chore: 支持手动上传证书并部署

2026-04-23 19:57:27 +08:00 · 2025-03-18 00:52:50 +08:00
parent 29a6a992f0
commit de40be430b
74 changed files with 1040 additions and 597 deletions
@@ -1,10 +1,10 @@
-import { Provide, Scope, ScopeEnum } from '@midwayjs/core';
-import { BaseService, CodeException, CommonException, Constants, PageReq } from '@certd/lib-server';
-import { InjectEntityModel } from '@midwayjs/typeorm';
-import { Repository } from 'typeorm';
-import { CertInfoEntity } from '../entity/cert-info.js';
-import { utils } from '@certd/basic';
-import { CertInfo, CertReader } from '@certd/plugin-cert';
+import { Provide, Scope, ScopeEnum } from "@midwayjs/core";
+import { BaseService, CodeException, Constants, PageReq } from "@certd/lib-server";
+import { InjectEntityModel } from "@midwayjs/typeorm";
+import { Repository } from "typeorm";
+import { CertInfoEntity } from "../entity/cert-info.js";
+import { utils } from "@certd/basic";
+import { CertInfo, CertReader } from "@certd/plugin-cert";

 export type UploadCertReq = {
  id?: number;
@@ -13,6 +13,7 @@ export type UploadCertReq = {
  userId?: number;
 };

+
@Provide("CertInfoService")
@Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class CertInfoService extends BaseService<CertInfoEntity> {
@@ -168,17 +169,4 @@ export class CertInfoService extends BaseService<CertInfoEntity> {
    return bean;
  }

-  async upload(body: { id?: number; userId?:number ;cert: CertInfo }) {
-    const { id, userId, cert } = body;
-    if (!cert) {
-      throw new CommonException("cert can't be empty");
-    }
-    const res = await this.updateCert({
-      id,
-      certReader: new CertReader(cert),
-      fromType: 'upload',
-      userId
-    });
-    return res.id;
-  }
 }
@@ -0,0 +1,178 @@
+import { Inject, Provide, Scope, ScopeEnum } from "@midwayjs/core";
+import { BaseService, CommonException } from "@certd/lib-server";
+import { InjectEntityModel } from "@midwayjs/typeorm";
+import { EntityManager, Repository } from "typeorm";
+import { CertInfoEntity } from "../entity/cert-info.js";
+import { logger } from "@certd/basic";
+import { CertInfo, CertReader } from "@certd/plugin-cert";
+import { PipelineService } from "../../pipeline/service/pipeline-service.js";
+import { CertInfoService } from "./cert-info-service.js";
+import { PipelineEntity } from "../../pipeline/entity/pipeline.js";
+import { nanoid } from "nanoid";
+
+export type UploadCertReq = {
+  id?: number;
+  certReader: CertReader;
+  fromType?: string;
+  userId?: number;
+};
+
+export type UpdateCertReq = {
+  id: number;
+  cert: CertInfo;
+  userId?: number;
+};
+
+export type CreateUploadPipelineReq = {
+  cert: CertInfo;
+  userId: number;
+};
+
+@Provide("CertUploadService")
+@Scope(ScopeEnum.Request, { allowDowngrade: true })
+export class CertUploadService extends BaseService<CertInfoEntity> {
+  @InjectEntityModel(CertInfoEntity)
+  repository: Repository<CertInfoEntity>;
+
+  @Inject()
+  pipelineService: PipelineService;
+  @Inject()
+  certInfoService: CertInfoService;
+
+  //@ts-ignore
+  getRepository() {
+    return this.repository;
+  }
+
+
+  /**
+   * 更新证书，触发流水线
+   * @param req
+   */
+  async updateCert(req: UpdateCertReq) {
+
+    const certInfoEntity = await this.certInfoService.info(req.id);
+    if (!certInfoEntity) {
+      throw new CommonException("cert not found");
+    }
+    if(certInfoEntity.fromType !== 'upload') {
+      throw new CommonException("cert can't be custom upload");
+    }
+    await this.uploadCert(this.repository.manager,{
+      id: req.id,
+      fromType: 'upload',
+      userId: req.userId,
+      certReader: new CertReader(req.cert)
+    })
+
+    if (certInfoEntity.pipelineId) {
+      logger.info( `触发流水线部署：${certInfoEntity.pipelineId}`)
+      await this.pipelineService.trigger(certInfoEntity.pipelineId)
+    }
+  }
+
+  async createUploadCertPipeline(body:CreateUploadPipelineReq) {
+    const {  userId, cert  } = body;
+
+    if (!cert) {
+      throw new CommonException("cert can't be empty");
+    }
+    const certReader =  new CertReader(cert)
+    return await this.transaction(async (tx:EntityManager)=>{
+      const newCertInfo = await this.uploadCert(tx,{
+        certReader: certReader,
+        fromType: 'upload',
+        userId
+      });
+
+      const pipelineTitle = certReader.getAllDomains()[0] +"上传证书自动部署";
+      const notifications = [];
+      notifications.push({
+        type: "custom",
+        when: ["error", "turnToSuccess", "success"],
+        notificationId: 0,
+        title: "默认通知",
+      });
+      let pipeline = {
+        id: nanoid(10),
+        title: pipelineTitle,
+        runnableType: "pipeline",
+        stages: [
+          {
+            id: nanoid(10),
+            title: "上传证书解析阶段",
+            maxTaskCount: 1,
+            runnableType: "stage",
+            tasks: [
+              {
+                id: nanoid(10),
+                title: "上传证书解析任务",
+                runnableType: "task",
+                steps: [
+                  {
+                    id: nanoid(10),
+                    title: "上传证书解析",
+                    runnableType: "step",
+                    input: {
+                      certInfoId: newCertInfo.id,
+                      domains: newCertInfo.domains.split(','),
+                    },
+                    strategy: {
+                      runStrategy: 0, // 正常执行
+                    },
+                    type: "CertApplyUpload",
+                  },
+                ],
+              },
+            ],
+          },
+        ],
+        triggers:[],
+        notifications,
+      }
+      const newPipeline = await tx.getRepository(PipelineEntity).save({
+        userId,
+        title: pipelineTitle,
+        type:"cert",
+        from:"cert_upload",
+        content: JSON.stringify(pipeline),
+        keepHistory:20,
+      })
+
+      newCertInfo.pipelineId = newPipeline.id;
+      await tx.getRepository(CertInfoEntity).save({
+        id: newCertInfo.id,
+        pipelineId: newPipeline.id
+      });
+
+      return newCertInfo.id
+
+    })
+
+  }
+
+  private async uploadCert(tx:EntityManager,req: UploadCertReq) {
+    const bean = new CertInfoEntity();
+    const { id, fromType,userId, certReader } = req;
+    if (id) {
+      bean.id = id;
+    } else {
+      bean.fromType = fromType;
+      bean.userId = userId
+    }
+    const certInfo = certReader.toCertInfo();
+    bean.certInfo = JSON.stringify(certInfo);
+    bean.applyTime = new Date().getTime();
+    const domains = certReader.detail.domains.altNames;
+    bean.domains = domains.join(',');
+    bean.domain = domains[0];
+    bean.domainCount = domains.length;
+    bean.expiresTime = certReader.expires;
+    bean.certProvider = certReader.detail.issuer.commonName;
+
+
+    await tx.getRepository(CertInfoEntity).save(bean);
+    return bean;
+  }
+
+}
@@ -1,6 +1,6 @@
-import { Config, Inject, Provide, Scope, ScopeEnum, sleep } from '@midwayjs/core';
-import { InjectEntityModel } from '@midwayjs/typeorm';
-import { In, MoreThan, Repository } from 'typeorm';
+import { Config, Inject, Provide, Scope, ScopeEnum, sleep } from "@midwayjs/core";
+import { InjectEntityModel } from "@midwayjs/typeorm";
+import { In, MoreThan, Repository } from "typeorm";
 import {
  AccessGetter,
  AccessService,
@@ -10,35 +10,37 @@ import {
  PageReq,
  SysPublicSettings,
  SysSettingsService,
-  SysSiteInfo,
-} from '@certd/lib-server';
-import { PipelineEntity } from '../entity/pipeline.js';
-import { PipelineDetail } from '../entity/vo/pipeline-detail.js';
-import { Executor, Pipeline, ResultType, RunHistory, RunnableCollection, SysInfo, UserInfo } from '@certd/pipeline';
-import { DbStorage } from './db-storage.js';
-import { StorageService } from './storage-service.js';
-import { Cron } from '../../cron/cron.js';
-import { HistoryService } from './history-service.js';
-import { HistoryEntity } from '../entity/history.js';
-import { HistoryLogEntity } from '../entity/history-log.js';
-import { HistoryLogService } from './history-log-service.js';
-import { EmailService } from '../../basic/service/email-service.js';
-import { UserService } from '../../sys/authority/service/user-service.js';
-import { CnameRecordService } from '../../cname/service/cname-record-service.js';
-import { CnameProxyService } from './cname-proxy-service.js';
-import { PluginConfigGetter } from '../../plugin/service/plugin-config-getter.js';
-import dayjs from 'dayjs';
-import { DbAdapter } from '../../db/index.js';
-import { isComm } from '@certd/plus-core';
-import { logger } from '@certd/basic';
-import { UrlService } from './url-service.js';
-import { NotificationService } from './notification-service.js';
-import { NotificationGetter } from './notification-getter.js';
-import { UserSuiteEntity, UserSuiteService } from '@certd/commercial-core';
-import { CertInfoService } from '../../monitor/service/cert-info-service.js';
+  SysSiteInfo
+} from "@certd/lib-server";
+import { PipelineEntity } from "../entity/pipeline.js";
+import { PipelineDetail } from "../entity/vo/pipeline-detail.js";
+import { Executor, Pipeline, ResultType, RunHistory, RunnableCollection, SysInfo, UserInfo } from "@certd/pipeline";
+import { DbStorage } from "./db-storage.js";
+import { StorageService } from "./storage-service.js";
+import { Cron } from "../../cron/cron.js";
+import { HistoryService } from "./history-service.js";
+import { HistoryEntity } from "../entity/history.js";
+import { HistoryLogEntity } from "../entity/history-log.js";
+import { HistoryLogService } from "./history-log-service.js";
+import { EmailService } from "../../basic/service/email-service.js";
+import { UserService } from "../../sys/authority/service/user-service.js";
+import { CnameRecordService } from "../../cname/service/cname-record-service.js";
+import { CnameProxyService } from "./cname-proxy-service.js";
+import { PluginConfigGetter } from "../../plugin/service/plugin-config-getter.js";
+import dayjs from "dayjs";
+import { DbAdapter } from "../../db/index.js";
+import { isComm } from "@certd/plus-core";
+import { logger } from "@certd/basic";
+import { UrlService } from "./url-service.js";
+import { NotificationService } from "./notification-service.js";
+import { NotificationGetter } from "./notification-getter.js";
+import { UserSuiteEntity, UserSuiteService } from "@certd/commercial-core";
+import { CertInfoService } from "../../monitor/service/cert-info-service.js";

 const runningTasks: Map<string | number, Executor> = new Map();

+
+
 /**
 * 证书申请
 */
@@ -191,7 +193,10 @@ export class PipelineService extends BaseService<PipelineEntity> {
    await this.registerTriggerById(bean.id);

    //保存域名信息到certInfo表
-    await this.certInfoService.updateDomains(pipeline.id, pipeline.userId || bean.userId, domains);
+    if(bean.from !== 'cert_upload'){
+      await this.certInfoService.updateDomains(pipeline.id, pipeline.userId || bean.userId, domains);
+    }
+
    return bean;
  }

@@ -478,8 +483,10 @@ export class PipelineService extends BaseService<PipelineEntity> {
    const serviceContainer = {
      CertInfoService: this.certInfoService
    }
-    const serviceGetter = (name: string) => {
-      return serviceContainer[name]
+    const serviceGetter = {
+      get:(name: string) => {
+        return serviceContainer[name]
+      }
    }
    const executor = new Executor({
      user,
@@ -684,4 +691,7 @@ export class PipelineService extends BaseService<PipelineEntity> {
      },
    });
  }
+
+
+
 }