From a8be2a77cffb86c1b9832c5f54326f5f22b21206 Mon Sep 17 00:00:00 2001 From: Fu Diwei Date: Thu, 27 Mar 2025 13:49:08 +0800 Subject: [PATCH 1/4] fix: #565 --- .../providers/aliyun-waf/aliyun_waf.go | 2 +- .../providers/aliyun-cas/aliyun_cas.go | 26 ++++++++++++++++--- 2 files changed, 23 insertions(+), 5 deletions(-) diff --git a/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go b/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go index cc179b34..bddefb42 100644 --- a/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go +++ b/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go @@ -157,7 +157,7 @@ func (d *DeployerProvider) deployToWAF3(ctx context.Context, certPem string, pri InstanceId: tea.String(d.config.InstanceId), RegionId: tea.String(d.config.Region), Domain: tea.String(d.config.Domain), - Listen: &aliwaf.ModifyDomainRequestListen{CertId: tea.String(upres.CertId)}, + Listen: &aliwaf.ModifyDomainRequestListen{CertId: tea.String(upres.ExtendedData["certIdentifier"].(string))}, Redirect: &aliwaf.ModifyDomainRequestRedirect{Loadbalance: tea.String("iphash")}, } modifyDomainReq = assign(modifyDomainReq, describeDomainDetailResp.Body) diff --git a/internal/pkg/core/uploader/providers/aliyun-cas/aliyun_cas.go b/internal/pkg/core/uploader/providers/aliyun-cas/aliyun_cas.go index 9f3e9212..f7495c40 100644 --- a/internal/pkg/core/uploader/providers/aliyun-cas/aliyun_cas.go +++ b/internal/pkg/core/uploader/providers/aliyun-cas/aliyun_cas.go @@ -116,6 +116,10 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe return &uploader.UploadResult{ CertId: fmt.Sprintf("%d", tea.Int64Value(certDetail.CertificateId)), CertName: *certDetail.Name, + ExtendedData: map[string]any{ + "instanceId": tea.StringValue(getUserCertificateDetailResp.Body.InstanceId), + "certIdentifier": tea.StringValue(getUserCertificateDetailResp.Body.CertIdentifier), + }, }, nil } } @@ -129,8 +133,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe } // 生成新证书名(需符合阿里云命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate_%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate_%d", time.Now().UnixMilli()) // 上传新证书 // REF: https://help.aliyun.com/zh/ssl-certificate/developer-reference/api-cas-2020-04-07-uploadusercertificate @@ -145,10 +148,25 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.UploadUserCertificate'") } - certId = fmt.Sprintf("%d", tea.Int64Value(uploadUserCertificateResp.Body.CertId)) + // 获取证书详情 + // REF: https://help.aliyun.com/zh/ssl-certificate/developer-reference/api-cas-2020-04-07-getusercertificatedetail + getUserCertificateDetailReq := &alicas.GetUserCertificateDetailRequest{ + CertId: uploadUserCertificateResp.Body.CertId, + CertFilter: tea.Bool(true), + } + getUserCertificateDetailResp, err := u.sdkClient.GetUserCertificateDetail(getUserCertificateDetailReq) + u.logger.Debug("sdk request 'cas.GetUserCertificateDetail'", slog.Any("request", getUserCertificateDetailReq), slog.Any("response", getUserCertificateDetailResp)) + if err != nil { + return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.GetUserCertificateDetail'") + } + return &uploader.UploadResult{ - CertId: certId, + CertId: fmt.Sprintf("%d", tea.Int64Value(getUserCertificateDetailResp.Body.Id)), CertName: certName, + ExtendedData: map[string]any{ + "instanceId": tea.StringValue(getUserCertificateDetailResp.Body.InstanceId), + "certIdentifier": tea.StringValue(getUserCertificateDetailResp.Body.CertIdentifier), + }, }, nil } From f302c7fb74be9b63bca004ec50c2933f29be75d4 Mon Sep 17 00:00:00 2001 From: Fu Diwei Date: Thu, 27 Mar 2025 14:12:42 +0800 Subject: [PATCH 2/4] feat: support replacing old certificate on deployment to baishan cdn --- internal/deployer/providers.go | 5 +- .../providers/baishan-cdn/baishan_cdn.go | 123 ++++++++++-------- internal/pkg/vendors/baishan-sdk/models.go | 7 +- .../DeployNodeConfigFormBaishanCDNConfig.tsx | 17 +++ .../i18n/locales/en/nls.workflow.nodes.json | 3 + .../i18n/locales/zh/nls.workflow.nodes.json | 19 +-- 6 files changed, 109 insertions(+), 65 deletions(-) diff --git a/internal/deployer/providers.go b/internal/deployer/providers.go index 61d14613..fc3c7a37 100644 --- a/internal/deployer/providers.go +++ b/internal/deployer/providers.go @@ -370,8 +370,9 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) { switch options.Provider { case domain.DeployProviderTypeBaishanCDN: deployer, err := pBaishanCDN.NewDeployer(&pBaishanCDN.DeployerConfig{ - ApiToken: access.ApiToken, - Domain: maputil.GetString(options.ProviderDeployConfig, "domain"), + ApiToken: access.ApiToken, + Domain: maputil.GetString(options.ProviderDeployConfig, "domain"), + CertificateId: maputil.GetString(options.ProviderDeployConfig, "certificateId"), }) return deployer, err diff --git a/internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn.go b/internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn.go index e6aec2ab..ce204525 100644 --- a/internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn.go +++ b/internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn.go @@ -21,6 +21,9 @@ type DeployerConfig struct { ApiToken string `json:"apiToken"` // 加速域名(支持泛域名)。 Domain string `json:"domain"` + // 证书 ID。 + // 选填。 + CertificateId string `json:"certificateId,omitempty"` } type DeployerProvider struct { @@ -62,63 +65,79 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe return nil, errors.New("config `domain` is required") } - // 查询域名配置 - // REF: https://portal.baishancloud.com/track/document/api/1/1065 - getDomainConfigReq := &bssdk.GetDomainConfigRequest{ - Domains: d.config.Domain, - Config: []string{"https"}, - } - getDomainConfigResp, err := d.sdkClient.GetDomainConfig(getDomainConfigReq) - d.logger.Debug("sdk request 'baishan.GetDomainConfig'", slog.Any("request", getDomainConfigReq), slog.Any("response", getDomainConfigResp)) - if err != nil { - return nil, xerrors.Wrap(err, "failed to execute sdk request 'baishan.GetDomainConfig'") - } else if len(getDomainConfigResp.Data) == 0 { - return nil, errors.New("domain config not found") - } - - // 新增证书 - // REF: https://portal.baishancloud.com/track/document/downloadPdf/1441 - certificateId := "" - createCertificateReq := &bssdk.CreateCertificateRequest{ - Certificate: certPem, - Key: privkeyPem, - Name: fmt.Sprintf("certimate_%d", time.Now().UnixMilli()), - } - createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) - d.logger.Debug("sdk request 'baishan.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) - if err != nil { - if createCertificateResp != nil { - if createCertificateResp.GetCode() == 400699 && strings.Contains(createCertificateResp.GetMessage(), "this certificate is exists") { - // 证书已存在,忽略新增证书接口错误 - re := regexp.MustCompile(`\d+`) - certificateId = re.FindString(createCertificateResp.GetMessage()) + if d.config.CertificateId == "" { + // 新增证书 + // REF: https://portal.baishancloud.com/track/document/downloadPdf/1441 + certificateId := "" + createCertificateReq := &bssdk.CreateCertificateRequest{ + Certificate: certPem, + Key: privkeyPem, + Name: fmt.Sprintf("certimate_%d", time.Now().UnixMilli()), + } + createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) + d.logger.Debug("sdk request 'baishan.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + if err != nil { + if createCertificateResp != nil { + if createCertificateResp.GetCode() == 400699 && strings.Contains(createCertificateResp.GetMessage(), "this certificate is exists") { + // 证书已存在,忽略新增证书接口错误 + re := regexp.MustCompile(`\d+`) + certificateId = re.FindString(createCertificateResp.GetMessage()) + } } + + if certificateId == "" { + return nil, xerrors.Wrap(err, "failed to execute sdk request 'baishan.CreateCertificate'") + } + } else { + certificateId = createCertificateResp.Data.CertId.String() } - if certificateId == "" { - return nil, xerrors.Wrap(err, "failed to execute sdk request 'baishan.CreateCertificate'") + // 查询域名配置 + // REF: https://portal.baishancloud.com/track/document/api/1/1065 + getDomainConfigReq := &bssdk.GetDomainConfigRequest{ + Domains: d.config.Domain, + Config: []string{"https"}, + } + getDomainConfigResp, err := d.sdkClient.GetDomainConfig(getDomainConfigReq) + d.logger.Debug("sdk request 'baishan.GetDomainConfig'", slog.Any("request", getDomainConfigReq), slog.Any("response", getDomainConfigResp)) + if err != nil { + return nil, xerrors.Wrap(err, "failed to execute sdk request 'baishan.GetDomainConfig'") + } else if len(getDomainConfigResp.Data) == 0 { + return nil, errors.New("domain config not found") + } + + // 设置域名配置 + // REF: https://portal.baishancloud.com/track/document/api/1/1045 + setDomainConfigReq := &bssdk.SetDomainConfigRequest{ + Domains: d.config.Domain, + Config: &bssdk.DomainConfig{ + Https: &bssdk.DomainConfigHttps{ + CertId: json.Number(certificateId), + ForceHttps: getDomainConfigResp.Data[0].Config.Https.ForceHttps, + EnableHttp2: getDomainConfigResp.Data[0].Config.Https.EnableHttp2, + EnableOcsp: getDomainConfigResp.Data[0].Config.Https.EnableOcsp, + }, + }, + } + setDomainConfigResp, err := d.sdkClient.SetDomainConfig(setDomainConfigReq) + d.logger.Debug("sdk request 'baishan.SetDomainConfig'", slog.Any("request", setDomainConfigReq), slog.Any("response", setDomainConfigResp)) + if err != nil { + return nil, xerrors.Wrap(err, "failed to execute sdk request 'baishan.SetDomainConfig'") } } else { - certificateId = createCertificateResp.Data.CertId.String() - } - - // 设置域名配置 - // REF: https://portal.baishancloud.com/track/document/api/1/1045 - setDomainConfigReq := &bssdk.SetDomainConfigRequest{ - Domains: d.config.Domain, - Config: &bssdk.DomainConfig{ - Https: &bssdk.DomainConfigHttps{ - CertId: json.Number(certificateId), - ForceHttps: getDomainConfigResp.Data[0].Config.Https.ForceHttps, - EnableHttp2: getDomainConfigResp.Data[0].Config.Https.EnableHttp2, - EnableOcsp: getDomainConfigResp.Data[0].Config.Https.EnableOcsp, - }, - }, - } - setDomainConfigResp, err := d.sdkClient.SetDomainConfig(setDomainConfigReq) - d.logger.Debug("sdk request 'baishan.SetDomainConfig'", slog.Any("request", setDomainConfigReq), slog.Any("response", setDomainConfigResp)) - if err != nil { - return nil, xerrors.Wrap(err, "failed to execute sdk request 'baishan.SetDomainConfig'") + // 替换证书 + // REF: https://portal.baishancloud.com/track/document/downloadPdf/1441 + createCertificateReq := &bssdk.CreateCertificateRequest{ + CertificateId: &d.config.CertificateId, + Certificate: certPem, + Key: privkeyPem, + Name: fmt.Sprintf("certimate_%d", time.Now().UnixMilli()), + } + createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) + d.logger.Debug("sdk request 'baishan.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + if err != nil { + return nil, xerrors.Wrap(err, "failed to execute sdk request 'baishan.CreateCertificate'") + } } return &deployer.DeployResult{}, nil diff --git a/internal/pkg/vendors/baishan-sdk/models.go b/internal/pkg/vendors/baishan-sdk/models.go index b7dfd3f5..397061d4 100644 --- a/internal/pkg/vendors/baishan-sdk/models.go +++ b/internal/pkg/vendors/baishan-sdk/models.go @@ -27,9 +27,10 @@ func (r *baseResponse) GetMessage() string { } type CreateCertificateRequest struct { - Certificate string `json:"certificate"` - Key string `json:"key"` - Name string `json:"name"` + CertificateId *string `json:"cert_id,omitempty"` + Certificate string `json:"certificate"` + Key string `json:"key"` + Name string `json:"name"` } type CreateCertificateResponse struct { diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormBaishanCDNConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormBaishanCDNConfig.tsx index 828d5845..57b2aacc 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormBaishanCDNConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormBaishanCDNConfig.tsx @@ -7,6 +7,7 @@ import { validDomainName } from "@/utils/validators"; type DeployNodeConfigFormBaishanCDNConfigFieldValues = Nullish<{ domain: string; + certificateId?: string | number; }>; export type DeployNodeConfigFormBaishanCDNConfigProps = { @@ -34,6 +35,13 @@ const DeployNodeConfigFormBaishanCDNConfig = ({ domain: z .string({ message: t("workflow_node.deploy.form.baishan_cdn_domain.placeholder") }) .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), + certificateId: z + .string() + .nullish() + .refine((v) => { + if (!v) return true; + return /^\d+$/.test(v + "") && +v > 0; + }, t("workflow_node.deploy.form.baishan_cdn_certificate_id.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); @@ -58,6 +66,15 @@ const DeployNodeConfigFormBaishanCDNConfig = ({ > + + } + > + + ); }; diff --git a/ui/src/i18n/locales/en/nls.workflow.nodes.json b/ui/src/i18n/locales/en/nls.workflow.nodes.json index d3eec6b0..39c0361c 100644 --- a/ui/src/i18n/locales/en/nls.workflow.nodes.json +++ b/ui/src/i18n/locales/en/nls.workflow.nodes.json @@ -265,6 +265,9 @@ "workflow_node.deploy.form.baishan_cdn_domain.label": "Baishan CDN domain", "workflow_node.deploy.form.baishan_cdn_domain.placeholder": "Please enter Baishan CDN domain name", "workflow_node.deploy.form.baishan_cdn_domain.tooltip": "For more information, see https://cdnx.console.baishan.com", + "workflow_node.deploy.form.baishan_cdn_certificate_id.label": "Baishan CDN certificate ID (Optional", + "workflow_node.deploy.form.baishan_cdn_certificate_id.placeholder": "Please enter Baishan CDN certificate ID", + "workflow_node.deploy.form.baishan_cdn_certificate_id.tooltip": "For more information, see https://cdnx.console.baishan.com/#/cdn/cert", "workflow_node.deploy.form.baotapanel_console_auto_restart.label": "Auto restart after deployment", "workflow_node.deploy.form.baotapanel_site_type.label": "aaPanel site type", "workflow_node.deploy.form.baotapanel_site_type.placeholder": "Please select aaPanel site type", diff --git a/ui/src/i18n/locales/zh/nls.workflow.nodes.json b/ui/src/i18n/locales/zh/nls.workflow.nodes.json index efab84a2..99382f80 100644 --- a/ui/src/i18n/locales/zh/nls.workflow.nodes.json +++ b/ui/src/i18n/locales/zh/nls.workflow.nodes.json @@ -114,7 +114,7 @@ "workflow_node.deploy.form.aliyun_alb_listener_id.tooltip": "这是什么?请参阅 https://slb.console.aliyun.com/alb", "workflow_node.deploy.form.aliyun_alb_snidomain.label": "阿里云 ALB 扩展域名(可选)", "workflow_node.deploy.form.aliyun_alb_snidomain.placeholder": "请输入阿里云 ALB 扩展域名(支持泛域名)", - "workflow_node.deploy.form.aliyun_alb_snidomain.tooltip": "这是什么?请参阅 https://slb.console.aliyun.com/alb

不填写时,将替换监听器的默认证书。", + "workflow_node.deploy.form.aliyun_alb_snidomain.tooltip": "这是什么?请参阅 https://slb.console.aliyun.com/alb

不填写时,将替换监听器的默认证书;否则,将替换扩展域名证书。", "workflow_node.deploy.form.aliyun_cas_region.label": "阿里云 CAS 服务地域", "workflow_node.deploy.form.aliyun_cas_region.placeholder": "请输入阿里云 CAS 服务地域(例如:cn-hangzhou)", "workflow_node.deploy.form.aliyun_cas_region.tooltip": "这是什么?请参阅 https://help.aliyun.com/zh/ssl-certificate/developer-reference/endpoints", @@ -149,7 +149,7 @@ "workflow_node.deploy.form.aliyun_clb_listener_port.tooltip": "这是什么?请参阅 https://slb.console.aliyun.com/clb", "workflow_node.deploy.form.aliyun_clb_snidomain.label": "阿里云 CLB 扩展域名(可选)", "workflow_node.deploy.form.aliyun_clb_snidomain.placeholder": "请输入阿里云 CLB 扩展域名(支持泛域名)", - "workflow_node.deploy.form.aliyun_clb_snidomain.tooltip": "这是什么?请参阅 https://slb.console.aliyun.com/clb

不填写时,将替换监听器的默认证书。", + "workflow_node.deploy.form.aliyun_clb_snidomain.tooltip": "这是什么?请参阅 https://slb.console.aliyun.com/clb

不填写时,将替换监听器的默认证书;否则,将替换扩展域名证书。", "workflow_node.deploy.form.aliyun_cdn_domain.label": "阿里云 CDN 加速域名", "workflow_node.deploy.form.aliyun_cdn_domain.placeholder": "请输入阿里云 CDN 加速域名(支持泛域名)", "workflow_node.deploy.form.aliyun_cdn_domain.tooltip": "这是什么?请参阅 https://cdn.console.aliyun.com", @@ -214,7 +214,7 @@ "workflow_node.deploy.form.aliyun_waf_instance_id.tooltip": "这是什么?请参阅 https://waf.console.aliyun.com

仅支持 CNAME 接入。", "workflow_node.deploy.form.aliyun_waf_domain.label": "阿里云 WAF 接入域名(可选)", "workflow_node.deploy.form.aliyun_waf_domain.placeholder": "请输入阿里云 WAF 接入域名(支持泛域名)", - "workflow_node.deploy.form.aliyun_waf_domain.tooltip": "这是什么?请参阅 waf.console.aliyun.com

不填写时,将替换实例的默认证书。", + "workflow_node.deploy.form.aliyun_waf_domain.tooltip": "这是什么?请参阅 waf.console.aliyun.com

不填写时,将替换实例的默认证书;否则,将替换扩展域名证书。", "workflow_node.deploy.form.aws_acm_region.label": "AWS ACM 服务区域", "workflow_node.deploy.form.aws_acm_region.placeholder": "请输入 AWS ACM 服务区域(例如:us-east-1)", "workflow_node.deploy.form.aws_acm_region.tooltip": "这是什么?请参阅 https://docs.aws.amazon.com/zh_cn/general/latest/gr/rande.html#regional-endpoints", @@ -242,7 +242,7 @@ "workflow_node.deploy.form.baiducloud_appblb_listener_port.tooltip": "这是什么?请参阅 https://console.bce.baidu.com/blb/#/appblb/list", "workflow_node.deploy.form.baiducloud_appblb_snidomain.label": "百度智能云 BLB 扩展域名(可选)", "workflow_node.deploy.form.baiducloud_appblb_snidomain.placeholder": "请输入百度智能云 BLB 扩展域名(支持泛域名)", - "workflow_node.deploy.form.baiducloud_appblb_snidomain.tooltip": "这是什么?请参阅 https://console.bce.baidu.com/blb/#/appblb/list

不填写时,将替换监听器的默认证书。", + "workflow_node.deploy.form.baiducloud_appblb_snidomain.tooltip": "这是什么?请参阅 https://console.bce.baidu.com/blb/#/appblb/list

不填写时,将替换监听器的默认证书;否则,将替换扩展域名证书。", "workflow_node.deploy.form.baiducloud_blb_resource_type.label": "证书替换方式", "workflow_node.deploy.form.baiducloud_blb_resource_type.placeholder": "请选择证书替换方式", "workflow_node.deploy.form.baiducloud_blb_resource_type.option.loadbalancer.label": "替换指定负载均衡器下的全部 HTTPS/SSL 监听的证书", @@ -258,13 +258,16 @@ "workflow_node.deploy.form.baiducloud_blb_listener_port.tooltip": "这是什么?请参阅 https://console.bce.baidu.com/blb/#/blb/list", "workflow_node.deploy.form.baiducloud_blb_snidomain.label": "百度智能云 BLB 扩展域名(可选)", "workflow_node.deploy.form.baiducloud_blb_snidomain.placeholder": "请输入百度智能云 BLB 扩展域名(支持泛域名)", - "workflow_node.deploy.form.baiducloud_blb_snidomain.tooltip": "这是什么?请参阅 https://console.bce.baidu.com/blb/#/blb/list

不填写时,将替换监听器的默认证书。", + "workflow_node.deploy.form.baiducloud_blb_snidomain.tooltip": "这是什么?请参阅 https://console.bce.baidu.com/blb/#/blb/list

不填写时,将替换监听器的默认证书;否则,将替换扩展域名证书。", "workflow_node.deploy.form.baiducloud_cdn_domain.label": "百度智能云 CDN 加速域名", "workflow_node.deploy.form.baiducloud_cdn_domain.placeholder": "请输入百度智能云 CDN 加速域名(支持泛域名)", "workflow_node.deploy.form.baiducloud_cdn_domain.tooltip": "这是什么?请参阅 https://console.bce.baidu.com/cdn", "workflow_node.deploy.form.baishan_cdn_domain.label": "白山云 CDN 加速域名", "workflow_node.deploy.form.baishan_cdn_domain.placeholder": "请输入白山云 CDN 加速域名(支持泛域名)", "workflow_node.deploy.form.baishan_cdn_domain.tooltip": "这是什么?请参阅 https://cdnx.console.baishan.com", + "workflow_node.deploy.form.baishan_cdn_certificate_id.label": "白山云 CDN 原证书 ID(可选)", + "workflow_node.deploy.form.baishan_cdn_certificate_id.placeholder": "请输入白山云 CDN 原证书 ID", + "workflow_node.deploy.form.baishan_cdn_certificate_id.tooltip": "这是什么?请参阅 https://cdnx.console.baishan.com/#/cdn/cert

不填写时,将上传新证书;否则,将替换原证书。", "workflow_node.deploy.form.baotapanel_console_auto_restart.label": "部署后自动重启面板服务", "workflow_node.deploy.form.baotapanel_site_type.label": "宝塔面板网站类型", "workflow_node.deploy.form.baotapanel_site_type.placeholder": "请选择宝塔面板网站类型", @@ -351,7 +354,7 @@ "workflow_node.deploy.form.jdcloud_alb_listener_id.tooltip": "这是什么?请参阅 https://cns-console.jdcloud.com/host/loadBalance/list", "workflow_node.deploy.form.jdcloud_alb_snidomain.label": "京东云 ALB 扩展域名(可选)", "workflow_node.deploy.form.jdcloud_alb_snidomain.placeholder": "请输入京东云 ALB 扩展域名(支持泛域名)", - "workflow_node.deploy.form.jdcloud_alb_snidomain.tooltip": "这是什么?请参阅 https://cns-console.jdcloud.com/host/loadBalance/list

不填写时,将替换监听器的默认证书。", + "workflow_node.deploy.form.jdcloud_alb_snidomain.tooltip": "这是什么?请参阅 https://cns-console.jdcloud.com/host/loadBalance/list

不填写时,将替换监听器的默认证书;否则,将替换扩展域名证书。", "workflow_node.deploy.form.jdcloud_cdn_domain.label": "京东云 CDN 加速域名", "workflow_node.deploy.form.jdcloud_cdn_domain.placeholder": "请输入京东云 CDN 加速域名(支持泛域名)", "workflow_node.deploy.form.jdcloud_cdn_domain.tooltip": "这是什么?请参阅 https://cdn-console.jdcloud.com/", @@ -485,7 +488,7 @@ "workflow_node.deploy.form.tencentcloud_clb_listener_id.tooltip": "这是什么?请参阅 https://console.cloud.tencent.com/clb", "workflow_node.deploy.form.tencentcloud_clb_snidomain.label": "腾讯云 CLB SNI 域名(可选)", "workflow_node.deploy.form.tencentcloud_clb_snidomain.placeholder": "请输入腾讯云 CLB SNI 域名", - "workflow_node.deploy.form.tencentcloud_clb_snidomain.tooltip": "这是什么?请参阅 https://console.cloud.tencent.com/clb

不填写时,将替换监听器的默认证书。", + "workflow_node.deploy.form.tencentcloud_clb_snidomain.tooltip": "这是什么?请参阅 https://console.cloud.tencent.com/clb

不填写时,将替换监听器的默认证书;否则,将替换扩展域名证书。", "workflow_node.deploy.form.tencentcloud_clb_ruledomain.label": "腾讯云 CLB 七层转发规则域名", "workflow_node.deploy.form.tencentcloud_clb_ruledomain.placeholder": "请输入腾讯云 CLB 七层转发规则域名", "workflow_node.deploy.form.tencentcloud_clb_ruledomain.tooltip": "这是什么?请参阅 https://console.cloud.tencent.com/clb", @@ -580,7 +583,7 @@ "workflow_node.deploy.form.volcengine_alb_listener_id.tooltip": "这是什么?请参阅 https://console.volcengine.com/alb", "workflow_node.deploy.form.volcengine_alb_snidomain.label": "火山引擎 ALB 扩展域名(可选)", "workflow_node.deploy.form.volcengine_alb_snidomain.placeholder": "请输入火山引擎 ALB 扩展域名(支持泛域名)", - "workflow_node.deploy.form.volcengine_alb_snidomain.tooltip": "这是什么?请参阅 https://console.volcengine.com/alb

不填写时,将替换监听器的默认证书。", + "workflow_node.deploy.form.volcengine_alb_snidomain.tooltip": "这是什么?请参阅 https://console.volcengine.com/alb

不填写时,将替换监听器的默认证书;否则,将替换扩展域名证书。", "workflow_node.deploy.form.volcengine_cdn_domain.label": "火山引擎 CDN 加速域名", "workflow_node.deploy.form.volcengine_cdn_domain.placeholder": "请输入火山引擎 CDN 加速域名(支持泛域名)", "workflow_node.deploy.form.volcengine_cdn_domain.tooltip": "这是什么?请参阅 https://console.volcengine.com/cdn/homepage", From fb860981d6e5cdb698ef1e73bcf3f739026c844f Mon Sep 17 00:00:00 2001 From: Fu Diwei Date: Thu, 27 Mar 2025 15:53:29 +0800 Subject: [PATCH 3/4] fix: #568 --- internal/pkg/core/uploader/providers/aws-acm/aws_acm.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/pkg/core/uploader/providers/aws-acm/aws_acm.go b/internal/pkg/core/uploader/providers/aws-acm/aws_acm.go index f0a3ccb5..8e30d554 100644 --- a/internal/pkg/core/uploader/providers/aws-acm/aws_acm.go +++ b/internal/pkg/core/uploader/providers/aws-acm/aws_acm.go @@ -71,7 +71,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe // 获取证书列表,避免重复上传 // REF: https://docs.aws.amazon.com/en_us/acm/latest/APIReference/API_ListCertificates.html - listCertificatesNextToken := new(string) + var listCertificatesNextToken *string = nil listCertificatesMaxItems := int32(1000) for { listCertificatesReq := &awsacm.ListCertificatesInput{ From 7503d5285776a43903c2636b555fbe258e90dd6c Mon Sep 17 00:00:00 2001 From: Fu Diwei Date: Thu, 27 Mar 2025 20:39:06 +0800 Subject: [PATCH 4/4] refactor: clean code --- .../node/DeployNodeConfigFormBaishanCDNConfig.tsx | 4 ++-- .../node/DeployNodeConfigFormCdnflyConfig.tsx | 11 +++++++---- .../node/DeployNodeConfigFormSafeLineConfig.tsx | 11 +++++++---- 3 files changed, 16 insertions(+), 10 deletions(-) diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormBaishanCDNConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormBaishanCDNConfig.tsx index 57b2aacc..ad05b6a8 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormBaishanCDNConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormBaishanCDNConfig.tsx @@ -36,7 +36,7 @@ const DeployNodeConfigFormBaishanCDNConfig = ({ .string({ message: t("workflow_node.deploy.form.baishan_cdn_domain.placeholder") }) .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), certificateId: z - .string() + .union([z.string(), z.number().int()]) .nullish() .refine((v) => { if (!v) return true; @@ -73,7 +73,7 @@ const DeployNodeConfigFormBaishanCDNConfig = ({ rules={[formRule]} tooltip={} > - + ); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormCdnflyConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormCdnflyConfig.tsx index c9f61e02..4ce459ac 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormCdnflyConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormCdnflyConfig.tsx @@ -38,10 +38,13 @@ const DeployNodeConfigFormCdnflyConfig = ({ form: formInst, formName, disabled, if (fieldResourceType !== RESOURCE_TYPE_SITE) return true; return /^\d+$/.test(v + "") && +v > 0; }, t("workflow_node.deploy.form.cdnfly_site_id.placeholder")), - certificateId: z.union([z.string(), z.number().int()]).refine((v) => { - if (fieldResourceType !== RESOURCE_TYPE_CERTIFICATE) return true; - return /^\d+$/.test(v + "") && +v > 0; - }, t("workflow_node.deploy.form.cdnfly_certificate_id.placeholder")), + certificateId: z + .union([z.string(), z.number().int()]) + .nullish() + .refine((v) => { + if (fieldResourceType !== RESOURCE_TYPE_CERTIFICATE) return true; + return /^\d+$/.test(v + "") && +v! > 0; + }, t("workflow_node.deploy.form.cdnfly_certificate_id.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormSafeLineConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormSafeLineConfig.tsx index 239a6c92..2da3ef16 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormSafeLineConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormSafeLineConfig.tsx @@ -34,10 +34,13 @@ const DeployNodeConfigFormSafeLineConfig = ({ form: formInst, formName, disabled resourceType: z.literal(RESOURCE_TYPE_CERTIFICATE, { message: t("workflow_node.deploy.form.safeline_resource_type.placeholder"), }), - certificateId: z.union([z.string(), z.number().int()]).refine((v) => { - if (fieldResourceType !== RESOURCE_TYPE_CERTIFICATE) return true; - return /^\d+$/.test(v + "") && +v > 0; - }, t("workflow_node.deploy.form.safeline_certificate_id.placeholder")), + certificateId: z + .union([z.string(), z.number().int()]) + .nullish() + .refine((v) => { + if (fieldResourceType !== RESOURCE_TYPE_CERTIFICATE) return true; + return /^\d+$/.test(v + "") && +v! > 0; + }, t("workflow_node.deploy.form.safeline_certificate_id.placeholder")), }); const formRule = createSchemaFieldRule(formSchema);