perf: 添加Azure DNS插件支持及文档

添加Azure DNS插件实现，包括DNS记录管理和授权配置新增Azure使用文档和配置截图更新依赖添加@azure/arm-dns和@azure/identity包
perf: 支持google dns插件
2026-04-26 05:37:25 +08:00 · 2026-04-26 03:36:33 +08:00 · 2026-04-26 01:56:08 +08:00 · 2026-04-26 00:51:05 +08:00 · 2026-04-26 00:12:37 +08:00 · 2026-04-25 19:01:06 +08:00
496 changed files with 24967 additions and 2859 deletions
@@ -4,7 +4,7 @@ on:
    branches: ['v2-dev']
    paths:
      - "trigger/build.trigger"
-
+  workflow_dispatch:    # 添加手动触发
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
 #    - cron: '17 19 * * *'
@@ -21,7 +21,7 @@ jobs:
        with:
          fetch-depth: 0
          lfs: true
-
+          ref: 'v2-dev'
      - name: get_certd_version
        id: get_certd_version
        uses: actions/github-script@v6
@@ -8,6 +8,8 @@ on:
    workflows: [ "build-image" ]
    types:
      - completed
  workflow_dispatch:    # 添加手动触发
 #  schedule:
@@ -26,6 +28,7 @@ jobs:
        with:
          fetch-depth: 0
          ref: v2-dev
      - name: get_certd_version
        id: get_certd_version
        uses: actions/github-script@v6
@@ -43,7 +46,7 @@ jobs:
        with:
          time: '10' # for 60 seconds
      - name: deploy-certd-demo
-        uses: tyrrrz/action-http-request@master
+        uses: tyrrrz/action-http-request@prime
        with:
          # 通过webhook 触发 certd-demo来部署
          url: ${{ secrets.WEBHOOK_CERTD_DEMO }}
@@ -8,7 +8,7 @@ on:
    workflows: [ "build-image-for-release" ]
    types:
      - completed
-
+  workflow_dispatch:    # 添加手动触发
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
 #    - cron: '17 19 * * *'
@@ -19,13 +19,17 @@ permissions:
 jobs:
  publish-atomgit:
    runs-on: ubuntu-latest
-    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    if: |
      github.event_name == 'workflow_dispatch' || 
      (github.event.workflow_run.conclusion == 'success')
    steps:
      - name: Checkout Code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
          lfs: true
          ref: 'v2-dev'
      - name: get_certd_version
        id: get_certd_version
        uses: actions/github-script@v6
@@ -8,7 +8,7 @@ on:
    workflows: [ "build-image-for-release" ]
    types:
      - completed
-
+  workflow_dispatch:    # 添加手动触发
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
 #    - cron: '17 19 * * *'
@@ -19,13 +19,16 @@ permissions:
 jobs:
  publish-gitee:
    runs-on: ubuntu-latest
-    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    if: |
      github.event_name == 'workflow_dispatch' || 
      (github.event.workflow_run.conclusion == 'success')
    steps:
      - name: Checkout Code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
          lfs: true
          ref: 'v2-dev'
      - name: publish_to_gitee
        id: publish_to_gitee
@@ -8,7 +8,7 @@ on:
    workflows: [ "build-image-for-release" ]
    types:
      - completed
-
+  workflow_dispatch:    # 添加手动触发
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
 #    - cron: '17 19 * * *'
@@ -19,13 +19,16 @@ permissions:
 jobs:
  publish-github:
    runs-on: ubuntu-latest
-    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    if: |
      github.event_name == 'workflow_dispatch' || 
      (github.event.workflow_run.conclusion == 'success')
    steps:
      - name: Checkout Code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
          lfs: true
          ref: 'v2-dev'
      - name: publish_to_github
        id: publish_to_github
@@ -4,6 +4,7 @@ on:
    branches: ['v2-dev']
    paths:
      - "trigger/release.trigger"
  workflow_dispatch:    # 添加手动触发
 #  workflow_run:
 #    workflows: [ "deploy-demo" ]
 #    types:
@@ -25,6 +26,7 @@ jobs:
        with:
          fetch-depth: 0
          lfs: true
          ref: 'v2-dev'
      - name: get_certd_version
        id: get_certd_version
@@ -118,7 +120,7 @@ jobs:
 #            greper/certd-agent:latest
 #            greper/certd-agent:${{steps.get_certd_version.outputs.result}}
      - name: deploy-certd-doc
-        uses: tyrrrz/action-http-request@master
+        uses: tyrrrz/action-http-request@prime
        with:
          url: ${{ secrets.WEBHOOK_CERTD_DOC }}
          method: POST
@@ -17,6 +17,7 @@ jobs:
        with:
          fetch-depth: 0
          lfs: true
          ref: v2-dev
      - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
        run: |
          git config --global user.name "xiaojunnuo"
@@ -17,6 +17,7 @@ jobs:
        with:
          fetch-depth: 0
          lfs: true
          ref: v2
      - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
        run: |
          git config --global user.name "xiaojunnuo"
@@ -0,0 +1,35 @@
 name: sync-to-cnb-dev
 on:
  push:
    branches: ['v2-dev']
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
 #    - cron: '17 19 * * *'
 permissions:
  contents: read
 jobs:
  sync:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout work repo            # 1. 检出当前仓库(certd-sync-work)
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
          lfs: true
          ref: v2-dev
      - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
        run: |
          git config --global user.name "xiaojunnuo"
          git config --global user.email "xiaojunnuo@qq.com"
      - name: Set git token                 # 3. 给git命令设置token，用于push到目标仓库
        uses: de-vri-es/setup-git-credentials@v2
        with:                              # token 格式为： username:password
          credentials: https://cnb:${{secrets.CNB_TOKEN}}@cnb.cool
      - name: push to cnb               # 4. 执行同步
        run: |
          git remote add upstream https://cnb.cool/certd/certd.git
          git push --set-upstream upstream v2-dev
@@ -0,0 +1,34 @@
 name: sync-to-cnb
 on:
  push:
    branches: ['v2']
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
 #    - cron: '17 19 * * *'
 permissions:
  contents: read
 jobs:
  sync:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout work repo            # 1. 检出当前仓库(certd-sync-work)
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
          lfs: true
      - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
        run: |
          git config --global user.name "xiaojunnuo"
          git config --global user.email "xiaojunnuo@qq.com"
      - name: Set git token                 # 3. 给git命令设置token，用于push到目标仓库
        uses: de-vri-es/setup-git-credentials@v2
        with:                              # token 格式为： username:password
          credentials: https://cnb:${{secrets.CNB_TOKEN}}@cnb.cool
      - name: push to cnb               # 4. 执行同步
        run: |
          git remote add upstream https://cnb.cool/certd/certd.git
          git push --set-upstream upstream v2
@@ -17,6 +17,7 @@ jobs:
        with:
          fetch-depth: 0
          lfs: true
          ref: v2-dev
      - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
        run: |
          git config --global user.name "xiaojunnuo"
@@ -1,163 +1,59 @@
 ---
 name: access-plugin-dev
 description: 用于开发 Certd 系统中的 Access 插件，存储用户第三方应用授权数据并对接实现第三方 API 接口。当用户需要创建授权插件、实现第三方API接口、添加新的授权方式或修改现有 Access 插件时触发。
 version: 1.0.0
 ---
 # Access 插件开发技能
-## 什么是 Access 插件
+## 角色定义
 你是一名 Certd 插件开发专家，擅长创建和实现 Access 类型的插件，熟悉 TypeScript 编程和 Certd 插件开发规范。
-Access 插件是 Certd 系统中用于存储用户第三方应用授权数据的插件，例如用户名密码、accessSecret 或 accessToken 等。同时，它还负责对接实现第三方的 API 接口，供其他插件调用使用。
+## 核心指令
 请严格按照以下步骤执行任务：
-## 开发步骤
+1. **导入必要的依赖**
   - 导入 `AccessInput`, `BaseAccess`, `IsAccess`, `Pager`, `PageRes`, `PageSearch` 等必要的类型和装饰器
   - 导入 `DomainRecord` 等相关类型
-### 1. 导入必要的依赖
+2. **使用 @IsAccess 注解注册插件**
   - 配置插件的唯一标识、标题、图标和描述
   - 继承 `BaseAccess` 类
-```typescript
+3. **定义授权属性**
-import { AccessInput, BaseAccess, IsAccess, Pager, PageRes, PageSearch } from '@certd/pipeline';
+   - 使用 `@AccessInput` 注解定义授权属性
-import { DomainRecord } from '@certd/plugin-lib';
+   - 配置属性的标题、默认值、组件类型和验证规则
-```
+   - 对于敏感信息，设置 `encrypt: true` 进行加密
-### 2. 使用 @IsAccess 注解注册插件
+4. **实现测试方法**
   - 添加测试按钮配置
   - 实现 `onTestRequest` 方法，用于测试接口调用是否正常
-```typescript
+5. **实现 API 方法**
-@IsAccess({
+   - 实现必要的 API 方法，如 `GetDomainList`
-  name: 'demo', // 插件唯一标识
+   - 封装统一的 API 请求方法 `doRequest`，处理错误和日志
  title: '授权插件示例', // 插件标题
  icon: 'clarity:plugin-line', // 插件图标
  desc: '这是一个示例授权插件，用于演示如何实现一个授权插件', // 插件描述
 })
 export class DemoAccess extends BaseAccess {
  // 插件实现...
 }
 ```
-### 3. 定义授权属性
+6. **遵循开发最佳实践**
   - 使用 `this.ctx.logger` 输出日志
   - 统一处理错误，抛出明确的错误信息
   - 实现代码复用，避免重复逻辑
-使用 `@AccessInput` 注解定义授权属性：
+## 输出规范
 - 必须包含完整的插件实现代码，包括所有必要的导入语句
 - 代码必须包含详细的注释说明，解释每个步骤的目的和实现细节
 - 提供完整的示例代码，展示插件的使用方法，包括不同类型的授权方式
 - 代码块必须使用正确的语法高亮，确保代码可读性
 - 包含开发技巧和注意事项，帮助开发者避免常见错误
 - 输出内容必须结构清晰，使用适当的标题和列表格式
-```typescript
+## 示例
@AccessInput({
  title: '授权方式',
  value: 'apiKey', // 默认值
  component: {
    name: "a-select", // 基于 antdv 的输入组件
    vModel: "value", // v-model 绑定的属性名
    options: [ // 组件参数
      { label: "API密钥（推荐）", value: "apiKey" },
      { label: "账号密码", value: "account" },
    ],
    placeholder: 'demoKeyId',
  },
  required: true,
 })
 apiType = '';
-@AccessInput({
+### 示例 1: 基本 Access 插件
  title: '密钥Id',
  component: {
    name:"a-input",
    allowClear: true,
    placeholder: 'demoKeyId',
  },
  required: true,
 })
 demoKeyId = '';
-@AccessInput({
+#### 用户输入
-  title: '密钥',//标题
+创建一个 Access 插件，用于存储第三方应用的授权信息并提供 API 接口。
  required: true,  //text组件可以省略
  encrypt: true, //该属性是否需要加密
 })
 demoKeySecret = '';
 ```
-### 4. 实现测试方法
+#### 你的回答
 ```typescript
@AccessInput({
  title: "测试",
  component: {
    name: "api-test",
    action: "TestRequest"
  },
  helper: "点击测试接口是否正常"
 })
 testRequest = true;
 /**
 * 会通过上面的testRequest参数在ui界面上生成测试按钮，供用户测试接口调用是否正常
 */
 async onTestRequest() {
  await this.GetDomainList({});
  return "ok"
 }
 ```
 ### 5. 实现 API 方法
 ```typescript
 /**
 * 获api接口示例 取域名列表，
 */
 async GetDomainList(req: PageSearch): Promise<PageRes<DomainRecord>> {
  //输出日志必须使用ctx.logger
  this.ctx.logger.info(`获取域名列表，req:${JSON.stringify(req)}`);
  const pager = new Pager(req);
  const resp = await this.doRequest({
    action: "ListDomains",
    data: {
      domain: req.searchKey,
      offset: pager.getOffset(),
      limit: pager.pageSize,
    }
  });
  const total = resp?.TotalCount || 0;
  let list = resp?.DomainList?.map((item) => {
    item.domain = item.Domain;
    item.id = item.DomainId;
    return item;
  })
  return {
    total,
    list
  };
 }
 /**
 *  通用api调用方法, 具体如何构造请求体，需参考对应应用的API文档
 */
 async doRequest(req: { action: string, data?: any }) {
  /**
      this.ctx中包含很多有用的工具类
      type AccessContext = {
        http: HttpClient;
        logger: ILogger;
        utils: typeof utils;
        accessService: IAccessService;
      }
   */
  const res = await this.ctx.http.request({
    url: "https://api.demo.cn/api/",
    method: "POST",
    data: {
      Action: req.action,
      Body: req.data
    }
  });
  if (res.Code !== 0) {
    //异常处理 
    throw new Error(res.Message || "请求失败");
  }
  return res.Resp;
 }
 ```
 ## 注意事项
 1. **插件命名**：插件名称应简洁明了，反映其功能。
 2. **属性加密**：对于敏感信息（如密钥），应设置 `encrypt: true`。
 3. **日志输出**：必须使用 `this.ctx.logger` 输出日志，而不是 `console`。
 4. **错误处理**：API 调用失败时应抛出明确的错误信息。
 5. **测试方法**：实现 `onTestRequest` 方法，以便用户可以测试授权是否正常。
 ## 完整示例
 ```typescript
 import { AccessInput, BaseAccess, IsAccess, Pager, PageRes, PageSearch } from '@certd/pipeline';
@@ -221,7 +117,6 @@ export class DemoAccess extends BaseAccess {
  })
  demoKeySecret = '';
  @AccessInput({
    title: "测试",
    component: {
@@ -241,7 +136,7 @@ export class DemoAccess extends BaseAccess {
  }
  /**
-   * 获api接口示例 取域名列表，
+   * api接口示例 获取域名列表
   */
  async GetDomainList(req: PageSearch): Promise<PageRes<DomainRecord>> {
    //输出日志必须使用ctx.logger
@@ -267,21 +162,10 @@ export class DemoAccess extends BaseAccess {
    };
  }
  // 还可以继续编写API
  /**
   * 通用api调用方法, 具体如何构造请求体，需参考对应应用的API文档
   */
  async doRequest(req: { action: string, data?: any }) {
    /**
        this.ctx中包含很多有用的工具类
        type AccessContext = {
          http: HttpClient;
          logger: ILogger;
          utils: typeof utils;
          accessService: IAccessService;
        }
     */
    const res = await this.ctx.http.request({
      url: "https://api.demo.cn/api/",
      method: "POST",
@@ -299,3 +183,223 @@ export class DemoAccess extends BaseAccess {
  }
 }
 ```
 ### 示例 2: 支持 OAuth 授权的 Access 插件
 #### 用户输入
 创建一个支持 OAuth 授权方式的 Access 插件。
 #### 你的回答
 ```typescript
 import { AccessInput, BaseAccess, IsAccess, Pager, PageRes, PageSearch } from '@certd/pipeline';
 import { DomainRecord } from '@certd/plugin-lib';
 /**
 * OAuth 授权插件示例
 */
@IsAccess({
  name: 'oauth-demo',
  title: 'OAuth授权插件示例',
  icon: 'clarity:plugin-line',
  desc: '这是一个支持OAuth授权的插件示例',
 })
 export class OAuthDemoAccess extends BaseAccess {
  @AccessInput({
    title: '授权方式',
    value: 'oauth',
    component: {
      name: "a-select",
      vModel: "value",
      options: [
        {
          label: "OAuth授权",
          value: "oauth"
        },
        {
          label: "API密钥",
          value: "apiKey"
        },
      ],
    },
    required: true,
  })
  authType = '';
  @AccessInput({
    title: '客户端ID',
    component: {
      name:"a-input",
      placeholder: 'Client ID',
    },
    required: true,
  })
  clientId = '';
  @AccessInput({
    title: '客户端密钥',
    required: true,
    encrypt: true,
  })
  clientSecret = '';
  @AccessInput({
    title: '授权回调地址',
    component: {
      name:"a-input",
      placeholder: 'https://your-domain.com/callback',
    },
    required: true,
  })
  redirectUri = '';
  @AccessInput({
    title: 'AccessToken',
    required: true,
    encrypt: true,
  })
  accessToken = '';
  @AccessInput({
    title: 'RefreshToken',
    encrypt: true,
  })
  refreshToken = '';
  @AccessInput({
    title: "测试",
    component: {
      name: "api-test",
      action: "TestOAuth"
    },
    helper: "点击测试OAuth授权是否正常"
  })
  testOAuth = true;
  /**
   * 测试OAuth授权
   */
  async onTestOAuth() {
    try {
      // 测试AccessToken是否有效
      const result = await this.doOAuthRequest('GET', '/api/user/profile');
      this.ctx.logger.info('OAuth测试成功:', result);
      return "OAuth授权测试成功";
    } catch (error) {
      this.ctx.logger.error('OAuth测试失败:', error);
      throw new Error('OAuth授权测试失败');
    }
  }
  /**
   * OAuth API请求方法
   */
  async doOAuthRequest(method: string, endpoint: string, data?: any) {
    const res = await this.ctx.http.request({
      url: `https://api.oauth-demo.com${endpoint}`,
      method,
      headers: {
        'Authorization': `Bearer ${this.accessToken}`,
        'Content-Type': 'application/json'
      },
      data
    });
    if (res.status !== 200) {
      throw new Error(`API请求失败: ${res.status} ${res.statusText}`);
    }
    return res.data;
  }
  /**
   * 刷新AccessToken
   */
  async refreshAccessToken() {
    if (!this.refreshToken) {
      throw new Error('没有提供RefreshToken');
    }
    const res = await this.ctx.http.request({
      url: 'https://api.oauth-demo.com/oauth/token',
      method: 'POST',
      data: {
        grant_type: 'refresh_token',
        refresh_token: this.refreshToken,
        client_id: this.clientId,
        client_secret: this.clientSecret
      }
    });
    if (res.status === 200 && res.data.access_token) {
      this.accessToken = res.data.access_token;
      if (res.data.refresh_token) {
        this.refreshToken = res.data.refresh_token;
      }
      return true;
    }
    throw new Error('刷新AccessToken失败');
  }
  /**
   * 获取域名列表
   */
  async GetDomainList(req: PageSearch): Promise<PageRes<DomainRecord>> {
    try {
      const res = await this.doOAuthRequest('GET', '/api/domains', {
        search: req.searchKey,
        page: req.page,
        pageSize: req.pageSize
      });
      return {
        total: res.total,
        list: res.items.map((item: any) => ({
          id: item.id,
          domain: item.domain
        }))
      };
    } catch (error) {
      // 尝试刷新AccessToken并重试
      if (error.message.includes('401')) {
        await this.refreshAccessToken();
        const res = await this.doOAuthRequest('GET', '/api/domains', {
          search: req.searchKey,
          page: req.page,
          pageSize: req.pageSize
        });
        return {
          total: res.total,
          list: res.items.map((item: any) => ({
            id: item.id,
            domain: item.domain
          }))
        };
      }
      throw error;
    }
  }
 }
 ```
 ## 注意事项
 1. **插件命名**：插件名称应简洁明了，反映其功能。
 2. **属性加密**：对于敏感信息（如密钥），应设置 `encrypt: true`。
 3. **日志输出**：必须使用 `this.ctx.logger` 输出日志，而不是 `console`，参数文本化，不要传对象，否则会输出`[object Object]}`。
 4. **错误处理**：API 调用失败时应抛出明确的错误信息。
 5. **测试方法**：实现 `onTestRequest` 方法，以便用户可以测试授权是否正常。
 6. **统一接口调用**：封装统一的 API 请求方法，避免重复编写错误处理逻辑。
 ## 开发技巧
 ### 实现统一的 API 请求封装
 **好处：**
 - **代码复用**：避免在每个 API 方法中重复编写相同的 header 设置和错误处理逻辑
 - **错误处理一致**：统一捕获和处理各种错误情况，确保错误信息格式统一
 - **日志记录完善**：集中记录详细的错误信息，便于调试和问题排查
 - **接口调用简化**：调用方只需关注业务逻辑，无需关心底层请求细节
 - **易于维护**：统一修改 API 调用方式时，只需修改一处代码
 ```
@@ -0,0 +1,13 @@
 你是一名资深nodejs工程师，擅长开发Certd开源系统的任务插件。
 certd是一款全自动证书申请部署管理工具，基于流水线的方式，通过里面申请证书插件申请证书，然后将证书传递给下一个部署任务插件，不同的部署任务插件将证书部署到用户的各个应用系统当中。
 certd插件分成以下几种类型：
 Access：存储用户的第三放应用的授权数据，比如用户名密码，accessSecret 或 accessToken等。同时它里面的方法还负责对接第三方的api接口
 Task： 部署任务插件，它继承AbstractTaskPlugin类，被流水线调用execute方法，将证书部署到对应的应用上
 DnsProvider: DNS提供商插件，它用于在ACME申请证书时给域名添加txt解析记录。
 注意事项：
 1、使用技能：在开始工作前，请阅读并加载.trae/skills下面的技能，根据skills进行相应的插件开发
 2、迭代技能：当开发过程用户提醒你更好的做法时，你需要总结经验，更新相应的skills，让skills越来越完善，能够在以后得新插件开发中具备指导意义。
 3、一般调用的api接口文档会比较复杂，你不知道接口是什么时，请务必询问用户，让用户提供API接口文档
 4、完成开发后无需测试，通知用户自己去测试
@@ -1,139 +1,82 @@
 ---
 name: dns-provider-dev
 description: 用于开发 Certd 系统中的 DNS Provider 插件，在 ACME 申请证书时给域名添加 TXT 解析记录以验证域名所有权。当用户需要创建DNS提供商插件、实现DNS解析、ACME证书验证或修改现有 DNS Provider 插件时触发。
 version: 1.0.0
 ---
 # DNS Provider 插件开发技能
-## 什么是 DNS Provider 插件
+## 角色定义
 你是一名 Certd 插件开发专家，擅长创建和实现 DNS Provider 类型的插件，熟悉 TypeScript 编程和 Certd 插件开发规范。
-DNS Provider 插件是 Certd 系统中的 DNS 提供商插件，它用于在 ACME 申请证书时给域名添加 TXT 解析记录，以验证域名所有权。
+## 核心指令
 请严格按照以下步骤执行任务：
-## 开发步骤
+1. **导入必要的依赖**
   - 导入 `AbstractDnsProvider`, `CreateRecordOptions`, `IsDnsProvider`, `RemoveRecordOptions` 等必要的类型和装饰器
   - 导入对应的 Access 插件类型
-### 1. 导入必要的依赖
+2. **定义记录数据结构**
   - 定义适合对应云平台的记录数据结构
   - 至少包含 id 字段，用于后续删除记录
 3. **使用 @IsDnsProvider 注解注册插件**
   - 配置插件的唯一标识、标题、描述、图标
   - 指定对应的云平台的 access 类型名称
   - 设置排序值（可选）
   - 继承 `AbstractDnsProvider` 类
 4. **实现 onInstance 方法**
   - 获取并保存对应的 Access 实例
   - 执行初始化操作
 5. **实现 createRecord 方法**
   - 解析传入的参数（fullRecord, value, type, domain）
   - 记录操作开始日志
   - 调用云平台 API 创建 TXT 类型的 DNS 解析记录
   - 处理可能的错误：网络错误、API调用失败、授权失败等
   - 记录操作结果日志
   - 返回创建的记录信息，用于后续删除操作
 6. **实现 removeRecord 方法**
   - 解析传入的参数和之前创建的记录信息
   - 记录操作开始日志
   - 调用云平台 API 删除 TXT 类型的 DNS 解析记录
   - 处理可能的错误：网络错误、API调用失败、记录不存在等
   - 记录操作结果日志
 7. **实现 getDomainListPage 方法**
   - 实现获取域名列表的方法
   - 支持分页查询
   - 处理可能的错误：网络错误、API调用失败、授权失败等
   - 返回标准化的域名列表格式
 8. **实例化插件**
   - 实例化插件，确保插件被注册
 ## 输出规范
 - 必须包含完整的插件实现代码
 - 代码必须包含详细的注释说明
 - 提供完整的示例代码，展示插件的使用方法
 - 包含开发注意事项
 ## 示例
 ### 示例 1: 基本 DNS Provider 插件
 #### 用户输入
 创建一个 DNS Provider 插件，用于在 ACME 申请证书时添加和删除 TXT 解析记录。
 #### 你的回答
 ```typescript
-import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions } from '@certd/plugin-cert';
+import { Pager, PageRes, PageSearch } from "@certd/pipeline";
 import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions, DomainRecord } from '@certd/plugin-cert';
 import { DemoAccess } from './access.js';
 import { isDev } from '../../utils/env.js';
 ```
 ### 2. 定义记录数据结构
 ```typescript
 type DemoRecord = {
  // 这里定义 Record 记录的数据结构，跟对应云平台接口返回值一样即可，一般是拿到 id 就行，用于删除 txt 解析记录，清理申请痕迹
  // id:string
 };
 ```
 ### 3. 使用 @IsDnsProvider 注解注册插件
 ```typescript
 // 这里通过 IsDnsProvider 注册一个 dnsProvider
@IsDnsProvider({
  name: 'demo', // 插件唯一标识
  title: 'Dns提供商Demo', // 插件标题
  desc: 'dns provider示例', // 插件描述
  icon: 'clarity:plugin-line', // 插件图标
  // 这里是对应的云平台的 access 类型名称
  accessType: 'demo',
  order: 99, // 排序
 })
 export class DemoDnsProvider extends AbstractDnsProvider<DemoRecord> {
  access!: DemoAccess;
  async onInstance() {
    this.access = this.ctx.access as DemoAccess;
    // 也可以通过 ctx 成员变量传递 context
    this.logger.debug('access', this.access);
    // 初始化的操作
    // ...
  }
  // 插件实现...
 }
 ```
 ### 4. 实现 createRecord 方法
 ```typescript
 /**
 * 创建 dns 解析记录，用于验证域名所有权
 */
 async createRecord(options: CreateRecordOptions): Promise<any> {
  /**
   * options 参数说明
   * fullRecord: '_acme-challenge.example.com',
   * value: 一串 uuid
   * type: 'TXT',
   * domain: 'example.com'
   */
  const { fullRecord, value, type, domain } = options;
  this.logger.info('添加域名解析：', fullRecord, value, type, domain);
  // 调用创建 dns 解析记录的对应的云端接口，创建 txt 类型的 dns 解析记录
  // 请根据实际接口情况调用，例如：
  // const createDnsRecordUrl = "xxx"
  // const record = this.http.post(createDnsRecordUrl,{
  //   // 授权参数
  //   // 创建 dns 解析记录的参数
  // })
  // // 返回本次创建的 dns 解析记录，这个记录会在删除的时候用到
  // return record
 }
 ```
 ### 5. 实现 removeRecord 方法
 ```typescript
 /**
 *  删除 dns 解析记录,清理申请痕迹
 * @param options
 */
 async removeRecord(options: RemoveRecordOptions<DemoRecord>): Promise<void> {
  const { fullRecord, value, domain } = options.recordReq;
  const record = options.recordRes;
  this.logger.info('删除域名解析：', domain, fullRecord, value, record);
  // 这里调用删除 txt dns 解析记录接口
  // 请根据实际接口情况调用，例如：
  // const deleteDnsRecordUrl = "xxx"
  // const res = this.http.delete(deleteDnsRecordUrl,{
  //   // 授权参数
  //   // 删除 dns 解析记录的参数
  // })
  this.logger.info('删除域名解析成功:', fullRecord, value);
 }
 ```
 ### 6. 实例化插件
 ```typescript
 // 实例化这个 provider，将其自动注册到系统中
 if (isDev()) {
  // 你的实现 要去掉这个 if，不然生产环境将不会显示
  new DemoDnsProvider();
 }
 ```
 ## 注意事项
 1. **插件命名**：插件名称应简洁明了，反映其功能。
 2. **accessType**：必须指定对应的云平台的 access 类型名称。
 3. **记录结构**：定义适合对应云平台的记录数据结构，至少包含 id 字段用于删除记录。
 4. **日志输出**：使用 `this.logger` 输出日志，而不是 `console`。
 5. **错误处理**：API 调用失败时应抛出明确的错误信息。
 6. **实例化**：生产环境中应移除 `if (isDev())` 条件，确保插件在生产环境中也能被注册。
 ## 完整示例
 ```typescript
 import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions } from '@certd/plugin-cert';
 import { DemoAccess } from './access.js';
 import { isDev } from '../../utils/env.js';
 type DemoRecord = {
-  // 这里定义 Record 记录的数据结构，跟对应云平台接口返回值一样即可，一般是拿到 id 就行，用于删除 txt 解析记录，清理申请痕迹
+  // 这里定义 Record 记录的数据结构，跟对应云平台接口返回值一样即可
-  // id:string
+  id: string;
 };
 // 这里通过 IsDnsProvider 注册一个 dnsProvider
@@ -171,6 +114,7 @@ export class DemoDnsProvider extends AbstractDnsProvider<DemoRecord> {
    const { fullRecord, value, type, domain } = options;
    this.logger.info('添加域名解析：', fullRecord, value, type, domain);
    try {
      // 调用创建 dns 解析记录的对应的云端接口，创建 txt 类型的 dns 解析记录
      // 请根据实际接口情况调用，例如：
      // const createDnsRecordUrl = "xxx"
@@ -180,6 +124,13 @@ export class DemoDnsProvider extends AbstractDnsProvider<DemoRecord> {
      // })
      // // 返回本次创建的 dns 解析记录，这个记录会在删除的时候用到
      // return record
      // 模拟返回
      return { id: 'demo-record-id' };
    } catch (error) {
      this.logger.error('创建DNS记录失败:', error);
      throw new Error(`创建DNS记录失败: ${error.message}`);
    }
  }
  /**
@@ -190,23 +141,302 @@ export class DemoDnsProvider extends AbstractDnsProvider<DemoRecord> {
    const { fullRecord, value, domain } = options.recordReq;
    const record = options.recordRes;
    this.logger.info('删除域名解析：', domain, fullRecord, value, record);
    try {
      // 这里调用删除 txt dns 解析记录接口
      // 请根据实际接口情况调用，例如：
      // const deleteDnsRecordUrl = "xxx"
      // const res = this.http.delete(deleteDnsRecordUrl,{
      //   // 授权参数
      //   // 删除 dns 解析记录的参数
      // })
      this.logger.info('删除域名解析成功:', fullRecord, value);
    } catch (error) {
      this.logger.error('删除DNS记录失败:', error);
      // 即使删除失败也不抛出异常，避免影响整个证书申请流程
    }
  }
  /**
   * 实现获取域名列表
   */
  async getDomainListPage(req: PageSearch): Promise<PageRes<DomainRecord>> {
    try {
      const pager = new Pager(req);
      const res = await this.http.request({
        // 请求接口获取域名列表
      })
      const list = res.Domains?.map(item => ({
        id: item.Id,
        domain: item.DomainName,
      })) || []
      return {
        list,
        total: res.Total,
      };
    } catch (error) {
      this.logger.error('获取域名列表失败:', error);
      return { list: [], total: 0 };
    }
  }
 }
 // 实例化这个 provider，将其自动注册到系统中
 if (isDev()) {
  // 你的实现 要去掉这个 if，不然生产环境将不会显示
 new DemoDnsProvider();
 }
 ```
 ### 示例 2: 阿里云 DNS Provider 插件
 #### 用户输入
 创建一个阿里云 DNS Provider 插件，用于在 ACME 申请证书时添加和删除 TXT 解析记录。
 #### 你的回答
 ```typescript
 import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions, PageSearch, PageRes, DomainRecord } from '@certd/plugin-cert';
 import { AliyunAccess } from './aliyun-access.js';
 import { Pager } from '@certd/pipeline';
 type AliyunRecord = {
  RecordId: string;
 };
 // 阿里云 DNS Provider 插件
@IsDnsProvider({
  name: 'aliyun',
  title: '阿里云DNS',
  desc: '阿里云DNS提供商插件',
  icon: 'clarity:plugin-line',
  accessType: 'aliyun',
  order: 10,
 })
 export class AliyunDnsProvider extends AbstractDnsProvider<AliyunRecord> {
  access!: AliyunAccess;
  async onInstance() {
    this.access = this.ctx.access as AliyunAccess;
    this.logger.debug('阿里云Access实例初始化成功');
  }
  /**
   * 创建 DNS 解析记录
   */
  async createRecord(options: CreateRecordOptions): Promise<AliyunRecord> {
    const { fullRecord, value, type, domain } = options;
    this.logger.info('阿里云DNS: 添加解析记录', { fullRecord, value, type, domain });
    try {
      // 提取主机记录
      const hostRecord = fullRecord.replace(`.${domain}`, '');
      // 调用阿里云 API 创建解析记录
      const response = await this.access.doRequest({
        action: 'AddDomainRecord',
        data: {
          DomainName: domain,
          RR: hostRecord,
          Type: type,
          Value: value,
          TTL: 600, // 10分钟
        }
      });
      this.logger.info('阿里云DNS: 解析记录创建成功', { RecordId: response.RecordId });
      return { RecordId: response.RecordId };
    } catch (error) {
      this.logger.error('阿里云DNS: 创建解析记录失败', error);
      throw new Error(`阿里云DNS创建解析记录失败: ${error.message}`);
    }
  }
  /**
   * 删除 DNS 解析记录
   */
  async removeRecord(options: RemoveRecordOptions<AliyunRecord>): Promise<void> {
    const { fullRecord, value, domain } = options.recordReq;
    const record = options.recordRes;
    this.logger.info('阿里云DNS: 删除解析记录', { fullRecord, value, domain, RecordId: record.RecordId });
    try {
      // 调用阿里云 API 删除解析记录
      await this.access.doRequest({
        action: 'DeleteDomainRecord',
        data: {
          RecordId: record.RecordId,
        }
      });
      this.logger.info('阿里云DNS: 解析记录删除成功', { RecordId: record.RecordId });
    } catch (error) {
      this.logger.error('阿里云DNS: 删除解析记录失败', error);
      // 即使删除失败也不抛出异常，避免影响整个证书申请流程
    }
  }
  /**
   * 获取域名列表
   */
  async getDomainListPage(req: PageSearch): Promise<PageRes<DomainRecord>> {
    try {
      const pager = new Pager(req);
      const response = await this.access.doRequest({
        action: 'DescribeDomains',
        data: {
          PageNumber: pager.page,
          PageSize: pager.pageSize,
          KeyWord: req.searchKey,
        }
      });
      const list = response.Domains.Domain.map((domain: any) => ({
        id: domain.DomainId,
        domain: domain.DomainName,
      }));
      return {
        list,
        total: response.TotalCount,
      };
    } catch (error) {
      this.logger.error('阿里云DNS: 获取域名列表失败', error);
      return { list: [], total: 0 };
    }
  }
 }
 // 实例化插件
 new AliyunDnsProvider();
 ```
 ### 示例 3: 腾讯云 DNS Provider 插件
 #### 用户输入
 创建一个腾讯云 DNS Provider 插件，用于在 ACME 申请证书时添加和删除 TXT 解析记录。
 #### 你的回答
 ```typescript
 import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions, PageSearch, PageRes, DomainRecord } from '@certd/plugin-cert';
 import { TencentAccess } from './tencent-access.js';
 import { Pager } from '@certd/pipeline';
 type TencentRecord = {
  RecordId: string;
 };
 // 腾讯云 DNS Provider 插件
@IsDnsProvider({
  name: 'tencent',
  title: '腾讯云DNS',
  desc: '腾讯云DNS提供商插件',
  icon: 'clarity:plugin-line',
  accessType: 'tencent',
  order: 20,
 })
 export class TencentDnsProvider extends AbstractDnsProvider<TencentRecord> {
  access!: TencentAccess;
  async onInstance() {
    this.access = this.ctx.access as TencentAccess;
    this.logger.debug('腾讯云Access实例初始化成功');
  }
  /**
   * 创建 DNS 解析记录
   */
  async createRecord(options: CreateRecordOptions): Promise<TencentRecord> {
    const { fullRecord, value, type, domain } = options;
    this.logger.info('腾讯云DNS: 添加解析记录', { fullRecord, value, type, domain });
    try {
      // 提取主机记录
      const hostRecord = fullRecord.replace(`.${domain}`, '');
      // 调用腾讯云 API 创建解析记录
      const response = await this.access.doRequest({
        action: 'CreateRecord',
        data: {
          Domain: domain,
          SubDomain: hostRecord,
          RecordType: type,
          RecordValue: value,
          TTL: 600, // 10分钟
        }
      });
      this.logger.info('腾讯云DNS: 解析记录创建成功', { RecordId: response.RecordId });
      return { RecordId: response.RecordId };
    } catch (error) {
      this.logger.error('腾讯云DNS: 创建解析记录失败', error);
      throw new Error(`腾讯云DNS创建解析记录失败: ${error.message}`);
    }
  }
  /**
   * 删除 DNS 解析记录
   */
  async removeRecord(options: RemoveRecordOptions<TencentRecord>): Promise<void> {
    const { fullRecord, value, domain } = options.recordReq;
    const record = options.recordRes;
    this.logger.info('腾讯云DNS: 删除解析记录', { fullRecord, value, domain, RecordId: record.RecordId });
    try {
      // 调用腾讯云 API 删除解析记录
      await this.access.doRequest({
        action: 'DeleteRecord',
        data: {
          RecordId: record.RecordId,
        }
      });
      this.logger.info('腾讯云DNS: 解析记录删除成功', { RecordId: record.RecordId });
    } catch (error) {
      this.logger.error('腾讯云DNS: 删除解析记录失败', error);
      // 即使删除失败也不抛出异常，避免影响整个证书申请流程
    }
  }
  /**
   * 获取域名列表
   */
  async getDomainListPage(req: PageSearch): Promise<PageRes<DomainRecord>> {
    try {
      const pager = new Pager(req);
      const response = await this.access.doRequest({
        action: 'DescribeDomains',
        data: {
          Offset: (pager.page - 1) * pager.pageSize,
          Limit: pager.pageSize,
          Keyword: req.searchKey,
        }
      });
      const list = response.Domains.map((domain: any) => ({
        id: domain.DomainId,
        domain: domain.DomainName,
      }));
      return {
        list,
        total: response.TotalCount,
      };
    } catch (error) {
      this.logger.error('腾讯云DNS: 获取域名列表失败', error);
      return { list: [], total: 0 };
    }
  }
 }
 // 实例化插件
 new TencentDnsProvider();
 ```
 ## 注意事项
 1. **插件命名**：插件名称应简洁明了，反映其功能。
 2. **accessType**：必须指定对应的云平台的 access 类型名称。
 3. **记录结构**：定义适合对应云平台的记录数据结构，至少包含 id 字段用于删除记录。
 4. **日志输出**：使用 `this.logger` 输出日志，而不是 `console`，参数文本化，不要传对象，否则会输出`[object Object]}`。
 5. **错误处理**：API 调用失败时应抛出明确的错误信息。
@@ -1,126 +1,90 @@
 ---
 name: plugin-converter
 description: 用于将 Certd 插件转换为 YAML 配置文件的命令行工具，支持分析单个插件文件、识别插件类型并生成对应的 YAML 配置。当用户需要生成插件配置、转换插件格式、批量处理插件或修改现有插件配置时触发。
 version: 1.0.0
 ---
 # 插件转换工具技能
-## 什么是插件转换工具
+## 角色定义
 你是一名 Certd 插件开发专家，擅长使用插件转换工具将 Certd 插件转换为 YAML 配置文件，熟悉命令行工具的使用和 Certd 插件开发规范。
-插件转换工具是一个用于将 Certd 插件转换为 YAML 配置文件的命令行工具。它可以分析单个插件文件，识别插件类型，并生成对应的 YAML 配置，方便插件的注册和管理。
+## 核心指令
 请严格按照以下步骤执行任务：
-## 工具位置
+1. **定位工具位置**
   - 工具位于 `trae/skills/convert-plugin-to-yaml.js`
-`trae/skills/convert-plugin-to-yaml.js`
+2. **了解功能特性**
   - 单个插件转换：支持指定单个插件文件进行转换
   - 批量插件转换：支持指定目录批量转换多个插件
   - 自动类型识别：自动识别插件类型（Access、Task、DNS Provider、Notification、Addon）
   - 详细日志输出：提供详细的转换过程日志
   - YAML 配置生成：生成标准的 YAML 配置文件
   - 配置文件保存：自动将生成的配置保存到 `./metadata` 目录
   - 自定义输出目录：支持指定自定义输出目录
   - 格式化输出：支持格式化 YAML 输出
   - 可复用函数：导出了可复用的函数，便于其他模块调用
-## 功能特性
+3. **使用工具**
   - 基本用法：`node trae/skills/convert-plugin-to-yaml.js <插件文件路径>`
   - 批量转换：`node trae/skills/convert-plugin-to-yaml.js <目录路径>`
   - 自定义输出目录：`node trae/skills/convert-plugin-to-yaml.js <插件文件路径> --output <输出目录>`
   - 格式化输出：`node trae/skills/convert-plugin-to-yaml.js <插件文件路径> --format`
   - 示例：
     - 转换 Access 插件：`node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/access.js`
     - 转换 Task 插件：`node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js`
     - 转换 DNS Provider 插件：`node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.js`
     - 批量转换插件：`node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/`
     - 自定义输出目录：`node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/access.js --output ./configs`
- **单个插件转换**：支持指定单个插件文件进行转换，而不是扫描整个目录
+4. **理解转换过程**
- **自动类型识别**：自动识别插件类型（Access、Task、DNS Provider、Notification、Addon）
+   - 加载插件模块：使用 `import()` 动态加载指定的插件文件
- **详细日志输出**：提供详细的转换过程日志，便于调试
+   - 分析插件定义：检查模块导出的对象，寻找带有 `define` 属性的插件
- **YAML 配置生成**：生成标准的 YAML 配置文件
+   - 识别插件类型：根据插件的继承关系或属性识别插件类型
- **配置文件保存**：自动将生成的配置保存到 `./metadata` 目录
+   - 生成 YAML 配置：基于插件定义生成标准的 YAML 配置
- **可复用函数**：导出了可复用的函数，便于其他模块调用
+   - 保存配置文件：将生成的配置保存到 `./metadata` 目录
-## 使用方法
+5. **了解输出说明**
   - 命令行输出：插件加载状态、插件导出的对象列表、插件类型识别结果、生成的 YAML 配置内容、配置文件保存路径
   - 配置文件命名规则：`<插件类型>[_<子类型>]_<插件名称>.yaml`
-### 基本用法
+6. **理解插件类型识别逻辑**
   - DNS Provider：如果插件定义中包含 `accessType` 属性
   - Task：如果插件继承自 `AbstractTaskPlugin`
   - Notification：如果插件继承自 `BaseNotification`
   - Access：如果插件继承自 `BaseAccess`
   - Addon：如果插件继承自 `BaseAddon`
-```bash
+7. **遵循注意事项**
-node trae/skills/convert-plugin-to-yaml.js <插件文件路径>
+   - 文件路径：插件文件路径可以是相对路径或绝对路径
-```
+   - 文件格式：仅支持 `.js` 文件，不支持 `.ts` 文件（需要先编译）
   - 依赖安装：执行前确保已安装所有必要的依赖
   - 配置目录：如果 `./metadata` 目录不存在，工具会自动创建
   - 错误处理：如果插件加载失败或识别失败，工具会输出错误信息但不会终止执行
-### 示例
+## 输出规范
 - 必须包含工具的使用方法和示例
 - 必须包含转换过程的详细说明
 - 必须包含输出说明和配置文件命名规则
 - 必须包含插件类型识别逻辑
 - 必须包含注意事项和故障排除建议
 ## 示例
 ### 示例 1: 转换单个 Access 插件
 #### 用户输入
 将 Access 插件转换为 YAML 配置文件。
 #### 你的回答
 ```bash
 # 转换 Access 插件
 node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/access.js
 # 转换 Task 插件
 node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
 # 转换 DNS Provider 插件
 node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.js
 ```
-## 转换过程
+#### 输出
 1. **加载插件模块**：使用 `import()` 动态加载指定的插件文件
 2. **分析插件定义**：检查模块导出的对象，寻找带有 `define` 属性的插件
 3. **识别插件类型**：根据插件的继承关系或属性识别插件类型
 4. **生成 YAML 配置**：基于插件定义生成标准的 YAML 配置
 5. **保存配置文件**：将生成的配置保存到 `./metadata` 目录
 ## 输出说明
 ### 命令行输出
 执行转换命令后，工具会输出以下信息：
 - 插件加载状态
 - 插件导出的对象列表
 - 插件类型识别结果
 - 生成的 YAML 配置内容
 - 配置文件保存路径
 ### 配置文件命名规则
 生成的配置文件命名规则为：
 ```
 <插件类型>[_<子类型>]_<插件名称>.yaml
 ```
 例如：
 - `access_demo.yaml`（Access 插件）
 - `deploy_DemoTest.yaml`（Task 插件）
 - `dnsProvider_demo.yaml`（DNS Provider 插件）
 ## 插件类型识别逻辑
 工具通过以下逻辑识别插件类型：
 1. **DNS Provider**：如果插件定义中包含 `accessType` 属性
 2. **Task**：如果插件继承自 `AbstractTaskPlugin`
 3. **Notification**：如果插件继承自 `BaseNotification`
 4. **Access**：如果插件继承自 `BaseAccess`
 5. **Addon**：如果插件继承自 `BaseAddon`
 ## 注意事项
 1. **文件路径**：插件文件路径可以是相对路径或绝对路径
 2. **文件格式**：仅支持 `.js` 文件，不支持 `.ts` 文件（需要先编译）
 3. **依赖安装**：执行前确保已安装所有必要的依赖
 4. **配置目录**：如果 `./metadata` 目录不存在，工具会自动创建
 5. **错误处理**：如果插件加载失败或识别失败，工具会输出错误信息但不会终止执行
 ## 代码结构
 ### 主要函数
 1. **isPrototypeOf(value, cls)**：检查对象是否是指定类的原型
 2. **loadSingleModule(filePath)**：加载单个插件模块
 3. **convertSinglePlugin(pluginPath)**：分析单个插件并生成 YAML 配置
 4. **main()**：主函数，处理命令行参数并执行转换
 ### 导出函数
 工具导出了以下函数，便于其他模块调用：
 ```javascript
 export {
  convertSinglePlugin,  // 转换单个插件
  loadSingleModule,     // 加载单个模块
  isPrototypeOf         // 检查原型关系
 };
 ```
 ## 应用场景
 1. **插件开发**：在开发新插件时，快速生成配置文件
 2. **插件调试**：查看插件的内部定义和配置
 3. **插件管理**：批量转换现有插件为标准配置格式
 4. **自动化构建**：集成到构建流程中，自动生成插件配置
 ## 示例输出
 ### 转换 Access 插件示例
 ```bash
 $ node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/access.js
 开始转换插件: packages/ui/certd-server/src/plugins/plugin-demo/access.js
@@ -142,30 +106,117 @@ YAML 配置已保存到: ./metadata/access_demo.yaml
 插件转换完成!
 ```
-### 转换 Task 插件示例
+### 示例 2: 批量转换插件
 #### 用户输入
 批量转换目录中的所有插件为 YAML 配置文件。
 #### 你的回答
 ```bash
-$ node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
+# 批量转换插件
 node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/
 ```
 #### 输出
 ```bash
 $ node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/
 开始转换目录: packages/ui/certd-server/src/plugins/
 正在处理文件: packages/ui/certd-server/src/plugins/plugin-demo/access.js
 开始转换插件: packages/ui/certd-server/src/plugins/plugin-demo/access.js
 插件模块导出了 1 个对象: DemoAccess
 处理插件: DemoAccess
 插件类型: access
 脚本路径: packages/ui/certd-server/src/plugins/plugin-demo/access.js
 生成的 YAML 配置:
 name: demo
 title: 授权插件示例
 desc: 这是一个示例授权插件，用于演示如何实现一个授权插件
 icon: clarity:plugin-line
 pluginType: access
 type: builtIn
 scriptFilePath: packages/ui/certd-server/src/plugins/plugin-demo/access.js
 YAML 配置已保存到: ./metadata/access_demo.yaml
 插件转换完成!
 正在处理文件: packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
 开始转换插件: packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
 插件模块导出了 1 个对象: DemoTest
 处理插件: DemoTest
-插件类型: deploy
+插件类型: task
 脚本路径: packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
 生成的 YAML 配置:
 name: DemoTest
 title: Demo-测试插件
-desc: ""
+desc: 这是一个示例任务插件，用于演示如何实现一个任务插件
 icon: clarity:plugin-line
 pluginType: task
 group: other
 default:
  strategy:
    runStrategy: SkipWhenSucceed
 pluginType: deploy
 type: builtIn
 scriptFilePath: packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
-YAML 配置已保存到: ./metadata/deploy_DemoTest.yaml
+YAML 配置已保存到: ./metadata/task_DemoTest.yaml
 插件转换完成!
 正在处理文件: packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.js
 开始转换插件: packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.js
 插件模块导出了 1 个对象: DemoDnsProvider
 处理插件: DemoDnsProvider
 插件类型: dns-provider
 脚本路径: packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.js
 生成的 YAML 配置:
 name: demo
 title: Dns提供商Demo
 desc: dns provider示例
 icon: clarity:plugin-line
 pluginType: dns-provider
 accessType: demo
 order: 99
 type: builtIn
 scriptFilePath: packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.js
 YAML 配置已保存到: ./metadata/dns-provider_demo.yaml
 插件转换完成!
 批量转换完成，共处理 3 个插件文件
 ```
 ### 示例 3: 自定义输出目录
 #### 用户输入
 将插件转换为 YAML 配置文件，并保存到自定义目录。
 #### 你的回答
 ```bash
 # 自定义输出目录
 node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/access.js --output ./configs
 ```
 #### 输出
 ```bash
 $ node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/access.js --output ./configs
 开始转换插件: packages/ui/certd-server/src/plugins/plugin-demo/access.js
 插件模块导出了 1 个对象: DemoAccess
 处理插件: DemoAccess
 插件类型: access
 脚本路径: packages/ui/certd-server/src/plugins/plugin-demo/access.js
 生成的 YAML 配置:
 name: demo
 title: 授权插件示例
 desc: 这是一个示例授权插件，用于演示如何实现一个授权插件
 icon: clarity:plugin-line
 pluginType: access
 type: builtIn
 scriptFilePath: packages/ui/certd-server/src/plugins/plugin-demo/access.js
 YAML 配置已保存到: ./configs/access_demo.yaml
 插件转换完成!
 ```
@@ -196,6 +247,30 @@ YAML 配置已保存到: ./metadata/deploy_DemoTest.yaml
 - **尝试简化插件**：如果转换失败，尝试创建一个最小化的插件示例进行测试
 - **检查依赖版本**：确保使用的依赖版本与 Certd 兼容
-## 总结
+## 代码结构
-插件转换工具是一个方便实用的工具，它可以帮助开发者快速生成插件的 YAML 配置文件，简化插件的注册和管理过程。通过命令行参数指定单个插件文件，工具会自动完成类型识别、配置生成和保存等操作，大大提高了插件开发和管理的效率。
+### 主要函数
 1. **isPrototypeOf(value, cls)**：检查对象是否是指定类的原型
 2. **loadSingleModule(filePath)**：加载单个插件模块
 3. **convertSinglePlugin(pluginPath)**：分析单个插件并生成 YAML 配置
 4. **main()**：主函数，处理命令行参数并执行转换
 ### 导出函数
 工具导出了以下函数，便于其他模块调用：
 ```javascript
 export {
  convertSinglePlugin,  // 转换单个插件
  loadSingleModule,     // 加载单个模块
  isPrototypeOf         // 检查原型关系
 };
 ```
 ## 应用场景
 1. **插件开发**：在开发新插件时，快速生成配置文件
 2. **插件调试**：查看插件的内部定义和配置
 3. **插件管理**：批量转换现有插件为标准配置格式
 4. **自动化构建**：集成到构建流程中，自动生成插件配置
@@ -1,12 +1,73 @@
 ---
 name: task-plugin-dev
 description: 用于开发 Certd 系统中的 Task 插件，继承自 AbstractTaskPlugin 类，被流水线调用 execute 方法将证书部署到对应的应用上。当用户需要创建任务插件、部署证书、自动化任务或修改现有 Task 插件时触发。
 version: 1.0.0
 ---
 # Task 插件开发技能
-## 什么是 Task 插件
+## 角色定义
 你是一名 Certd 插件开发专家，擅长创建和实现 Task 类型的插件，熟悉 TypeScript 编程和 Certd 插件开发规范。
-Task 插件是 Certd 系统中的部署任务插件，它继承自 `AbstractTaskPlugin` 类，被流水线调用 `execute` 方法，将证书部署到对应的应用上。
+## 核心指令
 请严格按照以下步骤执行任务：
-## 开发步骤
+1. **导入必要的依赖**
   - 导入 `AbstractTaskPlugin`, `IsTaskPlugin`, `PageSearch`, `pluginGroups`, `RunStrategy`, `TaskInput` 等必要的类型和装饰器
   - 导入 `CertInfo`, `CertReader` 等证书相关类型
   - 导入 `createCertDomainGetterInputDefine`, `createRemoteSelectInputDefine` 等工具函数
   - 导入 `optionsUtils` 等辅助工具
   - 导入 `CertApplyPluginNames` 等常量
-### 1. 导入必要的依赖
+2. **使用 @IsTaskPlugin 注解注册插件**
   - 配置插件的唯一标识、标题、图标
   - 设置插件分组
   - 配置默认策略（如 `SkipWhenSucceed`）
   - 确保类名与插件名称一致
 3. **定义任务输入参数**
   - 使用 `@TaskInput` 注解定义各种输入参数
   - 必须包含证书选择参数，用于获取前置任务输出的域名证书
   - 可以添加授权选择框、文本输入、选择框等参数
   - 使用 `createCertDomainGetterInputDefine` 获取证书域名列表
 4. **实现动态显隐配置**
   - 使用 `mergeScript` 实现根据其他输入值动态控制输入项的显隐状态
   - 利用 `ctx.compute` 函数访问表单中的其他字段值
 5. **实现插件方法**
   - **onInstance 方法**：插件实例化时执行的初始化操作
   - **execute 方法**：插件的核心执行逻辑
     - 获取授权信息
     - 读取证书信息
     - 执行具体的部署逻辑
     - 处理错误并记录日志
     - 实现幂等性：确保重复执行不会导致问题
     - 实现超时处理：设置合理的超时时间
     - 实现回滚机制：在部署失败时能够回滚到之前的状态
   - **后端获取选项方法**：用于前端从后端获取选项的方法
 6. **遵循开发最佳实践**
   - 插件命名：遵循命名规范，大写字母开头，驼峰命名
   - 类名规范：类名应与插件名称一致
   - 日志输出：使用 `this.logger` 输出日志
   - 错误处理：捕获并记录执行过程中的错误
   - 授权获取：使用 `this.getAccess(accessId)` 获取授权信息
 ## 输出规范
 - 必须包含完整的插件实现代码
 - 代码必须包含详细的注释说明
 - 提供完整的示例代码，展示插件的使用方法
 - 包含开发注意事项和最佳实践
 ## 示例
 ### 示例 1: 基本 Task 插件
 #### 用户输入
 创建一个 Task 插件，用于将证书部署到对应的应用上。
 #### 你的回答
 ```typescript
 import { AbstractTaskPlugin, IsTaskPlugin, PageSearch, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
@@ -14,185 +75,10 @@ import { CertInfo, CertReader } from '@certd/plugin-cert';
 import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from '@certd/plugin-lib';
 import { optionsUtils } from '@certd/basic';
 import { CertApplyPluginNames} from '@certd/plugin-cert';
 ```
 ### 2. 使用 @IsTaskPlugin 注解注册插件
 ```typescript
@IsTaskPlugin({
  //命名规范，插件类型+功能，大写字母开头，驼峰命名
  name: 'DemoTest',
  title: 'Demo-测试插件', // 插件标题
  icon: 'clarity:plugin-line', // 插件图标
  // 插件分组
  group: pluginGroups.other.key,
  default: {
    // 默认值配置照抄即可
    strategy: {
      runStrategy: RunStrategy.SkipWhenSucceed,
    },
  },
 })
 // 类名规范，跟上面插件名称（name）一致
 export class DemoTest extends AbstractTaskPlugin {
  // 插件实现...
 }
 ```
 ### 3. 定义任务输入参数
 使用 `@TaskInput` 注解定义任务输入参数：
 ```typescript
 // 测试参数
@TaskInput({
  title: '属性示例',
  value: '默认值',
  component: {
    // 前端组件配置，具体配置见组件文档 https://www.antdv.com/components/input-cn
    name: 'a-input',
    vModel: 'value', // 双向绑定组件的 props 名称
  },
  helper: '帮助说明,[链接](https://certd.docmirror.cn)',
  required: false, // 是否必填
 })
 text!: string;
 // 证书选择，此项必须要有
@TaskInput({
  title: '域名证书',
  helper: '请选择前置任务输出的域名证书',
  component: {
    name: 'output-selector',
    from: [...CertApplyPluginNames],
  },
  // required: true, // 必填
 })
 cert!: CertInfo;
@TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
 // 前端可以展示，当前申请的证书域名列表
 certDomains!: string[];
 // 授权选择框
@TaskInput({
  title: 'demo授权',
  helper: 'demoAccess授权',
  component: {
    name: 'access-selector',
    type: 'demo', // 固定授权类型
  },
  // rules: [{ required: true, message: '此项必填' }],
  // required: true, // 必填
 })
 accessId!: string;
 ```
 ### 4. 实现插件方法
 #### 4.1 插件实例化时执行的方法
 ```typescript
 // 插件实例化时执行的方法
 async onInstance() {}
 ```
 #### 4.2 插件执行方法
 ```typescript
 // 插件执行方法
 async execute(): Promise<void> {
  const { select, text, cert, accessId } = this;
  try {
    const access = await this.getAccess(accessId);
    this.logger.debug('access', access);
  } catch (e) {
    this.logger.error('获取授权失败', e);
  }
  try {
    const certReader = new CertReader(cert);
    this.logger.debug('certReader', certReader);
  } catch (e) {
    this.logger.error('读取crt失败', e);
  }
  this.logger.info('DemoTestPlugin execute');
  this.logger.info('text:', text);
  this.logger.info('select:', select);
  this.logger.info('switch:', this.switch);
  this.logger.info('授权id:', accessId);
  // 具体的部署逻辑
  // ...
 }
 ```
 #### 4.3 后端获取选项方法
 ```typescript
@TaskInput(
  createRemoteSelectInputDefine({
    title: '从后端获取选项',
    helper: '选择时可以从后端获取选项',
    action: DemoTest.prototype.onGetSiteList.name,
    // 当以下参数变化时，触发获取选项
    watches: ['certDomains', 'accessId'],
    required: true,
  })
 )
 siteName!: string | string[];
 // 从后端获取选项的方法
 async onGetSiteList(req: PageSearch) {
  if (!this.accessId) {
    throw new Error('请选择Access授权');
  }
  // @ts-ignore
  const access = await this.getAccess(this.accessId);
  // const siteRes = await access.GetDomainList(req);
  // 以下是模拟数据
  const siteRes = [
    { id: 1, siteName: 'site1.com' },
    { id: 2, siteName: 'site2.com' },
    { id: 3, siteName: 'site2.com' },
  ];
  // 转换为前端所需要的格式
  const options = siteRes.map((item: any) => {
    return {
      value: item.siteName,
      label: item.siteName,
      domain: item.siteName,
    };
  });
  // 将站点域名名称根据证书域名进行匹配分组，分成匹配的和不匹配的两组选项，返回给前端，供用户选择
  return optionsUtils.buildGroupOptions(options, this.certDomains);
 }
 ```
 ## 注意事项
 1. **插件命名**：插件名称应遵循命名规范，大写字母开头，驼峰命名。
 2. **类名规范**：类名应与插件名称（name）一致。
 3. **证书选择**：必须包含证书选择参数，用于获取前置任务输出的域名证书。
 4. **日志输出**：使用 `this.logger` 输出日志，而不是 `console`。
 5. **错误处理**：执行过程中的错误应被捕获并记录。
 6. **授权获取**：使用 `this.getAccess(accessId)` 获取授权信息。
 ## 完整示例
 ```typescript
 import { AbstractTaskPlugin, IsTaskPlugin, PageSearch, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
 import { CertInfo, CertReader } from '@certd/plugin-cert';
 import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from '@certd/plugin-lib';
 import { optionsUtils } from '@certd/basic';
 import { CertApplyPluginNames} from '@certd/plugin-cert';
@IsTaskPlugin({
  //命名规范，插件类型+功能（就是目录plugin-demo中的demo），大写字母开头，驼峰命名
  name: 'DemoTest',
  title: 'Demo-测试插件',
  icon: 'clarity:plugin-line',
  //插件分组
@@ -240,7 +126,7 @@ export class DemoTest extends AbstractTaskPlugin {
    title: '动态显隐',
    helper: '我会根据选择框的值进行显隐',
    show: true, //动态计算的值会覆盖它
-    //动态计算脚本， mergeScript返回的对象会合并当前配置，此处演示 show的值会被动态计算结果覆盖，show的值根据用户选择的select的值决定
+    //动态计算脚本， mergeScript返回的对象会合并当前配置
    mergeScript: `
    return {
      show: ctx.compute(({form})=>{
@@ -278,6 +164,7 @@ export class DemoTest extends AbstractTaskPlugin {
    },
  })
  switch!: boolean;
  //证书选择，此项必须要有
  @TaskInput({
    title: '域名证书',
@@ -346,6 +233,7 @@ export class DemoTest extends AbstractTaskPlugin {
    this.logger.info('switch:', this.switch);
    this.logger.info('授权id:', accessId);
    // 具体的部署逻辑
    // const res = await this.http.request({
    //   url: 'https://api.demo.com',
    //   method: 'GET',
@@ -382,7 +270,377 @@ export class DemoTest extends AbstractTaskPlugin {
      };
    });
    //将站点域名名称根据证书域名进行匹配分组，分成匹配的和不匹配的两组选项，返回给前端，供用户选择
-    return optionsUtils.buildGroupOptions(options, this.certDomains);
+    return {
      list: optionsUtils.buildGroupOptions(options, this.certDomains),
      total: siteRes.length,
    };
  }
 }
 ```
 ### 示例 2: Nginx 部署 Task 插件
 #### 用户输入
 创建一个 Task 插件，用于将证书部署到 Nginx 服务器上。
 #### 你的回答
 ```typescript
 import { AbstractTaskPlugin, CertInfo, IsTaskPlugin, TaskInput, pluginGroups, RunStrategy } from '@certd/pipeline';
 import { CertReader } from '@certd/plugin-lib';
 /**
 * Nginx 证书部署插件
 */
@IsTaskPlugin({
  name: 'NginxDeploy',
  title: 'Nginx 部署',
  desc: '将证书部署到 Nginx 服务器上',
  icon: 'clarity:server-line',
  group: pluginGroups.deploy.key,
  default: {
    strategy: {
      runStrategy: RunStrategy.SkipWhenSucceed,
    },
  },
 })
 export class NginxDeploy extends AbstractTaskPlugin {
  /**
   * 服务器授权
   */
  @TaskInput({
    title: '服务器授权',
    component: {
      name: 'access-selector',
      vModel: 'accessId',
      accessTypes: ['ssh'],
      placeholder: '请选择服务器授权',
    },
    required: true,
  })
  accessId = '';
  /**
   * 域名证书
   */
  @TaskInput({
    title: '域名证书',
    component: {
      name: 'output-selector',
      from: ['CertApply', 'CertApplyCloudflare'],
      field: 'cert',
    },
    required: true,
  })
  cert!: CertInfo;
  /**
   * 证书路径
   */
  @TaskInput({
    title: '证书路径',
    value: '/etc/nginx/ssl',
    component: {
      name: 'a-input',
      placeholder: '请输入证书存储路径',
    },
    required: true,
  })
  certPath = '';
  /**
   * Nginx 配置文件路径
   */
  @TaskInput({
    title: 'Nginx 配置文件',
    value: '/etc/nginx/conf.d',
    component: {
      name: 'a-input',
      placeholder: '请输入 Nginx 配置文件路径',
    },
    required: true,
  })
  nginxConfPath = '';
  /**
   * 服务名称
   */
  @TaskInput({
    title: '服务名称',
    component: {
      name: 'a-input',
      placeholder: '请输入服务名称（用于生成配置文件）',
    },
    required: true,
  })
  serviceName = '';
  /**
   * 执行部署
   */
  async execute(): Promise<void> {
    this.logger.info('开始部署证书到 Nginx');
    try {
      // 1. 获取服务器授权
      const sshAccess = await this.getAccess(this.accessId);
      this.logger.info('获取服务器授权成功');
      // 2. 读取证书信息
      const certReader = new CertReader(this.cert);
      const cert = certReader.getCert();
      const key = certReader.getKey();
      const fullchain = certReader.getFullChain();
      this.logger.info('读取证书信息成功');
      // 3. 准备部署路径
      const certFile = `${this.certPath}/${this.serviceName}.pem`;
      const keyFile = `${this.certPath}/${this.serviceName}.key`;
      const confFile = `${this.nginxConfPath}/${this.serviceName}.conf`;
      // 4. 创建证书目录
      await sshAccess.exec(`mkdir -p ${this.certPath}`);
      this.logger.info('创建证书目录成功');
      // 5. 上传证书文件
      await sshAccess.uploadContent(cert, certFile);
      await sshAccess.uploadContent(key, keyFile);
      await sshAccess.uploadContent(fullchain, `${this.certPath}/${this.serviceName}-fullchain.pem`);
      this.logger.info('上传证书文件成功');
      // 6. 生成 Nginx 配置
      const nginxConf = `server {
    listen 443 ssl;
    server_name ${this.cert.domains.join(' ')};
    ssl_certificate ${certFile};
    ssl_certificate_key ${keyFile};
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384;
    ssl_prefer_server_ciphers on;
    location / {
        proxy_pass http://localhost:80;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
 }
 `;
      // 7. 上传 Nginx 配置
      await sshAccess.uploadContent(nginxConf, confFile);
      this.logger.info('上传 Nginx 配置成功');
      // 8. 测试 Nginx 配置
      const testResult = await sshAccess.exec('nginx -t');
      if (testResult.includes('test is successful')) {
        this.logger.info('Nginx 配置测试成功');
      } else {
        throw new Error(`Nginx 配置测试失败: ${testResult}`);
      }
      // 9. 重启 Nginx 服务
      await sshAccess.exec('systemctl reload nginx');
      this.logger.info('重启 Nginx 服务成功');
      this.logger.info('证书部署到 Nginx 成功');
    } catch (error) {
      this.logger.error('部署失败:', error);
      throw new Error(`部署到 Nginx 失败: ${error.message}`);
    }
  }
 }
 // 实例化插件
 new NginxDeploy();
 ```
 ### 示例 3: 阿里云 OSS 部署 Task 插件
 #### 用户输入
 创建一个 Task 插件，用于将证书部署到阿里云 OSS 上。
 #### 你的回答
 ```typescript
 import { AbstractTaskPlugin, CertInfo, IsTaskPlugin, TaskInput, pluginGroups, RunStrategy } from '@certd/pipeline';
 import { CertReader } from '@certd/plugin-lib';
 /**
 * 阿里云 OSS 证书部署插件
 */
@IsTaskPlugin({
  name: 'AliyunOSSDeploy',
  title: '阿里云 OSS 部署',
  desc: '将证书部署到阿里云 OSS 存储上',
  icon: 'clarity:cloud-line',
  group: pluginGroups.deploy.key,
  default: {
    strategy: {
      runStrategy: RunStrategy.SkipWhenSucceed,
    },
  },
 })
 export class AliyunOSSDeploy extends AbstractTaskPlugin {
  /**
   * 阿里云授权
   */
  @TaskInput({
    title: '阿里云授权',
    component: {
      name: 'access-selector',
      vModel: 'accessId',
      accessTypes: ['aliyun'],
      placeholder: '请选择阿里云授权',
    },
    required: true,
  })
  accessId = '';
  /**
   * 域名证书
   */
  @TaskInput({
    title: '域名证书',
    component: {
      name: 'output-selector',
      from: ['CertApply', 'CertApplyCloudflare'],
      field: 'cert',
    },
    required: true,
  })
  cert!: CertInfo;
  /**
   * OSS 存储桶
   */
  @TaskInput({
    title: 'OSS 存储桶',
    component: {
      name: 'a-input',
      placeholder: '请输入 OSS 存储桶名称',
    },
    required: true,
  })
  bucketName = '';
  /**
   * 存储路径
   */
  @TaskInput({
    title: '存储路径',
    value: 'ssl/',
    component: {
      name: 'a-input',
      placeholder: '请输入证书存储路径',
    },
  })
  storagePath = '';
  /**
   * 执行部署
   */
  async execute(): Promise<void> {
    this.logger.info('开始部署证书到阿里云 OSS');
    try {
      // 1. 获取阿里云授权
      const aliyunAccess = await this.getAccess(this.accessId);
      this.logger.info('获取阿里云授权成功');
      // 2. 读取证书信息
      const certReader = new CertReader(this.cert);
      const cert = certReader.getCert();
      const key = certReader.getKey();
      const fullchain = certReader.getFullChain();
      this.logger.info('读取证书信息成功');
      // 3. 准备存储路径
      const basePath = this.storagePath.endsWith('/') ? this.storagePath : `${this.storagePath}/`;
      const certFileName = `${basePath}${this.cert.domains[0]}.pem`;
      const keyFileName = `${basePath}${this.cert.domains[0]}.key`;
      const fullchainFileName = `${basePath}${this.cert.domains[0]}-fullchain.pem`;
      // 4. 上传证书到 OSS
      await aliyunAccess.uploadToOSS({
        bucket: this.bucketName,
        key: certFileName,
        content: cert,
      });
      this.logger.info('上传证书文件成功');
      await aliyunAccess.uploadToOSS({
        bucket: this.bucketName,
        key: keyFileName,
        content: key,
      });
      this.logger.info('上传私钥文件成功');
      await aliyunAccess.uploadToOSS({
        bucket: this.bucketName,
        key: fullchainFileName,
        content: fullchain,
      });
      this.logger.info('上传完整证书链成功');
      // 5. 设置文件访问权限（可选）
      await aliyunAccess.setOSSObjectAcl({
        bucket: this.bucketName,
        key: certFileName,
        acl: 'private',
      });
      await aliyunAccess.setOSSObjectAcl({
        bucket: this.bucketName,
        key: keyFileName,
        acl: 'private',
      });
      await aliyunAccess.setOSSObjectAcl({
        bucket: this.bucketName,
        key: fullchainFileName,
        acl: 'private',
      });
      this.logger.info('设置文件访问权限成功');
      this.logger.info('证书部署到阿里云 OSS 成功');
    } catch (error) {
      this.logger.error('部署失败:', error);
      throw new Error(`部署到阿里云 OSS 失败: ${error.message}`);
    }
  }
 }
 // 实例化插件
 new AliyunOSSDeploy();
 ```
 ## 注意事项
 1. **插件命名**：插件名称应遵循命名规范，大写字母开头，驼峰命名。
 2. **类名规范**：类名应与插件名称（name）一致。
 3. **证书选择**：必须包含证书选择参数，用于获取前置任务输出的域名证书。
 4. **日志输出**：使用 `this.logger` 输出日志，而不是 `console`，参数文本化，不要传对象，否则会输出`[object Object]}`。
 5. **错误处理**：执行过程中的错误应被捕获并记录。
 6. **授权获取**：使用 `this.getAccess(accessId)` 获取授权信息。
 ## 部署逻辑注意事项
 1. **部署接口逻辑**：
   - 研究应用的部署接口逻辑，一般有两种：
     a. 用户选择网站ID，给网站部署新证书
     b. 用户选择证书ID，只需要更新证书即可
   - 保证多次执行都能针对同一个对象部署证书
   - 确保出错后重新运行能够回归到正常状态
 2. **前置证书选择**：
   - 前置证书可以是原始的 `certInfo` 类型，也可能是上传到平台之后返回的证书id
   - 根据接口要求选择合适的证书类型：
     a. 如果接口需要上传后的证书id，那么部署时要先将证书上传，再部署
     b. 如果接口需要原始的 `certInfo` 类型，那么直接使用 `certInfo` 部署证书
     c. 当两者都支持时，判断用户选择的证书类型，再考虑优先上传再部署
 3. **证书清理**：
   - 如果是先上传再部署的，那么在部署完成后，可能需要考虑清理证书
 ```
@@ -79,5 +79,15 @@
                "PLUS_SERVER_BASE_URL": "http://127.0.0.1:11007"
            }
        }
    ],
    "compounds": [
        {
            "name": "all",
            "configurations": [
                "server",
                "client",
            ],
            "stopAll": false
        },
    ]
 }
@@ -3,6 +3,173 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
 ### Bug Fixes
 * 修复创建流水线无法选择通知的bug ([a88d0a6](https://github.com/certd/certd/commit/a88d0a6ae15cb6170d0b36e21daf89f0dbd5f681))
 * 修复流水线任务编辑页面复制粘贴按钮在夜间模式显示问题 ([1e549df](https://github.com/certd/certd/commit/1e549dfd431ed74e2bcdfce63e5f640c51603af3))
 * 修复用户管理添加用户无法上传头像的bug ([557e98c](https://github.com/certd/certd/commit/557e98c33f5462167d8f6289f70dad68bb114a97))
 * 修复自定义插件删除后没有反注册的bug ([df98463](https://github.com/certd/certd/commit/df9846332596d2afaba53e66d2897aa1c598f9c4))
 * 修复spaceship创建record报错的bug ([70b46d4](https://github.com/certd/certd/commit/70b46d4a8f89cf8eded21ebb237e8c8ce6c40d30))
 ### Performance Improvements
 * 1panel支持先上传证书再选择证书 ([7a9eec8](https://github.com/certd/certd/commit/7a9eec88e8eddf40dba055c072b5b2b0f67c1407))
 * 部署到1panel面板支持mux模式 ([d05129e](https://github.com/certd/certd/commit/d05129ec67893b0b639003a4bca6878d128f56ad))
 * 流水线修改编辑之后，增加未保存提示 ([21620ac](https://github.com/certd/certd/commit/21620ac6bdeb57e43509156a77037fc07c44282a))
 * 修复检查全部某些情况下无效的bug，优化公共触发站点证书检查定时逻辑 ([ee53589](https://github.com/certd/certd/commit/ee535895a3166c6f9046963e28fa8f22f018b574))
 * 增加域名管理 子域名检查提醒 ([2bdf183](https://github.com/certd/certd/commit/2bdf1832da73a3728f3ac415837bc26e70531cd6))
 * 站点监控域名气泡增加端口显示 ([6ee718a](https://github.com/certd/certd/commit/6ee718a25265a9db2115343af9a1a01958f34b81))
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 ### Bug Fixes
 *  修复cn域名获取不到到期时间的问题 ([73b8e85](https://github.com/certd/certd/commit/73b8e859766097b5251fc4e5051593d686669eb2))
 * 修复某些情况下报无法修改通知的问题 ([d1a6592](https://github.com/certd/certd/commit/d1a65922d7e152d6edcf6c53b70079f16b54a0d3))
 ### Performance Improvements
 * 腾讯云CLB大区增加台北 ([6b109d1](https://github.com/certd/certd/commit/6b109d172f0c7b6ce6ec164dc196d646a65f529f))
 * 优化腾讯云CLB插件支持选择证书id ([c875971](https://github.com/certd/certd/commit/c875971b71dc6d392e56f0a7605281c40d9bb405))
 * 支持域名到期时间监控通知 ([c6628e7](https://github.com/certd/certd/commit/c6628e7311d6c43c2a784581fb25ec37b29c168d))
 * **monitor:** 支持查看监控执行记录 ([b5cc794](https://github.com/certd/certd/commit/b5cc794061c11b7200b669473c25c4bbfc944b61))
 * **plugin-dnsmgr:** 添加彩虹DNS插件支持 ([af50344](https://github.com/certd/certd/commit/af503442b8298c5b89d11cf2ea351d62e66a609e))
 * **spaceship:** 新增Spaceship DNS插件和授权模块 ([21aec77](https://github.com/certd/certd/commit/21aec77e5c3307b5973d4185baba33edcb28926f))
 ## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
 ### Bug Fixes
 * 修复某些情况下报没有匹配到任何校验方式的bug ([fe02ce7](https://github.com/certd/certd/commit/fe02ce7b64cf23c4dc4c30daccd5330059a35e9a))
 * 修复上传头像退出登录的bug ([6eb20a1](https://github.com/certd/certd/commit/6eb20a1f2e31d984d9135edbf39c97cdd15621f9))
 ### Performance Improvements
 * 阿里云CDN部署支持根据证书域名自动匹配部署 ([a68301e](https://github.com/certd/certd/commit/a68301e4dcea8b7391ad751aa57555d566297ad9))
 * 阿里云dcdn支持根据证书域名匹配模式 ([df012de](https://github.com/certd/certd/commit/df012dec90590ecba85a69ed6355cfa8382c1da3))
 * 支持部署证书到百度CCE ([a19ea74](https://github.com/certd/certd/commit/a19ea7489c01cdbf795fb51f804bd6d00389f604))
 * dcdn自动匹配部署，支持新增域名感知 ([c6a988b](https://github.com/certd/certd/commit/c6a988bc925886bd7163c1270f2b7a10a57b1c5b))
 ## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
 ### Bug Fixes
 * 修复cname校验报该授权无权限的bug ([b1eb706](https://github.com/certd/certd/commit/b1eb7069258d6ff2b128091911fa448eaffc5f33))
 ### Performance Improvements
 * 支持部署到火山云tos自定义域名证书 ([af6deb9](https://github.com/certd/certd/commit/af6deb99cd24a69a189b1fdd1df51c8f7816dcda))
 * 支持部署证书到火山引擎vod ([f91d591](https://github.com/certd/certd/commit/f91d591b03c50166d9fa352ba11c62d963869aa5))
 ## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
 ### Bug Fixes
 * 修复模版id不正确导致修改到错误的模版流水线bug ([b1ff163](https://github.com/certd/certd/commit/b1ff163a2828b205297408d5aed21cf1eff335e8))
 * 修复批量执行按钮无效的bug ([49703f0](https://github.com/certd/certd/commit/49703f08e55b303851086d9f36aca562d7999be6))
 * remote-select默认pageSize设置为50，阿里云WAF不支持pageSize100 ([285532d](https://github.com/certd/certd/commit/285532d4318b90d0d7f8154f070274c0a0ec0269))
 ### Performance Improvements
 * 火山引擎部署alb证书插件支持部署扩展证书以及删除已过期扩展证书 ([ffd2e81](https://github.com/certd/certd/commit/ffd2e8149e3a06bf3eec456ff85dbed793af9e90))
 * 企业模式下面增加个人数据迁移的引导 ([431afd6](https://github.com/certd/certd/commit/431afd618f547cecf9a29433f46d4367619e2ecf))
 * 新增阿里云证书清理插件 ([4b7eeaa](https://github.com/certd/certd/commit/4b7eeaa6e0a14d2e461c7c473a920a0966b1fe8e))
 * 优化远程数据选择框，选择数据时不刷新闪烁 ([7f6a8bc](https://github.com/certd/certd/commit/7f6a8bc87e364685defe7f039264b2de064806c5))
 * 支持复制粘贴任务步骤 ([acc2df2](https://github.com/certd/certd/commit/acc2df29def017fb8165f931b41ef95414966afc))
 ## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
 ### Bug Fixes
 * 修复修改分组报错的bug ([224db7d](https://github.com/certd/certd/commit/224db7da57dbdddf25bcac7faa0a29eb228c5a33))
 ### Performance Improvements
 * 移除passkey的counter递增校验 ([68b669d](https://github.com/certd/certd/commit/68b669d3ff3e13b931939093320ce7237bb02b1b))
 * passkey 支持Bitwarden ([29f44c6](https://github.com/certd/certd/commit/29f44c67c808bed9ff1c9d4884d39a1a62d043a7))
 * passkey登录放到下方其他登录位置 ([1413e1a](https://github.com/certd/certd/commit/1413e1aff4aabcfd471716338c210fbcfd76c8f9))
 ## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
 ### Bug Fixes
 * 修复阿里云证书订单翻页问题 ([6d43623](https://github.com/certd/certd/commit/6d43623f459a7594599e50a7ed89d67fcc775518))
 * 修复查看证书详情页面错位的bug ([7f37df4](https://github.com/certd/certd/commit/7f37df42274e657892d92e868ceac67e139f3bf2))
 * 修复选择插件页面无法滚动的bug ([d8425bc](https://github.com/certd/certd/commit/d8425bc9c5ee81bb669706c6de6bad69d7c38d8e))
 ### Performance Improvements
 * 优化passkey ([9e12412](https://github.com/certd/certd/commit/9e12412f5fa7800df1d7efaf62cd8fd5d79bb569))
 ## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
 ### Bug Fixes
 * 修复多选框只能单选的bug ([12700e1](https://github.com/certd/certd/commit/12700e1754319513ac02822ff1588d63420b964e))
 * 修复旧版1panel插件 报sslIds is not iterable的错误 ([50db6f0](https://github.com/certd/certd/commit/50db6f0765e7ec9a5698cd99540d90e188634fb1))
 ## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
 ### Bug Fixes
 * 修复当证书更新后第一次站点检查会报与主站证书过期时间不一致错误的bug ([dd999b6](https://github.com/certd/certd/commit/dd999b60a4fe3507ff5e0109d637b4e891b28bdd))
 * 修复京东云报错不准确的bug ([10dd89a](https://github.com/certd/certd/commit/10dd89ae62e438a211a15e729559af823a096583))
 * 修复群晖测试时报addSecret undefine错误 ([5eb4aa3](https://github.com/certd/certd/commit/5eb4aa3a0eab9ffa729c8e813cbf973d9683cc13))
 * 修复提示支付失败的bug ([12fed34](https://github.com/certd/certd/commit/12fed34e109f3254de664813954081a52513bd38))
 * 修复修改项目名称后，没有同步刷新的bug ([3abee72](https://github.com/certd/certd/commit/3abee72fee286864b665033b23b172ef0ea92d83))
 * cname provider授权修改为sys级别 ([d01bfbe](https://github.com/certd/certd/commit/d01bfbec96a3a2109ec864953b0c9e8c1f95b97b))
 ### Performance Improvements
 * 查看证书增加证书详情显示，包括域名，过期时间，颁发机构，指纹等 ([0b9933d](https://github.com/certd/certd/commit/0b9933df1e8d1685d14271435a8a7488974cc47b))
 * 获取阿里证书订单id组件增加翻页功能，突破50的上限 ([d79db3b](https://github.com/certd/certd/commit/d79db3bd3f0d5ad39664bb47ec3814d43ad93304))
 * 优化阿里云连接超时时长为10秒，支持配置环境变量 ([1588461](https://github.com/certd/certd/commit/1588461633bd275765daa96fc68320abb58d616d))
 * 优化个人账户页面 ([e506116](https://github.com/certd/certd/commit/e50611666ef731a903d7bdd8eb62333b97e2cc5b))
 * 支持批量转移流水线到其他项目 ([8a3841f](https://github.com/certd/certd/commit/8a3841f6382b53ce2343307fb035e74fa5383fef))
 * 支持passkey登录 ([10b7644](https://github.com/certd/certd/commit/10b7644bb7ba5f82776537bc0c4f5eb95d5f8e4e))
 * dns-provider 支持bind9 ，support bind9 ([76d12d6](https://github.com/certd/certd/commit/76d12d60624c0672fd3717a80a2cfef6845b14b8))
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 ### Bug Fixes
 * 修复企业管理模式下，切换用户登录后，丢失项目列表的bug ([d23c8b4](https://github.com/certd/certd/commit/d23c8b4a2a5f5ab17822c6ee1d4108ac7280b9d1))
 ### Performance Improvements
 * 支持迁移个人数据到企业项目中 ([c6ca832](https://github.com/certd/certd/commit/c6ca83273779ed84de1b23b5e477063af043d015))
 * install tip ([853fdc7](https://github.com/certd/certd/commit/853fdc70a263b62d75c9ff3970607e6bf1c1593b))
 # [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
 ### Bug Fixes
 * 修复部署到openwrt错误的bug ([2e3d0cc](https://github.com/certd/certd/commit/2e3d0cc57c16c48ad435bc8fde729bacaedde9f5))
 * 修复发件邮箱无法输入的bug ([27b0348](https://github.com/certd/certd/commit/27b0348e1d3d752f418f851965d6afbc26c0160c))
 * 修复复制流水线保存后丢失分组和排序号的问题 ([bc32648](https://github.com/certd/certd/commit/bc326489abc1d50a0930b4f47aa2d62d3a486798))
 * 修复获取群辉deviceid报错的bug ([79be392](https://github.com/certd/certd/commit/79be392775a2c91848dd5a66a2618adc4e4b48f6))
 * 修复京东云域名申请证书报错的bug ([d9c0130](https://github.com/certd/certd/commit/d9c0130b59997144a3c274d456635b800135e43f))
 * 修复偶尔下载证书报未授权的错误 ([316537e](https://github.com/certd/certd/commit/316537eb4dcbe5ec57784e8bf95ee3cdfd21dce7))
 * 修复dcdn多个域名同时部署时 可能会出现证书名称重复的bug ([78c2ced](https://github.com/certd/certd/commit/78c2ced43b1a73d142b0ed783b162b97f545ab06))
 * 优化dcdn部署上传多次证书 偶尔报 The CertName already exists的问题 ([72f850f](https://github.com/certd/certd/commit/72f850f675b500d12ebff2338d1b99d6fab476e1))
 * **cert-plugin:** 优化又拍云客户端错误处理逻辑，当域名已绑定证书时不再抛出异常。 ([92c9ac3](https://github.com/certd/certd/commit/92c9ac382692e6c84140ff787759ab6d39ccbe96))
 * esxi部署失败的bug ([1e44115](https://github.com/certd/certd/commit/1e441154617e6516a9a3610412bf597128c62696))
 ### Features
 * 支持企业级管理模式，项目管理，细分权限 ([3734083](https://github.com/certd/certd/commit/37340838b6a61a94b86bfa13cf5da88b26f1315a))
 ### Performance Improvements
 * 【破坏性更新】错误返回信息msg字段名统一改成message，与成功的返回结构一致 ([51ab6d6](https://github.com/certd/certd/commit/51ab6d6da1bb551b55b3a6a4a9a945c8d6ace806))
 * 当域名管理中没有域名时，创建流水线时不展开域名选择框 ([bb0afe1](https://github.com/certd/certd/commit/bb0afe1fa7b0fc52fde051d24fbe6be69d52f4cc))
 * 任务步骤页面增加串行执行提示说明 ([787f6ef](https://github.com/certd/certd/commit/787f6ef52893d8dc912ee2a7a5b8ce2b73c108c9))
 * 站点监控支持指定ip地址检查 ([83d81b6](https://github.com/certd/certd/commit/83d81b64b3adb375366039e07c87d1ad79121c13))
 * AI开发插件 skills 定义初步 ([1f68fad](https://github.com/certd/certd/commit/1f68faddb97a978c5a5e731a8895b4bb0587ad83))
 * http请求增加建立连接超时配置 ([3c85602](https://github.com/certd/certd/commit/3c85602ab1fc1953cdc06a6cd75a971d14119179))
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 ### Bug Fixes
@@ -95,7 +95,15 @@ https://certd.handfree.work/
 3. 【推荐】[1Panel面板方式部署](https://certd.docmirror.cn/guide/install/1panel/)
 4. 【推荐】[雨云一键部署](https://app.rainyun.com/apps/rca/store/6646/?ref=NzExMDQ2) ： 首充翻倍，每月仅需2.2元    
 [<img src="https://rainyun-apps.cn-nb1.rains3.com/materials/deploy-on-rainyun-cn.svg">](https://app.rainyun.com/apps/rca/store/6646/?ref=NzExMDQ2)
-5. 【不推荐】[源码方式部署 ](https://certd.docmirror.cn/guide/install/source/)
+
 5. 【推荐】[一键安装脚本](https://certd.docmirror.cn/guide/install/docker/)（自动安装 Docker，Certd）：
 ```bash
 curl -fsSL https://gitee.com/certd/certd/raw/v2/docker/run/install.sh | bash
 ```
 6. 【不推荐】[源码方式部署 ](https://certd.docmirror.cn/guide/install/source/)
 #### Docker镜像说明：
 * 国内镜像地址:
@@ -211,3 +219,4 @@ https://certd.handfree.work/
 | --------- |--------- |----------- |
 | [fast-crud](https://gitee.com/fast-crud/fast-crud/)     | <img alt="GitHub stars" src="https://img.shields.io/github/stars/fast-crud/fast-crud?logo=github"/>   | 基于vue3的crud快速开发框架                 |  
 | [dev-sidecar](https://github.com/docmirror/dev-sidecar/) | <img alt="GitHub stars" src="https://img.shields.io/github/stars/docmirror/dev-sidecar?logo=github"/> | 直连访问github工具，无需FQ，解决github无法访问的问题 |
 | [winsvc-manager](https://github.com/greper/winsvc-manager/) | <img alt="GitHub stars" src="https://img.shields.io/github/stars/greper/winsvc-manager?logo=github"/> | 可视化包装应用成为一个Windows服务，使其后台运行 |
@@ -0,0 +1,340 @@
 #!/bin/bash
 set -e
 CERTD_VERSION="${CERTD_VERSION:-latest}"
 INSTALL_DIR="${INSTALL_DIR:-/opt/certd}"
 COMPOSE_FILE_URL="https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml"
 COMPOSE_FILE="$INSTALL_DIR/docker-compose.yaml"
 DOCKER_MIRROR="https://mirrors.aliyun.com"
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 YELLOW='\033[1;33m'
 NC='\033[0m'
 log_info() {
    echo -e "${GREEN}[INFO]${NC} $1"
 }
 log_warn() {
    echo -e "${YELLOW}[WARN]${NC} $1"
 }
 log_error() {
    echo -e "${RED}[ERROR]${NC} $1"
 }
 check_command() {
    command -v "$1" >/dev/null 2>&1
 }
 get_local_ip() {
    LOCAL_IP=$(ip route get 1.1.1.1 2>/dev/null | grep -oP 'src \K[^ ]+' | head -1)
    if [ -z "$LOCAL_IP" ]; then
        LOCAL_IP=$(hostname -I 2>/dev/null | awk '{print $1}')
    fi
    if [ -z "$LOCAL_IP" ]; then
        LOCAL_IP="127.0.0.1"
    fi
    echo "$LOCAL_IP"
 }
 get_public_ip() {
    PUBLIC_IP=$(curl -s --max-time 5 https://api.ipify.org 2>/dev/null)
    if [ -z "$PUBLIC_IP" ]; then
        PUBLIC_IP=$(curl -s --max-time 5 https://checkip.amazonaws.com 2>/dev/null)
    fi
    if [ -z "$PUBLIC_IP" ]; then
        PUBLIC_IP=""
    fi
    echo "$PUBLIC_IP"
 }
 show_access_urls() {
    LOCAL_IP=$(get_local_ip)
    PUBLIC_IP=$(get_public_ip)
    echo ""
    echo "=========================================="
    log_info "安装完成!"
    echo "=========================================="
    echo ""
    echo "访问地址:"
    if [ -n "$PUBLIC_IP" ]; then
        echo -e "  ${GREEN}外网访问:${NC} http://$PUBLIC_IP:7001"
    fi
    echo -e "  ${GREEN}局域网:${NC}  http://$LOCAL_IP:7001"
    echo ""
    echo "配置文件: $COMPOSE_FILE"
    echo ""
    echo "常用命令:"
    echo "  cd $INSTALL_DIR"
    echo "  docker compose logs -f     # 查看日志"
    echo "  docker compose restart     # 重启服务"
    echo "  docker compose down        # 停止服务"
    echo ""
 }
 detect_os() {
    if [ -f /etc/os-release ]; then
        . /etc/os-release
        OS=$ID
        VER=$VERSION_ID
    elif [ -f /etc/centos-release ]; then
        OS="centos"
    elif [ -f /etc/redhat-release ]; then
        OS="rhel"
    else
        OS="unknown"
    fi
 }
 check_docker() {
    if check_command docker; then
        DOCKER_VERSION=$(docker --version 2>/dev/null | awk '{print $3}' | tr -d ',')
        log_info "Docker 已安装: $DOCKER_VERSION"
        return 0
    else
        log_warn "Docker 未安装"
        return 1
    fi
 }
 check_docker_compose() {
    if check_command docker-compose; then
        COMPOSE_VERSION=$(docker-compose --version 2>/dev/null | awk '{print $3}' | tr -d ',')
        log_info "Docker Compose 已安装: $COMPOSE_VERSION"
        return 0
    elif docker compose version >/dev/null 2>&1; then
        log_info "Docker Compose (插件版) 已安装"
        return 0
    else
        log_warn "Docker Compose 未安装"
        return 1
    fi
 }
 install_docker_ubuntu() {
    log_info "正在安装 Docker (Ubuntu/Debian)..."
    apt-get update
    apt-get install -y ca-certificates curl gnupg lsb-release
    mkdir -p /etc/apt/keyrings
    curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/${OS}/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg 2>/dev/null || \
    curl -fsSL https://download.docker.com/linux/${OS}/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
    echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://mirrors.aliyun.com/docker-ce/linux/${OS} $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
    apt-get update
    apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
    systemctl enable docker
    systemctl start docker
    log_info "Docker 安装完成"
 }
 install_docker_centos() {
    log_info "正在安装 Docker (CentOS/RHEL)..."
    yum install -y yum-utils
    yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
    yum install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
    systemctl enable docker
    systemctl start docker
    log_info "Docker 安装完成"
 }
 install_dockerrocky() {
    log_info "正在安装 Docker (Rocky Linux/AlmaLinux)..."
    dnf install -y yum-utils
    dnf config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
    dnf install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
    systemctl enable docker
    systemctl start docker
    log_info "Docker 安装完成"
 }
 install_docker_debian() {
    log_info "正在安装 Docker (Debian)..."
    apt-get update
    apt-get install -y ca-certificates curl gnupg2
    mkdir -p /etc/apt/keyrings
    curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/debian/gpg | gpg --armor -o /etc/apt/keyrings/docker.gpg 2>/dev/null || \
    curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --armor -o /etc/apt/keyrings/docker.gpg
    echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://mirrors.aliyun.com/docker-ce/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list
    apt-get update
    apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
    systemctl enable docker
    systemctl start docker
    log_info "Docker 安装完成"
 }
 install_docker() {
    detect_os
    log_info "检测到操作系统: $OS"
    case $OS in
        ubuntu)
            install_docker_ubuntu
            ;;
        debian)
            install_docker_debian
            ;;
        centos)
            install_docker_centos
            ;;
        rhel|rocky|almalinux)
            install_dockerrocky
            ;;
        *)
            log_error "不支持的操作系统: $OS"
            log_info "请手动安装 Docker"
            exit 1
            ;;
    esac
 }
 install_docker_compose_standalone() {
    log_info "正在安装 Docker Compose (独立版本)..."
    COMPOSE_URLS=(
        "https://get.daocloud.io/docker/compose/releases/download/v2.12.2/docker-compose-$(uname -s)-$(uname -m)"
        "https://mirror.sjtu.edu.cn/github/docker/compose/releases/download/v2.12.2/docker-compose-$(uname -s)-$(uname -m)"
        "https://github.com/docker/compose/releases/download/v2.12.2/docker-compose-$(uname -s)-$(uname -m)"
    )
    for url in "${COMPOSE_URLS[@]}"; do
        log_info "尝试从: $url"
        if curl -L "$url" -o /usr/local/bin/docker-compose 2>/dev/null; then
            chmod +x /usr/local/bin/docker-compose
            log_info "Docker Compose 安装完成"
            return 0
        fi
        log_warn "下载失败，尝试下一个源..."
    done
    log_error "Docker Compose 安装失败"
    return 1
 }
 install_docker_compose() {
    if check_command docker && docker compose version >/dev/null 2>&1; then
        log_info "Docker Compose 插件已可用"
        return 0
    fi
    if check_command docker-compose; then
        log_info "Docker Compose 独立版本已安装"
        return 0
    fi
    install_docker_compose_standalone
 }
 download_compose_file() {
    log_info "正在下载 docker-compose.yaml..."
    mkdir -p "$INSTALL_DIR"
    if curl -fsSL "$COMPOSE_FILE_URL" -o "$COMPOSE_FILE.tmp"; then
        mv "$COMPOSE_FILE.tmp" "$COMPOSE_FILE"
        log_info "docker-compose.yaml 已下载到 $COMPOSE_FILE"
        if [ "$CERTD_VERSION" != "latest" ]; then
            sed -i "s|certd:latest|certd:$CERTD_VERSION|g" "$COMPOSE_FILE"
            log_info "已修改镜像版本为: $CERTD_VERSION"
        fi
    else
        log_error "下载失败，请检查网络连接"
        exit 1
    fi
 }
 start_certd() {
    log_info "正在启动 Certd 容器..."
    cd "$INSTALL_DIR"
    if docker compose -f "$COMPOSE_FILE" up -d 2>/dev/null; then
        log_info "Certd 启动成功!"
    elif docker-compose -f "$COMPOSE_FILE" up -d; then
        log_info "Certd 启动成功!"
    fi
    sleep 2
    docker ps --filter "name=certd" --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}"
 }
 show_usage() {
    echo "用法: $0 [选项]"
    echo ""
    echo "选项:"
    echo "  -v, --version VERSION    指定 Certd 版本 (默认: latest)"
    echo "  -p, --path PATH          指定安装路径 (默认: /opt/certd)"
    echo "  -h, --help               显示帮助信息"
    echo ""
    echo "示例:"
    echo "  $0                      # 使用默认配置安装"
    echo "  $0 -v 1.29.0            # 安装指定版本"
    echo "  $0 -p /data/certd       # 安装到指定目录"
 }
 main() {
    echo "=========================================="
    echo "         Certd 一键安装脚本"
    echo "=========================================="
    echo ""
    while [[ $# -gt 0 ]]; do
        case $1 in
            -v|--version)
                CERTD_VERSION="$2"
                shift 2
                ;;
            -p|--path)
                INSTALL_DIR="$2"
                COMPOSE_FILE="$INSTALL_DIR/docker-compose.yaml"
                shift 2
                ;;
            -h|--help)
                show_usage
                exit 0
                ;;
            *)
                log_error "未知选项: $1"
                show_usage
                exit 1
                ;;
        esac
    done
    log_info "Certd 版本: $CERTD_VERSION"
    log_info "安装路径: $INSTALL_DIR"
    echo ""
    DOCKER_INSTALLED=true
    COMPOSE_INSTALLED=true
    if ! check_docker; then
        echo ""
        log_info "正在安装 Docker..."
        install_docker
    fi
    if ! check_docker_compose; then
        echo ""
        log_info "正在安装 Docker Compose..."
        install_docker_compose
    fi
    download_compose_file
    start_certd
    show_access_urls
 }
 main "$@"
@@ -114,6 +114,7 @@ export default defineConfig({
                        {text: "连接windows主机", link: "/guide/use/host/windows.md"},
                        {text: "Google EAB获取", link: "/guide/use/google/"},
                        {text: "阿里云相关", link: "/guide/use/aliyun/"},
                        {text: "Azure相关", link: "/guide/use/azure/dns.md"},
                        {text: "数据备份", link: "/guide/use/backup/"},
                        {text: "Certd本身的证书更新", link: "/guide/use/https/index.md"},
                        {text: "js脚本插件使用", link: "/guide/use/custom-script/index.md"},
@@ -124,6 +125,7 @@ export default defineConfig({
                        {text: "子域名托管", link: "/guide/use/cert/subdomain.md"},
                        {text: "流水线有效期", link: "/guide/use/pipeline/valid.md"},
                        {text: "IP证书申请", link: "/guide/use/cert/ip.md"},
                        {text: "企业模式", link: "/guide/use/mode/enterprise.md"},
                        {text: "插件开发", link: "/guide/use/dev/plugin.md"},
                    ]
                },
@@ -3,6 +3,173 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
 ### Bug Fixes
 * 修复创建流水线无法选择通知的bug ([a88d0a6](https://github.com/certd/certd/commit/a88d0a6ae15cb6170d0b36e21daf89f0dbd5f681))
 * 修复流水线任务编辑页面复制粘贴按钮在夜间模式显示问题 ([1e549df](https://github.com/certd/certd/commit/1e549dfd431ed74e2bcdfce63e5f640c51603af3))
 * 修复用户管理添加用户无法上传头像的bug ([557e98c](https://github.com/certd/certd/commit/557e98c33f5462167d8f6289f70dad68bb114a97))
 * 修复自定义插件删除后没有反注册的bug ([df98463](https://github.com/certd/certd/commit/df9846332596d2afaba53e66d2897aa1c598f9c4))
 * 修复spaceship创建record报错的bug ([70b46d4](https://github.com/certd/certd/commit/70b46d4a8f89cf8eded21ebb237e8c8ce6c40d30))
 ### Performance Improvements
 * 1panel支持先上传证书再选择证书 ([7a9eec8](https://github.com/certd/certd/commit/7a9eec88e8eddf40dba055c072b5b2b0f67c1407))
 * 部署到1panel面板支持mux模式 ([d05129e](https://github.com/certd/certd/commit/d05129ec67893b0b639003a4bca6878d128f56ad))
 * 流水线修改编辑之后，增加未保存提示 ([21620ac](https://github.com/certd/certd/commit/21620ac6bdeb57e43509156a77037fc07c44282a))
 * 修复检查全部某些情况下无效的bug，优化公共触发站点证书检查定时逻辑 ([ee53589](https://github.com/certd/certd/commit/ee535895a3166c6f9046963e28fa8f22f018b574))
 * 增加域名管理 子域名检查提醒 ([2bdf183](https://github.com/certd/certd/commit/2bdf1832da73a3728f3ac415837bc26e70531cd6))
 * 站点监控域名气泡增加端口显示 ([6ee718a](https://github.com/certd/certd/commit/6ee718a25265a9db2115343af9a1a01958f34b81))
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 ### Bug Fixes
 *  修复cn域名获取不到到期时间的问题 ([73b8e85](https://github.com/certd/certd/commit/73b8e859766097b5251fc4e5051593d686669eb2))
 * 修复某些情况下报无法修改通知的问题 ([d1a6592](https://github.com/certd/certd/commit/d1a65922d7e152d6edcf6c53b70079f16b54a0d3))
 ### Performance Improvements
 * 腾讯云CLB大区增加台北 ([6b109d1](https://github.com/certd/certd/commit/6b109d172f0c7b6ce6ec164dc196d646a65f529f))
 * 优化腾讯云CLB插件支持选择证书id ([c875971](https://github.com/certd/certd/commit/c875971b71dc6d392e56f0a7605281c40d9bb405))
 * 支持域名到期时间监控通知 ([c6628e7](https://github.com/certd/certd/commit/c6628e7311d6c43c2a784581fb25ec37b29c168d))
 * **monitor:** 支持查看监控执行记录 ([b5cc794](https://github.com/certd/certd/commit/b5cc794061c11b7200b669473c25c4bbfc944b61))
 * **plugin-dnsmgr:** 添加彩虹DNS插件支持 ([af50344](https://github.com/certd/certd/commit/af503442b8298c5b89d11cf2ea351d62e66a609e))
 * **spaceship:** 新增Spaceship DNS插件和授权模块 ([21aec77](https://github.com/certd/certd/commit/21aec77e5c3307b5973d4185baba33edcb28926f))
 ## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
 ### Bug Fixes
 * 修复某些情况下报没有匹配到任何校验方式的bug ([fe02ce7](https://github.com/certd/certd/commit/fe02ce7b64cf23c4dc4c30daccd5330059a35e9a))
 * 修复上传头像退出登录的bug ([6eb20a1](https://github.com/certd/certd/commit/6eb20a1f2e31d984d9135edbf39c97cdd15621f9))
 ### Performance Improvements
 * 阿里云CDN部署支持根据证书域名自动匹配部署 ([a68301e](https://github.com/certd/certd/commit/a68301e4dcea8b7391ad751aa57555d566297ad9))
 * 阿里云dcdn支持根据证书域名匹配模式 ([df012de](https://github.com/certd/certd/commit/df012dec90590ecba85a69ed6355cfa8382c1da3))
 * 支持部署证书到百度CCE ([a19ea74](https://github.com/certd/certd/commit/a19ea7489c01cdbf795fb51f804bd6d00389f604))
 * dcdn自动匹配部署，支持新增域名感知 ([c6a988b](https://github.com/certd/certd/commit/c6a988bc925886bd7163c1270f2b7a10a57b1c5b))
 ## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
 ### Bug Fixes
 * 修复cname校验报该授权无权限的bug ([b1eb706](https://github.com/certd/certd/commit/b1eb7069258d6ff2b128091911fa448eaffc5f33))
 ### Performance Improvements
 * 支持部署到火山云tos自定义域名证书 ([af6deb9](https://github.com/certd/certd/commit/af6deb99cd24a69a189b1fdd1df51c8f7816dcda))
 * 支持部署证书到火山引擎vod ([f91d591](https://github.com/certd/certd/commit/f91d591b03c50166d9fa352ba11c62d963869aa5))
 ## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
 ### Bug Fixes
 * 修复模版id不正确导致修改到错误的模版流水线bug ([b1ff163](https://github.com/certd/certd/commit/b1ff163a2828b205297408d5aed21cf1eff335e8))
 * 修复批量执行按钮无效的bug ([49703f0](https://github.com/certd/certd/commit/49703f08e55b303851086d9f36aca562d7999be6))
 * remote-select默认pageSize设置为50，阿里云WAF不支持pageSize100 ([285532d](https://github.com/certd/certd/commit/285532d4318b90d0d7f8154f070274c0a0ec0269))
 ### Performance Improvements
 * 火山引擎部署alb证书插件支持部署扩展证书以及删除已过期扩展证书 ([ffd2e81](https://github.com/certd/certd/commit/ffd2e8149e3a06bf3eec456ff85dbed793af9e90))
 * 企业模式下面增加个人数据迁移的引导 ([431afd6](https://github.com/certd/certd/commit/431afd618f547cecf9a29433f46d4367619e2ecf))
 * 新增阿里云证书清理插件 ([4b7eeaa](https://github.com/certd/certd/commit/4b7eeaa6e0a14d2e461c7c473a920a0966b1fe8e))
 * 优化远程数据选择框，选择数据时不刷新闪烁 ([7f6a8bc](https://github.com/certd/certd/commit/7f6a8bc87e364685defe7f039264b2de064806c5))
 * 支持复制粘贴任务步骤 ([acc2df2](https://github.com/certd/certd/commit/acc2df29def017fb8165f931b41ef95414966afc))
 ## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
 ### Bug Fixes
 * 修复修改分组报错的bug ([224db7d](https://github.com/certd/certd/commit/224db7da57dbdddf25bcac7faa0a29eb228c5a33))
 ### Performance Improvements
 * 移除passkey的counter递增校验 ([68b669d](https://github.com/certd/certd/commit/68b669d3ff3e13b931939093320ce7237bb02b1b))
 * passkey 支持Bitwarden ([29f44c6](https://github.com/certd/certd/commit/29f44c67c808bed9ff1c9d4884d39a1a62d043a7))
 * passkey登录放到下方其他登录位置 ([1413e1a](https://github.com/certd/certd/commit/1413e1aff4aabcfd471716338c210fbcfd76c8f9))
 ## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
 ### Bug Fixes
 * 修复阿里云证书订单翻页问题 ([6d43623](https://github.com/certd/certd/commit/6d43623f459a7594599e50a7ed89d67fcc775518))
 * 修复查看证书详情页面错位的bug ([7f37df4](https://github.com/certd/certd/commit/7f37df42274e657892d92e868ceac67e139f3bf2))
 * 修复选择插件页面无法滚动的bug ([d8425bc](https://github.com/certd/certd/commit/d8425bc9c5ee81bb669706c6de6bad69d7c38d8e))
 ### Performance Improvements
 * 优化passkey ([9e12412](https://github.com/certd/certd/commit/9e12412f5fa7800df1d7efaf62cd8fd5d79bb569))
 ## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
 ### Bug Fixes
 * 修复多选框只能单选的bug ([12700e1](https://github.com/certd/certd/commit/12700e1754319513ac02822ff1588d63420b964e))
 * 修复旧版1panel插件 报sslIds is not iterable的错误 ([50db6f0](https://github.com/certd/certd/commit/50db6f0765e7ec9a5698cd99540d90e188634fb1))
 ## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
 ### Bug Fixes
 * 修复当证书更新后第一次站点检查会报与主站证书过期时间不一致错误的bug ([dd999b6](https://github.com/certd/certd/commit/dd999b60a4fe3507ff5e0109d637b4e891b28bdd))
 * 修复京东云报错不准确的bug ([10dd89a](https://github.com/certd/certd/commit/10dd89ae62e438a211a15e729559af823a096583))
 * 修复群晖测试时报addSecret undefine错误 ([5eb4aa3](https://github.com/certd/certd/commit/5eb4aa3a0eab9ffa729c8e813cbf973d9683cc13))
 * 修复提示支付失败的bug ([12fed34](https://github.com/certd/certd/commit/12fed34e109f3254de664813954081a52513bd38))
 * 修复修改项目名称后，没有同步刷新的bug ([3abee72](https://github.com/certd/certd/commit/3abee72fee286864b665033b23b172ef0ea92d83))
 * cname provider授权修改为sys级别 ([d01bfbe](https://github.com/certd/certd/commit/d01bfbec96a3a2109ec864953b0c9e8c1f95b97b))
 ### Performance Improvements
 * 查看证书增加证书详情显示，包括域名，过期时间，颁发机构，指纹等 ([0b9933d](https://github.com/certd/certd/commit/0b9933df1e8d1685d14271435a8a7488974cc47b))
 * 获取阿里证书订单id组件增加翻页功能，突破50的上限 ([d79db3b](https://github.com/certd/certd/commit/d79db3bd3f0d5ad39664bb47ec3814d43ad93304))
 * 优化阿里云连接超时时长为10秒，支持配置环境变量 ([1588461](https://github.com/certd/certd/commit/1588461633bd275765daa96fc68320abb58d616d))
 * 优化个人账户页面 ([e506116](https://github.com/certd/certd/commit/e50611666ef731a903d7bdd8eb62333b97e2cc5b))
 * 支持批量转移流水线到其他项目 ([8a3841f](https://github.com/certd/certd/commit/8a3841f6382b53ce2343307fb035e74fa5383fef))
 * 支持passkey登录 ([10b7644](https://github.com/certd/certd/commit/10b7644bb7ba5f82776537bc0c4f5eb95d5f8e4e))
 * dns-provider 支持bind9 ，support bind9 ([76d12d6](https://github.com/certd/certd/commit/76d12d60624c0672fd3717a80a2cfef6845b14b8))
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 ### Bug Fixes
 * 修复企业管理模式下，切换用户登录后，丢失项目列表的bug ([d23c8b4](https://github.com/certd/certd/commit/d23c8b4a2a5f5ab17822c6ee1d4108ac7280b9d1))
 ### Performance Improvements
 * 支持迁移个人数据到企业项目中 ([c6ca832](https://github.com/certd/certd/commit/c6ca83273779ed84de1b23b5e477063af043d015))
 * install tip ([853fdc7](https://github.com/certd/certd/commit/853fdc70a263b62d75c9ff3970607e6bf1c1593b))
 # [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
 ### Bug Fixes
 * 修复部署到openwrt错误的bug ([2e3d0cc](https://github.com/certd/certd/commit/2e3d0cc57c16c48ad435bc8fde729bacaedde9f5))
 * 修复发件邮箱无法输入的bug ([27b0348](https://github.com/certd/certd/commit/27b0348e1d3d752f418f851965d6afbc26c0160c))
 * 修复复制流水线保存后丢失分组和排序号的问题 ([bc32648](https://github.com/certd/certd/commit/bc326489abc1d50a0930b4f47aa2d62d3a486798))
 * 修复获取群辉deviceid报错的bug ([79be392](https://github.com/certd/certd/commit/79be392775a2c91848dd5a66a2618adc4e4b48f6))
 * 修复京东云域名申请证书报错的bug ([d9c0130](https://github.com/certd/certd/commit/d9c0130b59997144a3c274d456635b800135e43f))
 * 修复偶尔下载证书报未授权的错误 ([316537e](https://github.com/certd/certd/commit/316537eb4dcbe5ec57784e8bf95ee3cdfd21dce7))
 * 修复dcdn多个域名同时部署时 可能会出现证书名称重复的bug ([78c2ced](https://github.com/certd/certd/commit/78c2ced43b1a73d142b0ed783b162b97f545ab06))
 * 优化dcdn部署上传多次证书 偶尔报 The CertName already exists的问题 ([72f850f](https://github.com/certd/certd/commit/72f850f675b500d12ebff2338d1b99d6fab476e1))
 * **cert-plugin:** 优化又拍云客户端错误处理逻辑，当域名已绑定证书时不再抛出异常。 ([92c9ac3](https://github.com/certd/certd/commit/92c9ac382692e6c84140ff787759ab6d39ccbe96))
 * esxi部署失败的bug ([1e44115](https://github.com/certd/certd/commit/1e441154617e6516a9a3610412bf597128c62696))
 ### Features
 * 支持企业级管理模式，项目管理，细分权限 ([3734083](https://github.com/certd/certd/commit/37340838b6a61a94b86bfa13cf5da88b26f1315a))
 ### Performance Improvements
 * 【破坏性更新】错误返回信息msg字段名统一改成message，与成功的返回结构一致 ([51ab6d6](https://github.com/certd/certd/commit/51ab6d6da1bb551b55b3a6a4a9a945c8d6ace806))
 * 当域名管理中没有域名时，创建流水线时不展开域名选择框 ([bb0afe1](https://github.com/certd/certd/commit/bb0afe1fa7b0fc52fde051d24fbe6be69d52f4cc))
 * 任务步骤页面增加串行执行提示说明 ([787f6ef](https://github.com/certd/certd/commit/787f6ef52893d8dc912ee2a7a5b8ce2b73c108c9))
 * 站点监控支持指定ip地址检查 ([83d81b6](https://github.com/certd/certd/commit/83d81b64b3adb375366039e07c87d1ad79121c13))
 * AI开发插件 skills 定义初步 ([1f68fad](https://github.com/certd/certd/commit/1f68faddb97a978c5a5e731a8895b4bb0587ad83))
 * http请求增加建立连接超时配置 ([3c85602](https://github.com/certd/certd/commit/3c85602ab1fc1953cdc06a6cd75a971d14119179))
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 ### Bug Fixes
@@ -16,7 +16,6 @@ https://1panel.cn/docs/installation/online_installation/
   ![](./images/store-1.png)
   ![](./images/store-2.png)
 #### 1.2 访问测试：
@@ -40,6 +39,9 @@ admin/123456
 1. 打开`docker-compose.yaml`，整个内容复制下来    
   https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
 ::: tip
 默认使用SQLite数据库，如果需要使用MySQL、PostgreSQL数据库，请参考[多数据库支持](../database.md)
 :::
 2. 然后到 `1Panel->容器->编排->新建编排`
   输入名称，粘贴`docker-compose.yaml`原文内容
@@ -49,7 +51,10 @@ admin/123456
   ![](./images/2.png)
 > 默认使用sqlite数据库，数据保存在`/data/certd`目录下，您可以手动备份该目录   
-> certd还支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../database)
+
 #### 2.2 访问测试
@@ -30,7 +30,9 @@
 点击确定，等待启动完成
 ![](./images/2.png)
-> certd默认使用sqlite数据库，另外支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../database)
+::: tip
 默认安装使用SQLite数据库，如果需要使用MySQL、PostgreSQL数据库，请参考[多数据库支持](../database.md)
 :::
 ## 二、访问应用
@@ -2,7 +2,23 @@
 ## 一、安装
-### 1. 环境准备
+### 一键脚本安装（推荐）
 如果您的服务器未安装 Docker，该脚本会自动为您安装 Docker 和 Docker Compose，并启动 Certd 容器。
 ```bash
 curl -fsSL https://gitee.com/certd/certd/raw/v2/docker/run/install.sh | bash
 ```
 > 支持 Ubuntu、Debian、CentOS、Rocky Linux、AlmaLinux 等主流发行版。    
 > docker-compose文件目录：`/opt/certd` ，升级时需要先进入此目录
 > 运行时数据默认保存路径：`/data/certd` ，可使用参数指定：`-p /data/certd` 
 ###  手动安装
 #### 1. 环境准备
 1.1  准备一台云服务器
@@ -19,9 +35,9 @@ https://docs.docker.com/engine/install/
 ```bash
 # 随便创建一个目录
-mkdir certd
+mkdir /opt/certd
 # 进入目录
-cd certd
+cd /opt/certd
 # 下载docker-compose.yaml文件，或者手动下载放到certd目录下
 wget https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
@@ -42,8 +58,9 @@ docker compose up -d
 > 如果提示 没有docker compose命令,请安装docker-compose   
 > https://docs.docker.com/compose/install/linux/   
-> certd默认使用sqlite数据库，另外还支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../database)
+::: tip
-
+默认安装使用SQLite数据库，如果需要使用MySQL、PostgreSQL数据库，请参考[多数据库支持](../database.md)
 :::
 ### 3. 访问测试
@@ -53,12 +70,12 @@ https://your_server_ip:7002
 记得修改密码  
-## 二、升级
+## 二、升级Certd
 ::: warning   
 如果您是第一次升级certd版本，切记切记先备份一下数据    
 ```
-# docker-compose.yaml配置
+# 查看/opt/certd/docker-compose.yaml配置
 - /data/certd:/app/data   # 请务必确保 /app/data 这个路径没有改动，固定写死
 ```
 :::
@@ -70,6 +87,7 @@ https://your_server_ip:7002
 ### 如果使用`latest`版本
 ```shell
 cd /opt/certd
 #重新拉取镜像
 docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
 # 重新启动容器
@@ -20,58 +20,64 @@
 | 16.| **APISIX授权** |  | 
 | 17.| **亚马逊云aws授权** |  | 
 | 18.| **亚马逊云科技（国区）授权** |  | 
-| 19.| **CacheFly** | CacheFly | 
+| 19.| **BIND9 DNS 授权** | 通过 SSH 连接到 BIND9 服务器，使用 nsupdate 命令管理 DNS 记录 | 
-| 20.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
+| 20.| **CacheFly** | CacheFly | 
-| 21.| **google cloud** | 谷歌云授权 | 
+| 21.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
-| 22.| **cloudflare授权** |  | 
+| 22.| **google cloud** | 谷歌云授权 | 
-| 23.| **中国移动CND授权** |  | 
+| 23.| **cloudflare授权** |  | 
-| 24.| **授权插件示例** | 这是一个示例授权插件，用于演示如何实现一个授权插件 | 
+| 24.| **中国移动CND授权** |  | 
-| 25.| **dns.la授权** |  | 
+| 25.| **授权插件示例** | 这是一个示例授权插件，用于演示如何实现一个授权插件 | 
-| 26.| **多吉云** |  | 
+| 26.| **dns.la授权** |  | 
-| 27.| **Dokploy授权** |  | 
+| 27.| **彩虹DNS** | 彩虹DNS管理系统授权 | 
-| 28.| **farcdn授权** |  | 
+| 28.| **多吉云** |  | 
-| 29.| **FlexCDN授权** |  | 
+| 29.| **Dokploy授权** |  | 
-| 30.| **Gcore** | Gcore | 
+| 30.| **farcdn授权** |  | 
-| 31.| **Github授权** |  | 
+| 31.| **FlexCDN授权** |  | 
-| 32.| **godaddy授权** |  | 
+| 32.| **Gcore** | Gcore | 
-| 33.| **金山云授权** |  | 
+| 33.| **Github授权** |  | 
-| 34.| **FTP授权** |  | 
+| 34.| **godaddy授权** |  | 
-| 35.| **七牛OSS授权** |  | 
+| 35.| **HiPM DNSMgr** | HiPM DNSMgr API Token 授权 | 
-| 36.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
+| 36.| **金山云授权** |  | 
-| 37.| **s3/minio授权** | S3/minio oss授权 | 
+| 37.| **FTP授权** |  | 
-| 38.| **namesilo授权** |  | 
+| 38.| **七牛OSS授权** |  | 
-| 39.| **Next Terminal 授权** | 用于访问 Next Terminal API 的授权配置 | 
+| 39.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
-| 40.| **1panel授权** | 账号和密码 | 
+| 40.| **s3/minio授权** | S3/minio oss授权 | 
-| 41.| **支付宝** |  | 
+| 41.| **namesilo授权** |  | 
-| 42.| **白山云授权** |  | 
+| 42.| **Next Terminal 授权** | 用于访问 Next Terminal API 的授权配置 | 
-| 43.| **宝塔云WAF授权** | 用于连接和管理宝塔云WAF服务的授权配置 | 
+| 43.| **Nginx Proxy Manager 授权** | 用于登录 Nginx Proxy Manager，并为代理主机证书部署提供授权。 | 
-| 44.| **cdnfly授权** |  | 
+| 44.| **1panel授权** | 账号和密码 | 
-| 45.| **k8s授权** |  | 
+| 45.| **支付宝** |  | 
-| 46.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 46.| **白山云授权** |  | 
-| 47.| **LeCDN授权** |  | 
+| 47.| **宝塔云WAF授权** | 用于连接和管理宝塔云WAF服务的授权配置 | 
-| 48.| **lucky** |  | 
+| 48.| **cdnfly授权** |  | 
-| 49.| **猫云授权** |  | 
+| 49.| **k8s授权** |  | 
-| 50.| **plesk授权** |  | 
+| 50.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
-| 51.| **长亭雷池授权** |  | 
+| 51.| **LeCDN授权** |  | 
-| 52.| **群晖登录授权** |  | 
+| 52.| **lucky** |  | 
-| 53.| **uniCloud** | unicloud授权 | 
+| 53.| **猫云授权** |  | 
-| 54.| **微信支付** |  | 
+| 54.| **plesk授权** |  | 
-| 55.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
+| 55.| **长亭雷池授权** |  | 
-| 56.| **易发云短信** | sms.yfyidc.cn/ | 
+| 56.| **群晖登录授权** |  | 
-| 57.| **易盾DCDN授权** | https://user.yiduncdn.com | 
+| 57.| **uniCloud** | unicloud授权 | 
-| 58.| **易支付** |  | 
+| 58.| **微信支付** |  | 
-| 59.| **proxmox** |  | 
+| 59.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
-| 60.| **UCloud授权** | 优刻得授权 | 
+| 60.| **易发云短信** | sms.yfyidc.cn/ | 
-| 61.| **又拍云** |  | 
+| 61.| **易盾DCDN授权** | https://user.yiduncdn.com | 
-| 62.| **网宿授权** |  | 
+| 62.| **易支付** |  | 
-| 63.| **西部数码授权** |  | 
+| 63.| **proxmox** |  | 
-| 64.| **我爱云授权** | 我爱云CDN | 
+| 64.| **Spaceship.com 授权** | Spaceship.com API 授权插件 | 
-| 65.| **新网授权（代理方式）** |  | 
+| 65.| **Technitium DNS Server** | Technitium DNS Server 自建DNS服务器授权 | 
-| 66.| **新网授权** |  | 
+| 66.| **UCloud授权** | 优刻得授权 | 
-| 67.| **新网互联授权** | 仅支持代理账号，ip需要加入白名单 | 
+| 67.| **又拍云** |  | 
-| 68.| **Zenlayer授权** | Zenlayer授权 | 
+| 68.| **网宿授权** |  | 
-| 69.| **GoEdge授权** |  | 
+| 69.| **西部数码授权** |  | 
-| 70.| **雨云授权** | https://app.rainyun.com/ | 
+| 70.| **我爱云授权** | 我爱云CDN | 
 | 71.| **新网授权（代理方式）** |  | 
 | 72.| **新网授权** |  | 
 | 73.| **新网互联授权** | 仅支持代理账号，ip需要加入白名单 | 
 | 74.| **Zenlayer授权** | Zenlayer授权 | 
 | 75.| **GoEdge授权** |  | 
 | 76.| **雨云授权** | https://app.rainyun.com/ | 
 <style module>
 table th:first-of-type {
@@ -1,5 +1,5 @@
 # 任务插件
-共 `125` 款任务插件    
+共 `130` 款任务插件    
 ## 1. 证书申请
 | 序号 | 名称 | 说明 |
@@ -58,45 +58,47 @@
 | 3.| **Dokploy-部署server证书** | 自动更新Dokploy server证书 | 
 | 4.| **飞牛NAS-部署证书** |  | 
 | 5.| **NextTerminal-更新证书** | 更新 Next Terminal 证书 | 
-| 6.| **1Panel-部署面板证书** | 更新1Panel的面板证书 | 
+| 6.| **Nginx Proxy Manager-部署到主机** | 上传自定义证书到 Nginx Proxy Manager，并绑定到所选主机。 | 
-| 7.| **1Panel-更新站点证书** | 更新1Panel的站点证书 | 
+| 7.| **1Panel-部署面板证书** | 更新1Panel的面板证书 | 
-| 8.| **宝塔-删除过期证书** | 删除证书夹中过期证书 | 
+| 8.| **1Panel-更新站点证书** | 更新1Panel的站点证书 | 
-| 9.| **宝塔-WAF证书部署** | 部署宝塔云WAF/aaWAF | 
+| 9.| **宝塔-删除过期证书** | 删除证书夹中过期证书 | 
-| 10.| **宝塔-面板证书部署** | 部署宝塔面板本身的ssl证书 | 
+| 10.| **宝塔-WAF证书部署** | 部署宝塔云WAF/aaWAF | 
-| 11.| **宝塔win-网站证书部署** | 部署到Windows版宝塔管理的站点的ssl证书 | 
+| 11.| **宝塔-面板证书部署** | 部署宝塔面板本身的ssl证书 | 
-| 12.| **宝塔-网站证书部署** | 部署宝塔管理的站点的ssl证书，目前支持宝塔网站站点、docker站点等。本插件也支持aaPanel。 | 
+| 12.| **宝塔win-网站证书部署** | 部署到Windows版宝塔管理的站点的ssl证书 | 
-| 13.| **K8S-Apply自定义yaml** | apply自定义yaml到k8s | 
+| 13.| **宝塔-网站证书部署** | 部署宝塔管理的站点的ssl证书，目前支持宝塔网站站点、docker站点等。本插件也支持aaPanel。 | 
-| 14.| **K8S-Ingress 证书部署** | 部署证书到k8s的Ingress | 
+| 14.| **K8S-Apply自定义yaml** | apply自定义yaml到k8s | 
-| 15.| **K8S-部署证书到Secret** | 部署证书到k8s的secret | 
+| 15.| **K8S-Ingress 证书部署** | 部署证书到k8s的Ingress | 
-| 16.| **lucky-更新Lucky证书** |  | 
+| 16.| **K8S-部署证书到Secret** | 部署证书到k8s的secret | 
-| 17.| **Plesk-部署Plesk网站证书** |  | 
+| 17.| **lucky-更新Lucky证书** |  | 
-| 18.| **Plesk-更新证书** | 不会创建新证书记录，直接更新旧的证书 | 
+| 18.| **Plesk-部署Plesk网站证书** |  | 
-| 19.| **雷池-更新证书（支持控制台和防护应用）** | 更新长亭雷池WAF的证书，支持更新控制台和防护应用的证书。 | 
+| 19.| **Plesk-更新证书** | 不会创建新证书记录，直接更新旧的证书 | 
-| 20.| **群晖-部署证书到群晖面板** | Synology，支持6.x以上版本 | 
+| 20.| **雷池-更新证书（支持控制台和防护应用）** | 更新长亭雷池WAF的证书，支持更新控制台和防护应用的证书。 | 
-| 21.| **群晖-刷新OTP登录有效期** | 群晖登录状态可能30天失效，需要在失效之前登录一次，刷新有效期，您可以将其放在“部署到群晖面板”任务之后 | 
+| 21.| **群晖-部署证书到群晖面板** | Synology，支持6.x以上版本 | 
-| 22.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
+| 22.| **群晖-刷新OTP登录有效期** | 群晖登录状态可能30天失效，需要在失效之前登录一次，刷新有效期，您可以将其放在“部署到群晖面板”任务之后 | 
-| 23.| **Proxmox-上传证书到Proxmox** |  | 
+| 23.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
-| 24.| **威联通-部署证书到威联通** | 部署证书到qnap | 
+| 24.| **Proxmox-上传证书到Proxmox** |  | 
 | 25.| **威联通-部署证书到威联通** | 部署证书到qnap | 
 ## 5. 阿里云
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **阿里云-部署到Ack** | 部署到阿里云Ack集群Ingress等通过Secret管理证书的应用 | 
+| 1.| **阿里云-删除即将过期证书** | 仅删除未使用的证书 | 
-| 2.| **阿里云-部署至ALB（应用负载均衡）** | ALB,更新监听器的默认证书 | 
+| 2.| **阿里云-部署到Ack** | 部署到阿里云Ack集群Ingress等通过Secret管理证书的应用 | 
-| 3.| **阿里云-部署至任意云资源** | 【不建议使用】需要消耗阿里云自动部署次数，支持SLB、LIVE、webHosting、VOD、CR、DCDN、DDoS、CDN、ALB、APIGateway、FC、GA、MSE、NLB、OSS、SAE、WAF等云产品 | 
+| 3.| **阿里云-部署至ALB（应用负载均衡）** | ALB,更新监听器的默认证书 | 
-| 4.| **阿里云-部署至云原生API网关/AI网关** | 自动部署域名证书至云原生API网关、AI网关 | 
+| 4.| **阿里云-部署至任意云资源** | 【不建议使用】需要消耗阿里云自动部署次数，支持SLB、LIVE、webHosting、VOD、CR、DCDN、DDoS、CDN、ALB、APIGateway、FC、GA、MSE、NLB、OSS、SAE、WAF等云产品 | 
-| 5.| **阿里云-部署证书至API网关** | 自动部署域名证书至阿里云API网关（APIGateway） | 
+| 5.| **阿里云-部署至云原生API网关/AI网关** | 自动部署域名证书至云原生API网关、AI网关 | 
-| 6.| **阿里云-部署证书至CDN** | 自动部署域名证书至阿里云CDN | 
+| 6.| **阿里云-部署证书至API网关** | 自动部署域名证书至阿里云API网关（APIGateway） | 
-| 7.| **阿里云-部署证书至DCDN** | 依赖证书申请前置任务，自动部署域名证书至阿里云DCDN | 
+| 7.| **阿里云-部署证书至CDN** | 自动部署域名证书至阿里云CDN | 
-| 8.| **阿里云-部署至ESA** | 部署证书到阿里云ESA(边缘安全加速)，自动删除过期证书 | 
+| 8.| **阿里云-部署证书至DCDN** | 依赖证书申请前置任务，自动部署域名证书至阿里云DCDN | 
-| 9.| **阿里云-部署至阿里云FC(3.0)** | 部署证书到阿里云函数计算（FC3.0） | 
+| 9.| **阿里云-部署至ESA** | 部署证书到阿里云ESA(边缘安全加速)，自动删除过期证书 | 
-| 10.| **阿里云-部署至GA** | 部署证书到阿里云GA(全球加速)，支持更新默认证书和扩展证书 | 
+| 10.| **阿里云-部署至阿里云FC(3.0)** | 部署证书到阿里云函数计算（FC3.0） | 
-| 11.| **阿里云-部署至NLB（网络负载均衡）** | NLB,网络负载均衡,更新监听器的默认证书 | 
+| 11.| **阿里云-部署至GA** | 部署证书到阿里云GA(全球加速)，支持更新默认证书和扩展证书 | 
-| 12.| **阿里云-部署证书至OSS** | 部署域名证书至阿里云OSS自定义域名，不是上传到阿里云oss | 
+| 12.| **阿里云-部署至NLB（网络负载均衡）** | NLB,网络负载均衡,更新监听器的默认证书 | 
-| 13.| **阿里云-部署至CLB(传统负载均衡)** | 部署证书到阿里云CLB(传统负载均衡) | 
+| 13.| **阿里云-部署证书至OSS** | 部署域名证书至阿里云OSS自定义域名，不是上传到阿里云oss | 
-| 14.| **阿里云-部署至VOD** | 部署证书到阿里云视频点播（vod） | 
+| 14.| **阿里云-部署至CLB(传统负载均衡)** | 部署证书到阿里云CLB(传统负载均衡) | 
-| 15.| **阿里云-部署至阿里云WAF** | 部署证书到阿里云WAF | 
+| 15.| **阿里云-部署至VOD** | 部署证书到阿里云视频点播（vod） | 
-| 16.| **阿里云-上传证书到CAS** | 上传证书到阿里云证书管理服务（CAS），如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
+| 16.| **阿里云-部署至阿里云WAF** | 部署证书到阿里云WAF | 
 | 17.| **阿里云-上传证书到CAS** | 上传证书到阿里云证书管理服务（CAS），如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
 ## 6. 华为云
 | 序号 | 名称 | 说明 |
@@ -112,9 +114,9 @@
 | 1.| **腾讯云-删除即将过期证书** | 仅删除未使用的证书 | 
 | 2.| **腾讯云-部署证书到任意云资源** | 支持负载均衡、CDN、DDoS、直播、点播、Web应用防火墙、API网关、TEO、容器服务、对象存储、轻应用服务器、云原生微服务、云开发 | 
 | 3.| **腾讯云-部署到CDN（废弃）** | 已废弃，请使用v2版 | 
-| 4.| **腾讯云-部署到CDN-v2** | 推荐使用 | 
+| 4.| **腾讯云-部署到CDN-v2** | 推荐使用，支持CDN域名以及COS加速域名 | 
 | 5.| **腾讯云-部署到CLB** | 暂时只支持单向认证证书，暂时只支持通用负载均衡 | 
-| 6.| **腾讯云-部署证书到COS** | 部署到腾讯云COS源站域名证书【注意：很不稳定，需要重试很多次偶尔才能成功一次】 | 
+| 6.| **腾讯云-部署证书到COS** | 部署到腾讯云COS源站域名证书，注意是源站域名，加速域名请使用腾讯云CDN v2插件【注意：很不稳定，需要重试很多次偶尔才能成功一次】 | 
 | 7.| **腾讯云-部署到腾讯云EO** | 腾讯云边缘安全加速平台EdgeOne(EO) | 
 | 8.| **腾讯云-部署到腾讯云直播** | https://console.cloud.tencent.com/live/ | 
 | 9.| **腾讯云-部署到TKE** | 修改TKE集群密钥配置，支持Opaque和TLS证书类型。注意： 1. serverless集群请使用K8S部署插件； 2. Opaque类型需要【上传到腾讯云】作为前置任务； 3. ApiServer需要开通公网访问（或者certd可访问），实际上底层仍然是通过KubeClient进行部署 | 
@@ -130,8 +132,9 @@
 | 3.| **火山引擎-部署证书至CLB** | 部署至火山引擎负载均衡 | 
 | 4.| **火山引擎-部署证书至DCDN** | 部署至火山引擎全站加速 | 
 | 5.| **火山引擎-部署证书至Live** | 部署至火山引擎视频直播 | 
-| 6.| **火山引擎-部署证书至VOD** | 部署至火山引擎视频点播(暂不可用) | 
+| 6.| **火山引擎-部署证书至TOS自定义域名** | 仅限TOS自定义域名，加速域名请选择火山引擎的CDN插件 | 
-| 7.| **火山引擎-上传证书至证书中心** | 上传证书至火山引擎证书中心 | 
+| 7.| **火山引擎-部署证书至VOD** | 部署至火山引擎视频点播 | 
 | 8.| **火山引擎-上传证书至证书中心** | 上传证书至火山引擎证书中心 | 
 ## 9. 京东云
 | 序号 | 名称 | 说明 |
@@ -153,8 +156,9 @@
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **百度云-部署证书到负载均衡** | 部署到百度云负载均衡，包括BLB、APPBLB | 
-| 2.| **百度云-部署证书到CDN** | 部署到百度云CDN | 
+| 2.| **百度云-部署到CCE** | 部署到百度云CCE集群Ingress等通过Secret管理证书的应用 | 
-| 3.| **百度云-上传到证书托管** | 上传证书到百度云证书托管中心 | 
+| 3.| **百度云-部署证书到CDN** | 部署到百度云CDN | 
 | 4.| **百度云-上传到证书托管** | 上传证书到百度云证书托管中心 | 
 ## 12. 七牛云
 | 序号 | 名称 | 说明 |
@@ -9,18 +9,23 @@
 | 5.| **京东云** | 京东云DNS解析提供商 | 
 | 6.| **新网(代理方式)** | 新网域名解析(代理方式) | 
 | 7.| **新网** | 新网域名解析 | 
-| 8.| **cloudflare** | cloudflare dns provider | 
+| 8.| **BIND9 DNS** | 通过 SSH 连接到 BIND9 服务器，使用 nsupdate 命令管理 DNS 记录 | 
-| 9.| **dns.la** | dns.la | 
+| 9.| **cloudflare** | cloudflare dns provider | 
-| 10.| **godaddy** | GoDaddy | 
+| 10.| **dns.la** | dns.la | 
-| 11.| **华为云** | 华为云DNS解析提供商 | 
+| 11.| **godaddy** | GoDaddy | 
-| 12.| **namesilo** | namesilo dns provider | 
+| 12.| **HiPM DNSMgr** | HiPM DNSMgr DNS 解析提供商 | 
-| 13.| **雨云** | 雨云DNS解析提供商 | 
+| 13.| **华为云** | 华为云DNS解析提供商 | 
-| 14.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
+| 14.| **namesilo** | namesilo dns provider | 
-| 15.| **腾讯云EO DNS** | 腾讯云EO DNS解析提供者 | 
+| 15.| **雨云** | 雨云DNS解析提供商 | 
-| 16.| **西部数码** | west dns provider | 
+| 16.| **Technitium DNS Server** | Technitium DNS Server 自建DNS服务器 | 
-| 17.| **Dns提供商Demo** | dns provider示例 | 
+| 17.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
-| 18.| **51dns** | 51DNS | 
+| 18.| **腾讯云EO DNS** | 腾讯云EO DNS解析提供者 | 
-| 19.| **新网互联** | 新网互联 | 
+| 19.| **西部数码** | west dns provider | 
 | 20.| **Dns提供商Demo** | dns provider示例 | 
 | 21.| **彩虹DNS** | 彩虹DNS管理系统 | 
 | 22.| **Spaceship** | Spaceship 域名解析 | 
 | 23.| **51dns** | 51DNS | 
 | 24.| **新网互联** | 新网互联 | 
 <style module>
 table th:first-of-type {
@@ -28,6 +28,11 @@ https://certd.handsfree.work/
 2. [Docker方式部署](./install/docker/)
 3. [源码方式部署](./install/source/)
 ::: tip
 默认安装使用SQLite数据库，如果需要使用MySQL、PostgreSQL数据库，请参考[多数据库支持](./install/database.md)
 :::
 ### 2. 访问测试
@@ -0,0 +1,28 @@
 # Azure 配置
 ## Access授权配置
 1. 登录 Azure 并创建一个资源组 【可选，如果已经有了可以不用创建】
 2. 创建一个应用程序
 Microsoft Entra ID - 》 应用注册 - 》 新注册
 ![](./images/access-1.png)
 ![](./images/access-2.png)
 3. 配置授权
 ![](./images/access-3.png)
 4. 点击测试
 ## Azure DNS 配置
 1. 创建一个 DNS 区域(就是一个域名)
 ![](./images/dns-1.png)
 ![](./images/dns-2.png)
 2. 为这个域名和上面创建的授权应用分配角色
 ![](./images/dns-3.png)
 ![](./images/dns-4.png)
 ![](./images/dns-5.png)
 3. 然后就可以给dns区域去申请证书了
@@ -26,16 +26,20 @@ Created an external account key
 [b64MacKey: xxxxxxxxxxxxxxxx
 keyId: xxxxxxxxxxxxx]
 ```
 ![](./images/google-eab.png)
 3. 到Certd中，创建一条EAB授权记录，填写keyId(=kid) 和 b64MacKey 信息    
   注意：keyId没有`]`结尾，不要把`]`也复制了   
-注意：EAB授权使用过一次之后，会绑定邮箱，后续再次使用时，要使用相同的邮箱    
+注意：EAB授权使用过一次之后，会绑定邮箱，后续再次使用时，要使用相同的邮箱，所以邮箱切记不要修改    
 否则会报错 `Unknown external account binding (EAB) key. This may be due to the EAB key expiring which occurs 7 days after creation`
-### 2.2 通过服务账号获取EAB
+4. 创建证书流水线，选择证书提供商为google，选择EAB授权，运行流水线申请证书
-此方式可以自动EAB，需要配置代理
+
 ### 2.2 通过google服务账号接口获取授权
 此方式可以自动获取EAB，需要服务端配置代理
 1. 创建服务账号    
 https://console.cloud.google.com/projectselector2/iam-admin/serviceaccounts/create?walkthrough_id=iam--create-service-account&hl=zh-cn#step_index=1
@@ -48,9 +52,7 @@ https://console.cloud.google.com/projectselector2/iam-admin/serviceaccounts/crea
 7. 点击`添加密钥`->`创建新密钥`->`JSON`，下载密钥文件
 8. 将json文件内容粘贴到 certd中 Google服务授权输入框中
 9. 创建证书流水线，选择证书提供商为google， 选择服务账号授权，运行流水线申请证书
 ## 3、 创建证书流水线
 选择证书提供商为google， 选择EAB授权 或 服务账号授权
 ## 4、 其他就跟正常申请证书一样了
@@ -0,0 +1,40 @@
 # 企业模式（项目管理）
 ## 模式简介
 Certd支持两种管理模式，`SaaS模式（默认）`和`企业模式`。
 ![](../../../../packages/ui/certd-client/public/static/images/ent/admin_mode.png)
 ## SaaS模式
 * 默认的模式，每个用户管理自己的流水线和授权资源，每个用户独立使用。    
 * Certd系统作为SaaS提供证书自动申请部署服务，您的客户注册即可使用，无需自己部署
 ## 企业模式
 * 通过项目合作管理流水线证书和授权资源，所有用户视为企业内部员工。
 * 当你想在企业内部使用，企业内部有多个项目，各个项目成员共同管理项目资源和证书时可以启用此模式
 * 需要在"系统设置->管理模式"中开启`企业模式`
 ![](./images/admin_mode.jpg)
 ::: warning
 * 建议在开始使用时固定一个合适的模式，之后就不要随意切换了。
 * 商业版不能使用企业模式，因为商业版提供功能价值在于SaaS服务，与企业模式冲突   
 :::
 ###  数据迁移
 模式之间数据不互通，您可以通过个人数据迁移功能将数据转到项目之下
 ####  个人数据迁移到项目
 注意：此操作不可逆，请谨慎操作
 ![](./images/transfer.jpg)
 ####  流水线数据转到其他项目
 项目之间流水线数据可以转移，依赖的授权数据会同步复制一份   
 ![](./images/move.png)
@@ -9,5 +9,5 @@
    }
  },
  "npmClient": "pnpm",
-  "version": "1.38.12"
+  "version": "1.39.10"
 }
@@ -37,6 +37,7 @@
    "docs:preview": "vitepress preview docs",
    "pub": "echo 1",
    "dev": "pnpm run -r --parallel  compile ",
    "pub_all":"pnpm run -r --parallel pub ",
    "release": "time /t >trigger/release.trigger && git add trigger/release.trigger && git commit -m \"build: release\" && git push",
    "publish_to_atomgit": "node --experimental-json-modules ./scripts/publish-atomgit.js",
    "publish_to_gitee": "node --experimental-json-modules ./scripts/publish-gitee.js",
@@ -3,6 +3,52 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.10](https://github.com/publishlab/node-acme-client/compare/v1.39.9...v1.39.10) (2026-04-11)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.39.9](https://github.com/publishlab/node-acme-client/compare/v1.39.8...v1.39.9) (2026-04-05)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.39.8](https://github.com/publishlab/node-acme-client/compare/v1.39.7...v1.39.8) (2026-03-31)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.39.7](https://github.com/publishlab/node-acme-client/compare/v1.39.6...v1.39.7) (2026-03-25)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.39.6](https://github.com/publishlab/node-acme-client/compare/v1.39.5...v1.39.6) (2026-03-22)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.39.5](https://github.com/publishlab/node-acme-client/compare/v1.39.4...v1.39.5) (2026-03-18)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.39.4](https://github.com/publishlab/node-acme-client/compare/v1.39.3...v1.39.4) (2026-03-17)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.39.3](https://github.com/publishlab/node-acme-client/compare/v1.39.2...v1.39.3) (2026-03-17)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.39.2](https://github.com/publishlab/node-acme-client/compare/v1.39.1...v1.39.2) (2026-03-16)
 ### Bug Fixes
 * 修复京东云报错不准确的bug ([10dd89a](https://github.com/publishlab/node-acme-client/commit/10dd89ae62e438a211a15e729559af823a096583))
 ## [1.39.1](https://github.com/publishlab/node-acme-client/compare/v1.39.0...v1.39.1) (2026-03-09)
 **Note:** Version bump only for package @certd/acme-client
 # [1.39.0](https://github.com/publishlab/node-acme-client/compare/v1.38.12...v1.39.0) (2026-03-07)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.38.12](https://github.com/publishlab/node-acme-client/compare/v1.38.11...v1.38.12) (2026-02-18)
 **Note:** Version bump only for package @certd/acme-client
@@ -3,7 +3,7 @@
    "description": "Simple and unopinionated ACME client",
    "private": false,
    "author": "nmorsman",
-    "version": "1.38.12",
+    "version": "1.39.10",
    "type": "module",
    "module": "scr/index.js",
    "main": "src/index.js",
@@ -18,7 +18,7 @@
        "types"
    ],
    "dependencies": {
-        "@certd/basic": "^1.38.12",
+        "@certd/basic": "^1.39.10",
        "@peculiar/x509": "^1.11.0",
        "asn1js": "^3.0.5",
        "axios": "^1.9.0",
@@ -70,5 +70,5 @@
    "bugs": {
        "url": "https://github.com/publishlab/node-acme-client/issues"
    },
-    "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+    "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
 }
@@ -21,7 +21,8 @@ const defaultOpts = {
    },
    challengeRemoveFn: async () => {
        throw new Error("Missing challengeRemoveFn()");
-    }
+    },
    waitDnsDiffuseTime: 30,
 };
 /**
@@ -174,7 +175,7 @@ export default async (client, userOpts) => {
        } catch (e) {
-            log(`[auto] [${d}] challengeCreateFn threw error: ${e.message}`);
+            log(`[auto] [${d}] challengeCreateFn threw error: ${e.message || e}`);
            await deactivateAuth(e);
            throw e;
        }
@@ -577,7 +577,7 @@ class AcmeClient {
        const verifyFn = async (abort) => {
            if (this.opts.signal && this.opts.signal.aborted) {
-                abort();
+                abort(true);
                throw new CancelError('用户取消');
            }
@@ -588,7 +588,8 @@ class AcmeClient {
            if (invalidStates.includes(resp.data.status)) {
                abort();
-                throw new Error(util.formatResponseError(resp));
+                this.log(`[${d}] : 检查状态 = ${resp.data.status} ： ${JSON.stringify(resp.data)}`);
                throw new Error("校验失败：" + util.formatResponseError(resp));
            }
            else if (pendingStates.includes(resp.data.status)) {
                throw new Error(`[${d}] Operation is pending or processing（当前仍然在等待状态）`);
@@ -50,15 +50,18 @@ class Backoff {
 async function retryPromise(fn, attempts, backoff, logger = log) {
    let aborted = false;
    let abortedFromUser = false;
    try {
-        const setAbort = () => { aborted = true; }
+        const setAbort = (fromUser = false) => { aborted = true; abortedFromUser = fromUser; }
        const data = await fn(setAbort);
        return data;
    }
    catch (e) {
        if (aborted){
            if (abortedFromUser){
                logger(`用户取消重试`);
            }
            throw e;
        }
        if ( ((backoff.attempts + 1) >= attempts)) {
@@ -249,7 +252,7 @@ async function resolveDomainBySoaRecord(recordName, logger = log) {
 async function getAuthoritativeDnsResolver(recordName, logger = log) {
    logger(`获取域名${recordName}的权威NS服务器: `);
-    const resolver = new dns.Resolver();
+    const resolver = new dns.Resolver({ timeout: 10000,maxTimeout: 60000 });
    try {
        /* Resolve root domain by SOA */
@@ -92,7 +92,6 @@ async function walkDnsChallengeRecord(recordName, resolver = dns,deep = 0) {
    try {
        log(`检查域名 ${recordName} 的TXT记录`);
        const txtRecords = await resolver.resolveTxt(recordName);
        if (txtRecords && txtRecords.length) {
            log(`找到 ${txtRecords.length} 条 TXT记录（ ${recordName}）`);
            log(`TXT records: ${JSON.stringify(txtRecords)}`);
@@ -68,6 +68,7 @@ export interface ClientAutoOptions {
    preferredChain?: string;
    signal?: AbortSignal;
    profile?:string;
    waitDnsDiffuseTime?: number;
 }
 export class Client {
@@ -3,6 +3,62 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
 ### Performance Improvements
 * 流水线修改编辑之后，增加未保存提示 ([21620ac](https://github.com/certd/certd/commit/21620ac6bdeb57e43509156a77037fc07c44282a))
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 ### Performance Improvements
 * **spaceship:** 新增Spaceship DNS插件和授权模块 ([21aec77](https://github.com/certd/certd/commit/21aec77e5c3307b5973d4185baba33edcb28926f))
 ## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
 **Note:** Version bump only for package @certd/basic
 ## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
 **Note:** Version bump only for package @certd/basic
 ## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
 **Note:** Version bump only for package @certd/basic
 ## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
 **Note:** Version bump only for package @certd/basic
 ## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
 **Note:** Version bump only for package @certd/basic
 ## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
 **Note:** Version bump only for package @certd/basic
 ## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
 ### Bug Fixes
 * 修复群晖测试时报addSecret undefine错误 ([5eb4aa3](https://github.com/certd/certd/commit/5eb4aa3a0eab9ffa729c8e813cbf973d9683cc13))
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 **Note:** Version bump only for package @certd/basic
 # [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
 ### Bug Fixes
 * esxi部署失败的bug ([1e44115](https://github.com/certd/certd/commit/1e441154617e6516a9a3610412bf597128c62696))
 ### Performance Improvements
 * http请求增加建立连接超时配置 ([3c85602](https://github.com/certd/certd/commit/3c85602ab1fc1953cdc06a6cd75a971d14119179))
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 **Note:** Version bump only for package @certd/basic
@@ -1 +1 @@
-23:18
+23:43
@@ -1,7 +1,7 @@
 {
  "name": "@certd/basic",
  "private": false,
-  "version": "1.38.12",
+  "version": "1.39.10",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -47,5 +47,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
 }
@@ -19,6 +19,7 @@ export function resetLogConfigure() {
 }
 resetLogConfigure();
 export const logger: ILogger = log4js.getLogger("default") as any;
 logger.addSecret = (secret: string) => {};
 export function resetLogFilePath(filePath: string) {
  logFilePath = filePath;
@@ -106,8 +107,8 @@ export class PipelineLogger implements ILogger {
  logger: ILogger;
  customWriter!: (text: string) => void;
-  constructor(name: string, write: (text: string) => void) {
+  constructor(name: string, write?: (text: string) => void) {
-    this.customWriter = write;
+    this.customWriter = write || (() => {});
    //@ts-ignore
    this.logger = log4js.getLogger(name);
  }
@@ -126,7 +126,7 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
      if (config.skipSslVerify || config.httpProxy) {
        let rejectUnauthorized = true;
        if (config.skipSslVerify) {
-          logger.info("跳过SSL验证");
+          logger.info("忽略接口请求的SSL校验");
          rejectUnauthorized = false;
        }
        const proxy: any = {};
@@ -271,7 +271,7 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
      }
      const originalRequest = error.config || {};
-      logger.info(`config`, originalRequest);
+      // logger.info(`config`, originalRequest);
      const retry = originalRequest.retry || {};
      if (retry.status && retry.status.includes(status)) {
        if (retry.max > 0 && retry.count < retry.max) {
@@ -3,6 +3,58 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 ### Performance Improvements
 * 支持域名到期时间监控通知 ([c6628e7](https://github.com/certd/certd/commit/c6628e7311d6c43c2a784581fb25ec37b29c168d))
 ## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
 ### Performance Improvements
 * 阿里云CDN部署支持根据证书域名自动匹配部署 ([a68301e](https://github.com/certd/certd/commit/a68301e4dcea8b7391ad751aa57555d566297ad9))
 * 阿里云dcdn支持根据证书域名匹配模式 ([df012de](https://github.com/certd/certd/commit/df012dec90590ecba85a69ed6355cfa8382c1da3))
 * dcdn自动匹配部署，支持新增域名感知 ([c6a988b](https://github.com/certd/certd/commit/c6a988bc925886bd7163c1270f2b7a10a57b1c5b))
 ## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
 ### Bug Fixes
 * cname provider授权修改为sys级别 ([d01bfbe](https://github.com/certd/certd/commit/d01bfbec96a3a2109ec864953b0c9e8c1f95b97b))
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 **Note:** Version bump only for package @certd/pipeline
 # [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 **Note:** Version bump only for package @certd/pipeline
@@ -1,7 +1,7 @@
 {
  "name": "@certd/pipeline",
  "private": false,
-  "version": "1.38.12",
+  "version": "1.39.10",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -18,8 +18,8 @@
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
-    "@certd/basic": "^1.38.12",
+    "@certd/basic": "^1.39.10",
-    "@certd/plus-core": "^1.38.12",
+    "@certd/plus-core": "^1.39.10",
    "dayjs": "^1.11.7",
    "lodash-es": "^4.17.21",
    "reflect-metadata": "^0.1.13"
@@ -45,5 +45,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
 }
@@ -65,4 +65,8 @@ export abstract class BaseAccess implements IAccess {
    }
    throw new Error(`action ${req.action} not found`);
  }
  normalizeEndpoint(endpoint: string) {
    return endpoint.replace(/\/$/, "");
  }
 }
@@ -334,7 +334,7 @@ export class Executor {
      //参数没有变化
      inputChanged = false;
    }
-    if (step.strategy?.runStrategy === RunStrategy.SkipWhenSucceed) {
+    if (step.strategy?.runStrategy === RunStrategy.SkipWhenSucceed && define.runStrategy !== RunStrategy.AlwaysRun) {
      if (lastResult != null && lastResult === ResultType.success && !inputChanged) {
        step.status!.output = lastNode?.status?.output;
        step.status!.files = lastNode?.status?.files;
@@ -7,6 +7,7 @@ import { IEmailService } from "../service/index.js";
 export type NotificationBody = {
  userId?: number;
  projectId?: number;
  title: string;
  content: string;
  pipeline?: Pipeline;
@@ -20,6 +21,7 @@ export type NotificationBody = {
  pipelineResult?: string;
  pipelineTitle?: string;
  errors?: string;
  [key: string]: any; // 其他templateData
 };
 export type NotificationRequestHandleReqInput<T = any> = {
@@ -1,16 +1,16 @@
-import { Registrable } from "../registry/index.js";
+import { domainUtils, HttpClient, HttpRequestConfig, ILogger, logger, utils } from "@certd/basic";
 import { FileItem, FormItemProps, Pipeline, Runnable, Step } from "../dt/index.js";
 import { FileStore } from "../core/file-store.js";
 import { accessRegistry, IAccessService } from "../access/index.js";
 import { ICnameProxyService, IEmailService, IServiceGetter, IUrlService } from "../service/index.js";
 import { CancelError, IContext, RunHistory, RunnableCollection } from "../core/index.js";
 import { HttpRequestConfig, ILogger, logger, utils } from "@certd/basic";
 import { HttpClient } from "@certd/basic";
 import dayjs from "dayjs";
-import { IPluginConfigService } from "../service/config.js";
+import { cloneDeep, upperFirst } from "lodash-es";
-import { upperFirst } from "lodash-es";
+import { accessRegistry, IAccessService } from "../access/index.js";
 import { PageSearch } from "../context/index.js";
 import { FileStore } from "../core/file-store.js";
 import { CancelError, IContext, RunHistory, RunnableCollection } from "../core/index.js";
 import { FileItem, FormItemProps, Pipeline, Runnable, Step } from "../dt/index.js";
 import { INotificationService } from "../notification/index.js";
 import { Registrable } from "../registry/index.js";
 import { IPluginConfigService } from "../service/config.js";
 import { TaskEmitter } from "../service/emit.js";
 import { ICnameProxyService, IEmailService, IServiceGetter, IUrlService } from "../service/index.js";
 export type PluginRequestHandleReq<T = any> = {
  typeName: string;
@@ -18,6 +18,7 @@ export type PluginRequestHandleReq<T = any> = {
  input: T;
  data: any;
  record: { id: number; type: string; title: string };
  fromType?: "sys" | "user"; // sys、user
 };
 export type UserInfo = {
@@ -63,6 +64,7 @@ export type PluginDefine = Registrable & {
  onlyAdmin?: boolean;
  needPlus?: boolean;
  showRunStrategy?: boolean;
  runStrategy?: any;
  pluginType?: string; //类型
  type?: string; //来源
 };
@@ -80,6 +82,12 @@ export type TaskResult = {
  pipelineVars: Record<string, any>;
  pipelinePrivateVars?: Record<string, any>;
 };
 export type CertTargetItem = {
  value: string;
  label: string;
  domain: string | string[];
 };
 export type TaskInstanceContext = {
  //流水线定义
  pipeline: Pipeline;
@@ -170,9 +178,7 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
    }
    if (this.ctx?.define?.onlyAdmin) {
-      if (!this.isAdmin()) {
+      this.checkAdmin();
        throw new Error("只有管理员才能运行此任务");
      }
    }
  }
@@ -284,6 +290,12 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
    return this.ctx.user.role === "admin";
  }
  checkAdmin() {
    if (!this.isAdmin()) {
      throw new Error("只有“管理员”或“系统级项目”才有权限运行此插件任务");
    }
  }
  getStepFromPipeline(stepId: string) {
    let found: any = null;
    RunnableCollection.each(this.ctx.pipeline.stages, step => {
@@ -310,6 +322,103 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
  getLastOutput(key: string) {
    return this.getLastStatus().status?.output?.[key];
  }
  isDomainMatched(domainList: string | string[], certDomains: string[]): boolean {
    const matched = domainUtils.match(domainList, certDomains);
    return matched;
  }
  isNotChanged() {
    const lastResult = this.ctx?.lastStatus?.status?.status;
    return !this.ctx.inputChanged && lastResult === "success";
  }
  async getAutoMatchedTargets(req: {
    targetName: string;
    certDomains: string[];
    pageSize: number;
    getDeployTargetList: (req: PageSearch) => Promise<{ list: CertTargetItem[]; total: number }>;
  }): Promise<CertTargetItem[]> {
    const matchedDomains: CertTargetItem[] = [];
    let pageNo = 1;
    const { certDomains } = req;
    const pageSize = req.pageSize || 100;
    while (true) {
      const result = await req.getDeployTargetList({
        pageNo,
        pageSize,
      });
      const pageData = result.list;
      this.logger.info(`获取到 ${pageData.length} 个 ${req.targetName}`);
      if (!pageData || pageData.length === 0) {
        break;
      }
      for (const item of pageData) {
        const domainName = item.domain;
        if (this.isDomainMatched(domainName, certDomains)) {
          matchedDomains.push(item);
        }
      }
      const totalCount = result.total || 0;
      if (pageNo * pageSize >= totalCount || matchedDomains.length == 0) {
        break;
      }
      pageNo++;
    }
    return matchedDomains;
  }
  async autoMatchedDeploy(req: {
    targetName: string;
    getCertDomains: () => Promise<string[]>;
    uploadCert: () => Promise<any>;
    deployOne: (req: { target: CertTargetItem; cert: any }) => Promise<void>;
    getDeployTargetList: (req: PageSearch) => Promise<{ list: CertTargetItem[]; total: number }>;
  }): Promise<{ result: string; deployedList: string[] }> {
    this.logger.info("证书匹配模式部署");
    const certDomains = await req.getCertDomains();
    const certTargetList = await this.getAutoMatchedTargets({
      targetName: req.targetName,
      pageSize: 200,
      certDomains,
      getDeployTargetList: req.getDeployTargetList,
    });
    if (certTargetList.length === 0) {
      this.logger.warn(`未找到匹配的${req.targetName}`);
      return { result: "skip", deployedList: [] };
    }
    this.logger.info(`找到 ${certTargetList.length} 个匹配的${req.targetName}`);
    //开始部署，检查是否已经部署过
    const deployedList = cloneDeep(this.getLastStatus()?.status?.output?.deployedList || []);
    const unDeployedTargets = certTargetList.filter(item => !deployedList.includes(item.value));
    const count = unDeployedTargets.length;
    const deployedCount = certTargetList.length - count;
    if (deployedCount > 0) {
      this.logger.info(`跳过 ${deployedCount} 个已部署过的${req.targetName}`);
    }
    this.logger.info(`需要部署 ${count} 个${req.targetName}`);
    if (count === 0) {
      return { result: "skip", deployedList };
    }
    this.logger.info(`开始部署`);
    const aliCrtId = await req.uploadCert();
    for (const target of unDeployedTargets) {
      await req.deployOne({
        cert: aliCrtId,
        target,
      });
      deployedList.push(target.value);
    }
    this.logger.info(`本次成功部署 ${count} 个${req.targetName}`);
    return { result: "success", deployedList };
  }
 }
 export type OutputVO = {
@@ -3,6 +3,50 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 **Note:** Version bump only for package @certd/lib-huawei
 # [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 **Note:** Version bump only for package @certd/lib-huawei
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-huawei",
  "private": false,
-  "version": "1.38.12",
+  "version": "1.39.10",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
  "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
    "prettier": "^2.8.8",
    "tslib": "^2.8.1"
  },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
 }
@@ -3,6 +3,50 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 **Note:** Version bump only for package @certd/lib-iframe
 # [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 **Note:** Version bump only for package @certd/lib-iframe
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-iframe",
  "private": false,
-  "version": "1.38.12",
+  "version": "1.39.10",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -31,5 +31,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
 }
@@ -3,6 +3,50 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 **Note:** Version bump only for package @certd/jdcloud
 # [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 **Note:** Version bump only for package @certd/jdcloud
@@ -1,6 +1,6 @@
 {
  "name": "@certd/jdcloud",
-  "version": "1.38.12",
+  "version": "1.39.10",
  "description": "jdcloud openApi sdk",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
@@ -56,5 +56,5 @@
      "fetch"
    ]
  },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
 }
@@ -3,6 +3,52 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
 ### Performance Improvements
 * 支持部署证书到百度CCE ([a19ea74](https://github.com/certd/certd/commit/a19ea7489c01cdbf795fb51f804bd6d00389f604))
 ## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 **Note:** Version bump only for package @certd/lib-k8s
 # [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 **Note:** Version bump only for package @certd/lib-k8s
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-k8s",
  "private": false,
-  "version": "1.38.12",
+  "version": "1.39.10",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -14,10 +14,11 @@
    "build3": "rollup -c",
    "build2": "vue-tsc --noEmit && vite build",
    "preview": "vite preview",
-    "pub": "npm publish"
+    "pub": "npm publish",
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
-    "@certd/basic": "^1.38.12",
+    "@certd/basic": "^1.39.10",
    "@kubernetes/client-node": "0.21.0"
  },
  "devDependencies": {
@@ -32,5 +33,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
 }
@@ -59,9 +59,9 @@ export class K8sClient {
    const yml = loadYaml<KubernetesObject>(manifest);
    const client = this.getKubeClient();
    try {
      this.logger.info("apply yaml:", yml);
      await client.create(yml);
    } catch (e) {
      this.logger.error("apply error", e.response?.body);
      if (e.response?.body?.reason === "AlreadyExists") {
        //patch
        this.logger.info("patch existing resource: ", yml.metadata?.name);
@@ -70,13 +70,26 @@ export class K8sClient {
          yml.metadata = {};
        }
        yml.metadata.resourceVersion = existing.body.metadata.resourceVersion;
-        await client.patch(yml);
+        const res = await client.patch(yml);
-        return;
+        return res?.body;
      }
      throw e;
    }
  }
  async applyPatch(manifest: string) {
    const yml = loadYaml<KubernetesObject>(manifest);
    const client = this.getKubeClient();
    this.logger.info("patch yaml:", yml);
    const existing = await client.read(yml as any);
    if (!yml.metadata) {
      yml.metadata = {};
    }
    yml.metadata.resourceVersion = existing.body.metadata.resourceVersion;
    const res = await client.patch(yml);
    return res?.body;
  }
  /**
   *
   * @param localRecords {  [domain]:{ip:'xxx.xx.xxx'} }
@@ -112,6 +125,7 @@ export class K8sClient {
   */
  async createSecret(opts: { namespace: string; body: V1Secret }) {
    const namespace = opts.namespace || "default";
    this.logger.info("create secret:", opts.body.metadata);
    const created = await this.client.createNamespacedSecret(namespace, opts.body);
    this.logger.info("new secrets:", opts.body.metadata);
    return created.body;
@@ -152,6 +166,8 @@ export class K8sClient {
          this.logger.info(`secret ${secretName} 已创建`);
          return res;
        }
        throw new Error(`secret ${secretName} 不存在`);
      }
      throw e;
    }
@@ -3,6 +3,64 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
 ### Bug Fixes
 * 修复自定义插件删除后没有反注册的bug ([df98463](https://github.com/certd/certd/commit/df9846332596d2afaba53e66d2897aa1c598f9c4))
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
 ### Bug Fixes
 * 修复cname校验报该授权无权限的bug ([b1eb706](https://github.com/certd/certd/commit/b1eb7069258d6ff2b128091911fa448eaffc5f33))
 ## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
 ### Bug Fixes
 * 修复京东云报错不准确的bug ([10dd89a](https://github.com/certd/certd/commit/10dd89ae62e438a211a15e729559af823a096583))
 ### Performance Improvements
 * 优化阿里云连接超时时长为10秒，支持配置环境变量 ([1588461](https://github.com/certd/certd/commit/1588461633bd275765daa96fc68320abb58d616d))
 * 优化个人账户页面 ([e506116](https://github.com/certd/certd/commit/e50611666ef731a903d7bdd8eb62333b97e2cc5b))
 * 支持批量转移流水线到其他项目 ([8a3841f](https://github.com/certd/certd/commit/8a3841f6382b53ce2343307fb035e74fa5383fef))
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 **Note:** Version bump only for package @certd/lib-server
 # [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
 ### Performance Improvements
 * 【破坏性更新】错误返回信息msg字段名统一改成message，与成功的返回结构一致 ([51ab6d6](https://github.com/certd/certd/commit/51ab6d6da1bb551b55b3a6a4a9a945c8d6ace806))
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 **Note:** Version bump only for package @certd/lib-server
@@ -1,6 +1,6 @@
 {
  "name": "@certd/lib-server",
-  "version": "1.38.12",
+  "version": "1.39.10",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -28,11 +28,11 @@
  ],
  "license": "AGPL",
  "dependencies": {
-    "@certd/acme-client": "^1.38.12",
+    "@certd/acme-client": "^1.39.10",
-    "@certd/basic": "^1.38.12",
+    "@certd/basic": "^1.39.10",
-    "@certd/pipeline": "^1.38.12",
+    "@certd/pipeline": "^1.39.10",
-    "@certd/plugin-lib": "^1.38.12",
+    "@certd/plugin-lib": "^1.39.10",
-    "@certd/plus-core": "^1.38.12",
+    "@certd/plus-core": "^1.39.10",
    "@midwayjs/cache": "3.14.0",
    "@midwayjs/core": "3.20.11",
    "@midwayjs/i18n": "3.20.13",
@@ -64,5 +64,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
 }
@@ -70,9 +70,7 @@ export abstract class BaseController {
      projectIdStr = this.ctx.request.query["projectId"] as string;
    }
    if (!projectIdStr) {
-      return null
+      //这里必须抛异常，否则可能会有权限问题
    }
    if (!projectIdStr) {
      throw new Error("projectId 不能为空")
    }
    const userId = this.getUserId()
@@ -85,7 +83,7 @@ export abstract class BaseController {
    let userId = this.getUserId()
    const projectId = await this.getProjectId(permission)
    if(projectId){
-      userId = 0
+      userId = -1 // 企业管理模式下，用户id固定-1
    }
    return {
      projectId,userId
@@ -117,12 +115,18 @@ export abstract class BaseController {
    if (projectId) {
      await authService.checkProjectId(service, id, projectId);
    }else{
      if(userId === Constants.systemUserId){
        //系统级别，不检查权限
      }else{
        if(allowAdmin){
          await authService.checkUserIdButAllowAdmin(this.ctx, service, id);
        }else{
-        await authService.checkUserId(this.ctx, service, id);
+          await authService.checkUserId( service, id, userId);
        }
      }
    }
    return {projectId,userId}
  }
@@ -4,6 +4,7 @@ import { Inject } from '@midwayjs/core';
 import { TypeORMDataSourceManager } from '@midwayjs/typeorm';
 import { EntityManager } from 'typeorm/entity-manager/EntityManager.js';
 import { FindManyOptions } from 'typeorm';
 import { Constants } from './constants.js';
 export type PageReq<T = any> = {
  page?: { offset: number; limit: number };
@@ -75,10 +76,12 @@ export abstract class BaseService<T> {
   * @param where
   */
  async delete(ids: string | any[], where?: any) {
-    const idArr = this.resolveIdArr(ids);
+    let idArr = this.resolveIdArr(ids);
    idArr = this.filterIds(idArr);
    if (idArr.length === 0) {
      return;
    }
    await this.getRepository().delete({
      id: In(idArr),
      ...where,
@@ -93,6 +96,8 @@ export abstract class BaseService<T> {
    }
    if (typeof ids === 'string') {
      return ids.split(',');
    } else if(!Array.isArray(ids)){
      return [ids];
    }else {
      return ids;
    }
@@ -216,6 +221,7 @@ export abstract class BaseService<T> {
    if (!Array.isArray(ids)) {
      ids = [ids];
    }
    ids = this.filterIds(ids);
    const res = await this.getRepository().find({
      // eslint-disable-next-line @typescript-eslint/ban-ts-comment
      // @ts-ignore
@@ -233,7 +239,16 @@ export abstract class BaseService<T> {
    throw new PermissionException('权限不足');
  }
 filterIds(ids: any[]) {
    if (!ids) {
      throw new ValidateException('ids不能为空');
    }
    return ids.filter((item) => {
      return item!=null && item != ""
    });
  }
  async batchDelete(ids: number[], userId: number,projectId?:number) {
    ids = this.filterIds(ids);
    if(userId!=null){
      const list = await this.getRepository().find({
        where: {
@@ -258,12 +273,12 @@ export abstract class BaseService<T> {
 export function checkUserProjectParam(userId: number, projectId: number) {
  if (projectId != null ){
-    if( userId !==0) {
+    if( userId !== Constants.enterpriseUserId) {
      throw new ValidateException('userId projectId 错误');
    }
    return true
  }else{
-    if( userId > 0) {
+    if( userId != null) {
      return true
    }
     throw new ValidateException('userId不能为空');
@@ -120,4 +120,6 @@ export const Constants = {
      message: '用户邮箱还未配置',
    },
  },
  systemUserId: 0, // 系统级别userid固定为0
  enterpriseUserId:  -1 // 企业模式用户id固定为-1
 };
@@ -88,6 +88,10 @@ export class SysPrivateSettings extends BaseSettings {
  pipelineMaxRunningCount?: number;
  environmentVars?: string = '';
  sms?: {
    type?: string;
    config?: any;
@@ -6,11 +6,13 @@ import { BaseSettings, SysInstallInfo, SysPrivateSettings, SysPublicSettings, Sy
 import { getAllSslProviderDomains, setSslProviderReverseProxies } from '@certd/acme-client';
 import { cache, logger, mergeUtils, setGlobalProxy } from '@certd/basic';
 import { isPlus } from '@certd/plus-core';
 import * as dns from 'node:dns';
 import { BaseService, setAdminMode } from '../../../basic/index.js';
 import { executorQueue } from '../../basic/service/executor-queue.js';
 import { isComm } from '@certd/plus-core';
 const { merge } = mergeUtils;
 let lastSaveEnvVars = {};
 /**
 * 设置
 */
@@ -117,11 +119,11 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
  }
  async savePublicSettings(bean: SysPublicSettings) {
-    if(isComm()){
+    // if (isComm()) {
-      if(bean.adminMode === 'enterprise'){
+    //   if (bean.adminMode === 'enterprise') {
-        throw new Error("商业版不支持使用企业管理模式")
+    //     throw new Error("商业版不支持使用企业管理模式")
-      }
+    //   }
-    }
+    // }
    await this.saveSetting(bean);
    //让设置生效
@@ -153,8 +155,10 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
  async reloadPublicSettings() {
    const publicSetting = await this.getPublicSettings()
    if (isPlus()){
      setAdminMode(publicSetting.adminMode  ) 
    }
  }
  async reloadPrivateSettings() {
    const privateSetting = await this.getPrivateSettings();
@@ -173,6 +177,44 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
    }
    setSslProviderReverseProxies(privateSetting.reverseProxies);
    //加载环境变量
    this.setEnvironmentVars(privateSetting.environmentVars);
  }
  setEnvironmentVars(vars: string) {
    const envVars = {}
    if (typeof vars !== 'string') {
      vars = ""
    }
    vars.split('\n').forEach(line => {
      line = line.trim();
      if (!line || line.startsWith('#')) {
        return
      }
      const arr = line.split("#")
      if (arr.length > 0) {
        line = arr[0].trim();
      }
      if (!line.includes("=")) {
        return
      }
      const [key, value] = line.split('=');
      if (key && value) {
        envVars[key.trim()] = value.trim();
      }
    });
    //先删除旧环境变量
    if (lastSaveEnvVars) {
      for (const key in lastSaveEnvVars) {
          delete process.env[key];
      }
    }
    merge(process.env, envVars);
    lastSaveEnvVars = envVars;
  }
  async updateByKey(key: string, setting: any) {
@@ -7,8 +7,12 @@ import { Column, Entity, PrimaryGeneratedColumn } from 'typeorm';
 export class AccessEntity {
  @PrimaryGeneratedColumn()
  id: number;
  @Column({ name: 'key_id', comment: 'key_id', length: 100 })
  keyId: string;
  @Column({ name: 'user_id', comment: '用户id' })
-  userId: number;
+  userId: number; // 0为系统级别, -1为企业，大于1为用户
  @Column({ comment: '名称', length: 100 })
  name: string;
@@ -3,8 +3,8 @@ import { IAccessService } from '@certd/pipeline';
 export class AccessGetter implements IAccessService {
  userId: number;
  projectId?: number;
-  getter: <T>(id: any, userId?: number, projectId?: number) => Promise<T>;
+  getter: <T>(id: any, userId?: number, projectId?: number, ignorePermission?: boolean) => Promise<T>;
-  constructor(userId: number, projectId: number, getter: (id: any, userId: number, projectId?: number) => Promise<any>) {
+  constructor(userId: number, projectId: number, getter: (id: any, userId: number, projectId?: number, ignorePermission?: boolean) => Promise<any>) {
    this.userId = userId;
    this.projectId = projectId;
    this.getter = getter;
@@ -5,6 +5,7 @@ import {AccessGetter, BaseService, PageReq, PermissionException, ValidateExcepti
 import {AccessEntity} from '../entity/access.js';
 import {AccessDefine, accessRegistry, newAccess} from '@certd/pipeline';
 import {EncryptService} from './encrypt-service.js';
 import { logger, utils } from '@certd/basic';
 /**
 * 授权
@@ -46,6 +47,7 @@ export class AccessService extends BaseService<AccessEntity> {
    }
    delete param._copyFrom
    this.encryptSetting(param, oldEntity);
    param.keyId = "ac_" + utils.id.simpleNanoId();
    return await super.add(param);
  }
@@ -117,6 +119,7 @@ export class AccessService extends BaseService<AccessEntity> {
      throw new ValidateException('该授权配置不存在,请确认是否已被删除');
    }
    this.encryptSetting(param, oldEntity);
    delete param.keyId
    return await super.update(param);
  }
@@ -215,4 +218,37 @@ export class AccessService extends BaseService<AccessEntity> {
    });
  }
  /**
   * 复制授权到其他项目
   * @param accessId 
   * @param projectId 
   */
  async copyTo(accessId: number,projectId?: number) {
    const access = await this.info(accessId);
    if (access == null) {
      throw new Error(`该授权配置不存在,请确认是否已被删除:id=${accessId}`);
    }
    const keyId = access.keyId;
    //检查目标项目里是否已经有相同keyId的配置
    const existAccess = await this.repository.findOne({
      where: {
        keyId,
        projectId,
      },
    });
    if (existAccess) {
      logger.info(`目标项目已存在相同keyId的授权配置,跳过复制:keyId=${keyId}`);
      return existAccess.id;
    }
    const newAccess = {
      ...access,
      userId:-1,
      id: undefined,
      projectId,
    }
    await this.repository.save(newAccess);
    return newAccess.id;
  }
 }
@@ -6,6 +6,8 @@ import { Column, Entity, PrimaryGeneratedColumn } from 'typeorm';
 export class AddonEntity {
  @PrimaryGeneratedColumn()
  id: number;
  @Column({ name: 'key_id', comment: 'key_id', length: 100 })
  keyId: string;
  @Column({ name: 'user_id', comment: '用户id' })
  userId: number;
  @Column({ comment: '名称', length: 100 })
@@ -4,6 +4,7 @@ import { In, Repository } from "typeorm";
 import { AddonDefine, BaseService, PageReq, ValidateException } from "../../../index.js";
 import { addonRegistry } from "../api/index.js";
 import { AddonEntity } from "../entity/addon.js";
 import { utils } from "@certd/basic";
 /**
 * Addon
@@ -43,6 +44,7 @@ export class AddonService extends BaseService<AddonEntity> {
    } else {
      param.isSystem = false;
    }
    param.keyId = "ad_" + utils.id.simpleNanoId();
    delete param._copyFrom;
    return await super.add(param);
  }
@@ -57,6 +59,7 @@ export class AddonService extends BaseService<AddonEntity> {
    if (oldEntity == null) {
      throw new ValidateException("该Addon配置不存在,请确认是否已被删除");
    }
    delete param.keyId
    return await super.update(param);
  }
@@ -67,6 +70,7 @@ export class AddonService extends BaseService<AddonEntity> {
    }
    return {
      id: entity.id,
      keyId: entity.keyId,
      name: entity.name,
      userId: entity.userId,
      addonType: entity.addonType,
@@ -100,6 +104,7 @@ export class AddonService extends BaseService<AddonEntity> {
      },
      select: {
        id: true,
        keyId: true,
        name: true,
        addonType: true,
        type: true,
@@ -132,6 +137,7 @@ export class AddonService extends BaseService<AddonEntity> {
    const setting = JSON.parse(res.setting);
    return {
      id: res.id,
      keyId: res.keyId,
      addonType: res.addonType,
      type: res.type,
      name: res.name,
@@ -3,6 +3,50 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 **Note:** Version bump only for package @certd/midway-flyway-js
 # [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 **Note:** Version bump only for package @certd/midway-flyway-js
@@ -1,6 +1,6 @@
 {
  "name": "@certd/midway-flyway-js",
-  "version": "1.38.12",
+  "version": "1.39.10",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -46,5 +46,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
 }
@@ -3,6 +3,50 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 **Note:** Version bump only for package @certd/plugin-cert
 # [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 **Note:** Version bump only for package @certd/plugin-cert
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-cert",
  "private": false,
-  "version": "1.38.12",
+  "version": "1.39.10",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -17,10 +17,10 @@
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
-    "@certd/acme-client": "^1.38.12",
+    "@certd/acme-client": "^1.39.10",
-    "@certd/basic": "^1.38.12",
+    "@certd/basic": "^1.39.10",
-    "@certd/pipeline": "^1.38.12",
+    "@certd/pipeline": "^1.39.10",
-    "@certd/plugin-lib": "^1.38.12",
+    "@certd/plugin-lib": "^1.39.10",
    "psl": "^1.9.0",
    "punycode.js": "^2.3.1"
  },
@@ -38,5 +38,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
 }
@@ -3,6 +3,59 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
 ### Performance Improvements
 * 1panel支持先上传证书再选择证书 ([7a9eec8](https://github.com/certd/certd/commit/7a9eec88e8eddf40dba055c072b5b2b0f67c1407))
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 **Note:** Version bump only for package @certd/plugin-lib
 ## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
 ### Performance Improvements
 * dcdn自动匹配部署，支持新增域名感知 ([c6a988b](https://github.com/certd/certd/commit/c6a988bc925886bd7163c1270f2b7a10a57b1c5b))
 ## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
 **Note:** Version bump only for package @certd/plugin-lib
 ## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
 **Note:** Version bump only for package @certd/plugin-lib
 ## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
 **Note:** Version bump only for package @certd/plugin-lib
 ## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
 ### Bug Fixes
 * 修复阿里云证书订单翻页问题 ([6d43623](https://github.com/certd/certd/commit/6d43623f459a7594599e50a7ed89d67fcc775518))
 ## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
 **Note:** Version bump only for package @certd/plugin-lib
 ## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
 ### Performance Improvements
 * 查看证书增加证书详情显示，包括域名，过期时间，颁发机构，指纹等 ([0b9933d](https://github.com/certd/certd/commit/0b9933df1e8d1685d14271435a8a7488974cc47b))
 * dns-provider 支持bind9 ，support bind9 ([76d12d6](https://github.com/certd/certd/commit/76d12d60624c0672fd3717a80a2cfef6845b14b8))
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 **Note:** Version bump only for package @certd/plugin-lib
 # [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
 **Note:** Version bump only for package @certd/plugin-lib
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 **Note:** Version bump only for package @certd/plugin-lib
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-lib",
  "private": false,
-  "version": "1.38.12",
+  "version": "1.39.10",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -22,10 +22,10 @@
    "@alicloud/pop-core": "^1.7.10",
    "@alicloud/tea-util": "^1.4.11",
    "@aws-sdk/client-s3": "^3.964.0",
-    "@certd/acme-client": "^1.38.12",
+    "@certd/acme-client": "^1.39.10",
-    "@certd/basic": "^1.38.12",
+    "@certd/basic": "^1.39.10",
-    "@certd/pipeline": "^1.38.12",
+    "@certd/pipeline": "^1.39.10",
-    "@certd/plus-core": "^1.38.12",
+    "@certd/plus-core": "^1.39.10",
    "@kubernetes/client-node": "0.21.0",
    "ali-oss": "^6.22.0",
    "basic-ftp": "^5.0.5",
@@ -57,5 +57,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "49457505cdf8156fd9d936b8e9ace0b48e43a6b2"
+  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
 }
@@ -2,10 +2,14 @@ import fs from "fs";
 import os from "os";
 import path from "path";
 import { CertificateInfo, crypto } from "@certd/acme-client";
 import cryptoLib from "crypto";
 import { ILogger } from "@certd/basic";
 import dayjs from "dayjs";
 import { uniq } from "lodash-es";
 export interface ICertInfoGetter {
  getByPipelineId: (pipelineId: number) => Promise<CertInfo>;
 }
 export type CertInfo = {
  crt: string; //fullchain证书
  key: string; //私钥
@@ -42,6 +46,12 @@ const formats = {
  jks: ["jks"],
  p7b: ["p7b", "key"],
 };
 export type SimpleCertDetail = {
  notBefore: Date;
  notAfter: Date;
  domains: string[];
 };
 export class CertReader {
  cert: CertInfo;
@@ -115,13 +125,46 @@ export class CertReader {
    return CertReader.readCertDetail(crt);
  }
  getSimpleDetail() {
    const { detail } = this.getCrtDetail();
    return {
      notBefore: detail.notBefore,
      notAfter: detail.notAfter,
      domains: this.getAllDomains(),
    };
  }
  static readCertDetail(crt: string) {
-    const detail = crypto.readCertificateInfo(crt.toString());
+    let detail: CertificateInfo;
    try {
      detail = crypto.readCertificateInfo(crt.toString());
    } catch (e) {
      throw new Error("证书解析失败:" + e.message + "（请确定证书格式，是否与私钥搞反？）");
    }
    const effective = detail.notBefore;
    const expires = detail.notAfter;
    const fingerprints = CertReader.getFingerprintX509(crt);
    // @ts-ignore
    detail.fingerprints = fingerprints;
    return { detail, effective, expires };
  }
  static getFingerprintX509(crt: string) {
    try {
      // 创建X509Certificate实例
      const cert = new cryptoLib.X509Certificate(crt);
      // 获取指纹
      return {
        fingerprint: cert.fingerprint,
        fingerprint256: cert.fingerprint256,
        fingerprint512: cert.fingerprint512,
      };
    } catch (error) {
      console.error("处理证书失败:", error.message);
      return null;
    }
  }
  getAllDomains() {
    const { detail } = this.getCrtDetail();
    const domains = [];
@@ -1,5 +1,5 @@
 import { HttpClient, ILogger, utils } from "@certd/basic";
-import { IAccess, IServiceGetter, PageRes, PageSearch, Registrable } from "@certd/pipeline";
+import { IAccess, IAccessService, IServiceGetter, PageRes, PageSearch, Registrable } from "@certd/pipeline";
 export type DnsProviderDefine = Registrable & {
  accessType: string;
@@ -26,6 +26,7 @@ export type DnsProviderContext = {
  utils: typeof utils;
  domainParser: IDomainParser;
  serviceGetter: IServiceGetter;
  accessGetter?: IAccessService;
 };
 export type DomainRecord = {
@@ -1,5 +1,5 @@
 import { HttpClient, ILogger } from "@certd/basic";
-import { PageRes, PageSearch } from "@certd/pipeline";
+import { IAccessService, PageRes, PageSearch } from "@certd/pipeline";
 import punycode from "punycode.js";
 import { CreateRecordOptions, DnsProviderContext, DnsProviderDefine, DomainRecord, IDnsProvider, RemoveRecordOptions } from "./api.js";
 import { dnsProviderRegistry } from "./registry.js";
@@ -59,6 +59,11 @@ export async function createDnsProvider(opts: { dnsProviderType: string; context
  if (dnsProviderDefine.deprecated) {
    context.logger.warn(dnsProviderDefine.deprecated);
  }
  if (!context.accessGetter) {
    const accessGetter: IAccessService = await context.serviceGetter.get("accessService");
    context.accessGetter = accessGetter;
  }
  // @ts-ignore
  const dnsProvider: IDnsProvider = new DnsProviderClass();
  dnsProvider.setCtx(context);
@@ -43,6 +43,11 @@ export function createRemoteSelectInputDefine(opts?: {
  pager?: boolean;
  component?: any;
  value?: any;
  pageSize?: number;
  uploadCert?: {
    title?: string;
    columns?: Record<string, any>;
  };
 }) {
  const title = opts?.title || "请选择";
  const certDomainsInputKey = opts?.certDomainsInputKey || "certDomains";
@@ -54,13 +59,11 @@ export function createRemoteSelectInputDefine(opts?: {
  const helper = opts?.helper || "请选择";
  const search = opts?.search ?? false;
  const pager = opts?.pager ?? false;
-  let mode = "tags";
+  let mode = "default";
-  if (opts.multi === false) {
+  const multi = opts?.multi ?? true;
-    mode = undefined;
+  if (multi) {
-  } else {
+    mode = "tags";
    mode = opts?.mode ?? "tags";
  }
  const item = {
    title,
    component: {
@@ -72,7 +75,10 @@ export function createRemoteSelectInputDefine(opts?: {
      action,
      search,
      pager,
      multi,
      pageSize: opts?.pageSize,
      watches: [certDomainsInputKey, accessIdInputKey, ...watches],
      uploadCert: opts?.uploadCert,
      ...opts.component,
    },
    value: opts.value,
@@ -38,6 +38,10 @@ COPY ./patch/ssh2/*.js /app/node_modules/.pnpm/node_modules/ssh2/lib/protocol/
 ENV LEGO_VERSION=4.30.1
 ENV LEGO_DOWNLOAD_DIR=/app/tools/lego
 ENV ALIYUN_CLIENT_CONNECT_TIMEOUT=10000
 ENV ALIYUN_CLIENT_READ_TIMEOUT=20000
 RUN mkdir -p $LEGO_DOWNLOAD_DIR
 # 根据架构下载不同的文件
@@ -3,6 +3,138 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
 ### Bug Fixes
 * 修复创建流水线无法选择通知的bug ([a88d0a6](https://github.com/certd/certd/commit/a88d0a6ae15cb6170d0b36e21daf89f0dbd5f681))
 * 修复流水线任务编辑页面复制粘贴按钮在夜间模式显示问题 ([1e549df](https://github.com/certd/certd/commit/1e549dfd431ed74e2bcdfce63e5f640c51603af3))
 * 修复用户管理添加用户无法上传头像的bug ([557e98c](https://github.com/certd/certd/commit/557e98c33f5462167d8f6289f70dad68bb114a97))
 * 修复自定义插件删除后没有反注册的bug ([df98463](https://github.com/certd/certd/commit/df9846332596d2afaba53e66d2897aa1c598f9c4))
 ### Performance Improvements
 * 1panel支持先上传证书再选择证书 ([7a9eec8](https://github.com/certd/certd/commit/7a9eec88e8eddf40dba055c072b5b2b0f67c1407))
 * 流水线修改编辑之后，增加未保存提示 ([21620ac](https://github.com/certd/certd/commit/21620ac6bdeb57e43509156a77037fc07c44282a))
 * 修复检查全部某些情况下无效的bug，优化公共触发站点证书检查定时逻辑 ([ee53589](https://github.com/certd/certd/commit/ee535895a3166c6f9046963e28fa8f22f018b574))
 * 增加域名管理 子域名检查提醒 ([2bdf183](https://github.com/certd/certd/commit/2bdf1832da73a3728f3ac415837bc26e70531cd6))
 * 站点监控域名气泡增加端口显示 ([6ee718a](https://github.com/certd/certd/commit/6ee718a25265a9db2115343af9a1a01958f34b81))
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 ### Bug Fixes
 * 修复某些情况下报无法修改通知的问题 ([d1a6592](https://github.com/certd/certd/commit/d1a65922d7e152d6edcf6c53b70079f16b54a0d3))
 ### Performance Improvements
 * 支持域名到期时间监控通知 ([c6628e7](https://github.com/certd/certd/commit/c6628e7311d6c43c2a784581fb25ec37b29c168d))
 * **monitor:** 支持查看监控执行记录 ([b5cc794](https://github.com/certd/certd/commit/b5cc794061c11b7200b669473c25c4bbfc944b61))
 ## [1.39.8](https://github.com/certd/certd/compare/v1.39.7...v1.39.8) (2026-03-31)
 ### Bug Fixes
 * 修复上传头像退出登录的bug ([6eb20a1](https://github.com/certd/certd/commit/6eb20a1f2e31d984d9135edbf39c97cdd15621f9))
 ### Performance Improvements
 * 阿里云dcdn支持根据证书域名匹配模式 ([df012de](https://github.com/certd/certd/commit/df012dec90590ecba85a69ed6355cfa8382c1da3))
 * dcdn自动匹配部署，支持新增域名感知 ([c6a988b](https://github.com/certd/certd/commit/c6a988bc925886bd7163c1270f2b7a10a57b1c5b))
 ## [1.39.7](https://github.com/certd/certd/compare/v1.39.6...v1.39.7) (2026-03-25)
 **Note:** Version bump only for package @certd/ui-client
 ## [1.39.6](https://github.com/certd/certd/compare/v1.39.5...v1.39.6) (2026-03-22)
 ### Bug Fixes
 * 修复模版id不正确导致修改到错误的模版流水线bug ([b1ff163](https://github.com/certd/certd/commit/b1ff163a2828b205297408d5aed21cf1eff335e8))
 * remote-select默认pageSize设置为50，阿里云WAF不支持pageSize100 ([285532d](https://github.com/certd/certd/commit/285532d4318b90d0d7f8154f070274c0a0ec0269))
 ### Performance Improvements
 * 企业模式下面增加个人数据迁移的引导 ([431afd6](https://github.com/certd/certd/commit/431afd618f547cecf9a29433f46d4367619e2ecf))
 * 优化远程数据选择框，选择数据时不刷新闪烁 ([7f6a8bc](https://github.com/certd/certd/commit/7f6a8bc87e364685defe7f039264b2de064806c5))
 * 支持复制粘贴任务步骤 ([acc2df2](https://github.com/certd/certd/commit/acc2df29def017fb8165f931b41ef95414966afc))
 ## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
 ### Bug Fixes
 * 修复修改分组报错的bug ([224db7d](https://github.com/certd/certd/commit/224db7da57dbdddf25bcac7faa0a29eb228c5a33))
 ### Performance Improvements
 * passkey 支持Bitwarden ([29f44c6](https://github.com/certd/certd/commit/29f44c67c808bed9ff1c9d4884d39a1a62d043a7))
 * passkey登录放到下方其他登录位置 ([1413e1a](https://github.com/certd/certd/commit/1413e1aff4aabcfd471716338c210fbcfd76c8f9))
 ## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
 ### Bug Fixes
 * 修复阿里云证书订单翻页问题 ([6d43623](https://github.com/certd/certd/commit/6d43623f459a7594599e50a7ed89d67fcc775518))
 * 修复查看证书详情页面错位的bug ([7f37df4](https://github.com/certd/certd/commit/7f37df42274e657892d92e868ceac67e139f3bf2))
 * 修复选择插件页面无法滚动的bug ([d8425bc](https://github.com/certd/certd/commit/d8425bc9c5ee81bb669706c6de6bad69d7c38d8e))
 ### Performance Improvements
 * 优化passkey ([9e12412](https://github.com/certd/certd/commit/9e12412f5fa7800df1d7efaf62cd8fd5d79bb569))
 ## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
 ### Bug Fixes
 * 修复多选框只能单选的bug ([12700e1](https://github.com/certd/certd/commit/12700e1754319513ac02822ff1588d63420b964e))
 ## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
 ### Bug Fixes
 * 修复群晖测试时报addSecret undefine错误 ([5eb4aa3](https://github.com/certd/certd/commit/5eb4aa3a0eab9ffa729c8e813cbf973d9683cc13))
 * 修复提示支付失败的bug ([12fed34](https://github.com/certd/certd/commit/12fed34e109f3254de664813954081a52513bd38))
 * 修复修改项目名称后，没有同步刷新的bug ([3abee72](https://github.com/certd/certd/commit/3abee72fee286864b665033b23b172ef0ea92d83))
 * cname provider授权修改为sys级别 ([d01bfbe](https://github.com/certd/certd/commit/d01bfbec96a3a2109ec864953b0c9e8c1f95b97b))
 ### Performance Improvements
 * 查看证书增加证书详情显示，包括域名，过期时间，颁发机构，指纹等 ([0b9933d](https://github.com/certd/certd/commit/0b9933df1e8d1685d14271435a8a7488974cc47b))
 * 获取阿里证书订单id组件增加翻页功能，突破50的上限 ([d79db3b](https://github.com/certd/certd/commit/d79db3bd3f0d5ad39664bb47ec3814d43ad93304))
 * 优化阿里云连接超时时长为10秒，支持配置环境变量 ([1588461](https://github.com/certd/certd/commit/1588461633bd275765daa96fc68320abb58d616d))
 * 优化个人账户页面 ([e506116](https://github.com/certd/certd/commit/e50611666ef731a903d7bdd8eb62333b97e2cc5b))
 * 支持批量转移流水线到其他项目 ([8a3841f](https://github.com/certd/certd/commit/8a3841f6382b53ce2343307fb035e74fa5383fef))
 * 支持passkey登录 ([10b7644](https://github.com/certd/certd/commit/10b7644bb7ba5f82776537bc0c4f5eb95d5f8e4e))
 * dns-provider 支持bind9 ，support bind9 ([76d12d6](https://github.com/certd/certd/commit/76d12d60624c0672fd3717a80a2cfef6845b14b8))
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 ### Bug Fixes
 * 修复企业管理模式下，切换用户登录后，丢失项目列表的bug ([d23c8b4](https://github.com/certd/certd/commit/d23c8b4a2a5f5ab17822c6ee1d4108ac7280b9d1))
 ### Performance Improvements
 * 支持迁移个人数据到企业项目中 ([c6ca832](https://github.com/certd/certd/commit/c6ca83273779ed84de1b23b5e477063af043d015))
 # [1.39.0](https://github.com/certd/certd/compare/v1.38.12...v1.39.0) (2026-03-07)
 ### Bug Fixes
 * 修复发件邮箱无法输入的bug ([27b0348](https://github.com/certd/certd/commit/27b0348e1d3d752f418f851965d6afbc26c0160c))
 * 修复复制流水线保存后丢失分组和排序号的问题 ([bc32648](https://github.com/certd/certd/commit/bc326489abc1d50a0930b4f47aa2d62d3a486798))
 * 修复获取群辉deviceid报错的bug ([79be392](https://github.com/certd/certd/commit/79be392775a2c91848dd5a66a2618adc4e4b48f6))
 * 修复偶尔下载证书报未授权的错误 ([316537e](https://github.com/certd/certd/commit/316537eb4dcbe5ec57784e8bf95ee3cdfd21dce7))
 ### Features
 * 支持企业级管理模式，项目管理，细分权限 ([3734083](https://github.com/certd/certd/commit/37340838b6a61a94b86bfa13cf5da88b26f1315a))
 ### Performance Improvements
 * 当域名管理中没有域名时，创建流水线时不展开域名选择框 ([bb0afe1](https://github.com/certd/certd/commit/bb0afe1fa7b0fc52fde051d24fbe6be69d52f4cc))
 * 任务步骤页面增加串行执行提示说明 ([787f6ef](https://github.com/certd/certd/commit/787f6ef52893d8dc912ee2a7a5b8ce2b73c108c9))
 ## [1.38.12](https://github.com/certd/certd/compare/v1.38.11...v1.38.12) (2026-02-18)
 ### Bug Fixes
@@ -1,6 +1,6 @@
 {
  "name": "@certd/ui-client",
-  "version": "1.38.12",
+  "version": "1.39.10",
  "private": true,
  "scripts": {
    "dev": "vite --open",
@@ -106,8 +106,8 @@
    "zod-defaults": "^0.1.3"
  },
  "devDependencies": {
-    "@certd/lib-iframe": "^1.38.12",
+    "@certd/lib-iframe": "^1.39.10",
-    "@certd/pipeline": "^1.38.12",
+    "@certd/pipeline": "^1.39.10",
    "@rollup/plugin-commonjs": "^25.0.7",
    "@rollup/plugin-node-resolve": "^15.2.3",
    "@types/chai": "^4.3.12",
@@ -155,8 +155,8 @@ function createRequestFunction(service: any) {
    }
    Object.assign(configDefault, config);
-    if (projectStore.isEnterprise && !config.url.startsWith("/sys") && !config.url.startsWith("http")) {
+    if (!configDefault.params.projectId && projectStore.isEnterprise && !config.url.startsWith("/sys") && !config.url.startsWith("http")) {
-      configDefault.params.projectId = projectStore.currentProjectId;
+      configDefault.params.projectId = projectStore.currentProject?.id;
    }
    return service(configDefault);
  };
--- a/Show More
+++ b/Show More