diff --git a/.github/ISSUE_TEMPLATE/1-bug_report.yml b/.github/ISSUE_TEMPLATE/1-bug_report.yml index 983614c6..8dd9bca0 100644 --- a/.github/ISSUE_TEMPLATE/1-bug_report.yml +++ b/.github/ISSUE_TEMPLATE/1-bug_report.yml @@ -11,14 +11,14 @@ body: **在提交 Issue 之前,请确认以下事项**: 1. 我**确认**已尝试过使用当前最新版本,并能复现问题。由于开发者精力有限,非当前最新版本的问题将被直接关闭,感谢理解。 - 2. 我**确认**已搜索过[已有的 Issues](https://github.com/usual2970/certimate/issues)(包括已关闭的),没有类似的问题。 + 2. 我**确认**已搜索过[已有的 Issues](https://github.com/certimate-go/certimate/issues)(包括已关闭的),没有类似的问题。 3. 我**确认**已阅读过[文档](https://docs.certimate.me/),没有类似的问题。 4. 请**务必**按照模板规范详细描述问题,否则 Issue 将会被直接关闭。 5. 请保持每个 Issue 只包含一个缺陷报告。如果有多个缺陷,请分别提交 Issue。 **Before you submit the issue, please make sure of the following checklist**: 1. Yes, I'm using the latest release and can reproduce the issue. Issues that are not in the latest version will be closed directly. - 2. Yes, I've searched for [existing issues](https://github.com/usual2970/certimate/issues) (including closed ones) on GitHub and didn't find any similar. + 2. Yes, I've searched for [existing issues](https://github.com/certimate-go/certimate/issues) (including closed ones) on GitHub and didn't find any similar. 3. Yes, I've read the [documentation](https://docs.certimate.me/en/) and didn't find any similar. 4. Please describe the problem in detail according to the template specification, otherwise the issue will be closed directly. 5. Please limit one report per issue. @@ -76,5 +76,5 @@ body: attributes: label: 贡献 / Contribution options: - - label: 我乐意为此贡献代码! / I am interested in contributing to this issue! + - label: 我乐意为此贡献 PR! / I am interested in contributing a PR for this! required: false diff --git a/.github/ISSUE_TEMPLATE/2-feature_request.yml b/.github/ISSUE_TEMPLATE/2-feature_request.yml index 150f23a4..fdfbc9bb 100644 --- a/.github/ISSUE_TEMPLATE/2-feature_request.yml +++ b/.github/ISSUE_TEMPLATE/2-feature_request.yml @@ -11,14 +11,14 @@ body: **在提交 Issue 之前,请确认以下事项**: 1. 我**确认**是基于当前最新大版本而提出的新功能请求或改进意见。 - 2. 我**确认**已搜索过[已有的 Issues](https://github.com/usual2970/certimate/issues)(包括已关闭的),没有类似的问题。 + 2. 我**确认**已搜索过[已有的 Issues](https://github.com/certimate-go/certimate/issues)(包括已关闭的),没有类似的问题。 3. 我**确认**已阅读过[文档](https://docs.certimate.me/),没有类似的问题。 4. 请**务必**按照模板规范详细描述问题,否则 Issue 将会被直接关闭。 5. 请保持每个 Issue 只包含一个功能请求。如果有多个需求,请分别提交 Issue。 **Before you submit the issue, please make sure of the following checklist**: 1. Yes, I'm using the latest release. - 2. Yes, I've searched for [existing issues](https://github.com/usual2970/certimate/issues) (including closed ones) on GitHub and didn't find any similar. + 2. Yes, I've searched for [existing issues](https://github.com/certimate-go/certimate/issues) (including closed ones) on GitHub and didn't find any similar. 3. Yes, I've read the [documentation](https://docs.certimate.me/en/) and didn't find any similar. 4. Please describe the problem in detail according to the template specification, otherwise the issue will be closed directly. 5. Please limit one request per issue. @@ -48,5 +48,5 @@ body: attributes: label: 贡献 / Contribution options: - - label: 我乐意为此贡献代码! / I am interested in contributing to this issue! + - label: 我乐意为此贡献 PR! / I am interested in contributing a PR for this! required: false diff --git a/.github/ISSUE_TEMPLATE/3-questions.yml b/.github/ISSUE_TEMPLATE/3-questions.yml index 98fc013c..2f91b86a 100644 --- a/.github/ISSUE_TEMPLATE/3-questions.yml +++ b/.github/ISSUE_TEMPLATE/3-questions.yml @@ -9,14 +9,14 @@ body: **在提交 Issue 之前,请确认以下事项**: 1. 我**确认**正在使用的是当前最新版本。 - 2. 我**确认**已搜索过[已有的 Issues](https://github.com/usual2970/certimate/issues)(包括已关闭的),没有类似的问题。 + 2. 我**确认**已搜索过[已有的 Issues](https://github.com/certimate-go/certimate/issues)(包括已关闭的),没有类似的问题。 3. 我**确认**已阅读过[文档](https://docs.certimate.me/),没有类似的问题。 4. 请**务必**按照模板规范详细描述问题,否则 Issue 将会被直接关闭。 5. 请保持每个 Issue 只包含一个问题求助。如果有多个问题,请分别提交 Issue。 **Before you submit the issue, please make sure of the following checklist**: 1. Yes, I'm using the latest release. - 2. Yes, I've searched for [existing issues](https://github.com/usual2970/certimate/issues) (including closed ones) on GitHub and didn't find any similar. + 2. Yes, I've searched for [existing issues](https://github.com/certimate-go/certimate/issues) (including closed ones) on GitHub and didn't find any similar. 3. Yes, I've read the [documentation](https://docs.certimate.me/en/) and didn't find any similar. 4. Please describe the problem in detail according to the template specification, otherwise the issue will be closed directly. 5. Please limit one question per issue. diff --git a/.goreleaser.linux.yml b/.goreleaser.linux.yml deleted file mode 100644 index edde23c3..00000000 --- a/.goreleaser.linux.yml +++ /dev/null @@ -1,52 +0,0 @@ -# .goreleaser.linux.yml -project_name: certimate - -dist: .builds/linux - -before: - hooks: - - go mod tidy - -builds: - - id: build_linux - main: ./ - binary: certimate - ldflags: - - -s -w -X github.com/usual2970/certimate.Version={{ .Version }} - env: - - CGO_ENABLED=0 - goos: - - linux - goarch: - - amd64 - - arm64 - - arm - goarm: - - 7 - -release: - draft: true - ids: - - linux - -archives: - - id: archive_linux - builds: [build_linux] - format: "zip" - name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}" - files: - - CHANGELOG.md - - LICENSE.md - - README.md - -checksum: - name_template: "checksums_linux.txt" - -snapshot: - name_template: "{{ incpatch .Version }}-next" - -changelog: - sort: asc - filters: - exclude: - - "^ui:" \ No newline at end of file diff --git a/.goreleaser.macos.yml b/.goreleaser.macos.yml deleted file mode 100644 index b4f97c0e..00000000 --- a/.goreleaser.macos.yml +++ /dev/null @@ -1,49 +0,0 @@ -# .goreleaser.macos.yml -project_name: certimate - -dist: .builds/macos - -before: - hooks: - - go mod tidy - -builds: - - id: build_macos - main: ./ - binary: certimate - ldflags: - - -s -w -X github.com/usual2970/certimate.Version={{ .Version }} - env: - - CGO_ENABLED=0 - goos: - - darwin - goarch: - - amd64 - - arm64 - -release: - draft: true - ids: - - macos - -archives: - - id: archive_macos - builds: [build_macos] - format: "zip" - name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}" - files: - - CHANGELOG.md - - LICENSE.md - - README.md - -checksum: - name_template: "checksums_macos.txt" - -snapshot: - name_template: "{{ incpatch .Version }}-next" - -changelog: - sort: asc - filters: - exclude: - - "^ui:" \ No newline at end of file diff --git a/.goreleaser.windows.yml b/.goreleaser.windows.yml deleted file mode 100644 index 821527d7..00000000 --- a/.goreleaser.windows.yml +++ /dev/null @@ -1,52 +0,0 @@ -# .goreleaser.windows.yml -project_name: certimate - -dist: .builds/windows - -before: - hooks: - - go mod tidy - -builds: - - id: build_windows - main: ./ - binary: certimate - ldflags: - - -s -w -X github.com/usual2970/certimate.Version={{ .Version }} - env: - - CGO_ENABLED=0 - goos: - - windows - goarch: - - amd64 - - arm64 - ignore: - - goos: windows - goarch: arm - -release: - draft: true - ids: - - windows - -archives: - - id: archive_windows - builds: [build_windows] - format: "zip" - name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}" - files: - - CHANGELOG.md - - LICENSE.md - - README.md - -checksum: - name_template: "checksums_windows.txt" - -snapshot: - name_template: "{{ incpatch .Version }}-next" - -changelog: - sort: asc - filters: - exclude: - - "^ui:" \ No newline at end of file diff --git a/.goreleaser.yml b/.goreleaser.yml index 65ce8d48..b131d4a3 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -11,7 +11,7 @@ builds: main: ./ binary: certimate ldflags: - - -s -w -X github.com/usual2970/certimate.Version={{ .Version }} + - -s -w -X github.com/certimate-go/certimate.Version={{ .Version }} env: - CGO_ENABLED=0 goos: @@ -41,9 +41,9 @@ archives: builds: [build_noncgo] format: "zip" files: - - CHANGELOG.md - - LICENSE.md + - LICENSE - README.md + - CHANGELOG.md checksum: name_template: "checksums.txt" diff --git a/CHANGELOG.md b/CHANGELOG.md index c0249c2e..f4061885 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1 +1 @@ -A full changelog of past releases is available on [GitHub Releases](https://github.com/usual2970/certimate/releases) page. +A full changelog of past releases is available on [GitHub Releases](https://github.com/certimate-go/certimate/releases) page. diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 3e8fcee1..20e2bc7e 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,76 +1,106 @@ -# 向 Certimate 贡献代码 +# 贡献指南 -感谢你抽出时间来改进 Certimate!以下是向 Certimate 主仓库提交 PR(Pull Request)时的操作指南。 +非常感谢你抽出时间来帮助改进 Certimate!以下是向 Certimate 提交 Pull Request 时的操作指南。 -- [向 Certimate 贡献代码](#向-certimate-贡献代码) - - [前提条件](#前提条件) - - [修改 Go 代码](#修改-go-代码) - - [修改管理页面 (Admin UI)](#修改管理页面-admin-ui) +我们需要保持敏捷和快速迭代,同时也希望确保贡献者能获得尽可能流畅的参与体验。这份贡献指南旨在帮助你熟悉代码库和我们的工作方式,让你可以尽快进入有趣的开发环节。 -## 前提条件 +索引: -- Go 1.24+ (用于修改 Go 代码) -- Node 20+ (用于修改 UI) +- [开发](#开发) + - [要求](#要求) + - [后端代码](#后端代码) + - [前端代码](#前端代码) +- [提交 PR](#提交-pr) + - [提交流程](#提交流程) +- [获取帮助](#获取帮助) -如果还没有这样做,你可以 fork Certimate 的主仓库,并克隆到本地以便进行修改: +--- -```bash -git clone https://github.com/your_username/certimate.git -``` +## 开发 -> **重要提示:** -> 建议为每个 Bug 修复或新功能创建一个从 `main` 分支派生的新分支。如果你计划提交多个 PR,请保持不同的改动在独立分支中,以便更容易进行代码审查并最终合并。 -> 保持一个 PR 只实现一个功能。 +### 要求 -## 修改 Go 代码 +- Go 1.24+(用于修改后端代码) +- Node.js 22.0+(用于修改前端代码) -假设你已经对 Certimate 的 Go 代码做了一些修改,现在你想要运行它: +### 后端代码 -1. 进入根目录 -2. 运行以下命令启动服务: +Certimate 的后端代码是使用 Golang 开发的,是一个基于 [Pocketbase](https://github.com/pocketbase/pocketbase) 构建的单体应用。 +假设你已经对 Certimate 的后端代码做出了一些修改,现在你想要运行它,请遵循以下步骤: + +1. 进入根目录; +2. 安装依赖: + ```bash + go mod vendor + ``` +3. 启动本地开发服务: ```bash go run main.go serve ``` -这将启动一个 Web 服务器,默认运行在 `http://localhost:8090`,并使用来自 `ui/dist` 的预构建管理页面。 +这将启动一个 Web 服务器,默认运行在 `http://localhost:8090`,并使用来自 `/ui/dist` 的预构建管理页面。 -**在向主仓库提交 PR 之前,建议你:** +> 如果你遇到报错 `ui/embed.go: pattern all:dist: no matching files found`,请参考“[前端代码](#前端代码)”这一小节构建 WebUI。 -- 使用 [gofumpt](https://github.com/mvdan/gofumpt) 对你的代码进行格式化。 +**在向主仓库提交 PR 之前,你应该:** -- 为你的改动添加单元测试或集成测试(Certimate 使用 Go 的标准 `testing` 包)。你可以通过以下命令运行测试(在项目根目录下): +- 使用 [gofumpt](https://github.com/mvdan/gofumpt) 格式化你的代码。推荐使用 VSCode,并安装 gofumpt 插件,以便在保存时自动格式化。 +- 为你的改动添加单元测试或集成测试(使用 Go 标准库中的 `testing` 包)。 - ```bash - go test ./... - ``` +### 前端代码 -## 修改管理页面 (Admin UI) +Certimate 的前端代码是使用 TypeScript 开发的,是一个基于 [React](https://github.com/facebook/react) 和 [Vite](https://github.com/vitejs/vite) 构建的单页应用。 -Certimate 的管理页面是一个基于 React 和 Vite 构建的单页应用(SPA)。 - -要启动 Admin UI: - -1. 进入 `ui` 项目目录。 - -2. 运行 `npm install` 安装依赖。 +假设你已经对 Certimate 的前端代码做出了一些修改,现在你想要运行它,请遵循以下步骤: +1. 进入 `/ui` 目录; +2. 安装依赖: + ```bash + npm install + ``` 3. 启动 Vite 开发服务器: - ```bash npm run dev ``` -你可以通过浏览器访问 `http://localhost:5173` 来查看运行中的管理页面。 +这将启动一个 Web 服务器,默认运行在 `http://localhost:5173`,你可以通过浏览器访问来查看运行中的 WebUI。 -由于 Admin UI 只是一个客户端应用,运行时需要 Certimate 的后端服务作为支撑。你可以手动运行 Certimate,或者使用预构建的可执行文件。 - -所有对 Admin UI 的修改将会自动反映在浏览器中,无需手动刷新页面。 - -完成修改后,运行以下命令来构建 Admin UI,以便它能被嵌入到 Go 包中: +完成修改后,运行以下命令来构建 WebUI,以便它能被嵌入到 Go 包中: ```bash npm run build ``` -完成所有步骤后,你可以将改动提交 PR 到 Certimate 主仓库。 +**在向主仓库提交 PR 之前,你应该:** + +- 使用 [ESLint](https://github.com/eslint/eslint) 格式化你的代码。推荐使用 VSCode,并安装 ESLint+Prettier 插件,以便在保存时自动格式化。 + +## 提交 PR + +在提交 PR 之前,请先创建一个 Issue 来讨论你的修改方案,并等待来自项目维护者的反馈。这样做有助于: + +- 让我们充分理解你的修改内容; +- 评估修改是否符合项目路线图; +- 避免重复工作; +- 防止你投入时间到可能无法被合并的修改中。 + +### 提交流程 + +1. Fork 本仓库; +2. 在提交 PR 之前,请先发起 Issue 讨论你想要做的修改; +3. 为你的修改创建一个新的分支; +4. 请为你的修改添加相应的测试; +5. 确保你的代码能通过现有的测试; +6. 请在 PR 描述中关联相关 Issue; +7. 等待合并! + +> [!IMPORTANT] +> +> 建议为每个新功能或 Bug 修复创建一个从 `main` 分支派生的新分支。如果你计划提交多个 PR,请保持不同的改动在独立分支中,以便更容易进行代码审查并最终合并。 +> +> 保持一个 PR 只实现一个功能或修复。 + +## 获取帮助 + +如果你在贡献过程中遇到困难或问题,可以通过 GitHub Issues 向我们提问。 diff --git a/CONTRIBUTING_EN.md b/CONTRIBUTING_EN.md index 59a783e9..da5bf210 100644 --- a/CONTRIBUTING_EN.md +++ b/CONTRIBUTING_EN.md @@ -1,81 +1,106 @@ -# Contributing to Certimate +# Contribution Guide -Thank you for taking the time to improve Certimate! Below is a guide for submitting a PR (Pull Request) to the main Certimate repository. +Thank you for taking the time to improve Certimate! Below is a guide for submitting a PR (Pull Request) to the Certimate repository. -- [Contributing to Certimate](#contributing-to-certimate) +We need to be nimble and ship fast given where we are, but we also want to make sure that contributors like you get as smooth an experience at contributing as possible. We've assembled this contribution guide for that purpose, aiming at getting you familiarized with the codebase & how we work with contributors, so you could quickly jump to the fun part. + +Index: + +- [Development](#development) - [Prerequisites](#prerequisites) - - [Making Changes in the Go Code](#making-changes-in-the-go-code) - - [Making Changes in the Admin UI](#making-changes-in-the-admin-ui) + - [Backend Code](#backend-code) + - [Frontend Code](#frontend-code) +- [Submitting PR](#submitting-pr) + - [Pull Request Process](#pull-request-process) +- [Getting Help](#getting-help) -## Prerequisites +--- -- Go 1.24+ (for Go code changes) -- Node 20+ (for Admin UI changes) +## Development -If you haven't done so already, you can fork the Certimate repository and clone your fork to work locally: +### Prerequisites -```bash -git clone https://github.com/your_username/certimate.git -``` +- Go 1.24+ (for backend code changes) +- Node.js 22.0+ (for frontend code changes) -> **Important:** -> It is recommended to create a new branch from `main` for each bug fix or feature. If you plan to submit multiple PRs, ensure the changes are in separate branches for easier review and eventual merge. -> Keep each PR focused on a single feature or fix. +### Backend Code -## Making Changes in the Go Code +The backend code of Certimate is developed using Golang. It is a monolithic application based on [Pocketbase](https://github.com/pocketbase/pocketbase). -Once you have made changes to the Go code in Certimate, follow these steps to run the project: +Once you have made changes to the backend code in Certimate, follow these steps to run the project: 1. Navigate to the root directory. - -2. Start the service by running: - +2. Install dependencies: + ```bash + go mod vendor + ``` +3. Start the local development server: ```bash go run main.go serve ``` -This will start a web server at `http://localhost:8090` using the prebuilt Admin UI located in `ui/dist`. +This will start a web server at `http://localhost:8090` using the prebuilt WebUI located in `/ui/dist`. -**Before submitting a PR to the main repository, consider:** +> If you encounter an error `ui/embed.go: pattern all:dist: no matching files found`, please refer to _[Frontend Code](#frontend-code)_ and build WebUI first. -- Format your source code by using [gofumpt](https://github.com/mvdan/gofumpt). +**Before submitting a PR to the main repository, you should:** -- Adding unit or integration tests for your changes. Certimate uses Go’s standard `testing` package. You can run tests using the following command (while in the root project directory): +- Format your source code by using [gofumpt](https://github.com/mvdan/gofumpt). Recommended using VSCode and installing the gofumpt plugin to automatically format when saving. +- Adding unit or integration tests for your changes (with go standard library `testing` package). - ```bash - go test ./... - ``` +### Frontend Code -## Making Changes in the Admin UI +The frontend code of Certimate is developed using TypeScript. It is a SPA based on [React](https://github.com/facebook/react) and [Vite](https://github.com/vitejs/vite). -Certimate’s Admin UI is a single-page application (SPA) built using React and Vite. - -To start the Admin UI: - -1. Navigate to the `ui` project directory. - -2. Install the necessary dependencies by running: +Once you have made changes to the backend code in Certimate, follow these steps to run the project: +1. Navigate to the `/ui` directory. +2. Install dependencies: ```bash npm install ``` - -3. Start the Vite development server: - +3. Start the local development server: ```bash npm run dev ``` -You can now access the running Admin UI at `http://localhost:5173` in your browser. +This will start a web server at `http://localhost:5173`. You can now access the WebUI in your browser. -Since the Admin UI is a client-side application, you will also need to have the Certimate backend running. You can either manually run Certimate or use a prebuilt executable. - -Any changes you make in the Admin UI will be automatically reflected in the browser without requiring a page reload. - -After completing your changes, build the Admin UI so it can be embedded into the Go package: +After completing your changes, build the WebUI so it can be embedded into the Go package: ```bash npm run build ``` -Once all steps are completed, you are ready to submit a PR to the main Certimate repository. +**Before submitting a PR to the main repository, you should:** + +- Format your source code by using [ESLint](https://github.com/eslint/eslint). Recommended using VSCode and installing the ESLint plugin to automatically format when saving. + +## Submitting PR + +Before opening a Pull Request, please open an issue to discuss the change and get feedback from the maintainers. This will helps us: + +- To understand the context of the change. +- To ensure it fits into Certimate's roadmap. +- To prevent us from duplicating work. +- To prevent you from spending time on a change that we may not be able to accept. + +### Pull Request Process + +1. Fork the repository. +2. Before you draft a PR, please open an issue to discuss the changes you want to make. +3. Create a new branch for your changes. +4. Please add tests for your changes accordingly. +5. Ensure your code passes the existing tests. +6. Please link the issue in the PR description. +7. Get merged! + +> [!IMPORTANT] +> +> It is recommended to create a new branch from `main` for each bug fix or feature. If you plan to submit multiple PRs, ensure the changes are in separate branches for easier review and eventual merge. +> +> Keep each PR focused on a single feature or fix. + +## Getting Help + +If you ever get stuck or get a burning question while contributing, simply shoot your queries our way via the GitHub issues. diff --git a/LICENSE.md b/LICENSE similarity index 97% rename from LICENSE.md rename to LICENSE index 9262263d..4022eb9c 100644 --- a/LICENSE.md +++ b/LICENSE @@ -1,5 +1,6 @@ MIT License +Copyright (c) 2025 certimate-go Copyright (c) 2024 Yoan.Liu Permission is hereby granted, free of charge, to any person obtaining a copy diff --git a/README.md b/README.md index 42771d0e..006c0d78 100644 --- a/README.md +++ b/README.md @@ -2,11 +2,11 @@
-[![Stars](https://img.shields.io/github/stars/usual2970/certimate?style=flat)](https://github.com/usual2970/certimate) -[![Forks](https://img.shields.io/github/forks/usual2970/certimate?style=flat)](https://github.com/usual2970/certimate) -[![Docker Pulls](https://img.shields.io/docker/pulls/usual2970/certimate?style=flat)](https://hub.docker.com/r/usual2970/certimate) -[![Release](https://img.shields.io/github/v/release/usual2970/certimate?sort=semver)](https://github.com/usual2970/certimate/releases) -[![License](https://img.shields.io/github/license/usual2970/certimate)](https://mit-license.org/) +[![Stars](https://img.shields.io/github/stars/certimate-go/certimate?style=flat)](https://github.com/certimate-go/certimate) +[![Forks](https://img.shields.io/github/forks/certimate-go/certimate?style=flat)](https://github.com/certimate-go/certimate) +[![Docker Pulls](https://img.shields.io/docker/pulls/certimate/certimate?style=flat)](https://hub.docker.com/r/certimate/certimate) +[![Release](https://img.shields.io/github/v/release/certimate-go/certimate?style=flat&sort=semver)](https://github.com/certimate-go/certimate/releases) +[![License](https://img.shields.io/github/license/certimate-go/certimate?style=flat)](https://mit-license.org/)
@@ -49,7 +49,7 @@ Certimate 旨在为用户提供一个安全、简便的 SSL 证书管理解决 - 支持单域名、多域名、泛域名证书,可选 RSA、ECC 签名算法; - 支持 PEM、PFX、JKS 等多种格式输出证书; - 支持 30+ 域名托管商(如阿里云、腾讯云、Cloudflare 等,[点此查看完整清单](https://docs.certimate.me/docs/reference/providers#supported-dns-providers)); -- 支持 90+ 部署目标(如 Kubernetes、CDN、WAF、负载均衡等,[点此查看完整清单](https://docs.certimate.me/docs/reference/providers#supported-hosting-providers)); +- 支持 100+ 部署目标(如 Kubernetes、CDN、WAF、负载均衡等,[点此查看完整清单](https://docs.certimate.me/docs/reference/providers#supported-hosting-providers)); - 支持邮件、钉钉、飞书、企业微信、Webhook 等多种通知渠道; - 支持 Let's Encrypt、Buypass、Google Trust Services、SSL.com、ZeroSSL 等多种 ACME 证书颁发机构; - 更多特性等待探索。 @@ -58,7 +58,7 @@ Certimate 旨在为用户提供一个安全、简便的 SSL 证书管理解决 **5 分钟部署 Certimate!** -以二进制部署为例,从 [GitHub Releases](https://github.com/usual2970/certimate/releases) 页面下载预先编译好的二进制可执行文件压缩包,解压缩后在终端中执行: +以二进制部署为例,从 [GitHub Releases](https://github.com/certimate-go/certimate/releases) 页面下载预先编译好的二进制可执行文件压缩包,解压缩后在终端中执行: ```bash ./certimate serve @@ -81,10 +81,10 @@ Certimate 旨在为用户提供一个安全、简便的 SSL 证书管理解决 相关文章: -- [使用 CNAME 完成 ACME DNS-01 质询](https://docs.certimate.me/blog/cname) -- [v0.3.0:第二个不向后兼容的大版本](https://docs.certimate.me/blog/v0.3.0) -- [v0.2.0:第一个不向后兼容的大版本](https://docs.certimate.me/blog/v0.2.0) -- [Why Certimate?](https://docs.certimate.me/blog/why-certimate) +- [《使用 CNAME 完成 ACME DNS-01 质询》](https://docs.certimate.me/blog/cname) +- [《v0.3.0:第二个不向后兼容的大版本》](https://docs.certimate.me/blog/v0.3.0) +- [《v0.2.0:第一个不向后兼容的大版本》](https://docs.certimate.me/blog/v0.2.0) +- [《Why Certimate?》](https://docs.certimate.me/blog/why-certimate) ## ⭐ 运行界面 @@ -92,18 +92,19 @@ Certimate 旨在为用户提供一个安全、简便的 SSL 证书管理解决 ## 🤝 参与贡献 -Certimate 是一个免费且开源的项目,采用 [MIT License](./LICENSE.md)。你可以使用它做任何你想做的事,甚至把它当作一个付费服务提供给用户。 +Certimate 是一个免费且开源的项目。我们欢迎任何人为 Certimate 做出贡献,以帮助改善 Certimate。包括但不限于:提交代码、反馈缺陷、交流想法,或分享你基于 Certimate 的使用案例。同时,我们也欢迎用户在个人博客或社交媒体上分享 Certimate。 -你可以通过以下方式来支持 Certimate 的开发: +如果你想要贡献代码,请先阅读我们的[贡献指南](./CONTRIBUTING.md)。 -- 提交代码:如果你发现了 Bug 或有新的功能需求,而你又有相关经验,可以[提交代码](CONTRIBUTING.md)给我们。 -- 提交 Issue:功能建议或者 Bug 可以[提交 Issue](https://github.com/usual2970/certimate/issues) 给我们。 +请在 https://github.com/certimate-go/certimate 提交 [Issues](https://github.com/certimate-go/certimate/issues) 和 [Pull Requests](https://github.com/certimate-go/certimate/pulls)。 -支持更多提供商、UI 的优化改进、Bug 修复、文档完善等,欢迎大家参与贡献。 +#### 感谢以下贡献者对 Certimate 做出的贡献: + +[![Contributors](https://contrib.rocks/image?repo=certimate-go/certimate)](https://github.com/certimate-go/certimate/graphs/contributors) ## ⛔ 免责声明 -Certimate 基于 [MIT License](https://opensource.org/licenses/MIT) 发布,完全免费提供,旨在“按现状”供用户使用。作者及贡献者不对使用本软件所产生的任何直接或间接后果承担责任,包括但不限于性能下降、数据丢失、服务中断、或任何其他类型的损害。 +Certimate 遵循 [MIT License](https://opensource.org/licenses/MIT) 开源协议,完全免费提供,旨在“按现状”供用户使用。作者及贡献者不对使用本软件所产生的任何直接或间接后果承担责任,包括但不限于性能下降、数据丢失、服务中断、或任何其他类型的损害。 **无任何保证**:本软件不提供任何明示或暗示的保证,包括但不限于对特定用途的适用性、无侵权性、商用性及可靠性的保证。 @@ -114,8 +115,8 @@ Certimate 基于 [MIT License](https://opensource.org/licenses/MIT) 发布,完 - [Telegram](https://t.me/+ZXphsppxUg41YmVl) - 微信群聊(超 200 人需邀请入群,可先加作者好友) - + ## 🚀 Star 趋势图 -[![Stargazers over time](https://starchart.cc/usual2970/certimate.svg?variant=adaptive)](https://starchart.cc/usual2970/certimate) +[![Stargazers over time](https://starchart.cc/certimate-go/certimate.svg?variant=adaptive)](https://starchart.cc/certimate-go/certimate) diff --git a/README_EN.md b/README_EN.md index 67bab154..2b50f83a 100644 --- a/README_EN.md +++ b/README_EN.md @@ -2,11 +2,11 @@
-[![Stars](https://img.shields.io/github/stars/usual2970/certimate?style=flat)](https://github.com/usual2970/certimate) -[![Forks](https://img.shields.io/github/forks/usual2970/certimate?style=flat)](https://github.com/usual2970/certimate) -[![Docker Pulls](https://img.shields.io/docker/pulls/usual2970/certimate?style=flat)](https://hub.docker.com/r/usual2970/certimate) -[![Release](https://img.shields.io/github/v/release/usual2970/certimate?style=flat&sort=semver)](https://github.com/usual2970/certimate/releases) -[![License](https://img.shields.io/github/license/usual2970/certimate?style=flat)](https://mit-license.org/) +[![Stars](https://img.shields.io/github/stars/certimate-go/certimate?style=flat)](https://github.com/certimate-go/certimate) +[![Forks](https://img.shields.io/github/forks/certimate-go/certimate?style=flat)](https://github.com/certimate-go/certimate) +[![Docker Pulls](https://img.shields.io/docker/pulls/certimate/certimate?style=flat)](https://hub.docker.com/r/certimate/certimate) +[![Release](https://img.shields.io/github/v/release/certimate-go/certimate?style=flat&sort=semver)](https://github.com/certimate-go/certimate/releases) +[![License](https://img.shields.io/github/license/certimate-go/certimate?style=flat)](https://mit-license.org/)
@@ -39,7 +39,7 @@ Certimate aims to provide users with a secure and user-friendly SSL certificate - Supports single-domain, multi-domain, wildcard certificates, with options for RSA or ECC. - Supports various certificate formats such as PEM, PFX, JKS. - Supports more than 30+ domain registrars (e.g., Alibaba Cloud, Tencent Cloud, Cloudflare, etc. [Check out this link](https://docs.certimate.me/en/docs/reference/providers#supported-dns-providers)); -- Supports more than 90+ deployment targets (e.g., Kubernetes, CDN, WAF, load balancers, etc. [Check out this link](https://docs.certimate.me/en/docs/reference/providers#supported-hosting-providers)); +- Supports more than 100+ deployment targets (e.g., Kubernetes, CDN, WAF, load balancers, etc. [Check out this link](https://docs.certimate.me/en/docs/reference/providers#supported-hosting-providers)); - Supports multiple notification channels including email, DingTalk, Feishu, WeCom, Webhook, and more; - Supports multiple ACME CAs including Let's Encrypt, Buypass, Google Trust Services,SSL.com, ZeroSSL, and more; - More features waiting to be discovered. @@ -48,7 +48,7 @@ Certimate aims to provide users with a secure and user-friendly SSL certificate **Deploy Certimate in 5 minutes!** -Download the archived package of precompiled binary files directly from [GitHub Releases](https://github.com/usual2970/certimate/releases), extract and then execute: +Download the archived package of precompiled binary files directly from [GitHub Releases](https://github.com/certimate-go/certimate/releases), extract and then execute: ```bash ./certimate serve @@ -65,14 +65,14 @@ Work with Certimate right now. Or read other content in the documentation to lea ## 📄 Documentation -Please visit the documentation site [docs.certimate.me](https://docs.certimate.me/en/). +For full documentation, please visit [docs.certimate.me](https://docs.certimate.me/en/). Related articles: -- [使用 CNAME 完成 ACME DNS-01 质询](https://docs.certimate.me/blog/cname) -- [v0.3.0:第二个不向后兼容的大版本](https://docs.certimate.me/blog/v0.3.0) -- [v0.2.0:第一个不向后兼容的大版本](https://docs.certimate.me/blog/v0.2.0) -- [Why Certimate?](https://docs.certimate.me/blog/why-certimate) +- [_使用 CNAME 完成 ACME DNS-01 质询_](https://docs.certimate.me/blog/cname) +- [_v0.3.0:第二个不向后兼容的大版本_](https://docs.certimate.me/blog/v0.3.0) +- [_v0.2.0:第一个不向后兼容的大版本_](https://docs.certimate.me/blog/v0.2.0) +- [_Why Certimate?_](https://docs.certimate.me/blog/why-certimate) ## ⭐ Screenshot @@ -80,18 +80,19 @@ Related articles: ## 🤝 Contributing -Certimate is a free and open-source project, licensed under the [MIT License](./LICENSE.md). You can use it for anything you want, even offering it as a paid service to users. +Certimate is a free and open-source project, and your feedback and contributions are needed and always welcome. Contributions include but are not limited to: submitting code, reporting bugs, sharing ideas, or showcasing your use cases based on Certimate. We also encourage users to share Certimate on personal blogs or social media. -You can support the development of Certimate in the following ways: +For those who'd like to contribute code, see our [Contribution Guide](./CONTRIBUTING_EN.md). -- **Submit Code**: If you find a bug or have new feature requests, and you have relevant experience, [you can submit code to us](CONTRIBUTING_EN.md). -- **Submit an Issue**: For feature suggestions or bugs, you can [submit an issue](https://github.com/usual2970/certimate/issues) to us. +[Issues](https://github.com/certimate-go/certimate/issues) and [Pull Requests](https://github.com/certimate-go/certimate/pulls) are opened at https://github.com/certimate-go/certimate. -Support for more service providers, UI enhancements, bug fixes, and documentation improvements are all welcome. We encourage everyone to contribute. +#### Contributors + +[![Contributors](https://contrib.rocks/image?repo=certimate-go/certimate)](https://github.com/certimate-go/certimate/graphs/contributors) ## ⛔ Disclaimer -This software is provided under the [MIT License](https://opensource.org/licenses/MIT) and distributed “as-is” without any warranty of any kind. The authors and contributors are not responsible for any damages or losses resulting from the use or inability to use this software, including but not limited to data loss, business interruption, or any other potential harm. +This repository is available under the [MIT License](https://opensource.org/licenses/MIT), and distributed “as-is” without any warranty of any kind. The authors and contributors are not responsible for any damages or losses resulting from the use or inability to use this software, including but not limited to data loss, business interruption, or any other potential harm. **No Warranties**: This software comes without any express or implied warranties, including but not limited to implied warranties of merchantability, fitness for a particular purpose, and non-infringement. @@ -102,8 +103,8 @@ This software is provided under the [MIT License](https://opensource.org/license - [Telegram](https://t.me/+ZXphsppxUg41YmVl) - Wechat Group - + ## 🚀 Star History -[![Stargazers over time](https://starchart.cc/usual2970/certimate.svg?variant=adaptive)](https://starchart.cc/usual2970/certimate) +[![Stargazers over time](https://starchart.cc/certimate-go/certimate.svg?variant=adaptive)](https://starchart.cc/certimate-go/certimate) diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index c685e77c..2c112e2b 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -1,8 +1,8 @@ version: "3.0" services: certimate: - image: registry.cn-shanghai.aliyuncs.com/usual2970/certimate:latest - container_name: certimate_server + image: certimate/certimate:latest + container_name: certimate ports: - 8090:8090 volumes: diff --git a/go.mod b/go.mod index bca64be5..399f6f86 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/usual2970/certimate +module github.com/certimate-go/certimate go 1.24.0 @@ -30,6 +30,7 @@ require ( github.com/aliyun/aliyun-oss-go-sdk v3.0.2+incompatible github.com/aws/aws-sdk-go-v2/service/acm v1.32.0 github.com/aws/aws-sdk-go-v2/service/cloudfront v1.46.1 + github.com/aws/aws-sdk-go-v2/service/iam v1.42.0 github.com/baidubce/bce-sdk-go v0.9.228 github.com/blinkbean/dingtalk v1.1.3 github.com/byteplus-sdk/byteplus-sdk-golang v1.0.46 @@ -51,6 +52,7 @@ require ( github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn v1.0.1155 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.1166 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1173 + github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap v1.0.1163 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/live v1.0.1150 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/scf v1.0.1172 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl v1.0.1169 @@ -85,7 +87,6 @@ require ( github.com/alibabacloud-go/tea-oss-utils v1.1.0 // indirect github.com/alibabacloud-go/tea-utils/v2 v2.0.7 // indirect github.com/avast/retry-go v3.0.0+incompatible // indirect - github.com/aws/aws-sdk-go-v2/service/iam v1.42.0 // indirect github.com/aws/aws-sdk-go-v2/service/route53 v1.50.0 // indirect github.com/buger/goterm v1.0.4 // indirect github.com/diskfs/go-diskfs v1.5.0 // indirect @@ -218,8 +219,8 @@ require ( modernc.org/sqlite v1.37.1 // indirect ) -replace github.com/Edgio/edgio-api v0.0.0-workspace => ./internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace +replace github.com/Edgio/edgio-api v0.0.0-workspace => ./pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace -replace gitlab.ecloud.com/ecloud/ecloudsdkcore v1.0.0 => ./internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0 +replace gitlab.ecloud.com/ecloud/ecloudsdkcore v1.0.0 => ./pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0 -replace gitlab.ecloud.com/ecloud/ecloudsdkclouddns v1.0.1 => ./internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1 +replace gitlab.ecloud.com/ecloud/ecloudsdkclouddns v1.0.1 => ./pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1 diff --git a/go.sum b/go.sum index 404e21e4..eb4dc407 100644 --- a/go.sum +++ b/go.sum @@ -836,6 +836,7 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.1166/go.mod h1 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1128/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1150/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1155/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1163/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1164/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1166/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1169/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0= @@ -845,6 +846,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1173 h1:W5b github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1173/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1128 h1:mrJ5Fbkd7sZIJ5F6oRfh5zebPQaudPH9Y0+GUmFytYU= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1128/go.mod h1:zbsYIBT+VTX4z4ocjTAdLBIWyNYj3z0BRqd0iPdnjsk= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap v1.0.1163 h1:putqrH5n1SVRqFWHOylVqYI5yLQUjRTkHqZPLT2yeVY= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap v1.0.1163/go.mod h1:aEWRXlAvovPUUoS3kVB/LVWEQ19WqzTj2lXGvR1YArY= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/live v1.0.1150 h1:RQQYfZOFYlkxKR2+xp8el3+8xs9DhxBy+ajlHtapqtQ= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/live v1.0.1150/go.mod h1:zpfr6EBWy7ClASTGUgIy01Gn4R79UXf+2QGQeyR124A= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/scf v1.0.1172 h1:6SUO0hTie3zxnUEMxmhnS1iRIXpAukSZV27Nrx4NwIk= diff --git a/internal/applicant/acme_ca.go b/internal/applicant/acme_ca.go index 36c0a0a4..76e44ac7 100644 --- a/internal/applicant/acme_ca.go +++ b/internal/applicant/acme_ca.go @@ -1,6 +1,6 @@ package applicant -import "github.com/usual2970/certimate/internal/domain" +import "github.com/certimate-go/certimate/internal/domain" const ( caLetsEncrypt = string(domain.CAProviderTypeLetsEncrypt) diff --git a/internal/applicant/acme_user.go b/internal/applicant/acme_user.go index e6e13cb7..c1c89a1f 100644 --- a/internal/applicant/acme_user.go +++ b/internal/applicant/acme_user.go @@ -13,10 +13,10 @@ import ( "github.com/go-acme/lego/v4/registration" "golang.org/x/sync/singleflight" - "github.com/usual2970/certimate/internal/domain" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - maputil "github.com/usual2970/certimate/internal/pkg/utils/map" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xmaps "github.com/certimate-go/certimate/pkg/utils/maps" ) type acmeUser struct { @@ -51,7 +51,7 @@ func newAcmeUser(ca, caAccessId, email string) (*acmeUser, error) { return nil, err } - keyPEM, err := certutil.ConvertECPrivateKeyToPEM(key) + keyPEM, err := xcert.ConvertECPrivateKeyToPEM(key) if err != nil { return nil, err } @@ -75,7 +75,7 @@ func (u acmeUser) GetRegistration() *registration.Resource { } func (u *acmeUser) GetPrivateKey() crypto.PrivateKey { - rs, _ := certutil.ParseECPrivateKeyFromPEM(u.privkey) + rs, _ := xcert.ParseECPrivateKeyFromPEM(u.privkey) return rs } @@ -120,7 +120,7 @@ func registerAcmeUser(client *lego.Client, user *acmeUser, userRegisterOptions m case caGoogleTrustServices: { access := domain.AccessConfigForGoogleTrustServices{} - if err := maputil.Populate(userRegisterOptions, &access); err != nil { + if err := xmaps.Populate(userRegisterOptions, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -134,7 +134,7 @@ func registerAcmeUser(client *lego.Client, user *acmeUser, userRegisterOptions m case caSSLCom: { access := domain.AccessConfigForSSLCom{} - if err := maputil.Populate(userRegisterOptions, &access); err != nil { + if err := xmaps.Populate(userRegisterOptions, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -148,7 +148,7 @@ func registerAcmeUser(client *lego.Client, user *acmeUser, userRegisterOptions m case caZeroSSL: { access := domain.AccessConfigForZeroSSL{} - if err := maputil.Populate(userRegisterOptions, &access); err != nil { + if err := xmaps.Populate(userRegisterOptions, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -162,7 +162,7 @@ func registerAcmeUser(client *lego.Client, user *acmeUser, userRegisterOptions m case caCustom: { access := domain.AccessConfigForACMECA{} - if err := maputil.Populate(userRegisterOptions, &access); err != nil { + if err := xmaps.Populate(userRegisterOptions, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } diff --git a/internal/applicant/applicant.go b/internal/applicant/applicant.go index d361cf83..6040b902 100644 --- a/internal/applicant/applicant.go +++ b/internal/applicant/applicant.go @@ -19,10 +19,10 @@ import ( "golang.org/x/exp/slices" "golang.org/x/time/rate" - "github.com/usual2970/certimate/internal/domain" - maputil "github.com/usual2970/certimate/internal/pkg/utils/map" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" + xmaps "github.com/certimate-go/certimate/pkg/utils/maps" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) type ApplyResult struct { @@ -55,7 +55,7 @@ func NewWithWorkflowNode(config ApplicantWithWorkflowNodeConfig) (Applicant, err nodeCfg := config.Node.GetConfigForApply() options := &applicantProviderOptions{ - Domains: sliceutil.Filter(strings.Split(nodeCfg.Domains, ";"), func(s string) bool { return s != "" }), + Domains: xslices.Filter(strings.Split(nodeCfg.Domains, ";"), func(s string) bool { return s != "" }), ContactEmail: nodeCfg.ContactEmail, Provider: domain.ACMEDns01ProviderType(nodeCfg.Provider), ProviderAccessConfig: make(map[string]any), @@ -64,7 +64,7 @@ func NewWithWorkflowNode(config ApplicantWithWorkflowNodeConfig) (Applicant, err CAProviderAccessConfig: make(map[string]any), CAProviderServiceConfig: nodeCfg.CAProviderConfig, KeyAlgorithm: nodeCfg.KeyAlgorithm, - Nameservers: sliceutil.Filter(strings.Split(nodeCfg.Nameservers, ";"), func(s string) bool { return s != "" }), + Nameservers: xslices.Filter(strings.Split(nodeCfg.Nameservers, ";"), func(s string) bool { return s != "" }), DnsPropagationWait: nodeCfg.DnsPropagationWait, DnsPropagationTimeout: nodeCfg.DnsPropagationTimeout, DnsTTL: nodeCfg.DnsTTL, @@ -189,7 +189,7 @@ func applyUseLego(legoProvider challenge.Provider, options *applicantProviderOpt } case caCustom: - caDirURL := maputil.GetString(options.CAProviderAccessConfig, "endpoint") + caDirURL := xmaps.GetString(options.CAProviderAccessConfig, "endpoint") if caDirURL != "" { config.CADirURL = caDirURL } else { diff --git a/internal/applicant/providers.go b/internal/applicant/providers.go index fbf24742..1d5177bf 100644 --- a/internal/applicant/providers.go +++ b/internal/applicant/providers.go @@ -5,45 +5,46 @@ import ( "github.com/go-acme/lego/v4/challenge" - "github.com/usual2970/certimate/internal/domain" - pACMEHttpReq "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/acmehttpreq" - pAliyun "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun" - pAliyunESA "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun-esa" - pAWSRoute53 "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/aws-route53" - pAzureDNS "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/azure-dns" - pBaiduCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud" - pBunny "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/bunny" - pCloudflare "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudflare" - pClouDNS "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudns" - pCMCCCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud" - pConstellix "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/constellix" - pDeSEC "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/desec" - pDigitalOcean "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/digitalocean" - pDNSLA "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla" - pDuckDNS "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/duckdns" - pDynv6 "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/dynv6" - pGcore "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/gcore" - pGname "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname" - pGoDaddy "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/godaddy" - pHetzner "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/hetzner" - pHuaweiCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/huaweicloud" - pJDCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/jdcloud" - pNamecheap "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/namecheap" - pNameDotCom "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/namedotcom" - pNameSilo "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/namesilo" - pNetcup "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/netcup" - pNetlify "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/netlify" - pNS1 "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/ns1" - pPorkbun "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/porkbun" - pPowerDNS "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/powerdns" - pRainYun "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/rainyun" - pTencentCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud" - pTencentCloudEO "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud-eo" - pUCloudUDNR "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr" - pVercel "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/vercel" - pVolcEngine "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/volcengine" - pWestcn "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/westcn" - maputil "github.com/usual2970/certimate/internal/pkg/utils/map" + "github.com/certimate-go/certimate/internal/domain" + pACMEHttpReq "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/acmehttpreq" + pAliyun "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/aliyun" + pAliyunESA "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa" + pAWSRoute53 "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/aws-route53" + pAzureDNS "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/azure-dns" + pBaiduCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/baiducloud" + pBunny "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/bunny" + pCloudflare "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/cloudflare" + pClouDNS "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/cloudns" + pCMCCCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/cmcccloud" + pConstellix "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/constellix" + pCTCCCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud" + pDeSEC "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/desec" + pDigitalOcean "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/digitalocean" + pDNSLA "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/dnsla" + pDuckDNS "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/duckdns" + pDynv6 "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/dynv6" + pGcore "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/gcore" + pGname "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/gname" + pGoDaddy "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/godaddy" + pHetzner "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/hetzner" + pHuaweiCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/huaweicloud" + pJDCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/jdcloud" + pNamecheap "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/namecheap" + pNameDotCom "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/namedotcom" + pNameSilo "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/namesilo" + pNetcup "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/netcup" + pNetlify "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/netlify" + pNS1 "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/ns1" + pPorkbun "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/porkbun" + pPowerDNS "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/powerdns" + pRainYun "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/rainyun" + pTencentCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud" + pTencentCloudEO "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud-eo" + pUCloudUDNR "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr" + pVercel "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/vercel" + pVolcEngine "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/volcengine" + pWestcn "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/westcn" + xmaps "github.com/certimate-go/certimate/pkg/utils/maps" ) type applicantProviderOptions struct { @@ -75,7 +76,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeACMEHttpReq: { access := domain.AccessConfigForACMEHttpReq{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -92,7 +93,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeAliyun, domain.ACMEDns01ProviderTypeAliyunDNS, domain.ACMEDns01ProviderTypeAliyunESA: { access := domain.AccessConfigForAliyun{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -110,7 +111,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi applicant, err := pAliyunESA.NewChallengeProvider(&pAliyunESA.ChallengeProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), DnsPropagationTimeout: options.DnsPropagationTimeout, DnsTTL: options.DnsTTL, }) @@ -124,15 +125,15 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeAWS, domain.ACMEDns01ProviderTypeAWSRoute53: { access := domain.AccessConfigForAWS{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } applicant, err := pAWSRoute53.NewChallengeProvider(&pAWSRoute53.ChallengeProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - HostedZoneId: maputil.GetString(options.ProviderServiceConfig, "hostedZoneId"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + HostedZoneId: xmaps.GetString(options.ProviderServiceConfig, "hostedZoneId"), DnsPropagationTimeout: options.DnsPropagationTimeout, DnsTTL: options.DnsTTL, }) @@ -142,7 +143,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeAzure, domain.ACMEDns01ProviderTypeAzureDNS: { access := domain.AccessConfigForAzure{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -160,7 +161,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeBaiduCloud, domain.ACMEDns01ProviderTypeBaiduCloudDNS: { access := domain.AccessConfigForBaiduCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -176,7 +177,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeBunny: { access := domain.AccessConfigForBunny{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -191,7 +192,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeCloudflare: { access := domain.AccessConfigForCloudflare{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -207,7 +208,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeClouDNS: { access := domain.AccessConfigForClouDNS{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -220,10 +221,10 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi return applicant, err } - case domain.ACMEDns01ProviderTypeCMCCCloud: + case domain.ACMEDns01ProviderTypeCMCCCloud, domain.ACMEDns01ProviderTypeCMCCCloudDNS: { access := domain.AccessConfigForCMCCCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -239,7 +240,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeConstellix: { access := domain.AccessConfigForConstellix{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -252,10 +253,26 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi return applicant, err } + case domain.ACMEDns01ProviderTypeCTCCCloud, domain.ACMEDns01ProviderTypeCTCCCloudSmartDNS: + { + access := domain.AccessConfigForCTCCCloud{} + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { + return nil, fmt.Errorf("failed to populate provider access config: %w", err) + } + + applicant, err := pCTCCCloud.NewChallengeProvider(&pCTCCCloud.ChallengeProviderConfig{ + AccessKeyId: access.AccessKeyId, + SecretAccessKey: access.SecretAccessKey, + DnsPropagationTimeout: options.DnsPropagationTimeout, + DnsTTL: options.DnsTTL, + }) + return applicant, err + } + case domain.ACMEDns01ProviderTypeDeSEC: { access := domain.AccessConfigForDeSEC{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -270,7 +287,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeDigitalOcean: { access := domain.AccessConfigForDigitalOcean{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -285,7 +302,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeDNSLA: { access := domain.AccessConfigForDNSLA{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -301,7 +318,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeDuckDNS: { access := domain.AccessConfigForDuckDNS{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -315,7 +332,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeDynv6: { access := domain.AccessConfigForDynv6{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -330,7 +347,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeGcore: { access := domain.AccessConfigForGcore{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -345,7 +362,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeGname: { access := domain.AccessConfigForGname{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -361,7 +378,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeGoDaddy: { access := domain.AccessConfigForGoDaddy{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -377,7 +394,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeHetzner: { access := domain.AccessConfigForHetzner{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -392,14 +409,14 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeHuaweiCloud, domain.ACMEDns01ProviderTypeHuaweiCloudDNS: { access := domain.AccessConfigForHuaweiCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } applicant, err := pHuaweiCloud.NewChallengeProvider(&pHuaweiCloud.ChallengeProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), DnsPropagationTimeout: options.DnsPropagationTimeout, DnsTTL: options.DnsTTL, }) @@ -409,14 +426,14 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeJDCloud, domain.ACMEDns01ProviderTypeJDCloudDNS: { access := domain.AccessConfigForJDCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } applicant, err := pJDCloud.NewChallengeProvider(&pJDCloud.ChallengeProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - RegionId: maputil.GetString(options.ProviderServiceConfig, "regionId"), + RegionId: xmaps.GetString(options.ProviderServiceConfig, "regionId"), DnsPropagationTimeout: options.DnsPropagationTimeout, DnsTTL: options.DnsTTL, }) @@ -426,7 +443,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeNamecheap: { access := domain.AccessConfigForNamecheap{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -442,7 +459,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeNameDotCom: { access := domain.AccessConfigForNameDotCom{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -458,7 +475,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeNameSilo: { access := domain.AccessConfigForNameSilo{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -473,7 +490,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeNetcup: { access := domain.AccessConfigForNetcup{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -490,7 +507,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeNetlify: { access := domain.AccessConfigForNetlify{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -505,7 +522,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeNS1: { access := domain.AccessConfigForNS1{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -520,7 +537,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypePorkbun: { access := domain.AccessConfigForPorkbun{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -536,7 +553,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypePowerDNS: { access := domain.AccessConfigForPowerDNS{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -553,7 +570,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeRainYun: { access := domain.AccessConfigForRainYun{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -568,7 +585,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeTencentCloud, domain.ACMEDns01ProviderTypeTencentCloudDNS, domain.ACMEDns01ProviderTypeTencentCloudEO: { access := domain.AccessConfigForTencentCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -586,7 +603,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi applicant, err := pTencentCloudEO.NewChallengeProvider(&pTencentCloudEO.ChallengeProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - ZoneId: maputil.GetString(options.ProviderServiceConfig, "zoneId"), + ZoneId: xmaps.GetString(options.ProviderServiceConfig, "zoneId"), DnsPropagationTimeout: options.DnsPropagationTimeout, DnsTTL: options.DnsTTL, }) @@ -600,7 +617,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeUCloudUDNR: { access := domain.AccessConfigForUCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -616,7 +633,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeVercel: { access := domain.AccessConfigForVercel{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -632,7 +649,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeVolcEngine, domain.ACMEDns01ProviderTypeVolcEngineDNS: { access := domain.AccessConfigForVolcEngine{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -648,7 +665,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi case domain.ACMEDns01ProviderTypeWestcn: { access := domain.AccessConfigForWestcn{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } diff --git a/internal/certificate/service.go b/internal/certificate/service.go index ffb30d0f..5cea386d 100644 --- a/internal/certificate/service.go +++ b/internal/certificate/service.go @@ -13,12 +13,12 @@ import ( "github.com/go-acme/lego/v4/certcrypto" "github.com/pocketbase/dbx" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/domain/dtos" - "github.com/usual2970/certimate/internal/notify" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain/dtos" + "github.com/certimate-go/certimate/internal/notify" + "github.com/certimate-go/certimate/internal/repository" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) const ( @@ -145,7 +145,7 @@ func (s *CertificateService) ArchiveFile(ctx context.Context, req *dtos.Certific { const pfxPassword = "certimate" - certPFX, err := certutil.TransformCertificateFromPEMToPFX(certificate.Certificate, certificate.PrivateKey, pfxPassword) + certPFX, err := xcert.TransformCertificateFromPEMToPFX(certificate.Certificate, certificate.PrivateKey, pfxPassword) if err != nil { return nil, err } @@ -183,7 +183,7 @@ func (s *CertificateService) ArchiveFile(ctx context.Context, req *dtos.Certific { const jksPassword = "certimate" - certJKS, err := certutil.TransformCertificateFromPEMToJKS(certificate.Certificate, certificate.PrivateKey, jksPassword, jksPassword, jksPassword) + certJKS, err := xcert.TransformCertificateFromPEMToJKS(certificate.Certificate, certificate.PrivateKey, jksPassword, jksPassword, jksPassword) if err != nil { return nil, err } @@ -223,7 +223,7 @@ func (s *CertificateService) ArchiveFile(ctx context.Context, req *dtos.Certific } func (s *CertificateService) ValidateCertificate(ctx context.Context, req *dtos.CertificateValidateCertificateReq) (*dtos.CertificateValidateCertificateResp, error) { - certX509, err := certutil.ParseCertificateFromPEM(req.Certificate) + certX509, err := xcert.ParseCertificateFromPEM(req.Certificate) if err != nil { return nil, err } else if time.Now().After(certX509.NotAfter) { diff --git a/internal/deployer/deployer.go b/internal/deployer/deployer.go index c73120ba..be98eee2 100644 --- a/internal/deployer/deployer.go +++ b/internal/deployer/deployer.go @@ -5,9 +5,9 @@ import ( "fmt" "log/slog" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" + "github.com/certimate-go/certimate/pkg/core" ) type Deployer interface { @@ -46,20 +46,22 @@ func NewWithWorkflowNode(config DeployerWithWorkflowNodeConfig) (Deployer, error } } - deployerProvider, err := createDeployerProvider(options) + deployer, err := createSSLDeployerProvider(options) if err != nil { return nil, err + } else { + deployer.SetLogger(config.Logger) } return &deployerImpl{ - provider: deployerProvider.WithLogger(config.Logger), + provider: deployer, certPEM: config.CertificatePEM, privkeyPEM: config.PrivateKeyPEM, }, nil } type deployerImpl struct { - provider deployer.Deployer + provider core.SSLDeployer certPEM string privkeyPEM string } diff --git a/internal/deployer/providers.go b/internal/deployer/providers.go index 06239710..19362290 100644 --- a/internal/deployer/providers.go +++ b/internal/deployer/providers.go @@ -5,98 +5,106 @@ import ( "net/http" "strings" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - p1PanelConsole "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/1panel-console" - p1PanelSite "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/1panel-site" - pAliyunALB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-alb" - pAliyunAPIGW "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-apigw" - pAliyunCAS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-cas" - pAliyunCASDeploy "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-cas-deploy" - pAliyunCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-cdn" - pAliyunCLB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-clb" - pAliyunDCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-dcdn" - pAliyunDDoS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-ddos" - pAliyunESA "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-esa" - pAliyunFC "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-fc" - pAliyunGA "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-ga" - pAliyunLive "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-live" - pAliyunNLB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-nlb" - pAliyunOSS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-oss" - pAliyunVOD "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-vod" - pAliyunWAF "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-waf" - pAWSACM "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aws-acm" - pAWSCloudFront "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aws-cloudfront" - pAWSIAM "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aws-iam" - pAzureKeyVault "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/azure-keyvault" - pBaiduCloudAppBLB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baiducloud-appblb" - pBaiduCloudBLB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baiducloud-blb" - pBaiduCloudCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baiducloud-cdn" - pBaiduCloudCert "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baiducloud-cert" - pBaishanCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baishan-cdn" - pBaotaPanelConsole "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotapanel-console" - pBaotaPanelSite "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotapanel-site" - pBaotaWAFConsole "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotawaf-console" - pBaotaWAFSite "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotawaf-site" - pBunnyCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/bunny-cdn" - pBytePlusCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/byteplus-cdn" - pCacheFly "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/cachefly" - pCdnfly "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/cdnfly" - pDogeCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/dogecloud-cdn" - pEdgioApplications "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/edgio-applications" - pFlexCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/flexcdn" - pGcoreCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/gcore-cdn" - pGoEdge "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/goedge" - pHuaweiCloudCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/huaweicloud-cdn" - pHuaweiCloudELB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/huaweicloud-elb" - pHuaweiCloudSCM "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/huaweicloud-scm" - pHuaweiCloudWAF "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/huaweicloud-waf" - pJDCloudALB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/jdcloud-alb" - pJDCloudCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/jdcloud-cdn" - pJDCloudLive "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/jdcloud-live" - pJDCloudVOD "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/jdcloud-vod" - pK8sSecret "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/k8s-secret" - pLeCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/lecdn" - pLocal "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/local" - pNetlifySite "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/netlify-site" - pProxmoxVE "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/proxmoxve" - pQiniuCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/qiniu-cdn" - pQiniuPili "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/qiniu-pili" - pRainYunRCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/rainyun-rcdn" - pRatPanelConsole "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ratpanel-console" - pRatPanelSite "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ratpanel-site" - pSafeLine "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/safeline" - pSSH "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ssh" - pTencentCloudCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-cdn" - pTencentCloudCLB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-clb" - pTencentCloudCOS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-cos" - pTencentCloudCSS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-css" - pTencentCloudECDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-ecdn" - pTencentCloudEO "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-eo" - pTencentCloudSCF "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-scf" - pTencentCloudSSL "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-ssl" - pTencentCloudSSLDeploy "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-ssl-deploy" - pTencentCloudVOD "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-vod" - pTencentCloudWAF "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-waf" - pUCloudUCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ucloud-ucdn" - pUCloudUS3 "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ucloud-us3" - pUniCloudWebHost "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/unicloud-webhost" - pUpyunCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/upyun-cdn" - pVolcEngineALB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-alb" - pVolcEngineCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-cdn" - pVolcEngineCertCenter "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-certcenter" - pVolcEngineCLB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-clb" - pVolcEngineDCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-dcdn" - pVolcEngineImageX "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-imagex" - pVolcEngineLive "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-live" - pVolcEngineTOS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-tos" - pWangsuCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/wangsu-cdn" - pWangsuCDNPro "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/wangsu-cdnpro" - pWangsuCertificate "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/wangsu-certificate" - pWebhook "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/webhook" - httputil "github.com/usual2970/certimate/internal/pkg/utils/http" - maputil "github.com/usual2970/certimate/internal/pkg/utils/map" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/pkg/core" + p1PanelConsole "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/1panel-console" + p1PanelSite "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/1panel-site" + pAliyunALB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-alb" + pAliyunAPIGW "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-apigw" + pAliyunCAS "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-cas" + pAliyunCASDeploy "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-cas-deploy" + pAliyunCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-cdn" + pAliyunCLB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-clb" + pAliyunDCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-dcdn" + pAliyunDDoS "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-ddos" + pAliyunESA "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-esa" + pAliyunFC "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-fc" + pAliyunGA "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-ga" + pAliyunLive "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-live" + pAliyunNLB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-nlb" + pAliyunOSS "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-oss" + pAliyunVOD "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-vod" + pAliyunWAF "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-waf" + pAPISIX "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/apisix" + pAWSACM "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aws-acm" + pAWSCloudFront "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aws-cloudfront" + pAWSIAM "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aws-iam" + pAzureKeyVault "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/azure-keyvault" + pBaiduCloudAppBLB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baiducloud-appblb" + pBaiduCloudBLB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baiducloud-blb" + pBaiduCloudCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baiducloud-cdn" + pBaiduCloudCert "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baiducloud-cert" + pBaishanCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baishan-cdn" + pBaotaPanelConsole "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baotapanel-console" + pBaotaPanelSite "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baotapanel-site" + pBaotaWAFConsole "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baotawaf-console" + pBaotaWAFSite "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baotawaf-site" + pBunnyCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/bunny-cdn" + pBytePlusCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/byteplus-cdn" + pCacheFly "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/cachefly" + pCdnfly "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/cdnfly" + pCTCCCloudAO "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-ao" + pCTCCCloudCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-cdn" + pCTCCCloudCMS "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-cms" + pCTCCCloudELB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-elb" + pCTCCCloudICDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-icdn" + pCTCCCloudLVDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-lvdn" + pDogeCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/dogecloud-cdn" + pEdgioApplications "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/edgio-applications" + pFlexCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/flexcdn" + pGcoreCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/gcore-cdn" + pGoEdge "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/goedge" + pHuaweiCloudCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/huaweicloud-cdn" + pHuaweiCloudELB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/huaweicloud-elb" + pHuaweiCloudSCM "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/huaweicloud-scm" + pHuaweiCloudWAF "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/huaweicloud-waf" + pJDCloudALB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/jdcloud-alb" + pJDCloudCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/jdcloud-cdn" + pJDCloudLive "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/jdcloud-live" + pJDCloudVOD "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/jdcloud-vod" + pK8sSecret "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/k8s-secret" + pLeCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/lecdn" + pLocal "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/local" + pNetlifySite "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/netlify-site" + pProxmoxVE "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/proxmoxve" + pQiniuCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/qiniu-cdn" + pQiniuPili "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/qiniu-pili" + pRainYunRCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/rainyun-rcdn" + pRatPanelConsole "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ratpanel-console" + pRatPanelSite "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ratpanel-site" + pSafeLine "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/safeline" + pSSH "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ssh" + pTencentCloudCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-cdn" + pTencentCloudCLB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-clb" + pTencentCloudCOS "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-cos" + pTencentCloudCSS "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-css" + pTencentCloudECDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-ecdn" + pTencentCloudEO "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-eo" + pTencentCloudGAAP "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-gaap" + pTencentCloudSCF "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-scf" + pTencentCloudSSL "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-ssl" + pTencentCloudSSLDeploy "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-ssl-deploy" + pTencentCloudVOD "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-vod" + pTencentCloudWAF "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-waf" + pUCloudUCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ucloud-ucdn" + pUCloudUS3 "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ucloud-us3" + pUniCloudWebHost "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/unicloud-webhost" + pUpyunCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/upyun-cdn" + pVolcEngineALB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-alb" + pVolcEngineCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-cdn" + pVolcEngineCertCenter "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-certcenter" + pVolcEngineCLB "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-clb" + pVolcEngineDCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-dcdn" + pVolcEngineImageX "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-imagex" + pVolcEngineLive "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-live" + pVolcEngineTOS "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-tos" + pWangsuCDN "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/wangsu-cdn" + pWangsuCDNPro "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/wangsu-cdnpro" + pWangsuCertificate "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/wangsu-certificate" + pWebhook "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/webhook" + xhttp "github.com/certimate-go/certimate/pkg/utils/http" + xmaps "github.com/certimate-go/certimate/pkg/utils/maps" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) type deployerProviderOptions struct { @@ -105,7 +113,7 @@ type deployerProviderOptions struct { ProviderServiceConfig map[string]any } -func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer, error) { +func createSSLDeployerProvider(options *deployerProviderOptions) (core.SSLDeployer, error) { /* 注意:如果追加新的常量值,请保持以 ASCII 排序。 NOTICE: If you add new constant, please keep ASCII order. @@ -114,30 +122,30 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderType1PanelConsole, domain.DeploymentProviderType1PanelSite: { access := domain.AccessConfigFor1Panel{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderType1PanelConsole: - deployer, err := p1PanelConsole.NewDeployer(&p1PanelConsole.DeployerConfig{ + deployer, err := p1PanelConsole.NewSSLDeployerProvider(&p1PanelConsole.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiVersion: access.ApiVersion, ApiKey: access.ApiKey, AllowInsecureConnections: access.AllowInsecureConnections, - AutoRestart: maputil.GetBool(options.ProviderServiceConfig, "autoRestart"), + AutoRestart: xmaps.GetBool(options.ProviderServiceConfig, "autoRestart"), }) return deployer, err case domain.DeploymentProviderType1PanelSite: - deployer, err := p1PanelSite.NewDeployer(&p1PanelSite.DeployerConfig{ + deployer, err := p1PanelSite.NewSSLDeployerProvider(&p1PanelSite.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiVersion: access.ApiVersion, ApiKey: access.ApiKey, AllowInsecureConnections: access.AllowInsecureConnections, - ResourceType: p1PanelSite.ResourceType(maputil.GetOrDefaultString(options.ProviderServiceConfig, "resourceType", string(p1PanelSite.RESOURCE_TYPE_WEBSITE))), - WebsiteId: maputil.GetInt64(options.ProviderServiceConfig, "websiteId"), - CertificateId: maputil.GetInt64(options.ProviderServiceConfig, "certificateId"), + ResourceType: p1PanelSite.ResourceType(xmaps.GetOrDefaultString(options.ProviderServiceConfig, "resourceType", string(p1PanelSite.RESOURCE_TYPE_WEBSITE))), + WebsiteId: xmaps.GetInt64(options.ProviderServiceConfig, "websiteId"), + CertificateId: xmaps.GetInt64(options.ProviderServiceConfig, "certificateId"), }) return deployer, err @@ -149,181 +157,181 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeAliyunALB, domain.DeploymentProviderTypeAliyunAPIGW, domain.DeploymentProviderTypeAliyunCAS, domain.DeploymentProviderTypeAliyunCASDeploy, domain.DeploymentProviderTypeAliyunCDN, domain.DeploymentProviderTypeAliyunCLB, domain.DeploymentProviderTypeAliyunDCDN, domain.DeploymentProviderTypeAliyunDDoS, domain.DeploymentProviderTypeAliyunESA, domain.DeploymentProviderTypeAliyunFC, domain.DeploymentProviderTypeAliyunGA, domain.DeploymentProviderTypeAliyunLive, domain.DeploymentProviderTypeAliyunNLB, domain.DeploymentProviderTypeAliyunOSS, domain.DeploymentProviderTypeAliyunVOD, domain.DeploymentProviderTypeAliyunWAF: { access := domain.AccessConfigForAliyun{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeAliyunALB: - deployer, err := pAliyunALB.NewDeployer(&pAliyunALB.DeployerConfig{ + deployer, err := pAliyunALB.NewSSLDeployerProvider(&pAliyunALB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pAliyunALB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pAliyunALB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunAPIGW: - deployer, err := pAliyunAPIGW.NewDeployer(&pAliyunAPIGW.DeployerConfig{ + deployer, err := pAliyunAPIGW.NewSSLDeployerProvider(&pAliyunAPIGW.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ServiceType: pAliyunAPIGW.ServiceType(maputil.GetString(options.ProviderServiceConfig, "serviceType")), - GatewayId: maputil.GetString(options.ProviderServiceConfig, "gatewayId"), - GroupId: maputil.GetString(options.ProviderServiceConfig, "groupId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ServiceType: pAliyunAPIGW.ServiceType(xmaps.GetString(options.ProviderServiceConfig, "serviceType")), + GatewayId: xmaps.GetString(options.ProviderServiceConfig, "gatewayId"), + GroupId: xmaps.GetString(options.ProviderServiceConfig, "groupId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunCAS: - deployer, err := pAliyunCAS.NewDeployer(&pAliyunCAS.DeployerConfig{ + deployer, err := pAliyunCAS.NewSSLDeployerProvider(&pAliyunCAS.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), }) return deployer, err case domain.DeploymentProviderTypeAliyunCASDeploy: - deployer, err := pAliyunCASDeploy.NewDeployer(&pAliyunCASDeploy.DeployerConfig{ + deployer, err := pAliyunCASDeploy.NewSSLDeployerProvider(&pAliyunCASDeploy.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceIds: sliceutil.Filter(strings.Split(maputil.GetString(options.ProviderServiceConfig, "resourceIds"), ";"), func(s string) bool { return s != "" }), - ContactIds: sliceutil.Filter(strings.Split(maputil.GetString(options.ProviderServiceConfig, "contactIds"), ";"), func(s string) bool { return s != "" }), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceIds: xslices.Filter(strings.Split(xmaps.GetString(options.ProviderServiceConfig, "resourceIds"), ";"), func(s string) bool { return s != "" }), + ContactIds: xslices.Filter(strings.Split(xmaps.GetString(options.ProviderServiceConfig, "contactIds"), ";"), func(s string) bool { return s != "" }), }) return deployer, err case domain.DeploymentProviderTypeAliyunCDN: - deployer, err := pAliyunCDN.NewDeployer(&pAliyunCDN.DeployerConfig{ + deployer, err := pAliyunCDN.NewSSLDeployerProvider(&pAliyunCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunCLB: - deployer, err := pAliyunCLB.NewDeployer(&pAliyunCLB.DeployerConfig{ + deployer, err := pAliyunCLB.NewSSLDeployerProvider(&pAliyunCLB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pAliyunCLB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerPort: maputil.GetOrDefaultInt32(options.ProviderServiceConfig, "listenerPort", 443), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pAliyunCLB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerPort: xmaps.GetOrDefaultInt32(options.ProviderServiceConfig, "listenerPort", 443), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunDCDN: - deployer, err := pAliyunDCDN.NewDeployer(&pAliyunDCDN.DeployerConfig{ + deployer, err := pAliyunDCDN.NewSSLDeployerProvider(&pAliyunDCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunDDoS: - deployer, err := pAliyunDDoS.NewDeployer(&pAliyunDDoS.DeployerConfig{ + deployer, err := pAliyunDDoS.NewSSLDeployerProvider(&pAliyunDDoS.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunESA: - deployer, err := pAliyunESA.NewDeployer(&pAliyunESA.DeployerConfig{ + deployer, err := pAliyunESA.NewSSLDeployerProvider(&pAliyunESA.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - SiteId: maputil.GetInt64(options.ProviderServiceConfig, "siteId"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + SiteId: xmaps.GetInt64(options.ProviderServiceConfig, "siteId"), }) return deployer, err case domain.DeploymentProviderTypeAliyunFC: - deployer, err := pAliyunFC.NewDeployer(&pAliyunFC.DeployerConfig{ + deployer, err := pAliyunFC.NewSSLDeployerProvider(&pAliyunFC.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ServiceVersion: maputil.GetOrDefaultString(options.ProviderServiceConfig, "serviceVersion", "3.0"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ServiceVersion: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "serviceVersion", "3.0"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunGA: - deployer, err := pAliyunGA.NewDeployer(&pAliyunGA.DeployerConfig{ + deployer, err := pAliyunGA.NewSSLDeployerProvider(&pAliyunGA.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - ResourceType: pAliyunGA.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - AcceleratorId: maputil.GetString(options.ProviderServiceConfig, "acceleratorId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + ResourceType: pAliyunGA.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + AcceleratorId: xmaps.GetString(options.ProviderServiceConfig, "acceleratorId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunLive: - deployer, err := pAliyunLive.NewDeployer(&pAliyunLive.DeployerConfig{ + deployer, err := pAliyunLive.NewSSLDeployerProvider(&pAliyunLive.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunNLB: - deployer, err := pAliyunNLB.NewDeployer(&pAliyunNLB.DeployerConfig{ + deployer, err := pAliyunNLB.NewSSLDeployerProvider(&pAliyunNLB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pAliyunNLB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pAliyunNLB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), }) return deployer, err case domain.DeploymentProviderTypeAliyunOSS: - deployer, err := pAliyunOSS.NewDeployer(&pAliyunOSS.DeployerConfig{ + deployer, err := pAliyunOSS.NewSSLDeployerProvider(&pAliyunOSS.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Bucket: maputil.GetString(options.ProviderServiceConfig, "bucket"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Bucket: xmaps.GetString(options.ProviderServiceConfig, "bucket"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunVOD: - deployer, err := pAliyunVOD.NewDeployer(&pAliyunVOD.DeployerConfig{ + deployer, err := pAliyunVOD.NewSSLDeployerProvider(&pAliyunVOD.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeAliyunWAF: - deployer, err := pAliyunWAF.NewDeployer(&pAliyunWAF.DeployerConfig{ + deployer, err := pAliyunWAF.NewSSLDeployerProvider(&pAliyunWAF.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ResourceGroupId: access.ResourceGroupId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ServiceVersion: maputil.GetOrDefaultString(options.ProviderServiceConfig, "serviceVersion", "3.0"), - InstanceId: maputil.GetString(options.ProviderServiceConfig, "instanceId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ServiceVersion: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "serviceVersion", "3.0"), + InstanceId: xmaps.GetString(options.ProviderServiceConfig, "instanceId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -332,39 +340,56 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer } } + case domain.DeploymentProviderTypeAPISIX: + { + access := domain.AccessConfigForAPISIX{} + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { + return nil, fmt.Errorf("failed to populate provider access config: %w", err) + } + + deployer, err := pAPISIX.NewSSLDeployerProvider(&pAPISIX.SSLDeployerProviderConfig{ + ServerUrl: access.ServerUrl, + ApiKey: access.ApiKey, + AllowInsecureConnections: access.AllowInsecureConnections, + ResourceType: pAPISIX.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + CertificateId: xmaps.GetString(options.ProviderServiceConfig, "certificateId"), + }) + return deployer, err + } + case domain.DeploymentProviderTypeAWSACM, domain.DeploymentProviderTypeAWSCloudFront, domain.DeploymentProviderTypeAWSIAM: { access := domain.AccessConfigForAWS{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeAWSACM: - deployer, err := pAWSACM.NewDeployer(&pAWSACM.DeployerConfig{ + deployer, err := pAWSACM.NewSSLDeployerProvider(&pAWSACM.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - CertificateArn: maputil.GetString(options.ProviderServiceConfig, "certificateArn"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + CertificateArn: xmaps.GetString(options.ProviderServiceConfig, "certificateArn"), }) return deployer, err case domain.DeploymentProviderTypeAWSCloudFront: - deployer, err := pAWSCloudFront.NewDeployer(&pAWSCloudFront.DeployerConfig{ + deployer, err := pAWSCloudFront.NewSSLDeployerProvider(&pAWSCloudFront.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - DistributionId: maputil.GetString(options.ProviderServiceConfig, "distributionId"), - CertificateSource: maputil.GetOrDefaultString(options.ProviderServiceConfig, "certificateSource", "ACM"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + DistributionId: xmaps.GetString(options.ProviderServiceConfig, "distributionId"), + CertificateSource: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "certificateSource", "ACM"), }) return deployer, err case domain.DeploymentProviderTypeAWSIAM: - deployer, err := pAWSIAM.NewDeployer(&pAWSIAM.DeployerConfig{ + deployer, err := pAWSIAM.NewSSLDeployerProvider(&pAWSIAM.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - CertificatePath: maputil.GetOrDefaultString(options.ProviderServiceConfig, "certificatePath", "/"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + CertificatePath: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "certificatePath", "/"), }) return deployer, err @@ -376,19 +401,19 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeAzureKeyVault: { access := domain.AccessConfigForAzure{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeAzureKeyVault: - deployer, err := pAzureKeyVault.NewDeployer(&pAzureKeyVault.DeployerConfig{ + deployer, err := pAzureKeyVault.NewSSLDeployerProvider(&pAzureKeyVault.SSLDeployerProviderConfig{ TenantId: access.TenantId, ClientId: access.ClientId, ClientSecret: access.ClientSecret, CloudName: access.CloudName, - KeyVaultName: maputil.GetString(options.ProviderServiceConfig, "keyvaultName"), - CertificateName: maputil.GetString(options.ProviderServiceConfig, "certificateName"), + KeyVaultName: xmaps.GetString(options.ProviderServiceConfig, "keyvaultName"), + CertificateName: xmaps.GetString(options.ProviderServiceConfig, "certificateName"), }) return deployer, err @@ -400,45 +425,45 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeBaiduCloudAppBLB, domain.DeploymentProviderTypeBaiduCloudBLB, domain.DeploymentProviderTypeBaiduCloudCDN, domain.DeploymentProviderTypeBaiduCloudCert: { access := domain.AccessConfigForBaiduCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeBaiduCloudAppBLB: - deployer, err := pBaiduCloudAppBLB.NewDeployer(&pBaiduCloudAppBLB.DeployerConfig{ + deployer, err := pBaiduCloudAppBLB.NewSSLDeployerProvider(&pBaiduCloudAppBLB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pBaiduCloudAppBLB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerPort: maputil.GetInt32(options.ProviderServiceConfig, "listenerPort"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pBaiduCloudAppBLB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerPort: xmaps.GetInt32(options.ProviderServiceConfig, "listenerPort"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeBaiduCloudBLB: - deployer, err := pBaiduCloudBLB.NewDeployer(&pBaiduCloudBLB.DeployerConfig{ + deployer, err := pBaiduCloudBLB.NewSSLDeployerProvider(&pBaiduCloudBLB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pBaiduCloudBLB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerPort: maputil.GetInt32(options.ProviderServiceConfig, "listenerPort"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pBaiduCloudBLB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerPort: xmaps.GetInt32(options.ProviderServiceConfig, "listenerPort"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeBaiduCloudCDN: - deployer, err := pBaiduCloudCDN.NewDeployer(&pBaiduCloudCDN.DeployerConfig{ + deployer, err := pBaiduCloudCDN.NewSSLDeployerProvider(&pBaiduCloudCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeBaiduCloudCert: - deployer, err := pBaiduCloudCert.NewDeployer(&pBaiduCloudCert.DeployerConfig{ + deployer, err := pBaiduCloudCert.NewSSLDeployerProvider(&pBaiduCloudCert.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, }) @@ -452,16 +477,16 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeBaishanCDN: { access := domain.AccessConfigForBaishan{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeBaishanCDN: - deployer, err := pBaishanCDN.NewDeployer(&pBaishanCDN.DeployerConfig{ + deployer, err := pBaishanCDN.NewSSLDeployerProvider(&pBaishanCDN.SSLDeployerProviderConfig{ ApiToken: access.ApiToken, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), - CertificateId: maputil.GetString(options.ProviderServiceConfig, "certificateId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), + CertificateId: xmaps.GetString(options.ProviderServiceConfig, "certificateId"), }) return deployer, err @@ -473,28 +498,28 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeBaotaPanelConsole, domain.DeploymentProviderTypeBaotaPanelSite: { access := domain.AccessConfigForBaotaPanel{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeBaotaPanelConsole: - deployer, err := pBaotaPanelConsole.NewDeployer(&pBaotaPanelConsole.DeployerConfig{ + deployer, err := pBaotaPanelConsole.NewSSLDeployerProvider(&pBaotaPanelConsole.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiKey: access.ApiKey, AllowInsecureConnections: access.AllowInsecureConnections, - AutoRestart: maputil.GetBool(options.ProviderServiceConfig, "autoRestart"), + AutoRestart: xmaps.GetBool(options.ProviderServiceConfig, "autoRestart"), }) return deployer, err case domain.DeploymentProviderTypeBaotaPanelSite: - deployer, err := pBaotaPanelSite.NewDeployer(&pBaotaPanelSite.DeployerConfig{ + deployer, err := pBaotaPanelSite.NewSSLDeployerProvider(&pBaotaPanelSite.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiKey: access.ApiKey, AllowInsecureConnections: access.AllowInsecureConnections, - SiteType: maputil.GetOrDefaultString(options.ProviderServiceConfig, "siteType", "other"), - SiteName: maputil.GetString(options.ProviderServiceConfig, "siteName"), - SiteNames: sliceutil.Filter(strings.Split(maputil.GetString(options.ProviderServiceConfig, "siteNames"), ";"), func(s string) bool { return s != "" }), + SiteType: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "siteType", "other"), + SiteName: xmaps.GetString(options.ProviderServiceConfig, "siteName"), + SiteNames: xslices.Filter(strings.Split(xmaps.GetString(options.ProviderServiceConfig, "siteNames"), ";"), func(s string) bool { return s != "" }), }) return deployer, err @@ -506,13 +531,13 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeBaotaWAFConsole, domain.DeploymentProviderTypeBaotaWAFSite: { access := domain.AccessConfigForBaotaWAF{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeBaotaWAFConsole: - deployer, err := pBaotaWAFConsole.NewDeployer(&pBaotaWAFConsole.DeployerConfig{ + deployer, err := pBaotaWAFConsole.NewSSLDeployerProvider(&pBaotaWAFConsole.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiKey: access.ApiKey, AllowInsecureConnections: access.AllowInsecureConnections, @@ -520,12 +545,12 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer return deployer, err case domain.DeploymentProviderTypeBaotaWAFSite: - deployer, err := pBaotaWAFSite.NewDeployer(&pBaotaWAFSite.DeployerConfig{ + deployer, err := pBaotaWAFSite.NewSSLDeployerProvider(&pBaotaWAFSite.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiKey: access.ApiKey, AllowInsecureConnections: access.AllowInsecureConnections, - SiteName: maputil.GetString(options.ProviderServiceConfig, "siteName"), - SitePort: maputil.GetOrDefaultInt32(options.ProviderServiceConfig, "sitePort", 443), + SiteName: xmaps.GetString(options.ProviderServiceConfig, "siteName"), + SitePort: xmaps.GetOrDefaultInt32(options.ProviderServiceConfig, "sitePort", 443), }) return deployer, err @@ -537,14 +562,14 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeBunnyCDN: { access := domain.AccessConfigForBunny{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pBunnyCDN.NewDeployer(&pBunnyCDN.DeployerConfig{ + deployer, err := pBunnyCDN.NewSSLDeployerProvider(&pBunnyCDN.SSLDeployerProviderConfig{ ApiKey: access.ApiKey, - PullZoneId: maputil.GetString(options.ProviderServiceConfig, "pullZoneId"), - Hostname: maputil.GetString(options.ProviderServiceConfig, "hostname"), + PullZoneId: xmaps.GetString(options.ProviderServiceConfig, "pullZoneId"), + Hostname: xmaps.GetString(options.ProviderServiceConfig, "hostname"), }) return deployer, err } @@ -552,16 +577,16 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeBytePlusCDN: { access := domain.AccessConfigForBytePlus{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeBytePlusCDN: - deployer, err := pBytePlusCDN.NewDeployer(&pBytePlusCDN.DeployerConfig{ + deployer, err := pBytePlusCDN.NewSSLDeployerProvider(&pBytePlusCDN.SSLDeployerProviderConfig{ AccessKey: access.AccessKey, SecretKey: access.SecretKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -573,11 +598,11 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeCacheFly: { access := domain.AccessConfigForCacheFly{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pCacheFly.NewDeployer(&pCacheFly.DeployerConfig{ + deployer, err := pCacheFly.NewSSLDeployerProvider(&pCacheFly.SSLDeployerProviderConfig{ ApiToken: access.ApiToken, }) return deployer, err @@ -586,33 +611,96 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeCdnfly: { access := domain.AccessConfigForCdnfly{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pCdnfly.NewDeployer(&pCdnfly.DeployerConfig{ + deployer, err := pCdnfly.NewSSLDeployerProvider(&pCdnfly.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiKey: access.ApiKey, ApiSecret: access.ApiSecret, AllowInsecureConnections: access.AllowInsecureConnections, - ResourceType: pCdnfly.ResourceType(maputil.GetOrDefaultString(options.ProviderServiceConfig, "resourceType", string(pCdnfly.RESOURCE_TYPE_SITE))), - SiteId: maputil.GetString(options.ProviderServiceConfig, "siteId"), - CertificateId: maputil.GetString(options.ProviderServiceConfig, "certificateId"), + ResourceType: pCdnfly.ResourceType(xmaps.GetOrDefaultString(options.ProviderServiceConfig, "resourceType", string(pCdnfly.RESOURCE_TYPE_SITE))), + SiteId: xmaps.GetString(options.ProviderServiceConfig, "siteId"), + CertificateId: xmaps.GetString(options.ProviderServiceConfig, "certificateId"), }) return deployer, err } + case domain.DeploymentProviderTypeCTCCCloudAO, domain.DeploymentProviderTypeCTCCCloudCDN, domain.DeploymentProviderTypeCTCCCloudCMS, domain.DeploymentProviderTypeCTCCCloudELB, domain.DeploymentProviderTypeCTCCCloudICDN, domain.DeploymentProviderTypeCTCCCloudLVDN: + { + access := domain.AccessConfigForCTCCCloud{} + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { + return nil, fmt.Errorf("failed to populate provider access config: %w", err) + } + + switch options.Provider { + case domain.DeploymentProviderTypeCTCCCloudAO: + deployer, err := pCTCCCloudAO.NewSSLDeployerProvider(&pCTCCCloudAO.SSLDeployerProviderConfig{ + AccessKeyId: access.AccessKeyId, + SecretAccessKey: access.SecretAccessKey, + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), + }) + return deployer, err + + case domain.DeploymentProviderTypeCTCCCloudCDN: + deployer, err := pCTCCCloudCDN.NewSSLDeployerProvider(&pCTCCCloudCDN.SSLDeployerProviderConfig{ + AccessKeyId: access.AccessKeyId, + SecretAccessKey: access.SecretAccessKey, + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), + }) + return deployer, err + + case domain.DeploymentProviderTypeCTCCCloudCMS: + deployer, err := pCTCCCloudCMS.NewSSLDeployerProvider(&pCTCCCloudCMS.SSLDeployerProviderConfig{ + AccessKeyId: access.AccessKeyId, + SecretAccessKey: access.SecretAccessKey, + }) + return deployer, err + + case domain.DeploymentProviderTypeCTCCCloudELB: + deployer, err := pCTCCCloudELB.NewSSLDeployerProvider(&pCTCCCloudELB.SSLDeployerProviderConfig{ + AccessKeyId: access.AccessKeyId, + SecretAccessKey: access.SecretAccessKey, + RegionId: xmaps.GetString(options.ProviderServiceConfig, "regionId"), + ResourceType: pCTCCCloudELB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), + }) + return deployer, err + + case domain.DeploymentProviderTypeCTCCCloudICDN: + deployer, err := pCTCCCloudICDN.NewSSLDeployerProvider(&pCTCCCloudICDN.SSLDeployerProviderConfig{ + AccessKeyId: access.AccessKeyId, + SecretAccessKey: access.SecretAccessKey, + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), + }) + return deployer, err + + case domain.DeploymentProviderTypeCTCCCloudLVDN: + deployer, err := pCTCCCloudLVDN.NewSSLDeployerProvider(&pCTCCCloudLVDN.SSLDeployerProviderConfig{ + AccessKeyId: access.AccessKeyId, + SecretAccessKey: access.SecretAccessKey, + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), + }) + return deployer, err + + default: + break + } + } + case domain.DeploymentProviderTypeDogeCloudCDN: { access := domain.AccessConfigForDogeCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pDogeCDN.NewDeployer(&pDogeCDN.DeployerConfig{ + deployer, err := pDogeCDN.NewSSLDeployerProvider(&pDogeCDN.SSLDeployerProviderConfig{ AccessKey: access.AccessKey, SecretKey: access.SecretKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err } @@ -620,14 +708,14 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeEdgioApplications: { access := domain.AccessConfigForEdgio{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pEdgioApplications.NewDeployer(&pEdgioApplications.DeployerConfig{ + deployer, err := pEdgioApplications.NewSSLDeployerProvider(&pEdgioApplications.SSLDeployerProviderConfig{ ClientId: access.ClientId, ClientSecret: access.ClientSecret, - EnvironmentId: maputil.GetString(options.ProviderServiceConfig, "environmentId"), + EnvironmentId: xmaps.GetString(options.ProviderServiceConfig, "environmentId"), }) return deployer, err } @@ -635,18 +723,18 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeFlexCDN: { access := domain.AccessConfigForFlexCDN{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pFlexCDN.NewDeployer(&pFlexCDN.DeployerConfig{ + deployer, err := pFlexCDN.NewSSLDeployerProvider(&pFlexCDN.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiRole: access.ApiRole, AccessKeyId: access.AccessKeyId, AccessKey: access.AccessKey, AllowInsecureConnections: access.AllowInsecureConnections, - ResourceType: pFlexCDN.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - CertificateId: maputil.GetInt64(options.ProviderServiceConfig, "certificateId"), + ResourceType: pFlexCDN.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + CertificateId: xmaps.GetInt64(options.ProviderServiceConfig, "certificateId"), }) return deployer, err } @@ -654,16 +742,16 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeGcoreCDN: { access := domain.AccessConfigForGcore{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeGcoreCDN: - deployer, err := pGcoreCDN.NewDeployer(&pGcoreCDN.DeployerConfig{ + deployer, err := pGcoreCDN.NewSSLDeployerProvider(&pGcoreCDN.SSLDeployerProviderConfig{ ApiToken: access.ApiToken, - ResourceId: maputil.GetInt64(options.ProviderServiceConfig, "resourceId"), - CertificateId: maputil.GetInt64(options.ProviderServiceConfig, "certificateId"), + ResourceId: xmaps.GetInt64(options.ProviderServiceConfig, "resourceId"), + CertificateId: xmaps.GetInt64(options.ProviderServiceConfig, "certificateId"), }) return deployer, err @@ -675,18 +763,18 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeGoEdge: { access := domain.AccessConfigForGoEdge{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pGoEdge.NewDeployer(&pGoEdge.DeployerConfig{ + deployer, err := pGoEdge.NewSSLDeployerProvider(&pGoEdge.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiRole: access.ApiRole, AccessKeyId: access.AccessKeyId, AccessKey: access.AccessKey, AllowInsecureConnections: access.AllowInsecureConnections, - ResourceType: pGoEdge.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - CertificateId: maputil.GetInt64(options.ProviderServiceConfig, "certificateId"), + ResourceType: pGoEdge.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + CertificateId: xmaps.GetInt64(options.ProviderServiceConfig, "certificateId"), }) return deployer, err } @@ -694,36 +782,36 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeHuaweiCloudCDN, domain.DeploymentProviderTypeHuaweiCloudELB, domain.DeploymentProviderTypeHuaweiCloudSCM, domain.DeploymentProviderTypeHuaweiCloudWAF: { access := domain.AccessConfigForHuaweiCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeHuaweiCloudCDN: - deployer, err := pHuaweiCloudCDN.NewDeployer(&pHuaweiCloudCDN.DeployerConfig{ + deployer, err := pHuaweiCloudCDN.NewSSLDeployerProvider(&pHuaweiCloudCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, EnterpriseProjectId: access.EnterpriseProjectId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeHuaweiCloudELB: - deployer, err := pHuaweiCloudELB.NewDeployer(&pHuaweiCloudELB.DeployerConfig{ + deployer, err := pHuaweiCloudELB.NewSSLDeployerProvider(&pHuaweiCloudELB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, EnterpriseProjectId: access.EnterpriseProjectId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pHuaweiCloudELB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - CertificateId: maputil.GetString(options.ProviderServiceConfig, "certificateId"), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pHuaweiCloudELB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + CertificateId: xmaps.GetString(options.ProviderServiceConfig, "certificateId"), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), }) return deployer, err case domain.DeploymentProviderTypeHuaweiCloudSCM: - deployer, err := pHuaweiCloudSCM.NewDeployer(&pHuaweiCloudSCM.DeployerConfig{ + deployer, err := pHuaweiCloudSCM.NewSSLDeployerProvider(&pHuaweiCloudSCM.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, EnterpriseProjectId: access.EnterpriseProjectId, @@ -731,14 +819,14 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer return deployer, err case domain.DeploymentProviderTypeHuaweiCloudWAF: - deployer, err := pHuaweiCloudWAF.NewDeployer(&pHuaweiCloudWAF.DeployerConfig{ + deployer, err := pHuaweiCloudWAF.NewSSLDeployerProvider(&pHuaweiCloudWAF.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, SecretAccessKey: access.SecretAccessKey, EnterpriseProjectId: access.EnterpriseProjectId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pHuaweiCloudWAF.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - CertificateId: maputil.GetString(options.ProviderServiceConfig, "certificateId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pHuaweiCloudWAF.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + CertificateId: xmaps.GetString(options.ProviderServiceConfig, "certificateId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -750,43 +838,43 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeJDCloudALB, domain.DeploymentProviderTypeJDCloudCDN, domain.DeploymentProviderTypeJDCloudLive, domain.DeploymentProviderTypeJDCloudVOD: { access := domain.AccessConfigForJDCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeJDCloudALB: - deployer, err := pJDCloudALB.NewDeployer(&pJDCloudALB.DeployerConfig{ + deployer, err := pJDCloudALB.NewSSLDeployerProvider(&pJDCloudALB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - RegionId: maputil.GetString(options.ProviderServiceConfig, "regionId"), - ResourceType: pJDCloudALB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), + RegionId: xmaps.GetString(options.ProviderServiceConfig, "regionId"), + ResourceType: pJDCloudALB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), }) return deployer, err case domain.DeploymentProviderTypeJDCloudCDN: - deployer, err := pJDCloudCDN.NewDeployer(&pJDCloudCDN.DeployerConfig{ + deployer, err := pJDCloudCDN.NewSSLDeployerProvider(&pJDCloudCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeJDCloudLive: - deployer, err := pJDCloudLive.NewDeployer(&pJDCloudLive.DeployerConfig{ + deployer, err := pJDCloudLive.NewSSLDeployerProvider(&pJDCloudLive.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeJDCloudVOD: - deployer, err := pJDCloudVOD.NewDeployer(&pJDCloudVOD.DeployerConfig{ + deployer, err := pJDCloudVOD.NewSSLDeployerProvider(&pJDCloudVOD.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -798,39 +886,39 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeLeCDN: { access := domain.AccessConfigForLeCDN{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pLeCDN.NewDeployer(&pLeCDN.DeployerConfig{ + deployer, err := pLeCDN.NewSSLDeployerProvider(&pLeCDN.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiVersion: access.ApiVersion, ApiRole: access.ApiRole, Username: access.Username, Password: access.Password, AllowInsecureConnections: access.AllowInsecureConnections, - ResourceType: pLeCDN.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - CertificateId: maputil.GetInt64(options.ProviderServiceConfig, "certificateId"), - ClientId: maputil.GetInt64(options.ProviderServiceConfig, "clientId"), + ResourceType: pLeCDN.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + CertificateId: xmaps.GetInt64(options.ProviderServiceConfig, "certificateId"), + ClientId: xmaps.GetInt64(options.ProviderServiceConfig, "clientId"), }) return deployer, err } case domain.DeploymentProviderTypeLocal: { - deployer, err := pLocal.NewDeployer(&pLocal.DeployerConfig{ - ShellEnv: pLocal.ShellEnvType(maputil.GetString(options.ProviderServiceConfig, "shellEnv")), - PreCommand: maputil.GetString(options.ProviderServiceConfig, "preCommand"), - PostCommand: maputil.GetString(options.ProviderServiceConfig, "postCommand"), - OutputFormat: pLocal.OutputFormatType(maputil.GetOrDefaultString(options.ProviderServiceConfig, "format", string(pLocal.OUTPUT_FORMAT_PEM))), - OutputCertPath: maputil.GetString(options.ProviderServiceConfig, "certPath"), - OutputServerCertPath: maputil.GetString(options.ProviderServiceConfig, "certPathForServerOnly"), - OutputIntermediaCertPath: maputil.GetString(options.ProviderServiceConfig, "certPathForIntermediaOnly"), - OutputKeyPath: maputil.GetString(options.ProviderServiceConfig, "keyPath"), - PfxPassword: maputil.GetString(options.ProviderServiceConfig, "pfxPassword"), - JksAlias: maputil.GetString(options.ProviderServiceConfig, "jksAlias"), - JksKeypass: maputil.GetString(options.ProviderServiceConfig, "jksKeypass"), - JksStorepass: maputil.GetString(options.ProviderServiceConfig, "jksStorepass"), + deployer, err := pLocal.NewSSLDeployerProvider(&pLocal.SSLDeployerProviderConfig{ + ShellEnv: pLocal.ShellEnvType(xmaps.GetString(options.ProviderServiceConfig, "shellEnv")), + PreCommand: xmaps.GetString(options.ProviderServiceConfig, "preCommand"), + PostCommand: xmaps.GetString(options.ProviderServiceConfig, "postCommand"), + OutputFormat: pLocal.OutputFormatType(xmaps.GetOrDefaultString(options.ProviderServiceConfig, "format", string(pLocal.OUTPUT_FORMAT_PEM))), + OutputCertPath: xmaps.GetString(options.ProviderServiceConfig, "certPath"), + OutputServerCertPath: xmaps.GetString(options.ProviderServiceConfig, "certPathForServerOnly"), + OutputIntermediaCertPath: xmaps.GetString(options.ProviderServiceConfig, "certPathForIntermediaOnly"), + OutputKeyPath: xmaps.GetString(options.ProviderServiceConfig, "keyPath"), + PfxPassword: xmaps.GetString(options.ProviderServiceConfig, "pfxPassword"), + JksAlias: xmaps.GetString(options.ProviderServiceConfig, "jksAlias"), + JksKeypass: xmaps.GetString(options.ProviderServiceConfig, "jksKeypass"), + JksStorepass: xmaps.GetString(options.ProviderServiceConfig, "jksStorepass"), }) return deployer, err } @@ -838,17 +926,17 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeKubernetesSecret: { access := domain.AccessConfigForKubernetes{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pK8sSecret.NewDeployer(&pK8sSecret.DeployerConfig{ + deployer, err := pK8sSecret.NewSSLDeployerProvider(&pK8sSecret.SSLDeployerProviderConfig{ KubeConfig: access.KubeConfig, - Namespace: maputil.GetOrDefaultString(options.ProviderServiceConfig, "namespace", "default"), - SecretName: maputil.GetString(options.ProviderServiceConfig, "secretName"), - SecretType: maputil.GetOrDefaultString(options.ProviderServiceConfig, "secretType", "kubernetes.io/tls"), - SecretDataKeyForCrt: maputil.GetOrDefaultString(options.ProviderServiceConfig, "secretDataKeyForCrt", "tls.crt"), - SecretDataKeyForKey: maputil.GetOrDefaultString(options.ProviderServiceConfig, "secretDataKeyForKey", "tls.key"), + Namespace: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "namespace", "default"), + SecretName: xmaps.GetString(options.ProviderServiceConfig, "secretName"), + SecretType: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "secretType", "kubernetes.io/tls"), + SecretDataKeyForCrt: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "secretDataKeyForCrt", "tls.crt"), + SecretDataKeyForKey: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "secretDataKeyForKey", "tls.key"), }) return deployer, err } @@ -856,13 +944,13 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeNetlifySite: { access := domain.AccessConfigForNetlify{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pNetlifySite.NewDeployer(&pNetlifySite.DeployerConfig{ + deployer, err := pNetlifySite.NewSSLDeployerProvider(&pNetlifySite.SSLDeployerProviderConfig{ ApiToken: access.ApiToken, - SiteId: maputil.GetString(options.ProviderServiceConfig, "siteId"), + SiteId: xmaps.GetString(options.ProviderServiceConfig, "siteId"), }) return deployer, err } @@ -870,17 +958,17 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeProxmoxVE: { access := domain.AccessConfigForProxmoxVE{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pProxmoxVE.NewDeployer(&pProxmoxVE.DeployerConfig{ + deployer, err := pProxmoxVE.NewSSLDeployerProvider(&pProxmoxVE.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiToken: access.ApiToken, ApiTokenSecret: access.ApiTokenSecret, AllowInsecureConnections: access.AllowInsecureConnections, - NodeName: maputil.GetString(options.ProviderServiceConfig, "nodeName"), - AutoRestart: maputil.GetBool(options.ProviderServiceConfig, "autoRestart"), + NodeName: xmaps.GetString(options.ProviderServiceConfig, "nodeName"), + AutoRestart: xmaps.GetBool(options.ProviderServiceConfig, "autoRestart"), }) return deployer, err } @@ -888,25 +976,25 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeQiniuCDN, domain.DeploymentProviderTypeQiniuKodo, domain.DeploymentProviderTypeQiniuPili: { access := domain.AccessConfigForQiniu{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeQiniuCDN, domain.DeploymentProviderTypeQiniuKodo: - deployer, err := pQiniuCDN.NewDeployer(&pQiniuCDN.DeployerConfig{ + deployer, err := pQiniuCDN.NewSSLDeployerProvider(&pQiniuCDN.SSLDeployerProviderConfig{ AccessKey: access.AccessKey, SecretKey: access.SecretKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeQiniuPili: - deployer, err := pQiniuPili.NewDeployer(&pQiniuPili.DeployerConfig{ + deployer, err := pQiniuPili.NewSSLDeployerProvider(&pQiniuPili.SSLDeployerProviderConfig{ AccessKey: access.AccessKey, SecretKey: access.SecretKey, - Hub: maputil.GetString(options.ProviderServiceConfig, "hub"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Hub: xmaps.GetString(options.ProviderServiceConfig, "hub"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -918,16 +1006,16 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeRainYunRCDN: { access := domain.AccessConfigForRainYun{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeTencentCloudCDN: - deployer, err := pRainYunRCDN.NewDeployer(&pRainYunRCDN.DeployerConfig{ + deployer, err := pRainYunRCDN.NewSSLDeployerProvider(&pRainYunRCDN.SSLDeployerProviderConfig{ ApiKey: access.ApiKey, - InstanceId: maputil.GetInt32(options.ProviderServiceConfig, "instanceId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + InstanceId: xmaps.GetInt32(options.ProviderServiceConfig, "instanceId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -939,13 +1027,13 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeRatPanelConsole, domain.DeploymentProviderTypeRatPanelSite: { access := domain.AccessConfigForRatPanel{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeRatPanelConsole: - deployer, err := pRatPanelConsole.NewDeployer(&pRatPanelConsole.DeployerConfig{ + deployer, err := pRatPanelConsole.NewSSLDeployerProvider(&pRatPanelConsole.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, AccessTokenId: access.AccessTokenId, AccessToken: access.AccessToken, @@ -954,12 +1042,12 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer return deployer, err case domain.DeploymentProviderTypeRatPanelSite: - deployer, err := pRatPanelSite.NewDeployer(&pRatPanelSite.DeployerConfig{ + deployer, err := pRatPanelSite.NewSSLDeployerProvider(&pRatPanelSite.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, AccessTokenId: access.AccessTokenId, AccessToken: access.AccessToken, AllowInsecureConnections: access.AllowInsecureConnections, - SiteName: maputil.GetString(options.ProviderServiceConfig, "siteName"), + SiteName: xmaps.GetString(options.ProviderServiceConfig, "siteName"), }) return deployer, err @@ -971,16 +1059,16 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeSafeLine: { access := domain.AccessConfigForSafeLine{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pSafeLine.NewDeployer(&pSafeLine.DeployerConfig{ + deployer, err := pSafeLine.NewSSLDeployerProvider(&pSafeLine.SSLDeployerProviderConfig{ ServerUrl: access.ServerUrl, ApiToken: access.ApiToken, AllowInsecureConnections: access.AllowInsecureConnections, - ResourceType: pSafeLine.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - CertificateId: maputil.GetInt32(options.ProviderServiceConfig, "certificateId"), + ResourceType: pSafeLine.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + CertificateId: xmaps.GetInt32(options.ProviderServiceConfig, "certificateId"), }) return deployer, err } @@ -988,7 +1076,7 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeSSH: { access := domain.AccessConfigForSSH{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } @@ -1005,7 +1093,7 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer } } - deployer, err := pSSH.NewDeployer(&pSSH.DeployerConfig{ + deployer, err := pSSH.NewSSLDeployerProvider(&pSSH.SSLDeployerProviderConfig{ SshHost: access.Host, SshPort: access.Port, SshAuthMethod: access.AuthMethod, @@ -1014,127 +1102,137 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer SshKey: access.Key, SshKeyPassphrase: access.KeyPassphrase, JumpServers: jumpServers, - UseSCP: maputil.GetBool(options.ProviderServiceConfig, "useSCP"), - PreCommand: maputil.GetString(options.ProviderServiceConfig, "preCommand"), - PostCommand: maputil.GetString(options.ProviderServiceConfig, "postCommand"), - OutputFormat: pSSH.OutputFormatType(maputil.GetOrDefaultString(options.ProviderServiceConfig, "format", string(pSSH.OUTPUT_FORMAT_PEM))), - OutputCertPath: maputil.GetString(options.ProviderServiceConfig, "certPath"), - OutputServerCertPath: maputil.GetString(options.ProviderServiceConfig, "certPathForServerOnly"), - OutputIntermediaCertPath: maputil.GetString(options.ProviderServiceConfig, "certPathForIntermediaOnly"), - OutputKeyPath: maputil.GetString(options.ProviderServiceConfig, "keyPath"), - PfxPassword: maputil.GetString(options.ProviderServiceConfig, "pfxPassword"), - JksAlias: maputil.GetString(options.ProviderServiceConfig, "jksAlias"), - JksKeypass: maputil.GetString(options.ProviderServiceConfig, "jksKeypass"), - JksStorepass: maputil.GetString(options.ProviderServiceConfig, "jksStorepass"), + UseSCP: xmaps.GetBool(options.ProviderServiceConfig, "useSCP"), + PreCommand: xmaps.GetString(options.ProviderServiceConfig, "preCommand"), + PostCommand: xmaps.GetString(options.ProviderServiceConfig, "postCommand"), + OutputFormat: pSSH.OutputFormatType(xmaps.GetOrDefaultString(options.ProviderServiceConfig, "format", string(pSSH.OUTPUT_FORMAT_PEM))), + OutputCertPath: xmaps.GetString(options.ProviderServiceConfig, "certPath"), + OutputServerCertPath: xmaps.GetString(options.ProviderServiceConfig, "certPathForServerOnly"), + OutputIntermediaCertPath: xmaps.GetString(options.ProviderServiceConfig, "certPathForIntermediaOnly"), + OutputKeyPath: xmaps.GetString(options.ProviderServiceConfig, "keyPath"), + PfxPassword: xmaps.GetString(options.ProviderServiceConfig, "pfxPassword"), + JksAlias: xmaps.GetString(options.ProviderServiceConfig, "jksAlias"), + JksKeypass: xmaps.GetString(options.ProviderServiceConfig, "jksKeypass"), + JksStorepass: xmaps.GetString(options.ProviderServiceConfig, "jksStorepass"), }) return deployer, err } - case domain.DeploymentProviderTypeTencentCloudCDN, domain.DeploymentProviderTypeTencentCloudCLB, domain.DeploymentProviderTypeTencentCloudCOS, domain.DeploymentProviderTypeTencentCloudCSS, domain.DeploymentProviderTypeTencentCloudECDN, domain.DeploymentProviderTypeTencentCloudEO, domain.DeploymentProviderTypeTencentCloudSCF, domain.DeploymentProviderTypeTencentCloudSSL, domain.DeploymentProviderTypeTencentCloudSSLDeploy, domain.DeploymentProviderTypeTencentCloudVOD, domain.DeploymentProviderTypeTencentCloudWAF: + case domain.DeploymentProviderTypeTencentCloudCDN, domain.DeploymentProviderTypeTencentCloudCLB, domain.DeploymentProviderTypeTencentCloudCOS, domain.DeploymentProviderTypeTencentCloudCSS, domain.DeploymentProviderTypeTencentCloudECDN, domain.DeploymentProviderTypeTencentCloudEO, domain.DeploymentProviderTypeTencentCloudGAAP, domain.DeploymentProviderTypeTencentCloudSCF, domain.DeploymentProviderTypeTencentCloudSSL, domain.DeploymentProviderTypeTencentCloudSSLDeploy, domain.DeploymentProviderTypeTencentCloudVOD, domain.DeploymentProviderTypeTencentCloudWAF: { access := domain.AccessConfigForTencentCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeTencentCloudCDN: - deployer, err := pTencentCloudCDN.NewDeployer(&pTencentCloudCDN.DeployerConfig{ + deployer, err := pTencentCloudCDN.NewSSLDeployerProvider(&pTencentCloudCDN.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudCLB: - deployer, err := pTencentCloudCLB.NewDeployer(&pTencentCloudCLB.DeployerConfig{ + deployer, err := pTencentCloudCLB.NewSSLDeployerProvider(&pTencentCloudCLB.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pTencentCloudCLB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pTencentCloudCLB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudCOS: - deployer, err := pTencentCloudCOS.NewDeployer(&pTencentCloudCOS.DeployerConfig{ + deployer, err := pTencentCloudCOS.NewSSLDeployerProvider(&pTencentCloudCOS.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Bucket: maputil.GetString(options.ProviderServiceConfig, "bucket"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Bucket: xmaps.GetString(options.ProviderServiceConfig, "bucket"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudCSS: - deployer, err := pTencentCloudCSS.NewDeployer(&pTencentCloudCSS.DeployerConfig{ + deployer, err := pTencentCloudCSS.NewSSLDeployerProvider(&pTencentCloudCSS.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudECDN: - deployer, err := pTencentCloudECDN.NewDeployer(&pTencentCloudECDN.DeployerConfig{ + deployer, err := pTencentCloudECDN.NewSSLDeployerProvider(&pTencentCloudECDN.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudEO: - deployer, err := pTencentCloudEO.NewDeployer(&pTencentCloudEO.DeployerConfig{ + deployer, err := pTencentCloudEO.NewSSLDeployerProvider(&pTencentCloudEO.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - ZoneId: maputil.GetString(options.ProviderServiceConfig, "zoneId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + ZoneId: xmaps.GetString(options.ProviderServiceConfig, "zoneId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), + }) + return deployer, err + + case domain.DeploymentProviderTypeTencentCloudGAAP: + deployer, err := pTencentCloudGAAP.NewSSLDeployerProvider(&pTencentCloudGAAP.SSLDeployerProviderConfig{ + SecretId: access.SecretId, + SecretKey: access.SecretKey, + ResourceType: pTencentCloudGAAP.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + ProxyId: xmaps.GetString(options.ProviderServiceConfig, "proxyId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudSCF: - deployer, err := pTencentCloudSCF.NewDeployer(&pTencentCloudSCF.DeployerConfig{ + deployer, err := pTencentCloudSCF.NewSSLDeployerProvider(&pTencentCloudSCF.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudSSL: - deployer, err := pTencentCloudSSL.NewDeployer(&pTencentCloudSSL.DeployerConfig{ + deployer, err := pTencentCloudSSL.NewSSLDeployerProvider(&pTencentCloudSSL.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, }) return deployer, err case domain.DeploymentProviderTypeTencentCloudSSLDeploy: - deployer, err := pTencentCloudSSLDeploy.NewDeployer(&pTencentCloudSSLDeploy.DeployerConfig{ + deployer, err := pTencentCloudSSLDeploy.NewSSLDeployerProvider(&pTencentCloudSSLDeploy.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: maputil.GetString(options.ProviderServiceConfig, "resourceType"), - ResourceIds: sliceutil.Filter(strings.Split(maputil.GetString(options.ProviderServiceConfig, "resourceIds"), ";"), func(s string) bool { return s != "" }), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: xmaps.GetString(options.ProviderServiceConfig, "resourceType"), + ResourceIds: xslices.Filter(strings.Split(xmaps.GetString(options.ProviderServiceConfig, "resourceIds"), ";"), func(s string) bool { return s != "" }), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudVOD: - deployer, err := pTencentCloudVOD.NewDeployer(&pTencentCloudVOD.DeployerConfig{ + deployer, err := pTencentCloudVOD.NewSSLDeployerProvider(&pTencentCloudVOD.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - SubAppId: maputil.GetInt64(options.ProviderServiceConfig, "subAppId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + SubAppId: xmaps.GetInt64(options.ProviderServiceConfig, "subAppId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeTencentCloudWAF: - deployer, err := pTencentCloudWAF.NewDeployer(&pTencentCloudWAF.DeployerConfig{ + deployer, err := pTencentCloudWAF.NewSSLDeployerProvider(&pTencentCloudWAF.SSLDeployerProviderConfig{ SecretId: access.SecretId, SecretKey: access.SecretKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), - DomainId: maputil.GetString(options.ProviderServiceConfig, "domainId"), - InstanceId: maputil.GetString(options.ProviderServiceConfig, "instanceId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), + DomainId: xmaps.GetString(options.ProviderServiceConfig, "domainId"), + InstanceId: xmaps.GetString(options.ProviderServiceConfig, "instanceId"), }) return deployer, err @@ -1146,28 +1244,28 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeUCloudUCDN, domain.DeploymentProviderTypeUCloudUS3: { access := domain.AccessConfigForUCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeUCloudUCDN: - deployer, err := pUCloudUCDN.NewDeployer(&pUCloudUCDN.DeployerConfig{ + deployer, err := pUCloudUCDN.NewSSLDeployerProvider(&pUCloudUCDN.SSLDeployerProviderConfig{ PrivateKey: access.PrivateKey, PublicKey: access.PublicKey, ProjectId: access.ProjectId, - DomainId: maputil.GetString(options.ProviderServiceConfig, "domainId"), + DomainId: xmaps.GetString(options.ProviderServiceConfig, "domainId"), }) return deployer, err case domain.DeploymentProviderTypeUCloudUS3: - deployer, err := pUCloudUS3.NewDeployer(&pUCloudUS3.DeployerConfig{ + deployer, err := pUCloudUS3.NewSSLDeployerProvider(&pUCloudUS3.SSLDeployerProviderConfig{ PrivateKey: access.PrivateKey, PublicKey: access.PublicKey, ProjectId: access.ProjectId, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Bucket: maputil.GetString(options.ProviderServiceConfig, "bucket"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Bucket: xmaps.GetString(options.ProviderServiceConfig, "bucket"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -1179,16 +1277,16 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeUniCloudWebHost: { access := domain.AccessConfigForUniCloud{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - deployer, err := pUniCloudWebHost.NewDeployer(&pUniCloudWebHost.DeployerConfig{ + deployer, err := pUniCloudWebHost.NewSSLDeployerProvider(&pUniCloudWebHost.SSLDeployerProviderConfig{ Username: access.Username, Password: access.Password, - SpaceProvider: maputil.GetString(options.ProviderServiceConfig, "spaceProvider"), - SpaceId: maputil.GetString(options.ProviderServiceConfig, "spaceId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + SpaceProvider: xmaps.GetString(options.ProviderServiceConfig, "spaceProvider"), + SpaceId: xmaps.GetString(options.ProviderServiceConfig, "spaceId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err } @@ -1196,16 +1294,16 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeUpyunCDN, domain.DeploymentProviderTypeUpyunFile: { access := domain.AccessConfigForUpyun{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeUpyunCDN, domain.DeploymentProviderTypeUpyunFile: - deployer, err := pUpyunCDN.NewDeployer(&pUpyunCDN.DeployerConfig{ + deployer, err := pUpyunCDN.NewSSLDeployerProvider(&pUpyunCDN.SSLDeployerProviderConfig{ Username: access.Username, Password: access.Password, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -1217,83 +1315,83 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeVolcEngineALB, domain.DeploymentProviderTypeVolcEngineCDN, domain.DeploymentProviderTypeVolcEngineCertCenter, domain.DeploymentProviderTypeVolcEngineCLB, domain.DeploymentProviderTypeVolcEngineDCDN, domain.DeploymentProviderTypeVolcEngineImageX, domain.DeploymentProviderTypeVolcEngineLive, domain.DeploymentProviderTypeVolcEngineTOS: { access := domain.AccessConfigForVolcEngine{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeVolcEngineALB: - deployer, err := pVolcEngineALB.NewDeployer(&pVolcEngineALB.DeployerConfig{ + deployer, err := pVolcEngineALB.NewSSLDeployerProvider(&pVolcEngineALB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pVolcEngineALB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pVolcEngineALB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeVolcEngineCDN: - deployer, err := pVolcEngineCDN.NewDeployer(&pVolcEngineCDN.DeployerConfig{ + deployer, err := pVolcEngineCDN.NewSSLDeployerProvider(&pVolcEngineCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.SecretAccessKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeVolcEngineCertCenter: - deployer, err := pVolcEngineCertCenter.NewDeployer(&pVolcEngineCertCenter.DeployerConfig{ + deployer, err := pVolcEngineCertCenter.NewSSLDeployerProvider(&pVolcEngineCertCenter.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), }) return deployer, err case domain.DeploymentProviderTypeVolcEngineCLB: - deployer, err := pVolcEngineCLB.NewDeployer(&pVolcEngineCLB.DeployerConfig{ + deployer, err := pVolcEngineCLB.NewSSLDeployerProvider(&pVolcEngineCLB.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ResourceType: pVolcEngineCLB.ResourceType(maputil.GetString(options.ProviderServiceConfig, "resourceType")), - LoadbalancerId: maputil.GetString(options.ProviderServiceConfig, "loadbalancerId"), - ListenerId: maputil.GetString(options.ProviderServiceConfig, "listenerId"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ResourceType: pVolcEngineCLB.ResourceType(xmaps.GetString(options.ProviderServiceConfig, "resourceType")), + LoadbalancerId: xmaps.GetString(options.ProviderServiceConfig, "loadbalancerId"), + ListenerId: xmaps.GetString(options.ProviderServiceConfig, "listenerId"), }) return deployer, err case domain.DeploymentProviderTypeVolcEngineDCDN: - deployer, err := pVolcEngineDCDN.NewDeployer(&pVolcEngineDCDN.DeployerConfig{ + deployer, err := pVolcEngineDCDN.NewSSLDeployerProvider(&pVolcEngineDCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.SecretAccessKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeVolcEngineImageX: - deployer, err := pVolcEngineImageX.NewDeployer(&pVolcEngineImageX.DeployerConfig{ + deployer, err := pVolcEngineImageX.NewSSLDeployerProvider(&pVolcEngineImageX.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - ServiceId: maputil.GetString(options.ProviderServiceConfig, "serviceId"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + ServiceId: xmaps.GetString(options.ProviderServiceConfig, "serviceId"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeVolcEngineLive: - deployer, err := pVolcEngineLive.NewDeployer(&pVolcEngineLive.DeployerConfig{ + deployer, err := pVolcEngineLive.NewSSLDeployerProvider(&pVolcEngineLive.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.SecretAccessKey, - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err case domain.DeploymentProviderTypeVolcEngineTOS: - deployer, err := pVolcEngineTOS.NewDeployer(&pVolcEngineTOS.DeployerConfig{ + deployer, err := pVolcEngineTOS.NewSSLDeployerProvider(&pVolcEngineTOS.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.SecretAccessKey, - Region: maputil.GetString(options.ProviderServiceConfig, "region"), - Bucket: maputil.GetString(options.ProviderServiceConfig, "bucket"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), + Region: xmaps.GetString(options.ProviderServiceConfig, "region"), + Bucket: xmaps.GetString(options.ProviderServiceConfig, "bucket"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), }) return deployer, err @@ -1305,36 +1403,36 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeWangsuCDN, domain.DeploymentProviderTypeWangsuCDNPro, domain.DeploymentProviderTypeWangsuCertificate: { access := domain.AccessConfigForWangsu{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } switch options.Provider { case domain.DeploymentProviderTypeWangsuCDN: - deployer, err := pWangsuCDN.NewDeployer(&pWangsuCDN.DeployerConfig{ + deployer, err := pWangsuCDN.NewSSLDeployerProvider(&pWangsuCDN.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - Domains: sliceutil.Filter(strings.Split(maputil.GetString(options.ProviderServiceConfig, "domains"), ";"), func(s string) bool { return s != "" }), + Domains: xslices.Filter(strings.Split(xmaps.GetString(options.ProviderServiceConfig, "domains"), ";"), func(s string) bool { return s != "" }), }) return deployer, err case domain.DeploymentProviderTypeWangsuCDNPro: - deployer, err := pWangsuCDNPro.NewDeployer(&pWangsuCDNPro.DeployerConfig{ + deployer, err := pWangsuCDNPro.NewSSLDeployerProvider(&pWangsuCDNPro.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, ApiKey: access.ApiKey, - Environment: maputil.GetOrDefaultString(options.ProviderServiceConfig, "environment", "production"), - Domain: maputil.GetString(options.ProviderServiceConfig, "domain"), - CertificateId: maputil.GetString(options.ProviderServiceConfig, "certificateId"), - WebhookId: maputil.GetString(options.ProviderServiceConfig, "webhookId"), + Environment: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "environment", "production"), + Domain: xmaps.GetString(options.ProviderServiceConfig, "domain"), + CertificateId: xmaps.GetString(options.ProviderServiceConfig, "certificateId"), + WebhookId: xmaps.GetString(options.ProviderServiceConfig, "webhookId"), }) return deployer, err case domain.DeploymentProviderTypeWangsuCertificate: - deployer, err := pWangsuCertificate.NewDeployer(&pWangsuCertificate.DeployerConfig{ + deployer, err := pWangsuCertificate.NewSSLDeployerProvider(&pWangsuCertificate.SSLDeployerProviderConfig{ AccessKeyId: access.AccessKeyId, AccessKeySecret: access.AccessKeySecret, - CertificateId: maputil.GetString(options.ProviderServiceConfig, "certificateId"), + CertificateId: xmaps.GetString(options.ProviderServiceConfig, "certificateId"), }) return deployer, err @@ -1346,13 +1444,13 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer case domain.DeploymentProviderTypeWebhook: { access := domain.AccessConfigForWebhook{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } mergedHeaders := make(map[string]string) if defaultHeadersString := access.HeadersString; defaultHeadersString != "" { - h, err := httputil.ParseHeaders(defaultHeadersString) + h, err := xhttp.ParseHeaders(defaultHeadersString) if err != nil { return nil, fmt.Errorf("failed to parse webhook headers: %w", err) } @@ -1360,8 +1458,8 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer mergedHeaders[http.CanonicalHeaderKey(key)] = h.Get(key) } } - if extendedHeadersString := maputil.GetString(options.ProviderServiceConfig, "headers"); extendedHeadersString != "" { - h, err := httputil.ParseHeaders(extendedHeadersString) + if extendedHeadersString := xmaps.GetString(options.ProviderServiceConfig, "headers"); extendedHeadersString != "" { + h, err := xhttp.ParseHeaders(extendedHeadersString) if err != nil { return nil, fmt.Errorf("failed to parse webhook headers: %w", err) } @@ -1370,9 +1468,9 @@ func createDeployerProvider(options *deployerProviderOptions) (deployer.Deployer } } - deployer, err := pWebhook.NewDeployer(&pWebhook.DeployerConfig{ + deployer, err := pWebhook.NewSSLDeployerProvider(&pWebhook.SSLDeployerProviderConfig{ WebhookUrl: access.Url, - WebhookData: maputil.GetOrDefaultString(options.ProviderServiceConfig, "webhookData", access.DefaultDataForDeployment), + WebhookData: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "webhookData", access.DefaultDataForDeployment), Method: access.Method, Headers: mergedHeaders, AllowInsecureConnections: access.AllowInsecureConnections, diff --git a/internal/domain/access.go b/internal/domain/access.go index c6071aef..29d07513 100644 --- a/internal/domain/access.go +++ b/internal/domain/access.go @@ -41,6 +41,12 @@ type AccessConfigForAliyun struct { ResourceGroupId string `json:"resourceGroupId,omitempty"` } +type AccessConfigForAPISIX struct { + ServerUrl string `json:"serverUrl"` + ApiKey string `json:"apiKey"` + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` +} + type AccessConfigForAWS struct { AccessKeyId string `json:"accessKeyId"` SecretAccessKey string `json:"secretAccessKey"` @@ -114,6 +120,11 @@ type AccessConfigForConstellix struct { SecretKey string `json:"secretKey"` } +type AccessConfigForCTCCCloud struct { + AccessKeyId string `json:"accessKeyId"` + SecretAccessKey string `json:"secretAccessKey"` +} + type AccessConfigForDeSEC struct { Token string `json:"token"` } @@ -162,6 +173,7 @@ type AccessConfigForEmail struct { Username string `json:"username"` Password string `json:"password"` DefaultSenderAddress string `json:"defaultSenderAddress,omitempty"` + DefaultSenderName string `json:"defaultSenderName,omitempty"` DefaultReceiverAddress string `json:"defaultReceiverAddress,omitempty"` } diff --git a/internal/domain/certificate.go b/internal/domain/certificate.go index b2b48fcd..6ade5c5f 100644 --- a/internal/domain/certificate.go +++ b/internal/domain/certificate.go @@ -8,7 +8,7 @@ import ( "strings" "time" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) const CollectionNameCertificate = "certificate" @@ -106,10 +106,10 @@ func (c *Certificate) PopulateFromPEM(certPEM, privkeyPEM string) *Certificate { c.Certificate = certPEM c.PrivateKey = privkeyPEM - _, issuerCertPEM, _ := certutil.ExtractCertificatesFromPEM(certPEM) + _, issuerCertPEM, _ := xcert.ExtractCertificatesFromPEM(certPEM) c.IssuerCertificate = issuerCertPEM - certX509, _ := certutil.ParseCertificateFromPEM(certPEM) + certX509, _ := xcert.ParseCertificateFromPEM(certPEM) if certX509 != nil { c.PopulateFromX509(certX509) } diff --git a/internal/domain/dtos/notify.go b/internal/domain/dtos/notify.go index ab72fff1..395aebf1 100644 --- a/internal/domain/dtos/notify.go +++ b/internal/domain/dtos/notify.go @@ -1,6 +1,6 @@ package dtos -import "github.com/usual2970/certimate/internal/domain" +import "github.com/certimate-go/certimate/internal/domain" type NotifyTestPushReq struct { Channel domain.NotifyChannelType `json:"channel"` diff --git a/internal/domain/dtos/workflow.go b/internal/domain/dtos/workflow.go index b0f75f58..55b12954 100644 --- a/internal/domain/dtos/workflow.go +++ b/internal/domain/dtos/workflow.go @@ -1,6 +1,6 @@ package dtos -import "github.com/usual2970/certimate/internal/domain" +import "github.com/certimate-go/certimate/internal/domain" type WorkflowStartRunReq struct { WorkflowId string `json:"-"` diff --git a/internal/domain/provider.go b/internal/domain/provider.go index 560b08da..47ba0e72 100644 --- a/internal/domain/provider.go +++ b/internal/domain/provider.go @@ -14,6 +14,7 @@ const ( AccessProviderTypeACMEHttpReq = AccessProviderType("acmehttpreq") AccessProviderTypeAkamai = AccessProviderType("akamai") // Akamai(预留) AccessProviderTypeAliyun = AccessProviderType("aliyun") + AccessProviderTypeAPISIX = AccessProviderType("apisix") AccessProviderTypeAWS = AccessProviderType("aws") AccessProviderTypeAzure = AccessProviderType("azure") AccessProviderTypeBaiduCloud = AccessProviderType("baiducloud") @@ -29,7 +30,7 @@ const ( AccessProviderTypeClouDNS = AccessProviderType("cloudns") AccessProviderTypeCMCCCloud = AccessProviderType("cmcccloud") AccessProviderTypeConstellix = AccessProviderType("constellix") - AccessProviderTypeCTCCCloud = AccessProviderType("ctcccloud") // 天翼云(预留) + AccessProviderTypeCTCCCloud = AccessProviderType("ctcccloud") AccessProviderTypeCUCCCloud = AccessProviderType("cucccloud") // 联通云(预留) AccessProviderTypeDeSEC = AccessProviderType("desec") AccessProviderTypeDigitalOcean = AccessProviderType("digitalocean") @@ -118,51 +119,54 @@ ACME DNS-01 提供商常量值。 NOTICE: If you add new constant, please keep ASCII order. */ const ( - ACMEDns01ProviderTypeACMEHttpReq = ACMEDns01ProviderType(AccessProviderTypeACMEHttpReq) - ACMEDns01ProviderTypeAliyun = ACMEDns01ProviderType(AccessProviderTypeAliyun) // 兼容旧值,等同于 [ACMEDns01ProviderTypeAliyunDNS] - ACMEDns01ProviderTypeAliyunDNS = ACMEDns01ProviderType(AccessProviderTypeAliyun + "-dns") - ACMEDns01ProviderTypeAliyunESA = ACMEDns01ProviderType(AccessProviderTypeAliyun + "-esa") - ACMEDns01ProviderTypeAWS = ACMEDns01ProviderType(AccessProviderTypeAWS) // 兼容旧值,等同于 [ACMEDns01ProviderTypeAWSRoute53] - ACMEDns01ProviderTypeAWSRoute53 = ACMEDns01ProviderType(AccessProviderTypeAWS + "-route53") - ACMEDns01ProviderTypeAzure = ACMEDns01ProviderType(AccessProviderTypeAzure) // 兼容旧值,等同于 [ACMEDns01ProviderTypeAzure] - ACMEDns01ProviderTypeAzureDNS = ACMEDns01ProviderType(AccessProviderTypeAzure + "-dns") - ACMEDns01ProviderTypeBaiduCloud = ACMEDns01ProviderType(AccessProviderTypeBaiduCloud) // 兼容旧值,等同于 [ACMEDns01ProviderTypeBaiduCloudDNS] - ACMEDns01ProviderTypeBaiduCloudDNS = ACMEDns01ProviderType(AccessProviderTypeBaiduCloud + "-dns") - ACMEDns01ProviderTypeBunny = ACMEDns01ProviderType(AccessProviderTypeBunny) - ACMEDns01ProviderTypeCloudflare = ACMEDns01ProviderType(AccessProviderTypeCloudflare) - ACMEDns01ProviderTypeClouDNS = ACMEDns01ProviderType(AccessProviderTypeClouDNS) - ACMEDns01ProviderTypeCMCCCloud = ACMEDns01ProviderType(AccessProviderTypeCMCCCloud) - ACMEDns01ProviderTypeConstellix = ACMEDns01ProviderType(AccessProviderTypeConstellix) - ACMEDns01ProviderTypeDeSEC = ACMEDns01ProviderType(AccessProviderTypeDeSEC) - ACMEDns01ProviderTypeDigitalOcean = ACMEDns01ProviderType(AccessProviderTypeDigitalOcean) - ACMEDns01ProviderTypeDNSLA = ACMEDns01ProviderType(AccessProviderTypeDNSLA) - ACMEDns01ProviderTypeDuckDNS = ACMEDns01ProviderType(AccessProviderTypeDuckDNS) - ACMEDns01ProviderTypeDynv6 = ACMEDns01ProviderType(AccessProviderTypeDynv6) - ACMEDns01ProviderTypeGcore = ACMEDns01ProviderType(AccessProviderTypeGcore) - ACMEDns01ProviderTypeGname = ACMEDns01ProviderType(AccessProviderTypeGname) - ACMEDns01ProviderTypeGoDaddy = ACMEDns01ProviderType(AccessProviderTypeGoDaddy) - ACMEDns01ProviderTypeHetzner = ACMEDns01ProviderType(AccessProviderTypeHetzner) - ACMEDns01ProviderTypeHuaweiCloud = ACMEDns01ProviderType(AccessProviderTypeHuaweiCloud) // 兼容旧值,等同于 [ACMEDns01ProviderTypeHuaweiCloudDNS] - ACMEDns01ProviderTypeHuaweiCloudDNS = ACMEDns01ProviderType(AccessProviderTypeHuaweiCloud + "-dns") - ACMEDns01ProviderTypeJDCloud = ACMEDns01ProviderType(AccessProviderTypeJDCloud) // 兼容旧值,等同于 [ACMEDns01ProviderTypeJDCloudDNS] - ACMEDns01ProviderTypeJDCloudDNS = ACMEDns01ProviderType(AccessProviderTypeJDCloud + "-dns") - ACMEDns01ProviderTypeNamecheap = ACMEDns01ProviderType(AccessProviderTypeNamecheap) - ACMEDns01ProviderTypeNameDotCom = ACMEDns01ProviderType(AccessProviderTypeNameDotCom) - ACMEDns01ProviderTypeNameSilo = ACMEDns01ProviderType(AccessProviderTypeNameSilo) - ACMEDns01ProviderTypeNetcup = ACMEDns01ProviderType(AccessProviderTypeNetcup) - ACMEDns01ProviderTypeNetlify = ACMEDns01ProviderType(AccessProviderTypeNetlify) - ACMEDns01ProviderTypeNS1 = ACMEDns01ProviderType(AccessProviderTypeNS1) - ACMEDns01ProviderTypePorkbun = ACMEDns01ProviderType(AccessProviderTypePorkbun) - ACMEDns01ProviderTypePowerDNS = ACMEDns01ProviderType(AccessProviderTypePowerDNS) - ACMEDns01ProviderTypeRainYun = ACMEDns01ProviderType(AccessProviderTypeRainYun) - ACMEDns01ProviderTypeTencentCloud = ACMEDns01ProviderType(AccessProviderTypeTencentCloud) // 兼容旧值,等同于 [ACMEDns01ProviderTypeTencentCloudDNS] - ACMEDns01ProviderTypeTencentCloudDNS = ACMEDns01ProviderType(AccessProviderTypeTencentCloud + "-dns") - ACMEDns01ProviderTypeTencentCloudEO = ACMEDns01ProviderType(AccessProviderTypeTencentCloud + "-eo") - ACMEDns01ProviderTypeUCloudUDNR = ACMEDns01ProviderType(AccessProviderTypeUCloud + "-udnr") - ACMEDns01ProviderTypeVercel = ACMEDns01ProviderType(AccessProviderTypeVercel) - ACMEDns01ProviderTypeVolcEngine = ACMEDns01ProviderType(AccessProviderTypeVolcEngine) // 兼容旧值,等同于 [ACMEDns01ProviderTypeVolcEngineDNS] - ACMEDns01ProviderTypeVolcEngineDNS = ACMEDns01ProviderType(AccessProviderTypeVolcEngine + "-dns") - ACMEDns01ProviderTypeWestcn = ACMEDns01ProviderType(AccessProviderTypeWestcn) + ACMEDns01ProviderTypeACMEHttpReq = ACMEDns01ProviderType(AccessProviderTypeACMEHttpReq) + ACMEDns01ProviderTypeAliyun = ACMEDns01ProviderType(AccessProviderTypeAliyun) // 兼容旧值,等同于 [ACMEDns01ProviderTypeAliyunDNS] + ACMEDns01ProviderTypeAliyunDNS = ACMEDns01ProviderType(AccessProviderTypeAliyun + "-dns") + ACMEDns01ProviderTypeAliyunESA = ACMEDns01ProviderType(AccessProviderTypeAliyun + "-esa") + ACMEDns01ProviderTypeAWS = ACMEDns01ProviderType(AccessProviderTypeAWS) // 兼容旧值,等同于 [ACMEDns01ProviderTypeAWSRoute53] + ACMEDns01ProviderTypeAWSRoute53 = ACMEDns01ProviderType(AccessProviderTypeAWS + "-route53") + ACMEDns01ProviderTypeAzure = ACMEDns01ProviderType(AccessProviderTypeAzure) // 兼容旧值,等同于 [ACMEDns01ProviderTypeAzure] + ACMEDns01ProviderTypeAzureDNS = ACMEDns01ProviderType(AccessProviderTypeAzure + "-dns") + ACMEDns01ProviderTypeBaiduCloud = ACMEDns01ProviderType(AccessProviderTypeBaiduCloud) // 兼容旧值,等同于 [ACMEDns01ProviderTypeBaiduCloudDNS] + ACMEDns01ProviderTypeBaiduCloudDNS = ACMEDns01ProviderType(AccessProviderTypeBaiduCloud + "-dns") + ACMEDns01ProviderTypeBunny = ACMEDns01ProviderType(AccessProviderTypeBunny) + ACMEDns01ProviderTypeCloudflare = ACMEDns01ProviderType(AccessProviderTypeCloudflare) + ACMEDns01ProviderTypeClouDNS = ACMEDns01ProviderType(AccessProviderTypeClouDNS) + ACMEDns01ProviderTypeCMCCCloud = ACMEDns01ProviderType(AccessProviderTypeCMCCCloud) // 兼容旧值,等同于 [ACMEDns01ProviderTypeCMCCCloudDNS] + ACMEDns01ProviderTypeCMCCCloudDNS = ACMEDns01ProviderType(AccessProviderTypeCMCCCloud + "-dns") + ACMEDns01ProviderTypeConstellix = ACMEDns01ProviderType(AccessProviderTypeConstellix) + ACMEDns01ProviderTypeCTCCCloud = ACMEDns01ProviderType(AccessProviderTypeCTCCCloud) // 兼容旧值,等同于 [ACMEDns01ProviderTypeCTCCCloudSmartDNS] + ACMEDns01ProviderTypeCTCCCloudSmartDNS = ACMEDns01ProviderType(AccessProviderTypeCTCCCloud + "-smartdns") + ACMEDns01ProviderTypeDeSEC = ACMEDns01ProviderType(AccessProviderTypeDeSEC) + ACMEDns01ProviderTypeDigitalOcean = ACMEDns01ProviderType(AccessProviderTypeDigitalOcean) + ACMEDns01ProviderTypeDNSLA = ACMEDns01ProviderType(AccessProviderTypeDNSLA) + ACMEDns01ProviderTypeDuckDNS = ACMEDns01ProviderType(AccessProviderTypeDuckDNS) + ACMEDns01ProviderTypeDynv6 = ACMEDns01ProviderType(AccessProviderTypeDynv6) + ACMEDns01ProviderTypeGcore = ACMEDns01ProviderType(AccessProviderTypeGcore) + ACMEDns01ProviderTypeGname = ACMEDns01ProviderType(AccessProviderTypeGname) + ACMEDns01ProviderTypeGoDaddy = ACMEDns01ProviderType(AccessProviderTypeGoDaddy) + ACMEDns01ProviderTypeHetzner = ACMEDns01ProviderType(AccessProviderTypeHetzner) + ACMEDns01ProviderTypeHuaweiCloud = ACMEDns01ProviderType(AccessProviderTypeHuaweiCloud) // 兼容旧值,等同于 [ACMEDns01ProviderTypeHuaweiCloudDNS] + ACMEDns01ProviderTypeHuaweiCloudDNS = ACMEDns01ProviderType(AccessProviderTypeHuaweiCloud + "-dns") + ACMEDns01ProviderTypeJDCloud = ACMEDns01ProviderType(AccessProviderTypeJDCloud) // 兼容旧值,等同于 [ACMEDns01ProviderTypeJDCloudDNS] + ACMEDns01ProviderTypeJDCloudDNS = ACMEDns01ProviderType(AccessProviderTypeJDCloud + "-dns") + ACMEDns01ProviderTypeNamecheap = ACMEDns01ProviderType(AccessProviderTypeNamecheap) + ACMEDns01ProviderTypeNameDotCom = ACMEDns01ProviderType(AccessProviderTypeNameDotCom) + ACMEDns01ProviderTypeNameSilo = ACMEDns01ProviderType(AccessProviderTypeNameSilo) + ACMEDns01ProviderTypeNetcup = ACMEDns01ProviderType(AccessProviderTypeNetcup) + ACMEDns01ProviderTypeNetlify = ACMEDns01ProviderType(AccessProviderTypeNetlify) + ACMEDns01ProviderTypeNS1 = ACMEDns01ProviderType(AccessProviderTypeNS1) + ACMEDns01ProviderTypePorkbun = ACMEDns01ProviderType(AccessProviderTypePorkbun) + ACMEDns01ProviderTypePowerDNS = ACMEDns01ProviderType(AccessProviderTypePowerDNS) + ACMEDns01ProviderTypeRainYun = ACMEDns01ProviderType(AccessProviderTypeRainYun) + ACMEDns01ProviderTypeTencentCloud = ACMEDns01ProviderType(AccessProviderTypeTencentCloud) // 兼容旧值,等同于 [ACMEDns01ProviderTypeTencentCloudDNS] + ACMEDns01ProviderTypeTencentCloudDNS = ACMEDns01ProviderType(AccessProviderTypeTencentCloud + "-dns") + ACMEDns01ProviderTypeTencentCloudEO = ACMEDns01ProviderType(AccessProviderTypeTencentCloud + "-eo") + ACMEDns01ProviderTypeUCloudUDNR = ACMEDns01ProviderType(AccessProviderTypeUCloud + "-udnr") + ACMEDns01ProviderTypeVercel = ACMEDns01ProviderType(AccessProviderTypeVercel) + ACMEDns01ProviderTypeVolcEngine = ACMEDns01ProviderType(AccessProviderTypeVolcEngine) // 兼容旧值,等同于 [ACMEDns01ProviderTypeVolcEngineDNS] + ACMEDns01ProviderTypeVolcEngineDNS = ACMEDns01ProviderType(AccessProviderTypeVolcEngine + "-dns") + ACMEDns01ProviderTypeWestcn = ACMEDns01ProviderType(AccessProviderTypeWestcn) ) type DeploymentProviderType string @@ -193,6 +197,7 @@ const ( DeploymentProviderTypeAliyunOSS = DeploymentProviderType(AccessProviderTypeAliyun + "-oss") DeploymentProviderTypeAliyunVOD = DeploymentProviderType(AccessProviderTypeAliyun + "-vod") DeploymentProviderTypeAliyunWAF = DeploymentProviderType(AccessProviderTypeAliyun + "-waf") + DeploymentProviderTypeAPISIX = DeploymentProviderType(AccessProviderTypeAWS + "-apisix") DeploymentProviderTypeAWSACM = DeploymentProviderType(AccessProviderTypeAWS + "-acm") DeploymentProviderTypeAWSCloudFront = DeploymentProviderType(AccessProviderTypeAWS + "-cloudfront") DeploymentProviderTypeAWSIAM = DeploymentProviderType(AccessProviderTypeAWS + "-iam") @@ -210,6 +215,12 @@ const ( DeploymentProviderTypeBytePlusCDN = DeploymentProviderType(AccessProviderTypeBytePlus + "-cdn") DeploymentProviderTypeCacheFly = DeploymentProviderType(AccessProviderTypeCacheFly) DeploymentProviderTypeCdnfly = DeploymentProviderType(AccessProviderTypeCdnfly) + DeploymentProviderTypeCTCCCloudAO = DeploymentProviderType(AccessProviderTypeCTCCCloud + "-ao") + DeploymentProviderTypeCTCCCloudCDN = DeploymentProviderType(AccessProviderTypeCTCCCloud + "-cdn") + DeploymentProviderTypeCTCCCloudCMS = DeploymentProviderType(AccessProviderTypeCTCCCloud + "-cms") + DeploymentProviderTypeCTCCCloudELB = DeploymentProviderType(AccessProviderTypeCTCCCloud + "-elb") + DeploymentProviderTypeCTCCCloudICDN = DeploymentProviderType(AccessProviderTypeCTCCCloud + "-icdn") + DeploymentProviderTypeCTCCCloudLVDN = DeploymentProviderType(AccessProviderTypeCTCCCloud + "-ldvn") DeploymentProviderTypeDogeCloudCDN = DeploymentProviderType(AccessProviderTypeDogeCloud + "-cdn") DeploymentProviderTypeEdgioApplications = DeploymentProviderType(AccessProviderTypeEdgio + "-applications") DeploymentProviderTypeFlexCDN = DeploymentProviderType(AccessProviderTypeFlexCDN) @@ -242,6 +253,7 @@ const ( DeploymentProviderTypeTencentCloudCSS = DeploymentProviderType(AccessProviderTypeTencentCloud + "-css") DeploymentProviderTypeTencentCloudECDN = DeploymentProviderType(AccessProviderTypeTencentCloud + "-ecdn") DeploymentProviderTypeTencentCloudEO = DeploymentProviderType(AccessProviderTypeTencentCloud + "-eo") + DeploymentProviderTypeTencentCloudGAAP = DeploymentProviderType(AccessProviderTypeTencentCloud + "-gaap") DeploymentProviderTypeTencentCloudSCF = DeploymentProviderType(AccessProviderTypeTencentCloud + "-scf") DeploymentProviderTypeTencentCloudSSL = DeploymentProviderType(AccessProviderTypeTencentCloud + "-ssl") DeploymentProviderTypeTencentCloudSSLDeploy = DeploymentProviderType(AccessProviderTypeTencentCloud + "-ssldeploy") diff --git a/internal/domain/workflow.go b/internal/domain/workflow.go index 256ad08d..50997019 100644 --- a/internal/domain/workflow.go +++ b/internal/domain/workflow.go @@ -4,8 +4,8 @@ import ( "encoding/json" "time" - "github.com/usual2970/certimate/internal/domain/expr" - maputil "github.com/usual2970/certimate/internal/pkg/utils/map" + "github.com/certimate-go/certimate/internal/domain/expr" + xmaps "github.com/certimate-go/certimate/pkg/utils/maps" ) const CollectionNameWorkflow = "workflow" @@ -121,62 +121,62 @@ type WorkflowNodeConfigForCondition struct { func (n *WorkflowNode) GetConfigForApply() WorkflowNodeConfigForApply { return WorkflowNodeConfigForApply{ - Domains: maputil.GetString(n.Config, "domains"), - ContactEmail: maputil.GetString(n.Config, "contactEmail"), - Provider: maputil.GetString(n.Config, "provider"), - ProviderAccessId: maputil.GetString(n.Config, "providerAccessId"), - ProviderConfig: maputil.GetKVMapAny(n.Config, "providerConfig"), - CAProvider: maputil.GetString(n.Config, "caProvider"), - CAProviderAccessId: maputil.GetString(n.Config, "caProviderAccessId"), - CAProviderConfig: maputil.GetKVMapAny(n.Config, "caProviderConfig"), - KeyAlgorithm: maputil.GetOrDefaultString(n.Config, "keyAlgorithm", string(CertificateKeyAlgorithmTypeRSA2048)), - Nameservers: maputil.GetString(n.Config, "nameservers"), - DnsPropagationWait: maputil.GetInt32(n.Config, "dnsPropagationWait"), - DnsPropagationTimeout: maputil.GetInt32(n.Config, "dnsPropagationTimeout"), - DnsTTL: maputil.GetInt32(n.Config, "dnsTTL"), - DisableFollowCNAME: maputil.GetBool(n.Config, "disableFollowCNAME"), - DisableARI: maputil.GetBool(n.Config, "disableARI"), - SkipBeforeExpiryDays: maputil.GetOrDefaultInt32(n.Config, "skipBeforeExpiryDays", 30), + Domains: xmaps.GetString(n.Config, "domains"), + ContactEmail: xmaps.GetString(n.Config, "contactEmail"), + Provider: xmaps.GetString(n.Config, "provider"), + ProviderAccessId: xmaps.GetString(n.Config, "providerAccessId"), + ProviderConfig: xmaps.GetKVMapAny(n.Config, "providerConfig"), + CAProvider: xmaps.GetString(n.Config, "caProvider"), + CAProviderAccessId: xmaps.GetString(n.Config, "caProviderAccessId"), + CAProviderConfig: xmaps.GetKVMapAny(n.Config, "caProviderConfig"), + KeyAlgorithm: xmaps.GetOrDefaultString(n.Config, "keyAlgorithm", string(CertificateKeyAlgorithmTypeRSA2048)), + Nameservers: xmaps.GetString(n.Config, "nameservers"), + DnsPropagationWait: xmaps.GetInt32(n.Config, "dnsPropagationWait"), + DnsPropagationTimeout: xmaps.GetInt32(n.Config, "dnsPropagationTimeout"), + DnsTTL: xmaps.GetInt32(n.Config, "dnsTTL"), + DisableFollowCNAME: xmaps.GetBool(n.Config, "disableFollowCNAME"), + DisableARI: xmaps.GetBool(n.Config, "disableARI"), + SkipBeforeExpiryDays: xmaps.GetOrDefaultInt32(n.Config, "skipBeforeExpiryDays", 30), } } func (n *WorkflowNode) GetConfigForUpload() WorkflowNodeConfigForUpload { return WorkflowNodeConfigForUpload{ - Certificate: maputil.GetString(n.Config, "certificate"), - PrivateKey: maputil.GetString(n.Config, "privateKey"), - Domains: maputil.GetString(n.Config, "domains"), + Certificate: xmaps.GetString(n.Config, "certificate"), + PrivateKey: xmaps.GetString(n.Config, "privateKey"), + Domains: xmaps.GetString(n.Config, "domains"), } } func (n *WorkflowNode) GetConfigForMonitor() WorkflowNodeConfigForMonitor { - host := maputil.GetString(n.Config, "host") + host := xmaps.GetString(n.Config, "host") return WorkflowNodeConfigForMonitor{ Host: host, - Port: maputil.GetOrDefaultInt32(n.Config, "port", 443), - Domain: maputil.GetOrDefaultString(n.Config, "domain", host), - RequestPath: maputil.GetString(n.Config, "path"), + Port: xmaps.GetOrDefaultInt32(n.Config, "port", 443), + Domain: xmaps.GetOrDefaultString(n.Config, "domain", host), + RequestPath: xmaps.GetString(n.Config, "path"), } } func (n *WorkflowNode) GetConfigForDeploy() WorkflowNodeConfigForDeploy { return WorkflowNodeConfigForDeploy{ - Certificate: maputil.GetString(n.Config, "certificate"), - Provider: maputil.GetString(n.Config, "provider"), - ProviderAccessId: maputil.GetString(n.Config, "providerAccessId"), - ProviderConfig: maputil.GetKVMapAny(n.Config, "providerConfig"), - SkipOnLastSucceeded: maputil.GetBool(n.Config, "skipOnLastSucceeded"), + Certificate: xmaps.GetString(n.Config, "certificate"), + Provider: xmaps.GetString(n.Config, "provider"), + ProviderAccessId: xmaps.GetString(n.Config, "providerAccessId"), + ProviderConfig: xmaps.GetKVMapAny(n.Config, "providerConfig"), + SkipOnLastSucceeded: xmaps.GetBool(n.Config, "skipOnLastSucceeded"), } } func (n *WorkflowNode) GetConfigForNotify() WorkflowNodeConfigForNotify { return WorkflowNodeConfigForNotify{ - Channel: maputil.GetString(n.Config, "channel"), - Provider: maputil.GetString(n.Config, "provider"), - ProviderAccessId: maputil.GetString(n.Config, "providerAccessId"), - ProviderConfig: maputil.GetKVMapAny(n.Config, "providerConfig"), - Subject: maputil.GetString(n.Config, "subject"), - Message: maputil.GetString(n.Config, "message"), - SkipOnAllPrevSkipped: maputil.GetBool(n.Config, "skipOnAllPrevSkipped"), + Channel: xmaps.GetString(n.Config, "channel"), + Provider: xmaps.GetString(n.Config, "provider"), + ProviderAccessId: xmaps.GetString(n.Config, "providerAccessId"), + ProviderConfig: xmaps.GetKVMapAny(n.Config, "providerConfig"), + Subject: xmaps.GetString(n.Config, "subject"), + Message: xmaps.GetString(n.Config, "message"), + SkipOnAllPrevSkipped: xmaps.GetBool(n.Config, "skipOnAllPrevSkipped"), } } diff --git a/internal/notify/notifier.go b/internal/notify/notifier.go index 5e957841..975b7ab2 100644 --- a/internal/notify/notifier.go +++ b/internal/notify/notifier.go @@ -5,9 +5,9 @@ import ( "fmt" "log/slog" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/pkg/core/notifier" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" + "github.com/certimate-go/certimate/pkg/core" ) type Notifier interface { @@ -46,20 +46,22 @@ func NewWithWorkflowNode(config NotifierWithWorkflowNodeConfig) (Notifier, error } } - notifierProvider, err := createNotifierProvider(options) + notifier, err := createNotifierProvider(options) if err != nil { return nil, err + } else { + notifier.SetLogger(config.Logger) } return ¬ifierImpl{ - provider: notifierProvider.WithLogger(config.Logger), + provider: notifier, subject: config.Subject, message: config.Message, }, nil } type notifierImpl struct { - provider notifier.Notifier + provider core.Notifier subject string message string } diff --git a/internal/notify/notify.go b/internal/notify/notify.go index 92970341..c4af9e19 100644 --- a/internal/notify/notify.go +++ b/internal/notify/notify.go @@ -7,10 +7,10 @@ import ( "golang.org/x/sync/errgroup" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/pkg/core/notifier" - maputil "github.com/usual2970/certimate/internal/pkg/utils/map" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" + "github.com/certimate-go/certimate/pkg/core" + xmaps "github.com/certimate-go/certimate/pkg/utils/maps" ) // Deprecated: v0.4.x 将废弃 @@ -51,7 +51,7 @@ func SendToChannel(subject, message string, channel string, channelConfig map[st } // Deprecated: v0.4.x 将废弃 -func getEnabledNotifiers() ([]notifier.Notifier, error) { +func getEnabledNotifiers() ([]core.Notifier, error) { settingsRepo := repository.NewSettingsRepository() settings, err := settingsRepo.GetByName(context.Background(), "notifyChannels") if err != nil { @@ -63,9 +63,9 @@ func getEnabledNotifiers() ([]notifier.Notifier, error) { return nil, fmt.Errorf("unmarshal notifyChannels error: %w", err) } - notifiers := make([]notifier.Notifier, 0) + notifiers := make([]core.Notifier, 0) for k, v := range rs { - if !maputil.GetBool(v, "enabled") { + if !xmaps.GetBool(v, "enabled") { continue } diff --git a/internal/notify/providers.go b/internal/notify/providers.go index 7dc63465..872f5d26 100644 --- a/internal/notify/providers.go +++ b/internal/notify/providers.go @@ -4,19 +4,19 @@ import ( "fmt" "net/http" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/pkg/core/notifier" - pDingTalkBot "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/dingtalkbot" - pDiscordBot "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/discordbot" - pEmail "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/email" - pLarkBot "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/larkbot" - pMattermost "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/mattermost" - pSlackBot "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/slackbot" - pTelegramBot "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/telegrambot" - pWebhook "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/webhook" - pWeComBot "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/wecombot" - httputil "github.com/usual2970/certimate/internal/pkg/utils/http" - maputil "github.com/usual2970/certimate/internal/pkg/utils/map" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/pkg/core" + pDingTalkBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/dingtalkbot" + pDiscordBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/discordbot" + pEmail "github.com/certimate-go/certimate/pkg/core/notifier/providers/email" + pLarkBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/larkbot" + pMattermost "github.com/certimate-go/certimate/pkg/core/notifier/providers/mattermost" + pSlackBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/slackbot" + pTelegramBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/telegrambot" + pWebhook "github.com/certimate-go/certimate/pkg/core/notifier/providers/webhook" + pWeComBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/wecombot" + xhttp "github.com/certimate-go/certimate/pkg/utils/http" + xmaps "github.com/certimate-go/certimate/pkg/utils/maps" ) type notifierProviderOptions struct { @@ -25,7 +25,7 @@ type notifierProviderOptions struct { ProviderServiceConfig map[string]any } -func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier, error) { +func createNotifierProvider(options *notifierProviderOptions) (core.Notifier, error) { /* 注意:如果追加新的常量值,请保持以 ASCII 排序。 NOTICE: If you add new constant, please keep ASCII order. @@ -34,11 +34,11 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier case domain.NotificationProviderTypeDingTalkBot: { access := domain.AccessConfigForDingTalkBot{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - return pDingTalkBot.NewNotifier(&pDingTalkBot.NotifierConfig{ + return pDingTalkBot.NewNotifierProvider(&pDingTalkBot.NotifierProviderConfig{ WebhookUrl: access.WebhookUrl, Secret: access.Secret, }) @@ -47,42 +47,43 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier case domain.NotificationProviderTypeDiscordBot: { access := domain.AccessConfigForDiscordBot{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - return pDiscordBot.NewNotifier(&pDiscordBot.NotifierConfig{ + return pDiscordBot.NewNotifierProvider(&pDiscordBot.NotifierProviderConfig{ BotToken: access.BotToken, - ChannelId: maputil.GetOrDefaultString(options.ProviderServiceConfig, "channelId", access.DefaultChannelId), + ChannelId: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "channelId", access.DefaultChannelId), }) } case domain.NotificationProviderTypeEmail: { access := domain.AccessConfigForEmail{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - return pEmail.NewNotifier(&pEmail.NotifierConfig{ + return pEmail.NewNotifierProvider(&pEmail.NotifierProviderConfig{ SmtpHost: access.SmtpHost, SmtpPort: access.SmtpPort, SmtpTls: access.SmtpTls, Username: access.Username, Password: access.Password, - SenderAddress: maputil.GetOrDefaultString(options.ProviderServiceConfig, "senderAddress", access.DefaultSenderAddress), - ReceiverAddress: maputil.GetOrDefaultString(options.ProviderServiceConfig, "receiverAddress", access.DefaultReceiverAddress), + SenderAddress: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "senderAddress", access.DefaultSenderAddress), + SenderName: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "senderName", access.DefaultSenderName), + ReceiverAddress: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "receiverAddress", access.DefaultReceiverAddress), }) } case domain.NotificationProviderTypeLarkBot: { access := domain.AccessConfigForLarkBot{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - return pLarkBot.NewNotifier(&pLarkBot.NotifierConfig{ + return pLarkBot.NewNotifierProvider(&pLarkBot.NotifierProviderConfig{ WebhookUrl: access.WebhookUrl, }) } @@ -90,54 +91,54 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier case domain.NotificationProviderTypeMattermost: { access := domain.AccessConfigForMattermost{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - return pMattermost.NewNotifier(&pMattermost.NotifierConfig{ + return pMattermost.NewNotifierProvider(&pMattermost.NotifierProviderConfig{ ServerUrl: access.ServerUrl, Username: access.Username, Password: access.Password, - ChannelId: maputil.GetOrDefaultString(options.ProviderServiceConfig, "channelId", access.DefaultChannelId), + ChannelId: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "channelId", access.DefaultChannelId), }) } case domain.NotificationProviderTypeSlackBot: { access := domain.AccessConfigForSlackBot{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - return pSlackBot.NewNotifier(&pSlackBot.NotifierConfig{ + return pSlackBot.NewNotifierProvider(&pSlackBot.NotifierProviderConfig{ BotToken: access.BotToken, - ChannelId: maputil.GetOrDefaultString(options.ProviderServiceConfig, "channelId", access.DefaultChannelId), + ChannelId: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "channelId", access.DefaultChannelId), }) } case domain.NotificationProviderTypeTelegramBot: { access := domain.AccessConfigForTelegramBot{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - return pTelegramBot.NewNotifier(&pTelegramBot.NotifierConfig{ + return pTelegramBot.NewNotifierProvider(&pTelegramBot.NotifierProviderConfig{ BotToken: access.BotToken, - ChatId: maputil.GetOrDefaultInt64(options.ProviderServiceConfig, "chatId", access.DefaultChatId), + ChatId: xmaps.GetOrDefaultInt64(options.ProviderServiceConfig, "chatId", access.DefaultChatId), }) } case domain.NotificationProviderTypeWebhook: { access := domain.AccessConfigForWebhook{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } mergedHeaders := make(map[string]string) if defaultHeadersString := access.HeadersString; defaultHeadersString != "" { - h, err := httputil.ParseHeaders(defaultHeadersString) + h, err := xhttp.ParseHeaders(defaultHeadersString) if err != nil { return nil, fmt.Errorf("failed to parse webhook headers: %w", err) } @@ -145,8 +146,8 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier mergedHeaders[http.CanonicalHeaderKey(key)] = h.Get(key) } } - if extendedHeadersString := maputil.GetString(options.ProviderServiceConfig, "headers"); extendedHeadersString != "" { - h, err := httputil.ParseHeaders(extendedHeadersString) + if extendedHeadersString := xmaps.GetString(options.ProviderServiceConfig, "headers"); extendedHeadersString != "" { + h, err := xhttp.ParseHeaders(extendedHeadersString) if err != nil { return nil, fmt.Errorf("failed to parse webhook headers: %w", err) } @@ -155,9 +156,9 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier } } - return pWebhook.NewNotifier(&pWebhook.NotifierConfig{ + return pWebhook.NewNotifierProvider(&pWebhook.NotifierProviderConfig{ WebhookUrl: access.Url, - WebhookData: maputil.GetOrDefaultString(options.ProviderServiceConfig, "webhookData", access.DefaultDataForNotification), + WebhookData: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "webhookData", access.DefaultDataForNotification), Method: access.Method, Headers: mergedHeaders, AllowInsecureConnections: access.AllowInsecureConnections, @@ -167,11 +168,11 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier case domain.NotificationProviderTypeWeComBot: { access := domain.AccessConfigForWeComBot{} - if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil { + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { return nil, fmt.Errorf("failed to populate provider access config: %w", err) } - return pWeComBot.NewNotifier(&pWeComBot.NotifierConfig{ + return pWeComBot.NewNotifierProvider(&pWeComBot.NotifierProviderConfig{ WebhookUrl: access.WebhookUrl, }) } diff --git a/internal/notify/providers_deprecated.go b/internal/notify/providers_deprecated.go index d2d926a6..00855dc8 100644 --- a/internal/notify/providers_deprecated.go +++ b/internal/notify/providers_deprecated.go @@ -3,104 +3,104 @@ package notify import ( "fmt" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/pkg/core/notifier" - pBark "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/bark" - pDingTalk "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/dingtalkbot" - pEmail "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/email" - pGotify "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/gotify" - pLark "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/larkbot" - pMattermost "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/mattermost" - pPushover "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/pushover" - pPushPlus "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/pushplus" - pServerChan "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/serverchan" - pTelegram "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/telegrambot" - pWebhook "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/webhook" - pWeCom "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/wecombot" - maputil "github.com/usual2970/certimate/internal/pkg/utils/map" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/pkg/core" + pBark "github.com/certimate-go/certimate/pkg/core/notifier/providers/bark" + pDingTalk "github.com/certimate-go/certimate/pkg/core/notifier/providers/dingtalkbot" + pEmail "github.com/certimate-go/certimate/pkg/core/notifier/providers/email" + pGotify "github.com/certimate-go/certimate/pkg/core/notifier/providers/gotify" + pLark "github.com/certimate-go/certimate/pkg/core/notifier/providers/larkbot" + pMattermost "github.com/certimate-go/certimate/pkg/core/notifier/providers/mattermost" + pPushover "github.com/certimate-go/certimate/pkg/core/notifier/providers/pushover" + pPushPlus "github.com/certimate-go/certimate/pkg/core/notifier/providers/pushplus" + pServerChan "github.com/certimate-go/certimate/pkg/core/notifier/providers/serverchan" + pTelegram "github.com/certimate-go/certimate/pkg/core/notifier/providers/telegrambot" + pWebhook "github.com/certimate-go/certimate/pkg/core/notifier/providers/webhook" + pWeCom "github.com/certimate-go/certimate/pkg/core/notifier/providers/wecombot" + xmaps "github.com/certimate-go/certimate/pkg/utils/maps" ) // Deprecated: v0.4.x 将废弃 -func createNotifierProviderUseGlobalSettings(channel domain.NotifyChannelType, channelConfig map[string]any) (notifier.Notifier, error) { +func createNotifierProviderUseGlobalSettings(channel domain.NotifyChannelType, channelConfig map[string]any) (core.Notifier, error) { /* 注意:如果追加新的常量值,请保持以 ASCII 排序。 NOTICE: If you add new constant, please keep ASCII order. */ switch channel { case domain.NotifyChannelTypeBark: - return pBark.NewNotifier(&pBark.NotifierConfig{ - DeviceKey: maputil.GetString(channelConfig, "deviceKey"), - ServerUrl: maputil.GetString(channelConfig, "serverUrl"), + return pBark.NewNotifierProvider(&pBark.NotifierProviderConfig{ + DeviceKey: xmaps.GetString(channelConfig, "deviceKey"), + ServerUrl: xmaps.GetString(channelConfig, "serverUrl"), }) case domain.NotifyChannelTypeDingTalk: - return pDingTalk.NewNotifier(&pDingTalk.NotifierConfig{ - WebhookUrl: "https://oapi.dingtalk.com/robot/send?access_token=" + maputil.GetString(channelConfig, "accessToken"), - Secret: maputil.GetString(channelConfig, "secret"), + return pDingTalk.NewNotifierProvider(&pDingTalk.NotifierProviderConfig{ + WebhookUrl: "https://oapi.dingtalk.com/robot/send?access_token=" + xmaps.GetString(channelConfig, "accessToken"), + Secret: xmaps.GetString(channelConfig, "secret"), }) case domain.NotifyChannelTypeEmail: - return pEmail.NewNotifier(&pEmail.NotifierConfig{ - SmtpHost: maputil.GetString(channelConfig, "smtpHost"), - SmtpPort: maputil.GetInt32(channelConfig, "smtpPort"), - SmtpTls: maputil.GetOrDefaultBool(channelConfig, "smtpTLS", true), - Username: maputil.GetOrDefaultString(channelConfig, "username", maputil.GetString(channelConfig, "senderAddress")), - Password: maputil.GetString(channelConfig, "password"), - SenderAddress: maputil.GetString(channelConfig, "senderAddress"), - ReceiverAddress: maputil.GetString(channelConfig, "receiverAddress"), + return pEmail.NewNotifierProvider(&pEmail.NotifierProviderConfig{ + SmtpHost: xmaps.GetString(channelConfig, "smtpHost"), + SmtpPort: xmaps.GetInt32(channelConfig, "smtpPort"), + SmtpTls: xmaps.GetOrDefaultBool(channelConfig, "smtpTLS", true), + Username: xmaps.GetOrDefaultString(channelConfig, "username", xmaps.GetString(channelConfig, "senderAddress")), + Password: xmaps.GetString(channelConfig, "password"), + SenderAddress: xmaps.GetString(channelConfig, "senderAddress"), + ReceiverAddress: xmaps.GetString(channelConfig, "receiverAddress"), }) case domain.NotifyChannelTypeGotify: - return pGotify.NewNotifier(&pGotify.NotifierConfig{ - ServerUrl: maputil.GetString(channelConfig, "url"), - Token: maputil.GetString(channelConfig, "token"), - Priority: maputil.GetOrDefaultInt64(channelConfig, "priority", 1), + return pGotify.NewNotifierProvider(&pGotify.NotifierProviderConfig{ + ServerUrl: xmaps.GetString(channelConfig, "url"), + Token: xmaps.GetString(channelConfig, "token"), + Priority: xmaps.GetOrDefaultInt64(channelConfig, "priority", 1), }) case domain.NotifyChannelTypeLark: - return pLark.NewNotifier(&pLark.NotifierConfig{ - WebhookUrl: maputil.GetString(channelConfig, "webhookUrl"), + return pLark.NewNotifierProvider(&pLark.NotifierProviderConfig{ + WebhookUrl: xmaps.GetString(channelConfig, "webhookUrl"), }) case domain.NotifyChannelTypeMattermost: - return pMattermost.NewNotifier(&pMattermost.NotifierConfig{ - ServerUrl: maputil.GetString(channelConfig, "serverUrl"), - ChannelId: maputil.GetString(channelConfig, "channelId"), - Username: maputil.GetString(channelConfig, "username"), - Password: maputil.GetString(channelConfig, "password"), + return pMattermost.NewNotifierProvider(&pMattermost.NotifierProviderConfig{ + ServerUrl: xmaps.GetString(channelConfig, "serverUrl"), + ChannelId: xmaps.GetString(channelConfig, "channelId"), + Username: xmaps.GetString(channelConfig, "username"), + Password: xmaps.GetString(channelConfig, "password"), }) case domain.NotifyChannelTypePushover: - return pPushover.NewNotifier(&pPushover.NotifierConfig{ - Token: maputil.GetString(channelConfig, "token"), - User: maputil.GetString(channelConfig, "user"), + return pPushover.NewNotifierProvider(&pPushover.NotifierProviderConfig{ + Token: xmaps.GetString(channelConfig, "token"), + User: xmaps.GetString(channelConfig, "user"), }) case domain.NotifyChannelTypePushPlus: - return pPushPlus.NewNotifier(&pPushPlus.NotifierConfig{ - Token: maputil.GetString(channelConfig, "token"), + return pPushPlus.NewNotifierProvider(&pPushPlus.NotifierProviderConfig{ + Token: xmaps.GetString(channelConfig, "token"), }) case domain.NotifyChannelTypeServerChan: - return pServerChan.NewNotifier(&pServerChan.NotifierConfig{ - ServerUrl: maputil.GetString(channelConfig, "url"), + return pServerChan.NewNotifierProvider(&pServerChan.NotifierProviderConfig{ + ServerUrl: xmaps.GetString(channelConfig, "url"), }) case domain.NotifyChannelTypeTelegram: - return pTelegram.NewNotifier(&pTelegram.NotifierConfig{ - BotToken: maputil.GetString(channelConfig, "apiToken"), - ChatId: maputil.GetInt64(channelConfig, "chatId"), + return pTelegram.NewNotifierProvider(&pTelegram.NotifierProviderConfig{ + BotToken: xmaps.GetString(channelConfig, "apiToken"), + ChatId: xmaps.GetInt64(channelConfig, "chatId"), }) case domain.NotifyChannelTypeWebhook: - return pWebhook.NewNotifier(&pWebhook.NotifierConfig{ - WebhookUrl: maputil.GetString(channelConfig, "url"), - AllowInsecureConnections: maputil.GetBool(channelConfig, "allowInsecureConnections"), + return pWebhook.NewNotifierProvider(&pWebhook.NotifierProviderConfig{ + WebhookUrl: xmaps.GetString(channelConfig, "url"), + AllowInsecureConnections: xmaps.GetBool(channelConfig, "allowInsecureConnections"), }) case domain.NotifyChannelTypeWeCom: - return pWeCom.NewNotifier(&pWeCom.NotifierConfig{ - WebhookUrl: maputil.GetString(channelConfig, "webhookUrl"), + return pWeCom.NewNotifierProvider(&pWeCom.NotifierProviderConfig{ + WebhookUrl: xmaps.GetString(channelConfig, "webhookUrl"), }) } diff --git a/internal/notify/service.go b/internal/notify/service.go index 1d1f6c25..26d5b856 100644 --- a/internal/notify/service.go +++ b/internal/notify/service.go @@ -4,8 +4,8 @@ import ( "context" "fmt" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/domain/dtos" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain/dtos" ) // Deprecated: v0.4.x 将废弃 diff --git a/internal/pkg/core/deployer/providers/1panel-console/1panel_console.go b/internal/pkg/core/deployer/providers/1panel-console/1panel_console.go deleted file mode 100644 index b1df4153..00000000 --- a/internal/pkg/core/deployer/providers/1panel-console/1panel_console.go +++ /dev/null @@ -1,104 +0,0 @@ -package onepanelconsole - -import ( - "context" - "crypto/tls" - "errors" - "fmt" - "log/slog" - "net/url" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - onepanelsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/1panel" -) - -type DeployerConfig struct { - // 1Panel 服务地址。 - ServerUrl string `json:"serverUrl"` - // 1Panel 版本。 - // 可取值 "v1"、"v2"。 - ApiVersion string `json:"apiVersion"` - // 1Panel 接口密钥。 - ApiKey string `json:"apiKey"` - // 是否允许不安全的连接。 - AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` - // 是否自动重启。 - AutoRestart bool `json:"autoRestart"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *onepanelsdk.Client -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ServerUrl, config.ApiVersion, config.ApiKey, config.AllowInsecureConnections) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 设置面板 SSL 证书 - updateSystemSSLReq := &onepanelsdk.UpdateSystemSSLRequest{ - Cert: certPEM, - Key: privkeyPEM, - SSL: "enable", - SSLType: "import-paste", - } - if d.config.AutoRestart { - updateSystemSSLReq.AutoRestart = "true" - } else { - updateSystemSSLReq.AutoRestart = "false" - } - updateSystemSSLResp, err := d.sdkClient.UpdateSystemSSL(updateSystemSSLReq) - d.logger.Debug("sdk request '1panel.UpdateSystemSSL'", slog.Any("request", updateSystemSSLReq), slog.Any("response", updateSystemSSLResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request '1panel.UpdateSystemSSL': %w", err) - } - - return &deployer.DeployResult{}, nil -} - -func createSdkClient(serverUrl, apiVersion, apiKey string, skipTlsVerify bool) (*onepanelsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid 1panel server url") - } - - if apiVersion == "" { - return nil, errors.New("invalid 1panel api version") - } - - if apiKey == "" { - return nil, errors.New("invalid 1panel api key") - } - - client := onepanelsdk.NewClient(serverUrl, apiVersion, apiKey) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil -} diff --git a/internal/pkg/core/deployer/providers/1panel-site/1panel_site.go b/internal/pkg/core/deployer/providers/1panel-site/1panel_site.go deleted file mode 100644 index 0f721c3f..00000000 --- a/internal/pkg/core/deployer/providers/1panel-site/1panel_site.go +++ /dev/null @@ -1,200 +0,0 @@ -package onepanelsite - -import ( - "context" - "crypto/tls" - "errors" - "fmt" - "log/slog" - "net/url" - "strconv" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/1panel-ssl" - onepanelsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/1panel" -) - -type DeployerConfig struct { - // 1Panel 服务地址。 - ServerUrl string `json:"serverUrl"` - // 1Panel 版本。 - // 可取值 "v1"、"v2"。 - ApiVersion string `json:"apiVersion"` - // 1Panel 接口密钥。 - ApiKey string `json:"apiKey"` - // 是否允许不安全的连接。 - AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` - // 部署资源类型。 - ResourceType ResourceType `json:"resourceType"` - // 网站 ID。 - // 部署资源类型为 [RESOURCE_TYPE_WEBSITE] 时必填。 - WebsiteId int64 `json:"websiteId,omitempty"` - // 证书 ID。 - // 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时必填。 - CertificateId int64 `json:"certificateId,omitempty"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *onepanelsdk.Client - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ServerUrl, config.ApiVersion, config.ApiKey, config.AllowInsecureConnections) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - ServerUrl: config.ServerUrl, - ApiVersion: config.ApiVersion, - ApiKey: config.ApiKey, - AllowInsecureConnections: config.AllowInsecureConnections, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - d.sslUploader.WithLogger(logger) - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 根据部署资源类型决定部署方式 - switch d.config.ResourceType { - case RESOURCE_TYPE_WEBSITE: - if err := d.deployToWebsite(ctx, certPEM, privkeyPEM); err != nil { - return nil, err - } - - case RESOURCE_TYPE_CERTIFICATE: - if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil { - return nil, err - } - - default: - return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) - } - - return &deployer.DeployResult{}, nil -} - -func (d *DeployerProvider) deployToWebsite(ctx context.Context, certPEM string, privkeyPEM string) error { - if d.config.WebsiteId == 0 { - return errors.New("config `websiteId` is required") - } - - // 获取网站 HTTPS 配置 - getHttpsConfReq := &onepanelsdk.GetHttpsConfRequest{ - WebsiteID: d.config.WebsiteId, - } - getHttpsConfResp, err := d.sdkClient.GetHttpsConf(getHttpsConfReq) - d.logger.Debug("sdk request '1panel.GetHttpsConf'", slog.Any("request", getHttpsConfReq), slog.Any("response", getHttpsConfResp)) - if err != nil { - return fmt.Errorf("failed to execute sdk request '1panel.GetHttpsConf': %w", err) - } - - // 上传证书到面板 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - // 修改网站 HTTPS 配置 - certId, _ := strconv.ParseInt(upres.CertId, 10, 64) - updateHttpsConfReq := &onepanelsdk.UpdateHttpsConfRequest{ - WebsiteID: d.config.WebsiteId, - Type: "existed", - WebsiteSSLID: certId, - Enable: getHttpsConfResp.Data.Enable, - HttpConfig: getHttpsConfResp.Data.HttpConfig, - SSLProtocol: getHttpsConfResp.Data.SSLProtocol, - Algorithm: getHttpsConfResp.Data.Algorithm, - Hsts: getHttpsConfResp.Data.Hsts, - } - updateHttpsConfResp, err := d.sdkClient.UpdateHttpsConf(updateHttpsConfReq) - d.logger.Debug("sdk request '1panel.UpdateHttpsConf'", slog.Any("request", updateHttpsConfReq), slog.Any("response", updateHttpsConfResp)) - if err != nil { - return fmt.Errorf("failed to execute sdk request '1panel.UpdateHttpsConf': %w", err) - } - - return nil -} - -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { - if d.config.CertificateId == 0 { - return errors.New("config `certificateId` is required") - } - - // 获取证书详情 - getWebsiteSSLReq := &onepanelsdk.GetWebsiteSSLRequest{ - SSLID: d.config.CertificateId, - } - getWebsiteSSLResp, err := d.sdkClient.GetWebsiteSSL(getWebsiteSSLReq) - d.logger.Debug("sdk request '1panel.GetWebsiteSSL'", slog.Any("request", getWebsiteSSLReq), slog.Any("response", getWebsiteSSLResp)) - if err != nil { - return fmt.Errorf("failed to execute sdk request '1panel.GetWebsiteSSL': %w", err) - } - - // 更新证书 - uploadWebsiteSSLReq := &onepanelsdk.UploadWebsiteSSLRequest{ - Type: "paste", - SSLID: d.config.CertificateId, - Description: getWebsiteSSLResp.Data.Description, - Certificate: certPEM, - PrivateKey: privkeyPEM, - } - uploadWebsiteSSLResp, err := d.sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq) - d.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp)) - if err != nil { - return fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err) - } - - return nil -} - -func createSdkClient(serverUrl, apiVersion, apiKey string, skipTlsVerify bool) (*onepanelsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid 1panel server url") - } - - if apiVersion == "" { - return nil, errors.New("invalid 1panel api version") - } - - if apiKey == "" { - return nil, errors.New("invalid 1panel api key") - } - - client := onepanelsdk.NewClient(serverUrl, apiVersion, apiKey) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil -} diff --git a/internal/pkg/core/deployer/providers/aliyun-cas/aliyun_cas.go b/internal/pkg/core/deployer/providers/aliyun-cas/aliyun_cas.go deleted file mode 100644 index f1cc8811..00000000 --- a/internal/pkg/core/deployer/providers/aliyun-cas/aliyun_cas.go +++ /dev/null @@ -1,74 +0,0 @@ -package aliyuncas - -import ( - "context" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" -) - -type DeployerConfig struct { - // 阿里云 AccessKeyId。 - AccessKeyId string `json:"accessKeyId"` - // 阿里云 AccessKeySecret。 - AccessKeySecret string `json:"accessKeySecret"` - // 阿里云资源组 ID。 - ResourceGroupId string `json:"resourceGroupId,omitempty"` - // 阿里云地域。 - Region string `json:"region"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKeyId: config.AccessKeyId, - AccessKeySecret: config.AccessKeySecret, - ResourceGroupId: config.ResourceGroupId, - Region: config.Region, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - d.sslUploader.WithLogger(logger) - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/aws-iam/aws_iam.go b/internal/pkg/core/deployer/providers/aws-iam/aws_iam.go deleted file mode 100644 index ef6440d3..00000000 --- a/internal/pkg/core/deployer/providers/aws-iam/aws_iam.go +++ /dev/null @@ -1,75 +0,0 @@ -package awsiam - -import ( - "context" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aws-iam" -) - -type DeployerConfig struct { - // AWS AccessKeyId。 - AccessKeyId string `json:"accessKeyId"` - // AWS SecretAccessKey。 - SecretAccessKey string `json:"secretAccessKey"` - // AWS 区域。 - Region string `json:"region"` - // IAM 证书路径。 - // 选填。 - CertificatePath string `json:"certificatePath,omitempty"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKeyId: config.AccessKeyId, - SecretAccessKey: config.SecretAccessKey, - Region: config.Region, - CertificatePath: config.CertificatePath, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - d.sslUploader.WithLogger(logger) - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 IAM - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/baiducloud-cert/baiducloud_cert.go b/internal/pkg/core/deployer/providers/baiducloud-cert/baiducloud_cert.go deleted file mode 100644 index f2295593..00000000 --- a/internal/pkg/core/deployer/providers/baiducloud-cert/baiducloud_cert.go +++ /dev/null @@ -1,67 +0,0 @@ -package baiducloudcert - -import ( - "context" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/baiducloud-cert" -) - -type DeployerConfig struct { - // 百度智能云 AccessKeyId。 - AccessKeyId string `json:"accessKeyId"` - // 百度智能云 SecretAccessKey。 - SecretAccessKey string `json:"secretAccessKey"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKeyId: config.AccessKeyId, - SecretAccessKey: config.SecretAccessKey, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/baotawaf-console/baotawaf_console.go b/internal/pkg/core/deployer/providers/baotawaf-console/baotawaf_console.go deleted file mode 100644 index dbdbf811..00000000 --- a/internal/pkg/core/deployer/providers/baotawaf-console/baotawaf_console.go +++ /dev/null @@ -1,88 +0,0 @@ -package baotapanelconsole - -import ( - "context" - "crypto/tls" - "errors" - "fmt" - "log/slog" - "net/url" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - btsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/btwaf" -) - -type DeployerConfig struct { - // 堡塔云 WAF 服务地址。 - ServerUrl string `json:"serverUrl"` - // 堡塔云 WAF 接口密钥。 - ApiKey string `json:"apiKey"` - // 是否允许不安全的连接。 - AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *btsdk.Client -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 设置面板 SSL - configSetSSLReq := &btsdk.ConfigSetSSLRequest{ - CertContent: certPEM, - KeyContent: privkeyPEM, - } - configSetSSLResp, err := d.sdkClient.ConfigSetSSL(configSetSSLReq) - d.logger.Debug("sdk request 'bt.ConfigSetSSL'", slog.Any("request", configSetSSLReq), slog.Any("response", configSetSSLResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'bt.ConfigSetSSL': %w", err) - } - - return &deployer.DeployResult{}, nil -} - -func createSdkClient(serverUrl, apiKey string, skipTlsVerify bool) (*btsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid baota server url") - } - - if apiKey == "" { - return nil, errors.New("invalid baota api key") - } - - client := btsdk.NewClient(serverUrl, apiKey) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil -} diff --git a/internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn.go b/internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn.go deleted file mode 100644 index cdc39baa..00000000 --- a/internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn.go +++ /dev/null @@ -1,66 +0,0 @@ -package bunnycdn - -import ( - "context" - "encoding/base64" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - bunnysdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/bunny" -) - -type DeployerConfig struct { - // Bunny API Key。 - ApiKey string `json:"apiKey"` - // Bunny Pull Zone ID。 - PullZoneId string `json:"pullZoneId"` - // Bunny CDN Hostname(支持泛域名)。 - Hostname string `json:"hostname"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *bunnysdk.Client -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: bunnysdk.NewClient(config.ApiKey), - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书 - createCertificateReq := &bunnysdk.AddCustomCertificateRequest{ - Hostname: d.config.Hostname, - PullZoneId: d.config.PullZoneId, - Certificate: base64.StdEncoding.EncodeToString([]byte(certPEM)), - CertificateKey: base64.StdEncoding.EncodeToString([]byte(privkeyPEM)), - } - createCertificateResp, err := d.sdkClient.AddCustomCertificate(createCertificateReq) - d.logger.Debug("sdk request 'bunny.AddCustomCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'bunny.AddCustomCertificate': %w", err) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/cachefly/cachefly.go b/internal/pkg/core/deployer/providers/cachefly/cachefly.go deleted file mode 100644 index fa1cce13..00000000 --- a/internal/pkg/core/deployer/providers/cachefly/cachefly.go +++ /dev/null @@ -1,75 +0,0 @@ -package cachefly - -import ( - "context" - "errors" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - cfsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/cachefly" -) - -type DeployerConfig struct { - // CacheFly API Token。 - ApiToken string `json:"apiToken"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *cfsdk.Client -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ApiToken) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书 - // REF: https://api.cachefly.com/api/2.5/docs#tag/Certificates/paths/~1certificates/post - createCertificateReq := &cfsdk.CreateCertificateRequest{ - Certificate: certPEM, - CertificateKey: privkeyPEM, - } - createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) - d.logger.Debug("sdk request 'cachefly.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'cachefly.CreateCertificate': %w", err) - } - - return &deployer.DeployResult{}, nil -} - -func createSdkClient(apiToken string) (*cfsdk.Client, error) { - if apiToken == "" { - return nil, errors.New("invalid cachefly api token") - } - - client := cfsdk.NewClient(apiToken) - return client, nil -} diff --git a/internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn.go b/internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn.go deleted file mode 100644 index 9401285f..00000000 --- a/internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn.go +++ /dev/null @@ -1,85 +0,0 @@ -package dogecloudcdn - -import ( - "context" - "fmt" - "log/slog" - "strconv" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/dogecloud" - dogesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/dogecloud" -) - -type DeployerConfig struct { - // 多吉云 AccessKey。 - AccessKey string `json:"accessKey"` - // 多吉云 SecretKey。 - SecretKey string `json:"secretKey"` - // 加速域名(不支持泛域名)。 - Domain string `json:"domain"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *dogesdk.Client - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client := dogesdk.NewClient(config.AccessKey, config.SecretKey) - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKey: config.AccessKey, - SecretKey: config.SecretKey, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - d.sslUploader.WithLogger(logger) - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CDN - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - // 绑定证书 - // REF: https://docs.dogecloud.com/cdn/api-cert-bind - bindCdnCertId, _ := strconv.ParseInt(upres.CertId, 10, 64) - bindCdnCertResp, err := d.sdkClient.BindCdnCertWithDomain(bindCdnCertId, d.config.Domain) - d.logger.Debug("sdk request 'cdn.BindCdnCert'", slog.Int64("request.certId", bindCdnCertId), slog.String("request.domain", d.config.Domain), slog.Any("response", bindCdnCertResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'cdn.BindCdnCert': %w", err) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/huaweicloud-scm/huaweicloud_scm.go b/internal/pkg/core/deployer/providers/huaweicloud-scm/huaweicloud_scm.go deleted file mode 100644 index 0ba5816a..00000000 --- a/internal/pkg/core/deployer/providers/huaweicloud-scm/huaweicloud_scm.go +++ /dev/null @@ -1,71 +0,0 @@ -package huaweicloudscm - -import ( - "context" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-scm" -) - -type DeployerConfig struct { - // 华为云 AccessKeyId。 - AccessKeyId string `json:"accessKeyId"` - // 华为云 SecretAccessKey。 - SecretAccessKey string `json:"secretAccessKey"` - // 华为云企业项目 ID。 - EnterpriseProjectId string `json:"enterpriseProjectId,omitempty"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKeyId: config.AccessKeyId, - SecretAccessKey: config.SecretAccessKey, - EnterpriseProjectId: config.EnterpriseProjectId, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - d.sslUploader.WithLogger(logger) - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SCM - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/lecdn/lecdn.go b/internal/pkg/core/deployer/providers/lecdn/lecdn.go deleted file mode 100644 index 4d9f4302..00000000 --- a/internal/pkg/core/deployer/providers/lecdn/lecdn.go +++ /dev/null @@ -1,176 +0,0 @@ -package lecdn - -import ( - "context" - "crypto/tls" - "errors" - "fmt" - "log/slog" - "net/url" - "time" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - leclientsdkv3 "github.com/usual2970/certimate/internal/pkg/sdk3rd/lecdn/v3/client" - lemastersdkv3 "github.com/usual2970/certimate/internal/pkg/sdk3rd/lecdn/v3/master" -) - -type DeployerConfig struct { - // LeCDN 服务地址。 - ServerUrl string `json:"serverUrl"` - // LeCDN 版本。 - // 可取值 "v3"。 - ApiVersion string `json:"apiVersion"` - // LeCDN 用户角色。 - // 可取值 "client"、"master"。 - ApiRole string `json:"apiRole"` - // LeCDN 用户名。 - Username string `json:"accessKeyId"` - // LeCDN 用户密码。 - Password string `json:"accessKey"` - // 是否允许不安全的连接。 - AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` - // 部署资源类型。 - ResourceType ResourceType `json:"resourceType"` - // 证书 ID。 - // 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时必填。 - CertificateId int64 `json:"certificateId,omitempty"` - // 客户 ID。 - // 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时选填。 - ClientId int64 `json:"clientId,omitempty"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient interface{} -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -const ( - apiVersionV3 = "v3" - - apiRoleClient = "client" - apiRoleMaster = "master" -) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ServerUrl, config.ApiVersion, config.ApiRole, config.Username, config.Password, config.AllowInsecureConnections) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 根据部署资源类型决定部署方式 - switch d.config.ResourceType { - case RESOURCE_TYPE_CERTIFICATE: - if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil { - return nil, err - } - - default: - return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) - } - - return &deployer.DeployResult{}, nil -} - -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { - if d.config.CertificateId == 0 { - return errors.New("config `certificateId` is required") - } - - // 修改证书 - // REF: https://wdk0pwf8ul.feishu.cn/wiki/YE1XwCRIHiLYeKkPupgcXrlgnDd - switch sdkClient := d.sdkClient.(type) { - case *leclientsdkv3.Client: - updateSSLCertReq := &leclientsdkv3.UpdateCertificateRequest{ - Name: fmt.Sprintf("certimate-%d", time.Now().UnixMilli()), - Description: "upload from certimate", - Type: "upload", - SSLPEM: certPEM, - SSLKey: privkeyPEM, - AutoRenewal: false, - } - updateSSLCertResp, err := sdkClient.UpdateCertificate(d.config.CertificateId, updateSSLCertReq) - d.logger.Debug("sdk request 'lecdn.UpdateCertificate'", slog.Int64("certId", d.config.CertificateId), slog.Any("request", updateSSLCertReq), slog.Any("response", updateSSLCertResp)) - if err != nil { - return fmt.Errorf("failed to execute sdk request 'lecdn.UpdateCertificate': %w", err) - } - - case *lemastersdkv3.Client: - updateSSLCertReq := &lemastersdkv3.UpdateCertificateRequest{ - ClientId: d.config.ClientId, - Name: fmt.Sprintf("certimate-%d", time.Now().UnixMilli()), - Description: "upload from certimate", - Type: "upload", - SSLPEM: certPEM, - SSLKey: privkeyPEM, - AutoRenewal: false, - } - updateSSLCertResp, err := sdkClient.UpdateCertificate(d.config.CertificateId, updateSSLCertReq) - d.logger.Debug("sdk request 'lecdn.UpdateCertificate'", slog.Int64("certId", d.config.CertificateId), slog.Any("request", updateSSLCertReq), slog.Any("response", updateSSLCertResp)) - if err != nil { - return fmt.Errorf("failed to execute sdk request 'lecdn.UpdateCertificate': %w", err) - } - - default: - panic("sdk client is not implemented") - } - - return nil -} - -func createSdkClient(serverUrl, apiVersion, apiRole, username, password string, skipTlsVerify bool) (interface{}, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid lecdn server url") - } - - if username == "" { - return nil, errors.New("invalid lecdn username") - } - - if password == "" { - return nil, errors.New("invalid lecdn password") - } - - if apiVersion == apiVersionV3 && apiRole == apiRoleClient { - // v3 版客户端 - client := leclientsdkv3.NewClient(serverUrl, username, password) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil - } else if apiVersion == apiVersionV3 && apiRole == apiRoleMaster { - // v3 版主控端 - client := lemastersdkv3.NewClient(serverUrl, username, password) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil - } - - return nil, fmt.Errorf("invalid lecdn api version or user role") -} diff --git a/internal/pkg/core/deployer/providers/rainyun-rcdn/rainyun_rcdn.go b/internal/pkg/core/deployer/providers/rainyun-rcdn/rainyun_rcdn.go deleted file mode 100644 index 99321f82..00000000 --- a/internal/pkg/core/deployer/providers/rainyun-rcdn/rainyun_rcdn.go +++ /dev/null @@ -1,101 +0,0 @@ -package rainyunrcdn - -import ( - "context" - "errors" - "fmt" - "log/slog" - "strconv" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/rainyun-sslcenter" - rainyunsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/rainyun" -) - -type DeployerConfig struct { - // 雨云 API 密钥。 - ApiKey string `json:"apiKey"` - // RCDN 实例 ID。 - InstanceId int32 `json:"instanceId"` - // 加速域名(支持泛域名)。 - Domain string `json:"domain"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *rainyunsdk.Client - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ApiKey) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - ApiKey: config.ApiKey, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - d.sslUploader.WithLogger(logger) - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL 证书 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - // RCDN SSL 绑定域名 - // REF: https://apifox.com/apidoc/shared/a4595cc8-44c5-4678-a2a3-eed7738dab03/api-184214120 - certId, _ := strconv.Atoi(upres.CertId) - rcdnInstanceSslBindReq := &rainyunsdk.RcdnInstanceSslBindRequest{ - CertId: int32(certId), - Domains: []string{d.config.Domain}, - } - rcdnInstanceSslBindResp, err := d.sdkClient.RcdnInstanceSslBind(d.config.InstanceId, rcdnInstanceSslBindReq) - d.logger.Debug("sdk request 'rcdn.InstanceSslBind'", slog.Any("instanceId", d.config.InstanceId), slog.Any("request", rcdnInstanceSslBindReq), slog.Any("response", rcdnInstanceSslBindResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'rcdn.InstanceSslBind': %w", err) - } - - return &deployer.DeployResult{}, nil -} - -func createSdkClient(apiKey string) (*rainyunsdk.Client, error) { - if apiKey == "" { - return nil, errors.New("invalid rainyun api key") - } - - client := rainyunsdk.NewClient(apiKey) - return client, nil -} diff --git a/internal/pkg/core/deployer/providers/ratpanel-console/ratpanel_console.go b/internal/pkg/core/deployer/providers/ratpanel-console/ratpanel_console.go deleted file mode 100644 index 85e7f530..00000000 --- a/internal/pkg/core/deployer/providers/ratpanel-console/ratpanel_console.go +++ /dev/null @@ -1,94 +0,0 @@ -package ratpanelconsole - -import ( - "context" - "crypto/tls" - "errors" - "fmt" - "log/slog" - "net/url" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - rpsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/ratpanel" -) - -type DeployerConfig struct { - // 耗子面板服务地址。 - ServerUrl string `json:"serverUrl"` - // 耗子面板访问令牌 ID。 - AccessTokenId int32 `json:"accessTokenId"` - // 耗子面板访问令牌。 - AccessToken string `json:"accessToken"` - // 是否允许不安全的连接。 - AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *rpsdk.Client -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ServerUrl, config.AccessTokenId, config.AccessToken, config.AllowInsecureConnections) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 设置面板 SSL 证书 - settingCertReq := &rpsdk.SettingCertRequest{ - Certificate: certPEM, - PrivateKey: privkeyPEM, - } - settingCertResp, err := d.sdkClient.SettingCert(settingCertReq) - d.logger.Debug("sdk request 'ratpanel.SettingCert'", slog.Any("request", settingCertReq), slog.Any("response", settingCertResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'ratpanel.SettingCert': %w", err) - } - - return &deployer.DeployResult{}, nil -} - -func createSdkClient(serverUrl string, accessTokenId int32, accessToken string, skipTlsVerify bool) (*rpsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid ratpanel server url") - } - - if accessTokenId == 0 { - return nil, errors.New("invalid ratpanel access token id") - } - - if accessToken == "" { - return nil, errors.New("invalid ratpanel access token") - } - - client := rpsdk.NewClient(serverUrl, accessTokenId, accessToken) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil -} diff --git a/internal/pkg/core/deployer/providers/ratpanel-site/ratpanel_site.go b/internal/pkg/core/deployer/providers/ratpanel-site/ratpanel_site.go deleted file mode 100644 index 7e30daf6..00000000 --- a/internal/pkg/core/deployer/providers/ratpanel-site/ratpanel_site.go +++ /dev/null @@ -1,101 +0,0 @@ -package ratpanelsite - -import ( - "context" - "crypto/tls" - "errors" - "fmt" - "log/slog" - "net/url" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - rpsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/ratpanel" -) - -type DeployerConfig struct { - // 耗子面板服务地址。 - ServerUrl string `json:"serverUrl"` - // 耗子面板访问令牌 ID。 - AccessTokenId int32 `json:"accessTokenId"` - // 耗子面板访问令牌。 - AccessToken string `json:"accessToken"` - // 是否允许不安全的连接。 - AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` - // 网站名称。 - SiteName string `json:"siteName"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *rpsdk.Client -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ServerUrl, config.AccessTokenId, config.AccessToken, config.AllowInsecureConnections) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - if d.config.SiteName == "" { - return nil, errors.New("config `siteName` is required") - } - - // 设置站点 SSL 证书 - websiteCertReq := &rpsdk.WebsiteCertRequest{ - SiteName: d.config.SiteName, - Certificate: certPEM, - PrivateKey: privkeyPEM, - } - websiteCertResp, err := d.sdkClient.WebsiteCert(websiteCertReq) - d.logger.Debug("sdk request 'ratpanel.WebsiteCert'", slog.Any("request", websiteCertReq), slog.Any("response", websiteCertResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'ratpanel.WebsiteCert': %w", err) - } - - return &deployer.DeployResult{}, nil -} - -func createSdkClient(serverUrl string, accessTokenId int32, accessToken string, skipTlsVerify bool) (*rpsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid ratpanel server url") - } - - if accessTokenId == 0 { - return nil, errors.New("invalid ratpanel access token id") - } - - if accessToken == "" { - return nil, errors.New("invalid ratpanel access token") - } - - client := rpsdk.NewClient(serverUrl, accessTokenId, accessToken) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil -} diff --git a/internal/pkg/core/deployer/providers/tencentcloud-ssl/tencentcloud_ssl.go b/internal/pkg/core/deployer/providers/tencentcloud-ssl/tencentcloud_ssl.go deleted file mode 100644 index 09ac14cd..00000000 --- a/internal/pkg/core/deployer/providers/tencentcloud-ssl/tencentcloud_ssl.go +++ /dev/null @@ -1,68 +0,0 @@ -package tencentcloudssl - -import ( - "context" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" -) - -type DeployerConfig struct { - // 腾讯云 SecretId。 - SecretId string `json:"secretId"` - // 腾讯云 SecretKey。 - SecretKey string `json:"secretKey"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - SecretId: config.SecretId, - SecretKey: config.SecretKey, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - d.sslUploader.WithLogger(logger) - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/volcengine-certcenter/volcengine_certcenter.go b/internal/pkg/core/deployer/providers/volcengine-certcenter/volcengine_certcenter.go deleted file mode 100644 index 8bb40d5b..00000000 --- a/internal/pkg/core/deployer/providers/volcengine-certcenter/volcengine_certcenter.go +++ /dev/null @@ -1,71 +0,0 @@ -package volcenginecertcenter - -import ( - "context" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" -) - -type DeployerConfig struct { - // 火山引擎 AccessKeyId。 - AccessKeyId string `json:"accessKeyId"` - // 火山引擎 AccessKeySecret。 - AccessKeySecret string `json:"accessKeySecret"` - // 火山引擎地域。 - Region string `json:"region"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKeyId: config.AccessKeyId, - AccessKeySecret: config.AccessKeySecret, - Region: config.Region, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - d.sslUploader.WithLogger(logger) - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到证书中心 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - return &deployer.DeployResult{}, nil -} diff --git a/internal/pkg/core/deployer/providers/wangsu-cdn/wangsu_cdn.go b/internal/pkg/core/deployer/providers/wangsu-cdn/wangsu_cdn.go deleted file mode 100644 index 3be2b119..00000000 --- a/internal/pkg/core/deployer/providers/wangsu-cdn/wangsu_cdn.go +++ /dev/null @@ -1,109 +0,0 @@ -package wangsucdn - -import ( - "context" - "errors" - "fmt" - "log/slog" - "strconv" - "strings" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/wangsu-certificate" - wangsusdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/cdn" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" -) - -type DeployerConfig struct { - // 网宿云 AccessKeyId。 - AccessKeyId string `json:"accessKeyId"` - // 网宿云 AccessKeySecret。 - AccessKeySecret string `json:"accessKeySecret"` - // 加速域名数组(支持泛域名)。 - Domains []string `json:"domains"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *wangsusdk.Client - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKeyId: config.AccessKeyId, - AccessKeySecret: config.AccessKeySecret, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到证书管理 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - - // 批量修改域名证书配置 - // REF: https://www.wangsu.com/document/api-doc/37447 - certId, _ := strconv.ParseInt(upres.CertId, 10, 64) - batchUpdateCertificateConfigReq := &wangsusdk.BatchUpdateCertificateConfigRequest{ - CertificateId: certId, - DomainNames: sliceutil.Map(d.config.Domains, func(domain string) string { - // "*.example.com" → ".example.com",适配网宿云 CDN 要求的泛域名格式 - return strings.TrimPrefix(domain, "*") - }), - } - batchUpdateCertificateConfigResp, err := d.sdkClient.BatchUpdateCertificateConfig(batchUpdateCertificateConfigReq) - d.logger.Debug("sdk request 'cdn.BatchUpdateCertificateConfig'", slog.Any("request", batchUpdateCertificateConfigReq), slog.Any("response", batchUpdateCertificateConfigResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'cdn.BatchUpdateCertificateConfig': %w", err) - } - - return &deployer.DeployResult{}, nil -} - -func createSdkClient(accessKeyId, accessKeySecret string) (*wangsusdk.Client, error) { - if accessKeyId == "" { - return nil, errors.New("invalid wangsu access key id") - } - - if accessKeySecret == "" { - return nil, errors.New("invalid wangsu access key secret") - } - - return wangsusdk.NewClient(accessKeyId, accessKeySecret), nil -} diff --git a/internal/pkg/core/deployer/providers/wangsu-certificate/wangsu_certificate.go b/internal/pkg/core/deployer/providers/wangsu-certificate/wangsu_certificate.go deleted file mode 100644 index 51fa7076..00000000 --- a/internal/pkg/core/deployer/providers/wangsu-certificate/wangsu_certificate.go +++ /dev/null @@ -1,109 +0,0 @@ -package wangsucertificate - -import ( - "context" - "errors" - "fmt" - "log/slog" - "time" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/wangsu-certificate" - wangsusdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/certificate" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" -) - -type DeployerConfig struct { - // 网宿云 AccessKeyId。 - AccessKeyId string `json:"accessKeyId"` - // 网宿云 AccessKeySecret。 - AccessKeySecret string `json:"accessKeySecret"` - // 证书 ID。 - // 选填。零值时表示新建证书;否则表示更新证书。 - CertificateId string `json:"certificateId,omitempty"` -} - -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *wangsusdk.Client - sslUploader uploader.Uploader -} - -var _ deployer.Deployer = (*DeployerProvider)(nil) - -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ - AccessKeyId: config.AccessKeyId, - AccessKeySecret: config.AccessKeySecret, - }) - if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) - } - - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, - }, nil -} - -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { - if logger == nil { - d.logger = slog.New(slog.DiscardHandler) - } else { - d.logger = logger - } - return d -} - -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - if d.config.CertificateId == "" { - // 上传证书到证书管理 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) - if err != nil { - return nil, fmt.Errorf("failed to upload certificate file: %w", err) - } else { - d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) - } - } else { - // 修改证书 - // REF: https://www.wangsu.com/document/api-doc/25568?productCode=certificatemanagement - updateCertificateReq := &wangsusdk.UpdateCertificateRequest{ - Name: typeutil.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), - Certificate: typeutil.ToPtr(certPEM), - PrivateKey: typeutil.ToPtr(privkeyPEM), - Comment: typeutil.ToPtr("upload from certimate"), - } - updateCertificateResp, err := d.sdkClient.UpdateCertificate(d.config.CertificateId, updateCertificateReq) - d.logger.Debug("sdk request 'certificatemanagement.UpdateCertificate'", slog.Any("request", updateCertificateReq), slog.Any("response", updateCertificateResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'certificatemanagement.CreateCertificate': %w", err) - } - } - - return &deployer.DeployResult{}, nil -} - -func createSdkClient(accessKeyId, accessKeySecret string) (*wangsusdk.Client, error) { - if accessKeyId == "" { - return nil, errors.New("invalid wangsu access key id") - } - - if accessKeySecret == "" { - return nil, errors.New("invalid wangsu access key secret") - } - - return wangsusdk.NewClient(accessKeyId, accessKeySecret), nil -} diff --git a/internal/pkg/core/uploader/providers/1panel-ssl/1panel_ssl.go b/internal/pkg/core/uploader/providers/1panel-ssl/1panel_ssl.go deleted file mode 100644 index 7391129d..00000000 --- a/internal/pkg/core/uploader/providers/1panel-ssl/1panel_ssl.go +++ /dev/null @@ -1,157 +0,0 @@ -package onepanelssl - -import ( - "context" - "crypto/tls" - "errors" - "fmt" - "log/slog" - "net/url" - "strings" - "time" - - "github.com/usual2970/certimate/internal/pkg/core/uploader" - onepanelsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/1panel" -) - -type UploaderConfig struct { - // 1Panel 服务地址。 - ServerUrl string `json:"serverUrl"` - // 1Panel 版本。 - ApiVersion string `json:"apiVersion"` - // 1Panel 接口密钥。 - ApiKey string `json:"apiKey"` - // 是否允许不安全的连接。 - AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` -} - -type UploaderProvider struct { - config *UploaderConfig - logger *slog.Logger - sdkClient *onepanelsdk.Client -} - -var _ uploader.Uploader = (*UploaderProvider)(nil) - -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ServerUrl, config.ApiVersion, config.ApiKey, config.AllowInsecureConnections) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &UploaderProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { - if logger == nil { - u.logger = slog.New(slog.DiscardHandler) - } else { - u.logger = logger - } - return u -} - -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { - // 遍历证书列表,避免重复上传 - if res, err := u.getCertIfExists(ctx, certPEM, privkeyPEM); err != nil { - return nil, err - } else if res != nil { - u.logger.Info("ssl certificate already exists") - return res, nil - } - - // 生成新证书名(需符合 1Panel 命名规则) - certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) - - // 上传证书 - uploadWebsiteSSLReq := &onepanelsdk.UploadWebsiteSSLRequest{ - Type: "paste", - Description: certName, - Certificate: certPEM, - PrivateKey: privkeyPEM, - } - uploadWebsiteSSLResp, err := u.sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq) - u.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err) - } - - // 遍历证书列表,获取刚刚上传证书 ID - if res, err := u.getCertIfExists(ctx, certPEM, privkeyPEM); err != nil { - return nil, err - } else if res == nil { - return nil, fmt.Errorf("no ssl certificate found, may be upload failed (code: %d, message: %s)", uploadWebsiteSSLResp.GetCode(), uploadWebsiteSSLResp.GetMessage()) - } else { - return res, nil - } -} - -func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { - searchWebsiteSSLPageNumber := int32(1) - searchWebsiteSSLPageSize := int32(100) - for { - select { - case <-ctx.Done(): - return nil, ctx.Err() - default: - } - - searchWebsiteSSLReq := &onepanelsdk.SearchWebsiteSSLRequest{ - Page: searchWebsiteSSLPageNumber, - PageSize: searchWebsiteSSLPageSize, - } - searchWebsiteSSLResp, err := u.sdkClient.SearchWebsiteSSL(searchWebsiteSSLReq) - u.logger.Debug("sdk request '1panel.SearchWebsiteSSL'", slog.Any("request", searchWebsiteSSLReq), slog.Any("response", searchWebsiteSSLResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request '1panel.SearchWebsiteSSL': %w", err) - } - - for _, sslItem := range searchWebsiteSSLResp.Data.Items { - if strings.TrimSpace(sslItem.PEM) == strings.TrimSpace(certPEM) && - strings.TrimSpace(sslItem.PrivateKey) == strings.TrimSpace(privkeyPEM) { - // 如果已存在相同证书,直接返回 - return &uploader.UploadResult{ - CertId: fmt.Sprintf("%d", sslItem.ID), - CertName: sslItem.Description, - }, nil - } - } - - if len(searchWebsiteSSLResp.Data.Items) < int(searchWebsiteSSLPageSize) { - break - } else { - searchWebsiteSSLPageNumber++ - } - } - - return nil, nil -} - -func createSdkClient(serverUrl, apiVersion, apiKey string, skipTlsVerify bool) (*onepanelsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid 1panel server url") - } - - if apiVersion == "" { - return nil, errors.New("invalid 1panel api version") - } - - if apiKey == "" { - return nil, errors.New("invalid 1panel api key") - } - - client := onepanelsdk.NewClient(serverUrl, apiVersion, apiKey) - if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) - } - - return client, nil -} diff --git a/internal/pkg/core/uploader/providers/dogecloud/dogecloud.go b/internal/pkg/core/uploader/providers/dogecloud/dogecloud.go deleted file mode 100644 index 1b0b963f..00000000 --- a/internal/pkg/core/uploader/providers/dogecloud/dogecloud.go +++ /dev/null @@ -1,77 +0,0 @@ -package dogecloud - -import ( - "context" - "fmt" - "log/slog" - "time" - - "github.com/usual2970/certimate/internal/pkg/core/uploader" - dogesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/dogecloud" -) - -type UploaderConfig struct { - // 多吉云 AccessKey。 - AccessKey string `json:"accessKey"` - // 多吉云 SecretKey。 - SecretKey string `json:"secretKey"` -} - -type UploaderProvider struct { - config *UploaderConfig - logger *slog.Logger - sdkClient *dogesdk.Client -} - -var _ uploader.Uploader = (*UploaderProvider)(nil) - -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.AccessKey, config.SecretKey) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &UploaderProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { - if logger == nil { - u.logger = slog.New(slog.DiscardHandler) - } else { - u.logger = logger - } - return u -} - -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { - // 生成新证书名(需符合多吉云命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) - - // 上传新证书 - // REF: https://docs.dogecloud.com/cdn/api-cert-upload - uploadSslCertResp, err := u.sdkClient.UploadCdnCert(certName, certPEM, privkeyPEM) - u.logger.Debug("sdk request 'cdn.UploadCdnCert'", slog.Any("response", uploadSslCertResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'cdn.UploadCdnCert': %w", err) - } - - certId = fmt.Sprintf("%d", uploadSslCertResp.Data.Id) - return &uploader.UploadResult{ - CertId: certId, - CertName: certName, - }, nil -} - -func createSdkClient(accessKey, secretKey string) (*dogesdk.Client, error) { - client := dogesdk.NewClient(accessKey, secretKey) - return client, nil -} diff --git a/internal/pkg/core/uploader/providers/gcore-cdn/gcore_cdn.go b/internal/pkg/core/uploader/providers/gcore-cdn/gcore_cdn.go deleted file mode 100644 index f3127602..00000000 --- a/internal/pkg/core/uploader/providers/gcore-cdn/gcore_cdn.go +++ /dev/null @@ -1,95 +0,0 @@ -package gcorecdn - -import ( - "context" - "errors" - "fmt" - "log/slog" - "time" - - "github.com/G-Core/gcorelabscdn-go/gcore/provider" - "github.com/G-Core/gcorelabscdn-go/sslcerts" - - "github.com/usual2970/certimate/internal/pkg/core/uploader" - gcoresdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/gcore/common" -) - -type UploaderConfig struct { - // Gcore API Token。 - ApiToken string `json:"apiToken"` -} - -type UploaderProvider struct { - config *UploaderConfig - logger *slog.Logger - sdkClient *sslcerts.Service -} - -var _ uploader.Uploader = (*UploaderProvider)(nil) - -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.ApiToken) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &UploaderProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { - if logger == nil { - u.logger = slog.New(slog.DiscardHandler) - } else { - u.logger = logger - } - return u -} - -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { - // 生成新证书名(需符合 Gcore 命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate_%d", time.Now().UnixMilli()) - - // 新增证书 - // REF: https://api.gcore.com/docs/cdn#tag/SSL-certificates/operation/add_ssl_certificates - createCertificateReq := &sslcerts.CreateRequest{ - Name: certName, - Cert: certPEM, - PrivateKey: privkeyPEM, - Automated: false, - ValidateRootCA: false, - } - createCertificateResp, err := u.sdkClient.Create(context.TODO(), createCertificateReq) - u.logger.Debug("sdk request 'sslcerts.Create'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'sslcerts.Create': %w", err) - } - - certId = fmt.Sprintf("%d", createCertificateResp.ID) - certName = createCertificateResp.Name - return &uploader.UploadResult{ - CertId: certId, - CertName: certName, - }, nil -} - -func createSdkClient(apiToken string) (*sslcerts.Service, error) { - if apiToken == "" { - return nil, errors.New("invalid gcore api token") - } - - requester := provider.NewClient( - gcoresdk.BASE_URL, - provider.WithSigner(gcoresdk.NewAuthRequestSigner(apiToken)), - ) - service := sslcerts.NewService(requester) - return service, nil -} diff --git a/internal/pkg/core/uploader/providers/qiniu-sslcert/qiniu_sslcert.go b/internal/pkg/core/uploader/providers/qiniu-sslcert/qiniu_sslcert.go deleted file mode 100644 index 99a1a0b5..00000000 --- a/internal/pkg/core/uploader/providers/qiniu-sslcert/qiniu_sslcert.go +++ /dev/null @@ -1,96 +0,0 @@ -package qiniusslcert - -import ( - "context" - "errors" - "fmt" - "log/slog" - "time" - - "github.com/qiniu/go-sdk/v7/auth" - - "github.com/usual2970/certimate/internal/pkg/core/uploader" - qiniusdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/qiniu" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" -) - -type UploaderConfig struct { - // 七牛云 AccessKey。 - AccessKey string `json:"accessKey"` - // 七牛云 SecretKey。 - SecretKey string `json:"secretKey"` -} - -type UploaderProvider struct { - config *UploaderConfig - logger *slog.Logger - sdkClient *qiniusdk.Client -} - -var _ uploader.Uploader = (*UploaderProvider)(nil) - -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.AccessKey, config.SecretKey) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &UploaderProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { - if logger == nil { - u.logger = slog.New(slog.DiscardHandler) - } else { - u.logger = logger - } - return u -} - -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { - // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) - if err != nil { - return nil, err - } - - // 生成新证书名(需符合七牛云命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) - - // 上传新证书 - // REF: https://developer.qiniu.com/fusion/8593/interface-related-certificate - uploadSslCertResp, err := u.sdkClient.UploadSslCert(context.TODO(), certName, certX509.Subject.CommonName, certPEM, privkeyPEM) - u.logger.Debug("sdk request 'cdn.UploadSslCert'", slog.Any("response", uploadSslCertResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'cdn.UploadSslCert': %w", err) - } - - certId = uploadSslCertResp.CertID - return &uploader.UploadResult{ - CertId: certId, - CertName: certName, - }, nil -} - -func createSdkClient(accessKey, secretKey string) (*qiniusdk.Client, error) { - if secretKey == "" { - return nil, errors.New("invalid qiniu access key") - } - - if secretKey == "" { - return nil, errors.New("invalid qiniu secret key") - } - - credential := auth.New(accessKey, secretKey) - client := qiniusdk.NewClient(credential) - return client, nil -} diff --git a/internal/pkg/core/uploader/providers/upyun-ssl/upyun_ssl.go b/internal/pkg/core/uploader/providers/upyun-ssl/upyun_ssl.go deleted file mode 100644 index 6b45e130..00000000 --- a/internal/pkg/core/uploader/providers/upyun-ssl/upyun_ssl.go +++ /dev/null @@ -1,82 +0,0 @@ -package upyunssl - -import ( - "context" - "errors" - "fmt" - "log/slog" - - "github.com/usual2970/certimate/internal/pkg/core/uploader" - upyunsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/upyun/console" -) - -type UploaderConfig struct { - // 又拍云账号用户名。 - Username string `json:"username"` - // 又拍云账号密码。 - Password string `json:"password"` -} - -type UploaderProvider struct { - config *UploaderConfig - logger *slog.Logger - sdkClient *upyunsdk.Client -} - -var _ uploader.Uploader = (*UploaderProvider)(nil) - -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { - if config == nil { - panic("config is nil") - } - - client, err := createSdkClient(config.Username, config.Password) - if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) - } - - return &UploaderProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - }, nil -} - -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { - if logger == nil { - u.logger = slog.New(slog.DiscardHandler) - } else { - u.logger = logger - } - return u -} - -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { - // 上传证书 - uploadHttpsCertificateReq := &upyunsdk.UploadHttpsCertificateRequest{ - Certificate: certPEM, - PrivateKey: privkeyPEM, - } - uploadHttpsCertificateResp, err := u.sdkClient.UploadHttpsCertificate(uploadHttpsCertificateReq) - u.logger.Debug("sdk request 'console.UploadHttpsCertificate'", slog.Any("response", uploadHttpsCertificateResp)) - if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'console.UploadHttpsCertificate': %w", err) - } - - return &uploader.UploadResult{ - CertId: uploadHttpsCertificateResp.Data.Result.CertificateId, - }, nil -} - -func createSdkClient(username, password string) (*upyunsdk.Client, error) { - if username == "" { - return nil, errors.New("invalid upyun username") - } - - if password == "" { - return nil, errors.New("invalid upyun password") - } - - client := upyunsdk.NewClient(username, password) - return client, nil -} diff --git a/internal/pkg/core/uploader/uploader.go b/internal/pkg/core/uploader/uploader.go deleted file mode 100644 index 0a1681a7..00000000 --- a/internal/pkg/core/uploader/uploader.go +++ /dev/null @@ -1,32 +0,0 @@ -package uploader - -import ( - "context" - "log/slog" -) - -// 表示定义证书上传器的抽象类型接口。 -// 云服务商通常会提供 SSL 证书管理服务,可供用户集中管理证书。 -// 注意与 `Deployer` 区分,“上传”通常为“部署”的前置操作。 -type Uploader interface { - WithLogger(logger *slog.Logger) Uploader - - // 上传证书。 - // - // 入参: - // - ctx:上下文。 - // - certPEM:证书 PEM 内容。 - // - privkeyPEM:私钥 PEM 内容。 - // - // 出参: - // - res:上传结果。 - // - err: 错误。 - Upload(ctx context.Context, certPEM string, privkeyPEM string) (_res *UploadResult, _err error) -} - -// 表示证书上传结果的数据结构,包含上传后的证书 ID、名称和其他数据。 -type UploadResult struct { - CertId string `json:"certId"` - CertName string `json:"certName,omitzero"` - ExtendedData map[string]any `json:"extendedData,omitempty"` -} diff --git a/internal/pkg/sdk3rd/1panel/api.go b/internal/pkg/sdk3rd/1panel/api.go deleted file mode 100644 index 68bcca36..00000000 --- a/internal/pkg/sdk3rd/1panel/api.go +++ /dev/null @@ -1,54 +0,0 @@ -package onepanel - -import ( - "fmt" - "net/http" -) - -func (c *Client) UpdateSystemSSL(req *UpdateSystemSSLRequest) (*UpdateSystemSSLResponse, error) { - resp := &UpdateSystemSSLResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/settings/ssl/update", req, resp) - return resp, err -} - -func (c *Client) SearchWebsiteSSL(req *SearchWebsiteSSLRequest) (*SearchWebsiteSSLResponse, error) { - resp := &SearchWebsiteSSLResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/websites/ssl/search", req, resp) - return resp, err -} - -func (c *Client) GetWebsiteSSL(req *GetWebsiteSSLRequest) (*GetWebsiteSSLResponse, error) { - if req.SSLID == 0 { - return nil, fmt.Errorf("1panel api error: invalid parameter: SSLID") - } - - resp := &GetWebsiteSSLResponse{} - err := c.sendRequestWithResult(http.MethodGet, fmt.Sprintf("/websites/ssl/%d", req.SSLID), req, resp) - return resp, err -} - -func (c *Client) UploadWebsiteSSL(req *UploadWebsiteSSLRequest) (*UploadWebsiteSSLResponse, error) { - resp := &UploadWebsiteSSLResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/websites/ssl/upload", req, resp) - return resp, err -} - -func (c *Client) GetHttpsConf(req *GetHttpsConfRequest) (*GetHttpsConfResponse, error) { - if req.WebsiteID == 0 { - return nil, fmt.Errorf("1panel api error: invalid parameter: WebsiteID") - } - - resp := &GetHttpsConfResponse{} - err := c.sendRequestWithResult(http.MethodGet, fmt.Sprintf("/websites/%d/https", req.WebsiteID), req, resp) - return resp, err -} - -func (c *Client) UpdateHttpsConf(req *UpdateHttpsConfRequest) (*UpdateHttpsConfResponse, error) { - if req.WebsiteID == 0 { - return nil, fmt.Errorf("1panel api error: invalid parameter: WebsiteID") - } - - resp := &UpdateHttpsConfResponse{} - err := c.sendRequestWithResult(http.MethodPost, fmt.Sprintf("/websites/%d/https", req.WebsiteID), req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/1panel/client.go b/internal/pkg/sdk3rd/1panel/client.go deleted file mode 100644 index 8090340e..00000000 --- a/internal/pkg/sdk3rd/1panel/client.go +++ /dev/null @@ -1,99 +0,0 @@ -package onepanel - -import ( - "crypto/md5" - "crypto/tls" - "encoding/hex" - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(serverUrl, apiVersion, apiKey string) *Client { - if apiVersion == "" { - apiVersion = "v1" - } - - client := resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")+"/api/"+apiVersion). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - timestamp := fmt.Sprintf("%d", time.Now().Unix()) - tokenMd5 := md5.Sum([]byte("1panel" + apiKey + timestamp)) - tokenMd5Hex := hex.EncodeToString(tokenMd5[:]) - req.Header.Set("1Panel-Timestamp", timestamp) - req.Header.Set("1Panel-Token", tokenMd5Hex) - - return nil - }) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("1panel api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("1panel api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("1panel api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode/100 != 2 { - return fmt.Errorf("1panel api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/1panel/models.go b/internal/pkg/sdk3rd/1panel/models.go deleted file mode 100644 index 57ea5154..00000000 --- a/internal/pkg/sdk3rd/1panel/models.go +++ /dev/null @@ -1,131 +0,0 @@ -package onepanel - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code *int32 `json:"code,omitempty"` - Message *string `json:"message,omitempty"` -} - -func (r *baseResponse) GetCode() int32 { - if r.Code != nil { - return *r.Code - } - return 0 -} - -func (r *baseResponse) GetMessage() string { - if r.Message != nil { - return *r.Message - } - return "" -} - -type UpdateSystemSSLRequest struct { - Cert string `json:"cert"` - Key string `json:"key"` - SSLType string `json:"sslType"` - SSL string `json:"ssl"` - SSLID int64 `json:"sslID"` - AutoRestart string `json:"autoRestart"` -} - -type UpdateSystemSSLResponse struct { - baseResponse -} - -type SearchWebsiteSSLRequest struct { - Page int32 `json:"page"` - PageSize int32 `json:"pageSize"` -} - -type SearchWebsiteSSLResponse struct { - baseResponse - Data *struct { - Items []*struct { - ID int64 `json:"id"` - PEM string `json:"pem"` - PrivateKey string `json:"privateKey"` - Domains string `json:"domains"` - Description string `json:"description"` - Status string `json:"status"` - UpdatedAt string `json:"updatedAt"` - CreatedAt string `json:"createdAt"` - } `json:"items"` - Total int32 `json:"total"` - } `json:"data,omitempty"` -} - -type GetWebsiteSSLRequest struct { - SSLID int64 `json:"-"` -} - -type GetWebsiteSSLResponse struct { - baseResponse - Data *struct { - ID int64 `json:"id"` - Provider string `json:"provider"` - Description string `json:"description"` - PrimaryDomain string `json:"primaryDomain"` - Domains string `json:"domains"` - Type string `json:"type"` - Organization string `json:"organization"` - Status string `json:"status"` - StartDate string `json:"startDate"` - ExpireDate string `json:"expireDate"` - CreatedAt string `json:"createdAt"` - UpdatedAt string `json:"updatedAt"` - } `json:"data,omitempty"` -} - -type UploadWebsiteSSLRequest struct { - Type string `json:"type"` - SSLID int64 `json:"sslID"` - Certificate string `json:"certificate"` - CertificatePath string `json:"certificatePath"` - PrivateKey string `json:"privateKey"` - PrivateKeyPath string `json:"privateKeyPath"` - Description string `json:"description"` -} - -type UploadWebsiteSSLResponse struct { - baseResponse -} - -type GetHttpsConfRequest struct { - WebsiteID int64 `json:"-"` -} - -type GetHttpsConfResponse struct { - baseResponse - Data *struct { - Enable bool `json:"enable"` - HttpConfig string `json:"httpConfig"` - SSLProtocol []string `json:"SSLProtocol"` - Algorithm string `json:"algorithm"` - Hsts bool `json:"hsts"` - } `json:"data,omitempty"` -} - -type UpdateHttpsConfRequest struct { - WebsiteID int64 `json:"websiteId"` - Enable bool `json:"enable"` - Type string `json:"type"` - WebsiteSSLID int64 `json:"websiteSSLId"` - PrivateKey string `json:"privateKey"` - Certificate string `json:"certificate"` - PrivateKeyPath string `json:"privateKeyPath"` - CertificatePath string `json:"certificatePath"` - ImportType string `json:"importType"` - HttpConfig string `json:"httpConfig"` - SSLProtocol []string `json:"SSLProtocol"` - Algorithm string `json:"algorithm"` - Hsts bool `json:"hsts"` -} - -type UpdateHttpsConfResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/baishan/api.go b/internal/pkg/sdk3rd/baishan/api.go deleted file mode 100644 index dba90fad..00000000 --- a/internal/pkg/sdk3rd/baishan/api.go +++ /dev/null @@ -1,23 +0,0 @@ -package baishan - -import ( - "net/http" -) - -func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { - resp := &CreateCertificateResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/v2/domain/certificate", req, resp) - return resp, err -} - -func (c *Client) GetDomainConfig(req *GetDomainConfigRequest) (*GetDomainConfigResponse, error) { - resp := &GetDomainConfigResponse{} - err := c.sendRequestWithResult(http.MethodGet, "/v2/domain/config", req, resp) - return resp, err -} - -func (c *Client) SetDomainConfig(req *SetDomainConfigRequest) (*SetDomainConfigResponse, error) { - resp := &SetDomainConfigResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/v2/domain/config", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/baishan/client.go b/internal/pkg/sdk3rd/baishan/client.go deleted file mode 100644 index 7922096e..00000000 --- a/internal/pkg/sdk3rd/baishan/client.go +++ /dev/null @@ -1,93 +0,0 @@ -package baishan - -import ( - "encoding/json" - "fmt" - "net/http" - "net/url" - "reflect" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(apiToken string) *Client { - client := resty.New(). - SetBaseURL("https://cdn.api.baishan.com"). - SetHeader("User-Agent", "certimate"). - SetHeader("Token", apiToken) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := url.Values{} - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - rv := reflect.ValueOf(v) - switch rv.Kind() { - case reflect.Slice, reflect.Array: - for i := 0; i < rv.Len(); i++ { - qs.Add(fmt.Sprintf("%s[]", k), fmt.Sprintf("%v", rv.Index(i).Interface())) - } - case reflect.Map: - for _, rk := range rv.MapKeys() { - qs.Add(fmt.Sprintf("%s[%s]", k, rk.Interface()), fmt.Sprintf("%v", rv.MapIndex(rk).Interface())) - } - default: - qs.Set(k, fmt.Sprintf("%v", v)) - } - } - } - } - - req = req.SetQueryParamsFromValues(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("baishan api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("baishan api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("baishan api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != 0 { - return fmt.Errorf("baishan api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/baishan/models.go b/internal/pkg/sdk3rd/baishan/models.go deleted file mode 100644 index 457729e8..00000000 --- a/internal/pkg/sdk3rd/baishan/models.go +++ /dev/null @@ -1,82 +0,0 @@ -package baishan - -import "encoding/json" - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code *int32 `json:"code,omitempty"` - Message *string `json:"message,omitempty"` -} - -func (r *baseResponse) GetCode() int32 { - if r.Code != nil { - return *r.Code - } - return 0 -} - -func (r *baseResponse) GetMessage() string { - if r.Message != nil { - return *r.Message - } - return "" -} - -type CreateCertificateRequest struct { - CertificateId *string `json:"cert_id,omitempty"` - Certificate string `json:"certificate"` - Key string `json:"key"` - Name string `json:"name"` -} - -type CreateCertificateResponse struct { - baseResponse - Data *DomainCertificate `json:"data,omitempty"` -} - -type GetDomainConfigRequest struct { - Domains string `json:"domains"` - Config []string `json:"config"` -} - -type GetDomainConfigResponse struct { - baseResponse - Data []*struct { - Domain string `json:"domain"` - Config *DomainConfig `json:"config"` - } `json:"data,omitempty"` -} - -type SetDomainConfigRequest struct { - Domains string `json:"domains"` - Config *DomainConfig `json:"config"` -} - -type SetDomainConfigResponse struct { - baseResponse - Data *struct { - Config *DomainConfig `json:"config"` - } `json:"data,omitempty"` -} - -type DomainCertificate struct { - CertId json.Number `json:"cert_id"` - Name string `json:"name"` - CertStartTime string `json:"cert_start_time"` - CertExpireTime string `json:"cert_expire_time"` -} - -type DomainConfig struct { - Https *DomainConfigHttps `json:"https"` -} - -type DomainConfigHttps struct { - CertId json.Number `json:"cert_id"` - ForceHttps *string `json:"force_https,omitempty"` - EnableHttp2 *string `json:"http2,omitempty"` - EnableOcsp *string `json:"ocsp,omitempty"` -} diff --git a/internal/pkg/sdk3rd/btpanel/api.go b/internal/pkg/sdk3rd/btpanel/api.go deleted file mode 100644 index 926e03e5..00000000 --- a/internal/pkg/sdk3rd/btpanel/api.go +++ /dev/null @@ -1,31 +0,0 @@ -package btpanel - -func (c *Client) ConfigSavePanelSSL(req *ConfigSavePanelSSLRequest) (*ConfigSavePanelSSLResponse, error) { - resp := &ConfigSavePanelSSLResponse{} - err := c.sendRequestWithResult("/config?action=SavePanelSSL", req, resp) - return resp, err -} - -func (c *Client) SiteSetSSL(req *SiteSetSSLRequest) (*SiteSetSSLResponse, error) { - resp := &SiteSetSSLResponse{} - err := c.sendRequestWithResult("/site?action=SetSSL", req, resp) - return resp, err -} - -func (c *Client) SystemServiceAdmin(req *SystemServiceAdminRequest) (*SystemServiceAdminResponse, error) { - resp := &SystemServiceAdminResponse{} - err := c.sendRequestWithResult("/system?action=ServiceAdmin", req, resp) - return resp, err -} - -func (c *Client) SSLCertSaveCert(req *SSLCertSaveCertRequest) (*SSLCertSaveCertResponse, error) { - resp := &SSLCertSaveCertResponse{} - err := c.sendRequestWithResult("/ssl/cert/save_cert", req, resp) - return resp, err -} - -func (c *Client) SSLSetBatchCertToSite(req *SSLSetBatchCertToSiteRequest) (*SSLSetBatchCertToSiteResponse, error) { - resp := &SSLSetBatchCertToSiteResponse{} - err := c.sendRequestWithResult("/ssl?action=SetBatchCertToSite", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/btpanel/client.go b/internal/pkg/sdk3rd/btpanel/client.go deleted file mode 100644 index 7faa46c0..00000000 --- a/internal/pkg/sdk3rd/btpanel/client.go +++ /dev/null @@ -1,110 +0,0 @@ -package btpanel - -import ( - "crypto/md5" - "crypto/tls" - "encoding/hex" - "encoding/json" - "fmt" - "reflect" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - apiKey string - - client *resty.Client -} - -func NewClient(serverUrl, apiKey string) *Client { - client := resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")). - SetHeader("Content-Type", "application/x-www-form-urlencoded"). - SetHeader("User-Agent", "certimate") - - return &Client{ - apiKey: apiKey, - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) generateSignature(timestamp string) string { - keyMd5 := md5.Sum([]byte(c.apiKey)) - keyMd5Hex := strings.ToLower(hex.EncodeToString(keyMd5[:])) - - signMd5 := md5.Sum([]byte(timestamp + keyMd5Hex)) - signMd5Hex := strings.ToLower(hex.EncodeToString(signMd5[:])) - return signMd5Hex -} - -func (c *Client) sendRequest(path string, params interface{}) (*resty.Response, error) { - timestamp := time.Now().Unix() - - data := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - switch reflect.Indirect(reflect.ValueOf(v)).Kind() { - case reflect.String: - data[k] = v.(string) - case reflect.Bool, reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Float32, reflect.Float64: - data[k] = fmt.Sprintf("%v", v) - default: - if t, ok := v.(time.Time); ok { - data[k] = t.Format(time.RFC3339) - } else { - jbytes, _ := json.Marshal(v) - data[k] = string(jbytes) - } - } - } - } - } - data["request_time"] = fmt.Sprintf("%d", timestamp) - data["request_token"] = c.generateSignature(fmt.Sprintf("%d", timestamp)) - - req := c.client.R().SetFormData(data) - resp, err := req.Post(path) - if err != nil { - return resp, fmt.Errorf("baota api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("baota api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(path, params) - if err != nil { - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("baota api error: failed to unmarshal response: %w", err) - } else if errstatus := result.GetStatus(); errstatus != nil && !*errstatus { - if result.GetMessage() == nil { - return fmt.Errorf("baota api error: unknown error") - } else { - return fmt.Errorf("baota api error: message='%s'", *result.GetMessage()) - } - } - - return nil -} diff --git a/internal/pkg/sdk3rd/btpanel/models.go b/internal/pkg/sdk3rd/btpanel/models.go deleted file mode 100644 index 923efeda..00000000 --- a/internal/pkg/sdk3rd/btpanel/models.go +++ /dev/null @@ -1,75 +0,0 @@ -package btpanel - -type BaseResponse interface { - GetStatus() *bool - GetMessage() *string -} - -type baseResponse struct { - Status *bool `json:"status,omitempty"` - Message *string `json:"msg,omitempty"` -} - -func (r *baseResponse) GetStatus() *bool { - return r.Status -} - -func (r *baseResponse) GetMessage() *string { - return r.Message -} - -type ConfigSavePanelSSLRequest struct { - PrivateKey string `json:"privateKey"` - Certificate string `json:"certPem"` -} - -type ConfigSavePanelSSLResponse struct { - baseResponse -} - -type SiteSetSSLRequest struct { - Type string `json:"type"` - SiteName string `json:"siteName"` - PrivateKey string `json:"key"` - Certificate string `json:"csr"` -} - -type SiteSetSSLResponse struct { - baseResponse -} - -type SystemServiceAdminRequest struct { - Name string `json:"name"` - Type string `json:"type"` -} - -type SystemServiceAdminResponse struct { - baseResponse -} - -type SSLCertSaveCertRequest struct { - PrivateKey string `json:"key"` - Certificate string `json:"csr"` -} - -type SSLCertSaveCertResponse struct { - baseResponse - SSLHash string `json:"ssl_hash"` -} - -type SSLSetBatchCertToSiteRequest struct { - BatchInfo []*SSLSetBatchCertToSiteRequestBatchInfo `json:"BatchInfo"` -} - -type SSLSetBatchCertToSiteRequestBatchInfo struct { - SSLHash string `json:"ssl_hash"` - SiteName string `json:"siteName"` - CertName string `json:"certName"` -} - -type SSLSetBatchCertToSiteResponse struct { - baseResponse - TotalCount int32 `json:"total"` - SuccessCount int32 `json:"success"` - FailedCount int32 `json:"faild"` -} diff --git a/internal/pkg/sdk3rd/btwaf/api.go b/internal/pkg/sdk3rd/btwaf/api.go deleted file mode 100644 index bc35dee5..00000000 --- a/internal/pkg/sdk3rd/btwaf/api.go +++ /dev/null @@ -1,19 +0,0 @@ -package btwaf - -func (c *Client) GetSiteList(req *GetSiteListRequest) (*GetSiteListResponse, error) { - resp := &GetSiteListResponse{} - err := c.sendRequestWithResult("/wafmastersite/get_site_list", req, resp) - return resp, err -} - -func (c *Client) ModifySite(req *ModifySiteRequest) (*ModifySiteResponse, error) { - resp := &ModifySiteResponse{} - err := c.sendRequestWithResult("/wafmastersite/modify_site", req, resp) - return resp, err -} - -func (c *Client) ConfigSetSSL(req *ConfigSetSSLRequest) (*ConfigSetSSLResponse, error) { - resp := &ConfigSetSSLResponse{} - err := c.sendRequestWithResult("/config/set_cert", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/btwaf/client.go b/internal/pkg/sdk3rd/btwaf/client.go deleted file mode 100644 index 4bf76b16..00000000 --- a/internal/pkg/sdk3rd/btwaf/client.go +++ /dev/null @@ -1,77 +0,0 @@ -package btwaf - -import ( - "crypto/md5" - "crypto/tls" - "encoding/hex" - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(serverUrl, apiKey string) *Client { - client := resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")+"/api"). - SetHeader("Content-Type", "application/json"). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - timestamp := fmt.Sprintf("%d", time.Now().Unix()) - keyMd5 := md5.Sum([]byte(apiKey)) - keyMd5Hex := strings.ToLower(hex.EncodeToString(keyMd5[:])) - signMd5 := md5.Sum([]byte(timestamp + keyMd5Hex)) - signMd5Hex := strings.ToLower(hex.EncodeToString(signMd5[:])) - req.Header.Set("waf_request_time", timestamp) - req.Header.Set("waf_request_token", signMd5Hex) - - return nil - }) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(path string, params interface{}) (*resty.Response, error) { - req := c.client.R().SetBody(params) - resp, err := req.Post(path) - if err != nil { - return resp, fmt.Errorf("baota api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("baota api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(path, params) - if err != nil { - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("baota api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != 0 { - return fmt.Errorf("baota api error: code='%d'", errcode) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/btwaf/models.go b/internal/pkg/sdk3rd/btwaf/models.go deleted file mode 100644 index 6217e1a5..00000000 --- a/internal/pkg/sdk3rd/btwaf/models.go +++ /dev/null @@ -1,67 +0,0 @@ -package btwaf - -type BaseResponse interface { - GetCode() int32 -} - -type baseResponse struct { - Code *int32 `json:"code,omitempty"` -} - -func (r *baseResponse) GetCode() int32 { - if r.Code != nil { - return *r.Code - } - return 0 -} - -type GetSiteListRequest struct { - Page *int32 `json:"p,omitempty"` - PageSize *int32 `json:"p_size,omitempty"` - SiteName *string `json:"site_name,omitempty"` -} - -type GetSiteListResponse struct { - baseResponse - Result *struct { - List []*struct { - SiteId string `json:"site_id"` - SiteName string `json:"site_name"` - Type string `json:"types"` - Status int32 `json:"status"` - CreateTime int64 `json:"create_time"` - UpdateTime int64 `json:"update_time"` - } `json:"list"` - Total int32 `json:"total"` - } `json:"res,omitempty"` -} - -type SiteServerInfo struct { - ListenSSLPorts *[]int32 `json:"listen_ssl_port,omitempty"` - SSL *SiteServerSSLInfo `json:"ssl,omitempty"` -} - -type SiteServerSSLInfo struct { - IsSSL *int32 `json:"is_ssl,omitempty"` - FullChain *string `json:"full_chain,omitempty"` - PrivateKey *string `json:"private_key,omitempty"` -} - -type ModifySiteRequest struct { - SiteId string `json:"site_id"` - Type *string `json:"types,omitempty"` - Server *SiteServerInfo `json:"server,omitempty"` -} - -type ModifySiteResponse struct { - baseResponse -} - -type ConfigSetSSLRequest struct { - CertContent string `json:"certContent"` - KeyContent string `json:"keyContent"` -} - -type ConfigSetSSLResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/bunny/api.go b/internal/pkg/sdk3rd/bunny/api.go deleted file mode 100644 index 01f27606..00000000 --- a/internal/pkg/sdk3rd/bunny/api.go +++ /dev/null @@ -1,16 +0,0 @@ -package bunny - -import ( - "fmt" - "net/http" - "net/url" -) - -func (c *Client) AddCustomCertificate(req *AddCustomCertificateRequest) ([]byte, error) { - if req.PullZoneId == "" { - return nil, fmt.Errorf("bunny api error: invalid parameter: PullZoneId") - } - - resp, err := c.sendRequest(http.MethodPost, fmt.Sprintf("/pullzone/%s/addCertificate", url.PathEscape(req.PullZoneId)), req) - return resp.Body(), err -} diff --git a/internal/pkg/sdk3rd/bunny/client.go b/internal/pkg/sdk3rd/bunny/client.go deleted file mode 100644 index 1efa2236..00000000 --- a/internal/pkg/sdk3rd/bunny/client.go +++ /dev/null @@ -1,61 +0,0 @@ -package bunny - -import ( - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(apiToken string) *Client { - client := resty.New(). - SetBaseURL("https://api.bunny.net"). - SetHeader("User-Agent", "certimate"). - SetHeader("AccessKey", apiToken) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("bunny api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("bunny api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} diff --git a/internal/pkg/sdk3rd/bunny/models.go b/internal/pkg/sdk3rd/bunny/models.go deleted file mode 100644 index 3920eba1..00000000 --- a/internal/pkg/sdk3rd/bunny/models.go +++ /dev/null @@ -1,8 +0,0 @@ -package bunny - -type AddCustomCertificateRequest struct { - Hostname string `json:"Hostname"` - PullZoneId string `json:"-"` - Certificate string `json:"Certificate"` - CertificateKey string `json:"CertificateKey"` -} diff --git a/internal/pkg/sdk3rd/cachefly/api.go b/internal/pkg/sdk3rd/cachefly/api.go deleted file mode 100644 index 0b4ae265..00000000 --- a/internal/pkg/sdk3rd/cachefly/api.go +++ /dev/null @@ -1,11 +0,0 @@ -package cachefly - -import ( - "net/http" -) - -func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { - resp := &CreateCertificateResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/certificates", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/cachefly/client.go b/internal/pkg/sdk3rd/cachefly/client.go deleted file mode 100644 index cf29e833..00000000 --- a/internal/pkg/sdk3rd/cachefly/client.go +++ /dev/null @@ -1,76 +0,0 @@ -package cachefly - -import ( - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(apiToken string) *Client { - client := resty.New(). - SetBaseURL("https://api.cachefly.com/api/2.5"). - SetHeader("X-CF-Authorization", "Bearer "+apiToken) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("cachefly api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("cachefly api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("cachefly api error: failed to unmarshal response: %w", err) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/cachefly/models.go b/internal/pkg/sdk3rd/cachefly/models.go deleted file mode 100644 index bcab441a..00000000 --- a/internal/pkg/sdk3rd/cachefly/models.go +++ /dev/null @@ -1,38 +0,0 @@ -package cachefly - -type BaseResponse interface { - GetMessage() string -} - -type baseResponse struct { - Message *string `json:"message,omitempty"` -} - -func (r *baseResponse) GetMessage() string { - if r.Message != nil { - return *r.Message - } - return "" -} - -type CreateCertificateRequest struct { - Certificate string `json:"certificate"` - CertificateKey string `json:"certificateKey"` - Password *string `json:"password"` -} - -type CreateCertificateResponse struct { - baseResponse - Id string `json:"_id"` - SubjectCommonName string `json:"subjectCommonName"` - SubjectNames []string `json:"subjectNames"` - Expired bool `json:"expired"` - Expiring bool `json:"expiring"` - InUse bool `json:"inUse"` - Managed bool `json:"managed"` - Services []string `json:"services"` - Domains []string `json:"domains"` - NotBefore string `json:"notBefore"` - NotAfter string `json:"notAfter"` - CreatedAt string `json:"createdAt"` -} diff --git a/internal/pkg/sdk3rd/cdnfly/api.go b/internal/pkg/sdk3rd/cdnfly/api.go deleted file mode 100644 index ee827b8c..00000000 --- a/internal/pkg/sdk3rd/cdnfly/api.go +++ /dev/null @@ -1,43 +0,0 @@ -package cdnfly - -import ( - "fmt" - "net/http" - "net/url" -) - -func (c *Client) GetSite(req *GetSiteRequest) (*GetSiteResponse, error) { - if req.Id == "" { - return nil, fmt.Errorf("cdnfly api error: invalid parameter: Id") - } - - resp := &GetSiteResponse{} - err := c.sendRequestWithResult(http.MethodGet, fmt.Sprintf("/v1/sites/%s", url.PathEscape(req.Id)), req, resp) - return resp, err -} - -func (c *Client) UpdateSite(req *UpdateSiteRequest) (*UpdateSiteResponse, error) { - if req.Id == "" { - return nil, fmt.Errorf("cdnfly api error: invalid parameter: Id") - } - - resp := &UpdateSiteResponse{} - err := c.sendRequestWithResult(http.MethodPut, fmt.Sprintf("/v1/sites/%s", url.PathEscape(req.Id)), req, resp) - return resp, err -} - -func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { - resp := &CreateCertificateResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/v1/certs", req, resp) - return resp, err -} - -func (c *Client) UpdateCertificate(req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { - if req.Id == "" { - return nil, fmt.Errorf("cdnfly api error: invalid parameter: Id") - } - - resp := &UpdateCertificateResponse{} - err := c.sendRequestWithResult(http.MethodPut, fmt.Sprintf("/v1/certs/%s", url.PathEscape(req.Id)), req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/cdnfly/client.go b/internal/pkg/sdk3rd/cdnfly/client.go deleted file mode 100644 index 6026d246..00000000 --- a/internal/pkg/sdk3rd/cdnfly/client.go +++ /dev/null @@ -1,86 +0,0 @@ -package cdnfly - -import ( - "crypto/tls" - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(serverUrl, apiKey, apiSecret string) *Client { - client := resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")). - SetHeader("User-Agent", "certimate"). - SetHeader("API-Key", apiKey). - SetHeader("API-Secret", apiSecret) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("cdnfly api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("cdnfly api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("cdnfly api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != "" && errcode != "0" { - return fmt.Errorf("cdnfly api error: code='%s', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/cdnfly/models.go b/internal/pkg/sdk3rd/cdnfly/models.go deleted file mode 100644 index d676becd..00000000 --- a/internal/pkg/sdk3rd/cdnfly/models.go +++ /dev/null @@ -1,84 +0,0 @@ -package cdnfly - -import "fmt" - -type BaseResponse interface { - GetCode() string - GetMessage() string -} - -type baseResponse struct { - Code any `json:"code"` - Message string `json:"msg"` -} - -func (r *baseResponse) GetCode() string { - if r.Code == nil { - return "" - } - - if code, ok := r.Code.(int); ok { - return fmt.Sprintf("%d", code) - } - - if code, ok := r.Code.(string); ok { - return code - } - - return "" -} - -func (r *baseResponse) GetMessage() string { - return r.Message -} - -type GetSiteRequest struct { - Id string `json:"-"` -} - -type GetSiteResponse struct { - baseResponse - Data *struct { - Id int64 `json:"id"` - Name string `json:"name"` - Domain string `json:"domain"` - HttpsListen string `json:"https_listen"` - } `json:"data,omitempty"` -} - -type UpdateSiteRequest struct { - Id string `json:"-"` - HttpsListen *string `json:"https_listen,omitempty"` - Enable *bool `json:"enable,omitempty"` -} - -type UpdateSiteResponse struct { - baseResponse -} - -type CreateCertificateRequest struct { - Name string `json:"name"` - Description *string `json:"des,omitempty"` - Type string `json:"type"` - Cert string `json:"cert"` - Key string `json:"key"` -} - -type CreateCertificateResponse struct { - baseResponse - Data string `json:"data"` -} - -type UpdateCertificateRequest struct { - Id string `json:"-"` - Name *string `json:"name,omitempty"` - Description *string `json:"des,omitempty"` - Type *string `json:"type,omitempty"` - Cert *string `json:"cert,omitempty"` - Key *string `json:"key,omitempty"` - Enable *bool `json:"enable,omitempty"` -} - -type UpdateCertificateResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/dcloud/unicloud/api.go b/internal/pkg/sdk3rd/dcloud/unicloud/api.go deleted file mode 100644 index 1cd90b15..00000000 --- a/internal/pkg/sdk3rd/dcloud/unicloud/api.go +++ /dev/null @@ -1,78 +0,0 @@ -package unicloud - -import ( - "fmt" - "net/http" - "regexp" - "time" -) - -func (c *Client) ensureServerlessJwtTokenExists() error { - c.serverlessJwtTokenMtx.Lock() - defer c.serverlessJwtTokenMtx.Unlock() - if c.serverlessJwtToken != "" && c.serverlessJwtTokenExp.After(time.Now()) { - return nil - } - - params := &loginParams{ - Password: c.password, - } - if regexp.MustCompile("^1\\d{10}$").MatchString(c.username) { - params.Mobile = c.username - } else if regexp.MustCompile("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$").MatchString(c.username) { - params.Email = c.username - } else { - params.Username = c.username - } - - resp := &loginResponse{} - if err := c.invokeServerlessWithResult( - uniIdentityEndpoint, uniIdentityClientSecret, uniIdentityAppId, uniIdentitySpaceId, - "uni-id-co", "login", "", params, nil, - resp); err != nil { - return err - } else if resp.Data == nil || resp.Data.NewToken == nil || resp.Data.NewToken.Token == "" { - return fmt.Errorf("unicloud api error: received empty token") - } - - c.serverlessJwtToken = resp.Data.NewToken.Token - c.serverlessJwtTokenExp = time.UnixMilli(resp.Data.NewToken.TokenExpired) - - return nil -} - -func (c *Client) ensureApiUserTokenExists() error { - if err := c.ensureServerlessJwtTokenExists(); err != nil { - return err - } - - c.apiUserTokenMtx.Lock() - defer c.apiUserTokenMtx.Unlock() - if c.apiUserToken != "" { - return nil - } - - resp := &getUserTokenResponse{} - if err := c.invokeServerlessWithResult( - uniConsoleEndpoint, uniConsoleClientSecret, uniConsoleAppId, uniConsoleSpaceId, - "uni-cloud-kernel", "", "user/getUserToken", nil, map[string]any{"isLogin": true}, - resp); err != nil { - return err - } else if resp.Data == nil || resp.Data.Data == nil || resp.Data.Data.Data == nil || resp.Data.Data.Data.Token == "" { - return fmt.Errorf("unicloud api error: received empty user token") - } - - c.apiUserToken = resp.Data.Data.Data.Token - - return nil -} - -func (c *Client) CreateDomainWithCert(req *CreateDomainWithCertRequest) (*CreateDomainWithCertResponse, error) { - if err := c.ensureApiUserTokenExists(); err != nil { - return nil, err - } - - resp := &CreateDomainWithCertResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/host/create-domain-with-cert", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/dcloud/unicloud/models.go b/internal/pkg/sdk3rd/dcloud/unicloud/models.go deleted file mode 100644 index 05b02db6..00000000 --- a/internal/pkg/sdk3rd/dcloud/unicloud/models.go +++ /dev/null @@ -1,103 +0,0 @@ -package unicloud - -type BaseResponse interface { - GetSuccess() bool - GetErrorCode() string - GetErrorMessage() string - - GetReturnCode() int32 - GetReturnDesc() string -} - -type baseResponse struct { - Success *bool `json:"success,omitempty"` - Header *map[string]string `json:"header,omitempty"` - Error *struct { - Code string `json:"code"` - Message string `json:"message"` - } `json:"error,omitempty"` - - ReturnCode *int32 `json:"ret,omitempty"` - ReturnDesc *string `json:"desc,omitempty"` -} - -func (r *baseResponse) GetReturnCode() int32 { - if r.ReturnCode != nil { - return *r.ReturnCode - } - return 0 -} - -func (r *baseResponse) GetReturnDesc() string { - if r.ReturnDesc != nil { - return *r.ReturnDesc - } - return "" -} - -func (r *baseResponse) GetSuccess() bool { - if r.Success != nil { - return *r.Success - } - return false -} - -func (r *baseResponse) GetErrorCode() string { - if r.Error != nil { - return r.Error.Code - } - return "" -} - -func (r *baseResponse) GetErrorMessage() string { - if r.Error != nil { - return r.Error.Message - } - return "" -} - -type loginParams struct { - Email string `json:"email,omitempty"` - Mobile string `json:"mobile,omitempty"` - Username string `json:"username,omitempty"` - Password string `json:"password"` -} - -type loginResponse struct { - baseResponse - Data *struct { - Code int32 `json:"errCode"` - UID string `json:"uid"` - NewToken *struct { - Token string `json:"token"` - TokenExpired int64 `json:"tokenExpired"` - } `json:"newToken,omitempty"` - } `json:"data,omitempty"` -} - -type getUserTokenResponse struct { - baseResponse - Data *struct { - Code int32 `json:"code"` - Data *struct { - Result int32 `json:"ret"` - Description string `json:"desc"` - Data *struct { - Email string `json:"email"` - Token string `json:"token"` - } `json:"data,omitempty"` - } `json:"data,omitempty"` - } `json:"data,omitempty"` -} - -type CreateDomainWithCertRequest struct { - Provider string `json:"provider"` - SpaceId string `json:"spaceId"` - Domain string `json:"domain"` - Cert string `json:"cert"` - Key string `json:"key"` -} - -type CreateDomainWithCertResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/dnsla/api.go b/internal/pkg/sdk3rd/dnsla/api.go deleted file mode 100644 index 6f999ce7..00000000 --- a/internal/pkg/sdk3rd/dnsla/api.go +++ /dev/null @@ -1,41 +0,0 @@ -package dnsla - -import ( - "fmt" - "net/http" - "net/url" -) - -func (c *Client) ListDomains(req *ListDomainsRequest) (*ListDomainsResponse, error) { - resp := &ListDomainsResponse{} - err := c.sendRequestWithResult(http.MethodGet, "/domainList", req, resp) - return resp, err -} - -func (c *Client) ListRecords(req *ListRecordsRequest) (*ListRecordsResponse, error) { - resp := &ListRecordsResponse{} - err := c.sendRequestWithResult(http.MethodGet, "/recordList", req, resp) - return resp, err -} - -func (c *Client) CreateRecord(req *CreateRecordRequest) (*CreateRecordResponse, error) { - resp := &CreateRecordResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/record", req, resp) - return resp, err -} - -func (c *Client) UpdateRecord(req *UpdateRecordRequest) (*UpdateRecordResponse, error) { - resp := &UpdateRecordResponse{} - err := c.sendRequestWithResult(http.MethodPut, "/record", req, resp) - return resp, err -} - -func (c *Client) DeleteRecord(req *DeleteRecordRequest) (*DeleteRecordResponse, error) { - if req.Id == "" { - return nil, fmt.Errorf("dnsla api error: invalid parameter: Id") - } - - resp := &DeleteRecordResponse{} - err := c.sendRequestWithResult(http.MethodDelete, fmt.Sprintf("/record?id=%s", url.QueryEscape(req.Id)), req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/dnsla/client.go b/internal/pkg/sdk3rd/dnsla/client.go deleted file mode 100644 index accd36d9..00000000 --- a/internal/pkg/sdk3rd/dnsla/client.go +++ /dev/null @@ -1,79 +0,0 @@ -package dnsla - -import ( - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(apiId, apiSecret string) *Client { - client := resty.New(). - SetBaseURL("https://api.dns.la/api"). - SetBasicAuth(apiId, apiSecret). - SetHeader("User-Agent", "certimate") - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("dnsla api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("dnsla api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("dnsla api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode/100 != 2 { - return fmt.Errorf("dnsla api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/dnsla/models.go b/internal/pkg/sdk3rd/dnsla/models.go deleted file mode 100644 index 38fd623b..00000000 --- a/internal/pkg/sdk3rd/dnsla/models.go +++ /dev/null @@ -1,131 +0,0 @@ -package dnsla - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code *int32 `json:"code,omitempty"` - Message *string `json:"message,omitempty"` -} - -func (r *baseResponse) GetCode() int32 { - if r.Code != nil { - return *r.Code - } - return 0 -} - -func (r *baseResponse) GetMessage() string { - if r.Message != nil { - return *r.Message - } - return "" -} - -type DomainInfo struct { - Id string `json:"id"` - GroupId string `json:"groupId"` - GroupName string `json:"groupName"` - Domain string `json:"domain"` - DisplayDomain string `json:"displayDomain"` - CreatedAt int64 `json:"createdAt"` - UpdatedAt int64 `json:"updatedAt"` -} - -type RecordInfo struct { - Id string `json:"id"` - DomainId string `json:"domainId"` - GroupId string `json:"groupId"` - GroupName string `json:"groupName"` - LineId string `json:"lineId"` - LineCode string `json:"lineCode"` - LineName string `json:"lineName"` - Type int32 `json:"type"` - Host string `json:"host"` - DisplayHost string `json:"displayHost"` - Data string `json:"data"` - DisplayData string `json:"displayData"` - Ttl int32 `json:"ttl"` - Weight int32 `json:"weight"` - Preference int32 `json:"preference"` - CreatedAt int64 `json:"createdAt"` - UpdatedAt int64 `json:"updatedAt"` -} - -type ListDomainsRequest struct { - PageIndex int32 `json:"pageIndex"` - PageSize int32 `json:"pageSize"` - GroupId *string `json:"groupId,omitempty"` -} - -type ListDomainsResponse struct { - baseResponse - Data *struct { - Total int32 `json:"total"` - Results []*DomainInfo `json:"results"` - } `json:"data,omitempty"` -} - -type ListRecordsRequest struct { - PageIndex int32 `json:"pageIndex"` - PageSize int32 `json:"pageSize"` - DomainId string `json:"domainId"` - GroupId *string `json:"groupId,omitempty"` - LineId *string `json:"lineId,omitempty"` - Type *int32 `json:"type,omitempty"` - Host *string `json:"host,omitempty"` - Data *string `json:"data,omitempty"` -} - -type ListRecordsResponse struct { - baseResponse - Data *struct { - Total int32 `json:"total"` - Results []*RecordInfo `json:"results"` - } `json:"data,omitempty"` -} - -type CreateRecordRequest struct { - DomainId string `json:"domainId"` - GroupId *string `json:"groupId,omitempty"` - LineId *string `json:"lineId,omitempty"` - Type int32 `json:"type"` - Host string `json:"host"` - Data string `json:"data"` - Ttl int32 `json:"ttl"` - Weight *int32 `json:"weight,omitempty"` - Preference *int32 `json:"preference,omitempty"` -} - -type CreateRecordResponse struct { - baseResponse - Data *struct { - Id string `json:"id"` - } `json:"data,omitempty"` -} - -type UpdateRecordRequest struct { - Id string `json:"id"` - GroupId *string `json:"groupId,omitempty"` - LineId *string `json:"lineId,omitempty"` - Type *int32 `json:"type,omitempty"` - Host *string `json:"host,omitempty"` - Data *string `json:"data,omitempty"` - Ttl *int32 `json:"ttl,omitempty"` - Weight *int32 `json:"weight,omitempty"` - Preference *int32 `json:"preference,omitempty"` -} - -type UpdateRecordResponse struct { - baseResponse -} - -type DeleteRecordRequest struct { - Id string `json:"-"` -} - -type DeleteRecordResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/dogecloud/client.go b/internal/pkg/sdk3rd/dogecloud/client.go deleted file mode 100644 index 75342907..00000000 --- a/internal/pkg/sdk3rd/dogecloud/client.go +++ /dev/null @@ -1,183 +0,0 @@ -package dogecloud - -import ( - "crypto/hmac" - "crypto/sha1" - "encoding/hex" - "encoding/json" - "fmt" - "io" - "net/http" - "net/url" - "strings" -) - -const dogeHost = "https://api.dogecloud.com" - -type Client struct { - accessKey string - secretKey string -} - -func NewClient(accessKey, secretKey string) *Client { - return &Client{accessKey: accessKey, secretKey: secretKey} -} - -func (c *Client) UploadCdnCert(note, cert, private string) (*UploadCdnCertResponse, error) { - req := &UploadCdnCertRequest{ - Note: note, - Certificate: cert, - PrivateKey: private, - } - - reqBts, err := json.Marshal(req) - if err != nil { - return nil, err - } - - reqMap := make(map[string]interface{}) - err = json.Unmarshal(reqBts, &reqMap) - if err != nil { - return nil, err - } - - respBts, err := c.sendReq(http.MethodPost, "cdn/cert/upload.json", reqMap, true) - if err != nil { - return nil, err - } - - resp := &UploadCdnCertResponse{} - err = json.Unmarshal(respBts, resp) - if err != nil { - return nil, err - } - if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 { - return nil, fmt.Errorf("dogecloud api error, code: %d, msg: %s", *resp.Code, *resp.Message) - } - - return resp, nil -} - -func (c *Client) BindCdnCertWithDomain(certId int64, domain string) (*BindCdnCertResponse, error) { - req := &BindCdnCertRequest{ - CertId: certId, - Domain: &domain, - } - - reqBts, err := json.Marshal(req) - if err != nil { - return nil, err - } - - reqMap := make(map[string]interface{}) - err = json.Unmarshal(reqBts, &reqMap) - if err != nil { - return nil, err - } - - respBts, err := c.sendReq(http.MethodPost, "cdn/cert/bind.json", reqMap, true) - if err != nil { - return nil, err - } - - resp := &BindCdnCertResponse{} - err = json.Unmarshal(respBts, resp) - if err != nil { - return nil, err - } - if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 { - return nil, fmt.Errorf("dogecloud api error, code: %d, msg: %s", *resp.Code, *resp.Message) - } - - return resp, nil -} - -func (c *Client) BindCdnCertWithDomainId(certId int64, domainId int64) (*BindCdnCertResponse, error) { - req := &BindCdnCertRequest{ - CertId: certId, - DomainId: &domainId, - } - - reqBts, err := json.Marshal(req) - if err != nil { - return nil, err - } - - reqMap := make(map[string]interface{}) - err = json.Unmarshal(reqBts, &reqMap) - if err != nil { - return nil, err - } - - respBts, err := c.sendReq(http.MethodPost, "cdn/cert/bind.json", reqMap, true) - if err != nil { - return nil, err - } - - resp := &BindCdnCertResponse{} - err = json.Unmarshal(respBts, resp) - if err != nil { - return nil, err - } - if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 { - return nil, fmt.Errorf("dogecloud api error, code: %d, msg: %s", *resp.Code, *resp.Message) - } - - return resp, nil -} - -// 调用多吉云的 API。 -// https://docs.dogecloud.com/cdn/api-access-token?id=go -// -// 入参: -// - method:GET 或 POST -// - path:是调用的 API 接口地址,包含 URL 请求参数 QueryString,例如:/console/vfetch/add.json?url=xxx&a=1&b=2 -// - data:POST 的数据,对象,例如 {a: 1, b: 2},传递此参数表示不是 GET 请求而是 POST 请求 -// - jsonMode:数据 data 是否以 JSON 格式请求,默认为 false 则使用表单形式(a=1&b=2) -func (c *Client) sendReq(method string, path string, data map[string]interface{}, jsonMode bool) ([]byte, error) { - body := "" - mime := "" - if jsonMode { - _body, err := json.Marshal(data) - if err != nil { - return nil, err - } - body = string(_body) - mime = "application/json" - } else { - values := url.Values{} - for k, v := range data { - values.Set(k, v.(string)) - } - body = values.Encode() - mime = "application/x-www-form-urlencoded" - } - - path = strings.TrimPrefix(path, "/") - signStr := "/" + path + "\n" + body - hmacObj := hmac.New(sha1.New, []byte(c.secretKey)) - hmacObj.Write([]byte(signStr)) - sign := hex.EncodeToString(hmacObj.Sum(nil)) - auth := fmt.Sprintf("TOKEN %s:%s", c.accessKey, sign) - - req, err := http.NewRequest(method, fmt.Sprintf("%s/%s", dogeHost, path), strings.NewReader(body)) - if err != nil { - return nil, err - } - req.Header.Set("Content-Type", mime) - req.Header.Set("Authorization", auth) - - client := http.Client{} - resp, err := client.Do(req) - if err != nil { - return nil, err - } - defer resp.Body.Close() - - bytes, err := io.ReadAll(resp.Body) - if err != nil { - return nil, err - } - - return bytes, nil -} diff --git a/internal/pkg/sdk3rd/dogecloud/models.go b/internal/pkg/sdk3rd/dogecloud/models.go deleted file mode 100644 index 8dd78a3b..00000000 --- a/internal/pkg/sdk3rd/dogecloud/models.go +++ /dev/null @@ -1,31 +0,0 @@ -package dogecloud - -type BaseResponse struct { - Code *int `json:"code,omitempty"` - Message *string `json:"msg,omitempty"` -} - -type UploadCdnCertRequest struct { - Note string `json:"note"` - Certificate string `json:"cert"` - PrivateKey string `json:"private"` -} - -type UploadCdnCertResponseData struct { - Id int64 `json:"id"` -} - -type UploadCdnCertResponse struct { - BaseResponse - Data *UploadCdnCertResponseData `json:"data,omitempty"` -} - -type BindCdnCertRequest struct { - CertId int64 `json:"id"` - DomainId *int64 `json:"did,omitempty"` - Domain *string `json:"domain,omitempty"` -} - -type BindCdnCertResponse struct { - BaseResponse -} diff --git a/internal/pkg/sdk3rd/flexcdn/api.go b/internal/pkg/sdk3rd/flexcdn/api.go deleted file mode 100644 index 5008fdf4..00000000 --- a/internal/pkg/sdk3rd/flexcdn/api.go +++ /dev/null @@ -1,48 +0,0 @@ -package flexcdn - -import ( - "encoding/json" - "fmt" - "net/http" - "time" -) - -func (c *Client) ensureAccessTokenExists() error { - c.accessTokenMtx.Lock() - defer c.accessTokenMtx.Unlock() - if c.accessToken != "" && c.accessTokenExp.After(time.Now()) { - return nil - } - - req := &getAPIAccessTokenRequest{ - Type: c.apiRole, - AccessKeyId: c.accessKeyId, - AccessKey: c.accessKey, - } - res, err := c.sendRequest(http.MethodPost, "/APIAccessTokenService/getAPIAccessToken", req) - if err != nil { - return err - } - - resp := &getAPIAccessTokenResponse{} - if err := json.Unmarshal(res.Body(), &resp); err != nil { - return fmt.Errorf("flexcdn api error: failed to unmarshal response: %w", err) - } else if resp.GetCode() != 200 { - return fmt.Errorf("flexcdn get access token failed: code='%d', message='%s'", resp.GetCode(), resp.GetMessage()) - } - - c.accessToken = resp.Data.Token - c.accessTokenExp = time.Unix(resp.Data.ExpiresAt, 0) - - return nil -} - -func (c *Client) UpdateSSLCert(req *UpdateSSLCertRequest) (*UpdateSSLCertResponse, error) { - if err := c.ensureAccessTokenExists(); err != nil { - return nil, err - } - - resp := &UpdateSSLCertResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/SSLCertService/updateSSLCert", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/flexcdn/client.go b/internal/pkg/sdk3rd/flexcdn/client.go deleted file mode 100644 index 0844ffa5..00000000 --- a/internal/pkg/sdk3rd/flexcdn/client.go +++ /dev/null @@ -1,103 +0,0 @@ -package flexcdn - -import ( - "crypto/tls" - "encoding/json" - "fmt" - "net/http" - "strings" - "sync" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - apiRole string - accessKeyId string - accessKey string - - accessToken string - accessTokenExp time.Time - accessTokenMtx sync.Mutex - - client *resty.Client -} - -func NewClient(serverUrl, apiRole, accessKeyId, accessKey string) *Client { - client := &Client{ - apiRole: apiRole, - accessKeyId: accessKeyId, - accessKey: accessKey, - } - client.client = resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - if client.accessToken != "" { - req.Header.Set("X-Cloud-Access-Token", client.accessToken) - } - - return nil - }) - - return client -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("flexcdn api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("flexcdn api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("flexcdn api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != 200 { - return fmt.Errorf("flexcdn api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/flexcdn/models.go b/internal/pkg/sdk3rd/flexcdn/models.go deleted file mode 100644 index c976eccc..00000000 --- a/internal/pkg/sdk3rd/flexcdn/models.go +++ /dev/null @@ -1,52 +0,0 @@ -package flexcdn - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code int32 `json:"code"` - Message string `json:"message"` -} - -func (r *baseResponse) GetCode() int32 { - return r.Code -} - -func (r *baseResponse) GetMessage() string { - return r.Message -} - -type getAPIAccessTokenRequest struct { - Type string `json:"type"` - AccessKeyId string `json:"accessKeyId"` - AccessKey string `json:"accessKey"` -} - -type getAPIAccessTokenResponse struct { - baseResponse - Data *struct { - Token string `json:"token"` - ExpiresAt int64 `json:"expiresAt"` - } `json:"data,omitempty"` -} - -type UpdateSSLCertRequest struct { - SSLCertId int64 `json:"sslCertId"` - IsOn bool `json:"isOn"` - Name string `json:"name"` - Description string `json:"description"` - ServerName string `json:"serverName"` - IsCA bool `json:"isCA"` - CertData string `json:"certData"` - KeyData string `json:"keyData"` - TimeBeginAt int64 `json:"timeBeginAt"` - TimeEndAt int64 `json:"timeEndAt"` - DNSNames []string `json:"dnsNames"` - CommonNames []string `json:"commonNames"` -} - -type UpdateSSLCertResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/gname/api.go b/internal/pkg/sdk3rd/gname/api.go deleted file mode 100644 index 16b80065..00000000 --- a/internal/pkg/sdk3rd/gname/api.go +++ /dev/null @@ -1,25 +0,0 @@ -package gname - -func (c *Client) AddDomainResolution(req *AddDomainResolutionRequest) (*AddDomainResolutionResponse, error) { - resp := &AddDomainResolutionResponse{} - err := c.sendRequestWithResult("/api/resolution/add", req, resp) - return resp, err -} - -func (c *Client) ModifyDomainResolution(req *ModifyDomainResolutionRequest) (*ModifyDomainResolutionResponse, error) { - resp := &ModifyDomainResolutionResponse{} - err := c.sendRequestWithResult("/api/resolution/edit", req, resp) - return resp, err -} - -func (c *Client) DeleteDomainResolution(req *DeleteDomainResolutionRequest) (*DeleteDomainResolutionResponse, error) { - resp := &DeleteDomainResolutionResponse{} - err := c.sendRequestWithResult("/api/resolution/delete", req, resp) - return resp, err -} - -func (c *Client) ListDomainResolution(req *ListDomainResolutionRequest) (*ListDomainResolutionResponse, error) { - resp := &ListDomainResolutionResponse{} - err := c.sendRequestWithResult("/api/resolution/list", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/gname/client.go b/internal/pkg/sdk3rd/gname/client.go deleted file mode 100644 index 843785a5..00000000 --- a/internal/pkg/sdk3rd/gname/client.go +++ /dev/null @@ -1,104 +0,0 @@ -package gname - -import ( - "crypto/md5" - "encoding/json" - "fmt" - "net/url" - "sort" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - appId string - appKey string - - client *resty.Client -} - -func NewClient(appId, appKey string) *Client { - client := resty.New(). - SetBaseURL("http://api.gname.com"). - SetHeader("Content-Type", "application/x-www-form-urlencoded"). - SetHeader("User-Agent", "certimate") - - return &Client{ - appId: appId, - appKey: appKey, - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) generateSignature(params map[string]string) string { - // Step 1: Sort parameters by ASCII order - var keys []string - for k := range params { - keys = append(keys, k) - } - sort.Strings(keys) - - // Step 2: Create string A with URL-encoded values - var pairs []string - for _, k := range keys { - encodedValue := url.QueryEscape(params[k]) - pairs = append(pairs, fmt.Sprintf("%s=%s", k, encodedValue)) - } - stringA := strings.Join(pairs, "&") - - // Step 3: Append appkey to create string B - stringB := stringA + c.appKey - - // Step 4: Calculate MD5 and convert to uppercase - hash := md5.Sum([]byte(stringB)) - return strings.ToUpper(fmt.Sprintf("%x", hash)) -} - -func (c *Client) sendRequest(path string, params interface{}) (*resty.Response, error) { - data := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - data[k] = fmt.Sprintf("%v", v) - } - } - } - data["appid"] = c.appId - data["gntime"] = fmt.Sprintf("%d", time.Now().Unix()) - data["gntoken"] = c.generateSignature(data) - - req := c.client.R().SetFormData(data) - resp, err := req.Post(path) - if err != nil { - return resp, fmt.Errorf("gname api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("gname api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(path, params) - if err != nil { - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("gname api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != 1 { - return fmt.Errorf("gname api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/gname/models.go b/internal/pkg/sdk3rd/gname/models.go deleted file mode 100644 index a50b609b..00000000 --- a/internal/pkg/sdk3rd/gname/models.go +++ /dev/null @@ -1,81 +0,0 @@ -package gname - -import "encoding/json" - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code int32 `json:"code"` - Message string `json:"msg"` -} - -func (r *baseResponse) GetCode() int32 { - return r.Code -} - -func (r *baseResponse) GetMessage() string { - return r.Message -} - -type AddDomainResolutionRequest struct { - ZoneName string `json:"ym"` - RecordType string `json:"lx"` - RecordName string `json:"zj"` - RecordValue string `json:"jlz"` - MX int32 `json:"mx"` - TTL int32 `json:"ttl"` -} - -type AddDomainResolutionResponse struct { - baseResponse - Data json.Number `json:"data"` -} - -type ModifyDomainResolutionRequest struct { - ID int64 `json:"jxid"` - ZoneName string `json:"ym"` - RecordType string `json:"lx"` - RecordName string `json:"zj"` - RecordValue string `json:"jlz"` - MX int32 `json:"mx"` - TTL int32 `json:"ttl"` -} - -type ModifyDomainResolutionResponse struct { - baseResponse -} - -type DeleteDomainResolutionRequest struct { - ZoneName string `json:"ym"` - RecordID int64 `json:"jxid"` -} - -type DeleteDomainResolutionResponse struct { - baseResponse -} - -type ListDomainResolutionRequest struct { - ZoneName string `json:"ym"` - Page *int32 `json:"page,omitempty"` - PageSize *int32 `json:"limit,omitempty"` -} - -type ListDomainResolutionResponse struct { - baseResponse - Count int32 `json:"count"` - Data []*ResolutionRecord `json:"data"` - Page int32 `json:"page"` - PageSize int32 `json:"pagesize"` -} - -type ResolutionRecord struct { - ID json.Number `json:"id"` - ZoneName string `json:"ym"` - RecordType string `json:"lx"` - RecordName string `json:"zjt"` - RecordValue string `json:"jxz"` - MX int32 `json:"mx"` -} diff --git a/internal/pkg/sdk3rd/goedge/api.go b/internal/pkg/sdk3rd/goedge/api.go deleted file mode 100644 index 4589f70c..00000000 --- a/internal/pkg/sdk3rd/goedge/api.go +++ /dev/null @@ -1,48 +0,0 @@ -package goedge - -import ( - "encoding/json" - "fmt" - "net/http" - "time" -) - -func (c *Client) ensureAccessTokenExists() error { - c.accessTokenMtx.Lock() - defer c.accessTokenMtx.Unlock() - if c.accessToken != "" && c.accessTokenExp.After(time.Now()) { - return nil - } - - req := &getAPIAccessTokenRequest{ - Type: c.apiRole, - AccessKeyId: c.accessKeyId, - AccessKey: c.accessKey, - } - res, err := c.sendRequest(http.MethodPost, "/APIAccessTokenService/getAPIAccessToken", req) - if err != nil { - return err - } - - resp := &getAPIAccessTokenResponse{} - if err := json.Unmarshal(res.Body(), &resp); err != nil { - return fmt.Errorf("goedge api error: failed to unmarshal response: %w", err) - } else if resp.GetCode() != 200 { - return fmt.Errorf("goedge get access token failed: code='%d', message='%s'", resp.GetCode(), resp.GetMessage()) - } - - c.accessToken = resp.Data.Token - c.accessTokenExp = time.Unix(resp.Data.ExpiresAt, 0) - - return nil -} - -func (c *Client) UpdateSSLCert(req *UpdateSSLCertRequest) (*UpdateSSLCertResponse, error) { - if err := c.ensureAccessTokenExists(); err != nil { - return nil, err - } - - resp := &UpdateSSLCertResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/SSLCertService/updateSSLCert", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/goedge/client.go b/internal/pkg/sdk3rd/goedge/client.go deleted file mode 100644 index bc87734a..00000000 --- a/internal/pkg/sdk3rd/goedge/client.go +++ /dev/null @@ -1,103 +0,0 @@ -package goedge - -import ( - "crypto/tls" - "encoding/json" - "fmt" - "net/http" - "strings" - "sync" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - apiRole string - accessKeyId string - accessKey string - - accessToken string - accessTokenExp time.Time - accessTokenMtx sync.Mutex - - client *resty.Client -} - -func NewClient(serverUrl, apiRole, accessKeyId, accessKey string) *Client { - client := &Client{ - apiRole: apiRole, - accessKeyId: accessKeyId, - accessKey: accessKey, - } - client.client = resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - if client.accessToken != "" { - req.Header.Set("X-Edge-Access-Token", client.accessToken) - } - - return nil - }) - - return client -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("goedge api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("goedge api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("goedge api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != 200 { - return fmt.Errorf("goedge api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/goedge/models.go b/internal/pkg/sdk3rd/goedge/models.go deleted file mode 100644 index d19bb558..00000000 --- a/internal/pkg/sdk3rd/goedge/models.go +++ /dev/null @@ -1,52 +0,0 @@ -package goedge - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code int32 `json:"code"` - Message string `json:"message"` -} - -func (r *baseResponse) GetCode() int32 { - return r.Code -} - -func (r *baseResponse) GetMessage() string { - return r.Message -} - -type getAPIAccessTokenRequest struct { - Type string `json:"type"` - AccessKeyId string `json:"accessKeyId"` - AccessKey string `json:"accessKey"` -} - -type getAPIAccessTokenResponse struct { - baseResponse - Data *struct { - Token string `json:"token"` - ExpiresAt int64 `json:"expiresAt"` - } `json:"data,omitempty"` -} - -type UpdateSSLCertRequest struct { - SSLCertId int64 `json:"sslCertId"` - IsOn bool `json:"isOn"` - Name string `json:"name"` - Description string `json:"description"` - ServerName string `json:"serverName"` - IsCA bool `json:"isCA"` - CertData string `json:"certData"` - KeyData string `json:"keyData"` - TimeBeginAt int64 `json:"timeBeginAt"` - TimeEndAt int64 `json:"timeEndAt"` - DNSNames []string `json:"dnsNames"` - CommonNames []string `json:"commonNames"` -} - -type UpdateSSLCertResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/lecdn/v3/client/api.go b/internal/pkg/sdk3rd/lecdn/v3/client/api.go deleted file mode 100644 index 89f9cdc0..00000000 --- a/internal/pkg/sdk3rd/lecdn/v3/client/api.go +++ /dev/null @@ -1,50 +0,0 @@ -package client - -import ( - "encoding/json" - "fmt" - "net/http" -) - -func (c *Client) ensureAccessTokenExists() error { - c.accessTokenMtx.Lock() - defer c.accessTokenMtx.Unlock() - if c.accessToken != "" { - return nil - } - - req := &loginRequest{ - Email: c.username, - Username: c.username, - Password: c.password, - } - res, err := c.sendRequest(http.MethodPost, "/login", req) - if err != nil { - return err - } - - resp := &loginResponse{} - if err := json.Unmarshal(res.Body(), &resp); err != nil { - return fmt.Errorf("lecdn api error: failed to unmarshal response: %w", err) - } else if resp.GetCode() != 200 { - return fmt.Errorf("lecdn get token failed: code='%d', message='%s'", resp.GetCode(), resp.GetMessage()) - } - - c.accessToken = resp.Data.Token - - return nil -} - -func (c *Client) UpdateCertificate(certId int64, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { - if certId == 0 { - return nil, fmt.Errorf("lecdn api error: invalid parameter: CertId") - } - - if err := c.ensureAccessTokenExists(); err != nil { - return nil, err - } - - resp := &UpdateCertificateResponse{} - err := c.sendRequestWithResult(http.MethodPut, fmt.Sprintf("/certificate/%d", certId), req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/lecdn/v3/client/client.go b/internal/pkg/sdk3rd/lecdn/v3/client/client.go deleted file mode 100644 index 4af04d4f..00000000 --- a/internal/pkg/sdk3rd/lecdn/v3/client/client.go +++ /dev/null @@ -1,100 +0,0 @@ -package client - -import ( - "crypto/tls" - "encoding/json" - "fmt" - "net/http" - "strings" - "sync" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - username string - password string - - accessToken string - accessTokenMtx sync.Mutex - - client *resty.Client -} - -func NewClient(serverUrl, username, password string) *Client { - client := &Client{ - username: username, - password: password, - } - client.client = resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")+"/prod-api"). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - if client.accessToken != "" { - req.Header.Set("Authorization", "Bearer "+client.accessToken) - } - - return nil - }) - - return client -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("lecdn api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("lecdn api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("lecdn api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != 200 { - return fmt.Errorf("lecdn api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/lecdn/v3/client/models.go b/internal/pkg/sdk3rd/lecdn/v3/client/models.go deleted file mode 100644 index 6d63ea79..00000000 --- a/internal/pkg/sdk3rd/lecdn/v3/client/models.go +++ /dev/null @@ -1,47 +0,0 @@ -package client - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code int32 `json:"code"` - Message string `json:"msg"` -} - -func (r *baseResponse) GetCode() int32 { - return r.Code -} - -func (r *baseResponse) GetMessage() string { - return r.Message -} - -type loginRequest struct { - Email string `json:"email"` - Username string `json:"username"` - Password string `json:"password"` -} - -type loginResponse struct { - baseResponse - Data *struct { - UserId int64 `json:"user_id"` - Username string `json:"username"` - Token string `json:"token"` - } `json:"data,omitempty"` -} - -type UpdateCertificateRequest struct { - Name string `json:"name"` - Description string `json:"description"` - Type string `json:"type"` - SSLPEM string `json:"ssl_pem"` - SSLKey string `json:"ssl_key"` - AutoRenewal bool `json:"auto_renewal"` -} - -type UpdateCertificateResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/lecdn/v3/master/api.go b/internal/pkg/sdk3rd/lecdn/v3/master/api.go deleted file mode 100644 index 00f24a70..00000000 --- a/internal/pkg/sdk3rd/lecdn/v3/master/api.go +++ /dev/null @@ -1,49 +0,0 @@ -package master - -import ( - "encoding/json" - "fmt" - "net/http" -) - -func (c *Client) ensureAccessTokenExists() error { - c.accessTokenMtx.Lock() - defer c.accessTokenMtx.Unlock() - if c.accessToken != "" { - return nil - } - - req := &loginRequest{ - Username: c.username, - Password: c.password, - } - res, err := c.sendRequest(http.MethodPost, "/auth/login", req) - if err != nil { - return err - } - - resp := &loginResponse{} - if err := json.Unmarshal(res.Body(), &resp); err != nil { - return fmt.Errorf("lecdn api error: failed to unmarshal response: %w", err) - } else if resp.GetCode() != 200 { - return fmt.Errorf("lecdn get token failed: code='%d', message='%s'", resp.GetCode(), resp.GetMessage()) - } - - c.accessToken = resp.Data.Token - - return nil -} - -func (c *Client) UpdateCertificate(certId int64, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { - if certId == 0 { - return nil, fmt.Errorf("lecdn api error: invalid parameter: CertId") - } - - if err := c.ensureAccessTokenExists(); err != nil { - return nil, err - } - - resp := &UpdateCertificateResponse{} - err := c.sendRequestWithResult(http.MethodPut, fmt.Sprintf("/certificate/%d", certId), req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/lecdn/v3/master/client.go b/internal/pkg/sdk3rd/lecdn/v3/master/client.go deleted file mode 100644 index dc033634..00000000 --- a/internal/pkg/sdk3rd/lecdn/v3/master/client.go +++ /dev/null @@ -1,100 +0,0 @@ -package master - -import ( - "crypto/tls" - "encoding/json" - "fmt" - "net/http" - "strings" - "sync" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - username string - password string - - accessToken string - accessTokenMtx sync.Mutex - - client *resty.Client -} - -func NewClient(serverUrl, username, password string) *Client { - client := &Client{ - username: username, - password: password, - } - client.client = resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")+"/prod-api"). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - if client.accessToken != "" { - req.Header.Set("Authorization", "Bearer "+client.accessToken) - } - - return nil - }) - - return client -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("lecdn api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("lecdn api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("lecdn api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != 200 { - return fmt.Errorf("lecdn api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/lecdn/v3/master/models.go b/internal/pkg/sdk3rd/lecdn/v3/master/models.go deleted file mode 100644 index 2e896f42..00000000 --- a/internal/pkg/sdk3rd/lecdn/v3/master/models.go +++ /dev/null @@ -1,47 +0,0 @@ -package master - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code int32 `json:"code"` - Message string `json:"message"` -} - -func (r *baseResponse) GetCode() int32 { - return r.Code -} - -func (r *baseResponse) GetMessage() string { - return r.Message -} - -type loginRequest struct { - Username string `json:"username"` - Password string `json:"password"` -} - -type loginResponse struct { - baseResponse - Data *struct { - UserId int64 `json:"user_id"` - Username string `json:"username"` - Token string `json:"token"` - } `json:"data,omitempty"` -} - -type UpdateCertificateRequest struct { - ClientId int64 `json:"client_id"` - Name string `json:"name"` - Description string `json:"description"` - Type string `json:"type"` - SSLPEM string `json:"ssl_pem"` - SSLKey string `json:"ssl_key"` - AutoRenewal bool `json:"auto_renewal"` -} - -type UpdateCertificateResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/netlify/api.go b/internal/pkg/sdk3rd/netlify/api.go deleted file mode 100644 index 095ff303..00000000 --- a/internal/pkg/sdk3rd/netlify/api.go +++ /dev/null @@ -1,17 +0,0 @@ -package netlify - -import ( - "fmt" - "net/http" - "net/url" -) - -func (c *Client) ProvisionSiteTLSCertificate(siteId string, params *ProvisionSiteTLSCertificateParams) (*ProvisionSiteTLSCertificateResponse, error) { - if siteId == "" { - return nil, fmt.Errorf("netlify api error: invalid parameter: SiteId") - } - - resp := &ProvisionSiteTLSCertificateResponse{} - err := c.sendRequestWithResult(http.MethodPost, fmt.Sprintf("/sites/%s/ssl", url.PathEscape(siteId)), params, nil, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/netlify/client.go b/internal/pkg/sdk3rd/netlify/client.go deleted file mode 100644 index bf3f4ad6..00000000 --- a/internal/pkg/sdk3rd/netlify/client.go +++ /dev/null @@ -1,93 +0,0 @@ -package netlify - -import ( - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(apiToken string) *Client { - client := resty.New(). - SetBaseURL("https://api.netlify.com/api/v1"). - SetHeader("Authorization", "Bearer "+apiToken). - SetHeader("User-Agent", "certimate") - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) sendRequest(method string, path string, queryParams interface{}, payloadParams interface{}) (*resty.Response, error) { - req := c.client.R() - - if queryParams != nil { - qs := make(map[string]string) - temp := make(map[string]any) - jsonb, _ := json.Marshal(queryParams) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - req = req.SetQueryParams(qs) - } - - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if payloadParams != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(payloadParams) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(payloadParams) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("netlify api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("netlify api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, queryParams interface{}, payloadParams interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, queryParams, payloadParams) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("netlify api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode != 0 { - return fmt.Errorf("netlify api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/netlify/models.go b/internal/pkg/sdk3rd/netlify/models.go deleted file mode 100644 index 3ff2d216..00000000 --- a/internal/pkg/sdk3rd/netlify/models.go +++ /dev/null @@ -1,40 +0,0 @@ -package netlify - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code *int32 `json:"code,omitempty"` - Message *string `json:"message,omitempty"` -} - -func (r *baseResponse) GetCode() int32 { - if r.Code != nil { - return *r.Code - } - return 0 -} - -func (r *baseResponse) GetMessage() string { - if r.Message != nil { - return *r.Message - } - return "" -} - -type ProvisionSiteTLSCertificateParams struct { - Certificate string `json:"certificate"` - CACertificates string `json:"ca_certificates"` - Key string `json:"key"` -} - -type ProvisionSiteTLSCertificateResponse struct { - baseResponse - Domains []string `json:"domains,omitempty"` - State string `json:"state,omitempty"` - ExpiresAt string `json:"expires_at,omitempty"` - CreatedAt string `json:"created_at,omitempty"` - UpdatedAt string `json:"updated_at,omitempty"` -} diff --git a/internal/pkg/sdk3rd/qiniu/client.go b/internal/pkg/sdk3rd/qiniu/client.go deleted file mode 100644 index 0d777aa3..00000000 --- a/internal/pkg/sdk3rd/qiniu/client.go +++ /dev/null @@ -1,85 +0,0 @@ -package qiniu - -import ( - "context" - "fmt" - "net/http" - "strings" - - "github.com/qiniu/go-sdk/v7/auth" - "github.com/qiniu/go-sdk/v7/client" -) - -const qiniuHost = "https://api.qiniu.com" - -type Client struct { - client *client.Client -} - -func NewClient(mac *auth.Credentials) *Client { - if mac == nil { - mac = auth.Default() - } - - client := client.DefaultClient - client.Transport = newTransport(mac, nil) - return &Client{client: &client} -} - -func (c *Client) GetDomainInfo(ctx context.Context, domain string) (*GetDomainInfoResponse, error) { - resp := new(GetDomainInfoResponse) - if err := c.client.Call(ctx, resp, http.MethodGet, c.urlf("domain/%s", domain), nil); err != nil { - return nil, err - } - return resp, nil -} - -func (c *Client) ModifyDomainHttpsConf(ctx context.Context, domain string, certId string, forceHttps bool, http2Enable bool) (*ModifyDomainHttpsConfResponse, error) { - req := &ModifyDomainHttpsConfRequest{ - DomainInfoHttpsData: DomainInfoHttpsData{ - CertID: certId, - ForceHttps: forceHttps, - Http2Enable: http2Enable, - }, - } - resp := new(ModifyDomainHttpsConfResponse) - if err := c.client.CallWithJson(ctx, resp, http.MethodPut, c.urlf("domain/%s/httpsconf", domain), nil, req); err != nil { - return nil, err - } - return resp, nil -} - -func (c *Client) EnableDomainHttps(ctx context.Context, domain string, certId string, forceHttps bool, http2Enable bool) (*EnableDomainHttpsResponse, error) { - req := &EnableDomainHttpsRequest{ - DomainInfoHttpsData: DomainInfoHttpsData{ - CertID: certId, - ForceHttps: forceHttps, - Http2Enable: http2Enable, - }, - } - resp := new(EnableDomainHttpsResponse) - if err := c.client.CallWithJson(ctx, resp, http.MethodPut, c.urlf("domain/%s/sslize", domain), nil, req); err != nil { - return nil, err - } - return resp, nil -} - -func (c *Client) UploadSslCert(ctx context.Context, name string, commonName string, certificate string, privateKey string) (*UploadSslCertResponse, error) { - req := &UploadSslCertRequest{ - Name: name, - CommonName: commonName, - Certificate: certificate, - PrivateKey: privateKey, - } - resp := new(UploadSslCertResponse) - if err := c.client.CallWithJson(ctx, resp, http.MethodPost, c.urlf("sslcert"), nil, req); err != nil { - return nil, err - } - return resp, nil -} - -func (c *Client) urlf(pathf string, pathargs ...any) string { - path := fmt.Sprintf(pathf, pathargs...) - path = strings.TrimPrefix(path, "/") - return qiniuHost + "/" + path -} diff --git a/internal/pkg/sdk3rd/qiniu/models.go b/internal/pkg/sdk3rd/qiniu/models.go deleted file mode 100644 index 1c832caf..00000000 --- a/internal/pkg/sdk3rd/qiniu/models.go +++ /dev/null @@ -1,54 +0,0 @@ -package qiniu - -type BaseResponse struct { - Code *int `json:"code,omitempty"` - Error *string `json:"error,omitempty"` -} - -type UploadSslCertRequest struct { - Name string `json:"name"` - CommonName string `json:"common_name"` - Certificate string `json:"ca"` - PrivateKey string `json:"pri"` -} - -type UploadSslCertResponse struct { - BaseResponse - CertID string `json:"certID"` -} - -type DomainInfoHttpsData struct { - CertID string `json:"certId"` - ForceHttps bool `json:"forceHttps"` - Http2Enable bool `json:"http2Enable"` -} - -type GetDomainInfoResponse struct { - BaseResponse - Name string `json:"name"` - Type string `json:"type"` - CName string `json:"cname"` - Https *DomainInfoHttpsData `json:"https"` - PareDomain string `json:"pareDomain"` - OperationType string `json:"operationType"` - OperatingState string `json:"operatingState"` - OperatingStateDesc string `json:"operatingStateDesc"` - CreateAt string `json:"createAt"` - ModifyAt string `json:"modifyAt"` -} - -type ModifyDomainHttpsConfRequest struct { - DomainInfoHttpsData -} - -type ModifyDomainHttpsConfResponse struct { - BaseResponse -} - -type EnableDomainHttpsRequest struct { - DomainInfoHttpsData -} - -type EnableDomainHttpsResponse struct { - BaseResponse -} diff --git a/internal/pkg/sdk3rd/rainyun/api.go b/internal/pkg/sdk3rd/rainyun/api.go deleted file mode 100644 index cdb0eccb..00000000 --- a/internal/pkg/sdk3rd/rainyun/api.go +++ /dev/null @@ -1,38 +0,0 @@ -package rainyun - -import ( - "fmt" - "net/http" -) - -func (c *Client) SslCenterList(req *SslCenterListRequest) (*SslCenterListResponse, error) { - resp := &SslCenterListResponse{} - err := c.sendRequestWithResult(http.MethodGet, "/product/sslcenter", req, resp) - return resp, err -} - -func (c *Client) SslCenterGet(id int32) (*SslCenterGetResponse, error) { - if id == 0 { - return nil, fmt.Errorf("rainyun api error: invalid parameter: id") - } - - resp := &SslCenterGetResponse{} - err := c.sendRequestWithResult(http.MethodGet, fmt.Sprintf("/product/sslcenter/%d", id), nil, resp) - return resp, err -} - -func (c *Client) SslCenterCreate(req *SslCenterCreateRequest) (*SslCenterCreateResponse, error) { - resp := &SslCenterCreateResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/product/sslcenter/", req, resp) - return resp, err -} - -func (c *Client) RcdnInstanceSslBind(id int32, req *RcdnInstanceSslBindRequest) (*RcdnInstanceSslBindResponse, error) { - if id == 0 { - return nil, fmt.Errorf("rainyun api error: invalid parameter: id") - } - - resp := &RcdnInstanceSslBindResponse{} - err := c.sendRequestWithResult(http.MethodPost, fmt.Sprintf("/product/rcdn/instance/%d/ssl_bind", id), req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/rainyun/client.go b/internal/pkg/sdk3rd/rainyun/client.go deleted file mode 100644 index cf9e1895..00000000 --- a/internal/pkg/sdk3rd/rainyun/client.go +++ /dev/null @@ -1,70 +0,0 @@ -package rainyun - -import ( - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(apiKey string) *Client { - client := resty.New(). - SetBaseURL("https://api.v2.rainyun.com"). - SetHeader("User-Agent", "certimate"). - SetHeader("X-API-Key", apiKey) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - if params != nil { - jsonb, _ := json.Marshal(params) - req = req.SetQueryParam("options", string(jsonb)) - } - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("rainyun api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("rainyun api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("rainyun api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetCode(); errcode/100 != 2 { - return fmt.Errorf("rainyun api error: code='%d', message='%s'", errcode, result.GetMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/rainyun/models.go b/internal/pkg/sdk3rd/rainyun/models.go deleted file mode 100644 index e6ef4671..00000000 --- a/internal/pkg/sdk3rd/rainyun/models.go +++ /dev/null @@ -1,83 +0,0 @@ -package rainyun - -type BaseResponse interface { - GetCode() int32 - GetMessage() string -} - -type baseResponse struct { - Code *int32 `json:"code,omitempty"` - Message *string `json:"message,omitempty"` -} - -func (r *baseResponse) GetCode() int32 { - if r.Code != nil { - return *r.Code - } - return 0 -} - -func (r *baseResponse) GetMessage() string { - if r.Message != nil { - return *r.Message - } - return "" -} - -type SslCenterListFilters struct { - Domain *string `json:"Domain,omitempty"` -} - -type SslCenterListRequest struct { - Filters *SslCenterListFilters `json:"columnFilters,omitempty"` - Sort []*string `json:"sort,omitempty"` - Page *int32 `json:"page,omitempty"` - PerPage *int32 `json:"perPage,omitempty"` -} - -type SslCenterListResponse struct { - baseResponse - Data *struct { - TotalRecords int32 `json:"TotalRecords"` - Records []*struct { - ID int32 `json:"ID"` - UID int32 `json:"UID"` - Domain string `json:"Domain"` - Issuer string `json:"Issuer"` - StartDate int64 `json:"StartDate"` - ExpireDate int64 `json:"ExpDate"` - UploadTime int64 `json:"UploadTime"` - } `json:"Records"` - } `json:"data,omitempty"` -} - -type SslCenterGetResponse struct { - baseResponse - Data *struct { - Cert string `json:"Cert"` - Key string `json:"Key"` - Domain string `json:"DomainName"` - Issuer string `json:"Issuer"` - StartDate int64 `json:"StartDate"` - ExpireDate int64 `json:"ExpDate"` - RemainDays int32 `json:"RemainDays"` - } `json:"data,omitempty"` -} - -type SslCenterCreateRequest struct { - Cert string `json:"cert"` - Key string `json:"key"` -} - -type SslCenterCreateResponse struct { - baseResponse -} - -type RcdnInstanceSslBindRequest struct { - CertId int32 `json:"cert_id"` - Domains []string `json:"domains"` -} - -type RcdnInstanceSslBindResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/ratpanel/api.go b/internal/pkg/sdk3rd/ratpanel/api.go deleted file mode 100644 index 17f8110f..00000000 --- a/internal/pkg/sdk3rd/ratpanel/api.go +++ /dev/null @@ -1,15 +0,0 @@ -package ratpanelsdk - -import "net/http" - -func (c *Client) SettingCert(req *SettingCertRequest) (*SettingCertResponse, error) { - resp := &SettingCertResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/setting/cert", req, resp) - return resp, err -} - -func (c *Client) WebsiteCert(req *WebsiteCertRequest) (*WebsiteCertResponse, error) { - resp := &WebsiteCertResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/website/cert", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/ratpanel/client.go b/internal/pkg/sdk3rd/ratpanel/client.go deleted file mode 100644 index e1abb6c5..00000000 --- a/internal/pkg/sdk3rd/ratpanel/client.go +++ /dev/null @@ -1,142 +0,0 @@ -package ratpanelsdk - -import ( - "bytes" - "crypto/hmac" - "crypto/sha256" - "crypto/tls" - "encoding/hex" - "encoding/json" - "fmt" - "io" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(serverUrl string, accessTokenId int32, accessToken string) *Client { - client := resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")+"/api"). - SetHeader("Accept", "application/json"). - SetHeader("Content-Type", "application/json"). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - var body []byte - var err error - - if req.Body != nil { - body, err = io.ReadAll(req.Body) - if err != nil { - return err - } - req.Body = io.NopCloser(bytes.NewReader(body)) - } - - canonicalPath := req.URL.Path - if !strings.HasPrefix(canonicalPath, "/api") { - index := strings.Index(canonicalPath, "/api") - if index != -1 { - canonicalPath = canonicalPath[index:] - } - } - - canonicalRequest := fmt.Sprintf("%s\n%s\n%s\n%s", - req.Method, - canonicalPath, - req.URL.Query().Encode(), - sha256Sum(string(body))) - - timestamp := time.Now().Unix() - req.Header.Set("X-Timestamp", fmt.Sprintf("%d", timestamp)) - - stringToSign := fmt.Sprintf("%s\n%d\n%s", - "HMAC-SHA256", - timestamp, - sha256Sum(canonicalRequest)) - signature := hmacSha256(stringToSign, accessToken) - req.Header.Set("Authorization", fmt.Sprintf("HMAC-SHA256 Credential=%d, Signature=%s", accessTokenId, signature)) - - return nil - }) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("ratpanel api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("ratpanel api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.Body()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err = json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("ratpanel api error: failed to unmarshal response: %w", err) - } else if errmsg := result.GetMessage(); errmsg != "success" { - return fmt.Errorf("ratpanel api error: message='%s'", errmsg) - } - - return nil -} - -func sha256Sum(str string) string { - sum := sha256.Sum256([]byte(str)) - dst := make([]byte, hex.EncodedLen(len(sum))) - hex.Encode(dst, sum[:]) - return string(dst) -} - -func hmacSha256(data string, secret string) string { - h := hmac.New(sha256.New, []byte(secret)) - h.Write([]byte(data)) - return hex.EncodeToString(h.Sum(nil)) -} diff --git a/internal/pkg/sdk3rd/ratpanel/models.go b/internal/pkg/sdk3rd/ratpanel/models.go deleted file mode 100644 index bf5f53fb..00000000 --- a/internal/pkg/sdk3rd/ratpanel/models.go +++ /dev/null @@ -1,35 +0,0 @@ -package ratpanelsdk - -type BaseResponse interface { - GetMessage() string -} - -type baseResponse struct { - Message *string `json:"msg,omitempty"` -} - -func (r *baseResponse) GetMessage() string { - if r.Message != nil { - return *r.Message - } - return "" -} - -type SettingCertRequest struct { - Certificate string `json:"cert"` - PrivateKey string `json:"key"` -} - -type SettingCertResponse struct { - baseResponse -} - -type WebsiteCertRequest struct { - SiteName string `json:"name"` - Certificate string `json:"cert"` - PrivateKey string `json:"key"` -} - -type WebsiteCertResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/safeline/api.go b/internal/pkg/sdk3rd/safeline/api.go deleted file mode 100644 index 52024370..00000000 --- a/internal/pkg/sdk3rd/safeline/api.go +++ /dev/null @@ -1,7 +0,0 @@ -package safeline - -func (c *Client) UpdateCertificate(req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { - resp := &UpdateCertificateResponse{} - err := c.sendRequestWithResult("/api/open/cert", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/safeline/client.go b/internal/pkg/sdk3rd/safeline/client.go deleted file mode 100644 index 05ee6d1a..00000000 --- a/internal/pkg/sdk3rd/safeline/client.go +++ /dev/null @@ -1,71 +0,0 @@ -package safeline - -import ( - "crypto/tls" - "encoding/json" - "fmt" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - client *resty.Client -} - -func NewClient(serverUrl, apiToken string) *Client { - client := resty.New(). - SetBaseURL(strings.TrimRight(serverUrl, "/")). - SetHeader("Content-Type", "application/json"). - SetHeader("User-Agent", "certimate"). - SetHeader("X-SLCE-API-TOKEN", apiToken) - - return &Client{ - client: client, - } -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) WithTLSConfig(config *tls.Config) *Client { - c.client.SetTLSClientConfig(config) - return c -} - -func (c *Client) sendRequest(path string, params interface{}) (*resty.Response, error) { - req := c.client.R().SetBody(params) - resp, err := req.Post(path) - if err != nil { - return resp, fmt.Errorf("safeline api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("safeline api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(path string, params interface{}, result BaseResponse) error { - resp, err := c.sendRequest(path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("safeline api error: failed to unmarshal response: %w", err) - } else if errcode := result.GetErrCode(); errcode != nil && *errcode != "" { - if result.GetErrMsg() == nil { - return fmt.Errorf("safeline api error: code='%s'", *errcode) - } else { - return fmt.Errorf("safeline api error: code='%s', message='%s'", *errcode, *result.GetErrMsg()) - } - } - - return nil -} diff --git a/internal/pkg/sdk3rd/safeline/models.go b/internal/pkg/sdk3rd/safeline/models.go deleted file mode 100644 index f37b4348..00000000 --- a/internal/pkg/sdk3rd/safeline/models.go +++ /dev/null @@ -1,34 +0,0 @@ -package safeline - -type BaseResponse interface { - GetErrCode() *string - GetErrMsg() *string -} - -type baseResponse struct { - ErrCode *string `json:"err,omitempty"` - ErrMsg *string `json:"msg,omitempty"` -} - -func (r *baseResponse) GetErrCode() *string { - return r.ErrCode -} - -func (r *baseResponse) GetErrMsg() *string { - return r.ErrMsg -} - -type UpdateCertificateRequest struct { - Id int32 `json:"id"` - Type int32 `json:"type"` - Manual *UpdateCertificateRequestBodyManul `json:"manual"` -} - -type UpdateCertificateRequestBodyManul struct { - Crt string `json:"crt"` - Key string `json:"key"` -} - -type UpdateCertificateResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/ucloud/udnr/apis.go b/internal/pkg/sdk3rd/ucloud/udnr/apis.go deleted file mode 100644 index af878e5b..00000000 --- a/internal/pkg/sdk3rd/ucloud/udnr/apis.go +++ /dev/null @@ -1,115 +0,0 @@ -package udnr - -import ( - "github.com/ucloud/ucloud-sdk-go/ucloud/request" - "github.com/ucloud/ucloud-sdk-go/ucloud/response" -) - -type QueryDomainDNSRequest struct { - request.CommonBase - - Dn *string `required:"true"` -} - -type QueryDomainDNSResponse struct { - response.CommonBase - - Data []DomainDNSRecord -} - -func (c *UDNRClient) NewQueryDomainDNSRequest() *QueryDomainDNSRequest { - req := &QueryDomainDNSRequest{} - - c.Client.SetupRequest(req) - - req.SetRetryable(false) - return req -} - -func (c *UDNRClient) QueryDomainDNS(req *QueryDomainDNSRequest) (*QueryDomainDNSResponse, error) { - var err error - var res QueryDomainDNSResponse - - reqCopier := *req - - err = c.Client.InvokeAction("UdnrDomainDNSQuery", &reqCopier, &res) - if err != nil { - return &res, err - } - - return &res, nil -} - -type AddDomainDNSRequest struct { - request.CommonBase - - Dn *string `required:"true"` - DnsType *string `required:"true"` - RecordName *string `required:"true"` - Content *string `required:"true"` - TTL *int `required:"true"` - Prio *int `required:"false"` -} - -type AddDomainDNSResponse struct { - response.CommonBase -} - -func (c *UDNRClient) NewAddDomainDNSRequest() *AddDomainDNSRequest { - req := &AddDomainDNSRequest{} - - c.Client.SetupRequest(req) - - req.SetRetryable(false) - return req -} - -func (c *UDNRClient) AddDomainDNS(req *AddDomainDNSRequest) (*AddDomainDNSResponse, error) { - var err error - var res AddDomainDNSResponse - - reqCopier := *req - - err = c.Client.InvokeAction("UdnrDomainDNSAdd", &reqCopier, &res) - if err != nil { - return &res, err - } - - return &res, nil -} - -type DeleteDomainDNSRequest struct { - request.CommonBase - - Dn *string `required:"true"` - DnsType *string `required:"true"` - RecordName *string `required:"true"` - Content *string `required:"true"` -} - -type DeleteDomainDNSResponse struct { - response.CommonBase -} - -func (c *UDNRClient) NewDeleteDomainDNSRequest() *DeleteDomainDNSRequest { - req := &DeleteDomainDNSRequest{} - - c.Client.SetupRequest(req) - - req.SetRetryable(false) - return req -} - -func (c *UDNRClient) DeleteDomainDNS(req *DeleteDomainDNSRequest) (*DeleteDomainDNSResponse, error) { - var err error - var res DeleteDomainDNSResponse - - reqCopier := *req - - err = c.Client.InvokeAction("UdnrDeleteDnsRecord", &reqCopier, &res) - if err != nil { - return &res, err - } - - return &res, nil -} diff --git a/internal/pkg/sdk3rd/ucloud/ussl/apis.go b/internal/pkg/sdk3rd/ucloud/ussl/apis.go deleted file mode 100644 index d9ec7674..00000000 --- a/internal/pkg/sdk3rd/ucloud/ussl/apis.go +++ /dev/null @@ -1,161 +0,0 @@ -package ussl - -import ( - "github.com/ucloud/ucloud-sdk-go/ucloud/request" - "github.com/ucloud/ucloud-sdk-go/ucloud/response" -) - -type UploadNormalCertificateRequest struct { - request.CommonBase - - CertificateName *string `required:"true"` - SslPublicKey *string `required:"true"` - SslPrivateKey *string `required:"true"` - SslMD5 *string `required:"true"` - SslCaKey *string `required:"false"` -} - -type UploadNormalCertificateResponse struct { - response.CommonBase - - CertificateID int - LongResourceID string -} - -func (c *USSLClient) NewUploadNormalCertificateRequest() *UploadNormalCertificateRequest { - req := &UploadNormalCertificateRequest{} - - c.Client.SetupRequest(req) - - req.SetRetryable(false) - return req -} - -func (c *USSLClient) UploadNormalCertificate(req *UploadNormalCertificateRequest) (*UploadNormalCertificateResponse, error) { - var err error - var res UploadNormalCertificateResponse - - reqCopier := *req - - err = c.Client.InvokeAction("UploadNormalCertificate", &reqCopier, &res) - if err != nil { - return &res, err - } - - return &res, nil -} - -type GetCertificateListRequest struct { - request.CommonBase - - Mode *string `required:"true"` - StateCode *string `required:"false"` - Brand *string `required:"false"` - CaOrganization *string `required:"false"` - Domain *string `required:"false"` - Sort *string `required:"false"` - Page *int `required:"false"` - PageSize *int `required:"false"` -} - -type GetCertificateListResponse struct { - response.CommonBase - - CertificateList []*CertificateListItem - TotalCount int -} - -func (c *USSLClient) NewGetCertificateListRequest() *GetCertificateListRequest { - req := &GetCertificateListRequest{} - - c.Client.SetupRequest(req) - - req.SetRetryable(false) - return req -} - -func (c *USSLClient) GetCertificateList(req *GetCertificateListRequest) (*GetCertificateListResponse, error) { - var err error - var res GetCertificateListResponse - - reqCopier := *req - - err = c.Client.InvokeAction("GetCertificateList", &reqCopier, &res) - if err != nil { - return &res, err - } - - return &res, nil -} - -type GetCertificateDetailInfoRequest struct { - request.CommonBase - - CertificateID *int `required:"true"` -} - -type GetCertificateDetailInfoResponse struct { - response.CommonBase - - CertificateInfo *CertificateInfo -} - -func (c *USSLClient) NewGetCertificateDetailInfoRequest() *GetCertificateDetailInfoRequest { - req := &GetCertificateDetailInfoRequest{} - - c.Client.SetupRequest(req) - - req.SetRetryable(false) - return req -} - -func (c *USSLClient) GetCertificateDetailInfo(req *GetCertificateDetailInfoRequest) (*GetCertificateDetailInfoResponse, error) { - var err error - var res GetCertificateDetailInfoResponse - - reqCopier := *req - - err = c.Client.InvokeAction("GetCertificateDetailInfo", &reqCopier, &res) - if err != nil { - return &res, err - } - - return &res, nil -} - -type DownloadCertificateRequest struct { - request.CommonBase - - CertificateID *int `required:"true"` -} - -type DownloadCertificateResponse struct { - response.CommonBase - - CertificateUrl string - CertCA *CertificateDownloadInfo - Certificate *CertificateDownloadInfo -} - -func (c *USSLClient) NewDownloadCertificateRequest() *DownloadCertificateRequest { - req := &DownloadCertificateRequest{} - - c.Client.SetupRequest(req) - - req.SetRetryable(false) - return req -} - -func (c *USSLClient) DownloadCertificate(req *DownloadCertificateRequest) (*DownloadCertificateResponse, error) { - var err error - var res DownloadCertificateResponse - - reqCopier := *req - - err = c.Client.InvokeAction("DownloadCertificate", &reqCopier, &res) - if err != nil { - return &res, err - } - - return &res, nil -} diff --git a/internal/pkg/sdk3rd/upyun/console/api.go b/internal/pkg/sdk3rd/upyun/console/api.go deleted file mode 100644 index ce62d3a6..00000000 --- a/internal/pkg/sdk3rd/upyun/console/api.go +++ /dev/null @@ -1,83 +0,0 @@ -package console - -import ( - "encoding/json" - "errors" - "fmt" - "net/http" -) - -func (c *Client) ensureCookieExists() error { - if c.loginCookie != "" { - return nil - } - - req := &signinRequest{Username: c.username, Password: c.password} - res, err := c.sendRequest(http.MethodPost, "/accounts/signin/", req) - if err != nil { - return err - } - - resp := &signinResponse{} - if err := json.Unmarshal(res.Body(), &resp); err != nil { - return fmt.Errorf("upyun api error: failed to unmarshal response: %w", err) - } else if !resp.Data.Result { - return errors.New("upyun console signin failed") - } - - c.loginCookie = res.Header().Get("Set-Cookie") - - return nil -} - -func (c *Client) UploadHttpsCertificate(req *UploadHttpsCertificateRequest) (*UploadHttpsCertificateResponse, error) { - if err := c.ensureCookieExists(); err != nil { - return nil, err - } - - resp := &UploadHttpsCertificateResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/api/https/certificate/", req, resp) - return resp, err -} - -func (c *Client) GetHttpsCertificateManager(certificateId string) (*GetHttpsCertificateManagerResponse, error) { - if err := c.ensureCookieExists(); err != nil { - return nil, err - } - - req := &GetHttpsCertificateManagerRequest{CertificateId: certificateId} - resp := &GetHttpsCertificateManagerResponse{} - err := c.sendRequestWithResult(http.MethodGet, "/api/https/certificate/manager/", req, resp) - return resp, err -} - -func (c *Client) UpdateHttpsCertificateManager(req *UpdateHttpsCertificateManagerRequest) (*UpdateHttpsCertificateManagerResponse, error) { - if err := c.ensureCookieExists(); err != nil { - return nil, err - } - - resp := &UpdateHttpsCertificateManagerResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/api/https/certificate/manager", req, resp) - return resp, err -} - -func (c *Client) GetHttpsServiceManager(domain string) (*GetHttpsServiceManagerResponse, error) { - if err := c.ensureCookieExists(); err != nil { - return nil, err - } - - req := &GetHttpsServiceManagerRequest{Domain: domain} - resp := &GetHttpsServiceManagerResponse{} - err := c.sendRequestWithResult(http.MethodGet, "/api/https/services/manager", req, resp) - return resp, err -} - -func (c *Client) MigrateHttpsDomain(req *MigrateHttpsDomainRequest) (*MigrateHttpsDomainResponse, error) { - if err := c.ensureCookieExists(); err != nil { - return nil, err - } - - resp := &MigrateHttpsDomainResponse{} - err := c.sendRequestWithResult(http.MethodPost, "/api/https/migrate/domain", req, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/upyun/console/client.go b/internal/pkg/sdk3rd/upyun/console/client.go deleted file mode 100644 index e9202d91..00000000 --- a/internal/pkg/sdk3rd/upyun/console/client.go +++ /dev/null @@ -1,99 +0,0 @@ -package console - -import ( - "encoding/json" - "fmt" - "net/http" - "strings" - "time" - - "github.com/go-resty/resty/v2" -) - -type Client struct { - username string - password string - - loginCookie string - - client *resty.Client -} - -func NewClient(username, password string) *Client { - client := &Client{ - username: username, - password: password, - } - client.client = resty.New(). - SetBaseURL("https://console.upyun.com"). - SetHeader("User-Agent", "certimate"). - SetPreRequestHook(func(c *resty.Client, req *http.Request) error { - if client.loginCookie != "" { - req.Header.Set("Cookie", client.loginCookie) - } - - return nil - }) - - return client -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.SetTimeout(timeout) - return c -} - -func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) { - req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } - - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) - } - - resp, err := req.Execute(method, path) - if err != nil { - return resp, fmt.Errorf("upyun api error: failed to send request: %w", err) - } else if resp.IsError() { - return resp, fmt.Errorf("upyun api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) - } - - return resp, nil -} - -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result interface{}) error { - resp, err := c.sendRequest(method, path, params) - if err != nil { - if resp != nil { - json.Unmarshal(resp.Body(), &result) - } - return err - } - - if err := json.Unmarshal(resp.Body(), &result); err != nil { - return fmt.Errorf("upyun api error: failed to unmarshal response: %w", err) - } - - tresp := &baseResponse{} - if err := json.Unmarshal(resp.Body(), &tresp); err != nil { - return fmt.Errorf("upyun api error: failed to unmarshal response: %w", err) - } else if tdata := tresp.GetData(); tdata == nil { - return fmt.Errorf("upyun api error: empty data") - } else if errcode := tdata.GetErrorCode(); errcode > 0 { - return fmt.Errorf("upyun api error: code='%d', message='%s'", errcode, tdata.GetErrorMessage()) - } - - return nil -} diff --git a/internal/pkg/sdk3rd/upyun/console/models.go b/internal/pkg/sdk3rd/upyun/console/models.go deleted file mode 100644 index 12f2ab34..00000000 --- a/internal/pkg/sdk3rd/upyun/console/models.go +++ /dev/null @@ -1,141 +0,0 @@ -package console - -import ( - "encoding/json" -) - -type baseResponse struct { - Data *baseResponseData `json:"data,omitempty"` -} - -func (r *baseResponse) GetData() *baseResponseData { - return r.Data -} - -type baseResponseData struct { - ErrorCode json.Number `json:"error_code"` - ErrorMessage string `json:"message"` -} - -func (r *baseResponseData) GetErrorCode() int32 { - if r.ErrorCode.String() == "" { - return 0 - } - - errcode, err := r.ErrorCode.Int64() - if err != nil { - return -1 - } - - return int32(errcode) -} - -func (r *baseResponseData) GetErrorMessage() string { - return r.ErrorMessage -} - -type signinRequest struct { - Username string `json:"username"` - Password string `json:"password"` -} - -type signinResponse struct { - baseResponse - Data *struct { - baseResponseData - Result bool `json:"result"` - } `json:"data,omitempty"` -} - -type UploadHttpsCertificateRequest struct { - Certificate string `json:"certificate"` - PrivateKey string `json:"private_key"` -} - -type UploadHttpsCertificateResponse struct { - baseResponse - Data *struct { - baseResponseData - Status int32 `json:"status"` - Result struct { - CertificateId string `json:"certificate_id"` - CommonName string `json:"commonName"` - Serial string `json:"serial"` - } `json:"result"` - } `json:"data,omitempty"` -} - -type GetHttpsCertificateManagerRequest struct { - CertificateId string `json:"certificate_id"` -} - -type GetHttpsCertificateManagerResponse struct { - baseResponse - Data *struct { - baseResponseData - AuthenticateNum int32 `json:"authenticate_num"` - AuthenticateDomains []string `json:"authenticate_domain"` - Domains []HttpsCertificateManagerDomain `json:"domains"` - } `json:"data,omitempty"` -} - -type HttpsCertificateManagerDomain struct { - Name string `json:"name"` - Type string `json:"type"` - BucketId int64 `json:"bucket_id"` - BucketName string `json:"bucket_name"` -} - -type UpdateHttpsCertificateManagerRequest struct { - CertificateId string `json:"certificate_id"` - Domain string `json:"domain"` - Https bool `json:"https"` - ForceHttps bool `json:"force_https"` -} - -type UpdateHttpsCertificateManagerResponse struct { - baseResponse - Data *struct { - baseResponseData - Status bool `json:"status"` - } `json:"data,omitempty"` -} - -type GetHttpsServiceManagerRequest struct { - Domain string `json:"domain"` -} - -type GetHttpsServiceManagerResponse struct { - baseResponse - Data *struct { - baseResponseData - Status int32 `json:"status"` - Domains []HttpsServiceManagerDomain `json:"result"` - } `json:"data,omitempty"` -} - -type HttpsServiceManagerDomain struct { - CertificateId string `json:"certificate_id"` - CommonName string `json:"commonName"` - Https bool `json:"https"` - ForceHttps bool `json:"force_https"` - PaymentType string `json:"payment_type"` - DomainType string `json:"domain_type"` - Validity struct { - Start int64 `json:"start"` - End int64 `json:"end"` - } `json:"validity"` -} - -type MigrateHttpsDomainRequest struct { - CertificateId string `json:"crt_id"` - Domain string `json:"domain_name"` -} - -type MigrateHttpsDomainResponse struct { - baseResponse - Data *struct { - baseResponseData - Status bool `json:"status"` - } `json:"data,omitempty"` -} diff --git a/internal/pkg/sdk3rd/wangsu/cdn/api.go b/internal/pkg/sdk3rd/wangsu/cdn/api.go deleted file mode 100644 index 997c05bf..00000000 --- a/internal/pkg/sdk3rd/wangsu/cdn/api.go +++ /dev/null @@ -1,15 +0,0 @@ -package cdn - -import ( - "net/http" -) - -func (c *Client) BatchUpdateCertificateConfig(req *BatchUpdateCertificateConfigRequest) (*BatchUpdateCertificateConfigResponse, error) { - resp := &BatchUpdateCertificateConfigResponse{} - _, err := c.client.SendRequestWithResult(http.MethodPut, "/api/config/certificate/batch", req, resp) - if err != nil { - return resp, err - } - - return resp, err -} diff --git a/internal/pkg/sdk3rd/wangsu/cdn/client.go b/internal/pkg/sdk3rd/wangsu/cdn/client.go deleted file mode 100644 index ac53e171..00000000 --- a/internal/pkg/sdk3rd/wangsu/cdn/client.go +++ /dev/null @@ -1,20 +0,0 @@ -package cdn - -import ( - "time" - - "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/openapi" -) - -type Client struct { - client *openapi.Client -} - -func NewClient(accessKey, secretKey string) *Client { - return &Client{client: openapi.NewClient(accessKey, secretKey)} -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.WithTimeout(timeout) - return c -} diff --git a/internal/pkg/sdk3rd/wangsu/cdn/models.go b/internal/pkg/sdk3rd/wangsu/cdn/models.go deleted file mode 100644 index 5bf934af..00000000 --- a/internal/pkg/sdk3rd/wangsu/cdn/models.go +++ /dev/null @@ -1,26 +0,0 @@ -package cdn - -import ( - "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/openapi" -) - -type baseResponse struct { - RequestId *string `json:"requestId,omitempty"` - Code *string `json:"code,omitempty"` - Message *string `json:"message,omitempty"` -} - -var _ openapi.Result = (*baseResponse)(nil) - -func (r *baseResponse) SetRequestId(requestId string) { - r.RequestId = &requestId -} - -type BatchUpdateCertificateConfigRequest struct { - CertificateId int64 `json:"certificateId" required:"true"` - DomainNames []string `json:"domainNames" required:"true"` -} - -type BatchUpdateCertificateConfigResponse struct { - baseResponse -} diff --git a/internal/pkg/sdk3rd/wangsu/cdnpro/api.go b/internal/pkg/sdk3rd/wangsu/cdnpro/api.go deleted file mode 100644 index c45e6921..00000000 --- a/internal/pkg/sdk3rd/wangsu/cdnpro/api.go +++ /dev/null @@ -1,70 +0,0 @@ -package cdnpro - -import ( - "fmt" - "net/http" - "net/url" - - "github.com/go-resty/resty/v2" -) - -func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { - resp := &CreateCertificateResponse{} - rres, err := c.client.SendRequestWithResult(http.MethodPost, "/cdn/certificates", req, resp, func(r *resty.Request) { - r.SetHeader("X-CNC-Timestamp", fmt.Sprintf("%d", req.Timestamp)) - }) - if err != nil { - return resp, err - } - - resp.CertificateUrl = rres.Header().Get("Location") - return resp, err -} - -func (c *Client) UpdateCertificate(certificateId string, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { - if certificateId == "" { - return nil, fmt.Errorf("wangsu api error: invalid parameter: certificateId") - } - - resp := &UpdateCertificateResponse{} - rres, err := c.client.SendRequestWithResult(http.MethodPatch, fmt.Sprintf("/cdn/certificates/%s", url.PathEscape(certificateId)), req, resp, func(r *resty.Request) { - r.SetHeader("X-CNC-Timestamp", fmt.Sprintf("%d", req.Timestamp)) - }) - if err != nil { - return resp, err - } - - resp.CertificateUrl = rres.Header().Get("Location") - return resp, err -} - -func (c *Client) GetHostnameDetail(hostname string) (*GetHostnameDetailResponse, error) { - if hostname == "" { - return nil, fmt.Errorf("wangsu api error: invalid parameter: hostname") - } - - resp := &GetHostnameDetailResponse{} - _, err := c.client.SendRequestWithResult(http.MethodGet, fmt.Sprintf("/cdn/hostnames/%s", url.PathEscape(hostname)), nil, resp) - return resp, err -} - -func (c *Client) CreateDeploymentTask(req *CreateDeploymentTaskRequest) (*CreateDeploymentTaskResponse, error) { - resp := &CreateDeploymentTaskResponse{} - rres, err := c.client.SendRequestWithResult(http.MethodPost, "/cdn/deploymentTasks", req, resp) - if err != nil { - return resp, err - } - - resp.DeploymentTaskUrl = rres.Header().Get("Location") - return resp, err -} - -func (c *Client) GetDeploymentTaskDetail(deploymentTaskId string) (*GetDeploymentTaskDetailResponse, error) { - if deploymentTaskId == "" { - return nil, fmt.Errorf("wangsu api error: invalid parameter: deploymentTaskId") - } - - resp := &GetDeploymentTaskDetailResponse{} - _, err := c.client.SendRequestWithResult(http.MethodGet, fmt.Sprintf("/cdn/deploymentTasks/%s", url.PathEscape(deploymentTaskId)), nil, resp) - return resp, err -} diff --git a/internal/pkg/sdk3rd/wangsu/cdnpro/client.go b/internal/pkg/sdk3rd/wangsu/cdnpro/client.go deleted file mode 100644 index b5c0f530..00000000 --- a/internal/pkg/sdk3rd/wangsu/cdnpro/client.go +++ /dev/null @@ -1,20 +0,0 @@ -package cdnpro - -import ( - "time" - - "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/openapi" -) - -type Client struct { - client *openapi.Client -} - -func NewClient(accessKey, secretKey string) *Client { - return &Client{client: openapi.NewClient(accessKey, secretKey)} -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.WithTimeout(timeout) - return c -} diff --git a/internal/pkg/sdk3rd/wangsu/cdnpro/models.go b/internal/pkg/sdk3rd/wangsu/cdnpro/models.go deleted file mode 100644 index 9cb1e648..00000000 --- a/internal/pkg/sdk3rd/wangsu/cdnpro/models.go +++ /dev/null @@ -1,108 +0,0 @@ -package cdnpro - -import ( - "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/openapi" -) - -type baseResponse struct { - RequestId *string `json:"requestId,omitempty"` - Code *string `json:"code,omitempty"` - Message *string `json:"message,omitempty"` -} - -var _ openapi.Result = (*baseResponse)(nil) - -func (r *baseResponse) SetRequestId(requestId string) { - r.RequestId = &requestId -} - -type CertificateVersion struct { - Comments *string `json:"comments,omitempty"` - PrivateKey *string `json:"privateKey,omitempty"` - Certificate *string `json:"certificate,omitempty"` - ChainCert *string `json:"chainCert,omitempty"` - IdentificationInfo *CertificateVersionIdentificationInfo `json:"identificationInfo,omitempty"` -} - -type CertificateVersionIdentificationInfo struct { - Country *string `json:"country,omitempty"` - State *string `json:"state,omitempty"` - City *string `json:"city,omitempty"` - Company *string `json:"company,omitempty"` - Department *string `json:"department,omitempty"` - CommonName *string `json:"commonName,omitempty" required:"true"` - Email *string `json:"email,omitempty"` - SubjectAlternativeNames *[]string `json:"subjectAlternativeNames,omitempty" required:"true"` -} - -type CreateCertificateRequest struct { - Timestamp int64 `json:"-"` - Name *string `json:"name,omitempty" required:"true"` - Description *string `json:"description,omitempty"` - AutoRenew *string `json:"autoRenew,omitempty"` - ForceRenew *bool `json:"forceRenew,omitempty"` - NewVersion *CertificateVersion `json:"newVersion,omitempty" required:"true"` -} - -type CreateCertificateResponse struct { - baseResponse - CertificateUrl string `json:"location,omitempty"` -} - -type UpdateCertificateRequest struct { - Timestamp int64 `json:"-"` - Name *string `json:"name,omitempty"` - Description *string `json:"description,omitempty"` - AutoRenew *string `json:"autoRenew,omitempty"` - ForceRenew *bool `json:"forceRenew,omitempty"` - NewVersion *CertificateVersion `json:"newVersion,omitempty" required:"true"` -} - -type UpdateCertificateResponse struct { - baseResponse - CertificateUrl string `json:"location,omitempty"` -} - -type HostnameProperty struct { - PropertyId string `json:"propertyId"` - Version int32 `json:"version"` - CertificateId *string `json:"certificateId,omitempty"` -} - -type GetHostnameDetailResponse struct { - baseResponse - Hostname string `json:"hostname"` - PropertyInProduction *HostnameProperty `json:"propertyInProduction,omitempty"` - PropertyInStaging *HostnameProperty `json:"propertyInStaging,omitempty"` -} - -type DeploymentTaskAction struct { - Action *string `json:"action,omitempty" required:"true"` - PropertyId *string `json:"propertyId,omitempty"` - CertificateId *string `json:"certificateId,omitempty"` - Version *int32 `json:"version,omitempty"` -} - -type CreateDeploymentTaskRequest struct { - Name *string `json:"name,omitempty"` - Target *string `json:"target,omitempty" required:"true"` - Actions *[]DeploymentTaskAction `json:"actions,omitempty" required:"true"` - Webhook *string `json:"webhook,omitempty"` -} - -type CreateDeploymentTaskResponse struct { - baseResponse - DeploymentTaskUrl string `json:"location,omitempty"` -} - -type GetDeploymentTaskDetailResponse struct { - baseResponse - Name string `json:"name"` - Target string `json:"target"` - Actions []DeploymentTaskAction `json:"actions"` - Status string `json:"status"` - StatusDetails string `json:"statusDetails"` - SubmissionTime string `json:"submissionTime"` - FinishTime string `json:"finishTime"` - ApiRequestId string `json:"apiRequestId"` -} diff --git a/internal/pkg/sdk3rd/wangsu/certificate/api.go b/internal/pkg/sdk3rd/wangsu/certificate/api.go deleted file mode 100644 index 22172d4e..00000000 --- a/internal/pkg/sdk3rd/wangsu/certificate/api.go +++ /dev/null @@ -1,42 +0,0 @@ -package certificate - -import ( - "fmt" - "net/http" - "net/url" -) - -func (c *Client) ListCertificates() (*ListCertificatesResponse, error) { - resp := &ListCertificatesResponse{} - _, err := c.client.SendRequestWithResult(http.MethodGet, "/api/ssl/certificate", nil, resp) - if err != nil { - return resp, err - } - - return resp, err -} - -func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { - resp := &CreateCertificateResponse{} - rres, err := c.client.SendRequestWithResult(http.MethodPost, "/api/certificate", req, resp) - if err != nil { - return resp, err - } - - resp.CertificateUrl = rres.Header().Get("Location") - return resp, err -} - -func (c *Client) UpdateCertificate(certificateId string, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { - if certificateId == "" { - return nil, fmt.Errorf("wangsu api error: invalid parameter: certificateId") - } - - resp := &UpdateCertificateResponse{} - _, err := c.client.SendRequestWithResult(http.MethodPut, fmt.Sprintf("/api/certificate/%s", url.PathEscape(certificateId)), req, resp) - if err != nil { - return resp, err - } - - return resp, err -} diff --git a/internal/pkg/sdk3rd/wangsu/certificate/client.go b/internal/pkg/sdk3rd/wangsu/certificate/client.go deleted file mode 100644 index 19f4cfaa..00000000 --- a/internal/pkg/sdk3rd/wangsu/certificate/client.go +++ /dev/null @@ -1,20 +0,0 @@ -package certificate - -import ( - "time" - - "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/openapi" -) - -type Client struct { - client *openapi.Client -} - -func NewClient(accessKey, secretKey string) *Client { - return &Client{client: openapi.NewClient(accessKey, secretKey)} -} - -func (c *Client) WithTimeout(timeout time.Duration) *Client { - c.client.WithTimeout(timeout) - return c -} diff --git a/internal/pkg/sdk3rd/wangsu/certificate/models.go b/internal/pkg/sdk3rd/wangsu/certificate/models.go deleted file mode 100644 index 4e882e7c..00000000 --- a/internal/pkg/sdk3rd/wangsu/certificate/models.go +++ /dev/null @@ -1,52 +0,0 @@ -package certificate - -import ( - "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/openapi" -) - -type baseResponse struct { - RequestId *string `json:"requestId,omitempty"` - Code *string `json:"code,omitempty"` - Message *string `json:"message,omitempty"` -} - -var _ openapi.Result = (*baseResponse)(nil) - -func (r *baseResponse) SetRequestId(requestId string) { - r.RequestId = &requestId -} - -type CreateCertificateRequest struct { - Name *string `json:"name,omitempty" required:"true"` - Certificate *string `json:"certificate,omitempty" required:"true"` - PrivateKey *string `json:"privateKey,omitempty"` - Comment *string `json:"comment,omitempty" ` -} - -type CreateCertificateResponse struct { - baseResponse - CertificateUrl string `json:"location,omitempty"` -} - -type UpdateCertificateRequest struct { - Name *string `json:"name,omitempty" required:"true"` - Certificate *string `json:"certificate,omitempty"` - PrivateKey *string `json:"privateKey,omitempty"` - Comment *string `json:"comment,omitempty" ` -} - -type UpdateCertificateResponse struct { - baseResponse -} - -type ListCertificatesResponse struct { - baseResponse - Certificates []*struct { - CertificateId string `json:"certificate-id"` - Name string `json:"name"` - Comment string `json:"comment"` - ValidityFrom string `json:"certificate-validity-from"` - ValidityTo string `json:"certificate-validity-to"` - Serial string `json:"certificate-serial"` - } `json:"ssl-certificates,omitempty"` -} diff --git a/internal/repository/access.go b/internal/repository/access.go index 16cc7378..a0e7e935 100644 --- a/internal/repository/access.go +++ b/internal/repository/access.go @@ -8,8 +8,8 @@ import ( "github.com/pocketbase/pocketbase/core" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" ) type AccessRepository struct{} diff --git a/internal/repository/acme_account.go b/internal/repository/acme_account.go index 020f1aeb..7b46e77c 100644 --- a/internal/repository/acme_account.go +++ b/internal/repository/acme_account.go @@ -11,8 +11,8 @@ import ( "github.com/pocketbase/pocketbase/core" "golang.org/x/sync/singleflight" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" ) type AcmeAccountRepository struct{} diff --git a/internal/repository/certificate.go b/internal/repository/certificate.go index 1d2897bf..11426dbe 100644 --- a/internal/repository/certificate.go +++ b/internal/repository/certificate.go @@ -6,10 +6,10 @@ import ( "errors" "fmt" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" "github.com/pocketbase/dbx" "github.com/pocketbase/pocketbase/core" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" ) type CertificateRepository struct{} diff --git a/internal/repository/settings.go b/internal/repository/settings.go index 713b900a..b4d22780 100644 --- a/internal/repository/settings.go +++ b/internal/repository/settings.go @@ -5,9 +5,9 @@ import ( "database/sql" "errors" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" "github.com/pocketbase/dbx" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" ) type SettingsRepository struct{} diff --git a/internal/repository/statistics.go b/internal/repository/statistics.go index 395feb09..74abf692 100644 --- a/internal/repository/statistics.go +++ b/internal/repository/statistics.go @@ -3,8 +3,8 @@ package repository import ( "context" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" ) type StatisticsRepository struct{} diff --git a/internal/repository/workflow.go b/internal/repository/workflow.go index baa5e21b..3367644b 100644 --- a/internal/repository/workflow.go +++ b/internal/repository/workflow.go @@ -6,10 +6,10 @@ import ( "errors" "fmt" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" "github.com/pocketbase/dbx" "github.com/pocketbase/pocketbase/core" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" ) type WorkflowRepository struct{} diff --git a/internal/repository/workflow_log.go b/internal/repository/workflow_log.go index 0b801231..11bad327 100644 --- a/internal/repository/workflow_log.go +++ b/internal/repository/workflow_log.go @@ -6,10 +6,10 @@ import ( "errors" "fmt" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" "github.com/pocketbase/dbx" "github.com/pocketbase/pocketbase/core" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" ) type WorkflowLogRepository struct{} diff --git a/internal/repository/workflow_output.go b/internal/repository/workflow_output.go index 4cee625c..5b8b72fb 100644 --- a/internal/repository/workflow_output.go +++ b/internal/repository/workflow_output.go @@ -6,10 +6,10 @@ import ( "errors" "fmt" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" "github.com/pocketbase/dbx" "github.com/pocketbase/pocketbase/core" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" ) type WorkflowOutputRepository struct{} diff --git a/internal/repository/workflow_run.go b/internal/repository/workflow_run.go index 19a06747..01051be9 100644 --- a/internal/repository/workflow_run.go +++ b/internal/repository/workflow_run.go @@ -6,10 +6,10 @@ import ( "errors" "fmt" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" "github.com/pocketbase/dbx" "github.com/pocketbase/pocketbase/core" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" ) type WorkflowRunRepository struct{} diff --git a/internal/rest/handlers/certificate.go b/internal/rest/handlers/certificate.go index 01b2b06d..192ea9fe 100644 --- a/internal/rest/handlers/certificate.go +++ b/internal/rest/handlers/certificate.go @@ -6,8 +6,8 @@ import ( "github.com/pocketbase/pocketbase/core" "github.com/pocketbase/pocketbase/tools/router" - "github.com/usual2970/certimate/internal/domain/dtos" - "github.com/usual2970/certimate/internal/rest/resp" + "github.com/certimate-go/certimate/internal/domain/dtos" + "github.com/certimate-go/certimate/internal/rest/resp" ) type certificateService interface { diff --git a/internal/rest/handlers/notify.go b/internal/rest/handlers/notify.go index eed8b8cc..a20863e3 100644 --- a/internal/rest/handlers/notify.go +++ b/internal/rest/handlers/notify.go @@ -6,8 +6,8 @@ import ( "github.com/pocketbase/pocketbase/core" "github.com/pocketbase/pocketbase/tools/router" - "github.com/usual2970/certimate/internal/domain/dtos" - "github.com/usual2970/certimate/internal/rest/resp" + "github.com/certimate-go/certimate/internal/domain/dtos" + "github.com/certimate-go/certimate/internal/rest/resp" ) type notifyService interface { diff --git a/internal/rest/handlers/statistics.go b/internal/rest/handlers/statistics.go index 65853cae..0e141be4 100644 --- a/internal/rest/handlers/statistics.go +++ b/internal/rest/handlers/statistics.go @@ -6,8 +6,8 @@ import ( "github.com/pocketbase/pocketbase/core" "github.com/pocketbase/pocketbase/tools/router" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/rest/resp" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/rest/resp" ) type statisticsService interface { diff --git a/internal/rest/handlers/workflow.go b/internal/rest/handlers/workflow.go index bad474f0..2c88d582 100644 --- a/internal/rest/handlers/workflow.go +++ b/internal/rest/handlers/workflow.go @@ -6,8 +6,8 @@ import ( "github.com/pocketbase/pocketbase/core" "github.com/pocketbase/pocketbase/tools/router" - "github.com/usual2970/certimate/internal/domain/dtos" - "github.com/usual2970/certimate/internal/rest/resp" + "github.com/certimate-go/certimate/internal/domain/dtos" + "github.com/certimate-go/certimate/internal/rest/resp" ) type workflowService interface { diff --git a/internal/rest/resp/resp.go b/internal/rest/resp/resp.go index 3b0ae91b..2073056f 100644 --- a/internal/rest/resp/resp.go +++ b/internal/rest/resp/resp.go @@ -5,7 +5,7 @@ import ( "github.com/pocketbase/pocketbase/core" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain" ) type Response struct { diff --git a/internal/rest/routes/routes.go b/internal/rest/routes/routes.go index 6172bc12..4f021ba5 100644 --- a/internal/rest/routes/routes.go +++ b/internal/rest/routes/routes.go @@ -7,12 +7,12 @@ import ( "github.com/pocketbase/pocketbase/core" "github.com/pocketbase/pocketbase/tools/router" - "github.com/usual2970/certimate/internal/certificate" - "github.com/usual2970/certimate/internal/notify" - "github.com/usual2970/certimate/internal/repository" - "github.com/usual2970/certimate/internal/rest/handlers" - "github.com/usual2970/certimate/internal/statistics" - "github.com/usual2970/certimate/internal/workflow" + "github.com/certimate-go/certimate/internal/certificate" + "github.com/certimate-go/certimate/internal/notify" + "github.com/certimate-go/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/rest/handlers" + "github.com/certimate-go/certimate/internal/statistics" + "github.com/certimate-go/certimate/internal/workflow" ) var ( diff --git a/internal/scheduler/scheduler.go b/internal/scheduler/scheduler.go index ba4ee9c3..0bfce2b0 100644 --- a/internal/scheduler/scheduler.go +++ b/internal/scheduler/scheduler.go @@ -1,10 +1,10 @@ package scheduler import ( - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/certificate" - "github.com/usual2970/certimate/internal/repository" - "github.com/usual2970/certimate/internal/workflow" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/certificate" + "github.com/certimate-go/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/workflow" ) func Register() { diff --git a/internal/statistics/service.go b/internal/statistics/service.go index 44388ba9..ea041a15 100644 --- a/internal/statistics/service.go +++ b/internal/statistics/service.go @@ -3,7 +3,7 @@ package statistics import ( "context" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain" ) type statisticsRepository interface { diff --git a/internal/workflow/dispatcher/dispatcher.go b/internal/workflow/dispatcher/dispatcher.go index 7874b945..3ba74e80 100644 --- a/internal/workflow/dispatcher/dispatcher.go +++ b/internal/workflow/dispatcher/dispatcher.go @@ -4,15 +4,17 @@ import ( "context" "errors" "fmt" + "log" "os" "runtime" + "runtime/debug" "strconv" "sync" "time" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) var maxWorkers = 1 @@ -124,7 +126,7 @@ func (d *WorkflowDispatcher) Cancel(runId string) { // 移除排队中的 WorkflowRun d.queueMutex.Lock() - d.queue = sliceutil.Filter(d.queue, func(d *WorkflowWorkerData) bool { + d.queue = xslices.Filter(d.queue, func(d *WorkflowWorkerData) bool { return d.RunId != runId }) d.queueMutex.Unlock() @@ -209,7 +211,25 @@ func (d *WorkflowDispatcher) dequeueWorker() { } func (d *WorkflowDispatcher) work(ctx context.Context, data *WorkflowWorkerData) { + var run *domain.WorkflowRun + var err error + defer func() { + // 捕获 panic,避免影响其他工作流的执行 + if r := recover(); r != nil { + log.Default().Println("WorkflowId:", data.WorkflowId, "RunId:", data.RunId) + log.Default().Println("Recovered from panic:", r) + log.Default().Println("Stack trace:", string(debug.Stack())) + if run != nil { + run.Status = domain.WorkflowRunStatusTypeFailed + run.EndedAt = time.Now() + run.Error = fmt.Sprintf("workflow run panic: %v", r) + if _, err := d.workflowRunRepo.Save(ctx, run); err != nil { + log.Default().Println("Failed to save workflow run after panic:", err) + } + } + } + <-d.semaphore d.workerMutex.Lock() delete(d.workers, data.WorkflowId) @@ -226,7 +246,7 @@ func (d *WorkflowDispatcher) work(ctx context.Context, data *WorkflowWorkerData) }() // 查询 WorkflowRun - run, err := d.workflowRunRepo.GetById(ctx, data.RunId) + run, err = d.workflowRunRepo.GetById(ctx, data.RunId) if err != nil { if !(errors.Is(err, context.Canceled) || errors.Is(err, context.DeadlineExceeded)) { app.GetLogger().Error(fmt.Sprintf("failed to get workflow run #%s", data.RunId), "err", err) diff --git a/internal/workflow/dispatcher/invoker.go b/internal/workflow/dispatcher/invoker.go index c1d1260e..8fbf3134 100644 --- a/internal/workflow/dispatcher/invoker.go +++ b/internal/workflow/dispatcher/invoker.go @@ -5,9 +5,9 @@ import ( "errors" "log/slog" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/pkg/logging" - nodes "github.com/usual2970/certimate/internal/workflow/node-processor" + "github.com/certimate-go/certimate/internal/domain" + nodes "github.com/certimate-go/certimate/internal/workflow/node-processor" + "github.com/certimate-go/certimate/pkg/logging" ) type workflowInvoker struct { diff --git a/internal/workflow/dispatcher/singleton.go b/internal/workflow/dispatcher/singleton.go index e5a77655..8e5a7865 100644 --- a/internal/workflow/dispatcher/singleton.go +++ b/internal/workflow/dispatcher/singleton.go @@ -4,8 +4,8 @@ import ( "context" "sync" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" ) type workflowRepository interface { diff --git a/internal/workflow/event.go b/internal/workflow/event.go index ec850af9..9451377c 100644 --- a/internal/workflow/event.go +++ b/internal/workflow/event.go @@ -6,10 +6,10 @@ import ( "github.com/pocketbase/pocketbase/core" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/domain/dtos" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain/dtos" + "github.com/certimate-go/certimate/internal/repository" ) func Register() { diff --git a/internal/workflow/node-processor/apply_node.go b/internal/workflow/node-processor/apply_node.go index c44c302b..5f73d308 100644 --- a/internal/workflow/node-processor/apply_node.go +++ b/internal/workflow/node-processor/apply_node.go @@ -9,10 +9,10 @@ import ( "golang.org/x/exp/maps" - "github.com/usual2970/certimate/internal/applicant" - "github.com/usual2970/certimate/internal/domain" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/applicant" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) type applyNode struct { @@ -72,7 +72,7 @@ func (n *applyNode) Process(ctx context.Context) error { } // 解析证书并生成实体 - certX509, err := certutil.ParseCertificateFromPEM(applyResult.FullChainCertificate) + certX509, err := xcert.ParseCertificateFromPEM(applyResult.FullChainCertificate) if err != nil { n.logger.Warn("failed to parse certificate, may be the CA responded error") return err diff --git a/internal/workflow/node-processor/condition_node.go b/internal/workflow/node-processor/condition_node.go index 023f9e1a..3b87ddf9 100644 --- a/internal/workflow/node-processor/condition_node.go +++ b/internal/workflow/node-processor/condition_node.go @@ -5,8 +5,8 @@ import ( "errors" "fmt" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/domain/expr" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain/expr" ) type conditionNode struct { diff --git a/internal/workflow/node-processor/deploy_node.go b/internal/workflow/node-processor/deploy_node.go index 30a7c4e7..973fe1f7 100644 --- a/internal/workflow/node-processor/deploy_node.go +++ b/internal/workflow/node-processor/deploy_node.go @@ -7,10 +7,11 @@ import ( "strconv" "strings" - "github.com/usual2970/certimate/internal/deployer" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/repository" "golang.org/x/exp/maps" + + "github.com/certimate-go/certimate/internal/deployer" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" ) type deployNode struct { diff --git a/internal/workflow/node-processor/execute_failure_node.go b/internal/workflow/node-processor/execute_failure_node.go index 40be18ed..38892241 100644 --- a/internal/workflow/node-processor/execute_failure_node.go +++ b/internal/workflow/node-processor/execute_failure_node.go @@ -3,7 +3,7 @@ package nodeprocessor import ( "context" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain" ) type executeFailureNode struct { diff --git a/internal/workflow/node-processor/execute_success_node.go b/internal/workflow/node-processor/execute_success_node.go index 2cd78ff3..47a8645e 100644 --- a/internal/workflow/node-processor/execute_success_node.go +++ b/internal/workflow/node-processor/execute_success_node.go @@ -3,7 +3,7 @@ package nodeprocessor import ( "context" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain" ) type executeSuccessNode struct { diff --git a/internal/workflow/node-processor/monitor_node.go b/internal/workflow/node-processor/monitor_node.go index d13e4247..e9f046f2 100644 --- a/internal/workflow/node-processor/monitor_node.go +++ b/internal/workflow/node-processor/monitor_node.go @@ -13,8 +13,8 @@ import ( "strings" "time" - "github.com/usual2970/certimate/internal/domain" - httputil "github.com/usual2970/certimate/internal/pkg/utils/http" + "github.com/certimate-go/certimate/internal/domain" + xhttp "github.com/certimate-go/certimate/pkg/utils/http" ) type monitorNode struct { @@ -35,7 +35,7 @@ func (n *monitorNode) Process(ctx context.Context) error { nodeCfg := n.node.GetConfigForMonitor() n.logger.Info("ready to monitor certificate ...", slog.Any("config", nodeCfg)) - targetAddr := net.JoinHostPort(nodeCfg.Host, fmt.Sprintf("%d", nodeCfg.Port)) + targetAddr := net.JoinHostPort(nodeCfg.Host, strconv.Itoa(int(nodeCfg.Port))) if nodeCfg.Port == 0 { targetAddr = net.JoinHostPort(nodeCfg.Host, "443") } @@ -100,7 +100,13 @@ func (n *monitorNode) Process(ctx context.Context) error { if validated { n.logger.Info(fmt.Sprintf("the certificate is valid, and will expire in %d day(s)", daysLeft)) } else { - n.logger.Warn(fmt.Sprintf("the certificate is invalid", validated)) + if !isCertHostMatched { + n.logger.Warn("the certificate is invalid, because it is not matched the host") + } else if !isCertPeriodValid { + n.logger.Warn("the certificate is invalid, because it is either expired or not yet valid") + } else { + n.logger.Warn("the certificate is invalid") + } } } } @@ -110,7 +116,7 @@ func (n *monitorNode) Process(ctx context.Context) error { } func (n *monitorNode) tryRetrievePeerCertificates(ctx context.Context, addr, domain, requestPath string) ([]*x509.Certificate, error) { - transport := httputil.NewDefaultTransport() + transport := xhttp.NewDefaultTransport() if transport.TLSClientConfig == nil { transport.TLSClientConfig = &tls.Config{} } diff --git a/internal/workflow/node-processor/monitor_node_test.go b/internal/workflow/node-processor/monitor_node_test.go index 1cc0c876..53afb21c 100644 --- a/internal/workflow/node-processor/monitor_node_test.go +++ b/internal/workflow/node-processor/monitor_node_test.go @@ -5,8 +5,8 @@ import ( "log/slog" "testing" - "github.com/usual2970/certimate/internal/domain" - nodeprocessor "github.com/usual2970/certimate/internal/workflow/node-processor" + "github.com/certimate-go/certimate/internal/domain" + nodeprocessor "github.com/certimate-go/certimate/internal/workflow/node-processor" ) func Test_MonitorNode(t *testing.T) { diff --git a/internal/workflow/node-processor/notify_node.go b/internal/workflow/node-processor/notify_node.go index 2cba06cf..3fe6df0e 100644 --- a/internal/workflow/node-processor/notify_node.go +++ b/internal/workflow/node-processor/notify_node.go @@ -6,9 +6,9 @@ import ( "log/slog" "strconv" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/notify" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/notify" + "github.com/certimate-go/certimate/internal/repository" ) type notifyNode struct { diff --git a/internal/workflow/node-processor/processor.go b/internal/workflow/node-processor/processor.go index fed8f98e..10e0de9b 100644 --- a/internal/workflow/node-processor/processor.go +++ b/internal/workflow/node-processor/processor.go @@ -6,7 +6,7 @@ import ( "io" "log/slog" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain" ) type NodeProcessor interface { diff --git a/internal/workflow/node-processor/start_node.go b/internal/workflow/node-processor/start_node.go index bdfea1b7..b9142003 100644 --- a/internal/workflow/node-processor/start_node.go +++ b/internal/workflow/node-processor/start_node.go @@ -3,7 +3,7 @@ package nodeprocessor import ( "context" - "github.com/usual2970/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain" ) type startNode struct { diff --git a/internal/workflow/node-processor/upload_node.go b/internal/workflow/node-processor/upload_node.go index 053af435..be28241c 100644 --- a/internal/workflow/node-processor/upload_node.go +++ b/internal/workflow/node-processor/upload_node.go @@ -8,8 +8,8 @@ import ( "strings" "time" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/repository" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/repository" ) type uploadNode struct { diff --git a/internal/workflow/service.go b/internal/workflow/service.go index f234be63..9085cc25 100644 --- a/internal/workflow/service.go +++ b/internal/workflow/service.go @@ -9,10 +9,10 @@ import ( "github.com/pocketbase/dbx" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/domain" - "github.com/usual2970/certimate/internal/domain/dtos" - "github.com/usual2970/certimate/internal/workflow/dispatcher" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/domain" + "github.com/certimate-go/certimate/internal/domain/dtos" + "github.com/certimate-go/certimate/internal/workflow/dispatcher" ) type workflowRepository interface { diff --git a/main.go b/main.go index 18e88bed..7184d781 100644 --- a/main.go +++ b/main.go @@ -13,13 +13,13 @@ import ( "github.com/pocketbase/pocketbase/plugins/migratecmd" "github.com/pocketbase/pocketbase/tools/hook" - "github.com/usual2970/certimate/internal/app" - "github.com/usual2970/certimate/internal/rest/routes" - "github.com/usual2970/certimate/internal/scheduler" - "github.com/usual2970/certimate/internal/workflow" - "github.com/usual2970/certimate/ui" + "github.com/certimate-go/certimate/internal/app" + "github.com/certimate-go/certimate/internal/rest/routes" + "github.com/certimate-go/certimate/internal/scheduler" + "github.com/certimate-go/certimate/internal/workflow" + "github.com/certimate-go/certimate/ui" - _ "github.com/usual2970/certimate/migrations" + _ "github.com/certimate-go/certimate/migrations" ) func main() { diff --git a/migrations/1739462400_collections_snapshot.go b/migrations/1739462400_collections_snapshot.go index 2f78e7b9..1ec20348 100644 --- a/migrations/1739462400_collections_snapshot.go +++ b/migrations/1739462400_collections_snapshot.go @@ -6,7 +6,8 @@ import ( "github.com/pocketbase/pocketbase/core" m "github.com/pocketbase/pocketbase/migrations" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) func init() { @@ -1753,21 +1754,21 @@ func init() { case "certificate": { if record.GetString("issuer") == "" { - cert, _ := certutil.ParseCertificateFromPEM(record.GetString("certificate")) + cert, _ := xcert.ParseCertificateFromPEM(record.GetString("certificate")) if cert != nil { record.Set("issuer", strings.Join(cert.Issuer.Organization, ";")) changed = true } } if record.GetString("serialNumber") == "" { - cert, _ := certutil.ParseCertificateFromPEM(record.GetString("certificate")) + cert, _ := xcert.ParseCertificateFromPEM(record.GetString("certificate")) if cert != nil { record.Set("serialNumber", strings.ToUpper(cert.SerialNumber.Text(16))) changed = true } } if record.GetString("keyAlgorithm") == "" { - cert, _ := certutil.ParseCertificateFromPEM(record.GetString("certificate")) + cert, _ := xcert.ParseCertificateFromPEM(record.GetString("certificate")) if cert != nil { switch cert.SignatureAlgorithm { case x509.SHA256WithRSA, x509.SHA256WithRSAPSS: diff --git a/migrations/tracer.go b/migrations/tracer.go index 04f58e54..113ed08c 100644 --- a/migrations/tracer.go +++ b/migrations/tracer.go @@ -1,4 +1,4 @@ -package migrations +package migrations import ( "fmt" diff --git a/pkg/core/core.go b/pkg/core/core.go new file mode 100644 index 00000000..e83a1900 --- /dev/null +++ b/pkg/core/core.go @@ -0,0 +1,9 @@ +package core + +import ( + "log/slog" +) + +type WithLogger interface { + SetLogger(logger *slog.Logger) +} diff --git a/internal/pkg/core/notifier/notifier.go b/pkg/core/notifier.go similarity index 88% rename from internal/pkg/core/notifier/notifier.go rename to pkg/core/notifier.go index f04084aa..4e1dbe62 100644 --- a/internal/pkg/core/notifier/notifier.go +++ b/pkg/core/notifier.go @@ -1,13 +1,12 @@ -package notifier +package core import ( "context" - "log/slog" ) // 表示定义消息通知器的抽象类型接口。 type Notifier interface { - WithLogger(logger *slog.Logger) Notifier + WithLogger // 发送通知。 // diff --git a/internal/pkg/core/notifier/providers/bark/bark.go b/pkg/core/notifier/providers/bark/bark.go similarity index 73% rename from internal/pkg/core/notifier/providers/bark/bark.go rename to pkg/core/notifier/providers/bark/bark.go index 805a72b0..0378bd90 100644 --- a/internal/pkg/core/notifier/providers/bark/bark.go +++ b/pkg/core/notifier/providers/bark/bark.go @@ -2,15 +2,16 @@ package bark import ( "context" + "errors" "fmt" "log/slog" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // Bark 服务地址。 // 零值时使用官方服务器。 ServerUrl string `json:"serverUrl"` @@ -19,16 +20,16 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -40,16 +41,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { const defaultServerURL = "https://api.day.app/" serverUrl := defaultServerURL if n.config.ServerUrl != "" { @@ -72,5 +72,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("bark api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/bark/bark_test.go b/pkg/core/notifier/providers/bark/bark_test.go similarity index 87% rename from internal/pkg/core/notifier/providers/bark/bark_test.go rename to pkg/core/notifier/providers/bark/bark_test.go index f90448a9..6a1bc7cd 100644 --- a/internal/pkg/core/notifier/providers/bark/bark_test.go +++ b/pkg/core/notifier/providers/bark/bark_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/bark" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/bark" ) const ( @@ -44,7 +44,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("DEVICEKEY: %v", fDeviceKey), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ ServerUrl: fServerUrl, DeviceKey: fDeviceKey, }) diff --git a/internal/pkg/core/notifier/providers/dingtalkbot/dingtalkbot.go b/pkg/core/notifier/providers/dingtalkbot/dingtalkbot.go similarity index 69% rename from internal/pkg/core/notifier/providers/dingtalkbot/dingtalkbot.go rename to pkg/core/notifier/providers/dingtalkbot/dingtalkbot.go index 81358ef4..7cdbfc49 100644 --- a/internal/pkg/core/notifier/providers/dingtalkbot/dingtalkbot.go +++ b/pkg/core/notifier/providers/dingtalkbot/dingtalkbot.go @@ -2,16 +2,17 @@ package dingtalkbot import ( "context" + "errors" "fmt" "log/slog" "net/url" "github.com/blinkbean/dingtalk" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // 钉钉机器人的 Webhook 地址。 WebhookUrl string `json:"webhookUrl"` // 钉钉机器人的 Secret。 @@ -19,15 +20,15 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } return &NotifierProvider{ @@ -36,16 +37,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { webhookUrl, err := url.Parse(n.config.WebhookUrl) if err != nil { return nil, fmt.Errorf("dingtalk api error: invalid webhook url: %w", err) @@ -62,5 +62,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("dingtalk api error: %w", err) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/dingtalkbot/dingtalkbot_test.go b/pkg/core/notifier/providers/dingtalkbot/dingtalkbot_test.go similarity index 87% rename from internal/pkg/core/notifier/providers/dingtalkbot/dingtalkbot_test.go rename to pkg/core/notifier/providers/dingtalkbot/dingtalkbot_test.go index de3b6ba0..c838a4f2 100644 --- a/internal/pkg/core/notifier/providers/dingtalkbot/dingtalkbot_test.go +++ b/pkg/core/notifier/providers/dingtalkbot/dingtalkbot_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/dingtalkbot" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/dingtalkbot" ) const ( @@ -44,7 +44,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("SECRET: %v", fSecret), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ WebhookUrl: fWebhookUrl, Secret: fSecret, }) diff --git a/internal/pkg/core/notifier/providers/discordbot/discordbot.go b/pkg/core/notifier/providers/discordbot/discordbot.go similarity index 73% rename from internal/pkg/core/notifier/providers/discordbot/discordbot.go rename to pkg/core/notifier/providers/discordbot/discordbot.go index 704e7c79..6d5ec9fc 100644 --- a/internal/pkg/core/notifier/providers/discordbot/discordbot.go +++ b/pkg/core/notifier/providers/discordbot/discordbot.go @@ -2,15 +2,16 @@ package discordbot import ( "context" + "errors" "fmt" "log/slog" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // Discord Bot API Token。 BotToken string `json:"botToken"` // Discord Channel ID。 @@ -18,16 +19,16 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -39,16 +40,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { // REF: https://discord.com/developers/docs/resources/message#create-message req := n.httpClient.R(). SetContext(ctx). @@ -65,5 +65,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("discord api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/discordbot/discordbot_test.go b/pkg/core/notifier/providers/discordbot/discordbot_test.go similarity index 82% rename from internal/pkg/core/notifier/providers/discordbot/discordbot_test.go rename to pkg/core/notifier/providers/discordbot/discordbot_test.go index 42edf95e..511bdc62 100644 --- a/internal/pkg/core/notifier/providers/discordbot/discordbot_test.go +++ b/pkg/core/notifier/providers/discordbot/discordbot_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/discordbot" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/discordbot" ) const ( @@ -24,7 +24,7 @@ func init() { argsPrefix := "CERTIMATE_NOTIFIER_DISCORDBOT_" flag.StringVar(&fApiToken, argsPrefix+"APITOKEN", "", "") - flag.StringVar(&fChannelId, argsPrefix+"CHANNELID", 0, "") + flag.StringVar(&fChannelId, argsPrefix+"CHANNELID", "", "") } /* @@ -44,7 +44,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("CHANNELID: %v", fChannelId), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ BotToken: fApiToken, ChannelId: fChannelId, }) diff --git a/internal/pkg/core/notifier/providers/email/email.go b/pkg/core/notifier/providers/email/email.go similarity index 70% rename from internal/pkg/core/notifier/providers/email/email.go rename to pkg/core/notifier/providers/email/email.go index c8405554..631e8995 100644 --- a/internal/pkg/core/notifier/providers/email/email.go +++ b/pkg/core/notifier/providers/email/email.go @@ -3,16 +3,18 @@ package email import ( "context" "crypto/tls" - "fmt" + "errors" "log/slog" + "net" "net/smtp" + "strconv" "github.com/domodwyer/mailyak/v3" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // SMTP 服务器地址。 SmtpHost string `json:"smtpHost"` // SMTP 服务器端口。 @@ -26,20 +28,22 @@ type NotifierConfig struct { Password string `json:"password"` // 发件人邮箱。 SenderAddress string `json:"senderAddress"` + // 发件人显示名称。 + SenderName string `json:"senderName,omitempty"` // 收件人邮箱。 ReceiverAddress string `json:"receiverAddress"` } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } return &NotifierProvider{ @@ -48,16 +52,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { var smtpAuth smtp.Auth if n.config.Username != "" || n.config.Password != "" { smtpAuth = smtp.PlainAuth("", n.config.Username, n.config.Password, n.config.SmtpHost) @@ -66,12 +69,12 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s var smtpAddr string if n.config.SmtpPort == 0 { if n.config.SmtpTls { - smtpAddr = fmt.Sprintf("%s:465", n.config.SmtpHost) + smtpAddr = net.JoinHostPort(n.config.SmtpHost, "465") } else { - smtpAddr = fmt.Sprintf("%s:25", n.config.SmtpHost) + smtpAddr = net.JoinHostPort(n.config.SmtpHost, "25") } } else { - smtpAddr = fmt.Sprintf("%s:%d", n.config.SmtpHost, n.config.SmtpPort) + smtpAddr = net.JoinHostPort(n.config.SmtpHost, strconv.Itoa(int(n.config.SmtpPort))) } var yak *mailyak.MailYak @@ -86,6 +89,7 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s } yak.From(n.config.SenderAddress) + yak.FromName(n.config.SenderName) yak.To(n.config.ReceiverAddress) yak.Subject(subject) yak.Plain().Set(message) @@ -94,7 +98,7 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, err } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } func newTlsConfig() *tls.Config { diff --git a/internal/pkg/core/notifier/providers/email/email_test.go b/pkg/core/notifier/providers/email/email_test.go similarity index 93% rename from internal/pkg/core/notifier/providers/email/email_test.go rename to pkg/core/notifier/providers/email/email_test.go index cf0669ca..3d99a198 100644 --- a/internal/pkg/core/notifier/providers/email/email_test.go +++ b/pkg/core/notifier/providers/email/email_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/email" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/email" ) const ( @@ -64,7 +64,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("RECEIVERADDRESS: %v", fReceiverAddress), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ SmtpHost: fSmtpHost, SmtpPort: int32(fSmtpPort), SmtpTls: fSmtpTLS, diff --git a/internal/pkg/core/notifier/providers/gotify/gotify.go b/pkg/core/notifier/providers/gotify/gotify.go similarity index 74% rename from internal/pkg/core/notifier/providers/gotify/gotify.go rename to pkg/core/notifier/providers/gotify/gotify.go index 75d8737b..97d69ba9 100644 --- a/internal/pkg/core/notifier/providers/gotify/gotify.go +++ b/pkg/core/notifier/providers/gotify/gotify.go @@ -2,16 +2,17 @@ package gotify import ( "context" + "errors" "fmt" "log/slog" "strings" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // Gotify 服务地址。 ServerUrl string `json:"serverUrl"` // Gotify Token。 @@ -21,16 +22,16 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -42,16 +43,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { serverUrl := strings.TrimRight(n.config.ServerUrl, "/") // REF: https://gotify.net/api-docs#/message/createMessage @@ -72,5 +72,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("gotify api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/gotify/gotify_test.go b/pkg/core/notifier/providers/gotify/gotify_test.go similarity index 88% rename from internal/pkg/core/notifier/providers/gotify/gotify_test.go rename to pkg/core/notifier/providers/gotify/gotify_test.go index eb0ffd6b..a96142b2 100644 --- a/internal/pkg/core/notifier/providers/gotify/gotify_test.go +++ b/pkg/core/notifier/providers/gotify/gotify_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/gotify" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/gotify" ) const ( @@ -47,7 +47,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("PRIORITY: %d", fPriority), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ ServerUrl: fUrl, Token: fToken, Priority: fPriority, diff --git a/internal/pkg/core/notifier/providers/larkbot/larkbot.go b/pkg/core/notifier/providers/larkbot/larkbot.go similarity index 65% rename from internal/pkg/core/notifier/providers/larkbot/larkbot.go rename to pkg/core/notifier/providers/larkbot/larkbot.go index 8c5022c0..96a570d2 100644 --- a/internal/pkg/core/notifier/providers/larkbot/larkbot.go +++ b/pkg/core/notifier/providers/larkbot/larkbot.go @@ -2,29 +2,30 @@ package larkbot import ( "context" + "errors" "fmt" "log/slog" "github.com/go-lark/lark" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // 飞书机器人 Webhook 地址。 WebhookUrl string `json:"webhookUrl"` } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } return &NotifierProvider{ @@ -33,16 +34,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { bot := lark.NewNotificationBot(n.config.WebhookUrl) content := lark.NewPostBuilder(). Title(subject). @@ -56,5 +56,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("lark api error: code='%d', message='%s'", resp.Code, resp.Msg) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/larkbot/larkbot_test.go b/pkg/core/notifier/providers/larkbot/larkbot_test.go similarity index 84% rename from internal/pkg/core/notifier/providers/larkbot/larkbot_test.go rename to pkg/core/notifier/providers/larkbot/larkbot_test.go index 2deba768..8fd73bb8 100644 --- a/internal/pkg/core/notifier/providers/larkbot/larkbot_test.go +++ b/pkg/core/notifier/providers/larkbot/larkbot_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/larkbot" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/larkbot" ) const ( @@ -38,7 +38,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("WEBHOOKURL: %v", fWebhookUrl), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ WebhookUrl: fWebhookUrl, }) if err != nil { diff --git a/internal/pkg/core/notifier/providers/mattermost/mattermost.go b/pkg/core/notifier/providers/mattermost/mattermost.go similarity index 83% rename from internal/pkg/core/notifier/providers/mattermost/mattermost.go rename to pkg/core/notifier/providers/mattermost/mattermost.go index de72d192..c936306c 100644 --- a/internal/pkg/core/notifier/providers/mattermost/mattermost.go +++ b/pkg/core/notifier/providers/mattermost/mattermost.go @@ -2,16 +2,17 @@ package mattermost import ( "context" + "errors" "fmt" "log/slog" "strings" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // Mattermost 服务地址。 ServerUrl string `json:"serverUrl"` // Mattermost 用户名。 @@ -23,16 +24,16 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -44,16 +45,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { serverUrl := strings.TrimRight(n.config.ServerUrl, "/") // REF: https://developers.mattermost.com/api-documentation/#/operations/Login @@ -98,5 +98,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("mattermost api error: unexpected status code: %d, resp: %s", postResp.StatusCode(), postResp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/mattermost/mattermost_test.go b/pkg/core/notifier/providers/mattermost/mattermost_test.go similarity index 90% rename from internal/pkg/core/notifier/providers/mattermost/mattermost_test.go rename to pkg/core/notifier/providers/mattermost/mattermost_test.go index 6db6cc42..e63471c9 100644 --- a/internal/pkg/core/notifier/providers/mattermost/mattermost_test.go +++ b/pkg/core/notifier/providers/mattermost/mattermost_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/mattermost" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/mattermost" ) const ( @@ -52,7 +52,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("PASSWORD: %v", fPassword), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ ServerUrl: fServerUrl, ChannelId: fChannelId, Username: fUsername, diff --git a/internal/pkg/core/notifier/providers/pushover/pushover.go b/pkg/core/notifier/providers/pushover/pushover.go similarity index 71% rename from internal/pkg/core/notifier/providers/pushover/pushover.go rename to pkg/core/notifier/providers/pushover/pushover.go index aedf8d3a..5eea6375 100644 --- a/internal/pkg/core/notifier/providers/pushover/pushover.go +++ b/pkg/core/notifier/providers/pushover/pushover.go @@ -2,15 +2,16 @@ package pushover import ( "context" + "errors" "fmt" "log/slog" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // Pushover API Token。 Token string `json:"token"` // 用户或分组标识。 @@ -18,16 +19,16 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -39,16 +40,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { // REF: https://pushover.net/api req := n.httpClient.R(). SetContext(ctx). @@ -67,5 +67,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("pushover api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/pushover/pushover_test.go b/pkg/core/notifier/providers/pushover/pushover_test.go similarity index 85% rename from internal/pkg/core/notifier/providers/pushover/pushover_test.go rename to pkg/core/notifier/providers/pushover/pushover_test.go index 450beac1..25d4288b 100644 --- a/internal/pkg/core/notifier/providers/pushover/pushover_test.go +++ b/pkg/core/notifier/providers/pushover/pushover_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/pushover" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/pushover" ) const ( @@ -42,7 +42,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("TOKEN: %v", fToken), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ Token: fToken, User: fUser, }) diff --git a/internal/pkg/core/notifier/providers/pushplus/pushplus.go b/pkg/core/notifier/providers/pushplus/pushplus.go similarity index 77% rename from internal/pkg/core/notifier/providers/pushplus/pushplus.go rename to pkg/core/notifier/providers/pushplus/pushplus.go index 9f565ce5..559603f7 100644 --- a/internal/pkg/core/notifier/providers/pushplus/pushplus.go +++ b/pkg/core/notifier/providers/pushplus/pushplus.go @@ -3,30 +3,31 @@ package pushplus import ( "context" "encoding/json" + "errors" "fmt" "log/slog" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // PushPlus Token。 Token string `json:"token"` } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -38,16 +39,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { // REF: https://pushplus.plus/doc/guide/api.html#%E4%B8%80%E3%80%81%E5%8F%91%E9%80%81%E6%B6%88%E6%81%AF%E6%8E%A5%E5%8F%A3 req := n.httpClient.R(). SetContext(ctx). @@ -75,5 +75,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("pushplus api error: code='%d', message='%s'", errorResponse.Code, errorResponse.Message) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/pushplus/pushplus_test.go b/pkg/core/notifier/providers/pushplus/pushplus_test.go similarity index 83% rename from internal/pkg/core/notifier/providers/pushplus/pushplus_test.go rename to pkg/core/notifier/providers/pushplus/pushplus_test.go index f504c168..6fca9ccf 100644 --- a/internal/pkg/core/notifier/providers/pushplus/pushplus_test.go +++ b/pkg/core/notifier/providers/pushplus/pushplus_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/pushplus" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/pushplus" ) const ( @@ -37,7 +37,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("TOKEN: %v", fToken), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ Token: fToken, }) if err != nil { diff --git a/internal/pkg/core/notifier/providers/serverchan/serverchan.go b/pkg/core/notifier/providers/serverchan/serverchan.go similarity index 69% rename from internal/pkg/core/notifier/providers/serverchan/serverchan.go rename to pkg/core/notifier/providers/serverchan/serverchan.go index ea6adf2b..20f7cdd7 100644 --- a/internal/pkg/core/notifier/providers/serverchan/serverchan.go +++ b/pkg/core/notifier/providers/serverchan/serverchan.go @@ -2,30 +2,31 @@ package serverchan import ( "context" + "errors" "fmt" "log/slog" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // ServerChan 服务地址。 ServerUrl string `json:"serverUrl"` } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -37,16 +38,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { // REF: https://sct.ftqq.com/ req := n.httpClient.R(). SetContext(ctx). @@ -63,5 +63,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("serverchan api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/serverchan/serverchan_test.go b/pkg/core/notifier/providers/serverchan/serverchan_test.go similarity index 84% rename from internal/pkg/core/notifier/providers/serverchan/serverchan_test.go rename to pkg/core/notifier/providers/serverchan/serverchan_test.go index 5684a593..2ea4acaa 100644 --- a/internal/pkg/core/notifier/providers/serverchan/serverchan_test.go +++ b/pkg/core/notifier/providers/serverchan/serverchan_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/serverchan" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/serverchan" ) const ( @@ -38,7 +38,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("URL: %v", fUrl), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ ServerUrl: fUrl, }) if err != nil { diff --git a/internal/pkg/core/notifier/providers/slackbot/slackbot.go b/pkg/core/notifier/providers/slackbot/slackbot.go similarity index 73% rename from internal/pkg/core/notifier/providers/slackbot/slackbot.go rename to pkg/core/notifier/providers/slackbot/slackbot.go index 92db106c..f8706cd4 100644 --- a/internal/pkg/core/notifier/providers/slackbot/slackbot.go +++ b/pkg/core/notifier/providers/slackbot/slackbot.go @@ -2,15 +2,16 @@ package discordbot import ( "context" + "errors" "fmt" "log/slog" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // Slack Bot API Token。 BotToken string `json:"botToken"` // Slack Channel ID。 @@ -18,16 +19,16 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -39,16 +40,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { // REF: https://docs.slack.dev/messaging/sending-and-scheduling-messages#publishing req := n.httpClient.R(). SetContext(ctx). @@ -67,5 +67,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("slack api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/slackbot/slackbot_test.go b/pkg/core/notifier/providers/slackbot/slackbot_test.go similarity index 82% rename from internal/pkg/core/notifier/providers/slackbot/slackbot_test.go rename to pkg/core/notifier/providers/slackbot/slackbot_test.go index 356ef71f..5f5ab4a1 100644 --- a/internal/pkg/core/notifier/providers/slackbot/slackbot_test.go +++ b/pkg/core/notifier/providers/slackbot/slackbot_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/slackbot" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/slackbot" ) const ( @@ -24,7 +24,7 @@ func init() { argsPrefix := "CERTIMATE_NOTIFIER_SLACKBOT_" flag.StringVar(&fApiToken, argsPrefix+"APITOKEN", "", "") - flag.StringVar(&fChannelId, argsPrefix+"CHANNELID", 0, "") + flag.StringVar(&fChannelId, argsPrefix+"CHANNELID", "", "") } /* @@ -44,7 +44,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("CHANNELID: %v", fChannelId), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ BotToken: fApiToken, ChannelId: fChannelId, }) diff --git a/internal/pkg/core/notifier/providers/telegrambot/telegrambot.go b/pkg/core/notifier/providers/telegrambot/telegrambot.go similarity index 72% rename from internal/pkg/core/notifier/providers/telegrambot/telegrambot.go rename to pkg/core/notifier/providers/telegrambot/telegrambot.go index 80d03a21..a2c077eb 100644 --- a/internal/pkg/core/notifier/providers/telegrambot/telegrambot.go +++ b/pkg/core/notifier/providers/telegrambot/telegrambot.go @@ -2,15 +2,16 @@ package telegrambot import ( "context" + "errors" "fmt" "log/slog" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // Telegram Bot API Token。 BotToken string `json:"botToken"` // Telegram Chat ID。 @@ -18,16 +19,16 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -39,16 +40,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { // REF: https://core.telegram.org/bots/api#sendmessage req := n.httpClient.R(). SetContext(ctx). @@ -65,5 +65,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("telegram api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/telegrambot/telegrambot_test.go b/pkg/core/notifier/providers/telegrambot/telegrambot_test.go similarity index 86% rename from internal/pkg/core/notifier/providers/telegrambot/telegrambot_test.go rename to pkg/core/notifier/providers/telegrambot/telegrambot_test.go index 8dc18b95..76c24eee 100644 --- a/internal/pkg/core/notifier/providers/telegrambot/telegrambot_test.go +++ b/pkg/core/notifier/providers/telegrambot/telegrambot_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/telegrambot" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/telegrambot" ) const ( @@ -44,7 +44,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("CHATID: %v", fChatId), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ BotToken: fApiToken, ChatId: fChatId, }) diff --git a/internal/pkg/core/notifier/providers/webhook/webhook.go b/pkg/core/notifier/providers/webhook/webhook.go similarity index 91% rename from internal/pkg/core/notifier/providers/webhook/webhook.go rename to pkg/core/notifier/providers/webhook/webhook.go index 523f7b4d..09ae91e3 100644 --- a/internal/pkg/core/notifier/providers/webhook/webhook.go +++ b/pkg/core/notifier/providers/webhook/webhook.go @@ -4,6 +4,7 @@ import ( "context" "crypto/tls" "encoding/json" + "errors" "fmt" "log/slog" "net/http" @@ -13,10 +14,10 @@ import ( "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // Webhook URL。 WebhookUrl string `json:"webhookUrl"` // Webhook 回调数据(application/json 或 application/x-www-form-urlencoded 格式)。 @@ -31,16 +32,16 @@ type NotifierConfig struct { } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New(). @@ -58,16 +59,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { // 处理 Webhook URL webhookUrl, err := url.Parse(n.config.WebhookUrl) if err != nil { @@ -165,7 +165,7 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s n.logger.Debug("webhook responded", slog.String("response", resp.String())) - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } func replaceJsonValueRecursively(data interface{}, oldStr, newStr string) interface{} { diff --git a/internal/pkg/core/notifier/providers/webhook/webhook_test.go b/pkg/core/notifier/providers/webhook/webhook_test.go similarity index 88% rename from internal/pkg/core/notifier/providers/webhook/webhook_test.go rename to pkg/core/notifier/providers/webhook/webhook_test.go index c416b3c9..d7a42a7e 100644 --- a/internal/pkg/core/notifier/providers/webhook/webhook_test.go +++ b/pkg/core/notifier/providers/webhook/webhook_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/webhook" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/webhook" ) const ( @@ -43,7 +43,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("URL: %v", fWebhookUrl), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ WebhookUrl: fWebhookUrl, Method: "POST", Headers: map[string]string{ diff --git a/internal/pkg/core/notifier/providers/wecombot/wecombot.go b/pkg/core/notifier/providers/wecombot/wecombot.go similarity index 71% rename from internal/pkg/core/notifier/providers/wecombot/wecombot.go rename to pkg/core/notifier/providers/wecombot/wecombot.go index 93b03c4d..991168b4 100644 --- a/internal/pkg/core/notifier/providers/wecombot/wecombot.go +++ b/pkg/core/notifier/providers/wecombot/wecombot.go @@ -2,30 +2,31 @@ package wecombot import ( "context" + "errors" "fmt" "log/slog" "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/notifier" + "github.com/certimate-go/certimate/pkg/core" ) -type NotifierConfig struct { +type NotifierProviderConfig struct { // 企业微信机器人 Webhook 地址。 WebhookUrl string `json:"webhookUrl"` } type NotifierProvider struct { - config *NotifierConfig + config *NotifierProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ notifier.Notifier = (*NotifierProvider)(nil) +var _ core.Notifier = (*NotifierProvider)(nil) -func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { +func NewNotifierProvider(config *NotifierProviderConfig) (*NotifierProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the notifier provider is nil") } client := resty.New() @@ -37,16 +38,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) { }, nil } -func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier { +func (n *NotifierProvider) SetLogger(logger *slog.Logger) { if logger == nil { n.logger = slog.New(slog.DiscardHandler) } else { n.logger = logger } - return n } -func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*notifier.NotifyResult, error) { +func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (*core.NotifyResult, error) { // REF: https://developer.work.weixin.qq.com/document/path/91770 req := n.httpClient.R(). SetContext(ctx). @@ -65,5 +65,5 @@ func (n *NotifierProvider) Notify(ctx context.Context, subject string, message s return nil, fmt.Errorf("wecom api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } - return ¬ifier.NotifyResult{}, nil + return &core.NotifyResult{}, nil } diff --git a/internal/pkg/core/notifier/providers/wecombot/wecombot_test.go b/pkg/core/notifier/providers/wecombot/wecombot_test.go similarity index 84% rename from internal/pkg/core/notifier/providers/wecombot/wecombot_test.go rename to pkg/core/notifier/providers/wecombot/wecombot_test.go index 261f2158..9a58384a 100644 --- a/internal/pkg/core/notifier/providers/wecombot/wecombot_test.go +++ b/pkg/core/notifier/providers/wecombot/wecombot_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/wecombot" + provider "github.com/certimate-go/certimate/pkg/core/notifier/providers/wecombot" ) const ( @@ -38,7 +38,7 @@ func TestNotify(t *testing.T) { fmt.Sprintf("WEBHOOKURL: %v", fWebhookUrl), }, "\n")) - notifier, err := provider.NewNotifier(&provider.NotifierConfig{ + notifier, err := provider.NewNotifierProvider(&provider.NotifierProviderConfig{ WebhookUrl: fWebhookUrl, }) if err != nil { diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/acmehttpreq/acmehttpreq.go b/pkg/core/ssl-applicator/acme-dns01/providers/acmehttpreq/acmehttpreq.go similarity index 80% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/acmehttpreq/acmehttpreq.go rename to pkg/core/ssl-applicator/acme-dns01/providers/acmehttpreq/acmehttpreq.go index bdd16234..54445cda 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/acmehttpreq/acmehttpreq.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/acmehttpreq/acmehttpreq.go @@ -1,11 +1,13 @@ package acmehttpreq import ( + "errors" "net/url" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/httpreq" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -16,9 +18,9 @@ type ChallengeProviderConfig struct { DnsPropagationTimeout int32 `json:"dnsPropagationTimeout,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } endpoint, _ := url.Parse(config.Endpoint) diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun-esa/aliyun_esa.go b/pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa/aliyun_esa.go similarity index 73% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun-esa/aliyun_esa.go rename to pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa/aliyun_esa.go index 56deaa2d..a2ef64b1 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun-esa/aliyun_esa.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa/aliyun_esa.go @@ -1,11 +1,11 @@ package aliyunesa import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - internal "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun-esa/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa/internal" ) type ChallengeProviderConfig struct { @@ -16,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := internal.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun-esa/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa/internal/lego.go similarity index 100% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun-esa/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa/internal/lego.go diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun/aliyun.go b/pkg/core/ssl-applicator/acme-dns01/providers/aliyun/aliyun.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun/aliyun.go rename to pkg/core/ssl-applicator/acme-dns01/providers/aliyun/aliyun.go index 8f5cc56b..3b694d92 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun/aliyun.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/aliyun/aliyun.go @@ -1,10 +1,12 @@ package aliyun import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/alidns" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := alidns.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/aws-route53/aws-route53.go b/pkg/core/ssl-applicator/acme-dns01/providers/aws-route53/aws-route53.go similarity index 82% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/aws-route53/aws-route53.go rename to pkg/core/ssl-applicator/acme-dns01/providers/aws-route53/aws-route53.go index be1cfecf..e5f81d05 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/aws-route53/aws-route53.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/aws-route53/aws-route53.go @@ -1,10 +1,12 @@ package awsroute53 import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/route53" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -16,9 +18,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := route53.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/azure-dns/azure-dns.go b/pkg/core/ssl-applicator/acme-dns01/providers/azure-dns/azure-dns.go similarity index 75% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/azure-dns/azure-dns.go rename to pkg/core/ssl-applicator/acme-dns01/providers/azure-dns/azure-dns.go index d8d54c90..b02e2338 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/azure-dns/azure-dns.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/azure-dns/azure-dns.go @@ -1,12 +1,13 @@ package azuredns import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/azuredns" - azcommon "github.com/usual2970/certimate/internal/pkg/sdk3rd/azure/common" + "github.com/certimate-go/certimate/pkg/core" + azenv "github.com/certimate-go/certimate/pkg/sdk3rd/azure/env" ) type ChallengeProviderConfig struct { @@ -18,9 +19,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := azuredns.NewDefaultConfig() @@ -28,7 +29,7 @@ func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, providerConfig.ClientID = config.ClientId providerConfig.ClientSecret = config.ClientSecret if config.CloudName != "" { - env, err := azcommon.GetCloudEnvironmentConfiguration(config.CloudName) + env, err := azenv.GetCloudEnvConfiguration(config.CloudName) if err != nil { return nil, err } diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud/baiducloud.go b/pkg/core/ssl-applicator/acme-dns01/providers/baiducloud/baiducloud.go similarity index 71% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud/baiducloud.go rename to pkg/core/ssl-applicator/acme-dns01/providers/baiducloud/baiducloud.go index ac63665e..232dbdb2 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud/baiducloud.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/baiducloud/baiducloud.go @@ -1,11 +1,11 @@ package baiducloud import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - internal "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/baiducloud/internal" ) type ChallengeProviderConfig struct { @@ -15,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := internal.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/baiducloud/internal/lego.go similarity index 100% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/baiducloud/internal/lego.go diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/bunny/bunny.go b/pkg/core/ssl-applicator/acme-dns01/providers/bunny/bunny.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/bunny/bunny.go rename to pkg/core/ssl-applicator/acme-dns01/providers/bunny/bunny.go index 1f4fdffe..27a8f92f 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/bunny/bunny.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/bunny/bunny.go @@ -1,10 +1,12 @@ package bunny import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/bunny" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := bunny.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudflare/cloudflare.go b/pkg/core/ssl-applicator/acme-dns01/providers/cloudflare/cloudflare.go similarity index 79% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudflare/cloudflare.go rename to pkg/core/ssl-applicator/acme-dns01/providers/cloudflare/cloudflare.go index cdfc1313..ae33e61f 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudflare/cloudflare.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/cloudflare/cloudflare.go @@ -1,10 +1,12 @@ package cloudflare import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/cloudflare" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := cloudflare.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudns/cloudns.go b/pkg/core/ssl-applicator/acme-dns01/providers/cloudns/cloudns.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudns/cloudns.go rename to pkg/core/ssl-applicator/acme-dns01/providers/cloudns/cloudns.go index dc351bd3..88cd2866 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudns/cloudns.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/cloudns/cloudns.go @@ -1,10 +1,12 @@ package cloudns import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/cloudns" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := cloudns.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud/cmcccloud.go b/pkg/core/ssl-applicator/acme-dns01/providers/cmcccloud/cmcccloud.go similarity index 71% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud/cmcccloud.go rename to pkg/core/ssl-applicator/acme-dns01/providers/cmcccloud/cmcccloud.go index ba0721fd..494ea4b1 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud/cmcccloud.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/cmcccloud/cmcccloud.go @@ -4,9 +4,8 @@ import ( "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/cmcccloud/internal" ) type ChallengeProviderConfig struct { @@ -16,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - return nil, errors.New("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := internal.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/cmcccloud/internal/lego.go similarity index 97% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/cmcccloud/internal/lego.go index 6bccb1dc..b4d6b971 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud/internal/lego.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/cmcccloud/internal/lego.go @@ -18,8 +18,9 @@ import ( const ( envNamespace = "CMCCCLOUD_" - EnvAccessKey = envNamespace + "ACCESS_KEY" - EnvSecretKey = envNamespace + "SECRET_KEY" + EnvAccessKey = envNamespace + "ACCESS_KEY" + EnvSecretKey = envNamespace + "SECRET_KEY" + EnvTTL = envNamespace + "TTL" EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT" EnvPollingInterval = envNamespace + "POLLING_INTERVAL" @@ -30,13 +31,14 @@ const ( var _ challenge.ProviderTimeout = (*DNSProvider)(nil) type Config struct { - AccessKey string - SecretKey string - ReadTimeOut int - ConnectTimeout int + AccessKey string + SecretKey string + PropagationTimeout time.Duration PollingInterval time.Duration TTL int32 + ReadTimeOut int + ConnectTimeout int } type DNSProvider struct { diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/constellix/constellix.go b/pkg/core/ssl-applicator/acme-dns01/providers/constellix/constellix.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/constellix/constellix.go rename to pkg/core/ssl-applicator/acme-dns01/providers/constellix/constellix.go index 12e7d615..02b11099 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/constellix/constellix.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/constellix/constellix.go @@ -1,10 +1,12 @@ package cloudns import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/constellix" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := constellix.NewDefaultConfig() diff --git a/pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud/ctcccloud.go b/pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud/ctcccloud.go new file mode 100644 index 00000000..f4e47e3b --- /dev/null +++ b/pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud/ctcccloud.go @@ -0,0 +1,39 @@ +package ctcccloud + +import ( + "errors" + "time" + + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud/internal" +) + +type ChallengeProviderConfig struct { + AccessKeyId string `json:"accessKeyId"` + SecretAccessKey string `json:"secretAccessKey"` + DnsPropagationTimeout int32 `json:"dnsPropagationTimeout,omitempty"` + DnsTTL int32 `json:"dnsTTL,omitempty"` +} + +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { + if config == nil { + return nil, errors.New("the configuration of the acme challenge provider is nil") + } + + providerConfig := internal.NewDefaultConfig() + providerConfig.AccessKeyId = config.AccessKeyId + providerConfig.SecretAccessKey = config.SecretAccessKey + if config.DnsTTL != 0 { + providerConfig.TTL = int(config.DnsTTL) + } + if config.DnsPropagationTimeout != 0 { + providerConfig.PropagationTimeout = time.Duration(config.DnsPropagationTimeout) * time.Second + } + + provider, err := internal.NewDNSProviderConfig(providerConfig) + if err != nil { + return nil, err + } + + return provider, nil +} diff --git a/pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud/internal/lego.go new file mode 100644 index 00000000..f472de75 --- /dev/null +++ b/pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud/internal/lego.go @@ -0,0 +1,203 @@ +package internal + +import ( + "errors" + "fmt" + "time" + + "github.com/go-acme/lego/v4/challenge" + "github.com/go-acme/lego/v4/challenge/dns01" + "github.com/go-acme/lego/v4/platform/config/env" + + ctyundns "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/dns" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +const ( + envNamespace = "CTYUNSMARTDNS_" + + EnvAccessKeyID = envNamespace + "ACCESS_KEY_ID" + EnvSecretAccessKey = envNamespace + "SECRET_ACCESS_KEY" + + EnvTTL = envNamespace + "TTL" + EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT" + EnvPollingInterval = envNamespace + "POLLING_INTERVAL" + EnvHTTPTimeout = envNamespace + "HTTP_TIMEOUT" +) + +var _ challenge.ProviderTimeout = (*DNSProvider)(nil) + +type Config struct { + AccessKeyId string + SecretAccessKey string + + PropagationTimeout time.Duration + PollingInterval time.Duration + TTL int + HTTPTimeout time.Duration +} + +type DNSProvider struct { + client *ctyundns.Client + config *Config +} + +func NewDefaultConfig() *Config { + return &Config{ + TTL: env.GetOrDefaultInt(EnvTTL, 600), + PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, 2*time.Minute), + HTTPTimeout: env.GetOrDefaultSecond(EnvHTTPTimeout, 30*time.Second), + } +} + +func NewDNSProvider() (*DNSProvider, error) { + values, err := env.Get(EnvAccessKeyID, EnvSecretAccessKey) + if err != nil { + return nil, fmt.Errorf("ctyun: %w", err) + } + + config := NewDefaultConfig() + config.AccessKeyId = values[EnvAccessKeyID] + config.SecretAccessKey = values[EnvSecretAccessKey] + + return NewDNSProviderConfig(config) +} + +func NewDNSProviderConfig(config *Config) (*DNSProvider, error) { + if config == nil { + return nil, errors.New("ctyun: the configuration of the DNS provider is nil") + } + + client, err := ctyundns.NewClient(config.AccessKeyId, config.SecretAccessKey) + if err != nil { + return nil, err + } else { + client.SetTimeout(config.HTTPTimeout) + } + + return &DNSProvider{ + client: client, + config: config, + }, nil +} + +func (d *DNSProvider) Present(domain, token, keyAuth string) error { + info := dns01.GetChallengeInfo(domain, keyAuth) + + authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN) + if err != nil { + return fmt.Errorf("ctyun: could not find zone for domain %q: %w", domain, err) + } + + subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone) + if err != nil { + return fmt.Errorf("ctyun: %w", err) + } + + if err := d.addOrUpdateDNSRecord(dns01.UnFqdn(authZone), subDomain, info.Value); err != nil { + return fmt.Errorf("ctyun: %w", err) + } + + return nil +} + +func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error { + info := dns01.GetChallengeInfo(domain, keyAuth) + + authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN) + if err != nil { + return fmt.Errorf("ctyun: could not find zone for domain %q: %w", domain, err) + } + + subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone) + if err != nil { + return fmt.Errorf("ctyun: %w", err) + } + + if err := d.removeDNSRecord(dns01.UnFqdn(authZone), subDomain); err != nil { + return fmt.Errorf("ctyun: %w", err) + } + + return nil +} + +func (d *DNSProvider) Timeout() (timeout, interval time.Duration) { + return d.config.PropagationTimeout, d.config.PollingInterval +} + +func (d *DNSProvider) findDNSRecordId(zoneName, subDomain string) (int32, error) { + // 查询解析记录列表 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=122&api=11264&data=181&isNormal=1&vid=259 + request := &ctyundns.QueryRecordListRequest{} + request.Domain = xtypes.ToPtr(zoneName) + request.Host = xtypes.ToPtr(subDomain) + request.Type = xtypes.ToPtr("TXT") + + response, err := d.client.QueryRecordList(request) + if err != nil { + return 0, err + } + + if response.ReturnObj == nil || response.ReturnObj.Records == nil || len(response.ReturnObj.Records) == 0 { + return 0, nil + } + + return response.ReturnObj.Records[0].RecordId, nil +} + +func (d *DNSProvider) addOrUpdateDNSRecord(zoneName, subDomain, value string) error { + recordId, err := d.findDNSRecordId(zoneName, subDomain) + if err != nil { + return err + } + + if recordId == 0 { + // 新增解析记录 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=122&api=11259&data=181&isNormal=1&vid=259 + request := &ctyundns.AddRecordRequest{ + Domain: xtypes.ToPtr(zoneName), + Host: xtypes.ToPtr(subDomain), + Type: xtypes.ToPtr("TXT"), + LineCode: xtypes.ToPtr("Default"), + Value: xtypes.ToPtr(value), + State: xtypes.ToPtr(int32(1)), + TTL: xtypes.ToPtr(int32(d.config.TTL)), + } + _, err := d.client.AddRecord(request) + return err + } else { + // 修改解析记录 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=122&api=11261&data=181&isNormal=1&vid=259 + request := &ctyundns.UpdateRecordRequest{ + RecordId: xtypes.ToPtr(recordId), + Domain: xtypes.ToPtr(zoneName), + Host: xtypes.ToPtr(subDomain), + Type: xtypes.ToPtr("TXT"), + LineCode: xtypes.ToPtr("Default"), + Value: xtypes.ToPtr(value), + State: xtypes.ToPtr(int32(1)), + TTL: xtypes.ToPtr(int32(d.config.TTL)), + } + _, err := d.client.UpdateRecord(request) + return err + } +} + +func (d *DNSProvider) removeDNSRecord(zoneName, subDomain string) error { + recordId, err := d.findDNSRecordId(zoneName, subDomain) + if err != nil { + return err + } + + if recordId == 0 { + return nil + } else { + // 删除解析记录 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=122&api=11262&data=181&isNormal=1&vid=259 + request := &ctyundns.DeleteRecordRequest{ + RecordId: xtypes.ToPtr(recordId), + } + _, err = d.client.DeleteRecord(request) + return err + } +} diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/desec/desec.go b/pkg/core/ssl-applicator/acme-dns01/providers/desec/desec.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/desec/desec.go rename to pkg/core/ssl-applicator/acme-dns01/providers/desec/desec.go index 7a997117..b58c828e 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/desec/desec.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/desec/desec.go @@ -1,10 +1,12 @@ package desec import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/desec" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := desec.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/digitalocean/digitalocean.go b/pkg/core/ssl-applicator/acme-dns01/providers/digitalocean/digitalocean.go similarity index 77% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/digitalocean/digitalocean.go rename to pkg/core/ssl-applicator/acme-dns01/providers/digitalocean/digitalocean.go index 0e3cb358..45b679c8 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/digitalocean/digitalocean.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/digitalocean/digitalocean.go @@ -1,10 +1,12 @@ package namedotcom import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/digitalocean" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := digitalocean.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla/dnsla.go b/pkg/core/ssl-applicator/acme-dns01/providers/dnsla/dnsla.go similarity index 70% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla/dnsla.go rename to pkg/core/ssl-applicator/acme-dns01/providers/dnsla/dnsla.go index 5b0bd977..330bc237 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla/dnsla.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/dnsla/dnsla.go @@ -1,11 +1,11 @@ package dnsla import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - internal "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/dnsla/internal" ) type ChallengeProviderConfig struct { @@ -15,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := internal.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/dnsla/internal/lego.go similarity index 87% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/dnsla/internal/lego.go index 1063ac5f..3b7bdd07 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla/internal/lego.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/dnsla/internal/lego.go @@ -10,7 +10,7 @@ import ( "github.com/go-acme/lego/v4/challenge/dns01" "github.com/go-acme/lego/v4/platform/config/env" - dnslasdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/dnsla" + dnslasdk "github.com/certimate-go/certimate/pkg/sdk3rd/dnsla" ) const ( @@ -69,8 +69,12 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) { return nil, errors.New("dnsla: the configuration of the DNS provider is nil") } - client := dnslasdk.NewClient(config.APIId, config.APISecret). - WithTimeout(config.HTTPTimeout) + client, err := dnslasdk.NewClient(config.APIId, config.APISecret) + if err != nil { + return nil, err + } else { + client.SetTimeout(config.HTTPTimeout) + } return &DNSProvider{ client: client, @@ -122,13 +126,13 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) { return d.config.PropagationTimeout, d.config.PollingInterval } -func (d *DNSProvider) getDNSZone(zoneName string) (*dnslasdk.DomainInfo, error) { - pageIndex := 1 - pageSize := 100 +func (d *DNSProvider) getDNSZone(zoneName string) (*dnslasdk.DomainRecord, error) { + pageIndex := int32(1) + pageSize := int32(100) for { request := &dnslasdk.ListDomainsRequest{ - PageIndex: int32(pageIndex), - PageSize: int32(pageSize), + PageIndex: &pageIndex, + PageSize: &pageSize, } response, err := d.client.ListDomains(request) if err != nil { @@ -143,7 +147,7 @@ func (d *DNSProvider) getDNSZone(zoneName string) (*dnslasdk.DomainInfo, error) } } - if response.Data == nil || len(response.Data.Results) < pageSize { + if response.Data == nil || len(response.Data.Results) < int(pageSize) { break } @@ -153,20 +157,20 @@ func (d *DNSProvider) getDNSZone(zoneName string) (*dnslasdk.DomainInfo, error) return nil, fmt.Errorf("dnsla: zone %s not found", zoneName) } -func (d *DNSProvider) getDNSZoneAndRecord(zoneName, subDomain string) (*dnslasdk.DomainInfo, *dnslasdk.RecordInfo, error) { +func (d *DNSProvider) getDNSZoneAndRecord(zoneName, subDomain string) (*dnslasdk.DomainRecord, *dnslasdk.DnsRecord, error) { zone, err := d.getDNSZone(zoneName) if err != nil { return nil, nil, err } - pageIndex := 1 - pageSize := 100 + pageIndex := int32(1) + pageSize := int32(100) for { request := &dnslasdk.ListRecordsRequest{ - DomainId: zone.Id, + DomainId: &zone.Id, Host: &subDomain, - PageIndex: int32(pageIndex), - PageSize: int32(pageSize), + PageIndex: &pageIndex, + PageSize: &pageSize, } response, err := d.client.ListRecords(request) if err != nil { @@ -181,7 +185,7 @@ func (d *DNSProvider) getDNSZoneAndRecord(zoneName, subDomain string) (*dnslasdk } } - if response.Data == nil || len(response.Data.Results) < pageSize { + if response.Data == nil || len(response.Data.Results) < int(pageSize) { break } @@ -231,10 +235,7 @@ func (d *DNSProvider) removeDNSRecord(zoneName, subDomain string) error { if record == nil { return nil } else { - request := &dnslasdk.DeleteRecordRequest{ - Id: record.Id, - } - _, err = d.client.DeleteRecord(request) + _, err = d.client.DeleteRecord(record.Id) return err } } diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/duckdns/duckdns.go b/pkg/core/ssl-applicator/acme-dns01/providers/duckdns/duckdns.go similarity index 72% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/duckdns/duckdns.go rename to pkg/core/ssl-applicator/acme-dns01/providers/duckdns/duckdns.go index 6cc823d0..dabd7a6a 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/duckdns/duckdns.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/duckdns/duckdns.go @@ -1,10 +1,12 @@ package namedotcom import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/duckdns" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -12,9 +14,9 @@ type ChallengeProviderConfig struct { DnsPropagationTimeout int32 `json:"dnsPropagationTimeout,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := duckdns.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/dynv6/dnsla.go b/pkg/core/ssl-applicator/acme-dns01/providers/dynv6/dnsla.go similarity index 68% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/dynv6/dnsla.go rename to pkg/core/ssl-applicator/acme-dns01/providers/dynv6/dnsla.go index e5a1ea3c..e9055ff7 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/dynv6/dnsla.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/dynv6/dnsla.go @@ -1,11 +1,11 @@ package dynv6 import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - internal "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/dynv6/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/dynv6/internal" ) type ChallengeProviderConfig struct { @@ -14,9 +14,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := internal.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/dynv6/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/dynv6/internal/lego.go similarity index 100% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/dynv6/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/dynv6/internal/lego.go diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/gcore/gcore.go b/pkg/core/ssl-applicator/acme-dns01/providers/gcore/gcore.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/gcore/gcore.go rename to pkg/core/ssl-applicator/acme-dns01/providers/gcore/gcore.go index ac9f7e61..a3676a3b 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/gcore/gcore.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/gcore/gcore.go @@ -1,10 +1,12 @@ package gcore import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/gcore" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := gcore.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/gname.go b/pkg/core/ssl-applicator/acme-dns01/providers/gname/gname.go similarity index 70% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/gname.go rename to pkg/core/ssl-applicator/acme-dns01/providers/gname/gname.go index 42057149..4206626b 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/gname.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/gname/gname.go @@ -1,11 +1,11 @@ package gname import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - internal "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/gname/internal" ) type ChallengeProviderConfig struct { @@ -15,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := internal.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/gname/internal/lego.go similarity index 81% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/gname/internal/lego.go index 6bfda830..cd669262 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/internal/lego.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/gname/internal/lego.go @@ -9,7 +9,8 @@ import ( "github.com/go-acme/lego/v4/challenge/dns01" "github.com/go-acme/lego/v4/platform/config/env" - gnamesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/gname" + gnamesdk "github.com/certimate-go/certimate/pkg/sdk3rd/gname" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) const ( @@ -68,8 +69,12 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) { return nil, errors.New("gname: the configuration of the DNS provider is nil") } - client := gnamesdk.NewClient(config.AppID, config.AppKey). - WithTimeout(config.HTTPTimeout) + client, err := gnamesdk.NewClient(config.AppID, config.AppKey) + if err != nil { + return nil, err + } else { + client.SetTimeout(config.HTTPTimeout) + } return &DNSProvider{ client: client, @@ -121,14 +126,15 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) { return d.config.PropagationTimeout, d.config.PollingInterval } -func (d *DNSProvider) findDNSRecord(zoneName, subDomain string) (*gnamesdk.ResolutionRecord, error) { +func (d *DNSProvider) findDNSRecord(zoneName, subDomain string) (*gnamesdk.DomainResolutionRecordord, error) { page := int32(1) pageSize := int32(20) for { - request := &gnamesdk.ListDomainResolutionRequest{} - request.ZoneName = zoneName - request.Page = &page - request.PageSize = &pageSize + request := &gnamesdk.ListDomainResolutionRequest{ + ZoneName: xtypes.ToPtr(zoneName), + Page: xtypes.ToPtr(page), + PageSize: xtypes.ToPtr(pageSize), + } response, err := d.client.ListDomainResolution(request) if err != nil { @@ -162,23 +168,23 @@ func (d *DNSProvider) addOrUpdateDNSRecord(zoneName, subDomain, value string) er if record == nil { request := &gnamesdk.AddDomainResolutionRequest{ - ZoneName: zoneName, - RecordType: "TXT", - RecordName: subDomain, - RecordValue: value, - TTL: int32(d.config.TTL), + ZoneName: xtypes.ToPtr(zoneName), + RecordType: xtypes.ToPtr("TXT"), + RecordName: xtypes.ToPtr(subDomain), + RecordValue: xtypes.ToPtr(value), + TTL: xtypes.ToPtr(int32(d.config.TTL)), } _, err := d.client.AddDomainResolution(request) return err } else { recordId, _ := record.ID.Int64() request := &gnamesdk.ModifyDomainResolutionRequest{ - ID: recordId, - ZoneName: zoneName, - RecordType: "TXT", - RecordName: subDomain, - RecordValue: value, - TTL: int32(d.config.TTL), + ID: xtypes.ToPtr(recordId), + ZoneName: xtypes.ToPtr(zoneName), + RecordType: xtypes.ToPtr("TXT"), + RecordName: xtypes.ToPtr(subDomain), + RecordValue: xtypes.ToPtr(value), + TTL: xtypes.ToPtr(int32(d.config.TTL)), } _, err := d.client.ModifyDomainResolution(request) return err @@ -197,8 +203,8 @@ func (d *DNSProvider) removeDNSRecord(zoneName, subDomain string) error { recordId, _ := record.ID.Int64() request := &gnamesdk.DeleteDomainResolutionRequest{ - ZoneName: zoneName, - RecordID: recordId, + ZoneName: xtypes.ToPtr(zoneName), + RecordID: xtypes.ToPtr(recordId), } _, err = d.client.DeleteDomainResolution(request) return err diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/godaddy/godaddy.go b/pkg/core/ssl-applicator/acme-dns01/providers/godaddy/godaddy.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/godaddy/godaddy.go rename to pkg/core/ssl-applicator/acme-dns01/providers/godaddy/godaddy.go index 957c9185..66e0e7f3 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/godaddy/godaddy.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/godaddy/godaddy.go @@ -1,10 +1,12 @@ package godaddy import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/godaddy" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := godaddy.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/hetzner/hetzner.go b/pkg/core/ssl-applicator/acme-dns01/providers/hetzner/hetzner.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/hetzner/hetzner.go rename to pkg/core/ssl-applicator/acme-dns01/providers/hetzner/hetzner.go index c202cc78..8c270e6a 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/hetzner/hetzner.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/hetzner/hetzner.go @@ -1,10 +1,12 @@ package namedotcom import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/hetzner" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := hetzner.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/huaweicloud/huaweicloud.go b/pkg/core/ssl-applicator/acme-dns01/providers/huaweicloud/huaweicloud.go similarity index 83% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/huaweicloud/huaweicloud.go rename to pkg/core/ssl-applicator/acme-dns01/providers/huaweicloud/huaweicloud.go index 08a629fc..4f8e60c6 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/huaweicloud/huaweicloud.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/huaweicloud/huaweicloud.go @@ -1,10 +1,12 @@ package huaweicloud import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" hwc "github.com/go-acme/lego/v4/providers/dns/huaweicloud" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -15,9 +17,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } region := config.Region diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/jdcloud/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/jdcloud/internal/lego.go similarity index 100% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/jdcloud/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/jdcloud/internal/lego.go diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/jdcloud/jdcloud.go b/pkg/core/ssl-applicator/acme-dns01/providers/jdcloud/jdcloud.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/jdcloud/jdcloud.go rename to pkg/core/ssl-applicator/acme-dns01/providers/jdcloud/jdcloud.go index 5729d932..e912f51c 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/jdcloud/jdcloud.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/jdcloud/jdcloud.go @@ -1,11 +1,11 @@ package jdcloud import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - internal "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/jdcloud/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/jdcloud/internal" ) type ChallengeProviderConfig struct { @@ -16,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } regionId := config.RegionId diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/namecheap/namecheap.go b/pkg/core/ssl-applicator/acme-dns01/providers/namecheap/namecheap.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/namecheap/namecheap.go rename to pkg/core/ssl-applicator/acme-dns01/providers/namecheap/namecheap.go index 9bf2f3c3..9d774011 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/namecheap/namecheap.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/namecheap/namecheap.go @@ -1,10 +1,12 @@ package namedotcom import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/namecheap" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := namecheap.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/namedotcom/namedotcom.go b/pkg/core/ssl-applicator/acme-dns01/providers/namedotcom/namedotcom.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/namedotcom/namedotcom.go rename to pkg/core/ssl-applicator/acme-dns01/providers/namedotcom/namedotcom.go index daff3612..ae33e86a 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/namedotcom/namedotcom.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/namedotcom/namedotcom.go @@ -1,10 +1,12 @@ package namedotcom import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/namedotcom" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := namedotcom.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/namesilo/namesilo.go b/pkg/core/ssl-applicator/acme-dns01/providers/namesilo/namesilo.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/namesilo/namesilo.go rename to pkg/core/ssl-applicator/acme-dns01/providers/namesilo/namesilo.go index 5656136b..5ce1b754 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/namesilo/namesilo.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/namesilo/namesilo.go @@ -1,10 +1,12 @@ package namesilo import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/namesilo" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := namesilo.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/netcup/netcup.go b/pkg/core/ssl-applicator/acme-dns01/providers/netcup/netcup.go similarity index 80% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/netcup/netcup.go rename to pkg/core/ssl-applicator/acme-dns01/providers/netcup/netcup.go index 43d7a694..4535e200 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/netcup/netcup.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/netcup/netcup.go @@ -1,10 +1,12 @@ package netcup import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/netcup" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -15,9 +17,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := netcup.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/netlify/netlify.go b/pkg/core/ssl-applicator/acme-dns01/providers/netlify/netlify.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/netlify/netlify.go rename to pkg/core/ssl-applicator/acme-dns01/providers/netlify/netlify.go index f590372b..fe589ac9 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/netlify/netlify.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/netlify/netlify.go @@ -1,10 +1,12 @@ package netcup import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/netlify" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := netlify.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/ns1/ns1.go b/pkg/core/ssl-applicator/acme-dns01/providers/ns1/ns1.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/ns1/ns1.go rename to pkg/core/ssl-applicator/acme-dns01/providers/ns1/ns1.go index 1682e0c2..039d1f62 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/ns1/ns1.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/ns1/ns1.go @@ -1,10 +1,12 @@ package ns1 import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/ns1" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := ns1.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/porkbun/porkbun.go b/pkg/core/ssl-applicator/acme-dns01/providers/porkbun/porkbun.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/porkbun/porkbun.go rename to pkg/core/ssl-applicator/acme-dns01/providers/porkbun/porkbun.go index ba60a791..e45b9223 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/porkbun/porkbun.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/porkbun/porkbun.go @@ -1,10 +1,12 @@ package porkbun import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/porkbun" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := porkbun.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/powerdns/powerdns.go b/pkg/core/ssl-applicator/acme-dns01/providers/powerdns/powerdns.go similarity index 83% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/powerdns/powerdns.go rename to pkg/core/ssl-applicator/acme-dns01/providers/powerdns/powerdns.go index 7c87536c..abb38dba 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/powerdns/powerdns.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/powerdns/powerdns.go @@ -2,12 +2,14 @@ package powerdns import ( "crypto/tls" + "errors" "net/http" "net/url" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/pdns" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -18,9 +20,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } serverUrl, _ := url.Parse(config.ServerUrl) diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/rainyun/rainyun.go b/pkg/core/ssl-applicator/acme-dns01/providers/rainyun/rainyun.go similarity index 76% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/rainyun/rainyun.go rename to pkg/core/ssl-applicator/acme-dns01/providers/rainyun/rainyun.go index 2deda0f1..6bfaf847 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/rainyun/rainyun.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/rainyun/rainyun.go @@ -1,10 +1,12 @@ package rainyun import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/rainyun" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -13,9 +15,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := rainyun.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud-eo/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud-eo/internal/lego.go similarity index 100% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud-eo/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud-eo/internal/lego.go diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud-eo/tencentcloud_eo.go b/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud-eo/tencentcloud_eo.go similarity index 72% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud-eo/tencentcloud_eo.go rename to pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud-eo/tencentcloud_eo.go index 427c79ea..73f5b96e 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud-eo/tencentcloud_eo.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud-eo/tencentcloud_eo.go @@ -1,11 +1,11 @@ package tencentcloudeo import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - internal "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud-eo/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud-eo/internal" ) type ChallengeProviderConfig struct { @@ -16,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := internal.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud/tencentcloud.go b/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud/tencentcloud.go similarity index 79% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud/tencentcloud.go rename to pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud/tencentcloud.go index 8ef3760c..2d663728 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud/tencentcloud.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud/tencentcloud.go @@ -1,10 +1,12 @@ package tencentcloud import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/tencentcloud" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := tencentcloud.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr/internal/lego.go b/pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr/internal/lego.go similarity index 98% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr/internal/lego.go rename to pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr/internal/lego.go index e1be56a4..e06bb30b 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr/internal/lego.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr/internal/lego.go @@ -11,7 +11,7 @@ import ( "github.com/ucloud/ucloud-sdk-go/ucloud" "github.com/ucloud/ucloud-sdk-go/ucloud/auth" - "github.com/usual2970/certimate/internal/pkg/sdk3rd/ucloud/udnr" + "github.com/certimate-go/certimate/pkg/sdk3rd/ucloud/udnr" ) const ( @@ -71,6 +71,7 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) { } cfg := ucloud.NewConfig() + cfg.Timeout = config.HTTPTimeout credential := auth.NewCredential() credential.PrivateKey = config.PrivateKey credential.PublicKey = config.PublicKey diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr/ucloud_udnr.go b/pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr/ucloud_udnr.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr/ucloud_udnr.go rename to pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr/ucloud_udnr.go index d1902747..12a51731 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr/ucloud_udnr.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr/ucloud_udnr.go @@ -4,9 +4,8 @@ import ( "errors" "time" - "github.com/go-acme/lego/v4/challenge" - - "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr/internal" + "github.com/certimate-go/certimate/pkg/core" + "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr/internal" ) type ChallengeProviderConfig struct { @@ -16,7 +15,7 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { return nil, errors.New("config is nil") } diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/vercel/vercel.go b/pkg/core/ssl-applicator/acme-dns01/providers/vercel/vercel.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/vercel/vercel.go rename to pkg/core/ssl-applicator/acme-dns01/providers/vercel/vercel.go index 35fb5f02..63a74638 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/vercel/vercel.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/vercel/vercel.go @@ -1,10 +1,12 @@ package vercel import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/vercel" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := vercel.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/volcengine/volcengine.go b/pkg/core/ssl-applicator/acme-dns01/providers/volcengine/volcengine.go similarity index 79% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/volcengine/volcengine.go rename to pkg/core/ssl-applicator/acme-dns01/providers/volcengine/volcengine.go index e0a1ae91..59134406 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/volcengine/volcengine.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/volcengine/volcengine.go @@ -1,10 +1,12 @@ package volcengine import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/volcengine" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := volcengine.NewDefaultConfig() diff --git a/internal/pkg/core/applicant/acme-dns-01/lego-providers/westcn/westcn.go b/pkg/core/ssl-applicator/acme-dns01/providers/westcn/westcn.go similarity index 78% rename from internal/pkg/core/applicant/acme-dns-01/lego-providers/westcn/westcn.go rename to pkg/core/ssl-applicator/acme-dns01/providers/westcn/westcn.go index f79c5a8c..c40c7f75 100644 --- a/internal/pkg/core/applicant/acme-dns-01/lego-providers/westcn/westcn.go +++ b/pkg/core/ssl-applicator/acme-dns01/providers/westcn/westcn.go @@ -1,10 +1,12 @@ package westcn import ( + "errors" "time" - "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/providers/dns/westcn" + + "github.com/certimate-go/certimate/pkg/core" ) type ChallengeProviderConfig struct { @@ -14,9 +16,9 @@ type ChallengeProviderConfig struct { DnsTTL int32 `json:"dnsTTL,omitempty"` } -func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) { +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the acme challenge provider is nil") } providerConfig := westcn.NewDefaultConfig() diff --git a/pkg/core/ssl-deployer/providers/1panel-console/1panel_console.go b/pkg/core/ssl-deployer/providers/1panel-console/1panel_console.go new file mode 100644 index 00000000..991dc531 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/1panel-console/1panel_console.go @@ -0,0 +1,136 @@ +package onepanelconsole + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "log/slog" + "strconv" + + "github.com/certimate-go/certimate/pkg/core" + onepanelsdk "github.com/certimate-go/certimate/pkg/sdk3rd/1panel" + onepanelsdkv2 "github.com/certimate-go/certimate/pkg/sdk3rd/1panel/v2" +) + +type SSLDeployerProviderConfig struct { + // 1Panel 服务地址。 + ServerUrl string `json:"serverUrl"` + // 1Panel 版本。 + // 可取值 "v1"、"v2"。 + ApiVersion string `json:"apiVersion"` + // 1Panel 接口密钥。 + ApiKey string `json:"apiKey"` + // 是否允许不安全的连接。 + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` + // 是否自动重启。 + AutoRestart bool `json:"autoRestart"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient any +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ServerUrl, config.ApiVersion, config.ApiKey, config.AllowInsecureConnections) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 设置面板 SSL 证书 + switch sdkClient := d.sdkClient.(type) { + case *onepanelsdk.Client: + { + updateSettingsSSLReq := &onepanelsdk.UpdateSettingsSSLRequest{ + Cert: certPEM, + Key: privkeyPEM, + SSL: "enable", + SSLType: "import-paste", + AutoRestart: strconv.FormatBool(d.config.AutoRestart), + } + updateSystemSSLResp, err := sdkClient.UpdateSettingsSSL(updateSettingsSSLReq) + d.logger.Debug("sdk request '1panel.UpdateSettingsSSL'", slog.Any("request", updateSettingsSSLReq), slog.Any("response", updateSystemSSLResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request '1panel.UpdateSettingsSSL': %w", err) + } + } + + case *onepanelsdkv2.Client: + { + updateCoreSettingsSSLReq := &onepanelsdkv2.UpdateCoreSettingsSSLRequest{ + Cert: certPEM, + Key: privkeyPEM, + SSL: "Enable", + SSLType: "import-paste", + AutoRestart: strconv.FormatBool(d.config.AutoRestart), + } + updateCoreSystemSSLResp, err := sdkClient.UpdateCoreSettingsSSL(updateCoreSettingsSSLReq) + d.logger.Debug("sdk request '1panel.UpdateCoreSettingsSSL'", slog.Any("request", updateCoreSettingsSSLReq), slog.Any("response", updateCoreSystemSSLResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request '1panel.UpdateCoreSettingsSSL': %w", err) + } + } + + default: + panic("sdk client is not implemented") + } + + return &core.SSLDeployResult{}, nil +} + +const ( + sdkVersionV1 = "v1" + sdkVersionV2 = "v2" +) + +func createSDKClient(serverUrl, apiVersion, apiKey string, skipTlsVerify bool) (any, error) { + if apiVersion == sdkVersionV1 { + client, err := onepanelsdk.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil + } else if apiVersion == sdkVersionV2 { + client, err := onepanelsdkv2.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil + } + + return nil, fmt.Errorf("invalid 1panel api version") +} diff --git a/internal/pkg/core/deployer/providers/1panel-console/1panel_console_test.go b/pkg/core/ssl-deployer/providers/1panel-console/1panel_console_test.go similarity index 72% rename from internal/pkg/core/deployer/providers/1panel-console/1panel_console_test.go rename to pkg/core/ssl-deployer/providers/1panel-console/1panel_console_test.go index 0feae021..7119a81e 100644 --- a/internal/pkg/core/deployer/providers/1panel-console/1panel_console_test.go +++ b/pkg/core/ssl-deployer/providers/1panel-console/1panel_console_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/1panel-console" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/1panel-console" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_1PANELCONSOLE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_1PANELCONSOLE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./1panel_console_test.go -args \ - --CERTIMATE_DEPLOYER_1PANELCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_1PANELCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_1PANELCONSOLE_SERVERURL="http://127.0.0.1:20410" \ - --CERTIMATE_DEPLOYER_1PANELCONSOLE_APIVERSION="v1" \ - --CERTIMATE_DEPLOYER_1PANELCONSOLE_APIKEY="your-api-key" + --CERTIMATE_SSLDEPLOYER_1PANELCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_1PANELCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_1PANELCONSOLE_SERVERURL="http://127.0.0.1:20410" \ + --CERTIMATE_SSLDEPLOYER_1PANELCONSOLE_APIVERSION="v1" \ + --CERTIMATE_SSLDEPLOYER_1PANELCONSOLE_APIKEY="your-api-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("APIKEY: %v", fApiKey), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiVersion: fApiVersion, ApiKey: fApiKey, diff --git a/pkg/core/ssl-deployer/providers/1panel-site/1panel_site.go b/pkg/core/ssl-deployer/providers/1panel-site/1panel_site.go new file mode 100644 index 00000000..985809d7 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/1panel-site/1panel_site.go @@ -0,0 +1,273 @@ +package onepanelsite + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "log/slog" + "strconv" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/1panel-ssl" + onepanelsdk "github.com/certimate-go/certimate/pkg/sdk3rd/1panel" + onepanelsdkv2 "github.com/certimate-go/certimate/pkg/sdk3rd/1panel/v2" +) + +type SSLDeployerProviderConfig struct { + // 1Panel 服务地址。 + ServerUrl string `json:"serverUrl"` + // 1Panel 版本。 + // 可取值 "v1"、"v2"。 + ApiVersion string `json:"apiVersion"` + // 1Panel 接口密钥。 + ApiKey string `json:"apiKey"` + // 是否允许不安全的连接。 + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` + // 部署资源类型。 + ResourceType ResourceType `json:"resourceType"` + // 网站 ID。 + // 部署资源类型为 [RESOURCE_TYPE_WEBSITE] 时必填。 + WebsiteId int64 `json:"websiteId,omitempty"` + // 证书 ID。 + // 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时必填。 + CertificateId int64 `json:"certificateId,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient any + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ServerUrl, config.ApiVersion, config.ApiKey, config.AllowInsecureConnections) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + ServerUrl: config.ServerUrl, + ApiVersion: config.ApiVersion, + ApiKey: config.ApiKey, + AllowInsecureConnections: config.AllowInsecureConnections, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 根据部署资源类型决定部署方式 + switch d.config.ResourceType { + case RESOURCE_TYPE_WEBSITE: + if err := d.deployToWebsite(ctx, certPEM, privkeyPEM); err != nil { + return nil, err + } + + case RESOURCE_TYPE_CERTIFICATE: + if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil { + return nil, err + } + + default: + return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) + } + + return &core.SSLDeployResult{}, nil +} + +func (d *SSLDeployerProvider) deployToWebsite(ctx context.Context, certPEM string, privkeyPEM string) error { + if d.config.WebsiteId == 0 { + return errors.New("config `websiteId` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + switch sdkClient := d.sdkClient.(type) { + case *onepanelsdk.Client: + { + // 获取网站 HTTPS 配置 + getHttpsConfResp, err := sdkClient.GetHttpsConf(d.config.WebsiteId) + d.logger.Debug("sdk request '1panel.GetHttpsConf'", slog.Int64("websiteId", d.config.WebsiteId), slog.Any("response", getHttpsConfResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request '1panel.GetHttpsConf': %w", err) + } + + // 修改网站 HTTPS 配置 + certId, _ := strconv.ParseInt(upres.CertId, 10, 64) + updateHttpsConfReq := &onepanelsdk.UpdateHttpsConfRequest{ + WebsiteID: d.config.WebsiteId, + Type: "existed", + WebsiteSSLID: certId, + Enable: getHttpsConfResp.Data.Enable, + HttpConfig: getHttpsConfResp.Data.HttpConfig, + SSLProtocol: getHttpsConfResp.Data.SSLProtocol, + Algorithm: getHttpsConfResp.Data.Algorithm, + Hsts: getHttpsConfResp.Data.Hsts, + } + updateHttpsConfResp, err := sdkClient.UpdateHttpsConf(d.config.WebsiteId, updateHttpsConfReq) + d.logger.Debug("sdk request '1panel.UpdateHttpsConf'", slog.Int64("websiteId", d.config.WebsiteId), slog.Any("request", updateHttpsConfReq), slog.Any("response", updateHttpsConfResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request '1panel.UpdateHttpsConf': %w", err) + } + } + + case *onepanelsdkv2.Client: + { + // 获取网站 HTTPS 配置 + getHttpsConfResp, err := sdkClient.GetHttpsConf(d.config.WebsiteId) + d.logger.Debug("sdk request '1panel.GetHttpsConf'", slog.Int64("websiteId", d.config.WebsiteId), slog.Any("response", getHttpsConfResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request '1panel.GetHttpsConf': %w", err) + } + + // 修改网站 HTTPS 配置 + certId, _ := strconv.ParseInt(upres.CertId, 10, 64) + updateHttpsConfReq := &onepanelsdkv2.UpdateHttpsConfRequest{ + WebsiteID: d.config.WebsiteId, + Type: "existed", + WebsiteSSLID: certId, + Enable: getHttpsConfResp.Data.Enable, + HttpConfig: getHttpsConfResp.Data.HttpConfig, + SSLProtocol: getHttpsConfResp.Data.SSLProtocol, + Algorithm: getHttpsConfResp.Data.Algorithm, + Hsts: getHttpsConfResp.Data.Hsts, + } + updateHttpsConfResp, err := sdkClient.UpdateHttpsConf(d.config.WebsiteId, updateHttpsConfReq) + d.logger.Debug("sdk request '1panel.UpdateHttpsConf'", slog.Int64("websiteId", d.config.WebsiteId), slog.Any("request", updateHttpsConfReq), slog.Any("response", updateHttpsConfResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request '1panel.UpdateHttpsConf': %w", err) + } + } + + default: + panic("sdk client is not implemented") + } + + return nil +} + +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { + if d.config.CertificateId == 0 { + return errors.New("config `certificateId` is required") + } + + switch sdkClient := d.sdkClient.(type) { + case *onepanelsdk.Client: + { + // 获取证书详情 + getWebsiteSSLResp, err := sdkClient.GetWebsiteSSL(d.config.CertificateId) + d.logger.Debug("sdk request '1panel.GetWebsiteSSL'", slog.Any("sslId", d.config.CertificateId), slog.Any("response", getWebsiteSSLResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request '1panel.GetWebsiteSSL': %w", err) + } + + // 更新证书 + uploadWebsiteSSLReq := &onepanelsdk.UploadWebsiteSSLRequest{ + SSLID: d.config.CertificateId, + Type: "paste", + Description: getWebsiteSSLResp.Data.Description, + Certificate: certPEM, + PrivateKey: privkeyPEM, + } + uploadWebsiteSSLResp, err := sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq) + d.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err) + } + } + + case *onepanelsdkv2.Client: + { + // 获取证书详情 + getWebsiteSSLResp, err := sdkClient.GetWebsiteSSL(d.config.CertificateId) + d.logger.Debug("sdk request '1panel.GetWebsiteSSL'", slog.Any("sslId", d.config.CertificateId), slog.Any("response", getWebsiteSSLResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request '1panel.GetWebsiteSSL': %w", err) + } + + // 更新证书 + uploadWebsiteSSLReq := &onepanelsdkv2.UploadWebsiteSSLRequest{ + SSLID: d.config.CertificateId, + Type: "paste", + Description: getWebsiteSSLResp.Data.Description, + Certificate: certPEM, + PrivateKey: privkeyPEM, + } + uploadWebsiteSSLResp, err := sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq) + d.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err) + } + } + + default: + panic("sdk client is not implemented") + } + + return nil +} + +const ( + sdkVersionV1 = "v1" + sdkVersionV2 = "v2" +) + +func createSDKClient(serverUrl, apiVersion, apiKey string, skipTlsVerify bool) (any, error) { + if apiVersion == sdkVersionV1 { + client, err := onepanelsdk.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil + } else if apiVersion == sdkVersionV2 { + client, err := onepanelsdkv2.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil + } + + return nil, fmt.Errorf("invalid 1panel api version") +} diff --git a/internal/pkg/core/deployer/providers/1panel-site/1panel_site_test.go b/pkg/core/ssl-deployer/providers/1panel-site/1panel_site_test.go similarity index 73% rename from internal/pkg/core/deployer/providers/1panel-site/1panel_site_test.go rename to pkg/core/ssl-deployer/providers/1panel-site/1panel_site_test.go index 91b1ebb0..572e23f6 100644 --- a/internal/pkg/core/deployer/providers/1panel-site/1panel_site_test.go +++ b/pkg/core/ssl-deployer/providers/1panel-site/1panel_site_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/1panel-site" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/1panel-site" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_1PANELSITE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_1PANELSITE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./1panel_site_test.go -args \ - --CERTIMATE_DEPLOYER_1PANELSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_1PANELSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_1PANELSITE_SERVERURL="http://127.0.0.1:20410" \ - --CERTIMATE_DEPLOYER_1PANELSITE_APIVERSION="v1" \ - --CERTIMATE_DEPLOYER_1PANELSITE_APIKEY="your-api-key" \ - --CERTIMATE_DEPLOYER_1PANELSITE_WEBSITEID="your-website-id" + --CERTIMATE_SSLDEPLOYER_1PANELSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_1PANELSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_1PANELSITE_SERVERURL="http://127.0.0.1:20410" \ + --CERTIMATE_SSLDEPLOYER_1PANELSITE_APIVERSION="v1" \ + --CERTIMATE_SSLDEPLOYER_1PANELSITE_APIKEY="your-api-key" \ + --CERTIMATE_SSLDEPLOYER_1PANELSITE_WEBSITEID="your-website-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("WEBSITEID: %v", fWebsiteId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiVersion: fApiVersion, ApiKey: fApiKey, diff --git a/internal/pkg/core/deployer/providers/1panel-site/consts.go b/pkg/core/ssl-deployer/providers/1panel-site/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/1panel-site/consts.go rename to pkg/core/ssl-deployer/providers/1panel-site/consts.go diff --git a/internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb.go b/pkg/core/ssl-deployer/providers/aliyun-alb/aliyun_alb.go similarity index 88% rename from internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb.go rename to pkg/core/ssl-deployer/providers/aliyun-alb/aliyun_alb.go index 0f22091a..ac7bc70e 100644 --- a/internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb.go +++ b/pkg/core/ssl-deployer/providers/aliyun-alb/aliyun_alb.go @@ -15,12 +15,11 @@ import ( "github.com/alibabacloud-go/tea/tea" "golang.org/x/exp/slices" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -42,56 +41,56 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClients *wSdkClients - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClients *wSDKClients + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -type wSdkClients struct { +type wSDKClients struct { ALB *alialb.Client CAS *alicas.Client } -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - clients, err := createSdkClients(config.AccessKeyId, config.AccessKeySecret, config.Region) + clients, err := createSDKClients(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk clients: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClients: clients, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClients: clients, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -114,10 +113,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -231,7 +230,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.ListenerId == "" { return errors.New("config `listenerId` is required") } @@ -244,7 +243,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { // 查询监听的属性 // REF: https://help.aliyun.com/zh/slb/application-load-balancer/developer-reference/api-alb-2020-06-16-getlistenerattribute getListenerAttributeReq := &alialb.GetListenerAttributeRequest{ @@ -421,7 +420,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClients(accessKeyId, accessKeySecret, region string) (*wSdkClients, error) { +func createSDKClients(accessKeyId, accessKeySecret, region string) (*wSDKClients, error) { // 接入点一览 https://api.aliyun.com/product/Alb var albEndpoint string switch region { @@ -459,13 +458,13 @@ func createSdkClients(accessKeyId, accessKeySecret, region string) (*wSdkClients return nil, err } - return &wSdkClients{ + return &wSDKClients{ ALB: albClient, CAS: casClient, }, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region string) (uploader.Uploader, error) { +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) { casRegion := region if casRegion != "" { // 阿里云 CAS 服务接入点是独立于 ALB 服务的 @@ -478,11 +477,11 @@ func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region str } } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: casRegion, }) - return uploader, err + return sslmgr, err } diff --git a/internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb_test.go b/pkg/core/ssl-deployer/providers/aliyun-alb/aliyun_alb_test.go similarity index 77% rename from internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb_test.go rename to pkg/core/ssl-deployer/providers/aliyun-alb/aliyun_alb_test.go index 11d5b565..6e6f37aa 100644 --- a/internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-alb/aliyun_alb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-alb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-alb" ) var ( @@ -23,7 +23,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNALB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNALB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -39,14 +39,14 @@ func init() { Shell command to run this test: go test -v ./aliyun_alb_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNALB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNALB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNALB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNALB_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNALB_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNALB_LOADBALANCERID="your-alb-instance-id" \ - --CERTIMATE_DEPLOYER_ALIYUNALB_LISTENERID="your-alb-listener-id" \ - --CERTIMATE_DEPLOYER_ALIYUNALB_DOMAIN="your-alb-sni-domain" + --CERTIMATE_SSLDEPLOYER_ALIYUNALB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNALB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNALB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNALB_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNALB_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNALB_LOADBALANCERID="your-alb-instance-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNALB_LISTENERID="your-alb-listener-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNALB_DOMAIN="your-alb-sni-domain" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -63,7 +63,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, @@ -99,7 +99,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-alb/consts.go b/pkg/core/ssl-deployer/providers/aliyun-alb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/aliyun-alb/consts.go rename to pkg/core/ssl-deployer/providers/aliyun-alb/consts.go diff --git a/internal/pkg/core/deployer/providers/aliyun-apigw/aliyun_apigw.go b/pkg/core/ssl-deployer/providers/aliyun-apigw/aliyun_apigw.go similarity index 79% rename from internal/pkg/core/deployer/providers/aliyun-apigw/aliyun_apigw.go rename to pkg/core/ssl-deployer/providers/aliyun-apigw/aliyun_apigw.go index 12f0f3d7..c9a2b61f 100644 --- a/internal/pkg/core/deployer/providers/aliyun-apigw/aliyun_apigw.go +++ b/pkg/core/ssl-deployer/providers/aliyun-apigw/aliyun_apigw.go @@ -13,13 +13,12 @@ import ( aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -40,53 +39,52 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClients *wSdkClients - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClients *wSDKClients + sslManager core.SSLManager } -type wSdkClients struct { +type wSDKClients struct { CloudNativeAPIGateway *aliapig.Client TraditionalAPIGateway *alicloudapi.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - clients, err := createSdkClients(config.AccessKeyId, config.AccessKeySecret, config.Region) + clients, err := createSDKClients(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk clients: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClients: clients, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClients: clients, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { switch d.config.ServiceType { case SERVICE_TYPE_TRADITIONAL: if err := d.deployToTraditional(ctx, certPEM, privkeyPEM); err != nil { @@ -102,10 +100,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported service type '%s'", string(d.config.ServiceType)) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToTraditional(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToTraditional(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.GroupId == "" { return errors.New("config `groupId` is required") } @@ -131,7 +129,7 @@ func (d *DeployerProvider) deployToTraditional(ctx context.Context, certPEM stri return nil } -func (d *DeployerProvider) deployToCloudNative(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToCloudNative(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.GatewayId == "" { return errors.New("config `gatewayId` is required") } @@ -152,7 +150,7 @@ func (d *DeployerProvider) deployToCloudNative(ctx context.Context, certPEM stri } listDomainsReq := &aliapig.ListDomainsRequest{ - ResourceGroupId: typeutil.ToPtrOrZeroNil(d.config.ResourceGroupId), + ResourceGroupId: xtypes.ToPtrOrZeroNil(d.config.ResourceGroupId), GatewayId: tea.String(d.config.GatewayId), NameLike: tea.String(d.config.Domain), PageNumber: tea.Int32(listDomainsPageNumber), @@ -196,8 +194,8 @@ func (d *DeployerProvider) deployToCloudNative(ctx context.Context, certPEM stri return fmt.Errorf("failed to execute sdk request 'apig.GetDomain': %w", err) } - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -225,7 +223,7 @@ func (d *DeployerProvider) deployToCloudNative(ctx context.Context, certPEM stri return nil } -func createSdkClients(accessKeyId, accessKeySecret, region string) (*wSdkClients, error) { +func createSDKClients(accessKeyId, accessKeySecret, region string) (*wSDKClients, error) { // 接入点一览 https://api.aliyun.com/product/APIG cloudNativeAPIGEndpoint := strings.ReplaceAll(fmt.Sprintf("apig.%s.aliyuncs.com", region), "..", ".") cloudNativeAPIGConfig := &aliopen.Config{ @@ -250,13 +248,13 @@ func createSdkClients(accessKeyId, accessKeySecret, region string) (*wSdkClients return nil, err } - return &wSdkClients{ + return &wSDKClients{ CloudNativeAPIGateway: cloudNativeAPIGClient, TraditionalAPIGateway: traditionalAPIGClient, }, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region string) (uploader.Uploader, error) { +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) { casRegion := region if casRegion != "" { // 阿里云 CAS 服务接入点是独立于 APIGateway 服务的 @@ -269,11 +267,11 @@ func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region str } } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: casRegion, }) - return uploader, err + return sslmgr, err } diff --git a/internal/pkg/core/deployer/providers/aliyun-apigw/aliyun_apigw_test.go b/pkg/core/ssl-deployer/providers/aliyun-apigw/aliyun_apigw_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-apigw/aliyun_apigw_test.go rename to pkg/core/ssl-deployer/providers/aliyun-apigw/aliyun_apigw_test.go index 7807a927..62d437c6 100644 --- a/internal/pkg/core/deployer/providers/aliyun-apigw/aliyun_apigw_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-apigw/aliyun_apigw_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-apigw" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-apigw" ) var ( @@ -24,7 +24,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNAPIGW_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -41,15 +41,15 @@ func init() { Shell command to run this test: go test -v ./aliyun_apigw_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_GATEWAYID="your-api-gateway-id" \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_GROUPID="your-api-group-id" \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_SERVICETYPE="cloudnative" \ - --CERTIMATE_DEPLOYER_ALIYUNAPIGW_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_GATEWAYID="your-api-gateway-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_GROUPID="your-api-group-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_SERVICETYPE="cloudnative" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNAPIGW_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -68,7 +68,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-apigw/consts.go b/pkg/core/ssl-deployer/providers/aliyun-apigw/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/aliyun-apigw/consts.go rename to pkg/core/ssl-deployer/providers/aliyun-apigw/consts.go diff --git a/internal/pkg/core/deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go b/pkg/core/ssl-deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go similarity index 75% rename from internal/pkg/core/deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go rename to pkg/core/ssl-deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go index cfcdaa18..6fa587bc 100644 --- a/internal/pkg/core/deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go +++ b/pkg/core/ssl-deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go @@ -12,12 +12,11 @@ import ( aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -33,55 +32,55 @@ type DeployerConfig struct { ContactIds []string `json:"contactIds"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *alicas.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *alicas.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if len(d.config.ResourceIds) == 0 { return nil, errors.New("config `resourceIds` is required") } - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -152,10 +151,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE time.Sleep(time.Second * 5) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*alicas.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*alicas.Client, error) { // 接入点一览 https://api.aliyun.com/product/cas var endpoint string switch region { @@ -179,7 +178,7 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*alicas.Clien return client, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region string) (uploader.Uploader, error) { +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) { casRegion := region if casRegion != "" { // 阿里云 CAS 服务接入点是独立于其他服务的 @@ -192,11 +191,11 @@ func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region str } } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: casRegion, }) - return uploader, err + return sslmgr, err } diff --git a/pkg/core/ssl-deployer/providers/aliyun-cas/aliyun_cas.go b/pkg/core/ssl-deployer/providers/aliyun-cas/aliyun_cas.go new file mode 100644 index 00000000..a95272d4 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/aliyun-cas/aliyun_cas.go @@ -0,0 +1,74 @@ +package aliyuncas + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas" +) + +type SSLDeployerProviderConfig struct { + // 阿里云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 阿里云 AccessKeySecret。 + AccessKeySecret string `json:"accessKeySecret"` + // 阿里云资源组 ID。 + ResourceGroupId string `json:"resourceGroupId,omitempty"` + // 阿里云地域。 + Region string `json:"region"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + AccessKeySecret: config.AccessKeySecret, + ResourceGroupId: config.ResourceGroupId, + Region: config.Region, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + return &core.SSLDeployResult{}, nil +} diff --git a/internal/pkg/core/deployer/providers/aliyun-cdn/aliyun_cdn.go b/pkg/core/ssl-deployer/providers/aliyun-cdn/aliyun_cdn.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-cdn/aliyun_cdn.go rename to pkg/core/ssl-deployer/providers/aliyun-cdn/aliyun_cdn.go index 96dd211f..a59924d7 100644 --- a/internal/pkg/core/deployer/providers/aliyun-cdn/aliyun_cdn.go +++ b/pkg/core/ssl-deployer/providers/aliyun-cdn/aliyun_cdn.go @@ -2,6 +2,7 @@ package aliyuncdn import ( "context" + "errors" "fmt" "log/slog" "strings" @@ -10,11 +11,10 @@ import ( alicdn "github.com/alibabacloud-go/cdn-20180510/v5/client" aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client" "github.com/alibabacloud-go/tea/tea" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" + "github.com/certimate-go/certimate/pkg/core" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -25,41 +25,40 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *alicdn.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // "*.example.com" → ".example.com",适配阿里云 CDN 要求的泛域名格式 domain := strings.TrimPrefix(d.config.Domain, "*") @@ -79,10 +78,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cdn.SetCdnDomainSSLCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*alicdn.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret string) (*alicdn.Client, error) { config := &aliopen.Config{ AccessKeyId: tea.String(accessKeyId), AccessKeySecret: tea.String(accessKeySecret), diff --git a/internal/pkg/core/deployer/providers/aliyun-cdn/aliyun_cdn_test.go b/pkg/core/ssl-deployer/providers/aliyun-cdn/aliyun_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-cdn/aliyun_cdn_test.go rename to pkg/core/ssl-deployer/providers/aliyun-cdn/aliyun_cdn_test.go index b07611da..271edc3d 100644 --- a/internal/pkg/core/deployer/providers/aliyun-cdn/aliyun_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-cdn/aliyun_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./aliyun_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNCDN_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_ALIYUNCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCDN_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb.go b/pkg/core/ssl-deployer/providers/aliyun-clb/aliyun_clb.go similarity index 83% rename from internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb.go rename to pkg/core/ssl-deployer/providers/aliyun-clb/aliyun_clb.go index 1722e4fd..b0abdcaf 100644 --- a/internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb.go +++ b/pkg/core/ssl-deployer/providers/aliyun-clb/aliyun_clb.go @@ -10,12 +10,11 @@ import ( alislb "github.com/alibabacloud-go/slb-20140515/v4/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-slb" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-slb" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -37,51 +36,51 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *alislb.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *alislb.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SLB - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -104,10 +103,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -188,7 +187,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -204,7 +203,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudListenerPort int32, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudListenerPort int32, cloudCertId string) error { // 查询监听配置 // REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-describeloadbalancerhttpslistenerattribute describeLoadBalancerHTTPSListenerAttributeReq := &alislb.DescribeLoadBalancerHTTPSListenerAttributeRequest{ @@ -281,7 +280,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*alislb.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*alislb.Client, error) { // 接入点一览 https://api.aliyun.com/product/Slb var endpoint string switch region { @@ -309,12 +308,12 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*alislb.Clien return client, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region string) (uploader.Uploader, error) { - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) { + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: region, }) - return uploader, err + return sslmgr, err } diff --git a/internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb_test.go b/pkg/core/ssl-deployer/providers/aliyun-clb/aliyun_clb_test.go similarity index 77% rename from internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb_test.go rename to pkg/core/ssl-deployer/providers/aliyun-clb/aliyun_clb_test.go index dfa46173..3477cf36 100644 --- a/internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-clb/aliyun_clb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-clb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-clb" ) var ( @@ -23,7 +23,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNCLB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNCLB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -39,14 +39,14 @@ func init() { Shell command to run this test: go test -v ./aliyun_clb_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNCLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNCLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNCLB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNCLB_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNCLB_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNCLB_LOADBALANCERID="your-clb-instance-id" \ - --CERTIMATE_DEPLOYER_ALIYUNCLB_LISTENERPORT=443 \ - --CERTIMATE_DEPLOYER_ALIYUNCLB_DOMAIN="your-clb-sni-domain" + --CERTIMATE_SSLDEPLOYER_ALIYUNCLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCLB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCLB_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCLB_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCLB_LOADBALANCERID="your-clb-instance-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCLB_LISTENERPORT=443 \ + --CERTIMATE_SSLDEPLOYER_ALIYUNCLB_DOMAIN="your-clb-sni-domain" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -63,7 +63,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, @@ -99,7 +99,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LISTENERPORT: %v", fListenerPort), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-clb/consts.go b/pkg/core/ssl-deployer/providers/aliyun-clb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/aliyun-clb/consts.go rename to pkg/core/ssl-deployer/providers/aliyun-clb/consts.go diff --git a/internal/pkg/core/deployer/providers/aliyun-dcdn/aliyun_dcdn.go b/pkg/core/ssl-deployer/providers/aliyun-dcdn/aliyun_dcdn.go similarity index 70% rename from internal/pkg/core/deployer/providers/aliyun-dcdn/aliyun_dcdn.go rename to pkg/core/ssl-deployer/providers/aliyun-dcdn/aliyun_dcdn.go index a5109163..6118828f 100644 --- a/internal/pkg/core/deployer/providers/aliyun-dcdn/aliyun_dcdn.go +++ b/pkg/core/ssl-deployer/providers/aliyun-dcdn/aliyun_dcdn.go @@ -2,6 +2,7 @@ package aliyundcdn import ( "context" + "errors" "fmt" "log/slog" "strings" @@ -10,11 +11,10 @@ import ( aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client" alidcdn "github.com/alibabacloud-go/dcdn-20180115/v3/client" "github.com/alibabacloud-go/tea/tea" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" + "github.com/certimate-go/certimate/pkg/core" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -25,41 +25,44 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *alidcdn.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + // "*.example.com" → ".example.com",适配阿里云 DCDN 要求的泛域名格式 domain := strings.TrimPrefix(d.config.Domain, "*") @@ -79,10 +82,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'dcdn.SetDcdnDomainSSLCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*alidcdn.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret string) (*alidcdn.Client, error) { config := &aliopen.Config{ AccessKeyId: tea.String(accessKeyId), AccessKeySecret: tea.String(accessKeySecret), diff --git a/internal/pkg/core/deployer/providers/aliyun-dcdn/aliyun_dcdn_test.go b/pkg/core/ssl-deployer/providers/aliyun-dcdn/aliyun_dcdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-dcdn/aliyun_dcdn_test.go rename to pkg/core/ssl-deployer/providers/aliyun-dcdn/aliyun_dcdn_test.go index deb489c6..33c213c5 100644 --- a/internal/pkg/core/deployer/providers/aliyun-dcdn/aliyun_dcdn_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-dcdn/aliyun_dcdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-dcdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-dcdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./aliyun_dcdn_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNDCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNDCDN_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNDCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_ALIYUNDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDCDN_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/aliyun-ddos/aliyun_ddos.go b/pkg/core/ssl-deployer/providers/aliyun-ddos/aliyun_ddos.go similarity index 62% rename from internal/pkg/core/deployer/providers/aliyun-ddos/aliyun_ddos.go rename to pkg/core/ssl-deployer/providers/aliyun-ddos/aliyun_ddos.go index f0bd3476..1e5ed9ab 100644 --- a/internal/pkg/core/deployer/providers/aliyun-ddos/aliyun_ddos.go +++ b/pkg/core/ssl-deployer/providers/aliyun-ddos/aliyun_ddos.go @@ -12,12 +12,11 @@ import ( aliddos "github.com/alibabacloud-go/ddoscoo-20200101/v4/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-slb" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-slb" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -30,55 +29,55 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *aliddos.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *aliddos.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Domain == "" { return nil, errors.New("config `domain` is required") } - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -98,10 +97,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'dcdn.AssociateWebCert': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliddos.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*aliddos.Client, error) { // 接入点一览 https://api.aliyun.com/product/ddoscoo config := &aliopen.Config{ AccessKeyId: tea.String(accessKeyId), @@ -117,7 +116,7 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliddos.Clie return client, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region string) (uploader.Uploader, error) { +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) { casRegion := region if casRegion != "" { // 阿里云 CAS 服务接入点是独立于 Anti-DDoS 服务的 @@ -130,11 +129,11 @@ func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region str } } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: casRegion, }) - return uploader, err + return sslmgr, err } diff --git a/internal/pkg/core/deployer/providers/aliyun-ddos/aliyun_ddos_test.go b/pkg/core/ssl-deployer/providers/aliyun-ddos/aliyun_ddos_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-ddos/aliyun_ddos_test.go rename to pkg/core/ssl-deployer/providers/aliyun-ddos/aliyun_ddos_test.go index b7f5ad34..180b2ad2 100644 --- a/internal/pkg/core/deployer/providers/aliyun-ddos/aliyun_ddos_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-ddos/aliyun_ddos_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-ddos" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-ddos" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNDDOS_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNDDOS_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./aliyun_ddos_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNDDOS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNDDOS_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNDDOS_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNDDOS_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNDDOS_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNDDOS_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_ALIYUNDDOS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDDOS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDDOS_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDDOS_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDDOS_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNDDOS_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa.go b/pkg/core/ssl-deployer/providers/aliyun-esa/aliyun_esa.go similarity index 61% rename from internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa.go rename to pkg/core/ssl-deployer/providers/aliyun-esa/aliyun_esa.go index e4906fb5..e3bb0374 100644 --- a/internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa.go +++ b/pkg/core/ssl-deployer/providers/aliyun-esa/aliyun_esa.go @@ -12,12 +12,11 @@ import ( aliesa "github.com/alibabacloud-go/esa-20240910/v2/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -30,55 +29,55 @@ type DeployerConfig struct { SiteId int64 `json:"siteId"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *aliesa.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *aliesa.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.SiteId == 0 { return nil, errors.New("config `siteId` is required") } - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -99,10 +98,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'esa.SetCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliesa.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*aliesa.Client, error) { // 接入点一览 https://api.aliyun.com/product/ESA config := &aliopen.Config{ AccessKeyId: tea.String(accessKeyId), @@ -118,7 +117,7 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliesa.Clien return client, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region string) (uploader.Uploader, error) { +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) { casRegion := region if casRegion != "" { // 阿里云 CAS 服务接入点是独立于 ESA 服务的 @@ -131,11 +130,11 @@ func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region str } } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: casRegion, }) - return uploader, err + return sslmgr, err } diff --git a/internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa_test.go b/pkg/core/ssl-deployer/providers/aliyun-esa/aliyun_esa_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa_test.go rename to pkg/core/ssl-deployer/providers/aliyun-esa/aliyun_esa_test.go index 0b66d2fb..fd15320b 100644 --- a/internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-esa/aliyun_esa_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-esa" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-esa" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNESA_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNESA_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./aliyun_esa_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNESA_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNESA_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNESA_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNESA_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNESA_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNESA_SITEID="your-esa-site-id" + --CERTIMATE_SSLDEPLOYER_ALIYUNESA_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNESA_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNESA_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNESA_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNESA_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNESA_SITEID="your-esa-site-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SITEID: %v", fSiteId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc.go b/pkg/core/ssl-deployer/providers/aliyun-fc/aliyun_fc.go similarity index 80% rename from internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc.go rename to pkg/core/ssl-deployer/providers/aliyun-fc/aliyun_fc.go index 1ff046c3..4a5d2a16 100644 --- a/internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc.go +++ b/pkg/core/ssl-deployer/providers/aliyun-fc/aliyun_fc.go @@ -2,6 +2,7 @@ package aliyunfc import ( "context" + "errors" "fmt" "log/slog" "strings" @@ -11,11 +12,10 @@ import ( alifc3 "github.com/alibabacloud-go/fc-20230330/v4/client" alifc2 "github.com/alibabacloud-go/fc-open-20210406/v2/client" "github.com/alibabacloud-go/tea/tea" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" + "github.com/certimate-go/certimate/pkg/core" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -31,46 +31,45 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger - sdkClients *wSdkClients + sdkClients *wSDKClients } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -type wSdkClients struct { +type wSDKClients struct { FC2 *alifc2.Client FC3 *alifc3.Client } -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - clients, err := createSdkClients(config.AccessKeyId, config.AccessKeySecret, config.Region) + clients, err := createSDKClients(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk clients: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClients: clients, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { switch d.config.ServiceVersion { case "3", "3.0": if err := d.deployToFC3(ctx, certPEM, privkeyPEM); err != nil { @@ -86,10 +85,14 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported service version '%s'", d.config.ServiceVersion) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToFC3(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToFC3(ctx context.Context, certPEM string, privkeyPEM string) error { + if d.config.Domain == "" { + return errors.New("config `domain` is required") + } + // 获取自定义域名 // REF: https://help.aliyun.com/zh/functioncompute/fc-3-0/developer-reference/api-fc-2023-03-30-getcustomdomain getCustomDomainResp, err := d.sdkClients.FC3.GetCustomDomain(tea.String(d.config.Domain)) @@ -123,7 +126,11 @@ func (d *DeployerProvider) deployToFC3(ctx context.Context, certPEM string, priv return nil } -func (d *DeployerProvider) deployToFC2(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToFC2(ctx context.Context, certPEM string, privkeyPEM string) error { + if d.config.Domain == "" { + return errors.New("config `domain` is required") + } + // 获取自定义域名 // REF: https://help.aliyun.com/zh/functioncompute/fc-2-0/developer-reference/api-fc-open-2021-04-06-getcustomdomain getCustomDomainResp, err := d.sdkClients.FC2.GetCustomDomain(tea.String(d.config.Domain)) @@ -155,7 +162,7 @@ func (d *DeployerProvider) deployToFC2(ctx context.Context, certPEM string, priv return nil } -func createSdkClients(accessKeyId, accessKeySecret, region string) (*wSdkClients, error) { +func createSDKClients(accessKeyId, accessKeySecret, region string) (*wSDKClients, error) { // 接入点一览 https://api.aliyun.com/product/FC-Open var fc2Endpoint string switch region { @@ -189,7 +196,7 @@ func createSdkClients(accessKeyId, accessKeySecret, region string) (*wSdkClients return nil, err } - return &wSdkClients{ + return &wSDKClients{ FC2: fc2Client, FC3: fc3Client, }, nil diff --git a/internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc_test.go b/pkg/core/ssl-deployer/providers/aliyun-fc/aliyun_fc_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc_test.go rename to pkg/core/ssl-deployer/providers/aliyun-fc/aliyun_fc_test.go index 215ec93b..de03a75d 100644 --- a/internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-fc/aliyun_fc_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-fc" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-fc" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNFC_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNFC_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./aliyun_fc_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNFC_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNFC_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNFC_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNFC_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNFC_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNFC_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_ALIYUNFC_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNFC_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNFC_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNFC_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNFC_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNFC_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-ga/aliyun_ga.go b/pkg/core/ssl-deployer/providers/aliyun-ga/aliyun_ga.go similarity index 80% rename from internal/pkg/core/deployer/providers/aliyun-ga/aliyun_ga.go rename to pkg/core/ssl-deployer/providers/aliyun-ga/aliyun_ga.go index 6ea13077..6307486c 100644 --- a/internal/pkg/core/deployer/providers/aliyun-ga/aliyun_ga.go +++ b/pkg/core/ssl-deployer/providers/aliyun-ga/aliyun_ga.go @@ -11,13 +11,12 @@ import ( aliga "github.com/alibabacloud-go/ga-20191120/v3/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -36,51 +35,51 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *aliga.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *aliga.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -103,10 +102,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToAccelerator(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToAccelerator(ctx context.Context, cloudCertId string) error { if d.config.AcceleratorId == "" { return errors.New("config `acceleratorId` is required") } @@ -176,7 +175,7 @@ func (d *DeployerProvider) deployToAccelerator(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.AcceleratorId == "" { return errors.New("config `acceleratorId` is required") } @@ -192,7 +191,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudAcceleratorId string, cloudListenerId string, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudAcceleratorId string, cloudListenerId string, cloudCertId string) error { // 查询监听绑定的证书列表 // REF: https://help.aliyun.com/zh/ga/developer-reference/api-ga-2019-11-20-listlistenercertificates var listenerDefaultCertificate *aliga.ListListenerCertificatesResponseBodyCertificates @@ -201,7 +200,8 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudA for { listListenerCertificatesReq := &aliga.ListListenerCertificatesRequest{ RegionId: tea.String("cn-hangzhou"), - AcceleratorId: tea.String(d.config.AcceleratorId), + AcceleratorId: tea.String(cloudAcceleratorId), + ListenerId: tea.String(cloudListenerId), NextToken: listListenerCertificatesNextToken, MaxResults: tea.Int32(20), } @@ -251,14 +251,14 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudA } } else { // 指定 SNI,需部署到扩展域名 - if sliceutil.Some(listenerAdditionalCertificates, func(item *aliga.ListListenerCertificatesResponseBodyCertificates) bool { + if xslices.Some(listenerAdditionalCertificates, func(item *aliga.ListListenerCertificatesResponseBodyCertificates) bool { return tea.StringValue(item.CertificateId) == cloudCertId }) { d.logger.Info("no need to update ga listener additional certificate") return nil } - if sliceutil.Some(listenerAdditionalCertificates, func(item *aliga.ListListenerCertificatesResponseBodyCertificates) bool { + if xslices.Some(listenerAdditionalCertificates, func(item *aliga.ListListenerCertificatesResponseBodyCertificates) bool { return tea.StringValue(item.Domain) == d.config.Domain }) { // 为监听替换扩展证书 @@ -298,7 +298,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudA return nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*aliga.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret string) (*aliga.Client, error) { // 接入点一览 https://api.aliyun.com/product/Ga config := &aliopen.Config{ AccessKeyId: tea.String(accessKeyId), @@ -314,12 +314,12 @@ func createSdkClient(accessKeyId, accessKeySecret string) (*aliga.Client, error) return client, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId string) (uploader.Uploader, error) { - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId string) (core.SSLManager, error) { + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: "cn-hangzhou", }) - return uploader, err + return sslmgr, err } diff --git a/internal/pkg/core/deployer/providers/aliyun-ga/aliyun_ga_test.go b/pkg/core/ssl-deployer/providers/aliyun-ga/aliyun_ga_test.go similarity index 77% rename from internal/pkg/core/deployer/providers/aliyun-ga/aliyun_ga_test.go rename to pkg/core/ssl-deployer/providers/aliyun-ga/aliyun_ga_test.go index 611ddc41..24aefbe4 100644 --- a/internal/pkg/core/deployer/providers/aliyun-ga/aliyun_ga_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-ga/aliyun_ga_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-ga" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-ga" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNGA_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNGA_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./aliyun_ga_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNGA_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNGA_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNGA_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNGA_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNGA_ACCELERATORID="your-ga-accelerator-id" \ - --CERTIMATE_DEPLOYER_ALIYUNGA_LISTENERID="your-ga-listener-id" \ - --CERTIMATE_DEPLOYER_ALIYUNGA_DOMAIN="your-ga-sni-domain" + --CERTIMATE_SSLDEPLOYER_ALIYUNGA_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNGA_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNGA_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNGA_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNGA_ACCELERATORID="your-ga-accelerator-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNGA_LISTENERID="your-ga-listener-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNGA_DOMAIN="your-ga-sni-domain" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -59,7 +59,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, ResourceType: provider.RESOURCE_TYPE_ACCELERATOR, @@ -93,7 +93,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, ResourceType: provider.RESOURCE_TYPE_LISTENER, diff --git a/internal/pkg/core/deployer/providers/aliyun-ga/consts.go b/pkg/core/ssl-deployer/providers/aliyun-ga/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/aliyun-ga/consts.go rename to pkg/core/ssl-deployer/providers/aliyun-ga/consts.go diff --git a/internal/pkg/core/deployer/providers/aliyun-live/aliyun_live.go b/pkg/core/ssl-deployer/providers/aliyun-live/aliyun_live.go similarity index 73% rename from internal/pkg/core/deployer/providers/aliyun-live/aliyun_live.go rename to pkg/core/ssl-deployer/providers/aliyun-live/aliyun_live.go index 0fab9485..fb815575 100644 --- a/internal/pkg/core/deployer/providers/aliyun-live/aliyun_live.go +++ b/pkg/core/ssl-deployer/providers/aliyun-live/aliyun_live.go @@ -2,6 +2,7 @@ package aliyunlive import ( "context" + "errors" "fmt" "log/slog" "strings" @@ -10,11 +11,10 @@ import ( aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client" alilive "github.com/alibabacloud-go/live-20161101/client" "github.com/alibabacloud-go/tea/tea" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" + "github.com/certimate-go/certimate/pkg/core" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -27,41 +27,44 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *alilive.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + // "*.example.com" → ".example.com",适配阿里云 Live 要求的泛域名格式 domain := strings.TrimPrefix(d.config.Domain, "*") @@ -81,10 +84,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'live.SetLiveDomainCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*alilive.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*alilive.Client, error) { // 接入点一览 https://api.aliyun.com/product/live var endpoint string switch region { diff --git a/internal/pkg/core/deployer/providers/aliyun-live/aliyun_live_test.go b/pkg/core/ssl-deployer/providers/aliyun-live/aliyun_live_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-live/aliyun_live_test.go rename to pkg/core/ssl-deployer/providers/aliyun-live/aliyun_live_test.go index 46608e38..772f21b2 100644 --- a/internal/pkg/core/deployer/providers/aliyun-live/aliyun_live_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-live/aliyun_live_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-live" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-live" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNLIVE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNLIVE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./aliyun_live_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNLIVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNLIVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNLIVE_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNLIVE_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNLIVE_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNLIVE_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_ALIYUNLIVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNLIVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNLIVE_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNLIVE_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNLIVE_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNLIVE_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb.go b/pkg/core/ssl-deployer/providers/aliyun-nlb/aliyun_nlb.go similarity index 77% rename from internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb.go rename to pkg/core/ssl-deployer/providers/aliyun-nlb/aliyun_nlb.go index dd83f514..6cbe6298 100644 --- a/internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb.go +++ b/pkg/core/ssl-deployer/providers/aliyun-nlb/aliyun_nlb.go @@ -11,12 +11,11 @@ import ( alinlb "github.com/alibabacloud-go/nlb-20220430/v2/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -35,51 +34,51 @@ type DeployerConfig struct { ListenerId string `json:"listenerId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *alinlb.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *alinlb.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -102,10 +101,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -184,7 +183,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.ListenerId == "" { return errors.New("config `listenerId` is required") } @@ -197,7 +196,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { // 查询监听的属性 // REF: https://help.aliyun.com/zh/slb/network-load-balancer/developer-reference/api-nlb-2022-04-30-getlistenerattribute getListenerAttributeReq := &alinlb.GetListenerAttributeRequest{ @@ -224,7 +223,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*alinlb.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*alinlb.Client, error) { // 接入点一览 https://api.aliyun.com/product/Nlb endpoint := strings.ReplaceAll(fmt.Sprintf("nlb.%s.aliyuncs.com", region), "..", ".") config := &aliopen.Config{ @@ -241,7 +240,7 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*alinlb.Clien return client, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region string) (uploader.Uploader, error) { +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) { casRegion := region if casRegion != "" { // 阿里云 CAS 服务接入点是独立于 NLB 服务的 @@ -254,11 +253,11 @@ func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region str } } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: casRegion, }) - return uploader, err + return sslmgr, err } diff --git a/internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb_test.go b/pkg/core/ssl-deployer/providers/aliyun-nlb/aliyun_nlb_test.go similarity index 77% rename from internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb_test.go rename to pkg/core/ssl-deployer/providers/aliyun-nlb/aliyun_nlb_test.go index f4d64219..d7288aa6 100644 --- a/internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-nlb/aliyun_nlb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-nlb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-nlb" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNNLB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNNLB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./aliyun_nlb_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNNLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNNLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNNLB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNNLB_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNNLB_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNNLB_LOADBALANCERID="your-nlb-instance-id" \ - --CERTIMATE_DEPLOYER_ALIYUNNLB_LISTENERID="your-nlb-listener-id" + --CERTIMATE_SSLDEPLOYER_ALIYUNNLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNNLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNNLB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNNLB_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNNLB_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNNLB_LOADBALANCERID="your-nlb-instance-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNNLB_LISTENERID="your-nlb-listener-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -59,7 +59,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LOADBALANCERID: %v", fLoadbalancerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, @@ -94,7 +94,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LISTENERID: %v", fListenerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-nlb/consts.go b/pkg/core/ssl-deployer/providers/aliyun-nlb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/aliyun-nlb/consts.go rename to pkg/core/ssl-deployer/providers/aliyun-nlb/consts.go diff --git a/internal/pkg/core/deployer/providers/aliyun-oss/aliyun_oss.go b/pkg/core/ssl-deployer/providers/aliyun-oss/aliyun_oss.go similarity index 73% rename from internal/pkg/core/deployer/providers/aliyun-oss/aliyun_oss.go rename to pkg/core/ssl-deployer/providers/aliyun-oss/aliyun_oss.go index 6a698cf0..d732261e 100644 --- a/internal/pkg/core/deployer/providers/aliyun-oss/aliyun_oss.go +++ b/pkg/core/ssl-deployer/providers/aliyun-oss/aliyun_oss.go @@ -7,11 +7,10 @@ import ( "log/slog" "github.com/aliyun/aliyun-oss-go-sdk/oss" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" + "github.com/certimate-go/certimate/pkg/core" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -26,41 +25,40 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *oss.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Bucket == "" { return nil, errors.New("config `bucket` is required") } @@ -84,10 +82,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'oss.PutBucketCnameWithCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*oss.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*oss.Client, error) { // 接入点一览 https://api.aliyun.com/product/Oss var endpoint string switch region { diff --git a/internal/pkg/core/deployer/providers/aliyun-oss/aliyun_oss_test.go b/pkg/core/ssl-deployer/providers/aliyun-oss/aliyun_oss_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-oss/aliyun_oss_test.go rename to pkg/core/ssl-deployer/providers/aliyun-oss/aliyun_oss_test.go index 412f7d16..8b9c0a2e 100644 --- a/internal/pkg/core/deployer/providers/aliyun-oss/aliyun_oss_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-oss/aliyun_oss_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-oss" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-oss" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNOSS_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNOSS_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./aliyun_oss_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNOSS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNOSS_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNOSS_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNOSS_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNOSS_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNOSS_BUCKET="your-oss-bucket" \ - --CERTIMATE_DEPLOYER_ALIYUNOSS_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_ALIYUNOSS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNOSS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNOSS_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNOSS_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNOSS_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNOSS_BUCKET="your-oss-bucket" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNOSS_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-vod/aliyun_vod.go b/pkg/core/ssl-deployer/providers/aliyun-vod/aliyun_vod.go similarity index 70% rename from internal/pkg/core/deployer/providers/aliyun-vod/aliyun_vod.go rename to pkg/core/ssl-deployer/providers/aliyun-vod/aliyun_vod.go index ab02fa89..bf8a5812 100644 --- a/internal/pkg/core/deployer/providers/aliyun-vod/aliyun_vod.go +++ b/pkg/core/ssl-deployer/providers/aliyun-vod/aliyun_vod.go @@ -2,6 +2,7 @@ package aliyunvod import ( "context" + "errors" "fmt" "log/slog" "strings" @@ -10,11 +11,10 @@ import ( aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client" "github.com/alibabacloud-go/tea/tea" alivod "github.com/alibabacloud-go/vod-20170321/v4/client" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" + "github.com/certimate-go/certimate/pkg/core" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -27,41 +27,44 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *alivod.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + // 设置域名证书 // REF: https://help.aliyun.com/zh/vod/developer-reference/api-vod-2017-03-21-setvoddomainsslcertificate setVodDomainSSLCertificateReq := &alivod.SetVodDomainSSLCertificateRequest{ @@ -78,10 +81,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'live.SetVodDomainSSLCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*alivod.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*alivod.Client, error) { // 接入点一览 https://api.aliyun.com/product/vod endpoint := strings.ReplaceAll(fmt.Sprintf("vod.%s.aliyuncs.com", region), "..", ".") config := &aliopen.Config{ diff --git a/internal/pkg/core/deployer/providers/aliyun-vod/aliyun_vod_test.go b/pkg/core/ssl-deployer/providers/aliyun-vod/aliyun_vod_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-vod/aliyun_vod_test.go rename to pkg/core/ssl-deployer/providers/aliyun-vod/aliyun_vod_test.go index 4d523d98..3cf7ec28 100644 --- a/internal/pkg/core/deployer/providers/aliyun-vod/aliyun_vod_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-vod/aliyun_vod_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-vod" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-vod" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNVOD_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNVOD_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./aliyun_vod_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNVOD_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNVOD_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNVOD_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNVOD_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNVOD_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNVOD_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_ALIYUNVOD_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNVOD_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNVOD_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNVOD_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNVOD_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNVOD_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go b/pkg/core/ssl-deployer/providers/aliyun-waf/aliyun_waf.go similarity index 78% rename from internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go rename to pkg/core/ssl-deployer/providers/aliyun-waf/aliyun_waf.go index cb3c70e9..c215125a 100644 --- a/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go +++ b/pkg/core/ssl-deployer/providers/aliyun-waf/aliyun_waf.go @@ -11,14 +11,13 @@ import ( "github.com/alibabacloud-go/tea/tea" aliwaf "github.com/alibabacloud-go/waf-openapi-20211001/v5/client" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -35,49 +34,49 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *aliwaf.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *aliwaf.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) + sslmgr, err := createSSLManager(config.AccessKeyId, config.AccessKeySecret, config.ResourceGroupId, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.InstanceId == "" { return nil, errors.New("config `instanceId` is required") } @@ -92,12 +91,12 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported service version '%s'", d.config.ServiceVersion) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToWAF3(ctx context.Context, certPEM string, privkeyPEM string) error { - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) deployToWAF3(ctx context.Context, certPEM string, privkeyPEM string) error { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -110,7 +109,7 @@ func (d *DeployerProvider) deployToWAF3(ctx context.Context, certPEM string, pri // 查询默认 SSL/TLS 设置 // REF: https://help.aliyun.com/zh/waf/web-application-firewall-3-0/developer-reference/api-waf-openapi-2021-10-01-describedefaulthttps describeDefaultHttpsReq := &aliwaf.DescribeDefaultHttpsRequest{ - ResourceManagerResourceGroupId: typeutil.ToPtrOrZeroNil(d.config.ResourceGroupId), + ResourceManagerResourceGroupId: xtypes.ToPtrOrZeroNil(d.config.ResourceGroupId), InstanceId: tea.String(d.config.InstanceId), RegionId: tea.String(d.config.Region), } @@ -123,7 +122,7 @@ func (d *DeployerProvider) deployToWAF3(ctx context.Context, certPEM string, pri // 修改默认 SSL/TLS 设置 // REF: https://help.aliyun.com/zh/waf/web-application-firewall-3-0/developer-reference/api-waf-openapi-2021-10-01-modifydefaulthttps modifyDefaultHttpsReq := &aliwaf.ModifyDefaultHttpsRequest{ - ResourceManagerResourceGroupId: typeutil.ToPtrOrZeroNil(d.config.ResourceGroupId), + ResourceManagerResourceGroupId: xtypes.ToPtrOrZeroNil(d.config.ResourceGroupId), InstanceId: tea.String(d.config.InstanceId), RegionId: tea.String(d.config.Region), CertId: tea.String(upres.CertId), @@ -175,7 +174,7 @@ func (d *DeployerProvider) deployToWAF3(ctx context.Context, certPEM string, pri return nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliwaf.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*aliwaf.Client, error) { // 接入点一览:https://api.aliyun.com/product/waf-openapi endpoint := strings.ReplaceAll(fmt.Sprintf("wafopenapi.%s.aliyuncs.com", region), "..", ".") config := &aliopen.Config{ @@ -192,7 +191,7 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliwaf.Clien return client, nil } -func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region string) (uploader.Uploader, error) { +func createSSLManager(accessKeyId, accessKeySecret, resourceGroupId, region string) (core.SSLManager, error) { casRegion := region if casRegion != "" { // 阿里云 CAS 服务接入点是独立于 WAF 服务的 @@ -205,13 +204,13 @@ func createSslUploader(accessKeyId, accessKeySecret, resourceGroupId, region str } } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: accessKeyId, AccessKeySecret: accessKeySecret, ResourceGroupId: resourceGroupId, Region: casRegion, }) - return uploader, err + return sslmgr, err } func assign(source *aliwaf.ModifyDomainRequest, target *aliwaf.DescribeDomainDetailResponseBody) *aliwaf.ModifyDomainRequest { @@ -252,7 +251,7 @@ func assign(source *aliwaf.ModifyDomainRequest, target *aliwaf.DescribeDomainDet } if target.Listen.HttpPorts != nil { - source.Listen.HttpPorts = sliceutil.Map(target.Listen.HttpPorts, func(v *int64) *int32 { + source.Listen.HttpPorts = xslices.Map(target.Listen.HttpPorts, func(v *int64) *int32 { if v == nil { return nil } @@ -261,7 +260,7 @@ func assign(source *aliwaf.ModifyDomainRequest, target *aliwaf.DescribeDomainDet } if target.Listen.HttpsPorts != nil { - source.Listen.HttpsPorts = sliceutil.Map(target.Listen.HttpsPorts, func(v *int64) *int32 { + source.Listen.HttpsPorts = xslices.Map(target.Listen.HttpsPorts, func(v *int64) *int32 { if v == nil { return nil } @@ -296,7 +295,7 @@ func assign(source *aliwaf.ModifyDomainRequest, target *aliwaf.DescribeDomainDet } if target.Redirect.Backends != nil { - source.Redirect.Backends = sliceutil.Map(target.Redirect.Backends, func(v *aliwaf.DescribeDomainDetailResponseBodyRedirectBackends) *string { + source.Redirect.Backends = xslices.Map(target.Redirect.Backends, func(v *aliwaf.DescribeDomainDetailResponseBodyRedirectBackends) *string { if v == nil { return nil } @@ -305,7 +304,7 @@ func assign(source *aliwaf.ModifyDomainRequest, target *aliwaf.DescribeDomainDet } if target.Redirect.BackupBackends != nil { - source.Redirect.BackupBackends = sliceutil.Map(target.Redirect.BackupBackends, func(v *aliwaf.DescribeDomainDetailResponseBodyRedirectBackupBackends) *string { + source.Redirect.BackupBackends = xslices.Map(target.Redirect.BackupBackends, func(v *aliwaf.DescribeDomainDetailResponseBodyRedirectBackupBackends) *string { if v == nil { return nil } @@ -342,7 +341,7 @@ func assign(source *aliwaf.ModifyDomainRequest, target *aliwaf.DescribeDomainDet } if target.Redirect.RequestHeaders != nil { - source.Redirect.RequestHeaders = sliceutil.Map(target.Redirect.RequestHeaders, func(v *aliwaf.DescribeDomainDetailResponseBodyRedirectRequestHeaders) *aliwaf.ModifyDomainRequestRedirectRequestHeaders { + source.Redirect.RequestHeaders = xslices.Map(target.Redirect.RequestHeaders, func(v *aliwaf.DescribeDomainDetailResponseBodyRedirectRequestHeaders) *aliwaf.ModifyDomainRequestRedirectRequestHeaders { if v == nil { return nil } diff --git a/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf_test.go b/pkg/core/ssl-deployer/providers/aliyun-waf/aliyun_waf_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf_test.go rename to pkg/core/ssl-deployer/providers/aliyun-waf/aliyun_waf_test.go index e1b92613..7352ac6d 100644 --- a/internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf_test.go +++ b/pkg/core/ssl-deployer/providers/aliyun-waf/aliyun_waf_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-waf" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aliyun-waf" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNWAF_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_ALIYUNWAF_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./aliyun_waf_test.go -args \ - --CERTIMATE_DEPLOYER_ALIYUNWAF_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNWAF_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_ALIYUNWAF_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_ALIYUNWAF_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_ALIYUNWAF_REGION="cn-hangzhou" \ - --CERTIMATE_DEPLOYER_ALIYUNWAF_INSTANCEID="your-waf-instance-id" + --CERTIMATE_SSLDEPLOYER_ALIYUNWAF_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNWAF_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNWAF_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNWAF_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNWAF_REGION="cn-hangzhou" \ + --CERTIMATE_SSLDEPLOYER_ALIYUNWAF_INSTANCEID="your-waf-instance-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("INSTANCEID: %v", fInstanceId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/pkg/core/ssl-deployer/providers/apisix/apisix.go b/pkg/core/ssl-deployer/providers/apisix/apisix.go new file mode 100644 index 00000000..2a42eeb1 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/apisix/apisix.go @@ -0,0 +1,118 @@ +package apisix + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + apisixsdk "github.com/certimate-go/certimate/pkg/sdk3rd/apisix" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLDeployerProviderConfig struct { + // APISIX 服务地址。 + ServerUrl string `json:"serverUrl"` + // APISIX Admin API Key。 + ApiKey string `json:"apiKey"` + // 是否允许不安全的连接。 + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` + // 部署资源类型。 + ResourceType ResourceType `json:"resourceType"` + // 证书 ID。 + // 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时必填。 + CertificateId string `json:"certificateId,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *apisixsdk.Client +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 根据部署资源类型决定部署方式 + switch d.config.ResourceType { + case RESOURCE_TYPE_CERTIFICATE: + if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil { + return nil, err + } + + default: + return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) + } + + return &core.SSLDeployResult{}, nil +} + +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { + if d.config.CertificateId == "" { + return errors.New("config `certificateId` is required") + } + + // 解析证书内容 + certX509, err := xcert.ParseCertificateFromPEM(certPEM) + if err != nil { + return err + } + + // 更新 SSL 证书 + // REF: https://apisix.apache.org/zh/docs/apisix/admin-api/#ssl + updateSSLReq := &apisixsdk.UpdateSSLRequest{ + Cert: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), + SNIs: xtypes.ToPtr(certX509.DNSNames), + Type: xtypes.ToPtr("server"), + Status: xtypes.ToPtr(int32(1)), + } + updateSSLResp, err := d.sdkClient.UpdateSSL(d.config.CertificateId, updateSSLReq) + d.logger.Debug("sdk request 'apisix.UpdateSSL'", slog.String("sslId", d.config.CertificateId), slog.Any("request", updateSSLReq), slog.Any("response", updateSSLResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request 'apisix.UpdateSSL': %w", err) + } + + return nil +} + +func createSDKClient(serverUrl, apiKey string, skipTlsVerify bool) (*apisixsdk.Client, error) { + client, err := apisixsdk.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil +} diff --git a/pkg/core/ssl-deployer/providers/apisix/apisix_test.go b/pkg/core/ssl-deployer/providers/apisix/apisix_test.go new file mode 100644 index 00000000..c9b73c27 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/apisix/apisix_test.go @@ -0,0 +1,77 @@ +package apisix_test + +import ( + "context" + "flag" + "fmt" + "os" + "strings" + "testing" + + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/apisix" +) + +var ( + fInputCertPath string + fInputKeyPath string + fServerUrl string + fApiKey string + fCertificateId string +) + +func init() { + argsPrefix := "CERTIMATE_SSLDEPLOYER_APISIX_" + + flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") + flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") + flag.StringVar(&fServerUrl, argsPrefix+"SERVERURL", "", "") + flag.StringVar(&fApiKey, argsPrefix+"APIKEY", "", "") + flag.StringVar(&fCertificateId, argsPrefix+"CERTIFICATEID", "", "") +} + +/* +Shell command to run this test: + + go test -v ./apisix_test.go -args \ + --CERTIMATE_SSLDEPLOYER_APISIX_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_APISIX_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_APISIX_SERVERURL="http://127.0.0.1:9080" \ + --CERTIMATE_SSLDEPLOYER_APISIX_APIKEY="your-api-key" \ + --CERTIMATE_SSLDEPLOYER_APISIX_CERTIFICATEID="your-cerficiate-id" +*/ +func TestDeploy(t *testing.T) { + flag.Parse() + + t.Run("Deploy", func(t *testing.T) { + t.Log(strings.Join([]string{ + "args:", + fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), + fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), + fmt.Sprintf("SERVERURL: %v", fServerUrl), + fmt.Sprintf("APIKEY: %v", fApiKey), + fmt.Sprintf("CERTIFICATEID: %v", fCertificateId), + }, "\n")) + + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ + ServerUrl: fServerUrl, + ApiKey: fApiKey, + AllowInsecureConnections: true, + ResourceType: provider.RESOURCE_TYPE_CERTIFICATE, + CertificateId: fCertificateId, + }) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + fInputCertData, _ := os.ReadFile(fInputCertPath) + fInputKeyData, _ := os.ReadFile(fInputKeyPath) + res, err := deployer.Deploy(context.Background(), string(fInputCertData), string(fInputKeyData)) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + t.Logf("ok: %v", res) + }) +} diff --git a/pkg/core/ssl-deployer/providers/apisix/consts.go b/pkg/core/ssl-deployer/providers/apisix/consts.go new file mode 100644 index 00000000..75aa1b60 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/apisix/consts.go @@ -0,0 +1,8 @@ +package apisix + +type ResourceType string + +const ( + // 资源类型:替换指定证书。 + RESOURCE_TYPE_CERTIFICATE = ResourceType("certificate") +) diff --git a/internal/pkg/core/deployer/providers/aws-acm/aws_acm.go b/pkg/core/ssl-deployer/providers/aws-acm/aws_acm.go similarity index 60% rename from internal/pkg/core/deployer/providers/aws-acm/aws_acm.go rename to pkg/core/ssl-deployer/providers/aws-acm/aws_acm.go index 0c9c5d57..9a69e3eb 100644 --- a/internal/pkg/core/deployer/providers/aws-acm/aws_acm.go +++ b/pkg/core/ssl-deployer/providers/aws-acm/aws_acm.go @@ -2,6 +2,7 @@ package awsacm import ( "context" + "errors" "fmt" "log/slog" @@ -10,13 +11,12 @@ import ( awscred "github.com/aws/aws-sdk-go-v2/credentials" awsacm "github.com/aws/aws-sdk-go-v2/service/acm" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aws-acm" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aws-acm" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // AWS AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // AWS SecretAccessKey。 @@ -28,56 +28,56 @@ type DeployerConfig struct { CertificateArn string `json:"certificateArn,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *awsacm.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *awsacm.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.CertificateArn == "" { - // 上传证书到 ACM - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -85,7 +85,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } else { // 提取服务器证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -105,10 +105,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*awsacm.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*awsacm.Client, error) { cfg, err := awscfg.LoadDefaultConfig(context.TODO()) if err != nil { return nil, err diff --git a/internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront.go b/pkg/core/ssl-deployer/providers/aws-cloudfront/aws_cloudfront.go similarity index 73% rename from internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront.go rename to pkg/core/ssl-deployer/providers/aws-cloudfront/aws_cloudfront.go index e5a3f0b2..a9ce2f7c 100644 --- a/internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront.go +++ b/pkg/core/ssl-deployer/providers/aws-cloudfront/aws_cloudfront.go @@ -12,13 +12,12 @@ import ( "github.com/aws/aws-sdk-go-v2/service/cloudfront" "github.com/aws/aws-sdk-go-v2/service/cloudfront/types" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploaderspacm "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aws-acm" - uploaderspiam "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aws-iam" + "github.com/certimate-go/certimate/pkg/core" + sslmgrspacm "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aws-acm" + sslmgrspiam "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aws-iam" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // AWS AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // AWS SecretAccessKey。 @@ -32,74 +31,74 @@ type DeployerConfig struct { CertificateSource string `json:"certificateSource"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *cloudfront.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *cloudfront.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - var uploader uploader.Uploader + var sslmgr core.SSLManager if config.CertificateSource == "ACM" { - uploader, err = uploaderspacm.NewUploader(&uploaderspacm.UploaderConfig{ + sslmgr, err = sslmgrspacm.NewSSLManagerProvider(&sslmgrspacm.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } } else if config.CertificateSource == "IAM" { - uploader, err = uploaderspiam.NewUploader(&uploaderspiam.UploaderConfig{ + sslmgr, err = sslmgrspiam.NewSSLManagerProvider(&sslmgrspiam.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, Region: config.Region, CertificatePath: "/cloudfront/", }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } } else { return nil, fmt.Errorf("unsupported certificate source: '%s'", config.CertificateSource) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.DistributionId == "" { return nil, errors.New("config `distribuitionId` is required") } - // 上传证书到 ACM/IAM - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -147,10 +146,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cloudfront.UpdateDistribution': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*cloudfront.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*cloudfront.Client, error) { cfg, err := awscfg.LoadDefaultConfig(context.TODO()) if err != nil { return nil, err diff --git a/internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront_test.go b/pkg/core/ssl-deployer/providers/aws-cloudfront/aws_cloudfront_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront_test.go rename to pkg/core/ssl-deployer/providers/aws-cloudfront/aws_cloudfront_test.go index 78228645..fc2c539a 100644 --- a/internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront_test.go +++ b/pkg/core/ssl-deployer/providers/aws-cloudfront/aws_cloudfront_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aws-cloudfront" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/aws-cloudfront" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_AWSCLOUDFRONT_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_AWSCLOUDFRONT_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./aws_cloudfront_test.go -args \ - --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_SECRETACCESSKEY="your-secret-access-id" \ - --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_REGION="us-east-1" \ - --CERTIMATE_DEPLOYER_AWSCLOUDFRONT_DISTRIBUTIONID="your-distribution-id" + --CERTIMATE_SSLDEPLOYER_AWSCLOUDFRONT_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_AWSCLOUDFRONT_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_AWSCLOUDFRONT_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_AWSCLOUDFRONT_SECRETACCESSKEY="your-secret-access-id" \ + --CERTIMATE_SSLDEPLOYER_AWSCLOUDFRONT_REGION="us-east-1" \ + --CERTIMATE_SSLDEPLOYER_AWSCLOUDFRONT_DISTRIBUTIONID="your-distribution-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DISTRIBUTIONID: %v", fDistribuitionId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Region: fRegion, diff --git a/pkg/core/ssl-deployer/providers/aws-iam/aws_iam.go b/pkg/core/ssl-deployer/providers/aws-iam/aws_iam.go new file mode 100644 index 00000000..0ed8bcae --- /dev/null +++ b/pkg/core/ssl-deployer/providers/aws-iam/aws_iam.go @@ -0,0 +1,75 @@ +package awsiam + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aws-iam" +) + +type SSLDeployerProviderConfig struct { + // AWS AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // AWS SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` + // AWS 区域。 + Region string `json:"region"` + // IAM 证书路径。 + // 选填。 + CertificatePath string `json:"certificatePath,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + SecretAccessKey: config.SecretAccessKey, + Region: config.Region, + CertificatePath: config.CertificatePath, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + return &core.SSLDeployResult{}, nil +} diff --git a/internal/pkg/core/deployer/providers/azure-keyvault/azure_keyvault.go b/pkg/core/ssl-deployer/providers/azure-keyvault/azure_keyvault.go similarity index 68% rename from internal/pkg/core/deployer/providers/azure-keyvault/azure_keyvault.go rename to pkg/core/ssl-deployer/providers/azure-keyvault/azure_keyvault.go index 1331bbf6..4965f4db 100644 --- a/internal/pkg/core/deployer/providers/azure-keyvault/azure_keyvault.go +++ b/pkg/core/ssl-deployer/providers/azure-keyvault/azure_keyvault.go @@ -13,14 +13,13 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azidentity" "github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azcertificates" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/azure-keyvault" - azcommon "github.com/usual2970/certimate/internal/pkg/sdk3rd/azure/common" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/azure-keyvault" + azenv "github.com/certimate-go/certimate/pkg/sdk3rd/azure/env" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // Azure TenantId。 TenantId string `json:"tenantId"` // Azure ClientId。 @@ -36,26 +35,26 @@ type DeployerConfig struct { CertificateName string `json:"certificateName,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *azcertificates.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *azcertificates.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.TenantId, config.ClientId, config.ClientSecret, config.CloudName, config.KeyVaultName) + client, err := createSDKClient(config.TenantId, config.ClientId, config.ClientSecret, config.CloudName, config.KeyVaultName) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ TenantId: config.TenantId, ClientId: config.ClientId, ClientSecret: config.ClientSecret, @@ -63,43 +62,43 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { KeyVaultName: config.KeyVaultName, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } // 转换证书格式 - certPFX, err := certutil.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, "") + certPFX, err := xcert.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, "") if err != nil { return nil, fmt.Errorf("failed to transform certificate from PEM to PFX: %w", err) } if d.config.CertificateName == "" { - // 上传证书到 KeyVault - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -118,8 +117,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } else { oldCertX509, err := x509.ParseCertificate(getCertificateResp.CER) if err == nil { - if certutil.EqualCertificate(certX509, oldCertX509) { - return &deployer.DeployResult{}, nil + if xcert.EqualCertificate(certX509, oldCertX509) { + return &core.SSLDeployResult{}, nil } } } @@ -145,11 +144,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(tenantId, clientId, clientSecret, cloudName, keyvaultName string) (*azcertificates.Client, error) { - env, err := azcommon.GetCloudEnvironmentConfiguration(cloudName) +func createSDKClient(tenantId, clientId, clientSecret, cloudName, keyvaultName string) (*azcertificates.Client, error) { + env, err := azenv.GetCloudEnvConfiguration(cloudName) if err != nil { return nil, err } @@ -162,9 +161,9 @@ func createSdkClient(tenantId, clientId, clientSecret, cloudName, keyvaultName s } endpoint := fmt.Sprintf("https://%s.vault.azure.net", keyvaultName) - if azcommon.IsEnvironmentGovernment(cloudName) { + if azenv.IsUSGovernmentEnv(cloudName) { endpoint = fmt.Sprintf("https://%s.vault.usgovcloudapi.net", keyvaultName) - } else if azcommon.IsEnvironmentChina(cloudName) { + } else if azenv.IsChinaEnv(cloudName) { endpoint = fmt.Sprintf("https://%s.vault.azure.cn", keyvaultName) } diff --git a/internal/pkg/core/deployer/providers/baiducloud-appblb/baiducloud_appblb.go b/pkg/core/ssl-deployer/providers/baiducloud-appblb/baiducloud_appblb.go similarity index 80% rename from internal/pkg/core/deployer/providers/baiducloud-appblb/baiducloud_appblb.go rename to pkg/core/ssl-deployer/providers/baiducloud-appblb/baiducloud_appblb.go index 87d7ba65..f649e6d6 100644 --- a/internal/pkg/core/deployer/providers/baiducloud-appblb/baiducloud_appblb.go +++ b/pkg/core/ssl-deployer/providers/baiducloud-appblb/baiducloud_appblb.go @@ -11,13 +11,12 @@ import ( bceappblb "github.com/baidubce/bce-sdk-go/services/appblb" "github.com/google/uuid" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/baiducloud-cert" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/baiducloud-cert" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 百度智能云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 百度智能云 SecretAccessKey。 @@ -37,53 +36,52 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *bceappblb.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *bceappblb.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -106,10 +104,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -171,7 +169,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -234,7 +232,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudListenerType string, cloudListenerPort int32, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudListenerType string, cloudListenerPort int32, cloudCertId string) error { switch strings.ToUpper(cloudListenerType) { case "HTTPS": return d.updateHttpsListenerCertificate(ctx, cloudLoadbalancerId, cloudListenerPort, cloudCertId) @@ -245,7 +243,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL } } -func (d *DeployerProvider) updateHttpsListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudHttpsListenerPort int32, cloudCertId string) error { +func (d *SSLDeployerProvider) updateHttpsListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudHttpsListenerPort int32, cloudCertId string) error { // 查询 HTTPS 监听器 // REF: https://cloud.baidu.com/doc/BLB/s/ujwvxnyux#describeapphttpslisteners%E6%9F%A5%E8%AF%A2https%E7%9B%91%E5%90%AC%E5%99%A8 describeAppHTTPSListenersReq := &bceappblb.DescribeAppListenerArgs{ @@ -286,7 +284,7 @@ func (d *DeployerProvider) updateHttpsListenerCertificate(ctx context.Context, c ListenerPort: uint16(cloudHttpsListenerPort), Scheduler: describeAppHTTPSListenersResp.ListenerList[0].Scheduler, CertIds: describeAppHTTPSListenersResp.ListenerList[0].CertIds, - AdditionalCertDomains: sliceutil.Map(describeAppHTTPSListenersResp.ListenerList[0].AdditionalCertDomains, func(domain bceappblb.AdditionalCertDomainsModel) bceappblb.AdditionalCertDomainsModel { + AdditionalCertDomains: xslices.Map(describeAppHTTPSListenersResp.ListenerList[0].AdditionalCertDomains, func(domain bceappblb.AdditionalCertDomainsModel) bceappblb.AdditionalCertDomainsModel { if domain.Host == d.config.Domain { return bceappblb.AdditionalCertDomainsModel{ Host: domain.Host, @@ -310,7 +308,7 @@ func (d *DeployerProvider) updateHttpsListenerCertificate(ctx context.Context, c return nil } -func (d *DeployerProvider) updateSslListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudHttpsListenerPort int32, cloudCertId string) error { +func (d *SSLDeployerProvider) updateSslListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudHttpsListenerPort int32, cloudCertId string) error { // 更新 SSL 监听器 // REF: https://cloud.baidu.com/doc/BLB/s/ujwvxnyux#updateappssllistener%E6%9B%B4%E6%96%B0ssl%E7%9B%91%E5%90%AC%E5%99%A8 updateAppSSLListenerReq := &bceappblb.UpdateAppSSLListenerArgs{ @@ -327,7 +325,7 @@ func (d *DeployerProvider) updateSslListenerCertificate(ctx context.Context, clo return nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*bceappblb.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*bceappblb.Client, error) { endpoint := "" if region != "" { endpoint = fmt.Sprintf("blb.%s.baidubce.com", region) diff --git a/internal/pkg/core/deployer/providers/baiducloud-blb/baiducloud_blb_test.go b/pkg/core/ssl-deployer/providers/baiducloud-appblb/baiducloud_appblb_test.go similarity index 67% rename from internal/pkg/core/deployer/providers/baiducloud-blb/baiducloud_blb_test.go rename to pkg/core/ssl-deployer/providers/baiducloud-appblb/baiducloud_appblb_test.go index c96e4f0c..62fec197 100644 --- a/internal/pkg/core/deployer/providers/baiducloud-blb/baiducloud_blb_test.go +++ b/pkg/core/ssl-deployer/providers/baiducloud-appblb/baiducloud_appblb_test.go @@ -1,4 +1,4 @@ -package baiducloudblb_test +package baiducloudappblb_test import ( "context" @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baiducloud-blb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baiducloud-appblb" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BAIDUCLOUDBLB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BAIDUCLOUDAPPBLB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -36,14 +36,14 @@ func init() { /* Shell command to run this test: - go test -v ./baiducloud_blb_test.go -args \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDBLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDBLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDBLB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDBLB_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDBLB_REGION="bj" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDBLB_LOADBALANCERID="your-blb-loadbalancer-id" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDBLB_DOMAIN="your-blb-sni-domain" + go test -v ./baiducloud_appblb_test.go -args \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDAPPBLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDAPPBLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDAPPBLB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDAPPBLB_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDAPPBLB_REGION="bj" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDAPPBLB_LOADBALANCERID="your-blb-loadbalancer-id" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDAPPBLB_DOMAIN="your-blb-sni-domain" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, ResourceType: provider.RESOURCE_TYPE_LOADBALANCER, diff --git a/internal/pkg/core/deployer/providers/baiducloud-appblb/consts.go b/pkg/core/ssl-deployer/providers/baiducloud-appblb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/baiducloud-appblb/consts.go rename to pkg/core/ssl-deployer/providers/baiducloud-appblb/consts.go diff --git a/internal/pkg/core/deployer/providers/baiducloud-blb/baiducloud_blb.go b/pkg/core/ssl-deployer/providers/baiducloud-blb/baiducloud_blb.go similarity index 80% rename from internal/pkg/core/deployer/providers/baiducloud-blb/baiducloud_blb.go rename to pkg/core/ssl-deployer/providers/baiducloud-blb/baiducloud_blb.go index 54e4a55d..e33d8ab2 100644 --- a/internal/pkg/core/deployer/providers/baiducloud-blb/baiducloud_blb.go +++ b/pkg/core/ssl-deployer/providers/baiducloud-blb/baiducloud_blb.go @@ -11,13 +11,12 @@ import ( bceblb "github.com/baidubce/bce-sdk-go/services/blb" "github.com/google/uuid" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/baiducloud-cert" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/baiducloud-cert" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 百度智能云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 百度智能云 SecretAccessKey。 @@ -37,53 +36,52 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *bceblb.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *bceblb.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CAS - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -106,10 +104,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -171,7 +169,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -234,7 +232,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudListenerType string, cloudListenerPort int32, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudListenerType string, cloudListenerPort int32, cloudCertId string) error { switch strings.ToUpper(cloudListenerType) { case "HTTPS": return d.updateHttpsListenerCertificate(ctx, cloudLoadbalancerId, cloudListenerPort, cloudCertId) @@ -245,7 +243,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL } } -func (d *DeployerProvider) updateHttpsListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudHttpsListenerPort int32, cloudCertId string) error { +func (d *SSLDeployerProvider) updateHttpsListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudHttpsListenerPort int32, cloudCertId string) error { // 查询 HTTPS 监听器 // REF: https://cloud.baidu.com/doc/BLB/s/yjwvxnvl6#describehttpslisteners%E6%9F%A5%E8%AF%A2https%E7%9B%91%E5%90%AC%E5%99%A8 describeHTTPSListenersReq := &bceblb.DescribeListenerArgs{ @@ -284,7 +282,7 @@ func (d *DeployerProvider) updateHttpsListenerCertificate(ctx context.Context, c ClientToken: generateClientToken(), ListenerPort: uint16(cloudHttpsListenerPort), CertIds: describeHTTPSListenersResp.ListenerList[0].CertIds, - AdditionalCertDomains: sliceutil.Map(describeHTTPSListenersResp.ListenerList[0].AdditionalCertDomains, func(domain bceblb.AdditionalCertDomainsModel) bceblb.AdditionalCertDomainsModel { + AdditionalCertDomains: xslices.Map(describeHTTPSListenersResp.ListenerList[0].AdditionalCertDomains, func(domain bceblb.AdditionalCertDomainsModel) bceblb.AdditionalCertDomainsModel { if domain.Host == d.config.Domain { return bceblb.AdditionalCertDomainsModel{ Host: domain.Host, @@ -308,7 +306,7 @@ func (d *DeployerProvider) updateHttpsListenerCertificate(ctx context.Context, c return nil } -func (d *DeployerProvider) updateSslListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudHttpsListenerPort int32, cloudCertId string) error { +func (d *SSLDeployerProvider) updateSslListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudHttpsListenerPort int32, cloudCertId string) error { // 更新 SSL 监听器 // REF: https://cloud.baidu.com/doc/BLB/s/yjwvxnvl6#updatessllistener%E6%9B%B4%E6%96%B0ssl%E7%9B%91%E5%90%AC%E5%99%A8 updateSSLListenerReq := &bceblb.UpdateSSLListenerArgs{ @@ -325,7 +323,7 @@ func (d *DeployerProvider) updateSslListenerCertificate(ctx context.Context, clo return nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*bceblb.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*bceblb.Client, error) { endpoint := "" if region != "" { endpoint = fmt.Sprintf("blb.%s.baidubce.com", region) diff --git a/internal/pkg/core/deployer/providers/baiducloud-appblb/baiducloud_appblb_test.go b/pkg/core/ssl-deployer/providers/baiducloud-blb/baiducloud_blb_test.go similarity index 72% rename from internal/pkg/core/deployer/providers/baiducloud-appblb/baiducloud_appblb_test.go rename to pkg/core/ssl-deployer/providers/baiducloud-blb/baiducloud_blb_test.go index 1e60d5f0..a4fc8fa4 100644 --- a/internal/pkg/core/deployer/providers/baiducloud-appblb/baiducloud_appblb_test.go +++ b/pkg/core/ssl-deployer/providers/baiducloud-blb/baiducloud_blb_test.go @@ -1,4 +1,4 @@ -package baiducloudappblb_test +package baiducloudblb_test import ( "context" @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baiducloud-appblb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baiducloud-blb" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BAIDUCLOUDAPPBLB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BAIDUCLOUDBLB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -36,14 +36,14 @@ func init() { /* Shell command to run this test: - go test -v ./baiducloud_appblb_test.go -args \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDAPPBLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDAPPBLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDAPPBLB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDAPPBLB_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDAPPBLB_REGION="bj" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDAPPBLB_LOADBALANCERID="your-blb-loadbalancer-id" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDAPPBLB_DOMAIN="your-blb-sni-domain" + go test -v ./baiducloud_blb_test.go -args \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDBLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDBLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDBLB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDBLB_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDBLB_REGION="bj" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDBLB_LOADBALANCERID="your-blb-loadbalancer-id" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDBLB_DOMAIN="your-blb-sni-domain" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, ResourceType: provider.RESOURCE_TYPE_LOADBALANCER, diff --git a/internal/pkg/core/deployer/providers/baiducloud-blb/consts.go b/pkg/core/ssl-deployer/providers/baiducloud-blb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/baiducloud-blb/consts.go rename to pkg/core/ssl-deployer/providers/baiducloud-blb/consts.go diff --git a/internal/pkg/core/deployer/providers/baiducloud-cdn/baiducloud_cdn.go b/pkg/core/ssl-deployer/providers/baiducloud-cdn/baiducloud_cdn.go similarity index 60% rename from internal/pkg/core/deployer/providers/baiducloud-cdn/baiducloud_cdn.go rename to pkg/core/ssl-deployer/providers/baiducloud-cdn/baiducloud_cdn.go index ccd11f9b..c8e181b8 100644 --- a/internal/pkg/core/deployer/providers/baiducloud-cdn/baiducloud_cdn.go +++ b/pkg/core/ssl-deployer/providers/baiducloud-cdn/baiducloud_cdn.go @@ -2,17 +2,17 @@ package baiducloudcdn import ( "context" + "errors" "fmt" "log/slog" "time" bcecdn "github.com/baidubce/bce-sdk-go/services/cdn" bcecdnapi "github.com/baidubce/bce-sdk-go/services/cdn/api" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" + "github.com/certimate-go/certimate/pkg/core" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 百度智能云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 百度智能云 SecretAccessKey。 @@ -21,41 +21,44 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *bcecdn.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + // 修改域名证书 // REF: https://cloud.baidu.com/doc/CDN/s/qjzuz2hp8 putCertResp, err := d.sdkClient.PutCert( @@ -72,10 +75,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cdn.PutCert': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, secretAccessKey string) (*bcecdn.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey string) (*bcecdn.Client, error) { client, err := bcecdn.NewClient(accessKeyId, secretAccessKey, "") if err != nil { return nil, err diff --git a/internal/pkg/core/deployer/providers/baiducloud-cdn/baiducloud_cdn_test.go b/pkg/core/ssl-deployer/providers/baiducloud-cdn/baiducloud_cdn_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/baiducloud-cdn/baiducloud_cdn_test.go rename to pkg/core/ssl-deployer/providers/baiducloud-cdn/baiducloud_cdn_test.go index cef03392..068e6fad 100644 --- a/internal/pkg/core/deployer/providers/baiducloud-cdn/baiducloud_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/baiducloud-cdn/baiducloud_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baiducloud-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baiducloud-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BAIDUCLOUDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BAIDUCLOUDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./baiducloud_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDCDN_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_BAIDUCLOUDCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDCDN_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_BAIDUCLOUDCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Domain: fDomain, diff --git a/pkg/core/ssl-deployer/providers/baiducloud-cert/baiducloud_cert.go b/pkg/core/ssl-deployer/providers/baiducloud-cert/baiducloud_cert.go new file mode 100644 index 00000000..d9151b96 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/baiducloud-cert/baiducloud_cert.go @@ -0,0 +1,66 @@ +package baiducloudcert + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/baiducloud-cert" +) + +type SSLDeployerProviderConfig struct { + // 百度智能云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 百度智能云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + SecretAccessKey: config.SecretAccessKey, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + return &core.SSLDeployResult{}, nil +} diff --git a/internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn.go b/pkg/core/ssl-deployer/providers/baishan-cdn/baishan_cdn.go similarity index 54% rename from internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn.go rename to pkg/core/ssl-deployer/providers/baishan-cdn/baishan_cdn.go index b056b076..18e4f785 100644 --- a/internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn.go +++ b/pkg/core/ssl-deployer/providers/baishan-cdn/baishan_cdn.go @@ -10,11 +10,12 @@ import ( "strings" "time" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - bssdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/baishan" + "github.com/certimate-go/certimate/pkg/core" + bssdk "github.com/certimate-go/certimate/pkg/sdk3rd/baishan" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 白山云 API Token。 ApiToken string `json:"apiToken"` // 加速域名(支持泛域名)。 @@ -24,41 +25,40 @@ type DeployerConfig struct { CertificateId string `json:"certificateId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *bssdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ApiToken) + client, err := createSDKClient(config.ApiToken) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Domain == "" { return nil, errors.New("config `domain` is required") } @@ -68,34 +68,34 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 新增证书 // REF: https://portal.baishancloud.com/track/document/downloadPdf/1441 certificateId := "" - createCertificateReq := &bssdk.CreateCertificateRequest{ - Certificate: certPEM, - Key: privkeyPEM, - Name: fmt.Sprintf("certimate_%d", time.Now().UnixMilli()), + setDomainCertificateReq := &bssdk.SetDomainCertificateRequest{ + Name: xtypes.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), + Certificate: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), } - createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) - d.logger.Debug("sdk request 'baishan.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + setDomainCertificateResp, err := d.sdkClient.SetDomainCertificate(setDomainCertificateReq) + d.logger.Debug("sdk request 'baishan.SetDomainCertificate'", slog.Any("request", setDomainCertificateReq), slog.Any("response", setDomainCertificateResp)) if err != nil { - if createCertificateResp != nil { - if createCertificateResp.GetCode() == 400699 && strings.Contains(createCertificateResp.GetMessage(), "this certificate is exists") { + if setDomainCertificateResp != nil { + if setDomainCertificateResp.GetCode() == 400699 && strings.Contains(setDomainCertificateResp.GetMessage(), "this certificate is exists") { // 证书已存在,忽略新增证书接口错误 re := regexp.MustCompile(`\d+`) - certificateId = re.FindString(createCertificateResp.GetMessage()) + certificateId = re.FindString(setDomainCertificateResp.GetMessage()) } } if certificateId == "" { - return nil, fmt.Errorf("failed to execute sdk request 'baishan.CreateCertificate': %w", err) + return nil, fmt.Errorf("failed to execute sdk request 'baishan.SetDomainCertificate': %w", err) } } else { - certificateId = createCertificateResp.Data.CertId.String() + certificateId = setDomainCertificateResp.Data.CertId.String() } // 查询域名配置 // REF: https://portal.baishancloud.com/track/document/api/1/1065 getDomainConfigReq := &bssdk.GetDomainConfigRequest{ - Domains: d.config.Domain, - Config: []string{"https"}, + Domains: xtypes.ToPtr(d.config.Domain), + Config: xtypes.ToPtr([]string{"https"}), } getDomainConfigResp, err := d.sdkClient.GetDomainConfig(getDomainConfigReq) d.logger.Debug("sdk request 'baishan.GetDomainConfig'", slog.Any("request", getDomainConfigReq), slog.Any("response", getDomainConfigResp)) @@ -108,7 +108,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 设置域名配置 // REF: https://portal.baishancloud.com/track/document/api/1/1045 setDomainConfigReq := &bssdk.SetDomainConfigRequest{ - Domains: d.config.Domain, + Domains: xtypes.ToPtr(d.config.Domain), Config: &bssdk.DomainConfig{ Https: &bssdk.DomainConfigHttps{ CertId: json.Number(certificateId), @@ -126,27 +126,22 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } else { // 替换证书 // REF: https://portal.baishancloud.com/track/document/downloadPdf/1441 - createCertificateReq := &bssdk.CreateCertificateRequest{ + setDomainCertificateReq := &bssdk.SetDomainCertificateRequest{ CertificateId: &d.config.CertificateId, - Certificate: certPEM, - Key: privkeyPEM, - Name: fmt.Sprintf("certimate_%d", time.Now().UnixMilli()), + Name: xtypes.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), + Certificate: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), } - createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) - d.logger.Debug("sdk request 'baishan.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + setDomainCertificateResp, err := d.sdkClient.SetDomainCertificate(setDomainCertificateReq) + d.logger.Debug("sdk request 'baishan.SetDomainCertificate'", slog.Any("request", setDomainCertificateReq), slog.Any("response", setDomainCertificateResp)) if err != nil { - return nil, fmt.Errorf("failed to execute sdk request 'baishan.CreateCertificate': %w", err) + return nil, fmt.Errorf("failed to execute sdk request 'baishan.SetDomainCertificate': %w", err) } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(apiToken string) (*bssdk.Client, error) { - if apiToken == "" { - return nil, errors.New("invalid baishan api token") - } - - client := bssdk.NewClient(apiToken) - return client, nil +func createSDKClient(apiToken string) (*bssdk.Client, error) { + return bssdk.NewClient(apiToken) } diff --git a/internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn_test.go b/pkg/core/ssl-deployer/providers/baishan-cdn/baishan_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn_test.go rename to pkg/core/ssl-deployer/providers/baishan-cdn/baishan_cdn_test.go index 8e3a16b8..e989785c 100644 --- a/internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/baishan-cdn/baishan_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baishan-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baishan-cdn" ) var ( @@ -19,7 +19,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BAISHANCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BAISHANCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -31,10 +31,10 @@ func init() { Shell command to run this test: go test -v ./baishan_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_BAISHANCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BAISHANCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BAISHANCDN_APITOKEN="your-api-token" \ - --CERTIMATE_DEPLOYER_BAISHANCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_BAISHANCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BAISHANCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BAISHANCDN_APITOKEN="your-api-token" \ + --CERTIMATE_SSLDEPLOYER_BAISHANCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -48,7 +48,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ApiToken: fApiToken, Domain: fDomain, }) diff --git a/internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console.go b/pkg/core/ssl-deployer/providers/baotapanel-console/baotapanel_console.go similarity index 60% rename from internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console.go rename to pkg/core/ssl-deployer/providers/baotapanel-console/baotapanel_console.go index 403b96e8..d314b6ec 100644 --- a/internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console.go +++ b/pkg/core/ssl-deployer/providers/baotapanel-console/baotapanel_console.go @@ -6,13 +6,12 @@ import ( "errors" "fmt" "log/slog" - "net/url" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - btsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/btpanel" + "github.com/certimate-go/certimate/pkg/core" + btsdk "github.com/certimate-go/certimate/pkg/sdk3rd/btpanel" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 宝塔面板服务地址。 ServerUrl string `json:"serverUrl"` // 宝塔面板接口密钥。 @@ -23,41 +22,40 @@ type DeployerConfig struct { AutoRestart bool `json:"autoRestart"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *btsdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) + client, err := createSDKClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 设置面板 SSL 证书 configSavePanelSSLReq := &btsdk.ConfigSavePanelSSLRequest{ PrivateKey: privkeyPEM, @@ -79,21 +77,17 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE d.logger.Debug("sdk request 'bt.SystemServiceAdmin'", slog.Any("request", systemServiceAdminReq), slog.Any("response", systemServiceAdminResp)) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(serverUrl, apiKey string, skipTlsVerify bool) (*btsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid baota server url") +func createSDKClient(serverUrl, apiKey string, skipTlsVerify bool) (*btsdk.Client, error) { + client, err := btsdk.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err } - if apiKey == "" { - return nil, errors.New("invalid baota api key") - } - - client := btsdk.NewClient(serverUrl, apiKey) if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) } return client, nil diff --git a/internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console_test.go b/pkg/core/ssl-deployer/providers/baotapanel-console/baotapanel_console_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console_test.go rename to pkg/core/ssl-deployer/providers/baotapanel-console/baotapanel_console_test.go index 2fd4cc5b..a77549ad 100644 --- a/internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console_test.go +++ b/pkg/core/ssl-deployer/providers/baotapanel-console/baotapanel_console_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotapanel-console" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baotapanel-console" ) var ( @@ -19,7 +19,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BAOTAPANELCONSOLE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BAOTAPANELCONSOLE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -31,10 +31,10 @@ func init() { Shell command to run this test: go test -v ./baotapanel_console_test.go -args \ - --CERTIMATE_DEPLOYER_BAOTAPANELCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BAOTAPANELCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BAOTAPANELCONSOLE_SERVERURL="http://127.0.0.1:8888" \ - --CERTIMATE_DEPLOYER_BAOTAPANELCONSOLE_APIKEY="your-api-key" + --CERTIMATE_SSLDEPLOYER_BAOTAPANELCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BAOTAPANELCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BAOTAPANELCONSOLE_SERVERURL="http://127.0.0.1:8888" \ + --CERTIMATE_SSLDEPLOYER_BAOTAPANELCONSOLE_APIKEY="your-api-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -48,7 +48,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("APIKEY: %v", fApiKey), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiKey: fApiKey, AllowInsecureConnections: true, diff --git a/internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site.go b/pkg/core/ssl-deployer/providers/baotapanel-site/baotapanel_site.go similarity index 68% rename from internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site.go rename to pkg/core/ssl-deployer/providers/baotapanel-site/baotapanel_site.go index 78fc3e96..27380a39 100644 --- a/internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site.go +++ b/pkg/core/ssl-deployer/providers/baotapanel-site/baotapanel_site.go @@ -6,14 +6,13 @@ import ( "errors" "fmt" "log/slog" - "net/url" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - btsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/btpanel" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" + "github.com/certimate-go/certimate/pkg/core" + btsdk "github.com/certimate-go/certimate/pkg/sdk3rd/btpanel" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 宝塔面板服务地址。 ServerUrl string `json:"serverUrl"` // 宝塔面板接口密钥。 @@ -28,41 +27,40 @@ type DeployerConfig struct { SiteNames []string `json:"siteNames,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *btsdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) + client, err := createSDKClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { switch d.config.SiteType { case "php": { @@ -103,7 +101,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 设置站点证书 sslSetBatchCertToSiteReq := &btsdk.SSLSetBatchCertToSiteRequest{ - BatchInfo: sliceutil.Map(d.config.SiteNames, func(siteName string) *btsdk.SSLSetBatchCertToSiteRequestBatchInfo { + BatchInfo: xslices.Map(d.config.SiteNames, func(siteName string) *btsdk.SSLSetBatchCertToSiteRequestBatchInfo { return &btsdk.SSLSetBatchCertToSiteRequestBatchInfo{ SiteName: siteName, SSLHash: sslCertSaveCertResp.SSLHash, @@ -121,21 +119,17 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported site type '%s'", d.config.SiteType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(serverUrl, apiKey string, skipTlsVerify bool) (*btsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid baota server url") +func createSDKClient(serverUrl, apiKey string, skipTlsVerify bool) (*btsdk.Client, error) { + client, err := btsdk.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err } - if apiKey == "" { - return nil, errors.New("invalid baota api key") - } - - client := btsdk.NewClient(serverUrl, apiKey) if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) } return client, nil diff --git a/internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site_test.go b/pkg/core/ssl-deployer/providers/baotapanel-site/baotapanel_site_test.go similarity index 72% rename from internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site_test.go rename to pkg/core/ssl-deployer/providers/baotapanel-site/baotapanel_site_test.go index 9e4659ea..168f160e 100644 --- a/internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site_test.go +++ b/pkg/core/ssl-deployer/providers/baotapanel-site/baotapanel_site_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotapanel-site" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baotapanel-site" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BAOTAPANELSITE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BAOTAPANELSITE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./baotapanel_site_test.go -args \ - --CERTIMATE_DEPLOYER_BAOTAPANELSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BAOTAPANELSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BAOTAPANELSITE_SERVERURL="http://127.0.0.1:8888" \ - --CERTIMATE_DEPLOYER_BAOTAPANELSITE_APIKEY="your-api-key" \ - --CERTIMATE_DEPLOYER_BAOTAPANELSITE_SITETYPE="php" \ - --CERTIMATE_DEPLOYER_BAOTAPANELSITE_SITENAME="your-site-name" + --CERTIMATE_SSLDEPLOYER_BAOTAPANELSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BAOTAPANELSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BAOTAPANELSITE_SERVERURL="http://127.0.0.1:8888" \ + --CERTIMATE_SSLDEPLOYER_BAOTAPANELSITE_APIKEY="your-api-key" \ + --CERTIMATE_SSLDEPLOYER_BAOTAPANELSITE_SITETYPE="php" \ + --CERTIMATE_SSLDEPLOYER_BAOTAPANELSITE_SITENAME="your-site-name" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SITENAME: %v", fSiteName), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiKey: fApiKey, AllowInsecureConnections: true, diff --git a/pkg/core/ssl-deployer/providers/baotawaf-console/baotawaf_console.go b/pkg/core/ssl-deployer/providers/baotawaf-console/baotawaf_console.go new file mode 100644 index 00000000..81091f16 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/baotawaf-console/baotawaf_console.go @@ -0,0 +1,83 @@ +package baotapanelconsole + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + btwafsdk "github.com/certimate-go/certimate/pkg/sdk3rd/btwaf" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLDeployerProviderConfig struct { + // 堡塔云 WAF 服务地址。 + ServerUrl string `json:"serverUrl"` + // 堡塔云 WAF 接口密钥。 + ApiKey string `json:"apiKey"` + // 是否允许不安全的连接。 + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *btwafsdk.Client +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 设置面板 SSL + configSetCertReq := &btwafsdk.ConfigSetCertRequest{ + CertContent: xtypes.ToPtr(certPEM), + KeyContent: xtypes.ToPtr(privkeyPEM), + } + configSetCertResp, err := d.sdkClient.ConfigSetCert(configSetCertReq) + d.logger.Debug("sdk request 'bt.ConfigSetCert'", slog.Any("request", configSetCertReq), slog.Any("response", configSetCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'bt.ConfigSetCert': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(serverUrl, apiKey string, skipTlsVerify bool) (*btwafsdk.Client, error) { + client, err := btwafsdk.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil +} diff --git a/internal/pkg/core/deployer/providers/baotawaf-console/baotawaf_console_test.go b/pkg/core/ssl-deployer/providers/baotawaf-console/baotawaf_console_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/baotawaf-console/baotawaf_console_test.go rename to pkg/core/ssl-deployer/providers/baotawaf-console/baotawaf_console_test.go index b3804fb5..0c290518 100644 --- a/internal/pkg/core/deployer/providers/baotawaf-console/baotawaf_console_test.go +++ b/pkg/core/ssl-deployer/providers/baotawaf-console/baotawaf_console_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotawaf-console" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baotawaf-console" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BAOTAWAFCONSOLE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BAOTAWAFCONSOLE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,10 +33,10 @@ func init() { Shell command to run this test: go test -v ./baotawaf_console_test.go -args \ - --CERTIMATE_DEPLOYER_BAOTAWAFCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BAOTAWAFCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BAOTAWAFCONSOLE_SERVERURL="http://127.0.0.1:8888" \ - --CERTIMATE_DEPLOYER_BAOTAWAFCONSOLE_APIKEY="your-api-key" + --CERTIMATE_SSLDEPLOYER_BAOTAWAFCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BAOTAWAFCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BAOTAWAFCONSOLE_SERVERURL="http://127.0.0.1:8888" \ + --CERTIMATE_SSLDEPLOYER_BAOTAWAFCONSOLE_APIKEY="your-api-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -50,7 +50,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("APIKEY: %v", fApiKey), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiKey: fApiKey, AllowInsecureConnections: true, diff --git a/internal/pkg/core/deployer/providers/baotawaf-site/baotawaf_site.go b/pkg/core/ssl-deployer/providers/baotawaf-site/baotawaf_site.go similarity index 56% rename from internal/pkg/core/deployer/providers/baotawaf-site/baotawaf_site.go rename to pkg/core/ssl-deployer/providers/baotawaf-site/baotawaf_site.go index daf482ac..8955d10f 100644 --- a/internal/pkg/core/deployer/providers/baotawaf-site/baotawaf_site.go +++ b/pkg/core/ssl-deployer/providers/baotawaf-site/baotawaf_site.go @@ -6,14 +6,13 @@ import ( "errors" "fmt" "log/slog" - "net/url" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - btsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/btwaf" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + btwafsdk "github.com/certimate-go/certimate/pkg/sdk3rd/btwaf" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 堡塔云 WAF 服务地址。 ServerUrl string `json:"serverUrl"` // 堡塔云 WAF 接口密钥。 @@ -27,41 +26,40 @@ type DeployerConfig struct { SitePort int32 `json:"sitePort,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger - sdkClient *btsdk.Client + sdkClient *btwafsdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) + client, err := createSDKClient(config.ServerUrl, config.ApiKey, config.AllowInsecureConnections) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.SiteName == "" { return nil, errors.New("config `siteName` is required") } @@ -81,10 +79,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE default: } - getSiteListReq := &btsdk.GetSiteListRequest{ - SiteName: typeutil.ToPtr(d.config.SiteName), - Page: typeutil.ToPtr(getSitListPage), - PageSize: typeutil.ToPtr(getSitListPageSize), + getSiteListReq := &btwafsdk.GetSiteListRequest{ + SiteName: xtypes.ToPtr(d.config.SiteName), + Page: xtypes.ToPtr(getSitListPage), + PageSize: xtypes.ToPtr(getSitListPageSize), } getSiteListResp, err := d.sdkClient.GetSiteList(getSiteListReq) d.logger.Debug("sdk request 'bt.GetSiteList'", slog.Any("request", getSiteListReq), slog.Any("response", getSiteListResp)) @@ -112,15 +110,15 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } // 修改站点配置 - modifySiteReq := &btsdk.ModifySiteRequest{ - SiteId: siteId, - Type: typeutil.ToPtr("openCert"), - Server: &btsdk.SiteServerInfo{ - ListenSSLPorts: typeutil.ToPtr([]int32{d.config.SitePort}), - SSL: &btsdk.SiteServerSSLInfo{ - IsSSL: typeutil.ToPtr(int32(1)), - FullChain: typeutil.ToPtr(certPEM), - PrivateKey: typeutil.ToPtr(privkeyPEM), + modifySiteReq := &btwafsdk.ModifySiteRequest{ + SiteId: xtypes.ToPtr(siteId), + Type: xtypes.ToPtr("openCert"), + Server: &btwafsdk.SiteServerInfo{ + ListenSSLPorts: xtypes.ToPtr([]int32{d.config.SitePort}), + SSL: &btwafsdk.SiteServerSSLInfo{ + IsSSL: xtypes.ToPtr(int32(1)), + FullChain: xtypes.ToPtr(certPEM), + PrivateKey: xtypes.ToPtr(privkeyPEM), }, }, } @@ -130,21 +128,17 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'bt.ModifySite': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(serverUrl, apiKey string, skipTlsVerify bool) (*btsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid baota server url") +func createSDKClient(serverUrl, apiKey string, skipTlsVerify bool) (*btwafsdk.Client, error) { + client, err := btwafsdk.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err } - if apiKey == "" { - return nil, errors.New("invalid baota api key") - } - - client := btsdk.NewClient(serverUrl, apiKey) if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) } return client, nil diff --git a/internal/pkg/core/deployer/providers/baotawaf-site/baotawaf_site_test.go b/pkg/core/ssl-deployer/providers/baotawaf-site/baotawaf_site_test.go similarity index 72% rename from internal/pkg/core/deployer/providers/baotawaf-site/baotawaf_site_test.go rename to pkg/core/ssl-deployer/providers/baotawaf-site/baotawaf_site_test.go index e9b4b836..a38aae90 100644 --- a/internal/pkg/core/deployer/providers/baotawaf-site/baotawaf_site_test.go +++ b/pkg/core/ssl-deployer/providers/baotawaf-site/baotawaf_site_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotawaf-site" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/baotawaf-site" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BAOTAWAFSITE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BAOTAWAFSITE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./baotawaf_site_test.go -args \ - --CERTIMATE_DEPLOYER_BAOTAWAFSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BAOTAWAFSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BAOTAWAFSITE_SERVERURL="http://127.0.0.1:8888" \ - --CERTIMATE_DEPLOYER_BAOTAWAFSITE_APIKEY="your-api-key" \ - --CERTIMATE_DEPLOYER_BAOTAWAFSITE_SITENAME="your-site-name" \ - --CERTIMATE_DEPLOYER_BAOTAWAFSITE_SITEPORT=443 + --CERTIMATE_SSLDEPLOYER_BAOTAWAFSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BAOTAWAFSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BAOTAWAFSITE_SERVERURL="http://127.0.0.1:8888" \ + --CERTIMATE_SSLDEPLOYER_BAOTAWAFSITE_APIKEY="your-api-key" \ + --CERTIMATE_SSLDEPLOYER_BAOTAWAFSITE_SITENAME="your-site-name" \ + --CERTIMATE_SSLDEPLOYER_BAOTAWAFSITE_SITEPORT=443 */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SITEPORT: %v", fSitePort), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiKey: fApiKey, AllowInsecureConnections: true, diff --git a/pkg/core/ssl-deployer/providers/bunny-cdn/bunny_cdn.go b/pkg/core/ssl-deployer/providers/bunny-cdn/bunny_cdn.go new file mode 100644 index 00000000..a86803e4 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/bunny-cdn/bunny_cdn.go @@ -0,0 +1,81 @@ +package bunnycdn + +import ( + "context" + "encoding/base64" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + bunnysdk "github.com/certimate-go/certimate/pkg/sdk3rd/bunny" +) + +type SSLDeployerProviderConfig struct { + // Bunny API Key。 + ApiKey string `json:"apiKey"` + // Bunny Pull Zone ID。 + PullZoneId string `json:"pullZoneId"` + // Bunny CDN Hostname(支持泛域名)。 + Hostname string `json:"hostname"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *bunnysdk.Client +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ApiKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.PullZoneId == "" { + return nil, fmt.Errorf("config `pullZoneId` is required") + } + if d.config.Hostname == "" { + return nil, fmt.Errorf("config `hostname` is required") + } + + // 上传证书 + createCertificateReq := &bunnysdk.AddCustomCertificateRequest{ + Hostname: d.config.Hostname, + Certificate: base64.StdEncoding.EncodeToString([]byte(certPEM)), + CertificateKey: base64.StdEncoding.EncodeToString([]byte(privkeyPEM)), + } + err := d.sdkClient.AddCustomCertificate(d.config.PullZoneId, createCertificateReq) + d.logger.Debug("sdk request 'bunny.AddCustomCertificate'", slog.Any("request", createCertificateReq)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'bunny.AddCustomCertificate': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(apiKey string) (*bunnysdk.Client, error) { + return bunnysdk.NewClient(apiKey) +} diff --git a/internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn_test.go b/pkg/core/ssl-deployer/providers/bunny-cdn/bunny_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn_test.go rename to pkg/core/ssl-deployer/providers/bunny-cdn/bunny_cdn_test.go index 83fbb0f6..64cabc96 100644 --- a/internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/bunny-cdn/bunny_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/bunny-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/bunny-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BUNNYCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BUNNYCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./bunny_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_BUNNYCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BUNNYCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BUNNYCDN_APITOKEN="your-api-token" \ - --CERTIMATE_DEPLOYER_BUNNYCDN_PULLZONEID="your-pull-zone-id" \ - --CERTIMATE_DEPLOYER_BUNNYCDN_HOSTNAME="example.com" + --CERTIMATE_SSLDEPLOYER_BUNNYCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BUNNYCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BUNNYCDN_APITOKEN="your-api-token" \ + --CERTIMATE_SSLDEPLOYER_BUNNYCDN_PULLZONEID="your-pull-zone-id" \ + --CERTIMATE_SSLDEPLOYER_BUNNYCDN_HOSTNAME="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("HOSTNAME: %v", fHostName), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ApiKey: fApiKey, PullZoneId: fPullZoneId, Hostname: fHostName, diff --git a/internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn.go b/pkg/core/ssl-deployer/providers/byteplus-cdn/byteplus_cdn.go similarity index 72% rename from internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn.go rename to pkg/core/ssl-deployer/providers/byteplus-cdn/byteplus_cdn.go index a11bbaf7..b2c4dd5d 100644 --- a/internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn.go +++ b/pkg/core/ssl-deployer/providers/byteplus-cdn/byteplus_cdn.go @@ -9,12 +9,11 @@ import ( bpcdn "github.com/byteplus-sdk/byteplus-sdk-golang/service/cdn" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/byteplus-cdn" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/byteplus-cdn" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // BytePlus AccessKey。 AccessKey string `json:"accessKey"` // BytePlus SecretKey。 @@ -23,53 +22,53 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *bpcdn.CDN - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *bpcdn.CDN + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } client := bpcdn.NewInstance() client.Client.SetAccessKey(config.AccessKey) client.Client.SetSecretKey(config.SecretKey) - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKey: config.AccessKey, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CDN - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -141,5 +140,5 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } diff --git a/internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn_test.go b/pkg/core/ssl-deployer/providers/byteplus-cdn/byteplus_cdn_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn_test.go rename to pkg/core/ssl-deployer/providers/byteplus-cdn/byteplus_cdn_test.go index 34e657cb..72c8efff 100644 --- a/internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/byteplus-cdn/byteplus_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/byteplus-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/byteplus-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_BYTEPLUSCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_BYTEPLUSCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./byteplus_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_BYTEPLUSCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_BYTEPLUSCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_BYTEPLUSCDN_ACCESSKEY="your-access-key" \ - --CERTIMATE_DEPLOYER_BYTEPLUSCDN_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_BYTEPLUSCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_BYTEPLUSCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_BYTEPLUSCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_BYTEPLUSCDN_ACCESSKEY="your-access-key" \ + --CERTIMATE_SSLDEPLOYER_BYTEPLUSCDN_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_BYTEPLUSCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKey: fAccessKey, SecretKey: fSecretKey, Domain: fDomain, diff --git a/pkg/core/ssl-deployer/providers/cachefly/cachefly.go b/pkg/core/ssl-deployer/providers/cachefly/cachefly.go new file mode 100644 index 00000000..431385d4 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/cachefly/cachefly.go @@ -0,0 +1,70 @@ +package cachefly + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + cacheflysdk "github.com/certimate-go/certimate/pkg/sdk3rd/cachefly" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLDeployerProviderConfig struct { + // CacheFly API Token。 + ApiToken string `json:"apiToken"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *cacheflysdk.Client +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ApiToken) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + // REF: https://api.cachefly.com/api/2.5/docs#tag/Certificates/paths/~1certificates/post + createCertificateReq := &cacheflysdk.CreateCertificateRequest{ + Certificate: xtypes.ToPtr(certPEM), + CertificateKey: xtypes.ToPtr(privkeyPEM), + } + createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) + d.logger.Debug("sdk request 'cachefly.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cachefly.CreateCertificate': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(apiToken string) (*cacheflysdk.Client, error) { + return cacheflysdk.NewClient(apiToken) +} diff --git a/internal/pkg/core/deployer/providers/cachefly/cachefly_test.go b/pkg/core/ssl-deployer/providers/cachefly/cachefly_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/cachefly/cachefly_test.go rename to pkg/core/ssl-deployer/providers/cachefly/cachefly_test.go index 802d8b49..a0ef47a0 100644 --- a/internal/pkg/core/deployer/providers/cachefly/cachefly_test.go +++ b/pkg/core/ssl-deployer/providers/cachefly/cachefly_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/cachefly" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/cachefly" ) var ( @@ -18,7 +18,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_CACHEFLY_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_CACHEFLY_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -29,9 +29,9 @@ func init() { Shell command to run this test: go test -v ./cachefly_test.go -args \ - --CERTIMATE_DEPLOYER_CACHEFLY_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_CACHEFLY_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_CACHEFLY_APITOKEN="your-api-token" + --CERTIMATE_SSLDEPLOYER_CACHEFLY_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_CACHEFLY_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_CACHEFLY_APITOKEN="your-api-token" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -44,7 +44,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("APITOKEN: %v", fApiToken), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ApiToken: fApiToken, }) if err != nil { diff --git a/internal/pkg/core/deployer/providers/cdnfly/cdnfly.go b/pkg/core/ssl-deployer/providers/cdnfly/cdnfly.go similarity index 51% rename from internal/pkg/core/deployer/providers/cdnfly/cdnfly.go rename to pkg/core/ssl-deployer/providers/cdnfly/cdnfly.go index 25fb6a54..7c04873c 100644 --- a/internal/pkg/core/deployer/providers/cdnfly/cdnfly.go +++ b/pkg/core/ssl-deployer/providers/cdnfly/cdnfly.go @@ -7,14 +7,14 @@ import ( "errors" "fmt" "log/slog" - "net/url" "time" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - cfsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/cdnfly" + "github.com/certimate-go/certimate/pkg/core" + cdnflysdk "github.com/certimate-go/certimate/pkg/sdk3rd/cdnfly" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // Cdnfly 服务地址。 ServerUrl string `json:"serverUrl"` // Cdnfly 用户端 API Key。 @@ -33,41 +33,40 @@ type DeployerConfig struct { CertificateId string `json:"certificateId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger - sdkClient *cfsdk.Client + sdkClient *cdnflysdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ServerUrl, config.ApiKey, config.ApiSecret, config.AllowInsecureConnections) + client, err := createSDKClient(config.ServerUrl, config.ApiKey, config.ApiSecret, config.AllowInsecureConnections) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 根据部署资源类型决定部署方式 switch d.config.ResourceType { case RESOURCE_TYPE_SITE: @@ -84,37 +83,34 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToSite(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToSite(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.SiteId == "" { return errors.New("config `siteId` is required") } // 获取单个网站详情 // REF: https://doc.cdnfly.cn/wangzhanguanli-v1-sites.html#%E8%8E%B7%E5%8F%96%E5%8D%95%E4%B8%AA%E7%BD%91%E7%AB%99%E8%AF%A6%E6%83%85 - getSiteReq := &cfsdk.GetSiteRequest{ - Id: d.config.SiteId, - } - getSiteResp, err := d.sdkClient.GetSite(getSiteReq) - d.logger.Debug("sdk request 'cdnfly.GetSite'", slog.Any("request", getSiteReq), slog.Any("response", getSiteResp)) + getSiteResp, err := d.sdkClient.GetSite(d.config.SiteId) + d.logger.Debug("sdk request 'cdnfly.GetSite'", slog.Any("siteId", d.config.SiteId), slog.Any("response", getSiteResp)) if err != nil { return fmt.Errorf("failed to execute sdk request 'cdnfly.GetSite': %w", err) } // 添加单个证书 // REF: https://doc.cdnfly.cn/wangzhanzhengshu-v1-certs.html#%E6%B7%BB%E5%8A%A0%E5%8D%95%E4%B8%AA%E6%88%96%E5%A4%9A%E4%B8%AA%E8%AF%81%E4%B9%A6-%E5%A4%9A%E4%B8%AA%E8%AF%81%E4%B9%A6%E6%97%B6%E6%95%B0%E6%8D%AE%E6%A0%BC%E5%BC%8F%E4%B8%BA%E6%95%B0%E7%BB%84 - createCertificateReq := &cfsdk.CreateCertificateRequest{ - Name: fmt.Sprintf("certimate-%d", time.Now().UnixMilli()), - Type: "custom", - Cert: certPEM, - Key: privkeyPEM, + createCertificateReq := &cdnflysdk.CreateCertRequest{ + Name: xtypes.ToPtr(fmt.Sprintf("certimate-%d", time.Now().UnixMilli())), + Type: xtypes.ToPtr("custom"), + Cert: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), } - createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) - d.logger.Debug("sdk request 'cdnfly.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + createCertificateResp, err := d.sdkClient.CreateCert(createCertificateReq) + d.logger.Debug("sdk request 'cdnfly.CreateCert'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) if err != nil { - return fmt.Errorf("failed to execute sdk request 'cdnfly.CreateCertificate': %w", err) + return fmt.Errorf("failed to execute sdk request 'cdnfly.CreateCert': %w", err) } // 修改单个网站 @@ -123,13 +119,11 @@ func (d *DeployerProvider) deployToSite(ctx context.Context, certPEM string, pri _ = json.Unmarshal([]byte(getSiteResp.Data.HttpsListen), &updateSiteHttpsListenMap) updateSiteHttpsListenMap["cert"] = createCertificateResp.Data updateSiteHttpsListenData, _ := json.Marshal(updateSiteHttpsListenMap) - updateSiteHttpsListen := string(updateSiteHttpsListenData) - updateSiteReq := &cfsdk.UpdateSiteRequest{ - Id: d.config.SiteId, - HttpsListen: &updateSiteHttpsListen, + updateSiteReq := &cdnflysdk.UpdateSiteRequest{ + HttpsListen: xtypes.ToPtr(string(updateSiteHttpsListenData)), } - updateSiteResp, err := d.sdkClient.UpdateSite(updateSiteReq) - d.logger.Debug("sdk request 'cdnfly.UpdateSite'", slog.Any("request", updateSiteReq), slog.Any("response", updateSiteResp)) + updateSiteResp, err := d.sdkClient.UpdateSite(d.config.SiteId, updateSiteReq) + d.logger.Debug("sdk request 'cdnfly.UpdateSite'", slog.String("siteId", d.config.SiteId), slog.Any("request", updateSiteReq), slog.Any("response", updateSiteResp)) if err != nil { return fmt.Errorf("failed to execute sdk request 'cdnfly.UpdateSite': %w", err) } @@ -137,45 +131,35 @@ func (d *DeployerProvider) deployToSite(ctx context.Context, certPEM string, pri return nil } -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.CertificateId == "" { return errors.New("config `certificateId` is required") } // 修改单个证书 // REF: https://doc.cdnfly.cn/wangzhanzhengshu-v1-certs.html#%E4%BF%AE%E6%94%B9%E5%8D%95%E4%B8%AA%E8%AF%81%E4%B9%A6 - updateCertificateType := "custom" - updateCertificateReq := &cfsdk.UpdateCertificateRequest{ - Id: d.config.CertificateId, - Type: &updateCertificateType, - Cert: &certPEM, - Key: &privkeyPEM, + updateCertReq := &cdnflysdk.UpdateCertRequest{ + Type: xtypes.ToPtr("custom"), + Cert: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), } - updateCertificateResp, err := d.sdkClient.UpdateCertificate(updateCertificateReq) - d.logger.Debug("sdk request 'cdnfly.UpdateCertificate'", slog.Any("request", updateCertificateReq), slog.Any("response", updateCertificateResp)) + updateCertResp, err := d.sdkClient.UpdateCert(d.config.CertificateId, updateCertReq) + d.logger.Debug("sdk request 'cdnfly.UpdateCert'", slog.String("certId", d.config.CertificateId), slog.Any("request", updateCertReq), slog.Any("response", updateCertResp)) if err != nil { - return fmt.Errorf("failed to execute sdk request 'cdnfly.UpdateCertificate': %w", err) + return fmt.Errorf("failed to execute sdk request 'cdnfly.UpdateCert': %w", err) } return nil } -func createSdkClient(serverUrl, apiKey, apiSecret string, skipTlsVerify bool) (*cfsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid cachefly server url") +func createSDKClient(serverUrl, apiKey, apiSecret string, skipTlsVerify bool) (*cdnflysdk.Client, error) { + client, err := cdnflysdk.NewClient(serverUrl, apiKey, apiSecret) + if err != nil { + return nil, err } - if apiKey == "" { - return nil, errors.New("invalid cachefly api key") - } - - if apiSecret == "" { - return nil, errors.New("invalid cachefly api secret") - } - - client := cfsdk.NewClient(serverUrl, apiKey, apiSecret) if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) } return client, nil diff --git a/internal/pkg/core/deployer/providers/cdnfly/cdnfly_test.go b/pkg/core/ssl-deployer/providers/cdnfly/cdnfly_test.go similarity index 73% rename from internal/pkg/core/deployer/providers/cdnfly/cdnfly_test.go rename to pkg/core/ssl-deployer/providers/cdnfly/cdnfly_test.go index 73128183..ceaa68f5 100644 --- a/internal/pkg/core/deployer/providers/cdnfly/cdnfly_test.go +++ b/pkg/core/ssl-deployer/providers/cdnfly/cdnfly_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/cdnfly" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/cdnfly" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_CDNFLY_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_CDNFLY_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./cdnfly_test.go -args \ - --CERTIMATE_DEPLOYER_CDNFLY_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_CDNFLY_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_CDNFLY_SERVERURL="http://127.0.0.1:88" \ - --CERTIMATE_DEPLOYER_CDNFLY_APIKEY="your-api-key" \ - --CERTIMATE_DEPLOYER_CDNFLY_APISECRET="your-api-secret" \ - --CERTIMATE_DEPLOYER_CDNFLY_CERTIFICATEID="your-cert-id" + --CERTIMATE_SSLDEPLOYER_CDNFLY_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_CDNFLY_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_CDNFLY_SERVERURL="http://127.0.0.1:88" \ + --CERTIMATE_SSLDEPLOYER_CDNFLY_APIKEY="your-api-key" \ + --CERTIMATE_SSLDEPLOYER_CDNFLY_APISECRET="your-api-secret" \ + --CERTIMATE_SSLDEPLOYER_CDNFLY_CERTIFICATEID="your-cert-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("CERTIFICATEID: %v", fCertificateId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiKey: fApiKey, ApiSecret: fApiSecret, diff --git a/internal/pkg/core/deployer/providers/cdnfly/consts.go b/pkg/core/ssl-deployer/providers/cdnfly/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/cdnfly/consts.go rename to pkg/core/ssl-deployer/providers/cdnfly/consts.go diff --git a/pkg/core/ssl-deployer/providers/ctcccloud-ao/ctcccloud_ao.go b/pkg/core/ssl-deployer/providers/ctcccloud-ao/ctcccloud_ao.go new file mode 100644 index 00000000..7a78d41e --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ctcccloud-ao/ctcccloud_ao.go @@ -0,0 +1,111 @@ +package ctcccloudao + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-ao" + ctyunao "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/ao" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLDeployerProviderConfig struct { + // 天翼云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 天翼云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` + // 加速域名(支持泛域名)。 + Domain string `json:"domain"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *ctyunao.Client + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + SecretAccessKey: config.SecretAccessKey, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + // 域名基础及加速配置查询 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=113&api=13412&data=174&isNormal=1&vid=167 + getDomainConfigReq := &ctyunao.GetDomainConfigRequest{ + Domain: xtypes.ToPtr(d.config.Domain), + } + getDomainConfigResp, err := d.sdkClient.GetDomainConfig(getDomainConfigReq) + d.logger.Debug("sdk request 'cdn.GetDomainConfig'", slog.Any("request", getDomainConfigReq), slog.Any("response", getDomainConfigResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cdn.GetDomainConfig': %w", err) + } + + // 域名基础及加速配置修改 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=113&api=13413&data=174&isNormal=1&vid=167 + modifyDomainConfigReq := &ctyunao.ModifyDomainConfigRequest{ + Domain: xtypes.ToPtr(d.config.Domain), + ProductCode: xtypes.ToPtr(getDomainConfigResp.ReturnObj.ProductCode), + Origin: getDomainConfigResp.ReturnObj.Origin, + HttpsStatus: xtypes.ToPtr("on"), + CertName: xtypes.ToPtr(upres.CertName), + } + modifyDomainConfigResp, err := d.sdkClient.ModifyDomainConfig(modifyDomainConfigReq) + d.logger.Debug("sdk request 'cdn.ModifyDomainConfig'", slog.Any("request", modifyDomainConfigReq), slog.Any("response", modifyDomainConfigResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cdn.ModifyDomainConfig': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyunao.Client, error) { + return ctyunao.NewClient(accessKeyId, secretAccessKey) +} diff --git a/pkg/core/ssl-deployer/providers/ctcccloud-ao/ctcccloud_ao_test.go b/pkg/core/ssl-deployer/providers/ctcccloud-ao/ctcccloud_ao_test.go new file mode 100644 index 00000000..3fc1413f --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ctcccloud-ao/ctcccloud_ao_test.go @@ -0,0 +1,75 @@ +package ctcccloudao_test + +import ( + "context" + "flag" + "fmt" + "os" + "strings" + "testing" + + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-ao" +) + +var ( + fInputCertPath string + fInputKeyPath string + fAccessKeyId string + fSecretAccessKey string + fDomain string +) + +func init() { + argsPrefix := "CERTIMATE_SSLDEPLOYER_CTCCCLOUDAO_" + + flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") + flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") + flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") + flag.StringVar(&fSecretAccessKey, argsPrefix+"SECRETACCESSKEY", "", "") + flag.StringVar(&fDomain, argsPrefix+"DOMAIN", "", "") +} + +/* +Shell command to run this test: + + go test -v ./ctcccloud_ao_test.go -args \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDAO_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDAO_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDAO_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDAO_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDAO_DOMAIN="example.com" +*/ +func TestDeploy(t *testing.T) { + flag.Parse() + + t.Run("Deploy", func(t *testing.T) { + t.Log(strings.Join([]string{ + "args:", + fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), + fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), + fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), + fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), + fmt.Sprintf("DOMAIN: %v", fDomain), + }, "\n")) + + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ + AccessKeyId: fAccessKeyId, + SecretAccessKey: fSecretAccessKey, + Domain: fDomain, + }) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + fInputCertData, _ := os.ReadFile(fInputCertPath) + fInputKeyData, _ := os.ReadFile(fInputKeyPath) + res, err := deployer.Deploy(context.Background(), string(fInputCertData), string(fInputKeyData)) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + t.Logf("ok: %v", res) + }) +} diff --git a/pkg/core/ssl-deployer/providers/ctcccloud-cdn/ctcccloud_cdn.go b/pkg/core/ssl-deployer/providers/ctcccloud-cdn/ctcccloud_cdn.go new file mode 100644 index 00000000..dbe2dade --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ctcccloud-cdn/ctcccloud_cdn.go @@ -0,0 +1,109 @@ +package ctcccloudcdn + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-cdn" + ctyuncdn "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/cdn" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLDeployerProviderConfig struct { + // 天翼云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 天翼云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` + // 加速域名(支持泛域名)。 + Domain string `json:"domain"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *ctyuncdn.Client + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + SecretAccessKey: config.SecretAccessKey, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + // 查询域名配置信息 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=108&api=11304&data=161&isNormal=1&vid=154 + queryDomainDetailReq := &ctyuncdn.QueryDomainDetailRequest{ + Domain: xtypes.ToPtr(d.config.Domain), + } + queryDomainDetailResp, err := d.sdkClient.QueryDomainDetail(queryDomainDetailReq) + d.logger.Debug("sdk request 'cdn.QueryDomainDetail'", slog.Any("request", queryDomainDetailReq), slog.Any("response", queryDomainDetailResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cdn.QueryDomainDetail': %w", err) + } + + // 修改域名配置 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=108&api=11308&data=161&isNormal=1&vid=154 + updateDomainReq := &ctyuncdn.UpdateDomainRequest{ + Domain: xtypes.ToPtr(d.config.Domain), + HttpsStatus: xtypes.ToPtr("on"), + CertName: xtypes.ToPtr(upres.CertName), + } + updateDomainResp, err := d.sdkClient.UpdateDomain(updateDomainReq) + d.logger.Debug("sdk request 'cdn.UpdateDomain'", slog.Any("request", updateDomainReq), slog.Any("response", updateDomainResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cdn.UpdateDomain': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyuncdn.Client, error) { + return ctyuncdn.NewClient(accessKeyId, secretAccessKey) +} diff --git a/pkg/core/ssl-deployer/providers/ctcccloud-cdn/ctcccloud_cdn_test.go b/pkg/core/ssl-deployer/providers/ctcccloud-cdn/ctcccloud_cdn_test.go new file mode 100644 index 00000000..de706e60 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ctcccloud-cdn/ctcccloud_cdn_test.go @@ -0,0 +1,75 @@ +package ctcccloudcdn_test + +import ( + "context" + "flag" + "fmt" + "os" + "strings" + "testing" + + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-cdn" +) + +var ( + fInputCertPath string + fInputKeyPath string + fAccessKeyId string + fSecretAccessKey string + fDomain string +) + +func init() { + argsPrefix := "CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_" + + flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") + flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") + flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") + flag.StringVar(&fSecretAccessKey, argsPrefix+"SECRETACCESSKEY", "", "") + flag.StringVar(&fDomain, argsPrefix+"DOMAIN", "", "") +} + +/* +Shell command to run this test: + + go test -v ./ctcccloud_cdn_test.go -args \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_DOMAIN="example.com" +*/ +func TestDeploy(t *testing.T) { + flag.Parse() + + t.Run("Deploy", func(t *testing.T) { + t.Log(strings.Join([]string{ + "args:", + fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), + fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), + fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), + fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), + fmt.Sprintf("DOMAIN: %v", fDomain), + }, "\n")) + + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ + AccessKeyId: fAccessKeyId, + SecretAccessKey: fSecretAccessKey, + Domain: fDomain, + }) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + fInputCertData, _ := os.ReadFile(fInputCertPath) + fInputKeyData, _ := os.ReadFile(fInputKeyPath) + res, err := deployer.Deploy(context.Background(), string(fInputCertData), string(fInputKeyData)) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + t.Logf("ok: %v", res) + }) +} diff --git a/pkg/core/ssl-deployer/providers/ctcccloud-cms/ctcccloud_cms.go b/pkg/core/ssl-deployer/providers/ctcccloud-cms/ctcccloud_cms.go new file mode 100644 index 00000000..b7668620 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ctcccloud-cms/ctcccloud_cms.go @@ -0,0 +1,66 @@ +package ctcccloudcms + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-cms" +) + +type SSLDeployerProviderConfig struct { + // 天翼云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 天翼云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + SecretAccessKey: config.SecretAccessKey, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + return &core.SSLDeployResult{}, nil +} diff --git a/pkg/core/ssl-deployer/providers/ctcccloud-cms/ctcccloud_cms_test.go b/pkg/core/ssl-deployer/providers/ctcccloud-cms/ctcccloud_cms_test.go new file mode 100644 index 00000000..04b23422 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ctcccloud-cms/ctcccloud_cms_test.go @@ -0,0 +1,70 @@ +package ctcccloudcms_test + +import ( + "context" + "flag" + "fmt" + "os" + "strings" + "testing" + + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-cms" +) + +var ( + fInputCertPath string + fInputKeyPath string + fAccessKeyId string + fSecretAccessKey string +) + +func init() { + argsPrefix := "CERTIMATE_SSLDEPLOYER_CTCCCLOUDCMS_" + + flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") + flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") + flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") + flag.StringVar(&fSecretAccessKey, argsPrefix+"SECRETACCESSKEY", "", "") +} + +/* +Shell command to run this test: + + go test -v ./ctcccloud_cms_test.go -args \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCMS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCMS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCMS_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCMS_SECRETACCESSKEY="your-secret-access-key" +*/ +func TestDeploy(t *testing.T) { + flag.Parse() + + t.Run("Deploy", func(t *testing.T) { + t.Log(strings.Join([]string{ + "args:", + fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), + fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), + fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), + fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), + }, "\n")) + + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ + AccessKeyId: fAccessKeyId, + SecretAccessKey: fSecretAccessKey, + }) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + fInputCertData, _ := os.ReadFile(fInputCertPath) + fInputKeyData, _ := os.ReadFile(fInputKeyPath) + res, err := deployer.Deploy(context.Background(), string(fInputCertData), string(fInputKeyData)) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + t.Logf("ok: %v", res) + }) +} diff --git a/pkg/core/ssl-deployer/providers/ctcccloud-elb/consts.go b/pkg/core/ssl-deployer/providers/ctcccloud-elb/consts.go new file mode 100644 index 00000000..263e66ed --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ctcccloud-elb/consts.go @@ -0,0 +1,10 @@ +package ctcccloudelb + +type ResourceType string + +const ( + // 资源类型:部署到指定负载均衡器。 + RESOURCE_TYPE_LOADBALANCER = ResourceType("loadbalancer") + // 资源类型:部署到指定监听器。 + RESOURCE_TYPE_LISTENER = ResourceType("listener") +) diff --git a/pkg/core/ssl-deployer/providers/ctcccloud-elb/ctcccloud_elb.go b/pkg/core/ssl-deployer/providers/ctcccloud-elb/ctcccloud_elb.go new file mode 100644 index 00000000..6e4375e5 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ctcccloud-elb/ctcccloud_elb.go @@ -0,0 +1,197 @@ +package ctcccloudelb + +import ( + "context" + "errors" + "fmt" + "log/slog" + "strings" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-elb" + ctyunelb "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/elb" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLDeployerProviderConfig struct { + // 天翼云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 天翼云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` + // 天翼云资源池 ID。 + RegionId string `json:"regionId"` + // 部署资源类型。 + ResourceType ResourceType `json:"resourceType"` + // 负载均衡实例 ID。 + // 部署资源类型为 [RESOURCE_TYPE_LOADBALANCER] 时必填。 + LoadbalancerId string `json:"loadbalancerId,omitempty"` + // 负载均衡监听器 ID。 + // 部署资源类型为 [RESOURCE_TYPE_LISTENER] 时必填。 + ListenerId string `json:"listenerId,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *ctyunelb.Client + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + SecretAccessKey: config.SecretAccessKey, + RegionId: config.RegionId, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + // 根据部署资源类型决定部署方式 + switch d.config.ResourceType { + case RESOURCE_TYPE_LOADBALANCER: + if err := d.deployToLoadbalancer(ctx, upres.CertId); err != nil { + return nil, err + } + + case RESOURCE_TYPE_LISTENER: + if err := d.deployToListener(ctx, upres.CertId); err != nil { + return nil, err + } + + default: + return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) + } + + return &core.SSLDeployResult{}, nil +} + +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { + if d.config.LoadbalancerId == "" { + return errors.New("config `loadbalancerId` is required") + } + + // 查询监听列表 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=24&api=5654&data=88&isNormal=1&vid=82 + listenerIds := make([]string, 0) + for { + select { + case <-ctx.Done(): + return ctx.Err() + default: + } + + listListenersReq := &ctyunelb.ListListenersRequest{ + RegionID: xtypes.ToPtr(d.config.RegionId), + LoadBalancerID: xtypes.ToPtr(d.config.LoadbalancerId), + } + listListenersResp, err := d.sdkClient.ListListeners(listListenersReq) + d.logger.Debug("sdk request 'elb.ListListeners'", slog.Any("request", listListenersReq), slog.Any("response", listListenersResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request 'elb.ListListeners': %w", err) + } + + for _, listener := range listListenersResp.ReturnObj { + if strings.EqualFold(listener.Protocol, "HTTPS") { + listenerIds = append(listenerIds, listener.ID) + } + } + + break + } + + // 遍历更新监听证书 + if len(listenerIds) == 0 { + d.logger.Info("no elb listeners to deploy") + } else { + d.logger.Info("found https listeners to deploy", slog.Any("listenerIds", listenerIds)) + var errs []error + + for _, listenerId := range listenerIds { + select { + case <-ctx.Done(): + return ctx.Err() + default: + if err := d.updateListenerCertificate(ctx, listenerId, cloudCertId); err != nil { + errs = append(errs, err) + } + } + } + + if len(errs) > 0 { + return errors.Join(errs...) + } + } + + return nil +} + +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { + if d.config.ListenerId == "" { + return errors.New("config `listenerId` is required") + } + + // 更新监听 + if err := d.updateListenerCertificate(ctx, d.config.ListenerId, cloudCertId); err != nil { + return err + } + + return nil +} + +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { + // 更新监听器 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=24&api=5652&data=88&isNormal=1&vid=82 + setLoadBalancerHTTPSListenerAttributeReq := &ctyunelb.UpdateListenerRequest{ + RegionID: xtypes.ToPtr(d.config.RegionId), + ListenerID: xtypes.ToPtr(cloudListenerId), + CertificateID: xtypes.ToPtr(cloudCertId), + } + setLoadBalancerHTTPSListenerAttributeResp, err := d.sdkClient.UpdateListener(setLoadBalancerHTTPSListenerAttributeReq) + d.logger.Debug("sdk request 'elb.UpdateListener'", slog.Any("request", setLoadBalancerHTTPSListenerAttributeReq), slog.Any("response", setLoadBalancerHTTPSListenerAttributeResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request 'elb.UpdateListener': %w", err) + } + + return nil +} + +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyunelb.Client, error) { + return ctyunelb.NewClient(accessKeyId, secretAccessKey) +} diff --git a/pkg/core/ssl-deployer/providers/ctcccloud-elb/ctcccloud_elb_test.go b/pkg/core/ssl-deployer/providers/ctcccloud-elb/ctcccloud_elb_test.go new file mode 100644 index 00000000..09c9384a --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ctcccloud-elb/ctcccloud_elb_test.go @@ -0,0 +1,118 @@ +package ctcccloudelb_test + +import ( + "context" + "flag" + "fmt" + "os" + "strings" + "testing" + + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-elb" +) + +var ( + fInputCertPath string + fInputKeyPath string + fAccessKeyId string + fSecretAccessKey string + fRegionId string + fLoadbalancerId string + fListenerId string +) + +func init() { + argsPrefix := "CERTIMATE_SSLDEPLOYER_CTCCCLOUDELB_" + + flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") + flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") + flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") + flag.StringVar(&fSecretAccessKey, argsPrefix+"SECRETACCESSKEY", "", "") + flag.StringVar(&fRegionId, argsPrefix+"REGIONID", "", "") + flag.StringVar(&fLoadbalancerId, argsPrefix+"LOADBALANCERID", "", "") + flag.StringVar(&fListenerId, argsPrefix+"LISTENERID", "", "") +} + +/* +Shell command to run this test: + + go test -v ./ctcccloud_elb_test.go -args \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDELB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDELB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDELB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDELB_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDELB_REGIONID="your-region-id" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDELB_LOADBALANCERID="your-elb-instance-id" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDELB_LISTENERID="your-elb-listener-id" +*/ +func TestDeploy(t *testing.T) { + flag.Parse() + + t.Run("Deploy_ToLoadbalancer", func(t *testing.T) { + t.Log(strings.Join([]string{ + "args:", + fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), + fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), + fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), + fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), + fmt.Sprintf("REGIONID: %v", fRegionId), + fmt.Sprintf("LOADBALANCERID: %v", fLoadbalancerId), + }, "\n")) + + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ + AccessKeyId: fAccessKeyId, + SecretAccessKey: fSecretAccessKey, + RegionId: fRegionId, + ResourceType: provider.RESOURCE_TYPE_LOADBALANCER, + LoadbalancerId: fLoadbalancerId, + }) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + fInputCertData, _ := os.ReadFile(fInputCertPath) + fInputKeyData, _ := os.ReadFile(fInputKeyPath) + res, err := deployer.Deploy(context.Background(), string(fInputCertData), string(fInputKeyData)) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + t.Logf("ok: %v", res) + }) + + t.Run("Deploy_ToListener", func(t *testing.T) { + t.Log(strings.Join([]string{ + "args:", + fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), + fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), + fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), + fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), + fmt.Sprintf("REGIONID: %v", fRegionId), + fmt.Sprintf("LISTENERID: %v", fListenerId), + }, "\n")) + + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ + AccessKeyId: fAccessKeyId, + SecretAccessKey: fSecretAccessKey, + RegionId: fRegionId, + ResourceType: provider.RESOURCE_TYPE_LISTENER, + ListenerId: fListenerId, + }) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + fInputCertData, _ := os.ReadFile(fInputCertPath) + fInputKeyData, _ := os.ReadFile(fInputKeyPath) + res, err := deployer.Deploy(context.Background(), string(fInputCertData), string(fInputKeyData)) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + t.Logf("ok: %v", res) + }) +} diff --git a/pkg/core/ssl-deployer/providers/ctcccloud-icdn/ctcccloud_icdn.go b/pkg/core/ssl-deployer/providers/ctcccloud-icdn/ctcccloud_icdn.go new file mode 100644 index 00000000..22f4d27b --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ctcccloud-icdn/ctcccloud_icdn.go @@ -0,0 +1,109 @@ +package ctcccloudicdn + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-icdn" + ctyunicdn "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/icdn" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLDeployerProviderConfig struct { + // 天翼云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 天翼云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` + // 加速域名(支持泛域名)。 + Domain string `json:"domain"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *ctyunicdn.Client + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + SecretAccessKey: config.SecretAccessKey, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + // 查询域名配置信息 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=112&api=10849&data=173&isNormal=1&vid=166 + queryDomainDetailReq := &ctyunicdn.QueryDomainDetailRequest{ + Domain: xtypes.ToPtr(d.config.Domain), + } + queryDomainDetailResp, err := d.sdkClient.QueryDomainDetail(queryDomainDetailReq) + d.logger.Debug("sdk request 'icdn.QueryDomainDetail'", slog.Any("request", queryDomainDetailReq), slog.Any("response", queryDomainDetailResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'icdn.QueryDomainDetail': %w", err) + } + + // 修改域名配置 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=112&api=10853&data=173&isNormal=1&vid=166 + updateDomainReq := &ctyunicdn.UpdateDomainRequest{ + Domain: xtypes.ToPtr(d.config.Domain), + HttpsStatus: xtypes.ToPtr("on"), + CertName: xtypes.ToPtr(upres.CertName), + } + updateDomainResp, err := d.sdkClient.UpdateDomain(updateDomainReq) + d.logger.Debug("sdk request 'icdn.UpdateDomain'", slog.Any("request", updateDomainReq), slog.Any("response", updateDomainResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'icdn.UpdateDomain': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyunicdn.Client, error) { + return ctyunicdn.NewClient(accessKeyId, secretAccessKey) +} diff --git a/pkg/core/ssl-deployer/providers/ctcccloud-icdn/ctcccloud_icdn_test.go b/pkg/core/ssl-deployer/providers/ctcccloud-icdn/ctcccloud_icdn_test.go new file mode 100644 index 00000000..8c7665df --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ctcccloud-icdn/ctcccloud_icdn_test.go @@ -0,0 +1,75 @@ +package ctcccloudicdn_test + +import ( + "context" + "flag" + "fmt" + "os" + "strings" + "testing" + + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-icdn" +) + +var ( + fInputCertPath string + fInputKeyPath string + fAccessKeyId string + fSecretAccessKey string + fDomain string +) + +func init() { + argsPrefix := "CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_" + + flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") + flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") + flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") + flag.StringVar(&fSecretAccessKey, argsPrefix+"SECRETACCESSKEY", "", "") + flag.StringVar(&fDomain, argsPrefix+"DOMAIN", "", "") +} + +/* +Shell command to run this test: + + go test -v ./ctcccloud_cdn_test.go -args \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDCDN_DOMAIN="example.com" +*/ +func TestDeploy(t *testing.T) { + flag.Parse() + + t.Run("Deploy", func(t *testing.T) { + t.Log(strings.Join([]string{ + "args:", + fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), + fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), + fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), + fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), + fmt.Sprintf("DOMAIN: %v", fDomain), + }, "\n")) + + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ + AccessKeyId: fAccessKeyId, + SecretAccessKey: fSecretAccessKey, + Domain: fDomain, + }) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + fInputCertData, _ := os.ReadFile(fInputCertPath) + fInputKeyData, _ := os.ReadFile(fInputKeyPath) + res, err := deployer.Deploy(context.Background(), string(fInputCertData), string(fInputKeyData)) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + t.Logf("ok: %v", res) + }) +} diff --git a/pkg/core/ssl-deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn.go b/pkg/core/ssl-deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn.go new file mode 100644 index 00000000..47228dde --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn.go @@ -0,0 +1,111 @@ +package ctcccloudlvdn + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-lvdn" + ctyunlvdn "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/lvdn" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLDeployerProviderConfig struct { + // 天翼云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 天翼云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` + // 加速域名(不支持泛域名)。 + Domain string `json:"domain"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *ctyunlvdn.Client + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + SecretAccessKey: config.SecretAccessKey, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + // 查询域名配置信息 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=125&api=11473&data=183&isNormal=1&vid=261 + queryDomainDetailReq := &ctyunlvdn.QueryDomainDetailRequest{ + Domain: xtypes.ToPtr(d.config.Domain), + ProductCode: xtypes.ToPtr("005"), + } + queryDomainDetailResp, err := d.sdkClient.QueryDomainDetail(queryDomainDetailReq) + d.logger.Debug("sdk request 'lvdn.QueryDomainDetail'", slog.Any("request", queryDomainDetailReq), slog.Any("response", queryDomainDetailResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'lvdn.QueryDomainDetail': %w", err) + } + + // 修改域名配置 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=108&api=11308&data=161&isNormal=1&vid=154 + updateDomainReq := &ctyunlvdn.UpdateDomainRequest{ + Domain: xtypes.ToPtr(d.config.Domain), + ProductCode: xtypes.ToPtr("005"), + HttpsSwitch: xtypes.ToPtr(int32(1)), + CertName: xtypes.ToPtr(upres.CertName), + } + updateDomainResp, err := d.sdkClient.UpdateDomain(updateDomainReq) + d.logger.Debug("sdk request 'lvdn.UpdateDomain'", slog.Any("request", updateDomainReq), slog.Any("response", updateDomainResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'lvdn.UpdateDomain': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyunlvdn.Client, error) { + return ctyunlvdn.NewClient(accessKeyId, secretAccessKey) +} diff --git a/pkg/core/ssl-deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go b/pkg/core/ssl-deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go new file mode 100644 index 00000000..0dcab6d5 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go @@ -0,0 +1,75 @@ +package ctcccloudlvdn_test + +import ( + "context" + "flag" + "fmt" + "os" + "strings" + "testing" + + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ctcccloud-lvdn" +) + +var ( + fInputCertPath string + fInputKeyPath string + fAccessKeyId string + fSecretAccessKey string + fDomain string +) + +func init() { + argsPrefix := "CERTIMATE_SSLDEPLOYER_CTCCCLOUDLVDN_" + + flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") + flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") + flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") + flag.StringVar(&fSecretAccessKey, argsPrefix+"SECRETACCESSKEY", "", "") + flag.StringVar(&fDomain, argsPrefix+"DOMAIN", "", "") +} + +/* +Shell command to run this test: + + go test -v ./ctcccloud_lvdn_test.go -args \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDLVDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDLVDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDLVDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDLVDN_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_CTCCCLOUDLVDN_DOMAIN="example.com" +*/ +func TestDeploy(t *testing.T) { + flag.Parse() + + t.Run("Deploy", func(t *testing.T) { + t.Log(strings.Join([]string{ + "args:", + fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), + fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), + fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), + fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), + fmt.Sprintf("DOMAIN: %v", fDomain), + }, "\n")) + + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ + AccessKeyId: fAccessKeyId, + SecretAccessKey: fSecretAccessKey, + Domain: fDomain, + }) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + fInputCertData, _ := os.ReadFile(fInputCertPath) + fInputKeyData, _ := os.ReadFile(fInputKeyPath) + res, err := deployer.Deploy(context.Background(), string(fInputCertData), string(fInputKeyData)) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + t.Logf("ok: %v", res) + }) +} diff --git a/pkg/core/ssl-deployer/providers/dogecloud-cdn/dogecloud_cdn.go b/pkg/core/ssl-deployer/providers/dogecloud-cdn/dogecloud_cdn.go new file mode 100644 index 00000000..4681f2a3 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/dogecloud-cdn/dogecloud_cdn.go @@ -0,0 +1,100 @@ +package dogecloudcdn + +import ( + "context" + "errors" + "fmt" + "log/slog" + "strconv" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/dogecloud" + dogesdk "github.com/certimate-go/certimate/pkg/sdk3rd/dogecloud" +) + +type SSLDeployerProviderConfig struct { + // 多吉云 AccessKey。 + AccessKey string `json:"accessKey"` + // 多吉云 SecretKey。 + SecretKey string `json:"secretKey"` + // 加速域名(不支持泛域名)。 + Domain string `json:"domain"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *dogesdk.Client + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.AccessKey, config.SecretKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKey: config.AccessKey, + SecretKey: config.SecretKey, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, fmt.Errorf("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + // 绑定证书 + // REF: https://docs.dogecloud.com/cdn/api-cert-bind + bindCdnCertId, _ := strconv.ParseInt(upres.CertId, 10, 64) + bindCdnCertReq := &dogesdk.BindCdnCertRequest{ + CertId: bindCdnCertId, + Domain: d.config.Domain, + } + bindCdnCertResp, err := d.sdkClient.BindCdnCert(bindCdnCertReq) + d.logger.Debug("sdk request 'cdn.BindCdnCert'", slog.Any("request", bindCdnCertReq), slog.Any("response", bindCdnCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cdn.BindCdnCert': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(accessKey, secretKey string) (*dogesdk.Client, error) { + return dogesdk.NewClient(accessKey, secretKey) +} diff --git a/internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn_test.go b/pkg/core/ssl-deployer/providers/dogecloud-cdn/dogecloud_cdn_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn_test.go rename to pkg/core/ssl-deployer/providers/dogecloud-cdn/dogecloud_cdn_test.go index b2484b0b..0ec9377f 100644 --- a/internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/dogecloud-cdn/dogecloud_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/dogecloud-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/dogecloud-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_DOGECLOUDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_DOGECLOUDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./dogecloud_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_DOGECLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_DOGECLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_DOGECLOUDCDN_ACCESSKEY="your-access-key" \ - --CERTIMATE_DEPLOYER_DOGECLOUDCDN_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_DOGECLOUDCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_DOGECLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_DOGECLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_DOGECLOUDCDN_ACCESSKEY="your-access-key" \ + --CERTIMATE_SSLDEPLOYER_DOGECLOUDCDN_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_DOGECLOUDCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKey: fAccessKey, SecretKey: fSecretKey, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/edgio-applications/edgio_applications.go b/pkg/core/ssl-deployer/providers/edgio-applications/edgio_applications.go similarity index 60% rename from internal/pkg/core/deployer/providers/edgio-applications/edgio_applications.go rename to pkg/core/ssl-deployer/providers/edgio-applications/edgio_applications.go index a4a60c98..9fb9ce6e 100644 --- a/internal/pkg/core/deployer/providers/edgio-applications/edgio_applications.go +++ b/pkg/core/ssl-deployer/providers/edgio-applications/edgio_applications.go @@ -2,17 +2,18 @@ package edgioapplications import ( "context" + "errors" "fmt" "log/slog" edgio "github.com/Edgio/edgio-api/applications/v7" edgiodtos "github.com/Edgio/edgio-api/applications/v7/dtos" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // Edgio ClientId。 ClientId string `json:"clientId"` // Edgio ClientSecret。 @@ -21,43 +22,42 @@ type DeployerConfig struct { EnvironmentId string `json:"environmentId"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *edgio.EdgioClient } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ClientId, config.ClientSecret) + client, err := createSDKClient(config.ClientId, config.ClientSecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 提取服务器证书和中间证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -76,10 +76,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'edgio.UploadTlsCert': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(clientId, clientSecret string) (*edgio.EdgioClient, error) { +func createSDKClient(clientId, clientSecret string) (*edgio.EdgioClient, error) { client := edgio.NewEdgioClient(clientId, clientSecret, "", "") return client, nil } diff --git a/internal/pkg/core/deployer/providers/edgio-applications/edgio_applications_test.go b/pkg/core/ssl-deployer/providers/edgio-applications/edgio_applications_test.go similarity index 69% rename from internal/pkg/core/deployer/providers/edgio-applications/edgio_applications_test.go rename to pkg/core/ssl-deployer/providers/edgio-applications/edgio_applications_test.go index 23f9c56e..26873d22 100644 --- a/internal/pkg/core/deployer/providers/edgio-applications/edgio_applications_test.go +++ b/pkg/core/ssl-deployer/providers/edgio-applications/edgio_applications_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/edgio-applications" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/edgio-applications" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_EDGIOAPPLICATIONS_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_EDGIOAPPLICATIONS_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./edgio_applications_test.go -args \ - --CERTIMATE_DEPLOYER_EDGIOAPPLICATIONS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_EDGIOAPPLICATIONS_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_EDGIOAPPLICATIONS_CLIENTID="your-client-id" \ - --CERTIMATE_DEPLOYER_EDGIOAPPLICATIONS_CLIENTSECRET="your-client-secret" \ - --CERTIMATE_DEPLOYER_EDGIOAPPLICATIONS_ENVIRONMENTID="your-enviroment-id" + --CERTIMATE_SSLDEPLOYER_EDGIOAPPLICATIONS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_EDGIOAPPLICATIONS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_EDGIOAPPLICATIONS_CLIENTID="your-client-id" \ + --CERTIMATE_SSLDEPLOYER_EDGIOAPPLICATIONS_CLIENTSECRET="your-client-secret" \ + --CERTIMATE_SSLDEPLOYER_EDGIOAPPLICATIONS_ENVIRONMENTID="your-enviroment-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("ENVIRONMENTID: %v", fEnvironmentId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ClientId: fClientId, ClientSecret: fClientSecret, EnvironmentId: fEnvironmentId, diff --git a/internal/pkg/core/deployer/providers/flexcdn/consts.go b/pkg/core/ssl-deployer/providers/flexcdn/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/flexcdn/consts.go rename to pkg/core/ssl-deployer/providers/flexcdn/consts.go diff --git a/internal/pkg/core/deployer/providers/flexcdn/flexcdn.go b/pkg/core/ssl-deployer/providers/flexcdn/flexcdn.go similarity index 62% rename from internal/pkg/core/deployer/providers/flexcdn/flexcdn.go rename to pkg/core/ssl-deployer/providers/flexcdn/flexcdn.go index 3c957071..7aa20024 100644 --- a/internal/pkg/core/deployer/providers/flexcdn/flexcdn.go +++ b/pkg/core/ssl-deployer/providers/flexcdn/flexcdn.go @@ -7,15 +7,14 @@ import ( "errors" "fmt" "log/slog" - "net/url" "time" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - flexcdnsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/flexcdn" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + flexcdnsdk "github.com/certimate-go/certimate/pkg/sdk3rd/flexcdn" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // FlexCDN 服务地址。 ServerUrl string `json:"serverUrl"` // FlexCDN 用户角色。 @@ -34,41 +33,40 @@ type DeployerConfig struct { CertificateId int64 `json:"certificateId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *flexcdnsdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ServerUrl, config.ApiRole, config.AccessKeyId, config.AccessKey, config.AllowInsecureConnections) + client, err := createSDKClient(config.ServerUrl, config.ApiRole, config.AccessKeyId, config.AccessKey, config.AllowInsecureConnections) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 根据部署资源类型决定部署方式 switch d.config.ResourceType { case RESOURCE_TYPE_CERTIFICATE: @@ -80,16 +78,16 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.CertificateId == 0 { return errors.New("config `certificateId` is required") } // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return err } @@ -119,26 +117,14 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri return nil } -func createSdkClient(serverUrl, apiRole, accessKeyId, accessKey string, skipTlsVerify bool) (*flexcdnsdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid flexcdn server url") +func createSDKClient(serverUrl, apiRole, accessKeyId, accessKey string, skipTlsVerify bool) (*flexcdnsdk.Client, error) { + client, err := flexcdnsdk.NewClient(serverUrl, apiRole, accessKeyId, accessKey) + if err != nil { + return nil, err } - if apiRole != "user" && apiRole != "admin" { - return nil, errors.New("invalid flexcdn api role") - } - - if accessKeyId == "" { - return nil, errors.New("invalid flexcdn access key id") - } - - if accessKey == "" { - return nil, errors.New("invalid flexcdn access key") - } - - client := flexcdnsdk.NewClient(serverUrl, apiRole, accessKeyId, accessKey) if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) } return client, nil diff --git a/internal/pkg/core/deployer/providers/flexcdn/flexcdn_test.go b/pkg/core/ssl-deployer/providers/flexcdn/flexcdn_test.go similarity index 73% rename from internal/pkg/core/deployer/providers/flexcdn/flexcdn_test.go rename to pkg/core/ssl-deployer/providers/flexcdn/flexcdn_test.go index 6725140a..32ee801c 100644 --- a/internal/pkg/core/deployer/providers/flexcdn/flexcdn_test.go +++ b/pkg/core/ssl-deployer/providers/flexcdn/flexcdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/flexcdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/flexcdn" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_FLEXCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_FLEXCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./flexcdn_test.go -args \ - --CERTIMATE_DEPLOYER_FLEXCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_FLEXCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_FLEXCDN_SERVERURL="http://127.0.0.1:7788" \ - --CERTIMATE_DEPLOYER_FLEXCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_FLEXCDN_ACCESSKEY="your-access-key" \ - --CERTIMATE_DEPLOYER_FLEXCDN_CERTIFICATEID="your-cerficiate-id" + --CERTIMATE_SSLDEPLOYER_FLEXCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_FLEXCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_FLEXCDN_SERVERURL="http://127.0.0.1:7788" \ + --CERTIMATE_SSLDEPLOYER_FLEXCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_FLEXCDN_ACCESSKEY="your-access-key" \ + --CERTIMATE_SSLDEPLOYER_FLEXCDN_CERTIFICATEID="your-cerficiate-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("CERTIFICATEID: %v", fCertificateId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiRole: "user", AccessKeyId: fAccessKeyId, diff --git a/internal/pkg/core/deployer/providers/gcore-cdn/gcore_cdn.go b/pkg/core/ssl-deployer/providers/gcore-cdn/gcore_cdn.go similarity index 75% rename from internal/pkg/core/deployer/providers/gcore-cdn/gcore_cdn.go rename to pkg/core/ssl-deployer/providers/gcore-cdn/gcore_cdn.go index 0d652df9..a64242df 100644 --- a/internal/pkg/core/deployer/providers/gcore-cdn/gcore_cdn.go +++ b/pkg/core/ssl-deployer/providers/gcore-cdn/gcore_cdn.go @@ -12,13 +12,12 @@ import ( "github.com/G-Core/gcorelabscdn-go/resources" "github.com/G-Core/gcorelabscdn-go/sslcerts" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/gcore-cdn" - gcoresdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/gcore/common" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/gcore-cdn" + gcoresdk "github.com/certimate-go/certimate/pkg/sdk3rd/gcore" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // Gcore API Token。 ApiToken string `json:"apiToken"` // CDN 资源 ID。 @@ -28,56 +27,56 @@ type DeployerConfig struct { CertificateId int64 `json:"certificateId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClients *wSdkClients - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClients *wSDKClients + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -type wSdkClients struct { +type wSDKClients struct { Resources *resources.Service SSLCerts *sslcerts.Service } -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - clients, err := createSdkClients(config.ApiToken) + clients, err := createSDKClients(config.ApiToken) if err != nil { - return nil, fmt.Errorf("failed to create sdk clients: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ ApiToken: config.ApiToken, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClients: clients, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClients: clients, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.ResourceId == 0 { return nil, errors.New("config `resourceId` is required") } @@ -85,8 +84,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 如果原证书 ID 为空,则创建证书;否则更新证书。 var cloudCertId int64 if d.config.CertificateId == 0 { - // 上传证书到 CDN - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -153,10 +152,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'resources.Update': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClients(apiToken string) (*wSdkClients, error) { +func createSDKClients(apiToken string) (*wSDKClients, error) { if apiToken == "" { return nil, errors.New("invalid gcore api token") } @@ -167,7 +166,7 @@ func createSdkClients(apiToken string) (*wSdkClients, error) { ) resourcesSrv := resources.NewService(requester) sslCertsSrv := sslcerts.NewService(requester) - return &wSdkClients{ + return &wSDKClients{ Resources: resourcesSrv, SSLCerts: sslCertsSrv, }, nil diff --git a/internal/pkg/core/deployer/providers/gcore-cdn/gcore_cdn_test.go b/pkg/core/ssl-deployer/providers/gcore-cdn/gcore_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/gcore-cdn/gcore_cdn_test.go rename to pkg/core/ssl-deployer/providers/gcore-cdn/gcore_cdn_test.go index 808d724d..11852ced 100644 --- a/internal/pkg/core/deployer/providers/gcore-cdn/gcore_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/gcore-cdn/gcore_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/gcore-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/gcore-cdn" ) var ( @@ -19,7 +19,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_GCORECDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_GCORECDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -31,10 +31,10 @@ func init() { Shell command to run this test: go test -v ./gcore_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_GCORECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_GCORECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_GCORECDN_APITOKEN="your-api-token" \ - --CERTIMATE_DEPLOYER_GCORECDN_RESOURCEID="your-cdn-resource-id" + --CERTIMATE_SSLDEPLOYER_GCORECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_GCORECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_GCORECDN_APITOKEN="your-api-token" \ + --CERTIMATE_SSLDEPLOYER_GCORECDN_RESOURCEID="your-cdn-resource-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -48,7 +48,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("RESOURCEID: %v", fResourceId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ApiToken: fApiToken, ResourceId: fResourceId, }) diff --git a/internal/pkg/core/deployer/providers/goedge/consts.go b/pkg/core/ssl-deployer/providers/goedge/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/goedge/consts.go rename to pkg/core/ssl-deployer/providers/goedge/consts.go diff --git a/internal/pkg/core/deployer/providers/goedge/goedge.go b/pkg/core/ssl-deployer/providers/goedge/goedge.go similarity index 62% rename from internal/pkg/core/deployer/providers/goedge/goedge.go rename to pkg/core/ssl-deployer/providers/goedge/goedge.go index 0b7ff2b5..918d850a 100644 --- a/internal/pkg/core/deployer/providers/goedge/goedge.go +++ b/pkg/core/ssl-deployer/providers/goedge/goedge.go @@ -7,15 +7,14 @@ import ( "errors" "fmt" "log/slog" - "net/url" "time" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - goedgesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/goedge" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + goedgesdk "github.com/certimate-go/certimate/pkg/sdk3rd/goedge" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // GoEdge 服务地址。 ServerUrl string `json:"serverUrl"` // GoEdge 用户角色。 @@ -34,41 +33,40 @@ type DeployerConfig struct { CertificateId int64 `json:"certificateId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *goedgesdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ServerUrl, config.ApiRole, config.AccessKeyId, config.AccessKey, config.AllowInsecureConnections) + client, err := createSDKClient(config.ServerUrl, config.ApiRole, config.AccessKeyId, config.AccessKey, config.AllowInsecureConnections) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 根据部署资源类型决定部署方式 switch d.config.ResourceType { case RESOURCE_TYPE_CERTIFICATE: @@ -80,16 +78,16 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.CertificateId == 0 { return errors.New("config `certificateId` is required") } // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return err } @@ -119,26 +117,14 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri return nil } -func createSdkClient(serverUrl, apiRole, accessKeyId, accessKey string, skipTlsVerify bool) (*goedgesdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid goedge server url") +func createSDKClient(serverUrl, apiRole, accessKeyId, accessKey string, skipTlsVerify bool) (*goedgesdk.Client, error) { + client, err := goedgesdk.NewClient(serverUrl, apiRole, accessKeyId, accessKey) + if err != nil { + return nil, err } - if apiRole != "user" && apiRole != "admin" { - return nil, errors.New("invalid goedge api role") - } - - if accessKeyId == "" { - return nil, errors.New("invalid goedge access key id") - } - - if accessKey == "" { - return nil, errors.New("invalid goedge access key") - } - - client := goedgesdk.NewClient(serverUrl, apiRole, accessKeyId, accessKey) if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) } return client, nil diff --git a/internal/pkg/core/deployer/providers/goedge/goedge_test.go b/pkg/core/ssl-deployer/providers/goedge/goedge_test.go similarity index 74% rename from internal/pkg/core/deployer/providers/goedge/goedge_test.go rename to pkg/core/ssl-deployer/providers/goedge/goedge_test.go index ae03db1d..757527cb 100644 --- a/internal/pkg/core/deployer/providers/goedge/goedge_test.go +++ b/pkg/core/ssl-deployer/providers/goedge/goedge_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/goedge" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/goedge" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_GOEDGE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_GOEDGE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./goedge_test.go -args \ - --CERTIMATE_DEPLOYER_GOEDGE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_GOEDGE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_GOEDGE_SERVERURL="http://127.0.0.1:7788" \ - --CERTIMATE_DEPLOYER_GOEDGE_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_GOEDGE_ACCESSKEY="your-access-key" \ - --CERTIMATE_DEPLOYER_GOEDGE_CERTIFICATEID="your-cerficiate-id" + --CERTIMATE_SSLDEPLOYER_GOEDGE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_GOEDGE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_GOEDGE_SERVERURL="http://127.0.0.1:7788" \ + --CERTIMATE_SSLDEPLOYER_GOEDGE_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_GOEDGE_ACCESSKEY="your-access-key" \ + --CERTIMATE_SSLDEPLOYER_GOEDGE_CERTIFICATEID="your-cerficiate-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("CERTIFICATEID: %v", fCertificateId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiRole: "user", AccessKeyId: fAccessKeyId, diff --git a/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go b/pkg/core/ssl-deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go similarity index 69% rename from internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go rename to pkg/core/ssl-deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go index cbdff322..ef514c66 100644 --- a/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go +++ b/pkg/core/ssl-deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go @@ -2,6 +2,7 @@ package huaweicloudcdn import ( "context" + "errors" "fmt" "log/slog" @@ -10,13 +11,12 @@ import ( hccdnmodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/model" hccdnregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/region" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-scm" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/huaweicloud-scm" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 华为云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 华为云 SecretAccessKey。 @@ -29,59 +29,63 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *hccdn.CdnClient - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *hccdn.CdnClient + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient( + client, err := createSDKClient( config.AccessKeyId, config.SecretAccessKey, config.Region, ) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, EnterpriseProjectId: config.EnterpriseProjectId, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SCM - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, fmt.Errorf("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -91,7 +95,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 查询加速域名配置 // REF: https://support.huaweicloud.com/api-cdn/ShowDomainFullConfig.html showDomainFullConfigReq := &hccdnmodel.ShowDomainFullConfigRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(d.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(d.config.EnterpriseProjectId), DomainName: d.config.Domain, } showDomainFullConfigResp, err := d.sdkClient.ShowDomainFullConfig(showDomainFullConfigReq) @@ -106,12 +110,12 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE updateDomainMultiCertificatesReqBodyContent := &hccdnmodel.UpdateDomainMultiCertificatesRequestBodyContent{} updateDomainMultiCertificatesReqBodyContent.DomainName = d.config.Domain updateDomainMultiCertificatesReqBodyContent.HttpsSwitch = 1 - updateDomainMultiCertificatesReqBodyContent.CertificateType = typeutil.ToPtr(int32(2)) - updateDomainMultiCertificatesReqBodyContent.ScmCertificateId = typeutil.ToPtr(upres.CertId) - updateDomainMultiCertificatesReqBodyContent.CertName = typeutil.ToPtr(upres.CertName) + updateDomainMultiCertificatesReqBodyContent.CertificateType = xtypes.ToPtr(int32(2)) + updateDomainMultiCertificatesReqBodyContent.ScmCertificateId = xtypes.ToPtr(upres.CertId) + updateDomainMultiCertificatesReqBodyContent.CertName = xtypes.ToPtr(upres.CertName) updateDomainMultiCertificatesReqBodyContent = assign(updateDomainMultiCertificatesReqBodyContent, showDomainFullConfigResp.Configs) updateDomainMultiCertificatesReq := &hccdnmodel.UpdateDomainMultiCertificatesRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(d.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(d.config.EnterpriseProjectId), Body: &hccdnmodel.UpdateDomainMultiCertificatesRequestBody{ Https: updateDomainMultiCertificatesReqBodyContent, }, @@ -122,10 +126,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cdn.UploadDomainMultiCertificates': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*hccdn.CdnClient, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*hccdn.CdnClient, error) { if region == "" { region = "cn-north-1" // CDN 服务默认区域:华北一北京 } @@ -164,11 +168,11 @@ func assign(source *hccdnmodel.UpdateDomainMultiCertificatesRequestBodyContent, } if *target.OriginProtocol == "follow" { - source.AccessOriginWay = typeutil.ToPtr(int32(1)) + source.AccessOriginWay = xtypes.ToPtr(int32(1)) } else if *target.OriginProtocol == "http" { - source.AccessOriginWay = typeutil.ToPtr(int32(2)) + source.AccessOriginWay = xtypes.ToPtr(int32(2)) } else if *target.OriginProtocol == "https" { - source.AccessOriginWay = typeutil.ToPtr(int32(3)) + source.AccessOriginWay = xtypes.ToPtr(int32(3)) } if target.ForceRedirect != nil { @@ -186,7 +190,7 @@ func assign(source *hccdnmodel.UpdateDomainMultiCertificatesRequestBodyContent, if target.Https != nil { if *target.Https.Http2Status == "on" { - source.Http2 = typeutil.ToPtr(int32(1)) + source.Http2 = xtypes.ToPtr(int32(1)) } } diff --git a/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn_test.go b/pkg/core/ssl-deployer/providers/huaweicloud-cdn/huaweicloud_cdn_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn_test.go rename to pkg/core/ssl-deployer/providers/huaweicloud-cdn/huaweicloud_cdn_test.go index cb4ab1a4..fa4191be 100644 --- a/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/huaweicloud-cdn/huaweicloud_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/huaweicloud-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/huaweicloud-cdn" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_HUAWEICLOUDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_HUAWEICLOUDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./huaweicloud_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDCDN_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDCDN_REGION="cn-north-1" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDCDN_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDCDN_REGION="cn-north-1" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/huaweicloud-elb/consts.go b/pkg/core/ssl-deployer/providers/huaweicloud-elb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/huaweicloud-elb/consts.go rename to pkg/core/ssl-deployer/providers/huaweicloud-elb/consts.go diff --git a/internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb.go b/pkg/core/ssl-deployer/providers/huaweicloud-elb/huaweicloud_elb.go similarity index 82% rename from internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb.go rename to pkg/core/ssl-deployer/providers/huaweicloud-elb/huaweicloud_elb.go index 52cbcab5..a6c29e36 100644 --- a/internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb.go +++ b/pkg/core/ssl-deployer/providers/huaweicloud-elb/huaweicloud_elb.go @@ -16,13 +16,12 @@ import ( hciamregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/region" "golang.org/x/exp/slices" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-elb" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/huaweicloud-elb" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 华为云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 华为云 SecretAccessKey。 @@ -44,54 +43,54 @@ type DeployerConfig struct { ListenerId string `json:"listenerId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *hcelb.ElbClient - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *hcelb.ElbClient + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, EnterpriseProjectId: config.EnterpriseProjectId, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 根据部署资源类型决定部署方式 switch d.config.ResourceType { case RESOURCE_TYPE_CERTIFICATE: @@ -113,10 +112,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.CertificateId == "" { return errors.New("config `certificateId` is required") } @@ -127,8 +126,8 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri CertificateId: d.config.CertificateId, Body: &hcelbmodel.UpdateCertificateRequestBody{ Certificate: &hcelbmodel.UpdateCertificateOption{ - Certificate: typeutil.ToPtr(certPEM), - PrivateKey: typeutil.ToPtr(privkeyPEM), + Certificate: xtypes.ToPtr(certPEM), + PrivateKey: xtypes.ToPtr(privkeyPEM), }, }, } @@ -141,7 +140,7 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri return nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -170,13 +169,13 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPEM str } listListenersReq := &hcelbmodel.ListListenersRequest{ - Limit: typeutil.ToPtr(listListenersLimit), + Limit: xtypes.ToPtr(listListenersLimit), Marker: listListenersMarker, Protocol: &[]string{"HTTPS", "TERMINATED_HTTPS"}, LoadbalancerId: &[]string{showLoadBalancerResp.Loadbalancer.Id}, } if d.config.EnterpriseProjectId != "" { - listListenersReq.EnterpriseProjectId = typeutil.ToPtr([]string{d.config.EnterpriseProjectId}) + listListenersReq.EnterpriseProjectId = xtypes.ToPtr([]string{d.config.EnterpriseProjectId}) } listListenersResp, err := d.sdkClient.ListListeners(listListenersReq) d.logger.Debug("sdk request 'elb.ListListeners'", slog.Any("request", listListenersReq), slog.Any("response", listListenersResp)) @@ -197,8 +196,8 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPEM str } } - // 上传证书到 SCM - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -231,13 +230,13 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPEM str return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.ListenerId == "" { return errors.New("config `listenerId` is required") } - // 上传证书到 SCM - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -252,7 +251,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, certPEM string, return nil } -func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { +func (d *SSLDeployerProvider) modifyListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { // 查询监听器详情 // REF: https://support.huaweicloud.com/api-elb/ShowListener.html showListenerReq := &hcelbmodel.ShowListenerRequest{ @@ -270,7 +269,7 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL ListenerId: cloudListenerId, Body: &hcelbmodel.UpdateListenerRequestBody{ Listener: &hcelbmodel.UpdateListenerOption{ - DefaultTlsContainerRef: typeutil.ToPtr(cloudCertId), + DefaultTlsContainerRef: xtypes.ToPtr(cloudCertId), }, }, } @@ -319,7 +318,7 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL } if showListenerResp.Listener.SniMatchAlgo != "" { - updateListenerReq.Body.Listener.SniMatchAlgo = typeutil.ToPtr(showListenerResp.Listener.SniMatchAlgo) + updateListenerReq.Body.Listener.SniMatchAlgo = xtypes.ToPtr(showListenerResp.Listener.SniMatchAlgo) } } updateListenerResp, err := d.sdkClient.UpdateListener(updateListenerReq) @@ -331,7 +330,7 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcelb.ElbClient, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*hcelb.ElbClient, error) { projectId, err := getSdkProjectId(accessKeyId, secretAccessKey, region) if err != nil { return nil, err diff --git a/internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb_test.go b/pkg/core/ssl-deployer/providers/huaweicloud-elb/huaweicloud_elb_test.go similarity index 78% rename from internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb_test.go rename to pkg/core/ssl-deployer/providers/huaweicloud-elb/huaweicloud_elb_test.go index 42fee652..0dd43e17 100644 --- a/internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb_test.go +++ b/pkg/core/ssl-deployer/providers/huaweicloud-elb/huaweicloud_elb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/huaweicloud-elb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/huaweicloud-elb" ) var ( @@ -23,7 +23,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_HUAWEICLOUDELB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -39,14 +39,14 @@ func init() { Shell command to run this test: go test -v ./huaweicloud_elb_test.go -args \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDELB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDELB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDELB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDELB_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDELB_REGION="cn-north-1" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDELB_CERTIFICATEID="your-elb-cert-id" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDELB_LOADBALANCERID="your-elb-loadbalancer-id" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDELB_LISTENERID="your-elb-listener-id" + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_REGION="cn-north-1" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_CERTIFICATEID="your-elb-cert-id" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_LOADBALANCERID="your-elb-loadbalancer-id" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDELB_LISTENERID="your-elb-listener-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -62,7 +62,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("CERTIFICATEID: %v", fCertificateId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Region: fRegion, @@ -96,7 +96,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LOADBALANCERID: %v", fLoadbalancerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Region: fRegion, @@ -130,7 +130,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LISTENERID: %v", fListenerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Region: fRegion, diff --git a/pkg/core/ssl-deployer/providers/huaweicloud-scm/huaweicloud_scm.go b/pkg/core/ssl-deployer/providers/huaweicloud-scm/huaweicloud_scm.go new file mode 100644 index 00000000..90a313d1 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/huaweicloud-scm/huaweicloud_scm.go @@ -0,0 +1,71 @@ +package huaweicloudscm + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/huaweicloud-scm" +) + +type SSLDeployerProviderConfig struct { + // 华为云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 华为云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` + // 华为云企业项目 ID。 + EnterpriseProjectId string `json:"enterpriseProjectId,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + SecretAccessKey: config.SecretAccessKey, + EnterpriseProjectId: config.EnterpriseProjectId, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + return &core.SSLDeployResult{}, nil +} diff --git a/internal/pkg/core/deployer/providers/huaweicloud-waf/consts.go b/pkg/core/ssl-deployer/providers/huaweicloud-waf/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/huaweicloud-waf/consts.go rename to pkg/core/ssl-deployer/providers/huaweicloud-waf/consts.go diff --git a/internal/pkg/core/deployer/providers/huaweicloud-waf/huaweicloud_waf.go b/pkg/core/ssl-deployer/providers/huaweicloud-waf/huaweicloud_waf.go similarity index 74% rename from internal/pkg/core/deployer/providers/huaweicloud-waf/huaweicloud_waf.go rename to pkg/core/ssl-deployer/providers/huaweicloud-waf/huaweicloud_waf.go index 8afb2049..90059488 100644 --- a/internal/pkg/core/deployer/providers/huaweicloud-waf/huaweicloud_waf.go +++ b/pkg/core/ssl-deployer/providers/huaweicloud-waf/huaweicloud_waf.go @@ -16,13 +16,12 @@ import ( hcwafmodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/model" hcwafregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/region" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-waf" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/huaweicloud-waf" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 华为云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 华为云 SecretAccessKey。 @@ -41,56 +40,56 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *hcwaf.WafClient - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *hcwaf.WafClient + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, SecretAccessKey: config.SecretAccessKey, EnterpriseProjectId: config.EnterpriseProjectId, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 WAF - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -118,10 +117,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.CertificateId == "" { return errors.New("config `certificateId` is required") } @@ -129,7 +128,7 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri // 查询证书 // REF: https://support.huaweicloud.com/api-waf/ShowCertificate.html showCertificateReq := &hcwafmodel.ShowCertificateRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(d.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(d.config.EnterpriseProjectId), CertificateId: d.config.CertificateId, } showCertificateResp, err := d.sdkClient.ShowCertificate(showCertificateReq) @@ -141,12 +140,12 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri // 更新证书 // REF: https://support.huaweicloud.com/api-waf/UpdateCertificate.html updateCertificateReq := &hcwafmodel.UpdateCertificateRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(d.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(d.config.EnterpriseProjectId), CertificateId: d.config.CertificateId, Body: &hcwafmodel.UpdateCertificateRequestBody{ Name: *showCertificateResp.Name, - Content: typeutil.ToPtr(certPEM), - Key: typeutil.ToPtr(privkeyPEM), + Content: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), }, } updateCertificateResp, err := d.sdkClient.UpdateCertificate(updateCertificateReq) @@ -158,13 +157,13 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri return nil } -func (d *DeployerProvider) deployToCloudServer(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToCloudServer(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.Domain == "" { return errors.New("config `domain` is required") } - // 上传证书到 WAF - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -184,10 +183,10 @@ func (d *DeployerProvider) deployToCloudServer(ctx context.Context, certPEM stri } listHostReq := &hcwafmodel.ListHostRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(d.config.EnterpriseProjectId), - Hostname: typeutil.ToPtr(strings.TrimPrefix(d.config.Domain, "*")), - Page: typeutil.ToPtr(listHostPage), - Pagesize: typeutil.ToPtr(listHostPageSize), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(d.config.EnterpriseProjectId), + Hostname: xtypes.ToPtr(strings.TrimPrefix(d.config.Domain, "*")), + Page: xtypes.ToPtr(listHostPage), + Pagesize: xtypes.ToPtr(listHostPageSize), } listHostResp, err := d.sdkClient.ListHost(listHostReq) d.logger.Debug("sdk request 'waf.ListHost'", slog.Any("request", listHostReq), slog.Any("response", listHostResp)) @@ -217,11 +216,11 @@ func (d *DeployerProvider) deployToCloudServer(ctx context.Context, certPEM stri // 更新云模式防护域名的配置 // REF: https://support.huaweicloud.com/api-waf/UpdateHost.html updateHostReq := &hcwafmodel.UpdateHostRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(d.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(d.config.EnterpriseProjectId), InstanceId: hostId, Body: &hcwafmodel.UpdateHostRequestBody{ - Certificateid: typeutil.ToPtr(upres.CertId), - Certificatename: typeutil.ToPtr(upres.CertName), + Certificateid: xtypes.ToPtr(upres.CertId), + Certificatename: xtypes.ToPtr(upres.CertName), }, } updateHostResp, err := d.sdkClient.UpdateHost(updateHostReq) @@ -233,13 +232,13 @@ func (d *DeployerProvider) deployToCloudServer(ctx context.Context, certPEM stri return nil } -func (d *DeployerProvider) deployToPremiumHost(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToPremiumHost(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.Domain == "" { return errors.New("config `domain` is required") } - // 上传证书到 WAF - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -259,10 +258,10 @@ func (d *DeployerProvider) deployToPremiumHost(ctx context.Context, certPEM stri } listPremiumHostReq := &hcwafmodel.ListPremiumHostRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(d.config.EnterpriseProjectId), - Hostname: typeutil.ToPtr(strings.TrimPrefix(d.config.Domain, "*")), - Page: typeutil.ToPtr(fmt.Sprintf("%d", listPremiumHostPage)), - Pagesize: typeutil.ToPtr(fmt.Sprintf("%d", listPremiumHostPageSize)), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(d.config.EnterpriseProjectId), + Hostname: xtypes.ToPtr(strings.TrimPrefix(d.config.Domain, "*")), + Page: xtypes.ToPtr(fmt.Sprintf("%d", listPremiumHostPage)), + Pagesize: xtypes.ToPtr(fmt.Sprintf("%d", listPremiumHostPageSize)), } listPremiumHostResp, err := d.sdkClient.ListPremiumHost(listPremiumHostReq) d.logger.Debug("sdk request 'waf.ListPremiumHost'", slog.Any("request", listPremiumHostReq), slog.Any("response", listPremiumHostResp)) @@ -292,11 +291,11 @@ func (d *DeployerProvider) deployToPremiumHost(ctx context.Context, certPEM stri // 修改独享模式域名配置 // REF: https://support.huaweicloud.com/api-waf/UpdatePremiumHost.html updatePremiumHostReq := &hcwafmodel.UpdatePremiumHostRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(d.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(d.config.EnterpriseProjectId), HostId: hostId, Body: &hcwafmodel.UpdatePremiumHostRequestBody{ - Certificateid: typeutil.ToPtr(upres.CertId), - Certificatename: typeutil.ToPtr(upres.CertName), + Certificateid: xtypes.ToPtr(upres.CertId), + Certificatename: xtypes.ToPtr(upres.CertName), }, } updatePremiumHostResp, err := d.sdkClient.UpdatePremiumHost(updatePremiumHostReq) @@ -308,7 +307,7 @@ func (d *DeployerProvider) deployToPremiumHost(ctx context.Context, certPEM stri return nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcwaf.WafClient, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*hcwaf.WafClient, error) { projectId, err := getSdkProjectId(accessKeyId, secretAccessKey, region) if err != nil { return nil, err diff --git a/internal/pkg/core/deployer/providers/huaweicloud-waf/huaweicloud_waf_test.go b/pkg/core/ssl-deployer/providers/huaweicloud-waf/huaweicloud_waf_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/huaweicloud-waf/huaweicloud_waf_test.go rename to pkg/core/ssl-deployer/providers/huaweicloud-waf/huaweicloud_waf_test.go index 4f6b5654..c1b7007e 100644 --- a/internal/pkg/core/deployer/providers/huaweicloud-waf/huaweicloud_waf_test.go +++ b/pkg/core/ssl-deployer/providers/huaweicloud-waf/huaweicloud_waf_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/huaweicloud-waf" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/huaweicloud-waf" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_HUAWEICLOUDWAF_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_HUAWEICLOUDWAF_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./huaweicloud_waf_test.go -args \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDWAF_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDWAF_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDWAF_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDWAF_SECRETACCESSKEY="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDWAF_REGION="cn-north-1" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDWAF_RESOURCETYPE="premium" \ - --CERTIMATE_DEPLOYER_HUAWEICLOUDWAF_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDWAF_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDWAF_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDWAF_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDWAF_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDWAF_REGION="cn-north-1" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDWAF_RESOURCETYPE="premium" \ + --CERTIMATE_SSLDEPLOYER_HUAWEICLOUDWAF_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -59,7 +59,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("RESOURCETYPE: %v", fResourceType), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/jdcloud-alb/consts.go b/pkg/core/ssl-deployer/providers/jdcloud-alb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/jdcloud-alb/consts.go rename to pkg/core/ssl-deployer/providers/jdcloud-alb/consts.go diff --git a/internal/pkg/core/deployer/providers/jdcloud-alb/jdcloud_alb.go b/pkg/core/ssl-deployer/providers/jdcloud-alb/jdcloud_alb.go similarity index 78% rename from internal/pkg/core/deployer/providers/jdcloud-alb/jdcloud_alb.go rename to pkg/core/ssl-deployer/providers/jdcloud-alb/jdcloud_alb.go index 0f8a048d..121f1bec 100644 --- a/internal/pkg/core/deployer/providers/jdcloud-alb/jdcloud_alb.go +++ b/pkg/core/ssl-deployer/providers/jdcloud-alb/jdcloud_alb.go @@ -13,13 +13,12 @@ import ( jdlbclient "github.com/jdcloud-api/jdcloud-sdk-go/services/lb/client" jdlbmodel "github.com/jdcloud-api/jdcloud-sdk-go/services/lb/models" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/jdcloud-ssl" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/jdcloud-ssl" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 京东云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 京东云 AccessKeySecret。 @@ -39,54 +38,54 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *jdlbclient.LbClient - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *jdlbclient.LbClient + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -109,10 +108,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -188,7 +187,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.ListenerId == "" { return errors.New("config `listenerId` is required") } @@ -201,7 +200,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { // 查询监听器详情 // REF: https://docs.jdcloud.com/cn/load-balancer/api/describelistener describeListenerReq := jdlbapi.NewDescribeListenerRequest(d.config.RegionId, cloudListenerId) @@ -226,7 +225,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL } else { // 指定 SNI,需部署到扩展证书 - extCertSpecs := sliceutil.Filter(describeListenerResp.Result.Listener.ExtensionCertificateSpecs, func(extCertSpec jdlbmodel.ExtensionCertificateSpec) bool { + extCertSpecs := xslices.Filter(describeListenerResp.Result.Listener.ExtensionCertificateSpecs, func(extCertSpec jdlbmodel.ExtensionCertificateSpec) bool { return extCertSpec.Domain == d.config.Domain }) if len(extCertSpecs) == 0 { @@ -238,7 +237,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL updateListenerCertificatesReq := jdlbapi.NewUpdateListenerCertificatesRequest( d.config.RegionId, cloudListenerId, - sliceutil.Map(extCertSpecs, func(extCertSpec jdlbmodel.ExtensionCertificateSpec) jdlbmodel.ExtCertificateUpdateSpec { + xslices.Map(extCertSpecs, func(extCertSpec jdlbmodel.ExtensionCertificateSpec) jdlbmodel.ExtCertificateUpdateSpec { return jdlbmodel.ExtCertificateUpdateSpec{ CertificateBindId: extCertSpec.CertificateBindId, CertificateId: &cloudCertId, @@ -256,7 +255,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*jdlbclient.LbClient, error) { +func createSDKClient(accessKeyId, accessKeySecret string) (*jdlbclient.LbClient, error) { clientCredentials := jdcore.NewCredentials(accessKeyId, accessKeySecret) client := jdlbclient.NewLbClient(clientCredentials) client.SetLogger(jdcore.NewDefaultLogger(jdcore.LogWarn)) diff --git a/internal/pkg/core/deployer/providers/jdcloud-alb/jdcloud_alb_test.go b/pkg/core/ssl-deployer/providers/jdcloud-alb/jdcloud_alb_test.go similarity index 76% rename from internal/pkg/core/deployer/providers/jdcloud-alb/jdcloud_alb_test.go rename to pkg/core/ssl-deployer/providers/jdcloud-alb/jdcloud_alb_test.go index b6c063e2..2706ba39 100644 --- a/internal/pkg/core/deployer/providers/jdcloud-alb/jdcloud_alb_test.go +++ b/pkg/core/ssl-deployer/providers/jdcloud-alb/jdcloud_alb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/jdcloud-alb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/jdcloud-alb" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_JDCLOUDALB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_JDCLOUDALB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./jdcloud_alb_test.go -args \ - --CERTIMATE_DEPLOYER_JDCLOUDALB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_JDCLOUDALB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_JDCLOUDALB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_JDCLOUDALB_ACCESSKEYSECRET="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_JDCLOUDALB_REGION_ID="cn-north-1" \ - --CERTIMATE_DEPLOYER_JDCLOUDALB_LOADBALANCERID="your-alb-loadbalancer-id" \ - --CERTIMATE_DEPLOYER_JDCLOUDALB_LISTENERID="your-alb-listener-id" + --CERTIMATE_SSLDEPLOYER_JDCLOUDALB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDALB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDALB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDALB_ACCESSKEYSECRET="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDALB_REGION_ID="cn-north-1" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDALB_LOADBALANCERID="your-alb-loadbalancer-id" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDALB_LISTENERID="your-alb-listener-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -59,7 +59,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LOADBALANCERID: %v", fLoadbalancerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, RegionId: fRegionId, @@ -93,7 +93,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LISTENERID: %v", fListenerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, RegionId: fRegionId, diff --git a/internal/pkg/core/deployer/providers/jdcloud-cdn/jdcloud_cdn.go b/pkg/core/ssl-deployer/providers/jdcloud-cdn/jdcloud_cdn.go similarity index 62% rename from internal/pkg/core/deployer/providers/jdcloud-cdn/jdcloud_cdn.go rename to pkg/core/ssl-deployer/providers/jdcloud-cdn/jdcloud_cdn.go index 7da0000b..a552d710 100644 --- a/internal/pkg/core/deployer/providers/jdcloud-cdn/jdcloud_cdn.go +++ b/pkg/core/ssl-deployer/providers/jdcloud-cdn/jdcloud_cdn.go @@ -2,6 +2,7 @@ package jdcloudcdn import ( "context" + "errors" "fmt" "log/slog" @@ -9,12 +10,11 @@ import ( jdcdnapi "github.com/jdcloud-api/jdcloud-sdk-go/services/cdn/apis" jdcdnclient "github.com/jdcloud-api/jdcloud-sdk-go/services/cdn/client" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/jdcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/jdcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 京东云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 京东云 AccessKeySecret。 @@ -23,52 +23,56 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *jdcdnclient.CdnClient - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *jdcdnclient.CdnClient + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, fmt.Errorf("config `domain` is required") + } + // 查询域名配置信息 // REF: https://docs.jdcloud.com/cn/cdn/api/querydomainconfig queryDomainConfigReq := jdcdnapi.NewQueryDomainConfigRequest(d.config.Domain) @@ -78,8 +82,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cdn.QueryDomainConfig': %w", err) } - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -101,10 +105,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cdn.SetHttpType': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*jdcdnclient.CdnClient, error) { +func createSDKClient(accessKeyId, accessKeySecret string) (*jdcdnclient.CdnClient, error) { clientCredentials := jdcore.NewCredentials(accessKeyId, accessKeySecret) client := jdcdnclient.NewCdnClient(clientCredentials) client.SetLogger(jdcore.NewDefaultLogger(jdcore.LogWarn)) diff --git a/internal/pkg/core/deployer/providers/jdcloud-cdn/jdcloud_cdn_test.go b/pkg/core/ssl-deployer/providers/jdcloud-cdn/jdcloud_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/jdcloud-cdn/jdcloud_cdn_test.go rename to pkg/core/ssl-deployer/providers/jdcloud-cdn/jdcloud_cdn_test.go index 1bed5d15..2ecd406b 100644 --- a/internal/pkg/core/deployer/providers/jdcloud-cdn/jdcloud_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/jdcloud-cdn/jdcloud_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/jdcloud-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/jdcloud-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_JDCLOUDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_JDCLOUDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./jdcloud_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_JDCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_JDCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_JDCLOUDCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_JDCLOUDCDN_ACCESSKEYSECRET="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_JDCLOUDCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_JDCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDCDN_ACCESSKEYSECRET="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/jdcloud-live/jdcloud_live.go b/pkg/core/ssl-deployer/providers/jdcloud-live/jdcloud_live.go similarity index 64% rename from internal/pkg/core/deployer/providers/jdcloud-live/jdcloud_live.go rename to pkg/core/ssl-deployer/providers/jdcloud-live/jdcloud_live.go index 666ce101..19e22df0 100644 --- a/internal/pkg/core/deployer/providers/jdcloud-live/jdcloud_live.go +++ b/pkg/core/ssl-deployer/providers/jdcloud-live/jdcloud_live.go @@ -2,17 +2,17 @@ package jdcloudlive import ( "context" + "errors" "fmt" "log/slog" + "github.com/certimate-go/certimate/pkg/core" jdcore "github.com/jdcloud-api/jdcloud-sdk-go/core" jdliveapi "github.com/jdcloud-api/jdcloud-sdk-go/services/live/apis" jdliveclient "github.com/jdcloud-api/jdcloud-sdk-go/services/live/client" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 京东云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 京东云 AccessKeySecret。 @@ -21,41 +21,44 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *jdliveclient.LiveClient } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, fmt.Errorf("config `domain` is required") + } + // 设置直播证书 // REF: https://docs.jdcloud.com/cn/live-video/api/setlivedomaincertificate setLiveDomainCertificateReq := jdliveapi.NewSetLiveDomainCertificateRequest(d.config.Domain, "on") @@ -67,10 +70,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'live.SetLiveDomainCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*jdliveclient.LiveClient, error) { +func createSDKClient(accessKeyId, accessKeySecret string) (*jdliveclient.LiveClient, error) { clientCredentials := jdcore.NewCredentials(accessKeyId, accessKeySecret) client := jdliveclient.NewLiveClient(clientCredentials) client.SetLogger(jdcore.NewDefaultLogger(jdcore.LogWarn)) diff --git a/internal/pkg/core/deployer/providers/jdcloud-live/jdcloud_live_test.go b/pkg/core/ssl-deployer/providers/jdcloud-live/jdcloud_live_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/jdcloud-live/jdcloud_live_test.go rename to pkg/core/ssl-deployer/providers/jdcloud-live/jdcloud_live_test.go index d544690d..4853dde5 100644 --- a/internal/pkg/core/deployer/providers/jdcloud-live/jdcloud_live_test.go +++ b/pkg/core/ssl-deployer/providers/jdcloud-live/jdcloud_live_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/jdcloud-live" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/jdcloud-live" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_JDCLOUDLIVE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_JDCLOUDLIVE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./jdcloud_live_test.go -args \ - --CERTIMATE_DEPLOYER_JDCLOUDLIVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_JDCLOUDLIVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_JDCLOUDLIVE_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_JDCLOUDLIVE_ACCESSKEYSECRET="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_JDCLOUDLIVE_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_JDCLOUDLIVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDLIVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDLIVE_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDLIVE_ACCESSKEYSECRET="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDLIVE_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/jdcloud-vod/jdcloud_vod.go b/pkg/core/ssl-deployer/providers/jdcloud-vod/jdcloud_vod.go similarity index 79% rename from internal/pkg/core/deployer/providers/jdcloud-vod/jdcloud_vod.go rename to pkg/core/ssl-deployer/providers/jdcloud-vod/jdcloud_vod.go index 19e5e286..c244492f 100644 --- a/internal/pkg/core/deployer/providers/jdcloud-vod/jdcloud_vod.go +++ b/pkg/core/ssl-deployer/providers/jdcloud-vod/jdcloud_vod.go @@ -8,14 +8,13 @@ import ( "strconv" "time" + "github.com/certimate-go/certimate/pkg/core" jdcore "github.com/jdcloud-api/jdcloud-sdk-go/core" jdvodapi "github.com/jdcloud-api/jdcloud-sdk-go/services/vod/apis" jdvodclient "github.com/jdcloud-api/jdcloud-sdk-go/services/vod/client" - - "github.com/usual2970/certimate/internal/pkg/core/deployer" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 京东云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 京东云 AccessKeySecret。 @@ -24,41 +23,40 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *jdvodclient.VodClient } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 查询域名列表 // REF: https://docs.jdcloud.com/cn/video-on-demand/api/listdomains var domainId int @@ -121,10 +119,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'vod.SetHttpSsl': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*jdvodclient.VodClient, error) { +func createSDKClient(accessKeyId, accessKeySecret string) (*jdvodclient.VodClient, error) { clientCredentials := jdcore.NewCredentials(accessKeyId, accessKeySecret) client := jdvodclient.NewVodClient(clientCredentials) client.SetLogger(jdcore.NewDefaultLogger(jdcore.LogWarn)) diff --git a/internal/pkg/core/deployer/providers/jdcloud-vod/jdcloud_vod_test.go b/pkg/core/ssl-deployer/providers/jdcloud-vod/jdcloud_vod_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/jdcloud-vod/jdcloud_vod_test.go rename to pkg/core/ssl-deployer/providers/jdcloud-vod/jdcloud_vod_test.go index b8c38b1d..c0993320 100644 --- a/internal/pkg/core/deployer/providers/jdcloud-vod/jdcloud_vod_test.go +++ b/pkg/core/ssl-deployer/providers/jdcloud-vod/jdcloud_vod_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/jdcloud-vod" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/jdcloud-vod" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_JDCLOUDVOD_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_JDCLOUDVOD_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./jdcloud_vod_test.go -args \ - --CERTIMATE_DEPLOYER_JDCLOUDVOD_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_JDCLOUDVOD_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_JDCLOUDVOD_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_JDCLOUDVOD_ACCESSKEYSECRET="your-secret-access-key" \ - --CERTIMATE_DEPLOYER_JDCLOUDVOD_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_JDCLOUDVOD_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDVOD_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDVOD_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDVOD_ACCESSKEYSECRET="your-secret-access-key" \ + --CERTIMATE_SSLDEPLOYER_JDCLOUDVOD_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/k8s-secret/k8s_secret.go b/pkg/core/ssl-deployer/providers/k8s-secret/k8s_secret.go similarity index 85% rename from internal/pkg/core/deployer/providers/k8s-secret/k8s_secret.go rename to pkg/core/ssl-deployer/providers/k8s-secret/k8s_secret.go index e51bfcd8..e9a16683 100644 --- a/internal/pkg/core/deployer/providers/k8s-secret/k8s_secret.go +++ b/pkg/core/ssl-deployer/providers/k8s-secret/k8s_secret.go @@ -13,11 +13,11 @@ import ( "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // kubeconfig 文件内容。 KubeConfig string `json:"kubeConfig,omitempty"` // Kubernetes 命名空间。 @@ -32,34 +32,33 @@ type DeployerConfig struct { SecretDataKeyForKey string `json:"secretDataKeyForKey,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - return &DeployerProvider{ + return &SSLDeployerProvider{ logger: slog.Default(), config: config, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Namespace == "" { return nil, errors.New("config `namespace` is required") } @@ -76,7 +75,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, errors.New("config `secretDataKeyForKey` is required") } - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -119,7 +118,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE if err != nil { return nil, fmt.Errorf("failed to create k8s secret: %w", err) } else { - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } } @@ -143,7 +142,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to update k8s secret: %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } func createK8sClient(kubeConfig string) (*kubernetes.Clientset, error) { diff --git a/internal/pkg/core/deployer/providers/k8s-secret/k8s_secret_test.go b/pkg/core/ssl-deployer/providers/k8s-secret/k8s_secret_test.go similarity index 73% rename from internal/pkg/core/deployer/providers/k8s-secret/k8s_secret_test.go rename to pkg/core/ssl-deployer/providers/k8s-secret/k8s_secret_test.go index 90bdf4ab..827bfb07 100644 --- a/internal/pkg/core/deployer/providers/k8s-secret/k8s_secret_test.go +++ b/pkg/core/ssl-deployer/providers/k8s-secret/k8s_secret_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/k8s-secret" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/k8s-secret" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_K8SSECRET_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_K8SSECRET_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./k8s_secret_test.go -args \ - --CERTIMATE_DEPLOYER_K8SSECRET_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_K8SSECRET_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_K8SSECRET_NAMESPACE="default" \ - --CERTIMATE_DEPLOYER_K8SSECRET_SECRETNAME="secret" \ - --CERTIMATE_DEPLOYER_K8SSECRET_SECRETDATAKEYFORCRT="tls.crt" \ - --CERTIMATE_DEPLOYER_K8SSECRET_SECRETDATAKEYFORKEY="tls.key" + --CERTIMATE_SSLDEPLOYER_K8SSECRET_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_K8SSECRET_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_K8SSECRET_NAMESPACE="default" \ + --CERTIMATE_SSLDEPLOYER_K8SSECRET_SECRETNAME="secret" \ + --CERTIMATE_SSLDEPLOYER_K8SSECRET_SECRETDATAKEYFORCRT="tls.crt" \ + --CERTIMATE_SSLDEPLOYER_K8SSECRET_SECRETDATAKEYFORKEY="tls.key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SECRETDATAKEYFORKEY: %v", fSecretDataKeyForKey), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ Namespace: fNamespace, SecretName: fSecretName, SecretDataKeyForCrt: fSecretDataKeyForCrt, diff --git a/internal/pkg/core/deployer/providers/lecdn/consts.go b/pkg/core/ssl-deployer/providers/lecdn/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/lecdn/consts.go rename to pkg/core/ssl-deployer/providers/lecdn/consts.go diff --git a/pkg/core/ssl-deployer/providers/lecdn/lecdn.go b/pkg/core/ssl-deployer/providers/lecdn/lecdn.go new file mode 100644 index 00000000..0cc130ce --- /dev/null +++ b/pkg/core/ssl-deployer/providers/lecdn/lecdn.go @@ -0,0 +1,174 @@ +package lecdn + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "log/slog" + "time" + + "github.com/certimate-go/certimate/pkg/core" + leclientsdkv3 "github.com/certimate-go/certimate/pkg/sdk3rd/lecdn/client-v3" + lemastersdkv3 "github.com/certimate-go/certimate/pkg/sdk3rd/lecdn/master-v3" +) + +type SSLDeployerProviderConfig struct { + // LeCDN 服务地址。 + ServerUrl string `json:"serverUrl"` + // LeCDN 版本。 + // 可取值 "v3"。 + ApiVersion string `json:"apiVersion"` + // LeCDN 用户角色。 + // 可取值 "client"、"master"。 + ApiRole string `json:"apiRole"` + // LeCDN 用户名。 + Username string `json:"accessKeyId"` + // LeCDN 用户密码。 + Password string `json:"accessKey"` + // 是否允许不安全的连接。 + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` + // 部署资源类型。 + ResourceType ResourceType `json:"resourceType"` + // 证书 ID。 + // 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时必填。 + CertificateId int64 `json:"certificateId,omitempty"` + // 客户 ID。 + // 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时选填。 + ClientId int64 `json:"clientId,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient any +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ServerUrl, config.ApiVersion, config.ApiRole, config.Username, config.Password, config.AllowInsecureConnections) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 根据部署资源类型决定部署方式 + switch d.config.ResourceType { + case RESOURCE_TYPE_CERTIFICATE: + if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil { + return nil, err + } + + default: + return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) + } + + return &core.SSLDeployResult{}, nil +} + +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { + if d.config.CertificateId == 0 { + return errors.New("config `certificateId` is required") + } + + // 修改证书 + // REF: https://wdk0pwf8ul.feishu.cn/wiki/YE1XwCRIHiLYeKkPupgcXrlgnDd + switch sdkClient := d.sdkClient.(type) { + case *leclientsdkv3.Client: + { + updateSSLCertReq := &leclientsdkv3.UpdateCertificateRequest{ + Name: fmt.Sprintf("certimate-%d", time.Now().UnixMilli()), + Description: "upload from certimate", + Type: "upload", + SSLPEM: certPEM, + SSLKey: privkeyPEM, + AutoRenewal: false, + } + updateSSLCertResp, err := sdkClient.UpdateCertificate(d.config.CertificateId, updateSSLCertReq) + d.logger.Debug("sdk request 'lecdn.UpdateCertificate'", slog.Int64("certId", d.config.CertificateId), slog.Any("request", updateSSLCertReq), slog.Any("response", updateSSLCertResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request 'lecdn.UpdateCertificate': %w", err) + } + } + + case *lemastersdkv3.Client: + { + updateSSLCertReq := &lemastersdkv3.UpdateCertificateRequest{ + ClientId: d.config.ClientId, + Name: fmt.Sprintf("certimate-%d", time.Now().UnixMilli()), + Description: "upload from certimate", + Type: "upload", + SSLPEM: certPEM, + SSLKey: privkeyPEM, + AutoRenewal: false, + } + updateSSLCertResp, err := sdkClient.UpdateCertificate(d.config.CertificateId, updateSSLCertReq) + d.logger.Debug("sdk request 'lecdn.UpdateCertificate'", slog.Int64("certId", d.config.CertificateId), slog.Any("request", updateSSLCertReq), slog.Any("response", updateSSLCertResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request 'lecdn.UpdateCertificate': %w", err) + } + } + + default: + panic("sdk client is not implemented") + } + + return nil +} + +const ( + sdkVersionV3 = "v3" + + sdkRoleClient = "client" + sdkRoleMaster = "master" +) + +func createSDKClient(serverUrl, apiVersion, apiRole, username, password string, skipTlsVerify bool) (any, error) { + if apiVersion == sdkVersionV3 && apiRole == sdkRoleClient { + // v3 版客户端 + client, err := leclientsdkv3.NewClient(serverUrl, username, password) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil + } else if apiVersion == sdkVersionV3 && apiRole == sdkRoleMaster { + // v3 版主控端 + client, err := lemastersdkv3.NewClient(serverUrl, username, password) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil + } + + return nil, fmt.Errorf("invalid lecdn api version or user role") +} diff --git a/internal/pkg/core/deployer/providers/lecdn/lecdn_test.go b/pkg/core/ssl-deployer/providers/lecdn/lecdn_test.go similarity index 76% rename from internal/pkg/core/deployer/providers/lecdn/lecdn_test.go rename to pkg/core/ssl-deployer/providers/lecdn/lecdn_test.go index fda880c4..a94db0bd 100644 --- a/internal/pkg/core/deployer/providers/lecdn/lecdn_test.go +++ b/pkg/core/ssl-deployer/providers/lecdn/lecdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/lecdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/lecdn" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_LECDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_LECDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,12 +37,12 @@ func init() { Shell command to run this test: go test -v ./lecdn_test.go -args \ - --CERTIMATE_DEPLOYER_LECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_LECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_LECDN_SERVERURL="http://127.0.0.1:5090" \ - --CERTIMATE_DEPLOYER_LECDN_USERNAME="your-username" \ - --CERTIMATE_DEPLOYER_LECDN_PASSWORD="your-password" \ - --CERTIMATE_DEPLOYER_LECDN_CERTIFICATEID="your-cerficiate-id" + --CERTIMATE_SSLDEPLOYER_LECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_LECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_LECDN_SERVERURL="http://127.0.0.1:5090" \ + --CERTIMATE_SSLDEPLOYER_LECDN_USERNAME="your-username" \ + --CERTIMATE_SSLDEPLOYER_LECDN_PASSWORD="your-password" \ + --CERTIMATE_SSLDEPLOYER_LECDN_CERTIFICATEID="your-cerficiate-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -59,7 +59,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("CERTIFICATEID: %v", fCertificateId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiVersion: fApiVersion, ApiRole: "user", diff --git a/internal/pkg/core/deployer/providers/local/defines.go b/pkg/core/ssl-deployer/providers/local/defines.go similarity index 100% rename from internal/pkg/core/deployer/providers/local/defines.go rename to pkg/core/ssl-deployer/providers/local/defines.go diff --git a/internal/pkg/core/deployer/providers/local/local.go b/pkg/core/ssl-deployer/providers/local/local.go similarity index 75% rename from internal/pkg/core/deployer/providers/local/local.go rename to pkg/core/ssl-deployer/providers/local/local.go index 0b71da8a..bdb89a16 100644 --- a/internal/pkg/core/deployer/providers/local/local.go +++ b/pkg/core/ssl-deployer/providers/local/local.go @@ -3,17 +3,18 @@ package local import ( "bytes" "context" + "errors" "fmt" "log/slog" "os/exec" "runtime" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - fileutil "github.com/usual2970/certimate/internal/pkg/utils/file" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xfile "github.com/certimate-go/certimate/pkg/utils/file" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // Shell 执行环境。 // 零值时根据操作系统决定。 ShellEnv ShellEnvType `json:"shellEnv,omitempty"` @@ -47,36 +48,35 @@ type DeployerConfig struct { JksStorepass string `json:"jksStorepass,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 提取服务器证书和中间证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -93,50 +93,50 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 写入证书和私钥文件 switch d.config.OutputFormat { case OUTPUT_FORMAT_PEM: - if err := fileutil.WriteString(d.config.OutputCertPath, certPEM); err != nil { + if err := xfile.WriteString(d.config.OutputCertPath, certPEM); err != nil { return nil, fmt.Errorf("failed to save certificate file: %w", err) } d.logger.Info("ssl certificate file saved", slog.String("path", d.config.OutputCertPath)) if d.config.OutputServerCertPath != "" { - if err := fileutil.WriteString(d.config.OutputServerCertPath, serverCertPEM); err != nil { + if err := xfile.WriteString(d.config.OutputServerCertPath, serverCertPEM); err != nil { return nil, fmt.Errorf("failed to save server certificate file: %w", err) } d.logger.Info("ssl server certificate file saved", slog.String("path", d.config.OutputServerCertPath)) } if d.config.OutputIntermediaCertPath != "" { - if err := fileutil.WriteString(d.config.OutputIntermediaCertPath, intermediaCertPEM); err != nil { + if err := xfile.WriteString(d.config.OutputIntermediaCertPath, intermediaCertPEM); err != nil { return nil, fmt.Errorf("failed to save intermedia certificate file: %w", err) } d.logger.Info("ssl intermedia certificate file saved", slog.String("path", d.config.OutputIntermediaCertPath)) } - if err := fileutil.WriteString(d.config.OutputKeyPath, privkeyPEM); err != nil { + if err := xfile.WriteString(d.config.OutputKeyPath, privkeyPEM); err != nil { return nil, fmt.Errorf("failed to save private key file: %w", err) } d.logger.Info("ssl private key file saved", slog.String("path", d.config.OutputKeyPath)) case OUTPUT_FORMAT_PFX: - pfxData, err := certutil.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, d.config.PfxPassword) + pfxData, err := xcert.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, d.config.PfxPassword) if err != nil { return nil, fmt.Errorf("failed to transform certificate to PFX: %w", err) } d.logger.Info("ssl certificate transformed to pfx") - if err := fileutil.Write(d.config.OutputCertPath, pfxData); err != nil { + if err := xfile.Write(d.config.OutputCertPath, pfxData); err != nil { return nil, fmt.Errorf("failed to save certificate file: %w", err) } d.logger.Info("ssl certificate file saved", slog.String("path", d.config.OutputCertPath)) case OUTPUT_FORMAT_JKS: - jksData, err := certutil.TransformCertificateFromPEMToJKS(certPEM, privkeyPEM, d.config.JksAlias, d.config.JksKeypass, d.config.JksStorepass) + jksData, err := xcert.TransformCertificateFromPEMToJKS(certPEM, privkeyPEM, d.config.JksAlias, d.config.JksKeypass, d.config.JksStorepass) if err != nil { return nil, fmt.Errorf("failed to transform certificate to JKS: %w", err) } d.logger.Info("ssl certificate transformed to jks") - if err := fileutil.Write(d.config.OutputCertPath, jksData); err != nil { + if err := xfile.Write(d.config.OutputCertPath, jksData); err != nil { return nil, fmt.Errorf("failed to save certificate file: %w", err) } d.logger.Info("ssl certificate file saved", slog.String("path", d.config.OutputCertPath)) @@ -154,7 +154,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } func execCommand(shellEnv ShellEnvType, command string) (string, string, error) { diff --git a/internal/pkg/core/deployer/providers/local/local_test.go b/pkg/core/ssl-deployer/providers/local/local_test.go similarity index 81% rename from internal/pkg/core/deployer/providers/local/local_test.go rename to pkg/core/ssl-deployer/providers/local/local_test.go index 4225864b..a100d22d 100644 --- a/internal/pkg/core/deployer/providers/local/local_test.go +++ b/pkg/core/ssl-deployer/providers/local/local_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/local" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/local" ) var ( @@ -26,7 +26,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_LOCAL_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_LOCAL_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -45,17 +45,17 @@ func init() { Shell command to run this test: go test -v ./local_test.go -args \ - --CERTIMATE_DEPLOYER_LOCAL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_LOCAL_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_LOCAL_OUTPUTCERTPATH="/path/to/your-output-cert" \ - --CERTIMATE_DEPLOYER_LOCAL_OUTPUTKEYPATH="/path/to/your-output-key" \ - --CERTIMATE_DEPLOYER_LOCAL_PFXPASSWORD="your-pfx-password" \ - --CERTIMATE_DEPLOYER_LOCAL_JKSALIAS="your-jks-alias" \ - --CERTIMATE_DEPLOYER_LOCAL_JKSKEYPASS="your-jks-keypass" \ - --CERTIMATE_DEPLOYER_LOCAL_JKSSTOREPASS="your-jks-storepass" \ - --CERTIMATE_DEPLOYER_LOCAL_SHELLENV="sh" \ - --CERTIMATE_DEPLOYER_LOCAL_PRECOMMAND="echo 'hello world'" \ - --CERTIMATE_DEPLOYER_LOCAL_POSTCOMMAND="echo 'bye-bye world'" + --CERTIMATE_SSLDEPLOYER_LOCAL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_OUTPUTCERTPATH="/path/to/your-output-cert" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_OUTPUTKEYPATH="/path/to/your-output-key" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_PFXPASSWORD="your-pfx-password" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_JKSALIAS="your-jks-alias" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_JKSKEYPASS="your-jks-keypass" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_JKSSTOREPASS="your-jks-storepass" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_SHELLENV="sh" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_PRECOMMAND="echo 'hello world'" \ + --CERTIMATE_SSLDEPLOYER_LOCAL_POSTCOMMAND="echo 'bye-bye world'" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -72,7 +72,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("POSTCOMMAND: %v", fPostCommand), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ OutputFormat: provider.OUTPUT_FORMAT_PEM, OutputCertPath: fOutputCertPath + ".pem", OutputKeyPath: fOutputKeyPath + ".pem", @@ -123,7 +123,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("PFXPASSWORD: %v", fPfxPassword), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ OutputFormat: provider.OUTPUT_FORMAT_PFX, OutputCertPath: fOutputCertPath + ".pfx", PfxPassword: fPfxPassword, @@ -164,7 +164,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("JKSSTOREPASS: %v", fJksStorepass), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ OutputFormat: provider.OUTPUT_FORMAT_JKS, OutputCertPath: fOutputCertPath + ".jks", JksAlias: fJksAlias, diff --git a/internal/pkg/core/deployer/providers/netlify-site/netlify_site.go b/pkg/core/ssl-deployer/providers/netlify-site/netlify_site.go similarity index 56% rename from internal/pkg/core/deployer/providers/netlify-site/netlify_site.go rename to pkg/core/ssl-deployer/providers/netlify-site/netlify_site.go index 3b2072d7..27e4f3e9 100644 --- a/internal/pkg/core/deployer/providers/netlify-site/netlify_site.go +++ b/pkg/core/ssl-deployer/providers/netlify-site/netlify_site.go @@ -6,59 +6,58 @@ import ( "fmt" "log/slog" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - netlifysdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/netlify" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + netlifysdk "github.com/certimate-go/certimate/pkg/sdk3rd/netlify" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // netlify API Token。 ApiToken string `json:"apiToken"` // netlify 网站 ID。 SiteId string `json:"siteId"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *netlifysdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ApiToken) + client, err := createSDKClient(config.ApiToken) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.SiteId == "" { return nil, errors.New("config `siteId` is required") } // 提取服务器证书和中间证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -76,14 +75,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'netlify.provisionSiteTLSCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(apiToken string) (*netlifysdk.Client, error) { - if apiToken == "" { - return nil, errors.New("invalid netlify api token") - } - - client := netlifysdk.NewClient(apiToken) - return client, nil +func createSDKClient(apiToken string) (*netlifysdk.Client, error) { + return netlifysdk.NewClient(apiToken) } diff --git a/internal/pkg/core/deployer/providers/netlify-site/netlify_site_test.go b/pkg/core/ssl-deployer/providers/netlify-site/netlify_site_test.go similarity index 66% rename from internal/pkg/core/deployer/providers/netlify-site/netlify_site_test.go rename to pkg/core/ssl-deployer/providers/netlify-site/netlify_site_test.go index eb4a447c..97c58797 100644 --- a/internal/pkg/core/deployer/providers/netlify-site/netlify_site_test.go +++ b/pkg/core/ssl-deployer/providers/netlify-site/netlify_site_test.go @@ -8,33 +8,33 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/netlify-site" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/netlify-site" ) var ( fInputCertPath string fInputKeyPath string fApiToken string - fSiteId int64 + fSiteId string ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_NETLIFYSITE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_NETLIFYSITE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") flag.StringVar(&fApiToken, argsPrefix+"APITOKEN", "", "") - flag.Int64Var(&fSiteId, argsPrefix+"SITEID", 0, "") + flag.StringVar(&fSiteId, argsPrefix+"SITEID", "", "") } /* Shell command to run this test: go test -v ./netlify_site_test.go -args \ - --CERTIMATE_DEPLOYER_NETLIFYSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_NETLIFYSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_NETLIFYSITE_APITOKEN="your-api-token" \ - --CERTIMATE_DEPLOYER_NETLIFYSITE_SITEID="your-site-id" + --CERTIMATE_SSLDEPLOYER_NETLIFYSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_NETLIFYSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_NETLIFYSITE_APITOKEN="your-api-token" \ + --CERTIMATE_SSLDEPLOYER_NETLIFYSITE_SITEID="your-site-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -48,7 +48,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SITEID: %v", fSiteId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ApiToken: fApiToken, SiteId: fSiteId, }) diff --git a/internal/pkg/core/deployer/providers/proxmoxve/proxmoxve.go b/pkg/core/ssl-deployer/providers/proxmoxve/proxmoxve.go similarity index 71% rename from internal/pkg/core/deployer/providers/proxmoxve/proxmoxve.go rename to pkg/core/ssl-deployer/providers/proxmoxve/proxmoxve.go index 670ba02c..37a02a5d 100644 --- a/internal/pkg/core/deployer/providers/proxmoxve/proxmoxve.go +++ b/pkg/core/ssl-deployer/providers/proxmoxve/proxmoxve.go @@ -12,11 +12,11 @@ import ( "github.com/luthermonson/go-proxmox" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - httputil "github.com/usual2970/certimate/internal/pkg/utils/http" + "github.com/certimate-go/certimate/pkg/core" + xhttp "github.com/certimate-go/certimate/pkg/utils/http" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // Proxmox VE 服务地址。 ServerUrl string `json:"serverUrl"` // Proxmox VE API Token。 @@ -31,41 +31,40 @@ type DeployerConfig struct { AutoRestart bool `json:"autoRestart"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *proxmox.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ServerUrl, config.ApiToken, config.ApiTokenSecret, config.AllowInsecureConnections) + client, err := createSDKClient(config.ServerUrl, config.ApiToken, config.ApiTokenSecret, config.AllowInsecureConnections) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.NodeName == "" { return nil, errors.New("config `nodeName` is required") } @@ -89,10 +88,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to upload custom certificate to node '%s': %w", node.Name, err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(serverUrl, apiToken, apiTokenSecret string, skipTlsVerify bool) (*proxmox.Client, error) { +func createSDKClient(serverUrl, apiToken, apiTokenSecret string, skipTlsVerify bool) (*proxmox.Client, error) { if _, err := url.Parse(serverUrl); err != nil { return nil, errors.New("invalid pve server url") } @@ -102,11 +101,11 @@ func createSdkClient(serverUrl, apiToken, apiTokenSecret string, skipTlsVerify b } httpClient := &http.Client{ - Transport: httputil.NewDefaultTransport(), + Transport: xhttp.NewDefaultTransport(), Timeout: http.DefaultClient.Timeout, } if skipTlsVerify { - transport := httputil.NewDefaultTransport() + transport := xhttp.NewDefaultTransport() if transport.TLSClientConfig == nil { transport.TLSClientConfig = &tls.Config{} } diff --git a/internal/pkg/core/deployer/providers/proxmoxve/proxmoxve_test.go b/pkg/core/ssl-deployer/providers/proxmoxve/proxmoxve_test.go similarity index 72% rename from internal/pkg/core/deployer/providers/proxmoxve/proxmoxve_test.go rename to pkg/core/ssl-deployer/providers/proxmoxve/proxmoxve_test.go index 8ae02f3b..d53a641b 100644 --- a/internal/pkg/core/deployer/providers/proxmoxve/proxmoxve_test.go +++ b/pkg/core/ssl-deployer/providers/proxmoxve/proxmoxve_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/proxmoxve" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/proxmoxve" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_PROXMOXVE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_PROXMOXVE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./proxmoxve_test.go -args \ - --CERTIMATE_DEPLOYER_PROXMOXVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_PROXMOXVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_PROXMOXVE_SERVERURL="http://127.0.0.1:8006" \ - --CERTIMATE_DEPLOYER_PROXMOXVE_APITOKEN="your-api-token" \ - --CERTIMATE_DEPLOYER_PROXMOXVE_APITOKENSECRET="your-api-token-secret" \ - --CERTIMATE_DEPLOYER_PROXMOXVE_NODENAME="your-cluster-node-name" + --CERTIMATE_SSLDEPLOYER_PROXMOXVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_PROXMOXVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_PROXMOXVE_SERVERURL="http://127.0.0.1:8006" \ + --CERTIMATE_SSLDEPLOYER_PROXMOXVE_APITOKEN="your-api-token" \ + --CERTIMATE_SSLDEPLOYER_PROXMOXVE_APITOKENSECRET="your-api-token-secret" \ + --CERTIMATE_SSLDEPLOYER_PROXMOXVE_NODENAME="your-cluster-node-name" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("NODENAME: %v", fNodeName), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiToken: fApiToken, ApiTokenSecret: fApiTokenSecret, diff --git a/internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn.go b/pkg/core/ssl-deployer/providers/qiniu-cdn/qiniu_cdn.go similarity index 63% rename from internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn.go rename to pkg/core/ssl-deployer/providers/qiniu-cdn/qiniu_cdn.go index 8491ecc3..a1881664 100644 --- a/internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn.go +++ b/pkg/core/ssl-deployer/providers/qiniu-cdn/qiniu_cdn.go @@ -2,19 +2,19 @@ package qiniucdn import ( "context" + "errors" "fmt" "log/slog" "strings" "github.com/qiniu/go-sdk/v7/auth" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/qiniu-sslcert" - qiniusdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/qiniu" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/qiniu-sslcert" + qiniusdk "github.com/certimate-go/certimate/pkg/sdk3rd/qiniu" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 七牛云 AccessKey。 AccessKey string `json:"accessKey"` // 七牛云 SecretKey。 @@ -23,51 +23,55 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *qiniusdk.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *qiniusdk.CdnManager + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client := qiniusdk.NewClient(auth.New(config.AccessKey, config.SecretKey)) + client := qiniusdk.NewCdnManager(auth.New(config.AccessKey, config.SecretKey)) - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKey: config.AccessKey, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CDN - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, fmt.Errorf("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -101,5 +105,5 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } diff --git a/internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn_test.go b/pkg/core/ssl-deployer/providers/qiniu-cdn/qiniu_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn_test.go rename to pkg/core/ssl-deployer/providers/qiniu-cdn/qiniu_cdn_test.go index 51c1201c..5ad633c3 100644 --- a/internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/qiniu-cdn/qiniu_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/qiniu-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/qiniu-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_QINIUCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_QINIUCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./qiniu_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_QINIUCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_QINIUCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_QINIUCDN_ACCESSKEY="your-access-key" \ - --CERTIMATE_DEPLOYER_QINIUCDN_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_QINIUCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_QINIUCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_QINIUCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_QINIUCDN_ACCESSKEY="your-access-key" \ + --CERTIMATE_SSLDEPLOYER_QINIUCDN_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_QINIUCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKey: fAccessKey, SecretKey: fSecretKey, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili.go b/pkg/core/ssl-deployer/providers/qiniu-pili/qiniu_pili.go similarity index 51% rename from internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili.go rename to pkg/core/ssl-deployer/providers/qiniu-pili/qiniu_pili.go index ec6cfc4b..e4e99c4d 100644 --- a/internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili.go +++ b/pkg/core/ssl-deployer/providers/qiniu-pili/qiniu_pili.go @@ -2,17 +2,17 @@ package qiniupili import ( "context" + "errors" "fmt" "log/slog" "github.com/qiniu/go-sdk/v7/pili" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/qiniu-sslcert" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/qiniu-sslcert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 七牛云 AccessKey。 AccessKey string `json:"accessKey"` // 七牛云 SecretKey。 @@ -23,51 +23,55 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *pili.Manager - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *pili.Manager + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } manager := pili.NewManager(pili.ManagerConfig{AccessKey: config.AccessKey, SecretKey: config.SecretKey}) - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKey: config.AccessKey, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: manager, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: manager, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CDN - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, fmt.Errorf("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -87,5 +91,5 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'pili.SetDomainCert': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } diff --git a/internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili_test.go b/pkg/core/ssl-deployer/providers/qiniu-pili/qiniu_pili_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili_test.go rename to pkg/core/ssl-deployer/providers/qiniu-pili/qiniu_pili_test.go index 1c165e0e..5ab99fd9 100644 --- a/internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili_test.go +++ b/pkg/core/ssl-deployer/providers/qiniu-pili/qiniu_pili_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/qiniu-pili" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/qiniu-pili" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_QINIUPILI_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_QINIUPILI_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./qiniu_pili_test.go -args \ - --CERTIMATE_DEPLOYER_QINIUPILI_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_QINIUPILI_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_QINIUPILI_ACCESSKEY="your-access-key" \ - --CERTIMATE_DEPLOYER_QINIUPILI_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_QINIUPILI_HUB="your-hub-name" \ - --CERTIMATE_DEPLOYER_QINIUPILI_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_QINIUPILI_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_QINIUPILI_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_QINIUPILI_ACCESSKEY="your-access-key" \ + --CERTIMATE_SSLDEPLOYER_QINIUPILI_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_QINIUPILI_HUB="your-hub-name" \ + --CERTIMATE_SSLDEPLOYER_QINIUPILI_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKey: fAccessKey, SecretKey: fSecretKey, Domain: fDomain, diff --git a/pkg/core/ssl-deployer/providers/rainyun-rcdn/rainyun_rcdn.go b/pkg/core/ssl-deployer/providers/rainyun-rcdn/rainyun_rcdn.go new file mode 100644 index 00000000..8af0fa06 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/rainyun-rcdn/rainyun_rcdn.go @@ -0,0 +1,99 @@ +package rainyunrcdn + +import ( + "context" + "errors" + "fmt" + "log/slog" + "strconv" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/rainyun-sslcenter" + rainyunsdk "github.com/certimate-go/certimate/pkg/sdk3rd/rainyun" +) + +type SSLDeployerProviderConfig struct { + // 雨云 API 密钥。 + ApiKey string `json:"apiKey"` + // RCDN 实例 ID。 + InstanceId int32 `json:"instanceId"` + // 加速域名(支持泛域名)。 + Domain string `json:"domain"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *rainyunsdk.Client + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ApiKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + ApiKey: config.ApiKey, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, fmt.Errorf("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + // RCDN SSL 绑定域名 + // REF: https://apifox.com/apidoc/shared/a4595cc8-44c5-4678-a2a3-eed7738dab03/api-184214120 + certId, _ := strconv.Atoi(upres.CertId) + rcdnInstanceSslBindReq := &rainyunsdk.RcdnInstanceSslBindRequest{ + CertId: int32(certId), + Domains: []string{d.config.Domain}, + } + rcdnInstanceSslBindResp, err := d.sdkClient.RcdnInstanceSslBind(d.config.InstanceId, rcdnInstanceSslBindReq) + d.logger.Debug("sdk request 'rcdn.InstanceSslBind'", slog.Any("instanceId", d.config.InstanceId), slog.Any("request", rcdnInstanceSslBindReq), slog.Any("response", rcdnInstanceSslBindResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'rcdn.InstanceSslBind': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(apiKey string) (*rainyunsdk.Client, error) { + return rainyunsdk.NewClient(apiKey) +} diff --git a/internal/pkg/core/deployer/providers/rainyun-rcdn/rainyun_rcdn_test.go b/pkg/core/ssl-deployer/providers/rainyun-rcdn/rainyun_rcdn_test.go similarity index 67% rename from internal/pkg/core/deployer/providers/rainyun-rcdn/rainyun_rcdn_test.go rename to pkg/core/ssl-deployer/providers/rainyun-rcdn/rainyun_rcdn_test.go index fd81bffa..25f8ba1b 100644 --- a/internal/pkg/core/deployer/providers/rainyun-rcdn/rainyun_rcdn_test.go +++ b/pkg/core/ssl-deployer/providers/rainyun-rcdn/rainyun_rcdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/rainyun-rcdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/rainyun-rcdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_RAINYUNRCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_RAINYUNRCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./ucloud_ucdn_test.go -args \ - --CERTIMATE_DEPLOYER_RAINYUNRCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_RAINYUNRCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_RAINYUNRCDN_APIKEY="your-api-key" \ - --CERTIMATE_DEPLOYER_RAINYUNRCDN_INSTANCEID="your-rcdn-instance-id" \ - --CERTIMATE_DEPLOYER_RAINYUNRCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_RAINYUNRCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_RAINYUNRCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_RAINYUNRCDN_APIKEY="your-api-key" \ + --CERTIMATE_SSLDEPLOYER_RAINYUNRCDN_INSTANCEID="your-rcdn-instance-id" \ + --CERTIMATE_SSLDEPLOYER_RAINYUNRCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,9 +52,9 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ - PrivateKey: fApiKey, - InstanceId: fInstanceId, + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ + ApiKey: fApiKey, + InstanceId: int32(fInstanceId), Domain: fDomain, }) if err != nil { diff --git a/pkg/core/ssl-deployer/providers/ratpanel-console/ratpanel_console.go b/pkg/core/ssl-deployer/providers/ratpanel-console/ratpanel_console.go new file mode 100644 index 00000000..bea24380 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ratpanel-console/ratpanel_console.go @@ -0,0 +1,84 @@ +package ratpanelconsole + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + rpsdk "github.com/certimate-go/certimate/pkg/sdk3rd/ratpanel" +) + +type SSLDeployerProviderConfig struct { + // 耗子面板服务地址。 + ServerUrl string `json:"serverUrl"` + // 耗子面板访问令牌 ID。 + AccessTokenId int32 `json:"accessTokenId"` + // 耗子面板访问令牌。 + AccessToken string `json:"accessToken"` + // 是否允许不安全的连接。 + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *rpsdk.Client +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ServerUrl, config.AccessTokenId, config.AccessToken, config.AllowInsecureConnections) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 设置面板 SSL 证书 + setSettingCertReq := &rpsdk.SetSettingCertRequest{ + Certificate: certPEM, + PrivateKey: privkeyPEM, + } + setSettingCertResp, err := d.sdkClient.SetSettingCert(setSettingCertReq) + d.logger.Debug("sdk request 'ratpanel.SetSettingCert'", slog.Any("request", setSettingCertReq), slog.Any("response", setSettingCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'ratpanel.SetSettingCert': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(serverUrl string, accessTokenId int32, accessToken string, skipTlsVerify bool) (*rpsdk.Client, error) { + client, err := rpsdk.NewClient(serverUrl, accessTokenId, accessToken) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil +} diff --git a/internal/pkg/core/deployer/providers/ratpanel-console/ratpanel_console_test.go b/pkg/core/ssl-deployer/providers/ratpanel-console/ratpanel_console_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/ratpanel-console/ratpanel_console_test.go rename to pkg/core/ssl-deployer/providers/ratpanel-console/ratpanel_console_test.go index 3366b06c..fab2f64d 100644 --- a/internal/pkg/core/deployer/providers/ratpanel-console/ratpanel_console_test.go +++ b/pkg/core/ssl-deployer/providers/ratpanel-console/ratpanel_console_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ratpanel-console" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ratpanel-console" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_RATPANELCONSOLE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_RATPANELCONSOLE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./ratpanel_console_test.go -args \ - --CERTIMATE_DEPLOYER_RATPANELCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_RATPANELCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_RATPANELCONSOLE_SERVERURL="http://127.0.0.1:8888" \ - --CERTIMATE_DEPLOYER_RATPANELCONSOLE_ACCESSTOKENID="your-access-token-id" \ - --CERTIMATE_DEPLOYER_RATPANELCONSOLE_ACCESSTOKEN="your-access-token" + --CERTIMATE_SSLDEPLOYER_RATPANELCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_RATPANELCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_RATPANELCONSOLE_SERVERURL="http://127.0.0.1:8888" \ + --CERTIMATE_SSLDEPLOYER_RATPANELCONSOLE_ACCESSTOKENID="your-access-token-id" \ + --CERTIMATE_SSLDEPLOYER_RATPANELCONSOLE_ACCESSTOKEN="your-access-token" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("ACCESSTOKEN: %v", fAccessToken), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, AccessTokenId: int32(fAccessTokenId), AccessToken: fAccessToken, diff --git a/pkg/core/ssl-deployer/providers/ratpanel-site/ratpanel_site.go b/pkg/core/ssl-deployer/providers/ratpanel-site/ratpanel_site.go new file mode 100644 index 00000000..0adcf20c --- /dev/null +++ b/pkg/core/ssl-deployer/providers/ratpanel-site/ratpanel_site.go @@ -0,0 +1,91 @@ +package ratpanelsite + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + rpsdk "github.com/certimate-go/certimate/pkg/sdk3rd/ratpanel" +) + +type SSLDeployerProviderConfig struct { + // 耗子面板服务地址。 + ServerUrl string `json:"serverUrl"` + // 耗子面板访问令牌 ID。 + AccessTokenId int32 `json:"accessTokenId"` + // 耗子面板访问令牌。 + AccessToken string `json:"accessToken"` + // 是否允许不安全的连接。 + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` + // 网站名称。 + SiteName string `json:"siteName"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *rpsdk.Client +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.ServerUrl, config.AccessTokenId, config.AccessToken, config.AllowInsecureConnections) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.SiteName == "" { + return nil, errors.New("config `siteName` is required") + } + + // 设置站点 SSL 证书 + setWebsiteCertReq := &rpsdk.SetWebsiteCertRequest{ + SiteName: d.config.SiteName, + Certificate: certPEM, + PrivateKey: privkeyPEM, + } + setWebsiteCertResp, err := d.sdkClient.SetWebsiteCert(setWebsiteCertReq) + d.logger.Debug("sdk request 'ratpanel.SetWebsiteCert'", slog.Any("request", setWebsiteCertReq), slog.Any("response", setWebsiteCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'ratpanel.SetWebsiteCert': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(serverUrl string, accessTokenId int32, accessToken string, skipTlsVerify bool) (*rpsdk.Client, error) { + client, err := rpsdk.NewClient(serverUrl, accessTokenId, accessToken) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil +} diff --git a/internal/pkg/core/deployer/providers/ratpanel-site/ratpanel_site_test.go b/pkg/core/ssl-deployer/providers/ratpanel-site/ratpanel_site_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/ratpanel-site/ratpanel_site_test.go rename to pkg/core/ssl-deployer/providers/ratpanel-site/ratpanel_site_test.go index cd84b3ea..1cd261d8 100644 --- a/internal/pkg/core/deployer/providers/ratpanel-site/ratpanel_site_test.go +++ b/pkg/core/ssl-deployer/providers/ratpanel-site/ratpanel_site_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ratpanel-site" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ratpanel-site" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_RATPANELSITE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_RATPANELSITE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./ratpanel_site_test.go -args \ - --CERTIMATE_DEPLOYER_RATPANELSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_RATPANELSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_RATPANELSITE_SERVERURL="http://127.0.0.1:8888" \ - --CERTIMATE_DEPLOYER_RATPANELSITE_ACCESSTOKENID="your-access-token-id" \ - --CERTIMATE_DEPLOYER_RATPANELSITE_ACCESSTOKEN="your-access-token" \ - --CERTIMATE_DEPLOYER_RATPANELSITE_SITENAME="your-site-name" + --CERTIMATE_SSLDEPLOYER_RATPANELSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_RATPANELSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_RATPANELSITE_SERVERURL="http://127.0.0.1:8888" \ + --CERTIMATE_SSLDEPLOYER_RATPANELSITE_ACCESSTOKENID="your-access-token-id" \ + --CERTIMATE_SSLDEPLOYER_RATPANELSITE_ACCESSTOKEN="your-access-token" \ + --CERTIMATE_SSLDEPLOYER_RATPANELSITE_SITENAME="your-site-name" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SITENAME: %v", fSiteName), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, AccessTokenId: int32(fAccessTokenId), AccessToken: fAccessToken, diff --git a/internal/pkg/core/deployer/providers/safeline/consts.go b/pkg/core/ssl-deployer/providers/safeline/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/safeline/consts.go rename to pkg/core/ssl-deployer/providers/safeline/consts.go diff --git a/internal/pkg/core/deployer/providers/safeline/safeline.go b/pkg/core/ssl-deployer/providers/safeline/safeline.go similarity index 57% rename from internal/pkg/core/deployer/providers/safeline/safeline.go rename to pkg/core/ssl-deployer/providers/safeline/safeline.go index 253a8754..3bba0f66 100644 --- a/internal/pkg/core/deployer/providers/safeline/safeline.go +++ b/pkg/core/ssl-deployer/providers/safeline/safeline.go @@ -6,13 +6,12 @@ import ( "errors" "fmt" "log/slog" - "net/url" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - safelinesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/safeline" + "github.com/certimate-go/certimate/pkg/core" + safelinesdk "github.com/certimate-go/certimate/pkg/sdk3rd/safeline" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 雷池服务地址。 ServerUrl string `json:"serverUrl"` // 雷池 API Token。 @@ -26,42 +25,41 @@ type DeployerConfig struct { CertificateId int32 `json:"certificateId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *safelinesdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.ServerUrl, config.ApiToken, config.AllowInsecureConnections) + client, err := createSDKClient(config.ServerUrl, config.ApiToken, config.AllowInsecureConnections) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 根据部署资源类型决定部署方式 +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 根据部署资源类型决定部署方式`` switch d.config.ResourceType { case RESOURCE_TYPE_CERTIFICATE: if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil { @@ -72,10 +70,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { +func (d *SSLDeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error { if d.config.CertificateId == 0 { return errors.New("config `certificateId` is required") } @@ -84,7 +82,7 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri updateCertificateReq := &safelinesdk.UpdateCertificateRequest{ Id: d.config.CertificateId, Type: 2, - Manual: &safelinesdk.UpdateCertificateRequestBodyManul{ + Manual: &safelinesdk.CertificateManul{ Crt: certPEM, Key: privkeyPEM, }, @@ -98,18 +96,14 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri return nil } -func createSdkClient(serverUrl, apiToken string, skipTlsVerify bool) (*safelinesdk.Client, error) { - if _, err := url.Parse(serverUrl); err != nil { - return nil, errors.New("invalid safeline server url") +func createSDKClient(serverUrl, apiToken string, skipTlsVerify bool) (*safelinesdk.Client, error) { + client, err := safelinesdk.NewClient(serverUrl, apiToken) + if err != nil { + return nil, err } - if apiToken == "" { - return nil, errors.New("invalid safeline api token") - } - - client := safelinesdk.NewClient(serverUrl, apiToken) if skipTlsVerify { - client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true}) + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) } return client, nil diff --git a/internal/pkg/core/deployer/providers/safeline/safeline_test.go b/pkg/core/ssl-deployer/providers/safeline/safeline_test.go similarity index 73% rename from internal/pkg/core/deployer/providers/safeline/safeline_test.go rename to pkg/core/ssl-deployer/providers/safeline/safeline_test.go index 9730473c..80b89839 100644 --- a/internal/pkg/core/deployer/providers/safeline/safeline_test.go +++ b/pkg/core/ssl-deployer/providers/safeline/safeline_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/safeline" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/safeline" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_SAFELINE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_SAFELINE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./safeline_test.go -args \ - --CERTIMATE_DEPLOYER_SAFELINE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_SAFELINE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_SAFELINE_SERVERURL="http://127.0.0.1:9443" \ - --CERTIMATE_DEPLOYER_SAFELINE_APITOKEN="your-api-token" \ - --CERTIMATE_DEPLOYER_SAFELINE_CERTIFICATEID="your-cerficiate-id" + --CERTIMATE_SSLDEPLOYER_SAFELINE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_SAFELINE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_SAFELINE_SERVERURL="http://127.0.0.1:9443" \ + --CERTIMATE_SSLDEPLOYER_SAFELINE_APITOKEN="your-api-token" \ + --CERTIMATE_SSLDEPLOYER_SAFELINE_CERTIFICATEID="your-cerficiate-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("CERTIFICATEID: %v", fCertificateId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ ServerUrl: fServerUrl, ApiToken: fApiToken, AllowInsecureConnections: true, diff --git a/internal/pkg/core/deployer/providers/ssh/defines.go b/pkg/core/ssl-deployer/providers/ssh/defines.go similarity index 100% rename from internal/pkg/core/deployer/providers/ssh/defines.go rename to pkg/core/ssl-deployer/providers/ssh/defines.go diff --git a/internal/pkg/core/deployer/providers/ssh/ssh.go b/pkg/core/ssl-deployer/providers/ssh/ssh.go similarity index 87% rename from internal/pkg/core/deployer/providers/ssh/ssh.go rename to pkg/core/ssl-deployer/providers/ssh/ssh.go index 782b1332..94d0b6bf 100644 --- a/internal/pkg/core/deployer/providers/ssh/ssh.go +++ b/pkg/core/ssl-deployer/providers/ssh/ssh.go @@ -3,19 +3,21 @@ package ssh import ( "bytes" "context" + "errors" "fmt" "log/slog" "net" "os" "path/filepath" + "strconv" "strings" "github.com/pkg/sftp" "github.com/povsister/scp" "golang.org/x/crypto/ssh" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) type JumpServerConfig struct { @@ -40,7 +42,7 @@ type JumpServerConfig struct { SshKeyPassphrase string `json:"sshKeyPassphrase,omitempty"` } -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // SSH 主机。 // 零值时默认值 "localhost"。 SshHost string `json:"sshHost,omitempty"` @@ -94,36 +96,35 @@ type DeployerConfig struct { JksStorepass string `json:"jksStorepass,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 提取服务器证书和中间证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -139,9 +140,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE var jumpConn net.Conn // 第一个连接是主机发起,后续通过跳板机发起 if jumpClient == nil { - jumpConn, err = net.Dial("tcp", fmt.Sprintf("%s:%d", jumpServerConf.SshHost, jumpServerConf.SshPort)) + jumpConn, err = net.Dial("tcp", net.JoinHostPort(jumpServerConf.SshHost, strconv.Itoa(int(jumpServerConf.SshPort)))) } else { - jumpConn, err = jumpClient.DialContext(ctx, "tcp", fmt.Sprintf("%s:%d", jumpServerConf.SshHost, jumpServerConf.SshPort)) + jumpConn, err = jumpClient.DialContext(ctx, "tcp", net.JoinHostPort(jumpServerConf.SshHost, strconv.Itoa(int(jumpServerConf.SshPort)))) } if err != nil { return nil, fmt.Errorf("failed to connect to jump server [%d]: %w", i+1, err) @@ -168,13 +169,13 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } // 通过跳板机发起 TCP 连接到目标服务器 - targetConn, err = jumpClient.DialContext(ctx, "tcp", fmt.Sprintf("%s:%d", d.config.SshHost, d.config.SshPort)) + targetConn, err = jumpClient.DialContext(ctx, "tcp", net.JoinHostPort(d.config.SshHost, strconv.Itoa(int(d.config.SshPort)))) if err != nil { return nil, fmt.Errorf("failed to connect to target server: %w", err) } } else { // 直接发起 TCP 连接到目标服务器 - targetConn, err = net.Dial("tcp", fmt.Sprintf("%s:%d", d.config.SshHost, d.config.SshPort)) + targetConn, err = net.Dial("tcp", net.JoinHostPort(d.config.SshHost, strconv.Itoa(int(d.config.SshPort)))) if err != nil { return nil, fmt.Errorf("failed to connect to target server: %w", err) } @@ -236,7 +237,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE d.logger.Info("ssl private key file uploaded", slog.String("path", d.config.OutputKeyPath)) case OUTPUT_FORMAT_PFX: - pfxData, err := certutil.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, d.config.PfxPassword) + pfxData, err := xcert.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, d.config.PfxPassword) if err != nil { return nil, fmt.Errorf("failed to transform certificate to PFX: %w", err) } @@ -248,7 +249,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE d.logger.Info("ssl certificate file uploaded", slog.String("path", d.config.OutputCertPath)) case OUTPUT_FORMAT_JKS: - jksData, err := certutil.TransformCertificateFromPEMToJKS(certPEM, privkeyPEM, d.config.JksAlias, d.config.JksKeypass, d.config.JksStorepass) + jksData, err := xcert.TransformCertificateFromPEMToJKS(certPEM, privkeyPEM, d.config.JksAlias, d.config.JksKeypass, d.config.JksStorepass) if err != nil { return nil, fmt.Errorf("failed to transform certificate to JKS: %w", err) } @@ -272,7 +273,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } func createSshClient(conn net.Conn, host string, port int32, authMethod string, username, password, key, keyPassphrase string) (*ssh.Client, error) { @@ -340,7 +341,8 @@ func createSshClient(conn net.Conn, host string, port int32, authMethod string, return nil, fmt.Errorf("unsupported auth method '%s'", authMethod) } - sshConn, chans, reqs, err := ssh.NewClientConn(conn, fmt.Sprintf("%s:%d", host, port), &ssh.ClientConfig{ + addr := net.JoinHostPort(host, strconv.Itoa(int(port))) + sshConn, chans, reqs, err := ssh.NewClientConn(conn, addr, &ssh.ClientConfig{ User: username, Auth: authentications, HostKeyCallback: ssh.InsecureIgnoreHostKey(), diff --git a/internal/pkg/core/deployer/providers/ssh/ssh_test.go b/pkg/core/ssl-deployer/providers/ssh/ssh_test.go similarity index 73% rename from internal/pkg/core/deployer/providers/ssh/ssh_test.go rename to pkg/core/ssl-deployer/providers/ssh/ssh_test.go index ae908185..30c456ef 100644 --- a/internal/pkg/core/deployer/providers/ssh/ssh_test.go +++ b/pkg/core/ssl-deployer/providers/ssh/ssh_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ssh" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ssh" ) var ( @@ -23,7 +23,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_SSH_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_SSH_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -39,14 +39,14 @@ func init() { Shell command to run this test: go test -v ./ssh_test.go -args \ - --CERTIMATE_DEPLOYER_SSH_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_SSH_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_SSH_SSHHOST="localhost" \ - --CERTIMATE_DEPLOYER_SSH_SSHPORT=22 \ - --CERTIMATE_DEPLOYER_SSH_SSHUSERNAME="root" \ - --CERTIMATE_DEPLOYER_SSH_SSHPASSWORD="password" \ - --CERTIMATE_DEPLOYER_SSH_OUTPUTCERTPATH="/path/to/your-output-cert.pem" \ - --CERTIMATE_DEPLOYER_SSH_OUTPUTKEYPATH="/path/to/your-output-key.pem" + --CERTIMATE_SSLDEPLOYER_SSH_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_SSH_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_SSH_SSHHOST="localhost" \ + --CERTIMATE_SSLDEPLOYER_SSH_SSHPORT=22 \ + --CERTIMATE_SSLDEPLOYER_SSH_SSHUSERNAME="root" \ + --CERTIMATE_SSLDEPLOYER_SSH_SSHPASSWORD="password" \ + --CERTIMATE_SSLDEPLOYER_SSH_OUTPUTCERTPATH="/path/to/your-output-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_SSH_OUTPUTKEYPATH="/path/to/your-output-key.pem" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -64,7 +64,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("OUTPUTKEYPATH: %v", fOutputKeyPath), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SshHost: fSshHost, SshPort: int32(fSshPort), SshUsername: fSshUsername, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go b/pkg/core/ssl-deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go similarity index 80% rename from internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go rename to pkg/core/ssl-deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go index b815ebf8..332bf610 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go @@ -14,12 +14,11 @@ import ( tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" "golang.org/x/exp/slices" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -28,59 +27,63 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClients *wSdkClients - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClients *wSDKClients + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -type wSdkClients struct { +type wSDKClients struct { SSL *tcssl.Client CDN *tccdn.Client } -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - clients, err := createSdkClients(config.SecretId, config.SecretKey) + clients, err := createSDKClients(config.SecretId, config.SecretKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk clients: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClients: clients, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClients: clients, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -179,10 +182,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]string, error) { +func (d *SSLDeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]string, error) { // 获取证书中的可用域名 // REF: https://cloud.tencent.com/document/product/228/42491 describeCertDomainsReq := tccdn.NewDescribeCertDomainsRequest() @@ -204,8 +207,8 @@ func (d *DeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]stri return domains, nil } -func (d *DeployerProvider) getDeployedDomainsByCertificateId(cloudCertId string) ([]string, error) { - // 根据证书查询关联 CDN 域名 +func (d *SSLDeployerProvider) getDeployedDomainsByCertificateId(cloudCertId string) ([]string, error) { + // 根据证书查询关联资源 // REF: https://cloud.tencent.com/document/product/400/62674 describeDeployedResourcesReq := tcssl.NewDescribeDeployedResourcesRequest() describeDeployedResourcesReq.CertificateIds = common.StringPtrs([]string{cloudCertId}) @@ -228,7 +231,7 @@ func (d *DeployerProvider) getDeployedDomainsByCertificateId(cloudCertId string) return domains, nil } -func createSdkClients(secretId, secretKey string) (*wSdkClients, error) { +func createSDKClients(secretId, secretKey string) (*wSDKClients, error) { credential := common.NewCredential(secretId, secretKey) sslClient, err := tcssl.NewClient(credential, "", profile.NewClientProfile()) @@ -241,7 +244,7 @@ func createSdkClients(secretId, secretKey string) (*wSdkClients, error) { return nil, err } - return &wSdkClients{ + return &wSDKClients{ SSL: sslClient, CDN: cdnClient, }, nil diff --git a/internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-cdn/tencentcloud_cdn_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-cdn/tencentcloud_cdn_test.go index 95285930..b9dfe8c3 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-cdn/tencentcloud_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCDN_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCDN_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCDN_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCDN_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-clb/consts.go b/pkg/core/ssl-deployer/providers/tencentcloud-clb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/tencentcloud-clb/consts.go rename to pkg/core/ssl-deployer/providers/tencentcloud-clb/consts.go diff --git a/internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb.go b/pkg/core/ssl-deployer/providers/tencentcloud-clb/tencentcloud_clb.go similarity index 85% rename from internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb.go rename to pkg/core/ssl-deployer/providers/tencentcloud-clb/tencentcloud_clb.go index 7179ee71..0c37558d 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-clb/tencentcloud_clb.go @@ -12,12 +12,11 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -37,59 +36,59 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClients *wSdkClients - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClients *wSDKClients + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -type wSdkClients struct { +type wSDKClients struct { SSL *tcssl.Client CLB *tcclb.Client } -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - clients, err := createSdkClients(config.SecretId, config.SecretKey, config.Region) + clients, err := createSDKClients(config.SecretId, config.SecretKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk clients: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClients: clients, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClients: clients, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -122,10 +121,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployViaSslService(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployViaSslService(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -198,7 +197,7 @@ func (d *DeployerProvider) deployViaSslService(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -250,7 +249,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -266,7 +265,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) deployToRuleDomain(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToRuleDomain(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -296,8 +295,8 @@ func (d *DeployerProvider) deployToRuleDomain(ctx context.Context, cloudCertId s return nil } -func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudLoadbalancerId, cloudListenerId, cloudCertId string) error { - // 查询监听器列表 +func (d *SSLDeployerProvider) modifyListenerCertificate(ctx context.Context, cloudLoadbalancerId, cloudListenerId, cloudCertId string) error { + // 查询负载均衡的监听器列表 // REF: https://cloud.tencent.com/document/api/214/30686 describeListenersReq := tcclb.NewDescribeListenersRequest() describeListenersReq.LoadBalancerId = common.StringPtr(cloudLoadbalancerId) @@ -331,7 +330,7 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClients(secretId, secretKey, region string) (*wSdkClients, error) { +func createSDKClients(secretId, secretKey, region string) (*wSDKClients, error) { credential := common.NewCredential(secretId, secretKey) // 注意虽然官方文档中地域无需指定,但实际需要部署到 CLB 时必传 @@ -345,7 +344,7 @@ func createSdkClients(secretId, secretKey, region string) (*wSdkClients, error) return nil, err } - return &wSdkClients{ + return &wSDKClients{ SSL: sslClient, CLB: clbClient, }, nil diff --git a/internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-clb/tencentcloud_clb_test.go similarity index 82% rename from internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-clb/tencentcloud_clb_test.go index 59cd9b8d..10e19262 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-clb/tencentcloud_clb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-clb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-clb" ) var ( @@ -23,7 +23,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -39,14 +39,14 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_clb_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCLB_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCLB_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCLB_REGION="ap-guangzhou" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCLB_LOADBALANCERID="your-clb-lb-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCLB_LISTENERID="your-clb-lbl-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCLB_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCLB_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCLB_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCLB_REGION="ap-guangzhou" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCLB_LOADBALANCERID="your-clb-lb-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCLB_LISTENERID="your-clb-lbl-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCLB_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -64,7 +64,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Region: fRegion, @@ -100,7 +100,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LOADBALANCERID: %v", fLoadbalancerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Region: fRegion, @@ -135,7 +135,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LISTENERID: %v", fListenerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Region: fRegion, @@ -172,7 +172,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos.go b/pkg/core/ssl-deployer/providers/tencentcloud-cos/tencentcloud_cos.go similarity index 76% rename from internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos.go rename to pkg/core/ssl-deployer/providers/tencentcloud-cos/tencentcloud_cos.go index 537d2285..7f4501d1 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-cos/tencentcloud_cos.go @@ -11,12 +11,11 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -29,52 +28,52 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *tcssl.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *tcssl.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.SecretId, config.SecretKey, config.Region) + client, err := createSDKClient(config.SecretId, config.SecretKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Bucket == "" { return nil, errors.New("config `bucket` is required") } @@ -82,8 +81,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, errors.New("config `domain` is required") } - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -146,10 +145,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE time.Sleep(time.Second * 5) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(secretId, secretKey, region string) (*tcssl.Client, error) { +func createSDKClient(secretId, secretKey, region string) (*tcssl.Client, error) { credential := common.NewCredential(secretId, secretKey) client, err := tcssl.NewClient(credential, region, profile.NewClientProfile()) if err != nil { diff --git a/internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-cos/tencentcloud_cos_test.go similarity index 69% rename from internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-cos/tencentcloud_cos_test.go index 24e41d47..462e8f2c 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-cos/tencentcloud_cos_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-cos" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-cos" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDCOS_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCOS_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_cos_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCOS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCOS_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCOS_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCOS_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCOS_REGION="ap-guangzhou" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCOS_BUCKET="your-cos-bucket" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCOS_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCOS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCOS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCOS_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCOS_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCOS_REGION="ap-guangzhou" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCOS_BUCKET="your-cos-bucket" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCOS_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css.go b/pkg/core/ssl-deployer/providers/tencentcloud-css/tencentcloud_css.go similarity index 57% rename from internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css.go rename to pkg/core/ssl-deployer/providers/tencentcloud-css/tencentcloud_css.go index a9056719..ab07c62f 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-css/tencentcloud_css.go @@ -2,6 +2,7 @@ package tencentcloudcss import ( "context" + "errors" "fmt" "log/slog" @@ -9,12 +10,11 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tclive "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/live/v20180801" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -23,54 +23,58 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *tclive.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *tclive.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.SecretId, config.SecretKey) + client, err := createSDKClient(config.SecretId, config.SecretKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -93,10 +97,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'live.ModifyLiveDomainCertBindings': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(secretId, secretKey string) (*tclive.Client, error) { +func createSDKClient(secretId, secretKey string) (*tclive.Client, error) { credential := common.NewCredential(secretId, secretKey) client, err := tclive.NewClient(credential, "", profile.NewClientProfile()) diff --git a/internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-css/tencentcloud_css_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-css/tencentcloud_css_test.go index 4aaa344a..c4774c9d 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-css/tencentcloud_css_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-css" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-css" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDCSS_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCSS_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_css_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCSS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCSS_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCSS_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCSS_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDCSS_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCSS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCSS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCSS_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCSS_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCSS_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go b/pkg/core/ssl-deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go similarity index 78% rename from internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go rename to pkg/core/ssl-deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go index c029c667..817a1042 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go @@ -13,12 +13,11 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -27,59 +26,63 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClients *wSdkClients - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClients *wSDKClients + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -type wSdkClients struct { +type wSDKClients struct { SSL *tcssl.Client CDN *tccdn.Client } -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - clients, err := createSdkClients(config.SecretId, config.SecretKey) + clients, err := createSDKClients(config.SecretId, config.SecretKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk clients: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClients: clients, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClients: clients, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -162,10 +165,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]string, error) { +func (d *SSLDeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]string, error) { // 获取证书中的可用域名 // REF: https://cloud.tencent.com/document/product/228/42491 describeCertDomainsReq := tccdn.NewDescribeCertDomainsRequest() @@ -187,7 +190,7 @@ func (d *DeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]stri return domains, nil } -func createSdkClients(secretId, secretKey string) (*wSdkClients, error) { +func createSDKClients(secretId, secretKey string) (*wSDKClients, error) { credential := common.NewCredential(secretId, secretKey) sslClient, err := tcssl.NewClient(credential, "", profile.NewClientProfile()) @@ -200,7 +203,7 @@ func createSdkClients(secretId, secretKey string) (*wSdkClients, error) { return nil, err } - return &wSdkClients{ + return &wSDKClients{ SSL: sslClient, CDN: cdnClient, }, nil diff --git a/internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn_test.go similarity index 69% rename from internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn_test.go index 1cffd10d..ac6eac0e 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-ecdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-ecdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDECDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDECDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_ecdn_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDECDN_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDECDN_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDECDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDECDN_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDECDN_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDECDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go b/pkg/core/ssl-deployer/providers/tencentcloud-eo/tencentcloud_eo.go similarity index 60% rename from internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go rename to pkg/core/ssl-deployer/providers/tencentcloud-eo/tencentcloud_eo.go index 138fb84a..2f94f438 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-eo/tencentcloud_eo.go @@ -11,79 +11,81 @@ import ( tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" tcteo "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 SecretKey string `json:"secretKey"` // 站点 ID。 ZoneId string `json:"zoneId"` - // 加速域名(不支持泛域名)。 + // 加速域名(支持泛域名)。 Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClients *wSdkClients - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClients *wSDKClients + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -type wSdkClients struct { +type wSDKClients struct { SSL *tcssl.Client TEO *tcteo.Client } -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - clients, err := createSdkClients(config.SecretId, config.SecretKey) + clients, err := createSDKClients(config.SecretId, config.SecretKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk clients: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClients: clients, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClients: clients, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.ZoneId == "" { return nil, errors.New("config `zoneId` is required") } + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -103,10 +105,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'teo.ModifyHostsCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClients(secretId, secretKey string) (*wSdkClients, error) { +func createSDKClients(secretId, secretKey string) (*wSDKClients, error) { credential := common.NewCredential(secretId, secretKey) sslClient, err := tcssl.NewClient(credential, "", profile.NewClientProfile()) @@ -119,7 +121,7 @@ func createSdkClients(secretId, secretKey string) (*wSdkClients, error) { return nil, err } - return &wSdkClients{ + return &wSDKClients{ SSL: sslClient, TEO: teoClient, }, nil diff --git a/internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-eo/tencentcloud_eo_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-eo/tencentcloud_eo_test.go index 81c3b9da..cbca3fe3 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-eo/tencentcloud_eo_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-eo" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-eo" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDEO_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDEO_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_eo_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDEO_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDEO_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDEO_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDEO_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDEO_ZONEID="your-zone-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDEO_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDEO_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDEO_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDEO_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDEO_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDEO_ZONEID="your-zone-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDEO_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, ZoneId: fZoneId, diff --git a/pkg/core/ssl-deployer/providers/tencentcloud-gaap/consts.go b/pkg/core/ssl-deployer/providers/tencentcloud-gaap/consts.go new file mode 100644 index 00000000..37a8a94a --- /dev/null +++ b/pkg/core/ssl-deployer/providers/tencentcloud-gaap/consts.go @@ -0,0 +1,8 @@ +package tencentcloudgaap + +type ResourceType string + +const ( + // 资源类型:部署到指定监听器。 + RESOURCE_TYPE_LISTENER = ResourceType("listener") +) diff --git a/pkg/core/ssl-deployer/providers/tencentcloud-gaap/tencentcloud_gaap.go b/pkg/core/ssl-deployer/providers/tencentcloud-gaap/tencentcloud_gaap.go new file mode 100644 index 00000000..64e2d570 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/tencentcloud-gaap/tencentcloud_gaap.go @@ -0,0 +1,153 @@ +package tencentcloudgaap + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common" + "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" + tcgaap "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap/v20180529" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLDeployerProviderConfig struct { + // 腾讯云 SecretId。 + SecretId string `json:"secretId"` + // 腾讯云 SecretKey。 + SecretKey string `json:"secretKey"` + // 部署资源类型。 + ResourceType ResourceType `json:"resourceType"` + // 通道 ID。 + // 选填。 + ProxyId string `json:"proxyId,omitempty"` + // 负载均衡监听 ID。 + // 部署资源类型为 [RESOURCE_TYPE_LISTENER] 时必填。 + ListenerId string `json:"listenerId,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *tcgaap.Client + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClients(config.SecretId, config.SecretKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + SecretId: config.SecretId, + SecretKey: config.SecretKey, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + // 根据部署资源类型决定部署方式 + switch d.config.ResourceType { + case RESOURCE_TYPE_LISTENER: + if err := d.deployToListener(ctx, upres.CertId); err != nil { + return nil, err + } + + default: + return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) + } + + return &core.SSLDeployResult{}, nil +} + +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { + if d.config.ListenerId == "" { + return errors.New("config `listenerId` is required") + } + + // 更新监听器证书 + if err := d.modifyHttpsListenerCertificate(ctx, d.config.ListenerId, cloudCertId); err != nil { + return err + } + + return nil +} + +func (d *SSLDeployerProvider) modifyHttpsListenerCertificate(ctx context.Context, cloudListenerId, cloudCertId string) error { + // 查询 HTTPS 监听器信息 + // REF: https://cloud.tencent.com/document/product/608/37001 + describeHTTPSListenersReq := tcgaap.NewDescribeHTTPSListenersRequest() + describeHTTPSListenersReq.ListenerId = common.StringPtr(cloudListenerId) + describeHTTPSListenersReq.Offset = common.Uint64Ptr(0) + describeHTTPSListenersReq.Limit = common.Uint64Ptr(1) + describeHTTPSListenersResp, err := d.sdkClient.DescribeHTTPSListeners(describeHTTPSListenersReq) + d.logger.Debug("sdk request 'gaap.DescribeHTTPSListeners'", slog.Any("request", describeHTTPSListenersReq), slog.Any("response", describeHTTPSListenersResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request 'gaap.DescribeHTTPSListeners': %w", err) + } else if len(describeHTTPSListenersResp.Response.ListenerSet) == 0 { + return errors.New("listener not found") + } + + // 修改 HTTPS 监听器配置 + // REF: https://cloud.tencent.com/document/product/608/36996 + modifyHTTPSListenerAttributeReq := tcgaap.NewModifyHTTPSListenerAttributeRequest() + modifyHTTPSListenerAttributeReq.ProxyId = xtypes.ToPtrOrZeroNil(d.config.ProxyId) + modifyHTTPSListenerAttributeReq.ListenerId = common.StringPtr(cloudListenerId) + modifyHTTPSListenerAttributeReq.CertificateId = common.StringPtr(cloudCertId) + modifyHTTPSListenerAttributeResp, err := d.sdkClient.ModifyHTTPSListenerAttribute(modifyHTTPSListenerAttributeReq) + d.logger.Debug("sdk request 'gaap.ModifyHTTPSListenerAttribute'", slog.Any("request", modifyHTTPSListenerAttributeReq), slog.Any("response", modifyHTTPSListenerAttributeResp)) + if err != nil { + return fmt.Errorf("failed to execute sdk request 'gaap.ModifyHTTPSListenerAttribute': %w", err) + } + + return nil +} + +func createSDKClients(secretId, secretKey string) (*tcgaap.Client, error) { + credential := common.NewCredential(secretId, secretKey) + + client, err := tcgaap.NewClient(credential, "", profile.NewClientProfile()) + if err != nil { + return nil, err + } + + return client, nil +} diff --git a/pkg/core/ssl-deployer/providers/tencentcloud-gaap/tencentcloud_gaap_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-gaap/tencentcloud_gaap_test.go new file mode 100644 index 00000000..8d240353 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/tencentcloud-gaap/tencentcloud_gaap_test.go @@ -0,0 +1,81 @@ +package tencentcloudgaap_test + +import ( + "context" + "flag" + "fmt" + "os" + "strings" + "testing" + + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-gaap" +) + +var ( + fInputCertPath string + fInputKeyPath string + fSecretId string + fSecretKey string + fProxyId string + fListenerId string +) + +func init() { + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDCDN_" + + flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") + flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") + flag.StringVar(&fSecretId, argsPrefix+"SECRETID", "", "") + flag.StringVar(&fSecretKey, argsPrefix+"SECRETKEY", "", "") + flag.StringVar(&fProxyId, argsPrefix+"PROXYID", "", "") + flag.StringVar(&fListenerId, argsPrefix+"LISTENERID", "", "") +} + +/* +Shell command to run this test: + + go test -v ./tencentcloud_gaap_test.go -args \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDGAAP_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDGAAP_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDGAAP_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDGAAP_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDGAAP_PROXYID="your-gaap-group-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDGAAP_LISTENERID="your-clb-listener-id" +*/ +func TestDeploy(t *testing.T) { + flag.Parse() + + t.Run("Deploy_ToListener", func(t *testing.T) { + t.Log(strings.Join([]string{ + "args:", + fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), + fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), + fmt.Sprintf("SECRETID: %v", fSecretId), + fmt.Sprintf("SECRETKEY: %v", fSecretKey), + fmt.Sprintf("PROXYID: %v", fProxyId), + fmt.Sprintf("LISTENERID: %v", fListenerId), + }, "\n")) + + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ + SecretId: fSecretId, + SecretKey: fSecretKey, + ResourceType: provider.RESOURCE_TYPE_LISTENER, + ProxyId: fProxyId, + ListenerId: fListenerId, + }) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + fInputCertData, _ := os.ReadFile(fInputCertPath) + fInputKeyData, _ := os.ReadFile(fInputKeyPath) + res, err := deployer.Deploy(context.Background(), string(fInputCertData), string(fInputKeyData)) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + t.Logf("ok: %v", res) + }) +} diff --git a/internal/pkg/core/deployer/providers/tencentcloud-scf/tencentcloud_scf.go b/pkg/core/ssl-deployer/providers/tencentcloud-scf/tencentcloud_scf.go similarity index 63% rename from internal/pkg/core/deployer/providers/tencentcloud-scf/tencentcloud_scf.go rename to pkg/core/ssl-deployer/providers/tencentcloud-scf/tencentcloud_scf.go index a0967f4e..e8135421 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-scf/tencentcloud_scf.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-scf/tencentcloud_scf.go @@ -2,6 +2,7 @@ package tencentcloudscf import ( "context" + "errors" "fmt" "log/slog" @@ -9,12 +10,11 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcscf "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/scf/v20180416" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -25,52 +25,56 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *tcscf.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *tcscf.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.SecretId, config.SecretKey, config.Region) + client, err := createSDKClient(config.SecretId, config.SecretKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + // 查看云函数自定义域名详情 // REF: https://cloud.tencent.com/document/product/583/111924 getCustomDomainReq := tcscf.NewGetCustomDomainRequest() @@ -81,8 +85,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'scf.GetCustomDomain': %w", err) } - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -103,10 +107,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'scf.UpdateCustomDomain': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(secretId, secretKey, region string) (*tcscf.Client, error) { +func createSDKClient(secretId, secretKey, region string) (*tcscf.Client, error) { credential := common.NewCredential(secretId, secretKey) client, err := tcscf.NewClient(credential, region, profile.NewClientProfile()) if err != nil { diff --git a/internal/pkg/core/deployer/providers/tencentcloud-scf/tencentcloud_scf_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-scf/tencentcloud_scf_test.go similarity index 69% rename from internal/pkg/core/deployer/providers/tencentcloud-scf/tencentcloud_scf_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-scf/tencentcloud_scf_test.go index f0aa0cfe..0357028d 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-scf/tencentcloud_scf_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-scf/tencentcloud_scf_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-scf" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-scf" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDSCF_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDSCF_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_scf_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDSCF_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDSCF_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDSCF_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDSCF_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDSCF_REGION="ap-guangzhou" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDSCF_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDSCF_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDSCF_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDSCF_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDSCF_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDSCF_REGION="ap-guangzhou" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDSCF_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-ssl-deploy/tencentcloud_ssl_deploy.go b/pkg/core/ssl-deployer/providers/tencentcloud-ssl-deploy/tencentcloud_ssl_deploy.go similarity index 76% rename from internal/pkg/core/deployer/providers/tencentcloud-ssl-deploy/tencentcloud_ssl_deploy.go rename to pkg/core/ssl-deployer/providers/tencentcloud-ssl-deploy/tencentcloud_ssl_deploy.go index db6617d5..cd07cc88 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-ssl-deploy/tencentcloud_ssl_deploy.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-ssl-deploy/tencentcloud_ssl_deploy.go @@ -11,12 +11,11 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -29,52 +28,52 @@ type DeployerConfig struct { ResourceIds []string `json:"resourceIds"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *tcssl.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *tcssl.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.SecretId, config.SecretKey, config.Region) + client, err := createSDKClient(config.SecretId, config.SecretKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.ResourceType == "" { return nil, errors.New("config `resourceType` is required") } @@ -82,8 +81,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, errors.New("config `resourceIds` is required") } - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -148,10 +147,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE time.Sleep(time.Second * 5) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(secretId, secretKey, region string) (*tcssl.Client, error) { +func createSDKClient(secretId, secretKey, region string) (*tcssl.Client, error) { credential := common.NewCredential(secretId, secretKey) client, err := tcssl.NewClient(credential, region, profile.NewClientProfile()) diff --git a/pkg/core/ssl-deployer/providers/tencentcloud-ssl/tencentcloud_ssl.go b/pkg/core/ssl-deployer/providers/tencentcloud-ssl/tencentcloud_ssl.go new file mode 100644 index 00000000..89f439ac --- /dev/null +++ b/pkg/core/ssl-deployer/providers/tencentcloud-ssl/tencentcloud_ssl.go @@ -0,0 +1,68 @@ +package tencentcloudssl + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" +) + +type SSLDeployerProviderConfig struct { + // 腾讯云 SecretId。 + SecretId string `json:"secretId"` + // 腾讯云 SecretKey。 + SecretKey string `json:"secretKey"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + SecretId: config.SecretId, + SecretKey: config.SecretKey, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + return &core.SSLDeployResult{}, nil +} diff --git a/internal/pkg/core/deployer/providers/tencentcloud-vod/tencentcloud_vod.go b/pkg/core/ssl-deployer/providers/tencentcloud-vod/tencentcloud_vod.go similarity index 58% rename from internal/pkg/core/deployer/providers/tencentcloud-vod/tencentcloud_vod.go rename to pkg/core/ssl-deployer/providers/tencentcloud-vod/tencentcloud_vod.go index b7c2a3ad..afc4ddb6 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-vod/tencentcloud_vod.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-vod/tencentcloud_vod.go @@ -2,6 +2,7 @@ package tencentcloudvod import ( "context" + "errors" "fmt" "log/slog" @@ -9,12 +10,11 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcvod "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod/v20180717" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -25,54 +25,58 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *tcvod.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *tcvod.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.SecretId, config.SecretKey) + client, err := createSDKClient(config.SecretId, config.SecretKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -94,10 +98,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'vod.SetVodDomainCertificate': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(secretId, secretKey string) (*tcvod.Client, error) { +func createSDKClient(secretId, secretKey string) (*tcvod.Client, error) { credential := common.NewCredential(secretId, secretKey) client, err := tcvod.NewClient(credential, "", profile.NewClientProfile()) if err != nil { diff --git a/internal/pkg/core/deployer/providers/tencentcloud-vod/tencentcloud_vod_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-vod/tencentcloud_vod_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/tencentcloud-vod/tencentcloud_vod_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-vod/tencentcloud_vod_test.go index 52382808..a15e6040 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-vod/tencentcloud_vod_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-vod/tencentcloud_vod_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-vod" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-vod" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDVOD_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDVOD_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,12 +37,12 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_vod_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDVOD_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDVOD_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDVOD_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDVOD_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDVOD_SUBAPPID="your-app-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDVOD_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDVOD_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDVOD_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDVOD_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDVOD_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDVOD_SUBAPPID="your-app-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDVOD_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -58,7 +58,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("INSTANCEID: %v", fInstanceId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, SubAppId: fSubAppId, diff --git a/internal/pkg/core/deployer/providers/tencentcloud-waf/tencentcloud_waf.go b/pkg/core/ssl-deployer/providers/tencentcloud-waf/tencentcloud_waf.go similarity index 70% rename from internal/pkg/core/deployer/providers/tencentcloud-waf/tencentcloud_waf.go rename to pkg/core/ssl-deployer/providers/tencentcloud-waf/tencentcloud_waf.go index 1c8e7272..94e42f00 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-waf/tencentcloud_waf.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-waf/tencentcloud_waf.go @@ -10,12 +10,11 @@ import ( "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcwaf "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/tencentcloud-ssl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 @@ -30,52 +29,52 @@ type DeployerConfig struct { InstanceId string `json:"instanceId"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *tcwaf.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *tcwaf.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.SecretId, config.SecretKey, config.Region) + client, err := createSDKClient(config.SecretId, config.SecretKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ SecretId: config.SecretId, SecretKey: config.SecretKey, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Domain == "" { return nil, errors.New("config `domain` is required") } @@ -86,8 +85,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, errors.New("config `instanceId` is required") } - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -120,10 +119,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'waf.ModifySpartaProtection': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(secretId, secretKey, region string) (*tcwaf.Client, error) { +func createSDKClient(secretId, secretKey, region string) (*tcwaf.Client, error) { credential := common.NewCredential(secretId, secretKey) client, err := tcwaf.NewClient(credential, region, profile.NewClientProfile()) if err != nil { diff --git a/internal/pkg/core/deployer/providers/tencentcloud-waf/tencentcloud_waf_test.go b/pkg/core/ssl-deployer/providers/tencentcloud-waf/tencentcloud_waf_test.go similarity index 69% rename from internal/pkg/core/deployer/providers/tencentcloud-waf/tencentcloud_waf_test.go rename to pkg/core/ssl-deployer/providers/tencentcloud-waf/tencentcloud_waf_test.go index 8cb63b7d..8d40b9ea 100644 --- a/internal/pkg/core/deployer/providers/tencentcloud-waf/tencentcloud_waf_test.go +++ b/pkg/core/ssl-deployer/providers/tencentcloud-waf/tencentcloud_waf_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/tencentcloud-waf" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/tencentcloud-waf" ) var ( @@ -23,7 +23,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -39,14 +39,14 @@ func init() { Shell command to run this test: go test -v ./tencentcloud_waf_test.go -args \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_SECRETID="your-secret-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_SECRETKEY="your-secret-key" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_REGION="ap-guangzhou" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_DOMAIN="example.com" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_DOMAINID="your-domain-id" \ - --CERTIMATE_DEPLOYER_TENCENTCLOUDWAF_INSTANCEID="your-instance-id" + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_SECRETID="your-secret-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_SECRETKEY="your-secret-key" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_REGION="ap-guangzhou" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_DOMAIN="example.com" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_DOMAINID="your-domain-id" \ + --CERTIMATE_SSLDEPLOYER_TENCENTCLOUDWAF_INSTANCEID="your-instance-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -63,7 +63,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("INSTANCEID: %v", fInstanceId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ SecretId: fSecretId, SecretKey: fSecretKey, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn.go b/pkg/core/ssl-deployer/providers/ucloud-ucdn/ucloud_ucdn.go similarity index 69% rename from internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn.go rename to pkg/core/ssl-deployer/providers/ucloud-ucdn/ucloud_ucdn.go index 532efb85..8b74b47d 100644 --- a/internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn.go +++ b/pkg/core/ssl-deployer/providers/ucloud-ucdn/ucloud_ucdn.go @@ -11,12 +11,11 @@ import ( "github.com/ucloud/ucloud-sdk-go/ucloud" "github.com/ucloud/ucloud-sdk-go/ucloud/auth" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ucloud-ussl" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ucloud-ussl" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 优刻得 API 私钥。 PrivateKey string `json:"privateKey"` // 优刻得 API 公钥。 @@ -27,55 +26,59 @@ type DeployerConfig struct { DomainId string `json:"domainId"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *ucdn.UCDNClient - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *ucdn.UCDNClient + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.PrivateKey, config.PublicKey) + client, err := createSDKClient(config.PrivateKey, config.PublicKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ PrivateKey: config.PrivateKey, PublicKey: config.PublicKey, ProjectId: config.ProjectId, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 USSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.DomainId == "" { + return nil, errors.New("config `domainId` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -117,10 +120,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'ucdn.UpdateUcdnDomainHttpsConfigV2': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(privateKey, publicKey string) (*ucdn.UCDNClient, error) { +func createSDKClient(privateKey, publicKey string) (*ucdn.UCDNClient, error) { cfg := ucloud.NewConfig() credential := auth.NewCredential() diff --git a/internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn_test.go b/pkg/core/ssl-deployer/providers/ucloud-ucdn/ucloud_ucdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn_test.go rename to pkg/core/ssl-deployer/providers/ucloud-ucdn/ucloud_ucdn_test.go index f49a026a..93d01c01 100644 --- a/internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn_test.go +++ b/pkg/core/ssl-deployer/providers/ucloud-ucdn/ucloud_ucdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ucloud-ucdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ucloud-ucdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_UCLOUDUCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_UCLOUDUCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./ucloud_ucdn_test.go -args \ - --CERTIMATE_DEPLOYER_UCLOUDUCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_UCLOUDUCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_UCLOUDUCDN_PRIVATEKEY="your-private-key" \ - --CERTIMATE_DEPLOYER_UCLOUDUCDN_PUBLICKEY="your-public-key" \ - --CERTIMATE_DEPLOYER_UCLOUDUCDN_DOMAINID="your-domain-id" + --CERTIMATE_SSLDEPLOYER_UCLOUDUCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUCDN_PRIVATEKEY="your-private-key" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUCDN_PUBLICKEY="your-public-key" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUCDN_DOMAINID="your-domain-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomainId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ PrivateKey: fPrivateKey, PublicKey: fPublicKey, DomainId: fDomainId, diff --git a/internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3.go b/pkg/core/ssl-deployer/providers/ucloud-us3/ucloud_us3.go similarity index 56% rename from internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3.go rename to pkg/core/ssl-deployer/providers/ucloud-us3/ucloud_us3.go index 42a51cb4..d42c2ced 100644 --- a/internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3.go +++ b/pkg/core/ssl-deployer/providers/ucloud-us3/ucloud_us3.go @@ -2,19 +2,19 @@ package ucloudus3 import ( "context" + "errors" "fmt" "log/slog" "github.com/ucloud/ucloud-sdk-go/ucloud" "github.com/ucloud/ucloud-sdk-go/ucloud/auth" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ucloud-ussl" - usdkFile "github.com/usual2970/certimate/internal/pkg/sdk3rd/ucloud/ufile" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ucloud-ussl" + usdkFile "github.com/certimate-go/certimate/pkg/sdk3rd/ucloud/ufile" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 优刻得 API 私钥。 PrivateKey string `json:"privateKey"` // 优刻得 API 公钥。 @@ -29,55 +29,62 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *usdkFile.UFileClient - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *usdkFile.UFileClient + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.PrivateKey, config.PublicKey, config.Region) + client, err := createSDKClient(config.PrivateKey, config.PublicKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ PrivateKey: config.PrivateKey, PublicKey: config.PublicKey, ProjectId: config.ProjectId, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 USSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Bucket == "" { + return nil, errors.New("config `bucket` is required") + } + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -100,10 +107,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'us3.AddUFileSSLCert': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(privateKey, publicKey, region string) (*usdkFile.UFileClient, error) { +func createSDKClient(privateKey, publicKey, region string) (*usdkFile.UFileClient, error) { cfg := ucloud.NewConfig() cfg.Region = region diff --git a/internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3_test.go b/pkg/core/ssl-deployer/providers/ucloud-us3/ucloud_us3_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3_test.go rename to pkg/core/ssl-deployer/providers/ucloud-us3/ucloud_us3_test.go index 9977ee42..eb59a26c 100644 --- a/internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3_test.go +++ b/pkg/core/ssl-deployer/providers/ucloud-us3/ucloud_us3_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ucloud-us3" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/ucloud-us3" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_UCLOUDUS3_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_UCLOUDUS3_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./ucloud_us3_test.go -args \ - --CERTIMATE_DEPLOYER_UCLOUDUS3_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_UCLOUDUS3_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_UCLOUDUS3_PRIVATEKEY="your-private-key" \ - --CERTIMATE_DEPLOYER_UCLOUDUS3_PUBLICKEY="your-public-key" \ - --CERTIMATE_DEPLOYER_UCLOUDUS3_REGION="cn-bj2" \ - --CERTIMATE_DEPLOYER_UCLOUDUS3_BUCKET="your-us3-bucket" \ - --CERTIMATE_DEPLOYER_UCLOUDUS3_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_UCLOUDUS3_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUS3_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUS3_PRIVATEKEY="your-private-key" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUS3_PUBLICKEY="your-public-key" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUS3_REGION="cn-bj2" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUS3_BUCKET="your-us3-bucket" \ + --CERTIMATE_SSLDEPLOYER_UCLOUDUS3_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ PrivateKey: fPrivateKey, PublicKey: fPublicKey, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/unicloud-webhost/unicloud_webhost.go b/pkg/core/ssl-deployer/providers/unicloud-webhost/unicloud_webhost.go similarity index 61% rename from internal/pkg/core/deployer/providers/unicloud-webhost/unicloud_webhost.go rename to pkg/core/ssl-deployer/providers/unicloud-webhost/unicloud_webhost.go index 82946bf1..d5a80ae5 100644 --- a/internal/pkg/core/deployer/providers/unicloud-webhost/unicloud_webhost.go +++ b/pkg/core/ssl-deployer/providers/unicloud-webhost/unicloud_webhost.go @@ -7,11 +7,11 @@ import ( "log/slog" "net/url" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - unisdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/dcloud/unicloud" + "github.com/certimate-go/certimate/pkg/core" + unisdk "github.com/certimate-go/certimate/pkg/sdk3rd/dcloud/unicloud" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // uniCloud 控制台账号。 Username string `json:"username"` // uniCloud 控制台密码。 @@ -25,41 +25,40 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *unisdk.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.Username, config.Password) + client, err := createSDKClient(config.Username, config.Password) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.SpaceProvider == "" { return nil, errors.New("config `spaceProvider` is required") } @@ -84,18 +83,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'unicloud.host.CreateDomainWithCert': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(username, password string) (*unisdk.Client, error) { - if username == "" { - return nil, errors.New("invalid unicloud username") - } - - if password == "" { - return nil, errors.New("invalid unicloud password") - } - - client := unisdk.NewClient(username, password) - return client, nil +func createSDKClient(username, password string) (*unisdk.Client, error) { + return unisdk.NewClient(username, password) } diff --git a/internal/pkg/core/deployer/providers/unicloud-webhost/unicloud_webhost_test.go b/pkg/core/ssl-deployer/providers/unicloud-webhost/unicloud_webhost_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/unicloud-webhost/unicloud_webhost_test.go rename to pkg/core/ssl-deployer/providers/unicloud-webhost/unicloud_webhost_test.go index 1e47ba24..589349d2 100644 --- a/internal/pkg/core/deployer/providers/unicloud-webhost/unicloud_webhost_test.go +++ b/pkg/core/ssl-deployer/providers/unicloud-webhost/unicloud_webhost_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/unicloud-webhost" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/unicloud-webhost" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_UNICLOUDWEBHOST_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_UNICLOUDWEBHOST_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./unicloud_webhost_test.go -args \ - --CERTIMATE_DEPLOYER_UNICLOUDWEBHOST_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_UNICLOUDWEBHOST_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_UNICLOUDWEBHOST_USERNAME="your-username" \ - --CERTIMATE_DEPLOYER_UNICLOUDWEBHOST_PASSWORD="your-password" \ - --CERTIMATE_DEPLOYER_UNICLOUDWEBHOST_SPACEPROVIDER="aliyun/tencent" \ - --CERTIMATE_DEPLOYER_UNICLOUDWEBHOST_SPACEID="your-space-id" \ - --CERTIMATE_DEPLOYER_UNICLOUDWEBHOST_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_UNICLOUDWEBHOST_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_UNICLOUDWEBHOST_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_UNICLOUDWEBHOST_USERNAME="your-username" \ + --CERTIMATE_SSLDEPLOYER_UNICLOUDWEBHOST_PASSWORD="your-password" \ + --CERTIMATE_SSLDEPLOYER_UNICLOUDWEBHOST_SPACEPROVIDER="aliyun/tencent" \ + --CERTIMATE_SSLDEPLOYER_UNICLOUDWEBHOST_SPACEID="your-space-id" \ + --CERTIMATE_SSLDEPLOYER_UNICLOUDWEBHOST_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ Username: fUsername, Password: fPassword, SpaceProvider: fSpaceProvider, diff --git a/internal/pkg/core/deployer/providers/upyun-cdn/upyun_cdn.go b/pkg/core/ssl-deployer/providers/upyun-cdn/upyun_cdn.go similarity index 61% rename from internal/pkg/core/deployer/providers/upyun-cdn/upyun_cdn.go rename to pkg/core/ssl-deployer/providers/upyun-cdn/upyun_cdn.go index 2fbe52b8..e34b2a9b 100644 --- a/internal/pkg/core/deployer/providers/upyun-cdn/upyun_cdn.go +++ b/pkg/core/ssl-deployer/providers/upyun-cdn/upyun_cdn.go @@ -8,13 +8,12 @@ import ( "golang.org/x/exp/slices" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/upyun-ssl" - upyunsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/upyun/console" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/upyun-ssl" + upyunsdk "github.com/certimate-go/certimate/pkg/sdk3rd/upyun/console" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 又拍云账号用户名。 Username string `json:"username"` // 又拍云账号密码。 @@ -23,54 +22,58 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *upyunsdk.Client - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *upyunsdk.Client + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.Username, config.Password) + client, err := createSDKClient(config.Username, config.Password) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ Username: config.Username, Password: config.Password, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 SSL - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -112,18 +115,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(username, password string) (*upyunsdk.Client, error) { - if username == "" { - return nil, errors.New("invalid upyun username") - } - - if password == "" { - return nil, errors.New("invalid upyun password") - } - - client := upyunsdk.NewClient(username, password) - return client, nil +func createSDKClient(username, password string) (*upyunsdk.Client, error) { + return upyunsdk.NewClient(username, password) } diff --git a/internal/pkg/core/deployer/providers/upyun-cdn/upyun_cdn_test.go b/pkg/core/ssl-deployer/providers/upyun-cdn/upyun_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/upyun-cdn/upyun_cdn_test.go rename to pkg/core/ssl-deployer/providers/upyun-cdn/upyun_cdn_test.go index 9fd32fd4..4aa94ece 100644 --- a/internal/pkg/core/deployer/providers/upyun-cdn/upyun_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/upyun-cdn/upyun_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/upyun-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/upyun-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_UPYUNCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_UPYUNCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./upyun_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_UPYUNCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_UPYUNCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_UPYUNCDN_USERNAME="your-username" \ - --CERTIMATE_DEPLOYER_UPYUNCDN_PASSWORD="your-password" \ - --CERTIMATE_DEPLOYER_UPYUNCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_UPYUNCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_UPYUNCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_UPYUNCDN_USERNAME="your-username" \ + --CERTIMATE_SSLDEPLOYER_UPYUNCDN_PASSWORD="your-password" \ + --CERTIMATE_SSLDEPLOYER_UPYUNCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ Username: fUsername, Password: fPassword, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/volcengine-alb/consts.go b/pkg/core/ssl-deployer/providers/volcengine-alb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/volcengine-alb/consts.go rename to pkg/core/ssl-deployer/providers/volcengine-alb/consts.go diff --git a/internal/pkg/core/deployer/providers/volcengine-alb/volcengine_alb.go b/pkg/core/ssl-deployer/providers/volcengine-alb/volcengine_alb.go similarity index 80% rename from internal/pkg/core/deployer/providers/volcengine-alb/volcengine_alb.go rename to pkg/core/ssl-deployer/providers/volcengine-alb/volcengine_alb.go index e4d76ab1..2e561f75 100644 --- a/internal/pkg/core/deployer/providers/volcengine-alb/volcengine_alb.go +++ b/pkg/core/ssl-deployer/providers/volcengine-alb/volcengine_alb.go @@ -10,13 +10,12 @@ import ( ve "github.com/volcengine/volcengine-go-sdk/volcengine" vesession "github.com/volcengine/volcengine-go-sdk/volcengine/session" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" - sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-certcenter" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 @@ -36,55 +35,55 @@ type DeployerConfig struct { Domain string `json:"domain,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *vealb.ALB - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *vealb.ALB + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到证书中心 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -107,10 +106,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -187,7 +186,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.ListenerId == "" { return errors.New("config `listenerId` is required") } @@ -199,7 +198,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { // 查询指定监听器的详细信息 // REF: https://www.volcengine.com/docs/6767/113686 describeListenerAttributesReq := &vealb.DescribeListenerAttributesInput{ @@ -233,8 +232,8 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL // REF: https://www.volcengine.com/docs/6767/113683 modifyListenerAttributesReq := &vealb.ModifyListenerAttributesInput{ ListenerId: ve.String(cloudListenerId), - DomainExtensions: sliceutil.Map( - sliceutil.Filter( + DomainExtensions: xslices.Map( + xslices.Filter( describeListenerAttributesResp.DomainExtensions, func(domain *vealb.DomainExtensionForDescribeListenerAttributesOutput) bool { return *domain.Domain == d.config.Domain @@ -260,7 +259,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*vealb.ALB, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*vealb.ALB, error) { config := ve.NewConfig().WithRegion(region).WithAkSk(accessKeyId, accessKeySecret) session, err := vesession.NewSession(config) diff --git a/internal/pkg/core/deployer/providers/volcengine-alb/volcengine_alb_test.go b/pkg/core/ssl-deployer/providers/volcengine-alb/volcengine_alb_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/volcengine-alb/volcengine_alb_test.go rename to pkg/core/ssl-deployer/providers/volcengine-alb/volcengine_alb_test.go index 18999397..b8614ec5 100644 --- a/internal/pkg/core/deployer/providers/volcengine-alb/volcengine_alb_test.go +++ b/pkg/core/ssl-deployer/providers/volcengine-alb/volcengine_alb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-alb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-alb" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_VOLCENGINEALB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_VOLCENGINEALB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./volcengine_alb_test.go -args \ - --CERTIMATE_DEPLOYER_VOLCENGINEALB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINEALB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINEALB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_VOLCENGINEALB_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_VOLCENGINEALB_REGION="cn-beijing" \ - --CERTIMATE_DEPLOYER_VOLCENGINEALB_LISTENERID="your-listener-id" + --CERTIMATE_SSLDEPLOYER_VOLCENGINEALB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEALB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEALB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEALB_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEALB_REGION="cn-beijing" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEALB_LISTENERID="your-listener-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LISTENERID: %v", fListenerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go b/pkg/core/ssl-deployer/providers/volcengine-cdn/volcengine_cdn.go similarity index 70% rename from internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go rename to pkg/core/ssl-deployer/providers/volcengine-cdn/volcengine_cdn.go index e67e8885..8bb1eb64 100644 --- a/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go +++ b/pkg/core/ssl-deployer/providers/volcengine-cdn/volcengine_cdn.go @@ -9,12 +9,11 @@ import ( vecdn "github.com/volcengine/volc-sdk-golang/service/cdn" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-cdn" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-cdn" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 @@ -23,53 +22,57 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *vecdn.CDN - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *vecdn.CDN + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } client := vecdn.NewInstance() client.Client.SetAccessKey(config.AccessKeyId) client.Client.SetSecretKey(config.AccessKeySecret) - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 CDN - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -140,5 +143,5 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } diff --git a/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn_test.go b/pkg/core/ssl-deployer/providers/volcengine-cdn/volcengine_cdn_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn_test.go rename to pkg/core/ssl-deployer/providers/volcengine-cdn/volcengine_cdn_test.go index 1535deae..0d83f202 100644 --- a/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/volcengine-cdn/volcengine_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_VOLCENGINECDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_VOLCENGINECDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./volcengine_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_VOLCENGINECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINECDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_VOLCENGINECDN_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_VOLCENGINECDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_VOLCENGINECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECDN_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domain: fDomain, diff --git a/pkg/core/ssl-deployer/providers/volcengine-certcenter/volcengine_certcenter.go b/pkg/core/ssl-deployer/providers/volcengine-certcenter/volcengine_certcenter.go new file mode 100644 index 00000000..a8eaf1ac --- /dev/null +++ b/pkg/core/ssl-deployer/providers/volcengine-certcenter/volcengine_certcenter.go @@ -0,0 +1,71 @@ +package volcenginecertcenter + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-certcenter" +) + +type SSLDeployerProviderConfig struct { + // 火山引擎 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 火山引擎 AccessKeySecret。 + AccessKeySecret string `json:"accessKeySecret"` + // 火山引擎地域。 + Region string `json:"region"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + AccessKeySecret: config.AccessKeySecret, + Region: config.Region, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } + + d.sslManager.SetLogger(logger) +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + return &core.SSLDeployResult{}, nil +} diff --git a/internal/pkg/core/deployer/providers/volcengine-clb/consts.go b/pkg/core/ssl-deployer/providers/volcengine-clb/consts.go similarity index 100% rename from internal/pkg/core/deployer/providers/volcengine-clb/consts.go rename to pkg/core/ssl-deployer/providers/volcengine-clb/consts.go diff --git a/internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb.go b/pkg/core/ssl-deployer/providers/volcengine-clb/volcengine_clb.go similarity index 76% rename from internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb.go rename to pkg/core/ssl-deployer/providers/volcengine-clb/volcengine_clb.go index bc2dc9e0..82a0ba5a 100644 --- a/internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb.go +++ b/pkg/core/ssl-deployer/providers/volcengine-clb/volcengine_clb.go @@ -10,12 +10,11 @@ import ( ve "github.com/volcengine/volcengine-go-sdk/volcengine" vesession "github.com/volcengine/volcengine-go-sdk/volcengine/session" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-certcenter" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 @@ -32,55 +31,55 @@ type DeployerConfig struct { ListenerId string `json:"listenerId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *veclb.CLB - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *veclb.CLB + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到证书中心 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -103,10 +102,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error { if d.config.LoadbalancerId == "" { return errors.New("config `loadbalancerId` is required") } @@ -183,7 +182,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId return nil } -func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { +func (d *SSLDeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error { if d.config.ListenerId == "" { return errors.New("config `listenerId` is required") } @@ -195,7 +194,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str return nil } -func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { +func (d *SSLDeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error { // 修改指定监听器 // REF: https://www.volcengine.com/docs/6406/71775 modifyListenerAttributesReq := &veclb.ModifyListenerAttributesInput{ @@ -212,7 +211,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL return nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*veclb.CLB, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*veclb.CLB, error) { config := ve.NewConfig().WithRegion(region).WithAkSk(accessKeyId, accessKeySecret) session, err := vesession.NewSession(config) diff --git a/internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb_test.go b/pkg/core/ssl-deployer/providers/volcengine-clb/volcengine_clb_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb_test.go rename to pkg/core/ssl-deployer/providers/volcengine-clb/volcengine_clb_test.go index fb78eba5..2c54b7b9 100644 --- a/internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb_test.go +++ b/pkg/core/ssl-deployer/providers/volcengine-clb/volcengine_clb_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-clb" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-clb" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_VOLCENGINECLB_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_VOLCENGINECLB_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -35,12 +35,12 @@ func init() { Shell command to run this test: go test -v ./volcengine_clb_test.go -args \ - --CERTIMATE_DEPLOYER_VOLCENGINECLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINECLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINECLB_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_VOLCENGINECLB_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_VOLCENGINECLB_REGION="cn-beijing" \ - --CERTIMATE_DEPLOYER_VOLCENGINECLB_LISTENERID="your-listener-id" + --CERTIMATE_SSLDEPLOYER_VOLCENGINECLB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECLB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECLB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECLB_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECLB_REGION="cn-beijing" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINECLB_LISTENERID="your-listener-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -56,7 +56,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("LISTENERID: %v", fListenerId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn.go b/pkg/core/ssl-deployer/providers/volcengine-dcdn/volcengine_dcdn.go similarity index 58% rename from internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn.go rename to pkg/core/ssl-deployer/providers/volcengine-dcdn/volcengine_dcdn.go index 82021205..5481e47f 100644 --- a/internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn.go +++ b/pkg/core/ssl-deployer/providers/volcengine-dcdn/volcengine_dcdn.go @@ -2,6 +2,7 @@ package volcenginedcdn import ( "context" + "errors" "fmt" "log/slog" "strings" @@ -10,12 +11,11 @@ import ( ve "github.com/volcengine/volcengine-go-sdk/volcengine" vesession "github.com/volcengine/volcengine-go-sdk/volcengine/session" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-certcenter" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 @@ -26,55 +26,59 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *vedcdn.DCDN - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *vedcdn.DCDN + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到证书中心 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -97,10 +101,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'dcdn.CreateCertBind': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*vedcdn.DCDN, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*vedcdn.DCDN, error) { if region == "" { region = "cn-beijing" // DCDN 服务默认区域:北京 } diff --git a/internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn_test.go b/pkg/core/ssl-deployer/providers/volcengine-dcdn/volcengine_dcdn_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn_test.go rename to pkg/core/ssl-deployer/providers/volcengine-dcdn/volcengine_dcdn_test.go index 27bd02ce..86270ff2 100644 --- a/internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn_test.go +++ b/pkg/core/ssl-deployer/providers/volcengine-dcdn/volcengine_dcdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-dcdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-dcdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_VOLCENGINEDCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_VOLCENGINEDCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./volcengine_dcdn_test.go -args \ - --CERTIMATE_DEPLOYER_VOLCENGINEDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINEDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINEDCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_VOLCENGINEDCDN_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_VOLCENGINEDCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_VOLCENGINEDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEDCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEDCDN_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEDCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/volcengine-imagex/volcengine_imagex.go b/pkg/core/ssl-deployer/providers/volcengine-imagex/volcengine_imagex.go similarity index 72% rename from internal/pkg/core/deployer/providers/volcengine-imagex/volcengine_imagex.go rename to pkg/core/ssl-deployer/providers/volcengine-imagex/volcengine_imagex.go index a7c974b4..a129b33b 100644 --- a/internal/pkg/core/deployer/providers/volcengine-imagex/volcengine_imagex.go +++ b/pkg/core/ssl-deployer/providers/volcengine-imagex/volcengine_imagex.go @@ -9,12 +9,11 @@ import ( vebase "github.com/volcengine/volc-sdk-golang/base" veimagex "github.com/volcengine/volc-sdk-golang/service/imagex/v2" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-certcenter" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 @@ -27,53 +26,53 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *veimagex.Imagex - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *veimagex.Imagex + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.ServiceId == "" { return nil, errors.New("config `serviceId` is required") } @@ -81,8 +80,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, errors.New("config `domain` is required") } - // 上传证书到证书中心 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -130,10 +129,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'imagex.UpdateHttps': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*veimagex.Imagex, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*veimagex.Imagex, error) { var instance *veimagex.Imagex if region == "" { instance = veimagex.NewInstance() diff --git a/internal/pkg/core/deployer/providers/volcengine-imagex/volcengine_imagex_test.go b/pkg/core/ssl-deployer/providers/volcengine-imagex/volcengine_imagex_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/volcengine-imagex/volcengine_imagex_test.go rename to pkg/core/ssl-deployer/providers/volcengine-imagex/volcengine_imagex_test.go index 32a43555..ed67d755 100644 --- a/internal/pkg/core/deployer/providers/volcengine-imagex/volcengine_imagex_test.go +++ b/pkg/core/ssl-deployer/providers/volcengine-imagex/volcengine_imagex_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-imagex" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-imagex" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_VOLCENGINEIMAGEX_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_VOLCENGINEIMAGEX_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./volcengine_imagex_test.go -args \ - --CERTIMATE_DEPLOYER_VOLCENGINEIMAGEX_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINEIMAGEX_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINEIMAGEX_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_VOLCENGINEIMAGEX_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_VOLCENGINEIMAGEX_REGION="cn-north-1" \ - --CERTIMATE_DEPLOYER_VOLCENGINEIMAGEX_SERVICEID="your-service-id" \ - --CERTIMATE_DEPLOYER_VOLCENGINEIMAGEX_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_VOLCENGINEIMAGEX_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEIMAGEX_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEIMAGEX_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEIMAGEX_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEIMAGEX_REGION="cn-north-1" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEIMAGEX_SERVICEID="your-service-id" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINEIMAGEX_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go b/pkg/core/ssl-deployer/providers/volcengine-live/volcengine_live.go similarity index 72% rename from internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go rename to pkg/core/ssl-deployer/providers/volcengine-live/volcengine_live.go index 3195d810..1737b1fe 100644 --- a/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go +++ b/pkg/core/ssl-deployer/providers/volcengine-live/volcengine_live.go @@ -10,12 +10,11 @@ import ( velive "github.com/volcengine/volc-sdk-golang/service/live/v20230101" ve "github.com/volcengine/volcengine-go-sdk/volcengine" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-live" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-live" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 @@ -24,53 +23,57 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *velive.Live - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *velive.Live + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } client := velive.NewInstance() client.SetAccessKey(config.AccessKeyId) client.SetSecretKey(config.AccessKeySecret) - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { - // 上传证书到 Live - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.Domain == "" { + return nil, errors.New("config `domain` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -149,5 +152,5 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE } } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } diff --git a/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live_test.go b/pkg/core/ssl-deployer/providers/volcengine-live/volcengine_live_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/volcengine-live/volcengine_live_test.go rename to pkg/core/ssl-deployer/providers/volcengine-live/volcengine_live_test.go index 57891eea..ce123dc2 100644 --- a/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live_test.go +++ b/pkg/core/ssl-deployer/providers/volcengine-live/volcengine_live_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-live" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-live" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_VOLCENGINELIVE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_VOLCENGINELIVE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./volcengine_live_test.go -args \ - --CERTIMATE_DEPLOYER_VOLCENGINELIVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINELIVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINELIVE_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_VOLCENGINELIVE_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_VOLCENGINELIVE_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_VOLCENGINELIVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINELIVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINELIVE_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINELIVE_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINELIVE_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domain: fDomain, diff --git a/internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos.go b/pkg/core/ssl-deployer/providers/volcengine-tos/volcengine_tos.go similarity index 60% rename from internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos.go rename to pkg/core/ssl-deployer/providers/volcengine-tos/volcengine_tos.go index 674106e1..c274b453 100644 --- a/internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos.go +++ b/pkg/core/ssl-deployer/providers/volcengine-tos/volcengine_tos.go @@ -8,12 +8,11 @@ import ( "github.com/volcengine/ve-tos-golang-sdk/v2/tos" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-certcenter" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 @@ -26,53 +25,53 @@ type DeployerConfig struct { Domain string `json:"domain"` } -type DeployerProvider struct { - config *DeployerConfig - logger *slog.Logger - sdkClient *tos.ClientV2 - sslUploader uploader.Uploader +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *tos.ClientV2 + sslManager core.SSLManager } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{ + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ AccessKeyId: config.AccessKeyId, AccessKeySecret: config.AccessKeySecret, Region: config.Region, }) if err != nil { - return nil, fmt.Errorf("failed to create ssl uploader: %w", err) + return nil, fmt.Errorf("could not create ssl manager: %w", err) } - return &DeployerProvider{ - config: config, - logger: slog.Default(), - sdkClient: client, - sslUploader: uploader, + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - d.sslUploader.WithLogger(logger) - return d + + d.sslManager.SetLogger(logger) } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Bucket == "" { return nil, errors.New("config `bucket` is required") } @@ -80,8 +79,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, errors.New("config `domain` is required") } - // 上传证书到证书中心 - upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM) + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) if err != nil { return nil, fmt.Errorf("failed to upload certificate file: %w", err) } else { @@ -103,10 +102,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'tos.PutBucketCustomDomain': %w", err) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*tos.ClientV2, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*tos.ClientV2, error) { endpoint := fmt.Sprintf("tos-%s.ivolces.com", region) client, err := tos.NewClientV2( diff --git a/internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos_test.go b/pkg/core/ssl-deployer/providers/volcengine-tos/volcengine_tos_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos_test.go rename to pkg/core/ssl-deployer/providers/volcengine-tos/volcengine_tos_test.go index 8dc1cf3d..913ae2c0 100644 --- a/internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos_test.go +++ b/pkg/core/ssl-deployer/providers/volcengine-tos/volcengine_tos_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-tos" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/volcengine-tos" ) var ( @@ -22,7 +22,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_VOLCENGINETOS_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_VOLCENGINETOS_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -37,13 +37,13 @@ func init() { Shell command to run this test: go test -v ./volcengine_tos_test.go -args \ - --CERTIMATE_DEPLOYER_VOLCENGINETOS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINETOS_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINETOS_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_VOLCENGINETOS_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_VOLCENGINETOS_REGION="cn-beijing" \ - --CERTIMATE_DEPLOYER_VOLCENGINETOS_BUCKET="your-tos-bucket" \ - --CERTIMATE_DEPLOYER_VOLCENGINETOS_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_VOLCENGINETOS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINETOS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINETOS_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINETOS_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINETOS_REGION="cn-beijing" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINETOS_BUCKET="your-tos-bucket" \ + --CERTIMATE_SSLDEPLOYER_VOLCENGINETOS_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Region: fRegion, diff --git a/pkg/core/ssl-deployer/providers/wangsu-cdn/wangsu_cdn.go b/pkg/core/ssl-deployer/providers/wangsu-cdn/wangsu_cdn.go new file mode 100644 index 00000000..8ccce845 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/wangsu-cdn/wangsu_cdn.go @@ -0,0 +1,103 @@ +package wangsucdn + +import ( + "context" + "errors" + "fmt" + "log/slog" + "strconv" + "strings" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/wangsu-certificate" + wangsusdk "github.com/certimate-go/certimate/pkg/sdk3rd/wangsu/cdn" + xslices "github.com/certimate-go/certimate/pkg/utils/slices" +) + +type SSLDeployerProviderConfig struct { + // 网宿云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 网宿云 AccessKeySecret。 + AccessKeySecret string `json:"accessKeySecret"` + // 加速域名数组(支持泛域名)。 + Domains []string `json:"domains"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *wangsusdk.Client + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + AccessKeySecret: config.AccessKeySecret, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if len(d.config.Domains) == 0 { + return nil, errors.New("config `domains` is required") + } + + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + + // 批量修改域名证书配置 + // REF: https://www.wangsu.com/document/api-doc/37447 + certId, _ := strconv.ParseInt(upres.CertId, 10, 64) + batchUpdateCertificateConfigReq := &wangsusdk.BatchUpdateCertificateConfigRequest{ + CertificateId: certId, + DomainNames: xslices.Map(d.config.Domains, func(domain string) string { + // "*.example.com" → ".example.com",适配网宿云 CDN 要求的泛域名格式 + return strings.TrimPrefix(domain, "*") + }), + } + batchUpdateCertificateConfigResp, err := d.sdkClient.BatchUpdateCertificateConfig(batchUpdateCertificateConfigReq) + d.logger.Debug("sdk request 'cdn.BatchUpdateCertificateConfig'", slog.Any("request", batchUpdateCertificateConfigReq), slog.Any("response", batchUpdateCertificateConfigResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cdn.BatchUpdateCertificateConfig': %w", err) + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(accessKeyId, accessKeySecret string) (*wangsusdk.Client, error) { + return wangsusdk.NewClient(accessKeyId, accessKeySecret) +} diff --git a/internal/pkg/core/deployer/providers/wangsu-cdn/wangsu_cdn_test.go b/pkg/core/ssl-deployer/providers/wangsu-cdn/wangsu_cdn_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/wangsu-cdn/wangsu_cdn_test.go rename to pkg/core/ssl-deployer/providers/wangsu-cdn/wangsu_cdn_test.go index 99859b85..f64bf87c 100644 --- a/internal/pkg/core/deployer/providers/wangsu-cdn/wangsu_cdn_test.go +++ b/pkg/core/ssl-deployer/providers/wangsu-cdn/wangsu_cdn_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/wangsu-cdn" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/wangsu-cdn" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_WANGSUCDN_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_WANGSUCDN_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./wangsu_cdn_test.go -args \ - --CERTIMATE_DEPLOYER_WANGSUCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_WANGSUCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_WANGSUCDN_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_WANGSUCDN_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_WANGSUCDN_DOMAIN="example.com" + --CERTIMATE_SSLDEPLOYER_WANGSUCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDN_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, Domains: []string{fDomain}, diff --git a/internal/pkg/core/deployer/providers/wangsu-cdnpro/wangsu_cdnpro.go b/pkg/core/ssl-deployer/providers/wangsu-cdnpro/wangsu_cdnpro.go similarity index 76% rename from internal/pkg/core/deployer/providers/wangsu-cdnpro/wangsu_cdnpro.go rename to pkg/core/ssl-deployer/providers/wangsu-cdnpro/wangsu_cdnpro.go index 0780f80d..ec970b30 100644 --- a/internal/pkg/core/deployer/providers/wangsu-cdnpro/wangsu_cdnpro.go +++ b/pkg/core/ssl-deployer/providers/wangsu-cdnpro/wangsu_cdnpro.go @@ -16,13 +16,13 @@ import ( "strconv" "time" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - wangsucdn "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/cdnpro" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + wangsucdn "github.com/certimate-go/certimate/pkg/sdk3rd/wangsu/cdnpro" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // 网宿云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 网宿云 AccessKeySecret。 @@ -41,47 +41,46 @@ type DeployerConfig struct { WebhookId string `json:"webhookId,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger sdkClient *wangsucdn.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { if d.config.Domain == "" { return nil, errors.New("config `domain` is required") } // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -98,11 +97,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE if err != nil { return nil, fmt.Errorf("failed to encrypt private key: %w", err) } - certificateNewVersionInfo := &wangsucdn.CertificateVersion{ - PrivateKey: typeutil.ToPtr(encryptedPrivateKey), - Certificate: typeutil.ToPtr(certPEM), + certificateNewVersionInfo := &wangsucdn.CertificateVersionInfo{ + PrivateKey: xtypes.ToPtr(encryptedPrivateKey), + Certificate: xtypes.ToPtr(certPEM), IdentificationInfo: &wangsucdn.CertificateVersionIdentificationInfo{ - CommonName: typeutil.ToPtr(certX509.Subject.CommonName), + CommonName: xtypes.ToPtr(certX509.Subject.CommonName), SubjectAlternativeNames: &certX509.DNSNames, }, } @@ -121,8 +120,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 创建证书 createCertificateReq := &wangsucdn.CreateCertificateRequest{ Timestamp: timestamp, - Name: typeutil.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), - AutoRenew: typeutil.ToPtr("Off"), + Name: xtypes.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), + AutoRenew: xtypes.ToPtr("Off"), NewVersion: certificateNewVersionInfo, } createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) @@ -131,7 +130,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cdnpro.CreateCertificate': %w", err) } - wangsuCertUrl = createCertificateResp.CertificateUrl + wangsuCertUrl = createCertificateResp.CertificateLocation d.logger.Info("ssl certificate uploaded", slog.Any("certUrl", wangsuCertUrl)) wangsuCertIdMatches := regexp.MustCompile(`/certificates/([a-zA-Z0-9-]+)`).FindStringSubmatch(wangsuCertUrl) @@ -144,8 +143,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 更新证书 updateCertificateReq := &wangsucdn.UpdateCertificateRequest{ Timestamp: timestamp, - Name: typeutil.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), - AutoRenew: typeutil.ToPtr("Off"), + Name: xtypes.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), + AutoRenew: xtypes.ToPtr("Off"), NewVersion: certificateNewVersionInfo, } updateCertificateResp, err := d.sdkClient.UpdateCertificate(d.config.CertificateId, updateCertificateReq) @@ -154,7 +153,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'cdnpro.UpdateCertificate': %w", err) } - wangsuCertUrl = updateCertificateResp.CertificateUrl + wangsuCertUrl = updateCertificateResp.CertificateLocation d.logger.Info("ssl certificate uploaded", slog.Any("certUrl", wangsuCertUrl)) wangsuCertIdMatches := regexp.MustCompile(`/certificates/([a-zA-Z0-9-]+)`).FindStringSubmatch(wangsuCertUrl) @@ -172,18 +171,18 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 创建部署任务 // REF: https://www.wangsu.com/document/api-doc/27034 createDeploymentTaskReq := &wangsucdn.CreateDeploymentTaskRequest{ - Name: typeutil.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), - Target: typeutil.ToPtr(d.config.Environment), - Actions: &[]wangsucdn.DeploymentTaskAction{ + Name: xtypes.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), + Target: xtypes.ToPtr(d.config.Environment), + Actions: &[]wangsucdn.DeploymentTaskActionInfo{ { - Action: typeutil.ToPtr("deploy_cert"), - CertificateId: typeutil.ToPtr(wangsuCertId), - Version: typeutil.ToPtr(wangsuCertVer), + Action: xtypes.ToPtr("deploy_cert"), + CertificateId: xtypes.ToPtr(wangsuCertId), + Version: xtypes.ToPtr(wangsuCertVer), }, }, } if d.config.WebhookId != "" { - createDeploymentTaskReq.Webhook = typeutil.ToPtr(d.config.WebhookId) + createDeploymentTaskReq.Webhook = xtypes.ToPtr(d.config.WebhookId) } createDeploymentTaskResp, err := d.sdkClient.CreateDeploymentTask(createDeploymentTaskReq) d.logger.Debug("sdk request 'cdnpro.CreateCertificate'", slog.Any("request", createDeploymentTaskReq), slog.Any("response", createDeploymentTaskResp)) @@ -194,7 +193,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE // 循环获取部署任务详细信息,等待任务状态变更 // REF: https://www.wangsu.com/document/api-doc/27038 var wangsuTaskId string - wangsuTaskMatches := regexp.MustCompile(`/deploymentTasks/([a-zA-Z0-9-]+)`).FindStringSubmatch(createDeploymentTaskResp.DeploymentTaskUrl) + wangsuTaskMatches := regexp.MustCompile(`/deploymentTasks/([a-zA-Z0-9-]+)`).FindStringSubmatch(createDeploymentTaskResp.DeploymentTaskLocation) if len(wangsuTaskMatches) > 1 { wangsuTaskId = wangsuTaskMatches[1] } @@ -221,19 +220,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE time.Sleep(time.Second * 5) } - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*wangsucdn.Client, error) { - if accessKeyId == "" { - return nil, errors.New("invalid wangsu access key id") - } - - if accessKeySecret == "" { - return nil, errors.New("invalid wangsu access key secret") - } - - return wangsucdn.NewClient(accessKeyId, accessKeySecret), nil +func createSDKClient(accessKeyId, accessKeySecret string) (*wangsucdn.Client, error) { + return wangsucdn.NewClient(accessKeyId, accessKeySecret) } func encryptPrivateKey(privkeyPEM string, apiKey string, timestamp int64) (string, error) { diff --git a/internal/pkg/core/deployer/providers/wangsu-cdnpro/wangsu_cdnpro_test.go b/pkg/core/ssl-deployer/providers/wangsu-cdnpro/wangsu_cdnpro_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/wangsu-cdnpro/wangsu_cdnpro_test.go rename to pkg/core/ssl-deployer/providers/wangsu-cdnpro/wangsu_cdnpro_test.go index 51018fe4..e9ee2fb3 100644 --- a/internal/pkg/core/deployer/providers/wangsu-cdnpro/wangsu_cdnpro_test.go +++ b/pkg/core/ssl-deployer/providers/wangsu-cdnpro/wangsu_cdnpro_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/wangsu-cdnpro" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/wangsu-cdnpro" ) var ( @@ -24,7 +24,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_WANGSUCDNPRO_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -41,15 +41,15 @@ func init() { Shell command to run this test: go test -v ./wangsu_cdnpro_test.go -args \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_APIKEY="your-api-key" \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_ENVIRONMENT="production" \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_DOMAIN="example.com" \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_CERTIFICATEID="your-certificate-id" \ - --CERTIMATE_DEPLOYER_WANGSUCDNPRO_WEBHOOKID="your-webhook-id" + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_APIKEY="your-api-key" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_ENVIRONMENT="production" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_DOMAIN="example.com" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_CERTIFICATEID="your-certificate-id" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCDNPRO_WEBHOOKID="your-webhook-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -68,7 +68,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("WEBHOOKID: %v", fWebhookId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, ApiKey: fApiKey, diff --git a/pkg/core/ssl-deployer/providers/wangsu-certificate/wangsu_certificate.go b/pkg/core/ssl-deployer/providers/wangsu-certificate/wangsu_certificate.go new file mode 100644 index 00000000..19645615 --- /dev/null +++ b/pkg/core/ssl-deployer/providers/wangsu-certificate/wangsu_certificate.go @@ -0,0 +1,99 @@ +package wangsucertificate + +import ( + "context" + "errors" + "fmt" + "log/slog" + "time" + + "github.com/certimate-go/certimate/pkg/core" + sslmgrsp "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/wangsu-certificate" + wangsusdk "github.com/certimate-go/certimate/pkg/sdk3rd/wangsu/certificate" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLDeployerProviderConfig struct { + // 网宿云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 网宿云 AccessKeySecret。 + AccessKeySecret string `json:"accessKeySecret"` + // 证书 ID。 + // 选填。零值时表示新建证书;否则表示更新证书。 + CertificateId string `json:"certificateId,omitempty"` +} + +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig + logger *slog.Logger + sdkClient *wangsusdk.Client + sslManager core.SSLManager +} + +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) + +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl deployer provider is nil") + } + + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + sslmgr, err := sslmgrsp.NewSSLManagerProvider(&sslmgrsp.SSLManagerProviderConfig{ + AccessKeyId: config.AccessKeyId, + AccessKeySecret: config.AccessKeySecret, + }) + if err != nil { + return nil, fmt.Errorf("could not create ssl manager: %w", err) + } + + return &SSLDeployerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + sslManager: sslmgr, + }, nil +} + +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + d.logger = slog.New(slog.DiscardHandler) + } else { + d.logger = logger + } +} + +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { + if d.config.CertificateId == "" { + // 上传证书 + upres, err := d.sslManager.Upload(ctx, certPEM, privkeyPEM) + if err != nil { + return nil, fmt.Errorf("failed to upload certificate file: %w", err) + } else { + d.logger.Info("ssl certificate uploaded", slog.Any("result", upres)) + } + } else { + // 修改证书 + // REF: https://www.wangsu.com/document/api-doc/25568?productCode=certificatemanagement + updateCertificateReq := &wangsusdk.UpdateCertificateRequest{ + Name: xtypes.ToPtr(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())), + Certificate: xtypes.ToPtr(certPEM), + PrivateKey: xtypes.ToPtr(privkeyPEM), + Comment: xtypes.ToPtr("upload from certimate"), + } + updateCertificateResp, err := d.sdkClient.UpdateCertificate(d.config.CertificateId, updateCertificateReq) + d.logger.Debug("sdk request 'certificatemanagement.UpdateCertificate'", slog.Any("request", updateCertificateReq), slog.Any("response", updateCertificateResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'certificatemanagement.CreateCertificate': %w", err) + } + } + + return &core.SSLDeployResult{}, nil +} + +func createSDKClient(accessKeyId, accessKeySecret string) (*wangsusdk.Client, error) { + return wangsusdk.NewClient(accessKeyId, accessKeySecret) +} diff --git a/internal/pkg/core/deployer/providers/wangsu-certificate/wangsu_certificate_test.go b/pkg/core/ssl-deployer/providers/wangsu-certificate/wangsu_certificate_test.go similarity index 70% rename from internal/pkg/core/deployer/providers/wangsu-certificate/wangsu_certificate_test.go rename to pkg/core/ssl-deployer/providers/wangsu-certificate/wangsu_certificate_test.go index a6805ec9..3b17f7e9 100644 --- a/internal/pkg/core/deployer/providers/wangsu-certificate/wangsu_certificate_test.go +++ b/pkg/core/ssl-deployer/providers/wangsu-certificate/wangsu_certificate_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/wangsu-certificate" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/wangsu-certificate" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_WANGSUCERTIFICATE_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_WANGSUCERTIFICATE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./wangsu_certificate_test.go -args \ - --CERTIMATE_DEPLOYER_WANGSUCERTIFICATE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_WANGSUCERTIFICATE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_WANGSUCERTIFICATE_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_WANGSUCERTIFICATE_ACCESSKEYSECRET="your-access-key-secret" \ - --CERTIMATE_DEPLOYER_WANGSUCERTIFICATE_CERTIFICATEID="your-certificate-id" + --CERTIMATE_SSLDEPLOYER_WANGSUCERTIFICATE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCERTIFICATE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCERTIFICATE_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCERTIFICATE_ACCESSKEYSECRET="your-access-key-secret" \ + --CERTIMATE_SSLDEPLOYER_WANGSUCERTIFICATE_CERTIFICATEID="your-certificate-id" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("CERTIFICATEID: %v", fCertificateId), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, CertificateId: fCertificateId, diff --git a/internal/pkg/core/deployer/providers/webhook/webhook.go b/pkg/core/ssl-deployer/providers/webhook/webhook.go similarity index 86% rename from internal/pkg/core/deployer/providers/webhook/webhook.go rename to pkg/core/ssl-deployer/providers/webhook/webhook.go index 7ad6d6b0..2bf1aa14 100644 --- a/internal/pkg/core/deployer/providers/webhook/webhook.go +++ b/pkg/core/ssl-deployer/providers/webhook/webhook.go @@ -4,6 +4,7 @@ import ( "context" "crypto/tls" "encoding/json" + "errors" "fmt" "log/slog" "net/http" @@ -13,11 +14,11 @@ import ( "github.com/go-resty/resty/v2" - "github.com/usual2970/certimate/internal/pkg/core/deployer" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type DeployerConfig struct { +type SSLDeployerProviderConfig struct { // Webhook URL。 WebhookUrl string `json:"webhookUrl"` // Webhook 回调数据(application/json 或 application/x-www-form-urlencoded 格式)。 @@ -31,17 +32,17 @@ type DeployerConfig struct { AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` } -type DeployerProvider struct { - config *DeployerConfig +type SSLDeployerProvider struct { + config *SSLDeployerProviderConfig logger *slog.Logger httpClient *resty.Client } -var _ deployer.Deployer = (*DeployerProvider)(nil) +var _ core.SSLDeployer = (*SSLDeployerProvider)(nil) -func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { +func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl deployer provider is nil") } client := resty.New(). @@ -52,31 +53,30 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) { client.SetTLSClientConfig(&tls.Config{InsecureSkipVerify: true}) } - return &DeployerProvider{ + return &SSLDeployerProvider{ config: config, logger: slog.Default(), httpClient: client, }, nil } -func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer { +func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) { if logger == nil { d.logger = slog.New(slog.DiscardHandler) } else { d.logger = logger } - return d } -func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) { +func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to parse x509: %w", err) } // 提取服务器证书和中间证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -185,7 +185,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPE d.logger.Debug("webhook responded", slog.Any("response", resp.String())) - return &deployer.DeployResult{}, nil + return &core.SSLDeployResult{}, nil } func replaceJsonValueRecursively(data interface{}, oldStr, newStr string) interface{} { diff --git a/internal/pkg/core/deployer/providers/webhook/webhook_test.go b/pkg/core/ssl-deployer/providers/webhook/webhook_test.go similarity index 71% rename from internal/pkg/core/deployer/providers/webhook/webhook_test.go rename to pkg/core/ssl-deployer/providers/webhook/webhook_test.go index 8642ef14..bd089ed3 100644 --- a/internal/pkg/core/deployer/providers/webhook/webhook_test.go +++ b/pkg/core/ssl-deployer/providers/webhook/webhook_test.go @@ -8,7 +8,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/webhook" + provider "github.com/certimate-go/certimate/pkg/core/ssl-deployer/providers/webhook" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_DEPLOYER_WEBHOOK_" + argsPrefix := "CERTIMATE_SSLDEPLOYER_WEBHOOK_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -33,11 +33,11 @@ func init() { Shell command to run this test: go test -v ./webhook_test.go -args \ - --CERTIMATE_DEPLOYER_WEBHOOK_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_DEPLOYER_WEBHOOK_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_WEBHOOK_URL="https://example.com/your-webhook-url" \ - --CERTIMATE_DEPLOYER_WEBHOOK_CONTENTTYPE="application/json" \ - --CERTIMATE_DEPLOYER_WEBHOOK_DATA="{\"certificate\":\"${CERTIFICATE}\",\"privateKey\":\"${PRIVATE_KEY}\"}" + --CERTIMATE_SSLDEPLOYER_WEBHOOK_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLDEPLOYER_WEBHOOK_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLDEPLOYER_WEBHOOK_URL="https://example.com/your-webhook-url" \ + --CERTIMATE_SSLDEPLOYER_WEBHOOK_CONTENTTYPE="application/json" \ + --CERTIMATE_SSLDEPLOYER_WEBHOOK_DATA="{\"certificate\":\"${CERTIFICATE}\",\"privateKey\":\"${PRIVATE_KEY}\"}" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -52,7 +52,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("WEBHOOKDATA: %v", fWebhookData), }, "\n")) - deployer, err := provider.NewDeployer(&provider.DeployerConfig{ + deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{ WebhookUrl: fWebhookUrl, WebhookData: fWebhookData, Method: "POST", diff --git a/pkg/core/ssl-manager/providers/1panel-ssl/1panel_ssl.go b/pkg/core/ssl-manager/providers/1panel-ssl/1panel_ssl.go new file mode 100644 index 00000000..e656323f --- /dev/null +++ b/pkg/core/ssl-manager/providers/1panel-ssl/1panel_ssl.go @@ -0,0 +1,232 @@ +package onepanelssl + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "log/slog" + "strings" + "time" + + "github.com/certimate-go/certimate/pkg/core" + onepanelsdk "github.com/certimate-go/certimate/pkg/sdk3rd/1panel" + onepanelsdkv2 "github.com/certimate-go/certimate/pkg/sdk3rd/1panel/v2" +) + +type SSLManagerProviderConfig struct { + // 1Panel 服务地址。 + ServerUrl string `json:"serverUrl"` + // 1Panel 版本。 + ApiVersion string `json:"apiVersion"` + // 1Panel 接口密钥。 + ApiKey string `json:"apiKey"` + // 是否允许不安全的连接。 + AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"` +} + +type SSLManagerProvider struct { + config *SSLManagerProviderConfig + logger *slog.Logger + sdkClient any +} + +var _ core.SSLManager = (*SSLManagerProvider)(nil) + +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl manager provider is nil") + } + + client, err := createSDKClient(config.ServerUrl, config.ApiVersion, config.ApiKey, config.AllowInsecureConnections) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLManagerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + m.logger = slog.New(slog.DiscardHandler) + } else { + m.logger = logger + } +} + +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 遍历证书列表,避免重复上传 + if res, err := m.findCertIfExists(ctx, certPEM, privkeyPEM); err != nil { + return nil, err + } else if res != nil { + m.logger.Info("ssl certificate already exists") + return res, nil + } + + // 生成新证书名(需符合 1Panel 命名规则) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + + // 上传证书 + switch sdkClient := m.sdkClient.(type) { + case *onepanelsdk.Client: + { + uploadWebsiteSSLReq := &onepanelsdk.UploadWebsiteSSLRequest{ + Type: "paste", + Description: certName, + Certificate: certPEM, + PrivateKey: privkeyPEM, + } + uploadWebsiteSSLResp, err := sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq) + m.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err) + } + } + + case *onepanelsdkv2.Client: + { + uploadWebsiteSSLReq := &onepanelsdkv2.UploadWebsiteSSLRequest{ + Type: "paste", + Description: certName, + Certificate: certPEM, + PrivateKey: privkeyPEM, + } + uploadWebsiteSSLResp, err := sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq) + m.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err) + } + } + + default: + panic("sdk client is not implemented") + } + + // 遍历证书列表,获取刚刚上传证书 ID + if res, err := m.findCertIfExists(ctx, certPEM, privkeyPEM); err != nil { + return nil, err + } else if res == nil { + return nil, fmt.Errorf("no ssl certificate found, may be upload failed") + } else { + return res, nil + } +} + +func (m *SSLManagerProvider) findCertIfExists(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + searchWebsiteSSLPageNumber := int32(1) + searchWebsiteSSLPageSize := int32(100) + searchWebsiteSSLItemsCount := int32(0) + for { + select { + case <-ctx.Done(): + return nil, ctx.Err() + default: + } + + switch sdkClient := m.sdkClient.(type) { + case *onepanelsdk.Client: + { + searchWebsiteSSLReq := &onepanelsdk.SearchWebsiteSSLRequest{ + Page: searchWebsiteSSLPageNumber, + PageSize: searchWebsiteSSLPageSize, + } + searchWebsiteSSLResp, err := sdkClient.SearchWebsiteSSL(searchWebsiteSSLReq) + m.logger.Debug("sdk request '1panel.SearchWebsiteSSL'", slog.Any("request", searchWebsiteSSLReq), slog.Any("response", searchWebsiteSSLResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request '1panel.SearchWebsiteSSL': %w", err) + } + + if searchWebsiteSSLResp.Data != nil { + for _, sslItem := range searchWebsiteSSLResp.Data.Items { + if strings.TrimSpace(sslItem.PEM) == strings.TrimSpace(certPEM) && + strings.TrimSpace(sslItem.PrivateKey) == strings.TrimSpace(privkeyPEM) { + // 如果已存在相同证书,直接返回 + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", sslItem.ID), + CertName: sslItem.Description, + }, nil + } + } + } + + searchWebsiteSSLItemsCount = searchWebsiteSSLResp.Data.Total + } + + case *onepanelsdkv2.Client: + { + searchWebsiteSSLReq := &onepanelsdkv2.SearchWebsiteSSLRequest{ + Page: searchWebsiteSSLPageNumber, + PageSize: searchWebsiteSSLPageSize, + } + searchWebsiteSSLResp, err := sdkClient.SearchWebsiteSSL(searchWebsiteSSLReq) + m.logger.Debug("sdk request '1panel.SearchWebsiteSSL'", slog.Any("request", searchWebsiteSSLReq), slog.Any("response", searchWebsiteSSLResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request '1panel.SearchWebsiteSSL': %w", err) + } + + if searchWebsiteSSLResp.Data != nil { + for _, sslItem := range searchWebsiteSSLResp.Data.Items { + if strings.TrimSpace(sslItem.PEM) == strings.TrimSpace(certPEM) && + strings.TrimSpace(sslItem.PrivateKey) == strings.TrimSpace(privkeyPEM) { + // 如果已存在相同证书,直接返回 + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", sslItem.ID), + CertName: sslItem.Description, + }, nil + } + } + } + + searchWebsiteSSLItemsCount = searchWebsiteSSLResp.Data.Total + } + + default: + panic("sdk client is not implemented") + } + + if searchWebsiteSSLItemsCount < searchWebsiteSSLPageSize { + break + } else { + searchWebsiteSSLPageNumber++ + } + } + + return nil, nil +} + +const ( + sdkVersionV1 = "v1" + sdkVersionV2 = "v2" +) + +func createSDKClient(serverUrl, apiVersion, apiKey string, skipTlsVerify bool) (any, error) { + if apiVersion == sdkVersionV1 { + client, err := onepanelsdk.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil + } else if apiVersion == sdkVersionV2 { + client, err := onepanelsdkv2.NewClient(serverUrl, apiKey) + if err != nil { + return nil, err + } + + if skipTlsVerify { + client.SetTLSConfig(&tls.Config{InsecureSkipVerify: true}) + } + + return client, nil + } + + return nil, fmt.Errorf("invalid 1panel api version") +} diff --git a/internal/pkg/core/uploader/providers/1panel-ssl/1panel_ssl_test.go b/pkg/core/ssl-manager/providers/1panel-ssl/1panel_ssl_test.go similarity index 67% rename from internal/pkg/core/uploader/providers/1panel-ssl/1panel_ssl_test.go rename to pkg/core/ssl-manager/providers/1panel-ssl/1panel_ssl_test.go index d0af7c12..4947af51 100644 --- a/internal/pkg/core/uploader/providers/1panel-ssl/1panel_ssl_test.go +++ b/pkg/core/ssl-manager/providers/1panel-ssl/1panel_ssl_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/1panel-ssl" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/1panel-ssl" ) var ( @@ -21,7 +21,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_1PANELSSL_" + argsPrefix := "CERTIMATE_SSLMANAGER_1PANELSSL_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -34,11 +34,11 @@ func init() { Shell command to run this test: go test -v ./1panel_ssl_test.go -args \ - --CERTIMATE_UPLOADER_1PANELSSL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_1PANELSSL_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_1PANELSSL_SERVERURL="http://127.0.0.1:20410" \ - --CERTIMATE_UPLOADER_1PANELSSL_APIVERSION="v1" \ - --CERTIMATE_UPLOADER_1PANELSSL_APIKEY="your-api-key" + --CERTIMATE_SSLMANAGER_1PANELSSL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_1PANELSSL_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_1PANELSSL_SERVERURL="http://127.0.0.1:20410" \ + --CERTIMATE_SSLMANAGER_1PANELSSL_APIVERSION="v1" \ + --CERTIMATE_SSLMANAGER_1PANELSSL_APIKEY="your-api-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -53,7 +53,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("APIKEY: %v", fApiKey), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ ServerUrl: fServerUrl, ApiVersion: fApiVersion, ApiKey: fApiKey, @@ -65,7 +65,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/aliyun-cas/aliyun_cas.go b/pkg/core/ssl-manager/providers/aliyun-cas/aliyun_cas.go similarity index 73% rename from internal/pkg/core/uploader/providers/aliyun-cas/aliyun_cas.go rename to pkg/core/ssl-manager/providers/aliyun-cas/aliyun_cas.go index ea0968eb..bcbecd3b 100644 --- a/internal/pkg/core/uploader/providers/aliyun-cas/aliyun_cas.go +++ b/pkg/core/ssl-manager/providers/aliyun-cas/aliyun_cas.go @@ -2,6 +2,7 @@ package aliyuncas import ( "context" + "errors" "fmt" "log/slog" "strings" @@ -11,12 +12,12 @@ import ( aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -27,43 +28,42 @@ type UploaderConfig struct { Region string `json:"region"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *alicas.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -81,13 +81,13 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } listUserCertificateOrderReq := &alicas.ListUserCertificateOrderRequest{ - ResourceGroupId: typeutil.ToPtrOrZeroNil(u.config.ResourceGroupId), + ResourceGroupId: xtypes.ToPtrOrZeroNil(m.config.ResourceGroupId), CurrentPage: tea.Int64(listUserCertificateOrderPage), ShowSize: tea.Int64(listUserCertificateOrderLimit), OrderType: tea.String("CERT"), } - listUserCertificateOrderResp, err := u.sdkClient.ListUserCertificateOrder(listUserCertificateOrderReq) - u.logger.Debug("sdk request 'cas.ListUserCertificateOrder'", slog.Any("request", listUserCertificateOrderReq), slog.Any("response", listUserCertificateOrderResp)) + listUserCertificateOrderResp, err := m.sdkClient.ListUserCertificateOrder(listUserCertificateOrderReq) + m.logger.Debug("sdk request 'cas.ListUserCertificateOrder'", slog.Any("request", listUserCertificateOrderReq), slog.Any("response", listUserCertificateOrderResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cas.ListUserCertificateOrder': %w", err) } @@ -101,8 +101,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE getUserCertificateDetailReq := &alicas.GetUserCertificateDetailRequest{ CertId: certDetail.CertificateId, } - getUserCertificateDetailResp, err := u.sdkClient.GetUserCertificateDetail(getUserCertificateDetailReq) - u.logger.Debug("sdk request 'cas.GetUserCertificateDetail'", slog.Any("request", getUserCertificateDetailReq), slog.Any("response", getUserCertificateDetailResp)) + getUserCertificateDetailResp, err := m.sdkClient.GetUserCertificateDetail(getUserCertificateDetailReq) + m.logger.Debug("sdk request 'cas.GetUserCertificateDetail'", slog.Any("request", getUserCertificateDetailReq), slog.Any("response", getUserCertificateDetailResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cas.GetUserCertificateDetail': %w", err) } @@ -111,18 +111,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if *getUserCertificateDetailResp.Body.Cert == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(*getUserCertificateDetailResp.Body.Cert) + oldCertX509, err := xcert.ParseCertificateFromPEM(*getUserCertificateDetailResp.Body.Cert) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: fmt.Sprintf("%d", tea.Int64Value(certDetail.CertificateId)), CertName: *certDetail.Name, ExtendedData: map[string]any{ @@ -147,13 +147,13 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 上传新证书 // REF: https://help.aliyun.com/zh/ssl-certificate/developer-reference/api-cas-2020-04-07-uploadusercertificate uploadUserCertificateReq := &alicas.UploadUserCertificateRequest{ - ResourceGroupId: typeutil.ToPtrOrZeroNil(u.config.ResourceGroupId), + ResourceGroupId: xtypes.ToPtrOrZeroNil(m.config.ResourceGroupId), Name: tea.String(certName), Cert: tea.String(certPEM), Key: tea.String(privkeyPEM), } - uploadUserCertificateResp, err := u.sdkClient.UploadUserCertificate(uploadUserCertificateReq) - u.logger.Debug("sdk request 'cas.UploadUserCertificate'", slog.Any("request", uploadUserCertificateReq), slog.Any("response", uploadUserCertificateResp)) + uploadUserCertificateResp, err := m.sdkClient.UploadUserCertificate(uploadUserCertificateReq) + m.logger.Debug("sdk request 'cas.UploadUserCertificate'", slog.Any("request", uploadUserCertificateReq), slog.Any("response", uploadUserCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cas.UploadUserCertificate': %w", err) } @@ -164,13 +164,13 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE CertId: uploadUserCertificateResp.Body.CertId, CertFilter: tea.Bool(true), } - getUserCertificateDetailResp, err := u.sdkClient.GetUserCertificateDetail(getUserCertificateDetailReq) - u.logger.Debug("sdk request 'cas.GetUserCertificateDetail'", slog.Any("request", getUserCertificateDetailReq), slog.Any("response", getUserCertificateDetailResp)) + getUserCertificateDetailResp, err := m.sdkClient.GetUserCertificateDetail(getUserCertificateDetailReq) + m.logger.Debug("sdk request 'cas.GetUserCertificateDetail'", slog.Any("request", getUserCertificateDetailReq), slog.Any("response", getUserCertificateDetailResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cas.GetUserCertificateDetail': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: fmt.Sprintf("%d", tea.Int64Value(getUserCertificateDetailResp.Body.Id)), CertName: certName, ExtendedData: map[string]any{ @@ -180,7 +180,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE }, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*alicas.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*alicas.Client, error) { // 接入点一览 https://api.aliyun.com/product/cas var endpoint string switch region { diff --git a/internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go b/pkg/core/ssl-manager/providers/aliyun-slb/aliyun_slb.go similarity index 66% rename from internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go rename to pkg/core/ssl-manager/providers/aliyun-slb/aliyun_slb.go index dac9c7bd..eced6360 100644 --- a/internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go +++ b/pkg/core/ssl-manager/providers/aliyun-slb/aliyun_slb.go @@ -4,6 +4,7 @@ import ( "context" "crypto/sha256" "encoding/hex" + "errors" "fmt" "log/slog" "regexp" @@ -14,12 +15,12 @@ import ( alislb "github.com/alibabacloud-go/slb-20140515/v4/client" "github.com/alibabacloud-go/tea/tea" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 阿里云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 阿里云 AccessKeySecret。 @@ -30,43 +31,42 @@ type UploaderConfig struct { Region string `json:"region"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *alislb.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -74,11 +74,11 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 查询证书列表,避免重复上传 // REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-describeservercertificates describeServerCertificatesReq := &alislb.DescribeServerCertificatesRequest{ - ResourceGroupId: typeutil.ToPtrOrZeroNil(u.config.ResourceGroupId), - RegionId: tea.String(u.config.Region), + ResourceGroupId: xtypes.ToPtrOrZeroNil(m.config.ResourceGroupId), + RegionId: tea.String(m.config.Region), } - describeServerCertificatesResp, err := u.sdkClient.DescribeServerCertificates(describeServerCertificatesReq) - u.logger.Debug("sdk request 'slb.DescribeServerCertificates'", slog.Any("request", describeServerCertificatesReq), slog.Any("response", describeServerCertificatesResp)) + describeServerCertificatesResp, err := m.sdkClient.DescribeServerCertificates(describeServerCertificatesReq) + m.logger.Debug("sdk request 'slb.DescribeServerCertificates'", slog.Any("request", describeServerCertificatesReq), slog.Any("response", describeServerCertificatesResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'slb.DescribeServerCertificates': %w", err) } @@ -92,8 +92,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE strings.EqualFold(certX509.Subject.CommonName, *certDetail.CommonName) // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: *certDetail.ServerCertificateId, CertName: *certDetail.ServerCertificateName, }, nil @@ -102,11 +102,10 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 生成新证书名(需符合阿里云命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate_%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate_%d", time.Now().UnixMilli()) // 去除证书和私钥内容中的空白行,以符合阿里云 API 要求 - // REF: https://github.com/usual2970/certimate/issues/326 + // REF: https://github.com/certimate-go/certimate/issues/326 re := regexp.MustCompile(`(?m)^\s*$\n?`) certPEM = strings.TrimSpace(re.ReplaceAllString(certPEM, "")) privkeyPEM = strings.TrimSpace(re.ReplaceAllString(privkeyPEM, "")) @@ -114,26 +113,25 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 上传新证书 // REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-uploadservercertificate uploadServerCertificateReq := &alislb.UploadServerCertificateRequest{ - ResourceGroupId: typeutil.ToPtrOrZeroNil(u.config.ResourceGroupId), - RegionId: tea.String(u.config.Region), + ResourceGroupId: xtypes.ToPtrOrZeroNil(m.config.ResourceGroupId), + RegionId: tea.String(m.config.Region), ServerCertificateName: tea.String(certName), ServerCertificate: tea.String(certPEM), PrivateKey: tea.String(privkeyPEM), } - uploadServerCertificateResp, err := u.sdkClient.UploadServerCertificate(uploadServerCertificateReq) - u.logger.Debug("sdk request 'slb.UploadServerCertificate'", slog.Any("request", uploadServerCertificateReq), slog.Any("response", uploadServerCertificateResp)) + uploadServerCertificateResp, err := m.sdkClient.UploadServerCertificate(uploadServerCertificateReq) + m.logger.Debug("sdk request 'slb.UploadServerCertificate'", slog.Any("request", uploadServerCertificateReq), slog.Any("response", uploadServerCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'slb.UploadServerCertificate': %w", err) } - certId = *uploadServerCertificateResp.Body.ServerCertificateId - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: *uploadServerCertificateResp.Body.ServerCertificateId, CertName: certName, }, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*alislb.Client, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*alislb.Client, error) { // 接入点一览 https://api.aliyun.com/product/Slb var endpoint string switch region { diff --git a/internal/pkg/core/uploader/providers/aws-acm/aws_acm.go b/pkg/core/ssl-manager/providers/aws-acm/aws_acm.go similarity index 70% rename from internal/pkg/core/uploader/providers/aws-acm/aws_acm.go rename to pkg/core/ssl-manager/providers/aws-acm/aws_acm.go index 4f215266..21de4df7 100644 --- a/internal/pkg/core/uploader/providers/aws-acm/aws_acm.go +++ b/pkg/core/ssl-manager/providers/aws-acm/aws_acm.go @@ -2,6 +2,7 @@ package awsacm import ( "context" + "errors" "fmt" "log/slog" @@ -11,11 +12,11 @@ import ( awsacm "github.com/aws/aws-sdk-go-v2/service/acm" "golang.org/x/exp/slices" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // AWS AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // AWS SecretAccessKey。 @@ -24,49 +25,48 @@ type UploaderConfig struct { Region string `json:"region"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *awsacm.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } // 提取服务器证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -86,8 +86,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE NextToken: listCertificatesNextToken, MaxItems: aws.Int32(listCertificatesMaxItems), } - listCertificatesResp, err := u.sdkClient.ListCertificates(context.TODO(), listCertificatesReq) - u.logger.Debug("sdk request 'acm.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) + listCertificatesResp, err := m.sdkClient.ListCertificates(context.TODO(), listCertificatesReq) + m.logger.Debug("sdk request 'acm.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'acm.ListCertificates': %w", err) } @@ -111,24 +111,24 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE getCertificateReq := &awsacm.GetCertificateInput{ CertificateArn: certSummary.CertificateArn, } - getCertificateResp, err := u.sdkClient.GetCertificate(context.TODO(), getCertificateReq) + getCertificateResp, err := m.sdkClient.GetCertificate(context.TODO(), getCertificateReq) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'acm.GetCertificate': %w", err) } else { oldCertPEM := aws.ToString(getCertificateResp.Certificate) - oldCertX509, err := certutil.ParseCertificateFromPEM(oldCertPEM) + oldCertX509, err := xcert.ParseCertificateFromPEM(oldCertPEM) if err != nil { continue } - if !certutil.EqualCertificate(certX509, oldCertX509) { + if !xcert.EqualCertificate(certX509, oldCertX509) { continue } } // 如果以上信息都一致,则视为已存在相同证书,直接返回 - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: *certSummary.CertificateArn, }, nil } @@ -147,18 +147,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE CertificateChain: ([]byte)(intermediaCertPEM), PrivateKey: ([]byte)(privkeyPEM), } - importCertificateResp, err := u.sdkClient.ImportCertificate(context.TODO(), importCertificateReq) - u.logger.Debug("sdk request 'acm.ImportCertificate'", slog.Any("request", importCertificateReq), slog.Any("response", importCertificateResp)) + importCertificateResp, err := m.sdkClient.ImportCertificate(context.TODO(), importCertificateReq) + m.logger.Debug("sdk request 'acm.ImportCertificate'", slog.Any("request", importCertificateReq), slog.Any("response", importCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'acm.ImportCertificate': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: aws.ToString(importCertificateResp.CertificateArn), }, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*awsacm.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*awsacm.Client, error) { cfg, err := awscfg.LoadDefaultConfig(context.TODO()) if err != nil { return nil, err diff --git a/internal/pkg/core/uploader/providers/aws-iam/aws_iam.go b/pkg/core/ssl-manager/providers/aws-iam/aws_iam.go similarity index 69% rename from internal/pkg/core/uploader/providers/aws-iam/aws_iam.go rename to pkg/core/ssl-manager/providers/aws-iam/aws_iam.go index 10f1a174..df2555a8 100644 --- a/internal/pkg/core/uploader/providers/aws-iam/aws_iam.go +++ b/pkg/core/ssl-manager/providers/aws-iam/aws_iam.go @@ -2,6 +2,7 @@ package awsiam import ( "context" + "errors" "fmt" "log/slog" "time" @@ -11,11 +12,11 @@ import ( awscred "github.com/aws/aws-sdk-go-v2/credentials" awsiam "github.com/aws/aws-sdk-go-v2/service/iam" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // AWS AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // AWS SecretAccessKey。 @@ -27,49 +28,48 @@ type UploaderConfig struct { CertificatePath string `json:"certificatePath,omitempty"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *awsiam.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } // 提取服务器证书 - serverCertPEM, intermediaCertPEM, err := certutil.ExtractCertificatesFromPEM(certPEM) + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) if err != nil { return nil, fmt.Errorf("failed to extract certs: %w", err) } @@ -89,18 +89,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE Marker: listServerCertificatesMarker, MaxItems: aws.Int32(listServerCertificatesMaxItems), } - if u.config.CertificatePath != "" { - listServerCertificatesReq.PathPrefix = aws.String(u.config.CertificatePath) + if m.config.CertificatePath != "" { + listServerCertificatesReq.PathPrefix = aws.String(m.config.CertificatePath) } - listServerCertificatesResp, err := u.sdkClient.ListServerCertificates(context.TODO(), listServerCertificatesReq) - u.logger.Debug("sdk request 'iam.ListServerCertificates'", slog.Any("request", listServerCertificatesReq), slog.Any("response", listServerCertificatesResp)) + listServerCertificatesResp, err := m.sdkClient.ListServerCertificates(context.TODO(), listServerCertificatesReq) + m.logger.Debug("sdk request 'iam.ListServerCertificates'", slog.Any("request", listServerCertificatesReq), slog.Any("response", listServerCertificatesResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'iam.ListServerCertificates': %w", err) } for _, certMeta := range listServerCertificatesResp.ServerCertificateMetadataList { // 先对比证书路径 - if u.config.CertificatePath != "" && aws.ToString(certMeta.Path) != u.config.CertificatePath { + if m.config.CertificatePath != "" && aws.ToString(certMeta.Path) != m.config.CertificatePath { continue } @@ -114,24 +114,24 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE getServerCertificateReq := &awsiam.GetServerCertificateInput{ ServerCertificateName: certMeta.ServerCertificateName, } - getServerCertificateResp, err := u.sdkClient.GetServerCertificate(context.TODO(), getServerCertificateReq) + getServerCertificateResp, err := m.sdkClient.GetServerCertificate(context.TODO(), getServerCertificateReq) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'iam.GetServerCertificate': %w", err) } else { oldCertPEM := aws.ToString(getServerCertificateResp.ServerCertificate.CertificateBody) - oldCertX509, err := certutil.ParseCertificateFromPEM(oldCertPEM) + oldCertX509, err := xcert.ParseCertificateFromPEM(oldCertPEM) if err != nil { continue } - if !certutil.EqualCertificate(certX509, oldCertX509) { + if !xcert.EqualCertificate(certX509, oldCertX509) { continue } } // 如果以上信息都一致,则视为已存在相同证书,直接返回 - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: aws.ToString(certMeta.ServerCertificateId), CertName: aws.ToString(certMeta.ServerCertificateName), }, nil @@ -151,27 +151,27 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // REF: https://docs.aws.amazon.com/en_us/IAM/latest/APIReference/API_UploadServerCertificate.html uploadServerCertificateReq := &awsiam.UploadServerCertificateInput{ ServerCertificateName: aws.String(certName), - Path: aws.String(u.config.CertificatePath), + Path: aws.String(m.config.CertificatePath), CertificateBody: aws.String(serverCertPEM), CertificateChain: aws.String(intermediaCertPEM), PrivateKey: aws.String(privkeyPEM), } - if u.config.CertificatePath == "" { + if m.config.CertificatePath == "" { uploadServerCertificateReq.Path = aws.String("/") } - uploadServerCertificateResp, err := u.sdkClient.UploadServerCertificate(context.TODO(), uploadServerCertificateReq) - u.logger.Debug("sdk request 'iam.UploadServerCertificate'", slog.Any("request", uploadServerCertificateReq), slog.Any("response", uploadServerCertificateResp)) + uploadServerCertificateResp, err := m.sdkClient.UploadServerCertificate(context.TODO(), uploadServerCertificateReq) + m.logger.Debug("sdk request 'iam.UploadServerCertificate'", slog.Any("request", uploadServerCertificateReq), slog.Any("response", uploadServerCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'iam.UploadServerCertificate': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: aws.ToString(uploadServerCertificateResp.ServerCertificateMetadata.ServerCertificateId), CertName: certName, }, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*awsiam.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*awsiam.Client, error) { cfg, err := awscfg.LoadDefaultConfig(context.TODO()) if err != nil { return nil, err diff --git a/internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault.go b/pkg/core/ssl-manager/providers/azure-keyvault/azure_keyvault.go similarity index 74% rename from internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault.go rename to pkg/core/ssl-manager/providers/azure-keyvault/azure_keyvault.go index eb67fd2f..79209710 100644 --- a/internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault.go +++ b/pkg/core/ssl-manager/providers/azure-keyvault/azure_keyvault.go @@ -4,6 +4,7 @@ import ( "context" "crypto/x509" "encoding/base64" + "errors" "fmt" "log/slog" "time" @@ -13,12 +14,12 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azidentity" "github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azcertificates" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - azcommon "github.com/usual2970/certimate/internal/pkg/sdk3rd/azure/common" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + azenv "github.com/certimate-go/certimate/pkg/sdk3rd/azure/env" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // Azure TenantId。 TenantId string `json:"tenantId"` // Azure ClientId。 @@ -31,43 +32,42 @@ type UploaderConfig struct { KeyVaultName string `json:"keyvaultName"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *azcertificates.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.TenantId, config.ClientId, config.ClientSecret, config.CloudName, config.KeyVaultName) + client, err := createSDKClient(config.TenantId, config.ClientId, config.ClientSecret, config.CloudName, config.KeyVaultName) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -80,7 +80,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 获取证书列表,避免重复上传 // REF: https://learn.microsoft.com/en-us/rest/api/keyvault/certificates/get-certificates/get-certificates - listCertificatesPager := u.sdkClient.NewListCertificatePropertiesPager(nil) + listCertificatesPager := m.sdkClient.NewListCertificatePropertiesPager(nil) for listCertificatesPager.More() { page, err := listCertificatesPager.NextPage(context.TODO()) if err != nil { @@ -114,8 +114,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 最后对比证书内容 - getCertificateResp, err := u.sdkClient.GetCertificate(context.TODO(), certProp.ID.Name(), certProp.ID.Version(), nil) - u.logger.Debug("sdk request 'keyvault.GetCertificate'", slog.String("request.certificateName", certProp.ID.Name()), slog.String("request.certificateVersion", certProp.ID.Version()), slog.Any("response", getCertificateResp)) + getCertificateResp, err := m.sdkClient.GetCertificate(context.TODO(), certProp.ID.Name(), certProp.ID.Version(), nil) + m.logger.Debug("sdk request 'keyvault.GetCertificate'", slog.String("request.certificateName", certProp.ID.Name()), slog.String("request.certificateVersion", certProp.ID.Version()), slog.Any("response", getCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'keyvault.GetCertificate': %w", err) } else { @@ -124,14 +124,14 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE continue } - if !certutil.EqualCertificate(certX509, oldCertX509) { + if !xcert.EqualCertificate(certX509, oldCertX509) { continue } } // 如果以上信息都一致,则视为已存在相同证书,直接返回 - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: string(*certProp.ID), CertName: certProp.ID.Name(), }, nil @@ -144,7 +144,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // Azure Key Vault 不支持导入带有 Certificiate Chain 的 PEM 证书。 // Issue Link: https://github.com/Azure/azure-cli/issues/19017 // 暂时的解决方法是,将 PEM 证书转换成 PFX 格式,然后再导入。 - certPFX, err := certutil.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, "") + certPFX, err := xcert.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, "") if err != nil { return nil, fmt.Errorf("failed to transform certificate from PEM to PFX: %w", err) } @@ -163,20 +163,20 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE TAG_CERTSN: to.Ptr(certSN), }, } - importCertificateResp, err := u.sdkClient.ImportCertificate(context.TODO(), certName, importCertificateParams, nil) - u.logger.Debug("sdk request 'keyvault.ImportCertificate'", slog.String("request.certificateName", certName), slog.Any("request.parameters", importCertificateParams), slog.Any("response", importCertificateResp)) + importCertificateResp, err := m.sdkClient.ImportCertificate(context.TODO(), certName, importCertificateParams, nil) + m.logger.Debug("sdk request 'keyvault.ImportCertificate'", slog.String("request.certificateName", certName), slog.Any("request.parameters", importCertificateParams), slog.Any("response", importCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'keyvault.ImportCertificate': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: string(*importCertificateResp.ID), CertName: certName, }, nil } -func createSdkClient(tenantId, clientId, clientSecret, cloudName, keyvaultName string) (*azcertificates.Client, error) { - env, err := azcommon.GetCloudEnvironmentConfiguration(cloudName) +func createSDKClient(tenantId, clientId, clientSecret, cloudName, keyvaultName string) (*azcertificates.Client, error) { + env, err := azenv.GetCloudEnvConfiguration(cloudName) if err != nil { return nil, err } @@ -189,9 +189,9 @@ func createSdkClient(tenantId, clientId, clientSecret, cloudName, keyvaultName s } endpoint := fmt.Sprintf("https://%s.vault.azure.net", keyvaultName) - if azcommon.IsEnvironmentGovernment(cloudName) { + if azenv.IsUSGovernmentEnv(cloudName) { endpoint = fmt.Sprintf("https://%s.vault.usgovcloudapi.net", keyvaultName) - } else if azcommon.IsEnvironmentChina(cloudName) { + } else if azenv.IsChinaEnv(cloudName) { endpoint = fmt.Sprintf("https://%s.vault.azure.cn", keyvaultName) } diff --git a/internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault_test.go b/pkg/core/ssl-manager/providers/azure-keyvault/azure_keyvault_test.go similarity index 66% rename from internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault_test.go rename to pkg/core/ssl-manager/providers/azure-keyvault/azure_keyvault_test.go index 492f7e5c..14889b47 100644 --- a/internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault_test.go +++ b/pkg/core/ssl-manager/providers/azure-keyvault/azure_keyvault_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/azure-keyvault" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/azure-keyvault" ) var ( @@ -23,7 +23,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_AZUREKEYVAULT_" + argsPrefix := "CERTIMATE_SSLMANAGER_AZUREKEYVAULT_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -38,13 +38,13 @@ func init() { Shell command to run this test: go test -v ./azure_keyvault_test.go -args \ - --CERTIMATE_UPLOADER_AZUREKEYVAULT_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_AZUREKEYVAULT_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_AZUREKEYVAULT_TENANTID="your-tenant-id" \ - --CERTIMATE_UPLOADER_AZUREKEYVAULT_CLIENTID="your-app-registration-client-id" \ - --CERTIMATE_UPLOADER_AZUREKEYVAULT_CLIENTSECRET="your-app-registration-client-secret" \ - --CERTIMATE_UPLOADER_AZUREKEYVAULT_CLOUDNAME="china" \ - --CERTIMATE_UPLOADER_AZUREKEYVAULT_KEYVAULTNAME="your-keyvault-name" + --CERTIMATE_SSLMANAGER_AZUREKEYVAULT_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_AZUREKEYVAULT_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_AZUREKEYVAULT_TENANTID="your-tenant-id" \ + --CERTIMATE_SSLMANAGER_AZUREKEYVAULT_CLIENTID="your-app-registration-client-id" \ + --CERTIMATE_SSLMANAGER_AZUREKEYVAULT_CLIENTSECRET="your-app-registration-client-secret" \ + --CERTIMATE_SSLMANAGER_AZUREKEYVAULT_CLOUDNAME="china" \ + --CERTIMATE_SSLMANAGER_AZUREKEYVAULT_KEYVAULTNAME="your-keyvault-name" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -61,7 +61,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("KEYVAULTNAME: %v", fKeyVaultName), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ TenantId: fTenantId, ClientId: fClientId, ClientSecret: fClientSecret, @@ -75,7 +75,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/baiducloud-cert/baiducloud_cert.go b/pkg/core/ssl-manager/providers/baiducloud-cert/baiducloud_cert.go similarity index 61% rename from internal/pkg/core/uploader/providers/baiducloud-cert/baiducloud_cert.go rename to pkg/core/ssl-manager/providers/baiducloud-cert/baiducloud_cert.go index b0fca821..5c9bbde3 100644 --- a/internal/pkg/core/uploader/providers/baiducloud-cert/baiducloud_cert.go +++ b/pkg/core/ssl-manager/providers/baiducloud-cert/baiducloud_cert.go @@ -2,68 +2,68 @@ package baiducloudcert import ( "context" + "errors" "fmt" "log/slog" "strings" "time" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - bdsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/baiducloud/cert" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + bdsdk "github.com/certimate-go/certimate/pkg/sdk3rd/baiducloud/cert" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 百度智能云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 百度智能云 SecretAccessKey。 SecretAccessKey string `json:"secretAccessKey"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *bdsdk.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } // 遍历证书列表,避免重复上传 // REF: https://cloud.baidu.com/doc/Reference/s/Gjwvz27xu#35-%E6%9F%A5%E7%9C%8B%E8%AF%81%E4%B9%A6%E5%88%97%E8%A1%A8%E8%AF%A6%E6%83%85 - listCertDetail, err := u.sdkClient.ListCertDetail() - u.logger.Debug("sdk request 'cert.ListCertDetail'", slog.Any("response", listCertDetail)) + listCertDetail, err := m.sdkClient.ListCertDetail() + m.logger.Debug("sdk request 'cert.ListCertDetail'", slog.Any("response", listCertDetail)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cert.ListCertDetail': %w", err) } else { @@ -86,23 +86,23 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 最后对比证书内容 - getCertDetailResp, err := u.sdkClient.GetCertRawData(certDetail.CertId) - u.logger.Debug("sdk request 'cert.GetCertRawData'", slog.Any("certId", certDetail.CertId), slog.Any("response", getCertDetailResp)) + getCertDetailResp, err := m.sdkClient.GetCertRawData(certDetail.CertId) + m.logger.Debug("sdk request 'cert.GetCertRawData'", slog.Any("certId", certDetail.CertId), slog.Any("response", getCertDetailResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cert.GetCertRawData': %w", err) } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(getCertDetailResp.CertServerData) + oldCertX509, err := xcert.ParseCertificateFromPEM(getCertDetailResp.CertServerData) if err != nil { continue } - if !certutil.EqualCertificate(certX509, oldCertX509) { + if !xcert.EqualCertificate(certX509, oldCertX509) { continue } } // 如果以上信息都一致,则视为已存在相同证书,直接返回 - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certDetail.CertId, CertName: certDetail.CertName, }, nil @@ -115,19 +115,19 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE createCertReq.CertName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) createCertReq.CertServerData = certPEM createCertReq.CertPrivateData = privkeyPEM - createCertResp, err := u.sdkClient.CreateCert(createCertReq) - u.logger.Debug("sdk request 'cert.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) + createCertResp, err := m.sdkClient.CreateCert(createCertReq) + m.logger.Debug("sdk request 'cert.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cert.CreateCert': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: createCertResp.CertId, CertName: createCertResp.CertName, }, nil } -func createSdkClient(accessKeyId, secretAccessKey string) (*bdsdk.Client, error) { +func createSDKClient(accessKeyId, secretAccessKey string) (*bdsdk.Client, error) { client, err := bdsdk.NewClient(accessKeyId, secretAccessKey, "") if err != nil { return nil, err diff --git a/internal/pkg/core/uploader/providers/baiducloud-cert/baiducloud_cert_test.go b/pkg/core/ssl-manager/providers/baiducloud-cert/baiducloud_cert_test.go similarity index 66% rename from internal/pkg/core/uploader/providers/baiducloud-cert/baiducloud_cert_test.go rename to pkg/core/ssl-manager/providers/baiducloud-cert/baiducloud_cert_test.go index 80b2a7ca..80c7d790 100644 --- a/internal/pkg/core/uploader/providers/baiducloud-cert/baiducloud_cert_test.go +++ b/pkg/core/ssl-manager/providers/baiducloud-cert/baiducloud_cert_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/baiducloud-cert" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/baiducloud-cert" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_BAIDUCLOUDCAS_" + argsPrefix := "CERTIMATE_SSLMANAGER_BAIDUCLOUDCAS_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./baiducloud_cas_test.go -args \ - --CERTIMATE_UPLOADER_BAIDUCLOUDCAS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_BAIDUCLOUDCAS_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_BAIDUCLOUDCAS_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_UPLOADER_BAIDUCLOUDCAS_SECRETACCESSKEY="your-access-key-secret" + --CERTIMATE_SSLMANAGER_BAIDUCLOUDCAS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_BAIDUCLOUDCAS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_BAIDUCLOUDCAS_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_BAIDUCLOUDCAS_SECRETACCESSKEY="your-access-key-secret" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ AccessKeyId: fAccessKeyId, SecretAccessKey: fSecretAccessKey, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/byteplus-cdn/byteplus_cdn.go b/pkg/core/ssl-manager/providers/byteplus-cdn/byteplus_cdn.go similarity index 69% rename from internal/pkg/core/uploader/providers/byteplus-cdn/byteplus_cdn.go rename to pkg/core/ssl-manager/providers/byteplus-cdn/byteplus_cdn.go index a654db31..cc42c749 100644 --- a/internal/pkg/core/uploader/providers/byteplus-cdn/byteplus_cdn.go +++ b/pkg/core/ssl-manager/providers/byteplus-cdn/byteplus_cdn.go @@ -5,6 +5,7 @@ import ( "crypto/sha1" "crypto/sha256" "encoding/hex" + "errors" "fmt" "log/slog" "strings" @@ -12,53 +13,52 @@ import ( bytepluscdn "github.com/byteplus-sdk/byteplus-sdk-golang/service/cdn" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // BytePlus AccessKey。 AccessKey string `json:"accessKey"` // BytePlus SecretKey。 SecretKey string `json:"secretKey"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *bytepluscdn.CDN } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } client := bytepluscdn.NewInstance() client.Client.SetAccessKey(config.AccessKey) client.Client.SetSecretKey(config.SecretKey) - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -80,8 +80,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE default: } - listCertInfoResp, err := u.sdkClient.ListCertInfo(listCertInfoReq) - u.logger.Debug("sdk request 'cdn.ListCertInfo'", slog.Any("request", listCertInfoReq), slog.Any("response", listCertInfoResp)) + listCertInfoResp, err := m.sdkClient.ListCertInfo(listCertInfoReq) + m.logger.Debug("sdk request 'cdn.ListCertInfo'", slog.Any("request", listCertInfoReq), slog.Any("response", listCertInfoResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cdn.ListCertInfo': %w", err) } @@ -94,8 +94,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE strings.EqualFold(hex.EncodeToString(fingerprintSha256[:]), certDetail.CertFingerprint.Sha256) // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certDetail.CertId, CertName: certDetail.Desc, }, nil @@ -113,8 +113,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 生成新证书名(需符合 BytePlus 命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) // 上传新证书 // REF: https://docs.byteplus.com/en/docs/byteplus-cdn/reference-addcertificate @@ -124,15 +123,14 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE Source: bytepluscdn.GetStrPtr("cert_center"), Desc: bytepluscdn.GetStrPtr(certName), } - addCertificateResp, err := u.sdkClient.AddCertificate(addCertificateReq) - u.logger.Debug("sdk request 'cdn.AddCertificate'", slog.Any("request", addCertificateReq), slog.Any("response", addCertificateResp)) + addCertificateResp, err := m.sdkClient.AddCertificate(addCertificateReq) + m.logger.Debug("sdk request 'cdn.AddCertificate'", slog.Any("request", addCertificateReq), slog.Any("response", addCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cdn.AddCertificate': %w", err) } - certId = addCertificateResp.Result.CertId - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: addCertificateResp.Result.CertId, CertName: certName, }, nil } diff --git a/pkg/core/ssl-manager/providers/ctcccloud-ao/ctcccloud_ao.go b/pkg/core/ssl-manager/providers/ctcccloud-ao/ctcccloud_ao.go new file mode 100644 index 00000000..b2b74e7b --- /dev/null +++ b/pkg/core/ssl-manager/providers/ctcccloud-ao/ctcccloud_ao.go @@ -0,0 +1,171 @@ +package ctcccloudao + +import ( + "context" + "errors" + "fmt" + "log/slog" + "slices" + "strings" + "time" + + "github.com/certimate-go/certimate/pkg/core" + ctyunao "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/ao" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLManagerProviderConfig struct { + // 天翼云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 天翼云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` +} + +type SSLManagerProvider struct { + config *SSLManagerProviderConfig + logger *slog.Logger + sdkClient *ctyunao.Client +} + +var _ core.SSLManager = (*SSLManagerProvider)(nil) + +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl manager provider is nil") + } + + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLManagerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + m.logger = slog.New(slog.DiscardHandler) + } else { + m.logger = logger + } +} + +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 解析证书内容 + certX509, err := xcert.ParseCertificateFromPEM(certPEM) + if err != nil { + return nil, err + } + + // 查询用户名下证书列表,避免重复上传 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=113&api=13175&data=174&isNormal=1&vid=167 + listCertPage := int32(1) + listCertPerPage := int32(1000) + for { + select { + case <-ctx.Done(): + return nil, ctx.Err() + default: + } + + listCertsReq := &ctyunao.ListCertsRequest{ + Page: xtypes.ToPtr(listCertPage), + PerPage: xtypes.ToPtr(listCertPerPage), + UsageMode: xtypes.ToPtr(int32(0)), + } + listCertsResp, err := m.sdkClient.ListCerts(listCertsReq) + m.logger.Debug("sdk request 'ao.ListCerts'", slog.Any("request", listCertsReq), slog.Any("response", listCertsResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'ao.ListCerts': %w", err) + } + + if listCertsResp.ReturnObj != nil { + for _, certRecord := range listCertsResp.ReturnObj.Results { + // 对比证书通用名称 + if !strings.EqualFold(certX509.Subject.CommonName, certRecord.CN) { + continue + } + + // 对比证书扩展名称 + if !slices.Equal(certX509.DNSNames, certRecord.SANs) { + continue + } + + // 对比证书有效期 + if !certX509.NotBefore.Equal(time.Unix(certRecord.IssueTime, 0).UTC()) { + continue + } else if !certX509.NotAfter.Equal(time.Unix(certRecord.ExpiresTime, 0).UTC()) { + continue + } + + // 查询证书详情 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=113&api=13015&data=174&isNormal=1&vid=167 + queryCertReq := &ctyunao.QueryCertRequest{ + Id: xtypes.ToPtr(certRecord.Id), + } + queryCertResp, err := m.sdkClient.QueryCert(queryCertReq) + m.logger.Debug("sdk request 'ao.QueryCert'", slog.Any("request", queryCertReq), slog.Any("response", queryCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'ao.QueryCert': %w", err) + } else if queryCertResp.ReturnObj != nil && queryCertResp.ReturnObj.Result != nil { + var isSameCert bool + if queryCertResp.ReturnObj.Result.Certs == certPEM { + isSameCert = true + } else { + oldCertX509, err := xcert.ParseCertificateFromPEM(queryCertResp.ReturnObj.Result.Certs) + if err != nil { + continue + } + + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) + } + + // 如果已存在相同证书,直接返回 + if isSameCert { + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", queryCertResp.ReturnObj.Result.Id), + CertName: queryCertResp.ReturnObj.Result.Name, + }, nil + } + } + } + } + + if listCertsResp.ReturnObj == nil || len(listCertsResp.ReturnObj.Results) < int(listCertPerPage) { + break + } else { + listCertPage++ + } + } + + // 生成新证书名(需符合天翼云命名规则) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + + // 创建证书 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=113&api=13014&data=174&isNormal=1&vid=167 + createCertReq := &ctyunao.CreateCertRequest{ + Name: xtypes.ToPtr(certName), + Certs: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), + } + createCertResp, err := m.sdkClient.CreateCert(createCertReq) + m.logger.Debug("sdk request 'ao.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'ao.CreateCert': %w", err) + } + + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", createCertResp.ReturnObj.Id), + CertName: certName, + }, nil +} + +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyunao.Client, error) { + return ctyunao.NewClient(accessKeyId, secretAccessKey) +} diff --git a/pkg/core/ssl-manager/providers/ctcccloud-ao/ctcccloud_ao_test.go b/pkg/core/ssl-manager/providers/ctcccloud-ao/ctcccloud_ao_test.go new file mode 100644 index 00000000..991b6e86 --- /dev/null +++ b/pkg/core/ssl-manager/providers/ctcccloud-ao/ctcccloud_ao_test.go @@ -0,0 +1,72 @@ +package ctcccloudao_test + +import ( + "context" + "encoding/json" + "flag" + "fmt" + "os" + "strings" + "testing" + + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-ao" +) + +var ( + fInputCertPath string + fInputKeyPath string + fAccessKeyId string + fSecretAccessKey string +) + +func init() { + argsPrefix := "CERTIMATE_SSLMANAGER_CTCCCLOUDAO_" + + flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") + flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") + flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") + flag.StringVar(&fSecretAccessKey, argsPrefix+"SECRETACCESSKEY", "", "") +} + +/* +Shell command to run this test: + + go test -v ./ctcccloud_ao_test.go -args \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDAO_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDAO_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDAO_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDAO_SECRETACCESSKEY="your-secret-access-key" +*/ +func TestDeploy(t *testing.T) { + flag.Parse() + + t.Run("Deploy", func(t *testing.T) { + t.Log(strings.Join([]string{ + "args:", + fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), + fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), + fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), + fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), + }, "\n")) + + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ + AccessKeyId: fAccessKeyId, + SecretAccessKey: fSecretAccessKey, + }) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + fInputCertData, _ := os.ReadFile(fInputCertPath) + fInputKeyData, _ := os.ReadFile(fInputKeyPath) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + sres, _ := json.Marshal(res) + t.Logf("ok: %s", string(sres)) + }) +} diff --git a/pkg/core/ssl-manager/providers/ctcccloud-cdn/ctcccloud_cdn.go b/pkg/core/ssl-manager/providers/ctcccloud-cdn/ctcccloud_cdn.go new file mode 100644 index 00000000..3158d377 --- /dev/null +++ b/pkg/core/ssl-manager/providers/ctcccloud-cdn/ctcccloud_cdn.go @@ -0,0 +1,171 @@ +package ctcccloudcdn + +import ( + "context" + "errors" + "fmt" + "log/slog" + "slices" + "strings" + "time" + + "github.com/certimate-go/certimate/pkg/core" + ctyuncdn "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/cdn" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLManagerProviderConfig struct { + // 天翼云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 天翼云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` +} + +type SSLManagerProvider struct { + config *SSLManagerProviderConfig + logger *slog.Logger + sdkClient *ctyuncdn.Client +} + +var _ core.SSLManager = (*SSLManagerProvider)(nil) + +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl manager provider is nil") + } + + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLManagerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + m.logger = slog.New(slog.DiscardHandler) + } else { + m.logger = logger + } +} + +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 解析证书内容 + certX509, err := xcert.ParseCertificateFromPEM(certPEM) + if err != nil { + return nil, err + } + + // 查询证书列表,避免重复上传 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=108&api=10901&data=161&isNormal=1&vid=154 + queryCertListPage := int32(1) + queryCertListPerPage := int32(1000) + for { + select { + case <-ctx.Done(): + return nil, ctx.Err() + default: + } + + queryCertListReq := &ctyuncdn.QueryCertListRequest{ + Page: xtypes.ToPtr(queryCertListPage), + PerPage: xtypes.ToPtr(queryCertListPerPage), + UsageMode: xtypes.ToPtr(int32(0)), + } + queryCertListResp, err := m.sdkClient.QueryCertList(queryCertListReq) + m.logger.Debug("sdk request 'cdn.QueryCertList'", slog.Any("request", queryCertListReq), slog.Any("response", queryCertListResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cdn.QueryCertList': %w", err) + } + + if queryCertListResp.ReturnObj != nil { + for _, certRecord := range queryCertListResp.ReturnObj.Results { + // 对比证书通用名称 + if !strings.EqualFold(certX509.Subject.CommonName, certRecord.CN) { + continue + } + + // 对比证书扩展名称 + if !slices.Equal(certX509.DNSNames, certRecord.SANs) { + continue + } + + // 对比证书有效期 + if !certX509.NotBefore.Equal(time.Unix(certRecord.IssueTime, 0).UTC()) { + continue + } else if !certX509.NotAfter.Equal(time.Unix(certRecord.ExpiresTime, 0).UTC()) { + continue + } + + // 查询证书详情 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=108&api=10899&data=161&isNormal=1&vid=154 + queryCertDetailReq := &ctyuncdn.QueryCertDetailRequest{ + Id: xtypes.ToPtr(certRecord.Id), + } + queryCertDetailResp, err := m.sdkClient.QueryCertDetail(queryCertDetailReq) + m.logger.Debug("sdk request 'cdn.QueryCertDetail'", slog.Any("request", queryCertDetailReq), slog.Any("response", queryCertDetailResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cdn.QueryCertDetail': %w", err) + } else if queryCertDetailResp.ReturnObj != nil && queryCertDetailResp.ReturnObj.Result != nil { + var isSameCert bool + if queryCertDetailResp.ReturnObj.Result.Certs == certPEM { + isSameCert = true + } else { + oldCertX509, err := xcert.ParseCertificateFromPEM(queryCertDetailResp.ReturnObj.Result.Certs) + if err != nil { + continue + } + + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) + } + + // 如果已存在相同证书,直接返回 + if isSameCert { + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", queryCertDetailResp.ReturnObj.Result.Id), + CertName: queryCertDetailResp.ReturnObj.Result.Name, + }, nil + } + } + } + } + + if queryCertListResp.ReturnObj == nil || len(queryCertListResp.ReturnObj.Results) < int(queryCertListPerPage) { + break + } else { + queryCertListPage++ + } + } + + // 生成新证书名(需符合天翼云命名规则) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + + // 创建证书 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=108&api=10893&data=161&isNormal=1&vid=154 + createCertReq := &ctyuncdn.CreateCertRequest{ + Name: xtypes.ToPtr(certName), + Certs: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), + } + createCertResp, err := m.sdkClient.CreateCert(createCertReq) + m.logger.Debug("sdk request 'cdn.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cdn.CreateCert': %w", err) + } + + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", createCertResp.ReturnObj.Id), + CertName: certName, + }, nil +} + +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyuncdn.Client, error) { + return ctyuncdn.NewClient(accessKeyId, secretAccessKey) +} diff --git a/pkg/core/ssl-manager/providers/ctcccloud-cdn/ctcccloud_cdn_test.go b/pkg/core/ssl-manager/providers/ctcccloud-cdn/ctcccloud_cdn_test.go new file mode 100644 index 00000000..660ddef3 --- /dev/null +++ b/pkg/core/ssl-manager/providers/ctcccloud-cdn/ctcccloud_cdn_test.go @@ -0,0 +1,72 @@ +package ctcccloudcdn_test + +import ( + "context" + "encoding/json" + "flag" + "fmt" + "os" + "strings" + "testing" + + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-cdn" +) + +var ( + fInputCertPath string + fInputKeyPath string + fAccessKeyId string + fSecretAccessKey string +) + +func init() { + argsPrefix := "CERTIMATE_SSLMANAGER_CTCCCLOUDCDN_" + + flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") + flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") + flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") + flag.StringVar(&fSecretAccessKey, argsPrefix+"SECRETACCESSKEY", "", "") +} + +/* +Shell command to run this test: + + go test -v ./ctcccloud_cdn_test.go -args \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDCDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDCDN_SECRETACCESSKEY="your-secret-access-key" +*/ +func TestDeploy(t *testing.T) { + flag.Parse() + + t.Run("Deploy", func(t *testing.T) { + t.Log(strings.Join([]string{ + "args:", + fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), + fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), + fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), + fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), + }, "\n")) + + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ + AccessKeyId: fAccessKeyId, + SecretAccessKey: fSecretAccessKey, + }) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + fInputCertData, _ := os.ReadFile(fInputCertPath) + fInputKeyData, _ := os.ReadFile(fInputKeyPath) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + sres, _ := json.Marshal(res) + t.Logf("ok: %s", string(sres)) + }) +} diff --git a/pkg/core/ssl-manager/providers/ctcccloud-cms/ctcccloud_cms.go b/pkg/core/ssl-manager/providers/ctcccloud-cms/ctcccloud_cms.go new file mode 100644 index 00000000..c05ce078 --- /dev/null +++ b/pkg/core/ssl-manager/providers/ctcccloud-cms/ctcccloud_cms.go @@ -0,0 +1,185 @@ +package ctcccloudcms + +import ( + "context" + "crypto/sha1" + "encoding/hex" + "errors" + "fmt" + "log/slog" + "strings" + "time" + + "github.com/certimate-go/certimate/pkg/core" + ctyuncms "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/cms" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLManagerProviderConfig struct { + // 天翼云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 天翼云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` +} + +type SSLManagerProvider struct { + config *SSLManagerProviderConfig + logger *slog.Logger + sdkClient *ctyuncms.Client +} + +var _ core.SSLManager = (*SSLManagerProvider)(nil) + +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl manager provider is nil") + } + + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLManagerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + m.logger = slog.New(slog.DiscardHandler) + } else { + m.logger = logger + } +} + +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 遍历证书列表,避免重复上传 + if res, _ := m.findCertIfExists(ctx, certPEM); res != nil { + return res, nil + } + + // 提取服务器证书 + serverCertPEM, intermediaCertPEM, err := xcert.ExtractCertificatesFromPEM(certPEM) + if err != nil { + return nil, fmt.Errorf("failed to extract certs: %w", err) + } + + // 生成新证书名(需符合天翼云命名规则) + certName := fmt.Sprintf("cm%d", time.Now().Unix()) + + // 上传证书 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=152&api=17243&data=204&isNormal=1&vid=283 + uploadCertificateReq := &ctyuncms.UploadCertificateRequest{ + Name: xtypes.ToPtr(certName), + Certificate: xtypes.ToPtr(serverCertPEM), + CertificateChain: xtypes.ToPtr(intermediaCertPEM), + PrivateKey: xtypes.ToPtr(privkeyPEM), + EncryptionStandard: xtypes.ToPtr("INTERNATIONAL"), + } + uploadCertificateResp, err := m.sdkClient.UploadCertificate(uploadCertificateReq) + m.logger.Debug("sdk request 'cms.UploadCertificate'", slog.Any("request", uploadCertificateReq), slog.Any("response", uploadCertificateResp)) + if err != nil { + if uploadCertificateResp != nil && uploadCertificateResp.GetError() == "CCMS_100000067" { + if res, err := m.findCertIfExists(ctx, certPEM); err != nil { + return nil, err + } else if res == nil { + return nil, errors.New("ctyun cms: no certificate found") + } else { + m.logger.Info("ssl certificate already exists") + return res, nil + } + } + + return nil, fmt.Errorf("failed to execute sdk request 'cms.UploadCertificate': %w", err) + } + + // 遍历证书列表,获取刚刚上传证书 ID + if res, err := m.findCertIfExists(ctx, certPEM); err != nil { + return nil, err + } else if res == nil { + return nil, fmt.Errorf("no ssl certificate found, may be upload failed") + } else { + return res, nil + } +} + +func (m *SSLManagerProvider) findCertIfExists(ctx context.Context, certPEM string) (*core.SSLManageUploadResult, error) { + // 解析证书内容 + certX509, err := xcert.ParseCertificateFromPEM(certPEM) + if err != nil { + return nil, err + } + + // 查询用户证书列表 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=152&api=17233&data=204&isNormal=1&vid=283 + getCertificateListPageNum := int32(1) + getCertificateListPageSize := int32(10) + for { + select { + case <-ctx.Done(): + return nil, ctx.Err() + default: + } + + getCertificateListReq := &ctyuncms.GetCertificateListRequest{ + PageNum: xtypes.ToPtr(getCertificateListPageNum), + PageSize: xtypes.ToPtr(getCertificateListPageSize), + Keyword: xtypes.ToPtr(certX509.Subject.CommonName), + Origin: xtypes.ToPtr("UPLOAD"), + } + getCertificateListResp, err := m.sdkClient.GetCertificateList(getCertificateListReq) + m.logger.Debug("sdk request 'cms.GetCertificateList'", slog.Any("request", getCertificateListReq), slog.Any("response", getCertificateListResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cms.GetCertificateList': %w", err) + } + + if getCertificateListResp.ReturnObj != nil { + fingerprint := sha1.Sum(certX509.Raw) + fingerprintHex := hex.EncodeToString(fingerprint[:]) + + for _, certRecord := range getCertificateListResp.ReturnObj.List { + // 对比证书名称 + if !strings.EqualFold(strings.Join(certX509.DNSNames, ","), certRecord.DomainName) { + continue + } + + // 对比证书有效期 + oldCertNotBefore, _ := time.Parse("2006-01-02T15:04:05Z", certRecord.IssueTime) + oldCertNotAfter, _ := time.Parse("2006-01-02T15:04:05Z", certRecord.ExpireTime) + if !certX509.NotBefore.Equal(oldCertNotBefore) { + continue + } else if !certX509.NotAfter.Equal(oldCertNotAfter) { + continue + } + + // 对比证书指纹 + if !strings.EqualFold(fingerprintHex, certRecord.Fingerprint) { + continue + } + + // 如果以上信息都一致,则视为已存在相同证书,直接返回 + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ + CertId: string(*&certRecord.Id), + CertName: certRecord.Name, + }, nil + } + } + + if getCertificateListResp.ReturnObj == nil || len(getCertificateListResp.ReturnObj.List) < int(getCertificateListPageSize) { + break + } else { + getCertificateListPageNum++ + } + } + + return nil, nil +} + +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyuncms.Client, error) { + return ctyuncms.NewClient(accessKeyId, secretAccessKey) +} diff --git a/pkg/core/ssl-manager/providers/ctcccloud-cms/ctcccloud_cms_test.go b/pkg/core/ssl-manager/providers/ctcccloud-cms/ctcccloud_cms_test.go new file mode 100644 index 00000000..3b7b7bc2 --- /dev/null +++ b/pkg/core/ssl-manager/providers/ctcccloud-cms/ctcccloud_cms_test.go @@ -0,0 +1,72 @@ +package ctcccloudcms_test + +import ( + "context" + "encoding/json" + "flag" + "fmt" + "os" + "strings" + "testing" + + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-cms" +) + +var ( + fInputCertPath string + fInputKeyPath string + fAccessKeyId string + fSecretAccessKey string +) + +func init() { + argsPrefix := "CERTIMATE_SSLMANAGER_CTCCCLOUDCMS_" + + flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") + flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") + flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") + flag.StringVar(&fSecretAccessKey, argsPrefix+"SECRETACCESSKEY", "", "") +} + +/* +Shell command to run this test: + + go test -v ./ctcccloud_cms_test.go -args \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDCMS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDCMS_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDCMS_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDCMS_SECRETACCESSKEY="your-secret-access-key" +*/ +func TestDeploy(t *testing.T) { + flag.Parse() + + t.Run("Deploy", func(t *testing.T) { + t.Log(strings.Join([]string{ + "args:", + fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), + fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), + fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), + fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), + }, "\n")) + + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ + AccessKeyId: fAccessKeyId, + SecretAccessKey: fSecretAccessKey, + }) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + fInputCertData, _ := os.ReadFile(fInputCertPath) + fInputKeyData, _ := os.ReadFile(fInputKeyPath) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + sres, _ := json.Marshal(res) + t.Logf("ok: %s", string(sres)) + }) +} diff --git a/pkg/core/ssl-manager/providers/ctcccloud-elb/ctcccloud_elb.go b/pkg/core/ssl-manager/providers/ctcccloud-elb/ctcccloud_elb.go new file mode 100644 index 00000000..4103d41d --- /dev/null +++ b/pkg/core/ssl-manager/providers/ctcccloud-elb/ctcccloud_elb.go @@ -0,0 +1,133 @@ +package ctcccloudelb + +import ( + "context" + "errors" + "fmt" + "log/slog" + "time" + + "github.com/google/uuid" + + "github.com/certimate-go/certimate/pkg/core" + ctyunelb "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/elb" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLManagerProviderConfig struct { + // 天翼云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 天翼云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` + // 天翼云资源池 ID。 + RegionId string `json:"regionId"` +} + +type SSLManagerProvider struct { + config *SSLManagerProviderConfig + logger *slog.Logger + sdkClient *ctyunelb.Client +} + +var _ core.SSLManager = (*SSLManagerProvider)(nil) + +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl manager provider is nil") + } + + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLManagerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + m.logger = slog.New(slog.DiscardHandler) + } else { + m.logger = logger + } +} + +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 解析证书内容 + certX509, err := xcert.ParseCertificateFromPEM(certPEM) + if err != nil { + return nil, err + } + + // 查询证书列表,避免重复上传 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=24&api=5692&data=88&isNormal=1&vid=82 + listCertificatesReq := &ctyunelb.ListCertificatesRequest{ + RegionID: xtypes.ToPtr(m.config.RegionId), + } + listCertificatesResp, err := m.sdkClient.ListCertificates(listCertificatesReq) + m.logger.Debug("sdk request 'elb.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'elb.ListCertificates': %w", err) + } else { + for _, certRecord := range listCertificatesResp.ReturnObj { + var isSameCert bool + if certRecord.Certificate == certPEM { + isSameCert = true + } else { + oldCertX509, err := xcert.ParseCertificateFromPEM(certRecord.Certificate) + if err != nil { + continue + } + + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) + } + + // 如果已存在相同证书,直接返回 + if isSameCert { + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ + CertId: certRecord.ID, + CertName: certRecord.Name, + }, nil + } + } + } + + // 生成新证书名(需符合天翼云命名规则) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + + // 创建证书 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=24&api=5685&data=88&isNormal=1&vid=82 + createCertificateReq := &ctyunelb.CreateCertificateRequest{ + ClientToken: xtypes.ToPtr(generateClientToken()), + RegionID: xtypes.ToPtr(m.config.RegionId), + Name: xtypes.ToPtr(certName), + Description: xtypes.ToPtr("upload from certimate"), + Type: xtypes.ToPtr("Server"), + Certificate: xtypes.ToPtr(certPEM), + PrivateKey: xtypes.ToPtr(privkeyPEM), + } + createCertificateResp, err := m.sdkClient.CreateCertificate(createCertificateReq) + m.logger.Debug("sdk request 'elb.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'elb.CreateCertificate': %w", err) + } + + return &core.SSLManageUploadResult{ + CertId: createCertificateResp.ReturnObj.ID, + CertName: certName, + }, nil +} + +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyunelb.Client, error) { + return ctyunelb.NewClient(accessKeyId, secretAccessKey) +} + +func generateClientToken() string { + return uuid.New().String() +} diff --git a/pkg/core/ssl-manager/providers/ctcccloud-elb/ctcccloud_elb_test.go b/pkg/core/ssl-manager/providers/ctcccloud-elb/ctcccloud_elb_test.go new file mode 100644 index 00000000..79293bfb --- /dev/null +++ b/pkg/core/ssl-manager/providers/ctcccloud-elb/ctcccloud_elb_test.go @@ -0,0 +1,77 @@ +package ctcccloudelb_test + +import ( + "context" + "encoding/json" + "flag" + "fmt" + "os" + "strings" + "testing" + + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-elb" +) + +var ( + fInputCertPath string + fInputKeyPath string + fAccessKeyId string + fSecretAccessKey string + fRegionId string +) + +func init() { + argsPrefix := "CERTIMATE_SSLMANAGER_CTCCCLOUDELB_" + + flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") + flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") + flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") + flag.StringVar(&fSecretAccessKey, argsPrefix+"SECRETACCESSKEY", "", "") + flag.StringVar(&fRegionId, argsPrefix+"REGIONID", "", "") +} + +/* +Shell command to run this test: + + go test -v ./ctcccloud_elb_test.go -args \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDELB_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDELB_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDELB_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDELB_SECRETACCESSKEY="your-secret-access-key" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDELB_REGIONID="your-region-id" +*/ +func TestDeploy(t *testing.T) { + flag.Parse() + + t.Run("Deploy", func(t *testing.T) { + t.Log(strings.Join([]string{ + "args:", + fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), + fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), + fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), + fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), + fmt.Sprintf("REGIONID: %v", fRegionId), + }, "\n")) + + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ + AccessKeyId: fAccessKeyId, + SecretAccessKey: fSecretAccessKey, + RegionId: fRegionId, + }) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + fInputCertData, _ := os.ReadFile(fInputCertPath) + fInputKeyData, _ := os.ReadFile(fInputKeyPath) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + sres, _ := json.Marshal(res) + t.Logf("ok: %s", string(sres)) + }) +} diff --git a/pkg/core/ssl-manager/providers/ctcccloud-icdn/ctcccloud_icdn.go b/pkg/core/ssl-manager/providers/ctcccloud-icdn/ctcccloud_icdn.go new file mode 100644 index 00000000..5c9b0070 --- /dev/null +++ b/pkg/core/ssl-manager/providers/ctcccloud-icdn/ctcccloud_icdn.go @@ -0,0 +1,171 @@ +package ctcccloudicdn + +import ( + "context" + "errors" + "fmt" + "log/slog" + "slices" + "strings" + "time" + + "github.com/certimate-go/certimate/pkg/core" + ctyunicdn "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/icdn" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLManagerProviderConfig struct { + // 天翼云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 天翼云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` +} + +type SSLManagerProvider struct { + config *SSLManagerProviderConfig + logger *slog.Logger + sdkClient *ctyunicdn.Client +} + +var _ core.SSLManager = (*SSLManagerProvider)(nil) + +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl manager provider is nil") + } + + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLManagerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + m.logger = slog.New(slog.DiscardHandler) + } else { + m.logger = logger + } +} + +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 解析证书内容 + certX509, err := xcert.ParseCertificateFromPEM(certPEM) + if err != nil { + return nil, err + } + + // 查询证书列表,避免重复上传 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=112&api=10838&data=173&isNormal=1&vid=166 + queryCertListPage := int32(1) + queryCertListPerPage := int32(1000) + for { + select { + case <-ctx.Done(): + return nil, ctx.Err() + default: + } + + queryCertListReq := &ctyunicdn.QueryCertListRequest{ + Page: xtypes.ToPtr(queryCertListPage), + PerPage: xtypes.ToPtr(queryCertListPerPage), + UsageMode: xtypes.ToPtr(int32(0)), + } + queryCertListResp, err := m.sdkClient.QueryCertList(queryCertListReq) + m.logger.Debug("sdk request 'icdn.QueryCertList'", slog.Any("request", queryCertListReq), slog.Any("response", queryCertListResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'icdn.QueryCertList': %w", err) + } + + if queryCertListResp.ReturnObj != nil { + for _, certRecord := range queryCertListResp.ReturnObj.Results { + // 对比证书通用名称 + if !strings.EqualFold(certX509.Subject.CommonName, certRecord.CN) { + continue + } + + // 对比证书扩展名称 + if !slices.Equal(certX509.DNSNames, certRecord.SANs) { + continue + } + + // 对比证书有效期 + if !certX509.NotBefore.Equal(time.Unix(certRecord.IssueTime, 0).UTC()) { + continue + } else if !certX509.NotAfter.Equal(time.Unix(certRecord.ExpiresTime, 0).UTC()) { + continue + } + + // 查询证书详情 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=112&api=10837&data=173&isNormal=1&vid=166 + queryCertDetailReq := &ctyunicdn.QueryCertDetailRequest{ + Id: xtypes.ToPtr(certRecord.Id), + } + queryCertDetailResp, err := m.sdkClient.QueryCertDetail(queryCertDetailReq) + m.logger.Debug("sdk request 'icdn.QueryCertDetail'", slog.Any("request", queryCertDetailReq), slog.Any("response", queryCertDetailResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'icdn.QueryCertDetail': %w", err) + } else if queryCertDetailResp.ReturnObj != nil && queryCertDetailResp.ReturnObj.Result != nil { + var isSameCert bool + if queryCertDetailResp.ReturnObj.Result.Certs == certPEM { + isSameCert = true + } else { + oldCertX509, err := xcert.ParseCertificateFromPEM(queryCertDetailResp.ReturnObj.Result.Certs) + if err != nil { + continue + } + + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) + } + + // 如果已存在相同证书,直接返回 + if isSameCert { + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", queryCertDetailResp.ReturnObj.Result.Id), + CertName: queryCertDetailResp.ReturnObj.Result.Name, + }, nil + } + } + } + } + + if queryCertListResp.ReturnObj == nil || len(queryCertListResp.ReturnObj.Results) < int(queryCertListPerPage) { + break + } else { + queryCertListPage++ + } + } + + // 生成新证书名(需符合天翼云命名规则) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + + // 创建证书 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=112&api=10835&data=173&isNormal=1&vid=166 + createCertReq := &ctyunicdn.CreateCertRequest{ + Name: xtypes.ToPtr(certName), + Certs: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), + } + createCertResp, err := m.sdkClient.CreateCert(createCertReq) + m.logger.Debug("sdk request 'icdn.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'icdn.CreateCert': %w", err) + } + + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", createCertResp.ReturnObj.Id), + CertName: certName, + }, nil +} + +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyunicdn.Client, error) { + return ctyunicdn.NewClient(accessKeyId, secretAccessKey) +} diff --git a/pkg/core/ssl-manager/providers/ctcccloud-icdn/ctcccloud_icdn_test.go b/pkg/core/ssl-manager/providers/ctcccloud-icdn/ctcccloud_icdn_test.go new file mode 100644 index 00000000..c4addfca --- /dev/null +++ b/pkg/core/ssl-manager/providers/ctcccloud-icdn/ctcccloud_icdn_test.go @@ -0,0 +1,72 @@ +package ctcccloudicdn_test + +import ( + "context" + "encoding/json" + "flag" + "fmt" + "os" + "strings" + "testing" + + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-icdn" +) + +var ( + fInputCertPath string + fInputKeyPath string + fAccessKeyId string + fSecretAccessKey string +) + +func init() { + argsPrefix := "CERTIMATE_SSLMANAGER_CTCCCLOUDICDN_" + + flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") + flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") + flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") + flag.StringVar(&fSecretAccessKey, argsPrefix+"SECRETACCESSKEY", "", "") +} + +/* +Shell command to run this test: + + go test -v ./ctcccloud_icdn_test.go -args \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDICDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDICDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDICDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDICDN_SECRETACCESSKEY="your-secret-access-key" +*/ +func TestDeploy(t *testing.T) { + flag.Parse() + + t.Run("Deploy", func(t *testing.T) { + t.Log(strings.Join([]string{ + "args:", + fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), + fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), + fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), + fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), + }, "\n")) + + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ + AccessKeyId: fAccessKeyId, + SecretAccessKey: fSecretAccessKey, + }) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + fInputCertData, _ := os.ReadFile(fInputCertPath) + fInputKeyData, _ := os.ReadFile(fInputKeyPath) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + sres, _ := json.Marshal(res) + t.Logf("ok: %s", string(sres)) + }) +} diff --git a/pkg/core/ssl-manager/providers/ctcccloud-lvdn/ctcccloud_lvdn.go b/pkg/core/ssl-manager/providers/ctcccloud-lvdn/ctcccloud_lvdn.go new file mode 100644 index 00000000..dbcd4869 --- /dev/null +++ b/pkg/core/ssl-manager/providers/ctcccloud-lvdn/ctcccloud_lvdn.go @@ -0,0 +1,171 @@ +package ctcccloudlvdn + +import ( + "context" + "errors" + "fmt" + "log/slog" + "slices" + "strings" + "time" + + "github.com/certimate-go/certimate/pkg/core" + ctyunlvdn "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/lvdn" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" +) + +type SSLManagerProviderConfig struct { + // 天翼云 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 天翼云 SecretAccessKey。 + SecretAccessKey string `json:"secretAccessKey"` +} + +type SSLManagerProvider struct { + config *SSLManagerProviderConfig + logger *slog.Logger + sdkClient *ctyunlvdn.Client +} + +var _ core.SSLManager = (*SSLManagerProvider)(nil) + +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl manager provider is nil") + } + + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLManagerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + m.logger = slog.New(slog.DiscardHandler) + } else { + m.logger = logger + } +} + +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 解析证书内容 + certX509, err := xcert.ParseCertificateFromPEM(certPEM) + if err != nil { + return nil, err + } + + // 查询证书列表,避免重复上传 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=125&api=11452&data=183&isNormal=1&vid=261 + queryCertListPage := int32(1) + queryCertListPerPage := int32(1000) + for { + select { + case <-ctx.Done(): + return nil, ctx.Err() + default: + } + + queryCertListReq := &ctyunlvdn.QueryCertListRequest{ + Page: xtypes.ToPtr(queryCertListPage), + PerPage: xtypes.ToPtr(queryCertListPerPage), + UsageMode: xtypes.ToPtr(int32(0)), + } + queryCertListResp, err := m.sdkClient.QueryCertList(queryCertListReq) + m.logger.Debug("sdk request 'lvdn.QueryCertList'", slog.Any("request", queryCertListReq), slog.Any("response", queryCertListResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'lvdn.QueryCertList': %w", err) + } + + if queryCertListResp.ReturnObj != nil { + for _, certRecord := range queryCertListResp.ReturnObj.Results { + // 对比证书通用名称 + if !strings.EqualFold(certX509.Subject.CommonName, certRecord.CN) { + continue + } + + // 对比证书扩展名称 + if !slices.Equal(certX509.DNSNames, certRecord.SANs) { + continue + } + + // 对比证书有效期 + if !certX509.NotBefore.Equal(time.Unix(certRecord.IssueTime, 0).UTC()) { + continue + } else if !certX509.NotAfter.Equal(time.Unix(certRecord.ExpiresTime, 0).UTC()) { + continue + } + + // 查询证书详情 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=125&api=11449&data=183&isNormal=1&vid=261 + queryCertDetailReq := &ctyunlvdn.QueryCertDetailRequest{ + Id: xtypes.ToPtr(certRecord.Id), + } + queryCertDetailResp, err := m.sdkClient.QueryCertDetail(queryCertDetailReq) + m.logger.Debug("sdk request 'lvdn.QueryCertDetail'", slog.Any("request", queryCertDetailReq), slog.Any("response", queryCertDetailResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'lvdn.QueryCertDetail': %w", err) + } else if queryCertDetailResp.ReturnObj != nil && queryCertDetailResp.ReturnObj.Result != nil { + var isSameCert bool + if queryCertDetailResp.ReturnObj.Result.Certs == certPEM { + isSameCert = true + } else { + oldCertX509, err := xcert.ParseCertificateFromPEM(queryCertDetailResp.ReturnObj.Result.Certs) + if err != nil { + continue + } + + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) + } + + // 如果已存在相同证书,直接返回 + if isSameCert { + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", queryCertDetailResp.ReturnObj.Result.Id), + CertName: queryCertDetailResp.ReturnObj.Result.Name, + }, nil + } + } + } + } + + if queryCertListResp.ReturnObj == nil || len(queryCertListResp.ReturnObj.Results) < int(queryCertListPerPage) { + break + } else { + queryCertListPage++ + } + } + + // 生成新证书名(需符合天翼云命名规则) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + + // 创建证书 + // REF: https://eop.ctyun.cn/ebp/ctapiDocument/search?sid=125&api=11436&data=183&isNormal=1&vid=261 + createCertReq := &ctyunlvdn.CreateCertRequest{ + Name: xtypes.ToPtr(certName), + Certs: xtypes.ToPtr(certPEM), + Key: xtypes.ToPtr(privkeyPEM), + } + createCertResp, err := m.sdkClient.CreateCert(createCertReq) + m.logger.Debug("sdk request 'lvdn.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'lvdn.CreateCert': %w", err) + } + + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", createCertResp.ReturnObj.Id), + CertName: certName, + }, nil +} + +func createSDKClient(accessKeyId, secretAccessKey string) (*ctyunlvdn.Client, error) { + return ctyunlvdn.NewClient(accessKeyId, secretAccessKey) +} diff --git a/pkg/core/ssl-manager/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go b/pkg/core/ssl-manager/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go new file mode 100644 index 00000000..95cf83a0 --- /dev/null +++ b/pkg/core/ssl-manager/providers/ctcccloud-lvdn/ctcccloud_lvdn_test.go @@ -0,0 +1,72 @@ +package ctcccloudlvdn_test + +import ( + "context" + "encoding/json" + "flag" + "fmt" + "os" + "strings" + "testing" + + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ctcccloud-lvdn" +) + +var ( + fInputCertPath string + fInputKeyPath string + fAccessKeyId string + fSecretAccessKey string +) + +func init() { + argsPrefix := "CERTIMATE_SSLMANAGER_CTCCCLOUDLVDN_" + + flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") + flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") + flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") + flag.StringVar(&fSecretAccessKey, argsPrefix+"SECRETACCESSKEY", "", "") +} + +/* +Shell command to run this test: + + go test -v ./ctcccloud_lvdn_test.go -args \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDLVDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDLVDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDLVDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_CTCCCLOUDLVDN_SECRETACCESSKEY="your-secret-access-key" +*/ +func TestDeploy(t *testing.T) { + flag.Parse() + + t.Run("Deploy", func(t *testing.T) { + t.Log(strings.Join([]string{ + "args:", + fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), + fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), + fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), + fmt.Sprintf("SECRETACCESSKEY: %v", fSecretAccessKey), + }, "\n")) + + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ + AccessKeyId: fAccessKeyId, + SecretAccessKey: fSecretAccessKey, + }) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + fInputCertData, _ := os.ReadFile(fInputCertPath) + fInputKeyData, _ := os.ReadFile(fInputKeyPath) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + sres, _ := json.Marshal(res) + t.Logf("ok: %s", string(sres)) + }) +} diff --git a/pkg/core/ssl-manager/providers/dogecloud/dogecloud.go b/pkg/core/ssl-manager/providers/dogecloud/dogecloud.go new file mode 100644 index 00000000..a8e09959 --- /dev/null +++ b/pkg/core/ssl-manager/providers/dogecloud/dogecloud.go @@ -0,0 +1,79 @@ +package dogecloud + +import ( + "context" + "errors" + "fmt" + "log/slog" + "time" + + "github.com/certimate-go/certimate/pkg/core" + dogesdk "github.com/certimate-go/certimate/pkg/sdk3rd/dogecloud" +) + +type SSLManagerProviderConfig struct { + // 多吉云 AccessKey。 + AccessKey string `json:"accessKey"` + // 多吉云 SecretKey。 + SecretKey string `json:"secretKey"` +} + +type SSLManagerProvider struct { + config *SSLManagerProviderConfig + logger *slog.Logger + sdkClient *dogesdk.Client +} + +var _ core.SSLManager = (*SSLManagerProvider)(nil) + +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl manager provider is nil") + } + + client, err := createSDKClient(config.AccessKey, config.SecretKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLManagerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + m.logger = slog.New(slog.DiscardHandler) + } else { + m.logger = logger + } +} + +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 生成新证书名(需符合多吉云命名规则) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + + // 上传新证书 + // REF: https://docs.dogecloud.com/cdn/api-cert-upload + uploadSslCertReq := &dogesdk.UploadCdnCertRequest{ + Note: certName, + Certificate: certPEM, + PrivateKey: privkeyPEM, + } + uploadSslCertResp, err := m.sdkClient.UploadCdnCert(uploadSslCertReq) + m.logger.Debug("sdk request 'cdn.UploadCdnCert'", slog.Any("request", uploadSslCertReq), slog.Any("response", uploadSslCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cdn.UploadCdnCert': %w", err) + } + + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", uploadSslCertResp.Data.Id), + CertName: certName, + }, nil +} + +func createSDKClient(accessKey, secretKey string) (*dogesdk.Client, error) { + return dogesdk.NewClient(accessKey, secretKey) +} diff --git a/pkg/core/ssl-manager/providers/gcore-cdn/gcore_cdn.go b/pkg/core/ssl-manager/providers/gcore-cdn/gcore_cdn.go new file mode 100644 index 00000000..34539aa2 --- /dev/null +++ b/pkg/core/ssl-manager/providers/gcore-cdn/gcore_cdn.go @@ -0,0 +1,88 @@ +package gcorecdn + +import ( + "context" + "errors" + "fmt" + "log/slog" + "time" + + "github.com/G-Core/gcorelabscdn-go/gcore/provider" + "github.com/G-Core/gcorelabscdn-go/sslcerts" + + "github.com/certimate-go/certimate/pkg/core" + gcoresdk "github.com/certimate-go/certimate/pkg/sdk3rd/gcore" +) + +type SSLManagerProviderConfig struct { + // Gcore API Token。 + ApiToken string `json:"apiToken"` +} + +type SSLManagerProvider struct { + config *SSLManagerProviderConfig + logger *slog.Logger + sdkClient *sslcerts.Service +} + +var _ core.SSLManager = (*SSLManagerProvider)(nil) + +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl manager provider is nil") + } + + client, err := createSDKClient(config.ApiToken) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLManagerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + m.logger = slog.New(slog.DiscardHandler) + } else { + m.logger = logger + } +} + +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 新增证书 + // REF: https://api.gcore.com/docs/cdn#tag/SSL-certificates/operation/add_ssl_certificates + createCertificateReq := &sslcerts.CreateRequest{ + Name: fmt.Sprintf("certimate_%d", time.Now().UnixMilli()), + Cert: certPEM, + PrivateKey: privkeyPEM, + Automated: false, + ValidateRootCA: false, + } + createCertificateResp, err := m.sdkClient.Create(context.TODO(), createCertificateReq) + m.logger.Debug("sdk request 'sslcerts.Create'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'sslcerts.Create': %w", err) + } + + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", createCertificateResp.ID), + CertName: createCertificateResp.Name, + }, nil +} + +func createSDKClient(apiToken string) (*sslcerts.Service, error) { + if apiToken == "" { + return nil, errors.New("invalid gcore api token") + } + + requester := provider.NewClient( + gcoresdk.BASE_URL, + provider.WithSigner(gcoresdk.NewAuthRequestSigner(apiToken)), + ) + service := sslcerts.NewService(requester) + return service, nil +} diff --git a/internal/pkg/core/uploader/providers/huaweicloud-elb/huaweicloud_elb.go b/pkg/core/ssl-manager/providers/huaweicloud-elb/huaweicloud_elb.go similarity index 68% rename from internal/pkg/core/uploader/providers/huaweicloud-elb/huaweicloud_elb.go rename to pkg/core/ssl-manager/providers/huaweicloud-elb/huaweicloud_elb.go index d429c259..131572a3 100644 --- a/internal/pkg/core/uploader/providers/huaweicloud-elb/huaweicloud_elb.go +++ b/pkg/core/ssl-manager/providers/huaweicloud-elb/huaweicloud_elb.go @@ -16,12 +16,12 @@ import ( hciammodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/model" hciamregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/region" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 华为云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 华为云 SecretAccessKey。 @@ -32,43 +32,42 @@ type UploaderConfig struct { Region string `json:"region"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *hcelb.ElbClient } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -85,12 +84,12 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } listCertificatesReq := &hcelbmodel.ListCertificatesRequest{ - Limit: typeutil.ToPtr(listCertificatesLimit), + Limit: xtypes.ToPtr(listCertificatesLimit), Marker: listCertificatesMarker, Type: &[]string{"server"}, } - listCertificatesResp, err := u.sdkClient.ListCertificates(listCertificatesReq) - u.logger.Debug("sdk request 'elb.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) + listCertificatesResp, err := m.sdkClient.ListCertificates(listCertificatesReq) + m.logger.Debug("sdk request 'elb.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'elb.ListCertificates': %w", err) } @@ -101,18 +100,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if certDetail.Certificate == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(certDetail.Certificate) + oldCertX509, err := xcert.ParseCertificateFromPEM(certDetail.Certificate) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certDetail.Id, CertName: certDetail.Name, }, nil @@ -129,43 +128,40 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 获取项目 ID // REF: https://support.huaweicloud.com/api-iam/iam_06_0001.html - projectId, err := getSdkProjectId(u.config.AccessKeyId, u.config.SecretAccessKey, u.config.Region) + projectId, err := getSdkProjectId(m.config.AccessKeyId, m.config.SecretAccessKey, m.config.Region) if err != nil { return nil, fmt.Errorf("failed to get SDK project id: %w", err) } // 生成新证书名(需符合华为云命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) // 创建新证书 // REF: https://support.huaweicloud.com/api-elb/CreateCertificate.html createCertificateReq := &hcelbmodel.CreateCertificateRequest{ Body: &hcelbmodel.CreateCertificateRequestBody{ Certificate: &hcelbmodel.CreateCertificateOption{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(u.config.EnterpriseProjectId), - ProjectId: typeutil.ToPtr(projectId), - Name: typeutil.ToPtr(certName), - Certificate: typeutil.ToPtr(certPEM), - PrivateKey: typeutil.ToPtr(privkeyPEM), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(m.config.EnterpriseProjectId), + ProjectId: xtypes.ToPtr(projectId), + Name: xtypes.ToPtr(certName), + Certificate: xtypes.ToPtr(certPEM), + PrivateKey: xtypes.ToPtr(privkeyPEM), }, }, } - createCertificateResp, err := u.sdkClient.CreateCertificate(createCertificateReq) - u.logger.Debug("sdk request 'elb.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + createCertificateResp, err := m.sdkClient.CreateCertificate(createCertificateReq) + m.logger.Debug("sdk request 'elb.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'elb.CreateCertificate': %w", err) } - certId = createCertificateResp.Certificate.Id - certName = createCertificateResp.Certificate.Name - return &uploader.UploadResult{ - CertId: certId, - CertName: certName, + return &core.SSLManageUploadResult{ + CertId: createCertificateResp.Certificate.Id, + CertName: createCertificateResp.Certificate.Name, }, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcelb.ElbClient, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*hcelb.ElbClient, error) { if region == "" { region = "cn-north-4" // ELB 服务默认区域:华北四北京 } diff --git a/internal/pkg/core/uploader/providers/huaweicloud-scm/huaweicloud_scm.go b/pkg/core/ssl-manager/providers/huaweicloud-scm/huaweicloud_scm.go similarity index 63% rename from internal/pkg/core/uploader/providers/huaweicloud-scm/huaweicloud_scm.go rename to pkg/core/ssl-manager/providers/huaweicloud-scm/huaweicloud_scm.go index 4e35562e..7084aaf2 100644 --- a/internal/pkg/core/uploader/providers/huaweicloud-scm/huaweicloud_scm.go +++ b/pkg/core/ssl-manager/providers/huaweicloud-scm/huaweicloud_scm.go @@ -2,6 +2,7 @@ package huaweicloudscm import ( "context" + "errors" "fmt" "log/slog" "time" @@ -11,12 +12,12 @@ import ( hcscmmodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3/model" hcscmregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3/region" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 华为云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 华为云 SecretAccessKey。 @@ -27,43 +28,42 @@ type UploaderConfig struct { Region string `json:"region"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *hcscm.ScmClient } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -81,14 +81,14 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } listCertificatesReq := &hcscmmodel.ListCertificatesRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(u.config.EnterpriseProjectId), - Limit: typeutil.ToPtr(listCertificatesLimit), - Offset: typeutil.ToPtr(listCertificatesOffset), - SortDir: typeutil.ToPtr("DESC"), - SortKey: typeutil.ToPtr("certExpiredTime"), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(m.config.EnterpriseProjectId), + Limit: xtypes.ToPtr(listCertificatesLimit), + Offset: xtypes.ToPtr(listCertificatesOffset), + SortDir: xtypes.ToPtr("DESC"), + SortKey: xtypes.ToPtr("certExpiredTime"), } - listCertificatesResp, err := u.sdkClient.ListCertificates(listCertificatesReq) - u.logger.Debug("sdk request 'scm.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) + listCertificatesResp, err := m.sdkClient.ListCertificates(listCertificatesReq) + m.logger.Debug("sdk request 'scm.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'scm.ListCertificates': %w", err) } @@ -98,8 +98,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE exportCertificateReq := &hcscmmodel.ExportCertificateRequest{ CertificateId: certDetail.Id, } - exportCertificateResp, err := u.sdkClient.ExportCertificate(exportCertificateReq) - u.logger.Debug("sdk request 'scm.ExportCertificate'", slog.Any("request", exportCertificateReq), slog.Any("response", exportCertificateResp)) + exportCertificateResp, err := m.sdkClient.ExportCertificate(exportCertificateReq) + m.logger.Debug("sdk request 'scm.ExportCertificate'", slog.Any("request", exportCertificateReq), slog.Any("response", exportCertificateResp)) if err != nil { if exportCertificateResp != nil && exportCertificateResp.HttpStatusCode == 404 { continue @@ -111,18 +111,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if *exportCertificateResp.Certificate == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(*exportCertificateResp.Certificate) + oldCertX509, err := xcert.ParseCertificateFromPEM(*exportCertificateResp.Certificate) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certDetail.Id, CertName: certDetail.Name, }, nil @@ -138,33 +138,31 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 生成新证书名(需符合华为云命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) // 上传新证书 // REF: https://support.huaweicloud.com/api-ccm/ImportCertificate.html importCertificateReq := &hcscmmodel.ImportCertificateRequest{ Body: &hcscmmodel.ImportCertificateRequestBody{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(u.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(m.config.EnterpriseProjectId), Name: certName, Certificate: certPEM, PrivateKey: privkeyPEM, }, } - importCertificateResp, err := u.sdkClient.ImportCertificate(importCertificateReq) - u.logger.Debug("sdk request 'scm.ImportCertificate'", slog.Any("request", importCertificateReq), slog.Any("response", importCertificateResp)) + importCertificateResp, err := m.sdkClient.ImportCertificate(importCertificateReq) + m.logger.Debug("sdk request 'scm.ImportCertificate'", slog.Any("request", importCertificateReq), slog.Any("response", importCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'scm.ImportCertificate': %w", err) } - certId = *importCertificateResp.CertificateId - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: *importCertificateResp.CertificateId, CertName: certName, }, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcscm.ScmClient, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*hcscm.ScmClient, error) { if region == "" { region = "cn-north-4" // SCM 服务默认区域:华北四北京 } diff --git a/internal/pkg/core/uploader/providers/huaweicloud-waf/huaweicloud_waf.go b/pkg/core/ssl-manager/providers/huaweicloud-waf/huaweicloud_waf.go similarity index 68% rename from internal/pkg/core/uploader/providers/huaweicloud-waf/huaweicloud_waf.go rename to pkg/core/ssl-manager/providers/huaweicloud-waf/huaweicloud_waf.go index 789876ba..73492f53 100644 --- a/internal/pkg/core/uploader/providers/huaweicloud-waf/huaweicloud_waf.go +++ b/pkg/core/ssl-manager/providers/huaweicloud-waf/huaweicloud_waf.go @@ -16,12 +16,12 @@ import ( hcwafmodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/model" hcwafregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/region" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 华为云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 华为云 SecretAccessKey。 @@ -32,43 +32,42 @@ type UploaderConfig struct { Region string `json:"region"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *hcwaf.WafClient } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.SecretAccessKey, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -86,12 +85,12 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } listCertificatesReq := &hcwafmodel.ListCertificatesRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(u.config.EnterpriseProjectId), - Page: typeutil.ToPtr(listCertificatesPage), - Pagesize: typeutil.ToPtr(listCertificatesPageSize), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(m.config.EnterpriseProjectId), + Page: xtypes.ToPtr(listCertificatesPage), + Pagesize: xtypes.ToPtr(listCertificatesPageSize), } - listCertificatesResp, err := u.sdkClient.ListCertificates(listCertificatesReq) - u.logger.Debug("sdk request 'waf.ShowCertificate'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) + listCertificatesResp, err := m.sdkClient.ListCertificates(listCertificatesReq) + m.logger.Debug("sdk request 'waf.ShowCertificate'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'waf.ListCertificates': %w", err) } @@ -99,11 +98,11 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if listCertificatesResp.Items != nil { for _, certItem := range *listCertificatesResp.Items { showCertificateReq := &hcwafmodel.ShowCertificateRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(u.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(m.config.EnterpriseProjectId), CertificateId: certItem.Id, } - showCertificateResp, err := u.sdkClient.ShowCertificate(showCertificateReq) - u.logger.Debug("sdk request 'waf.ShowCertificate'", slog.Any("request", showCertificateReq), slog.Any("response", showCertificateResp)) + showCertificateResp, err := m.sdkClient.ShowCertificate(showCertificateReq) + m.logger.Debug("sdk request 'waf.ShowCertificate'", slog.Any("request", showCertificateReq), slog.Any("response", showCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'waf.ShowCertificate': %w", err) } @@ -112,18 +111,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if *showCertificateResp.Content == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(*showCertificateResp.Content) + oldCertX509, err := xcert.ParseCertificateFromPEM(*showCertificateResp.Content) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certItem.Id, CertName: certItem.Name, }, nil @@ -139,34 +138,31 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 生成新证书名(需符合华为云命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) // 创建证书 // REF: https://support.huaweicloud.com/api-waf/CreateCertificate.html createCertificateReq := &hcwafmodel.CreateCertificateRequest{ - EnterpriseProjectId: typeutil.ToPtrOrZeroNil(u.config.EnterpriseProjectId), + EnterpriseProjectId: xtypes.ToPtrOrZeroNil(m.config.EnterpriseProjectId), Body: &hcwafmodel.CreateCertificateRequestBody{ Name: certName, Content: certPEM, Key: privkeyPEM, }, } - createCertificateResp, err := u.sdkClient.CreateCertificate(createCertificateReq) - u.logger.Debug("sdk request 'waf.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + createCertificateResp, err := m.sdkClient.CreateCertificate(createCertificateReq) + m.logger.Debug("sdk request 'waf.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'waf.CreateCertificate': %w", err) } - certId = *createCertificateResp.Id - certName = *createCertificateResp.Name - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: *createCertificateResp.Id, CertName: certName, }, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcwaf.WafClient, error) { +func createSDKClient(accessKeyId, secretAccessKey, region string) (*hcwaf.WafClient, error) { projectId, err := getSdkProjectId(accessKeyId, secretAccessKey, region) if err != nil { return nil, err diff --git a/internal/pkg/core/uploader/providers/jdcloud-ssl/jdcloud_ssl.go b/pkg/core/ssl-manager/providers/jdcloud-ssl/jdcloud_ssl.go similarity index 72% rename from internal/pkg/core/uploader/providers/jdcloud-ssl/jdcloud_ssl.go rename to pkg/core/ssl-manager/providers/jdcloud-ssl/jdcloud_ssl.go index 44ed7f29..0227b568 100644 --- a/internal/pkg/core/uploader/providers/jdcloud-ssl/jdcloud_ssl.go +++ b/pkg/core/ssl-manager/providers/jdcloud-ssl/jdcloud_ssl.go @@ -4,6 +4,7 @@ import ( "context" "crypto/sha256" "encoding/hex" + "errors" "fmt" "log/slog" "strings" @@ -14,54 +15,53 @@ import ( jdsslclient "github.com/jdcloud-api/jdcloud-sdk-go/services/ssl/client" "golang.org/x/exp/slices" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 京东云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 京东云 AccessKeySecret。 AccessKeySecret string `json:"accessKeySecret"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *jdsslclient.SslClient } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -87,8 +87,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE describeCertsReq.SetDomainName(certX509.Subject.CommonName) describeCertsReq.SetPageNumber(describeCertsPageNumber) describeCertsReq.SetPageSize(describeCertsPageSize) - describeCertsResp, err := u.sdkClient.DescribeCerts(describeCertsReq) - u.logger.Debug("sdk request 'ssl.DescribeCerts'", slog.Any("request", describeCertsReq), slog.Any("response", describeCertsResp)) + describeCertsResp, err := m.sdkClient.DescribeCerts(describeCertsReq) + m.logger.Debug("sdk request 'ssl.DescribeCerts'", slog.Any("request", describeCertsReq), slog.Any("response", describeCertsResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'ssl.DescribeCerts': %w", err) } @@ -119,8 +119,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 如果以上信息都一致,则视为已存在相同证书,直接返回 - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certDetail.CertId, CertName: certDetail.CertName, }, nil @@ -139,19 +139,19 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 上传证书 // REF: https://docs.jdcloud.com/cn/ssl-certificate/api/uploadcert uploadCertReq := jdsslapi.NewUploadCertRequest(certName, privkeyPEM, certPEM) - uploadCertResp, err := u.sdkClient.UploadCert(uploadCertReq) - u.logger.Debug("sdk request 'ssl.UploadCertificate'", slog.Any("request", uploadCertReq), slog.Any("response", uploadCertResp)) + uploadCertResp, err := m.sdkClient.UploadCert(uploadCertReq) + m.logger.Debug("sdk request 'ssl.UploadCertificate'", slog.Any("request", uploadCertReq), slog.Any("response", uploadCertResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'ssl.UploadCertificate': %w", err) } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: uploadCertResp.Result.CertId, CertName: certName, }, nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*jdsslclient.SslClient, error) { +func createSDKClient(accessKeyId, accessKeySecret string) (*jdsslclient.SslClient, error) { clientCredentials := jdcore.NewCredentials(accessKeyId, accessKeySecret) client := jdsslclient.NewSslClient(clientCredentials) client.SetLogger(jdcore.NewDefaultLogger(jdcore.LogWarn)) diff --git a/internal/pkg/core/uploader/providers/jdcloud-ssl/jdcloud_ssl_test.go b/pkg/core/ssl-manager/providers/jdcloud-ssl/jdcloud_ssl_test.go similarity index 67% rename from internal/pkg/core/uploader/providers/jdcloud-ssl/jdcloud_ssl_test.go rename to pkg/core/ssl-manager/providers/jdcloud-ssl/jdcloud_ssl_test.go index 273310e0..389a9c7a 100644 --- a/internal/pkg/core/uploader/providers/jdcloud-ssl/jdcloud_ssl_test.go +++ b/pkg/core/ssl-manager/providers/jdcloud-ssl/jdcloud_ssl_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/jdcloud-ssl" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/jdcloud-ssl" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_JDCLOUDSSL_" + argsPrefix := "CERTIMATE_SSLMANAGER_JDCLOUDSSL_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./jdcloud_ssl_test.go -args \ - --CERTIMATE_UPLOADER_JDCLOUDSSL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_JDCLOUDSSL_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_JDCLOUDSSL_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_UPLOADER_JDCLOUDSSL_ACCESSKEYSECRET="your-access-key-secret" + --CERTIMATE_SSLMANAGER_JDCLOUDSSL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_JDCLOUDSSL_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_JDCLOUDSSL_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_JDCLOUDSSL_ACCESSKEYSECRET="your-access-key-secret" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/pkg/core/ssl-manager/providers/qiniu-sslcert/qiniu_sslcert.go b/pkg/core/ssl-manager/providers/qiniu-sslcert/qiniu_sslcert.go new file mode 100644 index 00000000..07775b21 --- /dev/null +++ b/pkg/core/ssl-manager/providers/qiniu-sslcert/qiniu_sslcert.go @@ -0,0 +1,93 @@ +package qiniusslcert + +import ( + "context" + "errors" + "fmt" + "log/slog" + "time" + + "github.com/qiniu/go-sdk/v7/auth" + + "github.com/certimate-go/certimate/pkg/core" + qiniusdk "github.com/certimate-go/certimate/pkg/sdk3rd/qiniu" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" +) + +type SSLManagerProviderConfig struct { + // 七牛云 AccessKey。 + AccessKey string `json:"accessKey"` + // 七牛云 SecretKey。 + SecretKey string `json:"secretKey"` +} + +type SSLManagerProvider struct { + config *SSLManagerProviderConfig + logger *slog.Logger + sdkClient *qiniusdk.CdnManager +} + +var _ core.SSLManager = (*SSLManagerProvider)(nil) + +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl manager provider is nil") + } + + client, err := createSDKClient(config.AccessKey, config.SecretKey) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLManagerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + m.logger = slog.New(slog.DiscardHandler) + } else { + m.logger = logger + } +} + +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 解析证书内容 + certX509, err := xcert.ParseCertificateFromPEM(certPEM) + if err != nil { + return nil, err + } + + // 生成新证书名(需符合七牛云命名规则) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + + // 上传新证书 + // REF: https://developer.qiniu.com/fusion/8593/interface-related-certificate + uploadSslCertResp, err := m.sdkClient.UploadSslCert(context.TODO(), certName, certX509.Subject.CommonName, certPEM, privkeyPEM) + m.logger.Debug("sdk request 'cdn.UploadSslCert'", slog.Any("response", uploadSslCertResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'cdn.UploadSslCert': %w", err) + } + + return &core.SSLManageUploadResult{ + CertId: uploadSslCertResp.CertID, + CertName: certName, + }, nil +} + +func createSDKClient(accessKey, secretKey string) (*qiniusdk.CdnManager, error) { + if secretKey == "" { + return nil, errors.New("invalid qiniu access key") + } + + if secretKey == "" { + return nil, errors.New("invalid qiniu secret key") + } + + credential := auth.New(accessKey, secretKey) + client := qiniusdk.NewCdnManager(credential) + return client, nil +} diff --git a/internal/pkg/core/uploader/providers/rainyun-sslcenter/rainyun_sslcenter.go b/pkg/core/ssl-manager/providers/rainyun-sslcenter/rainyun_sslcenter.go similarity index 57% rename from internal/pkg/core/uploader/providers/rainyun-sslcenter/rainyun_sslcenter.go rename to pkg/core/ssl-manager/providers/rainyun-sslcenter/rainyun_sslcenter.go index 613fc7a9..1fc930d6 100644 --- a/internal/pkg/core/uploader/providers/rainyun-sslcenter/rainyun_sslcenter.go +++ b/pkg/core/ssl-manager/providers/rainyun-sslcenter/rainyun_sslcenter.go @@ -7,55 +7,55 @@ import ( "log/slog" "strings" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - rainyunsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/rainyun" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + rainyunsdk "github.com/certimate-go/certimate/pkg/sdk3rd/rainyun" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 雨云 API 密钥。 ApiKey string `json:"ApiKey"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *rainyunsdk.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.ApiKey) + client, err := createSDKClient(config.ApiKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { - if res, err := u.getCertIfExists(ctx, certPEM); err != nil { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 遍历证书列表,避免重复上传 + if res, err := m.findCertIfExists(ctx, certPEM); err != nil { return nil, err } else if res != nil { - u.logger.Info("ssl certificate already exists") + m.logger.Info("ssl certificate already exists") return res, nil } @@ -65,29 +65,30 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE Cert: certPEM, Key: privkeyPEM, } - sslCenterCreateResp, err := u.sdkClient.SslCenterCreate(sslCenterCreateReq) - u.logger.Debug("sdk request 'sslcenter.Create'", slog.Any("request", sslCenterCreateReq), slog.Any("response", sslCenterCreateResp)) + sslCenterCreateResp, err := m.sdkClient.SslCenterCreate(sslCenterCreateReq) + m.logger.Debug("sdk request 'sslcenter.Create'", slog.Any("request", sslCenterCreateReq), slog.Any("response", sslCenterCreateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'sslcenter.Create': %w", err) } - if res, err := u.getCertIfExists(ctx, certPEM); err != nil { + // 遍历证书列表,获取刚刚上传证书 ID + if res, err := m.findCertIfExists(ctx, certPEM); err != nil { return nil, err } else if res == nil { - return nil, errors.New("rainyun sslcenter: no certificate found") + return nil, errors.New("no ssl certificate found, may be upload failed") } else { return res, nil } } -func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) findCertIfExists(ctx context.Context, certPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } - // 遍历 SSL 证书列表,避免重复上传 + // 遍历 SSL 证书列表 // REF: https://apifox.com/apidoc/shared/a4595cc8-44c5-4678-a2a3-eed7738dab03/api-69943046 // REF: https://apifox.com/apidoc/shared/a4595cc8-44c5-4678-a2a3-eed7738dab03/api-69943048 sslCenterListPage := int32(1) @@ -106,8 +107,8 @@ func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPEM string) Page: &sslCenterListPage, PerPage: &sslCenterListPerPage, } - sslCenterListResp, err := u.sdkClient.SslCenterList(sslCenterListReq) - u.logger.Debug("sdk request 'sslcenter.List'", slog.Any("request", sslCenterListReq), slog.Any("response", sslCenterListResp)) + sslCenterListResp, err := m.sdkClient.SslCenterList(sslCenterListReq) + m.logger.Debug("sdk request 'sslcenter.List'", slog.Any("request", sslCenterListReq), slog.Any("response", sslCenterListResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'sslcenter.List': %w", err) } @@ -125,7 +126,7 @@ func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPEM string) } // 最后对比证书内容 - sslCenterGetResp, err := u.sdkClient.SslCenterGet(sslItem.ID) + sslCenterGetResp, err := m.sdkClient.SslCenterGet(sslItem.ID) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'sslcenter.Get': %w", err) } @@ -135,18 +136,18 @@ func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPEM string) if sslCenterGetResp.Data.Cert == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(sslCenterGetResp.Data.Cert) + oldCertX509, err := xcert.ParseCertificateFromPEM(sslCenterGetResp.Data.Cert) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } } // 如果已存在相同证书,直接返回 if isSameCert { - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: fmt.Sprintf("%d", sslItem.ID), }, nil } @@ -163,11 +164,6 @@ func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPEM string) return nil, nil } -func createSdkClient(apiKey string) (*rainyunsdk.Client, error) { - if apiKey == "" { - return nil, errors.New("invalid rainyun api key") - } - - client := rainyunsdk.NewClient(apiKey) - return client, nil +func createSDKClient(apiKey string) (*rainyunsdk.Client, error) { + return rainyunsdk.NewClient(apiKey) } diff --git a/internal/pkg/core/uploader/providers/rainyun-sslcenter/rainyun_sslcenter_test.go b/pkg/core/ssl-manager/providers/rainyun-sslcenter/rainyun_sslcenter_test.go similarity index 65% rename from internal/pkg/core/uploader/providers/rainyun-sslcenter/rainyun_sslcenter_test.go rename to pkg/core/ssl-manager/providers/rainyun-sslcenter/rainyun_sslcenter_test.go index e6f801a1..2d050c43 100644 --- a/internal/pkg/core/uploader/providers/rainyun-sslcenter/rainyun_sslcenter_test.go +++ b/pkg/core/ssl-manager/providers/rainyun-sslcenter/rainyun_sslcenter_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/rainyun-sslcenter" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/rainyun-sslcenter" ) var ( @@ -19,7 +19,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_RAINYUNSSLCENTER_" + argsPrefix := "CERTIMATE_SSLMANAGER_RAINYUNSSLCENTER_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -30,9 +30,9 @@ func init() { Shell command to run this test: go test -v ./rainyun_sslcenter_test.go -args \ - --CERTIMATE_UPLOADER_RAINYUNSSLCENTER_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_RAINYUNSSLCENTER_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_RAINYUNSSLCENTER_APIKEY="your-api-key" + --CERTIMATE_SSLMANAGER_RAINYUNSSLCENTER_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_RAINYUNSSLCENTER_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_RAINYUNSSLCENTER_APIKEY="your-api-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -45,7 +45,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("APIKEY: %v", fApiKey), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ ApiKey: fApiKey, }) if err != nil { @@ -55,7 +55,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/tencentcloud-ssl/tencentcloud_ssl.go b/pkg/core/ssl-manager/providers/tencentcloud-ssl/tencentcloud_ssl.go similarity index 56% rename from internal/pkg/core/uploader/providers/tencentcloud-ssl/tencentcloud_ssl.go rename to pkg/core/ssl-manager/providers/tencentcloud-ssl/tencentcloud_ssl.go index db4e92f4..11724028 100644 --- a/internal/pkg/core/uploader/providers/tencentcloud-ssl/tencentcloud_ssl.go +++ b/pkg/core/ssl-manager/providers/tencentcloud-ssl/tencentcloud_ssl.go @@ -2,78 +2,75 @@ package tencentcloudssl import ( "context" + "errors" "fmt" "log/slog" + "github.com/certimate-go/certimate/pkg/core" "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common" "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" - - "github.com/usual2970/certimate/internal/pkg/core/uploader" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 腾讯云 SecretId。 SecretId string `json:"secretId"` // 腾讯云 SecretKey。 SecretKey string `json:"secretKey"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *tcssl.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.SecretId, config.SecretKey) + client, err := createSDKClient(config.SecretId, config.SecretKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 上传新证书 // REF: https://cloud.tencent.com/document/product/400/41665 uploadCertificateReq := tcssl.NewUploadCertificateRequest() uploadCertificateReq.CertificatePublicKey = common.StringPtr(certPEM) uploadCertificateReq.CertificatePrivateKey = common.StringPtr(privkeyPEM) uploadCertificateReq.Repeatable = common.BoolPtr(false) - uploadCertificateResp, err := u.sdkClient.UploadCertificate(uploadCertificateReq) - u.logger.Debug("sdk request 'ssl.UploadCertificate'", slog.Any("request", uploadCertificateReq), slog.Any("response", uploadCertificateResp)) + uploadCertificateResp, err := m.sdkClient.UploadCertificate(uploadCertificateReq) + m.logger.Debug("sdk request 'ssl.UploadCertificate'", slog.Any("request", uploadCertificateReq), slog.Any("response", uploadCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'ssl.UploadCertificate': %w", err) } - certId := *uploadCertificateResp.Response.CertificateId - return &uploader.UploadResult{ - CertId: certId, - CertName: "", + return &core.SSLManageUploadResult{ + CertId: *uploadCertificateResp.Response.CertificateId, }, nil } -func createSdkClient(secretId, secretKey string) (*tcssl.Client, error) { +func createSDKClient(secretId, secretKey string) (*tcssl.Client, error) { credential := common.NewCredential(secretId, secretKey) client, err := tcssl.NewClient(credential, "", profile.NewClientProfile()) if err != nil { diff --git a/internal/pkg/core/uploader/providers/ucloud-ussl/ucloud_ussl.go b/pkg/core/ssl-manager/providers/ucloud-ussl/ucloud_ussl.go similarity index 72% rename from internal/pkg/core/uploader/providers/ucloud-ussl/ucloud_ussl.go rename to pkg/core/ssl-manager/providers/ucloud-ussl/ucloud_ussl.go index acfbb214..66824412 100644 --- a/internal/pkg/core/uploader/providers/ucloud-ussl/ucloud_ussl.go +++ b/pkg/core/ssl-manager/providers/ucloud-ussl/ucloud_ussl.go @@ -15,12 +15,12 @@ import ( "github.com/ucloud/ucloud-sdk-go/ucloud" ucloudauth "github.com/ucloud/ucloud-sdk-go/ucloud/auth" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - usslsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/ucloud/ussl" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + usslsdk "github.com/certimate-go/certimate/pkg/sdk3rd/ucloud/ussl" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 优刻得 API 私钥。 PrivateKey string `json:"privateKey"` // 优刻得 API 公钥。 @@ -29,44 +29,42 @@ type UploaderConfig struct { ProjectId string `json:"projectId,omitempty"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *usslsdk.USSLClient } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.PrivateKey, config.PublicKey) + client, err := createSDKClient(config.PrivateKey, config.PublicKey) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 生成新证书名(需符合优刻得命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) // 生成优刻得所需的证书参数 certPEMBase64 := base64.StdEncoding.EncodeToString([]byte(certPEM)) @@ -76,24 +74,24 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 上传托管证书 // REF: https://docs.ucloud.cn/api/usslcertificate-api/upload_normal_certificate - uploadNormalCertificateReq := u.sdkClient.NewUploadNormalCertificateRequest() + uploadNormalCertificateReq := m.sdkClient.NewUploadNormalCertificateRequest() uploadNormalCertificateReq.CertificateName = ucloud.String(certName) uploadNormalCertificateReq.SslPublicKey = ucloud.String(certPEMBase64) uploadNormalCertificateReq.SslPrivateKey = ucloud.String(privkeyPEMBase64) uploadNormalCertificateReq.SslMD5 = ucloud.String(certMd5Hex) - if u.config.ProjectId != "" { - uploadNormalCertificateReq.ProjectId = ucloud.String(u.config.ProjectId) + if m.config.ProjectId != "" { + uploadNormalCertificateReq.ProjectId = ucloud.String(m.config.ProjectId) } - uploadNormalCertificateResp, err := u.sdkClient.UploadNormalCertificate(uploadNormalCertificateReq) - u.logger.Debug("sdk request 'ussl.UploadNormalCertificate'", slog.Any("request", uploadNormalCertificateReq), slog.Any("response", uploadNormalCertificateResp)) + uploadNormalCertificateResp, err := m.sdkClient.UploadNormalCertificate(uploadNormalCertificateReq) + m.logger.Debug("sdk request 'ussl.UploadNormalCertificate'", slog.Any("request", uploadNormalCertificateReq), slog.Any("response", uploadNormalCertificateResp)) if err != nil { if uploadNormalCertificateResp != nil && uploadNormalCertificateResp.GetRetCode() == 80035 { - if res, err := u.getCertIfExists(ctx, certPEM); err != nil { + if res, err := m.findCertIfExists(ctx, certPEM); err != nil { return nil, err } else if res == nil { return nil, errors.New("ucloud ssl: no certificate found") } else { - u.logger.Info("ssl certificate already exists") + m.logger.Info("ssl certificate already exists") return res, nil } } @@ -101,9 +99,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE return nil, fmt.Errorf("failed to execute sdk request 'ussl.UploadNormalCertificate': %w", err) } - certId = fmt.Sprintf("%d", uploadNormalCertificateResp.CertificateID) - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: fmt.Sprintf("%d", uploadNormalCertificateResp.CertificateID), CertName: certName, ExtendedData: map[string]any{ "resourceId": uploadNormalCertificateResp.LongResourceID, @@ -111,14 +108,14 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE }, nil } -func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) findCertIfExists(ctx context.Context, certPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } - // 遍历获取用户证书列表,避免重复上传 + // 遍历获取用户证书列表 // REF: https://docs.ucloud.cn/api/usslcertificate-api/get_certificate_list // REF: https://docs.ucloud.cn/api/usslcertificate-api/download_certificate getCertificateListPage := int(1) @@ -130,17 +127,17 @@ func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPEM string) default: } - getCertificateListReq := u.sdkClient.NewGetCertificateListRequest() + getCertificateListReq := m.sdkClient.NewGetCertificateListRequest() getCertificateListReq.Mode = ucloud.String("trust") getCertificateListReq.Domain = ucloud.String(certX509.Subject.CommonName) getCertificateListReq.Sort = ucloud.String("2") getCertificateListReq.Page = ucloud.Int(getCertificateListPage) getCertificateListReq.PageSize = ucloud.Int(getCertificateListLimit) - if u.config.ProjectId != "" { - getCertificateListReq.ProjectId = ucloud.String(u.config.ProjectId) + if m.config.ProjectId != "" { + getCertificateListReq.ProjectId = ucloud.String(m.config.ProjectId) } - getCertificateListResp, err := u.sdkClient.GetCertificateList(getCertificateListReq) - u.logger.Debug("sdk request 'ussl.GetCertificateList'", slog.Any("request", getCertificateListReq), slog.Any("response", getCertificateListResp)) + getCertificateListResp, err := m.sdkClient.GetCertificateList(getCertificateListReq) + m.logger.Debug("sdk request 'ussl.GetCertificateList'", slog.Any("request", getCertificateListReq), slog.Any("response", getCertificateListResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'ussl.GetCertificateList': %w", err) } @@ -162,12 +159,12 @@ func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPEM string) continue } - getCertificateDetailInfoReq := u.sdkClient.NewGetCertificateDetailInfoRequest() + getCertificateDetailInfoReq := m.sdkClient.NewGetCertificateDetailInfoRequest() getCertificateDetailInfoReq.CertificateID = ucloud.Int(certInfo.CertificateID) - if u.config.ProjectId != "" { - getCertificateDetailInfoReq.ProjectId = ucloud.String(u.config.ProjectId) + if m.config.ProjectId != "" { + getCertificateDetailInfoReq.ProjectId = ucloud.String(m.config.ProjectId) } - getCertificateDetailInfoResp, err := u.sdkClient.GetCertificateDetailInfo(getCertificateDetailInfoReq) + getCertificateDetailInfoResp, err := m.sdkClient.GetCertificateDetailInfo(getCertificateDetailInfoReq) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'ussl.GetCertificateDetailInfo': %w", err) } @@ -214,7 +211,7 @@ func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPEM string) continue } - return &uploader.UploadResult{ + return &core.SSLManageUploadResult{ CertId: fmt.Sprintf("%d", certInfo.CertificateID), CertName: certInfo.Name, ExtendedData: map[string]any{ @@ -234,7 +231,7 @@ func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPEM string) return nil, nil } -func createSdkClient(privateKey, publicKey string) (*usslsdk.USSLClient, error) { +func createSDKClient(privateKey, publicKey string) (*usslsdk.USSLClient, error) { cfg := ucloud.NewConfig() credential := ucloudauth.NewCredential() diff --git a/internal/pkg/core/uploader/providers/ucloud-ussl/ucloud_ussl_test.go b/pkg/core/ssl-manager/providers/ucloud-ussl/ucloud_ussl_test.go similarity index 67% rename from internal/pkg/core/uploader/providers/ucloud-ussl/ucloud_ussl_test.go rename to pkg/core/ssl-manager/providers/ucloud-ussl/ucloud_ussl_test.go index b459e005..e3739c7e 100644 --- a/internal/pkg/core/uploader/providers/ucloud-ussl/ucloud_ussl_test.go +++ b/pkg/core/ssl-manager/providers/ucloud-ussl/ucloud_ussl_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ucloud-ussl" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/ucloud-ussl" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_UCLOUDUSSL_" + argsPrefix := "CERTIMATE_SSLMANAGER_UCLOUDUSSL_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./ucloud_ussl_test.go -args \ - --CERTIMATE_UPLOADER_UCLOUDUSSL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_UCLOUDUSSL_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_UCLOUDUSSL_PRIVATEKEY="your-private-key" \ - --CERTIMATE_UPLOADER_UCLOUDUSSL_PUBLICKEY="your-public-key" + --CERTIMATE_SSLMANAGER_UCLOUDUSSL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_UCLOUDUSSL_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_UCLOUDUSSL_PRIVATEKEY="your-private-key" \ + --CERTIMATE_SSLMANAGER_UCLOUDUSSL_PUBLICKEY="your-public-key" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("PUBLICKEY: %v", fPublicKey), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ PrivateKey: fPrivateKey, PublicKey: fPublicKey, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/pkg/core/ssl-manager/providers/upyun-ssl/upyun_ssl.go b/pkg/core/ssl-manager/providers/upyun-ssl/upyun_ssl.go new file mode 100644 index 00000000..6b890480 --- /dev/null +++ b/pkg/core/ssl-manager/providers/upyun-ssl/upyun_ssl.go @@ -0,0 +1,72 @@ +package upyunssl + +import ( + "context" + "errors" + "fmt" + "log/slog" + + "github.com/certimate-go/certimate/pkg/core" + upyunsdk "github.com/certimate-go/certimate/pkg/sdk3rd/upyun/console" +) + +type SSLManagerProviderConfig struct { + // 又拍云账号用户名。 + Username string `json:"username"` + // 又拍云账号密码。 + Password string `json:"password"` +} + +type SSLManagerProvider struct { + config *SSLManagerProviderConfig + logger *slog.Logger + sdkClient *upyunsdk.Client +} + +var _ core.SSLManager = (*SSLManagerProvider)(nil) + +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { + if config == nil { + return nil, errors.New("the configuration of the ssl manager provider is nil") + } + + client, err := createSDKClient(config.Username, config.Password) + if err != nil { + return nil, fmt.Errorf("could not create sdk client: %w", err) + } + + return &SSLManagerProvider{ + config: config, + logger: slog.Default(), + sdkClient: client, + }, nil +} + +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { + if logger == nil { + m.logger = slog.New(slog.DiscardHandler) + } else { + m.logger = logger + } +} + +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { + // 上传证书 + uploadHttpsCertificateReq := &upyunsdk.UploadHttpsCertificateRequest{ + Certificate: certPEM, + PrivateKey: privkeyPEM, + } + uploadHttpsCertificateResp, err := m.sdkClient.UploadHttpsCertificate(uploadHttpsCertificateReq) + m.logger.Debug("sdk request 'console.UploadHttpsCertificate'", slog.Any("response", uploadHttpsCertificateResp)) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'console.UploadHttpsCertificate': %w", err) + } + + return &core.SSLManageUploadResult{ + CertId: uploadHttpsCertificateResp.Data.Result.CertificateId, + }, nil +} + +func createSDKClient(username, password string) (*upyunsdk.Client, error) { + return upyunsdk.NewClient(username, password) +} diff --git a/internal/pkg/core/uploader/providers/upyun-ssl/upyun_ssl_test.go b/pkg/core/ssl-manager/providers/upyun-ssl/upyun_ssl_test.go similarity index 67% rename from internal/pkg/core/uploader/providers/upyun-ssl/upyun_ssl_test.go rename to pkg/core/ssl-manager/providers/upyun-ssl/upyun_ssl_test.go index baf53d74..0c909b35 100644 --- a/internal/pkg/core/uploader/providers/upyun-ssl/upyun_ssl_test.go +++ b/pkg/core/ssl-manager/providers/upyun-ssl/upyun_ssl_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/upyun-ssl" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/upyun-ssl" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_UPYUNSSL_" + argsPrefix := "CERTIMATE_SSLMANAGER_UPYUNSSL_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./upyun_ssl_test.go -args \ - --CERTIMATE_UPLOADER_UPYUNSSL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_UPYUNSSL_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_UPYUNSSL_USERNAME="your-username" \ - --CERTIMATE_UPLOADER_UPYUNSSL_PASSWORD="your-password" + --CERTIMATE_SSLMANAGER_UPYUNSSL_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_UPYUNSSL_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_UPYUNSSL_USERNAME="your-username" \ + --CERTIMATE_SSLMANAGER_UPYUNSSL_PASSWORD="your-password" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("PASSWORD: %v", fPassword), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ Username: fUsername, Password: fPassword, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/volcengine-cdn/volcengine_cdn.go b/pkg/core/ssl-manager/providers/volcengine-cdn/volcengine_cdn.go similarity index 68% rename from internal/pkg/core/uploader/providers/volcengine-cdn/volcengine_cdn.go rename to pkg/core/ssl-manager/providers/volcengine-cdn/volcengine_cdn.go index 00ac07ae..9ad13187 100644 --- a/internal/pkg/core/uploader/providers/volcengine-cdn/volcengine_cdn.go +++ b/pkg/core/ssl-manager/providers/volcengine-cdn/volcengine_cdn.go @@ -5,6 +5,7 @@ import ( "crypto/sha1" "crypto/sha256" "encoding/hex" + "errors" "fmt" "log/slog" "strings" @@ -13,53 +14,52 @@ import ( vecdn "github.com/volcengine/volc-sdk-golang/service/cdn" ve "github.com/volcengine/volcengine-go-sdk/volcengine" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 AccessKeySecret string `json:"accessKeySecret"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *vecdn.CDN } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } client := vecdn.NewInstance() client.Client.SetAccessKey(config.AccessKeyId) client.Client.SetSecretKey(config.AccessKeySecret) - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -81,8 +81,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE default: } - listCertInfoResp, err := u.sdkClient.ListCertInfo(listCertInfoReq) - u.logger.Debug("sdk request 'cdn.ListCertInfo'", slog.Any("request", listCertInfoReq), slog.Any("response", listCertInfoResp)) + listCertInfoResp, err := m.sdkClient.ListCertInfo(listCertInfoReq) + m.logger.Debug("sdk request 'cdn.ListCertInfo'", slog.Any("request", listCertInfoReq), slog.Any("response", listCertInfoResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cdn.ListCertInfo': %w", err) } @@ -95,8 +95,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE strings.EqualFold(hex.EncodeToString(fingerprintSha256[:]), certDetail.CertFingerprint.Sha256) // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certDetail.CertId, CertName: certDetail.Desc, }, nil @@ -114,8 +114,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 生成新证书名(需符合火山引擎命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) // 上传新证书 // REF: https://www.volcengine.com/docs/6454/1245763 @@ -125,15 +124,14 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE Source: ve.String("volc_cert_center"), Desc: ve.String(certName), } - addCertificateResp, err := u.sdkClient.AddCertificate(addCertificateReq) - u.logger.Debug("sdk request 'cdn.AddCertificate'", slog.Any("request", addCertificateResp), slog.Any("response", addCertificateResp)) + addCertificateResp, err := m.sdkClient.AddCertificate(addCertificateReq) + m.logger.Debug("sdk request 'cdn.AddCertificate'", slog.Any("request", addCertificateResp), slog.Any("response", addCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'cdn.AddCertificate': %w", err) } - certId = addCertificateResp.Result.CertId - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: addCertificateResp.Result.CertId, CertName: certName, }, nil } diff --git a/internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter.go b/pkg/core/ssl-manager/providers/volcengine-certcenter/volcengine_certcenter.go similarity index 56% rename from internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter.go rename to pkg/core/ssl-manager/providers/volcengine-certcenter/volcengine_certcenter.go index 9accc17d..cd70da9c 100644 --- a/internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter.go +++ b/pkg/core/ssl-manager/providers/volcengine-certcenter/volcengine_certcenter.go @@ -9,11 +9,11 @@ import ( ve "github.com/volcengine/volcengine-go-sdk/volcengine" vesession "github.com/volcengine/volcengine-go-sdk/volcengine/session" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - veccsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/volcengine/certcenter" + "github.com/certimate-go/certimate/pkg/core" + veccsdk "github.com/certimate-go/certimate/pkg/sdk3rd/volcengine/certcenter" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 @@ -22,41 +22,40 @@ type UploaderConfig struct { Region string `json:"region"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *veccsdk.CertCenter } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret, config.Region) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 上传证书 // REF: https://www.volcengine.com/docs/6638/1365580 importCertificateReq := &veccsdk.ImportCertificateInput{ @@ -66,30 +65,30 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE }, Repeatable: ve.Bool(false), } - importCertificateResp, err := u.sdkClient.ImportCertificate(importCertificateReq) - u.logger.Debug("sdk request 'certcenter.ImportCertificate'", slog.Any("request", importCertificateReq), slog.Any("response", importCertificateResp)) + importCertificateResp, err := m.sdkClient.ImportCertificate(importCertificateReq) + m.logger.Debug("sdk request 'certcenter.ImportCertificate'", slog.Any("request", importCertificateReq), slog.Any("response", importCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'certcenter.ImportCertificate': %w", err) } - var certId string + var sslId string if importCertificateResp.InstanceId != nil && *importCertificateResp.InstanceId != "" { - certId = *importCertificateResp.InstanceId + sslId = *importCertificateResp.InstanceId } if importCertificateResp.RepeatId != nil && *importCertificateResp.RepeatId != "" { - certId = *importCertificateResp.RepeatId + sslId = *importCertificateResp.RepeatId } - if certId == "" { - return nil, errors.New("failed to get certificate id from response, both `InstanceId` and `RepeatId` are empty") + if sslId == "" { + return nil, errors.New("received empty certificate id, both `InstanceId` and `RepeatId` are empty") } - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: sslId, }, nil } -func createSdkClient(accessKeyId, accessKeySecret, region string) (*veccsdk.CertCenter, error) { +func createSDKClient(accessKeyId, accessKeySecret, region string) (*veccsdk.CertCenter, error) { if region == "" { region = "cn-beijing" // 证书中心默认区域:北京 } diff --git a/internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter_test.go b/pkg/core/ssl-manager/providers/volcengine-certcenter/volcengine_certcenter_test.go similarity index 65% rename from internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter_test.go rename to pkg/core/ssl-manager/providers/volcengine-certcenter/volcengine_certcenter_test.go index 1cfa15fe..a6aaa298 100644 --- a/internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter_test.go +++ b/pkg/core/ssl-manager/providers/volcengine-certcenter/volcengine_certcenter_test.go @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/volcengine-certcenter" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_VOLCENGINECERTCENTER_" + argsPrefix := "CERTIMATE_SSLMANAGER_VOLCENGINECERTCENTER_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./volcengine_certcenter_test.go -args \ - --CERTIMATE_UPLOADER_VOLCENGINECERTCENTER_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_VOLCENGINECERTCENTER_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_UPLOADER_VOLCENGINECERTCENTER_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_UPLOADER_VOLCENGINECERTCENTER_ACCESSKEYSECRET="your-access-key-secret" + --CERTIMATE_SSLMANAGER_VOLCENGINECERTCENTER_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_VOLCENGINECERTCENTER_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_VOLCENGINECERTCENTER_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_VOLCENGINECERTCENTER_ACCESSKEYSECRET="your-access-key-secret" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/internal/pkg/core/uploader/providers/volcengine-live/volcengine_live.go b/pkg/core/ssl-manager/providers/volcengine-live/volcengine_live.go similarity index 63% rename from internal/pkg/core/uploader/providers/volcengine-live/volcengine_live.go rename to pkg/core/ssl-manager/providers/volcengine-live/volcengine_live.go index d758fbb4..147a8ec9 100644 --- a/internal/pkg/core/uploader/providers/volcengine-live/volcengine_live.go +++ b/pkg/core/ssl-manager/providers/volcengine-live/volcengine_live.go @@ -2,6 +2,7 @@ package volcenginelive import ( "context" + "errors" "fmt" "log/slog" "strings" @@ -10,53 +11,52 @@ import ( velive "github.com/volcengine/volc-sdk-golang/service/live/v20230101" ve "github.com/volcengine/volcengine-go-sdk/volcengine" - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" + "github.com/certimate-go/certimate/pkg/core" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 火山引擎 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 火山引擎 AccessKeySecret。 AccessKeySecret string `json:"accessKeySecret"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *velive.Live } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } client := velive.NewInstance() client.SetAccessKey(config.AccessKeyId) client.SetSecretKey(config.AccessKeySecret) - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } @@ -64,8 +64,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 查询证书列表,避免重复上传 // REF: https://www.volcengine.com/docs/6469/1186278#%E6%9F%A5%E8%AF%A2%E8%AF%81%E4%B9%A6%E5%88%97%E8%A1%A8 listCertReq := &velive.ListCertV2Body{} - listCertResp, err := u.sdkClient.ListCertV2(ctx, listCertReq) - u.logger.Debug("sdk request 'live.ListCertV2'", slog.Any("request", listCertReq), slog.Any("response", listCertResp)) + listCertResp, err := m.sdkClient.ListCertV2(ctx, listCertReq) + m.logger.Debug("sdk request 'live.ListCertV2'", slog.Any("request", listCertReq), slog.Any("response", listCertResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'live.ListCertV2': %w", err) } @@ -76,8 +76,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE describeCertDetailSecretReq := &velive.DescribeCertDetailSecretV2Body{ ChainID: ve.String(certDetail.ChainID), } - describeCertDetailSecretResp, err := u.sdkClient.DescribeCertDetailSecretV2(ctx, describeCertDetailSecretReq) - u.logger.Debug("sdk request 'live.DescribeCertDetailSecretV2'", slog.Any("request", describeCertDetailSecretReq), slog.Any("response", describeCertDetailSecretResp)) + describeCertDetailSecretResp, err := m.sdkClient.DescribeCertDetailSecretV2(ctx, describeCertDetailSecretReq) + m.logger.Debug("sdk request 'live.DescribeCertDetailSecretV2'", slog.Any("request", describeCertDetailSecretReq), slog.Any("response", describeCertDetailSecretResp)) if err != nil { continue } @@ -87,18 +87,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE if certificate == certPEM { isSameCert = true } else { - oldCertX509, err := certutil.ParseCertificateFromPEM(certificate) + oldCertX509, err := xcert.ParseCertificateFromPEM(certificate) if err != nil { continue } - isSameCert = certutil.EqualCertificate(certX509, oldCertX509) + isSameCert = xcert.EqualCertificate(certX509, oldCertX509) } // 如果已存在相同证书,直接返回 if isSameCert { - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certDetail.ChainID, CertName: certDetail.CertName, }, nil @@ -107,8 +107,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 生成新证书名(需符合火山引擎命名规则) - var certId, certName string - certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) // 上传新证书 // REF: https://www.volcengine.com/docs/6469/1186278#%E6%B7%BB%E5%8A%A0%E8%AF%81%E4%B9%A6 @@ -121,15 +120,14 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE Pubkey: certPEM, }, } - createCertResp, err := u.sdkClient.CreateCert(ctx, createCertReq) - u.logger.Debug("sdk request 'live.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) + createCertResp, err := m.sdkClient.CreateCert(ctx, createCertReq) + m.logger.Debug("sdk request 'live.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'live.CreateCert': %w", err) } - certId = *createCertResp.Result.ChainID - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: *createCertResp.Result.ChainID, CertName: certName, }, nil } diff --git a/internal/pkg/core/uploader/providers/wangsu-certificate/wangsu_certificate.go b/pkg/core/ssl-manager/providers/wangsu-certificate/wangsu_certificate.go similarity index 54% rename from internal/pkg/core/uploader/providers/wangsu-certificate/wangsu_certificate.go rename to pkg/core/ssl-manager/providers/wangsu-certificate/wangsu_certificate.go index 6a12ceda..d2523c9b 100644 --- a/internal/pkg/core/uploader/providers/wangsu-certificate/wangsu_certificate.go +++ b/pkg/core/ssl-manager/providers/wangsu-certificate/wangsu_certificate.go @@ -1,4 +1,4 @@ -package jdcloudssl +package wangsucertificate import ( "context" @@ -9,65 +9,63 @@ import ( "strings" "time" - wangsusdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/wangsu/certificate" - - "github.com/usual2970/certimate/internal/pkg/core/uploader" - certutil "github.com/usual2970/certimate/internal/pkg/utils/cert" - typeutil "github.com/usual2970/certimate/internal/pkg/utils/type" + "github.com/certimate-go/certimate/pkg/core" + wangsusdk "github.com/certimate-go/certimate/pkg/sdk3rd/wangsu/certificate" + xcert "github.com/certimate-go/certimate/pkg/utils/cert" + xtypes "github.com/certimate-go/certimate/pkg/utils/types" ) -type UploaderConfig struct { +type SSLManagerProviderConfig struct { // 网宿云 AccessKeyId。 AccessKeyId string `json:"accessKeyId"` // 网宿云 AccessKeySecret。 AccessKeySecret string `json:"accessKeySecret"` } -type UploaderProvider struct { - config *UploaderConfig +type SSLManagerProvider struct { + config *SSLManagerProviderConfig logger *slog.Logger sdkClient *wangsusdk.Client } -var _ uploader.Uploader = (*UploaderProvider)(nil) +var _ core.SSLManager = (*SSLManagerProvider)(nil) -func NewUploader(config *UploaderConfig) (*UploaderProvider, error) { +func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) { if config == nil { - panic("config is nil") + return nil, errors.New("the configuration of the ssl manager provider is nil") } - client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret) + client, err := createSDKClient(config.AccessKeyId, config.AccessKeySecret) if err != nil { - return nil, fmt.Errorf("failed to create sdk client: %w", err) + return nil, fmt.Errorf("could not create sdk client: %w", err) } - return &UploaderProvider{ + return &SSLManagerProvider{ config: config, logger: slog.Default(), sdkClient: client, }, nil } -func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader { +func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) { if logger == nil { - u.logger = slog.New(slog.DiscardHandler) + m.logger = slog.New(slog.DiscardHandler) } else { - u.logger = logger + m.logger = logger } - return u } -func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*uploader.UploadResult, error) { +func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) { // 解析证书内容 - certX509, err := certutil.ParseCertificateFromPEM(certPEM) + certX509, err := xcert.ParseCertificateFromPEM(certPEM) if err != nil { return nil, err } // 查询证书列表,避免重复上传 // REF: https://www.wangsu.com/document/api-doc/22675?productCode=certificatemanagement - listCertificatesResp, err := u.sdkClient.ListCertificates() - u.logger.Debug("sdk request 'certificatemanagement.ListCertificates'", slog.Any("response", listCertificatesResp)) + listCertificatesResp, err := m.sdkClient.ListCertificates() + m.logger.Debug("sdk request 'certificatemanagement.ListCertificates'", slog.Any("response", listCertificatesResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'certificatemanagement.ListCertificates': %w", err) } @@ -88,8 +86,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 如果以上信息都一致,则视为已存在相同证书,直接返回 - u.logger.Info("ssl certificate already exists") - return &uploader.UploadResult{ + m.logger.Info("ssl certificate already exists") + return &core.SSLManageUploadResult{ CertId: certificate.CertificateId, CertName: certificate.Name, }, nil @@ -97,19 +95,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE } // 生成新证书名(需符合网宿云命名规则) - var certId string certName := fmt.Sprintf("certimate_%d", time.Now().UnixMilli()) // 新增证书 // REF: https://www.wangsu.com/document/api-doc/25199?productCode=certificatemanagement createCertificateReq := &wangsusdk.CreateCertificateRequest{ - Name: typeutil.ToPtr(certName), - Certificate: typeutil.ToPtr(certPEM), - PrivateKey: typeutil.ToPtr(privkeyPEM), - Comment: typeutil.ToPtr("upload from certimate"), + Name: xtypes.ToPtr(certName), + Certificate: xtypes.ToPtr(certPEM), + PrivateKey: xtypes.ToPtr(privkeyPEM), + Comment: xtypes.ToPtr("upload from certimate"), } - createCertificateResp, err := u.sdkClient.CreateCertificate(createCertificateReq) - u.logger.Debug("sdk request 'certificatemanagement.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) + createCertificateResp, err := m.sdkClient.CreateCertificate(createCertificateReq) + m.logger.Debug("sdk request 'certificatemanagement.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp)) if err != nil { return nil, fmt.Errorf("failed to execute sdk request 'certificatemanagement.CreateCertificate': %w", err) } @@ -117,27 +114,17 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPE // 网宿云证书 URL 中包含证书 ID // 格式: // https://open.chinanetcenter.com/api/certificate/100001 - wangsuCertIdMatches := regexp.MustCompile(`/certificate/([0-9]+)`).FindStringSubmatch(createCertificateResp.CertificateUrl) - if len(wangsuCertIdMatches) > 1 { - certId = wangsuCertIdMatches[1] - } else { + wangsuCertIdMatches := regexp.MustCompile(`/certificate/([0-9]+)`).FindStringSubmatch(createCertificateResp.CertificateLocation) + if len(wangsuCertIdMatches) == 0 { return nil, fmt.Errorf("received empty certificate id") } - return &uploader.UploadResult{ - CertId: certId, + return &core.SSLManageUploadResult{ + CertId: wangsuCertIdMatches[1], CertName: certName, }, nil } -func createSdkClient(accessKeyId, accessKeySecret string) (*wangsusdk.Client, error) { - if accessKeyId == "" { - return nil, errors.New("invalid wangsu access key id") - } - - if accessKeySecret == "" { - return nil, errors.New("invalid wangsu access key secret") - } - - return wangsusdk.NewClient(accessKeyId, accessKeySecret), nil +func createSDKClient(accessKeyId, accessKeySecret string) (*wangsusdk.Client, error) { + return wangsusdk.NewClient(accessKeyId, accessKeySecret) } diff --git a/internal/pkg/core/uploader/providers/wangsu-certificate/wangsu_certificate_test.go b/pkg/core/ssl-manager/providers/wangsu-certificate/wangsu_certificate_test.go similarity index 64% rename from internal/pkg/core/uploader/providers/wangsu-certificate/wangsu_certificate_test.go rename to pkg/core/ssl-manager/providers/wangsu-certificate/wangsu_certificate_test.go index bdec8cfe..5d1ed688 100644 --- a/internal/pkg/core/uploader/providers/wangsu-certificate/wangsu_certificate_test.go +++ b/pkg/core/ssl-manager/providers/wangsu-certificate/wangsu_certificate_test.go @@ -1,4 +1,4 @@ -package jdcloudssl_test +package wangsucertificate_test import ( "context" @@ -9,7 +9,7 @@ import ( "strings" "testing" - provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/wangsu-certificate" + provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/wangsu-certificate" ) var ( @@ -20,7 +20,7 @@ var ( ) func init() { - argsPrefix := "CERTIMATE_UPLOADER_JDCLOUDSSL_" + argsPrefix := "CERTIMATE_SSLMANAGER_WANGSUCERTIFICATE_" flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") @@ -32,10 +32,10 @@ func init() { Shell command to run this test: go test -v ./wangsu_certificate_test.go -args \ - --CERTIMATE_UPLOADER_WANGSUCERTIFICATE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ - --CERTIMATE_UPLOADER_WANGSUCERTIFICATE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_WANGSUCERTIFICATE_ACCESSKEYID="your-access-key-id" \ - --CERTIMATE_DEPLOYER_WANGSUCERTIFICATE_ACCESSKEYSECRET="your-access-key-secret" + --CERTIMATE_SSLMANAGER_WANGSUCERTIFICATE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_SSLMANAGER_WANGSUCERTIFICATE_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_SSLMANAGER_WANGSUCERTIFICATE_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_SSLMANAGER_WANGSUCERTIFICATE_ACCESSKEYSECRET="your-access-key-secret" */ func TestDeploy(t *testing.T) { flag.Parse() @@ -49,7 +49,7 @@ func TestDeploy(t *testing.T) { fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret), }, "\n")) - uploader, err := provider.NewUploader(&provider.UploaderConfig{ + sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{ AccessKeyId: fAccessKeyId, AccessKeySecret: fAccessKeySecret, }) @@ -60,7 +60,7 @@ func TestDeploy(t *testing.T) { fInputCertData, _ := os.ReadFile(fInputCertPath) fInputKeyData, _ := os.ReadFile(fInputKeyPath) - res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) if err != nil { t.Errorf("err: %+v", err) return diff --git a/pkg/core/ssl_applicator.go b/pkg/core/ssl_applicator.go new file mode 100644 index 00000000..092c28ad --- /dev/null +++ b/pkg/core/ssl_applicator.go @@ -0,0 +1,7 @@ +package core + +import ( + "github.com/go-acme/lego/v4/challenge" +) + +type ACMEChallenger = challenge.Provider diff --git a/internal/pkg/core/deployer/deployer.go b/pkg/core/ssl_deployer.go similarity index 52% rename from internal/pkg/core/deployer/deployer.go rename to pkg/core/ssl_deployer.go index 85a4e156..7f6d79ea 100644 --- a/internal/pkg/core/deployer/deployer.go +++ b/pkg/core/ssl_deployer.go @@ -1,14 +1,12 @@ -package deployer +package core import ( "context" - "log/slog" ) -// 表示定义证书部署器的抽象类型接口。 -// 注意与 `Uploader` 区分,“部署”通常为“上传”的后置操作。 -type Deployer interface { - WithLogger(logger *slog.Logger) Deployer +// 表示定义 SSL 证书部署器的抽象类型接口。 +type SSLDeployer interface { + WithLogger // 部署证书。 // @@ -20,10 +18,10 @@ type Deployer interface { // 出参: // - res:部署结果。 // - err: 错误。 - Deploy(ctx context.Context, certPEM string, privkeyPEM string) (_res *DeployResult, _err error) + Deploy(ctx context.Context, certPEM string, privkeyPEM string) (_res *SSLDeployResult, _err error) } -// 表示证书部署结果的数据结构。 -type DeployResult struct { +// 表示 SSL 证书部署结果的数据结构。 +type SSLDeployResult struct { ExtendedData map[string]any `json:"extendedData,omitempty"` } diff --git a/pkg/core/ssl_manager.go b/pkg/core/ssl_manager.go new file mode 100644 index 00000000..149818c1 --- /dev/null +++ b/pkg/core/ssl_manager.go @@ -0,0 +1,30 @@ +package core + +import ( + "context" +) + +// 表示定义 SSL 证书管理器的抽象类型接口。 +// 云服务商通常会提供 SSL 证书管理服务,可供用户集中管理证书。 +type SSLManager interface { + WithLogger + + // 上传证书。 + // + // 入参: + // - ctx:上下文。 + // - certPEM:证书 PEM 内容。 + // - privkeyPEM:私钥 PEM 内容。 + // + // 出参: + // - res:上传结果。 + // - err: 错误。 + Upload(ctx context.Context, certPEM string, privkeyPEM string) (_res *SSLManageUploadResult, _err error) +} + +// 表示 SSL 证书管理上传结果的数据结构,包含上传后的证书 ID、名称和其他数据。 +type SSLManageUploadResult struct { + CertId string `json:"certId,omitempty"` + CertName string `json:"certName,omitempty"` + ExtendedData map[string]any `json:"extendedData,omitempty"` +} diff --git a/internal/pkg/logging/handler.go b/pkg/logging/handler.go similarity index 100% rename from internal/pkg/logging/handler.go rename to pkg/logging/handler.go diff --git a/internal/pkg/logging/level.go b/pkg/logging/level.go similarity index 100% rename from internal/pkg/logging/level.go rename to pkg/logging/level.go diff --git a/internal/pkg/logging/record.go b/pkg/logging/record.go similarity index 100% rename from internal/pkg/logging/record.go rename to pkg/logging/record.go diff --git a/pkg/sdk3rd/1panel/api_get_https_conf.go b/pkg/sdk3rd/1panel/api_get_https_conf.go new file mode 100644 index 00000000..4fd3a873 --- /dev/null +++ b/pkg/sdk3rd/1panel/api_get_https_conf.go @@ -0,0 +1,43 @@ +package onepanel + +import ( + "context" + "fmt" + "net/http" +) + +type GetHttpsConfResponse struct { + apiResponseBase + + Data *struct { + Enable bool `json:"enable"` + HttpConfig string `json:"httpConfig"` + SSLProtocol []string `json:"SSLProtocol"` + Algorithm string `json:"algorithm"` + Hsts bool `json:"hsts"` + } `json:"data,omitempty"` +} + +func (c *Client) GetHttpsConf(websiteId int64) (*GetHttpsConfResponse, error) { + return c.GetHttpsConfWithContext(context.Background(), websiteId) +} + +func (c *Client) GetHttpsConfWithContext(ctx context.Context, websiteId int64) (*GetHttpsConfResponse, error) { + if websiteId == 0 { + return nil, fmt.Errorf("sdkerr: unset websiteId") + } + + httpreq, err := c.newRequest(http.MethodGet, fmt.Sprintf("/websites/%d/https", websiteId)) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &GetHttpsConfResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/api_get_website_ssl.go b/pkg/sdk3rd/1panel/api_get_website_ssl.go new file mode 100644 index 00000000..aeab2dab --- /dev/null +++ b/pkg/sdk3rd/1panel/api_get_website_ssl.go @@ -0,0 +1,50 @@ +package onepanel + +import ( + "context" + "fmt" + "net/http" +) + +type GetWebsiteSSLResponse struct { + apiResponseBase + + Data *struct { + ID int64 `json:"id"` + Provider string `json:"provider"` + Description string `json:"description"` + PrimaryDomain string `json:"primaryDomain"` + Domains string `json:"domains"` + Type string `json:"type"` + Organization string `json:"organization"` + Status string `json:"status"` + StartDate string `json:"startDate"` + ExpireDate string `json:"expireDate"` + CreatedAt string `json:"createdAt"` + UpdatedAt string `json:"updatedAt"` + } `json:"data,omitempty"` +} + +func (c *Client) GetWebsiteSSL(sslId int64) (*GetWebsiteSSLResponse, error) { + return c.GetWebsiteSSLWithContext(context.Background(), sslId) +} + +func (c *Client) GetWebsiteSSLWithContext(ctx context.Context, sslId int64) (*GetWebsiteSSLResponse, error) { + if sslId == 0 { + return nil, fmt.Errorf("sdkerr: unset sslId") + } + + httpreq, err := c.newRequest(http.MethodGet, fmt.Sprintf("/websites/ssl/%d", sslId)) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &GetWebsiteSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/api_search_website_ssl.go b/pkg/sdk3rd/1panel/api_search_website_ssl.go new file mode 100644 index 00000000..10ceb366 --- /dev/null +++ b/pkg/sdk3rd/1panel/api_search_website_ssl.go @@ -0,0 +1,50 @@ +package onepanel + +import ( + "context" + "net/http" +) + +type SearchWebsiteSSLRequest struct { + Page int32 `json:"page"` + PageSize int32 `json:"pageSize"` +} + +type SearchWebsiteSSLResponse struct { + apiResponseBase + + Data *struct { + Items []*struct { + ID int64 `json:"id"` + PEM string `json:"pem"` + PrivateKey string `json:"privateKey"` + Domains string `json:"domains"` + Description string `json:"description"` + Status string `json:"status"` + UpdatedAt string `json:"updatedAt"` + CreatedAt string `json:"createdAt"` + } `json:"items"` + Total int32 `json:"total"` + } `json:"data,omitempty"` +} + +func (c *Client) SearchWebsiteSSL(req *SearchWebsiteSSLRequest) (*SearchWebsiteSSLResponse, error) { + return c.SearchWebsiteSSLWithContext(context.Background(), req) +} + +func (c *Client) SearchWebsiteSSLWithContext(ctx context.Context, req *SearchWebsiteSSLRequest) (*SearchWebsiteSSLResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/websites/ssl/search") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &SearchWebsiteSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/api_update_https_conf.go b/pkg/sdk3rd/1panel/api_update_https_conf.go new file mode 100644 index 00000000..ba79fd68 --- /dev/null +++ b/pkg/sdk3rd/1panel/api_update_https_conf.go @@ -0,0 +1,53 @@ +package onepanel + +import ( + "context" + "fmt" + "net/http" +) + +type UpdateHttpsConfRequest struct { + WebsiteID int64 `json:"websiteId"` + Enable bool `json:"enable"` + Type string `json:"type"` + WebsiteSSLID int64 `json:"websiteSSLId"` + PrivateKey string `json:"privateKey"` + Certificate string `json:"certificate"` + PrivateKeyPath string `json:"privateKeyPath"` + CertificatePath string `json:"certificatePath"` + ImportType string `json:"importType"` + HttpConfig string `json:"httpConfig"` + SSLProtocol []string `json:"SSLProtocol"` + Algorithm string `json:"algorithm"` + Hsts bool `json:"hsts"` +} + +type UpdateHttpsConfResponse struct { + apiResponseBase +} + +func (c *Client) UpdateHttpsConf(websiteId int64, req *UpdateHttpsConfRequest) (*UpdateHttpsConfResponse, error) { + return c.UpdateHttpsConfWithContext(context.Background(), websiteId, req) +} + +func (c *Client) UpdateHttpsConfWithContext(ctx context.Context, websiteId int64, req *UpdateHttpsConfRequest) (*UpdateHttpsConfResponse, error) { + if websiteId == 0 { + return nil, fmt.Errorf("sdkerr: unset websiteId") + } + + httpreq, err := c.newRequest(http.MethodPost, fmt.Sprintf("/websites/%d/https", websiteId)) + if err != nil { + return nil, err + } else { + req.WebsiteID = websiteId + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateHttpsConfResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/api_update_settings_ssl.go b/pkg/sdk3rd/1panel/api_update_settings_ssl.go new file mode 100644 index 00000000..055472b0 --- /dev/null +++ b/pkg/sdk3rd/1panel/api_update_settings_ssl.go @@ -0,0 +1,40 @@ +package onepanel + +import ( + "context" + "net/http" +) + +type UpdateSettingsSSLRequest struct { + Cert string `json:"cert"` + Key string `json:"key"` + SSLType string `json:"sslType"` + SSL string `json:"ssl"` + SSLID int64 `json:"sslID"` + AutoRestart string `json:"autoRestart"` +} + +type UpdateSettingsSSLResponse struct { + apiResponseBase +} + +func (c *Client) UpdateSettingsSSL(req *UpdateSettingsSSLRequest) (*UpdateSettingsSSLResponse, error) { + return c.UpdateSettingsSSLWithContext(context.Background(), req) +} + +func (c *Client) UpdateSettingsSSLWithContext(ctx context.Context, req *UpdateSettingsSSLRequest) (*UpdateSettingsSSLResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/settings/ssl/update") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateSettingsSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/api_upload_website_ssl.go b/pkg/sdk3rd/1panel/api_upload_website_ssl.go new file mode 100644 index 00000000..160ac40c --- /dev/null +++ b/pkg/sdk3rd/1panel/api_upload_website_ssl.go @@ -0,0 +1,41 @@ +package onepanel + +import ( + "context" + "net/http" +) + +type UploadWebsiteSSLRequest struct { + SSLID int64 `json:"sslID"` + Type string `json:"type"` + Certificate string `json:"certificate"` + CertificatePath string `json:"certificatePath"` + PrivateKey string `json:"privateKey"` + PrivateKeyPath string `json:"privateKeyPath"` + Description string `json:"description"` +} + +type UploadWebsiteSSLResponse struct { + apiResponseBase +} + +func (c *Client) UploadWebsiteSSL(req *UploadWebsiteSSLRequest) (*UploadWebsiteSSLResponse, error) { + return c.UploadWebsiteSSLWithContext(context.Background(), req) +} + +func (c *Client) UploadWebsiteSSLWithContext(ctx context.Context, req *UploadWebsiteSSLRequest) (*UploadWebsiteSSLResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/websites/ssl/upload") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UploadWebsiteSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/client.go b/pkg/sdk3rd/1panel/client.go new file mode 100644 index 00000000..5f52ce9a --- /dev/null +++ b/pkg/sdk3rd/1panel/client.go @@ -0,0 +1,116 @@ +package onepanel + +import ( + "crypto/md5" + "crypto/tls" + "encoding/hex" + "encoding/json" + "fmt" + "net/http" + "net/url" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(serverUrl, apiKey string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiKey == "" { + return nil, fmt.Errorf("sdkerr: unset apiKey") + } + + client := resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")+"/api/v1"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + timestamp := fmt.Sprintf("%d", time.Now().Unix()) + tokenMd5 := md5.Sum([]byte("1panel" + apiKey + timestamp)) + tokenMd5Hex := hex.EncodeToString(tokenMd5[:]) + req.Header.Set("1Panel-Timestamp", timestamp) + req.Header.Set("1Panel-Token", tokenMd5Hex) + + return nil + }) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode/100 != 2 { + return resp, fmt.Errorf("sdkerr: api error: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/1panel/types.go b/pkg/sdk3rd/1panel/types.go new file mode 100644 index 00000000..c8398b02 --- /dev/null +++ b/pkg/sdk3rd/1panel/types.go @@ -0,0 +1,29 @@ +package onepanel + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code *int32 `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +func (r *apiResponseBase) GetCode() int32 { + if r.Code == nil { + return 0 + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/pkg/sdk3rd/1panel/v2/api_get_https_conf.go b/pkg/sdk3rd/1panel/v2/api_get_https_conf.go new file mode 100644 index 00000000..c20ea650 --- /dev/null +++ b/pkg/sdk3rd/1panel/v2/api_get_https_conf.go @@ -0,0 +1,43 @@ +package onepanelv2 + +import ( + "context" + "fmt" + "net/http" +) + +type GetHttpsConfResponse struct { + apiResponseBase + + Data *struct { + Enable bool `json:"enable"` + HttpConfig string `json:"httpConfig"` + SSLProtocol []string `json:"SSLProtocol"` + Algorithm string `json:"algorithm"` + Hsts bool `json:"hsts"` + } `json:"data,omitempty"` +} + +func (c *Client) GetHttpsConf(websiteId int64) (*GetHttpsConfResponse, error) { + return c.GetHttpsConfWithContext(context.Background(), websiteId) +} + +func (c *Client) GetHttpsConfWithContext(ctx context.Context, websiteId int64) (*GetHttpsConfResponse, error) { + if websiteId == 0 { + return nil, fmt.Errorf("sdkerr: unset websiteId") + } + + httpreq, err := c.newRequest(http.MethodGet, fmt.Sprintf("/websites/%d/https", websiteId)) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &GetHttpsConfResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/v2/api_get_website_ssl.go b/pkg/sdk3rd/1panel/v2/api_get_website_ssl.go new file mode 100644 index 00000000..c3d4be3a --- /dev/null +++ b/pkg/sdk3rd/1panel/v2/api_get_website_ssl.go @@ -0,0 +1,50 @@ +package onepanelv2 + +import ( + "context" + "fmt" + "net/http" +) + +type GetWebsiteSSLResponse struct { + apiResponseBase + + Data *struct { + ID int64 `json:"id"` + Provider string `json:"provider"` + Description string `json:"description"` + PrimaryDomain string `json:"primaryDomain"` + Domains string `json:"domains"` + Type string `json:"type"` + Organization string `json:"organization"` + Status string `json:"status"` + StartDate string `json:"startDate"` + ExpireDate string `json:"expireDate"` + CreatedAt string `json:"createdAt"` + UpdatedAt string `json:"updatedAt"` + } `json:"data,omitempty"` +} + +func (c *Client) GetWebsiteSSL(sslId int64) (*GetWebsiteSSLResponse, error) { + return c.GetWebsiteSSLWithContext(context.Background(), sslId) +} + +func (c *Client) GetWebsiteSSLWithContext(ctx context.Context, sslId int64) (*GetWebsiteSSLResponse, error) { + if sslId == 0 { + return nil, fmt.Errorf("sdkerr: unset sslId") + } + + httpreq, err := c.newRequest(http.MethodGet, fmt.Sprintf("/websites/ssl/%d", sslId)) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &GetWebsiteSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/v2/api_search_website_ssl.go b/pkg/sdk3rd/1panel/v2/api_search_website_ssl.go new file mode 100644 index 00000000..c46a301a --- /dev/null +++ b/pkg/sdk3rd/1panel/v2/api_search_website_ssl.go @@ -0,0 +1,50 @@ +package onepanelv2 + +import ( + "context" + "net/http" +) + +type SearchWebsiteSSLRequest struct { + Page int32 `json:"page"` + PageSize int32 `json:"pageSize"` +} + +type SearchWebsiteSSLResponse struct { + apiResponseBase + + Data *struct { + Items []*struct { + ID int64 `json:"id"` + PEM string `json:"pem"` + PrivateKey string `json:"privateKey"` + Domains string `json:"domains"` + Description string `json:"description"` + Status string `json:"status"` + UpdatedAt string `json:"updatedAt"` + CreatedAt string `json:"createdAt"` + } `json:"items"` + Total int32 `json:"total"` + } `json:"data,omitempty"` +} + +func (c *Client) SearchWebsiteSSL(req *SearchWebsiteSSLRequest) (*SearchWebsiteSSLResponse, error) { + return c.SearchWebsiteSSLWithContext(context.Background(), req) +} + +func (c *Client) SearchWebsiteSSLWithContext(ctx context.Context, req *SearchWebsiteSSLRequest) (*SearchWebsiteSSLResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/websites/ssl/search") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &SearchWebsiteSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/v2/api_update_core_settings_ssl.go b/pkg/sdk3rd/1panel/v2/api_update_core_settings_ssl.go new file mode 100644 index 00000000..aa53fc6f --- /dev/null +++ b/pkg/sdk3rd/1panel/v2/api_update_core_settings_ssl.go @@ -0,0 +1,40 @@ +package onepanelv2 + +import ( + "context" + "net/http" +) + +type UpdateCoreSettingsSSLRequest struct { + Cert string `json:"cert"` + Key string `json:"key"` + SSLType string `json:"sslType"` + SSL string `json:"ssl"` + SSLID int64 `json:"sslID"` + AutoRestart string `json:"autoRestart"` +} + +type UpdateCoreSettingsSSLResponse struct { + apiResponseBase +} + +func (c *Client) UpdateCoreSettingsSSL(req *UpdateCoreSettingsSSLRequest) (*UpdateCoreSettingsSSLResponse, error) { + return c.UpdateCoreSettingsSSLWithContext(context.Background(), req) +} + +func (c *Client) UpdateCoreSettingsSSLWithContext(ctx context.Context, req *UpdateCoreSettingsSSLRequest) (*UpdateCoreSettingsSSLResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/core/settings/ssl/update") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateCoreSettingsSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/v2/api_update_https_conf.go b/pkg/sdk3rd/1panel/v2/api_update_https_conf.go new file mode 100644 index 00000000..e4750613 --- /dev/null +++ b/pkg/sdk3rd/1panel/v2/api_update_https_conf.go @@ -0,0 +1,53 @@ +package onepanelv2 + +import ( + "context" + "fmt" + "net/http" +) + +type UpdateHttpsConfRequest struct { + WebsiteID int64 `json:"websiteId"` + Enable bool `json:"enable"` + Type string `json:"type"` + WebsiteSSLID int64 `json:"websiteSSLId"` + PrivateKey string `json:"privateKey"` + Certificate string `json:"certificate"` + PrivateKeyPath string `json:"privateKeyPath"` + CertificatePath string `json:"certificatePath"` + ImportType string `json:"importType"` + HttpConfig string `json:"httpConfig"` + SSLProtocol []string `json:"SSLProtocol"` + Algorithm string `json:"algorithm"` + Hsts bool `json:"hsts"` +} + +type UpdateHttpsConfResponse struct { + apiResponseBase +} + +func (c *Client) UpdateHttpsConf(websiteId int64, req *UpdateHttpsConfRequest) (*UpdateHttpsConfResponse, error) { + return c.UpdateHttpsConfWithContext(context.Background(), websiteId, req) +} + +func (c *Client) UpdateHttpsConfWithContext(ctx context.Context, websiteId int64, req *UpdateHttpsConfRequest) (*UpdateHttpsConfResponse, error) { + if websiteId == 0 { + return nil, fmt.Errorf("sdkerr: unset websiteId") + } + + httpreq, err := c.newRequest(http.MethodPost, fmt.Sprintf("/websites/%d/https", websiteId)) + if err != nil { + return nil, err + } else { + req.WebsiteID = websiteId + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateHttpsConfResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/v2/api_upload_website_ssl.go b/pkg/sdk3rd/1panel/v2/api_upload_website_ssl.go new file mode 100644 index 00000000..3ce50cdf --- /dev/null +++ b/pkg/sdk3rd/1panel/v2/api_upload_website_ssl.go @@ -0,0 +1,41 @@ +package onepanelv2 + +import ( + "context" + "net/http" +) + +type UploadWebsiteSSLRequest struct { + SSLID int64 `json:"sslID"` + Type string `json:"type"` + Certificate string `json:"certificate"` + CertificatePath string `json:"certificatePath"` + PrivateKey string `json:"privateKey"` + PrivateKeyPath string `json:"privateKeyPath"` + Description string `json:"description"` +} + +type UploadWebsiteSSLResponse struct { + apiResponseBase +} + +func (c *Client) UploadWebsiteSSL(req *UploadWebsiteSSLRequest) (*UploadWebsiteSSLResponse, error) { + return c.UploadWebsiteSSLWithContext(context.Background(), req) +} + +func (c *Client) UploadWebsiteSSLWithContext(ctx context.Context, req *UploadWebsiteSSLRequest) (*UploadWebsiteSSLResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/websites/ssl/upload") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UploadWebsiteSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/1panel/v2/client.go b/pkg/sdk3rd/1panel/v2/client.go new file mode 100644 index 00000000..3a74c5bf --- /dev/null +++ b/pkg/sdk3rd/1panel/v2/client.go @@ -0,0 +1,116 @@ +package onepanelv2 + +import ( + "crypto/md5" + "crypto/tls" + "encoding/hex" + "encoding/json" + "fmt" + "net/http" + "net/url" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(serverUrl, apiKey string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiKey == "" { + return nil, fmt.Errorf("sdkerr: unset apiKey") + } + + client := resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")+"/api/v2"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + timestamp := fmt.Sprintf("%d", time.Now().Unix()) + tokenMd5 := md5.Sum([]byte("1panel" + apiKey + timestamp)) + tokenMd5Hex := hex.EncodeToString(tokenMd5[:]) + req.Header.Set("1Panel-Timestamp", timestamp) + req.Header.Set("1Panel-Token", tokenMd5Hex) + + return nil + }) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode/100 != 2 { + return resp, fmt.Errorf("sdkerr: api error: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/1panel/v2/types.go b/pkg/sdk3rd/1panel/v2/types.go new file mode 100644 index 00000000..0d3f5108 --- /dev/null +++ b/pkg/sdk3rd/1panel/v2/types.go @@ -0,0 +1,29 @@ +package onepanelv2 + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code *int32 `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +func (r *apiResponseBase) GetCode() int32 { + if r.Code == nil { + return 0 + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/pkg/sdk3rd/apisix/api_update_ssl.go b/pkg/sdk3rd/apisix/api_update_ssl.go new file mode 100644 index 00000000..0894364d --- /dev/null +++ b/pkg/sdk3rd/apisix/api_update_ssl.go @@ -0,0 +1,44 @@ +package apisix + +import ( + "context" + "fmt" + "net/http" +) + +type UpdateSSLRequest struct { + Cert *string `json:"cert,omitempty"` + Key *string `json:"key,omitempty"` + SNIs *[]string `json:"snis,omitempty"` + Type *string `json:"type,omitempty"` + Status *int32 `json:"status,omitempty"` +} + +type UpdateSSLResponse struct { + apiResponseBase +} + +func (c *Client) UpdateSSL(sslId string, req *UpdateSSLRequest) (*UpdateSSLResponse, error) { + return c.UpdateSSLWithContext(context.Background(), sslId, req) +} + +func (c *Client) UpdateSSLWithContext(ctx context.Context, sslId string, req *UpdateSSLRequest) (*UpdateSSLResponse, error) { + if sslId == "" { + return nil, fmt.Errorf("sdkerr: unset sslId") + } + + httpreq, err := c.newRequest(http.MethodPut, fmt.Sprintf("/ssls/%s", sslId)) + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/apisix/client.go b/pkg/sdk3rd/apisix/client.go new file mode 100644 index 00000000..006a8f6e --- /dev/null +++ b/pkg/sdk3rd/apisix/client.go @@ -0,0 +1,106 @@ +package apisix + +import ( + "crypto/tls" + "encoding/json" + "fmt" + "net/http" + "net/url" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(serverUrl, apiKey string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiKey == "" { + return nil, fmt.Errorf("sdkerr: unset apiKey") + } + + client := resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")+"/apisix/admin"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + req.Header.Set("X-API-KEY", apiKey) + + return nil + }) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/apisix/types.go b/pkg/sdk3rd/apisix/types.go new file mode 100644 index 00000000..a2b30d4f --- /dev/null +++ b/pkg/sdk3rd/apisix/types.go @@ -0,0 +1,7 @@ +package apisix + +type apiResponse interface{} + +type apiResponseBase struct{} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/internal/pkg/sdk3rd/azure/common/config.go b/pkg/sdk3rd/azure/env/config.go similarity index 66% rename from internal/pkg/sdk3rd/azure/common/config.go rename to pkg/sdk3rd/azure/env/config.go index 45a1e490..5599df8a 100644 --- a/internal/pkg/sdk3rd/azure/common/config.go +++ b/pkg/sdk3rd/azure/env/config.go @@ -1,4 +1,4 @@ -package common +package env import ( "fmt" @@ -7,7 +7,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud" ) -func IsEnvironmentPublic(env string) bool { +func IsPublicEnv(env string) bool { switch strings.ToLower(env) { case "", "default", "public", "azurecloud": return true @@ -16,7 +16,7 @@ func IsEnvironmentPublic(env string) bool { } } -func IsEnvironmentGovernment(env string) bool { +func IsUSGovernmentEnv(env string) bool { switch strings.ToLower(env) { case "usgovernment", "government", "azureusgovernment", "azuregovernment": return true @@ -25,7 +25,7 @@ func IsEnvironmentGovernment(env string) bool { } } -func IsEnvironmentChina(env string) bool { +func IsChinaEnv(env string) bool { switch strings.ToLower(env) { case "china", "chinacloud", "azurechina", "azurechinacloud": return true @@ -34,12 +34,12 @@ func IsEnvironmentChina(env string) bool { } } -func GetCloudEnvironmentConfiguration(env string) (cloud.Configuration, error) { - if IsEnvironmentPublic(env) { +func GetCloudEnvConfiguration(env string) (cloud.Configuration, error) { + if IsPublicEnv(env) { return cloud.AzurePublic, nil - } else if IsEnvironmentGovernment(env) { + } else if IsUSGovernmentEnv(env) { return cloud.AzureGovernment, nil - } else if IsEnvironmentChina(env) { + } else if IsChinaEnv(env) { return cloud.AzureChina, nil } diff --git a/internal/pkg/sdk3rd/baiducloud/cert/api.go b/pkg/sdk3rd/baiducloud/cert/cert.go similarity index 100% rename from internal/pkg/sdk3rd/baiducloud/cert/api.go rename to pkg/sdk3rd/baiducloud/cert/cert.go diff --git a/internal/pkg/sdk3rd/baiducloud/cert/client.go b/pkg/sdk3rd/baiducloud/cert/client.go similarity index 99% rename from internal/pkg/sdk3rd/baiducloud/cert/client.go rename to pkg/sdk3rd/baiducloud/cert/client.go index 02c4feff..e2e6f150 100644 --- a/internal/pkg/sdk3rd/baiducloud/cert/client.go +++ b/pkg/sdk3rd/baiducloud/cert/client.go @@ -13,5 +13,6 @@ func NewClient(ak, sk, endPoint string) (*Client, error) { if err != nil { return nil, err } + return &Client{client}, nil } diff --git a/internal/pkg/sdk3rd/baiducloud/cert/models.go b/pkg/sdk3rd/baiducloud/cert/model.go similarity index 100% rename from internal/pkg/sdk3rd/baiducloud/cert/models.go rename to pkg/sdk3rd/baiducloud/cert/model.go diff --git a/pkg/sdk3rd/baishan/api_get_domain_config.go b/pkg/sdk3rd/baishan/api_get_domain_config.go new file mode 100644 index 00000000..bbaae26d --- /dev/null +++ b/pkg/sdk3rd/baishan/api_get_domain_config.go @@ -0,0 +1,49 @@ +package baishan + +import ( + "context" + "net/http" +) + +type GetDomainConfigRequest struct { + Domains *string `json:"domains,omitempty"` + Config *[]string `json:"config,omitempty"` +} + +type GetDomainConfigResponse struct { + apiResponseBase + + Data []*struct { + Domain string `json:"domain"` + Config *DomainConfig `json:"config"` + } `json:"data,omitempty"` +} + +func (c *Client) GetDomainConfig(req *GetDomainConfigRequest) (*GetDomainConfigResponse, error) { + return c.GetDomainConfigWithContext(context.Background(), req) +} + +func (c *Client) GetDomainConfigWithContext(ctx context.Context, req *GetDomainConfigRequest) (*GetDomainConfigResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/v2/domain/config") + if err != nil { + return nil, err + } else { + if req.Domains != nil { + httpreq.SetQueryParam("domains", *req.Domains) + } + if req.Config != nil { + for _, config := range *req.Config { + httpreq.QueryParam.Add("config[]", config) + } + } + + httpreq.SetContext(ctx) + } + + result := &GetDomainConfigResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/baishan/api_set_domain_certificate.go b/pkg/sdk3rd/baishan/api_set_domain_certificate.go new file mode 100644 index 00000000..3dd3b0b6 --- /dev/null +++ b/pkg/sdk3rd/baishan/api_set_domain_certificate.go @@ -0,0 +1,40 @@ +package baishan + +import ( + "context" + "net/http" +) + +type SetDomainCertificateRequest struct { + CertificateId *string `json:"cert_id,omitempty"` + Certificate *string `json:"certificate,omitempty"` + Key *string `json:"key,omitempty"` + Name *string `json:"name,omitempty"` +} + +type SetDomainCertificateResponse struct { + apiResponseBase + + Data *DomainCertificate `json:"data,omitempty"` +} + +func (c *Client) SetDomainCertificate(req *SetDomainCertificateRequest) (*SetDomainCertificateResponse, error) { + return c.SetDomainCertificateWithContext(context.Background(), req) +} + +func (c *Client) SetDomainCertificateWithContext(ctx context.Context, req *SetDomainCertificateRequest) (*SetDomainCertificateResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/v2/domain/certificate") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &SetDomainCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/baishan/api_set_domain_config.go b/pkg/sdk3rd/baishan/api_set_domain_config.go new file mode 100644 index 00000000..fcc876c4 --- /dev/null +++ b/pkg/sdk3rd/baishan/api_set_domain_config.go @@ -0,0 +1,40 @@ +package baishan + +import ( + "context" + "net/http" +) + +type SetDomainConfigRequest struct { + Domains *string `json:"domains,omitempty"` + Config *DomainConfig `json:"config,omitempty"` +} + +type SetDomainConfigResponse struct { + apiResponseBase + + Data *struct { + Config *DomainConfig `json:"config"` + } `json:"data,omitempty"` +} + +func (c *Client) SetDomainConfig(req *SetDomainConfigRequest) (*SetDomainConfigResponse, error) { + return c.SetDomainConfigWithContext(context.Background(), req) +} + +func (c *Client) SetDomainConfigWithContext(ctx context.Context, req *SetDomainConfigRequest) (*SetDomainConfigResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/v2/domain/config") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &SetDomainConfigResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/baishan/client.go b/pkg/sdk3rd/baishan/client.go new file mode 100644 index 00000000..fb9a1df7 --- /dev/null +++ b/pkg/sdk3rd/baishan/client.go @@ -0,0 +1,91 @@ +package baishan + +import ( + "encoding/json" + "fmt" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(apiToken string) (*Client, error) { + if apiToken == "" { + return nil, fmt.Errorf("sdkerr: unset apiToken") + } + + client := resty.New(). + SetBaseURL("https://cdn.api.baishan.com"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetHeader("Token", apiToken) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != 0 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/baishan/types.go b/pkg/sdk3rd/baishan/types.go new file mode 100644 index 00000000..b6bda59f --- /dev/null +++ b/pkg/sdk3rd/baishan/types.go @@ -0,0 +1,49 @@ +package baishan + +import "encoding/json" + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code *int32 `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +func (r *apiResponseBase) GetCode() int32 { + if r.Code == nil { + return 0 + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type DomainCertificate struct { + CertId json.Number `json:"cert_id"` + Name string `json:"name"` + CertStartTime string `json:"cert_start_time"` + CertExpireTime string `json:"cert_expire_time"` +} + +type DomainConfig struct { + Https *DomainConfigHttps `json:"https"` +} + +type DomainConfigHttps struct { + CertId json.Number `json:"cert_id"` + ForceHttps *string `json:"force_https,omitempty"` + EnableHttp2 *string `json:"http2,omitempty"` + EnableOcsp *string `json:"ocsp,omitempty"` +} diff --git a/pkg/sdk3rd/btpanel/api_config_save_panel_ssl.go b/pkg/sdk3rd/btpanel/api_config_save_panel_ssl.go new file mode 100644 index 00000000..76b343b1 --- /dev/null +++ b/pkg/sdk3rd/btpanel/api_config_save_panel_ssl.go @@ -0,0 +1,35 @@ +package btpanel + +import ( + "context" + "net/http" +) + +type ConfigSavePanelSSLRequest struct { + PrivateKey string `json:"privateKey"` + Certificate string `json:"certPem"` +} + +type ConfigSavePanelSSLResponse struct { + apiResponseBase +} + +func (c *Client) ConfigSavePanelSSL(req *ConfigSavePanelSSLRequest) (*ConfigSavePanelSSLResponse, error) { + return c.ConfigSavePanelSSLWithContext(context.Background(), req) +} + +func (c *Client) ConfigSavePanelSSLWithContext(ctx context.Context, req *ConfigSavePanelSSLRequest) (*ConfigSavePanelSSLResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/config?action=SavePanelSSL", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &ConfigSavePanelSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/btpanel/api_site_set_ssl.go b/pkg/sdk3rd/btpanel/api_site_set_ssl.go new file mode 100644 index 00000000..95b422ae --- /dev/null +++ b/pkg/sdk3rd/btpanel/api_site_set_ssl.go @@ -0,0 +1,37 @@ +package btpanel + +import ( + "context" + "net/http" +) + +type SiteSetSSLRequest struct { + Type string `json:"type"` + SiteName string `json:"siteName"` + PrivateKey string `json:"key"` + Certificate string `json:"csr"` +} + +type SiteSetSSLResponse struct { + apiResponseBase +} + +func (c *Client) SiteSetSSL(req *SiteSetSSLRequest) (*SiteSetSSLResponse, error) { + return c.SiteSetSSLWithContext(context.Background(), req) +} + +func (c *Client) SiteSetSSLWithContext(ctx context.Context, req *SiteSetSSLRequest) (*SiteSetSSLResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/site?action=SetSSL", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &SiteSetSSLResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/btpanel/api_ssl_cert_save_cert.go b/pkg/sdk3rd/btpanel/api_ssl_cert_save_cert.go new file mode 100644 index 00000000..96f5b554 --- /dev/null +++ b/pkg/sdk3rd/btpanel/api_ssl_cert_save_cert.go @@ -0,0 +1,37 @@ +package btpanel + +import ( + "context" + "net/http" +) + +type SSLCertSaveCertRequest struct { + PrivateKey string `json:"key"` + Certificate string `json:"csr"` +} + +type SSLCertSaveCertResponse struct { + apiResponseBase + + SSLHash string `json:"ssl_hash"` +} + +func (c *Client) SSLCertSaveCert(req *SSLCertSaveCertRequest) (*SSLCertSaveCertResponse, error) { + return c.SSLCertSaveCertWithContext(context.Background(), req) +} + +func (c *Client) SSLCertSaveCertWithContext(ctx context.Context, req *SSLCertSaveCertRequest) (*SSLCertSaveCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/ssl/cert/save_cert", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &SSLCertSaveCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/btpanel/api_ssl_set_batch_cert_to_site.go b/pkg/sdk3rd/btpanel/api_ssl_set_batch_cert_to_site.go new file mode 100644 index 00000000..3d5b0cfd --- /dev/null +++ b/pkg/sdk3rd/btpanel/api_ssl_set_batch_cert_to_site.go @@ -0,0 +1,44 @@ +package btpanel + +import ( + "context" + "net/http" +) + +type SSLSetBatchCertToSiteRequest struct { + BatchInfo []*SSLSetBatchCertToSiteRequestBatchInfo `json:"BatchInfo"` +} + +type SSLSetBatchCertToSiteRequestBatchInfo struct { + SSLHash string `json:"ssl_hash"` + SiteName string `json:"siteName"` + CertName string `json:"certName"` +} + +type SSLSetBatchCertToSiteResponse struct { + apiResponseBase + + TotalCount int32 `json:"total"` + SuccessCount int32 `json:"success"` + FailedCount int32 `json:"faild"` +} + +func (c *Client) SSLSetBatchCertToSite(req *SSLSetBatchCertToSiteRequest) (*SSLSetBatchCertToSiteResponse, error) { + return c.SSLSetBatchCertToSiteWithContext(context.Background(), req) +} + +func (c *Client) SSLSetBatchCertToSiteWithContext(ctx context.Context, req *SSLSetBatchCertToSiteRequest) (*SSLSetBatchCertToSiteResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/ssl?action=SetBatchCertToSite", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &SSLSetBatchCertToSiteResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/btpanel/api_system_service_admin.go b/pkg/sdk3rd/btpanel/api_system_service_admin.go new file mode 100644 index 00000000..f9c19cea --- /dev/null +++ b/pkg/sdk3rd/btpanel/api_system_service_admin.go @@ -0,0 +1,35 @@ +package btpanel + +import ( + "context" + "net/http" +) + +type SystemServiceAdminRequest struct { + Name string `json:"name"` + Type string `json:"type"` +} + +type SystemServiceAdminResponse struct { + apiResponseBase +} + +func (c *Client) SystemServiceAdmin(req *SystemServiceAdminRequest) (*SystemServiceAdminResponse, error) { + return c.SystemServiceAdminWithContext(context.Background(), req) +} + +func (c *Client) SystemServiceAdminWithContext(ctx context.Context, req *SystemServiceAdminRequest) (*SystemServiceAdminResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/system?action=ServiceAdmin", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &SystemServiceAdminResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/btpanel/client.go b/pkg/sdk3rd/btpanel/client.go new file mode 100644 index 00000000..8b8cff64 --- /dev/null +++ b/pkg/sdk3rd/btpanel/client.go @@ -0,0 +1,159 @@ +package btpanel + +import ( + "crypto/md5" + "crypto/tls" + "encoding/hex" + "encoding/json" + "fmt" + "net/url" + "reflect" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + apiKey string + + client *resty.Client +} + +func NewClient(serverUrl, apiKey string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiKey == "" { + return nil, fmt.Errorf("sdkerr: unset apiKey") + } + + client := resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/x-www-form-urlencoded"). + SetHeader("User-Agent", "certimate") + + return &Client{ + apiKey: apiKey, + client: client, + }, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string, params any) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + data := make(map[string]string) + if params != nil { + temp := make(map[string]any) + jsonb, _ := json.Marshal(params) + json.Unmarshal(jsonb, &temp) + for k, v := range temp { + if v == nil { + continue + } + + switch reflect.Indirect(reflect.ValueOf(v)).Kind() { + case reflect.String: + data[k] = v.(string) + + case reflect.Bool, reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Float32, reflect.Float64: + data[k] = fmt.Sprintf("%v", v) + + default: + if t, ok := v.(time.Time); ok { + data[k] = t.Format(time.RFC3339) + } else { + jsonb, _ := json.Marshal(v) + data[k] = string(jsonb) + } + } + } + } + + timestamp := time.Now().Unix() + data["request_time"] = fmt.Sprintf("%d", timestamp) + data["request_token"] = generateSignature(fmt.Sprintf("%d", timestamp), c.apiKey) + + req := c.client.R() + req.Method = method + req.URL = path + req.SetFormData(data) + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetBody` or `req.SetFormData` HERE! USE `newRequest` INSTEAD. + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tstatus := res.GetStatus(); tstatus != nil && !*tstatus { + if res.GetMessage() == nil { + return resp, fmt.Errorf("sdkerr: api error: unknown error") + } else { + return resp, fmt.Errorf("sdkerr: api error: message='%s'", *res.GetMessage()) + } + } + } + } + + return resp, nil +} + +func generateSignature(timestamp string, apiKey string) string { + keyMd5 := md5.Sum([]byte(apiKey)) + keyMd5Hex := strings.ToLower(hex.EncodeToString(keyMd5[:])) + + signMd5 := md5.Sum([]byte(timestamp + keyMd5Hex)) + signMd5Hex := strings.ToLower(hex.EncodeToString(signMd5[:])) + return signMd5Hex +} diff --git a/pkg/sdk3rd/btpanel/types.go b/pkg/sdk3rd/btpanel/types.go new file mode 100644 index 00000000..ecaf51d2 --- /dev/null +++ b/pkg/sdk3rd/btpanel/types.go @@ -0,0 +1,19 @@ +package btpanel + +type apiResponse interface { + GetStatus() *bool + GetMessage() *string +} + +type apiResponseBase struct { + Status *bool `json:"status,omitempty"` + Message *string `json:"msg,omitempty"` +} + +func (r *apiResponseBase) GetStatus() *bool { + return r.Status +} + +func (r *apiResponseBase) GetMessage() *string { + return r.Message +} diff --git a/pkg/sdk3rd/btwaf/api_config_set_cert.go b/pkg/sdk3rd/btwaf/api_config_set_cert.go new file mode 100644 index 00000000..1f93ec59 --- /dev/null +++ b/pkg/sdk3rd/btwaf/api_config_set_cert.go @@ -0,0 +1,36 @@ +package btwaf + +import ( + "context" + "net/http" +) + +type ConfigSetCertRequest struct { + CertContent *string `json:"certContent,omitempty"` + KeyContent *string `json:"keyContent,omitempty"` +} + +type ConfigSetCertResponse struct { + apiResponseBase +} + +func (c *Client) ConfigSetCert(req *ConfigSetCertRequest) (*ConfigSetCertResponse, error) { + return c.ConfigSetCertWithContext(context.Background(), req) +} + +func (c *Client) ConfigSetCertWithContext(ctx context.Context, req *ConfigSetCertRequest) (*ConfigSetCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/config/set_cert") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &ConfigSetCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/btwaf/api_get_site_list.go b/pkg/sdk3rd/btwaf/api_get_site_list.go new file mode 100644 index 00000000..7cb6c05d --- /dev/null +++ b/pkg/sdk3rd/btwaf/api_get_site_list.go @@ -0,0 +1,42 @@ +package btwaf + +import ( + "context" + "net/http" +) + +type GetSiteListRequest struct { + Page *int32 `json:"p,omitempty"` + PageSize *int32 `json:"p_size,omitempty"` + SiteName *string `json:"site_name,omitempty"` +} + +type GetSiteListResponse struct { + apiResponseBase + + Result *struct { + List []*SiteRecord `json:"list"` + Total int32 `json:"total"` + } `json:"res,omitempty"` +} + +func (c *Client) GetSiteList(req *GetSiteListRequest) (*GetSiteListResponse, error) { + return c.GetSiteListWithContext(context.Background(), req) +} + +func (c *Client) GetSiteListWithContext(ctx context.Context, req *GetSiteListRequest) (*GetSiteListResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/wafmastersite/get_site_list") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &GetSiteListResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/btwaf/api_modify_site.go b/pkg/sdk3rd/btwaf/api_modify_site.go new file mode 100644 index 00000000..516277ec --- /dev/null +++ b/pkg/sdk3rd/btwaf/api_modify_site.go @@ -0,0 +1,37 @@ +package btwaf + +import ( + "context" + "net/http" +) + +type ModifySiteRequest struct { + SiteId *string `json:"site_id,omitempty"` + Type *string `json:"types,omitempty"` + Server *SiteServerInfo `json:"server,omitempty"` +} + +type ModifySiteResponse struct { + apiResponseBase +} + +func (c *Client) ModifySite(req *ModifySiteRequest) (*ModifySiteResponse, error) { + return c.ModifySiteWithContext(context.Background(), req) +} + +func (c *Client) ModifySiteWithContext(ctx context.Context, req *ModifySiteRequest) (*ModifySiteResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/wafmastersite/modify_site") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &ModifySiteResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/btwaf/client.go b/pkg/sdk3rd/btwaf/client.go new file mode 100644 index 00000000..a3be8ae9 --- /dev/null +++ b/pkg/sdk3rd/btwaf/client.go @@ -0,0 +1,118 @@ +package btwaf + +import ( + "crypto/md5" + "crypto/tls" + "encoding/hex" + "encoding/json" + "fmt" + "net/http" + "net/url" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(serverUrl, apiKey string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiKey == "" { + return nil, fmt.Errorf("sdkerr: unset apiKey") + } + + client := resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")+"/api"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + timestamp := fmt.Sprintf("%d", time.Now().Unix()) + keyMd5 := md5.Sum([]byte(apiKey)) + keyMd5Hex := strings.ToLower(hex.EncodeToString(keyMd5[:])) + signMd5 := md5.Sum([]byte(timestamp + keyMd5Hex)) + signMd5Hex := strings.ToLower(hex.EncodeToString(signMd5[:])) + req.Header.Set("waf_request_time", timestamp) + req.Header.Set("waf_request_token", signMd5Hex) + + return nil + }) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if code := res.GetCode(); code != 0 { + return resp, fmt.Errorf("sdkerr: api error: code='%d'", code) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/btwaf/types.go b/pkg/sdk3rd/btwaf/types.go new file mode 100644 index 00000000..8c75a44b --- /dev/null +++ b/pkg/sdk3rd/btwaf/types.go @@ -0,0 +1,39 @@ +package btwaf + +type apiResponse interface { + GetCode() int32 +} + +type apiResponseBase struct { + Code *int32 `json:"code,omitempty"` +} + +func (r *apiResponseBase) GetCode() int32 { + if r.Code == nil { + return 0 + } + + return *r.Code +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type SiteRecord struct { + SiteId string `json:"site_id"` + SiteName string `json:"site_name"` + Type string `json:"types"` + Status int32 `json:"status"` + CreateTime int64 `json:"create_time"` + UpdateTime int64 `json:"update_time"` +} + +type SiteServerInfo struct { + ListenSSLPorts *[]int32 `json:"listen_ssl_port,omitempty"` + SSL *SiteServerSSLInfo `json:"ssl,omitempty"` +} + +type SiteServerSSLInfo struct { + IsSSL *int32 `json:"is_ssl,omitempty"` + FullChain *string `json:"full_chain,omitempty"` + PrivateKey *string `json:"private_key,omitempty"` +} diff --git a/pkg/sdk3rd/bunny/api_add_custom_certificate.go b/pkg/sdk3rd/bunny/api_add_custom_certificate.go new file mode 100644 index 00000000..5950928d --- /dev/null +++ b/pkg/sdk3rd/bunny/api_add_custom_certificate.go @@ -0,0 +1,38 @@ +package bunny + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type AddCustomCertificateRequest struct { + Hostname string `json:"Hostname"` + Certificate string `json:"Certificate"` + CertificateKey string `json:"CertificateKey"` +} + +func (c *Client) AddCustomCertificate(pullZoneId string, req *AddCustomCertificateRequest) error { + return c.AddCustomCertificateWithContext(context.Background(), pullZoneId, req) +} + +func (c *Client) AddCustomCertificateWithContext(ctx context.Context, pullZoneId string, req *AddCustomCertificateRequest) error { + if pullZoneId == "" { + return fmt.Errorf("sdkerr: unset pullZoneId") + } + + httpreq, err := c.newRequest(http.MethodPost, fmt.Sprintf("/pullzone/%s/addCertificate", url.PathEscape(pullZoneId))) + if err != nil { + return err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + if _, err := c.doRequest(httpreq); err != nil { + return err + } + + return nil +} diff --git a/pkg/sdk3rd/bunny/client.go b/pkg/sdk3rd/bunny/client.go new file mode 100644 index 00000000..4382164e --- /dev/null +++ b/pkg/sdk3rd/bunny/client.go @@ -0,0 +1,64 @@ +package bunny + +import ( + "fmt" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(apiToken string) (*Client, error) { + if apiToken == "" { + return nil, fmt.Errorf("sdkerr: unset apiToken") + } + + client := resty.New(). + SetBaseURL("https://api.bunny.net"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetHeader("AccessKey", apiToken) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} diff --git a/pkg/sdk3rd/cachefly/api_create_certificate.go b/pkg/sdk3rd/cachefly/api_create_certificate.go new file mode 100644 index 00000000..833141dc --- /dev/null +++ b/pkg/sdk3rd/cachefly/api_create_certificate.go @@ -0,0 +1,50 @@ +package cachefly + +import ( + "context" + "net/http" +) + +type CreateCertificateRequest struct { + Certificate *string `json:"certificate,omitempty"` + CertificateKey *string `json:"certificateKey,omitempty"` + Password *string `json:"password,omitempty"` +} + +type CreateCertificateResponse struct { + apiResponseBase + + Id string `json:"_id"` + SubjectCommonName string `json:"subjectCommonName"` + SubjectNames []string `json:"subjectNames"` + Expired bool `json:"expired"` + Expiring bool `json:"expiring"` + InUse bool `json:"inUse"` + Managed bool `json:"managed"` + Services []string `json:"services"` + Domains []string `json:"domains"` + NotBefore string `json:"notBefore"` + NotAfter string `json:"notAfter"` + CreatedAt string `json:"createdAt"` +} + +func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { + return c.CreateCertificateWithContext(context.Background(), req) +} + +func (c *Client) CreateCertificateWithContext(ctx context.Context, req *CreateCertificateRequest) (*CreateCertificateResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/certificates") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &CreateCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/cachefly/client.go b/pkg/sdk3rd/cachefly/client.go new file mode 100644 index 00000000..ecce8161 --- /dev/null +++ b/pkg/sdk3rd/cachefly/client.go @@ -0,0 +1,87 @@ +package cachefly + +import ( + "encoding/json" + "fmt" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(apiToken string) (*Client, error) { + if apiToken == "" { + return nil, fmt.Errorf("sdkerr: unset apiToken") + } + + client := resty.New(). + SetBaseURL("https://api.cachefly.com/api/2.5"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetHeader("X-CF-Authorization", "Bearer "+apiToken) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/cachefly/types.go b/pkg/sdk3rd/cachefly/types.go new file mode 100644 index 00000000..98b39dfa --- /dev/null +++ b/pkg/sdk3rd/cachefly/types.go @@ -0,0 +1,19 @@ +package cachefly + +type apiResponse interface { + GetMessage() string +} + +type apiResponseBase struct { + Message *string `json:"message,omitempty"` +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/pkg/sdk3rd/cdnfly/api_create_cert.go b/pkg/sdk3rd/cdnfly/api_create_cert.go new file mode 100644 index 00000000..3dcd9558 --- /dev/null +++ b/pkg/sdk3rd/cdnfly/api_create_cert.go @@ -0,0 +1,41 @@ +package cdnfly + +import ( + "context" + "net/http" +) + +type CreateCertRequest struct { + Name *string `json:"name,omitempty"` + Description *string `json:"des,omitempty"` + Type *string `json:"type,omitempty"` + Cert *string `json:"cert,omitempty"` + Key *string `json:"key,omitempty"` +} + +type CreateCertResponse struct { + apiResponseBase + + Data string `json:"data"` +} + +func (c *Client) CreateCert(req *CreateCertRequest) (*CreateCertResponse, error) { + return c.CreateCertWithContext(context.Background(), req) +} + +func (c *Client) CreateCertWithContext(ctx context.Context, req *CreateCertRequest) (*CreateCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/certs") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &CreateCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/cdnfly/api_get_site.go b/pkg/sdk3rd/cdnfly/api_get_site.go new file mode 100644 index 00000000..50d45d7c --- /dev/null +++ b/pkg/sdk3rd/cdnfly/api_get_site.go @@ -0,0 +1,43 @@ +package cdnfly + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type GetSiteResponse struct { + apiResponseBase + + Data *struct { + Id int64 `json:"id"` + Name string `json:"name"` + Domain string `json:"domain"` + HttpsListen string `json:"https_listen"` + } `json:"data,omitempty"` +} + +func (c *Client) GetSite(siteId string) (*GetSiteResponse, error) { + return c.GetSiteWithContext(context.Background(), siteId) +} + +func (c *Client) GetSiteWithContext(ctx context.Context, siteId string) (*GetSiteResponse, error) { + if siteId == "" { + return nil, fmt.Errorf("sdkerr: unset siteId") + } + + httpreq, err := c.newRequest(http.MethodGet, fmt.Sprintf("/sites/%s", url.PathEscape(siteId))) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &GetSiteResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/cdnfly/api_update_cert.go b/pkg/sdk3rd/cdnfly/api_update_cert.go new file mode 100644 index 00000000..9ad676ee --- /dev/null +++ b/pkg/sdk3rd/cdnfly/api_update_cert.go @@ -0,0 +1,46 @@ +package cdnfly + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type UpdateCertRequest struct { + Name *string `json:"name,omitempty"` + Description *string `json:"des,omitempty"` + Type *string `json:"type,omitempty"` + Cert *string `json:"cert,omitempty"` + Key *string `json:"key,omitempty"` + Enable *bool `json:"enable,omitempty"` +} + +type UpdateCertResponse struct { + apiResponseBase +} + +func (c *Client) UpdateCert(certId string, req *UpdateCertRequest) (*UpdateCertResponse, error) { + return c.UpdateCertWithContext(context.Background(), certId, req) +} + +func (c *Client) UpdateCertWithContext(ctx context.Context, certId string, req *UpdateCertRequest) (*UpdateCertResponse, error) { + if certId == "" { + return nil, fmt.Errorf("sdkerr: unset certId") + } + + httpreq, err := c.newRequest(http.MethodPut, fmt.Sprintf("/certs/%s", url.PathEscape(certId))) + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/cdnfly/api_update_site.go b/pkg/sdk3rd/cdnfly/api_update_site.go new file mode 100644 index 00000000..2a0ede20 --- /dev/null +++ b/pkg/sdk3rd/cdnfly/api_update_site.go @@ -0,0 +1,42 @@ +package cdnfly + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type UpdateSiteRequest struct { + HttpsListen *string `json:"https_listen,omitempty"` + Enable *bool `json:"enable,omitempty"` +} + +type UpdateSiteResponse struct { + apiResponseBase +} + +func (c *Client) UpdateSite(siteId string, req *UpdateSiteRequest) (*UpdateSiteResponse, error) { + return c.UpdateSiteWithContext(context.Background(), siteId, req) +} + +func (c *Client) UpdateSiteWithContext(ctx context.Context, siteId string, req *UpdateSiteRequest) (*UpdateSiteResponse, error) { + if siteId == "" { + return nil, fmt.Errorf("sdkerr: unset siteId") + } + + httpreq, err := c.newRequest(http.MethodPut, fmt.Sprintf("/sites/%s", url.PathEscape(siteId))) + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateSiteResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/cdnfly/client.go b/pkg/sdk3rd/cdnfly/client.go new file mode 100644 index 00000000..7bd98613 --- /dev/null +++ b/pkg/sdk3rd/cdnfly/client.go @@ -0,0 +1,109 @@ +package cdnfly + +import ( + "crypto/tls" + "encoding/json" + "fmt" + "net/url" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(serverUrl, apiKey, apiSecret string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiKey == "" { + return nil, fmt.Errorf("sdkerr: unset apiKey") + } + if apiSecret == "" { + return nil, fmt.Errorf("sdkerr: unset apiSecret") + } + + client := resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")+"/v1"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetHeader("API-Key", apiKey). + SetHeader("API-Secret", apiSecret) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != "" && tcode != "0" { + return resp, fmt.Errorf("sdkerr: code='%s', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/cdnfly/types.go b/pkg/sdk3rd/cdnfly/types.go new file mode 100644 index 00000000..fff2c271 --- /dev/null +++ b/pkg/sdk3rd/cdnfly/types.go @@ -0,0 +1,46 @@ +package cdnfly + +import ( + "bytes" + "encoding/json" + "strconv" +) + +type apiResponse interface { + GetCode() string + GetMessage() string +} + +type apiResponseBase struct { + Code json.RawMessage `json:"code"` + Message string `json:"msg"` +} + +func (r *apiResponseBase) GetCode() string { + if r.Code == nil { + return "" + } + + decoder := json.NewDecoder(bytes.NewReader(r.Code)) + token, err := decoder.Token() + if err != nil { + return "" + } + + switch t := token.(type) { + case string: + return t + case float64: + return strconv.FormatFloat(t, 'f', -1, 64) + case json.Number: + return t.String() + default: + return "" + } +} + +func (r *apiResponseBase) GetMessage() string { + return r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/internal/pkg/sdk3rd/cmcc/README.md b/pkg/sdk3rd/cmcc/README.md similarity index 100% rename from internal/pkg/sdk3rd/cmcc/README.md rename to pkg/sdk3rd/cmcc/README.md diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/client.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/client.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/client.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/client.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/go.mod b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/go.mod similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/go.mod rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/go.mod diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_request.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response_tags.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response_tags.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response_tags.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_openapi_response_tags.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_request.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response_tags.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response_tags.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response_tags.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/create_record_response_tags.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_request.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_response.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_response_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_response_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_response_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_openapi_response_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_request.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_response.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_response_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_response_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_response_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/delete_record_response_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_query.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_query.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_query.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_query.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_request.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_data.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_data.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_data.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_data.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_tags.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_tags.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_tags.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_openapi_response_tags.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_query.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_query.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_query.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_query.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_request.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response_results.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response_results.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response_results.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/list_record_response_results.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_request.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response_tags.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response_tags.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response_tags.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_openapi_response_tags.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_request.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_response.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_response_body.go b/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_response_body.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_response_body.go rename to pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1/model/modify_record_response_body.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/api_client.go b/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/api_client.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/api_client.go rename to pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/api_client.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/api_response.go b/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/api_response.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/api_response.go rename to pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/api_response.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/config/config.go b/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/config/config.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/config/config.go rename to pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/config/config.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/configuration.go b/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/configuration.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/configuration.go rename to pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/configuration.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/go.mod b/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/go.mod similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/go.mod rename to pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/go.mod diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/http_request.go b/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/http_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/http_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/http_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/open_api_request.go b/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/open_api_request.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/open_api_request.go rename to pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/open_api_request.go diff --git a/internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/position/http_position.go b/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/position/http_position.go similarity index 100% rename from internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/position/http_position.go rename to pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0/position/http_position.go diff --git a/pkg/sdk3rd/ctyun/ao/api_create_cert.go b/pkg/sdk3rd/ctyun/ao/api_create_cert.go new file mode 100644 index 00000000..eecc7267 --- /dev/null +++ b/pkg/sdk3rd/ctyun/ao/api_create_cert.go @@ -0,0 +1,41 @@ +package ao + +import ( + "context" + "net/http" +) + +type CreateCertRequest struct { + Name *string `json:"name,omitempty"` + Certs *string `json:"certs,omitempty"` + Key *string `json:"key,omitempty"` +} + +type CreateCertResponse struct { + apiResponseBase + + ReturnObj *struct { + Id int64 `json:"id"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) CreateCert(req *CreateCertRequest) (*CreateCertResponse, error) { + return c.CreateCertWithContext(context.Background(), req) +} + +func (c *Client) CreateCertWithContext(ctx context.Context, req *CreateCertRequest) (*CreateCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/ctapi/v1/accessone/cert/create") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &CreateCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/ao/api_get_domain_config.go b/pkg/sdk3rd/ctyun/ao/api_get_domain_config.go new file mode 100644 index 00000000..01c007ab --- /dev/null +++ b/pkg/sdk3rd/ctyun/ao/api_get_domain_config.go @@ -0,0 +1,48 @@ +package ao + +import ( + "context" + "net/http" +) + +type GetDomainConfigRequest struct { + Domain *string `json:"domain,omitempty"` + ProductCode *string `json:"product_code,omitempty"` +} + +type GetDomainConfigResponse struct { + apiResponseBase + + ReturnObj *struct { + Domain string `json:"domain"` + ProductCode string `json:"product_code"` + Status int32 `json:"status"` + AreaScope int32 `json:"area_scope"` + Cname string `json:"cname"` + Origin []*DomainOriginConfig `json:"origin,omitempty"` + HttpsStatus string `json:"https_status"` + HttpsBasic *DomainHttpsBasicConfig `json:"https_basic,omitempty"` + CertName string `json:"cert_name"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) GetDomainConfig(req *GetDomainConfigRequest) (*GetDomainConfigResponse, error) { + return c.GetDomainConfigWithContext(context.Background(), req) +} + +func (c *Client) GetDomainConfigWithContext(ctx context.Context, req *GetDomainConfigRequest) (*GetDomainConfigResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/ctapi/v1/accessone/domain/config") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &GetDomainConfigResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/ao/api_list_certs.go b/pkg/sdk3rd/ctyun/ao/api_list_certs.go new file mode 100644 index 00000000..a77cd377 --- /dev/null +++ b/pkg/sdk3rd/ctyun/ao/api_list_certs.go @@ -0,0 +1,55 @@ +package ao + +import ( + "context" + "net/http" + "strconv" +) + +type ListCertsRequest struct { + Page *int32 `json:"page,omitempty"` + PerPage *int32 `json:"per_page,omitempty"` + UsageMode *int32 `json:"usage_mode,omitempty"` +} + +type ListCertsResponse struct { + apiResponseBase + + ReturnObj *struct { + Results []*CertRecord `json:"result,omitempty"` + Page int32 `json:"page,omitempty"` + PerPage int32 `json:"per_page,omitempty"` + TotalPage int32 `json:"total_page,omitempty"` + TotalRecords int32 `json:"total_records,omitempty"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) ListCerts(req *ListCertsRequest) (*ListCertsResponse, error) { + return c.ListCertsWithContext(context.Background(), req) +} + +func (c *Client) ListCertsWithContext(ctx context.Context, req *ListCertsRequest) (*ListCertsResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/ctapi/v1/accessone/cert/list") + if err != nil { + return nil, err + } else { + if req.Page != nil { + httpreq.SetQueryParam("page", strconv.Itoa(int(*req.Page))) + } + if req.PerPage != nil { + httpreq.SetQueryParam("per_page", strconv.Itoa(int(*req.PerPage))) + } + if req.UsageMode != nil { + httpreq.SetQueryParam("usage_mode", strconv.Itoa(int(*req.UsageMode))) + } + + httpreq.SetContext(ctx) + } + + result := &ListCertsResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/ao/api_modify_domain_config.go b/pkg/sdk3rd/ctyun/ao/api_modify_domain_config.go new file mode 100644 index 00000000..ef407e99 --- /dev/null +++ b/pkg/sdk3rd/ctyun/ao/api_modify_domain_config.go @@ -0,0 +1,40 @@ +package ao + +import ( + "context" + "net/http" +) + +type ModifyDomainConfigRequest struct { + Domain *string `json:"domain,omitempty"` + ProductCode *string `json:"product_code,omitempty"` + Origin []*DomainOriginConfig `json:"origin,omitempty"` + HttpsStatus *string `json:"https_status,omitempty"` + HttpsBasic *DomainHttpsBasicConfig `json:"https_basic,omitempty"` + CertName *string `json:"cert_name,omitempty"` +} + +type ModifyDomainConfigResponse struct { + apiResponseBase +} + +func (c *Client) ModifyDomainConfig(req *ModifyDomainConfigRequest) (*ModifyDomainConfigResponse, error) { + return c.ModifyDomainConfigWithContext(context.Background(), req) +} + +func (c *Client) ModifyDomainConfigWithContext(ctx context.Context, req *ModifyDomainConfigRequest) (*ModifyDomainConfigResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/ctapi/v1/accessone/domain/modify_config") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &ModifyDomainConfigResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/ao/api_query_cert.go b/pkg/sdk3rd/ctyun/ao/api_query_cert.go new file mode 100644 index 00000000..3493cdbe --- /dev/null +++ b/pkg/sdk3rd/ctyun/ao/api_query_cert.go @@ -0,0 +1,51 @@ +package ao + +import ( + "context" + "net/http" + "strconv" +) + +type QueryCertRequest struct { + Id *int64 `json:"id,omitempty"` + Name *string `json:"name,omitempty"` + UsageMode *int32 `json:"usage_mode,omitempty"` +} + +type QueryCertResponse struct { + apiResponseBase + + ReturnObj *struct { + Result *CertDetail `json:"result,omitempty"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) QueryCert(req *QueryCertRequest) (*QueryCertResponse, error) { + return c.QueryCertWithContext(context.Background(), req) +} + +func (c *Client) QueryCertWithContext(ctx context.Context, req *QueryCertRequest) (*QueryCertResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/ctapi/v1/accessone/cert/query") + if err != nil { + return nil, err + } else { + if req.Id != nil { + httpreq.SetQueryParam("id", strconv.Itoa(int(*req.Id))) + } + if req.Name != nil { + httpreq.SetQueryParam("name", *req.Name) + } + if req.UsageMode != nil { + httpreq.SetQueryParam("usage_mode", strconv.Itoa(int(*req.UsageMode))) + } + + httpreq.SetContext(ctx) + } + + result := &QueryCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/ao/client.go b/pkg/sdk3rd/ctyun/ao/client.go new file mode 100644 index 00000000..6e63e531 --- /dev/null +++ b/pkg/sdk3rd/ctyun/ao/client.go @@ -0,0 +1,48 @@ +package ao + +import ( + "fmt" + "time" + + "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/openapi" + "github.com/go-resty/resty/v2" +) + +const endpoint = "https://accessone-global.ctapi.ctyun.cn" + +type Client struct { + client *openapi.Client +} + +func NewClient(accessKeyId, secretAccessKey string) (*Client, error) { + client, err := openapi.NewClient(endpoint, accessKeyId, secretAccessKey) + if err != nil { + return nil, err + } + + return &Client{client: client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + return c.client.NewRequest(method, path) +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + resp, err := c.client.DoRequestWithResult(req, res) + if err == nil { + if tcode := res.GetStatusCode(); tcode != "" && tcode != "100000" { + return resp, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", tcode, res.GetMessage(), res.GetMessage(), res.GetErrorMessage()) + } + } + + return resp, err +} diff --git a/pkg/sdk3rd/ctyun/ao/types.go b/pkg/sdk3rd/ctyun/ao/types.go new file mode 100644 index 00000000..c706afd9 --- /dev/null +++ b/pkg/sdk3rd/ctyun/ao/types.go @@ -0,0 +1,101 @@ +package ao + +import ( + "bytes" + "encoding/json" + "strconv" +) + +type apiResponse interface { + GetStatusCode() string + GetMessage() string + GetError() string + GetErrorMessage() string +} + +type apiResponseBase struct { + StatusCode json.RawMessage `json:"statusCode,omitempty"` + Message *string `json:"message,omitempty"` + Error *string `json:"error,omitempty"` + ErrorMessage *string `json:"errorMessage,omitempty"` + RequestId *string `json:"requestId,omitempty"` +} + +func (r *apiResponseBase) GetStatusCode() string { + if r.StatusCode == nil { + return "" + } + + decoder := json.NewDecoder(bytes.NewReader(r.StatusCode)) + token, err := decoder.Token() + if err != nil { + return "" + } + + switch t := token.(type) { + case string: + return t + case float64: + return strconv.FormatFloat(t, 'f', -1, 64) + case json.Number: + return t.String() + default: + return "" + } +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +func (r *apiResponseBase) GetError() string { + if r.Error == nil { + return "" + } + + return *r.Error +} + +func (r *apiResponseBase) GetErrorMessage() string { + if r.ErrorMessage == nil { + return "" + } + + return *r.ErrorMessage +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type CertRecord struct { + Id int64 `json:"id"` + Name string `json:"name"` + CN string `json:"cn"` + SANs []string `json:"sans"` + UsageMode int32 `json:"usage_mode"` + State int32 `json:"state"` + ExpiresTime int64 `json:"expires"` + IssueTime int64 `json:"issue"` + Issuer string `json:"issuer"` + CreatedTime int64 `json:"created"` +} + +type CertDetail struct { + CertRecord + Certs string `json:"certs"` + Key string `json:"key"` +} + +type DomainOriginConfig struct { + Origin string `json:"origin"` + Role string `json:"role"` + Weight int32 `json:"weight"` +} + +type DomainHttpsBasicConfig struct { + HttpsForce string `json:"https_force"` + ForceStatus string `json:"force_status"` +} diff --git a/pkg/sdk3rd/ctyun/cdn/api_create_cert.go b/pkg/sdk3rd/ctyun/cdn/api_create_cert.go new file mode 100644 index 00000000..33d45892 --- /dev/null +++ b/pkg/sdk3rd/ctyun/cdn/api_create_cert.go @@ -0,0 +1,41 @@ +package cdn + +import ( + "context" + "net/http" +) + +type CreateCertRequest struct { + Name *string `json:"name,omitempty"` + Certs *string `json:"certs,omitempty"` + Key *string `json:"key,omitempty"` +} + +type CreateCertResponse struct { + apiResponseBase + + ReturnObj *struct { + Id int64 `json:"id"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) CreateCert(req *CreateCertRequest) (*CreateCertResponse, error) { + return c.CreateCertWithContext(context.Background(), req) +} + +func (c *Client) CreateCertWithContext(ctx context.Context, req *CreateCertRequest) (*CreateCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/v1/cert/creat-cert") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &CreateCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/cdn/api_query_cert_detail.go b/pkg/sdk3rd/ctyun/cdn/api_query_cert_detail.go new file mode 100644 index 00000000..a2998ea4 --- /dev/null +++ b/pkg/sdk3rd/ctyun/cdn/api_query_cert_detail.go @@ -0,0 +1,51 @@ +package cdn + +import ( + "context" + "net/http" + "strconv" +) + +type QueryCertDetailRequest struct { + Id *int64 `json:"id,omitempty"` + Name *string `json:"name,omitempty"` + UsageMode *int32 `json:"usage_mode,omitempty"` +} + +type QueryCertDetailResponse struct { + apiResponseBase + + ReturnObj *struct { + Result *CertDetail `json:"result,omitempty"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) QueryCertDetail(req *QueryCertDetailRequest) (*QueryCertDetailResponse, error) { + return c.QueryCertDetailWithContext(context.Background(), req) +} + +func (c *Client) QueryCertDetailWithContext(ctx context.Context, req *QueryCertDetailRequest) (*QueryCertDetailResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/v1/cert/query-cert-detail") + if err != nil { + return nil, err + } else { + if req.Id != nil { + httpreq.SetQueryParam("id", strconv.Itoa(int(*req.Id))) + } + if req.Name != nil { + httpreq.SetQueryParam("name", *req.Name) + } + if req.UsageMode != nil { + httpreq.SetQueryParam("usage_mode", strconv.Itoa(int(*req.UsageMode))) + } + + httpreq.SetContext(ctx) + } + + result := &QueryCertDetailResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/cdn/api_query_cert_list.go b/pkg/sdk3rd/ctyun/cdn/api_query_cert_list.go new file mode 100644 index 00000000..3c09696d --- /dev/null +++ b/pkg/sdk3rd/ctyun/cdn/api_query_cert_list.go @@ -0,0 +1,55 @@ +package cdn + +import ( + "context" + "net/http" + "strconv" +) + +type QueryCertListRequest struct { + Page *int32 `json:"page,omitempty"` + PerPage *int32 `json:"per_page,omitempty"` + UsageMode *int32 `json:"usage_mode,omitempty"` +} + +type QueryCertListResponse struct { + apiResponseBase + + ReturnObj *struct { + Results []*CertRecord `json:"result,omitempty"` + Page int32 `json:"page,omitempty"` + PerPage int32 `json:"per_page,omitempty"` + TotalPage int32 `json:"total_page,omitempty"` + TotalRecords int32 `json:"total_records,omitempty"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) QueryCertList(req *QueryCertListRequest) (*QueryCertListResponse, error) { + return c.QueryCertListWithContext(context.Background(), req) +} + +func (c *Client) QueryCertListWithContext(ctx context.Context, req *QueryCertListRequest) (*QueryCertListResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/v1/cert/query-cert-list") + if err != nil { + return nil, err + } else { + if req.Page != nil { + httpreq.SetQueryParam("page", strconv.Itoa(int(*req.Page))) + } + if req.PerPage != nil { + httpreq.SetQueryParam("per_page", strconv.Itoa(int(*req.PerPage))) + } + if req.UsageMode != nil { + httpreq.SetQueryParam("usage_mode", strconv.Itoa(int(*req.UsageMode))) + } + + httpreq.SetContext(ctx) + } + + result := &QueryCertListResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/cdn/api_query_domain_detail.go b/pkg/sdk3rd/ctyun/cdn/api_query_domain_detail.go new file mode 100644 index 00000000..f66cc44a --- /dev/null +++ b/pkg/sdk3rd/ctyun/cdn/api_query_domain_detail.go @@ -0,0 +1,64 @@ +package cdn + +import ( + "context" + "net/http" +) + +type QueryDomainDetailRequest struct { + Domain *string `json:"domain,omitempty"` + ProductCode *string `json:"product_code,omitempty"` + FunctionNames *string `json:"function_names,omitempty"` +} + +type QueryDomainDetailResponse struct { + apiResponseBase + + ReturnObj *struct { + Domain string `json:"domain"` + ProductCode string `json:"product_code"` + Status int32 `json:"status"` + AreaScope int32 `json:"area_scope"` + Cname string `json:"cname"` + HttpsStatus string `json:"https_status"` + HttpsBasic *struct { + HttpsForce string `json:"https_force"` + HttpForce string `json:"http_force"` + ForceStatus string `json:"force_status"` + OriginProtocol string `json:"origin_protocol"` + } `json:"https_basic,omitempty"` + CertName string `json:"cert_name"` + Ssl string `json:"ssl"` + SslStapling string `json:"ssl_stapling"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) QueryDomainDetail(req *QueryDomainDetailRequest) (*QueryDomainDetailResponse, error) { + return c.QueryDomainDetailWithContext(context.Background(), req) +} + +func (c *Client) QueryDomainDetailWithContext(ctx context.Context, req *QueryDomainDetailRequest) (*QueryDomainDetailResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/v1/domain/query-domain-detail") + if err != nil { + return nil, err + } else { + if req.Domain != nil { + httpreq.SetQueryParam("domain", *req.Domain) + } + if req.ProductCode != nil { + httpreq.SetQueryParam("product_code", *req.ProductCode) + } + if req.FunctionNames != nil { + httpreq.SetQueryParam("function_names", *req.FunctionNames) + } + + httpreq.SetContext(ctx) + } + + result := &QueryDomainDetailResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/cdn/api_update_domain.go b/pkg/sdk3rd/ctyun/cdn/api_update_domain.go new file mode 100644 index 00000000..5b90721e --- /dev/null +++ b/pkg/sdk3rd/ctyun/cdn/api_update_domain.go @@ -0,0 +1,37 @@ +package cdn + +import ( + "context" + "net/http" +) + +type UpdateDomainRequest struct { + Domain *string `json:"domain,omitempty"` + HttpsStatus *string `json:"https_status,omitempty"` + CertName *string `json:"cert_name,omitempty"` +} + +type UpdateDomainResponse struct { + apiResponseBase +} + +func (c *Client) UpdateDomain(req *UpdateDomainRequest) (*UpdateDomainResponse, error) { + return c.UpdateDomainWithContext(context.Background(), req) +} + +func (c *Client) UpdateDomainWithContext(ctx context.Context, req *UpdateDomainRequest) (*UpdateDomainResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/v1/domain/update-domain") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateDomainResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/cdn/client.go b/pkg/sdk3rd/ctyun/cdn/client.go new file mode 100644 index 00000000..af147095 --- /dev/null +++ b/pkg/sdk3rd/ctyun/cdn/client.go @@ -0,0 +1,48 @@ +package cdn + +import ( + "fmt" + "time" + + "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/openapi" + "github.com/go-resty/resty/v2" +) + +const endpoint = "https://ctcdn-global.ctapi.ctyun.cn" + +type Client struct { + client *openapi.Client +} + +func NewClient(accessKeyId, secretAccessKey string) (*Client, error) { + client, err := openapi.NewClient(endpoint, accessKeyId, secretAccessKey) + if err != nil { + return nil, err + } + + return &Client{client: client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + return c.client.NewRequest(method, path) +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + resp, err := c.client.DoRequestWithResult(req, res) + if err == nil { + if tcode := res.GetStatusCode(); tcode != "" && tcode != "100000" { + return resp, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", tcode, res.GetMessage(), res.GetMessage(), res.GetErrorMessage()) + } + } + + return resp, err +} diff --git a/pkg/sdk3rd/ctyun/cdn/types.go b/pkg/sdk3rd/ctyun/cdn/types.go new file mode 100644 index 00000000..32054a0c --- /dev/null +++ b/pkg/sdk3rd/ctyun/cdn/types.go @@ -0,0 +1,90 @@ +package cdn + +import ( + "bytes" + "encoding/json" + "strconv" +) + +type apiResponse interface { + GetStatusCode() string + GetMessage() string + GetError() string + GetErrorMessage() string +} + +type apiResponseBase struct { + StatusCode json.RawMessage `json:"statusCode,omitempty"` + Message *string `json:"message,omitempty"` + Error *string `json:"error,omitempty"` + ErrorMessage *string `json:"errorMessage,omitempty"` + RequestId *string `json:"requestId,omitempty"` +} + +func (r *apiResponseBase) GetStatusCode() string { + if r.StatusCode == nil { + return "" + } + + decoder := json.NewDecoder(bytes.NewReader(r.StatusCode)) + token, err := decoder.Token() + if err != nil { + return "" + } + + switch t := token.(type) { + case string: + return t + case float64: + return strconv.FormatFloat(t, 'f', -1, 64) + case json.Number: + return t.String() + default: + return "" + } +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +func (r *apiResponseBase) GetError() string { + if r.Error == nil { + return "" + } + + return *r.Error +} + +func (r *apiResponseBase) GetErrorMessage() string { + if r.ErrorMessage == nil { + return "" + } + + return *r.ErrorMessage +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type CertRecord struct { + Id int64 `json:"id"` + Name string `json:"name"` + CN string `json:"cn"` + SANs []string `json:"sans"` + UsageMode int32 `json:"usage_mode"` + State int32 `json:"state"` + ExpiresTime int64 `json:"expires"` + IssueTime int64 `json:"issue"` + Issuer string `json:"issuer"` + CreatedTime int64 `json:"created"` +} + +type CertDetail struct { + CertRecord + Certs string `json:"certs"` + Key string `json:"key"` +} diff --git a/pkg/sdk3rd/ctyun/cms/api_get_certificate_list.go b/pkg/sdk3rd/ctyun/cms/api_get_certificate_list.go new file mode 100644 index 00000000..a5de5a60 --- /dev/null +++ b/pkg/sdk3rd/ctyun/cms/api_get_certificate_list.go @@ -0,0 +1,44 @@ +package cms + +import ( + "context" + "net/http" +) + +type GetCertificateListRequest struct { + Status *string `json:"status,omitempty"` + Keyword *string `json:"keyword,omitempty"` + PageNum *int32 `json:"pageNum,omitempty"` + PageSize *int32 `json:"pageSize,omitempty"` + Origin *string `json:"origin,omitempty"` +} + +type GetCertificateListResponse struct { + apiResponseBase + + ReturnObj *struct { + List []*CertificateRecord `json:"list,omitempty"` + TotalSize int32 `json:"totalSize,omitempty"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) GetCertificateList(req *GetCertificateListRequest) (*GetCertificateListResponse, error) { + return c.GetCertificateListWithContext(context.Background(), req) +} + +func (c *Client) GetCertificateListWithContext(ctx context.Context, req *GetCertificateListRequest) (*GetCertificateListResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/v1/certificate/list") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &GetCertificateListResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/cms/api_upload_certificate.go b/pkg/sdk3rd/ctyun/cms/api_upload_certificate.go new file mode 100644 index 00000000..ed02a357 --- /dev/null +++ b/pkg/sdk3rd/ctyun/cms/api_upload_certificate.go @@ -0,0 +1,41 @@ +package cms + +import ( + "context" + "net/http" +) + +type UploadCertificateRequest struct { + Name *string `json:"name,omitempty"` + Certificate *string `json:"certificate,omitempty"` + CertificateChain *string `json:"certificateChain,omitempty"` + PrivateKey *string `json:"privateKey,omitempty"` + EncryptionStandard *string `json:"encryptionStandard,omitempty"` + EncCertificate *string `json:"encCertificate,omitempty"` + EncPrivateKey *string `json:"encPrivateKey,omitempty"` +} + +type UploadCertificateResponse struct { + apiResponseBase +} + +func (c *Client) UploadCertificate(req *UploadCertificateRequest) (*UploadCertificateResponse, error) { + return c.UploadCertificateWithContext(context.Background(), req) +} + +func (c *Client) UploadCertificateWithContext(ctx context.Context, req *UploadCertificateRequest) (*UploadCertificateResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/v1/certificate/upload") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UploadCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/cms/client.go b/pkg/sdk3rd/ctyun/cms/client.go new file mode 100644 index 00000000..d648c09c --- /dev/null +++ b/pkg/sdk3rd/ctyun/cms/client.go @@ -0,0 +1,50 @@ +package cms + +import ( + "fmt" + "time" + + "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/openapi" + "github.com/go-resty/resty/v2" +) + +const endpoint = "https://ccms-global.ctapi.ctyun.cn" + +type Client struct { + client *openapi.Client +} + +func NewClient(accessKeyId, secretAccessKey string) (*Client, error) { + client, err := openapi.NewClient(endpoint, accessKeyId, secretAccessKey) + if err != nil { + return nil, err + } + + return &Client{client: client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + return c.client.NewRequest(method, path) +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + resp, err := c.client.DoRequestWithResult(req, res) + if err == nil { + statusCode := res.GetStatusCode() + errorCode := res.GetError() + if (statusCode != "" && statusCode != "200") || errorCode != "" { + return resp, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", statusCode, res.GetMessage(), res.GetMessage(), res.GetErrorMessage()) + } + } + + return resp, err +} diff --git a/pkg/sdk3rd/ctyun/cms/types.go b/pkg/sdk3rd/ctyun/cms/types.go new file mode 100644 index 00000000..04a8c458 --- /dev/null +++ b/pkg/sdk3rd/ctyun/cms/types.go @@ -0,0 +1,94 @@ +package cms + +import ( + "bytes" + "encoding/json" + "strconv" +) + +type apiResponse interface { + GetStatusCode() string + GetMessage() string + GetError() string + GetErrorMessage() string +} + +type apiResponseBase struct { + StatusCode json.RawMessage `json:"statusCode,omitempty"` + Message *string `json:"message,omitempty"` + Error *string `json:"error,omitempty"` + ErrorMessage *string `json:"errorMessage,omitempty"` + RequestId *string `json:"requestId,omitempty"` +} + +func (r *apiResponseBase) GetStatusCode() string { + if r.StatusCode == nil { + return "" + } + + decoder := json.NewDecoder(bytes.NewReader(r.StatusCode)) + token, err := decoder.Token() + if err != nil { + return "" + } + + switch t := token.(type) { + case string: + return t + case float64: + return strconv.FormatFloat(t, 'f', -1, 64) + case json.Number: + return t.String() + default: + return "" + } +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +func (r *apiResponseBase) GetError() string { + if r.Error == nil { + return "" + } + + return *r.Error +} + +func (r *apiResponseBase) GetErrorMessage() string { + if r.ErrorMessage == nil { + return "" + } + + return *r.ErrorMessage +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type CertificateRecord struct { + Id string `json:"id"` + Origin string `json:"origin"` + Type string `json:"type"` + ResourceId string `json:"resourceId"` + ResourceType string `json:"resourceType"` + CertificateId string `json:"certificateId"` + CertificateMode string `json:"certificateMode"` + Name string `json:"name"` + Status string `json:"status"` + DetailStatus string `json:"detailStatus"` + ManagedStatus string `json:"managedStatus"` + Fingerprint string `json:"fingerprint"` + IssueTime string `json:"issueTime"` + ExpireTime string `json:"expireTime"` + DomainType string `json:"domainType"` + DomainName string `json:"domainName"` + EncryptionStandard string `json:"encryptionStandard"` + EncryptionAlgorithm string `json:"encryptionAlgorithm"` + CreateTime string `json:"createTime"` + UpdateTime string `json:"updateTime"` +} diff --git a/pkg/sdk3rd/ctyun/dns/api_add_record.go b/pkg/sdk3rd/ctyun/dns/api_add_record.go new file mode 100644 index 00000000..d2699dc3 --- /dev/null +++ b/pkg/sdk3rd/ctyun/dns/api_add_record.go @@ -0,0 +1,46 @@ +package dns + +import ( + "context" + "net/http" +) + +type AddRecordRequest struct { + Domain *string `json:"domain,omitempty"` + Host *string `json:"host,omitempty"` + Type *string `json:"type,omitempty"` + LineCode *string `json:"lineCode,omitempty"` + Value *string `json:"value,omitempty"` + TTL *int32 `json:"ttl,omitempty"` + State *int32 `json:"state,omitempty"` + Remark *string `json:"remark"` +} + +type AddRecordResponse struct { + apiResponseBase + + ReturnObj *struct { + RecordId int32 `json:"recordId"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) AddRecord(req *AddRecordRequest) (*AddRecordResponse, error) { + return c.AddRecordWithContext(context.Background(), req) +} + +func (c *Client) AddRecordWithContext(ctx context.Context, req *AddRecordRequest) (*AddRecordResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/v2/addRecord") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &AddRecordResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/dns/api_delete_record.go b/pkg/sdk3rd/ctyun/dns/api_delete_record.go new file mode 100644 index 00000000..8a6cf033 --- /dev/null +++ b/pkg/sdk3rd/ctyun/dns/api_delete_record.go @@ -0,0 +1,35 @@ +package dns + +import ( + "context" + "net/http" +) + +type DeleteRecordRequest struct { + RecordId *int32 `json:"recordId,omitempty"` +} + +type DeleteRecordResponse struct { + apiResponseBase +} + +func (c *Client) DeleteRecord(req *DeleteRecordRequest) (*DeleteRecordResponse, error) { + return c.DeleteRecordWithContext(context.Background(), req) +} + +func (c *Client) DeleteRecordWithContext(ctx context.Context, req *DeleteRecordRequest) (*DeleteRecordResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/v2/deleteRecord") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &DeleteRecordResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/dns/api_query_record_list.go b/pkg/sdk3rd/ctyun/dns/api_query_record_list.go new file mode 100644 index 00000000..cac3a6e3 --- /dev/null +++ b/pkg/sdk3rd/ctyun/dns/api_query_record_list.go @@ -0,0 +1,64 @@ +package dns + +import ( + "context" + "net/http" + "strconv" +) + +type QueryRecordListRequest struct { + Domain *string `json:"domain,omitempty"` + Host *string `json:"host,omitempty"` + Type *string `json:"type,omitempty"` + LineCode *string `json:"lineCode,omitempty"` + Value *string `json:"value,omitempty"` + State *int32 `json:"state,omitempty"` +} + +type QueryRecordListResponse struct { + apiResponseBase + + ReturnObj *struct { + Records []*DnsRecord `json:"records,omitempty"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) QueryRecordList(req *QueryRecordListRequest) (*QueryRecordListResponse, error) { + return c.QueryRecordListWithContext(context.Background(), req) +} + +func (c *Client) QueryRecordListWithContext(ctx context.Context, req *QueryRecordListRequest) (*QueryRecordListResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/v2/queryRecordList") + if err != nil { + return nil, err + } else { + if req.Domain != nil { + httpreq.SetQueryParam("domain", *req.Domain) + } + if req.Host != nil { + httpreq.SetQueryParam("host", *req.Host) + } + if req.Type != nil { + httpreq.SetQueryParam("type", *req.Type) + } + if req.LineCode != nil { + httpreq.SetQueryParam("lineCode", *req.LineCode) + } + if req.Value != nil { + httpreq.SetQueryParam("value", *req.Value) + } + if req.State != nil { + httpreq.SetQueryParam("state", strconv.Itoa(int(*req.State))) + } + + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &QueryRecordListResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/dns/api_update_record.go b/pkg/sdk3rd/ctyun/dns/api_update_record.go new file mode 100644 index 00000000..c84a0357 --- /dev/null +++ b/pkg/sdk3rd/ctyun/dns/api_update_record.go @@ -0,0 +1,47 @@ +package dns + +import ( + "context" + "net/http" +) + +type UpdateRecordRequest struct { + RecordId *int32 `json:"recordId,omitempty"` + Domain *string `json:"domain,omitempty"` + Host *string `json:"host,omitempty"` + Type *string `json:"type,omitempty"` + LineCode *string `json:"lineCode,omitempty"` + Value *string `json:"value,omitempty"` + TTL *int32 `json:"ttl,omitempty"` + State *int32 `json:"state,omitempty"` + Remark *string `json:"remark"` +} + +type UpdateRecordResponse struct { + apiResponseBase + + ReturnObj *struct { + RecordId int32 `json:"recordId"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) UpdateRecord(req *UpdateRecordRequest) (*UpdateRecordResponse, error) { + return c.UpdateRecordWithContext(context.Background(), req) +} + +func (c *Client) UpdateRecordWithContext(ctx context.Context, req *UpdateRecordRequest) (*UpdateRecordResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/v2/updateRecord") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateRecordResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/dns/client.go b/pkg/sdk3rd/ctyun/dns/client.go new file mode 100644 index 00000000..def071b6 --- /dev/null +++ b/pkg/sdk3rd/ctyun/dns/client.go @@ -0,0 +1,50 @@ +package dns + +import ( + "fmt" + "time" + + "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/openapi" + "github.com/go-resty/resty/v2" +) + +const endpoint = "https://smartdns-global.ctapi.ctyun.cn" + +type Client struct { + client *openapi.Client +} + +func NewClient(accessKeyId, secretAccessKey string) (*Client, error) { + client, err := openapi.NewClient(endpoint, accessKeyId, secretAccessKey) + if err != nil { + return nil, err + } + + return &Client{client: client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + return c.client.NewRequest(method, path) +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + resp, err := c.client.DoRequestWithResult(req, res) + if err == nil { + statusCode := res.GetStatusCode() + errorCode := res.GetError() + if (statusCode != "" && statusCode != "200") || errorCode != "" { + return resp, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", statusCode, res.GetMessage(), res.GetMessage(), res.GetErrorMessage()) + } + } + + return resp, err +} diff --git a/pkg/sdk3rd/ctyun/dns/types.go b/pkg/sdk3rd/ctyun/dns/types.go new file mode 100644 index 00000000..bd500938 --- /dev/null +++ b/pkg/sdk3rd/ctyun/dns/types.go @@ -0,0 +1,82 @@ +package dns + +import ( + "bytes" + "encoding/json" + "strconv" +) + +type apiResponse interface { + GetStatusCode() string + GetMessage() string + GetError() string + GetErrorMessage() string +} + +type apiResponseBase struct { + StatusCode json.RawMessage `json:"statusCode,omitempty"` + Message *string `json:"message,omitempty"` + Error *string `json:"error,omitempty"` + ErrorMessage *string `json:"errorMessage,omitempty"` + RequestId *string `json:"requestId,omitempty"` +} + +func (r *apiResponseBase) GetStatusCode() string { + if r.StatusCode == nil { + return "" + } + + decoder := json.NewDecoder(bytes.NewReader(r.StatusCode)) + token, err := decoder.Token() + if err != nil { + return "" + } + + switch t := token.(type) { + case string: + return t + case float64: + return strconv.FormatFloat(t, 'f', -1, 64) + case json.Number: + return t.String() + default: + return "" + } +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +func (r *apiResponseBase) GetError() string { + if r.Error == nil { + return "" + } + + return *r.Error +} + +func (r *apiResponseBase) GetErrorMessage() string { + if r.ErrorMessage == nil { + return "" + } + + return *r.ErrorMessage +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type DnsRecord struct { + RecordId int32 `json:"recordId"` + Host string `json:"host"` + Type string `json:"type"` + LineCode string `json:"lineCode"` + Value string `json:"value"` + TTL int32 `json:"ttl"` + State int32 `json:"state"` + Remark string `json:"remark"` +} diff --git a/pkg/sdk3rd/ctyun/elb/api_create_certificate.go b/pkg/sdk3rd/ctyun/elb/api_create_certificate.go new file mode 100644 index 00000000..4ea78f7a --- /dev/null +++ b/pkg/sdk3rd/ctyun/elb/api_create_certificate.go @@ -0,0 +1,45 @@ +package elb + +import ( + "context" + "net/http" +) + +type CreateCertificateRequest struct { + ClientToken *string `json:"clientToken,omitempty"` + RegionID *string `json:"regionID,omitempty"` + Name *string `json:"name,omitempty"` + Description *string `json:"description,omitempty"` + Type *string `json:"type,omitempty"` + Certificate *string `json:"certificate,omitempty"` + PrivateKey *string `json:"privateKey,omitempty"` +} + +type CreateCertificateResponse struct { + apiResponseBase + + ReturnObj *struct { + ID string `json:"id"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { + return c.CreateCertificateWithContext(context.Background(), req) +} + +func (c *Client) CreateCertificateWithContext(ctx context.Context, req *CreateCertificateRequest) (*CreateCertificateResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/v4/elb/create-certificate") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &CreateCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/elb/api_list_certificates.go b/pkg/sdk3rd/ctyun/elb/api_list_certificates.go new file mode 100644 index 00000000..e7256126 --- /dev/null +++ b/pkg/sdk3rd/ctyun/elb/api_list_certificates.go @@ -0,0 +1,56 @@ +package elb + +import ( + "context" + "net/http" +) + +type ListCertificatesRequest struct { + ClientToken *string `json:"clientToken,omitempty"` + RegionID *string `json:"regionID,omitempty"` + IDs *string `json:"IDs,omitempty"` + Name *string `json:"name,omitempty"` + Type *string `json:"type,omitempty"` +} + +type ListCertificatesResponse struct { + apiResponseBase + + ReturnObj []*CertificateRecord `json:"returnObj,omitempty"` +} + +func (c *Client) ListCertificates(req *ListCertificatesRequest) (*ListCertificatesResponse, error) { + return c.ListCertificatesWithContext(context.Background(), req) +} + +func (c *Client) ListCertificatesWithContext(ctx context.Context, req *ListCertificatesRequest) (*ListCertificatesResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/v4/elb/list-certificate") + if err != nil { + return nil, err + } else { + if req.ClientToken != nil { + httpreq.SetQueryParam("clientToken", *req.ClientToken) + } + if req.RegionID != nil { + httpreq.SetQueryParam("regionID", *req.RegionID) + } + if req.IDs != nil { + httpreq.SetQueryParam("IDs", *req.IDs) + } + if req.Name != nil { + httpreq.SetQueryParam("name", *req.Name) + } + if req.Type != nil { + httpreq.SetQueryParam("type", *req.Type) + } + + httpreq.SetContext(ctx) + } + + result := &ListCertificatesResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/elb/api_list_listeners.go b/pkg/sdk3rd/ctyun/elb/api_list_listeners.go new file mode 100644 index 00000000..9de6b0ce --- /dev/null +++ b/pkg/sdk3rd/ctyun/elb/api_list_listeners.go @@ -0,0 +1,64 @@ +package elb + +import ( + "context" + "net/http" +) + +type ListListenersRequest struct { + ClientToken *string `json:"clientToken,omitempty"` + RegionID *string `json:"regionID,omitempty"` + ProjectID *string `json:"projectID,omitempty"` + IDs *string `json:"IDs,omitempty"` + Name *string `json:"name,omitempty"` + LoadBalancerID *string `json:"loadBalancerID,omitempty"` + AccessControlID *string `json:"accessControlID,omitempty"` +} + +type ListListenersResponse struct { + apiResponseBase + + ReturnObj []*ListenerRecord `json:"returnObj,omitempty"` +} + +func (c *Client) ListListeners(req *ListListenersRequest) (*ListListenersResponse, error) { + return c.ListListenersWithContext(context.Background(), req) +} + +func (c *Client) ListListenersWithContext(ctx context.Context, req *ListListenersRequest) (*ListListenersResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/v4/elb/list-listener") + if err != nil { + return nil, err + } else { + if req.ClientToken != nil { + httpreq.SetQueryParam("clientToken", *req.ClientToken) + } + if req.RegionID != nil { + httpreq.SetQueryParam("regionID", *req.RegionID) + } + if req.ProjectID != nil { + httpreq.SetQueryParam("projectID", *req.ProjectID) + } + if req.IDs != nil { + httpreq.SetQueryParam("IDs", *req.IDs) + } + if req.Name != nil { + httpreq.SetQueryParam("name", *req.Name) + } + if req.LoadBalancerID != nil { + httpreq.SetQueryParam("loadBalancerID", *req.LoadBalancerID) + } + if req.LoadBalancerID != nil { + httpreq.SetQueryParam("accessControlID", *req.AccessControlID) + } + + httpreq.SetContext(ctx) + } + + result := &ListListenersResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/elb/api_show_listener.go b/pkg/sdk3rd/ctyun/elb/api_show_listener.go new file mode 100644 index 00000000..2d1ad02f --- /dev/null +++ b/pkg/sdk3rd/ctyun/elb/api_show_listener.go @@ -0,0 +1,48 @@ +package elb + +import ( + "context" + "net/http" +) + +type ShowListenerRequest struct { + ClientToken *string `json:"clientToken,omitempty"` + RegionID *string `json:"regionID,omitempty"` + ListenerID *string `json:"listenerID,omitempty"` +} + +type ShowListenerResponse struct { + apiResponseBase + + ReturnObj []*ListenerRecord `json:"returnObj,omitempty"` +} + +func (c *Client) ShowListener(req *ShowListenerRequest) (*ShowListenerResponse, error) { + return c.ShowListenerWithContext(context.Background(), req) +} + +func (c *Client) ShowListenerWithContext(ctx context.Context, req *ShowListenerRequest) (*ShowListenerResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/v4/elb/show-listener") + if err != nil { + return nil, err + } else { + if req.ClientToken != nil { + httpreq.SetQueryParam("clientToken", *req.ClientToken) + } + if req.RegionID != nil { + httpreq.SetQueryParam("regionID", *req.RegionID) + } + if req.ListenerID != nil { + httpreq.SetQueryParam("listenerID", *req.ListenerID) + } + + httpreq.SetContext(ctx) + } + + result := &ShowListenerResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/elb/api_update_listener.go b/pkg/sdk3rd/ctyun/elb/api_update_listener.go new file mode 100644 index 00000000..8cb2f425 --- /dev/null +++ b/pkg/sdk3rd/ctyun/elb/api_update_listener.go @@ -0,0 +1,44 @@ +package elb + +import ( + "context" + "net/http" +) + +type UpdateListenerRequest struct { + ClientToken *string `json:"clientToken,omitempty"` + RegionID *string `json:"regionID,omitempty"` + ListenerID *string `json:"listenerID,omitempty"` + Name *string `json:"name,omitempty"` + Description *string `json:"description,omitempty"` + CertificateID *string `json:"certificateID,omitempty"` + CaEnabled *bool `json:"caEnabled,omitempty"` + ClientCertificateID *string `json:"clientCertificateID,omitempty"` +} + +type UpdateListenerResponse struct { + apiResponseBase + + ReturnObj []*ListenerRecord `json:"returnObj,omitempty"` +} + +func (c *Client) UpdateListener(req *UpdateListenerRequest) (*UpdateListenerResponse, error) { + return c.UpdateListenerWithContext(context.Background(), req) +} + +func (c *Client) UpdateListenerWithContext(ctx context.Context, req *UpdateListenerRequest) (*UpdateListenerResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/v4/elb/update-listener") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateListenerResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/elb/client.go b/pkg/sdk3rd/ctyun/elb/client.go new file mode 100644 index 00000000..f7743318 --- /dev/null +++ b/pkg/sdk3rd/ctyun/elb/client.go @@ -0,0 +1,50 @@ +package elb + +import ( + "fmt" + "time" + + "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/openapi" + "github.com/go-resty/resty/v2" +) + +const endpoint = "https://ctelb-global.ctapi.ctyun.cn" + +type Client struct { + client *openapi.Client +} + +func NewClient(accessKeyId, secretAccessKey string) (*Client, error) { + client, err := openapi.NewClient(endpoint, accessKeyId, secretAccessKey) + if err != nil { + return nil, err + } + + return &Client{client: client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + return c.client.NewRequest(method, path) +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + resp, err := c.client.DoRequestWithResult(req, res) + if err == nil { + statusCode := res.GetStatusCode() + errorCode := res.GetError() + if (statusCode != "" && statusCode != "200" && statusCode != "800") || (errorCode != "" && errorCode != "SUCCESS") { + return resp, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', description='%s'", statusCode, res.GetMessage(), res.GetMessage(), res.GetDescription()) + } + } + + return resp, err +} diff --git a/pkg/sdk3rd/ctyun/elb/types.go b/pkg/sdk3rd/ctyun/elb/types.go new file mode 100644 index 00000000..ed64d0fa --- /dev/null +++ b/pkg/sdk3rd/ctyun/elb/types.go @@ -0,0 +1,104 @@ +package elb + +import ( + "bytes" + "encoding/json" + "strconv" +) + +type apiResponse interface { + GetStatusCode() string + GetMessage() string + GetError() string + GetDescription() string +} + +type apiResponseBase struct { + StatusCode json.RawMessage `json:"statusCode,omitempty"` + Message *string `json:"message,omitempty"` + Error *string `json:"error,omitempty"` + Description *string `json:"description,omitempty"` + RequestId *string `json:"requestId,omitempty"` +} + +func (r *apiResponseBase) GetStatusCode() string { + if r.StatusCode == nil { + return "" + } + + decoder := json.NewDecoder(bytes.NewReader(r.StatusCode)) + token, err := decoder.Token() + if err != nil { + return "" + } + + switch t := token.(type) { + case string: + return t + case float64: + return strconv.FormatFloat(t, 'f', -1, 64) + case json.Number: + return t.String() + default: + return "" + } +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +func (r *apiResponseBase) GetError() string { + if r.Error == nil { + return "" + } + + return *r.Error +} + +func (r *apiResponseBase) GetDescription() string { + if r.Description == nil { + return "" + } + + return *r.Description +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type CertificateRecord struct { + ID string `json:"ID"` + RegionID string `json:"regionID"` + AzName string `json:"azName"` + ProjectID string `json:"projectID"` + Name string `json:"name"` + Description string `json:"description"` + Type string `json:"type"` + Certificate string `json:"certificate"` + PrivateKey string `json:"privateKey"` + Status string `json:"status"` + CreatedTime string `json:"createdTime"` + UpdatedTime string `json:"updatedTime"` +} + +type ListenerRecord struct { + ID string `json:"ID"` + RegionID string `json:"regionID"` + AzName string `json:"azName"` + ProjectID string `json:"projectID"` + Name string `json:"name"` + Description string `json:"description"` + LoadBalancerID string `json:"loadBalancerID"` + Protocol string `json:"protocol"` + ProtocolPort int32 `json:"protocolPort"` + CertificateID string `json:"certificateID,omitempty"` + CaEnabled bool `json:"caEnabled"` + ClientCertificateID string `json:"clientCertificateID,omitempty"` + Status string `json:"status"` + CreatedTime string `json:"createdTime"` + UpdatedTime string `json:"updatedTime"` +} diff --git a/pkg/sdk3rd/ctyun/icdn/api_create_cert.go b/pkg/sdk3rd/ctyun/icdn/api_create_cert.go new file mode 100644 index 00000000..0261bb43 --- /dev/null +++ b/pkg/sdk3rd/ctyun/icdn/api_create_cert.go @@ -0,0 +1,41 @@ +package icdn + +import ( + "context" + "net/http" +) + +type CreateCertRequest struct { + Name *string `json:"name,omitempty"` + Certs *string `json:"certs,omitempty"` + Key *string `json:"key,omitempty"` +} + +type CreateCertResponse struct { + apiResponseBase + + ReturnObj *struct { + Id int64 `json:"id"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) CreateCert(req *CreateCertRequest) (*CreateCertResponse, error) { + return c.CreateCertWithContext(context.Background(), req) +} + +func (c *Client) CreateCertWithContext(ctx context.Context, req *CreateCertRequest) (*CreateCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/v1/cert/creat-cert") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &CreateCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/icdn/api_query_cert_detail.go b/pkg/sdk3rd/ctyun/icdn/api_query_cert_detail.go new file mode 100644 index 00000000..75beca46 --- /dev/null +++ b/pkg/sdk3rd/ctyun/icdn/api_query_cert_detail.go @@ -0,0 +1,51 @@ +package icdn + +import ( + "context" + "net/http" + "strconv" +) + +type QueryCertDetailRequest struct { + Id *int64 `json:"id,omitempty"` + Name *string `json:"name,omitempty"` + UsageMode *int32 `json:"usage_mode,omitempty"` +} + +type QueryCertDetailResponse struct { + apiResponseBase + + ReturnObj *struct { + Result *CertDetail `json:"result,omitempty"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) QueryCertDetail(req *QueryCertDetailRequest) (*QueryCertDetailResponse, error) { + return c.QueryCertDetailWithContext(context.Background(), req) +} + +func (c *Client) QueryCertDetailWithContext(ctx context.Context, req *QueryCertDetailRequest) (*QueryCertDetailResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/v1/cert/query-cert-detail") + if err != nil { + return nil, err + } else { + if req.Id != nil { + httpreq.SetQueryParam("id", strconv.Itoa(int(*req.Id))) + } + if req.Name != nil { + httpreq.SetQueryParam("name", *req.Name) + } + if req.UsageMode != nil { + httpreq.SetQueryParam("usage_mode", strconv.Itoa(int(*req.UsageMode))) + } + + httpreq.SetContext(ctx) + } + + result := &QueryCertDetailResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/icdn/api_query_cert_list.go b/pkg/sdk3rd/ctyun/icdn/api_query_cert_list.go new file mode 100644 index 00000000..806a77fe --- /dev/null +++ b/pkg/sdk3rd/ctyun/icdn/api_query_cert_list.go @@ -0,0 +1,55 @@ +package icdn + +import ( + "context" + "net/http" + "strconv" +) + +type QueryCertListRequest struct { + Page *int32 `json:"page,omitempty"` + PerPage *int32 `json:"per_page,omitempty"` + UsageMode *int32 `json:"usage_mode,omitempty"` +} + +type QueryCertListResponse struct { + apiResponseBase + + ReturnObj *struct { + Results []*CertRecord `json:"result,omitempty"` + Page int32 `json:"page,omitempty"` + PerPage int32 `json:"per_page,omitempty"` + TotalPage int32 `json:"total_page,omitempty"` + TotalRecords int32 `json:"total_records,omitempty"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) QueryCertList(req *QueryCertListRequest) (*QueryCertListResponse, error) { + return c.QueryCertListWithContext(context.Background(), req) +} + +func (c *Client) QueryCertListWithContext(ctx context.Context, req *QueryCertListRequest) (*QueryCertListResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/v1/cert/query-cert-list") + if err != nil { + return nil, err + } else { + if req.Page != nil { + httpreq.SetQueryParam("page", strconv.Itoa(int(*req.Page))) + } + if req.PerPage != nil { + httpreq.SetQueryParam("per_page", strconv.Itoa(int(*req.PerPage))) + } + if req.UsageMode != nil { + httpreq.SetQueryParam("usage_mode", strconv.Itoa(int(*req.UsageMode))) + } + + httpreq.SetContext(ctx) + } + + result := &QueryCertListResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/icdn/api_query_domain_detail.go b/pkg/sdk3rd/ctyun/icdn/api_query_domain_detail.go new file mode 100644 index 00000000..ace1bddb --- /dev/null +++ b/pkg/sdk3rd/ctyun/icdn/api_query_domain_detail.go @@ -0,0 +1,64 @@ +package icdn + +import ( + "context" + "net/http" +) + +type QueryDomainDetailRequest struct { + Domain *string `json:"domain,omitempty"` + ProductCode *string `json:"product_code,omitempty"` + FunctionNames *string `json:"function_names,omitempty"` +} + +type QueryDomainDetailResponse struct { + apiResponseBase + + ReturnObj *struct { + Domain string `json:"domain"` + ProductCode string `json:"product_code"` + Status int32 `json:"status"` + AreaScope int32 `json:"area_scope"` + Cname string `json:"cname"` + HttpsStatus string `json:"https_status"` + HttpsBasic *struct { + HttpsForce string `json:"https_force"` + HttpForce string `json:"http_force"` + ForceStatus string `json:"force_status"` + OriginProtocol string `json:"origin_protocol"` + } `json:"https_basic,omitempty"` + CertName string `json:"cert_name"` + Ssl string `json:"ssl"` + SslStapling string `json:"ssl_stapling"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) QueryDomainDetail(req *QueryDomainDetailRequest) (*QueryDomainDetailResponse, error) { + return c.QueryDomainDetailWithContext(context.Background(), req) +} + +func (c *Client) QueryDomainDetailWithContext(ctx context.Context, req *QueryDomainDetailRequest) (*QueryDomainDetailResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/v1/domain/query-domain-detail") + if err != nil { + return nil, err + } else { + if req.Domain != nil { + httpreq.SetQueryParam("domain", *req.Domain) + } + if req.ProductCode != nil { + httpreq.SetQueryParam("product_code", *req.ProductCode) + } + if req.FunctionNames != nil { + httpreq.SetQueryParam("function_names", *req.FunctionNames) + } + + httpreq.SetContext(ctx) + } + + result := &QueryDomainDetailResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/icdn/api_update_domain.go b/pkg/sdk3rd/ctyun/icdn/api_update_domain.go new file mode 100644 index 00000000..d3e421c4 --- /dev/null +++ b/pkg/sdk3rd/ctyun/icdn/api_update_domain.go @@ -0,0 +1,37 @@ +package icdn + +import ( + "context" + "net/http" +) + +type UpdateDomainRequest struct { + Domain *string `json:"domain,omitempty"` + HttpsStatus *string `json:"https_status,omitempty"` + CertName *string `json:"cert_name,omitempty"` +} + +type UpdateDomainResponse struct { + apiResponseBase +} + +func (c *Client) UpdateDomain(req *UpdateDomainRequest) (*UpdateDomainResponse, error) { + return c.UpdateDomainWithContext(context.Background(), req) +} + +func (c *Client) UpdateDomainWithContext(ctx context.Context, req *UpdateDomainRequest) (*UpdateDomainResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/v1/domain/update-domain") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateDomainResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/icdn/client.go b/pkg/sdk3rd/ctyun/icdn/client.go new file mode 100644 index 00000000..f8662904 --- /dev/null +++ b/pkg/sdk3rd/ctyun/icdn/client.go @@ -0,0 +1,48 @@ +package icdn + +import ( + "fmt" + "time" + + "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/openapi" + "github.com/go-resty/resty/v2" +) + +const endpoint = "https://icdn-global.ctapi.ctyun.cn" + +type Client struct { + client *openapi.Client +} + +func NewClient(accessKeyId, secretAccessKey string) (*Client, error) { + client, err := openapi.NewClient(endpoint, accessKeyId, secretAccessKey) + if err != nil { + return nil, err + } + + return &Client{client: client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + return c.client.NewRequest(method, path) +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + resp, err := c.client.DoRequestWithResult(req, res) + if err == nil { + if tcode := res.GetStatusCode(); tcode != "" && tcode != "100000" { + return resp, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", tcode, res.GetMessage(), res.GetMessage(), res.GetErrorMessage()) + } + } + + return resp, err +} diff --git a/pkg/sdk3rd/ctyun/icdn/types.go b/pkg/sdk3rd/ctyun/icdn/types.go new file mode 100644 index 00000000..0d1e8fb6 --- /dev/null +++ b/pkg/sdk3rd/ctyun/icdn/types.go @@ -0,0 +1,90 @@ +package icdn + +import ( + "bytes" + "encoding/json" + "strconv" +) + +type apiResponse interface { + GetStatusCode() string + GetMessage() string + GetError() string + GetErrorMessage() string +} + +type apiResponseBase struct { + StatusCode json.RawMessage `json:"statusCode,omitempty"` + Message *string `json:"message,omitempty"` + Error *string `json:"error,omitempty"` + ErrorMessage *string `json:"errorMessage,omitempty"` + RequestId *string `json:"requestId,omitempty"` +} + +func (r *apiResponseBase) GetStatusCode() string { + if r.StatusCode == nil { + return "" + } + + decoder := json.NewDecoder(bytes.NewReader(r.StatusCode)) + token, err := decoder.Token() + if err != nil { + return "" + } + + switch t := token.(type) { + case string: + return t + case float64: + return strconv.FormatFloat(t, 'f', -1, 64) + case json.Number: + return t.String() + default: + return "" + } +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +func (r *apiResponseBase) GetError() string { + if r.Error == nil { + return "" + } + + return *r.Error +} + +func (r *apiResponseBase) GetErrorMessage() string { + if r.ErrorMessage == nil { + return "" + } + + return *r.ErrorMessage +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type CertRecord struct { + Id int64 `json:"id"` + Name string `json:"name"` + CN string `json:"cn"` + SANs []string `json:"sans"` + UsageMode int32 `json:"usage_mode"` + State int32 `json:"state"` + ExpiresTime int64 `json:"expires"` + IssueTime int64 `json:"issue"` + Issuer string `json:"issuer"` + CreatedTime int64 `json:"created"` +} + +type CertDetail struct { + CertRecord + Certs string `json:"certs"` + Key string `json:"key"` +} diff --git a/pkg/sdk3rd/ctyun/lvdn/api_create_cert.go b/pkg/sdk3rd/ctyun/lvdn/api_create_cert.go new file mode 100644 index 00000000..b10e4011 --- /dev/null +++ b/pkg/sdk3rd/ctyun/lvdn/api_create_cert.go @@ -0,0 +1,41 @@ +package lvdn + +import ( + "context" + "net/http" +) + +type CreateCertRequest struct { + Name *string `json:"name,omitempty"` + Certs *string `json:"certs,omitempty"` + Key *string `json:"key,omitempty"` +} + +type CreateCertResponse struct { + apiResponseBase + + ReturnObj *struct { + Id int64 `json:"id"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) CreateCert(req *CreateCertRequest) (*CreateCertResponse, error) { + return c.CreateCertWithContext(context.Background(), req) +} + +func (c *Client) CreateCertWithContext(ctx context.Context, req *CreateCertRequest) (*CreateCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/cert/creat-cert") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &CreateCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/lvdn/api_query_cert_detail.go b/pkg/sdk3rd/ctyun/lvdn/api_query_cert_detail.go new file mode 100644 index 00000000..f3427ad4 --- /dev/null +++ b/pkg/sdk3rd/ctyun/lvdn/api_query_cert_detail.go @@ -0,0 +1,51 @@ +package lvdn + +import ( + "context" + "net/http" + "strconv" +) + +type QueryCertDetailRequest struct { + Id *int64 `json:"id,omitempty"` + Name *string `json:"name,omitempty"` + UsageMode *int32 `json:"usage_mode,omitempty"` +} + +type QueryCertDetailResponse struct { + apiResponseBase + + ReturnObj *struct { + Result *CertDetail `json:"result,omitempty"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) QueryCertDetail(req *QueryCertDetailRequest) (*QueryCertDetailResponse, error) { + return c.QueryCertDetailWithContext(context.Background(), req) +} + +func (c *Client) QueryCertDetailWithContext(ctx context.Context, req *QueryCertDetailRequest) (*QueryCertDetailResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/cert/query-cert-detail") + if err != nil { + return nil, err + } else { + if req.Id != nil { + httpreq.SetQueryParam("id", strconv.Itoa(int(*req.Id))) + } + if req.Name != nil { + httpreq.SetQueryParam("name", *req.Name) + } + if req.UsageMode != nil { + httpreq.SetQueryParam("usage_mode", strconv.Itoa(int(*req.UsageMode))) + } + + httpreq.SetContext(ctx) + } + + result := &QueryCertDetailResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/lvdn/api_query_cert_list.go b/pkg/sdk3rd/ctyun/lvdn/api_query_cert_list.go new file mode 100644 index 00000000..d7fb5ebd --- /dev/null +++ b/pkg/sdk3rd/ctyun/lvdn/api_query_cert_list.go @@ -0,0 +1,55 @@ +package lvdn + +import ( + "context" + "net/http" + "strconv" +) + +type QueryCertListRequest struct { + Page *int32 `json:"page,omitempty"` + PerPage *int32 `json:"per_page,omitempty"` + UsageMode *int32 `json:"usage_mode,omitempty"` +} + +type QueryCertListResponse struct { + apiResponseBase + + ReturnObj *struct { + Results []*CertRecord `json:"result,omitempty"` + Page int32 `json:"page,omitempty"` + PerPage int32 `json:"per_page,omitempty"` + TotalPage int32 `json:"total_page,omitempty"` + TotalRecords int32 `json:"total_records,omitempty"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) QueryCertList(req *QueryCertListRequest) (*QueryCertListResponse, error) { + return c.QueryCertListWithContext(context.Background(), req) +} + +func (c *Client) QueryCertListWithContext(ctx context.Context, req *QueryCertListRequest) (*QueryCertListResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/cert/query-cert-list") + if err != nil { + return nil, err + } else { + if req.Page != nil { + httpreq.SetQueryParam("page", strconv.Itoa(int(*req.Page))) + } + if req.PerPage != nil { + httpreq.SetQueryParam("per_page", strconv.Itoa(int(*req.PerPage))) + } + if req.UsageMode != nil { + httpreq.SetQueryParam("usage_mode", strconv.Itoa(int(*req.UsageMode))) + } + + httpreq.SetContext(ctx) + } + + result := &QueryCertListResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/lvdn/api_query_domain_detail.go b/pkg/sdk3rd/ctyun/lvdn/api_query_domain_detail.go new file mode 100644 index 00000000..fde83efb --- /dev/null +++ b/pkg/sdk3rd/ctyun/lvdn/api_query_domain_detail.go @@ -0,0 +1,52 @@ +package lvdn + +import ( + "context" + "net/http" +) + +type QueryDomainDetailRequest struct { + Domain *string `json:"domain,omitempty"` + ProductCode *string `json:"product_code,omitempty"` +} + +type QueryDomainDetailResponse struct { + apiResponseBase + + ReturnObj *struct { + Domain string `json:"domain"` + ProductCode string `json:"product_code"` + Status int32 `json:"status"` + AreaScope int32 `json:"area_scope"` + Cname string `json:"cname"` + HttpsSwitch int32 `json:"https_switch"` + CertName string `json:"cert_name"` + } `json:"returnObj,omitempty"` +} + +func (c *Client) QueryDomainDetail(req *QueryDomainDetailRequest) (*QueryDomainDetailResponse, error) { + return c.QueryDomainDetailWithContext(context.Background(), req) +} + +func (c *Client) QueryDomainDetailWithContext(ctx context.Context, req *QueryDomainDetailRequest) (*QueryDomainDetailResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/live/domain/query-domain-detail") + if err != nil { + return nil, err + } else { + if req.Domain != nil { + httpreq.SetQueryParam("domain", *req.Domain) + } + if req.ProductCode != nil { + httpreq.SetQueryParam("product_code", *req.ProductCode) + } + + httpreq.SetContext(ctx) + } + + result := &QueryDomainDetailResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/lvdn/api_update_domain.go b/pkg/sdk3rd/ctyun/lvdn/api_update_domain.go new file mode 100644 index 00000000..0a0f2ef2 --- /dev/null +++ b/pkg/sdk3rd/ctyun/lvdn/api_update_domain.go @@ -0,0 +1,38 @@ +package lvdn + +import ( + "context" + "net/http" +) + +type UpdateDomainRequest struct { + Domain *string `json:"domain,omitempty"` + ProductCode *string `json:"product_code,omitempty"` + HttpsSwitch *int32 `json:"https_switch,omitempty"` + CertName *string `json:"cert_name,omitempty"` +} + +type UpdateDomainResponse struct { + apiResponseBase +} + +func (c *Client) UpdateDomain(req *UpdateDomainRequest) (*UpdateDomainResponse, error) { + return c.UpdateDomainWithContext(context.Background(), req) +} + +func (c *Client) UpdateDomainWithContext(ctx context.Context, req *UpdateDomainRequest) (*UpdateDomainResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/live/domain/update-domain") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateDomainResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ctyun/lvdn/client.go b/pkg/sdk3rd/ctyun/lvdn/client.go new file mode 100644 index 00000000..160e58d8 --- /dev/null +++ b/pkg/sdk3rd/ctyun/lvdn/client.go @@ -0,0 +1,48 @@ +package lvdn + +import ( + "fmt" + "time" + + "github.com/certimate-go/certimate/pkg/sdk3rd/ctyun/openapi" + "github.com/go-resty/resty/v2" +) + +const endpoint = "https://ctlvdn-global.ctapi.ctyun.cn" + +type Client struct { + client *openapi.Client +} + +func NewClient(accessKeyId, secretAccessKey string) (*Client, error) { + client, err := openapi.NewClient(endpoint, accessKeyId, secretAccessKey) + if err != nil { + return nil, err + } + + return &Client{client: client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + return c.client.NewRequest(method, path) +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + resp, err := c.client.DoRequestWithResult(req, res) + if err == nil { + if tcode := res.GetStatusCode(); tcode != "" && tcode != "100000" { + return resp, fmt.Errorf("sdkerr: api error, code='%s', message='%s', errorCode='%s', errorMessage='%s'", tcode, res.GetMessage(), res.GetMessage(), res.GetErrorMessage()) + } + } + + return resp, err +} diff --git a/pkg/sdk3rd/ctyun/lvdn/types.go b/pkg/sdk3rd/ctyun/lvdn/types.go new file mode 100644 index 00000000..838fc38f --- /dev/null +++ b/pkg/sdk3rd/ctyun/lvdn/types.go @@ -0,0 +1,90 @@ +package lvdn + +import ( + "bytes" + "encoding/json" + "strconv" +) + +type apiResponse interface { + GetStatusCode() string + GetMessage() string + GetError() string + GetErrorMessage() string +} + +type apiResponseBase struct { + StatusCode json.RawMessage `json:"statusCode,omitempty"` + Message *string `json:"message,omitempty"` + Error *string `json:"error,omitempty"` + ErrorMessage *string `json:"errorMessage,omitempty"` + RequestId *string `json:"requestId,omitempty"` +} + +func (r *apiResponseBase) GetStatusCode() string { + if r.StatusCode == nil { + return "" + } + + decoder := json.NewDecoder(bytes.NewReader(r.StatusCode)) + token, err := decoder.Token() + if err != nil { + return "" + } + + switch t := token.(type) { + case string: + return t + case float64: + return strconv.FormatFloat(t, 'f', -1, 64) + case json.Number: + return t.String() + default: + return "" + } +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +func (r *apiResponseBase) GetError() string { + if r.Error == nil { + return "" + } + + return *r.Error +} + +func (r *apiResponseBase) GetErrorMessage() string { + if r.ErrorMessage == nil { + return "" + } + + return *r.ErrorMessage +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type CertRecord struct { + Id int64 `json:"id"` + Name string `json:"name"` + CN string `json:"cn"` + SANs []string `json:"sans"` + UsageMode int32 `json:"usage_mode"` + State int32 `json:"state"` + ExpiresTime int64 `json:"expires"` + IssueTime int64 `json:"issue"` + Issuer string `json:"issuer"` + CreatedTime int64 `json:"created"` +} + +type CertDetail struct { + CertRecord + Certs string `json:"certs"` + Key string `json:"key"` +} diff --git a/pkg/sdk3rd/ctyun/openapi/client.go b/pkg/sdk3rd/ctyun/openapi/client.go new file mode 100644 index 00000000..62a733d0 --- /dev/null +++ b/pkg/sdk3rd/ctyun/openapi/client.go @@ -0,0 +1,165 @@ +package openapi + +import ( + "crypto/hmac" + "crypto/sha256" + "encoding/base64" + "encoding/hex" + "encoding/json" + "fmt" + "io" + "net/http" + "net/url" + "time" + + "github.com/go-resty/resty/v2" + "github.com/google/uuid" +) + +type Client struct { + client *resty.Client +} + +func NewClient(endpoint, accessKeyId, secretAccessKey string) (*Client, error) { + if endpoint == "" { + return nil, fmt.Errorf("sdkerr: unset endpoint") + } + if _, err := url.Parse(endpoint); err != nil { + return nil, fmt.Errorf("sdkerr: invalid endpoint: %w", err) + } + if accessKeyId == "" { + return nil, fmt.Errorf("sdkerr: unset accessKeyId") + } + if secretAccessKey == "" { + return nil, fmt.Errorf("sdkerr: unset secretAccessKey") + } + + client := resty.New(). + SetBaseURL(endpoint). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + // 生成时间戳及流水号 + now := time.Now() + eopDate := now.Format("20060102T150405Z") + eopReqId := uuid.New().String() + + // 获取查询参数 + queryStr := "" + if req.URL != nil { + queryStr = req.URL.Query().Encode() + } + + // 获取请求正文 + payloadStr := "" + if req.Body != nil { + reader, err := req.GetBody() + if err != nil { + return err + } + + defer reader.Close() + payload, err := io.ReadAll(reader) + if err != nil { + return err + } + + payloadStr = string(payload) + } + + // 构造代签字符串 + payloadHash := sha256.Sum256([]byte(payloadStr)) + payloadHashHex := hex.EncodeToString(payloadHash[:]) + dataToSign := fmt.Sprintf("ctyun-eop-request-id:%s\neop-date:%s\n\n%s\n%s", eopReqId, eopDate, queryStr, payloadHashHex) + + // 生成 ktime + hasher := hmac.New(sha256.New, []byte(secretAccessKey)) + hasher.Write([]byte(eopDate)) + ktime := hasher.Sum(nil) + + // 生成 kak + hasher = hmac.New(sha256.New, ktime) + hasher.Write([]byte(accessKeyId)) + kak := hasher.Sum(nil) + + // 生成 kdate + hasher = hmac.New(sha256.New, kak) + hasher.Write([]byte(now.Format("20060102"))) + kdate := hasher.Sum(nil) + + // 构造签名 + hasher = hmac.New(sha256.New, kdate) + hasher.Write([]byte(dataToSign)) + sign := hasher.Sum(nil) + signStr := base64.StdEncoding.EncodeToString(sign) + + // 设置请求头 + req.Header.Set("ctyun-eop-request-id", eopReqId) + req.Header.Set("eop-date", eopDate) + req.Header.Set("eop-authorization", fmt.Sprintf("%s Headers=ctyun-eop-request-id;eop-date Signature=%s", accessKeyId, signStr)) + + return nil + }) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) NewRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) DoRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) DoRequestWithResult(req *resty.Request, res any) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.DoRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/dcloud/unicloud/api_create_domain_with_cert.go b/pkg/sdk3rd/dcloud/unicloud/api_create_domain_with_cert.go new file mode 100644 index 00000000..63ba6710 --- /dev/null +++ b/pkg/sdk3rd/dcloud/unicloud/api_create_domain_with_cert.go @@ -0,0 +1,27 @@ +package unicloud + +import ( + "net/http" +) + +type CreateDomainWithCertRequest struct { + Provider string `json:"provider"` + SpaceId string `json:"spaceId"` + Domain string `json:"domain"` + Cert string `json:"cert"` + Key string `json:"key"` +} + +type CreateDomainWithCertResponse struct { + apiResponseBase +} + +func (c *Client) CreateDomainWithCert(req *CreateDomainWithCertRequest) (*CreateDomainWithCertResponse, error) { + if err := c.ensureApiUserTokenExists(); err != nil { + return nil, err + } + + resp := &CreateDomainWithCertResponse{} + err := c.sendRequestWithResult(http.MethodPost, "/host/create-domain-with-cert", req, resp) + return resp, err +} diff --git a/internal/pkg/sdk3rd/dcloud/unicloud/client.go b/pkg/sdk3rd/dcloud/unicloud/client.go similarity index 67% rename from internal/pkg/sdk3rd/dcloud/unicloud/client.go rename to pkg/sdk3rd/dcloud/unicloud/client.go index 8db4a792..11e48619 100644 --- a/internal/pkg/sdk3rd/dcloud/unicloud/client.go +++ b/pkg/sdk3rd/dcloud/unicloud/client.go @@ -7,6 +7,7 @@ import ( "encoding/json" "fmt" "net/http" + "regexp" "runtime" "sort" "strings" @@ -43,14 +44,26 @@ const ( uniConsoleSpaceId = "dc-6nfabcn6ada8d3dd" ) -func NewClient(username, password string) *Client { +func NewClient(username, password string) (*Client, error) { + if username == "" { + return nil, fmt.Errorf("sdkerr: unset username") + } + if password == "" { + return nil, fmt.Errorf("sdkerr: unset password") + } + client := &Client{ username: username, password: password, } - client.serverlessClient = resty.New() + client.serverlessClient = resty.New(). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate") client.apiClient = resty.New(). SetBaseURL("https://unicloud-api.dcloud.net.cn/unicloud/api"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). SetHeader("User-Agent", "certimate"). SetPreRequestHook(func(c *resty.Client, req *http.Request) error { if client.apiUserToken != "" { @@ -60,37 +73,14 @@ func NewClient(username, password string) *Client { return nil }) - return client + return client, nil } -func (c *Client) WithTimeout(timeout time.Duration) *Client { +func (c *Client) SetTimeout(timeout time.Duration) *Client { c.serverlessClient.SetTimeout(timeout) return c } -func (c *Client) generateSignature(params map[string]any, secret string) string { - keys := make([]string, 0, len(params)) - for k := range params { - keys = append(keys, k) - } - sort.Strings(keys) - - canonicalStr := "" - for i, k := range keys { - if i > 0 { - canonicalStr += "&" - } - canonicalStr += k + "=" + fmt.Sprintf("%v", params[k]) - } - - mac := hmac.New(md5.New, []byte(secret)) - mac.Write([]byte(canonicalStr)) - sign := mac.Sum(nil) - signHex := hex.EncodeToString(sign) - - return signHex -} - func (c *Client) buildServerlessClientInfo(appId string) (_clientInfo map[string]any, _err error) { return map[string]any{ "PLATFORM": "web", @@ -171,7 +161,7 @@ func (c *Client) invokeServerless(endpoint, clientSecret, appId, spaceId, target clientInfo, _ := c.buildServerlessClientInfo(appId) clientInfoJsonb, _ := json.Marshal(clientInfo) - sign := c.generateSignature(payload, clientSecret) + sign := generateSignature(payload, clientSecret) req := c.serverlessClient.R(). SetHeader("Content-Type", "application/json"). @@ -191,7 +181,7 @@ func (c *Client) invokeServerless(endpoint, clientSecret, appId, spaceId, target return resp, nil } -func (c *Client) invokeServerlessWithResult(endpoint, clientSecret, appId, spaceId, target, method, action string, params, data interface{}, result BaseResponse) error { +func (c *Client) invokeServerlessWithResult(endpoint, clientSecret, appId, spaceId, target, method, action string, params, data interface{}, result apiResponse) error { resp, err := c.invokeServerless(endpoint, clientSecret, appId, spaceId, target, method, action, params, data) if err != nil { if resp != nil { @@ -239,7 +229,7 @@ func (c *Client) sendRequest(method string, path string, params interface{}) (*r return resp, nil } -func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error { +func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result apiResponse) error { resp, err := c.sendRequest(method, path, params) if err != nil { if resp != nil { @@ -256,3 +246,113 @@ func (c *Client) sendRequestWithResult(method string, path string, params interf return nil } + +func (c *Client) ensureServerlessJwtTokenExists() error { + c.serverlessJwtTokenMtx.Lock() + defer c.serverlessJwtTokenMtx.Unlock() + if c.serverlessJwtToken != "" && c.serverlessJwtTokenExp.After(time.Now()) { + return nil + } + + params := map[string]string{ + "password": "password", + } + if regexp.MustCompile("^1\\d{10}$").MatchString(c.username) { + params["mobile"] = c.username + } else if regexp.MustCompile("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$").MatchString(c.username) { + params["email"] = c.username + } else { + params["username"] = c.username + } + + type loginResponse struct { + apiResponseBase + Data *struct { + Code int32 `json:"errCode"` + UID string `json:"uid"` + NewToken *struct { + Token string `json:"token"` + TokenExpired int64 `json:"tokenExpired"` + } `json:"newToken,omitempty"` + } `json:"data,omitempty"` + } + + resp := &loginResponse{} + if err := c.invokeServerlessWithResult( + uniIdentityEndpoint, uniIdentityClientSecret, uniIdentityAppId, uniIdentitySpaceId, + "uni-id-co", "login", "", params, nil, + resp); err != nil { + return err + } else if resp.Data == nil || resp.Data.NewToken == nil || resp.Data.NewToken.Token == "" { + return fmt.Errorf("unicloud api error: received empty token") + } + + c.serverlessJwtToken = resp.Data.NewToken.Token + c.serverlessJwtTokenExp = time.UnixMilli(resp.Data.NewToken.TokenExpired) + + return nil +} + +func (c *Client) ensureApiUserTokenExists() error { + if err := c.ensureServerlessJwtTokenExists(); err != nil { + return err + } + + c.apiUserTokenMtx.Lock() + defer c.apiUserTokenMtx.Unlock() + if c.apiUserToken != "" { + return nil + } + + type getUserTokenResponse struct { + apiResponseBase + Data *struct { + Code int32 `json:"code"` + Data *struct { + Result int32 `json:"ret"` + Description string `json:"desc"` + Data *struct { + Email string `json:"email"` + Token string `json:"token"` + } `json:"data,omitempty"` + } `json:"data,omitempty"` + } `json:"data,omitempty"` + } + + resp := &getUserTokenResponse{} + if err := c.invokeServerlessWithResult( + uniConsoleEndpoint, uniConsoleClientSecret, uniConsoleAppId, uniConsoleSpaceId, + "uni-cloud-kernel", "", "user/getUserToken", nil, map[string]any{"isLogin": true}, + resp); err != nil { + return err + } else if resp.Data == nil || resp.Data.Data == nil || resp.Data.Data.Data == nil || resp.Data.Data.Data.Token == "" { + return fmt.Errorf("unicloud api error: received empty user token") + } + + c.apiUserToken = resp.Data.Data.Data.Token + + return nil +} + +func generateSignature(params map[string]any, secret string) string { + keys := make([]string, 0, len(params)) + for k := range params { + keys = append(keys, k) + } + sort.Strings(keys) + + canonicalStr := "" + for i, k := range keys { + if i > 0 { + canonicalStr += "&" + } + canonicalStr += k + "=" + fmt.Sprintf("%v", params[k]) + } + + mac := hmac.New(md5.New, []byte(secret)) + mac.Write([]byte(canonicalStr)) + sign := mac.Sum(nil) + signHex := hex.EncodeToString(sign) + + return signHex +} diff --git a/pkg/sdk3rd/dcloud/unicloud/types.go b/pkg/sdk3rd/dcloud/unicloud/types.go new file mode 100644 index 00000000..7fb72267 --- /dev/null +++ b/pkg/sdk3rd/dcloud/unicloud/types.go @@ -0,0 +1,64 @@ +package unicloud + +type apiResponse interface { + GetSuccess() bool + GetErrorCode() string + GetErrorMessage() string + + GetReturnCode() int32 + GetReturnDesc() string +} + +type apiResponseBase struct { + Success *bool `json:"success,omitempty"` + Header *map[string]string `json:"header,omitempty"` + Error *struct { + Code string `json:"code"` + Message string `json:"message"` + } `json:"error,omitempty"` + + ReturnCode *int32 `json:"ret,omitempty"` + ReturnDesc *string `json:"desc,omitempty"` +} + +func (r *apiResponseBase) GetReturnCode() int32 { + if r.ReturnCode == nil { + return 0 + } + + return *r.ReturnCode +} + +func (r *apiResponseBase) GetReturnDesc() string { + if r.ReturnDesc == nil { + return "" + } + + return *r.ReturnDesc +} + +func (r *apiResponseBase) GetSuccess() bool { + if r.Success == nil { + return false + } + + return *r.Success +} + +func (r *apiResponseBase) GetErrorCode() string { + if r.Error == nil { + return "" + } + + return r.Error.Code +} + +func (r *apiResponseBase) GetErrorMessage() string { + if r.Error == nil { + return "" + } + + return r.Error.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/pkg/sdk3rd/dnsla/api_create_record.go b/pkg/sdk3rd/dnsla/api_create_record.go new file mode 100644 index 00000000..25d7f0d9 --- /dev/null +++ b/pkg/sdk3rd/dnsla/api_create_record.go @@ -0,0 +1,46 @@ +package dnsla + +import ( + "context" + "net/http" +) + +type CreateRecordRequest struct { + DomainId string `json:"domainId"` + GroupId *string `json:"groupId,omitempty"` + LineId *string `json:"lineId,omitempty"` + Type int32 `json:"type"` + Host string `json:"host"` + Data string `json:"data"` + Ttl int32 `json:"ttl"` + Weight *int32 `json:"weight,omitempty"` + Preference *int32 `json:"preference,omitempty"` +} + +type CreateRecordResponse struct { + apiResponseBase + Data *struct { + Id string `json:"id"` + } `json:"data,omitempty"` +} + +func (c *Client) CreateRecord(req *CreateRecordRequest) (*CreateRecordResponse, error) { + return c.CreateRecordWithContext(context.Background(), req) +} + +func (c *Client) CreateRecordWithContext(ctx context.Context, req *CreateRecordRequest) (*CreateRecordResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/record") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &CreateRecordResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/dnsla/api_delete_record.go b/pkg/sdk3rd/dnsla/api_delete_record.go new file mode 100644 index 00000000..97dcb5ff --- /dev/null +++ b/pkg/sdk3rd/dnsla/api_delete_record.go @@ -0,0 +1,36 @@ +package dnsla + +import ( + "context" + "fmt" + "net/http" +) + +type DeleteRecordResponse struct { + apiResponseBase +} + +func (c *Client) DeleteRecord(recordId string) (*DeleteRecordResponse, error) { + return c.DeleteRecordWithContext(context.Background(), recordId) +} + +func (c *Client) DeleteRecordWithContext(ctx context.Context, recordId string) (*DeleteRecordResponse, error) { + if recordId == "" { + return nil, fmt.Errorf("sdkerr: unset recordId") + } + + httpreq, err := c.newRequest(http.MethodDelete, "/record") + if err != nil { + return nil, err + } else { + httpreq.SetQueryParam("id", recordId) + httpreq.SetContext(ctx) + } + + result := &DeleteRecordResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/dnsla/api_list_domains.go b/pkg/sdk3rd/dnsla/api_list_domains.go new file mode 100644 index 00000000..d7972e98 --- /dev/null +++ b/pkg/sdk3rd/dnsla/api_list_domains.go @@ -0,0 +1,51 @@ +package dnsla + +import ( + "context" + "net/http" + "strconv" +) + +type ListDomainsRequest struct { + GroupId *string `json:"groupId,omitempty"` + PageIndex *int32 `json:"pageIndex,omitempty"` + PageSize *int32 `json:"pageSize,omitempty"` +} + +type ListDomainsResponse struct { + apiResponseBase + Data *struct { + Total int32 `json:"total"` + Results []*DomainRecord `json:"results"` + } `json:"data,omitempty"` +} + +func (c *Client) ListDomains(req *ListDomainsRequest) (*ListDomainsResponse, error) { + return c.ListDomainsWithContext(context.Background(), req) +} + +func (c *Client) ListDomainsWithContext(ctx context.Context, req *ListDomainsRequest) (*ListDomainsResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/domainList") + if err != nil { + return nil, err + } else { + if req.GroupId != nil { + httpreq.SetQueryParam("groupId", *req.GroupId) + } + if req.PageIndex != nil { + httpreq.SetQueryParam("pageIndex", strconv.Itoa(int(*req.PageIndex))) + } + if req.PageSize != nil { + httpreq.SetQueryParam("pageSize", strconv.Itoa(int(*req.PageSize))) + } + + httpreq.SetContext(ctx) + } + + result := &ListDomainsResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/dnsla/api_list_records.go b/pkg/sdk3rd/dnsla/api_list_records.go new file mode 100644 index 00000000..4e77cc2f --- /dev/null +++ b/pkg/sdk3rd/dnsla/api_list_records.go @@ -0,0 +1,71 @@ +package dnsla + +import ( + "context" + "net/http" + "strconv" +) + +type ListRecordsRequest struct { + DomainId *string `json:"domainId,omitempty"` + GroupId *string `json:"groupId,omitempty"` + LineId *string `json:"lineId,omitempty"` + Type *int32 `json:"type,omitempty"` + Host *string `json:"host,omitempty"` + Data *string `json:"data,omitempty"` + PageIndex *int32 `json:"pageIndex,omitempty"` + PageSize *int32 `json:"pageSize,omitempty"` +} + +type ListRecordsResponse struct { + apiResponseBase + Data *struct { + Total int32 `json:"total"` + Results []*DnsRecord `json:"results"` + } `json:"data,omitempty"` +} + +func (c *Client) ListRecords(req *ListRecordsRequest) (*ListRecordsResponse, error) { + return c.ListRecordsWithContext(context.Background(), req) +} + +func (c *Client) ListRecordsWithContext(ctx context.Context, req *ListRecordsRequest) (*ListRecordsResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/recordList") + if err != nil { + return nil, err + } else { + if req.DomainId != nil { + httpreq.SetQueryParam("domainId", *req.DomainId) + } + if req.GroupId != nil { + httpreq.SetQueryParam("groupId", *req.GroupId) + } + if req.LineId != nil { + httpreq.SetQueryParam("lineId", *req.LineId) + } + if req.Type != nil { + httpreq.SetQueryParam("type", strconv.Itoa(int(*req.Type))) + } + if req.Host != nil { + httpreq.SetQueryParam("host", *req.Host) + } + if req.Data != nil { + httpreq.SetQueryParam("data", *req.Data) + } + if req.PageIndex != nil { + httpreq.SetQueryParam("pageIndex", strconv.Itoa(int(*req.PageIndex))) + } + if req.PageSize != nil { + httpreq.SetQueryParam("pageSize", strconv.Itoa(int(*req.PageSize))) + } + + httpreq.SetContext(ctx) + } + + result := &ListRecordsResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/dnsla/api_update_record.go b/pkg/sdk3rd/dnsla/api_update_record.go new file mode 100644 index 00000000..2ab147ce --- /dev/null +++ b/pkg/sdk3rd/dnsla/api_update_record.go @@ -0,0 +1,43 @@ +package dnsla + +import ( + "context" + "net/http" +) + +type UpdateRecordRequest struct { + Id string `json:"id"` + GroupId *string `json:"groupId,omitempty"` + LineId *string `json:"lineId,omitempty"` + Type *int32 `json:"type,omitempty"` + Host *string `json:"host,omitempty"` + Data *string `json:"data,omitempty"` + Ttl *int32 `json:"ttl,omitempty"` + Weight *int32 `json:"weight,omitempty"` + Preference *int32 `json:"preference,omitempty"` +} + +type UpdateRecordResponse struct { + apiResponseBase +} + +func (c *Client) UpdateRecord(req *UpdateRecordRequest) (*UpdateRecordResponse, error) { + return c.UpdateRecordWithContext(context.Background(), req) +} + +func (c *Client) UpdateRecordWithContext(ctx context.Context, req *UpdateRecordRequest) (*UpdateRecordResponse, error) { + httpreq, err := c.newRequest(http.MethodPut, "/record") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateRecordResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/dnsla/client.go b/pkg/sdk3rd/dnsla/client.go new file mode 100644 index 00000000..6add34a4 --- /dev/null +++ b/pkg/sdk3rd/dnsla/client.go @@ -0,0 +1,94 @@ +package dnsla + +import ( + "encoding/json" + "fmt" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(apiId, apiSecret string) (*Client, error) { + if apiId == "" { + return nil, fmt.Errorf("sdkerr: unset apiId") + } + if apiSecret == "" { + return nil, fmt.Errorf("sdkerr: unset apiSecret") + } + + client := resty.New(). + SetBaseURL("https://api.dns.la/api"). + SetBasicAuth(apiId, apiSecret). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate") + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode/100 != 2 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/dnsla/types.go b/pkg/sdk3rd/dnsla/types.go new file mode 100644 index 00000000..acb3767c --- /dev/null +++ b/pkg/sdk3rd/dnsla/types.go @@ -0,0 +1,59 @@ +package dnsla + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code *int32 `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +func (r *apiResponseBase) GetCode() int32 { + if r.Code == nil { + return 0 + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type DomainRecord struct { + Id string `json:"id"` + GroupId string `json:"groupId"` + GroupName string `json:"groupName"` + Domain string `json:"domain"` + DisplayDomain string `json:"displayDomain"` + CreatedAt int64 `json:"createdAt"` + UpdatedAt int64 `json:"updatedAt"` +} + +type DnsRecord struct { + Id string `json:"id"` + DomainId string `json:"domainId"` + GroupId string `json:"groupId"` + GroupName string `json:"groupName"` + LineId string `json:"lineId"` + LineCode string `json:"lineCode"` + LineName string `json:"lineName"` + Type int32 `json:"type"` + Host string `json:"host"` + DisplayHost string `json:"displayHost"` + Data string `json:"data"` + DisplayData string `json:"displayData"` + Ttl int32 `json:"ttl"` + Weight int32 `json:"weight"` + Preference int32 `json:"preference"` + CreatedAt int64 `json:"createdAt"` + UpdatedAt int64 `json:"updatedAt"` +} diff --git a/pkg/sdk3rd/dogecloud/api_bind_cdn_cert.go b/pkg/sdk3rd/dogecloud/api_bind_cdn_cert.go new file mode 100644 index 00000000..59a0c3bf --- /dev/null +++ b/pkg/sdk3rd/dogecloud/api_bind_cdn_cert.go @@ -0,0 +1,36 @@ +package dogecloud + +import ( + "context" + "net/http" +) + +type BindCdnCertRequest struct { + CertId int64 `json:"id"` + Domain string `json:"domain"` +} + +type BindCdnCertResponse struct { + apiResponseBase +} + +func (c *Client) BindCdnCert(req *BindCdnCertRequest) (*BindCdnCertResponse, error) { + return c.BindCdnCertWithContext(context.Background(), req) +} + +func (c *Client) BindCdnCertWithContext(ctx context.Context, req *BindCdnCertRequest) (*BindCdnCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/cdn/cert/bind.json") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &BindCdnCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/dogecloud/api_upload_cdn_cert.go b/pkg/sdk3rd/dogecloud/api_upload_cdn_cert.go new file mode 100644 index 00000000..43f70fb3 --- /dev/null +++ b/pkg/sdk3rd/dogecloud/api_upload_cdn_cert.go @@ -0,0 +1,41 @@ +package dogecloud + +import ( + "context" + "net/http" +) + +type UploadCdnCertRequest struct { + Note string `json:"note"` + Certificate string `json:"cert"` + PrivateKey string `json:"private"` +} + +type UploadCdnCertResponse struct { + apiResponseBase + + Data *struct { + Id int64 `json:"id"` + } `json:"data,omitempty"` +} + +func (c *Client) UploadCdnCert(req *UploadCdnCertRequest) (*UploadCdnCertResponse, error) { + return c.UploadCdnCertWithContext(context.Background(), req) +} + +func (c *Client) UploadCdnCertWithContext(ctx context.Context, req *UploadCdnCertRequest) (*UploadCdnCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/cdn/cert/upload.json") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UploadCdnCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/dogecloud/client.go b/pkg/sdk3rd/dogecloud/client.go new file mode 100644 index 00000000..f2088b00 --- /dev/null +++ b/pkg/sdk3rd/dogecloud/client.go @@ -0,0 +1,131 @@ +package dogecloud + +import ( + "crypto/hmac" + "crypto/sha1" + "encoding/hex" + "encoding/json" + "fmt" + "io" + "net/http" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(accessKey, secretKey string) (*Client, error) { + if accessKey == "" { + return nil, fmt.Errorf("sdkerr: unset accessKey") + } + if secretKey == "" { + return nil, fmt.Errorf("sdkerr: unset secretKey") + } + + client := resty.New(). + SetBaseURL("https://api.dogecloud.com"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(ctx *resty.Client, req *http.Request) error { + requestUrl := req.URL.Path + requestQuery := req.URL.Query().Encode() + if requestQuery != "" { + requestUrl += "?" + requestQuery + } + + payload := "" + if req.Body != nil { + reader, err := req.GetBody() + if err != nil { + return err + } + + defer reader.Close() + + payloadb, err := io.ReadAll(reader) + if err != nil { + return err + } + + payload = string(payloadb) + } + + stringToSign := fmt.Sprintf("%s\n%s", requestUrl, payload) + mac := hmac.New(sha1.New, []byte(secretKey)) + mac.Write([]byte(stringToSign)) + sign := hex.EncodeToString(mac.Sum(nil)) + + req.Header.Set("Authorization", fmt.Sprintf("TOKEN %s:%s", accessKey, sign)) + + return nil + }) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != 0 && tcode != 200 { + return resp, fmt.Errorf("sdkerr: code='%d', msg='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/dogecloud/types.go b/pkg/sdk3rd/dogecloud/types.go new file mode 100644 index 00000000..368b62a0 --- /dev/null +++ b/pkg/sdk3rd/dogecloud/types.go @@ -0,0 +1,29 @@ +package dogecloud + +type apiResponse interface { + GetCode() int + GetMessage() string +} + +type apiResponseBase struct { + Code *int `json:"code,omitempty"` + Message *string `json:"msg,omitempty"` +} + +func (r *apiResponseBase) GetCode() int { + if r.Code == nil { + return 0 + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/internal/pkg/sdk3rd/edgio/README.md b/pkg/sdk3rd/edgio/README.md similarity index 100% rename from internal/pkg/sdk3rd/edgio/README.md rename to pkg/sdk3rd/edgio/README.md diff --git a/internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/cdn_configuration.go b/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/cdn_configuration.go similarity index 100% rename from internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/cdn_configuration.go rename to pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/cdn_configuration.go diff --git a/internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/environment.go b/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/environment.go similarity index 100% rename from internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/environment.go rename to pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/environment.go diff --git a/internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/property.go b/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/property.go similarity index 100% rename from internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/property.go rename to pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/property.go diff --git a/internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/purge.go b/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/purge.go similarity index 100% rename from internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/purge.go rename to pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/purge.go diff --git a/internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/tls_cert.go b/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/tls_cert.go similarity index 100% rename from internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/tls_cert.go rename to pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/dtos/tls_cert.go diff --git a/internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/edgio_client.go b/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/edgio_client.go similarity index 100% rename from internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/edgio_client.go rename to pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/edgio_client.go diff --git a/internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/edgio_client_interface.go b/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/edgio_client_interface.go similarity index 100% rename from internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/edgio_client_interface.go rename to pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/applications/v7/edgio_client_interface.go diff --git a/internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/go.mod b/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/go.mod similarity index 100% rename from internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/go.mod rename to pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace/go.mod diff --git a/pkg/sdk3rd/flexcdn/api_update_ssl_cert.go b/pkg/sdk3rd/flexcdn/api_update_ssl_cert.go new file mode 100644 index 00000000..13cf3709 --- /dev/null +++ b/pkg/sdk3rd/flexcdn/api_update_ssl_cert.go @@ -0,0 +1,50 @@ +package flexcdn + +import ( + "context" + "net/http" +) + +type UpdateSSLCertRequest struct { + SSLCertId int64 `json:"sslCertId"` + IsOn bool `json:"isOn"` + Name string `json:"name"` + Description string `json:"description"` + ServerName string `json:"serverName"` + IsCA bool `json:"isCA"` + CertData string `json:"certData"` + KeyData string `json:"keyData"` + TimeBeginAt int64 `json:"timeBeginAt"` + TimeEndAt int64 `json:"timeEndAt"` + DNSNames []string `json:"dnsNames"` + CommonNames []string `json:"commonNames"` +} + +type UpdateSSLCertResponse struct { + apiResponseBase +} + +func (c *Client) UpdateSSLCert(req *UpdateSSLCertRequest) (*UpdateSSLCertResponse, error) { + return c.UpdateSSLCertWithContext(context.Background(), req) +} + +func (c *Client) UpdateSSLCertWithContext(ctx context.Context, req *UpdateSSLCertRequest) (*UpdateSSLCertResponse, error) { + if err := c.ensureAccessTokenExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodPost, "/SSLCertService/updateSSLCert") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateSSLCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/flexcdn/client.go b/pkg/sdk3rd/flexcdn/client.go new file mode 100644 index 00000000..3d097a81 --- /dev/null +++ b/pkg/sdk3rd/flexcdn/client.go @@ -0,0 +1,174 @@ +package flexcdn + +import ( + "crypto/tls" + "encoding/json" + "fmt" + "net/http" + "net/url" + "strings" + "sync" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + apiRole string + accessKeyId string + accessKey string + + accessToken string + accessTokenExp time.Time + accessTokenMtx sync.Mutex + + client *resty.Client +} + +func NewClient(serverUrl, apiRole, accessKeyId, accessKey string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiRole == "" { + return nil, fmt.Errorf("sdkerr: unset apiRole") + } + if apiRole != "user" && apiRole != "admin" { + return nil, fmt.Errorf("sdkerr: invalid apiRole") + } + if accessKeyId == "" { + return nil, fmt.Errorf("sdkerr: unset accessKeyId") + } + if accessKey == "" { + return nil, fmt.Errorf("sdkerr: unset accessKey") + } + + client := &Client{ + apiRole: apiRole, + accessKeyId: accessKeyId, + accessKey: accessKey, + } + client.client = resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + if client.accessToken != "" { + req.Header.Set("X-Cloud-Access-Token", client.accessToken) + } + + return nil + }) + + return client, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != 200 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} + +func (c *Client) ensureAccessTokenExists() error { + c.accessTokenMtx.Lock() + defer c.accessTokenMtx.Unlock() + if c.accessToken != "" && c.accessTokenExp.After(time.Now()) { + return nil + } + + httpreq, err := c.newRequest(http.MethodPost, "/APIAccessTokenService/getAPIAccessToken") + if err != nil { + return err + } else { + httpreq.SetBody(map[string]string{ + "type": c.apiRole, + "accessKeyId": c.accessKeyId, + "accessKey": c.accessKey, + }) + } + + type getAPIAccessTokenResponse struct { + apiResponseBase + Data *struct { + Token string `json:"token"` + ExpiresAt int64 `json:"expiresAt"` + } `json:"data,omitempty"` + } + + result := &getAPIAccessTokenResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return err + } else if code := result.GetCode(); code != 200 { + return fmt.Errorf("sdkerr: failed to get flexcdn access token: code='%d', message='%s'", code, result.GetMessage()) + } else { + c.accessToken = result.Data.Token + c.accessTokenExp = time.Unix(result.Data.ExpiresAt, 0) + } + + return nil +} diff --git a/pkg/sdk3rd/flexcdn/types.go b/pkg/sdk3rd/flexcdn/types.go new file mode 100644 index 00000000..21d4372c --- /dev/null +++ b/pkg/sdk3rd/flexcdn/types.go @@ -0,0 +1,21 @@ +package flexcdn + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code int32 `json:"code"` + Message string `json:"message"` +} + +func (r *apiResponseBase) GetCode() int32 { + return r.Code +} + +func (r *apiResponseBase) GetMessage() string { + return r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/internal/pkg/sdk3rd/gcore/common/endpoint.go b/pkg/sdk3rd/gcore/endpoint.go similarity index 100% rename from internal/pkg/sdk3rd/gcore/common/endpoint.go rename to pkg/sdk3rd/gcore/endpoint.go diff --git a/internal/pkg/sdk3rd/gcore/common/signer.go b/pkg/sdk3rd/gcore/signer.go similarity index 100% rename from internal/pkg/sdk3rd/gcore/common/signer.go rename to pkg/sdk3rd/gcore/signer.go diff --git a/pkg/sdk3rd/gname/api_add_domain_resolution.go b/pkg/sdk3rd/gname/api_add_domain_resolution.go new file mode 100644 index 00000000..ed5f687a --- /dev/null +++ b/pkg/sdk3rd/gname/api_add_domain_resolution.go @@ -0,0 +1,42 @@ +package gname + +import ( + "context" + "encoding/json" + "net/http" +) + +type AddDomainResolutionRequest struct { + ZoneName *string `json:"ym,omitempty"` + RecordType *string `json:"lx,omitempty"` + RecordName *string `json:"zj,omitempty"` + RecordValue *string `json:"jlz,omitempty"` + MX *int32 `json:"mx,omitempty"` + TTL *int32 `json:"ttl,omitempty"` +} + +type AddDomainResolutionResponse struct { + apiResponseBase + + Data json.Number `json:"data"` +} + +func (c *Client) AddDomainResolution(req *AddDomainResolutionRequest) (*AddDomainResolutionResponse, error) { + return c.AddDomainResolutionWithContext(context.Background(), req) +} + +func (c *Client) AddDomainResolutionWithContext(ctx context.Context, req *AddDomainResolutionRequest) (*AddDomainResolutionResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/api/resolution/add", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &AddDomainResolutionResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/gname/api_delete_domain_resolution.go b/pkg/sdk3rd/gname/api_delete_domain_resolution.go new file mode 100644 index 00000000..a2125fb3 --- /dev/null +++ b/pkg/sdk3rd/gname/api_delete_domain_resolution.go @@ -0,0 +1,35 @@ +package gname + +import ( + "context" + "net/http" +) + +type DeleteDomainResolutionRequest struct { + ZoneName *string `json:"ym,omitempty"` + RecordID *int64 `json:"jxid,omitempty"` +} + +type DeleteDomainResolutionResponse struct { + apiResponseBase +} + +func (c *Client) DeleteDomainResolution(req *DeleteDomainResolutionRequest) (*DeleteDomainResolutionResponse, error) { + return c.DeleteDomainResolutionWithContext(context.Background(), req) +} + +func (c *Client) DeleteDomainResolutionWithContext(ctx context.Context, req *DeleteDomainResolutionRequest) (*DeleteDomainResolutionResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/api/resolution/delete", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &DeleteDomainResolutionResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/gname/api_list_domain_resolution.go b/pkg/sdk3rd/gname/api_list_domain_resolution.go new file mode 100644 index 00000000..98832fc1 --- /dev/null +++ b/pkg/sdk3rd/gname/api_list_domain_resolution.go @@ -0,0 +1,41 @@ +package gname + +import ( + "context" + "net/http" +) + +type ListDomainResolutionRequest struct { + ZoneName *string `json:"ym,omitempty"` + Page *int32 `json:"page,omitempty"` + PageSize *int32 `json:"limit,omitempty"` +} + +type ListDomainResolutionResponse struct { + apiResponseBase + + Count int32 `json:"count"` + Data []*DomainResolutionRecordord `json:"data"` + Page int32 `json:"page"` + PageSize int32 `json:"pagesize"` +} + +func (c *Client) ListDomainResolution(req *ListDomainResolutionRequest) (*ListDomainResolutionResponse, error) { + return c.ListDomainResolutionWithContext(context.Background(), req) +} + +func (c *Client) ListDomainResolutionWithContext(ctx context.Context, req *ListDomainResolutionRequest) (*ListDomainResolutionResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/api/resolution/list", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &ListDomainResolutionResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/gname/api_modify_domain_resolution.go b/pkg/sdk3rd/gname/api_modify_domain_resolution.go new file mode 100644 index 00000000..883f4c41 --- /dev/null +++ b/pkg/sdk3rd/gname/api_modify_domain_resolution.go @@ -0,0 +1,40 @@ +package gname + +import ( + "context" + "net/http" +) + +type ModifyDomainResolutionRequest struct { + ID *int64 `json:"jxid,omitempty"` + ZoneName *string `json:"ym,omitempty"` + RecordType *string `json:"lx,omitempty"` + RecordName *string `json:"zj,omitempty"` + RecordValue *string `json:"jlz,omitempty"` + MX *int32 `json:"mx,omitempty"` + TTL *int32 `json:"ttl,omitempty"` +} + +type ModifyDomainResolutionResponse struct { + apiResponseBase +} + +func (c *Client) ModifyDomainResolution(req *ModifyDomainResolutionRequest) (*ModifyDomainResolutionResponse, error) { + return c.ModifyDomainResolutionWithContext(context.Background(), req) +} + +func (c *Client) ModifyDomainResolutionWithContext(ctx context.Context, req *ModifyDomainResolutionRequest) (*ModifyDomainResolutionResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/api/resolution/edit", req) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &ModifyDomainResolutionResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/gname/client.go b/pkg/sdk3rd/gname/client.go new file mode 100644 index 00000000..5fd26e02 --- /dev/null +++ b/pkg/sdk3rd/gname/client.go @@ -0,0 +1,148 @@ +package gname + +import ( + "crypto/md5" + "encoding/json" + "fmt" + "net/url" + "sort" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + appId string + appKey string + + client *resty.Client +} + +func NewClient(appId, appKey string) (*Client, error) { + if appId == "" { + return nil, fmt.Errorf("sdkerr: unset appId") + } + if appKey == "" { + return nil, fmt.Errorf("sdkerr: unset appKey") + } + + client := resty.New(). + SetBaseURL("http://api.gname.com"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/x-www-form-urlencoded"). + SetHeader("User-Agent", "certimate") + + return &Client{ + appId: appId, + appKey: appKey, + client: client, + }, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string, params any) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + data := make(map[string]string) + if params != nil { + temp := make(map[string]any) + jsonb, _ := json.Marshal(params) + json.Unmarshal(jsonb, &temp) + for k, v := range temp { + if v == nil { + continue + } + + data[k] = fmt.Sprintf("%v", v) + } + } + + data["appid"] = c.appId + data["gntime"] = fmt.Sprintf("%d", time.Now().Unix()) + data["gntoken"] = generateSignature(data, c.appKey) + + req := c.client.R() + req.Method = method + req.URL = path + req.SetFormData(data) + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetBody` or `req.SetFormData` HERE! USE `newRequest` INSTEAD. + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != 1 { + return resp, fmt.Errorf("sdkerr: api error: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} + +func generateSignature(params map[string]string, appKey string) string { + // Step 1: Sort parameters by ASCII order + var keys []string + for k := range params { + keys = append(keys, k) + } + sort.Strings(keys) + + // Step 2: Create string A with URL-encoded values + var pairs []string + for _, k := range keys { + encodedValue := url.QueryEscape(params[k]) + pairs = append(pairs, fmt.Sprintf("%s=%s", k, encodedValue)) + } + stringA := strings.Join(pairs, "&") + + // Step 3: Append appkey to create string B + stringB := stringA + appKey + + // Step 4: Calculate MD5 and convert to uppercase + hash := md5.Sum([]byte(stringB)) + return strings.ToUpper(fmt.Sprintf("%x", hash)) +} diff --git a/pkg/sdk3rd/gname/types.go b/pkg/sdk3rd/gname/types.go new file mode 100644 index 00000000..5b1373ea --- /dev/null +++ b/pkg/sdk3rd/gname/types.go @@ -0,0 +1,32 @@ +package gname + +import "encoding/json" + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code int32 `json:"code"` + Message string `json:"msg"` +} + +func (r *apiResponseBase) GetCode() int32 { + return r.Code +} + +func (r *apiResponseBase) GetMessage() string { + return r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type DomainResolutionRecordord struct { + ID json.Number `json:"id"` + ZoneName string `json:"ym"` + RecordType string `json:"lx"` + RecordName string `json:"zjt"` + RecordValue string `json:"jxz"` + MX int32 `json:"mx"` +} diff --git a/pkg/sdk3rd/goedge/api_update_ssl_cert.go b/pkg/sdk3rd/goedge/api_update_ssl_cert.go new file mode 100644 index 00000000..0aa68353 --- /dev/null +++ b/pkg/sdk3rd/goedge/api_update_ssl_cert.go @@ -0,0 +1,50 @@ +package goedge + +import ( + "context" + "net/http" +) + +type UpdateSSLCertRequest struct { + SSLCertId int64 `json:"sslCertId"` + IsOn bool `json:"isOn"` + Name string `json:"name"` + Description string `json:"description"` + ServerName string `json:"serverName"` + IsCA bool `json:"isCA"` + CertData string `json:"certData"` + KeyData string `json:"keyData"` + TimeBeginAt int64 `json:"timeBeginAt"` + TimeEndAt int64 `json:"timeEndAt"` + DNSNames []string `json:"dnsNames"` + CommonNames []string `json:"commonNames"` +} + +type UpdateSSLCertResponse struct { + apiResponseBase +} + +func (c *Client) UpdateSSLCert(req *UpdateSSLCertRequest) (*UpdateSSLCertResponse, error) { + return c.UpdateSSLCertWithContext(context.Background(), req) +} + +func (c *Client) UpdateSSLCertWithContext(ctx context.Context, req *UpdateSSLCertRequest) (*UpdateSSLCertResponse, error) { + if err := c.ensureAccessTokenExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodPost, "/SSLCertService/updateSSLCert") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateSSLCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/goedge/client.go b/pkg/sdk3rd/goedge/client.go new file mode 100644 index 00000000..52fdd8d8 --- /dev/null +++ b/pkg/sdk3rd/goedge/client.go @@ -0,0 +1,174 @@ +package goedge + +import ( + "crypto/tls" + "encoding/json" + "fmt" + "net/http" + "net/url" + "strings" + "sync" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + apiRole string + accessKeyId string + accessKey string + + accessToken string + accessTokenExp time.Time + accessTokenMtx sync.Mutex + + client *resty.Client +} + +func NewClient(serverUrl, apiRole, accessKeyId, accessKey string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiRole == "" { + return nil, fmt.Errorf("sdkerr: unset apiRole") + } + if apiRole != "user" && apiRole != "admin" { + return nil, fmt.Errorf("sdkerr: invalid apiRole") + } + if accessKeyId == "" { + return nil, fmt.Errorf("sdkerr: unset accessKeyId") + } + if accessKey == "" { + return nil, fmt.Errorf("sdkerr: unset accessKey") + } + + client := &Client{ + apiRole: apiRole, + accessKeyId: accessKeyId, + accessKey: accessKey, + } + client.client = resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + if client.accessToken != "" { + req.Header.Set("X-Edge-Access-Token", client.accessToken) + } + + return nil + }) + + return client, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != 200 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} + +func (c *Client) ensureAccessTokenExists() error { + c.accessTokenMtx.Lock() + defer c.accessTokenMtx.Unlock() + if c.accessToken != "" && c.accessTokenExp.After(time.Now()) { + return nil + } + + httpreq, err := c.newRequest(http.MethodPost, "/APIAccessTokenService/getAPIAccessToken") + if err != nil { + return err + } else { + httpreq.SetBody(map[string]string{ + "type": c.apiRole, + "accessKeyId": c.accessKeyId, + "accessKey": c.accessKey, + }) + } + + type getAPIAccessTokenResponse struct { + apiResponseBase + Data *struct { + Token string `json:"token"` + ExpiresAt int64 `json:"expiresAt"` + } `json:"data,omitempty"` + } + + result := &getAPIAccessTokenResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return err + } else if code := result.GetCode(); code != 200 { + return fmt.Errorf("sdkerr: failed to get goedge access token: code='%d', message='%s'", code, result.GetMessage()) + } else { + c.accessToken = result.Data.Token + c.accessTokenExp = time.Unix(result.Data.ExpiresAt, 0) + } + + return nil +} diff --git a/pkg/sdk3rd/goedge/types.go b/pkg/sdk3rd/goedge/types.go new file mode 100644 index 00000000..75434d6f --- /dev/null +++ b/pkg/sdk3rd/goedge/types.go @@ -0,0 +1,21 @@ +package goedge + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code int32 `json:"code"` + Message string `json:"message"` +} + +func (r *apiResponseBase) GetCode() int32 { + return r.Code +} + +func (r *apiResponseBase) GetMessage() string { + return r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/pkg/sdk3rd/lecdn/client-v3/api_update_certificate.go b/pkg/sdk3rd/lecdn/client-v3/api_update_certificate.go new file mode 100644 index 00000000..d9ffa4d9 --- /dev/null +++ b/pkg/sdk3rd/lecdn/client-v3/api_update_certificate.go @@ -0,0 +1,49 @@ +package clientv3 + +import ( + "context" + "fmt" + "net/http" +) + +type UpdateCertificateRequest struct { + Name string `json:"name"` + Description string `json:"description"` + Type string `json:"type"` + SSLPEM string `json:"ssl_pem"` + SSLKey string `json:"ssl_key"` + AutoRenewal bool `json:"auto_renewal"` +} + +type UpdateCertificateResponse struct { + apiResponseBase +} + +func (c *Client) UpdateCertificate(certId int64, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + return c.UpdateCertificateWithContext(context.Background(), certId, req) +} + +func (c *Client) UpdateCertificateWithContext(ctx context.Context, certId int64, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + if certId == 0 { + return nil, fmt.Errorf("sdkerr: unset certId") + } + + if err := c.ensureAccessTokenExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodPut, fmt.Sprintf("/certificate/%d", certId)) + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/lecdn/client-v3/client.go b/pkg/sdk3rd/lecdn/client-v3/client.go new file mode 100644 index 00000000..72e4b316 --- /dev/null +++ b/pkg/sdk3rd/lecdn/client-v3/client.go @@ -0,0 +1,161 @@ +package clientv3 + +import ( + "crypto/tls" + "encoding/json" + "fmt" + "net/http" + "net/url" + "strings" + "sync" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + username string + password string + + accessToken string + accessTokenMtx sync.Mutex + + client *resty.Client +} + +func NewClient(serverUrl, username, password string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if username == "" { + return nil, fmt.Errorf("sdkerr: unset username") + } + if password == "" { + return nil, fmt.Errorf("sdkerr: unset password") + } + + client := &Client{ + username: username, + password: password, + } + client.client = resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")+"/prod-api"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + if client.accessToken != "" { + req.Header.Set("Authorization", "Bearer "+client.accessToken) + } + + return nil + }) + + return client, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != 200 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} + +func (c *Client) ensureAccessTokenExists() error { + c.accessTokenMtx.Lock() + defer c.accessTokenMtx.Unlock() + if c.accessToken != "" { + return nil + } + + httpreq, err := c.newRequest(http.MethodPost, "/auth/login") + if err != nil { + return err + } else { + httpreq.SetBody(map[string]string{ + "email": c.username, + "username": c.username, + "password": c.password, + }) + } + + type loginResponse struct { + apiResponseBase + Data *struct { + UserId int64 `json:"user_id"` + Username string `json:"username"` + Token string `json:"token"` + } `json:"data,omitempty"` + } + + result := &loginResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return err + } else { + c.accessToken = result.Data.Token + } + + return nil +} diff --git a/pkg/sdk3rd/lecdn/client-v3/types.go b/pkg/sdk3rd/lecdn/client-v3/types.go new file mode 100644 index 00000000..f1597f42 --- /dev/null +++ b/pkg/sdk3rd/lecdn/client-v3/types.go @@ -0,0 +1,21 @@ +package clientv3 + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code int32 `json:"code"` + Message string `json:"msg"` +} + +func (r *apiResponseBase) GetCode() int32 { + return r.Code +} + +func (r *apiResponseBase) GetMessage() string { + return r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/pkg/sdk3rd/lecdn/master-v3/api_update_certificate.go b/pkg/sdk3rd/lecdn/master-v3/api_update_certificate.go new file mode 100644 index 00000000..c7205f73 --- /dev/null +++ b/pkg/sdk3rd/lecdn/master-v3/api_update_certificate.go @@ -0,0 +1,50 @@ +package masterv3 + +import ( + "context" + "fmt" + "net/http" +) + +type UpdateCertificateRequest struct { + ClientId int64 `json:"client_id"` + Name string `json:"name"` + Description string `json:"description"` + Type string `json:"type"` + SSLPEM string `json:"ssl_pem"` + SSLKey string `json:"ssl_key"` + AutoRenewal bool `json:"auto_renewal"` +} + +type UpdateCertificateResponse struct { + apiResponseBase +} + +func (c *Client) UpdateCertificate(certId int64, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + return c.UpdateCertificateWithContext(context.Background(), certId, req) +} + +func (c *Client) UpdateCertificateWithContext(ctx context.Context, certId int64, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + if certId == 0 { + return nil, fmt.Errorf("sdkerr: unset certId") + } + + if err := c.ensureAccessTokenExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodPut, fmt.Sprintf("/certificate/%d", certId)) + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/lecdn/master-v3/client.go b/pkg/sdk3rd/lecdn/master-v3/client.go new file mode 100644 index 00000000..66700609 --- /dev/null +++ b/pkg/sdk3rd/lecdn/master-v3/client.go @@ -0,0 +1,162 @@ +package masterv3 + +import ( + "crypto/tls" + "encoding/json" + "fmt" + "net/http" + "net/url" + "strings" + "sync" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + username string + password string + + accessToken string + accessTokenMtx sync.Mutex + + client *resty.Client +} + +func NewClient(serverUrl, username, password string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if username == "" { + return nil, fmt.Errorf("sdkerr: unset username") + } + if password == "" { + return nil, fmt.Errorf("sdkerr: unset password") + } + + client := &Client{ + username: username, + password: password, + } + client.client = resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")+"/prod-api"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + if client.accessToken != "" { + req.Header.Set("Authorization", "Bearer "+client.accessToken) + } + + return nil + }) + + return client, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != 200 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} + +func (c *Client) ensureAccessTokenExists() error { + c.accessTokenMtx.Lock() + defer c.accessTokenMtx.Unlock() + if c.accessToken != "" { + return nil + } + + httpreq, err := c.newRequest(http.MethodPost, "/auth/login") + if err != nil { + return err + } else { + httpreq.SetBody(map[string]string{ + "username": c.username, + "password": c.password, + }) + } + + type loginResponse struct { + apiResponseBase + Data *struct { + UserId int64 `json:"user_id"` + Username string `json:"username"` + Token string `json:"token"` + } `json:"data,omitempty"` + } + + result := &loginResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return err + } else { + c.accessToken = result.Data.Token + } + + return nil +} diff --git a/pkg/sdk3rd/lecdn/master-v3/types.go b/pkg/sdk3rd/lecdn/master-v3/types.go new file mode 100644 index 00000000..35e6d7f1 --- /dev/null +++ b/pkg/sdk3rd/lecdn/master-v3/types.go @@ -0,0 +1,21 @@ +package masterv3 + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code int32 `json:"code"` + Message string `json:"message"` +} + +func (r *apiResponseBase) GetCode() int32 { + return r.Code +} + +func (r *apiResponseBase) GetMessage() string { + return r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/pkg/sdk3rd/netlify/api_provision_site_tls_certificate.go b/pkg/sdk3rd/netlify/api_provision_site_tls_certificate.go new file mode 100644 index 00000000..6dc0e809 --- /dev/null +++ b/pkg/sdk3rd/netlify/api_provision_site_tls_certificate.go @@ -0,0 +1,52 @@ +package netlify + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type ProvisionSiteTLSCertificateParams struct { + Certificate string `json:"certificate"` + CACertificates string `json:"ca_certificates"` + Key string `json:"key"` +} + +type ProvisionSiteTLSCertificateResponse struct { + apiResponseBase + Domains []string `json:"domains,omitempty"` + State string `json:"state,omitempty"` + ExpiresAt string `json:"expires_at,omitempty"` + CreatedAt string `json:"created_at,omitempty"` + UpdatedAt string `json:"updated_at,omitempty"` +} + +func (c *Client) ProvisionSiteTLSCertificate(siteId string, req *ProvisionSiteTLSCertificateParams) (*ProvisionSiteTLSCertificateResponse, error) { + return c.ProvisionSiteTLSCertificateWithContext(context.Background(), siteId, req) +} + +func (c *Client) ProvisionSiteTLSCertificateWithContext(ctx context.Context, siteId string, req *ProvisionSiteTLSCertificateParams) (*ProvisionSiteTLSCertificateResponse, error) { + if siteId == "" { + return nil, fmt.Errorf("sdkerr: unset siteId") + } + + httpreq, err := c.newRequest(http.MethodPost, fmt.Sprintf("/sites/%s/ssl", url.PathEscape(siteId))) + if err != nil { + return nil, err + } else { + httpreq.SetQueryParams(map[string]string{ + "certificate": req.Certificate, + "ca_certificates": req.CACertificates, + "key": req.Key, + }) + httpreq.SetContext(ctx) + } + + result := &ProvisionSiteTLSCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/netlify/client.go b/pkg/sdk3rd/netlify/client.go new file mode 100644 index 00000000..1a6fa908 --- /dev/null +++ b/pkg/sdk3rd/netlify/client.go @@ -0,0 +1,91 @@ +package netlify + +import ( + "encoding/json" + "fmt" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(apiToken string) (*Client, error) { + if apiToken == "" { + return nil, fmt.Errorf("sdkerr: unset apiToken") + } + + client := resty.New(). + SetBaseURL("https://api.netlify.com/api/v1"). + SetHeader("Accept", "application/json"). + SetHeader("Authorization", "Bearer "+apiToken). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate") + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode != 0 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/netlify/types.go b/pkg/sdk3rd/netlify/types.go new file mode 100644 index 00000000..301da2bf --- /dev/null +++ b/pkg/sdk3rd/netlify/types.go @@ -0,0 +1,29 @@ +package netlify + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code *int32 `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +func (r *apiResponseBase) GetCode() int32 { + if r.Code == nil { + return 0 + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/internal/pkg/sdk3rd/qiniu/auth.go b/pkg/sdk3rd/qiniu/auth.go similarity index 88% rename from internal/pkg/sdk3rd/qiniu/auth.go rename to pkg/sdk3rd/qiniu/auth.go index 6df13752..a1668dd7 100644 --- a/internal/pkg/sdk3rd/qiniu/auth.go +++ b/pkg/sdk3rd/qiniu/auth.go @@ -4,6 +4,7 @@ import ( "net/http" "github.com/qiniu/go-sdk/v7/auth" + "github.com/qiniu/go-sdk/v7/client" ) type transport struct { @@ -13,7 +14,7 @@ type transport struct { func newTransport(mac *auth.Credentials, tr http.RoundTripper) *transport { if tr == nil { - tr = http.DefaultTransport + tr = client.DefaultTransport } return &transport{tr, mac} } diff --git a/pkg/sdk3rd/qiniu/cdn.go b/pkg/sdk3rd/qiniu/cdn.go new file mode 100644 index 00000000..54a56517 --- /dev/null +++ b/pkg/sdk3rd/qiniu/cdn.go @@ -0,0 +1,134 @@ +package qiniu + +import ( + "context" + "fmt" + "net/http" + "strings" + + "github.com/qiniu/go-sdk/v7/auth" + "github.com/qiniu/go-sdk/v7/client" +) + +const qiniuHost = "https://api.qiniu.com" + +type CdnManager struct { + client *client.Client +} + +func NewCdnManager(mac *auth.Credentials) *CdnManager { + if mac == nil { + mac = auth.Default() + } + + client := &client.Client{&http.Client{Transport: newTransport(mac, nil)}} + return &CdnManager{client: client} +} + +func (m *CdnManager) urlf(pathf string, pathargs ...any) string { + path := fmt.Sprintf(pathf, pathargs...) + path = strings.TrimPrefix(path, "/") + return qiniuHost + "/" + path +} + +type GetDomainInfoResponse struct { + Code *int `json:"code,omitempty"` + Error *string `json:"error,omitempty"` + Name string `json:"name"` + Type string `json:"type"` + CName string `json:"cname"` + Https *struct { + CertID string `json:"certId"` + ForceHttps bool `json:"forceHttps"` + Http2Enable bool `json:"http2Enable"` + } `json:"https"` + PareDomain string `json:"pareDomain"` + OperationType string `json:"operationType"` + OperatingState string `json:"operatingState"` + OperatingStateDesc string `json:"operatingStateDesc"` + CreateAt string `json:"createAt"` + ModifyAt string `json:"modifyAt"` +} + +func (m *CdnManager) GetDomainInfo(ctx context.Context, domain string) (*GetDomainInfoResponse, error) { + resp := new(GetDomainInfoResponse) + if err := m.client.Call(ctx, resp, http.MethodGet, m.urlf("domain/%s", domain), nil); err != nil { + return nil, err + } + return resp, nil +} + +type ModifyDomainHttpsConfRequest struct { + CertID string `json:"certId"` + ForceHttps bool `json:"forceHttps"` + Http2Enable bool `json:"http2Enable"` +} + +type ModifyDomainHttpsConfResponse struct { + Code *int `json:"code,omitempty"` + Error *string `json:"error,omitempty"` +} + +func (m *CdnManager) ModifyDomainHttpsConf(ctx context.Context, domain string, certId string, forceHttps bool, http2Enable bool) (*ModifyDomainHttpsConfResponse, error) { + req := &ModifyDomainHttpsConfRequest{ + CertID: certId, + ForceHttps: forceHttps, + Http2Enable: http2Enable, + } + resp := new(ModifyDomainHttpsConfResponse) + if err := m.client.CallWithJson(ctx, resp, http.MethodPut, m.urlf("domain/%s/httpsconf", domain), nil, req); err != nil { + return nil, err + } + return resp, nil +} + +type EnableDomainHttpsRequest struct { + CertID string `json:"certId"` + ForceHttps bool `json:"forceHttps"` + Http2Enable bool `json:"http2Enable"` +} + +type EnableDomainHttpsResponse struct { + Code *int `json:"code,omitempty"` + Error *string `json:"error,omitempty"` +} + +func (m *CdnManager) EnableDomainHttps(ctx context.Context, domain string, certId string, forceHttps bool, http2Enable bool) (*EnableDomainHttpsResponse, error) { + req := &EnableDomainHttpsRequest{ + CertID: certId, + ForceHttps: forceHttps, + Http2Enable: http2Enable, + } + resp := new(EnableDomainHttpsResponse) + if err := m.client.CallWithJson(ctx, resp, http.MethodPut, m.urlf("domain/%s/sslize", domain), nil, req); err != nil { + return nil, err + } + return resp, nil +} + +type UploadSslCertRequest struct { + Name string `json:"name"` + CommonName string `json:"common_name"` + Certificate string `json:"ca"` + PrivateKey string `json:"pri"` +} + +type UploadSslCertResponse struct { + Code *int `json:"code,omitempty"` + Error *string `json:"error,omitempty"` + CertID string `json:"certID"` +} + +func (m *CdnManager) UploadSslCert(ctx context.Context, name string, commonName string, certificate string, privateKey string) (*UploadSslCertResponse, error) { + req := &UploadSslCertRequest{ + Name: name, + CommonName: commonName, + Certificate: certificate, + PrivateKey: privateKey, + } + resp := new(UploadSslCertResponse) + if err := m.client.CallWithJson(ctx, resp, http.MethodPost, m.urlf("sslcert"), nil, req); err != nil { + return nil, err + } + return resp, nil +} diff --git a/pkg/sdk3rd/rainyun/api_rcdn_instance_ssl_bind.go b/pkg/sdk3rd/rainyun/api_rcdn_instance_ssl_bind.go new file mode 100644 index 00000000..4790be12 --- /dev/null +++ b/pkg/sdk3rd/rainyun/api_rcdn_instance_ssl_bind.go @@ -0,0 +1,41 @@ +package rainyun + +import ( + "context" + "fmt" + "net/http" +) + +type RcdnInstanceSslBindRequest struct { + CertId int32 `json:"cert_id"` + Domains []string `json:"domains"` +} + +type RcdnInstanceSslBindResponse struct { + apiResponseBase +} + +func (c *Client) RcdnInstanceSslBind(instanceId int32, req *RcdnInstanceSslBindRequest) (*RcdnInstanceSslBindResponse, error) { + return c.RcdnInstanceSslBindWithContext(context.Background(), instanceId, req) +} + +func (c *Client) RcdnInstanceSslBindWithContext(ctx context.Context, instanceId int32, req *RcdnInstanceSslBindRequest) (*RcdnInstanceSslBindResponse, error) { + if instanceId == 0 { + return nil, fmt.Errorf("sdkerr: unset instanceId") + } + + httpreq, err := c.newRequest(http.MethodPost, fmt.Sprintf("/product/rcdn/instance/%d/ssl_bind", instanceId)) + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &RcdnInstanceSslBindResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/rainyun/api_ssl_center_create.go b/pkg/sdk3rd/rainyun/api_ssl_center_create.go new file mode 100644 index 00000000..1af08e5b --- /dev/null +++ b/pkg/sdk3rd/rainyun/api_ssl_center_create.go @@ -0,0 +1,36 @@ +package rainyun + +import ( + "context" + "net/http" +) + +type SslCenterCreateRequest struct { + Cert string `json:"cert"` + Key string `json:"key"` +} + +type SslCenterCreateResponse struct { + apiResponseBase +} + +func (c *Client) SslCenterCreate(req *SslCenterCreateRequest) (*SslCenterCreateResponse, error) { + return c.SslCenterCreateWithContext(context.Background(), req) +} + +func (c *Client) SslCenterCreateWithContext(ctx context.Context, req *SslCenterCreateRequest) (*SslCenterCreateResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/product/sslcenter/") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &SslCenterCreateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/rainyun/api_ssl_center_get.go b/pkg/sdk3rd/rainyun/api_ssl_center_get.go new file mode 100644 index 00000000..6dec58ce --- /dev/null +++ b/pkg/sdk3rd/rainyun/api_ssl_center_get.go @@ -0,0 +1,37 @@ +package rainyun + +import ( + "context" + "fmt" + "net/http" +) + +type SslCenterGetResponse struct { + apiResponseBase + + Data *SslDetail `json:"data,omitempty"` +} + +func (c *Client) SslCenterGet(sslId int32) (*SslCenterGetResponse, error) { + return c.SslCenterGetWithContext(context.Background(), sslId) +} + +func (c *Client) SslCenterGetWithContext(ctx context.Context, sslId int32) (*SslCenterGetResponse, error) { + if sslId == 0 { + return nil, fmt.Errorf("sdkerr: unset sslId") + } + + httpreq, err := c.newRequest(http.MethodGet, fmt.Sprintf("/product/sslcenter/%d", sslId)) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &SslCenterGetResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/rainyun/api_ssl_center_list.go b/pkg/sdk3rd/rainyun/api_ssl_center_list.go new file mode 100644 index 00000000..e727c3b0 --- /dev/null +++ b/pkg/sdk3rd/rainyun/api_ssl_center_list.go @@ -0,0 +1,49 @@ +package rainyun + +import ( + "context" + "encoding/json" + "net/http" +) + +type SslCenterListFilters struct { + Domain *string `json:"Domain,omitempty"` +} + +type SslCenterListRequest struct { + Filters *SslCenterListFilters `json:"columnFilters,omitempty"` + Sort []*string `json:"sort,omitempty"` + Page *int32 `json:"page,omitempty"` + PerPage *int32 `json:"perPage,omitempty"` +} + +type SslCenterListResponse struct { + apiResponseBase + + Data *struct { + TotalRecords int32 `json:"TotalRecords"` + Records []*SslRecord `json:"Records"` + } `json:"data,omitempty"` +} + +func (c *Client) SslCenterList(req *SslCenterListRequest) (*SslCenterListResponse, error) { + return c.SslCenterListWithContext(context.Background(), req) +} + +func (c *Client) SslCenterListWithContext(ctx context.Context, req *SslCenterListRequest) (*SslCenterListResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/product/sslcenter") + if err != nil { + return nil, err + } else { + jsonb, _ := json.Marshal(req) + httpreq.SetQueryParam("options", string(jsonb)) + httpreq.SetContext(ctx) + } + + result := &SslCenterListResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/rainyun/client.go b/pkg/sdk3rd/rainyun/client.go new file mode 100644 index 00000000..e7f2fb5a --- /dev/null +++ b/pkg/sdk3rd/rainyun/client.go @@ -0,0 +1,91 @@ +package rainyun + +import ( + "encoding/json" + "fmt" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(apiKey string) (*Client, error) { + if apiKey == "" { + return nil, fmt.Errorf("sdkerr: unset apiKey") + } + + client := resty.New(). + SetBaseURL("https://api.v2.rainyun.com"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetHeader("X-API-Key", apiKey) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tcode := res.GetCode(); tcode/100 != 2 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", tcode, res.GetMessage()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/rainyun/types.go b/pkg/sdk3rd/rainyun/types.go new file mode 100644 index 00000000..47937f71 --- /dev/null +++ b/pkg/sdk3rd/rainyun/types.go @@ -0,0 +1,49 @@ +package rainyun + +type apiResponse interface { + GetCode() int32 + GetMessage() string +} + +type apiResponseBase struct { + Code *int32 `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +func (r *apiResponseBase) GetCode() int32 { + if r.Code == nil { + return 0 + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type SslRecord struct { + ID int32 `json:"ID"` + UID int32 `json:"UID"` + Domain string `json:"Domain"` + Issuer string `json:"Issuer"` + StartDate int64 `json:"StartDate"` + ExpireDate int64 `json:"ExpDate"` + UploadTime int64 `json:"UploadTime"` +} + +type SslDetail struct { + Cert string `json:"Cert"` + Key string `json:"Key"` + Domain string `json:"DomainName"` + Issuer string `json:"Issuer"` + StartDate int64 `json:"StartDate"` + ExpireDate int64 `json:"ExpDate"` + RemainDays int32 `json:"RemainDays"` +} diff --git a/pkg/sdk3rd/ratpanel/api_set_setting_cert.go b/pkg/sdk3rd/ratpanel/api_set_setting_cert.go new file mode 100644 index 00000000..7a026b48 --- /dev/null +++ b/pkg/sdk3rd/ratpanel/api_set_setting_cert.go @@ -0,0 +1,36 @@ +package ratpanel + +import ( + "context" + "net/http" +) + +type SetSettingCertRequest struct { + Certificate string `json:"cert"` + PrivateKey string `json:"key"` +} + +type SetSettingCertResponse struct { + apiResponseBase +} + +func (c *Client) SetSettingCert(req *SetSettingCertRequest) (*SetSettingCertResponse, error) { + return c.SetSettingCertWithContext(context.Background(), req) +} + +func (c *Client) SetSettingCertWithContext(ctx context.Context, req *SetSettingCertRequest) (*SetSettingCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/setting/cert") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &SetSettingCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ratpanel/api_set_website_cert.go b/pkg/sdk3rd/ratpanel/api_set_website_cert.go new file mode 100644 index 00000000..679373fa --- /dev/null +++ b/pkg/sdk3rd/ratpanel/api_set_website_cert.go @@ -0,0 +1,37 @@ +package ratpanel + +import ( + "context" + "net/http" +) + +type SetWebsiteCertRequest struct { + SiteName string `json:"name"` + Certificate string `json:"cert"` + PrivateKey string `json:"key"` +} + +type SetWebsiteCertResponse struct { + apiResponseBase +} + +func (c *Client) SetWebsiteCert(req *SetWebsiteCertRequest) (*SetWebsiteCertResponse, error) { + return c.SetWebsiteCertWithContext(context.Background(), req) +} + +func (c *Client) SetWebsiteCertWithContext(ctx context.Context, req *SetWebsiteCertRequest) (*SetWebsiteCertResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/website/cert") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &SetWebsiteCertResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/ratpanel/client.go b/pkg/sdk3rd/ratpanel/client.go new file mode 100644 index 00000000..155e2349 --- /dev/null +++ b/pkg/sdk3rd/ratpanel/client.go @@ -0,0 +1,164 @@ +package ratpanel + +import ( + "bytes" + "crypto/hmac" + "crypto/sha256" + "crypto/tls" + "encoding/hex" + "encoding/json" + "fmt" + "io" + "net/http" + "net/url" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(serverUrl string, accessTokenId int32, accessToken string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if accessTokenId == 0 { + return nil, fmt.Errorf("sdkerr: unset accessTokenId") + } + if accessToken == "" { + return nil, fmt.Errorf("sdkerr: unset accessToken") + } + + client := resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")+"/api"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + var body []byte + var err error + + if req.Body != nil { + body, err = io.ReadAll(req.Body) + if err != nil { + return err + } + req.Body = io.NopCloser(bytes.NewReader(body)) + } + + canonicalPath := req.URL.Path + if !strings.HasPrefix(canonicalPath, "/api") { + index := strings.Index(canonicalPath, "/api") + if index != -1 { + canonicalPath = canonicalPath[index:] + } + } + + canonicalRequest := fmt.Sprintf("%s\n%s\n%s\n%s", + req.Method, + canonicalPath, + req.URL.Query().Encode(), + sumSha256(string(body))) + + timestamp := time.Now().Unix() + req.Header.Set("X-Timestamp", fmt.Sprintf("%d", timestamp)) + + stringToSign := fmt.Sprintf("%s\n%d\n%s", + "HMAC-SHA256", + timestamp, + sumSha256(canonicalRequest)) + signature := sumHmacSha256(stringToSign, accessToken) + req.Header.Set("Authorization", fmt.Sprintf("HMAC-SHA256 Credential=%d, Signature=%s", accessTokenId, signature)) + + return nil + }) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tmessage := res.GetMessage(); tmessage != "success" { + return resp, fmt.Errorf("sdkerr: message='%s'", tmessage) + } + } + } + + return resp, nil +} + +func sumSha256(str string) string { + sum := sha256.Sum256([]byte(str)) + dst := make([]byte, hex.EncodedLen(len(sum))) + hex.Encode(dst, sum[:]) + return string(dst) +} + +func sumHmacSha256(data string, secret string) string { + h := hmac.New(sha256.New, []byte(secret)) + h.Write([]byte(data)) + return hex.EncodeToString(h.Sum(nil)) +} diff --git a/pkg/sdk3rd/ratpanel/types.go b/pkg/sdk3rd/ratpanel/types.go new file mode 100644 index 00000000..16a17b0e --- /dev/null +++ b/pkg/sdk3rd/ratpanel/types.go @@ -0,0 +1,19 @@ +package ratpanel + +type apiResponse interface { + GetMessage() string +} + +type apiResponseBase struct { + Message *string `json:"msg,omitempty"` +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +var _ apiResponse = (*apiResponseBase)(nil) diff --git a/pkg/sdk3rd/safeline/api_update_certificate.go b/pkg/sdk3rd/safeline/api_update_certificate.go new file mode 100644 index 00000000..3dcbb5ba --- /dev/null +++ b/pkg/sdk3rd/safeline/api_update_certificate.go @@ -0,0 +1,37 @@ +package safeline + +import ( + "context" + "net/http" +) + +type UpdateCertificateRequest struct { + Id int32 `json:"id"` + Type int32 `json:"type"` + Manual *CertificateManul `json:"manual"` +} + +type UpdateCertificateResponse struct { + apiResponseBase +} + +func (c *Client) UpdateCertificate(req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + return c.UpdateCertificateWithContext(context.Background(), req) +} + +func (c *Client) UpdateCertificateWithContext(ctx context.Context, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/api/open/cert") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/safeline/client.go b/pkg/sdk3rd/safeline/client.go new file mode 100644 index 00000000..5d7ee668 --- /dev/null +++ b/pkg/sdk3rd/safeline/client.go @@ -0,0 +1,105 @@ +package safeline + +import ( + "crypto/tls" + "encoding/json" + "fmt" + "net/url" + "strings" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + client *resty.Client +} + +func NewClient(serverUrl, apiToken string) (*Client, error) { + if serverUrl == "" { + return nil, fmt.Errorf("sdkerr: unset serverUrl") + } + if _, err := url.Parse(serverUrl); err != nil { + return nil, fmt.Errorf("sdkerr: invalid serverUrl: %w", err) + } + if apiToken == "" { + return nil, fmt.Errorf("sdkerr: unset apiToken") + } + + client := resty.New(). + SetBaseURL(strings.TrimRight(serverUrl, "/")). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetHeader("X-SLCE-API-TOKEN", apiToken) + + return &Client{client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) SetTLSConfig(config *tls.Config) *Client { + c.client.SetTLSClientConfig(config) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if terrcode := res.GetErrCode(); terrcode != "" { + return resp, fmt.Errorf("sdkerr: err='%s', msg='%s'", terrcode, res.GetErrMsg()) + } + } + } + + return resp, nil +} diff --git a/pkg/sdk3rd/safeline/types.go b/pkg/sdk3rd/safeline/types.go new file mode 100644 index 00000000..16d44397 --- /dev/null +++ b/pkg/sdk3rd/safeline/types.go @@ -0,0 +1,34 @@ +package safeline + +type apiResponse interface { + GetErrCode() string + GetErrMsg() string +} + +type apiResponseBase struct { + ErrCode *string `json:"err,omitempty"` + ErrMsg *string `json:"msg,omitempty"` +} + +func (r *apiResponseBase) GetErrCode() string { + if r.ErrCode == nil { + return "" + } + + return *r.ErrCode +} + +func (r *apiResponseBase) GetErrMsg() string { + if r.ErrMsg == nil { + return "" + } + + return *r.ErrMsg +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type CertificateManul struct { + Crt string `json:"crt"` + Key string `json:"key"` +} diff --git a/pkg/sdk3rd/ucloud/udnr/api_add_domain_dns.go b/pkg/sdk3rd/ucloud/udnr/api_add_domain_dns.go new file mode 100644 index 00000000..d0cfe4c5 --- /dev/null +++ b/pkg/sdk3rd/ucloud/udnr/api_add_domain_dns.go @@ -0,0 +1,44 @@ +package udnr + +import ( + "github.com/ucloud/ucloud-sdk-go/ucloud/request" + "github.com/ucloud/ucloud-sdk-go/ucloud/response" +) + +type AddDomainDNSRequest struct { + request.CommonBase + + Dn *string `required:"true"` + DnsType *string `required:"true"` + RecordName *string `required:"true"` + Content *string `required:"true"` + TTL *int `required:"true"` + Prio *int `required:"false"` +} + +type AddDomainDNSResponse struct { + response.CommonBase +} + +func (c *UDNRClient) NewAddDomainDNSRequest() *AddDomainDNSRequest { + req := &AddDomainDNSRequest{} + + c.Client.SetupRequest(req) + + req.SetRetryable(false) + return req +} + +func (c *UDNRClient) AddDomainDNS(req *AddDomainDNSRequest) (*AddDomainDNSResponse, error) { + var err error + var res AddDomainDNSResponse + + reqCopier := *req + + err = c.Client.InvokeAction("UdnrDomainDNSAdd", &reqCopier, &res) + if err != nil { + return &res, err + } + + return &res, nil +} diff --git a/pkg/sdk3rd/ucloud/udnr/api_delete_domain_dns.go b/pkg/sdk3rd/ucloud/udnr/api_delete_domain_dns.go new file mode 100644 index 00000000..11ddce01 --- /dev/null +++ b/pkg/sdk3rd/ucloud/udnr/api_delete_domain_dns.go @@ -0,0 +1,42 @@ +package udnr + +import ( + "github.com/ucloud/ucloud-sdk-go/ucloud/request" + "github.com/ucloud/ucloud-sdk-go/ucloud/response" +) + +type DeleteDomainDNSRequest struct { + request.CommonBase + + Dn *string `required:"true"` + DnsType *string `required:"true"` + RecordName *string `required:"true"` + Content *string `required:"true"` +} + +type DeleteDomainDNSResponse struct { + response.CommonBase +} + +func (c *UDNRClient) NewDeleteDomainDNSRequest() *DeleteDomainDNSRequest { + req := &DeleteDomainDNSRequest{} + + c.Client.SetupRequest(req) + + req.SetRetryable(false) + return req +} + +func (c *UDNRClient) DeleteDomainDNS(req *DeleteDomainDNSRequest) (*DeleteDomainDNSResponse, error) { + var err error + var res DeleteDomainDNSResponse + + reqCopier := *req + + err = c.Client.InvokeAction("UdnrDeleteDnsRecord", &reqCopier, &res) + if err != nil { + return &res, err + } + + return &res, nil +} diff --git a/pkg/sdk3rd/ucloud/udnr/api_query_domain_dns.go b/pkg/sdk3rd/ucloud/udnr/api_query_domain_dns.go new file mode 100644 index 00000000..cabfd155 --- /dev/null +++ b/pkg/sdk3rd/ucloud/udnr/api_query_domain_dns.go @@ -0,0 +1,41 @@ +package udnr + +import ( + "github.com/ucloud/ucloud-sdk-go/ucloud/request" + "github.com/ucloud/ucloud-sdk-go/ucloud/response" +) + +type QueryDomainDNSRequest struct { + request.CommonBase + + Dn *string `required:"true"` +} + +type QueryDomainDNSResponse struct { + response.CommonBase + + Data []DomainDNSRecord +} + +func (c *UDNRClient) NewQueryDomainDNSRequest() *QueryDomainDNSRequest { + req := &QueryDomainDNSRequest{} + + c.Client.SetupRequest(req) + + req.SetRetryable(false) + return req +} + +func (c *UDNRClient) QueryDomainDNS(req *QueryDomainDNSRequest) (*QueryDomainDNSResponse, error) { + var err error + var res QueryDomainDNSResponse + + reqCopier := *req + + err = c.Client.InvokeAction("UdnrDomainDNSQuery", &reqCopier, &res) + if err != nil { + return &res, err + } + + return &res, nil +} diff --git a/internal/pkg/sdk3rd/ucloud/udnr/client.go b/pkg/sdk3rd/ucloud/udnr/client.go similarity index 100% rename from internal/pkg/sdk3rd/ucloud/udnr/client.go rename to pkg/sdk3rd/ucloud/udnr/client.go diff --git a/internal/pkg/sdk3rd/ucloud/udnr/models.go b/pkg/sdk3rd/ucloud/udnr/types.go similarity index 100% rename from internal/pkg/sdk3rd/ucloud/udnr/models.go rename to pkg/sdk3rd/ucloud/udnr/types.go diff --git a/internal/pkg/sdk3rd/ucloud/ufile/apis.go b/pkg/sdk3rd/ucloud/ufile/api_add_ufile_ssl_cert.go similarity index 100% rename from internal/pkg/sdk3rd/ucloud/ufile/apis.go rename to pkg/sdk3rd/ucloud/ufile/api_add_ufile_ssl_cert.go diff --git a/internal/pkg/sdk3rd/ucloud/ufile/client.go b/pkg/sdk3rd/ucloud/ufile/client.go similarity index 100% rename from internal/pkg/sdk3rd/ucloud/ufile/client.go rename to pkg/sdk3rd/ucloud/ufile/client.go diff --git a/pkg/sdk3rd/ucloud/ussl/api_download_certificate.go b/pkg/sdk3rd/ucloud/ussl/api_download_certificate.go new file mode 100644 index 00000000..3d262e9e --- /dev/null +++ b/pkg/sdk3rd/ucloud/ussl/api_download_certificate.go @@ -0,0 +1,43 @@ +package ussl + +import ( + "github.com/ucloud/ucloud-sdk-go/ucloud/request" + "github.com/ucloud/ucloud-sdk-go/ucloud/response" +) + +type DownloadCertificateRequest struct { + request.CommonBase + + CertificateID *int `required:"true"` +} + +type DownloadCertificateResponse struct { + response.CommonBase + + CertificateUrl string + CertCA *CertificateDownloadInfo + Certificate *CertificateDownloadInfo +} + +func (c *USSLClient) NewDownloadCertificateRequest() *DownloadCertificateRequest { + req := &DownloadCertificateRequest{} + + c.Client.SetupRequest(req) + + req.SetRetryable(false) + return req +} + +func (c *USSLClient) DownloadCertificate(req *DownloadCertificateRequest) (*DownloadCertificateResponse, error) { + var err error + var res DownloadCertificateResponse + + reqCopier := *req + + err = c.Client.InvokeAction("DownloadCertificate", &reqCopier, &res) + if err != nil { + return &res, err + } + + return &res, nil +} diff --git a/pkg/sdk3rd/ucloud/ussl/api_get_certificate_detail_info.go b/pkg/sdk3rd/ucloud/ussl/api_get_certificate_detail_info.go new file mode 100644 index 00000000..2ab11aa7 --- /dev/null +++ b/pkg/sdk3rd/ucloud/ussl/api_get_certificate_detail_info.go @@ -0,0 +1,41 @@ +package ussl + +import ( + "github.com/ucloud/ucloud-sdk-go/ucloud/request" + "github.com/ucloud/ucloud-sdk-go/ucloud/response" +) + +type GetCertificateDetailInfoRequest struct { + request.CommonBase + + CertificateID *int `required:"true"` +} + +type GetCertificateDetailInfoResponse struct { + response.CommonBase + + CertificateInfo *CertificateInfo +} + +func (c *USSLClient) NewGetCertificateDetailInfoRequest() *GetCertificateDetailInfoRequest { + req := &GetCertificateDetailInfoRequest{} + + c.Client.SetupRequest(req) + + req.SetRetryable(false) + return req +} + +func (c *USSLClient) GetCertificateDetailInfo(req *GetCertificateDetailInfoRequest) (*GetCertificateDetailInfoResponse, error) { + var err error + var res GetCertificateDetailInfoResponse + + reqCopier := *req + + err = c.Client.InvokeAction("GetCertificateDetailInfo", &reqCopier, &res) + if err != nil { + return &res, err + } + + return &res, nil +} diff --git a/pkg/sdk3rd/ucloud/ussl/api_get_certificate_list.go b/pkg/sdk3rd/ucloud/ussl/api_get_certificate_list.go new file mode 100644 index 00000000..e746335d --- /dev/null +++ b/pkg/sdk3rd/ucloud/ussl/api_get_certificate_list.go @@ -0,0 +1,49 @@ +package ussl + +import ( + "github.com/ucloud/ucloud-sdk-go/ucloud/request" + "github.com/ucloud/ucloud-sdk-go/ucloud/response" +) + +type GetCertificateListRequest struct { + request.CommonBase + + Mode *string `required:"true"` + StateCode *string `required:"false"` + Brand *string `required:"false"` + CaOrganization *string `required:"false"` + Domain *string `required:"false"` + Sort *string `required:"false"` + Page *int `required:"false"` + PageSize *int `required:"false"` +} + +type GetCertificateListResponse struct { + response.CommonBase + + CertificateList []*CertificateListItem + TotalCount int +} + +func (c *USSLClient) NewGetCertificateListRequest() *GetCertificateListRequest { + req := &GetCertificateListRequest{} + + c.Client.SetupRequest(req) + + req.SetRetryable(false) + return req +} + +func (c *USSLClient) GetCertificateList(req *GetCertificateListRequest) (*GetCertificateListResponse, error) { + var err error + var res GetCertificateListResponse + + reqCopier := *req + + err = c.Client.InvokeAction("GetCertificateList", &reqCopier, &res) + if err != nil { + return &res, err + } + + return &res, nil +} diff --git a/pkg/sdk3rd/ucloud/ussl/api_upload_normal_certificate.go b/pkg/sdk3rd/ucloud/ussl/api_upload_normal_certificate.go new file mode 100644 index 00000000..1a99e839 --- /dev/null +++ b/pkg/sdk3rd/ucloud/ussl/api_upload_normal_certificate.go @@ -0,0 +1,46 @@ +package ussl + +import ( + "github.com/ucloud/ucloud-sdk-go/ucloud/request" + "github.com/ucloud/ucloud-sdk-go/ucloud/response" +) + +type UploadNormalCertificateRequest struct { + request.CommonBase + + CertificateName *string `required:"true"` + SslPublicKey *string `required:"true"` + SslPrivateKey *string `required:"true"` + SslMD5 *string `required:"true"` + SslCaKey *string `required:"false"` +} + +type UploadNormalCertificateResponse struct { + response.CommonBase + + CertificateID int + LongResourceID string +} + +func (c *USSLClient) NewUploadNormalCertificateRequest() *UploadNormalCertificateRequest { + req := &UploadNormalCertificateRequest{} + + c.Client.SetupRequest(req) + + req.SetRetryable(false) + return req +} + +func (c *USSLClient) UploadNormalCertificate(req *UploadNormalCertificateRequest) (*UploadNormalCertificateResponse, error) { + var err error + var res UploadNormalCertificateResponse + + reqCopier := *req + + err = c.Client.InvokeAction("UploadNormalCertificate", &reqCopier, &res) + if err != nil { + return &res, err + } + + return &res, nil +} diff --git a/internal/pkg/sdk3rd/ucloud/ussl/client.go b/pkg/sdk3rd/ucloud/ussl/client.go similarity index 100% rename from internal/pkg/sdk3rd/ucloud/ussl/client.go rename to pkg/sdk3rd/ucloud/ussl/client.go diff --git a/internal/pkg/sdk3rd/ucloud/ussl/models.go b/pkg/sdk3rd/ucloud/ussl/types.go similarity index 100% rename from internal/pkg/sdk3rd/ucloud/ussl/models.go rename to pkg/sdk3rd/ucloud/ussl/types.go diff --git a/pkg/sdk3rd/upyun/console/api_get_https_certificate_manager.go b/pkg/sdk3rd/upyun/console/api_get_https_certificate_manager.go new file mode 100644 index 00000000..c2268117 --- /dev/null +++ b/pkg/sdk3rd/upyun/console/api_get_https_certificate_manager.go @@ -0,0 +1,55 @@ +package console + +import ( + "context" + "fmt" + "net/http" +) + +type HttpsCertificateManagerDomain struct { + Name string `json:"name"` + Type string `json:"type"` + BucketId int64 `json:"bucket_id"` + BucketName string `json:"bucket_name"` +} + +type GetHttpsCertificateManagerResponse struct { + apiResponseBase + + Data *struct { + apiResponseBaseData + + AuthenticateNum int32 `json:"authenticate_num"` + AuthenticateDomains []string `json:"authenticate_domain"` + Domains []HttpsCertificateManagerDomain `json:"domains"` + } `json:"data,omitempty"` +} + +func (c *Client) GetHttpsCertificateManager(certificateId string) (*GetHttpsCertificateManagerResponse, error) { + return c.GetHttpsCertificateManagerWithContext(context.Background(), certificateId) +} + +func (c *Client) GetHttpsCertificateManagerWithContext(ctx context.Context, certificateId string) (*GetHttpsCertificateManagerResponse, error) { + if certificateId == "" { + return nil, fmt.Errorf("sdkerr: unset certificateId") + } + + if err := c.ensureCookieExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodGet, "/api/https/certificate/manager/") + if err != nil { + return nil, err + } else { + httpreq.SetQueryParam("certificate_id", certificateId) + httpreq.SetContext(ctx) + } + + result := &GetHttpsCertificateManagerResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/upyun/console/api_get_https_service_manager.go b/pkg/sdk3rd/upyun/console/api_get_https_service_manager.go new file mode 100644 index 00000000..debc4fe9 --- /dev/null +++ b/pkg/sdk3rd/upyun/console/api_get_https_service_manager.go @@ -0,0 +1,60 @@ +package console + +import ( + "context" + "fmt" + "net/http" +) + +type GetHttpsServiceManagerResponse struct { + apiResponseBase + Data *struct { + apiResponseBaseData + Status int32 `json:"status"` + Domains []HttpsServiceManagerDomain `json:"result"` + } `json:"data,omitempty"` +} + +type HttpsServiceManagerDomain struct { + CertificateId string `json:"certificate_id"` + CommonName string `json:"commonName"` + Https bool `json:"https"` + ForceHttps bool `json:"force_https"` + PaymentType string `json:"payment_type"` + DomainType string `json:"domain_type"` + Validity HttpsServiceManagerDomainValidity `json:"validity"` +} + +type HttpsServiceManagerDomainValidity struct { + Start int64 `json:"start"` + End int64 `json:"end"` +} + +func (c *Client) GetHttpsServiceManager(domain string) (*GetHttpsServiceManagerResponse, error) { + return c.GetHttpsServiceManagerWithContext(context.Background(), domain) +} + +func (c *Client) GetHttpsServiceManagerWithContext(ctx context.Context, domain string) (*GetHttpsServiceManagerResponse, error) { + if domain == "" { + return nil, fmt.Errorf("sdkerr: unset domain") + } + + if err := c.ensureCookieExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodGet, "/api/https/services/manager") + if err != nil { + return nil, err + } else { + httpreq.SetQueryParam("domain", domain) + httpreq.SetContext(ctx) + } + + result := &GetHttpsServiceManagerResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/upyun/console/api_migrate_https_domain.go b/pkg/sdk3rd/upyun/console/api_migrate_https_domain.go new file mode 100644 index 00000000..3d1f8985 --- /dev/null +++ b/pkg/sdk3rd/upyun/console/api_migrate_https_domain.go @@ -0,0 +1,46 @@ +package console + +import ( + "context" + "net/http" +) + +type MigrateHttpsDomainRequest struct { + CertificateId string `json:"crt_id"` + Domain string `json:"domain_name"` +} + +type MigrateHttpsDomainResponse struct { + apiResponseBase + + Data *struct { + apiResponseBaseData + + Status bool `json:"status"` + } `json:"data,omitempty"` +} + +func (c *Client) MigrateHttpsDomain(req *MigrateHttpsDomainRequest) (*MigrateHttpsDomainResponse, error) { + return c.MigrateHttpsDomainWithContext(context.Background(), req) +} + +func (c *Client) MigrateHttpsDomainWithContext(ctx context.Context, req *MigrateHttpsDomainRequest) (*MigrateHttpsDomainResponse, error) { + if err := c.ensureCookieExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodPost, "/api/https/migrate/domain") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &MigrateHttpsDomainResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/upyun/console/api_update_https_certificate_manager.go b/pkg/sdk3rd/upyun/console/api_update_https_certificate_manager.go new file mode 100644 index 00000000..f8c4a9ea --- /dev/null +++ b/pkg/sdk3rd/upyun/console/api_update_https_certificate_manager.go @@ -0,0 +1,48 @@ +package console + +import ( + "context" + "net/http" +) + +type UpdateHttpsCertificateManagerRequest struct { + CertificateId string `json:"certificate_id"` + Domain string `json:"domain"` + Https bool `json:"https"` + ForceHttps bool `json:"force_https"` +} + +type UpdateHttpsCertificateManagerResponse struct { + apiResponseBase + + Data *struct { + apiResponseBaseData + + Status bool `json:"status"` + } `json:"data,omitempty"` +} + +func (c *Client) UpdateHttpsCertificateManager(req *UpdateHttpsCertificateManagerRequest) (*UpdateHttpsCertificateManagerResponse, error) { + return c.UpdateHttpsCertificateManagerWithContext(context.Background(), req) +} + +func (c *Client) UpdateHttpsCertificateManagerWithContext(ctx context.Context, req *UpdateHttpsCertificateManagerRequest) (*UpdateHttpsCertificateManagerResponse, error) { + if err := c.ensureCookieExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodPost, "/api/https/certificate/manager") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateHttpsCertificateManagerResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/upyun/console/api_upload_https_certificate.go b/pkg/sdk3rd/upyun/console/api_upload_https_certificate.go new file mode 100644 index 00000000..eaf99b51 --- /dev/null +++ b/pkg/sdk3rd/upyun/console/api_upload_https_certificate.go @@ -0,0 +1,51 @@ +package console + +import ( + "context" + "net/http" +) + +type UploadHttpsCertificateRequest struct { + Certificate string `json:"certificate"` + PrivateKey string `json:"private_key"` +} + +type UploadHttpsCertificateResponse struct { + apiResponseBase + + Data *struct { + apiResponseBaseData + + Status int32 `json:"status"` + Result struct { + CertificateId string `json:"certificate_id"` + CommonName string `json:"commonName"` + Serial string `json:"serial"` + } `json:"result"` + } `json:"data,omitempty"` +} + +func (c *Client) UploadHttpsCertificate(req *UploadHttpsCertificateRequest) (*UploadHttpsCertificateResponse, error) { + return c.UploadHttpsCertificateWithContext(context.Background(), req) +} + +func (c *Client) UploadHttpsCertificateWithContext(ctx context.Context, req *UploadHttpsCertificateRequest) (*UploadHttpsCertificateResponse, error) { + if err := c.ensureCookieExists(); err != nil { + return nil, err + } + + httpreq, err := c.newRequest(http.MethodPost, "/api/https/certificate/") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UploadHttpsCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/upyun/console/client.go b/pkg/sdk3rd/upyun/console/client.go new file mode 100644 index 00000000..7af3e7ae --- /dev/null +++ b/pkg/sdk3rd/upyun/console/client.go @@ -0,0 +1,153 @@ +package console + +import ( + "encoding/json" + "errors" + "fmt" + "net/http" + "sync" + "time" + + "github.com/go-resty/resty/v2" +) + +type Client struct { + username string + password string + + loginCookie string + loginCookieMtx sync.Mutex + + client *resty.Client +} + +func NewClient(username, password string) (*Client, error) { + if username == "" { + return nil, fmt.Errorf("sdkerr: unset username") + } + if password == "" { + return nil, fmt.Errorf("sdkerr: unset password") + } + + client := &Client{ + username: username, + password: password, + } + client.client = resty.New(). + SetBaseURL("https://console.upyun.com"). + SetHeader("Accept", "application/json"). + SetHeader("Content-Type", "application/json"). + SetHeader("User-Agent", "certimate"). + SetPreRequestHook(func(c *resty.Client, req *http.Request) error { + if client.loginCookie != "" { + req.Header.Set("Cookie", client.loginCookie) + } + + return nil + }) + + return client, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + + req := c.client.R() + req.Method = method + req.URL = path + return req, nil +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. + + resp, err := req.Send() + if err != nil { + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) + } else if resp.IsError() { + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + } + + return resp, nil +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.doRequest(req) + if err != nil { + if resp != nil { + json.Unmarshal(resp.Body(), &res) + } + return resp, err + } + + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) + } else { + if tdata := res.GetData(); tdata == nil { + return resp, fmt.Errorf("sdkerr: empty data") + } else if terrcode := tdata.GetErrorCode(); terrcode != 0 { + return resp, fmt.Errorf("sdkerr: code='%d', message='%s'", terrcode, tdata.GetMessage()) + } + } + } + + return resp, nil +} + +func (c *Client) ensureCookieExists() error { + c.loginCookieMtx.Lock() + defer c.loginCookieMtx.Unlock() + if c.loginCookie != "" { + return nil + } + + httpreq, err := c.newRequest(http.MethodPost, "/accounts/signin/") + if err != nil { + return err + } else { + httpreq.SetBody(map[string]string{ + "username": c.username, + "password": c.password, + }) + } + + type signinResponse struct { + apiResponseBase + Data *struct { + apiResponseBaseData + Result bool `json:"result"` + } `json:"data,omitempty"` + } + + result := &signinResponse{} + httpresp, err := c.doRequestWithResult(httpreq, result) + if err != nil { + return err + } else if !result.Data.Result { + return errors.New("sdkerr: failed to signin upyun console") + } else { + c.loginCookie = httpresp.Header().Get("Set-Cookie") + } + + return nil +} diff --git a/pkg/sdk3rd/upyun/console/types.go b/pkg/sdk3rd/upyun/console/types.go new file mode 100644 index 00000000..70d3c1c3 --- /dev/null +++ b/pkg/sdk3rd/upyun/console/types.go @@ -0,0 +1,41 @@ +package console + +import ( + "encoding/json" +) + +type apiResponse interface { + GetData() *apiResponseBaseData +} + +type apiResponseBase struct { + Data *apiResponseBaseData `json:"data,omitempty"` +} + +func (r *apiResponseBase) GetData() *apiResponseBaseData { + return r.Data +} + +var _ apiResponse = (*apiResponseBase)(nil) + +type apiResponseBaseData struct { + ErrorCode json.Number `json:"error_code,omitempty"` + Message string `json:"message,omitempty"` +} + +func (r *apiResponseBaseData) GetErrorCode() int32 { + if r.ErrorCode.String() == "" { + return 0 + } + + errcode, err := r.ErrorCode.Int64() + if err != nil { + return -1 + } + + return int32(errcode) +} + +func (r *apiResponseBaseData) GetMessage() string { + return r.Message +} diff --git a/internal/pkg/sdk3rd/volcengine/certcenter/api_import_certificate.go b/pkg/sdk3rd/volcengine/certcenter/api_import_certificate.go similarity index 100% rename from internal/pkg/sdk3rd/volcengine/certcenter/api_import_certificate.go rename to pkg/sdk3rd/volcengine/certcenter/api_import_certificate.go diff --git a/internal/pkg/sdk3rd/volcengine/certcenter/interface.go b/pkg/sdk3rd/volcengine/certcenter/interface.go similarity index 100% rename from internal/pkg/sdk3rd/volcengine/certcenter/interface.go rename to pkg/sdk3rd/volcengine/certcenter/interface.go diff --git a/internal/pkg/sdk3rd/volcengine/certcenter/service.go b/pkg/sdk3rd/volcengine/certcenter/service.go similarity index 100% rename from internal/pkg/sdk3rd/volcengine/certcenter/service.go rename to pkg/sdk3rd/volcengine/certcenter/service.go diff --git a/pkg/sdk3rd/wangsu/cdn/api_batch_update_certificate_config.go b/pkg/sdk3rd/wangsu/cdn/api_batch_update_certificate_config.go new file mode 100644 index 00000000..90598b0d --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdn/api_batch_update_certificate_config.go @@ -0,0 +1,36 @@ +package cdn + +import ( + "context" + "net/http" +) + +type BatchUpdateCertificateConfigRequest struct { + CertificateId int64 `json:"certificateId"` + DomainNames []string `json:"domainNames"` +} + +type BatchUpdateCertificateConfigResponse struct { + apiResponseBase +} + +func (c *Client) BatchUpdateCertificateConfig(req *BatchUpdateCertificateConfigRequest) (*BatchUpdateCertificateConfigResponse, error) { + return c.BatchUpdateCertificateConfigWithContext(context.Background(), req) +} + +func (c *Client) BatchUpdateCertificateConfigWithContext(ctx context.Context, req *BatchUpdateCertificateConfigRequest) (*BatchUpdateCertificateConfigResponse, error) { + httpreq, err := c.newRequest(http.MethodPut, "/api/config/certificate/batch") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &BatchUpdateCertificateConfigResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/cdn/client.go b/pkg/sdk3rd/wangsu/cdn/client.go new file mode 100644 index 00000000..e2885587 --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdn/client.go @@ -0,0 +1,47 @@ +package cdn + +import ( + "fmt" + "time" + + "github.com/go-resty/resty/v2" + + "github.com/certimate-go/certimate/pkg/sdk3rd/wangsu/openapi" +) + +type Client struct { + client *openapi.Client +} + +func NewClient(accessKey, secretKey string) (*Client, error) { + client, err := openapi.NewClient(accessKey, secretKey) + if err != nil { + return nil, err + } + + return &Client{client: client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + return c.client.NewRequest(method, path) +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + resp, err := c.client.DoRequestWithResult(req, res) + if err == nil { + if tcode := res.GetCode(); tcode != "" && tcode != "0" { + return resp, fmt.Errorf("sdkerr: api error, code='%s', message='%s'", tcode, res.GetMessage()) + } + } + + return resp, err +} diff --git a/pkg/sdk3rd/wangsu/cdn/types.go b/pkg/sdk3rd/wangsu/cdn/types.go new file mode 100644 index 00000000..a436ba49 --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdn/types.go @@ -0,0 +1,29 @@ +package cdn + +type apiResponse interface { + GetCode() string + GetMessage() string +} + +type apiResponseBase struct { + Code *string `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +var _ apiResponse = (*apiResponseBase)(nil) + +func (r *apiResponseBase) GetCode() string { + if r.Code == nil { + return "" + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} diff --git a/pkg/sdk3rd/wangsu/cdnpro/api_create_certificate.go b/pkg/sdk3rd/wangsu/cdnpro/api_create_certificate.go new file mode 100644 index 00000000..ef473dab --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdnpro/api_create_certificate.go @@ -0,0 +1,46 @@ +package cdnpro + +import ( + "context" + "fmt" + "net/http" +) + +type CreateCertificateRequest struct { + Timestamp int64 `json:"-"` + Name *string `json:"name,omitempty"` + Description *string `json:"description,omitempty"` + AutoRenew *string `json:"autoRenew,omitempty"` + ForceRenew *bool `json:"forceRenew,omitempty"` + NewVersion *CertificateVersionInfo `json:"newVersion,omitempty"` +} + +type CreateCertificateResponse struct { + apiResponseBase + + CertificateLocation string `json:"location,omitempty"` +} + +func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { + return c.CreateCertificateWithContext(context.Background(), req) +} + +func (c *Client) CreateCertificateWithContext(ctx context.Context, req *CreateCertificateRequest) (*CreateCertificateResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/cdn/certificates") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetHeader("X-CNC-Timestamp", fmt.Sprintf("%d", req.Timestamp)) + httpreq.SetContext(ctx) + } + + result := &CreateCertificateResponse{} + if httpresp, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } else { + result.CertificateLocation = httpresp.Header().Get("Location") + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/cdnpro/api_create_deployment_task.go b/pkg/sdk3rd/wangsu/cdnpro/api_create_deployment_task.go new file mode 100644 index 00000000..0ba2fa68 --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdnpro/api_create_deployment_task.go @@ -0,0 +1,42 @@ +package cdnpro + +import ( + "context" + "net/http" +) + +type CreateDeploymentTaskRequest struct { + Name *string `json:"name,omitempty"` + Target *string `json:"target,omitempty"` + Actions *[]DeploymentTaskActionInfo `json:"actions,omitempty"` + Webhook *string `json:"webhook,omitempty"` +} + +type CreateDeploymentTaskResponse struct { + apiResponseBase + + DeploymentTaskLocation string `json:"location,omitempty"` +} + +func (c *Client) CreateDeploymentTask(req *CreateDeploymentTaskRequest) (*CreateDeploymentTaskResponse, error) { + return c.CreateDeploymentTaskWithContext(context.Background(), req) +} + +func (c *Client) CreateDeploymentTaskWithContext(ctx context.Context, req *CreateDeploymentTaskRequest) (*CreateDeploymentTaskResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/cdn/deploymentTasks") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &CreateDeploymentTaskResponse{} + if httpresp, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } else { + result.DeploymentTaskLocation = httpresp.Header().Get("Location") + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/cdnpro/api_get_deployment_task_detail.go b/pkg/sdk3rd/wangsu/cdnpro/api_get_deployment_task_detail.go new file mode 100644 index 00000000..9200fe97 --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdnpro/api_get_deployment_task_detail.go @@ -0,0 +1,45 @@ +package cdnpro + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type GetDeploymentTaskDetailResponse struct { + apiResponseBase + + Name string `json:"name"` + Target string `json:"target"` + Actions []DeploymentTaskActionInfo `json:"actions"` + Status string `json:"status"` + StatusDetails string `json:"statusDetails"` + SubmissionTime string `json:"submissionTime"` + FinishTime string `json:"finishTime"` + ApiRequestId string `json:"apiRequestId"` +} + +func (c *Client) GetDeploymentTaskDetail(deploymentTaskId string) (*GetDeploymentTaskDetailResponse, error) { + return c.GetDeploymentTaskDetailWithContext(context.Background(), deploymentTaskId) +} + +func (c *Client) GetDeploymentTaskDetailWithContext(ctx context.Context, deploymentTaskId string) (*GetDeploymentTaskDetailResponse, error) { + if deploymentTaskId == "" { + return nil, fmt.Errorf("sdkerr: unset deploymentTaskId") + } + + httpreq, err := c.newRequest(http.MethodGet, fmt.Sprintf("/cdn/deploymentTasks/%s", url.PathEscape(deploymentTaskId))) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &GetDeploymentTaskDetailResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/cdnpro/api_get_hostname_detail.go b/pkg/sdk3rd/wangsu/cdnpro/api_get_hostname_detail.go new file mode 100644 index 00000000..85796c8c --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdnpro/api_get_hostname_detail.go @@ -0,0 +1,40 @@ +package cdnpro + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type GetHostnameDetailResponse struct { + apiResponseBase + + Hostname string `json:"hostname"` + PropertyInProduction *HostnamePropertyInfo `json:"propertyInProduction,omitempty"` + PropertyInStaging *HostnamePropertyInfo `json:"propertyInStaging,omitempty"` +} + +func (c *Client) GetHostnameDetail(hostname string) (*GetHostnameDetailResponse, error) { + return c.GetHostnameDetailWithContext(context.Background(), hostname) +} + +func (c *Client) GetHostnameDetailWithContext(ctx context.Context, hostname string) (*GetHostnameDetailResponse, error) { + if hostname == "" { + return nil, fmt.Errorf("sdkerr: unset hostname") + } + + httpreq, err := c.newRequest(http.MethodGet, fmt.Sprintf("/cdn/hostnames/%s", url.PathEscape(hostname))) + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &GetHostnameDetailResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/cdnpro/api_update_certificate.go b/pkg/sdk3rd/wangsu/cdnpro/api_update_certificate.go new file mode 100644 index 00000000..59859bbf --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdnpro/api_update_certificate.go @@ -0,0 +1,51 @@ +package cdnpro + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type UpdateCertificateRequest struct { + Timestamp int64 `json:"-"` + Name *string `json:"name,omitempty"` + Description *string `json:"description,omitempty"` + AutoRenew *string `json:"autoRenew,omitempty"` + ForceRenew *bool `json:"forceRenew,omitempty"` + NewVersion *CertificateVersionInfo `json:"newVersion,omitempty"` +} + +type UpdateCertificateResponse struct { + apiResponseBase + + CertificateLocation string `json:"location,omitempty"` +} + +func (c *Client) UpdateCertificate(certificateId string, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + return c.UpdateCertificateWithContext(context.Background(), certificateId, req) +} + +func (c *Client) UpdateCertificateWithContext(ctx context.Context, certificateId string, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + if certificateId == "" { + return nil, fmt.Errorf("sdkerr: unset certificateId") + } + + httpreq, err := c.newRequest(http.MethodPatch, fmt.Sprintf("/cdn/certificates/%s", url.PathEscape(certificateId))) + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetHeader("X-CNC-Timestamp", fmt.Sprintf("%d", req.Timestamp)) + httpreq.SetContext(ctx) + } + + result := &UpdateCertificateResponse{} + if httpresp, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } else { + result.CertificateLocation = httpresp.Header().Get("Location") + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/cdnpro/client.go b/pkg/sdk3rd/wangsu/cdnpro/client.go new file mode 100644 index 00000000..456a3d24 --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdnpro/client.go @@ -0,0 +1,39 @@ +package cdnpro + +import ( + "time" + + "github.com/go-resty/resty/v2" + + "github.com/certimate-go/certimate/pkg/sdk3rd/wangsu/openapi" +) + +type Client struct { + client *openapi.Client +} + +func NewClient(accessKey, secretKey string) (*Client, error) { + client, err := openapi.NewClient(accessKey, secretKey) + if err != nil { + return nil, err + } + + return &Client{client: client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + return c.client.NewRequest(method, path) +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + return c.client.DoRequestWithResult(req, res) +} diff --git a/pkg/sdk3rd/wangsu/cdnpro/types.go b/pkg/sdk3rd/wangsu/cdnpro/types.go new file mode 100644 index 00000000..d82d3b09 --- /dev/null +++ b/pkg/sdk3rd/wangsu/cdnpro/types.go @@ -0,0 +1,61 @@ +package cdnpro + +type apiResponse interface { + GetCode() string + GetMessage() string +} + +type apiResponseBase struct { + Code *string `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +var _ apiResponse = (*apiResponseBase)(nil) + +func (r *apiResponseBase) GetCode() string { + if r.Code == nil { + return "" + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +type CertificateVersionInfo struct { + Comments *string `json:"comments,omitempty"` + PrivateKey *string `json:"privateKey,omitempty"` + Certificate *string `json:"certificate,omitempty"` + ChainCert *string `json:"chainCert,omitempty"` + IdentificationInfo *CertificateVersionIdentificationInfo `json:"identificationInfo,omitempty"` +} + +type CertificateVersionIdentificationInfo struct { + Country *string `json:"country,omitempty"` + State *string `json:"state,omitempty"` + City *string `json:"city,omitempty"` + Company *string `json:"company,omitempty"` + Department *string `json:"department,omitempty"` + CommonName *string `json:"commonName,omitempty"` + Email *string `json:"email,omitempty"` + SubjectAlternativeNames *[]string `json:"subjectAlternativeNames,omitempty"` +} + +type HostnamePropertyInfo struct { + PropertyId string `json:"propertyId"` + Version int32 `json:"version"` + CertificateId *string `json:"certificateId,omitempty"` +} + +type DeploymentTaskActionInfo struct { + Action *string `json:"action,omitempty"` + PropertyId *string `json:"propertyId,omitempty"` + CertificateId *string `json:"certificateId,omitempty"` + Version *int32 `json:"version,omitempty"` +} diff --git a/pkg/sdk3rd/wangsu/certificate/api_create_certificate.go b/pkg/sdk3rd/wangsu/certificate/api_create_certificate.go new file mode 100644 index 00000000..30ebb99d --- /dev/null +++ b/pkg/sdk3rd/wangsu/certificate/api_create_certificate.go @@ -0,0 +1,42 @@ +package certificate + +import ( + "context" + "net/http" +) + +type CreateCertificateRequest struct { + Name *string `json:"name,omitempty"` + Certificate *string `json:"certificate,omitempty"` + PrivateKey *string `json:"privateKey,omitempty"` + Comment *string `json:"comment,omitempty" ` +} + +type CreateCertificateResponse struct { + apiResponseBase + + CertificateLocation string `json:"location,omitempty"` +} + +func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) { + return c.CreateCertificateWithContext(context.Background(), req) +} + +func (c *Client) CreateCertificateWithContext(ctx context.Context, req *CreateCertificateRequest) (*CreateCertificateResponse, error) { + httpreq, err := c.newRequest(http.MethodPost, "/api/certificate") + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &CreateCertificateResponse{} + if httpresp, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } else { + result.CertificateLocation = httpresp.Header().Get("Location") + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/certificate/api_list_certificates.go b/pkg/sdk3rd/wangsu/certificate/api_list_certificates.go new file mode 100644 index 00000000..e62c1276 --- /dev/null +++ b/pkg/sdk3rd/wangsu/certificate/api_list_certificates.go @@ -0,0 +1,32 @@ +package certificate + +import ( + "context" + "net/http" +) + +type ListCertificatesResponse struct { + apiResponseBase + + Certificates []*CertificateRecord `json:"ssl-certificates,omitempty"` +} + +func (c *Client) ListCertificates() (*ListCertificatesResponse, error) { + return c.ListCertificatesWithContext(context.Background()) +} + +func (c *Client) ListCertificatesWithContext(ctx context.Context) (*ListCertificatesResponse, error) { + httpreq, err := c.newRequest(http.MethodGet, "/api/ssl/certificate") + if err != nil { + return nil, err + } else { + httpreq.SetContext(ctx) + } + + result := &ListCertificatesResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/certificate/api_update_certificate.go b/pkg/sdk3rd/wangsu/certificate/api_update_certificate.go new file mode 100644 index 00000000..2158b4f6 --- /dev/null +++ b/pkg/sdk3rd/wangsu/certificate/api_update_certificate.go @@ -0,0 +1,44 @@ +package certificate + +import ( + "context" + "fmt" + "net/http" + "net/url" +) + +type UpdateCertificateRequest struct { + Name *string `json:"name,omitempty"` + Certificate *string `json:"certificate,omitempty"` + PrivateKey *string `json:"privateKey,omitempty"` + Comment *string `json:"comment,omitempty" ` +} + +type UpdateCertificateResponse struct { + apiResponseBase +} + +func (c *Client) UpdateCertificate(certificateId string, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + return c.UpdateCertificateWithContext(context.Background(), certificateId, req) +} + +func (c *Client) UpdateCertificateWithContext(ctx context.Context, certificateId string, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) { + if certificateId == "" { + return nil, fmt.Errorf("sdkerr: unset certificateId") + } + + httpreq, err := c.newRequest(http.MethodPut, fmt.Sprintf("/api/certificate/%s", url.PathEscape(certificateId))) + if err != nil { + return nil, err + } else { + httpreq.SetBody(req) + httpreq.SetContext(ctx) + } + + result := &UpdateCertificateResponse{} + if _, err := c.doRequestWithResult(httpreq, result); err != nil { + return result, err + } + + return result, nil +} diff --git a/pkg/sdk3rd/wangsu/certificate/client.go b/pkg/sdk3rd/wangsu/certificate/client.go new file mode 100644 index 00000000..c59fdb1b --- /dev/null +++ b/pkg/sdk3rd/wangsu/certificate/client.go @@ -0,0 +1,39 @@ +package certificate + +import ( + "time" + + "github.com/go-resty/resty/v2" + + "github.com/certimate-go/certimate/pkg/sdk3rd/wangsu/openapi" +) + +type Client struct { + client *openapi.Client +} + +func NewClient(accessKey, secretKey string) (*Client, error) { + client, err := openapi.NewClient(accessKey, secretKey) + if err != nil { + return nil, err + } + + return &Client{client: client}, nil +} + +func (c *Client) SetTimeout(timeout time.Duration) *Client { + c.client.SetTimeout(timeout) + return c +} + +func (c *Client) newRequest(method string, path string) (*resty.Request, error) { + return c.client.NewRequest(method, path) +} + +func (c *Client) doRequest(req *resty.Request) (*resty.Response, error) { + return c.client.DoRequest(req) +} + +func (c *Client) doRequestWithResult(req *resty.Request, res apiResponse) (*resty.Response, error) { + return c.client.DoRequestWithResult(req, res) +} diff --git a/pkg/sdk3rd/wangsu/certificate/types.go b/pkg/sdk3rd/wangsu/certificate/types.go new file mode 100644 index 00000000..02ba6579 --- /dev/null +++ b/pkg/sdk3rd/wangsu/certificate/types.go @@ -0,0 +1,38 @@ +package certificate + +type apiResponse interface { + GetCode() string + GetMessage() string +} + +type apiResponseBase struct { + Code *string `json:"code,omitempty"` + Message *string `json:"message,omitempty"` +} + +var _ apiResponse = (*apiResponseBase)(nil) + +func (r *apiResponseBase) GetCode() string { + if r.Code == nil { + return "" + } + + return *r.Code +} + +func (r *apiResponseBase) GetMessage() string { + if r.Message == nil { + return "" + } + + return *r.Message +} + +type CertificateRecord struct { + CertificateId string `json:"certificate-id"` + Name string `json:"name"` + Comment string `json:"comment"` + ValidityFrom string `json:"certificate-validity-from"` + ValidityTo string `json:"certificate-validity-to"` + Serial string `json:"certificate-serial"` +} diff --git a/internal/pkg/sdk3rd/wangsu/openapi/client.go b/pkg/sdk3rd/wangsu/openapi/client.go similarity index 69% rename from internal/pkg/sdk3rd/wangsu/openapi/client.go rename to pkg/sdk3rd/wangsu/openapi/client.go index 09723032..4d6c50d6 100644 --- a/internal/pkg/sdk3rd/wangsu/openapi/client.go +++ b/pkg/sdk3rd/wangsu/openapi/client.go @@ -23,11 +23,14 @@ type Client struct { client *resty.Client } -type Result interface { - SetRequestId(requestId string) -} +func NewClient(accessKey, secretKey string) (*Client, error) { + if accessKey == "" { + return nil, fmt.Errorf("sdkerr: unset accessKey") + } + if secretKey == "" { + return nil, fmt.Errorf("sdkerr: unset secretKey") + } -func NewClient(accessKey, secretKey string) *Client { client := resty.New(). SetBaseURL("https://open.chinanetcenter.com"). SetHeader("Accept", "application/json"). @@ -125,67 +128,64 @@ func NewClient(accessKey, secretKey string) *Client { accessKey: accessKey, secretKey: secretKey, client: client, - } + }, nil } -func (c *Client) WithTimeout(timeout time.Duration) *Client { +func (c *Client) SetTimeout(timeout time.Duration) *Client { c.client.SetTimeout(timeout) return c } -func (c *Client) sendRequest(method string, path string, params interface{}, configureReq ...func(req *resty.Request)) (*resty.Response, error) { +func (c *Client) NewRequest(method string, path string) (*resty.Request, error) { + if method == "" { + return nil, fmt.Errorf("sdkerr: unset method") + } + if path == "" { + return nil, fmt.Errorf("sdkerr: unset path") + } + req := c.client.R() - if strings.EqualFold(method, http.MethodGet) { - qs := make(map[string]string) - if params != nil { - temp := make(map[string]any) - jsonb, _ := json.Marshal(params) - json.Unmarshal(jsonb, &temp) - for k, v := range temp { - if v != nil { - qs[k] = fmt.Sprintf("%v", v) - } - } - } + req.Method = method + req.URL = path + return req, nil +} - req = req.SetQueryParams(qs) - } else { - req = req.SetHeader("Content-Type", "application/json").SetBody(params) +func (c *Client) DoRequest(req *resty.Request) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") } - if configureReq != nil { - for _, fn := range configureReq { - fn(req) - } - } + // WARN: + // PLEASE DO NOT USE `req.SetResult` or `req.SetError` HERE! USE `doRequestWithResult` INSTEAD. - resp, err := req.Execute(method, path) + resp, err := req.Send() if err != nil { - return resp, fmt.Errorf("wangsu api error: failed to send request: %w", err) + return resp, fmt.Errorf("sdkerr: failed to send request: %w", err) } else if resp.IsError() { - return resp, fmt.Errorf("wangsu api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) + return resp, fmt.Errorf("sdkerr: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.String()) } return resp, nil } -func (c *Client) SendRequestWithResult(method string, path string, params interface{}, result Result, configureReq ...func(req *resty.Request)) (*resty.Response, error) { - resp, err := c.sendRequest(method, path, params, configureReq...) +func (c *Client) DoRequestWithResult(req *resty.Request, res any) (*resty.Response, error) { + if req == nil { + return nil, fmt.Errorf("sdkerr: nil request") + } + + resp, err := c.DoRequest(req) if err != nil { if resp != nil { - json.Unmarshal(resp.Body(), &result) - result.SetRequestId(resp.Header().Get("X-CNC-Request-Id")) + json.Unmarshal(resp.Body(), &res) } return resp, err } - respBody := resp.Body() - if len(respBody) != 0 { - if err := json.Unmarshal(respBody, &result); err != nil { - return resp, fmt.Errorf("wangsu api error: failed to unmarshal response: %w", err) + if len(resp.Body()) != 0 { + if err := json.Unmarshal(resp.Body(), &res); err != nil { + return resp, fmt.Errorf("sdkerr: failed to unmarshal response: %w", err) } } - result.SetRequestId(resp.Header().Get("X-CNC-Request-Id")) return resp, nil } diff --git a/internal/pkg/utils/cert/common.go b/pkg/utils/cert/common.go similarity index 97% rename from internal/pkg/utils/cert/common.go rename to pkg/utils/cert/common.go index 08a7cea2..56703125 100644 --- a/internal/pkg/utils/cert/common.go +++ b/pkg/utils/cert/common.go @@ -1,4 +1,4 @@ -package certutil +package cert import ( "crypto/x509" diff --git a/internal/pkg/utils/cert/converter.go b/pkg/utils/cert/converter.go similarity index 98% rename from internal/pkg/utils/cert/converter.go rename to pkg/utils/cert/converter.go index 0d7e4c53..f6fddcde 100644 --- a/internal/pkg/utils/cert/converter.go +++ b/pkg/utils/cert/converter.go @@ -1,4 +1,4 @@ -package certutil +package cert import ( "crypto/ecdsa" diff --git a/internal/pkg/utils/cert/extractor.go b/pkg/utils/cert/extractor.go similarity index 98% rename from internal/pkg/utils/cert/extractor.go rename to pkg/utils/cert/extractor.go index a4077d37..1e116b1f 100644 --- a/internal/pkg/utils/cert/extractor.go +++ b/pkg/utils/cert/extractor.go @@ -1,4 +1,4 @@ -package certutil +package cert import ( "encoding/pem" diff --git a/internal/pkg/utils/cert/parser.go b/pkg/utils/cert/parser.go similarity index 99% rename from internal/pkg/utils/cert/parser.go rename to pkg/utils/cert/parser.go index 3ecb8639..698bf7e9 100644 --- a/internal/pkg/utils/cert/parser.go +++ b/pkg/utils/cert/parser.go @@ -1,4 +1,4 @@ -package certutil +package cert import ( "crypto" diff --git a/internal/pkg/utils/cert/transformer.go b/pkg/utils/cert/transformer.go similarity index 99% rename from internal/pkg/utils/cert/transformer.go rename to pkg/utils/cert/transformer.go index 74690013..bf467efa 100644 --- a/internal/pkg/utils/cert/transformer.go +++ b/pkg/utils/cert/transformer.go @@ -1,4 +1,4 @@ -package certutil +package cert import ( "bytes" diff --git a/internal/pkg/utils/file/io.go b/pkg/utils/file/io.go similarity index 98% rename from internal/pkg/utils/file/io.go rename to pkg/utils/file/io.go index 58b5b970..4dc0d0a4 100644 --- a/internal/pkg/utils/file/io.go +++ b/pkg/utils/file/io.go @@ -1,4 +1,4 @@ -package fileutil +package file import ( "fmt" diff --git a/internal/pkg/utils/http/parser.go b/pkg/utils/http/parser.go similarity index 96% rename from internal/pkg/utils/http/parser.go rename to pkg/utils/http/parser.go index 872fb6b5..a3eec9ef 100644 --- a/internal/pkg/utils/http/parser.go +++ b/pkg/utils/http/parser.go @@ -1,4 +1,4 @@ -package httputil +package http import ( "bufio" diff --git a/internal/pkg/utils/http/transport.go b/pkg/utils/http/transport.go similarity index 97% rename from internal/pkg/utils/http/transport.go rename to pkg/utils/http/transport.go index ff8c8804..3274cbdf 100644 --- a/internal/pkg/utils/http/transport.go +++ b/pkg/utils/http/transport.go @@ -1,4 +1,4 @@ -package httputil +package http import ( "net" diff --git a/internal/pkg/utils/map/getter.go b/pkg/utils/maps/get.go similarity index 97% rename from internal/pkg/utils/map/getter.go rename to pkg/utils/maps/get.go index 512da3ee..eea75cbb 100644 --- a/internal/pkg/utils/map/getter.go +++ b/pkg/utils/maps/get.go @@ -1,4 +1,4 @@ -package maputil +package maps import ( "strconv" @@ -103,7 +103,7 @@ func GetOrDefaultInt32(dict map[string]any, key string, defaultValue int32) int3 } if result != 0 { - return int32(result) + return result } } @@ -166,13 +166,13 @@ func GetOrDefaultInt64(dict map[string]any, key string, defaultValue int64) int6 result = int64(v) case string: // 兼容字符串类型的值 - if t, err := strconv.ParseInt(v, 10, 32); err == nil { + if t, err := strconv.ParseInt(v, 10, 64); err == nil { result = t } } if result != 0 { - return int64(result) + return result } } diff --git a/internal/pkg/utils/map/marshal.go b/pkg/utils/maps/marshal.go similarity index 97% rename from internal/pkg/utils/map/marshal.go rename to pkg/utils/maps/marshal.go index 236b32e2..1c1dfe16 100644 --- a/internal/pkg/utils/map/marshal.go +++ b/pkg/utils/maps/marshal.go @@ -1,4 +1,4 @@ -package maputil +package maps import ( mapstructure "github.com/go-viper/mapstructure/v2" diff --git a/internal/pkg/utils/slice/slice.go b/pkg/utils/slices/iter.go similarity index 99% rename from internal/pkg/utils/slice/slice.go rename to pkg/utils/slices/iter.go index f1c7fc0f..04a97a9d 100644 --- a/internal/pkg/utils/slice/slice.go +++ b/pkg/utils/slices/iter.go @@ -1,4 +1,4 @@ -package sliceutil +package slices // 创建给定切片一部分的浅拷贝,其包含通过所提供函数实现的测试的所有元素。 // diff --git a/internal/pkg/utils/type/assert.go b/pkg/utils/types/assert.go similarity index 93% rename from internal/pkg/utils/type/assert.go rename to pkg/utils/types/assert.go index 509a77cc..b6701430 100644 --- a/internal/pkg/utils/type/assert.go +++ b/pkg/utils/types/assert.go @@ -1,6 +1,8 @@ -package typeutil +package types -import "reflect" +import ( + "reflect" +) // 判断对象是否为 nil。 // 与直接使用 `obj == nil` 不同,该函数会正确判断接口类型对象的真实值是否为空。 diff --git a/internal/pkg/utils/type/cast.go b/pkg/utils/types/cast.go similarity index 95% rename from internal/pkg/utils/type/cast.go rename to pkg/utils/types/cast.go index 77eb9dad..4420b90f 100644 --- a/internal/pkg/utils/type/cast.go +++ b/pkg/utils/types/cast.go @@ -1,6 +1,8 @@ -package typeutil +package types -import "reflect" +import ( + "reflect" +) // 将对象转换为指针。 // diff --git a/ui/dist/.gitkeep b/ui/dist/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/ui/public/imgs/providers/apisix.svg b/ui/public/imgs/providers/apisix.svg new file mode 100644 index 00000000..55b6e4f2 --- /dev/null +++ b/ui/public/imgs/providers/apisix.svg @@ -0,0 +1 @@ + diff --git a/ui/public/imgs/providers/ctcccloud.svg b/ui/public/imgs/providers/ctcccloud.svg new file mode 100644 index 00000000..b5ea5d76 --- /dev/null +++ b/ui/public/imgs/providers/ctcccloud.svg @@ -0,0 +1 @@ + diff --git a/ui/public/robots.txt b/ui/public/robots.txt new file mode 100644 index 00000000..7211b8ac --- /dev/null +++ b/ui/public/robots.txt @@ -0,0 +1,2 @@ +User-Agent: * +Disallow: / diff --git a/ui/src/components/Version.tsx b/ui/src/components/Version.tsx index e9245b1c..d63e4969 100644 --- a/ui/src/components/Version.tsx +++ b/ui/src/components/Version.tsx @@ -28,7 +28,7 @@ const Version = ({ className, style }: VersionProps) => { - + {version} diff --git a/ui/src/components/access/AccessForm.tsx b/ui/src/components/access/AccessForm.tsx index 4bb1d439..2d8bee1b 100644 --- a/ui/src/components/access/AccessForm.tsx +++ b/ui/src/components/access/AccessForm.tsx @@ -15,6 +15,7 @@ import AccessForm1PanelConfig from "./AccessForm1PanelConfig"; import AccessFormACMECAConfig from "./AccessFormACMECAConfig"; import AccessFormACMEHttpReqConfig from "./AccessFormACMEHttpReqConfig"; import AccessFormAliyunConfig from "./AccessFormAliyunConfig"; +import AccessFormAPISIXConfig from "./AccessFormAPISIXConfig"; import AccessFormAWSConfig from "./AccessFormAWSConfig"; import AccessFormAzureConfig from "./AccessFormAzureConfig"; import AccessFormBaiduCloudConfig from "./AccessFormBaiduCloudConfig"; @@ -29,6 +30,7 @@ import AccessFormCloudflareConfig from "./AccessFormCloudflareConfig"; import AccessFormClouDNSConfig from "./AccessFormClouDNSConfig"; import AccessFormCMCCCloudConfig from "./AccessFormCMCCCloudConfig"; import AccessFormConstellixConfig from "./AccessFormConstellixConfig"; +import AccessFormCTCCCloudConfig from "./AccessFormCTCCCloudConfig"; import AccessFormDeSECConfig from "./AccessFormDeSECConfig"; import AccessFormDigitalOceanConfig from "./AccessFormDigitalOceanConfig"; import AccessFormDingTalkBotConfig from "./AccessFormDingTalkBotConfig"; @@ -107,7 +109,6 @@ const AccessForm = forwardRef(({ className, const formSchema = z.object({ name: z .string({ message: t("access.form.name.placeholder") }) - .trim() .min(1, t("access.form.name.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), provider: z.nativeEnum(ACCESS_PROVIDERS, { @@ -194,6 +195,8 @@ const AccessForm = forwardRef(({ className, return ; case ACCESS_PROVIDERS.ALIYUN: return ; + case ACCESS_PROVIDERS.APISIX: + return ; case ACCESS_PROVIDERS.AWS: return ; case ACCESS_PROVIDERS.AZURE: @@ -222,6 +225,8 @@ const AccessForm = forwardRef(({ className, return ; case ACCESS_PROVIDERS.CONSTELLIX: return ; + case ACCESS_PROVIDERS.CTCCCLOUD: + return ; case ACCESS_PROVIDERS.DESEC: return ; case ACCESS_PROVIDERS.DIGITALOCEAN: diff --git a/ui/src/components/access/AccessForm1PanelConfig.tsx b/ui/src/components/access/AccessForm1PanelConfig.tsx index 56792a02..3af64e98 100644 --- a/ui/src/components/access/AccessForm1PanelConfig.tsx +++ b/ui/src/components/access/AccessForm1PanelConfig.tsx @@ -32,8 +32,7 @@ const AccessForm1PanelConfig = ({ form: formInst, formName, disabled, initialVal apiKey: z .string() .min(1, t("access.form.1panel_api_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormACMECAConfig.tsx b/ui/src/components/access/AccessFormACMECAConfig.tsx index d3075f22..fbba1c73 100644 --- a/ui/src/components/access/AccessFormACMECAConfig.tsx +++ b/ui/src/components/access/AccessFormACMECAConfig.tsx @@ -26,8 +26,8 @@ const AccessFormACMECAConfig = ({ form: formInst, formName, disabled, initialVal const formSchema = z.object({ endpoint: z.string().url(t("common.errmsg.url_invalid")), - eabKid: z.string().trim().nullish(), - eabHmacKey: z.string().trim().nullish(), + eabKid: z.string().nullish(), + eabHmacKey: z.string().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormACMEHttpReqConfig.tsx b/ui/src/components/access/AccessFormACMEHttpReqConfig.tsx index 57cbc22d..6cdd8e3c 100644 --- a/ui/src/components/access/AccessFormACMEHttpReqConfig.tsx +++ b/ui/src/components/access/AccessFormACMEHttpReqConfig.tsx @@ -31,12 +31,10 @@ const AccessFormACMEHttpReqConfig = ({ form: formInst, formName, disabled, initi username: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), password: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormAPISIXConfig.tsx b/ui/src/components/access/AccessFormAPISIXConfig.tsx new file mode 100644 index 00000000..71de8521 --- /dev/null +++ b/ui/src/components/access/AccessFormAPISIXConfig.tsx @@ -0,0 +1,71 @@ +import { useTranslation } from "react-i18next"; +import { Form, type FormInstance, Input, Switch } from "antd"; +import { createSchemaFieldRule } from "antd-zod"; +import { z } from "zod"; + +import { type AccessConfigForAPISIX } from "@/domain/access"; + +type AccessFormAPISIXConfigFieldValues = Nullish; + +export type AccessFormAPISIXConfigProps = { + form: FormInstance; + formName: string; + disabled?: boolean; + initialValues?: AccessFormAPISIXConfigFieldValues; + onValuesChange?: (values: AccessFormAPISIXConfigFieldValues) => void; +}; + +const initFormModel = (): AccessFormAPISIXConfigFieldValues => { + return { + serverUrl: "http://:9180/", + apiKey: "", + }; +}; + +const AccessFormAPISIXConfig = ({ form: formInst, formName, disabled, initialValues, onValuesChange }: AccessFormAPISIXConfigProps) => { + const { t } = useTranslation(); + + const formSchema = z.object({ + serverUrl: z.string().url(t("common.errmsg.url_invalid")), + apiKey: z.string().nonempty(t("access.form.apisix_api_key.placeholder")), + allowInsecureConnections: z.boolean().nullish(), + }); + const formRule = createSchemaFieldRule(formSchema); + + const handleFormChange = (_: unknown, values: z.infer) => { + onValuesChange?.(values); + }; + + return ( +
+ + + + + } + > + + + + + + +
+ ); +}; + +export default AccessFormAPISIXConfig; diff --git a/ui/src/components/access/AccessFormAWSConfig.tsx b/ui/src/components/access/AccessFormAWSConfig.tsx index 1eee6247..89500feb 100644 --- a/ui/src/components/access/AccessFormAWSConfig.tsx +++ b/ui/src/components/access/AccessFormAWSConfig.tsx @@ -29,13 +29,11 @@ const AccessFormAWSConfig = ({ form: formInst, formName, disabled, initialValues accessKeyId: z .string() .min(1, t("access.form.aws_access_key_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), secretAccessKey: z .string() .min(1, t("access.form.aws_secret_access_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormAliyunConfig.tsx b/ui/src/components/access/AccessFormAliyunConfig.tsx index 4904b072..f48c3297 100644 --- a/ui/src/components/access/AccessFormAliyunConfig.tsx +++ b/ui/src/components/access/AccessFormAliyunConfig.tsx @@ -28,12 +28,10 @@ const AccessFormAliyunConfig = ({ form: formInst, formName, disabled, initialVal const formSchema = z.object({ accessKeyId: z .string() - .trim() .min(1, t("access.form.aliyun_access_key_id.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), accessKeySecret: z .string() - .trim() .min(1, t("access.form.aliyun_access_key_secret.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), resourceGroupId: z.string().nullish(), @@ -71,15 +69,6 @@ const AccessFormAliyunConfig = ({ form: formInst, formName, disabled, initialVal - } - > - - - - - ); }; diff --git a/ui/src/components/access/AccessFormBytePlusConfig.tsx b/ui/src/components/access/AccessFormBytePlusConfig.tsx index 184e0189..5902edb8 100644 --- a/ui/src/components/access/AccessFormBytePlusConfig.tsx +++ b/ui/src/components/access/AccessFormBytePlusConfig.tsx @@ -28,14 +28,12 @@ const AccessFormBytePlusConfig = ({ form: formInst, formName, disabled, initialV const formSchema = z.object({ accessKey: z .string() - .trim() .min(1, t("access.form.byteplus_access_key.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), secretKey: z .string() .min(1, t("access.form.byteplus_secret_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormCMCCCloudConfig.tsx b/ui/src/components/access/AccessFormCMCCCloudConfig.tsx index 9bc6e615..9ee88a07 100644 --- a/ui/src/components/access/AccessFormCMCCCloudConfig.tsx +++ b/ui/src/components/access/AccessFormCMCCCloudConfig.tsx @@ -28,13 +28,11 @@ const AccessFormCMCCCloudConfig = ({ form: formInst, formName, disabled, initial accessKeyId: z .string() .min(1, t("access.form.cmcccloud_access_key_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), accessKeySecret: z .string() .min(1, t("access.form.cmcccloud_access_key_secret.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormCTCCCloudConfig.tsx b/ui/src/components/access/AccessFormCTCCCloudConfig.tsx new file mode 100644 index 00000000..f0e9df39 --- /dev/null +++ b/ui/src/components/access/AccessFormCTCCCloudConfig.tsx @@ -0,0 +1,73 @@ +import { useTranslation } from "react-i18next"; +import { Form, type FormInstance, Input } from "antd"; +import { createSchemaFieldRule } from "antd-zod"; +import { z } from "zod"; +import { type AccessConfigForCTCCCloud } from "@/domain/access"; + +type AccessFormCTCCCloudConfigFieldValues = Nullish; + +export type AccessFormCTCCCloudConfigProps = { + form: FormInstance; + formName: string; + disabled?: boolean; + initialValues?: AccessFormCTCCCloudConfigFieldValues; + onValuesChange?: (values: AccessFormCTCCCloudConfigFieldValues) => void; +}; + +const initFormModel = (): AccessFormCTCCCloudConfigFieldValues => { + return { + accessKeyId: "", + secretAccessKey: "", + }; +}; + +const AccessFormCTCCCloudConfig = ({ form: formInst, formName, disabled, initialValues, onValuesChange: onValuesChange }: AccessFormCTCCCloudConfigProps) => { + const { t } = useTranslation(); + + const formSchema = z.object({ + accessKeyId: z + .string() + .min(1, t("access.form.ctcccloud_access_key_id.placeholder")) + .max(64, t("common.errmsg.string_max", { max: 64 })), + secretAccessKey: z + .string() + .min(1, t("access.form.ctcccloud_secret_access_key.placeholder")) + .max(64, t("common.errmsg.string_max", { max: 64 })), + }); + const formRule = createSchemaFieldRule(formSchema); + + const handleFormChange = (_: unknown, values: z.infer) => { + onValuesChange?.(values); + }; + + return ( +
+ } + > + + + + } + > + + +
+ ); +}; + +export default AccessFormCTCCCloudConfig; diff --git a/ui/src/components/access/AccessFormCacheFlyConfig.tsx b/ui/src/components/access/AccessFormCacheFlyConfig.tsx index b3172785..79ca197f 100644 --- a/ui/src/components/access/AccessFormCacheFlyConfig.tsx +++ b/ui/src/components/access/AccessFormCacheFlyConfig.tsx @@ -28,8 +28,7 @@ const AccessFormCacheFlyConfig = ({ form: formInst, formName, disabled, initialV apiToken: z .string() .min(1, t("access.form.cachefly_api_token.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormCdnflyConfig.tsx b/ui/src/components/access/AccessFormCdnflyConfig.tsx index 10422c3b..6e06d0e7 100644 --- a/ui/src/components/access/AccessFormCdnflyConfig.tsx +++ b/ui/src/components/access/AccessFormCdnflyConfig.tsx @@ -31,13 +31,11 @@ const AccessFormCdnflyConfig = ({ form: formInst, formName, disabled, initialVal apiKey: z .string() .min(1, t("access.form.cdnfly_api_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), apiSecret: z .string() .min(1, t("access.form.cdnfly_api_secret.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormClouDNSConfig.tsx b/ui/src/components/access/AccessFormClouDNSConfig.tsx index 4472eeea..922a8e75 100644 --- a/ui/src/components/access/AccessFormClouDNSConfig.tsx +++ b/ui/src/components/access/AccessFormClouDNSConfig.tsx @@ -28,14 +28,12 @@ const AccessFormClouDNSConfig = ({ form: formInst, formName, disabled, initialVa const formSchema = z.object({ authId: z .string() - .trim() .min(1, t("access.form.cloudns_auth_id.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), authPassword: z .string() .min(1, t("access.form.cloudns_auth_password.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormCloudflareConfig.tsx b/ui/src/components/access/AccessFormCloudflareConfig.tsx index 79b33e3a..6e9ba6c1 100644 --- a/ui/src/components/access/AccessFormCloudflareConfig.tsx +++ b/ui/src/components/access/AccessFormCloudflareConfig.tsx @@ -28,12 +28,10 @@ const AccessFormCloudflareConfig = ({ form: formInst, formName, disabled, initia dnsApiToken: z .string() .min(1, t("access.form.cloudflare_dns_api_token.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), zoneApiToken: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormConstellixConfig.tsx b/ui/src/components/access/AccessFormConstellixConfig.tsx index 5966828a..8e028034 100644 --- a/ui/src/components/access/AccessFormConstellixConfig.tsx +++ b/ui/src/components/access/AccessFormConstellixConfig.tsx @@ -25,8 +25,8 @@ const AccessFormConstellixConfig = ({ form: formInst, formName, disabled, initia const { t } = useTranslation(); const formSchema = z.object({ - apiKey: z.string().trim().nonempty(t("access.form.constellix_api_key.placeholder")), - secretKey: z.string().trim().nonempty(t("access.form.constellix_secret_key.placeholder")), + apiKey: z.string().nonempty(t("access.form.constellix_api_key.placeholder")), + secretKey: z.string().nonempty(t("access.form.constellix_secret_key.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormDNSLAConfig.tsx b/ui/src/components/access/AccessFormDNSLAConfig.tsx index df8403ea..ee5ac5e6 100644 --- a/ui/src/components/access/AccessFormDNSLAConfig.tsx +++ b/ui/src/components/access/AccessFormDNSLAConfig.tsx @@ -29,13 +29,11 @@ const AccessFormDNSLAConfig = ({ form: formInst, formName, disabled, initialValu apiId: z .string() .min(1, t("access.form.dnsla_api_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), apiSecret: z .string() .min(1, t("access.form.dnsla_api_secret.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormDeSECConfig.tsx b/ui/src/components/access/AccessFormDeSECConfig.tsx index 4ba65a69..10f5a101 100644 --- a/ui/src/components/access/AccessFormDeSECConfig.tsx +++ b/ui/src/components/access/AccessFormDeSECConfig.tsx @@ -28,8 +28,7 @@ const AccessFormDeSECConfig = ({ form: formInst, formName, disabled, initialValu token: z .string() .min(1, t("access.form.desec_token.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormDigitalOceanConfig.tsx b/ui/src/components/access/AccessFormDigitalOceanConfig.tsx index f4aafc4f..421ee9cc 100644 --- a/ui/src/components/access/AccessFormDigitalOceanConfig.tsx +++ b/ui/src/components/access/AccessFormDigitalOceanConfig.tsx @@ -25,7 +25,7 @@ const AccessFormDigitalOceanConfig = ({ form: formInst, formName, disabled, init const { t } = useTranslation(); const formSchema = z.object({ - accessToken: z.string().nonempty(t("access.form.digitalocean_access_token.placeholder")).trim(), + accessToken: z.string().nonempty(t("access.form.digitalocean_access_token.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormDingTalkBotConfig.tsx b/ui/src/components/access/AccessFormDingTalkBotConfig.tsx index 35aebf6e..59904e18 100644 --- a/ui/src/components/access/AccessFormDingTalkBotConfig.tsx +++ b/ui/src/components/access/AccessFormDingTalkBotConfig.tsx @@ -27,7 +27,7 @@ const AccessFormDingTalkBotConfig = ({ form: formInst, formName, disabled, initi const formSchema = z.object({ webhookUrl: z.string().url(t("common.errmsg.url_invalid")), - secret: z.string().nonempty(t("access.form.dingtalkbot_secret.placeholder")).trim(), + secret: z.string().nonempty(t("access.form.dingtalkbot_secret.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormDiscordBotConfig.tsx b/ui/src/components/access/AccessFormDiscordBotConfig.tsx index 16848686..5f844ccc 100644 --- a/ui/src/components/access/AccessFormDiscordBotConfig.tsx +++ b/ui/src/components/access/AccessFormDiscordBotConfig.tsx @@ -28,8 +28,7 @@ const AccessFormDiscordBotConfig = ({ form: formInst, formName, disabled, initia botToken: z .string({ message: t("access.form.discordbot_token.placeholder") }) .min(1, t("access.form.discordbot_token.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), defaultChannelId: z.string().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormDogeCloudConfig.tsx b/ui/src/components/access/AccessFormDogeCloudConfig.tsx index 36b73f9f..3e61d75f 100644 --- a/ui/src/components/access/AccessFormDogeCloudConfig.tsx +++ b/ui/src/components/access/AccessFormDogeCloudConfig.tsx @@ -29,13 +29,11 @@ const AccessFormDogeCloudConfig = ({ form: formInst, formName, disabled, initial accessKey: z .string() .min(1, t("access.form.dogecloud_access_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), secretKey: z .string() .min(1, t("access.form.dogecloud_secret_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormDuckDNSConfig.tsx b/ui/src/components/access/AccessFormDuckDNSConfig.tsx index 969f78f8..6b9c81b8 100644 --- a/ui/src/components/access/AccessFormDuckDNSConfig.tsx +++ b/ui/src/components/access/AccessFormDuckDNSConfig.tsx @@ -25,7 +25,7 @@ const AccessFormDuckDNSConfig = ({ form: formInst, formName, disabled, initialVa const { t } = useTranslation(); const formSchema = z.object({ - token: z.string().nonempty(t("access.form.duckdns_token.placeholder")).trim(), + token: z.string().nonempty(t("access.form.duckdns_token.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormDynv6Config.tsx b/ui/src/components/access/AccessFormDynv6Config.tsx index 92385302..87e16c1e 100644 --- a/ui/src/components/access/AccessFormDynv6Config.tsx +++ b/ui/src/components/access/AccessFormDynv6Config.tsx @@ -28,8 +28,7 @@ const AccessFormDynv6Config = ({ form: formInst, formName, disabled, initialValu httpToken: z .string() .min(1, t("access.form.dynv6_http_token.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormEdgioConfig.tsx b/ui/src/components/access/AccessFormEdgioConfig.tsx index d70ece6e..a91298c9 100644 --- a/ui/src/components/access/AccessFormEdgioConfig.tsx +++ b/ui/src/components/access/AccessFormEdgioConfig.tsx @@ -29,13 +29,11 @@ const AccessFormEdgioConfig = ({ form: formInst, formName, disabled, initialValu clientId: z .string() .min(1, t("access.form.edgio_client_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), clientSecret: z .string() .min(1, t("access.form.edgio_client_secret.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormEmailConfig.tsx b/ui/src/components/access/AccessFormEmailConfig.tsx index ae79794a..ae3ac5c9 100644 --- a/ui/src/components/access/AccessFormEmailConfig.tsx +++ b/ui/src/components/access/AccessFormEmailConfig.tsx @@ -54,6 +54,7 @@ const AccessFormEmailConfig = ({ form: formInst, formName, disabled, initialValu if (!v) return true; return validEmailAddress(v); }, t("common.errmsg.email_invalid")), + defaultSenderName: z.string().nullish(), defaultReceiverAddress: z .string() .nullish() @@ -115,6 +116,10 @@ const AccessFormEmailConfig = ({ form: formInst, formName, disabled, initialValu + + + + diff --git a/ui/src/components/access/AccessFormFlexCDNConfig.tsx b/ui/src/components/access/AccessFormFlexCDNConfig.tsx index 71aa9607..f07b8359 100644 --- a/ui/src/components/access/AccessFormFlexCDNConfig.tsx +++ b/ui/src/components/access/AccessFormFlexCDNConfig.tsx @@ -32,8 +32,8 @@ const AccessFormFlexCDNConfig = ({ form: formInst, formName, disabled, initialVa role: z.union([z.literal("user"), z.literal("admin")], { message: t("access.form.flexcdn_api_role.placeholder"), }), - accessKeyId: z.string().nonempty(t("access.form.flexcdn_access_key_id.placeholder")).trim(), - accessKey: z.string().nonempty(t("access.form.flexcdn_access_key.placeholder")).trim(), + accessKeyId: z.string().nonempty(t("access.form.flexcdn_access_key_id.placeholder")), + accessKey: z.string().nonempty(t("access.form.flexcdn_access_key.placeholder")), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormGcoreConfig.tsx b/ui/src/components/access/AccessFormGcoreConfig.tsx index 858dac02..f78d7309 100644 --- a/ui/src/components/access/AccessFormGcoreConfig.tsx +++ b/ui/src/components/access/AccessFormGcoreConfig.tsx @@ -28,8 +28,7 @@ const AccessFormGcoreConfig = ({ form: formInst, formName, disabled, initialValu apiToken: z .string() .min(1, t("access.form.gcore_api_token.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormGnameConfig.tsx b/ui/src/components/access/AccessFormGnameConfig.tsx index f0c8f072..990f01b6 100644 --- a/ui/src/components/access/AccessFormGnameConfig.tsx +++ b/ui/src/components/access/AccessFormGnameConfig.tsx @@ -29,13 +29,11 @@ const AccessFormGnameConfig = ({ form: formInst, formName, disabled, initialValu appId: z .string() .min(1, t("access.form.gname_app_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), appKey: z .string() .min(1, t("access.form.gname_app_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormGoDaddyConfig.tsx b/ui/src/components/access/AccessFormGoDaddyConfig.tsx index 9e8989e9..c604a8b3 100644 --- a/ui/src/components/access/AccessFormGoDaddyConfig.tsx +++ b/ui/src/components/access/AccessFormGoDaddyConfig.tsx @@ -29,13 +29,11 @@ const AccessFormGoDaddyConfig = ({ form: formInst, formName, disabled, initialVa apiKey: z .string() .min(1, t("access.form.godaddy_api_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), apiSecret: z .string() .min(1, t("access.form.godaddy_api_secret.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormGoEdgeConfig.tsx b/ui/src/components/access/AccessFormGoEdgeConfig.tsx index 641e2276..822c410b 100644 --- a/ui/src/components/access/AccessFormGoEdgeConfig.tsx +++ b/ui/src/components/access/AccessFormGoEdgeConfig.tsx @@ -32,8 +32,8 @@ const AccessFormGoEdgeConfig = ({ form: formInst, formName, disabled, initialVal role: z.union([z.literal("user"), z.literal("admin")], { message: t("access.form.goedge_api_role.placeholder"), }), - accessKeyId: z.string().nonempty(t("access.form.goedge_access_key_id.placeholder")).trim(), - accessKey: z.string().nonempty(t("access.form.goedge_access_key.placeholder")).trim(), + accessKeyId: z.string().nonempty(t("access.form.goedge_access_key_id.placeholder")), + accessKey: z.string().nonempty(t("access.form.goedge_access_key.placeholder")), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormGoogleTrustServicesConfig.tsx b/ui/src/components/access/AccessFormGoogleTrustServicesConfig.tsx index 95eb6270..b30384f5 100644 --- a/ui/src/components/access/AccessFormGoogleTrustServicesConfig.tsx +++ b/ui/src/components/access/AccessFormGoogleTrustServicesConfig.tsx @@ -35,13 +35,11 @@ const AccessFormGoogleTrustServicesConfig = ({ eabKid: z .string() .min(1, t("access.form.googletrustservices_eab_kid.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), eabHmacKey: z .string() .min(1, t("access.form.googletrustservices_eab_hmac_key.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormHetznerConfig.tsx b/ui/src/components/access/AccessFormHetznerConfig.tsx index 12bf21b2..b596e997 100644 --- a/ui/src/components/access/AccessFormHetznerConfig.tsx +++ b/ui/src/components/access/AccessFormHetznerConfig.tsx @@ -25,7 +25,7 @@ const AccessFormHetznerConfig = ({ form: formInst, formName, disabled, initialVa const { t } = useTranslation(); const formSchema = z.object({ - apiToken: z.string().nonempty(t("access.form.hetzner_api_token.placeholder")).trim(), + apiToken: z.string().nonempty(t("access.form.hetzner_api_token.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormHuaweiCloudConfig.tsx b/ui/src/components/access/AccessFormHuaweiCloudConfig.tsx index ca83febd..fc56d558 100644 --- a/ui/src/components/access/AccessFormHuaweiCloudConfig.tsx +++ b/ui/src/components/access/AccessFormHuaweiCloudConfig.tsx @@ -28,12 +28,10 @@ const AccessFormHuaweiCloudConfig = ({ form: formInst, formName, disabled, initi const formSchema = z.object({ accessKeyId: z .string() - .trim() .min(1, t("access.form.huaweicloud_access_key_id.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), secretAccessKey: z .string() - .trim() .min(1, t("access.form.huaweicloud_secret_access_key.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), enterpriseProjectId: z.string().nullish(), diff --git a/ui/src/components/access/AccessFormJDCloudConfig.tsx b/ui/src/components/access/AccessFormJDCloudConfig.tsx index 7ab6b167..10fb4bad 100644 --- a/ui/src/components/access/AccessFormJDCloudConfig.tsx +++ b/ui/src/components/access/AccessFormJDCloudConfig.tsx @@ -29,13 +29,11 @@ const AccessFormJDCloudConfig = ({ form: formInst, formName, disabled, initialVa accessKeyId: z .string() .min(1, t("access.form.jdcloud_access_key_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), accessKeySecret: z .string() .min(1, t("access.form.jdcloud_access_key_secret.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormKubernetesConfig.tsx b/ui/src/components/access/AccessFormKubernetesConfig.tsx index 73415bb1..ff2bd491 100644 --- a/ui/src/components/access/AccessFormKubernetesConfig.tsx +++ b/ui/src/components/access/AccessFormKubernetesConfig.tsx @@ -26,7 +26,6 @@ const AccessFormKubernetesConfig = ({ form: formInst, formName, disabled, initia const formSchema = z.object({ kubeConfig: z .string() - .trim() .max(20480, t("common.errmsg.string_max", { max: 20480 })) .nullish(), }); diff --git a/ui/src/components/access/AccessFormLeCDNConfig.tsx b/ui/src/components/access/AccessFormLeCDNConfig.tsx index 282afa8d..1f9feabc 100644 --- a/ui/src/components/access/AccessFormLeCDNConfig.tsx +++ b/ui/src/components/access/AccessFormLeCDNConfig.tsx @@ -33,8 +33,8 @@ const AccessFormLeCDNConfig = ({ form: formInst, formName, disabled, initialValu role: z.union([z.literal("client"), z.literal("master")], { message: t("access.form.lecdn_api_role.placeholder"), }), - username: z.string().nonempty(t("access.form.lecdn_username.placeholder")).trim(), - password: z.string().nonempty(t("access.form.lecdn_password.placeholder")).trim(), + username: z.string().nonempty(t("access.form.lecdn_username.placeholder")), + password: z.string().nonempty(t("access.form.lecdn_password.placeholder")), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormNS1Config.tsx b/ui/src/components/access/AccessFormNS1Config.tsx index 5b12feb0..4080b79b 100644 --- a/ui/src/components/access/AccessFormNS1Config.tsx +++ b/ui/src/components/access/AccessFormNS1Config.tsx @@ -28,8 +28,7 @@ const AccessFormNS1Config = ({ form: formInst, formName, disabled, initialValues apiKey: z .string() .min(1, t("access.form.ns1_api_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormNameDotComConfig.tsx b/ui/src/components/access/AccessFormNameDotComConfig.tsx index 0048de52..e5a7a372 100644 --- a/ui/src/components/access/AccessFormNameDotComConfig.tsx +++ b/ui/src/components/access/AccessFormNameDotComConfig.tsx @@ -29,13 +29,11 @@ const AccessFormNameDotComConfig = ({ form: formInst, formName, disabled, initia username: z .string() .min(1, t("access.form.namedotcom_username.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), apiToken: z .string() .min(1, t("access.form.namedotcom_api_token.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormNameSiloConfig.tsx b/ui/src/components/access/AccessFormNameSiloConfig.tsx index 1e8e2d8e..a9421ffe 100644 --- a/ui/src/components/access/AccessFormNameSiloConfig.tsx +++ b/ui/src/components/access/AccessFormNameSiloConfig.tsx @@ -28,8 +28,7 @@ const AccessFormNameSiloConfig = ({ form: formInst, formName, disabled, initialV apiKey: z .string() .min(1, t("access.form.namesilo_api_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormNamecheapConfig.tsx b/ui/src/components/access/AccessFormNamecheapConfig.tsx index d6a79f2a..2ac81909 100644 --- a/ui/src/components/access/AccessFormNamecheapConfig.tsx +++ b/ui/src/components/access/AccessFormNamecheapConfig.tsx @@ -29,13 +29,11 @@ const AccessFormNamecheapConfig = ({ form: formInst, formName, disabled, initial username: z .string() .min(1, t("access.form.namecheap_username.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), apiKey: z .string() .min(1, t("access.form.namecheap_api_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormNetcupConfig.tsx b/ui/src/components/access/AccessFormNetcupConfig.tsx index c5d4bfc6..02aa5272 100644 --- a/ui/src/components/access/AccessFormNetcupConfig.tsx +++ b/ui/src/components/access/AccessFormNetcupConfig.tsx @@ -27,9 +27,9 @@ const AccessFormNetcupConfig = ({ form: formInst, formName, disabled, initialVal const { t } = useTranslation(); const formSchema = z.object({ - customerNumber: z.string().nonempty(t("access.form.netcup_customer_number.placeholder")).trim(), - apiKey: z.string().nonempty(t("access.form.netcup_api_key.placeholder")).trim(), - apiPassword: z.string().nonempty(t("access.form.netcup_api_password.placeholder")).trim(), + customerNumber: z.string().nonempty(t("access.form.netcup_customer_number.placeholder")), + apiKey: z.string().nonempty(t("access.form.netcup_api_key.placeholder")), + apiPassword: z.string().nonempty(t("access.form.netcup_api_password.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormNetlifyConfig.tsx b/ui/src/components/access/AccessFormNetlifyConfig.tsx index 7fa4c8ae..91d0c31e 100644 --- a/ui/src/components/access/AccessFormNetlifyConfig.tsx +++ b/ui/src/components/access/AccessFormNetlifyConfig.tsx @@ -25,7 +25,7 @@ const AccessFormNetlifyConfig = ({ form: formInst, formName, disabled, initialVa const { t } = useTranslation(); const formSchema = z.object({ - apiToken: z.string().nonempty(t("access.form.netlify_api_token.placeholder")).trim(), + apiToken: z.string().nonempty(t("access.form.netlify_api_token.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormPorkbunConfig.tsx b/ui/src/components/access/AccessFormPorkbunConfig.tsx index 20cbc38a..65193db7 100644 --- a/ui/src/components/access/AccessFormPorkbunConfig.tsx +++ b/ui/src/components/access/AccessFormPorkbunConfig.tsx @@ -29,13 +29,11 @@ const AccessFormPorkbunConfig = ({ form: formInst, formName, disabled, initialVa apiKey: z .string() .min(1, t("access.form.porkbun_api_key.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), secretApiKey: z .string() .min(1, t("access.form.porkbun_secret_api_key.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormPowerDNSConfig.tsx b/ui/src/components/access/AccessFormPowerDNSConfig.tsx index 33447cc8..e9dc9756 100644 --- a/ui/src/components/access/AccessFormPowerDNSConfig.tsx +++ b/ui/src/components/access/AccessFormPowerDNSConfig.tsx @@ -30,8 +30,7 @@ const AccessFormPowerDNSConfig = ({ form: formInst, formName, disabled, initialV apiKey: z .string() .min(1, t("access.form.powerdns_api_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormProxmoxVEConfig.tsx b/ui/src/components/access/AccessFormProxmoxVEConfig.tsx index 29280b1c..b2d44011 100644 --- a/ui/src/components/access/AccessFormProxmoxVEConfig.tsx +++ b/ui/src/components/access/AccessFormProxmoxVEConfig.tsx @@ -27,7 +27,7 @@ const AccessFormProxmoxVEConfig = ({ form: formInst, formName, disabled, initial const formSchema = z.object({ serverUrl: z.string().url(t("common.errmsg.url_invalid")), - apiToken: z.string().nonempty(t("access.form.proxmoxve_api_token.placeholder")).trim(), + apiToken: z.string().nonempty(t("access.form.proxmoxve_api_token.placeholder")), apiTokenSecret: z.string().nullish(), allowInsecureConnections: z.boolean().nullish(), }); diff --git a/ui/src/components/access/AccessFormQiniuConfig.tsx b/ui/src/components/access/AccessFormQiniuConfig.tsx index 40517184..dcbebcd0 100644 --- a/ui/src/components/access/AccessFormQiniuConfig.tsx +++ b/ui/src/components/access/AccessFormQiniuConfig.tsx @@ -29,13 +29,11 @@ const AccessFormQiniuConfig = ({ form: formInst, formName, disabled, initialValu accessKey: z .string() .min(1, t("access.form.qiniu_access_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), secretKey: z .string() .min(1, t("access.form.qiniu_secret_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormRainYunConfig.tsx b/ui/src/components/access/AccessFormRainYunConfig.tsx index a34cf683..b9b0b171 100644 --- a/ui/src/components/access/AccessFormRainYunConfig.tsx +++ b/ui/src/components/access/AccessFormRainYunConfig.tsx @@ -28,8 +28,7 @@ const AccessFormRainYunConfig = ({ form: formInst, formName, disabled, initialVa apiKey: z .string() .min(1, t("access.form.rainyun_api_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormRatPanelConfig.tsx b/ui/src/components/access/AccessFormRatPanelConfig.tsx index 04a71cd1..26448f46 100644 --- a/ui/src/components/access/AccessFormRatPanelConfig.tsx +++ b/ui/src/components/access/AccessFormRatPanelConfig.tsx @@ -29,7 +29,7 @@ const AccessFormRatPanelConfig = ({ form: formInst, formName, disabled, initialV const formSchema = z.object({ serverUrl: z.string().url(t("common.errmsg.url_invalid")), accessTokenId: z.preprocess((v) => Number(v), z.number().positive(t("access.form.ratpanel_access_token_id.placeholder"))), - accessToken: z.string().nonempty(t("access.form.ratpanel_access_token.placeholder")).trim(), + accessToken: z.string().nonempty(t("access.form.ratpanel_access_token.placeholder")), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormSSLComConfig.tsx b/ui/src/components/access/AccessFormSSLComConfig.tsx index 85266266..22b60ae4 100644 --- a/ui/src/components/access/AccessFormSSLComConfig.tsx +++ b/ui/src/components/access/AccessFormSSLComConfig.tsx @@ -29,13 +29,11 @@ const AccessFormSSLComConfig = ({ form: formInst, formName, disabled, initialVal eabKid: z .string() .min(1, t("access.form.sslcom_eab_kid.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), eabHmacKey: z .string() .min(1, t("access.form.sslcom_eab_hmac_key.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormSafeLineConfig.tsx b/ui/src/components/access/AccessFormSafeLineConfig.tsx index c698d066..e3d3e75d 100644 --- a/ui/src/components/access/AccessFormSafeLineConfig.tsx +++ b/ui/src/components/access/AccessFormSafeLineConfig.tsx @@ -30,8 +30,7 @@ const AccessFormSafeLineConfig = ({ form: formInst, formName, disabled, initialV apiToken: z .string() .min(1, t("access.form.safeline_api_token.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), allowInsecureConnections: z.boolean().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormSlackBotConfig.tsx b/ui/src/components/access/AccessFormSlackBotConfig.tsx index 3bea5f58..a0bdbad4 100644 --- a/ui/src/components/access/AccessFormSlackBotConfig.tsx +++ b/ui/src/components/access/AccessFormSlackBotConfig.tsx @@ -28,8 +28,7 @@ const AccessFormSlackBotConfig = ({ form: formInst, formName, disabled, initialV botToken: z .string({ message: t("access.form.slackbot_token.placeholder") }) .min(1, t("access.form.slackbot_token.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), defaultChannelId: z.string().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormTelegramBotConfig.tsx b/ui/src/components/access/AccessFormTelegramBotConfig.tsx index 82747694..a347610f 100644 --- a/ui/src/components/access/AccessFormTelegramBotConfig.tsx +++ b/ui/src/components/access/AccessFormTelegramBotConfig.tsx @@ -28,8 +28,7 @@ const AccessFormTelegramBotConfig = ({ form: formInst, formName, disabled, initi botToken: z .string({ message: t("access.form.telegrambot_token.placeholder") }) .min(1, t("access.form.telegrambot_token.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), defaultChatId: z .preprocess( (v) => (v == null || v === "" ? undefined : Number(v)), diff --git a/ui/src/components/access/AccessFormTencentCloudConfig.tsx b/ui/src/components/access/AccessFormTencentCloudConfig.tsx index 11de6d6d..540ebdd9 100644 --- a/ui/src/components/access/AccessFormTencentCloudConfig.tsx +++ b/ui/src/components/access/AccessFormTencentCloudConfig.tsx @@ -29,13 +29,11 @@ const AccessFormTencentCloudConfig = ({ form: formInst, formName, disabled, init secretId: z .string() .min(1, t("access.form.tencentcloud_secret_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), secretKey: z .string() .min(1, t("access.form.tencentcloud_secret_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormUCloudConfig.tsx b/ui/src/components/access/AccessFormUCloudConfig.tsx index fd623925..395d185e 100644 --- a/ui/src/components/access/AccessFormUCloudConfig.tsx +++ b/ui/src/components/access/AccessFormUCloudConfig.tsx @@ -29,17 +29,14 @@ const AccessFormUCloudConfig = ({ form: formInst, formName, disabled, initialVal privateKey: z .string() .min(1, t("access.form.ucloud_private_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), publicKey: z .string() .min(1, t("access.form.ucloud_public_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), projectId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormUniCloudConfig.tsx b/ui/src/components/access/AccessFormUniCloudConfig.tsx index d281f1fe..8b6d1346 100644 --- a/ui/src/components/access/AccessFormUniCloudConfig.tsx +++ b/ui/src/components/access/AccessFormUniCloudConfig.tsx @@ -26,8 +26,8 @@ const AccessFormUniCloudConfig = ({ form: formInst, formName, disabled, initialV const { t } = useTranslation(); const formSchema = z.object({ - username: z.string().trim().nonempty(t("access.form.unicloud_username.placeholder")), - password: z.string().trim().nonempty(t("access.form.unicloud_password.placeholder")), + username: z.string().nonempty(t("access.form.unicloud_username.placeholder")), + password: z.string().nonempty(t("access.form.unicloud_password.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormUpyunConfig.tsx b/ui/src/components/access/AccessFormUpyunConfig.tsx index 665c50cf..24feb9f8 100644 --- a/ui/src/components/access/AccessFormUpyunConfig.tsx +++ b/ui/src/components/access/AccessFormUpyunConfig.tsx @@ -28,12 +28,10 @@ const AccessFormUpyunConfig = ({ form: formInst, formName, disabled, initialValu const formSchema = z.object({ username: z .string() - .trim() .min(1, t("access.form.upyun_username.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), password: z .string() - .trim() .min(1, t("access.form.upyun_password.placeholder")) .max(64, t("common.errmsg.string_max", { max: 64 })), }); diff --git a/ui/src/components/access/AccessFormVercelConfig.tsx b/ui/src/components/access/AccessFormVercelConfig.tsx index 4483a9f9..a3a1954e 100644 --- a/ui/src/components/access/AccessFormVercelConfig.tsx +++ b/ui/src/components/access/AccessFormVercelConfig.tsx @@ -28,12 +28,10 @@ const AccessFormVercelConfig = ({ form: formInst, formName, disabled, initialVal apiAccessToken: z .string() .min(1, t("access.form.vercel_api_access_token.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), teamId: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormVolcEngineConfig.tsx b/ui/src/components/access/AccessFormVolcEngineConfig.tsx index 8d8d18de..c9a302a2 100644 --- a/ui/src/components/access/AccessFormVolcEngineConfig.tsx +++ b/ui/src/components/access/AccessFormVolcEngineConfig.tsx @@ -29,13 +29,11 @@ const AccessFormVolcEngineConfig = ({ form: formInst, formName, disabled, initia accessKeyId: z .string() .min(1, t("access.form.volcengine_access_key_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), secretAccessKey: z .string() .min(1, t("access.form.volcengine_secret_access_key.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormWangsuConfig.tsx b/ui/src/components/access/AccessFormWangsuConfig.tsx index bb4f699c..fe2950c4 100644 --- a/ui/src/components/access/AccessFormWangsuConfig.tsx +++ b/ui/src/components/access/AccessFormWangsuConfig.tsx @@ -30,18 +30,15 @@ const AccessFormWangsuConfig = ({ form: formInst, formName, disabled, initialVal accessKeyId: z .string() .min(1, t("access.form.wangsu_access_key_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), accessKeySecret: z .string() .min(1, t("access.form.wangsu_access_key_secret.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), apiKey: z .string() .min(1, t("access.form.wangsu_api_key.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormWestcnConfig.tsx b/ui/src/components/access/AccessFormWestcnConfig.tsx index ab21260c..34439316 100644 --- a/ui/src/components/access/AccessFormWestcnConfig.tsx +++ b/ui/src/components/access/AccessFormWestcnConfig.tsx @@ -29,13 +29,11 @@ const AccessFormWestcnConfig = ({ form: formInst, formName, disabled, initialVal username: z .string() .min(1, t("access.form.westcn_username.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), apiPassword: z .string() .min(1, t("access.form.westcn_api_password.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/access/AccessFormZeroSSLConfig.tsx b/ui/src/components/access/AccessFormZeroSSLConfig.tsx index 336777b0..a1653667 100644 --- a/ui/src/components/access/AccessFormZeroSSLConfig.tsx +++ b/ui/src/components/access/AccessFormZeroSSLConfig.tsx @@ -29,13 +29,11 @@ const AccessFormZeroSSLConfig = ({ form: formInst, formName, disabled, initialVa eabKid: z .string() .min(1, t("access.form.zerossl_eab_kid.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), eabHmacKey: z .string() .min(1, t("access.form.zerossl_eab_hmac_key.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/notification/NotifyChannelEditFormGotifyFields.tsx b/ui/src/components/notification/NotifyChannelEditFormGotifyFields.tsx index 189f4e16..69aa4b46 100644 --- a/ui/src/components/notification/NotifyChannelEditFormGotifyFields.tsx +++ b/ui/src/components/notification/NotifyChannelEditFormGotifyFields.tsx @@ -9,7 +9,12 @@ const NotifyChannelEditFormGotifyFields = () => { const formSchema = z.object({ url: z.string({ message: t("settings.notification.channel.form.gotify_url.placeholder") }).url({ message: t("common.errmsg.url_invalid") }), token: z.string({ message: t("settings.notification.channel.form.gotify_token.placeholder") }), - priority: z.preprocess(val => Number(val), z.number({ message: t("settings.notification.channel.form.gotify_priority.placeholder") }).gte(0, { message: t("settings.notification.channel.form.gotify_priority.error.gte0") })), + priority: z.preprocess( + (val) => Number(val), + z + .number({ message: t("settings.notification.channel.form.gotify_priority.placeholder") }) + .gte(0, { message: t("settings.notification.channel.form.gotify_priority.error.gte0") }) + ), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/notification/NotifyTemplate.tsx b/ui/src/components/notification/NotifyTemplate.tsx index 9921cda5..152596e7 100644 --- a/ui/src/components/notification/NotifyTemplate.tsx +++ b/ui/src/components/notification/NotifyTemplate.tsx @@ -27,13 +27,11 @@ const NotifyTemplateForm = ({ className, style }: NotifyTemplateFormProps) => { subject: z .string() .min(1, t("settings.notification.template.form.subject.placeholder")) - .max(1000, t("common.errmsg.string_max", { max: 1000 })) - .trim(), + .max(1000, t("common.errmsg.string_max", { max: 1000 })), message: z .string() .min(1, t("settings.notification.template.form.message.placeholder")) - .max(1000, t("common.errmsg.string_max", { max: 1000 })) - .trim(), + .max(1000, t("common.errmsg.string_max", { max: 1000 })), }); const formRule = createSchemaFieldRule(formSchema); const { diff --git a/ui/src/components/provider/DeploymentProviderPicker.tsx b/ui/src/components/provider/DeploymentProviderPicker.tsx index bb569acd..9b441189 100644 --- a/ui/src/components/provider/DeploymentProviderPicker.tsx +++ b/ui/src/components/provider/DeploymentProviderPicker.tsx @@ -72,6 +72,7 @@ const DeploymentProviderPicker = ({ className, style, autoFocus, filter, placeho DEPLOYMENT_CATEGORIES.LOADBALANCE, DEPLOYMENT_CATEGORIES.FIREWALL, DEPLOYMENT_CATEGORIES.AV, + DEPLOYMENT_CATEGORIES.ACCELERATOR, DEPLOYMENT_CATEGORIES.APIGATEWAY, DEPLOYMENT_CATEGORIES.SERVERLESS, DEPLOYMENT_CATEGORIES.WEBSITE, diff --git a/ui/src/components/workflow/node/ApplyNodeConfigForm.tsx b/ui/src/components/workflow/node/ApplyNodeConfigForm.tsx index abbce8b4..402f6763 100644 --- a/ui/src/components/workflow/node/ApplyNodeConfigForm.tsx +++ b/ui/src/components/workflow/node/ApplyNodeConfigForm.tsx @@ -1,23 +1,14 @@ import { forwardRef, memo, useEffect, useImperativeHandle, useMemo, useState } from "react"; import { useTranslation } from "react-i18next"; import { Link } from "react-router"; -import { PlusOutlined as PlusOutlinedIcon, QuestionCircleOutlined as QuestionCircleOutlinedIcon, RightOutlined as RightOutlinedIcon } from "@ant-design/icons"; -import { useControllableValue } from "ahooks"; import { - AutoComplete, - type AutoCompleteProps, - Button, - Divider, - Flex, - Form, - type FormInstance, - Input, - InputNumber, - Select, - Switch, - Tooltip, - Typography, -} from "antd"; + CloseOutlined as CloseOutlinedIcon, + PlusOutlined as PlusOutlinedIcon, + QuestionCircleOutlined as QuestionCircleOutlinedIcon, + RightOutlined as RightOutlinedIcon, +} from "@ant-design/icons"; +import { useControllableValue } from "ahooks"; +import { AutoComplete, Button, Divider, Flex, Form, type FormInstance, Input, InputNumber, Select, Switch, Tooltip, Typography } from "antd"; import { createSchemaFieldRule } from "antd-zod"; import { z } from "zod"; @@ -589,8 +580,7 @@ const ApplyNodeConfigForm = forwardRef void }) => { - const { emails, fetchEmails } = useContactEmailsStore(); - const emailsToOptions = () => emails.map((email) => ({ label: email, value: email })); + const { emails, fetchEmails, removeEmail } = useContactEmailsStore(); useEffect(() => { fetchEmails(); }, []); @@ -601,24 +591,49 @@ const EmailInput = memo( trigger: "onChange", }); - const [options, setOptions] = useState([]); - useEffect(() => { - setOptions(emailsToOptions()); - }, [emails]); + const [inputValue, setInputValue] = useState(); + + const renderOptionLabel = (email: string, removable: boolean = false) => ( +
+ {email} + {removable && ( +
+ ); + + const options = useMemo(() => { + const temp = emails.map((email) => ({ + label: renderOptionLabel(email, true), + value: email, + })); + + if (!!inputValue && temp.every((option) => option.value !== inputValue)) { + temp.unshift({ + label: renderOptionLabel(inputValue), + value: inputValue, + }); + } + + return temp; + }, [emails, inputValue]); const handleChange = (value: string) => { setValue(value); }; - const handleSearch = (text: string) => { - const temp = emailsToOptions(); - if (text?.trim()) { - if (temp.every((option) => option.label !== text)) { - temp.unshift({ label: text, value: text }); - } - } - - setOptions(temp); + const handleSearch = (value: string) => { + setInputValue(value?.trim()); }; return ( diff --git a/ui/src/components/workflow/node/ApplyNodeConfigFormAWSRoute53Config.tsx b/ui/src/components/workflow/node/ApplyNodeConfigFormAWSRoute53Config.tsx index a14a7057..03698cb1 100644 --- a/ui/src/components/workflow/node/ApplyNodeConfigFormAWSRoute53Config.tsx +++ b/ui/src/components/workflow/node/ApplyNodeConfigFormAWSRoute53Config.tsx @@ -35,12 +35,10 @@ const ApplyNodeConfigFormAWSRoute53Config = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.apply.form.aws_route53_region.placeholder") }) - .nonempty(t("workflow_node.apply.form.aws_route53_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.apply.form.aws_route53_region.placeholder")), hostedZoneId: z .string({ message: t("workflow_node.apply.form.aws_route53_hosted_zone_id.placeholder") }) - .nonempty(t("workflow_node.apply.form.aws_route53_hosted_zone_id.placeholder")) - .trim(), + .nonempty(t("workflow_node.apply.form.aws_route53_hosted_zone_id.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/ApplyNodeConfigFormAliyunESAConfig.tsx b/ui/src/components/workflow/node/ApplyNodeConfigFormAliyunESAConfig.tsx index d429b53d..0ef39b22 100644 --- a/ui/src/components/workflow/node/ApplyNodeConfigFormAliyunESAConfig.tsx +++ b/ui/src/components/workflow/node/ApplyNodeConfigFormAliyunESAConfig.tsx @@ -25,8 +25,7 @@ const ApplyNodeConfigFormAliyunESAConfig = ({ form: formInst, formName, disabled const formSchema = z.object({ region: z .string({ message: t("workflow_node.apply.form.aliyun_esa_region.placeholder") }) - .nonempty(t("workflow_node.apply.form.aliyun_esa_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.apply.form.aliyun_esa_region.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/ApplyNodeConfigFormHuaweiCloudDNSConfig.tsx b/ui/src/components/workflow/node/ApplyNodeConfigFormHuaweiCloudDNSConfig.tsx index dcde7c75..e806dd64 100644 --- a/ui/src/components/workflow/node/ApplyNodeConfigFormHuaweiCloudDNSConfig.tsx +++ b/ui/src/components/workflow/node/ApplyNodeConfigFormHuaweiCloudDNSConfig.tsx @@ -33,8 +33,7 @@ const ApplyNodeConfigFormHuaweiCloudDNSConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.apply.form.huaweicloud_dns_region.placeholder") }) - .nonempty(t("workflow_node.apply.form.huaweicloud_dns_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.apply.form.huaweicloud_dns_region.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/ApplyNodeConfigFormJDCloudDNSConfig.tsx b/ui/src/components/workflow/node/ApplyNodeConfigFormJDCloudDNSConfig.tsx index dba0b56c..cca7efd5 100644 --- a/ui/src/components/workflow/node/ApplyNodeConfigFormJDCloudDNSConfig.tsx +++ b/ui/src/components/workflow/node/ApplyNodeConfigFormJDCloudDNSConfig.tsx @@ -33,8 +33,7 @@ const ApplyNodeConfigFormJDCloudDNSConfig = ({ const formSchema = z.object({ regionId: z .string({ message: t("workflow_node.apply.form.jdcloud_dns_region_id.placeholder") }) - .nonempty(t("workflow_node.apply.form.jdcloud_dns_region_id.placeholder")) - .trim(), + .nonempty(t("workflow_node.apply.form.jdcloud_dns_region_id.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/ApplyNodeConfigFormTencentCloudEOConfig.tsx b/ui/src/components/workflow/node/ApplyNodeConfigFormTencentCloudEOConfig.tsx index 2969d4a2..f71e33e7 100644 --- a/ui/src/components/workflow/node/ApplyNodeConfigFormTencentCloudEOConfig.tsx +++ b/ui/src/components/workflow/node/ApplyNodeConfigFormTencentCloudEOConfig.tsx @@ -31,8 +31,7 @@ const ApplyNodeConfigFormTencentCloudEOConfig = ({ const formSchema = z.object({ zoneId: z .string({ message: t("workflow_node.apply.form.tencentcloud_eo_zone_id.placeholder") }) - .nonempty(t("workflow_node.apply.form.tencentcloud_eo_zone_id.placeholder")) - .trim(), + .nonempty(t("workflow_node.apply.form.tencentcloud_eo_zone_id.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigForm.tsx b/ui/src/components/workflow/node/DeployNodeConfigForm.tsx index 96e50911..15f627a9 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigForm.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigForm.tsx @@ -33,6 +33,7 @@ import DeployNodeConfigFormAliyunNLBConfig from "./DeployNodeConfigFormAliyunNLB import DeployNodeConfigFormAliyunOSSConfig from "./DeployNodeConfigFormAliyunOSSConfig"; import DeployNodeConfigFormAliyunVODConfig from "./DeployNodeConfigFormAliyunVODConfig"; import DeployNodeConfigFormAliyunWAFConfig from "./DeployNodeConfigFormAliyunWAFConfig"; +import DeployNodeConfigFormAPISIXConfig from "./DeployNodeConfigFormAPISIXConfig"; import DeployNodeConfigFormAWSACMConfig from "./DeployNodeConfigFormAWSACMConfig"; import DeployNodeConfigFormAWSCloudFrontConfig from "./DeployNodeConfigFormAWSCloudFrontConfig"; import DeployNodeConfigFormAWSIAMConfig from "./DeployNodeConfigFormAWSIAMConfig"; @@ -47,6 +48,11 @@ import DeployNodeConfigFormBaotaWAFSiteConfig from "./DeployNodeConfigFormBaotaW import DeployNodeConfigFormBunnyCDNConfig from "./DeployNodeConfigFormBunnyCDNConfig.tsx"; import DeployNodeConfigFormBytePlusCDNConfig from "./DeployNodeConfigFormBytePlusCDNConfig"; import DeployNodeConfigFormCdnflyConfig from "./DeployNodeConfigFormCdnflyConfig"; +import DeployNodeConfigFormCTCCCloudAOConfig from "./DeployNodeConfigFormCTCCCloudAOConfig"; +import DeployNodeConfigFormCTCCCloudCDNConfig from "./DeployNodeConfigFormCTCCCloudCDNConfig"; +import DeployNodeConfigFormCTCCCloudELBConfig from "./DeployNodeConfigFormCTCCCloudELBConfig"; +import DeployNodeConfigFormCTCCCloudICDNConfig from "./DeployNodeConfigFormCTCCCloudICDNConfig"; +import DeployNodeConfigFormCTCCCloudLVDNConfig from "./DeployNodeConfigFormCTCCCloudLVDNConfig"; import DeployNodeConfigFormDogeCloudCDNConfig from "./DeployNodeConfigFormDogeCloudCDNConfig"; import DeployNodeConfigFormEdgioApplicationsConfig from "./DeployNodeConfigFormEdgioApplicationsConfig"; import DeployNodeConfigFormFlexCDNConfig from "./DeployNodeConfigFormFlexCDNConfig"; @@ -77,6 +83,7 @@ import DeployNodeConfigFormTencentCloudCOSConfig from "./DeployNodeConfigFormTen import DeployNodeConfigFormTencentCloudCSSConfig from "./DeployNodeConfigFormTencentCloudCSSConfig.tsx"; import DeployNodeConfigFormTencentCloudECDNConfig from "./DeployNodeConfigFormTencentCloudECDNConfig.tsx"; import DeployNodeConfigFormTencentCloudEOConfig from "./DeployNodeConfigFormTencentCloudEOConfig.tsx"; +import DeployNodeConfigFormTencentCloudGAAPConfig from "./DeployNodeConfigFormTencentCloudGAAPConfig.tsx"; import DeployNodeConfigFormTencentCloudSCFConfig from "./DeployNodeConfigFormTencentCloudSCFConfig"; import DeployNodeConfigFormTencentCloudSSLDeployConfig from "./DeployNodeConfigFormTencentCloudSSLDeployConfig"; import DeployNodeConfigFormTencentCloudVODConfig from "./DeployNodeConfigFormTencentCloudVODConfig"; @@ -233,6 +240,8 @@ const DeployNodeConfigForm = forwardRef; case DEPLOYMENT_PROVIDERS.ALIYUN_WAF: return ; + case DEPLOYMENT_PROVIDERS.APISIX: + return ; case DEPLOYMENT_PROVIDERS.AWS_ACM: return ; case DEPLOYMENT_PROVIDERS.AWS_CLOUDFRONT: @@ -261,6 +270,16 @@ const DeployNodeConfigForm = forwardRef; case DEPLOYMENT_PROVIDERS.CDNFLY: return ; + case DEPLOYMENT_PROVIDERS.CTCCCLOUD_AO: + return ; + case DEPLOYMENT_PROVIDERS.CTCCCLOUD_CDN: + return ; + case DEPLOYMENT_PROVIDERS.CTCCCLOUD_ELB: + return ; + case DEPLOYMENT_PROVIDERS.CTCCCLOUD_ICDN: + return ; + case DEPLOYMENT_PROVIDERS.CTCCCLOUD_LVDN: + return ; case DEPLOYMENT_PROVIDERS.DOGECLOUD_CDN: return ; case DEPLOYMENT_PROVIDERS.EDGIO_APPLICATIONS: @@ -321,6 +340,8 @@ const DeployNodeConfigForm = forwardRef; case DEPLOYMENT_PROVIDERS.TENCENTCLOUD_EO: return ; + case DEPLOYMENT_PROVIDERS.TENCENTCLOUD_GAAP: + return ; case DEPLOYMENT_PROVIDERS.TENCENTCLOUD_SCF: return ; case DEPLOYMENT_PROVIDERS.TENCENTCLOUD_SSL_DEPLOY: diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAPISIXConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAPISIXConfig.tsx new file mode 100644 index 00000000..0fd67674 --- /dev/null +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAPISIXConfig.tsx @@ -0,0 +1,81 @@ +import { useTranslation } from "react-i18next"; +import { Form, type FormInstance, Input, Select } from "antd"; +import { createSchemaFieldRule } from "antd-zod"; +import { z } from "zod"; + +import Show from "@/components/Show"; + +type DeployNodeConfigFormAPISIXConfigFieldValues = Nullish<{ + resourceType: string; + certificateId?: string; +}>; + +export type DeployNodeConfigFormAPISIXConfigProps = { + form: FormInstance; + formName: string; + disabled?: boolean; + initialValues?: DeployNodeConfigFormAPISIXConfigFieldValues; + onValuesChange?: (values: DeployNodeConfigFormAPISIXConfigFieldValues) => void; +}; + +const RESOURCE_TYPE_CERTIFICATE = "certificate" as const; + +const initFormModel = (): DeployNodeConfigFormAPISIXConfigFieldValues => { + return { + resourceType: RESOURCE_TYPE_CERTIFICATE, + certificateId: "", + }; +}; + +const DeployNodeConfigFormAPISIXConfig = ({ form: formInst, formName, disabled, initialValues, onValuesChange }: DeployNodeConfigFormAPISIXConfigProps) => { + const { t } = useTranslation(); + + const formSchema = z.object({ + resourceType: z.literal(RESOURCE_TYPE_CERTIFICATE, { + message: t("workflow_node.deploy.form.apisix_resource_type.placeholder"), + }), + certificateId: z + .string() + .nullish() + .refine((v) => fieldResourceType !== RESOURCE_TYPE_CERTIFICATE || !!v?.trim(), t("workflow_node.deploy.form.apisix_certificate_id.placeholder")), + }); + const formRule = createSchemaFieldRule(formSchema); + + const fieldResourceType = Form.useWatch("resourceType", formInst); + + const handleFormChange = (_: unknown, values: z.infer) => { + onValuesChange?.(values); + }; + + return ( +
+ + + + + + } + > + + + +
+ ); +}; + +export default DeployNodeConfigFormAPISIXConfig; diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAWSACMConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAWSACMConfig.tsx index 2e539453..df7ba9b6 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAWSACMConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAWSACMConfig.tsx @@ -26,8 +26,7 @@ const DeployNodeConfigFormAWSACMConfig = ({ form: formInst, formName, disabled, const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aws_acm_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aws_acm_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aws_acm_region.placeholder")), certificateArn: z.string().nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAWSCloudFrontConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAWSCloudFrontConfig.tsx index a34f2fbb..3a15eea0 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAWSCloudFrontConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAWSCloudFrontConfig.tsx @@ -33,9 +33,9 @@ const DeployNodeConfigFormAWSCloudFrontConfig = ({ const { t } = useTranslation(); const formSchema = z.object({ - region: z.string().trim().nonempty(t("workflow_node.deploy.form.aws_cloudfront_region.placeholder")), - distributionId: z.string().trim().nonempty(t("workflow_node.deploy.form.aws_cloudfront_distribution_id.placeholder")), - certificateSource: z.string().trim().nonempty(t("workflow_node.deploy.form.aws_cloudfront_certificate_source.placeholder")), + region: z.string().nonempty(t("workflow_node.deploy.form.aws_cloudfront_region.placeholder")), + distributionId: z.string().nonempty(t("workflow_node.deploy.form.aws_cloudfront_distribution_id.placeholder")), + certificateSource: z.string().nonempty(t("workflow_node.deploy.form.aws_cloudfront_certificate_source.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAWSIAMConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAWSIAMConfig.tsx index 1013153a..fa89d83b 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAWSIAMConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAWSIAMConfig.tsx @@ -28,8 +28,7 @@ const DeployNodeConfigFormAWSIAMConfig = ({ form: formInst, formName, disabled, const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aws_iam_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aws_iam_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aws_iam_region.placeholder")), certificatePath: z .string() .nullish() diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunALBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunALBConfig.tsx index bbfca5e6..570109e5 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunALBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunALBConfig.tsx @@ -26,7 +26,9 @@ const RESOURCE_TYPE_LOADBALANCER = "loadbalancer" as const; const RESOURCE_TYPE_LISTENER = "listener" as const; const initFormModel = (): DeployNodeConfigFormAliyunALBConfigFieldValues => { - return {}; + return { + resourceType: RESOURCE_TYPE_LISTENER, + }; }; const DeployNodeConfigFormAliyunALBConfig = ({ @@ -44,18 +46,15 @@ const DeployNodeConfigFormAliyunALBConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.aliyun_alb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_alb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_alb_region.placeholder")), loadbalancerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_LOADBALANCER || !!v?.trim(), t("workflow_node.deploy.form.aliyun_alb_loadbalancer_id.placeholder")), listenerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_LISTENER || !!v?.trim(), t("workflow_node.deploy.form.aliyun_alb_listener_id.placeholder")), domain: z diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunAPIGWConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunAPIGWConfig.tsx index 430859a7..c88c9e5a 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunAPIGWConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunAPIGWConfig.tsx @@ -44,8 +44,7 @@ const DeployNodeConfigFormAliyunAPIGWConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.aliyun_apigw_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_apigw_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_apigw_region.placeholder")), gatewayId: z .string() .nullish() diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCASConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCASConfig.tsx index f4aed907..1ea744fd 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCASConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCASConfig.tsx @@ -31,8 +31,7 @@ const DeployNodeConfigFormAliyunCASConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aliyun_cas_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_cas_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_cas_region.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCASDeployConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCASDeployConfig.tsx index 1b551f18..d7e961ae 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCASDeployConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCASDeployConfig.tsx @@ -37,8 +37,7 @@ const DeployNodeConfigFormAliyunCASDeployConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aliyun_cas_deploy_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_cas_deploy_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_cas_deploy_region.placeholder")), resourceIds: z.string({ message: t("workflow_node.deploy.form.aliyun_cas_deploy_resource_ids.placeholder") }).refine((v) => { if (!v) return false; return String(v) diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCLBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCLBConfig.tsx index e666800e..6acc2942 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCLBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunCLBConfig.tsx @@ -27,6 +27,7 @@ const RESOURCE_TYPE_LISTENER = "listener" as const; const initFormModel = (): DeployNodeConfigFormAliyunCLBConfigFieldValues => { return { + resourceType: RESOURCE_TYPE_LISTENER, listenerPort: 443, }; }; @@ -46,13 +47,11 @@ const DeployNodeConfigFormAliyunCLBConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.aliyun_clb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_clb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_clb_region.placeholder")), loadbalancerId: z .string({ message: t("workflow_node.deploy.form.aliyun_clb_loadbalancer_id.placeholder") }) .min(1, t("workflow_node.deploy.form.aliyun_clb_loadbalancer_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), listenerPort: z.preprocess( (v) => (v == null || v === "" ? undefined : Number(v)), z diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunDDoSConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunDDoSConfig.tsx index f8887794..6081e0af 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunDDoSConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunDDoSConfig.tsx @@ -34,8 +34,7 @@ const DeployNodeConfigFormAliyunDDoSConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aliyun_ddos_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_ddos_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_ddos_region.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.aliyun_ddos_domain.placeholder") }) .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunESAConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunESAConfig.tsx index f61485e2..91c34b08 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunESAConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunESAConfig.tsx @@ -32,8 +32,7 @@ const DeployNodeConfigFormAliyunESAConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aliyun_esa_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_esa_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_esa_region.placeholder")), siteId: z.union([z.string(), z.number()]).refine((v) => { return /^\d+$/.test(v + "") && +v > 0; }, t("workflow_node.deploy.form.aliyun_esa_site_id.placeholder")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunFCConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunFCConfig.tsx index 63906350..c20dc15a 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunFCConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunFCConfig.tsx @@ -34,8 +34,7 @@ const DeployNodeConfigFormAliyunFCConfig = ({ form: formInst, formName, disabled }), region: z .string({ message: t("workflow_node.deploy.form.aliyun_fc_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_fc_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_fc_region.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.aliyun_fc_domain.placeholder") }) .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunGAConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunGAConfig.tsx index 20dd1ae1..39991869 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunGAConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunGAConfig.tsx @@ -25,7 +25,9 @@ const RESOURCE_TYPE_ACCELERATOR = "accelerator" as const; const RESOURCE_TYPE_LISTENER = "listener" as const; const initFormModel = (): DeployNodeConfigFormAliyunGAConfigFieldValues => { - return {}; + return { + resourceType: RESOURCE_TYPE_LISTENER, + }; }; const DeployNodeConfigFormAliyunGAConfig = ({ form: formInst, formName, disabled, initialValues, onValuesChange }: DeployNodeConfigFormAliyunGAConfigProps) => { @@ -35,14 +37,10 @@ const DeployNodeConfigFormAliyunGAConfig = ({ form: formInst, formName, disabled resourceType: z.union([z.literal(RESOURCE_TYPE_ACCELERATOR), z.literal(RESOURCE_TYPE_LISTENER)], { message: t("workflow_node.deploy.form.aliyun_ga_resource_type.placeholder"), }), - acceleratorId: z - .string() - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + acceleratorId: z.string().max(64, t("common.errmsg.string_max", { max: 64 })), listenerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_LISTENER || !!v?.trim(), t("workflow_node.deploy.form.aliyun_ga_listener_id.placeholder")), domain: z diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunLiveConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunLiveConfig.tsx index 04692846..569b1469 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunLiveConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunLiveConfig.tsx @@ -34,8 +34,7 @@ const DeployNodeConfigFormAliyunLiveConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aliyun_live_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_live_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_live_region.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.aliyun_live_domain.placeholder") }) .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunNLBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunNLBConfig.tsx index c37b97db..ff4928be 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunNLBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunNLBConfig.tsx @@ -24,7 +24,9 @@ const RESOURCE_TYPE_LOADBALANCER = "loadbalancer" as const; const RESOURCE_TYPE_LISTENER = "listener" as const; const initFormModel = (): DeployNodeConfigFormAliyunNLBConfigFieldValues => { - return {}; + return { + resourceType: RESOURCE_TYPE_LISTENER, + }; }; const DeployNodeConfigFormAliyunNLBConfig = ({ @@ -42,18 +44,15 @@ const DeployNodeConfigFormAliyunNLBConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.aliyun_nlb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_nlb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_nlb_region.placeholder")), loadbalancerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_LOADBALANCER || !!v?.trim(), t("workflow_node.deploy.form.aliyun_nlb_loadbalancer_id.placeholder")), listenerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_LISTENER || !!v?.trim(), t("workflow_node.deploy.form.aliyun_nlb_listener_id.placeholder")), }); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunOSSConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunOSSConfig.tsx index 5cc1edd6..5aefa851 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunOSSConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunOSSConfig.tsx @@ -35,12 +35,10 @@ const DeployNodeConfigFormAliyunOSSConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aliyun_oss_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_oss_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_oss_region.placeholder")), bucket: z .string({ message: t("workflow_node.deploy.form.aliyun_oss_bucket.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_oss_bucket.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_oss_bucket.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.aliyun_oss_domain.placeholder") }) .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunVODConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunVODConfig.tsx index d76e1193..752d28cd 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunVODConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunVODConfig.tsx @@ -34,8 +34,7 @@ const DeployNodeConfigFormAliyunVODConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aliyun_vod_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_vod_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_vod_region.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.aliyun_vod_domain.placeholder") }) .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunWAFConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunWAFConfig.tsx index a46c7327..f7044063 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAliyunWAFConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAliyunWAFConfig.tsx @@ -38,16 +38,14 @@ const DeployNodeConfigFormAliyunWAFConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.aliyun_waf_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.aliyun_waf_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.aliyun_waf_region.placeholder")), serviceVersion: z.literal("3.0", { message: t("workflow_node.deploy.form.aliyun_waf_service_version.placeholder"), }), instanceId: z .string({ message: t("workflow_node.deploy.form.aliyun_waf_instance_id.placeholder") }) .nonempty(t("workflow_node.deploy.form.aliyun_waf_instance_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), domain: z .string() .nullish() diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormAzureKeyVaultConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormAzureKeyVaultConfig.tsx index bd2347df..952d3e23 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormAzureKeyVaultConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormAzureKeyVaultConfig.tsx @@ -32,8 +32,7 @@ const DeployNodeConfigFormAzureKeyVaultConfig = ({ const formSchema = z.object({ keyvaultName: z .string({ message: t("workflow_node.deploy.form.azure_keyvault_name.placeholder") }) - .nonempty(t("workflow_node.deploy.form.azure_keyvault_name.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.azure_keyvault_name.placeholder")), certificateName: z .string() .nullish() diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormBaiduCloudAppBLBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormBaiduCloudAppBLBConfig.tsx index 875d254b..7f6b21cf 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormBaiduCloudAppBLBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormBaiduCloudAppBLBConfig.tsx @@ -27,6 +27,7 @@ const RESOURCE_TYPE_LISTENER = "listener" as const; const initFormModel = (): DeployNodeConfigFormBaiduCloudAppBLBConfigFieldValues => { return { + resourceType: RESOURCE_TYPE_LISTENER, listenerPort: 443, }; }; @@ -46,13 +47,11 @@ const DeployNodeConfigFormBaiduCloudAppBLBConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.baiducloud_appblb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.baiducloud_appblb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.baiducloud_appblb_region.placeholder")), loadbalancerId: z .string({ message: t("workflow_node.deploy.form.baiducloud_appblb_loadbalancer_id.placeholder") }) .min(1, t("workflow_node.deploy.form.baiducloud_appblb_loadbalancer_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), listenerPort: z.preprocess( (v) => (v == null || v === "" ? undefined : Number(v)), z diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormBaiduCloudBLBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormBaiduCloudBLBConfig.tsx index 99c0b059..28582fd6 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormBaiduCloudBLBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormBaiduCloudBLBConfig.tsx @@ -27,6 +27,7 @@ const RESOURCE_TYPE_LISTENER = "listener" as const; const initFormModel = (): DeployNodeConfigFormBaiduCloudBLBConfigFieldValues => { return { + resourceType: RESOURCE_TYPE_LISTENER, listenerPort: 443, }; }; @@ -46,13 +47,11 @@ const DeployNodeConfigFormBaiduCloudBLBConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.baiducloud_blb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.baiducloud_blb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.baiducloud_blb_region.placeholder")), loadbalancerId: z .string({ message: t("workflow_node.deploy.form.baiducloud_blb_loadbalancer_id.placeholder") }) .min(1, t("workflow_node.deploy.form.baiducloud_blb_loadbalancer_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), listenerPort: z.preprocess( (v) => (v == null || v === "" ? undefined : Number(v)), z diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormBaotaWAFSiteConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormBaotaWAFSiteConfig.tsx index 6f992fb8..7c0ae293 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormBaotaWAFSiteConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormBaotaWAFSiteConfig.tsx @@ -35,7 +35,7 @@ const DeployNodeConfigFormBaotaWAFSiteConfig = ({ const { t } = useTranslation(); const formSchema = z.object({ - siteName: z.string().nonempty(t("workflow_node.deploy.form.baotawaf_site_name.placeholder")).trim(), + siteName: z.string().nonempty(t("workflow_node.deploy.form.baotawaf_site_name.placeholder")), sitePort: z.preprocess( (v) => Number(v), z diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormBunnyCDNConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormBunnyCDNConfig.tsx index 340de12c..d6a42f3b 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormBunnyCDNConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormBunnyCDNConfig.tsx @@ -25,11 +25,9 @@ const DeployNodeConfigFormBunnyCDNConfig = ({ form: formInst, formName, disabled const { t } = useTranslation(); const formSchema = z.object({ - pullZoneId: z - .union([z.string(), z.number().int()]) - .refine((v) => { - return /^\d+$/.test(v + "") && +v! > 0; - }, t("workflow_node.deploy.form.bunny_cdn_pull_zone_id.placeholder")), + pullZoneId: z.union([z.string(), z.number().int()]).refine((v) => { + return /^\d+$/.test(v + "") && +v! > 0; + }, t("workflow_node.deploy.form.bunny_cdn_pull_zone_id.placeholder")), hostname: z .string({ message: t("workflow_node.deploy.form.bunny_cdn_hostname.placeholder") }) .nonempty(t("workflow_node.deploy.form.bunny_cdn_hostname.placeholder")) diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormCTCCCloudAOConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormCTCCCloudAOConfig.tsx new file mode 100644 index 00000000..f46934cd --- /dev/null +++ b/ui/src/components/workflow/node/DeployNodeConfigFormCTCCCloudAOConfig.tsx @@ -0,0 +1,65 @@ +import { useTranslation } from "react-i18next"; +import { Form, type FormInstance, Input } from "antd"; +import { createSchemaFieldRule } from "antd-zod"; +import { z } from "zod"; + +import { validDomainName } from "@/utils/validators"; + +type DeployNodeConfigFormCTCCCloudAOConfigFieldValues = Nullish<{ + domain: string; +}>; + +export type DeployNodeConfigFormCTCCCloudAOConfigProps = { + form: FormInstance; + formName: string; + disabled?: boolean; + initialValues?: DeployNodeConfigFormCTCCCloudAOConfigFieldValues; + onValuesChange?: (values: DeployNodeConfigFormCTCCCloudAOConfigFieldValues) => void; +}; + +const initFormModel = (): DeployNodeConfigFormCTCCCloudAOConfigFieldValues => { + return {}; +}; + +const DeployNodeConfigFormCTCCCloudAOConfig = ({ + form: formInst, + formName, + disabled, + initialValues, + onValuesChange, +}: DeployNodeConfigFormCTCCCloudAOConfigProps) => { + const { t } = useTranslation(); + + const formSchema = z.object({ + domain: z + .string({ message: t("workflow_node.deploy.form.ctcccloud_ao_domain.placeholder") }) + .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), + }); + const formRule = createSchemaFieldRule(formSchema); + + const handleFormChange = (_: unknown, values: z.infer) => { + onValuesChange?.(values); + }; + + return ( +
+ } + > + + +
+ ); +}; + +export default DeployNodeConfigFormCTCCCloudAOConfig; diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormCTCCCloudCDNConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormCTCCCloudCDNConfig.tsx new file mode 100644 index 00000000..b7f564e5 --- /dev/null +++ b/ui/src/components/workflow/node/DeployNodeConfigFormCTCCCloudCDNConfig.tsx @@ -0,0 +1,65 @@ +import { useTranslation } from "react-i18next"; +import { Form, type FormInstance, Input } from "antd"; +import { createSchemaFieldRule } from "antd-zod"; +import { z } from "zod"; + +import { validDomainName } from "@/utils/validators"; + +type DeployNodeConfigFormCTCCCloudCDNConfigFieldValues = Nullish<{ + domain: string; +}>; + +export type DeployNodeConfigFormCTCCCloudCDNConfigProps = { + form: FormInstance; + formName: string; + disabled?: boolean; + initialValues?: DeployNodeConfigFormCTCCCloudCDNConfigFieldValues; + onValuesChange?: (values: DeployNodeConfigFormCTCCCloudCDNConfigFieldValues) => void; +}; + +const initFormModel = (): DeployNodeConfigFormCTCCCloudCDNConfigFieldValues => { + return {}; +}; + +const DeployNodeConfigFormCTCCCloudCDNConfig = ({ + form: formInst, + formName, + disabled, + initialValues, + onValuesChange, +}: DeployNodeConfigFormCTCCCloudCDNConfigProps) => { + const { t } = useTranslation(); + + const formSchema = z.object({ + domain: z + .string({ message: t("workflow_node.deploy.form.ctcccloud_cdn_domain.placeholder") }) + .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), + }); + const formRule = createSchemaFieldRule(formSchema); + + const handleFormChange = (_: unknown, values: z.infer) => { + onValuesChange?.(values); + }; + + return ( +
+ } + > + + +
+ ); +}; + +export default DeployNodeConfigFormCTCCCloudCDNConfig; diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormCTCCCloudELBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormCTCCCloudELBConfig.tsx new file mode 100644 index 00000000..6577c35c --- /dev/null +++ b/ui/src/components/workflow/node/DeployNodeConfigFormCTCCCloudELBConfig.tsx @@ -0,0 +1,121 @@ +import { useTranslation } from "react-i18next"; +import { Form, type FormInstance, Input, Select } from "antd"; +import { createSchemaFieldRule } from "antd-zod"; +import { z } from "zod"; + +import Show from "@/components/Show"; + +type DeployNodeConfigFormCTCCCloudELBConfigFieldValues = Nullish<{ + regionId: string; + resourceType: string; + loadbalancerId?: string; + listenerId?: string; +}>; + +export type DeployNodeConfigFormCTCCCloudELBConfigProps = { + form: FormInstance; + formName: string; + disabled?: boolean; + initialValues?: DeployNodeConfigFormCTCCCloudELBConfigFieldValues; + onValuesChange?: (values: DeployNodeConfigFormCTCCCloudELBConfigFieldValues) => void; +}; + +const RESOURCE_TYPE_LOADBALANCER = "loadbalancer" as const; +const RESOURCE_TYPE_LISTENER = "listener" as const; + +const initFormModel = (): DeployNodeConfigFormCTCCCloudELBConfigFieldValues => { + return { + resourceType: RESOURCE_TYPE_LISTENER, + }; +}; + +const DeployNodeConfigFormCTCCCloudELBConfig = ({ + form: formInst, + formName, + disabled, + initialValues, + onValuesChange, +}: DeployNodeConfigFormCTCCCloudELBConfigProps) => { + const { t } = useTranslation(); + + const formSchema = z.object({ + resourceType: z.union([z.literal(RESOURCE_TYPE_LOADBALANCER), z.literal(RESOURCE_TYPE_LISTENER)], { + message: t("workflow_node.deploy.form.ctcccloud_elb_resource_type.placeholder"), + }), + regionId: z + .string({ message: t("workflow_node.deploy.form.ctcccloud_elb_region_id.placeholder") }) + .nonempty(t("workflow_node.deploy.form.ctcccloud_elb_region_id.placeholder")), + loadbalancerId: z + .string() + .max(64, t("common.errmsg.string_max", { max: 64 })) + .nullish() + .refine((v) => fieldResourceType !== RESOURCE_TYPE_LOADBALANCER || !!v?.trim(), t("workflow_node.deploy.form.ctcccloud_elb_loadbalancer_id.placeholder")), + listenerId: z + .string() + .max(64, t("common.errmsg.string_max", { max: 64 })) + .nullish() + .refine((v) => fieldResourceType !== RESOURCE_TYPE_LISTENER || !!v?.trim(), t("workflow_node.deploy.form.ctcccloud_elb_listener_id.placeholder")), + }); + const formRule = createSchemaFieldRule(formSchema); + + const fieldResourceType = Form.useWatch("resourceType", formInst); + + const handleFormChange = (_: unknown, values: z.infer) => { + onValuesChange?.(values); + }; + + return ( +
+ + + + + } + > + + + + + } + > + + + + + + } + > + + + +
+ ); +}; + +export default DeployNodeConfigFormCTCCCloudELBConfig; diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormCTCCCloudICDNConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormCTCCCloudICDNConfig.tsx new file mode 100644 index 00000000..0e94650b --- /dev/null +++ b/ui/src/components/workflow/node/DeployNodeConfigFormCTCCCloudICDNConfig.tsx @@ -0,0 +1,65 @@ +import { useTranslation } from "react-i18next"; +import { Form, type FormInstance, Input } from "antd"; +import { createSchemaFieldRule } from "antd-zod"; +import { z } from "zod"; + +import { validDomainName } from "@/utils/validators"; + +type DeployNodeConfigFormCTCCCloudICDNConfigFieldValues = Nullish<{ + domain: string; +}>; + +export type DeployNodeConfigFormCTCCCloudICDNConfigProps = { + form: FormInstance; + formName: string; + disabled?: boolean; + initialValues?: DeployNodeConfigFormCTCCCloudICDNConfigFieldValues; + onValuesChange?: (values: DeployNodeConfigFormCTCCCloudICDNConfigFieldValues) => void; +}; + +const initFormModel = (): DeployNodeConfigFormCTCCCloudICDNConfigFieldValues => { + return {}; +}; + +const DeployNodeConfigFormCTCCCloudICDNConfig = ({ + form: formInst, + formName, + disabled, + initialValues, + onValuesChange, +}: DeployNodeConfigFormCTCCCloudICDNConfigProps) => { + const { t } = useTranslation(); + + const formSchema = z.object({ + domain: z + .string({ message: t("workflow_node.deploy.form.ctcccloud_icdn_domain.placeholder") }) + .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), + }); + const formRule = createSchemaFieldRule(formSchema); + + const handleFormChange = (_: unknown, values: z.infer) => { + onValuesChange?.(values); + }; + + return ( +
+ } + > + + +
+ ); +}; + +export default DeployNodeConfigFormCTCCCloudICDNConfig; diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormCTCCCloudLVDNConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormCTCCCloudLVDNConfig.tsx new file mode 100644 index 00000000..54f22907 --- /dev/null +++ b/ui/src/components/workflow/node/DeployNodeConfigFormCTCCCloudLVDNConfig.tsx @@ -0,0 +1,65 @@ +import { useTranslation } from "react-i18next"; +import { Form, type FormInstance, Input } from "antd"; +import { createSchemaFieldRule } from "antd-zod"; +import { z } from "zod"; + +import { validDomainName } from "@/utils/validators"; + +type DeployNodeConfigFormCTCCCloudLVDNConfigFieldValues = Nullish<{ + domain: string; +}>; + +export type DeployNodeConfigFormCTCCCloudLVDNConfigProps = { + form: FormInstance; + formName: string; + disabled?: boolean; + initialValues?: DeployNodeConfigFormCTCCCloudLVDNConfigFieldValues; + onValuesChange?: (values: DeployNodeConfigFormCTCCCloudLVDNConfigFieldValues) => void; +}; + +const initFormModel = (): DeployNodeConfigFormCTCCCloudLVDNConfigFieldValues => { + return {}; +}; + +const DeployNodeConfigFormCTCCCloudLVDNConfig = ({ + form: formInst, + formName, + disabled, + initialValues, + onValuesChange, +}: DeployNodeConfigFormCTCCCloudLVDNConfigProps) => { + const { t } = useTranslation(); + + const formSchema = z.object({ + domain: z + .string({ message: t("workflow_node.deploy.form.ctcccloud_lvdn_domain.placeholder") }) + .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), + }); + const formRule = createSchemaFieldRule(formSchema); + + const handleFormChange = (_: unknown, values: z.infer) => { + onValuesChange?.(values); + }; + + return ( +
+ } + > + + +
+ ); +}; + +export default DeployNodeConfigFormCTCCCloudLVDNConfig; diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormEdgioApplicationsConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormEdgioApplicationsConfig.tsx index 2a6929d8..599e4ec4 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormEdgioApplicationsConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormEdgioApplicationsConfig.tsx @@ -32,8 +32,7 @@ const DeployNodeConfigFormEdgioApplicationsConfig = ({ environmentId: z .string({ message: t("workflow_node.deploy.form.edgio_applications_environment_id.placeholder") }) .min(1, t("workflow_node.deploy.form.edgio_applications_environment_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudCDNConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudCDNConfig.tsx index 92d4efee..93d0a300 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudCDNConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudCDNConfig.tsx @@ -34,8 +34,7 @@ const DeployNodeConfigFormHuaweiCloudCDNConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.huaweicloud_cdn_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.huaweicloud_cdn_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.huaweicloud_cdn_region.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.huaweicloud_cdn_domain.placeholder") }) .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudELBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudELBConfig.tsx index 259e1f44..7e164ff2 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudELBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudELBConfig.tsx @@ -26,7 +26,9 @@ const RESOURCE_TYPE_LOADBALANCER = "loadbalancer" as const; const RESOURCE_TYPE_LISTENER = "listener" as const; const initFormModel = (): DeployNodeConfigFormHuaweiCloudELBConfigFieldValues => { - return {}; + return { + resourceType: RESOURCE_TYPE_LISTENER, + }; }; const DeployNodeConfigFormHuaweiCloudELBConfig = ({ @@ -44,18 +46,15 @@ const DeployNodeConfigFormHuaweiCloudELBConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.huaweicloud_elb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.huaweicloud_elb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.huaweicloud_elb_region.placeholder")), certificateId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_CERTIFICATE || !!v?.trim(), t("workflow_node.deploy.form.huaweicloud_elb_certificate_id.placeholder")), loadbalancerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine( (v) => fieldResourceType !== RESOURCE_TYPE_LOADBALANCER || !!v?.trim(), @@ -64,7 +63,6 @@ const DeployNodeConfigFormHuaweiCloudELBConfig = ({ listenerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_LISTENER || !!v?.trim(), t("workflow_node.deploy.form.huaweicloud_elb_listener_id.placeholder")), }); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudWAFConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudWAFConfig.tsx index cdcabef5..4d21bddf 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudWAFConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormHuaweiCloudWAFConfig.tsx @@ -45,12 +45,10 @@ const DeployNodeConfigFormHuaweiCloudWAFConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.huaweicloud_waf_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.huaweicloud_waf_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.huaweicloud_waf_region.placeholder")), certificateId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => { if (fieldResourceType !== RESOURCE_TYPE_CERTIFICATE) return true; diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormJDCloudALBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormJDCloudALBConfig.tsx index 22c5bf08..59f5ad91 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormJDCloudALBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormJDCloudALBConfig.tsx @@ -26,7 +26,9 @@ const RESOURCE_TYPE_LOADBALANCER = "loadbalancer" as const; const RESOURCE_TYPE_LISTENER = "listener" as const; const initFormModel = (): DeployNodeConfigFormJDCloudALBConfigFieldValues => { - return {}; + return { + resourceType: RESOURCE_TYPE_LISTENER, + }; }; const DeployNodeConfigFormJDCloudALBConfig = ({ @@ -44,18 +46,15 @@ const DeployNodeConfigFormJDCloudALBConfig = ({ }), regionId: z .string({ message: t("workflow_node.deploy.form.jdcloud_alb_region_id.placeholder") }) - .nonempty(t("workflow_node.deploy.form.jdcloud_alb_region_id.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.jdcloud_alb_region_id.placeholder")), loadbalancerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_LOADBALANCER || !!v?.trim(), t("workflow_node.deploy.form.jdcloud_alb_loadbalancer_id.placeholder")), listenerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine((v) => fieldResourceType !== RESOURCE_TYPE_LISTENER || !!v?.trim(), t("workflow_node.deploy.form.jdcloud_alb_listener_id.placeholder")), domain: z diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormKubernetesSecretConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormKubernetesSecretConfig.tsx index f6efd4d0..fcd67072 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormKubernetesSecretConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormKubernetesSecretConfig.tsx @@ -41,28 +41,23 @@ const DeployNodeConfigFormKubernetesSecretConfig = ({ namespace: z .string({ message: t("workflow_node.deploy.form.k8s_namespace.placeholder") }) .nonempty(t("workflow_node.deploy.form.k8s_namespace.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), secretName: z .string({ message: t("workflow_node.deploy.form.k8s_secret_name.placeholder") }) .nonempty(t("workflow_node.deploy.form.k8s_secret_name.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), secretType: z .string({ message: t("workflow_node.deploy.form.k8s_secret_type.placeholder") }) .nonempty(t("workflow_node.deploy.form.k8s_secret_type.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), secretDataKeyForCrt: z .string({ message: t("workflow_node.deploy.form.k8s_secret_data_key_for_crt.placeholder") }) .nonempty(t("workflow_node.deploy.form.k8s_secret_data_key_for_crt.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), secretDataKeyForKey: z .string({ message: t("workflow_node.deploy.form.k8s_secret_data_key_for_key.placeholder") }) .nonempty(t("workflow_node.deploy.form.k8s_secret_data_key_for_key.placeholder")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormLocalConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormLocalConfig.tsx index 282503e5..36d22a08 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormLocalConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormLocalConfig.tsx @@ -166,46 +166,38 @@ const DeployNodeConfigFormLocalConfig = ({ form: formInst, formName, disabled, i certPath: z .string() .min(1, t("workflow_node.deploy.form.local_cert_path.tooltip")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), certPathForServerOnly: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), certPathForIntermediaOnly: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), keyPath: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_PEM || !!v?.trim(), { message: t("workflow_node.deploy.form.local_key_path.tooltip") }), pfxPassword: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_PFX || !!v?.trim(), { message: t("workflow_node.deploy.form.local_pfx_password.tooltip") }), jksAlias: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_JKS || !!v?.trim(), { message: t("workflow_node.deploy.form.local_jks_alias.tooltip") }), jksKeypass: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_JKS || !!v?.trim(), { message: t("workflow_node.deploy.form.local_jks_keypass.tooltip") }), jksStorepass: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_JKS || !!v?.trim(), { message: t("workflow_node.deploy.form.local_jks_storepass.tooltip") }), shellEnv: z.union([z.literal(SHELLENV_SH), z.literal(SHELLENV_CMD), z.literal(SHELLENV_POWERSHELL)], { diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormQiniuPiliConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormQiniuPiliConfig.tsx index dd6f1570..2cac6de7 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormQiniuPiliConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormQiniuPiliConfig.tsx @@ -32,10 +32,7 @@ const DeployNodeConfigFormQiniuPiliConfig = ({ const { t } = useTranslation(); const formSchema = z.object({ - hub: z - .string({ message: t("workflow_node.deploy.form.qiniu_pili_hub.placeholder") }) - .nonempty(t("workflow_node.deploy.form.qiniu_pili_hub.placeholder")) - .trim(), + hub: z.string({ message: t("workflow_node.deploy.form.qiniu_pili_hub.placeholder") }).nonempty(t("workflow_node.deploy.form.qiniu_pili_hub.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.qiniu_pili_domain.placeholder") }) .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormSSHConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormSSHConfig.tsx index 49110ce9..304f638e 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormSSHConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormSSHConfig.tsx @@ -46,12 +46,13 @@ const initFormModel = (): DeployNodeConfigFormSSHConfigFieldValues => { }; const initPresetScript = ( - key: Parameters[0] | "sh_replace_synologydsm_ssl" | "sh_replace_fnos_ssl", + key: Parameters[0] | "sh_replace_synologydsm_ssl" | "sh_replace_fnos_ssl" | "sh_replace_qnap_ssl", params?: Parameters[1] ) => { switch (key) { case "sh_replace_synologydsm_ssl": return `# *** 需要 root 权限 *** +# 注意仅支持替换证书,需本身已开启过一次 HTTPS # 脚本参考 https://github.com/catchdave/ssl-certs/blob/main/replace_synology_ssl_certs.sh # 请将以下变量替换为实际值 @@ -129,6 +130,7 @@ info "Completed" case "sh_replace_fnos_ssl": return `# *** 需要 root 权限 *** +# 注意仅支持替换证书,需本身已开启过一次 HTTPS # 脚本参考 https://github.com/lfgyx/fnos_certificate_update/blob/main/src/update_cert.sh # 请将以下变量替换为实际值 @@ -145,9 +147,9 @@ $domain = "" # 域名 cp -rf "$tmpFullchainPath" "$fnFullchainPath" cp -rf "$tmpCertPath" "$fnCertPath" cp -rf "$tmpKeyPath" "$fnKeyPath" +chmod 755 "$fnFullchainPath" chmod 755 "$fnCertPath" chmod 755 "$fnKeyPath" -chmod 755 "$fnFullchainPath" # 更新数据库 NEW_EXPIRY_DATE=$(openssl x509 -enddate -noout -in "$fnCertPath" | sed "s/^.*=\\(.*\\)$/\\1/") @@ -159,6 +161,28 @@ systemctl restart webdav.service systemctl restart smbftpd.service systemctl restart trim_nginx.service `.trim(); + + case "sh_replace_qnap_ssl": + return `# *** 需要 root 权限 *** +# 注意仅支持替换证书,需本身已开启过一次 HTTPS + +# 请将以下变量替换为实际值 +$tmpFullchainPath = "${params?.certPath || ""}" # 证书文件路径(与表单中保持一致) +$tmpKeyPath = "${params?.keyPath || ""}" # 私钥文件路径(与表单中保持一致) + +# 复制文件 +cp -rf "$tmpFullchainPath" /etc/stunnel/backup.cert +cp -rf "$tmpKeyPath" /etc/stunnel/backup.key +cat /etc/stunnel/backup.key > /etc/stunnel/stunnel.pem +cat /etc/stunnel/backup.cert >> /etc/stunnel/stunnel.pem +chmod 600 /etc/stunnel/backup.cert +chmod 600 /etc/stunnel/backup.key +chmod 600 /etc/stunnel/stunnel.pem + +# 重启服务 +/etc/init.d/stunnel.sh restart +/etc/init.d/reverse_proxy.sh reload + `.trim(); } return _initPresetScript(key as Parameters[0], params); @@ -174,46 +198,38 @@ const DeployNodeConfigFormSSHConfig = ({ form: formInst, formName, disabled, ini certPath: z .string() .min(1, t("workflow_node.deploy.form.ssh_cert_path.tooltip")) - .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim(), + .max(256, t("common.errmsg.string_max", { max: 256 })), keyPath: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_PEM || !!v?.trim(), { message: t("workflow_node.deploy.form.ssh_key_path.tooltip") }), certPathForServerOnly: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), certPathForIntermediaOnly: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), pfxPassword: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_PFX || !!v?.trim(), { message: t("workflow_node.deploy.form.ssh_pfx_password.tooltip") }), jksAlias: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_JKS || !!v?.trim(), { message: t("workflow_node.deploy.form.ssh_jks_alias.tooltip") }), jksKeypass: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_JKS || !!v?.trim(), { message: t("workflow_node.deploy.form.ssh_jks_keypass.tooltip") }), jksStorepass: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_JKS || !!v?.trim(), { message: t("workflow_node.deploy.form.ssh_jks_storepass.tooltip") }), preCommand: z @@ -286,6 +302,7 @@ const DeployNodeConfigFormSSHConfig = ({ form: formInst, formName, disabled, ini case "sh_replace_synologydsm_ssl": case "sh_replace_fnos_ssl": + case "sh_replace_qnap_ssl": { const presetScriptParams = { certPath: formInst.getFieldValue("certPath"), @@ -461,13 +478,19 @@ const DeployNodeConfigFormSSHConfig = ({ form: formInst, formName, disabled, ini
({ - key, - label: t(`workflow_node.deploy.form.ssh_preset_scripts.option.${key}.label`), - onClick: () => handlePresetPostScriptClick(key), - }) - ), + items: [ + "sh_reload_nginx", + "sh_replace_synologydsm_ssl", + "sh_replace_fnos_ssl", + "sh_replace_qnap_ssl", + "ps_binding_iis", + "ps_binding_netsh", + "ps_binding_rdp", + ].map((key) => ({ + key, + label: t(`workflow_node.deploy.form.ssh_preset_scripts.option.${key}.label`), + onClick: () => handlePresetPostScriptClick(key), + })), }} trigger={["click"]} > diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudCLBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudCLBConfig.tsx index 760c6fac..f2cd3f39 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudCLBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudCLBConfig.tsx @@ -29,7 +29,7 @@ const RESOURCE_TYPE_RULEDOMAIN = "ruledomain" as const; const initFormModel = (): DeployNodeConfigFormTencentCloudCLBConfigFieldValues => { return { - resourceType: RESOURCE_TYPE_VIA_SSLDEPLOY, + resourceType: RESOURCE_TYPE_LISTENER, }; }; @@ -49,17 +49,14 @@ const DeployNodeConfigFormTencentCloudCLBConfig = ({ ), region: z .string({ message: t("workflow_node.deploy.form.tencentcloud_clb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_clb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_clb_region.placeholder")), loadbalancerId: z .string() .min(1, t("workflow_node.deploy.form.tencentcloud_clb_loadbalancer_id.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), listenerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine( (v) => ![RESOURCE_TYPE_VIA_SSLDEPLOY, RESOURCE_TYPE_LISTENER, RESOURCE_TYPE_RULEDOMAIN].includes(fieldResourceType) || !!v?.trim(), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudCOSConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudCOSConfig.tsx index 26b70048..6192c9b9 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudCOSConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudCOSConfig.tsx @@ -35,12 +35,10 @@ const DeployNodeConfigFormTencentCloudCOSConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.tencentcloud_cos_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_cos_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_cos_region.placeholder")), bucket: z .string({ message: t("workflow_node.deploy.form.tencentcloud_cos_bucket.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_cos_bucket.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_cos_bucket.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.tencentcloud_cos_domain.placeholder") }) .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudEOConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudEOConfig.tsx index 5c93600c..13bc78ba 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudEOConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudEOConfig.tsx @@ -34,11 +34,10 @@ const DeployNodeConfigFormTencentCloudEOConfig = ({ const formSchema = z.object({ zoneId: z .string({ message: t("workflow_node.deploy.form.tencentcloud_eo_zone_id.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_eo_zone_id.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_eo_zone_id.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.tencentcloud_eo_domain.placeholder") }) - .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), + .refine((v) => validDomainName(v, { allowWildcard: true }), t("common.errmsg.domain_invalid")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudGAAPConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudGAAPConfig.tsx new file mode 100644 index 00000000..9432596b --- /dev/null +++ b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudGAAPConfig.tsx @@ -0,0 +1,99 @@ +import { useTranslation } from "react-i18next"; +import { Form, type FormInstance, Input, Select } from "antd"; +import { createSchemaFieldRule } from "antd-zod"; +import { z } from "zod"; + +import Show from "@/components/Show"; + +type DeployNodeConfigFormTencentCloudGAAPConfigFieldValues = Nullish<{ + resourceType: string; + proxyId?: string; + listenerId?: string; +}>; + +export type DeployNodeConfigFormTencentCloudGAAPConfigProps = { + form: FormInstance; + formName: string; + disabled?: boolean; + initialValues?: DeployNodeConfigFormTencentCloudGAAPConfigFieldValues; + onValuesChange?: (values: DeployNodeConfigFormTencentCloudGAAPConfigFieldValues) => void; +}; + +const RESOURCE_TYPE_LISTENER = "listener" as const; + +const initFormModel = (): DeployNodeConfigFormTencentCloudGAAPConfigFieldValues => { + return { + resourceType: RESOURCE_TYPE_LISTENER, + listenerId: "", + }; +}; + +const DeployNodeConfigFormTencentCloudGAAPConfig = ({ + form: formInst, + formName, + disabled, + initialValues, + onValuesChange, +}: DeployNodeConfigFormTencentCloudGAAPConfigProps) => { + const { t } = useTranslation(); + + const formSchema = z.object({ + resourceType: z.literal(RESOURCE_TYPE_LISTENER, { message: t("workflow_node.deploy.form.tencentcloud_gaap_resource_type.placeholder") }), + proxyId: z.string().nullish(), + listenerId: z + .string() + .nullish() + .refine( + (v) => ![RESOURCE_TYPE_LISTENER].includes(fieldResourceType) || !!v?.trim(), + t("workflow_node.deploy.form.tencentcloud_gaap_listener_id.placeholder") + ), + }); + const formRule = createSchemaFieldRule(formSchema); + + const fieldResourceType = Form.useWatch("resourceType", formInst); + + const handleFormChange = (_: unknown, values: z.infer) => { + onValuesChange?.(values); + }; + + return ( +
+ + + + + } + > + + + + + } + > + + + +
+ ); +}; + +export default DeployNodeConfigFormTencentCloudGAAPConfig; diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudSCFConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudSCFConfig.tsx index 6758ddbd..b217f584 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudSCFConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudSCFConfig.tsx @@ -34,8 +34,7 @@ const DeployNodeConfigFormTencentCloudSCFConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.tencentcloud_scf_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_scf_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_scf_region.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.tencentcloud_scf_domain.placeholder") }) .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudSSLDeployConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudSSLDeployConfig.tsx index 9d606b02..a0477fbf 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudSSLDeployConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudSSLDeployConfig.tsx @@ -37,17 +37,15 @@ const DeployNodeConfigFormTencentCloudSSLDeployConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.tencentcloud_ssl_deploy_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_ssl_deploy_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_ssl_deploy_region.placeholder")), resourceType: z .string({ message: t("workflow_node.deploy.form.tencentcloud_ssl_deploy_resource_type.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_ssl_deploy_resource_type.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_ssl_deploy_resource_type.placeholder")), resourceIds: z.string({ message: t("workflow_node.deploy.form.tencentcloud_ssl_deploy_resource_ids.placeholder") }).refine((v) => { if (!v) return false; return String(v) .split(MULTIPLE_INPUT_SEPARATOR) - .every((e) => /^[A-Za-z0-9*._-|]+$/.test(e)); + .every((e) => /^[A-Za-z0-9*._\-|]+$/.test(e)); }, t("workflow_node.deploy.form.tencentcloud_ssl_deploy_resource_ids.errmsg.invalid")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudWAFConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudWAFConfig.tsx index 347ebaa2..0ac3e778 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudWAFConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormTencentCloudWAFConfig.tsx @@ -36,19 +36,16 @@ const DeployNodeConfigFormTencentCloudWAFConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.tencentcloud_waf_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_waf_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_waf_region.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.tencentcloud_waf_domain.placeholder") }) .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), domainId: z .string({ message: t("workflow_node.deploy.form.tencentcloud_waf_domain_id.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_waf_domain_id.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_waf_domain_id.placeholder")), instanceId: z .string({ message: t("workflow_node.deploy.form.tencentcloud_waf_instance_id.placeholder") }) - .nonempty(t("workflow_node.deploy.form.tencentcloud_waf_instance_id.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.tencentcloud_waf_instance_id.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormUCloudUS3Config.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormUCloudUS3Config.tsx index 0ac3a5d6..a2ea684b 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormUCloudUS3Config.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormUCloudUS3Config.tsx @@ -35,12 +35,10 @@ const DeployNodeConfigFormUCloudUS3Config = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.ucloud_us3_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.ucloud_us3_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.ucloud_us3_region.placeholder")), bucket: z .string({ message: t("workflow_node.deploy.form.ucloud_us3_bucket.placeholder") }) - .nonempty(t("workflow_node.deploy.form.ucloud_us3_bucket.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.ucloud_us3_bucket.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.ucloud_us3_domain.placeholder") }) .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormUniCloudWebHostConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormUniCloudWebHostConfig.tsx index df524417..21624c52 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormUniCloudWebHostConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormUniCloudWebHostConfig.tsx @@ -37,8 +37,8 @@ const DeployNodeConfigFormUniCloudWebHostConfig = ({ const { t } = useTranslation(); const formSchema = z.object({ - spaceProvider: z.string().trim().nonempty(t("workflow_node.deploy.form.unicloud_webhost_space_provider.placeholder")), - spaceId: z.string().trim().nonempty(t("workflow_node.deploy.form.unicloud_webhost_space_id.placeholder")), + spaceProvider: z.string().nonempty(t("workflow_node.deploy.form.unicloud_webhost_space_provider.placeholder")), + spaceId: z.string().nonempty(t("workflow_node.deploy.form.unicloud_webhost_space_id.placeholder")), domain: z.string().refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineALBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineALBConfig.tsx index 650323ab..41750936 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineALBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineALBConfig.tsx @@ -46,12 +46,10 @@ const DeployNodeConfigFormVolcEngineALBConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.volcengine_alb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.volcengine_alb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.volcengine_alb_region.placeholder")), loadbalancerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine( (v) => ![RESOURCE_TYPE_LOADBALANCER].includes(fieldResourceType) || !!v?.trim(), @@ -60,7 +58,6 @@ const DeployNodeConfigFormVolcEngineALBConfig = ({ listenerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine( (v) => ![RESOURCE_TYPE_LISTENER].includes(fieldResourceType) || !!v?.trim(), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineCLBConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineCLBConfig.tsx index 99263044..9c00db70 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineCLBConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineCLBConfig.tsx @@ -44,12 +44,10 @@ const DeployNodeConfigFormVolcEngineCLBConfig = ({ }), region: z .string({ message: t("workflow_node.deploy.form.volcengine_clb_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.volcengine_clb_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.volcengine_clb_region.placeholder")), loadbalancerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine( (v) => ![RESOURCE_TYPE_LOADBALANCER].includes(fieldResourceType) || !!v?.trim(), @@ -58,7 +56,6 @@ const DeployNodeConfigFormVolcEngineCLBConfig = ({ listenerId: z .string() .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim() .nullish() .refine( (v) => ![RESOURCE_TYPE_LISTENER].includes(fieldResourceType) || !!v?.trim(), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineCertCenterConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineCertCenterConfig.tsx index 21f4557f..28fb16f6 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineCertCenterConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineCertCenterConfig.tsx @@ -31,8 +31,7 @@ const DeployNodeConfigFormVolcEngineCertCenterConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.volcengine_certcenter_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.volcengine_certcenter_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.volcengine_certcenter_region.placeholder")), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineImageXConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineImageXConfig.tsx index 61f59e23..5ce81fd0 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineImageXConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineImageXConfig.tsx @@ -33,12 +33,10 @@ const DeployNodeConfigFormVolcEngineImageXConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.volcengine_imagex_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.volcengine_imagex_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.volcengine_imagex_region.placeholder")), serviceId: z .string({ message: t("workflow_node.deploy.form.volcengine_imagex_service_id.placeholder") }) - .nonempty(t("workflow_node.deploy.form.volcengine_imagex_service_id.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.volcengine_imagex_service_id.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.volcengine_imagex_domain.placeholder") }) .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineTOSConfig.tsx b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineTOSConfig.tsx index 730d1fd7..516dc123 100644 --- a/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineTOSConfig.tsx +++ b/ui/src/components/workflow/node/DeployNodeConfigFormVolcEngineTOSConfig.tsx @@ -35,12 +35,10 @@ const DeployNodeConfigFormVolcEngineTOSConfig = ({ const formSchema = z.object({ region: z .string({ message: t("workflow_node.deploy.form.volcengine_tos_region.placeholder") }) - .nonempty(t("workflow_node.deploy.form.volcengine_tos_region.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.volcengine_tos_region.placeholder")), bucket: z .string({ message: t("workflow_node.deploy.form.volcengine_tos_bucket.placeholder") }) - .nonempty(t("workflow_node.deploy.form.volcengine_tos_bucket.placeholder")) - .trim(), + .nonempty(t("workflow_node.deploy.form.volcengine_tos_bucket.placeholder")), domain: z .string({ message: t("workflow_node.deploy.form.volcengine_tos_domain.placeholder") }) .refine((v) => validDomainName(v), t("common.errmsg.domain_invalid")), diff --git a/ui/src/components/workflow/node/NotifyNodeConfigFormEmailConfig.tsx b/ui/src/components/workflow/node/NotifyNodeConfigFormEmailConfig.tsx index b6bfed17..133ee7e4 100644 --- a/ui/src/components/workflow/node/NotifyNodeConfigFormEmailConfig.tsx +++ b/ui/src/components/workflow/node/NotifyNodeConfigFormEmailConfig.tsx @@ -33,6 +33,7 @@ const NotifyNodeConfigFormEmailConfig = ({ form: formInst, formName, disabled, i if (!v) return true; return validEmailAddress(v); }, t("common.errmsg.email_invalid")), + senderName: z.string().nullish(), receiverAddress: z .string() .nullish() @@ -65,6 +66,15 @@ const NotifyNodeConfigFormEmailConfig = ({ form: formInst, formName, disabled, i + } + > + + + [ type, diff --git a/ui/src/domain/version.ts b/ui/src/domain/version.ts index 321e7b16..19cfffa0 100644 --- a/ui/src/domain/version.ts +++ b/ui/src/domain/version.ts @@ -1 +1,2 @@ -export const version = "v0.3.17"; +// fallback policy: .env > git tag > "v0.0.0-dev" +export const version = import.meta.env.VITE_APP_VERSION || __APP_VERSION__ || "v0.0.0-dev"; diff --git a/ui/src/hooks/useVersionChecker.ts b/ui/src/hooks/useVersionChecker.ts index 9df7740d..75e27eaa 100644 --- a/ui/src/hooks/useVersionChecker.ts +++ b/ui/src/hooks/useVersionChecker.ts @@ -38,7 +38,7 @@ const compareVersions = (a: string, b: string) => { const useVersionChecker = () => { const { data, refresh } = useRequest( async () => { - const releases = await fetch("https://api.github.com/repos/usual2970/certimate/releases") + const releases = await fetch("https://api.github.com/repos/certimate-go/certimate/releases") .then((res) => res.json()) .then((res) => Array.from(res)); diff --git a/ui/src/i18n/locales/en/nls.access.json b/ui/src/i18n/locales/en/nls.access.json index 23946f6d..77c02dc8 100644 --- a/ui/src/i18n/locales/en/nls.access.json +++ b/ui/src/i18n/locales/en/nls.access.json @@ -1,15 +1,15 @@ { "access.page.title": "Authorization", - "access.nodata": "No accesses. Please create an authorization first.", + "access.nodata": "No accesses. Please create an credential first.", "access.search.placeholder": "Search by access name ...", - "access.action.add": "Create authorization", - "access.action.edit": "Edit authorization", - "access.action.duplicate": "Duplicate authorization", - "access.action.delete": "Delete authorization", - "access.action.delete.confirm": "Are you sure to delete this authorization?", + "access.action.add": "Create credential", + "access.action.edit": "Edit credential", + "access.action.duplicate": "Duplicate credential", + "access.action.delete": "Delete credential", + "access.action.delete.confirm": "Are you sure to delete this credential?", "access.props.name": "Name", "access.props.provider": "Provider", @@ -25,7 +25,7 @@ "access.props.updated_at": "Updated at", "access.form.name.label": "Name", - "access.form.name.placeholder": "Please enter authorization name", + "access.form.name.placeholder": "Please enter credential name", "access.form.provider.label": "Provider", "access.form.provider.placeholder": "Please select a provider", "access.form.provider.tooltip": "DNS provider: The provider that hosts your domain names and manages your DNS records.
Hosting provider: The provider that hosts your servers or cloud services for deploying certificates.

Cannot be edited after saving.", @@ -72,6 +72,11 @@ "access.form.aliyun_resource_group_id.label": "Aliyun resource group ID (Optional)", "access.form.aliyun_resource_group_id.placeholder": "Please enter Aliyun resource group ID", "access.form.aliyun_resource_group_id.tooltip": "For more information, see https://www.alibabacloud.com/help/en/resource-management/product-overview", + "access.form.apisix_server_url.label": "APISIX server URL", + "access.form.apisix_server_url.placeholder": "Please enter APISIX server URL", + "access.form.apisix_api_key.label": "APISIX Admin API key", + "access.form.apisix_api_key.placeholder": "Please enter APISIX Admin API key", + "access.form.apisix_api_key.tooltip": "For more information, see https://apisix.apache.org/docs/apisix/admin-api/", "access.form.aws_access_key_id.label": "AWS AccessKeyId", "access.form.aws_access_key_id.placeholder": "Please enter AWS AccessKeyId", "access.form.aws_access_key_id.tooltip": "For more information, see https://docs.aws.amazon.com/en_us/IAM/latest/UserGuide/id_credentials_access-keys.html", @@ -152,6 +157,12 @@ "access.form.constellix_secret_key.label": "Constellix API secret key", "access.form.constellix_secret_key.placeholder": "Please enter Constellix API secret key", "access.form.constellix_secret_key.tooltip": "For more information, see https://support.constellix.com/hc/en-us/articles/34574197390491-How-to-Generate-an-API-Key", + "access.form.ctcccloud_access_key_id.label": "CTCC StateCloud AccessKeyId", + "access.form.ctcccloud_access_key_id.placeholder": "Please enter CTCC StateCloud AccessKeyId", + "access.form.ctcccloud_access_key_id.tooltip": "For more information, see https://www.ctyun.cn/document/10015882/10015953", + "access.form.ctcccloud_secret_access_key.label": "CTCC StateCloud SecretAccessKey", + "access.form.ctcccloud_secret_access_key.placeholder": "Please enter CTCC StateCloud SecretAccessKey", + "access.form.ctcccloud_secret_access_key.tooltip": "For more information, see https://www.ctyun.cn/document/10015882/10015953", "access.form.desec_token.label": "deSEC token", "access.form.desec_token.placeholder": "Please enter deSEC token", "access.form.desec_token.tooltip": "For more information, see https://desec.readthedocs.io/en/latest/auth/tokens.html", @@ -205,6 +216,8 @@ "access.form.email_password.placeholder": "please enter password", "access.form.email_default_sender_address.label": "Default sender email address (Optional)", "access.form.email_default_sender_address.placeholder": "Please enter default sender email address", + "access.form.email_default_sender_name.label": "Default sender display name (Optional)", + "access.form.email_default_sender_name.placeholder": "Please enter default sender display name", "access.form.email_default_receiver_address.label": "Default receiver email address (Optional)", "access.form.email_default_receiver_address.placeholder": "Please enter default receiver email address", "access.form.flexcdn_server_url.label": "FlexCDN server URL", @@ -409,10 +422,10 @@ "access.form.telegrambot_default_chat_id.tooltip": "How to get it? Please refer to https://gist.github.com/nafiesl/4ad622f344cd1dc3bb1ecbe468ff9f8a", "access.form.tencentcloud_secret_id.label": "Tencent Cloud SecretId", "access.form.tencentcloud_secret_id.placeholder": "Please enter Tencent Cloud SecretId", - "access.form.tencentcloud_secret_id.tooltip": "For more information, see https://cloud.tencent.com/document/product/598/40488?lang=en", + "access.form.tencentcloud_secret_id.tooltip": "For more information, see https://www.tencentcloud.com/zh/document/product/598/34228", "access.form.tencentcloud_secret_key.label": "Tencent Cloud SecretKey", "access.form.tencentcloud_secret_key.placeholder": "Please enter Tencent Cloud SecretKey", - "access.form.tencentcloud_secret_key.tooltip": "For more information, see https://cloud.tencent.com/document/product/598/40488?lang=en", + "access.form.tencentcloud_secret_key.tooltip": "For more information, see https://www.tencentcloud.com/zh/document/product/598/34228", "access.form.ucloud_private_key.label": "UCloud API private key", "access.form.ucloud_private_key.placeholder": "Please enter UCloud API private key", "access.form.ucloud_private_key.tooltip": "For more information, see https://console.ucloud-global.com/uaccount/api_manage", diff --git a/ui/src/i18n/locales/en/nls.certificate.json b/ui/src/i18n/locales/en/nls.certificate.json index cca7fdb4..7adce18f 100644 --- a/ui/src/i18n/locales/en/nls.certificate.json +++ b/ui/src/i18n/locales/en/nls.certificate.json @@ -13,6 +13,7 @@ "certificate.props.subject_alt_names": "Name", "certificate.props.validity": "Expiry", "certificate.props.validity.left_days": "{{left}} / {{total}} days left", + "certificate.props.validity.less_than_day": "Expire soon ({{hours}} hours left)", "certificate.props.validity.expired": "Expired", "certificate.props.validity.expiration": "Expire on {{date}}", "certificate.props.validity.filter.expire_soon": "Expire soon", diff --git a/ui/src/i18n/locales/en/nls.provider.json b/ui/src/i18n/locales/en/nls.provider.json index bac03fee..ddf408d9 100644 --- a/ui/src/i18n/locales/en/nls.provider.json +++ b/ui/src/i18n/locales/en/nls.provider.json @@ -13,7 +13,7 @@ "provider.aliyun.clb": "Alibaba Cloud - CLB (Classic Load Balancer)", "provider.aliyun.dcdn": "Alibaba Cloud - DCDN (Dynamic Route for Content Delivery Network)", "provider.aliyun.ddos": "Alibaba Cloud - Anti-DDoS Proxy", - "provider.aliyun.dns": "Alibaba Cloud - DNS (Domain Name Service)", + "provider.aliyun.dns": "Alibaba Cloud - DNS", "provider.aliyun.esa": "Alibaba Cloud - ESA (Edge Security Acceleration)", "provider.aliyun.fc": "Alibaba Cloud - FC (Function Compute)", "provider.aliyun.ga": "Alibaba Cloud - GA (Global Accelerator)", @@ -24,6 +24,7 @@ "provider.aliyun.waf": "Alibaba Cloud - WAF (Web Application Firewall)", "provider.akamai": "Akamai", "provider.akamai.cdn": "Akamai - CDN (Content Delivery Network)", + "provider.apisix": "Apache APISIX", "provider.aws": "AWS", "provider.aws.acm": "AWS - ACM (Amazon Certificate Manager)", "provider.aws.cloudfront": "AWS - CloudFront", @@ -37,7 +38,7 @@ "provider.baiducloud.blb": "Baidu Cloud - BLB (Load Balancer)", "provider.baiducloud.cdn": "Baidu Cloud - CDN (Content Delivery Network)", "provider.baiducloud.cert_upload": "Baidu Cloud - Upload to SSL Certificate Service", - "provider.baiducloud.dns": "Baidu Cloud - DNS (Domain Name Service)", + "provider.baiducloud.dns": "Baidu Cloud - DNS", "provider.baishan": "Baishan", "provider.baishan.cdn": "Baishan - CDN (Content Delivery Network)", "provider.baotapanel": "aaPanel (aka BaoTaPanel)", @@ -55,9 +56,17 @@ "provider.cdnfly": "Cdnfly", "provider.cloudflare": "Cloudflare", "provider.cloudns": "ClouDNS", - "provider.cmcccloud": "China Mobile Cloud (ECloud)", + "provider.cmcccloud": "China Mobile ECloud", + "provider.cmcccloud.dns": "China Mobile ECloud - DNS", "provider.constellix": "Constellix", - "provider.ctcccloud": "China Telecom Cloud (State Cloud)", + "provider.ctcccloud": "China Telecom StateCloud", + "provider.ctcccloud.ao": "China Telecom StateCloud - AccessOne", + "provider.ctcccloud.cdn": "China Telecom StateCloud - CDN (Content Delivery Network)", + "provider.ctcccloud.cms_upload": "China Telecom StateCloud - Upload to Certificate Management Service", + "provider.ctcccloud.elb": "China Telecom StateCloud - ELB (Elastic Load Balancing)", + "provider.ctcccloud.icdn": "China Telecom StateCloud - ICDN (Integrated Content Delivery Network)", + "provider.ctcccloud.lvdn": "China Telecom StateCloud - LVDN (Live Video Delivery Network)", + "provider.ctcccloud.smartdns": "China Telecom StateCloud - Smart DNS", "provider.cucccloud": "China Unicom Cloud", "provider.desec": "deSEC", "provider.digitalocean": "DigitalOcean", @@ -82,7 +91,7 @@ "provider.hetzner": "Hetzner", "provider.huaweicloud": "Huawei Cloud", "provider.huaweicloud.cdn": "Huawei Cloud - CDN (Content Delivery Network)", - "provider.huaweicloud.dns": "Huawei Cloud - DNS (Domain Name Service)", + "provider.huaweicloud.dns": "Huawei Cloud - DNS", "provider.huaweicloud.elb": "Huawei Cloud - ELB (Elastic Load Balance)", "provider.huaweicloud.scm_upload": "Huawei Cloud - Upload to SCM (SSL Certificate Manager)", "provider.huaweicloud.waf": "Huawei Cloud - WAF (Web Application Firewall)", @@ -129,9 +138,10 @@ "provider.tencentcloud.clb": "Tencent Cloud - CLB (Cloud Load Balancer)", "provider.tencentcloud.cos": "Tencent Cloud - COS (Cloud Object Storage)", "provider.tencentcloud.css": "Tencent Cloud - CSS (Cloud Streaming Service)", - "provider.tencentcloud.dns": "Tencent Cloud - DNS (Domain Name Service)", + "provider.tencentcloud.dns": "Tencent Cloud - DNS", "provider.tencentcloud.ecdn": "Tencent Cloud - ECDN (Enterprise Content Delivery Network)", "provider.tencentcloud.eo": "Tencent Cloud - EdgeOne", + "provider.tencentcloud.gaap": "Tencent Cloud - GAAP (Global Application Acceleration Platform)", "provider.tencentcloud.scf": "Tencent Cloud - SCF (Serverless Cloud Function)", "provider.tencentcloud.ssl_upload": "Tencent Cloud - Upload to SSL Certificate Service", "provider.tencentcloud.ssl_deploy": "Tencent Cloud - Deploy via SSL Certificate Service", @@ -153,7 +163,7 @@ "provider.volcengine.certcenter_upload": "Volcengine - Upload to Certificate Center", "provider.volcengine.clb": "Volcengine - CLB (Cloud Load Balancer)", "provider.volcengine.dcdn": "Volcengine - DCDN (Dynamic Content Delivery Network)", - "provider.volcengine.dns": "Volcengine - DNS (Domain Name Service)", + "provider.volcengine.dns": "Volcengine - DNS", "provider.volcengine.imagex": "Volcengine - ImageX", "provider.volcengine.live": "Volcengine - Live", "provider.volcengine.tos": "Volcengine - TOS (Tinder Object Storage)", @@ -172,6 +182,7 @@ "provider.category.loadbalance": "Loadbalance", "provider.category.firewall": "Firewall", "provider.category.av": "Audio/Video", + "provider.category.accelerator": "Accelerator", "provider.category.apigw": "API Gateway", "provider.category.serverless": "Serverless", "provider.category.website": "Website", diff --git a/ui/src/i18n/locales/en/nls.workflow.nodes.json b/ui/src/i18n/locales/en/nls.workflow.nodes.json index c77dcd40..f3347ca1 100644 --- a/ui/src/i18n/locales/en/nls.workflow.nodes.json +++ b/ui/src/i18n/locales/en/nls.workflow.nodes.json @@ -39,8 +39,8 @@ "workflow_node.apply.form.challenge_type.placeholder": "Please select challenge type", "workflow_node.apply.form.provider.label": "DNS provider", "workflow_node.apply.form.provider.placeholder": "Please select DNS provider of the domains", - "workflow_node.apply.form.provider_access.label": "DNS provider authorization", - "workflow_node.apply.form.provider_access.placeholder": "Please select an authorization of DNS provider", + "workflow_node.apply.form.provider_access.label": "DNS provider credential", + "workflow_node.apply.form.provider_access.placeholder": "Please select an credential of DNS provider", "workflow_node.apply.form.provider_access.tooltip": "Used to manage DNS records during ACME DNS-01 challenge.", "workflow_node.apply.form.provider_access.button": "Create", "workflow_node.apply.form.aliyun_esa_region.label": "Alibaba Cloud ESA region", @@ -66,8 +66,8 @@ "workflow_node.apply.form.ca_provider.placeholder": "Please select a certificate authority", "workflow_node.apply.form.ca_provider.tooltip": "Used to issue SSL certificates.", "workflow_node.apply.form.ca_provider.button": "Configure", - "workflow_node.apply.form.ca_provider_access.label": "Certificate authority authorization", - "workflow_node.apply.form.ca_provider_access.placeholder": "Please select an authorization of the certificate authority", + "workflow_node.apply.form.ca_provider_access.label": "Certificate authority credential", + "workflow_node.apply.form.ca_provider_access.placeholder": "Please select an credential of the certificate authority", "workflow_node.apply.form.ca_provider_access.button": "Create", "workflow_node.apply.form.key_algorithm.label": "Certificate key algorithm", "workflow_node.apply.form.key_algorithm.placeholder": "Please select certificate key algorithm", @@ -115,8 +115,8 @@ "workflow_node.deploy.form.provider.label": "Deploy target", "workflow_node.deploy.form.provider.placeholder": "Please select deploy target", "workflow_node.deploy.form.provider.search.placeholder": "Search deploy target ...", - "workflow_node.deploy.form.provider_access.label": "Hosting provider authorization", - "workflow_node.deploy.form.provider_access.placeholder": "Please select an authorization of Hosting provider", + "workflow_node.deploy.form.provider_access.label": "Hosting provider credential", + "workflow_node.deploy.form.provider_access.placeholder": "Please select an credential of Hosting provider", "workflow_node.deploy.form.provider_access.tooltip": "Used to invoke API during deployment.", "workflow_node.deploy.form.provider_access.button": "Create", "workflow_node.deploy.form.certificate.label": "Certificate", @@ -130,10 +130,10 @@ "workflow_node.deploy.form.1panel_site_resource_type.option.certificate.label": "Certificate", "workflow_node.deploy.form.1panel_site_website_id.label": "1Panel website ID", "workflow_node.deploy.form.1panel_site_website_id.placeholder": "Please enter 1Panel website ID", - "workflow_node.deploy.form.1panel_site_website_id.tooltip": "You can find it on 1Panel WebUI.", + "workflow_node.deploy.form.1panel_site_website_id.tooltip": "You can find it on 1Panel dashboard.", "workflow_node.deploy.form.1panel_site_certificate_id.label": "1Panel certificate ID", "workflow_node.deploy.form.1panel_site_certificate_id.placeholder": "Please enter 1Panel certificate ID", - "workflow_node.deploy.form.1panel_site_certificate_id.tooltip": "You can find it on 1Panel WebUI.", + "workflow_node.deploy.form.1panel_site_certificate_id.tooltip": "You can find it on 1Panel dashboard.", "workflow_node.deploy.form.aliyun_alb_resource_type.label": "Resource type", "workflow_node.deploy.form.aliyun_alb_resource_type.placeholder": "Please select resource type", "workflow_node.deploy.form.aliyun_alb_resource_type.option.loadbalancer.label": "ALB load balancer", @@ -285,6 +285,12 @@ "workflow_node.deploy.form.aliyun_waf_domain.label": "Alibaba Cloud WAF domain (Optional)", "workflow_node.deploy.form.aliyun_waf_domain.placeholder": "Please enter Alibaba Cloud WAF domain name", "workflow_node.deploy.form.aliyun_waf_domain.tooltip": "For more information, see https://waf.console.aliyun.com", + "workflow_node.deploy.form.apisix_resource_type.label": "Resource type", + "workflow_node.deploy.form.apisix_resource_type.placeholder": "Please select resource type", + "workflow_node.deploy.form.apisix_resource_type.option.certificate.label": "SSL certificate", + "workflow_node.deploy.form.apisix_certificate_id.label": "APISIX certificate ID", + "workflow_node.deploy.form.apisix_certificate_id.placeholder": "Please enter APISIX certificate ID", + "workflow_node.deploy.form.apisix_certificate_id.tooltip": "You can find it on APISIX dashboard.", "workflow_node.deploy.form.aws_acm_region.label": "AWS ACM Region", "workflow_node.deploy.form.aws_acm_region.placeholder": "Please enter AWS ACM region (e.g. us-east-1)", "workflow_node.deploy.form.aws_acm_region.tooltip": "For more information, see https://docs.aws.amazon.com/en_us/general/latest/gr/rande.html#regional-endpoints", @@ -361,16 +367,16 @@ "workflow_node.deploy.form.baotapanel_site_type.option.other.label": "Other sites", "workflow_node.deploy.form.baotapanel_site_name.label": "aaPanel site name", "workflow_node.deploy.form.baotapanel_site_name.placeholder": "Please enter aaPanel site name", - "workflow_node.deploy.form.baotapanel_site_name.tooltip": "You can find it on aaPanel WebUI.", + "workflow_node.deploy.form.baotapanel_site_name.tooltip": "You can find it on aaPanel dashboard.", "workflow_node.deploy.form.baotapanel_site_names.label": "aaPanel site names", "workflow_node.deploy.form.baotapanel_site_names.placeholder": "Please enter aaPanel site names (separated by semicolons)", "workflow_node.deploy.form.baotapanel_site_names.errmsg.invalid": "Please enter a valid aaPanel site name", - "workflow_node.deploy.form.baotapanel_site_names.tooltip": "You can find it on aaPanel WebUI.", + "workflow_node.deploy.form.baotapanel_site_names.tooltip": "You can find it on aaPanel dashboard.", "workflow_node.deploy.form.baotapanel_site_names.multiple_input_modal.title": "Change aaPanel site names", "workflow_node.deploy.form.baotapanel_site_names.multiple_input_modal.placeholder": "Please enter aaPanel site name", "workflow_node.deploy.form.baotawaf_site_name.label": "aaWAF site name", "workflow_node.deploy.form.baotawaf_site_name.placeholder": "Please enter aaWAF site name", - "workflow_node.deploy.form.baotawaf_site_name.tooltip": "You can find it on aaWAF WebUI.", + "workflow_node.deploy.form.baotawaf_site_name.tooltip": "You can find it on aaWAF dashboard.", "workflow_node.deploy.form.baotawaf_site_port.label": "aaWAF site SSL port", "workflow_node.deploy.form.baotawaf_site_port.placeholder": "Please enter aaWAF SSL port", "workflow_node.deploy.form.bunny_cdn_pull_zone_id.label": "Bunny CDN pull zone ID", @@ -388,13 +394,39 @@ "workflow_node.deploy.form.cdnfly_resource_type.option.certificate.label": "Certificate", "workflow_node.deploy.form.cdnfly_site_id.label": "Cdnfly site ID", "workflow_node.deploy.form.cdnfly_site_id.placeholder": "Please enter Cdnfly site ID", - "workflow_node.deploy.form.cdnfly_site_id.tooltip": "You can find it on Cdnfly WebUI.", + "workflow_node.deploy.form.cdnfly_site_id.tooltip": "You can find it on Cdnfly dashboard.", "workflow_node.deploy.form.cdnfly_certificate_id.label": "Cdnfly certificate ID", "workflow_node.deploy.form.cdnfly_certificate_id.placeholder": "Please enter Cdnfly certificate ID", - "workflow_node.deploy.form.cdnfly_certificate_id.tooltip": "You can find it on Cdnfly WebUI.", + "workflow_node.deploy.form.cdnfly_certificate_id.tooltip": "You can find it on Cdnfly dashboard.", + "workflow_node.deploy.form.ctcccloud_ao_domain.label": "CTCC StateCloud AccessOne domain", + "workflow_node.deploy.form.ctcccloud_ao_domain.placeholder": "Please enter CTCC StateCloud AccessOne domain name", + "workflow_node.deploy.form.ctcccloud_ao_domain.tooltip": "For more information, see https://cdn.ctyun.cn/h5/ctaccessone/", + "workflow_node.deploy.form.ctcccloud_cdn_domain.label": "CTCC StateCloud CDN domain", + "workflow_node.deploy.form.ctcccloud_cdn_domain.placeholder": "Please enter CTCC StateCloud CDN domain name", + "workflow_node.deploy.form.ctcccloud_cdn_domain.tooltip": "For more information, see https://cdn-console.ctyun.cn", + "workflow_node.deploy.form.ctcccloud_elb_resource_type.label": "Resource type", + "workflow_node.deploy.form.ctcccloud_elb_resource_type.placeholder": "Please select resource type", + "workflow_node.deploy.form.ctcccloud_elb_resource_type.option.certificate.label": "ELB certificate", + "workflow_node.deploy.form.ctcccloud_elb_resource_type.option.loadbalancer.label": "ELB load balancer", + "workflow_node.deploy.form.ctcccloud_elb_resource_type.option.listener.label": "ELB listener", + "workflow_node.deploy.form.ctcccloud_elb_region_id.label": "CTCC StateCloud ELB region ID", + "workflow_node.deploy.form.ctcccloud_elb_region_id.placeholder": "Please enter CTCC StateCloud ELB region ID", + "workflow_node.deploy.form.ctcccloud_elb_region_id.tooltip": "For more information, see https://www.ctyun.cn/document/10026755/10196575", + "workflow_node.deploy.form.ctcccloud_elb_loadbalancer_id.label": "CTCC StateCloud ELB load balancer ID", + "workflow_node.deploy.form.ctcccloud_elb_loadbalancer_id.placeholder": "Please enter CTCC StateCloud ELB load balancer ID", + "workflow_node.deploy.form.ctcccloud_elb_loadbalancer_id.tooltip": "For more information, see https://console.ctyun.cn/network/index/#/elb/elbList", + "workflow_node.deploy.form.ctcccloud_elb_listener_id.label": "CTCC StateCloud ELB listener ID", + "workflow_node.deploy.form.ctcccloud_elb_listener_id.placeholder": "Please enter CTCC StateCloud ELB listener ID", + "workflow_node.deploy.form.ctcccloud_elb_listener_id.tooltip": "For more information, see https://console.ctyun.cn/network/index/#/elb/elbList", + "workflow_node.deploy.form.ctcccloud_icdn_domain.label": "CTCC StateCloud ICDN domain", + "workflow_node.deploy.form.ctcccloud_icdn_domain.placeholder": "Please enter CTCC StateCloud ICDN domain name", + "workflow_node.deploy.form.ctcccloud_icdn_domain.tooltip": "For more information, see https://cdn-console.ctyun.cn", + "workflow_node.deploy.form.ctcccloud_lvdn_domain.label": "CTCC StateCloud LVDN domain", + "workflow_node.deploy.form.ctcccloud_lvdn_domain.placeholder": "Please enter CTCC StateCloud LVDN domain name", + "workflow_node.deploy.form.ctcccloud_lvdn_domain.tooltip": "For more information, see https://cdn.ctyun.cn/h5/live/index", "workflow_node.deploy.form.dogecloud_cdn_domain.label": "Doge Cloud CDN domain", "workflow_node.deploy.form.dogecloud_cdn_domain.placeholder": "Please enter Doge Cloud CDN domain name", - "workflow_node.deploy.form.dogecloud_cdn_domain.tooltip": "For more information, see https://console.dogecloud.com/", + "workflow_node.deploy.form.dogecloud_cdn_domain.tooltip": "For more information, see https://console.dogecloud.com", "workflow_node.deploy.form.edgio_applications_environment_id.label": "Edgio Applications environment ID", "workflow_node.deploy.form.edgio_applications_environment_id.placeholder": "Please enter Edgio Applications environment ID", "workflow_node.deploy.form.edgio_applications_environment_id.tooltip": "For more information, see https://edgio.app/", @@ -403,7 +435,7 @@ "workflow_node.deploy.form.flexcdn_resource_type.option.certificate.label": "Certificate", "workflow_node.deploy.form.flexcdn_certificate_id.label": "FlexCDN certificate ID", "workflow_node.deploy.form.flexcdn_certificate_id.placeholder": "Please enter FlexCDN certificate ID", - "workflow_node.deploy.form.flexcdn_certificate_id.tooltip": "You can find it on FlexCDN WebUI.", + "workflow_node.deploy.form.flexcdn_certificate_id.tooltip": "You can find it on FlexCDN dashboard.", "workflow_node.deploy.form.gcore_cdn_resource_id.label": "Gcore CDN resource ID", "workflow_node.deploy.form.gcore_cdn_resource_id.placeholder": "Please enter Gcore CDN resource ID", "workflow_node.deploy.form.gcore_cdn_resource_id.tooltip": "For more information, see https://cdn.gcore.com/resources/list", @@ -415,7 +447,7 @@ "workflow_node.deploy.form.goedge_resource_type.option.certificate.label": "Certificate", "workflow_node.deploy.form.goedge_certificate_id.label": "GoEdge certificate ID", "workflow_node.deploy.form.goedge_certificate_id.placeholder": "Please enter GoEdge certificate ID", - "workflow_node.deploy.form.goedge_certificate_id.tooltip": "You can find it on GoEdge WebUI.", + "workflow_node.deploy.form.goedge_certificate_id.tooltip": "You can find it on GoEdge dashboard.", "workflow_node.deploy.form.huaweicloud_cdn_region.label": "Huawei Cloud CDN region", "workflow_node.deploy.form.huaweicloud_cdn_region.placeholder": "Please enter Huawei Cloud CDN region (e.g. cn-north-1)", "workflow_node.deploy.form.huaweicloud_cdn_region.tooltip": "For more information, see https://console-intl.huaweicloud.com/apiexplorer/#/endpoint", @@ -471,13 +503,13 @@ "workflow_node.deploy.form.jdcloud_alb_snidomain.tooltip": "For more information, see https://cns-console.jdcloud.com/host/loadBalance/list", "workflow_node.deploy.form.jdcloud_cdn_domain.label": "JD Cloud CDN domain", "workflow_node.deploy.form.jdcloud_cdn_domain.placeholder": "Please enter JD Cloud CDN domain name", - "workflow_node.deploy.form.jdcloud_cdn_domain.tooltip": "For more information, see https://cdn-console.jdcloud.com/", + "workflow_node.deploy.form.jdcloud_cdn_domain.tooltip": "For more information, see https://cdn-console.jdcloud.com", "workflow_node.deploy.form.jdcloud_live_domain.label": "JD Cloud Live Video play domain", "workflow_node.deploy.form.jdcloud_live_domain.placeholder": "Please enter JD Cloud Live Video play domain name", - "workflow_node.deploy.form.jdcloud_live_domain.tooltip": "For more information, see https://live-console.jdcloud.com/", + "workflow_node.deploy.form.jdcloud_live_domain.tooltip": "For more information, see https://live-console.jdcloud.com", "workflow_node.deploy.form.jdcloud_vod_domain.label": "JD Cloud VOD domain", "workflow_node.deploy.form.jdcloud_vod_domain.placeholder": "Please enter JD Cloud VOD domain name", - "workflow_node.deploy.form.jdcloud_vod_domain.tooltip": "For more information, see https://vod-console.jdcloud.com/", + "workflow_node.deploy.form.jdcloud_vod_domain.tooltip": "For more information, see https://vod-console.jdcloud.com", "workflow_node.deploy.form.k8s_namespace.label": "Kubernetes Namespace", "workflow_node.deploy.form.k8s_namespace.placeholder": "Please enter Kubernetes Namespace", "workflow_node.deploy.form.k8s_namespace.tooltip": "For more information, see https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/", @@ -498,10 +530,10 @@ "workflow_node.deploy.form.lecdn_resource_type.option.certificate.label": "Certificate", "workflow_node.deploy.form.lecdn_certificate_id.label": "LeCDN certificate ID", "workflow_node.deploy.form.lecdn_certificate_id.placeholder": "Please enter LeCDN certificate ID", - "workflow_node.deploy.form.lecdn_certificate_id.tooltip": "You can find it on LeCDN WebUI.", + "workflow_node.deploy.form.lecdn_certificate_id.tooltip": "You can find it on LeCDN dashboard.", "workflow_node.deploy.form.lecdn_client_id.label": "LeCDN user ID (Optional)", "workflow_node.deploy.form.lecdn_client_id.placeholder": "Please enter LeCDN user ID", - "workflow_node.deploy.form.lecdn_client_id.tooltip": "You can find it on LeCDN WebUI.

Required when using administrator's authorization. It Must be the same as the user to which the certificate belongs.", + "workflow_node.deploy.form.lecdn_client_id.tooltip": "You can find it on LeCDN dashboard.

Required when using administrator's authorization. It Must be the same as the user to which the certificate belongs.", "workflow_node.deploy.form.local.guide": "Tips: If you are running Certimate in Docker, the \"Local\" refers to the container rather than the host.", "workflow_node.deploy.form.local_format.label": "File format", "workflow_node.deploy.form.local_format.placeholder": "Please select file format", @@ -574,13 +606,13 @@ "workflow_node.deploy.form.rainyun_rcdn_domain.tooltip": "For more information, see https://app.rainyun.com/apps/rcdn/list", "workflow_node.deploy.form.ratpanel_site_name.label": "RatPanel site name", "workflow_node.deploy.form.ratpanel_site_name.placeholder": "Please enter RatPanel site name", - "workflow_node.deploy.form.ratpanel_site_name.tooltip": "You can find it on RatPanel WebUI.", + "workflow_node.deploy.form.ratpanel_site_name.tooltip": "You can find it on RatPanel dashboard.", "workflow_node.deploy.form.safeline_resource_type.label": "Resource type", "workflow_node.deploy.form.safeline_resource_type.placeholder": "Please select resource type", "workflow_node.deploy.form.safeline_resource_type.option.certificate.label": "Certificate", "workflow_node.deploy.form.safeline_certificate_id.label": "SafeLine certificate ID", "workflow_node.deploy.form.safeline_certificate_id.placeholder": "Please enter SafeLine certificate ID", - "workflow_node.deploy.form.safeline_certificate_id.tooltip": "You can find it on SafeLine WebUI.", + "workflow_node.deploy.form.safeline_certificate_id.tooltip": "You can find it on SafeLine dashboard.", "workflow_node.deploy.form.ssh_format.label": "File format", "workflow_node.deploy.form.ssh_format.placeholder": "Please select file format", "workflow_node.deploy.form.ssh_format.option.pem.label": "PEM (*.pem, *.crt, *.key)", @@ -620,6 +652,7 @@ "workflow_node.deploy.form.ssh_preset_scripts.option.sh_reload_nginx.label": "POSIX Bash - Reload nginx", "workflow_node.deploy.form.ssh_preset_scripts.option.sh_replace_synologydsm_ssl.label": "POSIX Bash - Replace SynologyDSM SSL certificate", "workflow_node.deploy.form.ssh_preset_scripts.option.sh_replace_fnos_ssl.label": "POSIX Bash - Replace fnOS SSL certificate", + "workflow_node.deploy.form.ssh_preset_scripts.option.sh_replace_qnap_ssl.label": "POSIX Bash - Replace QNAP SSL certificate", "workflow_node.deploy.form.ssh_preset_scripts.option.ps_binding_iis.label": "PowerShell - Binding IIS", "workflow_node.deploy.form.ssh_preset_scripts.option.ps_binding_netsh.label": "PowerShell - Binding netsh", "workflow_node.deploy.form.ssh_preset_scripts.option.ps_binding_rdp.label": "PowerShell - Binding RDP", @@ -660,7 +693,7 @@ "workflow_node.deploy.form.tencentcloud_cos_domain.tooltip": "For more information, see https://console.tencentcloud.com/cos", "workflow_node.deploy.form.tencentcloud_css_domain.label": "Tencent Cloud CSS play domain", "workflow_node.deploy.form.tencentcloud_css_domain.placeholder": "Please enter Tencent Cloud CSS play domain name", - "workflow_node.deploy.form.tencentcloud_css_domain.tooltip": "For more information, see https://console.cloud.tencent.com/live", + "workflow_node.deploy.form.tencentcloud_css_domain.tooltip": "For more information, see https://console.tencentcloud.com/live", "workflow_node.deploy.form.tencentcloud_ecdn_domain.label": "Tencent Cloud ECDN domain", "workflow_node.deploy.form.tencentcloud_ecdn_domain.placeholder": "Please enter Tencent Cloud ECDN domain name", "workflow_node.deploy.form.tencentcloud_ecdn_domain.tooltip": "For more information, see https://console.tencentcloud.com/cdn", @@ -670,6 +703,15 @@ "workflow_node.deploy.form.tencentcloud_eo_domain.label": "Tencent Cloud EdgeOne domain", "workflow_node.deploy.form.tencentcloud_eo_domain.placeholder": "Please enter Tencent Cloud EdgeOne domain name", "workflow_node.deploy.form.tencentcloud_eo_domain.tooltip": "For more information, see https://console.tencentcloud.com/edgeone", + "workflow_node.deploy.form.tencentcloud_gaap_resource_type.label": "Resource type", + "workflow_node.deploy.form.tencentcloud_gaap_resource_type.placeholder": "Please select resource type", + "workflow_node.deploy.form.tencentcloud_gaap_resource_type.option.listener.label": "GAAP listener", + "workflow_node.deploy.form.tencentcloud_gaap_proxy_id.label": "Tencent Cloud GAAP proxy ID (Optional)", + "workflow_node.deploy.form.tencentcloud_gaap_proxy_id.placeholder": "Please enter Tencent Cloud GAAP proxy ID", + "workflow_node.deploy.form.tencentcloud_gaap_proxy_id.tooltip": "For more information, see https://console.tencentcloud.com/gaap", + "workflow_node.deploy.form.tencentcloud_gaap_listener_id.label": "Tencent Cloud GAAP listener ID", + "workflow_node.deploy.form.tencentcloud_gaap_listener_id.placeholder": "Please enter Tencent Cloud GAAP listener ID", + "workflow_node.deploy.form.tencentcloud_gaap_listener_id.tooltip": "For more information, see https://console.tencentcloud.com/gaap", "workflow_node.deploy.form.tencentcloud_scf_region.label": "Tencent Cloud SCF region", "workflow_node.deploy.form.tencentcloud_scf_region.placeholder": "Please enter Tencent Cloud SCF region (e.g. ap-guangzhou)", "workflow_node.deploy.form.tencentcloud_scf_region.tooltip": "For more information, see https://www.tencentcloud.com/document/product/583/17299", @@ -691,10 +733,10 @@ "workflow_node.deploy.form.tencentcloud_ssl_deploy_resource_ids.multiple_input_modal.placeholder": "Please enter Tencent Cloud resouce ID", "workflow_node.deploy.form.tencentcloud_vod_sub_app_id.label": "Tencent Cloud VOD App ID", "workflow_node.deploy.form.tencentcloud_vod_sub_app_id.placeholder": "Please enter Tencent Cloud VOD App ID", - "workflow_node.deploy.form.tencentcloud_vod_sub_app_id.tooltip": "For more information, see https://console.cloud.tencent.com/vod", + "workflow_node.deploy.form.tencentcloud_vod_sub_app_id.tooltip": "For more information, see https://console.tencentcloud.com/vod", "workflow_node.deploy.form.tencentcloud_vod_domain.label": "Tencent Cloud VOD domain", "workflow_node.deploy.form.tencentcloud_vod_domain.placeholder": "Please enter Tencent Cloud VOD domain name", - "workflow_node.deploy.form.tencentcloud_vod_domain.tooltip": "For more information, see https://console.cloud.tencent.com/vod", + "workflow_node.deploy.form.tencentcloud_vod_domain.tooltip": "For more information, see https://console.tencentcloud.com/vod", "workflow_node.deploy.form.tencentcloud_waf_region.label": "Tencent Cloud WAF region", "workflow_node.deploy.form.tencentcloud_waf_region.placeholder": "Please enter Tencent Cloud WAF region (e.g. ap-guangzhou)", "workflow_node.deploy.form.tencentcloud_waf_region.tooltip": "For more information, see https://www.tencentcloud.com/document/product/627/38085", @@ -818,7 +860,7 @@ "workflow_node.deploy.form.wangsu_certificate_id.tooltip": "For more information, see https://cdn.console.wangsu.com/v2/index#/certificate/list", "workflow_node.deploy.form.webhook_data.label": "Webhook data (Optional)", "workflow_node.deploy.form.webhook_data.placeholder": "Please enter Webhook data to override the default value", - "workflow_node.deploy.form.webhook_data.tooltip": "Leave it blank to use the default Webhook data provided by the authorization.", + "workflow_node.deploy.form.webhook_data.tooltip": "Leave it blank to use the default Webhook data provided by the credential.", "workflow_node.deploy.form.webhook_data.guide": "
Supported variables:
  1. ${DOMAIN}: The primary domain of the certificate (CommonName).
  2. ${DOMAINS}: The domain list of the certificate (SubjectAltNames).
  3. ${CERTIFICATE}: The PEM format content of the certificate file.
  4. ${SERVER_CERTIFICATE}: The PEM format content of the server certificate file.
  5. ${INTERMEDIA_CERTIFICATE}: The PEM format content of the intermediate CA certificate file.
  6. ${PRIVATE_KEY}: The PEM format content of the private key file.

Please visit the authorization management page for addtional notes.", "workflow_node.deploy.form.webhook_data.errmsg.json_invalid": "Please enter a valiod JSON string", "workflow_node.deploy.form.strategy_config.label": "Strategy settings", @@ -851,31 +893,34 @@ "workflow_node.notify.form.channel.button": "Configure", "workflow_node.notify.form.provider.label": "Notification channel", "workflow_node.notify.form.provider.placeholder": "Please select notification channel", - "workflow_node.notify.form.provider_access.label": "Notification provider authorization", - "workflow_node.notify.form.provider_access.placeholder": "Please select an authorization of notification provider", + "workflow_node.notify.form.provider_access.label": "Notification provider credential", + "workflow_node.notify.form.provider_access.placeholder": "Please select an credential of notification provider", "workflow_node.notify.form.provider_access.button": "Create", "workflow_node.notify.form.params_config.label": "Parameter settings", "workflow_node.notify.form.discordbot_channel_id.label": "Discord channel ID (Optional)", "workflow_node.notify.form.discordbot_channel_id.placeholder": "Please enter Discord channel ID to override the default value", - "workflow_node.notify.form.discordbot_channel_id.tooltip": "Leave it blank to use the default channel ID provided by the authorization.", + "workflow_node.notify.form.discordbot_channel_id.tooltip": "Leave it blank to use the default channel ID provided by the credential.", "workflow_node.notify.form.email_sender_address.label": "Sender email address (Optional)", "workflow_node.notify.form.email_sender_address.placeholder": "Please enter sender email address to override the default value", - "workflow_node.notify.form.email_sender_address.tooltip": "Leave it blank to use the default sender email address provided by the authorization.", + "workflow_node.notify.form.email_sender_address.tooltip": "Leave it blank to use the default sender email address provided by the credential.", + "workflow_node.notify.form.email_sender_name.label": "Sender display name (Optional)", + "workflow_node.notify.form.email_sender_name.placeholder": "Please enter sender display name to override the default value", + "workflow_node.notify.form.email_sender_name.tooltip": "Leave it blank to use the default sender display name provided by the credential.", "workflow_node.notify.form.email_receiver_address.label": "Receiver email address (Optional)", "workflow_node.notify.form.email_receiver_address.placeholder": "Please enter receiver email address to override the default value", - "workflow_node.notify.form.email_receiver_address.tooltip": "Leave it blank to use the default receiver email address provided by the selected authorization.", + "workflow_node.notify.form.email_receiver_address.tooltip": "Leave it blank to use the default receiver email address provided by the selected credential.", "workflow_node.notify.form.mattermost_channel_id.label": "Mattermost channel ID (Optional)", "workflow_node.notify.form.mattermost_channel_id.placeholder": "Please enter Mattermost channel ID to override the default value", - "workflow_node.notify.form.mattermost_channel_id.tooltip": "Leave it blank to use the default channel ID provided by the authorization.", + "workflow_node.notify.form.mattermost_channel_id.tooltip": "Leave it blank to use the default channel ID provided by the credential.", "workflow_node.notify.form.slackbot_channel_id.label": "Slack channel ID (Optional)", "workflow_node.notify.form.slackbot_channel_id.placeholder": "Please enter Slack channel ID to override the default value", - "workflow_node.notify.form.slackbot_channel_id.tooltip": "Leave it blank to use the default channel ID provided by the authorization.", + "workflow_node.notify.form.slackbot_channel_id.tooltip": "Leave it blank to use the default channel ID provided by the credential.", "workflow_node.notify.form.telegrambot_chat_id.label": "Telegram chat ID (Optional)", "workflow_node.notify.form.telegrambot_chat_id.placeholder": "Please enter Telegram chat ID to override the default value", - "workflow_node.notify.form.telegrambot_chat_id.tooltip": "Leave it blank to use the default chat ID provided by the selected authorization.", + "workflow_node.notify.form.telegrambot_chat_id.tooltip": "Leave it blank to use the default chat ID provided by the selected credential.", "workflow_node.notify.form.webhook_data.label": "Webhook data (Optional)", "workflow_node.notify.form.webhook_data.placeholder": "Please enter Webhook data to override the default value", - "workflow_node.notify.form.webhook_data.tooltip": "Leave it blank to use the default Webhook data provided by the authorization.", + "workflow_node.notify.form.webhook_data.tooltip": "Leave it blank to use the default Webhook data provided by the credential.", "workflow_node.notify.form.webhook_data.guide": "
Supported variables:
  1. ${SUBJECT}: The subject of notification.
  2. ${MESSAGE}: The message of notification.

Please visit the authorization management page for addtional notes.", "workflow_node.notify.form.webhook_data.errmsg.json_invalid": "Please enter a valiod JSON string", "workflow_node.notify.form.strategy_config.label": "Strategy settings", diff --git a/ui/src/i18n/locales/zh/nls.access.json b/ui/src/i18n/locales/zh/nls.access.json index cbf0c7db..a3852926 100644 --- a/ui/src/i18n/locales/zh/nls.access.json +++ b/ui/src/i18n/locales/zh/nls.access.json @@ -72,6 +72,11 @@ "access.form.aliyun_resource_group_id.label": "阿里云资源组 ID(可选)", "access.form.aliyun_resource_group_id.placeholder": "请输入阿里云资源组 ID", "access.form.aliyun_resource_group_id.tooltip": "这是什么?请参阅 https://help.aliyun.com/zh/resource-management/resource-group/product-overview", + "access.form.apisix_server_url.label": "APISIX 服务地址", + "access.form.apisix_server_url.placeholder": "请输入 APISIX 服务地址", + "access.form.apisix_api_key.label": "APISIX Admin API Key", + "access.form.apisix_api_key.placeholder": "请输入 APISIX Admin API Key", + "access.form.apisix_api_key.tooltip": "这是什么?请参阅 https://apisix.apache.org/zh/docs/apisix/admin-api/", "access.form.aws_access_key_id.label": "AWS AccessKeyId", "access.form.aws_access_key_id.placeholder": "请输入 AWS AccessKeyId", "access.form.aws_access_key_id.tooltip": "这是什么?请参阅 https://docs.aws.amazon.com/zh_cn/IAM/latest/UserGuide/id_credentials_access-keys.html", @@ -152,6 +157,12 @@ "access.form.constellix_secret_key.label": "Constellix Secret Key", "access.form.constellix_secret_key.placeholder": "请输入 Constellix Secret Key", "access.form.constellix_secret_key.tooltip": "这是什么?请参阅 https://support.constellix.com/hc/en-us/articles/34574197390491-How-to-Generate-an-API-Key", + "access.form.ctcccloud_access_key_id.label": "天翼云 AccessKeyId", + "access.form.ctcccloud_access_key_id.placeholder": "请输入天翼云 AccessKeyId", + "access.form.ctcccloud_access_key_id.tooltip": "这是什么?请参阅 https://www.ctyun.cn/document/10015882/10015953", + "access.form.ctcccloud_secret_access_key.label": "天翼云 SecretAccessKey", + "access.form.ctcccloud_secret_access_key.placeholder": "请输入天翼云 SecretAccessKey", + "access.form.ctcccloud_secret_access_key.tooltip": "这是什么?请参阅 https://www.ctyun.cn/document/10015882/10015953", "access.form.desec_token.label": "deSEC Token", "access.form.desec_token.placeholder": "请输入 deSEC Token", "access.form.desec_token.tooltip": "这是什么?请参阅 https://desec.readthedocs.io/en/latest/auth/tokens.html", @@ -203,10 +214,12 @@ "access.form.email_username.placeholder": "请输入用户名", "access.form.email_password.label": "密码", "access.form.email_password.placeholder": "请输入密码", - "access.form.email_default_sender_address.label": "默认的发送邮箱地址(可选)", - "access.form.email_default_sender_address.placeholder": "请输入默认的发送邮箱地址", - "access.form.email_default_receiver_address.label": "默认的接收邮箱地址(可选)", - "access.form.email_default_receiver_address.placeholder": "请输入默认的接收邮箱地址", + "access.form.email_default_sender_address.label": "默认的发件人邮箱(可选)", + "access.form.email_default_sender_address.placeholder": "请输入默认的发件人邮箱", + "access.form.email_default_sender_name.label": "默认的发件人名称(可选)", + "access.form.email_default_sender_name.placeholder": "请输入默认的发件人名称", + "access.form.email_default_receiver_address.label": "默认的收件人邮箱(可选)", + "access.form.email_default_receiver_address.placeholder": "请输入默认的收件人邮箱", "access.form.flexcdn_server_url.label": "FlexCDN 服务地址", "access.form.flexcdn_server_url.placeholder": "请输入 FlexCDN 服务地址", "access.form.flexcdn_api_role.label": "FlexCDN 用户角色", @@ -398,8 +411,8 @@ "access.form.sslcom_eab_kid.label": "ACME EAB KID", "access.form.sslcom_eab_kid.placeholder": "请输入 ACME EAB KID", "access.form.sslcom_eab_kid.tooltip": "这是什么?请参阅 https://www.ssl.com/how-to/generate-acme-credentials-for-reseller-customers/", - "access.form.sslcom_eab_hmac_key.label": "ACME EAB HMAC key", - "access.form.sslcom_eab_hmac_key.placeholder": "请输入 ACME EAB HMAC key", + "access.form.sslcom_eab_hmac_key.label": "ACME EAB HMAC Key", + "access.form.sslcom_eab_hmac_key.placeholder": "请输入 ACME EAB HMAC Key", "access.form.sslcom_eab_hmac_key.tooltip": "这是什么?请参阅 https://www.ssl.com/how-to/generate-acme-credentials-for-reseller-customers/", "access.form.telegrambot_token.label": "Telegram 机器人 API Token", "access.form.telegrambot_token.placeholder": "请输入 Telegram 机器人 API Token", diff --git a/ui/src/i18n/locales/zh/nls.certificate.json b/ui/src/i18n/locales/zh/nls.certificate.json index 3c55e660..bc9f9200 100644 --- a/ui/src/i18n/locales/zh/nls.certificate.json +++ b/ui/src/i18n/locales/zh/nls.certificate.json @@ -13,6 +13,7 @@ "certificate.props.subject_alt_names": "名称", "certificate.props.validity": "有效期限", "certificate.props.validity.left_days": "{{left}} / {{total}} 天", + "certificate.props.validity.less_than_day": "即将过期(剩余 {{hours}} 小时)", "certificate.props.validity.expired": "已到期", "certificate.props.validity.expiration": "{{date}} 到期", "certificate.props.validity.filter.expire_soon": "即将到期", diff --git a/ui/src/i18n/locales/zh/nls.provider.json b/ui/src/i18n/locales/zh/nls.provider.json index 79af14fc..865f5b48 100644 --- a/ui/src/i18n/locales/zh/nls.provider.json +++ b/ui/src/i18n/locales/zh/nls.provider.json @@ -24,6 +24,7 @@ "provider.aliyun.waf": "阿里云 - Web 应用防火墙 WAF", "provider.akamai": "Akamai", "provider.akamai.cdn": "Akamai - 内容分发网络 CDN", + "provider.apisix": "Apache APISIX", "provider.aws": "AWS", "provider.aws.acm": "AWS - ACM (Amazon Certificate Manager)", "provider.aws.cloudfront": "AWS - CloudFront", @@ -56,9 +57,17 @@ "provider.cloudflare": "Cloudflare", "provider.cloudns": "ClouDNS", "provider.cmcccloud": "移动云", + "provider.cmcccloud.dns": "移动云 - 云解析 DNS", "provider.constellix": "Constellix", - "provider.ctcccloud": "联通云", - "provider.cucccloud": "天翼云", + "provider.ctcccloud": "天翼云", + "provider.ctcccloud.ao": "天翼云 - 边缘安全加速平台 AccessOne", + "provider.ctcccloud.cdn": "天翼云 - 内容分发网络 CDN", + "provider.ctcccloud.cms_upload": "天翼云 - 上传到证书管理服务 CMS", + "provider.ctcccloud.elb": "天翼云 - 弹性负载均衡 ELB", + "provider.ctcccloud.icdn": "天翼云 - 全站加速 ICDN", + "provider.ctcccloud.lvdn": "天翼云 - 视频直播 LVDN", + "provider.ctcccloud.smartdns": "天翼云 - 智能 DNS", + "provider.cucccloud": "联通云", "provider.desec": "deSEC", "provider.digitalocean": "DigitalOcean", "provider.dingtalkbot": "钉钉群机器人", @@ -132,6 +141,7 @@ "provider.tencentcloud.dns": "腾讯云 - 云解析 DNS", "provider.tencentcloud.ecdn": "腾讯云 - 全站加速网络 ECDN", "provider.tencentcloud.eo": "腾讯云 - 边缘安全加速平台 EdgeOne", + "provider.tencentcloud.gaap": "腾讯云 - 全球应用加速 GAAP", "provider.tencentcloud.scf": "腾讯云 - 云函数 SCF", "provider.tencentcloud.ssl_upload": "腾讯云 - 上传到 SSL 证书服务", "provider.tencentcloud.ssl_deploy": "腾讯云 - 通过 SSL 证书服务创建部署任务", @@ -172,6 +182,7 @@ "provider.category.loadbalance": "负载均衡", "provider.category.firewall": "防火墙", "provider.category.av": "音视频", + "provider.category.accelerator": "加速器", "provider.category.apigw": "API 网关", "provider.category.serverless": "Serverless", "provider.category.website": "网站托管", diff --git a/ui/src/i18n/locales/zh/nls.workflow.nodes.json b/ui/src/i18n/locales/zh/nls.workflow.nodes.json index a27ec30a..cdb519db 100644 --- a/ui/src/i18n/locales/zh/nls.workflow.nodes.json +++ b/ui/src/i18n/locales/zh/nls.workflow.nodes.json @@ -225,7 +225,7 @@ "workflow_node.deploy.form.aliyun_fc_service_version.placeholder": "请选择阿里云 FC 服务版本", "workflow_node.deploy.form.aliyun_fc_domain.label": "阿里云 FC 自定义域名", "workflow_node.deploy.form.aliyun_fc_domain.placeholder": "请输入阿里云 FC 自定义域名(支持泛域名)", - "workflow_node.deploy.form.aliyun_fc_domain.tooltip": "这是什么?请参阅 see https://fcnext.console.aliyun.com/", + "workflow_node.deploy.form.aliyun_fc_domain.tooltip": "这是什么?请参阅 see https://fcnext.console.aliyun.com", "workflow_node.deploy.form.aliyun_ga_resource_type.label": "证书部署方式", "workflow_node.deploy.form.aliyun_ga_resource_type.placeholder": "请选择证书部署方式", "workflow_node.deploy.form.aliyun_ga_resource_type.option.accelerator.label": "替换指定全球加速器下的全部 HTTPS 监听的证书", @@ -284,6 +284,12 @@ "workflow_node.deploy.form.aliyun_waf_domain.label": "阿里云 WAF 接入域名(可选)", "workflow_node.deploy.form.aliyun_waf_domain.placeholder": "请输入阿里云 WAF 接入域名(支持泛域名)", "workflow_node.deploy.form.aliyun_waf_domain.tooltip": "这是什么?请参阅 waf.console.aliyun.com

不填写时,将替换实例的默认证书;否则,将替换扩展域名证书。", + "workflow_node.deploy.form.apisix_resource_type.label": "证书部署方式", + "workflow_node.deploy.form.apisix_resource_type.placeholder": "请选择证书部署方式", + "workflow_node.deploy.form.apisix_resource_type.option.certificate.label": "替换指定证书", + "workflow_node.deploy.form.apisix_certificate_id.label": "APISIX 证书 ID", + "workflow_node.deploy.form.apisix_certificate_id.placeholder": "请输入 APISIX 证书 ID", + "workflow_node.deploy.form.apisix_certificate_id.tooltip": "请登录 APISIX 控制台查看。", "workflow_node.deploy.form.aws_acm_region.label": "AWS ACM 服务区域", "workflow_node.deploy.form.aws_acm_region.placeholder": "请输入 AWS ACM 服务区域(例如:us-east-1)", "workflow_node.deploy.form.aws_acm_region.tooltip": "这是什么?请参阅 https://docs.aws.amazon.com/zh_cn/general/latest/gr/rande.html#regional-endpoints", @@ -391,6 +397,31 @@ "workflow_node.deploy.form.cdnfly_certificate_id.label": "Cdnfly 证书 ID", "workflow_node.deploy.form.cdnfly_certificate_id.placeholder": "请输入 Cdnfly 证书 ID", "workflow_node.deploy.form.cdnfly_certificate_id.tooltip": "请登录 Cdnfly 控制台查看。", + "workflow_node.deploy.form.ctcccloud_ao_domain.label": "天翼云 AccessOne 加速域名", + "workflow_node.deploy.form.ctcccloud_ao_domain.placeholder": "请输入天翼云 AccessOne 加速域名(支持泛域名)", + "workflow_node.deploy.form.ctcccloud_ao_domain.tooltip": "这是什么?请参阅 https://cdn.ctyun.cn/h5/ctaccessone/", + "workflow_node.deploy.form.ctcccloud_cdn_domain.label": "天翼云 CDN 加速域名", + "workflow_node.deploy.form.ctcccloud_cdn_domain.placeholder": "请输入天翼云 CDN 加速域名(支持泛域名)", + "workflow_node.deploy.form.ctcccloud_cdn_domain.tooltip": "这是什么?请参阅 https://cdn-console.ctyun.cn", + "workflow_node.deploy.form.ctcccloud_elb_resource_type.label": "证书部署方式", + "workflow_node.deploy.form.ctcccloud_elb_resource_type.placeholder": "请选择证书部署方式", + "workflow_node.deploy.form.ctcccloud_elb_resource_type.option.loadbalancer.label": "替换指定负载均衡器下的全部 HTTPS 监听器的证书", + "workflow_node.deploy.form.ctcccloud_elb_resource_type.option.listener.label": "替换指定监听器的证书", + "workflow_node.deploy.form.ctcccloud_elb_region_id.label": "天翼云 ELB 资源池 ID", + "workflow_node.deploy.form.ctcccloud_elb_region_id.placeholder": "请输入天翼云 ELB 资源池 ID", + "workflow_node.deploy.form.ctcccloud_elb_region_id.tooltip": "这是什么?请参阅 https://www.ctyun.cn/document/10026755/10196575", + "workflow_node.deploy.form.ctcccloud_elb_loadbalancer_id.label": "天翼云 ELB 负载均衡器 ID", + "workflow_node.deploy.form.ctcccloud_elb_loadbalancer_id.placeholder": "请输入天翼云 ELB 负载均衡器 ID", + "workflow_node.deploy.form.ctcccloud_elb_loadbalancer_id.tooltip": "这是什么?请参阅 https://console.ctyun.cn/network/index/#/elb/elbList", + "workflow_node.deploy.form.ctcccloud_elb_listener_id.label": "天翼云 ELB 监听器 ID", + "workflow_node.deploy.form.ctcccloud_elb_listener_id.placeholder": "请输入天翼云 ELB 监听器 ID", + "workflow_node.deploy.form.ctcccloud_elb_listener_id.tooltip": "这是什么?请参阅 https://console.ctyun.cn/network/index/#/elb/elbList", + "workflow_node.deploy.form.ctcccloud_icdn_domain.label": "天翼云 ICDN 加速域名", + "workflow_node.deploy.form.ctcccloud_icdn_domain.placeholder": "请输入天翼云 ICDN 加速域名(支持泛域名)", + "workflow_node.deploy.form.ctcccloud_icdn_domain.tooltip": "这是什么?请参阅 https://cdn-console.ctyun.cn", + "workflow_node.deploy.form.ctcccloud_lvdn_domain.label": "天翼云 LVDN 加速域名", + "workflow_node.deploy.form.ctcccloud_lvdn_domain.placeholder": "请输入天翼云 LVDN 加速域名", + "workflow_node.deploy.form.ctcccloud_lvdn_domain.tooltip": "这是什么?请参阅 https://cdn.ctyun.cn/h5/live/index", "workflow_node.deploy.form.dogecloud_cdn_domain.label": "多吉云 CDN 加速域名", "workflow_node.deploy.form.dogecloud_cdn_domain.placeholder": "请输入多吉云 CDN 加速域名", "workflow_node.deploy.form.dogecloud_cdn_domain.tooltip": "这是什么?请参阅 https://console.dogecloud.com", @@ -470,13 +501,13 @@ "workflow_node.deploy.form.jdcloud_alb_snidomain.tooltip": "这是什么?请参阅 https://cns-console.jdcloud.com/host/loadBalance/list

不填写时,将替换监听器的默认证书;否则,将替换扩展域名证书。", "workflow_node.deploy.form.jdcloud_cdn_domain.label": "京东云 CDN 加速域名", "workflow_node.deploy.form.jdcloud_cdn_domain.placeholder": "请输入京东云 CDN 加速域名(支持泛域名)", - "workflow_node.deploy.form.jdcloud_cdn_domain.tooltip": "这是什么?请参阅 https://cdn-console.jdcloud.com/", + "workflow_node.deploy.form.jdcloud_cdn_domain.tooltip": "这是什么?请参阅 https://cdn-console.jdcloud.com", "workflow_node.deploy.form.jdcloud_live_domain.label": "京东云视频直播播放域名", "workflow_node.deploy.form.jdcloud_live_domain.placeholder": "请输入京东云视频直播播放域名", "workflow_node.deploy.form.jdcloud_live_domain.tooltip": "这是什么?请参阅 https://live-console.jdcloud.com", "workflow_node.deploy.form.jdcloud_vod_domain.label": "京东云视频点播加速域名", "workflow_node.deploy.form.jdcloud_vod_domain.placeholder": "请输入京东云视频点播加速域名", - "workflow_node.deploy.form.jdcloud_vod_domain.tooltip": "这是什么?请参阅 https://vod-console.jdcloud.com/", + "workflow_node.deploy.form.jdcloud_vod_domain.tooltip": "这是什么?请参阅 https://vod-console.jdcloud.com", "workflow_node.deploy.form.k8s_namespace.label": "Kubernetes 命名空间", "workflow_node.deploy.form.k8s_namespace.placeholder": "请输入 Kubernetes 命名空间", "workflow_node.deploy.form.k8s_namespace.tooltip": "这是什么?请参阅 https://kubernetes.io/zh-cn/docs/concepts/overview/working-with-objects/namespaces/", @@ -619,6 +650,7 @@ "workflow_node.deploy.form.ssh_preset_scripts.option.sh_reload_nginx.label": "POSIX Bash - 重启 nginx 进程", "workflow_node.deploy.form.ssh_preset_scripts.option.sh_replace_synologydsm_ssl.label": "POSIX Bash - 替换群晖 DSM 证书", "workflow_node.deploy.form.ssh_preset_scripts.option.sh_replace_fnos_ssl.label": "POSIX Bash - 替换飞牛 fnOS 证书", + "workflow_node.deploy.form.ssh_preset_scripts.option.sh_replace_qnap_ssl.label": "POSIX Bash - 替换威联通 QNAP 证书", "workflow_node.deploy.form.ssh_preset_scripts.option.ps_binding_iis.label": "PowerShell - 导入并绑定到 IIS", "workflow_node.deploy.form.ssh_preset_scripts.option.ps_binding_netsh.label": "PowerShell - 导入并绑定到 netsh", "workflow_node.deploy.form.ssh_preset_scripts.option.ps_binding_rdp.label": "PowerShell - 导入并绑定到 RDP", @@ -667,14 +699,23 @@ "workflow_node.deploy.form.tencentcloud_eo_zone_id.placeholder": "请输入腾讯云 EdgeOne 站点 ID", "workflow_node.deploy.form.tencentcloud_eo_zone_id.tooltip": "这是什么?请参阅 https://console.cloud.tencent.com/edgeone", "workflow_node.deploy.form.tencentcloud_eo_domain.label": "腾讯云 EdgeOne 加速域名", - "workflow_node.deploy.form.tencentcloud_eo_domain.placeholder": "请输入腾讯云 EdgeOne 加速域名", + "workflow_node.deploy.form.tencentcloud_eo_domain.placeholder": "请输入腾讯云 EdgeOne 加速域名(支持泛域名)", "workflow_node.deploy.form.tencentcloud_eo_domain.tooltip": "这是什么?请参阅 https://console.cloud.tencent.com/edgeone", + "workflow_node.deploy.form.tencentcloud_gaap_resource_type.label": "证书部署方式", + "workflow_node.deploy.form.tencentcloud_gaap_resource_type.placeholder": "请选择证书部署方式", + "workflow_node.deploy.form.tencentcloud_gaap_resource_type.option.listener.label": "替换指定监听器的证书", + "workflow_node.deploy.form.tencentcloud_gaap_proxy_id.label": "腾讯云 GAAP 通道 ID(可选)", + "workflow_node.deploy.form.tencentcloud_gaap_proxy_id.placeholder": "请输入腾讯云 GAAP 通道 ID", + "workflow_node.deploy.form.tencentcloud_gaap_proxy_id.tooltip": "这是什么?请参阅 https://console.cloud.tencent.com/gaap", + "workflow_node.deploy.form.tencentcloud_gaap_listener_id.label": "腾讯云 GAAP 监听器 ID", + "workflow_node.deploy.form.tencentcloud_gaap_listener_id.placeholder": "请输入腾讯云 GAAP 监听器 ID", + "workflow_node.deploy.form.tencentcloud_gaap_listener_id.tooltip": "这是什么?请参阅 https://console.cloud.tencent.com/gaap", "workflow_node.deploy.form.tencentcloud_scf_region.label": "腾讯云 SCF 产品地域", "workflow_node.deploy.form.tencentcloud_scf_region.placeholder": "输入腾讯云 SCF 产品地域(例如:ap-guangzhou)", "workflow_node.deploy.form.tencentcloud_scf_region.tooltip": "这是什么?请参阅 https://cloud.tencent.com/document/product/583/17299", "workflow_node.deploy.form.tencentcloud_scf_domain.label": "腾讯云 SCF 自定义域名", "workflow_node.deploy.form.tencentcloud_scf_domain.placeholder": "输入腾讯云 SCF 自定义域名", - "workflow_node.deploy.form.tencentcloud_scf_domain.tooltip": "这是什么?请参阅 https://console.tencentcloud.com/scf", + "workflow_node.deploy.form.tencentcloud_scf_domain.tooltip": "这是什么?请参阅 https://console.cloud.tencent.com/scf", "workflow_node.deploy.form.tencentcloud_ssl_deploy.guide": "小贴士:由于腾讯云证书部署任务是异步的,此节点若执行成功仅代表已创建部署任务,实际部署结果需要你自行前往腾讯云控制台查询。", "workflow_node.deploy.form.tencentcloud_ssl_deploy_region.label": "腾讯云云产品地域", "workflow_node.deploy.form.tencentcloud_ssl_deploy_region.placeholder": "请输入腾讯云云产品地域(例如:ap-guangzhou)", @@ -857,12 +898,15 @@ "workflow_node.notify.form.discordbot_channel_id.label": "Discord 频道 ID(可选)", "workflow_node.notify.form.discordbot_channel_id.placeholder": "请输入 Discord 频道 ID 以覆盖默认值", "workflow_node.notify.form.discordbot_channel_id.tooltip": "不填写时,将使用所选通知渠道授权的默认频道 ID。", - "workflow_node.notify.form.email_sender_address.label": "发送邮箱地址(可选)", - "workflow_node.notify.form.email_sender_address.placeholder": "请输入发送邮箱地址以覆盖默认值", - "workflow_node.notify.form.email_sender_address.tooltip": "不填写时,将使用所选通知渠道授权的默认发送邮箱地址。", - "workflow_node.notify.form.email_receiver_address.label": "接收邮箱地址(可选)", - "workflow_node.notify.form.email_receiver_address.placeholder": "请输入接收邮箱地址以覆盖默认值", - "workflow_node.notify.form.email_receiver_address.tooltip": "不填写时,将使用所选通知渠道授权的默认接收邮箱地址。", + "workflow_node.notify.form.email_sender_address.label": "发件人邮箱(可选)", + "workflow_node.notify.form.email_sender_address.placeholder": "请输入发件人邮箱以覆盖默认值", + "workflow_node.notify.form.email_sender_address.tooltip": "不填写时,将使用所选通知渠道授权的默认发件人邮箱。", + "workflow_node.notify.form.email_sender_name.label": "发件人名称(可选)", + "workflow_node.notify.form.email_sender_name.placeholder": "请输入发件人名称以覆盖默认值", + "workflow_node.notify.form.email_sender_name.tooltip": "不填写时,将使用所选通知渠道授权的默认发件人名称。", + "workflow_node.notify.form.email_receiver_address.label": "收件人邮箱(可选)", + "workflow_node.notify.form.email_receiver_address.placeholder": "请输入收件人邮箱以覆盖默认值", + "workflow_node.notify.form.email_receiver_address.tooltip": "不填写时,将使用所选通知渠道授权的默认收件人邮箱。", "workflow_node.notify.form.mattermost_channel_id.label": "Mattermost 频道 ID(可选)", "workflow_node.notify.form.mattermost_channel_id.placeholder": "请输入 Mattermost 频道 ID 以覆盖默认值", "workflow_node.notify.form.mattermost_channel_id.tooltip": "不填写时,将使用所选通知渠道授权的默认频道 ID。", diff --git a/ui/src/pages/certificates/CertificateList.tsx b/ui/src/pages/certificates/CertificateList.tsx index 97eab0ef..52dadf39 100644 --- a/ui/src/pages/certificates/CertificateList.tsx +++ b/ui/src/pages/certificates/CertificateList.tsx @@ -109,11 +109,19 @@ const CertificateList = () => { }, render: (_, record) => { const total = dayjs(record.expireAt).diff(dayjs(record.created), "d") + 1; - const left = dayjs(record.expireAt).diff(dayjs(), "d"); + // 使用 isAfter 更精确地判断是否过期 + const isExpired = dayjs().isAfter(dayjs(record.expireAt)); + const leftDays = dayjs(record.expireAt).diff(dayjs(), "d"); + const leftHours = dayjs(record.expireAt).diff(dayjs(), "h"); + return ( - {left > 0 ? ( - {t("certificate.props.validity.left_days", { left, total })} + {!isExpired ? ( + leftDays > 0 ? ( + {t("certificate.props.validity.left_days", { left: leftDays, total })} + ) : ( + {t("certificate.props.validity.less_than_day", { hours: leftHours > 0 ? leftHours : 1 })} + ) ) : ( {t("certificate.props.validity.expired")} )} diff --git a/ui/src/pages/workflows/WorkflowDetail.tsx b/ui/src/pages/workflows/WorkflowDetail.tsx index 91e8d746..549bc311 100644 --- a/ui/src/pages/workflows/WorkflowDetail.tsx +++ b/ui/src/pages/workflows/WorkflowDetail.tsx @@ -335,12 +335,10 @@ const WorkflowBaseInfoModal = ({ trigger }: { trigger?: React.ReactNode }) => { name: z .string({ message: t("workflow.detail.baseinfo.form.name.placeholder") }) .min(1, t("workflow.detail.baseinfo.form.name.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), description: z .string({ message: t("workflow.detail.baseinfo.form.description.placeholder") }) .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/pages/workflows/WorkflowNew.tsx b/ui/src/pages/workflows/WorkflowNew.tsx index 9877dcc2..1da27939 100644 --- a/ui/src/pages/workflows/WorkflowNew.tsx +++ b/ui/src/pages/workflows/WorkflowNew.tsx @@ -37,12 +37,10 @@ const WorkflowNew = () => { name: z .string({ message: t("workflow.new.modal.form.name.placeholder") }) .min(1, t("workflow.new.modal.form.name.placeholder")) - .max(64, t("common.errmsg.string_max", { max: 64 })) - .trim(), + .max(64, t("common.errmsg.string_max", { max: 64 })), description: z .string({ message: t("workflow.new.modal.form.description.placeholder") }) .max(256, t("common.errmsg.string_max", { max: 256 })) - .trim() .nullish(), }); const formRule = createSchemaFieldRule(formSchema); diff --git a/ui/src/repository/certificate.ts b/ui/src/repository/certificate.ts index 95b9fb82..486a8e21 100644 --- a/ui/src/repository/certificate.ts +++ b/ui/src/repository/certificate.ts @@ -18,7 +18,7 @@ export const list = async (request: ListRequest) => { filters.push(pb.filter("(subjectAltNames~{:keyword} || serialNumber={:keyword})", { keyword: request.keyword })); } if (request.state === "expireSoon") { - filters.push(pb.filter("expireAt<{:expiredAt}", { expiredAt: dayjs().add(20, "d").toDate() })); + filters.push(pb.filter("expireAt<{:expiredAt} && expireAt>@now", { expiredAt: dayjs().add(20, "d").toDate() })); } else if (request.state === "expired") { filters.push(pb.filter("expireAt<={:expiredAt}", { expiredAt: new Date() })); } diff --git a/ui/src/stores/contact/index.ts b/ui/src/stores/contact/index.ts index a17e18bd..ae8e25d2 100644 --- a/ui/src/stores/contact/index.ts +++ b/ui/src/stores/contact/index.ts @@ -60,6 +60,7 @@ export const useContactEmailsStore = create((set, get) => { if (draft.includes(email)) return; draft.push(email); draft.sort(); + return draft; }); get().setEmails(emails); }, @@ -68,6 +69,7 @@ export const useContactEmailsStore = create((set, get) => { const emails = produce(get().emails, (draft) => { draft = draft.filter((e) => e !== email); draft.sort(); + return draft; }); get().setEmails(emails); }, diff --git a/ui/src/utils/validators.ts b/ui/src/utils/validators.ts index 05d43edd..c170ce40 100644 --- a/ui/src/utils/validators.ts +++ b/ui/src/utils/validators.ts @@ -1,4 +1,6 @@ -import { validCronExpression as _validCronExpression } from "./cron"; +import { z } from "zod"; + +import { validCronExpression as _validCronExpression } from "./cron"; export const validCronExpression = (value: string) => { return _validCronExpression(value); @@ -10,20 +12,30 @@ export const validDomainName = (value: string, { allowWildcard = false }: { allo }; export const validEmailAddress = (value: string) => { - const re = /^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/; - return re.test(value); + try { + z.string().email().parse(value); + return true; + } catch (_) { + return false; + } }; export const validIPv4Address = (value: string) => { - const re = - /^(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])$/; - return re.test(value); + try { + z.string().ip({ version: "v4" }).parse(value); + return true; + } catch (_) { + return false; + } }; export const validIPv6Address = (value: string) => { - const re = - /^([\da-fA-F]{1,4}:){6}((25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(25[0-5]|2[0-4]\d|[01]?\d\d?)|::([\da−fA−F]1,4:)0,4((25[0−5]|2[0−4]\d|[01]?\d\d?)\.)3(25[0−5]|2[0−4]\d|[01]?\d\d?)|::([\da−fA−F]1,4:)0,4((25[0−5]|2[0−4]\d|[01]?\d\d?)\.)3(25[0−5]|2[0−4]\d|[01]?\d\d?)|^([\da-fA-F]{1,4}:):([\da-fA-F]{1,4}:){0,3}((25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(25[0-5]|2[0-4]\d|[01]?\d\d?)|([\da−fA−F]1,4:)2:([\da−fA−F]1,4:)0,2((25[0−5]|2[0−4]\d|[01]?\d\d?)\.)3(25[0−5]|2[0−4]\d|[01]?\d\d?)|([\da−fA−F]1,4:)2:([\da−fA−F]1,4:)0,2((25[0−5]|2[0−4]\d|[01]?\d\d?)\.)3(25[0−5]|2[0−4]\d|[01]?\d\d?)|^([\da-fA-F]{1,4}:){3}:([\da-fA-F]{1,4}:){0,1}((25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(25[0-5]|2[0-4]\d|[01]?\d\d?)|([\da−fA−F]1,4:)4:((25[0−5]|2[0−4]\d|[01]?\d\d?)\.)3(25[0−5]|2[0−4]\d|[01]?\d\d?)|([\da−fA−F]1,4:)4:((25[0−5]|2[0−4]\d|[01]?\d\d?)\.)3(25[0−5]|2[0−4]\d|[01]?\d\d?)|^([\da-fA-F]{1,4}:){7}[\da-fA-F]{1,4}|:((:[\da−fA−F]1,4)1,6|:)|:((:[\da−fA−F]1,4)1,6|:)|^[\da-fA-F]{1,4}:((:[\da-fA-F]{1,4}){1,5}|:)|([\da−fA−F]1,4:)2((:[\da−fA−F]1,4)1,4|:)|([\da−fA−F]1,4:)2((:[\da−fA−F]1,4)1,4|:)|^([\da-fA-F]{1,4}:){3}((:[\da-fA-F]{1,4}){1,3}|:)|([\da−fA−F]1,4:)4((:[\da−fA−F]1,4)1,2|:)|([\da−fA−F]1,4:)4((:[\da−fA−F]1,4)1,2|:)|^([\da-fA-F]{1,4}:){5}:([\da-fA-F]{1,4})?|([\da−fA−F]1,4:)6:|([\da−fA−F]1,4:)6:/; - return re.test(value); + try { + z.string().ip({ version: "v6" }).parse(value); + return true; + } catch (_) { + return false; + } }; export const validHttpOrHttpsUrl = (value: string) => { @@ -36,5 +48,5 @@ export const validHttpOrHttpsUrl = (value: string) => { }; export const validPortNumber = (value: string | number) => { - return parseInt(value + "") === +value && +value >= 1 && +value <= 65535; + return parseInt(value + "") === +value && String(+value) === String(value) && +value >= 1 && +value <= 65535; }; diff --git a/ui/types/vite-env.d.ts b/ui/types/vite-env.d.ts index 11f02fe2..d5337f4c 100644 --- a/ui/types/vite-env.d.ts +++ b/ui/types/vite-env.d.ts @@ -1 +1,2 @@ /// +declare const __APP_VERSION__: string; diff --git a/ui/vite.config.ts b/ui/vite.config.ts index ce8b37d8..9ca80758 100644 --- a/ui/vite.config.ts +++ b/ui/vite.config.ts @@ -1,9 +1,10 @@ +import { type SpawnSyncReturns, execFileSync } from "node:child_process"; import path from "node:path"; import legacyPlugin from "@vitejs/plugin-legacy"; import reactPlugin from "@vitejs/plugin-react"; import fs from "fs-extra"; -import { type Plugin, defineConfig } from "vite"; +import { type Plugin, defineConfig, loadEnv } from "vite"; const preserveFilesPlugin = (filesToPreserve: string[]): Plugin => { return { @@ -32,22 +33,40 @@ const preserveFilesPlugin = (filesToPreserve: string[]): Plugin => { }; }; -export default defineConfig({ - plugins: [ - reactPlugin({}), - legacyPlugin({ - targets: ["defaults", "not IE 11"], - }), - preserveFilesPlugin(["dist/.gitkeep"]), - ], - resolve: { - alias: { - "@": path.resolve(__dirname, "./src"), +export default defineConfig(({ mode }) => { + const envs = loadEnv(mode, process.cwd()); + let appVersion = undefined; + if (!envs?.VITE_APP_VERSION) { + try { + appVersion = execFileSync("git", ["describe", "--match", "v[0-9]*", "--tags", "--abbrev=8"], { + stdio: [], + })?.toString(); + } catch (error) { + const err = error as SpawnSyncReturns; + console.warn("[Warn] failed to get version number through git", err?.stderr?.toString()); + } + } + + return { + define: { + __APP_VERSION__: JSON.stringify(appVersion), }, - }, - server: { - proxy: { - "/api": "http://127.0.0.1:8090", + plugins: [ + reactPlugin({}), + legacyPlugin({ + targets: ["defaults", "not IE 11"], + }), + preserveFilesPlugin(["dist/.gitkeep"]), + ], + resolve: { + alias: { + "@": path.resolve(__dirname, "./src"), + }, }, - }, + server: { + proxy: { + "/api": "http://127.0.0.1:8090", + }, + }, + }; });