perf: 支持七牛云

2026-04-24 04:17:25 +08:00 · 2024-09-24 13:50:06 +08:00
parent 8de56feeb7
commit 8ecc2f9446
16 changed files with 240 additions and 8 deletions
@@ -18,7 +18,6 @@
    "up-mw-deps": "npx midway-version -u -w",
    "heap": "clinic heapprofiler   -- node ./bootstrap.js",
    "flame": "clinic flame   -- node ./bootstrap.js"
-
  },
  "dependencies": {
    "@alicloud/cs20151215": "^3.0.3",
@@ -65,6 +64,7 @@
    "nanoid": "^4.0.0",
    "nodemailer": "^6.9.3",
    "pg": "^8.12.0",
+    "qiniu": "^7.12.0",
    "querystring": "^0.2.1",
    "reflect-metadata": "^0.1.13",
    "ssh2": "^1.15.0",
@@ -8,3 +8,4 @@ export * from './plugin-demo/index.js';
 export * from './plugin-other/index.js';
 export * from './plugin-west/index.js';
 export * from './plugin-doge/index.js';
+export * from './plugin-qiniu/index.js';
@@ -0,0 +1,24 @@
+import { AccessInput, IAccess, IsAccess } from '@certd/pipeline';
+
+@IsAccess({
+  name: 'qiniu',
+  title: '七牛云授权',
+  desc: '',
+  input: {},
+})
+export class QiniuAccess implements IAccess {
+  @AccessInput({
+    title: 'AccessKey',
+    rules: [{ required: true, message: '此项必填' }],
+    helper: 'AK，前往[密钥管理](https://portal.qiniu.com/developer/user/key)获取',
+  })
+  accessKey!: string;
+  @AccessInput({
+    title: 'SecretKey',
+    encrypt: true,
+    helper: 'SK',
+  })
+  secretKey!: string;
+}
+
+new QiniuAccess();
@@ -0,0 +1 @@
+export * from './access.js';
@@ -0,0 +1,2 @@
+export * from './plugin/index.js';
+export * from './access/index.js';
@@ -0,0 +1,74 @@
+import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
+import { QiniuAccess } from '../../access/index.js';
+import { CertInfo } from '@certd/plugin-cert';
+import { doRequest, uploadCert } from '../lib/sdk.js';
+
+@IsTaskPlugin({
+  name: 'QiniuDeployCertToCDN',
+  title: '部署证书至七牛CDN',
+  icon: 'svg:icon-qiniuyun',
+  group: pluginGroups.cdn.key,
+  desc: '自动部署域名证书至七牛云CDN',
+  default: {
+    strategy: {
+      runStrategy: RunStrategy.SkipWhenSucceed,
+    },
+  },
+})
+export class QiniuDeployCertToCDN extends AbstractTaskPlugin {
+  @TaskInput({
+    title: 'CDN加速域名',
+    helper: '你在七牛云上配置的CDN加速域名，比如:certd.handsfree.work',
+    required: true,
+  })
+  domainName!: string;
+
+  @TaskInput({
+    title: '域名证书',
+    helper: '请选择前置任务输出的域名证书，或者上传到七牛云的证书id',
+    component: {
+      name: 'pi-output-selector',
+      from: ['CertApply', 'CertApplyLego', 'QiniuCertUpload'],
+    },
+    required: true,
+  })
+  cert!: CertInfo | string;
+
+  @TaskInput({
+    title: 'Access授权',
+    helper: '七牛云授权',
+    component: {
+      name: 'pi-access-selector',
+      type: 'qiniu',
+    },
+    required: true,
+  })
+  accessId!: string;
+
+  async onInstance() {}
+  async execute(): Promise<void> {
+    this.logger.info('开始部署证书到七牛云cdn');
+    const access = await this.accessService.getById<QiniuAccess>(this.accessId);
+
+    const url = `https://api.qiniu.com/domain/${this.domainName}/httpsconf`;
+    let certId = null;
+    if (typeof this.cert !== 'string') {
+      // 是证书id，直接上传即可
+      this.logger.info('先上传证书');
+      certId = await uploadCert(this.ctx.http, access, this.cert, this.appendTimeSuffix('certd'));
+    } else {
+      certId = this.cert;
+    }
+
+    //开始修改证书
+    this.logger.info('开始修改证书');
+    const body = {
+      certID: certId,
+    };
+
+    await doRequest(this.ctx.http, access, url, 'put', body);
+
+    this.logger.info('部署完成');
+  }
+}
+new QiniuDeployCertToCDN();
@@ -0,0 +1 @@
+export * from './deploy-to-cdn/index.js';
@@ -0,0 +1,36 @@
+import { HttpClient } from '@certd/pipeline';
+import { QiniuAccess } from '../../access/index.js';
+import { CertInfo } from '@certd/plugin-cert';
+
+export async function doRequest(http: HttpClient, access: QiniuAccess, url: string, method: string, body: any) {
+  const { generateAccessToken } = await import('qiniu/qiniu/util.js');
+  const token = generateAccessToken(access, url);
+  const res = await http.request({
+    url,
+    method: method,
+    headers: {
+      Authorization: token,
+    },
+    data: body,
+  });
+
+  if (res.code !== 200 || res.error) {
+    throw new Error('请求失败：' + res.error);
+  }
+  return res;
+}
+
+export async function uploadCert(http: HttpClient, access: QiniuAccess, cert: CertInfo, certName?: string) {
+  const url = 'https://api.qiniu.com/sslcert';
+
+  const body = {
+    name: certName,
+    common_name: 'certd',
+    pri: cert.key,
+    ca: cert.crt,
+  };
+
+  const res = await doRequest(http, access, url, 'post', body);
+
+  return res.certID;
+}
@@ -0,0 +1,60 @@
+import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput, TaskOutput } from '@certd/pipeline';
+import { QiniuAccess } from '../../access/index.js';
+import { CertInfo } from '@certd/plugin-cert';
+import { uploadCert } from '../lib/sdk.js';
+
+@IsTaskPlugin({
+  name: 'QiniuCertUpload',
+  title: '上传到七牛云',
+  icon: 'svg:icon-qiniuyun',
+  group: pluginGroups.cdn.key,
+  desc: '上传到七牛云',
+  default: {
+    strategy: {
+      runStrategy: RunStrategy.SkipWhenSucceed,
+    },
+  },
+})
+export class QiniuCertUpload extends AbstractTaskPlugin {
+  @TaskInput({
+    title: '证书名称',
+    helper: '上传后将以此名称作为前缀备注',
+  })
+  certName!: string;
+
+  @TaskInput({
+    title: '域名证书',
+    helper: '请选择前置任务输出的域名证书',
+    component: {
+      name: 'pi-output-selector',
+      from: ['CertApply', 'CertApplyLego'],
+    },
+    required: true,
+  })
+  cert!: CertInfo;
+
+  @TaskInput({
+    title: 'Access授权',
+    helper: '七牛云授权',
+    component: {
+      name: 'pi-access-selector',
+      type: 'qiniu',
+    },
+    required: true,
+  })
+  accessId!: string;
+
+  @TaskOutput({
+    title: '上传成功后的七牛云CertId',
+  })
+  qiniuCertId!: string;
+
+  async onInstance() {}
+  async execute(): Promise<void> {
+    this.logger.info('开始上传证书到七牛云');
+    const access = (await this.accessService.getById(this.accessId)) as QiniuAccess;
+    this.qiniuCertId = await uploadCert(this.ctx.http, access, this.cert, this.appendTimeSuffix(this.certName));
+    this.logger.info('上传完成,id:', this.qiniuCertId);
+  }
+}
+new QiniuCertUpload();