mirror of
https://github.com/certd/certd.git
synced 2026-04-23 11:37:23 +08:00
fix: 修复阿里云 waf tlsVersion参数缺失导致部署失败的问题
This commit is contained in:
@@ -99,27 +99,39 @@ export class AliyunDeployCertToALB extends AbstractTaskPlugin {
|
||||
|
||||
|
||||
@TaskInput({
|
||||
title: "部署证书类型",
|
||||
value: "default",
|
||||
component: {
|
||||
name: "a-select",
|
||||
vModel: "value",
|
||||
options: [
|
||||
{
|
||||
label: "默认证书",
|
||||
value: "default"
|
||||
},
|
||||
{
|
||||
label: "扩展证书",
|
||||
value: "extension"
|
||||
}
|
||||
]
|
||||
},
|
||||
required: true
|
||||
}
|
||||
title: "部署证书类型",
|
||||
value: "default",
|
||||
component: {
|
||||
name: "a-select",
|
||||
vModel: "value",
|
||||
options: [
|
||||
{
|
||||
label: "默认证书",
|
||||
value: "default"
|
||||
},
|
||||
{
|
||||
label: "扩展证书",
|
||||
value: "extension"
|
||||
}
|
||||
]
|
||||
},
|
||||
required: true
|
||||
}
|
||||
)
|
||||
deployType: string = "default";
|
||||
|
||||
@TaskInput({
|
||||
title: "是否清理过期证书",
|
||||
value: true,
|
||||
component: {
|
||||
name: "a-switch",
|
||||
vModel: "checked",
|
||||
},
|
||||
required: true
|
||||
}
|
||||
)
|
||||
clearExpiredCert: boolean;
|
||||
|
||||
|
||||
async onInstance() {
|
||||
}
|
||||
@@ -155,17 +167,18 @@ export class AliyunDeployCertToALB extends AbstractTaskPlugin {
|
||||
const client = await this.getLBClient(access, this.regionId);
|
||||
await this.deployDefaultCert(certId, client);
|
||||
}
|
||||
this.logger.info(`准备开始清理过期证书`);
|
||||
await this.ctx.utils.sleep(30000)
|
||||
for (const listener of this.listeners) {
|
||||
try{
|
||||
await this.clearInvalidCert(albClientV2, listener);
|
||||
}catch(e){
|
||||
this.logger.error(`清理监听器${listener}的过期证书失败`, e);
|
||||
if (this.clearExpiredCert!==false) {
|
||||
this.logger.info(`准备开始清理过期证书`);
|
||||
await this.ctx.utils.sleep(30000)
|
||||
for (const listener of this.listeners) {
|
||||
try {
|
||||
await this.clearInvalidCert(albClientV2, listener);
|
||||
} catch (e) {
|
||||
this.logger.error(`清理监听器${listener}的过期证书失败`, e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
this.logger.info("执行完成");
|
||||
}
|
||||
|
||||
@@ -247,7 +260,7 @@ export class AliyunDeployCertToALB extends AbstractTaskPlugin {
|
||||
if (item.IsDefault) {
|
||||
continue;
|
||||
}
|
||||
certIds.push( parseInt(item.CertificateId));
|
||||
certIds.push(parseInt(item.CertificateId));
|
||||
}
|
||||
this.logger.info(`监听器${listener}绑定的证书${certIds}`);
|
||||
//检查是否过期,过期则删除
|
||||
|
||||
@@ -90,6 +90,35 @@ export class AliyunDeployCertToWaf extends AbstractTaskPlugin {
|
||||
)
|
||||
cnameDomains!: string[];
|
||||
|
||||
|
||||
@TaskInput({
|
||||
title: 'TLS版本',
|
||||
value: 'TLSv1.2',
|
||||
component: {
|
||||
name: 'a-select',
|
||||
options: [
|
||||
{ value: 'TLSv1', label: 'TLSv1' },
|
||||
{ value: 'TLSv1.1', label: 'TLSv1.1' },
|
||||
{ value: 'TLSv1.2', label: 'TLSv1.2' },
|
||||
],
|
||||
},
|
||||
required: true,
|
||||
})
|
||||
tlsVersion!: string;
|
||||
|
||||
@TaskInput({
|
||||
title: '启用TLSv3',
|
||||
value: true,
|
||||
component: {
|
||||
name: 'a-switch',
|
||||
vModel: 'checked',
|
||||
},
|
||||
required: true,
|
||||
})
|
||||
enableTLSv3!: boolean;
|
||||
|
||||
|
||||
|
||||
async onInstance() {}
|
||||
|
||||
async getWafClient(access: AliyunAccess) {
|
||||
@@ -163,6 +192,8 @@ export class AliyunDeployCertToWaf extends AbstractTaskPlugin {
|
||||
Redirect: JSON.stringify(redirect),
|
||||
Listen: JSON.stringify(listen),
|
||||
Domain: siteDomain,
|
||||
TLSVersion: this.tlsVersion || 'TLSv1.2',
|
||||
EnableTLSv3: this.enableTLSv3 ?? true,
|
||||
};
|
||||
const res = await client.request('ModifyDomain', updateParams);
|
||||
this.logger.info('部署成功', JSON.stringify(res));
|
||||
|
||||
@@ -24,10 +24,10 @@ const regionDict = [
|
||||
|
||||
@IsTaskPlugin({
|
||||
name: 'uploadCertToAliyun',
|
||||
title: '阿里云-上传证书到阿里云CAS',
|
||||
title: '阿里云-上传证书到CAS',
|
||||
icon: 'svg:icon-aliyun',
|
||||
group: pluginGroups.aliyun.key,
|
||||
desc: '上传证书到阿里云数字证书管理服务(CAS),注意:不会部署到任何应用上;如果不想在阿里云上同一份证书上传多次,可以把此任务作为前置任务,其他阿里云任务证书那一项选择此任务的输出',
|
||||
desc: '上传证书到阿里云证书管理服务(CAS),如果不想在阿里云上同一份证书上传多次,可以把此任务作为前置任务,其他阿里云任务证书那一项选择此任务的输出',
|
||||
default: {
|
||||
strategy: {
|
||||
runStrategy: RunStrategy.SkipWhenSucceed,
|
||||
|
||||
Reference in New Issue
Block a user