v0.1.10

lerna.json

@@ -2,5 +2,5 @@
   "packages": [
     "packages/*"
   ],
-  "version": "0.1.7"
+  "version": "0.1.10"
 }

packages/executor/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/executor",
-  "version": "0.1.7",
+  "version": "0.1.10",
   "description": "",
   "main": "src/index.js",
   "scripts": {
@@ -12,7 +12,7 @@
   "dependencies": {
     "@certd/api": "^0.1.7",
     "@certd/certd": "^0.1.7",
-    "@certd/plugins": "^0.1.7",
+    "@certd/plugins": "^0.1.9",
     "dayjs": "^1.9.7",
     "lodash-es": "^4.17.20"
   },

packages/executor/src/index.js

@@ -5,12 +5,19 @@ import _ from 'lodash-es'
 import dayjs from 'dayjs'
 import { Trace } from './trace.js'
 const logger = util.logger
+
+function createDefaultOptions () {
+  return {
+    args: {
+      forceCert: false,
+      forceDeploy: true,
+      forceRedeploy: false
+    }
+  }
+}
 export class Executor {
-  constructor (args = {}) {
+  constructor () {
-    const { plugins } = args
-    this.plugins = {}
     this.usePlugins(DefaultPlugins)
-    this.usePlugins(plugins)
     this.trace = new Trace()
   }
 
@@ -18,6 +25,9 @@ export class Executor {
     if (plugin == null) {
       return
     }
+    if (this.plugins == null) {
+      this.plugins = {}
+    }
     this.plugins[plugin.name] = plugin
     if (plugin.define) {
       const define = plugin.define()
@@ -33,12 +43,10 @@ export class Executor {
     }
   }
 
-  async run (options, args) {
+  async run (options) {
     logger.info('------------------- Cert-D ---------------------')
     try {
-      if (args != null) {
+      options = _.merge(createDefaultOptions(), options)
-        _.merge(options.args, args)
-      }
       return await this.doRun(options)
     } catch (e) {
       logger.error('任务执行出错：', e)
@@ -67,14 +75,14 @@ export class Executor {
       }
     }
     // 读取上次执行进度
-    let context = {
+    let context = {}
-      certIsNew: !!cert.isNew
-    }
     const contextJson = await certd.certStore.getCurrentFile('context.json')
     if (contextJson) {
       context = JSON.parse(contextJson)
     }
 
+    context.certIsNew = !!cert.isNew
+
     const trace = new Trace(context)
     // 运行部署任务
     try {
@@ -85,10 +93,17 @@ export class Executor {
 
     logger.info('任务完成')
     trace.print()
-    return {
+    const result = trace.get({ })
+    const returnData = {
       cert,
-      context
+      context,
+      result
     }
+    if (result.status === 'error') {
+      const err = new Error(result.remark)
+      err.data = returnData
+    }
+    return returnData
   }
 
   async runCertd (certd) {
@@ -125,6 +140,7 @@ export class Executor {
         trace.set({ deployName, value: { status: 'success', remark: '执行成功' } })
       } catch (e) {
         trace.set({ deployName, value: { status: 'error', remark: '执行失败：' + e.message } })
+        trace.set({ value: { status: 'error', remark: deployName + '执行失败：' + e.message } })
         logger.error('流程执行失败', e)
       }
 

packages/executor/src/trace.js

@@ -41,10 +41,10 @@ export class Trace {
   print () {
     const context = this.context
     logger.info('---------------------------任务结果总览--------------------------')
-    if (!context.certIsNew) {
+    if (context.certIsNew) {
-      this.printTraceLine({ current: 'skip', remark: '还未到过期时间，跳过' }, '更新证书')
-    } else {
       this.printTraceLine({ current: 'success', remark: '证书更新成功' }, '更新证书')
+    } else {
+      this.printTraceLine({ current: 'skip', remark: '还未到过期时间，跳过' }, '更新证书')
     }
     const trace = this.get({ })
     // logger.info('trace', trace)
@@ -64,6 +64,11 @@ export class Trace {
         }
       }
     }
+
+    const mainContext = {}
+    _.merge(mainContext, context)
+    delete mainContext.__trace__
+    logger.info('context:', JSON.stringify(mainContext))
   }
 
   printTraceLine (traceStatus, name, prefix = '') {

packages/plugins/package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/plugins",
-  "version": "0.1.7",
+  "version": "0.1.9",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
@@ -131,6 +131,70 @@
         "to-fast-properties": "^2.0.0"
       }
     },
+    "@certd/acme-client": {
+      "version": "0.1.6",
+      "resolved": "https://registry.npmjs.org/@certd/acme-client/-/acme-client-0.1.6.tgz",
+      "integrity": "sha512-XffzB/QHRj61gUHXor1B8R2TVt7HnklJpjAbwQi8vHjBGloU8I3occJxIunoh1AShhc4wsxnc+h/D5yRIUp17A==",
+      "requires": {
+        "axios": "0.21.1",
+        "backo2": "^1.0.0",
+        "bluebird": "^3.5.0",
+        "debug": "^4.1.1",
+        "log4js": "^6.3.0",
+        "node-forge": "^0.10.0"
+      },
+      "dependencies": {
+        "debug": {
+          "version": "4.3.1",
+          "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz",
+          "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==",
+          "requires": {
+            "ms": "2.1.2"
+          }
+        },
+        "ms": {
+          "version": "2.1.2",
+          "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
+          "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
+        }
+      }
+    },
+    "@certd/api": {
+      "version": "0.1.7",
+      "resolved": "https://registry.npmjs.org/@certd/api/-/api-0.1.7.tgz",
+      "integrity": "sha512-2spEdF9A6Tpe5KwkbWV1zE9Zwql04DrG5KlWRUsn8kLvwY6qfdDsdCsNoFf1+XDytn4OYH5nfrMGZBi8TpG84w==",
+      "requires": {
+        "axios": "^0.21.1",
+        "dayjs": "^1.9.7",
+        "lodash-es": "^4.17.20",
+        "log4js": "^6.3.0",
+        "qs": "^6.9.4"
+      }
+    },
+    "@certd/certd": {
+      "version": "0.1.7",
+      "resolved": "https://registry.npmjs.org/@certd/certd/-/certd-0.1.7.tgz",
+      "integrity": "sha512-h+YWlcXzdQk3dbhK7u0guwyzotKRtsIA9zTaHdViWlMDlT9/oO9QflFoo8x8wA1Xx/Vd90APT6EEBnizgOXxsQ==",
+      "requires": {
+        "@certd/acme-client": "^0.1.6",
+        "@certd/api": "^0.1.7",
+        "@certd/providers": "^0.1.7",
+        "dayjs": "^1.9.7",
+        "lodash-es": "^4.17.20",
+        "node-forge": "^0.10.0"
+      }
+    },
+    "@certd/providers": {
+      "version": "0.1.7",
+      "resolved": "https://registry.npmjs.org/@certd/providers/-/providers-0.1.7.tgz",
+      "integrity": "sha512-ACiFNhRBVWB5Nyui3RTuAX0oTVkuWi0zopO1qMzbA/2iOrtFAoNs3I5DSLpZxS3d1erKcOq+Lx7Rm0rZxiL6wg==",
+      "requires": {
+        "@alicloud/pop-core": "^1.7.10",
+        "@certd/api": "^0.1.7",
+        "lodash-es": "^4.17.20",
+        "tencentcloud-sdk-nodejs": "^4.0.44"
+      }
+    },
     "@eslint/eslintrc": {
       "version": "0.2.2",
       "resolved": "https://registry.npm.taobao.org/@eslint/eslintrc/download/@eslint/eslintrc-0.2.2.tgz?cache=0&sync_timestamp=1607145629875&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2F%40eslint%2Feslintrc%2Fdownload%2F%40eslint%2Feslintrc-0.2.2.tgz",
@@ -476,6 +540,14 @@
       "resolved": "https://registry.npm.taobao.org/aws4/download/aws4-1.11.0.tgz?cache=0&sync_timestamp=1604101166484&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2Faws4%2Fdownload%2Faws4-1.11.0.tgz",
       "integrity": "sha1-1h9G2DslGSUOJ4Ta9bCUeai0HFk="
     },
+    "axios": {
+      "version": "0.21.1",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.1.tgz",
+      "integrity": "sha512-dKQiRHxGD9PPRIUNIWvZhPTPpl1rf/OxTYKsqKUDjBwYylTvV7SjSHJb9ratfyzM6wCdLCOYLzs73qpg5c4iGA==",
+      "requires": {
+        "follow-redirects": "^1.10.0"
+      }
+    },
     "babel-eslint": {
       "version": "10.1.0",
       "resolved": "https://registry.npm.taobao.org/babel-eslint/download/babel-eslint-10.1.0.tgz?cache=0&sync_timestamp=1599054223324&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2Fbabel-eslint%2Fdownload%2Fbabel-eslint-10.1.0.tgz",
@@ -489,6 +561,11 @@
         "resolve": "^1.12.0"
       }
     },
+    "backo2": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/backo2/-/backo2-1.0.2.tgz",
+      "integrity": "sha1-MasayLEpNjRj41s+u2n038+6eUc="
+    },
     "balanced-match": {
       "version": "1.0.0",
       "resolved": "https://registry.npm.taobao.org/balanced-match/download/balanced-match-1.0.0.tgz",
@@ -518,6 +595,11 @@
       "integrity": "sha1-MPpAyef+B9vIlWeM0ocCTeokHdk=",
       "dev": true
     },
+    "bluebird": {
+      "version": "3.7.2",
+      "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.7.2.tgz",
+      "integrity": "sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg=="
+    },
     "brace-expansion": {
       "version": "1.1.11",
       "resolved": "https://registry.npm.taobao.org/brace-expansion/download/brace-expansion-1.1.11.tgz?cache=0&sync_timestamp=1601898189928&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2Fbrace-expansion%2Fdownload%2Fbrace-expansion-1.1.11.tgz",
@@ -762,6 +844,11 @@
         "assert-plus": "^1.0.0"
       }
     },
+    "date-format": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/date-format/-/date-format-3.0.0.tgz",
+      "integrity": "sha512-eyTcpKOcamdhWJXj56DpQMo1ylSQpcGtGKXcU0Tb97+K56/CF5amAqqqNj0+KvA0iw2ynxtHWFsPDSClCxe48w=="
+    },
     "dayjs": {
       "version": "1.10.2",
       "resolved": "https://registry.npm.taobao.org/dayjs/download/dayjs-1.10.2.tgz?cache=0&sync_timestamp=1609889274763&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2Fdayjs%2Fdownload%2Fdayjs-1.10.2.tgz",
@@ -1406,6 +1493,16 @@
         }
       }
     },
+    "flatted": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/flatted/-/flatted-2.0.2.tgz",
+      "integrity": "sha512-r5wGx7YeOwNWNlCA0wQ86zKyDLMQr+/RB8xy74M4hTphfmjlijTSSXGuH8rnvKZnfT9i+75zmd8jcKdMR4O6jA=="
+    },
+    "follow-redirects": {
+      "version": "1.13.1",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.13.1.tgz",
+      "integrity": "sha512-SSG5xmZh1mkPGyKzjZP8zLjltIfpW32Y5QpdNJyjcfGxK3qo3NDDkZOZSFiGn1A6SclQxY9GzEwAHQ3dmYRWpg=="
+    },
     "forever-agent": {
       "version": "0.6.1",
       "resolved": "https://registry.npm.taobao.org/forever-agent/download/forever-agent-0.6.1.tgz",
@@ -1421,6 +1518,16 @@
         "mime-types": "^2.1.12"
       }
     },
+    "fs-extra": {
+      "version": "8.1.0",
+      "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-8.1.0.tgz",
+      "integrity": "sha512-yhlQgA6mnOJUKOsRUFsgJdQCvkKhcz8tlZG5HBQfReYZy46OwLcY+Zia0mtdHsOo9y/hP+CxMN0TU9QxoOtG4g==",
+      "requires": {
+        "graceful-fs": "^4.2.0",
+        "jsonfile": "^4.0.0",
+        "universalify": "^0.1.0"
+      }
+    },
     "fs.realpath": {
       "version": "1.0.0",
       "resolved": "https://registry.npm.taobao.org/fs.realpath/download/fs.realpath-1.0.0.tgz",
@@ -1537,8 +1644,7 @@
     "graceful-fs": {
       "version": "4.2.4",
       "resolved": "https://registry.npm.taobao.org/graceful-fs/download/graceful-fs-4.2.4.tgz",
-      "integrity": "sha1-Ila94U02MpWMRl68ltxGfKB6Kfs=",
+      "integrity": "sha1-Ila94U02MpWMRl68ltxGfKB6Kfs="
-      "dev": true
     },
     "growl": {
       "version": "1.10.5",
@@ -1923,6 +2029,14 @@
         "minimist": "^1.2.0"
       }
     },
+    "jsonfile": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz",
+      "integrity": "sha1-h3Gq4HmbZAdrdmQPygWPnBDjPss=",
+      "requires": {
+        "graceful-fs": "^4.1.6"
+      }
+    },
     "jsonpath-plus": {
       "version": "0.19.0",
       "resolved": "https://registry.npm.taobao.org/jsonpath-plus/download/jsonpath-plus-0.19.0.tgz",
@@ -2083,6 +2197,33 @@
         }
       }
     },
+    "log4js": {
+      "version": "6.3.0",
+      "resolved": "https://registry.npmjs.org/log4js/-/log4js-6.3.0.tgz",
+      "integrity": "sha512-Mc8jNuSFImQUIateBFwdOQcmC6Q5maU0VVvdC2R6XMb66/VnT+7WS4D/0EeNMZu1YODmJe5NIn2XftCzEocUgw==",
+      "requires": {
+        "date-format": "^3.0.0",
+        "debug": "^4.1.1",
+        "flatted": "^2.0.1",
+        "rfdc": "^1.1.4",
+        "streamroller": "^2.2.4"
+      },
+      "dependencies": {
+        "debug": {
+          "version": "4.3.1",
+          "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz",
+          "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==",
+          "requires": {
+            "ms": "2.1.2"
+          }
+        },
+        "ms": {
+          "version": "2.1.2",
+          "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
+          "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
+        }
+      }
+    },
     "loose-envify": {
       "version": "1.4.0",
       "resolved": "https://registry.npm.taobao.org/loose-envify/download/loose-envify-1.4.0.tgz",
@@ -2287,6 +2428,11 @@
       "resolved": "https://registry.npm.taobao.org/node-fetch/download/node-fetch-2.6.1.tgz?cache=0&sync_timestamp=1599309179354&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2Fnode-fetch%2Fdownload%2Fnode-fetch-2.6.1.tgz",
       "integrity": "sha1-BFvTI2Mfdu0uK1VXM5RBa2OaAFI="
     },
+    "node-forge": {
+      "version": "0.10.0",
+      "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.10.0.tgz",
+      "integrity": "sha512-PPmu8eEeG9saEUvI97fm4OYxXVB6bFvyNTyiUOBichBpFG8A1Ljw3bY62+5oOjDEMHRnd0Y7HQ+x7uzxOzC6JA=="
+    },
     "normalize-package-data": {
       "version": "2.5.0",
       "resolved": "https://registry.npm.taobao.org/normalize-package-data/download/normalize-package-data-2.5.0.tgz?cache=0&sync_timestamp=1602547447569&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2Fnormalize-package-data%2Fdownload%2Fnormalize-package-data-2.5.0.tgz",
@@ -2795,6 +2941,11 @@
         "lowercase-keys": "^1.0.0"
       }
     },
+    "rfdc": {
+      "version": "1.1.4",
+      "resolved": "https://registry.npmjs.org/rfdc/-/rfdc-1.1.4.tgz",
+      "integrity": "sha512-5C9HXdzK8EAqN7JDif30jqsBzavB7wLpaubisuQIGHWf2gUXSpzy6ArX/+Da8RjFpagWsCn+pIgxTMAmKw9Zug=="
+    },
     "rimraf": {
       "version": "3.0.2",
       "resolved": "https://registry.npm.taobao.org/rimraf/download/rimraf-3.0.2.tgz?cache=0&sync_timestamp=1599054104695&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2Frimraf%2Fdownload%2Frimraf-3.0.2.tgz",
@@ -2991,6 +3142,36 @@
         "tweetnacl": "~0.14.0"
       }
     },
+    "streamroller": {
+      "version": "2.2.4",
+      "resolved": "https://registry.npmjs.org/streamroller/-/streamroller-2.2.4.tgz",
+      "integrity": "sha512-OG79qm3AujAM9ImoqgWEY1xG4HX+Lw+yY6qZj9R1K2mhF5bEmQ849wvrb+4vt4jLMLzwXttJlQbOdPOQVRv7DQ==",
+      "requires": {
+        "date-format": "^2.1.0",
+        "debug": "^4.1.1",
+        "fs-extra": "^8.1.0"
+      },
+      "dependencies": {
+        "date-format": {
+          "version": "2.1.0",
+          "resolved": "https://registry.npmjs.org/date-format/-/date-format-2.1.0.tgz",
+          "integrity": "sha512-bYQuGLeFxhkxNOF3rcMtiZxvCBAquGzZm6oWA1oZ0g2THUzivaRhv8uOhdr19LmoobSOLoIAxeUK2RdbM8IFTA=="
+        },
+        "debug": {
+          "version": "4.3.1",
+          "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz",
+          "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==",
+          "requires": {
+            "ms": "2.1.2"
+          }
+        },
+        "ms": {
+          "version": "2.1.2",
+          "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
+          "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
+        }
+      }
+    },
     "streamsearch": {
       "version": "0.1.2",
       "resolved": "https://registry.npm.taobao.org/streamsearch/download/streamsearch-0.1.2.tgz",
@@ -3215,6 +3396,11 @@
       "resolved": "https://registry.npm.taobao.org/underscore/download/underscore-1.12.0.tgz?cache=0&sync_timestamp=1606179462980&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2Funderscore%2Fdownload%2Funderscore-1.12.0.tgz",
       "integrity": "sha1-SBSUBVH8gFh873hA0euw8WRTvpc="
     },
+    "universalify": {
+      "version": "0.1.2",
+      "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz",
+      "integrity": "sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg=="
+    },
     "uri-js": {
       "version": "4.4.0",
       "resolved": "https://registry.npm.taobao.org/uri-js/download/uri-js-4.4.0.tgz",

packages/plugins/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/plugins",
-  "version": "0.1.7",
+  "version": "0.1.9",
   "description": "",
   "main": "./src/index.js",
   "scripts": {

packages/plugins/src/tencent/deploy-to-cdn/index.js

@@ -52,14 +52,14 @@ export class DeployCertToTencentCDN extends AbstractTencentPlugin {
     }
   }
 
-  async execute ({  cert, props, context }) {
+  async execute ({ cert, props, context }) {
     const accessProvider = this.getAccessProvider(props.accessProvider)
     const client = this.getClient(accessProvider)
     const params = this.buildParams(props, context, cert)
     await this.doRequest(client, params)
   }
 
-  async rollback ({  cert, props, context }) {
+  async rollback ({ cert, props, context }) {
 
   }
 
@@ -85,7 +85,7 @@ export class DeployCertToTencentCDN extends AbstractTencentPlugin {
   buildParams (props, context, cert) {
     const { domainName, from } = props
     const { tencentCertId } = context
-
+    this.logger.info('部署腾讯云证书ID:', tencentCertId)
     const params = {
       Https: {
         Switch: 'on',

packages/plugins/src/tencent/deploy-to-clb/index.js

@@ -128,7 +128,7 @@ export class DeployCertToTencentCLB extends AbstractTencentPlugin {
   buildProps (props, context, cert) {
     const { certName } = props
     const { tencentCertId } = context
-
+    this.logger.info('部署腾讯云证书ID:', tencentCertId)
     const params = {
       Certificate: {
         SSLMode: 'UNIDIRECTIONAL', // 单向认证

packages/plugins/src/tencent/deploy-to-tke-ingress/index.js

@@ -1,7 +1,6 @@
 import { AbstractTencentPlugin } from '../../tencent/abstract-tencent.js'
 import tencentcloud from 'tencentcloud-sdk-nodejs'
 import { K8sClient } from '../../utils/util.k8s.client.js'
-
 export class DeployCertToTencentTKEIngress extends AbstractTencentPlugin {
   /**
    * 插件定义
@@ -13,6 +12,7 @@ export class DeployCertToTencentTKEIngress extends AbstractTencentPlugin {
     return {
       name: 'deployCertToTencentTKEIngress',
       label: '部署到腾讯云TKE-ingress',
+      desc: '需要【上传到腾讯云】作为前置任务',
       input: {
         region: {
           label: '大区',
@@ -37,11 +37,28 @@ export class DeployCertToTencentTKEIngress extends AbstractTencentPlugin {
           label: 'ingress名称',
           desc: '支持多个（传入数组）'
         },
+        clusterIp: {
+          type: String,
+          label: '集群内网ip',
+          desc: '如果开启了外网的话，无需设置'
+        },
+        clusterDomain: {
+          type: String,
+          label: '集群域名，可不填，默认为:[clusterId].ccs.tencent-cloud.com'
+        },
+        /**
+         * AccessProvider的key,或者一个包含access的具体的对象
+         */
         accessProvider: {
           label: 'Access提供者',
           type: [String, Object],
-          desc: 'AccessProviders的key 或 一个包含accessKeyId与accessKeySecret的对象',
+          desc: '请选择access提供者',
-          options: 'accessProviders[type=tencent]',
+          component: {
+            name: 'accessProviderSelect',
+            props: {
+              filterType: 'tencent'
+            }
+          },
           required: true
         }
       },
@@ -58,10 +75,17 @@ export class DeployCertToTencentTKEIngress extends AbstractTencentPlugin {
 
     this.logger.info('kubeconfig已成功获取')
     const k8sClient = new K8sClient(kubeConfigStr)
+    if (props.clusterIp != null) {
+      let clusterDomain = props.clusterDomain
+      if (!clusterDomain) {
+        clusterDomain = `${props.clusterId}.ccs.tencent-cloud.com`
+      }
+      // 修改内网解析ip地址
+      k8sClient.setLookup({ [clusterDomain]: { ip: props.clusterIp } })
+    }
     await this.patchCertSecret({ k8sClient, props, context })
     await this.sleep(2000) // 停留2秒，等待secret部署完成
     await this.restartIngress({ k8sClient, props })
-
     return true
   }
 
@@ -90,7 +114,7 @@ export class DeployCertToTencentTKEIngress extends AbstractTencentPlugin {
     }
     const ret = await client.DescribeClusterKubeconfig(params)
     this.checkRet(ret)
-    this.logger.info('注意：后续操作需要在【集群->基本信息】中配置（外网或内网访问）,https://console.cloud.tencent.com/tke2/cluster')
+    this.logger.info('注意：后续操作需要在【集群->基本信息】中开启外网或内网访问,https://console.cloud.tencent.com/tke2/cluster')
     return ret.Kubeconfig
   }
 
@@ -99,6 +123,7 @@ export class DeployCertToTencentTKEIngress extends AbstractTencentPlugin {
     if (tencentCertId == null) {
       throw new Error('请先将【上传证书到腾讯云】作为前置任务')
     }
+    this.logger.info('腾讯云证书ID:', tencentCertId)
     const certIdBase64 = Buffer.from(tencentCertId).toString('base64')
 
     const { namespace, secretName } = props

packages/plugins/src/tencent/upload-to-tencent/index.js

@@ -54,7 +54,7 @@ export class UploadCertToTencent extends AbstractTencentPlugin {
 
   async execute ({ cert, props, context, logger }) {
     const { name, accessProvider } = props
-    const certName = this.appendTimeSuffix(name)
+    const certName = this.appendTimeSuffix(name || cert.domain)
 
     const provider = this.getAccessProvider(accessProvider)
     const client = this.getClient(provider)

packages/plugins/src/utils/util.k8s.client.js

@@ -1,17 +1,45 @@
 import kubernetesClient from 'kubernetes-client'
 import { util } from '@certd/api'
 import Request from 'kubernetes-client/backends/request/index.js'
+import dns from 'dns'
 const { KubeConfig, Client } = kubernetesClient
 const logger = util.logger
+
 export class K8sClient {
   constructor (kubeConfigStr) {
-    const kubeconfig = new KubeConfig()
+    this.kubeConfigStr = kubeConfigStr
-    kubeconfig.loadFromString(kubeConfigStr)
+    this.init()
+  }
 
-    const backend = new Request({ kubeconfig })
+  init () {
+    const kubeconfig = new KubeConfig()
+    kubeconfig.loadFromString(this.kubeConfigStr)
+    const reqOpts = { kubeconfig, request: {} }
+    if (this.lookup) {
+      reqOpts.request.lookup = this.lookup
+    }
+
+    const backend = new Request(reqOpts)
     this.client = new Client({ backend, version: '1.13' })
   }
 
+  /**
+   *
+   * @param localRecords {  [domain]:{ip:'xxx.xx.xxx'} }
+   */
+  setLookup (localRecords) {
+    this.lookup = (hostnameReq, options, callback) => {
+      logger.info('custom lookup', hostnameReq, localRecords)
+      if (localRecords[hostnameReq]) {
+        logger.info('local record', hostnameReq, localRecords[hostnameReq])
+        callback(null, localRecords[hostnameReq].ip, 4)
+      } else {
+        dns.lookup(hostnameReq, options, callback)
+      }
+    }
+    this.init()
+  }
+
   /**
    * 查询 secret列表
    * @param opts = {namespace:default}

packages/plugins/test/tencent/deploy-to-tke-ingress.test.js

@@ -36,18 +36,21 @@ describe('DeployCertToTencentTKEIngress', function () {
   //   console.log('kubeConfig:', kubeConfig)
   // })
   //
-  // it('#getTKESecrets', async function () {
+  it('#getTKESecrets', async function () {
-  //   this.timeout(5000)
+    this.timeout(50000)
-  //   const { options, deployOpts } = await getOptions()
+    const { options, deployOpts } = await getOptions()
-  //   const plugin = new DeployCertToTencentTKEIngress()
+    const plugin = new DeployCertToTencentTKEIngress(options)
-  //   const tkeClient = plugin.getTkeClient(options.accessProviders[deployOpts.props.accessProvider], deployOpts.props.region)
+    const tkeClient = plugin.getTkeClient(options.accessProviders[deployOpts.props.accessProvider], deployOpts.props.region)
-  //   const kubeConfig = await plugin.getTkeKubeConfig(tkeClient, deployOpts.props)
+    const kubeConfig = await plugin.getTkeKubeConfig(tkeClient, deployOpts.props.clusterId)
-  //
+
-  //   const k8sClient = new K8sClient(kubeConfig)
+    const k8sClient = new K8sClient(kubeConfig)
-  //   const secrets = await k8sClient.getSecret()
+    k8sClient.setLookup({
-  //
+      'cls-6lbj1vee.ccs.tencent-cloud.com': { ip: '13.123.123.123' }
-  //   console.log('secrets:', secrets)
+    })
-  // })
+    const secrets = await k8sClient.getSecret()
+
+    console.log('secrets:', secrets)
+  })
   //
   // it('#patchTKECertSecrets', async function () {
   //   this.timeout(5000)