mirror of
https://github.com/woodchen-ink/certimate.git
synced 2025-07-18 17:31:55 +08:00
fix: #617
This commit is contained in:
Fu Diwei
parent
55d7a05af8
commit
50b48d956f
@ -1016,6 +1016,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
|
|||||||
deployer, err := pWangsuCDNPro.NewDeployer(&pWangsuCDNPro.DeployerConfig{
|
deployer, err := pWangsuCDNPro.NewDeployer(&pWangsuCDNPro.DeployerConfig{
|
||||||
AccessKeyId: access.AccessKeyId,
|
AccessKeyId: access.AccessKeyId,
|
||||||
AccessKeySecret: access.AccessKeySecret,
|
AccessKeySecret: access.AccessKeySecret,
|
||||||
|
ApiKey: access.ApiKey,
|
||||||
Environment: maputil.GetOrDefaultString(options.ProviderDeployConfig, "environment", "production"),
|
Environment: maputil.GetOrDefaultString(options.ProviderDeployConfig, "environment", "production"),
|
||||||
Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
|
Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
|
||||||
CertificateId: maputil.GetString(options.ProviderDeployConfig, "certificateId"),
|
CertificateId: maputil.GetString(options.ProviderDeployConfig, "certificateId"),
|
||||||
|
|||||||
@ -231,6 +231,7 @@ type AccessConfigForVolcEngine struct {
|
|||||||
type AccessConfigForWangsu struct {
|
type AccessConfigForWangsu struct {
|
||||||
AccessKeyId string `json:"accessKeyId"`
|
AccessKeyId string `json:"accessKeyId"`
|
||||||
AccessKeySecret string `json:"accessKeySecret"`
|
AccessKeySecret string `json:"accessKeySecret"`
|
||||||
|
ApiKey string `json:"apiKey"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type AccessConfigForWebhook struct {
|
type AccessConfigForWebhook struct {
|
||||||
|
|||||||
@ -28,6 +28,8 @@ type DeployerConfig struct {
|
|||||||
AccessKeyId string `json:"accessKeyId"`
|
AccessKeyId string `json:"accessKeyId"`
|
||||||
// 网宿云 AccessKeySecret。
|
// 网宿云 AccessKeySecret。
|
||||||
AccessKeySecret string `json:"accessKeySecret"`
|
AccessKeySecret string `json:"accessKeySecret"`
|
||||||
|
// 网宿云 API Key。
|
||||||
|
ApiKey string `json:"apiKey"`
|
||||||
// 网宿云环境。
|
// 网宿云环境。
|
||||||
Environment string `json:"environment"`
|
Environment string `json:"environment"`
|
||||||
// 加速域名(支持泛域名)。
|
// 加速域名(支持泛域名)。
|
||||||
@ -93,7 +95,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
|
|||||||
}
|
}
|
||||||
|
|
||||||
// 生成网宿云证书参数
|
// 生成网宿云证书参数
|
||||||
encryptedPrivateKey, err := encryptPrivateKey(privkeyPem, d.config.AccessKeySecret, time.Now().Unix())
|
encryptedPrivateKey, err := encryptPrivateKey(privkeyPem, d.config.ApiKey, time.Now().Unix())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, xerrors.Wrap(err, "failed to encrypt private key")
|
return nil, xerrors.Wrap(err, "failed to encrypt private key")
|
||||||
}
|
}
|
||||||
@ -231,11 +233,11 @@ func createSdkClient(accessKeyId, accessKeySecret string) (*wangsucdn.Client, er
|
|||||||
return wangsucdn.NewClient(accessKeyId, accessKeySecret), nil
|
return wangsucdn.NewClient(accessKeyId, accessKeySecret), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func encryptPrivateKey(privkeyPem string, secretKey string, timestamp int64) (string, error) {
|
func encryptPrivateKey(privkeyPem string, apiKey string, timestamp int64) (string, error) {
|
||||||
date := time.Unix(timestamp, 0).UTC()
|
date := time.Unix(timestamp, 0).UTC()
|
||||||
dateStr := date.Format("Mon, 02 Jan 2006 15:04:05 GMT")
|
dateStr := date.Format("Mon, 02 Jan 2006 15:04:05 GMT")
|
||||||
|
|
||||||
mac := hmac.New(sha256.New, []byte(secretKey))
|
mac := hmac.New(sha256.New, []byte(apiKey))
|
||||||
mac.Write([]byte(dateStr))
|
mac.Write([]byte(dateStr))
|
||||||
aesivkey := mac.Sum(nil)
|
aesivkey := mac.Sum(nil)
|
||||||
aesivkeyHex := hex.EncodeToString(aesivkey)
|
aesivkeyHex := hex.EncodeToString(aesivkey)
|
||||||
|
|||||||
@ -16,6 +16,7 @@ var (
|
|||||||
fInputKeyPath string
|
fInputKeyPath string
|
||||||
fAccessKeyId string
|
fAccessKeyId string
|
||||||
fAccessKeySecret string
|
fAccessKeySecret string
|
||||||
|
fApiKey string
|
||||||
fEnvironment string
|
fEnvironment string
|
||||||
fDomain string
|
fDomain string
|
||||||
fCertificateId string
|
fCertificateId string
|
||||||
@ -29,6 +30,7 @@ func init() {
|
|||||||
flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "")
|
flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "")
|
||||||
flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "")
|
flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "")
|
||||||
flag.StringVar(&fAccessKeySecret, argsPrefix+"ACCESSKEYSECRET", "", "")
|
flag.StringVar(&fAccessKeySecret, argsPrefix+"ACCESSKEYSECRET", "", "")
|
||||||
|
flag.StringVar(&fApiKey, argsPrefix+"APIKEY", "", "")
|
||||||
flag.StringVar(&fEnvironment, argsPrefix+"ENVIRONMENT", "production", "")
|
flag.StringVar(&fEnvironment, argsPrefix+"ENVIRONMENT", "production", "")
|
||||||
flag.StringVar(&fDomain, argsPrefix+"DOMAIN", "", "")
|
flag.StringVar(&fDomain, argsPrefix+"DOMAIN", "", "")
|
||||||
flag.StringVar(&fCertificateId, argsPrefix+"CERTIFICATEID", "", "")
|
flag.StringVar(&fCertificateId, argsPrefix+"CERTIFICATEID", "", "")
|
||||||
@ -43,6 +45,7 @@ Shell command to run this test:
|
|||||||
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_INPUTKEYPATH="/path/to/your-input-key.pem" \
|
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_INPUTKEYPATH="/path/to/your-input-key.pem" \
|
||||||
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_ACCESSKEYID="your-access-key-id" \
|
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_ACCESSKEYID="your-access-key-id" \
|
||||||
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_ACCESSKEYSECRET="your-access-key-secret" \
|
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_ACCESSKEYSECRET="your-access-key-secret" \
|
||||||
|
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_APIKEY="your-api-key" \
|
||||||
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_ENVIRONMENT="production" \
|
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_ENVIRONMENT="production" \
|
||||||
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_DOMAIN="example.com" \
|
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_DOMAIN="example.com" \
|
||||||
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_CERTIFICATEID="your-certificate-id"\
|
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_CERTIFICATEID="your-certificate-id"\
|
||||||
@ -58,6 +61,7 @@ func TestDeploy(t *testing.T) {
|
|||||||
fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath),
|
fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath),
|
||||||
fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId),
|
fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId),
|
||||||
fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret),
|
fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret),
|
||||||
|
fmt.Sprintf("APIKEY: %v", fApiKey),
|
||||||
fmt.Sprintf("ENVIRONMENT: %v", fEnvironment),
|
fmt.Sprintf("ENVIRONMENT: %v", fEnvironment),
|
||||||
fmt.Sprintf("DOMAIN: %v", fDomain),
|
fmt.Sprintf("DOMAIN: %v", fDomain),
|
||||||
fmt.Sprintf("CERTIFICATEID: %v", fCertificateId),
|
fmt.Sprintf("CERTIFICATEID: %v", fCertificateId),
|
||||||
@ -67,6 +71,7 @@ func TestDeploy(t *testing.T) {
|
|||||||
deployer, err := provider.NewDeployer(&provider.DeployerConfig{
|
deployer, err := provider.NewDeployer(&provider.DeployerConfig{
|
||||||
AccessKeyId: fAccessKeyId,
|
AccessKeyId: fAccessKeyId,
|
||||||
AccessKeySecret: fAccessKeySecret,
|
AccessKeySecret: fAccessKeySecret,
|
||||||
|
ApiKey: fApiKey,
|
||||||
Environment: fEnvironment,
|
Environment: fEnvironment,
|
||||||
Domain: fDomain,
|
Domain: fDomain,
|
||||||
CertificateId: fCertificateId,
|
CertificateId: fCertificateId,
|
||||||
|
|||||||
2
internal/pkg/vendors/wangsu-sdk/cdn/api.go
vendored
2
internal/pkg/vendors/wangsu-sdk/cdn/api.go
vendored
@ -53,6 +53,6 @@ func (c *Client) CreateDeploymentTask(req *CreateDeploymentTaskRequest) (*Create
|
|||||||
|
|
||||||
func (c *Client) GetDeploymentTaskDetail(deploymentTaskId string) (*GetDeploymentTaskDetailResponse, error) {
|
func (c *Client) GetDeploymentTaskDetail(deploymentTaskId string) (*GetDeploymentTaskDetailResponse, error) {
|
||||||
resp := &GetDeploymentTaskDetailResponse{}
|
resp := &GetDeploymentTaskDetailResponse{}
|
||||||
_, err := c.client.SendRequestWithResult(http.MethodGet, fmt.Sprintf("/cdn/deploymentTasks/%s", deploymentTaskId), nil, resp)
|
_, err := c.client.SendRequestWithResult(http.MethodGet, fmt.Sprintf("/cdn/deploymentTasks/%s", url.PathEscape(deploymentTaskId)), nil, resp)
|
||||||
return resp, err
|
return resp, err
|
||||||
}
|
}
|
||||||
|
|||||||
@ -19,6 +19,7 @@ const initFormModel = (): AccessFormWangsuConfigFieldValues => {
|
|||||||
return {
|
return {
|
||||||
accessKeyId: "",
|
accessKeyId: "",
|
||||||
accessKeySecret: "",
|
accessKeySecret: "",
|
||||||
|
apiKey: "",
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -36,6 +37,11 @@ const AccessFormWangsuConfig = ({ form: formInst, formName, disabled, initialVal
|
|||||||
.min(1, t("access.form.wangsu_access_key_secret.placeholder"))
|
.min(1, t("access.form.wangsu_access_key_secret.placeholder"))
|
||||||
.max(64, t("common.errmsg.string_max", { max: 64 }))
|
.max(64, t("common.errmsg.string_max", { max: 64 }))
|
||||||
.trim(),
|
.trim(),
|
||||||
|
apiKey: z
|
||||||
|
.string()
|
||||||
|
.min(1, t("access.form.wangsu_api_key.placeholder"))
|
||||||
|
.max(256, t("common.errmsg.string_max", { max: 256 }))
|
||||||
|
.trim(),
|
||||||
});
|
});
|
||||||
const formRule = createSchemaFieldRule(formSchema);
|
const formRule = createSchemaFieldRule(formSchema);
|
||||||
|
|
||||||
@ -69,6 +75,15 @@ const AccessFormWangsuConfig = ({ form: formInst, formName, disabled, initialVal
|
|||||||
>
|
>
|
||||||
<Input.Password autoComplete="new-password" placeholder={t("access.form.wangsu_access_key_secret.placeholder")} />
|
<Input.Password autoComplete="new-password" placeholder={t("access.form.wangsu_access_key_secret.placeholder")} />
|
||||||
</Form.Item>
|
</Form.Item>
|
||||||
|
|
||||||
|
<Form.Item
|
||||||
|
name="apiKey"
|
||||||
|
label={t("access.form.wangsu_api_key.label")}
|
||||||
|
rules={[formRule]}
|
||||||
|
tooltip={<span dangerouslySetInnerHTML={{ __html: t("access.form.wangsu_api_key.tooltip") }}></span>}
|
||||||
|
>
|
||||||
|
<Input.Password autoComplete="new-password" placeholder={t("access.form.wangsu_api_key.placeholder")} />
|
||||||
|
</Form.Item>
|
||||||
</Form>
|
</Form>
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
|
|||||||
@ -272,6 +272,7 @@ export type AccessConfigForVolcEngine = {
|
|||||||
export type AccessConfigForWangsu = {
|
export type AccessConfigForWangsu = {
|
||||||
accessKeyId: string;
|
accessKeyId: string;
|
||||||
accessKeySecret: string;
|
accessKeySecret: string;
|
||||||
|
apiKey: string;
|
||||||
};
|
};
|
||||||
|
|
||||||
export type AccessConfigForWebhook = {
|
export type AccessConfigForWebhook = {
|
||||||
|
|||||||
@ -304,6 +304,9 @@
|
|||||||
"access.form.wangsu_access_key_secret.label": "Wangsu Cloud AccessKeySecret",
|
"access.form.wangsu_access_key_secret.label": "Wangsu Cloud AccessKeySecret",
|
||||||
"access.form.wangsu_access_key_secret.placeholder": "Please enter Wangsu Cloud AccessKeySecret",
|
"access.form.wangsu_access_key_secret.placeholder": "Please enter Wangsu Cloud AccessKeySecret",
|
||||||
"access.form.wangsu_access_key_secret.tooltip": "For more information, see <a href=\"https://en.wangsu.com/document/account-manage/15775\" target=\"_blank\">https://en.wangsu.com/document/account-manage/15775</a>",
|
"access.form.wangsu_access_key_secret.tooltip": "For more information, see <a href=\"https://en.wangsu.com/document/account-manage/15775\" target=\"_blank\">https://en.wangsu.com/document/account-manage/15775</a>",
|
||||||
|
"access.form.wangsu_api_key.label": "Wangsu Cloud API key",
|
||||||
|
"access.form.wangsu_api_key.placeholder": "Please enter Wangsu Cloud API key",
|
||||||
|
"access.form.wangsu_api_key.tooltip": "For more information, see <a href=\"https://en.wangsu.com/document/account-manage/15776\" target=\"_blank\">https://en.wangsu.com/document/account-manage/15776</a>",
|
||||||
"access.form.webhook_url.label": "Webhook URL",
|
"access.form.webhook_url.label": "Webhook URL",
|
||||||
"access.form.webhook_url.placeholder": "Please enter Webhook URL",
|
"access.form.webhook_url.placeholder": "Please enter Webhook URL",
|
||||||
"access.form.webhook_allow_insecure_conns.label": "Insecure SSL/TLS connections",
|
"access.form.webhook_allow_insecure_conns.label": "Insecure SSL/TLS connections",
|
||||||
|
|||||||
@ -304,6 +304,9 @@
|
|||||||
"access.form.wangsu_access_key_secret.label": "网宿科技 AccessKeySecret",
|
"access.form.wangsu_access_key_secret.label": "网宿科技 AccessKeySecret",
|
||||||
"access.form.wangsu_access_key_secret.placeholder": "请输入网宿科技 AccessKeySecret",
|
"access.form.wangsu_access_key_secret.placeholder": "请输入网宿科技 AccessKeySecret",
|
||||||
"access.form.wangsu_access_key_secret.tooltip": "这是什么?请参阅 <a href=\"https://www.wangsu.com/document/account-manage/15775\" target=\"_blank\">https://www.wangsu.com/document/account-manage/15775</a>",
|
"access.form.wangsu_access_key_secret.tooltip": "这是什么?请参阅 <a href=\"https://www.wangsu.com/document/account-manage/15775\" target=\"_blank\">https://www.wangsu.com/document/account-manage/15775</a>",
|
||||||
|
"access.form.wangsu_api_key.label": "网宿科技 API 接口密码",
|
||||||
|
"access.form.wangsu_api_key.placeholder": "请输入网宿科技 API 接口密码",
|
||||||
|
"access.form.wangsu_api_key.tooltip": "这是什么?请参阅 <a href=\"https://www.wangsu.com/document/account-manage/15776\" target=\"_blank\">https://www.wangsu.com/document/account-manage/15776</a>",
|
||||||
"access.form.webhook_url.label": "Webhook 回调地址",
|
"access.form.webhook_url.label": "Webhook 回调地址",
|
||||||
"access.form.webhook_url.placeholder": "请输入 Webhook 回调地址",
|
"access.form.webhook_url.placeholder": "请输入 Webhook 回调地址",
|
||||||
"access.form.webhook_allow_insecure_conns.label": "忽略 SSL/TLS 证书错误",
|
"access.form.webhook_allow_insecure_conns.label": "忽略 SSL/TLS 证书错误",
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user