v1.26.2

Closes https://github.com/certd/certd/issues/200

.github/workflows/build-image.yml

@@ -64,10 +64,10 @@ jobs:
           username: ${{ secrets.dockerhub_username }}
           password: ${{ secrets.dockerhub_password }}
 
-      - name: Build and push
+      - name: Build default platforms
         uses: docker/build-push-action@v6
         with:
-          platforms: linux/amd64,linux/arm64,linux/arm/v7
+          platforms: linux/amd64,linux/arm64
           push: true
           context: ./packages/ui/
           tags: |
@@ -75,3 +75,27 @@ jobs:
             registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}
             greper/certd:latest
             greper/certd:${{steps.get_certd_version.outputs.result}}
+
+      - name: Build armv7
+        uses: docker/build-push-action@v6
+        with:
+          platforms: linux/arm/v7
+          push: true
+          context: ./packages/ui/
+          tags: |
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-armv7
+            greper/certd:armv7
+            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7
+
+      - name: Build agent
+        uses: docker/build-push-action@v6
+        with:
+          platforms: linux/amd64,linux/arm64
+          push: true
+          context: ./packages/ui/agent/
+          tags: |
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:latest
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:${{steps.get_certd_version.outputs.result}}
+            greper/certd-agent:latest
+            greper/certd-agent:${{steps.get_certd_version.outputs.result}}

CHANGELOG.md

@@ -3,6 +3,139 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.2](https://github.com/certd/certd/compare/v1.26.1...v1.26.2) (2024-10-11)
+
+### Bug Fixes
+
+* 修复某些情况下bindUrl失败的bug ([91fc1cd](https://github.com/certd/certd/commit/91fc1cd7353be4a22be951239ed70b38baebc74e))
+
+### Performance Improvements
+
+* 邮箱设置改为系统设置，普通用户无需配置发件邮箱 ([4244569](https://github.com/certd/certd/commit/42445692117184a3293e63bef84a74cbb5984b0e))
+
+## [1.26.1](https://github.com/certd/certd/compare/v1.26.0...v1.26.1) (2024-10-10)
+
+**Note:** Version bump only for package root
+
+# [1.26.0](https://github.com/certd/certd/compare/v1.25.9...v1.26.0) (2024-10-10)
+
+### Bug Fixes
+
+* 修复管理员编辑其他用户流水线任务时归属userid也被修改的bug ([e85c477](https://github.com/certd/certd/commit/e85c47744cf740b4af3b93dca7c2f0ccc818ec2f))
+* 修复历史记录根据流水线名称查询报错的bug ([ce9a986](https://github.com/certd/certd/commit/ce9a9862f122fce2186e7727eaa4b251b59e6032))
+* 修复某些代理情况下 报 400 The plain HTTP request was sent to HTTPS port use proxy 的bug ([a13203f](https://github.com/certd/certd/commit/a13203fb3f48c427d0d81a504912248dcc07df1a))
+
+### Features
+
+* 域名验证方法支持CNAME间接方式，此方式支持所有域名注册商，且无需提供Access授权，但是需要手动添加cname解析 ([f3d3508](https://github.com/certd/certd/commit/f3d35084ed44f9f33845f7045e520be5c27eed93))
+* 站点个性化设置 ([11a9fe9](https://github.com/certd/certd/commit/11a9fe9014d96cba929e5a066e78f2af7ae59d14))
+
+### Performance Improvements
+
+* 并行任务名称改成添加任务，取消并行，可以在同一个阶段获取上一个task的输出 ([c5e5877](https://github.com/certd/certd/commit/c5e58770d1c5edc19c6f9ea1618f44b68e091f35))
+* 调整静态资源到static目录 ([0584b36](https://github.com/certd/certd/commit/0584b3672b40f9042a2ed87e5627022606d046cd))
+* 调整全部静态资源到static目录 ([a218890](https://github.com/certd/certd/commit/a21889080d6c7ffdf0af526a3a21f0b2d1c77288))
+* 检查cname是否正确配置 ([b5d8935](https://github.com/certd/certd/commit/b5d8935159374fbe7fc7d4c48ae0ed9396861bdd))
+* 七牛云cdn支持配置多个域名 ([88d745e](https://github.com/certd/certd/commit/88d745e29063a089864fb9c6705be7b8d4c2669a))
+* 上传到主机插件支持注入环境变量 ([81fac73](https://github.com/certd/certd/commit/81fac736f9ccc8d1cda7ef4178752239cec20849))
+* 优化宝塔网站部署插件远程获取数据的提示 ([2a3ca9f](https://github.com/certd/certd/commit/2a3ca9f552d96594ec6690a1c4c91f598451b9a1))
+* 优化缩短首页缓存时间 ([49395e8](https://github.com/certd/certd/commit/49395e8cb65f4b30c0145329ed5de48be4ef3842))
+* 域名输入增加校验提示，避免输入错误的域名 ([0c8e83e](https://github.com/certd/certd/commit/0c8e83e1254a9ce4d5a4e7888eb1710394a4b77c))
+* cname校验配置增加未校验通过提示 ([77cc3c4](https://github.com/certd/certd/commit/77cc3c4a5cbd81f8233a8e0bb33fab0621c0905f))
+* google eab授权支持自动获取，不过要配置代理 ([592791d](https://github.com/certd/certd/commit/592791d1356fc252fbb70d7f168567aee9585507))
+
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+### Bug Fixes
+
+* 修复西部数码账户级别apikey不可用的bug ([f8f3e8b](https://github.com/certd/certd/commit/f8f3e8b43fd5d815887bcb53b95f46dc96424b79))
+
+### Performance Improvements
+
+* 增加等待插件 ([3ef0541](https://github.com/certd/certd/commit/3ef0541cc85ab6abf698ead3b258ae1ac156ef98))
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+### Bug Fixes
+
+* 修复pfxPassword无效的bug ([251e450](https://github.com/certd/certd/commit/251e450fabfe62405bac13e39f2153736c081ef0))
+
+### Performance Improvements
+
+* 群晖获取deviceid优化 ([8d42273](https://github.com/certd/certd/commit/8d4227366548eb70f6bc04303829e6933168f906))
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+### Bug Fixes
+
+* 修复某些地区被屏蔽无法激活专业版的bug ([7532a96](https://github.com/certd/certd/commit/7532a960851b84d4f2cc3dba02353c5235e1a364))
+
+### Performance Improvements
+
+* 上传到主机，支持socks代理 ([d91026d](https://github.com/certd/certd/commit/d91026dc4fbfe5fedc4ee8e43dc0d08f1cf88356))
+* 支持上传到七牛云oss ([bf024bd](https://github.com/certd/certd/commit/bf024bdda8bc2a463475be5761acf0da7317a08a))
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+### Bug Fixes
+
+* 修复中间证书复制错误的bug ([76e86ea](https://github.com/certd/certd/commit/76e86ea283ecbe4ec76cdc92b98457d0fef544ac))
+
+### Performance Improvements
+
+* 部署支持1Panel ([d047234](https://github.com/certd/certd/commit/d047234d98d31504f2e5a472b66e1b75806af26e))
+* 增加使用教程 ([9d9c021](https://github.com/certd/certd/commit/9d9c0218195af5b9896cce7109b26a433480571d))
+
+## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
+
+**Note:** Version bump only for package root
+
+## [1.25.4](https://github.com/certd/certd/compare/v1.25.3...v1.25.4) (2024-09-25)
+
+### Bug Fixes
+
+* 修复启动报授权验证失败的bug ([3460d3d](https://github.com/certd/certd/commit/3460d3ddca222ea702816ab805909d489eff957f))
+
+## [1.25.3](https://github.com/certd/certd/compare/v1.25.2...v1.25.3) (2024-09-24)
+
+### Bug Fixes
+
+* 修复upload to host trim错误 ([0f0ddb9](https://github.com/certd/certd/commit/0f0ddb9c5963fd643d6d203334efac471c43ec3b))
+
+## [1.25.2](https://github.com/certd/certd/compare/v1.25.1...v1.25.2) (2024-09-24)
+
+**Note:** Version bump only for package root
+
+## [1.25.1](https://github.com/certd/certd/compare/v1.25.0...v1.25.1) (2024-09-24)
+
+**Note:** Version bump only for package root
+
+# [1.25.0](https://github.com/certd/certd/compare/v1.24.4...v1.25.0) (2024-09-24)
+
+### Bug Fixes
+
+* 修复首次创建任务运行时不自动设置当前运行情况的bug ([ecd83ee](https://github.com/certd/certd/commit/ecd83ee136abdd3df9ed2f21ec2ff0f24c0ed9d9))
+
+### Features
+
+* 账号绑定 ([e046640](https://github.com/certd/certd/commit/e0466409d0c021bb415abd94df448c8a0d4799e9))
+* 支持中间证书 ([e86756e](https://github.com/certd/certd/commit/e86756e4c65a53dd23106d7ecbfe2fa987cc13f3))
+* 支持vip转移 ([361e8fe](https://github.com/certd/certd/commit/361e8fe7ae5877e23fd5de31bc919bedd09c57f5))
+
+### Performance Improvements
+
+* 群晖支持OTP双重验证登录 ([8b8039f](https://github.com/certd/certd/commit/8b8039f42bbce10a4d0e737cdeeeef9bb17bee5a))
+* 任务支持禁用 ([8ed16b3](https://github.com/certd/certd/commit/8ed16b3ea2dfe847357863a0bfa614e4fa5fc041))
+* 优化收件邮箱输入 ([22ef28f](https://github.com/certd/certd/commit/22ef28f6338a78465bd52ccbad13e66e80263b2f))
+* 优化主机登录失败提示 ([9de77b3](https://github.com/certd/certd/commit/9de77b327d39cff5ed6660ec53b58ba0eea18e5a))
+* 增加重启certd插件 ([48238d9](https://github.com/certd/certd/commit/48238d929e6c4afa1d428e4d35b9159d37a47ae0))
+* 证书支持旧版RSA，pkcs1 ([3d9c3ec](https://github.com/certd/certd/commit/3d9c3ecb3eb604b2458154f608bde0f01915d116))
+* 支持阿里云ACK证书部署 ([d331fea](https://github.com/certd/certd/commit/d331fea47789122650e057ec7c9e85ee8e66f09b))
+* 支持七牛云 ([8ecc2f9](https://github.com/certd/certd/commit/8ecc2f9446a9ebd11b9bfbffbb6cf7812a043495))
+* 支持k8s ingress secret ([e5a5d0a](https://github.com/certd/certd/commit/e5a5d0a607bb6b4e1a1f7a1a419bada5f2dee59f))
+* http请求增加默认超时时间 ([664bd86](https://github.com/certd/certd/commit/664bd863e5b4895aabe2384277c0c65f5902fdb2))
+* plugins增加图标 ([a8da658](https://github.com/certd/certd/commit/a8da658a9723342b4f43a579f7805bfef0648efb))
+
 ## [1.24.4](https://github.com/certd/certd/compare/v1.24.3...v1.24.4) (2024-09-09)
 
 ### Bug Fixes

LICENSE.md

@@ -1,4 +1,6 @@
-# Certd Open Source License
+
+                    Certd Open Source License
+                  
 
 - This project is licensed under the **GNU Affero General Public License (AGPL)** with the following additional terms.  
 - 本项目遵循 GNU Affero General Public License（AGPL），并附加以下条款。

README.md

@@ -5,22 +5,6 @@ Certd 是一个免费全自动申请和自动部署更新SSL证书的工具。
 
 关键字：证书自动申请、证书自动更新、证书自动续期、证书自动续签
 
-************************
-支持开源，为爱发电，我已入驻爱发电   
-https://afdian.com/a/greper
-
-发电权益：
-1. 可加入发电专属群，可以获得作者一对一技术支持
-2. 您的需求我们将优先实现，并且将作为专业版功能提供
-3. 一年期专业版激活码
-4. 赠送国外免费服务器部署方案（0成本使用Certd，不过该服务器需要翻墙）
-
-专业版特权
-1. 证书流水线条数无限制（免费版限制10条）
-2. 免配置发邮件功能
-3. FTP上传、cdnfly、宝塔等部署插件
-4. 更多功能增加中...
-************************
 
 ## 一、特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。     
@@ -45,33 +29,48 @@ https://certd.handsfree.work/
 ## 三、使用教程
 本案例演示，如何配置自动申请证书，并部署到阿里云CDN，然后快要到期前自动更新证书并重新部署     
 
-![演示](./doc/images/5-view.png)
-![演示](./doc/images/9-start.png)
-![演示](./doc/images/10-1-log.png)
-![演示](./doc/images/13-3-download.png)
-![演示](./doc/images/13-1-result.png)
+![演示](packages/ui/certd-client/public/static/doc/images/5-view.png)
+![演示](packages/ui/certd-client/public/static/doc/images/9-start.png)
+![演示](packages/ui/certd-client/public/static/doc/images/10-1-log.png)
+![演示](packages/ui/certd-client/public/static/doc/images/13-3-download.png)
+![演示](packages/ui/certd-client/public/static/doc/images/13-1-result.png)
 
 ↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓      
 -------> [点我查看详细使用步骤演示](./step.md)   <--------      
 ↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑     
 
+当前支持的部署插件列表
+![演示](./doc/images/plugins.png)
+
 ## 四、私有化部署
 
 由于证书、授权信息等属于高度敏感数据，请务必私有化部署，保障数据安全
 
-### 1. 安装docker、docker-compose
+### 4.1 宝塔面板一键部署
+
+1. 安装宝塔面板，前往 [宝塔面板](https://www.bt.cn/u/CL3JHS) 官网，选择9.2.0以上正式版的脚本下载安装
+
+2. 安装后登录宝塔面板，在菜单栏中点击 Docker，首次进入会提示安装Docker服务，点击立即安装，按提示完成安装
+
+3. 安装完成后在应用商店中找到`certd`（要先点右上角更新应用），点击安装，配置域名等基本信息即可完成安装
+
+### 4.2 宝塔面板容器编排部署
+
+[宝塔面板容器编排部署教程](./doc/deploy/baota/baota.md)
+
+### 4.3 Docker部署
+#### 1. 安装docker、docker-compose
 
 1.1 准备一台云服务器
 * 【阿里云】云服务器2核2G，新老用户同享，99元/年，续费同价！【 [立即购买](https://www.aliyun.com/benefit?scm=20140722.M_10244282._.V_1&source=5176.11533457&userCode=qya11txb )】
 * 【腾讯云】云服务器2核2G，新老用户同享，99元/年，续费同价！【 [立即购买](https://cloud.tencent.com/act/cps/redirect?redirect=6094&cps_key=b3ef73330335d7a6efa4a4bbeeb6b2c9&from=console)】
-  
 
 1.2 安装docker      
 
 https://docs.docker.com/engine/install/   
 选择对应的操作系统，按照官方文档执行命令即可   
 
-### 2. 运行certd
+#### 2. 运行certd
 
 [docker-compose.yaml 下载](https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml)
 
@@ -98,25 +97,36 @@ docker compose up -d
 > 如果提示 没有compose命令,请安装docker-compose   
 > https://docs.docker.com/compose/install/linux/
 
-#### 镜像说明：
+#### 3. 镜像说明：
 * 国内镜像地址:
   * `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest`
+  * `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7`、`[version]-armv7`
 * DockerHub地址：
   * `https://hub.docker.com/r/greper/certd`
-  * `docker pull greper/certd:latest`
+  * `greper/certd:latest`
+  * `greper/certd:armv7`、`greper/certd:[version]-armv7`
 
 * 镜像构建通过`Actions`自动执行，过程公开透明，请放心使用
   * [点我查看镜像构建日志](https://github.com/certd/certd/actions/workflows/build-image.yml) 
 
 ![](./doc/images/action-build.jpg)
 
-
-### 3. 访问
+#### 4. 访问测试
 
 http://your_server_ip:7001    
 默认账号密码：admin/123456    
 记得修改密码   
 
+### 4.4 源码部署
+```shell
+# 克隆代码
+git clone https://github.com/certd/certd
+cd certd
+# 启动服务
+./start.sh  
+```
+如果是windows，请先安装`git for windows` ，然后右键，选择`open git bash here`打开终端，再执行`./start.sh`命令
+
 
 ## 五、 升级
 如果使用固定版本号
@@ -196,23 +206,37 @@ docker compose up -d
 </p>
 
 ## 十、捐赠
+************************
 支持开源，为爱发电，我已入驻爱发电   
 https://afdian.com/a/greper
 
 发电权益：
-1. 可加入发电专属群（先加我好友，发送发电截图，我拉你进群）
-2. 你的需求优先实现
-3. 可以获得作者一对一技术支持
-4. 更多权益陆续增加中...
+1. 可加入发电专属群，可以获得作者一对一技术支持
+2. 您的需求我们将优先实现，并且将作为专业版功能提供
+3. 一年期专业版激活码
+4. 赠送国外免费服务器部署方案（0成本使用Certd，可能需要翻墙，不过现在性能越来越差了）
 
 
+专业版特权对比
+
+| 功能      | 免费版                    | 专业版                   |
+|---------|------------------------|-----------------------|
+| 免费证书申请  | 免费无限制                  | 免费无限制                 |
+| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署等 | 支持群晖、宝塔、1Panel等，持续开发中 |
+| 发邮件功能   | 需要配置                   | 免配置                   |
+| 证书流水线条数 | 10条                    | 无限制                   |
+
+************************
+
 ## 十一、贡献代码
 
-1.  [贡献插件教程](./plugin.md)
+1. 本地开发 [贡献插件教程](./doc/dev/development.md)
 2. 作为贡献者，代表您同意您贡献的代码如下许可：
    1. 可以调整开源协议以使其更严格或更宽松。
    2. 可以用于商业用途。
 
+
+
 ## 十二、 开源许可
 * 本项目遵循 GNU Affero General Public License（AGPL）开源协议。   
 * 允许个人和公司使用、复制、修改和分发本项目，禁止任何形式的商业用途 

build.trigger

@@ -1 +1 @@
-7
+00:32

doc/deploy/baota/baota.md

@@ -0,0 +1,32 @@
+# 宝塔部署教程
+
+## 编排模版部署
+
+### 创建docker模版
+打开docker-compose.yaml，
+https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
+
+整个内容复制下来
+
+然后到宝塔里面进到docker的编排模版，新建模版
+![](./images/1.png)
+
+### 启动应用
+
+![img.png](./images/2.png)
+
+等待启动完成
+
+### 打开应用
+
+http://ip:7001
+
+
+## 二、一键应用部署
+需要宝塔9.2.0版本
+
+### 应用商店
+进入应用商店，更新应用列表
+
+### 搜索certd
+点击安装

doc/dev/development.md

@@ -1,8 +1,9 @@
-# 贡献插件
+# 本地开发
+欢迎贡献插件
 
 ## 1.本地调试运行
 
-安装依赖包:      
+### 克隆代码
 ```shell
 
 # 克隆代码
@@ -10,25 +11,38 @@ git clone https://github.com/certd/certd
 
 #进入项目目录
 cd certd
+```
 
-# 切换到最新的版本tag，v2分支可能不稳定
-checkout tags/vx.x.x # x.x.x为最新的版本号
+### 修改pnpm-workspace.yaml文件     
+重要：否则无法正确加载专业版的access和plugin
+```yaml
+# pnpm-workspace.yaml
+packages:
+   - 'packages/**'  # <--------------注释掉这一行，PR时不要提交此修改
+   - 'packages/ui/**'
+```
 
+### 安装依赖和初始化:
+```shell
+# 安装pnpm，如果提示npm命令不存在，就需要先安装nodejs
+npm install -g pnpm@8.15.7 --registry=https://registry.npmmirror.com
+
+# 使用国内镜像源，如果有代理，就不需要
+pnpm config set registry https://registry.npmmirror.com
 # 安装依赖
-npm install -g pnpm@8.15.7
 pnpm install
 
 # 初始化构建
 npm run init
 ```
 
-启动 server:    
+### 启动 server:    
 ```shell
 cd packages/ui/certd-server
 npm run dev
 ```
 
-启动 client:    
+### 启动 client:    
 ```shell
 cd packages/ui/certd-client
 npm run dev
@@ -50,7 +64,7 @@ npm run dev
 这样用户就可以在`certd`后台中创建这种授权凭证了
 
 ### 3. dns-provider
-如果域名是这个平台进行解析的，那么你需要实现dns-provider
+如果域名是这个平台进行解析的，那么你需要实现dns-provider，（申请证书需要）    
 参考`plugin-cloudflare/dns-provider.ts` 修改为你要做的平台的`dns-provider`
 
 ### 4. plugin-deploy
@@ -68,7 +82,7 @@ export * from './plugins/plugin-deploy-to-xx'
 在`./src/plugins/index.ts`中增加`import`
 
 ```ts
-export * from "./plugin-cloudflare"
+export * from "./plugin-cloudflare.js"
 ```
 
 ## 重启服务进行调试

doc/google/google.md

@@ -7,31 +7,50 @@ https://console.cloud.google.com/apis/library/publicca.googleapis.com
 
 打开该链接后点击“启用”，随后等待右侧出现“API已启用”则可以关闭该页。
 
-## 2、 申请Key
-随后打开“Google Cloud Shell”（在右上角点击激活CloudShell图标）。
+## 2、 获取授权
+以下两种方式任选其一
+### 2.1 直接获取EAB 【推荐】
 
+
+1. 打开“Google Cloud Shell”（在右上角点击激活CloudShell图标）。   
 等待分配完成后在 Shell 窗口内输入如下命令：
     
 ```shell
 gcloud beta publicca external-account-keys create
 ```
-此时会弹出“为 Cloud Shell 提供授权”，点击授权即可。
-
+2. 此时会弹出“为 Cloud Shell 提供授权”，点击授权即可。    
 执行完成后会返回类似如下输出；注意不要在没有收到 Google 的邮件时执行该命令，会返回命令不存在。
 
 ```shell
 Created an external account key
-[b64MacKey: xxxxxxxxxxxxx
-keyId: xxxxxxxxx]
+[b64MacKey: xxxxxxxxxxxxxxxx
+keyId: xxxxxxxxxxxxx]
 ```
-记录以上信息备用
+
+3. 到Certd中，创建一条EAB授权记录，填写keyId(=kid) 和 b64MacKey 信息    
+   注意：keyId没有`]`结尾，不要把`]`也复制了   
+
+注意：EAB授权使用过一次之后，会绑定邮箱，后续再次使用时，要使用相同的邮箱    
+否则会报错 `Unknown external account binding (EAB) key. This may be due to the EAB key expiring which occurs 7 days after creation`
+
+### 2.2 通过服务账号获取EAB
+
+此方式可以自动EAB，需要配置代理
+
+1. 创建服务账号    
+https://console.cloud.google.com/projectselector2/iam-admin/serviceaccounts/create?walkthrough_id=iam--create-service-account&hl=zh-cn#step_index=1
+
+2. 选择一个项目，进入创建服务账号页面
+3. 给服务账号起一个名字，点击`创建并继续`
+4. 向此服务账号授予对项目的访问权限： `选择角色`->`基本`->`Owner`
+5. 点击完成
+6. 点击服务账号，进入服务账号详情页面
+7. 点击`添加密钥`->`创建新密钥`->`JSON`，下载密钥文件
+8. 将json文件内容粘贴到 certd中 Google服务授权输入框中
 
 
 ## 3、 创建证书流水线
-选择证书提供商为google， 开启使用代理
+选择证书提供商为google， 选择EAB授权 或 服务账号授权
 
-## 4、 将key信息作为EAB授权信息
-google证书需要EAB授权， 使用第二步中的 keyId 和 b64MacKey 信息创建一条EAB授权记录      
-
-## 5、 其他就跟正常申请证书一样了
+## 4、 其他就跟正常申请证书一样了
 

doc/tencent/tencent.md

@@ -1,8 +1,7 @@
 # 腾讯云
 
 
-## DNSPOD 授权设置
-目前腾讯云管理的域名的dns暂时只支持从DNSPOD进行设置    
+## DNSPOD 授权设置【已废弃，请使用腾讯云API】
 打开 https://console.dnspod.cn/account/token/apikey    
 然后按如下方式获取DNSPOD的授权
 ![](./dnspod-token.png)
@@ -13,4 +12,4 @@
 腾讯云其他部署需要API密钥，需要在腾讯云控制台进行设置   
 打开 https://console.cloud.tencent.com/cam/capi   
 然后按如下方式获取腾讯云的API密钥    
-![](./tencent-access.png)
+![](./tencent-access.png)

docker/run/docker-compose.yaml

@@ -1,41 +1,50 @@
-version: '3.3'
+version: '3.3' # 兼容旧版docker-compose
 services:
   certd:
-    # 镜像                                                  #  ↓↓↓↓↓ --- 镜像版本号，建议改成固定版本号【可选】
+    # 镜像                                                  #  ↓↓↓↓↓ ---- 镜像版本号，建议改成固定版本号
     image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
     container_name: certd # 容器名
     restart: unless-stopped # 自动重启
     volumes:
-      #   ↓↓↓↓↓ -------------------------------------------------------- 数据库以及证书存储路径,默认存在宿主机的/data/certd/目录下【可选】
+      #   ↓↓↓↓↓ -------------------------------------------------------- 数据库以及证书存储路径,默认存在宿主机的/data/certd/目录下，【您需要定时备份此目录，以保障数据容灾】
       - /data/certd:/app/data
     ports: # 端口映射
-      #  ↓↓↓↓ ---------------------------------------------------------- 如果端口有冲突，可以修改第一个7001为其他不冲突的端口号【可选】
+      #  ↓↓↓↓ ---------------------------------------------------------- 如果端口有冲突，可以修改第一个7001为其他不冲突的端口号
       - "7001:7001"
     dns:
-      # 如果出现getaddrinfo ENOTFOUND等错误，可以尝试修改或注释dns配置
+      #  ↓↓↓↓ ---------------------------------------------------------- 如果出现getaddrinfo ENOTFOUND等错误，可以尝试修改或注释dns配置
       - 223.5.5.5
       - 223.6.6.6
-      #  ↓↓↓↓ ---------------------------------------------------------- 如果你服务器部署在国外，可以用8.8.8.8替换上面的dns【可选】
+      #  ↓↓↓↓ ---------------------------------------------------------- 如果你服务器部署在国外，可以用8.8.8.8替换上面的dns
 #      - 8.8.8.8
 #      - 8.8.4.4
+#    extra_hosts:
+      #  ↓↓↓↓ ---------------------------------------------------------- 这里可以配置自定义hosts，外网域名可以指向本地局域网ip地址
+#      - "localdomain.comm:192.168.1.3"
     environment: # 环境变量
       - TZ=Asia/Shanghai
+      # 设置环境变量即可自定义certd配置
+      # 配置项见： packages/ui/certd-server/src/config/config.default.ts
+      # 配置规则： certd_ + 配置项, 点号用_代替
+
+                           #  ↓↓↓↓  ------------------------------------ 这里可以设置http代理
       #- HTTPS_PROXY=http://xxxxxx:xx
       #- HTTP_PROXY=http://xxxxxx:xx
-                          #  ↑↑↑↑↑ ------------------------------------- 这里可以设置http代理【可选】
+      #                               ↓↓↓↓ ----------------------------- 如果忘记管理员密码，可以设置为true，重启之后，管理员密码将改成123456，然后请及时修改回false
       - certd_system_resetAdminPasswd=false
-                                     #  ↑↑↑↑↑--------------------------- 如果忘记管理员密码，可以设置为true，重启之后，管理员密码将改成123456，然后请及时修改回false【可选】
+      #                                  ↓↓↓↓ -------------------------- 如果设置为true，启动后所有配置了cron的流水线任务都将被立即触发一次
       - certd_cron_immediateTriggerOnce=false
-                                     #  ↑↑↑↑↑--------------------------- 如果设置为true，启动后所有配置了cron的流水线任务都将被立即触发一次【可选】
-      - VITE_APP_ICP_NO=
-                      #  ↑↑↑↑↑ ----------------------------------------- 这里可以设置备案号【可选】
+      #                            ↓↓↓↓ -------------------------------- 配置证书和key，则表示https方式启动，使用https协议访问，https://your.domain:7001
       #- certd_koa_key=./data/ssl/cert.key
       #- certd_koa_cert=./data/ssl/cert.crt
-                      #  ↑↑↑↑↑ ----------------------------------------- 配置证书和key，则表示https方式启动，访问网址要使用 https://your.domain:7001【可选】
 
-      # 设置环境变量即可自定义certd配置
-      # 服务端配置项见： packages/ui/certd-server/src/config/config.default.ts
-      # 服务端配置规则： certd_ + 配置项, 点号用_代替
+      #                             ↓↓↓↓ ------------------------------- 使用postgresql数据库
+#      - certd_flyway_scriptDir=./db/migration-pg               # 升级脚本目录
+#      - certd_typeorm_dataSource_default_type=postgres         # 数据库类型
+#      - certd_typeorm_dataSource_default_host=localhost        # 数据库地址
+#      - certd_typeorm_dataSource_default_port=5433             # 数据库端口
+#      - certd_typeorm_dataSource_default_username=postgres     # 用户名
+#      - certd_typeorm_dataSource_default_password=yourpasswd   # 密码
+#      - certd_typeorm_dataSource_default_database=certd        # 数据库名
+
 
-      # 客户端配置项见： packages/ui/certd-client/.env
-      # 按实际名称配置环境变量即可，如： VITE_APP_API=http://localhost:7001

init.sh

@@ -1,3 +1,4 @@
+
 current_pwd=$(pwd)
 
 echo "开始设置git配置"

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.24.4"
+  "version": "1.26.2"
 }

package.json

@@ -4,29 +4,31 @@
   "private": true,
   "type": "module",
   "devDependencies": {
-    "@lerna-lite/cli": "^3.2.1",
-    "@lerna-lite/publish": "^3.2.1",
-    "@lerna-lite/run": "^3.2.1",
-    "@lerna-lite/version": "^3.2.1"
+    "@lerna-lite/cli": "^3.9.3",
+    "@lerna-lite/publish": "^3.9.3",
+    "@lerna-lite/run": "^3.9.3",
+    "@lerna-lite/version": "^3.9.3"
   },
   "scripts": {
     "start": "lerna bootstrap --hoist",
     "i-all": "lerna link && lerna exec npm install  ",
-    "publish": "npm run prepublishOnly2  && lerna publish --conventional-commits --create-release github && npm run afterpublishOnly",
+    "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly && npm run commitAll",
     "afterpublishOnly": "time /t >build.trigger && git add ./build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
+    "commitAll": "git add . && git commit -m \"build: publish\" && git push && npm run commitPro",
+    "commitPro": "cd ./packages/core/ && git add . && git commit -m \"build: publish\" && git push",
     "prepublishOnly1": "npm run check && lerna run build ",
     "prepublishOnly2": "npm run check && npm run before-build && lerna run build ",
-    "before-build": "cd ./packages/core/pipeline && time /t >build.md && git add ./build.md && git commit -m \"build: prepare to build\"",
+    "before-build": "cd ./packages/core/basic && time /t >build.md && git add ./build.md && git commit -m \"build: prepare to build\"",
     "deploy1": "node --experimental-json-modules deploy.js ",
     "check": "node --experimental-json-modules publish-check.js",
     "init": "lerna run build"
   },
   "license": "AGPL-3.0",
   "dependencies": {
-    "axios": "^1.7.2",
+    "axios": "^1.7.7",
     "lodash-es": "^4.17.21"
   },
   "workspaces": [
     "packages/**"
   ]
-}
+}

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,65 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.2](https://github.com/publishlab/node-acme-client/compare/v1.26.1...v1.26.2) (2024-10-11)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.26.1](https://github.com/publishlab/node-acme-client/compare/v1.26.0...v1.26.1) (2024-10-10)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.26.0](https://github.com/publishlab/node-acme-client/compare/v1.25.9...v1.26.0) (2024-10-10)
+
+### Features
+
+* 域名验证方法支持CNAME间接方式，此方式支持所有域名注册商，且无需提供Access授权，但是需要手动添加cname解析 ([f3d3508](https://github.com/publishlab/node-acme-client/commit/f3d35084ed44f9f33845f7045e520be5c27eed93))
+
+## [1.25.9](https://github.com/publishlab/node-acme-client/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.8](https://github.com/publishlab/node-acme-client/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.7](https://github.com/publishlab/node-acme-client/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.6](https://github.com/publishlab/node-acme-client/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+### Performance Improvements
+
+* 部署支持1Panel ([d047234](https://github.com/publishlab/node-acme-client/commit/d047234d98d31504f2e5a472b66e1b75806af26e))
+
+## [1.25.5](https://github.com/publishlab/node-acme-client/compare/v1.25.4...v1.25.5) (2024-09-26)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.4](https://github.com/publishlab/node-acme-client/compare/v1.25.3...v1.25.4) (2024-09-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.3](https://github.com/publishlab/node-acme-client/compare/v1.25.2...v1.25.3) (2024-09-24)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.2](https://github.com/publishlab/node-acme-client/compare/v1.25.1...v1.25.2) (2024-09-24)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.1](https://github.com/publishlab/node-acme-client/compare/v1.25.0...v1.25.1) (2024-09-24)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.25.0](https://github.com/publishlab/node-acme-client/compare/v1.24.4...v1.25.0) (2024-09-24)
+
+### Performance Improvements
+
+* 证书支持旧版RSA，pkcs1 ([3d9c3ec](https://github.com/publishlab/node-acme-client/commit/3d9c3ecb3eb604b2458154f608bde0f01915d116))
+* 支持七牛云 ([8ecc2f9](https://github.com/publishlab/node-acme-client/commit/8ecc2f9446a9ebd11b9bfbffbb6cf7812a043495))
+
 ## [1.24.4](https://github.com/publishlab/node-acme-client/compare/v1.24.3...v1.24.4) (2024-09-09)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.24.4",
+    "version": "1.26.2",
     "main": "src/index.js",
     "types": "types/index.d.ts",
     "license": "MIT",
@@ -20,7 +20,7 @@
         "asn1js": "^3.0.5",
         "axios": "^1.7.2",
         "debug": "^4.3.5",
-        "https-proxy-agent": "^7.0.4",
+        "https-proxy-agent": "^7.0.5",
         "node-forge": "^1.3.1"
     },
     "devDependencies": {
@@ -34,7 +34,7 @@
         "mocha": "^10.6.0",
         "nock": "^13.5.4",
         "tsd": "^0.31.1",
-        "typescript": "^4.8.4",
+        "typescript": "^5.4.2",
         "uuid": "^8.3.2"
     },
     "scripts": {
@@ -59,5 +59,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "c49ccbde93dbad7062ac39d4f18eca7d561f573f"
+    "gitHead": "daf575e7c3b808e6b7db48e50c62ebd9fa213b0a"
 }

packages/core/acme-client/src/auto.js

@@ -118,16 +118,16 @@ module.exports = async (client, userOpts) => {
             /* Trigger challengeCreateFn() */
             log(`[auto] [${d}] Trigger challengeCreateFn()`);
             const keyAuthorization = await client.getChallengeKeyAuthorization(challenge);
-            let recordItem = null;
+
             try {
-                recordItem = await opts.challengeCreateFn(authz, challenge, keyAuthorization);
+                const { recordReq, recordRes, dnsProvider } = await opts.challengeCreateFn(authz, challenge, keyAuthorization);
                 log(`[auto] [${d}] challengeCreateFn success`);
                 log(`[auto] [${d}] add challengeRemoveFn()`);
                 clearTasks.push(async () => {
                     /* Trigger challengeRemoveFn(), suppress errors */
                     log(`[auto] [${d}] Trigger challengeRemoveFn()`);
                     try {
-                        await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordItem);
+                        await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider);
                     }
                     catch (e) {
                         log(`[auto] [${d}] challengeRemoveFn threw error: ${e.message}`);

packages/core/acme-client/src/crypto/index.js

@@ -67,11 +67,11 @@ function getKeyInfo(keyPem) {
  * ```
  */
 
-async function createPrivateRsaKey(modulusLength = 2048) {
+async function createPrivateRsaKey(modulusLength = 2048, encodingType = 'pkcs8') {
     const pair = await generateKeyPair('rsa', {
         modulusLength,
         privateKeyEncoding: {
-            type: 'pkcs8',
+            type: encodingType,
             format: 'pem',
         },
     });
@@ -106,11 +106,11 @@ exports.createPrivateKey = createPrivateRsaKey;
  * ```
  */
 
-exports.createPrivateEcdsaKey = async (namedCurve = 'P-256') => {
+exports.createPrivateEcdsaKey = async (namedCurve = 'P-256', encodingType = 'pkcs8') => {
     const pair = await generateKeyPair('ec', {
         namedCurve,
         privateKeyEncoding: {
-            type: 'pkcs8',
+            type: encodingType,
             format: 'pem',
         },
     });

packages/core/acme-client/src/index.js

@@ -32,7 +32,7 @@ exports.directory = {
  */
 
 exports.crypto = require('./crypto');
-// exports.forge = require('./crypto/forge');
+exports.forge = require('./crypto/forge');
 
 /**
  * Axios
@@ -45,3 +45,5 @@ exports.axios = require('./axios');
  */
 
 exports.setLogger = require('./logger').setLogger;
+
+exports.walkTxtRecord = require('./verify').walkTxtRecord;

packages/core/acme-client/src/verify.js

@@ -66,17 +66,35 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) {
         log(`Checking name for TXT records: ${recordName}`);
         const txtRecords = await resolver.resolveTxt(recordName);
 
-        if (txtRecords.length) {
+        if (txtRecords && txtRecords.length) {
             log(`Found ${txtRecords.length} TXT records at ${recordName}`);
+            log(`TXT records: ${JSON.stringify(txtRecords)}`);
             return [].concat(...txtRecords);
         }
+        return [];
     }
     catch (e) {
-        log(`No TXT records found for name: ${recordName}`);
+        log(`Resolve TXT records error, ${recordName} :${e.message}`);
+        throw e;
     }
+}
 
-    /* Found nothing */
-    throw new Error(`No TXT records found for name: ${recordName}`);
+async function walkTxtRecord(recordName) {
+    try {
+        /* Default DNS resolver first */
+        log('Attempting to resolve TXT with default DNS resolver first');
+        const res = await walkDnsChallengeRecord(recordName);
+        if (res && res.length > 0) {
+            return res;
+        }
+        throw new Error('No TXT records found');
+    }
+    catch (e) {
+        /* Authoritative DNS resolver */
+        log(`Error using default resolver, attempting to resolve TXT with authoritative NS: ${e.message}`);
+        const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName);
+        return await walkDnsChallengeRecord(recordName, authoritativeResolver);
+    }
 }
 
 /**
@@ -92,24 +110,10 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) {
  */
 
 async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '_acme-challenge.') {
-    let recordValues = [];
     const recordName = `${prefix}${authz.identifier.value}`;
     log(`Resolving DNS TXT from record: ${recordName}`);
-
-    try {
-        /* Default DNS resolver first */
-        log('Attempting to resolve TXT with default DNS resolver first');
-        recordValues = await walkDnsChallengeRecord(recordName);
-    }
-    catch (e) {
-        /* Authoritative DNS resolver */
-        log(`Error using default resolver, attempting to resolve TXT with authoritative NS: ${e.message}`);
-        const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName);
-        recordValues = await walkDnsChallengeRecord(recordName, authoritativeResolver);
-    }
-
+    const recordValues = await walkTxtRecord(recordName);
     log(`DNS query finished successfully, found ${recordValues.length} TXT records`);
-
     if (!recordValues.length || !recordValues.includes(keyAuthorization)) {
         throw new Error(`Authorization not found in DNS TXT record: ${recordName}，need:${keyAuthorization},found:${recordValues}`);
     }
@@ -153,4 +157,5 @@ module.exports = {
     'http-01': verifyHttpChallenge,
     'dns-01': verifyDnsChallenge,
     'tls-alpn-01': verifyTlsAlpnChallenge,
+    walkTxtRecord,
 };

packages/core/acme-client/types/index.d.ts

@@ -55,8 +55,8 @@ export interface ClientExternalAccountBindingOptions {
 
 export interface ClientAutoOptions {
     csr: CsrBuffer | CsrString;
-    challengeCreateFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string) => Promise<any>;
-    challengeRemoveFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string, recordRes:any) => Promise<any>;
+    challengeCreateFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string) => Promise<{recordReq:any,recordRes:any,dnsProvider:any}>;
+    challengeRemoveFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string,recordReq:any, recordRes:any,dnsProvider:any) => Promise<any>;
     email?: string;
     termsOfServiceAgreed?: boolean;
     skipChallengeVerification?: boolean;
@@ -155,16 +155,16 @@ export interface EcdsaPublicJwk {
 }
 
 export interface CryptoInterface {
-    createPrivateKey(keySize?: number): Promise<PrivateKeyBuffer>;
-    createPrivateRsaKey(keySize?: number): Promise<PrivateKeyBuffer>;
-    createPrivateEcdsaKey(namedCurve?: 'P-256' | 'P-384' | 'P-521'): Promise<PrivateKeyBuffer>;
+    createPrivateKey(keySize?: number,encodingType?:string): Promise<PrivateKeyBuffer>;
+    createPrivateRsaKey(keySize?: number,encodingType?:string): Promise<PrivateKeyBuffer>;
+    createPrivateEcdsaKey(namedCurve?: 'P-256' | 'P-384' | 'P-521',encodingType?:string): Promise<PrivateKeyBuffer>;
     getPublicKey(keyPem: PrivateKeyBuffer | PrivateKeyString | PublicKeyBuffer | PublicKeyString): PublicKeyBuffer;
     getJwk(keyPem: PrivateKeyBuffer | PrivateKeyString | PublicKeyBuffer | PublicKeyString): RsaPublicJwk | EcdsaPublicJwk;
     splitPemChain(chainPem: CertificateBuffer | CertificateString): string[];
     getPemBodyAsB64u(pem: CertificateBuffer | CertificateString): string;
     readCsrDomains(csrPem: CsrBuffer | CsrString): CertificateDomains;
     readCertificateInfo(certPem: CertificateBuffer | CertificateString): CertificateInfo;
-    createCsr(data: CsrOptions, keyPem?: PrivateKeyBuffer | PrivateKeyString): Promise<[PrivateKeyBuffer, CsrBuffer]>;
+    createCsr(data: CsrOptions, keyPem?: PrivateKeyBuffer | PrivateKeyString,encodingType?:string): Promise<[PrivateKeyBuffer, CsrBuffer]>;
     createAlpnCertificate(authz: Authorization, keyAuthorization: string, keyPem?: PrivateKeyBuffer | PrivateKeyString): Promise<[PrivateKeyBuffer, CertificateBuffer]>;
     isAlpnCertificateAuthorizationValid(certPem: CertificateBuffer | CertificateString, keyAuthorization: string): boolean;
 }
@@ -197,3 +197,5 @@ export const axios: AxiosInstance;
  */
 
 export function setLogger(fn: (msg: string) => void): void;
+
+export function walkTxtRecord(record: any): Promise<string[]>;

packages/core/basic/.eslintrc

@@ -0,0 +1,22 @@
+{
+  "parser": "@typescript-eslint/parser",
+  "plugins": [
+    "@typescript-eslint"
+  ],
+  "extends": [
+    "plugin:@typescript-eslint/recommended",
+    "plugin:prettier/recommended",
+    "prettier"
+  ],
+  "env": {
+    "mocha": true
+  },
+  "rules": {
+    "@typescript-eslint/no-var-requires": "off",
+    "@typescript-eslint/ban-ts-comment": "off",
+    "@typescript-eslint/ban-ts-ignore": "off",
+    "@typescript-eslint/no-explicit-any": "off",
+//    "no-unused-expressions": "off",
+    "max-len": [0, 160, 2, { "ignoreUrls": true }]
+  }
+}

packages/core/basic/.gitignore

@@ -0,0 +1,28 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+lerna-debug.log*
+
+node_modules
+dist
+dist-ssr
+*.local
+
+# Editor directories and files
+.vscode/*
+!.vscode/extensions.json
+.idea
+.DS_Store
+*.suo
+*.ntvs*
+*.njsproj
+*.sln
+*.sw?
+
+test/user.secret.*
+test/**/*.js
+src/**/*.spec.ts

packages/core/basic/.npmignore

@@ -0,0 +1,3 @@
+node_modules
+src
+dist/**/*.spec.*

packages/core/basic/.npmrc

@@ -0,0 +1,2 @@
+link-workspace-packages=true
+prefer-workspace-packages=true

packages/core/basic/CHANGELOG.md

@@ -0,0 +1,18 @@
+# Change Log
+
+All notable changes to this project will be documented in this file.
+See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
+
+## [1.26.2](https://github.com/certd/certd/compare/v1.26.1...v1.26.2) (2024-10-11)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.26.1](https://github.com/certd/certd/compare/v1.26.0...v1.26.1) (2024-10-10)
+
+**Note:** Version bump only for package @certd/basic
+
+# [1.26.0](https://github.com/certd/certd/compare/v1.25.9...v1.26.0) (2024-10-10)
+
+### Performance Improvements
+
+* 检查cname是否正确配置 ([b5d8935](https://github.com/certd/certd/commit/b5d8935159374fbe7fc7d4c48ae0ed9396861bdd))

packages/core/basic/build.md

@@ -0,0 +1 @@
+13:36

packages/core/basic/package.json

@@ -0,0 +1,68 @@
+{
+  "name": "@certd/basic",
+  "private": false,
+  "version": "1.26.2",
+  "type": "module",
+  "main": "./dist/index.js",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "scripts": {
+    "dev": "vite",
+    "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
+    "build": "npm run before-build && tsc --skipLibCheck",
+    "dev-build": "npm run build",
+    "preview": "vite preview",
+    "test": "mocha   --loader=ts-node/esm"
+  },
+  "dependencies": {
+    "axios": "^1.7.2",
+    "dayjs": "^1.11.7",
+    "fix-path": "^4.0.0",
+    "http-proxy-agent": "^7.0.2",
+    "https-proxy-agent": "^7.0.5",
+    "lodash-es": "^4.17.21",
+    "lru-cache": "^10.0.0",
+    "nanoid": "^5.0.7",
+    "node-forge": "^1.3.1",
+    "nodemailer": "^6.9.3",
+    "proxy-agent": "^6.4.0",
+    "qs": "^6.11.2"
+  },
+  "devDependencies": {
+    "@rollup/plugin-commonjs": "^23.0.4",
+    "@rollup/plugin-json": "^6.0.0",
+    "@rollup/plugin-node-resolve": "^15.0.1",
+    "@rollup/plugin-terser": "^0.4.3",
+    "@rollup/plugin-typescript": "^11.0.0",
+    "@types/chai": "^4.3.10",
+    "@types/lodash-es": "^4.17.12",
+    "@types/mocha": "^10.0.1",
+    "@types/node-forge": "^1.3.2",
+    "@types/uuid": "^9.0.2",
+    "@typescript-eslint/eslint-plugin": "^5.59.7",
+    "@typescript-eslint/parser": "^5.59.7",
+    "chai": "4.3.10",
+    "dayjs": "^1.11.7",
+    "eslint": "^8.41.0",
+    "eslint-config-prettier": "^8.8.0",
+    "eslint-plugin-import": "^2.27.5",
+    "eslint-plugin-node": "^11.1.0",
+    "eslint-plugin-prettier": "^4.2.1",
+    "iconv-lite": "^0.6.3",
+    "log4js": "^6.9.1",
+    "mocha": "^10.2.0",
+    "prettier": "^2.8.8",
+    "reflect-metadata": "^0.1.13",
+    "rimraf": "^5.0.5",
+    "rollup": "^3.7.4",
+    "rollup-plugin-typescript2": "^0.34.1",
+    "rollup-plugin-visualizer": "^5.8.2",
+    "ts-node": "^10.9.1",
+    "tsc-esm-fix": "^3.0.0",
+    "tslib": "^2.5.2",
+    "typescript": "^5.4.2",
+    "vite": "^4.3.8",
+    "vue-tsc": "^1.6.5"
+  },
+  "gitHead": "daf575e7c3b808e6b7db48e50c62ebd9fa213b0a"
+}

packages/core/basic/src/index.ts

@@ -0,0 +1 @@
+export * from './utils/index.js';

packages/core/basic/src/utils/index.ts

@@ -0,0 +1,33 @@
+export * from './util.request.js';
+export * from './util.log.js';
+export * from './util.file.js';
+export * from './util.sp.js';
+export * from './util.promise.js';
+export * from './util.hash.js';
+export * from './util.merge.js';
+export * from './util.cache.js';
+import sleep from './util.sleep.js';
+import { http } from './util.request.js';
+import { nanoid } from 'nanoid';
+import { mergeUtils } from './util.merge.js';
+import { sp } from './util.sp.js';
+import { hashUtils } from './util.hash.js';
+import { promises } from './util.promise.js';
+import { fileUtils } from './util.file.js';
+import * as _ from 'lodash-es';
+import { cache } from './util.cache.js';
+import dayjs from 'dayjs';
+
+export const utils = {
+  sleep,
+  http,
+  sp,
+  hash: hashUtils,
+  promises,
+  file: fileUtils,
+  _,
+  mergeUtils,
+  cache,
+  nanoid,
+  dayjs,
+};

packages/core/basic/src/utils/util.cache.ts

@@ -0,0 +1,8 @@
+// LRUCache
+
+import { LRUCache } from "lru-cache";
+
+export const cache = new LRUCache<string, any>({
+  max: 1000,
+  ttl: 1000 * 60 * 10,
+});

packages/core/basic/src/utils/util.merge.ts

@@ -0,0 +1,64 @@
+import _ from "lodash-es";
+function isUnMergeable(srcValue: any) {
+  return srcValue != null && srcValue instanceof UnMergeable;
+}
+function isUnCloneable(value: any) {
+  return isUnMergeable(value) && !value.cloneable;
+}
+function merge(target: any, ...sources: any) {
+  /**
+   * 如果目标为不可合并对象，比如array、unMergeable、ref,则直接覆盖不合并
+   * @param objValue 被合并对象
+   * @param srcValue 来源对象
+   */
+  function customizer(objValue: any, srcValue: any) {
+    if (srcValue == null) {
+      return;
+    }
+    // 如果被合并对象为数组，则直接被覆盖对象覆盖，只要覆盖对象不为空
+    if (_.isArray(objValue)) {
+      //原对象如果是数组
+      return srcValue; //来源对象
+    }
+
+    if (isUnMergeable(srcValue)) {
+      return srcValue;
+    }
+  }
+
+  let found: any = null;
+  for (const item of sources) {
+    if (isUnMergeable(item)) {
+      found = item;
+    }
+  }
+  if (found) {
+    return found;
+  }
+  return _.mergeWith(target, ...sources, customizer);
+}
+
+function cloneDeep(target: any) {
+  if (isUnCloneable(target)) {
+    return target;
+  }
+  function customizer(value: any) {
+    if (isUnCloneable(value)) {
+      return value;
+    }
+  }
+
+  return _.cloneDeepWith(target, customizer);
+}
+export class UnMergeable {
+  cloneable = false;
+
+  setCloneable(cloneable: any) {
+    this.cloneable = cloneable;
+  }
+}
+
+export const mergeUtils = {
+  merge,
+  cloneDeep,
+};

packages/core/basic/src/utils/util.promise.ts

@@ -24,3 +24,27 @@ export function safePromise<T>(callback: (resolve: (ret: T) => void, reject: (re
     }
   });
 }
+
+export function promisify(func: any) {
+  return function (...args: any) {
+    return new Promise((resolve, reject) => {
+      try {
+        func(...args, (err: any, data: any) => {
+          if (err) {
+            reject(err);
+          } else {
+            resolve(data);
+          }
+        });
+      } catch (e) {
+        reject(e);
+      }
+    });
+  };
+}
+
+export const promises = {
+  TimeoutPromise,
+  safePromise,
+  promisify,
+};

packages/core/basic/src/utils/util.request.ts

@@ -0,0 +1,174 @@
+import axios, { AxiosRequestConfig } from 'axios';
+import { logger } from './util.log.js';
+import { Logger } from 'log4js';
+import { HttpProxyAgent } from 'http-proxy-agent';
+import { HttpsProxyAgent } from 'https-proxy-agent';
+import nodeHttp from 'http';
+import * as https from 'node:https';
+export class HttpError extends Error {
+  status?: number;
+  statusText?: string;
+  code?: string;
+  request?: { baseURL: string; url: string; method: string; params?: any; data?: any };
+  response?: { data: any };
+  cause?: any;
+  constructor(error: any) {
+    if (!error) {
+      return;
+    }
+    super(error.message);
+
+    if (error?.message?.indexOf('ssl3_get_record:wrong version number') >= 0) {
+      this.message = 'http协议错误，服务端要求http协议，请检查是否使用了https请求';
+    }
+
+    this.name = error.name;
+    this.code = error.code;
+    this.cause = error.cause;
+
+    this.status = error.response?.status;
+    this.statusText = error.response?.statusText;
+    this.request = {
+      baseURL: error.config?.baseURL,
+      url: error.config?.url,
+      method: error.config?.method,
+      params: error.config?.params,
+      data: error.config?.data,
+    };
+    this.response = {
+      data: error.response?.data,
+    };
+
+    delete error.response;
+    delete error.config;
+    delete error.request;
+    // logger.error(error);
+  }
+}
+
+export const HttpCommonError = HttpError;
+/**
+ * @description 创建请求实例
+ */
+export function createAxiosService({ logger }: { logger: Logger }) {
+  // 创建一个 axios 实例
+  const service = axios.create();
+
+  const defaultAgents = createAgent();
+  // 请求拦截
+  service.interceptors.request.use(
+    (config: any) => {
+      logger.info(`http request:${config.url}，method:${config.method}，params:${JSON.stringify(config.params)}`);
+      if (config.timeout == null) {
+        config.timeout = 15000;
+      }
+      let agents = defaultAgents;
+      if (config.skipSslVerify) {
+        logger.info('跳过SSL验证');
+        agents = createAgent({ rejectUnauthorized: false } as any);
+      }
+      delete config.skipSslVerify;
+      config.httpsAgent = agents.httpsAgent;
+      config.httpAgent = agents.httpAgent;
+      config.proxy = false; //必须 否则还会走一层代理，
+      return config;
+    },
+    (error: Error) => {
+      // 发送失败
+      logger.error('接口请求失败：', error);
+      return Promise.reject(error);
+    }
+  );
+  // 响应拦截
+  service.interceptors.response.use(
+    (response: any) => {
+      logger.info('http response:', JSON.stringify(response?.data));
+      return response.data;
+    },
+    (error: any) => {
+      const status = error.response?.status;
+      switch (status) {
+        case 400:
+          error.message = '请求错误';
+          break;
+        case 401:
+          error.message = '未授权，请登录';
+          break;
+        case 403:
+          error.message = '拒绝访问';
+          break;
+        case 404:
+          error.message = `请求地址出错: ${error.response.config.url}`;
+          break;
+        case 408:
+          error.message = '请求超时';
+          break;
+        case 500:
+          error.message = '服务器内部错误';
+          break;
+        case 501:
+          error.message = '服务未实现';
+          break;
+        case 502:
+          error.message = '网关错误';
+          break;
+        case 503:
+          error.message = '服务不可用';
+          break;
+        case 504:
+          error.message = '网关超时';
+          break;
+        case 505:
+          error.message = 'HTTP版本不受支持';
+          break;
+        default:
+          break;
+      }
+      logger.error(
+        `请求出错：status:${error.response?.status},statusText:${error.response?.statusText},url:${error.config?.url},method:${error.config?.method}。`
+      );
+      logger.error('返回数据:', JSON.stringify(error.response?.data));
+      if (error.response?.data) {
+        error.message = error.response.data.message || error.response.data.msg || error.response.data.error || error.response.data;
+      }
+      if (error instanceof AggregateError) {
+        logger.error('AggregateError', error);
+      }
+      const err = new HttpError(error);
+      return Promise.reject(err);
+    }
+  );
+  return service;
+}
+
+export const http = createAxiosService({ logger }) as HttpClient;
+export type HttpClientResponse<R> = any;
+export type HttpRequestConfig<D> = {
+  skipSslVerify?: boolean;
+  skipCheckRes?: boolean;
+} & AxiosRequestConfig<D>;
+export type HttpClient = {
+  request<D = any, R = any>(config: HttpRequestConfig<D>): Promise<HttpClientResponse<R>>;
+};
+
+export function createAgent(opts: nodeHttp.AgentOptions = {}) {
+  let httpAgent, httpsAgent;
+  const httpProxy = process.env.HTTP_PROXY || process.env.http_proxy;
+  if (httpProxy) {
+    logger.info('use httpProxy:', httpProxy);
+    httpAgent = new HttpProxyAgent(httpProxy, opts as any);
+  } else {
+    httpAgent = new nodeHttp.Agent(opts);
+  }
+  const httpsProxy = process.env.HTTPS_PROXY || process.env.https_proxy;
+  if (httpsProxy) {
+    logger.info('use httpsProxy:', httpsProxy);
+    httpsAgent = new HttpsProxyAgent(httpsProxy, opts as any);
+  } else {
+    httpsAgent = new https.Agent(opts);
+  }
+  return {
+    httpAgent,
+    httpsAgent,
+  };
+}

packages/core/basic/tsconfig.json

@@ -0,0 +1,42 @@
+{
+  "compileOnSave": true,
+  "compilerOptions": {
+    "target": "ESNext",
+    "module": "ESNext",
+    "moduleResolution": "node",
+    "esModuleInterop": true,
+    "experimentalDecorators": true,
+    "emitDecoratorMetadata": true,
+    "inlineSourceMap":true,
+    "noImplicitThis": true,
+    "noUnusedLocals": true,
+    "stripInternal": true,
+    "skipLibCheck": true,
+    "pretty": true,
+    "declaration": true,
+    "forceConsistentCasingInFileNames": true,
+    "typeRoots": [ "./typings", "./node_modules/@types"],
+    "outDir": "dist",
+    "rootDir": "src",
+    "composite": true,
+    "useDefineForClassFields": true,
+    "strict": true,
+//    "sourceMap": true,
+    "resolveJsonModule": true,
+    "isolatedModules": false,
+    "lib": ["ESNext", "DOM"],
+  },
+  "include": [
+    "src/**/*.ts",
+    "src/**/*.d.ts",
+    "src/**/*.json"
+  ],
+  "exclude": [
+    "*.js",
+    "*.ts",
+    "*.spec.ts",
+    "dist",
+    "node_modules",
+    "test"
+  ],
+}

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,87 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.2](https://github.com/certd/certd/compare/v1.26.1...v1.26.2) (2024-10-11)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.26.1](https://github.com/certd/certd/compare/v1.26.0...v1.26.1) (2024-10-10)
+
+**Note:** Version bump only for package @certd/pipeline
+
+# [1.26.0](https://github.com/certd/certd/compare/v1.25.9...v1.26.0) (2024-10-10)
+
+### Bug Fixes
+
+* 修复某些代理情况下 报 400 The plain HTTP request was sent to HTTPS port use proxy 的bug ([a13203f](https://github.com/certd/certd/commit/a13203fb3f48c427d0d81a504912248dcc07df1a))
+
+### Features
+
+* 域名验证方法支持CNAME间接方式，此方式支持所有域名注册商，且无需提供Access授权，但是需要手动添加cname解析 ([f3d3508](https://github.com/certd/certd/commit/f3d35084ed44f9f33845f7045e520be5c27eed93))
+* 站点个性化设置 ([11a9fe9](https://github.com/certd/certd/commit/11a9fe9014d96cba929e5a066e78f2af7ae59d14))
+
+### Performance Improvements
+
+* 调整全部静态资源到static目录 ([a218890](https://github.com/certd/certd/commit/a21889080d6c7ffdf0af526a3a21f0b2d1c77288))
+* 检查cname是否正确配置 ([b5d8935](https://github.com/certd/certd/commit/b5d8935159374fbe7fc7d4c48ae0ed9396861bdd))
+* cname校验配置增加未校验通过提示 ([77cc3c4](https://github.com/certd/certd/commit/77cc3c4a5cbd81f8233a8e0bb33fab0621c0905f))
+
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+### Bug Fixes
+
+* 修复某些地区被屏蔽无法激活专业版的bug ([7532a96](https://github.com/certd/certd/commit/7532a960851b84d4f2cc3dba02353c5235e1a364))
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+### Performance Improvements
+
+* 部署支持1Panel ([d047234](https://github.com/certd/certd/commit/d047234d98d31504f2e5a472b66e1b75806af26e))
+
+## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.25.4](https://github.com/certd/certd/compare/v1.25.3...v1.25.4) (2024-09-25)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.25.3](https://github.com/certd/certd/compare/v1.25.2...v1.25.3) (2024-09-24)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.25.2](https://github.com/certd/certd/compare/v1.25.1...v1.25.2) (2024-09-24)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.25.1](https://github.com/certd/certd/compare/v1.25.0...v1.25.1) (2024-09-24)
+
+**Note:** Version bump only for package @certd/pipeline
+
+# [1.25.0](https://github.com/certd/certd/compare/v1.24.4...v1.25.0) (2024-09-24)
+
+### Bug Fixes
+
+* 修复首次创建任务运行时不自动设置当前运行情况的bug ([ecd83ee](https://github.com/certd/certd/commit/ecd83ee136abdd3df9ed2f21ec2ff0f24c0ed9d9))
+
+### Performance Improvements
+
+* 群晖支持OTP双重验证登录 ([8b8039f](https://github.com/certd/certd/commit/8b8039f42bbce10a4d0e737cdeeeef9bb17bee5a))
+* 任务支持禁用 ([8ed16b3](https://github.com/certd/certd/commit/8ed16b3ea2dfe847357863a0bfa614e4fa5fc041))
+* 支持阿里云ACK证书部署 ([d331fea](https://github.com/certd/certd/commit/d331fea47789122650e057ec7c9e85ee8e66f09b))
+* 支持七牛云 ([8ecc2f9](https://github.com/certd/certd/commit/8ecc2f9446a9ebd11b9bfbffbb6cf7812a043495))
+* 支持k8s ingress secret ([e5a5d0a](https://github.com/certd/certd/commit/e5a5d0a607bb6b4e1a1f7a1a419bada5f2dee59f))
+* http请求增加默认超时时间 ([664bd86](https://github.com/certd/certd/commit/664bd863e5b4895aabe2384277c0c65f5902fdb2))
+* plugins增加图标 ([a8da658](https://github.com/certd/certd/commit/a8da658a9723342b4f43a579f7805bfef0648efb))
+
 ## [1.24.4](https://github.com/certd/certd/compare/v1.24.3...v1.24.4) (2024-09-09)
 
 ### Performance Improvements

packages/core/pipeline/build.md

@@ -1 +1 @@
-17:29
+02:40

packages/core/pipeline/package.json

@@ -1,25 +1,33 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.24.4",
+  "version": "1.26.2",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "scripts": {
     "dev": "vite",
-    "build": "tsc --skipLibCheck",
+    "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
+    "build": "npm run before-build && tsc --skipLibCheck",
+    "dev-build": "npm run build",
     "build3": "rollup -c",
-    "build2": "vue-tsc --noEmit && vite build",
     "preview": "vite preview",
     "test": "mocha   --loader=ts-node/esm"
   },
   "dependencies": {
-    "@certd/plus": "1.22.1",
+    "@certd/basic": "^1.26.2",
+    "@certd/plus-core": "^1.26.2",
     "axios": "^1.7.2",
+    "dayjs": "^1.11.7",
     "fix-path": "^4.0.0",
+    "http-proxy-agent": "^7.0.2",
+    "https-proxy-agent": "^7.0.5",
     "lodash-es": "^4.17.21",
+    "lru-cache": "^10.0.0",
+    "nanoid": "^5.0.7",
     "node-forge": "^1.3.1",
     "nodemailer": "^6.9.3",
+    "proxy-agent": "^6.4.0",
     "qs": "^6.11.2"
   },
   "devDependencies": {
@@ -47,15 +55,16 @@
     "mocha": "^10.2.0",
     "prettier": "^2.8.8",
     "reflect-metadata": "^0.1.13",
+    "rimraf": "^5.0.5",
     "rollup": "^3.7.4",
     "rollup-plugin-typescript2": "^0.34.1",
     "rollup-plugin-visualizer": "^5.8.2",
     "ts-node": "^10.9.1",
     "tsc-esm-fix": "^3.0.0",
     "tslib": "^2.5.2",
-    "typescript": "^5.0.4",
+    "typescript": "^5.4.2",
     "vite": "^4.3.8",
     "vue-tsc": "^1.6.5"
   },
-  "gitHead": "c49ccbde93dbad7062ac39d4f18eca7d561f573f"
+  "gitHead": "daf575e7c3b808e6b7db48e50c62ebd9fa213b0a"
 }

packages/core/pipeline/src/access/api.ts

@@ -1,5 +1,8 @@
 import { Registrable } from "../registry/index.js";
 import { FormItemProps } from "../dt/index.js";
+import { HttpClient, ILogger, utils } from "../utils/index.js";
+import _ from "lodash-es";
+import { AccessRequestHandleReq } from "../core";
 
 export type AccessInputDefine = FormItemProps & {
   title: string;
@@ -12,8 +15,39 @@ export type AccessDefine = Registrable & {
   };
 };
 export interface IAccessService {
-  getById(id: any): Promise<any>;
+  getById<T = any>(id: any): Promise<T>;
 }
 
-// eslint-disable-next-line @typescript-eslint/no-empty-interface
-export interface IAccess {}
+export interface IAccess {
+  ctx: AccessContext;
+  [key: string]: any;
+}
+
+export type AccessContext = {
+  http: HttpClient;
+  logger: ILogger;
+  utils: typeof utils;
+};
+
+export abstract class BaseAccess implements IAccess {
+  ctx!: AccessContext;
+
+  async onRequest(req: AccessRequestHandleReq) {
+    if (!req.action) {
+      throw new Error("action is required");
+    }
+
+    let methodName = req.action;
+    if (!req.action.startsWith("on")) {
+      methodName = `on${_.upperFirst(req.action)}`;
+    }
+
+    // @ts-ignore
+    const method = this[methodName];
+    if (method) {
+      // @ts-ignore
+      return await this[methodName](req.data);
+    }
+    throw new Error(`action ${req.action} not found`);
+  }
+}

packages/core/pipeline/src/access/decorator.ts

@@ -1,8 +1,9 @@
 // src/decorator/memoryCache.decorator.ts
-import { AccessDefine, AccessInputDefine } from "./api.js";
+import { AccessContext, AccessDefine, AccessInputDefine } from "./api.js";
 import { Decorator } from "../decorator/index.js";
 import _ from "lodash-es";
 import { accessRegistry } from "./registry.js";
+import { http, logger, utils } from "../utils/index.js";
 
 // 提供一个唯一 key
 export const ACCESS_CLASS_KEY = "pipeline:access";
@@ -37,3 +38,24 @@ export function AccessInput(input?: AccessInputDefine): PropertyDecorator {
     Reflect.defineMetadata(ACCESS_INPUT_KEY, input, target, propertyKey);
   };
 }
+
+export function newAccess(type: string, input: any, ctx?: AccessContext) {
+  const register = accessRegistry.get(type);
+  if (register == null) {
+    throw new Error(`access ${type} not found`);
+  }
+  // @ts-ignore
+  const access = new register.target();
+  for (const key in input) {
+    access[key] = input[key];
+  }
+  if (!ctx) {
+    ctx = {
+      http,
+      logger,
+      utils,
+    };
+  }
+  access.ctx = ctx;
+  return access;
+}

packages/core/pipeline/src/core/executor.ts

@@ -1,28 +1,28 @@
 import { ConcurrencyStrategy, NotificationWhen, Pipeline, ResultType, Runnable, RunStrategy, Stage, Step, Task } from "../dt/index.js";
 import _ from "lodash-es";
 import { RunHistory, RunnableCollection } from "./run-history.js";
-import { AbstractTaskPlugin, PluginDefine, pluginRegistry, TaskInstanceContext } from "../plugin/index.js";
+import { AbstractTaskPlugin, PluginDefine, pluginRegistry, TaskInstanceContext, UserInfo } from "../plugin/index.js";
 import { ContextFactory, IContext } from "./context.js";
 import { IStorage } from "./storage.js";
-import { logger } from "../utils/util.log.js";
+import { logger } from "../utils/index.js";
 import { Logger } from "log4js";
-import { createAxiosService } from "../utils/util.request.js";
+import { createAxiosService } from "../utils/index.js";
 import { IAccessService } from "../access/index.js";
 import { RegistryItem } from "../registry/index.js";
 import { Decorator } from "../decorator/index.js";
-import { IEmailService } from "../service/index.js";
+import { ICnameProxyService, IEmailService } from "../service/index.js";
 import { FileStore } from "./file-store.js";
-import { hashUtils } from "../utils/index.js";
-// import { TimeoutPromise } from "../utils/util.promise.js";
+import { hashUtils, utils } from "../utils/index.js";
 
 export type ExecutorOptions = {
-  userId: any;
   pipeline: Pipeline;
   storage: IStorage;
   onChanged: (history: RunHistory) => Promise<void>;
   accessService: IAccessService;
   emailService: IEmailService;
+  cnameProxyService: ICnameProxyService;
   fileRootDir?: string;
+  user: UserInfo;
 };
 
 export class Executor {
@@ -46,7 +46,7 @@ export class Executor {
     this.onChanged = async (history: RunHistory) => {
       await options.onChanged(history);
     };
-    this.pipeline.userId = options.userId;
+    this.pipeline.userId = options.user.id;
     this.contextFactory = new ContextFactory(options.storage);
     this.logger = logger;
     this.pipelineContext = this.contextFactory.getContext("pipeline", this.pipeline.id);
@@ -104,11 +104,18 @@ export class Executor {
 
   async runWithHistory(runnable: Runnable, runnableType: string, run: () => Promise<ResultType | void>) {
     runnable.runnableType = runnableType;
+
     this.runtime.start(runnable);
-    // const timeout = runnable.timeout ?? 20 * 60 * 1000;
-    await this.onChanged(this.runtime);
 
     try {
+      if (runnable.disabled) {
+        //该任务被禁用
+        this.runtime.disabled(runnable);
+        return ResultType.disabled;
+      }
+
+      await this.onChanged(this.runtime);
+
       if (this.abort.signal.aborted) {
         this.runtime.cancel(runnable);
         return ResultType.canceled;
@@ -214,7 +221,7 @@ export class Executor {
     //从outputContext读取输入参数
     const input = _.cloneDeep(step.input);
     Decorator.inject(define.input, instance, input, (item, key) => {
-      if (item.component?.name === "pi-output-selector") {
+      if (item.component?.name === "output-selector") {
         const contextKey = input[key];
         if (contextKey != null) {
           if (typeof contextKey !== "string") {
@@ -261,14 +268,17 @@ export class Executor {
       inputChanged,
       accessService: this.options.accessService,
       emailService: this.options.emailService,
+      cnameProxyService: this.options.cnameProxyService,
       pipelineContext: this.pipelineContext,
-      userContext: this.contextFactory.getContext("user", this.options.userId),
+      userContext: this.contextFactory.getContext("user", this.options.user.id),
       fileStore: new FileStore({
         scope: this.pipeline.id,
         parent: this.runtime.id,
         rootDir: this.options.fileRootDir,
       }),
       signal: this.abort.signal,
+      utils,
+      user: this.options.user,
     };
     instance.setCtx(taskCtx);
 

packages/core/pipeline/src/core/handler.ts

@@ -0,0 +1,21 @@
+import { HttpClient, ILogger, utils } from "../utils/index.js";
+
+export type PluginRequestHandleReq<T = any> = {
+  typeName: string;
+  action: string;
+  input: T;
+  data: any;
+};
+
+export type AccessRequestHandleReqInput<T = any> = {
+  id?: number;
+  title?: string;
+  access: T;
+};
+export type AccessRequestHandleContext = {
+  http: HttpClient;
+  logger: ILogger;
+  utils: typeof utils;
+};
+
+export type AccessRequestHandleReq<T = any> = PluginRequestHandleReq<AccessRequestHandleReqInput<T>>;

packages/core/pipeline/src/core/index.ts

@@ -4,3 +4,4 @@ export * from "./context.js";
 export * from "./storage.js";
 export * from "./file-store.js";
 export * from "./license.js";
+export * from "./handler.js";

packages/core/pipeline/src/core/license.ts

@@ -1,10 +1,16 @@
 import { logger } from "../utils/index.js";
-import { setLogger, isPlus } from "@certd/plus";
+import { setLogger, isPlus, isComm } from "@certd/plus-core";
 setLogger(logger);
-export * from "@certd/plus";
+export * from "@certd/plus-core";
 
 export function checkPlus() {
   if (!isPlus()) {
     throw new Error("此为专业版功能，请升级到专业版");
   }
 }
+
+export function checkComm() {
+  if (!isComm()) {
+    throw new Error("此为商业版功能，请升级到商业版");
+  }
+}

packages/core/pipeline/src/core/run-history.ts

@@ -1,6 +1,6 @@
 import { HistoryResult, Pipeline, ResultType, Runnable, RunnableMap, Stage, Step, Task } from "../dt/index.js";
 import _ from "lodash-es";
-import { buildLogger } from "../utils/util.log.js";
+import { buildLogger } from "../utils/index.js";
 import { Logger } from "log4js";
 
 export type HistoryStatus = {
@@ -74,6 +74,17 @@ export class RunHistory {
     this.log(runnable, `跳过`);
   }
 
+  disabled(runnable: Runnable) {
+    const now = new Date().getTime();
+    const status = runnable.status;
+    _.merge(status, {
+      status: "canceled",
+      endTime: now,
+      result: "disabled",
+    });
+    this.log(runnable, `禁用`);
+  }
+
   error(runnable: Runnable, e: Error) {
     const now = new Date().getTime();
     const status = runnable.status;

packages/core/pipeline/src/core/storage.ts

@@ -1,6 +1,6 @@
 import fs from "fs";
 import path from "path";
-import { fileUtils } from "../utils/util.file.js";
+import { fileUtils } from "../utils/index.js";
 
 export interface IStorage {
   get(scope: string, namespace: string, version: string, key: string): Promise<string | null>;

packages/core/pipeline/src/dt/pipeline.ts

@@ -46,6 +46,7 @@ export type Stage = Runnable & {
   tasks: Task[];
   concurrency: ConcurrencyStrategy;
   next: NextStrategy;
+  maxTaskCount?: number;
 };
 
 export type Trigger = {
@@ -70,6 +71,7 @@ export type Runnable = {
   default?: {
     [key: string]: any;
   };
+  disabled?: boolean;
 };
 
 export type EmailOptions = {
@@ -108,6 +110,7 @@ export enum ResultType {
   error = "error",
   canceled = "canceled",
   skip = "skip",
+  disabled = "disabled",
   none = "none",
 }
 

packages/core/pipeline/src/index.ts

@@ -1,4 +1,3 @@
-import "util";
 export * from "./core/index.js";
 export * from "./dt/index.js";
 export * from "./access/index.js";

packages/core/pipeline/src/plugin/api.ts

@@ -3,11 +3,16 @@ import { FileItem, FormItemProps, Pipeline, Runnable, Step } from "../dt/index.j
 import { FileStore } from "../core/file-store.js";
 import { Logger } from "log4js";
 import { IAccessService } from "../access/index.js";
-import { IEmailService } from "../service/index.js";
-import { IContext } from "../core/index.js";
-import { ILogger, logger } from "../utils/index.js";
-import { HttpClient } from "../utils/util.request";
-
+import { ICnameProxyService, IEmailService } from "../service/index.js";
+import { IContext, PluginRequestHandleReq, RunnableCollection } from "../core/index.js";
+import { ILogger, logger, utils } from "../utils/index.js";
+import { HttpClient } from "../utils/index.js";
+import dayjs from "dayjs";
+import _ from "lodash-es";
+export type UserInfo = {
+  role: "admin" | "user";
+  id: any;
+};
 export enum ContextScope {
   global,
   pipeline,
@@ -25,6 +30,7 @@ export type TaskInputDefine = FormItemProps;
 export type PluginDefine = Registrable & {
   default?: any;
   group?: string;
+  icon?: string;
   input?: {
     [key: string]: TaskInputDefine;
   };
@@ -36,18 +42,13 @@ export type PluginDefine = Registrable & {
     [key: string]: any;
   };
 
-  reference?: {
-    src: string;
-    dest: string;
-    type: "computed";
-  }[];
-
   needPlus?: boolean;
 };
 
 export type ITaskPlugin = {
   onInstance(): Promise<void>;
   execute(): Promise<void>;
+  onRequest(req: PluginRequestHandleReq<any>): Promise<any>;
   [key: string]: any;
 };
 
@@ -57,18 +58,36 @@ export type TaskResult = {
   pipelineVars: Record<string, any>;
 };
 export type TaskInstanceContext = {
+  //流水线定义
   pipeline: Pipeline;
+  //步骤定义
   step: Step;
+  //日志
   logger: Logger;
+  //当前步骤输入参数跟上一次执行比较是否有变化
   inputChanged: boolean;
+  //授权获取服务
   accessService: IAccessService;
+  //邮件服务
   emailService: IEmailService;
+  //cname记录服务
+  cnameProxyService: ICnameProxyService;
+  //流水线上下文
   pipelineContext: IContext;
+  //用户上下文
   userContext: IContext;
+  //http请求客户端
   http: HttpClient;
+  //文件存储
   fileStore: FileStore;
+  //上一次执行结果状态
   lastStatus?: Runnable;
+  //用户取消信号
   signal: AbortSignal;
+  //工具类
+  utils: typeof utils;
+  //用户信息
+  user: UserInfo;
 };
 
 export abstract class AbstractTaskPlugin implements ITaskPlugin {
@@ -91,6 +110,17 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
     this.accessService = ctx.accessService;
   }
 
+  async getAccess(accessId: string) {
+    if (accessId == null) {
+      throw new Error("您还没有配置授权");
+    }
+    const res = await this.ctx.accessService.getById(accessId);
+    if (res == null) {
+      throw new Error("授权不存在，可能已被删除，请前往任务配置里面重新选择授权");
+    }
+    return res;
+  }
+
   randomFileId() {
     return Math.random().toString(36).substring(2, 9);
   }
@@ -124,6 +154,51 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
   }
 
   abstract execute(): Promise<void>;
+
+  appendTimeSuffix(name?: string) {
+    if (name == null) {
+      name = "certd";
+    }
+    return name + "_" + dayjs().format("YYYYMMDDHHmmss");
+  }
+
+  async onRequest(req: PluginRequestHandleReq<any>) {
+    if (!req.action) {
+      throw new Error("action is required");
+    }
+
+    let methodName = req.action;
+    if (!req.action.startsWith("on")) {
+      methodName = `on${_.upperFirst(req.action)}`;
+    }
+
+    // @ts-ignore
+    const method = this[methodName];
+    if (method) {
+      // @ts-ignore
+      return await this[methodName](req.data);
+    }
+    throw new Error(`action ${req.action} not found`);
+  }
+
+  isAdmin() {
+    return this.ctx.user.role === "admin";
+  }
+
+  getStepFromPipeline(stepId: string) {
+    let found: any = null;
+    RunnableCollection.each(this.ctx.pipeline.stages, (step) => {
+      if (step.id === stepId) {
+        found = step;
+        return;
+      }
+    });
+    return found;
+  }
+
+  getStepIdFromRefInput(ref = ".") {
+    return ref.split(".")[1];
+  }
 }
 
 export type OutputVO = {

packages/core/pipeline/src/plugin/group.ts

@@ -22,5 +22,6 @@ export const pluginGroups = {
   tencent: new PluginGroup("tencent", "腾讯云", 4),
   host: new PluginGroup("host", "主机", 5),
   cdn: new PluginGroup("cdn", "CDN", 6),
-  other: new PluginGroup("other", "其他", 7),
+  panel: new PluginGroup("panel", "面板", 7),
+  other: new PluginGroup("other", "其他", 8),
 };

packages/core/pipeline/src/plugin/test/echo-plugin.ts

@@ -1,25 +0,0 @@
-import { ITaskPlugin } from "../api.js";
-import { IsTaskPlugin, TaskInput } from "../decorator.js";
-
-@IsTaskPlugin({
-  name: "EchoPlugin",
-  title: "测试插件",
-  desc: "test",
-})
-export class EchoPlugin implements ITaskPlugin {
-  @TaskInput({
-    title: "测试属性",
-    component: {
-      name: "text",
-    },
-  })
-  test?: string;
-
-  onInstance(): Promise<void> {
-    throw new Error("Method not implemented.");
-  }
-
-  async execute(): Promise<void> {
-    return Promise.resolve(undefined);
-  }
-}

packages/core/pipeline/src/registry/registry.ts

@@ -5,6 +5,7 @@ export type Registrable = {
   title: string;
   desc?: string;
   group?: string;
+  deprecated?: string;
 };
 
 export type RegistryItem<T> = {
@@ -67,6 +68,9 @@ export class Registry<T> {
     for (const key in this.storage) {
       const define = this.getDefine(key);
       if (define) {
+        if (define?.deprecated) {
+          continue;
+        }
         list.push({ ...define, key });
       }
     }

packages/core/pipeline/src/service/cname.ts

@@ -0,0 +1,17 @@
+export type CnameProvider = {
+  id: any;
+  domain: string;
+  dnsProviderType: string;
+  accessId: any;
+};
+export type CnameRecord = {
+  id: any;
+  domain: string;
+  hostRecord: string;
+  recordValue: string;
+  cnameProvider: CnameProvider;
+  status: string;
+};
+export type ICnameProxyService = {
+  getByDomain: (domain: string) => Promise<CnameRecord>;
+};

packages/core/pipeline/src/service/index.ts

@@ -1 +1,2 @@
 export * from "./email.js";
+export * from "./cname.js";

packages/core/pipeline/src/utils/index.ts

@@ -1,12 +1 @@
-import sleep from "./util.sleep.js";
-import { http } from "./util.request.js";
-export * from "./util.request.js";
-export * from "./util.log.js";
-export * from "./util.file.js";
-export * from "./util.sp.js";
-export * as promises from "./util.promise.js";
-export * from "./util.hash.js";
-export const utils = {
-  sleep,
-  http,
-};
+export * from "@certd/basic";

packages/core/pipeline/src/utils/util.request.ts

@@ -1,98 +0,0 @@
-import axios, { AxiosRequestConfig } from "axios";
-import { logger } from "./util.log.js";
-import { Logger } from "log4js";
-
-export class HttpError extends Error {
-  status?: number;
-  statusText?: string;
-  code?: string;
-  request?: { url: string; method: string; params?: any; data?: any };
-  response?: { data: any };
-  cause?: any;
-  constructor(error: any) {
-    if (!error) {
-      return;
-    }
-    super(error.message);
-    this.name = error.name;
-    this.code = error.code;
-    this.cause = error.cause;
-
-    this.status = error.response?.status;
-    this.statusText = error.response?.statusText;
-    this.request = {
-      url: error.config?.url,
-      method: error.config?.method,
-      params: error.config?.params,
-      data: error.config?.data,
-    };
-    this.response = {
-      data: error.response?.data,
-    };
-
-    delete error.response;
-    delete error.config;
-    delete error.request;
-    logger.error(error);
-  }
-}
-/**
- * @description 创建请求实例
- */
-export function createAxiosService({ logger }: { logger: Logger }) {
-  // 创建一个 axios 实例
-  const service = axios.create();
-  // 请求拦截
-  service.interceptors.request.use(
-    (config: any) => {
-      logger.info(`http request:${config.url}，method:${config.method}，params:${JSON.stringify(config.params)}`);
-      return config;
-    },
-    (error: Error) => {
-      // 发送失败
-      logger.error("接口请求失败：", error);
-      return Promise.reject(error);
-    }
-  );
-  // 响应拦截
-  service.interceptors.response.use(
-    (response: any) => {
-      logger.info("http response:", JSON.stringify(response?.data));
-      return response.data;
-    },
-    (error: any) => {
-      // const status = _.get(error, 'response.status')
-      // switch (status) {
-      //   case 400: error.message = '请求错误'; break
-      //   case 401: error.message = '未授权，请登录'; break
-      //   case 403: error.message = '拒绝访问'; break
-      //   case 404: error.message = `请求地址出错: ${error.response.config.url}`; break
-      //   case 408: error.message = '请求超时'; break
-      //   case 500: error.message = '服务器内部错误'; break
-      //   case 501: error.message = '服务未实现'; break
-      //   case 502: error.message = '网关错误'; break
-      //   case 503: error.message = '服务不可用'; break
-      //   case 504: error.message = '网关超时'; break
-      //   case 505: error.message = 'HTTP版本不受支持'; break
-      //   default: break
-      // }
-      logger.error(
-        `请求出错：status:${error.response?.status},statusText:${error.response?.statusText},url:${error.config?.url},method:${error.config?.method}。`
-      );
-      logger.error("返回数据:", JSON.stringify(error.response?.data));
-
-      if (error instanceof AggregateError) {
-        logger.error(error);
-      }
-      const err = new HttpError(error);
-      return Promise.reject(err);
-    }
-  );
-  return service;
-}
-
-export const http = createAxiosService({ logger }) as HttpClient;
-export type HttpClientResponse<R> = any;
-export type HttpClient = {
-  request<D = any, R = any>(config: AxiosRequestConfig<D>): Promise<HttpClientResponse<R>>;
-};

packages/core/pipeline/test/echo-plugin.ts

@@ -1,27 +0,0 @@
-import { Autowire, IsTaskPlugin, ITaskPlugin, TaskInput, TaskOutput } from "../src";
-
-@IsTaskPlugin({
-  name: "EchoPlugin",
-  title: "测试插件【echo】",
-})
-export class EchoPlugin implements ITaskPlugin {
-  @TaskInput({
-    title: "cert",
-    component: {
-      name: "pi-output-selector",
-    },
-    helper: "输出选择",
-  })
-  cert!: any;
-
-  @TaskOutput({
-    title: "cert info",
-  })
-  certInfo!: any;
-
-  // eslint-disable-next-line @typescript-eslint/no-empty-function
-  async onInstance(): Promise<void> {}
-  async execute(): Promise<void> {
-    console.log("input :cert", this.cert);
-  }
-}

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,38 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.26.2](https://github.com/certd/certd/compare/v1.26.1...v1.26.2) (2024-10-11)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.26.1](https://github.com/certd/certd/compare/v1.26.0...v1.26.1) (2024-10-10)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.26.0](https://github.com/certd/certd/compare/v1.25.9...v1.26.0) (2024-10-10)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.24.3](https://github.com/certd/certd/compare/v1.24.2...v1.24.3) (2024-09-06)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,20 +1,21 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.24.3",
+  "version": "1.26.2",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
   "scripts": {
     "dev": "vite",
-    "build": "rollup -c ",
-    "build2": "vue-tsc --noEmit && vite build",
+    "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
+    "build": "npm run before-build && rollup -c ",
+    "dev-build": "npm run build",
     "preview": "vite preview"
   },
   "dependencies": {
-    "@certd/pipeline": "1.21.0",
     "axios": "^1.7.2",
+    "rimraf": "^5.0.5",
     "rollup": "^3.7.4"
   },
-  "gitHead": "c49ccbde93dbad7062ac39d4f18eca7d561f573f"
+  "gitHead": "daf575e7c3b808e6b7db48e50c62ebd9fa213b0a"
 }

packages/libs/lib-iframe/.eslintrc

@@ -0,0 +1,23 @@
+{
+  "parser": "@typescript-eslint/parser",
+  "plugins": [
+    "@typescript-eslint"
+  ],
+  "extends": [
+    "plugin:@typescript-eslint/recommended",
+    "plugin:prettier/recommended",
+    "prettier"
+  ],
+  "env": {
+    "mocha": true
+  },
+  "rules": {
+    "@typescript-eslint/no-var-requires": "off",
+    "@typescript-eslint/ban-ts-comment": "off",
+    "@typescript-eslint/ban-ts-ignore": "off",
+    "@typescript-eslint/no-explicit-any": "off",
+    "@typescript-eslint/no-empty-function": "off",
+//    "no-unused-expressions": "off",
+    "max-len": [0, 160, 2, { "ignoreUrls": true }]
+  }
+}

packages/libs/lib-iframe/.gitignore

@@ -0,0 +1,28 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+lerna-debug.log*
+
+node_modules
+dist
+dist-ssr
+*.local
+
+# Editor directories and files
+.vscode/*
+!.vscode/extensions.json
+.idea
+.DS_Store
+*.suo
+*.ntvs*
+*.njsproj
+*.sln
+*.sw?
+
+src/test/user.secret.ts
+
+src/**/*.js

packages/libs/lib-iframe/.npmignore

@@ -0,0 +1,2 @@
+node_modules
+src

packages/libs/lib-iframe/.prettierrc

@@ -0,0 +1,7 @@
+{
+  "printWidth": 160,
+  "bracketSpacing": true,
+  "singleQuote": true,
+  "trailingComma": "es5",
+  "arrowParens": "avoid"
+}

packages/libs/lib-iframe/CHANGELOG.md

@@ -0,0 +1,121 @@
+# Change Log
+
+All notable changes to this project will be documented in this file.
+See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
+
+## [1.26.2](https://github.com/certd/certd/compare/v1.26.1...v1.26.2) (2024-10-11)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.26.1](https://github.com/certd/certd/compare/v1.26.0...v1.26.1) (2024-10-10)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.26.0](https://github.com/certd/certd/compare/v1.25.9...v1.26.0) (2024-10-10)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+### Performance Improvements
+
+* 部署支持1Panel ([d047234](https://github.com/certd/certd/commit/d047234d98d31504f2e5a472b66e1b75806af26e))
+
+## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.4](https://github.com/certd/certd/compare/v1.25.3...v1.25.4) (2024-09-25)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.3](https://github.com/certd/certd/compare/v1.25.2...v1.25.3) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.2](https://github.com/certd/certd/compare/v1.25.1...v1.25.2) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.1](https://github.com/certd/certd/compare/v1.25.0...v1.25.1) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.25.0](https://github.com/certd/certd/compare/v1.24.4...v1.25.0) (2024-09-24)
+
+### Features
+
+* 支持vip转移 ([361e8fe](https://github.com/certd/certd/commit/361e8fe7ae5877e23fd5de31bc919bedd09c57f5))
+
+## [1.24.4](https://github.com/certd/certd/compare/v1.24.3...v1.24.4) (2024-09-09)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.24.3](https://github.com/certd/certd/compare/v1.24.2...v1.24.3) (2024-09-06)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.24.2](https://github.com/certd/certd/compare/v1.24.1...v1.24.2) (2024-09-06)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.24.1](https://github.com/certd/certd/compare/v1.24.0...v1.24.1) (2024-09-02)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+# [1.24.0](https://github.com/certd/certd/compare/v1.23.1...v1.24.0) (2024-08-25)
+
+### Performance Improvements
+
+* 更新k8s底层api库 ([746bb9d](https://github.com/certd/certd/commit/746bb9d385e2f397daef4976eca1d4782a2f5ebd))
+
+## [1.23.1](https://github.com/certd/certd/compare/v1.23.0...v1.23.1) (2024-08-06)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.22.8](https://github.com/certd/certd/compare/v1.22.7...v1.22.8) (2024-08-05)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.22.7](https://github.com/certd/certd/compare/v1.22.6...v1.22.7) (2024-08-04)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.22.6](https://github.com/certd/certd/compare/v1.22.5...v1.22.6) (2024-08-03)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.22.5](https://github.com/certd/certd/compare/v1.22.4...v1.22.5) (2024-07-26)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.22.3](https://github.com/certd/certd/compare/v1.22.2...v1.22.3) (2024-07-25)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.22.2](https://github.com/certd/certd/compare/v1.22.1...v1.22.2) (2024-07-23)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.22.1](https://github.com/certd/certd/compare/v1.22.0...v1.22.1) (2024-07-20)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+# [1.22.0](https://github.com/certd/certd/compare/v1.21.2...v1.22.0) (2024-07-19)
+
+### Features
+
+* 升级midway，支持esm ([485e603](https://github.com/certd/certd/commit/485e603b5165c28bc08694997726eaf2a585ebe7))
+* 支持postgresql ([3b19bfb](https://github.com/certd/certd/commit/3b19bfb4291e89064b3b407a80dae092d54747d5))

packages/libs/lib-iframe/README.md

@@ -0,0 +1,16 @@
+# Vue 3 + TypeScript + Vite
+
+This template should help get you started developing with Vue 3 and TypeScript in Vite. The template uses Vue 3 `<script setup>` SFCs, check out the [script setup docs](https://v3.vuejs.org/api/sfc-script-setup.html#sfc-script-setup) to learn more.
+
+## Recommended IDE Setup
+
+- [VS Code](https://code.visualstudio.com/) + [Volar](https://marketplace.visualstudio.com/items?itemName=Vue.volar)
+
+## Type Support For `.vue` Imports in TS
+
+Since TypeScript cannot handle type information for `.vue` imports, they are shimmed to be a generic Vue component type by default. In most cases this is fine if you don't really care about component prop types outside of templates. However, if you wish to get actual prop types in `.vue` imports (for example to get props validation when using manual `h(...)` calls), you can enable Volar's Take Over mode by following these steps:
+
+1. Run `Extensions: Show Built-in Extensions` from VS Code's command palette, look for `TypeScript and JavaScript Language Features`, then right click and select `Disable (Workspace)`. By default, Take Over mode will enable itself if the default TypeScript extension is disabled.
+2. Reload the VS Code window by running `Developer: Reload Window` from the command palette.
+
+You can learn more about Take Over mode [here](https://github.com/johnsoncodehk/volar/discussions/471).

packages/libs/lib-iframe/fix-esm-import-paths.js

@@ -0,0 +1,96 @@
+import * as fs from "fs";
+import * as path from "path";
+
+// https://gist.github.com/lovasoa/8691344
+async function* walk(dir) {
+  for await (const d of await fs.promises.opendir(dir)) {
+    const entry = path.join(dir, d.name);
+    if (d.isDirectory()) {
+      yield* walk(entry);
+    } else if (d.isFile()) {
+      yield entry;
+    }
+  }
+}
+
+function resolveImportPath(sourceFile, importPath, options) {
+  const sourceFileAbs = path.resolve(process.cwd(), sourceFile);
+  const root = path.dirname(sourceFileAbs);
+  const { moduleFilter = defaultModuleFilter } = options;
+
+  if (moduleFilter(importPath)) {
+    const importPathAbs = path.resolve(root, importPath);
+    let possiblePath = [path.resolve(importPathAbs, "./index.ts"), path.resolve(importPathAbs, "./index.js"), importPathAbs + ".ts", importPathAbs + ".js"];
+
+    if (possiblePath.length) {
+      for (let i = 0; i < possiblePath.length; i++) {
+        let entry = possiblePath[i];
+        if (fs.existsSync(entry)) {
+          const resolved = path.relative(root, entry.replace(/\.ts$/, ".js"));
+
+          if (!resolved.startsWith(".")) {
+            return "./" + resolved;
+          }
+
+          return resolved;
+        }
+      }
+    }
+  }
+
+  return null;
+}
+
+function replace(filePath, outFilePath, options) {
+  const code = fs.readFileSync(filePath).toString();
+  const newCode = code.replace(/(import|export) (.+?) from ('[^\n']+'|"[^\n"]+");/gs, function (found, action, imported, from) {
+    const importPath = from.slice(1, -1);
+    let resolvedPath = resolveImportPath(filePath, importPath, options);
+
+    if (resolvedPath) {
+      resolvedPath = resolvedPath.replaceAll("\\", "/");
+      console.log("\t", importPath, resolvedPath);
+      return `${action} ${imported} from "${resolvedPath}";`;
+    }
+
+    return found;
+  });
+
+  if (code !== newCode) {
+    fs.writeFileSync(outFilePath, newCode);
+  }
+}
+
+// Then, use it with a simple async for loop
+async function run(srcDir, options = defaultOptions) {
+  const { sourceFileFilter = defaultSourceFileFilter } = options;
+
+  for await (const entry of walk(srcDir)) {
+    if (sourceFileFilter(entry)) {
+      console.log(entry);
+      replace(entry, entry, options);
+    }
+  }
+}
+
+const defaultSourceFileFilter = function (sourceFilePath) {
+  return /\.(js|ts)$/.test(sourceFilePath) && !/node_modules/.test(sourceFilePath);
+};
+
+const defaultModuleFilter = function (importedModule) {
+  return !path.isAbsolute(importedModule) && !importedModule.startsWith("@") && !importedModule.endsWith(".js");
+};
+
+const defaultOptions = {
+  sourceFileFilter: defaultSourceFileFilter,
+  moduleFilter: defaultModuleFilter,
+};
+
+// Switch this to test on one file or directly run on a directory.
+const DEBUG = false;
+
+if (DEBUG) {
+  replace("./src/index.ts", "./out.ts", defaultOptions);
+} else {
+  await run("./src/", defaultOptions);
+}

packages/libs/lib-iframe/package.json

@@ -0,0 +1,43 @@
+{
+  "name": "@certd/lib-iframe",
+  "private": false,
+  "version": "1.26.2",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "scripts": {
+    "dev": "vite",
+    "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
+    "build": "npm run before-build && tsc --skipLibCheck",
+    "dev-build": "npm run build",
+    "build3": "rollup -c",
+    "build2": "vue-tsc --noEmit && vite build",
+    "preview": "vite preview"
+  },
+  "dependencies": {
+    "nanoid": "^4.0.0"
+  },
+  "devDependencies": {
+    "@rollup/plugin-commonjs": "^23.0.4",
+    "@rollup/plugin-json": "^6.0.0",
+    "@rollup/plugin-node-resolve": "^15.0.1",
+    "@rollup/plugin-terser": "^0.4.3",
+    "@rollup/plugin-typescript": "^11.0.0",
+    "@types/chai": "^4.3.3",
+    "@typescript-eslint/eslint-plugin": "^5.38.1",
+    "@typescript-eslint/parser": "^5.38.1",
+    "eslint": "^8.24.0",
+    "eslint-config-prettier": "^8.5.0",
+    "eslint-plugin-import": "^2.26.0",
+    "eslint-plugin-node": "^11.1.0",
+    "eslint-plugin-prettier": "^4.2.1",
+    "prettier": "^2.8.8",
+    "rimraf": "^5.0.5",
+    "rollup": "^3.7.4",
+    "rollup-plugin-visualizer": "^5.8.2",
+    "ts-node": "^10.9.1",
+    "tslib": "^2.5.2",
+    "typescript": "^5.4.2"
+  },
+  "gitHead": "daf575e7c3b808e6b7db48e50c62ebd9fa213b0a"
+}

packages/libs/lib-iframe/src/index.ts

@@ -0,0 +1 @@
+export * from './lib/iframe.client.js';

packages/libs/lib-iframe/src/lib/iframe.client.ts

@@ -0,0 +1,122 @@
+import { nanoid } from 'nanoid';
+
+export type IframeMessageData<T> = {
+  action: string;
+  id: string;
+  data?: T;
+  replyId?: string;
+  errorCode?: number; //0为成功
+  message?: string;
+};
+
+export type IframeMessageReq<T = any, R = any> = {
+  req: IframeMessageData<T>;
+  onReply: (data: IframeMessageData<R>) => void;
+};
+
+export class IframeException extends Error {
+  code?: number = 0;
+  constructor(data: IframeMessageData<any>) {
+    super(data.message);
+    this.code = data.errorCode;
+  }
+}
+
+export class IframeClient {
+  requestQueue: Record<string, IframeMessageReq> = {};
+  //当前客户端是否是父级页面
+  iframe?: HTMLIFrameElement;
+  onError?: any;
+
+  handlers: Record<string, (data: IframeMessageData<any>) => Promise<void>> = {};
+  constructor(iframe?: HTMLIFrameElement, onError?: (e: any) => void) {
+    this.iframe = iframe;
+    this.onError = onError;
+    window.addEventListener('message', async (event: MessageEvent<IframeMessageData<any>>) => {
+      const data = event.data;
+      if (data.action) {
+        console.log(`收到消息[isSub:${this.isInFrame()}]`, data);
+        try {
+          const handler = this.handlers[data.action];
+          if (handler) {
+            const res = await handler(data);
+            if (data.id && data.action !== 'reply') {
+              await this.send('reply', res, data.id);
+            }
+          } else {
+            throw new Error(`action:${data.action} 未注册处理器，可能版本过低`);
+          }
+        } catch (e: any) {
+          console.error(e);
+          await this.send('reply', {}, data.id, 500, e.message);
+        }
+      }
+    });
+
+    this.register('reply', async data => {
+      const req = this.requestQueue[data.replyId!];
+      if (req) {
+        req.onReply(data);
+        delete this.requestQueue[data.replyId!];
+      }
+    });
+  }
+  isInFrame() {
+    return window.self !== window.top;
+  }
+
+  register<T = any>(action: string, handler: (data: IframeMessageData<T>) => Promise<void>) {
+    this.handlers[action] = handler;
+  }
+
+  async send<R = any, T = any>(action: string, data?: T, replyId?: string, errorCode?: number, message?: string): Promise<IframeMessageData<R>> {
+    try {
+      return await this.doSend<R, T>(action, data, replyId, errorCode, message);
+    } catch (e) {
+      if (this.onError) {
+        this.onError(e);
+      }
+      throw e;
+    }
+  }
+
+  async doSend<R = any, T = any>(action: string, data?: T, replyId?: string, errorCode?: number, message?: string): Promise<IframeMessageData<R>> {
+    const reqMessageData: IframeMessageData<T> = {
+      id: nanoid(),
+      action,
+      data,
+      replyId,
+      errorCode,
+      message,
+    };
+
+    return new Promise((resolve, reject) => {
+      const onReply = (reply: IframeMessageData<R>) => {
+        if (reply.errorCode && reply.errorCode > 0) {
+          reject(new IframeException(reply));
+          return;
+        }
+        resolve(reply);
+      };
+      this.requestQueue[reqMessageData.id] = {
+        req: reqMessageData,
+        onReply,
+      };
+      try {
+        console.log(`send message[isSub:${this.isInFrame()}]:`, reqMessageData);
+        if (!this.iframe) {
+          if (!window.parent) {
+            reject('当前页面不在 iframe 中');
+          }
+          window.parent.postMessage(reqMessageData, '*');
+        } else {
+          //子页面
+          this.iframe.contentWindow?.postMessage(reqMessageData, '*');
+        }
+      } catch (e) {
+        console.error(e);
+        reject(e);
+      }
+    });
+  }
+}

packages/libs/lib-iframe/tsconfig.json

@@ -0,0 +1,41 @@
+{
+  "compileOnSave": true,
+  "compilerOptions": {
+    "target": "ESNext",
+    "module": "ESNext",
+    "moduleResolution": "node",
+    "esModuleInterop": true,
+    "experimentalDecorators": true,
+    "emitDecoratorMetadata": true,
+    "inlineSourceMap":true,
+    "noImplicitThis": true,
+    "noUnusedLocals": true,
+    "stripInternal": true,
+    "skipLibCheck": true,
+    "pretty": true,
+    "declaration": true,
+    "forceConsistentCasingInFileNames": true,
+    "typeRoots": [ "./typings", "./node_modules/@types"],
+    "outDir": "dist",
+    "rootDir": "src",
+    "composite": true,
+    "useDefineForClassFields": true,
+    "strict": false,
+//    "sourceMap": true,
+    "resolveJsonModule": true,
+    "isolatedModules": true,
+    "lib": ["ESNext", "DOM"],
+  },
+  "include": [
+    "src/**/*.ts",
+    "src/**/*.d.ts",
+    "src/**/*.json"
+  ],
+  "exclude": [
+    "*.js",
+    "*.ts",
+    "dist",
+    "node_modules",
+    "src/test"
+  ],
+}

packages/libs/lib-jdcloud/.eslintrc

@@ -0,0 +1,23 @@
+{
+  "parser": "@typescript-eslint/parser",
+  "plugins": [
+    "@typescript-eslint"
+  ],
+  "extends": [
+    "plugin:@typescript-eslint/recommended",
+    "plugin:prettier/recommended",
+    "prettier"
+  ],
+  "env": {
+    "mocha": true
+  },
+  "rules": {
+    "@typescript-eslint/no-var-requires": "off",
+    "@typescript-eslint/ban-ts-comment": "off",
+    "@typescript-eslint/ban-ts-ignore": "off",
+    "@typescript-eslint/no-explicit-any": "off",
+    "@typescript-eslint/no-empty-function": "off",
+//    "no-unused-expressions": "off",
+    "max-len": [0, 160, 2, { "ignoreUrls": true }]
+  }
+}

packages/libs/lib-jdcloud/.gitignore

@@ -0,0 +1,28 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+lerna-debug.log*
+
+node_modules
+dist
+dist-ssr
+*.local
+
+# Editor directories and files
+.vscode/*
+!.vscode/extensions.json
+.idea
+.DS_Store
+*.suo
+*.ntvs*
+*.njsproj
+*.sln
+*.sw?
+
+test/user.secret.ts
+
+.rollup.cache

packages/libs/lib-jdcloud/.npmignore

@@ -0,0 +1,3 @@
+node_modules
+src
+.rollup.cache

packages/libs/lib-jdcloud/.prettierrc

@@ -0,0 +1,3 @@
+{
+  "printWidth": 160
+}

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -0,0 +1,79 @@
+# Change Log
+
+All notable changes to this project will be documented in this file.
+See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
+
+## [1.26.2](https://github.com/certd/certd/compare/v1.26.1...v1.26.2) (2024-10-11)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.26.1](https://github.com/certd/certd/compare/v1.26.0...v1.26.1) (2024-10-10)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+# [1.26.0](https://github.com/certd/certd/compare/v1.25.9...v1.26.0) (2024-10-10)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.4](https://github.com/certd/certd/compare/v1.25.3...v1.25.4) (2024-09-25)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.3](https://github.com/certd/certd/compare/v1.25.2...v1.25.3) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.2](https://github.com/certd/certd/compare/v1.25.1...v1.25.2) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.1](https://github.com/certd/certd/compare/v1.25.0...v1.25.1) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+# [1.25.0](https://github.com/certd/certd/compare/v1.24.4...v1.25.0) (2024-09-24)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.24.3](https://github.com/certd/certd/compare/v1.24.2...v1.24.3) (2024-09-06)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.24.2](https://github.com/certd/certd/compare/v1.24.1...v1.24.2) (2024-09-06)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.24.1](https://github.com/certd/certd/compare/v1.24.0...v1.24.1) (2024-09-02)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.22.1](https://github.com/certd/certd/compare/v1.22.0...v1.22.1) (2024-07-20)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.22.0](https://github.com/certd/certd/compare/v1.21.2...v1.22.0) (2024-07-19)
+
+### Features
+
+* 升级midway，支持esm ([485e603](https://github.com/certd/certd/commit/485e603b5165c28bc08694997726eaf2a585ebe7))
+* 支持postgresql ([3b19bfb](https://github.com/certd/certd/commit/3b19bfb4291e89064b3b407a80dae092d54747d5))

packages/libs/lib-jdcloud/README.md

@@ -0,0 +1,16 @@
+# Vue 3 + TypeScript + Vite
+
+This template should help get you started developing with Vue 3 and TypeScript in Vite. The template uses Vue 3 `<script setup>` SFCs, check out the [script setup docs](https://v3.vuejs.org/api/sfc-script-setup.html#sfc-script-setup) to learn more.
+
+## Recommended IDE Setup
+
+- [VS Code](https://code.visualstudio.com/) + [Volar](https://marketplace.visualstudio.com/items?itemName=Vue.volar)
+
+## Type Support For `.vue` Imports in TS
+
+Since TypeScript cannot handle type information for `.vue` imports, they are shimmed to be a generic Vue component type by default. In most cases this is fine if you don't really care about component prop types outside of templates. However, if you wish to get actual prop types in `.vue` imports (for example to get props validation when using manual `h(...)` calls), you can enable Volar's Take Over mode by following these steps:
+
+1. Run `Extensions: Show Built-in Extensions` from VS Code's command palette, look for `TypeScript and JavaScript Language Features`, then right click and select `Disable (Workspace)`. By default, Take Over mode will enable itself if the default TypeScript extension is disabled.
+2. Reload the VS Code window by running `Developer: Reload Window` from the command palette.
+
+You can learn more about Take Over mode [here](https://github.com/johnsoncodehk/volar/discussions/471).

packages/libs/lib-jdcloud/fix-esm-import-paths.js

@@ -0,0 +1,96 @@
+import * as fs from "fs";
+import * as path from "path";
+
+// https://gist.github.com/lovasoa/8691344
+async function* walk(dir) {
+  for await (const d of await fs.promises.opendir(dir)) {
+    const entry = path.join(dir, d.name);
+    if (d.isDirectory()) {
+      yield* walk(entry);
+    } else if (d.isFile()) {
+      yield entry;
+    }
+  }
+}
+
+function resolveImportPath(sourceFile, importPath, options) {
+  const sourceFileAbs = path.resolve(process.cwd(), sourceFile);
+  const root = path.dirname(sourceFileAbs);
+  const { moduleFilter = defaultModuleFilter } = options;
+
+  if (moduleFilter(importPath)) {
+    const importPathAbs = path.resolve(root, importPath);
+    let possiblePath = [path.resolve(importPathAbs, "./index.ts"), path.resolve(importPathAbs, "./index.js"), importPathAbs + ".ts", importPathAbs + ".js"];
+
+    if (possiblePath.length) {
+      for (let i = 0; i < possiblePath.length; i++) {
+        let entry = possiblePath[i];
+        if (fs.existsSync(entry)) {
+          const resolved = path.relative(root, entry.replace(/\.ts$/, ".js"));
+
+          if (!resolved.startsWith(".")) {
+            return "./" + resolved;
+          }
+
+          return resolved;
+        }
+      }
+    }
+  }
+
+  return null;
+}
+
+function replace(filePath, outFilePath, options) {
+  const code = fs.readFileSync(filePath).toString();
+  const newCode = code.replace(/(import|export) (.+?) from ('[^\n']+'|"[^\n"]+");/gs, function (found, action, imported, from) {
+    const importPath = from.slice(1, -1);
+    let resolvedPath = resolveImportPath(filePath, importPath, options);
+
+    if (resolvedPath) {
+      resolvedPath = resolvedPath.replaceAll("\\", "/");
+      console.log("\t", importPath, resolvedPath);
+      return `${action} ${imported} from "${resolvedPath}";`;
+    }
+
+    return found;
+  });
+
+  if (code !== newCode) {
+    fs.writeFileSync(outFilePath, newCode);
+  }
+}
+
+// Then, use it with a simple async for loop
+async function run(srcDir, options = defaultOptions) {
+  const { sourceFileFilter = defaultSourceFileFilter } = options;
+
+  for await (const entry of walk(srcDir)) {
+    if (sourceFileFilter(entry)) {
+      console.log(entry);
+      replace(entry, entry, options);
+    }
+  }
+}
+
+const defaultSourceFileFilter = function (sourceFilePath) {
+  return /\.(js|ts)$/.test(sourceFilePath) && !/node_modules/.test(sourceFilePath);
+};
+
+const defaultModuleFilter = function (importedModule) {
+  return !path.isAbsolute(importedModule) && !importedModule.startsWith("@") && !importedModule.endsWith(".js");
+};
+
+const defaultOptions = {
+  sourceFileFilter: defaultSourceFileFilter,
+  moduleFilter: defaultModuleFilter,
+};
+
+// Switch this to test on one file or directly run on a directory.
+const DEBUG = false;
+
+if (DEBUG) {
+  replace("./src/index.ts", "./out.ts", defaultOptions);
+} else {
+  await run("./src/", defaultOptions);
+}

packages/libs/lib-jdcloud/package.json

@@ -0,0 +1,31 @@
+{
+  "name": "@certd/lib-jdcloud",
+  "private": false,
+  "version": "1.26.2",
+  "main": "./dist/bundle.mjs",
+  "module": "./dist/bundle.mjs",
+  "types": "./dist/d/index.d.ts",
+  "scripts": {
+    "dev": "vite",
+    "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
+    "build": "npm run before-build && rollup -c ",
+    "dev-build": "npm run build",
+    "preview": "vite preview"
+  },
+  "dependencies": {
+    "axios": "^1.7.2",
+    "buffer": "^5.0.8",
+    "create-hash": "^1.1.3",
+    "create-hmac": "^1.1.6",
+    "debug": "^3.1.0",
+    "node-fetch": "^2.1.2",
+    "url": "^0.11.0",
+    "uuid": "^3.1.0"
+  },
+  "devDependencies": {
+    "babel-register": "^6.26.0",
+    "rimraf": "^5.0.5",
+    "rollup": "^3.7.4"
+  },
+  "gitHead": "daf575e7c3b808e6b7db48e50c62ebd9fa213b0a"
+}

packages/libs/lib-jdcloud/rollup.config.js

@@ -0,0 +1,40 @@
+const resolve = require("@rollup/plugin-node-resolve");
+const commonjs = require("@rollup/plugin-commonjs");
+//const Typescript = require("rollup-plugin-typescript2");
+const Typescript = require("@rollup/plugin-typescript");
+const json = require("@rollup/plugin-json");
+const terser = require("@rollup/plugin-terser");
+module.exports = {
+  input: "src/index.js",
+  output: {
+    file: "dist/bundle.mjs",
+    format: "es",
+  },
+  plugins: [
+    // 解析第三方依赖
+    resolve({
+      jsnext: true,
+      main: true,
+      browser: true,
+    }),
+    // 识别 commonjs 模式第三方依赖
+    commonjs({
+      // dynamicRequireRoot: "../../../../",
+      // dynamicRequireTargets: [
+      //   // include using a glob pattern (either a string or an array of strings)
+      //   "../../../../**/shelljs/src/*",
+      // ],
+    }),
+    // Typescript({
+    //   target: "esnext",
+    //   rootDir: "src",
+    //   declaration: true,
+    //   declarationDir: "dist/d",
+    //   exclude: ["./node_modules/**", "./src/**/*.vue", "./src/**/*.spec.ts"],
+    //   allowSyntheticDefaultImports: true,
+    // }),
+    json(),
+    terser(),
+  ],
+  external: ["vue", "lodash-es", "dayjs", "log4js", "@midwayjs/core", "@certd/pipeline", "axios", "querystring"],
+};

packages/libs/lib-jdcloud/src/global.js

@@ -0,0 +1,2 @@
+require('./lib/node_loader')
+module.exports = require('./lib/core')

packages/libs/lib-jdcloud/src/index.js

@@ -0,0 +1 @@
+module.exports.DomainService = require("./repo/domainservice/v2/domainservice.js");

packages/libs/lib-jdcloud/src/jdcloud.js

@@ -0,0 +1 @@
+module.exports = require('./lib/jc')

packages/libs/lib-jdcloud/src/lib/browser.js

@@ -0,0 +1,4 @@
+require("babel-polyfill");
+require("./browser_loader");
+var JC = require("./core");
+module.exports = JC;

packages/libs/lib-jdcloud/src/lib/browser_loader.js

@@ -0,0 +1,13 @@
+var util = require('./util')
+util.crypto.lib = {
+  createHash: require('create-hash'),
+  createHmac: require('create-hmac')
+}
+util.Buffer = require('buffer/').Buffer
+util.url = require('url/')
+util.querystring = require('querystring/')
+util.environment = 'js'
+
+var JC = require('./core')
+
+module.exports = JC

packages/libs/lib-jdcloud/src/lib/common.js

@@ -0,0 +1,6 @@
+require('./core')
+
+require('./config')
+require('./request')
+require('./service')
+require('./credentials')

packages/libs/lib-jdcloud/src/lib/config.js

@@ -0,0 +1,78 @@
+var JDCloud = require('./core')
+
+let defaultValues = {
+  credentials: null,
+  regionId: null,
+  apiVersions: null,
+  endpoint: {},
+  version: {},
+  logger: function (string, level = 'INFO') {
+    // level: INFO / DEBUG / ERROR / WARN
+    console.log(string)
+  }
+}
+JDCloud.Config = class Config {
+  constructor (options = {}) {
+    options = this.extractCredentials(options)
+
+    JDCloud.util.each.call(this, defaultValues, function (key, value) {
+      if (options[key] === undefined) {
+        this[key] = value
+      } else {
+        this[key] = options[key]
+      }
+    })
+    JDCloud.util.each.call(this, JDCloud.Service._services, function (
+      key,
+      value
+    ) {
+      if (options[key] !== undefined) {
+        this[key] = options[key]
+      }
+    })
+  }
+
+  extractCredentials (options) {
+    if (options.accessKeyId && options.secretAccessKey) {
+      options = Object.assign({}, options)
+      options.credentials = new JDCloud.Credentials(options)
+    }
+    return options
+  }
+
+  getCredentials () {
+    var p = new Promise((resolve, reject) => {
+      if (this.credentials) {
+        if (typeof this.credentials.get === 'function') {
+        } else if (
+          this.credentials.accessKeyId &&
+          this.credentials.secretAccessKey
+        ) {
+          resolve()
+        } else {
+          reject(new Error('missing credentials'))
+        }
+      } else if (this.credentialProvider) {
+      } else {
+        reject(new Error('get credentials failed'))
+      }
+    })
+
+    return p
+  }
+
+  update (options, allowUnknownKeys = false) {
+    options = this.extractCredentials(options)
+    JDCloud.util.each.call(this, options, function (key, value) {
+      if (
+        allowUnknownKeys ||
+        defaultValues.hasOwnProperty(key) ||
+        JDCloud.Service.hasService(key)
+      ) {
+        this[key] = options[key]
+      }
+    })
+  }
+}
+
+JDCloud.config = new JDCloud.Config()

packages/libs/lib-jdcloud/src/lib/core.js

@@ -0,0 +1,12 @@
+var JDCloud = {
+  util: require("./util"),
+  // todo swaggerVar
+  VERSION: "",
+  fetch: require("node-fetch"),
+};
+
+module.exports = JDCloud;
+
+require("./service");
+require("./config");
+require("./request");

packages/libs/lib-jdcloud/src/lib/credentials.js

@@ -0,0 +1,21 @@
+var JDCloud = require('./core')
+
+JDCloud.Credentials = class Credentials {
+  constructor () {
+    this.expired = false
+    this.expireTime = null
+
+    if (arguments.length === 1 && typeof arguments[0] === 'object') {
+      var creds = arguments[0].credentials || arguments[0]
+      this.accessKeyId = creds.accessKeyId
+      this.secretAccessKey = creds.secretAccessKey
+      this.sessionToken = creds.sessionToken
+    } else {
+      this.accessKeyId = arguments[0]
+      this.secretAccessKey = arguments[1]
+      this.sessionToken = arguments[2]
+    }
+  }
+}
+
+module.exports = JDCloud.Credentials

packages/libs/lib-jdcloud/src/lib/jc.js

@@ -0,0 +1,3 @@
+require('./node_loader')
+var JDCloud = require('./core')
+module.exports = JDCloud

packages/libs/lib-jdcloud/src/lib/node_loader.js

@@ -0,0 +1,12 @@
+var util = require('./util')
+
+util.crypto.lib = require('crypto')
+util.Buffer = require('buffer').Buffer
+util.url = require('url')
+util.querystring = require('querystring')
+util.environment = 'nodejs'
+let JDCloud = require('./core')
+JDCloud.fetch = require('node-fetch')
+module.exports = JDCloud
+
+require('./credentials')

packages/libs/lib-jdcloud/src/lib/request.js

@@ -0,0 +1,137 @@
+var JDCloud = require("./core");
+
+let util = JDCloud.util;
+JDCloud.JCRequest = class JCRequest {
+  constructor(service, path, httpMethod, pathParams, queryParams, headerParams, formParams, postBody, contentTypes, accepts, returnType) {
+    this.service = service;
+
+    var endpoint = service.config.endpoint;
+    pathParams.regionId = pathParams.regionId || service.config.regionId;
+    this.regionId = pathParams.regionId;
+
+    this.path = this.buildPath(path, pathParams);
+    this.path = util.uriEscapePath(this.path);
+
+    var queryString = this.buildQuery(queryParams);
+
+    var url = this.path;
+    if (queryString) {
+      url = this.path + "?" + queryString;
+    }
+
+    var contentType = this.jsonPreferredMime(contentTypes) || "application/json";
+    headerParams["content-type"] = contentType;
+    var requestHeaders = this.buildHeaders(headerParams);
+
+    var requestInit = {
+      method: httpMethod || "GET",
+      headers: requestHeaders,
+    };
+
+    if (contentType === "application/x-www-form-urlencoded") {
+    } else if (contentType === "multipart/form-data") {
+    } else if (postBody) {
+      requestInit.body = JSON.stringify(postBody);
+    }
+    var fetchUrl = endpoint.protocol + "://" + endpoint.host + url;
+    JDCloud.config.logger(`make request where url is :${fetchUrl} \nwith fetch config:${JSON.stringify(requestInit)}`);
+    this.request = new JDCloud.fetch.Request(fetchUrl, requestInit);
+    this.request.bodyCache = requestInit.body;
+  }
+
+  buildPath(path, pathParams) {
+    var uri = (this.service.config.basePath || "") + path;
+    uri = uri.replace(/\{([\w-]+)\}/g, (fullMatch, key) => {
+      var value;
+      if (pathParams.hasOwnProperty(key)) {
+        value = pathParams[key];
+      } else {
+        value = fullMatch;
+      }
+      return value;
+    });
+    return uri;
+  }
+
+  buildQuery(queryParams) {
+    var queryParamsWithoutEmptyItem = {};
+    var keys = Object.keys(queryParams);
+    for (let key of keys) {
+      if (queryParams[key] !== undefined) {
+        queryParamsWithoutEmptyItem[key] = queryParams[key];
+      }
+    }
+    return JDCloud.util.querystring.stringify(queryParamsWithoutEmptyItem);
+  }
+
+  search() {
+    var query = this.request.url.split("?", 2)[1];
+    if (query) {
+      query = JDCloud.util.querystring.parse(query);
+      return JDCloud.util.queryParamsToString(query);
+    }
+    return "";
+  }
+
+  digitizationArray(key, obj) {
+    var result = key;
+    if (Array.isArray(obj)) {
+      JDCloud.util.arrayEach(obj, (arrayValue, index) => {
+        result += this.digitizationArray(`.${index + 1}`, arrayValue);
+      });
+    } else if (typeof obj === "object" && obj != null) {
+      JDCloud.util.each(obj, (key, ObjValue) => {
+        result += `.name=${key}&${result}.values` + this.digitizationArray();
+        result += key + ".name=" + ObjValue + "&" + this.digitizationArray(key + ".values", ObjValue);
+      });
+    } else {
+      result += key + "=" + encodeURI(obj);
+    }
+    return result;
+  }
+
+  buildHeaders(headerParams) {
+    var headers = new JDCloud.fetch.Headers({
+      accept: "application/json",
+    });
+
+    util.each.call(this, headerParams, function (key) {
+      if (headerParams[key] !== undefined && headerParams[key] != null) {
+        headers.append(key, headerParams[key]);
+      }
+    });
+    return headers;
+  }
+
+  /**
+   * Checks whether the given content type represents JSON.<br>
+   * JSON content type examples:<br>
+   * <ul>
+   * <li>application/json</li>
+   * <li>application/json; charset=UTF8</li>
+   * <li>APPLICATION/JSON</li>
+   * </ul>
+   * @param {String} contentType The MIME content type to check.
+   * @returns {Boolean} <code>true</code> if <code>contentType</code> represents JSON, otherwise <code>false</code>.
+   */
+  isJsonMime(contentType) {
+    return Boolean(contentType != null && contentType.match(/^application\/json(;.*)?$/i));
+  }
+
+  /**
+   * Chooses a content type from the given array, with JSON preferred; i.e. return JSON if included, otherwise return the first.
+   * @param {Array.<String>} contentTypes
+   * @returns {String} The chosen content type, preferring JSON.
+   */
+  jsonPreferredMime(contentTypes) {
+    for (var i = 0; i < contentTypes.length; i++) {
+      if (this.isJsonMime(contentTypes[i])) {
+        return contentTypes[i];
+      }
+    }
+
+    return contentTypes[0];
+  }
+};
+
+module.exports = JDCloud.JCRequest;