lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-04-23 19:57:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

perf: 创建证书任务可以选择lege插件

Browse Source
This commit is contained in:
xiaojunnuo
2024-07-21 02:26:03 +08:00
parent 4afbf20c1a
commit affef13037
40 changed files with 434 additions and 378 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-ack-ingress/index.ts
+2 -1
View File
@@ -1,4 +1,4 @@
import { AbstractTaskPlugin, IAccessService, ILogger, IsTaskPlugin, RunStrategy, TaskInput, utils } from '@certd/pipeline';
import { AbstractTaskPlugin, IAccessService, ILogger, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput, utils } from '@certd/pipeline';
// @ts-ignore
import { ROAClient } from '@alicloud/pop-core';
import { AliyunAccess } from '../../access/index.js';
@@ -9,6 +9,7 @@ import { CertInfo } from '@certd/plugin-cert';
@IsTaskPlugin({
name: 'DeployCertToAliyunAckIngress',
title: '部署到阿里云AckIngress',
group: pluginGroups.aliyun.key,
input: {},
output: {},
default: {
packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-cdn/index.ts
+2 -1
View File
@@ -2,7 +2,7 @@ import {
AbstractTaskPlugin,
IAccessService,
ILogger,
IsTaskPlugin,
IsTaskPlugin, pluginGroups,
RunStrategy,
TaskInput,
} from '@certd/pipeline';
@@ -14,6 +14,7 @@ import { AliyunAccess } from '../../access/index.js';
@IsTaskPlugin({
name: 'DeployCertToAliyunCDN',
title: '部署证书至阿里云CDN',
group: pluginGroups.aliyun.key,
desc: '依赖证书申请前置任务,自动部署域名证书至阿里云CDN',
default: {
strategy: {
packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/upload-to-aliyun/index.ts
+4 -16
View File
@@ -1,11 +1,4 @@
import {
AbstractTaskPlugin,
IAccessService,
IsTaskPlugin,
RunStrategy,
TaskInput,
TaskOutput,
} from '@certd/pipeline';
import { AbstractTaskPlugin, IAccessService, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput, TaskOutput } from '@certd/pipeline';
import Core from '@alicloud/pop-core';
import { AliyunAccess } from '../../access/index.js';
import { appendTimeSuffix, checkRet, ZoneOptions } from '../../utils/index.js';
@@ -14,6 +7,7 @@ import { Logger } from 'log4js';
@IsTaskPlugin({
name: 'uploadCertToAliyun',
title: '上传证书到阿里云',
group: pluginGroups.aliyun.key,
desc: '',
default: {
strategy: {
@@ -76,9 +70,7 @@ export class UploadCertToAliyun extends AbstractTaskPlugin {
async execute(): Promise<void> {
console.log('开始部署证书到阿里云cdn');
const access = (await this.accessService.getById(
this.accessId
)) as AliyunAccess;
const access = (await this.accessService.getById(this.accessId)) as AliyunAccess;
const client = this.getClient(access);
const certName = appendTimeSuffix(this.name);
const params = {
@@ -92,11 +84,7 @@ export class UploadCertToAliyun extends AbstractTaskPlugin {
method: 'POST',
};
const ret = (await client.request(
'CreateUserCertificate',
params,
requestOption
)) as any;
const ret = (await client.request('CreateUserCertificate', params, requestOption)) as any;
checkRet(ret);
this.logger.info('证书上传成功:aliyunCertId=', ret.CertId);
packages/ui/certd-server/src/plugins/plugin-cloudflare/plugins/plugin-deploy-to-cdn.ts
+2 -8
View File
@@ -1,16 +1,10 @@
import {
AbstractTaskPlugin,
IAccessService,
ILogger,
IsTaskPlugin,
RunStrategy,
TaskInput,
} from '@certd/pipeline';
import { AbstractTaskPlugin, IAccessService, ILogger, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
import { CertInfo, CertReader } from '@certd/plugin-cert';
@IsTaskPlugin({
name: 'CloudflareDeployToCDN',
title: '部署证书到CF CDN',
group: pluginGroups.other.key,
desc: '暂未实现,不可用',
default: {
strategy: {
packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.ts
+2 -1
View File
@@ -1,10 +1,11 @@
import { AbstractTaskPlugin, IAccessService, ILogger, IsTaskPlugin, RunStrategy, TaskInput } from '@certd/pipeline';
import { AbstractTaskPlugin, IAccessService, ILogger, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
import { CertInfo, CertReader } from '@certd/plugin-cert';
import { K8sClient } from '@certd/lib-k8s';
@IsTaskPlugin({
name: 'demoTest',
title: 'Demo测试插件',
group: pluginGroups.other.key,
default: {
strategy: {
runStrategy: RunStrategy.SkipWhenSucceed,
packages/ui/certd-server/src/plugins/plugin-host/plugin/host-shell-execute/index.ts
+2 -8
View File
@@ -1,16 +1,10 @@
import {
AbstractTaskPlugin,
IAccessService,
ILogger,
IsTaskPlugin,
RunStrategy,
TaskInput,
} from '@certd/pipeline';
import { AbstractTaskPlugin, IAccessService, ILogger, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
import { SshClient } from '../../lib/ssh.js';
@IsTaskPlugin({
name: 'hostShellExecute',
title: '执行远程主机脚本命令',
group: pluginGroups.host.key,
input: {},
default: {
strategy: {
packages/ui/certd-server/src/plugins/plugin-host/plugin/upload-to-host/index.ts
+2 -1
View File
@@ -1,4 +1,4 @@
import { AbstractTaskPlugin, IAccessService, ILogger, IsTaskPlugin, RunStrategy, TaskInput, TaskOutput } from '@certd/pipeline';
import { AbstractTaskPlugin, IAccessService, ILogger, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput, TaskOutput } from '@certd/pipeline';
import { SshClient } from '../../lib/ssh.js';
import { CertInfo, CertReader } from '@certd/plugin-cert';
import * as fs from 'fs';
@@ -7,6 +7,7 @@ import { SshAccess } from '../../access/index.js';
@IsTaskPlugin({
name: 'uploadCertToHost',
title: '上传证书到主机',
group: pluginGroups.host.key,
desc: '也支持复制证书到本机',
default: {
strategy: {
packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-cdn/index.ts
+3 -11
View File
@@ -1,11 +1,4 @@
import {
AbstractTaskPlugin,
IAccessService,
ILogger,
IsTaskPlugin,
RunStrategy,
TaskInput,
} from '@certd/pipeline';
import { AbstractTaskPlugin, IAccessService, ILogger, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
import tencentcloud from 'tencentcloud-sdk-nodejs';
import { TencentAccess } from '../../access/index.js';
import { CertInfo } from '@certd/plugin-cert';
@@ -13,6 +6,7 @@ import { CertInfo } from '@certd/plugin-cert';
@IsTaskPlugin({
name: 'DeployCertToTencentCDN',
title: '部署到腾讯云CDN',
group: pluginGroups.tencent.key,
default: {
strategy: {
runStrategy: RunStrategy.SkipWhenSucceed,
@@ -75,9 +69,7 @@ export class DeployToCdnPlugin extends AbstractTaskPlugin {
}
async execute(): Promise<void> {
const accessProvider: TencentAccess = (await this.accessService.getById(
this.accessId
)) as TencentAccess;
const accessProvider: TencentAccess = (await this.accessService.getById(this.accessId)) as TencentAccess;
const client = this.getClient(accessProvider);
const params = this.buildParams();
await this.doRequest(client, params);
packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-clb/index.ts
+7 -31
View File
@@ -1,12 +1,4 @@
import {
AbstractTaskPlugin,
IAccessService,
ILogger,
IsTaskPlugin,
RunStrategy,
TaskInput,
utils,
} from '@certd/pipeline';
import { AbstractTaskPlugin, IAccessService, ILogger, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput, utils } from '@certd/pipeline';
import tencentcloud from 'tencentcloud-sdk-nodejs';
import { TencentAccess } from '../../access/index.js';
import dayjs from 'dayjs';
@@ -14,6 +6,7 @@ import dayjs from 'dayjs';
@IsTaskPlugin({
name: 'DeployCertToTencentCLB',
title: '部署到腾讯云CLB',
group: pluginGroups.tencent.key,
desc: '暂时只支持单向认证证书,暂时只支持通用负载均衡',
default: {
strategy: {
@@ -40,8 +33,7 @@ export class DeployToClbPlugin extends AbstractTaskPlugin {
@TaskInput({
title: '负载均衡ID',
helper:
'如果没有配置,则根据域名匹配负载均衡下的监听器(根据域名匹配时暂时只支持前100个)',
helper: '如果没有配置,则根据域名匹配负载均衡下的监听器(根据域名匹配时暂时只支持前100个)',
required: true,
})
loadBalancerId!: string;
@@ -88,9 +80,7 @@ export class DeployToClbPlugin extends AbstractTaskPlugin {
this.logger = this.ctx.logger;
}
async execute(): Promise<void> {
const accessProvider = (await this.accessService.getById(
this.accessId
)) as TencentAccess;
const accessProvider = (await this.accessService.getById(this.accessId)) as TencentAccess;
const client = this.getClient(accessProvider, this.region);
const lastCertId = await this.getCertIdFromProps(client);
@@ -103,10 +93,7 @@ export class DeployToClbPlugin extends AbstractTaskPlugin {
try {
await utils.sleep(2000);
let newCertId = await this.getCertIdFromProps(client);
if (
(lastCertId && newCertId === lastCertId) ||
(!lastCertId && !newCertId)
) {
if ((lastCertId && newCertId === lastCertId) || (!lastCertId && !newCertId)) {
await utils.sleep(2000);
newCertId = await this.getCertIdFromProps(client);
}
@@ -121,11 +108,7 @@ export class DeployToClbPlugin extends AbstractTaskPlugin {
}
async getCertIdFromProps(client: any) {
const listenerRet = await this.getListenerList(
client,
this.loadBalancerId,
[this.listenerId]
);
const listenerRet = await this.getListenerList(client, this.loadBalancerId, [this.listenerId]);
return this.getCertIdFromListener(listenerRet[0], this.domain);
}
@@ -152,14 +135,7 @@ export class DeployToClbPlugin extends AbstractTaskPlugin {
const params = this.buildProps();
const ret = await client.ModifyListener(params);
this.checkRet(ret);
this.logger.info(
'设置腾讯云CLB证书成功:',
ret.RequestId,
'->loadBalancerId:',
this.loadBalancerId,
'listenerId',
this.listenerId
);
this.logger.info('设置腾讯云CLB证书成功:', ret.RequestId, '->loadBalancerId:', this.loadBalancerId, 'listenerId', this.listenerId);
return ret;
}
packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-tke-ingress/index.ts
+4 -15
View File
@@ -1,11 +1,4 @@
import {
AbstractTaskPlugin,
IAccessService,
IsTaskPlugin,
RunStrategy,
TaskInput,
utils,
} from '@certd/pipeline';
import { AbstractTaskPlugin, IAccessService, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput, utils } from '@certd/pipeline';
import tencentcloud from 'tencentcloud-sdk-nodejs';
import { K8sClient } from '@certd/lib-k8s';
import dayjs from 'dayjs';
@@ -14,6 +7,7 @@ import { Logger } from 'log4js';
@IsTaskPlugin({
name: 'DeployCertToTencentTKEIngress',
title: '部署到腾讯云TKE-ingress',
group: pluginGroups.tencent.key,
desc: '需要【上传到腾讯云】作为前置任务',
default: {
strategy: {
@@ -104,10 +98,7 @@ export class DeployCertToTencentTKEIngressPlugin extends AbstractTaskPlugin {
async execute(): Promise<void> {
const accessProvider = await this.accessService.getById(this.accessId);
const tkeClient = this.getTkeClient(accessProvider, this.region);
const kubeConfigStr = await this.getTkeKubeConfig(
tkeClient,
this.clusterId
);
const kubeConfigStr = await this.getTkeKubeConfig(tkeClient, this.clusterId);
this.logger.info('kubeconfig已成功获取');
const k8sClient = new K8sClient(kubeConfigStr);
@@ -154,9 +145,7 @@ export class DeployCertToTencentTKEIngressPlugin extends AbstractTaskPlugin {
};
const ret = await client.DescribeClusterKubeconfig(params);
this.checkRet(ret);
this.logger.info(
'注意:后续操作需要在【集群->基本信息】中开启外网或内网访问,https://console.cloud.tencent.com/tke2/cluster'
);
this.logger.info('注意:后续操作需要在【集群->基本信息】中开启外网或内网访问,https://console.cloud.tencent.com/tke2/cluster');
return ret.Kubeconfig;
}
packages/ui/certd-server/src/plugins/plugin-tencent/plugin/upload-to-tencent/index.ts
+2 -1
View File
@@ -1,4 +1,4 @@
import { AbstractTaskPlugin, IAccessService, ILogger, IsTaskPlugin, RunStrategy, TaskInput, TaskOutput } from '@certd/pipeline';
import { AbstractTaskPlugin, IAccessService, ILogger, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput, TaskOutput } from '@certd/pipeline';
import tencentcloud from 'tencentcloud-sdk-nodejs';
import dayjs from 'dayjs';
@@ -6,6 +6,7 @@ import dayjs from 'dayjs';
name: 'UploadCertToTencent',
title: '上传证书到腾讯云',
desc: '上传成功后输出:tencentCertId',
group: pluginGroups.tencent.key,
default: {
strategy: {
runStrategy: RunStrategy.SkipWhenSucceed,