perf: 1panel支持先上传证书再选择证书

2026-04-24 04:17:25 +08:00 · 2026-04-10 00:08:10 +08:00
parent a7a4f66633
commit 7a9eec88e8
10 changed files with 197 additions and 5 deletions
@@ -0,0 +1,32 @@
+import { CertInfo, CertReader, ICertInfoGetter } from '@certd/plugin-lib';
+import { CertInfoService } from '../../../monitor/index.js';
+
+export class CertInfoGetter implements ICertInfoGetter  {
+  userId: number;
+  projectId: number;
+  certInfoService: CertInfoService;
+  constructor(userId: number, projectId: number, certInfoService: CertInfoService) {
+    this.userId = userId;
+    this.projectId = projectId;
+    this.certInfoService = certInfoService;
+  }
+  async getByPipelineId(pipelineId: number): Promise<CertInfo> {
+    if (!pipelineId) {
+      throw new Error(`流水线id不能为空`)
+    }
+    const query :any= {
+        pipelineId,
+        userId: this.userId,
+    }
+    if (this.projectId) {
+       query.projectId = this.projectId
+    }
+    const entity =  await this.certInfoService.findOne({
+      where:query
+    })
+    if (!entity || !entity.certInfo) {
+      throw new Error(`流水线(${pipelineId})还未生成证书，请先运行一次流水线`)
+    }
+    return new CertReader(JSON.parse(entity.certInfo)).cert;
+  }
+}
@@ -9,6 +9,9 @@ import { SubDomainsGetter } from "./sub-domain-getter.js";
 import { DomainVerifierGetter } from "./domain-verifier-getter.js";
 import { DomainService } from "../../../cert/service/domain-service.js";
 import { SubDomainService } from "../sub-domain-service.js";
+import { CertInfoGetter } from "./cert-info-getter.js";
+import { CertInfoService } from "../../../monitor/index.js";
+import { ICertInfoGetter } from "@certd/plugin-lib";

 const serviceNames = [
  'ocrService',
@@ -34,6 +37,8 @@ export class TaskServiceGetter implements IServiceGetter{
      return await this.getNotificationService() as T
    } else if (serviceName === 'domainVerifierGetter') {
      return await this.getDomainVerifierGetter() as T
+    } else if (serviceName === 'certInfoGetter') {
+      return await this.getCertInfoGetter() as T
    }else{
      if(!serviceNames.includes(serviceName)){
        throw new Error(`${serviceName} not in whitelist`)
@@ -51,6 +56,11 @@ export class TaskServiceGetter implements IServiceGetter{
    return new SubDomainsGetter(this.userId,this.projectId, subDomainsService,domainService)
  }

+  async getCertInfoGetter(): Promise<ICertInfoGetter> {
+    const certInfoService:CertInfoService = await  this.appCtx.getAsync("certInfoService")
+    return new CertInfoGetter(this.userId, this.projectId, certInfoService)
+  }
+
  async getAccessService(): Promise<AccessGetter> {
    const accessService:AccessService = await  this.appCtx.getAsync("accessService")
    return new AccessGetter(this.userId, this.projectId, accessService.getById.bind(accessService));
@@ -2,7 +2,7 @@ import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput

 import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
 import { OnePanelAccess } from "../access.js";
-import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from "@certd/plugin-lib";
+import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine, ICertInfoGetter } from "@certd/plugin-lib";
 import { OnePanelClient } from "../client.js";

@IsTaskPlugin({
@@ -66,6 +66,7 @@ export class OnePanelDeployToWebsitePlugin extends AbstractTaskPlugin {
      watches: ["accessId"],
      helper: "要更新的1Panel证书id，选择授权之后，从下拉框中选择\nIP需要加白名单，如果是同一台机器部署的，可以试试172.16.0.0/12",
      required: true,
+      uploadCert: {}
    })
  )
  sslIds!: string[];
@@ -213,5 +214,36 @@ export class OnePanelDeployToWebsitePlugin extends AbstractTaskPlugin {
    });
    return this.ctx.utils.options.buildGroupOptions(list, this.certDomains);
  }
+
+  async onUploadCert(data: { pipelineId: string, certName: string }) {
+    if (!this.access) {
+      throw new Error("请先选择1panel授权");
+    }
+    const certInfoGetter = await this.ctx.serviceGetter.get<ICertInfoGetter>("certInfoGetter")
+    const cert = await certInfoGetter.getByPipelineId(Number(data.pipelineId));
+
+    const client = new OnePanelClient({
+      access: this.access,
+      http: this.http,
+      logger: this.logger,
+      utils: this.ctx.utils,
+    });
+
+    await client.doRequest({
+      url: `/api/${this.access.apiVersion}/websites/ssl/upload`,
+      method: "post",
+      data: {
+        sslId: 0,
+        certificate: cert.crt,
+        certificatePath: "",
+        description: data.certName,
+        privateKey: cert.key,
+        privateKeyPath: "",
+        type: "paste",
+      },
+      currentNode: this.currentNode,
+    });
+
+  }
 }
 new OnePanelDeployToWebsitePlugin();