mirror of
https://github.com/certd/certd.git
synced 2026-04-28 07:57:25 +08:00
fix: 修复阿里云esa超过免费配额之后无法部署证书的bug,改成删除最旧的那张证书
This commit is contained in:
xiaojunnuo
@@ -7,6 +7,7 @@ import {
|
|||||||
import { AliyunAccess } from "../../../plugin-lib/aliyun/access/index.js";
|
import { AliyunAccess } from "../../../plugin-lib/aliyun/access/index.js";
|
||||||
import { AliyunSslClient } from "../../../plugin-lib/aliyun/lib/ssl-client.js";
|
import { AliyunSslClient } from "../../../plugin-lib/aliyun/lib/ssl-client.js";
|
||||||
import { AliyunClientV2 } from "../../../plugin-lib/aliyun/lib/aliyun-client-v2.js";
|
import { AliyunClientV2 } from "../../../plugin-lib/aliyun/lib/aliyun-client-v2.js";
|
||||||
|
import dayjs from "dayjs";
|
||||||
|
|
||||||
@IsTaskPlugin({
|
@IsTaskPlugin({
|
||||||
name: "AliyunDeployCertToESA",
|
name: "AliyunDeployCertToESA",
|
||||||
@@ -89,6 +90,19 @@ export class AliyunDeployCertToESA extends AbstractTaskPlugin {
|
|||||||
)
|
)
|
||||||
siteIds!: string[];
|
siteIds!: string[];
|
||||||
|
|
||||||
|
@TaskInput({
|
||||||
|
title: "是否免费版",
|
||||||
|
value: true,
|
||||||
|
component: {
|
||||||
|
name: "a-switch",
|
||||||
|
vModel: "value"
|
||||||
|
},
|
||||||
|
helper: "如果是免费站点,将检查证书数量限制,如果超限将删除最旧的那张证书",
|
||||||
|
required: true
|
||||||
|
})
|
||||||
|
|
||||||
|
isFree: boolean;
|
||||||
|
|
||||||
|
|
||||||
async onInstance() {
|
async onInstance() {
|
||||||
}
|
}
|
||||||
@@ -126,13 +140,9 @@ export class AliyunDeployCertToESA extends AbstractTaskPlugin {
|
|||||||
const { certId, certName } = await this.getAliyunCertId(access);
|
const { certId, certName } = await this.getAliyunCertId(access);
|
||||||
|
|
||||||
for (const siteId of this.siteIds) {
|
for (const siteId of this.siteIds) {
|
||||||
|
if (this.isFree) {
|
||||||
try{
|
await this.clearSiteLimitCert(client, siteId);
|
||||||
await this.clearSiteCert(client,siteId);
|
|
||||||
}catch (e) {
|
|
||||||
this.logger.error(`清理站点[${siteId}]证书失败`,e)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
const res = await client.doRequest({
|
const res = await client.doRequest({
|
||||||
// 接口名称
|
// 接口名称
|
||||||
@@ -158,9 +168,9 @@ export class AliyunDeployCertToESA extends AbstractTaskPlugin {
|
|||||||
}
|
}
|
||||||
} finally {
|
} finally {
|
||||||
try {
|
try {
|
||||||
await this.clearSiteCert(client,siteId);
|
await this.clearSiteExpiredCert(client, siteId);
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
this.logger.error(`清理站点[${siteId}]证书失败`,e)
|
this.logger.error(`清理站点[${siteId}]过期证书失败`, e)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -201,7 +211,7 @@ export class AliyunDeployCertToESA extends AbstractTaskPlugin {
|
|||||||
return this.ctx.utils.options.buildGroupOptions(options, this.certDomains);
|
return this.ctx.utils.options.buildGroupOptions(options, this.certDomains);
|
||||||
}
|
}
|
||||||
|
|
||||||
async clearSiteCert(client: AliyunClientV2, siteId: string) {
|
async clearSiteExpiredCert(client: AliyunClientV2, siteId: string) {
|
||||||
this.logger.info(`开始清理站点[${siteId}]过期证书`);
|
this.logger.info(`开始清理站点[${siteId}]过期证书`);
|
||||||
const certListRes = await client.doRequest({
|
const certListRes = await client.doRequest({
|
||||||
action: "ListCertificates",
|
action: "ListCertificates",
|
||||||
@@ -209,7 +219,8 @@ export class AliyunDeployCertToESA extends AbstractTaskPlugin {
|
|||||||
method: "GET",
|
method: "GET",
|
||||||
data: {
|
data: {
|
||||||
query: {
|
query: {
|
||||||
SiteId: siteId
|
SiteId: siteId,
|
||||||
|
PageSize: 100
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
@@ -236,9 +247,72 @@ export class AliyunDeployCertToESA extends AbstractTaskPlugin {
|
|||||||
} catch (e) {
|
} catch (e) {
|
||||||
this.logger.error(`过期证书${item.Name}删除失败:`, e.message)
|
this.logger.error(`过期证书${item.Name}删除失败:`, e.message)
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
async clearSiteLimitCert(client: AliyunClientV2, siteId: string) {
|
||||||
|
const res = await client.doRequest({
|
||||||
|
action: "GetCertificateQuota",
|
||||||
|
version: "2024-09-10",
|
||||||
|
method: "GET",
|
||||||
|
data: {
|
||||||
|
query: {
|
||||||
|
SiteId: siteId,
|
||||||
|
Type: "free"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
});
|
||||||
|
this.logger.info(`站点[${siteId}]证书限制情况, 限制${res.Quota} ,已使用${res.QuotaUsage}`);
|
||||||
|
|
||||||
|
if (res.QuotaUsage < res.Quota) {
|
||||||
|
this.logger.info(`站点[${siteId}]证书未超限制, 无需删除`);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
//删除最旧的证书
|
||||||
|
this.logger.info(`站点[${siteId}]证书已超限制, 开始删除最旧的证书`);
|
||||||
|
const certListRes = await client.doRequest({
|
||||||
|
action: "ListCertificates",
|
||||||
|
version: "2024-09-10",
|
||||||
|
method: "GET",
|
||||||
|
data: {
|
||||||
|
query: {
|
||||||
|
SiteId: siteId,
|
||||||
|
PageSize: 100
|
||||||
|
}
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
const list = certListRes.Result;
|
||||||
|
if (!list || list.length === 0) {
|
||||||
|
this.logger.info(`站点[${siteId}]没有证书, 无需删除`);
|
||||||
|
return
|
||||||
|
}
|
||||||
|
let oldly:any = null;
|
||||||
|
for (const item of list) {
|
||||||
|
if (!oldly) {
|
||||||
|
oldly = item;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if (dayjs(item.CreateTime).valueOf() < (dayjs(oldly.CreateTime)).valueOf()){
|
||||||
|
oldly = item;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
this.logger.info(`最旧的证书${oldly.Name}创建时间:${oldly.CreateTime}`);
|
||||||
|
await client.doRequest({
|
||||||
|
action: "DeleteCertificate",
|
||||||
|
version: "2024-09-10",
|
||||||
|
method: "GET",
|
||||||
|
data: {
|
||||||
|
query: {
|
||||||
|
SiteId: siteId,
|
||||||
|
Id: oldly.id
|
||||||
|
}
|
||||||
|
}
|
||||||
|
});
|
||||||
|
this.logger.info(`最旧证书${oldly.Name}已删除`);
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user