mirror of
https://github.com/certd/certd.git
synced 2026-04-24 04:17:25 +08:00
Merge branch 'v2-dev' into v2-plugin
This commit is contained in:
xiaojunnuo
@@ -60,3 +60,9 @@
|
||||
footer{
|
||||
background-color: hsl(var(--card)) !important;
|
||||
}
|
||||
|
||||
|
||||
.ant-select-multiple .ant-select-selection-item-remove{
|
||||
display: flex;
|
||||
align-items: center;
|
||||
}
|
||||
+107
-45
@@ -1,37 +1,38 @@
|
||||
import * as _ from 'lodash-es';
|
||||
import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions } from '@certd/plugin-cert';
|
||||
import { Autowire } from '@certd/pipeline';
|
||||
import * as _ from "lodash-es";
|
||||
import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions } from "@certd/plugin-cert";
|
||||
import { Autowire } from "@certd/pipeline";
|
||||
|
||||
import { HuaweiAccess } from '../access/index.js';
|
||||
import { ApiRequestOptions, HuaweiYunClient } from '@certd/lib-huawei';
|
||||
import { HuaweiAccess } from "../access/index.js";
|
||||
import { ApiRequestOptions, HuaweiYunClient } from "@certd/lib-huawei";
|
||||
|
||||
export type SearchRecordOptions = {
|
||||
zoneId: string;
|
||||
} & CreateRecordOptions;
|
||||
|
||||
@IsDnsProvider({
|
||||
name: 'huawei',
|
||||
title: '华为云',
|
||||
desc: '华为云DNS解析提供商',
|
||||
accessType: 'huawei',
|
||||
icon: 'svg:icon-huawei',
|
||||
name: "huawei",
|
||||
title: "华为云",
|
||||
desc: "华为云DNS解析提供商",
|
||||
accessType: "huawei",
|
||||
icon: "svg:icon-huawei"
|
||||
})
|
||||
export class HuaweiDnsProvider extends AbstractDnsProvider {
|
||||
client!: HuaweiYunClient;
|
||||
@Autowire()
|
||||
access!: HuaweiAccess;
|
||||
domainEndpoint = 'https://domains-external.myhuaweicloud.com';
|
||||
dnsEndpoint = 'https://dns.cn-south-1.myhuaweicloud.com';
|
||||
domainEndpoint = "https://domains-external.myhuaweicloud.com";
|
||||
dnsEndpoint = "https://dns.cn-south-1.myhuaweicloud.com";
|
||||
|
||||
async onInstance() {
|
||||
const access: any = this.access;
|
||||
this.client = new HuaweiYunClient(access,this.logger);
|
||||
this.client = new HuaweiYunClient(access, this.logger);
|
||||
}
|
||||
|
||||
async getDomainList() {
|
||||
const url = `${this.dnsEndpoint}/v2/zones`;
|
||||
const ret = await this.client.request({
|
||||
url,
|
||||
method: 'GET',
|
||||
method: "GET"
|
||||
});
|
||||
return ret.zones;
|
||||
}
|
||||
@@ -40,21 +41,21 @@ export class HuaweiDnsProvider extends AbstractDnsProvider {
|
||||
const zoneList = await this.getDomainList();
|
||||
let zoneRecord = null;
|
||||
for (const item of zoneList) {
|
||||
if (_.endsWith(dnsRecord + '.', item.name)) {
|
||||
if (_.endsWith(dnsRecord + ".", item.name)) {
|
||||
zoneRecord = item;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (!zoneRecord) {
|
||||
throw new Error('can not find Domain ,' + dnsRecord);
|
||||
throw new Error("can not find Domain ," + dnsRecord);
|
||||
}
|
||||
return zoneRecord;
|
||||
}
|
||||
|
||||
async searchRecord(options: SearchRecordOptions): Promise<any> {
|
||||
const req: ApiRequestOptions = {
|
||||
url: `${this.dnsEndpoint}/v2/zones/${options.zoneId}/recordsets?name=${options.fullRecord}.`,
|
||||
method: 'GET',
|
||||
url: `${this.dnsEndpoint}/v2/zones/${options.zoneId}/recordsets?search_mode=equal&name=${options.fullRecord}.&type=${options.type}`,
|
||||
method: "GET"
|
||||
};
|
||||
const ret = await this.client.request(req);
|
||||
return ret.recordsets;
|
||||
@@ -62,59 +63,120 @@ export class HuaweiDnsProvider extends AbstractDnsProvider {
|
||||
|
||||
async createRecord(options: CreateRecordOptions): Promise<any> {
|
||||
const { fullRecord, value, type } = options;
|
||||
this.logger.info('添加域名解析:', fullRecord, value);
|
||||
this.logger.info("添加域名解析:", fullRecord, value);
|
||||
this.logger.info("查询是否有重复记录");
|
||||
const zoneRecord = await this.matchDomain(fullRecord);
|
||||
const zoneId = zoneRecord.id;
|
||||
|
||||
const records: any = await this.searchRecord({
|
||||
zoneId,
|
||||
...options,
|
||||
...options
|
||||
});
|
||||
this.logger.info(`查询${options.type}数量:${records.length}`);
|
||||
let found = null;
|
||||
const hwRecordValue = `"${value}"`;
|
||||
if (records && records.length > 0) {
|
||||
for (const record of records) {
|
||||
await this.removeRecord({
|
||||
recordRes: record,
|
||||
recordReq: options,
|
||||
});
|
||||
found = records[0];
|
||||
this.logger.info(`记录:${found.id},${found.records}`);
|
||||
if (found.records.includes(hwRecordValue)) {
|
||||
// this.logger.info(`删除重复记录:${record.id}`)
|
||||
// await this.removeRecord({
|
||||
// recordRes: record,
|
||||
// recordReq: options,
|
||||
// });
|
||||
this.logger.info(`无需重复添加:${found.records}`);
|
||||
return found;
|
||||
}
|
||||
}
|
||||
|
||||
try {
|
||||
if (found) {
|
||||
//修改
|
||||
const req: ApiRequestOptions = {
|
||||
url: `${this.dnsEndpoint}/v2/zones/${zoneId}/recordsets`,
|
||||
method: 'POST',
|
||||
url: `${this.dnsEndpoint}/v2/zones/${zoneId}/recordsets/${found.id}`,
|
||||
method: "PUT",
|
||||
data: {
|
||||
name: fullRecord + '.',
|
||||
name: fullRecord + ".",
|
||||
type,
|
||||
records: [`"${value}"`],
|
||||
},
|
||||
records: [hwRecordValue, ...found.records]
|
||||
}
|
||||
};
|
||||
const ret = await this.client.request(req);
|
||||
this.logger.info('添加域名解析成功:', value, ret);
|
||||
this.logger.info("添加域名解析成功:", value, ret);
|
||||
return ret;
|
||||
} catch (e: any) {
|
||||
if (e.code === 'DNS.0312') {
|
||||
return;
|
||||
} else {
|
||||
//创建
|
||||
try {
|
||||
const req: ApiRequestOptions = {
|
||||
url: `${this.dnsEndpoint}/v2/zones/${zoneId}/recordsets`,
|
||||
method: "POST",
|
||||
data: {
|
||||
name: fullRecord + ".",
|
||||
type,
|
||||
records: [hwRecordValue]
|
||||
}
|
||||
};
|
||||
const ret = await this.client.request(req);
|
||||
this.logger.info("添加域名解析成功:", value, ret);
|
||||
return ret;
|
||||
} catch (e: any) {
|
||||
if (e.code === "DNS.0312") {
|
||||
return;
|
||||
}
|
||||
this.logger.info("添加域名解析出错", e);
|
||||
throw e;
|
||||
}
|
||||
this.logger.info('添加域名解析出错', e);
|
||||
throw e;
|
||||
}
|
||||
}
|
||||
|
||||
async removeRecord(options: RemoveRecordOptions<any>): Promise<any> {
|
||||
const { fullRecord, value } = options.recordReq;
|
||||
const record = options.recordRes;
|
||||
if (!record) {
|
||||
this.logger.info('解析记录recordId为空,不执行删除', fullRecord, value);
|
||||
this.logger.info("解析记录recordId为空,不执行删除", fullRecord, value);
|
||||
return;
|
||||
}
|
||||
const req: ApiRequestOptions = {
|
||||
url: `${this.dnsEndpoint}/v2/zones/${record.zone_id}/recordsets/${record.id}`,
|
||||
method: 'DELETE',
|
||||
};
|
||||
const zoneId = record.zone_id;
|
||||
|
||||
const ret = await this.client.request(req);
|
||||
this.logger.info('删除域名解析成功:', fullRecord, value, ret.RecordId);
|
||||
return ret.RecordId;
|
||||
//查询原来的记录
|
||||
const records: any = await this.searchRecord({
|
||||
zoneId,
|
||||
...options.recordReq
|
||||
});
|
||||
const hwRecordValue = `"${value}"`;
|
||||
|
||||
if (records && records.length > 0) {
|
||||
//找到记录
|
||||
const found = records[0];
|
||||
if (found.records.includes(hwRecordValue)) {
|
||||
if (found.records.length > 1) {
|
||||
//修改
|
||||
|
||||
const req: ApiRequestOptions = {
|
||||
url: `${this.dnsEndpoint}/v2/zones/${zoneId}/recordsets/${found.id}`,
|
||||
method: "PUT",
|
||||
data: {
|
||||
name: fullRecord + ".",
|
||||
type: found.type,
|
||||
records: found.records.filter((item: string) => item !== hwRecordValue)
|
||||
}
|
||||
};
|
||||
const ret = await this.client.request(req);
|
||||
this.logger.info("修改域名解析成功[put]:", value, ret);
|
||||
} else {
|
||||
//删除
|
||||
const req: ApiRequestOptions = {
|
||||
url: `${this.dnsEndpoint}/v2/zones/${zoneId}/recordsets/${found.id}`,
|
||||
method: "DELETE"
|
||||
};
|
||||
const ret = await this.client.request(req);
|
||||
this.logger.info("删除域名解析成功[delete]:", fullRecord, value, ret.RecordId);
|
||||
}
|
||||
}else{
|
||||
this.logger.info("没有找到records无需删除", fullRecord, value,found);
|
||||
}
|
||||
}else{
|
||||
this.logger.info("删除域名解析失败,没有找到解析记录", fullRecord, value);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -0,0 +1,77 @@
|
||||
import { UpyunAccess } from "./access.js";
|
||||
import { HttpClient, ILogger } from "@certd/basic";
|
||||
import { CertInfo } from "@certd/plugin-cert";
|
||||
|
||||
export type UpyunClientOptions = {
|
||||
access: UpyunAccess
|
||||
logger: ILogger;
|
||||
http: HttpClient
|
||||
}
|
||||
|
||||
export class UpyunClient {
|
||||
opts: UpyunClientOptions;
|
||||
|
||||
constructor(opts: UpyunClientOptions) {
|
||||
this.opts = opts;
|
||||
}
|
||||
|
||||
async uploadCert(cookie: string,cert:CertInfo) {
|
||||
// https://console.upyun.com/api/https/certificate/
|
||||
const res = await this.doRequest({
|
||||
cookie: cookie,
|
||||
url: "https://console.upyun.com/api/https/certificate/",
|
||||
method: "POST",
|
||||
data: {
|
||||
certificate: cert.crt,
|
||||
private_key: cert.key
|
||||
}
|
||||
});
|
||||
|
||||
return res.data.result.certificate_id;
|
||||
}
|
||||
|
||||
async getLoginToken() {
|
||||
const access = this.opts.access
|
||||
const http = this.opts.http;
|
||||
const res = await http.request({
|
||||
url: "https://console.upyun.com/accounts/signin/",
|
||||
method: "POST",
|
||||
data: {
|
||||
username: access.username,
|
||||
password: access.password
|
||||
},
|
||||
logRes: false,
|
||||
returnResponse: true
|
||||
});
|
||||
if (res.data?.errors?.length > 0) {
|
||||
throw new Error(JSON.stringify(res.data.msg));
|
||||
}
|
||||
const cookie = res.headers["set-cookie"];
|
||||
return cookie;
|
||||
}
|
||||
|
||||
async doRequest(req: {
|
||||
cookie: string,
|
||||
url: string,
|
||||
method: string,
|
||||
data: any
|
||||
}) {
|
||||
|
||||
const res = await this.opts.http.request({
|
||||
url: req.url,
|
||||
method: req.method,
|
||||
data: req.data,
|
||||
headers: {
|
||||
Cookie: req.cookie
|
||||
}
|
||||
});
|
||||
if (res.msg.errors.length > 0) {
|
||||
throw new Error(JSON.stringify(res.msg));
|
||||
}
|
||||
if(res.data?.error_code){
|
||||
throw new Error(res.data?.message);
|
||||
}
|
||||
return res;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,2 +1,3 @@
|
||||
export * from './plugins/index.js';
|
||||
export * from './access.js';
|
||||
export * from './client.js';
|
||||
|
||||
@@ -1,35 +1,38 @@
|
||||
import { IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
|
||||
import { CertInfo } from '@certd/plugin-cert';
|
||||
import { AbstractPlusTaskPlugin } from '@certd/plugin-plus';
|
||||
import { UpyunAccess } from '../access.js';
|
||||
import {createCertDomainGetterInputDefine, createRemoteSelectInputDefine} from '@certd/plugin-lib';
|
||||
import { CertApplyPluginNames} from '@certd/plugin-cert';
|
||||
import {optionsUtils} from "@certd/basic/dist/utils/util.options.js";
|
||||
import { IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
|
||||
import { CertInfo } from "@certd/plugin-cert";
|
||||
import { AbstractPlusTaskPlugin } from "@certd/plugin-plus";
|
||||
import { UpyunAccess } from "../access.js";
|
||||
import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from "@certd/plugin-lib";
|
||||
import { CertApplyPluginNames } from "@certd/plugin-cert";
|
||||
import { optionsUtils } from "@certd/basic/dist/utils/util.options.js";
|
||||
import { UpyunClient } from "../client.js";
|
||||
|
||||
@IsTaskPlugin({
|
||||
//命名规范,插件名称+功能(就是目录plugin-demo中的demo),大写字母开头,驼峰命名
|
||||
name: 'UpyunDeployToCdn',
|
||||
title: '又拍云-部署证书到CDN',
|
||||
icon: 'svg:icon-upyun',
|
||||
name: "UpyunDeployToCdn",
|
||||
title: "又拍云-部署证书到CDN/USS",
|
||||
icon: "svg:icon-upyun",
|
||||
desc:"支持又拍云CDN,又拍云云存储USS",
|
||||
//插件分组
|
||||
group: pluginGroups.cdn.key,
|
||||
needPlus: true,
|
||||
default: {
|
||||
//默认值配置照抄即可
|
||||
strategy: {
|
||||
runStrategy: RunStrategy.SkipWhenSucceed,
|
||||
},
|
||||
},
|
||||
runStrategy: RunStrategy.SkipWhenSucceed
|
||||
}
|
||||
}
|
||||
})
|
||||
//类名规范,跟上面插件名称(name)一致
|
||||
export class UpyunDeployToCdn extends AbstractPlusTaskPlugin {
|
||||
//证书选择,此项必须要有
|
||||
@TaskInput({
|
||||
title: '域名证书',
|
||||
helper: '请选择前置任务输出的域名证书',
|
||||
title: "域名证书",
|
||||
helper: "请选择前置任务输出的域名证书",
|
||||
component: {
|
||||
name: 'output-selector',
|
||||
from: [...CertApplyPluginNames],
|
||||
},
|
||||
name: "output-selector",
|
||||
from: [...CertApplyPluginNames]
|
||||
}
|
||||
// required: true, // 必填
|
||||
})
|
||||
cert!: CertInfo;
|
||||
@@ -38,142 +41,99 @@ export class UpyunDeployToCdn extends AbstractPlusTaskPlugin {
|
||||
certDomains!: string[];
|
||||
//授权选择框
|
||||
@TaskInput({
|
||||
title: 'Upyun授权',
|
||||
title: "Upyun授权",
|
||||
component: {
|
||||
name: 'access-selector',
|
||||
type: 'upyun', //固定授权类型
|
||||
name: "access-selector",
|
||||
type: "upyun" //固定授权类型
|
||||
},
|
||||
required: true, //必填
|
||||
required: true //必填
|
||||
})
|
||||
accessId!: string;
|
||||
//
|
||||
|
||||
@TaskInput(
|
||||
createRemoteSelectInputDefine({
|
||||
title: 'CDN加速域名',
|
||||
helper: '选择CDN加速域名,可以手动输入',
|
||||
typeName: 'UpyunDeployToCdn',
|
||||
title: "加速域名",
|
||||
helper: "选择加速域名,可以手动输入",
|
||||
typeName: "UpyunDeployToCdn",
|
||||
action: UpyunDeployToCdn.prototype.onGetCdnList.name,
|
||||
watches: ['accessId'],
|
||||
watches: ["accessId"]
|
||||
})
|
||||
)
|
||||
cdnList!: string[];
|
||||
|
||||
//插件实例化时执行的方法
|
||||
async onInstance() {}
|
||||
async onInstance() {
|
||||
}
|
||||
|
||||
//插件执行方法
|
||||
async execute(): Promise<void> {
|
||||
const access = await this.accessService.getById<UpyunAccess>(this.accessId);
|
||||
|
||||
const cookie = await this.getLoginToken();
|
||||
const upyunClient = new UpyunClient({
|
||||
access,
|
||||
logger: this.logger,
|
||||
http: this.ctx.http
|
||||
});
|
||||
const cookie = await upyunClient.getLoginToken();
|
||||
this.logger.info(`登录成功`);
|
||||
const certId = await this.uploadCert(cookie);
|
||||
const certId = await upyunClient.uploadCert(cookie, this.cert);
|
||||
this.logger.info(`上传证书成功:${certId}`);
|
||||
for (const item of this.cdnList) {
|
||||
this.logger.info(`开始部署证书:${item}`);
|
||||
const res = await this.doRequest({
|
||||
cookie:cookie,
|
||||
url: 'https://console.upyun.com/api/https/migrate/domain',
|
||||
method: 'POST',
|
||||
data:{
|
||||
const res = await upyunClient.doRequest({
|
||||
cookie: cookie,
|
||||
url: "https://console.upyun.com/api/https/migrate/domain",
|
||||
method: "POST",
|
||||
data: {
|
||||
crt_id: certId,
|
||||
domain_name : item
|
||||
domain_name: item
|
||||
}
|
||||
})
|
||||
});
|
||||
this.logger.info(`部署成功:${JSON.stringify(res)}`);
|
||||
}
|
||||
|
||||
this.logger.info('部署成功');
|
||||
this.logger.info("部署成功");
|
||||
}
|
||||
|
||||
async uploadCert(cookie:string){
|
||||
// https://console.upyun.com/api/https/certificate/
|
||||
const res = await this.doRequest({
|
||||
cookie:cookie,
|
||||
url: 'https://console.upyun.com/api/https/certificate/',
|
||||
method: 'POST',
|
||||
data:{
|
||||
certificate: this.cert.crt,
|
||||
private_key: this.cert.key
|
||||
}
|
||||
})
|
||||
|
||||
return res.data.result.certificate_id
|
||||
}
|
||||
|
||||
async getLoginToken(){
|
||||
const access = await this.accessService.getById<UpyunAccess>(this.accessId)
|
||||
const res = await this.http.request({
|
||||
url: 'https://console.upyun.com/accounts/signin/',
|
||||
method: 'POST',
|
||||
data:{
|
||||
username: access.username,
|
||||
password: access.password
|
||||
},
|
||||
logRes:false,
|
||||
returnResponse:true
|
||||
});
|
||||
if (res.data?.errors?.length>0) {
|
||||
throw new Error(JSON.stringify(res.data.msg));
|
||||
}
|
||||
const cookie = res.headers['set-cookie'];
|
||||
return cookie;
|
||||
}
|
||||
|
||||
async doRequest(req:{
|
||||
cookie:string,
|
||||
url:string,
|
||||
method:string,
|
||||
data:any
|
||||
}){
|
||||
|
||||
const res = await this.http.request({
|
||||
url: req.url,
|
||||
method: req.method,
|
||||
data:req.data,
|
||||
headers:{
|
||||
Cookie: req.cookie
|
||||
}
|
||||
})
|
||||
if (res.msg.errors.length>0) {
|
||||
throw new Error(JSON.stringify(res.msg));
|
||||
}
|
||||
return res
|
||||
}
|
||||
|
||||
async onGetCdnList() {
|
||||
if(!this.accessId){
|
||||
throw new Error('accessId不能为空');
|
||||
if (!this.accessId) {
|
||||
throw new Error("accessId不能为空");
|
||||
}
|
||||
const access = await this.accessService.getById<UpyunAccess>(this.accessId);
|
||||
|
||||
const cookie = await this.getLoginToken();
|
||||
const upyunClient = new UpyunClient({
|
||||
access,
|
||||
logger: this.logger,
|
||||
http: this.ctx.http
|
||||
});
|
||||
const cookie = await upyunClient.getLoginToken();
|
||||
const req = {
|
||||
cookie,
|
||||
url: 'https://console.upyun.com/api/v2/buckets/?bucket_name=&with_domains=true&business_type=file&perPage=100&page=1&tag=all&state=all&type=ucdn&security_cdn=false',
|
||||
method: 'GET',
|
||||
data:{}
|
||||
}
|
||||
const res = await this.doRequest(req);
|
||||
url: "https://console.upyun.com/api/account/domains/?limit=15&business_type=file&security_cdn=false&websocket=false&key=&domain=",
|
||||
method: "GET",
|
||||
data: {}
|
||||
};
|
||||
const res = await upyunClient.doRequest(req);
|
||||
|
||||
const buckets = res.data?.buckets;
|
||||
if(!buckets || buckets.length === 0){
|
||||
throw new Error('没有找到CDN加速域名');
|
||||
const domains = res.data?.domains;
|
||||
if (!domains || domains.length === 0) {
|
||||
throw new Error("没有找到加速域名");
|
||||
}
|
||||
const list= []
|
||||
for (const item of buckets) {
|
||||
for (const domain of item.domains) {
|
||||
list.push({
|
||||
domain:domain.domain,
|
||||
bucket:item.bucket_name
|
||||
});
|
||||
}
|
||||
const list = [];
|
||||
for (const domain of domains) {
|
||||
list.push({
|
||||
domain: domain.domain,
|
||||
bucket: domain.bucket_name
|
||||
});
|
||||
}
|
||||
|
||||
const options = list.map((item: any) => {
|
||||
return {
|
||||
value: item.domain,
|
||||
label: `${item.domain}<${item.bucket}>`,
|
||||
domain: item.domain,
|
||||
domain: item.domain
|
||||
};
|
||||
});
|
||||
return optionsUtils.buildGroupOptions(options, this.certDomains);
|
||||
@@ -181,5 +141,6 @@ export class UpyunDeployToCdn extends AbstractPlusTaskPlugin {
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
//实例化一下,注册插件
|
||||
new UpyunDeployToCdn();
|
||||
|
||||
Reference in New Issue
Block a user