fix: 修复创建流水线后立即运行时报no id错误的bug

Closes https://github.com/certd/certd/issues/135
2026-04-14 20:40:53 +08:00 · 2024-08-23 17:41:02 +08:00
parent e358a88696
commit 17ead547aa
4 changed files with 59 additions and 15 deletions
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
@@ -14,6 +14,7 @@ export type CertInfo = {
  csr: string;
 };
 export type SSLProvider = "letsencrypt" | "google" | "zerossl";
+export type PrivateKeyType = "rsa" | "ec";
 type AcmeServiceOptions = {
  userContext: IContext;
  logger: Logger;
@@ -21,6 +22,7 @@ type AcmeServiceOptions = {
  eab?: ClientExternalAccountBindingOptions;
  skipLocalVerify?: boolean;
  useMappingProxy?: boolean;
+  privateKeyType?: PrivateKeyType;
 };

 export class AcmeService {
@@ -208,18 +210,33 @@ export class AcmeService {
    }
  }

-  async order(options: { email: string; domains: string | string[]; dnsProvider: any; csrInfo: any; isTest?: boolean }) {
+  async order(options: {
+    email: string;
+    domains: string | string[];
+    dnsProvider: any;
+    csrInfo: any;
+    isTest?: boolean;
+    privateKeyType?: string;
+  }): Promise<CertInfo> {
    const { email, isTest, domains, csrInfo, dnsProvider } = options;
    const client: acme.Client = await this.getAcmeClient(email, isTest);

    /* Create CSR */
    const { commonName, altNames } = this.buildCommonNameByDomains(domains);
-
-    const [key, csr] = await acme.forge.createCsr({
-      commonName,
-      ...csrInfo,
-      altNames,
-    });
+    let privateKey = null;
+    if (options.privateKeyType == "ec") {
+      privateKey = await acme.crypto.createPrivateEcdsaKey();
+    } else {
+      privateKey = await acme.crypto.createPrivateRsaKey();
+    }
+    const [key, csr] = await acme.forge.createCsr(
+      {
+        commonName,
+        ...csrInfo,
+        altNames,
+      },
+      privateKey
+    );
    if (dnsProvider == null) {
      throw new Error("dnsProvider 不能为空");
    }
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
@@ -1,5 +1,5 @@
 import { Decorator, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
-import type { CertInfo, SSLProvider } from "./acme.js";
+import type { CertInfo, PrivateKeyType, SSLProvider } from "./acme.js";
 import { AcmeService } from "./acme.js";
 import _ from "lodash-es";
 import { DnsProviderContext, DnsProviderDefine, dnsProviderRegistry } from "../../dns-provider/index.js";
@@ -42,6 +42,21 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
  })
  sslProvider!: SSLProvider;

+  @TaskInput({
+    title: "证书私钥类型",
+    value: "rsa",
+    component: {
+      name: "a-select",
+      vModel: "value",
+      options: [
+        { value: "rsa", label: "RSA" },
+        { value: "ec", label: "EC" },
+      ],
+    },
+    required: true,
+  })
+  privateKeyType!: PrivateKeyType;
+
  @TaskInput({
    title: "EAB授权",
    component: {
@@ -116,6 +131,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
      eab,
      skipLocalVerify: this.skipLocalVerify,
      useMappingProxy: this.useProxy,
+      privateKeyType: this.privateKeyType,
    });
  }

@@ -156,6 +172,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
        dnsProvider,
        csrInfo,
        isTest: false,
+        privateKeyType: this.privateKeyType,
      });

      const certInfo = this.formatCerts(cert);