perf: 支持k8s apply

packages/libs/lib-k8s/src/lib/k8s.client.ts

@@ -1,4 +1,4 @@
-import { CoreV1Api, KubeConfig, NetworkingV1Api, V1Ingress, V1Secret } from "@kubernetes/client-node";
+import { CoreV1Api, KubeConfig, NetworkingV1Api, V1Ingress, V1Secret, KubernetesObjectApi, loadYaml, KubernetesObject } from "@kubernetes/client-node";
 import dns from "dns";
 import { ILogger } from "@certd/basic";
 import { merge } from "lodash-es";
@@ -27,6 +27,11 @@ export class K8sClient {
   }
 
   init() {
+    const kubeconfig = this.getKubeConfig();
+    this.client = kubeconfig.makeApiClient(CoreV1Api);
+  }
+
+  getKubeConfig() {
     const kubeconfig = new KubeConfig();
     kubeconfig.loadFromString(this.kubeConfigStr);
     this.kubeconfig = kubeconfig;
@@ -41,16 +46,35 @@ export class K8sClient {
     } catch (e) {
       this.logger.warn("skipTLSVerify error", e);
     }
+    return kubeconfig;
+  }
 
-    this.client = kubeconfig.makeApiClient(CoreV1Api);
+  getKubeClient() {
+    const kc = this.getKubeConfig();
+    const client = KubernetesObjectApi.makeApiClient(kc);
+    return client;
+  }
 
-    // const reqOpts = { kubeconfig, request: {} } as any;
-    // if (this.lookup) {
-    //   reqOpts.request.lookup = this.lookup;
-    // }
-    //
-    // const backend = new Request(reqOpts);
-    // this.client = new Client({ backend, version: '1.13' });
+  async apply(manifest: string) {
+    const yml = loadYaml<KubernetesObject>(manifest);
+    const client = this.getKubeClient();
+    try {
+      await client.create(yml);
+    } catch (e) {
+      this.logger.error("apply error", e.response?.body);
+      if (e.response?.body?.reason === "AlreadyExists") {
+        //patch
+        this.logger.info("patch existing resource: ", yml.metadata?.name);
+        const existing = await client.read(yml as any);
+        if (!yml.metadata) {
+          yml.metadata = {};
+        }
+        yml.metadata.resourceVersion = existing.body.metadata.resourceVersion;
+        await client.patch(yml);
+        return;
+      }
+      throw e;
+    }
   }
 
   /**
@@ -168,6 +192,7 @@ export class K8sClient {
     const oldIngress = await client.readNamespacedIngress(ingressName, namespace);
     const newIngress = merge(oldIngress.body, opts.body);
     const res = await client.replaceNamespacedIngress(ingressName, namespace, newIngress);
+
     this.logger.info("ingress patched", opts.body);
     return res;
   }

packages/ui/certd-server/src/plugins/plugin-other/plugins/plugin-deploy-to-mail.ts

@@ -1,6 +1,7 @@
 import {AbstractTaskPlugin, FileItem, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput} from '@certd/pipeline';
 import {CertInfo, CertReader} from "@certd/plugin-cert";
 import dayjs from "dayjs";
+import { get } from 'lodash-es';
 
 @IsTaskPlugin({
   name: 'DeployCertToMailPlugin',
@@ -176,11 +177,13 @@ export class DeployCertToMailPlugin extends AbstractTaskPlugin {
     })
   }
 
-  compile(templateString:string) {
-    return new Function('data', `    with(data || {}) {
-        return \`${templateString}\`;
-      }
-    `);
+  compile(templateString: string) {
+    return function(data) {
+      return templateString.replace(/\${(.*?)}/g, (match, key) => {
+        const value = get(data, key, '');
+        return String(value);
+      });
+    };
   }
 }
 new DeployCertToMailPlugin();