mirror of
https://github.com/certd/certd.git
synced 2026-04-24 20:57:26 +08:00
perf: 支持k8s apply
This commit is contained in:
xiaojunnuo
@@ -1,4 +1,4 @@
|
|||||||
import { CoreV1Api, KubeConfig, NetworkingV1Api, V1Ingress, V1Secret } from "@kubernetes/client-node";
|
import { CoreV1Api, KubeConfig, NetworkingV1Api, V1Ingress, V1Secret, KubernetesObjectApi, loadYaml, KubernetesObject } from "@kubernetes/client-node";
|
||||||
import dns from "dns";
|
import dns from "dns";
|
||||||
import { ILogger } from "@certd/basic";
|
import { ILogger } from "@certd/basic";
|
||||||
import { merge } from "lodash-es";
|
import { merge } from "lodash-es";
|
||||||
@@ -27,6 +27,11 @@ export class K8sClient {
|
|||||||
}
|
}
|
||||||
|
|
||||||
init() {
|
init() {
|
||||||
|
const kubeconfig = this.getKubeConfig();
|
||||||
|
this.client = kubeconfig.makeApiClient(CoreV1Api);
|
||||||
|
}
|
||||||
|
|
||||||
|
getKubeConfig() {
|
||||||
const kubeconfig = new KubeConfig();
|
const kubeconfig = new KubeConfig();
|
||||||
kubeconfig.loadFromString(this.kubeConfigStr);
|
kubeconfig.loadFromString(this.kubeConfigStr);
|
||||||
this.kubeconfig = kubeconfig;
|
this.kubeconfig = kubeconfig;
|
||||||
@@ -41,16 +46,35 @@ export class K8sClient {
|
|||||||
} catch (e) {
|
} catch (e) {
|
||||||
this.logger.warn("skipTLSVerify error", e);
|
this.logger.warn("skipTLSVerify error", e);
|
||||||
}
|
}
|
||||||
|
return kubeconfig;
|
||||||
|
}
|
||||||
|
|
||||||
this.client = kubeconfig.makeApiClient(CoreV1Api);
|
getKubeClient() {
|
||||||
|
const kc = this.getKubeConfig();
|
||||||
|
const client = KubernetesObjectApi.makeApiClient(kc);
|
||||||
|
return client;
|
||||||
|
}
|
||||||
|
|
||||||
// const reqOpts = { kubeconfig, request: {} } as any;
|
async apply(manifest: string) {
|
||||||
// if (this.lookup) {
|
const yml = loadYaml<KubernetesObject>(manifest);
|
||||||
// reqOpts.request.lookup = this.lookup;
|
const client = this.getKubeClient();
|
||||||
// }
|
try {
|
||||||
//
|
await client.create(yml);
|
||||||
// const backend = new Request(reqOpts);
|
} catch (e) {
|
||||||
// this.client = new Client({ backend, version: '1.13' });
|
this.logger.error("apply error", e.response?.body);
|
||||||
|
if (e.response?.body?.reason === "AlreadyExists") {
|
||||||
|
//patch
|
||||||
|
this.logger.info("patch existing resource: ", yml.metadata?.name);
|
||||||
|
const existing = await client.read(yml as any);
|
||||||
|
if (!yml.metadata) {
|
||||||
|
yml.metadata = {};
|
||||||
|
}
|
||||||
|
yml.metadata.resourceVersion = existing.body.metadata.resourceVersion;
|
||||||
|
await client.patch(yml);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
throw e;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -178,17 +178,12 @@ export class DeployCertToMailPlugin extends AbstractTaskPlugin {
|
|||||||
}
|
}
|
||||||
|
|
||||||
compile(templateString: string) {
|
compile(templateString: string) {
|
||||||
// 1. 转义所有HTML特殊字符
|
return function(data) {
|
||||||
|
return templateString.replace(/\${(.*?)}/g, (match, key) => {
|
||||||
// 2. 使用更安全的方式替换变量
|
const value = get(data, key, '');
|
||||||
return function(data) {
|
return String(value);
|
||||||
return templateString.replace(/\${(.*?)}/g, (match, key) => {
|
});
|
||||||
// 3. 安全地获取属性,避免原型链访问
|
};
|
||||||
const value = get(data, key, '');
|
}
|
||||||
// 4. 对值也进行转义
|
|
||||||
return String(value);
|
|
||||||
});
|
|
||||||
};
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
new DeployCertToMailPlugin();
|
new DeployCertToMailPlugin();
|
||||||
|
|||||||
Reference in New Issue
Block a user