lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-04-09 01:30:57 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: lkddi:v1.23.0
Branches Tags
lkddi:v2 lkddi:v2-dev lkddi:v2_admin_mode lkddi:v2-domain-sync lkddi:v2_singleton lkddi:v2-dev-buy lkddi:v2-dev-addon lkddi:v2-dev-plugin-config lkddi:alert-autofix-26 lkddi:alert-autofix-31 lkddi:client_sync lkddi:v2-dev-order lkddi:v2-dev-auto lkddi:acme_sync lkddi:server_sync lkddi:master
lkddi:v1.39.9 lkddi:v1.39.8 lkddi:v1.39.7 lkddi:v1.39.6 lkddi:v1.39.5 lkddi:v1.39.4 lkddi:v1.39.3 lkddi:v1.39.2 lkddi:v1.39.1 lkddi:v1.39.0 lkddi:v1.38.12 lkddi:v1.38.11 lkddi:v1.38.10 lkddi:v1.38.9 lkddi:v1.38.8 lkddi:v1.38.7 lkddi:v1.38.6 lkddi:v1.38.5 lkddi:v1.38.4 lkddi:v1.38.3 lkddi:v1.38.2 lkddi:v1.38.1 lkddi:v1.38.0 lkddi:v1.37.17 lkddi:v1.37.16 lkddi:v1.37.15 lkddi:v1.37.14 lkddi:v1.37.13 lkddi:v1.37.12 lkddi:v1.37.11 lkddi:v1.37.10 lkddi:v1.37.9 lkddi:v1.37.8 lkddi:v1.37.7 lkddi:v1.37.6 lkddi:v1.37.5 lkddi:v1.37.4 lkddi:v1.37.3 lkddi:v1.37.2 lkddi:v1.37.1 lkddi:v1.37.0 lkddi:v1.36.25 lkddi:v1.36.24 lkddi:v1.36.23 lkddi:v1.36.22 lkddi:v1.36.21 lkddi:v1.36.20 lkddi:v1.36.19 lkddi:v1.36.18 lkddi:v1.36.17 lkddi:v1.36.16 lkddi:v1.36.15 lkddi:v1.36.14 lkddi:v1.36.13 lkddi:v1.36.12 lkddi:v1.36.11 lkddi:v1.36.10 lkddi:v1.36.9 lkddi:v1.36.7 lkddi:v1.36.6 lkddi:v1.36.5 lkddi:v1.36.4 lkddi:v1.36.3 lkddi:v1.36.2 lkddi:v1.36.1 lkddi:v1.36.0 lkddi:v1.35.5 lkddi:v1.35.4 lkddi:v1.35.3 lkddi:v1.35.2 lkddi:v1.35.1 lkddi:v1.35.0 lkddi:v1.34.11 lkddi:v1.34.10 lkddi:v1.34.9 lkddi:v1.34.8 lkddi:v1.34.7 lkddi:v1.34.6 lkddi:v1.34.5 lkddi:v1.34.4 lkddi:v1.34.3 lkddi:v1.34.2 lkddi:v1.34.1 lkddi:v1.34.0 lkddi:v1.33.8 lkddi:v1.33.7 lkddi:v1.33.6 lkddi:v1.33.5 lkddi:v1.33.4 lkddi:v1.33.3 lkddi:v1.33.2 lkddi:v1.33.1 lkddi:v1.33.0 lkddi:v1.32.0 lkddi:v1.31.11 lkddi:v1.31.10 lkddi:v1.31.9 lkddi:v1.31.8 lkddi:v1.31.7 lkddi:v1.31.6 lkddi:v1.31.5 lkddi:v1.31.4 lkddi:v1.31.3 lkddi:v1.31.2 lkddi:v1.31.1 lkddi:v1.31.0 lkddi:v1.30.6 lkddi:v1.30.5 lkddi:v1.30.4 lkddi:v1.30.3 lkddi:v1.30.2 lkddi:v1.30.1 lkddi:v1.30.0 lkddi:v1.29.5 lkddi:v1.29.4 lkddi:v1.29.3 lkddi:v1.29.2 lkddi:v1.29.1 lkddi:v1.29.0 lkddi:v1.28.4 lkddi:v1.28.3 lkddi:v1.28.2 lkddi:v1.28.1 lkddi:v1.28.0 lkddi:v1.27.9 lkddi:v1.27.8 lkddi:v1.27.7 lkddi:v1.27.6 lkddi:v1.27.5 lkddi:v1.27.4 lkddi:v1.27.3 lkddi:v1.27.2 lkddi:v1.27.1 lkddi:v1.27.0 lkddi:v1.26.16 lkddi:v1.26.15 lkddi:v1.26.14 lkddi:v1.26.13 lkddi:v1.26.12 lkddi:v1.26.11 lkddi:v1.26.10 lkddi:v1.26.9 lkddi:v1.26.8 lkddi:v1.26.7 lkddi:v1.26.6 lkddi:v1.26.5 lkddi:v1.26.4 lkddi:v1.26.3 lkddi:v1.26.2 lkddi:v1.26.1 lkddi:v1.26.0 lkddi:v1.25.9 lkddi:v1.25.8 lkddi:v1.25.7 lkddi:v1.25.6 lkddi:v1.25.5 lkddi:v1.25.4 lkddi:v1.25.3 lkddi:v1.25.2 lkddi:v1.25.1 lkddi:v1.25.0 lkddi:v1.24.4 lkddi:v1.24.3 lkddi:v1.24.2 lkddi:v1.24.1 lkddi:v1.24.0 lkddi:v1.23.1 lkddi:v1.23.0 lkddi:v1.22.9 lkddi:v1.22.8 lkddi:v1.22.7 lkddi:v1.22.6 lkddi:v1.22.5 lkddi:v1.22.4 lkddi:v1.22.3 lkddi:v1.22.2 lkddi:v1.22.1 lkddi:v1.22.0 lkddi:v1.21.2 lkddi:v1.21.1 lkddi:v1.21.0 lkddi:v1.20.17 lkddi:v1.20.16 lkddi:v1.20.15 lkddi:v1.20.14 lkddi:v1.20.13 lkddi:v1.20.12 lkddi:v1.20.10 lkddi:v1.20.9 lkddi:v1.20.8 lkddi:v1.20.7 lkddi:v1.20.6 lkddi:v1.20.5 lkddi:v1.20.2 lkddi:v1.2.1 lkddi:v1.2.0 lkddi:v1.1.6 lkddi:v1.1.5 lkddi:v1.1.4 lkddi:v1.1.3 lkddi:v1.1.2 lkddi:v1.1.1 lkddi:v1.1.0 lkddi:v1.0.6 lkddi:v1.0.5 lkddi:v1.0.4 lkddi:v1.0.3 lkddi:v1.0.2 lkddi:v1.0.1 lkddi:v1.0.0 lkddi:v0.3.1 lkddi:v0.3.0 lkddi:v0.2.2 lkddi:v0.2.1 lkddi:v0.2.0 lkddi:v0.1.21 lkddi:v0.1.20 lkddi:v0.1.19 lkddi:v0.1.18 lkddi:v0.1.17 lkddi:v0.1.16 lkddi:v0.1.15 lkddi:v0.1.14 lkddi:v0.1.13 lkddi:v0.1.12 lkddi:v0.1.11 lkddi:v0.1.10 lkddi:v0.1.9 lkddi:v0.1.8 lkddi:v0.1.7
...
compare: lkddi:v1.24.1
Branches Tags
lkddi:v2-dev lkddi:v2 lkddi:v2_admin_mode lkddi:v2-domain-sync lkddi:v2_singleton lkddi:v2-dev-buy lkddi:v2-dev-addon lkddi:v2-dev-plugin-config lkddi:alert-autofix-26 lkddi:alert-autofix-31 lkddi:client_sync lkddi:v2-dev-order lkddi:v2-dev-auto lkddi:acme_sync lkddi:server_sync lkddi:master
lkddi:v1.39.9 lkddi:v1.39.8 lkddi:v1.39.7 lkddi:v1.39.6 lkddi:v1.39.5 lkddi:v1.39.4 lkddi:v1.39.3 lkddi:v1.39.2 lkddi:v1.39.1 lkddi:v1.39.0 lkddi:v1.38.12 lkddi:v1.38.11 lkddi:v1.38.10 lkddi:v1.38.9 lkddi:v1.38.8 lkddi:v1.38.7 lkddi:v1.38.6 lkddi:v1.38.5 lkddi:v1.38.4 lkddi:v1.38.3 lkddi:v1.38.2 lkddi:v1.38.1 lkddi:v1.38.0 lkddi:v1.37.17 lkddi:v1.37.16 lkddi:v1.37.15 lkddi:v1.37.14 lkddi:v1.37.13 lkddi:v1.37.12 lkddi:v1.37.11 lkddi:v1.37.10 lkddi:v1.37.9 lkddi:v1.37.8 lkddi:v1.37.7 lkddi:v1.37.6 lkddi:v1.37.5 lkddi:v1.37.4 lkddi:v1.37.3 lkddi:v1.37.2 lkddi:v1.37.1 lkddi:v1.37.0 lkddi:v1.36.25 lkddi:v1.36.24 lkddi:v1.36.23 lkddi:v1.36.22 lkddi:v1.36.21 lkddi:v1.36.20 lkddi:v1.36.19 lkddi:v1.36.18 lkddi:v1.36.17 lkddi:v1.36.16 lkddi:v1.36.15 lkddi:v1.36.14 lkddi:v1.36.13 lkddi:v1.36.12 lkddi:v1.36.11 lkddi:v1.36.10 lkddi:v1.36.9 lkddi:v1.36.7 lkddi:v1.36.6 lkddi:v1.36.5 lkddi:v1.36.4 lkddi:v1.36.3 lkddi:v1.36.2 lkddi:v1.36.1 lkddi:v1.36.0 lkddi:v1.35.5 lkddi:v1.35.4 lkddi:v1.35.3 lkddi:v1.35.2 lkddi:v1.35.1 lkddi:v1.35.0 lkddi:v1.34.11 lkddi:v1.34.10 lkddi:v1.34.9 lkddi:v1.34.8 lkddi:v1.34.7 lkddi:v1.34.6 lkddi:v1.34.5 lkddi:v1.34.4 lkddi:v1.34.3 lkddi:v1.34.2 lkddi:v1.34.1 lkddi:v1.34.0 lkddi:v1.33.8 lkddi:v1.33.7 lkddi:v1.33.6 lkddi:v1.33.5 lkddi:v1.33.4 lkddi:v1.33.3 lkddi:v1.33.2 lkddi:v1.33.1 lkddi:v1.33.0 lkddi:v1.32.0 lkddi:v1.31.11 lkddi:v1.31.10 lkddi:v1.31.9 lkddi:v1.31.8 lkddi:v1.31.7 lkddi:v1.31.6 lkddi:v1.31.5 lkddi:v1.31.4 lkddi:v1.31.3 lkddi:v1.31.2 lkddi:v1.31.1 lkddi:v1.31.0 lkddi:v1.30.6 lkddi:v1.30.5 lkddi:v1.30.4 lkddi:v1.30.3 lkddi:v1.30.2 lkddi:v1.30.1 lkddi:v1.30.0 lkddi:v1.29.5 lkddi:v1.29.4 lkddi:v1.29.3 lkddi:v1.29.2 lkddi:v1.29.1 lkddi:v1.29.0 lkddi:v1.28.4 lkddi:v1.28.3 lkddi:v1.28.2 lkddi:v1.28.1 lkddi:v1.28.0 lkddi:v1.27.9 lkddi:v1.27.8 lkddi:v1.27.7 lkddi:v1.27.6 lkddi:v1.27.5 lkddi:v1.27.4 lkddi:v1.27.3 lkddi:v1.27.2 lkddi:v1.27.1 lkddi:v1.27.0 lkddi:v1.26.16 lkddi:v1.26.15 lkddi:v1.26.14 lkddi:v1.26.13 lkddi:v1.26.12 lkddi:v1.26.11 lkddi:v1.26.10 lkddi:v1.26.9 lkddi:v1.26.8 lkddi:v1.26.7 lkddi:v1.26.6 lkddi:v1.26.5 lkddi:v1.26.4 lkddi:v1.26.3 lkddi:v1.26.2 lkddi:v1.26.1 lkddi:v1.26.0 lkddi:v1.25.9 lkddi:v1.25.8 lkddi:v1.25.7 lkddi:v1.25.6 lkddi:v1.25.5 lkddi:v1.25.4 lkddi:v1.25.3 lkddi:v1.25.2 lkddi:v1.25.1 lkddi:v1.25.0 lkddi:v1.24.4 lkddi:v1.24.3 lkddi:v1.24.2 lkddi:v1.24.1 lkddi:v1.24.0 lkddi:v1.23.1 lkddi:v1.23.0 lkddi:v1.22.9 lkddi:v1.22.8 lkddi:v1.22.7 lkddi:v1.22.6 lkddi:v1.22.5 lkddi:v1.22.4 lkddi:v1.22.3 lkddi:v1.22.2 lkddi:v1.22.1 lkddi:v1.22.0 lkddi:v1.21.2 lkddi:v1.21.1 lkddi:v1.21.0 lkddi:v1.20.17 lkddi:v1.20.16 lkddi:v1.20.15 lkddi:v1.20.14 lkddi:v1.20.13 lkddi:v1.20.12 lkddi:v1.20.10 lkddi:v1.20.9 lkddi:v1.20.8 lkddi:v1.20.7 lkddi:v1.20.6 lkddi:v1.20.5 lkddi:v1.20.2 lkddi:v1.2.1 lkddi:v1.2.0 lkddi:v1.1.6 lkddi:v1.1.5 lkddi:v1.1.4 lkddi:v1.1.3 lkddi:v1.1.2 lkddi:v1.1.1 lkddi:v1.1.0 lkddi:v1.0.6 lkddi:v1.0.5 lkddi:v1.0.4 lkddi:v1.0.3 lkddi:v1.0.2 lkddi:v1.0.1 lkddi:v1.0.0 lkddi:v0.3.1 lkddi:v0.3.0 lkddi:v0.2.2 lkddi:v0.2.1 lkddi:v0.2.0 lkddi:v0.1.21 lkddi:v0.1.20 lkddi:v0.1.19 lkddi:v0.1.18 lkddi:v0.1.17 lkddi:v0.1.16 lkddi:v0.1.15 lkddi:v0.1.14 lkddi:v0.1.13 lkddi:v0.1.12 lkddi:v0.1.11 lkddi:v0.1.10 lkddi:v0.1.9 lkddi:v0.1.8 lkddi:v0.1.7

76 Commits
v1.23.0 ... v1.24.1

Author SHA1 Message Date
xiaojunnuo
bef6b981e2 v1.24.1 2024-09-02 23:57:42 +08:00
xiaojunnuo
a77cd65789 build: prepare to build 2024-09-02 23:56:04 +08:00
xiaojunnuo
415b731d9a chore: 2024-09-02 23:55:38 +08:00
xiaojunnuo
6c0099d600 chore: 2024-09-02 23:47:15 +08:00
xiaojunnuo
98b77f8084 perf: 支持阿里云 DCDN 2024-09-02 23:46:28 +08:00
Greper
2f47ffb76b Merge pull request #148 from wujingke/v2 
pref: 添加阿里云DCDN 废弃SetDomainServerCertificate接口 改为SetCdnDomainSSLCertificate
 2024-09-02 22:00:36 +08:00
w
35a3603c41 添加阿里云DCDN 废弃SetDomainServerCertificate接口 改为SetCdnDomainSSLCertificate 2024-09-02 19:33:17 +08:00
xiaojunnuo
ea775adae1 perf: 支持已跳过的步骤重新运行 2024-09-02 18:36:12 +08:00
xiaojunnuo
724a85028b perf: 支持cdnfly 2024-09-02 16:59:49 +08:00
xiaojunnuo
b2d595e85c Merge remote-tracking branch 'origin/v2' into v2 2024-09-02 15:50:43 +08:00
xiaojunnuo
d9b1ff8c5c chore: 2024-09-02 15:49:56 +08:00
xiaojunnuo
1c17970b98 fix: 激活仅限管理员 2024-09-02 01:02:41 +08:00
xiaojunnuo
b9bddbfabb perf: 支持ftp上传 2024-09-01 04:49:26 +08:00
xiaojunnuo
ee617095ef perf: 部署插件支持宝塔、易盾云等 2024-08-30 18:52:31 +08:00
xiaojunnuo
bee20c7f51 chore: 1 2024-08-29 11:15:45 +08:00
xiaojunnuo
b8e05e9b44 chore: 2024-08-29 10:09:22 +08:00
xiaojunnuo
869e14bad9 pref: 自动优化数据库,释放被删除空间 2024-08-29 09:57:27 +08:00
xiaojunnuo
952e01ab7d chore: 2024-08-28 14:45:57 +08:00
xiaojunnuo
db61033633 perf: 优化内存占用 2024-08-28 14:40:50 +08:00
xiaojunnuo
42a56b581d perf: 授权配置支持加密 
原本已经添加的授权配置,再次编辑保存即变成加密配置
 2024-08-27 13:46:19 +08:00
xiaojunnuo
d6bb9f6af4 chore: 2024-08-26 12:37:42 +08:00
xiaojunnuo
a430b27034 chore: 2024-08-26 12:32:36 +08:00
xiaojunnuo
0f6679425f fix: 修复在没有勾选使用代理的情况下,仍然会使用代理的bug 2024-08-26 11:34:01 +08:00
xiaojunnuo
4b9d1eb4b5 chore: 2024-08-26 11:06:46 +08:00
xiaojunnuo
ca4a1b8d92 chore: 2024-08-26 11:06:28 +08:00
xiaojunnuo
08a702a758 chore: 2024-08-26 10:19:06 +08:00
xiaojunnuo
589191244f chore: 2024-08-26 10:09:53 +08:00
xiaojunnuo
f3ddcd3054 Merge remote-tracking branch 'origin/v2' into v2 2024-08-26 09:59:10 +08:00
xiaojunnuo
f923655d91 chore: 2024-08-26 09:58:51 +08:00
xiaojunnuo
879e2609ca chore: 2024-08-25 15:35:04 +08:00
xiaojunnuo
d227dd64e3 chore: 2024-08-25 15:34:00 +08:00
xiaojunnuo
d2997624b0 build: trigger build image 2024-08-25 14:28:10 +08:00
xiaojunnuo
f17b08ddab v1.24.0 2024-08-25 14:27:41 +08:00
xiaojunnuo
893b853fd4 build: prepare to build 2024-08-25 14:26:34 +08:00
xiaojunnuo
15846eda85 chore: 2024-08-25 12:07:47 +08:00
xiaojunnuo
19ddf61127 chore: 2024-08-25 11:57:07 +08:00
xiaojunnuo
a7424e02f5 feat: 支持ECC类型 2024-08-25 11:56:15 +08:00
xiaojunnuo
d4092e4929 chore: 1 2024-08-25 03:27:38 +08:00
xiaojunnuo
62ef54c7c3 chore: 1 2024-08-25 03:14:07 +08:00
xiaojunnuo
85ae80c882 Merge remote-tracking branch 'origin/acme_sync' into v2 
# Conflicts:
#	packages/core/acme-client/package.json
 2024-08-25 03:01:13 +08:00
xiaojunnuo
a593056e79 feat: 支持google证书申请(需要使用代理) 2024-08-25 02:59:49 +08:00
xiaojunnuo
22a336370a fix: 修复执行日志没有清理的bug 2024-08-25 01:55:34 +08:00
xiaojunnuo
86ebbcb9bb chore: 1 2024-08-24 23:48:26 +08:00
xiaojunnuo
c28f3cdcf7 chore: 1 2024-08-24 01:05:06 +08:00
xiaojunnuo
41b9837582 fix: 修复ssh无法连接成功,无法执行命令的bug 2024-08-24 00:00:27 +08:00
xiaojunnuo
37eb762afe fix: 修复成功后跳过之后丢失腾讯云证书id的bug 2024-08-23 23:26:31 +08:00
xiaojunnuo
3345c145b8 fix: 部署到腾讯云cdn选择证书任务步骤限制只能选证书 2024-08-23 18:02:14 +08:00
xiaojunnuo
17ead547aa fix: 修复创建流水线后立即运行时报no id错误的bug 
Closes https://github.com/certd/certd/issues/135
 2024-08-23 17:41:02 +08:00
xiaojunnuo
e358a88696 fix: 修复重置密码参数配置后无效的bug 2024-08-23 17:16:52 +08:00
xiaojunnuo
968c4690a0 perf: 优化证书申请成功率 2024-08-23 13:15:06 +08:00
xiaojunnuo
453f1baa0b perf: email proxy 2024-08-23 11:35:34 +08:00
xiaojunnuo
14ab93dc2f chore: 1 2024-08-21 12:38:09 +08:00
xiaojunnuo
790bf11af0 perf: 优化dnspod的token id 说明 2024-08-21 10:36:10 +08:00
xiaojunnuo
95122e2860 fix: 修复使用代理的情况下申请证书失败的bug 2024-08-21 10:34:50 +08:00
xiaojunnuo
ab7a1673ff chore: plus 2024-08-21 08:36:03 +08:00
xiaojunnuo
db9d27468e chore: license说明 2024-08-14 21:24:12 +08:00
xiaojunnuo
746bb9d385 perf: 更新k8s底层api库 2024-08-14 15:10:55 +08:00
xiaojunnuo
7b451bbf6e perf: 优化成功后跳过的提示 2024-08-13 20:30:42 +08:00
xiaojunnuo
ffc4e71783 build: trigger build image 2024-08-06 11:39:34 +08:00
xiaojunnuo
7eb6d7d053 v1.23.1 2024-08-06 11:39:21 +08:00
xiaojunnuo
93b6431369 build: prepare to build 2024-08-06 11:38:30 +08:00
xiaojunnuo
d301ac6832 chore: 2024-08-06 11:37:46 +08:00
xiaojunnuo
1af19f0ac0 perf: 优化默认值设置 2024-08-06 11:32:25 +08:00
xiaojunnuo
24c7be2c9c perf: 优化插件字段的default value 2024-08-06 11:23:23 +08:00
xiaojunnuo
c3f04a80fd chore: pg 改成bigint 2024-08-06 11:10:33 +08:00
xiaojunnuo
bf6c5d690e chore: 权益 2024-08-06 10:32:07 +08:00
xiaojunnuo
7c92762f48 chore: k8s logger 2024-08-06 10:23:09 +08:00
xiaojunnuo
efacfd6b2c chore: k8s logger 2024-08-06 10:22:28 +08:00
xiaojunnuo
93559174c7 fix: 修复模糊查询无效的bug 2024-08-06 10:12:02 +08:00
xiaojunnuo
1b0ae8654f chore: 2024-08-06 09:12:25 +08:00
xiaojunnuo
d11a19ce59 chore: 2024-08-06 09:12:14 +08:00
xiaojunnuo
9a68b0fb61 chore: 2024-08-06 09:11:31 +08:00
xiaojunnuo
79bbdce1e1 chore: 2024-08-06 09:04:38 +08:00
xiaojunnuo
916ee4a089 chore: 2024-08-06 09:00:45 +08:00
xiaojunnuo
ac9313da38 build: trigger build image 2024-08-05 18:08:50 +08:00
GitHub Actions Bot
e5edfbfa6d 🔱: [acme] sync upgrade with 6 commits [trident-sync] 
Bump v5.4.0
Bump dependencies
Retry HTTP requests on server errors or when rate limited
Forgot to refresh directory timestamp after successful get
Add utility method tests
 2024-07-16 19:24:08 +00:00
183 changed files with 3159 additions and 1575 deletions
Expand all files Collapse all files

14
.github/workflows/build-image.yml vendored
View File

@@ -58,12 +58,20 @@ jobs:
username: ${{ secrets.aliyun_cs_username }}
password: ${{ secrets.aliyun_cs_password }}
- name: Build and push
uses: docker/build-push-action@v6.5.0
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
platforms: linux/amd64,linux/arm64,linux/arm/v7
username: ${{ secrets.dockerhub_username }}
password: ${{ secrets.dockerhub_password }}
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64
push: true
context: ./packages/ui/
tags: |
registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}
greper/certd:latest
greper/certd:${{steps.get_certd_version.outputs.result}}

1
.gitignore vendored
View File

@@ -39,3 +39,4 @@ tsconfig.tsbuildinfo
test/**/*.js
/packages/ui/certd-server/data/db.sqlite
/packages/ui/certd-server/data/keys.yaml
/packages/pro/

53
CHANGELOG.md
View File

@@ -3,6 +3,59 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.24.1](https://github.com/certd/certd/compare/v1.24.0...v1.24.1) (2024-09-02)
### Bug Fixes
* 激活仅限管理员 ([1c17970](https://github.com/certd/certd/commit/1c17970b981f0987c506744ee6b2283fd5e40493))
* 修复在没有勾选使用代理的情况下仍然会使用代理的bug ([0f66794](https://github.com/certd/certd/commit/0f6679425f6a736bb0128527dd99c085fac17d84))
### Performance Improvements
* 部署插件支持宝塔、易盾云等 ([ee61709](https://github.com/certd/certd/commit/ee617095efa1171548cf52fd45f0f98a368555a3))
* 授权配置支持加密 ([42a56b5](https://github.com/certd/certd/commit/42a56b581d754c3e5f9838179d19ab0d004ef2eb))
* 优化内存占用 ([db61033](https://github.com/certd/certd/commit/db6103363364440b650bc10bb334834e4a9470c7))
* 支持阿里云 DCDN ([98b77f8](https://github.com/certd/certd/commit/98b77f80843834616fb26f83b4c42245326abd06))
* 支持已跳过的步骤重新运行 ([ea775ad](https://github.com/certd/certd/commit/ea775adae18d57a04470cfba6b9460d761d74035))
* 支持cdnfly ([724a850](https://github.com/certd/certd/commit/724a85028b4a7146c9e3b4df4497dcf2a7bf7c67))
* 支持ftp上传 ([b9bddbf](https://github.com/certd/certd/commit/b9bddbfabb5664365f1232e9432532187c98006c))
# [1.24.0](https://github.com/certd/certd/compare/v1.23.1...v1.24.0) (2024-08-25)
### Bug Fixes
* 部署到腾讯云cdn选择证书任务步骤限制只能选证书 ([3345c14](https://github.com/certd/certd/commit/3345c145b802170f75a098a35d0c4b8312efcd17))
* 修复成功后跳过之后丢失腾讯云证书id的bug ([37eb762](https://github.com/certd/certd/commit/37eb762afe25c5896b75dee25f32809f8426e7b7))
* 修复创建流水线后立即运行时报no id错误的bug ([17ead54](https://github.com/certd/certd/commit/17ead547aab25333603980304aa3aad3db1f73d5))
* 修复使用代理的情况下申请证书失败的bug ([95122e2](https://github.com/certd/certd/commit/95122e28609333f4df55c266e5434897954c0fb3))
* 修复执行日志没有清理的bug ([22a3363](https://github.com/certd/certd/commit/22a336370a88a7df2a23c967043bae153da71ed5))
* 修复重置密码参数配置后无效的bug ([e358a88](https://github.com/certd/certd/commit/e358a8869696578687306e4cd0dcda53f898fe13))
* 修复ssh无法连接成功无法执行命令的bug ([41b9837](https://github.com/certd/certd/commit/41b9837582323fb400ef8525ce65e8b37ad4b36f))
### Features
* 支持ECC类型 ([a7424e0](https://github.com/certd/certd/commit/a7424e02f5c7e02ac1688791040785920ce67473))
* 支持google证书申请需要使用代理 ([a593056](https://github.com/certd/certd/commit/a593056e79e99dd6a74f75b5eab621af7248cfbe))
### Performance Improvements
* 更新k8s底层api库 ([746bb9d](https://github.com/certd/certd/commit/746bb9d385e2f397daef4976eca1d4782a2f5ebd))
* 优化成功后跳过的提示 ([7b451bb](https://github.com/certd/certd/commit/7b451bbf6e6337507f4627b5a845f5bd96ab4f7b))
* 优化证书申请成功率 ([968c469](https://github.com/certd/certd/commit/968c4690a07f69c08dcb3d3a494da4e319627345))
* 优化dnspod的token id 说明 ([790bf11](https://github.com/certd/certd/commit/790bf11af06d6264ef74bc1bb919661f0354239a))
* email proxy ([453f1ba](https://github.com/certd/certd/commit/453f1baa0b9eb0f648aa1b71ccf5a95b202ce13f))
## [1.23.1](https://github.com/certd/certd/compare/v1.23.0...v1.23.1) (2024-08-06)
### Bug Fixes
* 修复模糊查询无效的bug ([9355917](https://github.com/certd/certd/commit/93559174c780173f0daec7cdbd1f72f8d5c504d5))
### Performance Improvements
* 优化插件字段的default value ([24c7be2](https://github.com/certd/certd/commit/24c7be2c9cb39c14f7a97b674127c88033280b02))
* 优化默认值设置 ([1af19f0](https://github.com/certd/certd/commit/1af19f0ac053fe109782882964533636b5969d6b))
# [1.23.0](https://github.com/certd/certd/compare/v1.22.9...v1.23.0) (2024-08-05)
### Bug Fixes

30
LICENSE.md Normal file
View File

@@ -0,0 +1,30 @@
# Certd Open Source License
- This project is licensed under the **GNU Affero General Public License (AGPL)** with the following additional terms.
- 本项目遵循 GNU Affero General Public LicenseAGPL并附加以下条款。
## 1. License Terms ( 许可证条款 )
1. **Freedom to Use** (自由使用)
- You are free to use, copy, modify, and distribute the source code of this project for personal or organizational use, provided that you comply with the terms of this license.
- 您可以自由使用、复制、修改和分发本项目的源代码,前提是您遵循本许可证的条款。
2. **Modification for Personal Use** (个人使用的修改)
- Individuals and companies are allowed to modify the project according to their needs for non-commercial purposes. However, modifications to the logo, copyright information, or any code related to licensing are strictly prohibited.
- 个人和公司允许根据自身需求对本项目进行修改以供非商业用途。但任何对logo、版权信息或与许可相关代码的修改都是严格禁止的。
3. **Commercial Authorization** (商业授权)
- If you wish to make any form of monetary gain from this project, you must first obtain commercial authorization from the original author. Users should contact the author directly to negotiate the relevant licensing terms.
- 如果您希望从本项目获得任何形式的经济收益,您必须首先从原作者处获得商业授权,用户应直接与作者联系,以协商相关许可条款。
4. **Retention of Rights** (保留权利)
- All rights, title, and interest in the project remain with the original author.
- 本项目的所有权利、标题和利益仍归原作者所有。
## 2. As a contributor ( 作为贡献者 )
- you should agree that your contributed code:
- 您应同意您贡献的代码:
1. - The original author can adjust the open-source agreement to be more strict or relaxed.
- 原作者可以调整开源协议以使其更严格或更宽松。
2. - Can be used for commercial purposes.
- 可用于商业用途。

66
README.md
View File

@@ -1,10 +1,26 @@
# CertD
# Certd
CertD 是一个免费全自动申请和自动部署更新SSL证书的工具。
后缀D取自linux守护进程的命名风格意为证书守护进程。
Certd 是一个免费全自动申请和自动部署更新SSL证书的工具。
后缀d取自linux守护进程的命名风格意为证书守护进程。
关键字:证书自动申请、证书自动更新、证书自动续期、证书自动续签
************************
支持开源,为爱发电,我已入驻爱发电
https://afdian.com/a/greper
发电权益:
1. 可加入发电专属群,可以获得作者一对一技术支持
2. 您的需求我们将优先实现,并且将作为专业版功能提供
3. 一年期专业版激活码
4. 赠送国外免费服务器部署方案0成本使用Certd不过该服务器需要翻墙
专业版特权
1. 证书流水线条数无限制免费版限制10条
2. 免配置发邮件功能
3. 更多功能增加中...
************************
## 一、特性
本项目不仅支持证书申请过程自动化,还可以自动化部署更新证书,让你的证书永不过期。
@@ -82,8 +98,11 @@ docker compose up -d
> https://docs.docker.com/compose/install/linux/
#### 镜像说明:
* certd镜像地址:
* 国内镜像地址:
* `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest`
* DockerHub地址
* `https://hub.docker.com/r/greper/certd`
* `docker pull greper/certd:latest`
* 镜像构建通过`Actions`自动执行,过程公开透明,请放心使用
* [点我查看镜像构建日志](https://github.com/certd/certd/actions/workflows/build-image.yml)
@@ -101,11 +120,16 @@ http://your_server_ip:7001
## 五、 升级
如果使用固定版本号
1. 修改`docker-compose.yaml`中的镜像版本号
2. 运行 `docker compose up -d` 即可
2. 运行`docker compose up -d` 即可
如果使用`latest`版本
1. 重新拉取镜像 `docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest`
2. 重新启动容器 `docker compose restart`
```shell
#重新拉取镜像
docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
# 重新启动容器
docker compose down
docker compose up -d
```
> 数据默认存在`/data/certd`目录下,不用担心数据丢失
@@ -131,6 +155,7 @@ http://your_server_ip:7001
* [Cloudflare](./doc/cf/cf.md)
* [腾讯云](./doc/tencent/tencent.md)
* [windows主机](./doc/host/host.md)
* [google证书](./doc/google/google.md)
## 八、问题处理
@@ -169,26 +194,37 @@ docker compose up -d
</p>
## 十、捐赠
媳妇儿说:“一天到晚搞开源,也不管管老婆孩子!😡😡😡”
拜托各位捐赠支持一下,让媳妇儿开心开心,我也能有更多时间进行开源项目,感谢🙏🙏🙏
<p align="center">
<img height="380" src="./doc/images/donate.png">
</p>
支持开源,为爱发电,我已入驻爱发电
https://afdian.com/a/greper
发电权益:
1. 可加入发电专属群(先加我好友,发送发电截图,我拉你进群)
2. 你的需求优先实现
3. 可以获得作者一对一技术支持
4. 更多权益陆续增加中...
## 十一、贡献代码
[贡献插件教程](./plugin.md)
1. [贡献插件教程](./plugin.md)
2. 作为贡献者,代表您同意您贡献的代码如下许可:
1. 可以调整开源协议以使其更严格或更宽松。
2. 可以用于商业用途。
## 十二、 开源许可
* 本项目遵循 GNU Affero General Public LicenseAGPL开源协议。
* 允许个人和公司使用、复制、修改和分发本项目,禁止任何形式的商业用途
* 未获得商业授权情况下禁止任何对logo、版权信息及授权许可相关代码的修改。
* 如需商业授权,请联系作者。
## 十、我的其他项目求Star
## 十、我的其他项目求Star
* [袖手GPT](https://ai.handsfree.work/) ChatGPT国内可用无需FQ每日免费额度
* [fast-crud](https://gitee.com/fast-crud/fast-crud/) 基于vue3的crud快速开发框架
* [dev-sidecar](https://github.com/docmirror/dev-sidecar/) 直连访问github工具无需FQ解决github无法访问的问题
## 十、更新日志
## 十、更新日志
更新日志:[CHANGELOG](./CHANGELOG.md)

2
build.trigger
View File

@@ -1 +1 @@
16:10
1

37
doc/google/google.md Normal file
View File

@@ -0,0 +1,37 @@
# google证书申请教程
## 1、启用API
打开如下链接,启用 API
https://console.cloud.google.com/apis/library/publicca.googleapis.com
打开该链接后点击“启用”随后等待右侧出现“API已启用”则可以关闭该页。
## 2、 申请Key
随后打开“Google Cloud Shell”在右上角点击激活CloudShell图标
等待分配完成后在 Shell 窗口内输入如下命令:
```shell
gcloud beta publicca external-account-keys create
```
此时会弹出“为 Cloud Shell 提供授权”,点击授权即可。
执行完成后会返回类似如下输出;注意不要在没有收到 Google 的邮件时执行该命令,会返回命令不存在。
```shell
Created an external account key
[b64MacKey: xxxxxxxxxxxxx
keyId: xxxxxxxxx]
```
记录以上信息备用
## 3、 创建证书流水线
选择证书提供商为google 开启使用代理
## 4、 将key信息作为EAB授权信息
google证书需要EAB授权 使用第二步中的 keyId 和 b64MacKey 信息创建一条EAB授权记录
## 5、 其他就跟正常申请证书一样了

8
doc/server/free.md
View File

@@ -1,8 +0,0 @@
# 免费服务器部署
## 1. 注册koyeb账号
https://app.koyeb.com/
## 2. 创建应用

14
docker/ftp/docker-compose.yaml Normal file
View File

@@ -0,0 +1,14 @@
version: '3.3'
services:
ftp:
# 镜像 # ↓↓↓↓↓ --- 1、 镜像版本号,建议改成固定版本号【可选】
image: gists/pure-ftpd
container_name: ftp # 容器名
restart: unless-stopped # 自动重启
volumes:
- /data/ftp2/:/home/ftpuser
ports: # 端口映射
- "21:21"
- "30000-30009:30000-30009"
environment: # 环境变量
- TZ=Asia/Shanghai

7
docker/run/docker-compose.yaml
View File

@@ -15,11 +15,12 @@ services:
# 如果出现getaddrinfo ENOTFOUND等错误可以尝试修改或注释dns配置
- 223.5.5.5
- 223.6.6.6
- 8.8.8.8
- 8.8.4.4
# ↓↓↓↓ ----------------------------------------------------------如果你服务器部署在国外可以用8.8.8.8替换上面的dns【可选】
# - 8.8.8.8
# - 8.8.4.4
environment: # 环境变量
- TZ=Asia/Shanghai
- certd_system_resetAdminPassword=false
- certd_system_resetAdminPasswd=false
# ↑↑↑↑↑---------------------------4、如果忘记管理员密码可以设置为true重启之后管理员密码将改成123456然后请及时修改回false【可选】
- certd_cron_immediateTriggerOnce=false
# ↑↑↑↑↑---------------------------5、如果设置为true启动后所有配置了cron的流水线任务都将被立即触发一次【可选】

2
lerna.json
View File

@@ -9,5 +9,5 @@
}
},
"npmClient": "pnpm",
"version": "1.23.0"
"version": "1.24.1"
}

2
package.json
View File

@@ -12,7 +12,7 @@
"scripts": {
"start": "lerna bootstrap --hoist",
"i-all": "lerna link && lerna exec npm install ",
"publish": "npm run prepublishOnly1 && lerna publish --conventional-commits --create-release github && npm run afterpublishOnly",
"publish": "npm run prepublishOnly2 && lerna publish --conventional-commits --create-release github && npm run afterpublishOnly",
"afterpublishOnly": "time /t >build.trigger && git add ./build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
"prepublishOnly1": "npm run check && lerna run build ",
"prepublishOnly2": "npm run check && npm run before-build && lerna run build ",

1
packages/certd-pro Submodule

Submodule packages/certd-pro added at 0dec0d461f

34
packages/core/acme-client/CHANGELOG.md
View File

@@ -3,6 +3,33 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.24.1](https://github.com/publishlab/node-acme-client/compare/v1.24.0...v1.24.1) (2024-09-02)
### Bug Fixes
* 修复在没有勾选使用代理的情况下仍然会使用代理的bug ([0f66794](https://github.com/publishlab/node-acme-client/commit/0f6679425f6a736bb0128527dd99c085fac17d84))
### Performance Improvements
* 部署插件支持宝塔、易盾云等 ([ee61709](https://github.com/publishlab/node-acme-client/commit/ee617095efa1171548cf52fd45f0f98a368555a3))
* 授权配置支持加密 ([42a56b5](https://github.com/publishlab/node-acme-client/commit/42a56b581d754c3e5f9838179d19ab0d004ef2eb))
# [1.24.0](https://github.com/publishlab/node-acme-client/compare/v1.23.1...v1.24.0) (2024-08-25)
### Bug Fixes
* 修复成功后跳过之后丢失腾讯云证书id的bug ([37eb762](https://github.com/publishlab/node-acme-client/commit/37eb762afe25c5896b75dee25f32809f8426e7b7))
* 修复创建流水线后立即运行时报no id错误的bug ([17ead54](https://github.com/publishlab/node-acme-client/commit/17ead547aab25333603980304aa3aad3db1f73d5))
* 修复使用代理的情况下申请证书失败的bug ([95122e2](https://github.com/publishlab/node-acme-client/commit/95122e28609333f4df55c266e5434897954c0fb3))
### Features
* 支持google证书申请需要使用代理 ([a593056](https://github.com/publishlab/node-acme-client/commit/a593056e79e99dd6a74f75b5eab621af7248cfbe))
### Performance Improvements
* 优化证书申请成功率 ([968c469](https://github.com/publishlab/node-acme-client/commit/968c4690a07f69c08dcb3d3a494da4e319627345))
## [1.22.6](https://github.com/publishlab/node-acme-client/compare/v1.22.5...v1.22.6) (2024-08-03)
**Note:** Version bump only for package @certd/acme-client
@@ -110,10 +137,11 @@ See [Conventional Commits](https://conventionalcommits.org) for commit guideline
# Changelog
## v5.4.0
## v5.4.0 (2024-07-16)
* `added` Directory URLs for [Google](https://cloud.google.com/certificate-manager/docs/overview) ACME provider
* `fixed` Invalidate ACME directory cache after 24 hours
* `fixed` Invalidate ACME provider directory cache after 24 hours
* `fixed` Retry HTTP requests on server errors or when rate limited - [#89](https://github.com/publishlab/node-acme-client/issues/89)
## v5.3.1 (2024-05-22)
@@ -123,7 +151,7 @@ See [Conventional Commits](https://conventionalcommits.org) for commit guideline
## v5.3.0 (2024-02-05)
* `added` Support and tests for satisfying `tls-alpn-01` challenges
* `changed` Replace `jsrsasign` with `@peculiar/x509` for certificate and CSR generation and parsing
* `changed` Replace `jsrsasign` with `@peculiar/x509` for certificate and CSR handling
* `changed` Method `getChallengeKeyAuthorization()` now returns `$token.$thumbprint` when called with a `tls-alpn-01` challenge
* Previously returned base64url encoded SHA256 digest of `$token.$thumbprint` erroneously
* This change is not considered breaking since the previous behavior was incorrect

12
packages/core/acme-client/package.json
View File

@@ -3,7 +3,7 @@
"description": "Simple and unopinionated ACME client",
"private": false,
"author": "nmorsman",
"version": "1.22.6",
"version": "1.24.1",
"main": "src/index.js",
"types": "types/index.d.ts",
"license": "MIT",
@@ -16,24 +16,24 @@
"types"
],
"dependencies": {
"@peculiar/x509": "^1.10.0",
"@peculiar/x509": "^1.11.0",
"asn1js": "^3.0.5",
"axios": "^1.7.2",
"debug": "^4.1.1",
"debug": "^4.3.5",
"https-proxy-agent": "^7.0.4",
"node-forge": "^1.3.1"
},
"devDependencies": {
"@types/node": "^20.12.12",
"@types/node": "^20.14.10",
"chai": "^4.4.1",
"chai-as-promised": "^7.1.2",
"eslint": "^8.57.0",
"eslint-config-airbnb-base": "^15.0.0",
"eslint-plugin-import": "^2.29.1",
"jsdoc-to-markdown": "^8.0.1",
"mocha": "^10.4.0",
"mocha": "^10.6.0",
"nock": "^13.5.4",
"tsd": "^0.31.0",
"tsd": "^0.31.1",
"typescript": "^4.8.4",
"uuid": "^8.3.2"
},

18
packages/core/acme-client/src/api.js
View File

@@ -3,6 +3,7 @@
*/
const util = require('./util');
const { log } = require('./logger');
/**
* AcmeApi
@@ -17,6 +18,21 @@ class AcmeApi {
this.accountUrl = accountUrl;
}
getLocationFromHeader(resp) {
let locationUrl = resp.headers.location;
const mapping = this.http.urlMapping;
if (mapping.mappings) {
// eslint-disable-next-line guard-for-in,no-restricted-syntax
for (const key in mapping.mappings) {
const url = mapping.mappings[key];
if (locationUrl.indexOf(url) > -1) {
locationUrl = locationUrl.replace(url, key);
}
}
}
return locationUrl;
}
/**
* Get account URL
*
@@ -103,7 +119,7 @@ class AcmeApi {
/* Set account URL */
if (resp.headers.location) {
this.accountUrl = resp.headers.location;
this.accountUrl = this.getLocationFromHeader(resp);
}
return resp;

112
packages/core/acme-client/src/auto.js
View File

@@ -13,8 +13,12 @@ const defaultOpts = {
termsOfServiceAgreed: false,
skipChallengeVerification: false,
challengePriority: ['http-01', 'dns-01'],
challengeCreateFn: async () => { throw new Error('Missing challengeCreateFn()'); },
challengeRemoveFn: async () => { throw new Error('Missing challengeRemoveFn()'); },
challengeCreateFn: async () => {
throw new Error('Missing challengeCreateFn()');
},
challengeRemoveFn: async () => {
throw new Error('Missing challengeRemoveFn()');
},
};
/**
@@ -137,9 +141,13 @@ module.exports = async (client, userOpts) => {
}
else {
log(`[auto] [${d}] Running challenge verification`);
await client.verifyChallenge(authz, challenge);
try {
await client.verifyChallenge(authz, challenge);
}
catch (e) {
log(`[auto] [${d}] challenge verification threw error: ${e.message}`);
}
}
/* Complete challenge and wait for valid status */
log(`[auto] [${d}] Completing challenge with ACME provider and waiting for valid status`);
await client.completeChallenge(challenge);
@@ -170,11 +178,42 @@ module.exports = async (client, userOpts) => {
throw e;
}
};
const domainSets = [];
const challengePromises = authorizations.map((authz) => async () => {
await challengeFunc(authz);
authorizations.forEach((authz) => {
const d = authz.identifier.value;
let setd = false;
// eslint-disable-next-line no-restricted-syntax
for (const group of domainSets) {
if (!group[d]) {
group[d] = authz;
setd = true;
}
}
if (!setd) {
const group = {};
group[d] = authz;
domainSets.push(group);
}
});
const allChallengePromises = [];
// eslint-disable-next-line no-restricted-syntax
for (const domainSet of domainSets) {
const challengePromises = [];
// eslint-disable-next-line guard-for-in,no-restricted-syntax
for (const domain in domainSet) {
const authz = domainSet[domain];
challengePromises.push(async () => {
log(`[auto] [${domain}] Starting challenge`);
await challengeFunc(authz);
});
}
allChallengePromises.push(challengePromises);
}
log(`[auto] challengeGroups:${allChallengePromises.length}`);
function runAllPromise(tasks) {
let promise = Promise.resolve();
tasks.forEach((task) => {
@@ -194,39 +233,48 @@ module.exports = async (client, userOpts) => {
return Promise.all(results);
}
try {
log('开始challenge');
await runPromisePa(challengePromises);
log(`开始challenge${allChallengePromises.length}`);
let i = 0;
// eslint-disable-next-line no-restricted-syntax
for (const challengePromises of allChallengePromises) {
i += 1;
log(`开始第${i}`);
if (opts.signal && opts.signal.aborted) {
throw new Error('用户取消');
}
log('challenge结束');
// log('[auto] Waiting for challenge valid status');
// await Promise.all(challengePromises);
/**
* Finalize order and download certificate
*/
log('[auto] Finalizing order and downloading certificate');
const finalized = await client.finalizeOrder(order, opts.csr);
return await client.getCertificate(finalized, opts.preferredChain);
}
catch (e) {
log('证书申请失败');
log(e);
throw new Error(`证书申请失败:${e.message}`);
}
finally {
log(`清理challenge痕迹length:${clearTasks.length}`);
try {
await runAllPromise(clearTasks);
// eslint-disable-next-line no-await-in-loop
await runPromisePa(challengePromises);
}
catch (e) {
log('清理challenge失败');
log(e);
log(`证书申请失败${e.message}`);
throw e;
}
finally {
log(`清理challenge痕迹length:${clearTasks.length}`);
try {
// eslint-disable-next-line no-await-in-loop
await runAllPromise(clearTasks);
}
catch (e) {
log('清理challenge失败');
log(e);
}
}
}
log('challenge结束');
// log('[auto] Waiting for challenge valid status');
// await Promise.all(challengePromises);
/**
* Finalize order and download certificate
*/
log('[auto] Finalizing order and downloading certificate');
const finalized = await client.finalizeOrder(order, opts.csr);
const res = await client.getCertificate(finalized, opts.preferredChain);
return res;
// try {
// await Promise.allSettled(challengePromises);
// }

88
packages/core/acme-client/src/axios.js
View File

@@ -3,10 +3,14 @@
*/
const axios = require('axios');
const { parseRetryAfterHeader } = require('./util');
const { log } = require('./logger');
const pkg = require('./../package.json');
const { AxiosError } = axios;
/**
* Instance
* Defaults
*/
const instance = axios.create();
@@ -19,6 +23,9 @@ instance.defaults.acmeSettings = {
httpChallengePort: 80,
httpsChallengePort: 443,
tlsAlpnChallengePort: 443,
retryMaxAttempts: 5,
retryDefaultDelay: 5,
};
// instance.defaults.proxy = {
// host: '192.168.34.139',
@@ -33,6 +40,85 @@ instance.defaults.acmeSettings = {
instance.defaults.adapter = 'http';
/**
* Retry requests on server errors or when rate limited
*
* https://datatracker.ietf.org/doc/html/rfc8555#section-6.6
*/
function isRetryableError(error) {
return (error.code !== 'ECONNABORTED')
&& (error.code !== 'ERR_NOCK_NO_MATCH')
&& (!error.response
|| (error.response.status === 429)
|| ((error.response.status >= 500) && (error.response.status <= 599)));
}
/* https://github.com/axios/axios/blob/main/lib/core/settle.js */
function validateStatus(response) {
const validator = response.config.retryValidateStatus;
if (!response.status || !validator || validator(response.status)) {
return response;
}
throw new AxiosError(
`Request failed with status code ${response.status}`,
(Math.floor(response.status / 100) === 4) ? AxiosError.ERR_BAD_REQUEST : AxiosError.ERR_BAD_RESPONSE,
response.config,
response.request,
response,
);
}
/* Pass all responses through the error interceptor */
instance.interceptors.request.use((config) => {
if (!('retryValidateStatus' in config)) {
config.retryValidateStatus = config.validateStatus;
}
config.validateStatus = () => false;
return config;
});
/* Handle request retries if applicable */
instance.interceptors.response.use(null, async (error) => {
const { config, response } = error;
if (!config) {
return Promise.reject(error);
}
/* Pick up errors we want to retry */
if (isRetryableError(error)) {
const { retryMaxAttempts, retryDefaultDelay } = instance.defaults.acmeSettings;
config.retryAttempt = ('retryAttempt' in config) ? (config.retryAttempt + 1) : 1;
if (config.retryAttempt <= retryMaxAttempts) {
const code = response ? `HTTP ${response.status}` : error.code;
log(`Caught ${code}, retry attempt ${config.retryAttempt}/${retryMaxAttempts} to URL ${config.url}`);
/* Attempt to parse Retry-After header, fallback to default delay */
let retryAfter = response ? parseRetryAfterHeader(response.headers['retry-after']) : 0;
if (retryAfter > 0) {
log(`Found retry-after response header with value: ${response.headers['retry-after']}, waiting ${retryAfter} seconds`);
}
else {
retryAfter = (retryDefaultDelay * config.retryAttempt);
log(`Unable to locate or parse retry-after response header, waiting ${retryAfter} seconds`);
}
/* Wait and retry the request */
await new Promise((resolve) => { setTimeout(resolve, (retryAfter * 1000)); });
return instance(config);
}
}
/* Validate and return response */
return validateStatus(response);
});
/**
* Export instance
*/

13
packages/core/acme-client/src/client.js
View File

@@ -300,7 +300,8 @@ class AcmeClient {
}
/* Add URL to response */
resp.data.url = resp.headers.location;
resp.data.url = this.api.getLocationFromHeader(resp);
return resp.data;
}
@@ -490,6 +491,9 @@ class AcmeClient {
const keyAuthorization = await this.getChallengeKeyAuthorization(challenge);
const verifyFn = async () => {
if (this.opts.signal && this.opts.signal.aborted) {
throw new Error('用户取消');
}
await verify[challenge.type](authz, challenge, keyAuthorization);
};
@@ -513,6 +517,9 @@ class AcmeClient {
*/
async completeChallenge(challenge) {
if (this.opts.signal && this.opts.signal.aborted) {
throw new Error('用户取消');
}
const resp = await this.api.completeChallenge(challenge.url, {});
return resp.data;
}
@@ -550,6 +557,10 @@ class AcmeClient {
}
const verifyFn = async (abort) => {
if (this.opts.signal && this.opts.signal.aborted) {
throw new Error('用户取消');
}
const resp = await this.api.apiRequest(item.url, null, [200]);
/* Verify status */

17
packages/core/acme-client/src/crypto/forge.js
View File

@@ -10,6 +10,7 @@
const net = require('net');
const { promisify } = require('util');
const forge = require('node-forge');
const { createPrivateEcdsaKey, getPublicKey } = require('./index');
const generateKeyPair = promisify(forge.pki.rsa.generateKeyPair);
@@ -378,13 +379,17 @@ function formatCsrAltNames(altNames) {
* }, certificateKey);
*/
exports.createCsr = async (data, key = null) => {
if (!key) {
exports.createCsr = async (data, keyType = null) => {
let key = null;
if (keyType === 'ec') {
key = await createPrivateEcdsaKey();
}
else {
key = await createPrivateKey(data.keySize);
}
else if (!Buffer.isBuffer(key)) {
key = Buffer.from(key);
}
// else if (!Buffer.isBuffer(key)) {
// key = Buffer.from(key);
// }
if (typeof data.altNames === 'undefined') {
data.altNames = [];
@@ -396,6 +401,8 @@ exports.createCsr = async (data, key = null) => {
const privateKey = forge.pki.privateKeyFromPem(key);
const publicKey = forge.pki.rsa.setPublicKey(privateKey.n, privateKey.e);
csr.publicKey = publicKey;
// const privateKey = key;
// csr.publicKey = getPublicKey(key);
/* Ensure subject common name is present in SAN - https://cabforum.org/wp-content/uploads/BRv1.2.3.pdf */
if (data.commonName && !data.altNames.includes(data.commonName)) {

1
packages/core/acme-client/src/crypto/index.js
View File

@@ -290,7 +290,6 @@ exports.readCsrDomains = (csrPem) => {
if (Buffer.isBuffer(csrPem)) {
csrPem = csrPem.toString();
}
const dec = x509.PemConverter.decodeFirst(csrPem);
const csr = new x509.Pkcs10CertificateRequest(dec);
return parseDomains(csr);

9
packages/core/acme-client/src/http.js
View File

@@ -55,7 +55,7 @@ class HttpClient {
*/
async request(url, method, opts = {}) {
if (this.urlMapping && this.urlMapping.enabled === true && this.urlMapping.mappings) {
if (this.urlMapping && this.urlMapping.enabled && this.urlMapping.mappings) {
// eslint-disable-next-line no-restricted-syntax
for (const key in this.urlMapping.mappings) {
if (url.includes(key)) {
@@ -93,9 +93,11 @@ class HttpClient {
*/
async getDirectory() {
const age = (Math.floor(Date.now() / 1000) - this.directoryTimestamp);
const now = Math.floor(Date.now() / 1000);
const age = (now - this.directoryTimestamp);
if (!this.directoryCache || (age > this.directoryMaxAge)) {
log(`Refreshing ACME directory, age: ${age}`);
const resp = await this.request(this.directoryUrl, 'get');
if (resp.status >= 400) {
@@ -107,6 +109,7 @@ class HttpClient {
}
this.directoryCache = resp.data;
this.directoryTimestamp = now;
}
return this.directoryCache;
@@ -131,7 +134,7 @@ class HttpClient {
*
* https://datatracker.ietf.org/doc/html/rfc8555#section-7.2
*
* @returns {Promise<string>} nonce
* @returns {Promise<string>} Nonce
*/
async getNonce() {

53
packages/core/acme-client/src/util.js
View File

@@ -84,9 +84,12 @@ function retry(fn, { attempts = 5, min = 5000, max = 30000 } = {}) {
}
/**
* Parse URLs from link header
* Parse URLs from Link header
*
* @param {string} header Link header contents
* https://datatracker.ietf.org/doc/html/rfc8555#section-7.4.2
* https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Link
*
* @param {string} header Header contents
* @param {string} rel Link relation, default: `alternate`
* @returns {string[]} Array of URLs
*/
@@ -102,6 +105,37 @@ function parseLinkHeader(header, rel = 'alternate') {
return results.filter((r) => r);
}
/**
* Parse date or duration from Retry-After header
*
* https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Retry-After
*
* @param {string} header Header contents
* @returns {number} Retry duration in seconds
*/
function parseRetryAfterHeader(header) {
const sec = parseInt(header, 10);
const date = new Date(header);
/* Seconds into the future */
if (Number.isSafeInteger(sec) && (sec > 0)) {
return sec;
}
/* Future date string */
if (date instanceof Date && !Number.isNaN(date)) {
const now = new Date();
const diff = Math.ceil((date.getTime() - now.getTime()) / 1000);
if (diff > 0) {
return diff;
}
}
return 0;
}
/**
* Find certificate chain with preferred issuer common name
* - If issuer is found in multiple chains, the closest to root wins
@@ -161,14 +195,16 @@ function findCertificateChainForIssuer(chains, issuer) {
function formatResponseError(resp) {
let result;
if (resp.data.error) {
result = resp.data.error.detail || resp.data.error;
}
else {
result = resp.data.detail || JSON.stringify(resp.data);
if (resp.data) {
if (resp.data.error) {
result = resp.data.error.detail || resp.data.error;
}
else {
result = resp.data.detail || JSON.stringify(resp.data);
}
}
return result.replace(/\n/g, '');
return (result || '').replace(/\n/g, '');
}
/**
@@ -296,6 +332,7 @@ async function retrieveTlsAlpnCertificate(host, port, timeout = 30000) {
module.exports = {
retry,
parseLinkHeader,
parseRetryAfterHeader,
findCertificateChainForIssuer,
formatResponseError,
getAuthoritativeDnsResolver,

92
packages/core/acme-client/test/10-http.spec.js
View File

@@ -12,33 +12,12 @@ const pkg = require('./../package.json');
describe('http', () => {
let testClient;
const endpoint = `http://${uuid()}.example.com`;
const defaultUserAgent = `node-${pkg.name}/${pkg.version}`;
const customUserAgent = 'custom-ua-123';
const primaryEndpoint = `http://${uuid()}.example.com`;
const defaultUaEndpoint = `http://${uuid()}.example.com`;
const customUaEndpoint = `http://${uuid()}.example.com`;
/**
* HTTP mocking
*/
before(() => {
const defaultUaOpts = { reqheaders: { 'User-Agent': defaultUserAgent } };
const customUaOpts = { reqheaders: { 'User-Agent': customUserAgent } };
nock(primaryEndpoint)
.persist().get('/').reply(200, 'ok');
nock(defaultUaEndpoint, defaultUaOpts)
.persist().get('/').reply(200, 'ok');
nock(customUaEndpoint, customUaOpts)
.persist().get('/').reply(200, 'ok');
});
after(() => {
axios.defaults.headers.common['User-Agent'] = defaultUserAgent;
afterEach(() => {
nock.cleanAll();
});
/**
@@ -54,7 +33,8 @@ describe('http', () => {
*/
it('should http get', async () => {
const resp = await testClient.request(primaryEndpoint, 'get');
nock(endpoint).get('/').reply(200, 'ok');
const resp = await testClient.request(endpoint, 'get');
assert.isObject(resp);
assert.strictEqual(resp.status, 200);
@@ -66,28 +46,76 @@ describe('http', () => {
*/
it('should request using default user-agent', async () => {
const resp = await testClient.request(defaultUaEndpoint, 'get');
nock(endpoint).matchHeader('user-agent', defaultUserAgent).get('/').reply(200, 'ok');
axios.defaults.headers.common['User-Agent'] = defaultUserAgent;
const resp = await testClient.request(endpoint, 'get');
assert.isObject(resp);
assert.strictEqual(resp.status, 200);
assert.strictEqual(resp.data, 'ok');
});
it('should not request using custom user-agent', async () => {
await assert.isRejected(testClient.request(customUaEndpoint, 'get'));
it('should reject using custom user-agent', async () => {
nock(endpoint).matchHeader('user-agent', defaultUserAgent).get('/').reply(200, 'ok');
axios.defaults.headers.common['User-Agent'] = customUserAgent;
await assert.isRejected(testClient.request(endpoint, 'get'));
});
it('should request using custom user-agent', async () => {
nock(endpoint).matchHeader('user-agent', customUserAgent).get('/').reply(200, 'ok');
axios.defaults.headers.common['User-Agent'] = customUserAgent;
const resp = await testClient.request(customUaEndpoint, 'get');
const resp = await testClient.request(endpoint, 'get');
assert.isObject(resp);
assert.strictEqual(resp.status, 200);
assert.strictEqual(resp.data, 'ok');
});
it('should not request using default user-agent', async () => {
axios.defaults.headers.common['User-Agent'] = customUserAgent;
await assert.isRejected(testClient.request(defaultUaEndpoint, 'get'));
it('should reject using default user-agent', async () => {
nock(endpoint).matchHeader('user-agent', customUserAgent).get('/').reply(200, 'ok');
axios.defaults.headers.common['User-Agent'] = defaultUserAgent;
await assert.isRejected(testClient.request(endpoint, 'get'));
});
/**
* Retry on HTTP errors
*/
it('should retry on 429 rate limit', async () => {
let rateLimitCount = 0;
nock(endpoint).persist().get('/').reply(() => {
rateLimitCount += 1;
if (rateLimitCount < 3) {
return [429, 'Rate Limit Exceeded', { 'Retry-After': 1 }];
}
return [200, 'ok'];
});
assert.strictEqual(rateLimitCount, 0);
const resp = await testClient.request(endpoint, 'get');
assert.isObject(resp);
assert.strictEqual(resp.status, 200);
assert.strictEqual(resp.data, 'ok');
assert.strictEqual(rateLimitCount, 3);
});
it('should retry on 5xx server error', async () => {
let serverErrorCount = 0;
nock(endpoint).persist().get('/').reply(() => {
serverErrorCount += 1;
return [500, 'Internal Server Error', { 'Retry-After': 1 }];
});
assert.strictEqual(serverErrorCount, 0);
const resp = await testClient.request(endpoint, 'get');
assert.isObject(resp);
assert.strictEqual(resp.status, 500);
assert.strictEqual(serverErrorCount, 4);
});
});

145
packages/core/acme-client/test/10-util.spec.js Normal file
View File

@@ -0,0 +1,145 @@
/**
* Utility method tests
*/
const dns = require('dns').promises;
const fs = require('fs').promises;
const path = require('path');
const { assert } = require('chai');
const util = require('./../src/util');
const { readCertificateInfo } = require('./../src/crypto');
describe('util', () => {
const testCertPath1 = path.join(__dirname, 'fixtures', 'certificate.crt');
const testCertPath2 = path.join(__dirname, 'fixtures', 'letsencrypt.crt');
it('retry()', async () => {
let attempts = 0;
const backoffOpts = {
min: 100,
max: 500,
};
await assert.isRejected(util.retry(() => {
throw new Error('oops');
}, backoffOpts));
const r = await util.retry(() => {
attempts += 1;
if (attempts < 3) {
throw new Error('oops');
}
return 'abc';
}, backoffOpts);
assert.strictEqual(r, 'abc');
assert.strictEqual(attempts, 3);
});
it('parseLinkHeader()', () => {
const r1 = util.parseLinkHeader('<https://example.com/a>;rel="alternate"');
assert.isArray(r1);
assert.strictEqual(r1.length, 1);
assert.strictEqual(r1[0], 'https://example.com/a');
const r2 = util.parseLinkHeader('<https://example.com/b>;rel="test"');
assert.isArray(r2);
assert.strictEqual(r2.length, 0);
const r3 = util.parseLinkHeader('<http://example.com/c>; rel="test"', 'test');
assert.isArray(r3);
assert.strictEqual(r3.length, 1);
assert.strictEqual(r3[0], 'http://example.com/c');
const r4 = util.parseLinkHeader(`<https://example.com/a>; rel="alternate",
<https://example.com/x>; rel="nope",
<https://example.com/b>;rel="alternate",
<https://example.com/c>; rel="alternate"`);
assert.isArray(r4);
assert.strictEqual(r4.length, 3);
assert.strictEqual(r4[0], 'https://example.com/a');
assert.strictEqual(r4[1], 'https://example.com/b');
assert.strictEqual(r4[2], 'https://example.com/c');
});
it('parseRetryAfterHeader()', () => {
const r1 = util.parseRetryAfterHeader('');
assert.strictEqual(r1, 0);
const r2 = util.parseRetryAfterHeader('abcdef');
assert.strictEqual(r2, 0);
const r3 = util.parseRetryAfterHeader('123');
assert.strictEqual(r3, 123);
const r4 = util.parseRetryAfterHeader('123.456');
assert.strictEqual(r4, 123);
const r5 = util.parseRetryAfterHeader('-555');
assert.strictEqual(r5, 0);
const r6 = util.parseRetryAfterHeader('Wed, 21 Oct 2015 07:28:00 GMT');
assert.strictEqual(r6, 0);
const now = new Date();
const future = new Date(now.getTime() + 123000);
const r7 = util.parseRetryAfterHeader(future.toUTCString());
assert.isTrue(r7 > 100);
});
it('findCertificateChainForIssuer()', async () => {
const certs = [
(await fs.readFile(testCertPath1)).toString(),
(await fs.readFile(testCertPath2)).toString(),
];
const r1 = util.findCertificateChainForIssuer(certs, 'abc123');
const r2 = util.findCertificateChainForIssuer(certs, 'example.com');
const r3 = util.findCertificateChainForIssuer(certs, 'E6');
[r1, r2, r3].forEach((r) => {
assert.isString(r);
assert.isNotEmpty(r);
});
assert.strictEqual(readCertificateInfo(r1).issuer.commonName, 'example.com');
assert.strictEqual(readCertificateInfo(r2).issuer.commonName, 'example.com');
assert.strictEqual(readCertificateInfo(r3).issuer.commonName, 'E6');
});
it('formatResponseError()', () => {
const e1 = util.formatResponseError({ data: { error: 'aaa' } });
assert.strictEqual(e1, 'aaa');
const e2 = util.formatResponseError({ data: { error: { detail: 'bbb' } } });
assert.strictEqual(e2, 'bbb');
const e3 = util.formatResponseError({ data: { detail: 'ccc' } });
assert.strictEqual(e3, 'ccc');
const e4 = util.formatResponseError({ data: { a: 123 } });
assert.strictEqual(e4, '{"a":123}');
const e5 = util.formatResponseError({});
assert.isString(e5);
assert.isEmpty(e5);
});
it('getAuthoritativeDnsResolver()', async () => {
/* valid domain - should not use global default */
const r1 = await util.getAuthoritativeDnsResolver('example.com');
assert.instanceOf(r1, dns.Resolver);
assert.isNotEmpty(r1.getServers());
assert.notDeepEqual(r1.getServers(), dns.getServers());
/* invalid domain - fallback to global default */
const r2 = await util.getAuthoritativeDnsResolver('invalid.xtldx');
assert.instanceOf(r2, dns.Resolver);
assert.deepStrictEqual(r2.getServers(), dns.getServers());
});
/* TODO: Figure out how to test this */
it('retrieveTlsAlpnCertificate()');
});

23
packages/core/acme-client/test/fixtures/letsencrypt.crt vendored Normal file
View File

@@ -0,0 +1,23 @@
-----BEGIN CERTIFICATE-----
MIIDzzCCA1WgAwIBAgISA0ghDoSv5DpT3Pd3lqwjbVDDMAoGCCqGSM49BAMDMDIx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
NjAeFw0yNDA2MTAxNzEyMjZaFw0yNDA5MDgxNzEyMjVaMBQxEjAQBgNVBAMTCWxl
bmNyLm9yZzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABEHJ3DjN7pYV3mftHzaP
V/WI0RhOJnSI5AIFEPFHDi8UowOINRGIfm9FHGIDqrb4Rmyvr9JrrqBdFGDen8BW
6OGjggJnMIICYzAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
CCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFIdCTnxqmpOELDyzPaEM
seB36lUOMB8GA1UdIwQYMBaAFJMnRpgDqVFojpjWxEJI2yO/WJTSMFUGCCsGAQUF
BwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL2U2Lm8ubGVuY3Iub3JnMCIGCCsG
AQUFBzAChhZodHRwOi8vZTYuaS5sZW5jci5vcmcvMG8GA1UdEQRoMGaCCWxlbmNy
Lm9yZ4IPbGV0c2VuY3J5cHQuY29tgg9sZXRzZW5jcnlwdC5vcmeCDXd3dy5sZW5j
ci5vcmeCE3d3dy5sZXRzZW5jcnlwdC5jb22CE3d3dy5sZXRzZW5jcnlwdC5vcmcw
EwYDVR0gBAwwCjAIBgZngQwBAgEwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgA/
F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF7PhkbgAAAZADWfneAAAEAwBHMEUC
IGlp+dPU2hLT2suTMYkYMlt/xbzSnKLZDA/wYSsPACP7AiEAxbAzx6mkzn0cs0hh
ti6sLf0pcbmDhxHdlJRjuo6SQZEAdwDf4VbrqgWvtZwPhnGNqMAyTq5W2W6n9aVq
AdHBO75SXAAAAZADWfqrAAAEAwBIMEYCIQCrAmDUrlX3oGhri1qCIb65Cuf8h2GR
LC1VfXBenX7dCAIhALXwbhCQ1vO1WLv4CqyihMHOwFaICYqN/N6ylaBlVAM4MAoG
CCqGSM49BAMDA2gAMGUCMFdgjOXGl+hE2ABDsAeuNq8wi34yTMUHk0KMTOjRAfy9
rOCGQqvP0myoYlyzXOH9uQIxAMdkG1ZWBZS1dHavbPf1I/MjYpzX6gy0jVHIXXu5
aYWylBi/Uf2RPj0LWFZh8tNa1Q==
-----END CERTIFICATE-----

7
packages/core/acme-client/test/setup.js
View File

@@ -29,6 +29,13 @@ if (process.env.ACME_TLSALPN_PORT) {
axios.defaults.acmeSettings.tlsAlpnChallengePort = process.env.ACME_TLSALPN_PORT;
}
/**
* Greatly reduce retry duration while testing
*/
axios.defaults.acmeSettings.retryMaxAttempts = 3;
axios.defaults.acmeSettings.retryDefaultDelay = 1;
/**
* External account binding
*/

2
packages/core/acme-client/types/index.d.ts vendored
View File

@@ -45,6 +45,7 @@ export interface ClientOptions {
backoffMin?: number;
backoffMax?: number;
urlMapping?: UrlMapping;
signal?: AbortSignal;
}
export interface ClientExternalAccountBindingOptions {
@@ -61,6 +62,7 @@ export interface ClientAutoOptions {
skipChallengeVerification?: boolean;
challengePriority?: string[];
preferredChain?: string;
signal?: AbortSignal;
}
export class Client {

30
packages/core/pipeline/CHANGELOG.md
View File

@@ -3,6 +3,36 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.24.1](https://github.com/certd/certd/compare/v1.24.0...v1.24.1) (2024-09-02)
### Performance Improvements
* 部署插件支持宝塔、易盾云等 ([ee61709](https://github.com/certd/certd/commit/ee617095efa1171548cf52fd45f0f98a368555a3))
* 授权配置支持加密 ([42a56b5](https://github.com/certd/certd/commit/42a56b581d754c3e5f9838179d19ab0d004ef2eb))
* 支持阿里云 DCDN ([98b77f8](https://github.com/certd/certd/commit/98b77f80843834616fb26f83b4c42245326abd06))
* 支持已跳过的步骤重新运行 ([ea775ad](https://github.com/certd/certd/commit/ea775adae18d57a04470cfba6b9460d761d74035))
# [1.24.0](https://github.com/certd/certd/compare/v1.23.1...v1.24.0) (2024-08-25)
### Bug Fixes
* 修复成功后跳过之后丢失腾讯云证书id的bug ([37eb762](https://github.com/certd/certd/commit/37eb762afe25c5896b75dee25f32809f8426e7b7))
* 修复执行日志没有清理的bug ([22a3363](https://github.com/certd/certd/commit/22a336370a88a7df2a23c967043bae153da71ed5))
### Features
* 支持google证书申请需要使用代理 ([a593056](https://github.com/certd/certd/commit/a593056e79e99dd6a74f75b5eab621af7248cfbe))
### Performance Improvements
* 优化成功后跳过的提示 ([7b451bb](https://github.com/certd/certd/commit/7b451bbf6e6337507f4627b5a845f5bd96ab4f7b))
* 优化证书申请成功率 ([968c469](https://github.com/certd/certd/commit/968c4690a07f69c08dcb3d3a494da4e319627345))
* email proxy ([453f1ba](https://github.com/certd/certd/commit/453f1baa0b9eb0f648aa1b71ccf5a95b202ce13f))
## [1.23.1](https://github.com/certd/certd/compare/v1.23.0...v1.23.1) (2024-08-06)
**Note:** Version bump only for package @certd/pipeline
## [1.22.8](https://github.com/certd/certd/compare/v1.22.7...v1.22.8) (2024-08-05)
### Performance Improvements

2
packages/core/pipeline/build.md
View File

@@ -1 +1 @@
22:30
23:56

3
packages/core/pipeline/package.json
View File

@@ -1,7 +1,7 @@
{
"name": "@certd/pipeline",
"private": false,
"version": "1.22.8",
"version": "1.24.1",
"type": "module",
"main": "./dist/index.js",
"types": "./dist/index.d.ts",
@@ -14,6 +14,7 @@
"test": "mocha --loader=ts-node/esm"
},
"dependencies": {
"@certd/plus": "1.22.1",
"axios": "^1.7.2",
"fix-path": "^4.0.0",
"lodash-es": "^4.17.21",

1
packages/core/pipeline/src/access/api.ts
View File

@@ -4,6 +4,7 @@ import { FormItemProps } from "../dt/index.js";
export type AccessInputDefine = FormItemProps & {
title: string;
required?: boolean;
encrypt?: boolean;
};
export type AccessDefine = Registrable & {
input?: {

53
packages/core/pipeline/src/core/executor.ts
View File

@@ -23,16 +23,21 @@ export type ExecutorOptions = {
emailService: IEmailService;
fileRootDir?: string;
};
export class Executor {
pipeline: Pipeline;
runtime!: RunHistory;
contextFactory: ContextFactory;
logger: Logger;
pipelineContext!: IContext;
currentStatusMap!: RunnableCollection;
lastStatusMap!: RunnableCollection;
lastRuntime!: RunHistory;
options: ExecutorOptions;
canceled = false;
abort: AbortController = new AbortController();
_inited = false;
onChanged: (history: RunHistory) => Promise<void>;
constructor(options: ExecutorOptions) {
this.options = options;
@@ -47,13 +52,18 @@ export class Executor {
}
async init() {
if (this._inited) {
return;
}
this._inited = true;
const lastRuntime = await this.pipelineContext.getObj(`lastRuntime`);
this.lastRuntime = lastRuntime;
this.lastStatusMap = new RunnableCollection(lastRuntime?.pipeline);
this.currentStatusMap = new RunnableCollection(this.pipeline);
}
async cancel() {
this.canceled = true;
this.abort.abort();
this.runtime?.cancel(this.pipeline);
await this.onChanged(this.runtime);
}
@@ -73,9 +83,9 @@ export class Executor {
await this.notification("turnToSuccess");
}
await this.notification("success");
} catch (e) {
} catch (e: any) {
await this.notification("error", e);
this.logger.error("pipeline 执行失败", e);
this.logger.error("pipeline 执行失败", e.stack);
} finally {
await this.pipelineContext.setObj("lastRuntime", this.runtime);
this.logger.info(`pipeline.${this.pipeline.id} end`);
@@ -102,6 +112,8 @@ export class Executor {
}
}
if (lastResult != null && lastResult === ResultType.success && !inputChanged) {
runnable.status!.output = lastNode?.status?.output;
runnable.status!.files = lastNode?.status?.files;
this.runtime.skip(runnable);
await this.onChanged(this.runtime);
return ResultType.skip;
@@ -113,10 +125,15 @@ export class Executor {
// const timeout = runnable.timeout ?? 20 * 60 * 1000;
try {
if (this.canceled) {
if (this.abort.signal.aborted) {
this.runtime.cancel(runnable);
return ResultType.canceled;
}
await run();
if (this.abort.signal.aborted) {
this.runtime.cancel(runnable);
return ResultType.canceled;
}
this.runtime.success(runnable);
return ResultType.success;
} catch (e: any) {
@@ -197,7 +214,7 @@ export class Executor {
private async runStep(step: Step) {
const currentLogger = this.runtime._loggers[step.id];
this.currentStatusMap.add(step);
const lastStatus = this.lastStatusMap.get(step.id);
//执行任务
const plugin: RegistryItem<AbstractTaskPlugin> = pluginRegistry.get(step.type);
@@ -211,16 +228,11 @@ export class Executor {
if (item.component?.name === "pi-output-selector") {
const contextKey = step.input[key];
if (contextKey != null) {
const value = this.runtime.context[contextKey];
if (value == null) {
currentLogger.warn(`[step init] input ${define.title} is null前置任务步骤输出值为空请按如下步骤排查`);
currentLogger.log(`1、检查前置任务证书申请任务是否是配置了成功后跳过如果是请改为正常执行`);
currentLogger.log(
`2、是否曾经删除过前置任务证书申请任务然后又重新添加了如果是请重新编辑当前任务重新选择一下前置任务输出的参数域名证书那一栏`
);
currentLogger.log(`3、以上都不是联系作者吧`);
}
step.input[key] = value;
// "cert": "step.-BNFVPMKPu2O-i9NiOQxP.cert",
const arr = contextKey.split(".");
const id = arr[1];
const outputKey = arr[2];
step.input[key] = this.currentStatusMap.get(id)?.status?.output[outputKey] ?? this.lastStatusMap.get(id)?.status?.output[outputKey];
}
}
});
@@ -241,6 +253,7 @@ export class Executor {
parent: this.runtime.id,
rootDir: this.options.fileRootDir,
}),
signal: this.abort.signal,
};
instance.setCtx(taskCtx);
@@ -254,8 +267,8 @@ export class Executor {
//输出上下文变量到output context
_.forEach(define.output, (item: any, key: any) => {
step.status!.output[key] = instance[key];
const stepOutputKey = `step.${step.id}.${key}`;
this.runtime.context[stepOutputKey] = instance[key];
// const stepOutputKey = `step.${step.id}.${key}`;
// this.runtime.context[stepOutputKey] = instance[key];
});
step.status!.files = instance.getFiles();
@@ -308,4 +321,8 @@ export class Executor {
}
}
}
clearLastStatus(stepId: string) {
this.lastStatusMap.clearById(stepId);
}
}

5
packages/core/pipeline/src/core/file-store.ts
View File

@@ -54,7 +54,10 @@ export class FileStore {
deleteByParent(scope: string, parent: string) {
const dir = path.join(this.rootDir, scope, parent);
if (fs.existsSync(dir)) {
fs.unlinkSync(dir);
fs.rmSync(dir, {
recursive: true,
force: true,
});
}
}
}

15
packages/core/pipeline/src/core/license.spec.ts
View File

@@ -1,15 +0,0 @@
import { isPlus, verify } from "./license.js";
import { equal } from "assert";
describe("license", function () {
it("#license", async function () {
const req = {
appKey: "z4nXOeTeSnnpUpnmsV",
subjectId: "999",
license: "",
};
const plus = isPlus();
equal(plus, false);
const res = await verify(req);
equal(res, true);
});
});

87
packages/core/pipeline/src/core/license.ts
View File

@@ -1,85 +1,4 @@
import { createVerify } from "node:crypto";
import { logger } from "../utils/index.js";
const SecreteKey =
"LS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JSUJDZ0tDQVFFQXY3TGtMaUp1dGM0NzhTU3RaTExjajVGZXh1YjJwR2NLMGxwa0hwVnlZWjhMY29rRFhuUlAKUGQ5UlJSTVRTaGJsbFl2Mzd4QUhOV1ZIQ0ZsWHkrQklVU001bUlBU1NDQTV0azlJNmpZZ2F4bEFDQm1BY0lGMwozKzBjeGZIYVkrVW9YdVluMkZ6YUt2Ym5GdFZIZ0lkMDg4a3d4clZTZzlCT3BDRVZIR1pxR2I5TWN5MXVHVXhUClFTVENCbmpoTWZlZ0p6cXVPYWVOY0ZPSE5tbmtWRWpLTythbTBPeEhNS1lyS3ZnQnVEbzdoVnFENlBFMUd6V3AKZHdwZUV4QXZDSVJxL2pWTkdRK3FtMkRWOVNJZ3U5bmF4MktmSUtFeU50dUFFS1VpekdqL0VmRFhDM1cxMExhegpKaGNYNGw1SUFZU1o3L3JWVmpGbExWSVl0WDU1T054L1Z3SURBUUFCCi0tLS0tRU5EIFJTQSBQVUJMSUMgS0VZLS0tLS0K";
const appKey = "z4nXOeTeSnnpUpnmsV";
export type LicenseVerifyReq = {
subjectId: string;
license: string;
};
type License = {
appKey: string;
code: string;
subjectId: string;
expireTime: number;
activeTime: number;
duration: number;
version: number;
secret: string;
signature: string;
};
class LicenseHolder {
isPlus = false;
}
const holder = new LicenseHolder();
holder.isPlus = false;
class LicenseVerifier {
checked = false;
licenseReq?: LicenseVerifyReq = undefined;
async reVerify(req: LicenseVerifyReq) {
this.checked = false;
return await this.verify(req);
}
setPlus(value: boolean) {
holder.isPlus = value;
return value;
}
async verify(req: LicenseVerifyReq) {
this.licenseReq = req;
if (this.checked) {
return this.setPlus(false);
}
const license = req?.license;
if (!license) {
this.checked = true;
return this.setPlus(false);
}
const licenseJson = Buffer.from(Buffer.from(license, "hex").toString(), "base64").toString();
const json: License = JSON.parse(licenseJson);
if (json.expireTime < Date.now()) {
logger.warn("授权已过期");
return this.setPlus(false);
}
const content = `${appKey},${this.licenseReq.subjectId},${json.code},${json.secret},${json.activeTime},${json.duration},${json.expireTime},${json.version}`;
const publicKey = Buffer.from(SecreteKey, "base64").toString();
const res = this.verifySignature(content, json.signature, publicKey);
this.checked = true;
if (!res) {
logger.warn("授权校验失败");
return this.setPlus(false);
}
return this.setPlus(true);
}
verifySignature(content: string, signature: any, publicKey: string) {
const verify = createVerify("RSA-SHA256");
verify.update(content);
return verify.verify(publicKey, signature, "base64");
}
}
const verifier = new LicenseVerifier();
export function isPlus() {
return holder.isPlus;
}
export async function verify(req: LicenseVerifyReq) {
return await verifier.reVerify(req);
}
import { setLogger } from "@certd/plus";
setLogger(logger);
export * from "@certd/plus";

22
packages/core/pipeline/src/core/run-history.ts
View File

@@ -1,4 +1,4 @@
import { Context, HistoryResult, Pipeline, ResultType, Runnable, RunnableMap, Stage, Step, Task } from "../dt/index.js";
import { HistoryResult, Pipeline, ResultType, Runnable, RunnableMap, Stage, Step, Task } from "../dt/index.js";
import _ from "lodash-es";
import { buildLogger } from "../utils/util.log.js";
import { Logger } from "log4js";
@@ -14,15 +14,12 @@ export type RunTrigger = {
export function NewRunHistory(obj: any) {
const history = new RunHistory(obj.id, obj.trigger, obj.pipeline);
history.context = obj.context;
history.logs = obj.logs;
history._loggers = obj.loggers;
return history;
}
export class RunHistory {
id!: string;
//运行时上下文变量
context: Context = {};
pipeline!: Pipeline;
logs: {
[runnableId: string]: string[];
@@ -107,12 +104,13 @@ export class RunHistory {
log(runnable: Runnable, text: string) {
// @ts-ignore
this._loggers[runnable.id].info(`[${runnable.title}]<id:${runnable.id}> [${runnable.runnableType}]`, text);
this._loggers[runnable.id].info(`[${runnable.runnableType}] [${runnable.title}]<id:${runnable.id}> `, text);
}
logError(runnable: Runnable, e: Error) {
// @ts-ignore
this._loggers[runnable.id].error(`[${runnable.title}]<id:${runnable.id}> [${runnable.runnableType}]`, e);
const errorInfo = runnable.runnableType == "step" ? e.stack : e.message;
this._loggers[runnable.id].error(`[${runnable.runnableType}] [${runnable.title}]<id:${runnable.id}> ${errorInfo}`);
}
finally(runnable: Runnable) {
@@ -168,4 +166,16 @@ export class RunnableCollection {
item.status = undefined;
});
}
clearById(id: string) {
const runnable = this.collection[id];
if (runnable?.status) {
runnable.status.status = ResultType.none;
runnable.status.result = ResultType.none;
}
}
add(runnable: Runnable) {
this.collection[runnable.id] = runnable;
}
}

10
packages/core/pipeline/src/plugin/api.ts
View File

@@ -6,7 +6,7 @@ import { IAccessService } from "../access/index.js";
import { IEmailService } from "../service/index.js";
import { IContext } from "../core/index.js";
import { AxiosInstance } from "axios";
import { logger } from "../utils/index.js";
import { ILogger, logger } from "../utils/index.js";
export enum ContextScope {
global,
@@ -40,6 +40,8 @@ export type PluginDefine = Registrable & {
dest: string;
type: "computed";
}[];
needPlus?: boolean;
};
export type ITaskPlugin = {
@@ -64,11 +66,15 @@ export type TaskInstanceContext = {
http: AxiosInstance;
fileStore: FileStore;
lastStatus?: Runnable;
signal: AbortSignal;
};
export abstract class AbstractTaskPlugin implements ITaskPlugin {
_result: TaskResult = { clearLastStatus: false, files: [], pipelineVars: {} };
ctx!: TaskInstanceContext;
logger!: ILogger;
accessService!: IAccessService;
clearLastStatus() {
this._result.clearLastStatus = true;
}
@@ -79,6 +85,8 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
setCtx(ctx: TaskInstanceContext) {
this.ctx = ctx;
this.logger = ctx.logger;
this.accessService = ctx.accessService;
}
randomFileId() {

45
packages/core/pipeline/src/utils/util.request.ts
View File

@@ -1,8 +1,31 @@
import axios from "axios";
// @ts-ignore
import qs from "qs";
import { logger } from "./util.log.js";
import { Logger } from "log4js";
export class HttpError extends Error {
request?: { url: string; method: string; data?: any };
response?: { data: any };
status?: number;
statusText?: string;
constructor(error: any) {
if (!error) {
return;
}
super(error.message);
this.name = error.name;
this.stack = error.stack;
this.status = error?.response?.status;
this.statusText = error?.response?.statusText;
this.request = {
url: error?.response?.config?.url,
method: error?.response?.config?.method,
data: error?.response?.config?.data,
};
this.response = {
data: error?.response?.data,
};
}
}
/**
* @description 创建请求实例
*/
@@ -12,13 +35,6 @@ export function createAxiosService({ logger }: { logger: Logger }) {
// 请求拦截
service.interceptors.request.use(
(config: any) => {
if (config.formData) {
config.data = qs.stringify(config.formData, {
arrayFormat: "indices",
allowDots: true,
}); // 序列化请求参数
delete config.formData;
}
logger.info(`http request:${config.url}method:${config.method}`);
return config;
},
@@ -50,11 +66,12 @@ export function createAxiosService({ logger }: { logger: Logger }) {
// case 505: error.message = 'HTTP版本不受支持'; break
// default: break
// }
logger.error(`请求出错url:${error?.response?.config.url},method:${error?.response?.config?.method},status:${error?.response?.status}`);
logger.info("返回数据:", JSON.stringify(error?.response?.data));
delete error.config;
delete error.response;
return Promise.reject(error);
logger.error(
`请求出错status:${error?.response?.status},statusText:${error?.response?.statusText},url:${error?.config?.url},method:${error?.config?.method}`
);
logger.error("返回数据:", JSON.stringify(error?.response?.data));
const err = new HttpError(error);
return Promise.reject(err);
}
);
return service;

2
packages/core/pipeline/src/utils/util.sp.ts
View File

@@ -72,7 +72,7 @@ async function spawn(opts: SpawnOption): Promise<string> {
let stderr = "";
return safePromise((resolve, reject) => {
const ls = childProcess.spawn(cmd, {
shell: process.platform == "win32",
shell: true,
env: {
...process.env,
...opts.env,

4
packages/libs/lib-huawei/CHANGELOG.md
View File

@@ -3,6 +3,10 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.24.1](https://github.com/certd/certd/compare/v1.24.0...v1.24.1) (2024-09-02)
**Note:** Version bump only for package @certd/lib-huawei
## [1.22.1](https://github.com/certd/certd/compare/v1.22.0...v1.22.1) (2024-07-20)
**Note:** Version bump only for package @certd/lib-huawei

2
packages/libs/lib-huawei/package.json
View File

@@ -1,7 +1,7 @@
{
"name": "@certd/lib-huawei",
"private": false,
"version": "1.22.1",
"version": "1.24.1",
"main": "./dist/bundle.js",
"module": "./dist/bundle.js",
"types": "./dist/d/index.d.ts",

2
packages/libs/lib-huawei/rollup.config.js
View File

@@ -26,7 +26,7 @@ module.exports = {
rootDir: "src",
declaration: true,
declarationDir: "dist/d",
exclude: ["./node_modules/**", "./src/**/*.vue"],
exclude: ["./node_modules/**", "./src/**/*.vue", "./src/**/*.spec.ts"],
allowSyntheticDefaultImports: true,
}),
json(),

2
packages/libs/lib-huawei/tsconfig.json
View File

@@ -1,5 +1,5 @@
{
"compileOnSave": true,
"compileOnSave": false,
"compilerOptions": {
"target": "ESNext",
"module": "ESNext",

14
packages/libs/lib-k8s/CHANGELOG.md
View File

@@ -3,6 +3,20 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.24.1](https://github.com/certd/certd/compare/v1.24.0...v1.24.1) (2024-09-02)
**Note:** Version bump only for package @certd/lib-k8s
# [1.24.0](https://github.com/certd/certd/compare/v1.23.1...v1.24.0) (2024-08-25)
### Performance Improvements
* 更新k8s底层api库 ([746bb9d](https://github.com/certd/certd/commit/746bb9d385e2f397daef4976eca1d4782a2f5ebd))
## [1.23.1](https://github.com/certd/certd/compare/v1.23.0...v1.23.1) (2024-08-06)
**Note:** Version bump only for package @certd/lib-k8s
## [1.22.8](https://github.com/certd/certd/compare/v1.22.7...v1.22.8) (2024-08-05)
**Note:** Version bump only for package @certd/lib-k8s

7
packages/libs/lib-k8s/package.json
View File

@@ -1,7 +1,7 @@
{
"name": "@certd/lib-k8s",
"private": false,
"version": "1.22.8",
"version": "1.24.1",
"type": "module",
"main": "./dist/index.js",
"types": "./dist/index.d.ts",
@@ -13,11 +13,10 @@
"preview": "vite preview"
},
"dependencies": {
"kubernetes-client": "^9.0.0",
"shelljs": "^0.8.5"
"@kubernetes/client-node": "0.21.0"
},
"devDependencies": {
"@certd/pipeline": "^1.22.8",
"@certd/pipeline": "^1.24.1",
"@rollup/plugin-commonjs": "^23.0.4",
"@rollup/plugin-json": "^6.0.0",
"@rollup/plugin-node-resolve": "^15.0.1",

128
packages/libs/lib-k8s/src/lib/k8s.client.ts
View File

@@ -1,30 +1,40 @@
import kubernetesClient from 'kubernetes-client';
//@ts-ignore
import { KubeConfig, CoreV1Api, V1Secret, NetworkingV1Api, V1Ingress } from '@kubernetes/client-node';
import dns from 'dns';
import { logger } from '@certd/pipeline';
import { ILogger } from '@certd/pipeline';
//@ts-ignore
const { KubeConfig, Client, Request } = kubernetesClient;
export class K8sClient {
export type K8sClientOpts = {
kubeConfigStr: string;
lookup!: any;
client!: any;
constructor(kubeConfigStr: string) {
this.kubeConfigStr = kubeConfigStr;
logger: ILogger;
//{ [domain]:{ip:'xxx.xx.xxx'} }
//暂时没用
lookup?: any;
};
export class K8sClient {
kubeconfig!: KubeConfig;
kubeConfigStr: string;
lookup!: (hostnameReq: any, options: any, callback: any) => void;
client!: CoreV1Api;
logger: ILogger;
constructor(opts: K8sClientOpts) {
this.kubeConfigStr = opts.kubeConfigStr;
this.logger = opts.logger;
this.setLookup(opts.lookup);
this.init();
}
init() {
const kubeconfig = new KubeConfig();
kubeconfig.loadFromString(this.kubeConfigStr);
const reqOpts = { kubeconfig, request: {} } as any;
if (this.lookup) {
reqOpts.request.lookup = this.lookup;
}
this.kubeconfig = kubeconfig;
this.client = kubeconfig.makeApiClient(CoreV1Api);
const backend = new Request(reqOpts);
this.client = new Client({ backend, version: '1.13' });
// const reqOpts = { kubeconfig, request: {} } as any;
// if (this.lookup) {
// reqOpts.request.lookup = this.lookup;
// }
//
// const backend = new Request(reqOpts);
// this.client = new Client({ backend, version: '1.13' });
}
/**
@@ -32,16 +42,18 @@ export class K8sClient {
* @param localRecords { [domain]:{ip:'xxx.xx.xxx'} }
*/
setLookup(localRecords: { [key: string]: { ip: string } }) {
if (localRecords == null) {
return;
}
this.lookup = (hostnameReq: any, options: any, callback: any) => {
logger.info('custom lookup', hostnameReq, localRecords);
this.logger.info('custom lookup', hostnameReq, localRecords);
if (localRecords[hostnameReq]) {
logger.info('local record', hostnameReq, localRecords[hostnameReq]);
this.logger.info('local record', hostnameReq, localRecords[hostnameReq]);
callback(null, localRecords[hostnameReq].ip, 4);
} else {
dns.lookup(hostnameReq, options, callback);
}
};
this.init();
}
/**
@@ -49,9 +61,9 @@ export class K8sClient {
* @param opts = {namespace:default}
* @returns secretsList
*/
async getSecret(opts: { namespace: string }) {
async getSecrets(opts: { namespace: string }) {
const namespace = opts.namespace || 'default';
return await this.client.api.v1.namespaces(namespace).secrets.get();
return await this.client.listNamespacedSecret(namespace);
}
/**
@@ -59,59 +71,61 @@ export class K8sClient {
* @param opts {namespace:default, body:yamlStr}
* @returns {Promise<*>}
*/
async createSecret(opts: any) {
async createSecret(opts: { namespace: string; body: V1Secret }) {
const namespace = opts.namespace || 'default';
const created = await this.client.api.v1.namespaces(namespace).secrets.post({
body: opts.body,
});
logger.info('new secrets:', created);
return created;
const created = await this.client.createNamespacedSecret(namespace, opts.body);
this.logger.info('new secrets:', created.body);
return created.body;
}
async updateSecret(opts: any) {
// async updateSecret(opts: any) {
// const namespace = opts.namespace || 'default';
// const secretName = opts.secretName;
// if (secretName == null) {
// throw new Error('secretName 不能为空');
// }
// return await this.client.replaceNamespacedSecret(secretName, namespace, opts.body);
// }
async patchSecret(opts: { namespace: string; secretName: string; body: V1Secret }) {
const namespace = opts.namespace || 'default';
const secretName = opts.secretName;
if (secretName == null) {
throw new Error('secretName 不能为空');
}
return await this.client.api.v1.namespaces(namespace).secrets(secretName).put({
body: opts.body,
});
const res = await this.client.patchNamespacedSecret(secretName, namespace, opts.body);
this.logger.info('secret patched:', res.body);
return res.body;
}
async patchSecret(opts: any) {
async getIngressList(opts: { namespace: string }) {
const namespace = opts.namespace || 'default';
const secretName = opts.secretName;
if (secretName == null) {
throw new Error('secretName 不能为空');
}
return await this.client.api.v1.namespaces(namespace).secrets(secretName).patch({
body: opts.body,
});
const client = this.kubeconfig.makeApiClient(NetworkingV1Api);
const res = await client.listNamespacedIngress(namespace);
this.logger.info('ingress list get:', res.body);
return res.body;
}
async getIngressList(opts: any) {
const namespace = opts.namespace || 'default';
return await this.client.apis.extensions.v1beta1.namespaces(namespace).ingresses.get();
}
// async getIngress(opts: { namespace: string; ingressName: string }) {
// const namespace = opts.namespace || 'default';
// const ingressName = opts.ingressName;
// if (!ingressName) {
// throw new Error('ingressName 不能为空');
// }
// const client = this.kubeconfig.makeApiClient(NetworkingV1Api);
// const res = await client.listNamespacedIngress();
// return await this.client.apis.extensions.v1beta1.namespaces(namespace).ingresses(ingressName).get();
// }
async getIngress(opts: any) {
async patchIngress(opts: { namespace: string; ingressName: string; body: V1Ingress }) {
const namespace = opts.namespace || 'default';
const ingressName = opts.ingressName;
if (!ingressName) {
throw new Error('ingressName 不能为空');
}
return await this.client.apis.extensions.v1beta1.namespaces(namespace).ingresses(ingressName).get();
}
async patchIngress(opts: any) {
const namespace = opts.namespace || 'default';
const ingressName = opts.ingressName;
if (!ingressName) {
throw new Error('ingressName 不能为空');
}
return await this.client.apis.extensions.v1beta1.namespaces(namespace).ingresses(ingressName).patch({
body: opts.body,
});
const client = this.kubeconfig.makeApiClient(NetworkingV1Api);
const res = await client.patchNamespacedIngress(ingressName, namespace, opts.body);
this.logger.info('ingress patched:', res.body);
return res;
}
}

30
packages/plugins/plugin-cert/CHANGELOG.md
View File

@@ -3,6 +3,36 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.24.1](https://github.com/certd/certd/compare/v1.24.0...v1.24.1) (2024-09-02)
### Performance Improvements
* 授权配置支持加密 ([42a56b5](https://github.com/certd/certd/commit/42a56b581d754c3e5f9838179d19ab0d004ef2eb))
# [1.24.0](https://github.com/certd/certd/compare/v1.23.1...v1.24.0) (2024-08-25)
### Bug Fixes
* 修复成功后跳过之后丢失腾讯云证书id的bug ([37eb762](https://github.com/certd/certd/commit/37eb762afe25c5896b75dee25f32809f8426e7b7))
* 修复创建流水线后立即运行时报no id错误的bug ([17ead54](https://github.com/certd/certd/commit/17ead547aab25333603980304aa3aad3db1f73d5))
* 修复使用代理的情况下申请证书失败的bug ([95122e2](https://github.com/certd/certd/commit/95122e28609333f4df55c266e5434897954c0fb3))
### Features
* 支持ECC类型 ([a7424e0](https://github.com/certd/certd/commit/a7424e02f5c7e02ac1688791040785920ce67473))
### Performance Improvements
* 更新k8s底层api库 ([746bb9d](https://github.com/certd/certd/commit/746bb9d385e2f397daef4976eca1d4782a2f5ebd))
* 优化成功后跳过的提示 ([7b451bb](https://github.com/certd/certd/commit/7b451bbf6e6337507f4627b5a845f5bd96ab4f7b))
* 优化证书申请成功率 ([968c469](https://github.com/certd/certd/commit/968c4690a07f69c08dcb3d3a494da4e319627345))
## [1.23.1](https://github.com/certd/certd/compare/v1.23.0...v1.23.1) (2024-08-06)
### Performance Improvements
* 优化插件字段的default value ([24c7be2](https://github.com/certd/certd/commit/24c7be2c9cb39c14f7a97b674127c88033280b02))
## [1.22.8](https://github.com/certd/certd/compare/v1.22.7...v1.22.8) (2024-08-05)
**Note:** Version bump only for package @certd/plugin-cert

6
packages/plugins/plugin-cert/package.json
View File

@@ -1,7 +1,7 @@
{
"name": "@certd/plugin-cert",
"private": false,
"version": "1.22.8",
"version": "1.24.1",
"type": "module",
"main": "./dist/index.js",
"types": "./dist/index.d.ts",
@@ -13,8 +13,8 @@
"preview": "vite preview"
},
"dependencies": {
"@certd/acme-client": "^1.22.6",
"@certd/pipeline": "^1.22.8",
"@certd/acme-client": "^1.24.1",
"@certd/pipeline": "^1.24.1",
"jszip": "^3.10.1",
"node-forge": "^0.10.0",
"psl": "^1.9.0"

2
packages/plugins/plugin-cert/src/access/eab-access.ts
View File

@@ -13,6 +13,7 @@ export class EabAccess {
},
helper: "EAB KID",
required: true,
encrypt: true,
})
kid = "";
@AccessInput({
@@ -22,6 +23,7 @@ export class EabAccess {
},
helper: "EAB HMAC Key",
required: true,
encrypt: true,
})
hmacKey = "";
}

96
packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
View File

@@ -7,13 +7,14 @@ import { IContext } from "@certd/pipeline";
import { IDnsProvider } from "../../dns-provider/index.js";
import psl from "psl";
import { ClientExternalAccountBindingOptions, UrlMapping } from "@certd/acme-client";
import { utils } from "@certd/pipeline";
export type CertInfo = {
crt: string;
key: string;
csr: string;
};
export type SSLProvider = "letsencrypt" | "buypass" | "zerossl";
export type SSLProvider = "letsencrypt" | "google" | "zerossl";
export type PrivateKeyType = "rsa_1024" | "rsa_2048" | "rsa_3072" | "rsa_4096" | "ec_256" | "ec_384" | "ec_521";
type AcmeServiceOptions = {
userContext: IContext;
logger: Logger;
@@ -21,6 +22,8 @@ type AcmeServiceOptions = {
eab?: ClientExternalAccountBindingOptions;
skipLocalVerify?: boolean;
useMappingProxy?: boolean;
privateKeyType?: PrivateKeyType;
signal?: AbortSignal;
};
export class AcmeService {
@@ -42,8 +45,20 @@ export class AcmeService {
});
}
async getAccountConfig(email: string): Promise<any> {
return (await this.userContext.getObj(this.buildAccountKey(email))) || {};
async getAccountConfig(email: string, urlMapping: UrlMapping): Promise<any> {
const conf = (await this.userContext.getObj(this.buildAccountKey(email))) || {};
if (urlMapping && urlMapping.mappings) {
for (const key in urlMapping.mappings) {
if (Object.prototype.hasOwnProperty.call(urlMapping.mappings, key)) {
const element = urlMapping.mappings[key];
if (conf.accountUrl?.indexOf(element) > -1) {
//如果用了代理url要替换回去
conf.accountUrl = conf.accountUrl.replace(element, key);
}
}
}
}
return conf;
}
buildAccountKey(email: string) {
@@ -55,7 +70,14 @@ export class AcmeService {
}
async getAcmeClient(email: string, isTest = false): Promise<acme.Client> {
const conf = await this.getAccountConfig(email);
const urlMapping: UrlMapping = {
enabled: false,
mappings: {
"acme-v02.api.letsencrypt.org": "letsencrypt.proxy.handsfree.work",
"dv.acme-v02.api.pki.goog": "google.proxy.handsfree.work",
},
};
const conf = await this.getAccountConfig(email, urlMapping);
if (conf.key == null) {
conf.key = await this.createNewKey();
await this.saveAccountConfig(email, conf);
@@ -66,22 +88,26 @@ export class AcmeService {
} else {
directoryUrl = acme.directory[this.sslProvider].production;
}
const urlMapping: UrlMapping = { enabled: false, mappings: {} };
if (this.options.useMappingProxy) {
urlMapping.enabled = true;
urlMapping.mappings = {
"acme-v02.api.letsencrypt.org": "letsencrypt.proxy.handsfree.work",
};
} else {
//测试directory是否可以访问
const isOk = await this.testDirectory(directoryUrl);
if (!isOk) {
this.logger.info("测试访问失败,自动使用代理");
urlMapping.enabled = true;
}
}
const client = new acme.Client({
directoryUrl: directoryUrl,
accountKey: conf.key,
accountUrl: conf.accountUrl,
externalAccountBinding: this.eab,
backoffAttempts: 30,
backoffAttempts: 15,
backoffMin: 5000,
backoffMax: 10000,
urlMapping,
signal: this.options.signal,
});
if (conf.accountUrl == null) {
@@ -193,18 +219,38 @@ export class AcmeService {
}
}
async order(options: { email: string; domains: string | string[]; dnsProvider: any; csrInfo: any; isTest?: boolean }) {
async order(options: {
email: string;
domains: string | string[];
dnsProvider: any;
csrInfo: any;
isTest?: boolean;
privateKeyType?: string;
}): Promise<CertInfo> {
const { email, isTest, domains, csrInfo, dnsProvider } = options;
const client: acme.Client = await this.getAcmeClient(email, isTest);
/* Create CSR */
const { commonName, altNames } = this.buildCommonNameByDomains(domains);
const [key, csr] = await acme.forge.createCsr({
commonName,
...csrInfo,
altNames,
});
let privateKey = null;
const privateKeyType = options.privateKeyType || "rsa_2048";
const privateKeyArr = privateKeyType.split("_");
const type = privateKeyArr[0];
const size = parseInt(privateKeyArr[1]);
if (type == "ec") {
const name: any = "P-" + size;
privateKey = await acme.crypto.createPrivateEcdsaKey(name);
} else {
privateKey = await acme.crypto.createPrivateRsaKey(size);
}
const [key, csr] = await acme.crypto.createCsr(
{
commonName,
...csrInfo,
altNames,
},
privateKey
);
if (dnsProvider == null) {
throw new Error("dnsProvider 不能为空");
}
@@ -221,6 +267,7 @@ export class AcmeService {
challengeRemoveFn: async (authz: acme.Authorization, challenge: Challenge, keyAuthorization: string, recordItem: any): Promise<any> => {
return await this.challengeRemoveFn(authz, challenge, keyAuthorization, recordItem, dnsProvider);
},
signal: this.options.signal,
});
const cert: CertInfo = {
@@ -255,4 +302,19 @@ export class AcmeService {
altNames,
};
}
private async testDirectory(directoryUrl: string) {
try {
await utils.http({
url: directoryUrl,
method: "GET",
timeout: 5000,
});
} catch (e) {
this.logger.error(`${directoryUrl},测试访问失败`, e);
return false;
}
this.logger.info(`${directoryUrl},测试访问成功`);
return true;
}
}

11
packages/plugins/plugin-cert/src/plugin/cert-plugin/base.ts
View File

@@ -1,7 +1,6 @@
import { AbstractTaskPlugin, HttpClient, IAccessService, IContext, Step, TaskInput, TaskOutput } from "@certd/pipeline";
import { AbstractTaskPlugin, HttpClient, IContext, Step, TaskInput, TaskOutput } from "@certd/pipeline";
import dayjs from "dayjs";
import type { CertInfo } from "./acme.js";
import { Logger } from "log4js";
import { CertReader } from "./cert-reader.js";
import JSZip from "jszip";
@@ -91,9 +90,7 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
// })
csrInfo!: string;
logger!: Logger;
userContext!: IContext;
accessService!: IAccessService;
http!: HttpClient;
lastStatus!: Step;
@@ -103,8 +100,6 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
cert?: CertInfo;
async onInstance() {
this.accessService = this.ctx.accessService;
this.logger = this.ctx.logger;
this.userContext = this.ctx.userContext;
this.http = this.ctx.http;
this.lastStatus = this.ctx.lastStatus as Step;
@@ -138,10 +133,10 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
const cert: CertInfo = certReader.toCertInfo();
this.cert = cert;
this._result.pipelineVars.certExpiresTime = dayjs(certReader.detail.validity.notAfter).valueOf();
this._result.pipelineVars.certExpiresTime = dayjs(certReader.detail.notAfter).valueOf();
if (isNew) {
const applyTime = dayjs(certReader.detail.validity.notBefore).format("YYYYMMDD_HHmmss");
const applyTime = dayjs(certReader.detail.notBefore).format("YYYYMMDD_HHmmss");
await this.zipCert(cert, applyTime);
} else {
this.extendsFiles();

7
packages/plugins/plugin-cert/src/plugin/cert-plugin/cert-reader.ts
View File

@@ -1,8 +1,8 @@
import { CertInfo } from "./acme.js";
import fs from "fs";
import os from "os";
import forge from "node-forge";
import path from "path";
import { crypto } from "@certd/acme-client";
export class CertReader implements CertInfo {
crt: string;
key: string;
@@ -29,9 +29,8 @@ export class CertReader implements CertInfo {
}
getCrtDetail(crt: string) {
const pki = forge.pki;
const detail = pki.certificateFromPem(crt.toString());
const expires = detail.validity.notAfter;
const detail = crypto.readCertificateInfo(crt.toString());
const expires = detail.notAfter;
return { detail, expires };
}

44
packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
View File

@@ -1,5 +1,5 @@
import { Decorator, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
import type { CertInfo, SSLProvider } from "./acme.js";
import type { CertInfo, PrivateKeyType, SSLProvider } from "./acme.js";
import { AcmeService } from "./acme.js";
import _ from "lodash-es";
import { DnsProviderContext, DnsProviderDefine, dnsProviderRegistry } from "../../dns-provider/index.js";
@@ -27,20 +27,40 @@ export type { CertInfo };
export class CertApplyPlugin extends CertApplyBasePlugin {
@TaskInput({
title: "证书提供商",
default: "letsencrypt",
value: "letsencrypt",
component: {
name: "a-select",
vModel: "value",
options: [
{ value: "letsencrypt", label: "Let's Encrypt" },
// { value: "letsencrypt-proxy", label: "Let's Encrypt代理letsencrypt.org无法访问时使用" },
// { value: "buypass", label: "Buypass" },
{ value: "google", label: "Google" },
{ value: "zerossl", label: "ZeroSSL" },
],
},
helper: "如果letsencrypt.org或dv.acme-v02.api.pki.goog无法访问请尝试开启代理选项\n如果使用ZeroSSL、google证书需要提供EAB授权",
required: true,
})
sslProvider!: SSLProvider;
@TaskInput({
title: "加密算法",
value: "rsa_2048",
component: {
name: "a-select",
vModel: "value",
options: [
{ value: "rsa_1024", label: "RSA 1024" },
{ value: "rsa_2048", label: "RSA 2048" },
{ value: "rsa_3072", label: "RSA 3072" },
{ value: "rsa_4096", label: "RSA 4096" },
{ value: "ec_256", label: "EC 256" },
{ value: "ec_384", label: "EC 384" },
// { value: "ec_521", label: "EC 521" },
],
},
required: true,
})
sslProvider!: SSLProvider;
privateKeyType!: PrivateKeyType;
@TaskInput({
title: "EAB授权",
@@ -49,7 +69,8 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
type: "eab",
},
maybeNeed: true,
helper: "如果使用ZeroSSL证书需要提供EAB授权 请前往 https://app.zerossl.com/developer 生成 'EAB Credentials for ACME Clients' ",
helper:
"如果使用ZeroSSL或者google证书需要提供EAB授权\nZeroSSL请前往 https://app.zerossl.com/developer 生成 'EAB Credentials' \n Google请前往https://github.com/certd/certd/blob/v2/doc/google/google.md",
})
eabAccessId!: number;
@@ -59,7 +80,8 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
name: "pi-dns-provider-selector",
},
required: true,
helper: "请选择dns解析提供商",
helper:
"请选择dns解析提供商您的域名是在哪里注册的或者域名的dns解析服务器属于哪个平台\n如果这里没有您的dns解析提供商您可以将域名解析服务器设置成上面的任意一个提供商",
})
dnsProviderType!: string;
@@ -82,18 +104,18 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
@TaskInput({
title: "使用代理",
default: false,
value: false,
component: {
name: "a-switch",
vModel: "checked",
},
helper: "如果acme-v02.api.letsencrypt.org被墙无法连接访问,请尝试开启此选项",
helper: "如果acme-v02.api.letsencrypt.org或dv.acme-v02.api.pki.goog被墙无法访问,请尝试开启此选项",
})
useProxy = false;
@TaskInput({
title: "跳过本地校验DNS",
default: false,
value: false,
component: {
name: "a-switch",
vModel: "checked",
@@ -116,6 +138,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
eab,
skipLocalVerify: this.skipLocalVerify,
useMappingProxy: this.useProxy,
privateKeyType: this.privateKeyType,
});
}
@@ -156,6 +179,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
dnsProvider,
csrInfo,
isTest: false,
privateKeyType: this.privateKeyType,
});
const certInfo = this.formatCerts(cert);

2
packages/plugins/plugin-cert/src/plugin/cert-plugin/lego/index.ts
View File

@@ -97,7 +97,7 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
this.http = this.ctx.http;
this.lastStatus = this.ctx.lastStatus as Step;
if (this.legoEabAccessId) {
this.eab = await this.ctx.accessService.getById(this.legoEabAccessId);
this.eab = await this.accessService.getById(this.legoEabAccessId);
}
}
async onInit(): Promise<void> {}

19
packages/ui/.dockerignore Normal file
View File

@@ -0,0 +1,19 @@
logs/
npm-debug.log
yarn-error.log
node_modules/
package-lock.json
yarn.lock
coverage/
!dist/
.idea/
run/
.DS_Store
*.sw*
*.un~
.tsbuildinfo
.tsbuildinfo.*
/data/db.sqlite
*/node_modules
certd-server/tools/windows/

2
packages/ui/Dockerfile
View File

@@ -2,7 +2,7 @@ FROM node:20-alpine AS builder
EXPOSE 7001
WORKDIR /workspace/
COPY . /workspace/
RUN npm install -g pnpm@8.15.7
RUN npm install -g pnpm
#RUN cd /workspace/certd-client && pnpm install && npm run build
RUN cp /workspace/certd-client/dist/* /workspace/certd-server/public/ -rf

463
packages/ui/certd-client/.dependency-cruiser.js
View File

@@ -1,463 +0,0 @@
/** @type {import('dependency-cruiser').IConfiguration} */
module.exports = {
forbidden: [
/* rules from the 'recommended' preset: */
{
name: 'no-circular',
severity: 'warn',
comment:
'This dependency is part of a circular relationship. You might want to revise ' +
'your solution (i.e. use dependency inversion, make sure the modules have a single responsibility) ',
from: {},
to: {
circular: true
}
},
{
name: 'no-orphans',
comment:
"This is an orphan module - it's likely not used (anymore?). Either use it or " +
"remove it. If it's logical this module is an orphan (i.e. it's a config file), " +
"add an exception for it in your dependency-cruiser configuration. By default " +
"this rule does not scrutinize dot-files (e.g. .eslintrc.js), TypeScript declaration " +
"files (.d.ts), tsconfig.json and some of the babel and webpack configs.",
severity: 'warn',
from: {
orphan: true,
pathNot: [
'(^|/)\\.[^/]+\\.(js|cjs|mjs|ts|json)$', // dot files
'\\.d\\.ts$', // TypeScript declaration files
'(^|/)tsconfig\\.json$', // TypeScript config
'(^|/)(babel|webpack)\\.config\\.(js|cjs|mjs|ts|json)$' // other configs
]
},
to: {},
},
{
name: 'no-deprecated-core',
comment:
'A module depends on a node core module that has been deprecated. Find an alternative - these are ' +
"bound to exist - node doesn't deprecate lightly.",
severity: 'warn',
from: {},
to: {
dependencyTypes: [
'core'
],
path: [
'^(v8\/tools\/codemap)$',
'^(v8\/tools\/consarray)$',
'^(v8\/tools\/csvparser)$',
'^(v8\/tools\/logreader)$',
'^(v8\/tools\/profile_view)$',
'^(v8\/tools\/profile)$',
'^(v8\/tools\/SourceMap)$',
'^(v8\/tools\/splaytree)$',
'^(v8\/tools\/tickprocessor-driver)$',
'^(v8\/tools\/tickprocessor)$',
'^(node-inspect\/lib\/_inspect)$',
'^(node-inspect\/lib\/internal\/inspect_client)$',
'^(node-inspect\/lib\/internal\/inspect_repl)$',
'^(async_hooks)$',
'^(punycode)$',
'^(domain)$',
'^(constants)$',
'^(sys)$',
'^(_linklist)$',
'^(_stream_wrap)$'
],
}
},
{
name: 'not-to-deprecated',
comment:
'This module uses a (version of an) npm module that has been deprecated. Either upgrade to a later ' +
'version of that module, or find an alternative. Deprecated modules are a security risk.',
severity: 'warn',
from: {},
to: {
dependencyTypes: [
'deprecated'
]
}
},
{
name: 'no-non-package-json',
severity: 'error',
comment:
"This module depends on an npm package that isn't in the 'dependencies' section of your package.json. " +
"That's problematic as the package either (1) won't be available on live (2 - worse) will be " +
"available on live with an non-guaranteed version. Fix it by adding the package to the dependencies " +
"in your package.json.",
from: {},
to: {
dependencyTypes: [
'npm-no-pkg',
'npm-unknown'
]
}
},
{
name: 'not-to-unresolvable',
comment:
"This module depends on a module that cannot be found ('resolved to disk'). If it's an npm " +
'module: add it to your package.json. In all other cases you likely already know what to do.',
severity: 'error',
from: {},
to: {
couldNotResolve: true
}
},
{
name: 'no-duplicate-dep-types',
comment:
"Likely this module depends on an external ('npm') package that occurs more than once " +
"in your package.json i.e. bot as a devDependencies and in dependencies. This will cause " +
"maintenance problems later on.",
severity: 'warn',
from: {},
to: {
moreThanOneDependencyType: true,
// as it's pretty common to have a type import be a type only import
// _and_ (e.g.) a devDependency - don't consider type-only dependency
// types for this rule
dependencyTypesNot: ["type-only"]
}
},
/* rules you might want to tweak for your specific situation: */
{
name: 'not-to-test',
comment:
"This module depends on code within a folder that should only contain tests. As tests don't " +
"implement functionality this is odd. Either you're writing a test outside the test folder " +
"or there's something in the test folder that isn't a test.",
severity: 'error',
from: {
pathNot: '^(tests)'
},
to: {
path: '^(tests)'
}
},
{
name: 'not-to-spec',
comment:
'This module depends on a spec (test) file. The sole responsibility of a spec file is to test code. ' +
"If there's something in a spec that's of use to other modules, it doesn't have that single " +
'responsibility anymore. Factor it out into (e.g.) a separate utility/ helper or a mock.',
severity: 'error',
from: {},
to: {
path: '\\.(spec|test)\\.(js|mjs|cjs|ts|ls|coffee|litcoffee|coffee\\.md)$'
}
},
{
name: 'not-to-dev-dep',
severity: 'error',
comment:
"This module depends on an npm package from the 'devDependencies' section of your " +
'package.json. It looks like something that ships to production, though. To prevent problems ' +
"with npm packages that aren't there on production declare it (only!) in the 'dependencies'" +
'section of your package.json. If this module is development only - add it to the ' +
'from.pathNot re of the not-to-dev-dep rule in the dependency-cruiser configuration',
from: {
path: '^(src)',
pathNot: '\\.(spec|test)\\.(js|mjs|cjs|ts|ls|coffee|litcoffee|coffee\\.md)$'
},
to: {
dependencyTypes: [
'npm-dev'
]
}
},
{
name: 'optional-deps-used',
severity: 'info',
comment:
"This module depends on an npm package that is declared as an optional dependency " +
"in your package.json. As this makes sense in limited situations only, it's flagged here. " +
"If you're using an optional dependency here by design - add an exception to your" +
"dependency-cruiser configuration.",
from: {},
to: {
dependencyTypes: [
'npm-optional'
]
}
},
{
name: 'peer-deps-used',
comment:
"This module depends on an npm package that is declared as a peer dependency " +
"in your package.json. This makes sense if your package is e.g. a plugin, but in " +
"other cases - maybe not so much. If the use of a peer dependency is intentional " +
"add an exception to your dependency-cruiser configuration.",
severity: 'warn',
from: {},
to: {
dependencyTypes: [
'npm-peer'
]
}
}
],
options: {
/* conditions specifying which files not to follow further when encountered:
- path: a regular expression to match
- dependencyTypes: see https://github.com/sverweij/dependency-cruiser/blob/master/doc/rules-reference.md#dependencytypes-and-dependencytypesnot
for a complete list
*/
doNotFollow: {
path: 'node_modules'
},
/* conditions specifying which dependencies to exclude
- path: a regular expression to match
- dynamic: a boolean indicating whether to ignore dynamic (true) or static (false) dependencies.
leave out if you want to exclude neither (recommended!)
*/
// exclude : {
// path: '',
// dynamic: true
// },
/* pattern specifying which files to include (regular expression)
dependency-cruiser will skip everything not matching this pattern
*/
// includeOnly : '',
/* dependency-cruiser will include modules matching against the focus
regular expression in its output, as well as their neighbours (direct
dependencies and dependents)
*/
// focus : '',
/* list of module systems to cruise */
// moduleSystems: ['amd', 'cjs', 'es6', 'tsd'],
/* prefix for links in html and svg output (e.g. 'https://github.com/you/yourrepo/blob/develop/'
to open it on your online repo or `vscode://file/${process.cwd()}/` to
open it in visual studio code),
*/
// prefix: '',
/* false (the default): ignore dependencies that only exist before typescript-to-javascript compilation
true: also detect dependencies that only exist before typescript-to-javascript compilation
"specify": for each dependency identify whether it only exists before compilation or also after
*/
tsPreCompilationDeps: true,
/*
list of extensions to scan that aren't javascript or compile-to-javascript.
Empty by default. Only put extensions in here that you want to take into
account that are _not_ parsable.
*/
// extraExtensionsToScan: [".json", ".jpg", ".png", ".svg", ".webp"],
/* if true combines the package.jsons found from the module up to the base
folder the cruise is initiated from. Useful for how (some) mono-repos
manage dependencies & dependency definitions.
*/
// combinedDependencies: false,
/* if true leave symlinks untouched, otherwise use the realpath */
// preserveSymlinks: false,
/* TypeScript project file ('tsconfig.json') to use for
(1) compilation and
(2) resolution (e.g. with the paths property)
The (optional) fileName attribute specifies which file to take (relative to
dependency-cruiser's current working directory). When not provided
defaults to './tsconfig.json'.
*/
tsConfig: {
fileName: 'tsconfig.json'
},
/* Webpack configuration to use to get resolve options from.
The (optional) fileName attribute specifies which file to take (relative
to dependency-cruiser's current working directory. When not provided defaults
to './webpack.conf.js'.
The (optional) `env` and `args` attributes contain the parameters to be passed if
your webpack config is a function and takes them (see webpack documentation
for details)
*/
// webpackConfig: {
// fileName: './webpack.config.js',
// env: {},
// args: {},
// },
/* Babel config ('.babelrc', '.babelrc.json', '.babelrc.json5', ...) to use
for compilation (and whatever other naughty things babel plugins do to
source code). This feature is well tested and usable, but might change
behavior a bit over time (e.g. more precise results for used module
systems) without dependency-cruiser getting a major version bump.
*/
// babelConfig: {
// fileName: './.babelrc'
// },
/* List of strings you have in use in addition to cjs/ es6 requires
& imports to declare module dependencies. Use this e.g. if you've
re-declared require, use a require-wrapper or use window.require as
a hack.
*/
// exoticRequireStrings: [],
/* options to pass on to enhanced-resolve, the package dependency-cruiser
uses to resolve module references to disk. You can set most of these
options in a webpack.conf.js - this section is here for those
projects that don't have a separate webpack config file.
Note: settings in webpack.conf.js override the ones specified here.
*/
enhancedResolveOptions: {
/* List of strings to consider as 'exports' fields in package.json. Use
['exports'] when you use packages that use such a field and your environment
supports it (e.g. node ^12.19 || >=14.7 or recent versions of webpack).
If you have an `exportsFields` attribute in your webpack config, that one
will have precedence over the one specified here.
*/
exportsFields: ["exports"],
/* List of conditions to check for in the exports field. e.g. use ['imports']
if you're only interested in exposed es6 modules, ['require'] for commonjs,
or all conditions at once `(['import', 'require', 'node', 'default']`)
if anything goes for you. Only works when the 'exportsFields' array is
non-empty.
If you have a 'conditionNames' attribute in your webpack config, that one will
have precedence over the one specified here.
*/
conditionNames: ["import", "require", "node", "default"],
/*
The extensions, by default are the same as the ones dependency-cruiser
can access (run `npx depcruise --info` to see which ones that are in
_your_ environment. If that list is larger than what you need (e.g.
it contains .js, .jsx, .ts, .tsx, .cts, .mts - but you don't use
TypeScript you can pass just the extensions you actually use (e.g.
[".js", ".jsx"]). This can speed up the most expensive step in
dependency cruising (module resolution) quite a bit.
*/
// extensions: [".js", ".jsx", ".ts", ".tsx", ".d.ts"],
/*
If your TypeScript project makes use of types specified in 'types'
fields in package.jsons of external dependencies, specify "types"
in addition to "main" in here, so enhanced-resolve (the resolver
dependency-cruiser uses) knows to also look there. You can also do
this if you're not sure, but still use TypeScript. In a future version
of dependency-cruiser this will likely become the default.
*/
mainFields: ["main", "types"],
},
reporterOptions: {
dot: {
/* pattern of modules that can be consolidated in the detailed
graphical dependency graph. The default pattern in this configuration
collapses everything in node_modules to one folder deep so you see
the external modules, but not the innards your app depends upon.
*/
collapsePattern: 'node_modules/(@[^/]+/[^/]+|[^/]+)',
/* Options to tweak the appearance of your graph.See
https://github.com/sverweij/dependency-cruiser/blob/master/doc/options-reference.md#reporteroptions
for details and some examples. If you don't specify a theme
don't worry - dependency-cruiser will fall back to the default one.
*/
// theme: {
// graph: {
// /* use splines: "ortho" for straight lines. Be aware though
// graphviz might take a long time calculating ortho(gonal)
// routings.
// */
// splines: "true"
// },
// modules: [
// {
// criteria: { matchesFocus: true },
// attributes: {
// fillcolor: "lime",
// penwidth: 2,
// },
// },
// {
// criteria: { matchesFocus: false },
// attributes: {
// fillcolor: "lightgrey",
// },
// },
// {
// criteria: { matchesReaches: true },
// attributes: {
// fillcolor: "lime",
// penwidth: 2,
// },
// },
// {
// criteria: { matchesReaches: false },
// attributes: {
// fillcolor: "lightgrey",
// },
// },
// {
// criteria: { source: "^src/model" },
// attributes: { fillcolor: "#ccccff" }
// },
// {
// criteria: { source: "^src/view" },
// attributes: { fillcolor: "#ccffcc" }
// },
// ],
// dependencies: [
// {
// criteria: { "rules[0].severity": "error" },
// attributes: { fontcolor: "red", color: "red" }
// },
// {
// criteria: { "rules[0].severity": "warn" },
// attributes: { fontcolor: "orange", color: "orange" }
// },
// {
// criteria: { "rules[0].severity": "info" },
// attributes: { fontcolor: "blue", color: "blue" }
// },
// {
// criteria: { resolved: "^src/model" },
// attributes: { color: "#0000ff77" }
// },
// {
// criteria: { resolved: "^src/view" },
// attributes: { color: "#00770077" }
// }
// ]
// }
},
archi: {
/* pattern of modules that can be consolidated in the high level
graphical dependency graph. If you use the high level graphical
dependency graph reporter (`archi`) you probably want to tweak
this collapsePattern to your situation.
*/
collapsePattern: '^(packages|src|lib|app|bin|test(s?)|spec(s?))/[^/]+|node_modules/(@[^/]+/[^/]+|[^/]+)',
/* Options to tweak the appearance of your graph.See
https://github.com/sverweij/dependency-cruiser/blob/master/doc/options-reference.md#reporteroptions
for details and some examples. If you don't specify a theme
for 'archi' dependency-cruiser will use the one specified in the
dot section (see above), if any, and otherwise use the default one.
*/
// theme: {
// },
},
"text": {
"highlightFocused": true
},
}
}
};
// generated: dependency-cruiser@12.11.0 on 2023-03-24T14:11:38.647Z

37
packages/ui/certd-client/CHANGELOG.md
View File

@@ -3,6 +3,43 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.24.1](https://github.com/certd/certd/compare/v1.24.0...v1.24.1) (2024-09-02)
### Bug Fixes
* 激活仅限管理员 ([1c17970](https://github.com/certd/certd/commit/1c17970b981f0987c506744ee6b2283fd5e40493))
### Performance Improvements
* 授权配置支持加密 ([42a56b5](https://github.com/certd/certd/commit/42a56b581d754c3e5f9838179d19ab0d004ef2eb))
* 支持阿里云 DCDN ([98b77f8](https://github.com/certd/certd/commit/98b77f80843834616fb26f83b4c42245326abd06))
* 支持已跳过的步骤重新运行 ([ea775ad](https://github.com/certd/certd/commit/ea775adae18d57a04470cfba6b9460d761d74035))
* 支持cdnfly ([724a850](https://github.com/certd/certd/commit/724a85028b4a7146c9e3b4df4497dcf2a7bf7c67))
* 支持ftp上传 ([b9bddbf](https://github.com/certd/certd/commit/b9bddbfabb5664365f1232e9432532187c98006c))
# [1.24.0](https://github.com/certd/certd/compare/v1.23.1...v1.24.0) (2024-08-25)
### Bug Fixes
* 部署到腾讯云cdn选择证书任务步骤限制只能选证书 ([3345c14](https://github.com/certd/certd/commit/3345c145b802170f75a098a35d0c4b8312efcd17))
* 修复执行日志没有清理的bug ([22a3363](https://github.com/certd/certd/commit/22a336370a88a7df2a23c967043bae153da71ed5))
### Features
* 支持ECC类型 ([a7424e0](https://github.com/certd/certd/commit/a7424e02f5c7e02ac1688791040785920ce67473))
### Performance Improvements
* 优化成功后跳过的提示 ([7b451bb](https://github.com/certd/certd/commit/7b451bbf6e6337507f4627b5a845f5bd96ab4f7b))
* 优化证书申请成功率 ([968c469](https://github.com/certd/certd/commit/968c4690a07f69c08dcb3d3a494da4e319627345))
* email proxy ([453f1ba](https://github.com/certd/certd/commit/453f1baa0b9eb0f648aa1b71ccf5a95b202ce13f))
## [1.23.1](https://github.com/certd/certd/compare/v1.23.0...v1.23.1) (2024-08-06)
### Performance Improvements
* 优化默认值设置 ([1af19f0](https://github.com/certd/certd/commit/1af19f0ac053fe109782882964533636b5969d6b))
# [1.23.0](https://github.com/certd/certd/compare/v1.22.9...v1.23.0) (2024-08-05)
### Features

9
packages/ui/certd-client/package.json
View File

@@ -1,6 +1,6 @@
{
"name": "@certd/ui-client",
"version": "1.23.0",
"version": "1.24.1",
"private": true,
"scripts": {
"dev": "vite --open",
@@ -23,13 +23,14 @@
"license": "AGPL-3.0",
"dependencies": {
"@ant-design/colors": "^7.0.2",
"@ant-design/icons-vue": "^7.0.1",
"@ant-design/icons-vue": "^6.1.0",
"@fast-crud/fast-crud": "^1.21.2",
"@fast-crud/fast-extends": "^1.21.2",
"@fast-crud/ui-antdv4": "^1.21.2",
"@fast-crud/ui-interface": "^1.21.2",
"@iconify/vue": "^4.1.1",
"@soerenmartius/vue3-clipboard": "^0.1.2",
"@vue-js-cron/light": "^4.0.5",
"ant-design-vue": "^4.1.2",
"axios": "^1.7.2",
"axios-mock-adapter": "^1.22.0",
@@ -57,7 +58,7 @@
"vuedraggable": "^2.24.3"
},
"devDependencies": {
"@certd/pipeline": "^1.22.8",
"@certd/pipeline": "^1.24.1",
"@rollup/plugin-commonjs": "^25.0.7",
"@rollup/plugin-node-resolve": "^15.2.3",
"@types/chai": "^4.3.12",
@@ -104,7 +105,7 @@
"tslint": "^6.1.3",
"typescript": "5.4.2",
"unplugin-vue-define-options": "^1.4.2",
"vite": "^5.1.6",
"vite": "^5.3.1",
"vite-plugin-compression": "^0.5.1",
"vite-plugin-html": "^3.2.2",
"vite-plugin-windicss": "^1.9.3",

11
packages/ui/certd-client/src/api/modules/api.basic.ts
View File

@@ -5,9 +5,20 @@ export type SysPublicSetting = {
managerOtherUserPipeline: boolean;
};
export type SysInstallInfo = {
siteId: string;
};
export async function getSysPublicSettings(): Promise<SysPublicSetting> {
return await request({
url: "/basic/settings/public",
method: "get"
});
}
export async function getInstallInfo(): Promise<SysInstallInfo> {
return await request({
url: "/basic/settings/install",
method: "get"
});
}

9
packages/ui/certd-client/src/api/modules/api.user.ts
View File

@@ -60,7 +60,14 @@ export async function mine(): Promise<UserInfoRes> {
});
}
return await request({
url: "/sys/authority/user/mine",
url: "/mine/info",
method: "post"
});
}
export async function getPlusInfo() {
return await request({
url: "/mine/plusInfo",
method: "post"
});
}

80
packages/ui/certd-client/src/components/cron-editor/index.vue Normal file
View File

@@ -0,0 +1,80 @@
<template>
<div class="cron-editor">
<div class="flex-o">
<cron-light
:disabled="disabled"
:readonly="readonly"
:period="period"
class="flex-o cron-ant"
locale="zh-CN"
format="quartz"
:model-value="modelValue"
@update:model-value="onUpdate"
@error="onError"
/>
</div>
<div class="mt-5">
<a-input :disabled="true" :readonly="readonly" :value="modelValue" @change="onChange"></a-input>
</div>
<div class="fs-helper">{{ errorMessage }}</div>
</div>
</template>
<script lang="ts" setup>
import { ref } from "vue";
const props = defineProps<{
modelValue?: string;
disabled?: boolean;
readonly?: boolean;
}>();
const period = ref<string>("day");
const emit = defineEmits<{
"update:modelValue": any;
}>();
const errorMessage = ref<string | null>(null);
const onUpdate = (value: string) => {
if (value === props.modelValue) {
return;
}
emit("update:modelValue", value);
errorMessage.value = undefined;
};
const onPeriod = (value: string) => {
period.value = value;
};
const onChange = (e: any) => {
const value = e.target.value;
onUpdate(value);
};
const onError = (error: any) => {
errorMessage.value = error;
};
</script>
<style lang="less">
.cron-editor {
.cron-ant {
flex-wrap: wrap;
&* > {
margin-bottom: 2px;
display: flex;
align-items: center;
}
.vcron-select-list {
min-width: 56px;
}
.vcron-select-input {
min-height: 22px;
}
.vcron-select-container {
display: flex;
align-items: center;
}
}
}
</style>

12
packages/ui/certd-client/src/components/index.ts
View File

@@ -1,15 +1,23 @@
import PiContainer from "./container.vue";
import PiAccessSelector from "../views/certd/access/access-selector/index.vue";
import PiDnsProviderSelector from "./dns-provider-selector/index.vue";
import PiOutputSelector from "../views/certd/pipeline/pipeline/component/output-selector/index.vue";import PiEditable from "./editable.vue";
import PiOutputSelector from "../views/certd/pipeline/pipeline/component/output-selector/index.vue";
import PiEditable from "./editable.vue";
import VipButton from "./vip-button/index.vue";
import { CheckCircleOutlined, InfoCircleOutlined, UndoOutlined } from "@ant-design/icons-vue";
import CronEditor from "./cron-editor/index.vue";
import { CronLight } from "@vue-js-cron/light";
import "@vue-js-cron/light/dist/light.css";
export default {
install(app:any) {
install(app: any) {
app.component("PiContainer", PiContainer);
app.component("PiAccessSelector", PiAccessSelector);
app.component("PiEditable", PiEditable);
app.component("PiOutputSelector", PiOutputSelector);
app.component("PiDnsProviderSelector", PiDnsProviderSelector);
app.component("VipButton", VipButton);
app.component("CronLight", CronLight);
app.component("CronEditor", CronEditor);
app.component("CheckCircleOutlined", CheckCircleOutlined);
app.component("InfoCircleOutlined", InfoCircleOutlined);

9
packages/ui/certd-client/src/components/vip-button/api.ts Normal file
View File

@@ -0,0 +1,9 @@
import { request } from "/src/api/service";
export async function doActive(form: any) {
return await request({
url: "/sys/plus/active",
method: "post",
data: form
});
}

178
packages/ui/certd-client/src/components/vip-button/index.vue Normal file
View File

@@ -0,0 +1,178 @@
<template>
<div class="layout-vip isPlus" @click="openUpgrade">
<contextHolder />
<fs-icon icon="mingcute:vip-1-line" :title="text.title" />
<div v-if="mode !== 'icon'" class="text">
<a-tooltip>
<template #title> {{ text.title }}</template>
<span>{{ text.name }}</span>
</a-tooltip>
</div>
</div>
</template>
<script lang="tsx" setup>
import { ref, reactive, computed } from "vue";
import { useUserStore } from "/src/store/modules/user";
import dayjs from "dayjs";
import { message, Modal } from "ant-design-vue";
import * as api from "./api";
import { useSettingStore } from "/@/store/modules/settings";
const props = withDefaults(
defineProps<{
mode?: "button" | "nav" | "icon";
}>(),
{
mode: "button"
}
);
type Text = {
name: string;
title?: string;
};
const text = computed<Text>(() => {
const map = {
isPlus: {
button: {
name: "专业版已开通",
title: "到期时间:" + expireTime.value
},
icon: {
name: "",
title: "专业版已开通"
},
nav: {
name: "专业版",
title: "到期时间:" + expireTime.value
}
},
free: {
button: {
name: "此为专业版功能",
title: "升级专业版享受更多VIP特权"
},
icon: {
name: "",
title: "此为专业版功能"
},
nav: {
name: "免费版",
title: "升级专业版享受更多VIP特权"
}
}
};
if (userStore.isPlus) {
return map.isPlus[props.mode];
} else {
return map.free[props.mode];
}
});
const userStore = useUserStore();
const expireTime = computed(() => {
if (userStore.isPlus) {
return dayjs(userStore.plusInfo.expireTime).format("YYYY-MM-DD");
}
return "";
});
const expiredDays = computed(() => {
if (userStore.plusInfo?.isPlus && !userStore.isPlus) {
//已过期多少天
const days = dayjs().diff(dayjs(userStore.plusInfo.expireTime), "day");
return `专业版已过期${days}`;
}
return "";
});
const formState = reactive({
code: ""
});
async function doActive() {
if (!formState.code) {
message.error("请输入激活码");
throw new Error("请输入激活码");
}
const res = await api.doActive(formState);
if (res) {
await userStore.reInit();
Modal.success({
title: "激活成功",
content: `您已成功激活专业版,有效期至:${dayjs(userStore.plusInfo.expireTime).format("YYYY-MM-DD")}`
});
}
}
const settingStore = useSettingStore();
const computedSiteId = computed(() => settingStore.installInfo?.siteId);
const [modal, contextHolder] = Modal.useModal();
function openUpgrade() {
if (!userStore.isAdmin) {
message.info("仅限管理员操作");
return;
}
const placeholder = "请输入激活码";
const isPlus = userStore.isPlus;
modal.confirm({
title: isPlus ? "续期专业版" : "激活专业版",
async onOk() {
return await doActive();
},
okText: "激活",
width: 500,
content: () => {
return (
<div class="mt-10 mb-10">
<div>
<h3 class="block-header">专业版特权</h3>
<ul>
<li>证书流水线数量无限制</li>
<li>可加VIP群需求优先实现</li>
<li>更多特权敬请期待</li>
</ul>
</div>
<div>
<h3 class="block-header">{isPlus ? "续期" : "立刻激活"}</h3>
<div>{isPlus ? "当前专业版已激活,到期时间" + dayjs(userStore.plusInfo.expireTime).format("YYYY-MM-DD") : ""}</div>
<div class="mt-10">
<div class="flex-o w-100">
<span>站点ID</span>
<fs-copyable class="flex-1" v-model={computedSiteId.value}></fs-copyable>
</div>
<a-input class="mt-10" v-model:value={formState.code} placeholder={placeholder} />
</div>
<div class="mt-10">
没有激活码
<a href="https://afdian.com/a/greper" target="_blank">
爱发电赞助VIP会员后获取
</a>
</div>
</div>
</div>
);
}
});
}
</script>
<style lang="less">
.layout-vip {
display: flex;
align-items: center;
justify-content: center;
height: 100%;
cursor: pointer;
&.isPlus {
color: #c5913f;
}
.text {
margin-left: 5px;
}
}
</style>

61
packages/ui/certd-client/src/layout/layout-framework.vue
View File

@@ -12,14 +12,14 @@
<a-layout class="layout-body">
<a-layout-header class="header">
<div class="header-buttons">
<div class="header-left header-buttons">
<div class="menu-fold" @click="asideCollapsedToggle">
<MenuUnfoldOutlined v-if="asideCollapsed" />
<MenuFoldOutlined v-else />
</div>
<fs-menu class="header-menu" mode="horizontal" :expand-selected="false" :selectable="false" :menus="frameworkMenus" />
<vip-button class="flex-center header-btn" mode="nav" />
</div>
<fs-menu class="header-menu" mode="horizontal" :expand-selected="false" :selectable="false" :menus="frameworkMenus" />
<div class="header-right header-buttons">
<!-- <button-->
<!-- w:bg="blue-400 hover:blue-500 dark:blue-500 dark:hover:blue-600"-->
@@ -83,10 +83,11 @@ import { MenuFoldOutlined, MenuUnfoldOutlined } from "@ant-design/icons-vue";
import FsThemeSet from "/@/layout/components/theme/index.vue";
import { env } from "../utils/util.env";
import FsThemeModeSet from "./components/theme/mode-set.vue";
import VipButton from "/@/components/vip-button/index.vue";
export default {
name: "LayoutFramework",
// eslint-disable-next-line vue/no-unused-components
components: { FsThemeSet, MenuFoldOutlined, MenuUnfoldOutlined, FsMenu, FsLocale, FsSourceLink, FsUserInfo, FsTabs, FsThemeModeSet },
components: { FsThemeSet, MenuFoldOutlined, MenuUnfoldOutlined, FsMenu, FsLocale, FsSourceLink, FsUserInfo, FsTabs, FsThemeModeSet, VipButton },
setup() {
const resourceStore = useResourceStore();
const frameworkMenus = computed(() => {
@@ -133,6 +134,7 @@ export default {
.fs-framework {
height: 100%;
overflow-x: hidden;
min-width: 1200px;
.menu-fold {
display: flex;
justify-content: center;
@@ -174,34 +176,41 @@ export default {
padding: 5px;
}
}
.header-buttons {
display: flex;
align-items: center;
& > * {
cursor: pointer;
padding: 0 10px;
}
height: 100%;
& > .header-btn {
display: inline-flex;
justify-content: center;
.ant-layout-header.header {
display: flex;
justify-content: space-between;
align-items: center;
.header-buttons {
display: flex;
align-items: center;
& > * {
cursor: pointer;
padding: 0 10px;
}
height: 100%;
//border-bottom: 1px solid rgba(255, 255, 255, 0);
&:hover {
background-color: #fff;
& > .header-btn {
display: inline-flex;
justify-content: center;
align-items: center;
height: 100%;
//border-bottom: 1px solid rgba(255, 255, 255, 0);
&:hover {
background-color: #fff;
}
}
}
.header-right {
justify-content: flex-end;
align-items: center;
display: flex;
}
.header-menu {
flex: 1;
}
}
.header-right {
justify-content: flex-end;
align-items: center;
display: flex;
}
.header-menu {
flex: 1;
}
.aside-menu {
flex: 1;
ui {

2
packages/ui/certd-client/src/layout/layout-outside.vue
View File

@@ -1,7 +1,6 @@
<template>
<div id="userLayout" :class="['user-layout-wrapper']">
<div class="login-container flex-center">
<div class="user-layout-lang"></div>
<div class="user-layout-content">
<div class="top flex flex-col items-center justify-center">
<div class="header flex flex-row items-center">
@@ -146,7 +145,6 @@ export default {
// position: absolute;
width: 100%;
bottom: 0;
padding: 0 16px;
margin: 48px 0 24px;
text-align: center;

1
packages/ui/certd-client/src/router/index.ts
View File

@@ -33,6 +33,7 @@ router.beforeEach(async (to, from, next) => {
// 请根据自身业务需要修改
const token = userStore.getToken;
if (token) {
await userStore.init();
next();
} else {
// 没有登录的时候跳转到登录界面

14
packages/ui/certd-client/src/store/modules/settings.ts
View File

@@ -5,7 +5,7 @@ import _ from "lodash-es";
import { LocalStorage } from "/src/utils/util.storage";
import * as basicApi from "/@/api/modules/api.basic";
import { SysPublicSetting } from "/@/api/modules/api.basic";
import { SysInstallInfo, SysPublicSetting } from "/@/api/modules/api.basic";
export type ThemeToken = {
token: {
@@ -21,6 +21,9 @@ export interface SettingState {
themeConfig?: ThemeConfig;
themeToken: ThemeToken;
sysPublic?: SysPublicSetting;
installInfo?: {
siteId: string;
};
}
const defaultThemeConfig = {
@@ -39,6 +42,9 @@ export const useSettingStore = defineStore({
sysPublic: {
registerEnabled: false,
managerOtherUserPipeline: false
},
installInfo: {
siteId: ""
}
}),
getters: {
@@ -47,12 +53,18 @@ export const useSettingStore = defineStore({
},
getSysPublic(): SysPublicSetting {
return this.sysPublic;
},
getInstallInfo(): SysInstallInfo {
return this.installInfo;
}
},
actions: {
async loadSysSettings() {
const settings = await basicApi.getSysPublicSettings();
_.merge(this.sysPublic, settings);
const installInfo = await basicApi.getInstallInfo();
_.merge(this.installInfo, installInfo);
},
persistThemeConfig() {
LocalStorage.set(SETTING_THEME_KEY, this.getThemeConfig);

50
packages/ui/certd-client/src/store/modules/user.ts
View File

@@ -1,21 +1,28 @@
import { defineStore } from "pinia";
import { store } from "../index";
import router from "../../router";
// @ts-ignore
import { LocalStorage } from "/src/utils/util.storage";
// @ts-ignore
import * as UserApi from "/src/api/modules/api.user";
import { RegisterReq } from "/src/api/modules/api.user";
// @ts-ignore
import { LoginReq, UserInfoRes } from "/@/api/modules/api.user";
import { Modal, notification } from "ant-design-vue";
import { useI18n } from "vue-i18n";
import { mitter } from "/src/utils/util.mitt";
import { RegisterReq } from "/src/api/modules/api.user";
interface UserState {
userInfo: Nullable<UserInfoRes>;
token?: string;
plusInfo?: PlusInfo;
inited: boolean;
}
interface PlusInfo {
vipType: string;
expireTime: number;
isPlus: boolean;
}
const USER_INFO_KEY = "USER_INFO";
@@ -26,7 +33,10 @@ export const useUserStore = defineStore({
// user info
userInfo: null,
// token
token: undefined
token: undefined,
// plus
plusInfo: null,
inited: false
}),
getters: {
getUserInfo(): UserInfoRes {
@@ -37,6 +47,9 @@ export const useUserStore = defineStore({
},
isAdmin(): boolean {
return this.getUserInfo?.id === 1;
},
isPlus(): boolean {
return this.plusInfo?.isPlus && this.plusInfo?.expireTime > new Date().getTime();
}
},
actions: {
@@ -73,10 +86,7 @@ export const useUserStore = defineStore({
// save token
this.setToken(token, expire);
// get user info
const userInfo = await this.getUserInfoAction();
await router.replace("/");
mitter.emit("app.login", { userInfo, token: data });
return userInfo;
return await this.onLoginSuccess(data);
} catch (error) {
return null;
}
@@ -86,6 +96,19 @@ export const useUserStore = defineStore({
this.setUserInfo(userInfo);
return userInfo;
},
async onLoginSuccess(loginData: any) {
await this.getUserInfoAction();
await this.loadPlusInfo();
const userInfo = await this.getUserInfoAction();
mitter.emit("app.login", { userInfo, token: loginData, plusInfo: this.plusInfo });
await router.replace("/");
return userInfo;
},
async loadPlusInfo() {
this.plusInfo = await UserApi.getPlusInfo();
},
/**
* @description: logout
*/
@@ -108,6 +131,19 @@ export const useUserStore = defineStore({
await this.logout(true);
}
});
},
async init() {
if (this.inited) {
return;
}
if (this.getToken) {
await this.loadPlusInfo();
}
this.inited = true;
},
async reInit() {
this.inited = false;
await this.init();
}
}
});

31
packages/ui/certd-client/src/style/common.less
View File

@@ -14,9 +14,6 @@ html, body {
box-sizing: border-box;
}
body{
min-width: 1000px;
}
div#app {
height: 100%
}
@@ -48,6 +45,15 @@ h1, h2, h3, h4, h5, h6 {
vertical-align: 0 !important;
}
.pointer{
cursor: pointer;
}
.flex-center{
display: flex;
justify-content: center;
align-items: center;
}
.flex-o{
display: flex !important;
align-items: center;
@@ -62,7 +68,9 @@ h1, h2, h3, h4, h5, h6 {
flex: 1;
}
.mb-2{
margin-bottom:2px;
}
.ml-5{
margin-left:5px;
}
@@ -82,6 +90,9 @@ h1, h2, h3, h4, h5, h6 {
.mr-15{
margin-right: 15px;
}
.mt-5{
margin-top:5px;
}
.mt-10{
margin-top:10px;
}
@@ -108,3 +119,15 @@ h1, h2, h3, h4, h5, h6 {
.w-100{
width: 100%;
}
.block-header{
margin:3px;
padding-top: 15px;
padding-bottom:3px;
border-bottom: 1px solid #dedede;
}
.color-blue{
color: #1890ff;
}

16
packages/ui/certd-client/src/views/certd/access/common.tsx
View File

@@ -16,7 +16,7 @@ export function getCommonColumnDefine(crudExpose: any, typeRef: any) {
}
};
function buildDefineFields(define: any) {
function buildDefineFields(define: any, form: any) {
const formWrapperRef = crudExpose.getFormWrapperRef();
const columnsRef = toRef(formWrapperRef.formOptions, "columns");
@@ -32,7 +32,12 @@ export function getCommonColumnDefine(crudExpose: any, typeRef: any) {
...value,
key
};
columnsRef.value[key] = _.merge({ title: key }, defaultPluginConfig, field);
const column = _.merge({ title: key }, defaultPluginConfig, field);
if (column.value != null && _.get(form, key) == null) {
//设置默认值
_.set(form, key, column.value);
}
columnsRef.value[key] = column;
console.log("form", columnsRef.value);
});
}
@@ -55,13 +60,16 @@ export function getCommonColumnDefine(crudExpose: any, typeRef: any) {
rules: [{ required: true, message: "请选择类型" }],
valueChange: {
immediate: true,
async handle({ value, mode, form }) {
async handle({ value, mode, form, immediate }) {
if (value == null) {
return;
}
const define = await api.GetProviderDefine(value);
console.log("define", define);
buildDefineFields(define);
if (!immediate) {
form.access = {};
}
buildDefineFields(define, form);
}
}
},

4
packages/ui/certd-client/src/views/certd/pipeline/api.ts
View File

@@ -59,11 +59,11 @@ export function Save(pipelineEntity: any) {
});
}
export function Trigger(id: any) {
export function Trigger(id: any, stepId?: string) {
return request({
url: apiPrefix + "/trigger",
method: "post",
params: { id }
params: { id, stepId }
});
}

5
packages/ui/certd-client/src/views/certd/pipeline/certd-form/crud.tsx
View File

@@ -39,7 +39,8 @@ export default function (certPluginGroup: PluginGroup, formWrapperRef: any): Cre
form: {
wrapper: {
width: "1150px",
saveRemind: false
saveRemind: false,
title: "创建证书申请流水线"
}
},
columns: {
@@ -73,6 +74,8 @@ export default function (certPluginGroup: PluginGroup, formWrapperRef: any): Cre
type: "text",
form: {
component: {
name: "cron-editor",
vModel: "modelValue",
placeholder: "0 0 4 * * *"
},
helper: "请输入cron表达式, 例如0 0 4 * * *每天凌晨4点触发",

33
packages/ui/certd-client/src/views/certd/pipeline/crud.tsx
View File

@@ -2,7 +2,7 @@ import * as api from "./api";
import { useI18n } from "vue-i18n";
import { computed, ref } from "vue";
import { useRouter } from "vue-router";
import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes, useUi } from "@fast-crud/fast-crud";
import { statusUtil } from "/@/views/certd/pipeline/pipeline/utils/util.status";
import { nanoid } from "nanoid";
import { message, Modal } from "ant-design-vue";
@@ -29,9 +29,16 @@ export default function ({ crudExpose, context: { certdFormRef } }: CreateCrudOp
};
const addRequest = async ({ form }: AddReq) => {
form.content = JSON.stringify({
title: form.title
});
if (form.content == null) {
form.content = JSON.stringify({
title: form.title
});
} else {
const content = JSON.parse(form.content);
content.title = form.title;
form.content = JSON.stringify(content);
}
const res = await api.AddObj(form);
lastResRef.value = res;
return res;
@@ -112,7 +119,7 @@ export default function ({ crudExpose, context: { certdFormRef } }: CreateCrudOp
},
addCertd: {
order: 1,
text: "添加证书流水线",
text: "创建证书流水线",
type: "primary",
click() {
addCertdPipeline();
@@ -136,6 +143,18 @@ export default function ({ crudExpose, context: { certdFormRef } }: CreateCrudOp
router.push({ path: "/certd/pipeline/detail", query: { id: row.id, editMode: "false" } });
}
},
copy: {
click: async (context) => {
const { ui } = useUi();
// @ts-ignore
const row = context[ui.tableColumn.row];
row.title = row.title + "_copy";
await crudExpose.openCopy({
row: row,
index: context.index
});
}
},
config: {
order: 1,
title: null,
@@ -158,7 +177,7 @@ export default function ({ crudExpose, context: { certdFormRef } }: CreateCrudOp
const files = await api.GetFiles(row.id);
Modal.success({
title: "文件下载",
okText: "↑↑↑ 点击链接下载",
okText: "↑↑↑ 点击上面链接下载",
content: () => {
const children = [];
for (const file of files) {
@@ -342,7 +361,7 @@ export default function ({ crudExpose, context: { certdFormRef } }: CreateCrudOp
title: "历史记录保持数",
type: "number",
form: {
value: 30,
value: 20,
helper: "历史记录保持条数,多余的会被删除"
},
column: {

6
packages/ui/certd-client/src/views/certd/pipeline/detail.vue
View File

@@ -54,9 +54,9 @@ export default defineComponent({
content: JSON.stringify(pipelineConfig)
});
},
async doTrigger(options: { pipelineId: number }) {
const { pipelineId } = options;
await api.Trigger(pipelineId);
async doTrigger(options: { pipelineId: number; stepId?: string }) {
const { pipelineId, stepId } = options;
await api.Trigger(pipelineId, stepId);
}
};

2
packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/history-timeline-item.vue
View File

@@ -5,7 +5,7 @@
</template>
<p>
<fs-date-format :model-value="runnable.status?.startTime"></fs-date-format>
<a-tag class="ml-1" :color="status.color" :closable="status.value === 'start'" @close="cancelTask">
<a-tag class="ml-5" :color="status.color" :closable="status.value === 'start'" @close="cancelTask">
{{ status.label }}
</a-tag>
<a-tag v-if="isCurrent" class="pointer" color="green" :closable="true" @close="cancel">当前</a-tag>

10
packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/output-selector/index.vue
View File

@@ -12,6 +12,9 @@ export default {
modelValue: {
type: String,
default: undefined
},
from: {
type: String
}
},
emits: ["update:modelValue"],
@@ -23,7 +26,7 @@ export default {
const currentStepIndex = inject("currentStepIndex") as Ref<number>;
const currentTask = inject("currentTask") as Ref<any>;
const getPluginGroups = inject("getPluginGroups") as Ref<any>;
const getPluginGroups = inject("getPluginGroups") as any;
const pluginGroups = getPluginGroups();
function onCreate() {
options.value = pluginGroups.getPreStepOutputOptions({
@@ -32,6 +35,9 @@ export default {
currentStepIndex: currentStepIndex.value,
currentTask: currentTask.value
});
if (props.from) {
options.value = options.value.filter((item: any) => item.type === props.from);
}
if (props.modelValue == null && options.value.length > 0) {
ctx.emit("update:modelValue", options.value[0].value);
}
@@ -42,7 +48,7 @@ export default {
watch(
() => {
return pluginGroups.value.map;
return pluginGroups.value?.map;
},
() => {
onCreate();

2
packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/status-show.vue
View File

@@ -1,5 +1,5 @@
<template>
<span v-if="statusRef" class="pi-status-show">
<span v-if="statusRef" class="pi-status-show flex-o">
<template v-if="type === 'icon'">
<fs-icon class="status-icon" v-bind="statusRef" :style="{ color: statusRef.color }" />
</template>

68
packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/step-form/index.vue
View File

@@ -25,6 +25,7 @@
<template #title>
<a-avatar :src="item.icon || '/images/plugin.png'" />
<span class="title">{{ item.title }}</span>
<vip-button v-if="item.needPlus" mode="icon" />
</template>
<template #description>
<span :title="item.desc">{{ item.desc }}</span>
@@ -61,24 +62,7 @@
<fs-form-item v-model="currentStep.input[key]" :item="item" :get-context-fn="blankFn" />
</template>
<fs-form-item
v-model="currentStep.strategy.runStrategy"
:item="{
title: '运行策略',
key: 'strategy.runStrategy',
component: {
name: 'a-select',
vModel: 'value',
options: [
{ value: 0, label: '正常运行(证书申请任务请选择它)' },
{ value: 1, label: '成功后跳过(非证书任务请选择它)' }
]
},
helper: '该任务运行成功一次之后下次运行是否跳过,保持默认即可',
rules: [{ required: true, message: '此项必填' }]
}"
:get-context-fn="blankFn"
/>
<fs-form-item v-model="currentStep.strategy.runStrategy" :item="runStrategyProps" :get-context-fn="blankFn" />
</a-form>
<template #footer>
@@ -98,6 +82,7 @@ import _ from "lodash-es";
import { nanoid } from "nanoid";
import { CopyOutlined } from "@ant-design/icons-vue";
import { PluginGroups } from "/@/views/certd/pipeline/pipeline/type";
import { useUserStore } from "/@/store/modules/user";
export default {
name: "PiStepForm",
@@ -115,6 +100,7 @@ export default {
* @returns
*/
function useStepForm() {
const useStore = useUserStore();
const getPluginGroups: any = inject("getPluginGroups");
const pluginGroups: PluginGroups = getPluginGroups();
const mode: Ref = ref("add");
@@ -134,6 +120,10 @@ export default {
});
const stepTypeSelected = (item: any) => {
if (item.needPlus && !useStore.isPlus) {
message.warn("此插件需要开通专业版才能使用");
throw new Error("此插件需要开通专业版才能使用");
}
currentStep.value.type = item.name;
currentStep.value.title = item.title;
console.log("currentStepTypeChanged:", currentStep.value);
@@ -145,18 +135,12 @@ export default {
message.warn("请先选择类型");
return;
}
// 给step的input设置默认值
changeCurrentPlugin(currentStep.value);
//赋初始
//合并默认
_.merge(currentStep.value, { input: {}, strategy: { runStrategy: 0 } }, currentPlugin.value.default, currentStep.value);
for (const key in currentPlugin.value.input) {
const input = currentPlugin.value.input[key];
if (input.default != null) {
currentStep.value.input[key] = input.default ?? input.value;
}
}
};
const stepDrawerShow = () => {
@@ -229,7 +213,7 @@ export default {
}
}
//设置初始值
if (input.default != null && currentStep.value.input[key] == null) {
if ((input.default != null || input.value != null) && currentStep.value.input[key] == null) {
currentStep.value.input[key] = input.default ?? input.value;
}
}
@@ -296,10 +280,36 @@ export default {
};
}
const runStrategyProps = ref({
title: "运行策略",
key: "strategy.runStrategy",
component: {
name: "a-select",
vModel: "value",
options: [
{ value: 0, label: "正常运行(证书申请任务请选择它)" },
{ value: 1, label: "成功后跳过(非证书任务请选择它)" }
]
},
helper: {
render: () => {
return (
<div>
<div>正常运行每次都运行证书任务需要每次都运行</div>
<div>成功后跳过在证书没变化时该任务成功一次之后跳过不重复部署</div>
<div>保持默认即可如果你想要再次测试部署可以临时设置为正常运行</div>
</div>
);
}
},
rules: [{ required: true, message: "此项必填" }]
});
return {
...useStepForm(),
labelCol: { span: 6 },
wrapperCol: { span: 16 }
wrapperCol: { span: 16 },
runStrategyProps
};
}
};
@@ -345,7 +355,7 @@ export default {
overflow-y: hidden;
.ant-card-meta-description {
font-size: 10px;
font-size: 12px;
line-height: 20px;
height: 40px;
color: #7f7f7f;

12
packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/trigger-form/index.vue
View File

@@ -15,13 +15,7 @@
</template>
<template v-if="currentTrigger">
<pi-container>
<a-form
ref="triggerFormRef"
class="trigger-form"
:model="currentTrigger"
:label-col="labelCol"
:wrapper-col="wrapperCol"
>
<a-form ref="triggerFormRef" class="trigger-form" :model="currentTrigger" :label-col="labelCol" :wrapper-col="wrapperCol">
<fs-form-item
v-model="currentTrigger.title"
:item="{
@@ -59,8 +53,8 @@
key: 'props.cron',
component: {
disabled: !editMode,
name: 'a-input',
vModel: 'value'
name: 'cron-editor',
vModel: 'modelValue'
},
helper: 'cron表达式例如 0 0 3 * * * 表示每天凌晨3点触发',
rules: [{ required: true, message: '此项必填' }]

26
packages/ui/certd-client/src/views/certd/pipeline/pipeline/index.vue
View File

@@ -82,10 +82,20 @@
</div>
<div class="task">
<a-button shape="round" @click="taskEdit(stage, index, task, taskIndex)">
<span class="flex-o w-100">
<span class="ellipsis flex-1" :class="{ 'mr-15': editMode }">{{ task.title }}</span>
<pi-status-show :status="task.status?.result"></pi-status-show>
</span>
<a-popover title="步骤">
<!-- :open="true"-->
<template #content>
<div v-for="(item, index) of task.steps" class="flex-o w-100">
<span class="ellipsis flex-1">{{ index + 1 }}. {{ item.title }} </span>
<pi-status-show :status="item.status?.result"></pi-status-show>
<fs-icon class="pointer color-blue" title="重新运行此步骤" icon="SyncOutlined" @click="run(item.id)"></fs-icon>
</div>
</template>
<span class="flex-o w-100">
<span class="ellipsis flex-1" :class="{ 'mr-15': editMode }">{{ task.title }}</span>
<pi-status-show :status="task.status?.result"></pi-status-show>
</span>
</a-popover>
</a-button>
<fs-icon v-if="editMode" class="copy" title="复制" icon="ion:copy-outline" @click="taskCopy(stage, index, task)"></fs-icon>
</div>
@@ -226,10 +236,11 @@ import { nanoid } from "nanoid";
import { PipelineDetail, PipelineOptions, PluginGroups, RunHistory } from "./type";
import type { Runnable } from "@certd/pipeline";
import PiHistoryTimelineItem from "/@/views/certd/pipeline/pipeline/component/history-timeline-item.vue";
import { FsIcon } from "@fast-crud/fast-crud";
export default defineComponent({
name: "PipelineEdit",
// eslint-disable-next-line vue/no-unused-components
components: { PiHistoryTimelineItem, PiTaskForm, PiTriggerForm, PiTaskView, PiStatusShow, PiNotificationForm },
components: { FsIcon, PiHistoryTimelineItem, PiTaskForm, PiTriggerForm, PiTaskView, PiStatusShow, PiNotificationForm },
props: {
pipelineId: {
type: [Number, String],
@@ -529,7 +540,7 @@ export default defineComponent({
function useActions() {
const saveLoading = ref();
const run = async () => {
const run = async (stepId?: string) => {
if (props.editMode) {
message.warn("请先保存,再运行管道");
return;
@@ -549,11 +560,12 @@ export default defineComponent({
//@ts-ignore
await changeCurrentHistory(null);
watchNewHistoryList();
await props.options.doTrigger({ pipelineId: pipeline.value.id });
await props.options.doTrigger({ pipelineId: pipeline.value.id, stepId: stepId });
notification.success({ message: "管道已经开始运行" });
}
});
};
function toggleEditMode(editMode: boolean) {
ctx.emit("update:editMode", editMode);
}

2
packages/ui/certd-client/src/views/certd/pipeline/pipeline/type.ts
View File

@@ -117,7 +117,7 @@ export class PluginGroups {
}
export type PipelineOptions = {
doTrigger(options: { pipelineId: number }): Promise<void>;
doTrigger(options: { pipelineId: number; stepId?: string }): Promise<void>;
doSave(pipelineConfig: Pipeline): Promise<void>;
getPipelineDetail(query: { pipelineId: number }): Promise<PipelineDetail>;
getHistoryList(query: { pipelineId: number }): Promise<RunHistory[]>;

117
packages/ui/certd-client/src/views/certd/settings/email-setting.vue
View File

@@ -1,49 +1,77 @@
<template>
<fs-page class="page-setting-email">
<template #header>
<div class="title">邮件设置</div>
<div class="title">
邮件设置
<span class="sub">设置邮件发送服务器</span>
</div>
</template>
<div class="email-form">
<a-form :model="formState" name="basic" :label-col="{ span: 8 }" :wrapper-col="{ span: 16 }" autocomplete="off" @finish="onFinish" @finish-failed="onFinishFailed">
<a-form-item label="SMTP域名" name="host" :rules="[{ required: true, message: '请输入smtp域名或ip' }]">
<a-input v-model:value="formState.host" />
</a-form-item>
<a-form-item label="SMTP端口" name="port" :rules="[{ required: true, message: '请输入smtp端口号' }]">
<a-input v-model:value="formState.port" />
</a-form-item>
<a-form-item label="用户名" :name="['auth', 'user']" :rules="[{ required: true, message: '请输入用户名' }]">
<a-input v-model:value="formState.auth.user" />
</a-form-item>
<a-form-item label="密码" :name="['auth', 'pass']" :rules="[{ required: true, message: '请输入密码' }]">
<a-input-password v-model:value="formState.auth.pass" />
<div class="helper">如果是qq邮箱需要到qq邮箱的设置里面申请授权码作为密码</div>
</a-form-item>
<a-form-item label="发件邮箱" name="sender" :rules="[{ required: true, message: '请输入发件邮箱' }]">
<a-input v-model:value="formState.sender" />
</a-form-item>
<a-form-item label="是否ssl" name="secure">
<a-switch v-model:checked="formState.secure" />
<div class="helper">ssl和非ssl的smtp端口是不一样的注意修改端口</div>
</a-form-item>
<a-form-item label="忽略证书校验" name="tls.rejectUnauthorized">
<a-switch v-model:checked="formState.tls.rejectUnauthorized" />
</a-form-item>
<a-form-item :wrapper-col="{ offset: 8, span: 16 }">
<a-button type="primary" html-type="submit">保存</a-button>
</a-form-item>
</a-form>
<div>
<a-form :model="testFormState" name="basic" :label-col="{ span: 8 }" :wrapper-col="{ span: 16 }" autocomplete="off" @finish="onTestSend">
<a-form-item label="测试收件邮箱" name="receiver" :rules="[{ required: true, message: '请输入测试收件邮箱' }]">
<a-input v-model:value="testFormState.receiver" />
<div class="flex-o">
<div v-if="!formState.usePlus" class="email-form">
<a-form
:model="formState"
name="basic"
:label-col="{ span: 8 }"
:wrapper-col="{ span: 16 }"
autocomplete="off"
@finish="onFinish"
@finish-failed="onFinishFailed"
>
<a-form-item label="使用自定义邮件服务器"> </a-form-item>
<a-form-item label="SMTP域名" name="host" :rules="[{ required: true, message: '请输入smtp域名或ip' }]">
<a-input v-model:value="formState.host" />
</a-form-item>
<a-form-item label="SMTP端口" name="port" :rules="[{ required: true, message: '请输入smtp端口号' }]">
<a-input v-model:value="formState.port" />
</a-form-item>
<a-form-item label="用户名" :name="['auth', 'user']" :rules="[{ required: true, message: '请输入用户名' }]">
<a-input v-model:value="formState.auth.user" />
</a-form-item>
<a-form-item label="密码" :name="['auth', 'pass']" :rules="[{ required: true, message: '请输入密码' }]">
<a-input-password v-model:value="formState.auth.pass" />
<div class="helper">如果是qq邮箱需要到qq邮箱的设置里面申请授权码作为密码</div>
</a-form-item>
<a-form-item label="发件邮箱" name="sender" :rules="[{ required: true, message: '请输入发件邮箱' }]">
<a-input v-model:value="formState.sender" />
</a-form-item>
<a-form-item label="是否ssl" name="secure">
<a-switch v-model:checked="formState.secure" />
<div class="helper">ssl和非ssl的smtp端口是不一样的注意修改端口</div>
</a-form-item>
<a-form-item label="忽略证书校验" name="tls.rejectUnauthorized">
<a-switch v-model:checked="formState.tls.rejectUnauthorized" />
</a-form-item>
<a-form-item :wrapper-col="{ offset: 8, span: 16 }">
<a-button type="primary" html-type="submit">测试</a-button>
<a-button type="primary" html-type="submit">保存</a-button>
</a-form-item>
</a-form>
</div>
<div class="email-form">
<a-form :label-col="{ span: 8 }" :wrapper-col="{ span: 16 }">
<a-form-item label="使用官方邮件服务器">
<div class="flex-o">
<a-switch v-model:checked="formState.usePlus" :disabled="!userStore.isPlus" @change="onUsePlusChanged" />
<vip-button class="ml-5" mode="button"></vip-button>
</div>
<div class="helper">使用官方邮箱服务器直接发邮件免除繁琐的配置</div>
</a-form-item>
</a-form>
</div>
</div>
<div class="email-form">
<a-form :model="testFormState" name="basic" :label-col="{ span: 8 }" :wrapper-col="{ span: 16 }" autocomplete="off" @finish="onTestSend">
<a-form-item label="测试收件邮箱" name="receiver" :rules="[{ required: true, message: '请输入测试收件邮箱' }]">
<a-input v-model:value="testFormState.receiver" />
<div class="helper">发送失败可以试试使用官方邮件服务器</div>
</a-form-item>
<a-form-item :wrapper-col="{ offset: 8, span: 16 }">
<a-button type="primary" :loading="testFormState.loading" html-type="submit">测试</a-button>
</a-form-item>
</a-form>
</div>
</fs-page>
</template>
@@ -55,6 +83,7 @@ import * as emailApi from "./api.email";
import { SettingKeys } from "./api";
import { notification } from "ant-design-vue";
import { useUserStore } from "/@/store/modules/user";
interface FormState {
host: string;
@@ -69,6 +98,7 @@ interface FormState {
rejectUnauthorized?: boolean;
};
sender: string;
usePlus: boolean;
}
const formState = reactive<Partial<FormState>>({
@@ -76,7 +106,8 @@ const formState = reactive<Partial<FormState>>({
user: "",
pass: ""
},
tls: {}
tls: {},
usePlus: false
});
async function load() {
@@ -99,6 +130,10 @@ const onFinishFailed = (errorInfo: any) => {
// console.log("Failed:", errorInfo);
};
async function onUsePlusChanged() {
await api.SettingsSave(SettingKeys.Email, formState);
}
interface TestFormState {
receiver: string;
loading: boolean;
@@ -118,6 +153,8 @@ async function onTestSend() {
testFormState.loading = false;
}
}
const userStore = useUserStore();
</script>
<style lang="less">
@@ -127,9 +164,9 @@ async function onTestSend() {
margin: 20px;
}
.helper{
padding:1px;
margin:0px;
.helper {
padding: 1px;
margin: 0px;
color: #999;
font-size: 10px;
}

6
packages/ui/certd-server/.dockerignore
View File

@@ -14,6 +14,6 @@ run/
.tsbuildinfo
.tsbuildinfo.*
/data/db.sqlite
/tools/windows/
*/node_modules
certd-server/tools/windows/
.clinic

6
packages/ui/certd-server/.env.development.yaml
View File

@@ -1,3 +1,9 @@
koa:
port: 7001
#plus:
# server:
# baseUrl: 'http://127.0.0.1:11007'
plus:
server:
baseUrl: 'https://api.ai.handsfree.work'

10
packages/ui/certd-server/.env.pgdev.yaml
View File

@@ -1,6 +1,3 @@
koa:
port: 7001
flyway:
scriptDir: './db/migration-pg'
@@ -14,3 +11,10 @@ typeorm:
password: root
database: postgres
#plus:
# server:
# baseUrl: 'https://api.ai.handsfree.work'
plus:
server:
baseUrl: 'http://127.0.0.1:11007'

4
packages/ui/certd-server/.env.preview.yaml
View File

@@ -1,2 +1,2 @@
koa:
port: 7001
preview:
enabled: true

14
packages/ui/certd-server/.env.production.yaml
View File

@@ -1,2 +1,12 @@
koa:
port: 7001
preview:
enabled: false
typeorm:
dataSource:
default:
logging: false
plus:
server:
baseUrl: 'https://api.ai.handsfree.work'

1
packages/ui/certd-server/.gitignore vendored
View File

@@ -16,3 +16,4 @@ run/
/test/setup.js
/test/setup.ts
/data/
.clinic

44
packages/ui/certd-server/CHANGELOG.md
View File

@@ -3,6 +3,50 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.24.1](https://github.com/certd/certd/compare/v1.24.0...v1.24.1) (2024-09-02)
### Performance Improvements
* 部署插件支持宝塔、易盾云等 ([ee61709](https://github.com/certd/certd/commit/ee617095efa1171548cf52fd45f0f98a368555a3))
* 授权配置支持加密 ([42a56b5](https://github.com/certd/certd/commit/42a56b581d754c3e5f9838179d19ab0d004ef2eb))
* 优化内存占用 ([db61033](https://github.com/certd/certd/commit/db6103363364440b650bc10bb334834e4a9470c7))
* 支持阿里云 DCDN ([98b77f8](https://github.com/certd/certd/commit/98b77f80843834616fb26f83b4c42245326abd06))
* 支持已跳过的步骤重新运行 ([ea775ad](https://github.com/certd/certd/commit/ea775adae18d57a04470cfba6b9460d761d74035))
* 支持cdnfly ([724a850](https://github.com/certd/certd/commit/724a85028b4a7146c9e3b4df4497dcf2a7bf7c67))
* 支持ftp上传 ([b9bddbf](https://github.com/certd/certd/commit/b9bddbfabb5664365f1232e9432532187c98006c))
# [1.24.0](https://github.com/certd/certd/compare/v1.23.1...v1.24.0) (2024-08-25)
### Bug Fixes
* 部署到腾讯云cdn选择证书任务步骤限制只能选证书 ([3345c14](https://github.com/certd/certd/commit/3345c145b802170f75a098a35d0c4b8312efcd17))
* 修复成功后跳过之后丢失腾讯云证书id的bug ([37eb762](https://github.com/certd/certd/commit/37eb762afe25c5896b75dee25f32809f8426e7b7))
* 修复创建流水线后立即运行时报no id错误的bug ([17ead54](https://github.com/certd/certd/commit/17ead547aab25333603980304aa3aad3db1f73d5))
* 修复执行日志没有清理的bug ([22a3363](https://github.com/certd/certd/commit/22a336370a88a7df2a23c967043bae153da71ed5))
* 修复ssh无法连接成功无法执行命令的bug ([41b9837](https://github.com/certd/certd/commit/41b9837582323fb400ef8525ce65e8b37ad4b36f))
### Features
* 支持ECC类型 ([a7424e0](https://github.com/certd/certd/commit/a7424e02f5c7e02ac1688791040785920ce67473))
### Performance Improvements
* 更新k8s底层api库 ([746bb9d](https://github.com/certd/certd/commit/746bb9d385e2f397daef4976eca1d4782a2f5ebd))
* 优化成功后跳过的提示 ([7b451bb](https://github.com/certd/certd/commit/7b451bbf6e6337507f4627b5a845f5bd96ab4f7b))
* 优化证书申请成功率 ([968c469](https://github.com/certd/certd/commit/968c4690a07f69c08dcb3d3a494da4e319627345))
* 优化dnspod的token id 说明 ([790bf11](https://github.com/certd/certd/commit/790bf11af06d6264ef74bc1bb919661f0354239a))
* email proxy ([453f1ba](https://github.com/certd/certd/commit/453f1baa0b9eb0f648aa1b71ccf5a95b202ce13f))
## [1.23.1](https://github.com/certd/certd/compare/v1.23.0...v1.23.1) (2024-08-06)
### Bug Fixes
* 修复模糊查询无效的bug ([9355917](https://github.com/certd/certd/commit/93559174c780173f0daec7cdbd1f72f8d5c504d5))
### Performance Improvements
* 优化插件字段的default value ([24c7be2](https://github.com/certd/certd/commit/24c7be2c9cb39c14f7a97b674127c88033280b02))
# [1.23.0](https://github.com/certd/certd/compare/v1.22.9...v1.23.0) (2024-08-05)
### Bug Fixes

10
packages/ui/certd-server/db/migration-pg/v00001__init.sql
View File

@@ -1,5 +1,5 @@
-- 表sys_permission
CREATE TABLE "sys_permission" ("id" integer PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "title" varchar(100) NOT NULL, "permission" varchar(100), "parent_id" integer NOT NULL DEFAULT (-1), "sort" integer NOT NULL, "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
CREATE TABLE "sys_permission" ("id" bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "title" varchar(100) NOT NULL, "permission" varchar(100), "parent_id" bigint NOT NULL DEFAULT (-1), "sort" bigint NOT NULL, "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
INSERT INTO sys_permission (id, title, permission, parent_id, sort ) VALUES (1, '系统管理', 'sys', -1, 1);
INSERT INTO sys_permission (id, title, permission, parent_id, sort ) VALUES (2, '权限管理', 'sys:auth', 1, 1 );
INSERT INTO sys_permission (id, title, permission, parent_id, sort ) VALUES (3, '用户管理', 'sys:auth:user', 2, 1);
@@ -22,12 +22,12 @@ INSERT INTO sys_permission (id, title, permission, parent_id, sort ) VALUES (18,
-- 表sys_role
CREATE TABLE "sys_role" ("id" integer PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "name" varchar(100) NOT NULL, "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
CREATE TABLE "sys_role" ("id" bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "name" varchar(100) NOT NULL, "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
INSERT INTO sys_role (id, name ) VALUES (1, '管理员');
INSERT INTO sys_role (id, name ) VALUES (2, '只读角色');
-- 表sys_role_permission
CREATE TABLE "sys_role_permission" ("role_id" integer NOT NULL, "permission_id" integer NOT NULL, PRIMARY KEY ("role_id", "permission_id"));
CREATE TABLE "sys_role_permission" ("role_id" bigint NOT NULL, "permission_id" bigint NOT NULL, PRIMARY KEY ("role_id", "permission_id"));
INSERT INTO sys_role_permission (role_id, permission_id) VALUES (1, 1);
INSERT INTO sys_role_permission (role_id, permission_id) VALUES (1, 2);
INSERT INTO sys_role_permission (role_id, permission_id) VALUES (1, 3);
@@ -59,12 +59,12 @@ INSERT INTO sys_role_permission (role_id, permission_id) VALUES (2, 7);
INSERT INTO sys_role_permission (role_id, permission_id) VALUES (2, -1);
-- 表sys_user
CREATE TABLE "sys_user" ("id" integer PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "username" varchar(100) NOT NULL, "password" varchar(50) NOT NULL, "nick_name" varchar(50), "avatar" varchar(255), "phone_code" varchar(20), "mobile" varchar(20), "email" varchar(100),"remark" varchar(100), "status" integer NOT NULL DEFAULT (1), "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
CREATE TABLE "sys_user" ("id" bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "username" varchar(100) NOT NULL, "password" varchar(50) NOT NULL, "nick_name" varchar(50), "avatar" varchar(255), "phone_code" varchar(20), "mobile" varchar(20), "email" varchar(100),"remark" varchar(100), "status" bigint NOT NULL DEFAULT (1), "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
INSERT INTO sys_user (id, username, password, nick_name, avatar, phone_code, mobile, email, status ,remark) VALUES (1, 'admin', 'e10adc3949ba59abbe56e057f20f883e', 'admin', NULL, NULL, NULL, NULL, 1,NULL);
INSERT INTO sys_user (id, username, password, nick_name, avatar, phone_code, mobile, email, status ,remark) VALUES (2, 'readonly', 'e10adc3949ba59abbe56e057f20f883e', '只读用户', NULL, NULL, NULL, NULL, 1,'密码123456');
-- 表sys_user_role
CREATE TABLE "sys_user_role" ("role_id" integer NOT NULL, "user_id" integer NOT NULL, PRIMARY KEY ("role_id", "user_id"));
CREATE TABLE "sys_user_role" ("role_id" bigint NOT NULL, "user_id" bigint NOT NULL, PRIMARY KEY ("role_id", "user_id"));
INSERT INTO sys_user_role (role_id, user_id) VALUES (1, 1);
INSERT INTO sys_user_role (role_id, user_id) VALUES (2, 2);

12
packages/ui/certd-server/db/migration-pg/v10000__certd.sql
View File

@@ -5,20 +5,20 @@
--
-- 表cd_access
CREATE TABLE "cd_access" ("id" integer PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" integer NOT NULL, "name" varchar(100) NOT NULL, "type" varchar(100) NOT NULL, "setting" varchar(1024), "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
CREATE TABLE "cd_access" ("id" bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" bigint NOT NULL, "name" varchar(100) NOT NULL, "type" varchar(100) NOT NULL, "setting" varchar(1024), "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
-- 表cd_cert
CREATE TABLE "cd_cert" ("id" integer PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" integer NOT NULL, "domains" varchar(2048) NOT NULL, "email" varchar(100) NOT NULL, "cert_issuer_id" integer, "challenge_type" varchar(100), "challenge_dns_type" varchar(100),"challenge_access_id" integer, "country" varchar(100), "state" varchar(100), "locality" varchar(100), "organization" varchar(100), "organization_unit" varchar(100), "remark" varchar(100), "last_history_id" integer, "last_success_id" integer, "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
CREATE TABLE "cd_cert" ("id" bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" bigint NOT NULL, "domains" varchar(2048) NOT NULL, "email" varchar(100) NOT NULL, "cert_issuer_id" bigint, "challenge_type" varchar(100), "challenge_dns_type" varchar(100),"challenge_access_id" bigint, "country" varchar(100), "state" varchar(100), "locality" varchar(100), "organization" varchar(100), "organization_unit" varchar(100), "remark" varchar(100), "last_history_id" bigint, "last_success_id" bigint, "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
-- 表cd_cert_apply_history
CREATE TABLE "cd_cert_apply_history" ("id" integer PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" integer NOT NULL, "cert_id" integer NOT NULL, "success" boolean, "result" varchar(1024), "cert_crt" varchar(1024), "cert_key" varchar(1024), "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
CREATE TABLE "cd_cert_apply_history" ("id" bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" bigint NOT NULL, "cert_id" bigint NOT NULL, "success" boolean, "result" varchar(1024), "cert_crt" varchar(1024), "cert_key" varchar(1024), "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
-- 表cd_cert_issuer
CREATE TABLE "cd_cert_issuer" ("id" integer PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" integer NOT NULL, "type" varchar(20) NOT NULL, "account" varchar(100) NOT NULL, "private_key" varchar(1024), "setting" varchar, "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
CREATE TABLE "cd_cert_issuer" ("id" bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" bigint NOT NULL, "type" varchar(20) NOT NULL, "account" varchar(100) NOT NULL, "private_key" varchar(1024), "setting" varchar, "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
-- 表cd_task
CREATE TABLE "cd_task" ("id" integer PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" integer NOT NULL, "name" varchar(100), "type" varchar(100), "setting" varchar(2048), "cert_id" integer NOT NULL, "last_history_id" integer, "last_success_id" integer, "remark" varchar(100), "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
CREATE TABLE "cd_task" ("id" bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" bigint NOT NULL, "name" varchar(100), "type" varchar(100), "setting" varchar(2048), "cert_id" bigint NOT NULL, "last_history_id" bigint, "last_success_id" bigint, "remark" varchar(100), "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
-- 表cd_task_history
CREATE TABLE "cd_task_history" ("id" integer PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" integer NOT NULL, "task_id" integer NOT NULL, "cert_id" integer NOT NULL, "cert_apply_history_id" integer NOT NULL, "success" boolean, "result" varchar(2048), "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
CREATE TABLE "cd_task_history" ("id" bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" bigint NOT NULL, "task_id" bigint NOT NULL, "cert_id" bigint NOT NULL, "cert_apply_history_id" bigint NOT NULL, "success" boolean, "result" varchar(2048), "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));

8
packages/ui/certd-server/db/migration-pg/v10001__certdv2.sql
View File

@@ -1,7 +1,7 @@
CREATE TABLE "pi_history" ("id" integer PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" integer NOT NULL, "pipeline_id" integer NOT NULL, "pipeline" varchar(40960), "status" varchar(20), "end_time" timestamp, "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
CREATE TABLE "pi_history" ("id" bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" bigint NOT NULL, "pipeline_id" bigint NOT NULL, "pipeline" varchar(40960), "status" varchar(20), "end_time" timestamp, "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
CREATE TABLE "pi_history_log" ("id" integer PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" integer NOT NULL, "pipeline_id" integer NOT NULL, "history_id" integer NOT NULL, "node_id" varchar(100), "logs" varchar(40960), "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
CREATE TABLE "pi_history_log" ("id" bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" bigint NOT NULL, "pipeline_id" bigint NOT NULL, "history_id" bigint NOT NULL, "node_id" varchar(100), "logs" varchar(40960), "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
CREATE TABLE "pi_pipeline" ("id" integer PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" integer NOT NULL, "title" integer NOT NULL, "content" varchar(40960) NOT NULL, "keep_history_count" integer, "remark" varchar(100), "status" varchar(100), "disabled" boolean DEFAULT (false), "last_history_time" integer, "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
CREATE TABLE "pi_pipeline" ("id" bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" bigint NOT NULL, "title" bigint NOT NULL, "content" varchar(40960) NOT NULL, "keep_history_count" bigint, "remark" varchar(100), "status" varchar(100), "disabled" boolean DEFAULT (false), "last_history_time" bigint, "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
CREATE TABLE "pi_storage" ("id" integer PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" integer NOT NULL, "scope" varchar NOT NULL, "namespace" varchar NOT NULL, "version" varchar(100),"key" varchar(100), "value" varchar(40960), "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));
CREATE TABLE "pi_storage" ("id" bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL, "user_id" bigint NOT NULL, "scope" varchar NOT NULL, "namespace" varchar NOT NULL, "version" varchar(100),"key" varchar(100), "value" varchar(40960), "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP));

4
packages/ui/certd-server/db/migration-pg/v10002__settings.sql
View File

@@ -1,6 +1,6 @@
CREATE TABLE "sys_settings" (
"id" integer NOT NULL PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY ,
"user_id" integer NOT NULL,
"id" bigint NOT NULL PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY ,
"user_id" bigint NOT NULL,
"key" varchar(100) NOT NULL,
"title" varchar(100) NOT NULL,
"setting" varchar(1024),

2
packages/ui/certd-server/db/migration-pg/v10004__settings.sql
View File

@@ -1,7 +1,7 @@
ALTER TABLE "sys_settings" RENAME TO "user_settings";
CREATE TABLE "sys_settings" (
"id" integer NOT NULL PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY ,
"id" bigint NOT NULL PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY ,
"key" varchar(100) NOT NULL,
"title" varchar(100) NOT NULL,
"setting" varchar(1024),

2
packages/ui/certd-server/db/migration-pg/v10005__password2.sql
View File

@@ -1,5 +1,5 @@
INSERT INTO sys_settings (key, title, setting,access) VALUES ('sys.install','安装信息','{"installTime":'|| (select (timestamp) from flyway_history where id = 1 )||'}','private');
ALTER TABLE sys_user ADD COLUMN password_version integer DEFAULT 1;
ALTER TABLE sys_user ADD COLUMN password_version bigint DEFAULT 1;
ALTER TABLE sys_user ADD COLUMN password_salt varchar(36);
alter table sys_user alter column password type varchar(100) using password::varchar(100);

2
packages/ui/certd-server/db/migration-pg/v10006__pipeline_title.sql
View File

@@ -2,4 +2,4 @@ alter table pi_pipeline alter column title type varchar(100) using title::varcha
alter table pi_pipeline alter column content type text using content::text;
alter table pi_storage alter column value type text using value::text;
alter table pi_pipeline add "order" integer default 0;
alter table pi_pipeline add "order" bigint default 0;

5
packages/ui/certd-server/db/migration-pg/v10007__access_text.sql Normal file
View File

@@ -0,0 +1,5 @@
alter table cd_access alter column setting type text using setting::text;
alter table sys_settings alter column setting type text using setting::text;
alter table user_settings alter column setting type text using setting::text;
alter table pi_history_log alter column logs type text using logs::text;
alter table pi_history alter column pipeline type text using pipeline::text;

Some files were not shown because too many files have changed in this diff Show More