core/notifier/providers/larkbot/larkbot_test.go +++ b/pkg/core/notifier/providers/larkbot/larkbot_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/larkbot" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/larkbot" ) const ( @@ -38,7 +38,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("WEBHOOKURL: %v", fWebhookUrl), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ WebhookUrl: fWebhookUrl, }) if err != nil { diff --git a/internal/pkg/core/notifier/providers/mattermost/mattermost.go b/pkg/core/notifier/providers/mattermost/mattermost.go similarity index 83% rename from internal/pkg/core/notifier/providers/mattermost/mattermost.go rename to pkg/core/notifier/providers/mattermost/mattermost.go index de72d192..c936306c 100644 --- a/internal/pkg/core/notifier/providers/mattermost/mattermost.go +++ b/pkg/core/notifier/providers/mattermost/mattermost.go @@ -2,16 +2,17 @@ package mattermost import ( "context" + "errors" "fmt" "log/slog" "strings" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // Mattermost 服务地址。 ServerUrl string `json:"serverUrl"` // Mattermost 用户名。 @@ -23,16 +24,16 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -44,16 +45,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { serverUrl := strings.TrimRight(n.config.ServerUrl, "/") // REF: https://developers.mattermost.com/api-documentation/#/operations/Login @@ -98,5 +98,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("mattermost api error: unexpected status code: %d, resp: %s", postResp.StatusCode(), postResp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/mattermost/mattermost_test.go b/pkg/core/notifier/providers/mattermost/mattermost_test.go similarity index 90% rename from internal/pkg/core/notifier/providers/mattermost/mattermost_test.go rename to pkg/core/notifier/providers/mattermost/mattermost_test.go index 6db6cc42..e63471c9 100644 --- a/internal/pkg/core/notifier/providers/mattermost/mattermost_test.go +++ b/pkg/core/notifier/providers/mattermost/mattermost_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/mattermost" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/mattermost" ) const ( @@ -52,7 +52,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("PASSWORD: %v", fPassword), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ ServerUrl: fServerUrl, ChannelId: fChannelId, Username: fUsername, diff --git a/internal/pkg/core/notifier/providers/pushover/pushover.go b/pkg/core/notifier/providers/pushover/pushover.go similarity index 71% rename from internal/pkg/core/notifier/providers/pushover/pushover.go rename to pkg/core/notifier/providers/pushover/pushover.go index aedf8d3a..5eea6375 100644 --- a/internal/pkg/core/notifier/providers/pushover/pushover.go +++ b/pkg/core/notifier/providers/pushover/pushover.go @@ -2,15 +2,16 @@ package pushover import ( "context" + "errors" "fmt" "log/slog" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // Pushover API Token。 Token string `json:"token"` // 用户或分组标识。 @@ -18,16 +19,16 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -39,16 +40,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { // REF: https://pushover.net/api req := n.httpClient.R(). SetContext(ctx). @@ -67,5 +67,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("pushover api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/pushover/pushover_test.go b/pkg/core/notifier/providers/pushover/pushover_test.go similarity index 85% rename from internal/pkg/core/notifier/providers/pushover/pushover_test.go rename to pkg/core/notifier/providers/pushover/pushover_test.go index 450beac1..25d4288b 100644 --- a/internal/pkg/core/notifier/providers/pushover/pushover_test.go +++ b/pkg/core/notifier/providers/pushover/pushover_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/pushover" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/pushover" ) const ( @@ -42,7 +42,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("TOKEN: %v", fToken), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ Token: fToken, User: fUser, }) diff --git a/internal/pkg/core/notifier/providers/pushplus/pushplus.go b/pkg/core/notifier/providers/pushplus/pushplus.go similarity index 77% rename from internal/pkg/core/notifier/providers/pushplus/pushplus.go rename to pkg/core/notifier/providers/pushplus/pushplus.go index 9f565ce5..559603f7 100644 --- a/internal/pkg/core/notifier/providers/pushplus/pushplus.go +++ b/pkg/core/notifier/providers/pushplus/pushplus.go @@ -3,30 +3,31 @@ package pushplus import ( "context" "encoding/json" + "errors" "fmt" "log/slog" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // PushPlus Token。 Token string `json:"token"` } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -38,16 +39,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { // REF: https://pushplus.plus/doc/guide/api.html#%E4%B8%80%E3%80%81%E5%8F%91%E9%80%81%E6%B6%88%E6%81%AF%E6%8E%A5%E5%8F%A3 req := n.httpClient.R(). SetContext(ctx). @@ -75,5 +75,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("pushplus api error: code='%d', message='%s'", errorResponse.Code, errorResponse.Message) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/pushplus/pushplus_test.go b/pkg/core/notifier/providers/pushplus/pushplus_test.go similarity index 83% rename from internal/pkg/core/notifier/providers/pushplus/pushplus_test.go rename to pkg/core/notifier/providers/pushplus/pushplus_test.go index f504c168..6fca9ccf 100644 --- a/internal/pkg/core/notifier/providers/pushplus/pushplus_test.go +++ b/pkg/core/notifier/providers/pushplus/pushplus_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/pushplus" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/pushplus" ) const ( @@ -37,7 +37,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("TOKEN: %v", fToken), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ Token: fToken, }) if err != nil { diff --git a/internal/pkg/core/notifier/providers/serverchan/serverchan.go b/pkg/core/notifier/providers/serverchan/serverchan.go similarity index 69% rename from internal/pkg/core/notifier/providers/serverchan/serverchan.go rename to pkg/core/notifier/providers/serverchan/serverchan.go index ea6adf2b..20f7cdd7 100644 --- a/internal/pkg/core/notifier/providers/serverchan/serverchan.go +++ b/pkg/core/notifier/providers/serverchan/serverchan.go @@ -2,30 +2,31 @@ package serverchan import ( "context" + "errors" "fmt" "log/slog" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // ServerChan 服务地址。 ServerUrl string `json:"serverUrl"` } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -37,16 +38,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { // REF: https://sct.ftqq.com/ req := n.httpClient.R(). SetContext(ctx). @@ -63,5 +63,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("serverchan api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/serverchan/serverchan_test.go b/pkg/core/notifier/providers/serverchan/serverchan_test.go similarity index 84% rename from internal/pkg/core/notifier/providers/serverchan/serverchan_test.go rename to pkg/core/notifier/providers/serverchan/serverchan_test.go index 5684a593..2ea4acaa 100644 --- a/internal/pkg/core/notifier/providers/serverchan/serverchan_test.go +++ b/pkg/core/notifier/providers/serverchan/serverchan_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/serverchan" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/serverchan" ) const ( @@ -38,7 +38,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("URL: %v", fUrl), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ ServerUrl: fUrl, }) if err != nil { diff --git a/internal/pkg/core/notifier/providers/slackbot/slackbot.go b/pkg/core/notifier/providers/slackbot/slackbot.go similarity index 73% rename from internal/pkg/core/notifier/providers/slackbot/slackbot.go rename to pkg/core/notifier/providers/slackbot/slackbot.go index 92db106c..f8706cd4 100644 --- a/internal/pkg/core/notifier/providers/slackbot/slackbot.go +++ b/pkg/core/notifier/providers/slackbot/slackbot.go @@ -2,15 +2,16 @@ package discordbot import ( "context" + "errors" "fmt" "log/slog" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // Slack Bot API Token。 BotToken string `json:"botToken"` // Slack Channel ID。 @@ -18,16 +19,16 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -39,16 +40,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { // REF: https://docs.slack.dev/messaging/sending-and-scheduling-messages#publishing req := n.httpClient.R(). SetContext(ctx). @@ -67,5 +67,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("slack api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/slackbot/slackbot_test.go b/pkg/core/notifier/providers/slackbot/slackbot_test.go similarity index 82% rename from internal/pkg/core/notifier/providers/slackbot/slackbot_test.go rename to pkg/core/notifier/providers/slackbot/slackbot_test.go index 356ef71f..5f5ab4a1 100644 --- a/internal/pkg/core/notifier/providers/slackbot/slackbot_test.go +++ b/pkg/core/notifier/providers/slackbot/slackbot_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/slackbot" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/slackbot" ) const ( @@ -24,7 +24,7 @@ func init() { argsPrefix := "CERTIMATE_NOTIFIER_SLACKBOT_" flag.StringVar(&fApiToken, argsPrefix+"APITOKEN", "", "") - flag.StringVar(&fChannelId, argsPrefix+"CHANNELID", 0, "") + flag.StringVar(&fChannelId, argsPrefix+"CHANNELID", "", "") } /* @@ -44,7 +44,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("CHANNELID: %v", fChannelId), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ BotToken: fApiToken, ChannelId: fChannelId, }) diff --git a/internal/pkg/core/notifier/providers/telegrambot/telegrambot.go b/pkg/core/notifier/providers/telegrambot/telegrambot.go similarity index 72% rename from internal/pkg/core/notifier/providers/telegrambot/telegrambot.go rename to pkg/core/notifier/providers/telegrambot/telegrambot.go index 80d03a21..a2c077eb 100644 --- a/internal/pkg/core/notifier/providers/telegrambot/telegrambot.go +++ b/pkg/core/notifier/providers/telegrambot/telegrambot.go @@ -2,15 +2,16 @@ package telegrambot import ( "context" + "errors" "fmt" "log/slog" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // Telegram Bot API Token。 BotToken string `json:"botToken"` // Telegram Chat ID。 @@ -18,16 +19,16 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -39,16 +40,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { // REF: https://core.telegram.org/bots/api#sendmessage req := n.httpClient.R(). SetContext(ctx). @@ -65,5 +65,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("telegram api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/telegrambot/telegrambot_test.go b/pkg/core/notifier/providers/telegrambot/telegrambot_test.go similarity index 86% rename from internal/pkg/core/notifier/providers/telegrambot/telegrambot_test.go rename to pkg/core/notifier/providers/telegrambot/telegrambot_test.go index 8dc18b95..76c24eee 100644 --- a/internal/pkg/core/notifier/providers/telegrambot/telegrambot_test.go +++ b/pkg/core/notifier/providers/telegrambot/telegrambot_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/telegrambot" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/telegrambot" ) const ( @@ -44,7 +44,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("CHATID: %v", fChatId), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ BotToken: fApiToken, ChatId: fChatId, }) diff --git a/internal/pkg/core/notifier/providers/webhook/webhook.go b/pkg/core/notifier/providers/webhook/webhook.go similarity index 91% rename from internal/pkg/core/notifier/providers/webhook/webhook.go rename to pkg/core/notifier/providers/webhook/webhook.go index 523f7b4d..09ae91e3 100644 --- a/internal/pkg/core/notifier/providers/webhook/webhook.go +++ b/pkg/core/notifier/providers/webhook/webhook.go @@ -4,6 +4,7 @@ import ( "context" "crypto/tls" "encoding/json" + "errors" "fmt" "log/slog" "net/http" @@ -13,10 +14,10 @@ import ( "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // Webhook URL。 WebhookUrl string `json:"webhookUrl"` // Webhook 回调数据(application/json 或 application/x-www-form-urlencoded 格式)。 @@ -31,16 +32,16 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New(). @@ -58,16 +59,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { // 处理 Webhook URL webhookUrl, err := url.Parse(n.config.WebhookUrl) if err != nil { @@ -165,7 +165,7 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s n.logger.Debug("webhook responded", slog.String("response", resp.String())) - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } func replaceJsonValueRecursively(data interface{}, oldStr, newStr string) interface{} { diff --git a/internal/pkg/core/notifier/providers/webhook/webhook_test.go b/pkg/core/notifier/providers/webhook/webhook_test.go similarity index 88% rename from internal/pkg/core/notifier/providers/webhook/webhook_test.go rename to pkg/core/notifier/providers/webhook/webhook_test.go index c416b3c9..d7a42a7e 100644 --- a/internal/pkg/core/notifier/providers/webhook/webhook_test.go +++ b/pkg/core/notifier/providers/webhook/webhook_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/webhook" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/webhook" ) const ( @@ -43,7 +43,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("URL: %v", fWebhookUrl), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ WebhookUrl: fWebhookUrl, Method: "POST", Headers: map[string]string{ diff --git a/internal/pkg/core/notifier/providers/wecombot/wecombot.go b/pkg/core/notifier/providers/wecombot/wecombot.go similarity index 71% rename from internal/pkg/core/notifier/providers/wecombot/wecombot.go rename to pkg/core/notifier/providers/wecombot/wecombot.go index 93b03c4d..991168b4 100644 --- a/internal/pkg/core/notifier/providers/wecombot/wecombot.go +++ b/pkg/core/notifier/providers/wecombot/wecombot.go @@ -2,30 +2,31 @@ package wecombot import ( "context" + "errors" "fmt" "log/slog" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // 企业微信机器人 Webhook 地址。 WebhookUrl string `json:"webhookUrl"` } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -37,16 +38,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { // REF: https://developer.work.weixin.qq.com/document/path/91770 req := n.httpClient.R(). SetContext(ctx). @@ -65,5 +65,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("wecom api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/wecombot/wecombot_test.go b/pkg/core/notifier/providers/wecombot/wecombot_test.go similarity index 84% rename from internal/pkg/core/notifier/providers/wecombot/wecombot_test.go rename to pkg/core/notifier/providers/wecombot/wecombot_test.go index 261f2158..9a58384a 100644 --- a/internal/pkg/core/notifier/providers/wecombot/wecombot_test.go +++ b/pkg/core/notifier/providers/wecombot/wecombot_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/wecombot" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/wecombot" ) const ( @@ -38,7 +38,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("WEBHOOKURL: %v", fWebhookUrl), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ WebhookUrl: fWebhookUrl, }) if err != nil { diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/acmehttpreq/acmehttpreq.go b/pkg/core/ssl-applicator/acme-dns01/providers/acmehttpreq/acmehttpreq.go similarity index 80% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/acmehttpreq/acmehttpreq.go rename to pkg/core/ssl-applicator/acme-dns01/providers/acmehttpreq/acmehttpreq.go index bdd16234..54445cda 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/acmehttpreq/acmehttpreq.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/acmehttpreq/acmehttpreq.go @@ -1,11 +1,13 @@ package acmehttpreq import ( + "errors" "net/url" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/httpreq" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -16,9 +18,9 @@ type ChallengeProviderConfig struct { DnsPropagationTimeout int32 `json:"dnsPropagationTimeout,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } endpoint, _ := url.Parse(config.Endpoint) diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun-esa/aliyun_esa.go b/pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa/aliyun_esa.go similarity index 73% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun-esa/aliyun_esa.go rename to pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa/aliyun_esa.go index 56deaa2d..a2ef64b1 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun-esa/aliyun_esa.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa/aliyun_esa.go @@ -1,11 +1,11 @@ package aliyunesa import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - internal "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun-esa/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa/internal" ) type ChallengeProviderConfig struct { @@ -16,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := internal.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun-esa/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa/internal/lego.go similarity index 100% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun-esa/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa/internal/lego.go diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun/aliyun.go b/pkg/core/ssl-applicator/acme-dns01/providers/aliyun/aliyun.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun/aliyun.go rename to pkg/core/ssl-applicator/acme-dns01/providers/aliyun/aliyun.go index 8f5cc56b..3b694d92 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun/aliyun.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/aliyun/aliyun.go @@ -1,10 +1,12 @@ package aliyun import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/alidns" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := alidns.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/aws-route53/aws-route53.go b/pkg/core/ssl-applicator/acme-dns01/providers/aws-route53/aws-route53.go similarity index 82% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/aws-route53/aws-route53.go rename to pkg/core/ssl-applicator/acme-dns01/providers/aws-route53/aws-route53.go index be1cfecf..e5f81d05 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/aws-route53/aws-route53.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/aws-route53/aws-route53.go @@ -1,10 +1,12 @@ package awsroute53 import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/route53" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -16,9 +18,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := route53.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/azure-dns/azure-dns.go b/pkg/core/ssl-applicator/acme-dns01/providers/azure-dns/azure-dns.go similarity index 75% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/azure-dns/azure-dns.go rename to pkg/core/ssl-applicator/acme-dns01/providers/azure-dns/azure-dns.go index d8d54c90..b02e2338 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/azure-dns/azure-dns.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/azure-dns/azure-dns.go @@ -1,12 +1,13 @@ package azuredns import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/azuredns" - azcommon "github.com/usual2970/certimate/internal/pkg/sdk3rd/azure/common" + "github.com/certimate-go/certimate/pkg/core" + azenv "github.com/certimate-go/certimate/pkg/sdk3rd/azure/env" ) type ChallengeProviderConfig struct { @@ -18,9 +19,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := azuredns.NewDefaultConfig() @@ -28,7 +29,7 @@ func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, providerConfig.ClientID = config.ClientId providerConfig.ClientSecret = config.ClientSecret if config.CloudName != "" { - env, err := azcommon.GetCloudEnvironmentConfiguration(config.CloudName) + env, err := azenv.GetCloudEnvConfiguration(config.CloudName) if err != nil { return nil, err } diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud/baiducloud.go b/pkg/core/ssl-applicator/acme-dns01/providers/baiducloud/baiducloud.go similarity index 71% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud/baiducloud.go rename to pkg/core/ssl-applicator/acme-dns01/providers/baiducloud/baiducloud.go index ac63665e..232dbdb2 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud/baiducloud.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/baiducloud/baiducloud.go @@ -1,11 +1,11 @@ package baiducloud import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - internal "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/baiducloud/internal" ) type ChallengeProviderConfig struct { @@ -15,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := internal.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/baiducloud/internal/lego.go similarity index 100% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/baiducloud/internal/lego.go diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/bunny/bunny.go b/pkg/core/ssl-applicator/acme-dns01/providers/bunny/bunny.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/bunny/bunny.go rename to pkg/core/ssl-applicator/acme-dns01/providers/bunny/bunny.go index 1f4fdffe..27a8f92f 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/bunny/bunny.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/bunny/bunny.go @@ -1,10 +1,12 @@ package bunny import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/bunny" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := bunny.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudflare/cloudflare.go b/pkg/core/ssl-applicator/acme-dns01/providers/cloudflare/cloudflare.go similarity index 79% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudflare/cloudflare.go rename to pkg/core/ssl-applicator/acme-dns01/providers/cloudflare/cloudflare.go index cdfc1313..ae33e61f 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudflare/cloudflare.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/cloudflare/cloudflare.go @@ -1,10 +1,12 @@ package cloudflare import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/cloudflare" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := cloudflare.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudns/cloudns.go b/pkg/core/ssl-applicator/acme-dns01/providers/cloudns/cloudns.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudns/cloudns.go rename to pkg/core/ssl-applicator/acme-dns01/providers/cloudns/cloudns.go index dc351bd3..88cd2866 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudns/cloudns.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/cloudns/cloudns.go @@ -1,10 +1,12 @@ package cloudns import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/cloudns" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := cloudns.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud/cmcccloud.go b/pkg/core/ssl-applicator/acme-dns01/providers/cmcccloud/cmcccloud.go similarity index 71% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud/cmcccloud.go rename to pkg/core/ssl-applicator/acme-dns01/providers/cmcccloud/cmcccloud.go index 83425f2d..494ea4b1 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud/cmcccloud.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/cmcccloud/cmcccloud.go @@ -1,11 +1,11 @@ package cmcccloud import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/cmcccloud/internal" ) type ChallengeProviderConfig struct { @@ -15,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := internal.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/cmcccloud/internal/lego.go similarity index 100% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/cmcccloud/internal/lego.go diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/constellix/constellix.go b/pkg/core/ssl-applicator/acme-dns01/providers/constellix/constellix.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/constellix/constellix.go rename to pkg/core/ssl-applicator/acme-dns01/providers/constellix/constellix.go index 12e7d615..02b11099 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/constellix/constellix.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/constellix/constellix.go @@ -1,10 +1,12 @@ package cloudns import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/constellix" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := constellix.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/ctcccloud/ctcccloud.go b/pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud/ctcccloud.go similarity index 71% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/ctcccloud/ctcccloud.go rename to pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud/ctcccloud.go index 8b3d494a..f4e47e3b 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/ctcccloud/ctcccloud.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud/ctcccloud.go @@ -1,11 +1,11 @@ package ctcccloud import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/ctcccloud/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud/internal" ) type ChallengeProviderConfig struct { @@ -15,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := internal.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/ctcccloud/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud/internal/lego.go similarity index 84% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/ctcccloud/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud/internal/lego.go index 1dd7f2e0..f472de75 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/ctcccloud/internal/lego.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud/internal/lego.go @@ -9,8 +9,8 @@ import ( "github.com/go-acme/lego/v4/challenge/dns01" "github.com/go-acme/lego/v4/platform/config/env" - ctyundns "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/dns" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + ctyundns "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/dns" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) const ( @@ -129,9 +129,9 @@ func (d *DNSProvider) findDNSRecordId(zoneName, subDomain string) (int32, error) // 查询解析记录列表 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=122&api=11264&data=181&isNormal=1&vid=259 request := &ctyundns.QueryRecordListRequest{} - request.Domain = typeutil.ToPtr(zoneName) - request.Host = typeutil.ToPtr(subDomain) - request.Type = typeutil.ToPtr("TXT") + request.Domain = xtypes.ToPtr(zoneName) + request.Host = xtypes.ToPtr(subDomain) + request.Type = xtypes.ToPtr("TXT") response, err := d.client.QueryRecordList(request) if err != nil { @@ -155,13 +155,13 @@ func (d *DNSProvider) addOrUpdateDNSRecord(zoneName, subDomain, value string) er // 新增解析记录 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=122&api=11259&data=181&isNormal=1&vid=259 request := &ctyundns.AddRecordRequest{ - Domain: typeutil.ToPtr(zoneName), - Host: typeutil.ToPtr(subDomain), - Type: typeutil.ToPtr("TXT"), - LineCode: typeutil.ToPtr("Default"), - Value: typeutil.ToPtr(value), - State: typeutil.ToPtr(int32(1)), - TTL: typeutil.ToPtr(int32(d.config.TTL)), + Domain: xtypes.ToPtr(zoneName), + Host: xtypes.ToPtr(subDomain), + Type: xtypes.ToPtr("TXT"), + LineCode: xtypes.ToPtr("Default"), + Value: xtypes.ToPtr(value), + State: xtypes.ToPtr(int32(1)), + TTL: xtypes.ToPtr(int32(d.config.TTL)), } _, err := d.client.AddRecord(request) return err @@ -169,14 +169,14 @@ func (d *DNSProvider) addOrUpdateDNSRecord(zoneName, subDomain, value string) er // 修改解析记录 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=122&api=11261&data=181&isNormal=1&vid=259 request := &ctyundns.UpdateRecordRequest{ - RecordId: typeutil.ToPtr(recordId), - Domain: typeutil.ToPtr(zoneName), - Host: typeutil.ToPtr(subDomain), - Type: typeutil.ToPtr("TXT"), - LineCode: typeutil.ToPtr("Default"), - Value: typeutil.ToPtr(value), - State: typeutil.ToPtr(int32(1)), - TTL: typeutil.ToPtr(int32(d.config.TTL)), + RecordId: xtypes.ToPtr(recordId), + Domain: xtypes.ToPtr(zoneName), + Host: xtypes.ToPtr(subDomain), + Type: xtypes.ToPtr("TXT"), + LineCode: xtypes.ToPtr("Default"), + Value: xtypes.ToPtr(value), + State: xtypes.ToPtr(int32(1)), + TTL: xtypes.ToPtr(int32(d.config.TTL)), } _, err := d.client.UpdateRecord(request) return err @@ -195,7 +195,7 @@ func (d *DNSProvider) removeDNSRecord(zoneName, subDomain string) error { // 删除解析记录 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=122&api=11262&data=181&isNormal=1&vid=259 request := &ctyundns.DeleteRecordRequest{ - RecordId: typeutil.ToPtr(recordId), + RecordId: xtypes.ToPtr(recordId), } _, err = d.client.DeleteRecord(request) return err diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/desec/desec.go b/pkg/core/ssl-applicator/acme-dns01/providers/desec/desec.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/desec/desec.go rename to pkg/core/ssl-applicator/acme-dns01/providers/desec/desec.go index 7a997117..b58c828e 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/desec/desec.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/desec/desec.go @@ -1,10 +1,12 @@ package desec import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/desec" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := desec.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/digitalocean/digitalocean.go b/pkg/core/ssl-applicator/acme-dns01/providers/digitalocean/digitalocean.go similarity index 77% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/digitalocean/digitalocean.go rename to pkg/core/ssl-applicator/acme-dns01/providers/digitalocean/digitalocean.go index 0e3cb358..45b679c8 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/digitalocean/digitalocean.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/digitalocean/digitalocean.go @@ -1,10 +1,12 @@ package namedotcom import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/digitalocean" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := digitalocean.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla/dnsla.go b/pkg/core/ssl-applicator/acme-dns01/providers/dnsla/dnsla.go similarity index 70% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla/dnsla.go rename to pkg/core/ssl-applicator/acme-dns01/providers/dnsla/dnsla.go index 5b0bd977..330bc237 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla/dnsla.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/dnsla/dnsla.go @@ -1,11 +1,11 @@ package dnsla import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - internal "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/dnsla/internal" ) type ChallengeProviderConfig struct { @@ -15,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := internal.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/dnsla/internal/lego.go similarity index 87% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/dnsla/internal/lego.go index 1063ac5f..3b7bdd07 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla/internal/lego.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/dnsla/internal/lego.go @@ -10,7 +10,7 @@ import ( "github.com/go-acme/lego/v4/challenge/dns01" "github.com/go-acme/lego/v4/platform/config/env" - dnslasdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/dnsla" + dnslasdk "github.com/certimate-go/certimate/pkg/sdk3rd/dnsla" ) const ( @@ -69,8 +69,12 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) { return nil, errors.New("dnsla: the configuration of the DNS provider is nil") } - client := dnslasdk.NewClient(config.APIId, config.APISecret). - WithTimeout(config.HTTPTimeout) + client, err := dnslasdk.NewClient(config.APIId, config.APISecret) + if err != nil { + return nil, err + } else { + client.SetTimeout(config.HTTPTimeout) + } return &DNSProvider{ client: client, @@ -122,13 +126,13 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) { return d.config.PropagationTimeout, d.config.PollingInterval } -func (d *DNSProvider) getDNSZone(zoneName string) (*dnslasdk.DomainInfo, error) { - pageIndex := 1 - pageSize := 100 +func (d *DNSProvider) getDNSZone(zoneName string) (*dnslasdk.DomainRecord, error) { + pageIndex := int32(1) + pageSize := int32(100) for { request := &dnslasdk.ListDomainsRequest{ - PageIndex: int32(pageIndex), - PageSize: int32(pageSize), + PageIndex: &pageIndex, + PageSize: &pageSize, } response, err := d.client.ListDomains(request) if err != nil { @@ -143,7 +147,7 @@ func (d *DNSProvider) getDNSZone(zoneName string) (*dnslasdk.DomainInfo, error) } } - if response.Data == nil || len(response.Data.Results) < pageSize { + if response.Data == nil || len(response.Data.Results) < int(pageSize) { break } @@ -153,20 +157,20 @@ func (d *DNSProvider) getDNSZone(zoneName string) (*dnslasdk.DomainInfo, error) return nil, fmt.Errorf("dnsla: zone %s not found", zoneName) } -func (d *DNSProvider) getDNSZoneAndRecord(zoneName, subDomain string) (*dnslasdk.DomainInfo, *dnslasdk.RecordInfo, error) { +func (d *DNSProvider) getDNSZoneAndRecord(zoneName, subDomain string) (*dnslasdk.DomainRecord, *dnslasdk.DnsRecord, error) { zone, err := d.getDNSZone(zoneName) if err != nil { return nil, nil, err } - pageIndex := 1 - pageSize := 100 + pageIndex := int32(1) + pageSize := int32(100) for { request := &dnslasdk.ListRecordsRequest{ - DomainId: zone.Id, + DomainId: &zone.Id, Host: &subDomain, - PageIndex: int32(pageIndex), - PageSize: int32(pageSize), + PageIndex: &pageIndex, + PageSize: &pageSize, } response, err := d.client.ListRecords(request) if err != nil { @@ -181,7 +185,7 @@ func (d *DNSProvider) getDNSZoneAndRecord(zoneName, subDomain string) (*dnslasdk } } - if response.Data == nil || len(response.Data.Results) < pageSize { + if response.Data == nil || len(response.Data.Results) < int(pageSize) { break } @@ -231,10 +235,7 @@ func (d *DNSProvider) removeDNSRecord(zoneName, subDomain string) error { if record == nil { return nil } else { - request := &dnslasdk.DeleteRecordRequest{ - Id: record.Id, - } - _, err = d.client.DeleteRecord(request) + _, err = d.client.DeleteRecord(record.Id) return err } } diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/duckdns/duckdns.go b/pkg/core/ssl-applicator/acme-dns01/providers/duckdns/duckdns.go similarity index 72% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/duckdns/duckdns.go rename to pkg/core/ssl-applicator/acme-dns01/providers/duckdns/duckdns.go index 6cc823d0..dabd7a6a 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/duckdns/duckdns.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/duckdns/duckdns.go @@ -1,10 +1,12 @@ package namedotcom import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/duckdns" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -12,9 +14,9 @@ type ChallengeProviderConfig struct { DnsPropagationTimeout int32 `json:"dnsPropagationTimeout,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := duckdns.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/dynv6/dnsla.go b/pkg/core/ssl-applicator/acme-dns01/providers/dynv6/dnsla.go similarity index 68% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/dynv6/dnsla.go rename to pkg/core/ssl-applicator/acme-dns01/providers/dynv6/dnsla.go index e5a1ea3c..e9055ff7 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/dynv6/dnsla.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/dynv6/dnsla.go @@ -1,11 +1,11 @@ package dynv6 import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - internal "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/dynv6/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/dynv6/internal" ) type ChallengeProviderConfig struct { @@ -14,9 +14,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := internal.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/dynv6/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/dynv6/internal/lego.go similarity index 100% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/dynv6/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/dynv6/internal/lego.go diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/gcore/gcore.go b/pkg/core/ssl-applicator/acme-dns01/providers/gcore/gcore.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/gcore/gcore.go rename to pkg/core/ssl-applicator/acme-dns01/providers/gcore/gcore.go index ac9f7e61..a3676a3b 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/gcore/gcore.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/gcore/gcore.go @@ -1,10 +1,12 @@ package gcore import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/gcore" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := gcore.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/gname.go b/pkg/core/ssl-applicator/acme-dns01/providers/gname/gname.go similarity index 70% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/gname.go rename to pkg/core/ssl-applicator/acme-dns01/providers/gname/gname.go index 42057149..4206626b 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/gname.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/gname/gname.go @@ -1,11 +1,11 @@ package gname import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - internal "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/gname/internal" ) type ChallengeProviderConfig struct { @@ -15,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := internal.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/gname/internal/lego.go similarity index 81% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/gname/internal/lego.go index 6bfda830..cd669262 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/internal/lego.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/gname/internal/lego.go @@ -9,7 +9,8 @@ import ( "github.com/go-acme/lego/v4/challenge/dns01" "github.com/go-acme/lego/v4/platform/config/env" - gnamesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/gname" + gnamesdk "github.com/certimate-go/certimate/pkg/sdk3rd/gname" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) const ( @@ -68,8 +69,12 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) { return nil, errors.New("gname: the configuration of the DNS provider is nil") } - client := gnamesdk.NewClient(config.AppID, config.AppKey). - WithTimeout(config.HTTPTimeout) + client, err := gnamesdk.NewClient(config.AppID, config.AppKey) + if err != nil { + return nil, err + } else { + client.SetTimeout(config.HTTPTimeout) + } return &DNSProvider{ client: client, @@ -121,14 +126,15 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) { return d.config.PropagationTimeout, d.config.PollingInterval } -func (d *DNSProvider) findDNSRecord(zoneName, subDomain string) (*gnamesdk.ResolutionRecord, error) { +func (d *DNSProvider) findDNSRecord(zoneName, subDomain string) (*gnamesdk.DomainResolutionRecordord, error) { page := int32(1) pageSize := int32(20) for { - request := &gnamesdk.ListDomainResolutionRequest{} - request.ZoneName = zoneName - request.Page = &page - request.PageSize = &pageSize + request := &gnamesdk.ListDomainResolutionRequest{ + ZoneName: xtypes.ToPtr(zoneName), + Page: xtypes.ToPtr(page), + PageSize: xtypes.ToPtr(pageSize), + } response, err := d.client.ListDomainResolution(request) if err != nil { @@ -162,23 +168,23 @@ func (d *DNSProvider) addOrUpdateDNSRecord(zoneName, subDomain, value string) er if record == nil { request := &gnamesdk.AddDomainResolutionRequest{ - ZoneName: zoneName, - RecordType: "TXT", - RecordName: subDomain, - RecordValue: value, - TTL: int32(d.config.TTL), + ZoneName: xtypes.ToPtr(zoneName), + RecordType: xtypes.ToPtr("TXT"), + RecordName: xtypes.ToPtr(subDomain), + RecordValue: xtypes.ToPtr(value), + TTL: xtypes.ToPtr(int32(d.config.TTL)), } _, err := d.client.AddDomainResolution(request) return err } else { recordId, _ := record.ID.Int64() request := &gnamesdk.ModifyDomainResolutionRequest{ - ID: recordId, - ZoneName: zoneName, - RecordType: "TXT", - RecordName: subDomain, - RecordValue: value, - TTL: int32(d.config.TTL), + ID: xtypes.ToPtr(recordId), + ZoneName: xtypes.ToPtr(zoneName), + RecordType: xtypes.ToPtr("TXT"), + RecordName: xtypes.ToPtr(subDomain), + RecordValue: xtypes.ToPtr(value), + TTL: xtypes.ToPtr(int32(d.config.TTL)), } _, err := d.client.ModifyDomainResolution(request) return err @@ -197,8 +203,8 @@ func (d *DNSProvider) removeDNSRecord(zoneName, subDomain string) error { recordId, _ := record.ID.Int64() request := &gnamesdk.DeleteDomainResolutionRequest{ - ZoneName: zoneName, - RecordID: recordId, + ZoneName: xtypes.ToPtr(zoneName), + RecordID: xtypes.ToPtr(recordId), } _, err = d.client.DeleteDomainResolution(request) return err diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/godaddy/godaddy.go b/pkg/core/ssl-applicator/acme-dns01/providers/godaddy/godaddy.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/godaddy/godaddy.go rename to pkg/core/ssl-applicator/acme-dns01/providers/godaddy/godaddy.go index 957c9185..66e0e7f3 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/godaddy/godaddy.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/godaddy/godaddy.go @@ -1,10 +1,12 @@ package godaddy import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/godaddy" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := godaddy.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/hetzner/hetzner.go b/pkg/core/ssl-applicator/acme-dns01/providers/hetzner/hetzner.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/hetzner/hetzner.go rename to pkg/core/ssl-applicator/acme-dns01/providers/hetzner/hetzner.go index c202cc78..8c270e6a 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/hetzner/hetzner.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/hetzner/hetzner.go @@ -1,10 +1,12 @@ package namedotcom import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/hetzner" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := hetzner.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/huaweicloud/huaweicloud.go b/pkg/core/ssl-applicator/acme-dns01/providers/huaweicloud/huaweicloud.go similarity index 83% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/huaweicloud/huaweicloud.go rename to pkg/core/ssl-applicator/acme-dns01/providers/huaweicloud/huaweicloud.go index 08a629fc..4f8e60c6 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/huaweicloud/huaweicloud.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/huaweicloud/huaweicloud.go @@ -1,10 +1,12 @@ package huaweicloud import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" hwc "github.com/go-acme/lego/v4/providers/dns/huaweicloud" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -15,9 +17,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } region := config.Region diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/jdcloud/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/jdcloud/internal/lego.go similarity index 100% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/jdcloud/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/jdcloud/internal/lego.go diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/jdcloud/jdcloud.go b/pkg/core/ssl-applicator/acme-dns01/providers/jdcloud/jdcloud.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/jdcloud/jdcloud.go rename to pkg/core/ssl-applicator/acme-dns01/providers/jdcloud/jdcloud.go index 5729d932..e912f51c 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/jdcloud/jdcloud.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/jdcloud/jdcloud.go @@ -1,11 +1,11 @@ package jdcloud import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - internal "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/jdcloud/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/jdcloud/internal" ) type ChallengeProviderConfig struct { @@ -16,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } regionId := config.RegionId diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/namecheap/namecheap.go b/pkg/core/ssl-applicator/acme-dns01/providers/namecheap/namecheap.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/namecheap/namecheap.go rename to pkg/core/ssl-applicator/acme-dns01/providers/namecheap/namecheap.go index 9bf2f3c3..9d774011 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/namecheap/namecheap.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/namecheap/namecheap.go @@ -1,10 +1,12 @@ package namedotcom import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/namecheap" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := namecheap.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/namedotcom/namedotcom.go b/pkg/core/ssl-applicator/acme-dns01/providers/namedotcom/namedotcom.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/namedotcom/namedotcom.go rename to pkg/core/ssl-applicator/acme-dns01/providers/namedotcom/namedotcom.go index daff3612..ae33e86a 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/namedotcom/namedotcom.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/namedotcom/namedotcom.go @@ -1,10 +1,12 @@ package namedotcom import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/namedotcom" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := namedotcom.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/namesilo/namesilo.go b/pkg/core/ssl-applicator/acme-dns01/providers/namesilo/namesilo.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/namesilo/namesilo.go rename to pkg/core/ssl-applicator/acme-dns01/providers/namesilo/namesilo.go index 5656136b..5ce1b754 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/namesilo/namesilo.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/namesilo/namesilo.go @@ -1,10 +1,12 @@ package namesilo import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/namesilo" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := namesilo.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/netcup/netcup.go b/pkg/core/ssl-applicator/acme-dns01/providers/netcup/netcup.go similarity index 80% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/netcup/netcup.go rename to pkg/core/ssl-applicator/acme-dns01/providers/netcup/netcup.go index 43d7a694..4535e200 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/netcup/netcup.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/netcup/netcup.go @@ -1,10 +1,12 @@ package netcup import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/netcup" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -15,9 +17,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := netcup.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/netlify/netlify.go b/pkg/core/ssl-applicator/acme-dns01/providers/netlify/netlify.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/netlify/netlify.go rename to pkg/core/ssl-applicator/acme-dns01/providers/netlify/netlify.go index f590372b..fe589ac9 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/netlify/netlify.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/netlify/netlify.go @@ -1,10 +1,12 @@ package netcup import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/netlify" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := netlify.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/ns1/ns1.go b/pkg/core/ssl-applicator/acme-dns01/providers/ns1/ns1.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/ns1/ns1.go rename to pkg/core/ssl-applicator/acme-dns01/providers/ns1/ns1.go index 1682e0c2..039d1f62 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/ns1/ns1.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/ns1/ns1.go @@ -1,10 +1,12 @@ package ns1 import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/ns1" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := ns1.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/porkbun/porkbun.go b/pkg/core/ssl-applicator/acme-dns01/providers/porkbun/porkbun.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/porkbun/porkbun.go rename to pkg/core/ssl-applicator/acme-dns01/providers/porkbun/porkbun.go index ba60a791..e45b9223 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/porkbun/porkbun.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/porkbun/porkbun.go @@ -1,10 +1,12 @@ package porkbun import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/porkbun" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := porkbun.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/powerdns/powerdns.go b/pkg/core/ssl-applicator/acme-dns01/providers/powerdns/powerdns.go similarity index 83% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/powerdns/powerdns.go rename to pkg/core/ssl-applicator/acme-dns01/providers/powerdns/powerdns.go index 7c87536c..abb38dba 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/powerdns/powerdns.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/powerdns/powerdns.go @@ -2,12 +2,14 @@ package powerdns import ( "crypto/tls" + "errors" "net/http" "net/url" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/pdns" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -18,9 +20,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } serverUrl, _ := url.Parse(config.ServerUrl) diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/rainyun/rainyun.go b/pkg/core/ssl-applicator/acme-dns01/providers/rainyun/rainyun.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/rainyun/rainyun.go rename to pkg/core/ssl-applicator/acme-dns01/providers/rainyun/rainyun.go index 2deda0f1..6bfaf847 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/rainyun/rainyun.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/rainyun/rainyun.go @@ -1,10 +1,12 @@ package rainyun import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/rainyun" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := rainyun.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud-eo/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud-eo/internal/lego.go similarity index 100% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud-eo/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud-eo/internal/lego.go diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud-eo/tencentcloud_eo.go b/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud-eo/tencentcloud_eo.go similarity index 72% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud-eo/tencentcloud_eo.go rename to pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud-eo/tencentcloud_eo.go index 427c79ea..73f5b96e 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud-eo/tencentcloud_eo.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud-eo/tencentcloud_eo.go @@ -1,11 +1,11 @@ package tencentcloudeo import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - internal "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud-eo/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud-eo/internal" ) type ChallengeProviderConfig struct { @@ -16,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := internal.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud/tencentcloud.go b/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud/tencentcloud.go similarity index 79% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud/tencentcloud.go rename to pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud/tencentcloud.go index 8ef3760c..2d663728 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud/tencentcloud.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud/tencentcloud.go @@ -1,10 +1,12 @@ package tencentcloud import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/tencentcloud" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := tencentcloud.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr/internal/lego.go similarity index 98% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr/internal/lego.go index e1be56a4..e06bb30b 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr/internal/lego.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr/internal/lego.go @@ -11,7 +11,7 @@ import ( "github.com/ucloud/ucloud-sdk-go/ucloud" "github.com/ucloud/ucloud-sdk-go/ucloud/auth" - "github.com/usual2970/certimate/internal/pkg/sdk3rd/ucloud/udnr" + "github.com/certimate-go/certimate/pkg/sdk3rd/ucloud/udnr" ) const ( @@ -71,6 +71,7 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) { } cfg := ucloud.NewConfig() + cfg.Timeout = config.HTTPTimeout credential := auth.NewCredential() credential.PrivateKey = config.PrivateKey credential.PublicKey = config.PublicKey diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr/ucloud_udnr.go b/pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr/ucloud_udnr.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr/ucloud_udnr.go rename to pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr/ucloud_udnr.go index d1902747..12a51731 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr/ucloud_udnr.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr/ucloud_udnr.go @@ -4,9 +4,8 @@ import ( "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr/internal" ) type ChallengeProviderConfig struct { @@ -16,7 +15,7 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { return nil, errors.New("config is nil") } diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/vercel/vercel.go b/pkg/core/ssl-applicator/acme-dns01/providers/vercel/vercel.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/vercel/vercel.go rename to pkg/core/ssl-applicator/acme-dns01/providers/vercel/vercel.go index 35fb5f02..63a74638 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/vercel/vercel.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/vercel/vercel.go @@ -1,10 +1,12 @@ package vercel import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/vercel" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := vercel.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/volcengine/volcengine.go b/pkg/core/ssl-applicator/acme-dns01/providers/volcengine/volcengine.go similarity index 79% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/volcengine/volcengine.go rename to pkg/core/ssl-applicator/acme-dns01/providers/volcengine/volcengine.go index e0a1ae91..59134406 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/volcengine/volcengine.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/volcengine/volcengine.go @@ -1,10 +1,12 @@ package volcengine import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/volcengine" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := volcengine.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/westcn/westcn.go b/pkg/core/ssl-applicator/acme-dns01/providers/westcn/westcn.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/westcn/westcn.go rename to pkg/core/ssl-applicator/acme-dns01/providers/westcn/westcn.go index f79c5a8c..c40c7f75 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/westcn/westcn.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/westcn/westcn.go @@ -1,10 +1,12 @@ package westcn import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/westcn" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := westcn.NewDefaultConfig() diff --git a/pkg/core/ssl-deployer/providers/1panel-console/1panel_console.go b/pkg/core/ssl-deployer/providers/1panel-console/1panel_console.go new file mode 100644 index 00000000..991dc531 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/1panel-console/1panel_console.go @@ -0,0 +1,136 @@ +package onepanelconsole + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "log/slog" + "strconv" + + "github.com/certimate-go/certimate/pkg/core" + onepanelsdk "github.com/certimate-go/certimate/pkg/sdk3rd/1panel" + onepanelsdkv2 "github.com/certimate-go/certimate/pkg/sdk3rd/1panel/v2" +) + +type SSLDeployerProviderConfig struct { + // 1Panel 服务地址。 + ServerUrl string `json:"serverUrl"` + // 1Panel 版本。 + // 可取值 "v1"、"v2"。 + ApiVersion string `json:"apiVersion"` + // 1Panel 接口密钥。 + ApiKey string `json:"apiKey"` + // 是否允许不安全的连接。 + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` + // 是否自动重启。 + AutoRestart bool `json:"autoRestart"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient any +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ServerUrl, config.ApiVersion, config.ApiKey, config.AllowInsecureConnections) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 设置面板 SSL 证书 + switch sdkClient := d.sdkClient.(type) { + case *onepanelsdk.Client: + { + updateSettingsSSLReq := &onepanelsdk.UpdateSettingsSSLRequest{ + Cert: certPEM, + Key: privkeyPEM, + SSL: "enable", + SSLType: "import-paste", + AutoRestart: strconv.FormatBool(d.config.AutoRestart), + } + updateSystemSSLResp, err := sdkClient.UpdateSettingsSSL(updateSettingsSSLReq) + d.logger.Debug("sdk request '1panel.UpdateSettingsSSL'", slog.Any("request", updateSettingsSSLReq), slog.Any("response", updateSystemSSLResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request '1panel.UpdateSettingsSSL': %w", err) + } + } + + case *onepanelsdkv2.Client: + { + updateCoreSettingsSSLReq := &onepanelsdkv2.UpdateCoreSettingsSSLRequest{ + Cert: certPEM, + Key: privkeyPEM, + SSL: "Enable", + SSLType: "import-paste", + AutoRestart: strconv.FormatBool(d.config.AutoRestart), + } + updateCoreSystemSSLResp, err := sdkClient.UpdateCoreSettingsSSL(updateCoreSettingsSSLReq) + d.logger.Debug("sdk request '1panel.UpdateCoreSettingsSSL'", slog.Any("request", updateCoreSettingsSSLReq), slog.Any("response", updateCoreSystemSSLResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request '1panel.UpdateCoreSettingsSSL': %w", err) + } + } + + default: + panic("sdk client is not implemented") + } + + return &core.SSLDeployResult{}, nil +} + +const ( + sdkVersionV1 = "v1" + sdkVersionV2 = "v2" +) + +func createSDKClient(serverUrl, apiVersion, apiKey string, skipTlsVerify bool) (any, error) { + if apiVersion == sdkVersionV1 { + client, err := onepanelsdk.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil + } else if apiVersion == sdkVersionV2 { + client, err := onepanelsdkv2.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil + } + + return nil, fmt.Errorf("invalid 1panel api version") +} diff --git a/internal/pkg/core/deployer/providers/1panel-console/1panel_console_test.go b/pkg/core/ssl-deployer/providers/1panel-console/1panel_console_test.go similarity index 72% rename from internal/pkg/core/deployer/providers/1panel-console/1panel_console_test.go rename to pkg/core/ssl-deployer/providers/1panel-console/1panel_console_test.go index 0feae021..7119a81e 100644 --- a/internal/pkg/core/deployer/providers/1panel-console/1panel_console_test.go +++ b/pkg/core/ssl-deployer/providers/1panel-console/1panel_console_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/1panel-console" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/1panel-console" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_1PANELCONSOLE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_1PANELCONSOLE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./1panel_console_test.go -args \ - --CERTIMATE_DEPLOYER_1PANELCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_1PANELCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_1PANELCONSOLE_SERVERURL="http://127.0.0.1:20410" \ - --CERTIMATE_DEPLOYER_1PANELCONSOLE_APIVERSION="v1" \ - --CERTIMATE_DEPLOYER_1PANELCONSOLE_APIKEY="your-api-key" + --CERTIMATE_SSLDEPLOYER_1PANELCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_1PANELCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_1PANELCONSOLE_SERVERURL="http://127.0.0.1:20410" \ + --CERTIMATE_SSLDEPLOYER_1PANELCONSOLE_APIVERSION="v1" \ + --CERTIMATE_SSLDEPLOYER_1PANELCONSOLE_APIKEY="your-api-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("APIKEY: %v", fApiKey), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiVersion: fApiVersion, ApiKey: fApiKey, diff --git a/pkg/core/ssl-deployer/providers/1panel-site/1panel_site.go b/pkg/core/ssl-deployer/providers/1panel-site/1panel_site.go new file mode 100644 index 00000000..985809d7 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/1panel-site/1panel_site.go @@ -0,0 +1,273 @@ +package onepanelsite + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "log/slog" + "strconv" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/1panel-ssl" + onepanelsdk "github.com/certimate-go/certimate/pkg/sdk3rd/1panel" + onepanelsdkv2 "github.com/certimate-go/certimate/pkg/sdk3rd/1panel/v2" +) + +type SSLDeployerProviderConfig struct { + // 1Panel 服务地址。 + ServerUrl string `json:"serverUrl"` + // 1Panel 版本。 + // 可取值 "v1"、"v2"。 + ApiVersion string `json:"apiVersion"` + // 1Panel 接口密钥。 + ApiKey string `json:"apiKey"` + // 是否允许不安全的连接。 + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` + // 部署资源类型。 + ResourceType ResourceType `json:"resourceType"` + // 网站 ID。 + // 部署资源类型为 [RESOURCE_TYPE_WEBSITE] 时必填。 + WebsiteId int64 `json:"websiteId,omitempty"` + // 证书 ID。 + // 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时必填。 + CertificateId int64 `json:"certificateId,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient any + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ServerUrl, config.ApiVersion, config.ApiKey, config.AllowInsecureConnections) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + ServerUrl: config.ServerUrl, + ApiVersion: config.ApiVersion, + ApiKey: config.ApiKey, + AllowInsecureConnections: config.AllowInsecureConnections, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 根据部署资源类型决定部署方式 + switch d.config.ResourceType { + case RESOURCE_TYPE_WEBSITE: + if err := d.deployToWebsite(ctx, certPEM, privkeyPEM); err != nil { + return nil, err + } + + case RESOURCE_TYPE_CERTIFICATE: + if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil { + return nil, err + } + + default: + return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) + } + + return &core.SSLDeployResult{}, nil +} + +func (d *SSLDeployerProvider) deployToWebsite(ctx context.Context, certPEM string, privkeyPEM string) error { + if d.config.WebsiteId == 0 { + return errors.New("config `websiteId` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + switch sdkClient := d.sdkClient.(type) { + case *onepanelsdk.Client: + { + // 获取网站 HTTPS 配置 + getHttpsConfResp, err := sdkClient.GetHttpsConf(d.config.WebsiteId) + d.logger.Debug("sdk request '1panel.GetHttpsConf'", slog.Int64("websiteId", d.config.WebsiteId), slog.Any("response", getHttpsConfResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request '1panel.GetHttpsConf': %w", err) + } + + // 修改网站 HTTPS 配置 + certId, _ := strconv.ParseInt(upres.CertId, 10, 64) + updateHttpsConfReq := &onepanelsdk.UpdateHttpsConfRequest{ + WebsiteID: d.config.WebsiteId, + Type: "existed", + WebsiteSSLID: certId, + Enable: getHttpsConfResp.Data.Enable, + HttpConfig: getHttpsConfResp.Data.HttpConfig, + SSLProtocol: getHttpsConfResp.Data.SSLProtocol, + Algorithm: getHttpsConfResp.Data.Algorithm, + Hsts: getHttpsConfResp.Data.Hsts, + } + updateHttpsConfResp, err := sdkClient.UpdateHttpsConf(d.config.WebsiteId, updateHttpsConfReq) + d.logger.Debug("sdk request '1panel.UpdateHttpsConf'", slog.Int64("websiteId", d.config.WebsiteId), slog.Any("request", updateHttpsConfReq), slog.Any("response", updateHttpsConfResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request '1panel.UpdateHttpsConf': %w", err) + } + } + + case *onepanelsdkv2.Client: + { + // 获取网站 HTTPS 配置 + getHttpsConfResp, err := sdkClient.GetHttpsConf(d.config.WebsiteId) + d.logger.Debug("sdk request '1panel.GetHttpsConf'", slog.Int64("websiteId", d.config.WebsiteId), slog.Any("response", getHttpsConfResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request '1panel.GetHttpsConf': %w", err) + } + + // 修改网站 HTTPS 配置 + certId, _ := strconv.ParseInt(upres.CertId, 10, 64) + updateHttpsConfReq := &onepanelsdkv2.UpdateHttpsConfRequest{ + WebsiteID: d.config.WebsiteId, + Type: "existed", + WebsiteSSLID: certId, + Enable: getHttpsConfResp.Data.Enable, + HttpConfig: getHttpsConfResp.Data.HttpConfig, + SSLProtocol: getHttpsConfResp.Data.SSLProtocol, + Algorithm: getHttpsConfResp.Data.Algorithm, + Hsts: getHttpsConfResp.Data.Hsts, + } + updateHttpsConfResp, err := sdkClient.UpdateHttpsConf(d.config.WebsiteId, updateHttpsConfReq) + d.logger.Debug("sdk request '1panel.UpdateHttpsConf'", slog.Int64("websiteId", d.config.WebsiteId), slog.Any("request", updateHttpsConfReq), slog.Any("response", updateHttpsConfResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request '1panel.UpdateHttpsConf': %w", err) + } + } + + default: + panic("sdk client is not implemented") + } + + return nil +} + +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { + if d.config.CertificateId == 0 { + return errors.New("config `certificateId` is required") + } + + switch sdkClient := d.sdkClient.(type) { + case *onepanelsdk.Client: + { + // 获取证书详情 + getWebsiteSSLResp, err := sdkClient.GetWebsiteSSL(d.config.CertificateId) + d.logger.Debug("sdk request '1panel.GetWebsiteSSL'", slog.Any("sslId", d.config.CertificateId), slog.Any("response", getWebsiteSSLResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request '1panel.GetWebsiteSSL': %w", err) + } + + // 更新证书 + uploadWebsiteSSLReq := &onepanelsdk.UploadWebsiteSSLRequest{ + SSLID: d.config.CertificateId, + Type: "paste", + Description: getWebsiteSSLResp.Data.Description, + Certificate: certPEM, + PrivateKey: privkeyPEM, + } + uploadWebsiteSSLResp, err := sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq) + d.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err) + } + } + + case *onepanelsdkv2.Client: + { + // 获取证书详情 + getWebsiteSSLResp, err := sdkClient.GetWebsiteSSL(d.config.CertificateId) + d.logger.Debug("sdk request '1panel.GetWebsiteSSL'", slog.Any("sslId", d.config.CertificateId), slog.Any("response", getWebsiteSSLResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request '1panel.GetWebsiteSSL': %w", err) + } + + // 更新证书 + uploadWebsiteSSLReq := &onepanelsdkv2.UploadWebsiteSSLRequest{ + SSLID: d.config.CertificateId, + Type: "paste", + Description: getWebsiteSSLResp.Data.Description, + Certificate: certPEM, + PrivateKey: privkeyPEM, + } + uploadWebsiteSSLResp, err := sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq) + d.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err) + } + } + + default: + panic("sdk client is not implemented") + } + + return nil +} + +const ( + sdkVersionV1 = "v1" + sdkVersionV2 = "v2" +) + +func createSDKClient(serverUrl, apiVersion, apiKey string, skipTlsVerify bool) (any, error) { + if apiVersion == sdkVersionV1 { + client, err := onepanelsdk.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil + } else if apiVersion == sdkVersionV2 { + client, err := onepanelsdkv2.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil + } + + return nil, fmt.Errorf("invalid 1panel api version") +} diff --git a/internal/pkg/core/deployer/providers/1panel-site/1panel_site_test.go b/pkg/core/ssl-deployer/providers/1panel-site/1panel_site_test.go similarity index 73% rename from internal/pkg/core/deployer/providers/1panel-site/1panel_site_test.go rename to pkg/core/ssl-deployer/providers/1panel-site/1panel_site_test.go index 91b1ebb0..572e23f6 100644 --- a/internal/pkg/core/deployer/providers/1panel-site/1panel_site_test.go +++ b/pkg/core/ssl-deployer/providers/1panel-site/1panel_site_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/1panel-site" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/1panel-site" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_1PANELSITE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_1PANELSITE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./1panel_site_test.go -args \ - --CERTIMATE_DEPLOYER_1PANELSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_1PANELSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_1PANELSITE_SERVERURL="http://127.0.0.1:20410" \ - --CERTIMATE_DEPLOYER_1PANELSITE_APIVERSION="v1" \ - --CERTIMATE_DEPLOYER_1PANELSITE_APIKEY="your-api-key" \ - --CERTIMATE_DEPLOYER_1PANELSITE_WEBSITEID="your-website-id" + --CERTIMATE_SSLDEPLOYER_1PANELSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_1PANELSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_1PANELSITE_SERVERURL="http://127.0.0.1:20410" \ + --CERTIMATE_SSLDEPLOYER_1PANELSITE_APIVERSION="v1" \ + --CERTIMATE_SSLDEPLOYER_1PANELSITE_APIKEY="your-api-key" \ + --CERTIMATE_SSLDEPLOYER_1PANELSITE_WEBSITEID="your-website-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("WEBSITEID: %v", fWebsiteId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiVersion: fApiVersion, ApiKey: fApiKey, diff --git a/internal/pkg/core/deployer/providers/1panel-site/consts.go b/pkg/core/ssl-deployer/providers/1panel-site/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/1panel-site/consts.go rename to pkg/core/ssl-deployer/providers/1panel-site/consts.go diff --git a/internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb.go b/pkg/core/ssl-deployer/providers/aliyun-alb/aliyun_alb.go similarity index 88% rename from internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb.go rename to pkg/core/ssl-deployer/providers/aliyun-alb/aliyun_alb.go index 0f22091a..ac7bc70e 100644 --- a/internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb.go +++ b/pkg/core/ssl-deployer/providers/aliyun-alb/aliyun_alb.go @@ -15,12 +15,11 @@ import ( "github.com/alibabacloud-go/tea/tea" "golang.org/x/exp/slices" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -42,56 +41,56 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClients *wSdkClients - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClients *wSDKClients + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -type wSdkClients struct { +type wSDKClients struct { ALB *alialb.Client CAS *alicas.Client } -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - clients, err := createSdkClients(config.AccessKeyId, config.AccessKeySecret, config.Region) + clients, err := createSDKClients(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk clients: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClients: clients, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClients: clients, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -114,10 +113,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -231,7 +230,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.ListenerId == "" { return errors.New("config `listenerId` is required") } @@ -244,7 +243,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { // 查询监听的属性 // REF: https://help.aliyun.com/zh/slb/application-load-balancer/developer-reference/api-alb-2020-06-16-getlistenerattribute getListenerAttributeReq := &alialb.GetListenerAttributeRequest{ @@ -421,7 +420,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClients(accessKeyId, accessKeySecret, region string) (*wSdkClients, error) { +func createSDKClients(accessKeyId, accessKeySecret, region string) (*wSDKClients, error) { // 接入点一览 https://api.aliyun.com/product/Alb var albEndpoint string switch region { @@ -459,13 +458,13 @@ func createSdkClients(accessKeyId, accessKeySecret, region string) (*wSdkClients return nil, err } - return &wSdkClients{ + return &wSDKClients{ ALB: albClient, CAS: casClient, }, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region string) (uploader.Uploader, error) { +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) { casRegion := region if casRegion != "" { // 阿里云 CAS 服务接入点是独立于 ALB 服务的 @@ -478,11 +477,11 @@ func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region str } } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: casRegion, }) - return uploader, err + return sslmgr, err } diff --git a/internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb_test.go b/pkg/core/ssl-deployer/providers/aliyun-alb/aliyun_alb_test.go similarity index 77% rename from internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb_test.go rename to pkg/core/ssl-deployer/providers/aliyun-alb/aliyun_alb_test.go index 11d5b565..6e6f37aa 100644 --- a/internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-alb/aliyun_alb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-alb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-alb" ) var ( @@ -23,7 +23,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNALB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNALB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -39,14 +39,14 @@ func init() { Shell command to run this test: go test -v ./aliyun_alb_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNALB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNALB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNALB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNALB_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNALB_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNALB_LOADBALANCERID="your-alb-instance-id" \ - --CERTIMATE_DEPLOYER_ALIYUNALB_LISTENERID="your-alb-listener-id" \ - --CERTIMATE_DEPLOYER_ALIYUNALB_DOMAIN="your-alb-sni-domain" + --CERTIMATE_SSLDEPLOYER_ALIYUNALB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNALB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNALB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNALB_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNALB_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNALB_LOADBALANCERID="your-alb-instance-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNALB_LISTENERID="your-alb-listener-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNALB_DOMAIN="your-alb-sni-domain" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -63,7 +63,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, @@ -99,7 +99,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-alb/consts.go b/pkg/core/ssl-deployer/providers/aliyun-alb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/aliyun-alb/consts.go rename to pkg/core/ssl-deployer/providers/aliyun-alb/consts.go diff --git a/internal/pkg/core/deployer/providers/aliyun-apigw/aliyun_apigw.go b/pkg/core/ssl-deployer/providers/aliyun-apigw/aliyun_apigw.go similarity index 79% rename from internal/pkg/core/deployer/providers/aliyun-apigw/aliyun_apigw.go rename to pkg/core/ssl-deployer/providers/aliyun-apigw/aliyun_apigw.go index 12f0f3d7..c9a2b61f 100644 --- a/internal/pkg/core/deployer/providers/aliyun-apigw/aliyun_apigw.go +++ b/pkg/core/ssl-deployer/providers/aliyun-apigw/aliyun_apigw.go @@ -13,13 +13,12 @@ import ( aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -40,53 +39,52 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClients *wSdkClients - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClients *wSDKClients + sslManager core.SSLManager } -type wSdkClients struct { +type wSDKClients struct { CloudNativeAPIGateway *aliapig.Client TraditionalAPIGateway *alicloudapi.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - clients, err := createSdkClients(config.AccessKeyId, config.AccessKeySecret, config.Region) + clients, err := createSDKClients(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk clients: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClients: clients, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClients: clients, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { switch d.config.ServiceType { case SERVICE_TYPE_TRADITIONAL: if err := d.deployToTraditional(ctx, certPEM, privkeyPEM); err != nil { @@ -102,10 +100,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported service type '%s'", string(d.config.ServiceType)) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToTraditional(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToTraditional(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.GroupId == "" { return errors.New("config `groupId` is required") } @@ -131,7 +129,7 @@ func (d *DeployerProvider) deployToTraditional(ctx context.Context, certPEM stri return nil } -func (d *DeployerProvider) deployToCloudNative(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToCloudNative(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.GatewayId == "" { return errors.New("config `gatewayId` is required") } @@ -152,7 +150,7 @@ func (d *DeployerProvider) deployToCloudNative(ctx context.Context, certPEM stri } listDomainsReq := &aliapig.ListDomainsRequest{ - ResourceGroupId: typeutil.ToPtrOrZeroNil(d.config.ResourceGroupId), + ResourceGroupId: xtypes.ToPtrOrZeroNil(d.config.ResourceGroupId), GatewayId: tea.String(d.config.GatewayId), NameLike: tea.String(d.config.Domain), PageNumber: tea.Int32(listDomainsPageNumber), @@ -196,8 +194,8 @@ func (d *DeployerProvider) deployToCloudNative(ctx context.Context, certPEM stri return fmt.Errorf("failed to execute sdk request 'apig.GetDomain': %w", err) } - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -225,7 +223,7 @@ func (d *DeployerProvider) deployToCloudNative(ctx context.Context, certPEM stri return nil } -func createSdkClients(accessKeyId, accessKeySecret, region string) (*wSdkClients, error) { +func createSDKClients(accessKeyId, accessKeySecret, region string) (*wSDKClients, error) { // 接入点一览 https://api.aliyun.com/product/APIG cloudNativeAPIGEndpoint := strings.ReplaceAll(fmt.Sprintf("apig.%s.aliyuncs.com", region), "..", ".") cloudNativeAPIGConfig := &aliopen.Config{ @@ -250,13 +248,13 @@ func createSdkClients(accessKeyId, accessKeySecret, region string) (*wSdkClients return nil, err } - return &wSdkClients{ + return &wSDKClients{ CloudNativeAPIGateway: cloudNativeAPIGClient, TraditionalAPIGateway: traditionalAPIGClient, }, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region string) (uploader.Uploader, error) { +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) { casRegion := region if casRegion != "" { // 阿里云 CAS 服务接入点是独立于 APIGateway 服务的 @@ -269,11 +267,11 @@ func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region str } } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: casRegion, }) - return uploader, err + return sslmgr, err } diff --git a/internal/pkg/core/deployer/providers/aliyun-apigw/aliyun_apigw_test.go b/pkg/core/ssl-deployer/providers/aliyun-apigw/aliyun_apigw_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-apigw/aliyun_apigw_test.go rename to pkg/core/ssl-deployer/providers/aliyun-apigw/aliyun_apigw_test.go index 7807a927..62d437c6 100644 --- a/internal/pkg/core/deployer/providers/aliyun-apigw/aliyun_apigw_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-apigw/aliyun_apigw_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-apigw" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-apigw" ) var ( @@ -24,7 +24,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNAPIGW_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -41,15 +41,15 @@ func init() { Shell command to run this test: go test -v ./aliyun_apigw_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_GATEWAYID="your-api-gateway-id" \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_GROUPID="your-api-group-id" \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_SERVICETYPE="cloudnative" \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_GATEWAYID="your-api-gateway-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_GROUPID="your-api-group-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_SERVICETYPE="cloudnative" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -68,7 +68,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-apigw/consts.go b/pkg/core/ssl-deployer/providers/aliyun-apigw/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/aliyun-apigw/consts.go rename to pkg/core/ssl-deployer/providers/aliyun-apigw/consts.go diff --git a/internal/pkg/core/deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go b/pkg/core/ssl-deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go similarity index 75% rename from internal/pkg/core/deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go rename to pkg/core/ssl-deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go index cfcdaa18..6fa587bc 100644 --- a/internal/pkg/core/deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go +++ b/pkg/core/ssl-deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go @@ -12,12 +12,11 @@ import ( aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -33,55 +32,55 @@ type DeployerConfig struct { ContactIds []string `json:"contactIds"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *alicas.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *alicas.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if len(d.config.ResourceIds) == 0 { return nil, errors.New("config `resourceIds` is required") } - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -152,10 +151,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE time.Sleep(time.Second * 5) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*alicas.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*alicas.Client, error) { // 接入点一览 https://api.aliyun.com/product/cas var endpoint string switch region { @@ -179,7 +178,7 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*alicas.Clien return client, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region string) (uploader.Uploader, error) { +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) { casRegion := region if casRegion != "" { // 阿里云 CAS 服务接入点是独立于其他服务的 @@ -192,11 +191,11 @@ func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region str } } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: casRegion, }) - return uploader, err + return sslmgr, err } diff --git a/pkg/core/ssl-deployer/providers/aliyun-cas/aliyun_cas.go b/pkg/core/ssl-deployer/providers/aliyun-cas/aliyun_cas.go new file mode 100644 index 00000000..a95272d4 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/aliyun-cas/aliyun_cas.go @@ -0,0 +1,74 @@ +package aliyuncas + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas" +) + +type SSLDeployerProviderConfig struct { + // 阿里云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 阿里云 AccessKeySecret。 + AccessKeySecret string `json:"accessKeySecret"` + // 阿里云资源组 ID。 + ResourceGroupId string `json:"resourceGroupId,omitempty"` + // 阿里云地域。 + Region string `json:"region"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + AccessKeySecret: config.AccessKeySecret, + ResourceGroupId: config.ResourceGroupId, + Region: config.Region, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + return &core.SSLDeployResult{}, nil +} diff --git a/internal/pkg/core/deployer/providers/aliyun-cdn/aliyun_cdn.go b/pkg/core/ssl-deployer/providers/aliyun-cdn/aliyun_cdn.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-cdn/aliyun_cdn.go rename to pkg/core/ssl-deployer/providers/aliyun-cdn/aliyun_cdn.go index 96dd211f..a59924d7 100644 --- a/internal/pkg/core/deployer/providers/aliyun-cdn/aliyun_cdn.go +++ b/pkg/core/ssl-deployer/providers/aliyun-cdn/aliyun_cdn.go @@ -2,6 +2,7 @@ package aliyuncdn import ( "context" + "errors" "fmt" "log/slog" "strings" @@ -10,11 +11,10 @@ import ( alicdn "github.com/alibabacloud-go/cdn-20180510/v5/client" aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client" "github.com/alibabacloud-go/tea/tea" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" + "github.com/certimate-go/certimate/pkg/core" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -25,41 +25,40 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *alicdn.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // "*.example.com" → ".example.com",适配阿里云 CDN 要求的泛域名格式 domain := strings.TrimPrefix(d.config.Domain, "*") @@ -79,10 +78,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cdn.SetCdnDomainSSLCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*alicdn.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret string) (*alicdn.Client, error) { config := &aliopen.Config{ AccessKeyId: tea.String(accessKeyId), AccessKeySecret: tea.String(accessKeySecret), diff --git a/internal/pkg/core/deployer/providers/aliyun-cdn/aliyun_cdn_test.go b/pkg/core/ssl-deployer/providers/aliyun-cdn/aliyun_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-cdn/aliyun_cdn_test.go rename to pkg/core/ssl-deployer/providers/aliyun-cdn/aliyun_cdn_test.go index b07611da..271edc3d 100644 --- a/internal/pkg/core/deployer/providers/aliyun-cdn/aliyun_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-cdn/aliyun_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./aliyun_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNCDN_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_ALIYUNCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCDN_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb.go b/pkg/core/ssl-deployer/providers/aliyun-clb/aliyun_clb.go similarity index 83% rename from internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb.go rename to pkg/core/ssl-deployer/providers/aliyun-clb/aliyun_clb.go index 1722e4fd..b0abdcaf 100644 --- a/internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb.go +++ b/pkg/core/ssl-deployer/providers/aliyun-clb/aliyun_clb.go @@ -10,12 +10,11 @@ import ( alislb "github.com/alibabacloud-go/slb-20140515/v4/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-slb" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-slb" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -37,51 +36,51 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *alislb.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *alislb.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SLB - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -104,10 +103,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -188,7 +187,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -204,7 +203,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudListenerPort int32, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudListenerPort int32, cloudCertId string) error { // 查询监听配置 // REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-describeloadbalancerhttpslistenerattribute describeLoadBalancerHTTPSListenerAttributeReq := &alislb.DescribeLoadBalancerHTTPSListenerAttributeRequest{ @@ -281,7 +280,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*alislb.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*alislb.Client, error) { // 接入点一览 https://api.aliyun.com/product/Slb var endpoint string switch region { @@ -309,12 +308,12 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*alislb.Clien return client, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region string) (uploader.Uploader, error) { - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) { + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: region, }) - return uploader, err + return sslmgr, err } diff --git a/internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb_test.go b/pkg/core/ssl-deployer/providers/aliyun-clb/aliyun_clb_test.go similarity index 77% rename from internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb_test.go rename to pkg/core/ssl-deployer/providers/aliyun-clb/aliyun_clb_test.go index dfa46173..3477cf36 100644 --- a/internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-clb/aliyun_clb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-clb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-clb" ) var ( @@ -23,7 +23,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNCLB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNCLB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -39,14 +39,14 @@ func init() { Shell command to run this test: go test -v ./aliyun_clb_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNCLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNCLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNCLB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNCLB_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNCLB_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNCLB_LOADBALANCERID="your-clb-instance-id" \ - --CERTIMATE_DEPLOYER_ALIYUNCLB_LISTENERPORT=443 \ - --CERTIMATE_DEPLOYER_ALIYUNCLB_DOMAIN="your-clb-sni-domain" + --CERTIMATE_SSLDEPLOYER_ALIYUNCLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCLB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCLB_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCLB_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCLB_LOADBALANCERID="your-clb-instance-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCLB_LISTENERPORT=443 \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCLB_DOMAIN="your-clb-sni-domain" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -63,7 +63,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, @@ -99,7 +99,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LISTENERPORT: %v", fListenerPort), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-clb/consts.go b/pkg/core/ssl-deployer/providers/aliyun-clb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/aliyun-clb/consts.go rename to pkg/core/ssl-deployer/providers/aliyun-clb/consts.go diff --git a/internal/pkg/core/deployer/providers/aliyun-dcdn/aliyun_dcdn.go b/pkg/core/ssl-deployer/providers/aliyun-dcdn/aliyun_dcdn.go similarity index 70% rename from internal/pkg/core/deployer/providers/aliyun-dcdn/aliyun_dcdn.go rename to pkg/core/ssl-deployer/providers/aliyun-dcdn/aliyun_dcdn.go index a5109163..6118828f 100644 --- a/internal/pkg/core/deployer/providers/aliyun-dcdn/aliyun_dcdn.go +++ b/pkg/core/ssl-deployer/providers/aliyun-dcdn/aliyun_dcdn.go @@ -2,6 +2,7 @@ package aliyundcdn import ( "context" + "errors" "fmt" "log/slog" "strings" @@ -10,11 +11,10 @@ import ( aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client" alidcdn "github.com/alibabacloud-go/dcdn-20180115/v3/client" "github.com/alibabacloud-go/tea/tea" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" + "github.com/certimate-go/certimate/pkg/core" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -25,41 +25,44 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *alidcdn.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + // "*.example.com" → ".example.com",适配阿里云 DCDN 要求的泛域名格式 domain := strings.TrimPrefix(d.config.Domain, "*") @@ -79,10 +82,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'dcdn.SetDcdnDomainSSLCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*alidcdn.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret string) (*alidcdn.Client, error) { config := &aliopen.Config{ AccessKeyId: tea.String(accessKeyId), AccessKeySecret: tea.String(accessKeySecret), diff --git a/internal/pkg/core/deployer/providers/aliyun-dcdn/aliyun_dcdn_test.go b/pkg/core/ssl-deployer/providers/aliyun-dcdn/aliyun_dcdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-dcdn/aliyun_dcdn_test.go rename to pkg/core/ssl-deployer/providers/aliyun-dcdn/aliyun_dcdn_test.go index deb489c6..33c213c5 100644 --- a/internal/pkg/core/deployer/providers/aliyun-dcdn/aliyun_dcdn_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-dcdn/aliyun_dcdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-dcdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-dcdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./aliyun_dcdn_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNDCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNDCDN_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNDCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_ALIYUNDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDCDN_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/aliyun-ddos/aliyun_ddos.go b/pkg/core/ssl-deployer/providers/aliyun-ddos/aliyun_ddos.go similarity index 62% rename from internal/pkg/core/deployer/providers/aliyun-ddos/aliyun_ddos.go rename to pkg/core/ssl-deployer/providers/aliyun-ddos/aliyun_ddos.go index f0bd3476..1e5ed9ab 100644 --- a/internal/pkg/core/deployer/providers/aliyun-ddos/aliyun_ddos.go +++ b/pkg/core/ssl-deployer/providers/aliyun-ddos/aliyun_ddos.go @@ -12,12 +12,11 @@ import ( aliddos "github.com/alibabacloud-go/ddoscoo-20200101/v4/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-slb" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-slb" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -30,55 +29,55 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *aliddos.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *aliddos.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Domain == "" { return nil, errors.New("config `domain` is required") } - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -98,10 +97,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'dcdn.AssociateWebCert': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliddos.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*aliddos.Client, error) { // 接入点一览 https://api.aliyun.com/product/ddoscoo config := &aliopen.Config{ AccessKeyId: tea.String(accessKeyId), @@ -117,7 +116,7 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliddos.Clie return client, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region string) (uploader.Uploader, error) { +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) { casRegion := region if casRegion != "" { // 阿里云 CAS 服务接入点是独立于 Anti-DDoS 服务的 @@ -130,11 +129,11 @@ func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region str } } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: casRegion, }) - return uploader, err + return sslmgr, err } diff --git a/internal/pkg/core/deployer/providers/aliyun-ddos/aliyun_ddos_test.go b/pkg/core/ssl-deployer/providers/aliyun-ddos/aliyun_ddos_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-ddos/aliyun_ddos_test.go rename to pkg/core/ssl-deployer/providers/aliyun-ddos/aliyun_ddos_test.go index b7f5ad34..180b2ad2 100644 --- a/internal/pkg/core/deployer/providers/aliyun-ddos/aliyun_ddos_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-ddos/aliyun_ddos_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-ddos" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-ddos" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNDDOS_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNDDOS_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./aliyun_ddos_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNDDOS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNDDOS_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNDDOS_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNDDOS_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNDDOS_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNDDOS_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_ALIYUNDDOS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDDOS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDDOS_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDDOS_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDDOS_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDDOS_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa.go b/pkg/core/ssl-deployer/providers/aliyun-esa/aliyun_esa.go similarity index 61% rename from internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa.go rename to pkg/core/ssl-deployer/providers/aliyun-esa/aliyun_esa.go index e4906fb5..e3bb0374 100644 --- a/internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa.go +++ b/pkg/core/ssl-deployer/providers/aliyun-esa/aliyun_esa.go @@ -12,12 +12,11 @@ import ( aliesa "github.com/alibabacloud-go/esa-20240910/v2/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -30,55 +29,55 @@ type DeployerConfig struct { SiteId int64 `json:"siteId"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *aliesa.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *aliesa.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.SiteId == 0 { return nil, errors.New("config `siteId` is required") } - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -99,10 +98,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'esa.SetCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliesa.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*aliesa.Client, error) { // 接入点一览 https://api.aliyun.com/product/ESA config := &aliopen.Config{ AccessKeyId: tea.String(accessKeyId), @@ -118,7 +117,7 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliesa.Clien return client, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region string) (uploader.Uploader, error) { +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) { casRegion := region if casRegion != "" { // 阿里云 CAS 服务接入点是独立于 ESA 服务的 @@ -131,11 +130,11 @@ func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region str } } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: casRegion, }) - return uploader, err + return sslmgr, err } diff --git a/internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa_test.go b/pkg/core/ssl-deployer/providers/aliyun-esa/aliyun_esa_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa_test.go rename to pkg/core/ssl-deployer/providers/aliyun-esa/aliyun_esa_test.go index 0b66d2fb..fd15320b 100644 --- a/internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-esa/aliyun_esa_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-esa" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-esa" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNESA_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNESA_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./aliyun_esa_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNESA_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNESA_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNESA_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNESA_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNESA_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNESA_SITEID="your-esa-site-id" + --CERTIMATE_SSLDEPLOYER_ALIYUNESA_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNESA_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNESA_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNESA_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNESA_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNESA_SITEID="your-esa-site-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SITEID: %v", fSiteId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc.go b/pkg/core/ssl-deployer/providers/aliyun-fc/aliyun_fc.go similarity index 80% rename from internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc.go rename to pkg/core/ssl-deployer/providers/aliyun-fc/aliyun_fc.go index 1ff046c3..4a5d2a16 100644 --- a/internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc.go +++ b/pkg/core/ssl-deployer/providers/aliyun-fc/aliyun_fc.go @@ -2,6 +2,7 @@ package aliyunfc import ( "context" + "errors" "fmt" "log/slog" "strings" @@ -11,11 +12,10 @@ import ( alifc3 "github.com/alibabacloud-go/fc-20230330/v4/client" alifc2 "github.com/alibabacloud-go/fc-open-20210406/v2/client" "github.com/alibabacloud-go/tea/tea" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" + "github.com/certimate-go/certimate/pkg/core" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -31,46 +31,45 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger - sdkClients *wSdkClients + sdkClients *wSDKClients } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -type wSdkClients struct { +type wSDKClients struct { FC2 *alifc2.Client FC3 *alifc3.Client } -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - clients, err := createSdkClients(config.AccessKeyId, config.AccessKeySecret, config.Region) + clients, err := createSDKClients(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk clients: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClients: clients, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { switch d.config.ServiceVersion { case "3", "3.0": if err := d.deployToFC3(ctx, certPEM, privkeyPEM); err != nil { @@ -86,10 +85,14 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported service version '%s'", d.config.ServiceVersion) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToFC3(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToFC3(ctx context.Context, certPEM string, privkeyPEM string) error { + if d.config.Domain == "" { + return errors.New("config `domain` is required") + } + // 获取自定义域名 // REF: https://help.aliyun.com/zh/functioncompute/fc-3-0/developer-reference/api-fc-2023-03-30-getcustomdomain getCustomDomainResp, err := d.sdkClients.FC3.GetCustomDomain(tea.String(d.config.Domain)) @@ -123,7 +126,11 @@ func (d *DeployerProvider) deployToFC3(ctx context.Context, certPEM string, priv return nil } -func (d *DeployerProvider) deployToFC2(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToFC2(ctx context.Context, certPEM string, privkeyPEM string) error { + if d.config.Domain == "" { + return errors.New("config `domain` is required") + } + // 获取自定义域名 // REF: https://help.aliyun.com/zh/functioncompute/fc-2-0/developer-reference/api-fc-open-2021-04-06-getcustomdomain getCustomDomainResp, err := d.sdkClients.FC2.GetCustomDomain(tea.String(d.config.Domain)) @@ -155,7 +162,7 @@ func (d *DeployerProvider) deployToFC2(ctx context.Context, certPEM string, priv return nil } -func createSdkClients(accessKeyId, accessKeySecret, region string) (*wSdkClients, error) { +func createSDKClients(accessKeyId, accessKeySecret, region string) (*wSDKClients, error) { // 接入点一览 https://api.aliyun.com/product/FC-Open var fc2Endpoint string switch region { @@ -189,7 +196,7 @@ func createSdkClients(accessKeyId, accessKeySecret, region string) (*wSdkClients return nil, err } - return &wSdkClients{ + return &wSDKClients{ FC2: fc2Client, FC3: fc3Client, }, nil diff --git a/internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc_test.go b/pkg/core/ssl-deployer/providers/aliyun-fc/aliyun_fc_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc_test.go rename to pkg/core/ssl-deployer/providers/aliyun-fc/aliyun_fc_test.go index 215ec93b..de03a75d 100644 --- a/internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-fc/aliyun_fc_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-fc" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-fc" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNFC_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNFC_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./aliyun_fc_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNFC_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNFC_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNFC_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNFC_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNFC_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNFC_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_ALIYUNFC_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNFC_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNFC_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNFC_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNFC_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNFC_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-ga/aliyun_ga.go b/pkg/core/ssl-deployer/providers/aliyun-ga/aliyun_ga.go similarity index 80% rename from internal/pkg/core/deployer/providers/aliyun-ga/aliyun_ga.go rename to pkg/core/ssl-deployer/providers/aliyun-ga/aliyun_ga.go index 66928449..6307486c 100644 --- a/internal/pkg/core/deployer/providers/aliyun-ga/aliyun_ga.go +++ b/pkg/core/ssl-deployer/providers/aliyun-ga/aliyun_ga.go @@ -11,13 +11,12 @@ import ( aliga "github.com/alibabacloud-go/ga-20191120/v3/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -36,51 +35,51 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *aliga.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *aliga.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -103,10 +102,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToAccelerator(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToAccelerator(ctx context.Context, cloudCertId string) error { if d.config.AcceleratorId == "" { return errors.New("config `acceleratorId` is required") } @@ -176,7 +175,7 @@ func (d *DeployerProvider) deployToAccelerator(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.AcceleratorId == "" { return errors.New("config `acceleratorId` is required") } @@ -192,7 +191,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudAcceleratorId string, cloudListenerId string, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudAcceleratorId string, cloudListenerId string, cloudCertId string) error { // 查询监听绑定的证书列表 // REF: https://help.aliyun.com/zh/ga/developer-reference/api-ga-2019-11-20-listlistenercertificates var listenerDefaultCertificate *aliga.ListListenerCertificatesResponseBodyCertificates @@ -201,8 +200,8 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudA for { listListenerCertificatesReq := &aliga.ListListenerCertificatesRequest{ RegionId: tea.String("cn-hangzhou"), - AcceleratorId: tea.String(d.config.AcceleratorId), - ListenerId: tea.String(d.config.ListenerId), + AcceleratorId: tea.String(cloudAcceleratorId), + ListenerId: tea.String(cloudListenerId), NextToken: listListenerCertificatesNextToken, MaxResults: tea.Int32(20), } @@ -252,14 +251,14 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudA } } else { // 指定 SNI,需部署到扩展域名 - if sliceutil.Some(listenerAdditionalCertificates, func(item *aliga.ListListenerCertificatesResponseBodyCertificates) bool { + if xslices.Some(listenerAdditionalCertificates, func(item *aliga.ListListenerCertificatesResponseBodyCertificates) bool { return tea.StringValue(item.CertificateId) == cloudCertId }) { d.logger.Info("no need to update ga listener additional certificate") return nil } - if sliceutil.Some(listenerAdditionalCertificates, func(item *aliga.ListListenerCertificatesResponseBodyCertificates) bool { + if xslices.Some(listenerAdditionalCertificates, func(item *aliga.ListListenerCertificatesResponseBodyCertificates) bool { return tea.StringValue(item.Domain) == d.config.Domain }) { // 为监听替换扩展证书 @@ -299,7 +298,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudA return nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*aliga.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret string) (*aliga.Client, error) { // 接入点一览 https://api.aliyun.com/product/Ga config := &aliopen.Config{ AccessKeyId: tea.String(accessKeyId), @@ -315,12 +314,12 @@ func createSdkClient(accessKeyId, accessKeySecret string) (*aliga.Client, error) return client, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId string) (uploader.Uploader, error) { - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId string) (core.SSLManager, error) { + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: "cn-hangzhou", }) - return uploader, err + return sslmgr, err } diff --git a/internal/pkg/core/deployer/providers/aliyun-ga/aliyun_ga_test.go b/pkg/core/ssl-deployer/providers/aliyun-ga/aliyun_ga_test.go similarity index 77% rename from internal/pkg/core/deployer/providers/aliyun-ga/aliyun_ga_test.go rename to pkg/core/ssl-deployer/providers/aliyun-ga/aliyun_ga_test.go index 611ddc41..24aefbe4 100644 --- a/internal/pkg/core/deployer/providers/aliyun-ga/aliyun_ga_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-ga/aliyun_ga_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-ga" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-ga" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNGA_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNGA_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./aliyun_ga_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNGA_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNGA_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNGA_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNGA_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNGA_ACCELERATORID="your-ga-accelerator-id" \ - --CERTIMATE_DEPLOYER_ALIYUNGA_LISTENERID="your-ga-listener-id" \ - --CERTIMATE_DEPLOYER_ALIYUNGA_DOMAIN="your-ga-sni-domain" + --CERTIMATE_SSLDEPLOYER_ALIYUNGA_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNGA_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNGA_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNGA_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNGA_ACCELERATORID="your-ga-accelerator-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNGA_LISTENERID="your-ga-listener-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNGA_DOMAIN="your-ga-sni-domain" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -59,7 +59,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, ResourceType: provider.RESOURCE_TYPE_ACCELERATOR, @@ -93,7 +93,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, ResourceType: provider.RESOURCE_TYPE_LISTENER, diff --git a/internal/pkg/core/deployer/providers/aliyun-ga/consts.go b/pkg/core/ssl-deployer/providers/aliyun-ga/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/aliyun-ga/consts.go rename to pkg/core/ssl-deployer/providers/aliyun-ga/consts.go diff --git a/internal/pkg/core/deployer/providers/aliyun-live/aliyun_live.go b/pkg/core/ssl-deployer/providers/aliyun-live/aliyun_live.go similarity index 73% rename from internal/pkg/core/deployer/providers/aliyun-live/aliyun_live.go rename to pkg/core/ssl-deployer/providers/aliyun-live/aliyun_live.go index 0fab9485..fb815575 100644 --- a/internal/pkg/core/deployer/providers/aliyun-live/aliyun_live.go +++ b/pkg/core/ssl-deployer/providers/aliyun-live/aliyun_live.go @@ -2,6 +2,7 @@ package aliyunlive import ( "context" + "errors" "fmt" "log/slog" "strings" @@ -10,11 +11,10 @@ import ( aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client" alilive "github.com/alibabacloud-go/live-20161101/client" "github.com/alibabacloud-go/tea/tea" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" + "github.com/certimate-go/certimate/pkg/core" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -27,41 +27,44 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *alilive.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + // "*.example.com" → ".example.com",适配阿里云 Live 要求的泛域名格式 domain := strings.TrimPrefix(d.config.Domain, "*") @@ -81,10 +84,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'live.SetLiveDomainCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*alilive.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*alilive.Client, error) { // 接入点一览 https://api.aliyun.com/product/live var endpoint string switch region { diff --git a/internal/pkg/core/deployer/providers/aliyun-live/aliyun_live_test.go b/pkg/core/ssl-deployer/providers/aliyun-live/aliyun_live_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-live/aliyun_live_test.go rename to pkg/core/ssl-deployer/providers/aliyun-live/aliyun_live_test.go index 46608e38..772f21b2 100644 --- a/internal/pkg/core/deployer/providers/aliyun-live/aliyun_live_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-live/aliyun_live_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-live" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-live" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNLIVE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNLIVE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./aliyun_live_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNLIVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNLIVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNLIVE_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNLIVE_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNLIVE_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNLIVE_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_ALIYUNLIVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNLIVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNLIVE_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNLIVE_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNLIVE_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNLIVE_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb.go b/pkg/core/ssl-deployer/providers/aliyun-nlb/aliyun_nlb.go similarity index 77% rename from internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb.go rename to pkg/core/ssl-deployer/providers/aliyun-nlb/aliyun_nlb.go index dd83f514..6cbe6298 100644 --- a/internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb.go +++ b/pkg/core/ssl-deployer/providers/aliyun-nlb/aliyun_nlb.go @@ -11,12 +11,11 @@ import ( alinlb "github.com/alibabacloud-go/nlb-20220430/v2/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -35,51 +34,51 @@ type DeployerConfig struct { ListenerId string `json:"listenerId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *alinlb.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *alinlb.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -102,10 +101,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -184,7 +183,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.ListenerId == "" { return errors.New("config `listenerId` is required") } @@ -197,7 +196,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { // 查询监听的属性 // REF: https://help.aliyun.com/zh/slb/network-load-balancer/developer-reference/api-nlb-2022-04-30-getlistenerattribute getListenerAttributeReq := &alinlb.GetListenerAttributeRequest{ @@ -224,7 +223,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*alinlb.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*alinlb.Client, error) { // 接入点一览 https://api.aliyun.com/product/Nlb endpoint := strings.ReplaceAll(fmt.Sprintf("nlb.%s.aliyuncs.com", region), "..", ".") config := &aliopen.Config{ @@ -241,7 +240,7 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*alinlb.Clien return client, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region string) (uploader.Uploader, error) { +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) { casRegion := region if casRegion != "" { // 阿里云 CAS 服务接入点是独立于 NLB 服务的 @@ -254,11 +253,11 @@ func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region str } } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: casRegion, }) - return uploader, err + return sslmgr, err } diff --git a/internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb_test.go b/pkg/core/ssl-deployer/providers/aliyun-nlb/aliyun_nlb_test.go similarity index 77% rename from internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb_test.go rename to pkg/core/ssl-deployer/providers/aliyun-nlb/aliyun_nlb_test.go index f4d64219..d7288aa6 100644 --- a/internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-nlb/aliyun_nlb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-nlb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-nlb" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNNLB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNNLB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./aliyun_nlb_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNNLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNNLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNNLB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNNLB_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNNLB_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNNLB_LOADBALANCERID="your-nlb-instance-id" \ - --CERTIMATE_DEPLOYER_ALIYUNNLB_LISTENERID="your-nlb-listener-id" + --CERTIMATE_SSLDEPLOYER_ALIYUNNLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNNLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNNLB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNNLB_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNNLB_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNNLB_LOADBALANCERID="your-nlb-instance-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNNLB_LISTENERID="your-nlb-listener-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -59,7 +59,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LOADBALANCERID: %v", fLoadbalancerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, @@ -94,7 +94,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LISTENERID: %v", fListenerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-nlb/consts.go b/pkg/core/ssl-deployer/providers/aliyun-nlb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/aliyun-nlb/consts.go rename to pkg/core/ssl-deployer/providers/aliyun-nlb/consts.go diff --git a/internal/pkg/core/deployer/providers/aliyun-oss/aliyun_oss.go b/pkg/core/ssl-deployer/providers/aliyun-oss/aliyun_oss.go similarity index 73% rename from internal/pkg/core/deployer/providers/aliyun-oss/aliyun_oss.go rename to pkg/core/ssl-deployer/providers/aliyun-oss/aliyun_oss.go index 6a698cf0..d732261e 100644 --- a/internal/pkg/core/deployer/providers/aliyun-oss/aliyun_oss.go +++ b/pkg/core/ssl-deployer/providers/aliyun-oss/aliyun_oss.go @@ -7,11 +7,10 @@ import ( "log/slog" "github.com/aliyun/aliyun-oss-go-sdk/oss" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" + "github.com/certimate-go/certimate/pkg/core" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -26,41 +25,40 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *oss.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Bucket == "" { return nil, errors.New("config `bucket` is required") } @@ -84,10 +82,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'oss.PutBucketCnameWithCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*oss.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*oss.Client, error) { // 接入点一览 https://api.aliyun.com/product/Oss var endpoint string switch region { diff --git a/internal/pkg/core/deployer/providers/aliyun-oss/aliyun_oss_test.go b/pkg/core/ssl-deployer/providers/aliyun-oss/aliyun_oss_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-oss/aliyun_oss_test.go rename to pkg/core/ssl-deployer/providers/aliyun-oss/aliyun_oss_test.go index 412f7d16..8b9c0a2e 100644 --- a/internal/pkg/core/deployer/providers/aliyun-oss/aliyun_oss_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-oss/aliyun_oss_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-oss" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-oss" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNOSS_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNOSS_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./aliyun_oss_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNOSS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNOSS_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNOSS_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNOSS_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNOSS_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNOSS_BUCKET="your-oss-bucket" \ - --CERTIMATE_DEPLOYER_ALIYUNOSS_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_ALIYUNOSS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNOSS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNOSS_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNOSS_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNOSS_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNOSS_BUCKET="your-oss-bucket" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNOSS_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-vod/aliyun_vod.go b/pkg/core/ssl-deployer/providers/aliyun-vod/aliyun_vod.go similarity index 70% rename from internal/pkg/core/deployer/providers/aliyun-vod/aliyun_vod.go rename to pkg/core/ssl-deployer/providers/aliyun-vod/aliyun_vod.go index ab02fa89..bf8a5812 100644 --- a/internal/pkg/core/deployer/providers/aliyun-vod/aliyun_vod.go +++ b/pkg/core/ssl-deployer/providers/aliyun-vod/aliyun_vod.go @@ -2,6 +2,7 @@ package aliyunvod import ( "context" + "errors" "fmt" "log/slog" "strings" @@ -10,11 +11,10 @@ import ( aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client" "github.com/alibabacloud-go/tea/tea" alivod "github.com/alibabacloud-go/vod-20170321/v4/client" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" + "github.com/certimate-go/certimate/pkg/core" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -27,41 +27,44 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *alivod.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + // 设置域名证书 // REF: https://help.aliyun.com/zh/vod/developer-reference/api-vod-2017-03-21-setvoddomainsslcertificate setVodDomainSSLCertificateReq := &alivod.SetVodDomainSSLCertificateRequest{ @@ -78,10 +81,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'live.SetVodDomainSSLCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*alivod.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*alivod.Client, error) { // 接入点一览 https://api.aliyun.com/product/vod endpoint := strings.ReplaceAll(fmt.Sprintf("vod.%s.aliyuncs.com", region), "..", ".") config := &aliopen.Config{ diff --git a/internal/pkg/core/deployer/providers/aliyun-vod/aliyun_vod_test.go b/pkg/core/ssl-deployer/providers/aliyun-vod/aliyun_vod_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-vod/aliyun_vod_test.go rename to pkg/core/ssl-deployer/providers/aliyun-vod/aliyun_vod_test.go index 4d523d98..3cf7ec28 100644 --- a/internal/pkg/core/deployer/providers/aliyun-vod/aliyun_vod_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-vod/aliyun_vod_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-vod" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-vod" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNVOD_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNVOD_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./aliyun_vod_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNVOD_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNVOD_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNVOD_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNVOD_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNVOD_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNVOD_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_ALIYUNVOD_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNVOD_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNVOD_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNVOD_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNVOD_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNVOD_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go b/pkg/core/ssl-deployer/providers/aliyun-waf/aliyun_waf.go similarity index 78% rename from internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go rename to pkg/core/ssl-deployer/providers/aliyun-waf/aliyun_waf.go index cb3c70e9..c215125a 100644 --- a/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go +++ b/pkg/core/ssl-deployer/providers/aliyun-waf/aliyun_waf.go @@ -11,14 +11,13 @@ import ( "github.com/alibabacloud-go/tea/tea" aliwaf "github.com/alibabacloud-go/waf-openapi-20211001/v5/client" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -35,49 +34,49 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *aliwaf.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *aliwaf.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.InstanceId == "" { return nil, errors.New("config `instanceId` is required") } @@ -92,12 +91,12 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported service version '%s'", d.config.ServiceVersion) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToWAF3(ctx context.Context, certPEM string, privkeyPEM string) error { - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) deployToWAF3(ctx context.Context, certPEM string, privkeyPEM string) error { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -110,7 +109,7 @@ func (d *DeployerProvider) deployToWAF3(ctx context.Context, certPEM string, pri // 查询默认 SSL/TLS 设置 // REF: https://help.aliyun.com/zh/waf/web-application-firewall-3-0/developer-reference/api-waf-openapi-2021-10-01-describedefaulthttps describeDefaultHttpsReq := &aliwaf.DescribeDefaultHttpsRequest{ - ResourceManagerResourceGroupId: typeutil.ToPtrOrZeroNil(d.config.ResourceGroupId), + ResourceManagerResourceGroupId: xtypes.ToPtrOrZeroNil(d.config.ResourceGroupId), InstanceId: tea.String(d.config.InstanceId), RegionId: tea.String(d.config.Region), } @@ -123,7 +122,7 @@ func (d *DeployerProvider) deployToWAF3(ctx context.Context, certPEM string, pri // 修改默认 SSL/TLS 设置 // REF: https://help.aliyun.com/zh/waf/web-application-firewall-3-0/developer-reference/api-waf-openapi-2021-10-01-modifydefaulthttps modifyDefaultHttpsReq := &aliwaf.ModifyDefaultHttpsRequest{ - ResourceManagerResourceGroupId: typeutil.ToPtrOrZeroNil(d.config.ResourceGroupId), + ResourceManagerResourceGroupId: xtypes.ToPtrOrZeroNil(d.config.ResourceGroupId), InstanceId: tea.String(d.config.InstanceId), RegionId: tea.String(d.config.Region), CertId: tea.String(upres.CertId), @@ -175,7 +174,7 @@ func (d *DeployerProvider) deployToWAF3(ctx context.Context, certPEM string, pri return nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliwaf.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*aliwaf.Client, error) { // 接入点一览:https://api.aliyun.com/product/waf-openapi endpoint := strings.ReplaceAll(fmt.Sprintf("wafopenapi.%s.aliyuncs.com", region), "..", ".") config := &aliopen.Config{ @@ -192,7 +191,7 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliwaf.Clien return client, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region string) (uploader.Uploader, error) { +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) { casRegion := region if casRegion != "" { // 阿里云 CAS 服务接入点是独立于 WAF 服务的 @@ -205,13 +204,13 @@ func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region str } } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: casRegion, }) - return uploader, err + return sslmgr, err } func assign(source *aliwaf.ModifyDomainRequest, target *aliwaf.DescribeDomainDetailResponseBody) *aliwaf.ModifyDomainRequest { @@ -252,7 +251,7 @@ func assign(source *aliwaf.ModifyDomainRequest, target *aliwaf.DescribeDomainDet } if target.Listen.HttpPorts != nil { - source.Listen.HttpPorts = sliceutil.Map(target.Listen.HttpPorts, func(v *int64) *int32 { + source.Listen.HttpPorts = xslices.Map(target.Listen.HttpPorts, func(v *int64) *int32 { if v == nil { return nil } @@ -261,7 +260,7 @@ func assign(source *aliwaf.ModifyDomainRequest, target *aliwaf.DescribeDomainDet } if target.Listen.HttpsPorts != nil { - source.Listen.HttpsPorts = sliceutil.Map(target.Listen.HttpsPorts, func(v *int64) *int32 { + source.Listen.HttpsPorts = xslices.Map(target.Listen.HttpsPorts, func(v *int64) *int32 { if v == nil { return nil } @@ -296,7 +295,7 @@ func assign(source *aliwaf.ModifyDomainRequest, target *aliwaf.DescribeDomainDet } if target.Redirect.Backends != nil { - source.Redirect.Backends = sliceutil.Map(target.Redirect.Backends, func(v *aliwaf.DescribeDomainDetailResponseBodyRedirectBackends) *string { + source.Redirect.Backends = xslices.Map(target.Redirect.Backends, func(v *aliwaf.DescribeDomainDetailResponseBodyRedirectBackends) *string { if v == nil { return nil } @@ -305,7 +304,7 @@ func assign(source *aliwaf.ModifyDomainRequest, target *aliwaf.DescribeDomainDet } if target.Redirect.BackupBackends != nil { - source.Redirect.BackupBackends = sliceutil.Map(target.Redirect.BackupBackends, func(v *aliwaf.DescribeDomainDetailResponseBodyRedirectBackupBackends) *string { + source.Redirect.BackupBackends = xslices.Map(target.Redirect.BackupBackends, func(v *aliwaf.DescribeDomainDetailResponseBodyRedirectBackupBackends) *string { if v == nil { return nil } @@ -342,7 +341,7 @@ func assign(source *aliwaf.ModifyDomainRequest, target *aliwaf.DescribeDomainDet } if target.Redirect.RequestHeaders != nil { - source.Redirect.RequestHeaders = sliceutil.Map(target.Redirect.RequestHeaders, func(v *aliwaf.DescribeDomainDetailResponseBodyRedirectRequestHeaders) *aliwaf.ModifyDomainRequestRedirectRequestHeaders { + source.Redirect.RequestHeaders = xslices.Map(target.Redirect.RequestHeaders, func(v *aliwaf.DescribeDomainDetailResponseBodyRedirectRequestHeaders) *aliwaf.ModifyDomainRequestRedirectRequestHeaders { if v == nil { return nil } diff --git a/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf_test.go b/pkg/core/ssl-deployer/providers/aliyun-waf/aliyun_waf_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf_test.go rename to pkg/core/ssl-deployer/providers/aliyun-waf/aliyun_waf_test.go index e1b92613..7352ac6d 100644 --- a/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-waf/aliyun_waf_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-waf" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-waf" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNWAF_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNWAF_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./aliyun_waf_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNWAF_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNWAF_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNWAF_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNWAF_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNWAF_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNWAF_INSTANCEID="your-waf-instance-id" + --CERTIMATE_SSLDEPLOYER_ALIYUNWAF_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNWAF_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNWAF_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNWAF_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNWAF_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNWAF_INSTANCEID="your-waf-instance-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("INSTANCEID: %v", fInstanceId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/pkg/core/ssl-deployer/providers/apisix/apisix.go b/pkg/core/ssl-deployer/providers/apisix/apisix.go new file mode 100644 index 00000000..2a42eeb1 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/apisix/apisix.go @@ -0,0 +1,118 @@ +package apisix + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + apisixsdk "github.com/certimate-go/certimate/pkg/sdk3rd/apisix" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLDeployerProviderConfig struct { + // APISIX 服务地址。 + ServerUrl string `json:"serverUrl"` + // APISIX Admin API Key。 + ApiKey string `json:"apiKey"` + // 是否允许不安全的连接。 + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` + // 部署资源类型。 + ResourceType ResourceType `json:"resourceType"` + // 证书 ID。 + // 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时必填。 + CertificateId string `json:"certificateId,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *apisixsdk.Client +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 根据部署资源类型决定部署方式 + switch d.config.ResourceType { + case RESOURCE_TYPE_CERTIFICATE: + if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil { + return nil, err + } + + default: + return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) + } + + return &core.SSLDeployResult{}, nil +} + +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { + if d.config.CertificateId == "" { + return errors.New("config `certificateId` is required") + } + + // 解析证书内容 + certX509, err := xcert.ParseCertificateFromPEM(certPEM) + if err != nil { + return err + } + + // 更新 SSL 证书 + // REF: https://apisix.apache.org/zh/docs/apisix/admin-api/#ssl + updateSSLReq := &apisixsdk.UpdateSSLRequest{ + Cert: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), + SNIs: xtypes.ToPtr(certX509.DNSNames), + Type: xtypes.ToPtr("server"), + Status: xtypes.ToPtr(int32(1)), + } + updateSSLResp, err := d.sdkClient.UpdateSSL(d.config.CertificateId, updateSSLReq) + d.logger.Debug("sdk request 'apisix.UpdateSSL'", slog.String("sslId", d.config.CertificateId), slog.Any("request", updateSSLReq), slog.Any("response", updateSSLResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request 'apisix.UpdateSSL': %w", err) + } + + return nil +} + +func createSDKClient(serverUrl, apiKey string, skipTlsVerify bool) (*apisixsdk.Client, error) { + client, err := apisixsdk.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil +} diff --git a/internal/pkg/core/deployer/providers/apisix/apisix_test.go b/pkg/core/ssl-deployer/providers/apisix/apisix_test.go similarity index 73% rename from internal/pkg/core/deployer/providers/apisix/apisix_test.go rename to pkg/core/ssl-deployer/providers/apisix/apisix_test.go index d7d7dffd..c9b73c27 100644 --- a/internal/pkg/core/deployer/providers/apisix/apisix_test.go +++ b/pkg/core/ssl-deployer/providers/apisix/apisix_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/apisix" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/apisix" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_APISIX_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_APISIX_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./apisix_test.go -args \ - --CERTIMATE_DEPLOYER_APISIX_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_APISIX_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_APISIX_SERVERURL="http://127.0.0.1:9080" \ - --CERTIMATE_DEPLOYER_APISIX_APIKEY="your-api-key" \ - --CERTIMATE_DEPLOYER_APISIX_CERTIFICATEID="your-cerficiate-id" + --CERTIMATE_SSLDEPLOYER_APISIX_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_APISIX_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_APISIX_SERVERURL="http://127.0.0.1:9080" \ + --CERTIMATE_SSLDEPLOYER_APISIX_APIKEY="your-api-key" \ + --CERTIMATE_SSLDEPLOYER_APISIX_CERTIFICATEID="your-cerficiate-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("CERTIFICATEID: %v", fCertificateId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiKey: fApiKey, AllowInsecureConnections: true, diff --git a/internal/pkg/core/deployer/providers/apisix/consts.go b/pkg/core/ssl-deployer/providers/apisix/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/apisix/consts.go rename to pkg/core/ssl-deployer/providers/apisix/consts.go diff --git a/internal/pkg/core/deployer/providers/aws-acm/aws_acm.go b/pkg/core/ssl-deployer/providers/aws-acm/aws_acm.go similarity index 60% rename from internal/pkg/core/deployer/providers/aws-acm/aws_acm.go rename to pkg/core/ssl-deployer/providers/aws-acm/aws_acm.go index 0c9c5d57..9a69e3eb 100644 --- a/internal/pkg/core/deployer/providers/aws-acm/aws_acm.go +++ b/pkg/core/ssl-deployer/providers/aws-acm/aws_acm.go @@ -2,6 +2,7 @@ package awsacm import ( "context" + "errors" "fmt" "log/slog" @@ -10,13 +11,12 @@ import ( awscred "github.com/aws/aws-sdk-go-v2/credentials" awsacm "github.com/aws/aws-sdk-go-v2/service/acm" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aws-acm" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aws-acm" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // AWS AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // AWS SecretAccessKey。 @@ -28,56 +28,56 @@ type DeployerConfig struct { CertificateArn string `json:"certificateArn,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *awsacm.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *awsacm.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.CertificateArn == "" { - // 上传证书到 ACM - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -85,7 +85,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } else { // 提取服务器证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -105,10 +105,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*awsacm.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*awsacm.Client, error) { cfg, err := awscfg.LoadDefaultConfig(context.TODO()) if err != nil { return nil, err diff --git a/internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront.go b/pkg/core/ssl-deployer/providers/aws-cloudfront/aws_cloudfront.go similarity index 73% rename from internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront.go rename to pkg/core/ssl-deployer/providers/aws-cloudfront/aws_cloudfront.go index e5a3f0b2..a9ce2f7c 100644 --- a/internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront.go +++ b/pkg/core/ssl-deployer/providers/aws-cloudfront/aws_cloudfront.go @@ -12,13 +12,12 @@ import ( "github.com/aws/aws-sdk-go-v2/service/cloudfront" "github.com/aws/aws-sdk-go-v2/service/cloudfront/types" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploaderspacm "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aws-acm" - uploaderspiam "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aws-iam" + "github.com/certimate-go/certimate/pkg/core" + sslmgrspacm "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aws-acm" + sslmgrspiam "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aws-iam" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // AWS AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // AWS SecretAccessKey。 @@ -32,74 +31,74 @@ type DeployerConfig struct { CertificateSource string `json:"certificateSource"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *cloudfront.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *cloudfront.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - var uploader uploader.Uploader + var sslmgr core.SSLManager if config.CertificateSource == "ACM" { - uploader, err = uploaderspacm.NewUploader(&uploaderspacm.UploaderConfig{ + sslmgr, err = sslmgrspacm.NewSSLManagerProvider(&sslmgrspacm.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } } else if config.CertificateSource == "IAM" { - uploader, err = uploaderspiam.NewUploader(&uploaderspiam.UploaderConfig{ + sslmgr, err = sslmgrspiam.NewSSLManagerProvider(&sslmgrspiam.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, Region: config.Region, CertificatePath: "/cloudfront/", }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } } else { return nil, fmt.Errorf("unsupported certificate source: '%s'", config.CertificateSource) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.DistributionId == "" { return nil, errors.New("config `distribuitionId` is required") } - // 上传证书到 ACM/IAM - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -147,10 +146,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cloudfront.UpdateDistribution': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*cloudfront.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*cloudfront.Client, error) { cfg, err := awscfg.LoadDefaultConfig(context.TODO()) if err != nil { return nil, err diff --git a/internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront_test.go b/pkg/core/ssl-deployer/providers/aws-cloudfront/aws_cloudfront_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront_test.go rename to pkg/core/ssl-deployer/providers/aws-cloudfront/aws_cloudfront_test.go index 78228645..fc2c539a 100644 --- a/internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront_test.go +++ b/pkg/core/ssl-deployer/providers/aws-cloudfront/aws_cloudfront_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aws-cloudfront" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aws-cloudfront" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_AWSCLOUDFRONT_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_AWSCLOUDFRONT_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./aws_cloudfront_test.go -args \ - --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_SECRETACCESSKEY="your-secret-access-id" \ - --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_REGION="us-east-1" \ - --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_DISTRIBUTIONID="your-distribution-id" + --CERTIMATE_SSLDEPLOYER_AWSCLOUDFRONT_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_AWSCLOUDFRONT_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_AWSCLOUDFRONT_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_AWSCLOUDFRONT_SECRETACCESSKEY="your-secret-access-id" \ + --CERTIMATE_SSLDEPLOYER_AWSCLOUDFRONT_REGION="us-east-1" \ + --CERTIMATE_SSLDEPLOYER_AWSCLOUDFRONT_DISTRIBUTIONID="your-distribution-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DISTRIBUTIONID: %v", fDistribuitionId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Region: fRegion, diff --git a/pkg/core/ssl-deployer/providers/aws-iam/aws_iam.go b/pkg/core/ssl-deployer/providers/aws-iam/aws_iam.go new file mode 100644 index 00000000..0ed8bcae --- /dev/null +++ b/pkg/core/ssl-deployer/providers/aws-iam/aws_iam.go @@ -0,0 +1,75 @@ +package awsiam + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aws-iam" +) + +type SSLDeployerProviderConfig struct { + // AWS AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // AWS SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` + // AWS 区域。 + Region string `json:"region"` + // IAM 证书路径。 + // 选填。 + CertificatePath string `json:"certificatePath,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + SecretAccessKey: config.SecretAccessKey, + Region: config.Region, + CertificatePath: config.CertificatePath, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + return &core.SSLDeployResult{}, nil +} diff --git a/internal/pkg/core/deployer/providers/azure-keyvault/azure_keyvault.go b/pkg/core/ssl-deployer/providers/azure-keyvault/azure_keyvault.go similarity index 68% rename from internal/pkg/core/deployer/providers/azure-keyvault/azure_keyvault.go rename to pkg/core/ssl-deployer/providers/azure-keyvault/azure_keyvault.go index 1331bbf6..4965f4db 100644 --- a/internal/pkg/core/deployer/providers/azure-keyvault/azure_keyvault.go +++ b/pkg/core/ssl-deployer/providers/azure-keyvault/azure_keyvault.go @@ -13,14 +13,13 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azidentity" "github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azcertificates" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/azure-keyvault" - azcommon "github.com/usual2970/certimate/internal/pkg/sdk3rd/azure/common" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/azure-keyvault" + azenv "github.com/certimate-go/certimate/pkg/sdk3rd/azure/env" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // Azure TenantId。 TenantId string `json:"tenantId"` // Azure ClientId。 @@ -36,26 +35,26 @@ type DeployerConfig struct { CertificateName string `json:"certificateName,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *azcertificates.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *azcertificates.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.TenantId, config.ClientId, config.ClientSecret, config.CloudName, config.KeyVaultName) + client, err := createSDKClient(config.TenantId, config.ClientId, config.ClientSecret, config.CloudName, config.KeyVaultName) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ TenantId: config.TenantId, ClientId: config.ClientId, ClientSecret: config.ClientSecret, @@ -63,43 +62,43 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { KeyVaultName: config.KeyVaultName, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } // 转换证书格式 - certPFX, err := certutil.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, "") + certPFX, err := xcert.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, "") if err != nil { return nil, fmt.Errorf("failed to transform certificate from PEM to PFX: %w", err) } if d.config.CertificateName == "" { - // 上传证书到 KeyVault - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -118,8 +117,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } else { oldCertX509, err := x509.ParseCertificate(getCertificateResp.CER) if err == nil { - if certutil.EqualCertificate(certX509, oldCertX509) { - return &deployer.DeployResult{}, nil + if xcert.EqualCertificate(certX509, oldCertX509) { + return &core.SSLDeployResult{}, nil } } } @@ -145,11 +144,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(tenantId, clientId, clientSecret, cloudName, keyvaultName string) (*azcertificates.Client, error) { - env, err := azcommon.GetCloudEnvironmentConfiguration(cloudName) +func createSDKClient(tenantId, clientId, clientSecret, cloudName, keyvaultName string) (*azcertificates.Client, error) { + env, err := azenv.GetCloudEnvConfiguration(cloudName) if err != nil { return nil, err } @@ -162,9 +161,9 @@ func createSdkClient(tenantId, clientId, clientSecret, cloudName, keyvaultName s } endpoint := fmt.Sprintf("https://%s.vault.azure.net", keyvaultName) - if azcommon.IsEnvironmentGovernment(cloudName) { + if azenv.IsUSGovernmentEnv(cloudName) { endpoint = fmt.Sprintf("https://%s.vault.usgovcloudapi.net", keyvaultName) - } else if azcommon.IsEnvironmentChina(cloudName) { + } else if azenv.IsChinaEnv(cloudName) { endpoint = fmt.Sprintf("https://%s.vault.azure.cn", keyvaultName) } diff --git a/internal/pkg/core/deployer/providers/baiducloud-appblb/baiducloud_appblb.go b/pkg/core/ssl-deployer/providers/baiducloud-appblb/baiducloud_appblb.go similarity index 80% rename from internal/pkg/core/deployer/providers/baiducloud-appblb/baiducloud_appblb.go rename to pkg/core/ssl-deployer/providers/baiducloud-appblb/baiducloud_appblb.go index 87d7ba65..f649e6d6 100644 --- a/internal/pkg/core/deployer/providers/baiducloud-appblb/baiducloud_appblb.go +++ b/pkg/core/ssl-deployer/providers/baiducloud-appblb/baiducloud_appblb.go @@ -11,13 +11,12 @@ import ( bceappblb "github.com/baidubce/bce-sdk-go/services/appblb" "github.com/google/uuid" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/baiducloud-cert" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/baiducloud-cert" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 百度智能云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 百度智能云 SecretAccessKey。 @@ -37,53 +36,52 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *bceappblb.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *bceappblb.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -106,10 +104,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -171,7 +169,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -234,7 +232,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudListenerType string, cloudListenerPort int32, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudListenerType string, cloudListenerPort int32, cloudCertId string) error { switch strings.ToUpper(cloudListenerType) { case "HTTPS": return d.updateHttpsListenerCertificate(ctx, cloudLoadbalancerId, cloudListenerPort, cloudCertId) @@ -245,7 +243,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL } } -func (d *DeployerProvider) updateHttpsListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudHttpsListenerPort int32, cloudCertId string) error { +func (d *SSLDeployerProvider) updateHttpsListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudHttpsListenerPort int32, cloudCertId string) error { // 查询 HTTPS 监听器 // REF: https://cloud.baidu.com/doc/BLB/s/ujwvxnyux#describeapphttpslisteners%E6%9F%A5%E8%AF%A2https%E7%9B%91%E5%90%AC%E5%99%A8 describeAppHTTPSListenersReq := &bceappblb.DescribeAppListenerArgs{ @@ -286,7 +284,7 @@ func (d *DeployerProvider) updateHttpsListenerCertificate(ctx context.Context, c ListenerPort: uint16(cloudHttpsListenerPort), Scheduler: describeAppHTTPSListenersResp.ListenerList[0].Scheduler, CertIds: describeAppHTTPSListenersResp.ListenerList[0].CertIds, - AdditionalCertDomains: sliceutil.Map(describeAppHTTPSListenersResp.ListenerList[0].AdditionalCertDomains, func(domain bceappblb.AdditionalCertDomainsModel) bceappblb.AdditionalCertDomainsModel { + AdditionalCertDomains: xslices.Map(describeAppHTTPSListenersResp.ListenerList[0].AdditionalCertDomains, func(domain bceappblb.AdditionalCertDomainsModel) bceappblb.AdditionalCertDomainsModel { if domain.Host == d.config.Domain { return bceappblb.AdditionalCertDomainsModel{ Host: domain.Host, @@ -310,7 +308,7 @@ func (d *DeployerProvider) updateHttpsListenerCertificate(ctx context.Context, c return nil } -func (d *DeployerProvider) updateSslListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudHttpsListenerPort int32, cloudCertId string) error { +func (d *SSLDeployerProvider) updateSslListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudHttpsListenerPort int32, cloudCertId string) error { // 更新 SSL 监听器 // REF: https://cloud.baidu.com/doc/BLB/s/ujwvxnyux#updateappssllistener%E6%9B%B4%E6%96%B0ssl%E7%9B%91%E5%90%AC%E5%99%A8 updateAppSSLListenerReq := &bceappblb.UpdateAppSSLListenerArgs{ @@ -327,7 +325,7 @@ func (d *DeployerProvider) updateSslListenerCertificate(ctx context.Context, clo return nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*bceappblb.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*bceappblb.Client, error) { endpoint := "" if region != "" { endpoint = fmt.Sprintf("blb.%s.baidubce.com", region) diff --git a/internal/pkg/core/deployer/providers/baiducloud-blb/baiducloud_blb_test.go b/pkg/core/ssl-deployer/providers/baiducloud-appblb/baiducloud_appblb_test.go similarity index 67% rename from internal/pkg/core/deployer/providers/baiducloud-blb/baiducloud_blb_test.go rename to pkg/core/ssl-deployer/providers/baiducloud-appblb/baiducloud_appblb_test.go index c96e4f0c..62fec197 100644 --- a/internal/pkg/core/deployer/providers/baiducloud-blb/baiducloud_blb_test.go +++ b/pkg/core/ssl-deployer/providers/baiducloud-appblb/baiducloud_appblb_test.go @@ -1,4 +1,4 @@ -package baiducloudblb_test +package baiducloudappblb_test import ( "context" @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baiducloud-blb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baiducloud-appblb" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BAIDUCLOUDBLB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BAIDUCLOUDAPPBLB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -36,14 +36,14 @@ func init() { /* Shell command to run this test: - go test -v ./baiducloud_blb_test.go -args \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDBLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDBLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDBLB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDBLB_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDBLB_REGION="bj" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDBLB_LOADBALANCERID="your-blb-loadbalancer-id" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDBLB_DOMAIN="your-blb-sni-domain" + go test -v ./baiducloud_appblb_test.go -args \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDAPPBLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDAPPBLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDAPPBLB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDAPPBLB_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDAPPBLB_REGION="bj" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDAPPBLB_LOADBALANCERID="your-blb-loadbalancer-id" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDAPPBLB_DOMAIN="your-blb-sni-domain" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, ResourceType: provider.RESOURCE_TYPE_LOADBALANCER, diff --git a/internal/pkg/core/deployer/providers/baiducloud-appblb/consts.go b/pkg/core/ssl-deployer/providers/baiducloud-appblb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/baiducloud-appblb/consts.go rename to pkg/core/ssl-deployer/providers/baiducloud-appblb/consts.go diff --git a/internal/pkg/core/deployer/providers/baiducloud-blb/baiducloud_blb.go b/pkg/core/ssl-deployer/providers/baiducloud-blb/baiducloud_blb.go similarity index 80% rename from internal/pkg/core/deployer/providers/baiducloud-blb/baiducloud_blb.go rename to pkg/core/ssl-deployer/providers/baiducloud-blb/baiducloud_blb.go index 54e4a55d..e33d8ab2 100644 --- a/internal/pkg/core/deployer/providers/baiducloud-blb/baiducloud_blb.go +++ b/pkg/core/ssl-deployer/providers/baiducloud-blb/baiducloud_blb.go @@ -11,13 +11,12 @@ import ( bceblb "github.com/baidubce/bce-sdk-go/services/blb" "github.com/google/uuid" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/baiducloud-cert" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/baiducloud-cert" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 百度智能云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 百度智能云 SecretAccessKey。 @@ -37,53 +36,52 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *bceblb.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *bceblb.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -106,10 +104,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -171,7 +169,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -234,7 +232,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudListenerType string, cloudListenerPort int32, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudListenerType string, cloudListenerPort int32, cloudCertId string) error { switch strings.ToUpper(cloudListenerType) { case "HTTPS": return d.updateHttpsListenerCertificate(ctx, cloudLoadbalancerId, cloudListenerPort, cloudCertId) @@ -245,7 +243,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL } } -func (d *DeployerProvider) updateHttpsListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudHttpsListenerPort int32, cloudCertId string) error { +func (d *SSLDeployerProvider) updateHttpsListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudHttpsListenerPort int32, cloudCertId string) error { // 查询 HTTPS 监听器 // REF: https://cloud.baidu.com/doc/BLB/s/yjwvxnvl6#describehttpslisteners%E6%9F%A5%E8%AF%A2https%E7%9B%91%E5%90%AC%E5%99%A8 describeHTTPSListenersReq := &bceblb.DescribeListenerArgs{ @@ -284,7 +282,7 @@ func (d *DeployerProvider) updateHttpsListenerCertificate(ctx context.Context, c ClientToken: generateClientToken(), ListenerPort: uint16(cloudHttpsListenerPort), CertIds: describeHTTPSListenersResp.ListenerList[0].CertIds, - AdditionalCertDomains: sliceutil.Map(describeHTTPSListenersResp.ListenerList[0].AdditionalCertDomains, func(domain bceblb.AdditionalCertDomainsModel) bceblb.AdditionalCertDomainsModel { + AdditionalCertDomains: xslices.Map(describeHTTPSListenersResp.ListenerList[0].AdditionalCertDomains, func(domain bceblb.AdditionalCertDomainsModel) bceblb.AdditionalCertDomainsModel { if domain.Host == d.config.Domain { return bceblb.AdditionalCertDomainsModel{ Host: domain.Host, @@ -308,7 +306,7 @@ func (d *DeployerProvider) updateHttpsListenerCertificate(ctx context.Context, c return nil } -func (d *DeployerProvider) updateSslListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudHttpsListenerPort int32, cloudCertId string) error { +func (d *SSLDeployerProvider) updateSslListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudHttpsListenerPort int32, cloudCertId string) error { // 更新 SSL 监听器 // REF: https://cloud.baidu.com/doc/BLB/s/yjwvxnvl6#updatessllistener%E6%9B%B4%E6%96%B0ssl%E7%9B%91%E5%90%AC%E5%99%A8 updateSSLListenerReq := &bceblb.UpdateSSLListenerArgs{ @@ -325,7 +323,7 @@ func (d *DeployerProvider) updateSslListenerCertificate(ctx context.Context, clo return nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*bceblb.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*bceblb.Client, error) { endpoint := "" if region != "" { endpoint = fmt.Sprintf("blb.%s.baidubce.com", region) diff --git a/internal/pkg/core/deployer/providers/baiducloud-appblb/baiducloud_appblb_test.go b/pkg/core/ssl-deployer/providers/baiducloud-blb/baiducloud_blb_test.go similarity index 72% rename from internal/pkg/core/deployer/providers/baiducloud-appblb/baiducloud_appblb_test.go rename to pkg/core/ssl-deployer/providers/baiducloud-blb/baiducloud_blb_test.go index 1e60d5f0..a4fc8fa4 100644 --- a/internal/pkg/core/deployer/providers/baiducloud-appblb/baiducloud_appblb_test.go +++ b/pkg/core/ssl-deployer/providers/baiducloud-blb/baiducloud_blb_test.go @@ -1,4 +1,4 @@ -package baiducloudappblb_test +package baiducloudblb_test import ( "context" @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baiducloud-appblb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baiducloud-blb" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BAIDUCLOUDAPPBLB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BAIDUCLOUDBLB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -36,14 +36,14 @@ func init() { /* Shell command to run this test: - go test -v ./baiducloud_appblb_test.go -args \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDAPPBLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDAPPBLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDAPPBLB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDAPPBLB_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDAPPBLB_REGION="bj" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDAPPBLB_LOADBALANCERID="your-blb-loadbalancer-id" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDAPPBLB_DOMAIN="your-blb-sni-domain" + go test -v ./baiducloud_blb_test.go -args \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDBLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDBLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDBLB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDBLB_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDBLB_REGION="bj" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDBLB_LOADBALANCERID="your-blb-loadbalancer-id" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDBLB_DOMAIN="your-blb-sni-domain" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, ResourceType: provider.RESOURCE_TYPE_LOADBALANCER, diff --git a/internal/pkg/core/deployer/providers/baiducloud-blb/consts.go b/pkg/core/ssl-deployer/providers/baiducloud-blb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/baiducloud-blb/consts.go rename to pkg/core/ssl-deployer/providers/baiducloud-blb/consts.go diff --git a/internal/pkg/core/deployer/providers/baiducloud-cdn/baiducloud_cdn.go b/pkg/core/ssl-deployer/providers/baiducloud-cdn/baiducloud_cdn.go similarity index 60% rename from internal/pkg/core/deployer/providers/baiducloud-cdn/baiducloud_cdn.go rename to pkg/core/ssl-deployer/providers/baiducloud-cdn/baiducloud_cdn.go index ccd11f9b..c8e181b8 100644 --- a/internal/pkg/core/deployer/providers/baiducloud-cdn/baiducloud_cdn.go +++ b/pkg/core/ssl-deployer/providers/baiducloud-cdn/baiducloud_cdn.go @@ -2,17 +2,17 @@ package baiducloudcdn import ( "context" + "errors" "fmt" "log/slog" "time" bcecdn "github.com/baidubce/bce-sdk-go/services/cdn" bcecdnapi "github.com/baidubce/bce-sdk-go/services/cdn/api" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" + "github.com/certimate-go/certimate/pkg/core" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 百度智能云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 百度智能云 SecretAccessKey。 @@ -21,41 +21,44 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *bcecdn.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + // 修改域名证书 // REF: https://cloud.baidu.com/doc/CDN/s/qjzuz2hp8 putCertResp, err := d.sdkClient.PutCert( @@ -72,10 +75,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cdn.PutCert': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, secretAccessKey string) (*bcecdn.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey string) (*bcecdn.Client, error) { client, err := bcecdn.NewClient(accessKeyId, secretAccessKey, "") if err != nil { return nil, err diff --git a/internal/pkg/core/deployer/providers/baiducloud-cdn/baiducloud_cdn_test.go b/pkg/core/ssl-deployer/providers/baiducloud-cdn/baiducloud_cdn_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/baiducloud-cdn/baiducloud_cdn_test.go rename to pkg/core/ssl-deployer/providers/baiducloud-cdn/baiducloud_cdn_test.go index cef03392..068e6fad 100644 --- a/internal/pkg/core/deployer/providers/baiducloud-cdn/baiducloud_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/baiducloud-cdn/baiducloud_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baiducloud-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baiducloud-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BAIDUCLOUDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BAIDUCLOUDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./baiducloud_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDCDN_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDCDN_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Domain: fDomain, diff --git a/pkg/core/ssl-deployer/providers/baiducloud-cert/baiducloud_cert.go b/pkg/core/ssl-deployer/providers/baiducloud-cert/baiducloud_cert.go new file mode 100644 index 00000000..d9151b96 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/baiducloud-cert/baiducloud_cert.go @@ -0,0 +1,66 @@ +package baiducloudcert + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/baiducloud-cert" +) + +type SSLDeployerProviderConfig struct { + // 百度智能云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 百度智能云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + SecretAccessKey: config.SecretAccessKey, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + return &core.SSLDeployResult{}, nil +} diff --git a/internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn.go b/pkg/core/ssl-deployer/providers/baishan-cdn/baishan_cdn.go similarity index 54% rename from internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn.go rename to pkg/core/ssl-deployer/providers/baishan-cdn/baishan_cdn.go index b056b076..18e4f785 100644 --- a/internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn.go +++ b/pkg/core/ssl-deployer/providers/baishan-cdn/baishan_cdn.go @@ -10,11 +10,12 @@ import ( "strings" "time" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - bssdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/baishan" + "github.com/certimate-go/certimate/pkg/core" + bssdk "github.com/certimate-go/certimate/pkg/sdk3rd/baishan" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 白山云 API Token。 ApiToken string `json:"apiToken"` // 加速域名(支持泛域名)。 @@ -24,41 +25,40 @@ type DeployerConfig struct { CertificateId string `json:"certificateId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *bssdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ApiToken) + client, err := createSDKClient(config.ApiToken) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Domain == "" { return nil, errors.New("config `domain` is required") } @@ -68,34 +68,34 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 新增证书 // REF: https://portal.baishancloud.com/track/document/downloadPdf/1441 certificateId := "" - createCertificateReq := &bssdk.CreateCertificateRequest{ - Certificate: certPEM, - Key: privkeyPEM, - Name: fmt.Sprintf("certimate_%d", time.Now().UnixMilli()), + setDomainCertificateReq := &bssdk.SetDomainCertificateRequest{ + Name: xtypes.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), + Certificate: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), } - createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) - d.logger.Debug("sdk request 'baishan.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + setDomainCertificateResp, err := d.sdkClient.SetDomainCertificate(setDomainCertificateReq) + d.logger.Debug("sdk request 'baishan.SetDomainCertificate'", slog.Any("request", setDomainCertificateReq), slog.Any("response", setDomainCertificateResp)) if err != nil { - if createCertificateResp != nil { - if createCertificateResp.GetCode() == 400699 && strings.Contains(createCertificateResp.GetMessage(), "this certificate is exists") { + if setDomainCertificateResp != nil { + if setDomainCertificateResp.GetCode() == 400699 && strings.Contains(setDomainCertificateResp.GetMessage(), "this certificate is exists") { // 证书已存在,忽略新增证书接口错误 re := regexp.MustCompile(`\d+`) - certificateId = re.FindString(createCertificateResp.GetMessage()) + certificateId = re.FindString(setDomainCertificateResp.GetMessage()) } } if certificateId == "" { - return nil, fmt.Errorf("failed to execute sdk request 'baishan.CreateCertificate': %w", err) + return nil, fmt.Errorf("failed to execute sdk request 'baishan.SetDomainCertificate': %w", err) } } else { - certificateId = createCertificateResp.Data.CertId.String() + certificateId = setDomainCertificateResp.Data.CertId.String() } // 查询域名配置 // REF: https://portal.baishancloud.com/track/document/api/1/1065 getDomainConfigReq := &bssdk.GetDomainConfigRequest{ - Domains: d.config.Domain, - Config: []string{"https"}, + Domains: xtypes.ToPtr(d.config.Domain), + Config: xtypes.ToPtr([]string{"https"}), } getDomainConfigResp, err := d.sdkClient.GetDomainConfig(getDomainConfigReq) d.logger.Debug("sdk request 'baishan.GetDomainConfig'", slog.Any("request", getDomainConfigReq), slog.Any("response", getDomainConfigResp)) @@ -108,7 +108,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 设置域名配置 // REF: https://portal.baishancloud.com/track/document/api/1/1045 setDomainConfigReq := &bssdk.SetDomainConfigRequest{ - Domains: d.config.Domain, + Domains: xtypes.ToPtr(d.config.Domain), Config: &bssdk.DomainConfig{ Https: &bssdk.DomainConfigHttps{ CertId: json.Number(certificateId), @@ -126,27 +126,22 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } else { // 替换证书 // REF: https://portal.baishancloud.com/track/document/downloadPdf/1441 - createCertificateReq := &bssdk.CreateCertificateRequest{ + setDomainCertificateReq := &bssdk.SetDomainCertificateRequest{ CertificateId: &d.config.CertificateId, - Certificate: certPEM, - Key: privkeyPEM, - Name: fmt.Sprintf("certimate_%d", time.Now().UnixMilli()), + Name: xtypes.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), + Certificate: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), } - createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) - d.logger.Debug("sdk request 'baishan.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + setDomainCertificateResp, err := d.sdkClient.SetDomainCertificate(setDomainCertificateReq) + d.logger.Debug("sdk request 'baishan.SetDomainCertificate'", slog.Any("request", setDomainCertificateReq), slog.Any("response", setDomainCertificateResp)) if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'baishan.CreateCertificate': %w", err) + return nil, fmt.Errorf("failed to execute sdk request 'baishan.SetDomainCertificate': %w", err) } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(apiToken string) (*bssdk.Client, error) { - if apiToken == "" { - return nil, errors.New("invalid baishan api token") - } - - client := bssdk.NewClient(apiToken) - return client, nil +func createSDKClient(apiToken string) (*bssdk.Client, error) { + return bssdk.NewClient(apiToken) } diff --git a/internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn_test.go b/pkg/core/ssl-deployer/providers/baishan-cdn/baishan_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn_test.go rename to pkg/core/ssl-deployer/providers/baishan-cdn/baishan_cdn_test.go index 8e3a16b8..e989785c 100644 --- a/internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/baishan-cdn/baishan_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baishan-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baishan-cdn" ) var ( @@ -19,7 +19,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BAISHANCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BAISHANCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -31,10 +31,10 @@ func init() { Shell command to run this test: go test -v ./baishan_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_BAISHANCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BAISHANCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BAISHANCDN_APITOKEN="your-api-token" \ - --CERTIMATE_DEPLOYER_BAISHANCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_BAISHANCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BAISHANCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BAISHANCDN_APITOKEN="your-api-token" \ + --CERTIMATE_SSLDEPLOYER_BAISHANCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -48,7 +48,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ApiToken: fApiToken, Domain: fDomain, }) diff --git a/internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console.go b/pkg/core/ssl-deployer/providers/baotapanel-console/baotapanel_console.go similarity index 60% rename from internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console.go rename to pkg/core/ssl-deployer/providers/baotapanel-console/baotapanel_console.go index 403b96e8..d314b6ec 100644 --- a/internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console.go +++ b/pkg/core/ssl-deployer/providers/baotapanel-console/baotapanel_console.go @@ -6,13 +6,12 @@ import ( "errors" "fmt" "log/slog" - "net/url" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - btsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/btpanel" + "github.com/certimate-go/certimate/pkg/core" + btsdk "github.com/certimate-go/certimate/pkg/sdk3rd/btpanel" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 宝塔面板服务地址。 ServerUrl string `json:"serverUrl"` // 宝塔面板接口密钥。 @@ -23,41 +22,40 @@ type DeployerConfig struct { AutoRestart bool `json:"autoRestart"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *btsdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) + client, err := createSDKClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 设置面板 SSL 证书 configSavePanelSSLReq := &btsdk.ConfigSavePanelSSLRequest{ PrivateKey: privkeyPEM, @@ -79,21 +77,17 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE d.logger.Debug("sdk request 'bt.SystemServiceAdmin'", slog.Any("request", systemServiceAdminReq), slog.Any("response", systemServiceAdminResp)) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(serverUrl, apiKey string, skipTlsVerify bool) (*btsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid baota server url") +func createSDKClient(serverUrl, apiKey string, skipTlsVerify bool) (*btsdk.Client, error) { + client, err := btsdk.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err } - if apiKey == "" { - return nil, errors.New("invalid baota api key") - } - - client := btsdk.NewClient(serverUrl, apiKey) if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) } return client, nil diff --git a/internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console_test.go b/pkg/core/ssl-deployer/providers/baotapanel-console/baotapanel_console_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console_test.go rename to pkg/core/ssl-deployer/providers/baotapanel-console/baotapanel_console_test.go index 2fd4cc5b..a77549ad 100644 --- a/internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console_test.go +++ b/pkg/core/ssl-deployer/providers/baotapanel-console/baotapanel_console_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotapanel-console" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baotapanel-console" ) var ( @@ -19,7 +19,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BAOTAPANELCONSOLE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BAOTAPANELCONSOLE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -31,10 +31,10 @@ func init() { Shell command to run this test: go test -v ./baotapanel_console_test.go -args \ - --CERTIMATE_DEPLOYER_BAOTAPANELCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BAOTAPANELCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BAOTAPANELCONSOLE_SERVERURL="http://127.0.0.1:8888" \ - --CERTIMATE_DEPLOYER_BAOTAPANELCONSOLE_APIKEY="your-api-key" + --CERTIMATE_SSLDEPLOYER_BAOTAPANELCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BAOTAPANELCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BAOTAPANELCONSOLE_SERVERURL="http://127.0.0.1:8888" \ + --CERTIMATE_SSLDEPLOYER_BAOTAPANELCONSOLE_APIKEY="your-api-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -48,7 +48,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("APIKEY: %v", fApiKey), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiKey: fApiKey, AllowInsecureConnections: true, diff --git a/internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site.go b/pkg/core/ssl-deployer/providers/baotapanel-site/baotapanel_site.go similarity index 68% rename from internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site.go rename to pkg/core/ssl-deployer/providers/baotapanel-site/baotapanel_site.go index 78fc3e96..27380a39 100644 --- a/internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site.go +++ b/pkg/core/ssl-deployer/providers/baotapanel-site/baotapanel_site.go @@ -6,14 +6,13 @@ import ( "errors" "fmt" "log/slog" - "net/url" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - btsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/btpanel" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" + "github.com/certimate-go/certimate/pkg/core" + btsdk "github.com/certimate-go/certimate/pkg/sdk3rd/btpanel" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 宝塔面板服务地址。 ServerUrl string `json:"serverUrl"` // 宝塔面板接口密钥。 @@ -28,41 +27,40 @@ type DeployerConfig struct { SiteNames []string `json:"siteNames,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *btsdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) + client, err := createSDKClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { switch d.config.SiteType { case "php": { @@ -103,7 +101,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 设置站点证书 sslSetBatchCertToSiteReq := &btsdk.SSLSetBatchCertToSiteRequest{ - BatchInfo: sliceutil.Map(d.config.SiteNames, func(siteName string) *btsdk.SSLSetBatchCertToSiteRequestBatchInfo { + BatchInfo: xslices.Map(d.config.SiteNames, func(siteName string) *btsdk.SSLSetBatchCertToSiteRequestBatchInfo { return &btsdk.SSLSetBatchCertToSiteRequestBatchInfo{ SiteName: siteName, SSLHash: sslCertSaveCertResp.SSLHash, @@ -121,21 +119,17 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported site type '%s'", d.config.SiteType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(serverUrl, apiKey string, skipTlsVerify bool) (*btsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid baota server url") +func createSDKClient(serverUrl, apiKey string, skipTlsVerify bool) (*btsdk.Client, error) { + client, err := btsdk.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err } - if apiKey == "" { - return nil, errors.New("invalid baota api key") - } - - client := btsdk.NewClient(serverUrl, apiKey) if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) } return client, nil diff --git a/internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site_test.go b/pkg/core/ssl-deployer/providers/baotapanel-site/baotapanel_site_test.go similarity index 72% rename from internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site_test.go rename to pkg/core/ssl-deployer/providers/baotapanel-site/baotapanel_site_test.go index 9e4659ea..168f160e 100644 --- a/internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site_test.go +++ b/pkg/core/ssl-deployer/providers/baotapanel-site/baotapanel_site_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotapanel-site" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baotapanel-site" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BAOTAPANELSITE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BAOTAPANELSITE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./baotapanel_site_test.go -args \ - --CERTIMATE_DEPLOYER_BAOTAPANELSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BAOTAPANELSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BAOTAPANELSITE_SERVERURL="http://127.0.0.1:8888" \ - --CERTIMATE_DEPLOYER_BAOTAPANELSITE_APIKEY="your-api-key" \ - --CERTIMATE_DEPLOYER_BAOTAPANELSITE_SITETYPE="php" \ - --CERTIMATE_DEPLOYER_BAOTAPANELSITE_SITENAME="your-site-name" + --CERTIMATE_SSLDEPLOYER_BAOTAPANELSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BAOTAPANELSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BAOTAPANELSITE_SERVERURL="http://127.0.0.1:8888" \ + --CERTIMATE_SSLDEPLOYER_BAOTAPANELSITE_APIKEY="your-api-key" \ + --CERTIMATE_SSLDEPLOYER_BAOTAPANELSITE_SITETYPE="php" \ + --CERTIMATE_SSLDEPLOYER_BAOTAPANELSITE_SITENAME="your-site-name" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SITENAME: %v", fSiteName), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiKey: fApiKey, AllowInsecureConnections: true, diff --git a/pkg/core/ssl-deployer/providers/baotawaf-console/baotawaf_console.go b/pkg/core/ssl-deployer/providers/baotawaf-console/baotawaf_console.go new file mode 100644 index 00000000..81091f16 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/baotawaf-console/baotawaf_console.go @@ -0,0 +1,83 @@ +package baotapanelconsole + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + btwafsdk "github.com/certimate-go/certimate/pkg/sdk3rd/btwaf" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLDeployerProviderConfig struct { + // 堡塔云 WAF 服务地址。 + ServerUrl string `json:"serverUrl"` + // 堡塔云 WAF 接口密钥。 + ApiKey string `json:"apiKey"` + // 是否允许不安全的连接。 + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *btwafsdk.Client +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 设置面板 SSL + configSetCertReq := &btwafsdk.ConfigSetCertRequest{ + CertContent: xtypes.ToPtr(certPEM), + KeyContent: xtypes.ToPtr(privkeyPEM), + } + configSetCertResp, err := d.sdkClient.ConfigSetCert(configSetCertReq) + d.logger.Debug("sdk request 'bt.ConfigSetCert'", slog.Any("request", configSetCertReq), slog.Any("response", configSetCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'bt.ConfigSetCert': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(serverUrl, apiKey string, skipTlsVerify bool) (*btwafsdk.Client, error) { + client, err := btwafsdk.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil +} diff --git a/internal/pkg/core/deployer/providers/baotawaf-console/baotawaf_console_test.go b/pkg/core/ssl-deployer/providers/baotawaf-console/baotawaf_console_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/baotawaf-console/baotawaf_console_test.go rename to pkg/core/ssl-deployer/providers/baotawaf-console/baotawaf_console_test.go index b3804fb5..0c290518 100644 --- a/internal/pkg/core/deployer/providers/baotawaf-console/baotawaf_console_test.go +++ b/pkg/core/ssl-deployer/providers/baotawaf-console/baotawaf_console_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotawaf-console" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baotawaf-console" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BAOTAWAFCONSOLE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BAOTAWAFCONSOLE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,10 +33,10 @@ func init() { Shell command to run this test: go test -v ./baotawaf_console_test.go -args \ - --CERTIMATE_DEPLOYER_BAOTAWAFCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BAOTAWAFCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BAOTAWAFCONSOLE_SERVERURL="http://127.0.0.1:8888" \ - --CERTIMATE_DEPLOYER_BAOTAWAFCONSOLE_APIKEY="your-api-key" + --CERTIMATE_SSLDEPLOYER_BAOTAWAFCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BAOTAWAFCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BAOTAWAFCONSOLE_SERVERURL="http://127.0.0.1:8888" \ + --CERTIMATE_SSLDEPLOYER_BAOTAWAFCONSOLE_APIKEY="your-api-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -50,7 +50,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("APIKEY: %v", fApiKey), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiKey: fApiKey, AllowInsecureConnections: true, diff --git a/internal/pkg/core/deployer/providers/baotawaf-site/baotawaf_site.go b/pkg/core/ssl-deployer/providers/baotawaf-site/baotawaf_site.go similarity index 56% rename from internal/pkg/core/deployer/providers/baotawaf-site/baotawaf_site.go rename to pkg/core/ssl-deployer/providers/baotawaf-site/baotawaf_site.go index daf482ac..8955d10f 100644 --- a/internal/pkg/core/deployer/providers/baotawaf-site/baotawaf_site.go +++ b/pkg/core/ssl-deployer/providers/baotawaf-site/baotawaf_site.go @@ -6,14 +6,13 @@ import ( "errors" "fmt" "log/slog" - "net/url" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - btsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/btwaf" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + btwafsdk "github.com/certimate-go/certimate/pkg/sdk3rd/btwaf" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 堡塔云 WAF 服务地址。 ServerUrl string `json:"serverUrl"` // 堡塔云 WAF 接口密钥。 @@ -27,41 +26,40 @@ type DeployerConfig struct { SitePort int32 `json:"sitePort,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger - sdkClient *btsdk.Client + sdkClient *btwafsdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) + client, err := createSDKClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.SiteName == "" { return nil, errors.New("config `siteName` is required") } @@ -81,10 +79,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE default: } - getSiteListReq := &btsdk.GetSiteListRequest{ - SiteName: typeutil.ToPtr(d.config.SiteName), - Page: typeutil.ToPtr(getSitListPage), - PageSize: typeutil.ToPtr(getSitListPageSize), + getSiteListReq := &btwafsdk.GetSiteListRequest{ + SiteName: xtypes.ToPtr(d.config.SiteName), + Page: xtypes.ToPtr(getSitListPage), + PageSize: xtypes.ToPtr(getSitListPageSize), } getSiteListResp, err := d.sdkClient.GetSiteList(getSiteListReq) d.logger.Debug("sdk request 'bt.GetSiteList'", slog.Any("request", getSiteListReq), slog.Any("response", getSiteListResp)) @@ -112,15 +110,15 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } // 修改站点配置 - modifySiteReq := &btsdk.ModifySiteRequest{ - SiteId: siteId, - Type: typeutil.ToPtr("openCert"), - Server: &btsdk.SiteServerInfo{ - ListenSSLPorts: typeutil.ToPtr([]int32{d.config.SitePort}), - SSL: &btsdk.SiteServerSSLInfo{ - IsSSL: typeutil.ToPtr(int32(1)), - FullChain: typeutil.ToPtr(certPEM), - PrivateKey: typeutil.ToPtr(privkeyPEM), + modifySiteReq := &btwafsdk.ModifySiteRequest{ + SiteId: xtypes.ToPtr(siteId), + Type: xtypes.ToPtr("openCert"), + Server: &btwafsdk.SiteServerInfo{ + ListenSSLPorts: xtypes.ToPtr([]int32{d.config.SitePort}), + SSL: &btwafsdk.SiteServerSSLInfo{ + IsSSL: xtypes.ToPtr(int32(1)), + FullChain: xtypes.ToPtr(certPEM), + PrivateKey: xtypes.ToPtr(privkeyPEM), }, }, } @@ -130,21 +128,17 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'bt.ModifySite': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(serverUrl, apiKey string, skipTlsVerify bool) (*btsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid baota server url") +func createSDKClient(serverUrl, apiKey string, skipTlsVerify bool) (*btwafsdk.Client, error) { + client, err := btwafsdk.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err } - if apiKey == "" { - return nil, errors.New("invalid baota api key") - } - - client := btsdk.NewClient(serverUrl, apiKey) if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) } return client, nil diff --git a/internal/pkg/core/deployer/providers/baotawaf-site/baotawaf_site_test.go b/pkg/core/ssl-deployer/providers/baotawaf-site/baotawaf_site_test.go similarity index 72% rename from internal/pkg/core/deployer/providers/baotawaf-site/baotawaf_site_test.go rename to pkg/core/ssl-deployer/providers/baotawaf-site/baotawaf_site_test.go index e9b4b836..a38aae90 100644 --- a/internal/pkg/core/deployer/providers/baotawaf-site/baotawaf_site_test.go +++ b/pkg/core/ssl-deployer/providers/baotawaf-site/baotawaf_site_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotawaf-site" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baotawaf-site" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BAOTAWAFSITE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BAOTAWAFSITE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./baotawaf_site_test.go -args \ - --CERTIMATE_DEPLOYER_BAOTAWAFSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BAOTAWAFSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BAOTAWAFSITE_SERVERURL="http://127.0.0.1:8888" \ - --CERTIMATE_DEPLOYER_BAOTAWAFSITE_APIKEY="your-api-key" \ - --CERTIMATE_DEPLOYER_BAOTAWAFSITE_SITENAME="your-site-name" \ - --CERTIMATE_DEPLOYER_BAOTAWAFSITE_SITEPORT=443 + --CERTIMATE_SSLDEPLOYER_BAOTAWAFSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BAOTAWAFSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BAOTAWAFSITE_SERVERURL="http://127.0.0.1:8888" \ + --CERTIMATE_SSLDEPLOYER_BAOTAWAFSITE_APIKEY="your-api-key" \ + --CERTIMATE_SSLDEPLOYER_BAOTAWAFSITE_SITENAME="your-site-name" \ + --CERTIMATE_SSLDEPLOYER_BAOTAWAFSITE_SITEPORT=443 */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SITEPORT: %v", fSitePort), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiKey: fApiKey, AllowInsecureConnections: true, diff --git a/pkg/core/ssl-deployer/providers/bunny-cdn/bunny_cdn.go b/pkg/core/ssl-deployer/providers/bunny-cdn/bunny_cdn.go new file mode 100644 index 00000000..a86803e4 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/bunny-cdn/bunny_cdn.go @@ -0,0 +1,81 @@ +package bunnycdn + +import ( + "context" + "encoding/base64" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + bunnysdk "github.com/certimate-go/certimate/pkg/sdk3rd/bunny" +) + +type SSLDeployerProviderConfig struct { + // Bunny API Key。 + ApiKey string `json:"apiKey"` + // Bunny Pull Zone ID。 + PullZoneId string `json:"pullZoneId"` + // Bunny CDN Hostname(支持泛域名)。 + Hostname string `json:"hostname"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *bunnysdk.Client +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ApiKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.PullZoneId == "" { + return nil, fmt.Errorf("config `pullZoneId` is required") + } + if d.config.Hostname == "" { + return nil, fmt.Errorf("config `hostname` is required") + } + + // 上传证书 + createCertificateReq := &bunnysdk.AddCustomCertificateRequest{ + Hostname: d.config.Hostname, + Certificate: base64.StdEncoding.EncodeToString([]byte(certPEM)), + CertificateKey: base64.StdEncoding.EncodeToString([]byte(privkeyPEM)), + } + err := d.sdkClient.AddCustomCertificate(d.config.PullZoneId, createCertificateReq) + d.logger.Debug("sdk request 'bunny.AddCustomCertificate'", slog.Any("request", createCertificateReq)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'bunny.AddCustomCertificate': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(apiKey string) (*bunnysdk.Client, error) { + return bunnysdk.NewClient(apiKey) +} diff --git a/internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn_test.go b/pkg/core/ssl-deployer/providers/bunny-cdn/bunny_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn_test.go rename to pkg/core/ssl-deployer/providers/bunny-cdn/bunny_cdn_test.go index 83fbb0f6..64cabc96 100644 --- a/internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/bunny-cdn/bunny_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/bunny-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/bunny-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BUNNYCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BUNNYCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./bunny_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_BUNNYCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BUNNYCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BUNNYCDN_APITOKEN="your-api-token" \ - --CERTIMATE_DEPLOYER_BUNNYCDN_PULLZONEID="your-pull-zone-id" \ - --CERTIMATE_DEPLOYER_BUNNYCDN_HOSTNAME="example.com" + --CERTIMATE_SSLDEPLOYER_BUNNYCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BUNNYCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BUNNYCDN_APITOKEN="your-api-token" \ + --CERTIMATE_SSLDEPLOYER_BUNNYCDN_PULLZONEID="your-pull-zone-id" \ + --CERTIMATE_SSLDEPLOYER_BUNNYCDN_HOSTNAME="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("HOSTNAME: %v", fHostName), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ApiKey: fApiKey, PullZoneId: fPullZoneId, Hostname: fHostName, diff --git a/internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn.go b/pkg/core/ssl-deployer/providers/byteplus-cdn/byteplus_cdn.go similarity index 72% rename from internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn.go rename to pkg/core/ssl-deployer/providers/byteplus-cdn/byteplus_cdn.go index a11bbaf7..b2c4dd5d 100644 --- a/internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn.go +++ b/pkg/core/ssl-deployer/providers/byteplus-cdn/byteplus_cdn.go @@ -9,12 +9,11 @@ import ( bpcdn "github.com/byteplus-sdk/byteplus-sdk-golang/service/cdn" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/byteplus-cdn" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/byteplus-cdn" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // BytePlus AccessKey。 AccessKey string `json:"accessKey"` // BytePlus SecretKey。 @@ -23,53 +22,53 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *bpcdn.CDN - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *bpcdn.CDN + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } client := bpcdn.NewInstance() client.Client.SetAccessKey(config.AccessKey) client.Client.SetSecretKey(config.SecretKey) - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKey: config.AccessKey, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CDN - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -141,5 +140,5 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } diff --git a/internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn_test.go b/pkg/core/ssl-deployer/providers/byteplus-cdn/byteplus_cdn_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn_test.go rename to pkg/core/ssl-deployer/providers/byteplus-cdn/byteplus_cdn_test.go index 34e657cb..72c8efff 100644 --- a/internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/byteplus-cdn/byteplus_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/byteplus-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/byteplus-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BYTEPLUSCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BYTEPLUSCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./byteplus_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_BYTEPLUSCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BYTEPLUSCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BYTEPLUSCDN_ACCESSKEY="your-access-key" \ - --CERTIMATE_DEPLOYER_BYTEPLUSCDN_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_BYTEPLUSCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_BYTEPLUSCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BYTEPLUSCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BYTEPLUSCDN_ACCESSKEY="your-access-key" \ + --CERTIMATE_SSLDEPLOYER_BYTEPLUSCDN_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_BYTEPLUSCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKey: fAccessKey, SecretKey: fSecretKey, Domain: fDomain, diff --git a/pkg/core/ssl-deployer/providers/cachefly/cachefly.go b/pkg/core/ssl-deployer/providers/cachefly/cachefly.go new file mode 100644 index 00000000..431385d4 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/cachefly/cachefly.go @@ -0,0 +1,70 @@ +package cachefly + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + cacheflysdk "github.com/certimate-go/certimate/pkg/sdk3rd/cachefly" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLDeployerProviderConfig struct { + // CacheFly API Token。 + ApiToken string `json:"apiToken"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *cacheflysdk.Client +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ApiToken) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + // REF: https://api.cachefly.com/api/2.5/docs#tag/Certificates/paths/~1certificates/post + createCertificateReq := &cacheflysdk.CreateCertificateRequest{ + Certificate: xtypes.ToPtr(certPEM), + CertificateKey: xtypes.ToPtr(privkeyPEM), + } + createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) + d.logger.Debug("sdk request 'cachefly.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cachefly.CreateCertificate': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(apiToken string) (*cacheflysdk.Client, error) { + return cacheflysdk.NewClient(apiToken) +} diff --git a/internal/pkg/core/deployer/providers/cachefly/cachefly_test.go b/pkg/core/ssl-deployer/providers/cachefly/cachefly_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/cachefly/cachefly_test.go rename to pkg/core/ssl-deployer/providers/cachefly/cachefly_test.go index 802d8b49..a0ef47a0 100644 --- a/internal/pkg/core/deployer/providers/cachefly/cachefly_test.go +++ b/pkg/core/ssl-deployer/providers/cachefly/cachefly_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/cachefly" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/cachefly" ) var ( @@ -18,7 +18,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_CACHEFLY_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_CACHEFLY_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -29,9 +29,9 @@ func init() { Shell command to run this test: go test -v ./cachefly_test.go -args \ - --CERTIMATE_DEPLOYER_CACHEFLY_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_CACHEFLY_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_CACHEFLY_APITOKEN="your-api-token" + --CERTIMATE_SSLDEPLOYER_CACHEFLY_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_CACHEFLY_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_CACHEFLY_APITOKEN="your-api-token" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -44,7 +44,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("APITOKEN: %v", fApiToken), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ApiToken: fApiToken, }) if err != nil { diff --git a/internal/pkg/core/deployer/providers/cdnfly/cdnfly.go b/pkg/core/ssl-deployer/providers/cdnfly/cdnfly.go similarity index 51% rename from internal/pkg/core/deployer/providers/cdnfly/cdnfly.go rename to pkg/core/ssl-deployer/providers/cdnfly/cdnfly.go index 25fb6a54..7c04873c 100644 --- a/internal/pkg/core/deployer/providers/cdnfly/cdnfly.go +++ b/pkg/core/ssl-deployer/providers/cdnfly/cdnfly.go @@ -7,14 +7,14 @@ import ( "errors" "fmt" "log/slog" - "net/url" "time" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - cfsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/cdnfly" + "github.com/certimate-go/certimate/pkg/core" + cdnflysdk "github.com/certimate-go/certimate/pkg/sdk3rd/cdnfly" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // Cdnfly 服务地址。 ServerUrl string `json:"serverUrl"` // Cdnfly 用户端 API Key。 @@ -33,41 +33,40 @@ type DeployerConfig struct { CertificateId string `json:"certificateId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger - sdkClient *cfsdk.Client + sdkClient *cdnflysdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ServerUrl, config.ApiKey, config.ApiSecret, config.AllowInsecureConnections) + client, err := createSDKClient(config.ServerUrl, config.ApiKey, config.ApiSecret, config.AllowInsecureConnections) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 根据部署资源类型决定部署方式 switch d.config.ResourceType { case RESOURCE_TYPE_SITE: @@ -84,37 +83,34 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToSite(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToSite(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.SiteId == "" { return errors.New("config `siteId` is required") } // 获取单个网站详情 // REF: https://doc.cdnfly.cn/wangzhanguanli-v1-sites.html#%E8%8E%B7%E5%8F%96%E5%8D%95%E4%B8%AA%E7%BD%91%E7%AB%99%E8%AF%A6%E6%83%85 - getSiteReq := &cfsdk.GetSiteRequest{ - Id: d.config.SiteId, - } - getSiteResp, err := d.sdkClient.GetSite(getSiteReq) - d.logger.Debug("sdk request 'cdnfly.GetSite'", slog.Any("request", getSiteReq), slog.Any("response", getSiteResp)) + getSiteResp, err := d.sdkClient.GetSite(d.config.SiteId) + d.logger.Debug("sdk request 'cdnfly.GetSite'", slog.Any("siteId", d.config.SiteId), slog.Any("response", getSiteResp)) if err != nil { return fmt.Errorf("failed to execute sdk request 'cdnfly.GetSite': %w", err) } // 添加单个证书 // REF: https://doc.cdnfly.cn/wangzhanzhengshu-v1-certs.html#%E6%B7%BB%E5%8A%A0%E5%8D%95%E4%B8%AA%E6%88%96%E5%A4%9A%E4%B8%AA%E8%AF%81%E4%B9%A6-%E5%A4%9A%E4%B8%AA%E8%AF%81%E4%B9%A6%E6%97%B6%E6%95%B0%E6%8D%AE%E6%A0%BC%E5%BC%8F%E4%B8%BA%E6%95%B0%E7%BB%84 - createCertificateReq := &cfsdk.CreateCertificateRequest{ - Name: fmt.Sprintf("certimate-%d", time.Now().UnixMilli()), - Type: "custom", - Cert: certPEM, - Key: privkeyPEM, + createCertificateReq := &cdnflysdk.CreateCertRequest{ + Name: xtypes.ToPtr(fmt.Sprintf("certimate-%d", time.Now().UnixMilli())), + Type: xtypes.ToPtr("custom"), + Cert: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), } - createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) - d.logger.Debug("sdk request 'cdnfly.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + createCertificateResp, err := d.sdkClient.CreateCert(createCertificateReq) + d.logger.Debug("sdk request 'cdnfly.CreateCert'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) if err != nil { - return fmt.Errorf("failed to execute sdk request 'cdnfly.CreateCertificate': %w", err) + return fmt.Errorf("failed to execute sdk request 'cdnfly.CreateCert': %w", err) } // 修改单个网站 @@ -123,13 +119,11 @@ func (d *DeployerProvider) deployToSite(ctx context.Context, certPEM string, pri _ = json.Unmarshal([]byte(getSiteResp.Data.HttpsListen), &updateSiteHttpsListenMap) updateSiteHttpsListenMap["cert"] = createCertificateResp.Data updateSiteHttpsListenData, _ := json.Marshal(updateSiteHttpsListenMap) - updateSiteHttpsListen := string(updateSiteHttpsListenData) - updateSiteReq := &cfsdk.UpdateSiteRequest{ - Id: d.config.SiteId, - HttpsListen: &updateSiteHttpsListen, + updateSiteReq := &cdnflysdk.UpdateSiteRequest{ + HttpsListen: xtypes.ToPtr(string(updateSiteHttpsListenData)), } - updateSiteResp, err := d.sdkClient.UpdateSite(updateSiteReq) - d.logger.Debug("sdk request 'cdnfly.UpdateSite'", slog.Any("request", updateSiteReq), slog.Any("response", updateSiteResp)) + updateSiteResp, err := d.sdkClient.UpdateSite(d.config.SiteId, updateSiteReq) + d.logger.Debug("sdk request 'cdnfly.UpdateSite'", slog.String("siteId", d.config.SiteId), slog.Any("request", updateSiteReq), slog.Any("response", updateSiteResp)) if err != nil { return fmt.Errorf("failed to execute sdk request 'cdnfly.UpdateSite': %w", err) } @@ -137,45 +131,35 @@ func (d *DeployerProvider) deployToSite(ctx context.Context, certPEM string, pri return nil } -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.CertificateId == "" { return errors.New("config `certificateId` is required") } // 修改单个证书 // REF: https://doc.cdnfly.cn/wangzhanzhengshu-v1-certs.html#%E4%BF%AE%E6%94%B9%E5%8D%95%E4%B8%AA%E8%AF%81%E4%B9%A6 - updateCertificateType := "custom" - updateCertificateReq := &cfsdk.UpdateCertificateRequest{ - Id: d.config.CertificateId, - Type: &updateCertificateType, - Cert: &certPEM, - Key: &privkeyPEM, + updateCertReq := &cdnflysdk.UpdateCertRequest{ + Type: xtypes.ToPtr("custom"), + Cert: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), } - updateCertificateResp, err := d.sdkClient.UpdateCertificate(updateCertificateReq) - d.logger.Debug("sdk request 'cdnfly.UpdateCertificate'", slog.Any("request", updateCertificateReq), slog.Any("response", updateCertificateResp)) + updateCertResp, err := d.sdkClient.UpdateCert(d.config.CertificateId, updateCertReq) + d.logger.Debug("sdk request 'cdnfly.UpdateCert'", slog.String("certId", d.config.CertificateId), slog.Any("request", updateCertReq), slog.Any("response", updateCertResp)) if err != nil { - return fmt.Errorf("failed to execute sdk request 'cdnfly.UpdateCertificate': %w", err) + return fmt.Errorf("failed to execute sdk request 'cdnfly.UpdateCert': %w", err) } return nil } -func createSdkClient(serverUrl, apiKey, apiSecret string, skipTlsVerify bool) (*cfsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid cachefly server url") +func createSDKClient(serverUrl, apiKey, apiSecret string, skipTlsVerify bool) (*cdnflysdk.Client, error) { + client, err := cdnflysdk.NewClient(serverUrl, apiKey, apiSecret) + if err != nil { + return nil, err } - if apiKey == "" { - return nil, errors.New("invalid cachefly api key") - } - - if apiSecret == "" { - return nil, errors.New("invalid cachefly api secret") - } - - client := cfsdk.NewClient(serverUrl, apiKey, apiSecret) if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) } return client, nil diff --git a/internal/pkg/core/deployer/providers/cdnfly/cdnfly_test.go b/pkg/core/ssl-deployer/providers/cdnfly/cdnfly_test.go similarity index 73% rename from internal/pkg/core/deployer/providers/cdnfly/cdnfly_test.go rename to pkg/core/ssl-deployer/providers/cdnfly/cdnfly_test.go index 73128183..ceaa68f5 100644 --- a/internal/pkg/core/deployer/providers/cdnfly/cdnfly_test.go +++ b/pkg/core/ssl-deployer/providers/cdnfly/cdnfly_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/cdnfly" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/cdnfly" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_CDNFLY_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_CDNFLY_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./cdnfly_test.go -args \ - --CERTIMATE_DEPLOYER_CDNFLY_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_CDNFLY_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_CDNFLY_SERVERURL="http://127.0.0.1:88" \ - --CERTIMATE_DEPLOYER_CDNFLY_APIKEY="your-api-key" \ - --CERTIMATE_DEPLOYER_CDNFLY_APISECRET="your-api-secret" \ - --CERTIMATE_DEPLOYER_CDNFLY_CERTIFICATEID="your-cert-id" + --CERTIMATE_SSLDEPLOYER_CDNFLY_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_CDNFLY_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_CDNFLY_SERVERURL="http://127.0.0.1:88" \ + --CERTIMATE_SSLDEPLOYER_CDNFLY_APIKEY="your-api-key" \ + --CERTIMATE_SSLDEPLOYER_CDNFLY_APISECRET="your-api-secret" \ + --CERTIMATE_SSLDEPLOYER_CDNFLY_CERTIFICATEID="your-cert-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("CERTIFICATEID: %v", fCertificateId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiKey: fApiKey, ApiSecret: fApiSecret, diff --git a/internal/pkg/core/deployer/providers/cdnfly/consts.go b/pkg/core/ssl-deployer/providers/cdnfly/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/cdnfly/consts.go rename to pkg/core/ssl-deployer/providers/cdnfly/consts.go diff --git a/internal/pkg/core/deployer/providers/ctcccloud-ao/ctcccloud_ao.go b/pkg/core/ssl-deployer/providers/ctcccloud-ao/ctcccloud_ao.go similarity index 54% rename from internal/pkg/core/deployer/providers/ctcccloud-ao/ctcccloud_ao.go rename to pkg/core/ssl-deployer/providers/ctcccloud-ao/ctcccloud_ao.go index 027bcd69..7a78d41e 100644 --- a/internal/pkg/core/deployer/providers/ctcccloud-ao/ctcccloud_ao.go +++ b/pkg/core/ssl-deployer/providers/ctcccloud-ao/ctcccloud_ao.go @@ -6,14 +6,13 @@ import ( "fmt" "log/slog" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ctcccloud-ao" - ctyunao "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/ao" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-ao" + ctyunao "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/ao" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 天翼云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 天翼云 SecretAccessKey。 @@ -22,57 +21,56 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *ctyunao.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *ctyunao.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Domain == "" { return nil, errors.New("config `domain` is required") } - // 上传证书到 AccessOne - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -82,7 +80,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 域名基础及加速配置查询 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=113&api=13412&data=174&isNormal=1&vid=167 getDomainConfigReq := &ctyunao.GetDomainConfigRequest{ - Domain: typeutil.ToPtr(d.config.Domain), + Domain: xtypes.ToPtr(d.config.Domain), } getDomainConfigResp, err := d.sdkClient.GetDomainConfig(getDomainConfigReq) d.logger.Debug("sdk request 'cdn.GetDomainConfig'", slog.Any("request", getDomainConfigReq), slog.Any("response", getDomainConfigResp)) @@ -93,11 +91,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 域名基础及加速配置修改 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=113&api=13413&data=174&isNormal=1&vid=167 modifyDomainConfigReq := &ctyunao.ModifyDomainConfigRequest{ - Domain: typeutil.ToPtr(d.config.Domain), - ProductCode: typeutil.ToPtr(getDomainConfigResp.ReturnObj.ProductCode), + Domain: xtypes.ToPtr(d.config.Domain), + ProductCode: xtypes.ToPtr(getDomainConfigResp.ReturnObj.ProductCode), Origin: getDomainConfigResp.ReturnObj.Origin, - HttpsStatus: typeutil.ToPtr("on"), - CertName: typeutil.ToPtr(upres.CertName), + HttpsStatus: xtypes.ToPtr("on"), + CertName: xtypes.ToPtr(upres.CertName), } modifyDomainConfigResp, err := d.sdkClient.ModifyDomainConfig(modifyDomainConfigReq) d.logger.Debug("sdk request 'cdn.ModifyDomainConfig'", slog.Any("request", modifyDomainConfigReq), slog.Any("response", modifyDomainConfigResp)) @@ -105,9 +103,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cdn.ModifyDomainConfig': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, secretAccessKey string) (*ctyunao.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyunao.Client, error) { return ctyunao.NewClient(accessKeyId, secretAccessKey) } diff --git a/internal/pkg/core/deployer/providers/ctcccloud-ao/ctcccloud_ao_test.go b/pkg/core/ssl-deployer/providers/ctcccloud-ao/ctcccloud_ao_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/ctcccloud-ao/ctcccloud_ao_test.go rename to pkg/core/ssl-deployer/providers/ctcccloud-ao/ctcccloud_ao_test.go index 3cc42cb3..3fc1413f 100644 --- a/internal/pkg/core/deployer/providers/ctcccloud-ao/ctcccloud_ao_test.go +++ b/pkg/core/ssl-deployer/providers/ctcccloud-ao/ctcccloud_ao_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ctcccloud-ao" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-ao" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_CTCCCLOUDAO_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_CTCCCLOUDAO_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./ctcccloud_ao_test.go -args \ - --CERTIMATE_DEPLOYER_CTCCCLOUDAO_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDAO_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDAO_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDAO_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDAO_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDAO_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDAO_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDAO_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDAO_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDAO_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/ctcccloud-cdn/ctcccloud_cdn.go b/pkg/core/ssl-deployer/providers/ctcccloud-cdn/ctcccloud_cdn.go similarity index 54% rename from internal/pkg/core/deployer/providers/ctcccloud-cdn/ctcccloud_cdn.go rename to pkg/core/ssl-deployer/providers/ctcccloud-cdn/ctcccloud_cdn.go index 8cc9edaf..dbe2dade 100644 --- a/internal/pkg/core/deployer/providers/ctcccloud-cdn/ctcccloud_cdn.go +++ b/pkg/core/ssl-deployer/providers/ctcccloud-cdn/ctcccloud_cdn.go @@ -6,14 +6,13 @@ import ( "fmt" "log/slog" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ctcccloud-cdn" - ctyuncdn "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/cdn" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-cdn" + ctyuncdn "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/cdn" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 天翼云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 天翼云 SecretAccessKey。 @@ -22,57 +21,56 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *ctyuncdn.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *ctyuncdn.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Domain == "" { return nil, errors.New("config `domain` is required") } - // 上传证书到 CDN - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -82,7 +80,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 查询域名配置信息 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=108&api=11304&data=161&isNormal=1&vid=154 queryDomainDetailReq := &ctyuncdn.QueryDomainDetailRequest{ - Domain: typeutil.ToPtr(d.config.Domain), + Domain: xtypes.ToPtr(d.config.Domain), } queryDomainDetailResp, err := d.sdkClient.QueryDomainDetail(queryDomainDetailReq) d.logger.Debug("sdk request 'cdn.QueryDomainDetail'", slog.Any("request", queryDomainDetailReq), slog.Any("response", queryDomainDetailResp)) @@ -93,9 +91,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 修改域名配置 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=108&api=11308&data=161&isNormal=1&vid=154 updateDomainReq := &ctyuncdn.UpdateDomainRequest{ - Domain: typeutil.ToPtr(d.config.Domain), - HttpsStatus: typeutil.ToPtr("on"), - CertName: typeutil.ToPtr(upres.CertName), + Domain: xtypes.ToPtr(d.config.Domain), + HttpsStatus: xtypes.ToPtr("on"), + CertName: xtypes.ToPtr(upres.CertName), } updateDomainResp, err := d.sdkClient.UpdateDomain(updateDomainReq) d.logger.Debug("sdk request 'cdn.UpdateDomain'", slog.Any("request", updateDomainReq), slog.Any("response", updateDomainResp)) @@ -103,9 +101,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cdn.UpdateDomain': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, secretAccessKey string) (*ctyuncdn.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyuncdn.Client, error) { return ctyuncdn.NewClient(accessKeyId, secretAccessKey) } diff --git a/internal/pkg/core/deployer/providers/ctcccloud-cdn/ctcccloud_cdn_test.go b/pkg/core/ssl-deployer/providers/ctcccloud-cdn/ctcccloud_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/ctcccloud-cdn/ctcccloud_cdn_test.go rename to pkg/core/ssl-deployer/providers/ctcccloud-cdn/ctcccloud_cdn_test.go index 7a754305..de706e60 100644 --- a/internal/pkg/core/deployer/providers/ctcccloud-cdn/ctcccloud_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/ctcccloud-cdn/ctcccloud_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ctcccloud-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_CTCCCLOUDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./ctcccloud_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_CTCCCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDCDN_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Domain: fDomain, diff --git a/pkg/core/ssl-deployer/providers/ctcccloud-cms/ctcccloud_cms.go b/pkg/core/ssl-deployer/providers/ctcccloud-cms/ctcccloud_cms.go new file mode 100644 index 00000000..b7668620 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ctcccloud-cms/ctcccloud_cms.go @@ -0,0 +1,66 @@ +package ctcccloudcms + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-cms" +) + +type SSLDeployerProviderConfig struct { + // 天翼云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 天翼云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + SecretAccessKey: config.SecretAccessKey, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + return &core.SSLDeployResult{}, nil +} diff --git a/internal/pkg/core/deployer/providers/ctcccloud-cms/ctcccloud_cms_test.go b/pkg/core/ssl-deployer/providers/ctcccloud-cms/ctcccloud_cms_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/ctcccloud-cms/ctcccloud_cms_test.go rename to pkg/core/ssl-deployer/providers/ctcccloud-cms/ctcccloud_cms_test.go index 65c3dade..04b23422 100644 --- a/internal/pkg/core/deployer/providers/ctcccloud-cms/ctcccloud_cms_test.go +++ b/pkg/core/ssl-deployer/providers/ctcccloud-cms/ctcccloud_cms_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ctcccloud-cms" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-cms" ) var ( @@ -19,7 +19,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_CTCCCLOUDCMS_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_CTCCCLOUDCMS_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -31,10 +31,10 @@ func init() { Shell command to run this test: go test -v ./ctcccloud_cms_test.go -args \ - --CERTIMATE_DEPLOYER_CTCCCLOUDCMS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDCMS_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDCMS_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDCMS_SECRETACCESSKEY="your-secret-access-key" + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCMS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCMS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCMS_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCMS_SECRETACCESSKEY="your-secret-access-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -48,7 +48,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, }) diff --git a/internal/pkg/core/deployer/providers/ctcccloud-elb/consts.go b/pkg/core/ssl-deployer/providers/ctcccloud-elb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/ctcccloud-elb/consts.go rename to pkg/core/ssl-deployer/providers/ctcccloud-elb/consts.go diff --git a/internal/pkg/core/deployer/providers/ctcccloud-elb/ctcccloud_elb.go b/pkg/core/ssl-deployer/providers/ctcccloud-elb/ctcccloud_elb.go similarity index 65% rename from internal/pkg/core/deployer/providers/ctcccloud-elb/ctcccloud_elb.go rename to pkg/core/ssl-deployer/providers/ctcccloud-elb/ctcccloud_elb.go index 317f70d2..6e4375e5 100644 --- a/internal/pkg/core/deployer/providers/ctcccloud-elb/ctcccloud_elb.go +++ b/pkg/core/ssl-deployer/providers/ctcccloud-elb/ctcccloud_elb.go @@ -7,14 +7,13 @@ import ( "log/slog" "strings" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ctcccloud-elb" - ctyunelb "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/elb" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-elb" + ctyunelb "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/elb" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 天翼云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 天翼云 SecretAccessKey。 @@ -31,54 +30,53 @@ type DeployerConfig struct { ListenerId string `json:"listenerId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *ctyunelb.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *ctyunelb.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, RegionId: config.RegionId, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 ELB - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -101,10 +99,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -120,8 +118,8 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId } listListenersReq := &ctyunelb.ListListenersRequest{ - RegionID: typeutil.ToPtr(d.config.RegionId), - LoadBalancerID: typeutil.ToPtr(d.config.LoadbalancerId), + RegionID: xtypes.ToPtr(d.config.RegionId), + LoadBalancerID: xtypes.ToPtr(d.config.LoadbalancerId), } listListenersResp, err := d.sdkClient.ListListeners(listListenersReq) d.logger.Debug("sdk request 'elb.ListListeners'", slog.Any("request", listListenersReq), slog.Any("response", listListenersResp)) @@ -164,7 +162,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.ListenerId == "" { return errors.New("config `listenerId` is required") } @@ -177,13 +175,13 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { // 更新监听器 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=24&api=5652&data=88&isNormal=1&vid=82 setLoadBalancerHTTPSListenerAttributeReq := &ctyunelb.UpdateListenerRequest{ - RegionID: typeutil.ToPtr(d.config.RegionId), - ListenerID: typeutil.ToPtr(cloudListenerId), - CertificateID: typeutil.ToPtr(cloudCertId), + RegionID: xtypes.ToPtr(d.config.RegionId), + ListenerID: xtypes.ToPtr(cloudListenerId), + CertificateID: xtypes.ToPtr(cloudCertId), } setLoadBalancerHTTPSListenerAttributeResp, err := d.sdkClient.UpdateListener(setLoadBalancerHTTPSListenerAttributeReq) d.logger.Debug("sdk request 'elb.UpdateListener'", slog.Any("request", setLoadBalancerHTTPSListenerAttributeReq), slog.Any("response", setLoadBalancerHTTPSListenerAttributeResp)) @@ -194,6 +192,6 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClient(accessKeyId, secretAccessKey string) (*ctyunelb.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyunelb.Client, error) { return ctyunelb.NewClient(accessKeyId, secretAccessKey) } diff --git a/internal/pkg/core/deployer/providers/ctcccloud-elb/ctcccloud_elb_test.go b/pkg/core/ssl-deployer/providers/ctcccloud-elb/ctcccloud_elb_test.go similarity index 76% rename from internal/pkg/core/deployer/providers/ctcccloud-elb/ctcccloud_elb_test.go rename to pkg/core/ssl-deployer/providers/ctcccloud-elb/ctcccloud_elb_test.go index 86a23a2f..09c9384a 100644 --- a/internal/pkg/core/deployer/providers/ctcccloud-elb/ctcccloud_elb_test.go +++ b/pkg/core/ssl-deployer/providers/ctcccloud-elb/ctcccloud_elb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ctcccloud-elb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-elb" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_CTCCCLOUDELB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_CTCCCLOUDELB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./ctcccloud_elb_test.go -args \ - --CERTIMATE_DEPLOYER_CTCCCLOUDELB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDELB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDELB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDELB_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDELB_REGIONID="your-region-id" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDELB_LOADBALANCERID="your-elb-instance-id" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDELB_LISTENERID="your-elb-listener-id" + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDELB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDELB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDELB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDELB_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDELB_REGIONID="your-region-id" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDELB_LOADBALANCERID="your-elb-instance-id" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDELB_LISTENERID="your-elb-listener-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -59,7 +59,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LOADBALANCERID: %v", fLoadbalancerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, RegionId: fRegionId, @@ -93,7 +93,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LISTENERID: %v", fListenerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, RegionId: fRegionId, diff --git a/internal/pkg/core/deployer/providers/ctcccloud-icdn/ctcccloud_icdn.go b/pkg/core/ssl-deployer/providers/ctcccloud-icdn/ctcccloud_icdn.go similarity index 54% rename from internal/pkg/core/deployer/providers/ctcccloud-icdn/ctcccloud_icdn.go rename to pkg/core/ssl-deployer/providers/ctcccloud-icdn/ctcccloud_icdn.go index 621bd698..22f4d27b 100644 --- a/internal/pkg/core/deployer/providers/ctcccloud-icdn/ctcccloud_icdn.go +++ b/pkg/core/ssl-deployer/providers/ctcccloud-icdn/ctcccloud_icdn.go @@ -6,14 +6,13 @@ import ( "fmt" "log/slog" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ctcccloud-icdn" - ctyunicdn "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/icdn" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-icdn" + ctyunicdn "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/icdn" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 天翼云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 天翼云 SecretAccessKey。 @@ -22,57 +21,56 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *ctyunicdn.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *ctyunicdn.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Domain == "" { return nil, errors.New("config `domain` is required") } - // 上传证书到 ICDN - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -82,7 +80,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 查询域名配置信息 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=112&api=10849&data=173&isNormal=1&vid=166 queryDomainDetailReq := &ctyunicdn.QueryDomainDetailRequest{ - Domain: typeutil.ToPtr(d.config.Domain), + Domain: xtypes.ToPtr(d.config.Domain), } queryDomainDetailResp, err := d.sdkClient.QueryDomainDetail(queryDomainDetailReq) d.logger.Debug("sdk request 'icdn.QueryDomainDetail'", slog.Any("request", queryDomainDetailReq), slog.Any("response", queryDomainDetailResp)) @@ -93,9 +91,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 修改域名配置 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=112&api=10853&data=173&isNormal=1&vid=166 updateDomainReq := &ctyunicdn.UpdateDomainRequest{ - Domain: typeutil.ToPtr(d.config.Domain), - HttpsStatus: typeutil.ToPtr("on"), - CertName: typeutil.ToPtr(upres.CertName), + Domain: xtypes.ToPtr(d.config.Domain), + HttpsStatus: xtypes.ToPtr("on"), + CertName: xtypes.ToPtr(upres.CertName), } updateDomainResp, err := d.sdkClient.UpdateDomain(updateDomainReq) d.logger.Debug("sdk request 'icdn.UpdateDomain'", slog.Any("request", updateDomainReq), slog.Any("response", updateDomainResp)) @@ -103,9 +101,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'icdn.UpdateDomain': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, secretAccessKey string) (*ctyunicdn.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyunicdn.Client, error) { return ctyunicdn.NewClient(accessKeyId, secretAccessKey) } diff --git a/internal/pkg/core/deployer/providers/ctcccloud-icdn/ctcccloud_icdn_test.go b/pkg/core/ssl-deployer/providers/ctcccloud-icdn/ctcccloud_icdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/ctcccloud-icdn/ctcccloud_icdn_test.go rename to pkg/core/ssl-deployer/providers/ctcccloud-icdn/ctcccloud_icdn_test.go index df514ea6..8c7665df 100644 --- a/internal/pkg/core/deployer/providers/ctcccloud-icdn/ctcccloud_icdn_test.go +++ b/pkg/core/ssl-deployer/providers/ctcccloud-icdn/ctcccloud_icdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ctcccloud-icdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-icdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_CTCCCLOUDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./ctcccloud_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_CTCCCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDCDN_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn.go b/pkg/core/ssl-deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn.go similarity index 52% rename from internal/pkg/core/deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn.go rename to pkg/core/ssl-deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn.go index b655c697..47228dde 100644 --- a/internal/pkg/core/deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn.go +++ b/pkg/core/ssl-deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn.go @@ -6,14 +6,13 @@ import ( "fmt" "log/slog" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ctcccloud-lvdn" - ctyunlvdn "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/lvdn" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-lvdn" + ctyunlvdn "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/lvdn" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 天翼云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 天翼云 SecretAccessKey。 @@ -22,57 +21,56 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *ctyunlvdn.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *ctyunlvdn.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Domain == "" { return nil, errors.New("config `domain` is required") } - // 上传证书到 CDN - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -82,8 +80,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 查询域名配置信息 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=125&api=11473&data=183&isNormal=1&vid=261 queryDomainDetailReq := &ctyunlvdn.QueryDomainDetailRequest{ - Domain: typeutil.ToPtr(d.config.Domain), - ProductCode: typeutil.ToPtr("005"), + Domain: xtypes.ToPtr(d.config.Domain), + ProductCode: xtypes.ToPtr("005"), } queryDomainDetailResp, err := d.sdkClient.QueryDomainDetail(queryDomainDetailReq) d.logger.Debug("sdk request 'lvdn.QueryDomainDetail'", slog.Any("request", queryDomainDetailReq), slog.Any("response", queryDomainDetailResp)) @@ -94,10 +92,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 修改域名配置 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=108&api=11308&data=161&isNormal=1&vid=154 updateDomainReq := &ctyunlvdn.UpdateDomainRequest{ - Domain: typeutil.ToPtr(d.config.Domain), - ProductCode: typeutil.ToPtr("005"), - HttpsSwitch: typeutil.ToPtr(int32(1)), - CertName: typeutil.ToPtr(upres.CertName), + Domain: xtypes.ToPtr(d.config.Domain), + ProductCode: xtypes.ToPtr("005"), + HttpsSwitch: xtypes.ToPtr(int32(1)), + CertName: xtypes.ToPtr(upres.CertName), } updateDomainResp, err := d.sdkClient.UpdateDomain(updateDomainReq) d.logger.Debug("sdk request 'lvdn.UpdateDomain'", slog.Any("request", updateDomainReq), slog.Any("response", updateDomainResp)) @@ -105,9 +103,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'lvdn.UpdateDomain': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, secretAccessKey string) (*ctyunlvdn.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyunlvdn.Client, error) { return ctyunlvdn.NewClient(accessKeyId, secretAccessKey) } diff --git a/internal/pkg/core/deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go b/pkg/core/ssl-deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go rename to pkg/core/ssl-deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go index 84257a0f..0dcab6d5 100644 --- a/internal/pkg/core/deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go +++ b/pkg/core/ssl-deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ctcccloud-lvdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-lvdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_CTCCCLOUDLVDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_CTCCCLOUDLVDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./ctcccloud_lvdn_test.go -args \ - --CERTIMATE_DEPLOYER_CTCCCLOUDLVDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDLVDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDLVDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDLVDN_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_CTCCCLOUDLVDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDLVDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDLVDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDLVDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDLVDN_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDLVDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Domain: fDomain, diff --git a/pkg/core/ssl-deployer/providers/dogecloud-cdn/dogecloud_cdn.go b/pkg/core/ssl-deployer/providers/dogecloud-cdn/dogecloud_cdn.go new file mode 100644 index 00000000..4681f2a3 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/dogecloud-cdn/dogecloud_cdn.go @@ -0,0 +1,100 @@ +package dogecloudcdn + +import ( + "context" + "errors" + "fmt" + "log/slog" + "strconv" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/dogecloud" + dogesdk "github.com/certimate-go/certimate/pkg/sdk3rd/dogecloud" +) + +type SSLDeployerProviderConfig struct { + // 多吉云 AccessKey。 + AccessKey string `json:"accessKey"` + // 多吉云 SecretKey。 + SecretKey string `json:"secretKey"` + // 加速域名(不支持泛域名)。 + Domain string `json:"domain"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *dogesdk.Client + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.AccessKey, config.SecretKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKey: config.AccessKey, + SecretKey: config.SecretKey, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, fmt.Errorf("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + // 绑定证书 + // REF: https://docs.dogecloud.com/cdn/api-cert-bind + bindCdnCertId, _ := strconv.ParseInt(upres.CertId, 10, 64) + bindCdnCertReq := &dogesdk.BindCdnCertRequest{ + CertId: bindCdnCertId, + Domain: d.config.Domain, + } + bindCdnCertResp, err := d.sdkClient.BindCdnCert(bindCdnCertReq) + d.logger.Debug("sdk request 'cdn.BindCdnCert'", slog.Any("request", bindCdnCertReq), slog.Any("response", bindCdnCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cdn.BindCdnCert': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(accessKey, secretKey string) (*dogesdk.Client, error) { + return dogesdk.NewClient(accessKey, secretKey) +} diff --git a/internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn_test.go b/pkg/core/ssl-deployer/providers/dogecloud-cdn/dogecloud_cdn_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn_test.go rename to pkg/core/ssl-deployer/providers/dogecloud-cdn/dogecloud_cdn_test.go index b2484b0b..0ec9377f 100644 --- a/internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/dogecloud-cdn/dogecloud_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/dogecloud-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/dogecloud-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_DOGECLOUDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_DOGECLOUDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./dogecloud_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_DOGECLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_DOGECLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_DOGECLOUDCDN_ACCESSKEY="your-access-key" \ - --CERTIMATE_DEPLOYER_DOGECLOUDCDN_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_DOGECLOUDCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_DOGECLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_DOGECLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_DOGECLOUDCDN_ACCESSKEY="your-access-key" \ + --CERTIMATE_SSLDEPLOYER_DOGECLOUDCDN_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_DOGECLOUDCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKey: fAccessKey, SecretKey: fSecretKey, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/edgio-applications/edgio_applications.go b/pkg/core/ssl-deployer/providers/edgio-applications/edgio_applications.go similarity index 60% rename from internal/pkg/core/deployer/providers/edgio-applications/edgio_applications.go rename to pkg/core/ssl-deployer/providers/edgio-applications/edgio_applications.go index a4a60c98..9fb9ce6e 100644 --- a/internal/pkg/core/deployer/providers/edgio-applications/edgio_applications.go +++ b/pkg/core/ssl-deployer/providers/edgio-applications/edgio_applications.go @@ -2,17 +2,18 @@ package edgioapplications import ( "context" + "errors" "fmt" "log/slog" edgio "github.com/Edgio/edgio-api/applications/v7" edgiodtos "github.com/Edgio/edgio-api/applications/v7/dtos" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // Edgio ClientId。 ClientId string `json:"clientId"` // Edgio ClientSecret。 @@ -21,43 +22,42 @@ type DeployerConfig struct { EnvironmentId string `json:"environmentId"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *edgio.EdgioClient } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ClientId, config.ClientSecret) + client, err := createSDKClient(config.ClientId, config.ClientSecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 提取服务器证书和中间证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -76,10 +76,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'edgio.UploadTlsCert': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(clientId, clientSecret string) (*edgio.EdgioClient, error) { +func createSDKClient(clientId, clientSecret string) (*edgio.EdgioClient, error) { client := edgio.NewEdgioClient(clientId, clientSecret, "", "") return client, nil } diff --git a/internal/pkg/core/deployer/providers/edgio-applications/edgio_applications_test.go b/pkg/core/ssl-deployer/providers/edgio-applications/edgio_applications_test.go similarity index 69% rename from internal/pkg/core/deployer/providers/edgio-applications/edgio_applications_test.go rename to pkg/core/ssl-deployer/providers/edgio-applications/edgio_applications_test.go index 23f9c56e..26873d22 100644 --- a/internal/pkg/core/deployer/providers/edgio-applications/edgio_applications_test.go +++ b/pkg/core/ssl-deployer/providers/edgio-applications/edgio_applications_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/edgio-applications" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/edgio-applications" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_EDGIOAPPLICATIONS_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_EDGIOAPPLICATIONS_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./edgio_applications_test.go -args \ - --CERTIMATE_DEPLOYER_EDGIOAPPLICATIONS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_EDGIOAPPLICATIONS_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_EDGIOAPPLICATIONS_CLIENTID="your-client-id" \ - --CERTIMATE_DEPLOYER_EDGIOAPPLICATIONS_CLIENTSECRET="your-client-secret" \ - --CERTIMATE_DEPLOYER_EDGIOAPPLICATIONS_ENVIRONMENTID="your-enviroment-id" + --CERTIMATE_SSLDEPLOYER_EDGIOAPPLICATIONS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_EDGIOAPPLICATIONS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_EDGIOAPPLICATIONS_CLIENTID="your-client-id" \ + --CERTIMATE_SSLDEPLOYER_EDGIOAPPLICATIONS_CLIENTSECRET="your-client-secret" \ + --CERTIMATE_SSLDEPLOYER_EDGIOAPPLICATIONS_ENVIRONMENTID="your-enviroment-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("ENVIRONMENTID: %v", fEnvironmentId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ClientId: fClientId, ClientSecret: fClientSecret, EnvironmentId: fEnvironmentId, diff --git a/internal/pkg/core/deployer/providers/flexcdn/consts.go b/pkg/core/ssl-deployer/providers/flexcdn/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/flexcdn/consts.go rename to pkg/core/ssl-deployer/providers/flexcdn/consts.go diff --git a/internal/pkg/core/deployer/providers/flexcdn/flexcdn.go b/pkg/core/ssl-deployer/providers/flexcdn/flexcdn.go similarity index 62% rename from internal/pkg/core/deployer/providers/flexcdn/flexcdn.go rename to pkg/core/ssl-deployer/providers/flexcdn/flexcdn.go index 3c957071..7aa20024 100644 --- a/internal/pkg/core/deployer/providers/flexcdn/flexcdn.go +++ b/pkg/core/ssl-deployer/providers/flexcdn/flexcdn.go @@ -7,15 +7,14 @@ import ( "errors" "fmt" "log/slog" - "net/url" "time" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - flexcdnsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/flexcdn" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + flexcdnsdk "github.com/certimate-go/certimate/pkg/sdk3rd/flexcdn" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // FlexCDN 服务地址。 ServerUrl string `json:"serverUrl"` // FlexCDN 用户角色。 @@ -34,41 +33,40 @@ type DeployerConfig struct { CertificateId int64 `json:"certificateId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *flexcdnsdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ServerUrl, config.ApiRole, config.AccessKeyId, config.AccessKey, config.AllowInsecureConnections) + client, err := createSDKClient(config.ServerUrl, config.ApiRole, config.AccessKeyId, config.AccessKey, config.AllowInsecureConnections) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 根据部署资源类型决定部署方式 switch d.config.ResourceType { case RESOURCE_TYPE_CERTIFICATE: @@ -80,16 +78,16 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.CertificateId == 0 { return errors.New("config `certificateId` is required") } // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return err } @@ -119,26 +117,14 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri return nil } -func createSdkClient(serverUrl, apiRole, accessKeyId, accessKey string, skipTlsVerify bool) (*flexcdnsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid flexcdn server url") +func createSDKClient(serverUrl, apiRole, accessKeyId, accessKey string, skipTlsVerify bool) (*flexcdnsdk.Client, error) { + client, err := flexcdnsdk.NewClient(serverUrl, apiRole, accessKeyId, accessKey) + if err != nil { + return nil, err } - if apiRole != "user" && apiRole != "admin" { - return nil, errors.New("invalid flexcdn api role") - } - - if accessKeyId == "" { - return nil, errors.New("invalid flexcdn access key id") - } - - if accessKey == "" { - return nil, errors.New("invalid flexcdn access key") - } - - client := flexcdnsdk.NewClient(serverUrl, apiRole, accessKeyId, accessKey) if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) } return client, nil diff --git a/internal/pkg/core/deployer/providers/flexcdn/flexcdn_test.go b/pkg/core/ssl-deployer/providers/flexcdn/flexcdn_test.go similarity index 73% rename from internal/pkg/core/deployer/providers/flexcdn/flexcdn_test.go rename to pkg/core/ssl-deployer/providers/flexcdn/flexcdn_test.go index 6725140a..32ee801c 100644 --- a/internal/pkg/core/deployer/providers/flexcdn/flexcdn_test.go +++ b/pkg/core/ssl-deployer/providers/flexcdn/flexcdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/flexcdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/flexcdn" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_FLEXCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_FLEXCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./flexcdn_test.go -args \ - --CERTIMATE_DEPLOYER_FLEXCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_FLEXCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_FLEXCDN_SERVERURL="http://127.0.0.1:7788" \ - --CERTIMATE_DEPLOYER_FLEXCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_FLEXCDN_ACCESSKEY="your-access-key" \ - --CERTIMATE_DEPLOYER_FLEXCDN_CERTIFICATEID="your-cerficiate-id" + --CERTIMATE_SSLDEPLOYER_FLEXCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_FLEXCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_FLEXCDN_SERVERURL="http://127.0.0.1:7788" \ + --CERTIMATE_SSLDEPLOYER_FLEXCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_FLEXCDN_ACCESSKEY="your-access-key" \ + --CERTIMATE_SSLDEPLOYER_FLEXCDN_CERTIFICATEID="your-cerficiate-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("CERTIFICATEID: %v", fCertificateId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiRole: "user", AccessKeyId: fAccessKeyId, diff --git a/internal/pkg/core/deployer/providers/gcore-cdn/gcore_cdn.go b/pkg/core/ssl-deployer/providers/gcore-cdn/gcore_cdn.go similarity index 75% rename from internal/pkg/core/deployer/providers/gcore-cdn/gcore_cdn.go rename to pkg/core/ssl-deployer/providers/gcore-cdn/gcore_cdn.go index 0d652df9..a64242df 100644 --- a/internal/pkg/core/deployer/providers/gcore-cdn/gcore_cdn.go +++ b/pkg/core/ssl-deployer/providers/gcore-cdn/gcore_cdn.go @@ -12,13 +12,12 @@ import ( "github.com/G-Core/gcorelabscdn-go/resources" "github.com/G-Core/gcorelabscdn-go/sslcerts" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/gcore-cdn" - gcoresdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/gcore/common" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/gcore-cdn" + gcoresdk "github.com/certimate-go/certimate/pkg/sdk3rd/gcore" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // Gcore API Token。 ApiToken string `json:"apiToken"` // CDN 资源 ID。 @@ -28,56 +27,56 @@ type DeployerConfig struct { CertificateId int64 `json:"certificateId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClients *wSdkClients - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClients *wSDKClients + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -type wSdkClients struct { +type wSDKClients struct { Resources *resources.Service SSLCerts *sslcerts.Service } -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - clients, err := createSdkClients(config.ApiToken) + clients, err := createSDKClients(config.ApiToken) if err != nil { - return nil, fmt.Errorf("failed to create sdk clients: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ ApiToken: config.ApiToken, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClients: clients, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClients: clients, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.ResourceId == 0 { return nil, errors.New("config `resourceId` is required") } @@ -85,8 +84,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 如果原证书 ID 为空,则创建证书;否则更新证书。 var cloudCertId int64 if d.config.CertificateId == 0 { - // 上传证书到 CDN - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -153,10 +152,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'resources.Update': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClients(apiToken string) (*wSdkClients, error) { +func createSDKClients(apiToken string) (*wSDKClients, error) { if apiToken == "" { return nil, errors.New("invalid gcore api token") } @@ -167,7 +166,7 @@ func createSdkClients(apiToken string) (*wSdkClients, error) { ) resourcesSrv := resources.NewService(requester) sslCertsSrv := sslcerts.NewService(requester) - return &wSdkClients{ + return &wSDKClients{ Resources: resourcesSrv, SSLCerts: sslCertsSrv, }, nil diff --git a/internal/pkg/core/deployer/providers/gcore-cdn/gcore_cdn_test.go b/pkg/core/ssl-deployer/providers/gcore-cdn/gcore_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/gcore-cdn/gcore_cdn_test.go rename to pkg/core/ssl-deployer/providers/gcore-cdn/gcore_cdn_test.go index 808d724d..11852ced 100644 --- a/internal/pkg/core/deployer/providers/gcore-cdn/gcore_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/gcore-cdn/gcore_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/gcore-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/gcore-cdn" ) var ( @@ -19,7 +19,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_GCORECDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_GCORECDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -31,10 +31,10 @@ func init() { Shell command to run this test: go test -v ./gcore_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_GCORECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_GCORECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_GCORECDN_APITOKEN="your-api-token" \ - --CERTIMATE_DEPLOYER_GCORECDN_RESOURCEID="your-cdn-resource-id" + --CERTIMATE_SSLDEPLOYER_GCORECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_GCORECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_GCORECDN_APITOKEN="your-api-token" \ + --CERTIMATE_SSLDEPLOYER_GCORECDN_RESOURCEID="your-cdn-resource-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -48,7 +48,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("RESOURCEID: %v", fResourceId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ApiToken: fApiToken, ResourceId: fResourceId, }) diff --git a/internal/pkg/core/deployer/providers/goedge/consts.go b/pkg/core/ssl-deployer/providers/goedge/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/goedge/consts.go rename to pkg/core/ssl-deployer/providers/goedge/consts.go diff --git a/internal/pkg/core/deployer/providers/goedge/goedge.go b/pkg/core/ssl-deployer/providers/goedge/goedge.go similarity index 62% rename from internal/pkg/core/deployer/providers/goedge/goedge.go rename to pkg/core/ssl-deployer/providers/goedge/goedge.go index 0b7ff2b5..918d850a 100644 --- a/internal/pkg/core/deployer/providers/goedge/goedge.go +++ b/pkg/core/ssl-deployer/providers/goedge/goedge.go @@ -7,15 +7,14 @@ import ( "errors" "fmt" "log/slog" - "net/url" "time" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - goedgesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/goedge" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + goedgesdk "github.com/certimate-go/certimate/pkg/sdk3rd/goedge" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // GoEdge 服务地址。 ServerUrl string `json:"serverUrl"` // GoEdge 用户角色。 @@ -34,41 +33,40 @@ type DeployerConfig struct { CertificateId int64 `json:"certificateId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *goedgesdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ServerUrl, config.ApiRole, config.AccessKeyId, config.AccessKey, config.AllowInsecureConnections) + client, err := createSDKClient(config.ServerUrl, config.ApiRole, config.AccessKeyId, config.AccessKey, config.AllowInsecureConnections) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 根据部署资源类型决定部署方式 switch d.config.ResourceType { case RESOURCE_TYPE_CERTIFICATE: @@ -80,16 +78,16 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.CertificateId == 0 { return errors.New("config `certificateId` is required") } // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return err } @@ -119,26 +117,14 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri return nil } -func createSdkClient(serverUrl, apiRole, accessKeyId, accessKey string, skipTlsVerify bool) (*goedgesdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid goedge server url") +func createSDKClient(serverUrl, apiRole, accessKeyId, accessKey string, skipTlsVerify bool) (*goedgesdk.Client, error) { + client, err := goedgesdk.NewClient(serverUrl, apiRole, accessKeyId, accessKey) + if err != nil { + return nil, err } - if apiRole != "user" && apiRole != "admin" { - return nil, errors.New("invalid goedge api role") - } - - if accessKeyId == "" { - return nil, errors.New("invalid goedge access key id") - } - - if accessKey == "" { - return nil, errors.New("invalid goedge access key") - } - - client := goedgesdk.NewClient(serverUrl, apiRole, accessKeyId, accessKey) if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) } return client, nil diff --git a/internal/pkg/core/deployer/providers/goedge/goedge_test.go b/pkg/core/ssl-deployer/providers/goedge/goedge_test.go similarity index 74% rename from internal/pkg/core/deployer/providers/goedge/goedge_test.go rename to pkg/core/ssl-deployer/providers/goedge/goedge_test.go index ae03db1d..757527cb 100644 --- a/internal/pkg/core/deployer/providers/goedge/goedge_test.go +++ b/pkg/core/ssl-deployer/providers/goedge/goedge_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/goedge" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/goedge" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_GOEDGE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_GOEDGE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./goedge_test.go -args \ - --CERTIMATE_DEPLOYER_GOEDGE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_GOEDGE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_GOEDGE_SERVERURL="http://127.0.0.1:7788" \ - --CERTIMATE_DEPLOYER_GOEDGE_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_GOEDGE_ACCESSKEY="your-access-key" \ - --CERTIMATE_DEPLOYER_GOEDGE_CERTIFICATEID="your-cerficiate-id" + --CERTIMATE_SSLDEPLOYER_GOEDGE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_GOEDGE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_GOEDGE_SERVERURL="http://127.0.0.1:7788" \ + --CERTIMATE_SSLDEPLOYER_GOEDGE_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_GOEDGE_ACCESSKEY="your-access-key" \ + --CERTIMATE_SSLDEPLOYER_GOEDGE_CERTIFICATEID="your-cerficiate-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("CERTIFICATEID: %v", fCertificateId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiRole: "user", AccessKeyId: fAccessKeyId, diff --git a/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go b/pkg/core/ssl-deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go similarity index 69% rename from internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go rename to pkg/core/ssl-deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go index cbdff322..ef514c66 100644 --- a/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go +++ b/pkg/core/ssl-deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go @@ -2,6 +2,7 @@ package huaweicloudcdn import ( "context" + "errors" "fmt" "log/slog" @@ -10,13 +11,12 @@ import ( hccdnmodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/model" hccdnregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/region" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-scm" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/huaweicloud-scm" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 华为云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 华为云 SecretAccessKey。 @@ -29,59 +29,63 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *hccdn.CdnClient - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *hccdn.CdnClient + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient( + client, err := createSDKClient( config.AccessKeyId, config.SecretAccessKey, config.Region, ) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, EnterpriseProjectId: config.EnterpriseProjectId, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SCM - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, fmt.Errorf("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -91,7 +95,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 查询加速域名配置 // REF: https://support.huaweicloud.com/api-cdn/ShowDomainFullConfig.html showDomainFullConfigReq := &hccdnmodel.ShowDomainFullConfigRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(d.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(d.config.EnterpriseProjectId), DomainName: d.config.Domain, } showDomainFullConfigResp, err := d.sdkClient.ShowDomainFullConfig(showDomainFullConfigReq) @@ -106,12 +110,12 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE updateDomainMultiCertificatesReqBodyContent := &hccdnmodel.UpdateDomainMultiCertificatesRequestBodyContent{} updateDomainMultiCertificatesReqBodyContent.DomainName = d.config.Domain updateDomainMultiCertificatesReqBodyContent.HttpsSwitch = 1 - updateDomainMultiCertificatesReqBodyContent.CertificateType = typeutil.ToPtr(int32(2)) - updateDomainMultiCertificatesReqBodyContent.ScmCertificateId = typeutil.ToPtr(upres.CertId) - updateDomainMultiCertificatesReqBodyContent.CertName = typeutil.ToPtr(upres.CertName) + updateDomainMultiCertificatesReqBodyContent.CertificateType = xtypes.ToPtr(int32(2)) + updateDomainMultiCertificatesReqBodyContent.ScmCertificateId = xtypes.ToPtr(upres.CertId) + updateDomainMultiCertificatesReqBodyContent.CertName = xtypes.ToPtr(upres.CertName) updateDomainMultiCertificatesReqBodyContent = assign(updateDomainMultiCertificatesReqBodyContent, showDomainFullConfigResp.Configs) updateDomainMultiCertificatesReq := &hccdnmodel.UpdateDomainMultiCertificatesRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(d.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(d.config.EnterpriseProjectId), Body: &hccdnmodel.UpdateDomainMultiCertificatesRequestBody{ Https: updateDomainMultiCertificatesReqBodyContent, }, @@ -122,10 +126,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cdn.UploadDomainMultiCertificates': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*hccdn.CdnClient, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*hccdn.CdnClient, error) { if region == "" { region = "cn-north-1" // CDN 服务默认区域:华北一北京 } @@ -164,11 +168,11 @@ func assign(source *hccdnmodel.UpdateDomainMultiCertificatesRequestBodyContent, } if *target.OriginProtocol == "follow" { - source.AccessOriginWay = typeutil.ToPtr(int32(1)) + source.AccessOriginWay = xtypes.ToPtr(int32(1)) } else if *target.OriginProtocol == "http" { - source.AccessOriginWay = typeutil.ToPtr(int32(2)) + source.AccessOriginWay = xtypes.ToPtr(int32(2)) } else if *target.OriginProtocol == "https" { - source.AccessOriginWay = typeutil.ToPtr(int32(3)) + source.AccessOriginWay = xtypes.ToPtr(int32(3)) } if target.ForceRedirect != nil { @@ -186,7 +190,7 @@ func assign(source *hccdnmodel.UpdateDomainMultiCertificatesRequestBodyContent, if target.Https != nil { if *target.Https.Http2Status == "on" { - source.Http2 = typeutil.ToPtr(int32(1)) + source.Http2 = xtypes.ToPtr(int32(1)) } } diff --git a/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn_test.go b/pkg/core/ssl-deployer/providers/huaweicloud-cdn/huaweicloud_cdn_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn_test.go rename to pkg/core/ssl-deployer/providers/huaweicloud-cdn/huaweicloud_cdn_test.go index cb4ab1a4..fa4191be 100644 --- a/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/huaweicloud-cdn/huaweicloud_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/huaweicloud-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/huaweicloud-cdn" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_HUAWEICLOUDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_HUAWEICLOUDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./huaweicloud_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDCDN_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDCDN_REGION="cn-north-1" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDCDN_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDCDN_REGION="cn-north-1" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/huaweicloud-elb/consts.go b/pkg/core/ssl-deployer/providers/huaweicloud-elb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/huaweicloud-elb/consts.go rename to pkg/core/ssl-deployer/providers/huaweicloud-elb/consts.go diff --git a/internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb.go b/pkg/core/ssl-deployer/providers/huaweicloud-elb/huaweicloud_elb.go similarity index 82% rename from internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb.go rename to pkg/core/ssl-deployer/providers/huaweicloud-elb/huaweicloud_elb.go index 52cbcab5..a6c29e36 100644 --- a/internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb.go +++ b/pkg/core/ssl-deployer/providers/huaweicloud-elb/huaweicloud_elb.go @@ -16,13 +16,12 @@ import ( hciamregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/region" "golang.org/x/exp/slices" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-elb" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/huaweicloud-elb" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 华为云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 华为云 SecretAccessKey。 @@ -44,54 +43,54 @@ type DeployerConfig struct { ListenerId string `json:"listenerId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *hcelb.ElbClient - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *hcelb.ElbClient + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, EnterpriseProjectId: config.EnterpriseProjectId, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 根据部署资源类型决定部署方式 switch d.config.ResourceType { case RESOURCE_TYPE_CERTIFICATE: @@ -113,10 +112,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.CertificateId == "" { return errors.New("config `certificateId` is required") } @@ -127,8 +126,8 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri CertificateId: d.config.CertificateId, Body: &hcelbmodel.UpdateCertificateRequestBody{ Certificate: &hcelbmodel.UpdateCertificateOption{ - Certificate: typeutil.ToPtr(certPEM), - PrivateKey: typeutil.ToPtr(privkeyPEM), + Certificate: xtypes.ToPtr(certPEM), + PrivateKey: xtypes.ToPtr(privkeyPEM), }, }, } @@ -141,7 +140,7 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri return nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -170,13 +169,13 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPEM str } listListenersReq := &hcelbmodel.ListListenersRequest{ - Limit: typeutil.ToPtr(listListenersLimit), + Limit: xtypes.ToPtr(listListenersLimit), Marker: listListenersMarker, Protocol: &[]string{"HTTPS", "TERMINATED_HTTPS"}, LoadbalancerId: &[]string{showLoadBalancerResp.Loadbalancer.Id}, } if d.config.EnterpriseProjectId != "" { - listListenersReq.EnterpriseProjectId = typeutil.ToPtr([]string{d.config.EnterpriseProjectId}) + listListenersReq.EnterpriseProjectId = xtypes.ToPtr([]string{d.config.EnterpriseProjectId}) } listListenersResp, err := d.sdkClient.ListListeners(listListenersReq) d.logger.Debug("sdk request 'elb.ListListeners'", slog.Any("request", listListenersReq), slog.Any("response", listListenersResp)) @@ -197,8 +196,8 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPEM str } } - // 上传证书到 SCM - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -231,13 +230,13 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPEM str return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.ListenerId == "" { return errors.New("config `listenerId` is required") } - // 上传证书到 SCM - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -252,7 +251,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, certPEM string, return nil } -func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { +func (d *SSLDeployerProvider) modifyListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { // 查询监听器详情 // REF: https://support.huaweicloud.com/api-elb/ShowListener.html showListenerReq := &hcelbmodel.ShowListenerRequest{ @@ -270,7 +269,7 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL ListenerId: cloudListenerId, Body: &hcelbmodel.UpdateListenerRequestBody{ Listener: &hcelbmodel.UpdateListenerOption{ - DefaultTlsContainerRef: typeutil.ToPtr(cloudCertId), + DefaultTlsContainerRef: xtypes.ToPtr(cloudCertId), }, }, } @@ -319,7 +318,7 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL } if showListenerResp.Listener.SniMatchAlgo != "" { - updateListenerReq.Body.Listener.SniMatchAlgo = typeutil.ToPtr(showListenerResp.Listener.SniMatchAlgo) + updateListenerReq.Body.Listener.SniMatchAlgo = xtypes.ToPtr(showListenerResp.Listener.SniMatchAlgo) } } updateListenerResp, err := d.sdkClient.UpdateListener(updateListenerReq) @@ -331,7 +330,7 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcelb.ElbClient, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*hcelb.ElbClient, error) { projectId, err := getSdkProjectId(accessKeyId, secretAccessKey, region) if err != nil { return nil, err diff --git a/internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb_test.go b/pkg/core/ssl-deployer/providers/huaweicloud-elb/huaweicloud_elb_test.go similarity index 78% rename from internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb_test.go rename to pkg/core/ssl-deployer/providers/huaweicloud-elb/huaweicloud_elb_test.go index 42fee652..0dd43e17 100644 --- a/internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb_test.go +++ b/pkg/core/ssl-deployer/providers/huaweicloud-elb/huaweicloud_elb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/huaweicloud-elb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/huaweicloud-elb" ) var ( @@ -23,7 +23,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_HUAWEICLOUDELB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -39,14 +39,14 @@ func init() { Shell command to run this test: go test -v ./huaweicloud_elb_test.go -args \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDELB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDELB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDELB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDELB_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDELB_REGION="cn-north-1" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDELB_CERTIFICATEID="your-elb-cert-id" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDELB_LOADBALANCERID="your-elb-loadbalancer-id" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDELB_LISTENERID="your-elb-listener-id" + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_REGION="cn-north-1" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_CERTIFICATEID="your-elb-cert-id" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_LOADBALANCERID="your-elb-loadbalancer-id" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_LISTENERID="your-elb-listener-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -62,7 +62,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("CERTIFICATEID: %v", fCertificateId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Region: fRegion, @@ -96,7 +96,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LOADBALANCERID: %v", fLoadbalancerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Region: fRegion, @@ -130,7 +130,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LISTENERID: %v", fListenerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Region: fRegion, diff --git a/pkg/core/ssl-deployer/providers/huaweicloud-scm/huaweicloud_scm.go b/pkg/core/ssl-deployer/providers/huaweicloud-scm/huaweicloud_scm.go new file mode 100644 index 00000000..90a313d1 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/huaweicloud-scm/huaweicloud_scm.go @@ -0,0 +1,71 @@ +package huaweicloudscm + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/huaweicloud-scm" +) + +type SSLDeployerProviderConfig struct { + // 华为云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 华为云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` + // 华为云企业项目 ID。 + EnterpriseProjectId string `json:"enterpriseProjectId,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + SecretAccessKey: config.SecretAccessKey, + EnterpriseProjectId: config.EnterpriseProjectId, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + return &core.SSLDeployResult{}, nil +} diff --git a/internal/pkg/core/deployer/providers/huaweicloud-waf/consts.go b/pkg/core/ssl-deployer/providers/huaweicloud-waf/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/huaweicloud-waf/consts.go rename to pkg/core/ssl-deployer/providers/huaweicloud-waf/consts.go diff --git a/internal/pkg/core/deployer/providers/huaweicloud-waf/huaweicloud_waf.go b/pkg/core/ssl-deployer/providers/huaweicloud-waf/huaweicloud_waf.go similarity index 74% rename from internal/pkg/core/deployer/providers/huaweicloud-waf/huaweicloud_waf.go rename to pkg/core/ssl-deployer/providers/huaweicloud-waf/huaweicloud_waf.go index 8afb2049..90059488 100644 --- a/internal/pkg/core/deployer/providers/huaweicloud-waf/huaweicloud_waf.go +++ b/pkg/core/ssl-deployer/providers/huaweicloud-waf/huaweicloud_waf.go @@ -16,13 +16,12 @@ import ( hcwafmodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/model" hcwafregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/region" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-waf" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/huaweicloud-waf" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 华为云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 华为云 SecretAccessKey。 @@ -41,56 +40,56 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *hcwaf.WafClient - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *hcwaf.WafClient + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, EnterpriseProjectId: config.EnterpriseProjectId, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 WAF - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -118,10 +117,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.CertificateId == "" { return errors.New("config `certificateId` is required") } @@ -129,7 +128,7 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri // 查询证书 // REF: https://support.huaweicloud.com/api-waf/ShowCertificate.html showCertificateReq := &hcwafmodel.ShowCertificateRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(d.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(d.config.EnterpriseProjectId), CertificateId: d.config.CertificateId, } showCertificateResp, err := d.sdkClient.ShowCertificate(showCertificateReq) @@ -141,12 +140,12 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri // 更新证书 // REF: https://support.huaweicloud.com/api-waf/UpdateCertificate.html updateCertificateReq := &hcwafmodel.UpdateCertificateRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(d.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(d.config.EnterpriseProjectId), CertificateId: d.config.CertificateId, Body: &hcwafmodel.UpdateCertificateRequestBody{ Name: *showCertificateResp.Name, - Content: typeutil.ToPtr(certPEM), - Key: typeutil.ToPtr(privkeyPEM), + Content: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), }, } updateCertificateResp, err := d.sdkClient.UpdateCertificate(updateCertificateReq) @@ -158,13 +157,13 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri return nil } -func (d *DeployerProvider) deployToCloudServer(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToCloudServer(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.Domain == "" { return errors.New("config `domain` is required") } - // 上传证书到 WAF - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -184,10 +183,10 @@ func (d *DeployerProvider) deployToCloudServer(ctx context.Context, certPEM stri } listHostReq := &hcwafmodel.ListHostRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(d.config.EnterpriseProjectId), - Hostname: typeutil.ToPtr(strings.TrimPrefix(d.config.Domain, "*")), - Page: typeutil.ToPtr(listHostPage), - Pagesize: typeutil.ToPtr(listHostPageSize), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(d.config.EnterpriseProjectId), + Hostname: xtypes.ToPtr(strings.TrimPrefix(d.config.Domain, "*")), + Page: xtypes.ToPtr(listHostPage), + Pagesize: xtypes.ToPtr(listHostPageSize), } listHostResp, err := d.sdkClient.ListHost(listHostReq) d.logger.Debug("sdk request 'waf.ListHost'", slog.Any("request", listHostReq), slog.Any("response", listHostResp)) @@ -217,11 +216,11 @@ func (d *DeployerProvider) deployToCloudServer(ctx context.Context, certPEM stri // 更新云模式防护域名的配置 // REF: https://support.huaweicloud.com/api-waf/UpdateHost.html updateHostReq := &hcwafmodel.UpdateHostRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(d.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(d.config.EnterpriseProjectId), InstanceId: hostId, Body: &hcwafmodel.UpdateHostRequestBody{ - Certificateid: typeutil.ToPtr(upres.CertId), - Certificatename: typeutil.ToPtr(upres.CertName), + Certificateid: xtypes.ToPtr(upres.CertId), + Certificatename: xtypes.ToPtr(upres.CertName), }, } updateHostResp, err := d.sdkClient.UpdateHost(updateHostReq) @@ -233,13 +232,13 @@ func (d *DeployerProvider) deployToCloudServer(ctx context.Context, certPEM stri return nil } -func (d *DeployerProvider) deployToPremiumHost(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToPremiumHost(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.Domain == "" { return errors.New("config `domain` is required") } - // 上传证书到 WAF - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -259,10 +258,10 @@ func (d *DeployerProvider) deployToPremiumHost(ctx context.Context, certPEM stri } listPremiumHostReq := &hcwafmodel.ListPremiumHostRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(d.config.EnterpriseProjectId), - Hostname: typeutil.ToPtr(strings.TrimPrefix(d.config.Domain, "*")), - Page: typeutil.ToPtr(fmt.Sprintf("%d", listPremiumHostPage)), - Pagesize: typeutil.ToPtr(fmt.Sprintf("%d", listPremiumHostPageSize)), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(d.config.EnterpriseProjectId), + Hostname: xtypes.ToPtr(strings.TrimPrefix(d.config.Domain, "*")), + Page: xtypes.ToPtr(fmt.Sprintf("%d", listPremiumHostPage)), + Pagesize: xtypes.ToPtr(fmt.Sprintf("%d", listPremiumHostPageSize)), } listPremiumHostResp, err := d.sdkClient.ListPremiumHost(listPremiumHostReq) d.logger.Debug("sdk request 'waf.ListPremiumHost'", slog.Any("request", listPremiumHostReq), slog.Any("response", listPremiumHostResp)) @@ -292,11 +291,11 @@ func (d *DeployerProvider) deployToPremiumHost(ctx context.Context, certPEM stri // 修改独享模式域名配置 // REF: https://support.huaweicloud.com/api-waf/UpdatePremiumHost.html updatePremiumHostReq := &hcwafmodel.UpdatePremiumHostRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(d.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(d.config.EnterpriseProjectId), HostId: hostId, Body: &hcwafmodel.UpdatePremiumHostRequestBody{ - Certificateid: typeutil.ToPtr(upres.CertId), - Certificatename: typeutil.ToPtr(upres.CertName), + Certificateid: xtypes.ToPtr(upres.CertId), + Certificatename: xtypes.ToPtr(upres.CertName), }, } updatePremiumHostResp, err := d.sdkClient.UpdatePremiumHost(updatePremiumHostReq) @@ -308,7 +307,7 @@ func (d *DeployerProvider) deployToPremiumHost(ctx context.Context, certPEM stri return nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcwaf.WafClient, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*hcwaf.WafClient, error) { projectId, err := getSdkProjectId(accessKeyId, secretAccessKey, region) if err != nil { return nil, err diff --git a/internal/pkg/core/deployer/providers/huaweicloud-waf/huaweicloud_waf_test.go b/pkg/core/ssl-deployer/providers/huaweicloud-waf/huaweicloud_waf_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/huaweicloud-waf/huaweicloud_waf_test.go rename to pkg/core/ssl-deployer/providers/huaweicloud-waf/huaweicloud_waf_test.go index 4f6b5654..c1b7007e 100644 --- a/internal/pkg/core/deployer/providers/huaweicloud-waf/huaweicloud_waf_test.go +++ b/pkg/core/ssl-deployer/providers/huaweicloud-waf/huaweicloud_waf_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/huaweicloud-waf" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/huaweicloud-waf" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_HUAWEICLOUDWAF_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_HUAWEICLOUDWAF_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./huaweicloud_waf_test.go -args \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDWAF_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDWAF_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDWAF_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDWAF_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDWAF_REGION="cn-north-1" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDWAF_RESOURCETYPE="premium" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDWAF_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDWAF_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDWAF_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDWAF_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDWAF_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDWAF_REGION="cn-north-1" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDWAF_RESOURCETYPE="premium" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDWAF_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -59,7 +59,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("RESOURCETYPE: %v", fResourceType), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/jdcloud-alb/consts.go b/pkg/core/ssl-deployer/providers/jdcloud-alb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/jdcloud-alb/consts.go rename to pkg/core/ssl-deployer/providers/jdcloud-alb/consts.go diff --git a/internal/pkg/core/deployer/providers/jdcloud-alb/jdcloud_alb.go b/pkg/core/ssl-deployer/providers/jdcloud-alb/jdcloud_alb.go similarity index 78% rename from internal/pkg/core/deployer/providers/jdcloud-alb/jdcloud_alb.go rename to pkg/core/ssl-deployer/providers/jdcloud-alb/jdcloud_alb.go index 0f8a048d..121f1bec 100644 --- a/internal/pkg/core/deployer/providers/jdcloud-alb/jdcloud_alb.go +++ b/pkg/core/ssl-deployer/providers/jdcloud-alb/jdcloud_alb.go @@ -13,13 +13,12 @@ import ( jdlbclient "github.com/jdcloud-api/jdcloud-sdk-go/services/lb/client" jdlbmodel "github.com/jdcloud-api/jdcloud-sdk-go/services/lb/models" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/jdcloud-ssl" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/jdcloud-ssl" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 京东云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 京东云 AccessKeySecret。 @@ -39,54 +38,54 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *jdlbclient.LbClient - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *jdlbclient.LbClient + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -109,10 +108,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -188,7 +187,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.ListenerId == "" { return errors.New("config `listenerId` is required") } @@ -201,7 +200,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { // 查询监听器详情 // REF: https://docs.jdcloud.com/cn/load-balancer/api/describelistener describeListenerReq := jdlbapi.NewDescribeListenerRequest(d.config.RegionId, cloudListenerId) @@ -226,7 +225,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL } else { // 指定 SNI,需部署到扩展证书 - extCertSpecs := sliceutil.Filter(describeListenerResp.Result.Listener.ExtensionCertificateSpecs, func(extCertSpec jdlbmodel.ExtensionCertificateSpec) bool { + extCertSpecs := xslices.Filter(describeListenerResp.Result.Listener.ExtensionCertificateSpecs, func(extCertSpec jdlbmodel.ExtensionCertificateSpec) bool { return extCertSpec.Domain == d.config.Domain }) if len(extCertSpecs) == 0 { @@ -238,7 +237,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL updateListenerCertificatesReq := jdlbapi.NewUpdateListenerCertificatesRequest( d.config.RegionId, cloudListenerId, - sliceutil.Map(extCertSpecs, func(extCertSpec jdlbmodel.ExtensionCertificateSpec) jdlbmodel.ExtCertificateUpdateSpec { + xslices.Map(extCertSpecs, func(extCertSpec jdlbmodel.ExtensionCertificateSpec) jdlbmodel.ExtCertificateUpdateSpec { return jdlbmodel.ExtCertificateUpdateSpec{ CertificateBindId: extCertSpec.CertificateBindId, CertificateId: &cloudCertId, @@ -256,7 +255,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*jdlbclient.LbClient, error) { +func createSDKClient(accessKeyId, accessKeySecret string) (*jdlbclient.LbClient, error) { clientCredentials := jdcore.NewCredentials(accessKeyId, accessKeySecret) client := jdlbclient.NewLbClient(clientCredentials) client.SetLogger(jdcore.NewDefaultLogger(jdcore.LogWarn)) diff --git a/internal/pkg/core/deployer/providers/jdcloud-alb/jdcloud_alb_test.go b/pkg/core/ssl-deployer/providers/jdcloud-alb/jdcloud_alb_test.go similarity index 76% rename from internal/pkg/core/deployer/providers/jdcloud-alb/jdcloud_alb_test.go rename to pkg/core/ssl-deployer/providers/jdcloud-alb/jdcloud_alb_test.go index b6c063e2..2706ba39 100644 --- a/internal/pkg/core/deployer/providers/jdcloud-alb/jdcloud_alb_test.go +++ b/pkg/core/ssl-deployer/providers/jdcloud-alb/jdcloud_alb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/jdcloud-alb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/jdcloud-alb" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_JDCLOUDALB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_JDCLOUDALB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./jdcloud_alb_test.go -args \ - --CERTIMATE_DEPLOYER_JDCLOUDALB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_JDCLOUDALB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_JDCLOUDALB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_JDCLOUDALB_ACCESSKEYSECRET="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_JDCLOUDALB_REGION_ID="cn-north-1" \ - --CERTIMATE_DEPLOYER_JDCLOUDALB_LOADBALANCERID="your-alb-loadbalancer-id" \ - --CERTIMATE_DEPLOYER_JDCLOUDALB_LISTENERID="your-alb-listener-id" + --CERTIMATE_SSLDEPLOYER_JDCLOUDALB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDALB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDALB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDALB_ACCESSKEYSECRET="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDALB_REGION_ID="cn-north-1" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDALB_LOADBALANCERID="your-alb-loadbalancer-id" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDALB_LISTENERID="your-alb-listener-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -59,7 +59,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LOADBALANCERID: %v", fLoadbalancerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, RegionId: fRegionId, @@ -93,7 +93,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LISTENERID: %v", fListenerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, RegionId: fRegionId, diff --git a/internal/pkg/core/deployer/providers/jdcloud-cdn/jdcloud_cdn.go b/pkg/core/ssl-deployer/providers/jdcloud-cdn/jdcloud_cdn.go similarity index 62% rename from internal/pkg/core/deployer/providers/jdcloud-cdn/jdcloud_cdn.go rename to pkg/core/ssl-deployer/providers/jdcloud-cdn/jdcloud_cdn.go index 7da0000b..a552d710 100644 --- a/internal/pkg/core/deployer/providers/jdcloud-cdn/jdcloud_cdn.go +++ b/pkg/core/ssl-deployer/providers/jdcloud-cdn/jdcloud_cdn.go @@ -2,6 +2,7 @@ package jdcloudcdn import ( "context" + "errors" "fmt" "log/slog" @@ -9,12 +10,11 @@ import ( jdcdnapi "github.com/jdcloud-api/jdcloud-sdk-go/services/cdn/apis" jdcdnclient "github.com/jdcloud-api/jdcloud-sdk-go/services/cdn/client" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/jdcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/jdcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 京东云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 京东云 AccessKeySecret。 @@ -23,52 +23,56 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *jdcdnclient.CdnClient - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *jdcdnclient.CdnClient + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, fmt.Errorf("config `domain` is required") + } + // 查询域名配置信息 // REF: https://docs.jdcloud.com/cn/cdn/api/querydomainconfig queryDomainConfigReq := jdcdnapi.NewQueryDomainConfigRequest(d.config.Domain) @@ -78,8 +82,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cdn.QueryDomainConfig': %w", err) } - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -101,10 +105,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cdn.SetHttpType': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*jdcdnclient.CdnClient, error) { +func createSDKClient(accessKeyId, accessKeySecret string) (*jdcdnclient.CdnClient, error) { clientCredentials := jdcore.NewCredentials(accessKeyId, accessKeySecret) client := jdcdnclient.NewCdnClient(clientCredentials) client.SetLogger(jdcore.NewDefaultLogger(jdcore.LogWarn)) diff --git a/internal/pkg/core/deployer/providers/jdcloud-cdn/jdcloud_cdn_test.go b/pkg/core/ssl-deployer/providers/jdcloud-cdn/jdcloud_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/jdcloud-cdn/jdcloud_cdn_test.go rename to pkg/core/ssl-deployer/providers/jdcloud-cdn/jdcloud_cdn_test.go index 1bed5d15..2ecd406b 100644 --- a/internal/pkg/core/deployer/providers/jdcloud-cdn/jdcloud_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/jdcloud-cdn/jdcloud_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/jdcloud-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/jdcloud-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_JDCLOUDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_JDCLOUDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./jdcloud_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_JDCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_JDCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_JDCLOUDCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_JDCLOUDCDN_ACCESSKEYSECRET="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_JDCLOUDCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_JDCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDCDN_ACCESSKEYSECRET="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/jdcloud-live/jdcloud_live.go b/pkg/core/ssl-deployer/providers/jdcloud-live/jdcloud_live.go similarity index 64% rename from internal/pkg/core/deployer/providers/jdcloud-live/jdcloud_live.go rename to pkg/core/ssl-deployer/providers/jdcloud-live/jdcloud_live.go index 666ce101..19e22df0 100644 --- a/internal/pkg/core/deployer/providers/jdcloud-live/jdcloud_live.go +++ b/pkg/core/ssl-deployer/providers/jdcloud-live/jdcloud_live.go @@ -2,17 +2,17 @@ package jdcloudlive import ( "context" + "errors" "fmt" "log/slog" + "github.com/certimate-go/certimate/pkg/core" jdcore "github.com/jdcloud-api/jdcloud-sdk-go/core" jdliveapi "github.com/jdcloud-api/jdcloud-sdk-go/services/live/apis" jdliveclient "github.com/jdcloud-api/jdcloud-sdk-go/services/live/client" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 京东云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 京东云 AccessKeySecret。 @@ -21,41 +21,44 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *jdliveclient.LiveClient } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, fmt.Errorf("config `domain` is required") + } + // 设置直播证书 // REF: https://docs.jdcloud.com/cn/live-video/api/setlivedomaincertificate setLiveDomainCertificateReq := jdliveapi.NewSetLiveDomainCertificateRequest(d.config.Domain, "on") @@ -67,10 +70,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'live.SetLiveDomainCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*jdliveclient.LiveClient, error) { +func createSDKClient(accessKeyId, accessKeySecret string) (*jdliveclient.LiveClient, error) { clientCredentials := jdcore.NewCredentials(accessKeyId, accessKeySecret) client := jdliveclient.NewLiveClient(clientCredentials) client.SetLogger(jdcore.NewDefaultLogger(jdcore.LogWarn)) diff --git a/internal/pkg/core/deployer/providers/jdcloud-live/jdcloud_live_test.go b/pkg/core/ssl-deployer/providers/jdcloud-live/jdcloud_live_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/jdcloud-live/jdcloud_live_test.go rename to pkg/core/ssl-deployer/providers/jdcloud-live/jdcloud_live_test.go index d544690d..4853dde5 100644 --- a/internal/pkg/core/deployer/providers/jdcloud-live/jdcloud_live_test.go +++ b/pkg/core/ssl-deployer/providers/jdcloud-live/jdcloud_live_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/jdcloud-live" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/jdcloud-live" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_JDCLOUDLIVE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_JDCLOUDLIVE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./jdcloud_live_test.go -args \ - --CERTIMATE_DEPLOYER_JDCLOUDLIVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_JDCLOUDLIVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_JDCLOUDLIVE_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_JDCLOUDLIVE_ACCESSKEYSECRET="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_JDCLOUDLIVE_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_JDCLOUDLIVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDLIVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDLIVE_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDLIVE_ACCESSKEYSECRET="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDLIVE_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/jdcloud-vod/jdcloud_vod.go b/pkg/core/ssl-deployer/providers/jdcloud-vod/jdcloud_vod.go similarity index 79% rename from internal/pkg/core/deployer/providers/jdcloud-vod/jdcloud_vod.go rename to pkg/core/ssl-deployer/providers/jdcloud-vod/jdcloud_vod.go index 19e5e286..c244492f 100644 --- a/internal/pkg/core/deployer/providers/jdcloud-vod/jdcloud_vod.go +++ b/pkg/core/ssl-deployer/providers/jdcloud-vod/jdcloud_vod.go @@ -8,14 +8,13 @@ import ( "strconv" "time" + "github.com/certimate-go/certimate/pkg/core" jdcore "github.com/jdcloud-api/jdcloud-sdk-go/core" jdvodapi "github.com/jdcloud-api/jdcloud-sdk-go/services/vod/apis" jdvodclient "github.com/jdcloud-api/jdcloud-sdk-go/services/vod/client" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 京东云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 京东云 AccessKeySecret。 @@ -24,41 +23,40 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *jdvodclient.VodClient } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 查询域名列表 // REF: https://docs.jdcloud.com/cn/video-on-demand/api/listdomains var domainId int @@ -121,10 +119,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'vod.SetHttpSsl': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*jdvodclient.VodClient, error) { +func createSDKClient(accessKeyId, accessKeySecret string) (*jdvodclient.VodClient, error) { clientCredentials := jdcore.NewCredentials(accessKeyId, accessKeySecret) client := jdvodclient.NewVodClient(clientCredentials) client.SetLogger(jdcore.NewDefaultLogger(jdcore.LogWarn)) diff --git a/internal/pkg/core/deployer/providers/jdcloud-vod/jdcloud_vod_test.go b/pkg/core/ssl-deployer/providers/jdcloud-vod/jdcloud_vod_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/jdcloud-vod/jdcloud_vod_test.go rename to pkg/core/ssl-deployer/providers/jdcloud-vod/jdcloud_vod_test.go index b8c38b1d..c0993320 100644 --- a/internal/pkg/core/deployer/providers/jdcloud-vod/jdcloud_vod_test.go +++ b/pkg/core/ssl-deployer/providers/jdcloud-vod/jdcloud_vod_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/jdcloud-vod" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/jdcloud-vod" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_JDCLOUDVOD_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_JDCLOUDVOD_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./jdcloud_vod_test.go -args \ - --CERTIMATE_DEPLOYER_JDCLOUDVOD_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_JDCLOUDVOD_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_JDCLOUDVOD_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_JDCLOUDVOD_ACCESSKEYSECRET="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_JDCLOUDVOD_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_JDCLOUDVOD_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDVOD_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDVOD_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDVOD_ACCESSKEYSECRET="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDVOD_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/k8s-secret/k8s_secret.go b/pkg/core/ssl-deployer/providers/k8s-secret/k8s_secret.go similarity index 85% rename from internal/pkg/core/deployer/providers/k8s-secret/k8s_secret.go rename to pkg/core/ssl-deployer/providers/k8s-secret/k8s_secret.go index e51bfcd8..e9a16683 100644 --- a/internal/pkg/core/deployer/providers/k8s-secret/k8s_secret.go +++ b/pkg/core/ssl-deployer/providers/k8s-secret/k8s_secret.go @@ -13,11 +13,11 @@ import ( "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // kubeconfig 文件内容。 KubeConfig string `json:"kubeConfig,omitempty"` // Kubernetes 命名空间。 @@ -32,34 +32,33 @@ type DeployerConfig struct { SecretDataKeyForKey string `json:"secretDataKeyForKey,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - return &DeployerProvider{ + return &SSLDeployerProvider{ logger: slog.Default(), config: config, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Namespace == "" { return nil, errors.New("config `namespace` is required") } @@ -76,7 +75,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, errors.New("config `secretDataKeyForKey` is required") } - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -119,7 +118,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE if err != nil { return nil, fmt.Errorf("failed to create k8s secret: %w", err) } else { - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } } @@ -143,7 +142,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to update k8s secret: %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } func createK8sClient(kubeConfig string) (*kubernetes.Clientset, error) { diff --git a/internal/pkg/core/deployer/providers/k8s-secret/k8s_secret_test.go b/pkg/core/ssl-deployer/providers/k8s-secret/k8s_secret_test.go similarity index 73% rename from internal/pkg/core/deployer/providers/k8s-secret/k8s_secret_test.go rename to pkg/core/ssl-deployer/providers/k8s-secret/k8s_secret_test.go index 90bdf4ab..827bfb07 100644 --- a/internal/pkg/core/deployer/providers/k8s-secret/k8s_secret_test.go +++ b/pkg/core/ssl-deployer/providers/k8s-secret/k8s_secret_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/k8s-secret" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/k8s-secret" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_K8SSECRET_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_K8SSECRET_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./k8s_secret_test.go -args \ - --CERTIMATE_DEPLOYER_K8SSECRET_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_K8SSECRET_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_K8SSECRET_NAMESPACE="default" \ - --CERTIMATE_DEPLOYER_K8SSECRET_SECRETNAME="secret" \ - --CERTIMATE_DEPLOYER_K8SSECRET_SECRETDATAKEYFORCRT="tls.crt" \ - --CERTIMATE_DEPLOYER_K8SSECRET_SECRETDATAKEYFORKEY="tls.key" + --CERTIMATE_SSLDEPLOYER_K8SSECRET_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_K8SSECRET_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_K8SSECRET_NAMESPACE="default" \ + --CERTIMATE_SSLDEPLOYER_K8SSECRET_SECRETNAME="secret" \ + --CERTIMATE_SSLDEPLOYER_K8SSECRET_SECRETDATAKEYFORCRT="tls.crt" \ + --CERTIMATE_SSLDEPLOYER_K8SSECRET_SECRETDATAKEYFORKEY="tls.key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SECRETDATAKEYFORKEY: %v", fSecretDataKeyForKey), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ Namespace: fNamespace, SecretName: fSecretName, SecretDataKeyForCrt: fSecretDataKeyForCrt, diff --git a/internal/pkg/core/deployer/providers/lecdn/consts.go b/pkg/core/ssl-deployer/providers/lecdn/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/lecdn/consts.go rename to pkg/core/ssl-deployer/providers/lecdn/consts.go diff --git a/pkg/core/ssl-deployer/providers/lecdn/lecdn.go b/pkg/core/ssl-deployer/providers/lecdn/lecdn.go new file mode 100644 index 00000000..0cc130ce --- /dev/null +++ b/pkg/core/ssl-deployer/providers/lecdn/lecdn.go @@ -0,0 +1,174 @@ +package lecdn + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "log/slog" + "time" + + "github.com/certimate-go/certimate/pkg/core" + leclientsdkv3 "github.com/certimate-go/certimate/pkg/sdk3rd/lecdn/client-v3" + lemastersdkv3 "github.com/certimate-go/certimate/pkg/sdk3rd/lecdn/master-v3" +) + +type SSLDeployerProviderConfig struct { + // LeCDN 服务地址。 + ServerUrl string `json:"serverUrl"` + // LeCDN 版本。 + // 可取值 "v3"。 + ApiVersion string `json:"apiVersion"` + // LeCDN 用户角色。 + // 可取值 "client"、"master"。 + ApiRole string `json:"apiRole"` + // LeCDN 用户名。 + Username string `json:"accessKeyId"` + // LeCDN 用户密码。 + Password string `json:"accessKey"` + // 是否允许不安全的连接。 + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` + // 部署资源类型。 + ResourceType ResourceType `json:"resourceType"` + // 证书 ID。 + // 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时必填。 + CertificateId int64 `json:"certificateId,omitempty"` + // 客户 ID。 + // 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时选填。 + ClientId int64 `json:"clientId,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient any +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ServerUrl, config.ApiVersion, config.ApiRole, config.Username, config.Password, config.AllowInsecureConnections) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 根据部署资源类型决定部署方式 + switch d.config.ResourceType { + case RESOURCE_TYPE_CERTIFICATE: + if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil { + return nil, err + } + + default: + return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) + } + + return &core.SSLDeployResult{}, nil +} + +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { + if d.config.CertificateId == 0 { + return errors.New("config `certificateId` is required") + } + + // 修改证书 + // REF: https://wdk0pwf8ul.feishu.cn/wiki/YE1XwCRIHiLYeKkPupgcXrlgnDd + switch sdkClient := d.sdkClient.(type) { + case *leclientsdkv3.Client: + { + updateSSLCertReq := &leclientsdkv3.UpdateCertificateRequest{ + Name: fmt.Sprintf("certimate-%d", time.Now().UnixMilli()), + Description: "upload from certimate", + Type: "upload", + SSLPEM: certPEM, + SSLKey: privkeyPEM, + AutoRenewal: false, + } + updateSSLCertResp, err := sdkClient.UpdateCertificate(d.config.CertificateId, updateSSLCertReq) + d.logger.Debug("sdk request 'lecdn.UpdateCertificate'", slog.Int64("certId", d.config.CertificateId), slog.Any("request", updateSSLCertReq), slog.Any("response", updateSSLCertResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request 'lecdn.UpdateCertificate': %w", err) + } + } + + case *lemastersdkv3.Client: + { + updateSSLCertReq := &lemastersdkv3.UpdateCertificateRequest{ + ClientId: d.config.ClientId, + Name: fmt.Sprintf("certimate-%d", time.Now().UnixMilli()), + Description: "upload from certimate", + Type: "upload", + SSLPEM: certPEM, + SSLKey: privkeyPEM, + AutoRenewal: false, + } + updateSSLCertResp, err := sdkClient.UpdateCertificate(d.config.CertificateId, updateSSLCertReq) + d.logger.Debug("sdk request 'lecdn.UpdateCertificate'", slog.Int64("certId", d.config.CertificateId), slog.Any("request", updateSSLCertReq), slog.Any("response", updateSSLCertResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request 'lecdn.UpdateCertificate': %w", err) + } + } + + default: + panic("sdk client is not implemented") + } + + return nil +} + +const ( + sdkVersionV3 = "v3" + + sdkRoleClient = "client" + sdkRoleMaster = "master" +) + +func createSDKClient(serverUrl, apiVersion, apiRole, username, password string, skipTlsVerify bool) (any, error) { + if apiVersion == sdkVersionV3 && apiRole == sdkRoleClient { + // v3 版客户端 + client, err := leclientsdkv3.NewClient(serverUrl, username, password) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil + } else if apiVersion == sdkVersionV3 && apiRole == sdkRoleMaster { + // v3 版主控端 + client, err := lemastersdkv3.NewClient(serverUrl, username, password) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil + } + + return nil, fmt.Errorf("invalid lecdn api version or user role") +} diff --git a/internal/pkg/core/deployer/providers/lecdn/lecdn_test.go b/pkg/core/ssl-deployer/providers/lecdn/lecdn_test.go similarity index 76% rename from internal/pkg/core/deployer/providers/lecdn/lecdn_test.go rename to pkg/core/ssl-deployer/providers/lecdn/lecdn_test.go index fda880c4..a94db0bd 100644 --- a/internal/pkg/core/deployer/providers/lecdn/lecdn_test.go +++ b/pkg/core/ssl-deployer/providers/lecdn/lecdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/lecdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/lecdn" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_LECDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_LECDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,12 +37,12 @@ func init() { Shell command to run this test: go test -v ./lecdn_test.go -args \ - --CERTIMATE_DEPLOYER_LECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_LECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_LECDN_SERVERURL="http://127.0.0.1:5090" \ - --CERTIMATE_DEPLOYER_LECDN_USERNAME="your-username" \ - --CERTIMATE_DEPLOYER_LECDN_PASSWORD="your-password" \ - --CERTIMATE_DEPLOYER_LECDN_CERTIFICATEID="your-cerficiate-id" + --CERTIMATE_SSLDEPLOYER_LECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_LECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_LECDN_SERVERURL="http://127.0.0.1:5090" \ + --CERTIMATE_SSLDEPLOYER_LECDN_USERNAME="your-username" \ + --CERTIMATE_SSLDEPLOYER_LECDN_PASSWORD="your-password" \ + --CERTIMATE_SSLDEPLOYER_LECDN_CERTIFICATEID="your-cerficiate-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -59,7 +59,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("CERTIFICATEID: %v", fCertificateId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiVersion: fApiVersion, ApiRole: "user", diff --git a/internal/pkg/core/deployer/providers/local/defines.go b/pkg/core/ssl-deployer/providers/local/defines.go similarity index 100% rename from internal/pkg/core/deployer/providers/local/defines.go rename to pkg/core/ssl-deployer/providers/local/defines.go diff --git a/internal/pkg/core/deployer/providers/local/local.go b/pkg/core/ssl-deployer/providers/local/local.go similarity index 75% rename from internal/pkg/core/deployer/providers/local/local.go rename to pkg/core/ssl-deployer/providers/local/local.go index 0b71da8a..bdb89a16 100644 --- a/internal/pkg/core/deployer/providers/local/local.go +++ b/pkg/core/ssl-deployer/providers/local/local.go @@ -3,17 +3,18 @@ package local import ( "bytes" "context" + "errors" "fmt" "log/slog" "os/exec" "runtime" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - fileutil "github.com/usual2970/certimate/internal/pkg/utils/file" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xfile "github.com/certimate-go/certimate/pkg/utils/file" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // Shell 执行环境。 // 零值时根据操作系统决定。 ShellEnv ShellEnvType `json:"shellEnv,omitempty"` @@ -47,36 +48,35 @@ type DeployerConfig struct { JksStorepass string `json:"jksStorepass,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 提取服务器证书和中间证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -93,50 +93,50 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 写入证书和私钥文件 switch d.config.OutputFormat { case OUTPUT_FORMAT_PEM: - if err := fileutil.WriteString(d.config.OutputCertPath, certPEM); err != nil { + if err := xfile.WriteString(d.config.OutputCertPath, certPEM); err != nil { return nil, fmt.Errorf("failed to save certificate file: %w", err) } d.logger.Info("ssl certificate file saved", slog.String("path", d.config.OutputCertPath)) if d.config.OutputServerCertPath != "" { - if err := fileutil.WriteString(d.config.OutputServerCertPath, serverCertPEM); err != nil { + if err := xfile.WriteString(d.config.OutputServerCertPath, serverCertPEM); err != nil { return nil, fmt.Errorf("failed to save server certificate file: %w", err) } d.logger.Info("ssl server certificate file saved", slog.String("path", d.config.OutputServerCertPath)) } if d.config.OutputIntermediaCertPath != "" { - if err := fileutil.WriteString(d.config.OutputIntermediaCertPath, intermediaCertPEM); err != nil { + if err := xfile.WriteString(d.config.OutputIntermediaCertPath, intermediaCertPEM); err != nil { return nil, fmt.Errorf("failed to save intermedia certificate file: %w", err) } d.logger.Info("ssl intermedia certificate file saved", slog.String("path", d.config.OutputIntermediaCertPath)) } - if err := fileutil.WriteString(d.config.OutputKeyPath, privkeyPEM); err != nil { + if err := xfile.WriteString(d.config.OutputKeyPath, privkeyPEM); err != nil { return nil, fmt.Errorf("failed to save private key file: %w", err) } d.logger.Info("ssl private key file saved", slog.String("path", d.config.OutputKeyPath)) case OUTPUT_FORMAT_PFX: - pfxData, err := certutil.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, d.config.PfxPassword) + pfxData, err := xcert.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, d.config.PfxPassword) if err != nil { return nil, fmt.Errorf("failed to transform certificate to PFX: %w", err) } d.logger.Info("ssl certificate transformed to pfx") - if err := fileutil.Write(d.config.OutputCertPath, pfxData); err != nil { + if err := xfile.Write(d.config.OutputCertPath, pfxData); err != nil { return nil, fmt.Errorf("failed to save certificate file: %w", err) } d.logger.Info("ssl certificate file saved", slog.String("path", d.config.OutputCertPath)) case OUTPUT_FORMAT_JKS: - jksData, err := certutil.TransformCertificateFromPEMToJKS(certPEM, privkeyPEM, d.config.JksAlias, d.config.JksKeypass, d.config.JksStorepass) + jksData, err := xcert.TransformCertificateFromPEMToJKS(certPEM, privkeyPEM, d.config.JksAlias, d.config.JksKeypass, d.config.JksStorepass) if err != nil { return nil, fmt.Errorf("failed to transform certificate to JKS: %w", err) } d.logger.Info("ssl certificate transformed to jks") - if err := fileutil.Write(d.config.OutputCertPath, jksData); err != nil { + if err := xfile.Write(d.config.OutputCertPath, jksData); err != nil { return nil, fmt.Errorf("failed to save certificate file: %w", err) } d.logger.Info("ssl certificate file saved", slog.String("path", d.config.OutputCertPath)) @@ -154,7 +154,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } func execCommand(shellEnv ShellEnvType, command string) (string, string, error) { diff --git a/internal/pkg/core/deployer/providers/local/local_test.go b/pkg/core/ssl-deployer/providers/local/local_test.go similarity index 81% rename from internal/pkg/core/deployer/providers/local/local_test.go rename to pkg/core/ssl-deployer/providers/local/local_test.go index 4225864b..a100d22d 100644 --- a/internal/pkg/core/deployer/providers/local/local_test.go +++ b/pkg/core/ssl-deployer/providers/local/local_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/local" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/local" ) var ( @@ -26,7 +26,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_LOCAL_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_LOCAL_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -45,17 +45,17 @@ func init() { Shell command to run this test: go test -v ./local_test.go -args \ - --CERTIMATE_DEPLOYER_LOCAL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_LOCAL_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_LOCAL_OUTPUTCERTPATH="/path/to/your-output-cert" \ - --CERTIMATE_DEPLOYER_LOCAL_OUTPUTKEYPATH="/path/to/your-output-key" \ - --CERTIMATE_DEPLOYER_LOCAL_PFXPASSWORD="your-pfx-password" \ - --CERTIMATE_DEPLOYER_LOCAL_JKSALIAS="your-jks-alias" \ - --CERTIMATE_DEPLOYER_LOCAL_JKSKEYPASS="your-jks-keypass" \ - --CERTIMATE_DEPLOYER_LOCAL_JKSSTOREPASS="your-jks-storepass" \ - --CERTIMATE_DEPLOYER_LOCAL_SHELLENV="sh" \ - --CERTIMATE_DEPLOYER_LOCAL_PRECOMMAND="echo 'hello world'" \ - --CERTIMATE_DEPLOYER_LOCAL_POSTCOMMAND="echo 'bye-bye world'" + --CERTIMATE_SSLDEPLOYER_LOCAL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_OUTPUTCERTPATH="/path/to/your-output-cert" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_OUTPUTKEYPATH="/path/to/your-output-key" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_PFXPASSWORD="your-pfx-password" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_JKSALIAS="your-jks-alias" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_JKSKEYPASS="your-jks-keypass" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_JKSSTOREPASS="your-jks-storepass" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_SHELLENV="sh" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_PRECOMMAND="echo 'hello world'" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_POSTCOMMAND="echo 'bye-bye world'" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -72,7 +72,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("POSTCOMMAND: %v", fPostCommand), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ OutputFormat: provider.OUTPUT_FORMAT_PEM, OutputCertPath: fOutputCertPath + ".pem", OutputKeyPath: fOutputKeyPath + ".pem", @@ -123,7 +123,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("PFXPASSWORD: %v", fPfxPassword), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ OutputFormat: provider.OUTPUT_FORMAT_PFX, OutputCertPath: fOutputCertPath + ".pfx", PfxPassword: fPfxPassword, @@ -164,7 +164,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("JKSSTOREPASS: %v", fJksStorepass), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ OutputFormat: provider.OUTPUT_FORMAT_JKS, OutputCertPath: fOutputCertPath + ".jks", JksAlias: fJksAlias, diff --git a/internal/pkg/core/deployer/providers/netlify-site/netlify_site.go b/pkg/core/ssl-deployer/providers/netlify-site/netlify_site.go similarity index 56% rename from internal/pkg/core/deployer/providers/netlify-site/netlify_site.go rename to pkg/core/ssl-deployer/providers/netlify-site/netlify_site.go index 3b2072d7..27e4f3e9 100644 --- a/internal/pkg/core/deployer/providers/netlify-site/netlify_site.go +++ b/pkg/core/ssl-deployer/providers/netlify-site/netlify_site.go @@ -6,59 +6,58 @@ import ( "fmt" "log/slog" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - netlifysdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/netlify" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + netlifysdk "github.com/certimate-go/certimate/pkg/sdk3rd/netlify" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // netlify API Token。 ApiToken string `json:"apiToken"` // netlify 网站 ID。 SiteId string `json:"siteId"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *netlifysdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ApiToken) + client, err := createSDKClient(config.ApiToken) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.SiteId == "" { return nil, errors.New("config `siteId` is required") } // 提取服务器证书和中间证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -76,14 +75,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'netlify.provisionSiteTLSCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(apiToken string) (*netlifysdk.Client, error) { - if apiToken == "" { - return nil, errors.New("invalid netlify api token") - } - - client := netlifysdk.NewClient(apiToken) - return client, nil +func createSDKClient(apiToken string) (*netlifysdk.Client, error) { + return netlifysdk.NewClient(apiToken) } diff --git a/internal/pkg/core/deployer/providers/netlify-site/netlify_site_test.go b/pkg/core/ssl-deployer/providers/netlify-site/netlify_site_test.go similarity index 66% rename from internal/pkg/core/deployer/providers/netlify-site/netlify_site_test.go rename to pkg/core/ssl-deployer/providers/netlify-site/netlify_site_test.go index eb4a447c..97c58797 100644 --- a/internal/pkg/core/deployer/providers/netlify-site/netlify_site_test.go +++ b/pkg/core/ssl-deployer/providers/netlify-site/netlify_site_test.go @@ -8,33 +8,33 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/netlify-site" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/netlify-site" ) var ( fInputCertPath string fInputKeyPath string fApiToken string - fSiteId int64 + fSiteId string ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_NETLIFYSITE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_NETLIFYSITE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") flag.StringVar(&fApiToken, argsPrefix+"APITOKEN", "", "") - flag.Int64Var(&fSiteId, argsPrefix+"SITEID", 0, "") + flag.StringVar(&fSiteId, argsPrefix+"SITEID", "", "") } /* Shell command to run this test: go test -v ./netlify_site_test.go -args \ - --CERTIMATE_DEPLOYER_NETLIFYSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_NETLIFYSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_NETLIFYSITE_APITOKEN="your-api-token" \ - --CERTIMATE_DEPLOYER_NETLIFYSITE_SITEID="your-site-id" + --CERTIMATE_SSLDEPLOYER_NETLIFYSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_NETLIFYSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_NETLIFYSITE_APITOKEN="your-api-token" \ + --CERTIMATE_SSLDEPLOYER_NETLIFYSITE_SITEID="your-site-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -48,7 +48,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SITEID: %v", fSiteId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ApiToken: fApiToken, SiteId: fSiteId, }) diff --git a/internal/pkg/core/deployer/providers/proxmoxve/proxmoxve.go b/pkg/core/ssl-deployer/providers/proxmoxve/proxmoxve.go similarity index 71% rename from internal/pkg/core/deployer/providers/proxmoxve/proxmoxve.go rename to pkg/core/ssl-deployer/providers/proxmoxve/proxmoxve.go index 670ba02c..37a02a5d 100644 --- a/internal/pkg/core/deployer/providers/proxmoxve/proxmoxve.go +++ b/pkg/core/ssl-deployer/providers/proxmoxve/proxmoxve.go @@ -12,11 +12,11 @@ import ( "github.com/luthermonson/go-proxmox" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - httputil "github.com/usual2970/certimate/internal/pkg/utils/http" + "github.com/certimate-go/certimate/pkg/core" + xhttp "github.com/certimate-go/certimate/pkg/utils/http" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // Proxmox VE 服务地址。 ServerUrl string `json:"serverUrl"` // Proxmox VE API Token。 @@ -31,41 +31,40 @@ type DeployerConfig struct { AutoRestart bool `json:"autoRestart"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *proxmox.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ServerUrl, config.ApiToken, config.ApiTokenSecret, config.AllowInsecureConnections) + client, err := createSDKClient(config.ServerUrl, config.ApiToken, config.ApiTokenSecret, config.AllowInsecureConnections) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.NodeName == "" { return nil, errors.New("config `nodeName` is required") } @@ -89,10 +88,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to upload custom certificate to node '%s': %w", node.Name, err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(serverUrl, apiToken, apiTokenSecret string, skipTlsVerify bool) (*proxmox.Client, error) { +func createSDKClient(serverUrl, apiToken, apiTokenSecret string, skipTlsVerify bool) (*proxmox.Client, error) { if _, err := url.Parse(serverUrl); err != nil { return nil, errors.New("invalid pve server url") } @@ -102,11 +101,11 @@ func createSdkClient(serverUrl, apiToken, apiTokenSecret string, skipTlsVerify b } httpClient := &http.Client{ - Transport: httputil.NewDefaultTransport(), + Transport: xhttp.NewDefaultTransport(), Timeout: http.DefaultClient.Timeout, } if skipTlsVerify { - transport := httputil.NewDefaultTransport() + transport := xhttp.NewDefaultTransport() if transport.TLSClientConfig == nil { transport.TLSClientConfig = &tls.Config{} } diff --git a/internal/pkg/core/deployer/providers/proxmoxve/proxmoxve_test.go b/pkg/core/ssl-deployer/providers/proxmoxve/proxmoxve_test.go similarity index 72% rename from internal/pkg/core/deployer/providers/proxmoxve/proxmoxve_test.go rename to pkg/core/ssl-deployer/providers/proxmoxve/proxmoxve_test.go index 8ae02f3b..d53a641b 100644 --- a/internal/pkg/core/deployer/providers/proxmoxve/proxmoxve_test.go +++ b/pkg/core/ssl-deployer/providers/proxmoxve/proxmoxve_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/proxmoxve" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/proxmoxve" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_PROXMOXVE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_PROXMOXVE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./proxmoxve_test.go -args \ - --CERTIMATE_DEPLOYER_PROXMOXVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_PROXMOXVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_PROXMOXVE_SERVERURL="http://127.0.0.1:8006" \ - --CERTIMATE_DEPLOYER_PROXMOXVE_APITOKEN="your-api-token" \ - --CERTIMATE_DEPLOYER_PROXMOXVE_APITOKENSECRET="your-api-token-secret" \ - --CERTIMATE_DEPLOYER_PROXMOXVE_NODENAME="your-cluster-node-name" + --CERTIMATE_SSLDEPLOYER_PROXMOXVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_PROXMOXVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_PROXMOXVE_SERVERURL="http://127.0.0.1:8006" \ + --CERTIMATE_SSLDEPLOYER_PROXMOXVE_APITOKEN="your-api-token" \ + --CERTIMATE_SSLDEPLOYER_PROXMOXVE_APITOKENSECRET="your-api-token-secret" \ + --CERTIMATE_SSLDEPLOYER_PROXMOXVE_NODENAME="your-cluster-node-name" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("NODENAME: %v", fNodeName), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiToken: fApiToken, ApiTokenSecret: fApiTokenSecret, diff --git a/internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn.go b/pkg/core/ssl-deployer/providers/qiniu-cdn/qiniu_cdn.go similarity index 63% rename from internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn.go rename to pkg/core/ssl-deployer/providers/qiniu-cdn/qiniu_cdn.go index 8491ecc3..a1881664 100644 --- a/internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn.go +++ b/pkg/core/ssl-deployer/providers/qiniu-cdn/qiniu_cdn.go @@ -2,19 +2,19 @@ package qiniucdn import ( "context" + "errors" "fmt" "log/slog" "strings" "github.com/qiniu/go-sdk/v7/auth" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/qiniu-sslcert" - qiniusdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/qiniu" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/qiniu-sslcert" + qiniusdk "github.com/certimate-go/certimate/pkg/sdk3rd/qiniu" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 七牛云 AccessKey。 AccessKey string `json:"accessKey"` // 七牛云 SecretKey。 @@ -23,51 +23,55 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *qiniusdk.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *qiniusdk.CdnManager + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client := qiniusdk.NewClient(auth.New(config.AccessKey, config.SecretKey)) + client := qiniusdk.NewCdnManager(auth.New(config.AccessKey, config.SecretKey)) - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKey: config.AccessKey, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CDN - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, fmt.Errorf("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -101,5 +105,5 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } diff --git a/internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn_test.go b/pkg/core/ssl-deployer/providers/qiniu-cdn/qiniu_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn_test.go rename to pkg/core/ssl-deployer/providers/qiniu-cdn/qiniu_cdn_test.go index 51c1201c..5ad633c3 100644 --- a/internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/qiniu-cdn/qiniu_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/qiniu-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/qiniu-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_QINIUCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_QINIUCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./qiniu_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_QINIUCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_QINIUCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_QINIUCDN_ACCESSKEY="your-access-key" \ - --CERTIMATE_DEPLOYER_QINIUCDN_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_QINIUCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_QINIUCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_QINIUCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_QINIUCDN_ACCESSKEY="your-access-key" \ + --CERTIMATE_SSLDEPLOYER_QINIUCDN_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_QINIUCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKey: fAccessKey, SecretKey: fSecretKey, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili.go b/pkg/core/ssl-deployer/providers/qiniu-pili/qiniu_pili.go similarity index 51% rename from internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili.go rename to pkg/core/ssl-deployer/providers/qiniu-pili/qiniu_pili.go index ec6cfc4b..e4e99c4d 100644 --- a/internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili.go +++ b/pkg/core/ssl-deployer/providers/qiniu-pili/qiniu_pili.go @@ -2,17 +2,17 @@ package qiniupili import ( "context" + "errors" "fmt" "log/slog" "github.com/qiniu/go-sdk/v7/pili" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/qiniu-sslcert" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/qiniu-sslcert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 七牛云 AccessKey。 AccessKey string `json:"accessKey"` // 七牛云 SecretKey。 @@ -23,51 +23,55 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *pili.Manager - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *pili.Manager + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } manager := pili.NewManager(pili.ManagerConfig{AccessKey: config.AccessKey, SecretKey: config.SecretKey}) - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKey: config.AccessKey, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: manager, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: manager, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CDN - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, fmt.Errorf("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -87,5 +91,5 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'pili.SetDomainCert': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } diff --git a/internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili_test.go b/pkg/core/ssl-deployer/providers/qiniu-pili/qiniu_pili_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili_test.go rename to pkg/core/ssl-deployer/providers/qiniu-pili/qiniu_pili_test.go index 1c165e0e..5ab99fd9 100644 --- a/internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili_test.go +++ b/pkg/core/ssl-deployer/providers/qiniu-pili/qiniu_pili_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/qiniu-pili" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/qiniu-pili" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_QINIUPILI_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_QINIUPILI_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./qiniu_pili_test.go -args \ - --CERTIMATE_DEPLOYER_QINIUPILI_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_QINIUPILI_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_QINIUPILI_ACCESSKEY="your-access-key" \ - --CERTIMATE_DEPLOYER_QINIUPILI_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_QINIUPILI_HUB="your-hub-name" \ - --CERTIMATE_DEPLOYER_QINIUPILI_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_QINIUPILI_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_QINIUPILI_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_QINIUPILI_ACCESSKEY="your-access-key" \ + --CERTIMATE_SSLDEPLOYER_QINIUPILI_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_QINIUPILI_HUB="your-hub-name" \ + --CERTIMATE_SSLDEPLOYER_QINIUPILI_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKey: fAccessKey, SecretKey: fSecretKey, Domain: fDomain, diff --git a/pkg/core/ssl-deployer/providers/rainyun-rcdn/rainyun_rcdn.go b/pkg/core/ssl-deployer/providers/rainyun-rcdn/rainyun_rcdn.go new file mode 100644 index 00000000..8af0fa06 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/rainyun-rcdn/rainyun_rcdn.go @@ -0,0 +1,99 @@ +package rainyunrcdn + +import ( + "context" + "errors" + "fmt" + "log/slog" + "strconv" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/rainyun-sslcenter" + rainyunsdk "github.com/certimate-go/certimate/pkg/sdk3rd/rainyun" +) + +type SSLDeployerProviderConfig struct { + // 雨云 API 密钥。 + ApiKey string `json:"apiKey"` + // RCDN 实例 ID。 + InstanceId int32 `json:"instanceId"` + // 加速域名(支持泛域名)。 + Domain string `json:"domain"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *rainyunsdk.Client + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ApiKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + ApiKey: config.ApiKey, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, fmt.Errorf("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + // RCDN SSL 绑定域名 + // REF: https://apifox.com/apidoc/shared/a4595cc8-44c5-4678-a2a3-eed7738dab03/api-184214120 + certId, _ := strconv.Atoi(upres.CertId) + rcdnInstanceSslBindReq := &rainyunsdk.RcdnInstanceSslBindRequest{ + CertId: int32(certId), + Domains: []string{d.config.Domain}, + } + rcdnInstanceSslBindResp, err := d.sdkClient.RcdnInstanceSslBind(d.config.InstanceId, rcdnInstanceSslBindReq) + d.logger.Debug("sdk request 'rcdn.InstanceSslBind'", slog.Any("instanceId", d.config.InstanceId), slog.Any("request", rcdnInstanceSslBindReq), slog.Any("response", rcdnInstanceSslBindResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'rcdn.InstanceSslBind': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(apiKey string) (*rainyunsdk.Client, error) { + return rainyunsdk.NewClient(apiKey) +} diff --git a/internal/pkg/core/deployer/providers/rainyun-rcdn/rainyun_rcdn_test.go b/pkg/core/ssl-deployer/providers/rainyun-rcdn/rainyun_rcdn_test.go similarity index 67% rename from internal/pkg/core/deployer/providers/rainyun-rcdn/rainyun_rcdn_test.go rename to pkg/core/ssl-deployer/providers/rainyun-rcdn/rainyun_rcdn_test.go index fd81bffa..25f8ba1b 100644 --- a/internal/pkg/core/deployer/providers/rainyun-rcdn/rainyun_rcdn_test.go +++ b/pkg/core/ssl-deployer/providers/rainyun-rcdn/rainyun_rcdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/rainyun-rcdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/rainyun-rcdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_RAINYUNRCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_RAINYUNRCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./ucloud_ucdn_test.go -args \ - --CERTIMATE_DEPLOYER_RAINYUNRCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_RAINYUNRCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_RAINYUNRCDN_APIKEY="your-api-key" \ - --CERTIMATE_DEPLOYER_RAINYUNRCDN_INSTANCEID="your-rcdn-instance-id" \ - --CERTIMATE_DEPLOYER_RAINYUNRCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_RAINYUNRCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_RAINYUNRCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_RAINYUNRCDN_APIKEY="your-api-key" \ + --CERTIMATE_SSLDEPLOYER_RAINYUNRCDN_INSTANCEID="your-rcdn-instance-id" \ + --CERTIMATE_SSLDEPLOYER_RAINYUNRCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,9 +52,9 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ - PrivateKey: fApiKey, - InstanceId: fInstanceId, + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ + ApiKey: fApiKey, + InstanceId: int32(fInstanceId), Domain: fDomain, }) if err != nil { diff --git a/pkg/core/ssl-deployer/providers/ratpanel-console/ratpanel_console.go b/pkg/core/ssl-deployer/providers/ratpanel-console/ratpanel_console.go new file mode 100644 index 00000000..bea24380 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ratpanel-console/ratpanel_console.go @@ -0,0 +1,84 @@ +package ratpanelconsole + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + rpsdk "github.com/certimate-go/certimate/pkg/sdk3rd/ratpanel" +) + +type SSLDeployerProviderConfig struct { + // 耗子面板服务地址。 + ServerUrl string `json:"serverUrl"` + // 耗子面板访问令牌 ID。 + AccessTokenId int32 `json:"accessTokenId"` + // 耗子面板访问令牌。 + AccessToken string `json:"accessToken"` + // 是否允许不安全的连接。 + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *rpsdk.Client +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ServerUrl, config.AccessTokenId, config.AccessToken, config.AllowInsecureConnections) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 设置面板 SSL 证书 + setSettingCertReq := &rpsdk.SetSettingCertRequest{ + Certificate: certPEM, + PrivateKey: privkeyPEM, + } + setSettingCertResp, err := d.sdkClient.SetSettingCert(setSettingCertReq) + d.logger.Debug("sdk request 'ratpanel.SetSettingCert'", slog.Any("request", setSettingCertReq), slog.Any("response", setSettingCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'ratpanel.SetSettingCert': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(serverUrl string, accessTokenId int32, accessToken string, skipTlsVerify bool) (*rpsdk.Client, error) { + client, err := rpsdk.NewClient(serverUrl, accessTokenId, accessToken) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil +} diff --git a/internal/pkg/core/deployer/providers/ratpanel-console/ratpanel_console_test.go b/pkg/core/ssl-deployer/providers/ratpanel-console/ratpanel_console_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/ratpanel-console/ratpanel_console_test.go rename to pkg/core/ssl-deployer/providers/ratpanel-console/ratpanel_console_test.go index 3366b06c..fab2f64d 100644 --- a/internal/pkg/core/deployer/providers/ratpanel-console/ratpanel_console_test.go +++ b/pkg/core/ssl-deployer/providers/ratpanel-console/ratpanel_console_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ratpanel-console" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ratpanel-console" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_RATPANELCONSOLE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_RATPANELCONSOLE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./ratpanel_console_test.go -args \ - --CERTIMATE_DEPLOYER_RATPANELCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_RATPANELCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_RATPANELCONSOLE_SERVERURL="http://127.0.0.1:8888" \ - --CERTIMATE_DEPLOYER_RATPANELCONSOLE_ACCESSTOKENID="your-access-token-id" \ - --CERTIMATE_DEPLOYER_RATPANELCONSOLE_ACCESSTOKEN="your-access-token" + --CERTIMATE_SSLDEPLOYER_RATPANELCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_RATPANELCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_RATPANELCONSOLE_SERVERURL="http://127.0.0.1:8888" \ + --CERTIMATE_SSLDEPLOYER_RATPANELCONSOLE_ACCESSTOKENID="your-access-token-id" \ + --CERTIMATE_SSLDEPLOYER_RATPANELCONSOLE_ACCESSTOKEN="your-access-token" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("ACCESSTOKEN: %v", fAccessToken), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, AccessTokenId: int32(fAccessTokenId), AccessToken: fAccessToken, diff --git a/pkg/core/ssl-deployer/providers/ratpanel-site/ratpanel_site.go b/pkg/core/ssl-deployer/providers/ratpanel-site/ratpanel_site.go new file mode 100644 index 00000000..0adcf20c --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ratpanel-site/ratpanel_site.go @@ -0,0 +1,91 @@ +package ratpanelsite + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + rpsdk "github.com/certimate-go/certimate/pkg/sdk3rd/ratpanel" +) + +type SSLDeployerProviderConfig struct { + // 耗子面板服务地址。 + ServerUrl string `json:"serverUrl"` + // 耗子面板访问令牌 ID。 + AccessTokenId int32 `json:"accessTokenId"` + // 耗子面板访问令牌。 + AccessToken string `json:"accessToken"` + // 是否允许不安全的连接。 + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` + // 网站名称。 + SiteName string `json:"siteName"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *rpsdk.Client +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ServerUrl, config.AccessTokenId, config.AccessToken, config.AllowInsecureConnections) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.SiteName == "" { + return nil, errors.New("config `siteName` is required") + } + + // 设置站点 SSL 证书 + setWebsiteCertReq := &rpsdk.SetWebsiteCertRequest{ + SiteName: d.config.SiteName, + Certificate: certPEM, + PrivateKey: privkeyPEM, + } + setWebsiteCertResp, err := d.sdkClient.SetWebsiteCert(setWebsiteCertReq) + d.logger.Debug("sdk request 'ratpanel.SetWebsiteCert'", slog.Any("request", setWebsiteCertReq), slog.Any("response", setWebsiteCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'ratpanel.SetWebsiteCert': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(serverUrl string, accessTokenId int32, accessToken string, skipTlsVerify bool) (*rpsdk.Client, error) { + client, err := rpsdk.NewClient(serverUrl, accessTokenId, accessToken) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil +} diff --git a/internal/pkg/core/deployer/providers/ratpanel-site/ratpanel_site_test.go b/pkg/core/ssl-deployer/providers/ratpanel-site/ratpanel_site_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/ratpanel-site/ratpanel_site_test.go rename to pkg/core/ssl-deployer/providers/ratpanel-site/ratpanel_site_test.go index cd84b3ea..1cd261d8 100644 --- a/internal/pkg/core/deployer/providers/ratpanel-site/ratpanel_site_test.go +++ b/pkg/core/ssl-deployer/providers/ratpanel-site/ratpanel_site_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ratpanel-site" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ratpanel-site" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_RATPANELSITE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_RATPANELSITE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./ratpanel_site_test.go -args \ - --CERTIMATE_DEPLOYER_RATPANELSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_RATPANELSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_RATPANELSITE_SERVERURL="http://127.0.0.1:8888" \ - --CERTIMATE_DEPLOYER_RATPANELSITE_ACCESSTOKENID="your-access-token-id" \ - --CERTIMATE_DEPLOYER_RATPANELSITE_ACCESSTOKEN="your-access-token" \ - --CERTIMATE_DEPLOYER_RATPANELSITE_SITENAME="your-site-name" + --CERTIMATE_SSLDEPLOYER_RATPANELSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_RATPANELSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_RATPANELSITE_SERVERURL="http://127.0.0.1:8888" \ + --CERTIMATE_SSLDEPLOYER_RATPANELSITE_ACCESSTOKENID="your-access-token-id" \ + --CERTIMATE_SSLDEPLOYER_RATPANELSITE_ACCESSTOKEN="your-access-token" \ + --CERTIMATE_SSLDEPLOYER_RATPANELSITE_SITENAME="your-site-name" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SITENAME: %v", fSiteName), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, AccessTokenId: int32(fAccessTokenId), AccessToken: fAccessToken, diff --git a/internal/pkg/core/deployer/providers/safeline/consts.go b/pkg/core/ssl-deployer/providers/safeline/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/safeline/consts.go rename to pkg/core/ssl-deployer/providers/safeline/consts.go diff --git a/internal/pkg/core/deployer/providers/safeline/safeline.go b/pkg/core/ssl-deployer/providers/safeline/safeline.go similarity index 57% rename from internal/pkg/core/deployer/providers/safeline/safeline.go rename to pkg/core/ssl-deployer/providers/safeline/safeline.go index 253a8754..3bba0f66 100644 --- a/internal/pkg/core/deployer/providers/safeline/safeline.go +++ b/pkg/core/ssl-deployer/providers/safeline/safeline.go @@ -6,13 +6,12 @@ import ( "errors" "fmt" "log/slog" - "net/url" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - safelinesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/safeline" + "github.com/certimate-go/certimate/pkg/core" + safelinesdk "github.com/certimate-go/certimate/pkg/sdk3rd/safeline" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 雷池服务地址。 ServerUrl string `json:"serverUrl"` // 雷池 API Token。 @@ -26,42 +25,41 @@ type DeployerConfig struct { CertificateId int32 `json:"certificateId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *safelinesdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ServerUrl, config.ApiToken, config.AllowInsecureConnections) + client, err := createSDKClient(config.ServerUrl, config.ApiToken, config.AllowInsecureConnections) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 根据部署资源类型决定部署方式 +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 根据部署资源类型决定部署方式`` switch d.config.ResourceType { case RESOURCE_TYPE_CERTIFICATE: if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil { @@ -72,10 +70,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.CertificateId == 0 { return errors.New("config `certificateId` is required") } @@ -84,7 +82,7 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri updateCertificateReq := &safelinesdk.UpdateCertificateRequest{ Id: d.config.CertificateId, Type: 2, - Manual: &safelinesdk.UpdateCertificateRequestBodyManul{ + Manual: &safelinesdk.CertificateManul{ Crt: certPEM, Key: privkeyPEM, }, @@ -98,18 +96,14 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri return nil } -func createSdkClient(serverUrl, apiToken string, skipTlsVerify bool) (*safelinesdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid safeline server url") +func createSDKClient(serverUrl, apiToken string, skipTlsVerify bool) (*safelinesdk.Client, error) { + client, err := safelinesdk.NewClient(serverUrl, apiToken) + if err != nil { + return nil, err } - if apiToken == "" { - return nil, errors.New("invalid safeline api token") - } - - client := safelinesdk.NewClient(serverUrl, apiToken) if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) } return client, nil diff --git a/internal/pkg/core/deployer/providers/safeline/safeline_test.go b/pkg/core/ssl-deployer/providers/safeline/safeline_test.go similarity index 73% rename from internal/pkg/core/deployer/providers/safeline/safeline_test.go rename to pkg/core/ssl-deployer/providers/safeline/safeline_test.go index 9730473c..80b89839 100644 --- a/internal/pkg/core/deployer/providers/safeline/safeline_test.go +++ b/pkg/core/ssl-deployer/providers/safeline/safeline_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/safeline" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/safeline" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_SAFELINE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_SAFELINE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./safeline_test.go -args \ - --CERTIMATE_DEPLOYER_SAFELINE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_SAFELINE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_SAFELINE_SERVERURL="http://127.0.0.1:9443" \ - --CERTIMATE_DEPLOYER_SAFELINE_APITOKEN="your-api-token" \ - --CERTIMATE_DEPLOYER_SAFELINE_CERTIFICATEID="your-cerficiate-id" + --CERTIMATE_SSLDEPLOYER_SAFELINE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_SAFELINE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_SAFELINE_SERVERURL="http://127.0.0.1:9443" \ + --CERTIMATE_SSLDEPLOYER_SAFELINE_APITOKEN="your-api-token" \ + --CERTIMATE_SSLDEPLOYER_SAFELINE_CERTIFICATEID="your-cerficiate-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("CERTIFICATEID: %v", fCertificateId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiToken: fApiToken, AllowInsecureConnections: true, diff --git a/internal/pkg/core/deployer/providers/ssh/defines.go b/pkg/core/ssl-deployer/providers/ssh/defines.go similarity index 100% rename from internal/pkg/core/deployer/providers/ssh/defines.go rename to pkg/core/ssl-deployer/providers/ssh/defines.go diff --git a/internal/pkg/core/deployer/providers/ssh/ssh.go b/pkg/core/ssl-deployer/providers/ssh/ssh.go similarity index 92% rename from internal/pkg/core/deployer/providers/ssh/ssh.go rename to pkg/core/ssl-deployer/providers/ssh/ssh.go index 2d6aa8fd..94d0b6bf 100644 --- a/internal/pkg/core/deployer/providers/ssh/ssh.go +++ b/pkg/core/ssl-deployer/providers/ssh/ssh.go @@ -3,6 +3,7 @@ package ssh import ( "bytes" "context" + "errors" "fmt" "log/slog" "net" @@ -15,8 +16,8 @@ import ( "github.com/povsister/scp" "golang.org/x/crypto/ssh" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) type JumpServerConfig struct { @@ -41,7 +42,7 @@ type JumpServerConfig struct { SshKeyPassphrase string `json:"sshKeyPassphrase,omitempty"` } -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // SSH 主机。 // 零值时默认值 "localhost"。 SshHost string `json:"sshHost,omitempty"` @@ -95,36 +96,35 @@ type DeployerConfig struct { JksStorepass string `json:"jksStorepass,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 提取服务器证书和中间证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -237,7 +237,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE d.logger.Info("ssl private key file uploaded", slog.String("path", d.config.OutputKeyPath)) case OUTPUT_FORMAT_PFX: - pfxData, err := certutil.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, d.config.PfxPassword) + pfxData, err := xcert.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, d.config.PfxPassword) if err != nil { return nil, fmt.Errorf("failed to transform certificate to PFX: %w", err) } @@ -249,7 +249,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE d.logger.Info("ssl certificate file uploaded", slog.String("path", d.config.OutputCertPath)) case OUTPUT_FORMAT_JKS: - jksData, err := certutil.TransformCertificateFromPEMToJKS(certPEM, privkeyPEM, d.config.JksAlias, d.config.JksKeypass, d.config.JksStorepass) + jksData, err := xcert.TransformCertificateFromPEMToJKS(certPEM, privkeyPEM, d.config.JksAlias, d.config.JksKeypass, d.config.JksStorepass) if err != nil { return nil, fmt.Errorf("failed to transform certificate to JKS: %w", err) } @@ -273,7 +273,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } func createSshClient(conn net.Conn, host string, port int32, authMethod string, username, password, key, keyPassphrase string) (*ssh.Client, error) { diff --git a/internal/pkg/core/deployer/providers/ssh/ssh_test.go b/pkg/core/ssl-deployer/providers/ssh/ssh_test.go similarity index 73% rename from internal/pkg/core/deployer/providers/ssh/ssh_test.go rename to pkg/core/ssl-deployer/providers/ssh/ssh_test.go index ae908185..30c456ef 100644 --- a/internal/pkg/core/deployer/providers/ssh/ssh_test.go +++ b/pkg/core/ssl-deployer/providers/ssh/ssh_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ssh" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ssh" ) var ( @@ -23,7 +23,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_SSH_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_SSH_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -39,14 +39,14 @@ func init() { Shell command to run this test: go test -v ./ssh_test.go -args \ - --CERTIMATE_DEPLOYER_SSH_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_SSH_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_SSH_SSHHOST="localhost" \ - --CERTIMATE_DEPLOYER_SSH_SSHPORT=22 \ - --CERTIMATE_DEPLOYER_SSH_SSHUSERNAME="root" \ - --CERTIMATE_DEPLOYER_SSH_SSHPASSWORD="password" \ - --CERTIMATE_DEPLOYER_SSH_OUTPUTCERTPATH="/path/to/your-output-cert.pem" \ - --CERTIMATE_DEPLOYER_SSH_OUTPUTKEYPATH="/path/to/your-output-key.pem" + --CERTIMATE_SSLDEPLOYER_SSH_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_SSH_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_SSH_SSHHOST="localhost" \ + --CERTIMATE_SSLDEPLOYER_SSH_SSHPORT=22 \ + --CERTIMATE_SSLDEPLOYER_SSH_SSHUSERNAME="root" \ + --CERTIMATE_SSLDEPLOYER_SSH_SSHPASSWORD="password" \ + --CERTIMATE_SSLDEPLOYER_SSH_OUTPUTCERTPATH="/path/to/your-output-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_SSH_OUTPUTKEYPATH="/path/to/your-output-key.pem" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -64,7 +64,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("OUTPUTKEYPATH: %v", fOutputKeyPath), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SshHost: fSshHost, SshPort: int32(fSshPort), SshUsername: fSshUsername, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go b/pkg/core/ssl-deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go similarity index 80% rename from internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go rename to pkg/core/ssl-deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go index b815ebf8..332bf610 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go @@ -14,12 +14,11 @@ import ( tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" "golang.org/x/exp/slices" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -28,59 +27,63 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClients *wSdkClients - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClients *wSDKClients + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -type wSdkClients struct { +type wSDKClients struct { SSL *tcssl.Client CDN *tccdn.Client } -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - clients, err := createSdkClients(config.SecretId, config.SecretKey) + clients, err := createSDKClients(config.SecretId, config.SecretKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk clients: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClients: clients, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClients: clients, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -179,10 +182,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]string, error) { +func (d *SSLDeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]string, error) { // 获取证书中的可用域名 // REF: https://cloud.tencent.com/document/product/228/42491 describeCertDomainsReq := tccdn.NewDescribeCertDomainsRequest() @@ -204,8 +207,8 @@ func (d *DeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]stri return domains, nil } -func (d *DeployerProvider) getDeployedDomainsByCertificateId(cloudCertId string) ([]string, error) { - // 根据证书查询关联 CDN 域名 +func (d *SSLDeployerProvider) getDeployedDomainsByCertificateId(cloudCertId string) ([]string, error) { + // 根据证书查询关联资源 // REF: https://cloud.tencent.com/document/product/400/62674 describeDeployedResourcesReq := tcssl.NewDescribeDeployedResourcesRequest() describeDeployedResourcesReq.CertificateIds = common.StringPtrs([]string{cloudCertId}) @@ -228,7 +231,7 @@ func (d *DeployerProvider) getDeployedDomainsByCertificateId(cloudCertId string) return domains, nil } -func createSdkClients(secretId, secretKey string) (*wSdkClients, error) { +func createSDKClients(secretId, secretKey string) (*wSDKClients, error) { credential := common.NewCredential(secretId, secretKey) sslClient, err := tcssl.NewClient(credential, "", profile.NewClientProfile()) @@ -241,7 +244,7 @@ func createSdkClients(secretId, secretKey string) (*wSdkClients, error) { return nil, err } - return &wSdkClients{ + return &wSDKClients{ SSL: sslClient, CDN: cdnClient, }, nil diff --git a/internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-cdn/tencentcloud_cdn_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-cdn/tencentcloud_cdn_test.go index 95285930..b9dfe8c3 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-cdn/tencentcloud_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCDN_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCDN_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCDN_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCDN_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-clb/consts.go b/pkg/core/ssl-deployer/providers/tencentcloud-clb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/tencentcloud-clb/consts.go rename to pkg/core/ssl-deployer/providers/tencentcloud-clb/consts.go diff --git a/internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb.go b/pkg/core/ssl-deployer/providers/tencentcloud-clb/tencentcloud_clb.go similarity index 85% rename from internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb.go rename to pkg/core/ssl-deployer/providers/tencentcloud-clb/tencentcloud_clb.go index 7179ee71..0c37558d 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-clb/tencentcloud_clb.go @@ -12,12 +12,11 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -37,59 +36,59 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClients *wSdkClients - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClients *wSDKClients + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -type wSdkClients struct { +type wSDKClients struct { SSL *tcssl.Client CLB *tcclb.Client } -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - clients, err := createSdkClients(config.SecretId, config.SecretKey, config.Region) + clients, err := createSDKClients(config.SecretId, config.SecretKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk clients: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClients: clients, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClients: clients, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -122,10 +121,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployViaSslService(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployViaSslService(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -198,7 +197,7 @@ func (d *DeployerProvider) deployViaSslService(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -250,7 +249,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -266,7 +265,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) deployToRuleDomain(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToRuleDomain(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -296,8 +295,8 @@ func (d *DeployerProvider) deployToRuleDomain(ctx context.Context, cloudCertId s return nil } -func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudLoadbalancerId, cloudListenerId, cloudCertId string) error { - // 查询监听器列表 +func (d *SSLDeployerProvider) modifyListenerCertificate(ctx context.Context, cloudLoadbalancerId, cloudListenerId, cloudCertId string) error { + // 查询负载均衡的监听器列表 // REF: https://cloud.tencent.com/document/api/214/30686 describeListenersReq := tcclb.NewDescribeListenersRequest() describeListenersReq.LoadBalancerId = common.StringPtr(cloudLoadbalancerId) @@ -331,7 +330,7 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClients(secretId, secretKey, region string) (*wSdkClients, error) { +func createSDKClients(secretId, secretKey, region string) (*wSDKClients, error) { credential := common.NewCredential(secretId, secretKey) // 注意虽然官方文档中地域无需指定,但实际需要部署到 CLB 时必传 @@ -345,7 +344,7 @@ func createSdkClients(secretId, secretKey, region string) (*wSdkClients, error) return nil, err } - return &wSdkClients{ + return &wSDKClients{ SSL: sslClient, CLB: clbClient, }, nil diff --git a/internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-clb/tencentcloud_clb_test.go similarity index 82% rename from internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-clb/tencentcloud_clb_test.go index 59cd9b8d..10e19262 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-clb/tencentcloud_clb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-clb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-clb" ) var ( @@ -23,7 +23,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -39,14 +39,14 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_clb_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCLB_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCLB_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCLB_REGION="ap-guangzhou" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCLB_LOADBALANCERID="your-clb-lb-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCLB_LISTENERID="your-clb-lbl-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCLB_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCLB_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCLB_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCLB_REGION="ap-guangzhou" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCLB_LOADBALANCERID="your-clb-lb-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCLB_LISTENERID="your-clb-lbl-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCLB_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -64,7 +64,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Region: fRegion, @@ -100,7 +100,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LOADBALANCERID: %v", fLoadbalancerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Region: fRegion, @@ -135,7 +135,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LISTENERID: %v", fListenerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Region: fRegion, @@ -172,7 +172,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos.go b/pkg/core/ssl-deployer/providers/tencentcloud-cos/tencentcloud_cos.go similarity index 76% rename from internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos.go rename to pkg/core/ssl-deployer/providers/tencentcloud-cos/tencentcloud_cos.go index 537d2285..7f4501d1 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-cos/tencentcloud_cos.go @@ -11,12 +11,11 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -29,52 +28,52 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *tcssl.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *tcssl.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.SecretId, config.SecretKey, config.Region) + client, err := createSDKClient(config.SecretId, config.SecretKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Bucket == "" { return nil, errors.New("config `bucket` is required") } @@ -82,8 +81,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, errors.New("config `domain` is required") } - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -146,10 +145,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE time.Sleep(time.Second * 5) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(secretId, secretKey, region string) (*tcssl.Client, error) { +func createSDKClient(secretId, secretKey, region string) (*tcssl.Client, error) { credential := common.NewCredential(secretId, secretKey) client, err := tcssl.NewClient(credential, region, profile.NewClientProfile()) if err != nil { diff --git a/internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-cos/tencentcloud_cos_test.go similarity index 69% rename from internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-cos/tencentcloud_cos_test.go index 24e41d47..462e8f2c 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-cos/tencentcloud_cos_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-cos" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-cos" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDCOS_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCOS_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_cos_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCOS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCOS_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCOS_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCOS_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCOS_REGION="ap-guangzhou" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCOS_BUCKET="your-cos-bucket" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCOS_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCOS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCOS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCOS_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCOS_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCOS_REGION="ap-guangzhou" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCOS_BUCKET="your-cos-bucket" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCOS_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css.go b/pkg/core/ssl-deployer/providers/tencentcloud-css/tencentcloud_css.go similarity index 57% rename from internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css.go rename to pkg/core/ssl-deployer/providers/tencentcloud-css/tencentcloud_css.go index a9056719..ab07c62f 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-css/tencentcloud_css.go @@ -2,6 +2,7 @@ package tencentcloudcss import ( "context" + "errors" "fmt" "log/slog" @@ -9,12 +10,11 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tclive "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/live/v20180801" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -23,54 +23,58 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *tclive.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *tclive.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.SecretId, config.SecretKey) + client, err := createSDKClient(config.SecretId, config.SecretKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -93,10 +97,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'live.ModifyLiveDomainCertBindings': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(secretId, secretKey string) (*tclive.Client, error) { +func createSDKClient(secretId, secretKey string) (*tclive.Client, error) { credential := common.NewCredential(secretId, secretKey) client, err := tclive.NewClient(credential, "", profile.NewClientProfile()) diff --git a/internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-css/tencentcloud_css_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-css/tencentcloud_css_test.go index 4aaa344a..c4774c9d 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-css/tencentcloud_css_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-css" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-css" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDCSS_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCSS_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_css_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCSS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCSS_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCSS_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCSS_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCSS_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCSS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCSS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCSS_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCSS_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCSS_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go b/pkg/core/ssl-deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go similarity index 78% rename from internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go rename to pkg/core/ssl-deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go index c029c667..817a1042 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go @@ -13,12 +13,11 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -27,59 +26,63 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClients *wSdkClients - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClients *wSDKClients + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -type wSdkClients struct { +type wSDKClients struct { SSL *tcssl.Client CDN *tccdn.Client } -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - clients, err := createSdkClients(config.SecretId, config.SecretKey) + clients, err := createSDKClients(config.SecretId, config.SecretKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk clients: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClients: clients, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClients: clients, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -162,10 +165,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]string, error) { +func (d *SSLDeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]string, error) { // 获取证书中的可用域名 // REF: https://cloud.tencent.com/document/product/228/42491 describeCertDomainsReq := tccdn.NewDescribeCertDomainsRequest() @@ -187,7 +190,7 @@ func (d *DeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]stri return domains, nil } -func createSdkClients(secretId, secretKey string) (*wSdkClients, error) { +func createSDKClients(secretId, secretKey string) (*wSDKClients, error) { credential := common.NewCredential(secretId, secretKey) sslClient, err := tcssl.NewClient(credential, "", profile.NewClientProfile()) @@ -200,7 +203,7 @@ func createSdkClients(secretId, secretKey string) (*wSdkClients, error) { return nil, err } - return &wSdkClients{ + return &wSDKClients{ SSL: sslClient, CDN: cdnClient, }, nil diff --git a/internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn_test.go similarity index 69% rename from internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn_test.go index 1cffd10d..ac6eac0e 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-ecdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-ecdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDECDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDECDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_ecdn_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDECDN_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDECDN_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDECDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDECDN_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDECDN_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDECDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go b/pkg/core/ssl-deployer/providers/tencentcloud-eo/tencentcloud_eo.go similarity index 61% rename from internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go rename to pkg/core/ssl-deployer/providers/tencentcloud-eo/tencentcloud_eo.go index 1a4a199b..2f94f438 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-eo/tencentcloud_eo.go @@ -11,12 +11,11 @@ import ( tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" tcteo "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -27,63 +26,66 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClients *wSdkClients - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClients *wSDKClients + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -type wSdkClients struct { +type wSDKClients struct { SSL *tcssl.Client TEO *tcteo.Client } -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - clients, err := createSdkClients(config.SecretId, config.SecretKey) + clients, err := createSDKClients(config.SecretId, config.SecretKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk clients: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClients: clients, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClients: clients, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.ZoneId == "" { return nil, errors.New("config `zoneId` is required") } + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -103,10 +105,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'teo.ModifyHostsCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClients(secretId, secretKey string) (*wSdkClients, error) { +func createSDKClients(secretId, secretKey string) (*wSDKClients, error) { credential := common.NewCredential(secretId, secretKey) sslClient, err := tcssl.NewClient(credential, "", profile.NewClientProfile()) @@ -119,7 +121,7 @@ func createSdkClients(secretId, secretKey string) (*wSdkClients, error) { return nil, err } - return &wSdkClients{ + return &wSDKClients{ SSL: sslClient, TEO: teoClient, }, nil diff --git a/internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-eo/tencentcloud_eo_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-eo/tencentcloud_eo_test.go index 81c3b9da..cbca3fe3 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-eo/tencentcloud_eo_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-eo" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-eo" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDEO_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDEO_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_eo_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDEO_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDEO_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDEO_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDEO_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDEO_ZONEID="your-zone-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDEO_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDEO_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDEO_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDEO_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDEO_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDEO_ZONEID="your-zone-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDEO_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, ZoneId: fZoneId, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-gaap/consts.go b/pkg/core/ssl-deployer/providers/tencentcloud-gaap/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/tencentcloud-gaap/consts.go rename to pkg/core/ssl-deployer/providers/tencentcloud-gaap/consts.go diff --git a/internal/pkg/core/deployer/providers/tencentcloud-gaap/tencentcloud_gaap.go b/pkg/core/ssl-deployer/providers/tencentcloud-gaap/tencentcloud_gaap.go similarity index 66% rename from internal/pkg/core/deployer/providers/tencentcloud-gaap/tencentcloud_gaap.go rename to pkg/core/ssl-deployer/providers/tencentcloud-gaap/tencentcloud_gaap.go index 2cc076f0..64e2d570 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-gaap/tencentcloud_gaap.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-gaap/tencentcloud_gaap.go @@ -10,13 +10,12 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcgaap "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap/v20180529" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -31,54 +30,54 @@ type DeployerConfig struct { ListenerId string `json:"listenerId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *tcgaap.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *tcgaap.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClients(config.SecretId, config.SecretKey) + client, err := createSDKClients(config.SecretId, config.SecretKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -96,10 +95,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.ListenerId == "" { return errors.New("config `listenerId` is required") } @@ -112,7 +111,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) modifyHttpsListenerCertificate(ctx context.Context, cloudListenerId, cloudCertId string) error { +func (d *SSLDeployerProvider) modifyHttpsListenerCertificate(ctx context.Context, cloudListenerId, cloudCertId string) error { // 查询 HTTPS 监听器信息 // REF: https://cloud.tencent.com/document/product/608/37001 describeHTTPSListenersReq := tcgaap.NewDescribeHTTPSListenersRequest() @@ -130,7 +129,7 @@ func (d *DeployerProvider) modifyHttpsListenerCertificate(ctx context.Context, c // 修改 HTTPS 监听器配置 // REF: https://cloud.tencent.com/document/product/608/36996 modifyHTTPSListenerAttributeReq := tcgaap.NewModifyHTTPSListenerAttributeRequest() - modifyHTTPSListenerAttributeReq.ProxyId = typeutil.ToPtrOrZeroNil(d.config.ProxyId) + modifyHTTPSListenerAttributeReq.ProxyId = xtypes.ToPtrOrZeroNil(d.config.ProxyId) modifyHTTPSListenerAttributeReq.ListenerId = common.StringPtr(cloudListenerId) modifyHTTPSListenerAttributeReq.CertificateId = common.StringPtr(cloudCertId) modifyHTTPSListenerAttributeResp, err := d.sdkClient.ModifyHTTPSListenerAttribute(modifyHTTPSListenerAttributeReq) @@ -142,7 +141,7 @@ func (d *DeployerProvider) modifyHttpsListenerCertificate(ctx context.Context, c return nil } -func createSdkClients(secretId, secretKey string) (*tcgaap.Client, error) { +func createSDKClients(secretId, secretKey string) (*tcgaap.Client, error) { credential := common.NewCredential(secretId, secretKey) client, err := tcgaap.NewClient(credential, "", profile.NewClientProfile()) diff --git a/internal/pkg/core/deployer/providers/tencentcloud-gaap/tencentcloud_gaap_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-gaap/tencentcloud_gaap_test.go similarity index 64% rename from internal/pkg/core/deployer/providers/tencentcloud-gaap/tencentcloud_gaap_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-gaap/tencentcloud_gaap_test.go index 32943362..8d240353 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-gaap/tencentcloud_gaap_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-gaap/tencentcloud_gaap_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-gaap" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-gaap" ) var ( @@ -16,19 +16,17 @@ var ( fInputKeyPath string fSecretId string fSecretKey string - fProxyGroupId string fProxyId string fListenerId string ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") flag.StringVar(&fSecretId, argsPrefix+"SECRETID", "", "") flag.StringVar(&fSecretKey, argsPrefix+"SECRETKEY", "", "") - flag.StringVar(&fProxyGroupId, argsPrefix+"PROXYGROUPID", "", "") flag.StringVar(&fProxyId, argsPrefix+"PROXYID", "", "") flag.StringVar(&fListenerId, argsPrefix+"LISTENERID", "", "") } @@ -37,13 +35,12 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_gaap_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDGAAP_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDGAAP_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDGAAP_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDGAAP_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDGAAP_PROXYGROUPID="your-gaap-group-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDGAAP_PROXYID="your-gaap-group-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDGAAP_LISTENERID="your-clb-listener-id" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDGAAP_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDGAAP_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDGAAP_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDGAAP_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDGAAP_PROXYID="your-gaap-group-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDGAAP_LISTENERID="your-clb-listener-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -55,16 +52,14 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), fmt.Sprintf("SECRETID: %v", fSecretId), fmt.Sprintf("SECRETKEY: %v", fSecretKey), - fmt.Sprintf("PROXYGROUPID: %v", fProxyGroupId), fmt.Sprintf("PROXYID: %v", fProxyId), fmt.Sprintf("LISTENERID: %v", fListenerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, ResourceType: provider.RESOURCE_TYPE_LISTENER, - ProxyGroupId: fProxyGroupId, ProxyId: fProxyId, ListenerId: fListenerId, }) diff --git a/internal/pkg/core/deployer/providers/tencentcloud-scf/tencentcloud_scf.go b/pkg/core/ssl-deployer/providers/tencentcloud-scf/tencentcloud_scf.go similarity index 63% rename from internal/pkg/core/deployer/providers/tencentcloud-scf/tencentcloud_scf.go rename to pkg/core/ssl-deployer/providers/tencentcloud-scf/tencentcloud_scf.go index a0967f4e..e8135421 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-scf/tencentcloud_scf.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-scf/tencentcloud_scf.go @@ -2,6 +2,7 @@ package tencentcloudscf import ( "context" + "errors" "fmt" "log/slog" @@ -9,12 +10,11 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcscf "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/scf/v20180416" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -25,52 +25,56 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *tcscf.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *tcscf.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.SecretId, config.SecretKey, config.Region) + client, err := createSDKClient(config.SecretId, config.SecretKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + // 查看云函数自定义域名详情 // REF: https://cloud.tencent.com/document/product/583/111924 getCustomDomainReq := tcscf.NewGetCustomDomainRequest() @@ -81,8 +85,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'scf.GetCustomDomain': %w", err) } - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -103,10 +107,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'scf.UpdateCustomDomain': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(secretId, secretKey, region string) (*tcscf.Client, error) { +func createSDKClient(secretId, secretKey, region string) (*tcscf.Client, error) { credential := common.NewCredential(secretId, secretKey) client, err := tcscf.NewClient(credential, region, profile.NewClientProfile()) if err != nil { diff --git a/internal/pkg/core/deployer/providers/tencentcloud-scf/tencentcloud_scf_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-scf/tencentcloud_scf_test.go similarity index 69% rename from internal/pkg/core/deployer/providers/tencentcloud-scf/tencentcloud_scf_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-scf/tencentcloud_scf_test.go index f0aa0cfe..0357028d 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-scf/tencentcloud_scf_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-scf/tencentcloud_scf_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-scf" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-scf" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDSCF_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDSCF_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_scf_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDSCF_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDSCF_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDSCF_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDSCF_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDSCF_REGION="ap-guangzhou" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDSCF_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDSCF_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDSCF_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDSCF_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDSCF_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDSCF_REGION="ap-guangzhou" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDSCF_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-ssl-deploy/tencentcloud_ssl_deploy.go b/pkg/core/ssl-deployer/providers/tencentcloud-ssl-deploy/tencentcloud_ssl_deploy.go similarity index 76% rename from internal/pkg/core/deployer/providers/tencentcloud-ssl-deploy/tencentcloud_ssl_deploy.go rename to pkg/core/ssl-deployer/providers/tencentcloud-ssl-deploy/tencentcloud_ssl_deploy.go index db6617d5..cd07cc88 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-ssl-deploy/tencentcloud_ssl_deploy.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-ssl-deploy/tencentcloud_ssl_deploy.go @@ -11,12 +11,11 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -29,52 +28,52 @@ type DeployerConfig struct { ResourceIds []string `json:"resourceIds"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *tcssl.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *tcssl.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.SecretId, config.SecretKey, config.Region) + client, err := createSDKClient(config.SecretId, config.SecretKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.ResourceType == "" { return nil, errors.New("config `resourceType` is required") } @@ -82,8 +81,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, errors.New("config `resourceIds` is required") } - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -148,10 +147,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE time.Sleep(time.Second * 5) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(secretId, secretKey, region string) (*tcssl.Client, error) { +func createSDKClient(secretId, secretKey, region string) (*tcssl.Client, error) { credential := common.NewCredential(secretId, secretKey) client, err := tcssl.NewClient(credential, region, profile.NewClientProfile()) diff --git a/pkg/core/ssl-deployer/providers/tencentcloud-ssl/tencentcloud_ssl.go b/pkg/core/ssl-deployer/providers/tencentcloud-ssl/tencentcloud_ssl.go new file mode 100644 index 00000000..89f439ac --- /dev/null +++ b/pkg/core/ssl-deployer/providers/tencentcloud-ssl/tencentcloud_ssl.go @@ -0,0 +1,68 @@ +package tencentcloudssl + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" +) + +type SSLDeployerProviderConfig struct { + // 腾讯云 SecretId。 + SecretId string `json:"secretId"` + // 腾讯云 SecretKey。 + SecretKey string `json:"secretKey"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + SecretId: config.SecretId, + SecretKey: config.SecretKey, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + return &core.SSLDeployResult{}, nil +} diff --git a/internal/pkg/core/deployer/providers/tencentcloud-vod/tencentcloud_vod.go b/pkg/core/ssl-deployer/providers/tencentcloud-vod/tencentcloud_vod.go similarity index 58% rename from internal/pkg/core/deployer/providers/tencentcloud-vod/tencentcloud_vod.go rename to pkg/core/ssl-deployer/providers/tencentcloud-vod/tencentcloud_vod.go index b7c2a3ad..afc4ddb6 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-vod/tencentcloud_vod.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-vod/tencentcloud_vod.go @@ -2,6 +2,7 @@ package tencentcloudvod import ( "context" + "errors" "fmt" "log/slog" @@ -9,12 +10,11 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcvod "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod/v20180717" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -25,54 +25,58 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *tcvod.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *tcvod.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.SecretId, config.SecretKey) + client, err := createSDKClient(config.SecretId, config.SecretKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -94,10 +98,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'vod.SetVodDomainCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(secretId, secretKey string) (*tcvod.Client, error) { +func createSDKClient(secretId, secretKey string) (*tcvod.Client, error) { credential := common.NewCredential(secretId, secretKey) client, err := tcvod.NewClient(credential, "", profile.NewClientProfile()) if err != nil { diff --git a/internal/pkg/core/deployer/providers/tencentcloud-vod/tencentcloud_vod_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-vod/tencentcloud_vod_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/tencentcloud-vod/tencentcloud_vod_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-vod/tencentcloud_vod_test.go index 52382808..a15e6040 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-vod/tencentcloud_vod_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-vod/tencentcloud_vod_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-vod" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-vod" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDVOD_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDVOD_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,12 +37,12 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_vod_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDVOD_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDVOD_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDVOD_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDVOD_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDVOD_SUBAPPID="your-app-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDVOD_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDVOD_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDVOD_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDVOD_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDVOD_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDVOD_SUBAPPID="your-app-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDVOD_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -58,7 +58,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("INSTANCEID: %v", fInstanceId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, SubAppId: fSubAppId, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-waf/tencentcloud_waf.go b/pkg/core/ssl-deployer/providers/tencentcloud-waf/tencentcloud_waf.go similarity index 70% rename from internal/pkg/core/deployer/providers/tencentcloud-waf/tencentcloud_waf.go rename to pkg/core/ssl-deployer/providers/tencentcloud-waf/tencentcloud_waf.go index 1c8e7272..94e42f00 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-waf/tencentcloud_waf.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-waf/tencentcloud_waf.go @@ -10,12 +10,11 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcwaf "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -30,52 +29,52 @@ type DeployerConfig struct { InstanceId string `json:"instanceId"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *tcwaf.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *tcwaf.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.SecretId, config.SecretKey, config.Region) + client, err := createSDKClient(config.SecretId, config.SecretKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Domain == "" { return nil, errors.New("config `domain` is required") } @@ -86,8 +85,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, errors.New("config `instanceId` is required") } - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -120,10 +119,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'waf.ModifySpartaProtection': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(secretId, secretKey, region string) (*tcwaf.Client, error) { +func createSDKClient(secretId, secretKey, region string) (*tcwaf.Client, error) { credential := common.NewCredential(secretId, secretKey) client, err := tcwaf.NewClient(credential, region, profile.NewClientProfile()) if err != nil { diff --git a/internal/pkg/core/deployer/providers/tencentcloud-waf/tencentcloud_waf_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-waf/tencentcloud_waf_test.go similarity index 69% rename from internal/pkg/core/deployer/providers/tencentcloud-waf/tencentcloud_waf_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-waf/tencentcloud_waf_test.go index 8cb63b7d..8d40b9ea 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-waf/tencentcloud_waf_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-waf/tencentcloud_waf_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-waf" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-waf" ) var ( @@ -23,7 +23,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -39,14 +39,14 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_waf_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_REGION="ap-guangzhou" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_DOMAIN="example.com" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_DOMAINID="your-domain-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_INSTANCEID="your-instance-id" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_REGION="ap-guangzhou" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_DOMAIN="example.com" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_DOMAINID="your-domain-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_INSTANCEID="your-instance-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -63,7 +63,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("INSTANCEID: %v", fInstanceId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn.go b/pkg/core/ssl-deployer/providers/ucloud-ucdn/ucloud_ucdn.go similarity index 69% rename from internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn.go rename to pkg/core/ssl-deployer/providers/ucloud-ucdn/ucloud_ucdn.go index 532efb85..8b74b47d 100644 --- a/internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn.go +++ b/pkg/core/ssl-deployer/providers/ucloud-ucdn/ucloud_ucdn.go @@ -11,12 +11,11 @@ import ( "github.com/ucloud/ucloud-sdk-go/ucloud" "github.com/ucloud/ucloud-sdk-go/ucloud/auth" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ucloud-ussl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ucloud-ussl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 优刻得 API 私钥。 PrivateKey string `json:"privateKey"` // 优刻得 API 公钥。 @@ -27,55 +26,59 @@ type DeployerConfig struct { DomainId string `json:"domainId"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *ucdn.UCDNClient - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *ucdn.UCDNClient + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.PrivateKey, config.PublicKey) + client, err := createSDKClient(config.PrivateKey, config.PublicKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ PrivateKey: config.PrivateKey, PublicKey: config.PublicKey, ProjectId: config.ProjectId, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 USSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.DomainId == "" { + return nil, errors.New("config `domainId` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -117,10 +120,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'ucdn.UpdateUcdnDomainHttpsConfigV2': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(privateKey, publicKey string) (*ucdn.UCDNClient, error) { +func createSDKClient(privateKey, publicKey string) (*ucdn.UCDNClient, error) { cfg := ucloud.NewConfig() credential := auth.NewCredential() diff --git a/internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn_test.go b/pkg/core/ssl-deployer/providers/ucloud-ucdn/ucloud_ucdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn_test.go rename to pkg/core/ssl-deployer/providers/ucloud-ucdn/ucloud_ucdn_test.go index f49a026a..93d01c01 100644 --- a/internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn_test.go +++ b/pkg/core/ssl-deployer/providers/ucloud-ucdn/ucloud_ucdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ucloud-ucdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ucloud-ucdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_UCLOUDUCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_UCLOUDUCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./ucloud_ucdn_test.go -args \ - --CERTIMATE_DEPLOYER_UCLOUDUCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_UCLOUDUCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_UCLOUDUCDN_PRIVATEKEY="your-private-key" \ - --CERTIMATE_DEPLOYER_UCLOUDUCDN_PUBLICKEY="your-public-key" \ - --CERTIMATE_DEPLOYER_UCLOUDUCDN_DOMAINID="your-domain-id" + --CERTIMATE_SSLDEPLOYER_UCLOUDUCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUCDN_PRIVATEKEY="your-private-key" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUCDN_PUBLICKEY="your-public-key" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUCDN_DOMAINID="your-domain-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomainId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ PrivateKey: fPrivateKey, PublicKey: fPublicKey, DomainId: fDomainId, diff --git a/internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3.go b/pkg/core/ssl-deployer/providers/ucloud-us3/ucloud_us3.go similarity index 56% rename from internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3.go rename to pkg/core/ssl-deployer/providers/ucloud-us3/ucloud_us3.go index 42a51cb4..d42c2ced 100644 --- a/internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3.go +++ b/pkg/core/ssl-deployer/providers/ucloud-us3/ucloud_us3.go @@ -2,19 +2,19 @@ package ucloudus3 import ( "context" + "errors" "fmt" "log/slog" "github.com/ucloud/ucloud-sdk-go/ucloud" "github.com/ucloud/ucloud-sdk-go/ucloud/auth" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ucloud-ussl" - usdkFile "github.com/usual2970/certimate/internal/pkg/sdk3rd/ucloud/ufile" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ucloud-ussl" + usdkFile "github.com/certimate-go/certimate/pkg/sdk3rd/ucloud/ufile" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 优刻得 API 私钥。 PrivateKey string `json:"privateKey"` // 优刻得 API 公钥。 @@ -29,55 +29,62 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *usdkFile.UFileClient - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *usdkFile.UFileClient + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.PrivateKey, config.PublicKey, config.Region) + client, err := createSDKClient(config.PrivateKey, config.PublicKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ PrivateKey: config.PrivateKey, PublicKey: config.PublicKey, ProjectId: config.ProjectId, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 USSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Bucket == "" { + return nil, errors.New("config `bucket` is required") + } + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -100,10 +107,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'us3.AddUFileSSLCert': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(privateKey, publicKey, region string) (*usdkFile.UFileClient, error) { +func createSDKClient(privateKey, publicKey, region string) (*usdkFile.UFileClient, error) { cfg := ucloud.NewConfig() cfg.Region = region diff --git a/internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3_test.go b/pkg/core/ssl-deployer/providers/ucloud-us3/ucloud_us3_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3_test.go rename to pkg/core/ssl-deployer/providers/ucloud-us3/ucloud_us3_test.go index 9977ee42..eb59a26c 100644 --- a/internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3_test.go +++ b/pkg/core/ssl-deployer/providers/ucloud-us3/ucloud_us3_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ucloud-us3" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ucloud-us3" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_UCLOUDUS3_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_UCLOUDUS3_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./ucloud_us3_test.go -args \ - --CERTIMATE_DEPLOYER_UCLOUDUS3_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_UCLOUDUS3_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_UCLOUDUS3_PRIVATEKEY="your-private-key" \ - --CERTIMATE_DEPLOYER_UCLOUDUS3_PUBLICKEY="your-public-key" \ - --CERTIMATE_DEPLOYER_UCLOUDUS3_REGION="cn-bj2" \ - --CERTIMATE_DEPLOYER_UCLOUDUS3_BUCKET="your-us3-bucket" \ - --CERTIMATE_DEPLOYER_UCLOUDUS3_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_UCLOUDUS3_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUS3_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUS3_PRIVATEKEY="your-private-key" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUS3_PUBLICKEY="your-public-key" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUS3_REGION="cn-bj2" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUS3_BUCKET="your-us3-bucket" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUS3_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ PrivateKey: fPrivateKey, PublicKey: fPublicKey, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/unicloud-webhost/unicloud_webhost.go b/pkg/core/ssl-deployer/providers/unicloud-webhost/unicloud_webhost.go similarity index 61% rename from internal/pkg/core/deployer/providers/unicloud-webhost/unicloud_webhost.go rename to pkg/core/ssl-deployer/providers/unicloud-webhost/unicloud_webhost.go index 82946bf1..d5a80ae5 100644 --- a/internal/pkg/core/deployer/providers/unicloud-webhost/unicloud_webhost.go +++ b/pkg/core/ssl-deployer/providers/unicloud-webhost/unicloud_webhost.go @@ -7,11 +7,11 @@ import ( "log/slog" "net/url" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - unisdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/dcloud/unicloud" + "github.com/certimate-go/certimate/pkg/core" + unisdk "github.com/certimate-go/certimate/pkg/sdk3rd/dcloud/unicloud" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // uniCloud 控制台账号。 Username string `json:"username"` // uniCloud 控制台密码。 @@ -25,41 +25,40 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *unisdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.Username, config.Password) + client, err := createSDKClient(config.Username, config.Password) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.SpaceProvider == "" { return nil, errors.New("config `spaceProvider` is required") } @@ -84,18 +83,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'unicloud.host.CreateDomainWithCert': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(username, password string) (*unisdk.Client, error) { - if username == "" { - return nil, errors.New("invalid unicloud username") - } - - if password == "" { - return nil, errors.New("invalid unicloud password") - } - - client := unisdk.NewClient(username, password) - return client, nil +func createSDKClient(username, password string) (*unisdk.Client, error) { + return unisdk.NewClient(username, password) } diff --git a/internal/pkg/core/deployer/providers/unicloud-webhost/unicloud_webhost_test.go b/pkg/core/ssl-deployer/providers/unicloud-webhost/unicloud_webhost_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/unicloud-webhost/unicloud_webhost_test.go rename to pkg/core/ssl-deployer/providers/unicloud-webhost/unicloud_webhost_test.go index 1e47ba24..589349d2 100644 --- a/internal/pkg/core/deployer/providers/unicloud-webhost/unicloud_webhost_test.go +++ b/pkg/core/ssl-deployer/providers/unicloud-webhost/unicloud_webhost_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/unicloud-webhost" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/unicloud-webhost" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_UNICLOUDWEBHOST_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_UNICLOUDWEBHOST_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./unicloud_webhost_test.go -args \ - --CERTIMATE_DEPLOYER_UNICLOUDWEBHOST_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_UNICLOUDWEBHOST_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_UNICLOUDWEBHOST_USERNAME="your-username" \ - --CERTIMATE_DEPLOYER_UNICLOUDWEBHOST_PASSWORD="your-password" \ - --CERTIMATE_DEPLOYER_UNICLOUDWEBHOST_SPACEPROVIDER="aliyun/tencent" \ - --CERTIMATE_DEPLOYER_UNICLOUDWEBHOST_SPACEID="your-space-id" \ - --CERTIMATE_DEPLOYER_UNICLOUDWEBHOST_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_UNICLOUDWEBHOST_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_UNICLOUDWEBHOST_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_UNICLOUDWEBHOST_USERNAME="your-username" \ + --CERTIMATE_SSLDEPLOYER_UNICLOUDWEBHOST_PASSWORD="your-password" \ + --CERTIMATE_SSLDEPLOYER_UNICLOUDWEBHOST_SPACEPROVIDER="aliyun/tencent" \ + --CERTIMATE_SSLDEPLOYER_UNICLOUDWEBHOST_SPACEID="your-space-id" \ + --CERTIMATE_SSLDEPLOYER_UNICLOUDWEBHOST_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ Username: fUsername, Password: fPassword, SpaceProvider: fSpaceProvider, diff --git a/internal/pkg/core/deployer/providers/upyun-cdn/upyun_cdn.go b/pkg/core/ssl-deployer/providers/upyun-cdn/upyun_cdn.go similarity index 61% rename from internal/pkg/core/deployer/providers/upyun-cdn/upyun_cdn.go rename to pkg/core/ssl-deployer/providers/upyun-cdn/upyun_cdn.go index 2fbe52b8..e34b2a9b 100644 --- a/internal/pkg/core/deployer/providers/upyun-cdn/upyun_cdn.go +++ b/pkg/core/ssl-deployer/providers/upyun-cdn/upyun_cdn.go @@ -8,13 +8,12 @@ import ( "golang.org/x/exp/slices" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/upyun-ssl" - upyunsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/upyun/console" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/upyun-ssl" + upyunsdk "github.com/certimate-go/certimate/pkg/sdk3rd/upyun/console" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 又拍云账号用户名。 Username string `json:"username"` // 又拍云账号密码。 @@ -23,54 +22,58 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *upyunsdk.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *upyunsdk.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.Username, config.Password) + client, err := createSDKClient(config.Username, config.Password) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ Username: config.Username, Password: config.Password, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -112,18 +115,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(username, password string) (*upyunsdk.Client, error) { - if username == "" { - return nil, errors.New("invalid upyun username") - } - - if password == "" { - return nil, errors.New("invalid upyun password") - } - - client := upyunsdk.NewClient(username, password) - return client, nil +func createSDKClient(username, password string) (*upyunsdk.Client, error) { + return upyunsdk.NewClient(username, password) } diff --git a/internal/pkg/core/deployer/providers/upyun-cdn/upyun_cdn_test.go b/pkg/core/ssl-deployer/providers/upyun-cdn/upyun_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/upyun-cdn/upyun_cdn_test.go rename to pkg/core/ssl-deployer/providers/upyun-cdn/upyun_cdn_test.go index 9fd32fd4..4aa94ece 100644 --- a/internal/pkg/core/deployer/providers/upyun-cdn/upyun_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/upyun-cdn/upyun_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/upyun-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/upyun-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_UPYUNCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_UPYUNCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./upyun_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_UPYUNCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_UPYUNCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_UPYUNCDN_USERNAME="your-username" \ - --CERTIMATE_DEPLOYER_UPYUNCDN_PASSWORD="your-password" \ - --CERTIMATE_DEPLOYER_UPYUNCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_UPYUNCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_UPYUNCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_UPYUNCDN_USERNAME="your-username" \ + --CERTIMATE_SSLDEPLOYER_UPYUNCDN_PASSWORD="your-password" \ + --CERTIMATE_SSLDEPLOYER_UPYUNCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ Username: fUsername, Password: fPassword, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/volcengine-alb/consts.go b/pkg/core/ssl-deployer/providers/volcengine-alb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/volcengine-alb/consts.go rename to pkg/core/ssl-deployer/providers/volcengine-alb/consts.go diff --git a/internal/pkg/core/deployer/providers/volcengine-alb/volcengine_alb.go b/pkg/core/ssl-deployer/providers/volcengine-alb/volcengine_alb.go similarity index 80% rename from internal/pkg/core/deployer/providers/volcengine-alb/volcengine_alb.go rename to pkg/core/ssl-deployer/providers/volcengine-alb/volcengine_alb.go index e4d76ab1..2e561f75 100644 --- a/internal/pkg/core/deployer/providers/volcengine-alb/volcengine_alb.go +++ b/pkg/core/ssl-deployer/providers/volcengine-alb/volcengine_alb.go @@ -10,13 +10,12 @@ import ( ve "github.com/volcengine/volcengine-go-sdk/volcengine" vesession "github.com/volcengine/volcengine-go-sdk/volcengine/session" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-certcenter" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 @@ -36,55 +35,55 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *vealb.ALB - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *vealb.ALB + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到证书中心 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -107,10 +106,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -187,7 +186,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.ListenerId == "" { return errors.New("config `listenerId` is required") } @@ -199,7 +198,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { // 查询指定监听器的详细信息 // REF: https://www.volcengine.com/docs/6767/113686 describeListenerAttributesReq := &vealb.DescribeListenerAttributesInput{ @@ -233,8 +232,8 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL // REF: https://www.volcengine.com/docs/6767/113683 modifyListenerAttributesReq := &vealb.ModifyListenerAttributesInput{ ListenerId: ve.String(cloudListenerId), - DomainExtensions: sliceutil.Map( - sliceutil.Filter( + DomainExtensions: xslices.Map( + xslices.Filter( describeListenerAttributesResp.DomainExtensions, func(domain *vealb.DomainExtensionForDescribeListenerAttributesOutput) bool { return *domain.Domain == d.config.Domain @@ -260,7 +259,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*vealb.ALB, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*vealb.ALB, error) { config := ve.NewConfig().WithRegion(region).WithAkSk(accessKeyId, accessKeySecret) session, err := vesession.NewSession(config) diff --git a/internal/pkg/core/deployer/providers/volcengine-alb/volcengine_alb_test.go b/pkg/core/ssl-deployer/providers/volcengine-alb/volcengine_alb_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/volcengine-alb/volcengine_alb_test.go rename to pkg/core/ssl-deployer/providers/volcengine-alb/volcengine_alb_test.go index 18999397..b8614ec5 100644 --- a/internal/pkg/core/deployer/providers/volcengine-alb/volcengine_alb_test.go +++ b/pkg/core/ssl-deployer/providers/volcengine-alb/volcengine_alb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-alb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-alb" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_VOLCENGINEALB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_VOLCENGINEALB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./volcengine_alb_test.go -args \ - --CERTIMATE_DEPLOYER_VOLCENGINEALB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINEALB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINEALB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_VOLCENGINEALB_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_VOLCENGINEALB_REGION="cn-beijing" \ - --CERTIMATE_DEPLOYER_VOLCENGINEALB_LISTENERID="your-listener-id" + --CERTIMATE_SSLDEPLOYER_VOLCENGINEALB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEALB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEALB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEALB_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEALB_REGION="cn-beijing" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEALB_LISTENERID="your-listener-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LISTENERID: %v", fListenerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go b/pkg/core/ssl-deployer/providers/volcengine-cdn/volcengine_cdn.go similarity index 70% rename from internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go rename to pkg/core/ssl-deployer/providers/volcengine-cdn/volcengine_cdn.go index e67e8885..8bb1eb64 100644 --- a/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go +++ b/pkg/core/ssl-deployer/providers/volcengine-cdn/volcengine_cdn.go @@ -9,12 +9,11 @@ import ( vecdn "github.com/volcengine/volc-sdk-golang/service/cdn" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-cdn" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-cdn" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 @@ -23,53 +22,57 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *vecdn.CDN - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *vecdn.CDN + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } client := vecdn.NewInstance() client.Client.SetAccessKey(config.AccessKeyId) client.Client.SetSecretKey(config.AccessKeySecret) - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CDN - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -140,5 +143,5 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } diff --git a/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn_test.go b/pkg/core/ssl-deployer/providers/volcengine-cdn/volcengine_cdn_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn_test.go rename to pkg/core/ssl-deployer/providers/volcengine-cdn/volcengine_cdn_test.go index 1535deae..0d83f202 100644 --- a/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/volcengine-cdn/volcengine_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_VOLCENGINECDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_VOLCENGINECDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./volcengine_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_VOLCENGINECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINECDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_VOLCENGINECDN_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_VOLCENGINECDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_VOLCENGINECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECDN_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domain: fDomain, diff --git a/pkg/core/ssl-deployer/providers/volcengine-certcenter/volcengine_certcenter.go b/pkg/core/ssl-deployer/providers/volcengine-certcenter/volcengine_certcenter.go new file mode 100644 index 00000000..a8eaf1ac --- /dev/null +++ b/pkg/core/ssl-deployer/providers/volcengine-certcenter/volcengine_certcenter.go @@ -0,0 +1,71 @@ +package volcenginecertcenter + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-certcenter" +) + +type SSLDeployerProviderConfig struct { + // 火山引擎 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 火山引擎 AccessKeySecret。 + AccessKeySecret string `json:"accessKeySecret"` + // 火山引擎地域。 + Region string `json:"region"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + AccessKeySecret: config.AccessKeySecret, + Region: config.Region, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + return &core.SSLDeployResult{}, nil +} diff --git a/internal/pkg/core/deployer/providers/volcengine-clb/consts.go b/pkg/core/ssl-deployer/providers/volcengine-clb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/volcengine-clb/consts.go rename to pkg/core/ssl-deployer/providers/volcengine-clb/consts.go diff --git a/internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb.go b/pkg/core/ssl-deployer/providers/volcengine-clb/volcengine_clb.go similarity index 76% rename from internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb.go rename to pkg/core/ssl-deployer/providers/volcengine-clb/volcengine_clb.go index bc2dc9e0..82a0ba5a 100644 --- a/internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb.go +++ b/pkg/core/ssl-deployer/providers/volcengine-clb/volcengine_clb.go @@ -10,12 +10,11 @@ import ( ve "github.com/volcengine/volcengine-go-sdk/volcengine" vesession "github.com/volcengine/volcengine-go-sdk/volcengine/session" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-certcenter" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 @@ -32,55 +31,55 @@ type DeployerConfig struct { ListenerId string `json:"listenerId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *veclb.CLB - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *veclb.CLB + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到证书中心 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -103,10 +102,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -183,7 +182,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.ListenerId == "" { return errors.New("config `listenerId` is required") } @@ -195,7 +194,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { // 修改指定监听器 // REF: https://www.volcengine.com/docs/6406/71775 modifyListenerAttributesReq := &veclb.ModifyListenerAttributesInput{ @@ -212,7 +211,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*veclb.CLB, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*veclb.CLB, error) { config := ve.NewConfig().WithRegion(region).WithAkSk(accessKeyId, accessKeySecret) session, err := vesession.NewSession(config) diff --git a/internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb_test.go b/pkg/core/ssl-deployer/providers/volcengine-clb/volcengine_clb_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb_test.go rename to pkg/core/ssl-deployer/providers/volcengine-clb/volcengine_clb_test.go index fb78eba5..2c54b7b9 100644 --- a/internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb_test.go +++ b/pkg/core/ssl-deployer/providers/volcengine-clb/volcengine_clb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-clb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-clb" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_VOLCENGINECLB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_VOLCENGINECLB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./volcengine_clb_test.go -args \ - --CERTIMATE_DEPLOYER_VOLCENGINECLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINECLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINECLB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_VOLCENGINECLB_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_VOLCENGINECLB_REGION="cn-beijing" \ - --CERTIMATE_DEPLOYER_VOLCENGINECLB_LISTENERID="your-listener-id" + --CERTIMATE_SSLDEPLOYER_VOLCENGINECLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECLB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECLB_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECLB_REGION="cn-beijing" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECLB_LISTENERID="your-listener-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LISTENERID: %v", fListenerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn.go b/pkg/core/ssl-deployer/providers/volcengine-dcdn/volcengine_dcdn.go similarity index 58% rename from internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn.go rename to pkg/core/ssl-deployer/providers/volcengine-dcdn/volcengine_dcdn.go index 82021205..5481e47f 100644 --- a/internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn.go +++ b/pkg/core/ssl-deployer/providers/volcengine-dcdn/volcengine_dcdn.go @@ -2,6 +2,7 @@ package volcenginedcdn import ( "context" + "errors" "fmt" "log/slog" "strings" @@ -10,12 +11,11 @@ import ( ve "github.com/volcengine/volcengine-go-sdk/volcengine" vesession "github.com/volcengine/volcengine-go-sdk/volcengine/session" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-certcenter" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 @@ -26,55 +26,59 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *vedcdn.DCDN - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *vedcdn.DCDN + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到证书中心 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -97,10 +101,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'dcdn.CreateCertBind': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*vedcdn.DCDN, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*vedcdn.DCDN, error) { if region == "" { region = "cn-beijing" // DCDN 服务默认区域:北京 } diff --git a/internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn_test.go b/pkg/core/ssl-deployer/providers/volcengine-dcdn/volcengine_dcdn_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn_test.go rename to pkg/core/ssl-deployer/providers/volcengine-dcdn/volcengine_dcdn_test.go index 27bd02ce..86270ff2 100644 --- a/internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn_test.go +++ b/pkg/core/ssl-deployer/providers/volcengine-dcdn/volcengine_dcdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-dcdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-dcdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_VOLCENGINEDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_VOLCENGINEDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./volcengine_dcdn_test.go -args \ - --CERTIMATE_DEPLOYER_VOLCENGINEDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINEDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINEDCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_VOLCENGINEDCDN_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_VOLCENGINEDCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_VOLCENGINEDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEDCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEDCDN_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEDCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/volcengine-imagex/volcengine_imagex.go b/pkg/core/ssl-deployer/providers/volcengine-imagex/volcengine_imagex.go similarity index 72% rename from internal/pkg/core/deployer/providers/volcengine-imagex/volcengine_imagex.go rename to pkg/core/ssl-deployer/providers/volcengine-imagex/volcengine_imagex.go index a7c974b4..a129b33b 100644 --- a/internal/pkg/core/deployer/providers/volcengine-imagex/volcengine_imagex.go +++ b/pkg/core/ssl-deployer/providers/volcengine-imagex/volcengine_imagex.go @@ -9,12 +9,11 @@ import ( vebase "github.com/volcengine/volc-sdk-golang/base" veimagex "github.com/volcengine/volc-sdk-golang/service/imagex/v2" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-certcenter" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 @@ -27,53 +26,53 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *veimagex.Imagex - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *veimagex.Imagex + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.ServiceId == "" { return nil, errors.New("config `serviceId` is required") } @@ -81,8 +80,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, errors.New("config `domain` is required") } - // 上传证书到证书中心 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -130,10 +129,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'imagex.UpdateHttps': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*veimagex.Imagex, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*veimagex.Imagex, error) { var instance *veimagex.Imagex if region == "" { instance = veimagex.NewInstance() diff --git a/internal/pkg/core/deployer/providers/volcengine-imagex/volcengine_imagex_test.go b/pkg/core/ssl-deployer/providers/volcengine-imagex/volcengine_imagex_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/volcengine-imagex/volcengine_imagex_test.go rename to pkg/core/ssl-deployer/providers/volcengine-imagex/volcengine_imagex_test.go index 32a43555..ed67d755 100644 --- a/internal/pkg/core/deployer/providers/volcengine-imagex/volcengine_imagex_test.go +++ b/pkg/core/ssl-deployer/providers/volcengine-imagex/volcengine_imagex_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-imagex" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-imagex" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_VOLCENGINEIMAGEX_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_VOLCENGINEIMAGEX_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./volcengine_imagex_test.go -args \ - --CERTIMATE_DEPLOYER_VOLCENGINEIMAGEX_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINEIMAGEX_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINEIMAGEX_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_VOLCENGINEIMAGEX_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_VOLCENGINEIMAGEX_REGION="cn-north-1" \ - --CERTIMATE_DEPLOYER_VOLCENGINEIMAGEX_SERVICEID="your-service-id" \ - --CERTIMATE_DEPLOYER_VOLCENGINEIMAGEX_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_VOLCENGINEIMAGEX_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEIMAGEX_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEIMAGEX_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEIMAGEX_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEIMAGEX_REGION="cn-north-1" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEIMAGEX_SERVICEID="your-service-id" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEIMAGEX_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go b/pkg/core/ssl-deployer/providers/volcengine-live/volcengine_live.go similarity index 72% rename from internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go rename to pkg/core/ssl-deployer/providers/volcengine-live/volcengine_live.go index 3195d810..1737b1fe 100644 --- a/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go +++ b/pkg/core/ssl-deployer/providers/volcengine-live/volcengine_live.go @@ -10,12 +10,11 @@ import ( velive "github.com/volcengine/volc-sdk-golang/service/live/v20230101" ve "github.com/volcengine/volcengine-go-sdk/volcengine" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-live" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-live" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 @@ -24,53 +23,57 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *velive.Live - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *velive.Live + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } client := velive.NewInstance() client.SetAccessKey(config.AccessKeyId) client.SetSecretKey(config.AccessKeySecret) - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 Live - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -149,5 +152,5 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } diff --git a/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live_test.go b/pkg/core/ssl-deployer/providers/volcengine-live/volcengine_live_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/volcengine-live/volcengine_live_test.go rename to pkg/core/ssl-deployer/providers/volcengine-live/volcengine_live_test.go index 57891eea..ce123dc2 100644 --- a/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live_test.go +++ b/pkg/core/ssl-deployer/providers/volcengine-live/volcengine_live_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-live" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-live" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_VOLCENGINELIVE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_VOLCENGINELIVE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./volcengine_live_test.go -args \ - --CERTIMATE_DEPLOYER_VOLCENGINELIVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINELIVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINELIVE_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_VOLCENGINELIVE_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_VOLCENGINELIVE_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_VOLCENGINELIVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINELIVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINELIVE_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINELIVE_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINELIVE_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos.go b/pkg/core/ssl-deployer/providers/volcengine-tos/volcengine_tos.go similarity index 60% rename from internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos.go rename to pkg/core/ssl-deployer/providers/volcengine-tos/volcengine_tos.go index 674106e1..c274b453 100644 --- a/internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos.go +++ b/pkg/core/ssl-deployer/providers/volcengine-tos/volcengine_tos.go @@ -8,12 +8,11 @@ import ( "github.com/volcengine/ve-tos-golang-sdk/v2/tos" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-certcenter" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 @@ -26,53 +25,53 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *tos.ClientV2 - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *tos.ClientV2 + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Bucket == "" { return nil, errors.New("config `bucket` is required") } @@ -80,8 +79,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, errors.New("config `domain` is required") } - // 上传证书到证书中心 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -103,10 +102,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'tos.PutBucketCustomDomain': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*tos.ClientV2, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*tos.ClientV2, error) { endpoint := fmt.Sprintf("tos-%s.ivolces.com", region) client, err := tos.NewClientV2( diff --git a/internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos_test.go b/pkg/core/ssl-deployer/providers/volcengine-tos/volcengine_tos_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos_test.go rename to pkg/core/ssl-deployer/providers/volcengine-tos/volcengine_tos_test.go index 8dc1cf3d..913ae2c0 100644 --- a/internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos_test.go +++ b/pkg/core/ssl-deployer/providers/volcengine-tos/volcengine_tos_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-tos" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-tos" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_VOLCENGINETOS_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_VOLCENGINETOS_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./volcengine_tos_test.go -args \ - --CERTIMATE_DEPLOYER_VOLCENGINETOS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINETOS_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINETOS_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_VOLCENGINETOS_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_VOLCENGINETOS_REGION="cn-beijing" \ - --CERTIMATE_DEPLOYER_VOLCENGINETOS_BUCKET="your-tos-bucket" \ - --CERTIMATE_DEPLOYER_VOLCENGINETOS_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_VOLCENGINETOS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINETOS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINETOS_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINETOS_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINETOS_REGION="cn-beijing" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINETOS_BUCKET="your-tos-bucket" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINETOS_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/pkg/core/ssl-deployer/providers/wangsu-cdn/wangsu_cdn.go b/pkg/core/ssl-deployer/providers/wangsu-cdn/wangsu_cdn.go new file mode 100644 index 00000000..8ccce845 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/wangsu-cdn/wangsu_cdn.go @@ -0,0 +1,103 @@ +package wangsucdn + +import ( + "context" + "errors" + "fmt" + "log/slog" + "strconv" + "strings" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/wangsu-certificate" + wangsusdk "github.com/certimate-go/certimate/pkg/sdk3rd/wangsu/cdn" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" +) + +type SSLDeployerProviderConfig struct { + // 网宿云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 网宿云 AccessKeySecret。 + AccessKeySecret string `json:"accessKeySecret"` + // 加速域名数组(支持泛域名)。 + Domains []string `json:"domains"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *wangsusdk.Client + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + AccessKeySecret: config.AccessKeySecret, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if len(d.config.Domains) == 0 { + return nil, errors.New("config `domains` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + // 批量修改域名证书配置 + // REF: https://www.wangsu.com/document/api-doc/37447 + certId, _ := strconv.ParseInt(upres.CertId, 10, 64) + batchUpdateCertificateConfigReq := &wangsusdk.BatchUpdateCertificateConfigRequest{ + CertificateId: certId, + DomainNames: xslices.Map(d.config.Domains, func(domain string) string { + // "*.example.com" → ".example.com",适配网宿云 CDN 要求的泛域名格式 + return strings.TrimPrefix(domain, "*") + }), + } + batchUpdateCertificateConfigResp, err := d.sdkClient.BatchUpdateCertificateConfig(batchUpdateCertificateConfigReq) + d.logger.Debug("sdk request 'cdn.BatchUpdateCertificateConfig'", slog.Any("request", batchUpdateCertificateConfigReq), slog.Any("response", batchUpdateCertificateConfigResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cdn.BatchUpdateCertificateConfig': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(accessKeyId, accessKeySecret string) (*wangsusdk.Client, error) { + return wangsusdk.NewClient(accessKeyId, accessKeySecret) +} diff --git a/internal/pkg/core/deployer/providers/wangsu-cdn/wangsu_cdn_test.go b/pkg/core/ssl-deployer/providers/wangsu-cdn/wangsu_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/wangsu-cdn/wangsu_cdn_test.go rename to pkg/core/ssl-deployer/providers/wangsu-cdn/wangsu_cdn_test.go index 99859b85..f64bf87c 100644 --- a/internal/pkg/core/deployer/providers/wangsu-cdn/wangsu_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/wangsu-cdn/wangsu_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/wangsu-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/wangsu-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_WANGSUCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_WANGSUCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./wangsu_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_WANGSUCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_WANGSUCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_WANGSUCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_WANGSUCDN_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_WANGSUCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_WANGSUCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDN_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domains: []string{fDomain}, diff --git a/internal/pkg/core/deployer/providers/wangsu-cdnpro/wangsu_cdnpro.go b/pkg/core/ssl-deployer/providers/wangsu-cdnpro/wangsu_cdnpro.go similarity index 76% rename from internal/pkg/core/deployer/providers/wangsu-cdnpro/wangsu_cdnpro.go rename to pkg/core/ssl-deployer/providers/wangsu-cdnpro/wangsu_cdnpro.go index 0780f80d..ec970b30 100644 --- a/internal/pkg/core/deployer/providers/wangsu-cdnpro/wangsu_cdnpro.go +++ b/pkg/core/ssl-deployer/providers/wangsu-cdnpro/wangsu_cdnpro.go @@ -16,13 +16,13 @@ import ( "strconv" "time" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - wangsucdn "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/cdnpro" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + wangsucdn "github.com/certimate-go/certimate/pkg/sdk3rd/wangsu/cdnpro" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 网宿云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 网宿云 AccessKeySecret。 @@ -41,47 +41,46 @@ type DeployerConfig struct { WebhookId string `json:"webhookId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *wangsucdn.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Domain == "" { return nil, errors.New("config `domain` is required") } // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -98,11 +97,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE if err != nil { return nil, fmt.Errorf("failed to encrypt private key: %w", err) } - certificateNewVersionInfo := &wangsucdn.CertificateVersion{ - PrivateKey: typeutil.ToPtr(encryptedPrivateKey), - Certificate: typeutil.ToPtr(certPEM), + certificateNewVersionInfo := &wangsucdn.CertificateVersionInfo{ + PrivateKey: xtypes.ToPtr(encryptedPrivateKey), + Certificate: xtypes.ToPtr(certPEM), IdentificationInfo: &wangsucdn.CertificateVersionIdentificationInfo{ - CommonName: typeutil.ToPtr(certX509.Subject.CommonName), + CommonName: xtypes.ToPtr(certX509.Subject.CommonName), SubjectAlternativeNames: &certX509.DNSNames, }, } @@ -121,8 +120,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 创建证书 createCertificateReq := &wangsucdn.CreateCertificateRequest{ Timestamp: timestamp, - Name: typeutil.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), - AutoRenew: typeutil.ToPtr("Off"), + Name: xtypes.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), + AutoRenew: xtypes.ToPtr("Off"), NewVersion: certificateNewVersionInfo, } createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) @@ -131,7 +130,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cdnpro.CreateCertificate': %w", err) } - wangsuCertUrl = createCertificateResp.CertificateUrl + wangsuCertUrl = createCertificateResp.CertificateLocation d.logger.Info("ssl certificate uploaded", slog.Any("certUrl", wangsuCertUrl)) wangsuCertIdMatches := regexp.MustCompile(`/certificates/([a-zA-Z0-9-]+)`).FindStringSubmatch(wangsuCertUrl) @@ -144,8 +143,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 更新证书 updateCertificateReq := &wangsucdn.UpdateCertificateRequest{ Timestamp: timestamp, - Name: typeutil.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), - AutoRenew: typeutil.ToPtr("Off"), + Name: xtypes.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), + AutoRenew: xtypes.ToPtr("Off"), NewVersion: certificateNewVersionInfo, } updateCertificateResp, err := d.sdkClient.UpdateCertificate(d.config.CertificateId, updateCertificateReq) @@ -154,7 +153,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cdnpro.UpdateCertificate': %w", err) } - wangsuCertUrl = updateCertificateResp.CertificateUrl + wangsuCertUrl = updateCertificateResp.CertificateLocation d.logger.Info("ssl certificate uploaded", slog.Any("certUrl", wangsuCertUrl)) wangsuCertIdMatches := regexp.MustCompile(`/certificates/([a-zA-Z0-9-]+)`).FindStringSubmatch(wangsuCertUrl) @@ -172,18 +171,18 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 创建部署任务 // REF: https://www.wangsu.com/document/api-doc/27034 createDeploymentTaskReq := &wangsucdn.CreateDeploymentTaskRequest{ - Name: typeutil.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), - Target: typeutil.ToPtr(d.config.Environment), - Actions: &[]wangsucdn.DeploymentTaskAction{ + Name: xtypes.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), + Target: xtypes.ToPtr(d.config.Environment), + Actions: &[]wangsucdn.DeploymentTaskActionInfo{ { - Action: typeutil.ToPtr("deploy_cert"), - CertificateId: typeutil.ToPtr(wangsuCertId), - Version: typeutil.ToPtr(wangsuCertVer), + Action: xtypes.ToPtr("deploy_cert"), + CertificateId: xtypes.ToPtr(wangsuCertId), + Version: xtypes.ToPtr(wangsuCertVer), }, }, } if d.config.WebhookId != "" { - createDeploymentTaskReq.Webhook = typeutil.ToPtr(d.config.WebhookId) + createDeploymentTaskReq.Webhook = xtypes.ToPtr(d.config.WebhookId) } createDeploymentTaskResp, err := d.sdkClient.CreateDeploymentTask(createDeploymentTaskReq) d.logger.Debug("sdk request 'cdnpro.CreateCertificate'", slog.Any("request", createDeploymentTaskReq), slog.Any("response", createDeploymentTaskResp)) @@ -194,7 +193,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 循环获取部署任务详细信息,等待任务状态变更 // REF: https://www.wangsu.com/document/api-doc/27038 var wangsuTaskId string - wangsuTaskMatches := regexp.MustCompile(`/deploymentTasks/([a-zA-Z0-9-]+)`).FindStringSubmatch(createDeploymentTaskResp.DeploymentTaskUrl) + wangsuTaskMatches := regexp.MustCompile(`/deploymentTasks/([a-zA-Z0-9-]+)`).FindStringSubmatch(createDeploymentTaskResp.DeploymentTaskLocation) if len(wangsuTaskMatches) > 1 { wangsuTaskId = wangsuTaskMatches[1] } @@ -221,19 +220,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE time.Sleep(time.Second * 5) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*wangsucdn.Client, error) { - if accessKeyId == "" { - return nil, errors.New("invalid wangsu access key id") - } - - if accessKeySecret == "" { - return nil, errors.New("invalid wangsu access key secret") - } - - return wangsucdn.NewClient(accessKeyId, accessKeySecret), nil +func createSDKClient(accessKeyId, accessKeySecret string) (*wangsucdn.Client, error) { + return wangsucdn.NewClient(accessKeyId, accessKeySecret) } func encryptPrivateKey(privkeyPEM string, apiKey string, timestamp int64) (string, error) { diff --git a/internal/pkg/core/deployer/providers/wangsu-cdnpro/wangsu_cdnpro_test.go b/pkg/core/ssl-deployer/providers/wangsu-cdnpro/wangsu_cdnpro_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/wangsu-cdnpro/wangsu_cdnpro_test.go rename to pkg/core/ssl-deployer/providers/wangsu-cdnpro/wangsu_cdnpro_test.go index 51018fe4..e9ee2fb3 100644 --- a/internal/pkg/core/deployer/providers/wangsu-cdnpro/wangsu_cdnpro_test.go +++ b/pkg/core/ssl-deployer/providers/wangsu-cdnpro/wangsu_cdnpro_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/wangsu-cdnpro" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/wangsu-cdnpro" ) var ( @@ -24,7 +24,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_WANGSUCDNPRO_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -41,15 +41,15 @@ func init() { Shell command to run this test: go test -v ./wangsu_cdnpro_test.go -args \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_APIKEY="your-api-key" \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_ENVIRONMENT="production" \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_DOMAIN="example.com" \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_CERTIFICATEID="your-certificate-id" \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_WEBHOOKID="your-webhook-id" + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_APIKEY="your-api-key" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_ENVIRONMENT="production" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_DOMAIN="example.com" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_CERTIFICATEID="your-certificate-id" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_WEBHOOKID="your-webhook-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -68,7 +68,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("WEBHOOKID: %v", fWebhookId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, ApiKey: fApiKey, diff --git a/pkg/core/ssl-deployer/providers/wangsu-certificate/wangsu_certificate.go b/pkg/core/ssl-deployer/providers/wangsu-certificate/wangsu_certificate.go new file mode 100644 index 00000000..19645615 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/wangsu-certificate/wangsu_certificate.go @@ -0,0 +1,99 @@ +package wangsucertificate + +import ( + "context" + "errors" + "fmt" + "log/slog" + "time" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/wangsu-certificate" + wangsusdk "github.com/certimate-go/certimate/pkg/sdk3rd/wangsu/certificate" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLDeployerProviderConfig struct { + // 网宿云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 网宿云 AccessKeySecret。 + AccessKeySecret string `json:"accessKeySecret"` + // 证书 ID。 + // 选填。零值时表示新建证书;否则表示更新证书。 + CertificateId string `json:"certificateId,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *wangsusdk.Client + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + AccessKeySecret: config.AccessKeySecret, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.CertificateId == "" { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + } else { + // 修改证书 + // REF: https://www.wangsu.com/document/api-doc/25568?productCode=certificatemanagement + updateCertificateReq := &wangsusdk.UpdateCertificateRequest{ + Name: xtypes.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), + Certificate: xtypes.ToPtr(certPEM), + PrivateKey: xtypes.ToPtr(privkeyPEM), + Comment: xtypes.ToPtr("upload from certimate"), + } + updateCertificateResp, err := d.sdkClient.UpdateCertificate(d.config.CertificateId, updateCertificateReq) + d.logger.Debug("sdk request 'certificatemanagement.UpdateCertificate'", slog.Any("request", updateCertificateReq), slog.Any("response", updateCertificateResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'certificatemanagement.CreateCertificate': %w", err) + } + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(accessKeyId, accessKeySecret string) (*wangsusdk.Client, error) { + return wangsusdk.NewClient(accessKeyId, accessKeySecret) +} diff --git a/internal/pkg/core/deployer/providers/wangsu-certificate/wangsu_certificate_test.go b/pkg/core/ssl-deployer/providers/wangsu-certificate/wangsu_certificate_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/wangsu-certificate/wangsu_certificate_test.go rename to pkg/core/ssl-deployer/providers/wangsu-certificate/wangsu_certificate_test.go index a6805ec9..3b17f7e9 100644 --- a/internal/pkg/core/deployer/providers/wangsu-certificate/wangsu_certificate_test.go +++ b/pkg/core/ssl-deployer/providers/wangsu-certificate/wangsu_certificate_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/wangsu-certificate" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/wangsu-certificate" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_WANGSUCERTIFICATE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_WANGSUCERTIFICATE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./wangsu_certificate_test.go -args \ - --CERTIMATE_DEPLOYER_WANGSUCERTIFICATE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_WANGSUCERTIFICATE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_WANGSUCERTIFICATE_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_WANGSUCERTIFICATE_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_WANGSUCERTIFICATE_CERTIFICATEID="your-certificate-id" + --CERTIMATE_SSLDEPLOYER_WANGSUCERTIFICATE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCERTIFICATE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCERTIFICATE_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCERTIFICATE_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCERTIFICATE_CERTIFICATEID="your-certificate-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("CERTIFICATEID: %v", fCertificateId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, CertificateId: fCertificateId, diff --git a/internal/pkg/core/deployer/providers/webhook/webhook.go b/pkg/core/ssl-deployer/providers/webhook/webhook.go similarity index 86% rename from internal/pkg/core/deployer/providers/webhook/webhook.go rename to pkg/core/ssl-deployer/providers/webhook/webhook.go index 7ad6d6b0..2bf1aa14 100644 --- a/internal/pkg/core/deployer/providers/webhook/webhook.go +++ b/pkg/core/ssl-deployer/providers/webhook/webhook.go @@ -4,6 +4,7 @@ import ( "context" "crypto/tls" "encoding/json" + "errors" "fmt" "log/slog" "net/http" @@ -13,11 +14,11 @@ import ( "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // Webhook URL。 WebhookUrl string `json:"webhookUrl"` // Webhook 回调数据(application/json 或 application/x-www-form-urlencoded 格式)。 @@ -31,17 +32,17 @@ type DeployerConfig struct { AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } client := resty.New(). @@ -52,31 +53,30 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { client.SetTLSClientConfig(&tls.Config{InsecureSkipVerify: true}) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), httpClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to parse x509: %w", err) } // 提取服务器证书和中间证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -185,7 +185,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE d.logger.Debug("webhook responded", slog.Any("response", resp.String())) - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } func replaceJsonValueRecursively(data interface{}, oldStr, newStr string) interface{} { diff --git a/internal/pkg/core/deployer/providers/webhook/webhook_test.go b/pkg/core/ssl-deployer/providers/webhook/webhook_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/webhook/webhook_test.go rename to pkg/core/ssl-deployer/providers/webhook/webhook_test.go index 8642ef14..bd089ed3 100644 --- a/internal/pkg/core/deployer/providers/webhook/webhook_test.go +++ b/pkg/core/ssl-deployer/providers/webhook/webhook_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/webhook" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/webhook" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_WEBHOOK_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_WEBHOOK_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./webhook_test.go -args \ - --CERTIMATE_DEPLOYER_WEBHOOK_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_WEBHOOK_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_WEBHOOK_URL="https://example.com/your-webhook-url" \ - --CERTIMATE_DEPLOYER_WEBHOOK_CONTENTTYPE="application/json" \ - --CERTIMATE_DEPLOYER_WEBHOOK_DATA="{\"certificate\":\"${CERTIFICATE}\",\"privateKey\":\"${PRIVATE_KEY}\"}" + --CERTIMATE_SSLDEPLOYER_WEBHOOK_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_WEBHOOK_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_WEBHOOK_URL="https://example.com/your-webhook-url" \ + --CERTIMATE_SSLDEPLOYER_WEBHOOK_CONTENTTYPE="application/json" \ + --CERTIMATE_SSLDEPLOYER_WEBHOOK_DATA="{\"certificate\":\"${CERTIFICATE}\",\"privateKey\":\"${PRIVATE_KEY}\"}" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("WEBHOOKDATA: %v", fWebhookData), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ WebhookUrl: fWebhookUrl, WebhookData: fWebhookData, Method: "POST", diff --git a/pkg/core/ssl-manager/providers/1panel-ssl/1panel_ssl.go b/pkg/core/ssl-manager/providers/1panel-ssl/1panel_ssl.go new file mode 100644 index 00000000..e656323f --- /dev/null +++ b/pkg/core/ssl-manager/providers/1panel-ssl/1panel_ssl.go @@ -0,0 +1,232 @@ +package onepanelssl + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "log/slog" + "strings" + "time" + + "github.com/certimate-go/certimate/pkg/core" + onepanelsdk "github.com/certimate-go/certimate/pkg/sdk3rd/1panel" + onepanelsdkv2 "github.com/certimate-go/certimate/pkg/sdk3rd/1panel/v2" +) + +type SSLManagerProviderConfig struct { + // 1Panel 服务地址。 + ServerUrl string `json:"serverUrl"` + // 1Panel 版本。 + ApiVersion string `json:"apiVersion"` + // 1Panel 接口密钥。 + ApiKey string `json:"apiKey"` + // 是否允许不安全的连接。 + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` +} + +type SSLManagerProvider struct { + config *SSLManagerProviderConfig + logger *slog.Logger + sdkClient any +} + +var _ core.SSLManager = (*SSLManagerProvider)(nil) + +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl manager provider is nil") + } + + client, err := createSDKClient(config.ServerUrl, config.ApiVersion, config.ApiKey, config.AllowInsecureConnections) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLManagerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + m.logger = slog.New(slog.DiscardHandler) + } else { + m.logger = logger + } +} + +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 遍历证书列表,避免重复上传 + if res, err := m.findCertIfExists(ctx, certPEM, privkeyPEM); err != nil { + return nil, err + } else if res != nil { + m.logger.Info("ssl certificate already exists") + return res, nil + } + + // 生成新证书名(需符合 1Panel 命名规则) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + + // 上传证书 + switch sdkClient := m.sdkClient.(type) { + case *onepanelsdk.Client: + { + uploadWebsiteSSLReq := &onepanelsdk.UploadWebsiteSSLRequest{ + Type: "paste", + Description: certName, + Certificate: certPEM, + PrivateKey: privkeyPEM, + } + uploadWebsiteSSLResp, err := sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq) + m.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err) + } + } + + case *onepanelsdkv2.Client: + { + uploadWebsiteSSLReq := &onepanelsdkv2.UploadWebsiteSSLRequest{ + Type: "paste", + Description: certName, + Certificate: certPEM, + PrivateKey: privkeyPEM, + } + uploadWebsiteSSLResp, err := sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq) + m.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err) + } + } + + default: + panic("sdk client is not implemented") + } + + // 遍历证书列表,获取刚刚上传证书 ID + if res, err := m.findCertIfExists(ctx, certPEM, privkeyPEM); err != nil { + return nil, err + } else if res == nil { + return nil, fmt.Errorf("no ssl certificate found, may be upload failed") + } else { + return res, nil + } +} + +func (m *SSLManagerProvider) findCertIfExists(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + searchWebsiteSSLPageNumber := int32(1) + searchWebsiteSSLPageSize := int32(100) + searchWebsiteSSLItemsCount := int32(0) + for { + select { + case <-ctx.Done(): + return nil, ctx.Err() + default: + } + + switch sdkClient := m.sdkClient.(type) { + case *onepanelsdk.Client: + { + searchWebsiteSSLReq := &onepanelsdk.SearchWebsiteSSLRequest{ + Page: searchWebsiteSSLPageNumber, + PageSize: searchWebsiteSSLPageSize, + } + searchWebsiteSSLResp, err := sdkClient.SearchWebsiteSSL(searchWebsiteSSLReq) + m.logger.Debug("sdk request '1panel.SearchWebsiteSSL'", slog.Any("request", searchWebsiteSSLReq), slog.Any("response", searchWebsiteSSLResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request '1panel.SearchWebsiteSSL': %w", err) + } + + if searchWebsiteSSLResp.Data != nil { + for _, sslItem := range searchWebsiteSSLResp.Data.Items { + if strings.TrimSpace(sslItem.PEM) == strings.TrimSpace(certPEM) && + strings.TrimSpace(sslItem.PrivateKey) == strings.TrimSpace(privkeyPEM) { + // 如果已存在相同证书,直接返回 + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", sslItem.ID), + CertName: sslItem.Description, + }, nil + } + } + } + + searchWebsiteSSLItemsCount = searchWebsiteSSLResp.Data.Total + } + + case *onepanelsdkv2.Client: + { + searchWebsiteSSLReq := &onepanelsdkv2.SearchWebsiteSSLRequest{ + Page: searchWebsiteSSLPageNumber, + PageSize: searchWebsiteSSLPageSize, + } + searchWebsiteSSLResp, err := sdkClient.SearchWebsiteSSL(searchWebsiteSSLReq) + m.logger.Debug("sdk request '1panel.SearchWebsiteSSL'", slog.Any("request", searchWebsiteSSLReq), slog.Any("response", searchWebsiteSSLResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request '1panel.SearchWebsiteSSL': %w", err) + } + + if searchWebsiteSSLResp.Data != nil { + for _, sslItem := range searchWebsiteSSLResp.Data.Items { + if strings.TrimSpace(sslItem.PEM) == strings.TrimSpace(certPEM) && + strings.TrimSpace(sslItem.PrivateKey) == strings.TrimSpace(privkeyPEM) { + // 如果已存在相同证书,直接返回 + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", sslItem.ID), + CertName: sslItem.Description, + }, nil + } + } + } + + searchWebsiteSSLItemsCount = searchWebsiteSSLResp.Data.Total + } + + default: + panic("sdk client is not implemented") + } + + if searchWebsiteSSLItemsCount < searchWebsiteSSLPageSize { + break + } else { + searchWebsiteSSLPageNumber++ + } + } + + return nil, nil +} + +const ( + sdkVersionV1 = "v1" + sdkVersionV2 = "v2" +) + +func createSDKClient(serverUrl, apiVersion, apiKey string, skipTlsVerify bool) (any, error) { + if apiVersion == sdkVersionV1 { + client, err := onepanelsdk.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil + } else if apiVersion == sdkVersionV2 { + client, err := onepanelsdkv2.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil + } + + return nil, fmt.Errorf("invalid 1panel api version") +} diff --git a/internal/pkg/core/uploader/providers/1panel-ssl/1panel_ssl_test.go b/pkg/core/ssl-manager/providers/1panel-ssl/1panel_ssl_test.go similarity index 67% rename from internal/pkg/core/uploader/providers/1panel-ssl/1panel_ssl_test.go rename to pkg/core/ssl-manager/providers/1panel-ssl/1panel_ssl_test.go index d0af7c12..4947af51 100644 --- a/internal/pkg/core/uploader/providers/1panel-ssl/1panel_ssl_test.go +++ b/pkg/core/ssl-manager/providers/1panel-ssl/1panel_ssl_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/1panel-ssl" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/1panel-ssl" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_1PANELSSL_" + argsPrefix := "CERTIMATE_SSLMANAGER_1PANELSSL_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -34,11 +34,11 @@ func init() { Shell command to run this test: go test -v ./1panel_ssl_test.go -args \ - --CERTIMATE_UPLOADER_1PANELSSL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_1PANELSSL_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_1PANELSSL_SERVERURL="http://127.0.0.1:20410" \ - --CERTIMATE_UPLOADER_1PANELSSL_APIVERSION="v1" \ - --CERTIMATE_UPLOADER_1PANELSSL_APIKEY="your-api-key" + --CERTIMATE_SSLMANAGER_1PANELSSL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_1PANELSSL_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_1PANELSSL_SERVERURL="http://127.0.0.1:20410" \ + --CERTIMATE_SSLMANAGER_1PANELSSL_APIVERSION="v1" \ + --CERTIMATE_SSLMANAGER_1PANELSSL_APIKEY="your-api-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -53,7 +53,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("APIKEY: %v", fApiKey), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ ServerUrl: fServerUrl, ApiVersion: fApiVersion, ApiKey: fApiKey, @@ -65,7 +65,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/aliyun-cas/aliyun_cas.go b/pkg/core/ssl-manager/providers/aliyun-cas/aliyun_cas.go similarity index 73% rename from internal/pkg/core/uploader/providers/aliyun-cas/aliyun_cas.go rename to pkg/core/ssl-manager/providers/aliyun-cas/aliyun_cas.go index ea0968eb..bcbecd3b 100644 --- a/internal/pkg/core/uploader/providers/aliyun-cas/aliyun_cas.go +++ b/pkg/core/ssl-manager/providers/aliyun-cas/aliyun_cas.go @@ -2,6 +2,7 @@ package aliyuncas import ( "context" + "errors" "fmt" "log/slog" "strings" @@ -11,12 +12,12 @@ import ( aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -27,43 +28,42 @@ type UploaderConfig struct { Region string `json:"region"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *alicas.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -81,13 +81,13 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } listUserCertificateOrderReq := &alicas.ListUserCertificateOrderRequest{ - ResourceGroupId: typeutil.ToPtrOrZeroNil(u.config.ResourceGroupId), + ResourceGroupId: xtypes.ToPtrOrZeroNil(m.config.ResourceGroupId), CurrentPage: tea.Int64(listUserCertificateOrderPage), ShowSize: tea.Int64(listUserCertificateOrderLimit), OrderType: tea.String("CERT"), } - listUserCertificateOrderResp, err := u.sdkClient.ListUserCertificateOrder(listUserCertificateOrderReq) - u.logger.Debug("sdk request 'cas.ListUserCertificateOrder'", slog.Any("request", listUserCertificateOrderReq), slog.Any("response", listUserCertificateOrderResp)) + listUserCertificateOrderResp, err := m.sdkClient.ListUserCertificateOrder(listUserCertificateOrderReq) + m.logger.Debug("sdk request 'cas.ListUserCertificateOrder'", slog.Any("request", listUserCertificateOrderReq), slog.Any("response", listUserCertificateOrderResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cas.ListUserCertificateOrder': %w", err) } @@ -101,8 +101,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE getUserCertificateDetailReq := &alicas.GetUserCertificateDetailRequest{ CertId: certDetail.CertificateId, } - getUserCertificateDetailResp, err := u.sdkClient.GetUserCertificateDetail(getUserCertificateDetailReq) - u.logger.Debug("sdk request 'cas.GetUserCertificateDetail'", slog.Any("request", getUserCertificateDetailReq), slog.Any("response", getUserCertificateDetailResp)) + getUserCertificateDetailResp, err := m.sdkClient.GetUserCertificateDetail(getUserCertificateDetailReq) + m.logger.Debug("sdk request 'cas.GetUserCertificateDetail'", slog.Any("request", getUserCertificateDetailReq), slog.Any("response", getUserCertificateDetailResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cas.GetUserCertificateDetail': %w", err) } @@ -111,18 +111,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if *getUserCertificateDetailResp.Body.Cert == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(*getUserCertificateDetailResp.Body.Cert) + oldCertX509, err := xcert.ParseCertificateFromPEM(*getUserCertificateDetailResp.Body.Cert) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: fmt.Sprintf("%d", tea.Int64Value(certDetail.CertificateId)), CertName: *certDetail.Name, ExtendedData: map[string]any{ @@ -147,13 +147,13 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 上传新证书 // REF: https://help.aliyun.com/zh/ssl-certificate/developer-reference/api-cas-2020-04-07-uploadusercertificate uploadUserCertificateReq := &alicas.UploadUserCertificateRequest{ - ResourceGroupId: typeutil.ToPtrOrZeroNil(u.config.ResourceGroupId), + ResourceGroupId: xtypes.ToPtrOrZeroNil(m.config.ResourceGroupId), Name: tea.String(certName), Cert: tea.String(certPEM), Key: tea.String(privkeyPEM), } - uploadUserCertificateResp, err := u.sdkClient.UploadUserCertificate(uploadUserCertificateReq) - u.logger.Debug("sdk request 'cas.UploadUserCertificate'", slog.Any("request", uploadUserCertificateReq), slog.Any("response", uploadUserCertificateResp)) + uploadUserCertificateResp, err := m.sdkClient.UploadUserCertificate(uploadUserCertificateReq) + m.logger.Debug("sdk request 'cas.UploadUserCertificate'", slog.Any("request", uploadUserCertificateReq), slog.Any("response", uploadUserCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cas.UploadUserCertificate': %w", err) } @@ -164,13 +164,13 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE CertId: uploadUserCertificateResp.Body.CertId, CertFilter: tea.Bool(true), } - getUserCertificateDetailResp, err := u.sdkClient.GetUserCertificateDetail(getUserCertificateDetailReq) - u.logger.Debug("sdk request 'cas.GetUserCertificateDetail'", slog.Any("request", getUserCertificateDetailReq), slog.Any("response", getUserCertificateDetailResp)) + getUserCertificateDetailResp, err := m.sdkClient.GetUserCertificateDetail(getUserCertificateDetailReq) + m.logger.Debug("sdk request 'cas.GetUserCertificateDetail'", slog.Any("request", getUserCertificateDetailReq), slog.Any("response", getUserCertificateDetailResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cas.GetUserCertificateDetail': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: fmt.Sprintf("%d", tea.Int64Value(getUserCertificateDetailResp.Body.Id)), CertName: certName, ExtendedData: map[string]any{ @@ -180,7 +180,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE }, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*alicas.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*alicas.Client, error) { // 接入点一览 https://api.aliyun.com/product/cas var endpoint string switch region { diff --git a/internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go b/pkg/core/ssl-manager/providers/aliyun-slb/aliyun_slb.go similarity index 66% rename from internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go rename to pkg/core/ssl-manager/providers/aliyun-slb/aliyun_slb.go index dac9c7bd..eced6360 100644 --- a/internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go +++ b/pkg/core/ssl-manager/providers/aliyun-slb/aliyun_slb.go @@ -4,6 +4,7 @@ import ( "context" "crypto/sha256" "encoding/hex" + "errors" "fmt" "log/slog" "regexp" @@ -14,12 +15,12 @@ import ( alislb "github.com/alibabacloud-go/slb-20140515/v4/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -30,43 +31,42 @@ type UploaderConfig struct { Region string `json:"region"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *alislb.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -74,11 +74,11 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 查询证书列表,避免重复上传 // REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-describeservercertificates describeServerCertificatesReq := &alislb.DescribeServerCertificatesRequest{ - ResourceGroupId: typeutil.ToPtrOrZeroNil(u.config.ResourceGroupId), - RegionId: tea.String(u.config.Region), + ResourceGroupId: xtypes.ToPtrOrZeroNil(m.config.ResourceGroupId), + RegionId: tea.String(m.config.Region), } - describeServerCertificatesResp, err := u.sdkClient.DescribeServerCertificates(describeServerCertificatesReq) - u.logger.Debug("sdk request 'slb.DescribeServerCertificates'", slog.Any("request", describeServerCertificatesReq), slog.Any("response", describeServerCertificatesResp)) + describeServerCertificatesResp, err := m.sdkClient.DescribeServerCertificates(describeServerCertificatesReq) + m.logger.Debug("sdk request 'slb.DescribeServerCertificates'", slog.Any("request", describeServerCertificatesReq), slog.Any("response", describeServerCertificatesResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'slb.DescribeServerCertificates': %w", err) } @@ -92,8 +92,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE strings.EqualFold(certX509.Subject.CommonName, *certDetail.CommonName) // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: *certDetail.ServerCertificateId, CertName: *certDetail.ServerCertificateName, }, nil @@ -102,11 +102,10 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 生成新证书名(需符合阿里云命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate_%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate_%d", time.Now().UnixMilli()) // 去除证书和私钥内容中的空白行,以符合阿里云 API 要求 - // REF: https://github.com/usual2970/certimate/issues/326 + // REF: https://github.com/certimate-go/certimate/issues/326 re := regexp.MustCompile(`(?m)^\s*$\n?`) certPEM = strings.TrimSpace(re.ReplaceAllString(certPEM, "")) privkeyPEM = strings.TrimSpace(re.ReplaceAllString(privkeyPEM, "")) @@ -114,26 +113,25 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 上传新证书 // REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-uploadservercertificate uploadServerCertificateReq := &alislb.UploadServerCertificateRequest{ - ResourceGroupId: typeutil.ToPtrOrZeroNil(u.config.ResourceGroupId), - RegionId: tea.String(u.config.Region), + ResourceGroupId: xtypes.ToPtrOrZeroNil(m.config.ResourceGroupId), + RegionId: tea.String(m.config.Region), ServerCertificateName: tea.String(certName), ServerCertificate: tea.String(certPEM), PrivateKey: tea.String(privkeyPEM), } - uploadServerCertificateResp, err := u.sdkClient.UploadServerCertificate(uploadServerCertificateReq) - u.logger.Debug("sdk request 'slb.UploadServerCertificate'", slog.Any("request", uploadServerCertificateReq), slog.Any("response", uploadServerCertificateResp)) + uploadServerCertificateResp, err := m.sdkClient.UploadServerCertificate(uploadServerCertificateReq) + m.logger.Debug("sdk request 'slb.UploadServerCertificate'", slog.Any("request", uploadServerCertificateReq), slog.Any("response", uploadServerCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'slb.UploadServerCertificate': %w", err) } - certId = *uploadServerCertificateResp.Body.ServerCertificateId - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: *uploadServerCertificateResp.Body.ServerCertificateId, CertName: certName, }, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*alislb.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*alislb.Client, error) { // 接入点一览 https://api.aliyun.com/product/Slb var endpoint string switch region { diff --git a/internal/pkg/core/uploader/providers/aws-acm/aws_acm.go b/pkg/core/ssl-manager/providers/aws-acm/aws_acm.go similarity index 70% rename from internal/pkg/core/uploader/providers/aws-acm/aws_acm.go rename to pkg/core/ssl-manager/providers/aws-acm/aws_acm.go index 4f215266..21de4df7 100644 --- a/internal/pkg/core/uploader/providers/aws-acm/aws_acm.go +++ b/pkg/core/ssl-manager/providers/aws-acm/aws_acm.go @@ -2,6 +2,7 @@ package awsacm import ( "context" + "errors" "fmt" "log/slog" @@ -11,11 +12,11 @@ import ( awsacm "github.com/aws/aws-sdk-go-v2/service/acm" "golang.org/x/exp/slices" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // AWS AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // AWS SecretAccessKey。 @@ -24,49 +25,48 @@ type UploaderConfig struct { Region string `json:"region"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *awsacm.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } // 提取服务器证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -86,8 +86,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE NextToken: listCertificatesNextToken, MaxItems: aws.Int32(listCertificatesMaxItems), } - listCertificatesResp, err := u.sdkClient.ListCertificates(context.TODO(), listCertificatesReq) - u.logger.Debug("sdk request 'acm.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) + listCertificatesResp, err := m.sdkClient.ListCertificates(context.TODO(), listCertificatesReq) + m.logger.Debug("sdk request 'acm.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'acm.ListCertificates': %w", err) } @@ -111,24 +111,24 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE getCertificateReq := &awsacm.GetCertificateInput{ CertificateArn: certSummary.CertificateArn, } - getCertificateResp, err := u.sdkClient.GetCertificate(context.TODO(), getCertificateReq) + getCertificateResp, err := m.sdkClient.GetCertificate(context.TODO(), getCertificateReq) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'acm.GetCertificate': %w", err) } else { oldCertPEM := aws.ToString(getCertificateResp.Certificate) - oldCertX509, err := certutil.ParseCertificateFromPEM(oldCertPEM) + oldCertX509, err := xcert.ParseCertificateFromPEM(oldCertPEM) if err != nil { continue } - if !certutil.EqualCertificate(certX509, oldCertX509) { + if !xcert.EqualCertificate(certX509, oldCertX509) { continue } } // 如果以上信息都一致,则视为已存在相同证书,直接返回 - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: *certSummary.CertificateArn, }, nil } @@ -147,18 +147,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE CertificateChain: ([]byte)(intermediaCertPEM), PrivateKey: ([]byte)(privkeyPEM), } - importCertificateResp, err := u.sdkClient.ImportCertificate(context.TODO(), importCertificateReq) - u.logger.Debug("sdk request 'acm.ImportCertificate'", slog.Any("request", importCertificateReq), slog.Any("response", importCertificateResp)) + importCertificateResp, err := m.sdkClient.ImportCertificate(context.TODO(), importCertificateReq) + m.logger.Debug("sdk request 'acm.ImportCertificate'", slog.Any("request", importCertificateReq), slog.Any("response", importCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'acm.ImportCertificate': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: aws.ToString(importCertificateResp.CertificateArn), }, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*awsacm.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*awsacm.Client, error) { cfg, err := awscfg.LoadDefaultConfig(context.TODO()) if err != nil { return nil, err diff --git a/internal/pkg/core/uploader/providers/aws-iam/aws_iam.go b/pkg/core/ssl-manager/providers/aws-iam/aws_iam.go similarity index 69% rename from internal/pkg/core/uploader/providers/aws-iam/aws_iam.go rename to pkg/core/ssl-manager/providers/aws-iam/aws_iam.go index 10f1a174..df2555a8 100644 --- a/internal/pkg/core/uploader/providers/aws-iam/aws_iam.go +++ b/pkg/core/ssl-manager/providers/aws-iam/aws_iam.go @@ -2,6 +2,7 @@ package awsiam import ( "context" + "errors" "fmt" "log/slog" "time" @@ -11,11 +12,11 @@ import ( awscred "github.com/aws/aws-sdk-go-v2/credentials" awsiam "github.com/aws/aws-sdk-go-v2/service/iam" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // AWS AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // AWS SecretAccessKey。 @@ -27,49 +28,48 @@ type UploaderConfig struct { CertificatePath string `json:"certificatePath,omitempty"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *awsiam.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } // 提取服务器证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -89,18 +89,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE Marker: listServerCertificatesMarker, MaxItems: aws.Int32(listServerCertificatesMaxItems), } - if u.config.CertificatePath != "" { - listServerCertificatesReq.PathPrefix = aws.String(u.config.CertificatePath) + if m.config.CertificatePath != "" { + listServerCertificatesReq.PathPrefix = aws.String(m.config.CertificatePath) } - listServerCertificatesResp, err := u.sdkClient.ListServerCertificates(context.TODO(), listServerCertificatesReq) - u.logger.Debug("sdk request 'iam.ListServerCertificates'", slog.Any("request", listServerCertificatesReq), slog.Any("response", listServerCertificatesResp)) + listServerCertificatesResp, err := m.sdkClient.ListServerCertificates(context.TODO(), listServerCertificatesReq) + m.logger.Debug("sdk request 'iam.ListServerCertificates'", slog.Any("request", listServerCertificatesReq), slog.Any("response", listServerCertificatesResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'iam.ListServerCertificates': %w", err) } for _, certMeta := range listServerCertificatesResp.ServerCertificateMetadataList { // 先对比证书路径 - if u.config.CertificatePath != "" && aws.ToString(certMeta.Path) != u.config.CertificatePath { + if m.config.CertificatePath != "" && aws.ToString(certMeta.Path) != m.config.CertificatePath { continue } @@ -114,24 +114,24 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE getServerCertificateReq := &awsiam.GetServerCertificateInput{ ServerCertificateName: certMeta.ServerCertificateName, } - getServerCertificateResp, err := u.sdkClient.GetServerCertificate(context.TODO(), getServerCertificateReq) + getServerCertificateResp, err := m.sdkClient.GetServerCertificate(context.TODO(), getServerCertificateReq) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'iam.GetServerCertificate': %w", err) } else { oldCertPEM := aws.ToString(getServerCertificateResp.ServerCertificate.CertificateBody) - oldCertX509, err := certutil.ParseCertificateFromPEM(oldCertPEM) + oldCertX509, err := xcert.ParseCertificateFromPEM(oldCertPEM) if err != nil { continue } - if !certutil.EqualCertificate(certX509, oldCertX509) { + if !xcert.EqualCertificate(certX509, oldCertX509) { continue } } // 如果以上信息都一致,则视为已存在相同证书,直接返回 - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: aws.ToString(certMeta.ServerCertificateId), CertName: aws.ToString(certMeta.ServerCertificateName), }, nil @@ -151,27 +151,27 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // REF: https://docs.aws.amazon.com/en_us/IAM/latest/APIReference/API_UploadServerCertificate.html uploadServerCertificateReq := &awsiam.UploadServerCertificateInput{ ServerCertificateName: aws.String(certName), - Path: aws.String(u.config.CertificatePath), + Path: aws.String(m.config.CertificatePath), CertificateBody: aws.String(serverCertPEM), CertificateChain: aws.String(intermediaCertPEM), PrivateKey: aws.String(privkeyPEM), } - if u.config.CertificatePath == "" { + if m.config.CertificatePath == "" { uploadServerCertificateReq.Path = aws.String("/") } - uploadServerCertificateResp, err := u.sdkClient.UploadServerCertificate(context.TODO(), uploadServerCertificateReq) - u.logger.Debug("sdk request 'iam.UploadServerCertificate'", slog.Any("request", uploadServerCertificateReq), slog.Any("response", uploadServerCertificateResp)) + uploadServerCertificateResp, err := m.sdkClient.UploadServerCertificate(context.TODO(), uploadServerCertificateReq) + m.logger.Debug("sdk request 'iam.UploadServerCertificate'", slog.Any("request", uploadServerCertificateReq), slog.Any("response", uploadServerCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'iam.UploadServerCertificate': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: aws.ToString(uploadServerCertificateResp.ServerCertificateMetadata.ServerCertificateId), CertName: certName, }, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*awsiam.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*awsiam.Client, error) { cfg, err := awscfg.LoadDefaultConfig(context.TODO()) if err != nil { return nil, err diff --git a/internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault.go b/pkg/core/ssl-manager/providers/azure-keyvault/azure_keyvault.go similarity index 74% rename from internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault.go rename to pkg/core/ssl-manager/providers/azure-keyvault/azure_keyvault.go index eb67fd2f..79209710 100644 --- a/internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault.go +++ b/pkg/core/ssl-manager/providers/azure-keyvault/azure_keyvault.go @@ -4,6 +4,7 @@ import ( "context" "crypto/x509" "encoding/base64" + "errors" "fmt" "log/slog" "time" @@ -13,12 +14,12 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azidentity" "github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azcertificates" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - azcommon "github.com/usual2970/certimate/internal/pkg/sdk3rd/azure/common" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + azenv "github.com/certimate-go/certimate/pkg/sdk3rd/azure/env" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // Azure TenantId。 TenantId string `json:"tenantId"` // Azure ClientId。 @@ -31,43 +32,42 @@ type UploaderConfig struct { KeyVaultName string `json:"keyvaultName"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *azcertificates.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.TenantId, config.ClientId, config.ClientSecret, config.CloudName, config.KeyVaultName) + client, err := createSDKClient(config.TenantId, config.ClientId, config.ClientSecret, config.CloudName, config.KeyVaultName) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -80,7 +80,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 获取证书列表,避免重复上传 // REF: https://learn.microsoft.com/en-us/rest/api/keyvault/certificates/get-certificates/get-certificates - listCertificatesPager := u.sdkClient.NewListCertificatePropertiesPager(nil) + listCertificatesPager := m.sdkClient.NewListCertificatePropertiesPager(nil) for listCertificatesPager.More() { page, err := listCertificatesPager.NextPage(context.TODO()) if err != nil { @@ -114,8 +114,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 最后对比证书内容 - getCertificateResp, err := u.sdkClient.GetCertificate(context.TODO(), certProp.ID.Name(), certProp.ID.Version(), nil) - u.logger.Debug("sdk request 'keyvault.GetCertificate'", slog.String("request.certificateName", certProp.ID.Name()), slog.String("request.certificateVersion", certProp.ID.Version()), slog.Any("response", getCertificateResp)) + getCertificateResp, err := m.sdkClient.GetCertificate(context.TODO(), certProp.ID.Name(), certProp.ID.Version(), nil) + m.logger.Debug("sdk request 'keyvault.GetCertificate'", slog.String("request.certificateName", certProp.ID.Name()), slog.String("request.certificateVersion", certProp.ID.Version()), slog.Any("response", getCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'keyvault.GetCertificate': %w", err) } else { @@ -124,14 +124,14 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE continue } - if !certutil.EqualCertificate(certX509, oldCertX509) { + if !xcert.EqualCertificate(certX509, oldCertX509) { continue } } // 如果以上信息都一致,则视为已存在相同证书,直接返回 - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: string(*certProp.ID), CertName: certProp.ID.Name(), }, nil @@ -144,7 +144,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // Azure Key Vault 不支持导入带有 Certificiate Chain 的 PEM 证书。 // Issue Link: https://github.com/Azure/azure-cli/issues/19017 // 暂时的解决方法是,将 PEM 证书转换成 PFX 格式,然后再导入。 - certPFX, err := certutil.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, "") + certPFX, err := xcert.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, "") if err != nil { return nil, fmt.Errorf("failed to transform certificate from PEM to PFX: %w", err) } @@ -163,20 +163,20 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE TAG_CERTSN: to.Ptr(certSN), }, } - importCertificateResp, err := u.sdkClient.ImportCertificate(context.TODO(), certName, importCertificateParams, nil) - u.logger.Debug("sdk request 'keyvault.ImportCertificate'", slog.String("request.certificateName", certName), slog.Any("request.parameters", importCertificateParams), slog.Any("response", importCertificateResp)) + importCertificateResp, err := m.sdkClient.ImportCertificate(context.TODO(), certName, importCertificateParams, nil) + m.logger.Debug("sdk request 'keyvault.ImportCertificate'", slog.String("request.certificateName", certName), slog.Any("request.parameters", importCertificateParams), slog.Any("response", importCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'keyvault.ImportCertificate': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: string(*importCertificateResp.ID), CertName: certName, }, nil } -func createSdkClient(tenantId, clientId, clientSecret, cloudName, keyvaultName string) (*azcertificates.Client, error) { - env, err := azcommon.GetCloudEnvironmentConfiguration(cloudName) +func createSDKClient(tenantId, clientId, clientSecret, cloudName, keyvaultName string) (*azcertificates.Client, error) { + env, err := azenv.GetCloudEnvConfiguration(cloudName) if err != nil { return nil, err } @@ -189,9 +189,9 @@ func createSdkClient(tenantId, clientId, clientSecret, cloudName, keyvaultName s } endpoint := fmt.Sprintf("https://%s.vault.azure.net", keyvaultName) - if azcommon.IsEnvironmentGovernment(cloudName) { + if azenv.IsUSGovernmentEnv(cloudName) { endpoint = fmt.Sprintf("https://%s.vault.usgovcloudapi.net", keyvaultName) - } else if azcommon.IsEnvironmentChina(cloudName) { + } else if azenv.IsChinaEnv(cloudName) { endpoint = fmt.Sprintf("https://%s.vault.azure.cn", keyvaultName) } diff --git a/internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault_test.go b/pkg/core/ssl-manager/providers/azure-keyvault/azure_keyvault_test.go similarity index 66% rename from internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault_test.go rename to pkg/core/ssl-manager/providers/azure-keyvault/azure_keyvault_test.go index 492f7e5c..14889b47 100644 --- a/internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault_test.go +++ b/pkg/core/ssl-manager/providers/azure-keyvault/azure_keyvault_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/azure-keyvault" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/azure-keyvault" ) var ( @@ -23,7 +23,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_AZUREKEYVAULT_" + argsPrefix := "CERTIMATE_SSLMANAGER_AZUREKEYVAULT_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -38,13 +38,13 @@ func init() { Shell command to run this test: go test -v ./azure_keyvault_test.go -args \ - --CERTIMATE_UPLOADER_AZUREKEYVAULT_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_AZUREKEYVAULT_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_AZUREKEYVAULT_TENANTID="your-tenant-id" \ - --CERTIMATE_UPLOADER_AZUREKEYVAULT_CLIENTID="your-app-registration-client-id" \ - --CERTIMATE_UPLOADER_AZUREKEYVAULT_CLIENTSECRET="your-app-registration-client-secret" \ - --CERTIMATE_UPLOADER_AZUREKEYVAULT_CLOUDNAME="china" \ - --CERTIMATE_UPLOADER_AZUREKEYVAULT_KEYVAULTNAME="your-keyvault-name" + --CERTIMATE_SSLMANAGER_AZUREKEYVAULT_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_AZUREKEYVAULT_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_AZUREKEYVAULT_TENANTID="your-tenant-id" \ + --CERTIMATE_SSLMANAGER_AZUREKEYVAULT_CLIENTID="your-app-registration-client-id" \ + --CERTIMATE_SSLMANAGER_AZUREKEYVAULT_CLIENTSECRET="your-app-registration-client-secret" \ + --CERTIMATE_SSLMANAGER_AZUREKEYVAULT_CLOUDNAME="china" \ + --CERTIMATE_SSLMANAGER_AZUREKEYVAULT_KEYVAULTNAME="your-keyvault-name" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -61,7 +61,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("KEYVAULTNAME: %v", fKeyVaultName), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ TenantId: fTenantId, ClientId: fClientId, ClientSecret: fClientSecret, @@ -75,7 +75,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/baiducloud-cert/baiducloud_cert.go b/pkg/core/ssl-manager/providers/baiducloud-cert/baiducloud_cert.go similarity index 61% rename from internal/pkg/core/uploader/providers/baiducloud-cert/baiducloud_cert.go rename to pkg/core/ssl-manager/providers/baiducloud-cert/baiducloud_cert.go index b0fca821..5c9bbde3 100644 --- a/internal/pkg/core/uploader/providers/baiducloud-cert/baiducloud_cert.go +++ b/pkg/core/ssl-manager/providers/baiducloud-cert/baiducloud_cert.go @@ -2,68 +2,68 @@ package baiducloudcert import ( "context" + "errors" "fmt" "log/slog" "strings" "time" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - bdsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/baiducloud/cert" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + bdsdk "github.com/certimate-go/certimate/pkg/sdk3rd/baiducloud/cert" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 百度智能云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 百度智能云 SecretAccessKey。 SecretAccessKey string `json:"secretAccessKey"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *bdsdk.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } // 遍历证书列表,避免重复上传 // REF: https://cloud.baidu.com/doc/Reference/s/Gjwvz27xu#35-%E6%9F%A5%E7%9C%8B%E8%AF%81%E4%B9%A6%E5%88%97%E8%A1%A8%E8%AF%A6%E6%83%85 - listCertDetail, err := u.sdkClient.ListCertDetail() - u.logger.Debug("sdk request 'cert.ListCertDetail'", slog.Any("response", listCertDetail)) + listCertDetail, err := m.sdkClient.ListCertDetail() + m.logger.Debug("sdk request 'cert.ListCertDetail'", slog.Any("response", listCertDetail)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cert.ListCertDetail': %w", err) } else { @@ -86,23 +86,23 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 最后对比证书内容 - getCertDetailResp, err := u.sdkClient.GetCertRawData(certDetail.CertId) - u.logger.Debug("sdk request 'cert.GetCertRawData'", slog.Any("certId", certDetail.CertId), slog.Any("response", getCertDetailResp)) + getCertDetailResp, err := m.sdkClient.GetCertRawData(certDetail.CertId) + m.logger.Debug("sdk request 'cert.GetCertRawData'", slog.Any("certId", certDetail.CertId), slog.Any("response", getCertDetailResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cert.GetCertRawData': %w", err) } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(getCertDetailResp.CertServerData) + oldCertX509, err := xcert.ParseCertificateFromPEM(getCertDetailResp.CertServerData) if err != nil { continue } - if !certutil.EqualCertificate(certX509, oldCertX509) { + if !xcert.EqualCertificate(certX509, oldCertX509) { continue } } // 如果以上信息都一致,则视为已存在相同证书,直接返回 - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certDetail.CertId, CertName: certDetail.CertName, }, nil @@ -115,19 +115,19 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE createCertReq.CertName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) createCertReq.CertServerData = certPEM createCertReq.CertPrivateData = privkeyPEM - createCertResp, err := u.sdkClient.CreateCert(createCertReq) - u.logger.Debug("sdk request 'cert.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) + createCertResp, err := m.sdkClient.CreateCert(createCertReq) + m.logger.Debug("sdk request 'cert.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cert.CreateCert': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: createCertResp.CertId, CertName: createCertResp.CertName, }, nil } -func createSdkClient(accessKeyId, secretAccessKey string) (*bdsdk.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey string) (*bdsdk.Client, error) { client, err := bdsdk.NewClient(accessKeyId, secretAccessKey, "") if err != nil { return nil, err diff --git a/internal/pkg/core/uploader/providers/baiducloud-cert/baiducloud_cert_test.go b/pkg/core/ssl-manager/providers/baiducloud-cert/baiducloud_cert_test.go similarity index 66% rename from internal/pkg/core/uploader/providers/baiducloud-cert/baiducloud_cert_test.go rename to pkg/core/ssl-manager/providers/baiducloud-cert/baiducloud_cert_test.go index 80b2a7ca..80c7d790 100644 --- a/internal/pkg/core/uploader/providers/baiducloud-cert/baiducloud_cert_test.go +++ b/pkg/core/ssl-manager/providers/baiducloud-cert/baiducloud_cert_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/baiducloud-cert" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/baiducloud-cert" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_BAIDUCLOUDCAS_" + argsPrefix := "CERTIMATE_SSLMANAGER_BAIDUCLOUDCAS_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./baiducloud_cas_test.go -args \ - --CERTIMATE_UPLOADER_BAIDUCLOUDCAS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_BAIDUCLOUDCAS_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_BAIDUCLOUDCAS_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_UPLOADER_BAIDUCLOUDCAS_SECRETACCESSKEY="your-access-key-secret" + --CERTIMATE_SSLMANAGER_BAIDUCLOUDCAS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_BAIDUCLOUDCAS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_BAIDUCLOUDCAS_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_BAIDUCLOUDCAS_SECRETACCESSKEY="your-access-key-secret" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/byteplus-cdn/byteplus_cdn.go b/pkg/core/ssl-manager/providers/byteplus-cdn/byteplus_cdn.go similarity index 69% rename from internal/pkg/core/uploader/providers/byteplus-cdn/byteplus_cdn.go rename to pkg/core/ssl-manager/providers/byteplus-cdn/byteplus_cdn.go index a654db31..cc42c749 100644 --- a/internal/pkg/core/uploader/providers/byteplus-cdn/byteplus_cdn.go +++ b/pkg/core/ssl-manager/providers/byteplus-cdn/byteplus_cdn.go @@ -5,6 +5,7 @@ import ( "crypto/sha1" "crypto/sha256" "encoding/hex" + "errors" "fmt" "log/slog" "strings" @@ -12,53 +13,52 @@ import ( bytepluscdn "github.com/byteplus-sdk/byteplus-sdk-golang/service/cdn" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // BytePlus AccessKey。 AccessKey string `json:"accessKey"` // BytePlus SecretKey。 SecretKey string `json:"secretKey"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *bytepluscdn.CDN } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } client := bytepluscdn.NewInstance() client.Client.SetAccessKey(config.AccessKey) client.Client.SetSecretKey(config.SecretKey) - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -80,8 +80,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE default: } - listCertInfoResp, err := u.sdkClient.ListCertInfo(listCertInfoReq) - u.logger.Debug("sdk request 'cdn.ListCertInfo'", slog.Any("request", listCertInfoReq), slog.Any("response", listCertInfoResp)) + listCertInfoResp, err := m.sdkClient.ListCertInfo(listCertInfoReq) + m.logger.Debug("sdk request 'cdn.ListCertInfo'", slog.Any("request", listCertInfoReq), slog.Any("response", listCertInfoResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cdn.ListCertInfo': %w", err) } @@ -94,8 +94,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE strings.EqualFold(hex.EncodeToString(fingerprintSha256[:]), certDetail.CertFingerprint.Sha256) // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certDetail.CertId, CertName: certDetail.Desc, }, nil @@ -113,8 +113,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 生成新证书名(需符合 BytePlus 命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) // 上传新证书 // REF: https://docs.byteplus.com/en/docs/byteplus-cdn/reference-addcertificate @@ -124,15 +123,14 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE Source: bytepluscdn.GetStrPtr("cert_center"), Desc: bytepluscdn.GetStrPtr(certName), } - addCertificateResp, err := u.sdkClient.AddCertificate(addCertificateReq) - u.logger.Debug("sdk request 'cdn.AddCertificate'", slog.Any("request", addCertificateReq), slog.Any("response", addCertificateResp)) + addCertificateResp, err := m.sdkClient.AddCertificate(addCertificateReq) + m.logger.Debug("sdk request 'cdn.AddCertificate'", slog.Any("request", addCertificateReq), slog.Any("response", addCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cdn.AddCertificate': %w", err) } - certId = addCertificateResp.Result.CertId - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: addCertificateResp.Result.CertId, CertName: certName, }, nil } diff --git a/internal/pkg/core/uploader/providers/ctcccloud-ao/ctcccloud_ao.go b/pkg/core/ssl-manager/providers/ctcccloud-ao/ctcccloud_ao.go similarity index 61% rename from internal/pkg/core/uploader/providers/ctcccloud-ao/ctcccloud_ao.go rename to pkg/core/ssl-manager/providers/ctcccloud-ao/ctcccloud_ao.go index 67711e29..b2b74e7b 100644 --- a/internal/pkg/core/uploader/providers/ctcccloud-ao/ctcccloud_ao.go +++ b/pkg/core/ssl-manager/providers/ctcccloud-ao/ctcccloud_ao.go @@ -2,62 +2,62 @@ package ctcccloudao import ( "context" + "errors" "fmt" "log/slog" "slices" "strings" "time" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - ctyunao "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/ao" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + ctyunao "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/ao" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 天翼云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 天翼云 SecretAccessKey。 SecretAccessKey string `json:"secretAccessKey"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *ctyunao.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -74,12 +74,12 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } listCertsReq := &ctyunao.ListCertsRequest{ - Page: typeutil.ToPtr(listCertPage), - PerPage: typeutil.ToPtr(listCertPerPage), - UsageMode: typeutil.ToPtr(int32(0)), + Page: xtypes.ToPtr(listCertPage), + PerPage: xtypes.ToPtr(listCertPerPage), + UsageMode: xtypes.ToPtr(int32(0)), } - listCertsResp, err := u.sdkClient.ListCerts(listCertsReq) - u.logger.Debug("sdk request 'ao.ListCerts'", slog.Any("request", listCertsReq), slog.Any("response", listCertsResp)) + listCertsResp, err := m.sdkClient.ListCerts(listCertsReq) + m.logger.Debug("sdk request 'ao.ListCerts'", slog.Any("request", listCertsReq), slog.Any("response", listCertsResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'ao.ListCerts': %w", err) } @@ -106,10 +106,10 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 查询证书详情 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=113&api=13015&data=174&isNormal=1&vid=167 queryCertReq := &ctyunao.QueryCertRequest{ - Id: typeutil.ToPtr(certRecord.Id), + Id: xtypes.ToPtr(certRecord.Id), } - queryCertResp, err := u.sdkClient.QueryCert(queryCertReq) - u.logger.Debug("sdk request 'ao.QueryCert'", slog.Any("request", queryCertReq), slog.Any("response", queryCertResp)) + queryCertResp, err := m.sdkClient.QueryCert(queryCertReq) + m.logger.Debug("sdk request 'ao.QueryCert'", slog.Any("request", queryCertReq), slog.Any("response", queryCertResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'ao.QueryCert': %w", err) } else if queryCertResp.ReturnObj != nil && queryCertResp.ReturnObj.Result != nil { @@ -117,18 +117,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if queryCertResp.ReturnObj.Result.Certs == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(queryCertResp.ReturnObj.Result.Certs) + oldCertX509, err := xcert.ParseCertificateFromPEM(queryCertResp.ReturnObj.Result.Certs) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: fmt.Sprintf("%d", queryCertResp.ReturnObj.Result.Id), CertName: queryCertResp.ReturnObj.Result.Name, }, nil @@ -150,22 +150,22 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 创建证书 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=113&api=13014&data=174&isNormal=1&vid=167 createCertReq := &ctyunao.CreateCertRequest{ - Name: typeutil.ToPtr(certName), - Certs: typeutil.ToPtr(certPEM), - Key: typeutil.ToPtr(privkeyPEM), + Name: xtypes.ToPtr(certName), + Certs: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), } - createCertResp, err := u.sdkClient.CreateCert(createCertReq) - u.logger.Debug("sdk request 'ao.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) + createCertResp, err := m.sdkClient.CreateCert(createCertReq) + m.logger.Debug("sdk request 'ao.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'ao.CreateCert': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: fmt.Sprintf("%d", createCertResp.ReturnObj.Id), CertName: certName, }, nil } -func createSdkClient(accessKeyId, secretAccessKey string) (*ctyunao.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyunao.Client, error) { return ctyunao.NewClient(accessKeyId, secretAccessKey) } diff --git a/internal/pkg/core/uploader/providers/ctcccloud-ao/ctcccloud_ao_test.go b/pkg/core/ssl-manager/providers/ctcccloud-ao/ctcccloud_ao_test.go similarity index 67% rename from internal/pkg/core/uploader/providers/ctcccloud-ao/ctcccloud_ao_test.go rename to pkg/core/ssl-manager/providers/ctcccloud-ao/ctcccloud_ao_test.go index 53d2eee6..991b6e86 100644 --- a/internal/pkg/core/uploader/providers/ctcccloud-ao/ctcccloud_ao_test.go +++ b/pkg/core/ssl-manager/providers/ctcccloud-ao/ctcccloud_ao_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ctcccloud-ao" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-ao" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_CTCCCLOUDAO_" + argsPrefix := "CERTIMATE_SSLMANAGER_CTCCCLOUDAO_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./ctcccloud_ao_test.go -args \ - --CERTIMATE_UPLOADER_CTCCCLOUDAO_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_CTCCCLOUDAO_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_CTCCCLOUDAO_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_UPLOADER_CTCCCLOUDAO_SECRETACCESSKEY="your-secret-access-key" + --CERTIMATE_SSLMANAGER_CTCCCLOUDAO_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDAO_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDAO_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDAO_SECRETACCESSKEY="your-secret-access-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/ctcccloud-cdn/ctcccloud_cdn.go b/pkg/core/ssl-manager/providers/ctcccloud-cdn/ctcccloud_cdn.go similarity index 62% rename from internal/pkg/core/uploader/providers/ctcccloud-cdn/ctcccloud_cdn.go rename to pkg/core/ssl-manager/providers/ctcccloud-cdn/ctcccloud_cdn.go index 6281ede8..3158d377 100644 --- a/internal/pkg/core/uploader/providers/ctcccloud-cdn/ctcccloud_cdn.go +++ b/pkg/core/ssl-manager/providers/ctcccloud-cdn/ctcccloud_cdn.go @@ -2,62 +2,62 @@ package ctcccloudcdn import ( "context" + "errors" "fmt" "log/slog" "slices" "strings" "time" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - ctyuncdn "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/cdn" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + ctyuncdn "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/cdn" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 天翼云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 天翼云 SecretAccessKey。 SecretAccessKey string `json:"secretAccessKey"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *ctyuncdn.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -74,12 +74,12 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } queryCertListReq := &ctyuncdn.QueryCertListRequest{ - Page: typeutil.ToPtr(queryCertListPage), - PerPage: typeutil.ToPtr(queryCertListPerPage), - UsageMode: typeutil.ToPtr(int32(0)), + Page: xtypes.ToPtr(queryCertListPage), + PerPage: xtypes.ToPtr(queryCertListPerPage), + UsageMode: xtypes.ToPtr(int32(0)), } - queryCertListResp, err := u.sdkClient.QueryCertList(queryCertListReq) - u.logger.Debug("sdk request 'cdn.QueryCertList'", slog.Any("request", queryCertListReq), slog.Any("response", queryCertListResp)) + queryCertListResp, err := m.sdkClient.QueryCertList(queryCertListReq) + m.logger.Debug("sdk request 'cdn.QueryCertList'", slog.Any("request", queryCertListReq), slog.Any("response", queryCertListResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cdn.QueryCertList': %w", err) } @@ -106,10 +106,10 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 查询证书详情 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=108&api=10899&data=161&isNormal=1&vid=154 queryCertDetailReq := &ctyuncdn.QueryCertDetailRequest{ - Id: typeutil.ToPtr(certRecord.Id), + Id: xtypes.ToPtr(certRecord.Id), } - queryCertDetailResp, err := u.sdkClient.QueryCertDetail(queryCertDetailReq) - u.logger.Debug("sdk request 'cdn.QueryCertDetail'", slog.Any("request", queryCertDetailReq), slog.Any("response", queryCertDetailResp)) + queryCertDetailResp, err := m.sdkClient.QueryCertDetail(queryCertDetailReq) + m.logger.Debug("sdk request 'cdn.QueryCertDetail'", slog.Any("request", queryCertDetailReq), slog.Any("response", queryCertDetailResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cdn.QueryCertDetail': %w", err) } else if queryCertDetailResp.ReturnObj != nil && queryCertDetailResp.ReturnObj.Result != nil { @@ -117,18 +117,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if queryCertDetailResp.ReturnObj.Result.Certs == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(queryCertDetailResp.ReturnObj.Result.Certs) + oldCertX509, err := xcert.ParseCertificateFromPEM(queryCertDetailResp.ReturnObj.Result.Certs) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: fmt.Sprintf("%d", queryCertDetailResp.ReturnObj.Result.Id), CertName: queryCertDetailResp.ReturnObj.Result.Name, }, nil @@ -150,22 +150,22 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 创建证书 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=108&api=10893&data=161&isNormal=1&vid=154 createCertReq := &ctyuncdn.CreateCertRequest{ - Name: typeutil.ToPtr(certName), - Certs: typeutil.ToPtr(certPEM), - Key: typeutil.ToPtr(privkeyPEM), + Name: xtypes.ToPtr(certName), + Certs: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), } - createCertResp, err := u.sdkClient.CreateCert(createCertReq) - u.logger.Debug("sdk request 'cdn.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) + createCertResp, err := m.sdkClient.CreateCert(createCertReq) + m.logger.Debug("sdk request 'cdn.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cdn.CreateCert': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: fmt.Sprintf("%d", createCertResp.ReturnObj.Id), CertName: certName, }, nil } -func createSdkClient(accessKeyId, secretAccessKey string) (*ctyuncdn.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyuncdn.Client, error) { return ctyuncdn.NewClient(accessKeyId, secretAccessKey) } diff --git a/internal/pkg/core/uploader/providers/ctcccloud-cdn/ctcccloud_cdn_test.go b/pkg/core/ssl-manager/providers/ctcccloud-cdn/ctcccloud_cdn_test.go similarity index 67% rename from internal/pkg/core/uploader/providers/ctcccloud-cdn/ctcccloud_cdn_test.go rename to pkg/core/ssl-manager/providers/ctcccloud-cdn/ctcccloud_cdn_test.go index 72ee6dfa..660ddef3 100644 --- a/internal/pkg/core/uploader/providers/ctcccloud-cdn/ctcccloud_cdn_test.go +++ b/pkg/core/ssl-manager/providers/ctcccloud-cdn/ctcccloud_cdn_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ctcccloud-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_CTCCCLOUDCDN_" + argsPrefix := "CERTIMATE_SSLMANAGER_CTCCCLOUDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./ctcccloud_cdn_test.go -args \ - --CERTIMATE_UPLOADER_CTCCCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_CTCCCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_CTCCCLOUDCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_UPLOADER_CTCCCLOUDCDN_SECRETACCESSKEY="your-secret-access-key" + --CERTIMATE_SSLMANAGER_CTCCCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDCDN_SECRETACCESSKEY="your-secret-access-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/ctcccloud-cms/ctcccloud_cms.go b/pkg/core/ssl-manager/providers/ctcccloud-cms/ctcccloud_cms.go similarity index 60% rename from internal/pkg/core/uploader/providers/ctcccloud-cms/ctcccloud_cms.go rename to pkg/core/ssl-manager/providers/ctcccloud-cms/ctcccloud_cms.go index a72c11c6..c05ce078 100644 --- a/internal/pkg/core/uploader/providers/ctcccloud-cms/ctcccloud_cms.go +++ b/pkg/core/ssl-manager/providers/ctcccloud-cms/ctcccloud_cms.go @@ -10,61 +10,60 @@ import ( "strings" "time" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - ctyuncms "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/cms" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + ctyuncms "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/cms" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 天翼云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 天翼云 SecretAccessKey。 SecretAccessKey string `json:"secretAccessKey"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *ctyuncms.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 遍历证书列表,避免重复上传 - if res, _ := u.findCertIfExists(ctx, certPEM); res != nil { + if res, _ := m.findCertIfExists(ctx, certPEM); res != nil { return res, nil } // 提取服务器证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -75,22 +74,22 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 上传证书 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=152&api=17243&data=204&isNormal=1&vid=283 uploadCertificateReq := &ctyuncms.UploadCertificateRequest{ - Name: typeutil.ToPtr(certName), - Certificate: typeutil.ToPtr(serverCertPEM), - CertificateChain: typeutil.ToPtr(intermediaCertPEM), - PrivateKey: typeutil.ToPtr(privkeyPEM), - EncryptionStandard: typeutil.ToPtr("INTERNATIONAL"), + Name: xtypes.ToPtr(certName), + Certificate: xtypes.ToPtr(serverCertPEM), + CertificateChain: xtypes.ToPtr(intermediaCertPEM), + PrivateKey: xtypes.ToPtr(privkeyPEM), + EncryptionStandard: xtypes.ToPtr("INTERNATIONAL"), } - uploadCertificateResp, err := u.sdkClient.UploadCertificate(uploadCertificateReq) - u.logger.Debug("sdk request 'cms.UploadCertificate'", slog.Any("request", uploadCertificateReq), slog.Any("response", uploadCertificateResp)) + uploadCertificateResp, err := m.sdkClient.UploadCertificate(uploadCertificateReq) + m.logger.Debug("sdk request 'cms.UploadCertificate'", slog.Any("request", uploadCertificateReq), slog.Any("response", uploadCertificateResp)) if err != nil { if uploadCertificateResp != nil && uploadCertificateResp.GetError() == "CCMS_100000067" { - if res, err := u.findCertIfExists(ctx, certPEM); err != nil { + if res, err := m.findCertIfExists(ctx, certPEM); err != nil { return nil, err } else if res == nil { return nil, errors.New("ctyun cms: no certificate found") } else { - u.logger.Info("ssl certificate already exists") + m.logger.Info("ssl certificate already exists") return res, nil } } @@ -99,7 +98,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 遍历证书列表,获取刚刚上传证书 ID - if res, err := u.findCertIfExists(ctx, certPEM); err != nil { + if res, err := m.findCertIfExists(ctx, certPEM); err != nil { return nil, err } else if res == nil { return nil, fmt.Errorf("no ssl certificate found, may be upload failed") @@ -108,9 +107,9 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } } -func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) findCertIfExists(ctx context.Context, certPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -127,13 +126,13 @@ func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string) } getCertificateListReq := &ctyuncms.GetCertificateListRequest{ - PageNum: typeutil.ToPtr(getCertificateListPageNum), - PageSize: typeutil.ToPtr(getCertificateListPageSize), - Keyword: typeutil.ToPtr(certX509.Subject.CommonName), - Origin: typeutil.ToPtr("UPLOAD"), + PageNum: xtypes.ToPtr(getCertificateListPageNum), + PageSize: xtypes.ToPtr(getCertificateListPageSize), + Keyword: xtypes.ToPtr(certX509.Subject.CommonName), + Origin: xtypes.ToPtr("UPLOAD"), } - getCertificateListResp, err := u.sdkClient.GetCertificateList(getCertificateListReq) - u.logger.Debug("sdk request 'cms.GetCertificateList'", slog.Any("request", getCertificateListReq), slog.Any("response", getCertificateListResp)) + getCertificateListResp, err := m.sdkClient.GetCertificateList(getCertificateListReq) + m.logger.Debug("sdk request 'cms.GetCertificateList'", slog.Any("request", getCertificateListReq), slog.Any("response", getCertificateListResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cms.GetCertificateList': %w", err) } @@ -163,8 +162,8 @@ func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string) } // 如果以上信息都一致,则视为已存在相同证书,直接返回 - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: string(*&certRecord.Id), CertName: certRecord.Name, }, nil @@ -181,6 +180,6 @@ func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string) return nil, nil } -func createSdkClient(accessKeyId, secretAccessKey string) (*ctyuncms.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyuncms.Client, error) { return ctyuncms.NewClient(accessKeyId, secretAccessKey) } diff --git a/internal/pkg/core/uploader/providers/ctcccloud-cms/ctcccloud_cms_test.go b/pkg/core/ssl-manager/providers/ctcccloud-cms/ctcccloud_cms_test.go similarity index 67% rename from internal/pkg/core/uploader/providers/ctcccloud-cms/ctcccloud_cms_test.go rename to pkg/core/ssl-manager/providers/ctcccloud-cms/ctcccloud_cms_test.go index 3fedfe4b..3b7b7bc2 100644 --- a/internal/pkg/core/uploader/providers/ctcccloud-cms/ctcccloud_cms_test.go +++ b/pkg/core/ssl-manager/providers/ctcccloud-cms/ctcccloud_cms_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ctcccloud-cms" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-cms" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_CTCCCLOUDCMS_" + argsPrefix := "CERTIMATE_SSLMANAGER_CTCCCLOUDCMS_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./ctcccloud_cms_test.go -args \ - --CERTIMATE_UPLOADER_CTCCCLOUDCMS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_CTCCCLOUDCMS_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_CTCCCLOUDCMS_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_UPLOADER_CTCCCLOUDCMS_SECRETACCESSKEY="your-secret-access-key" + --CERTIMATE_SSLMANAGER_CTCCCLOUDCMS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDCMS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDCMS_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDCMS_SECRETACCESSKEY="your-secret-access-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/ctcccloud-elb/ctcccloud_elb.go b/pkg/core/ssl-manager/providers/ctcccloud-elb/ctcccloud_elb.go similarity index 51% rename from internal/pkg/core/uploader/providers/ctcccloud-elb/ctcccloud_elb.go rename to pkg/core/ssl-manager/providers/ctcccloud-elb/ctcccloud_elb.go index f43643e1..4103d41d 100644 --- a/internal/pkg/core/uploader/providers/ctcccloud-elb/ctcccloud_elb.go +++ b/pkg/core/ssl-manager/providers/ctcccloud-elb/ctcccloud_elb.go @@ -2,19 +2,20 @@ package ctcccloudelb import ( "context" + "errors" "fmt" "log/slog" "time" "github.com/google/uuid" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - ctyunelb "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/elb" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + ctyunelb "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/elb" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 天翼云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 天翼云 SecretAccessKey。 @@ -23,43 +24,42 @@ type UploaderConfig struct { RegionId string `json:"regionId"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *ctyunelb.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -67,10 +67,10 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 查询证书列表,避免重复上传 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=24&api=5692&data=88&isNormal=1&vid=82 listCertificatesReq := &ctyunelb.ListCertificatesRequest{ - RegionID: typeutil.ToPtr(u.config.RegionId), + RegionID: xtypes.ToPtr(m.config.RegionId), } - listCertificatesResp, err := u.sdkClient.ListCertificates(listCertificatesReq) - u.logger.Debug("sdk request 'elb.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) + listCertificatesResp, err := m.sdkClient.ListCertificates(listCertificatesReq) + m.logger.Debug("sdk request 'elb.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'elb.ListCertificates': %w", err) } else { @@ -79,18 +79,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if certRecord.Certificate == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(certRecord.Certificate) + oldCertX509, err := xcert.ParseCertificateFromPEM(certRecord.Certificate) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certRecord.ID, CertName: certRecord.Name, }, nil @@ -104,27 +104,27 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 创建证书 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=24&api=5685&data=88&isNormal=1&vid=82 createCertificateReq := &ctyunelb.CreateCertificateRequest{ - ClientToken: typeutil.ToPtr(generateClientToken()), - RegionID: typeutil.ToPtr(u.config.RegionId), - Name: typeutil.ToPtr(certName), - Description: typeutil.ToPtr("upload from certimate"), - Type: typeutil.ToPtr("Server"), - Certificate: typeutil.ToPtr(certPEM), - PrivateKey: typeutil.ToPtr(privkeyPEM), + ClientToken: xtypes.ToPtr(generateClientToken()), + RegionID: xtypes.ToPtr(m.config.RegionId), + Name: xtypes.ToPtr(certName), + Description: xtypes.ToPtr("upload from certimate"), + Type: xtypes.ToPtr("Server"), + Certificate: xtypes.ToPtr(certPEM), + PrivateKey: xtypes.ToPtr(privkeyPEM), } - createCertificateResp, err := u.sdkClient.CreateCertificate(createCertificateReq) - u.logger.Debug("sdk request 'elb.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + createCertificateResp, err := m.sdkClient.CreateCertificate(createCertificateReq) + m.logger.Debug("sdk request 'elb.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'elb.CreateCertificate': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: createCertificateResp.ReturnObj.ID, CertName: certName, }, nil } -func createSdkClient(accessKeyId, secretAccessKey string) (*ctyunelb.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyunelb.Client, error) { return ctyunelb.NewClient(accessKeyId, secretAccessKey) } diff --git a/internal/pkg/core/uploader/providers/ctcccloud-elb/ctcccloud_elb_test.go b/pkg/core/ssl-manager/providers/ctcccloud-elb/ctcccloud_elb_test.go similarity index 67% rename from internal/pkg/core/uploader/providers/ctcccloud-elb/ctcccloud_elb_test.go rename to pkg/core/ssl-manager/providers/ctcccloud-elb/ctcccloud_elb_test.go index a3c1c752..79293bfb 100644 --- a/internal/pkg/core/uploader/providers/ctcccloud-elb/ctcccloud_elb_test.go +++ b/pkg/core/ssl-manager/providers/ctcccloud-elb/ctcccloud_elb_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ctcccloud-elb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-elb" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_CTCCCLOUDELB_" + argsPrefix := "CERTIMATE_SSLMANAGER_CTCCCLOUDELB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -34,11 +34,11 @@ func init() { Shell command to run this test: go test -v ./ctcccloud_elb_test.go -args \ - --CERTIMATE_UPLOADER_CTCCCLOUDELB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_CTCCCLOUDELB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_CTCCCLOUDELB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_UPLOADER_CTCCCLOUDELB_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_UPLOADER_CTCCCLOUDELB_REGIONID="your-region-id" + --CERTIMATE_SSLMANAGER_CTCCCLOUDELB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDELB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDELB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDELB_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDELB_REGIONID="your-region-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -53,7 +53,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("REGIONID: %v", fRegionId), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, RegionId: fRegionId, @@ -65,7 +65,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/ctcccloud-icdn/ctcccloud_icdn.go b/pkg/core/ssl-manager/providers/ctcccloud-icdn/ctcccloud_icdn.go similarity index 62% rename from internal/pkg/core/uploader/providers/ctcccloud-icdn/ctcccloud_icdn.go rename to pkg/core/ssl-manager/providers/ctcccloud-icdn/ctcccloud_icdn.go index 95f497e1..5c9b0070 100644 --- a/internal/pkg/core/uploader/providers/ctcccloud-icdn/ctcccloud_icdn.go +++ b/pkg/core/ssl-manager/providers/ctcccloud-icdn/ctcccloud_icdn.go @@ -2,62 +2,62 @@ package ctcccloudicdn import ( "context" + "errors" "fmt" "log/slog" "slices" "strings" "time" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - ctyunicdn "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/icdn" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + ctyunicdn "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/icdn" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 天翼云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 天翼云 SecretAccessKey。 SecretAccessKey string `json:"secretAccessKey"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *ctyunicdn.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -74,12 +74,12 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } queryCertListReq := &ctyunicdn.QueryCertListRequest{ - Page: typeutil.ToPtr(queryCertListPage), - PerPage: typeutil.ToPtr(queryCertListPerPage), - UsageMode: typeutil.ToPtr(int32(0)), + Page: xtypes.ToPtr(queryCertListPage), + PerPage: xtypes.ToPtr(queryCertListPerPage), + UsageMode: xtypes.ToPtr(int32(0)), } - queryCertListResp, err := u.sdkClient.QueryCertList(queryCertListReq) - u.logger.Debug("sdk request 'icdn.QueryCertList'", slog.Any("request", queryCertListReq), slog.Any("response", queryCertListResp)) + queryCertListResp, err := m.sdkClient.QueryCertList(queryCertListReq) + m.logger.Debug("sdk request 'icdn.QueryCertList'", slog.Any("request", queryCertListReq), slog.Any("response", queryCertListResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'icdn.QueryCertList': %w", err) } @@ -106,10 +106,10 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 查询证书详情 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=112&api=10837&data=173&isNormal=1&vid=166 queryCertDetailReq := &ctyunicdn.QueryCertDetailRequest{ - Id: typeutil.ToPtr(certRecord.Id), + Id: xtypes.ToPtr(certRecord.Id), } - queryCertDetailResp, err := u.sdkClient.QueryCertDetail(queryCertDetailReq) - u.logger.Debug("sdk request 'icdn.QueryCertDetail'", slog.Any("request", queryCertDetailReq), slog.Any("response", queryCertDetailResp)) + queryCertDetailResp, err := m.sdkClient.QueryCertDetail(queryCertDetailReq) + m.logger.Debug("sdk request 'icdn.QueryCertDetail'", slog.Any("request", queryCertDetailReq), slog.Any("response", queryCertDetailResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'icdn.QueryCertDetail': %w", err) } else if queryCertDetailResp.ReturnObj != nil && queryCertDetailResp.ReturnObj.Result != nil { @@ -117,18 +117,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if queryCertDetailResp.ReturnObj.Result.Certs == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(queryCertDetailResp.ReturnObj.Result.Certs) + oldCertX509, err := xcert.ParseCertificateFromPEM(queryCertDetailResp.ReturnObj.Result.Certs) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: fmt.Sprintf("%d", queryCertDetailResp.ReturnObj.Result.Id), CertName: queryCertDetailResp.ReturnObj.Result.Name, }, nil @@ -150,22 +150,22 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 创建证书 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=112&api=10835&data=173&isNormal=1&vid=166 createCertReq := &ctyunicdn.CreateCertRequest{ - Name: typeutil.ToPtr(certName), - Certs: typeutil.ToPtr(certPEM), - Key: typeutil.ToPtr(privkeyPEM), + Name: xtypes.ToPtr(certName), + Certs: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), } - createCertResp, err := u.sdkClient.CreateCert(createCertReq) - u.logger.Debug("sdk request 'icdn.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) + createCertResp, err := m.sdkClient.CreateCert(createCertReq) + m.logger.Debug("sdk request 'icdn.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'icdn.CreateCert': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: fmt.Sprintf("%d", createCertResp.ReturnObj.Id), CertName: certName, }, nil } -func createSdkClient(accessKeyId, secretAccessKey string) (*ctyunicdn.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyunicdn.Client, error) { return ctyunicdn.NewClient(accessKeyId, secretAccessKey) } diff --git a/internal/pkg/core/uploader/providers/ctcccloud-icdn/ctcccloud_icdn_test.go b/pkg/core/ssl-manager/providers/ctcccloud-icdn/ctcccloud_icdn_test.go similarity index 66% rename from internal/pkg/core/uploader/providers/ctcccloud-icdn/ctcccloud_icdn_test.go rename to pkg/core/ssl-manager/providers/ctcccloud-icdn/ctcccloud_icdn_test.go index 6bbf627f..c4addfca 100644 --- a/internal/pkg/core/uploader/providers/ctcccloud-icdn/ctcccloud_icdn_test.go +++ b/pkg/core/ssl-manager/providers/ctcccloud-icdn/ctcccloud_icdn_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ctcccloud-icdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-icdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_CTCCCLOUDICDN_" + argsPrefix := "CERTIMATE_SSLMANAGER_CTCCCLOUDICDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./ctcccloud_icdn_test.go -args \ - --CERTIMATE_UPLOADER_CTCCCLOUDICDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_CTCCCLOUDICDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_CTCCCLOUDICDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_UPLOADER_CTCCCLOUDICDN_SECRETACCESSKEY="your-secret-access-key" + --CERTIMATE_SSLMANAGER_CTCCCLOUDICDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDICDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDICDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDICDN_SECRETACCESSKEY="your-secret-access-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/ctcccloud-lvdn/ctcccloud_lvdn.go b/pkg/core/ssl-manager/providers/ctcccloud-lvdn/ctcccloud_lvdn.go similarity index 62% rename from internal/pkg/core/uploader/providers/ctcccloud-lvdn/ctcccloud_lvdn.go rename to pkg/core/ssl-manager/providers/ctcccloud-lvdn/ctcccloud_lvdn.go index 53453b1c..dbcd4869 100644 --- a/internal/pkg/core/uploader/providers/ctcccloud-lvdn/ctcccloud_lvdn.go +++ b/pkg/core/ssl-manager/providers/ctcccloud-lvdn/ctcccloud_lvdn.go @@ -2,62 +2,62 @@ package ctcccloudlvdn import ( "context" + "errors" "fmt" "log/slog" "slices" "strings" "time" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - ctyunlvdn "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/lvdn" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + ctyunlvdn "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/lvdn" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 天翼云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 天翼云 SecretAccessKey。 SecretAccessKey string `json:"secretAccessKey"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *ctyunlvdn.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -74,12 +74,12 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } queryCertListReq := &ctyunlvdn.QueryCertListRequest{ - Page: typeutil.ToPtr(queryCertListPage), - PerPage: typeutil.ToPtr(queryCertListPerPage), - UsageMode: typeutil.ToPtr(int32(0)), + Page: xtypes.ToPtr(queryCertListPage), + PerPage: xtypes.ToPtr(queryCertListPerPage), + UsageMode: xtypes.ToPtr(int32(0)), } - queryCertListResp, err := u.sdkClient.QueryCertList(queryCertListReq) - u.logger.Debug("sdk request 'lvdn.QueryCertList'", slog.Any("request", queryCertListReq), slog.Any("response", queryCertListResp)) + queryCertListResp, err := m.sdkClient.QueryCertList(queryCertListReq) + m.logger.Debug("sdk request 'lvdn.QueryCertList'", slog.Any("request", queryCertListReq), slog.Any("response", queryCertListResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'lvdn.QueryCertList': %w", err) } @@ -106,10 +106,10 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 查询证书详情 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=125&api=11449&data=183&isNormal=1&vid=261 queryCertDetailReq := &ctyunlvdn.QueryCertDetailRequest{ - Id: typeutil.ToPtr(certRecord.Id), + Id: xtypes.ToPtr(certRecord.Id), } - queryCertDetailResp, err := u.sdkClient.QueryCertDetail(queryCertDetailReq) - u.logger.Debug("sdk request 'lvdn.QueryCertDetail'", slog.Any("request", queryCertDetailReq), slog.Any("response", queryCertDetailResp)) + queryCertDetailResp, err := m.sdkClient.QueryCertDetail(queryCertDetailReq) + m.logger.Debug("sdk request 'lvdn.QueryCertDetail'", slog.Any("request", queryCertDetailReq), slog.Any("response", queryCertDetailResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'lvdn.QueryCertDetail': %w", err) } else if queryCertDetailResp.ReturnObj != nil && queryCertDetailResp.ReturnObj.Result != nil { @@ -117,18 +117,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if queryCertDetailResp.ReturnObj.Result.Certs == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(queryCertDetailResp.ReturnObj.Result.Certs) + oldCertX509, err := xcert.ParseCertificateFromPEM(queryCertDetailResp.ReturnObj.Result.Certs) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: fmt.Sprintf("%d", queryCertDetailResp.ReturnObj.Result.Id), CertName: queryCertDetailResp.ReturnObj.Result.Name, }, nil @@ -150,22 +150,22 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 创建证书 // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=125&api=11436&data=183&isNormal=1&vid=261 createCertReq := &ctyunlvdn.CreateCertRequest{ - Name: typeutil.ToPtr(certName), - Certs: typeutil.ToPtr(certPEM), - Key: typeutil.ToPtr(privkeyPEM), + Name: xtypes.ToPtr(certName), + Certs: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), } - createCertResp, err := u.sdkClient.CreateCert(createCertReq) - u.logger.Debug("sdk request 'lvdn.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) + createCertResp, err := m.sdkClient.CreateCert(createCertReq) + m.logger.Debug("sdk request 'lvdn.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'lvdn.CreateCert': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: fmt.Sprintf("%d", createCertResp.ReturnObj.Id), CertName: certName, }, nil } -func createSdkClient(accessKeyId, secretAccessKey string) (*ctyunlvdn.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyunlvdn.Client, error) { return ctyunlvdn.NewClient(accessKeyId, secretAccessKey) } diff --git a/internal/pkg/core/uploader/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go b/pkg/core/ssl-manager/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go similarity index 66% rename from internal/pkg/core/uploader/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go rename to pkg/core/ssl-manager/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go index 3bcedfdd..95cf83a0 100644 --- a/internal/pkg/core/uploader/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go +++ b/pkg/core/ssl-manager/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ctcccloud-lvdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-lvdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_CTCCCLOUDLVDN_" + argsPrefix := "CERTIMATE_SSLMANAGER_CTCCCLOUDLVDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./ctcccloud_lvdn_test.go -args \ - --CERTIMATE_UPLOADER_CTCCCLOUDLVDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_CTCCCLOUDLVDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_CTCCCLOUDLVDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_UPLOADER_CTCCCLOUDLVDN_SECRETACCESSKEY="your-secret-access-key" + --CERTIMATE_SSLMANAGER_CTCCCLOUDLVDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDLVDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDLVDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDLVDN_SECRETACCESSKEY="your-secret-access-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/pkg/core/ssl-manager/providers/dogecloud/dogecloud.go b/pkg/core/ssl-manager/providers/dogecloud/dogecloud.go new file mode 100644 index 00000000..a8e09959 --- /dev/null +++ b/pkg/core/ssl-manager/providers/dogecloud/dogecloud.go @@ -0,0 +1,79 @@ +package dogecloud + +import ( + "context" + "errors" + "fmt" + "log/slog" + "time" + + "github.com/certimate-go/certimate/pkg/core" + dogesdk "github.com/certimate-go/certimate/pkg/sdk3rd/dogecloud" +) + +type SSLManagerProviderConfig struct { + // 多吉云 AccessKey。 + AccessKey string `json:"accessKey"` + // 多吉云 SecretKey。 + SecretKey string `json:"secretKey"` +} + +type SSLManagerProvider struct { + config *SSLManagerProviderConfig + logger *slog.Logger + sdkClient *dogesdk.Client +} + +var _ core.SSLManager = (*SSLManagerProvider)(nil) + +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl manager provider is nil") + } + + client, err := createSDKClient(config.AccessKey, config.SecretKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLManagerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + m.logger = slog.New(slog.DiscardHandler) + } else { + m.logger = logger + } +} + +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 生成新证书名(需符合多吉云命名规则) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + + // 上传新证书 + // REF: https://docs.dogecloud.com/cdn/api-cert-upload + uploadSslCertReq := &dogesdk.UploadCdnCertRequest{ + Note: certName, + Certificate: certPEM, + PrivateKey: privkeyPEM, + } + uploadSslCertResp, err := m.sdkClient.UploadCdnCert(uploadSslCertReq) + m.logger.Debug("sdk request 'cdn.UploadCdnCert'", slog.Any("request", uploadSslCertReq), slog.Any("response", uploadSslCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cdn.UploadCdnCert': %w", err) + } + + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", uploadSslCertResp.Data.Id), + CertName: certName, + }, nil +} + +func createSDKClient(accessKey, secretKey string) (*dogesdk.Client, error) { + return dogesdk.NewClient(accessKey, secretKey) +} diff --git a/pkg/core/ssl-manager/providers/gcore-cdn/gcore_cdn.go b/pkg/core/ssl-manager/providers/gcore-cdn/gcore_cdn.go new file mode 100644 index 00000000..34539aa2 --- /dev/null +++ b/pkg/core/ssl-manager/providers/gcore-cdn/gcore_cdn.go @@ -0,0 +1,88 @@ +package gcorecdn + +import ( + "context" + "errors" + "fmt" + "log/slog" + "time" + + "github.com/G-Core/gcorelabscdn-go/gcore/provider" + "github.com/G-Core/gcorelabscdn-go/sslcerts" + + "github.com/certimate-go/certimate/pkg/core" + gcoresdk "github.com/certimate-go/certimate/pkg/sdk3rd/gcore" +) + +type SSLManagerProviderConfig struct { + // Gcore API Token。 + ApiToken string `json:"apiToken"` +} + +type SSLManagerProvider struct { + config *SSLManagerProviderConfig + logger *slog.Logger + sdkClient *sslcerts.Service +} + +var _ core.SSLManager = (*SSLManagerProvider)(nil) + +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl manager provider is nil") + } + + client, err := createSDKClient(config.ApiToken) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLManagerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + m.logger = slog.New(slog.DiscardHandler) + } else { + m.logger = logger + } +} + +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 新增证书 + // REF: https://api.gcore.com/docs/cdn#tag/SSL-certificates/operation/add_ssl_certificates + createCertificateReq := &sslcerts.CreateRequest{ + Name: fmt.Sprintf("certimate_%d", time.Now().UnixMilli()), + Cert: certPEM, + PrivateKey: privkeyPEM, + Automated: false, + ValidateRootCA: false, + } + createCertificateResp, err := m.sdkClient.Create(context.TODO(), createCertificateReq) + m.logger.Debug("sdk request 'sslcerts.Create'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'sslcerts.Create': %w", err) + } + + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", createCertificateResp.ID), + CertName: createCertificateResp.Name, + }, nil +} + +func createSDKClient(apiToken string) (*sslcerts.Service, error) { + if apiToken == "" { + return nil, errors.New("invalid gcore api token") + } + + requester := provider.NewClient( + gcoresdk.BASE_URL, + provider.WithSigner(gcoresdk.NewAuthRequestSigner(apiToken)), + ) + service := sslcerts.NewService(requester) + return service, nil +} diff --git a/internal/pkg/core/uploader/providers/huaweicloud-elb/huaweicloud_elb.go b/pkg/core/ssl-manager/providers/huaweicloud-elb/huaweicloud_elb.go similarity index 68% rename from internal/pkg/core/uploader/providers/huaweicloud-elb/huaweicloud_elb.go rename to pkg/core/ssl-manager/providers/huaweicloud-elb/huaweicloud_elb.go index d429c259..131572a3 100644 --- a/internal/pkg/core/uploader/providers/huaweicloud-elb/huaweicloud_elb.go +++ b/pkg/core/ssl-manager/providers/huaweicloud-elb/huaweicloud_elb.go @@ -16,12 +16,12 @@ import ( hciammodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/model" hciamregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/region" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 华为云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 华为云 SecretAccessKey。 @@ -32,43 +32,42 @@ type UploaderConfig struct { Region string `json:"region"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *hcelb.ElbClient } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -85,12 +84,12 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } listCertificatesReq := &hcelbmodel.ListCertificatesRequest{ - Limit: typeutil.ToPtr(listCertificatesLimit), + Limit: xtypes.ToPtr(listCertificatesLimit), Marker: listCertificatesMarker, Type: &[]string{"server"}, } - listCertificatesResp, err := u.sdkClient.ListCertificates(listCertificatesReq) - u.logger.Debug("sdk request 'elb.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) + listCertificatesResp, err := m.sdkClient.ListCertificates(listCertificatesReq) + m.logger.Debug("sdk request 'elb.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'elb.ListCertificates': %w", err) } @@ -101,18 +100,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if certDetail.Certificate == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(certDetail.Certificate) + oldCertX509, err := xcert.ParseCertificateFromPEM(certDetail.Certificate) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certDetail.Id, CertName: certDetail.Name, }, nil @@ -129,43 +128,40 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 获取项目 ID // REF: https://support.huaweicloud.com/api-iam/iam_06_0001.html - projectId, err := getSdkProjectId(u.config.AccessKeyId, u.config.SecretAccessKey, u.config.Region) + projectId, err := getSdkProjectId(m.config.AccessKeyId, m.config.SecretAccessKey, m.config.Region) if err != nil { return nil, fmt.Errorf("failed to get SDK project id: %w", err) } // 生成新证书名(需符合华为云命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) // 创建新证书 // REF: https://support.huaweicloud.com/api-elb/CreateCertificate.html createCertificateReq := &hcelbmodel.CreateCertificateRequest{ Body: &hcelbmodel.CreateCertificateRequestBody{ Certificate: &hcelbmodel.CreateCertificateOption{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(u.config.EnterpriseProjectId), - ProjectId: typeutil.ToPtr(projectId), - Name: typeutil.ToPtr(certName), - Certificate: typeutil.ToPtr(certPEM), - PrivateKey: typeutil.ToPtr(privkeyPEM), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(m.config.EnterpriseProjectId), + ProjectId: xtypes.ToPtr(projectId), + Name: xtypes.ToPtr(certName), + Certificate: xtypes.ToPtr(certPEM), + PrivateKey: xtypes.ToPtr(privkeyPEM), }, }, } - createCertificateResp, err := u.sdkClient.CreateCertificate(createCertificateReq) - u.logger.Debug("sdk request 'elb.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + createCertificateResp, err := m.sdkClient.CreateCertificate(createCertificateReq) + m.logger.Debug("sdk request 'elb.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'elb.CreateCertificate': %w", err) } - certId = createCertificateResp.Certificate.Id - certName = createCertificateResp.Certificate.Name - return &uploader.UploadResult{ - CertId: certId, - CertName: certName, + return &core.SSLManageUploadResult{ + CertId: createCertificateResp.Certificate.Id, + CertName: createCertificateResp.Certificate.Name, }, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcelb.ElbClient, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*hcelb.ElbClient, error) { if region == "" { region = "cn-north-4" // ELB 服务默认区域:华北四北京 } diff --git a/internal/pkg/core/uploader/providers/huaweicloud-scm/huaweicloud_scm.go b/pkg/core/ssl-manager/providers/huaweicloud-scm/huaweicloud_scm.go similarity index 63% rename from internal/pkg/core/uploader/providers/huaweicloud-scm/huaweicloud_scm.go rename to pkg/core/ssl-manager/providers/huaweicloud-scm/huaweicloud_scm.go index 4e35562e..7084aaf2 100644 --- a/internal/pkg/core/uploader/providers/huaweicloud-scm/huaweicloud_scm.go +++ b/pkg/core/ssl-manager/providers/huaweicloud-scm/huaweicloud_scm.go @@ -2,6 +2,7 @@ package huaweicloudscm import ( "context" + "errors" "fmt" "log/slog" "time" @@ -11,12 +12,12 @@ import ( hcscmmodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3/model" hcscmregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3/region" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 华为云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 华为云 SecretAccessKey。 @@ -27,43 +28,42 @@ type UploaderConfig struct { Region string `json:"region"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *hcscm.ScmClient } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -81,14 +81,14 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } listCertificatesReq := &hcscmmodel.ListCertificatesRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(u.config.EnterpriseProjectId), - Limit: typeutil.ToPtr(listCertificatesLimit), - Offset: typeutil.ToPtr(listCertificatesOffset), - SortDir: typeutil.ToPtr("DESC"), - SortKey: typeutil.ToPtr("certExpiredTime"), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(m.config.EnterpriseProjectId), + Limit: xtypes.ToPtr(listCertificatesLimit), + Offset: xtypes.ToPtr(listCertificatesOffset), + SortDir: xtypes.ToPtr("DESC"), + SortKey: xtypes.ToPtr("certExpiredTime"), } - listCertificatesResp, err := u.sdkClient.ListCertificates(listCertificatesReq) - u.logger.Debug("sdk request 'scm.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) + listCertificatesResp, err := m.sdkClient.ListCertificates(listCertificatesReq) + m.logger.Debug("sdk request 'scm.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'scm.ListCertificates': %w", err) } @@ -98,8 +98,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE exportCertificateReq := &hcscmmodel.ExportCertificateRequest{ CertificateId: certDetail.Id, } - exportCertificateResp, err := u.sdkClient.ExportCertificate(exportCertificateReq) - u.logger.Debug("sdk request 'scm.ExportCertificate'", slog.Any("request", exportCertificateReq), slog.Any("response", exportCertificateResp)) + exportCertificateResp, err := m.sdkClient.ExportCertificate(exportCertificateReq) + m.logger.Debug("sdk request 'scm.ExportCertificate'", slog.Any("request", exportCertificateReq), slog.Any("response", exportCertificateResp)) if err != nil { if exportCertificateResp != nil && exportCertificateResp.HttpStatusCode == 404 { continue @@ -111,18 +111,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if *exportCertificateResp.Certificate == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(*exportCertificateResp.Certificate) + oldCertX509, err := xcert.ParseCertificateFromPEM(*exportCertificateResp.Certificate) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certDetail.Id, CertName: certDetail.Name, }, nil @@ -138,33 +138,31 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 生成新证书名(需符合华为云命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) // 上传新证书 // REF: https://support.huaweicloud.com/api-ccm/ImportCertificate.html importCertificateReq := &hcscmmodel.ImportCertificateRequest{ Body: &hcscmmodel.ImportCertificateRequestBody{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(u.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(m.config.EnterpriseProjectId), Name: certName, Certificate: certPEM, PrivateKey: privkeyPEM, }, } - importCertificateResp, err := u.sdkClient.ImportCertificate(importCertificateReq) - u.logger.Debug("sdk request 'scm.ImportCertificate'", slog.Any("request", importCertificateReq), slog.Any("response", importCertificateResp)) + importCertificateResp, err := m.sdkClient.ImportCertificate(importCertificateReq) + m.logger.Debug("sdk request 'scm.ImportCertificate'", slog.Any("request", importCertificateReq), slog.Any("response", importCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'scm.ImportCertificate': %w", err) } - certId = *importCertificateResp.CertificateId - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: *importCertificateResp.CertificateId, CertName: certName, }, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcscm.ScmClient, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*hcscm.ScmClient, error) { if region == "" { region = "cn-north-4" // SCM 服务默认区域:华北四北京 } diff --git a/internal/pkg/core/uploader/providers/huaweicloud-waf/huaweicloud_waf.go b/pkg/core/ssl-manager/providers/huaweicloud-waf/huaweicloud_waf.go similarity index 68% rename from internal/pkg/core/uploader/providers/huaweicloud-waf/huaweicloud_waf.go rename to pkg/core/ssl-manager/providers/huaweicloud-waf/huaweicloud_waf.go index 789876ba..73492f53 100644 --- a/internal/pkg/core/uploader/providers/huaweicloud-waf/huaweicloud_waf.go +++ b/pkg/core/ssl-manager/providers/huaweicloud-waf/huaweicloud_waf.go @@ -16,12 +16,12 @@ import ( hcwafmodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/model" hcwafregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/region" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 华为云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 华为云 SecretAccessKey。 @@ -32,43 +32,42 @@ type UploaderConfig struct { Region string `json:"region"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *hcwaf.WafClient } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -86,12 +85,12 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } listCertificatesReq := &hcwafmodel.ListCertificatesRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(u.config.EnterpriseProjectId), - Page: typeutil.ToPtr(listCertificatesPage), - Pagesize: typeutil.ToPtr(listCertificatesPageSize), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(m.config.EnterpriseProjectId), + Page: xtypes.ToPtr(listCertificatesPage), + Pagesize: xtypes.ToPtr(listCertificatesPageSize), } - listCertificatesResp, err := u.sdkClient.ListCertificates(listCertificatesReq) - u.logger.Debug("sdk request 'waf.ShowCertificate'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) + listCertificatesResp, err := m.sdkClient.ListCertificates(listCertificatesReq) + m.logger.Debug("sdk request 'waf.ShowCertificate'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'waf.ListCertificates': %w", err) } @@ -99,11 +98,11 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if listCertificatesResp.Items != nil { for _, certItem := range *listCertificatesResp.Items { showCertificateReq := &hcwafmodel.ShowCertificateRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(u.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(m.config.EnterpriseProjectId), CertificateId: certItem.Id, } - showCertificateResp, err := u.sdkClient.ShowCertificate(showCertificateReq) - u.logger.Debug("sdk request 'waf.ShowCertificate'", slog.Any("request", showCertificateReq), slog.Any("response", showCertificateResp)) + showCertificateResp, err := m.sdkClient.ShowCertificate(showCertificateReq) + m.logger.Debug("sdk request 'waf.ShowCertificate'", slog.Any("request", showCertificateReq), slog.Any("response", showCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'waf.ShowCertificate': %w", err) } @@ -112,18 +111,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if *showCertificateResp.Content == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(*showCertificateResp.Content) + oldCertX509, err := xcert.ParseCertificateFromPEM(*showCertificateResp.Content) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certItem.Id, CertName: certItem.Name, }, nil @@ -139,34 +138,31 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 生成新证书名(需符合华为云命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) // 创建证书 // REF: https://support.huaweicloud.com/api-waf/CreateCertificate.html createCertificateReq := &hcwafmodel.CreateCertificateRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(u.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(m.config.EnterpriseProjectId), Body: &hcwafmodel.CreateCertificateRequestBody{ Name: certName, Content: certPEM, Key: privkeyPEM, }, } - createCertificateResp, err := u.sdkClient.CreateCertificate(createCertificateReq) - u.logger.Debug("sdk request 'waf.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + createCertificateResp, err := m.sdkClient.CreateCertificate(createCertificateReq) + m.logger.Debug("sdk request 'waf.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'waf.CreateCertificate': %w", err) } - certId = *createCertificateResp.Id - certName = *createCertificateResp.Name - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: *createCertificateResp.Id, CertName: certName, }, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcwaf.WafClient, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*hcwaf.WafClient, error) { projectId, err := getSdkProjectId(accessKeyId, secretAccessKey, region) if err != nil { return nil, err diff --git a/internal/pkg/core/uploader/providers/jdcloud-ssl/jdcloud_ssl.go b/pkg/core/ssl-manager/providers/jdcloud-ssl/jdcloud_ssl.go similarity index 72% rename from internal/pkg/core/uploader/providers/jdcloud-ssl/jdcloud_ssl.go rename to pkg/core/ssl-manager/providers/jdcloud-ssl/jdcloud_ssl.go index 44ed7f29..0227b568 100644 --- a/internal/pkg/core/uploader/providers/jdcloud-ssl/jdcloud_ssl.go +++ b/pkg/core/ssl-manager/providers/jdcloud-ssl/jdcloud_ssl.go @@ -4,6 +4,7 @@ import ( "context" "crypto/sha256" "encoding/hex" + "errors" "fmt" "log/slog" "strings" @@ -14,54 +15,53 @@ import ( jdsslclient "github.com/jdcloud-api/jdcloud-sdk-go/services/ssl/client" "golang.org/x/exp/slices" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 京东云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 京东云 AccessKeySecret。 AccessKeySecret string `json:"accessKeySecret"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *jdsslclient.SslClient } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -87,8 +87,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE describeCertsReq.SetDomainName(certX509.Subject.CommonName) describeCertsReq.SetPageNumber(describeCertsPageNumber) describeCertsReq.SetPageSize(describeCertsPageSize) - describeCertsResp, err := u.sdkClient.DescribeCerts(describeCertsReq) - u.logger.Debug("sdk request 'ssl.DescribeCerts'", slog.Any("request", describeCertsReq), slog.Any("response", describeCertsResp)) + describeCertsResp, err := m.sdkClient.DescribeCerts(describeCertsReq) + m.logger.Debug("sdk request 'ssl.DescribeCerts'", slog.Any("request", describeCertsReq), slog.Any("response", describeCertsResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'ssl.DescribeCerts': %w", err) } @@ -119,8 +119,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 如果以上信息都一致,则视为已存在相同证书,直接返回 - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certDetail.CertId, CertName: certDetail.CertName, }, nil @@ -139,19 +139,19 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 上传证书 // REF: https://docs.jdcloud.com/cn/ssl-certificate/api/uploadcert uploadCertReq := jdsslapi.NewUploadCertRequest(certName, privkeyPEM, certPEM) - uploadCertResp, err := u.sdkClient.UploadCert(uploadCertReq) - u.logger.Debug("sdk request 'ssl.UploadCertificate'", slog.Any("request", uploadCertReq), slog.Any("response", uploadCertResp)) + uploadCertResp, err := m.sdkClient.UploadCert(uploadCertReq) + m.logger.Debug("sdk request 'ssl.UploadCertificate'", slog.Any("request", uploadCertReq), slog.Any("response", uploadCertResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'ssl.UploadCertificate': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: uploadCertResp.Result.CertId, CertName: certName, }, nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*jdsslclient.SslClient, error) { +func createSDKClient(accessKeyId, accessKeySecret string) (*jdsslclient.SslClient, error) { clientCredentials := jdcore.NewCredentials(accessKeyId, accessKeySecret) client := jdsslclient.NewSslClient(clientCredentials) client.SetLogger(jdcore.NewDefaultLogger(jdcore.LogWarn)) diff --git a/internal/pkg/core/uploader/providers/jdcloud-ssl/jdcloud_ssl_test.go b/pkg/core/ssl-manager/providers/jdcloud-ssl/jdcloud_ssl_test.go similarity index 67% rename from internal/pkg/core/uploader/providers/jdcloud-ssl/jdcloud_ssl_test.go rename to pkg/core/ssl-manager/providers/jdcloud-ssl/jdcloud_ssl_test.go index 273310e0..389a9c7a 100644 --- a/internal/pkg/core/uploader/providers/jdcloud-ssl/jdcloud_ssl_test.go +++ b/pkg/core/ssl-manager/providers/jdcloud-ssl/jdcloud_ssl_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/jdcloud-ssl" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/jdcloud-ssl" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_JDCLOUDSSL_" + argsPrefix := "CERTIMATE_SSLMANAGER_JDCLOUDSSL_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./jdcloud_ssl_test.go -args \ - --CERTIMATE_UPLOADER_JDCLOUDSSL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_JDCLOUDSSL_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_JDCLOUDSSL_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_UPLOADER_JDCLOUDSSL_ACCESSKEYSECRET="your-access-key-secret" + --CERTIMATE_SSLMANAGER_JDCLOUDSSL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_JDCLOUDSSL_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_JDCLOUDSSL_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_JDCLOUDSSL_ACCESSKEYSECRET="your-access-key-secret" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/pkg/core/ssl-manager/providers/qiniu-sslcert/qiniu_sslcert.go b/pkg/core/ssl-manager/providers/qiniu-sslcert/qiniu_sslcert.go new file mode 100644 index 00000000..07775b21 --- /dev/null +++ b/pkg/core/ssl-manager/providers/qiniu-sslcert/qiniu_sslcert.go @@ -0,0 +1,93 @@ +package qiniusslcert + +import ( + "context" + "errors" + "fmt" + "log/slog" + "time" + + "github.com/qiniu/go-sdk/v7/auth" + + "github.com/certimate-go/certimate/pkg/core" + qiniusdk "github.com/certimate-go/certimate/pkg/sdk3rd/qiniu" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" +) + +type SSLManagerProviderConfig struct { + // 七牛云 AccessKey。 + AccessKey string `json:"accessKey"` + // 七牛云 SecretKey。 + SecretKey string `json:"secretKey"` +} + +type SSLManagerProvider struct { + config *SSLManagerProviderConfig + logger *slog.Logger + sdkClient *qiniusdk.CdnManager +} + +var _ core.SSLManager = (*SSLManagerProvider)(nil) + +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl manager provider is nil") + } + + client, err := createSDKClient(config.AccessKey, config.SecretKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLManagerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + m.logger = slog.New(slog.DiscardHandler) + } else { + m.logger = logger + } +} + +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 解析证书内容 + certX509, err := xcert.ParseCertificateFromPEM(certPEM) + if err != nil { + return nil, err + } + + // 生成新证书名(需符合七牛云命名规则) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + + // 上传新证书 + // REF: https://developer.qiniu.com/fusion/8593/interface-related-certificate + uploadSslCertResp, err := m.sdkClient.UploadSslCert(context.TODO(), certName, certX509.Subject.CommonName, certPEM, privkeyPEM) + m.logger.Debug("sdk request 'cdn.UploadSslCert'", slog.Any("response", uploadSslCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cdn.UploadSslCert': %w", err) + } + + return &core.SSLManageUploadResult{ + CertId: uploadSslCertResp.CertID, + CertName: certName, + }, nil +} + +func createSDKClient(accessKey, secretKey string) (*qiniusdk.CdnManager, error) { + if secretKey == "" { + return nil, errors.New("invalid qiniu access key") + } + + if secretKey == "" { + return nil, errors.New("invalid qiniu secret key") + } + + credential := auth.New(accessKey, secretKey) + client := qiniusdk.NewCdnManager(credential) + return client, nil +} diff --git a/internal/pkg/core/uploader/providers/rainyun-sslcenter/rainyun_sslcenter.go b/pkg/core/ssl-manager/providers/rainyun-sslcenter/rainyun_sslcenter.go similarity index 59% rename from internal/pkg/core/uploader/providers/rainyun-sslcenter/rainyun_sslcenter.go rename to pkg/core/ssl-manager/providers/rainyun-sslcenter/rainyun_sslcenter.go index cd3771e7..1fc930d6 100644 --- a/internal/pkg/core/uploader/providers/rainyun-sslcenter/rainyun_sslcenter.go +++ b/pkg/core/ssl-manager/providers/rainyun-sslcenter/rainyun_sslcenter.go @@ -7,56 +7,55 @@ import ( "log/slog" "strings" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - rainyunsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/rainyun" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + rainyunsdk "github.com/certimate-go/certimate/pkg/sdk3rd/rainyun" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 雨云 API 密钥。 ApiKey string `json:"ApiKey"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *rainyunsdk.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.ApiKey) + client, err := createSDKClient(config.ApiKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 遍历证书列表,避免重复上传 - if res, err := u.findCertIfExists(ctx, certPEM); err != nil { + if res, err := m.findCertIfExists(ctx, certPEM); err != nil { return nil, err } else if res != nil { - u.logger.Info("ssl certificate already exists") + m.logger.Info("ssl certificate already exists") return res, nil } @@ -66,25 +65,25 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE Cert: certPEM, Key: privkeyPEM, } - sslCenterCreateResp, err := u.sdkClient.SslCenterCreate(sslCenterCreateReq) - u.logger.Debug("sdk request 'sslcenter.Create'", slog.Any("request", sslCenterCreateReq), slog.Any("response", sslCenterCreateResp)) + sslCenterCreateResp, err := m.sdkClient.SslCenterCreate(sslCenterCreateReq) + m.logger.Debug("sdk request 'sslcenter.Create'", slog.Any("request", sslCenterCreateReq), slog.Any("response", sslCenterCreateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'sslcenter.Create': %w", err) } // 遍历证书列表,获取刚刚上传证书 ID - if res, err := u.findCertIfExists(ctx, certPEM); err != nil { + if res, err := m.findCertIfExists(ctx, certPEM); err != nil { return nil, err } else if res == nil { - return nil, errors.New("rainyun sslcenter: no certificate found") + return nil, errors.New("no ssl certificate found, may be upload failed") } else { return res, nil } } -func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) findCertIfExists(ctx context.Context, certPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -108,8 +107,8 @@ func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string) Page: &sslCenterListPage, PerPage: &sslCenterListPerPage, } - sslCenterListResp, err := u.sdkClient.SslCenterList(sslCenterListReq) - u.logger.Debug("sdk request 'sslcenter.List'", slog.Any("request", sslCenterListReq), slog.Any("response", sslCenterListResp)) + sslCenterListResp, err := m.sdkClient.SslCenterList(sslCenterListReq) + m.logger.Debug("sdk request 'sslcenter.List'", slog.Any("request", sslCenterListReq), slog.Any("response", sslCenterListResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'sslcenter.List': %w", err) } @@ -127,7 +126,7 @@ func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string) } // 最后对比证书内容 - sslCenterGetResp, err := u.sdkClient.SslCenterGet(sslItem.ID) + sslCenterGetResp, err := m.sdkClient.SslCenterGet(sslItem.ID) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'sslcenter.Get': %w", err) } @@ -137,18 +136,18 @@ func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string) if sslCenterGetResp.Data.Cert == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(sslCenterGetResp.Data.Cert) + oldCertX509, err := xcert.ParseCertificateFromPEM(sslCenterGetResp.Data.Cert) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } } // 如果已存在相同证书,直接返回 if isSameCert { - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: fmt.Sprintf("%d", sslItem.ID), }, nil } @@ -165,11 +164,6 @@ func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string) return nil, nil } -func createSdkClient(apiKey string) (*rainyunsdk.Client, error) { - if apiKey == "" { - return nil, errors.New("invalid rainyun api key") - } - - client := rainyunsdk.NewClient(apiKey) - return client, nil +func createSDKClient(apiKey string) (*rainyunsdk.Client, error) { + return rainyunsdk.NewClient(apiKey) } diff --git a/internal/pkg/core/uploader/providers/rainyun-sslcenter/rainyun_sslcenter_test.go b/pkg/core/ssl-manager/providers/rainyun-sslcenter/rainyun_sslcenter_test.go similarity index 65% rename from internal/pkg/core/uploader/providers/rainyun-sslcenter/rainyun_sslcenter_test.go rename to pkg/core/ssl-manager/providers/rainyun-sslcenter/rainyun_sslcenter_test.go index e6f801a1..2d050c43 100644 --- a/internal/pkg/core/uploader/providers/rainyun-sslcenter/rainyun_sslcenter_test.go +++ b/pkg/core/ssl-manager/providers/rainyun-sslcenter/rainyun_sslcenter_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/rainyun-sslcenter" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/rainyun-sslcenter" ) var ( @@ -19,7 +19,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_RAINYUNSSLCENTER_" + argsPrefix := "CERTIMATE_SSLMANAGER_RAINYUNSSLCENTER_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -30,9 +30,9 @@ func init() { Shell command to run this test: go test -v ./rainyun_sslcenter_test.go -args \ - --CERTIMATE_UPLOADER_RAINYUNSSLCENTER_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_RAINYUNSSLCENTER_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_RAINYUNSSLCENTER_APIKEY="your-api-key" + --CERTIMATE_SSLMANAGER_RAINYUNSSLCENTER_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_RAINYUNSSLCENTER_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_RAINYUNSSLCENTER_APIKEY="your-api-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -45,7 +45,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("APIKEY: %v", fApiKey), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ ApiKey: fApiKey, }) if err != nil { @@ -55,7 +55,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/tencentcloud-ssl/tencentcloud_ssl.go b/pkg/core/ssl-manager/providers/tencentcloud-ssl/tencentcloud_ssl.go similarity index 56% rename from internal/pkg/core/uploader/providers/tencentcloud-ssl/tencentcloud_ssl.go rename to pkg/core/ssl-manager/providers/tencentcloud-ssl/tencentcloud_ssl.go index db4e92f4..11724028 100644 --- a/internal/pkg/core/uploader/providers/tencentcloud-ssl/tencentcloud_ssl.go +++ b/pkg/core/ssl-manager/providers/tencentcloud-ssl/tencentcloud_ssl.go @@ -2,78 +2,75 @@ package tencentcloudssl import ( "context" + "errors" "fmt" "log/slog" + "github.com/certimate-go/certimate/pkg/core" "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common" "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" - - "github.com/usual2970/certimate/internal/pkg/core/uploader" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 SecretKey string `json:"secretKey"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *tcssl.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.SecretId, config.SecretKey) + client, err := createSDKClient(config.SecretId, config.SecretKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 上传新证书 // REF: https://cloud.tencent.com/document/product/400/41665 uploadCertificateReq := tcssl.NewUploadCertificateRequest() uploadCertificateReq.CertificatePublicKey = common.StringPtr(certPEM) uploadCertificateReq.CertificatePrivateKey = common.StringPtr(privkeyPEM) uploadCertificateReq.Repeatable = common.BoolPtr(false) - uploadCertificateResp, err := u.sdkClient.UploadCertificate(uploadCertificateReq) - u.logger.Debug("sdk request 'ssl.UploadCertificate'", slog.Any("request", uploadCertificateReq), slog.Any("response", uploadCertificateResp)) + uploadCertificateResp, err := m.sdkClient.UploadCertificate(uploadCertificateReq) + m.logger.Debug("sdk request 'ssl.UploadCertificate'", slog.Any("request", uploadCertificateReq), slog.Any("response", uploadCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'ssl.UploadCertificate': %w", err) } - certId := *uploadCertificateResp.Response.CertificateId - return &uploader.UploadResult{ - CertId: certId, - CertName: "", + return &core.SSLManageUploadResult{ + CertId: *uploadCertificateResp.Response.CertificateId, }, nil } -func createSdkClient(secretId, secretKey string) (*tcssl.Client, error) { +func createSDKClient(secretId, secretKey string) (*tcssl.Client, error) { credential := common.NewCredential(secretId, secretKey) client, err := tcssl.NewClient(credential, "", profile.NewClientProfile()) if err != nil { diff --git a/internal/pkg/core/uploader/providers/ucloud-ussl/ucloud_ussl.go b/pkg/core/ssl-manager/providers/ucloud-ussl/ucloud_ussl.go similarity index 72% rename from internal/pkg/core/uploader/providers/ucloud-ussl/ucloud_ussl.go rename to pkg/core/ssl-manager/providers/ucloud-ussl/ucloud_ussl.go index 2ceab189..66824412 100644 --- a/internal/pkg/core/uploader/providers/ucloud-ussl/ucloud_ussl.go +++ b/pkg/core/ssl-manager/providers/ucloud-ussl/ucloud_ussl.go @@ -15,12 +15,12 @@ import ( "github.com/ucloud/ucloud-sdk-go/ucloud" ucloudauth "github.com/ucloud/ucloud-sdk-go/ucloud/auth" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - usslsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/ucloud/ussl" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + usslsdk "github.com/certimate-go/certimate/pkg/sdk3rd/ucloud/ussl" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 优刻得 API 私钥。 PrivateKey string `json:"privateKey"` // 优刻得 API 公钥。 @@ -29,44 +29,42 @@ type UploaderConfig struct { ProjectId string `json:"projectId,omitempty"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *usslsdk.USSLClient } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.PrivateKey, config.PublicKey) + client, err := createSDKClient(config.PrivateKey, config.PublicKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 生成新证书名(需符合优刻得命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) // 生成优刻得所需的证书参数 certPEMBase64 := base64.StdEncoding.EncodeToString([]byte(certPEM)) @@ -76,24 +74,24 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 上传托管证书 // REF: https://docs.ucloud.cn/api/usslcertificate-api/upload_normal_certificate - uploadNormalCertificateReq := u.sdkClient.NewUploadNormalCertificateRequest() + uploadNormalCertificateReq := m.sdkClient.NewUploadNormalCertificateRequest() uploadNormalCertificateReq.CertificateName = ucloud.String(certName) uploadNormalCertificateReq.SslPublicKey = ucloud.String(certPEMBase64) uploadNormalCertificateReq.SslPrivateKey = ucloud.String(privkeyPEMBase64) uploadNormalCertificateReq.SslMD5 = ucloud.String(certMd5Hex) - if u.config.ProjectId != "" { - uploadNormalCertificateReq.ProjectId = ucloud.String(u.config.ProjectId) + if m.config.ProjectId != "" { + uploadNormalCertificateReq.ProjectId = ucloud.String(m.config.ProjectId) } - uploadNormalCertificateResp, err := u.sdkClient.UploadNormalCertificate(uploadNormalCertificateReq) - u.logger.Debug("sdk request 'ussl.UploadNormalCertificate'", slog.Any("request", uploadNormalCertificateReq), slog.Any("response", uploadNormalCertificateResp)) + uploadNormalCertificateResp, err := m.sdkClient.UploadNormalCertificate(uploadNormalCertificateReq) + m.logger.Debug("sdk request 'ussl.UploadNormalCertificate'", slog.Any("request", uploadNormalCertificateReq), slog.Any("response", uploadNormalCertificateResp)) if err != nil { if uploadNormalCertificateResp != nil && uploadNormalCertificateResp.GetRetCode() == 80035 { - if res, err := u.findCertIfExists(ctx, certPEM); err != nil { + if res, err := m.findCertIfExists(ctx, certPEM); err != nil { return nil, err } else if res == nil { return nil, errors.New("ucloud ssl: no certificate found") } else { - u.logger.Info("ssl certificate already exists") + m.logger.Info("ssl certificate already exists") return res, nil } } @@ -101,9 +99,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'ussl.UploadNormalCertificate': %w", err) } - certId = fmt.Sprintf("%d", uploadNormalCertificateResp.CertificateID) - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", uploadNormalCertificateResp.CertificateID), CertName: certName, ExtendedData: map[string]any{ "resourceId": uploadNormalCertificateResp.LongResourceID, @@ -111,9 +108,9 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE }, nil } -func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) findCertIfExists(ctx context.Context, certPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -130,17 +127,17 @@ func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string) default: } - getCertificateListReq := u.sdkClient.NewGetCertificateListRequest() + getCertificateListReq := m.sdkClient.NewGetCertificateListRequest() getCertificateListReq.Mode = ucloud.String("trust") getCertificateListReq.Domain = ucloud.String(certX509.Subject.CommonName) getCertificateListReq.Sort = ucloud.String("2") getCertificateListReq.Page = ucloud.Int(getCertificateListPage) getCertificateListReq.PageSize = ucloud.Int(getCertificateListLimit) - if u.config.ProjectId != "" { - getCertificateListReq.ProjectId = ucloud.String(u.config.ProjectId) + if m.config.ProjectId != "" { + getCertificateListReq.ProjectId = ucloud.String(m.config.ProjectId) } - getCertificateListResp, err := u.sdkClient.GetCertificateList(getCertificateListReq) - u.logger.Debug("sdk request 'ussl.GetCertificateList'", slog.Any("request", getCertificateListReq), slog.Any("response", getCertificateListResp)) + getCertificateListResp, err := m.sdkClient.GetCertificateList(getCertificateListReq) + m.logger.Debug("sdk request 'ussl.GetCertificateList'", slog.Any("request", getCertificateListReq), slog.Any("response", getCertificateListResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'ussl.GetCertificateList': %w", err) } @@ -162,12 +159,12 @@ func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string) continue } - getCertificateDetailInfoReq := u.sdkClient.NewGetCertificateDetailInfoRequest() + getCertificateDetailInfoReq := m.sdkClient.NewGetCertificateDetailInfoRequest() getCertificateDetailInfoReq.CertificateID = ucloud.Int(certInfo.CertificateID) - if u.config.ProjectId != "" { - getCertificateDetailInfoReq.ProjectId = ucloud.String(u.config.ProjectId) + if m.config.ProjectId != "" { + getCertificateDetailInfoReq.ProjectId = ucloud.String(m.config.ProjectId) } - getCertificateDetailInfoResp, err := u.sdkClient.GetCertificateDetailInfo(getCertificateDetailInfoReq) + getCertificateDetailInfoResp, err := m.sdkClient.GetCertificateDetailInfo(getCertificateDetailInfoReq) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'ussl.GetCertificateDetailInfo': %w", err) } @@ -214,7 +211,7 @@ func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string) continue } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: fmt.Sprintf("%d", certInfo.CertificateID), CertName: certInfo.Name, ExtendedData: map[string]any{ @@ -234,7 +231,7 @@ func (u *UploaderProvider) findCertIfExists(ctx context.Context, certPEM string) return nil, nil } -func createSdkClient(privateKey, publicKey string) (*usslsdk.USSLClient, error) { +func createSDKClient(privateKey, publicKey string) (*usslsdk.USSLClient, error) { cfg := ucloud.NewConfig() credential := ucloudauth.NewCredential() diff --git a/internal/pkg/core/uploader/providers/ucloud-ussl/ucloud_ussl_test.go b/pkg/core/ssl-manager/providers/ucloud-ussl/ucloud_ussl_test.go similarity index 67% rename from internal/pkg/core/uploader/providers/ucloud-ussl/ucloud_ussl_test.go rename to pkg/core/ssl-manager/providers/ucloud-ussl/ucloud_ussl_test.go index b459e005..e3739c7e 100644 --- a/internal/pkg/core/uploader/providers/ucloud-ussl/ucloud_ussl_test.go +++ b/pkg/core/ssl-manager/providers/ucloud-ussl/ucloud_ussl_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ucloud-ussl" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ucloud-ussl" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_UCLOUDUSSL_" + argsPrefix := "CERTIMATE_SSLMANAGER_UCLOUDUSSL_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./ucloud_ussl_test.go -args \ - --CERTIMATE_UPLOADER_UCLOUDUSSL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_UCLOUDUSSL_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_UCLOUDUSSL_PRIVATEKEY="your-private-key" \ - --CERTIMATE_UPLOADER_UCLOUDUSSL_PUBLICKEY="your-public-key" + --CERTIMATE_SSLMANAGER_UCLOUDUSSL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_UCLOUDUSSL_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_UCLOUDUSSL_PRIVATEKEY="your-private-key" \ + --CERTIMATE_SSLMANAGER_UCLOUDUSSL_PUBLICKEY="your-public-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("PUBLICKEY: %v", fPublicKey), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ PrivateKey: fPrivateKey, PublicKey: fPublicKey, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/pkg/core/ssl-manager/providers/upyun-ssl/upyun_ssl.go b/pkg/core/ssl-manager/providers/upyun-ssl/upyun_ssl.go new file mode 100644 index 00000000..6b890480 --- /dev/null +++ b/pkg/core/ssl-manager/providers/upyun-ssl/upyun_ssl.go @@ -0,0 +1,72 @@ +package upyunssl + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + upyunsdk "github.com/certimate-go/certimate/pkg/sdk3rd/upyun/console" +) + +type SSLManagerProviderConfig struct { + // 又拍云账号用户名。 + Username string `json:"username"` + // 又拍云账号密码。 + Password string `json:"password"` +} + +type SSLManagerProvider struct { + config *SSLManagerProviderConfig + logger *slog.Logger + sdkClient *upyunsdk.Client +} + +var _ core.SSLManager = (*SSLManagerProvider)(nil) + +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl manager provider is nil") + } + + client, err := createSDKClient(config.Username, config.Password) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLManagerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + m.logger = slog.New(slog.DiscardHandler) + } else { + m.logger = logger + } +} + +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 上传证书 + uploadHttpsCertificateReq := &upyunsdk.UploadHttpsCertificateRequest{ + Certificate: certPEM, + PrivateKey: privkeyPEM, + } + uploadHttpsCertificateResp, err := m.sdkClient.UploadHttpsCertificate(uploadHttpsCertificateReq) + m.logger.Debug("sdk request 'console.UploadHttpsCertificate'", slog.Any("response", uploadHttpsCertificateResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'console.UploadHttpsCertificate': %w", err) + } + + return &core.SSLManageUploadResult{ + CertId: uploadHttpsCertificateResp.Data.Result.CertificateId, + }, nil +} + +func createSDKClient(username, password string) (*upyunsdk.Client, error) { + return upyunsdk.NewClient(username, password) +} diff --git a/internal/pkg/core/uploader/providers/upyun-ssl/upyun_ssl_test.go b/pkg/core/ssl-manager/providers/upyun-ssl/upyun_ssl_test.go similarity index 67% rename from internal/pkg/core/uploader/providers/upyun-ssl/upyun_ssl_test.go rename to pkg/core/ssl-manager/providers/upyun-ssl/upyun_ssl_test.go index baf53d74..0c909b35 100644 --- a/internal/pkg/core/uploader/providers/upyun-ssl/upyun_ssl_test.go +++ b/pkg/core/ssl-manager/providers/upyun-ssl/upyun_ssl_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/upyun-ssl" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/upyun-ssl" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_UPYUNSSL_" + argsPrefix := "CERTIMATE_SSLMANAGER_UPYUNSSL_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./upyun_ssl_test.go -args \ - --CERTIMATE_UPLOADER_UPYUNSSL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_UPYUNSSL_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_UPYUNSSL_USERNAME="your-username" \ - --CERTIMATE_UPLOADER_UPYUNSSL_PASSWORD="your-password" + --CERTIMATE_SSLMANAGER_UPYUNSSL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_UPYUNSSL_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_UPYUNSSL_USERNAME="your-username" \ + --CERTIMATE_SSLMANAGER_UPYUNSSL_PASSWORD="your-password" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("PASSWORD: %v", fPassword), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ Username: fUsername, Password: fPassword, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/volcengine-cdn/volcengine_cdn.go b/pkg/core/ssl-manager/providers/volcengine-cdn/volcengine_cdn.go similarity index 68% rename from internal/pkg/core/uploader/providers/volcengine-cdn/volcengine_cdn.go rename to pkg/core/ssl-manager/providers/volcengine-cdn/volcengine_cdn.go index 00ac07ae..9ad13187 100644 --- a/internal/pkg/core/uploader/providers/volcengine-cdn/volcengine_cdn.go +++ b/pkg/core/ssl-manager/providers/volcengine-cdn/volcengine_cdn.go @@ -5,6 +5,7 @@ import ( "crypto/sha1" "crypto/sha256" "encoding/hex" + "errors" "fmt" "log/slog" "strings" @@ -13,53 +14,52 @@ import ( vecdn "github.com/volcengine/volc-sdk-golang/service/cdn" ve "github.com/volcengine/volcengine-go-sdk/volcengine" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 AccessKeySecret string `json:"accessKeySecret"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *vecdn.CDN } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } client := vecdn.NewInstance() client.Client.SetAccessKey(config.AccessKeyId) client.Client.SetSecretKey(config.AccessKeySecret) - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -81,8 +81,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE default: } - listCertInfoResp, err := u.sdkClient.ListCertInfo(listCertInfoReq) - u.logger.Debug("sdk request 'cdn.ListCertInfo'", slog.Any("request", listCertInfoReq), slog.Any("response", listCertInfoResp)) + listCertInfoResp, err := m.sdkClient.ListCertInfo(listCertInfoReq) + m.logger.Debug("sdk request 'cdn.ListCertInfo'", slog.Any("request", listCertInfoReq), slog.Any("response", listCertInfoResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cdn.ListCertInfo': %w", err) } @@ -95,8 +95,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE strings.EqualFold(hex.EncodeToString(fingerprintSha256[:]), certDetail.CertFingerprint.Sha256) // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certDetail.CertId, CertName: certDetail.Desc, }, nil @@ -114,8 +114,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 生成新证书名(需符合火山引擎命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) // 上传新证书 // REF: https://www.volcengine.com/docs/6454/1245763 @@ -125,15 +124,14 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE Source: ve.String("volc_cert_center"), Desc: ve.String(certName), } - addCertificateResp, err := u.sdkClient.AddCertificate(addCertificateReq) - u.logger.Debug("sdk request 'cdn.AddCertificate'", slog.Any("request", addCertificateResp), slog.Any("response", addCertificateResp)) + addCertificateResp, err := m.sdkClient.AddCertificate(addCertificateReq) + m.logger.Debug("sdk request 'cdn.AddCertificate'", slog.Any("request", addCertificateResp), slog.Any("response", addCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cdn.AddCertificate': %w", err) } - certId = addCertificateResp.Result.CertId - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: addCertificateResp.Result.CertId, CertName: certName, }, nil } diff --git a/internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter.go b/pkg/core/ssl-manager/providers/volcengine-certcenter/volcengine_certcenter.go similarity index 56% rename from internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter.go rename to pkg/core/ssl-manager/providers/volcengine-certcenter/volcengine_certcenter.go index 9accc17d..cd70da9c 100644 --- a/internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter.go +++ b/pkg/core/ssl-manager/providers/volcengine-certcenter/volcengine_certcenter.go @@ -9,11 +9,11 @@ import ( ve "github.com/volcengine/volcengine-go-sdk/volcengine" vesession "github.com/volcengine/volcengine-go-sdk/volcengine/session" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - veccsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/volcengine/certcenter" + "github.com/certimate-go/certimate/pkg/core" + veccsdk "github.com/certimate-go/certimate/pkg/sdk3rd/volcengine/certcenter" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 @@ -22,41 +22,40 @@ type UploaderConfig struct { Region string `json:"region"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *veccsdk.CertCenter } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 上传证书 // REF: https://www.volcengine.com/docs/6638/1365580 importCertificateReq := &veccsdk.ImportCertificateInput{ @@ -66,30 +65,30 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE }, Repeatable: ve.Bool(false), } - importCertificateResp, err := u.sdkClient.ImportCertificate(importCertificateReq) - u.logger.Debug("sdk request 'certcenter.ImportCertificate'", slog.Any("request", importCertificateReq), slog.Any("response", importCertificateResp)) + importCertificateResp, err := m.sdkClient.ImportCertificate(importCertificateReq) + m.logger.Debug("sdk request 'certcenter.ImportCertificate'", slog.Any("request", importCertificateReq), slog.Any("response", importCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'certcenter.ImportCertificate': %w", err) } - var certId string + var sslId string if importCertificateResp.InstanceId != nil && *importCertificateResp.InstanceId != "" { - certId = *importCertificateResp.InstanceId + sslId = *importCertificateResp.InstanceId } if importCertificateResp.RepeatId != nil && *importCertificateResp.RepeatId != "" { - certId = *importCertificateResp.RepeatId + sslId = *importCertificateResp.RepeatId } - if certId == "" { - return nil, errors.New("failed to get certificate id from response, both `InstanceId` and `RepeatId` are empty") + if sslId == "" { + return nil, errors.New("received empty certificate id, both `InstanceId` and `RepeatId` are empty") } - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: sslId, }, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*veccsdk.CertCenter, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*veccsdk.CertCenter, error) { if region == "" { region = "cn-beijing" // 证书中心默认区域:北京 } diff --git a/internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter_test.go b/pkg/core/ssl-manager/providers/volcengine-certcenter/volcengine_certcenter_test.go similarity index 65% rename from internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter_test.go rename to pkg/core/ssl-manager/providers/volcengine-certcenter/volcengine_certcenter_test.go index 1cfa15fe..a6aaa298 100644 --- a/internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter_test.go +++ b/pkg/core/ssl-manager/providers/volcengine-certcenter/volcengine_certcenter_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-certcenter" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_VOLCENGINECERTCENTER_" + argsPrefix := "CERTIMATE_SSLMANAGER_VOLCENGINECERTCENTER_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./volcengine_certcenter_test.go -args \ - --CERTIMATE_UPLOADER_VOLCENGINECERTCENTER_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_VOLCENGINECERTCENTER_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_VOLCENGINECERTCENTER_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_UPLOADER_VOLCENGINECERTCENTER_ACCESSKEYSECRET="your-access-key-secret" + --CERTIMATE_SSLMANAGER_VOLCENGINECERTCENTER_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_VOLCENGINECERTCENTER_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_VOLCENGINECERTCENTER_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_VOLCENGINECERTCENTER_ACCESSKEYSECRET="your-access-key-secret" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/volcengine-live/volcengine_live.go b/pkg/core/ssl-manager/providers/volcengine-live/volcengine_live.go similarity index 63% rename from internal/pkg/core/uploader/providers/volcengine-live/volcengine_live.go rename to pkg/core/ssl-manager/providers/volcengine-live/volcengine_live.go index d758fbb4..147a8ec9 100644 --- a/internal/pkg/core/uploader/providers/volcengine-live/volcengine_live.go +++ b/pkg/core/ssl-manager/providers/volcengine-live/volcengine_live.go @@ -2,6 +2,7 @@ package volcenginelive import ( "context" + "errors" "fmt" "log/slog" "strings" @@ -10,53 +11,52 @@ import ( velive "github.com/volcengine/volc-sdk-golang/service/live/v20230101" ve "github.com/volcengine/volcengine-go-sdk/volcengine" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 AccessKeySecret string `json:"accessKeySecret"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *velive.Live } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } client := velive.NewInstance() client.SetAccessKey(config.AccessKeyId) client.SetSecretKey(config.AccessKeySecret) - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -64,8 +64,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 查询证书列表,避免重复上传 // REF: https://www.volcengine.com/docs/6469/1186278#%E6%9F%A5%E8%AF%A2%E8%AF%81%E4%B9%A6%E5%88%97%E8%A1%A8 listCertReq := &velive.ListCertV2Body{} - listCertResp, err := u.sdkClient.ListCertV2(ctx, listCertReq) - u.logger.Debug("sdk request 'live.ListCertV2'", slog.Any("request", listCertReq), slog.Any("response", listCertResp)) + listCertResp, err := m.sdkClient.ListCertV2(ctx, listCertReq) + m.logger.Debug("sdk request 'live.ListCertV2'", slog.Any("request", listCertReq), slog.Any("response", listCertResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'live.ListCertV2': %w", err) } @@ -76,8 +76,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE describeCertDetailSecretReq := &velive.DescribeCertDetailSecretV2Body{ ChainID: ve.String(certDetail.ChainID), } - describeCertDetailSecretResp, err := u.sdkClient.DescribeCertDetailSecretV2(ctx, describeCertDetailSecretReq) - u.logger.Debug("sdk request 'live.DescribeCertDetailSecretV2'", slog.Any("request", describeCertDetailSecretReq), slog.Any("response", describeCertDetailSecretResp)) + describeCertDetailSecretResp, err := m.sdkClient.DescribeCertDetailSecretV2(ctx, describeCertDetailSecretReq) + m.logger.Debug("sdk request 'live.DescribeCertDetailSecretV2'", slog.Any("request", describeCertDetailSecretReq), slog.Any("response", describeCertDetailSecretResp)) if err != nil { continue } @@ -87,18 +87,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if certificate == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(certificate) + oldCertX509, err := xcert.ParseCertificateFromPEM(certificate) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certDetail.ChainID, CertName: certDetail.CertName, }, nil @@ -107,8 +107,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 生成新证书名(需符合火山引擎命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) // 上传新证书 // REF: https://www.volcengine.com/docs/6469/1186278#%E6%B7%BB%E5%8A%A0%E8%AF%81%E4%B9%A6 @@ -121,15 +120,14 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE Pubkey: certPEM, }, } - createCertResp, err := u.sdkClient.CreateCert(ctx, createCertReq) - u.logger.Debug("sdk request 'live.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) + createCertResp, err := m.sdkClient.CreateCert(ctx, createCertReq) + m.logger.Debug("sdk request 'live.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'live.CreateCert': %w", err) } - certId = *createCertResp.Result.ChainID - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: *createCertResp.Result.ChainID, CertName: certName, }, nil } diff --git a/internal/pkg/core/uploader/providers/wangsu-certificate/wangsu_certificate.go b/pkg/core/ssl-manager/providers/wangsu-certificate/wangsu_certificate.go similarity index 55% rename from internal/pkg/core/uploader/providers/wangsu-certificate/wangsu_certificate.go rename to pkg/core/ssl-manager/providers/wangsu-certificate/wangsu_certificate.go index 2a20f4e8..d2523c9b 100644 --- a/internal/pkg/core/uploader/providers/wangsu-certificate/wangsu_certificate.go +++ b/pkg/core/ssl-manager/providers/wangsu-certificate/wangsu_certificate.go @@ -9,64 +9,63 @@ import ( "strings" "time" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - wangsusdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/certificate" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + wangsusdk "github.com/certimate-go/certimate/pkg/sdk3rd/wangsu/certificate" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 网宿云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 网宿云 AccessKeySecret。 AccessKeySecret string `json:"accessKeySecret"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *wangsusdk.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } // 查询证书列表,避免重复上传 // REF: https://www.wangsu.com/document/api-doc/22675?productCode=certificatemanagement - listCertificatesResp, err := u.sdkClient.ListCertificates() - u.logger.Debug("sdk request 'certificatemanagement.ListCertificates'", slog.Any("response", listCertificatesResp)) + listCertificatesResp, err := m.sdkClient.ListCertificates() + m.logger.Debug("sdk request 'certificatemanagement.ListCertificates'", slog.Any("response", listCertificatesResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'certificatemanagement.ListCertificates': %w", err) } @@ -87,8 +86,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 如果以上信息都一致,则视为已存在相同证书,直接返回 - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certificate.CertificateId, CertName: certificate.Name, }, nil @@ -96,19 +95,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 生成新证书名(需符合网宿云命名规则) - var certId string certName := fmt.Sprintf("certimate_%d", time.Now().UnixMilli()) // 新增证书 // REF: https://www.wangsu.com/document/api-doc/25199?productCode=certificatemanagement createCertificateReq := &wangsusdk.CreateCertificateRequest{ - Name: typeutil.ToPtr(certName), - Certificate: typeutil.ToPtr(certPEM), - PrivateKey: typeutil.ToPtr(privkeyPEM), - Comment: typeutil.ToPtr("upload from certimate"), + Name: xtypes.ToPtr(certName), + Certificate: xtypes.ToPtr(certPEM), + PrivateKey: xtypes.ToPtr(privkeyPEM), + Comment: xtypes.ToPtr("upload from certimate"), } - createCertificateResp, err := u.sdkClient.CreateCertificate(createCertificateReq) - u.logger.Debug("sdk request 'certificatemanagement.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + createCertificateResp, err := m.sdkClient.CreateCertificate(createCertificateReq) + m.logger.Debug("sdk request 'certificatemanagement.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'certificatemanagement.CreateCertificate': %w", err) } @@ -116,27 +114,17 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 网宿云证书 URL 中包含证书 ID // 格式: // https://open.chinanetcenter.com/api/certificate/100001 - wangsuCertIdMatches := regexp.MustCompile(`/certificate/([0-9]+)`).FindStringSubmatch(createCertificateResp.CertificateUrl) - if len(wangsuCertIdMatches) > 1 { - certId = wangsuCertIdMatches[1] - } else { + wangsuCertIdMatches := regexp.MustCompile(`/certificate/([0-9]+)`).FindStringSubmatch(createCertificateResp.CertificateLocation) + if len(wangsuCertIdMatches) == 0 { return nil, fmt.Errorf("received empty certificate id") } - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: wangsuCertIdMatches[1], CertName: certName, }, nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*wangsusdk.Client, error) { - if accessKeyId == "" { - return nil, errors.New("invalid wangsu access key id") - } - - if accessKeySecret == "" { - return nil, errors.New("invalid wangsu access key secret") - } - - return wangsusdk.NewClient(accessKeyId, accessKeySecret), nil +func createSDKClient(accessKeyId, accessKeySecret string) (*wangsusdk.Client, error) { + return wangsusdk.NewClient(accessKeyId, accessKeySecret) } diff --git a/internal/pkg/core/uploader/providers/wangsu-certificate/wangsu_certificate_test.go b/pkg/core/ssl-manager/providers/wangsu-certificate/wangsu_certificate_test.go similarity index 66% rename from internal/pkg/core/uploader/providers/wangsu-certificate/wangsu_certificate_test.go rename to pkg/core/ssl-manager/providers/wangsu-certificate/wangsu_certificate_test.go index 7bbf63c6..5d1ed688 100644 --- a/internal/pkg/core/uploader/providers/wangsu-certificate/wangsu_certificate_test.go +++ b/pkg/core/ssl-manager/providers/wangsu-certificate/wangsu_certificate_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/wangsu-certificate" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/wangsu-certificate" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_WANGSUCERTIFICATE_" + argsPrefix := "CERTIMATE_SSLMANAGER_WANGSUCERTIFICATE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./wangsu_certificate_test.go -args \ - --CERTIMATE_UPLOADER_WANGSUCERTIFICATE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_WANGSUCERTIFICATE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_WANGSUCERTIFICATE_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_UPLOADER_WANGSUCERTIFICATE_ACCESSKEYSECRET="your-access-key-secret" + --CERTIMATE_SSLMANAGER_WANGSUCERTIFICATE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_WANGSUCERTIFICATE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_WANGSUCERTIFICATE_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_WANGSUCERTIFICATE_ACCESSKEYSECRET="your-access-key-secret" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/pkg/core/ssl_applicator.go b/pkg/core/ssl_applicator.go new file mode 100644 index 00000000..092c28ad --- /dev/null +++ b/pkg/core/ssl_applicator.go @@ -0,0 +1,7 @@ +package core + +import ( + "github.com/go-acme/lego/v4/challenge" +) + +type ACMEChallenger = challenge.Provider diff --git a/internal/pkg/core/deployer/deployer.go b/pkg/core/ssl_deployer.go similarity index 52% rename from internal/pkg/core/deployer/deployer.go rename to pkg/core/ssl_deployer.go index 85a4e156..7f6d79ea 100644 --- a/internal/pkg/core/deployer/deployer.go +++ b/pkg/core/ssl_deployer.go @@ -1,14 +1,12 @@ -package deployer +package core import ( "context" - "log/slog" ) -// 表示定义证书部署器的抽象类型接口。 -// 注意与 `Uploader` 区分,“部署”通常为“上传”的后置操作。 -type Deployer interface { - WithLogger(logger *slog.Logger) Deployer +// 表示定义 SSL 证书部署器的抽象类型接口。 +type SSLDeployer interface { + WithLogger // 部署证书。 // @@ -20,10 +18,10 @@ type Deployer interface { // 出参: // - res:部署结果。 // - err: 错误。 - Deploy(ctx context.Context, certPEM string, privkeyPEM string) (_res *DeployResult, _err error) + Deploy(ctx context.Context, certPEM string, privkeyPEM string) (_res *SSLDeployResult, _err error) } -// 表示证书部署结果的数据结构。 -type DeployResult struct { +// 表示 SSL 证书部署结果的数据结构。 +type SSLDeployResult struct { ExtendedData map[string]any `json:"extendedData,omitempty"` } diff --git a/pkg/core/ssl_manager.go b/pkg/core/ssl_manager.go new file mode 100644 index 00000000..149818c1 --- /dev/null +++ b/pkg/core/ssl_manager.go @@ -0,0 +1,30 @@ +package core + +import ( + "context" +) + +// 表示定义 SSL 证书管理器的抽象类型接口。 +// 云服务商通常会提供 SSL 证书管理服务,可供用户集中管理证书。 +type SSLManager interface { + WithLogger + + // 上传证书。 + // + // 入参: + // - ctx:上下文。 + // - certPEM:证书 PEM 内容。 + // - privkeyPEM:私钥 PEM 内容。 + // + // 出参: + // - res:上传结果。 + // - err: 错误。 + Upload(ctx context.Context, certPEM string, privkeyPEM string) (_res *SSLManageUploadResult, _err error) +} + +// 表示 SSL 证书管理上传结果的数据结构,包含上传后的证书 ID、名称和其他数据。 +type SSLManageUploadResult struct { + CertId string `json:"certId,omitempty"` + CertName string `json:"certName,omitempty"` + ExtendedData map[string]any `json:"extendedData,omitempty"` +} diff --git a/internal/pkg/logging/handler.go b/pkg/logging/handler.go similarity index 100% rename from internal/pkg/logging/handler.go rename to pkg/logging/handler.go diff --git a/internal/pkg/logging/level.go b/pkg/logging/level.go similarity index 100% rename from internal/pkg/logging/level.go rename to pkg/logging/level.go diff --git a/internal/pkg/logging/record.go b/pkg/logging/record.go similarity index 100% rename from internal/pkg/logging/record.go rename to pkg/logging/record.go diff --git a/pkg/sdk3rd/1panel/api_get_https_conf.go b/pkg/sdk3rd/1panel/api_get_https_conf.go new file mode 100644 index 00000000..4fd3a873 --- /dev/null +++ b/pkg/sdk3rd/1panel/api_get_https_conf.go @@ -0,0 +1,43 @@ +package onepanel + +import ( + "context" + "fmt" + "net/http" +) + +type GetHttpsConfResponse struct { + apiResponseBase + + Data *struct { + Enable bool `json:"enable"` + HttpConfig string `json:"httpConfig"` + SSLProtocol []string `json:"SSLProtocol"` + Algorithm string `json:"algorithm"` + Hsts bool `json:"hsts"` + } `json:"data,omitempty"` +} + +func (c *Client) GetHttpsConf(websiteId int64) (*GetHttpsConfResponse, error) { + return c.GetHttpsConfWithContext(context.Background(), websiteId) +} + +func (c *Client) GetHttpsConfWithContext(ctx context.Context, websiteId int64) (*GetHttpsConfResponse, error) { + if websiteId == 0 { + return nil, fmt.Errorf("sdkerr: unset websiteId") + } + + httpreq, err := c.newRequest(http.MethodGet, fmt.Sprintf("/websites/%d/https", websiteId)) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &GetHttpsConfResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/api_get_website_ssl.go b/pkg/sdk3rd/1panel/api_get_website_ssl.go new file mode 100644 index 00000000..aeab2dab --- /dev/null +++ b/pkg/sdk3rd/1panel/api_get_website_ssl.go @@ -0,0 +1,50 @@ +package onepanel + +import ( + "context" + "fmt" + "net/http" +) + +type GetWebsiteSSLResponse struct { + apiResponseBase + + Data *struct { + ID int64 `json:"id"` + Provider string `json:"provider"` + Description string `json:"description"` + PrimaryDomain string `json:"primaryDomain"` + Domains string `json:"domains"` + Type string `json:"type"` + Organization string `json:"organization"` + Status string `json:"status"` + StartDate string `json:"startDate"` + ExpireDate string `json:"expireDate"` + CreatedAt string `json:"createdAt"` + UpdatedAt string `json:"updatedAt"` + } `json:"data,omitempty"` +} + +func (c *Client) GetWebsiteSSL(sslId int64) (*GetWebsiteSSLResponse, error) { + return c.GetWebsiteSSLWithContext(context.Background(), sslId) +} + +func (c *Client) GetWebsiteSSLWithContext(ctx context.Context, sslId int64) (*GetWebsiteSSLResponse, error) { + if sslId == 0 { + return nil, fmt.Errorf("sdkerr: unset sslId") + } + + httpreq, err := c.newRequest(http.MethodGet, fmt.Sprintf("/websites/ssl/%d", sslId)) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &GetWebsiteSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/api_search_website_ssl.go b/pkg/sdk3rd/1panel/api_search_website_ssl.go new file mode 100644 index 00000000..10ceb366 --- /dev/null +++ b/pkg/sdk3rd/1panel/api_search_website_ssl.go @@ -0,0 +1,50 @@ +package onepanel + +import ( + "context" + "net/http" +) + +type SearchWebsiteSSLRequest struct { + Page int32 `json:"page"` + PageSize int32 `json:"pageSize"` +} + +type SearchWebsiteSSLResponse struct { + apiResponseBase + + Data *struct { + Items []*struct { + ID int64 `json:"id"` + PEM string `json:"pem"` + PrivateKey string `json:"privateKey"` + Domains string `json:"domains"` + Description string `json:"description"` + Status string `json:"status"` + UpdatedAt string `json:"updatedAt"` + CreatedAt string `json:"createdAt"` + } `json:"items"` + Total int32 `json:"total"` + } `json:"data,omitempty"` +} + +func (c *Client) SearchWebsiteSSL(req *SearchWebsiteSSLRequest) (*SearchWebsiteSSLResponse, error) { + return c.SearchWebsiteSSLWithContext(context.Background(), req) +} + +func (c *Client) SearchWebsiteSSLWithContext(ctx context.Context, req *SearchWebsiteSSLRequest) (*SearchWebsiteSSLResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/websites/ssl/search") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &SearchWebsiteSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/api_update_https_conf.go b/pkg/sdk3rd/1panel/api_update_https_conf.go new file mode 100644 index 00000000..ba79fd68 --- /dev/null +++ b/pkg/sdk3rd/1panel/api_update_https_conf.go @@ -0,0 +1,53 @@ +package onepanel + +import ( + "context" + "fmt" + "net/http" +) + +type UpdateHttpsConfRequest struct { + WebsiteID int64 `json:"websiteId"` + Enable bool `json:"enable"` + Type string `json:"type"` + WebsiteSSLID int64 `json:"websiteSSLId"` + PrivateKey string `json:"privateKey"` + Certificate string `json:"certificate"` + PrivateKeyPath string `json:"privateKeyPath"` + CertificatePath string `json:"certificatePath"` + ImportType string `json:"importType"` + HttpConfig string `json:"httpConfig"` + SSLProtocol []string `json:"SSLProtocol"` + Algorithm string `json:"algorithm"` + Hsts bool `json:"hsts"` +} + +type UpdateHttpsConfResponse struct { + apiResponseBase +} + +func (c *Client) UpdateHttpsConf(websiteId int64, req *UpdateHttpsConfRequest) (*UpdateHttpsConfResponse, error) { + return c.UpdateHttpsConfWithContext(context.Background(), websiteId, req) +} + +func (c *Client) UpdateHttpsConfWithContext(ctx context.Context, websiteId int64, req *UpdateHttpsConfRequest) (*UpdateHttpsConfResponse, error) { + if websiteId == 0 { + return nil, fmt.Errorf("sdkerr: unset websiteId") + } + + httpreq, err := c.newRequest(http.MethodPost, fmt.Sprintf("/websites/%d/https", websiteId)) + if err != nil { + return nil, err + } else { + req.WebsiteID = websiteId + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateHttpsConfResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/api_update_settings_ssl.go b/pkg/sdk3rd/1panel/api_update_settings_ssl.go new file mode 100644 index 00000000..055472b0 --- /dev/null +++ b/pkg/sdk3rd/1panel/api_update_settings_ssl.go @@ -0,0 +1,40 @@ +package onepanel + +import ( + "context" + "net/http" +) + +type UpdateSettingsSSLRequest struct { + Cert string `json:"cert"` + Key string `json:"key"` + SSLType string `json:"sslType"` + SSL string `json:"ssl"` + SSLID int64 `json:"sslID"` + AutoRestart string `json:"autoRestart"` +} + +type UpdateSettingsSSLResponse struct { + apiResponseBase +} + +func (c *Client) UpdateSettingsSSL(req *UpdateSettingsSSLRequest) (*UpdateSettingsSSLResponse, error) { + return c.UpdateSettingsSSLWithContext(context.Background(), req) +} + +func (c *Client) UpdateSettingsSSLWithContext(ctx context.Context, req *UpdateSettingsSSLRequest) (*UpdateSettingsSSLResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/settings/ssl/update") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateSettingsSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/api_upload_website_ssl.go b/pkg/sdk3rd/1panel/api_upload_website_ssl.go new file mode 100644 index 00000000..160ac40c --- /dev/null +++ b/pkg/sdk3rd/1panel/api_upload_website_ssl.go @@ -0,0 +1,41 @@ +package onepanel + +import ( + "context" + "net/http" +) + +type UploadWebsiteSSLRequest struct { + SSLID int64 `json:"sslID"` + Type string `json:"type"` + Certificate string `json:"certificate"` + CertificatePath string `json:"certificatePath"` + PrivateKey string `json:"privateKey"` + PrivateKeyPath string `json:"privateKeyPath"` + Description string `json:"description"` +} + +type UploadWebsiteSSLResponse struct { + apiResponseBase +} + +func (c *Client) UploadWebsiteSSL(req *UploadWebsiteSSLRequest) (*UploadWebsiteSSLResponse, error) { + return c.UploadWebsiteSSLWithContext(context.Background(), req) +} + +func (c *Client) UploadWebsiteSSLWithContext(ctx context.Context, req *UploadWebsiteSSLRequest) (*UploadWebsiteSSLResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/websites/ssl/upload") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UploadWebsiteSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/client.go b/pkg/sdk3rd/1panel/client.go new file mode 100644 index 00000000..5f52ce9a --- /dev/null +++ b/pkg/sdk3rd/1panel/client.go @@ -0,0 +1,116 @@ +package onepanel + +import ( + "crypto/md5" + "crypto/tls" + "encoding/hex" + "encoding/json" + "fmt" + "net/http" + "net/url" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(serverUrl, apiKey string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiKey == "" { + return nil, fmt.Errorf("sdkerr: unset apiKey") + } + + client := resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")+"/api/v1"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + timestamp := fmt.Sprintf("%d", time.Now().Unix()) + tokenMd5 := md5.Sum([]byte("1panel" + apiKey + timestamp)) + tokenMd5Hex := hex.EncodeToString(tokenMd5[:]) + req.Header.Set("1Panel-Timestamp", timestamp) + req.Header.Set("1Panel-Token", tokenMd5Hex) + + return nil + }) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode/100 != 2 { + return resp, fmt.Errorf("sdkerr: api error: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/1panel/types.go b/pkg/sdk3rd/1panel/types.go new file mode 100644 index 00000000..c8398b02 --- /dev/null +++ b/pkg/sdk3rd/1panel/types.go @@ -0,0 +1,29 @@ +package onepanel + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code *int32 `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +func (r *apiResponseBase) GetCode() int32 { + if r.Code == nil { + return 0 + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/pkg/sdk3rd/1panel/v2/api_get_https_conf.go b/pkg/sdk3rd/1panel/v2/api_get_https_conf.go new file mode 100644 index 00000000..c20ea650 --- /dev/null +++ b/pkg/sdk3rd/1panel/v2/api_get_https_conf.go @@ -0,0 +1,43 @@ +package onepanelv2 + +import ( + "context" + "fmt" + "net/http" +) + +type GetHttpsConfResponse struct { + apiResponseBase + + Data *struct { + Enable bool `json:"enable"` + HttpConfig string `json:"httpConfig"` + SSLProtocol []string `json:"SSLProtocol"` + Algorithm string `json:"algorithm"` + Hsts bool `json:"hsts"` + } `json:"data,omitempty"` +} + +func (c *Client) GetHttpsConf(websiteId int64) (*GetHttpsConfResponse, error) { + return c.GetHttpsConfWithContext(context.Background(), websiteId) +} + +func (c *Client) GetHttpsConfWithContext(ctx context.Context, websiteId int64) (*GetHttpsConfResponse, error) { + if websiteId == 0 { + return nil, fmt.Errorf("sdkerr: unset websiteId") + } + + httpreq, err := c.newRequest(http.MethodGet, fmt.Sprintf("/websites/%d/https", websiteId)) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &GetHttpsConfResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/v2/api_get_website_ssl.go b/pkg/sdk3rd/1panel/v2/api_get_website_ssl.go new file mode 100644 index 00000000..c3d4be3a --- /dev/null +++ b/pkg/sdk3rd/1panel/v2/api_get_website_ssl.go @@ -0,0 +1,50 @@ +package onepanelv2 + +import ( + "context" + "fmt" + "net/http" +) + +type GetWebsiteSSLResponse struct { + apiResponseBase + + Data *struct { + ID int64 `json:"id"` + Provider string `json:"provider"` + Description string `json:"description"` + PrimaryDomain string `json:"primaryDomain"` + Domains string `json:"domains"` + Type string `json:"type"` + Organization string `json:"organization"` + Status string `json:"status"` + StartDate string `json:"startDate"` + ExpireDate string `json:"expireDate"` + CreatedAt string `json:"createdAt"` + UpdatedAt string `json:"updatedAt"` + } `json:"data,omitempty"` +} + +func (c *Client) GetWebsiteSSL(sslId int64) (*GetWebsiteSSLResponse, error) { + return c.GetWebsiteSSLWithContext(context.Background(), sslId) +} + +func (c *Client) GetWebsiteSSLWithContext(ctx context.Context, sslId int64) (*GetWebsiteSSLResponse, error) { + if sslId == 0 { + return nil, fmt.Errorf("sdkerr: unset sslId") + } + + httpreq, err := c.newRequest(http.MethodGet, fmt.Sprintf("/websites/ssl/%d", sslId)) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &GetWebsiteSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/v2/api_search_website_ssl.go b/pkg/sdk3rd/1panel/v2/api_search_website_ssl.go new file mode 100644 index 00000000..c46a301a --- /dev/null +++ b/pkg/sdk3rd/1panel/v2/api_search_website_ssl.go @@ -0,0 +1,50 @@ +package onepanelv2 + +import ( + "context" + "net/http" +) + +type SearchWebsiteSSLRequest struct { + Page int32 `json:"page"` + PageSize int32 `json:"pageSize"` +} + +type SearchWebsiteSSLResponse struct { + apiResponseBase + + Data *struct { + Items []*struct { + ID int64 `json:"id"` + PEM string `json:"pem"` + PrivateKey string `json:"privateKey"` + Domains string `json:"domains"` + Description string `json:"description"` + Status string `json:"status"` + UpdatedAt string `json:"updatedAt"` + CreatedAt string `json:"createdAt"` + } `json:"items"` + Total int32 `json:"total"` + } `json:"data,omitempty"` +} + +func (c *Client) SearchWebsiteSSL(req *SearchWebsiteSSLRequest) (*SearchWebsiteSSLResponse, error) { + return c.SearchWebsiteSSLWithContext(context.Background(), req) +} + +func (c *Client) SearchWebsiteSSLWithContext(ctx context.Context, req *SearchWebsiteSSLRequest) (*SearchWebsiteSSLResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/websites/ssl/search") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &SearchWebsiteSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/v2/api_update_core_settings_ssl.go b/pkg/sdk3rd/1panel/v2/api_update_core_settings_ssl.go new file mode 100644 index 00000000..aa53fc6f --- /dev/null +++ b/pkg/sdk3rd/1panel/v2/api_update_core_settings_ssl.go @@ -0,0 +1,40 @@ +package onepanelv2 + +import ( + "context" + "net/http" +) + +type UpdateCoreSettingsSSLRequest struct { + Cert string `json:"cert"` + Key string `json:"key"` + SSLType string `json:"sslType"` + SSL string `json:"ssl"` + SSLID int64 `json:"sslID"` + AutoRestart string `json:"autoRestart"` +} + +type UpdateCoreSettingsSSLResponse struct { + apiResponseBase +} + +func (c *Client) UpdateCoreSettingsSSL(req *UpdateCoreSettingsSSLRequest) (*UpdateCoreSettingsSSLResponse, error) { + return c.UpdateCoreSettingsSSLWithContext(context.Background(), req) +} + +func (c *Client) UpdateCoreSettingsSSLWithContext(ctx context.Context, req *UpdateCoreSettingsSSLRequest) (*UpdateCoreSettingsSSLResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/core/settings/ssl/update") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateCoreSettingsSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/v2/api_update_https_conf.go b/pkg/sdk3rd/1panel/v2/api_update_https_conf.go new file mode 100644 index 00000000..e4750613 --- /dev/null +++ b/pkg/sdk3rd/1panel/v2/api_update_https_conf.go @@ -0,0 +1,53 @@ +package onepanelv2 + +import ( + "context" + "fmt" + "net/http" +) + +type UpdateHttpsConfRequest struct { + WebsiteID int64 `json:"websiteId"` + Enable bool `json:"enable"` + Type string `json:"type"` + WebsiteSSLID int64 `json:"websiteSSLId"` + PrivateKey string `json:"privateKey"` + Certificate string `json:"certificate"` + PrivateKeyPath string `json:"privateKeyPath"` + CertificatePath string `json:"certificatePath"` + ImportType string `json:"importType"` + HttpConfig string `json:"httpConfig"` + SSLProtocol []string `json:"SSLProtocol"` + Algorithm string `json:"algorithm"` + Hsts bool `json:"hsts"` +} + +type UpdateHttpsConfResponse struct { + apiResponseBase +} + +func (c *Client) UpdateHttpsConf(websiteId int64, req *UpdateHttpsConfRequest) (*UpdateHttpsConfResponse, error) { + return c.UpdateHttpsConfWithContext(context.Background(), websiteId, req) +} + +func (c *Client) UpdateHttpsConfWithContext(ctx context.Context, websiteId int64, req *UpdateHttpsConfRequest) (*UpdateHttpsConfResponse, error) { + if websiteId == 0 { + return nil, fmt.Errorf("sdkerr: unset websiteId") + } + + httpreq, err := c.newRequest(http.MethodPost, fmt.Sprintf("/websites/%d/https", websiteId)) + if err != nil { + return nil, err + } else { + req.WebsiteID = websiteId + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateHttpsConfResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/v2/api_upload_website_ssl.go b/pkg/sdk3rd/1panel/v2/api_upload_website_ssl.go new file mode 100644 index 00000000..3ce50cdf --- /dev/null +++ b/pkg/sdk3rd/1panel/v2/api_upload_website_ssl.go @@ -0,0 +1,41 @@ +package onepanelv2 + +import ( + "context" + "net/http" +) + +type UploadWebsiteSSLRequest struct { + SSLID int64 `json:"sslID"` + Type string `json:"type"` + Certificate string `json:"certificate"` + CertificatePath string `json:"certificatePath"` + PrivateKey string `json:"privateKey"` + PrivateKeyPath string `json:"privateKeyPath"` + Description string `json:"description"` +} + +type UploadWebsiteSSLResponse struct { + apiResponseBase +} + +func (c *Client) UploadWebsiteSSL(req *UploadWebsiteSSLRequest) (*UploadWebsiteSSLResponse, error) { + return c.UploadWebsiteSSLWithContext(context.Background(), req) +} + +func (c *Client) UploadWebsiteSSLWithContext(ctx context.Context, req *UploadWebsiteSSLRequest) (*UploadWebsiteSSLResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/websites/ssl/upload") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UploadWebsiteSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/v2/client.go b/pkg/sdk3rd/1panel/v2/client.go new file mode 100644 index 00000000..3a74c5bf --- /dev/null +++ b/pkg/sdk3rd/1panel/v2/client.go @@ -0,0 +1,116 @@ +package onepanelv2 + +import ( + "crypto/md5" + "crypto/tls" + "encoding/hex" + "encoding/json" + "fmt" + "net/http" + "net/url" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(serverUrl, apiKey string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiKey == "" { + return nil, fmt.Errorf("sdkerr: unset apiKey") + } + + client := resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")+"/api/v2"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + timestamp := fmt.Sprintf("%d", time.Now().Unix()) + tokenMd5 := md5.Sum([]byte("1panel" + apiKey + timestamp)) + tokenMd5Hex := hex.EncodeToString(tokenMd5[:]) + req.Header.Set("1Panel-Timestamp", timestamp) + req.Header.Set("1Panel-Token", tokenMd5Hex) + + return nil + }) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode/100 != 2 { + return resp, fmt.Errorf("sdkerr: api error: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/1panel/v2/types.go b/pkg/sdk3rd/1panel/v2/types.go new file mode 100644 index 00000000..0d3f5108 --- /dev/null +++ b/pkg/sdk3rd/1panel/v2/types.go @@ -0,0 +1,29 @@ +package onepanelv2 + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code *int32 `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +func (r *apiResponseBase) GetCode() int32 { + if r.Code == nil { + return 0 + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/pkg/sdk3rd/apisix/api_update_ssl.go b/pkg/sdk3rd/apisix/api_update_ssl.go new file mode 100644 index 00000000..0894364d --- /dev/null +++ b/pkg/sdk3rd/apisix/api_update_ssl.go @@ -0,0 +1,44 @@ +package apisix + +import ( + "context" + "fmt" + "net/http" +) + +type UpdateSSLRequest struct { + Cert *string `json:"cert,omitempty"` + Key *string `json:"key,omitempty"` + SNIs *[]string `json:"snis,omitempty"` + Type *string `json:"type,omitempty"` + Status *int32 `json:"status,omitempty"` +} + +type UpdateSSLResponse struct { + apiResponseBase +} + +func (c *Client) UpdateSSL(sslId string, req *UpdateSSLRequest) (*UpdateSSLResponse, error) { + return c.UpdateSSLWithContext(context.Background(), sslId, req) +} + +func (c *Client) UpdateSSLWithContext(ctx context.Context, sslId string, req *UpdateSSLRequest) (*UpdateSSLResponse, error) { + if sslId == "" { + return nil, fmt.Errorf("sdkerr: unset sslId") + } + + httpreq, err := c.newRequest(http.MethodPut, fmt.Sprintf("/ssls/%s", sslId)) + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/apisix/client.go b/pkg/sdk3rd/apisix/client.go new file mode 100644 index 00000000..006a8f6e --- /dev/null +++ b/pkg/sdk3rd/apisix/client.go @@ -0,0 +1,106 @@ +package apisix + +import ( + "crypto/tls" + "encoding/json" + "fmt" + "net/http" + "net/url" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(serverUrl, apiKey string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiKey == "" { + return nil, fmt.Errorf("sdkerr: unset apiKey") + } + + client := resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")+"/apisix/admin"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + req.Header.Set("X-API-KEY", apiKey) + + return nil + }) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/apisix/types.go b/pkg/sdk3rd/apisix/types.go new file mode 100644 index 00000000..a2b30d4f --- /dev/null +++ b/pkg/sdk3rd/apisix/types.go @@ -0,0 +1,7 @@ +package apisix + +type apiResponse interface{} + +type apiResponseBase struct{} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/internal/pkg/sdk3rd/azure/common/config.go b/pkg/sdk3rd/azure/env/config.go similarity index 66% rename from internal/pkg/sdk3rd/azure/common/config.go rename to pkg/sdk3rd/azure/env/config.go index 45a1e490..5599df8a 100644 --- a/internal/pkg/sdk3rd/azure/common/config.go +++ b/pkg/sdk3rd/azure/env/config.go @@ -1,4 +1,4 @@ -package common +package env import ( "fmt" @@ -7,7 +7,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud" ) -func IsEnvironmentPublic(env string) bool { +func IsPublicEnv(env string) bool { switch strings.ToLower(env) { case "", "default", "public", "azurecloud": return true @@ -16,7 +16,7 @@ func IsEnvironmentPublic(env string) bool { } } -func IsEnvironmentGovernment(env string) bool { +func IsUSGovernmentEnv(env string) bool { switch strings.ToLower(env) { case "usgovernment", "government", "azureusgovernment", "azuregovernment": return true @@ -25,7 +25,7 @@ func IsEnvironmentGovernment(env string) bool { } } -func IsEnvironmentChina(env string) bool { +func IsChinaEnv(env string) bool { switch strings.ToLower(env) { case "china", "chinacloud", "azurechina", "azurechinacloud": return true @@ -34,12 +34,12 @@ func IsEnvironmentChina(env string) bool { } } -func GetCloudEnvironmentConfiguration(env string) (cloud.Configuration, error) { - if IsEnvironmentPublic(env) { +func GetCloudEnvConfiguration(env string) (cloud.Configuration, error) { + if IsPublicEnv(env) { return cloud.AzurePublic, nil - } else if IsEnvironmentGovernment(env) { + } else if IsUSGovernmentEnv(env) { return cloud.AzureGovernment, nil - } else if IsEnvironmentChina(env) { + } else if IsChinaEnv(env) { return cloud.AzureChina, nil } diff --git a/internal/pkg/sdk3rd/baiducloud/cert/api.go b/pkg/sdk3rd/baiducloud/cert/cert.go similarity index 100% rename from internal/pkg/sdk3rd/baiducloud/cert/api.go rename to pkg/sdk3rd/baiducloud/cert/cert.go diff --git a/internal/pkg/sdk3rd/baiducloud/cert/client.go b/pkg/sdk3rd/baiducloud/cert/client.go similarity index 99% rename from internal/pkg/sdk3rd/baiducloud/cert/client.go rename to pkg/sdk3rd/baiducloud/cert/client.go index 02c4feff..e2e6f150 100644 --- a/internal/pkg/sdk3rd/baiducloud/cert/client.go +++ b/pkg/sdk3rd/baiducloud/cert/client.go @@ -13,5 +13,6 @@ func NewClient(ak, sk, endPoint string) (*Client, error) { if err != nil { return nil, err } + return &Client{client}, nil } diff --git a/internal/pkg/sdk3rd/baiducloud/cert/models.go b/pkg/sdk3rd/baiducloud/cert/model.go similarity index 100% rename from internal/pkg/sdk3rd/baiducloud/cert/models.go rename to pkg/sdk3rd/baiducloud/cert/model.go diff --git a/pkg/sdk3rd/baishan/api_get_domain_config.go b/pkg/sdk3rd/baishan/api_get_domain_config.go new file mode 100644 index 00000000..bbaae26d --- /dev/null +++ b/pkg/sdk3rd/baishan/api_get_domain_config.go @@ -0,0 +1,49 @@ +package baishan + +import ( + "context" + "net/http" +) + +type GetDomainConfigRequest struct { + Domains *string `json:"domains,omitempty"` + Config *[]string `json:"config,omitempty"` +} + +type GetDomainConfigResponse struct { + apiResponseBase + + Data []*struct { + Domain string `json:"domain"` + Config *DomainConfig `json:"config"` + } `json:"data,omitempty"` +} + +func (c *Client) GetDomainConfig(req *GetDomainConfigRequest) (*GetDomainConfigResponse, error) { + return c.GetDomainConfigWithContext(context.Background(), req) +} + +func (c *Client) GetDomainConfigWithContext(ctx context.Context, req *GetDomainConfigRequest) (*GetDomainConfigResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/v2/domain/config") + if err != nil { + return nil, err + } else { + if req.Domains != nil { + httpreq.SetQueryParam("domains", *req.Domains) + } + if req.Config != nil { + for _, config := range *req.Config { + httpreq.QueryParam.Add("config[]", config) + } + } + + httpreq.SetContext(ctx) + } + + result := &GetDomainConfigResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/baishan/api_set_domain_certificate.go b/pkg/sdk3rd/baishan/api_set_domain_certificate.go new file mode 100644 index 00000000..3dd3b0b6 --- /dev/null +++ b/pkg/sdk3rd/baishan/api_set_domain_certificate.go @@ -0,0 +1,40 @@ +package baishan + +import ( + "context" + "net/http" +) + +type SetDomainCertificateRequest struct { + CertificateId *string `json:"cert_id,omitempty"` + Certificate *string `json:"certificate,omitempty"` + Key *string `json:"key,omitempty"` + Name *string `json:"name,omitempty"` +} + +type SetDomainCertificateResponse struct { + apiResponseBase + + Data *DomainCertificate `json:"data,omitempty"` +} + +func (c *Client) SetDomainCertificate(req *SetDomainCertificateRequest) (*SetDomainCertificateResponse, error) { + return c.SetDomainCertificateWithContext(context.Background(), req) +} + +func (c *Client) SetDomainCertificateWithContext(ctx context.Context, req *SetDomainCertificateRequest) (*SetDomainCertificateResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/v2/domain/certificate") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &SetDomainCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/baishan/api_set_domain_config.go b/pkg/sdk3rd/baishan/api_set_domain_config.go new file mode 100644 index 00000000..fcc876c4 --- /dev/null +++ b/pkg/sdk3rd/baishan/api_set_domain_config.go @@ -0,0 +1,40 @@ +package baishan + +import ( + "context" + "net/http" +) + +type SetDomainConfigRequest struct { + Domains *string `json:"domains,omitempty"` + Config *DomainConfig `json:"config,omitempty"` +} + +type SetDomainConfigResponse struct { + apiResponseBase + + Data *struct { + Config *DomainConfig `json:"config"` + } `json:"data,omitempty"` +} + +func (c *Client) SetDomainConfig(req *SetDomainConfigRequest) (*SetDomainConfigResponse, error) { + return c.SetDomainConfigWithContext(context.Background(), req) +} + +func (c *Client) SetDomainConfigWithContext(ctx context.Context, req *SetDomainConfigRequest) (*SetDomainConfigResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/v2/domain/config") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &SetDomainConfigResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/baishan/client.go b/pkg/sdk3rd/baishan/client.go new file mode 100644 index 00000000..fb9a1df7 --- /dev/null +++ b/pkg/sdk3rd/baishan/client.go @@ -0,0 +1,91 @@ +package baishan + +import ( + "encoding/json" + "fmt" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(apiToken string) (*Client, error) { + if apiToken == "" { + return nil, fmt.Errorf("sdkerr: unset apiToken") + } + + client := resty.New(). + SetBaseURL("https://cdn.api.baishan.com"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetHeader("Token", apiToken) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != 0 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/baishan/types.go b/pkg/sdk3rd/baishan/types.go new file mode 100644 index 00000000..b6bda59f --- /dev/null +++ b/pkg/sdk3rd/baishan/types.go @@ -0,0 +1,49 @@ +package baishan + +import "encoding/json" + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code *int32 `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +func (r *apiResponseBase) GetCode() int32 { + if r.Code == nil { + return 0 + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type DomainCertificate struct { + CertId json.Number `json:"cert_id"` + Name string `json:"name"` + CertStartTime string `json:"cert_start_time"` + CertExpireTime string `json:"cert_expire_time"` +} + +type DomainConfig struct { + Https *DomainConfigHttps `json:"https"` +} + +type DomainConfigHttps struct { + CertId json.Number `json:"cert_id"` + ForceHttps *string `json:"force_https,omitempty"` + EnableHttp2 *string `json:"http2,omitempty"` + EnableOcsp *string `json:"ocsp,omitempty"` +} diff --git a/pkg/sdk3rd/btpanel/api_config_save_panel_ssl.go b/pkg/sdk3rd/btpanel/api_config_save_panel_ssl.go new file mode 100644 index 00000000..76b343b1 --- /dev/null +++ b/pkg/sdk3rd/btpanel/api_config_save_panel_ssl.go @@ -0,0 +1,35 @@ +package btpanel + +import ( + "context" + "net/http" +) + +type ConfigSavePanelSSLRequest struct { + PrivateKey string `json:"privateKey"` + Certificate string `json:"certPem"` +} + +type ConfigSavePanelSSLResponse struct { + apiResponseBase +} + +func (c *Client) ConfigSavePanelSSL(req *ConfigSavePanelSSLRequest) (*ConfigSavePanelSSLResponse, error) { + return c.ConfigSavePanelSSLWithContext(context.Background(), req) +} + +func (c *Client) ConfigSavePanelSSLWithContext(ctx context.Context, req *ConfigSavePanelSSLRequest) (*ConfigSavePanelSSLResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/config?action=SavePanelSSL", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &ConfigSavePanelSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/btpanel/api_site_set_ssl.go b/pkg/sdk3rd/btpanel/api_site_set_ssl.go new file mode 100644 index 00000000..95b422ae --- /dev/null +++ b/pkg/sdk3rd/btpanel/api_site_set_ssl.go @@ -0,0 +1,37 @@ +package btpanel + +import ( + "context" + "net/http" +) + +type SiteSetSSLRequest struct { + Type string `json:"type"` + SiteName string `json:"siteName"` + PrivateKey string `json:"key"` + Certificate string `json:"csr"` +} + +type SiteSetSSLResponse struct { + apiResponseBase +} + +func (c *Client) SiteSetSSL(req *SiteSetSSLRequest) (*SiteSetSSLResponse, error) { + return c.SiteSetSSLWithContext(context.Background(), req) +} + +func (c *Client) SiteSetSSLWithContext(ctx context.Context, req *SiteSetSSLRequest) (*SiteSetSSLResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/site?action=SetSSL", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &SiteSetSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/btpanel/api_ssl_cert_save_cert.go b/pkg/sdk3rd/btpanel/api_ssl_cert_save_cert.go new file mode 100644 index 00000000..96f5b554 --- /dev/null +++ b/pkg/sdk3rd/btpanel/api_ssl_cert_save_cert.go @@ -0,0 +1,37 @@ +package btpanel + +import ( + "context" + "net/http" +) + +type SSLCertSaveCertRequest struct { + PrivateKey string `json:"key"` + Certificate string `json:"csr"` +} + +type SSLCertSaveCertResponse struct { + apiResponseBase + + SSLHash string `json:"ssl_hash"` +} + +func (c *Client) SSLCertSaveCert(req *SSLCertSaveCertRequest) (*SSLCertSaveCertResponse, error) { + return c.SSLCertSaveCertWithContext(context.Background(), req) +} + +func (c *Client) SSLCertSaveCertWithContext(ctx context.Context, req *SSLCertSaveCertRequest) (*SSLCertSaveCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/ssl/cert/save_cert", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &SSLCertSaveCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/btpanel/api_ssl_set_batch_cert_to_site.go b/pkg/sdk3rd/btpanel/api_ssl_set_batch_cert_to_site.go new file mode 100644 index 00000000..3d5b0cfd --- /dev/null +++ b/pkg/sdk3rd/btpanel/api_ssl_set_batch_cert_to_site.go @@ -0,0 +1,44 @@ +package btpanel + +import ( + "context" + "net/http" +) + +type SSLSetBatchCertToSiteRequest struct { + BatchInfo []*SSLSetBatchCertToSiteRequestBatchInfo `json:"BatchInfo"` +} + +type SSLSetBatchCertToSiteRequestBatchInfo struct { + SSLHash string `json:"ssl_hash"` + SiteName string `json:"siteName"` + CertName string `json:"certName"` +} + +type SSLSetBatchCertToSiteResponse struct { + apiResponseBase + + TotalCount int32 `json:"total"` + SuccessCount int32 `json:"success"` + FailedCount int32 `json:"faild"` +} + +func (c *Client) SSLSetBatchCertToSite(req *SSLSetBatchCertToSiteRequest) (*SSLSetBatchCertToSiteResponse, error) { + return c.SSLSetBatchCertToSiteWithContext(context.Background(), req) +} + +func (c *Client) SSLSetBatchCertToSiteWithContext(ctx context.Context, req *SSLSetBatchCertToSiteRequest) (*SSLSetBatchCertToSiteResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/ssl?action=SetBatchCertToSite", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &SSLSetBatchCertToSiteResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/btpanel/api_system_service_admin.go b/pkg/sdk3rd/btpanel/api_system_service_admin.go new file mode 100644 index 00000000..f9c19cea --- /dev/null +++ b/pkg/sdk3rd/btpanel/api_system_service_admin.go @@ -0,0 +1,35 @@ +package btpanel + +import ( + "context" + "net/http" +) + +type SystemServiceAdminRequest struct { + Name string `json:"name"` + Type string `json:"type"` +} + +type SystemServiceAdminResponse struct { + apiResponseBase +} + +func (c *Client) SystemServiceAdmin(req *SystemServiceAdminRequest) (*SystemServiceAdminResponse, error) { + return c.SystemServiceAdminWithContext(context.Background(), req) +} + +func (c *Client) SystemServiceAdminWithContext(ctx context.Context, req *SystemServiceAdminRequest) (*SystemServiceAdminResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/system?action=ServiceAdmin", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &SystemServiceAdminResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/btpanel/client.go b/pkg/sdk3rd/btpanel/client.go new file mode 100644 index 00000000..8b8cff64 --- /dev/null +++ b/pkg/sdk3rd/btpanel/client.go @@ -0,0 +1,159 @@ +package btpanel + +import ( + "crypto/md5" + "crypto/tls" + "encoding/hex" + "encoding/json" + "fmt" + "net/url" + "reflect" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + apiKey string + + client *resty.Client +} + +func NewClient(serverUrl, apiKey string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiKey == "" { + return nil, fmt.Errorf("sdkerr: unset apiKey") + } + + client := resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/x-www-form-urlencoded"). + SetHeader("User-Agent", "certimate") + + return &Client{ + apiKey: apiKey, + client: client, + }, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string, params any) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + data := make(map[string]string) + if params != nil { + temp := make(map[string]any) + jsonb, _ := json.Marshal(params) + json.Unmarshal(jsonb, &temp) + for k, v := range temp { + if v == nil { + continue + } + + switch reflect.Indirect(reflect.ValueOf(v)).Kind() { + case reflect.String: + data[k] = v.(string) + + case reflect.Bool, reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Float32, reflect.Float64: + data[k] = fmt.Sprintf("%v", v) + + default: + if t, ok := v.(time.Time); ok { + data[k] = t.Format(time.RFC3339) + } else { + jsonb, _ := json.Marshal(v) + data[k] = string(jsonb) + } + } + } + } + + timestamp := time.Now().Unix() + data["request_time"] = fmt.Sprintf("%d", timestamp) + data["request_token"] = generateSignature(fmt.Sprintf("%d", timestamp), c.apiKey) + + req := c.client.R() + req.Method = method + req.URL = path + req.SetFormData(data) + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetBody` or `req.SetFormData` HERE! USE `newRequest` INSTEAD. + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tstatus := res.GetStatus(); tstatus != nil && !*tstatus { + if res.GetMessage() == nil { + return resp, fmt.Errorf("sdkerr: api error: unknown error") + } else { + return resp, fmt.Errorf("sdkerr: api error: message='%s'", *res.GetMessage()) + } + } + } + } + + return resp, nil +} + +func generateSignature(timestamp string, apiKey string) string { + keyMd5 := md5.Sum([]byte(apiKey)) + keyMd5Hex := strings.ToLower(hex.EncodeToString(keyMd5[:])) + + signMd5 := md5.Sum([]byte(timestamp + keyMd5Hex)) + signMd5Hex := strings.ToLower(hex.EncodeToString(signMd5[:])) + return signMd5Hex +} diff --git a/pkg/sdk3rd/btpanel/types.go b/pkg/sdk3rd/btpanel/types.go new file mode 100644 index 00000000..ecaf51d2 --- /dev/null +++ b/pkg/sdk3rd/btpanel/types.go @@ -0,0 +1,19 @@ +package btpanel + +type apiResponse interface { + GetStatus() *bool + GetMessage() *string +} + +type apiResponseBase struct { + Status *bool `json:"status,omitempty"` + Message *string `json:"msg,omitempty"` +} + +func (r *apiResponseBase) GetStatus() *bool { + return r.Status +} + +func (r *apiResponseBase) GetMessage() *string { + return r.Message +} diff --git a/pkg/sdk3rd/btwaf/api_config_set_cert.go b/pkg/sdk3rd/btwaf/api_config_set_cert.go new file mode 100644 index 00000000..1f93ec59 --- /dev/null +++ b/pkg/sdk3rd/btwaf/api_config_set_cert.go @@ -0,0 +1,36 @@ +package btwaf + +import ( + "context" + "net/http" +) + +type ConfigSetCertRequest struct { + CertContent *string `json:"certContent,omitempty"` + KeyContent *string `json:"keyContent,omitempty"` +} + +type ConfigSetCertResponse struct { + apiResponseBase +} + +func (c *Client) ConfigSetCert(req *ConfigSetCertRequest) (*ConfigSetCertResponse, error) { + return c.ConfigSetCertWithContext(context.Background(), req) +} + +func (c *Client) ConfigSetCertWithContext(ctx context.Context, req *ConfigSetCertRequest) (*ConfigSetCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/config/set_cert") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &ConfigSetCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/btwaf/api_get_site_list.go b/pkg/sdk3rd/btwaf/api_get_site_list.go new file mode 100644 index 00000000..7cb6c05d --- /dev/null +++ b/pkg/sdk3rd/btwaf/api_get_site_list.go @@ -0,0 +1,42 @@ +package btwaf + +import ( + "context" + "net/http" +) + +type GetSiteListRequest struct { + Page *int32 `json:"p,omitempty"` + PageSize *int32 `json:"p_size,omitempty"` + SiteName *string `json:"site_name,omitempty"` +} + +type GetSiteListResponse struct { + apiResponseBase + + Result *struct { + List []*SiteRecord `json:"list"` + Total int32 `json:"total"` + } `json:"res,omitempty"` +} + +func (c *Client) GetSiteList(req *GetSiteListRequest) (*GetSiteListResponse, error) { + return c.GetSiteListWithContext(context.Background(), req) +} + +func (c *Client) GetSiteListWithContext(ctx context.Context, req *GetSiteListRequest) (*GetSiteListResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/wafmastersite/get_site_list") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &GetSiteListResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/btwaf/api_modify_site.go b/pkg/sdk3rd/btwaf/api_modify_site.go new file mode 100644 index 00000000..516277ec --- /dev/null +++ b/pkg/sdk3rd/btwaf/api_modify_site.go @@ -0,0 +1,37 @@ +package btwaf + +import ( + "context" + "net/http" +) + +type ModifySiteRequest struct { + SiteId *string `json:"site_id,omitempty"` + Type *string `json:"types,omitempty"` + Server *SiteServerInfo `json:"server,omitempty"` +} + +type ModifySiteResponse struct { + apiResponseBase +} + +func (c *Client) ModifySite(req *ModifySiteRequest) (*ModifySiteResponse, error) { + return c.ModifySiteWithContext(context.Background(), req) +} + +func (c *Client) ModifySiteWithContext(ctx context.Context, req *ModifySiteRequest) (*ModifySiteResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/wafmastersite/modify_site") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &ModifySiteResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/btwaf/client.go b/pkg/sdk3rd/btwaf/client.go new file mode 100644 index 00000000..a3be8ae9 --- /dev/null +++ b/pkg/sdk3rd/btwaf/client.go @@ -0,0 +1,118 @@ +package btwaf + +import ( + "crypto/md5" + "crypto/tls" + "encoding/hex" + "encoding/json" + "fmt" + "net/http" + "net/url" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(serverUrl, apiKey string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiKey == "" { + return nil, fmt.Errorf("sdkerr: unset apiKey") + } + + client := resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")+"/api"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + timestamp := fmt.Sprintf("%d", time.Now().Unix()) + keyMd5 := md5.Sum([]byte(apiKey)) + keyMd5Hex := strings.ToLower(hex.EncodeToString(keyMd5[:])) + signMd5 := md5.Sum([]byte(timestamp + keyMd5Hex)) + signMd5Hex := strings.ToLower(hex.EncodeToString(signMd5[:])) + req.Header.Set("waf_request_time", timestamp) + req.Header.Set("waf_request_token", signMd5Hex) + + return nil + }) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if code := res.GetCode(); code != 0 { + return resp, fmt.Errorf("sdkerr: api error: code='%d'", code) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/btwaf/types.go b/pkg/sdk3rd/btwaf/types.go new file mode 100644 index 00000000..8c75a44b --- /dev/null +++ b/pkg/sdk3rd/btwaf/types.go @@ -0,0 +1,39 @@ +package btwaf + +type apiResponse interface { + GetCode() int32 +} + +type apiResponseBase struct { + Code *int32 `json:"code,omitempty"` +} + +func (r *apiResponseBase) GetCode() int32 { + if r.Code == nil { + return 0 + } + + return *r.Code +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type SiteRecord struct { + SiteId string `json:"site_id"` + SiteName string `json:"site_name"` + Type string `json:"types"` + Status int32 `json:"status"` + CreateTime int64 `json:"create_time"` + UpdateTime int64 `json:"update_time"` +} + +type SiteServerInfo struct { + ListenSSLPorts *[]int32 `json:"listen_ssl_port,omitempty"` + SSL *SiteServerSSLInfo `json:"ssl,omitempty"` +} + +type SiteServerSSLInfo struct { + IsSSL *int32 `json:"is_ssl,omitempty"` + FullChain *string `json:"full_chain,omitempty"` + PrivateKey *string `json:"private_key,omitempty"` +} diff --git a/pkg/sdk3rd/bunny/api_add_custom_certificate.go b/pkg/sdk3rd/bunny/api_add_custom_certificate.go new file mode 100644 index 00000000..5950928d --- /dev/null +++ b/pkg/sdk3rd/bunny/api_add_custom_certificate.go @@ -0,0 +1,38 @@ +package bunny + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type AddCustomCertificateRequest struct { + Hostname string `json:"Hostname"` + Certificate string `json:"Certificate"` + CertificateKey string `json:"CertificateKey"` +} + +func (c *Client) AddCustomCertificate(pullZoneId string, req *AddCustomCertificateRequest) error { + return c.AddCustomCertificateWithContext(context.Background(), pullZoneId, req) +} + +func (c *Client) AddCustomCertificateWithContext(ctx context.Context, pullZoneId string, req *AddCustomCertificateRequest) error { + if pullZoneId == "" { + return fmt.Errorf("sdkerr: unset pullZoneId") + } + + httpreq, err := c.newRequest(http.MethodPost, fmt.Sprintf("/pullzone/%s/addCertificate", url.PathEscape(pullZoneId))) + if err != nil { + return err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + if _, err := c.doRequest(httpreq); err != nil { + return err + } + + return nil +} diff --git a/pkg/sdk3rd/bunny/client.go b/pkg/sdk3rd/bunny/client.go new file mode 100644 index 00000000..4382164e --- /dev/null +++ b/pkg/sdk3rd/bunny/client.go @@ -0,0 +1,64 @@ +package bunny + +import ( + "fmt" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(apiToken string) (*Client, error) { + if apiToken == "" { + return nil, fmt.Errorf("sdkerr: unset apiToken") + } + + client := resty.New(). + SetBaseURL("https://api.bunny.net"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetHeader("AccessKey", apiToken) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} diff --git a/pkg/sdk3rd/cachefly/api_create_certificate.go b/pkg/sdk3rd/cachefly/api_create_certificate.go new file mode 100644 index 00000000..833141dc --- /dev/null +++ b/pkg/sdk3rd/cachefly/api_create_certificate.go @@ -0,0 +1,50 @@ +package cachefly + +import ( + "context" + "net/http" +) + +type CreateCertificateRequest struct { + Certificate *string `json:"certificate,omitempty"` + CertificateKey *string `json:"certificateKey,omitempty"` + Password *string `json:"password,omitempty"` +} + +type CreateCertificateResponse struct { + apiResponseBase + + Id string `json:"_id"` + SubjectCommonName string `json:"subjectCommonName"` + SubjectNames []string `json:"subjectNames"` + Expired bool `json:"expired"` + Expiring bool `json:"expiring"` + InUse bool `json:"inUse"` + Managed bool `json:"managed"` + Services []string `json:"services"` + Domains []string `json:"domains"` + NotBefore string `json:"notBefore"` + NotAfter string `json:"notAfter"` + CreatedAt string `json:"createdAt"` +} + +func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { + return c.CreateCertificateWithContext(context.Background(), req) +} + +func (c *Client) CreateCertificateWithContext(ctx context.Context, req *CreateCertificateRequest) (*CreateCertificateResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/certificates") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &CreateCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/cachefly/client.go b/pkg/sdk3rd/cachefly/client.go new file mode 100644 index 00000000..ecce8161 --- /dev/null +++ b/pkg/sdk3rd/cachefly/client.go @@ -0,0 +1,87 @@ +package cachefly + +import ( + "encoding/json" + "fmt" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(apiToken string) (*Client, error) { + if apiToken == "" { + return nil, fmt.Errorf("sdkerr: unset apiToken") + } + + client := resty.New(). + SetBaseURL("https://api.cachefly.com/api/2.5"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetHeader("X-CF-Authorization", "Bearer "+apiToken) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/cachefly/types.go b/pkg/sdk3rd/cachefly/types.go new file mode 100644 index 00000000..98b39dfa --- /dev/null +++ b/pkg/sdk3rd/cachefly/types.go @@ -0,0 +1,19 @@ +package cachefly + +type apiResponse interface { + GetMessage() string +} + +type apiResponseBase struct { + Message *string `json:"message,omitempty"` +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/pkg/sdk3rd/cdnfly/api_create_cert.go b/pkg/sdk3rd/cdnfly/api_create_cert.go new file mode 100644 index 00000000..3dcd9558 --- /dev/null +++ b/pkg/sdk3rd/cdnfly/api_create_cert.go @@ -0,0 +1,41 @@ +package cdnfly + +import ( + "context" + "net/http" +) + +type CreateCertRequest struct { + Name *string `json:"name,omitempty"` + Description *string `json:"des,omitempty"` + Type *string `json:"type,omitempty"` + Cert *string `json:"cert,omitempty"` + Key *string `json:"key,omitempty"` +} + +type CreateCertResponse struct { + apiResponseBase + + Data string `json:"data"` +} + +func (c *Client) CreateCert(req *CreateCertRequest) (*CreateCertResponse, error) { + return c.CreateCertWithContext(context.Background(), req) +} + +func (c *Client) CreateCertWithContext(ctx context.Context, req *CreateCertRequest) (*CreateCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/certs") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &CreateCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/cdnfly/api_get_site.go b/pkg/sdk3rd/cdnfly/api_get_site.go new file mode 100644 index 00000000..50d45d7c --- /dev/null +++ b/pkg/sdk3rd/cdnfly/api_get_site.go @@ -0,0 +1,43 @@ +package cdnfly + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type GetSiteResponse struct { + apiResponseBase + + Data *struct { + Id int64 `json:"id"` + Name string `json:"name"` + Domain string `json:"domain"` + HttpsListen string `json:"https_listen"` + } `json:"data,omitempty"` +} + +func (c *Client) GetSite(siteId string) (*GetSiteResponse, error) { + return c.GetSiteWithContext(context.Background(), siteId) +} + +func (c *Client) GetSiteWithContext(ctx context.Context, siteId string) (*GetSiteResponse, error) { + if siteId == "" { + return nil, fmt.Errorf("sdkerr: unset siteId") + } + + httpreq, err := c.newRequest(http.MethodGet, fmt.Sprintf("/sites/%s", url.PathEscape(siteId))) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &GetSiteResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/cdnfly/api_update_cert.go b/pkg/sdk3rd/cdnfly/api_update_cert.go new file mode 100644 index 00000000..9ad676ee --- /dev/null +++ b/pkg/sdk3rd/cdnfly/api_update_cert.go @@ -0,0 +1,46 @@ +package cdnfly + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type UpdateCertRequest struct { + Name *string `json:"name,omitempty"` + Description *string `json:"des,omitempty"` + Type *string `json:"type,omitempty"` + Cert *string `json:"cert,omitempty"` + Key *string `json:"key,omitempty"` + Enable *bool `json:"enable,omitempty"` +} + +type UpdateCertResponse struct { + apiResponseBase +} + +func (c *Client) UpdateCert(certId string, req *UpdateCertRequest) (*UpdateCertResponse, error) { + return c.UpdateCertWithContext(context.Background(), certId, req) +} + +func (c *Client) UpdateCertWithContext(ctx context.Context, certId string, req *UpdateCertRequest) (*UpdateCertResponse, error) { + if certId == "" { + return nil, fmt.Errorf("sdkerr: unset certId") + } + + httpreq, err := c.newRequest(http.MethodPut, fmt.Sprintf("/certs/%s", url.PathEscape(certId))) + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/cdnfly/api_update_site.go b/pkg/sdk3rd/cdnfly/api_update_site.go new file mode 100644 index 00000000..2a0ede20 --- /dev/null +++ b/pkg/sdk3rd/cdnfly/api_update_site.go @@ -0,0 +1,42 @@ +package cdnfly + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type UpdateSiteRequest struct { + HttpsListen *string `json:"https_listen,omitempty"` + Enable *bool `json:"enable,omitempty"` +} + +type UpdateSiteResponse struct { + apiResponseBase +} + +func (c *Client) UpdateSite(siteId string, req *UpdateSiteRequest) (*UpdateSiteResponse, error) { + return c.UpdateSiteWithContext(context.Background(), siteId, req) +} + +func (c *Client) UpdateSiteWithContext(ctx context.Context, siteId string, req *UpdateSiteRequest) (*UpdateSiteResponse, error) { + if siteId == "" { + return nil, fmt.Errorf("sdkerr: unset siteId") + } + + httpreq, err := c.newRequest(http.MethodPut, fmt.Sprintf("/sites/%s", url.PathEscape(siteId))) + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateSiteResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/cdnfly/client.go b/pkg/sdk3rd/cdnfly/client.go new file mode 100644 index 00000000..7bd98613 --- /dev/null +++ b/pkg/sdk3rd/cdnfly/client.go @@ -0,0 +1,109 @@ +package cdnfly + +import ( + "crypto/tls" + "encoding/json" + "fmt" + "net/url" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(serverUrl, apiKey, apiSecret string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiKey == "" { + return nil, fmt.Errorf("sdkerr: unset apiKey") + } + if apiSecret == "" { + return nil, fmt.Errorf("sdkerr: unset apiSecret") + } + + client := resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")+"/v1"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetHeader("API-Key", apiKey). + SetHeader("API-Secret", apiSecret) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != "" && tcode != "0" { + return resp, fmt.Errorf("sdkerr: code='%s', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/cdnfly/types.go b/pkg/sdk3rd/cdnfly/types.go new file mode 100644 index 00000000..fff2c271 --- /dev/null +++ b/pkg/sdk3rd/cdnfly/types.go @@ -0,0 +1,46 @@ +package cdnfly + +import ( + "bytes" + "encoding/json" + "strconv" +) + +type apiResponse interface { + GetCode() string + GetMessage() string +} + +type apiResponseBase struct { + Code json.RawMessage `json:"code"` + Message string `json:"msg"` +} + +func (r *apiResponseBase) GetCode() string { + if r.Code == nil { + return "" + } + + decoder := json.NewDecoder(bytes.NewReader(r.Code)) + token, err := decoder.Token() + if err != nil { + return "" + } + + switch t := token.(type) { + case string: + return t + case float64: + return strconv.FormatFloat(t, 'f', -1, 64) + case json.Number: + return t.String() + default: + return "" + } +} + +func (r *apiResponseBase) GetMessage() string { + return r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/internal/pkg/sdk3rd/cmcc/README.md b/pkg/sdk3rd/cmcc/README.md similarity index 100% rename from internal/pkg/sdk3rd/cmcc/README.md rename to pkg/sdk3rd/cmcc/README.md diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/client.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/client.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/client.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/client.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/go.mod b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/go.mod similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/go.mod rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/go.mod diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_request.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response_tags.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response_tags.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response_tags.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response_tags.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_request.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response_tags.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response_tags.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response_tags.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response_tags.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_request.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_response.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_response_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_response_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_response_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_response_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_request.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_response.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_response_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_response_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_response_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_response_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_query.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_query.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_query.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_query.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_request.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_data.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_data.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_data.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_data.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_tags.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_tags.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_tags.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_tags.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_query.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_query.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_query.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_query.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_request.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response_results.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response_results.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response_results.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response_results.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_request.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response_tags.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response_tags.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response_tags.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response_tags.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_request.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_response.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_response_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_response_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_response_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_response_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/api_client.go b/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/api_client.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/api_client.go rename to pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/api_client.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/api_response.go b/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/api_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/api_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/api_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/config/config.go b/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/config/config.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/config/config.go rename to pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/config/config.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/configuration.go b/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/configuration.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/configuration.go rename to pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/configuration.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/go.mod b/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/go.mod similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/go.mod rename to pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/go.mod diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/http_request.go b/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/http_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/http_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/http_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/open_api_request.go b/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/open_api_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/open_api_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/open_api_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/position/http_position.go b/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/position/http_position.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/position/http_position.go rename to pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/position/http_position.go diff --git a/internal/pkg/sdk3rd/ctyun/ao/api_create_cert.go b/pkg/sdk3rd/ctyun/ao/api_create_cert.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/ao/api_create_cert.go rename to pkg/sdk3rd/ctyun/ao/api_create_cert.go index 1a9ac21e..eecc7267 100644 --- a/internal/pkg/sdk3rd/ctyun/ao/api_create_cert.go +++ b/pkg/sdk3rd/ctyun/ao/api_create_cert.go @@ -12,7 +12,7 @@ type CreateCertRequest struct { } type CreateCertResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Id int64 `json:"id"` diff --git a/internal/pkg/sdk3rd/ctyun/ao/api_get_domain_config.go b/pkg/sdk3rd/ctyun/ao/api_get_domain_config.go similarity index 88% rename from internal/pkg/sdk3rd/ctyun/ao/api_get_domain_config.go rename to pkg/sdk3rd/ctyun/ao/api_get_domain_config.go index c7b639f4..01c007ab 100644 --- a/internal/pkg/sdk3rd/ctyun/ao/api_get_domain_config.go +++ b/pkg/sdk3rd/ctyun/ao/api_get_domain_config.go @@ -11,7 +11,7 @@ type GetDomainConfigRequest struct { } type GetDomainConfigResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Domain string `json:"domain"` @@ -35,13 +35,7 @@ func (c *Client) GetDomainConfigWithContext(ctx context.Context, req *GetDomainC if err != nil { return nil, err } else { - if req.Domain != nil { - httpreq.SetQueryParam("domain", *req.Domain) - } - if req.ProductCode != nil { - httpreq.SetQueryParam("product_code", *req.ProductCode) - } - + httpreq.SetBody(req) httpreq.SetContext(ctx) } diff --git a/internal/pkg/sdk3rd/ctyun/ao/api_list_certs.go b/pkg/sdk3rd/ctyun/ao/api_list_certs.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/ao/api_list_certs.go rename to pkg/sdk3rd/ctyun/ao/api_list_certs.go index 70ba7036..a77cd377 100644 --- a/internal/pkg/sdk3rd/ctyun/ao/api_list_certs.go +++ b/pkg/sdk3rd/ctyun/ao/api_list_certs.go @@ -13,7 +13,7 @@ type ListCertsRequest struct { } type ListCertsResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Results []*CertRecord `json:"result,omitempty"` diff --git a/internal/pkg/sdk3rd/ctyun/ao/api_modify_domain_config.go b/pkg/sdk3rd/ctyun/ao/api_modify_domain_config.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/ao/api_modify_domain_config.go rename to pkg/sdk3rd/ctyun/ao/api_modify_domain_config.go index f28b3dc9..ef407e99 100644 --- a/internal/pkg/sdk3rd/ctyun/ao/api_modify_domain_config.go +++ b/pkg/sdk3rd/ctyun/ao/api_modify_domain_config.go @@ -15,7 +15,7 @@ type ModifyDomainConfigRequest struct { } type ModifyDomainConfigResponse struct { - baseResult + apiResponseBase } func (c *Client) ModifyDomainConfig(req *ModifyDomainConfigRequest) (*ModifyDomainConfigResponse, error) { diff --git a/internal/pkg/sdk3rd/ctyun/ao/api_query_cert.go b/pkg/sdk3rd/ctyun/ao/api_query_cert.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/ao/api_query_cert.go rename to pkg/sdk3rd/ctyun/ao/api_query_cert.go index 9ec2d740..3493cdbe 100644 --- a/internal/pkg/sdk3rd/ctyun/ao/api_query_cert.go +++ b/pkg/sdk3rd/ctyun/ao/api_query_cert.go @@ -13,7 +13,7 @@ type QueryCertRequest struct { } type QueryCertResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Result *CertDetail `json:"result,omitempty"` diff --git a/internal/pkg/sdk3rd/ctyun/ao/client.go b/pkg/sdk3rd/ctyun/ao/client.go similarity index 50% rename from internal/pkg/sdk3rd/ctyun/ao/client.go rename to pkg/sdk3rd/ctyun/ao/client.go index dbf20321..6e63e531 100644 --- a/internal/pkg/sdk3rd/ctyun/ao/client.go +++ b/pkg/sdk3rd/ctyun/ao/client.go @@ -4,8 +4,8 @@ import ( "fmt" "time" + "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/openapi" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/openapi" ) const endpoint = "https://accessone-global.ctapi.ctyun.cn" @@ -32,18 +32,17 @@ func (c *Client) newRequest(method string, path string) (*resty.Request, error) return c.client.NewRequest(method, path) } -func (c *Client) doRequest(request *resty.Request) (*resty.Response, error) { - return c.client.DoRequest(request) +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) } -func (c *Client) doRequestWithResult(request *resty.Request, result baseResultInterface) (*resty.Response, error) { - response, err := c.client.DoRequestWithResult(request, result) +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + resp, err := c.client.DoRequestWithResult(req, res) if err == nil { - statusCode := result.GetStatusCode() - if statusCode != "" && statusCode != "100000" { - return response, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", statusCode, result.GetMessage(), result.GetMessage(), result.GetErrorMessage()) + if tcode := res.GetStatusCode(); tcode != "" && tcode != "100000" { + return resp, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", tcode, res.GetMessage(), res.GetMessage(), res.GetErrorMessage()) } } - return response, err + return resp, err } diff --git a/internal/pkg/sdk3rd/ctyun/ao/types.go b/pkg/sdk3rd/ctyun/ao/types.go similarity index 85% rename from internal/pkg/sdk3rd/ctyun/ao/types.go rename to pkg/sdk3rd/ctyun/ao/types.go index ba5582b3..c706afd9 100644 --- a/internal/pkg/sdk3rd/ctyun/ao/types.go +++ b/pkg/sdk3rd/ctyun/ao/types.go @@ -6,14 +6,14 @@ import ( "strconv" ) -type baseResultInterface interface { +type apiResponse interface { GetStatusCode() string GetMessage() string GetError() string GetErrorMessage() string } -type baseResult struct { +type apiResponseBase struct { StatusCode json.RawMessage `json:"statusCode,omitempty"` Message *string `json:"message,omitempty"` Error *string `json:"error,omitempty"` @@ -21,7 +21,7 @@ type baseResult struct { RequestId *string `json:"requestId,omitempty"` } -func (r *baseResult) GetStatusCode() string { +func (r *apiResponseBase) GetStatusCode() string { if r.StatusCode == nil { return "" } @@ -44,7 +44,7 @@ func (r *baseResult) GetStatusCode() string { } } -func (r *baseResult) GetMessage() string { +func (r *apiResponseBase) GetMessage() string { if r.Message == nil { return "" } @@ -52,7 +52,7 @@ func (r *baseResult) GetMessage() string { return *r.Message } -func (r *baseResult) GetError() string { +func (r *apiResponseBase) GetError() string { if r.Error == nil { return "" } @@ -60,7 +60,7 @@ func (r *baseResult) GetError() string { return *r.Error } -func (r *baseResult) GetErrorMessage() string { +func (r *apiResponseBase) GetErrorMessage() string { if r.ErrorMessage == nil { return "" } @@ -68,7 +68,7 @@ func (r *baseResult) GetErrorMessage() string { return *r.ErrorMessage } -var _ baseResultInterface = (*baseResult)(nil) +var _ apiResponse = (*apiResponseBase)(nil) type CertRecord struct { Id int64 `json:"id"` diff --git a/internal/pkg/sdk3rd/ctyun/cdn/api_create_cert.go b/pkg/sdk3rd/ctyun/cdn/api_create_cert.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/cdn/api_create_cert.go rename to pkg/sdk3rd/ctyun/cdn/api_create_cert.go index 9445035b..33d45892 100644 --- a/internal/pkg/sdk3rd/ctyun/cdn/api_create_cert.go +++ b/pkg/sdk3rd/ctyun/cdn/api_create_cert.go @@ -12,7 +12,7 @@ type CreateCertRequest struct { } type CreateCertResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Id int64 `json:"id"` diff --git a/internal/pkg/sdk3rd/ctyun/cdn/api_query_cert_detail.go b/pkg/sdk3rd/ctyun/cdn/api_query_cert_detail.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/cdn/api_query_cert_detail.go rename to pkg/sdk3rd/ctyun/cdn/api_query_cert_detail.go index 12501f29..a2998ea4 100644 --- a/internal/pkg/sdk3rd/ctyun/cdn/api_query_cert_detail.go +++ b/pkg/sdk3rd/ctyun/cdn/api_query_cert_detail.go @@ -13,7 +13,7 @@ type QueryCertDetailRequest struct { } type QueryCertDetailResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Result *CertDetail `json:"result,omitempty"` diff --git a/internal/pkg/sdk3rd/ctyun/cdn/api_query_cert_list.go b/pkg/sdk3rd/ctyun/cdn/api_query_cert_list.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/cdn/api_query_cert_list.go rename to pkg/sdk3rd/ctyun/cdn/api_query_cert_list.go index 0f134594..3c09696d 100644 --- a/internal/pkg/sdk3rd/ctyun/cdn/api_query_cert_list.go +++ b/pkg/sdk3rd/ctyun/cdn/api_query_cert_list.go @@ -13,7 +13,7 @@ type QueryCertListRequest struct { } type QueryCertListResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Results []*CertRecord `json:"result,omitempty"` diff --git a/internal/pkg/sdk3rd/ctyun/cdn/api_query_domain_detail.go b/pkg/sdk3rd/ctyun/cdn/api_query_domain_detail.go similarity index 99% rename from internal/pkg/sdk3rd/ctyun/cdn/api_query_domain_detail.go rename to pkg/sdk3rd/ctyun/cdn/api_query_domain_detail.go index 9a29b4f2..f66cc44a 100644 --- a/internal/pkg/sdk3rd/ctyun/cdn/api_query_domain_detail.go +++ b/pkg/sdk3rd/ctyun/cdn/api_query_domain_detail.go @@ -12,7 +12,7 @@ type QueryDomainDetailRequest struct { } type QueryDomainDetailResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Domain string `json:"domain"` diff --git a/internal/pkg/sdk3rd/ctyun/cdn/api_update_domain.go b/pkg/sdk3rd/ctyun/cdn/api_update_domain.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/cdn/api_update_domain.go rename to pkg/sdk3rd/ctyun/cdn/api_update_domain.go index 65dd918c..5b90721e 100644 --- a/internal/pkg/sdk3rd/ctyun/cdn/api_update_domain.go +++ b/pkg/sdk3rd/ctyun/cdn/api_update_domain.go @@ -12,7 +12,7 @@ type UpdateDomainRequest struct { } type UpdateDomainResponse struct { - baseResult + apiResponseBase } func (c *Client) UpdateDomain(req *UpdateDomainRequest) (*UpdateDomainResponse, error) { diff --git a/pkg/sdk3rd/ctyun/cdn/client.go b/pkg/sdk3rd/ctyun/cdn/client.go new file mode 100644 index 00000000..af147095 --- /dev/null +++ b/pkg/sdk3rd/ctyun/cdn/client.go @@ -0,0 +1,48 @@ +package cdn + +import ( + "fmt" + "time" + + "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/openapi" + "github.com/go-resty/resty/v2" +) + +const endpoint = "https://ctcdn-global.ctapi.ctyun.cn" + +type Client struct { + client *openapi.Client +} + +func NewClient(accessKeyId, secretAccessKey string) (*Client, error) { + client, err := openapi.NewClient(endpoint, accessKeyId, secretAccessKey) + if err != nil { + return nil, err + } + + return &Client{client: client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + return c.client.NewRequest(method, path) +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + resp, err := c.client.DoRequestWithResult(req, res) + if err == nil { + if tcode := res.GetStatusCode(); tcode != "" && tcode != "100000" { + return resp, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", tcode, res.GetMessage(), res.GetMessage(), res.GetErrorMessage()) + } + } + + return resp, err +} diff --git a/internal/pkg/sdk3rd/ctyun/cdn/types.go b/pkg/sdk3rd/ctyun/cdn/types.go similarity index 83% rename from internal/pkg/sdk3rd/ctyun/cdn/types.go rename to pkg/sdk3rd/ctyun/cdn/types.go index 96c97ce1..32054a0c 100644 --- a/internal/pkg/sdk3rd/ctyun/cdn/types.go +++ b/pkg/sdk3rd/ctyun/cdn/types.go @@ -6,14 +6,14 @@ import ( "strconv" ) -type baseResultInterface interface { +type apiResponse interface { GetStatusCode() string GetMessage() string GetError() string GetErrorMessage() string } -type baseResult struct { +type apiResponseBase struct { StatusCode json.RawMessage `json:"statusCode,omitempty"` Message *string `json:"message,omitempty"` Error *string `json:"error,omitempty"` @@ -21,7 +21,7 @@ type baseResult struct { RequestId *string `json:"requestId,omitempty"` } -func (r *baseResult) GetStatusCode() string { +func (r *apiResponseBase) GetStatusCode() string { if r.StatusCode == nil { return "" } @@ -44,7 +44,7 @@ func (r *baseResult) GetStatusCode() string { } } -func (r *baseResult) GetMessage() string { +func (r *apiResponseBase) GetMessage() string { if r.Message == nil { return "" } @@ -52,7 +52,7 @@ func (r *baseResult) GetMessage() string { return *r.Message } -func (r *baseResult) GetError() string { +func (r *apiResponseBase) GetError() string { if r.Error == nil { return "" } @@ -60,7 +60,7 @@ func (r *baseResult) GetError() string { return *r.Error } -func (r *baseResult) GetErrorMessage() string { +func (r *apiResponseBase) GetErrorMessage() string { if r.ErrorMessage == nil { return "" } @@ -68,7 +68,7 @@ func (r *baseResult) GetErrorMessage() string { return *r.ErrorMessage } -var _ baseResultInterface = (*baseResult)(nil) +var _ apiResponse = (*apiResponseBase)(nil) type CertRecord struct { Id int64 `json:"id"` diff --git a/internal/pkg/sdk3rd/ctyun/cms/api_get_certificate_list.go b/pkg/sdk3rd/ctyun/cms/api_get_certificate_list.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/cms/api_get_certificate_list.go rename to pkg/sdk3rd/ctyun/cms/api_get_certificate_list.go index f410921f..a5de5a60 100644 --- a/internal/pkg/sdk3rd/ctyun/cms/api_get_certificate_list.go +++ b/pkg/sdk3rd/ctyun/cms/api_get_certificate_list.go @@ -14,7 +14,7 @@ type GetCertificateListRequest struct { } type GetCertificateListResponse struct { - baseResult + apiResponseBase ReturnObj *struct { List []*CertificateRecord `json:"list,omitempty"` diff --git a/internal/pkg/sdk3rd/ctyun/cms/api_upload_certificate.go b/pkg/sdk3rd/ctyun/cms/api_upload_certificate.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/cms/api_upload_certificate.go rename to pkg/sdk3rd/ctyun/cms/api_upload_certificate.go index 8044aa40..ed02a357 100644 --- a/internal/pkg/sdk3rd/ctyun/cms/api_upload_certificate.go +++ b/pkg/sdk3rd/ctyun/cms/api_upload_certificate.go @@ -16,7 +16,7 @@ type UploadCertificateRequest struct { } type UploadCertificateResponse struct { - baseResult + apiResponseBase } func (c *Client) UploadCertificate(req *UploadCertificateRequest) (*UploadCertificateResponse, error) { diff --git a/internal/pkg/sdk3rd/ctyun/cms/client.go b/pkg/sdk3rd/ctyun/cms/client.go similarity index 52% rename from internal/pkg/sdk3rd/ctyun/cms/client.go rename to pkg/sdk3rd/ctyun/cms/client.go index ac94d1b6..d648c09c 100644 --- a/internal/pkg/sdk3rd/ctyun/cms/client.go +++ b/pkg/sdk3rd/ctyun/cms/client.go @@ -4,8 +4,8 @@ import ( "fmt" "time" + "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/openapi" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/openapi" ) const endpoint = "https://ccms-global.ctapi.ctyun.cn" @@ -32,19 +32,19 @@ func (c *Client) newRequest(method string, path string) (*resty.Request, error) return c.client.NewRequest(method, path) } -func (c *Client) doRequest(request *resty.Request) (*resty.Response, error) { - return c.client.DoRequest(request) +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) } -func (c *Client) doRequestWithResult(request *resty.Request, result baseResultInterface) (*resty.Response, error) { - response, err := c.client.DoRequestWithResult(request, result) +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + resp, err := c.client.DoRequestWithResult(req, res) if err == nil { - statusCode := result.GetStatusCode() - errorCode := result.GetError() + statusCode := res.GetStatusCode() + errorCode := res.GetError() if (statusCode != "" && statusCode != "200") || errorCode != "" { - return response, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", statusCode, result.GetMessage(), result.GetMessage(), result.GetErrorMessage()) + return resp, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", statusCode, res.GetMessage(), res.GetMessage(), res.GetErrorMessage()) } } - return response, err + return resp, err } diff --git a/internal/pkg/sdk3rd/ctyun/cms/types.go b/pkg/sdk3rd/ctyun/cms/types.go similarity index 86% rename from internal/pkg/sdk3rd/ctyun/cms/types.go rename to pkg/sdk3rd/ctyun/cms/types.go index b5b0b4d7..04a8c458 100644 --- a/internal/pkg/sdk3rd/ctyun/cms/types.go +++ b/pkg/sdk3rd/ctyun/cms/types.go @@ -6,14 +6,14 @@ import ( "strconv" ) -type baseResultInterface interface { +type apiResponse interface { GetStatusCode() string GetMessage() string GetError() string GetErrorMessage() string } -type baseResult struct { +type apiResponseBase struct { StatusCode json.RawMessage `json:"statusCode,omitempty"` Message *string `json:"message,omitempty"` Error *string `json:"error,omitempty"` @@ -21,7 +21,7 @@ type baseResult struct { RequestId *string `json:"requestId,omitempty"` } -func (r *baseResult) GetStatusCode() string { +func (r *apiResponseBase) GetStatusCode() string { if r.StatusCode == nil { return "" } @@ -44,7 +44,7 @@ func (r *baseResult) GetStatusCode() string { } } -func (r *baseResult) GetMessage() string { +func (r *apiResponseBase) GetMessage() string { if r.Message == nil { return "" } @@ -52,7 +52,7 @@ func (r *baseResult) GetMessage() string { return *r.Message } -func (r *baseResult) GetError() string { +func (r *apiResponseBase) GetError() string { if r.Error == nil { return "" } @@ -60,7 +60,7 @@ func (r *baseResult) GetError() string { return *r.Error } -func (r *baseResult) GetErrorMessage() string { +func (r *apiResponseBase) GetErrorMessage() string { if r.ErrorMessage == nil { return "" } @@ -68,7 +68,7 @@ func (r *baseResult) GetErrorMessage() string { return *r.ErrorMessage } -var _ baseResultInterface = (*baseResult)(nil) +var _ apiResponse = (*apiResponseBase)(nil) type CertificateRecord struct { Id string `json:"id"` diff --git a/internal/pkg/sdk3rd/ctyun/dns/api_add_record.go b/pkg/sdk3rd/ctyun/dns/api_add_record.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/dns/api_add_record.go rename to pkg/sdk3rd/ctyun/dns/api_add_record.go index 86227e5f..d2699dc3 100644 --- a/internal/pkg/sdk3rd/ctyun/dns/api_add_record.go +++ b/pkg/sdk3rd/ctyun/dns/api_add_record.go @@ -17,7 +17,7 @@ type AddRecordRequest struct { } type AddRecordResponse struct { - baseResult + apiResponseBase ReturnObj *struct { RecordId int32 `json:"recordId"` diff --git a/internal/pkg/sdk3rd/ctyun/dns/api_delete_record.go b/pkg/sdk3rd/ctyun/dns/api_delete_record.go similarity index 97% rename from internal/pkg/sdk3rd/ctyun/dns/api_delete_record.go rename to pkg/sdk3rd/ctyun/dns/api_delete_record.go index ad35a349..8a6cf033 100644 --- a/internal/pkg/sdk3rd/ctyun/dns/api_delete_record.go +++ b/pkg/sdk3rd/ctyun/dns/api_delete_record.go @@ -10,7 +10,7 @@ type DeleteRecordRequest struct { } type DeleteRecordResponse struct { - baseResult + apiResponseBase } func (c *Client) DeleteRecord(req *DeleteRecordRequest) (*DeleteRecordResponse, error) { diff --git a/internal/pkg/sdk3rd/ctyun/dns/api_query_record_list.go b/pkg/sdk3rd/ctyun/dns/api_query_record_list.go similarity index 68% rename from internal/pkg/sdk3rd/ctyun/dns/api_query_record_list.go rename to pkg/sdk3rd/ctyun/dns/api_query_record_list.go index d94afcde..cac3a6e3 100644 --- a/internal/pkg/sdk3rd/ctyun/dns/api_query_record_list.go +++ b/pkg/sdk3rd/ctyun/dns/api_query_record_list.go @@ -3,6 +3,7 @@ package dns import ( "context" "net/http" + "strconv" ) type QueryRecordListRequest struct { @@ -15,7 +16,7 @@ type QueryRecordListRequest struct { } type QueryRecordListResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Records []*DnsRecord `json:"records,omitempty"` @@ -31,6 +32,25 @@ func (c *Client) QueryRecordListWithContext(ctx context.Context, req *QueryRecor if err != nil { return nil, err } else { + if req.Domain != nil { + httpreq.SetQueryParam("domain", *req.Domain) + } + if req.Host != nil { + httpreq.SetQueryParam("host", *req.Host) + } + if req.Type != nil { + httpreq.SetQueryParam("type", *req.Type) + } + if req.LineCode != nil { + httpreq.SetQueryParam("lineCode", *req.LineCode) + } + if req.Value != nil { + httpreq.SetQueryParam("value", *req.Value) + } + if req.State != nil { + httpreq.SetQueryParam("state", strconv.Itoa(int(*req.State))) + } + httpreq.SetBody(req) httpreq.SetContext(ctx) } diff --git a/internal/pkg/sdk3rd/ctyun/dns/api_update_record.go b/pkg/sdk3rd/ctyun/dns/api_update_record.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/dns/api_update_record.go rename to pkg/sdk3rd/ctyun/dns/api_update_record.go index e6dbdc7e..c84a0357 100644 --- a/internal/pkg/sdk3rd/ctyun/dns/api_update_record.go +++ b/pkg/sdk3rd/ctyun/dns/api_update_record.go @@ -18,7 +18,7 @@ type UpdateRecordRequest struct { } type UpdateRecordResponse struct { - baseResult + apiResponseBase ReturnObj *struct { RecordId int32 `json:"recordId"` diff --git a/internal/pkg/sdk3rd/ctyun/dns/client.go b/pkg/sdk3rd/ctyun/dns/client.go similarity index 53% rename from internal/pkg/sdk3rd/ctyun/dns/client.go rename to pkg/sdk3rd/ctyun/dns/client.go index 4e684bd8..def071b6 100644 --- a/internal/pkg/sdk3rd/ctyun/dns/client.go +++ b/pkg/sdk3rd/ctyun/dns/client.go @@ -4,8 +4,8 @@ import ( "fmt" "time" + "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/openapi" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/openapi" ) const endpoint = "https://smartdns-global.ctapi.ctyun.cn" @@ -32,19 +32,19 @@ func (c *Client) newRequest(method string, path string) (*resty.Request, error) return c.client.NewRequest(method, path) } -func (c *Client) doRequest(request *resty.Request) (*resty.Response, error) { - return c.client.DoRequest(request) +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) } -func (c *Client) doRequestWithResult(request *resty.Request, result baseResultInterface) (*resty.Response, error) { - response, err := c.client.DoRequestWithResult(request, result) +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + resp, err := c.client.DoRequestWithResult(req, res) if err == nil { - statusCode := result.GetStatusCode() - errorCode := result.GetError() + statusCode := res.GetStatusCode() + errorCode := res.GetError() if (statusCode != "" && statusCode != "200") || errorCode != "" { - return response, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", statusCode, result.GetMessage(), result.GetMessage(), result.GetErrorMessage()) + return resp, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", statusCode, res.GetMessage(), res.GetMessage(), res.GetErrorMessage()) } } - return response, err + return resp, err } diff --git a/internal/pkg/sdk3rd/ctyun/dns/types.go b/pkg/sdk3rd/ctyun/dns/types.go similarity index 80% rename from internal/pkg/sdk3rd/ctyun/dns/types.go rename to pkg/sdk3rd/ctyun/dns/types.go index 225f60d7..bd500938 100644 --- a/internal/pkg/sdk3rd/ctyun/dns/types.go +++ b/pkg/sdk3rd/ctyun/dns/types.go @@ -6,14 +6,14 @@ import ( "strconv" ) -type baseResultInterface interface { +type apiResponse interface { GetStatusCode() string GetMessage() string GetError() string GetErrorMessage() string } -type baseResult struct { +type apiResponseBase struct { StatusCode json.RawMessage `json:"statusCode,omitempty"` Message *string `json:"message,omitempty"` Error *string `json:"error,omitempty"` @@ -21,7 +21,7 @@ type baseResult struct { RequestId *string `json:"requestId,omitempty"` } -func (r *baseResult) GetStatusCode() string { +func (r *apiResponseBase) GetStatusCode() string { if r.StatusCode == nil { return "" } @@ -44,7 +44,7 @@ func (r *baseResult) GetStatusCode() string { } } -func (r *baseResult) GetMessage() string { +func (r *apiResponseBase) GetMessage() string { if r.Message == nil { return "" } @@ -52,7 +52,7 @@ func (r *baseResult) GetMessage() string { return *r.Message } -func (r *baseResult) GetError() string { +func (r *apiResponseBase) GetError() string { if r.Error == nil { return "" } @@ -60,7 +60,7 @@ func (r *baseResult) GetError() string { return *r.Error } -func (r *baseResult) GetErrorMessage() string { +func (r *apiResponseBase) GetErrorMessage() string { if r.ErrorMessage == nil { return "" } @@ -68,7 +68,7 @@ func (r *baseResult) GetErrorMessage() string { return *r.ErrorMessage } -var _ baseResultInterface = (*baseResult)(nil) +var _ apiResponse = (*apiResponseBase)(nil) type DnsRecord struct { RecordId int32 `json:"recordId"` diff --git a/internal/pkg/sdk3rd/ctyun/elb/api_create_certificate.go b/pkg/sdk3rd/ctyun/elb/api_create_certificate.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/elb/api_create_certificate.go rename to pkg/sdk3rd/ctyun/elb/api_create_certificate.go index af17cdb7..4ea78f7a 100644 --- a/internal/pkg/sdk3rd/ctyun/elb/api_create_certificate.go +++ b/pkg/sdk3rd/ctyun/elb/api_create_certificate.go @@ -16,7 +16,7 @@ type CreateCertificateRequest struct { } type CreateCertificateResponse struct { - baseResult + apiResponseBase ReturnObj *struct { ID string `json:"id"` diff --git a/internal/pkg/sdk3rd/ctyun/elb/api_list_certificates.go b/pkg/sdk3rd/ctyun/elb/api_list_certificates.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/elb/api_list_certificates.go rename to pkg/sdk3rd/ctyun/elb/api_list_certificates.go index 6ba1b5a7..e7256126 100644 --- a/internal/pkg/sdk3rd/ctyun/elb/api_list_certificates.go +++ b/pkg/sdk3rd/ctyun/elb/api_list_certificates.go @@ -14,7 +14,7 @@ type ListCertificatesRequest struct { } type ListCertificatesResponse struct { - baseResult + apiResponseBase ReturnObj []*CertificateRecord `json:"returnObj,omitempty"` } diff --git a/internal/pkg/sdk3rd/ctyun/elb/api_list_listeners.go b/pkg/sdk3rd/ctyun/elb/api_list_listeners.go similarity index 99% rename from internal/pkg/sdk3rd/ctyun/elb/api_list_listeners.go rename to pkg/sdk3rd/ctyun/elb/api_list_listeners.go index 404c4399..9de6b0ce 100644 --- a/internal/pkg/sdk3rd/ctyun/elb/api_list_listeners.go +++ b/pkg/sdk3rd/ctyun/elb/api_list_listeners.go @@ -16,7 +16,7 @@ type ListListenersRequest struct { } type ListListenersResponse struct { - baseResult + apiResponseBase ReturnObj []*ListenerRecord `json:"returnObj,omitempty"` } diff --git a/internal/pkg/sdk3rd/ctyun/elb/api_show_listener.go b/pkg/sdk3rd/ctyun/elb/api_show_listener.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/elb/api_show_listener.go rename to pkg/sdk3rd/ctyun/elb/api_show_listener.go index a57a8bea..2d1ad02f 100644 --- a/internal/pkg/sdk3rd/ctyun/elb/api_show_listener.go +++ b/pkg/sdk3rd/ctyun/elb/api_show_listener.go @@ -12,7 +12,7 @@ type ShowListenerRequest struct { } type ShowListenerResponse struct { - baseResult + apiResponseBase ReturnObj []*ListenerRecord `json:"returnObj,omitempty"` } diff --git a/internal/pkg/sdk3rd/ctyun/elb/api_update_listener.go b/pkg/sdk3rd/ctyun/elb/api_update_listener.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/elb/api_update_listener.go rename to pkg/sdk3rd/ctyun/elb/api_update_listener.go index 845d9100..8cb2f425 100644 --- a/internal/pkg/sdk3rd/ctyun/elb/api_update_listener.go +++ b/pkg/sdk3rd/ctyun/elb/api_update_listener.go @@ -17,7 +17,7 @@ type UpdateListenerRequest struct { } type UpdateListenerResponse struct { - baseResult + apiResponseBase ReturnObj []*ListenerRecord `json:"returnObj,omitempty"` } diff --git a/internal/pkg/sdk3rd/ctyun/elb/client.go b/pkg/sdk3rd/ctyun/elb/client.go similarity index 54% rename from internal/pkg/sdk3rd/ctyun/elb/client.go rename to pkg/sdk3rd/ctyun/elb/client.go index a71effa3..f7743318 100644 --- a/internal/pkg/sdk3rd/ctyun/elb/client.go +++ b/pkg/sdk3rd/ctyun/elb/client.go @@ -4,8 +4,8 @@ import ( "fmt" "time" + "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/openapi" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/sdk3rd/ctyun/openapi" ) const endpoint = "https://ctelb-global.ctapi.ctyun.cn" @@ -32,19 +32,19 @@ func (c *Client) newRequest(method string, path string) (*resty.Request, error) return c.client.NewRequest(method, path) } -func (c *Client) doRequest(request *resty.Request) (*resty.Response, error) { - return c.client.DoRequest(request) +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) } -func (c *Client) doRequestWithResult(request *resty.Request, result baseResultInterface) (*resty.Response, error) { - response, err := c.client.DoRequestWithResult(request, result) +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + resp, err := c.client.DoRequestWithResult(req, res) if err == nil { - statusCode := result.GetStatusCode() - errorCode := result.GetError() + statusCode := res.GetStatusCode() + errorCode := res.GetError() if (statusCode != "" && statusCode != "200" && statusCode != "800") || (errorCode != "" && errorCode != "SUCCESS") { - return response, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', description='%s'", statusCode, result.GetMessage(), result.GetMessage(), result.GetDescription()) + return resp, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', description='%s'", statusCode, res.GetMessage(), res.GetMessage(), res.GetDescription()) } } - return response, err + return resp, err } diff --git a/internal/pkg/sdk3rd/ctyun/elb/types.go b/pkg/sdk3rd/ctyun/elb/types.go similarity index 88% rename from internal/pkg/sdk3rd/ctyun/elb/types.go rename to pkg/sdk3rd/ctyun/elb/types.go index 4f2971b8..ed64d0fa 100644 --- a/internal/pkg/sdk3rd/ctyun/elb/types.go +++ b/pkg/sdk3rd/ctyun/elb/types.go @@ -6,14 +6,14 @@ import ( "strconv" ) -type baseResultInterface interface { +type apiResponse interface { GetStatusCode() string GetMessage() string GetError() string GetDescription() string } -type baseResult struct { +type apiResponseBase struct { StatusCode json.RawMessage `json:"statusCode,omitempty"` Message *string `json:"message,omitempty"` Error *string `json:"error,omitempty"` @@ -21,7 +21,7 @@ type baseResult struct { RequestId *string `json:"requestId,omitempty"` } -func (r *baseResult) GetStatusCode() string { +func (r *apiResponseBase) GetStatusCode() string { if r.StatusCode == nil { return "" } @@ -44,7 +44,7 @@ func (r *baseResult) GetStatusCode() string { } } -func (r *baseResult) GetMessage() string { +func (r *apiResponseBase) GetMessage() string { if r.Message == nil { return "" } @@ -52,7 +52,7 @@ func (r *baseResult) GetMessage() string { return *r.Message } -func (r *baseResult) GetError() string { +func (r *apiResponseBase) GetError() string { if r.Error == nil { return "" } @@ -60,7 +60,7 @@ func (r *baseResult) GetError() string { return *r.Error } -func (r *baseResult) GetDescription() string { +func (r *apiResponseBase) GetDescription() string { if r.Description == nil { return "" } @@ -68,7 +68,7 @@ func (r *baseResult) GetDescription() string { return *r.Description } -var _ baseResultInterface = (*baseResult)(nil) +var _ apiResponse = (*apiResponseBase)(nil) type CertificateRecord struct { ID string `json:"ID"` diff --git a/internal/pkg/sdk3rd/ctyun/icdn/api_create_cert.go b/pkg/sdk3rd/ctyun/icdn/api_create_cert.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/icdn/api_create_cert.go rename to pkg/sdk3rd/ctyun/icdn/api_create_cert.go index 93c09087..0261bb43 100644 --- a/internal/pkg/sdk3rd/ctyun/icdn/api_create_cert.go +++ b/pkg/sdk3rd/ctyun/icdn/api_create_cert.go @@ -12,7 +12,7 @@ type CreateCertRequest struct { } type CreateCertResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Id int64 `json:"id"` diff --git a/internal/pkg/sdk3rd/ctyun/icdn/api_query_cert_detail.go b/pkg/sdk3rd/ctyun/icdn/api_query_cert_detail.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/icdn/api_query_cert_detail.go rename to pkg/sdk3rd/ctyun/icdn/api_query_cert_detail.go index 2842d1f7..75beca46 100644 --- a/internal/pkg/sdk3rd/ctyun/icdn/api_query_cert_detail.go +++ b/pkg/sdk3rd/ctyun/icdn/api_query_cert_detail.go @@ -13,7 +13,7 @@ type QueryCertDetailRequest struct { } type QueryCertDetailResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Result *CertDetail `json:"result,omitempty"` diff --git a/internal/pkg/sdk3rd/ctyun/icdn/api_query_cert_list.go b/pkg/sdk3rd/ctyun/icdn/api_query_cert_list.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/icdn/api_query_cert_list.go rename to pkg/sdk3rd/ctyun/icdn/api_query_cert_list.go index a96ab7b1..806a77fe 100644 --- a/internal/pkg/sdk3rd/ctyun/icdn/api_query_cert_list.go +++ b/pkg/sdk3rd/ctyun/icdn/api_query_cert_list.go @@ -13,7 +13,7 @@ type QueryCertListRequest struct { } type QueryCertListResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Results []*CertRecord `json:"result,omitempty"` diff --git a/internal/pkg/sdk3rd/ctyun/icdn/api_query_domain_detail.go b/pkg/sdk3rd/ctyun/icdn/api_query_domain_detail.go similarity index 99% rename from internal/pkg/sdk3rd/ctyun/icdn/api_query_domain_detail.go rename to pkg/sdk3rd/ctyun/icdn/api_query_domain_detail.go index 2ecff27e..ace1bddb 100644 --- a/internal/pkg/sdk3rd/ctyun/icdn/api_query_domain_detail.go +++ b/pkg/sdk3rd/ctyun/icdn/api_query_domain_detail.go @@ -12,7 +12,7 @@ type QueryDomainDetailRequest struct { } type QueryDomainDetailResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Domain string `json:"domain"` diff --git a/internal/pkg/sdk3rd/ctyun/icdn/api_update_domain.go b/pkg/sdk3rd/ctyun/icdn/api_update_domain.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/icdn/api_update_domain.go rename to pkg/sdk3rd/ctyun/icdn/api_update_domain.go index 70d3b73a..d3e421c4 100644 --- a/internal/pkg/sdk3rd/ctyun/icdn/api_update_domain.go +++ b/pkg/sdk3rd/ctyun/icdn/api_update_domain.go @@ -12,7 +12,7 @@ type UpdateDomainRequest struct { } type UpdateDomainResponse struct { - baseResult + apiResponseBase } func (c *Client) UpdateDomain(req *UpdateDomainRequest) (*UpdateDomainResponse, error) { diff --git a/pkg/sdk3rd/ctyun/icdn/client.go b/pkg/sdk3rd/ctyun/icdn/client.go new file mode 100644 index 00000000..f8662904 --- /dev/null +++ b/pkg/sdk3rd/ctyun/icdn/client.go @@ -0,0 +1,48 @@ +package icdn + +import ( + "fmt" + "time" + + "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/openapi" + "github.com/go-resty/resty/v2" +) + +const endpoint = "https://icdn-global.ctapi.ctyun.cn" + +type Client struct { + client *openapi.Client +} + +func NewClient(accessKeyId, secretAccessKey string) (*Client, error) { + client, err := openapi.NewClient(endpoint, accessKeyId, secretAccessKey) + if err != nil { + return nil, err + } + + return &Client{client: client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + return c.client.NewRequest(method, path) +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + resp, err := c.client.DoRequestWithResult(req, res) + if err == nil { + if tcode := res.GetStatusCode(); tcode != "" && tcode != "100000" { + return resp, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", tcode, res.GetMessage(), res.GetMessage(), res.GetErrorMessage()) + } + } + + return resp, err +} diff --git a/internal/pkg/sdk3rd/ctyun/icdn/types.go b/pkg/sdk3rd/ctyun/icdn/types.go similarity index 83% rename from internal/pkg/sdk3rd/ctyun/icdn/types.go rename to pkg/sdk3rd/ctyun/icdn/types.go index 2b2f3d95..0d1e8fb6 100644 --- a/internal/pkg/sdk3rd/ctyun/icdn/types.go +++ b/pkg/sdk3rd/ctyun/icdn/types.go @@ -6,14 +6,14 @@ import ( "strconv" ) -type baseResultInterface interface { +type apiResponse interface { GetStatusCode() string GetMessage() string GetError() string GetErrorMessage() string } -type baseResult struct { +type apiResponseBase struct { StatusCode json.RawMessage `json:"statusCode,omitempty"` Message *string `json:"message,omitempty"` Error *string `json:"error,omitempty"` @@ -21,7 +21,7 @@ type baseResult struct { RequestId *string `json:"requestId,omitempty"` } -func (r *baseResult) GetStatusCode() string { +func (r *apiResponseBase) GetStatusCode() string { if r.StatusCode == nil { return "" } @@ -44,7 +44,7 @@ func (r *baseResult) GetStatusCode() string { } } -func (r *baseResult) GetMessage() string { +func (r *apiResponseBase) GetMessage() string { if r.Message == nil { return "" } @@ -52,7 +52,7 @@ func (r *baseResult) GetMessage() string { return *r.Message } -func (r *baseResult) GetError() string { +func (r *apiResponseBase) GetError() string { if r.Error == nil { return "" } @@ -60,7 +60,7 @@ func (r *baseResult) GetError() string { return *r.Error } -func (r *baseResult) GetErrorMessage() string { +func (r *apiResponseBase) GetErrorMessage() string { if r.ErrorMessage == nil { return "" } @@ -68,7 +68,7 @@ func (r *baseResult) GetErrorMessage() string { return *r.ErrorMessage } -var _ baseResultInterface = (*baseResult)(nil) +var _ apiResponse = (*apiResponseBase)(nil) type CertRecord struct { Id int64 `json:"id"` diff --git a/internal/pkg/sdk3rd/ctyun/lvdn/api_create_cert.go b/pkg/sdk3rd/ctyun/lvdn/api_create_cert.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/lvdn/api_create_cert.go rename to pkg/sdk3rd/ctyun/lvdn/api_create_cert.go index c0188d3d..b10e4011 100644 --- a/internal/pkg/sdk3rd/ctyun/lvdn/api_create_cert.go +++ b/pkg/sdk3rd/ctyun/lvdn/api_create_cert.go @@ -12,7 +12,7 @@ type CreateCertRequest struct { } type CreateCertResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Id int64 `json:"id"` diff --git a/internal/pkg/sdk3rd/ctyun/lvdn/api_query_cert_detail.go b/pkg/sdk3rd/ctyun/lvdn/api_query_cert_detail.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/lvdn/api_query_cert_detail.go rename to pkg/sdk3rd/ctyun/lvdn/api_query_cert_detail.go index cadcc6dc..f3427ad4 100644 --- a/internal/pkg/sdk3rd/ctyun/lvdn/api_query_cert_detail.go +++ b/pkg/sdk3rd/ctyun/lvdn/api_query_cert_detail.go @@ -13,7 +13,7 @@ type QueryCertDetailRequest struct { } type QueryCertDetailResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Result *CertDetail `json:"result,omitempty"` diff --git a/internal/pkg/sdk3rd/ctyun/lvdn/api_query_cert_list.go b/pkg/sdk3rd/ctyun/lvdn/api_query_cert_list.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/lvdn/api_query_cert_list.go rename to pkg/sdk3rd/ctyun/lvdn/api_query_cert_list.go index d1a7b974..d7fb5ebd 100644 --- a/internal/pkg/sdk3rd/ctyun/lvdn/api_query_cert_list.go +++ b/pkg/sdk3rd/ctyun/lvdn/api_query_cert_list.go @@ -13,7 +13,7 @@ type QueryCertListRequest struct { } type QueryCertListResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Results []*CertRecord `json:"result,omitempty"` diff --git a/internal/pkg/sdk3rd/ctyun/lvdn/api_query_domain_detail.go b/pkg/sdk3rd/ctyun/lvdn/api_query_domain_detail.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/lvdn/api_query_domain_detail.go rename to pkg/sdk3rd/ctyun/lvdn/api_query_domain_detail.go index 29e5f08f..fde83efb 100644 --- a/internal/pkg/sdk3rd/ctyun/lvdn/api_query_domain_detail.go +++ b/pkg/sdk3rd/ctyun/lvdn/api_query_domain_detail.go @@ -11,7 +11,7 @@ type QueryDomainDetailRequest struct { } type QueryDomainDetailResponse struct { - baseResult + apiResponseBase ReturnObj *struct { Domain string `json:"domain"` diff --git a/internal/pkg/sdk3rd/ctyun/lvdn/api_update_domain.go b/pkg/sdk3rd/ctyun/lvdn/api_update_domain.go similarity index 98% rename from internal/pkg/sdk3rd/ctyun/lvdn/api_update_domain.go rename to pkg/sdk3rd/ctyun/lvdn/api_update_domain.go index d5f90306..0a0f2ef2 100644 --- a/internal/pkg/sdk3rd/ctyun/lvdn/api_update_domain.go +++ b/pkg/sdk3rd/ctyun/lvdn/api_update_domain.go @@ -13,7 +13,7 @@ type UpdateDomainRequest struct { } type UpdateDomainResponse struct { - baseResult + apiResponseBase } func (c *Client) UpdateDomain(req *UpdateDomainRequest) (*UpdateDomainResponse, error) { diff --git a/pkg/sdk3rd/ctyun/lvdn/client.go b/pkg/sdk3rd/ctyun/lvdn/client.go new file mode 100644 index 00000000..160e58d8 --- /dev/null +++ b/pkg/sdk3rd/ctyun/lvdn/client.go @@ -0,0 +1,48 @@ +package lvdn + +import ( + "fmt" + "time" + + "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/openapi" + "github.com/go-resty/resty/v2" +) + +const endpoint = "https://ctlvdn-global.ctapi.ctyun.cn" + +type Client struct { + client *openapi.Client +} + +func NewClient(accessKeyId, secretAccessKey string) (*Client, error) { + client, err := openapi.NewClient(endpoint, accessKeyId, secretAccessKey) + if err != nil { + return nil, err + } + + return &Client{client: client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + return c.client.NewRequest(method, path) +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + resp, err := c.client.DoRequestWithResult(req, res) + if err == nil { + if tcode := res.GetStatusCode(); tcode != "" && tcode != "100000" { + return resp, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", tcode, res.GetMessage(), res.GetMessage(), res.GetErrorMessage()) + } + } + + return resp, err +} diff --git a/internal/pkg/sdk3rd/ctyun/lvdn/types.go b/pkg/sdk3rd/ctyun/lvdn/types.go similarity index 83% rename from internal/pkg/sdk3rd/ctyun/lvdn/types.go rename to pkg/sdk3rd/ctyun/lvdn/types.go index 2ddc5369..838fc38f 100644 --- a/internal/pkg/sdk3rd/ctyun/lvdn/types.go +++ b/pkg/sdk3rd/ctyun/lvdn/types.go @@ -6,14 +6,14 @@ import ( "strconv" ) -type baseResultInterface interface { +type apiResponse interface { GetStatusCode() string GetMessage() string GetError() string GetErrorMessage() string } -type baseResult struct { +type apiResponseBase struct { StatusCode json.RawMessage `json:"statusCode,omitempty"` Message *string `json:"message,omitempty"` Error *string `json:"error,omitempty"` @@ -21,7 +21,7 @@ type baseResult struct { RequestId *string `json:"requestId,omitempty"` } -func (r *baseResult) GetStatusCode() string { +func (r *apiResponseBase) GetStatusCode() string { if r.StatusCode == nil { return "" } @@ -44,7 +44,7 @@ func (r *baseResult) GetStatusCode() string { } } -func (r *baseResult) GetMessage() string { +func (r *apiResponseBase) GetMessage() string { if r.Message == nil { return "" } @@ -52,7 +52,7 @@ func (r *baseResult) GetMessage() string { return *r.Message } -func (r *baseResult) GetError() string { +func (r *apiResponseBase) GetError() string { if r.Error == nil { return "" } @@ -60,7 +60,7 @@ func (r *baseResult) GetError() string { return *r.Error } -func (r *baseResult) GetErrorMessage() string { +func (r *apiResponseBase) GetErrorMessage() string { if r.ErrorMessage == nil { return "" } @@ -68,7 +68,7 @@ func (r *baseResult) GetErrorMessage() string { return *r.ErrorMessage } -var _ baseResultInterface = (*baseResult)(nil) +var _ apiResponse = (*apiResponseBase)(nil) type CertRecord struct { Id int64 `json:"id"` diff --git a/internal/pkg/sdk3rd/ctyun/openapi/client.go b/pkg/sdk3rd/ctyun/openapi/client.go similarity index 80% rename from internal/pkg/sdk3rd/ctyun/openapi/client.go rename to pkg/sdk3rd/ctyun/openapi/client.go index ad790dc5..62a733d0 100644 --- a/internal/pkg/sdk3rd/ctyun/openapi/client.go +++ b/pkg/sdk3rd/ctyun/openapi/client.go @@ -28,10 +28,10 @@ func NewClient(endpoint, accessKeyId, secretAccessKey string) (*Client, error) { return nil, fmt.Errorf("sdkerr: invalid endpoint: %w", err) } if accessKeyId == "" { - return nil, fmt.Errorf("sdkerr: unset accessKey") + return nil, fmt.Errorf("sdkerr: unset accessKeyId") } if secretAccessKey == "" { - return nil, fmt.Errorf("sdkerr: unset secretKey") + return nil, fmt.Errorf("sdkerr: unset secretAccessKey") } client := resty.New(). @@ -102,9 +102,7 @@ func NewClient(endpoint, accessKeyId, secretAccessKey string) (*Client, error) { return nil }) - return &Client{ - client: client, - }, nil + return &Client{client}, nil } func (c *Client) SetTimeout(timeout time.Duration) *Client { @@ -126,15 +124,15 @@ func (c *Client) NewRequest(method string, path string) (*resty.Request, error) return req, nil } -func (c *Client) DoRequest(request *resty.Request) (*resty.Response, error) { - if request == nil { +func (c *Client) DoRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { return nil, fmt.Errorf("sdkerr: nil request") } // WARN: - // PLEASE DO NOT USE `req.SetResult` or `req.SetError` here. + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. - resp, err := request.Send() + resp, err := req.Send() if err != nil { return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) } else if resp.IsError() { @@ -144,24 +142,24 @@ func (c *Client) DoRequest(request *resty.Request) (*resty.Response, error) { return resp, nil } -func (c *Client) DoRequestWithResult(request *resty.Request, result any) (*resty.Response, error) { - if request == nil { +func (c *Client) DoRequestWithResult(req *resty.Request, res any) (*resty.Response, error) { + if req == nil { return nil, fmt.Errorf("sdkerr: nil request") } - response, err := c.DoRequest(request) + resp, err := c.DoRequest(req) if err != nil { - if response != nil { - json.Unmarshal(response.Body(), &result) + if resp != nil { + json.Unmarshal(resp.Body(), &res) } - return response, err + return resp, err } - if len(response.Body()) != 0 { - if err := json.Unmarshal(response.Body(), &result); err != nil { - return response, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) } } - return response, nil + return resp, nil } diff --git a/pkg/sdk3rd/dcloud/unicloud/api_create_domain_with_cert.go b/pkg/sdk3rd/dcloud/unicloud/api_create_domain_with_cert.go new file mode 100644 index 00000000..63ba6710 --- /dev/null +++ b/pkg/sdk3rd/dcloud/unicloud/api_create_domain_with_cert.go @@ -0,0 +1,27 @@ +package unicloud + +import ( + "net/http" +) + +type CreateDomainWithCertRequest struct { + Provider string `json:"provider"` + SpaceId string `json:"spaceId"` + Domain string `json:"domain"` + Cert string `json:"cert"` + Key string `json:"key"` +} + +type CreateDomainWithCertResponse struct { + apiResponseBase +} + +func (c *Client) CreateDomainWithCert(req *CreateDomainWithCertRequest) (*CreateDomainWithCertResponse, error) { + if err := c.ensureApiUserTokenExists(); err != nil { + return nil, err + } + + resp := &CreateDomainWithCertResponse{} + err := c.sendRequestWithResult(http.MethodPost, "/host/create-domain-with-cert", req, resp) + return resp, err +} diff --git a/internal/pkg/sdk3rd/dcloud/unicloud/client.go b/pkg/sdk3rd/dcloud/unicloud/client.go similarity index 67% rename from internal/pkg/sdk3rd/dcloud/unicloud/client.go rename to pkg/sdk3rd/dcloud/unicloud/client.go index 8db4a792..11e48619 100644 --- a/internal/pkg/sdk3rd/dcloud/unicloud/client.go +++ b/pkg/sdk3rd/dcloud/unicloud/client.go @@ -7,6 +7,7 @@ import ( "encoding/json" "fmt" "net/http" + "regexp" "runtime" "sort" "strings" @@ -43,14 +44,26 @@ const ( uniConsoleSpaceId = "dc-6nfabcn6ada8d3dd" ) -func NewClient(username, password string) *Client { +func NewClient(username, password string) (*Client, error) { + if username == "" { + return nil, fmt.Errorf("sdkerr: unset username") + } + if password == "" { + return nil, fmt.Errorf("sdkerr: unset password") + } + client := &Client{ username: username, password: password, } - client.serverlessClient = resty.New() + client.serverlessClient = resty.New(). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate") client.apiClient = resty.New(). SetBaseURL("https://unicloud-api.dcloud.net.cn/unicloud/api"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). SetHeader("User-Agent", "certimate"). SetPreRequestHook(func(c *resty.Client, req *http.Request) error { if client.apiUserToken != "" { @@ -60,37 +73,14 @@ func NewClient(username, password string) *Client { return nil }) - return client + return client, nil } -func (c *Client) WithTimeout(timeout time.Duration) *Client { +func (c *Client) SetTimeout(timeout time.Duration) *Client { c.serverlessClient.SetTimeout(timeout) return c } -func (c *Client) generateSignature(params map[string]any, secret string) string { - keys := make([]string, 0, len(params)) - for k := range params { - keys = append(keys, k) - } - sort.Strings(keys) - - canonicalStr := "" - for i, k := range keys { - if i > 0 { - canonicalStr += "&" - } - canonicalStr += k + "=" + fmt.Sprintf("%v", params[k]) - } - - mac := hmac.New(md5.New, []byte(secret)) - mac.Write([]byte(canonicalStr)) - sign := mac.Sum(nil) - signHex := hex.EncodeToString(sign) - - return signHex -} - func (c *Client) buildServerlessClientInfo(appId string) (_clientInfo map[string]any, _err error) { return map[string]any{ "PLATFORM": "web", @@ -171,7 +161,7 @@ func (c *Client) invokeServerless(endpoint, clientSecret, appId, spaceId, target clientInfo, _ := c.buildServerlessClientInfo(appId) clientInfoJsonb, _ := json.Marshal(clientInfo) - sign := c.generateSignature(payload, clientSecret) + sign := generateSignature(payload, clientSecret) req := c.serverlessClient.R(). SetHeader("Content-Type", "application/json"). @@ -191,7 +181,7 @@ func (c *Client) invokeServerless(endpoint, clientSecret, appId, spaceId, target return resp, nil } -func (c *Client) invokeServerlessWithResult(endpoint, clientSecret, appId, spaceId, target, method, action string, params, data interface{}, result BaseResponse) error { +func (c *Client) invokeServerlessWithResult(endpoint, clientSecret, appId, spaceId, target, method, action string, params, data interface{}, result apiResponse) error { resp, err := c.invokeServerless(endpoint, clientSecret, appId, spaceId, target, method, action, params, data) if err != nil { if resp != nil { @@ -239,7 +229,7 @@ func (c *Client) sendRequest(method string, path string, params interface{}) (*r return resp, nil } -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { +func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result apiResponse) error { resp, err := c.sendRequest(method, path, params) if err != nil { if resp != nil { @@ -256,3 +246,113 @@ func (c *Client) sendRequestWithResult(method string, path string, params interf return nil } + +func (c *Client) ensureServerlessJwtTokenExists() error { + c.serverlessJwtTokenMtx.Lock() + defer c.serverlessJwtTokenMtx.Unlock() + if c.serverlessJwtToken != "" && c.serverlessJwtTokenExp.After(time.Now()) { + return nil + } + + params := map[string]string{ + "password": "password", + } + if regexp.MustCompile("^1\\d{10}$").MatchString(c.username) { + params["mobile"] = c.username + } else if regexp.MustCompile("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$").MatchString(c.username) { + params["email"] = c.username + } else { + params["username"] = c.username + } + + type loginResponse struct { + apiResponseBase + Data *struct { + Code int32 `json:"errCode"` + UID string `json:"uid"` + NewToken *struct { + Token string `json:"token"` + TokenExpired int64 `json:"tokenExpired"` + } `json:"newToken,omitempty"` + } `json:"data,omitempty"` + } + + resp := &loginResponse{} + if err := c.invokeServerlessWithResult( + uniIdentityEndpoint, uniIdentityClientSecret, uniIdentityAppId, uniIdentitySpaceId, + "uni-id-co", "login", "", params, nil, + resp); err != nil { + return err + } else if resp.Data == nil || resp.Data.NewToken == nil || resp.Data.NewToken.Token == "" { + return fmt.Errorf("unicloud api error: received empty token") + } + + c.serverlessJwtToken = resp.Data.NewToken.Token + c.serverlessJwtTokenExp = time.UnixMilli(resp.Data.NewToken.TokenExpired) + + return nil +} + +func (c *Client) ensureApiUserTokenExists() error { + if err := c.ensureServerlessJwtTokenExists(); err != nil { + return err + } + + c.apiUserTokenMtx.Lock() + defer c.apiUserTokenMtx.Unlock() + if c.apiUserToken != "" { + return nil + } + + type getUserTokenResponse struct { + apiResponseBase + Data *struct { + Code int32 `json:"code"` + Data *struct { + Result int32 `json:"ret"` + Description string `json:"desc"` + Data *struct { + Email string `json:"email"` + Token string `json:"token"` + } `json:"data,omitempty"` + } `json:"data,omitempty"` + } `json:"data,omitempty"` + } + + resp := &getUserTokenResponse{} + if err := c.invokeServerlessWithResult( + uniConsoleEndpoint, uniConsoleClientSecret, uniConsoleAppId, uniConsoleSpaceId, + "uni-cloud-kernel", "", "user/getUserToken", nil, map[string]any{"isLogin": true}, + resp); err != nil { + return err + } else if resp.Data == nil || resp.Data.Data == nil || resp.Data.Data.Data == nil || resp.Data.Data.Data.Token == "" { + return fmt.Errorf("unicloud api error: received empty user token") + } + + c.apiUserToken = resp.Data.Data.Data.Token + + return nil +} + +func generateSignature(params map[string]any, secret string) string { + keys := make([]string, 0, len(params)) + for k := range params { + keys = append(keys, k) + } + sort.Strings(keys) + + canonicalStr := "" + for i, k := range keys { + if i > 0 { + canonicalStr += "&" + } + canonicalStr += k + "=" + fmt.Sprintf("%v", params[k]) + } + + mac := hmac.New(md5.New, []byte(secret)) + mac.Write([]byte(canonicalStr)) + sign := mac.Sum(nil) + signHex := hex.EncodeToString(sign) + + return signHex +} diff --git a/pkg/sdk3rd/dcloud/unicloud/types.go b/pkg/sdk3rd/dcloud/unicloud/types.go new file mode 100644 index 00000000..7fb72267 --- /dev/null +++ b/pkg/sdk3rd/dcloud/unicloud/types.go @@ -0,0 +1,64 @@ +package unicloud + +type apiResponse interface { + GetSuccess() bool + GetErrorCode() string + GetErrorMessage() string + + GetReturnCode() int32 + GetReturnDesc() string +} + +type apiResponseBase struct { + Success *bool `json:"success,omitempty"` + Header *map[string]string `json:"header,omitempty"` + Error *struct { + Code string `json:"code"` + Message string `json:"message"` + } `json:"error,omitempty"` + + ReturnCode *int32 `json:"ret,omitempty"` + ReturnDesc *string `json:"desc,omitempty"` +} + +func (r *apiResponseBase) GetReturnCode() int32 { + if r.ReturnCode == nil { + return 0 + } + + return *r.ReturnCode +} + +func (r *apiResponseBase) GetReturnDesc() string { + if r.ReturnDesc == nil { + return "" + } + + return *r.ReturnDesc +} + +func (r *apiResponseBase) GetSuccess() bool { + if r.Success == nil { + return false + } + + return *r.Success +} + +func (r *apiResponseBase) GetErrorCode() string { + if r.Error == nil { + return "" + } + + return r.Error.Code +} + +func (r *apiResponseBase) GetErrorMessage() string { + if r.Error == nil { + return "" + } + + return r.Error.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/pkg/sdk3rd/dnsla/api_create_record.go b/pkg/sdk3rd/dnsla/api_create_record.go new file mode 100644 index 00000000..25d7f0d9 --- /dev/null +++ b/pkg/sdk3rd/dnsla/api_create_record.go @@ -0,0 +1,46 @@ +package dnsla + +import ( + "context" + "net/http" +) + +type CreateRecordRequest struct { + DomainId string `json:"domainId"` + GroupId *string `json:"groupId,omitempty"` + LineId *string `json:"lineId,omitempty"` + Type int32 `json:"type"` + Host string `json:"host"` + Data string `json:"data"` + Ttl int32 `json:"ttl"` + Weight *int32 `json:"weight,omitempty"` + Preference *int32 `json:"preference,omitempty"` +} + +type CreateRecordResponse struct { + apiResponseBase + Data *struct { + Id string `json:"id"` + } `json:"data,omitempty"` +} + +func (c *Client) CreateRecord(req *CreateRecordRequest) (*CreateRecordResponse, error) { + return c.CreateRecordWithContext(context.Background(), req) +} + +func (c *Client) CreateRecordWithContext(ctx context.Context, req *CreateRecordRequest) (*CreateRecordResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/record") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &CreateRecordResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/dnsla/api_delete_record.go b/pkg/sdk3rd/dnsla/api_delete_record.go new file mode 100644 index 00000000..97dcb5ff --- /dev/null +++ b/pkg/sdk3rd/dnsla/api_delete_record.go @@ -0,0 +1,36 @@ +package dnsla + +import ( + "context" + "fmt" + "net/http" +) + +type DeleteRecordResponse struct { + apiResponseBase +} + +func (c *Client) DeleteRecord(recordId string) (*DeleteRecordResponse, error) { + return c.DeleteRecordWithContext(context.Background(), recordId) +} + +func (c *Client) DeleteRecordWithContext(ctx context.Context, recordId string) (*DeleteRecordResponse, error) { + if recordId == "" { + return nil, fmt.Errorf("sdkerr: unset recordId") + } + + httpreq, err := c.newRequest(http.MethodDelete, "/record") + if err != nil { + return nil, err + } else { + httpreq.SetQueryParam("id", recordId) + httpreq.SetContext(ctx) + } + + result := &DeleteRecordResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/dnsla/api_list_domains.go b/pkg/sdk3rd/dnsla/api_list_domains.go new file mode 100644 index 00000000..d7972e98 --- /dev/null +++ b/pkg/sdk3rd/dnsla/api_list_domains.go @@ -0,0 +1,51 @@ +package dnsla + +import ( + "context" + "net/http" + "strconv" +) + +type ListDomainsRequest struct { + GroupId *string `json:"groupId,omitempty"` + PageIndex *int32 `json:"pageIndex,omitempty"` + PageSize *int32 `json:"pageSize,omitempty"` +} + +type ListDomainsResponse struct { + apiResponseBase + Data *struct { + Total int32 `json:"total"` + Results []*DomainRecord `json:"results"` + } `json:"data,omitempty"` +} + +func (c *Client) ListDomains(req *ListDomainsRequest) (*ListDomainsResponse, error) { + return c.ListDomainsWithContext(context.Background(), req) +} + +func (c *Client) ListDomainsWithContext(ctx context.Context, req *ListDomainsRequest) (*ListDomainsResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/domainList") + if err != nil { + return nil, err + } else { + if req.GroupId != nil { + httpreq.SetQueryParam("groupId", *req.GroupId) + } + if req.PageIndex != nil { + httpreq.SetQueryParam("pageIndex", strconv.Itoa(int(*req.PageIndex))) + } + if req.PageSize != nil { + httpreq.SetQueryParam("pageSize", strconv.Itoa(int(*req.PageSize))) + } + + httpreq.SetContext(ctx) + } + + result := &ListDomainsResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/dnsla/api_list_records.go b/pkg/sdk3rd/dnsla/api_list_records.go new file mode 100644 index 00000000..4e77cc2f --- /dev/null +++ b/pkg/sdk3rd/dnsla/api_list_records.go @@ -0,0 +1,71 @@ +package dnsla + +import ( + "context" + "net/http" + "strconv" +) + +type ListRecordsRequest struct { + DomainId *string `json:"domainId,omitempty"` + GroupId *string `json:"groupId,omitempty"` + LineId *string `json:"lineId,omitempty"` + Type *int32 `json:"type,omitempty"` + Host *string `json:"host,omitempty"` + Data *string `json:"data,omitempty"` + PageIndex *int32 `json:"pageIndex,omitempty"` + PageSize *int32 `json:"pageSize,omitempty"` +} + +type ListRecordsResponse struct { + apiResponseBase + Data *struct { + Total int32 `json:"total"` + Results []*DnsRecord `json:"results"` + } `json:"data,omitempty"` +} + +func (c *Client) ListRecords(req *ListRecordsRequest) (*ListRecordsResponse, error) { + return c.ListRecordsWithContext(context.Background(), req) +} + +func (c *Client) ListRecordsWithContext(ctx context.Context, req *ListRecordsRequest) (*ListRecordsResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/recordList") + if err != nil { + return nil, err + } else { + if req.DomainId != nil { + httpreq.SetQueryParam("domainId", *req.DomainId) + } + if req.GroupId != nil { + httpreq.SetQueryParam("groupId", *req.GroupId) + } + if req.LineId != nil { + httpreq.SetQueryParam("lineId", *req.LineId) + } + if req.Type != nil { + httpreq.SetQueryParam("type", strconv.Itoa(int(*req.Type))) + } + if req.Host != nil { + httpreq.SetQueryParam("host", *req.Host) + } + if req.Data != nil { + httpreq.SetQueryParam("data", *req.Data) + } + if req.PageIndex != nil { + httpreq.SetQueryParam("pageIndex", strconv.Itoa(int(*req.PageIndex))) + } + if req.PageSize != nil { + httpreq.SetQueryParam("pageSize", strconv.Itoa(int(*req.PageSize))) + } + + httpreq.SetContext(ctx) + } + + result := &ListRecordsResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/dnsla/api_update_record.go b/pkg/sdk3rd/dnsla/api_update_record.go new file mode 100644 index 00000000..2ab147ce --- /dev/null +++ b/pkg/sdk3rd/dnsla/api_update_record.go @@ -0,0 +1,43 @@ +package dnsla + +import ( + "context" + "net/http" +) + +type UpdateRecordRequest struct { + Id string `json:"id"` + GroupId *string `json:"groupId,omitempty"` + LineId *string `json:"lineId,omitempty"` + Type *int32 `json:"type,omitempty"` + Host *string `json:"host,omitempty"` + Data *string `json:"data,omitempty"` + Ttl *int32 `json:"ttl,omitempty"` + Weight *int32 `json:"weight,omitempty"` + Preference *int32 `json:"preference,omitempty"` +} + +type UpdateRecordResponse struct { + apiResponseBase +} + +func (c *Client) UpdateRecord(req *UpdateRecordRequest) (*UpdateRecordResponse, error) { + return c.UpdateRecordWithContext(context.Background(), req) +} + +func (c *Client) UpdateRecordWithContext(ctx context.Context, req *UpdateRecordRequest) (*UpdateRecordResponse, error) { + httpreq, err := c.newRequest(http.MethodPut, "/record") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateRecordResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/dnsla/client.go b/pkg/sdk3rd/dnsla/client.go new file mode 100644 index 00000000..6add34a4 --- /dev/null +++ b/pkg/sdk3rd/dnsla/client.go @@ -0,0 +1,94 @@ +package dnsla + +import ( + "encoding/json" + "fmt" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(apiId, apiSecret string) (*Client, error) { + if apiId == "" { + return nil, fmt.Errorf("sdkerr: unset apiId") + } + if apiSecret == "" { + return nil, fmt.Errorf("sdkerr: unset apiSecret") + } + + client := resty.New(). + SetBaseURL("https://api.dns.la/api"). + SetBasicAuth(apiId, apiSecret). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate") + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode/100 != 2 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/dnsla/types.go b/pkg/sdk3rd/dnsla/types.go new file mode 100644 index 00000000..acb3767c --- /dev/null +++ b/pkg/sdk3rd/dnsla/types.go @@ -0,0 +1,59 @@ +package dnsla + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code *int32 `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +func (r *apiResponseBase) GetCode() int32 { + if r.Code == nil { + return 0 + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type DomainRecord struct { + Id string `json:"id"` + GroupId string `json:"groupId"` + GroupName string `json:"groupName"` + Domain string `json:"domain"` + DisplayDomain string `json:"displayDomain"` + CreatedAt int64 `json:"createdAt"` + UpdatedAt int64 `json:"updatedAt"` +} + +type DnsRecord struct { + Id string `json:"id"` + DomainId string `json:"domainId"` + GroupId string `json:"groupId"` + GroupName string `json:"groupName"` + LineId string `json:"lineId"` + LineCode string `json:"lineCode"` + LineName string `json:"lineName"` + Type int32 `json:"type"` + Host string `json:"host"` + DisplayHost string `json:"displayHost"` + Data string `json:"data"` + DisplayData string `json:"displayData"` + Ttl int32 `json:"ttl"` + Weight int32 `json:"weight"` + Preference int32 `json:"preference"` + CreatedAt int64 `json:"createdAt"` + UpdatedAt int64 `json:"updatedAt"` +} diff --git a/pkg/sdk3rd/dogecloud/api_bind_cdn_cert.go b/pkg/sdk3rd/dogecloud/api_bind_cdn_cert.go new file mode 100644 index 00000000..59a0c3bf --- /dev/null +++ b/pkg/sdk3rd/dogecloud/api_bind_cdn_cert.go @@ -0,0 +1,36 @@ +package dogecloud + +import ( + "context" + "net/http" +) + +type BindCdnCertRequest struct { + CertId int64 `json:"id"` + Domain string `json:"domain"` +} + +type BindCdnCertResponse struct { + apiResponseBase +} + +func (c *Client) BindCdnCert(req *BindCdnCertRequest) (*BindCdnCertResponse, error) { + return c.BindCdnCertWithContext(context.Background(), req) +} + +func (c *Client) BindCdnCertWithContext(ctx context.Context, req *BindCdnCertRequest) (*BindCdnCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/cdn/cert/bind.json") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &BindCdnCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/dogecloud/api_upload_cdn_cert.go b/pkg/sdk3rd/dogecloud/api_upload_cdn_cert.go new file mode 100644 index 00000000..43f70fb3 --- /dev/null +++ b/pkg/sdk3rd/dogecloud/api_upload_cdn_cert.go @@ -0,0 +1,41 @@ +package dogecloud + +import ( + "context" + "net/http" +) + +type UploadCdnCertRequest struct { + Note string `json:"note"` + Certificate string `json:"cert"` + PrivateKey string `json:"private"` +} + +type UploadCdnCertResponse struct { + apiResponseBase + + Data *struct { + Id int64 `json:"id"` + } `json:"data,omitempty"` +} + +func (c *Client) UploadCdnCert(req *UploadCdnCertRequest) (*UploadCdnCertResponse, error) { + return c.UploadCdnCertWithContext(context.Background(), req) +} + +func (c *Client) UploadCdnCertWithContext(ctx context.Context, req *UploadCdnCertRequest) (*UploadCdnCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/cdn/cert/upload.json") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UploadCdnCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/dogecloud/client.go b/pkg/sdk3rd/dogecloud/client.go new file mode 100644 index 00000000..f2088b00 --- /dev/null +++ b/pkg/sdk3rd/dogecloud/client.go @@ -0,0 +1,131 @@ +package dogecloud + +import ( + "crypto/hmac" + "crypto/sha1" + "encoding/hex" + "encoding/json" + "fmt" + "io" + "net/http" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(accessKey, secretKey string) (*Client, error) { + if accessKey == "" { + return nil, fmt.Errorf("sdkerr: unset accessKey") + } + if secretKey == "" { + return nil, fmt.Errorf("sdkerr: unset secretKey") + } + + client := resty.New(). + SetBaseURL("https://api.dogecloud.com"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(ctx *resty.Client, req *http.Request) error { + requestUrl := req.URL.Path + requestQuery := req.URL.Query().Encode() + if requestQuery != "" { + requestUrl += "?" + requestQuery + } + + payload := "" + if req.Body != nil { + reader, err := req.GetBody() + if err != nil { + return err + } + + defer reader.Close() + + payloadb, err := io.ReadAll(reader) + if err != nil { + return err + } + + payload = string(payloadb) + } + + stringToSign := fmt.Sprintf("%s\n%s", requestUrl, payload) + mac := hmac.New(sha1.New, []byte(secretKey)) + mac.Write([]byte(stringToSign)) + sign := hex.EncodeToString(mac.Sum(nil)) + + req.Header.Set("Authorization", fmt.Sprintf("TOKEN %s:%s", accessKey, sign)) + + return nil + }) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != 0 && tcode != 200 { + return resp, fmt.Errorf("sdkerr: code='%d', msg='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/dogecloud/types.go b/pkg/sdk3rd/dogecloud/types.go new file mode 100644 index 00000000..368b62a0 --- /dev/null +++ b/pkg/sdk3rd/dogecloud/types.go @@ -0,0 +1,29 @@ +package dogecloud + +type apiResponse interface { + GetCode() int + GetMessage() string +} + +type apiResponseBase struct { + Code *int `json:"code,omitempty"` + Message *string `json:"msg,omitempty"` +} + +func (r *apiResponseBase) GetCode() int { + if r.Code == nil { + return 0 + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/internal/pkg/sdk3rd/edgio/README.md b/pkg/sdk3rd/edgio/README.md similarity index 100% rename from internal/pkg/sdk3rd/edgio/README.md rename to pkg/sdk3rd/edgio/README.md diff --git a/internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/cdn_configuration.go b/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/cdn_configuration.go similarity index 100% rename from internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/cdn_configuration.go rename to pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/cdn_configuration.go diff --git a/internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/environment.go b/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/environment.go similarity index 100% rename from internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/environment.go rename to pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/environment.go diff --git a/internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/property.go b/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/property.go similarity index 100% rename from internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/property.go rename to pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/property.go diff --git a/internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/purge.go b/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/purge.go similarity index 100% rename from internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/purge.go rename to pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/purge.go diff --git a/internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/tls_cert.go b/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/tls_cert.go similarity index 100% rename from internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/tls_cert.go rename to pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/tls_cert.go diff --git a/internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/edgio_client.go b/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/edgio_client.go similarity index 100% rename from internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/edgio_client.go rename to pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/edgio_client.go diff --git a/internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/edgio_client_interface.go b/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/edgio_client_interface.go similarity index 100% rename from internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/edgio_client_interface.go rename to pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/edgio_client_interface.go diff --git a/internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/go.mod b/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/go.mod similarity index 100% rename from internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/go.mod rename to pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/go.mod diff --git a/pkg/sdk3rd/flexcdn/api_update_ssl_cert.go b/pkg/sdk3rd/flexcdn/api_update_ssl_cert.go new file mode 100644 index 00000000..13cf3709 --- /dev/null +++ b/pkg/sdk3rd/flexcdn/api_update_ssl_cert.go @@ -0,0 +1,50 @@ +package flexcdn + +import ( + "context" + "net/http" +) + +type UpdateSSLCertRequest struct { + SSLCertId int64 `json:"sslCertId"` + IsOn bool `json:"isOn"` + Name string `json:"name"` + Description string `json:"description"` + ServerName string `json:"serverName"` + IsCA bool `json:"isCA"` + CertData string `json:"certData"` + KeyData string `json:"keyData"` + TimeBeginAt int64 `json:"timeBeginAt"` + TimeEndAt int64 `json:"timeEndAt"` + DNSNames []string `json:"dnsNames"` + CommonNames []string `json:"commonNames"` +} + +type UpdateSSLCertResponse struct { + apiResponseBase +} + +func (c *Client) UpdateSSLCert(req *UpdateSSLCertRequest) (*UpdateSSLCertResponse, error) { + return c.UpdateSSLCertWithContext(context.Background(), req) +} + +func (c *Client) UpdateSSLCertWithContext(ctx context.Context, req *UpdateSSLCertRequest) (*UpdateSSLCertResponse, error) { + if err := c.ensureAccessTokenExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodPost, "/SSLCertService/updateSSLCert") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateSSLCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/flexcdn/client.go b/pkg/sdk3rd/flexcdn/client.go new file mode 100644 index 00000000..3d097a81 --- /dev/null +++ b/pkg/sdk3rd/flexcdn/client.go @@ -0,0 +1,174 @@ +package flexcdn + +import ( + "crypto/tls" + "encoding/json" + "fmt" + "net/http" + "net/url" + "strings" + "sync" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + apiRole string + accessKeyId string + accessKey string + + accessToken string + accessTokenExp time.Time + accessTokenMtx sync.Mutex + + client *resty.Client +} + +func NewClient(serverUrl, apiRole, accessKeyId, accessKey string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiRole == "" { + return nil, fmt.Errorf("sdkerr: unset apiRole") + } + if apiRole != "user" && apiRole != "admin" { + return nil, fmt.Errorf("sdkerr: invalid apiRole") + } + if accessKeyId == "" { + return nil, fmt.Errorf("sdkerr: unset accessKeyId") + } + if accessKey == "" { + return nil, fmt.Errorf("sdkerr: unset accessKey") + } + + client := &Client{ + apiRole: apiRole, + accessKeyId: accessKeyId, + accessKey: accessKey, + } + client.client = resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + if client.accessToken != "" { + req.Header.Set("X-Cloud-Access-Token", client.accessToken) + } + + return nil + }) + + return client, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != 200 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} + +func (c *Client) ensureAccessTokenExists() error { + c.accessTokenMtx.Lock() + defer c.accessTokenMtx.Unlock() + if c.accessToken != "" && c.accessTokenExp.After(time.Now()) { + return nil + } + + httpreq, err := c.newRequest(http.MethodPost, "/APIAccessTokenService/getAPIAccessToken") + if err != nil { + return err + } else { + httpreq.SetBody(map[string]string{ + "type": c.apiRole, + "accessKeyId": c.accessKeyId, + "accessKey": c.accessKey, + }) + } + + type getAPIAccessTokenResponse struct { + apiResponseBase + Data *struct { + Token string `json:"token"` + ExpiresAt int64 `json:"expiresAt"` + } `json:"data,omitempty"` + } + + result := &getAPIAccessTokenResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return err + } else if code := result.GetCode(); code != 200 { + return fmt.Errorf("sdkerr: failed to get flexcdn access token: code='%d', message='%s'", code, result.GetMessage()) + } else { + c.accessToken = result.Data.Token + c.accessTokenExp = time.Unix(result.Data.ExpiresAt, 0) + } + + return nil +} diff --git a/pkg/sdk3rd/flexcdn/types.go b/pkg/sdk3rd/flexcdn/types.go new file mode 100644 index 00000000..21d4372c --- /dev/null +++ b/pkg/sdk3rd/flexcdn/types.go @@ -0,0 +1,21 @@ +package flexcdn + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code int32 `json:"code"` + Message string `json:"message"` +} + +func (r *apiResponseBase) GetCode() int32 { + return r.Code +} + +func (r *apiResponseBase) GetMessage() string { + return r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/internal/pkg/sdk3rd/gcore/common/endpoint.go b/pkg/sdk3rd/gcore/endpoint.go similarity index 100% rename from internal/pkg/sdk3rd/gcore/common/endpoint.go rename to pkg/sdk3rd/gcore/endpoint.go diff --git a/internal/pkg/sdk3rd/gcore/common/signer.go b/pkg/sdk3rd/gcore/signer.go similarity index 100% rename from internal/pkg/sdk3rd/gcore/common/signer.go rename to pkg/sdk3rd/gcore/signer.go diff --git a/pkg/sdk3rd/gname/api_add_domain_resolution.go b/pkg/sdk3rd/gname/api_add_domain_resolution.go new file mode 100644 index 00000000..ed5f687a --- /dev/null +++ b/pkg/sdk3rd/gname/api_add_domain_resolution.go @@ -0,0 +1,42 @@ +package gname + +import ( + "context" + "encoding/json" + "net/http" +) + +type AddDomainResolutionRequest struct { + ZoneName *string `json:"ym,omitempty"` + RecordType *string `json:"lx,omitempty"` + RecordName *string `json:"zj,omitempty"` + RecordValue *string `json:"jlz,omitempty"` + MX *int32 `json:"mx,omitempty"` + TTL *int32 `json:"ttl,omitempty"` +} + +type AddDomainResolutionResponse struct { + apiResponseBase + + Data json.Number `json:"data"` +} + +func (c *Client) AddDomainResolution(req *AddDomainResolutionRequest) (*AddDomainResolutionResponse, error) { + return c.AddDomainResolutionWithContext(context.Background(), req) +} + +func (c *Client) AddDomainResolutionWithContext(ctx context.Context, req *AddDomainResolutionRequest) (*AddDomainResolutionResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/api/resolution/add", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &AddDomainResolutionResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/gname/api_delete_domain_resolution.go b/pkg/sdk3rd/gname/api_delete_domain_resolution.go new file mode 100644 index 00000000..a2125fb3 --- /dev/null +++ b/pkg/sdk3rd/gname/api_delete_domain_resolution.go @@ -0,0 +1,35 @@ +package gname + +import ( + "context" + "net/http" +) + +type DeleteDomainResolutionRequest struct { + ZoneName *string `json:"ym,omitempty"` + RecordID *int64 `json:"jxid,omitempty"` +} + +type DeleteDomainResolutionResponse struct { + apiResponseBase +} + +func (c *Client) DeleteDomainResolution(req *DeleteDomainResolutionRequest) (*DeleteDomainResolutionResponse, error) { + return c.DeleteDomainResolutionWithContext(context.Background(), req) +} + +func (c *Client) DeleteDomainResolutionWithContext(ctx context.Context, req *DeleteDomainResolutionRequest) (*DeleteDomainResolutionResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/api/resolution/delete", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &DeleteDomainResolutionResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/gname/api_list_domain_resolution.go b/pkg/sdk3rd/gname/api_list_domain_resolution.go new file mode 100644 index 00000000..98832fc1 --- /dev/null +++ b/pkg/sdk3rd/gname/api_list_domain_resolution.go @@ -0,0 +1,41 @@ +package gname + +import ( + "context" + "net/http" +) + +type ListDomainResolutionRequest struct { + ZoneName *string `json:"ym,omitempty"` + Page *int32 `json:"page,omitempty"` + PageSize *int32 `json:"limit,omitempty"` +} + +type ListDomainResolutionResponse struct { + apiResponseBase + + Count int32 `json:"count"` + Data []*DomainResolutionRecordord `json:"data"` + Page int32 `json:"page"` + PageSize int32 `json:"pagesize"` +} + +func (c *Client) ListDomainResolution(req *ListDomainResolutionRequest) (*ListDomainResolutionResponse, error) { + return c.ListDomainResolutionWithContext(context.Background(), req) +} + +func (c *Client) ListDomainResolutionWithContext(ctx context.Context, req *ListDomainResolutionRequest) (*ListDomainResolutionResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/api/resolution/list", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &ListDomainResolutionResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/gname/api_modify_domain_resolution.go b/pkg/sdk3rd/gname/api_modify_domain_resolution.go new file mode 100644 index 00000000..883f4c41 --- /dev/null +++ b/pkg/sdk3rd/gname/api_modify_domain_resolution.go @@ -0,0 +1,40 @@ +package gname + +import ( + "context" + "net/http" +) + +type ModifyDomainResolutionRequest struct { + ID *int64 `json:"jxid,omitempty"` + ZoneName *string `json:"ym,omitempty"` + RecordType *string `json:"lx,omitempty"` + RecordName *string `json:"zj,omitempty"` + RecordValue *string `json:"jlz,omitempty"` + MX *int32 `json:"mx,omitempty"` + TTL *int32 `json:"ttl,omitempty"` +} + +type ModifyDomainResolutionResponse struct { + apiResponseBase +} + +func (c *Client) ModifyDomainResolution(req *ModifyDomainResolutionRequest) (*ModifyDomainResolutionResponse, error) { + return c.ModifyDomainResolutionWithContext(context.Background(), req) +} + +func (c *Client) ModifyDomainResolutionWithContext(ctx context.Context, req *ModifyDomainResolutionRequest) (*ModifyDomainResolutionResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/api/resolution/edit", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &ModifyDomainResolutionResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/gname/client.go b/pkg/sdk3rd/gname/client.go new file mode 100644 index 00000000..5fd26e02 --- /dev/null +++ b/pkg/sdk3rd/gname/client.go @@ -0,0 +1,148 @@ +package gname + +import ( + "crypto/md5" + "encoding/json" + "fmt" + "net/url" + "sort" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + appId string + appKey string + + client *resty.Client +} + +func NewClient(appId, appKey string) (*Client, error) { + if appId == "" { + return nil, fmt.Errorf("sdkerr: unset appId") + } + if appKey == "" { + return nil, fmt.Errorf("sdkerr: unset appKey") + } + + client := resty.New(). + SetBaseURL("http://api.gname.com"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/x-www-form-urlencoded"). + SetHeader("User-Agent", "certimate") + + return &Client{ + appId: appId, + appKey: appKey, + client: client, + }, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string, params any) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + data := make(map[string]string) + if params != nil { + temp := make(map[string]any) + jsonb, _ := json.Marshal(params) + json.Unmarshal(jsonb, &temp) + for k, v := range temp { + if v == nil { + continue + } + + data[k] = fmt.Sprintf("%v", v) + } + } + + data["appid"] = c.appId + data["gntime"] = fmt.Sprintf("%d", time.Now().Unix()) + data["gntoken"] = generateSignature(data, c.appKey) + + req := c.client.R() + req.Method = method + req.URL = path + req.SetFormData(data) + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetBody` or `req.SetFormData` HERE! USE `newRequest` INSTEAD. + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != 1 { + return resp, fmt.Errorf("sdkerr: api error: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} + +func generateSignature(params map[string]string, appKey string) string { + // Step 1: Sort parameters by ASCII order + var keys []string + for k := range params { + keys = append(keys, k) + } + sort.Strings(keys) + + // Step 2: Create string A with URL-encoded values + var pairs []string + for _, k := range keys { + encodedValue := url.QueryEscape(params[k]) + pairs = append(pairs, fmt.Sprintf("%s=%s", k, encodedValue)) + } + stringA := strings.Join(pairs, "&") + + // Step 3: Append appkey to create string B + stringB := stringA + appKey + + // Step 4: Calculate MD5 and convert to uppercase + hash := md5.Sum([]byte(stringB)) + return strings.ToUpper(fmt.Sprintf("%x", hash)) +} diff --git a/pkg/sdk3rd/gname/types.go b/pkg/sdk3rd/gname/types.go new file mode 100644 index 00000000..5b1373ea --- /dev/null +++ b/pkg/sdk3rd/gname/types.go @@ -0,0 +1,32 @@ +package gname + +import "encoding/json" + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code int32 `json:"code"` + Message string `json:"msg"` +} + +func (r *apiResponseBase) GetCode() int32 { + return r.Code +} + +func (r *apiResponseBase) GetMessage() string { + return r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type DomainResolutionRecordord struct { + ID json.Number `json:"id"` + ZoneName string `json:"ym"` + RecordType string `json:"lx"` + RecordName string `json:"zjt"` + RecordValue string `json:"jxz"` + MX int32 `json:"mx"` +} diff --git a/pkg/sdk3rd/goedge/api_update_ssl_cert.go b/pkg/sdk3rd/goedge/api_update_ssl_cert.go new file mode 100644 index 00000000..0aa68353 --- /dev/null +++ b/pkg/sdk3rd/goedge/api_update_ssl_cert.go @@ -0,0 +1,50 @@ +package goedge + +import ( + "context" + "net/http" +) + +type UpdateSSLCertRequest struct { + SSLCertId int64 `json:"sslCertId"` + IsOn bool `json:"isOn"` + Name string `json:"name"` + Description string `json:"description"` + ServerName string `json:"serverName"` + IsCA bool `json:"isCA"` + CertData string `json:"certData"` + KeyData string `json:"keyData"` + TimeBeginAt int64 `json:"timeBeginAt"` + TimeEndAt int64 `json:"timeEndAt"` + DNSNames []string `json:"dnsNames"` + CommonNames []string `json:"commonNames"` +} + +type UpdateSSLCertResponse struct { + apiResponseBase +} + +func (c *Client) UpdateSSLCert(req *UpdateSSLCertRequest) (*UpdateSSLCertResponse, error) { + return c.UpdateSSLCertWithContext(context.Background(), req) +} + +func (c *Client) UpdateSSLCertWithContext(ctx context.Context, req *UpdateSSLCertRequest) (*UpdateSSLCertResponse, error) { + if err := c.ensureAccessTokenExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodPost, "/SSLCertService/updateSSLCert") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateSSLCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/goedge/client.go b/pkg/sdk3rd/goedge/client.go new file mode 100644 index 00000000..52fdd8d8 --- /dev/null +++ b/pkg/sdk3rd/goedge/client.go @@ -0,0 +1,174 @@ +package goedge + +import ( + "crypto/tls" + "encoding/json" + "fmt" + "net/http" + "net/url" + "strings" + "sync" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + apiRole string + accessKeyId string + accessKey string + + accessToken string + accessTokenExp time.Time + accessTokenMtx sync.Mutex + + client *resty.Client +} + +func NewClient(serverUrl, apiRole, accessKeyId, accessKey string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiRole == "" { + return nil, fmt.Errorf("sdkerr: unset apiRole") + } + if apiRole != "user" && apiRole != "admin" { + return nil, fmt.Errorf("sdkerr: invalid apiRole") + } + if accessKeyId == "" { + return nil, fmt.Errorf("sdkerr: unset accessKeyId") + } + if accessKey == "" { + return nil, fmt.Errorf("sdkerr: unset accessKey") + } + + client := &Client{ + apiRole: apiRole, + accessKeyId: accessKeyId, + accessKey: accessKey, + } + client.client = resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + if client.accessToken != "" { + req.Header.Set("X-Edge-Access-Token", client.accessToken) + } + + return nil + }) + + return client, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != 200 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} + +func (c *Client) ensureAccessTokenExists() error { + c.accessTokenMtx.Lock() + defer c.accessTokenMtx.Unlock() + if c.accessToken != "" && c.accessTokenExp.After(time.Now()) { + return nil + } + + httpreq, err := c.newRequest(http.MethodPost, "/APIAccessTokenService/getAPIAccessToken") + if err != nil { + return err + } else { + httpreq.SetBody(map[string]string{ + "type": c.apiRole, + "accessKeyId": c.accessKeyId, + "accessKey": c.accessKey, + }) + } + + type getAPIAccessTokenResponse struct { + apiResponseBase + Data *struct { + Token string `json:"token"` + ExpiresAt int64 `json:"expiresAt"` + } `json:"data,omitempty"` + } + + result := &getAPIAccessTokenResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return err + } else if code := result.GetCode(); code != 200 { + return fmt.Errorf("sdkerr: failed to get goedge access token: code='%d', message='%s'", code, result.GetMessage()) + } else { + c.accessToken = result.Data.Token + c.accessTokenExp = time.Unix(result.Data.ExpiresAt, 0) + } + + return nil +} diff --git a/pkg/sdk3rd/goedge/types.go b/pkg/sdk3rd/goedge/types.go new file mode 100644 index 00000000..75434d6f --- /dev/null +++ b/pkg/sdk3rd/goedge/types.go @@ -0,0 +1,21 @@ +package goedge + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code int32 `json:"code"` + Message string `json:"message"` +} + +func (r *apiResponseBase) GetCode() int32 { + return r.Code +} + +func (r *apiResponseBase) GetMessage() string { + return r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/pkg/sdk3rd/lecdn/client-v3/api_update_certificate.go b/pkg/sdk3rd/lecdn/client-v3/api_update_certificate.go new file mode 100644 index 00000000..d9ffa4d9 --- /dev/null +++ b/pkg/sdk3rd/lecdn/client-v3/api_update_certificate.go @@ -0,0 +1,49 @@ +package clientv3 + +import ( + "context" + "fmt" + "net/http" +) + +type UpdateCertificateRequest struct { + Name string `json:"name"` + Description string `json:"description"` + Type string `json:"type"` + SSLPEM string `json:"ssl_pem"` + SSLKey string `json:"ssl_key"` + AutoRenewal bool `json:"auto_renewal"` +} + +type UpdateCertificateResponse struct { + apiResponseBase +} + +func (c *Client) UpdateCertificate(certId int64, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + return c.UpdateCertificateWithContext(context.Background(), certId, req) +} + +func (c *Client) UpdateCertificateWithContext(ctx context.Context, certId int64, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + if certId == 0 { + return nil, fmt.Errorf("sdkerr: unset certId") + } + + if err := c.ensureAccessTokenExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodPut, fmt.Sprintf("/certificate/%d", certId)) + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/lecdn/client-v3/client.go b/pkg/sdk3rd/lecdn/client-v3/client.go new file mode 100644 index 00000000..72e4b316 --- /dev/null +++ b/pkg/sdk3rd/lecdn/client-v3/client.go @@ -0,0 +1,161 @@ +package clientv3 + +import ( + "crypto/tls" + "encoding/json" + "fmt" + "net/http" + "net/url" + "strings" + "sync" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + username string + password string + + accessToken string + accessTokenMtx sync.Mutex + + client *resty.Client +} + +func NewClient(serverUrl, username, password string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if username == "" { + return nil, fmt.Errorf("sdkerr: unset username") + } + if password == "" { + return nil, fmt.Errorf("sdkerr: unset password") + } + + client := &Client{ + username: username, + password: password, + } + client.client = resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")+"/prod-api"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + if client.accessToken != "" { + req.Header.Set("Authorization", "Bearer "+client.accessToken) + } + + return nil + }) + + return client, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != 200 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} + +func (c *Client) ensureAccessTokenExists() error { + c.accessTokenMtx.Lock() + defer c.accessTokenMtx.Unlock() + if c.accessToken != "" { + return nil + } + + httpreq, err := c.newRequest(http.MethodPost, "/auth/login") + if err != nil { + return err + } else { + httpreq.SetBody(map[string]string{ + "email": c.username, + "username": c.username, + "password": c.password, + }) + } + + type loginResponse struct { + apiResponseBase + Data *struct { + UserId int64 `json:"user_id"` + Username string `json:"username"` + Token string `json:"token"` + } `json:"data,omitempty"` + } + + result := &loginResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return err + } else { + c.accessToken = result.Data.Token + } + + return nil +} diff --git a/pkg/sdk3rd/lecdn/client-v3/types.go b/pkg/sdk3rd/lecdn/client-v3/types.go new file mode 100644 index 00000000..f1597f42 --- /dev/null +++ b/pkg/sdk3rd/lecdn/client-v3/types.go @@ -0,0 +1,21 @@ +package clientv3 + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code int32 `json:"code"` + Message string `json:"msg"` +} + +func (r *apiResponseBase) GetCode() int32 { + return r.Code +} + +func (r *apiResponseBase) GetMessage() string { + return r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/pkg/sdk3rd/lecdn/master-v3/api_update_certificate.go b/pkg/sdk3rd/lecdn/master-v3/api_update_certificate.go new file mode 100644 index 00000000..c7205f73 --- /dev/null +++ b/pkg/sdk3rd/lecdn/master-v3/api_update_certificate.go @@ -0,0 +1,50 @@ +package masterv3 + +import ( + "context" + "fmt" + "net/http" +) + +type UpdateCertificateRequest struct { + ClientId int64 `json:"client_id"` + Name string `json:"name"` + Description string `json:"description"` + Type string `json:"type"` + SSLPEM string `json:"ssl_pem"` + SSLKey string `json:"ssl_key"` + AutoRenewal bool `json:"auto_renewal"` +} + +type UpdateCertificateResponse struct { + apiResponseBase +} + +func (c *Client) UpdateCertificate(certId int64, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + return c.UpdateCertificateWithContext(context.Background(), certId, req) +} + +func (c *Client) UpdateCertificateWithContext(ctx context.Context, certId int64, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + if certId == 0 { + return nil, fmt.Errorf("sdkerr: unset certId") + } + + if err := c.ensureAccessTokenExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodPut, fmt.Sprintf("/certificate/%d", certId)) + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/lecdn/master-v3/client.go b/pkg/sdk3rd/lecdn/master-v3/client.go new file mode 100644 index 00000000..66700609 --- /dev/null +++ b/pkg/sdk3rd/lecdn/master-v3/client.go @@ -0,0 +1,162 @@ +package masterv3 + +import ( + "crypto/tls" + "encoding/json" + "fmt" + "net/http" + "net/url" + "strings" + "sync" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + username string + password string + + accessToken string + accessTokenMtx sync.Mutex + + client *resty.Client +} + +func NewClient(serverUrl, username, password string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if username == "" { + return nil, fmt.Errorf("sdkerr: unset username") + } + if password == "" { + return nil, fmt.Errorf("sdkerr: unset password") + } + + client := &Client{ + username: username, + password: password, + } + client.client = resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")+"/prod-api"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + if client.accessToken != "" { + req.Header.Set("Authorization", "Bearer "+client.accessToken) + } + + return nil + }) + + return client, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != 200 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} + +func (c *Client) ensureAccessTokenExists() error { + c.accessTokenMtx.Lock() + defer c.accessTokenMtx.Unlock() + if c.accessToken != "" { + return nil + } + + httpreq, err := c.newRequest(http.MethodPost, "/auth/login") + if err != nil { + return err + } else { + httpreq.SetBody(map[string]string{ + "username": c.username, + "password": c.password, + }) + } + + type loginResponse struct { + apiResponseBase + Data *struct { + UserId int64 `json:"user_id"` + Username string `json:"username"` + Token string `json:"token"` + } `json:"data,omitempty"` + } + + result := &loginResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return err + } else { + c.accessToken = result.Data.Token + } + + return nil +} diff --git a/pkg/sdk3rd/lecdn/master-v3/types.go b/pkg/sdk3rd/lecdn/master-v3/types.go new file mode 100644 index 00000000..35e6d7f1 --- /dev/null +++ b/pkg/sdk3rd/lecdn/master-v3/types.go @@ -0,0 +1,21 @@ +package masterv3 + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code int32 `json:"code"` + Message string `json:"message"` +} + +func (r *apiResponseBase) GetCode() int32 { + return r.Code +} + +func (r *apiResponseBase) GetMessage() string { + return r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/pkg/sdk3rd/netlify/api_provision_site_tls_certificate.go b/pkg/sdk3rd/netlify/api_provision_site_tls_certificate.go new file mode 100644 index 00000000..6dc0e809 --- /dev/null +++ b/pkg/sdk3rd/netlify/api_provision_site_tls_certificate.go @@ -0,0 +1,52 @@ +package netlify + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type ProvisionSiteTLSCertificateParams struct { + Certificate string `json:"certificate"` + CACertificates string `json:"ca_certificates"` + Key string `json:"key"` +} + +type ProvisionSiteTLSCertificateResponse struct { + apiResponseBase + Domains []string `json:"domains,omitempty"` + State string `json:"state,omitempty"` + ExpiresAt string `json:"expires_at,omitempty"` + CreatedAt string `json:"created_at,omitempty"` + UpdatedAt string `json:"updated_at,omitempty"` +} + +func (c *Client) ProvisionSiteTLSCertificate(siteId string, req *ProvisionSiteTLSCertificateParams) (*ProvisionSiteTLSCertificateResponse, error) { + return c.ProvisionSiteTLSCertificateWithContext(context.Background(), siteId, req) +} + +func (c *Client) ProvisionSiteTLSCertificateWithContext(ctx context.Context, siteId string, req *ProvisionSiteTLSCertificateParams) (*ProvisionSiteTLSCertificateResponse, error) { + if siteId == "" { + return nil, fmt.Errorf("sdkerr: unset siteId") + } + + httpreq, err := c.newRequest(http.MethodPost, fmt.Sprintf("/sites/%s/ssl", url.PathEscape(siteId))) + if err != nil { + return nil, err + } else { + httpreq.SetQueryParams(map[string]string{ + "certificate": req.Certificate, + "ca_certificates": req.CACertificates, + "key": req.Key, + }) + httpreq.SetContext(ctx) + } + + result := &ProvisionSiteTLSCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/netlify/client.go b/pkg/sdk3rd/netlify/client.go new file mode 100644 index 00000000..1a6fa908 --- /dev/null +++ b/pkg/sdk3rd/netlify/client.go @@ -0,0 +1,91 @@ +package netlify + +import ( + "encoding/json" + "fmt" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(apiToken string) (*Client, error) { + if apiToken == "" { + return nil, fmt.Errorf("sdkerr: unset apiToken") + } + + client := resty.New(). + SetBaseURL("https://api.netlify.com/api/v1"). + SetHeader("Accept", "application/json"). + SetHeader("Authorization", "Bearer "+apiToken). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate") + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != 0 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/netlify/types.go b/pkg/sdk3rd/netlify/types.go new file mode 100644 index 00000000..301da2bf --- /dev/null +++ b/pkg/sdk3rd/netlify/types.go @@ -0,0 +1,29 @@ +package netlify + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code *int32 `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +func (r *apiResponseBase) GetCode() int32 { + if r.Code == nil { + return 0 + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/internal/pkg/sdk3rd/qiniu/auth.go b/pkg/sdk3rd/qiniu/auth.go similarity index 88% rename from internal/pkg/sdk3rd/qiniu/auth.go rename to pkg/sdk3rd/qiniu/auth.go index 6df13752..a1668dd7 100644 --- a/internal/pkg/sdk3rd/qiniu/auth.go +++ b/pkg/sdk3rd/qiniu/auth.go @@ -4,6 +4,7 @@ import ( "net/http" "github.com/qiniu/go-sdk/v7/auth" + "github.com/qiniu/go-sdk/v7/client" ) type transport struct { @@ -13,7 +14,7 @@ type transport struct { func newTransport(mac *auth.Credentials, tr http.RoundTripper) *transport { if tr == nil { - tr = http.DefaultTransport + tr = client.DefaultTransport } return &transport{tr, mac} } diff --git a/pkg/sdk3rd/qiniu/cdn.go b/pkg/sdk3rd/qiniu/cdn.go new file mode 100644 index 00000000..54a56517 --- /dev/null +++ b/pkg/sdk3rd/qiniu/cdn.go @@ -0,0 +1,134 @@ +package qiniu + +import ( + "context" + "fmt" + "net/http" + "strings" + + "github.com/qiniu/go-sdk/v7/auth" + "github.com/qiniu/go-sdk/v7/client" +) + +const qiniuHost = "https://api.qiniu.com" + +type CdnManager struct { + client *client.Client +} + +func NewCdnManager(mac *auth.Credentials) *CdnManager { + if mac == nil { + mac = auth.Default() + } + + client := &client.Client{&http.Client{Transport: newTransport(mac, nil)}} + return &CdnManager{client: client} +} + +func (m *CdnManager) urlf(pathf string, pathargs ...any) string { + path := fmt.Sprintf(pathf, pathargs...) + path = strings.TrimPrefix(path, "/") + return qiniuHost + "/" + path +} + +type GetDomainInfoResponse struct { + Code *int `json:"code,omitempty"` + Error *string `json:"error,omitempty"` + Name string `json:"name"` + Type string `json:"type"` + CName string `json:"cname"` + Https *struct { + CertID string `json:"certId"` + ForceHttps bool `json:"forceHttps"` + Http2Enable bool `json:"http2Enable"` + } `json:"https"` + PareDomain string `json:"pareDomain"` + OperationType string `json:"operationType"` + OperatingState string `json:"operatingState"` + OperatingStateDesc string `json:"operatingStateDesc"` + CreateAt string `json:"createAt"` + ModifyAt string `json:"modifyAt"` +} + +func (m *CdnManager) GetDomainInfo(ctx context.Context, domain string) (*GetDomainInfoResponse, error) { + resp := new(GetDomainInfoResponse) + if err := m.client.Call(ctx, resp, http.MethodGet, m.urlf("domain/%s", domain), nil); err != nil { + return nil, err + } + return resp, nil +} + +type ModifyDomainHttpsConfRequest struct { + CertID string `json:"certId"` + ForceHttps bool `json:"forceHttps"` + Http2Enable bool `json:"http2Enable"` +} + +type ModifyDomainHttpsConfResponse struct { + Code *int `json:"code,omitempty"` + Error *string `json:"error,omitempty"` +} + +func (m *CdnManager) ModifyDomainHttpsConf(ctx context.Context, domain string, certId string, forceHttps bool, http2Enable bool) (*ModifyDomainHttpsConfResponse, error) { + req := &ModifyDomainHttpsConfRequest{ + CertID: certId, + ForceHttps: forceHttps, + Http2Enable: http2Enable, + } + resp := new(ModifyDomainHttpsConfResponse) + if err := m.client.CallWithJson(ctx, resp, http.MethodPut, m.urlf("domain/%s/httpsconf", domain), nil, req); err != nil { + return nil, err + } + return resp, nil +} + +type EnableDomainHttpsRequest struct { + CertID string `json:"certId"` + ForceHttps bool `json:"forceHttps"` + Http2Enable bool `json:"http2Enable"` +} + +type EnableDomainHttpsResponse struct { + Code *int `json:"code,omitempty"` + Error *string `json:"error,omitempty"` +} + +func (m *CdnManager) EnableDomainHttps(ctx context.Context, domain string, certId string, forceHttps bool, http2Enable bool) (*EnableDomainHttpsResponse, error) { + req := &EnableDomainHttpsRequest{ + CertID: certId, + ForceHttps: forceHttps, + Http2Enable: http2Enable, + } + resp := new(EnableDomainHttpsResponse) + if err := m.client.CallWithJson(ctx, resp, http.MethodPut, m.urlf("domain/%s/sslize", domain), nil, req); err != nil { + return nil, err + } + return resp, nil +} + +type UploadSslCertRequest struct { + Name string `json:"name"` + CommonName string `json:"common_name"` + Certificate string `json:"ca"` + PrivateKey string `json:"pri"` +} + +type UploadSslCertResponse struct { + Code *int `json:"code,omitempty"` + Error *string `json:"error,omitempty"` + CertID string `json:"certID"` +} + +func (m *CdnManager) UploadSslCert(ctx context.Context, name string, commonName string, certificate string, privateKey string) (*UploadSslCertResponse, error) { + req := &UploadSslCertRequest{ + Name: name, + CommonName: commonName, + Certificate: certificate, + PrivateKey: privateKey, + } + resp := new(UploadSslCertResponse) + if err := m.client.CallWithJson(ctx, resp, http.MethodPost, m.urlf("sslcert"), nil, req); err != nil { + return nil, err + } + return resp, nil +} diff --git a/pkg/sdk3rd/rainyun/api_rcdn_instance_ssl_bind.go b/pkg/sdk3rd/rainyun/api_rcdn_instance_ssl_bind.go new file mode 100644 index 00000000..4790be12 --- /dev/null +++ b/pkg/sdk3rd/rainyun/api_rcdn_instance_ssl_bind.go @@ -0,0 +1,41 @@ +package rainyun + +import ( + "context" + "fmt" + "net/http" +) + +type RcdnInstanceSslBindRequest struct { + CertId int32 `json:"cert_id"` + Domains []string `json:"domains"` +} + +type RcdnInstanceSslBindResponse struct { + apiResponseBase +} + +func (c *Client) RcdnInstanceSslBind(instanceId int32, req *RcdnInstanceSslBindRequest) (*RcdnInstanceSslBindResponse, error) { + return c.RcdnInstanceSslBindWithContext(context.Background(), instanceId, req) +} + +func (c *Client) RcdnInstanceSslBindWithContext(ctx context.Context, instanceId int32, req *RcdnInstanceSslBindRequest) (*RcdnInstanceSslBindResponse, error) { + if instanceId == 0 { + return nil, fmt.Errorf("sdkerr: unset instanceId") + } + + httpreq, err := c.newRequest(http.MethodPost, fmt.Sprintf("/product/rcdn/instance/%d/ssl_bind", instanceId)) + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &RcdnInstanceSslBindResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/rainyun/api_ssl_center_create.go b/pkg/sdk3rd/rainyun/api_ssl_center_create.go new file mode 100644 index 00000000..1af08e5b --- /dev/null +++ b/pkg/sdk3rd/rainyun/api_ssl_center_create.go @@ -0,0 +1,36 @@ +package rainyun + +import ( + "context" + "net/http" +) + +type SslCenterCreateRequest struct { + Cert string `json:"cert"` + Key string `json:"key"` +} + +type SslCenterCreateResponse struct { + apiResponseBase +} + +func (c *Client) SslCenterCreate(req *SslCenterCreateRequest) (*SslCenterCreateResponse, error) { + return c.SslCenterCreateWithContext(context.Background(), req) +} + +func (c *Client) SslCenterCreateWithContext(ctx context.Context, req *SslCenterCreateRequest) (*SslCenterCreateResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/product/sslcenter/") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &SslCenterCreateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/rainyun/api_ssl_center_get.go b/pkg/sdk3rd/rainyun/api_ssl_center_get.go new file mode 100644 index 00000000..6dec58ce --- /dev/null +++ b/pkg/sdk3rd/rainyun/api_ssl_center_get.go @@ -0,0 +1,37 @@ +package rainyun + +import ( + "context" + "fmt" + "net/http" +) + +type SslCenterGetResponse struct { + apiResponseBase + + Data *SslDetail `json:"data,omitempty"` +} + +func (c *Client) SslCenterGet(sslId int32) (*SslCenterGetResponse, error) { + return c.SslCenterGetWithContext(context.Background(), sslId) +} + +func (c *Client) SslCenterGetWithContext(ctx context.Context, sslId int32) (*SslCenterGetResponse, error) { + if sslId == 0 { + return nil, fmt.Errorf("sdkerr: unset sslId") + } + + httpreq, err := c.newRequest(http.MethodGet, fmt.Sprintf("/product/sslcenter/%d", sslId)) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &SslCenterGetResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/rainyun/api_ssl_center_list.go b/pkg/sdk3rd/rainyun/api_ssl_center_list.go new file mode 100644 index 00000000..e727c3b0 --- /dev/null +++ b/pkg/sdk3rd/rainyun/api_ssl_center_list.go @@ -0,0 +1,49 @@ +package rainyun + +import ( + "context" + "encoding/json" + "net/http" +) + +type SslCenterListFilters struct { + Domain *string `json:"Domain,omitempty"` +} + +type SslCenterListRequest struct { + Filters *SslCenterListFilters `json:"columnFilters,omitempty"` + Sort []*string `json:"sort,omitempty"` + Page *int32 `json:"page,omitempty"` + PerPage *int32 `json:"perPage,omitempty"` +} + +type SslCenterListResponse struct { + apiResponseBase + + Data *struct { + TotalRecords int32 `json:"TotalRecords"` + Records []*SslRecord `json:"Records"` + } `json:"data,omitempty"` +} + +func (c *Client) SslCenterList(req *SslCenterListRequest) (*SslCenterListResponse, error) { + return c.SslCenterListWithContext(context.Background(), req) +} + +func (c *Client) SslCenterListWithContext(ctx context.Context, req *SslCenterListRequest) (*SslCenterListResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/product/sslcenter") + if err != nil { + return nil, err + } else { + jsonb, _ := json.Marshal(req) + httpreq.SetQueryParam("options", string(jsonb)) + httpreq.SetContext(ctx) + } + + result := &SslCenterListResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/rainyun/client.go b/pkg/sdk3rd/rainyun/client.go new file mode 100644 index 00000000..e7f2fb5a --- /dev/null +++ b/pkg/sdk3rd/rainyun/client.go @@ -0,0 +1,91 @@ +package rainyun + +import ( + "encoding/json" + "fmt" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(apiKey string) (*Client, error) { + if apiKey == "" { + return nil, fmt.Errorf("sdkerr: unset apiKey") + } + + client := resty.New(). + SetBaseURL("https://api.v2.rainyun.com"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetHeader("X-API-Key", apiKey) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode/100 != 2 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/rainyun/types.go b/pkg/sdk3rd/rainyun/types.go new file mode 100644 index 00000000..47937f71 --- /dev/null +++ b/pkg/sdk3rd/rainyun/types.go @@ -0,0 +1,49 @@ +package rainyun + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code *int32 `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +func (r *apiResponseBase) GetCode() int32 { + if r.Code == nil { + return 0 + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type SslRecord struct { + ID int32 `json:"ID"` + UID int32 `json:"UID"` + Domain string `json:"Domain"` + Issuer string `json:"Issuer"` + StartDate int64 `json:"StartDate"` + ExpireDate int64 `json:"ExpDate"` + UploadTime int64 `json:"UploadTime"` +} + +type SslDetail struct { + Cert string `json:"Cert"` + Key string `json:"Key"` + Domain string `json:"DomainName"` + Issuer string `json:"Issuer"` + StartDate int64 `json:"StartDate"` + ExpireDate int64 `json:"ExpDate"` + RemainDays int32 `json:"RemainDays"` +} diff --git a/pkg/sdk3rd/ratpanel/api_set_setting_cert.go b/pkg/sdk3rd/ratpanel/api_set_setting_cert.go new file mode 100644 index 00000000..7a026b48 --- /dev/null +++ b/pkg/sdk3rd/ratpanel/api_set_setting_cert.go @@ -0,0 +1,36 @@ +package ratpanel + +import ( + "context" + "net/http" +) + +type SetSettingCertRequest struct { + Certificate string `json:"cert"` + PrivateKey string `json:"key"` +} + +type SetSettingCertResponse struct { + apiResponseBase +} + +func (c *Client) SetSettingCert(req *SetSettingCertRequest) (*SetSettingCertResponse, error) { + return c.SetSettingCertWithContext(context.Background(), req) +} + +func (c *Client) SetSettingCertWithContext(ctx context.Context, req *SetSettingCertRequest) (*SetSettingCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/setting/cert") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &SetSettingCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ratpanel/api_set_website_cert.go b/pkg/sdk3rd/ratpanel/api_set_website_cert.go new file mode 100644 index 00000000..679373fa --- /dev/null +++ b/pkg/sdk3rd/ratpanel/api_set_website_cert.go @@ -0,0 +1,37 @@ +package ratpanel + +import ( + "context" + "net/http" +) + +type SetWebsiteCertRequest struct { + SiteName string `json:"name"` + Certificate string `json:"cert"` + PrivateKey string `json:"key"` +} + +type SetWebsiteCertResponse struct { + apiResponseBase +} + +func (c *Client) SetWebsiteCert(req *SetWebsiteCertRequest) (*SetWebsiteCertResponse, error) { + return c.SetWebsiteCertWithContext(context.Background(), req) +} + +func (c *Client) SetWebsiteCertWithContext(ctx context.Context, req *SetWebsiteCertRequest) (*SetWebsiteCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/website/cert") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &SetWebsiteCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ratpanel/client.go b/pkg/sdk3rd/ratpanel/client.go new file mode 100644 index 00000000..155e2349 --- /dev/null +++ b/pkg/sdk3rd/ratpanel/client.go @@ -0,0 +1,164 @@ +package ratpanel + +import ( + "bytes" + "crypto/hmac" + "crypto/sha256" + "crypto/tls" + "encoding/hex" + "encoding/json" + "fmt" + "io" + "net/http" + "net/url" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(serverUrl string, accessTokenId int32, accessToken string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if accessTokenId == 0 { + return nil, fmt.Errorf("sdkerr: unset accessTokenId") + } + if accessToken == "" { + return nil, fmt.Errorf("sdkerr: unset accessToken") + } + + client := resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")+"/api"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + var body []byte + var err error + + if req.Body != nil { + body, err = io.ReadAll(req.Body) + if err != nil { + return err + } + req.Body = io.NopCloser(bytes.NewReader(body)) + } + + canonicalPath := req.URL.Path + if !strings.HasPrefix(canonicalPath, "/api") { + index := strings.Index(canonicalPath, "/api") + if index != -1 { + canonicalPath = canonicalPath[index:] + } + } + + canonicalRequest := fmt.Sprintf("%s\n%s\n%s\n%s", + req.Method, + canonicalPath, + req.URL.Query().Encode(), + sumSha256(string(body))) + + timestamp := time.Now().Unix() + req.Header.Set("X-Timestamp", fmt.Sprintf("%d", timestamp)) + + stringToSign := fmt.Sprintf("%s\n%d\n%s", + "HMAC-SHA256", + timestamp, + sumSha256(canonicalRequest)) + signature := sumHmacSha256(stringToSign, accessToken) + req.Header.Set("Authorization", fmt.Sprintf("HMAC-SHA256 Credential=%d, Signature=%s", accessTokenId, signature)) + + return nil + }) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tmessage := res.GetMessage(); tmessage != "success" { + return resp, fmt.Errorf("sdkerr: message='%s'", tmessage) + } + } + } + + return resp, nil +} + +func sumSha256(str string) string { + sum := sha256.Sum256([]byte(str)) + dst := make([]byte, hex.EncodedLen(len(sum))) + hex.Encode(dst, sum[:]) + return string(dst) +} + +func sumHmacSha256(data string, secret string) string { + h := hmac.New(sha256.New, []byte(secret)) + h.Write([]byte(data)) + return hex.EncodeToString(h.Sum(nil)) +} diff --git a/pkg/sdk3rd/ratpanel/types.go b/pkg/sdk3rd/ratpanel/types.go new file mode 100644 index 00000000..16a17b0e --- /dev/null +++ b/pkg/sdk3rd/ratpanel/types.go @@ -0,0 +1,19 @@ +package ratpanel + +type apiResponse interface { + GetMessage() string +} + +type apiResponseBase struct { + Message *string `json:"msg,omitempty"` +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/pkg/sdk3rd/safeline/api_update_certificate.go b/pkg/sdk3rd/safeline/api_update_certificate.go new file mode 100644 index 00000000..3dcbb5ba --- /dev/null +++ b/pkg/sdk3rd/safeline/api_update_certificate.go @@ -0,0 +1,37 @@ +package safeline + +import ( + "context" + "net/http" +) + +type UpdateCertificateRequest struct { + Id int32 `json:"id"` + Type int32 `json:"type"` + Manual *CertificateManul `json:"manual"` +} + +type UpdateCertificateResponse struct { + apiResponseBase +} + +func (c *Client) UpdateCertificate(req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + return c.UpdateCertificateWithContext(context.Background(), req) +} + +func (c *Client) UpdateCertificateWithContext(ctx context.Context, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/api/open/cert") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/safeline/client.go b/pkg/sdk3rd/safeline/client.go new file mode 100644 index 00000000..5d7ee668 --- /dev/null +++ b/pkg/sdk3rd/safeline/client.go @@ -0,0 +1,105 @@ +package safeline + +import ( + "crypto/tls" + "encoding/json" + "fmt" + "net/url" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(serverUrl, apiToken string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiToken == "" { + return nil, fmt.Errorf("sdkerr: unset apiToken") + } + + client := resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetHeader("X-SLCE-API-TOKEN", apiToken) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if terrcode := res.GetErrCode(); terrcode != "" { + return resp, fmt.Errorf("sdkerr: err='%s', msg='%s'", terrcode, res.GetErrMsg()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/safeline/types.go b/pkg/sdk3rd/safeline/types.go new file mode 100644 index 00000000..16d44397 --- /dev/null +++ b/pkg/sdk3rd/safeline/types.go @@ -0,0 +1,34 @@ +package safeline + +type apiResponse interface { + GetErrCode() string + GetErrMsg() string +} + +type apiResponseBase struct { + ErrCode *string `json:"err,omitempty"` + ErrMsg *string `json:"msg,omitempty"` +} + +func (r *apiResponseBase) GetErrCode() string { + if r.ErrCode == nil { + return "" + } + + return *r.ErrCode +} + +func (r *apiResponseBase) GetErrMsg() string { + if r.ErrMsg == nil { + return "" + } + + return *r.ErrMsg +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type CertificateManul struct { + Crt string `json:"crt"` + Key string `json:"key"` +} diff --git a/pkg/sdk3rd/ucloud/udnr/api_add_domain_dns.go b/pkg/sdk3rd/ucloud/udnr/api_add_domain_dns.go new file mode 100644 index 00000000..d0cfe4c5 --- /dev/null +++ b/pkg/sdk3rd/ucloud/udnr/api_add_domain_dns.go @@ -0,0 +1,44 @@ +package udnr + +import ( + "github.com/ucloud/ucloud-sdk-go/ucloud/request" + "github.com/ucloud/ucloud-sdk-go/ucloud/response" +) + +type AddDomainDNSRequest struct { + request.CommonBase + + Dn *string `required:"true"` + DnsType *string `required:"true"` + RecordName *string `required:"true"` + Content *string `required:"true"` + TTL *int `required:"true"` + Prio *int `required:"false"` +} + +type AddDomainDNSResponse struct { + response.CommonBase +} + +func (c *UDNRClient) NewAddDomainDNSRequest() *AddDomainDNSRequest { + req := &AddDomainDNSRequest{} + + c.Client.SetupRequest(req) + + req.SetRetryable(false) + return req +} + +func (c *UDNRClient) AddDomainDNS(req *AddDomainDNSRequest) (*AddDomainDNSResponse, error) { + var err error + var res AddDomainDNSResponse + + reqCopier := *req + + err = c.Client.InvokeAction("UdnrDomainDNSAdd", &reqCopier, &res) + if err != nil { + return &res, err + } + + return &res, nil +} diff --git a/pkg/sdk3rd/ucloud/udnr/api_delete_domain_dns.go b/pkg/sdk3rd/ucloud/udnr/api_delete_domain_dns.go new file mode 100644 index 00000000..11ddce01 --- /dev/null +++ b/pkg/sdk3rd/ucloud/udnr/api_delete_domain_dns.go @@ -0,0 +1,42 @@ +package udnr + +import ( + "github.com/ucloud/ucloud-sdk-go/ucloud/request" + "github.com/ucloud/ucloud-sdk-go/ucloud/response" +) + +type DeleteDomainDNSRequest struct { + request.CommonBase + + Dn *string `required:"true"` + DnsType *string `required:"true"` + RecordName *string `required:"true"` + Content *string `required:"true"` +} + +type DeleteDomainDNSResponse struct { + response.CommonBase +} + +func (c *UDNRClient) NewDeleteDomainDNSRequest() *DeleteDomainDNSRequest { + req := &DeleteDomainDNSRequest{} + + c.Client.SetupRequest(req) + + req.SetRetryable(false) + return req +} + +func (c *UDNRClient) DeleteDomainDNS(req *DeleteDomainDNSRequest) (*DeleteDomainDNSResponse, error) { + var err error + var res DeleteDomainDNSResponse + + reqCopier := *req + + err = c.Client.InvokeAction("UdnrDeleteDnsRecord", &reqCopier, &res) + if err != nil { + return &res, err + } + + return &res, nil +} diff --git a/pkg/sdk3rd/ucloud/udnr/api_query_domain_dns.go b/pkg/sdk3rd/ucloud/udnr/api_query_domain_dns.go new file mode 100644 index 00000000..cabfd155 --- /dev/null +++ b/pkg/sdk3rd/ucloud/udnr/api_query_domain_dns.go @@ -0,0 +1,41 @@ +package udnr + +import ( + "github.com/ucloud/ucloud-sdk-go/ucloud/request" + "github.com/ucloud/ucloud-sdk-go/ucloud/response" +) + +type QueryDomainDNSRequest struct { + request.CommonBase + + Dn *string `required:"true"` +} + +type QueryDomainDNSResponse struct { + response.CommonBase + + Data []DomainDNSRecord +} + +func (c *UDNRClient) NewQueryDomainDNSRequest() *QueryDomainDNSRequest { + req := &QueryDomainDNSRequest{} + + c.Client.SetupRequest(req) + + req.SetRetryable(false) + return req +} + +func (c *UDNRClient) QueryDomainDNS(req *QueryDomainDNSRequest) (*QueryDomainDNSResponse, error) { + var err error + var res QueryDomainDNSResponse + + reqCopier := *req + + err = c.Client.InvokeAction("UdnrDomainDNSQuery", &reqCopier, &res) + if err != nil { + return &res, err + } + + return &res, nil +} diff --git a/internal/pkg/sdk3rd/ucloud/udnr/client.go b/pkg/sdk3rd/ucloud/udnr/client.go similarity index 100% rename from internal/pkg/sdk3rd/ucloud/udnr/client.go rename to pkg/sdk3rd/ucloud/udnr/client.go diff --git a/internal/pkg/sdk3rd/ucloud/udnr/models.go b/pkg/sdk3rd/ucloud/udnr/types.go similarity index 100% rename from internal/pkg/sdk3rd/ucloud/udnr/models.go rename to pkg/sdk3rd/ucloud/udnr/types.go diff --git a/internal/pkg/sdk3rd/ucloud/ufile/apis.go b/pkg/sdk3rd/ucloud/ufile/api_add_ufile_ssl_cert.go similarity index 100% rename from internal/pkg/sdk3rd/ucloud/ufile/apis.go rename to pkg/sdk3rd/ucloud/ufile/api_add_ufile_ssl_cert.go diff --git a/internal/pkg/sdk3rd/ucloud/ufile/client.go b/pkg/sdk3rd/ucloud/ufile/client.go similarity index 100% rename from internal/pkg/sdk3rd/ucloud/ufile/client.go rename to pkg/sdk3rd/ucloud/ufile/client.go diff --git a/pkg/sdk3rd/ucloud/ussl/api_download_certificate.go b/pkg/sdk3rd/ucloud/ussl/api_download_certificate.go new file mode 100644 index 00000000..3d262e9e --- /dev/null +++ b/pkg/sdk3rd/ucloud/ussl/api_download_certificate.go @@ -0,0 +1,43 @@ +package ussl + +import ( + "github.com/ucloud/ucloud-sdk-go/ucloud/request" + "github.com/ucloud/ucloud-sdk-go/ucloud/response" +) + +type DownloadCertificateRequest struct { + request.CommonBase + + CertificateID *int `required:"true"` +} + +type DownloadCertificateResponse struct { + response.CommonBase + + CertificateUrl string + CertCA *CertificateDownloadInfo + Certificate *CertificateDownloadInfo +} + +func (c *USSLClient) NewDownloadCertificateRequest() *DownloadCertificateRequest { + req := &DownloadCertificateRequest{} + + c.Client.SetupRequest(req) + + req.SetRetryable(false) + return req +} + +func (c *USSLClient) DownloadCertificate(req *DownloadCertificateRequest) (*DownloadCertificateResponse, error) { + var err error + var res DownloadCertificateResponse + + reqCopier := *req + + err = c.Client.InvokeAction("DownloadCertificate", &reqCopier, &res) + if err != nil { + return &res, err + } + + return &res, nil +} diff --git a/pkg/sdk3rd/ucloud/ussl/api_get_certificate_detail_info.go b/pkg/sdk3rd/ucloud/ussl/api_get_certificate_detail_info.go new file mode 100644 index 00000000..2ab11aa7 --- /dev/null +++ b/pkg/sdk3rd/ucloud/ussl/api_get_certificate_detail_info.go @@ -0,0 +1,41 @@ +package ussl + +import ( + "github.com/ucloud/ucloud-sdk-go/ucloud/request" + "github.com/ucloud/ucloud-sdk-go/ucloud/response" +) + +type GetCertificateDetailInfoRequest struct { + request.CommonBase + + CertificateID *int `required:"true"` +} + +type GetCertificateDetailInfoResponse struct { + response.CommonBase + + CertificateInfo *CertificateInfo +} + +func (c *USSLClient) NewGetCertificateDetailInfoRequest() *GetCertificateDetailInfoRequest { + req := &GetCertificateDetailInfoRequest{} + + c.Client.SetupRequest(req) + + req.SetRetryable(false) + return req +} + +func (c *USSLClient) GetCertificateDetailInfo(req *GetCertificateDetailInfoRequest) (*GetCertificateDetailInfoResponse, error) { + var err error + var res GetCertificateDetailInfoResponse + + reqCopier := *req + + err = c.Client.InvokeAction("GetCertificateDetailInfo", &reqCopier, &res) + if err != nil { + return &res, err + } + + return &res, nil +} diff --git a/pkg/sdk3rd/ucloud/ussl/api_get_certificate_list.go b/pkg/sdk3rd/ucloud/ussl/api_get_certificate_list.go new file mode 100644 index 00000000..e746335d --- /dev/null +++ b/pkg/sdk3rd/ucloud/ussl/api_get_certificate_list.go @@ -0,0 +1,49 @@ +package ussl + +import ( + "github.com/ucloud/ucloud-sdk-go/ucloud/request" + "github.com/ucloud/ucloud-sdk-go/ucloud/response" +) + +type GetCertificateListRequest struct { + request.CommonBase + + Mode *string `required:"true"` + StateCode *string `required:"false"` + Brand *string `required:"false"` + CaOrganization *string `required:"false"` + Domain *string `required:"false"` + Sort *string `required:"false"` + Page *int `required:"false"` + PageSize *int `required:"false"` +} + +type GetCertificateListResponse struct { + response.CommonBase + + CertificateList []*CertificateListItem + TotalCount int +} + +func (c *USSLClient) NewGetCertificateListRequest() *GetCertificateListRequest { + req := &GetCertificateListRequest{} + + c.Client.SetupRequest(req) + + req.SetRetryable(false) + return req +} + +func (c *USSLClient) GetCertificateList(req *GetCertificateListRequest) (*GetCertificateListResponse, error) { + var err error + var res GetCertificateListResponse + + reqCopier := *req + + err = c.Client.InvokeAction("GetCertificateList", &reqCopier, &res) + if err != nil { + return &res, err + } + + return &res, nil +} diff --git a/pkg/sdk3rd/ucloud/ussl/api_upload_normal_certificate.go b/pkg/sdk3rd/ucloud/ussl/api_upload_normal_certificate.go new file mode 100644 index 00000000..1a99e839 --- /dev/null +++ b/pkg/sdk3rd/ucloud/ussl/api_upload_normal_certificate.go @@ -0,0 +1,46 @@ +package ussl + +import ( + "github.com/ucloud/ucloud-sdk-go/ucloud/request" + "github.com/ucloud/ucloud-sdk-go/ucloud/response" +) + +type UploadNormalCertificateRequest struct { + request.CommonBase + + CertificateName *string `required:"true"` + SslPublicKey *string `required:"true"` + SslPrivateKey *string `required:"true"` + SslMD5 *string `required:"true"` + SslCaKey *string `required:"false"` +} + +type UploadNormalCertificateResponse struct { + response.CommonBase + + CertificateID int + LongResourceID string +} + +func (c *USSLClient) NewUploadNormalCertificateRequest() *UploadNormalCertificateRequest { + req := &UploadNormalCertificateRequest{} + + c.Client.SetupRequest(req) + + req.SetRetryable(false) + return req +} + +func (c *USSLClient) UploadNormalCertificate(req *UploadNormalCertificateRequest) (*UploadNormalCertificateResponse, error) { + var err error + var res UploadNormalCertificateResponse + + reqCopier := *req + + err = c.Client.InvokeAction("UploadNormalCertificate", &reqCopier, &res) + if err != nil { + return &res, err + } + + return &res, nil +} diff --git a/internal/pkg/sdk3rd/ucloud/ussl/client.go b/pkg/sdk3rd/ucloud/ussl/client.go similarity index 100% rename from internal/pkg/sdk3rd/ucloud/ussl/client.go rename to pkg/sdk3rd/ucloud/ussl/client.go diff --git a/internal/pkg/sdk3rd/ucloud/ussl/models.go b/pkg/sdk3rd/ucloud/ussl/types.go similarity index 100% rename from internal/pkg/sdk3rd/ucloud/ussl/models.go rename to pkg/sdk3rd/ucloud/ussl/types.go diff --git a/pkg/sdk3rd/upyun/console/api_get_https_certificate_manager.go b/pkg/sdk3rd/upyun/console/api_get_https_certificate_manager.go new file mode 100644 index 00000000..c2268117 --- /dev/null +++ b/pkg/sdk3rd/upyun/console/api_get_https_certificate_manager.go @@ -0,0 +1,55 @@ +package console + +import ( + "context" + "fmt" + "net/http" +) + +type HttpsCertificateManagerDomain struct { + Name string `json:"name"` + Type string `json:"type"` + BucketId int64 `json:"bucket_id"` + BucketName string `json:"bucket_name"` +} + +type GetHttpsCertificateManagerResponse struct { + apiResponseBase + + Data *struct { + apiResponseBaseData + + AuthenticateNum int32 `json:"authenticate_num"` + AuthenticateDomains []string `json:"authenticate_domain"` + Domains []HttpsCertificateManagerDomain `json:"domains"` + } `json:"data,omitempty"` +} + +func (c *Client) GetHttpsCertificateManager(certificateId string) (*GetHttpsCertificateManagerResponse, error) { + return c.GetHttpsCertificateManagerWithContext(context.Background(), certificateId) +} + +func (c *Client) GetHttpsCertificateManagerWithContext(ctx context.Context, certificateId string) (*GetHttpsCertificateManagerResponse, error) { + if certificateId == "" { + return nil, fmt.Errorf("sdkerr: unset certificateId") + } + + if err := c.ensureCookieExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodGet, "/api/https/certificate/manager/") + if err != nil { + return nil, err + } else { + httpreq.SetQueryParam("certificate_id", certificateId) + httpreq.SetContext(ctx) + } + + result := &GetHttpsCertificateManagerResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/upyun/console/api_get_https_service_manager.go b/pkg/sdk3rd/upyun/console/api_get_https_service_manager.go new file mode 100644 index 00000000..debc4fe9 --- /dev/null +++ b/pkg/sdk3rd/upyun/console/api_get_https_service_manager.go @@ -0,0 +1,60 @@ +package console + +import ( + "context" + "fmt" + "net/http" +) + +type GetHttpsServiceManagerResponse struct { + apiResponseBase + Data *struct { + apiResponseBaseData + Status int32 `json:"status"` + Domains []HttpsServiceManagerDomain `json:"result"` + } `json:"data,omitempty"` +} + +type HttpsServiceManagerDomain struct { + CertificateId string `json:"certificate_id"` + CommonName string `json:"commonName"` + Https bool `json:"https"` + ForceHttps bool `json:"force_https"` + PaymentType string `json:"payment_type"` + DomainType string `json:"domain_type"` + Validity HttpsServiceManagerDomainValidity `json:"validity"` +} + +type HttpsServiceManagerDomainValidity struct { + Start int64 `json:"start"` + End int64 `json:"end"` +} + +func (c *Client) GetHttpsServiceManager(domain string) (*GetHttpsServiceManagerResponse, error) { + return c.GetHttpsServiceManagerWithContext(context.Background(), domain) +} + +func (c *Client) GetHttpsServiceManagerWithContext(ctx context.Context, domain string) (*GetHttpsServiceManagerResponse, error) { + if domain == "" { + return nil, fmt.Errorf("sdkerr: unset domain") + } + + if err := c.ensureCookieExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodGet, "/api/https/services/manager") + if err != nil { + return nil, err + } else { + httpreq.SetQueryParam("domain", domain) + httpreq.SetContext(ctx) + } + + result := &GetHttpsServiceManagerResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/upyun/console/api_migrate_https_domain.go b/pkg/sdk3rd/upyun/console/api_migrate_https_domain.go new file mode 100644 index 00000000..3d1f8985 --- /dev/null +++ b/pkg/sdk3rd/upyun/console/api_migrate_https_domain.go @@ -0,0 +1,46 @@ +package console + +import ( + "context" + "net/http" +) + +type MigrateHttpsDomainRequest struct { + CertificateId string `json:"crt_id"` + Domain string `json:"domain_name"` +} + +type MigrateHttpsDomainResponse struct { + apiResponseBase + + Data *struct { + apiResponseBaseData + + Status bool `json:"status"` + } `json:"data,omitempty"` +} + +func (c *Client) MigrateHttpsDomain(req *MigrateHttpsDomainRequest) (*MigrateHttpsDomainResponse, error) { + return c.MigrateHttpsDomainWithContext(context.Background(), req) +} + +func (c *Client) MigrateHttpsDomainWithContext(ctx context.Context, req *MigrateHttpsDomainRequest) (*MigrateHttpsDomainResponse, error) { + if err := c.ensureCookieExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodPost, "/api/https/migrate/domain") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &MigrateHttpsDomainResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/upyun/console/api_update_https_certificate_manager.go b/pkg/sdk3rd/upyun/console/api_update_https_certificate_manager.go new file mode 100644 index 00000000..f8c4a9ea --- /dev/null +++ b/pkg/sdk3rd/upyun/console/api_update_https_certificate_manager.go @@ -0,0 +1,48 @@ +package console + +import ( + "context" + "net/http" +) + +type UpdateHttpsCertificateManagerRequest struct { + CertificateId string `json:"certificate_id"` + Domain string `json:"domain"` + Https bool `json:"https"` + ForceHttps bool `json:"force_https"` +} + +type UpdateHttpsCertificateManagerResponse struct { + apiResponseBase + + Data *struct { + apiResponseBaseData + + Status bool `json:"status"` + } `json:"data,omitempty"` +} + +func (c *Client) UpdateHttpsCertificateManager(req *UpdateHttpsCertificateManagerRequest) (*UpdateHttpsCertificateManagerResponse, error) { + return c.UpdateHttpsCertificateManagerWithContext(context.Background(), req) +} + +func (c *Client) UpdateHttpsCertificateManagerWithContext(ctx context.Context, req *UpdateHttpsCertificateManagerRequest) (*UpdateHttpsCertificateManagerResponse, error) { + if err := c.ensureCookieExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodPost, "/api/https/certificate/manager") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateHttpsCertificateManagerResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/upyun/console/api_upload_https_certificate.go b/pkg/sdk3rd/upyun/console/api_upload_https_certificate.go new file mode 100644 index 00000000..eaf99b51 --- /dev/null +++ b/pkg/sdk3rd/upyun/console/api_upload_https_certificate.go @@ -0,0 +1,51 @@ +package console + +import ( + "context" + "net/http" +) + +type UploadHttpsCertificateRequest struct { + Certificate string `json:"certificate"` + PrivateKey string `json:"private_key"` +} + +type UploadHttpsCertificateResponse struct { + apiResponseBase + + Data *struct { + apiResponseBaseData + + Status int32 `json:"status"` + Result struct { + CertificateId string `json:"certificate_id"` + CommonName string `json:"commonName"` + Serial string `json:"serial"` + } `json:"result"` + } `json:"data,omitempty"` +} + +func (c *Client) UploadHttpsCertificate(req *UploadHttpsCertificateRequest) (*UploadHttpsCertificateResponse, error) { + return c.UploadHttpsCertificateWithContext(context.Background(), req) +} + +func (c *Client) UploadHttpsCertificateWithContext(ctx context.Context, req *UploadHttpsCertificateRequest) (*UploadHttpsCertificateResponse, error) { + if err := c.ensureCookieExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodPost, "/api/https/certificate/") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UploadHttpsCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/upyun/console/client.go b/pkg/sdk3rd/upyun/console/client.go new file mode 100644 index 00000000..7af3e7ae --- /dev/null +++ b/pkg/sdk3rd/upyun/console/client.go @@ -0,0 +1,153 @@ +package console + +import ( + "encoding/json" + "errors" + "fmt" + "net/http" + "sync" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + username string + password string + + loginCookie string + loginCookieMtx sync.Mutex + + client *resty.Client +} + +func NewClient(username, password string) (*Client, error) { + if username == "" { + return nil, fmt.Errorf("sdkerr: unset username") + } + if password == "" { + return nil, fmt.Errorf("sdkerr: unset password") + } + + client := &Client{ + username: username, + password: password, + } + client.client = resty.New(). + SetBaseURL("https://console.upyun.com"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + if client.loginCookie != "" { + req.Header.Set("Cookie", client.loginCookie) + } + + return nil + }) + + return client, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tdata := res.GetData(); tdata == nil { + return resp, fmt.Errorf("sdkerr: empty data") + } else if terrcode := tdata.GetErrorCode(); terrcode != 0 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", terrcode, tdata.GetMessage()) + } + } + } + + return resp, nil +} + +func (c *Client) ensureCookieExists() error { + c.loginCookieMtx.Lock() + defer c.loginCookieMtx.Unlock() + if c.loginCookie != "" { + return nil + } + + httpreq, err := c.newRequest(http.MethodPost, "/accounts/signin/") + if err != nil { + return err + } else { + httpreq.SetBody(map[string]string{ + "username": c.username, + "password": c.password, + }) + } + + type signinResponse struct { + apiResponseBase + Data *struct { + apiResponseBaseData + Result bool `json:"result"` + } `json:"data,omitempty"` + } + + result := &signinResponse{} + httpresp, err := c.doRequestWithResult(httpreq, result) + if err != nil { + return err + } else if !result.Data.Result { + return errors.New("sdkerr: failed to signin upyun console") + } else { + c.loginCookie = httpresp.Header().Get("Set-Cookie") + } + + return nil +} diff --git a/pkg/sdk3rd/upyun/console/types.go b/pkg/sdk3rd/upyun/console/types.go new file mode 100644 index 00000000..70d3c1c3 --- /dev/null +++ b/pkg/sdk3rd/upyun/console/types.go @@ -0,0 +1,41 @@ +package console + +import ( + "encoding/json" +) + +type apiResponse interface { + GetData() *apiResponseBaseData +} + +type apiResponseBase struct { + Data *apiResponseBaseData `json:"data,omitempty"` +} + +func (r *apiResponseBase) GetData() *apiResponseBaseData { + return r.Data +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type apiResponseBaseData struct { + ErrorCode json.Number `json:"error_code,omitempty"` + Message string `json:"message,omitempty"` +} + +func (r *apiResponseBaseData) GetErrorCode() int32 { + if r.ErrorCode.String() == "" { + return 0 + } + + errcode, err := r.ErrorCode.Int64() + if err != nil { + return -1 + } + + return int32(errcode) +} + +func (r *apiResponseBaseData) GetMessage() string { + return r.Message +} diff --git a/internal/pkg/sdk3rd/volcengine/certcenter/api_import_certificate.go b/pkg/sdk3rd/volcengine/certcenter/api_import_certificate.go similarity index 100% rename from internal/pkg/sdk3rd/volcengine/certcenter/api_import_certificate.go rename to pkg/sdk3rd/volcengine/certcenter/api_import_certificate.go diff --git a/internal/pkg/sdk3rd/volcengine/certcenter/interface.go b/pkg/sdk3rd/volcengine/certcenter/interface.go similarity index 100% rename from internal/pkg/sdk3rd/volcengine/certcenter/interface.go rename to pkg/sdk3rd/volcengine/certcenter/interface.go diff --git a/internal/pkg/sdk3rd/volcengine/certcenter/service.go b/pkg/sdk3rd/volcengine/certcenter/service.go similarity index 100% rename from internal/pkg/sdk3rd/volcengine/certcenter/service.go rename to pkg/sdk3rd/volcengine/certcenter/service.go diff --git a/pkg/sdk3rd/wangsu/cdn/api_batch_update_certificate_config.go b/pkg/sdk3rd/wangsu/cdn/api_batch_update_certificate_config.go new file mode 100644 index 00000000..90598b0d --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdn/api_batch_update_certificate_config.go @@ -0,0 +1,36 @@ +package cdn + +import ( + "context" + "net/http" +) + +type BatchUpdateCertificateConfigRequest struct { + CertificateId int64 `json:"certificateId"` + DomainNames []string `json:"domainNames"` +} + +type BatchUpdateCertificateConfigResponse struct { + apiResponseBase +} + +func (c *Client) BatchUpdateCertificateConfig(req *BatchUpdateCertificateConfigRequest) (*BatchUpdateCertificateConfigResponse, error) { + return c.BatchUpdateCertificateConfigWithContext(context.Background(), req) +} + +func (c *Client) BatchUpdateCertificateConfigWithContext(ctx context.Context, req *BatchUpdateCertificateConfigRequest) (*BatchUpdateCertificateConfigResponse, error) { + httpreq, err := c.newRequest(http.MethodPut, "/api/config/certificate/batch") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &BatchUpdateCertificateConfigResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/cdn/client.go b/pkg/sdk3rd/wangsu/cdn/client.go new file mode 100644 index 00000000..e2885587 --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdn/client.go @@ -0,0 +1,47 @@ +package cdn + +import ( + "fmt" + "time" + + "github.com/go-resty/resty/v2" + + "github.com/certimate-go/certimate/pkg/sdk3rd/wangsu/openapi" +) + +type Client struct { + client *openapi.Client +} + +func NewClient(accessKey, secretKey string) (*Client, error) { + client, err := openapi.NewClient(accessKey, secretKey) + if err != nil { + return nil, err + } + + return &Client{client: client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + return c.client.NewRequest(method, path) +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + resp, err := c.client.DoRequestWithResult(req, res) + if err == nil { + if tcode := res.GetCode(); tcode != "" && tcode != "0" { + return resp, fmt.Errorf("sdkerr: api error, code='%s', message='%s'", tcode, res.GetMessage()) + } + } + + return resp, err +} diff --git a/pkg/sdk3rd/wangsu/cdn/types.go b/pkg/sdk3rd/wangsu/cdn/types.go new file mode 100644 index 00000000..a436ba49 --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdn/types.go @@ -0,0 +1,29 @@ +package cdn + +type apiResponse interface { + GetCode() string + GetMessage() string +} + +type apiResponseBase struct { + Code *string `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +var _ apiResponse = (*apiResponseBase)(nil) + +func (r *apiResponseBase) GetCode() string { + if r.Code == nil { + return "" + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} diff --git a/pkg/sdk3rd/wangsu/cdnpro/api_create_certificate.go b/pkg/sdk3rd/wangsu/cdnpro/api_create_certificate.go new file mode 100644 index 00000000..ef473dab --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdnpro/api_create_certificate.go @@ -0,0 +1,46 @@ +package cdnpro + +import ( + "context" + "fmt" + "net/http" +) + +type CreateCertificateRequest struct { + Timestamp int64 `json:"-"` + Name *string `json:"name,omitempty"` + Description *string `json:"description,omitempty"` + AutoRenew *string `json:"autoRenew,omitempty"` + ForceRenew *bool `json:"forceRenew,omitempty"` + NewVersion *CertificateVersionInfo `json:"newVersion,omitempty"` +} + +type CreateCertificateResponse struct { + apiResponseBase + + CertificateLocation string `json:"location,omitempty"` +} + +func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { + return c.CreateCertificateWithContext(context.Background(), req) +} + +func (c *Client) CreateCertificateWithContext(ctx context.Context, req *CreateCertificateRequest) (*CreateCertificateResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/cdn/certificates") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetHeader("X-CNC-Timestamp", fmt.Sprintf("%d", req.Timestamp)) + httpreq.SetContext(ctx) + } + + result := &CreateCertificateResponse{} + if httpresp, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } else { + result.CertificateLocation = httpresp.Header().Get("Location") + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/cdnpro/api_create_deployment_task.go b/pkg/sdk3rd/wangsu/cdnpro/api_create_deployment_task.go new file mode 100644 index 00000000..0ba2fa68 --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdnpro/api_create_deployment_task.go @@ -0,0 +1,42 @@ +package cdnpro + +import ( + "context" + "net/http" +) + +type CreateDeploymentTaskRequest struct { + Name *string `json:"name,omitempty"` + Target *string `json:"target,omitempty"` + Actions *[]DeploymentTaskActionInfo `json:"actions,omitempty"` + Webhook *string `json:"webhook,omitempty"` +} + +type CreateDeploymentTaskResponse struct { + apiResponseBase + + DeploymentTaskLocation string `json:"location,omitempty"` +} + +func (c *Client) CreateDeploymentTask(req *CreateDeploymentTaskRequest) (*CreateDeploymentTaskResponse, error) { + return c.CreateDeploymentTaskWithContext(context.Background(), req) +} + +func (c *Client) CreateDeploymentTaskWithContext(ctx context.Context, req *CreateDeploymentTaskRequest) (*CreateDeploymentTaskResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/cdn/deploymentTasks") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &CreateDeploymentTaskResponse{} + if httpresp, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } else { + result.DeploymentTaskLocation = httpresp.Header().Get("Location") + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/cdnpro/api_get_deployment_task_detail.go b/pkg/sdk3rd/wangsu/cdnpro/api_get_deployment_task_detail.go new file mode 100644 index 00000000..9200fe97 --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdnpro/api_get_deployment_task_detail.go @@ -0,0 +1,45 @@ +package cdnpro + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type GetDeploymentTaskDetailResponse struct { + apiResponseBase + + Name string `json:"name"` + Target string `json:"target"` + Actions []DeploymentTaskActionInfo `json:"actions"` + Status string `json:"status"` + StatusDetails string `json:"statusDetails"` + SubmissionTime string `json:"submissionTime"` + FinishTime string `json:"finishTime"` + ApiRequestId string `json:"apiRequestId"` +} + +func (c *Client) GetDeploymentTaskDetail(deploymentTaskId string) (*GetDeploymentTaskDetailResponse, error) { + return c.GetDeploymentTaskDetailWithContext(context.Background(), deploymentTaskId) +} + +func (c *Client) GetDeploymentTaskDetailWithContext(ctx context.Context, deploymentTaskId string) (*GetDeploymentTaskDetailResponse, error) { + if deploymentTaskId == "" { + return nil, fmt.Errorf("sdkerr: unset deploymentTaskId") + } + + httpreq, err := c.newRequest(http.MethodGet, fmt.Sprintf("/cdn/deploymentTasks/%s", url.PathEscape(deploymentTaskId))) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &GetDeploymentTaskDetailResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/cdnpro/api_get_hostname_detail.go b/pkg/sdk3rd/wangsu/cdnpro/api_get_hostname_detail.go new file mode 100644 index 00000000..85796c8c --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdnpro/api_get_hostname_detail.go @@ -0,0 +1,40 @@ +package cdnpro + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type GetHostnameDetailResponse struct { + apiResponseBase + + Hostname string `json:"hostname"` + PropertyInProduction *HostnamePropertyInfo `json:"propertyInProduction,omitempty"` + PropertyInStaging *HostnamePropertyInfo `json:"propertyInStaging,omitempty"` +} + +func (c *Client) GetHostnameDetail(hostname string) (*GetHostnameDetailResponse, error) { + return c.GetHostnameDetailWithContext(context.Background(), hostname) +} + +func (c *Client) GetHostnameDetailWithContext(ctx context.Context, hostname string) (*GetHostnameDetailResponse, error) { + if hostname == "" { + return nil, fmt.Errorf("sdkerr: unset hostname") + } + + httpreq, err := c.newRequest(http.MethodGet, fmt.Sprintf("/cdn/hostnames/%s", url.PathEscape(hostname))) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &GetHostnameDetailResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/cdnpro/api_update_certificate.go b/pkg/sdk3rd/wangsu/cdnpro/api_update_certificate.go new file mode 100644 index 00000000..59859bbf --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdnpro/api_update_certificate.go @@ -0,0 +1,51 @@ +package cdnpro + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type UpdateCertificateRequest struct { + Timestamp int64 `json:"-"` + Name *string `json:"name,omitempty"` + Description *string `json:"description,omitempty"` + AutoRenew *string `json:"autoRenew,omitempty"` + ForceRenew *bool `json:"forceRenew,omitempty"` + NewVersion *CertificateVersionInfo `json:"newVersion,omitempty"` +} + +type UpdateCertificateResponse struct { + apiResponseBase + + CertificateLocation string `json:"location,omitempty"` +} + +func (c *Client) UpdateCertificate(certificateId string, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + return c.UpdateCertificateWithContext(context.Background(), certificateId, req) +} + +func (c *Client) UpdateCertificateWithContext(ctx context.Context, certificateId string, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + if certificateId == "" { + return nil, fmt.Errorf("sdkerr: unset certificateId") + } + + httpreq, err := c.newRequest(http.MethodPatch, fmt.Sprintf("/cdn/certificates/%s", url.PathEscape(certificateId))) + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetHeader("X-CNC-Timestamp", fmt.Sprintf("%d", req.Timestamp)) + httpreq.SetContext(ctx) + } + + result := &UpdateCertificateResponse{} + if httpresp, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } else { + result.CertificateLocation = httpresp.Header().Get("Location") + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/cdnpro/client.go b/pkg/sdk3rd/wangsu/cdnpro/client.go new file mode 100644 index 00000000..456a3d24 --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdnpro/client.go @@ -0,0 +1,39 @@ +package cdnpro + +import ( + "time" + + "github.com/go-resty/resty/v2" + + "github.com/certimate-go/certimate/pkg/sdk3rd/wangsu/openapi" +) + +type Client struct { + client *openapi.Client +} + +func NewClient(accessKey, secretKey string) (*Client, error) { + client, err := openapi.NewClient(accessKey, secretKey) + if err != nil { + return nil, err + } + + return &Client{client: client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + return c.client.NewRequest(method, path) +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + return c.client.DoRequestWithResult(req, res) +} diff --git a/pkg/sdk3rd/wangsu/cdnpro/types.go b/pkg/sdk3rd/wangsu/cdnpro/types.go new file mode 100644 index 00000000..d82d3b09 --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdnpro/types.go @@ -0,0 +1,61 @@ +package cdnpro + +type apiResponse interface { + GetCode() string + GetMessage() string +} + +type apiResponseBase struct { + Code *string `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +var _ apiResponse = (*apiResponseBase)(nil) + +func (r *apiResponseBase) GetCode() string { + if r.Code == nil { + return "" + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +type CertificateVersionInfo struct { + Comments *string `json:"comments,omitempty"` + PrivateKey *string `json:"privateKey,omitempty"` + Certificate *string `json:"certificate,omitempty"` + ChainCert *string `json:"chainCert,omitempty"` + IdentificationInfo *CertificateVersionIdentificationInfo `json:"identificationInfo,omitempty"` +} + +type CertificateVersionIdentificationInfo struct { + Country *string `json:"country,omitempty"` + State *string `json:"state,omitempty"` + City *string `json:"city,omitempty"` + Company *string `json:"company,omitempty"` + Department *string `json:"department,omitempty"` + CommonName *string `json:"commonName,omitempty"` + Email *string `json:"email,omitempty"` + SubjectAlternativeNames *[]string `json:"subjectAlternativeNames,omitempty"` +} + +type HostnamePropertyInfo struct { + PropertyId string `json:"propertyId"` + Version int32 `json:"version"` + CertificateId *string `json:"certificateId,omitempty"` +} + +type DeploymentTaskActionInfo struct { + Action *string `json:"action,omitempty"` + PropertyId *string `json:"propertyId,omitempty"` + CertificateId *string `json:"certificateId,omitempty"` + Version *int32 `json:"version,omitempty"` +} diff --git a/pkg/sdk3rd/wangsu/certificate/api_create_certificate.go b/pkg/sdk3rd/wangsu/certificate/api_create_certificate.go new file mode 100644 index 00000000..30ebb99d --- /dev/null +++ b/pkg/sdk3rd/wangsu/certificate/api_create_certificate.go @@ -0,0 +1,42 @@ +package certificate + +import ( + "context" + "net/http" +) + +type CreateCertificateRequest struct { + Name *string `json:"name,omitempty"` + Certificate *string `json:"certificate,omitempty"` + PrivateKey *string `json:"privateKey,omitempty"` + Comment *string `json:"comment,omitempty" ` +} + +type CreateCertificateResponse struct { + apiResponseBase + + CertificateLocation string `json:"location,omitempty"` +} + +func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { + return c.CreateCertificateWithContext(context.Background(), req) +} + +func (c *Client) CreateCertificateWithContext(ctx context.Context, req *CreateCertificateRequest) (*CreateCertificateResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/api/certificate") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &CreateCertificateResponse{} + if httpresp, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } else { + result.CertificateLocation = httpresp.Header().Get("Location") + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/certificate/api_list_certificates.go b/pkg/sdk3rd/wangsu/certificate/api_list_certificates.go new file mode 100644 index 00000000..e62c1276 --- /dev/null +++ b/pkg/sdk3rd/wangsu/certificate/api_list_certificates.go @@ -0,0 +1,32 @@ +package certificate + +import ( + "context" + "net/http" +) + +type ListCertificatesResponse struct { + apiResponseBase + + Certificates []*CertificateRecord `json:"ssl-certificates,omitempty"` +} + +func (c *Client) ListCertificates() (*ListCertificatesResponse, error) { + return c.ListCertificatesWithContext(context.Background()) +} + +func (c *Client) ListCertificatesWithContext(ctx context.Context) (*ListCertificatesResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/api/ssl/certificate") + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &ListCertificatesResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/certificate/api_update_certificate.go b/pkg/sdk3rd/wangsu/certificate/api_update_certificate.go new file mode 100644 index 00000000..2158b4f6 --- /dev/null +++ b/pkg/sdk3rd/wangsu/certificate/api_update_certificate.go @@ -0,0 +1,44 @@ +package certificate + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type UpdateCertificateRequest struct { + Name *string `json:"name,omitempty"` + Certificate *string `json:"certificate,omitempty"` + PrivateKey *string `json:"privateKey,omitempty"` + Comment *string `json:"comment,omitempty" ` +} + +type UpdateCertificateResponse struct { + apiResponseBase +} + +func (c *Client) UpdateCertificate(certificateId string, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + return c.UpdateCertificateWithContext(context.Background(), certificateId, req) +} + +func (c *Client) UpdateCertificateWithContext(ctx context.Context, certificateId string, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + if certificateId == "" { + return nil, fmt.Errorf("sdkerr: unset certificateId") + } + + httpreq, err := c.newRequest(http.MethodPut, fmt.Sprintf("/api/certificate/%s", url.PathEscape(certificateId))) + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/certificate/client.go b/pkg/sdk3rd/wangsu/certificate/client.go new file mode 100644 index 00000000..c59fdb1b --- /dev/null +++ b/pkg/sdk3rd/wangsu/certificate/client.go @@ -0,0 +1,39 @@ +package certificate + +import ( + "time" + + "github.com/go-resty/resty/v2" + + "github.com/certimate-go/certimate/pkg/sdk3rd/wangsu/openapi" +) + +type Client struct { + client *openapi.Client +} + +func NewClient(accessKey, secretKey string) (*Client, error) { + client, err := openapi.NewClient(accessKey, secretKey) + if err != nil { + return nil, err + } + + return &Client{client: client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + return c.client.NewRequest(method, path) +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + return c.client.DoRequestWithResult(req, res) +} diff --git a/pkg/sdk3rd/wangsu/certificate/types.go b/pkg/sdk3rd/wangsu/certificate/types.go new file mode 100644 index 00000000..02ba6579 --- /dev/null +++ b/pkg/sdk3rd/wangsu/certificate/types.go @@ -0,0 +1,38 @@ +package certificate + +type apiResponse interface { + GetCode() string + GetMessage() string +} + +type apiResponseBase struct { + Code *string `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +var _ apiResponse = (*apiResponseBase)(nil) + +func (r *apiResponseBase) GetCode() string { + if r.Code == nil { + return "" + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +type CertificateRecord struct { + CertificateId string `json:"certificate-id"` + Name string `json:"name"` + Comment string `json:"comment"` + ValidityFrom string `json:"certificate-validity-from"` + ValidityTo string `json:"certificate-validity-to"` + Serial string `json:"certificate-serial"` +} diff --git a/internal/pkg/sdk3rd/wangsu/openapi/client.go b/pkg/sdk3rd/wangsu/openapi/client.go similarity index 69% rename from internal/pkg/sdk3rd/wangsu/openapi/client.go rename to pkg/sdk3rd/wangsu/openapi/client.go index 09723032..4d6c50d6 100644 --- a/internal/pkg/sdk3rd/wangsu/openapi/client.go +++ b/pkg/sdk3rd/wangsu/openapi/client.go @@ -23,11 +23,14 @@ type Client struct { client *resty.Client } -type Result interface { - SetRequestId(requestId string) -} +func NewClient(accessKey, secretKey string) (*Client, error) { + if accessKey == "" { + return nil, fmt.Errorf("sdkerr: unset accessKey") + } + if secretKey == "" { + return nil, fmt.Errorf("sdkerr: unset secretKey") + } -func NewClient(accessKey, secretKey string) *Client { client := resty.New(). SetBaseURL("https://open.chinanetcenter.com"). SetHeader("Accept", "application/json"). @@ -125,67 +128,64 @@ func NewClient(accessKey, secretKey string) *Client { accessKey: accessKey, secretKey: secretKey, client: client, - } + }, nil } -func (c *Client) WithTimeout(timeout time.Duration) *Client { +func (c *Client) SetTimeout(timeout time.Duration) *Client { c.client.SetTimeout(timeout) return c } -func (c *Client) sendRequest(method string, path string, params interface{}, configureReq ...func(req *resty.Request)) (*resty.Response, error) { +func (c *Client) NewRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } + req.Method = method + req.URL = path + return req, nil +} - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) +func (c *Client) DoRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") } - if configureReq != nil { - for _, fn := range configureReq { - fn(req) - } - } + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. - resp, err := req.Execute(method, path) + resp, err := req.Send() if err != nil { - return resp, fmt.Errorf("wangsu api error: failed to send request: %w", err) + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) } else if resp.IsError() { - return resp, fmt.Errorf("wangsu api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } return resp, nil } -func (c *Client) SendRequestWithResult(method string, path string, params interface{}, result Result, configureReq ...func(req *resty.Request)) (*resty.Response, error) { - resp, err := c.sendRequest(method, path, params, configureReq...) +func (c *Client) DoRequestWithResult(req *resty.Request, res any) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.DoRequest(req) if err != nil { if resp != nil { - json.Unmarshal(resp.Body(), &result) - result.SetRequestId(resp.Header().Get("X-CNC-Request-Id")) + json.Unmarshal(resp.Body(), &res) } return resp, err } - respBody := resp.Body() - if len(respBody) != 0 { - if err := json.Unmarshal(respBody, &result); err != nil { - return resp, fmt.Errorf("wangsu api error: failed to unmarshal response: %w", err) + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) } } - result.SetRequestId(resp.Header().Get("X-CNC-Request-Id")) return resp, nil } diff --git a/internal/pkg/utils/cert/common.go b/pkg/utils/cert/common.go similarity index 97% rename from internal/pkg/utils/cert/common.go rename to pkg/utils/cert/common.go index 08a7cea2..56703125 100644 --- a/internal/pkg/utils/cert/common.go +++ b/pkg/utils/cert/common.go @@ -1,4 +1,4 @@ -package certutil +package cert import ( "crypto/x509" diff --git a/internal/pkg/utils/cert/converter.go b/pkg/utils/cert/converter.go similarity index 98% rename from internal/pkg/utils/cert/converter.go rename to pkg/utils/cert/converter.go index 0d7e4c53..f6fddcde 100644 --- a/internal/pkg/utils/cert/converter.go +++ b/pkg/utils/cert/converter.go @@ -1,4 +1,4 @@ -package certutil +package cert import ( "crypto/ecdsa" diff --git a/internal/pkg/utils/cert/extractor.go b/pkg/utils/cert/extractor.go similarity index 98% rename from internal/pkg/utils/cert/extractor.go rename to pkg/utils/cert/extractor.go index a4077d37..1e116b1f 100644 --- a/internal/pkg/utils/cert/extractor.go +++ b/pkg/utils/cert/extractor.go @@ -1,4 +1,4 @@ -package certutil +package cert import ( "encoding/pem" diff --git a/internal/pkg/utils/cert/parser.go b/pkg/utils/cert/parser.go similarity index 99% rename from internal/pkg/utils/cert/parser.go rename to pkg/utils/cert/parser.go index 3ecb8639..698bf7e9 100644 --- a/internal/pkg/utils/cert/parser.go +++ b/pkg/utils/cert/parser.go @@ -1,4 +1,4 @@ -package certutil +package cert import ( "crypto" diff --git a/internal/pkg/utils/cert/transformer.go b/pkg/utils/cert/transformer.go similarity index 99% rename from internal/pkg/utils/cert/transformer.go rename to pkg/utils/cert/transformer.go index 74690013..bf467efa 100644 --- a/internal/pkg/utils/cert/transformer.go +++ b/pkg/utils/cert/transformer.go @@ -1,4 +1,4 @@ -package certutil +package cert import ( "bytes" diff --git a/internal/pkg/utils/file/io.go b/pkg/utils/file/io.go similarity index 98% rename from internal/pkg/utils/file/io.go rename to pkg/utils/file/io.go index 58b5b970..4dc0d0a4 100644 --- a/internal/pkg/utils/file/io.go +++ b/pkg/utils/file/io.go @@ -1,4 +1,4 @@ -package fileutil +package file import ( "fmt" diff --git a/internal/pkg/utils/http/parser.go b/pkg/utils/http/parser.go similarity index 96% rename from internal/pkg/utils/http/parser.go rename to pkg/utils/http/parser.go index 872fb6b5..a3eec9ef 100644 --- a/internal/pkg/utils/http/parser.go +++ b/pkg/utils/http/parser.go @@ -1,4 +1,4 @@ -package httputil +package http import ( "bufio" diff --git a/internal/pkg/utils/http/transport.go b/pkg/utils/http/transport.go similarity index 97% rename from internal/pkg/utils/http/transport.go rename to pkg/utils/http/transport.go index ff8c8804..3274cbdf 100644 --- a/internal/pkg/utils/http/transport.go +++ b/pkg/utils/http/transport.go @@ -1,4 +1,4 @@ -package httputil +package http import ( "net" diff --git a/internal/pkg/utils/map/getter.go b/pkg/utils/maps/get.go similarity index 99% rename from internal/pkg/utils/map/getter.go rename to pkg/utils/maps/get.go index 3829b4b5..eea75cbb 100644 --- a/internal/pkg/utils/map/getter.go +++ b/pkg/utils/maps/get.go @@ -1,4 +1,4 @@ -package maputil +package maps import ( "strconv" diff --git a/internal/pkg/utils/map/marshal.go b/pkg/utils/maps/marshal.go similarity index 97% rename from internal/pkg/utils/map/marshal.go rename to pkg/utils/maps/marshal.go index 236b32e2..1c1dfe16 100644 --- a/internal/pkg/utils/map/marshal.go +++ b/pkg/utils/maps/marshal.go @@ -1,4 +1,4 @@ -package maputil +package maps import ( mapstructure "github.com/go-viper/mapstructure/v2" diff --git a/internal/pkg/utils/slice/iter.go b/pkg/utils/slices/iter.go similarity index 99% rename from internal/pkg/utils/slice/iter.go rename to pkg/utils/slices/iter.go index f1c7fc0f..04a97a9d 100644 --- a/internal/pkg/utils/slice/iter.go +++ b/pkg/utils/slices/iter.go @@ -1,4 +1,4 @@ -package sliceutil +package slices // 创建给定切片一部分的浅拷贝,其包含通过所提供函数实现的测试的所有元素。 // diff --git a/internal/pkg/utils/type/assert.go b/pkg/utils/types/assert.go similarity index 96% rename from internal/pkg/utils/type/assert.go rename to pkg/utils/types/assert.go index e1413041..b6701430 100644 --- a/internal/pkg/utils/type/assert.go +++ b/pkg/utils/types/assert.go @@ -1,4 +1,4 @@ -package typeutil +package types import ( "reflect" diff --git a/internal/pkg/utils/type/cast.go b/pkg/utils/types/cast.go similarity index 97% rename from internal/pkg/utils/type/cast.go rename to pkg/utils/types/cast.go index 8c34dc0f..4420b90f 100644 --- a/internal/pkg/utils/type/cast.go +++ b/pkg/utils/types/cast.go @@ -1,4 +1,4 @@ -package typeutil +package types import ( "reflect" diff --git a/ui/public/robots.txt b/ui/public/robots.txt new file mode 100644 index 00000000..7211b8ac --- /dev/null +++ b/ui/public/robots.txt @@ -0,0 +1,2 @@ +User-Agent: * +Disallow: / diff --git a/ui/src/components/Version.tsx b/ui/src/components/Version.tsx index e9245b1c..d63e4969 100644 --- a/ui/src/components/Version.tsx +++ b/ui/src/components/Version.tsx @@ -28,7 +28,7 @@ const Version = ({ className, style }: VersionProps) => { - + {version} diff --git a/ui/src/components/access/AccessForm.tsx b/ui/src/components/access/AccessForm.tsx index 91d7139f..2d8bee1b 100644 --- a/ui/src/components/access/AccessForm.tsx +++ b/ui/src/components/access/AccessForm.tsx @@ -109,7 +109,6 @@ const AccessForm = forwardRef(({ className, const formSchema = z.object({ name: z .string({ message: t("access.form.name.placeholder") }) - .trim() .min(1, t("access.form.name.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), provider: z.nativeEnum(ACCESS_PROVIDERS, { diff --git a/ui/src/components/access/AccessForm1PanelConfig.tsx b/ui/src/components/access/AccessForm1PanelConfig.tsx index 56792a02..3af64e98 100644 --- a/ui/src/components/access/AccessForm1PanelConfig.tsx +++ b/ui/src/components/access/AccessForm1PanelConfig.tsx @@ -32,8 +32,7 @@ const AccessForm1PanelConfig = ({ form: formInst, formName, disabled, initialVal apiKey: z .string() .min(1, t("access.form.1panel_api_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormACMECAConfig.tsx b/ui/src/components/access/AccessFormACMECAConfig.tsx index d3075f22..fbba1c73 100644 --- a/ui/src/components/access/AccessFormACMECAConfig.tsx +++ b/ui/src/components/access/AccessFormACMECAConfig.tsx @@ -26,8 +26,8 @@ const AccessFormACMECAConfig = ({ form: formInst, formName, disabled, initialVal const formSchema = z.object({ endpoint: z.string().url(t("common.errmsg.url_invalid")), - eabKid: z.string().trim().nullish(), - eabHmacKey: z.string().trim().nullish(), + eabKid: z.string().nullish(), + eabHmacKey: z.string().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormACMEHttpReqConfig.tsx b/ui/src/components/access/AccessFormACMEHttpReqConfig.tsx index 57cbc22d..6cdd8e3c 100644 --- a/ui/src/components/access/AccessFormACMEHttpReqConfig.tsx +++ b/ui/src/components/access/AccessFormACMEHttpReqConfig.tsx @@ -31,12 +31,10 @@ const AccessFormACMEHttpReqConfig = ({ form: formInst, formName, disabled, initi username: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), password: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormAPISIXConfig.tsx b/ui/src/components/access/AccessFormAPISIXConfig.tsx index 856a6565..71de8521 100644 --- a/ui/src/components/access/AccessFormAPISIXConfig.tsx +++ b/ui/src/components/access/AccessFormAPISIXConfig.tsx @@ -27,7 +27,7 @@ const AccessFormAPISIXConfig = ({ form: formInst, formName, disabled, initialVal const formSchema = z.object({ serverUrl: z.string().url(t("common.errmsg.url_invalid")), - apiKey: z.string().trim().nonempty(t("access.form.apisix_api_key.placeholder")), + apiKey: z.string().nonempty(t("access.form.apisix_api_key.placeholder")), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormAWSConfig.tsx b/ui/src/components/access/AccessFormAWSConfig.tsx index 1eee6247..89500feb 100644 --- a/ui/src/components/access/AccessFormAWSConfig.tsx +++ b/ui/src/components/access/AccessFormAWSConfig.tsx @@ -29,13 +29,11 @@ const AccessFormAWSConfig = ({ form: formInst, formName, disabled, initialValues accessKeyId: z .string() .min(1, t("access.form.aws_access_key_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), secretAccessKey: z .string() .min(1, t("access.form.aws_secret_access_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormAliyunConfig.tsx b/ui/src/components/access/AccessFormAliyunConfig.tsx index 4904b072..f48c3297 100644 --- a/ui/src/components/access/AccessFormAliyunConfig.tsx +++ b/ui/src/components/access/AccessFormAliyunConfig.tsx @@ -28,12 +28,10 @@ const AccessFormAliyunConfig = ({ form: formInst, formName, disabled, initialVal const formSchema = z.object({ accessKeyId: z .string() - .trim() .min(1, t("access.form.aliyun_access_key_id.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), accessKeySecret: z .string() - .trim() .min(1, t("access.form.aliyun_access_key_secret.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), resourceGroupId: z.string().nullish(), @@ -71,15 +69,6 @@ const AccessFormAliyunConfig = ({ form: formInst, formName, disabled, initialVal - } - > - - - - - ); }; diff --git a/ui/src/components/access/AccessFormBytePlusConfig.tsx b/ui/src/components/access/AccessFormBytePlusConfig.tsx index 184e0189..5902edb8 100644 --- a/ui/src/components/access/AccessFormBytePlusConfig.tsx +++ b/ui/src/components/access/AccessFormBytePlusConfig.tsx @@ -28,14 +28,12 @@ const AccessFormBytePlusConfig = ({ form: formInst, formName, disabled, initialV const formSchema = z.object({ accessKey: z .string() - .trim() .min(1, t("access.form.byteplus_access_key.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), secretKey: z .string() .min(1, t("access.form.byteplus_secret_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormCMCCCloudConfig.tsx b/ui/src/components/access/AccessFormCMCCCloudConfig.tsx index 9bc6e615..9ee88a07 100644 --- a/ui/src/components/access/AccessFormCMCCCloudConfig.tsx +++ b/ui/src/components/access/AccessFormCMCCCloudConfig.tsx @@ -28,13 +28,11 @@ const AccessFormCMCCCloudConfig = ({ form: formInst, formName, disabled, initial accessKeyId: z .string() .min(1, t("access.form.cmcccloud_access_key_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), accessKeySecret: z .string() .min(1, t("access.form.cmcccloud_access_key_secret.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormCacheFlyConfig.tsx b/ui/src/components/access/AccessFormCacheFlyConfig.tsx index b3172785..79ca197f 100644 --- a/ui/src/components/access/AccessFormCacheFlyConfig.tsx +++ b/ui/src/components/access/AccessFormCacheFlyConfig.tsx @@ -28,8 +28,7 @@ const AccessFormCacheFlyConfig = ({ form: formInst, formName, disabled, initialV apiToken: z .string() .min(1, t("access.form.cachefly_api_token.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormCdnflyConfig.tsx b/ui/src/components/access/AccessFormCdnflyConfig.tsx index 10422c3b..6e06d0e7 100644 --- a/ui/src/components/access/AccessFormCdnflyConfig.tsx +++ b/ui/src/components/access/AccessFormCdnflyConfig.tsx @@ -31,13 +31,11 @@ const AccessFormCdnflyConfig = ({ form: formInst, formName, disabled, initialVal apiKey: z .string() .min(1, t("access.form.cdnfly_api_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), apiSecret: z .string() .min(1, t("access.form.cdnfly_api_secret.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormClouDNSConfig.tsx b/ui/src/components/access/AccessFormClouDNSConfig.tsx index 4472eeea..922a8e75 100644 --- a/ui/src/components/access/AccessFormClouDNSConfig.tsx +++ b/ui/src/components/access/AccessFormClouDNSConfig.tsx @@ -28,14 +28,12 @@ const AccessFormClouDNSConfig = ({ form: formInst, formName, disabled, initialVa const formSchema = z.object({ authId: z .string() - .trim() .min(1, t("access.form.cloudns_auth_id.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), authPassword: z .string() .min(1, t("access.form.cloudns_auth_password.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormCloudflareConfig.tsx b/ui/src/components/access/AccessFormCloudflareConfig.tsx index 79b33e3a..6e9ba6c1 100644 --- a/ui/src/components/access/AccessFormCloudflareConfig.tsx +++ b/ui/src/components/access/AccessFormCloudflareConfig.tsx @@ -28,12 +28,10 @@ const AccessFormCloudflareConfig = ({ form: formInst, formName, disabled, initia dnsApiToken: z .string() .min(1, t("access.form.cloudflare_dns_api_token.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), zoneApiToken: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormConstellixConfig.tsx b/ui/src/components/access/AccessFormConstellixConfig.tsx index 5966828a..8e028034 100644 --- a/ui/src/components/access/AccessFormConstellixConfig.tsx +++ b/ui/src/components/access/AccessFormConstellixConfig.tsx @@ -25,8 +25,8 @@ const AccessFormConstellixConfig = ({ form: formInst, formName, disabled, initia const { t } = useTranslation(); const formSchema = z.object({ - apiKey: z.string().trim().nonempty(t("access.form.constellix_api_key.placeholder")), - secretKey: z.string().trim().nonempty(t("access.form.constellix_secret_key.placeholder")), + apiKey: z.string().nonempty(t("access.form.constellix_api_key.placeholder")), + secretKey: z.string().nonempty(t("access.form.constellix_secret_key.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormDNSLAConfig.tsx b/ui/src/components/access/AccessFormDNSLAConfig.tsx index df8403ea..ee5ac5e6 100644 --- a/ui/src/components/access/AccessFormDNSLAConfig.tsx +++ b/ui/src/components/access/AccessFormDNSLAConfig.tsx @@ -29,13 +29,11 @@ const AccessFormDNSLAConfig = ({ form: formInst, formName, disabled, initialValu apiId: z .string() .min(1, t("access.form.dnsla_api_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), apiSecret: z .string() .min(1, t("access.form.dnsla_api_secret.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormDeSECConfig.tsx b/ui/src/components/access/AccessFormDeSECConfig.tsx index 4ba65a69..10f5a101 100644 --- a/ui/src/components/access/AccessFormDeSECConfig.tsx +++ b/ui/src/components/access/AccessFormDeSECConfig.tsx @@ -28,8 +28,7 @@ const AccessFormDeSECConfig = ({ form: formInst, formName, disabled, initialValu token: z .string() .min(1, t("access.form.desec_token.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormDigitalOceanConfig.tsx b/ui/src/components/access/AccessFormDigitalOceanConfig.tsx index f4aafc4f..421ee9cc 100644 --- a/ui/src/components/access/AccessFormDigitalOceanConfig.tsx +++ b/ui/src/components/access/AccessFormDigitalOceanConfig.tsx @@ -25,7 +25,7 @@ const AccessFormDigitalOceanConfig = ({ form: formInst, formName, disabled, init const { t } = useTranslation(); const formSchema = z.object({ - accessToken: z.string().nonempty(t("access.form.digitalocean_access_token.placeholder")).trim(), + accessToken: z.string().nonempty(t("access.form.digitalocean_access_token.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormDingTalkBotConfig.tsx b/ui/src/components/access/AccessFormDingTalkBotConfig.tsx index 35aebf6e..59904e18 100644 --- a/ui/src/components/access/AccessFormDingTalkBotConfig.tsx +++ b/ui/src/components/access/AccessFormDingTalkBotConfig.tsx @@ -27,7 +27,7 @@ const AccessFormDingTalkBotConfig = ({ form: formInst, formName, disabled, initi const formSchema = z.object({ webhookUrl: z.string().url(t("common.errmsg.url_invalid")), - secret: z.string().nonempty(t("access.form.dingtalkbot_secret.placeholder")).trim(), + secret: z.string().nonempty(t("access.form.dingtalkbot_secret.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormDiscordBotConfig.tsx b/ui/src/components/access/AccessFormDiscordBotConfig.tsx index 16848686..5f844ccc 100644 --- a/ui/src/components/access/AccessFormDiscordBotConfig.tsx +++ b/ui/src/components/access/AccessFormDiscordBotConfig.tsx @@ -28,8 +28,7 @@ const AccessFormDiscordBotConfig = ({ form: formInst, formName, disabled, initia botToken: z .string({ message: t("access.form.discordbot_token.placeholder") }) .min(1, t("access.form.discordbot_token.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), defaultChannelId: z.string().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormDogeCloudConfig.tsx b/ui/src/components/access/AccessFormDogeCloudConfig.tsx index 36b73f9f..3e61d75f 100644 --- a/ui/src/components/access/AccessFormDogeCloudConfig.tsx +++ b/ui/src/components/access/AccessFormDogeCloudConfig.tsx @@ -29,13 +29,11 @@ const AccessFormDogeCloudConfig = ({ form: formInst, formName, disabled, initial accessKey: z .string() .min(1, t("access.form.dogecloud_access_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), secretKey: z .string() .min(1, t("access.form.dogecloud_secret_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormDuckDNSConfig.tsx b/ui/src/components/access/AccessFormDuckDNSConfig.tsx index 969f78f8..6b9c81b8 100644 --- a/ui/src/components/access/AccessFormDuckDNSConfig.tsx +++ b/ui/src/components/access/AccessFormDuckDNSConfig.tsx @@ -25,7 +25,7 @@ const AccessFormDuckDNSConfig = ({ form: formInst, formName, disabled, initialVa const { t } = useTranslation(); const formSchema = z.object({ - token: z.string().nonempty(t("access.form.duckdns_token.placeholder")).trim(), + token: z.string().nonempty(t("access.form.duckdns_token.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormDynv6Config.tsx b/ui/src/components/access/AccessFormDynv6Config.tsx index 92385302..87e16c1e 100644 --- a/ui/src/components/access/AccessFormDynv6Config.tsx +++ b/ui/src/components/access/AccessFormDynv6Config.tsx @@ -28,8 +28,7 @@ const AccessFormDynv6Config = ({ form: formInst, formName, disabled, initialValu httpToken: z .string() .min(1, t("access.form.dynv6_http_token.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormEdgioConfig.tsx b/ui/src/components/access/AccessFormEdgioConfig.tsx index d70ece6e..a91298c9 100644 --- a/ui/src/components/access/AccessFormEdgioConfig.tsx +++ b/ui/src/components/access/AccessFormEdgioConfig.tsx @@ -29,13 +29,11 @@ const AccessFormEdgioConfig = ({ form: formInst, formName, disabled, initialValu clientId: z .string() .min(1, t("access.form.edgio_client_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), clientSecret: z .string() .min(1, t("access.form.edgio_client_secret.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormFlexCDNConfig.tsx b/ui/src/components/access/AccessFormFlexCDNConfig.tsx index 71aa9607..f07b8359 100644 --- a/ui/src/components/access/AccessFormFlexCDNConfig.tsx +++ b/ui/src/components/access/AccessFormFlexCDNConfig.tsx @@ -32,8 +32,8 @@ const AccessFormFlexCDNConfig = ({ form: formInst, formName, disabled, initialVa role: z.union([z.literal("user"), z.literal("admin")], { message: t("access.form.flexcdn_api_role.placeholder"), }), - accessKeyId: z.string().nonempty(t("access.form.flexcdn_access_key_id.placeholder")).trim(), - accessKey: z.string().nonempty(t("access.form.flexcdn_access_key.placeholder")).trim(), + accessKeyId: z.string().nonempty(t("access.form.flexcdn_access_key_id.placeholder")), + accessKey: z.string().nonempty(t("access.form.flexcdn_access_key.placeholder")), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormGcoreConfig.tsx b/ui/src/components/access/AccessFormGcoreConfig.tsx index 858dac02..f78d7309 100644 --- a/ui/src/components/access/AccessFormGcoreConfig.tsx +++ b/ui/src/components/access/AccessFormGcoreConfig.tsx @@ -28,8 +28,7 @@ const AccessFormGcoreConfig = ({ form: formInst, formName, disabled, initialValu apiToken: z .string() .min(1, t("access.form.gcore_api_token.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormGnameConfig.tsx b/ui/src/components/access/AccessFormGnameConfig.tsx index f0c8f072..990f01b6 100644 --- a/ui/src/components/access/AccessFormGnameConfig.tsx +++ b/ui/src/components/access/AccessFormGnameConfig.tsx @@ -29,13 +29,11 @@ const AccessFormGnameConfig = ({ form: formInst, formName, disabled, initialValu appId: z .string() .min(1, t("access.form.gname_app_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), appKey: z .string() .min(1, t("access.form.gname_app_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormGoDaddyConfig.tsx b/ui/src/components/access/AccessFormGoDaddyConfig.tsx index 9e8989e9..c604a8b3 100644 --- a/ui/src/components/access/AccessFormGoDaddyConfig.tsx +++ b/ui/src/components/access/AccessFormGoDaddyConfig.tsx @@ -29,13 +29,11 @@ const AccessFormGoDaddyConfig = ({ form: formInst, formName, disabled, initialVa apiKey: z .string() .min(1, t("access.form.godaddy_api_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), apiSecret: z .string() .min(1, t("access.form.godaddy_api_secret.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormGoEdgeConfig.tsx b/ui/src/components/access/AccessFormGoEdgeConfig.tsx index 641e2276..822c410b 100644 --- a/ui/src/components/access/AccessFormGoEdgeConfig.tsx +++ b/ui/src/components/access/AccessFormGoEdgeConfig.tsx @@ -32,8 +32,8 @@ const AccessFormGoEdgeConfig = ({ form: formInst, formName, disabled, initialVal role: z.union([z.literal("user"), z.literal("admin")], { message: t("access.form.goedge_api_role.placeholder"), }), - accessKeyId: z.string().nonempty(t("access.form.goedge_access_key_id.placeholder")).trim(), - accessKey: z.string().nonempty(t("access.form.goedge_access_key.placeholder")).trim(), + accessKeyId: z.string().nonempty(t("access.form.goedge_access_key_id.placeholder")), + accessKey: z.string().nonempty(t("access.form.goedge_access_key.placeholder")), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormGoogleTrustServicesConfig.tsx b/ui/src/components/access/AccessFormGoogleTrustServicesConfig.tsx index 95eb6270..b30384f5 100644 --- a/ui/src/components/access/AccessFormGoogleTrustServicesConfig.tsx +++ b/ui/src/components/access/AccessFormGoogleTrustServicesConfig.tsx @@ -35,13 +35,11 @@ const AccessFormGoogleTrustServicesConfig = ({ eabKid: z .string() .min(1, t("access.form.googletrustservices_eab_kid.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), eabHmacKey: z .string() .min(1, t("access.form.googletrustservices_eab_hmac_key.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormHetznerConfig.tsx b/ui/src/components/access/AccessFormHetznerConfig.tsx index 12bf21b2..b596e997 100644 --- a/ui/src/components/access/AccessFormHetznerConfig.tsx +++ b/ui/src/components/access/AccessFormHetznerConfig.tsx @@ -25,7 +25,7 @@ const AccessFormHetznerConfig = ({ form: formInst, formName, disabled, initialVa const { t } = useTranslation(); const formSchema = z.object({ - apiToken: z.string().nonempty(t("access.form.hetzner_api_token.placeholder")).trim(), + apiToken: z.string().nonempty(t("access.form.hetzner_api_token.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormHuaweiCloudConfig.tsx b/ui/src/components/access/AccessFormHuaweiCloudConfig.tsx index ca83febd..fc56d558 100644 --- a/ui/src/components/access/AccessFormHuaweiCloudConfig.tsx +++ b/ui/src/components/access/AccessFormHuaweiCloudConfig.tsx @@ -28,12 +28,10 @@ const AccessFormHuaweiCloudConfig = ({ form: formInst, formName, disabled, initi const formSchema = z.object({ accessKeyId: z .string() - .trim() .min(1, t("access.form.huaweicloud_access_key_id.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), secretAccessKey: z .string() - .trim() .min(1, t("access.form.huaweicloud_secret_access_key.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), enterpriseProjectId: z.string().nullish(), diff --git a/ui/src/components/access/AccessFormJDCloudConfig.tsx b/ui/src/components/access/AccessFormJDCloudConfig.tsx index 7ab6b167..10fb4bad 100644 --- a/ui/src/components/access/AccessFormJDCloudConfig.tsx +++ b/ui/src/components/access/AccessFormJDCloudConfig.tsx @@ -29,13 +29,11 @@ const AccessFormJDCloudConfig = ({ form: formInst, formName, disabled, initialVa accessKeyId: z .string() .min(1, t("access.form.jdcloud_access_key_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), accessKeySecret: z .string() .min(1, t("access.form.jdcloud_access_key_secret.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormKubernetesConfig.tsx b/ui/src/components/access/AccessFormKubernetesConfig.tsx index 73415bb1..ff2bd491 100644 --- a/ui/src/components/access/AccessFormKubernetesConfig.tsx +++ b/ui/src/components/access/AccessFormKubernetesConfig.tsx @@ -26,7 +26,6 @@ const AccessFormKubernetesConfig = ({ form: formInst, formName, disabled, initia const formSchema = z.object({ kubeConfig: z .string() - .trim() .max(20480, t("common.errmsg.string_max", { max: 20480 })) .nullish(), }); diff --git a/ui/src/components/access/AccessFormLeCDNConfig.tsx b/ui/src/components/access/AccessFormLeCDNConfig.tsx index 282afa8d..1f9feabc 100644 --- a/ui/src/components/access/AccessFormLeCDNConfig.tsx +++ b/ui/src/components/access/AccessFormLeCDNConfig.tsx @@ -33,8 +33,8 @@ const AccessFormLeCDNConfig = ({ form: formInst, formName, disabled, initialValu role: z.union([z.literal("client"), z.literal("master")], { message: t("access.form.lecdn_api_role.placeholder"), }), - username: z.string().nonempty(t("access.form.lecdn_username.placeholder")).trim(), - password: z.string().nonempty(t("access.form.lecdn_password.placeholder")).trim(), + username: z.string().nonempty(t("access.form.lecdn_username.placeholder")), + password: z.string().nonempty(t("access.form.lecdn_password.placeholder")), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormNS1Config.tsx b/ui/src/components/access/AccessFormNS1Config.tsx index 5b12feb0..4080b79b 100644 --- a/ui/src/components/access/AccessFormNS1Config.tsx +++ b/ui/src/components/access/AccessFormNS1Config.tsx @@ -28,8 +28,7 @@ const AccessFormNS1Config = ({ form: formInst, formName, disabled, initialValues apiKey: z .string() .min(1, t("access.form.ns1_api_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormNameDotComConfig.tsx b/ui/src/components/access/AccessFormNameDotComConfig.tsx index 0048de52..e5a7a372 100644 --- a/ui/src/components/access/AccessFormNameDotComConfig.tsx +++ b/ui/src/components/access/AccessFormNameDotComConfig.tsx @@ -29,13 +29,11 @@ const AccessFormNameDotComConfig = ({ form: formInst, formName, disabled, initia username: z .string() .min(1, t("access.form.namedotcom_username.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), apiToken: z .string() .min(1, t("access.form.namedotcom_api_token.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormNameSiloConfig.tsx b/ui/src/components/access/AccessFormNameSiloConfig.tsx index 1e8e2d8e..a9421ffe 100644 --- a/ui/src/components/access/AccessFormNameSiloConfig.tsx +++ b/ui/src/components/access/AccessFormNameSiloConfig.tsx @@ -28,8 +28,7 @@ const AccessFormNameSiloConfig = ({ form: formInst, formName, disabled, initialV apiKey: z .string() .min(1, t("access.form.namesilo_api_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormNamecheapConfig.tsx b/ui/src/components/access/AccessFormNamecheapConfig.tsx index d6a79f2a..2ac81909 100644 --- a/ui/src/components/access/AccessFormNamecheapConfig.tsx +++ b/ui/src/components/access/AccessFormNamecheapConfig.tsx @@ -29,13 +29,11 @@ const AccessFormNamecheapConfig = ({ form: formInst, formName, disabled, initial username: z .string() .min(1, t("access.form.namecheap_username.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), apiKey: z .string() .min(1, t("access.form.namecheap_api_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormNetcupConfig.tsx b/ui/src/components/access/AccessFormNetcupConfig.tsx index c5d4bfc6..02aa5272 100644 --- a/ui/src/components/access/AccessFormNetcupConfig.tsx +++ b/ui/src/components/access/AccessFormNetcupConfig.tsx @@ -27,9 +27,9 @@ const AccessFormNetcupConfig = ({ form: formInst, formName, disabled, initialVal const { t } = useTranslation(); const formSchema = z.object({ - customerNumber: z.string().nonempty(t("access.form.netcup_customer_number.placeholder")).trim(), - apiKey: z.string().nonempty(t("access.form.netcup_api_key.placeholder")).trim(), - apiPassword: z.string().nonempty(t("access.form.netcup_api_password.placeholder")).trim(), + customerNumber: z.string().nonempty(t("access.form.netcup_customer_number.placeholder")), + apiKey: z.string().nonempty(t("access.form.netcup_api_key.placeholder")), + apiPassword: z.string().nonempty(t("access.form.netcup_api_password.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormNetlifyConfig.tsx b/ui/src/components/access/AccessFormNetlifyConfig.tsx index 7fa4c8ae..91d0c31e 100644 --- a/ui/src/components/access/AccessFormNetlifyConfig.tsx +++ b/ui/src/components/access/AccessFormNetlifyConfig.tsx @@ -25,7 +25,7 @@ const AccessFormNetlifyConfig = ({ form: formInst, formName, disabled, initialVa const { t } = useTranslation(); const formSchema = z.object({ - apiToken: z.string().nonempty(t("access.form.netlify_api_token.placeholder")).trim(), + apiToken: z.string().nonempty(t("access.form.netlify_api_token.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormPorkbunConfig.tsx b/ui/src/components/access/AccessFormPorkbunConfig.tsx index 20cbc38a..65193db7 100644 --- a/ui/src/components/access/AccessFormPorkbunConfig.tsx +++ b/ui/src/components/access/AccessFormPorkbunConfig.tsx @@ -29,13 +29,11 @@ const AccessFormPorkbunConfig = ({ form: formInst, formName, disabled, initialVa apiKey: z .string() .min(1, t("access.form.porkbun_api_key.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), secretApiKey: z .string() .min(1, t("access.form.porkbun_secret_api_key.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormPowerDNSConfig.tsx b/ui/src/components/access/AccessFormPowerDNSConfig.tsx index 33447cc8..e9dc9756 100644 --- a/ui/src/components/access/AccessFormPowerDNSConfig.tsx +++ b/ui/src/components/access/AccessFormPowerDNSConfig.tsx @@ -30,8 +30,7 @@ const AccessFormPowerDNSConfig = ({ form: formInst, formName, disabled, initialV apiKey: z .string() .min(1, t("access.form.powerdns_api_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormProxmoxVEConfig.tsx b/ui/src/components/access/AccessFormProxmoxVEConfig.tsx index 29280b1c..b2d44011 100644 --- a/ui/src/components/access/AccessFormProxmoxVEConfig.tsx +++ b/ui/src/components/access/AccessFormProxmoxVEConfig.tsx @@ -27,7 +27,7 @@ const AccessFormProxmoxVEConfig = ({ form: formInst, formName, disabled, initial const formSchema = z.object({ serverUrl: z.string().url(t("common.errmsg.url_invalid")), - apiToken: z.string().nonempty(t("access.form.proxmoxve_api_token.placeholder")).trim(), + apiToken: z.string().nonempty(t("access.form.proxmoxve_api_token.placeholder")), apiTokenSecret: z.string().nullish(), allowInsecureConnections: z.boolean().nullish(), }); diff --git a/ui/src/components/access/AccessFormQiniuConfig.tsx b/ui/src/components/access/AccessFormQiniuConfig.tsx index 40517184..dcbebcd0 100644 --- a/ui/src/components/access/AccessFormQiniuConfig.tsx +++ b/ui/src/components/access/AccessFormQiniuConfig.tsx @@ -29,13 +29,11 @@ const AccessFormQiniuConfig = ({ form: formInst, formName, disabled, initialValu accessKey: z .string() .min(1, t("access.form.qiniu_access_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), secretKey: z .string() .min(1, t("access.form.qiniu_secret_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormRainYunConfig.tsx b/ui/src/components/access/AccessFormRainYunConfig.tsx index a34cf683..b9b0b171 100644 --- a/ui/src/components/access/AccessFormRainYunConfig.tsx +++ b/ui/src/components/access/AccessFormRainYunConfig.tsx @@ -28,8 +28,7 @@ const AccessFormRainYunConfig = ({ form: formInst, formName, disabled, initialVa apiKey: z .string() .min(1, t("access.form.rainyun_api_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormRatPanelConfig.tsx b/ui/src/components/access/AccessFormRatPanelConfig.tsx index 04a71cd1..26448f46 100644 --- a/ui/src/components/access/AccessFormRatPanelConfig.tsx +++ b/ui/src/components/access/AccessFormRatPanelConfig.tsx @@ -29,7 +29,7 @@ const AccessFormRatPanelConfig = ({ form: formInst, formName, disabled, initialV const formSchema = z.object({ serverUrl: z.string().url(t("common.errmsg.url_invalid")), accessTokenId: z.preprocess((v) => Number(v), z.number().positive(t("access.form.ratpanel_access_token_id.placeholder"))), - accessToken: z.string().nonempty(t("access.form.ratpanel_access_token.placeholder")).trim(), + accessToken: z.string().nonempty(t("access.form.ratpanel_access_token.placeholder")), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormSSLComConfig.tsx b/ui/src/components/access/AccessFormSSLComConfig.tsx index 85266266..22b60ae4 100644 --- a/ui/src/components/access/AccessFormSSLComConfig.tsx +++ b/ui/src/components/access/AccessFormSSLComConfig.tsx @@ -29,13 +29,11 @@ const AccessFormSSLComConfig = ({ form: formInst, formName, disabled, initialVal eabKid: z .string() .min(1, t("access.form.sslcom_eab_kid.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), eabHmacKey: z .string() .min(1, t("access.form.sslcom_eab_hmac_key.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormSafeLineConfig.tsx b/ui/src/components/access/AccessFormSafeLineConfig.tsx index c698d066..e3d3e75d 100644 --- a/ui/src/components/access/AccessFormSafeLineConfig.tsx +++ b/ui/src/components/access/AccessFormSafeLineConfig.tsx @@ -30,8 +30,7 @@ const AccessFormSafeLineConfig = ({ form: formInst, formName, disabled, initialV apiToken: z .string() .min(1, t("access.form.safeline_api_token.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormSlackBotConfig.tsx b/ui/src/components/access/AccessFormSlackBotConfig.tsx index 3bea5f58..a0bdbad4 100644 --- a/ui/src/components/access/AccessFormSlackBotConfig.tsx +++ b/ui/src/components/access/AccessFormSlackBotConfig.tsx @@ -28,8 +28,7 @@ const AccessFormSlackBotConfig = ({ form: formInst, formName, disabled, initialV botToken: z .string({ message: t("access.form.slackbot_token.placeholder") }) .min(1, t("access.form.slackbot_token.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), defaultChannelId: z.string().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormTelegramBotConfig.tsx b/ui/src/components/access/AccessFormTelegramBotConfig.tsx index 82747694..a347610f 100644 --- a/ui/src/components/access/AccessFormTelegramBotConfig.tsx +++ b/ui/src/components/access/AccessFormTelegramBotConfig.tsx @@ -28,8 +28,7 @@ const AccessFormTelegramBotConfig = ({ form: formInst, formName, disabled, initi botToken: z .string({ message: t("access.form.telegrambot_token.placeholder") }) .min(1, t("access.form.telegrambot_token.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), defaultChatId: z .preprocess( (v) => (v == null || v === "" ? undefined : Number(v)), diff --git a/ui/src/components/access/AccessFormTencentCloudConfig.tsx b/ui/src/components/access/AccessFormTencentCloudConfig.tsx index 11de6d6d..540ebdd9 100644 --- a/ui/src/components/access/AccessFormTencentCloudConfig.tsx +++ b/ui/src/components/access/AccessFormTencentCloudConfig.tsx @@ -29,13 +29,11 @@ const AccessFormTencentCloudConfig = ({ form: formInst, formName, disabled, init secretId: z .string() .min(1, t("access.form.tencentcloud_secret_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), secretKey: z .string() .min(1, t("access.form.tencentcloud_secret_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormUCloudConfig.tsx b/ui/src/components/access/AccessFormUCloudConfig.tsx index fd623925..395d185e 100644 --- a/ui/src/components/access/AccessFormUCloudConfig.tsx +++ b/ui/src/components/access/AccessFormUCloudConfig.tsx @@ -29,17 +29,14 @@ const AccessFormUCloudConfig = ({ form: formInst, formName, disabled, initialVal privateKey: z .string() .min(1, t("access.form.ucloud_private_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), publicKey: z .string() .min(1, t("access.form.ucloud_public_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), projectId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormUniCloudConfig.tsx b/ui/src/components/access/AccessFormUniCloudConfig.tsx index d281f1fe..8b6d1346 100644 --- a/ui/src/components/access/AccessFormUniCloudConfig.tsx +++ b/ui/src/components/access/AccessFormUniCloudConfig.tsx @@ -26,8 +26,8 @@ const AccessFormUniCloudConfig = ({ form: formInst, formName, disabled, initialV const { t } = useTranslation(); const formSchema = z.object({ - username: z.string().trim().nonempty(t("access.form.unicloud_username.placeholder")), - password: z.string().trim().nonempty(t("access.form.unicloud_password.placeholder")), + username: z.string().nonempty(t("access.form.unicloud_username.placeholder")), + password: z.string().nonempty(t("access.form.unicloud_password.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormUpyunConfig.tsx b/ui/src/components/access/AccessFormUpyunConfig.tsx index 665c50cf..24feb9f8 100644 --- a/ui/src/components/access/AccessFormUpyunConfig.tsx +++ b/ui/src/components/access/AccessFormUpyunConfig.tsx @@ -28,12 +28,10 @@ const AccessFormUpyunConfig = ({ form: formInst, formName, disabled, initialValu const formSchema = z.object({ username: z .string() - .trim() .min(1, t("access.form.upyun_username.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), password: z .string() - .trim() .min(1, t("access.form.upyun_password.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), }); diff --git a/ui/src/components/access/AccessFormVercelConfig.tsx b/ui/src/components/access/AccessFormVercelConfig.tsx index 4483a9f9..a3a1954e 100644 --- a/ui/src/components/access/AccessFormVercelConfig.tsx +++ b/ui/src/components/access/AccessFormVercelConfig.tsx @@ -28,12 +28,10 @@ const AccessFormVercelConfig = ({ form: formInst, formName, disabled, initialVal apiAccessToken: z .string() .min(1, t("access.form.vercel_api_access_token.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), teamId: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormVolcEngineConfig.tsx b/ui/src/components/access/AccessFormVolcEngineConfig.tsx index 8d8d18de..c9a302a2 100644 --- a/ui/src/components/access/AccessFormVolcEngineConfig.tsx +++ b/ui/src/components/access/AccessFormVolcEngineConfig.tsx @@ -29,13 +29,11 @@ const AccessFormVolcEngineConfig = ({ form: formInst, formName, disabled, initia accessKeyId: z .string() .min(1, t("access.form.volcengine_access_key_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), secretAccessKey: z .string() .min(1, t("access.form.volcengine_secret_access_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormWangsuConfig.tsx b/ui/src/components/access/AccessFormWangsuConfig.tsx index bb4f699c..fe2950c4 100644 --- a/ui/src/components/access/AccessFormWangsuConfig.tsx +++ b/ui/src/components/access/AccessFormWangsuConfig.tsx @@ -30,18 +30,15 @@ const AccessFormWangsuConfig = ({ form: formInst, formName, disabled, initialVal accessKeyId: z .string() .min(1, t("access.form.wangsu_access_key_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), accessKeySecret: z .string() .min(1, t("access.form.wangsu_access_key_secret.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), apiKey: z .string() .min(1, t("access.form.wangsu_api_key.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormWestcnConfig.tsx b/ui/src/components/access/AccessFormWestcnConfig.tsx index ab21260c..34439316 100644 --- a/ui/src/components/access/AccessFormWestcnConfig.tsx +++ b/ui/src/components/access/AccessFormWestcnConfig.tsx @@ -29,13 +29,11 @@ const AccessFormWestcnConfig = ({ form: formInst, formName, disabled, initialVal username: z .string() .min(1, t("access.form.westcn_username.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), apiPassword: z .string() .min(1, t("access.form.westcn_api_password.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormZeroSSLConfig.tsx b/ui/src/components/access/AccessFormZeroSSLConfig.tsx index 336777b0..a1653667 100644 --- a/ui/src/components/access/AccessFormZeroSSLConfig.tsx +++ b/ui/src/components/access/AccessFormZeroSSLConfig.tsx @@ -29,13 +29,11 @@ const AccessFormZeroSSLConfig = ({ form: formInst, formName, disabled, initialVa eabKid: z .string() .min(1, t("access.form.zerossl_eab_kid.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), eabHmacKey: z .string() .min(1, t("access.form.zerossl_eab_hmac_key.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/notification/NotifyChannelEditFormGotifyFields.tsx b/ui/src/components/notification/NotifyChannelEditFormGotifyFields.tsx index 189f4e16..69aa4b46 100644 --- a/ui/src/components/notification/NotifyChannelEditFormGotifyFields.tsx +++ b/ui/src/components/notification/NotifyChannelEditFormGotifyFields.tsx @@ -9,7 +9,12 @@ const NotifyChannelEditFormGotifyFields = () => { const formSchema = z.object({ url: z.string({ message: t("settings.notification.channel.form.gotify_url.placeholder") }).url({ message: t("common.errmsg.url_invalid") }), token: z.string({ message: t("settings.notification.channel.form.gotify_token.placeholder") }), - priority: z.preprocess(val => Number(val), z.number({ message: t("settings.notification.channel.form.gotify_priority.placeholder") }).gte(0, { message: t("settings.notification.channel.form.gotify_priority.error.gte0") })), + priority: z.preprocess( + (val) => Number(val), + z + .number({ message: t("settings.notification.channel.form.gotify_priority.placeholder") }) + .gte(0, { message: t("settings.notification.channel.form.gotify_priority.error.gte0") }) + ), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/notification/NotifyTemplate.tsx b/ui/src/components/notification/NotifyTemplate.tsx index 9921cda5..152596e7 100644 --- a/ui/src/components/notification/NotifyTemplate.tsx +++ b/ui/src/components/notification/NotifyTemplate.tsx @@ -27,13 +27,11 @@ const NotifyTemplateForm = ({ className, style }: NotifyTemplateFormProps) => { subject: z .string() .min(1, t("settings.notification.template.form.subject.placeholder")) - .max(1000, t("common.errmsg.string_max", { max: 1000 })) - .trim(), + .max(1000, t("common.errmsg.string_max", { max: 1000 })), message: z .string() .min(1, t("settings.notification.template.form.message.placeholder")) - .max(1000, t("common.errmsg.string_max", { max: 1000 })) - .trim(), + .max(1000, t("common.errmsg.string_max", { max: 1000 })), }); const formRule = createSchemaFieldRule(formSchema); const { diff --git a/ui/src/components/workflow/node/ApplyNodeConfigFormAWSRoute53Config.tsx b/ui/src/components/workflow/node/ApplyNodeConfigFormAWSRoute53Config.tsx index a14a7057..03698cb1 100644 --- a/ui/src/components/workflow/node/ApplyNodeConfigFormAWSRoute53Config.tsx +++ b/ui/src/components/workflow/node/ApplyNodeConfigFormAWSRoute53Config.tsx @@ -35,12 +35,10 @@ const ApplyNodeConfigFormAWSRoute53Config = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.apply.form.aws_route53_region.placeholder") }) - .nonempty(t("workflow_node.apply.form.aws_route53_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.apply.form.aws_route53_region.placeholder")), hostedZoneId: z .string({ message: t("workflow_node.apply.form.aws_route53_hosted_zone_id.placeholder") }) - .nonempty(t("workflow_node.apply.form.aws_route53_hosted_zone_id.placeholder")) - .trim(), + .nonempty(t("workflow_node.apply.form.aws_route53_hosted_zone_id.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/ApplyNodeConfigFormAliyunESAConfig.tsx b/ui/src/components/workflow/node/ApplyNodeConfigFormAliyunESAConfig.tsx index d429b53d..0ef39b22 100644 --- a/ui/src/components/workflow/node/ApplyNodeConfigFormAliyunESAConfig.tsx +++ b/ui/src/components/workflow/node/ApplyNodeConfigFormAliyunESAConfig.tsx @@ -25,8 +25,7 @@ const ApplyNodeConfigFormAliyunESAConfig = ({ form: formInst, formName, disabled const formSchema = z.object({ region: z .string({ message: t("workflow_node.apply.form.aliyun_esa_region.placeholder") }) - .nonempty(t("workflow_node.apply.form.aliyun_esa_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.apply.form.aliyun_esa_region.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/ApplyNodeConfigFormHuaweiCloudDNSConfig.tsx b/ui/src/components/workflow/node/ApplyNodeConfigFormHuaweiCloudDNSConfig.tsx index dcde7c75..e806dd64 100644 --- a/ui/src/components/workflow/node/ApplyNodeConfigFormHuaweiCloudDNSConfig.tsx +++ b/ui/src/components/workflow/node/ApplyNodeConfigFormHuaweiCloudDNSConfig.tsx @@ -33,8 +33,7 @@ const ApplyNodeConfigFormHuaweiCloudDNSConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.apply.form.huaweicloud_dns_region.placeholder") }) - .nonempty(t("workflow_node.apply.form.huaweicloud_dns_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.apply.form.huaweicloud_dns_region.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/ApplyNodeConfigFormJDCloudDNSConfig.tsx b/ui/src/components/workflow/node/ApplyNodeConfigFormJDCloudDNSConfig.tsx index dba0b56c..cca7efd5 100644 --- a/ui/src/components/workflow/node/ApplyNodeConfigFormJDCloudDNSConfig.tsx +++ b/ui/src/components/workflow/node/ApplyNodeConfigFormJDCloudDNSConfig.tsx @@ -33,8 +33,7 @@ const ApplyNodeConfigFormJDCloudDNSConfig = ({ const formSchema = z.object({ regionId: z .string({ message: t("workflow_node.apply.form.jdcloud_dns_region_id.placeholder") }) - .nonempty(t("workflow_node.apply.form.jdcloud_dns_region_id.placeholder")) - .trim(), + .nonempty(t("workflow_node.apply.form.jdcloud_dns_region_id.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/ApplyNodeConfigFormTencentCloudEOConfig.tsx b/ui/src/components/workflow/node/ApplyNodeConfigFormTencentCloudEOConfig.tsx index 2969d4a2..f71e33e7 100644 --- a/ui/src/components/workflow/node/ApplyNodeConfigFormTencentCloudEOConfig.tsx +++ b/ui/src/components/workflow/node/ApplyNodeConfigFormTencentCloudEOConfig.tsx @@ -31,8 +31,7 @@ const ApplyNodeConfigFormTencentCloudEOConfig = ({ const formSchema = z.object({ zoneId: z .string({ message: t("workflow_node.apply.form.tencentcloud_eo_zone_id.placeholder") }) - .nonempty(t("workflow_node.apply.form.tencentcloud_eo_zone_id.placeholder")) - .trim(), + .nonempty(t("workflow_node.apply.form.tencentcloud_eo_zone_id.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAWSACMConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAWSACMConfig.tsx index 2e539453..df7ba9b6 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAWSACMConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAWSACMConfig.tsx @@ -26,8 +26,7 @@ const DeployNodeConfigFormAWSACMConfig = ({ form: formInst, formName, disabled, const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aws_acm_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aws_acm_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aws_acm_region.placeholder")), certificateArn: z.string().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAWSCloudFrontConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAWSCloudFrontConfig.tsx index a34f2fbb..3a15eea0 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAWSCloudFrontConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAWSCloudFrontConfig.tsx @@ -33,9 +33,9 @@ const DeployNodeConfigFormAWSCloudFrontConfig = ({ const { t } = useTranslation(); const formSchema = z.object({ - region: z.string().trim().nonempty(t("workflow_node.deploy.form.aws_cloudfront_region.placeholder")), - distributionId: z.string().trim().nonempty(t("workflow_node.deploy.form.aws_cloudfront_distribution_id.placeholder")), - certificateSource: z.string().trim().nonempty(t("workflow_node.deploy.form.aws_cloudfront_certificate_source.placeholder")), + region: z.string().nonempty(t("workflow_node.deploy.form.aws_cloudfront_region.placeholder")), + distributionId: z.string().nonempty(t("workflow_node.deploy.form.aws_cloudfront_distribution_id.placeholder")), + certificateSource: z.string().nonempty(t("workflow_node.deploy.form.aws_cloudfront_certificate_source.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAWSIAMConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAWSIAMConfig.tsx index 1013153a..fa89d83b 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAWSIAMConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAWSIAMConfig.tsx @@ -28,8 +28,7 @@ const DeployNodeConfigFormAWSIAMConfig = ({ form: formInst, formName, disabled, const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aws_iam_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aws_iam_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aws_iam_region.placeholder")), certificatePath: z .string() .nullish() diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunALBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunALBConfig.tsx index 341bfe6a..570109e5 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunALBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunALBConfig.tsx @@ -46,18 +46,15 @@ const DeployNodeConfigFormAliyunALBConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.aliyun_alb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_alb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_alb_region.placeholder")), loadbalancerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_LOADBALANCER || !!v?.trim(), t("workflow_node.deploy.form.aliyun_alb_loadbalancer_id.placeholder")), listenerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_LISTENER || !!v?.trim(), t("workflow_node.deploy.form.aliyun_alb_listener_id.placeholder")), domain: z diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunAPIGWConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunAPIGWConfig.tsx index 430859a7..c88c9e5a 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunAPIGWConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunAPIGWConfig.tsx @@ -44,8 +44,7 @@ const DeployNodeConfigFormAliyunAPIGWConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.aliyun_apigw_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_apigw_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_apigw_region.placeholder")), gatewayId: z .string() .nullish() diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCASConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCASConfig.tsx index f4aed907..1ea744fd 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCASConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCASConfig.tsx @@ -31,8 +31,7 @@ const DeployNodeConfigFormAliyunCASConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aliyun_cas_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_cas_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_cas_region.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCASDeployConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCASDeployConfig.tsx index 1b551f18..d7e961ae 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCASDeployConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCASDeployConfig.tsx @@ -37,8 +37,7 @@ const DeployNodeConfigFormAliyunCASDeployConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aliyun_cas_deploy_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_cas_deploy_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_cas_deploy_region.placeholder")), resourceIds: z.string({ message: t("workflow_node.deploy.form.aliyun_cas_deploy_resource_ids.placeholder") }).refine((v) => { if (!v) return false; return String(v) diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCLBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCLBConfig.tsx index fcd59569..6acc2942 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCLBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCLBConfig.tsx @@ -47,13 +47,11 @@ const DeployNodeConfigFormAliyunCLBConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.aliyun_clb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_clb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_clb_region.placeholder")), loadbalancerId: z .string({ message: t("workflow_node.deploy.form.aliyun_clb_loadbalancer_id.placeholder") }) .min(1, t("workflow_node.deploy.form.aliyun_clb_loadbalancer_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), listenerPort: z.preprocess( (v) => (v == null || v === "" ? undefined : Number(v)), z diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunDDoSConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunDDoSConfig.tsx index f8887794..6081e0af 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunDDoSConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunDDoSConfig.tsx @@ -34,8 +34,7 @@ const DeployNodeConfigFormAliyunDDoSConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aliyun_ddos_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_ddos_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_ddos_region.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.aliyun_ddos_domain.placeholder") }) .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunESAConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunESAConfig.tsx index f61485e2..91c34b08 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunESAConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunESAConfig.tsx @@ -32,8 +32,7 @@ const DeployNodeConfigFormAliyunESAConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aliyun_esa_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_esa_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_esa_region.placeholder")), siteId: z.union([z.string(), z.number()]).refine((v) => { return /^\d+$/.test(v + "") && +v > 0; }, t("workflow_node.deploy.form.aliyun_esa_site_id.placeholder")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunFCConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunFCConfig.tsx index 63906350..c20dc15a 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunFCConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunFCConfig.tsx @@ -34,8 +34,7 @@ const DeployNodeConfigFormAliyunFCConfig = ({ form: formInst, formName, disabled }), region: z .string({ message: t("workflow_node.deploy.form.aliyun_fc_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_fc_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_fc_region.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.aliyun_fc_domain.placeholder") }) .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunGAConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunGAConfig.tsx index f90652f9..39991869 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunGAConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunGAConfig.tsx @@ -37,14 +37,10 @@ const DeployNodeConfigFormAliyunGAConfig = ({ form: formInst, formName, disabled resourceType: z.union([z.literal(RESOURCE_TYPE_ACCELERATOR), z.literal(RESOURCE_TYPE_LISTENER)], { message: t("workflow_node.deploy.form.aliyun_ga_resource_type.placeholder"), }), - acceleratorId: z - .string() - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + acceleratorId: z.string().max(64, t("common.errmsg.string_max", { max: 64 })), listenerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_LISTENER || !!v?.trim(), t("workflow_node.deploy.form.aliyun_ga_listener_id.placeholder")), domain: z diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunLiveConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunLiveConfig.tsx index 04692846..569b1469 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunLiveConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunLiveConfig.tsx @@ -34,8 +34,7 @@ const DeployNodeConfigFormAliyunLiveConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aliyun_live_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_live_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_live_region.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.aliyun_live_domain.placeholder") }) .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunNLBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunNLBConfig.tsx index abd95843..ff4928be 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunNLBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunNLBConfig.tsx @@ -44,18 +44,15 @@ const DeployNodeConfigFormAliyunNLBConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.aliyun_nlb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_nlb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_nlb_region.placeholder")), loadbalancerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_LOADBALANCER || !!v?.trim(), t("workflow_node.deploy.form.aliyun_nlb_loadbalancer_id.placeholder")), listenerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_LISTENER || !!v?.trim(), t("workflow_node.deploy.form.aliyun_nlb_listener_id.placeholder")), }); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunOSSConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunOSSConfig.tsx index 5cc1edd6..5aefa851 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunOSSConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunOSSConfig.tsx @@ -35,12 +35,10 @@ const DeployNodeConfigFormAliyunOSSConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aliyun_oss_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_oss_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_oss_region.placeholder")), bucket: z .string({ message: t("workflow_node.deploy.form.aliyun_oss_bucket.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_oss_bucket.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_oss_bucket.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.aliyun_oss_domain.placeholder") }) .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunVODConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunVODConfig.tsx index d76e1193..752d28cd 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunVODConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunVODConfig.tsx @@ -34,8 +34,7 @@ const DeployNodeConfigFormAliyunVODConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aliyun_vod_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_vod_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_vod_region.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.aliyun_vod_domain.placeholder") }) .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunWAFConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunWAFConfig.tsx index a46c7327..f7044063 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunWAFConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunWAFConfig.tsx @@ -38,16 +38,14 @@ const DeployNodeConfigFormAliyunWAFConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aliyun_waf_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_waf_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_waf_region.placeholder")), serviceVersion: z.literal("3.0", { message: t("workflow_node.deploy.form.aliyun_waf_service_version.placeholder"), }), instanceId: z .string({ message: t("workflow_node.deploy.form.aliyun_waf_instance_id.placeholder") }) .nonempty(t("workflow_node.deploy.form.aliyun_waf_instance_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), domain: z .string() .nullish() diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAzureKeyVaultConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAzureKeyVaultConfig.tsx index bd2347df..952d3e23 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAzureKeyVaultConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAzureKeyVaultConfig.tsx @@ -32,8 +32,7 @@ const DeployNodeConfigFormAzureKeyVaultConfig = ({ const formSchema = z.object({ keyvaultName: z .string({ message: t("workflow_node.deploy.form.azure_keyvault_name.placeholder") }) - .nonempty(t("workflow_node.deploy.form.azure_keyvault_name.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.azure_keyvault_name.placeholder")), certificateName: z .string() .nullish() diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormBaiduCloudAppBLBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormBaiduCloudAppBLBConfig.tsx index aba8bf6b..7f6b21cf 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormBaiduCloudAppBLBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormBaiduCloudAppBLBConfig.tsx @@ -47,13 +47,11 @@ const DeployNodeConfigFormBaiduCloudAppBLBConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.baiducloud_appblb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.baiducloud_appblb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.baiducloud_appblb_region.placeholder")), loadbalancerId: z .string({ message: t("workflow_node.deploy.form.baiducloud_appblb_loadbalancer_id.placeholder") }) .min(1, t("workflow_node.deploy.form.baiducloud_appblb_loadbalancer_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), listenerPort: z.preprocess( (v) => (v == null || v === "" ? undefined : Number(v)), z diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormBaiduCloudBLBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormBaiduCloudBLBConfig.tsx index fd61053c..28582fd6 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormBaiduCloudBLBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormBaiduCloudBLBConfig.tsx @@ -47,13 +47,11 @@ const DeployNodeConfigFormBaiduCloudBLBConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.baiducloud_blb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.baiducloud_blb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.baiducloud_blb_region.placeholder")), loadbalancerId: z .string({ message: t("workflow_node.deploy.form.baiducloud_blb_loadbalancer_id.placeholder") }) .min(1, t("workflow_node.deploy.form.baiducloud_blb_loadbalancer_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), listenerPort: z.preprocess( (v) => (v == null || v === "" ? undefined : Number(v)), z diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormBaotaWAFSiteConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormBaotaWAFSiteConfig.tsx index 6f992fb8..7c0ae293 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormBaotaWAFSiteConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormBaotaWAFSiteConfig.tsx @@ -35,7 +35,7 @@ const DeployNodeConfigFormBaotaWAFSiteConfig = ({ const { t } = useTranslation(); const formSchema = z.object({ - siteName: z.string().nonempty(t("workflow_node.deploy.form.baotawaf_site_name.placeholder")).trim(), + siteName: z.string().nonempty(t("workflow_node.deploy.form.baotawaf_site_name.placeholder")), sitePort: z.preprocess( (v) => Number(v), z diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormBunnyCDNConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormBunnyCDNConfig.tsx index 340de12c..d6a42f3b 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormBunnyCDNConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormBunnyCDNConfig.tsx @@ -25,11 +25,9 @@ const DeployNodeConfigFormBunnyCDNConfig = ({ form: formInst, formName, disabled const { t } = useTranslation(); const formSchema = z.object({ - pullZoneId: z - .union([z.string(), z.number().int()]) - .refine((v) => { - return /^\d+$/.test(v + "") && +v! > 0; - }, t("workflow_node.deploy.form.bunny_cdn_pull_zone_id.placeholder")), + pullZoneId: z.union([z.string(), z.number().int()]).refine((v) => { + return /^\d+$/.test(v + "") && +v! > 0; + }, t("workflow_node.deploy.form.bunny_cdn_pull_zone_id.placeholder")), hostname: z .string({ message: t("workflow_node.deploy.form.bunny_cdn_hostname.placeholder") }) .nonempty(t("workflow_node.deploy.form.bunny_cdn_hostname.placeholder")) diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormEdgioApplicationsConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormEdgioApplicationsConfig.tsx index 2a6929d8..599e4ec4 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormEdgioApplicationsConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormEdgioApplicationsConfig.tsx @@ -32,8 +32,7 @@ const DeployNodeConfigFormEdgioApplicationsConfig = ({ environmentId: z .string({ message: t("workflow_node.deploy.form.edgio_applications_environment_id.placeholder") }) .min(1, t("workflow_node.deploy.form.edgio_applications_environment_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudCDNConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudCDNConfig.tsx index 92d4efee..93d0a300 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudCDNConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudCDNConfig.tsx @@ -34,8 +34,7 @@ const DeployNodeConfigFormHuaweiCloudCDNConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.huaweicloud_cdn_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.huaweicloud_cdn_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.huaweicloud_cdn_region.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.huaweicloud_cdn_domain.placeholder") }) .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudELBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudELBConfig.tsx index c3f17e2a..7e164ff2 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudELBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudELBConfig.tsx @@ -46,18 +46,15 @@ const DeployNodeConfigFormHuaweiCloudELBConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.huaweicloud_elb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.huaweicloud_elb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.huaweicloud_elb_region.placeholder")), certificateId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_CERTIFICATE || !!v?.trim(), t("workflow_node.deploy.form.huaweicloud_elb_certificate_id.placeholder")), loadbalancerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine( (v) => fieldResourceType !== RESOURCE_TYPE_LOADBALANCER || !!v?.trim(), @@ -66,7 +63,6 @@ const DeployNodeConfigFormHuaweiCloudELBConfig = ({ listenerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_LISTENER || !!v?.trim(), t("workflow_node.deploy.form.huaweicloud_elb_listener_id.placeholder")), }); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudWAFConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudWAFConfig.tsx index cdcabef5..4d21bddf 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudWAFConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudWAFConfig.tsx @@ -45,12 +45,10 @@ const DeployNodeConfigFormHuaweiCloudWAFConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.huaweicloud_waf_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.huaweicloud_waf_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.huaweicloud_waf_region.placeholder")), certificateId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => { if (fieldResourceType !== RESOURCE_TYPE_CERTIFICATE) return true; diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormJDCloudALBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormJDCloudALBConfig.tsx index f9cfd937..59f5ad91 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormJDCloudALBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormJDCloudALBConfig.tsx @@ -46,18 +46,15 @@ const DeployNodeConfigFormJDCloudALBConfig = ({ }), regionId: z .string({ message: t("workflow_node.deploy.form.jdcloud_alb_region_id.placeholder") }) - .nonempty(t("workflow_node.deploy.form.jdcloud_alb_region_id.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.jdcloud_alb_region_id.placeholder")), loadbalancerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_LOADBALANCER || !!v?.trim(), t("workflow_node.deploy.form.jdcloud_alb_loadbalancer_id.placeholder")), listenerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_LISTENER || !!v?.trim(), t("workflow_node.deploy.form.jdcloud_alb_listener_id.placeholder")), domain: z diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormKubernetesSecretConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormKubernetesSecretConfig.tsx index f6efd4d0..fcd67072 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormKubernetesSecretConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormKubernetesSecretConfig.tsx @@ -41,28 +41,23 @@ const DeployNodeConfigFormKubernetesSecretConfig = ({ namespace: z .string({ message: t("workflow_node.deploy.form.k8s_namespace.placeholder") }) .nonempty(t("workflow_node.deploy.form.k8s_namespace.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), secretName: z .string({ message: t("workflow_node.deploy.form.k8s_secret_name.placeholder") }) .nonempty(t("workflow_node.deploy.form.k8s_secret_name.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), secretType: z .string({ message: t("workflow_node.deploy.form.k8s_secret_type.placeholder") }) .nonempty(t("workflow_node.deploy.form.k8s_secret_type.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), secretDataKeyForCrt: z .string({ message: t("workflow_node.deploy.form.k8s_secret_data_key_for_crt.placeholder") }) .nonempty(t("workflow_node.deploy.form.k8s_secret_data_key_for_crt.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), secretDataKeyForKey: z .string({ message: t("workflow_node.deploy.form.k8s_secret_data_key_for_key.placeholder") }) .nonempty(t("workflow_node.deploy.form.k8s_secret_data_key_for_key.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormLocalConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormLocalConfig.tsx index 282503e5..36d22a08 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormLocalConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormLocalConfig.tsx @@ -166,46 +166,38 @@ const DeployNodeConfigFormLocalConfig = ({ form: formInst, formName, disabled, i certPath: z .string() .min(1, t("workflow_node.deploy.form.local_cert_path.tooltip")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), certPathForServerOnly: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), certPathForIntermediaOnly: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), keyPath: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_PEM || !!v?.trim(), { message: t("workflow_node.deploy.form.local_key_path.tooltip") }), pfxPassword: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_PFX || !!v?.trim(), { message: t("workflow_node.deploy.form.local_pfx_password.tooltip") }), jksAlias: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_JKS || !!v?.trim(), { message: t("workflow_node.deploy.form.local_jks_alias.tooltip") }), jksKeypass: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_JKS || !!v?.trim(), { message: t("workflow_node.deploy.form.local_jks_keypass.tooltip") }), jksStorepass: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_JKS || !!v?.trim(), { message: t("workflow_node.deploy.form.local_jks_storepass.tooltip") }), shellEnv: z.union([z.literal(SHELLENV_SH), z.literal(SHELLENV_CMD), z.literal(SHELLENV_POWERSHELL)], { diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormQiniuPiliConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormQiniuPiliConfig.tsx index dd6f1570..2cac6de7 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormQiniuPiliConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormQiniuPiliConfig.tsx @@ -32,10 +32,7 @@ const DeployNodeConfigFormQiniuPiliConfig = ({ const { t } = useTranslation(); const formSchema = z.object({ - hub: z - .string({ message: t("workflow_node.deploy.form.qiniu_pili_hub.placeholder") }) - .nonempty(t("workflow_node.deploy.form.qiniu_pili_hub.placeholder")) - .trim(), + hub: z.string({ message: t("workflow_node.deploy.form.qiniu_pili_hub.placeholder") }).nonempty(t("workflow_node.deploy.form.qiniu_pili_hub.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.qiniu_pili_domain.placeholder") }) .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormSSHConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormSSHConfig.tsx index aa528b2e..304f638e 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormSSHConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormSSHConfig.tsx @@ -198,46 +198,38 @@ const DeployNodeConfigFormSSHConfig = ({ form: formInst, formName, disabled, ini certPath: z .string() .min(1, t("workflow_node.deploy.form.ssh_cert_path.tooltip")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), keyPath: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_PEM || !!v?.trim(), { message: t("workflow_node.deploy.form.ssh_key_path.tooltip") }), certPathForServerOnly: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), certPathForIntermediaOnly: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), pfxPassword: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_PFX || !!v?.trim(), { message: t("workflow_node.deploy.form.ssh_pfx_password.tooltip") }), jksAlias: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_JKS || !!v?.trim(), { message: t("workflow_node.deploy.form.ssh_jks_alias.tooltip") }), jksKeypass: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_JKS || !!v?.trim(), { message: t("workflow_node.deploy.form.ssh_jks_keypass.tooltip") }), jksStorepass: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_JKS || !!v?.trim(), { message: t("workflow_node.deploy.form.ssh_jks_storepass.tooltip") }), preCommand: z diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudCLBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudCLBConfig.tsx index cd06dbd7..f2cd3f39 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudCLBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudCLBConfig.tsx @@ -49,17 +49,14 @@ const DeployNodeConfigFormTencentCloudCLBConfig = ({ ), region: z .string({ message: t("workflow_node.deploy.form.tencentcloud_clb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_clb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_clb_region.placeholder")), loadbalancerId: z .string() .min(1, t("workflow_node.deploy.form.tencentcloud_clb_loadbalancer_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), listenerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine( (v) => ![RESOURCE_TYPE_VIA_SSLDEPLOY, RESOURCE_TYPE_LISTENER, RESOURCE_TYPE_RULEDOMAIN].includes(fieldResourceType) || !!v?.trim(), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudCOSConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudCOSConfig.tsx index 26b70048..6192c9b9 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudCOSConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudCOSConfig.tsx @@ -35,12 +35,10 @@ const DeployNodeConfigFormTencentCloudCOSConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.tencentcloud_cos_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_cos_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_cos_region.placeholder")), bucket: z .string({ message: t("workflow_node.deploy.form.tencentcloud_cos_bucket.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_cos_bucket.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_cos_bucket.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.tencentcloud_cos_domain.placeholder") }) .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudEOConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudEOConfig.tsx index 44e277eb..13bc78ba 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudEOConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudEOConfig.tsx @@ -34,8 +34,7 @@ const DeployNodeConfigFormTencentCloudEOConfig = ({ const formSchema = z.object({ zoneId: z .string({ message: t("workflow_node.deploy.form.tencentcloud_eo_zone_id.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_eo_zone_id.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_eo_zone_id.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.tencentcloud_eo_domain.placeholder") }) .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudGAAPConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudGAAPConfig.tsx index 1f443cdf..9432596b 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudGAAPConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudGAAPConfig.tsx @@ -39,10 +39,9 @@ const DeployNodeConfigFormTencentCloudGAAPConfig = ({ const formSchema = z.object({ resourceType: z.literal(RESOURCE_TYPE_LISTENER, { message: t("workflow_node.deploy.form.tencentcloud_gaap_resource_type.placeholder") }), - proxyId: z.string().trim().nullish(), + proxyId: z.string().nullish(), listenerId: z .string() - .trim() .nullish() .refine( (v) => ![RESOURCE_TYPE_LISTENER].includes(fieldResourceType) || !!v?.trim(), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudSCFConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudSCFConfig.tsx index 6758ddbd..b217f584 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudSCFConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudSCFConfig.tsx @@ -34,8 +34,7 @@ const DeployNodeConfigFormTencentCloudSCFConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.tencentcloud_scf_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_scf_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_scf_region.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.tencentcloud_scf_domain.placeholder") }) .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudSSLDeployConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudSSLDeployConfig.tsx index 2b764771..a0477fbf 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudSSLDeployConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudSSLDeployConfig.tsx @@ -37,12 +37,10 @@ const DeployNodeConfigFormTencentCloudSSLDeployConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.tencentcloud_ssl_deploy_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_ssl_deploy_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_ssl_deploy_region.placeholder")), resourceType: z .string({ message: t("workflow_node.deploy.form.tencentcloud_ssl_deploy_resource_type.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_ssl_deploy_resource_type.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_ssl_deploy_resource_type.placeholder")), resourceIds: z.string({ message: t("workflow_node.deploy.form.tencentcloud_ssl_deploy_resource_ids.placeholder") }).refine((v) => { if (!v) return false; return String(v) diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudWAFConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudWAFConfig.tsx index 347ebaa2..0ac3e778 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudWAFConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudWAFConfig.tsx @@ -36,19 +36,16 @@ const DeployNodeConfigFormTencentCloudWAFConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.tencentcloud_waf_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_waf_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_waf_region.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.tencentcloud_waf_domain.placeholder") }) .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), domainId: z .string({ message: t("workflow_node.deploy.form.tencentcloud_waf_domain_id.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_waf_domain_id.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_waf_domain_id.placeholder")), instanceId: z .string({ message: t("workflow_node.deploy.form.tencentcloud_waf_instance_id.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_waf_instance_id.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_waf_instance_id.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormUCloudUS3Config.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormUCloudUS3Config.tsx index 0ac3a5d6..a2ea684b 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormUCloudUS3Config.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormUCloudUS3Config.tsx @@ -35,12 +35,10 @@ const DeployNodeConfigFormUCloudUS3Config = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.ucloud_us3_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.ucloud_us3_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.ucloud_us3_region.placeholder")), bucket: z .string({ message: t("workflow_node.deploy.form.ucloud_us3_bucket.placeholder") }) - .nonempty(t("workflow_node.deploy.form.ucloud_us3_bucket.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.ucloud_us3_bucket.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.ucloud_us3_domain.placeholder") }) .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormUniCloudWebHostConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormUniCloudWebHostConfig.tsx index df524417..21624c52 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormUniCloudWebHostConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormUniCloudWebHostConfig.tsx @@ -37,8 +37,8 @@ const DeployNodeConfigFormUniCloudWebHostConfig = ({ const { t } = useTranslation(); const formSchema = z.object({ - spaceProvider: z.string().trim().nonempty(t("workflow_node.deploy.form.unicloud_webhost_space_provider.placeholder")), - spaceId: z.string().trim().nonempty(t("workflow_node.deploy.form.unicloud_webhost_space_id.placeholder")), + spaceProvider: z.string().nonempty(t("workflow_node.deploy.form.unicloud_webhost_space_provider.placeholder")), + spaceId: z.string().nonempty(t("workflow_node.deploy.form.unicloud_webhost_space_id.placeholder")), domain: z.string().refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineALBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineALBConfig.tsx index 650323ab..41750936 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineALBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineALBConfig.tsx @@ -46,12 +46,10 @@ const DeployNodeConfigFormVolcEngineALBConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.volcengine_alb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.volcengine_alb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.volcengine_alb_region.placeholder")), loadbalancerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine( (v) => ![RESOURCE_TYPE_LOADBALANCER].includes(fieldResourceType) || !!v?.trim(), @@ -60,7 +58,6 @@ const DeployNodeConfigFormVolcEngineALBConfig = ({ listenerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine( (v) => ![RESOURCE_TYPE_LISTENER].includes(fieldResourceType) || !!v?.trim(), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineCLBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineCLBConfig.tsx index 99263044..9c00db70 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineCLBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineCLBConfig.tsx @@ -44,12 +44,10 @@ const DeployNodeConfigFormVolcEngineCLBConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.volcengine_clb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.volcengine_clb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.volcengine_clb_region.placeholder")), loadbalancerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine( (v) => ![RESOURCE_TYPE_LOADBALANCER].includes(fieldResourceType) || !!v?.trim(), @@ -58,7 +56,6 @@ const DeployNodeConfigFormVolcEngineCLBConfig = ({ listenerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine( (v) => ![RESOURCE_TYPE_LISTENER].includes(fieldResourceType) || !!v?.trim(), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineCertCenterConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineCertCenterConfig.tsx index 21f4557f..28fb16f6 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineCertCenterConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineCertCenterConfig.tsx @@ -31,8 +31,7 @@ const DeployNodeConfigFormVolcEngineCertCenterConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.volcengine_certcenter_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.volcengine_certcenter_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.volcengine_certcenter_region.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineImageXConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineImageXConfig.tsx index 61f59e23..5ce81fd0 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineImageXConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineImageXConfig.tsx @@ -33,12 +33,10 @@ const DeployNodeConfigFormVolcEngineImageXConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.volcengine_imagex_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.volcengine_imagex_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.volcengine_imagex_region.placeholder")), serviceId: z .string({ message: t("workflow_node.deploy.form.volcengine_imagex_service_id.placeholder") }) - .nonempty(t("workflow_node.deploy.form.volcengine_imagex_service_id.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.volcengine_imagex_service_id.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.volcengine_imagex_domain.placeholder") }) .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineTOSConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineTOSConfig.tsx index 730d1fd7..516dc123 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineTOSConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineTOSConfig.tsx @@ -35,12 +35,10 @@ const DeployNodeConfigFormVolcEngineTOSConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.volcengine_tos_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.volcengine_tos_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.volcengine_tos_region.placeholder")), bucket: z .string({ message: t("workflow_node.deploy.form.volcengine_tos_bucket.placeholder") }) - .nonempty(t("workflow_node.deploy.form.volcengine_tos_bucket.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.volcengine_tos_bucket.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.volcengine_tos_domain.placeholder") }) .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), diff --git a/ui/src/hooks/useVersionChecker.ts b/ui/src/hooks/useVersionChecker.ts index 9df7740d..75e27eaa 100644 --- a/ui/src/hooks/useVersionChecker.ts +++ b/ui/src/hooks/useVersionChecker.ts @@ -38,7 +38,7 @@ const compareVersions = (a: string, b: string) => { const useVersionChecker = () => { const { data, refresh } = useRequest( async () => { - const releases = await fetch("https://api.github.com/repos/usual2970/certimate/releases") + const releases = await fetch("https://api.github.com/repos/certimate-go/certimate/releases") .then((res) => res.json()) .then((res) => Array.from(res)); diff --git a/ui/src/i18n/locales/en/nls.access.json b/ui/src/i18n/locales/en/nls.access.json index 27ada05c..77c02dc8 100644 --- a/ui/src/i18n/locales/en/nls.access.json +++ b/ui/src/i18n/locales/en/nls.access.json @@ -422,10 +422,10 @@ "access.form.telegrambot_default_chat_id.tooltip": "How to get it? Please refer to https://gist.github.com/nafiesl/4ad622f344cd1dc3bb1ecbe468ff9f8a", "access.form.tencentcloud_secret_id.label": "Tencent Cloud SecretId", "access.form.tencentcloud_secret_id.placeholder": "Please enter Tencent Cloud SecretId", - "access.form.tencentcloud_secret_id.tooltip": "For more information, see https://cloud.tencent.com/document/product/598/40488?lang=en", + "access.form.tencentcloud_secret_id.tooltip": "For more information, see https://www.tencentcloud.com/zh/document/product/598/34228", "access.form.tencentcloud_secret_key.label": "Tencent Cloud SecretKey", "access.form.tencentcloud_secret_key.placeholder": "Please enter Tencent Cloud SecretKey", - "access.form.tencentcloud_secret_key.tooltip": "For more information, see https://cloud.tencent.com/document/product/598/40488?lang=en", + "access.form.tencentcloud_secret_key.tooltip": "For more information, see https://www.tencentcloud.com/zh/document/product/598/34228", "access.form.ucloud_private_key.label": "UCloud API private key", "access.form.ucloud_private_key.placeholder": "Please enter UCloud API private key", "access.form.ucloud_private_key.tooltip": "For more information, see https://console.ucloud-global.com/uaccount/api_manage", diff --git a/ui/src/i18n/locales/en/nls.workflow.nodes.json b/ui/src/i18n/locales/en/nls.workflow.nodes.json index 561ce084..f3347ca1 100644 --- a/ui/src/i18n/locales/en/nls.workflow.nodes.json +++ b/ui/src/i18n/locales/en/nls.workflow.nodes.json @@ -693,7 +693,7 @@ "workflow_node.deploy.form.tencentcloud_cos_domain.tooltip": "For more information, see https://console.tencentcloud.com/cos", "workflow_node.deploy.form.tencentcloud_css_domain.label": "Tencent Cloud CSS play domain", "workflow_node.deploy.form.tencentcloud_css_domain.placeholder": "Please enter Tencent Cloud CSS play domain name", - "workflow_node.deploy.form.tencentcloud_css_domain.tooltip": "For more information, see https://console.cloud.tencent.com/live", + "workflow_node.deploy.form.tencentcloud_css_domain.tooltip": "For more information, see https://console.tencentcloud.com/live", "workflow_node.deploy.form.tencentcloud_ecdn_domain.label": "Tencent Cloud ECDN domain", "workflow_node.deploy.form.tencentcloud_ecdn_domain.placeholder": "Please enter Tencent Cloud ECDN domain name", "workflow_node.deploy.form.tencentcloud_ecdn_domain.tooltip": "For more information, see https://console.tencentcloud.com/cdn", @@ -708,10 +708,10 @@ "workflow_node.deploy.form.tencentcloud_gaap_resource_type.option.listener.label": "GAAP listener", "workflow_node.deploy.form.tencentcloud_gaap_proxy_id.label": "Tencent Cloud GAAP proxy ID (Optional)", "workflow_node.deploy.form.tencentcloud_gaap_proxy_id.placeholder": "Please enter Tencent Cloud GAAP proxy ID", - "workflow_node.deploy.form.tencentcloud_gaap_proxy_id.tooltip": "For more information, see https://console.cloud.tencent.com/gaap", + "workflow_node.deploy.form.tencentcloud_gaap_proxy_id.tooltip": "For more information, see https://console.tencentcloud.com/gaap", "workflow_node.deploy.form.tencentcloud_gaap_listener_id.label": "Tencent Cloud GAAP listener ID", "workflow_node.deploy.form.tencentcloud_gaap_listener_id.placeholder": "Please enter Tencent Cloud GAAP listener ID", - "workflow_node.deploy.form.tencentcloud_gaap_listener_id.tooltip": "For more information, see https://console.cloud.tencent.com/gaap", + "workflow_node.deploy.form.tencentcloud_gaap_listener_id.tooltip": "For more information, see https://console.tencentcloud.com/gaap", "workflow_node.deploy.form.tencentcloud_scf_region.label": "Tencent Cloud SCF region", "workflow_node.deploy.form.tencentcloud_scf_region.placeholder": "Please enter Tencent Cloud SCF region (e.g. ap-guangzhou)", "workflow_node.deploy.form.tencentcloud_scf_region.tooltip": "For more information, see https://www.tencentcloud.com/document/product/583/17299", @@ -733,10 +733,10 @@ "workflow_node.deploy.form.tencentcloud_ssl_deploy_resource_ids.multiple_input_modal.placeholder": "Please enter Tencent Cloud resouce ID", "workflow_node.deploy.form.tencentcloud_vod_sub_app_id.label": "Tencent Cloud VOD App ID", "workflow_node.deploy.form.tencentcloud_vod_sub_app_id.placeholder": "Please enter Tencent Cloud VOD App ID", - "workflow_node.deploy.form.tencentcloud_vod_sub_app_id.tooltip": "For more information, see https://console.cloud.tencent.com/vod", + "workflow_node.deploy.form.tencentcloud_vod_sub_app_id.tooltip": "For more information, see https://console.tencentcloud.com/vod", "workflow_node.deploy.form.tencentcloud_vod_domain.label": "Tencent Cloud VOD domain", "workflow_node.deploy.form.tencentcloud_vod_domain.placeholder": "Please enter Tencent Cloud VOD domain name", - "workflow_node.deploy.form.tencentcloud_vod_domain.tooltip": "For more information, see https://console.cloud.tencent.com/vod", + "workflow_node.deploy.form.tencentcloud_vod_domain.tooltip": "For more information, see https://console.tencentcloud.com/vod", "workflow_node.deploy.form.tencentcloud_waf_region.label": "Tencent Cloud WAF region", "workflow_node.deploy.form.tencentcloud_waf_region.placeholder": "Please enter Tencent Cloud WAF region (e.g. ap-guangzhou)", "workflow_node.deploy.form.tencentcloud_waf_region.tooltip": "For more information, see https://www.tencentcloud.com/document/product/627/38085", diff --git a/ui/src/i18n/locales/zh/nls.workflow.nodes.json b/ui/src/i18n/locales/zh/nls.workflow.nodes.json index f51f5b0c..cdb519db 100644 --- a/ui/src/i18n/locales/zh/nls.workflow.nodes.json +++ b/ui/src/i18n/locales/zh/nls.workflow.nodes.json @@ -715,7 +715,7 @@ "workflow_node.deploy.form.tencentcloud_scf_region.tooltip": "这是什么?请参阅 https://cloud.tencent.com/document/product/583/17299", "workflow_node.deploy.form.tencentcloud_scf_domain.label": "腾讯云 SCF 自定义域名", "workflow_node.deploy.form.tencentcloud_scf_domain.placeholder": "输入腾讯云 SCF 自定义域名", - "workflow_node.deploy.form.tencentcloud_scf_domain.tooltip": "这是什么?请参阅 https://console.tencentcloud.com/scf", + "workflow_node.deploy.form.tencentcloud_scf_domain.tooltip": "这是什么?请参阅 https://console.cloud.tencent.com/scf", "workflow_node.deploy.form.tencentcloud_ssl_deploy.guide": "小贴士:由于腾讯云证书部署任务是异步的,此节点若执行成功仅代表已创建部署任务,实际部署结果需要你自行前往腾讯云控制台查询。", "workflow_node.deploy.form.tencentcloud_ssl_deploy_region.label": "腾讯云云产品地域", "workflow_node.deploy.form.tencentcloud_ssl_deploy_region.placeholder": "请输入腾讯云云产品地域(例如:ap-guangzhou)", diff --git a/ui/src/pages/workflows/WorkflowDetail.tsx b/ui/src/pages/workflows/WorkflowDetail.tsx index 91e8d746..549bc311 100644 --- a/ui/src/pages/workflows/WorkflowDetail.tsx +++ b/ui/src/pages/workflows/WorkflowDetail.tsx @@ -335,12 +335,10 @@ const WorkflowBaseInfoModal = ({ trigger }: { trigger?: React.ReactNode }) => { name: z .string({ message: t("workflow.detail.baseinfo.form.name.placeholder") }) .min(1, t("workflow.detail.baseinfo.form.name.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), description: z .string({ message: t("workflow.detail.baseinfo.form.description.placeholder") }) .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/pages/workflows/WorkflowNew.tsx b/ui/src/pages/workflows/WorkflowNew.tsx index 9877dcc2..1da27939 100644 --- a/ui/src/pages/workflows/WorkflowNew.tsx +++ b/ui/src/pages/workflows/WorkflowNew.tsx @@ -37,12 +37,10 @@ const WorkflowNew = () => { name: z .string({ message: t("workflow.new.modal.form.name.placeholder") }) .min(1, t("workflow.new.modal.form.name.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), description: z .string({ message: t("workflow.new.modal.form.description.placeholder") }) .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), }); const formRule = createSchemaFieldRule(formSchema);