perf: 证书仓库

packages/plugins/plugin-cert/src/plugin/cert-plugin/base.ts

@@ -1,4 +1,4 @@
-import { AbstractTaskPlugin, IContext, NotificationBody, Step, TaskInput, TaskOutput } from "@certd/pipeline";
+import { AbstractTaskPlugin, IContext, NotificationBody, Step, TaskEmitter, TaskInput, TaskOutput } from "@certd/pipeline";
 import dayjs from "dayjs";
 import type { CertInfo } from "./acme.js";
 import { CertReader } from "./cert-reader.js";
@@ -6,8 +6,11 @@ import JSZip from "jszip";
 import { CertConverter } from "./convert.js";
 import { pick } from "lodash-es";
 
-export { CertReader };
-export type { CertInfo };
+export const EVENT_CERT_APPLY_SUCCESS = "CertApply.success";
+
+export async function emitCertApplySuccess(emitter: TaskEmitter, cert: CertReader) {
+  await emitter.emit(EVENT_CERT_APPLY_SUCCESS, cert);
+}
 
 export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
   @TaskInput({
@@ -119,7 +122,7 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
 
   abstract onInit(): Promise<void>;
 
-  abstract doCertApply(): Promise<any>;
+  abstract doCertApply(): Promise<CertReader>;
 
   async execute(): Promise<string | void> {
     const oldCert = await this.condition();
@@ -130,6 +133,8 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
     const cert = await this.doCertApply();
     if (cert != null) {
       await this.output(cert, true);
+
+      await emitCertApplySuccess(this.ctx.emitter, cert);
       //清空后续任务的状态，让后续任务能够重新执行
       this.clearLastStatus();
 
@@ -234,28 +239,10 @@ cert.jks：jks格式证书文件，java服务器使用
     //   return null;
     // }
 
-    let inputChanged = false;
-    //判断域名有没有变更
-    /**
-     *                      "renewDays": 35,
-     *                     "certApplyPlugin": "CertApply",
-     *                     "sslProvider": "letsencrypt",
-     *                     "privateKeyType": "rsa_2048_pkcs1",
-     *                     "dnsProviderType": "aliyun",
-     *                     "domains": [
-     *                       "*.handsfree.work"
-     *                     ],
-     *                     "email": "xiaojunnuo@qq.com",
-     *                     "dnsProviderAccess": 3,
-     *                     "useProxy": false,
-     *                     "skipLocalVerify": false,
-     *                     "successNotify": true,
-     *                     "pfxPassword": "123456"
-     */
     const checkInputChanges = ["domains", "sslProvider", "privateKeyType", "dnsProviderType", "pfxPassword"];
     const oldInput = JSON.stringify(pick(this.lastStatus?.input, checkInputChanges));
     const thisInput = JSON.stringify(pick(this, checkInputChanges));
-    inputChanged = oldInput !== thisInput;
+    const inputChanged = oldInput !== thisInput;
 
     this.logger.info(`旧参数：${oldInput}`);
     this.logger.info(`新参数：${thisInput}`);

packages/plugins/plugin-cert/src/plugin/cert-plugin/cert-reader.ts

@@ -2,7 +2,7 @@ import { CertInfo } from "./acme.js";
 import fs from "fs";
 import os from "os";
 import path from "path";
-import { crypto } from "@certd/acme-client";
+import { CertificateInfo, crypto } from "@certd/acme-client";
 import { ILogger } from "@certd/basic";
 import dayjs from "dayjs";
 
@@ -21,37 +21,22 @@ export type CertReaderHandle = (ctx: CertReaderHandleContext) => Promise<void>;
 export type HandleOpts = { logger: ILogger; handle: CertReaderHandle };
 export class CertReader {
   cert: CertInfo;
-  oc: string; //仅证书，非fullchain证书
-  crt: string;
-  key: string;
-  csr: string;
-  ic: string; //中间证书
-  one: string; //crt + key 合成一个pem文件
 
-  detail: any;
+  detail: CertificateInfo;
   expires: number;
   constructor(certInfo: CertInfo) {
     this.cert = certInfo;
-    this.crt = certInfo.crt;
-    this.key = certInfo.key;
-    this.csr = certInfo.csr;
 
-    this.ic = certInfo.ic;
-    if (!this.ic) {
-      this.ic = this.getIc();
-      this.cert.ic = this.ic;
+    if (!certInfo.ic) {
+      this.cert.ic = this.getIc();
     }
 
-    this.oc = certInfo.oc;
-    if (!this.oc) {
-      this.oc = this.getOc();
-      this.cert.oc = this.oc;
+    if (!certInfo.oc) {
+      this.cert.oc = this.getOc();
     }
 
-    this.one = certInfo.one;
-    if (!this.one) {
-      this.one = this.crt + "\n" + this.key;
-      this.cert.one = this.one;
+    if (!certInfo.one) {
+      this.cert.one = this.cert.crt + "\n" + this.cert.key;
     }
 
     const { detail, expires } = this.getCrtDetail(this.cert.crt);
@@ -62,13 +47,13 @@ export class CertReader {
   getIc() {
     //中间证书ic， 就是crt的第一个 -----END CERTIFICATE----- 之后的内容
     const endStr = "-----END CERTIFICATE-----";
-    const firstBlockEndIndex = this.crt.indexOf(endStr);
+    const firstBlockEndIndex = this.cert.crt.indexOf(endStr);
 
     const start = firstBlockEndIndex + endStr.length + 1;
-    if (this.crt.length <= start) {
+    if (this.cert.crt.length <= start) {
       return "";
     }
-    const ic = this.crt.substring(start);
+    const ic = this.cert.crt.substring(start);
     if (ic == null) {
       return "";
     }
@@ -78,7 +63,7 @@ export class CertReader {
   getOc() {
     //原始证书 就是crt的第一个 -----END CERTIFICATE----- 之前的内容
     const endStr = "-----END CERTIFICATE-----";
-    const arr = this.crt.split(endStr);
+    const arr = this.cert.crt.split(endStr);
     return arr[0] + endStr;
   }
 

packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts

@@ -10,7 +10,7 @@ import { CertApplyBasePlugin } from "./base.js";
 import { GoogleClient } from "../../libs/google.js";
 import { EabAccess } from "../../access";
 import { httpChallengeUploaderFactory } from "./uploads/factory.js";
-
+export * from "./base.js";
 export type { CertInfo };
 export * from "./cert-reader.js";
 export type CnameRecordInput = {