refactor: 1

packages/plugins/plugin-aliyun/src/access-providers/aliyun.js

@@ -1,27 +0,0 @@
-export class AliyunAccessProvider {
-  static define () {
-    return {
-      name: 'aliyun',
-      title: '阿里云',
-      desc: '',
-      input: {
-        accessKeyId: {
-          component: {
-            placeholder: 'accessKeyId'
-          },
-          rules: [{ required: true, message: '必填项' }]
-        },
-        accessKeySecret: {
-          component: {
-            placeholder: 'accessKeySecret'
-          },
-          rules: [{ required: true, message: '必填项' }]
-
-        }
-      },
-      output: {
-
-      }
-    }
-  }
-}

packages/plugins/plugin-aliyun/src/dns-providers/aliyun.js

@@ -1,130 +0,0 @@
-import { AbstractDnsProvider } from '@certd/api'
-import Core from '@alicloud/pop-core'
-import _ from 'lodash'
-export class AliyunDnsProvider extends AbstractDnsProvider {
-  static define () {
-    return {
-      name: 'aliyun',
-      title: '阿里云',
-      desc: '',
-      input: {
-        accessProvider: {
-          title: '授权',
-          helper: '需要aliyun类型的授权',
-          component: {
-            name: 'access-selector',
-            type: 'aliyun'
-          },
-          rules: [{ required: true, message: '必填项' }]
-        }
-      },
-      output: {
-
-      }
-    }
-  }
-
-  constructor (args) {
-    super(args)
-    const { props } = args
-    const accessProvider = this.getAccessProvider(props.accessProvider)
-    this.client = new Core({
-      accessKeyId: accessProvider.accessKeyId,
-      accessKeySecret: accessProvider.accessKeySecret,
-      endpoint: 'https://alidns.aliyuncs.com',
-      apiVersion: '2015-01-09'
-    })
-  }
-
-  async getDomainList () {
-    const params = {
-      RegionId: 'cn-hangzhou'
-    }
-
-    const requestOption = {
-      method: 'POST'
-    }
-
-    const ret = await this.client.request('DescribeDomains', params, requestOption)
-    return ret.Domains.Domain
-  }
-
-  async matchDomain (dnsRecord) {
-    const list = await this.getDomainList()
-    let domain = null
-    for (const item of list) {
-      if (_.endsWith(dnsRecord, item.DomainName)) {
-        domain = item.DomainName
-        break
-      }
-    }
-    if (!domain) {
-      throw new Error('can not find Domain ,' + dnsRecord)
-    }
-    return domain
-  }
-
-  async getRecords (domain, rr, value) {
-    const params = {
-      RegionId: 'cn-hangzhou',
-      DomainName: domain,
-      RRKeyWord: rr
-    }
-    if (value) {
-      params.ValueKeyWord = value
-    }
-
-    const requestOption = {
-      method: 'POST'
-    }
-
-    const ret = await this.client.request('DescribeDomainRecords', params, requestOption)
-    return ret.DomainRecords.Record
-  }
-
-  async createRecord ({ fullRecord, type, value }) {
-    this.logger.info('添加域名解析：', fullRecord, value)
-    const domain = await this.matchDomain(fullRecord)
-    const rr = fullRecord.replace('.' + domain, '')
-
-    const params = {
-      RegionId: 'cn-hangzhou',
-      DomainName: domain,
-      RR: rr,
-      Type: type,
-      Value: value
-      // Line: 'oversea' // 海外
-    }
-
-    const requestOption = {
-      method: 'POST'
-    }
-
-    try {
-      const ret = await this.client.request('AddDomainRecord', params, requestOption)
-      this.logger.info('添加域名解析成功:', value, value, ret.RecordId)
-      return ret.RecordId
-    } catch (e) {
-      if (e.code === 'DomainRecordDuplicate') {
-        return
-      }
-      this.logger.info('添加域名解析出错', e)
-      throw e
-    }
-  }
-
-  async removeRecord ({ fullRecord, type, value, record }) {
-    const params = {
-      RegionId: 'cn-hangzhou',
-      RecordId: record
-    }
-
-    const requestOption = {
-      method: 'POST'
-    }
-
-    const ret = await this.client.request('DeleteDomainRecord', params, requestOption)
-    this.logger.info('删除域名解析成功:', fullRecord, value, ret.RecordId)
-    return ret.RecordId
-  }
-}

packages/plugins/plugin-aliyun/src/index.js

@@ -1,25 +0,0 @@
-import _ from 'lodash'
-
-import { AliyunDnsProvider } from './dns-providers/aliyun.js'
-import { AliyunAccessProvider } from './access-providers/aliyun.js'
-import { UploadCertToAliyun } from './plugins/upload-to-aliyun/index.js'
-import { DeployCertToAliyunCDN } from './plugins/deploy-to-cdn/index.js'
-import { DeployCertToAliyunAckIngress } from './plugins/deploy-to-ack-ingress/index.js'
-
-import { pluginRegistry, accessProviderRegistry, dnsProviderRegistry } from '@certd/api'
-
-export const Plugins = {
-  UploadCertToAliyun,
-  DeployCertToAliyunCDN,
-  DeployCertToAliyunAckIngress
-}
-export default {
-  install () {
-    _.forEach(Plugins, item => {
-      pluginRegistry.install(item)
-    })
-
-    accessProviderRegistry.install(AliyunAccessProvider)
-    dnsProviderRegistry.install(AliyunDnsProvider)
-  }
-}

packages/plugins/plugin-aliyun/src/plugins/abstract-aliyun.js

@@ -1,9 +0,0 @@
-import { AbstractPlugin } from '@certd/api'
-
-export class AbstractAliyunPlugin extends AbstractPlugin {
-  checkRet (ret) {
-    if (ret.code != null) {
-      throw new Error('执行失败：', ret.Message)
-    }
-  }
-}

packages/plugins/plugin-aliyun/src/plugins/deploy-to-ack-ingress/index.js

@@ -1,199 +0,0 @@
-import { AbstractAliyunPlugin } from '../abstract-aliyun.js'
-import Core from '@alicloud/pop-core'
-import { K8sClient } from '@certd/plugin-common'
-const ROAClient = Core.ROAClient
-
-const define = {
-  name: 'deployCertToAliyunAckIngress',
-  title: '部署到阿里云AckIngress',
-  input: {
-    clusterId: {
-      title: '集群id',
-      component: {
-        placeholder: '集群id'
-      }
-    },
-    secretName: {
-      title: '保密字典Id',
-      component: {
-        placeholder: '保密字典Id'
-      },
-      required: true
-    },
-    regionId: {
-      title: '大区',
-      value: 'cn-shanghai',
-      component: {
-        placeholder: '集群所属大区'
-      },
-      required: true
-    },
-    namespace: {
-      title: '命名空间',
-      value: 'default',
-      component: {
-        placeholder: '命名空间'
-      },
-      required: true
-    },
-    ingressName: {
-      title: 'ingress名称',
-      value: '',
-      component: {
-        placeholder: 'ingress名称'
-      },
-      required: true,
-      helper: '可以传入一个数组'
-    },
-    ingressClass: {
-      title: 'ingress类型',
-      value: 'nginx',
-      component: {
-        placeholder: '暂时只支持nginx类型'
-      },
-      required: true
-    },
-    isPrivateIpAddress: {
-      title: '是否私网ip',
-      value: false,
-      component: {
-        placeholder: '集群连接端点是否是私网ip'
-      },
-      helper: '如果您当前certd运行在同一个私网下，可以选择是。',
-      required: true
-    },
-    accessProvider: {
-      title: 'Access授权',
-      type: [String, Object],
-      helper: 'AccessKey、AccessSecret',
-      component: {
-        name: 'access-selector',
-        type: 'aliyun'
-      },
-      required: true
-    }
-  },
-  output: {
-
-  }
-}
-
-export class DeployCertToAliyunAckIngress extends AbstractAliyunPlugin {
-  static define () {
-    return define
-  }
-
-  async execute ({ cert, props, context }) {
-    const accessProvider = this.getAccessProvider(props.accessProvider)
-    const client = this.getClient(accessProvider, props.regionId)
-
-    const kubeConfigStr = await this.getKubeConfig(client, props.clusterId, props.isPrivateIpAddress)
-
-    this.logger.info('kubeconfig已成功获取')
-    const k8sClient = new K8sClient(kubeConfigStr)
-    const ingressType = props.ingressClass || 'qcloud'
-    if (ingressType === 'qcloud') {
-      throw new Error('暂未实现')
-      // await this.patchQcloudCertSecret({ k8sClient, props, context })
-    } else {
-      await this.patchNginxCertSecret({ cert, k8sClient, props, context })
-    }
-
-    await this.sleep(3000) // 停留2秒，等待secret部署完成
-    // await this.restartIngress({ k8sClient, props })
-    return true
-  }
-
-  async restartIngress ({ k8sClient, props }) {
-    const { namespace } = props
-
-    const body = {
-      metadata: {
-        labels: {
-          certd: this.appendTimeSuffix('certd')
-        }
-      }
-    }
-    const ingressList = await k8sClient.getIngressList({ namespace })
-    console.log('ingressList:', ingressList)
-    if (!ingressList || !ingressList.body || !ingressList.body.items) {
-      return
-    }
-    const ingressNames = ingressList.body.items.filter(item => {
-      if (!item.spec.tls) {
-        return false
-      }
-      for (const tls of item.spec.tls) {
-        if (tls.secretName === props.secretName) {
-          return true
-        }
-      }
-      return false
-    }).map(item => {
-      return item.metadata.name
-    })
-    for (const ingress of ingressNames) {
-      await k8sClient.patchIngress({ namespace, ingressName: ingress, body })
-      this.logger.info(`ingress已重启:${ingress}`)
-    }
-  }
-
-  async patchNginxCertSecret ({ cert, k8sClient, props, context }) {
-    const crt = cert.crt
-    const key = cert.key
-    const crtBase64 = Buffer.from(crt).toString('base64')
-    const keyBase64 = Buffer.from(key).toString('base64')
-
-    const { namespace, secretName } = props
-
-    const body = {
-      data: {
-        'tls.crt': crtBase64,
-        'tls.key': keyBase64
-      },
-      metadata: {
-        labels: {
-          certd: this.appendTimeSuffix('certd')
-        }
-      }
-    }
-    let secretNames = secretName
-    if (typeof secretName === 'string') {
-      secretNames = [secretName]
-    }
-    for (const secret of secretNames) {
-      await k8sClient.patchSecret({ namespace, secretName: secret, body })
-      this.logger.info(`CertSecret已更新:${secret}`)
-    }
-  }
-
-  getClient (aliyunProvider, regionId) {
-    return new ROAClient({
-      accessKeyId: aliyunProvider.accessKeyId,
-      accessKeySecret: aliyunProvider.accessKeySecret,
-      endpoint: `https://cs.${regionId}.aliyuncs.com`,
-      apiVersion: '2015-12-15'
-    })
-  }
-
-  async getKubeConfig (client, clusterId, isPrivateIpAddress = false) {
-    const httpMethod = 'GET'
-    const uriPath = `/k8s/${clusterId}/user_config`
-    const queries = {
-      PrivateIpAddress: isPrivateIpAddress
-    }
-    const body = '{}'
-    const headers = {
-      'Content-Type': 'application/json'
-    }
-    const requestOption = {}
-
-    try {
-      const res = await client.request(httpMethod, uriPath, queries, body, headers, requestOption)
-      return res.config
-    } catch (e) {
-      console.error('请求出错：', e)
-      throw e
-    }
-  }
-}

packages/plugins/plugin-aliyun/src/plugins/deploy-to-cdn/index.js

@@ -1,95 +0,0 @@
-import { AbstractAliyunPlugin } from '../abstract-aliyun.js'
-import Core from '@alicloud/pop-core'
-import dayjs from 'dayjs'
-
-const define = {
-  name: 'deployCertToAliyunCDN',
-  title: '部署到阿里云CDN',
-  input: {
-    domainName: {
-      title: 'cdn加速域名',
-      component: {
-        placeholder: 'cdn加速域名'
-      },
-      required: true
-    },
-    certName: {
-      title: '证书名称',
-      component: {
-        placeholder: '上传后将以此名称作为前缀'
-      }
-    },
-    from: {
-      value: 'upload',
-      title: '证书来源',
-      required: true,
-      component: {
-        placeholder: '证书来源',
-        name: 'a-select',
-        options: [
-          { value: 'upload', label: '直接上传' }
-        ]
-      }
-    },
-    accessProvider: {
-      label: 'Access提供者',
-      type: [String, Object],
-      desc: 'access授权',
-      component: {
-        name: 'access-selector',
-        type: 'aliyun'
-      },
-      required: true
-    }
-  },
-  output: {
-
-  }
-}
-
-export class DeployCertToAliyunCDN extends AbstractAliyunPlugin {
-  static define () {
-    return define
-  }
-
-  async execute ({ cert, props, context }) {
-    const accessProvider = this.getAccessProvider(props.accessProvider)
-    const client = this.getClient(accessProvider)
-    const params = this.buildParams(props, context, cert)
-    await this.doRequest(client, params)
-  }
-
-  getClient (aliyunProvider) {
-    return new Core({
-      accessKeyId: aliyunProvider.accessKeyId,
-      accessKeySecret: aliyunProvider.accessKeySecret,
-      endpoint: 'https://cdn.aliyuncs.com',
-      apiVersion: '2018-05-10'
-    })
-  }
-
-  buildParams (args, context, cert) {
-    const { certName, from, domainName } = args
-    const CertName = certName + '-' + dayjs().format('YYYYMMDDHHmmss')
-
-    const params = {
-      RegionId: 'cn-hangzhou',
-      DomainName: domainName,
-      ServerCertificateStatus: 'on',
-      CertName: CertName,
-      CertType: from,
-      ServerCertificate: cert.crt,
-      PrivateKey: cert.key
-    }
-    return params
-  }
-
-  async doRequest (client, params) {
-    const requestOption = {
-      method: 'POST'
-    }
-    const ret = await client.request('SetDomainServerCertificate', params, requestOption)
-    this.checkRet(ret)
-    this.logger.info('设置cdn证书成功:', ret.RequestId)
-  }
-}

packages/plugins/plugin-aliyun/src/plugins/upload-to-aliyun/index.js

@@ -1,106 +0,0 @@
-import Core from '@alicloud/pop-core'
-import { AbstractAliyunPlugin } from '../abstract-aliyun.js'
-import { ZoneOptions } from '../../utils/index.js'
-
-const define = {
-  name: 'uploadCertToAliyun',
-  title: '上传证书到阿里云',
-  desc: '',
-  input: {
-    name: {
-      title: '证书名称',
-      helper: '证书上传后将以此参数作为名称前缀'
-    },
-    regionId: {
-      title: '大区',
-      value: 'cn-hangzhou',
-      component: {
-        name: 'a-select',
-        vModel: 'value',
-        options: ZoneOptions
-      },
-      required: true
-    },
-    accessProvider: {
-      title: 'Access授权',
-      helper: 'Access授权',
-      component: {
-        name: 'access-selector',
-        type: 'aliyun'
-      },
-      required: true
-    }
-  },
-  output: {
-    aliyunCertId: {
-      type: String,
-      desc: '上传成功后的阿里云CertId'
-    }
-  }
-}
-
-export class UploadCertToAliyun extends AbstractAliyunPlugin {
-  static define () {
-    return define
-  }
-
-  getClient (aliyunProvider) {
-    return new Core({
-      accessKeyId: aliyunProvider.accessKeyId,
-      accessKeySecret: aliyunProvider.accessKeySecret,
-      endpoint: 'https://cas.aliyuncs.com',
-      apiVersion: '2018-07-13'
-    })
-  }
-
-  async execute ({ cert, props, context }) {
-    const { name, accessProvider } = props
-    const certName = this.appendTimeSuffix(name || cert.domain)
-    const params = {
-      RegionId: props.regionId || 'cn-hangzhou',
-      Name: certName,
-      Cert: cert.crt,
-      Key: cert.key
-    }
-
-    const requestOption = {
-      method: 'POST'
-    }
-
-    const provider = this.getAccessProvider(accessProvider)
-    const client = this.getClient(provider)
-    const ret = await client.request('CreateUserCertificate', params, requestOption)
-    this.checkRet(ret)
-    this.logger.info('证书上传成功：aliyunCertId=', ret.CertId)
-    context.aliyunCertId = ret.CertId
-  }
-
-  /**
-   * 没用，现在阿里云证书不允许删除
-   * @param accessProviders
-   * @param cert
-   * @param props
-   * @param context
-   * @returns {Promise<void>}
-   */
-  async rollback ({ cert, props, context }) {
-    const { accessProvider } = props
-    const { aliyunCertId } = context
-    this.logger.info('准备删除阿里云证书:', aliyunCertId)
-    const params = {
-      RegionId: props.regionId || 'cn-hangzhou',
-      CertId: aliyunCertId
-    }
-
-    const requestOption = {
-      method: 'POST'
-    }
-
-    const provider = this.getAccessProvider(accessProvider)
-    const client = this.getClient(provider)
-    const ret = await client.request('DeleteUserCertificate', params, requestOption)
-    this.checkRet(ret)
-    this.logger.info('证书删除成功:', aliyunCertId)
-    delete context.aliyunCertId
-  }
-}

packages/plugins/plugin-aliyun/src/utils/index.js

@@ -1,3 +0,0 @@
-export const ZoneOptions = [
-  { value: 'cn-hangzhou' }
-]