v1.25.9

# Conflicts:
#	packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/notification-form/index.vue

.github/workflows/build-image.yml

@@ -40,7 +40,7 @@ jobs:
 #          cache: 'npm'
 #        working-directory: ./packages/ui/certd-client
       - run: |
-          npm install -g pnpm
+          npm install -g pnpm@8.15.7
           pnpm install
           npm run build
         working-directory: ./packages/ui/certd-client
@@ -64,10 +64,10 @@ jobs:
           username: ${{ secrets.dockerhub_username }}
           password: ${{ secrets.dockerhub_password }}
 
-      - name: Build and push
+      - name: Build default platforms
         uses: docker/build-push-action@v6
         with:
-          platforms: linux/amd64,linux/arm64,linux/arm/v7
+          platforms: linux/amd64,linux/arm64
           push: true
           context: ./packages/ui/
           tags: |
@@ -75,3 +75,15 @@ jobs:
             registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}
             greper/certd:latest
             greper/certd:${{steps.get_certd_version.outputs.result}}
+
+      - name: Build armv7
+        uses: docker/build-push-action@v6
+        with:
+          platforms: linux/arm/v7
+          push: true
+          context: ./packages/ui/
+          tags: |
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-armv7
+            greper/certd:armv7
+            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7

CHANGELOG.md

@@ -3,6 +3,118 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+### Bug Fixes
+
+* 修复西部数码账户级别apikey不可用的bug ([f8f3e8b](https://github.com/certd/certd/commit/f8f3e8b43fd5d815887bcb53b95f46dc96424b79))
+
+### Performance Improvements
+
+* 增加等待插件 ([3ef0541](https://github.com/certd/certd/commit/3ef0541cc85ab6abf698ead3b258ae1ac156ef98))
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+### Bug Fixes
+
+* 修复pfxPassword无效的bug ([251e450](https://github.com/certd/certd/commit/251e450fabfe62405bac13e39f2153736c081ef0))
+
+### Performance Improvements
+
+* 群晖获取deviceid优化 ([8d42273](https://github.com/certd/certd/commit/8d4227366548eb70f6bc04303829e6933168f906))
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+### Bug Fixes
+
+* 修复某些地区被屏蔽无法激活专业版的bug ([7532a96](https://github.com/certd/certd/commit/7532a960851b84d4f2cc3dba02353c5235e1a364))
+
+### Performance Improvements
+
+* 上传到主机，支持socks代理 ([d91026d](https://github.com/certd/certd/commit/d91026dc4fbfe5fedc4ee8e43dc0d08f1cf88356))
+* 支持上传到七牛云oss ([bf024bd](https://github.com/certd/certd/commit/bf024bdda8bc2a463475be5761acf0da7317a08a))
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+### Bug Fixes
+
+* 修复中间证书复制错误的bug ([76e86ea](https://github.com/certd/certd/commit/76e86ea283ecbe4ec76cdc92b98457d0fef544ac))
+
+### Performance Improvements
+
+* 部署支持1Panel ([d047234](https://github.com/certd/certd/commit/d047234d98d31504f2e5a472b66e1b75806af26e))
+* 增加使用教程 ([9d9c021](https://github.com/certd/certd/commit/9d9c0218195af5b9896cce7109b26a433480571d))
+
+## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
+
+**Note:** Version bump only for package root
+
+## [1.25.4](https://github.com/certd/certd/compare/v1.25.3...v1.25.4) (2024-09-25)
+
+### Bug Fixes
+
+* 修复启动报授权验证失败的bug ([3460d3d](https://github.com/certd/certd/commit/3460d3ddca222ea702816ab805909d489eff957f))
+
+## [1.25.3](https://github.com/certd/certd/compare/v1.25.2...v1.25.3) (2024-09-24)
+
+### Bug Fixes
+
+* 修复upload to host trim错误 ([0f0ddb9](https://github.com/certd/certd/commit/0f0ddb9c5963fd643d6d203334efac471c43ec3b))
+
+## [1.25.2](https://github.com/certd/certd/compare/v1.25.1...v1.25.2) (2024-09-24)
+
+**Note:** Version bump only for package root
+
+## [1.25.1](https://github.com/certd/certd/compare/v1.25.0...v1.25.1) (2024-09-24)
+
+**Note:** Version bump only for package root
+
+# [1.25.0](https://github.com/certd/certd/compare/v1.24.4...v1.25.0) (2024-09-24)
+
+### Bug Fixes
+
+* 修复首次创建任务运行时不自动设置当前运行情况的bug ([ecd83ee](https://github.com/certd/certd/commit/ecd83ee136abdd3df9ed2f21ec2ff0f24c0ed9d9))
+
+### Features
+
+* 账号绑定 ([e046640](https://github.com/certd/certd/commit/e0466409d0c021bb415abd94df448c8a0d4799e9))
+* 支持中间证书 ([e86756e](https://github.com/certd/certd/commit/e86756e4c65a53dd23106d7ecbfe2fa987cc13f3))
+* 支持vip转移 ([361e8fe](https://github.com/certd/certd/commit/361e8fe7ae5877e23fd5de31bc919bedd09c57f5))
+
+### Performance Improvements
+
+* 群晖支持OTP双重验证登录 ([8b8039f](https://github.com/certd/certd/commit/8b8039f42bbce10a4d0e737cdeeeef9bb17bee5a))
+* 任务支持禁用 ([8ed16b3](https://github.com/certd/certd/commit/8ed16b3ea2dfe847357863a0bfa614e4fa5fc041))
+* 优化收件邮箱输入 ([22ef28f](https://github.com/certd/certd/commit/22ef28f6338a78465bd52ccbad13e66e80263b2f))
+* 优化主机登录失败提示 ([9de77b3](https://github.com/certd/certd/commit/9de77b327d39cff5ed6660ec53b58ba0eea18e5a))
+* 增加重启certd插件 ([48238d9](https://github.com/certd/certd/commit/48238d929e6c4afa1d428e4d35b9159d37a47ae0))
+* 证书支持旧版RSA，pkcs1 ([3d9c3ec](https://github.com/certd/certd/commit/3d9c3ecb3eb604b2458154f608bde0f01915d116))
+* 支持阿里云ACK证书部署 ([d331fea](https://github.com/certd/certd/commit/d331fea47789122650e057ec7c9e85ee8e66f09b))
+* 支持七牛云 ([8ecc2f9](https://github.com/certd/certd/commit/8ecc2f9446a9ebd11b9bfbffbb6cf7812a043495))
+* 支持k8s ingress secret ([e5a5d0a](https://github.com/certd/certd/commit/e5a5d0a607bb6b4e1a1f7a1a419bada5f2dee59f))
+* http请求增加默认超时时间 ([664bd86](https://github.com/certd/certd/commit/664bd863e5b4895aabe2384277c0c65f5902fdb2))
+* plugins增加图标 ([a8da658](https://github.com/certd/certd/commit/a8da658a9723342b4f43a579f7805bfef0648efb))
+
+## [1.24.4](https://github.com/certd/certd/compare/v1.24.3...v1.24.4) (2024-09-09)
+
+### Bug Fixes
+
+* 修复腾讯云cdn证书部署后会自动关闭hsts，http2.0等配置的bug ([7908ab7](https://github.com/certd/certd/commit/7908ab79da624c94fa05849925b15e480e3317c4))
+* 修复腾讯云tke证书部署报错的bug ([653f409](https://github.com/certd/certd/commit/653f409d91a441850d6381f89a8dd390831f0d5e))
+
+### Performance Improvements
+
+* 插件选择支持搜索 ([d1498a7](https://github.com/certd/certd/commit/d1498a71601b74d38343b1d070eadd03705dd9d5))
+* 前置任务步骤增加错误提示 ([ae3daa9](https://github.com/certd/certd/commit/ae3daa9bcf4fc363825aad9b77f5d3879aeeff70))
+* 群晖部署教程 ([0f0af2f](https://github.com/certd/certd/commit/0f0af2f309390f388e7a272cea3a1dd30c01977d))
+* 支持群晖 ([5c270b6](https://github.com/certd/certd/commit/5c270b6b9d45a2152f9fdb3c07bd98b7c803cb8e))
+
+## [1.24.3](https://github.com/certd/certd/compare/v1.24.2...v1.24.3) (2024-09-06)
+
+### Performance Improvements
+
+* 支持多吉云cdn证书部署 ([65ef685](https://github.com/certd/certd/commit/65ef6857296784ca765926e09eafcb6fc8b6ecde))
+
 ## [1.24.2](https://github.com/certd/certd/compare/v1.24.1...v1.24.2) (2024-09-06)
 
 ### Bug Fixes

LICENSE.md

@@ -1,4 +1,6 @@
-# Certd Open Source License
+
+                    Certd Open Source License
+                  
 
 - This project is licensed under the **GNU Affero General Public License (AGPL)** with the following additional terms.  
 - 本项目遵循 GNU Affero General Public License（AGPL），并附加以下条款。

README.md

@@ -5,22 +5,6 @@ Certd 是一个免费全自动申请和自动部署更新SSL证书的工具。
 
 关键字：证书自动申请、证书自动更新、证书自动续期、证书自动续签
 
-************************
-支持开源，为爱发电，我已入驻爱发电   
-https://afdian.com/a/greper
-
-发电权益：
-1. 可加入发电专属群，可以获得作者一对一技术支持
-2. 您的需求我们将优先实现，并且将作为专业版功能提供
-3. 一年期专业版激活码
-4. 赠送国外免费服务器部署方案（0成本使用Certd，不过该服务器需要翻墙）
-
-专业版特权
-1. 证书流水线条数无限制（免费版限制10条）
-2. 免配置发邮件功能
-3. FTP上传、cdnfly、宝塔等部署插件
-4. 更多功能增加中...
-************************
 
 ## 一、特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。     
@@ -45,33 +29,48 @@ https://certd.handsfree.work/
 ## 三、使用教程
 本案例演示，如何配置自动申请证书，并部署到阿里云CDN，然后快要到期前自动更新证书并重新部署     
 
-![演示](./doc/images/5-view.png)
-![演示](./doc/images/9-start.png)
-![演示](./doc/images/10-1-log.png)
-![演示](./doc/images/13-3-download.png)
-![演示](./doc/images/13-1-result.png)
+![演示](./packages/ui/certd-client/public/doc/images/5-view.png)
+![演示](./packages/ui/certd-client/public/doc/images/9-start.png)
+![演示](./packages/ui/certd-client/public/doc/images/10-1-log.png)
+![演示](./packages/ui/certd-client/public/doc/images/13-3-download.png)
+![演示](./packages/ui/certd-client/public/doc/images/13-1-result.png)
 
 ↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓      
 -------> [点我查看详细使用步骤演示](./step.md)   <--------      
 ↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑     
 
+当前支持的部署插件列表
+![演示](./doc/images/plugins.png)
+
 ## 四、私有化部署
 
 由于证书、授权信息等属于高度敏感数据，请务必私有化部署，保障数据安全
 
-### 1. 安装docker、docker-compose
+### 4.1 宝塔面板一键部署
+
+1. 安装宝塔面板，前往 [宝塔面板](https://www.bt.cn/u/CL3JHS) 官网，选择9.2.0以上正式版的脚本下载安装
+
+2. 安装后登录宝塔面板，在菜单栏中点击 Docker，首次进入会提示安装Docker服务，点击立即安装，按提示完成安装
+
+3. 安装完成后在应用商店中找到`certd`（要先点右上角更新应用），点击安装，配置域名等基本信息即可完成安装
+
+### 4.2 宝塔面板容器编排部署
+
+[宝塔面板容器编排部署教程](./doc/deploy/baota/baota.md)
+
+### 4.3 Docker部署
+#### 1. 安装docker、docker-compose
 
 1.1 准备一台云服务器
 * 【阿里云】云服务器2核2G，新老用户同享，99元/年，续费同价！【 [立即购买](https://www.aliyun.com/benefit?scm=20140722.M_10244282._.V_1&source=5176.11533457&userCode=qya11txb )】
 * 【腾讯云】云服务器2核2G，新老用户同享，99元/年，续费同价！【 [立即购买](https://cloud.tencent.com/act/cps/redirect?redirect=6094&cps_key=b3ef73330335d7a6efa4a4bbeeb6b2c9&from=console)】
-  
 
 1.2 安装docker      
 
 https://docs.docker.com/engine/install/   
 选择对应的操作系统，按照官方文档执行命令即可   
 
-### 2. 运行certd
+#### 2. 运行certd
 
 [docker-compose.yaml 下载](https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml)
 
@@ -98,25 +97,36 @@ docker compose up -d
 > 如果提示 没有compose命令,请安装docker-compose   
 > https://docs.docker.com/compose/install/linux/
 
-#### 镜像说明：
+#### 3. 镜像说明：
 * 国内镜像地址:
   * `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest`
+  * `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7`、`[version]-armv7`
 * DockerHub地址：
   * `https://hub.docker.com/r/greper/certd`
-  * `docker pull greper/certd:latest`
+  * `greper/certd:latest`
+  * `greper/certd:armv7`、`greper/certd:[version]-armv7`
 
 * 镜像构建通过`Actions`自动执行，过程公开透明，请放心使用
   * [点我查看镜像构建日志](https://github.com/certd/certd/actions/workflows/build-image.yml) 
 
 ![](./doc/images/action-build.jpg)
 
-
-### 3. 访问
+#### 4. 访问测试
 
 http://your_server_ip:7001    
 默认账号密码：admin/123456    
 记得修改密码   
 
+### 4.4 源码部署
+```shell
+# 克隆代码
+git clone https://github.com/certd/certd
+cd certd
+# 启动服务
+./start.sh  
+```
+如果是windows，请先安装`git for windows` ，然后右键，选择`open git bash here`打开终端，再执行`./start.sh`命令
+
 
 ## 五、 升级
 如果使用固定版本号
@@ -157,17 +167,18 @@ docker compose up -d
 * [腾讯云](./doc/tencent/tencent.md)
 * [windows主机](./doc/host/host.md)
 * [google证书](./doc/google/google.md)
+* [群晖部署certd及证书更新教程](./doc/synology/index.md)
 
 
 ## 八、问题处理
 ### 7.1 忘记管理员密码   
 解决方法如下：
-1. 修改docker-compose.yaml文件，将环境变量`certd_system_resetAdminPassword`改为`true`
+1. 修改docker-compose.yaml文件，将环境变量`certd_system_resetAdminPasswd`改为`true`
 ```yaml
 services:
   certd:
     environment: # 环境变量
-      - certd_system_resetAdminPassword=false
+      - certd_system_resetAdminPasswd=false
 ```
 2. 重启容器
 ```shell
@@ -175,7 +186,7 @@ docker compose up -d
 docker logs -f --tail 500 certd
 # 观察日志，当日志中输出“重置1号管理员用户的密码完成”，即可操作下一步
 ```
-3. 修改docker-compose.yaml，将`certd_system_resetAdminPassword`改回`false`
+3. 修改docker-compose.yaml，将`certd_system_resetAdminPasswd`改回`false`
 4. 再次重启容器
 ```shell
 docker compose up -d
@@ -195,23 +206,37 @@ docker compose up -d
 </p>
 
 ## 十、捐赠
+************************
 支持开源，为爱发电，我已入驻爱发电   
 https://afdian.com/a/greper
 
 发电权益：
-1. 可加入发电专属群（先加我好友，发送发电截图，我拉你进群）
-2. 你的需求优先实现
-3. 可以获得作者一对一技术支持
-4. 更多权益陆续增加中...
+1. 可加入发电专属群，可以获得作者一对一技术支持
+2. 您的需求我们将优先实现，并且将作为专业版功能提供
+3. 一年期专业版激活码
+4. 赠送国外免费服务器部署方案（0成本使用Certd，可能需要翻墙，不过现在性能越来越差了）
 
 
+专业版特权对比
+
+| 功能      | 免费版                    | 专业版                   |
+|---------|------------------------|-----------------------|
+| 免费证书申请  | 免费无限制                  | 免费无限制                 |
+| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署等 | 支持群晖、宝塔、1Panel等，持续开发中 |
+| 发邮件功能   | 需要配置                   | 免配置                   |
+| 证书流水线条数 | 10条                    | 无限制                   |
+
+************************
+
 ## 十一、贡献代码
 
-1.  [贡献插件教程](./plugin.md)
+1. 本地开发 [贡献插件教程](./doc/dev/development.md)
 2. 作为贡献者，代表您同意您贡献的代码如下许可：
    1. 可以调整开源协议以使其更严格或更宽松。
    2. 可以用于商业用途。
 
+
+
 ## 十二、 开源许可
 * 本项目遵循 GNU Affero General Public License（AGPL）开源协议。   
 * 允许个人和公司使用、复制、修改和分发本项目，禁止任何形式的商业用途 

build.trigger

@@ -1 +1 @@
-23:58
+18:06

doc/deploy/baota/baota.md

@@ -0,0 +1,32 @@
+# 宝塔部署教程
+
+## 编排模版部署
+
+### 创建docker模版
+打开docker-compose.yaml，
+https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
+
+整个内容复制下来
+
+然后到宝塔里面进到docker的编排模版，新建模版
+![](./images/1.png)
+
+### 启动应用
+
+![img.png](./images/2.png)
+
+等待启动完成
+
+### 打开应用
+
+http://ip:7001
+
+
+## 二、一键应用部署
+需要宝塔9.2.0版本
+
+### 应用商店
+进入应用商店，更新应用列表
+
+### 搜索certd
+点击安装

doc/dev/development.md

@@ -1,4 +1,5 @@
-# 贡献插件
+# 本地开发
+欢迎贡献插件
 
 ## 1.本地调试运行
 
@@ -11,9 +12,6 @@ git clone https://github.com/certd/certd
 #进入项目目录
 cd certd
 
-# 切换到最新的版本tag，v2分支可能不稳定
-checkout tags/vx.x.x # x.x.x为最新的版本号
-
 # 安装依赖
 npm install -g pnpm@8.15.7
 pnpm install

doc/google/google.md

@@ -21,17 +21,17 @@ gcloud beta publicca external-account-keys create
 
 ```shell
 Created an external account key
-[b64MacKey: xxxxxxxxxxxxx
-keyId: xxxxxxxxx]
+[b64MacKey: xxxxxxxxxxxxxxxx
+keyId: xxxxxxxxxxxxx]
 ```
-记录以上信息备用
+记录以上信息备用（注意keyId是不带中括号的）
 
 
 ## 3、 创建证书流水线
 选择证书提供商为google， 开启使用代理
 
 ## 4、 将key信息作为EAB授权信息
-google证书需要EAB授权， 使用第二步中的 keyId 和 b64MacKey 信息创建一条EAB授权记录      
-
+google证书需要EAB授权， 使用第二步中的 keyId 和 b64MacKey 信息创建一条EAB授权记录         
+注意：keyId没有`]`结尾，不要把`]`也复制了
 ## 5、 其他就跟正常申请证书一样了
 

doc/synology/index.md

@@ -0,0 +1,41 @@
+# 群晖部署和证书更新
+
+
+## 一、群晖系统上部署Certd教程
+
+### 1. 打开Container Manager
+
+![](./images/1.png)
+
+### 2. 新增项目
+
+![](./images/2.png)
+
+### 3. 配置Certd项目
+
+![](./images/3.png)
+
+### 4. 外网访问设置
+
+![](./images/4.png)
+
+### 5. 确认项目信息
+
+![](./images/5.png)
+
+点击完成安装，等待certd启动完成即可
+
+### 6. 门户配置向导【可选】
+
+![](./images/6.png)
+
+
+
+## 二、更新群晖证书
+
+## 1. 前提条件
+* 已经部署了certd
+* 群晖上已经设置好了证书(证书建议设置好描述，插件需要根据描述查找证书)
+
+## 2. 在certd上配置自动更新群晖证书插件
+![](./images/deploy.png)

docker/run/docker-compose.yaml

@@ -1,38 +1,40 @@
-version: '3.3'
+version: '3.3' # 兼容旧版docker-compose
 services:
   certd:
-    # 镜像                                                  #  ↓↓↓↓↓ --- 镜像版本号，建议改成固定版本号【可选】
+    # 镜像                                                  #  ↓↓↓↓↓ --- 镜像版本号，建议改成固定版本号
     image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
     container_name: certd # 容器名
     restart: unless-stopped # 自动重启
     volumes:
-      #   ↓↓↓↓↓ -------------------------------------------------------- 数据库以及证书存储路径,默认存在宿主机的/data/certd/目录下【可选】
+      #   ↓↓↓↓↓ -------------------------------------------------------- 数据库以及证书存储路径,默认存在宿主机的/data/certd/目录下，【您需要定时备份此目录，以保障数据容灾】
       - /data/certd:/app/data
     ports: # 端口映射
-      #  ↓↓↓↓ ---------------------------------------------------------- 如果端口有冲突，可以修改第一个7001为其他不冲突的端口号【可选】
+      #  ↓↓↓↓ ---------------------------------------------------------- 如果端口有冲突，可以修改第一个7001为其他不冲突的端口号
       - "7001:7001"
     dns:
-      # 如果出现getaddrinfo ENOTFOUND等错误，可以尝试修改或注释dns配置
+      #  ↓↓↓↓ ---------------------------------------------------------- 如果出现getaddrinfo ENOTFOUND等错误，可以尝试修改或注释dns配置
       - 223.5.5.5
       - 223.6.6.6
-      #  ↓↓↓↓ ---------------------------------------------------------- 如果你服务器部署在国外，可以用8.8.8.8替换上面的dns【可选】
+      #  ↓↓↓↓ ---------------------------------------------------------- 如果你服务器部署在国外，可以用8.8.8.8替换上面的dns
 #      - 8.8.8.8
 #      - 8.8.4.4
+#    extra_hosts:
+      #  ↓↓↓↓ ---------------------------------------------------------- 这里可以配置自定义hosts，外网域名可以指向本地局域网ip地址
+#      - "localdomain.comm:192.168.1.3"
     environment: # 环境变量
       - TZ=Asia/Shanghai
       #- HTTPS_PROXY=http://xxxxxx:xx
       #- HTTP_PROXY=http://xxxxxx:xx
-                          #  ↑↑↑↑↑ ------------------------------------- 这里可以设置http代理【可选】
+                          #  ↑↑↑↑↑ ------------------------------------- 这里可以设置http代理
       - certd_system_resetAdminPasswd=false
-                                     #  ↑↑↑↑↑--------------------------- 如果忘记管理员密码，可以设置为true，重启之后，管理员密码将改成123456，然后请及时修改回false【可选】
+                                     #  ↑↑↑↑↑--------------------------- 如果忘记管理员密码，可以设置为true，重启之后，管理员密码将改成123456，然后请及时修改回false
       - certd_cron_immediateTriggerOnce=false
-                                     #  ↑↑↑↑↑--------------------------- 如果设置为true，启动后所有配置了cron的流水线任务都将被立即触发一次【可选】
+                                     #  ↑↑↑↑↑--------------------------- 如果设置为true，启动后所有配置了cron的流水线任务都将被立即触发一次
       - VITE_APP_ICP_NO=
-                      #  ↑↑↑↑↑ ----------------------------------------- 这里可以设置备案号【可选】
+                      #  ↑↑↑↑↑ ----------------------------------------- 这里可以设置备案号
       #- certd_koa_key=./data/ssl/cert.key
       #- certd_koa_cert=./data/ssl/cert.crt
-                      #  ↑↑↑↑↑ ----------------------------------------- 配置证书和key，则表示https方式启动，访问网址要使用 https://your.domain:7001【可选】
-
+                      #  ↑↑↑↑↑ ----------------------------------------- 配置证书和key，则表示https方式启动，使用https协议访问，https://your.domain:7001
       # 设置环境变量即可自定义certd配置
       # 服务端配置项见： packages/ui/certd-server/src/config/config.default.ts
       # 服务端配置规则： certd_ + 配置项, 点号用_代替

init.sh

@@ -1,3 +1,4 @@
+
 current_pwd=$(pwd)
 
 echo "开始设置git配置"

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.24.2"
+  "version": "1.25.9"
 }

package.json

@@ -12,11 +12,13 @@
   "scripts": {
     "start": "lerna bootstrap --hoist",
     "i-all": "lerna link && lerna exec npm install  ",
-    "publish": "npm run prepublishOnly2  && lerna publish --conventional-commits --create-release github && npm run afterpublishOnly",
+    "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly && npm run commitAll",
     "afterpublishOnly": "time /t >build.trigger && git add ./build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
+    "commitAll" : "git add . && git commit -m \"build: publish\" && git push && npm run commitPro",
+    "commitPro" : "cd ./packages/core/ && git add . && git commit -m \"build: publish\" && git push",
     "prepublishOnly1": "npm run check && lerna run build ",
     "prepublishOnly2": "npm run check && npm run before-build && lerna run build ",
-    "before-build": "cd ./packages/core/pipeline && time /t >build.md && git add ./build.md && git commit -m \"build: prepare to build\"",
+    "before-build": "cd ./packages/core/basic && time /t >build.md && git add ./build.md && git commit -m \"build: prepare to build\"",
     "deploy1": "node --experimental-json-modules deploy.js ",
     "check": "node --experimental-json-modules publish-check.js",
     "init": "lerna run build"
@@ -29,4 +31,4 @@
   "workspaces": [
     "packages/**"
   ]
-}
+}

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,59 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.25.9](https://github.com/publishlab/node-acme-client/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.8](https://github.com/publishlab/node-acme-client/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.7](https://github.com/publishlab/node-acme-client/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.6](https://github.com/publishlab/node-acme-client/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+### Performance Improvements
+
+* 部署支持1Panel ([d047234](https://github.com/publishlab/node-acme-client/commit/d047234d98d31504f2e5a472b66e1b75806af26e))
+
+## [1.25.5](https://github.com/publishlab/node-acme-client/compare/v1.25.4...v1.25.5) (2024-09-26)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.4](https://github.com/publishlab/node-acme-client/compare/v1.25.3...v1.25.4) (2024-09-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.3](https://github.com/publishlab/node-acme-client/compare/v1.25.2...v1.25.3) (2024-09-24)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.2](https://github.com/publishlab/node-acme-client/compare/v1.25.1...v1.25.2) (2024-09-24)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.1](https://github.com/publishlab/node-acme-client/compare/v1.25.0...v1.25.1) (2024-09-24)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.25.0](https://github.com/publishlab/node-acme-client/compare/v1.24.4...v1.25.0) (2024-09-24)
+
+### Performance Improvements
+
+* 证书支持旧版RSA，pkcs1 ([3d9c3ec](https://github.com/publishlab/node-acme-client/commit/3d9c3ecb3eb604b2458154f608bde0f01915d116))
+* 支持七牛云 ([8ecc2f9](https://github.com/publishlab/node-acme-client/commit/8ecc2f9446a9ebd11b9bfbffbb6cf7812a043495))
+
+## [1.24.4](https://github.com/publishlab/node-acme-client/compare/v1.24.3...v1.24.4) (2024-09-09)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.24.3](https://github.com/publishlab/node-acme-client/compare/v1.24.2...v1.24.3) (2024-09-06)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.24.2](https://github.com/publishlab/node-acme-client/compare/v1.24.1...v1.24.2) (2024-09-06)
 
 ### Performance Improvements

packages/core/acme-client/package.json

@@ -3,13 +3,13 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.24.2",
+    "version": "1.25.9",
     "main": "src/index.js",
     "types": "types/index.d.ts",
     "license": "MIT",
     "homepage": "https://github.com/publishlab/node-acme-client",
     "engines": {
-        "node": ">= 16"
+        "node": ">= 18"
     },
     "files": [
         "src",
@@ -34,7 +34,7 @@
         "mocha": "^10.6.0",
         "nock": "^13.5.4",
         "tsd": "^0.31.1",
-        "typescript": "^4.8.4",
+        "typescript": "^5.4.2",
         "uuid": "^8.3.2"
     },
     "scripts": {
@@ -59,5 +59,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "bef6b981e26a010a797734e508de6822de8564f5"
+    "gitHead": "f548fe70117c7b56f40c66a3021e63b6cb264fb3"
 }

packages/core/acme-client/src/crypto/index.js

@@ -67,11 +67,11 @@ function getKeyInfo(keyPem) {
  * ```
  */
 
-async function createPrivateRsaKey(modulusLength = 2048) {
+async function createPrivateRsaKey(modulusLength = 2048, encodingType = 'pkcs8') {
     const pair = await generateKeyPair('rsa', {
         modulusLength,
         privateKeyEncoding: {
-            type: 'pkcs8',
+            type: encodingType,
             format: 'pem',
         },
     });
@@ -106,11 +106,11 @@ exports.createPrivateKey = createPrivateRsaKey;
  * ```
  */
 
-exports.createPrivateEcdsaKey = async (namedCurve = 'P-256') => {
+exports.createPrivateEcdsaKey = async (namedCurve = 'P-256', encodingType = 'pkcs8') => {
     const pair = await generateKeyPair('ec', {
         namedCurve,
         privateKeyEncoding: {
-            type: 'pkcs8',
+            type: encodingType,
             format: 'pem',
         },
     });

packages/core/acme-client/src/index.js

@@ -32,7 +32,7 @@ exports.directory = {
  */
 
 exports.crypto = require('./crypto');
-// exports.forge = require('./crypto/forge');
+exports.forge = require('./crypto/forge');
 
 /**
  * Axios

packages/core/acme-client/types/index.d.ts

@@ -155,16 +155,16 @@ export interface EcdsaPublicJwk {
 }
 
 export interface CryptoInterface {
-    createPrivateKey(keySize?: number): Promise<PrivateKeyBuffer>;
-    createPrivateRsaKey(keySize?: number): Promise<PrivateKeyBuffer>;
-    createPrivateEcdsaKey(namedCurve?: 'P-256' | 'P-384' | 'P-521'): Promise<PrivateKeyBuffer>;
+    createPrivateKey(keySize?: number,encodingType?:string): Promise<PrivateKeyBuffer>;
+    createPrivateRsaKey(keySize?: number,encodingType?:string): Promise<PrivateKeyBuffer>;
+    createPrivateEcdsaKey(namedCurve?: 'P-256' | 'P-384' | 'P-521',encodingType?:string): Promise<PrivateKeyBuffer>;
     getPublicKey(keyPem: PrivateKeyBuffer | PrivateKeyString | PublicKeyBuffer | PublicKeyString): PublicKeyBuffer;
     getJwk(keyPem: PrivateKeyBuffer | PrivateKeyString | PublicKeyBuffer | PublicKeyString): RsaPublicJwk | EcdsaPublicJwk;
     splitPemChain(chainPem: CertificateBuffer | CertificateString): string[];
     getPemBodyAsB64u(pem: CertificateBuffer | CertificateString): string;
     readCsrDomains(csrPem: CsrBuffer | CsrString): CertificateDomains;
     readCertificateInfo(certPem: CertificateBuffer | CertificateString): CertificateInfo;
-    createCsr(data: CsrOptions, keyPem?: PrivateKeyBuffer | PrivateKeyString): Promise<[PrivateKeyBuffer, CsrBuffer]>;
+    createCsr(data: CsrOptions, keyPem?: PrivateKeyBuffer | PrivateKeyString,encodingType?:string): Promise<[PrivateKeyBuffer, CsrBuffer]>;
     createAlpnCertificate(authz: Authorization, keyAuthorization: string, keyPem?: PrivateKeyBuffer | PrivateKeyString): Promise<[PrivateKeyBuffer, CertificateBuffer]>;
     isAlpnCertificateAuthorizationValid(certPem: CertificateBuffer | CertificateString, keyAuthorization: string): boolean;
 }

packages/core/basic/CHANGELOG.md

@@ -0,0 +1,10 @@
+# Change Log
+
+All notable changes to this project will be documented in this file.
+See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
+
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+### Bug Fixes
+
+* 修复西部数码账户级别apikey不可用的bug ([f8f3e8b](https://github.com/certd/certd/commit/f8f3e8b43fd5d815887bcb53b95f46dc96424b79))

packages/core/basic/build.md

@@ -0,0 +1 @@
+02:02

packages/core/basic/package.json

@@ -0,0 +1,11 @@
+{
+  "name": "@certd/basic",
+  "version": "1.25.9",
+  "main": "src/index.js",
+  "scripts": {
+    "build": "echo 'basic'"
+  },
+  "author": "",
+  "license": "MIT",
+  "description": ""
+}

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,76 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+### Bug Fixes
+
+* 修复某些地区被屏蔽无法激活专业版的bug ([7532a96](https://github.com/certd/certd/commit/7532a960851b84d4f2cc3dba02353c5235e1a364))
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+### Performance Improvements
+
+* 部署支持1Panel ([d047234](https://github.com/certd/certd/commit/d047234d98d31504f2e5a472b66e1b75806af26e))
+
+## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.25.4](https://github.com/certd/certd/compare/v1.25.3...v1.25.4) (2024-09-25)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.25.3](https://github.com/certd/certd/compare/v1.25.2...v1.25.3) (2024-09-24)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.25.2](https://github.com/certd/certd/compare/v1.25.1...v1.25.2) (2024-09-24)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.25.1](https://github.com/certd/certd/compare/v1.25.0...v1.25.1) (2024-09-24)
+
+**Note:** Version bump only for package @certd/pipeline
+
+# [1.25.0](https://github.com/certd/certd/compare/v1.24.4...v1.25.0) (2024-09-24)
+
+### Bug Fixes
+
+* 修复首次创建任务运行时不自动设置当前运行情况的bug ([ecd83ee](https://github.com/certd/certd/commit/ecd83ee136abdd3df9ed2f21ec2ff0f24c0ed9d9))
+
+### Performance Improvements
+
+* 群晖支持OTP双重验证登录 ([8b8039f](https://github.com/certd/certd/commit/8b8039f42bbce10a4d0e737cdeeeef9bb17bee5a))
+* 任务支持禁用 ([8ed16b3](https://github.com/certd/certd/commit/8ed16b3ea2dfe847357863a0bfa614e4fa5fc041))
+* 支持阿里云ACK证书部署 ([d331fea](https://github.com/certd/certd/commit/d331fea47789122650e057ec7c9e85ee8e66f09b))
+* 支持七牛云 ([8ecc2f9](https://github.com/certd/certd/commit/8ecc2f9446a9ebd11b9bfbffbb6cf7812a043495))
+* 支持k8s ingress secret ([e5a5d0a](https://github.com/certd/certd/commit/e5a5d0a607bb6b4e1a1f7a1a419bada5f2dee59f))
+* http请求增加默认超时时间 ([664bd86](https://github.com/certd/certd/commit/664bd863e5b4895aabe2384277c0c65f5902fdb2))
+* plugins增加图标 ([a8da658](https://github.com/certd/certd/commit/a8da658a9723342b4f43a579f7805bfef0648efb))
+
+## [1.24.4](https://github.com/certd/certd/compare/v1.24.3...v1.24.4) (2024-09-09)
+
+### Performance Improvements
+
+* 前置任务步骤增加错误提示 ([ae3daa9](https://github.com/certd/certd/commit/ae3daa9bcf4fc363825aad9b77f5d3879aeeff70))
+* 群晖部署教程 ([0f0af2f](https://github.com/certd/certd/commit/0f0af2f309390f388e7a272cea3a1dd30c01977d))
+* 支持群晖 ([5c270b6](https://github.com/certd/certd/commit/5c270b6b9d45a2152f9fdb3c07bd98b7c803cb8e))
+
+## [1.24.3](https://github.com/certd/certd/compare/v1.24.2...v1.24.3) (2024-09-06)
+
+### Performance Improvements
+
+* 支持多吉云cdn证书部署 ([65ef685](https://github.com/certd/certd/commit/65ef6857296784ca765926e09eafcb6fc8b6ecde))
+
 ## [1.24.2](https://github.com/certd/certd/compare/v1.24.1...v1.24.2) (2024-09-06)
 
 ### Performance Improvements

packages/core/pipeline/build.md

@@ -1 +1 @@
-22:33
+02:40

packages/core/pipeline/package.json

@@ -1,25 +1,31 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.24.2",
+  "version": "1.25.9",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "scripts": {
     "dev": "vite",
-    "build": "tsc --skipLibCheck",
+    "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
+    "build": "npm run before-build && tsc --skipLibCheck",
     "build3": "rollup -c",
     "build2": "vue-tsc --noEmit && vite build",
     "preview": "vite preview",
     "test": "mocha   --loader=ts-node/esm"
   },
   "dependencies": {
-    "@certd/plus": "1.22.1",
+    "@certd/basic": "^1.25.9",
+    "@certd/plus-core": "^1.25.9",
     "axios": "^1.7.2",
     "fix-path": "^4.0.0",
+    "http-proxy-agent": "^7.0.2",
+    "https-proxy-agent": "^7.0.5",
     "lodash-es": "^4.17.21",
+    "lru-cache": "^10.0.0",
     "node-forge": "^1.3.1",
     "nodemailer": "^6.9.3",
+    "proxy-agent": "^6.4.0",
     "qs": "^6.11.2"
   },
   "devDependencies": {
@@ -47,15 +53,16 @@
     "mocha": "^10.2.0",
     "prettier": "^2.8.8",
     "reflect-metadata": "^0.1.13",
+    "rimraf": "^5.0.5",
     "rollup": "^3.7.4",
     "rollup-plugin-typescript2": "^0.34.1",
     "rollup-plugin-visualizer": "^5.8.2",
     "ts-node": "^10.9.1",
     "tsc-esm-fix": "^3.0.0",
     "tslib": "^2.5.2",
-    "typescript": "^5.0.4",
+    "typescript": "^5.4.2",
     "vite": "^4.3.8",
     "vue-tsc": "^1.6.5"
   },
-  "gitHead": "bef6b981e26a010a797734e508de6822de8564f5"
+  "gitHead": "f548fe70117c7b56f40c66a3021e63b6cb264fb3"
 }

packages/core/pipeline/src/access/api.ts

@@ -1,5 +1,8 @@
 import { Registrable } from "../registry/index.js";
 import { FormItemProps } from "../dt/index.js";
+import { HttpClient, ILogger, utils } from "../utils/index.js";
+import _ from "lodash-es";
+import { AccessRequestHandleReq } from "../core";
 
 export type AccessInputDefine = FormItemProps & {
   title: string;
@@ -12,8 +15,39 @@ export type AccessDefine = Registrable & {
   };
 };
 export interface IAccessService {
-  getById(id: any): Promise<any>;
+  getById<T = any>(id: any): Promise<T>;
 }
 
-// eslint-disable-next-line @typescript-eslint/no-empty-interface
-export interface IAccess {}
+export interface IAccess {
+  ctx: AccessContext;
+  [key: string]: any;
+}
+
+export type AccessContext = {
+  http: HttpClient;
+  logger: ILogger;
+  utils: typeof utils;
+};
+
+export abstract class BaseAccess implements IAccess {
+  ctx!: AccessContext;
+
+  async onRequest(req: AccessRequestHandleReq) {
+    if (!req.action) {
+      throw new Error("action is required");
+    }
+
+    let methodName = req.action;
+    if (!req.action.startsWith("on")) {
+      methodName = `on${_.upperFirst(req.action)}`;
+    }
+
+    // @ts-ignore
+    const method = this[methodName];
+    if (method) {
+      // @ts-ignore
+      return await this[methodName](req.data);
+    }
+    throw new Error(`action ${req.action} not found`);
+  }
+}

packages/core/pipeline/src/access/decorator.ts

@@ -1,8 +1,9 @@
 // src/decorator/memoryCache.decorator.ts
-import { AccessDefine, AccessInputDefine } from "./api.js";
+import { AccessContext, AccessDefine, AccessInputDefine } from "./api.js";
 import { Decorator } from "../decorator/index.js";
 import _ from "lodash-es";
 import { accessRegistry } from "./registry.js";
+import { http, logger, utils } from "../utils/index.js";
 
 // 提供一个唯一 key
 export const ACCESS_CLASS_KEY = "pipeline:access";
@@ -37,3 +38,24 @@ export function AccessInput(input?: AccessInputDefine): PropertyDecorator {
     Reflect.defineMetadata(ACCESS_INPUT_KEY, input, target, propertyKey);
   };
 }
+
+export function newAccess(type: string, input: any, ctx?: AccessContext) {
+  const register = accessRegistry.get(type);
+  if (register == null) {
+    throw new Error(`access ${type} not found`);
+  }
+  // @ts-ignore
+  const access = new register.target();
+  for (const key in input) {
+    access[key] = input[key];
+  }
+  if (!ctx) {
+    ctx = {
+      http,
+      logger,
+      utils,
+    };
+  }
+  access.ctx = ctx;
+  return access;
+}

packages/core/pipeline/src/context/index.ts

@@ -1,6 +1,4 @@
-import { AxiosInstance } from "axios";
 import { IContext } from "../core/index.js";
 
-export type HttpClient = AxiosInstance;
 export type UserContext = IContext;
 export type PipelineContext = IContext;

packages/core/pipeline/src/core/executor.ts

@@ -1,7 +1,7 @@
 import { ConcurrencyStrategy, NotificationWhen, Pipeline, ResultType, Runnable, RunStrategy, Stage, Step, Task } from "../dt/index.js";
 import _ from "lodash-es";
 import { RunHistory, RunnableCollection } from "./run-history.js";
-import { AbstractTaskPlugin, PluginDefine, pluginRegistry, TaskInstanceContext } from "../plugin/index.js";
+import { AbstractTaskPlugin, PluginDefine, pluginRegistry, TaskInstanceContext, UserInfo } from "../plugin/index.js";
 import { ContextFactory, IContext } from "./context.js";
 import { IStorage } from "./storage.js";
 import { logger } from "../utils/util.log.js";
@@ -12,17 +12,17 @@ import { RegistryItem } from "../registry/index.js";
 import { Decorator } from "../decorator/index.js";
 import { IEmailService } from "../service/index.js";
 import { FileStore } from "./file-store.js";
-import { hashUtils } from "../utils/index.js";
+import { hashUtils, utils } from "../utils/index.js";
 // import { TimeoutPromise } from "../utils/util.promise.js";
 
 export type ExecutorOptions = {
-  userId: any;
   pipeline: Pipeline;
   storage: IStorage;
   onChanged: (history: RunHistory) => Promise<void>;
   accessService: IAccessService;
   emailService: IEmailService;
   fileRootDir?: string;
+  user: UserInfo;
 };
 
 export class Executor {
@@ -46,7 +46,7 @@ export class Executor {
     this.onChanged = async (history: RunHistory) => {
       await options.onChanged(history);
     };
-    this.pipeline.userId = options.userId;
+    this.pipeline.userId = options.user.id;
     this.contextFactory = new ContextFactory(options.storage);
     this.logger = logger;
     this.pipelineContext = this.contextFactory.getContext("pipeline", this.pipeline.id);
@@ -93,7 +93,7 @@ export class Executor {
       await this.notification("success");
     } catch (e: any) {
       await this.notification("error", e);
-      this.logger.error("pipeline 执行失败", e.stack);
+      this.logger.error("pipeline 执行失败", e);
     } finally {
       clearInterval(intervalFlushLogId);
       await this.onChanged(this.runtime);
@@ -104,11 +104,18 @@ export class Executor {
 
   async runWithHistory(runnable: Runnable, runnableType: string, run: () => Promise<ResultType | void>) {
     runnable.runnableType = runnableType;
+
     this.runtime.start(runnable);
-    // const timeout = runnable.timeout ?? 20 * 60 * 1000;
-    await this.onChanged(this.runtime);
 
     try {
+      if (runnable.disabled) {
+        //该任务被禁用
+        this.runtime.disabled(runnable);
+        return ResultType.disabled;
+      }
+
+      await this.onChanged(this.runtime);
+
       if (this.abort.signal.aborted) {
         this.runtime.cancel(runnable);
         return ResultType.canceled;
@@ -217,11 +224,17 @@ export class Executor {
       if (item.component?.name === "pi-output-selector") {
         const contextKey = input[key];
         if (contextKey != null) {
+          if (typeof contextKey !== "string") {
+            throw new Error(`步骤${step.title}的${item.title}属性必须为String类型，请重新配置该属性`);
+          }
           // "cert": "step.-BNFVPMKPu2O-i9NiOQxP.cert",
           const arr = contextKey.split(".");
           const id = arr[1];
           const outputKey = arr[2];
           input[key] = this.currentStatusMap.get(id)?.status?.output[outputKey] ?? this.lastStatusMap.get(id)?.status?.output[outputKey];
+          if (input[key] == null) {
+            this.logger.warn(`${item.title}的配置未找到对应的输出值，请确认对应的前置任务是否存在或者是否执行正确`);
+          }
         }
       }
     });
@@ -231,14 +244,13 @@ export class Executor {
     //判断是否需要跳过
     const lastNode = this.lastStatusMap.get(step.id);
     const lastResult = lastNode?.status?.status;
+    let inputChanged = true;
+    const lastInputHash = lastNode?.status?.inputHash;
+    if (lastInputHash && newInputHash && lastInputHash === newInputHash) {
+      //参数有变化
+      inputChanged = false;
+    }
     if (step.strategy?.runStrategy === RunStrategy.SkipWhenSucceed) {
-      //如果是成功后跳过策略
-      let inputChanged = true;
-      const lastInputHash = lastNode?.status?.inputHash;
-      if (lastInputHash && newInputHash && lastInputHash === newInputHash) {
-        //参数有变化
-        inputChanged = false;
-      }
       if (lastResult != null && lastResult === ResultType.success && !inputChanged) {
         step.status!.output = lastNode?.status?.output;
         step.status!.files = lastNode?.status?.files;
@@ -253,16 +265,19 @@ export class Executor {
       lastStatus,
       http,
       logger: currentLogger,
+      inputChanged,
       accessService: this.options.accessService,
       emailService: this.options.emailService,
       pipelineContext: this.pipelineContext,
-      userContext: this.contextFactory.getContext("user", this.options.userId),
+      userContext: this.contextFactory.getContext("user", this.options.user.id),
       fileStore: new FileStore({
         scope: this.pipeline.id,
         parent: this.runtime.id,
         rootDir: this.options.fileRootDir,
       }),
       signal: this.abort.signal,
+      utils,
+      user: this.options.user,
     };
     instance.setCtx(taskCtx);
 

packages/core/pipeline/src/core/handler.ts

@@ -0,0 +1,21 @@
+import { HttpClient, ILogger, utils } from "../utils/index.js";
+
+export type PluginRequestHandleReq<T = any> = {
+  typeName: string;
+  action: string;
+  input: T;
+  data: any;
+};
+
+export type AccessRequestHandleReqInput<T = any> = {
+  id?: number;
+  title?: string;
+  access: T;
+};
+export type AccessRequestHandleContext = {
+  http: HttpClient;
+  logger: ILogger;
+  utils: typeof utils;
+};
+
+export type AccessRequestHandleReq<T = any> = PluginRequestHandleReq<AccessRequestHandleReqInput<T>>;

packages/core/pipeline/src/core/index.ts

@@ -4,3 +4,4 @@ export * from "./context.js";
 export * from "./storage.js";
 export * from "./file-store.js";
 export * from "./license.js";
+export * from "./handler.js";

packages/core/pipeline/src/core/license.ts

@@ -1,7 +1,7 @@
 import { logger } from "../utils/index.js";
-import { setLogger, isPlus } from "@certd/plus";
+import { setLogger, isPlus } from "@certd/plus-core";
 setLogger(logger);
-export * from "@certd/plus";
+export * from "@certd/plus-core";
 
 export function checkPlus() {
   if (!isPlus()) {

packages/core/pipeline/src/core/run-history.ts

@@ -74,6 +74,17 @@ export class RunHistory {
     this.log(runnable, `跳过`);
   }
 
+  disabled(runnable: Runnable) {
+    const now = new Date().getTime();
+    const status = runnable.status;
+    _.merge(status, {
+      status: "canceled",
+      endTime: now,
+      result: "disabled",
+    });
+    this.log(runnable, `禁用`);
+  }
+
   error(runnable: Runnable, e: Error) {
     const now = new Date().getTime();
     const status = runnable.status;
@@ -107,8 +118,8 @@ export class RunHistory {
 
   logError(runnable: Runnable, e: Error) {
     // @ts-ignore
-    const errorInfo = runnable.runnableType == "step" ? e.stack : e.message;
-    this._loggers[runnable.id].error(`[${runnable.runnableType}] [${runnable.title}]<id:${runnable.id}> ：${errorInfo}`);
+    const errorInfo = runnable.runnableType === "step" ? e : e.message;
+    this._loggers[runnable.id].error(`[${runnable.runnableType}] [${runnable.title}]<id:${runnable.id}> ：`, errorInfo);
   }
 
   finally(runnable: Runnable) {

packages/core/pipeline/src/dt/pipeline.ts

@@ -46,6 +46,7 @@ export type Stage = Runnable & {
   tasks: Task[];
   concurrency: ConcurrencyStrategy;
   next: NextStrategy;
+  maxTaskCount?: number;
 };
 
 export type Trigger = {
@@ -70,6 +71,7 @@ export type Runnable = {
   default?: {
     [key: string]: any;
   };
+  disabled?: boolean;
 };
 
 export type EmailOptions = {
@@ -108,6 +110,7 @@ export enum ResultType {
   error = "error",
   canceled = "canceled",
   skip = "skip",
+  disabled = "disabled",
   none = "none",
 }
 

packages/core/pipeline/src/plugin/api.ts

@@ -4,10 +4,15 @@ import { FileStore } from "../core/file-store.js";
 import { Logger } from "log4js";
 import { IAccessService } from "../access/index.js";
 import { IEmailService } from "../service/index.js";
-import { IContext } from "../core/index.js";
-import { AxiosInstance } from "axios";
-import { ILogger, logger } from "../utils/index.js";
-
+import { IContext, PluginRequestHandleReq, RunnableCollection } from "../core/index.js";
+import { ILogger, logger, utils } from "../utils/index.js";
+import { HttpClient } from "../utils/util.request.js";
+import dayjs from "dayjs";
+import _ from "lodash-es";
+export type UserInfo = {
+  role: "admin" | "user";
+  id: any;
+};
 export enum ContextScope {
   global,
   pipeline,
@@ -25,6 +30,7 @@ export type TaskInputDefine = FormItemProps;
 export type PluginDefine = Registrable & {
   default?: any;
   group?: string;
+  icon?: string;
   input?: {
     [key: string]: TaskInputDefine;
   };
@@ -36,18 +42,13 @@ export type PluginDefine = Registrable & {
     [key: string]: any;
   };
 
-  reference?: {
-    src: string;
-    dest: string;
-    type: "computed";
-  }[];
-
   needPlus?: boolean;
 };
 
 export type ITaskPlugin = {
   onInstance(): Promise<void>;
   execute(): Promise<void>;
+  onRequest(req: PluginRequestHandleReq<any>): Promise<any>;
   [key: string]: any;
 };
 
@@ -57,17 +58,34 @@ export type TaskResult = {
   pipelineVars: Record<string, any>;
 };
 export type TaskInstanceContext = {
+  //流水线定义
   pipeline: Pipeline;
+  //步骤定义
   step: Step;
+  //日志
   logger: Logger;
+  //当前步骤输入参数跟上一次执行比较是否有变化
+  inputChanged: boolean;
+  //授权获取服务
   accessService: IAccessService;
+  //邮件服务
   emailService: IEmailService;
+  //流水线上下文
   pipelineContext: IContext;
+  //用户上下文
   userContext: IContext;
-  http: AxiosInstance;
+  //http请求客户端
+  http: HttpClient;
+  //文件存储
   fileStore: FileStore;
+  //上一次执行结果状态
   lastStatus?: Runnable;
+  //用户取消信号
   signal: AbortSignal;
+  //工具类
+  utils: typeof utils;
+
+  user: UserInfo;
 };
 
 export abstract class AbstractTaskPlugin implements ITaskPlugin {
@@ -90,6 +108,17 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
     this.accessService = ctx.accessService;
   }
 
+  async getAccess(accessId: string) {
+    if (accessId == null) {
+      throw new Error("您还没有配置授权");
+    }
+    const res = await this.ctx.accessService.getById(accessId);
+    if (res == null) {
+      throw new Error("授权不存在，可能已被删除，请前往任务配置里面重新选择授权");
+    }
+    return res;
+  }
+
   randomFileId() {
     return Math.random().toString(36).substring(2, 9);
   }
@@ -123,6 +152,51 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
   }
 
   abstract execute(): Promise<void>;
+
+  appendTimeSuffix(name?: string) {
+    if (name == null) {
+      name = "certd";
+    }
+    return name + "_" + dayjs().format("YYYYMMDDHHmmss");
+  }
+
+  async onRequest(req: PluginRequestHandleReq<any>) {
+    if (!req.action) {
+      throw new Error("action is required");
+    }
+
+    let methodName = req.action;
+    if (!req.action.startsWith("on")) {
+      methodName = `on${_.upperFirst(req.action)}`;
+    }
+
+    // @ts-ignore
+    const method = this[methodName];
+    if (method) {
+      // @ts-ignore
+      return await this[methodName](req.data);
+    }
+    throw new Error(`action ${req.action} not found`);
+  }
+
+  isAdmin() {
+    return this.ctx.user.role === "admin";
+  }
+
+  getStepFromPipeline(stepId: string) {
+    let found: any = null;
+    RunnableCollection.each(this.ctx.pipeline.stages, (step) => {
+      if (step.id === stepId) {
+        found = step;
+        return;
+      }
+    });
+    return found;
+  }
+
+  getStepIdFromRefInput(ref = ".") {
+    return ref.split(".")[1];
+  }
 }
 
 export type OutputVO = {

packages/core/pipeline/src/plugin/group.ts

@@ -21,5 +21,7 @@ export const pluginGroups = {
   huawei: new PluginGroup("huawei", "华为云", 3),
   tencent: new PluginGroup("tencent", "腾讯云", 4),
   host: new PluginGroup("host", "主机", 5),
-  other: new PluginGroup("other", "其他", 7),
+  cdn: new PluginGroup("cdn", "CDN", 6),
+  panel: new PluginGroup("panel", "面板", 7),
+  other: new PluginGroup("other", "其他", 8),
 };

packages/core/pipeline/src/plugin/test/echo-plugin.ts

@@ -1,25 +0,0 @@
-import { ITaskPlugin } from "../api.js";
-import { IsTaskPlugin, TaskInput } from "../decorator.js";
-
-@IsTaskPlugin({
-  name: "EchoPlugin",
-  title: "测试插件",
-  desc: "test",
-})
-export class EchoPlugin implements ITaskPlugin {
-  @TaskInput({
-    title: "测试属性",
-    component: {
-      name: "text",
-    },
-  })
-  test?: string;
-
-  onInstance(): Promise<void> {
-    throw new Error("Method not implemented.");
-  }
-
-  async execute(): Promise<void> {
-    return Promise.resolve(undefined);
-  }
-}

packages/core/pipeline/src/registry/registry.ts

@@ -5,6 +5,7 @@ export type Registrable = {
   title: string;
   desc?: string;
   group?: string;
+  deprecated?: string;
 };
 
 export type RegistryItem<T> = {
@@ -67,6 +68,9 @@ export class Registry<T> {
     for (const key in this.storage) {
       const define = this.getDefine(key);
       if (define) {
+        if (define?.deprecated) {
+          continue;
+        }
         list.push({ ...define, key });
       }
     }

packages/core/pipeline/src/utils/index.ts

@@ -1,11 +1,28 @@
 import sleep from "./util.sleep.js";
-import { request } from "./util.request.js";
+import { http } from "./util.request.js";
+export * from "./util.request.js";
 export * from "./util.log.js";
 export * from "./util.file.js";
 export * from "./util.sp.js";
-export * as promises from "./util.promise.js";
+export * from "./util.promise.js";
 export * from "./util.hash.js";
+export * from "./util.merge.js";
+export * from "./util.cache.js";
+import { mergeUtils } from "./util.merge.js";
+import { sp } from "./util.sp.js";
+import { hashUtils } from "./util.hash.js";
+import { promises } from "./util.promise.js";
+import { fileUtils } from "./util.file.js";
+import _ from "lodash-es";
+import { cache } from "./util.cache.js";
 export const utils = {
   sleep,
-  http: request,
+  http,
+  sp,
+  hash: hashUtils,
+  promises,
+  file: fileUtils,
+  _,
+  mergeUtils,
+  cache,
 };

packages/core/pipeline/src/utils/util.cache.ts

@@ -0,0 +1,8 @@
+// LRUCache
+
+import { LRUCache } from "lru-cache";
+
+export const cache = new LRUCache<string, any>({
+  max: 1000,
+  ttl: 1000 * 60 * 10,
+});

packages/core/pipeline/src/utils/util.merge.ts

@@ -0,0 +1,64 @@
+import _ from "lodash-es";
+function isUnMergeable(srcValue: any) {
+  return srcValue != null && srcValue instanceof UnMergeable;
+}
+function isUnCloneable(value: any) {
+  return isUnMergeable(value) && !value.cloneable;
+}
+function merge(target: any, ...sources: any) {
+  /**
+   * 如果目标为不可合并对象，比如array、unMergeable、ref,则直接覆盖不合并
+   * @param objValue 被合并对象
+   * @param srcValue 来源对象
+   */
+  function customizer(objValue: any, srcValue: any) {
+    if (srcValue == null) {
+      return;
+    }
+    // 如果被合并对象为数组，则直接被覆盖对象覆盖，只要覆盖对象不为空
+    if (_.isArray(objValue)) {
+      //原对象如果是数组
+      return srcValue; //来源对象
+    }
+
+    if (isUnMergeable(srcValue)) {
+      return srcValue;
+    }
+  }
+
+  let found: any = null;
+  for (const item of sources) {
+    if (isUnMergeable(item)) {
+      found = item;
+    }
+  }
+  if (found) {
+    return found;
+  }
+  return _.mergeWith(target, ...sources, customizer);
+}
+
+function cloneDeep(target: any) {
+  if (isUnCloneable(target)) {
+    return target;
+  }
+  function customizer(value: any) {
+    if (isUnCloneable(value)) {
+      return value;
+    }
+  }
+
+  return _.cloneDeepWith(target, customizer);
+}
+export class UnMergeable {
+  cloneable = false;
+
+  setCloneable(cloneable: any) {
+    this.cloneable = cloneable;
+  }
+}
+
+export const mergeUtils = {
+  merge,
+  cloneDeep,
+};

packages/core/pipeline/src/utils/util.promise.ts

@@ -24,3 +24,8 @@ export function safePromise<T>(callback: (resolve: (ret: T) => void, reject: (re
     }
   });
 }
+
+export const promises = {
+  TimeoutPromise,
+  safePromise,
+};

packages/core/pipeline/src/utils/util.request.ts

@@ -1,41 +1,70 @@
-import axios from "axios";
+import axios, { AxiosRequestConfig } from "axios";
 import { logger } from "./util.log.js";
 import { Logger } from "log4js";
-
+import { HttpProxyAgent } from "http-proxy-agent";
+import { HttpsProxyAgent } from "https-proxy-agent";
+import nodeHttp from "http";
 export class HttpError extends Error {
-  request?: { url: string; method: string; data?: any };
-  response?: { data: any };
   status?: number;
   statusText?: string;
+  code?: string;
+  request?: { baseURL: string; url: string; method: string; params?: any; data?: any };
+  response?: { data: any };
+  cause?: any;
   constructor(error: any) {
     if (!error) {
       return;
     }
     super(error.message);
     this.name = error.name;
-    this.stack = error.stack;
-    this.status = error?.response?.status;
-    this.statusText = error?.response?.statusText;
+    this.code = error.code;
+    this.cause = error.cause;
+
+    this.status = error.response?.status;
+    this.statusText = error.response?.statusText;
     this.request = {
-      url: error?.response?.config?.url,
-      method: error?.response?.config?.method,
-      data: error?.response?.config?.data,
+      baseURL: error.config?.baseURL,
+      url: error.config?.url,
+      method: error.config?.method,
+      params: error.config?.params,
+      data: error.config?.data,
     };
     this.response = {
-      data: error?.response?.data,
+      data: error.response?.data,
     };
+
+    delete error.response;
+    delete error.config;
+    delete error.request;
+    // logger.error(error);
   }
 }
+
+export const HttpCommonError = HttpError;
 /**
  * @description 创建请求实例
  */
 export function createAxiosService({ logger }: { logger: Logger }) {
   // 创建一个 axios 实例
   const service = axios.create();
+
+  const defaultAgents = createAgent();
   // 请求拦截
   service.interceptors.request.use(
     (config: any) => {
-      logger.info(`http request:${config.url}，method:${config.method}`);
+      logger.info(`http request:${config.url}，method:${config.method}，params:${JSON.stringify(config.params)}`);
+      if (config.timeout == null) {
+        config.timeout = 15000;
+      }
+      let agents = defaultAgents;
+      if (config.skipSslVerify) {
+        logger.info("跳过SSL验证");
+        agents = createAgent({ rejectUnauthorized: false } as any);
+      }
+      delete config.skipSslVerify;
+      config.httpsAgent = agents.httpsAgent;
+      config.httpAgent = agents.httpAgent;
+
       return config;
     },
     (error: Error) => {
@@ -51,25 +80,54 @@ export function createAxiosService({ logger }: { logger: Logger }) {
       return response.data;
     },
     (error: any) => {
-      // const status = _.get(error, 'response.status')
-      // switch (status) {
-      //   case 400: error.message = '请求错误'; break
-      //   case 401: error.message = '未授权，请登录'; break
-      //   case 403: error.message = '拒绝访问'; break
-      //   case 404: error.message = `请求地址出错: ${error.response.config.url}`; break
-      //   case 408: error.message = '请求超时'; break
-      //   case 500: error.message = '服务器内部错误'; break
-      //   case 501: error.message = '服务未实现'; break
-      //   case 502: error.message = '网关错误'; break
-      //   case 503: error.message = '服务不可用'; break
-      //   case 504: error.message = '网关超时'; break
-      //   case 505: error.message = 'HTTP版本不受支持'; break
-      //   default: break
-      // }
+      const status = error.response?.status;
+      switch (status) {
+        case 400:
+          error.message = "请求错误";
+          break;
+        case 401:
+          error.message = "未授权，请登录";
+          break;
+        case 403:
+          error.message = "拒绝访问";
+          break;
+        case 404:
+          error.message = `请求地址出错: ${error.response.config.url}`;
+          break;
+        case 408:
+          error.message = "请求超时";
+          break;
+        case 500:
+          error.message = "服务器内部错误";
+          break;
+        case 501:
+          error.message = "服务未实现";
+          break;
+        case 502:
+          error.message = "网关错误";
+          break;
+        case 503:
+          error.message = "服务不可用";
+          break;
+        case 504:
+          error.message = "网关超时";
+          break;
+        case 505:
+          error.message = "HTTP版本不受支持";
+          break;
+        default:
+          break;
+      }
       logger.error(
-        `请求出错：status:${error?.response?.status},statusText:${error?.response?.statusText},url:${error?.config?.url},method:${error?.config?.method}。`
+        `请求出错：status:${error.response?.status},statusText:${error.response?.statusText},url:${error.config?.url},method:${error.config?.method}。`
       );
-      logger.error("返回数据:", JSON.stringify(error?.response?.data));
+      logger.error("返回数据:", JSON.stringify(error.response?.data));
+      if (error.response?.data) {
+        error.message = error.response.data.message || error.response.data.msg || error.response.data.error || error.response.data;
+      }
+      if (error instanceof AggregateError) {
+        logger.error("AggregateError", error);
+      }
       const err = new HttpError(error);
       return Promise.reject(err);
     }
@@ -77,4 +135,29 @@ export function createAxiosService({ logger }: { logger: Logger }) {
   return service;
 }
 
-export const request = createAxiosService({ logger });
+export const http = createAxiosService({ logger }) as HttpClient;
+export type HttpClientResponse<R> = any;
+export type HttpRequestConfig<D> = {
+  skipSslVerify?: boolean;
+  skipCheckRes?: boolean;
+} & AxiosRequestConfig<D>;
+export type HttpClient = {
+  request<D = any, R = any>(config: HttpRequestConfig<D>): Promise<HttpClientResponse<R>>;
+};
+
+export function createAgent(opts: nodeHttp.AgentOptions = {}) {
+  let httpAgent, httpsAgent;
+  const httpProxy = process.env.HTTP_PROXY || process.env.http_proxy;
+  if (httpProxy) {
+    httpAgent = new HttpProxyAgent(httpProxy, opts as any);
+  }
+  const httpsProxy = process.env.HTTPS_PROXY || process.env.https_proxy;
+  if (httpsProxy) {
+    httpsAgent = new HttpsProxyAgent(httpsProxy, opts as any);
+  }
+
+  return {
+    httpAgent,
+    httpsAgent,
+  };
+}

packages/core/pipeline/test/echo-plugin.ts

@@ -1,27 +0,0 @@
-import { Autowire, IsTaskPlugin, ITaskPlugin, TaskInput, TaskOutput } from "../src";
-
-@IsTaskPlugin({
-  name: "EchoPlugin",
-  title: "测试插件【echo】",
-})
-export class EchoPlugin implements ITaskPlugin {
-  @TaskInput({
-    title: "cert",
-    component: {
-      name: "pi-output-selector",
-    },
-    helper: "输出选择",
-  })
-  cert!: any;
-
-  @TaskOutput({
-    title: "cert info",
-  })
-  certInfo!: any;
-
-  // eslint-disable-next-line @typescript-eslint/no-empty-function
-  async onInstance(): Promise<void> {}
-  async execute(): Promise<void> {
-    console.log("input :cert", this.cert);
-  }
-}

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,30 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.24.3](https://github.com/certd/certd/compare/v1.24.2...v1.24.3) (2024-09-06)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.24.2](https://github.com/certd/certd/compare/v1.24.1...v1.24.2) (2024-09-06)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,20 +1,21 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.24.2",
+  "version": "1.25.9",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
   "scripts": {
     "dev": "vite",
-    "build": "rollup -c ",
+    "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
+    "build": "npm run before-build && rollup -c ",
     "build2": "vue-tsc --noEmit && vite build",
     "preview": "vite preview"
   },
   "dependencies": {
-    "@certd/pipeline": "1.21.0",
     "axios": "^1.7.2",
+    "rimraf": "^5.0.5",
     "rollup": "^3.7.4"
   },
-  "gitHead": "bef6b981e26a010a797734e508de6822de8564f5"
+  "gitHead": "f548fe70117c7b56f40c66a3021e63b6cb264fb3"
 }

packages/libs/lib-iframe/.eslintrc

@@ -0,0 +1,23 @@
+{
+  "parser": "@typescript-eslint/parser",
+  "plugins": [
+    "@typescript-eslint"
+  ],
+  "extends": [
+    "plugin:@typescript-eslint/recommended",
+    "plugin:prettier/recommended",
+    "prettier"
+  ],
+  "env": {
+    "mocha": true
+  },
+  "rules": {
+    "@typescript-eslint/no-var-requires": "off",
+    "@typescript-eslint/ban-ts-comment": "off",
+    "@typescript-eslint/ban-ts-ignore": "off",
+    "@typescript-eslint/no-explicit-any": "off",
+    "@typescript-eslint/no-empty-function": "off",
+//    "no-unused-expressions": "off",
+    "max-len": [0, 160, 2, { "ignoreUrls": true }]
+  }
+}

packages/libs/lib-iframe/.gitignore

@@ -0,0 +1,28 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+lerna-debug.log*
+
+node_modules
+dist
+dist-ssr
+*.local
+
+# Editor directories and files
+.vscode/*
+!.vscode/extensions.json
+.idea
+.DS_Store
+*.suo
+*.ntvs*
+*.njsproj
+*.sln
+*.sw?
+
+src/test/user.secret.ts
+
+src/**/*.js

packages/libs/lib-iframe/.npmignore

@@ -0,0 +1,2 @@
+node_modules
+src

packages/libs/lib-iframe/.prettierrc

@@ -0,0 +1,7 @@
+{
+  "printWidth": 160,
+  "bracketSpacing": true,
+  "singleQuote": true,
+  "trailingComma": "es5",
+  "arrowParens": "avoid"
+}

packages/libs/lib-iframe/CHANGELOG.md

@@ -0,0 +1,109 @@
+# Change Log
+
+All notable changes to this project will be documented in this file.
+See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
+
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+### Performance Improvements
+
+* 部署支持1Panel ([d047234](https://github.com/certd/certd/commit/d047234d98d31504f2e5a472b66e1b75806af26e))
+
+## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.4](https://github.com/certd/certd/compare/v1.25.3...v1.25.4) (2024-09-25)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.3](https://github.com/certd/certd/compare/v1.25.2...v1.25.3) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.2](https://github.com/certd/certd/compare/v1.25.1...v1.25.2) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.1](https://github.com/certd/certd/compare/v1.25.0...v1.25.1) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.25.0](https://github.com/certd/certd/compare/v1.24.4...v1.25.0) (2024-09-24)
+
+### Features
+
+* 支持vip转移 ([361e8fe](https://github.com/certd/certd/commit/361e8fe7ae5877e23fd5de31bc919bedd09c57f5))
+
+## [1.24.4](https://github.com/certd/certd/compare/v1.24.3...v1.24.4) (2024-09-09)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.24.3](https://github.com/certd/certd/compare/v1.24.2...v1.24.3) (2024-09-06)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.24.2](https://github.com/certd/certd/compare/v1.24.1...v1.24.2) (2024-09-06)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.24.1](https://github.com/certd/certd/compare/v1.24.0...v1.24.1) (2024-09-02)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+# [1.24.0](https://github.com/certd/certd/compare/v1.23.1...v1.24.0) (2024-08-25)
+
+### Performance Improvements
+
+* 更新k8s底层api库 ([746bb9d](https://github.com/certd/certd/commit/746bb9d385e2f397daef4976eca1d4782a2f5ebd))
+
+## [1.23.1](https://github.com/certd/certd/compare/v1.23.0...v1.23.1) (2024-08-06)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.22.8](https://github.com/certd/certd/compare/v1.22.7...v1.22.8) (2024-08-05)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.22.7](https://github.com/certd/certd/compare/v1.22.6...v1.22.7) (2024-08-04)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.22.6](https://github.com/certd/certd/compare/v1.22.5...v1.22.6) (2024-08-03)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.22.5](https://github.com/certd/certd/compare/v1.22.4...v1.22.5) (2024-07-26)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.22.3](https://github.com/certd/certd/compare/v1.22.2...v1.22.3) (2024-07-25)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.22.2](https://github.com/certd/certd/compare/v1.22.1...v1.22.2) (2024-07-23)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.22.1](https://github.com/certd/certd/compare/v1.22.0...v1.22.1) (2024-07-20)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+# [1.22.0](https://github.com/certd/certd/compare/v1.21.2...v1.22.0) (2024-07-19)
+
+### Features
+
+* 升级midway，支持esm ([485e603](https://github.com/certd/certd/commit/485e603b5165c28bc08694997726eaf2a585ebe7))
+* 支持postgresql ([3b19bfb](https://github.com/certd/certd/commit/3b19bfb4291e89064b3b407a80dae092d54747d5))

packages/libs/lib-iframe/README.md

@@ -0,0 +1,16 @@
+# Vue 3 + TypeScript + Vite
+
+This template should help get you started developing with Vue 3 and TypeScript in Vite. The template uses Vue 3 `<script setup>` SFCs, check out the [script setup docs](https://v3.vuejs.org/api/sfc-script-setup.html#sfc-script-setup) to learn more.
+
+## Recommended IDE Setup
+
+- [VS Code](https://code.visualstudio.com/) + [Volar](https://marketplace.visualstudio.com/items?itemName=Vue.volar)
+
+## Type Support For `.vue` Imports in TS
+
+Since TypeScript cannot handle type information for `.vue` imports, they are shimmed to be a generic Vue component type by default. In most cases this is fine if you don't really care about component prop types outside of templates. However, if you wish to get actual prop types in `.vue` imports (for example to get props validation when using manual `h(...)` calls), you can enable Volar's Take Over mode by following these steps:
+
+1. Run `Extensions: Show Built-in Extensions` from VS Code's command palette, look for `TypeScript and JavaScript Language Features`, then right click and select `Disable (Workspace)`. By default, Take Over mode will enable itself if the default TypeScript extension is disabled.
+2. Reload the VS Code window by running `Developer: Reload Window` from the command palette.
+
+You can learn more about Take Over mode [here](https://github.com/johnsoncodehk/volar/discussions/471).

packages/libs/lib-iframe/fix-esm-import-paths.js

@@ -0,0 +1,96 @@
+import * as fs from "fs";
+import * as path from "path";
+
+// https://gist.github.com/lovasoa/8691344
+async function* walk(dir) {
+  for await (const d of await fs.promises.opendir(dir)) {
+    const entry = path.join(dir, d.name);
+    if (d.isDirectory()) {
+      yield* walk(entry);
+    } else if (d.isFile()) {
+      yield entry;
+    }
+  }
+}
+
+function resolveImportPath(sourceFile, importPath, options) {
+  const sourceFileAbs = path.resolve(process.cwd(), sourceFile);
+  const root = path.dirname(sourceFileAbs);
+  const { moduleFilter = defaultModuleFilter } = options;
+
+  if (moduleFilter(importPath)) {
+    const importPathAbs = path.resolve(root, importPath);
+    let possiblePath = [path.resolve(importPathAbs, "./index.ts"), path.resolve(importPathAbs, "./index.js"), importPathAbs + ".ts", importPathAbs + ".js"];
+
+    if (possiblePath.length) {
+      for (let i = 0; i < possiblePath.length; i++) {
+        let entry = possiblePath[i];
+        if (fs.existsSync(entry)) {
+          const resolved = path.relative(root, entry.replace(/\.ts$/, ".js"));
+
+          if (!resolved.startsWith(".")) {
+            return "./" + resolved;
+          }
+
+          return resolved;
+        }
+      }
+    }
+  }
+
+  return null;
+}
+
+function replace(filePath, outFilePath, options) {
+  const code = fs.readFileSync(filePath).toString();
+  const newCode = code.replace(/(import|export) (.+?) from ('[^\n']+'|"[^\n"]+");/gs, function (found, action, imported, from) {
+    const importPath = from.slice(1, -1);
+    let resolvedPath = resolveImportPath(filePath, importPath, options);
+
+    if (resolvedPath) {
+      resolvedPath = resolvedPath.replaceAll("\\", "/");
+      console.log("\t", importPath, resolvedPath);
+      return `${action} ${imported} from "${resolvedPath}";`;
+    }
+
+    return found;
+  });
+
+  if (code !== newCode) {
+    fs.writeFileSync(outFilePath, newCode);
+  }
+}
+
+// Then, use it with a simple async for loop
+async function run(srcDir, options = defaultOptions) {
+  const { sourceFileFilter = defaultSourceFileFilter } = options;
+
+  for await (const entry of walk(srcDir)) {
+    if (sourceFileFilter(entry)) {
+      console.log(entry);
+      replace(entry, entry, options);
+    }
+  }
+}
+
+const defaultSourceFileFilter = function (sourceFilePath) {
+  return /\.(js|ts)$/.test(sourceFilePath) && !/node_modules/.test(sourceFilePath);
+};
+
+const defaultModuleFilter = function (importedModule) {
+  return !path.isAbsolute(importedModule) && !importedModule.startsWith("@") && !importedModule.endsWith(".js");
+};
+
+const defaultOptions = {
+  sourceFileFilter: defaultSourceFileFilter,
+  moduleFilter: defaultModuleFilter,
+};
+
+// Switch this to test on one file or directly run on a directory.
+const DEBUG = false;
+
+if (DEBUG) {
+  replace("./src/index.ts", "./out.ts", defaultOptions);
+} else {
+  await run("./src/", defaultOptions);
+}

packages/libs/lib-iframe/package.json

@@ -0,0 +1,42 @@
+{
+  "name": "@certd/lib-iframe",
+  "private": false,
+  "version": "1.25.9",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "scripts": {
+    "dev": "vite",
+    "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
+    "build": "npm run before-build && tsc --skipLibCheck",
+    "build3": "rollup -c",
+    "build2": "vue-tsc --noEmit && vite build",
+    "preview": "vite preview"
+  },
+  "dependencies": {
+    "nanoid": "^4.0.0"
+  },
+  "devDependencies": {
+    "@rollup/plugin-commonjs": "^23.0.4",
+    "@rollup/plugin-json": "^6.0.0",
+    "@rollup/plugin-node-resolve": "^15.0.1",
+    "@rollup/plugin-terser": "^0.4.3",
+    "@rollup/plugin-typescript": "^11.0.0",
+    "@types/chai": "^4.3.3",
+    "@typescript-eslint/eslint-plugin": "^5.38.1",
+    "@typescript-eslint/parser": "^5.38.1",
+    "eslint": "^8.24.0",
+    "eslint-config-prettier": "^8.5.0",
+    "eslint-plugin-import": "^2.26.0",
+    "eslint-plugin-node": "^11.1.0",
+    "eslint-plugin-prettier": "^4.2.1",
+    "prettier": "^2.8.8",
+    "rimraf": "^5.0.5",
+    "rollup": "^3.7.4",
+    "rollup-plugin-visualizer": "^5.8.2",
+    "ts-node": "^10.9.1",
+    "tslib": "^2.5.2",
+    "typescript": "^5.4.2"
+  },
+  "gitHead": "f548fe70117c7b56f40c66a3021e63b6cb264fb3"
+}

packages/libs/lib-iframe/src/index.ts

@@ -0,0 +1 @@
+export * from './lib/iframe.client.js';

packages/libs/lib-iframe/src/lib/iframe.client.ts

@@ -0,0 +1,122 @@
+import { nanoid } from 'nanoid';
+
+export type IframeMessageData<T> = {
+  action: string;
+  id: string;
+  data?: T;
+  replyId?: string;
+  errorCode?: number; //0为成功
+  message?: string;
+};
+
+export type IframeMessageReq<T = any, R = any> = {
+  req: IframeMessageData<T>;
+  onReply: (data: IframeMessageData<R>) => void;
+};
+
+export class IframeException extends Error {
+  code?: number = 0;
+  constructor(data: IframeMessageData<any>) {
+    super(data.message);
+    this.code = data.errorCode;
+  }
+}
+
+export class IframeClient {
+  requestQueue: Record<string, IframeMessageReq> = {};
+  //当前客户端是否是父级页面
+  iframe?: HTMLIFrameElement;
+  onError?: any;
+
+  handlers: Record<string, (data: IframeMessageData<any>) => Promise<void>> = {};
+  constructor(iframe?: HTMLIFrameElement, onError?: (e: any) => void) {
+    this.iframe = iframe;
+    this.onError = onError;
+    window.addEventListener('message', async (event: MessageEvent<IframeMessageData<any>>) => {
+      const data = event.data;
+      if (data.action) {
+        console.log(`收到消息[isSub:${this.isInFrame()}]`, data);
+        try {
+          const handler = this.handlers[data.action];
+          if (handler) {
+            const res = await handler(data);
+            if (data.id && data.action !== 'reply') {
+              await this.send('reply', res, data.id);
+            }
+          } else {
+            throw new Error(`action:${data.action} 未注册处理器，可能版本过低`);
+          }
+        } catch (e: any) {
+          console.error(e);
+          await this.send('reply', {}, data.id, 500, e.message);
+        }
+      }
+    });
+
+    this.register('reply', async data => {
+      const req = this.requestQueue[data.replyId!];
+      if (req) {
+        req.onReply(data);
+        delete this.requestQueue[data.replyId!];
+      }
+    });
+  }
+  isInFrame() {
+    return window.self !== window.top;
+  }
+
+  register<T = any>(action: string, handler: (data: IframeMessageData<T>) => Promise<void>) {
+    this.handlers[action] = handler;
+  }
+
+  async send<R = any, T = any>(action: string, data?: T, replyId?: string, errorCode?: number, message?: string): Promise<IframeMessageData<R>> {
+    try {
+      return await this.doSend<R, T>(action, data, replyId, errorCode, message);
+    } catch (e) {
+      if (this.onError) {
+        this.onError(e);
+      }
+      throw e;
+    }
+  }
+
+  async doSend<R = any, T = any>(action: string, data?: T, replyId?: string, errorCode?: number, message?: string): Promise<IframeMessageData<R>> {
+    const reqMessageData: IframeMessageData<T> = {
+      id: nanoid(),
+      action,
+      data,
+      replyId,
+      errorCode,
+      message,
+    };
+
+    return new Promise((resolve, reject) => {
+      const onReply = (reply: IframeMessageData<R>) => {
+        if (reply.errorCode && reply.errorCode > 0) {
+          reject(new IframeException(reply));
+          return;
+        }
+        resolve(reply);
+      };
+      this.requestQueue[reqMessageData.id] = {
+        req: reqMessageData,
+        onReply,
+      };
+      try {
+        console.log(`send message[isSub:${this.isInFrame()}]:`, reqMessageData);
+        if (!this.iframe) {
+          if (!window.parent) {
+            reject('当前页面不在 iframe 中');
+          }
+          window.parent.postMessage(reqMessageData, '*');
+        } else {
+          //子页面
+          this.iframe.contentWindow?.postMessage(reqMessageData, '*');
+        }
+      } catch (e) {
+        console.error(e);
+        reject(e);
+      }
+    });
+  }
+}

packages/libs/lib-iframe/tsconfig.json

@@ -0,0 +1,41 @@
+{
+  "compileOnSave": true,
+  "compilerOptions": {
+    "target": "ESNext",
+    "module": "ESNext",
+    "moduleResolution": "node",
+    "esModuleInterop": true,
+    "experimentalDecorators": true,
+    "emitDecoratorMetadata": true,
+    "inlineSourceMap":true,
+    "noImplicitThis": true,
+    "noUnusedLocals": true,
+    "stripInternal": true,
+    "skipLibCheck": true,
+    "pretty": true,
+    "declaration": true,
+    "forceConsistentCasingInFileNames": true,
+    "typeRoots": [ "./typings", "./node_modules/@types"],
+    "outDir": "dist",
+    "rootDir": "src",
+    "composite": true,
+    "useDefineForClassFields": true,
+    "strict": false,
+//    "sourceMap": true,
+    "resolveJsonModule": true,
+    "isolatedModules": true,
+    "lib": ["ESNext", "DOM"],
+  },
+  "include": [
+    "src/**/*.ts",
+    "src/**/*.d.ts",
+    "src/**/*.json"
+  ],
+  "exclude": [
+    "*.js",
+    "*.ts",
+    "dist",
+    "node_modules",
+    "src/test"
+  ],
+}

packages/libs/lib-jdcloud/.eslintrc

@@ -0,0 +1,23 @@
+{
+  "parser": "@typescript-eslint/parser",
+  "plugins": [
+    "@typescript-eslint"
+  ],
+  "extends": [
+    "plugin:@typescript-eslint/recommended",
+    "plugin:prettier/recommended",
+    "prettier"
+  ],
+  "env": {
+    "mocha": true
+  },
+  "rules": {
+    "@typescript-eslint/no-var-requires": "off",
+    "@typescript-eslint/ban-ts-comment": "off",
+    "@typescript-eslint/ban-ts-ignore": "off",
+    "@typescript-eslint/no-explicit-any": "off",
+    "@typescript-eslint/no-empty-function": "off",
+//    "no-unused-expressions": "off",
+    "max-len": [0, 160, 2, { "ignoreUrls": true }]
+  }
+}

packages/libs/lib-jdcloud/.gitignore

@@ -0,0 +1,28 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+lerna-debug.log*
+
+node_modules
+dist
+dist-ssr
+*.local
+
+# Editor directories and files
+.vscode/*
+!.vscode/extensions.json
+.idea
+.DS_Store
+*.suo
+*.ntvs*
+*.njsproj
+*.sln
+*.sw?
+
+test/user.secret.ts
+
+.rollup.cache

packages/libs/lib-jdcloud/.npmignore

@@ -0,0 +1,3 @@
+node_modules
+src
+.rollup.cache

packages/libs/lib-jdcloud/.prettierrc

@@ -0,0 +1,3 @@
+{
+  "printWidth": 160
+}

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -0,0 +1,67 @@
+# Change Log
+
+All notable changes to this project will be documented in this file.
+See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
+
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.4](https://github.com/certd/certd/compare/v1.25.3...v1.25.4) (2024-09-25)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.3](https://github.com/certd/certd/compare/v1.25.2...v1.25.3) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.2](https://github.com/certd/certd/compare/v1.25.1...v1.25.2) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.1](https://github.com/certd/certd/compare/v1.25.0...v1.25.1) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+# [1.25.0](https://github.com/certd/certd/compare/v1.24.4...v1.25.0) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.24.3](https://github.com/certd/certd/compare/v1.24.2...v1.24.3) (2024-09-06)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.24.2](https://github.com/certd/certd/compare/v1.24.1...v1.24.2) (2024-09-06)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.24.1](https://github.com/certd/certd/compare/v1.24.0...v1.24.1) (2024-09-02)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.22.1](https://github.com/certd/certd/compare/v1.22.0...v1.22.1) (2024-07-20)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.22.0](https://github.com/certd/certd/compare/v1.21.2...v1.22.0) (2024-07-19)
+
+### Features
+
+* 升级midway，支持esm ([485e603](https://github.com/certd/certd/commit/485e603b5165c28bc08694997726eaf2a585ebe7))
+* 支持postgresql ([3b19bfb](https://github.com/certd/certd/commit/3b19bfb4291e89064b3b407a80dae092d54747d5))

packages/libs/lib-jdcloud/README.md

@@ -0,0 +1,16 @@
+# Vue 3 + TypeScript + Vite
+
+This template should help get you started developing with Vue 3 and TypeScript in Vite. The template uses Vue 3 `<script setup>` SFCs, check out the [script setup docs](https://v3.vuejs.org/api/sfc-script-setup.html#sfc-script-setup) to learn more.
+
+## Recommended IDE Setup
+
+- [VS Code](https://code.visualstudio.com/) + [Volar](https://marketplace.visualstudio.com/items?itemName=Vue.volar)
+
+## Type Support For `.vue` Imports in TS
+
+Since TypeScript cannot handle type information for `.vue` imports, they are shimmed to be a generic Vue component type by default. In most cases this is fine if you don't really care about component prop types outside of templates. However, if you wish to get actual prop types in `.vue` imports (for example to get props validation when using manual `h(...)` calls), you can enable Volar's Take Over mode by following these steps:
+
+1. Run `Extensions: Show Built-in Extensions` from VS Code's command palette, look for `TypeScript and JavaScript Language Features`, then right click and select `Disable (Workspace)`. By default, Take Over mode will enable itself if the default TypeScript extension is disabled.
+2. Reload the VS Code window by running `Developer: Reload Window` from the command palette.
+
+You can learn more about Take Over mode [here](https://github.com/johnsoncodehk/volar/discussions/471).

packages/libs/lib-jdcloud/fix-esm-import-paths.js

@@ -0,0 +1,96 @@
+import * as fs from "fs";
+import * as path from "path";
+
+// https://gist.github.com/lovasoa/8691344
+async function* walk(dir) {
+  for await (const d of await fs.promises.opendir(dir)) {
+    const entry = path.join(dir, d.name);
+    if (d.isDirectory()) {
+      yield* walk(entry);
+    } else if (d.isFile()) {
+      yield entry;
+    }
+  }
+}
+
+function resolveImportPath(sourceFile, importPath, options) {
+  const sourceFileAbs = path.resolve(process.cwd(), sourceFile);
+  const root = path.dirname(sourceFileAbs);
+  const { moduleFilter = defaultModuleFilter } = options;
+
+  if (moduleFilter(importPath)) {
+    const importPathAbs = path.resolve(root, importPath);
+    let possiblePath = [path.resolve(importPathAbs, "./index.ts"), path.resolve(importPathAbs, "./index.js"), importPathAbs + ".ts", importPathAbs + ".js"];
+
+    if (possiblePath.length) {
+      for (let i = 0; i < possiblePath.length; i++) {
+        let entry = possiblePath[i];
+        if (fs.existsSync(entry)) {
+          const resolved = path.relative(root, entry.replace(/\.ts$/, ".js"));
+
+          if (!resolved.startsWith(".")) {
+            return "./" + resolved;
+          }
+
+          return resolved;
+        }
+      }
+    }
+  }
+
+  return null;
+}
+
+function replace(filePath, outFilePath, options) {
+  const code = fs.readFileSync(filePath).toString();
+  const newCode = code.replace(/(import|export) (.+?) from ('[^\n']+'|"[^\n"]+");/gs, function (found, action, imported, from) {
+    const importPath = from.slice(1, -1);
+    let resolvedPath = resolveImportPath(filePath, importPath, options);
+
+    if (resolvedPath) {
+      resolvedPath = resolvedPath.replaceAll("\\", "/");
+      console.log("\t", importPath, resolvedPath);
+      return `${action} ${imported} from "${resolvedPath}";`;
+    }
+
+    return found;
+  });
+
+  if (code !== newCode) {
+    fs.writeFileSync(outFilePath, newCode);
+  }
+}
+
+// Then, use it with a simple async for loop
+async function run(srcDir, options = defaultOptions) {
+  const { sourceFileFilter = defaultSourceFileFilter } = options;
+
+  for await (const entry of walk(srcDir)) {
+    if (sourceFileFilter(entry)) {
+      console.log(entry);
+      replace(entry, entry, options);
+    }
+  }
+}
+
+const defaultSourceFileFilter = function (sourceFilePath) {
+  return /\.(js|ts)$/.test(sourceFilePath) && !/node_modules/.test(sourceFilePath);
+};
+
+const defaultModuleFilter = function (importedModule) {
+  return !path.isAbsolute(importedModule) && !importedModule.startsWith("@") && !importedModule.endsWith(".js");
+};
+
+const defaultOptions = {
+  sourceFileFilter: defaultSourceFileFilter,
+  moduleFilter: defaultModuleFilter,
+};
+
+// Switch this to test on one file or directly run on a directory.
+const DEBUG = false;
+
+if (DEBUG) {
+  replace("./src/index.ts", "./out.ts", defaultOptions);
+} else {
+  await run("./src/", defaultOptions);
+}

packages/libs/lib-jdcloud/package.json

@@ -0,0 +1,31 @@
+{
+  "name": "@certd/lib-jdcloud",
+  "private": false,
+  "version": "1.25.9",
+  "main": "./dist/bundle.mjs",
+  "module": "./dist/bundle.mjs",
+  "types": "./dist/d/index.d.ts",
+  "scripts": {
+    "dev": "vite",
+    "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
+    "build": "npm run before-build && rollup -c ",
+    "build2": "vue-tsc --noEmit && vite build",
+    "preview": "vite preview"
+  },
+  "dependencies": {
+    "axios": "^1.7.2",
+    "buffer": "^5.0.8",
+    "create-hash": "^1.1.3",
+    "create-hmac": "^1.1.6",
+    "debug": "^3.1.0",
+    "node-fetch": "^2.1.2",
+    "url": "^0.11.0",
+    "uuid": "^3.1.0"
+  },
+  "devDependencies": {
+    "babel-register": "^6.26.0",
+    "rimraf": "^5.0.5",
+    "rollup": "^3.7.4"
+  },
+  "gitHead": "f548fe70117c7b56f40c66a3021e63b6cb264fb3"
+}

packages/libs/lib-jdcloud/rollup.config.js

@@ -0,0 +1,40 @@
+const resolve = require("@rollup/plugin-node-resolve");
+const commonjs = require("@rollup/plugin-commonjs");
+//const Typescript = require("rollup-plugin-typescript2");
+const Typescript = require("@rollup/plugin-typescript");
+const json = require("@rollup/plugin-json");
+const terser = require("@rollup/plugin-terser");
+module.exports = {
+  input: "src/index.js",
+  output: {
+    file: "dist/bundle.mjs",
+    format: "es",
+  },
+  plugins: [
+    // 解析第三方依赖
+    resolve({
+      jsnext: true,
+      main: true,
+      browser: true,
+    }),
+    // 识别 commonjs 模式第三方依赖
+    commonjs({
+      // dynamicRequireRoot: "../../../../",
+      // dynamicRequireTargets: [
+      //   // include using a glob pattern (either a string or an array of strings)
+      //   "../../../../**/shelljs/src/*",
+      // ],
+    }),
+    // Typescript({
+    //   target: "esnext",
+    //   rootDir: "src",
+    //   declaration: true,
+    //   declarationDir: "dist/d",
+    //   exclude: ["./node_modules/**", "./src/**/*.vue", "./src/**/*.spec.ts"],
+    //   allowSyntheticDefaultImports: true,
+    // }),
+    json(),
+    terser(),
+  ],
+  external: ["vue", "lodash-es", "dayjs", "log4js", "@midwayjs/core", "@certd/pipeline", "axios", "querystring"],
+};

packages/libs/lib-jdcloud/src/global.js

@@ -0,0 +1,2 @@
+require('./lib/node_loader')
+module.exports = require('./lib/core')

packages/libs/lib-jdcloud/src/index.js

@@ -0,0 +1 @@
+module.exports.DomainService = require("./repo/domainservice/v2/domainservice.js");

packages/libs/lib-jdcloud/src/jdcloud.js

@@ -0,0 +1 @@
+module.exports = require('./lib/jc')

packages/libs/lib-jdcloud/src/lib/browser.js

@@ -0,0 +1,4 @@
+require("babel-polyfill");
+require("./browser_loader");
+var JC = require("./core");
+module.exports = JC;

packages/libs/lib-jdcloud/src/lib/browser_loader.js

@@ -0,0 +1,13 @@
+var util = require('./util')
+util.crypto.lib = {
+  createHash: require('create-hash'),
+  createHmac: require('create-hmac')
+}
+util.Buffer = require('buffer/').Buffer
+util.url = require('url/')
+util.querystring = require('querystring/')
+util.environment = 'js'
+
+var JC = require('./core')
+
+module.exports = JC

packages/libs/lib-jdcloud/src/lib/common.js

@@ -0,0 +1,6 @@
+require('./core')
+
+require('./config')
+require('./request')
+require('./service')
+require('./credentials')

packages/libs/lib-jdcloud/src/lib/config.js

@@ -0,0 +1,78 @@
+var JDCloud = require('./core')
+
+let defaultValues = {
+  credentials: null,
+  regionId: null,
+  apiVersions: null,
+  endpoint: {},
+  version: {},
+  logger: function (string, level = 'INFO') {
+    // level: INFO / DEBUG / ERROR / WARN
+    console.log(string)
+  }
+}
+JDCloud.Config = class Config {
+  constructor (options = {}) {
+    options = this.extractCredentials(options)
+
+    JDCloud.util.each.call(this, defaultValues, function (key, value) {
+      if (options[key] === undefined) {
+        this[key] = value
+      } else {
+        this[key] = options[key]
+      }
+    })
+    JDCloud.util.each.call(this, JDCloud.Service._services, function (
+      key,
+      value
+    ) {
+      if (options[key] !== undefined) {
+        this[key] = options[key]
+      }
+    })
+  }
+
+  extractCredentials (options) {
+    if (options.accessKeyId && options.secretAccessKey) {
+      options = Object.assign({}, options)
+      options.credentials = new JDCloud.Credentials(options)
+    }
+    return options
+  }
+
+  getCredentials () {
+    var p = new Promise((resolve, reject) => {
+      if (this.credentials) {
+        if (typeof this.credentials.get === 'function') {
+        } else if (
+          this.credentials.accessKeyId &&
+          this.credentials.secretAccessKey
+        ) {
+          resolve()
+        } else {
+          reject(new Error('missing credentials'))
+        }
+      } else if (this.credentialProvider) {
+      } else {
+        reject(new Error('get credentials failed'))
+      }
+    })
+
+    return p
+  }
+
+  update (options, allowUnknownKeys = false) {
+    options = this.extractCredentials(options)
+    JDCloud.util.each.call(this, options, function (key, value) {
+      if (
+        allowUnknownKeys ||
+        defaultValues.hasOwnProperty(key) ||
+        JDCloud.Service.hasService(key)
+      ) {
+        this[key] = options[key]
+      }
+    })
+  }
+}
+
+JDCloud.config = new JDCloud.Config()

packages/libs/lib-jdcloud/src/lib/core.js

@@ -0,0 +1,12 @@
+var JDCloud = {
+  util: require("./util"),
+  // todo swaggerVar
+  VERSION: "",
+  fetch: require("node-fetch"),
+};
+
+module.exports = JDCloud;
+
+require("./service");
+require("./config");
+require("./request");

packages/libs/lib-jdcloud/src/lib/credentials.js

@@ -0,0 +1,21 @@
+var JDCloud = require('./core')
+
+JDCloud.Credentials = class Credentials {
+  constructor () {
+    this.expired = false
+    this.expireTime = null
+
+    if (arguments.length === 1 && typeof arguments[0] === 'object') {
+      var creds = arguments[0].credentials || arguments[0]
+      this.accessKeyId = creds.accessKeyId
+      this.secretAccessKey = creds.secretAccessKey
+      this.sessionToken = creds.sessionToken
+    } else {
+      this.accessKeyId = arguments[0]
+      this.secretAccessKey = arguments[1]
+      this.sessionToken = arguments[2]
+    }
+  }
+}
+
+module.exports = JDCloud.Credentials

packages/libs/lib-jdcloud/src/lib/jc.js

@@ -0,0 +1,3 @@
+require('./node_loader')
+var JDCloud = require('./core')
+module.exports = JDCloud

packages/libs/lib-jdcloud/src/lib/node_loader.js

@@ -0,0 +1,12 @@
+var util = require('./util')
+
+util.crypto.lib = require('crypto')
+util.Buffer = require('buffer').Buffer
+util.url = require('url')
+util.querystring = require('querystring')
+util.environment = 'nodejs'
+let JDCloud = require('./core')
+JDCloud.fetch = require('node-fetch')
+module.exports = JDCloud
+
+require('./credentials')

packages/libs/lib-jdcloud/src/lib/request.js

@@ -0,0 +1,137 @@
+var JDCloud = require("./core");
+
+let util = JDCloud.util;
+JDCloud.JCRequest = class JCRequest {
+  constructor(service, path, httpMethod, pathParams, queryParams, headerParams, formParams, postBody, contentTypes, accepts, returnType) {
+    this.service = service;
+
+    var endpoint = service.config.endpoint;
+    pathParams.regionId = pathParams.regionId || service.config.regionId;
+    this.regionId = pathParams.regionId;
+
+    this.path = this.buildPath(path, pathParams);
+    this.path = util.uriEscapePath(this.path);
+
+    var queryString = this.buildQuery(queryParams);
+
+    var url = this.path;
+    if (queryString) {
+      url = this.path + "?" + queryString;
+    }
+
+    var contentType = this.jsonPreferredMime(contentTypes) || "application/json";
+    headerParams["content-type"] = contentType;
+    var requestHeaders = this.buildHeaders(headerParams);
+
+    var requestInit = {
+      method: httpMethod || "GET",
+      headers: requestHeaders,
+    };
+
+    if (contentType === "application/x-www-form-urlencoded") {
+    } else if (contentType === "multipart/form-data") {
+    } else if (postBody) {
+      requestInit.body = JSON.stringify(postBody);
+    }
+    var fetchUrl = endpoint.protocol + "://" + endpoint.host + url;
+    JDCloud.config.logger(`make request where url is :${fetchUrl} \nwith fetch config:${JSON.stringify(requestInit)}`);
+    this.request = new JDCloud.fetch.Request(fetchUrl, requestInit);
+    this.request.bodyCache = requestInit.body;
+  }
+
+  buildPath(path, pathParams) {
+    var uri = (this.service.config.basePath || "") + path;
+    uri = uri.replace(/\{([\w-]+)\}/g, (fullMatch, key) => {
+      var value;
+      if (pathParams.hasOwnProperty(key)) {
+        value = pathParams[key];
+      } else {
+        value = fullMatch;
+      }
+      return value;
+    });
+    return uri;
+  }
+
+  buildQuery(queryParams) {
+    var queryParamsWithoutEmptyItem = {};
+    var keys = Object.keys(queryParams);
+    for (let key of keys) {
+      if (queryParams[key] !== undefined) {
+        queryParamsWithoutEmptyItem[key] = queryParams[key];
+      }
+    }
+    return JDCloud.util.querystring.stringify(queryParamsWithoutEmptyItem);
+  }
+
+  search() {
+    var query = this.request.url.split("?", 2)[1];
+    if (query) {
+      query = JDCloud.util.querystring.parse(query);
+      return JDCloud.util.queryParamsToString(query);
+    }
+    return "";
+  }
+
+  digitizationArray(key, obj) {
+    var result = key;
+    if (Array.isArray(obj)) {
+      JDCloud.util.arrayEach(obj, (arrayValue, index) => {
+        result += this.digitizationArray(`.${index + 1}`, arrayValue);
+      });
+    } else if (typeof obj === "object" && obj != null) {
+      JDCloud.util.each(obj, (key, ObjValue) => {
+        result += `.name=${key}&${result}.values` + this.digitizationArray();
+        result += key + ".name=" + ObjValue + "&" + this.digitizationArray(key + ".values", ObjValue);
+      });
+    } else {
+      result += key + "=" + encodeURI(obj);
+    }
+    return result;
+  }
+
+  buildHeaders(headerParams) {
+    var headers = new JDCloud.fetch.Headers({
+      accept: "application/json",
+    });
+
+    util.each.call(this, headerParams, function (key) {
+      if (headerParams[key] !== undefined && headerParams[key] != null) {
+        headers.append(key, headerParams[key]);
+      }
+    });
+    return headers;
+  }
+
+  /**
+   * Checks whether the given content type represents JSON.<br>
+   * JSON content type examples:<br>
+   * <ul>
+   * <li>application/json</li>
+   * <li>application/json; charset=UTF8</li>
+   * <li>APPLICATION/JSON</li>
+   * </ul>
+   * @param {String} contentType The MIME content type to check.
+   * @returns {Boolean} <code>true</code> if <code>contentType</code> represents JSON, otherwise <code>false</code>.
+   */
+  isJsonMime(contentType) {
+    return Boolean(contentType != null && contentType.match(/^application\/json(;.*)?$/i));
+  }
+
+  /**
+   * Chooses a content type from the given array, with JSON preferred; i.e. return JSON if included, otherwise return the first.
+   * @param {Array.<String>} contentTypes
+   * @returns {String} The chosen content type, preferring JSON.
+   */
+  jsonPreferredMime(contentTypes) {
+    for (var i = 0; i < contentTypes.length; i++) {
+      if (this.isJsonMime(contentTypes[i])) {
+        return contentTypes[i];
+      }
+    }
+
+    return contentTypes[0];
+  }
+};
+
+module.exports = JDCloud.JCRequest;

packages/libs/lib-jdcloud/src/lib/service.js

@@ -0,0 +1,231 @@
+var JDCloud = require('./core')
+var SignerV2 = require('./signers/v2')
+
+JDCloud.Service = class Service {
+  constructor (serviceId, config = {}) {
+    this.serviceId = serviceId
+    this.init(config)
+  }
+
+  init (config) {
+    // 某个服务类型的全局配置
+    var serviceConfig = JDCloud.config[this.serviceId]
+    // 全局配置
+    this.config = new JDCloud.Config(JDCloud.config)
+    if (serviceConfig) {
+      this.config.update(serviceConfig, true)
+    }
+    if (config) {
+      if (!this.config.endpoint.host && !config.endpoint) {
+        config.endpoint = config._defaultEndpoint
+      }
+      delete config._defaultEndpoint
+      this.config.update(config, true)
+    }
+  }
+
+  makeRequest (
+    path,
+    httpMethod,
+    pathParams,
+    queryParams,
+    headerParams,
+    formParams,
+    postBody,
+    contentTypes,
+    accepts,
+    returnType,
+    callback
+  ) {
+    var request = new JDCloud.JCRequest(
+      this,
+      path,
+      httpMethod,
+      pathParams,
+      queryParams,
+      headerParams,
+      formParams,
+      postBody,
+      contentTypes,
+      accepts,
+      returnType
+    )
+
+    var signer = new SignerV2(request, this.serviceId)
+
+    return this.config.getCredentials().then(() => {
+      signer.addAuthorization(this.config.credentials)
+      return JDCloud.fetch(signer.request.request).then(response => {
+        return response.json().then(
+          result => {
+            result.responseObj = response
+            if (response.ok) {
+              return result
+            }
+            return Promise.reject(result)
+          },
+          error => {
+            error.responseObj = response
+            if (error.type === 'invalid-json') {
+              // oss没有返回json
+              if (response.ok) {
+                return Promise.resolve({
+                  requestId: response.headers.get('x-jdcloud-request-id') || ''
+                })
+              } else {
+                /* eslint-disable */
+                return Promise.reject({
+                  requestId: response.headers.get('x-jdcloud-request-id') || ''
+                })
+                /* eslint-enable */
+              }
+            }
+            throw error
+          }
+        )
+      })
+    })
+  }
+
+  buildCollectionParam (param, collectionFormat) {
+    if (param === null || param === undefined) {
+      return param
+    }
+    switch (collectionFormat) {
+      case 'csv':
+        return param.map(this.paramToString).join(',')
+      case 'ssv':
+        return param.map(this.paramToString).join(' ')
+      case 'tsv':
+        return param.map(this.paramToString).join('\t')
+      case 'pipes':
+        return param.map(this.paramToString).join('|')
+      case 'multi':
+        // return the array directly as SuperAgent will handle it as expected
+        return param.map(this.paramToString)
+      default:
+        throw new Error('Unknown collection format: ' + collectionFormat)
+    }
+  }
+
+  /**
+   *  filter is a special type of array
+   *  only contains:
+   *  [
+   *      { name: someString , values:[ someString, someString ] ,operator: someString}
+   *  ]
+   *
+   */
+  buildFilterParam (param, key) {
+    var result = {}
+    if (Array.isArray(param)) {
+      let index = 0
+      for (var i = 0; i < param.length; i++) {
+        var obj = param[i]
+
+        // 兼容空字符串
+        if (obj.values !== '' && !Array.isArray(obj.values)) {
+          throw new Error('The type of filters.values should be Array!')
+        }
+        if (obj.name && obj.values) {
+          if (!obj.values.length) continue
+          result[`${key}.${index + 1}.name`] = obj.name
+          for (var j = 0; j < obj.values.length; j++) {
+            var someString = obj.values[j]
+            result[`${key}.${index + 1}.values.${j + 1}`] = someString
+          }
+          if (obj.operator) {
+            result[`${key}.${index + 1}.operator`] = obj.operator
+          }
+          index++
+        }
+      }
+    }
+    return result
+  }
+
+  buildTagFilterParam (param = [], key) {
+    var result = {}
+    if (!Array.isArray(param)) {
+      throw new Error(`The type of param 'param' should be Array!`)
+    }
+
+    for (var i = 0; i < param.length; i++) {
+      var obj = param[i]
+
+      if (obj.values && !Array.isArray(obj.values)) {
+        throw new Error(
+          `The type of param 'param[${i}].values' should be Array or NULL!`
+        )
+      }
+
+      if (obj.key) {
+        result[`${key}.${i + 1}.key`] = obj.key
+
+        if (obj.values) {
+          for (var j = 0; j < obj.values.length; j++) {
+            var someString = obj.values[j]
+            result[`${key}.${i + 1}.values.${j + 1}`] = someString
+          }
+        }
+      }
+    }
+    return result
+  }
+
+  buildSortParam (param = [], key) {
+    var result = {}
+    if (!Array.isArray(param)) {
+      throw new Error(`The type of param 'param' should be Array!`)
+    }
+
+    var index = 0
+    for (var i = 0; i < param.length; i++) {
+      var obj = param[i]
+
+      if (obj.name && obj.direction) {
+        index++
+        result[`${key}.${index}.name`] = obj.name
+        result[`${key}.${index}.direction`] = obj.direction
+      }
+    }
+    return result
+  }
+
+  // arr=[a,b,c] =>  arr={arr1:a, arr2:b, arr3:c}
+  buildArrayParam (param = [], key) {
+    var result = {}
+    if (!Array.isArray(param)) {
+      throw new Error(`The type of param 'param' should be Array!`)
+    }
+
+    for (var i = 0; i < param.length; i++) {
+      var value = param[i]
+      result[`${key}.${i + 1}`] = value
+    }
+    return result
+  }
+
+  /**
+   * Returns a string representation for an actual parameter.
+   * @param param The actual parameter.
+   * @returns {String} The string representation of <code>param</code>.
+   */
+  paramToString (param) {
+    if (param === undefined || param === null) {
+      return ''
+    }
+    if (param instanceof Date) {
+      return param.toJSON()
+    }
+
+    return param.toString()
+  }
+
+  static hasService (id) {
+    return JDCloud.Service._services.hasOwnProperty(id)
+  }
+}
+JDCloud.Service._services = {}
+
+module.exports = JDCloud.Service

packages/libs/lib-jdcloud/src/lib/signers/request_signer.js

@@ -0,0 +1,13 @@
+module.exports = class RequestSigner {
+  constructor (request) {
+    this.request = request
+  }
+
+  setServiceClientId (id) {
+    this.serviceClientId = id
+  }
+
+  getServiceClientId () {
+    return this.serviceClientId
+  }
+}

packages/libs/lib-jdcloud/src/lib/signers/v2.js

@@ -0,0 +1,162 @@
+// Copyright 2018 JDCLOUD.COM
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License
+// This signer is modified from AWS V4 signer algorithm.
+
+var util = require("../util");
+var RequestSigner = require("./request_signer");
+var v2Credentials = require("./v2_credentials");
+var uuid = require("uuid");
+var JDCloud = require("../core");
+
+module.exports = class SignerV2 extends RequestSigner {
+  constructor(request, serviceName, options = {}) {
+    super(request);
+    this.signatureCache = true;
+    this.algorithm = "JDCLOUD2-HMAC-SHA256";
+    this.unsignableHeaders = ["authorization", "user-agent"];
+    this.serviceName = serviceName;
+    // this.signatureCache = typeof options.signatureCache === 'boolean' ? options.signatureCache : true;
+  }
+
+  // 签名流程见 https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html
+
+  addAuthorization(credentials, date) {
+    // var datetime = '20180119T070300Z';
+    var datetime = util.date.iso8601(date).replace(/[:-]|\.\d{3}/g, "");
+    this.addHeaders(credentials, datetime);
+    this.request.request.headers.set("Authorization", this.authorization(credentials, datetime));
+  }
+
+  addHeaders(credentials, datetime) {
+    this.request.request.headers.set("x-jdcloud-date", datetime);
+    this.request.request.headers.set("x-jdcloud-nonce", uuid.v4());
+    this.request.request.headers.set("host", this.request.service.config.endpoint.host);
+  }
+
+  signedHeaders() {
+    var keys = [];
+    this.request.request.headers.forEach((value, key) => {
+      key = key.toLowerCase();
+      if (this.isSignableHeader(key)) {
+        keys.push(key);
+      }
+    });
+    /* util.each.call(this, this.request.headers, function (key) {
+
+        }); */
+    return keys.sort().join(";");
+  }
+
+  credentialString(datetime) {
+    return v2Credentials.createScope(datetime.substr(0, 8), this.request.regionId, this.serviceName);
+  }
+
+  signature(credentials, datetime) {
+    var signingKey = v2Credentials.getSigningKey(credentials, datetime.substr(0, 8), this.request.regionId, this.serviceName, this.signatureCache);
+    return util.crypto.hmac(signingKey, this.stringToSign(datetime), "hex");
+  }
+
+  stringToSign(datetime) {
+    var parts = [];
+    parts.push(this.algorithm);
+    parts.push(datetime);
+    parts.push(this.credentialString(datetime));
+    parts.push(this.hexEncodedHash(this.canonicalString()));
+    JDCloud.config.logger("StringToSign is \n" + JSON.stringify(parts), "DEBUG");
+    return parts.join("\n");
+  }
+
+  // 构建标准签名字符串
+  canonicalString() {
+    var parts = [];
+    var pathname = this.request.path;
+    //    if (this.serviceName !== 'jfs') {
+    //      pathname = util.uriEscapePath(pathname)
+    //    }
+
+    parts.push(this.request.request.method);
+    parts.push(pathname);
+    parts.push(this.request.search());
+    parts.push(this.canonicalHeaders() + "\n");
+    parts.push(this.signedHeaders());
+    parts.push(this.hexEncodedBodyHash());
+    JDCloud.config.logger("canonicalString is \n" + JSON.stringify(parts), "DEBUG");
+    return parts.join("\n");
+  }
+
+  canonicalHeaders() {
+    var headers = [];
+    this.request.request.headers.forEach((value, key) => {
+      headers.push([key, value]);
+    });
+    headers.sort(function (a, b) {
+      return a[0].toLowerCase() < b[0].toLowerCase() ? -1 : 1;
+    });
+    var parts = [];
+    util.arrayEach.call(this, headers, function (item) {
+      var key = item[0].toLowerCase();
+      if (this.isSignableHeader(key)) {
+        var value = item[1];
+        if (typeof value === "undefined" || value === null || typeof value.toString !== "function") {
+          throw util.error(new Error("Header " + key + " contains invalid value"), {
+            code: "InvalidHeader",
+          });
+        }
+        parts.push(key + ":" + this.canonicalHeaderValues(value.toString()));
+      }
+    });
+    return parts.join("\n");
+  }
+
+  canonicalHeaderValues(values) {
+    return values.replace(/\s+/g, " ").replace(/^\s+|\s+$/g, "");
+  }
+
+  authorization(credentials, datetime) {
+    var parts = [];
+    var credString = this.credentialString(datetime);
+    parts.push(this.algorithm + " Credential=" + credentials.accessKeyId + "/" + credString);
+    parts.push("SignedHeaders=" + this.signedHeaders());
+    parts.push("Signature=" + this.signature(credentials, datetime));
+    JDCloud.config.logger("Signature is \n" + JSON.stringify(parts), "DEBUG");
+    return parts.join(", ");
+  }
+
+  hexEncodedHash(string) {
+    return util.crypto.sha256(string, "hex");
+  }
+
+  hexEncodedBodyHash() {
+    let body = this.request.request?.body;
+    if (body && body instanceof ReadableStream) {
+      body = this.request.request?.bodyCache;
+    }
+    return this.hexEncodedHash(body || "");
+    /* var request = this.request;
+        if (this.isPresigned() && this.serviceName === 's3' && !request.body) {
+            return 'UNSIGNED-PAYLOAD';
+        } else if (request.headers['X-Amz-Content-Sha256']) {
+            return request.headers['X-Amz-Content-Sha256'];
+        } else {
+            return this.hexEncodedHash(this.request.body || '');
+        } */
+  }
+
+  isSignableHeader(key) {
+    if (key.toLowerCase().includes("x-jdcloud-")) {
+      return true;
+    }
+    return !this.unsignableHeaders.includes(key.toLowerCase());
+  }
+};

packages/libs/lib-jdcloud/src/lib/signers/v2_credentials.js

@@ -0,0 +1,80 @@
+var cachedSecret = {}
+var cacheQueue = []
+var maxCacheEntries = 50
+var v2Identifier = 'jdcloud2_request'
+
+var util = require('../util')
+
+module.exports = {
+  /**
+   * @api private
+   *
+   * @param date [String]
+   * @param region [String]
+   * @param serviceName [String]
+   * @return [String]
+   */
+  createScope: function createScope (date, region, serviceName) {
+    return [date.substr(0, 8), region, serviceName, v2Identifier].join('/')
+  },
+
+  /**
+   * @api private
+   *
+   * @param credentials [Credentials]
+   * @param date [String]
+   * @param region [String]
+   * @param service [String]
+   * @param shouldCache [Boolean]
+   * @return [String]
+   */
+  getSigningKey: function getSigningKey (
+    credentials,
+    date,
+    region,
+    service,
+    shouldCache
+  ) {
+    var credsIdentifier = util.crypto.hmac(
+      credentials.secretAccessKey,
+      credentials.accessKeyId,
+      'base64'
+    )
+    var cacheKey = [credsIdentifier, date, region, service].join('_')
+    shouldCache = shouldCache !== false
+    if (shouldCache && cacheKey in cachedSecret) {
+      return cachedSecret[cacheKey]
+    }
+
+    var kDate = util.crypto.hmac(
+      'JDCLOUD2' + credentials.secretAccessKey,
+      date,
+      'buffer'
+    )
+    var kRegion = util.crypto.hmac(kDate, region, 'buffer')
+    var kService = util.crypto.hmac(kRegion, service, 'buffer')
+
+    var signingKey = util.crypto.hmac(kService, v2Identifier, 'buffer')
+    if (shouldCache) {
+      cachedSecret[cacheKey] = signingKey
+      cacheQueue.push(cacheKey)
+      if (cacheQueue.length > maxCacheEntries) {
+        // remove the oldest entry (not the least recently used)
+        delete cachedSecret[cacheQueue.shift()]
+      }
+    }
+
+    return signingKey
+  },
+
+  /**
+   * @api private
+   *
+   * Empties the derived signing key cache. Made available for testing purposes
+   * only.
+   */
+  emptyCache: function emptyCache () {
+    cachedSecret = {}
+    cacheQueue = []
+  }
+}

packages/libs/lib-jdcloud/src/lib/util.js

@@ -0,0 +1,219 @@
+var util = {
+  isBrowser: function isBrowser() {
+    return process && process.browser;
+  },
+  isNode: function isNode() {
+    return !util.isBrowser();
+  },
+  uriEscape: function uriEscape(string) {
+    var output = encodeURIComponent(string);
+    output = output.replace(/[^A-Za-z0-9_.~\-%]+/g, escape);
+
+    // AWS percent-encodes some extra non-standard characters in a URI
+    output = output.replace(/[*]/g, function (ch) {
+      return "%" + ch.charCodeAt(0).toString(16).toUpperCase();
+    });
+
+    return output;
+  },
+  uriEscapePath: function uriEscapePath(string) {
+    var parts = [];
+    util.arrayEach(string.split("/"), function (part) {
+      parts.push(util.uriEscape(part));
+    });
+    return parts.join("/");
+  },
+  abort: {},
+  each: function each(object, iterFunction) {
+    for (var key in object) {
+      if (Object.prototype.hasOwnProperty.call(object, key)) {
+        var ret = iterFunction.call(this, key, object[key]);
+        if (ret === util.abort) break;
+      }
+    }
+  },
+
+  arrayEach: function arrayEach(array, iterFunction) {
+    for (var idx in array) {
+      if (Object.prototype.hasOwnProperty.call(array, idx)) {
+        var ret = iterFunction.call(this, array[idx], parseInt(idx, 10));
+        if (ret === util.abort) break;
+      }
+    }
+  },
+  arraySliceFn: function arraySliceFn(obj) {
+    var fn = obj.slice || obj.webkitSlice || obj.mozSlice;
+    return typeof fn === "function" ? fn : null;
+  },
+  queryParamsToString: function queryParamsToString(params) {
+    var items = [];
+    var escape = util.uriEscape;
+    var sortedKeys = Object.keys(params).sort();
+
+    util.arrayEach(sortedKeys, function (name) {
+      var value = params[name];
+      var ename = escape(name);
+      var result = ename + "=";
+      if (Array.isArray(value)) {
+        var vals = [];
+        util.arrayEach(value, function (item) {
+          vals.push(escape(item));
+        });
+        result = ename + "=" + vals.sort().join("&" + ename + "=");
+      } else if (value !== undefined && value !== null) {
+        result = ename + "=" + escape(value);
+      }
+      items.push(result);
+    });
+
+    return items.join("&");
+  },
+  date: {
+    getDate() {
+      return new Date();
+    },
+    iso8601: function iso8601(date) {
+      if (date === undefined) {
+        date = util.date.getDate();
+      }
+      return date.toISOString().replace(/\.\d{3}Z$/, "Z");
+    },
+  },
+  crypto: {
+    /* eslint-disable no-use-before-define */
+    crc32Table: [
+      0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3, 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988,
+      0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, 0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7,
+      0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5, 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172,
+      0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, 0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59,
+      0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924,
+      0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, 0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433,
+      0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01, 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e,
+      0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65,
+      0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0,
+      0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
+      0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a,
+      0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, 0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1,
+      0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc,
+      0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, 0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b,
+      0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236,
+      0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe, 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d,
+      0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713, 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38,
+      0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777,
+      0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45, 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2,
+      0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
+      0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94,
+      0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d,
+    ],
+    /* eslint-disable no-use-before-define */
+
+    crc32: function crc32(data) {
+      var tbl = util.crypto.crc32Table;
+      var crc = 0 ^ -1;
+
+      if (typeof data === "string") {
+        data = new util.Buffer(data);
+      }
+
+      for (var i = 0; i < data.length; i++) {
+        var code = data.readUInt8(i);
+        crc = (crc >>> 8) ^ tbl[(crc ^ code) & 0xff];
+      }
+      return (crc ^ -1) >>> 0;
+    },
+
+    hmac: function hmac(key, string, digest, fn) {
+      if (!digest) digest = "binary";
+      if (digest === "buffer") {
+        digest = undefined;
+      }
+      if (!fn) fn = "sha256";
+      if (typeof string === "string") string = new util.Buffer(string);
+      return util.crypto.lib.createHmac(fn, key).update(string).digest(digest);
+    },
+
+    md5: function md5(data, digest, callback) {
+      return util.crypto.hash("md5", data, digest, callback);
+    },
+
+    sha256: function sha256(data, digest, callback) {
+      return util.crypto.hash("sha256", data, digest, callback);
+    },
+
+    hash: function (algorithm, data, digest, callback) {
+      var hash = util.crypto.createHash(algorithm);
+      if (!digest) {
+        digest = "binary";
+      }
+      if (digest === "buffer") {
+        digest = undefined;
+      }
+      if (typeof data === "string") data = new util.Buffer(data);
+      var sliceFn = util.arraySliceFn(data);
+      var isBuffer = util.Buffer.isBuffer(data);
+      // Identifying objects with an ArrayBuffer as buffers
+      if (util.isBrowser() && typeof ArrayBuffer !== "undefined" && data && data.buffer instanceof ArrayBuffer) {
+        isBuffer = true;
+      }
+
+      if (callback && typeof data === "object" && typeof data.on === "function" && !isBuffer) {
+        data.on("data", function (chunk) {
+          hash.update(chunk);
+        });
+        data.on("error", function (err) {
+          callback(err);
+        });
+        data.on("end", function () {
+          callback(null, hash.digest(digest));
+        });
+      } else if (callback && sliceFn && !isBuffer && typeof FileReader !== "undefined") {
+        // this might be a File/Blob
+        var index = 0;
+        var size = 1024 * 512;
+        var reader = new FileReader();
+        reader.onerror = function () {
+          callback(new Error("Failed to read data."));
+        };
+        reader.onload = function () {
+          var buf = new util.Buffer(new Uint8Array(reader.result));
+          hash.update(buf);
+          index += buf.length;
+          reader._continueReading();
+        };
+        reader._continueReading = function () {
+          if (index >= data.size) {
+            callback(null, hash.digest(digest));
+            return;
+          }
+
+          var back = index + size;
+          if (back > data.size) back = data.size;
+          reader.readAsArrayBuffer(sliceFn.call(data, index, back));
+        };
+
+        reader._continueReading();
+      } else {
+        if (util.isBrowser() && typeof data === "object" && !isBuffer) {
+          data = new util.Buffer(new Uint8Array(data));
+        }
+        var out = hash.update(data).digest(digest);
+        if (callback) callback(null, out);
+        return out;
+      }
+    },
+
+    toHex: function toHex(data) {
+      var out = [];
+      for (var i = 0; i < data.length; i++) {
+        out.push(("0" + data.charCodeAt(i).toString(16)).substr(-2, 2));
+      }
+      return out.join("");
+    },
+
+    createHash: function createHash(algorithm) {
+      return util.crypto.lib.createHash(algorithm);
+    },
+  },
+};
+
+module.exports = util;

packages/libs/lib-jdcloud/tsconfig.json

@@ -0,0 +1,41 @@
+{
+  "compileOnSave": false,
+  "compilerOptions": {
+    "target": "ESNext",
+    "module": "ESNext",
+    "moduleResolution": "node",
+    "esModuleInterop": true,
+    "experimentalDecorators": true,
+    "emitDecoratorMetadata": true,
+    "inlineSourceMap":true,
+    "noImplicitThis": true,
+    "noUnusedLocals": true,
+    "stripInternal": true,
+    "skipLibCheck": true,
+    "pretty": true,
+    "declaration": true,
+    "forceConsistentCasingInFileNames": true,
+    "typeRoots": [ "./typings", "./node_modules/@types"],
+    "outDir": "dist",
+    "rootDir": "src",
+    "composite": true,
+    "useDefineForClassFields": true,
+    "strict": false,
+    "sourceMap": true,
+    "resolveJsonModule": true,
+    "isolatedModules": false,
+    "lib": ["ESNext", "DOM"],
+  },
+  "include": [
+    "src/**/*.ts",
+    "src/**/*.d.ts",
+    "src/**/*.js",
+    "src/**/*.json"
+  ],
+  "exclude": [
+    "*.ts",
+    "dist",
+    "node_modules",
+    "test"
+  ],
+}

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,58 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+### Performance Improvements
+
+* 部署支持1Panel ([d047234](https://github.com/certd/certd/commit/d047234d98d31504f2e5a472b66e1b75806af26e))
+
+## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.25.4](https://github.com/certd/certd/compare/v1.25.3...v1.25.4) (2024-09-25)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.25.3](https://github.com/certd/certd/compare/v1.25.2...v1.25.3) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.25.2](https://github.com/certd/certd/compare/v1.25.1...v1.25.2) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.25.1](https://github.com/certd/certd/compare/v1.25.0...v1.25.1) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+# [1.25.0](https://github.com/certd/certd/compare/v1.24.4...v1.25.0) (2024-09-24)
+
+### Performance Improvements
+
+* 支持k8s ingress secret ([e5a5d0a](https://github.com/certd/certd/commit/e5a5d0a607bb6b4e1a1f7a1a419bada5f2dee59f))
+
+## [1.24.4](https://github.com/certd/certd/compare/v1.24.3...v1.24.4) (2024-09-09)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.24.3](https://github.com/certd/certd/compare/v1.24.2...v1.24.3) (2024-09-06)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.24.2](https://github.com/certd/certd/compare/v1.24.1...v1.24.2) (2024-09-06)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,13 +1,14 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.24.2",
+  "version": "1.25.9",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "scripts": {
     "dev": "vite",
-    "build": "tsc --skipLibCheck",
+    "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
+    "build": "npm run before-build && tsc --skipLibCheck",
     "build3": "rollup -c",
     "build2": "vue-tsc --noEmit && vite build",
     "preview": "vite preview"
@@ -16,7 +17,7 @@
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
-    "@certd/pipeline": "^1.24.2",
+    "@certd/pipeline": "^1.25.9",
     "@rollup/plugin-commonjs": "^23.0.4",
     "@rollup/plugin-json": "^6.0.0",
     "@rollup/plugin-node-resolve": "^15.0.1",
@@ -31,11 +32,12 @@
     "eslint-plugin-node": "^11.1.0",
     "eslint-plugin-prettier": "^4.2.1",
     "prettier": "^2.8.8",
+    "rimraf": "^5.0.5",
     "rollup": "^3.7.4",
     "rollup-plugin-visualizer": "^5.8.2",
     "ts-node": "^10.9.1",
     "tslib": "^2.5.2",
-    "typescript": "^4.8.4"
+    "typescript": "^5.4.2"
   },
-  "gitHead": "bef6b981e26a010a797734e508de6822de8564f5"
+  "gitHead": "f548fe70117c7b56f40c66a3021e63b6cb264fb3"
 }

packages/libs/lib-k8s/src/index.ts

@@ -1 +1 @@
-export * from "./lib/k8s.client.js";
+export * from './lib/k8s.client.js';