Support deploying one certificate to multiple SSH hosts, and support deploying multiple certificates to one SSH host.

2025-07-29 05:34:28 +00:00 · 2024-09-14 15:36:15 +08:00
parent 505cfc5c1e
commit 6c1b1fb72b
29 changed files with 2167 additions and 569 deletions
--- a/internal/deployer/deployer.go
+++ b/internal/deployer/deployer.go
@@ -2,9 +2,12 @@ package deployer

 import (
 	"certimate/internal/applicant"
+	"certimate/internal/utils/app"
+	"certimate/internal/utils/variables"
 	"context"
 	"encoding/json"
 	"errors"
+	"fmt"
 	"strings"

 	"github.com/pocketbase/pocketbase/models"
@@ -20,25 +23,85 @@ const (
 )

 type DeployerOption struct {
-	DomainId    string                `json:"domainId"`
-	Domain      string                `json:"domain"`
-	Product     string                `json:"product"`
-	Access      string                `json:"access"`
-	Certificate applicant.Certificate `json:"certificate"`
+	DomainId     string                `json:"domainId"`
+	Domain       string                `json:"domain"`
+	Product      string                `json:"product"`
+	Access       string                `json:"access"`
+	AceessRecord *models.Record        `json:"-"`
+	Certificate  applicant.Certificate `json:"certificate"`
+	Variables    map[string]string     `json:"variables"`
 }

 type Deployer interface {
 	Deploy(ctx context.Context) error
 	GetInfo() []string
+	GetID() string
 }

-func Get(record *models.Record, cert *applicant.Certificate) (Deployer, error) {
-	access := record.ExpandedOne("targetAccess")
+func Gets(record *models.Record, cert *applicant.Certificate) ([]Deployer, error) {
+	rs := make([]Deployer, 0)
+
+	if record.GetString("targetAccess") != "" {
+		singleDeployer, err := Get(record, cert)
+		if err != nil {
+			return nil, err
+		}
+		rs = append(rs, singleDeployer)
+	}
+
+	if record.GetString("group") != "" {
+		group := record.ExpandedOne("group")
+
+		if errs := app.GetApp().Dao().ExpandRecord(group, []string{"access"}, nil); len(errs) > 0 {
+
+			errList := make([]error, 0)
+			for name, err := range errs {
+				errList = append(errList, fmt.Errorf("展开记录失败,%s: %w", name, err))
+			}
+			err := errors.Join(errList...)
+			return nil, err
+		}
+
+		records := group.ExpandedAll("access")
+
+		deployers, err := getByGroup(record, cert, records...)
+		if err != nil {
+			return nil, err
+		}
+
+		rs = append(rs, deployers...)
+
+	}
+
+	return rs, nil
+
+}
+
+func getByGroup(record *models.Record, cert *applicant.Certificate, accesses ...*models.Record) ([]Deployer, error) {
+
+	rs := make([]Deployer, 0)
+
+	for _, access := range accesses {
+		deployer, err := getWithAccess(record, cert, access)
+		if err != nil {
+			return nil, err
+		}
+		rs = append(rs, deployer)
+	}
+
+	return rs, nil
+
+}
+
+func getWithAccess(record *models.Record, cert *applicant.Certificate, access *models.Record) (Deployer, error) {
+
 	option := &DeployerOption{
-		DomainId: record.Id,
-		Domain:   record.GetString("domain"),
-		Product:  getProduct(record),
-		Access:   access.GetString("config"),
+		DomainId:     record.Id,
+		Domain:       record.GetString("domain"),
+		Product:      getProduct(record),
+		Access:       access.GetString("config"),
+		AceessRecord: access,
+		Variables:    variables.Parse2Map(record.GetString("variables")),
 	}
 	if cert != nil {
 		option.Certificate = *cert
@@ -66,6 +129,13 @@ func Get(record *models.Record, cert *applicant.Certificate) (Deployer, error) {
 	return nil, errors.New("not implemented")
 }

+func Get(record *models.Record, cert *applicant.Certificate) (Deployer, error) {
+
+	access := record.ExpandedOne("targetAccess")
+
+	return getWithAccess(record, cert, access)
+}
+
 func getProduct(record *models.Record) string {
 	targetType := record.GetString("targetType")
 	rs := strings.Split(targetType, "-")