lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-06-28 22:47:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: format

Browse Source
This commit is contained in:
xiaojunnuo
2026-05-31 01:41:33 +08:00
parent acd440106b
commit 4b57a0d729
557 changed files with 12530 additions and 14039 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/ui/certd-server/src/plugins/plugin-ucloud/access.ts
+65 -74
View File
@@ -1,68 +1,64 @@
import { IsAccess, AccessInput, BaseAccess } from '@certd/pipeline';
import { CertInfo, CertReader } from '@certd/plugin-cert';
import { IsAccess, AccessInput, BaseAccess } from "@certd/pipeline";
import { CertInfo, CertReader } from "@certd/plugin-cert";
/**
* 这个注解将注册一个授权配置
* 在certd的后台管理系统中,用户可以选择添加此类型的授权
*/
@IsAccess({
name: 'ucloud',
title: 'UCloud授权',
icon: 'svg:icon-ucloud',
desc: '优刻得授权',
name: "ucloud",
title: "UCloud授权",
icon: "svg:icon-ucloud",
desc: "优刻得授权",
})
export class UCloudAccess extends BaseAccess {
/**
* 授权属性配置
*/
@AccessInput({
title: '项目Id',
title: "项目Id",
component: {
placeholder: '项目Id',
placeholder: "项目Id",
},
helper: "[项目管理](https://console.ucloud.cn/uaccount/iam/project_manage)项目ID列获取",
required: true,
encrypt: false,
})
projectId = '';
projectId = "";
/**
* 授权属性配置
*/
@AccessInput({
title: '公钥',
title: "公钥",
component: {
placeholder: '公钥',
placeholder: "公钥",
},
helper: "[Api管理](https://console.ucloud.cn/uaccount/api_manage)获取",
required: true,
encrypt: false,
})
publicKey = '';
publicKey = "";
@AccessInput({
title: '私钥',
title: "私钥",
component: {
name: "a-input-password",
vModel: "value",
placeholder: '私钥',
placeholder: "私钥",
},
required: true,
encrypt: true,
})
privateKey = '';
privateKey = "";
@AccessInput({
title: "测试",
component: {
name: "api-test",
action: "TestRequest"
action: "TestRequest",
},
helper: "点击测试接口是否正常"
helper: "点击测试接口是否正常",
})
testRequest = true;
@@ -73,31 +69,30 @@ export class UCloudAccess extends BaseAccess {
return "ok";
}
async getClient(region?:string) {
async getClient(region?: string) {
if (this.client) {
return this.client;
}
const { Client } = await import('@ucloud-sdks/ucloud-sdk-js');
const { Client } = await import("@ucloud-sdks/ucloud-sdk-js");
const client = new Client({
config: {
region: region || 'cn-bj2',
region: region || "cn-bj2",
projectId: this.projectId || "",
baseUrl: "https://api.ucloud.cn"
baseUrl: "https://api.ucloud.cn",
},
credential: {
publicKey: this.publicKey,
privateKey: this.privateKey,
}
},
});
this.client = client;
return client
return client;
}
async ProjectList() {
const client = await this.getClient();
const resp = await client.uaccount().getProjectList({
"Action": "GetProjectList"
Action: "GetProjectList",
});
// this.ctx.logger.info(`获取到项目列表:${JSON.stringify(resp)}`);
return resp;
@@ -106,81 +101,77 @@ export class UCloudAccess extends BaseAccess {
async GetRegion() {
const client = await this.getClient();
const res = await client.uaccount().getRegion({
"Action": "GetRegion"
Action: "GetRegion",
});
// this.ctx.logger.info(`获取到区域列表:${JSON.stringify(res)}`);
return res;
}
async CdnDominList(req: { PageNo: number, PageSize: number }) {
async CdnDominList(req: { PageNo: number; PageSize: number }) {
const client = await this.getClient();
const resp = await client.ucdn().getUcdnDomainInfoList({
"Action": "GetUcdnDomainInfoList",
"ProjectId": this.projectId || "",
"PageNo": req.PageNo,
"PageSize": req.PageSize,
Action: "GetUcdnDomainInfoList",
ProjectId: this.projectId || "",
PageNo: req.PageNo,
PageSize: req.PageSize,
});
// this.ctx.logger.info(`获取到CDN域名列表:${JSON.stringify(resp)}`);
return resp;
}
async CdnAddCert(req: { certName: string, cert: CertInfo }) {
async CdnAddCert(req: { certName: string; cert: CertInfo }) {
const client = await this.getClient();
const resp = await client.ucdn().addCertificate({
"Action": "AddCertificate",
"ProjectId": this.projectId || "",
"CertName": req.certName,
"UserCert": req.cert.crt,
"PrivateKey": req.cert.key
Action: "AddCertificate",
ProjectId: this.projectId || "",
CertName: req.certName,
UserCert: req.cert.crt,
PrivateKey: req.cert.key,
});
this.ctx.logger.info(`添加CDN证书:${JSON.stringify(resp)}`);
return resp;
}
async SslUploadCert(req: { cert: CertInfo }) {
const { cert } = req
const { cert } = req;
/**
&SslPublicKey=lXUzWbSR
&SslCaKey=lXUzWbSR
&SslMD5=lXUzWbSR
&CertificateName=GoodCertcification
*/
const certReader = new CertReader(cert)
const certName = certReader.buildCertName()
const crtBase64 = this.ctx.utils.hash.base64(cert.crt)
const keyBase64 = this.ctx.utils.hash.base64(cert.key)
const allDomains = certReader.getAllDomains().join(",")
const certReader = new CertReader(cert);
const certName = certReader.buildCertName();
const crtBase64 = this.ctx.utils.hash.base64(cert.crt);
const keyBase64 = this.ctx.utils.hash.base64(cert.key);
const allDomains = certReader.getAllDomains().join(",");
this.ctx.logger.info(`----------- 上传USSL证书,certName:${certName},domains:${allDomains}`);
try {
const resp = await this.invoke({
Action: "UploadNormalCertificate",
"SslPublicKey": crtBase64,
"SslPrivateKey": keyBase64,
"CertificateName": certName,
"SslMD5": this.ctx.utils.hash.md5(crtBase64 + keyBase64)
SslPublicKey: crtBase64,
SslPrivateKey: keyBase64,
CertificateName: certName,
SslMD5: this.ctx.utils.hash.md5(crtBase64 + keyBase64),
});
this.ctx.logger.info(`----------- 上传USSL证书成功,certId:${resp.CertificateID}`);
return { type: "ussl", id: resp.CertificateID, name: certName, resourceId: resp.LongResourceID, domains: allDomains }
return { type: "ussl", id: resp.CertificateID, name: certName, resourceId: resp.LongResourceID, domains: allDomains };
} catch (err) {
if (err.message.includes("重复上传证书")) {
//查找证书
const certList = await this.SslGetCertList(certReader.getMainDomain());
const cert = certList.find((item: any) => item.Domains === allDomains)
const cert = certList.find((item: any) => item.Domains === allDomains);
if (cert) {
this.ctx.logger.info(`----------- 找到已存在证书,certId:${cert.CertificateID}`);
return { type: "ussl", id: cert.CertificateID, name: certName, domains: cert.Domains }
return { type: "ussl", id: cert.CertificateID, name: certName, domains: cert.Domains };
}
}
this.ctx.logger.error(`上传USSL证书失败:${err}`);
throw err;
}
}
async SslGetCertList(domain: string) {
@@ -188,39 +179,39 @@ export class UCloudAccess extends BaseAccess {
Action: "GetCertificateList",
Mode: "trust",
Domain: domain,
Sort: "2"
Sort: "2",
});
return resp.CertificateList || [];
}
async WafSiteList(req: { PageNo: number, PageSize: number , FullDomain?: string }):Promise<{DomainHostList?:{RecordId:string,FullDomain:string}[],TotalCount:number}> {
async WafSiteList(req: { PageNo: number; PageSize: number; FullDomain?: string }): Promise<{ DomainHostList?: { RecordId: string; FullDomain: string }[]; TotalCount: number }> {
const resp = await this.invoke({
"Action": "DescribeWafDomainHostInfo",
"ProjectId": this.projectId,
"Limit": req.PageSize,
"Offset": (req.PageNo - 1) * req.PageSize,
"FullDomain": req.FullDomain || undefined
Action: "DescribeWafDomainHostInfo",
ProjectId: this.projectId,
Limit: req.PageSize,
Offset: (req.PageNo - 1) * req.PageSize,
FullDomain: req.FullDomain || undefined,
});
this.ctx.logger.info(`获取到WAF站点列表:${JSON.stringify(resp)}`);
return resp;
}
async invoke(req: { Action: string, [key: string]: any }) {
const { Request } = await import('@ucloud-sdks/ucloud-sdk-js');
async invoke(req: { Action: string; [key: string]: any }) {
const { Request } = await import("@ucloud-sdks/ucloud-sdk-js");
const client = await this.getClient();
const resp = await client.invoke(new Request({
...req
}));
const resp = await client.invoke(
new Request({
...req,
})
);
// this.ctx.logger.info(`请求UCloud API:${JSON.stringify(resp)}`);
const res = resp.data || {}
const res = resp.data || {};
if (res.RetCode !== 0) {
throw new Error(res.Message)
throw new Error(res.Message);
}
return res;
}
}
new UCloudAccess();
packages/ui/certd-server/src/plugins/plugin-ucloud/index.ts
+2 -2
View File
@@ -1,2 +1,2 @@
export * from './access.js';
export * from './plugins/index.js';
export * from "./access.js";
export * from "./plugins/index.js";
packages/ui/certd-server/src/plugins/plugin-ucloud/plugins/constants.ts
+34 -34
View File
@@ -34,37 +34,37 @@ kz-ala 哈萨克斯坦(阿拉木图)
mx-qro 墨西哥(克雷塔罗)
*/
export const UCloudRegions = [
{label: "华北(北京)",value: "cn-bj1" },
{label: "华北(北京2",value: "cn-bj2" },
{label: "华北(乌兰察布)",value: "cn-wlcb" },
{label: "华北(乌兰察布2",value: "cn-wlcb2" },
{label: "华东(上海2",value: "cn-sh2" },
{label: "华东(嘉兴)",value: "cn-jx" },
{label: "金融云-华东(上海)",value: "cn-sh" },
{label: "华南(广州2",value: "cn-gd2" },
{label: "华南(广州)",value: "cn-gd" },
{label: "西南(贵阳)",value: "cn-guiyang1" },
{label: "香港",value: "hk" },
{label: "台湾(台北)",value: "tw-tp" },
{label: "新加坡",value: "sg" },
{label: "日本(东京)",value: "jpn-tky" },
{label: "韩国(首尔)",value: "kr-seoul" },
{label: "泰国(曼谷)",value: "th-bkk" },
{label: "印度尼西亚(雅加达)",value: "idn-jakarta" },
{label: "越南(胡志明)",value: "vn-sng" },
{label: "菲律宾(马尼拉)",value: "ph-mnl" },
{label: "印度(孟买)",value: "ind-mumbai" },
{label: "巴基斯坦(卡拉奇)",value: "pk-khi" },
{label: "美国(丹佛)",value: "us-den" },
{label: "美国(洛杉矶)",value: "us-ca" },
{label: "美国(华盛顿)",value: "us-ws" },
{label: "巴西(圣保罗)",value: "bra-saopaulo" },
{label: "俄罗斯(莫斯科)",value: "rus-mosc" },
{label: "德国(法兰克福)",value: "ge-fra" },
{label: "英国(伦敦)",value: "uk-london" },
{label: "阿联酋(迪拜)",value: "uae-dubai" },
{label: "尼日利亚(拉各斯)",value: "afr-nigeria" },
{label: "乌兹别克斯坦(塔什干)",value: "uz-tas" },
{label: "哈萨克斯坦(阿拉木图)",value: "kz-ala" },
{label: "墨西哥(克雷塔罗)",value: "mx-qro" },
]
{ label: "华北(北京)", value: "cn-bj1" },
{ label: "华北(北京2", value: "cn-bj2" },
{ label: "华北(乌兰察布)", value: "cn-wlcb" },
{ label: "华北(乌兰察布2", value: "cn-wlcb2" },
{ label: "华东(上海2", value: "cn-sh2" },
{ label: "华东(嘉兴)", value: "cn-jx" },
{ label: "金融云-华东(上海)", value: "cn-sh" },
{ label: "华南(广州2", value: "cn-gd2" },
{ label: "华南(广州)", value: "cn-gd" },
{ label: "西南(贵阳)", value: "cn-guiyang1" },
{ label: "香港", value: "hk" },
{ label: "台湾(台北)", value: "tw-tp" },
{ label: "新加坡", value: "sg" },
{ label: "日本(东京)", value: "jpn-tky" },
{ label: "韩国(首尔)", value: "kr-seoul" },
{ label: "泰国(曼谷)", value: "th-bkk" },
{ label: "印度尼西亚(雅加达)", value: "idn-jakarta" },
{ label: "越南(胡志明)", value: "vn-sng" },
{ label: "菲律宾(马尼拉)", value: "ph-mnl" },
{ label: "印度(孟买)", value: "ind-mumbai" },
{ label: "巴基斯坦(卡拉奇)", value: "pk-khi" },
{ label: "美国(丹佛)", value: "us-den" },
{ label: "美国(洛杉矶)", value: "us-ca" },
{ label: "美国(华盛顿)", value: "us-ws" },
{ label: "巴西(圣保罗)", value: "bra-saopaulo" },
{ label: "俄罗斯(莫斯科)", value: "rus-mosc" },
{ label: "德国(法兰克福)", value: "ge-fra" },
{ label: "英国(伦敦)", value: "uk-london" },
{ label: "阿联酋(迪拜)", value: "uae-dubai" },
{ label: "尼日利亚(拉各斯)", value: "afr-nigeria" },
{ label: "乌兹别克斯坦(塔什干)", value: "uz-tas" },
{ label: "哈萨克斯坦(阿拉木图)", value: "kz-ala" },
{ label: "墨西哥(克雷塔罗)", value: "mx-qro" },
];
packages/ui/certd-server/src/plugins/plugin-ucloud/plugins/index.ts
+5 -5
View File
@@ -1,5 +1,5 @@
export * from './plugin-deploy-to-cdn.js';
export * from './plugin-upload-to-ussl.js';
export * from './plugin-deploy-to-waf.js';
export * from './plugin-deploy-to-ulb.js';
export * from './plugin-deploy-to-us3.js';
export * from "./plugin-deploy-to-cdn.js";
export * from "./plugin-upload-to-ussl.js";
export * from "./plugin-deploy-to-waf.js";
export * from "./plugin-deploy-to-ulb.js";
export * from "./plugin-deploy-to-us3.js";
packages/ui/certd-server/src/plugins/plugin-ucloud/plugins/plugin-deploy-to-cdn.ts
+39 -48
View File
@@ -15,9 +15,9 @@ import { UCloudAccess } from "../access.js";
default: {
//默认值配置照抄即可
strategy: {
runStrategy: RunStrategy.SkipWhenSucceed
}
}
runStrategy: RunStrategy.SkipWhenSucceed,
},
},
})
//类名规范,跟上面插件名称(name)一致
export class UCloudDeployToCDN extends AbstractTaskPlugin {
@@ -27,11 +27,11 @@ export class UCloudDeployToCDN extends AbstractTaskPlugin {
helper: "请选择前置任务输出的域名证书",
component: {
name: "output-selector",
from: [...CertApplyPluginNames, ":UCloudCertId:"]
}
from: [...CertApplyPluginNames, ":UCloudCertId:"],
},
// required: true, // 必填
})
cert!: CertInfo | { type: string, id: number, name: string };
cert!: CertInfo | { type: string; id: number; name: string };
@TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
certDomains!: string[];
@@ -41,9 +41,9 @@ export class UCloudDeployToCDN extends AbstractTaskPlugin {
title: "UCloud授权",
component: {
name: "access-selector",
type: "ucloud" //固定授权类型
type: "ucloud", //固定授权类型
},
required: true //必填
required: true, //必填
})
accessId!: string;
//
@@ -53,35 +53,33 @@ export class UCloudDeployToCDN extends AbstractTaskPlugin {
title: "域名列表",
helper: "要更新的UCloud域名列表",
action: UCloudDeployToCDN.prototype.onGetDomainList.name
action: UCloudDeployToCDN.prototype.onGetDomainList.name,
})
)
domainList!: string[];
//插件实例化时执行的方法
async onInstance() {
}
async onInstance() {}
//插件执行方法
async execute(): Promise<void> {
const access = await this.getAccess<UCloudAccess>(this.accessId);
let certType = "ussl"
let certId = 0
let certName = this.appendTimeSuffix("certd")
const certType = "ussl";
let certId = 0;
let certName = this.appendTimeSuffix("certd");
// @ts-ignore
if (this.cert?.id) {
//从上一步传过来的ssl证书
// @ts-ignore
certId = this.cert.id
certId = this.cert.id;
// @ts-ignore
certName = this.cert.name
certName = this.cert.name;
} else {
const cert = await access.SslUploadCert({
cert: this.cert as CertInfo
cert: this.cert as CertInfo,
});
certId = cert.id
certName = cert.name
certId = cert.id;
certName = cert.name;
}
for (const item of this.domainList) {
@@ -91,7 +89,7 @@ export class UCloudDeployToCDN extends AbstractTaskPlugin {
certName: certName,
domain: item,
certId: certId,
certType: certType
certType: certType,
});
this.logger.info(`----------- 更新域名证书${item}成功`);
}
@@ -99,16 +97,13 @@ export class UCloudDeployToCDN extends AbstractTaskPlugin {
this.logger.info("部署完成");
}
async deployToCdn(req: { access: any, domain: string, certId: number, certType: string, certName: string }) {
const { access, domain, certId, certType, certName } = req
async deployToCdn(req: { access: any; domain: string; certId: number; certType: string; certName: string }) {
const { access, domain, certId, certType, certName } = req;
const domainsRes = await access.invoke({
"Action": "GetUcdnDomainConfig",
"ProjectId": access.projectId,
"Domain": [
domain
]
Action: "GetUcdnDomainConfig",
ProjectId: access.projectId,
Domain: [domain],
});
const domainList = domainsRes.DomainList || [];
@@ -122,20 +117,19 @@ export class UCloudDeployToCDN extends AbstractTaskPlugin {
let httpsStatusCn = domainConf.HttpsStatusCn;
if (httpsStatusAbroad === "disable" && httpsStatusCn === "disable") {
this.logger.info(`原CDN域名HTTPS未开启,将开启国内加速`);
httpsStatusCn = "enable"
httpsStatusCn = "enable";
}
const body: any = {
"Action": "UpdateUcdnDomainHttpsConfigV2",
"DomainId": domainId,
"CertName": certName,
"CertId": certId,
"CertType": certType,
EnableHttp2: domainConf.EnableHttp2 ||"0",
Action: "UpdateUcdnDomainHttpsConfigV2",
DomainId: domainId,
CertName: certName,
CertId: certId,
CertType: certType,
EnableHttp2: domainConf.EnableHttp2 || "0",
RedirectHttp2Https: domainConf.RedirectHttp2Https || "0",
TlsVersion: domainConf.TlsVersion || "tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3"
}
TlsVersion: domainConf.TlsVersion || "tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3",
};
if (httpsStatusAbroad === "enable") {
body.HttpsStatusAbroad = httpsStatusAbroad;
}
@@ -152,12 +146,10 @@ export class UCloudDeployToCDN extends AbstractTaskPlugin {
const pageNo = req.pageNo ?? 1;
const pageSize = req.pageSize ?? 100;
const res = await access.CdnDominList(
{
PageNo: pageNo,
PageSize: pageSize
}
);
const res = await access.CdnDominList({
PageNo: pageNo,
PageSize: pageSize,
});
const total = res.TotalCount;
const list = res.DomainInfoList || [];
if (!list || list.length === 0) {
@@ -172,17 +164,16 @@ export class UCloudDeployToCDN extends AbstractTaskPlugin {
return {
label: `${item.Domain}<${item.DomainId}>`,
value: `${item.Domain}`,
domain: item.Domain
domain: item.Domain,
};
});
return {
list: this.ctx.utils.options.buildGroupOptions(options, this.certDomains),
total: total,
pageNo: pageNo,
pageSize: pageSize
pageSize: pageSize,
};
}
}
//实例化一下,注册插件
packages/ui/certd-server/src/plugins/plugin-ucloud/plugins/plugin-deploy-to-ulb.ts
+58 -77
View File
@@ -13,9 +13,9 @@ import { UCloudRegions } from "./constants.js";
needPlus: false,
default: {
strategy: {
runStrategy: RunStrategy.SkipWhenSucceed
}
}
runStrategy: RunStrategy.SkipWhenSucceed,
},
},
})
export class UCloudDeployToULB extends AbstractTaskPlugin {
@TaskInput({
@@ -23,8 +23,8 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
helper: "请选择前置任务输出的域名证书",
component: {
name: "output-selector",
from: [...CertApplyPluginNames]
}
from: [...CertApplyPluginNames],
},
})
cert!: CertInfo;
@@ -35,9 +35,9 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
title: "UCloud授权",
component: {
name: "access-selector",
type: "ucloud"
type: "ucloud",
},
required: true
required: true,
})
accessId!: string;
@@ -46,7 +46,7 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
title: "地域",
helper: "选择UCloud地域",
action: UCloudDeployToULB.prototype.onGetRegionList.name,
single: true
single: true,
})
)
region!: string;
@@ -60,9 +60,7 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
)
certNameList!: string[];
async onInstance() {
}
async onInstance() {}
async onGetRegionList(req: PageSearch = {}) {
const access = await this.getAccess<UCloudAccess>(this.accessId);
@@ -74,7 +72,7 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
throw new Error("没有获取到UCloud地域列表");
}
const haveSet = {}
const haveSet = {};
list = list.filter((item: any) => {
const region = item.Region;
if (haveSet[region]) {
@@ -82,13 +80,13 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
}
haveSet[region] = true;
return true;
})
let options = list.map((item: any) => {
});
const options = list.map((item: any) => {
const region = item.Region;
const name = UCloudRegions.find((r) => r.value === region)?.label || item.RegionName;
const name = UCloudRegions.find(r => r.value === region)?.label || item.RegionName;
return {
label: `${name}(${item.Region})`,
value: item.Region
value: item.Region,
};
});
@@ -96,21 +94,20 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
list: options,
total: options.length,
pageNo: 1,
pageSize: options.length
pageSize: options.length,
};
}
async execute(): Promise<void> {
const access = await this.getAccess<UCloudAccess>(this.accessId);
const allCertList = await this.getAllCert(access);
const certMap = {}
allCertList.forEach((item) => {
const certMap = {};
allCertList.forEach(item => {
if (!item.name) {
return;
}
certMap[item.name] = item;
})
});
for (const certName of this.certNameList) {
this.logger.info(`----------- 开始更新证书:${certName}`);
@@ -126,10 +123,10 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
continue;
}
const bakCertName = `${certName}_${oldCert.id}_${Date.now()}`
let certId = await this.uploadCertToULB({
const bakCertName = `${certName}_${oldCert.id}_${Date.now()}`;
const certId = await this.uploadCertToULB({
access,
certName:bakCertName,
certName: bakCertName,
});
this.logger.info(`----------- 上传证书${bakCertName}完成`);
@@ -140,7 +137,6 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
certName,
});
this.logger.info(`----------- 证书${certName}部署完成`);
}
await this.ctx.utils.sleep(2000);
@@ -151,13 +147,13 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
}
async clearExpiredCert(access: UCloudAccess, allCertList: any[]) {
const now = Date.now()/1000;
const expiredCertList = allCertList.filter((item) => {
const now = Date.now() / 1000;
const expiredCertList = allCertList.filter(item => {
if (!item.notAfter) {
return false;
}
return item.notAfter < now;
})
});
if (!expiredCertList || expiredCertList.length === 0) {
this.logger.info(`----------- 没有过期证书需要清理`);
return;
@@ -166,10 +162,10 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
this.logger.info(`----------- 清理过期证书:${cert.name} ${cert.id}`);
try {
await access.invoke({
"Action": "DeleteSSL",
"Region": this.region,
"ProjectId": access.projectId,
"SSLId": cert.id,
Action: "DeleteSSL",
Region: this.region,
ProjectId: access.projectId,
SSLId: cert.id,
});
this.logger.info(`----------- 清理过期证书成功:${cert.name} ${cert.id}`);
} catch (error) {
@@ -177,12 +173,7 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
}
}
}
async updateSSLBinding(req: {
access: UCloudAccess,
oldSSL: any,
newSSLId: string,
certName: string,
}) {
async updateSSLBinding(req: { access: UCloudAccess; oldSSL: any; newSSLId: string; certName: string }) {
const access = req.access;
const oldSSLId = req.oldSSL.id;
const newSSLId = req.newSSLId;
@@ -192,11 +183,11 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
} else {
this.logger.info(`----------- 更新ULB证书绑定:${oldSSLId} -> ${newSSLId}`);
await access.invoke({
"Action": "UpdateSSLBinding",
"Region": this.region,
"ProjectId": access.projectId,
"OldSSLId": oldSSLId,
"NewSSLId": newSSLId,
Action: "UpdateSSLBinding",
Region: this.region,
ProjectId: access.projectId,
OldSSLId: oldSSLId,
NewSSLId: newSSLId,
});
this.logger.info(`----------- 更新ULB证书绑定成功: ${newSSLId}`);
}
@@ -204,52 +195,47 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
// 更新证书名称
this.logger.info(`----------- 更新ULB证书名称:${newSSLId} -> ${req.certName}`);
await access.invoke({
"Action": "UpdateSSLAttribute",
"Region": this.region,
"ProjectId": access.projectId,
"SSLId": newSSLId,
"SSLName": req.certName,
Action: "UpdateSSLAttribute",
Region: this.region,
ProjectId: access.projectId,
SSLId: newSSLId,
SSLName: req.certName,
});
this.logger.info(`----------- 更新ULB证书名称成功:${req.certName}`);
await this.ctx.utils.sleep(5000);
try {
this.logger.info(`----------- 删除ULB旧证书:${oldSSLId}`);
await access.invoke({
"Action": "DeleteSSL",
"Region": this.region,
"ProjectId": access.projectId,
"SSLId": oldSSLId,
Action: "DeleteSSL",
Region: this.region,
ProjectId: access.projectId,
SSLId: oldSSLId,
});
this.logger.info(`----------- 删除ULB旧证书成功:${oldSSLId}`);
} catch (error) {
this.logger.error(`----------- 删除ULB旧证书失败:${oldSSLId}`, error);
}
}
async uploadCertToULB(req: {
access: UCloudAccess,
certName: string,
}) {
async uploadCertToULB(req: { access: UCloudAccess; certName: string }) {
const access = req.access;
const certName = req.certName;
const certContent = `${this.cert.crt}\n${this.cert.key}`
const certContent = `${this.cert.crt}\n${this.cert.key}`;
const res = await access.invoke({
"Action": "CreateSSL",
"Region": this.region,
"ProjectId": access.projectId,
"SSLName": certName,
"SSLContent": certContent,
Action: "CreateSSL",
Region: this.region,
ProjectId: access.projectId,
SSLName: certName,
SSLContent: certContent,
});
if (res.RetCode !== 0) {
throw new Error(`创建ULB证书失败: ${res.Message || '未知错误'}`);
throw new Error(`创建ULB证书失败: ${res.Message || "未知错误"}`);
}
return res.SSLId;
}
async getAllCert(access: UCloudAccess) {
const certList = [] as any[];
const pager = {
@@ -268,27 +254,23 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
return certList;
}
async getCertPage(access: UCloudAccess, req: PageSearch = {}) {
const pageNo = req.pageNo ?? 1;
const pageSize = req.pageSize ?? 100;
const res = await access.invoke({
"Action": "DescribeSSLV2",
"Region": this.region,
"ProjectId": access.projectId,
"Offset": (pageNo - 1) * pageSize,
"Limit": pageSize
Action: "DescribeSSLV2",
Region: this.region,
ProjectId: access.projectId,
Offset: (pageNo - 1) * pageSize,
Limit: pageSize,
});
let list = res.DataSet || [];
const total = res.TotalCount || list.length;
list = list.map((item: any) => {
const domains = [
...item.Domains.split(','),
...item.DNSNames.split(',')
]
const domains = [...item.Domains.split(","), ...item.DNSNames.split(",")];
return {
id: item.SSLId,
name: item.SSLName,
@@ -298,7 +280,7 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
createTime: item.CreateTime,
relations: item.Relations,
};
})
});
return {
list: list,
total: total,
@@ -327,7 +309,6 @@ export class UCloudDeployToULB extends AbstractTaskPlugin {
total: total,
};
}
}
new UCloudDeployToULB();
packages/ui/certd-server/src/plugins/plugin-ucloud/plugins/plugin-deploy-to-us3.ts
+45 -51
View File
@@ -12,9 +12,9 @@ import { UCloudAccess } from "../access.js";
needPlus: false,
default: {
strategy: {
runStrategy: RunStrategy.SkipWhenSucceed
}
}
runStrategy: RunStrategy.SkipWhenSucceed,
},
},
})
export class UCloudDeployToUS3 extends AbstractTaskPlugin {
@TaskInput({
@@ -22,10 +22,10 @@ export class UCloudDeployToUS3 extends AbstractTaskPlugin {
helper: "请选择前置任务输出的域名证书",
component: {
name: "output-selector",
from: [...CertApplyPluginNames]
}
from: [...CertApplyPluginNames],
},
})
cert!: CertInfo ;
cert!: CertInfo;
@TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
certDomains!: string[];
@@ -34,9 +34,9 @@ export class UCloudDeployToUS3 extends AbstractTaskPlugin {
title: "UCloud授权",
component: {
name: "access-selector",
type: "ucloud"
type: "ucloud",
},
required: true
required: true,
})
accessId!: string;
@@ -44,7 +44,7 @@ export class UCloudDeployToUS3 extends AbstractTaskPlugin {
createRemoteSelectInputDefine({
title: "存储桶",
helper: "要更新的UCloud存储桶",
action: UCloudDeployToUS3.prototype.onGetBucketList.name
action: UCloudDeployToUS3.prototype.onGetBucketList.name,
})
)
bucket!: string;
@@ -53,17 +53,16 @@ export class UCloudDeployToUS3 extends AbstractTaskPlugin {
createRemoteSelectInputDefine({
title: "域名列表",
helper: "要更新的UCloud域名列表",
action: UCloudDeployToUS3.prototype.onGetDomainList.name
action: UCloudDeployToUS3.prototype.onGetDomainList.name,
})
)
domainList!: string[];
async onInstance() {
}
async onInstance() {}
async execute(): Promise<void> {
const access = await this.getAccess<UCloudAccess>(this.accessId);
let certName = this.appendTimeSuffix("certd")
const certName = this.appendTimeSuffix("certd");
let cert: CertInfo;
for (const domain of this.domainList) {
@@ -73,7 +72,7 @@ export class UCloudDeployToUS3 extends AbstractTaskPlugin {
bucket: this.bucket,
domain: domain,
cert: cert,
certName: certName
certName: certName,
});
this.logger.info(`----------- 更新存储桶${this.bucket}的域名${domain}证书成功`);
}
@@ -81,17 +80,17 @@ export class UCloudDeployToUS3 extends AbstractTaskPlugin {
this.logger.info("部署完成");
}
async deployToUS3(req: { access: any, bucket: string, domain: string, cert: CertInfo, certName: string }) {
const { access, bucket, domain, cert, certName } = req
async deployToUS3(req: { access: any; bucket: string; domain: string; cert: CertInfo; certName: string }) {
const { access, bucket, domain, cert, certName } = req;
const body: any = {
"Action": "UpdateUFileSSLCert",
"BucketName": bucket,
"Domain": domain,
"CertificateName": certName,
"Certificate": cert.crt,
"CertificateKey": cert.key
}
Action: "UpdateUFileSSLCert",
BucketName: bucket,
Domain: domain,
CertificateName: certName,
Certificate: cert.crt,
CertificateKey: cert.key,
};
this.logger.info(`----------- 更新对象存储SSL证书${bucket}:${domain}${JSON.stringify(body)}`);
const resp = await access.invoke(body);
@@ -103,20 +102,20 @@ export class UCloudDeployToUS3 extends AbstractTaskPlugin {
const pageNo = req.pageNo ?? 1;
const pageSize = req.pageSize ?? 100;
try {
const resp = await access.invoke({
"Action": "DescribeBucket",
"ProjectId": access.projectId,
"Offset": (pageNo - 1) * pageSize,
"Limit": pageSize
Action: "DescribeBucket",
ProjectId: access.projectId,
Offset: (pageNo - 1) * pageSize,
Limit: pageSize,
});
this.logger.info(`获取到存储桶列表:${JSON.stringify(resp)}`);
const buckets = resp.DataSet || [];
const total = buckets.length;
if (!buckets || buckets.length === 0) {
throw new Error("没有找到存储桶,请先在控制台创建存储桶");
}
@@ -125,15 +124,15 @@ export class UCloudDeployToUS3 extends AbstractTaskPlugin {
return {
label: `${item.BucketName}<${item.Region}>`,
value: `${item.BucketName}`,
bucket: item.BucketName
bucket: item.BucketName,
};
});
return {
list: this.ctx.utils.options.buildGroupOptions(options, this.certDomains),
total: total,
pageNo: pageNo,
pageSize: pageSize
pageSize: pageSize,
};
} catch (err) {
this.logger.error(`获取存储桶列表失败:${err}`);
@@ -143,35 +142,30 @@ export class UCloudDeployToUS3 extends AbstractTaskPlugin {
async onGetDomainList(req: PageSearch = {}) {
const access = await this.getAccess<UCloudAccess>(this.accessId);
if (!this.bucket) {
throw new Error("请先选择存储桶");
}
try {
const resp = await access.invoke({
"Action": "DescribeBucket",
"ProjectId": access.projectId,
"BucketName": this.bucket
Action: "DescribeBucket",
ProjectId: access.projectId,
BucketName: this.bucket,
});
this.logger.info(`获取到存储桶域名列表:${JSON.stringify(resp)}`);
const buckets = resp.DataSet || [];
if (!buckets || buckets.length === 0) {
throw new Error(`没有找到存储桶${this.bucket}`);
}
const bucketInfo = buckets[0];
const domainSet = bucketInfo.Domain || {};
const allDomains = [
...(domainSet.Src || []),
...(domainSet.Cdn || []),
...(domainSet.CustomSrc || []),
...(domainSet.CustomCdn || [])
];
const allDomains = [...(domainSet.Src || []), ...(domainSet.Cdn || []), ...(domainSet.CustomSrc || []), ...(domainSet.CustomCdn || [])];
if (!allDomains || allDomains.length === 0) {
throw new Error(`没有找到存储桶${this.bucket}的域名,请先在控制台为存储桶添加域名`);
}
@@ -180,15 +174,15 @@ export class UCloudDeployToUS3 extends AbstractTaskPlugin {
return {
label: domain,
value: domain,
domain: domain
domain: domain,
};
});
return {
list: this.ctx.utils.options.buildGroupOptions(options, this.certDomains),
total: allDomains.length,
pageNo: 1,
pageSize: allDomains.length
pageSize: allDomains.length,
};
} catch (err) {
this.logger.error(`获取存储桶域名列表失败:${err}`);
packages/ui/certd-server/src/plugins/plugin-ucloud/plugins/plugin-deploy-to-waf.ts
+46 -54
View File
@@ -15,9 +15,9 @@ import { UCloudAccess } from "../access.js";
default: {
//默认值配置照抄即可
strategy: {
runStrategy: RunStrategy.SkipWhenSucceed
}
}
runStrategy: RunStrategy.SkipWhenSucceed,
},
},
})
//类名规范,跟上面插件名称(name)一致
export class UCloudDeployToWaf extends AbstractTaskPlugin {
@@ -27,11 +27,11 @@ export class UCloudDeployToWaf extends AbstractTaskPlugin {
helper: "请选择前置任务输出的域名证书",
component: {
name: "output-selector",
from: [...CertApplyPluginNames]
}
from: [...CertApplyPluginNames],
},
// required: true, // 必填
})
cert!: CertInfo ;
cert!: CertInfo;
@TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
certDomains!: string[];
@@ -41,9 +41,9 @@ export class UCloudDeployToWaf extends AbstractTaskPlugin {
title: "UCloud授权",
component: {
name: "access-selector",
type: "ucloud" //固定授权类型
type: "ucloud", //固定授权类型
},
required: true //必填
required: true, //必填
})
accessId!: string;
//
@@ -53,14 +53,13 @@ export class UCloudDeployToWaf extends AbstractTaskPlugin {
title: "域名列表",
helper: "要更新的UCloud域名列表",
action: UCloudDeployToWaf.prototype.onGetDomainList.name
action: UCloudDeployToWaf.prototype.onGetDomainList.name,
})
)
domainList!: string[];
//插件实例化时执行的方法
async onInstance() {
}
async onInstance() {}
//插件执行方法
async execute(): Promise<void> {
@@ -68,7 +67,7 @@ export class UCloudDeployToWaf extends AbstractTaskPlugin {
const res = await this.addWafDomainCertificateInfo({
access: access,
cert: this.cert
cert: this.cert,
});
this.logger.info(`----------- 上传证书成功:${JSON.stringify(res)}`);
const certId = res.Id;
@@ -76,47 +75,43 @@ export class UCloudDeployToWaf extends AbstractTaskPlugin {
for (const item of this.domainList) {
this.logger.info(`----------- 开始更新域名:${item}`);
const domainInfo =await access.WafSiteList({
const domainInfo = await access.WafSiteList({
PageNo: 1,
PageSize: 10,
FullDomain: item
})
const list = domainInfo.DomainHostList || []
if(!list || list.length === 0){
throw new Error(`没有找到WAF域名${item}`)
FullDomain: item,
});
const list = domainInfo.DomainHostList || [];
if (!list || list.length === 0) {
throw new Error(`没有找到WAF域名${item}`);
}
const oldDomainInfo = list[0] as any
const oldDomainInfo = list[0] as any;
const srcIpList = oldDomainInfo.SrcIPInfo.map((item: any) => item.SrcIP)
const srcIpList = oldDomainInfo.SrcIPInfo.map((item: any) => item.SrcIP);
await access.invoke({
"Action": "UpdateWafDomainHostInfo",
"ProjectId": access.projectId,
"WorkRegions": oldDomainInfo.WorkRegions,
"FullDomain": item,
"CertificateID": certId ,
"SrcIP":srcIpList
})
Action: "UpdateWafDomainHostInfo",
ProjectId: access.projectId,
WorkRegions: oldDomainInfo.WorkRegions,
FullDomain: item,
CertificateID: certId,
SrcIP: srcIpList,
});
this.logger.info(`----------- 更新域名证书${item}成功`);
}
this.logger.info("部署完成");
}
async onGetDomainList(req: PageSearch = {}) {
const access = await this.getAccess<UCloudAccess>(this.accessId);
const pageNo = req.pageNo ?? 1;
const pageSize = req.pageSize ?? 100;
const res = await access.WafSiteList(
{
PageNo: pageNo,
PageSize: pageSize
}
);
const res = await access.WafSiteList({
PageNo: pageNo,
PageSize: pageSize,
});
const total = res.TotalCount;
const list = res.DomainHostList || [];
if (!list || list.length === 0) {
@@ -131,28 +126,26 @@ export class UCloudDeployToWaf extends AbstractTaskPlugin {
return {
label: `${item.FullDomain}<${item.RecordId}>`,
value: `${item.FullDomain}`,
domain: item.FullDomain
domain: item.FullDomain,
};
});
return {
list: this.ctx.utils.options.buildGroupOptions(options, this.certDomains),
total: total,
pageNo: pageNo,
pageSize: pageSize
pageSize: pageSize,
};
}
async addWafDomainCertificateInfo(req: { access: UCloudAccess, cert: CertInfo }) {
const certReader = new CertReader(req.cert)
const certName = certReader.buildCertName()
const crtBase64 = this.ctx.utils.hash.base64(req.cert.crt)
const keyBase64 = this.ctx.utils.hash.base64(req.cert.key)
const allDomains = certReader.getAllDomains().join(",")
async addWafDomainCertificateInfo(req: { access: UCloudAccess; cert: CertInfo }) {
const certReader = new CertReader(req.cert);
const certName = certReader.buildCertName();
const crtBase64 = this.ctx.utils.hash.base64(req.cert.crt);
const keyBase64 = this.ctx.utils.hash.base64(req.cert.key);
const allDomains = certReader.getAllDomains().join(",");
const resp = await req.access.invoke({
"Action": "AddWafDomainCertificateInfo",
Action: "AddWafDomainCertificateInfo",
/**
* Domain string 域名 Yes
CertificateName string 证书名称 Yes
@@ -161,17 +154,16 @@ export class UCloudDeployToWaf extends AbstractTaskPlugin {
SslKeyless string keyless开关,默认关闭;可选值:开启(on),关闭(off) Yes
*/
"Domain": allDomains,
"CertificateName": certName,
"SslPublicKey": crtBase64,
"SslPrivateKey": keyBase64,
"SslMD": this.ctx.utils.hash.md5(crtBase64),
"SslKeyless": "off"
Domain: allDomains,
CertificateName: certName,
SslPublicKey: crtBase64,
SslPrivateKey: keyBase64,
SslMD: this.ctx.utils.hash.md5(crtBase64),
SslKeyless: "off",
});
this.ctx.logger.info(`----------- 添加WAF域名证书信息成功,${JSON.stringify(resp)}`);
return resp;
}
}
//实例化一下,注册插件
packages/ui/certd-server/src/plugins/plugin-ucloud/plugins/plugin-upload-to-ussl.ts
+10 -17
View File
@@ -14,9 +14,9 @@ import { UCloudAccess } from "../access.js";
default: {
//默认值配置照抄即可
strategy: {
runStrategy: RunStrategy.SkipWhenSucceed
}
}
runStrategy: RunStrategy.SkipWhenSucceed,
},
},
})
//类名规范,跟上面插件名称(name)一致
export class UCloudUploadToUSSL extends AbstractTaskPlugin {
@@ -26,22 +26,20 @@ export class UCloudUploadToUSSL extends AbstractTaskPlugin {
helper: "请选择前置任务输出的域名证书",
component: {
name: "output-selector",
from: [...CertApplyPluginNames]
}
from: [...CertApplyPluginNames],
},
// required: true, // 必填
})
cert!: CertInfo;
//授权选择框
@TaskInput({
title: "UCloud授权",
component: {
name: "access-selector",
type: "ucloud" //固定授权类型
type: "ucloud", //固定授权类型
},
required: true //必填
required: true, //必填
})
accessId!: string;
//
@@ -50,23 +48,18 @@ export class UCloudUploadToUSSL extends AbstractTaskPlugin {
title: "证书ID",
type: "UCloudCertId",
})
certId!: {type:string,id:number,name:string};
certId!: { type: string; id: number; name: string };
//插件实例化时执行的方法
async onInstance() {
}
async onInstance() {}
//插件执行方法
async execute(): Promise<void> {
const access = await this.getAccess<UCloudAccess>(this.accessId);
const certId = await access.SslUploadCert({cert:this.cert});
const certId = await access.SslUploadCert({ cert: this.cert });
this.certId = certId;
this.logger.info("部署完成");
}
}
//实例化一下,注册插件