diff --git a/README.md b/README.md
index 5aea2374..28438c76 100644
--- a/README.md
+++ b/README.md
@@ -130,6 +130,7 @@ make local.run
| [多吉云](https://www.dogecloud.com/) | 可部署到多吉云 CDN |
| [BytePlus](https://www.byteplus.com/) | 可部署到 BytePlus CDN 等服务 |
| [优刻得](https://www.ucloud.cn/) | 可部署到优刻得 US3、UCDN 等服务 |
+| [AWS](https://aws.amazon.com/) | 可部署到 AWS CloudFront 等服务 |
| [Edgio](https://edg.io/) | 可部署到 Edgio Applications 等服务 |
diff --git a/README_EN.md b/README_EN.md
index c360ce63..5b3e67ff 100644
--- a/README_EN.md
+++ b/README_EN.md
@@ -129,6 +129,7 @@ The following hosting providers are supported:
| [Doge Cloud](https://www.dogecloud.com/) | Supports deployment to Doge Cloud CDN |
| [BytePlus](https://www.byteplus.com/) | Supports deployment to BytePlus CDN |
| [UCloud](https://www.ucloud-global.com/) | Supports deployment to UCloud US3, UCDN |
+| [AWS](https://aws.amazon.com/) | Supports deployment to AWS CloudFront |
| [Edgio](https://edg.io/) | Supports deployment to Edgio Applications |
diff --git a/go.mod b/go.mod
index 7598eb2c..3bb9f1d9 100644
--- a/go.mod
+++ b/go.mod
@@ -17,6 +17,7 @@ require (
github.com/alibabacloud-go/waf-openapi-20211001/v5 v5.0.4
github.com/aliyun/aliyun-oss-go-sdk v3.0.2+incompatible
github.com/aws/aws-sdk-go-v2/service/acm v1.30.13
+ github.com/aws/aws-sdk-go-v2/service/cloudfront v1.44.5
github.com/baidubce/bce-sdk-go v0.9.214
github.com/byteplus-sdk/byteplus-sdk-golang v1.0.40
github.com/go-acme/lego/v4 v4.21.0
diff --git a/go.sum b/go.sum
index c8111f99..2111474e 100644
--- a/go.sum
+++ b/go.sum
@@ -234,6 +234,8 @@ github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.28 h1:7kpeALOUeThs2kEjlAxlADAVfxK
github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.28/go.mod h1:pyaOYEdp1MJWgtXLy6q80r3DhsVdOIOZNB9hdTcJIvI=
github.com/aws/aws-sdk-go-v2/service/acm v1.30.13 h1:aPCPsgDxQqOS3zPJKYJQVh02q8stjSQ1haHaUucCAUM=
github.com/aws/aws-sdk-go-v2/service/acm v1.30.13/go.mod h1:3pfuOCVLzWu3aiavTB9bOIdZpVadNYt6fyZdp+fDOSU=
+github.com/aws/aws-sdk-go-v2/service/cloudfront v1.44.5 h1:oBLlEuSL5G9W8M4GtEVdNi+xsQP+9lphVkbYf38Isgs=
+github.com/aws/aws-sdk-go-v2/service/cloudfront v1.44.5/go.mod h1:H/t3dGwvHy2WJ+ZwyDBWva7ttsoxSxt5qC1OMcc0iJ0=
github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.8.1/go.mod h1:CM+19rL1+4dFWnOQKwDc7H1KwXTz+h61oUSHyhV0b3o=
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 h1:iXtILhvDxB6kPvEXgsDhGaZCSC6LQET5ZHSdJozeI0Y=
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1/go.mod h1:9nu0fVANtYiAePIBh2/pFUSwtJ402hLnp854CNoDOeE=
diff --git a/internal/deployer/providers.go b/internal/deployer/providers.go
index fb4d10c6..28e4108c 100644
--- a/internal/deployer/providers.go
+++ b/internal/deployer/providers.go
@@ -13,6 +13,7 @@ import (
providerAliyunNLB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-nlb"
providerAliyunOSS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-oss"
providerAliyunWAF "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-waf"
+ providerAWSCloudFront "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aws-cloudfront"
providerBaiduCloudCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baiducloud-cdn"
providerBytePlusCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/byteplus-cdn"
providerDogeCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/dogecloud-cdn"
@@ -142,6 +143,28 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, logger.Logger,
}
}
+ case domain.DeployProviderTypeAWSCloudFront:
+ {
+ access := domain.AccessConfigForAWS{}
+ if err := maps.Decode(options.ProviderAccessConfig, &access); err != nil {
+ return nil, nil, fmt.Errorf("failed to decode provider access config: %w", err)
+ }
+
+ switch options.Provider {
+ case domain.DeployProviderTypeAWSCloudFront:
+ deployer, err := providerAWSCloudFront.NewWithLogger(&providerAWSCloudFront.AWSCloudFrontDeployerConfig{
+ AccessKeyId: access.AccessKeyId,
+ SecretAccessKey: access.SecretAccessKey,
+ Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"),
+ DistributionId: maps.GetValueAsString(options.ProviderDeployConfig, "distributionId"),
+ }, logger)
+ return deployer, logger, err
+
+ default:
+ break
+ }
+ }
+
case domain.DeployProviderTypeBaiduCloudCDN:
{
access := domain.AccessConfigForBaiduCloud{}
@@ -149,12 +172,18 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, logger.Logger,
return nil, nil, fmt.Errorf("failed to decode provider access config: %w", err)
}
- deployer, err := providerBaiduCloudCDN.NewWithLogger(&providerBaiduCloudCDN.BaiduCloudCDNDeployerConfig{
- AccessKeyId: access.AccessKeyId,
- SecretAccessKey: access.SecretAccessKey,
- Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"),
- }, logger)
- return deployer, logger, err
+ switch options.Provider {
+ case domain.DeployProviderTypeBaiduCloudCDN:
+ deployer, err := providerBaiduCloudCDN.NewWithLogger(&providerBaiduCloudCDN.BaiduCloudCDNDeployerConfig{
+ AccessKeyId: access.AccessKeyId,
+ SecretAccessKey: access.SecretAccessKey,
+ Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"),
+ }, logger)
+ return deployer, logger, err
+
+ default:
+ break
+ }
}
case domain.DeployProviderTypeBytePlusCDN:
@@ -164,12 +193,18 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, logger.Logger,
return nil, nil, fmt.Errorf("failed to decode provider access config: %w", err)
}
- deployer, err := providerBytePlusCDN.NewWithLogger(&providerBytePlusCDN.BytePlusCDNDeployerConfig{
- AccessKey: access.AccessKey,
- SecretKey: access.SecretKey,
- Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"),
- }, logger)
- return deployer, logger, err
+ switch options.Provider {
+ case domain.DeployProviderTypeBytePlusCDN:
+ deployer, err := providerBytePlusCDN.NewWithLogger(&providerBytePlusCDN.BytePlusCDNDeployerConfig{
+ AccessKey: access.AccessKey,
+ SecretKey: access.SecretKey,
+ Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"),
+ }, logger)
+ return deployer, logger, err
+
+ default:
+ break
+ }
}
case domain.DeployProviderTypeDogeCloudCDN:
diff --git a/internal/domain/provider.go b/internal/domain/provider.go
index 71e048b3..374fab2c 100644
--- a/internal/domain/provider.go
+++ b/internal/domain/provider.go
@@ -88,6 +88,7 @@ const (
DeployProviderTypeAliyunNLB = DeployProviderType("aliyun-nlb")
DeployProviderTypeAliyunOSS = DeployProviderType("aliyun-oss")
DeployProviderTypeAliyunWAF = DeployProviderType("aliyun-waf")
+ DeployProviderTypeAWSCloudFront = DeployProviderType("aws-cloudfront")
DeployProviderTypeBaiduCloudCDN = DeployProviderType("baiducloud-cdn")
DeployProviderTypeBytePlusCDN = DeployProviderType("byteplus-cdn")
DeployProviderTypeDogeCloudCDN = DeployProviderType("dogecloud-cdn")
diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/gname.go b/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/gname.go
new file mode 100644
index 00000000..a4045997
--- /dev/null
+++ b/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/gname.go
@@ -0,0 +1,39 @@
+package gname
+
+import (
+ "errors"
+ "time"
+
+ "github.com/go-acme/lego/v4/challenge"
+ "github.com/go-acme/lego/v4/providers/dns/westcn"
+)
+
+type GnameApplicantConfig struct {
+ Username string `json:"username"`
+ ApiPassword string `json:"apiPassword"`
+ DnsPropagationTimeout int32 `json:"dnsPropagationTimeout,omitempty"`
+ DnsTTL int32 `json:"dnsTTL,omitempty"`
+}
+
+func NewChallengeProvider(config *GnameApplicantConfig) (challenge.Provider, error) {
+ if config == nil {
+ return nil, errors.New("config is nil")
+ }
+
+ providerConfig := westcn.NewDefaultConfig()
+ providerConfig.Username = config.Username
+ providerConfig.Password = config.ApiPassword
+ if config.DnsPropagationTimeout != 0 {
+ providerConfig.PropagationTimeout = time.Duration(config.DnsPropagationTimeout) * time.Second
+ }
+ if config.DnsTTL != 0 {
+ providerConfig.TTL = int(config.DnsTTL)
+ }
+
+ provider, err := westcn.NewDNSProviderConfig(providerConfig)
+ if err != nil {
+ return nil, err
+ }
+
+ return provider, nil
+}
diff --git a/internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb.go b/internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb.go
index 072f4a74..9878b6f4 100644
--- a/internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb.go
+++ b/internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb.go
@@ -18,7 +18,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- providerCas "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas"
)
type AliyunALBDeployerConfig struct {
@@ -195,7 +195,7 @@ func (d *AliyunALBDeployer) deployToLoadbalancer(ctx context.Context, cloudCertI
// 遍历更新监听证书
if len(listenerIds) == 0 {
- return xerrors.New("listener not found")
+ return errors.New("listener not found")
} else {
var errs []error
@@ -445,7 +445,7 @@ func createSslUploader(accessKeyId, accessKeySecret, region string) (uploader.Up
}
}
- uploader, err := providerCas.New(&providerCas.AliyunCASUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.AliyunCASUploaderConfig{
AccessKeyId: accessKeyId,
AccessKeySecret: accessKeySecret,
Region: casRegion,
diff --git a/internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb.go b/internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb.go
index 1fe99458..4bd91611 100644
--- a/internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb.go
+++ b/internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb.go
@@ -13,7 +13,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- providerSlb "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-slb"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-slb"
)
type AliyunCLBDeployerConfig struct {
@@ -63,7 +63,7 @@ func NewWithLogger(config *AliyunCLBDeployerConfig, logger logger.Logger) (*Aliy
return nil, xerrors.Wrap(err, "failed to create sdk client")
}
- uploader, err := providerSlb.New(&providerSlb.AliyunSLBUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.AliyunSLBUploaderConfig{
AccessKeyId: config.AccessKeyId,
AccessKeySecret: config.AccessKeySecret,
Region: config.Region,
@@ -161,7 +161,7 @@ func (d *AliyunCLBDeployer) deployToLoadbalancer(ctx context.Context, cloudCertI
// 遍历更新监听证书
if len(listenerPorts) == 0 {
- return xerrors.New("listener not found")
+ return errors.New("listener not found")
} else {
var errs []error
diff --git a/internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb.go b/internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb.go
index 35286919..6deee907 100644
--- a/internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb.go
+++ b/internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb.go
@@ -14,7 +14,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- providerCas "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas"
)
type AliyunNLBDeployerConfig struct {
@@ -153,7 +153,7 @@ func (d *AliyunNLBDeployer) deployToLoadbalancer(ctx context.Context, cloudCertI
// 遍历更新监听证书
if len(listenerIds) == 0 {
- return xerrors.New("listener not found")
+ return errors.New("listener not found")
} else {
var errs []error
@@ -248,7 +248,7 @@ func createSslUploader(accessKeyId, accessKeySecret, region string) (uploader.Up
}
}
- uploader, err := providerCas.New(&providerCas.AliyunCASUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.AliyunCASUploaderConfig{
AccessKeyId: accessKeyId,
AccessKeySecret: accessKeySecret,
Region: casRegion,
diff --git a/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go b/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go
index 58289fc2..75c634b8 100644
--- a/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go
+++ b/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go
@@ -14,7 +14,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- providerCas "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas"
)
type AliyunWAFDeployerConfig struct {
@@ -141,7 +141,7 @@ func createSslUploader(accessKeyId, accessKeySecret, region string) (uploader.Up
}
}
- uploader, err := providerCas.New(&providerCas.AliyunCASUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.AliyunCASUploaderConfig{
AccessKeyId: accessKeyId,
AccessKeySecret: accessKeySecret,
Region: casRegion,
diff --git a/internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront.go b/internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront.go
new file mode 100644
index 00000000..086dd415
--- /dev/null
+++ b/internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront.go
@@ -0,0 +1,133 @@
+package awscloudfront
+
+import (
+ "context"
+ "errors"
+
+ aws "github.com/aws/aws-sdk-go-v2/aws"
+ awsCfg "github.com/aws/aws-sdk-go-v2/config"
+ awsCred "github.com/aws/aws-sdk-go-v2/credentials"
+ awsCf "github.com/aws/aws-sdk-go-v2/service/cloudfront"
+ awsCfTypes "github.com/aws/aws-sdk-go-v2/service/cloudfront/types"
+ xerrors "github.com/pkg/errors"
+
+ "github.com/usual2970/certimate/internal/pkg/core/deployer"
+ "github.com/usual2970/certimate/internal/pkg/core/logger"
+ "github.com/usual2970/certimate/internal/pkg/core/uploader"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aws-acm"
+)
+
+type AWSCloudFrontDeployerConfig struct {
+ // AWS AccessKeyId。
+ AccessKeyId string `json:"accessKeyId"`
+ // AWS SecretAccessKey。
+ SecretAccessKey string `json:"secretAccessKey"`
+ // AWS 区域。
+ Region string `json:"region"`
+ // AWS CloudFront 分配 ID。
+ DistributionId string `json:"distributionId"`
+}
+
+type AWSCloudFrontDeployer struct {
+ config *AWSCloudFrontDeployerConfig
+ logger logger.Logger
+ sdkClient *awsCf.Client
+ sslUploader uploader.Uploader
+}
+
+var _ deployer.Deployer = (*AWSCloudFrontDeployer)(nil)
+
+func New(config *AWSCloudFrontDeployerConfig) (*AWSCloudFrontDeployer, error) {
+ return NewWithLogger(config, logger.NewNilLogger())
+}
+
+func NewWithLogger(config *AWSCloudFrontDeployerConfig, logger logger.Logger) (*AWSCloudFrontDeployer, error) {
+ if config == nil {
+ return nil, errors.New("config is nil")
+ }
+
+ if logger == nil {
+ return nil, errors.New("logger is nil")
+ }
+
+ client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region)
+ if err != nil {
+ return nil, xerrors.Wrap(err, "failed to create sdk client")
+ }
+
+ uploader, err := uploaderp.New(&uploaderp.AWSCertificateManagerUploaderConfig{
+ AccessKeyId: config.AccessKeyId,
+ SecretAccessKey: config.SecretAccessKey,
+ Region: config.Region,
+ })
+ if err != nil {
+ return nil, xerrors.Wrap(err, "failed to create ssl uploader")
+ }
+
+ return &AWSCloudFrontDeployer{
+ logger: logger,
+ config: config,
+ sdkClient: client,
+ sslUploader: uploader,
+ }, nil
+}
+
+func (d *AWSCloudFrontDeployer) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
+ if d.config.DistributionId == "" {
+ return nil, errors.New("config `distribuitionId` is required")
+ }
+
+ // 上传证书到 ACM
+ upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
+ if err != nil {
+ return nil, xerrors.Wrap(err, "failed to upload certificate file")
+ }
+
+ d.logger.Logt("certificate file uploaded", upres)
+
+ // 获取分配配置
+ // REF: https://docs.aws.amazon.com/en_us/cloudfront/latest/APIReference/API_GetDistributionConfig.html
+ getDistributionConfigReq := &awsCf.GetDistributionConfigInput{
+ Id: aws.String(d.config.DistributionId),
+ }
+ getDistributionConfigResp, err := d.sdkClient.GetDistributionConfig(context.TODO(), getDistributionConfigReq)
+ if err != nil {
+ return nil, xerrors.Wrap(err, "failed to execute sdk request 'cloudfront.GetDistributionConfig'")
+ }
+
+ d.logger.Logt("已获取分配配置", getDistributionConfigResp)
+
+ // 更新分配配置
+ // REF: https://docs.aws.amazon.com/zh_cn/cloudfront/latest/APIReference/API_UpdateDistribution.html
+ updateDistributionReq := &awsCf.UpdateDistributionInput{
+ Id: aws.String(d.config.DistributionId),
+ DistributionConfig: getDistributionConfigResp.DistributionConfig,
+ IfMatch: getDistributionConfigResp.ETag,
+ }
+ if updateDistributionReq.DistributionConfig.ViewerCertificate == nil {
+ updateDistributionReq.DistributionConfig.ViewerCertificate = &awsCfTypes.ViewerCertificate{}
+ }
+ updateDistributionReq.DistributionConfig.ViewerCertificate.CloudFrontDefaultCertificate = aws.Bool(false)
+ updateDistributionReq.DistributionConfig.ViewerCertificate.ACMCertificateArn = aws.String(upres.CertId)
+ updateDistributionResp, err := d.sdkClient.UpdateDistribution(context.TODO(), updateDistributionReq)
+ if err != nil {
+ return nil, xerrors.Wrap(err, "failed to execute sdk request 'cloudfront.UpdateDistribution'")
+ }
+
+ d.logger.Logt("已更新分配配置", updateDistributionResp)
+
+ return &deployer.DeployResult{}, nil
+}
+
+func createSdkClient(accessKeyId, secretAccessKey, region string) (*awsCf.Client, error) {
+ cfg, err := awsCfg.LoadDefaultConfig(context.TODO())
+ if err != nil {
+ return nil, err
+ }
+
+ client := awsCf.NewFromConfig(cfg, func(o *awsCf.Options) {
+ o.Region = region
+ o.Credentials = aws.NewCredentialsCache(awsCred.NewStaticCredentialsProvider(accessKeyId, secretAccessKey, ""))
+ })
+ return client, nil
+}
diff --git a/internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront_test.go b/internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront_test.go
new file mode 100644
index 00000000..89997b37
--- /dev/null
+++ b/internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront_test.go
@@ -0,0 +1,80 @@
+package awscloudfront_test
+
+import (
+ "context"
+ "flag"
+ "fmt"
+ "os"
+ "strings"
+ "testing"
+
+ provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aws-cloudfront"
+)
+
+var (
+ fInputCertPath string
+ fInputKeyPath string
+ fAccessKeyId string
+ fSecretAccessKey string
+ fRegion string
+ fDistribuitionId string
+)
+
+func init() {
+ argsPrefix := "CERTIMATE_DEPLOYER_AWSCLOUDFRONT_"
+
+ flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "")
+ flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "")
+ flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "")
+ flag.StringVar(&fSecretAccessKey, argsPrefix+"SECRETACCESSKEY", "", "")
+ flag.StringVar(&fRegion, argsPrefix+"REGION", "", "")
+ flag.StringVar(&fDistribuitionId, argsPrefix+"DISTRIBUTIONID", "", "")
+}
+
+/*
+Shell command to run this test:
+
+ go test -v ./aws_cloudfront_test.go -args \
+ --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_INPUTCERTPATH="/path/to/your-input-cert.pem" \
+ --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_INPUTKEYPATH="/path/to/your-input-key.pem" \
+ --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_ACCESSKEYID="your-access-key-id" \
+ --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_SECRETACCESSKEY="your-secret-access-id" \
+ --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_REGION="us-east-1" \
+ --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_DISTRIBUTIONID="your-distribution-id"
+*/
+func TestDeploy(t *testing.T) {
+ flag.Parse()
+
+ t.Run("Deploy", func(t *testing.T) {
+ t.Log(strings.Join([]string{
+ "args:",
+ fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath),
+ fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath),
+ fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId),
+ fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey),
+ fmt.Sprintf("REGION: %v", fRegion),
+ fmt.Sprintf("DISTRIBUTIONID: %v", fDistribuitionId),
+ }, "\n"))
+
+ deployer, err := provider.New(&provider.AWSCloudFrontDeployerConfig{
+ AccessKeyId: fAccessKeyId,
+ SecretAccessKey: fSecretAccessKey,
+ Region: fRegion,
+ DistribuitionId: fDistribuitionId,
+ })
+ if err != nil {
+ t.Errorf("err: %+v", err)
+ return
+ }
+
+ fInputCertData, _ := os.ReadFile(fInputCertPath)
+ fInputKeyData, _ := os.ReadFile(fInputKeyPath)
+ res, err := deployer.Deploy(context.Background(), string(fInputCertData), string(fInputKeyData))
+ if err != nil {
+ t.Errorf("err: %+v", err)
+ return
+ }
+
+ t.Logf("ok: %v", res)
+ })
+}
diff --git a/internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn.go b/internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn.go
index 9497bb6a..2a695513 100644
--- a/internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn.go
+++ b/internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn.go
@@ -12,7 +12,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- providerCdn "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/byteplus-cdn"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/byteplus-cdn"
)
type BytePlusCDNDeployerConfig struct {
@@ -50,7 +50,7 @@ func NewWithLogger(config *BytePlusCDNDeployerConfig, logger logger.Logger) (*By
client.Client.SetAccessKey(config.AccessKey)
client.Client.SetSecretKey(config.SecretKey)
- uploader, err := providerCdn.New(&providerCdn.ByteplusCDNUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.ByteplusCDNUploaderConfig{
AccessKey: config.AccessKey,
SecretKey: config.SecretKey,
})
@@ -103,7 +103,7 @@ func (d *BytePlusCDNDeployer) Deploy(ctx context.Context, certPem string, privke
if len(describeCertConfigResp.Result.SpecifiedCertConfig) > 0 {
// 所有可关联的域名都配置了该证书,跳过部署
} else {
- return nil, xerrors.New("domain not found")
+ return nil, errors.New("domain not found")
}
}
} else {
diff --git a/internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn.go b/internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn.go
index 4d9f4ac4..283d9907 100644
--- a/internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn.go
+++ b/internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn.go
@@ -10,7 +10,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- providerDoge "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/dogecloud"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/dogecloud"
dogesdk "github.com/usual2970/certimate/internal/pkg/vendors/dogecloud-sdk"
)
@@ -47,7 +47,7 @@ func NewWithLogger(config *DogeCloudCDNDeployerConfig, logger logger.Logger) (*D
client := dogesdk.NewClient(config.AccessKey, config.SecretKey)
- uploader, err := providerDoge.New(&providerDoge.DogeCloudUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.DogeCloudUploaderConfig{
AccessKey: config.AccessKey,
SecretKey: config.SecretKey,
})
diff --git a/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go b/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go
index 5c303ce4..31782af3 100644
--- a/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go
+++ b/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go
@@ -13,7 +13,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- providerScm "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-scm"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-scm"
hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
)
@@ -59,7 +59,7 @@ func NewWithLogger(config *HuaweiCloudCDNDeployerConfig, logger logger.Logger) (
return nil, xerrors.Wrap(err, "failed to create sdk client")
}
- uploader, err := providerScm.New(&providerScm.HuaweiCloudSCMUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.HuaweiCloudSCMUploaderConfig{
AccessKeyId: config.AccessKeyId,
SecretAccessKey: config.SecretAccessKey,
})
diff --git a/internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb.go b/internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb.go
index 5a12e101..3fa17a70 100644
--- a/internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb.go
+++ b/internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb.go
@@ -19,7 +19,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- providerElb "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-elb"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-elb"
hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
)
@@ -70,7 +70,7 @@ func NewWithLogger(config *HuaweiCloudELBDeployerConfig, logger logger.Logger) (
return nil, xerrors.Wrap(err, "failed to create sdk client")
}
- uploader, err := providerElb.New(&providerElb.HuaweiCloudELBUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.HuaweiCloudELBUploaderConfig{
AccessKeyId: config.AccessKeyId,
SecretAccessKey: config.SecretAccessKey,
Region: config.Region,
@@ -205,7 +205,7 @@ func (d *HuaweiCloudELBDeployer) deployToLoadbalancer(ctx context.Context, certP
// 遍历更新监听器证书
if len(listenerIds) == 0 {
- return xerrors.New("listener not found")
+ return errors.New("listener not found")
} else {
var errs []error
diff --git a/internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn.go b/internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn.go
index 03ae1762..6591da1b 100644
--- a/internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn.go
+++ b/internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn.go
@@ -11,7 +11,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- providerQiniu "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/qiniu-sslcert"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/qiniu-sslcert"
qiniusdk "github.com/usual2970/certimate/internal/pkg/vendors/qiniu-sdk"
)
@@ -48,7 +48,7 @@ func NewWithLogger(config *QiniuCDNDeployerConfig, logger logger.Logger) (*Qiniu
client := qiniusdk.NewClient(auth.New(config.AccessKey, config.SecretKey))
- uploader, err := providerQiniu.New(&providerQiniu.QiniuSSLCertUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.QiniuSSLCertUploaderConfig{
AccessKey: config.AccessKey,
SecretKey: config.SecretKey,
})
diff --git a/internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili.go b/internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili.go
index 9ae267ba..4530071c 100644
--- a/internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili.go
+++ b/internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili.go
@@ -10,7 +10,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- providerQiniu "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/qiniu-sslcert"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/qiniu-sslcert"
)
type QiniuPiliDeployerConfig struct {
@@ -48,7 +48,7 @@ func NewWithLogger(config *QiniuPiliDeployerConfig, logger logger.Logger) (*Qini
manager := pili.NewManager(pili.ManagerConfig{AccessKey: config.AccessKey, SecretKey: config.SecretKey})
- uploader, err := providerQiniu.New(&providerQiniu.QiniuSSLCertUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.QiniuSSLCertUploaderConfig{
AccessKey: config.AccessKey,
SecretKey: config.SecretKey,
})
diff --git a/internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go b/internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go
index a4a05a1b..61418845 100644
--- a/internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go
@@ -15,7 +15,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- providerSsl "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
)
type TencentCloudCDNDeployerConfig struct {
@@ -59,7 +59,7 @@ func NewWithLogger(config *TencentCloudCDNDeployerConfig, logger logger.Logger)
return nil, xerrors.Wrap(err, "failed to create sdk clients")
}
- uploader, err := providerSsl.New(&providerSsl.TencentCloudSSLUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.TencentCloudSSLUploaderConfig{
SecretId: config.SecretId,
SecretKey: config.SecretKey,
})
diff --git a/internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb.go b/internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb.go
index 17958eac..d67eb383 100644
--- a/internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb.go
@@ -14,7 +14,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- providerSsl "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
)
type TencentCloudCLBDeployerConfig struct {
@@ -69,7 +69,7 @@ func NewWithLogger(config *TencentCloudCLBDeployerConfig, logger logger.Logger)
return nil, xerrors.Wrap(err, "failed to create sdk clients")
}
- uploader, err := providerSsl.New(&providerSsl.TencentCloudSSLUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.TencentCloudSSLUploaderConfig{
SecretId: config.SecretId,
SecretKey: config.SecretKey,
})
@@ -183,7 +183,7 @@ func (d *TencentCloudCLBDeployer) deployToLoadbalancer(ctx context.Context, clou
// 遍历更新监听器证书
if len(listenerIds) == 0 {
- return xerrors.New("listener not found")
+ return errors.New("listener not found")
} else {
var errs []error
diff --git a/internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos.go b/internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos.go
index 23c2d11a..c2af84fb 100644
--- a/internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos.go
@@ -13,7 +13,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- providerSsl "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
)
type TencentCloudCOSDeployerConfig struct {
@@ -56,7 +56,7 @@ func NewWithLogger(config *TencentCloudCOSDeployerConfig, logger logger.Logger)
return nil, xerrors.Wrap(err, "failed to create sdk clients")
}
- uploader, err := providerSsl.New(&providerSsl.TencentCloudSSLUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.TencentCloudSSLUploaderConfig{
SecretId: config.SecretId,
SecretKey: config.SecretKey,
})
diff --git a/internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css.go b/internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css.go
index 391fc05b..31057017 100644
--- a/internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css.go
@@ -12,7 +12,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- providerSsl "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
)
type TencentCloudCSSDeployerConfig struct {
@@ -51,7 +51,7 @@ func NewWithLogger(config *TencentCloudCSSDeployerConfig, logger logger.Logger)
return nil, xerrors.Wrap(err, "failed to create sdk client")
}
- uploader, err := providerSsl.New(&providerSsl.TencentCloudSSLUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.TencentCloudSSLUploaderConfig{
SecretId: config.SecretId,
SecretKey: config.SecretKey,
})
diff --git a/internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go b/internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go
index 29f6e33c..4cddbc59 100644
--- a/internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go
@@ -14,7 +14,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- providerSsl "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
)
type TencentCloudECDNDeployerConfig struct {
@@ -58,7 +58,7 @@ func NewWithLogger(config *TencentCloudECDNDeployerConfig, logger logger.Logger)
return nil, xerrors.Wrap(err, "failed to create sdk clients")
}
- uploader, err := providerSsl.New(&providerSsl.TencentCloudSSLUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.TencentCloudSSLUploaderConfig{
SecretId: config.SecretId,
SecretKey: config.SecretKey,
})
diff --git a/internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go b/internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go
index fb45ea9e..2de4dcc5 100644
--- a/internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go
+++ b/internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go
@@ -13,7 +13,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- providerSsl "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
)
type TencentCloudEODeployerConfig struct {
@@ -59,7 +59,7 @@ func NewWithLogger(config *TencentCloudEODeployerConfig, logger logger.Logger) (
return nil, xerrors.Wrap(err, "failed to create sdk clients")
}
- uploader, err := providerSsl.New(&providerSsl.TencentCloudSSLUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.TencentCloudSSLUploaderConfig{
SecretId: config.SecretId,
SecretKey: config.SecretKey,
})
@@ -77,7 +77,7 @@ func NewWithLogger(config *TencentCloudEODeployerConfig, logger logger.Logger) (
func (d *TencentCloudEODeployer) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
if d.config.ZoneId == "" {
- return nil, xerrors.New("config `zoneId` is required")
+ return nil, errors.New("config `zoneId` is required")
}
// 上传证书到 SSL
diff --git a/internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn.go b/internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn.go
index ec127f41..fa104ba3 100644
--- a/internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn.go
+++ b/internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn.go
@@ -13,7 +13,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- uploaderSsl "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ucloud-ussl"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ucloud-ussl"
)
type UCloudUCDNDeployerConfig struct {
@@ -54,7 +54,7 @@ func NewWithLogger(config *UCloudUCDNDeployerConfig, logger logger.Logger) (*UCl
return nil, xerrors.Wrap(err, "failed to create sdk client")
}
- uploader, err := uploaderSsl.New(&uploaderSsl.UCloudUSSLUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.UCloudUSSLUploaderConfig{
PrivateKey: config.PrivateKey,
PublicKey: config.PublicKey,
ProjectId: config.ProjectId,
diff --git a/internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3.go b/internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3.go
index b55d1acc..ccf03224 100644
--- a/internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3.go
+++ b/internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3.go
@@ -11,7 +11,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- uploaderSsl "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ucloud-ussl"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ucloud-ussl"
usdkFile "github.com/usual2970/certimate/internal/pkg/vendors/ucloud-sdk/ufile"
)
@@ -57,7 +57,7 @@ func NewWithLogger(config *UCloudUS3DeployerConfig, logger logger.Logger) (*UClo
return nil, xerrors.Wrap(err, "failed to create sdk client")
}
- uploader, err := uploaderSsl.New(&uploaderSsl.UCloudUSSLUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.UCloudUSSLUploaderConfig{
PrivateKey: config.PrivateKey,
PublicKey: config.PublicKey,
ProjectId: config.ProjectId,
diff --git a/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go b/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go
index 02adaf1b..de3e76e4 100644
--- a/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go
+++ b/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go
@@ -12,7 +12,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- uploaderCdn "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-cdn"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-cdn"
)
type VolcEngineCDNDeployerConfig struct {
@@ -50,7 +50,7 @@ func NewWithLogger(config *VolcEngineCDNDeployerConfig, logger logger.Logger) (*
client.Client.SetAccessKey(config.AccessKeyId)
client.Client.SetSecretKey(config.AccessKeySecret)
- uploader, err := uploaderCdn.New(&uploaderCdn.VolcEngineCDNUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.VolcEngineCDNUploaderConfig{
AccessKeyId: config.AccessKeyId,
AccessKeySecret: config.AccessKeySecret,
})
@@ -103,7 +103,7 @@ func (d *VolcEngineCDNDeployer) Deploy(ctx context.Context, certPem string, priv
if len(describeCertConfigResp.Result.SpecifiedCertConfig) > 0 {
// 所有可关联的域名都配置了该证书,跳过部署
} else {
- return nil, xerrors.New("domain not found")
+ return nil, errors.New("domain not found")
}
}
} else {
diff --git a/internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb.go b/internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb.go
index b4acbfa0..08c096fd 100644
--- a/internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb.go
+++ b/internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb.go
@@ -13,7 +13,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- uploaderCertCenter "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter"
)
type VolcEngineCLBDeployerConfig struct {
@@ -57,7 +57,7 @@ func NewWithLogger(config *VolcEngineCLBDeployerConfig, logger logger.Logger) (*
return nil, xerrors.Wrap(err, "failed to create sdk client")
}
- uploader, err := uploaderCertCenter.New(&uploaderCertCenter.VolcEngineCertCenterUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.VolcEngineCertCenterUploaderConfig{
AccessKeyId: config.AccessKeyId,
AccessKeySecret: config.AccessKeySecret,
Region: config.Region,
diff --git a/internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn.go b/internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn.go
index 86c8776d..0f9f8e51 100644
--- a/internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn.go
+++ b/internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn.go
@@ -13,7 +13,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- uploaderCertCenter "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter"
)
type VolcEngineDCDNDeployerConfig struct {
@@ -54,7 +54,7 @@ func NewWithLogger(config *VolcEngineDCDNDeployerConfig, logger logger.Logger) (
return nil, xerrors.Wrap(err, "failed to create sdk client")
}
- uploader, err := uploaderCertCenter.New(&uploaderCertCenter.VolcEngineCertCenterUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.VolcEngineCertCenterUploaderConfig{
AccessKeyId: config.AccessKeyId,
AccessKeySecret: config.AccessKeySecret,
Region: config.Region,
diff --git a/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go b/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go
index 083837b7..b23f4c6c 100644
--- a/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go
+++ b/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go
@@ -13,7 +13,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- uploaderLive "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-live"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-live"
)
type VolcEngineLiveDeployerConfig struct {
@@ -51,7 +51,7 @@ func NewWithLogger(config *VolcEngineLiveDeployerConfig, logger logger.Logger) (
client.SetAccessKey(config.AccessKeyId)
client.SetSecretKey(config.AccessKeySecret)
- uploader, err := uploaderLive.New(&uploaderLive.VolcEngineLiveUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.VolcEngineLiveUploaderConfig{
AccessKeyId: config.AccessKeyId,
AccessKeySecret: config.AccessKeySecret,
})
diff --git a/internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos.go b/internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos.go
index 0c5501ec..9a238f27 100644
--- a/internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos.go
+++ b/internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos.go
@@ -11,7 +11,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
- uploaderCertCenter "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter"
+ uploaderp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter"
)
type VolcEngineTOSDeployerConfig struct {
@@ -54,7 +54,7 @@ func NewWithLogger(config *VolcEngineTOSDeployerConfig, logger logger.Logger) (*
return nil, xerrors.Wrap(err, "failed to create sdk client")
}
- uploader, err := uploaderCertCenter.New(&uploaderCertCenter.VolcEngineCertCenterUploaderConfig{
+ uploader, err := uploaderp.New(&uploaderp.VolcEngineCertCenterUploaderConfig{
AccessKeyId: config.AccessKeyId,
AccessKeySecret: config.AccessKeySecret,
Region: config.Region,
diff --git a/internal/pkg/core/uploader/providers/aws-acm/aws_acm.go b/internal/pkg/core/uploader/providers/aws-acm/aws_acm.go
index e79ab6e7..cac4d833 100644
--- a/internal/pkg/core/uploader/providers/aws-acm/aws_acm.go
+++ b/internal/pkg/core/uploader/providers/aws-acm/aws_acm.go
@@ -92,6 +92,5 @@ func createSdkClient(accessKeyId, secretAccessKey, region string) (*awsAcm.Clien
o.Region = region
o.Credentials = aws.NewCredentialsCache(awsCred.NewStaticCredentialsProvider(accessKeyId, secretAccessKey, ""))
})
-
return client, nil
}
diff --git a/internal/pkg/utils/certs/converter.go b/internal/pkg/utils/certs/converter.go
index eb13a358..74a9a5ab 100644
--- a/internal/pkg/utils/certs/converter.go
+++ b/internal/pkg/utils/certs/converter.go
@@ -4,6 +4,7 @@ import (
"crypto/ecdsa"
"crypto/x509"
"encoding/pem"
+ "errors"
xerrors "github.com/pkg/errors"
)
@@ -18,7 +19,7 @@ import (
// - err: 错误。
func ConvertCertificateToPEM(cert *x509.Certificate) (certPem string, err error) {
if cert == nil {
- return "", xerrors.New("cert is nil")
+ return "", errors.New("`cert` is nil")
}
block := &pem.Block{
@@ -39,7 +40,7 @@ func ConvertCertificateToPEM(cert *x509.Certificate) (certPem string, err error)
// - err: 错误。
func ConvertECPrivateKeyToPEM(privkey *ecdsa.PrivateKey) (privkeyPem string, err error) {
if privkey == nil {
- return "", xerrors.New("privkey is nil")
+ return "", errors.New("`privkey` is nil")
}
data, err := x509.MarshalECPrivateKey(privkey)
diff --git a/ui/src/components/workflow/node/DeployNodeConfigForm.tsx b/ui/src/components/workflow/node/DeployNodeConfigForm.tsx
index 3d85e6de..c9b70570 100644
--- a/ui/src/components/workflow/node/DeployNodeConfigForm.tsx
+++ b/ui/src/components/workflow/node/DeployNodeConfigForm.tsx
@@ -23,6 +23,7 @@ import DeployNodeConfigFormAliyunLiveConfig from "./DeployNodeConfigFormAliyunLi
import DeployNodeConfigFormAliyunNLBConfig from "./DeployNodeConfigFormAliyunNLBConfig";
import DeployNodeConfigFormAliyunOSSConfig from "./DeployNodeConfigFormAliyunOSSConfig";
import DeployNodeConfigFormAliyunWAFConfig from "./DeployNodeConfigFormAliyunWAFConfig";
+import DeployNodeConfigFormAWSCloudFrontConfig from "./DeployNodeConfigFormAWSCloudFrontConfig";
import DeployNodeConfigFormBaiduCloudCDNConfig from "./DeployNodeConfigFormBaiduCloudCDNConfig";
import DeployNodeConfigFormBytePlusCDNConfig from "./DeployNodeConfigFormBytePlusCDNConfig";
import DeployNodeConfigFormDogeCloudCDNConfig from "./DeployNodeConfigFormDogeCloudCDNConfig";
@@ -136,6 +137,8 @@ const DeployNodeConfigForm = forwardRef;
case DEPLOY_PROVIDERS.ALIYUN_WAF:
return ;
+ case DEPLOY_PROVIDERS.AWS_CLOUDFRONT:
+ return ;
case DEPLOY_PROVIDERS.BAIDUCLOUD_CDN:
return ;
case DEPLOY_PROVIDERS.BYTEPLUS_CDN:
diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAWSCloudFrontConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAWSCloudFrontConfig.tsx
new file mode 100644
index 00000000..f1689ced
--- /dev/null
+++ b/ui/src/components/workflow/node/DeployNodeConfigFormAWSCloudFrontConfig.tsx
@@ -0,0 +1,79 @@
+import { useTranslation } from "react-i18next";
+import { Form, type FormInstance, Input } from "antd";
+import { createSchemaFieldRule } from "antd-zod";
+import { z } from "zod";
+
+type DeployNodeConfigFormAWSCloudFrontConfigFieldValues = Nullish<{
+ region: string;
+ distributionId: string;
+}>;
+
+export type DeployNodeConfigFormAWSCloudFrontConfigProps = {
+ form: FormInstance;
+ formName: string;
+ disabled?: boolean;
+ initialValues?: DeployNodeConfigFormAWSCloudFrontConfigFieldValues;
+ onValuesChange?: (values: DeployNodeConfigFormAWSCloudFrontConfigFieldValues) => void;
+};
+
+const initFormModel = (): DeployNodeConfigFormAWSCloudFrontConfigFieldValues => {
+ return {};
+};
+
+const DeployNodeConfigFormAWSCloudFrontConfig = ({
+ form: formInst,
+ formName,
+ disabled,
+ initialValues,
+ onValuesChange,
+}: DeployNodeConfigFormAWSCloudFrontConfigProps) => {
+ const { t } = useTranslation();
+
+ const formSchema = z.object({
+ region: z
+ .string({ message: t("workflow_node.deploy.form.aws_cloudfront_region.placeholder") })
+ .nonempty(t("workflow_node.deploy.form.aws_cloudfront_region.placeholder"))
+ .trim(),
+ distributionId: z
+ .string({ message: t("workflow_node.deploy.form.aws_cloudfront_distribution_id.placeholder") })
+ .nonempty(t("workflow_node.deploy.form.aws_cloudfront_distribution_id.placeholder"))
+ .max(64, t("common.errmsg.string_max", { max: 64 }))
+ .trim(),
+ });
+ const formRule = createSchemaFieldRule(formSchema);
+
+ const handleFormChange = (_: unknown, values: z.infer) => {
+ onValuesChange?.(values);
+ };
+
+ return (
+
+ );
+};
+
+export default DeployNodeConfigFormAWSCloudFrontConfig;
diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunWAFConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunWAFConfig.tsx
index 9794f9fd..b7206d04 100644
--- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunWAFConfig.tsx
+++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunWAFConfig.tsx
@@ -35,8 +35,8 @@ const DeployNodeConfigFormAliyunWAFConfig = ({
.nonempty(t("workflow_node.deploy.form.aliyun_waf_region.placeholder"))
.trim(),
instanceId: z
- .string({ message: t("workflow_node.deploy.form.aliyun_instance_id.placeholder") })
- .nonempty(t("workflow_node.deploy.form.aliyun_instance_id.placeholder"))
+ .string({ message: t("workflow_node.deploy.form.aliyun_waf_instance_id.placeholder") })
+ .nonempty(t("workflow_node.deploy.form.aliyun_waf_instance_id.placeholder"))
.max(64, t("common.errmsg.string_max", { max: 64 }))
.trim(),
});
diff --git a/ui/src/domain/provider.ts b/ui/src/domain/provider.ts
index 9a05d180..16fe5da6 100644
--- a/ui/src/domain/provider.ts
+++ b/ui/src/domain/provider.ts
@@ -63,13 +63,13 @@ export const accessProvidersMap: Map [
type,
diff --git a/ui/src/i18n/locales/en/nls.common.json b/ui/src/i18n/locales/en/nls.common.json
index dbe271e7..4fb7e387 100644
--- a/ui/src/i18n/locales/en/nls.common.json
+++ b/ui/src/i18n/locales/en/nls.common.json
@@ -47,6 +47,7 @@
"common.provider.aliyun.oss": "Alibaba Cloud - OSS (Object Storage Service)",
"common.provider.aliyun.waf": "Alibaba Cloud - WAF (Web Application Firewall)",
"common.provider.aws": "AWS",
+ "common.provider.aws.cloudfront": "AWS - CloudFront",
"common.provider.aws.route53": "AWS - Route53",
"common.provider.azure": "Azure",
"common.provider.azure.dns": "Azure - DNS",
diff --git a/ui/src/i18n/locales/en/nls.workflow.nodes.json b/ui/src/i18n/locales/en/nls.workflow.nodes.json
index bafac2e2..7ba7e643 100644
--- a/ui/src/i18n/locales/en/nls.workflow.nodes.json
+++ b/ui/src/i18n/locales/en/nls.workflow.nodes.json
@@ -37,8 +37,8 @@
"workflow_node.apply.form.provider_access.placeholder": "Please select an authorization of DNS provider",
"workflow_node.apply.form.provider_access.tooltip": "Used to manage DNS records during ACME DNS-01 authentication.",
"workflow_node.apply.form.provider_access.button": "Create",
- "workflow_node.apply.form.aws_route53_region.label": "AWS Route53 Region",
- "workflow_node.apply.form.aws_route53_region.placeholder": "Please enter AWS Route53 region (e.g. us-east-1)",
+ "workflow_node.apply.form.aws_route53_region.label": "AWS Region",
+ "workflow_node.apply.form.aws_route53_region.placeholder": "Please enter AWS region (e.g. us-east-1)",
"workflow_node.apply.form.aws_route53_region.tooltip": "For more information, see https://docs.aws.amazon.com/en_us/general/latest/gr/rande.html#regional-endpoints",
"workflow_node.apply.form.aws_route53_hosted_zone_id.label": "AWS Route53 hosted zone ID",
"workflow_node.apply.form.aws_route53_hosted_zone_id.placeholder": "Please enter AWS Route53 hosted zone ID",
@@ -159,6 +159,12 @@
"workflow_node.deploy.form.aliyun_waf_instance_id.label": "Alibaba Cloud WAF instance ID",
"workflow_node.deploy.form.aliyun_waf_instance_id.placeholder": "Please enter Alibaba Cloud WAF instance ID",
"workflow_node.deploy.form.aliyun_waf_instance_id.tooltip": "For more information, see https://waf.console.aliyun.com",
+ "workflow_node.deploy.form.aws_cloudfront_region.label": "AWS Region",
+ "workflow_node.deploy.form.aws_cloudfront_region.placeholder": "Please enter AWS region (e.g. us-east-1)",
+ "workflow_node.deploy.form.aws_cloudfront_region.tooltip": "For more information, see https://docs.aws.amazon.com/en_us/general/latest/gr/rande.html#regional-endpoints",
+ "workflow_node.deploy.form.aws_cloudfront_distribution_id.label": "AWS CloudFront distribution ID",
+ "workflow_node.deploy.form.aws_cloudfront_distribution_id.placeholder": "Please enter AWS CloudFront distribution ID",
+ "workflow_node.deploy.form.aws_cloudfront_distribution_id.tooltip": "For more information, see https://docs.aws.amazon.com/en_us/AmazonCloudFront/latest/DeveloperGuide/distribution-working-with.html",
"workflow_node.deploy.form.baiducloud_cdn_domain.label": "Baidu Cloud CDN domain",
"workflow_node.deploy.form.baiducloud_cdn_domain.placeholder": "Please enter Baidu Cloud CDN domain name",
"workflow_node.deploy.form.baiducloud_cdn_domain.tooltip": "For more information, see https://console.bce.baidu.com/cdn",
diff --git a/ui/src/i18n/locales/zh/nls.common.json b/ui/src/i18n/locales/zh/nls.common.json
index 45072e74..3035e533 100644
--- a/ui/src/i18n/locales/zh/nls.common.json
+++ b/ui/src/i18n/locales/zh/nls.common.json
@@ -47,6 +47,7 @@
"common.provider.aliyun.oss": "阿里云 - 对象存储 OSS",
"common.provider.aliyun.waf": "阿里云 - Web 应用防火墙 WAF",
"common.provider.aws": "AWS",
+ "common.provider.aws.cloudfront": "AWS - CloudFront",
"common.provider.aws.route53": "AWS - Route53",
"common.provider.azure": "Azure",
"common.provider.azure.dns": "Azure - DNS",
diff --git a/ui/src/i18n/locales/zh/nls.workflow.nodes.json b/ui/src/i18n/locales/zh/nls.workflow.nodes.json
index 2d43d042..147bb63a 100644
--- a/ui/src/i18n/locales/zh/nls.workflow.nodes.json
+++ b/ui/src/i18n/locales/zh/nls.workflow.nodes.json
@@ -38,8 +38,8 @@
"workflow_node.apply.form.provider_access.tooltip": "用于 ACME DNS-01 认证时操作域名解析记录,注意与部署阶段所需的主机提供商相区分。",
"workflow_node.apply.form.provider_access.button": "新建",
"workflow_node.deploy.form.provider_access.guide_for_local": "小贴士:由于表单限制,你同样需要为本地部署选择一个授权 —— 即使它是空白的。",
- "workflow_node.apply.form.aws_route53_region.label": "AWS Route53 区域",
- "workflow_node.apply.form.aws_route53_region.placeholder": "请输入 AWS Route53 区域(例如:us-east-1)",
+ "workflow_node.apply.form.aws_route53_region.label": "AWS 区域",
+ "workflow_node.apply.form.aws_route53_region.placeholder": "请输入 AWS 区域(例如:us-east-1)",
"workflow_node.apply.form.aws_route53_region.tooltip": "这是什么?请参阅 https://docs.aws.amazon.com/zh_cn/general/latest/gr/rande.html#regional-endpoints",
"workflow_node.apply.form.aws_route53_hosted_zone_id.label": "AWS Route53 托管区域 ID",
"workflow_node.apply.form.aws_route53_hosted_zone_id.placeholder": "请输入 AWS Route53 托管区域 ID",
@@ -159,6 +159,12 @@
"workflow_node.deploy.form.aliyun_waf_instance_id.label": "阿里云 WAF 实例 ID",
"workflow_node.deploy.form.aliyun_waf_instance_id.placeholder": "请输入阿里云 WAF 实例 ID",
"workflow_node.deploy.form.aliyun_waf_instance_id.tooltip": "这是什么?请参阅 https://waf.console.aliyun.com",
+ "workflow_node.deploy.form.aws_cloudfront_region.label": "AWS 区域",
+ "workflow_node.deploy.form.aws_cloudfront_region.placeholder": "请输入 AWS 区域(例如:us-east-1)",
+ "workflow_node.deploy.form.aws_cloudfront_region.tooltip": "这是什么?请参阅 https://docs.aws.amazon.com/zh_cn/general/latest/gr/rande.html#regional-endpoints",
+ "workflow_node.deploy.form.aws_cloudfront_distribution_id.label": "AWS CloudFront 分配 ID",
+ "workflow_node.deploy.form.aws_cloudfront_distribution_id.placeholder": "请输入 AWS CloudFront 分配 ID",
+ "workflow_node.deploy.form.aws_cloudfront_distribution_id.tooltip": "这是什么?请参阅 https://docs.aws.amazon.com/zh_cn/AmazonCloudFront/latest/DeveloperGuide/distribution-working-with.html",
"workflow_node.deploy.form.baiducloud_cdn_domain.label": "百度智能云 CDN 加速域名(支持泛域名)",
"workflow_node.deploy.form.baiducloud_cdn_domain.placeholder": "请输入百度智能云 CDN 加速域名",
"workflow_node.deploy.form.baiducloud_cdn_domain.tooltip": "这是什么?请参阅 https://console.bce.baidu.com/cdn
泛域名表示形式为:*.example.com",