Merge pull request #242 from LeoChen98/feat-tencent-cos-support

feat: add tencent cos deploy support
2025-07-19 01:41:55 +08:00 · 2024-10-23 07:55:03 +08:00 · 2024-10-23 07:55:03 +08:00 · f8da3ded0d
commit f8da3ded0d
parent dc383644d6 b01849eb0c
11 changed files with 292 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -74,7 +74,7 @@ make local.run
 |   服务商   | 支持申请证书 | 支持部署证书 | 备注                                                         |
 | :--------: | :----------: | :----------: | ------------------------------------------------------------ |
 |   阿里云   |      √       |      √       | 可签发在阿里云注册的域名；可部署到阿里云 OSS、CDN            |
-|   腾讯云   |      √       |      √       | 可签发在腾讯云注册的域名；可部署到腾讯云 CDN                 |
+|   腾讯云   |      √       |      √       | 可签发在腾讯云注册的域名；可部署到腾讯云 CDN、COS            |
 |   华为云   |      √       |      √       | 可签发在华为云注册的域名；可部署到华为云 CDN                 |
 |   七牛云   |              |      √       | 可部署到七牛云 CDN                                           |
 |    AWS     |      √       |              | 可签发在 AWS Route53 托管的域名                              |
--- a/README_EN.md
+++ b/README_EN.md
@ -73,7 +73,7 @@ password：1234567890
 |   Provider    | Registration | Deployment | Remarks                                                                                     |
 | :-----------: | :----------: | :--------: | ------------------------------------------------------------------------------------------- |
 | Alibaba Cloud |      √       |     √      | Supports domains registered on Alibaba Cloud; supports deployment to Alibaba Cloud OSS, CDN |
-| Tencent Cloud |      √       |     √      | Supports domains registered on Tencent Cloud; supports deployment to Tencent Cloud CDN      |
+| Tencent Cloud |      √       |     √      | Supports domains registered on Tencent Cloud; supports deployment to Tencent Cloud CDN, COS |
 | Huawei Cloud  |      √       |     √      | Supports domains registered on Huawei Cloud; supports deployment to Huawei Cloud CDN        |
 |  Qiniu Cloud  |              |     √      | Supports deployment to Qiniu Cloud CDN                                                      |
 |      AWS      |      √       |            | Supports domains managed on AWS Route53                                                     |
--- a/internal/deployer/deployer.go
+++ b/internal/deployer/deployer.go
@ -19,6 +19,7 @@ const (
 	targetAliyunCDN      = "aliyun-cdn"
 	targetAliyunESA      = "aliyun-dcdn"
 	targetTencentCDN     = "tencent-cdn"
+	targetTencentCOS     = "tencent-cos"
 	targetHuaweiCloudCDN = "huaweicloud-cdn"
 	targetQiniuCdn       = "qiniu-cdn"
 	targetLocal          = "local"
@ -105,6 +106,8 @@ func getWithDeployConfig(record *models.Record, cert *applicant.Certificate, dep
 		return NewAliyunESADeployer(option)
 	case targetTencentCDN:
 		return NewTencentCDNDeployer(option)
+	case targetTencentCOS:
+		return NewTencentCOSDeployer(option)
 	case targetHuaweiCloudCDN:
 		return NewHuaweiCloudCDNDeployer(option)
 	case targetQiniuCdn:
--- a/internal/deployer/tencent-cos.go
+++ b/internal/deployer/tencent-cos.go
@ -0,0 +1,108 @@
+package deployer
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+
+	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
+	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
+	ssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
+
+	"github.com/usual2970/certimate/internal/domain"
+	"github.com/usual2970/certimate/internal/utils/rand"
+)
+
+type TencentCOSDeployer struct {
+	option     *DeployerOption	
+	credential *common.Credential
+	infos      []string
+}
+
+func NewTencentCOSDeployer(option *DeployerOption) (Deployer, error) {
+	access := &domain.TencentAccess{}
+	if err := json.Unmarshal([]byte(option.Access), access); err != nil {
+		return nil, fmt.Errorf("failed to unmarshal tencent access: %w", err)
+	}
+
+	credential := common.NewCredential(
+		access.SecretId,
+		access.SecretKey,
+	)
+
+	return &TencentCOSDeployer{
+		option:     option,
+		credential: credential,
+		infos:      make([]string, 0),
+	}, nil
+}
+
+func (d *TencentCOSDeployer) GetID() string {
+	return fmt.Sprintf("%s-%s", d.option.AccessRecord.GetString("name"), d.option.AccessRecord.Id)
+}
+
+func (d *TencentCOSDeployer) GetInfo() []string {
+	return d.infos
+}
+
+func (d *TencentCOSDeployer) Deploy(ctx context.Context) error {
+	// 上传证书
+	certId, err := d.uploadCert()
+	if err != nil {
+		return fmt.Errorf("failed to upload certificate: %w", err)
+	}
+	d.infos = append(d.infos, toStr("上传证书", certId))
+
+	if err := d.deploy(certId); err != nil {
+		return fmt.Errorf("failed to deploy: %w", err)
+	}
+
+	return nil
+}
+
+// 上传证书，与CDN部署的上传方法一致。
+func (d *TencentCOSDeployer) uploadCert() (string, error) {
+	cpf := profile.NewClientProfile()
+	cpf.HttpProfile.Endpoint = "ssl.tencentcloudapi.com"
+
+	client, _ := ssl.NewClient(d.credential, "", cpf)
+
+	request := ssl.NewUploadCertificateRequest()
+
+	request.CertificatePublicKey = common.StringPtr(d.option.Certificate.Certificate)
+	request.CertificatePrivateKey = common.StringPtr(d.option.Certificate.PrivateKey)
+	request.Alias = common.StringPtr(d.option.Domain + "_" + rand.RandStr(6))
+	request.Repeatable = common.BoolPtr(false)
+
+	response, err := client.UploadCertificate(request)
+	if err != nil {
+		return "", fmt.Errorf("failed to upload certificate: %w", err)
+	}
+
+	return *response.Response.CertificateId, nil
+}
+
+func (d *TencentCOSDeployer) deploy(certId string) error {
+	cpf := profile.NewClientProfile()
+	cpf.HttpProfile.Endpoint = "ssl.tencentcloudapi.com"
+	// 实例化要请求产品的client对象,clientProfile是可选的
+	client, _ := ssl.NewClient(d.credential, getDeployString(d.option.DeployConfig, "region"), cpf)
+
+	// 实例化一个请求对象,每个接口都会对应一个request对象
+	request := ssl.NewDeployCertificateInstanceRequest()
+
+	request.CertificateId = common.StringPtr(certId)
+	request.ResourceType = common.StringPtr("cos")
+	request.Status = common.Int64Ptr(1)
+
+	domain := getDeployString(d.option.DeployConfig, "domain")
+	request.InstanceIdList = common.StringPtrs([]string{fmt.Sprintf("%s#%s#%s", getDeployString(d.option.DeployConfig, "region"), getDeployString(d.option.DeployConfig, "bucket"), domain)})
+
+	// 返回的resp是一个DeployCertificateInstanceResponse的实例，与请求对象对应
+	resp, err := client.DeployCertificateInstance(request)
+	if err != nil {
+		return fmt.Errorf("failed to deploy certificate: %w", err)
+	}
+	d.infos = append(d.infos, toStr("部署证书", resp.Response))
+	return nil
+}
--- a/ui/src/components/certimate/DeployEditDialog.tsx
+++ b/ui/src/components/certimate/DeployEditDialog.tsx
@ -12,6 +12,7 @@ import { Context as DeployEditContext } from "./DeployEdit";
 import DeployToAliyunOSS from "./DeployToAliyunOSS";
 import DeployToAliyunCDN from "./DeployToAliyunCDN";
 import DeployToTencentCDN from "./DeployToTencentCDN";
+import DeployToTencentCOS from "./DeployToTencentCOS";
 import DeployToHuaweiCloudCDN from "./DeployToHuaweiCloudCDN";
 import DeployToQiniuCDN from "./DeployToQiniuCDN";
 import DeployToSSH from "./DeployToSSH";
@ -118,6 +119,9 @@ const DeployEditDialog = ({ trigger, deployConfig, onSave }: DeployEditDialogPro
    case "tencent-cdn":
      childComponent = <DeployToTencentCDN />;
      break;
+    case "tencent-cos":
+      childComponent = <DeployToTencentCOS />;
+      break;
    case "huaweicloud-cdn":
      childComponent = <DeployToHuaweiCloudCDN />;
      break;
--- a/ui/src/components/certimate/DeployToTencentCOS.tsx
+++ b/ui/src/components/certimate/DeployToTencentCOS.tsx
@ -0,0 +1,164 @@
+import { useEffect } from "react";
+import { useTranslation } from "react-i18next";
+import { z } from "zod";
+import { produce } from "immer";
+
+import { Input } from "@/components/ui/input";
+import { Label } from "@/components/ui/label";
+import { useDeployEditContext } from "./DeployEdit";
+
+const DeployToTencentCOS = () => {
+  const { deploy: data, setDeploy, error, setError } = useDeployEditContext();
+
+  const { t } = useTranslation();
+
+  useEffect(() => {
+    setError({});
+  }, []);
+
+  useEffect(() => {
+    const resp = domainSchema.safeParse(data.config?.domain);
+    if (!resp.success) {
+      setError({
+        ...error,
+        domain: JSON.parse(resp.error.message)[0].message,
+      });
+    } else {
+      setError({
+        ...error,
+        domain: "",
+      });
+    }
+  }, [data]);
+
+  useEffect(() => {
+    const bucketResp = bucketSchema.safeParse(data.config?.domain);
+    if (!bucketResp.success) {
+      setError({
+        ...error,
+        bucket: JSON.parse(bucketResp.error.message)[0].message,
+      });
+    } else {
+      setError({
+        ...error,
+        bucket: "",
+      });
+    }
+  }, []);
+
+  useEffect(() => {
+    if (!data.id) {
+      setDeploy({
+        ...data,
+        config: {
+          region: "",
+          bucket: "",
+          domain: "",
+        },
+      });
+    }
+  }, []);
+
+  const domainSchema = z.string().regex(/^(?:\*\.)?([a-zA-Z0-9-]+\.)+[a-zA-Z]{2,}$/, {
+    message: t("common.errmsg.domain_invalid"),
+  });
+
+  const bucketSchema = z.string().min(1, {
+    message: t("domain.deployment.form.cos_region.placeholder"),
+  });
+
+  return (
+    <div className="flex flex-col space-y-8">
+      <div>
+        <Label>{t("domain.deployment.form.cos_region.label")}</Label>
+        <Input
+          placeholder={t("domain.deployment.form.cos_region.placeholder")}
+          className="w-full mt-1"
+          value={data?.config?.region}
+          onChange={(e) => {
+            const temp = e.target.value;
+
+            const newData = produce(data, (draft) => {
+              if (!draft.config) {
+                draft.config = {};
+              }
+              draft.config.region = temp;
+            });
+            setDeploy(newData);
+          }}
+        />
+        <div className="text-red-600 text-sm mt-1">{error?.endpoint}</div>
+      </div>
+
+      <div>
+        <Label>{t("domain.deployment.form.cos_bucket.label")}</Label>
+        <Input
+          placeholder={t("domain.deployment.form.cos_bucket.placeholder")}
+          className="w-full mt-1"
+          value={data?.config?.bucket}
+          onChange={(e) => {
+            const temp = e.target.value;
+
+            const resp = bucketSchema.safeParse(temp);
+            if (!resp.success) {
+              setError({
+                ...error,
+                bucket: JSON.parse(resp.error.message)[0].message,
+              });
+            } else {
+              setError({
+                ...error,
+                bucket: "",
+              });
+            }
+
+            const newData = produce(data, (draft) => {
+              if (!draft.config) {
+                draft.config = {};
+              }
+              draft.config.bucket = temp;
+            });
+            setDeploy(newData);
+          }}
+        />
+        <div className="text-red-600 text-sm mt-1">{error?.bucket}</div>
+      </div>
+
+      <div>
+        <Label>{t("domain.deployment.form.domain.label")}</Label>
+        <Input
+          placeholder={t("domain.deployment.form.domain.label")}
+          className="w-full mt-1"
+          value={data?.config?.domain}
+          onChange={(e) => {
+            const temp = e.target.value;
+
+            const resp = domainSchema.safeParse(temp);
+            if (!resp.success) {
+              setError({
+                ...error,
+                domain: JSON.parse(resp.error.message)[0].message,
+              });
+            } else {
+              setError({
+                ...error,
+                domain: "",
+              });
+            }
+
+            const newData = produce(data, (draft) => {
+              if (!draft.config) {
+                draft.config = {};
+              }
+              draft.config.domain = temp;
+            });
+            setDeploy(newData);
+          }}
+        />
+        <div className="text-red-600 text-sm mt-1">{error?.domain}</div>
+      </div>
+    </div>
+  );
+};
+
+export default DeployToTencentCOS;
--- a/ui/src/domain/domain.ts
+++ b/ui/src/domain/domain.ts
@ -75,6 +75,7 @@ export const deployTargetsMap: Map<DeployTarget["type"], DeployTarget> = new Map
    ["aliyun-cdn", "common.provider.aliyun.cdn", "/imgs/providers/aliyun.svg"],
    ["aliyun-dcdn", "common.provider.aliyun.dcdn", "/imgs/providers/aliyun.svg"],
    ["tencent-cdn", "common.provider.tencent.cdn", "/imgs/providers/tencent.svg"],
+    ["tencent-cos", "common.provider.tencent.cos", "/imgs/providers/tencent.svg"],
    ["huaweicloud-cdn", "common.provider.huaweicloud.cdn", "/imgs/providers/huaweicloud.svg"],
    ["qiniu-cdn", "common.provider.qiniu.cdn", "/imgs/providers/qiniu.svg"],
    ["local", "common.provider.local", "/imgs/providers/local.svg"],
--- a/ui/src/i18n/locales/en/nls.common.json
+++ b/ui/src/i18n/locales/en/nls.common.json
@ -58,6 +58,7 @@
  "common.provider.aliyun.dcdn": "Alibaba Cloud - DCDN",
  "common.provider.tencent": "Tencent",
  "common.provider.tencent.cdn": "Tencent - CDN",
+  "common.provider.tencent.cos": "Tencent - COS",
  "common.provider.huaweicloud": "Huawei Cloud",
  "common.provider.huaweicloud.cdn": "Huawei Cloud - CDN",
  "common.provider.qiniu": "Qiniu",
--- a/ui/src/i18n/locales/en/nls.domain.json
+++ b/ui/src/i18n/locales/en/nls.domain.json
@ -54,6 +54,10 @@
  "domain.deployment.form.access.label": "Access Configuration",
  "domain.deployment.form.access.placeholder": "Please select provider authorization configuration",
  "domain.deployment.form.access.list": "Provider Authorization Configurations",
+  "domain.deployment.form.cos_region.label": "Region",
+  "domain.deployment.form.cos_region.placeholder": "Please enter region, e.g. ap-guangzhou",
+  "domain.deployment.form.cos_bucket.label": "Bucket",
+  "domain.deployment.form.cos_bucket.placeholder": "Please enter bucket, e.g. example-1250000000",
  "domain.deployment.form.domain.label": "Deploy to domain (Single domain only, not wildcard domain)",
  "domain.deployment.form.domain.placeholder": "Please enter domain to be deployed",
  "domain.deployment.form.ssh_key_path.label": "Private Key Save Path",
--- a/ui/src/i18n/locales/zh/nls.common.json
+++ b/ui/src/i18n/locales/zh/nls.common.json
@ -54,6 +54,7 @@

  "common.provider.tencent": "腾讯云",
  "common.provider.tencent.cdn": "腾讯云 - CDN",
+  "common.provider.tencent.cos": "腾讯云 - COS",
  "common.provider.aliyun": "阿里云",
  "common.provider.aliyun.oss": "阿里云 - OSS",
  "common.provider.aliyun.cdn": "阿里云 - CDN",
--- a/ui/src/i18n/locales/zh/nls.domain.json
+++ b/ui/src/i18n/locales/zh/nls.domain.json
@ -54,6 +54,10 @@
  "domain.deployment.form.access.label": "授权配置",
  "domain.deployment.form.access.placeholder": "请选择授权配置",
  "domain.deployment.form.access.list": "服务商授权配置列表",
+  "domain.deployment.form.cos_region.label": "region",
+  "domain.deployment.form.cos_region.placeholder": "请输入 region, 如 ap-guangzhou",
+  "domain.deployment.form.cos_bucket.label": "存储桶",
+  "domain.deployment.form.cos_bucket.placeholder": "请输入存储桶名, 如 example-1250000000",
  "domain.deployment.form.domain.label": "部署到域名（仅支持单个域名；不支持泛域名）",
  "domain.deployment.form.domain.placeholder": "请输入部署到的域名",
  "domain.deployment.form.ssh_key_path.label": "私钥保存路径",