refactor: clean code

internal/deployer/aliyun_alb.go

@@ -9,6 +9,7 @@ import (
 	aliyunAlb "github.com/alibabacloud-go/alb-20200616/v2/client"
 	aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
 	"github.com/alibabacloud-go/tea/tea"
+	xerrors "github.com/pkg/errors"
 
 	"github.com/usual2970/certimate/internal/domain"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
@@ -24,7 +25,9 @@ type AliyunALBDeployer struct {
 
 func NewAliyunALBDeployer(option *DeployerOption) (Deployer, error) {
 	access := &domain.AliyunAccess{}
-	json.Unmarshal([]byte(option.Access), access)
+	if err := json.Unmarshal([]byte(option.Access), access); err != nil {
+		return nil, xerrors.Wrap(err, "failed to get access")
+	}
 
 	client, err := (&AliyunALBDeployer{}).createSdkClient(
 		access.AccessKeyId,
@@ -32,7 +35,7 @@ func NewAliyunALBDeployer(option *DeployerOption) (Deployer, error) {
 		option.DeployConfig.GetConfigAsString("region"),
 	)
 	if err != nil {
-		return nil, err
+		return nil, xerrors.Wrap(err, "failed to create sdk client")
 	}
 
 	uploader, err := uploader.NewAliyunCASUploader(&uploader.AliyunCASUploaderConfig{
@@ -41,7 +44,7 @@ func NewAliyunALBDeployer(option *DeployerOption) (Deployer, error) {
 		Region:          option.DeployConfig.GetConfigAsString("region"),
 	})
 	if err != nil {
-		return nil, err
+		return nil, xerrors.Wrap(err, "failed to create ssl uploader")
 	}
 
 	return &AliyunALBDeployer{
@@ -119,7 +122,7 @@ func (d *AliyunALBDeployer) deployToLoadbalancer(ctx context.Context) error {
 	}
 	getLoadBalancerAttributeResp, err := d.sdkClient.GetLoadBalancerAttribute(getLoadBalancerAttributeReq)
 	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'alb.GetLoadBalancerAttribute': %w", err)
+		return xerrors.Wrap(err, "failed to execute sdk request 'alb.GetLoadBalancerAttribute'")
 	}
 
 	d.infos = append(d.infos, toStr("已查询到 ALB 负载均衡实例", getLoadBalancerAttributeResp))
@@ -138,7 +141,7 @@ func (d *AliyunALBDeployer) deployToLoadbalancer(ctx context.Context) error {
 		}
 		listListenersResp, err := d.sdkClient.ListListeners(listListenersReq)
 		if err != nil {
-			return fmt.Errorf("failed to execute sdk request 'alb.ListListeners': %w", err)
+			return xerrors.Wrap(err, "failed to execute sdk request 'alb.ListListeners'")
 		}
 
 		if listListenersResp.Body.Listeners != nil {
@@ -170,7 +173,7 @@ func (d *AliyunALBDeployer) deployToLoadbalancer(ctx context.Context) error {
 		}
 		listListenersResp, err := d.sdkClient.ListListeners(listListenersReq)
 		if err != nil {
-			return fmt.Errorf("failed to execute sdk request 'alb.ListListeners': %w", err)
+			return xerrors.Wrap(err, "failed to execute sdk request 'alb.ListListeners'")
 		}
 
 		if listListenersResp.Body.Listeners != nil {
@@ -190,17 +193,17 @@ func (d *AliyunALBDeployer) deployToLoadbalancer(ctx context.Context) error {
 	d.infos = append(d.infos, toStr("已查询到 ALB 负载均衡实例下的全部 QUIC 监听", aliListenerIds))
 
 	// 上传证书到 SSL
-	uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
+	upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
 	if err != nil {
 		return err
 	}
 
-	d.infos = append(d.infos, toStr("已上传证书", uploadResult))
+	d.infos = append(d.infos, toStr("已上传证书", upres))
 
 	// 批量更新监听证书
 	var errs []error
 	for _, aliListenerId := range aliListenerIds {
-		if err := d.updateListenerCertificate(ctx, aliListenerId, uploadResult.CertId); err != nil {
+		if err := d.updateListenerCertificate(ctx, aliListenerId, upres.CertId); err != nil {
 			errs = append(errs, err)
 		}
 	}
@@ -218,15 +221,15 @@ func (d *AliyunALBDeployer) deployToListener(ctx context.Context) error {
 	}
 
 	// 上传证书到 SSL
-	uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
+	upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
 	if err != nil {
 		return err
 	}
 
-	d.infos = append(d.infos, toStr("已上传证书", uploadResult))
+	d.infos = append(d.infos, toStr("已上传证书", upres))
 
 	// 更新监听
-	if err := d.updateListenerCertificate(ctx, aliListenerId, uploadResult.CertId); err != nil {
+	if err := d.updateListenerCertificate(ctx, aliListenerId, upres.CertId); err != nil {
 		return err
 	}
 
@@ -241,7 +244,7 @@ func (d *AliyunALBDeployer) updateListenerCertificate(ctx context.Context, aliLi
 	}
 	getListenerAttributeResp, err := d.sdkClient.GetListenerAttribute(getListenerAttributeReq)
 	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'alb.GetListenerAttribute': %w", err)
+		return xerrors.Wrap(err, "failed to execute sdk request 'alb.GetListenerAttribute'")
 	}
 
 	d.infos = append(d.infos, toStr("已查询到 ALB 监听配置", getListenerAttributeResp))
@@ -256,7 +259,7 @@ func (d *AliyunALBDeployer) updateListenerCertificate(ctx context.Context, aliLi
 	}
 	updateListenerAttributeResp, err := d.sdkClient.UpdateListenerAttribute(updateListenerAttributeReq)
 	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'alb.UpdateListenerAttribute': %w", err)
+		return xerrors.Wrap(err, "failed to execute sdk request 'alb.UpdateListenerAttribute'")
 	}
 
 	d.infos = append(d.infos, toStr("已更新 ALB 监听配置", updateListenerAttributeResp))

internal/deployer/aliyun_cdn.go

@@ -8,6 +8,7 @@ import (
 	aliyunCdn "github.com/alibabacloud-go/cdn-20180510/v5/client"
 	aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
 	"github.com/alibabacloud-go/tea/tea"
+	xerrors "github.com/pkg/errors"
 
 	"github.com/usual2970/certimate/internal/domain"
 	"github.com/usual2970/certimate/internal/utils/rand"
@@ -22,14 +23,16 @@ type AliyunCDNDeployer struct {
 
 func NewAliyunCDNDeployer(option *DeployerOption) (Deployer, error) {
 	access := &domain.AliyunAccess{}
-	json.Unmarshal([]byte(option.Access), access)
+	if err := json.Unmarshal([]byte(option.Access), access); err != nil {
+		return nil, xerrors.Wrap(err, "failed to get access")
+	}
 
 	client, err := (&AliyunCDNDeployer{}).createSdkClient(
 		access.AccessKeyId,
 		access.AccessKeySecret,
 	)
 	if err != nil {
-		return nil, err
+		return nil, xerrors.Wrap(err, "failed to create sdk client")
 	}
 
 	return &AliyunCDNDeployer{
@@ -63,7 +66,7 @@ func (d *AliyunCDNDeployer) Deploy(ctx context.Context) error {
 	}
 	setCdnDomainSSLCertificateResp, err := d.sdkClient.SetCdnDomainSSLCertificate(setCdnDomainSSLCertificateReq)
 	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'cdn.SetCdnDomainSSLCertificate': %w", err)
+		return xerrors.Wrap(err, "failed to execute sdk request 'cdn.SetCdnDomainSSLCertificate'")
 	}
 
 	d.infos = append(d.infos, toStr("已设置 CDN 域名证书", setCdnDomainSSLCertificateResp))

internal/deployer/aliyun_clb.go

@@ -9,6 +9,7 @@ import (
 	aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
 	aliyunSlb "github.com/alibabacloud-go/slb-20140515/v4/client"
 	"github.com/alibabacloud-go/tea/tea"
+	xerrors "github.com/pkg/errors"
 
 	"github.com/usual2970/certimate/internal/domain"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
@@ -24,7 +25,9 @@ type AliyunCLBDeployer struct {
 
 func NewAliyunCLBDeployer(option *DeployerOption) (Deployer, error) {
 	access := &domain.AliyunAccess{}
-	json.Unmarshal([]byte(option.Access), access)
+	if err := json.Unmarshal([]byte(option.Access), access); err != nil {
+		return nil, xerrors.Wrap(err, "failed to get access")
+	}
 
 	client, err := (&AliyunCLBDeployer{}).createSdkClient(
 		access.AccessKeyId,
@@ -32,7 +35,7 @@ func NewAliyunCLBDeployer(option *DeployerOption) (Deployer, error) {
 		option.DeployConfig.GetConfigAsString("region"),
 	)
 	if err != nil {
-		return nil, err
+		return nil, xerrors.Wrap(err, "failed to create sdk client")
 	}
 
 	uploader, err := uploader.NewAliyunSLBUploader(&uploader.AliyunSLBUploaderConfig{
@@ -41,7 +44,7 @@ func NewAliyunCLBDeployer(option *DeployerOption) (Deployer, error) {
 		Region:          option.DeployConfig.GetConfigAsString("region"),
 	})
 	if err != nil {
-		return nil, err
+		return nil, xerrors.Wrap(err, "failed to create ssl uploader")
 	}
 
 	return &AliyunCLBDeployer{
@@ -123,7 +126,7 @@ func (d *AliyunCLBDeployer) deployToLoadbalancer(ctx context.Context) error {
 	}
 	describeLoadBalancerAttributeResp, err := d.sdkClient.DescribeLoadBalancerAttribute(describeLoadBalancerAttributeReq)
 	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'slb.DescribeLoadBalancerAttribute': %w", err)
+		return xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeLoadBalancerAttribute'")
 	}
 
 	d.infos = append(d.infos, toStr("已查询到 CLB 负载均衡实例", describeLoadBalancerAttributeResp))
@@ -143,7 +146,7 @@ func (d *AliyunCLBDeployer) deployToLoadbalancer(ctx context.Context) error {
 		}
 		describeLoadBalancerListenersResp, err := d.sdkClient.DescribeLoadBalancerListeners(describeLoadBalancerListenersReq)
 		if err != nil {
-			return fmt.Errorf("failed to execute sdk request 'slb.DescribeLoadBalancerListeners': %w", err)
+			return xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeLoadBalancerListeners'")
 		}
 
 		if describeLoadBalancerListenersResp.Body.Listeners != nil {
@@ -163,17 +166,17 @@ func (d *AliyunCLBDeployer) deployToLoadbalancer(ctx context.Context) error {
 	d.infos = append(d.infos, toStr("已查询到 CLB 负载均衡实例下的全部 HTTPS 监听", aliListenerPorts))
 
 	// 上传证书到 SLB
-	uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
+	upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
 	if err != nil {
 		return err
 	}
 
-	d.infos = append(d.infos, toStr("已上传证书", uploadResult))
+	d.infos = append(d.infos, toStr("已上传证书", upres))
 
 	// 批量更新监听证书
 	var errs []error
 	for _, aliListenerPort := range aliListenerPorts {
-		if err := d.updateListenerCertificate(ctx, aliLoadbalancerId, aliListenerPort, uploadResult.CertId); err != nil {
+		if err := d.updateListenerCertificate(ctx, aliLoadbalancerId, aliListenerPort, upres.CertId); err != nil {
 			errs = append(errs, err)
 		}
 	}
@@ -196,15 +199,15 @@ func (d *AliyunCLBDeployer) deployToListener(ctx context.Context) error {
 	}
 
 	// 上传证书到 SLB
-	uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
+	upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
 	if err != nil {
 		return err
 	}
 
-	d.infos = append(d.infos, toStr("已上传证书", uploadResult))
+	d.infos = append(d.infos, toStr("已上传证书", upres))
 
 	// 更新监听
-	if err := d.updateListenerCertificate(ctx, aliLoadbalancerId, aliListenerPort, uploadResult.CertId); err != nil {
+	if err := d.updateListenerCertificate(ctx, aliLoadbalancerId, aliListenerPort, upres.CertId); err != nil {
 		return err
 	}
 
@@ -220,7 +223,7 @@ func (d *AliyunCLBDeployer) updateListenerCertificate(ctx context.Context, aliLo
 	}
 	describeLoadBalancerHTTPSListenerAttributeResp, err := d.sdkClient.DescribeLoadBalancerHTTPSListenerAttribute(describeLoadBalancerHTTPSListenerAttributeReq)
 	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'slb.DescribeLoadBalancerHTTPSListenerAttribute': %w", err)
+		return xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeLoadBalancerHTTPSListenerAttribute'")
 	}
 
 	d.infos = append(d.infos, toStr("已查询到 CLB HTTPS 监听配置", describeLoadBalancerHTTPSListenerAttributeResp))
@@ -234,7 +237,7 @@ func (d *AliyunCLBDeployer) updateListenerCertificate(ctx context.Context, aliLo
 	}
 	describeDomainExtensionsResp, err := d.sdkClient.DescribeDomainExtensions(describeDomainExtensionsReq)
 	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'slb.DescribeDomainExtensions': %w", err)
+		return xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeDomainExtensions'")
 	}
 
 	d.infos = append(d.infos, toStr("已查询到 CLB 扩展域名", describeDomainExtensionsResp))
@@ -256,7 +259,7 @@ func (d *AliyunCLBDeployer) updateListenerCertificate(ctx context.Context, aliLo
 			}
 			_, err := d.sdkClient.SetDomainExtensionAttribute(setDomainExtensionAttributeReq)
 			if err != nil {
-				return fmt.Errorf("failed to execute sdk request 'slb.SetDomainExtensionAttribute': %w", err)
+				return xerrors.Wrap(err, "failed to execute sdk request 'slb.SetDomainExtensionAttribute'")
 			}
 		}
 	}
@@ -273,7 +276,7 @@ func (d *AliyunCLBDeployer) updateListenerCertificate(ctx context.Context, aliLo
 	}
 	setLoadBalancerHTTPSListenerAttributeResp, err := d.sdkClient.SetLoadBalancerHTTPSListenerAttribute(setLoadBalancerHTTPSListenerAttributeReq)
 	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'slb.SetLoadBalancerHTTPSListenerAttribute': %w", err)
+		return xerrors.Wrap(err, "failed to execute sdk request 'slb.SetLoadBalancerHTTPSListenerAttribute'")
 	}
 
 	d.infos = append(d.infos, toStr("已更新 CLB HTTPS 监听配置", setLoadBalancerHTTPSListenerAttributeResp))

internal/deployer/aliyun_dcdn.go

@@ -9,6 +9,7 @@ import (
 	aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
 	aliyunDcdn "github.com/alibabacloud-go/dcdn-20180115/v3/client"
 	"github.com/alibabacloud-go/tea/tea"
+	xerrors "github.com/pkg/errors"
 
 	"github.com/usual2970/certimate/internal/domain"
 	"github.com/usual2970/certimate/internal/utils/rand"
@@ -23,14 +24,16 @@ type AliyunDCDNDeployer struct {
 
 func NewAliyunDCDNDeployer(option *DeployerOption) (Deployer, error) {
 	access := &domain.AliyunAccess{}
-	json.Unmarshal([]byte(option.Access), access)
+	if err := json.Unmarshal([]byte(option.Access), access); err != nil {
+		return nil, xerrors.Wrap(err, "failed to get access")
+	}
 
 	client, err := (&AliyunDCDNDeployer{}).createSdkClient(
 		access.AccessKeyId,
 		access.AccessKeySecret,
 	)
 	if err != nil {
-		return nil, err
+		return nil, xerrors.Wrap(err, "failed to create sdk client")
 	}
 
 	return &AliyunDCDNDeployer{
@@ -70,7 +73,7 @@ func (d *AliyunDCDNDeployer) Deploy(ctx context.Context) error {
 	}
 	setDcdnDomainSSLCertificateResp, err := d.sdkClient.SetDcdnDomainSSLCertificate(setDcdnDomainSSLCertificateReq)
 	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'dcdn.SetDcdnDomainSSLCertificate': %w", err)
+		return xerrors.Wrap(err, "failed to execute sdk request 'dcdn.SetDcdnDomainSSLCertificate'")
 	}
 
 	d.infos = append(d.infos, toStr("已配置 DCDN 域名证书", setDcdnDomainSSLCertificateResp))

internal/deployer/aliyun_nlb.go

@@ -9,6 +9,7 @@ import (
 	aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
 	aliyunNlb "github.com/alibabacloud-go/nlb-20220430/v2/client"
 	"github.com/alibabacloud-go/tea/tea"
+	xerrors "github.com/pkg/errors"
 
 	"github.com/usual2970/certimate/internal/domain"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
@@ -24,7 +25,9 @@ type AliyunNLBDeployer struct {
 
 func NewAliyunNLBDeployer(option *DeployerOption) (Deployer, error) {
 	access := &domain.AliyunAccess{}
-	json.Unmarshal([]byte(option.Access), access)
+	if err := json.Unmarshal([]byte(option.Access), access); err != nil {
+		return nil, xerrors.Wrap(err, "failed to get access")
+	}
 
 	client, err := (&AliyunNLBDeployer{}).createSdkClient(
 		access.AccessKeyId,
@@ -32,7 +35,7 @@ func NewAliyunNLBDeployer(option *DeployerOption) (Deployer, error) {
 		option.DeployConfig.GetConfigAsString("region"),
 	)
 	if err != nil {
-		return nil, err
+		return nil, xerrors.Wrap(err, "failed to create sdk client")
 	}
 
 	uploader, err := uploader.NewAliyunCASUploader(&uploader.AliyunCASUploaderConfig{
@@ -41,7 +44,7 @@ func NewAliyunNLBDeployer(option *DeployerOption) (Deployer, error) {
 		Region:          option.DeployConfig.GetConfigAsString("region"),
 	})
 	if err != nil {
-		return nil, err
+		return nil, xerrors.Wrap(err, "failed to create ssl uploader")
 	}
 
 	return &AliyunNLBDeployer{
@@ -117,7 +120,7 @@ func (d *AliyunNLBDeployer) deployToLoadbalancer(ctx context.Context) error {
 	}
 	getLoadBalancerAttributeResp, err := d.sdkClient.GetLoadBalancerAttribute(getLoadBalancerAttributeReq)
 	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'nlb.GetLoadBalancerAttribute': %w", err)
+		return xerrors.Wrap(err, "failed to execute sdk request 'nlb.GetLoadBalancerAttribute'")
 	}
 
 	d.infos = append(d.infos, toStr("已查询到 NLB 负载均衡实例", getLoadBalancerAttributeResp))
@@ -136,7 +139,7 @@ func (d *AliyunNLBDeployer) deployToLoadbalancer(ctx context.Context) error {
 		}
 		listListenersResp, err := d.sdkClient.ListListeners(listListenersReq)
 		if err != nil {
-			return fmt.Errorf("failed to execute sdk request 'nlb.ListListeners': %w", err)
+			return xerrors.Wrap(err, "failed to execute sdk request 'nlb.ListListeners'")
 		}
 
 		if listListenersResp.Body.Listeners != nil {
@@ -156,17 +159,17 @@ func (d *AliyunNLBDeployer) deployToLoadbalancer(ctx context.Context) error {
 	d.infos = append(d.infos, toStr("已查询到 NLB 负载均衡实例下的全部 TCPSSL 监听", aliListenerIds))
 
 	// 上传证书到 SSL
-	uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
+	upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
 	if err != nil {
 		return err
 	}
 
-	d.infos = append(d.infos, toStr("已上传证书", uploadResult))
+	d.infos = append(d.infos, toStr("已上传证书", upres))
 
 	// 批量更新监听证书
 	var errs []error
 	for _, aliListenerId := range aliListenerIds {
-		if err := d.updateListenerCertificate(ctx, aliListenerId, uploadResult.CertId); err != nil {
+		if err := d.updateListenerCertificate(ctx, aliListenerId, upres.CertId); err != nil {
 			errs = append(errs, err)
 		}
 	}
@@ -184,15 +187,15 @@ func (d *AliyunNLBDeployer) deployToListener(ctx context.Context) error {
 	}
 
 	// 上传证书到 SSL
-	uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
+	upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
 	if err != nil {
 		return err
 	}
 
-	d.infos = append(d.infos, toStr("已上传证书", uploadResult))
+	d.infos = append(d.infos, toStr("已上传证书", upres))
 
 	// 更新监听
-	if err := d.updateListenerCertificate(ctx, aliListenerId, uploadResult.CertId); err != nil {
+	if err := d.updateListenerCertificate(ctx, aliListenerId, upres.CertId); err != nil {
 		return err
 	}
 
@@ -207,7 +210,7 @@ func (d *AliyunNLBDeployer) updateListenerCertificate(ctx context.Context, aliLi
 	}
 	getListenerAttributeResp, err := d.sdkClient.GetListenerAttribute(getListenerAttributeReq)
 	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'nlb.GetListenerAttribute': %w", err)
+		return xerrors.Wrap(err, "failed to execute sdk request 'nlb.GetListenerAttribute'")
 	}
 
 	d.infos = append(d.infos, toStr("已查询到 NLB 监听配置", getListenerAttributeResp))
@@ -220,7 +223,7 @@ func (d *AliyunNLBDeployer) updateListenerCertificate(ctx context.Context, aliLi
 	}
 	updateListenerAttributeResp, err := d.sdkClient.UpdateListenerAttribute(updateListenerAttributeReq)
 	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'nlb.UpdateListenerAttribute': %w", err)
+		return xerrors.Wrap(err, "failed to execute sdk request 'nlb.UpdateListenerAttribute'")
 	}
 
 	d.infos = append(d.infos, toStr("已更新 NLB 监听配置", updateListenerAttributeResp))

internal/deployer/aliyun_oss.go

@@ -7,6 +7,7 @@ import (
 	"fmt"
 
 	"github.com/aliyun/aliyun-oss-go-sdk/oss"
+	xerrors "github.com/pkg/errors"
 
 	"github.com/usual2970/certimate/internal/domain"
 )
@@ -20,7 +21,9 @@ type AliyunOSSDeployer struct {
 
 func NewAliyunOSSDeployer(option *DeployerOption) (Deployer, error) {
 	access := &domain.AliyunAccess{}
-	json.Unmarshal([]byte(option.Access), access)
+	if err := json.Unmarshal([]byte(option.Access), access); err != nil {
+		return nil, xerrors.Wrap(err, "failed to get access")
+	}
 
 	client, err := (&AliyunOSSDeployer{}).createSdkClient(
 		access.AccessKeyId,
@@ -28,7 +31,7 @@ func NewAliyunOSSDeployer(option *DeployerOption) (Deployer, error) {
 		option.DeployConfig.GetConfigAsString("endpoint"),
 	)
 	if err != nil {
-		return nil, err
+		return nil, xerrors.Wrap(err, "failed to create sdk client")
 	}
 
 	return &AliyunOSSDeployer{
@@ -63,7 +66,7 @@ func (d *AliyunOSSDeployer) Deploy(ctx context.Context) error {
 		},
 	})
 	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'oss.PutBucketCnameWithCertificate': %w", err)
+		return xerrors.Wrap(err, "failed to execute sdk request 'oss.PutBucketCnameWithCertificate'")
 	}
 
 	return nil

internal/deployer/deployer.go

@@ -204,7 +204,7 @@ func convertPEMToPFX(certificate string, privateKey string, password string) ([]
 
 	pfxData, err := pkcs12.LegacyRC2.Encode(privkey, cert, nil, password)
 	if err != nil {
-		return nil, fmt.Errorf("failed to encode as pfx %w", err)
+		return nil, err
 	}
 
 	return pfxData, nil

internal/deployer/huaweicloud_cdn.go

@@ -10,6 +10,7 @@ import (
 	hcCdn "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2"
 	hcCdnModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/model"
 	hcCdnRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/region"
+	xerrors "github.com/pkg/errors"
 
 	"github.com/usual2970/certimate/internal/domain"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
@@ -27,7 +28,7 @@ type HuaweiCloudCDNDeployer struct {
 func NewHuaweiCloudCDNDeployer(option *DeployerOption) (Deployer, error) {
 	access := &domain.HuaweiCloudAccess{}
 	if err := json.Unmarshal([]byte(option.Access), access); err != nil {
-		return nil, err
+		return nil, xerrors.Wrap(err, "failed to get access")
 	}
 
 	client, err := (&HuaweiCloudCDNDeployer{}).createSdkClient(
@@ -36,7 +37,7 @@ func NewHuaweiCloudCDNDeployer(option *DeployerOption) (Deployer, error) {
 		option.DeployConfig.GetConfigAsString("region"),
 	)
 	if err != nil {
-		return nil, err
+		return nil, xerrors.Wrap(err, "failed to create sdk client")
 	}
 
 	// TODO: SCM 服务与 DNS 服务所支持的区域可能不一致，这里暂时不传而是使用默认值，仅支持华为云国内版
@@ -46,7 +47,7 @@ func NewHuaweiCloudCDNDeployer(option *DeployerOption) (Deployer, error) {
 		Region:          "",
 	})
 	if err != nil {
-		return nil, err
+		return nil, xerrors.Wrap(err, "failed to create ssl uploader")
 	}
 
 	return &HuaweiCloudCDNDeployer{
@@ -87,16 +88,16 @@ func (d *HuaweiCloudCDNDeployer) Deploy(ctx context.Context) error {
 	var updateDomainMultiCertificatesResp *hcCdnModel.UpdateDomainMultiCertificatesResponse
 	if d.option.DeployConfig.GetConfigAsBool("useSCM") {
 		// 上传证书到 SCM
-		uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
+		upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
 		if err != nil {
 			return err
 		}
 
-		d.infos = append(d.infos, toStr("已上传证书", uploadResult))
+		d.infos = append(d.infos, toStr("已上传证书", upres))
 
 		updateDomainMultiCertificatesReqBodyContent.CertificateType = cast.Int32Ptr(2)
-		updateDomainMultiCertificatesReqBodyContent.SCMCertificateId = cast.StringPtr(uploadResult.CertId)
-		updateDomainMultiCertificatesReqBodyContent.CertName = cast.StringPtr(uploadResult.CertName)
+		updateDomainMultiCertificatesReqBodyContent.SCMCertificateId = cast.StringPtr(upres.CertId)
+		updateDomainMultiCertificatesReqBodyContent.CertName = cast.StringPtr(upres.CertName)
 	} else {
 		updateDomainMultiCertificatesReqBodyContent.CertificateType = cast.Int32Ptr(0)
 		updateDomainMultiCertificatesReqBodyContent.CertName = cast.StringPtr(fmt.Sprintf("certimate-%d", time.Now().UnixMilli()))

internal/deployer/huaweicloud_elb.go

@@ -16,6 +16,7 @@ import (
 	hcIam "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3"
 	hcIamModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/model"
 	hcIamRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/region"
+	xerrors "github.com/pkg/errors"
 
 	"github.com/usual2970/certimate/internal/domain"
 	"github.com/usual2970/certimate/internal/pkg/core/uploader"
@@ -33,7 +34,7 @@ type HuaweiCloudELBDeployer struct {
 func NewHuaweiCloudELBDeployer(option *DeployerOption) (Deployer, error) {
 	access := &domain.HuaweiCloudAccess{}
 	if err := json.Unmarshal([]byte(option.Access), access); err != nil {
-		return nil, err
+		return nil, xerrors.Wrap(err, "failed to get access")
 	}
 
 	client, err := (&HuaweiCloudELBDeployer{}).createSdkClient(
@@ -42,7 +43,7 @@ func NewHuaweiCloudELBDeployer(option *DeployerOption) (Deployer, error) {
 		option.DeployConfig.GetConfigAsString("region"),
 	)
 	if err != nil {
-		return nil, err
+		return nil, xerrors.Wrap(err, "failed to create sdk client")
 	}
 
 	uploader, err := uploader.NewHuaweiCloudELBUploader(&uploader.HuaweiCloudELBUploaderConfig{
@@ -51,7 +52,7 @@ func NewHuaweiCloudELBDeployer(option *DeployerOption) (Deployer, error) {
 		Region:          option.DeployConfig.GetConfigAsString("region"),
 	})
 	if err != nil {
-		return nil, err
+		return nil, xerrors.Wrap(err, "failed to create ssl uploader")
 	}
 
 	return &HuaweiCloudELBDeployer{
@@ -73,14 +74,17 @@ func (d *HuaweiCloudELBDeployer) GetInfo() []string {
 func (d *HuaweiCloudELBDeployer) Deploy(ctx context.Context) error {
 	switch d.option.DeployConfig.GetConfigAsString("resourceType") {
 	case "certificate":
+		// 部署到指定证书
 		if err := d.deployToCertificate(ctx); err != nil {
 			return err
 		}
 	case "loadbalancer":
+		// 部署到指定负载均衡器
 		if err := d.deployToLoadbalancer(ctx); err != nil {
 			return err
 		}
 	case "listener":
+		// 部署到指定监听器
 		if err := d.deployToListener(ctx); err != nil {
 			return err
 		}
@@ -254,17 +258,17 @@ func (d *HuaweiCloudELBDeployer) deployToLoadbalancer(ctx context.Context) error
 	d.infos = append(d.infos, toStr("已查询到 ELB 负载均衡器下的监听器", hcListenerIds))
 
 	// 上传证书到 SCM
-	uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
+	upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
 	if err != nil {
 		return err
 	}
 
-	d.infos = append(d.infos, toStr("已上传证书", uploadResult))
+	d.infos = append(d.infos, toStr("已上传证书", upres))
 
 	// 批量更新监听器证书
 	var errs []error
 	for _, hcListenerId := range hcListenerIds {
-		if err := d.updateListenerCertificate(ctx, hcListenerId, uploadResult.CertId); err != nil {
+		if err := d.updateListenerCertificate(ctx, hcListenerId, upres.CertId); err != nil {
 			errs = append(errs, err)
 		}
 	}
@@ -282,15 +286,15 @@ func (d *HuaweiCloudELBDeployer) deployToListener(ctx context.Context) error {
 	}
 
 	// 上传证书到 SCM
-	uploadResult, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
+	upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
 	if err != nil {
 		return err
 	}
 
-	d.infos = append(d.infos, toStr("已上传证书", uploadResult))
+	d.infos = append(d.infos, toStr("已上传证书", upres))
 
 	// 更新监听器证书
-	if err := d.updateListenerCertificate(ctx, hcListenerId, uploadResult.CertId); err != nil {
+	if err := d.updateListenerCertificate(ctx, hcListenerId, upres.CertId); err != nil {
 		return err
 	}
 

internal/deployer/k8s_secret.go

@@ -3,9 +3,11 @@ package deployer
 import (
 	"context"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"strings"
 
+	xerrors "github.com/pkg/errors"
 	k8sCore "k8s.io/api/core/v1"
 	k8sMeta "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/kubernetes"
@@ -19,12 +21,25 @@ import (
 type K8sSecretDeployer struct {
 	option *DeployerOption
 	infos  []string
+
+	k8sClient *kubernetes.Clientset
 }
 
 func NewK8sSecretDeployer(option *DeployerOption) (Deployer, error) {
+	access := &domain.KubernetesAccess{}
+	if err := json.Unmarshal([]byte(option.Access), access); err != nil {
+		return nil, xerrors.Wrap(err, "failed to get access")
+	}
+
+	client, err := (&K8sSecretDeployer{}).createK8sClient(access)
+	if err != nil {
+		return nil, xerrors.Wrap(err, "failed to create k8s client")
+	}
+
 	return &K8sSecretDeployer{
-		option: option,
-		infos:  make([]string, 0),
+		option:    option,
+		infos:     make([]string, 0),
+		k8sClient: client,
 	}, nil
 }
 
@@ -37,41 +52,20 @@ func (d *K8sSecretDeployer) GetInfo() []string {
 }
 
 func (d *K8sSecretDeployer) Deploy(ctx context.Context) error {
-	access := &domain.KubernetesAccess{}
-	if err := json.Unmarshal([]byte(d.option.Access), access); err != nil {
-		return err
-	}
-
-	client, err := d.createClient(access)
-	if err != nil {
-		return err
-	}
-
-	d.infos = append(d.infos, toStr("kubeClient create success.", nil))
-
 	namespace := d.option.DeployConfig.GetConfigAsString("namespace")
+	secretName := d.option.DeployConfig.GetConfigAsString("secretName")
+	secretDataKeyForCrt := d.option.DeployConfig.GetConfigOrDefaultAsString("secretDataKeyForCrt", "tls.crt")
+	secretDataKeyForKey := d.option.DeployConfig.GetConfigOrDefaultAsString("secretDataKeyForKey", "tls.key")
 	if namespace == "" {
 		namespace = "default"
 	}
-
-	secretName := d.option.DeployConfig.GetConfigAsString("secretName")
 	if secretName == "" {
-		return fmt.Errorf("k8s secret name is empty")
-	}
-
-	secretDataKeyForCrt := d.option.DeployConfig.GetConfigAsString("secretDataKeyForCrt")
-	if secretDataKeyForCrt == "" {
-		namespace = "tls.crt"
-	}
-
-	secretDataKeyForKey := d.option.DeployConfig.GetConfigAsString("secretDataKeyForKey")
-	if secretDataKeyForKey == "" {
-		namespace = "tls.key"
+		return errors.New("`secretName` is required")
 	}
 
 	certX509, err := x509.ParseCertificateFromPEM(d.option.Certificate.Certificate)
 	if err != nil {
-		return fmt.Errorf("failed to parse certificate: %w", err)
+		return err
 	}
 
 	secretPayload := k8sCore.Secret{
@@ -90,17 +84,16 @@ func (d *K8sSecretDeployer) Deploy(ctx context.Context) error {
 		},
 		Type: k8sCore.SecretType("kubernetes.io/tls"),
 	}
-
 	secretPayload.Data = make(map[string][]byte)
 	secretPayload.Data[secretDataKeyForCrt] = []byte(d.option.Certificate.Certificate)
 	secretPayload.Data[secretDataKeyForKey] = []byte(d.option.Certificate.PrivateKey)
 
 	// 获取 Secret 实例
-	_, err = client.CoreV1().Secrets(namespace).Get(context.TODO(), secretName, k8sMeta.GetOptions{})
+	_, err = d.k8sClient.CoreV1().Secrets(namespace).Get(context.TODO(), secretName, k8sMeta.GetOptions{})
 	if err != nil {
-		_, err = client.CoreV1().Secrets(namespace).Create(context.TODO(), &secretPayload, k8sMeta.CreateOptions{})
+		_, err = d.k8sClient.CoreV1().Secrets(namespace).Create(context.TODO(), &secretPayload, k8sMeta.CreateOptions{})
 		if err != nil {
-			return fmt.Errorf("failed to create k8s secret: %w", err)
+			return xerrors.Wrap(err, "failed to create k8s secret")
 		} else {
 			d.infos = append(d.infos, toStr("Certificate has been created in K8s Secret", nil))
 			return nil
@@ -108,9 +101,9 @@ func (d *K8sSecretDeployer) Deploy(ctx context.Context) error {
 	}
 
 	// 更新 Secret 实例
-	_, err = client.CoreV1().Secrets(namespace).Update(context.TODO(), &secretPayload, k8sMetaV1.UpdateOptions{})
+	_, err = d.k8sClient.CoreV1().Secrets(namespace).Update(context.TODO(), &secretPayload, k8sMeta.UpdateOptions{})
 	if err != nil {
-		return fmt.Errorf("failed to update k8s secret: %w", err)
+		return xerrors.Wrap(err, "failed to update k8s secret")
 	}
 
 	d.infos = append(d.infos, toStr("Certificate has been updated to K8s Secret", nil))
@@ -118,7 +111,7 @@ func (d *K8sSecretDeployer) Deploy(ctx context.Context) error {
 	return nil
 }
 
-func (d *K8sSecretDeployer) createClient(access *domain.KubernetesAccess) (*kubernetes.Clientset, error) {
+func (d *K8sSecretDeployer) createK8sClient(access *domain.KubernetesAccess) (*kubernetes.Clientset, error) {
 	var config *rest.Config
 	var err error
 	if access.KubeConfig == "" {
@@ -129,7 +122,6 @@ func (d *K8sSecretDeployer) createClient(access *domain.KubernetesAccess) (*kube
 			return nil, err
 		}
 		config, err = kubeConfig.ClientConfig()
-
 	}
 	if err != nil {
 		return nil, err
@@ -139,5 +131,6 @@ func (d *K8sSecretDeployer) createClient(access *domain.KubernetesAccess) (*kube
 	if err != nil {
 		return nil, err
 	}
+
 	return client, nil
 }

internal/deployer/local.go

@@ -3,12 +3,13 @@ package deployer
 import (
 	"bytes"
 	"context"
-	"encoding/json"
+	"errors"
 	"fmt"
 	"os/exec"
 	"runtime"
 
-	"github.com/usual2970/certimate/internal/domain"
+	xerrors "github.com/pkg/errors"
+
 	"github.com/usual2970/certimate/internal/pkg/utils/fs"
 )
 
@@ -45,17 +46,12 @@ func (d *LocalDeployer) GetInfo() []string {
 }
 
 func (d *LocalDeployer) Deploy(ctx context.Context) error {
-	access := &domain.LocalAccess{}
-	if err := json.Unmarshal([]byte(d.option.Access), access); err != nil {
-		return err
-	}
-
 	// 执行前置命令
 	preCommand := d.option.DeployConfig.GetConfigAsString("preCommand")
 	if preCommand != "" {
 		stdout, stderr, err := d.execCommand(preCommand)
 		if err != nil {
-			return fmt.Errorf("failed to run pre-command: %w, stdout: %s, stderr: %s", err, stdout, stderr)
+			return xerrors.Wrapf(err, "failed to run pre-command, stdout: %s, stderr: %s", stdout, stderr)
 		}
 
 		d.infos = append(d.infos, toStr("执行前置命令成功", stdout))
@@ -65,13 +61,13 @@ func (d *LocalDeployer) Deploy(ctx context.Context) error {
 	switch d.option.DeployConfig.GetConfigOrDefaultAsString("format", certFormatPEM) {
 	case certFormatPEM:
 		if err := fs.WriteFileString(d.option.DeployConfig.GetConfigAsString("certPath"), d.option.Certificate.Certificate); err != nil {
-			return fmt.Errorf("failed to save certificate file: %w", err)
+			return err
 		}
 
 		d.infos = append(d.infos, toStr("保存证书成功", nil))
 
 		if err := fs.WriteFileString(d.option.DeployConfig.GetConfigAsString("keyPath"), d.option.Certificate.PrivateKey); err != nil {
-			return fmt.Errorf("failed to save private key file: %w", err)
+			return err
 		}
 
 		d.infos = append(d.infos, toStr("保存私钥成功", nil))
@@ -83,11 +79,11 @@ func (d *LocalDeployer) Deploy(ctx context.Context) error {
 			d.option.DeployConfig.GetConfigAsString("pfxPassword"),
 		)
 		if err != nil {
-			return fmt.Errorf("failed to convert pem to pfx %w", err)
+			return err
 		}
 
 		if err := fs.WriteFile(d.option.DeployConfig.GetConfigAsString("certPath"), pfxData); err != nil {
-			return fmt.Errorf("failed to save certificate file: %w", err)
+			return err
 		}
 
 		d.infos = append(d.infos, toStr("保存证书成功", nil))
@@ -101,11 +97,11 @@ func (d *LocalDeployer) Deploy(ctx context.Context) error {
 			d.option.DeployConfig.GetConfigAsString("jksStorepass"),
 		)
 		if err != nil {
-			return fmt.Errorf("failed to convert pem to pfx %w", err)
+			return err
 		}
 
 		if err := fs.WriteFile(d.option.DeployConfig.GetConfigAsString("certPath"), jksData); err != nil {
-			return fmt.Errorf("failed to save certificate file: %w", err)
+			return err
 		}
 
 		d.infos = append(d.infos, toStr("保存证书成功", nil))
@@ -116,7 +112,7 @@ func (d *LocalDeployer) Deploy(ctx context.Context) error {
 	if command != "" {
 		stdout, stderr, err := d.execCommand(command)
 		if err != nil {
-			return fmt.Errorf("failed to run command: %w, stdout: %s, stderr: %s", err, stdout, stderr)
+			return xerrors.Wrapf(err, "failed to run command, stdout: %s, stderr: %s", stdout, stderr)
 		}
 
 		d.infos = append(d.infos, toStr("执行命令成功", stdout))
@@ -146,7 +142,7 @@ func (d *LocalDeployer) execCommand(command string) (string, string, error) {
 		}
 
 	default:
-		return "", "", fmt.Errorf("unsupported shell")
+		return "", "", errors.New("unsupported shell")
 	}
 
 	var stdoutBuf bytes.Buffer
@@ -156,7 +152,7 @@ func (d *LocalDeployer) execCommand(command string) (string, string, error) {
 
 	err := cmd.Run()
 	if err != nil {
-		return "", "", fmt.Errorf("failed to execute script: %w", err)
+		return "", "", xerrors.Wrap(err, "failed to execute shell script")
 	}
 
 	return stdoutBuf.String(), stderrBuf.String(), err

internal/deployer/qiniu_cdn.go

@@ -24,7 +24,9 @@ type QiniuCDNDeployer struct {
 
 func NewQiniuCDNDeployer(option *DeployerOption) (*QiniuCDNDeployer, error) {
 	access := &domain.QiniuAccess{}
-	json.Unmarshal([]byte(option.Access), access)
+	if err := json.Unmarshal([]byte(option.Access), access); err != nil {
+		return nil, fmt.Errorf("failed to get access: %w", err)
+	}
 
 	return &QiniuCDNDeployer{
 		option: option,