mirror of
https://github.com/certd/certd.git
synced 2026-07-12 16:27:34 +08:00
Compare commits
38 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 268cd6cc9c | |||
| 20ffe31638 | |||
| 02d30067ea | |||
| 0ce7808e08 | |||
| d609ee2b7a | |||
| 083df61fcc | |||
| a524988be6 | |||
| 8517a0b564 | |||
| ec69b8f11b | |||
| edda1b57f3 | |||
| 5a7766992d | |||
| 02dabe11db | |||
| 58024128d8 | |||
| e44bf9d773 | |||
| 1114223bda | |||
| 55022e5fa6 | |||
| ae732fb298 | |||
| a6ef6996c3 | |||
| 97cf5e127b | |||
| 690df7373c | |||
| 9cc01e5da1 | |||
| 0a068a2746 | |||
| 85a239ff8c | |||
| a545a28dfb | |||
| ac876a980c | |||
| 4b555e8a56 | |||
| 1a8d14dc44 | |||
| 83263a72d2 | |||
| 76f3ba8691 | |||
| 072edd7aff | |||
| c0be4d702c | |||
| c3d6db3f1e | |||
| e05ec53eb5 | |||
| 8d9dad9c82 | |||
| 0071bcb0e4 | |||
| dbdc1ccd1b | |||
| 2a606fdb1d | |||
| 3b86f30bcf |
@@ -400,6 +400,7 @@ export class OAuthDemoAccess extends BaseAccess {
|
|||||||
4. **错误处理**:API 调用失败时应抛出明确的错误信息。
|
4. **错误处理**:API 调用失败时应抛出明确的错误信息。
|
||||||
5. **测试方法**:实现 `onTestRequest` 方法,以便用户可以测试授权是否正常。
|
5. **测试方法**:实现 `onTestRequest` 方法,以便用户可以测试授权是否正常。
|
||||||
6. **统一接口调用**:封装统一的 API 请求方法,避免重复编写错误处理逻辑。
|
6. **统一接口调用**:封装统一的 API 请求方法,避免重复编写错误处理逻辑。
|
||||||
|
7. **旧版数据兼容**: 新增注解的插件参数,必须要考虑旧版数据兼容,比如新增一个deployType参数,有两种值:`default`和`custom`,需要在使用时判空,走旧版逻辑。
|
||||||
|
|
||||||
## 开发技巧
|
## 开发技巧
|
||||||
|
|
||||||
|
|||||||
@@ -454,3 +454,4 @@ new TencentDnsProvider();
|
|||||||
3. **记录结构**:定义适合对应云平台的记录数据结构,至少包含 id 字段用于删除记录。
|
3. **记录结构**:定义适合对应云平台的记录数据结构,至少包含 id 字段用于删除记录。
|
||||||
4. **日志输出**:使用 `this.logger` 输出日志,而不是 `console`,参数文本化,不要传对象,否则会输出`[object Object]}`。
|
4. **日志输出**:使用 `this.logger` 输出日志,而不是 `console`,参数文本化,不要传对象,否则会输出`[object Object]}`。
|
||||||
5. **错误处理**:API 调用失败时应抛出明确的错误信息。
|
5. **错误处理**:API 调用失败时应抛出明确的错误信息。
|
||||||
|
6. **旧版数据兼容**: 新增插件参数,必须要考虑旧版数据兼容,比如新增一个deployType参数,有两种值:`default`和`custom`,需要在使用时判空,走旧版逻辑。
|
||||||
|
|||||||
@@ -281,12 +281,12 @@ export class DemoTest extends AbstractTaskPlugin {
|
|||||||
return {
|
return {
|
||||||
value: item.siteName,
|
value: item.siteName,
|
||||||
label: item.siteName,
|
label: item.siteName,
|
||||||
domain: item.siteName,
|
domain: item.siteName, //这里必须要包含domain 否则后面分组时候全部分配到未匹配中
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
//将站点域名名称根据证书域名进行匹配分组,分成匹配的和不匹配的两组选项,返回给前端,供用户选择
|
//将站点域名名称根据证书域名进行匹配分组,分成匹配的和不匹配的两组选项,返回给前端,供用户选择
|
||||||
return {
|
return {
|
||||||
list: optionsUtils.buildGroupOptions(options, this.certDomains),
|
list: optionsUtils.buildGroupOptions(options, this.certDomains), //分组后的列表
|
||||||
total: siteRes.length,
|
total: siteRes.length,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
@@ -641,6 +641,7 @@ new AliyunOSSDeploy();
|
|||||||
4. **日志输出**:使用 `this.logger` 输出日志,而不是 `console`,参数文本化,不要传对象,否则会输出`[object Object]}`。
|
4. **日志输出**:使用 `this.logger` 输出日志,而不是 `console`,参数文本化,不要传对象,否则会输出`[object Object]}`。
|
||||||
5. **错误处理**:执行过程中的错误应被捕获并记录。
|
5. **错误处理**:执行过程中的错误应被捕获并记录。
|
||||||
6. **授权获取**:使用 `this.getAccess(accessId)` 获取授权信息。
|
6. **授权获取**:使用 `this.getAccess(accessId)` 获取授权信息。
|
||||||
|
7. **旧版数据兼容**: 新增@TaskInput注解的插件参数,必须要考虑旧版数据兼容,比如新增一个deployType参数,有两种值:`default`和`custom`,需要在使用时判空,走旧版逻辑。
|
||||||
|
|
||||||
## 部署逻辑注意事项
|
## 部署逻辑注意事项
|
||||||
|
|
||||||
|
|||||||
@@ -210,3 +210,8 @@ Certd 是可私有化部署的 SSL/TLS 证书自动化管理平台,提供 Web
|
|||||||
- 后端业务数据、接口、实体、权限、迁移:改 `packages/ui/certd-server/src/modules` 与 `src/controller`。
|
- 后端业务数据、接口、实体、权限、迁移:改 `packages/ui/certd-server/src/modules` 与 `src/controller`。
|
||||||
- 表单、列表、插件配置 UI:改 `packages/ui/certd-client/src/views/certd` 及对应 `src/api`。
|
- 表单、列表、插件配置 UI:改 `packages/ui/certd-client/src/views/certd` 及对应 `src/api`。
|
||||||
|
|
||||||
|
## 注意事项
|
||||||
|
|
||||||
|
### 旧版数据兼容
|
||||||
|
|
||||||
|
- 新增插件参数时,必须要考虑旧版数据兼容,比如新增一个deployType参数,有两种值:`default`和`custom`,需要在使用时判空,走旧版逻辑。
|
||||||
@@ -3,6 +3,29 @@
|
|||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||||
|
|
||||||
|
## [1.42.4](https://github.com/certd/certd/compare/v1.42.3...v1.42.4) (2026-07-11)
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* 修复火山引擎查不到自定义源站域名的问题 ([02dabe1](https://github.com/certd/certd/commit/02dabe11db3e9b13ca4621ce9ddd2b808bfca390))
|
||||||
|
* 修复火山引擎自定义源站域名查询不到的问题 ([e44bf9d](https://github.com/certd/certd/commit/e44bf9d77375d48ac7fd1582e69fae02dfd248fa))
|
||||||
|
* **pipeline:** 重构运行时依赖加载逻辑,修复火山引擎DNS解析报runtimeDepsService未初始化的bug ([ec69b8f](https://github.com/certd/certd/commit/ec69b8f11bfd4b20991aef74a72a47182ca79a9d))
|
||||||
|
|
||||||
|
## [1.42.3](https://github.com/certd/certd/compare/v1.42.2...v1.42.3) (2026-07-08)
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* **volcengine-alb:** 修复火山引擎ALB 默认证书部署类型会部署到扩展证书的问题 ([0a068a2](https://github.com/certd/certd/commit/0a068a274673e9768954e9f7367c267d44f3b530))
|
||||||
|
|
||||||
|
## [1.42.2](https://github.com/certd/certd/compare/v1.42.1...v1.42.2) (2026-07-07)
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* 修复火山视频点播源站选择不到自定义源站的bug ([0071bcb](https://github.com/certd/certd/commit/0071bcb0e4dd108c86d7ca01820a9f6e6960e440))
|
||||||
|
* 修复企业模式下弹出邮箱绑定提醒的问题 ([8d9dad9](https://github.com/certd/certd/commit/8d9dad9c82f6f2fd3ab3040068946a33f37145b1))
|
||||||
|
* 修复AsiaIsp CDN证书重复情况下部署失败的问题 ([c3d6db3](https://github.com/certd/certd/commit/c3d6db3f1ef2f1c897b7989521fe8809dffaded1))
|
||||||
|
* 修复cname用阿里云校验时报找不到runtimeDepsService的错误 ([072edd7](https://github.com/certd/certd/commit/072edd7affee424ab3411f4d41d338f084d7cac6))
|
||||||
|
|
||||||
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
||||||
|
|
||||||
### Bug Fixes
|
### Bug Fixes
|
||||||
|
|||||||
@@ -3,6 +3,34 @@
|
|||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||||
|
|
||||||
|
## [1.42.3](https://github.com/certd/certd/compare/v1.42.2...v1.42.3) (2026-07-08)
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* **volcengine-alb:** 修复火山引擎ALB 默认证书部署类型会部署到扩展证书的问题 ([0a068a2](https://github.com/certd/certd/commit/0a068a274673e9768954e9f7367c267d44f3b530))
|
||||||
|
|
||||||
|
## [1.42.2](https://github.com/certd/certd/compare/v1.42.1...v1.42.2) (2026-07-07)
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* 修复火山视频点播源站选择不到自定义源站的bug ([0071bcb](https://github.com/certd/certd/commit/0071bcb0e4dd108c86d7ca01820a9f6e6960e440))
|
||||||
|
* 修复企业模式下弹出邮箱绑定提醒的问题 ([8d9dad9](https://github.com/certd/certd/commit/8d9dad9c82f6f2fd3ab3040068946a33f37145b1))
|
||||||
|
* 修复AsiaIsp CDN证书重复情况下部署失败的问题 ([c3d6db3](https://github.com/certd/certd/commit/c3d6db3f1ef2f1c897b7989521fe8809dffaded1))
|
||||||
|
* 修复cname用阿里云校验时报找不到runtimeDepsService的错误 ([072edd7](https://github.com/certd/certd/commit/072edd7affee424ab3411f4d41d338f084d7cac6))
|
||||||
|
|
||||||
|
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* 修复多域名无法使用passkey登录的bug ([d176f9c](https://github.com/certd/certd/commit/d176f9cc0ebd051a614bfac74d1616d1945fc9a3))
|
||||||
|
* 修复企业模式下登录报projectId不能为空的问题 ([a65366b](https://github.com/certd/certd/commit/a65366bbe1aadea8baaffbdadab58a5b631d9417))
|
||||||
|
* **login:** 修复输入法 composing 状态下回车触发提交的问题 ([b74db81](https://github.com/certd/certd/commit/b74db81304bbe68476bbec5ea4307a2264060e92))
|
||||||
|
|
||||||
|
### Performance Improvements
|
||||||
|
|
||||||
|
* **certd-server:** 使用 jks-go转换jks证书,大幅精简镜像大小 ([c78898e](https://github.com/certd/certd/commit/c78898e4c10dd1701467d2e42e3f72bd8f2a352f))
|
||||||
|
* **pipeline:** 将默认历史保留条数从30调整为100 ([d3e4677](https://github.com/certd/certd/commit/d3e4677ea4fac8e7533749d7f4187e410489e536))
|
||||||
|
|
||||||
# [1.42.0](https://github.com/certd/certd/compare/v1.41.4...v1.42.0) (2026-07-05)
|
# [1.42.0](https://github.com/certd/certd/compare/v1.41.4...v1.42.0) (2026-07-05)
|
||||||
|
|
||||||
### Bug Fixes
|
### Bug Fixes
|
||||||
|
|||||||
+1
-1
@@ -9,5 +9,5 @@
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
"npmClient": "pnpm",
|
"npmClient": "pnpm",
|
||||||
"version": "1.42.1"
|
"version": "1.42.4"
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,18 @@
|
|||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||||
|
|
||||||
|
## [1.42.4](https://github.com/publishlab/node-acme-client/compare/v1.42.3...v1.42.4) (2026-07-11)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/acme-client
|
||||||
|
|
||||||
|
## [1.42.3](https://github.com/publishlab/node-acme-client/compare/v1.42.2...v1.42.3) (2026-07-08)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/acme-client
|
||||||
|
|
||||||
|
## [1.42.2](https://github.com/publishlab/node-acme-client/compare/v1.42.1...v1.42.2) (2026-07-07)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/acme-client
|
||||||
|
|
||||||
## [1.42.1](https://github.com/publishlab/node-acme-client/compare/v1.42.0...v1.42.1) (2026-07-06)
|
## [1.42.1](https://github.com/publishlab/node-acme-client/compare/v1.42.0...v1.42.1) (2026-07-06)
|
||||||
|
|
||||||
**Note:** Version bump only for package @certd/acme-client
|
**Note:** Version bump only for package @certd/acme-client
|
||||||
|
|||||||
@@ -3,7 +3,7 @@
|
|||||||
"description": "Simple and unopinionated ACME client",
|
"description": "Simple and unopinionated ACME client",
|
||||||
"private": false,
|
"private": false,
|
||||||
"author": "nmorsman",
|
"author": "nmorsman",
|
||||||
"version": "1.42.1",
|
"version": "1.42.4",
|
||||||
"type": "module",
|
"type": "module",
|
||||||
"module": "./dist/index.js",
|
"module": "./dist/index.js",
|
||||||
"main": "./dist/index.js",
|
"main": "./dist/index.js",
|
||||||
@@ -18,7 +18,7 @@
|
|||||||
"types"
|
"types"
|
||||||
],
|
],
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@certd/basic": "^1.42.1",
|
"@certd/basic": "^1.42.4",
|
||||||
"@peculiar/x509": "^1.11.0",
|
"@peculiar/x509": "^1.11.0",
|
||||||
"asn1js": "^3.0.5",
|
"asn1js": "^3.0.5",
|
||||||
"axios": "^1.9.0",
|
"axios": "^1.9.0",
|
||||||
@@ -75,5 +75,5 @@
|
|||||||
"bugs": {
|
"bugs": {
|
||||||
"url": "https://github.com/publishlab/node-acme-client/issues"
|
"url": "https://github.com/publishlab/node-acme-client/issues"
|
||||||
},
|
},
|
||||||
"gitHead": "b46948c0ba67069ebcd2bb71b21b6c289d99f1b8"
|
"gitHead": "a6ef6996c3a68ce0c2a4577a0934ed74a53f0515"
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,18 @@
|
|||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||||
|
|
||||||
|
## [1.42.4](https://github.com/certd/certd/compare/v1.42.3...v1.42.4) (2026-07-11)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/basic
|
||||||
|
|
||||||
|
## [1.42.3](https://github.com/certd/certd/compare/v1.42.2...v1.42.3) (2026-07-08)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/basic
|
||||||
|
|
||||||
|
## [1.42.2](https://github.com/certd/certd/compare/v1.42.1...v1.42.2) (2026-07-07)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/basic
|
||||||
|
|
||||||
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
||||||
|
|
||||||
**Note:** Version bump only for package @certd/basic
|
**Note:** Version bump only for package @certd/basic
|
||||||
|
|||||||
@@ -1 +1 @@
|
|||||||
00:18
|
02:45
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
{
|
{
|
||||||
"name": "@certd/basic",
|
"name": "@certd/basic",
|
||||||
"private": false,
|
"private": false,
|
||||||
"version": "1.42.1",
|
"version": "1.42.4",
|
||||||
"type": "module",
|
"type": "module",
|
||||||
"main": "./dist/index.js",
|
"main": "./dist/index.js",
|
||||||
"module": "./dist/index.js",
|
"module": "./dist/index.js",
|
||||||
@@ -54,5 +54,5 @@
|
|||||||
"tslib": "^2.8.1",
|
"tslib": "^2.8.1",
|
||||||
"typescript": "^5.4.2"
|
"typescript": "^5.4.2"
|
||||||
},
|
},
|
||||||
"gitHead": "b46948c0ba67069ebcd2bb71b21b6c289d99f1b8"
|
"gitHead": "a6ef6996c3a68ce0c2a4577a0934ed74a53f0515"
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,20 @@
|
|||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||||
|
|
||||||
|
## [1.42.4](https://github.com/certd/certd/compare/v1.42.3...v1.42.4) (2026-07-11)
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* **pipeline:** 重构运行时依赖加载逻辑,修复火山引擎DNS解析报runtimeDepsService未初始化的bug ([ec69b8f](https://github.com/certd/certd/commit/ec69b8f11bfd4b20991aef74a72a47182ca79a9d))
|
||||||
|
|
||||||
|
## [1.42.3](https://github.com/certd/certd/compare/v1.42.2...v1.42.3) (2026-07-08)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/pipeline
|
||||||
|
|
||||||
|
## [1.42.2](https://github.com/certd/certd/compare/v1.42.1...v1.42.2) (2026-07-07)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/pipeline
|
||||||
|
|
||||||
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
||||||
|
|
||||||
**Note:** Version bump only for package @certd/pipeline
|
**Note:** Version bump only for package @certd/pipeline
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
{
|
{
|
||||||
"name": "@certd/pipeline",
|
"name": "@certd/pipeline",
|
||||||
"private": false,
|
"private": false,
|
||||||
"version": "1.42.1",
|
"version": "1.42.4",
|
||||||
"type": "module",
|
"type": "module",
|
||||||
"main": "./dist/index.js",
|
"main": "./dist/index.js",
|
||||||
"module": "./dist/index.js",
|
"module": "./dist/index.js",
|
||||||
@@ -21,8 +21,8 @@
|
|||||||
"lint": "eslint --fix"
|
"lint": "eslint --fix"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@certd/basic": "^1.42.1",
|
"@certd/basic": "^1.42.4",
|
||||||
"@certd/plus-core": "^1.42.1",
|
"@certd/plus-core": "^1.42.4",
|
||||||
"dayjs": "^1.11.7",
|
"dayjs": "^1.11.7",
|
||||||
"lodash-es": "^4.17.21",
|
"lodash-es": "^4.17.21",
|
||||||
"reflect-metadata": "^0.2.2"
|
"reflect-metadata": "^0.2.2"
|
||||||
@@ -51,5 +51,5 @@
|
|||||||
"tslib": "^2.8.1",
|
"tslib": "^2.8.1",
|
||||||
"typescript": "^5.4.2"
|
"typescript": "^5.4.2"
|
||||||
},
|
},
|
||||||
"gitHead": "b46948c0ba67069ebcd2bb71b21b6c289d99f1b8"
|
"gitHead": "a6ef6996c3a68ce0c2a4577a0934ed74a53f0515"
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -62,9 +62,6 @@ export abstract class BaseAccess implements IAccess {
|
|||||||
if (!this.runtimeDepsService && this.ctx.serviceGetter) {
|
if (!this.runtimeDepsService && this.ctx.serviceGetter) {
|
||||||
this.runtimeDepsService = await this.ctx.serviceGetter.get("runtimeDepsService");
|
this.runtimeDepsService = await this.ctx.serviceGetter.get("runtimeDepsService");
|
||||||
}
|
}
|
||||||
if (this.runtimeDepsService && this.ctx.define?.name) {
|
|
||||||
await this.runtimeDepsService.ensureRuntimeDependencies({ pluginKeys: `access:${this.ctx.define.name}`, logger: this.ctx.logger });
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
async onRequest(req: AccessRequestHandleReq) {
|
async onRequest(req: AccessRequestHandleReq) {
|
||||||
|
|||||||
@@ -47,7 +47,7 @@ export function AccessInput(input?: AccessInputDefine): PropertyDecorator {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function newAccess(type: string, input: any, accessService: IAccessService, ctx?: AccessContext) {
|
export async function newAccess(type: string, input: any, accessService: IAccessService, ctx: AccessContext) {
|
||||||
const register = accessRegistry.get(type);
|
const register = accessRegistry.get(type);
|
||||||
if (register == null) {
|
if (register == null) {
|
||||||
throw new Error(`access ${type} not found`);
|
throw new Error(`access ${type} not found`);
|
||||||
|
|||||||
@@ -112,9 +112,6 @@ export abstract class BaseNotification implements INotification {
|
|||||||
if (!this.runtimeDepsService && this.ctx.serviceGetter) {
|
if (!this.runtimeDepsService && this.ctx.serviceGetter) {
|
||||||
this.runtimeDepsService = await this.ctx.serviceGetter.get("runtimeDepsService");
|
this.runtimeDepsService = await this.ctx.serviceGetter.get("runtimeDepsService");
|
||||||
}
|
}
|
||||||
if (this.runtimeDepsService && this.ctx.define?.name) {
|
|
||||||
await this.runtimeDepsService.ensureRuntimeDependencies({ pluginKeys: `notification:${this.ctx.define.name}`, logger: this.logger });
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
setDefine = (define: NotificationDefine) => {
|
setDefine = (define: NotificationDefine) => {
|
||||||
this.define = define;
|
this.define = define;
|
||||||
|
|||||||
@@ -181,9 +181,6 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
|
|||||||
if (!this.runtimeDepsService && this.ctx.serviceGetter) {
|
if (!this.runtimeDepsService && this.ctx.serviceGetter) {
|
||||||
this.runtimeDepsService = await this.ctx.serviceGetter.get("runtimeDepsService");
|
this.runtimeDepsService = await this.ctx.serviceGetter.get("runtimeDepsService");
|
||||||
}
|
}
|
||||||
if (this.runtimeDepsService && this.ctx.define?.name) {
|
|
||||||
await this.runtimeDepsService.ensureRuntimeDependencies({ pluginKeys: `plugin:${this.ctx.define.name}`, logger: this.logger });
|
|
||||||
}
|
|
||||||
// 将证书加入secret
|
// 将证书加入secret
|
||||||
// @ts-ignore
|
// @ts-ignore
|
||||||
if (this.cert && this.cert.crt && this.cert.key) {
|
if (this.cert && this.cert.crt && this.cert.key) {
|
||||||
|
|||||||
@@ -3,6 +3,18 @@
|
|||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||||
|
|
||||||
|
## [1.42.4](https://github.com/certd/certd/compare/v1.42.3...v1.42.4) (2026-07-11)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/lib-huawei
|
||||||
|
|
||||||
|
## [1.42.3](https://github.com/certd/certd/compare/v1.42.2...v1.42.3) (2026-07-08)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/lib-huawei
|
||||||
|
|
||||||
|
## [1.42.2](https://github.com/certd/certd/compare/v1.42.1...v1.42.2) (2026-07-07)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/lib-huawei
|
||||||
|
|
||||||
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
||||||
|
|
||||||
**Note:** Version bump only for package @certd/lib-huawei
|
**Note:** Version bump only for package @certd/lib-huawei
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
{
|
{
|
||||||
"name": "@certd/lib-huawei",
|
"name": "@certd/lib-huawei",
|
||||||
"private": false,
|
"private": false,
|
||||||
"version": "1.42.1",
|
"version": "1.42.4",
|
||||||
"main": "./dist/bundle.js",
|
"main": "./dist/bundle.js",
|
||||||
"module": "./dist/bundle.js",
|
"module": "./dist/bundle.js",
|
||||||
"types": "./dist/d/index.d.ts",
|
"types": "./dist/d/index.d.ts",
|
||||||
@@ -30,5 +30,5 @@
|
|||||||
"prettier": "3.3.3",
|
"prettier": "3.3.3",
|
||||||
"tslib": "^2.8.1"
|
"tslib": "^2.8.1"
|
||||||
},
|
},
|
||||||
"gitHead": "b46948c0ba67069ebcd2bb71b21b6c289d99f1b8"
|
"gitHead": "a6ef6996c3a68ce0c2a4577a0934ed74a53f0515"
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,18 @@
|
|||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||||
|
|
||||||
|
## [1.42.4](https://github.com/certd/certd/compare/v1.42.3...v1.42.4) (2026-07-11)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/lib-iframe
|
||||||
|
|
||||||
|
## [1.42.3](https://github.com/certd/certd/compare/v1.42.2...v1.42.3) (2026-07-08)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/lib-iframe
|
||||||
|
|
||||||
|
## [1.42.2](https://github.com/certd/certd/compare/v1.42.1...v1.42.2) (2026-07-07)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/lib-iframe
|
||||||
|
|
||||||
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
||||||
|
|
||||||
**Note:** Version bump only for package @certd/lib-iframe
|
**Note:** Version bump only for package @certd/lib-iframe
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
{
|
{
|
||||||
"name": "@certd/lib-iframe",
|
"name": "@certd/lib-iframe",
|
||||||
"private": false,
|
"private": false,
|
||||||
"version": "1.42.1",
|
"version": "1.42.4",
|
||||||
"type": "module",
|
"type": "module",
|
||||||
"main": "./dist/index.js",
|
"main": "./dist/index.js",
|
||||||
"module": "./dist/index.js",
|
"module": "./dist/index.js",
|
||||||
@@ -37,5 +37,5 @@
|
|||||||
"tslib": "^2.8.1",
|
"tslib": "^2.8.1",
|
||||||
"typescript": "^5.4.2"
|
"typescript": "^5.4.2"
|
||||||
},
|
},
|
||||||
"gitHead": "b46948c0ba67069ebcd2bb71b21b6c289d99f1b8"
|
"gitHead": "a6ef6996c3a68ce0c2a4577a0934ed74a53f0515"
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,18 @@
|
|||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||||
|
|
||||||
|
## [1.42.4](https://github.com/certd/certd/compare/v1.42.3...v1.42.4) (2026-07-11)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/jdcloud
|
||||||
|
|
||||||
|
## [1.42.3](https://github.com/certd/certd/compare/v1.42.2...v1.42.3) (2026-07-08)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/jdcloud
|
||||||
|
|
||||||
|
## [1.42.2](https://github.com/certd/certd/compare/v1.42.1...v1.42.2) (2026-07-07)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/jdcloud
|
||||||
|
|
||||||
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
||||||
|
|
||||||
**Note:** Version bump only for package @certd/jdcloud
|
**Note:** Version bump only for package @certd/jdcloud
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "@certd/jdcloud",
|
"name": "@certd/jdcloud",
|
||||||
"version": "1.42.1",
|
"version": "1.42.4",
|
||||||
"description": "jdcloud openApi sdk",
|
"description": "jdcloud openApi sdk",
|
||||||
"main": "./dist/bundle.js",
|
"main": "./dist/bundle.js",
|
||||||
"module": "./dist/bundle.js",
|
"module": "./dist/bundle.js",
|
||||||
@@ -62,5 +62,5 @@
|
|||||||
"fetch"
|
"fetch"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"gitHead": "b46948c0ba67069ebcd2bb71b21b6c289d99f1b8"
|
"gitHead": "a6ef6996c3a68ce0c2a4577a0934ed74a53f0515"
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,18 @@
|
|||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||||
|
|
||||||
|
## [1.42.4](https://github.com/certd/certd/compare/v1.42.3...v1.42.4) (2026-07-11)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/lib-k8s
|
||||||
|
|
||||||
|
## [1.42.3](https://github.com/certd/certd/compare/v1.42.2...v1.42.3) (2026-07-08)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/lib-k8s
|
||||||
|
|
||||||
|
## [1.42.2](https://github.com/certd/certd/compare/v1.42.1...v1.42.2) (2026-07-07)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/lib-k8s
|
||||||
|
|
||||||
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
||||||
|
|
||||||
**Note:** Version bump only for package @certd/lib-k8s
|
**Note:** Version bump only for package @certd/lib-k8s
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
{
|
{
|
||||||
"name": "@certd/lib-k8s",
|
"name": "@certd/lib-k8s",
|
||||||
"private": false,
|
"private": false,
|
||||||
"version": "1.42.1",
|
"version": "1.42.4",
|
||||||
"type": "module",
|
"type": "module",
|
||||||
"main": "./dist/index.js",
|
"main": "./dist/index.js",
|
||||||
"module": "./dist/index.js",
|
"module": "./dist/index.js",
|
||||||
@@ -21,7 +21,7 @@
|
|||||||
"lint": "eslint --fix"
|
"lint": "eslint --fix"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@certd/basic": "^1.42.1",
|
"@certd/basic": "^1.42.4",
|
||||||
"@kubernetes/client-node": "0.21.0"
|
"@kubernetes/client-node": "0.21.0"
|
||||||
},
|
},
|
||||||
"devDependencies": {
|
"devDependencies": {
|
||||||
@@ -38,5 +38,5 @@
|
|||||||
"tslib": "^2.8.1",
|
"tslib": "^2.8.1",
|
||||||
"typescript": "^5.4.2"
|
"typescript": "^5.4.2"
|
||||||
},
|
},
|
||||||
"gitHead": "b46948c0ba67069ebcd2bb71b21b6c289d99f1b8"
|
"gitHead": "a6ef6996c3a68ce0c2a4577a0934ed74a53f0515"
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,20 @@
|
|||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||||
|
|
||||||
|
## [1.42.4](https://github.com/certd/certd/compare/v1.42.3...v1.42.4) (2026-07-11)
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* **pipeline:** 重构运行时依赖加载逻辑,修复火山引擎DNS解析报runtimeDepsService未初始化的bug ([ec69b8f](https://github.com/certd/certd/commit/ec69b8f11bfd4b20991aef74a72a47182ca79a9d))
|
||||||
|
|
||||||
|
## [1.42.3](https://github.com/certd/certd/compare/v1.42.2...v1.42.3) (2026-07-08)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/lib-server
|
||||||
|
|
||||||
|
## [1.42.2](https://github.com/certd/certd/compare/v1.42.1...v1.42.2) (2026-07-07)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/lib-server
|
||||||
|
|
||||||
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
||||||
|
|
||||||
**Note:** Version bump only for package @certd/lib-server
|
**Note:** Version bump only for package @certd/lib-server
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "@certd/lib-server",
|
"name": "@certd/lib-server",
|
||||||
"version": "1.42.1",
|
"version": "1.42.4",
|
||||||
"description": "midway with flyway, sql upgrade way ",
|
"description": "midway with flyway, sql upgrade way ",
|
||||||
"private": false,
|
"private": false,
|
||||||
"type": "module",
|
"type": "module",
|
||||||
@@ -29,11 +29,11 @@
|
|||||||
],
|
],
|
||||||
"license": "AGPL",
|
"license": "AGPL",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@certd/acme-client": "^1.42.1",
|
"@certd/acme-client": "^1.42.4",
|
||||||
"@certd/basic": "^1.42.1",
|
"@certd/basic": "^1.42.4",
|
||||||
"@certd/pipeline": "^1.42.1",
|
"@certd/pipeline": "^1.42.4",
|
||||||
"@certd/plugin-lib": "^1.42.1",
|
"@certd/plugin-lib": "^1.42.4",
|
||||||
"@certd/plus-core": "^1.42.1",
|
"@certd/plus-core": "^1.42.4",
|
||||||
"@midwayjs/cache": "3.14.0",
|
"@midwayjs/cache": "3.14.0",
|
||||||
"@midwayjs/core": "3.20.11",
|
"@midwayjs/core": "3.20.11",
|
||||||
"@midwayjs/i18n": "3.20.13",
|
"@midwayjs/i18n": "3.20.13",
|
||||||
@@ -69,5 +69,5 @@
|
|||||||
"typeorm": "^0.3.20",
|
"typeorm": "^0.3.20",
|
||||||
"typescript": "^5.4.2"
|
"typescript": "^5.4.2"
|
||||||
},
|
},
|
||||||
"gitHead": "b46948c0ba67069ebcd2bb71b21b6c289d99f1b8"
|
"gitHead": "a6ef6996c3a68ce0c2a4577a0934ed74a53f0515"
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -279,7 +279,7 @@ export abstract class BaseService<T> {
|
|||||||
return item != null && item != "";
|
return item != null && item != "";
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
async batchDelete(ids: number[], userId: number, projectId?: number) {
|
async batchDelete(ids: number[], userId: number, projectId?: number): Promise<number> {
|
||||||
ids = this.filterIds(ids);
|
ids = this.filterIds(ids);
|
||||||
if (userId != null) {
|
if (userId != null) {
|
||||||
const userProjectQuery = this.buildUserProjectQuery(userId, projectId);
|
const userProjectQuery = this.buildUserProjectQuery(userId, projectId);
|
||||||
@@ -295,6 +295,7 @@ export abstract class BaseService<T> {
|
|||||||
}
|
}
|
||||||
|
|
||||||
await this.delete(ids);
|
await this.delete(ids);
|
||||||
|
return ids.length;
|
||||||
}
|
}
|
||||||
|
|
||||||
async findOne(options: FindOneOptions<T>) {
|
async findOne(options: FindOneOptions<T>) {
|
||||||
|
|||||||
@@ -1,29 +1,20 @@
|
|||||||
import { IAccessService, IRuntimeDepsService } from "@certd/pipeline";
|
import { IAccessService } from "@certd/pipeline";
|
||||||
|
|
||||||
export type AccessRuntimeDepsService = IRuntimeDepsService;
|
|
||||||
|
|
||||||
export class AccessGetter implements IAccessService {
|
export class AccessGetter implements IAccessService {
|
||||||
userId: number;
|
userId: number;
|
||||||
projectId?: number;
|
projectId?: number;
|
||||||
runtimeDepsService?: AccessRuntimeDepsService;
|
getter: <T>(id: any, userId?: number, projectId?: number, ignorePermission?: boolean) => Promise<T>;
|
||||||
getter: <T>(id: any, userId?: number, projectId?: number, ignorePermission?: boolean, runtimeDepsService?: AccessRuntimeDepsService) => Promise<T>;
|
constructor(userId: number, projectId: number, getter: (id: any, userId: number, projectId?: number, ignorePermission?: boolean) => Promise<any>) {
|
||||||
constructor(
|
|
||||||
userId: number,
|
|
||||||
projectId: number,
|
|
||||||
getter: (id: any, userId: number, projectId?: number, ignorePermission?: boolean, runtimeDepsService?: AccessRuntimeDepsService) => Promise<any>,
|
|
||||||
runtimeDepsService?: AccessRuntimeDepsService
|
|
||||||
) {
|
|
||||||
this.userId = userId;
|
this.userId = userId;
|
||||||
this.projectId = projectId;
|
this.projectId = projectId;
|
||||||
this.getter = getter;
|
this.getter = getter;
|
||||||
this.runtimeDepsService = runtimeDepsService;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
async getById<T = any>(id: any) {
|
async getById<T = any>(id: any) {
|
||||||
return await this.getter<T>(id, this.userId, this.projectId, false, this.runtimeDepsService);
|
return await this.getter<T>(id, this.userId, this.projectId, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
async getCommonById<T = any>(id: any) {
|
async getCommonById<T = any>(id: any) {
|
||||||
return await this.getter<T>(id, 0, null, false, this.runtimeDepsService);
|
return await this.getter<T>(id, 0, null, false);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,8 +1,8 @@
|
|||||||
import { Inject, Provide, Scope, ScopeEnum } from "@midwayjs/core";
|
import { ApplicationContext, Inject, Provide, Scope, ScopeEnum } from "@midwayjs/core";
|
||||||
|
import type { IMidwayContainer } from "@midwayjs/core";
|
||||||
import { InjectEntityModel } from "@midwayjs/typeorm";
|
import { InjectEntityModel } from "@midwayjs/typeorm";
|
||||||
import { In, Repository } from "typeorm";
|
import { In, Repository } from "typeorm";
|
||||||
import { AccessGetter, BaseService, PageReq, PermissionException, ValidateException } from "../../../index.js";
|
import { AccessGetter, BaseService, PageReq, PermissionException, ValidateException } from "../../../index.js";
|
||||||
import type { AccessRuntimeDepsService } from "./access-getter.js";
|
|
||||||
import { AccessEntity } from "../entity/access.js";
|
import { AccessEntity } from "../entity/access.js";
|
||||||
import { AccessDefine, accessRegistry, newAccess } from "@certd/pipeline";
|
import { AccessDefine, accessRegistry, newAccess } from "@certd/pipeline";
|
||||||
import { EncryptService } from "./encrypt-service.js";
|
import { EncryptService } from "./encrypt-service.js";
|
||||||
@@ -20,6 +20,9 @@ export class AccessService extends BaseService<AccessEntity> {
|
|||||||
@Inject()
|
@Inject()
|
||||||
encryptService: EncryptService;
|
encryptService: EncryptService;
|
||||||
|
|
||||||
|
@ApplicationContext()
|
||||||
|
applicationContext: IMidwayContainer;
|
||||||
|
|
||||||
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
|
||||||
//@ts-ignore
|
//@ts-ignore
|
||||||
getRepository() {
|
getRepository() {
|
||||||
@@ -161,7 +164,7 @@ export class AccessService extends BaseService<AccessEntity> {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
async getAccessById(id: any, checkUserId: boolean, userId?: number, projectId?: number, runtimeDepsService?: AccessRuntimeDepsService): Promise<any> {
|
async getAccessById(id: any, checkUserId: boolean, userId?: number, projectId?: number): Promise<any> {
|
||||||
const entity = await this.info(id);
|
const entity = await this.info(id);
|
||||||
if (entity == null) {
|
if (entity == null) {
|
||||||
throw new Error(`该授权配置不存在,请确认是否已被删除:id=${id}`);
|
throw new Error(`该授权配置不存在,请确认是否已被删除:id=${id}`);
|
||||||
@@ -184,20 +187,23 @@ export class AccessService extends BaseService<AccessEntity> {
|
|||||||
id: entity.id,
|
id: entity.id,
|
||||||
...setting,
|
...setting,
|
||||||
};
|
};
|
||||||
|
const taskServiceBuilder: any = await this.applicationContext.getAsync("taskServiceBuilder");
|
||||||
|
const serviceGetter = taskServiceBuilder.create({ userId: userId || 0, projectId });
|
||||||
const getAccessById = this.getById.bind(this);
|
const getAccessById = this.getById.bind(this);
|
||||||
const accessGetter = new AccessGetter(userId, projectId, getAccessById, runtimeDepsService);
|
const accessGetter = new AccessGetter(userId, projectId, getAccessById);
|
||||||
const accessContext = {
|
const accessContext = {
|
||||||
logger,
|
logger,
|
||||||
http,
|
http,
|
||||||
utils,
|
utils,
|
||||||
accessService: accessGetter,
|
accessService: accessGetter,
|
||||||
|
serviceGetter,
|
||||||
} as any;
|
} as any;
|
||||||
const access = await newAccess(entity.type, input, accessGetter, accessContext);
|
const access = await newAccess(entity.type, input, accessGetter, accessContext);
|
||||||
return access;
|
return access;
|
||||||
}
|
}
|
||||||
|
|
||||||
async getById(id: any, userId: number, projectId?: number, _ignorePermission?: boolean, runtimeDepsService?: AccessRuntimeDepsService): Promise<any> {
|
async getById(id: any, userId: number, projectId?: number, _ignorePermission?: boolean): Promise<any> {
|
||||||
return await this.getAccessById(id, true, userId, projectId, runtimeDepsService);
|
return await this.getAccessById(id, true, userId, projectId);
|
||||||
}
|
}
|
||||||
|
|
||||||
decryptAccessEntity(entity: AccessEntity): any {
|
decryptAccessEntity(entity: AccessEntity): any {
|
||||||
|
|||||||
@@ -121,9 +121,6 @@ export abstract class BaseAddon implements IAddon {
|
|||||||
if (!this.runtimeDepsService && this.ctx.serviceGetter) {
|
if (!this.runtimeDepsService && this.ctx.serviceGetter) {
|
||||||
this.runtimeDepsService = await this.ctx.serviceGetter.get("runtimeDepsService");
|
this.runtimeDepsService = await this.ctx.serviceGetter.get("runtimeDepsService");
|
||||||
}
|
}
|
||||||
if (this.runtimeDepsService && this.define?.addonType && this.define?.name) {
|
|
||||||
await this.runtimeDepsService.ensureRuntimeDependencies({ pluginKeys: `addon:${this.define.addonType}:${this.define.name}`, logger: this.logger });
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
setDefine = (define:AddonDefine) => {
|
setDefine = (define:AddonDefine) => {
|
||||||
this.define = define;
|
this.define = define;
|
||||||
|
|||||||
@@ -3,6 +3,18 @@
|
|||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||||
|
|
||||||
|
## [1.42.4](https://github.com/certd/certd/compare/v1.42.3...v1.42.4) (2026-07-11)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/midway-flyway-js
|
||||||
|
|
||||||
|
## [1.42.3](https://github.com/certd/certd/compare/v1.42.2...v1.42.3) (2026-07-08)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/midway-flyway-js
|
||||||
|
|
||||||
|
## [1.42.2](https://github.com/certd/certd/compare/v1.42.1...v1.42.2) (2026-07-07)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/midway-flyway-js
|
||||||
|
|
||||||
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
||||||
|
|
||||||
**Note:** Version bump only for package @certd/midway-flyway-js
|
**Note:** Version bump only for package @certd/midway-flyway-js
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "@certd/midway-flyway-js",
|
"name": "@certd/midway-flyway-js",
|
||||||
"version": "1.42.1",
|
"version": "1.42.4",
|
||||||
"description": "midway with flyway, sql upgrade way ",
|
"description": "midway with flyway, sql upgrade way ",
|
||||||
"private": false,
|
"private": false,
|
||||||
"type": "module",
|
"type": "module",
|
||||||
@@ -52,5 +52,5 @@
|
|||||||
"typeorm": "^0.3.20",
|
"typeorm": "^0.3.20",
|
||||||
"typescript": "^5.4.2"
|
"typescript": "^5.4.2"
|
||||||
},
|
},
|
||||||
"gitHead": "b46948c0ba67069ebcd2bb71b21b6c289d99f1b8"
|
"gitHead": "a6ef6996c3a68ce0c2a4577a0934ed74a53f0515"
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,18 @@
|
|||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||||
|
|
||||||
|
## [1.42.4](https://github.com/certd/certd/compare/v1.42.3...v1.42.4) (2026-07-11)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/plugin-cert
|
||||||
|
|
||||||
|
## [1.42.3](https://github.com/certd/certd/compare/v1.42.2...v1.42.3) (2026-07-08)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/plugin-cert
|
||||||
|
|
||||||
|
## [1.42.2](https://github.com/certd/certd/compare/v1.42.1...v1.42.2) (2026-07-07)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/plugin-cert
|
||||||
|
|
||||||
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
||||||
|
|
||||||
**Note:** Version bump only for package @certd/plugin-cert
|
**Note:** Version bump only for package @certd/plugin-cert
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
{
|
{
|
||||||
"name": "@certd/plugin-cert",
|
"name": "@certd/plugin-cert",
|
||||||
"private": false,
|
"private": false,
|
||||||
"version": "1.42.1",
|
"version": "1.42.4",
|
||||||
"type": "module",
|
"type": "module",
|
||||||
"main": "./dist/index.js",
|
"main": "./dist/index.js",
|
||||||
"types": "./dist/index.d.ts",
|
"types": "./dist/index.d.ts",
|
||||||
@@ -20,7 +20,7 @@
|
|||||||
"lint": "eslint --fix"
|
"lint": "eslint --fix"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@certd/plugin-lib": "^1.42.1"
|
"@certd/plugin-lib": "^1.42.4"
|
||||||
},
|
},
|
||||||
"devDependencies": {
|
"devDependencies": {
|
||||||
"@types/chai": "^4.3.12",
|
"@types/chai": "^4.3.12",
|
||||||
@@ -38,5 +38,5 @@
|
|||||||
"tslib": "^2.8.1",
|
"tslib": "^2.8.1",
|
||||||
"typescript": "^5.4.2"
|
"typescript": "^5.4.2"
|
||||||
},
|
},
|
||||||
"gitHead": "b46948c0ba67069ebcd2bb71b21b6c289d99f1b8"
|
"gitHead": "a6ef6996c3a68ce0c2a4577a0934ed74a53f0515"
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,20 @@
|
|||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||||
|
|
||||||
|
## [1.42.4](https://github.com/certd/certd/compare/v1.42.3...v1.42.4) (2026-07-11)
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* **pipeline:** 重构运行时依赖加载逻辑,修复火山引擎DNS解析报runtimeDepsService未初始化的bug ([ec69b8f](https://github.com/certd/certd/commit/ec69b8f11bfd4b20991aef74a72a47182ca79a9d))
|
||||||
|
|
||||||
|
## [1.42.3](https://github.com/certd/certd/compare/v1.42.2...v1.42.3) (2026-07-08)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/plugin-lib
|
||||||
|
|
||||||
|
## [1.42.2](https://github.com/certd/certd/compare/v1.42.1...v1.42.2) (2026-07-07)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/plugin-lib
|
||||||
|
|
||||||
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
||||||
|
|
||||||
### Performance Improvements
|
### Performance Improvements
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
{
|
{
|
||||||
"name": "@certd/plugin-lib",
|
"name": "@certd/plugin-lib",
|
||||||
"private": false,
|
"private": false,
|
||||||
"version": "1.42.1",
|
"version": "1.42.4",
|
||||||
"type": "module",
|
"type": "module",
|
||||||
"main": "./dist/index.js",
|
"main": "./dist/index.js",
|
||||||
"types": "./dist/index.d.ts",
|
"types": "./dist/index.d.ts",
|
||||||
@@ -17,9 +17,9 @@
|
|||||||
"lint": "eslint --fix"
|
"lint": "eslint --fix"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@certd/acme-client": "^1.42.1",
|
"@certd/acme-client": "^1.42.4",
|
||||||
"@certd/basic": "^1.42.1",
|
"@certd/basic": "^1.42.4",
|
||||||
"@certd/pipeline": "^1.42.1",
|
"@certd/pipeline": "^1.42.4",
|
||||||
"dayjs": "^1.11.7",
|
"dayjs": "^1.11.7",
|
||||||
"jszip": "^3.10.1",
|
"jszip": "^3.10.1",
|
||||||
"lodash-es": "^4.17.21",
|
"lodash-es": "^4.17.21",
|
||||||
@@ -45,5 +45,5 @@
|
|||||||
"tslib": "^2.8.1",
|
"tslib": "^2.8.1",
|
||||||
"typescript": "^5.4.2"
|
"typescript": "^5.4.2"
|
||||||
},
|
},
|
||||||
"gitHead": "b46948c0ba67069ebcd2bb71b21b6c289d99f1b8"
|
"gitHead": "a6ef6996c3a68ce0c2a4577a0934ed74a53f0515"
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -45,9 +45,6 @@ export abstract class AbstractDnsProvider<T = any> implements IDnsProvider<T> {
|
|||||||
if (!this.runtimeDepsService && this.ctx.serviceGetter) {
|
if (!this.runtimeDepsService && this.ctx.serviceGetter) {
|
||||||
this.runtimeDepsService = await this.ctx.serviceGetter.get("runtimeDepsService");
|
this.runtimeDepsService = await this.ctx.serviceGetter.get("runtimeDepsService");
|
||||||
}
|
}
|
||||||
if (this.runtimeDepsService && this.ctx.define?.name) {
|
|
||||||
await this.runtimeDepsService.ensureRuntimeDependencies({ pluginKeys: `dnsProvider:${this.ctx.define.name}`, logger: this.logger });
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
async parseDomain(fullDomain: string) {
|
async parseDomain(fullDomain: string) {
|
||||||
|
|||||||
@@ -3,6 +3,20 @@
|
|||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||||
|
|
||||||
|
## [1.42.4](https://github.com/certd/certd/compare/v1.42.3...v1.42.4) (2026-07-11)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/ui-client
|
||||||
|
|
||||||
|
## [1.42.3](https://github.com/certd/certd/compare/v1.42.2...v1.42.3) (2026-07-08)
|
||||||
|
|
||||||
|
**Note:** Version bump only for package @certd/ui-client
|
||||||
|
|
||||||
|
## [1.42.2](https://github.com/certd/certd/compare/v1.42.1...v1.42.2) (2026-07-07)
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* 修复企业模式下弹出邮箱绑定提醒的问题 ([8d9dad9](https://github.com/certd/certd/commit/8d9dad9c82f6f2fd3ab3040068946a33f37145b1))
|
||||||
|
|
||||||
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
||||||
|
|
||||||
### Bug Fixes
|
### Bug Fixes
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "@certd/ui-client",
|
"name": "@certd/ui-client",
|
||||||
"version": "1.42.1",
|
"version": "1.42.4",
|
||||||
"private": true,
|
"private": true,
|
||||||
"scripts": {
|
"scripts": {
|
||||||
"dev": "vite --open",
|
"dev": "vite --open",
|
||||||
@@ -105,8 +105,8 @@
|
|||||||
"zod-defaults": "^0.1.3"
|
"zod-defaults": "^0.1.3"
|
||||||
},
|
},
|
||||||
"devDependencies": {
|
"devDependencies": {
|
||||||
"@certd/lib-iframe": "^1.42.1",
|
"@certd/lib-iframe": "^1.42.4",
|
||||||
"@certd/pipeline": "^1.42.1",
|
"@certd/pipeline": "^1.42.4",
|
||||||
"@rollup/plugin-commonjs": "^25.0.7",
|
"@rollup/plugin-commonjs": "^25.0.7",
|
||||||
"@rollup/plugin-node-resolve": "^15.2.3",
|
"@rollup/plugin-node-resolve": "^15.2.3",
|
||||||
"@types/chai": "^4.3.12",
|
"@types/chai": "^4.3.12",
|
||||||
|
|||||||
@@ -15,11 +15,14 @@ import { Modal, notification } from "ant-design-vue";
|
|||||||
import { useI18n } from "/src/locales";
|
import { useI18n } from "/src/locales";
|
||||||
import { request } from "/@/api/service";
|
import { request } from "/@/api/service";
|
||||||
import { useFormDialog } from "/@/use/use-dialog";
|
import { useFormDialog } from "/@/use/use-dialog";
|
||||||
|
import { useSettingStore } from "/@/store/settings/index.jsx";
|
||||||
|
|
||||||
const { t } = useI18n();
|
const { t } = useI18n();
|
||||||
const { openFormDialog } = useFormDialog();
|
const { openFormDialog } = useFormDialog();
|
||||||
|
|
||||||
const userStore = useUserStore();
|
const userStore = useUserStore();
|
||||||
|
const settingStore = useSettingStore();
|
||||||
|
|
||||||
const changePasswordButtonRef = ref();
|
const changePasswordButtonRef = ref();
|
||||||
const emailFormWrapperRef = ref<any>();
|
const emailFormWrapperRef = ref<any>();
|
||||||
|
|
||||||
@@ -34,6 +37,9 @@ const validateEmailConfirm = async (_rule: any, value: string) => {
|
|||||||
};
|
};
|
||||||
|
|
||||||
async function checkAndSetupAccount() {
|
async function checkAndSetupAccount() {
|
||||||
|
if (settingStore.isEnterprise) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
try {
|
try {
|
||||||
const userInfo = userStore.getUserInfo as any;
|
const userInfo = userStore.getUserInfo as any;
|
||||||
if (!userInfo.needInitAccount) {
|
if (!userInfo.needInitAccount) {
|
||||||
|
|||||||
@@ -3,6 +3,29 @@
|
|||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||||
|
|
||||||
|
## [1.42.4](https://github.com/certd/certd/compare/v1.42.3...v1.42.4) (2026-07-11)
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* 修复火山引擎查不到自定义源站域名的问题 ([02dabe1](https://github.com/certd/certd/commit/02dabe11db3e9b13ca4621ce9ddd2b808bfca390))
|
||||||
|
* 修复火山引擎自定义源站域名查询不到的问题 ([e44bf9d](https://github.com/certd/certd/commit/e44bf9d77375d48ac7fd1582e69fae02dfd248fa))
|
||||||
|
* **pipeline:** 重构运行时依赖加载逻辑,修复火山引擎DNS解析报runtimeDepsService未初始化的bug ([ec69b8f](https://github.com/certd/certd/commit/ec69b8f11bfd4b20991aef74a72a47182ca79a9d))
|
||||||
|
|
||||||
|
## [1.42.3](https://github.com/certd/certd/compare/v1.42.2...v1.42.3) (2026-07-08)
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* **volcengine-alb:** 修复火山引擎ALB 默认证书部署类型会部署到扩展证书的问题 ([0a068a2](https://github.com/certd/certd/commit/0a068a274673e9768954e9f7367c267d44f3b530))
|
||||||
|
|
||||||
|
## [1.42.2](https://github.com/certd/certd/compare/v1.42.1...v1.42.2) (2026-07-07)
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* 修复火山视频点播源站选择不到自定义源站的bug ([0071bcb](https://github.com/certd/certd/commit/0071bcb0e4dd108c86d7ca01820a9f6e6960e440))
|
||||||
|
* 修复企业模式下弹出邮箱绑定提醒的问题 ([8d9dad9](https://github.com/certd/certd/commit/8d9dad9c82f6f2fd3ab3040068946a33f37145b1))
|
||||||
|
* 修复AsiaIsp CDN证书重复情况下部署失败的问题 ([c3d6db3](https://github.com/certd/certd/commit/c3d6db3f1ef2f1c897b7989521fe8809dffaded1))
|
||||||
|
* 修复cname用阿里云校验时报找不到runtimeDepsService的错误 ([072edd7](https://github.com/certd/certd/commit/072edd7affee424ab3411f4d41d338f084d7cac6))
|
||||||
|
|
||||||
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
## [1.42.1](https://github.com/certd/certd/compare/v1.42.0...v1.42.1) (2026-07-06)
|
||||||
|
|
||||||
### Bug Fixes
|
### Bug Fixes
|
||||||
|
|||||||
@@ -96,24 +96,11 @@ input:
|
|||||||
label: 点播加速域名
|
label: 点播加速域名
|
||||||
- value: image
|
- value: image
|
||||||
label: 封面加速域名
|
label: 封面加速域名
|
||||||
|
- value: third
|
||||||
|
label: 自定义源站
|
||||||
value: play
|
value: play
|
||||||
required: true
|
required: true
|
||||||
order: 0
|
order: 0
|
||||||
sourceStationType:
|
|
||||||
title: 源站类型
|
|
||||||
helper: 选择源站类型
|
|
||||||
component:
|
|
||||||
name: a-select
|
|
||||||
vModel: value
|
|
||||||
options:
|
|
||||||
- value: 1
|
|
||||||
label: 点播源站
|
|
||||||
- value: 2
|
|
||||||
label: 自定义源站
|
|
||||||
value: 1
|
|
||||||
helper: 注意:封面加速域名不支持自定义源站
|
|
||||||
required: false
|
|
||||||
order: 0
|
|
||||||
domainList:
|
domainList:
|
||||||
title: 域名
|
title: 域名
|
||||||
component:
|
component:
|
||||||
@@ -132,7 +119,6 @@ input:
|
|||||||
- accessId
|
- accessId
|
||||||
- spaceName
|
- spaceName
|
||||||
- domainType
|
- domainType
|
||||||
- sourceStationType
|
|
||||||
required: true
|
required: true
|
||||||
mergeScript: |2-
|
mergeScript: |2-
|
||||||
|
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "@certd/ui-server",
|
"name": "@certd/ui-server",
|
||||||
"version": "1.42.1",
|
"version": "1.42.4",
|
||||||
"description": "fast-server base midway",
|
"description": "fast-server base midway",
|
||||||
"private": true,
|
"private": true,
|
||||||
"type": "module",
|
"type": "module",
|
||||||
@@ -41,20 +41,20 @@
|
|||||||
"lint1": "eslint --fix"
|
"lint1": "eslint --fix"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@certd/acme-client": "^1.42.1",
|
"@certd/acme-client": "^1.42.4",
|
||||||
"@certd/basic": "^1.42.1",
|
"@certd/basic": "^1.42.4",
|
||||||
"@certd/commercial-core": "^1.42.1",
|
"@certd/commercial-core": "^1.42.4",
|
||||||
"@certd/cv4pve-api-javascript": "^8.4.2",
|
"@certd/cv4pve-api-javascript": "^8.4.2",
|
||||||
"@certd/jdcloud": "^1.42.1",
|
"@certd/jdcloud": "^1.42.4",
|
||||||
"@certd/lib-huawei": "^1.42.1",
|
"@certd/lib-huawei": "^1.42.4",
|
||||||
"@certd/lib-k8s": "^1.42.1",
|
"@certd/lib-k8s": "^1.42.4",
|
||||||
"@certd/lib-server": "^1.42.1",
|
"@certd/lib-server": "^1.42.4",
|
||||||
"@certd/midway-flyway-js": "^1.42.1",
|
"@certd/midway-flyway-js": "^1.42.4",
|
||||||
"@certd/pipeline": "^1.42.1",
|
"@certd/pipeline": "^1.42.4",
|
||||||
"@certd/plugin-cert": "^1.42.1",
|
"@certd/plugin-cert": "^1.42.4",
|
||||||
"@certd/plugin-lib": "^1.42.1",
|
"@certd/plugin-lib": "^1.42.4",
|
||||||
"@certd/plugin-plus": "^1.42.1",
|
"@certd/plugin-plus": "^1.42.4",
|
||||||
"@certd/plus-core": "^1.42.1",
|
"@certd/plus-core": "^1.42.4",
|
||||||
"@koa/cors": "^5.0.0",
|
"@koa/cors": "^5.0.0",
|
||||||
"@midwayjs/bootstrap": "3.20.11",
|
"@midwayjs/bootstrap": "3.20.11",
|
||||||
"@midwayjs/cache": "3.14.0",
|
"@midwayjs/cache": "3.14.0",
|
||||||
@@ -71,7 +71,6 @@
|
|||||||
"@peculiar/x509": "^1.11.0",
|
"@peculiar/x509": "^1.11.0",
|
||||||
"@simplewebauthn/browser": "^13.2.2",
|
"@simplewebauthn/browser": "^13.2.2",
|
||||||
"@simplewebauthn/server": "^13.2.3",
|
"@simplewebauthn/server": "^13.2.3",
|
||||||
"alipay-sdk": "^4.13.0",
|
|
||||||
"axios": "^1.9.0",
|
"axios": "^1.9.0",
|
||||||
"bcryptjs": "^2.4.3",
|
"bcryptjs": "^2.4.3",
|
||||||
"better-sqlite3": "^11.1.2",
|
"better-sqlite3": "^11.1.2",
|
||||||
@@ -96,8 +95,6 @@
|
|||||||
"nanoid": "^5.0.7",
|
"nanoid": "^5.0.7",
|
||||||
"node-forge": "^1.3.1",
|
"node-forge": "^1.3.1",
|
||||||
"nodemailer": "^6.9.16",
|
"nodemailer": "^6.9.16",
|
||||||
"openid-client": "^6.8.1",
|
|
||||||
"otplib": "^12.0.1",
|
|
||||||
"pg": "^8.12.0",
|
"pg": "^8.12.0",
|
||||||
"psl": "^1.15.0",
|
"psl": "^1.15.0",
|
||||||
"punycode.js": "^2.3.1",
|
"punycode.js": "^2.3.1",
|
||||||
@@ -113,7 +110,6 @@
|
|||||||
"svg-captcha": "^1.4.0",
|
"svg-captcha": "^1.4.0",
|
||||||
"typeorm": "^0.3.20",
|
"typeorm": "^0.3.20",
|
||||||
"uuid": "^10.0.0",
|
"uuid": "^10.0.0",
|
||||||
"wechatpay-node-v3": "^2.2.1",
|
|
||||||
"whoiser": "2.0.0-beta.10",
|
"whoiser": "2.0.0-beta.10",
|
||||||
"xml2js": "^0.6.2"
|
"xml2js": "^0.6.2"
|
||||||
},
|
},
|
||||||
@@ -170,7 +166,11 @@
|
|||||||
"@google-cloud/publicca": "^1.3.0",
|
"@google-cloud/publicca": "^1.3.0",
|
||||||
"basic-ftp": "^5.0.5",
|
"basic-ftp": "^5.0.5",
|
||||||
"esdk-obs-nodejs": "^3.25.6",
|
"esdk-obs-nodejs": "^3.25.6",
|
||||||
"qiniu": "^7.12.0"
|
"qiniu": "^7.12.0",
|
||||||
|
"alipay-sdk": "^4.13.0",
|
||||||
|
"wechatpay-node-v3": "^2.2.1",
|
||||||
|
"openid-client": "^6.8.1",
|
||||||
|
"otplib": "^12.0.1"
|
||||||
},
|
},
|
||||||
"engines": {
|
"engines": {
|
||||||
"node": ">=20.0.0"
|
"node": ">=20.0.0"
|
||||||
|
|||||||
@@ -132,7 +132,5 @@ export class MainConfiguration {
|
|||||||
logger.info(text);
|
logger.info(text);
|
||||||
});
|
});
|
||||||
logger.info("当前环境:", this.app.getEnv()); // prod
|
logger.info("当前环境:", this.app.getEnv()); // prod
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
import { AccessGetter, AccessService, BaseController, Constants, SysSettingsService } from "@certd/lib-server";
|
import { AccessGetter, AccessService, BaseController, Constants, isEnterprise, SysSettingsService } from "@certd/lib-server";
|
||||||
import { ALL, Body, Controller, Inject, Post, Provide } from "@midwayjs/core";
|
import { ALL, Body, Controller, Inject, Post, Provide } from "@midwayjs/core";
|
||||||
import { PasskeyService } from "../../../modules/login/service/passkey-service.js";
|
import { PasskeyService } from "../../../modules/login/service/passkey-service.js";
|
||||||
import { RoleService } from "../../../modules/sys/authority/service/role-service.js";
|
import { RoleService } from "../../../modules/sys/authority/service/role-service.js";
|
||||||
@@ -9,6 +9,7 @@ import { http, logger, utils } from "@certd/basic";
|
|||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
import { CodeService } from "../../../modules/basic/service/code-service.js";
|
import { CodeService } from "../../../modules/basic/service/code-service.js";
|
||||||
import { EmailService } from "../../../modules/basic/service/email-service.js";
|
import { EmailService } from "../../../modules/basic/service/email-service.js";
|
||||||
|
import { TaskServiceBuilder } from "../../../modules/pipeline/service/getter/task-service-getter.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -40,6 +41,9 @@ export class MineController extends BaseController {
|
|||||||
@Inject()
|
@Inject()
|
||||||
emailService: EmailService;
|
emailService: EmailService;
|
||||||
|
|
||||||
|
@Inject()
|
||||||
|
taskServiceBuilder: TaskServiceBuilder;
|
||||||
|
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询用户信息" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询用户信息" })
|
||||||
public async info() {
|
public async info() {
|
||||||
const userId = this.getUserId();
|
const userId = this.getUserId();
|
||||||
@@ -54,14 +58,18 @@ export class MineController extends BaseController {
|
|||||||
delete user.password;
|
delete user.password;
|
||||||
//@ts-ignore
|
//@ts-ignore
|
||||||
user.needInitPassword = needInitPassword;
|
user.needInitPassword = needInitPassword;
|
||||||
|
//@ts-ignore
|
||||||
const existingAccess = await this.accessService.findOne({
|
user.needInitAccount = false;
|
||||||
where: { type: "acmeAccount", subtype: "letsencrypt", userId },
|
if (!isEnterprise()) {
|
||||||
});
|
const existingAccess = await this.accessService.findOne({
|
||||||
if (!existingAccess) {
|
where: { type: "acmeAccount", subtype: "letsencrypt", userId },
|
||||||
//@ts-ignore
|
});
|
||||||
user.needInitAccount = true;
|
if (!existingAccess) {
|
||||||
|
//@ts-ignore
|
||||||
|
user.needInitAccount = true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return this.ok(user);
|
return this.ok(user);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -146,8 +154,7 @@ export class MineController extends BaseController {
|
|||||||
|
|
||||||
@Post("/accountInit", { description: Constants.per.authOnly, summary: "初始化Let's Encrypt ACME账号和邮件通知" })
|
@Post("/accountInit", { description: Constants.per.authOnly, summary: "初始化Let's Encrypt ACME账号和邮件通知" })
|
||||||
public async accountInit(@Body("email") email?: string) {
|
public async accountInit(@Body("email") email?: string) {
|
||||||
const { projectId, userId } = await this.getProjectUserIdWrite();
|
const userId = this.getUserId();
|
||||||
|
|
||||||
let userEmail = email;
|
let userEmail = email;
|
||||||
let user: any = null;
|
let user: any = null;
|
||||||
if (!userEmail) {
|
if (!userEmail) {
|
||||||
@@ -169,15 +176,17 @@ export class MineController extends BaseController {
|
|||||||
|
|
||||||
await this.emailService.add(userId, userEmail);
|
await this.emailService.add(userId, userEmail);
|
||||||
|
|
||||||
await this.notificationService.getOrCreateDefault(userEmail, userId, projectId);
|
await this.notificationService.getOrCreateDefault(userEmail, userId);
|
||||||
|
|
||||||
const getAccessById = this.accessService.getById.bind(this.accessService);
|
const getAccessById = this.accessService.getById.bind(this.accessService);
|
||||||
const accessGetter = new AccessGetter(userId, projectId, getAccessById);
|
const accessGetter = new AccessGetter(userId, undefined, getAccessById);
|
||||||
|
const serviceGetter = this.taskServiceBuilder.create({ userId });
|
||||||
const accessContext = {
|
const accessContext = {
|
||||||
http,
|
http,
|
||||||
logger,
|
logger,
|
||||||
utils,
|
utils,
|
||||||
accessService: accessGetter,
|
accessService: accessGetter,
|
||||||
|
serviceGetter,
|
||||||
define: undefined,
|
define: undefined,
|
||||||
} as any;
|
} as any;
|
||||||
const access = await newAccess("acmeAccount", { caType: "letsencrypt", email: userEmail }, accessGetter, accessContext);
|
const access = await newAccess("acmeAccount", { caType: "letsencrypt", email: userEmail }, accessGetter, accessContext);
|
||||||
@@ -187,7 +196,7 @@ export class MineController extends BaseController {
|
|||||||
type: "acmeAccount",
|
type: "acmeAccount",
|
||||||
name: "Let's Encrypt",
|
name: "Let's Encrypt",
|
||||||
userId,
|
userId,
|
||||||
projectId,
|
projectId: undefined,
|
||||||
setting: JSON.stringify({
|
setting: JSON.stringify({
|
||||||
caType: "letsencrypt",
|
caType: "letsencrypt",
|
||||||
email: userEmail,
|
email: userEmail,
|
||||||
|
|||||||
@@ -8,7 +8,6 @@ import { TaskServiceBuilder } from "../../../modules/pipeline/service/getter/tas
|
|||||||
import { cloneDeep } from "lodash-es";
|
import { cloneDeep } from "lodash-es";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
|
import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
|
||||||
import { RuntimeDepsService } from "../../../modules/runtime-deps/runtime-deps-service.js";
|
|
||||||
|
|
||||||
@Provide()
|
@Provide()
|
||||||
@Controller("/api/pi/handle")
|
@Controller("/api/pi/handle")
|
||||||
@@ -29,9 +28,6 @@ export class HandleController extends BaseController {
|
|||||||
@Inject()
|
@Inject()
|
||||||
notificationService: NotificationService;
|
notificationService: NotificationService;
|
||||||
|
|
||||||
@Inject()
|
|
||||||
runtimeDepsService: RuntimeDepsService;
|
|
||||||
|
|
||||||
@Post("/access", { description: Constants.per.authOnly, summary: "处理授权请求" })
|
@Post("/access", { description: Constants.per.authOnly, summary: "处理授权请求" })
|
||||||
async accessRequest(@Body(ALL) body: AccessRequestHandleReq) {
|
async accessRequest(@Body(ALL) body: AccessRequestHandleReq) {
|
||||||
let { projectId, userId } = await this.getProjectUserIdRead();
|
let { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
@@ -64,12 +60,14 @@ export class HandleController extends BaseController {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
const getAccessById = this.accessService.getById.bind(this.accessService);
|
const getAccessById = this.accessService.getById.bind(this.accessService);
|
||||||
const accessGetter = new AccessGetter(userId, projectId, getAccessById, this.runtimeDepsService);
|
const accessGetter = new AccessGetter(userId, projectId, getAccessById);
|
||||||
|
const serviceGetter = this.taskServiceBuilder.create({ userId, projectId });
|
||||||
const accessContext = {
|
const accessContext = {
|
||||||
http,
|
http,
|
||||||
logger,
|
logger,
|
||||||
utils,
|
utils,
|
||||||
accessService: accessGetter,
|
accessService: accessGetter,
|
||||||
|
serviceGetter,
|
||||||
define: undefined,
|
define: undefined,
|
||||||
} as any;
|
} as any;
|
||||||
const access = await newAccess(body.typeName, inputAccess, accessGetter, accessContext);
|
const access = await newAccess(body.typeName, inputAccess, accessGetter, accessContext);
|
||||||
|
|||||||
@@ -2,6 +2,7 @@ import { Inject, Provide, Scope, ScopeEnum } from "@midwayjs/core";
|
|||||||
import { logger } from "@certd/basic";
|
import { logger } from "@certd/basic";
|
||||||
import { PluginService } from "../plugin/service/plugin-service.js";
|
import { PluginService } from "../plugin/service/plugin-service.js";
|
||||||
import { registerPaymentProviders } from "../suite/payments/index.js";
|
import { registerPaymentProviders } from "../suite/payments/index.js";
|
||||||
|
import { RuntimeDepsService } from "../runtime-deps/runtime-deps-service.js";
|
||||||
|
|
||||||
@Provide()
|
@Provide()
|
||||||
@Scope(ScopeEnum.Request, { allowDowngrade: true })
|
@Scope(ScopeEnum.Request, { allowDowngrade: true })
|
||||||
@@ -9,6 +10,9 @@ export class AutoLoadPlugins {
|
|||||||
@Inject()
|
@Inject()
|
||||||
pluginService: PluginService;
|
pluginService: PluginService;
|
||||||
|
|
||||||
|
@Inject()
|
||||||
|
runtimeDepsService: RuntimeDepsService;
|
||||||
|
|
||||||
async init() {
|
async init() {
|
||||||
logger.info(`加载插件开始,加载模式:${process.env.certd_plugin_loadmode}`);
|
logger.info(`加载插件开始,加载模式:${process.env.certd_plugin_loadmode}`);
|
||||||
if (process.env.certd_plugin_loadmode === "metadata") {
|
if (process.env.certd_plugin_loadmode === "metadata") {
|
||||||
@@ -30,5 +34,8 @@ export class AutoLoadPlugins {
|
|||||||
|
|
||||||
await registerPaymentProviders();
|
await registerPaymentProviders();
|
||||||
logger.info(`加载插件完成,加载模式:${process.env.certd_plugin_loadmode}`);
|
logger.info(`加载插件完成,加载模式:${process.env.certd_plugin_loadmode}`);
|
||||||
|
|
||||||
|
// 收集插件 dependPackages 并安装
|
||||||
|
await this.runtimeDepsService.refreshPluginDeps();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -805,11 +805,12 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
async batchDelete(ids: number[], userId: number, projectId?: number): Promise<void> {
|
async batchDelete(ids: number[], userId: number, projectId?: number): Promise<number> {
|
||||||
const userProjectQuery = this.buildUserProjectQuery(userId, projectId);
|
const userProjectQuery = this.buildUserProjectQuery(userId, projectId);
|
||||||
await this.repository.delete({
|
await this.repository.delete({
|
||||||
id: In(ids),
|
id: In(ids),
|
||||||
...userProjectQuery,
|
...userProjectQuery,
|
||||||
});
|
});
|
||||||
|
return ids.length;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -66,9 +66,8 @@ export class TaskServiceGetter implements IServiceGetter {
|
|||||||
|
|
||||||
async getAccessService(): Promise<AccessGetter> {
|
async getAccessService(): Promise<AccessGetter> {
|
||||||
const accessService: AccessService = await this.appCtx.getAsync("accessService");
|
const accessService: AccessService = await this.appCtx.getAsync("accessService");
|
||||||
const runtimeDepsService = await this.getRuntimeDepsService();
|
|
||||||
const getAccessById = accessService.getById.bind(accessService);
|
const getAccessById = accessService.getById.bind(accessService);
|
||||||
return new AccessGetter(this.userId, this.projectId, getAccessById, runtimeDepsService);
|
return new AccessGetter(this.userId, this.projectId, getAccessById);
|
||||||
}
|
}
|
||||||
|
|
||||||
async getCnameProxyService(): Promise<CnameProxyService> {
|
async getCnameProxyService(): Promise<CnameProxyService> {
|
||||||
|
|||||||
@@ -962,7 +962,7 @@ export class PipelineService extends BaseService<PipelineEntity> {
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
async batchDelete(ids: number[], userId?: number, projectId?: number) {
|
async batchDelete(ids: number[], userId?: number, projectId?: number):Promise<number> {
|
||||||
if (!isPlus()) {
|
if (!isPlus()) {
|
||||||
throw new NeedVIPException("此功能需要升级Certd专业版");
|
throw new NeedVIPException("此功能需要升级Certd专业版");
|
||||||
}
|
}
|
||||||
@@ -974,7 +974,9 @@ export class PipelineService extends BaseService<PipelineEntity> {
|
|||||||
await this.checkUserId(id, projectId, "projectId");
|
await this.checkUserId(id, projectId, "projectId");
|
||||||
}
|
}
|
||||||
await this.delete(id);
|
await this.delete(id);
|
||||||
|
ids.push(id);
|
||||||
}
|
}
|
||||||
|
return ids.length
|
||||||
}
|
}
|
||||||
|
|
||||||
async batchUpdateGroup(ids: number[], groupId: number, userId: any, projectId?: number) {
|
async batchUpdateGroup(ids: number[], groupId: number, userId: any, projectId?: number) {
|
||||||
|
|||||||
@@ -87,7 +87,7 @@ export class TemplateService extends BaseService<TemplateEntity> {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
async batchDelete(ids: number[], userId: number, projectId?: number) {
|
async batchDelete(ids: number[], userId: number, projectId?: number): Promise<number> {
|
||||||
const where: any = {
|
const where: any = {
|
||||||
id: In(ids),
|
id: In(ids),
|
||||||
};
|
};
|
||||||
@@ -102,6 +102,7 @@ export class TemplateService extends BaseService<TemplateEntity> {
|
|||||||
const pipelineIds = list.map(item => item.pipelineId);
|
const pipelineIds = list.map(item => item.pipelineId);
|
||||||
await this.delete(ids);
|
await this.delete(ids);
|
||||||
await this.pipelineService.batchDelete(pipelineIds, userId, projectId);
|
await this.pipelineService.batchDelete(pipelineIds, userId, projectId);
|
||||||
|
return ids.length;
|
||||||
}
|
}
|
||||||
|
|
||||||
async createPipelineByTemplate(body: PipelineEntity) {
|
async createPipelineByTemplate(body: PipelineEntity) {
|
||||||
|
|||||||
@@ -270,6 +270,7 @@ export class PluginService extends BaseService<PluginEntity> {
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
await this.registerPlugin(item);
|
await this.registerPlugin(item);
|
||||||
|
await this.runtimeDepsService.refreshPluginDeps();
|
||||||
}
|
}
|
||||||
|
|
||||||
async unRegisterById(id: any) {
|
async unRegisterById(id: any) {
|
||||||
@@ -297,6 +298,7 @@ export class PluginService extends BaseService<PluginEntity> {
|
|||||||
} else {
|
} else {
|
||||||
logger.warn(`不支持的插件类型:${item.pluginType}`);
|
logger.warn(`不支持的插件类型:${item.pluginType}`);
|
||||||
}
|
}
|
||||||
|
await this.runtimeDepsService.refreshPluginDeps();
|
||||||
}
|
}
|
||||||
|
|
||||||
async update(param: any) {
|
async update(param: any) {
|
||||||
|
|||||||
@@ -150,6 +150,11 @@ export class RuntimeDepsService {
|
|||||||
@Config("runtimeDeps.lazyDependencies")
|
@Config("runtimeDeps.lazyDependencies")
|
||||||
lazyDependencies: Record<string, string> = {};
|
lazyDependencies: Record<string, string> = {};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 从插件 registry 收集到的懒加载依赖,键为包名,值为版本范围
|
||||||
|
*/
|
||||||
|
pluginLazyDependencies: Record<string, string> = {};
|
||||||
|
|
||||||
@Inject()
|
@Inject()
|
||||||
registryResolver!: NpmRegistryResolver;
|
registryResolver!: NpmRegistryResolver;
|
||||||
|
|
||||||
@@ -339,7 +344,8 @@ export class RuntimeDepsService {
|
|||||||
|
|
||||||
private async resolveMissingRuntimeSpecifier(specifier: string, runtimeError: any, logger?: ILogger) {
|
private async resolveMissingRuntimeSpecifier(specifier: string, runtimeError: any, logger?: ILogger) {
|
||||||
const packageName = this.parsePackageName(specifier);
|
const packageName = this.parsePackageName(specifier);
|
||||||
const lazyRange = this.lazyDependencies?.[packageName];
|
const mergedDeps = this.getMergedLazyDependencies();
|
||||||
|
const lazyRange = mergedDeps[packageName];
|
||||||
if (!lazyRange) {
|
if (!lazyRange) {
|
||||||
try {
|
try {
|
||||||
return this.resolveProjectSpecifier(specifier, runtimeError).resolved;
|
return this.resolveProjectSpecifier(specifier, runtimeError).resolved;
|
||||||
@@ -565,6 +571,56 @@ export class RuntimeDepsService {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 合并 package.json 的 lazyDependencies 和插件注册表收集到的 dependPackages
|
||||||
|
* 插件依赖优先(同名时使用插件声明的版本)
|
||||||
|
*/
|
||||||
|
getMergedLazyDependencies(): Record<string, string> {
|
||||||
|
return { ...this.lazyDependencies, ...this.pluginLazyDependencies };
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 从所有插件注册表中收集 dependPackages,合并到 pluginLazyDependencies
|
||||||
|
*/
|
||||||
|
collectPluginDeps() {
|
||||||
|
const registries: Array<{ registry: Registry<any>; keyFormatter?: (name: string) => string }> = [
|
||||||
|
{ registry: pluginRegistry },
|
||||||
|
{ registry: accessRegistry },
|
||||||
|
{ registry: notificationRegistry },
|
||||||
|
{ registry: dnsProviderRegistry },
|
||||||
|
{ registry: addonRegistry },
|
||||||
|
];
|
||||||
|
|
||||||
|
const deps: Record<string, string> = {};
|
||||||
|
for (const { registry } of registries) {
|
||||||
|
const defineList = registry.getDefineList();
|
||||||
|
for (const define of defineList) {
|
||||||
|
const dependPackages = (define as any).dependPackages as Record<string, string> | undefined;
|
||||||
|
if (!dependPackages) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
for (const [pkgName, range] of Object.entries(dependPackages)) {
|
||||||
|
const existing = deps[pkgName];
|
||||||
|
if (existing && !areRangesCompatible(existing, range)) {
|
||||||
|
logger.warn(`懒加载依赖版本冲突: ${pkgName} => ${existing} vs ${range},保留已有版本`);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
deps[pkgName] = range;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
this.pluginLazyDependencies = deps;
|
||||||
|
logger.info(`从插件注册表收集到 ${Object.keys(deps).length} 个懒加载依赖`);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 刷新插件懒加载依赖:收集所有插件的 dependPackages 到内存列表,实际安装延迟到 importRuntime 时触发
|
||||||
|
*/
|
||||||
|
async refreshPluginDeps() {
|
||||||
|
this.collectPluginDeps();
|
||||||
|
}
|
||||||
|
|
||||||
private readInstallState(statePath: string): any {
|
private readInstallState(statePath: string): any {
|
||||||
if (!fs.existsSync(statePath)) {
|
if (!fs.existsSync(statePath)) {
|
||||||
return null;
|
return null;
|
||||||
|
|||||||
@@ -105,7 +105,7 @@ export class PaymentAlipay implements IPaymentProvider {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private async createAlipaySdk() {
|
private async createAlipaySdk() {
|
||||||
const AlipaySdk = await import("alipay-sdk");
|
const AlipaySdk = await this.access.importRuntime("alipay-sdk");
|
||||||
|
|
||||||
const alipaySdk = new AlipaySdk.AlipaySdk({
|
const alipaySdk = new AlipaySdk.AlipaySdk({
|
||||||
appId: this.access.appId,
|
appId: this.access.appId,
|
||||||
|
|||||||
@@ -1,7 +1,6 @@
|
|||||||
import { IPaymentProvider, TradeEntity, UpdateTrade, UpdateTradeInfo } from "@certd/commercial-core";
|
import { IPaymentProvider, TradeEntity, UpdateTrade, UpdateTradeInfo } from "@certd/commercial-core";
|
||||||
import WxPay from "wechatpay-node-v3";
|
|
||||||
import dayjs from "dayjs";
|
import dayjs from "dayjs";
|
||||||
import { logger } from "@certd/basic"; // 支持使用require
|
import { logger } from "@certd/basic";
|
||||||
import { WxpayAccess } from "../../../plugins/plugin-plus/wxpay/access.js";
|
import { WxpayAccess } from "../../../plugins/plugin-plus/wxpay/access.js";
|
||||||
export class PaymentWxpay implements IPaymentProvider {
|
export class PaymentWxpay implements IPaymentProvider {
|
||||||
access: WxpayAccess;
|
access: WxpayAccess;
|
||||||
@@ -26,7 +25,7 @@ export class PaymentWxpay implements IPaymentProvider {
|
|||||||
* }
|
* }
|
||||||
*/
|
*/
|
||||||
|
|
||||||
const pay = this.createSdk();
|
const pay = await this.createSdk();
|
||||||
|
|
||||||
const result: any = await pay.query({ out_trade_no: tradeNo });
|
const result: any = await pay.query({ out_trade_no: tradeNo });
|
||||||
logger.info(`微信支付查询订单返回:${JSON.stringify(result)}`);
|
logger.info(`微信支付查询订单返回:${JSON.stringify(result)}`);
|
||||||
@@ -58,7 +57,7 @@ export class PaymentWxpay implements IPaymentProvider {
|
|||||||
async createOrder(trade: TradeEntity, opts: { bindUrl: string; clientIp: string }) {
|
async createOrder(trade: TradeEntity, opts: { bindUrl: string; clientIp: string }) {
|
||||||
const notify_url = `${opts.bindUrl}/api/payment/notify/wxpay`;
|
const notify_url = `${opts.bindUrl}/api/payment/notify/wxpay`;
|
||||||
|
|
||||||
const pay = this.createSdk();
|
const pay = await this.createSdk();
|
||||||
|
|
||||||
const params = {
|
const params = {
|
||||||
description: trade.title,
|
description: trade.title,
|
||||||
@@ -83,7 +82,9 @@ export class PaymentWxpay implements IPaymentProvider {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
private createSdk() {
|
private async createSdk() {
|
||||||
|
const WxPayLib = await this.access.importRuntime("wechatpay-node-v3");
|
||||||
|
const WxPay = WxPayLib.default;
|
||||||
const pay = new WxPay({
|
const pay = new WxPay({
|
||||||
appid: this.access.appId,
|
appid: this.access.appId,
|
||||||
mchid: this.access.mchid,
|
mchid: this.access.mchid,
|
||||||
@@ -94,7 +95,7 @@ export class PaymentWxpay implements IPaymentProvider {
|
|||||||
}
|
}
|
||||||
|
|
||||||
async onNotify(notifyData: any, updateTrade: UpdateTrade) {
|
async onNotify(notifyData: any, updateTrade: UpdateTrade) {
|
||||||
const pay = this.createSdk();
|
const pay = await this.createSdk();
|
||||||
const { ciphertext, associated_data, nonce } = notifyData.resource;
|
const { ciphertext, associated_data, nonce } = notifyData.resource;
|
||||||
logger.info(`微信支付notify:${JSON.stringify(notifyData)}`);
|
logger.info(`微信支付notify:${JSON.stringify(notifyData)}`);
|
||||||
const key = this.access.key;
|
const key = this.access.key;
|
||||||
|
|||||||
+1
-1
@@ -16,7 +16,7 @@ export class AliyunDnsProvider extends AbstractDnsProvider {
|
|||||||
async onInstance() {
|
async onInstance() {
|
||||||
const access: AliyunAccess = this.ctx.access as AliyunAccess;
|
const access: AliyunAccess = this.ctx.access as AliyunAccess;
|
||||||
|
|
||||||
this.client = new AliyunClient({ logger: this.logger, importRuntime: access.importRuntime.bind(access) });
|
this.client = new AliyunClient({ logger: this.logger, importRuntime: this.importRuntime.bind(this) });
|
||||||
await this.client.init({
|
await this.client.init({
|
||||||
accessKeyId: access.accessKeyId,
|
accessKeyId: access.accessKeyId,
|
||||||
accessKeySecret: access.accessKeySecret,
|
accessKeySecret: access.accessKeySecret,
|
||||||
|
|||||||
@@ -114,14 +114,20 @@ export class AsiaIspClient {
|
|||||||
|
|
||||||
if (response.code !== "0") {
|
if (response.code !== "0") {
|
||||||
this.logger.error(`接口请求失败: code=${response.code}, msg=${response.msg}`);
|
this.logger.error(`接口请求失败: code=${response.code}, msg=${response.msg}`);
|
||||||
throw new Error(response.msg || "接口请求失败");
|
const e = new Error(response.msg || "接口请求失败");
|
||||||
|
// @ts-ignore
|
||||||
|
e.errorCode = response.code;
|
||||||
|
throw e;
|
||||||
}
|
}
|
||||||
|
|
||||||
return response;
|
return response;
|
||||||
} catch (error: any) {
|
} catch (error: any) {
|
||||||
if (error.message && !error.message.includes("接口请求失败")) {
|
const response = error.response;
|
||||||
this.logger.error(`接口请求异常: ${error.message}`);
|
if (response && response.data) {
|
||||||
throw new Error(`接口请求异常: ${error.message}`);
|
const e = new Error(response.data.msg || error.message || "接口请求失败");
|
||||||
|
// @ts-ignore
|
||||||
|
e.errorCode = response.data.code;
|
||||||
|
throw e;
|
||||||
}
|
}
|
||||||
throw error;
|
throw error;
|
||||||
}
|
}
|
||||||
@@ -189,7 +195,7 @@ export class AsiaIspClient {
|
|||||||
return certId;
|
return certId;
|
||||||
} catch (e: any) {
|
} catch (e: any) {
|
||||||
const msg = e.message || "";
|
const msg = e.message || "";
|
||||||
const isExists = msg.includes("Certificate already exists") || e.code === "80003" || msg.includes("Certificate note name already exists") || e.code === "80010";
|
const isExists = msg.includes("Certificate already exists") || e.errorCode === "80003" || msg.includes("Certificate note name already exists") || e.errorCode === "80010";
|
||||||
//返回数据: {"code":"80010","msg":"Certificate note name already exists","data":null}
|
//返回数据: {"code":"80010","msg":"Certificate note name already exists","data":null}
|
||||||
if (!isExists) {
|
if (!isExists) {
|
||||||
throw e;
|
throw e;
|
||||||
@@ -199,7 +205,7 @@ export class AsiaIspClient {
|
|||||||
const list = await this.getCertList();
|
const list = await this.getCertList();
|
||||||
const found = list.find((item: any) => item.name === certName);
|
const found = list.find((item: any) => item.name === certName);
|
||||||
if (!found) {
|
if (!found) {
|
||||||
throw new Error(`证书已存在但无法查询到: ${certName}`);
|
throw new Error(`证书已存在但无法查询到: 请重新申请一份证书,或者将已有证书名称修改为:${certName}`);
|
||||||
}
|
}
|
||||||
const certId = Number(found.certId);
|
const certId = Number(found.certId);
|
||||||
this.logger.info(`复用已有证书,证书ID: ${certId}`);
|
this.logger.info(`复用已有证书,证书ID: ${certId}`);
|
||||||
@@ -224,15 +230,23 @@ export class AsiaIspClient {
|
|||||||
* PUT /openapi/v3/stat?action=domainModify
|
* PUT /openapi/v3/stat?action=domainModify
|
||||||
*/
|
*/
|
||||||
async deployCertToDomain(req: { domain: string; certId: number; protocol: string }): Promise<void> {
|
async deployCertToDomain(req: { domain: string; certId: number; protocol: string }): Promise<void> {
|
||||||
await this.doRequest({
|
try {
|
||||||
method: "PUT",
|
await this.doRequest({
|
||||||
action: "domainModify",
|
method: "PUT",
|
||||||
data: {
|
action: "domainModify",
|
||||||
domain: req.domain,
|
data: {
|
||||||
certId: `${req.certId}`,
|
domain: req.domain,
|
||||||
protocol: req.protocol || "https",
|
certId: `${req.certId}`,
|
||||||
},
|
protocol: req.protocol || "https",
|
||||||
});
|
},
|
||||||
|
});
|
||||||
|
} catch (e: any) {
|
||||||
|
if (e.errorCode === "50024") {
|
||||||
|
this.logger.info(`域名 ${req.domain} 已绑定该证书 ${req.certId},无需重复绑定`);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
throw e;
|
||||||
|
}
|
||||||
this.logger.info(`部署证书到域名成功: ${req.domain}, certId=${req.certId}`);
|
this.logger.info(`部署证书到域名成功: ${req.domain}, certId=${req.certId}`);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,21 +1,107 @@
|
|||||||
// 导入所需的 SDK 模块
|
// 导入所需的 SDK 模块
|
||||||
import { AwsCNAccess } from "../access.js";
|
import { AwsCNAccess } from "../access.js";
|
||||||
import { CertInfo } from "@certd/plugin-cert";
|
import { CertInfo } from "@certd/plugin-cert";
|
||||||
|
import { ILogger } from "@certd/basic";
|
||||||
|
|
||||||
type AwsIAMClientOptions = { access: AwsCNAccess; region: string };
|
type AwsIAMClientOptions = { access: AwsCNAccess; region: string; logger?: ILogger };
|
||||||
|
|
||||||
|
// IAM ListServerCertificates 返回的证书元信息(仅保留本插件用到的字段)
|
||||||
|
export type ServerCertificateMetadata = {
|
||||||
|
ServerCertificateName?: string;
|
||||||
|
ServerCertificateId?: string;
|
||||||
|
Expiration?: Date | string;
|
||||||
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 拆分完整 PEM,得到叶子证书和证书链。
|
||||||
|
* 使用 lookbehind 分割,保留每段结尾的 -----END CERTIFICATE-----,
|
||||||
|
* 避免证书链丢失结尾标记而变成非法 PEM(AWS 会报 MalformedCertificate)。
|
||||||
|
*/
|
||||||
|
export function splitCertAndChain(crt: string): { cert: string; chain: string } {
|
||||||
|
const pemBlocks = crt.split(/(?<=-----END CERTIFICATE-----)/);
|
||||||
|
const cert = pemBlocks[0].trim();
|
||||||
|
const chain = pemBlocks.slice(1).join("").trim();
|
||||||
|
return { cert, chain };
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 从 IAM 证书元信息列表中,挑出"本次被替换掉"的旧证书名称。
|
||||||
|
* distribution 已改用新证书,旧证书不再被其引用,因此无论是否过期都应清理,
|
||||||
|
* 否则提前续期/手动重部署产生的旧证书会在 IAM 中不断堆积。
|
||||||
|
* 过滤规则:
|
||||||
|
* - ServerCertificateId 必须命中 targetCertIds(即本次部署前 CloudFront 引用的旧证书)
|
||||||
|
* - 不能等于 excludeCertId(本次新上传的证书,避免误删)
|
||||||
|
* 返回去重后的 ServerCertificateName 列表。
|
||||||
|
*/
|
||||||
|
export function pickReplacedCertNames(params: { metadataList: ServerCertificateMetadata[]; targetCertIds: Set<string> | string[]; excludeCertId?: string }): string[] {
|
||||||
|
const { metadataList, targetCertIds, excludeCertId } = params;
|
||||||
|
const targetIdSet = targetCertIds instanceof Set ? targetCertIds : new Set(targetCertIds);
|
||||||
|
|
||||||
|
const names = new Set<string>();
|
||||||
|
for (const metadata of metadataList) {
|
||||||
|
const certId = metadata.ServerCertificateId;
|
||||||
|
const certName = metadata.ServerCertificateName;
|
||||||
|
if (!certId || !certName) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if (!targetIdSet.has(certId)) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if (excludeCertId && certId === excludeCertId) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
names.add(certName);
|
||||||
|
}
|
||||||
|
return [...names];
|
||||||
|
}
|
||||||
|
|
||||||
|
// CloudFront ViewerCertificate 字段(仅保留本插件用到的字段)
|
||||||
|
export type ViewerCertificate = {
|
||||||
|
CloudFrontDefaultCertificate?: boolean;
|
||||||
|
ACMCertificateArn?: string;
|
||||||
|
IAMCertificateId?: string;
|
||||||
|
Certificate?: string;
|
||||||
|
CertificateSource?: string;
|
||||||
|
SSLSupportMethod?: string;
|
||||||
|
MinimumProtocolVersion?: string;
|
||||||
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 基于旧 ViewerCertificate 构造使用 IAM 证书的新配置。
|
||||||
|
* - CloudFront 要求 ACMCertificateArn、IAMCertificateId、CloudFrontDefaultCertificate 三者只能存在其一,
|
||||||
|
* 因此这里只保留 IAM 证书,并显式将 CloudFrontDefaultCertificate 置为 false、不携带 ACMCertificateArn。
|
||||||
|
* - Certificate/CertificateSource 为 AWS 已废弃字段,更新时不再携带,避免旧的 ACM 值残留导致校验冲突。
|
||||||
|
* - SSLSupportMethod 强制为 sni-only:AWS 中国区 CloudFront 只支持 SNI,不支持 vip(专用IP),
|
||||||
|
* 若沿用旧的 vip 值会报 "The parameter ViewerCertificate with the specified SSL support method isn't available in this region"。
|
||||||
|
* - MinimumProtocolVersion 沿用旧值,缺失时给出安全默认值。
|
||||||
|
*/
|
||||||
|
export function buildIamViewerCertificate(params: { oldViewerCertificate?: ViewerCertificate; certId: string }): ViewerCertificate {
|
||||||
|
const { oldViewerCertificate, certId } = params;
|
||||||
|
const old = oldViewerCertificate || {};
|
||||||
|
return {
|
||||||
|
CloudFrontDefaultCertificate: false,
|
||||||
|
IAMCertificateId: certId,
|
||||||
|
SSLSupportMethod: "sni-only",
|
||||||
|
MinimumProtocolVersion: old.MinimumProtocolVersion || "TLSv1.2_2021",
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
export class AwsIAMClient {
|
export class AwsIAMClient {
|
||||||
options: AwsIAMClientOptions;
|
options: AwsIAMClientOptions;
|
||||||
access: AwsCNAccess;
|
access: AwsCNAccess;
|
||||||
region: string;
|
region: string;
|
||||||
|
logger?: ILogger;
|
||||||
constructor(options: AwsIAMClientOptions) {
|
constructor(options: AwsIAMClientOptions) {
|
||||||
this.options = options;
|
this.options = options;
|
||||||
this.access = options.access;
|
this.access = options.access;
|
||||||
this.region = options.region;
|
this.region = options.region;
|
||||||
|
this.logger = options.logger;
|
||||||
}
|
}
|
||||||
async importCertificate(certInfo: CertInfo, certName: string) {
|
|
||||||
// 创建 IAM 客户端
|
// 统一创建 IAM 客户端,供上传/查询/删除复用
|
||||||
const { IAMClient, UploadServerCertificateCommand } = await this.access.importRuntime("@aws-sdk/client-iam");
|
private async createIamClient() {
|
||||||
|
const iamModule = await this.access.importRuntime("@aws-sdk/client-iam");
|
||||||
|
const { IAMClient } = iamModule;
|
||||||
const iamClient = new IAMClient({
|
const iamClient = new IAMClient({
|
||||||
region: this.region, // 替换为您的 AWS 区域
|
region: this.region, // 替换为您的 AWS 区域
|
||||||
credentials: {
|
credentials: {
|
||||||
@@ -23,20 +109,99 @@ export class AwsIAMClient {
|
|||||||
secretAccessKey: this.access.secretAccessKey,
|
secretAccessKey: this.access.secretAccessKey,
|
||||||
},
|
},
|
||||||
});
|
});
|
||||||
|
return { iamClient, iamModule };
|
||||||
|
}
|
||||||
|
|
||||||
const cert = certInfo.crt.split("-----END CERTIFICATE-----")[0] + "-----END CERTIFICATE-----";
|
async importCertificate(certInfo: CertInfo, certName: string) {
|
||||||
const chain = certInfo.crt.split("-----END CERTIFICATE-----\n")[1];
|
const { iamClient, iamModule } = await this.createIamClient();
|
||||||
|
const { UploadServerCertificateCommand } = iamModule;
|
||||||
|
|
||||||
|
const { cert, chain } = splitCertAndChain(certInfo.crt);
|
||||||
// 构建上传参数
|
// 构建上传参数
|
||||||
const command = new UploadServerCertificateCommand({
|
const command = new UploadServerCertificateCommand({
|
||||||
Path: "/cloudfront/",
|
Path: "/cloudfront/",
|
||||||
ServerCertificateName: certName,
|
ServerCertificateName: certName,
|
||||||
CertificateBody: cert,
|
CertificateBody: cert,
|
||||||
PrivateKey: certInfo.key,
|
PrivateKey: certInfo.key,
|
||||||
CertificateChain: chain,
|
CertificateChain: chain || undefined,
|
||||||
});
|
});
|
||||||
const data = await iamClient.send(command);
|
|
||||||
console.log("Upload successful:", data);
|
try {
|
||||||
// 返回证书 ID
|
const data = await iamClient.send(command);
|
||||||
return data.ServerCertificateMetadata.ServerCertificateId;
|
// 返回证书 ID
|
||||||
|
return data.ServerCertificateMetadata.ServerCertificateId;
|
||||||
|
} catch (err) {
|
||||||
|
const message = err.message || String(err);
|
||||||
|
const requestId = err.$metadata?.requestId || err.requestId;
|
||||||
|
console.error(`IAM 调用失败: ${message}, requestId: ${requestId}`);
|
||||||
|
throw err;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// 拉取 /cloudfront/ path 下的全部 server certificate 元信息(处理分页)
|
||||||
|
async listCloudFrontServerCertificates(): Promise<ServerCertificateMetadata[]> {
|
||||||
|
const { iamClient, iamModule } = await this.createIamClient();
|
||||||
|
const { ListServerCertificatesCommand } = iamModule;
|
||||||
|
|
||||||
|
const metadataList: ServerCertificateMetadata[] = [];
|
||||||
|
let marker: string | undefined = undefined;
|
||||||
|
do {
|
||||||
|
const command = new ListServerCertificatesCommand({
|
||||||
|
PathPrefix: "/cloudfront/",
|
||||||
|
Marker: marker,
|
||||||
|
});
|
||||||
|
const data: any = await iamClient.send(command);
|
||||||
|
const pageList: ServerCertificateMetadata[] = data.ServerCertificateMetadataList || [];
|
||||||
|
metadataList.push(...pageList);
|
||||||
|
marker = data.IsTruncated ? data.Marker : undefined;
|
||||||
|
} while (marker);
|
||||||
|
|
||||||
|
return metadataList;
|
||||||
|
}
|
||||||
|
|
||||||
|
// 按名称删除 IAM server certificate
|
||||||
|
async deleteServerCertificate(serverCertificateName: string) {
|
||||||
|
const { iamClient, iamModule } = await this.createIamClient();
|
||||||
|
const { DeleteServerCertificateCommand } = iamModule;
|
||||||
|
const command = new DeleteServerCertificateCommand({
|
||||||
|
ServerCertificateName: serverCertificateName,
|
||||||
|
});
|
||||||
|
await iamClient.send(command);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 清理本次被替换掉的旧证书(无论是否过期)。
|
||||||
|
* distribution 已改用新证书,旧证书不再被其引用,直接删除以避免 IAM 堆积。
|
||||||
|
* 必须在更新完 CloudFront 引用之后调用,否则旧证书仍被引用会报 DeleteConflict。
|
||||||
|
* 删除失败(如仍被其他分配引用)时只告警,不阻断部署流程。
|
||||||
|
*/
|
||||||
|
async deleteReplacedCerts(params: { oldCertIds: Set<string> | string[]; newCertId?: string }) {
|
||||||
|
const { oldCertIds, newCertId } = params;
|
||||||
|
const targetIdSet = oldCertIds instanceof Set ? oldCertIds : new Set(oldCertIds);
|
||||||
|
if (targetIdSet.size === 0) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
const metadataList = await this.listCloudFrontServerCertificates();
|
||||||
|
const replacedCertNames = pickReplacedCertNames({
|
||||||
|
metadataList,
|
||||||
|
targetCertIds: targetIdSet,
|
||||||
|
excludeCertId: newCertId,
|
||||||
|
});
|
||||||
|
|
||||||
|
if (replacedCertNames.length === 0) {
|
||||||
|
this.logger?.info("没有需要清理的旧证书");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
for (const certName of replacedCertNames) {
|
||||||
|
try {
|
||||||
|
await this.deleteServerCertificate(certName);
|
||||||
|
this.logger?.info(`已删除被替换的旧证书: ${certName}`);
|
||||||
|
} catch (err: any) {
|
||||||
|
const message = err?.message || String(err);
|
||||||
|
this.logger?.warn(`删除旧证书失败(可能仍被其他分配引用),已跳过: ${certName}, 原因: ${message}`);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
+58
-15
@@ -1,7 +1,7 @@
|
|||||||
import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
|
import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
|
||||||
import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
|
import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
|
||||||
import { AwsCNAccess } from "../access.js";
|
import { AwsCNAccess } from "../access.js";
|
||||||
import { AwsIAMClient } from "../libs/aws-iam-client.js";
|
import { AwsIAMClient, buildIamViewerCertificate } from "../libs/aws-iam-client.js";
|
||||||
import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from "@certd/plugin-lib";
|
import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from "@certd/plugin-lib";
|
||||||
import { AwsCNRegions } from "../constants.js";
|
import { AwsCNRegions } from "../constants.js";
|
||||||
|
|
||||||
@@ -77,10 +77,19 @@ export class AwsCNDeployToCloudFront extends AbstractTaskPlugin {
|
|||||||
async execute(): Promise<void> {
|
async execute(): Promise<void> {
|
||||||
const access = await this.getAccess<AwsCNAccess>(this.accessId);
|
const access = await this.getAccess<AwsCNAccess>(this.accessId);
|
||||||
|
|
||||||
|
const iamClient = new AwsIAMClient({
|
||||||
|
access,
|
||||||
|
region: this.region,
|
||||||
|
logger: this.logger,
|
||||||
|
});
|
||||||
|
|
||||||
|
// 本次是否真正上传了新证书(cert 为字符串时表示直接使用已有证书ID,不涉及替换过期旧证书)
|
||||||
|
const uploadedNewCert = typeof this.cert !== "string";
|
||||||
|
|
||||||
let certId = this.cert as string;
|
let certId = this.cert as string;
|
||||||
if (typeof this.cert !== "string") {
|
if (uploadedNewCert) {
|
||||||
//先上传
|
//先上传
|
||||||
certId = await this.uploadToIAM(access, this.cert);
|
certId = await this.uploadToIAM(iamClient, this.cert as CertInfo);
|
||||||
}
|
}
|
||||||
//部署到CloudFront
|
//部署到CloudFront
|
||||||
|
|
||||||
@@ -93,6 +102,9 @@ export class AwsCNDeployToCloudFront extends AbstractTaskPlugin {
|
|||||||
},
|
},
|
||||||
});
|
});
|
||||||
|
|
||||||
|
// 记录每个分配部署前引用的旧 IAM 证书ID,部署完成后清理其中已过期的
|
||||||
|
const oldCertIds = new Set<string>();
|
||||||
|
|
||||||
// update-distribution
|
// update-distribution
|
||||||
for (const distributionId of this.distributionIds) {
|
for (const distributionId of this.distributionIds) {
|
||||||
// get-distribution-config
|
// get-distribution-config
|
||||||
@@ -100,30 +112,61 @@ export class AwsCNDeployToCloudFront extends AbstractTaskPlugin {
|
|||||||
Id: distributionId,
|
Id: distributionId,
|
||||||
});
|
});
|
||||||
|
|
||||||
const configData = await cloudFrontClient.send(getDistributionConfigCommand);
|
const configData: any = await this.sendCloudFrontCommand(() => cloudFrontClient.send(getDistributionConfigCommand), `获取CloudFront配置(${distributionId})`);
|
||||||
|
|
||||||
|
const oldViewerCertificate = configData.DistributionConfig?.ViewerCertificate;
|
||||||
|
const oldCertId = oldViewerCertificate?.IAMCertificateId;
|
||||||
|
if (oldCertId) {
|
||||||
|
oldCertIds.add(oldCertId);
|
||||||
|
}
|
||||||
|
|
||||||
|
// 使用干净的 IAM ViewerCertificate,避免与旧的 ACM/默认证书字段冲突导致 InvalidViewerCertificate
|
||||||
|
const viewerCertificate = buildIamViewerCertificate({ oldViewerCertificate, certId });
|
||||||
|
|
||||||
const updateDistributionCommand = new UpdateDistributionCommand({
|
const updateDistributionCommand = new UpdateDistributionCommand({
|
||||||
DistributionConfig: {
|
DistributionConfig: {
|
||||||
...configData.DistributionConfig,
|
...configData.DistributionConfig,
|
||||||
ViewerCertificate: {
|
ViewerCertificate: viewerCertificate,
|
||||||
...configData.DistributionConfig.ViewerCertificate,
|
|
||||||
IAMCertificateId: certId,
|
|
||||||
},
|
|
||||||
},
|
},
|
||||||
Id: distributionId,
|
Id: distributionId,
|
||||||
IfMatch: configData.ETag,
|
IfMatch: configData.ETag,
|
||||||
});
|
});
|
||||||
await cloudFrontClient.send(updateDistributionCommand);
|
await this.sendCloudFrontCommand(() => cloudFrontClient.send(updateDistributionCommand), `更新CloudFront证书(${distributionId})`);
|
||||||
this.logger.info(`部署${distributionId}完成:`);
|
this.logger.info(`部署${distributionId}完成:`);
|
||||||
}
|
}
|
||||||
this.logger.info("部署完成");
|
this.logger.info("部署完成");
|
||||||
|
|
||||||
|
// 仅当本次上传了新证书时,清理被替换掉的旧证书(无论是否过期);清理失败不影响部署结果
|
||||||
|
if (uploadedNewCert) {
|
||||||
|
try {
|
||||||
|
await iamClient.deleteReplacedCerts({ oldCertIds, newCertId: certId });
|
||||||
|
} catch (err: any) {
|
||||||
|
this.logger.warn(`清理旧证书失败,已忽略: ${err?.message || err}`);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private async uploadToIAM(access: AwsCNAccess, cert: CertInfo) {
|
/**
|
||||||
const acmClient = new AwsIAMClient({
|
* 统一包装 CloudFront 调用错误。
|
||||||
access,
|
* 命中 AWS 权限不足(AccessDenied / not authorized)时,抛出可读的中文提示,
|
||||||
region: this.region,
|
* 指明该 IAM 用户需要补充的 CloudFront 与 IAM 权限,方便运维在 AWS 控制台排查。
|
||||||
});
|
*/
|
||||||
const awsCertID = await acmClient.importCertificate(cert, this.appendTimeSuffix(this.certName));
|
private async sendCloudFrontCommand<T>(action: () => Promise<T>, actionDesc: string): Promise<T> {
|
||||||
|
try {
|
||||||
|
return await action();
|
||||||
|
} catch (err: any) {
|
||||||
|
const message = err?.message || String(err);
|
||||||
|
const isAuthError = err?.name === "AccessDenied" || /not authorized to perform|no identity-based policy/i.test(message);
|
||||||
|
if (isAuthError) {
|
||||||
|
const requiredPermissions = ["cloudfront:ListDistributions", "cloudfront:GetDistributionConfig", "cloudfront:UpdateDistribution", "iam:UploadServerCertificate"].join("、");
|
||||||
|
throw new Error(`${actionDesc}失败:AWS 账号权限不足,请为该 IAM 用户附加 CloudFront 部署所需权限(${requiredPermissions})。原始错误:${message}`);
|
||||||
|
}
|
||||||
|
throw err;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private async uploadToIAM(iamClient: AwsIAMClient, cert: CertInfo) {
|
||||||
|
const awsCertID = await iamClient.importCertificate(cert, this.appendTimeSuffix(this.certName));
|
||||||
this.logger.info("证书上传成功,id=", awsCertID);
|
this.logger.info("证书上传成功,id=", awsCertID);
|
||||||
return awsCertID;
|
return awsCertID;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -100,7 +100,7 @@ export abstract class CertApplyBaseConvertPlugin extends AbstractTaskPlugin {
|
|||||||
}
|
}
|
||||||
this._result.pipelinePrivateVars.cert = cert;
|
this._result.pipelinePrivateVars.cert = cert;
|
||||||
|
|
||||||
if (isNew || !cert.pfx || !cert.der || !cert.jks || !cert.p7b) {
|
if (isNew || !cert.pfx) {
|
||||||
try {
|
try {
|
||||||
const converter = new CertConverter({ logger: this.logger });
|
const converter = new CertConverter({ logger: this.logger });
|
||||||
const res = await converter.convert({
|
const res = await converter.convert({
|
||||||
|
|||||||
@@ -1,6 +1,5 @@
|
|||||||
import { AccessInput, BaseAccess, IsAccess } from "@certd/pipeline";
|
import { AccessInput, BaseAccess, IsAccess } from "@certd/pipeline";
|
||||||
import FormData from "form-data";
|
import FormData from "form-data";
|
||||||
import { authenticator } from "otplib";
|
|
||||||
|
|
||||||
export interface ProxyHost {
|
export interface ProxyHost {
|
||||||
id: number;
|
id: number;
|
||||||
@@ -274,6 +273,7 @@ export class NginxProxyManagerAccess extends BaseAccess {
|
|||||||
|
|
||||||
let code: string;
|
let code: string;
|
||||||
try {
|
try {
|
||||||
|
const { authenticator } = await this.importRuntime("otplib");
|
||||||
code = authenticator.generate(this.totpSecret);
|
code = authenticator.generate(this.totpSecret);
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
throw this.describeError(error, "Generating TOTP code");
|
throw this.describeError(error, "Generating TOTP code");
|
||||||
|
|||||||
@@ -49,7 +49,7 @@ export class OidcOauthProvider extends BaseAddon implements IOauthProvider {
|
|||||||
issuerUrl = "";
|
issuerUrl = "";
|
||||||
|
|
||||||
async getClient() {
|
async getClient() {
|
||||||
const client = await import("openid-client");
|
const client = await this.importRuntime("openid-client");
|
||||||
const server = new URL(this.issuerUrl); // Authorization Server's Issuer Identifier
|
const server = new URL(this.issuerUrl); // Authorization Server's Issuer Identifier
|
||||||
|
|
||||||
const config = await client.discovery(server, this.clientId, this.clientSecretKey);
|
const config = await client.discovery(server, this.clientId, this.clientSecretKey);
|
||||||
|
|||||||
@@ -14,7 +14,8 @@ export class VolcengineCdnClient {
|
|||||||
if (this.service) {
|
if (this.service) {
|
||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
const { cdn } = await this.opts.access.importRuntime("@volcengine/openapi");
|
const importRuntime = this.opts.importRuntime || this.opts.access.importRuntime.bind(this.opts.access);
|
||||||
|
const { cdn } = await importRuntime("@volcengine/openapi");
|
||||||
const service = new cdn.CdnService();
|
const service = new cdn.CdnService();
|
||||||
// 设置ak、sk
|
// 设置ak、sk
|
||||||
service.setAccessKeyId(this.opts.access.accessKeyId);
|
service.setAccessKeyId(this.opts.access.accessKeyId);
|
||||||
|
|||||||
@@ -21,7 +21,8 @@ export class VolcengineDnsClient {
|
|||||||
}
|
}
|
||||||
|
|
||||||
async doRequest(req: VolcengineReq) {
|
async doRequest(req: VolcengineReq) {
|
||||||
const { Signer } = await this.opts.access.importRuntime("@volcengine/openapi");
|
const importRuntime = this.opts.importRuntime || this.opts.access.importRuntime.bind(this.opts.access);
|
||||||
|
const { Signer } = await importRuntime("@volcengine/openapi");
|
||||||
|
|
||||||
// http request data
|
// http request data
|
||||||
const openApiRequestData: any = {
|
const openApiRequestData: any = {
|
||||||
|
|||||||
+1
-1
@@ -160,7 +160,7 @@ export class VolcengineDeployToALB extends AbstractTaskPlugin {
|
|||||||
const service = await this.getAlbService();
|
const service = await this.getAlbService();
|
||||||
for (const listener of this.listenerList) {
|
for (const listener of this.listenerList) {
|
||||||
this.logger.info(`开始部署监听器${listener}证书`);
|
this.logger.info(`开始部署监听器${listener}证书`);
|
||||||
if (this.certType === "default") {
|
if (this.certType === "default" || !this.certType) {
|
||||||
// 部署默认证书
|
// 部署默认证书
|
||||||
const res = await service.request({
|
const res = await service.request({
|
||||||
action: "ModifyListenerAttributes",
|
action: "ModifyListenerAttributes",
|
||||||
|
|||||||
+41
-48
@@ -78,6 +78,7 @@ export class VolcengineDeployToVOD extends AbstractTaskPlugin {
|
|||||||
options: [
|
options: [
|
||||||
{ value: "play", label: "点播加速域名" },
|
{ value: "play", label: "点播加速域名" },
|
||||||
{ value: "image", label: "封面加速域名" },
|
{ value: "image", label: "封面加速域名" },
|
||||||
|
{ value: "third", label: "自定义源站" },
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
value: "play",
|
value: "play",
|
||||||
@@ -85,29 +86,12 @@ export class VolcengineDeployToVOD extends AbstractTaskPlugin {
|
|||||||
})
|
})
|
||||||
domainType!: string;
|
domainType!: string;
|
||||||
|
|
||||||
@TaskInput({
|
|
||||||
title: "源站类型",
|
|
||||||
helper: "选择源站类型",
|
|
||||||
component: {
|
|
||||||
name: "a-select",
|
|
||||||
vModel: "value",
|
|
||||||
options: [
|
|
||||||
{ value: 1, label: "点播源站" },
|
|
||||||
{ value: 2, label: "自定义源站" },
|
|
||||||
],
|
|
||||||
value: 1,
|
|
||||||
helper: "注意:封面加速域名不支持自定义源站",
|
|
||||||
},
|
|
||||||
required: false,
|
|
||||||
})
|
|
||||||
sourceStationType!: number | undefined;
|
|
||||||
|
|
||||||
@TaskInput(
|
@TaskInput(
|
||||||
createRemoteSelectInputDefine({
|
createRemoteSelectInputDefine({
|
||||||
title: "域名",
|
title: "域名",
|
||||||
helper: "选择要部署证书的域名\n需要先在域名管理页面进行证书中心访问授权(即点击去配置SSL证书)",
|
helper: "选择要部署证书的域名\n需要先在域名管理页面进行证书中心访问授权(即点击去配置SSL证书)",
|
||||||
action: VolcengineDeployToVOD.prototype.onGetDomainList.name,
|
action: VolcengineDeployToVOD.prototype.onGetDomainList.name,
|
||||||
watches: ["certDomains", "accessId", "spaceName", "domainType", "sourceStationType"],
|
watches: ["certDomains", "accessId", "spaceName", "domainType"],
|
||||||
required: true,
|
required: true,
|
||||||
})
|
})
|
||||||
)
|
)
|
||||||
@@ -124,19 +108,25 @@ export class VolcengineDeployToVOD extends AbstractTaskPlugin {
|
|||||||
|
|
||||||
const access = await this.getAccess<VolcengineAccess>(this.accessId);
|
const access = await this.getAccess<VolcengineAccess>(this.accessId);
|
||||||
const certId = await this.uploadOrGetCertId(access);
|
const certId = await this.uploadOrGetCertId(access);
|
||||||
|
await this.ctx.utils.sleep(3000);
|
||||||
|
const domainTypeMapping: Record<string, string> = {
|
||||||
|
play: "vod_play",
|
||||||
|
image: "vod_image",
|
||||||
|
};
|
||||||
|
const apiDomainType = domainTypeMapping[this.domainType] || this.domainType;
|
||||||
|
|
||||||
const service = await this.getVodService({ version: "2023-07-01", region: this.regionId });
|
const service = await this.getVodService({ version: "2026-01-01", region: this.regionId });
|
||||||
const domains = Array.isArray(this.domainList) ? this.domainList : [this.domainList];
|
const domains = Array.isArray(this.domainList) ? this.domainList : [this.domainList];
|
||||||
for (const domain of domains) {
|
for (const domain of domains) {
|
||||||
this.logger.info(`开始部署域名${domain}证书`);
|
this.logger.info(`开始部署域名${domain}证书`);
|
||||||
await service.request({
|
await service.request({
|
||||||
action: "UpdateDomainConfig",
|
action: "UpdateVodDomainConfig",
|
||||||
method: "POST",
|
method: "POST",
|
||||||
body: {
|
body: {
|
||||||
SpaceName: this.spaceName,
|
SpaceName: this.spaceName,
|
||||||
DomainType: this.domainType,
|
DomainType: apiDomainType,
|
||||||
Domain: domain,
|
UpdateCdnConfigParam: {
|
||||||
Config: {
|
Domain: domain,
|
||||||
HTTPS: {
|
HTTPS: {
|
||||||
Switch: true,
|
Switch: true,
|
||||||
CertInfo: {
|
CertInfo: {
|
||||||
@@ -221,38 +211,41 @@ export class VolcengineDeployToVOD extends AbstractTaskPlugin {
|
|||||||
if (!this.spaceName) {
|
if (!this.spaceName) {
|
||||||
throw new Error("请先选择空间名称");
|
throw new Error("请先选择空间名称");
|
||||||
}
|
}
|
||||||
const service = await this.getVodService({ version: "2023-01-01", region: this.regionId });
|
const service = await this.getVodService({ version: "2026-01-01", region: this.regionId });
|
||||||
|
|
||||||
const query: Record<string, any> = {
|
const domainTypeMapping: Record<string, string> = {
|
||||||
SpaceName: this.spaceName,
|
play: "vod_play",
|
||||||
DomainType: this.domainType,
|
image: "vod_image",
|
||||||
};
|
};
|
||||||
if (this.sourceStationType !== undefined) {
|
const apiDomainType = domainTypeMapping[this.domainType] || this.domainType;
|
||||||
query.SourceStationType = this.sourceStationType;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
const body: Record<string, any> = {
|
||||||
|
SpaceName: this.spaceName,
|
||||||
|
ListCdnDomainsParam: {
|
||||||
|
PageNum: 1,
|
||||||
|
PageSize: 100,
|
||||||
|
},
|
||||||
|
};
|
||||||
|
if (apiDomainType) {
|
||||||
|
body.DomainType = apiDomainType;
|
||||||
|
}
|
||||||
const res = await service.request({
|
const res = await service.request({
|
||||||
action: "ListDomain",
|
action: "ListVodDomains",
|
||||||
query,
|
method: "POST",
|
||||||
|
body,
|
||||||
});
|
});
|
||||||
|
|
||||||
const instances = res.Result?.PlayInstanceInfo?.ByteInstances;
|
const domains = res.Result?.VodInfo?.Domains;
|
||||||
if (!instances || instances.length === 0) {
|
if (!domains || domains.length === 0) {
|
||||||
throw new Error("找不到域名,您也可以手动输入域名");
|
return [];
|
||||||
}
|
|
||||||
const list = [];
|
|
||||||
for (const item of instances) {
|
|
||||||
if (item.Domains && item.Domains.length > 0) {
|
|
||||||
for (const domain of item.Domains) {
|
|
||||||
if (domain.Domain) {
|
|
||||||
list.push({
|
|
||||||
value: domain.Domain,
|
|
||||||
label: domain.Domain,
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
const list = domains.map((item: any) => {
|
||||||
|
return {
|
||||||
|
value: item.Domain,
|
||||||
|
label: item.Domain,
|
||||||
|
domain : item.Domain,
|
||||||
|
};
|
||||||
|
});
|
||||||
return this.ctx.utils.options.buildGroupOptions(list, this.certDomains);
|
return this.ctx.utils.options.buildGroupOptions(list, this.certDomains);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,10 +1,12 @@
|
|||||||
import { VolcengineAccess } from "./access.js";
|
import { VolcengineAccess } from "./access.js";
|
||||||
import { HttpClient, ILogger } from "@certd/basic";
|
import { HttpClient, ILogger } from "@certd/basic";
|
||||||
|
import { ImportRuntime } from "@certd/pipeline";
|
||||||
|
|
||||||
export type VolcengineOpts = {
|
export type VolcengineOpts = {
|
||||||
access: VolcengineAccess;
|
access: VolcengineAccess;
|
||||||
logger: ILogger;
|
logger: ILogger;
|
||||||
http: HttpClient;
|
http: HttpClient;
|
||||||
|
importRuntime?: ImportRuntime;
|
||||||
};
|
};
|
||||||
|
|
||||||
export class VolcengineClient {
|
export class VolcengineClient {
|
||||||
@@ -140,7 +142,8 @@ export class VolcengineClient {
|
|||||||
}
|
}
|
||||||
|
|
||||||
async getTOSService(opts: { region?: string }) {
|
async getTOSService(opts: { region?: string }) {
|
||||||
const { TosClient } = await this.opts.access.importRuntime("@volcengine/tos-sdk");
|
const importRuntime = this.opts.importRuntime || this.opts.access.importRuntime.bind(this.opts.access);
|
||||||
|
const { TosClient } = await importRuntime("@volcengine/tos-sdk");
|
||||||
|
|
||||||
const client = new TosClient({
|
const client = new TosClient({
|
||||||
accessKeyId: this.opts.access.accessKeyId,
|
accessKeyId: this.opts.access.accessKeyId,
|
||||||
@@ -169,7 +172,8 @@ export class VolcengineClient {
|
|||||||
if (this.CommonService) {
|
if (this.CommonService) {
|
||||||
return this.CommonService;
|
return this.CommonService;
|
||||||
}
|
}
|
||||||
const { Service } = await this.opts.access.importRuntime("@volcengine/openapi");
|
const importRuntime = this.opts.importRuntime || this.opts.access.importRuntime.bind(this.opts.access);
|
||||||
|
const { Service } = await importRuntime("@volcengine/openapi");
|
||||||
|
|
||||||
class CommonService extends Service {
|
class CommonService extends Service {
|
||||||
Generic: any;
|
Generic: any;
|
||||||
|
|||||||
@@ -22,6 +22,7 @@ export class VolcengineDnsProvider extends AbstractDnsProvider {
|
|||||||
access: this.access,
|
access: this.access,
|
||||||
logger: this.logger,
|
logger: this.logger,
|
||||||
http: this.http,
|
http: this.http,
|
||||||
|
importRuntime: this.importRuntime.bind(this),
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -1 +1 @@
|
|||||||
19:31
|
23:48
|
||||||
|
|||||||
@@ -1 +1 @@
|
|||||||
21:41
|
00:00
|
||||||
|
|||||||
Reference in New Issue
Block a user