GuanM/certimate
1
0
Fork 0
mirror of https://github.com/usual2970/certimate.git synced 2025-09-23 08:16:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #525 from fudiwei/main

Browse Source 
new workflow logging
This commit is contained in:
Yoan.liu
2025-03-20 21:26:39 +08:00
committed by GitHub
parent 5579780b12 e27d4f11ee
commit 7c94999efc
166 changed files with 3340 additions and 1821 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
internal/applicant/acme_user.go
View File

@@ -13,7 +13,7 @@ import (
"golang.org/x/sync/singleflight" "golang.org/x/sync/singleflight"
"github.com/usual2970/certimate/internal/domain" "github.com/usual2970/certimate/internal/domain"
"github.com/usual2970/certimate/internal/pkg/utils/certs" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
"github.com/usual2970/certimate/internal/repository" "github.com/usual2970/certimate/internal/repository"
) )
@@ -40,7 +40,7 @@ func newAcmeUser(ca, email string) (*acmeUser, error) {
return nil, err return nil, err
} }
keyPEM, err := certs.ConvertECPrivateKeyToPEM(key) keyPEM, err := certutil.ConvertECPrivateKeyToPEM(key)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -64,7 +64,7 @@ func (u acmeUser) GetRegistration() *registration.Resource {
} }
func (u *acmeUser) GetPrivateKey() crypto.PrivateKey { func (u *acmeUser) GetPrivateKey() crypto.PrivateKey {
rs, _ := certs.ParseECPrivateKeyFromPEM(u.privkey) rs, _ := certutil.ParseECPrivateKeyFromPEM(u.privkey)
return rs return rs
} }

6
internal/applicant/applicant.go
View File

@@ -18,7 +18,7 @@ import (
"golang.org/x/time/rate" "golang.org/x/time/rate"
"github.com/usual2970/certimate/internal/domain" "github.com/usual2970/certimate/internal/domain"
uslices "github.com/usual2970/certimate/internal/pkg/utils/slices" "github.com/usual2970/certimate/internal/pkg/utils/sliceutil"
"github.com/usual2970/certimate/internal/repository" "github.com/usual2970/certimate/internal/repository"
) )
@@ -58,12 +58,12 @@ func NewWithApplyNode(node *domain.WorkflowNode) (Applicant, error) {
nodeConfig := node.GetConfigForApply() nodeConfig := node.GetConfigForApply()
options := &applicantOptions{ options := &applicantOptions{
Domains: uslices.Filter(strings.Split(nodeConfig.Domains, ";"), func(s string) bool { return s != "" }), Domains: sliceutil.Filter(strings.Split(nodeConfig.Domains, ";"), func(s string) bool { return s != "" }),
ContactEmail: nodeConfig.ContactEmail, ContactEmail: nodeConfig.ContactEmail,
Provider: domain.ApplyDNSProviderType(nodeConfig.Provider), Provider: domain.ApplyDNSProviderType(nodeConfig.Provider),
ProviderApplyConfig: nodeConfig.ProviderConfig, ProviderApplyConfig: nodeConfig.ProviderConfig,
KeyAlgorithm: nodeConfig.KeyAlgorithm, KeyAlgorithm: nodeConfig.KeyAlgorithm,
Nameservers: uslices.Filter(strings.Split(nodeConfig.Nameservers, ";"), func(s string) bool { return s != "" }), Nameservers: sliceutil.Filter(strings.Split(nodeConfig.Nameservers, ";"), func(s string) bool { return s != "" }),
DnsPropagationTimeout: nodeConfig.DnsPropagationTimeout, DnsPropagationTimeout: nodeConfig.DnsPropagationTimeout,
DnsTTL: nodeConfig.DnsTTL, DnsTTL: nodeConfig.DnsTTL,
DisableFollowCNAME: nodeConfig.DisableFollowCNAME, DisableFollowCNAME: nodeConfig.DisableFollowCNAME,

56
internal/applicant/providers.go
View File

@@ -29,7 +29,7 @@ import (
pTencentCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud" pTencentCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud"
pVolcEngine "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/volcengine" pVolcEngine "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/volcengine"
pWestcn "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/westcn" pWestcn "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/westcn"
"github.com/usual2970/certimate/internal/pkg/utils/maps" "github.com/usual2970/certimate/internal/pkg/utils/maputil"
) )
func createApplicant(options *applicantOptions) (challenge.Provider, error) { func createApplicant(options *applicantOptions) (challenge.Provider, error) {
@@ -41,7 +41,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeACMEHttpReq: case domain.ApplyDNSProviderTypeACMEHttpReq:
{ {
access := domain.AccessConfigForACMEHttpReq{} access := domain.AccessConfigForACMEHttpReq{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -58,7 +58,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeAliyun, domain.ApplyDNSProviderTypeAliyunDNS: case domain.ApplyDNSProviderTypeAliyun, domain.ApplyDNSProviderTypeAliyunDNS:
{ {
access := domain.AccessConfigForAliyun{} access := domain.AccessConfigForAliyun{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -74,15 +74,15 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeAWS, domain.ApplyDNSProviderTypeAWSRoute53: case domain.ApplyDNSProviderTypeAWS, domain.ApplyDNSProviderTypeAWSRoute53:
{ {
access := domain.AccessConfigForAWS{} access := domain.AccessConfigForAWS{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
applicant, err := pAWSRoute53.NewChallengeProvider(&pAWSRoute53.ChallengeProviderConfig{ applicant, err := pAWSRoute53.NewChallengeProvider(&pAWSRoute53.ChallengeProviderConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
SecretAccessKey: access.SecretAccessKey, SecretAccessKey: access.SecretAccessKey,
Region: maps.GetValueAsString(options.ProviderApplyConfig, "region"), Region: maputil.GetString(options.ProviderApplyConfig, "region"),
HostedZoneId: maps.GetValueAsString(options.ProviderApplyConfig, "hostedZoneId"), HostedZoneId: maputil.GetString(options.ProviderApplyConfig, "hostedZoneId"),
DnsPropagationTimeout: options.DnsPropagationTimeout, DnsPropagationTimeout: options.DnsPropagationTimeout,
DnsTTL: options.DnsTTL, DnsTTL: options.DnsTTL,
}) })
@@ -92,7 +92,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeAzure, domain.ApplyDNSProviderTypeAzureDNS: case domain.ApplyDNSProviderTypeAzure, domain.ApplyDNSProviderTypeAzureDNS:
{ {
access := domain.AccessConfigForAzure{} access := domain.AccessConfigForAzure{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -110,7 +110,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeBaiduCloud, domain.ApplyDNSProviderTypeBaiduCloudDNS: case domain.ApplyDNSProviderTypeBaiduCloud, domain.ApplyDNSProviderTypeBaiduCloudDNS:
{ {
access := domain.AccessConfigForBaiduCloud{} access := domain.AccessConfigForBaiduCloud{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -126,7 +126,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeCloudflare: case domain.ApplyDNSProviderTypeCloudflare:
{ {
access := domain.AccessConfigForCloudflare{} access := domain.AccessConfigForCloudflare{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -141,7 +141,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeClouDNS: case domain.ApplyDNSProviderTypeClouDNS:
{ {
access := domain.AccessConfigForClouDNS{} access := domain.AccessConfigForClouDNS{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -157,7 +157,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeCMCCCloud: case domain.ApplyDNSProviderTypeCMCCCloud:
{ {
access := domain.AccessConfigForCMCCCloud{} access := domain.AccessConfigForCMCCCloud{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -173,7 +173,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeDNSLA: case domain.ApplyDNSProviderTypeDNSLA:
{ {
access := domain.AccessConfigForDNSLA{} access := domain.AccessConfigForDNSLA{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -189,7 +189,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeGcore: case domain.ApplyDNSProviderTypeGcore:
{ {
access := domain.AccessConfigForGcore{} access := domain.AccessConfigForGcore{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -204,7 +204,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeGname: case domain.ApplyDNSProviderTypeGname:
{ {
access := domain.AccessConfigForGname{} access := domain.AccessConfigForGname{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -220,7 +220,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeGoDaddy: case domain.ApplyDNSProviderTypeGoDaddy:
{ {
access := domain.AccessConfigForGoDaddy{} access := domain.AccessConfigForGoDaddy{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -236,14 +236,14 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeHuaweiCloud, domain.ApplyDNSProviderTypeHuaweiCloudDNS: case domain.ApplyDNSProviderTypeHuaweiCloud, domain.ApplyDNSProviderTypeHuaweiCloudDNS:
{ {
access := domain.AccessConfigForHuaweiCloud{} access := domain.AccessConfigForHuaweiCloud{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
applicant, err := pHuaweiCloud.NewChallengeProvider(&pHuaweiCloud.ChallengeProviderConfig{ applicant, err := pHuaweiCloud.NewChallengeProvider(&pHuaweiCloud.ChallengeProviderConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
SecretAccessKey: access.SecretAccessKey, SecretAccessKey: access.SecretAccessKey,
Region: maps.GetValueAsString(options.ProviderApplyConfig, "region"), Region: maputil.GetString(options.ProviderApplyConfig, "region"),
DnsPropagationTimeout: options.DnsPropagationTimeout, DnsPropagationTimeout: options.DnsPropagationTimeout,
DnsTTL: options.DnsTTL, DnsTTL: options.DnsTTL,
}) })
@@ -253,14 +253,14 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeJDCloud, domain.ApplyDNSProviderTypeJDCloudDNS: case domain.ApplyDNSProviderTypeJDCloud, domain.ApplyDNSProviderTypeJDCloudDNS:
{ {
access := domain.AccessConfigForJDCloud{} access := domain.AccessConfigForJDCloud{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
applicant, err := pJDCloud.NewChallengeProvider(&pJDCloud.ChallengeProviderConfig{ applicant, err := pJDCloud.NewChallengeProvider(&pJDCloud.ChallengeProviderConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
RegionId: maps.GetValueAsString(options.ProviderApplyConfig, "region_id"), RegionId: maputil.GetString(options.ProviderApplyConfig, "region_id"),
DnsPropagationTimeout: options.DnsPropagationTimeout, DnsPropagationTimeout: options.DnsPropagationTimeout,
DnsTTL: options.DnsTTL, DnsTTL: options.DnsTTL,
}) })
@@ -270,7 +270,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeNamecheap: case domain.ApplyDNSProviderTypeNamecheap:
{ {
access := domain.AccessConfigForNamecheap{} access := domain.AccessConfigForNamecheap{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -286,7 +286,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeNameDotCom: case domain.ApplyDNSProviderTypeNameDotCom:
{ {
access := domain.AccessConfigForNameDotCom{} access := domain.AccessConfigForNameDotCom{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -302,7 +302,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeNameSilo: case domain.ApplyDNSProviderTypeNameSilo:
{ {
access := domain.AccessConfigForNameSilo{} access := domain.AccessConfigForNameSilo{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -317,7 +317,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeNS1: case domain.ApplyDNSProviderTypeNS1:
{ {
access := domain.AccessConfigForNS1{} access := domain.AccessConfigForNS1{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -332,7 +332,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypePowerDNS: case domain.ApplyDNSProviderTypePowerDNS:
{ {
access := domain.AccessConfigForPowerDNS{} access := domain.AccessConfigForPowerDNS{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -348,7 +348,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeRainYun: case domain.ApplyDNSProviderTypeRainYun:
{ {
access := domain.AccessConfigForRainYun{} access := domain.AccessConfigForRainYun{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -363,7 +363,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeTencentCloud, domain.ApplyDNSProviderTypeTencentCloudDNS: case domain.ApplyDNSProviderTypeTencentCloud, domain.ApplyDNSProviderTypeTencentCloudDNS:
{ {
access := domain.AccessConfigForTencentCloud{} access := domain.AccessConfigForTencentCloud{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -379,7 +379,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeVolcEngine, domain.ApplyDNSProviderTypeVolcEngineDNS: case domain.ApplyDNSProviderTypeVolcEngine, domain.ApplyDNSProviderTypeVolcEngineDNS:
{ {
access := domain.AccessConfigForVolcEngine{} access := domain.AccessConfigForVolcEngine{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -395,7 +395,7 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
case domain.ApplyDNSProviderTypeWestcn: case domain.ApplyDNSProviderTypeWestcn:
{ {
access := domain.AccessConfigForWestcn{} access := domain.AccessConfigForWestcn{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }

54
internal/certificate/service.go
View File

@@ -11,11 +11,13 @@ import (
"time" "time"
"github.com/go-acme/lego/v4/certcrypto" "github.com/go-acme/lego/v4/certcrypto"
"github.com/pocketbase/dbx"
"github.com/usual2970/certimate/internal/app" "github.com/usual2970/certimate/internal/app"
"github.com/usual2970/certimate/internal/domain" "github.com/usual2970/certimate/internal/domain"
"github.com/usual2970/certimate/internal/domain/dtos" "github.com/usual2970/certimate/internal/domain/dtos"
"github.com/usual2970/certimate/internal/notify" "github.com/usual2970/certimate/internal/notify"
"github.com/usual2970/certimate/internal/pkg/utils/certs" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
"github.com/usual2970/certimate/internal/repository" "github.com/usual2970/certimate/internal/repository"
) )
@@ -27,21 +29,29 @@ const (
type certificateRepository interface { type certificateRepository interface {
ListExpireSoon(ctx context.Context) ([]*domain.Certificate, error) ListExpireSoon(ctx context.Context) ([]*domain.Certificate, error)
GetById(ctx context.Context, id string) (*domain.Certificate, error) GetById(ctx context.Context, id string) (*domain.Certificate, error)
DeleteWhere(ctx context.Context, exprs ...dbx.Expression) (int, error)
}
type settingsRepository interface {
GetByName(ctx context.Context, name string) (*domain.Settings, error)
} }
type CertificateService struct { type CertificateService struct {
certRepo certificateRepository certificateRepo certificateRepository
settingsRepo settingsRepository
} }
func NewCertificateService(certRepo certificateRepository) *CertificateService { func NewCertificateService(certificateRepo certificateRepository, settingsRepo settingsRepository) *CertificateService {
return &CertificateService{ return &CertificateService{
certRepo: certRepo, certificateRepo: certificateRepo,
settingsRepo: settingsRepo,
} }
} }
func (s *CertificateService) InitSchedule(ctx context.Context) error { func (s *CertificateService) InitSchedule(ctx context.Context) error {
// 每日发送过期证书提醒
app.GetScheduler().MustAdd("certificateExpireSoonNotify", "0 0 * * *", func() { app.GetScheduler().MustAdd("certificateExpireSoonNotify", "0 0 * * *", func() {
certificates, err := s.certRepo.ListExpireSoon(context.Background()) certificates, err := s.certificateRepo.ListExpireSoon(context.Background())
if err != nil { if err != nil {
app.GetLogger().Error("failed to get certificates which expire soon", "err", err) app.GetLogger().Error("failed to get certificates which expire soon", "err", err)
return return
@@ -56,11 +66,37 @@ func (s *CertificateService) InitSchedule(ctx context.Context) error {
app.GetLogger().Error("failed to send notification", "err", err) app.GetLogger().Error("failed to send notification", "err", err)
} }
}) })
// 每日清理过期证书
app.GetScheduler().MustAdd("certificateExpiredCleanup", "0 0 * * *", func() {
settings, err := s.settingsRepo.GetByName(ctx, "persistence")
if err != nil {
app.GetLogger().Error("failed to get persistence settings", "err", err)
return
}
var settingsContent *domain.PersistenceSettingsContent
json.Unmarshal([]byte(settings.Content), &settingsContent)
if settingsContent != nil && settingsContent.ExpiredCertificatesMaxDaysRetention != 0 {
ret, err := s.certificateRepo.DeleteWhere(
context.Background(),
dbx.NewExp(fmt.Sprintf("expireAt<DATETIME('now', '-%d days')", settingsContent.ExpiredCertificatesMaxDaysRetention)),
)
if err != nil {
app.GetLogger().Error("failed to delete expired certificates", "err", err)
}
if ret > 0 {
app.GetLogger().Info(fmt.Sprintf("cleanup %d expired certificates", ret))
}
}
})
return nil return nil
} }
func (s *CertificateService) ArchiveFile(ctx context.Context, req *dtos.CertificateArchiveFileReq) (*dtos.CertificateArchiveFileResp, error) { func (s *CertificateService) ArchiveFile(ctx context.Context, req *dtos.CertificateArchiveFileReq) (*dtos.CertificateArchiveFileResp, error) {
certificate, err := s.certRepo.GetById(ctx, req.CertificateId) certificate, err := s.certificateRepo.GetById(ctx, req.CertificateId)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -109,7 +145,7 @@ func (s *CertificateService) ArchiveFile(ctx context.Context, req *dtos.Certific
{ {
const pfxPassword = "certimate" const pfxPassword = "certimate"
certPFX, err := certs.TransformCertificateFromPEMToPFX(certificate.Certificate, certificate.PrivateKey, pfxPassword) certPFX, err := certutil.TransformCertificateFromPEMToPFX(certificate.Certificate, certificate.PrivateKey, pfxPassword)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -147,7 +183,7 @@ func (s *CertificateService) ArchiveFile(ctx context.Context, req *dtos.Certific
{ {
const jksPassword = "certimate" const jksPassword = "certimate"
certJKS, err := certs.TransformCertificateFromPEMToJKS(certificate.Certificate, certificate.PrivateKey, jksPassword, jksPassword, jksPassword) certJKS, err := certutil.TransformCertificateFromPEMToJKS(certificate.Certificate, certificate.PrivateKey, jksPassword, jksPassword, jksPassword)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -187,7 +223,7 @@ func (s *CertificateService) ArchiveFile(ctx context.Context, req *dtos.Certific
} }
func (s *CertificateService) ValidateCertificate(ctx context.Context, req *dtos.CertificateValidateCertificateReq) (*dtos.CertificateValidateCertificateResp, error) { func (s *CertificateService) ValidateCertificate(ctx context.Context, req *dtos.CertificateValidateCertificateReq) (*dtos.CertificateValidateCertificateResp, error) {
certX509, err := certs.ParseCertificateFromPEM(req.Certificate) certX509, err := certutil.ParseCertificateFromPEM(req.Certificate)
if err != nil { if err != nil {
return nil, err return nil, err
} else if time.Now().After(certX509.NotAfter) { } else if time.Now().After(certX509.NotAfter) {

14
internal/deployer/deployer.go
View File

@@ -3,14 +3,16 @@ package deployer
import ( import (
"context" "context"
"fmt" "fmt"
"log/slog"
"github.com/usual2970/certimate/internal/domain" "github.com/usual2970/certimate/internal/domain"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/repository" "github.com/usual2970/certimate/internal/repository"
) )
type Deployer interface { type Deployer interface {
SetLogger(*slog.Logger)
Deploy(ctx context.Context) error Deploy(ctx context.Context) error
} }
@@ -52,7 +54,6 @@ func NewWithDeployNode(node *domain.WorkflowNode, certdata struct {
} }
return &proxyDeployer{ return &proxyDeployer{
logger: logger.NewNilLogger(),
deployer: deployer, deployer: deployer,
deployCertificate: certdata.Certificate, deployCertificate: certdata.Certificate,
deployPrivateKey: certdata.PrivateKey, deployPrivateKey: certdata.PrivateKey,
@@ -61,12 +62,19 @@ func NewWithDeployNode(node *domain.WorkflowNode, certdata struct {
// TODO: 暂时使用代理模式以兼容之前版本代码,后续重新实现此处逻辑 // TODO: 暂时使用代理模式以兼容之前版本代码,后续重新实现此处逻辑
type proxyDeployer struct { type proxyDeployer struct {
logger logger.Logger
deployer deployer.Deployer deployer deployer.Deployer
deployCertificate string deployCertificate string
deployPrivateKey string deployPrivateKey string
} }
func (d *proxyDeployer) SetLogger(logger *slog.Logger) {
if logger == nil {
panic("logger is nil")
}
d.deployer.WithLogger(logger)
}
func (d *proxyDeployer) Deploy(ctx context.Context) error { func (d *proxyDeployer) Deploy(ctx context.Context) error {
_, err := d.deployer.Deploy(ctx, d.deployCertificate, d.deployPrivateKey) _, err := d.deployer.Deploy(ctx, d.deployCertificate, d.deployPrivateKey)
return err return err

326
internal/deployer/providers.go
View File

@@ -63,8 +63,8 @@ import (
pVolcEngineLive "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-live" pVolcEngineLive "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-live"
pVolcEngineTOS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-tos" pVolcEngineTOS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-tos"
pWebhook "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/webhook" pWebhook "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/webhook"
"github.com/usual2970/certimate/internal/pkg/utils/maps" "github.com/usual2970/certimate/internal/pkg/utils/maputil"
"github.com/usual2970/certimate/internal/pkg/utils/slices" "github.com/usual2970/certimate/internal/pkg/utils/sliceutil"
) )
func createDeployer(options *deployerOptions) (deployer.Deployer, error) { func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
@@ -76,7 +76,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderType1PanelConsole, domain.DeployProviderType1PanelSite: case domain.DeployProviderType1PanelConsole, domain.DeployProviderType1PanelSite:
{ {
access := domain.AccessConfigFor1Panel{} access := domain.AccessConfigFor1Panel{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -86,7 +86,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
ApiUrl: access.ApiUrl, ApiUrl: access.ApiUrl,
ApiKey: access.ApiKey, ApiKey: access.ApiKey,
AllowInsecureConnections: access.AllowInsecureConnections, AllowInsecureConnections: access.AllowInsecureConnections,
AutoRestart: maps.GetValueAsBool(options.ProviderDeployConfig, "autoRestart"), AutoRestart: maputil.GetBool(options.ProviderDeployConfig, "autoRestart"),
}) })
return deployer, err return deployer, err
@@ -95,7 +95,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
ApiUrl: access.ApiUrl, ApiUrl: access.ApiUrl,
ApiKey: access.ApiKey, ApiKey: access.ApiKey,
AllowInsecureConnections: access.AllowInsecureConnections, AllowInsecureConnections: access.AllowInsecureConnections,
WebsiteId: maps.GetValueAsInt64(options.ProviderDeployConfig, "websiteId"), WebsiteId: maputil.GetInt64(options.ProviderDeployConfig, "websiteId"),
}) })
return deployer, err return deployer, err
@@ -107,7 +107,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeAliyunALB, domain.DeployProviderTypeAliyunCASDeploy, domain.DeployProviderTypeAliyunCDN, domain.DeployProviderTypeAliyunCLB, domain.DeployProviderTypeAliyunDCDN, domain.DeployProviderTypeAliyunESA, domain.DeployProviderTypeAliyunFC, domain.DeployProviderTypeAliyunLive, domain.DeployProviderTypeAliyunNLB, domain.DeployProviderTypeAliyunOSS, domain.DeployProviderTypeAliyunVOD, domain.DeployProviderTypeAliyunWAF: case domain.DeployProviderTypeAliyunALB, domain.DeployProviderTypeAliyunCASDeploy, domain.DeployProviderTypeAliyunCDN, domain.DeployProviderTypeAliyunCLB, domain.DeployProviderTypeAliyunDCDN, domain.DeployProviderTypeAliyunESA, domain.DeployProviderTypeAliyunFC, domain.DeployProviderTypeAliyunLive, domain.DeployProviderTypeAliyunNLB, domain.DeployProviderTypeAliyunOSS, domain.DeployProviderTypeAliyunVOD, domain.DeployProviderTypeAliyunWAF:
{ {
access := domain.AccessConfigForAliyun{} access := domain.AccessConfigForAliyun{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -116,11 +116,11 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pAliyunALB.NewDeployer(&pAliyunALB.DeployerConfig{ deployer, err := pAliyunALB.NewDeployer(&pAliyunALB.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
ResourceType: pAliyunALB.ResourceType(maps.GetValueAsString(options.ProviderDeployConfig, "resourceType")), ResourceType: pAliyunALB.ResourceType(maputil.GetString(options.ProviderDeployConfig, "resourceType")),
LoadbalancerId: maps.GetValueAsString(options.ProviderDeployConfig, "loadbalancerId"), LoadbalancerId: maputil.GetString(options.ProviderDeployConfig, "loadbalancerId"),
ListenerId: maps.GetValueAsString(options.ProviderDeployConfig, "listenerId"), ListenerId: maputil.GetString(options.ProviderDeployConfig, "listenerId"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -128,9 +128,9 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pAliyunCASDeploy.NewDeployer(&pAliyunCASDeploy.DeployerConfig{ deployer, err := pAliyunCASDeploy.NewDeployer(&pAliyunCASDeploy.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
ResourceIds: slices.Filter(strings.Split(maps.GetValueAsString(options.ProviderDeployConfig, "resourceIds"), ";"), func(s string) bool { return s != "" }), ResourceIds: sliceutil.Filter(strings.Split(maputil.GetString(options.ProviderDeployConfig, "resourceIds"), ";"), func(s string) bool { return s != "" }),
ContactIds: slices.Filter(strings.Split(maps.GetValueAsString(options.ProviderDeployConfig, "contactIds"), ";"), func(s string) bool { return s != "" }), ContactIds: sliceutil.Filter(strings.Split(maputil.GetString(options.ProviderDeployConfig, "contactIds"), ";"), func(s string) bool { return s != "" }),
}) })
return deployer, err return deployer, err
@@ -138,7 +138,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pAliyunCDN.NewDeployer(&pAliyunCDN.DeployerConfig{ deployer, err := pAliyunCDN.NewDeployer(&pAliyunCDN.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -146,11 +146,11 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pAliyunCLB.NewDeployer(&pAliyunCLB.DeployerConfig{ deployer, err := pAliyunCLB.NewDeployer(&pAliyunCLB.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
ResourceType: pAliyunCLB.ResourceType(maps.GetValueAsString(options.ProviderDeployConfig, "resourceType")), ResourceType: pAliyunCLB.ResourceType(maputil.GetString(options.ProviderDeployConfig, "resourceType")),
LoadbalancerId: maps.GetValueAsString(options.ProviderDeployConfig, "loadbalancerId"), LoadbalancerId: maputil.GetString(options.ProviderDeployConfig, "loadbalancerId"),
ListenerPort: maps.GetValueOrDefaultAsInt32(options.ProviderDeployConfig, "listenerPort", 443), ListenerPort: maputil.GetOrDefaultInt32(options.ProviderDeployConfig, "listenerPort", 443),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -158,7 +158,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pAliyunDCDN.NewDeployer(&pAliyunDCDN.DeployerConfig{ deployer, err := pAliyunDCDN.NewDeployer(&pAliyunDCDN.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -166,8 +166,8 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pAliyunESA.NewDeployer(&pAliyunESA.DeployerConfig{ deployer, err := pAliyunESA.NewDeployer(&pAliyunESA.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
SiteId: maps.GetValueAsInt64(options.ProviderDeployConfig, "siteId"), SiteId: maputil.GetInt64(options.ProviderDeployConfig, "siteId"),
}) })
return deployer, err return deployer, err
@@ -175,9 +175,9 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pAliyunFC.NewDeployer(&pAliyunFC.DeployerConfig{ deployer, err := pAliyunFC.NewDeployer(&pAliyunFC.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
ServiceVersion: maps.GetValueAsString(options.ProviderDeployConfig, "serviceVersion"), ServiceVersion: maputil.GetOrDefaultString(options.ProviderDeployConfig, "serviceVersion", "3.0"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -185,8 +185,8 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pAliyunLive.NewDeployer(&pAliyunLive.DeployerConfig{ deployer, err := pAliyunLive.NewDeployer(&pAliyunLive.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -194,10 +194,10 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pAliyunNLB.NewDeployer(&pAliyunNLB.DeployerConfig{ deployer, err := pAliyunNLB.NewDeployer(&pAliyunNLB.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
ResourceType: pAliyunNLB.ResourceType(maps.GetValueAsString(options.ProviderDeployConfig, "resourceType")), ResourceType: pAliyunNLB.ResourceType(maputil.GetString(options.ProviderDeployConfig, "resourceType")),
LoadbalancerId: maps.GetValueAsString(options.ProviderDeployConfig, "loadbalancerId"), LoadbalancerId: maputil.GetString(options.ProviderDeployConfig, "loadbalancerId"),
ListenerId: maps.GetValueAsString(options.ProviderDeployConfig, "listenerId"), ListenerId: maputil.GetString(options.ProviderDeployConfig, "listenerId"),
}) })
return deployer, err return deployer, err
@@ -205,9 +205,9 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pAliyunOSS.NewDeployer(&pAliyunOSS.DeployerConfig{ deployer, err := pAliyunOSS.NewDeployer(&pAliyunOSS.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
Bucket: maps.GetValueAsString(options.ProviderDeployConfig, "bucket"), Bucket: maputil.GetString(options.ProviderDeployConfig, "bucket"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -215,8 +215,8 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pAliyunVOD.NewDeployer(&pAliyunVOD.DeployerConfig{ deployer, err := pAliyunVOD.NewDeployer(&pAliyunVOD.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -224,9 +224,9 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pAliyunWAF.NewDeployer(&pAliyunWAF.DeployerConfig{ deployer, err := pAliyunWAF.NewDeployer(&pAliyunWAF.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
InstanceId: maps.GetValueAsString(options.ProviderDeployConfig, "instanceId"), InstanceId: maputil.GetString(options.ProviderDeployConfig, "instanceId"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -238,7 +238,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeAWSCloudFront: case domain.DeployProviderTypeAWSCloudFront:
{ {
access := domain.AccessConfigForAWS{} access := domain.AccessConfigForAWS{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -247,8 +247,8 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pAWSCloudFront.NewDeployer(&pAWSCloudFront.DeployerConfig{ deployer, err := pAWSCloudFront.NewDeployer(&pAWSCloudFront.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
SecretAccessKey: access.SecretAccessKey, SecretAccessKey: access.SecretAccessKey,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
DistributionId: maps.GetValueAsString(options.ProviderDeployConfig, "distributionId"), DistributionId: maputil.GetString(options.ProviderDeployConfig, "distributionId"),
}) })
return deployer, err return deployer, err
@@ -260,7 +260,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeBaiduCloudCDN: case domain.DeployProviderTypeBaiduCloudCDN:
{ {
access := domain.AccessConfigForBaiduCloud{} access := domain.AccessConfigForBaiduCloud{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -269,7 +269,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pBaiduCloudCDN.NewDeployer(&pBaiduCloudCDN.DeployerConfig{ deployer, err := pBaiduCloudCDN.NewDeployer(&pBaiduCloudCDN.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
SecretAccessKey: access.SecretAccessKey, SecretAccessKey: access.SecretAccessKey,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -281,7 +281,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeBaishanCDN: case domain.DeployProviderTypeBaishanCDN:
{ {
access := domain.AccessConfigForBaishan{} access := domain.AccessConfigForBaishan{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -289,7 +289,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeBaishanCDN: case domain.DeployProviderTypeBaishanCDN:
deployer, err := pBaishanCDN.NewDeployer(&pBaishanCDN.DeployerConfig{ deployer, err := pBaishanCDN.NewDeployer(&pBaishanCDN.DeployerConfig{
ApiToken: access.ApiToken, ApiToken: access.ApiToken,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -301,7 +301,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeBaotaPanelConsole, domain.DeployProviderTypeBaotaPanelSite: case domain.DeployProviderTypeBaotaPanelConsole, domain.DeployProviderTypeBaotaPanelSite:
{ {
access := domain.AccessConfigForBaotaPanel{} access := domain.AccessConfigForBaotaPanel{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -311,7 +311,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
ApiUrl: access.ApiUrl, ApiUrl: access.ApiUrl,
ApiKey: access.ApiKey, ApiKey: access.ApiKey,
AllowInsecureConnections: access.AllowInsecureConnections, AllowInsecureConnections: access.AllowInsecureConnections,
AutoRestart: maps.GetValueAsBool(options.ProviderDeployConfig, "autoRestart"), AutoRestart: maputil.GetBool(options.ProviderDeployConfig, "autoRestart"),
}) })
return deployer, err return deployer, err
@@ -320,9 +320,9 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
ApiUrl: access.ApiUrl, ApiUrl: access.ApiUrl,
ApiKey: access.ApiKey, ApiKey: access.ApiKey,
AllowInsecureConnections: access.AllowInsecureConnections, AllowInsecureConnections: access.AllowInsecureConnections,
SiteType: maps.GetValueOrDefaultAsString(options.ProviderDeployConfig, "siteType", "other"), SiteType: maputil.GetOrDefaultString(options.ProviderDeployConfig, "siteType", "other"),
SiteName: maps.GetValueAsString(options.ProviderDeployConfig, "siteName"), SiteName: maputil.GetString(options.ProviderDeployConfig, "siteName"),
SiteNames: slices.Filter(strings.Split(maps.GetValueAsString(options.ProviderDeployConfig, "siteNames"), ";"), func(s string) bool { return s != "" }), SiteNames: sliceutil.Filter(strings.Split(maputil.GetString(options.ProviderDeployConfig, "siteNames"), ";"), func(s string) bool { return s != "" }),
}) })
return deployer, err return deployer, err
@@ -334,7 +334,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeBytePlusCDN: case domain.DeployProviderTypeBytePlusCDN:
{ {
access := domain.AccessConfigForBytePlus{} access := domain.AccessConfigForBytePlus{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -343,7 +343,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pBytePlusCDN.NewDeployer(&pBytePlusCDN.DeployerConfig{ deployer, err := pBytePlusCDN.NewDeployer(&pBytePlusCDN.DeployerConfig{
AccessKey: access.AccessKey, AccessKey: access.AccessKey,
SecretKey: access.SecretKey, SecretKey: access.SecretKey,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -355,7 +355,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeCacheFly: case domain.DeployProviderTypeCacheFly:
{ {
access := domain.AccessConfigForCacheFly{} access := domain.AccessConfigForCacheFly{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -368,7 +368,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeCdnfly: case domain.DeployProviderTypeCdnfly:
{ {
access := domain.AccessConfigForCdnfly{} access := domain.AccessConfigForCdnfly{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -376,9 +376,9 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
ApiUrl: access.ApiUrl, ApiUrl: access.ApiUrl,
ApiKey: access.ApiKey, ApiKey: access.ApiKey,
ApiSecret: access.ApiSecret, ApiSecret: access.ApiSecret,
ResourceType: pCdnfly.ResourceType(maps.GetValueAsString(options.ProviderDeployConfig, "resourceType")), ResourceType: pCdnfly.ResourceType(maputil.GetString(options.ProviderDeployConfig, "resourceType")),
SiteId: maps.GetValueAsString(options.ProviderDeployConfig, "siteId"), SiteId: maputil.GetString(options.ProviderDeployConfig, "siteId"),
CertificateId: maps.GetValueAsString(options.ProviderDeployConfig, "certificateId"), CertificateId: maputil.GetString(options.ProviderDeployConfig, "certificateId"),
}) })
return deployer, err return deployer, err
} }
@@ -386,14 +386,14 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeDogeCloudCDN: case domain.DeployProviderTypeDogeCloudCDN:
{ {
access := domain.AccessConfigForDogeCloud{} access := domain.AccessConfigForDogeCloud{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
deployer, err := pDogeCDN.NewDeployer(&pDogeCDN.DeployerConfig{ deployer, err := pDogeCDN.NewDeployer(&pDogeCDN.DeployerConfig{
AccessKey: access.AccessKey, AccessKey: access.AccessKey,
SecretKey: access.SecretKey, SecretKey: access.SecretKey,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
} }
@@ -401,14 +401,14 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeEdgioApplications: case domain.DeployProviderTypeEdgioApplications:
{ {
access := domain.AccessConfigForEdgio{} access := domain.AccessConfigForEdgio{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
deployer, err := pEdgioApplications.NewDeployer(&pEdgioApplications.DeployerConfig{ deployer, err := pEdgioApplications.NewDeployer(&pEdgioApplications.DeployerConfig{
ClientId: access.ClientId, ClientId: access.ClientId,
ClientSecret: access.ClientSecret, ClientSecret: access.ClientSecret,
EnvironmentId: maps.GetValueAsString(options.ProviderDeployConfig, "environmentId"), EnvironmentId: maputil.GetString(options.ProviderDeployConfig, "environmentId"),
}) })
return deployer, err return deployer, err
} }
@@ -416,7 +416,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeGcoreCDN: case domain.DeployProviderTypeGcoreCDN:
{ {
access := domain.AccessConfigForGcore{} access := domain.AccessConfigForGcore{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -424,7 +424,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeGcoreCDN: case domain.DeployProviderTypeGcoreCDN:
deployer, err := pGcoreCDN.NewDeployer(&pGcoreCDN.DeployerConfig{ deployer, err := pGcoreCDN.NewDeployer(&pGcoreCDN.DeployerConfig{
ApiToken: access.ApiToken, ApiToken: access.ApiToken,
ResourceId: maps.GetValueAsInt64(options.ProviderDeployConfig, "resourceId"), ResourceId: maputil.GetInt64(options.ProviderDeployConfig, "resourceId"),
}) })
return deployer, err return deployer, err
@@ -436,7 +436,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeHuaweiCloudCDN, domain.DeployProviderTypeHuaweiCloudELB, domain.DeployProviderTypeHuaweiCloudWAF: case domain.DeployProviderTypeHuaweiCloudCDN, domain.DeployProviderTypeHuaweiCloudELB, domain.DeployProviderTypeHuaweiCloudWAF:
{ {
access := domain.AccessConfigForHuaweiCloud{} access := domain.AccessConfigForHuaweiCloud{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -445,8 +445,8 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pHuaweiCloudCDN.NewDeployer(&pHuaweiCloudCDN.DeployerConfig{ deployer, err := pHuaweiCloudCDN.NewDeployer(&pHuaweiCloudCDN.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
SecretAccessKey: access.SecretAccessKey, SecretAccessKey: access.SecretAccessKey,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -454,11 +454,11 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pHuaweiCloudELB.NewDeployer(&pHuaweiCloudELB.DeployerConfig{ deployer, err := pHuaweiCloudELB.NewDeployer(&pHuaweiCloudELB.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
SecretAccessKey: access.SecretAccessKey, SecretAccessKey: access.SecretAccessKey,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
ResourceType: pHuaweiCloudELB.ResourceType(maps.GetValueAsString(options.ProviderDeployConfig, "resourceType")), ResourceType: pHuaweiCloudELB.ResourceType(maputil.GetString(options.ProviderDeployConfig, "resourceType")),
CertificateId: maps.GetValueAsString(options.ProviderDeployConfig, "certificateId"), CertificateId: maputil.GetString(options.ProviderDeployConfig, "certificateId"),
LoadbalancerId: maps.GetValueAsString(options.ProviderDeployConfig, "loadbalancerId"), LoadbalancerId: maputil.GetString(options.ProviderDeployConfig, "loadbalancerId"),
ListenerId: maps.GetValueAsString(options.ProviderDeployConfig, "listenerId"), ListenerId: maputil.GetString(options.ProviderDeployConfig, "listenerId"),
}) })
return deployer, err return deployer, err
@@ -466,10 +466,10 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pHuaweiCloudWAF.NewDeployer(&pHuaweiCloudWAF.DeployerConfig{ deployer, err := pHuaweiCloudWAF.NewDeployer(&pHuaweiCloudWAF.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
SecretAccessKey: access.SecretAccessKey, SecretAccessKey: access.SecretAccessKey,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
ResourceType: pHuaweiCloudWAF.ResourceType(maps.GetValueAsString(options.ProviderDeployConfig, "resourceType")), ResourceType: pHuaweiCloudWAF.ResourceType(maputil.GetString(options.ProviderDeployConfig, "resourceType")),
CertificateId: maps.GetValueAsString(options.ProviderDeployConfig, "certificateId"), CertificateId: maputil.GetString(options.ProviderDeployConfig, "certificateId"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -481,7 +481,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeJDCloudALB, domain.DeployProviderTypeJDCloudCDN, domain.DeployProviderTypeJDCloudLive, domain.DeployProviderTypeJDCloudVOD: case domain.DeployProviderTypeJDCloudALB, domain.DeployProviderTypeJDCloudCDN, domain.DeployProviderTypeJDCloudLive, domain.DeployProviderTypeJDCloudVOD:
{ {
access := domain.AccessConfigForJDCloud{} access := domain.AccessConfigForJDCloud{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -490,10 +490,10 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pJDCloudALB.NewDeployer(&pJDCloudALB.DeployerConfig{ deployer, err := pJDCloudALB.NewDeployer(&pJDCloudALB.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
RegionId: maps.GetValueAsString(options.ProviderDeployConfig, "regionId"), RegionId: maputil.GetString(options.ProviderDeployConfig, "regionId"),
ResourceType: pJDCloudALB.ResourceType(maps.GetValueAsString(options.ProviderDeployConfig, "resourceType")), ResourceType: pJDCloudALB.ResourceType(maputil.GetString(options.ProviderDeployConfig, "resourceType")),
LoadbalancerId: maps.GetValueAsString(options.ProviderDeployConfig, "loadbalancerId"), LoadbalancerId: maputil.GetString(options.ProviderDeployConfig, "loadbalancerId"),
ListenerId: maps.GetValueAsString(options.ProviderDeployConfig, "listenerId"), ListenerId: maputil.GetString(options.ProviderDeployConfig, "listenerId"),
}) })
return deployer, err return deployer, err
@@ -501,7 +501,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pJDCloudCDN.NewDeployer(&pJDCloudCDN.DeployerConfig{ deployer, err := pJDCloudCDN.NewDeployer(&pJDCloudCDN.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -509,7 +509,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pJDCloudLive.NewDeployer(&pJDCloudLive.DeployerConfig{ deployer, err := pJDCloudLive.NewDeployer(&pJDCloudLive.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -517,7 +517,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pJDCloudVOD.NewDeployer(&pJDCloudVOD.DeployerConfig{ deployer, err := pJDCloudVOD.NewDeployer(&pJDCloudVOD.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret, AccessKeySecret: access.AccessKeySecret,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -529,16 +529,16 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeLocal: case domain.DeployProviderTypeLocal:
{ {
deployer, err := pLocal.NewDeployer(&pLocal.DeployerConfig{ deployer, err := pLocal.NewDeployer(&pLocal.DeployerConfig{
ShellEnv: pLocal.ShellEnvType(maps.GetValueAsString(options.ProviderDeployConfig, "shellEnv")), ShellEnv: pLocal.ShellEnvType(maputil.GetString(options.ProviderDeployConfig, "shellEnv")),
PreCommand: maps.GetValueAsString(options.ProviderDeployConfig, "preCommand"), PreCommand: maputil.GetString(options.ProviderDeployConfig, "preCommand"),
PostCommand: maps.GetValueAsString(options.ProviderDeployConfig, "postCommand"), PostCommand: maputil.GetString(options.ProviderDeployConfig, "postCommand"),
OutputFormat: pLocal.OutputFormatType(maps.GetValueOrDefaultAsString(options.ProviderDeployConfig, "format", string(pLocal.OUTPUT_FORMAT_PEM))), OutputFormat: pLocal.OutputFormatType(maputil.GetOrDefaultString(options.ProviderDeployConfig, "format", string(pLocal.OUTPUT_FORMAT_PEM))),
OutputCertPath: maps.GetValueAsString(options.ProviderDeployConfig, "certPath"), OutputCertPath: maputil.GetString(options.ProviderDeployConfig, "certPath"),
OutputKeyPath: maps.GetValueAsString(options.ProviderDeployConfig, "keyPath"), OutputKeyPath: maputil.GetString(options.ProviderDeployConfig, "keyPath"),
PfxPassword: maps.GetValueAsString(options.ProviderDeployConfig, "pfxPassword"), PfxPassword: maputil.GetString(options.ProviderDeployConfig, "pfxPassword"),
JksAlias: maps.GetValueAsString(options.ProviderDeployConfig, "jksAlias"), JksAlias: maputil.GetString(options.ProviderDeployConfig, "jksAlias"),
JksKeypass: maps.GetValueAsString(options.ProviderDeployConfig, "jksKeypass"), JksKeypass: maputil.GetString(options.ProviderDeployConfig, "jksKeypass"),
JksStorepass: maps.GetValueAsString(options.ProviderDeployConfig, "jksStorepass"), JksStorepass: maputil.GetString(options.ProviderDeployConfig, "jksStorepass"),
}) })
return deployer, err return deployer, err
} }
@@ -546,17 +546,17 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeKubernetesSecret: case domain.DeployProviderTypeKubernetesSecret:
{ {
access := domain.AccessConfigForKubernetes{} access := domain.AccessConfigForKubernetes{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
deployer, err := pK8sSecret.NewDeployer(&pK8sSecret.DeployerConfig{ deployer, err := pK8sSecret.NewDeployer(&pK8sSecret.DeployerConfig{
KubeConfig: access.KubeConfig, KubeConfig: access.KubeConfig,
Namespace: maps.GetValueOrDefaultAsString(options.ProviderDeployConfig, "namespace", "default"), Namespace: maputil.GetOrDefaultString(options.ProviderDeployConfig, "namespace", "default"),
SecretName: maps.GetValueAsString(options.ProviderDeployConfig, "secretName"), SecretName: maputil.GetString(options.ProviderDeployConfig, "secretName"),
SecretType: maps.GetValueOrDefaultAsString(options.ProviderDeployConfig, "secretType", "kubernetes.io/tls"), SecretType: maputil.GetOrDefaultString(options.ProviderDeployConfig, "secretType", "kubernetes.io/tls"),
SecretDataKeyForCrt: maps.GetValueOrDefaultAsString(options.ProviderDeployConfig, "secretDataKeyForCrt", "tls.crt"), SecretDataKeyForCrt: maputil.GetOrDefaultString(options.ProviderDeployConfig, "secretDataKeyForCrt", "tls.crt"),
SecretDataKeyForKey: maps.GetValueOrDefaultAsString(options.ProviderDeployConfig, "secretDataKeyForKey", "tls.key"), SecretDataKeyForKey: maputil.GetOrDefaultString(options.ProviderDeployConfig, "secretDataKeyForKey", "tls.key"),
}) })
return deployer, err return deployer, err
} }
@@ -564,7 +564,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeQiniuCDN, domain.DeployProviderTypeQiniuPili: case domain.DeployProviderTypeQiniuCDN, domain.DeployProviderTypeQiniuPili:
{ {
access := domain.AccessConfigForQiniu{} access := domain.AccessConfigForQiniu{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -573,7 +573,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pQiniuCDN.NewDeployer(&pQiniuCDN.DeployerConfig{ deployer, err := pQiniuCDN.NewDeployer(&pQiniuCDN.DeployerConfig{
AccessKey: access.AccessKey, AccessKey: access.AccessKey,
SecretKey: access.SecretKey, SecretKey: access.SecretKey,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -581,8 +581,8 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pQiniuPili.NewDeployer(&pQiniuPili.DeployerConfig{ deployer, err := pQiniuPili.NewDeployer(&pQiniuPili.DeployerConfig{
AccessKey: access.AccessKey, AccessKey: access.AccessKey,
SecretKey: access.SecretKey, SecretKey: access.SecretKey,
Hub: maps.GetValueAsString(options.ProviderDeployConfig, "hub"), Hub: maputil.GetString(options.ProviderDeployConfig, "hub"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -594,7 +594,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeSafeLine: case domain.DeployProviderTypeSafeLine:
{ {
access := domain.AccessConfigForSafeLine{} access := domain.AccessConfigForSafeLine{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -602,8 +602,8 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
ApiUrl: access.ApiUrl, ApiUrl: access.ApiUrl,
ApiToken: access.ApiToken, ApiToken: access.ApiToken,
AllowInsecureConnections: access.AllowInsecureConnections, AllowInsecureConnections: access.AllowInsecureConnections,
ResourceType: pSafeLine.ResourceType(maps.GetValueAsString(options.ProviderDeployConfig, "resourceType")), ResourceType: pSafeLine.ResourceType(maputil.GetString(options.ProviderDeployConfig, "resourceType")),
CertificateId: maps.GetValueAsInt32(options.ProviderDeployConfig, "certificateId"), CertificateId: maputil.GetInt32(options.ProviderDeployConfig, "certificateId"),
}) })
return deployer, err return deployer, err
} }
@@ -611,7 +611,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeSSH: case domain.DeployProviderTypeSSH:
{ {
access := domain.AccessConfigForSSH{} access := domain.AccessConfigForSSH{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -622,16 +622,16 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
SshPassword: access.Password, SshPassword: access.Password,
SshKey: access.Key, SshKey: access.Key,
SshKeyPassphrase: access.KeyPassphrase, SshKeyPassphrase: access.KeyPassphrase,
UseSCP: maps.GetValueAsBool(options.ProviderDeployConfig, "useSCP"), UseSCP: maputil.GetBool(options.ProviderDeployConfig, "useSCP"),
PreCommand: maps.GetValueAsString(options.ProviderDeployConfig, "preCommand"), PreCommand: maputil.GetString(options.ProviderDeployConfig, "preCommand"),
PostCommand: maps.GetValueAsString(options.ProviderDeployConfig, "postCommand"), PostCommand: maputil.GetString(options.ProviderDeployConfig, "postCommand"),
OutputFormat: pSSH.OutputFormatType(maps.GetValueOrDefaultAsString(options.ProviderDeployConfig, "format", string(pSSH.OUTPUT_FORMAT_PEM))), OutputFormat: pSSH.OutputFormatType(maputil.GetOrDefaultString(options.ProviderDeployConfig, "format", string(pSSH.OUTPUT_FORMAT_PEM))),
OutputCertPath: maps.GetValueAsString(options.ProviderDeployConfig, "certPath"), OutputCertPath: maputil.GetString(options.ProviderDeployConfig, "certPath"),
OutputKeyPath: maps.GetValueAsString(options.ProviderDeployConfig, "keyPath"), OutputKeyPath: maputil.GetString(options.ProviderDeployConfig, "keyPath"),
PfxPassword: maps.GetValueAsString(options.ProviderDeployConfig, "pfxPassword"), PfxPassword: maputil.GetString(options.ProviderDeployConfig, "pfxPassword"),
JksAlias: maps.GetValueAsString(options.ProviderDeployConfig, "jksAlias"), JksAlias: maputil.GetString(options.ProviderDeployConfig, "jksAlias"),
JksKeypass: maps.GetValueAsString(options.ProviderDeployConfig, "jksKeypass"), JksKeypass: maputil.GetString(options.ProviderDeployConfig, "jksKeypass"),
JksStorepass: maps.GetValueAsString(options.ProviderDeployConfig, "jksStorepass"), JksStorepass: maputil.GetString(options.ProviderDeployConfig, "jksStorepass"),
}) })
return deployer, err return deployer, err
} }
@@ -639,7 +639,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeTencentCloudCDN, domain.DeployProviderTypeTencentCloudCLB, domain.DeployProviderTypeTencentCloudCOS, domain.DeployProviderTypeTencentCloudCSS, domain.DeployProviderTypeTencentCloudECDN, domain.DeployProviderTypeTencentCloudEO, domain.DeployProviderTypeTencentCloudSCF, domain.DeployProviderTypeTencentCloudSSLDeploy, domain.DeployProviderTypeTencentCloudVOD, domain.DeployProviderTypeTencentCloudWAF: case domain.DeployProviderTypeTencentCloudCDN, domain.DeployProviderTypeTencentCloudCLB, domain.DeployProviderTypeTencentCloudCOS, domain.DeployProviderTypeTencentCloudCSS, domain.DeployProviderTypeTencentCloudECDN, domain.DeployProviderTypeTencentCloudEO, domain.DeployProviderTypeTencentCloudSCF, domain.DeployProviderTypeTencentCloudSSLDeploy, domain.DeployProviderTypeTencentCloudVOD, domain.DeployProviderTypeTencentCloudWAF:
{ {
access := domain.AccessConfigForTencentCloud{} access := domain.AccessConfigForTencentCloud{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -648,7 +648,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pTencentCloudCDN.NewDeployer(&pTencentCloudCDN.DeployerConfig{ deployer, err := pTencentCloudCDN.NewDeployer(&pTencentCloudCDN.DeployerConfig{
SecretId: access.SecretId, SecretId: access.SecretId,
SecretKey: access.SecretKey, SecretKey: access.SecretKey,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -656,11 +656,11 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pTencentCloudCLB.NewDeployer(&pTencentCloudCLB.DeployerConfig{ deployer, err := pTencentCloudCLB.NewDeployer(&pTencentCloudCLB.DeployerConfig{
SecretId: access.SecretId, SecretId: access.SecretId,
SecretKey: access.SecretKey, SecretKey: access.SecretKey,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
ResourceType: pTencentCloudCLB.ResourceType(maps.GetValueAsString(options.ProviderDeployConfig, "resourceType")), ResourceType: pTencentCloudCLB.ResourceType(maputil.GetString(options.ProviderDeployConfig, "resourceType")),
LoadbalancerId: maps.GetValueAsString(options.ProviderDeployConfig, "loadbalancerId"), LoadbalancerId: maputil.GetString(options.ProviderDeployConfig, "loadbalancerId"),
ListenerId: maps.GetValueAsString(options.ProviderDeployConfig, "listenerId"), ListenerId: maputil.GetString(options.ProviderDeployConfig, "listenerId"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -668,9 +668,9 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pTencentCloudCOS.NewDeployer(&pTencentCloudCOS.DeployerConfig{ deployer, err := pTencentCloudCOS.NewDeployer(&pTencentCloudCOS.DeployerConfig{
SecretId: access.SecretId, SecretId: access.SecretId,
SecretKey: access.SecretKey, SecretKey: access.SecretKey,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
Bucket: maps.GetValueAsString(options.ProviderDeployConfig, "bucket"), Bucket: maputil.GetString(options.ProviderDeployConfig, "bucket"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -678,7 +678,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pTencentCloudCSS.NewDeployer(&pTencentCloudCSS.DeployerConfig{ deployer, err := pTencentCloudCSS.NewDeployer(&pTencentCloudCSS.DeployerConfig{
SecretId: access.SecretId, SecretId: access.SecretId,
SecretKey: access.SecretKey, SecretKey: access.SecretKey,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -686,7 +686,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pTencentCloudECDN.NewDeployer(&pTencentCloudECDN.DeployerConfig{ deployer, err := pTencentCloudECDN.NewDeployer(&pTencentCloudECDN.DeployerConfig{
SecretId: access.SecretId, SecretId: access.SecretId,
SecretKey: access.SecretKey, SecretKey: access.SecretKey,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -694,8 +694,8 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pTencentCloudEO.NewDeployer(&pTencentCloudEO.DeployerConfig{ deployer, err := pTencentCloudEO.NewDeployer(&pTencentCloudEO.DeployerConfig{
SecretId: access.SecretId, SecretId: access.SecretId,
SecretKey: access.SecretKey, SecretKey: access.SecretKey,
ZoneId: maps.GetValueAsString(options.ProviderDeployConfig, "zoneId"), ZoneId: maputil.GetString(options.ProviderDeployConfig, "zoneId"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -703,8 +703,8 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pTencentCloudSCF.NewDeployer(&pTencentCloudSCF.DeployerConfig{ deployer, err := pTencentCloudSCF.NewDeployer(&pTencentCloudSCF.DeployerConfig{
SecretId: access.SecretId, SecretId: access.SecretId,
SecretKey: access.SecretKey, SecretKey: access.SecretKey,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -712,9 +712,9 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pTencentCloudSSLDeploy.NewDeployer(&pTencentCloudSSLDeploy.DeployerConfig{ deployer, err := pTencentCloudSSLDeploy.NewDeployer(&pTencentCloudSSLDeploy.DeployerConfig{
SecretId: access.SecretId, SecretId: access.SecretId,
SecretKey: access.SecretKey, SecretKey: access.SecretKey,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
ResourceType: maps.GetValueAsString(options.ProviderDeployConfig, "resourceType"), ResourceType: maputil.GetString(options.ProviderDeployConfig, "resourceType"),
ResourceIds: slices.Filter(strings.Split(maps.GetValueAsString(options.ProviderDeployConfig, "resourceIds"), ";"), func(s string) bool { return s != "" }), ResourceIds: sliceutil.Filter(strings.Split(maputil.GetString(options.ProviderDeployConfig, "resourceIds"), ";"), func(s string) bool { return s != "" }),
}) })
return deployer, err return deployer, err
@@ -722,8 +722,8 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pTencentCloudVOD.NewDeployer(&pTencentCloudVOD.DeployerConfig{ deployer, err := pTencentCloudVOD.NewDeployer(&pTencentCloudVOD.DeployerConfig{
SecretId: access.SecretId, SecretId: access.SecretId,
SecretKey: access.SecretKey, SecretKey: access.SecretKey,
SubAppId: maps.GetValueAsInt64(options.ProviderDeployConfig, "subAppId"), SubAppId: maputil.GetInt64(options.ProviderDeployConfig, "subAppId"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -731,9 +731,9 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pTencentCloudWAF.NewDeployer(&pTencentCloudWAF.DeployerConfig{ deployer, err := pTencentCloudWAF.NewDeployer(&pTencentCloudWAF.DeployerConfig{
SecretId: access.SecretId, SecretId: access.SecretId,
SecretKey: access.SecretKey, SecretKey: access.SecretKey,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
DomainId: maps.GetValueAsString(options.ProviderDeployConfig, "domainId"), DomainId: maputil.GetString(options.ProviderDeployConfig, "domainId"),
InstanceId: maps.GetValueAsString(options.ProviderDeployConfig, "instanceId"), InstanceId: maputil.GetString(options.ProviderDeployConfig, "instanceId"),
}) })
return deployer, err return deployer, err
@@ -745,7 +745,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeUCloudUCDN, domain.DeployProviderTypeUCloudUS3: case domain.DeployProviderTypeUCloudUCDN, domain.DeployProviderTypeUCloudUS3:
{ {
access := domain.AccessConfigForUCloud{} access := domain.AccessConfigForUCloud{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -755,7 +755,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
PrivateKey: access.PrivateKey, PrivateKey: access.PrivateKey,
PublicKey: access.PublicKey, PublicKey: access.PublicKey,
ProjectId: access.ProjectId, ProjectId: access.ProjectId,
DomainId: maps.GetValueAsString(options.ProviderDeployConfig, "domainId"), DomainId: maputil.GetString(options.ProviderDeployConfig, "domainId"),
}) })
return deployer, err return deployer, err
@@ -764,9 +764,9 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
PrivateKey: access.PrivateKey, PrivateKey: access.PrivateKey,
PublicKey: access.PublicKey, PublicKey: access.PublicKey,
ProjectId: access.ProjectId, ProjectId: access.ProjectId,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
Bucket: maps.GetValueAsString(options.ProviderDeployConfig, "bucket"), Bucket: maputil.GetString(options.ProviderDeployConfig, "bucket"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -778,7 +778,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeVolcEngineCDN, domain.DeployProviderTypeVolcEngineCLB, domain.DeployProviderTypeVolcEngineDCDN, domain.DeployProviderTypeVolcEngineImageX, domain.DeployProviderTypeVolcEngineLive, domain.DeployProviderTypeVolcEngineTOS: case domain.DeployProviderTypeVolcEngineCDN, domain.DeployProviderTypeVolcEngineCLB, domain.DeployProviderTypeVolcEngineDCDN, domain.DeployProviderTypeVolcEngineImageX, domain.DeployProviderTypeVolcEngineLive, domain.DeployProviderTypeVolcEngineTOS:
{ {
access := domain.AccessConfigForVolcEngine{} access := domain.AccessConfigForVolcEngine{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
@@ -787,7 +787,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pVolcEngineCDN.NewDeployer(&pVolcEngineCDN.DeployerConfig{ deployer, err := pVolcEngineCDN.NewDeployer(&pVolcEngineCDN.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.SecretAccessKey, AccessKeySecret: access.SecretAccessKey,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -795,9 +795,9 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pVolcEngineCLB.NewDeployer(&pVolcEngineCLB.DeployerConfig{ deployer, err := pVolcEngineCLB.NewDeployer(&pVolcEngineCLB.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.SecretAccessKey, AccessKeySecret: access.SecretAccessKey,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
ResourceType: pVolcEngineCLB.ResourceType(maps.GetValueAsString(options.ProviderDeployConfig, "resourceType")), ResourceType: pVolcEngineCLB.ResourceType(maputil.GetString(options.ProviderDeployConfig, "resourceType")),
ListenerId: maps.GetValueAsString(options.ProviderDeployConfig, "listenerId"), ListenerId: maputil.GetString(options.ProviderDeployConfig, "listenerId"),
}) })
return deployer, err return deployer, err
@@ -805,7 +805,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pVolcEngineDCDN.NewDeployer(&pVolcEngineDCDN.DeployerConfig{ deployer, err := pVolcEngineDCDN.NewDeployer(&pVolcEngineDCDN.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.SecretAccessKey, AccessKeySecret: access.SecretAccessKey,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -813,9 +813,9 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pVolcEngineImageX.NewDeployer(&pVolcEngineImageX.DeployerConfig{ deployer, err := pVolcEngineImageX.NewDeployer(&pVolcEngineImageX.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.SecretAccessKey, AccessKeySecret: access.SecretAccessKey,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
ServiceId: maps.GetValueAsString(options.ProviderDeployConfig, "serviceId"), ServiceId: maputil.GetString(options.ProviderDeployConfig, "serviceId"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -823,7 +823,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pVolcEngineLive.NewDeployer(&pVolcEngineLive.DeployerConfig{ deployer, err := pVolcEngineLive.NewDeployer(&pVolcEngineLive.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.SecretAccessKey, AccessKeySecret: access.SecretAccessKey,
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -831,9 +831,9 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pVolcEngineTOS.NewDeployer(&pVolcEngineTOS.DeployerConfig{ deployer, err := pVolcEngineTOS.NewDeployer(&pVolcEngineTOS.DeployerConfig{
AccessKeyId: access.AccessKeyId, AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.SecretAccessKey, AccessKeySecret: access.SecretAccessKey,
Region: maps.GetValueAsString(options.ProviderDeployConfig, "region"), Region: maputil.GetString(options.ProviderDeployConfig, "region"),
Bucket: maps.GetValueAsString(options.ProviderDeployConfig, "bucket"), Bucket: maputil.GetString(options.ProviderDeployConfig, "bucket"),
Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
}) })
return deployer, err return deployer, err
@@ -845,13 +845,13 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
case domain.DeployProviderTypeWebhook: case domain.DeployProviderTypeWebhook:
{ {
access := domain.AccessConfigForWebhook{} access := domain.AccessConfigForWebhook{}
if err := maps.Populate(options.ProviderAccessConfig, &access); err != nil { if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err) return nil, fmt.Errorf("failed to populate provider access config: %w", err)
} }
deployer, err := pWebhook.NewDeployer(&pWebhook.DeployerConfig{ deployer, err := pWebhook.NewDeployer(&pWebhook.DeployerConfig{
WebhookUrl: access.Url, WebhookUrl: access.Url,
WebhookData: maps.GetValueAsString(options.ProviderDeployConfig, "webhookData"), WebhookData: maputil.GetString(options.ProviderDeployConfig, "webhookData"),
AllowInsecureConnections: access.AllowInsecureConnections, AllowInsecureConnections: access.AllowInsecureConnections,
}) })
return deployer, err return deployer, err

6
internal/domain/certificate.go
View File

@@ -8,7 +8,7 @@ import (
"strings" "strings"
"time" "time"
"github.com/usual2970/certimate/internal/pkg/utils/certs" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
) )
const CollectionNameCertificate = "certificate" const CollectionNameCertificate = "certificate"
@@ -105,10 +105,10 @@ func (c *Certificate) PopulateFromPEM(certPEM, privkeyPEM string) *Certificate {
c.Certificate = certPEM c.Certificate = certPEM
c.PrivateKey = privkeyPEM c.PrivateKey = privkeyPEM
_, issuerCertPEM, _ := certs.ExtractCertificatesFromPEM(certPEM) _, issuerCertPEM, _ := certutil.ExtractCertificatesFromPEM(certPEM)
c.IssuerCertificate = issuerCertPEM c.IssuerCertificate = issuerCertPEM
certX509, _ := certs.ParseCertificateFromPEM(certPEM) certX509, _ := certutil.ParseCertificateFromPEM(certPEM)
if certX509 != nil { if certX509 != nil {
c.PopulateFromX509(certX509) c.PopulateFromX509(certX509)
} }

15
internal/domain/settings.go
View File

@@ -14,12 +14,10 @@ type Settings struct {
} }
type NotifyTemplatesSettingsContent struct { type NotifyTemplatesSettingsContent struct {
NotifyTemplates []NotifyTemplate `json:"notifyTemplates"` NotifyTemplates []struct {
} Subject string `json:"subject"`
Message string `json:"message"`
type NotifyTemplate struct { } `json:"notifyTemplates"`
Subject string `json:"subject"`
Message string `json:"message"`
} }
type NotifyChannelsSettingsContent map[string]map[string]any type NotifyChannelsSettingsContent map[string]map[string]any
@@ -37,3 +35,8 @@ func (s *Settings) GetNotifyChannelConfig(channel string) (map[string]any, error
return v, nil return v, nil
} }
type PersistenceSettingsContent struct {
WorkflowRunsMaxDaysRetention int `json:"workflowRunsMaxDaysRetention"`
ExpiredCertificatesMaxDaysRetention int `json:"expiredCertificatesMaxDaysRetention"`
}

62
internal/domain/workflow.go
View File

@@ -3,7 +3,7 @@ package domain
import ( import (
"time" "time"
"github.com/usual2970/certimate/internal/pkg/utils/maps" "github.com/usual2970/certimate/internal/pkg/utils/maputil"
) )
const CollectionNameWorkflow = "workflow" const CollectionNameWorkflow = "workflow"
@@ -97,19 +97,19 @@ type WorkflowNodeConfigForNotify struct {
Message string `json:"message"` // 通知内容 Message string `json:"message"` // 通知内容
} }
func (n *WorkflowNode) getConfigValueAsString(key string) string { func (n *WorkflowNode) getConfigString(key string) string {
return maps.GetValueAsString(n.Config, key) return maputil.GetString(n.Config, key)
} }
func (n *WorkflowNode) getConfigValueAsBool(key string) bool { func (n *WorkflowNode) getConfigBool(key string) bool {
return maps.GetValueAsBool(n.Config, key) return maputil.GetBool(n.Config, key)
} }
func (n *WorkflowNode) getConfigValueAsInt32(key string) int32 { func (n *WorkflowNode) getConfigInt32(key string) int32 {
return maps.GetValueAsInt32(n.Config, key) return maputil.GetInt32(n.Config, key)
} }
func (n *WorkflowNode) getConfigValueAsMap(key string) map[string]any { func (n *WorkflowNode) getConfigMap(key string) map[string]any {
if val, ok := n.Config[key]; ok { if val, ok := n.Config[key]; ok {
if result, ok := val.(map[string]any); ok { if result, ok := val.(map[string]any); ok {
return result return result
@@ -120,50 +120,50 @@ func (n *WorkflowNode) getConfigValueAsMap(key string) map[string]any {
} }
func (n *WorkflowNode) GetConfigForApply() WorkflowNodeConfigForApply { func (n *WorkflowNode) GetConfigForApply() WorkflowNodeConfigForApply {
skipBeforeExpiryDays := n.getConfigValueAsInt32("skipBeforeExpiryDays") skipBeforeExpiryDays := n.getConfigInt32("skipBeforeExpiryDays")
if skipBeforeExpiryDays == 0 { if skipBeforeExpiryDays == 0 {
skipBeforeExpiryDays = 30 skipBeforeExpiryDays = 30
} }
return WorkflowNodeConfigForApply{ return WorkflowNodeConfigForApply{
Domains: n.getConfigValueAsString("domains"), Domains: n.getConfigString("domains"),
ContactEmail: n.getConfigValueAsString("contactEmail"), ContactEmail: n.getConfigString("contactEmail"),
Provider: n.getConfigValueAsString("provider"), Provider: n.getConfigString("provider"),
ProviderAccessId: n.getConfigValueAsString("providerAccessId"), ProviderAccessId: n.getConfigString("providerAccessId"),
ProviderConfig: n.getConfigValueAsMap("providerConfig"), ProviderConfig: n.getConfigMap("providerConfig"),
KeyAlgorithm: n.getConfigValueAsString("keyAlgorithm"), KeyAlgorithm: n.getConfigString("keyAlgorithm"),
Nameservers: n.getConfigValueAsString("nameservers"), Nameservers: n.getConfigString("nameservers"),
DnsPropagationTimeout: n.getConfigValueAsInt32("dnsPropagationTimeout"), DnsPropagationTimeout: n.getConfigInt32("dnsPropagationTimeout"),
DnsTTL: n.getConfigValueAsInt32("dnsTTL"), DnsTTL: n.getConfigInt32("dnsTTL"),
DisableFollowCNAME: n.getConfigValueAsBool("disableFollowCNAME"), DisableFollowCNAME: n.getConfigBool("disableFollowCNAME"),
DisableARI: n.getConfigValueAsBool("disableARI"), DisableARI: n.getConfigBool("disableARI"),
SkipBeforeExpiryDays: skipBeforeExpiryDays, SkipBeforeExpiryDays: skipBeforeExpiryDays,
} }
} }
func (n *WorkflowNode) GetConfigForUpload() WorkflowNodeConfigForUpload { func (n *WorkflowNode) GetConfigForUpload() WorkflowNodeConfigForUpload {
return WorkflowNodeConfigForUpload{ return WorkflowNodeConfigForUpload{
Certificate: n.getConfigValueAsString("certificate"), Certificate: n.getConfigString("certificate"),
PrivateKey: n.getConfigValueAsString("privateKey"), PrivateKey: n.getConfigString("privateKey"),
Domains: n.getConfigValueAsString("domains"), Domains: n.getConfigString("domains"),
} }
} }
func (n *WorkflowNode) GetConfigForDeploy() WorkflowNodeConfigForDeploy { func (n *WorkflowNode) GetConfigForDeploy() WorkflowNodeConfigForDeploy {
return WorkflowNodeConfigForDeploy{ return WorkflowNodeConfigForDeploy{
Certificate: n.getConfigValueAsString("certificate"), Certificate: n.getConfigString("certificate"),
Provider: n.getConfigValueAsString("provider"), Provider: n.getConfigString("provider"),
ProviderAccessId: n.getConfigValueAsString("providerAccessId"), ProviderAccessId: n.getConfigString("providerAccessId"),
ProviderConfig: n.getConfigValueAsMap("providerConfig"), ProviderConfig: n.getConfigMap("providerConfig"),
SkipOnLastSucceeded: n.getConfigValueAsBool("skipOnLastSucceeded"), SkipOnLastSucceeded: n.getConfigBool("skipOnLastSucceeded"),
} }
} }
func (n *WorkflowNode) GetConfigForNotify() WorkflowNodeConfigForNotify { func (n *WorkflowNode) GetConfigForNotify() WorkflowNodeConfigForNotify {
return WorkflowNodeConfigForNotify{ return WorkflowNodeConfigForNotify{
Channel: n.getConfigValueAsString("channel"), Channel: n.getConfigString("channel"),
Subject: n.getConfigValueAsString("subject"), Subject: n.getConfigString("subject"),
Message: n.getConfigValueAsString("message"), Message: n.getConfigString("message"),
} }
} }

30
internal/domain/workflow_log.go Normal file
View File

@@ -0,0 +1,30 @@
package domain
import "strings"
const CollectionNameWorkflowLog = "workflow_logs"
type WorkflowLog struct {
Meta
WorkflowId string `json:"workflowId" db:"workflowId"`
RunId string `json:"workflorunIdwId" db:"runId"`
NodeId string `json:"nodeId" db:"nodeId"`
NodeName string `json:"nodeName" db:"nodeName"`
Timestamp int64 `json:"timestamp" db:"timestamp"` // 毫秒级时间戳
Level string `json:"level" db:"level"`
Message string `json:"message" db:"message"`
Data map[string]any `json:"data" db:"data"`
}
type WorkflowLogs []WorkflowLog
func (r WorkflowLogs) ErrorString() string {
var builder strings.Builder
for _, log := range r {
if log.Level == "ERROR" {
builder.WriteString(log.Message)
builder.WriteString("\n")
}
}
return strings.TrimSpace(builder.String())
}

39
internal/domain/workflow_run.go
View File

@@ -1,7 +1,6 @@
package domain package domain
import ( import (
"strings"
"time" "time"
) )
@@ -14,7 +13,7 @@ type WorkflowRun struct {
Trigger WorkflowTriggerType `json:"trigger" db:"trigger"` Trigger WorkflowTriggerType `json:"trigger" db:"trigger"`
StartedAt time.Time `json:"startedAt" db:"startedAt"` StartedAt time.Time `json:"startedAt" db:"startedAt"`
EndedAt time.Time `json:"endedAt" db:"endedAt"` EndedAt time.Time `json:"endedAt" db:"endedAt"`
Logs []WorkflowRunLog `json:"logs" db:"logs"` Detail *WorkflowNode `json:"detail" db:"detail"`
Error string `json:"error" db:"error"` Error string `json:"error" db:"error"`
} }
@@ -27,39 +26,3 @@ const (
WorkflowRunStatusTypeFailed WorkflowRunStatusType = "failed" WorkflowRunStatusTypeFailed WorkflowRunStatusType = "failed"
WorkflowRunStatusTypeCanceled WorkflowRunStatusType = "canceled" WorkflowRunStatusTypeCanceled WorkflowRunStatusType = "canceled"
) )
type WorkflowRunLog struct {
NodeId string `json:"nodeId"`
NodeName string `json:"nodeName"`
Records []WorkflowRunLogRecord `json:"records"`
Error string `json:"error"`
}
type WorkflowRunLogRecord struct {
Time string `json:"time"`
Level WorkflowRunLogLevel `json:"level"`
Content string `json:"content"`
Error string `json:"error"`
}
type WorkflowRunLogLevel string
const (
WorkflowRunLogLevelDebug WorkflowRunLogLevel = "DEBUG"
WorkflowRunLogLevelInfo WorkflowRunLogLevel = "INFO"
WorkflowRunLogLevelWarn WorkflowRunLogLevel = "WARN"
WorkflowRunLogLevelError WorkflowRunLogLevel = "ERROR"
)
type WorkflowRunLogs []WorkflowRunLog
func (r WorkflowRunLogs) ErrorString() string {
var builder strings.Builder
for _, log := range r {
if log.Error != "" {
builder.WriteString(log.Error)
builder.WriteString("\n")
}
}
return builder.String()
}

4
internal/notify/notify.go
View File

@@ -9,7 +9,7 @@ import (
"github.com/usual2970/certimate/internal/domain" "github.com/usual2970/certimate/internal/domain"
"github.com/usual2970/certimate/internal/pkg/core/notifier" "github.com/usual2970/certimate/internal/pkg/core/notifier"
"github.com/usual2970/certimate/internal/pkg/utils/maps" "github.com/usual2970/certimate/internal/pkg/utils/maputil"
"github.com/usual2970/certimate/internal/repository" "github.com/usual2970/certimate/internal/repository"
) )
@@ -62,7 +62,7 @@ func getEnabledNotifiers() ([]notifier.Notifier, error) {
notifiers := make([]notifier.Notifier, 0) notifiers := make([]notifier.Notifier, 0)
for k, v := range rs { for k, v := range rs {
if !maps.GetValueAsBool(v, "enabled") { if !maputil.GetBool(v, "enabled") {
continue continue
} }

38
internal/notify/providers.go
View File

@@ -13,7 +13,7 @@ import (
pTelegram "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/telegram" pTelegram "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/telegram"
pWebhook "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/webhook" pWebhook "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/webhook"
pWeCom "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/wecom" pWeCom "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/wecom"
"github.com/usual2970/certimate/internal/pkg/utils/maps" "github.com/usual2970/certimate/internal/pkg/utils/maputil"
) )
func createNotifier(channel domain.NotifyChannelType, channelConfig map[string]any) (notifier.Notifier, error) { func createNotifier(channel domain.NotifyChannelType, channelConfig map[string]any) (notifier.Notifier, error) {
@@ -24,52 +24,52 @@ func createNotifier(channel domain.NotifyChannelType, channelConfig map[string]a
switch channel { switch channel {
case domain.NotifyChannelTypeBark: case domain.NotifyChannelTypeBark:
return pBark.NewNotifier(&pBark.NotifierConfig{ return pBark.NewNotifier(&pBark.NotifierConfig{
DeviceKey: maps.GetValueAsString(channelConfig, "deviceKey"), DeviceKey: maputil.GetString(channelConfig, "deviceKey"),
ServerUrl: maps.GetValueAsString(channelConfig, "serverUrl"), ServerUrl: maputil.GetString(channelConfig, "serverUrl"),
}) })
case domain.NotifyChannelTypeDingTalk: case domain.NotifyChannelTypeDingTalk:
return pDingTalk.NewNotifier(&pDingTalk.NotifierConfig{ return pDingTalk.NewNotifier(&pDingTalk.NotifierConfig{
AccessToken: maps.GetValueAsString(channelConfig, "accessToken"), AccessToken: maputil.GetString(channelConfig, "accessToken"),
Secret: maps.GetValueAsString(channelConfig, "secret"), Secret: maputil.GetString(channelConfig, "secret"),
}) })
case domain.NotifyChannelTypeEmail: case domain.NotifyChannelTypeEmail:
return pEmail.NewNotifier(&pEmail.NotifierConfig{ return pEmail.NewNotifier(&pEmail.NotifierConfig{
SmtpHost: maps.GetValueAsString(channelConfig, "smtpHost"), SmtpHost: maputil.GetString(channelConfig, "smtpHost"),
SmtpPort: maps.GetValueAsInt32(channelConfig, "smtpPort"), SmtpPort: maputil.GetInt32(channelConfig, "smtpPort"),
SmtpTLS: maps.GetValueOrDefaultAsBool(channelConfig, "smtpTLS", true), SmtpTLS: maputil.GetOrDefaultBool(channelConfig, "smtpTLS", true),
Username: maps.GetValueOrDefaultAsString(channelConfig, "username", maps.GetValueAsString(channelConfig, "senderAddress")), Username: maputil.GetOrDefaultString(channelConfig, "username", maputil.GetString(channelConfig, "senderAddress")),
Password: maps.GetValueAsString(channelConfig, "password"), Password: maputil.GetString(channelConfig, "password"),
SenderAddress: maps.GetValueAsString(channelConfig, "senderAddress"), SenderAddress: maputil.GetString(channelConfig, "senderAddress"),
ReceiverAddress: maps.GetValueAsString(channelConfig, "receiverAddress"), ReceiverAddress: maputil.GetString(channelConfig, "receiverAddress"),
}) })
case domain.NotifyChannelTypeLark: case domain.NotifyChannelTypeLark:
return pLark.NewNotifier(&pLark.NotifierConfig{ return pLark.NewNotifier(&pLark.NotifierConfig{
WebhookUrl: maps.GetValueAsString(channelConfig, "webhookUrl"), WebhookUrl: maputil.GetString(channelConfig, "webhookUrl"),
}) })
case domain.NotifyChannelTypeServerChan: case domain.NotifyChannelTypeServerChan:
return pServerChan.NewNotifier(&pServerChan.NotifierConfig{ return pServerChan.NewNotifier(&pServerChan.NotifierConfig{
Url: maps.GetValueAsString(channelConfig, "url"), Url: maputil.GetString(channelConfig, "url"),
}) })
case domain.NotifyChannelTypeTelegram: case domain.NotifyChannelTypeTelegram:
return pTelegram.NewNotifier(&pTelegram.NotifierConfig{ return pTelegram.NewNotifier(&pTelegram.NotifierConfig{
ApiToken: maps.GetValueAsString(channelConfig, "apiToken"), ApiToken: maputil.GetString(channelConfig, "apiToken"),
ChatId: maps.GetValueAsInt64(channelConfig, "chatId"), ChatId: maputil.GetInt64(channelConfig, "chatId"),
}) })
case domain.NotifyChannelTypeWebhook: case domain.NotifyChannelTypeWebhook:
return pWebhook.NewNotifier(&pWebhook.NotifierConfig{ return pWebhook.NewNotifier(&pWebhook.NotifierConfig{
Url: maps.GetValueAsString(channelConfig, "url"), Url: maputil.GetString(channelConfig, "url"),
AllowInsecureConnections: maps.GetValueAsBool(channelConfig, "allowInsecureConnections"), AllowInsecureConnections: maputil.GetBool(channelConfig, "allowInsecureConnections"),
}) })
case domain.NotifyChannelTypeWeCom: case domain.NotifyChannelTypeWeCom:
return pWeCom.NewNotifier(&pWeCom.NotifierConfig{ return pWeCom.NewNotifier(&pWeCom.NotifierConfig{
WebhookUrl: maps.GetValueAsString(channelConfig, "webhookUrl"), WebhookUrl: maputil.GetString(channelConfig, "webhookUrl"),
}) })
} }

7
internal/pkg/core/deployer/deployer.go
View File

@@ -1,10 +1,15 @@
package deployer package deployer
import "context" import (
"context"
"log/slog"
)
// 表示定义证书部署器的抽象类型接口。 // 表示定义证书部署器的抽象类型接口。
// 注意与 `Uploader` 区分,“部署”通常为“上传”的后置操作。 // 注意与 `Uploader` 区分,“部署”通常为“上传”的后置操作。
type Deployer interface { type Deployer interface {
WithLogger(logger *slog.Logger) Deployer
// 部署证书。 // 部署证书。
// //
// 入参: // 入参:

17
internal/pkg/core/deployer/providers/1panel-console/1panel_console.go
View File

@@ -4,12 +4,12 @@ import (
"context" "context"
"crypto/tls" "crypto/tls"
"errors" "errors"
"log/slog"
"net/url" "net/url"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
opsdk "github.com/usual2970/certimate/internal/pkg/vendors/1panel-sdk" opsdk "github.com/usual2970/certimate/internal/pkg/vendors/1panel-sdk"
) )
@@ -26,7 +26,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *opsdk.Client sdkClient *opsdk.Client
} }
@@ -44,13 +44,17 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -68,10 +72,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
updateSystemSSLReq.AutoRestart = "false" updateSystemSSLReq.AutoRestart = "false"
} }
updateSystemSSLResp, err := d.sdkClient.UpdateSystemSSL(updateSystemSSLReq) updateSystemSSLResp, err := d.sdkClient.UpdateSystemSSL(updateSystemSSLReq)
d.logger.Debug("sdk request '1panel.UpdateSystemSSL'", slog.Any("request", updateSystemSSLReq), slog.Any("response", updateSystemSSLResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request '1panel.UpdateSystemSSL'") return nil, xerrors.Wrap(err, "failed to execute sdk request '1panel.UpdateSystemSSL'")
} else {
d.logger.Logt("已设置面板 SSL 证书", updateSystemSSLResp)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

23
internal/pkg/core/deployer/providers/1panel-site/1panel_site.go
View File

@@ -4,13 +4,13 @@ import (
"context" "context"
"crypto/tls" "crypto/tls"
"errors" "errors"
"log/slog"
"net/url" "net/url"
"strconv" "strconv"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/1panel-ssl" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/1panel-ssl"
opsdk "github.com/usual2970/certimate/internal/pkg/vendors/1panel-sdk" opsdk "github.com/usual2970/certimate/internal/pkg/vendors/1panel-sdk"
@@ -29,7 +29,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *opsdk.Client sdkClient *opsdk.Client
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -56,14 +56,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -73,10 +78,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
WebsiteID: d.config.WebsiteId, WebsiteID: d.config.WebsiteId,
} }
getHttpsConfResp, err := d.sdkClient.GetHttpsConf(getHttpsConfReq) getHttpsConfResp, err := d.sdkClient.GetHttpsConf(getHttpsConfReq)
d.logger.Debug("sdk request '1panel.GetHttpsConf'", slog.Any("request", getHttpsConfReq), slog.Any("response", getHttpsConfResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request '1panel.GetHttpsConf'") return nil, xerrors.Wrap(err, "failed to execute sdk request '1panel.GetHttpsConf'")
} else {
d.logger.Logt("已获取网站 HTTPS 配置", getHttpsConfResp)
} }
// 上传证书到面板 // 上传证书到面板
@@ -84,7 +88,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else { } else {
d.logger.Logt("certificate file uploaded", upres) d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
// 修改网站 HTTPS 配置 // 修改网站 HTTPS 配置
@@ -100,10 +104,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
Hsts: getHttpsConfResp.Data.Hsts, Hsts: getHttpsConfResp.Data.Hsts,
} }
updateHttpsConfResp, err := d.sdkClient.UpdateHttpsConf(updateHttpsConfReq) updateHttpsConfResp, err := d.sdkClient.UpdateHttpsConf(updateHttpsConfReq)
d.logger.Debug("sdk request '1panel.UpdateHttpsConf'", slog.Any("request", updateHttpsConfReq), slog.Any("response", updateHttpsConfResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request '1panel.UpdateHttpsConf'") return nil, xerrors.Wrap(err, "failed to execute sdk request '1panel.UpdateHttpsConf'")
} else {
d.logger.Logt("已获取网站 HTTPS 配置", updateHttpsConfResp)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

48
internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"strconv" "strconv"
"strings" "strings"
"time" "time"
@@ -16,7 +17,6 @@ import (
"golang.org/x/exp/slices" "golang.org/x/exp/slices"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas"
) )
@@ -43,7 +43,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClients *wSdkClients sdkClients *wSdkClients
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -72,14 +72,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClients: clients, sdkClients: clients,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -88,10 +93,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 根据部署资源类型决定部署方式 // 根据部署资源类型决定部署方式
switch d.config.ResourceType { switch d.config.ResourceType {
case RESOURCE_TYPE_LOADBALANCER: case RESOURCE_TYPE_LOADBALANCER:
@@ -122,12 +127,11 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
LoadBalancerId: tea.String(d.config.LoadbalancerId), LoadBalancerId: tea.String(d.config.LoadbalancerId),
} }
getLoadBalancerAttributeResp, err := d.sdkClients.alb.GetLoadBalancerAttribute(getLoadBalancerAttributeReq) getLoadBalancerAttributeResp, err := d.sdkClients.alb.GetLoadBalancerAttribute(getLoadBalancerAttributeReq)
d.logger.Debug("sdk request 'alb.GetLoadBalancerAttribute'", slog.Any("request", getLoadBalancerAttributeReq), slog.Any("response", getLoadBalancerAttributeResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.GetLoadBalancerAttribute'") return xerrors.Wrap(err, "failed to execute sdk request 'alb.GetLoadBalancerAttribute'")
} }
d.logger.Logt("已查询到 ALB 负载均衡实例", getLoadBalancerAttributeResp)
// 查询 HTTPS 监听列表 // 查询 HTTPS 监听列表
// REF: https://help.aliyun.com/zh/slb/application-load-balancer/developer-reference/api-alb-2020-06-16-listlisteners // REF: https://help.aliyun.com/zh/slb/application-load-balancer/developer-reference/api-alb-2020-06-16-listlisteners
listenerIds := make([]string, 0) listenerIds := make([]string, 0)
@@ -141,6 +145,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
ListenerProtocol: tea.String("HTTPS"), ListenerProtocol: tea.String("HTTPS"),
} }
listListenersResp, err := d.sdkClients.alb.ListListeners(listListenersReq) listListenersResp, err := d.sdkClients.alb.ListListeners(listListenersReq)
d.logger.Debug("sdk request 'alb.ListListeners'", slog.Any("request", listListenersReq), slog.Any("response", listListenersResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.ListListeners'") return xerrors.Wrap(err, "failed to execute sdk request 'alb.ListListeners'")
} }
@@ -158,8 +163,6 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
} }
} }
d.logger.Logt("已查询到 ALB 负载均衡实例下的全部 HTTPS 监听", listenerIds)
// 查询 QUIC 监听列表 // 查询 QUIC 监听列表
// REF: https://help.aliyun.com/zh/slb/application-load-balancer/developer-reference/api-alb-2020-06-16-listlisteners // REF: https://help.aliyun.com/zh/slb/application-load-balancer/developer-reference/api-alb-2020-06-16-listlisteners
listListenersToken = nil listListenersToken = nil
@@ -171,6 +174,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
ListenerProtocol: tea.String("QUIC"), ListenerProtocol: tea.String("QUIC"),
} }
listListenersResp, err := d.sdkClients.alb.ListListeners(listListenersReq) listListenersResp, err := d.sdkClients.alb.ListListeners(listListenersReq)
d.logger.Debug("sdk request 'alb.ListListeners'", slog.Any("request", listListenersReq), slog.Any("response", listListenersResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.ListListeners'") return xerrors.Wrap(err, "failed to execute sdk request 'alb.ListListeners'")
} }
@@ -188,13 +192,12 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
} }
} }
d.logger.Logt("已查询到 ALB 负载均衡实例下的全部 QUIC 监听", listenerIds)
// 遍历更新监听证书 // 遍历更新监听证书
if len(listenerIds) == 0 { if len(listenerIds) == 0 {
return errors.New("listener not found") d.logger.Info("no alb listeners to deploy")
} else { } else {
var errs []error var errs []error
d.logger.Info("found https/quic listeners to deploy", slog.Any("listenerIds", listenerIds))
for _, listenerId := range listenerIds { for _, listenerId := range listenerIds {
if err := d.updateListenerCertificate(ctx, listenerId, cloudCertId); err != nil { if err := d.updateListenerCertificate(ctx, listenerId, cloudCertId); err != nil {
@@ -230,12 +233,11 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
ListenerId: tea.String(cloudListenerId), ListenerId: tea.String(cloudListenerId),
} }
getListenerAttributeResp, err := d.sdkClients.alb.GetListenerAttribute(getListenerAttributeReq) getListenerAttributeResp, err := d.sdkClients.alb.GetListenerAttribute(getListenerAttributeReq)
d.logger.Debug("sdk request 'alb.GetListenerAttribute'", slog.Any("request", getListenerAttributeReq), slog.Any("response", getListenerAttributeResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.GetListenerAttribute'") return xerrors.Wrap(err, "failed to execute sdk request 'alb.GetListenerAttribute'")
} }
d.logger.Logt("已查询到 ALB 监听配置", getListenerAttributeResp)
if d.config.Domain == "" { if d.config.Domain == "" {
// 未指定 SNI只需部署到监听器 // 未指定 SNI只需部署到监听器
@@ -248,11 +250,10 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
}}, }},
} }
updateListenerAttributeResp, err := d.sdkClients.alb.UpdateListenerAttribute(updateListenerAttributeReq) updateListenerAttributeResp, err := d.sdkClients.alb.UpdateListenerAttribute(updateListenerAttributeReq)
d.logger.Debug("sdk request 'alb.UpdateListenerAttribute'", slog.Any("request", updateListenerAttributeReq), slog.Any("response", updateListenerAttributeResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.UpdateListenerAttribute'") return xerrors.Wrap(err, "failed to execute sdk request 'alb.UpdateListenerAttribute'")
} }
d.logger.Logt("已更新 ALB 监听配置", updateListenerAttributeResp)
} else { } else {
// 指定 SNI需部署到扩展域名 // 指定 SNI需部署到扩展域名
@@ -269,6 +270,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
CertificateType: tea.String("Server"), CertificateType: tea.String("Server"),
} }
listListenerCertificatesResp, err := d.sdkClients.alb.ListListenerCertificates(listListenerCertificatesReq) listListenerCertificatesResp, err := d.sdkClients.alb.ListListenerCertificates(listListenerCertificatesReq)
d.logger.Debug("sdk request 'alb.ListListenerCertificates'", slog.Any("request", listListenerCertificatesReq), slog.Any("response", listListenerCertificatesResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.ListListenerCertificates'") return xerrors.Wrap(err, "failed to execute sdk request 'alb.ListListenerCertificates'")
} }
@@ -286,14 +288,13 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
} }
} }
d.logger.Logt("已查询到 ALB 监听下全部证书", listenerCertificates)
// 遍历查询监听证书,并找出需要解除关联的证书 // 遍历查询监听证书,并找出需要解除关联的证书
// REF: https://help.aliyun.com/zh/slb/application-load-balancer/developer-reference/api-alb-2020-06-16-listlistenercertificates // REF: https://help.aliyun.com/zh/slb/application-load-balancer/developer-reference/api-alb-2020-06-16-listlistenercertificates
// REF: https://help.aliyun.com/zh/ssl-certificate/developer-reference/api-cas-2020-04-07-getusercertificatedetail // REF: https://help.aliyun.com/zh/ssl-certificate/developer-reference/api-cas-2020-04-07-getusercertificatedetail
certificateIsAssociated := false certificateIsAssociated := false
certificateIdsExpired := make([]string, 0) certificateIdsExpired := make([]string, 0)
if len(listenerCertificates) > 0 { if len(listenerCertificates) > 0 {
d.logger.Info("found listener certificates to deploy", slog.Any("listenerCertificates", listenerCertificates))
var errs []error var errs []error
for _, listenerCertificate := range listenerCertificates { for _, listenerCertificate := range listenerCertificates {
@@ -318,6 +319,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
CertId: tea.Int64(certificateIdAsInt64), CertId: tea.Int64(certificateIdAsInt64),
} }
getUserCertificateDetailResp, err := d.sdkClients.cas.GetUserCertificateDetail(getUserCertificateDetailReq) getUserCertificateDetailResp, err := d.sdkClients.cas.GetUserCertificateDetail(getUserCertificateDetailReq)
d.logger.Debug("sdk request 'cas.GetUserCertificateDetail'", slog.Any("request", getUserCertificateDetailReq), slog.Any("response", getUserCertificateDetailResp))
if err != nil { if err != nil {
errs = append(errs, xerrors.Wrap(err, "failed to execute sdk request 'cas.GetUserCertificateDetail'")) errs = append(errs, xerrors.Wrap(err, "failed to execute sdk request 'cas.GetUserCertificateDetail'"))
continue continue
@@ -354,11 +356,10 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
}, },
} }
associateAdditionalCertificatesFromListenerResp, err := d.sdkClients.alb.AssociateAdditionalCertificatesWithListener(associateAdditionalCertificatesFromListenerReq) associateAdditionalCertificatesFromListenerResp, err := d.sdkClients.alb.AssociateAdditionalCertificatesWithListener(associateAdditionalCertificatesFromListenerReq)
d.logger.Debug("sdk request 'alb.AssociateAdditionalCertificatesWithListener'", slog.Any("request", associateAdditionalCertificatesFromListenerReq), slog.Any("response", associateAdditionalCertificatesFromListenerResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.AssociateAdditionalCertificatesWithListener'") return xerrors.Wrap(err, "failed to execute sdk request 'alb.AssociateAdditionalCertificatesWithListener'")
} }
d.logger.Logt("已关联 ALB 监听和扩展证书", associateAdditionalCertificatesFromListenerResp)
} }
// 解除关联监听和扩展证书 // 解除关联监听和扩展证书
@@ -376,11 +377,10 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
Certificates: dissociateAdditionalCertificates, Certificates: dissociateAdditionalCertificates,
} }
dissociateAdditionalCertificatesFromListenerResp, err := d.sdkClients.alb.DissociateAdditionalCertificatesFromListener(dissociateAdditionalCertificatesFromListenerReq) dissociateAdditionalCertificatesFromListenerResp, err := d.sdkClients.alb.DissociateAdditionalCertificatesFromListener(dissociateAdditionalCertificatesFromListenerReq)
d.logger.Debug("sdk request 'alb.DissociateAdditionalCertificatesFromListener'", slog.Any("request", dissociateAdditionalCertificatesFromListenerReq), slog.Any("response", dissociateAdditionalCertificatesFromListenerResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.DissociateAdditionalCertificatesFromListener'") return xerrors.Wrap(err, "failed to execute sdk request 'alb.DissociateAdditionalCertificatesFromListener'")
} }
d.logger.Logt("已解除关联 ALB 监听和扩展证书", dissociateAdditionalCertificatesFromListenerResp)
} }
} }

29
internal/pkg/core/deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"strings" "strings"
"time" "time"
@@ -13,7 +14,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas"
) )
@@ -34,7 +34,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *aliyunCas.Client sdkClient *aliyunCas.Client
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -58,14 +58,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -78,10 +83,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
contactIds := d.config.ContactIds contactIds := d.config.ContactIds
if len(contactIds) == 0 { if len(contactIds) == 0 {
// 获取联系人列表 // 获取联系人列表
@@ -90,6 +95,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
listContactReq.ShowSize = tea.Int32(1) listContactReq.ShowSize = tea.Int32(1)
listContactReq.CurrentPage = tea.Int32(1) listContactReq.CurrentPage = tea.Int32(1)
listContactResp, err := d.sdkClient.ListContact(listContactReq) listContactResp, err := d.sdkClient.ListContact(listContactReq)
d.logger.Debug("sdk request 'cas.ListContact'", slog.Any("request", listContactReq), slog.Any("response", listContactResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.ListContact'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.ListContact'")
} }
@@ -109,12 +115,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
ContactIds: tea.String(strings.Join(contactIds, ",")), ContactIds: tea.String(strings.Join(contactIds, ",")),
} }
createDeploymentJobResp, err := d.sdkClient.CreateDeploymentJob(createDeploymentJobReq) createDeploymentJobResp, err := d.sdkClient.CreateDeploymentJob(createDeploymentJobReq)
d.logger.Debug("sdk request 'cas.CreateDeploymentJob'", slog.Any("request", createDeploymentJobReq), slog.Any("response", createDeploymentJobResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.CreateDeploymentJob'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.CreateDeploymentJob'")
} }
d.logger.Logt("已创建部署任务", createDeploymentJobResp)
// 循环获取部署任务详情,等待任务状态变更 // 循环获取部署任务详情,等待任务状态变更
// REF: https://help.aliyun.com/zh/ssl-certificate/developer-reference/api-cas-2020-04-07-describedeploymentjob // REF: https://help.aliyun.com/zh/ssl-certificate/developer-reference/api-cas-2020-04-07-describedeploymentjob
for { for {
@@ -126,20 +131,20 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
JobId: createDeploymentJobResp.Body.JobId, JobId: createDeploymentJobResp.Body.JobId,
} }
describeDeploymentJobResp, err := d.sdkClient.DescribeDeploymentJob(describeDeploymentJobReq) describeDeploymentJobResp, err := d.sdkClient.DescribeDeploymentJob(describeDeploymentJobReq)
d.logger.Debug("sdk request 'cas.DescribeDeploymentJob'", slog.Any("request", describeDeploymentJobReq), slog.Any("response", describeDeploymentJobResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.DescribeDeploymentJob'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.DescribeDeploymentJob'")
} }
if describeDeploymentJobResp.Body.Status == nil || *describeDeploymentJobResp.Body.Status == "editing" { if describeDeploymentJobResp.Body.Status == nil || *describeDeploymentJobResp.Body.Status == "editing" {
return nil, errors.New("部署任务状态异常") return nil, errors.New("unexpected deployment job status")
} }
if *describeDeploymentJobResp.Body.Status == "success" || *describeDeploymentJobResp.Body.Status == "error" { if *describeDeploymentJobResp.Body.Status == "success" || *describeDeploymentJobResp.Body.Status == "error" {
d.logger.Logt("已获取部署任务详情", describeDeploymentJobResp)
break break
} }
d.logger.Logt("部署任务未完成 ...") d.logger.Info("waiting for deployment job completion ...")
time.Sleep(time.Second * 5) time.Sleep(time.Second * 5)
} }

17
internal/pkg/core/deployer/providers/aliyun-cdn/aliyun_cdn.go
View File

@@ -3,6 +3,7 @@
import ( import (
"context" "context"
"fmt" "fmt"
"log/slog"
"strings" "strings"
"time" "time"
@@ -12,7 +13,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
) )
type DeployerConfig struct { type DeployerConfig struct {
@@ -26,7 +26,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *aliyunCdn.Client sdkClient *aliyunCdn.Client
} }
@@ -44,13 +44,17 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -69,12 +73,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
SSLPri: tea.String(privkeyPem), SSLPri: tea.String(privkeyPem),
} }
setCdnDomainSSLCertificateResp, err := d.sdkClient.SetCdnDomainSSLCertificate(setCdnDomainSSLCertificateReq) setCdnDomainSSLCertificateResp, err := d.sdkClient.SetCdnDomainSSLCertificate(setCdnDomainSSLCertificateReq)
d.logger.Debug("sdk request 'cdn.SetCdnDomainSSLCertificate'", slog.Any("request", setCdnDomainSSLCertificateReq), slog.Any("response", setCdnDomainSSLCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.SetCdnDomainSSLCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.SetCdnDomainSSLCertificate'")
} }
d.logger.Logt("已设置 CDN 域名证书", setCdnDomainSSLCertificateResp)
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }

40
internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client" aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
aliyunSlb "github.com/alibabacloud-go/slb-20140515/v4/client" aliyunSlb "github.com/alibabacloud-go/slb-20140515/v4/client"
@@ -11,7 +12,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-slb" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-slb"
) )
@@ -38,7 +38,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *aliyunSlb.Client sdkClient *aliyunSlb.Client
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -66,14 +66,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -82,10 +87,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 根据部署资源类型决定部署方式 // 根据部署资源类型决定部署方式
switch d.config.ResourceType { switch d.config.ResourceType {
case RESOURCE_TYPE_LOADBALANCER: case RESOURCE_TYPE_LOADBALANCER:
@@ -117,12 +122,11 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
LoadBalancerId: tea.String(d.config.LoadbalancerId), LoadBalancerId: tea.String(d.config.LoadbalancerId),
} }
describeLoadBalancerAttributeResp, err := d.sdkClient.DescribeLoadBalancerAttribute(describeLoadBalancerAttributeReq) describeLoadBalancerAttributeResp, err := d.sdkClient.DescribeLoadBalancerAttribute(describeLoadBalancerAttributeReq)
d.logger.Debug("sdk request 'slb.DescribeLoadBalancerAttribute'", slog.Any("request", describeLoadBalancerAttributeReq), slog.Any("response", describeLoadBalancerAttributeResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeLoadBalancerAttribute'") return xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeLoadBalancerAttribute'")
} }
d.logger.Logt("已查询到 CLB 负载均衡实例", describeLoadBalancerAttributeResp)
// 查询 HTTPS 监听列表 // 查询 HTTPS 监听列表
// REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-describeloadbalancerlisteners // REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-describeloadbalancerlisteners
listenerPorts := make([]int32, 0) listenerPorts := make([]int32, 0)
@@ -137,6 +141,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
ListenerProtocol: tea.String("https"), ListenerProtocol: tea.String("https"),
} }
describeLoadBalancerListenersResp, err := d.sdkClient.DescribeLoadBalancerListeners(describeLoadBalancerListenersReq) describeLoadBalancerListenersResp, err := d.sdkClient.DescribeLoadBalancerListeners(describeLoadBalancerListenersReq)
d.logger.Debug("sdk request 'slb.DescribeLoadBalancerListeners'", slog.Any("request", describeLoadBalancerListenersReq), slog.Any("response", describeLoadBalancerListenersResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeLoadBalancerListeners'") return xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeLoadBalancerListeners'")
} }
@@ -154,12 +159,11 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
} }
} }
d.logger.Logt("已查询到 CLB 负载均衡实例下的全部 HTTPS 监听", listenerPorts)
// 遍历更新监听证书 // 遍历更新监听证书
if len(listenerPorts) == 0 { if len(listenerPorts) == 0 {
return errors.New("listener not found") d.logger.Info("no clb listeners to deploy")
} else { } else {
d.logger.Info("found https listeners to deploy", slog.Any("listenerPorts", listenerPorts))
var errs []error var errs []error
for _, listenerPort := range listenerPorts { for _, listenerPort := range listenerPorts {
@@ -200,12 +204,11 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
ListenerPort: tea.Int32(cloudListenerPort), ListenerPort: tea.Int32(cloudListenerPort),
} }
describeLoadBalancerHTTPSListenerAttributeResp, err := d.sdkClient.DescribeLoadBalancerHTTPSListenerAttribute(describeLoadBalancerHTTPSListenerAttributeReq) describeLoadBalancerHTTPSListenerAttributeResp, err := d.sdkClient.DescribeLoadBalancerHTTPSListenerAttribute(describeLoadBalancerHTTPSListenerAttributeReq)
d.logger.Debug("sdk request 'slb.DescribeLoadBalancerHTTPSListenerAttribute'", slog.Any("request", describeLoadBalancerHTTPSListenerAttributeReq), slog.Any("response", describeLoadBalancerHTTPSListenerAttributeResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeLoadBalancerHTTPSListenerAttribute'") return xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeLoadBalancerHTTPSListenerAttribute'")
} }
d.logger.Logt("已查询到 CLB HTTPS 监听配置", describeLoadBalancerHTTPSListenerAttributeResp)
if d.config.Domain == "" { if d.config.Domain == "" {
// 未指定 SNI只需部署到监听器 // 未指定 SNI只需部署到监听器
@@ -218,11 +221,10 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
ServerCertificateId: tea.String(cloudCertId), ServerCertificateId: tea.String(cloudCertId),
} }
setLoadBalancerHTTPSListenerAttributeResp, err := d.sdkClient.SetLoadBalancerHTTPSListenerAttribute(setLoadBalancerHTTPSListenerAttributeReq) setLoadBalancerHTTPSListenerAttributeResp, err := d.sdkClient.SetLoadBalancerHTTPSListenerAttribute(setLoadBalancerHTTPSListenerAttributeReq)
d.logger.Debug("sdk request 'slb.SetLoadBalancerHTTPSListenerAttribute'", slog.Any("request", setLoadBalancerHTTPSListenerAttributeReq), slog.Any("response", setLoadBalancerHTTPSListenerAttributeResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'slb.SetLoadBalancerHTTPSListenerAttribute'") return xerrors.Wrap(err, "failed to execute sdk request 'slb.SetLoadBalancerHTTPSListenerAttribute'")
} }
d.logger.Logt("已更新 CLB HTTPS 监听配置", setLoadBalancerHTTPSListenerAttributeResp)
} else { } else {
// 指定 SNI需部署到扩展域名 // 指定 SNI需部署到扩展域名
@@ -234,12 +236,11 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
ListenerPort: tea.Int32(cloudListenerPort), ListenerPort: tea.Int32(cloudListenerPort),
} }
describeDomainExtensionsResp, err := d.sdkClient.DescribeDomainExtensions(describeDomainExtensionsReq) describeDomainExtensionsResp, err := d.sdkClient.DescribeDomainExtensions(describeDomainExtensionsReq)
d.logger.Debug("sdk request 'slb.DescribeDomainExtensions'", slog.Any("request", describeDomainExtensionsReq), slog.Any("response", describeDomainExtensionsResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeDomainExtensions'") return xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeDomainExtensions'")
} }
d.logger.Logt("已查询到 CLB 扩展域名", describeDomainExtensionsResp)
// 遍历修改扩展域名 // 遍历修改扩展域名
// REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-setdomainextensionattribute // REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-setdomainextensionattribute
if describeDomainExtensionsResp.Body.DomainExtensions != nil && describeDomainExtensionsResp.Body.DomainExtensions.DomainExtension != nil { if describeDomainExtensionsResp.Body.DomainExtensions != nil && describeDomainExtensionsResp.Body.DomainExtensions.DomainExtension != nil {
@@ -256,12 +257,11 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
ServerCertificateId: tea.String(cloudCertId), ServerCertificateId: tea.String(cloudCertId),
} }
setDomainExtensionAttributeResp, err := d.sdkClient.SetDomainExtensionAttribute(setDomainExtensionAttributeReq) setDomainExtensionAttributeResp, err := d.sdkClient.SetDomainExtensionAttribute(setDomainExtensionAttributeReq)
d.logger.Debug("sdk request 'slb.SetDomainExtensionAttribute'", slog.Any("request", setDomainExtensionAttributeReq), slog.Any("response", setDomainExtensionAttributeResp))
if err != nil { if err != nil {
errs = append(errs, xerrors.Wrap(err, "failed to execute sdk request 'slb.SetDomainExtensionAttribute'")) errs = append(errs, xerrors.Wrap(err, "failed to execute sdk request 'slb.SetDomainExtensionAttribute'"))
continue continue
} }
d.logger.Logt("已修改 CLB 扩展域名", setDomainExtensionAttributeResp)
} }
if len(errs) > 0 { if len(errs) > 0 {

17
internal/pkg/core/deployer/providers/aliyun-dcdn/aliyun_dcdn.go
View File

@@ -3,6 +3,7 @@
import ( import (
"context" "context"
"fmt" "fmt"
"log/slog"
"strings" "strings"
"time" "time"
@@ -12,7 +13,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
) )
type DeployerConfig struct { type DeployerConfig struct {
@@ -26,7 +26,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *aliyunDcdn.Client sdkClient *aliyunDcdn.Client
} }
@@ -44,13 +44,17 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -69,12 +73,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
SSLPri: tea.String(privkeyPem), SSLPri: tea.String(privkeyPem),
} }
setDcdnDomainSSLCertificateResp, err := d.sdkClient.SetDcdnDomainSSLCertificate(setDcdnDomainSSLCertificateReq) setDcdnDomainSSLCertificateResp, err := d.sdkClient.SetDcdnDomainSSLCertificate(setDcdnDomainSSLCertificateReq)
d.logger.Debug("sdk request 'dcdn.SetDcdnDomainSSLCertificate'", slog.Any("request", setDcdnDomainSSLCertificateReq), slog.Any("response", setDcdnDomainSSLCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'dcdn.SetDcdnDomainSSLCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'dcdn.SetDcdnDomainSSLCertificate'")
} }
d.logger.Logt("已配置 DCDN 域名证书", setDcdnDomainSSLCertificateResp)
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }

22
internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"strconv" "strconv"
"strings" "strings"
@@ -13,7 +14,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas"
) )
@@ -31,7 +31,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *aliyunEsa.Client sdkClient *aliyunEsa.Client
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -55,14 +55,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -75,10 +80,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 配置站点证书 // 配置站点证书
// REF: https://help.aliyun.com/zh/edge-security-acceleration/esa/api-esa-2024-09-10-setcertificate // REF: https://help.aliyun.com/zh/edge-security-acceleration/esa/api-esa-2024-09-10-setcertificate
certId, _ := strconv.ParseInt(upres.CertId, 10, 64) certId, _ := strconv.ParseInt(upres.CertId, 10, 64)
@@ -88,12 +93,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
CasId: tea.Int64(certId), CasId: tea.Int64(certId),
} }
setCertificateResp, err := d.sdkClient.SetCertificate(setCertificateReq) setCertificateResp, err := d.sdkClient.SetCertificate(setCertificateReq)
d.logger.Debug("sdk request 'esa.SetCertificate'", slog.Any("request", setCertificateReq), slog.Any("response", setCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'esa.SetCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'esa.SetCertificate'")
} }
d.logger.Logt("已配置站点证书", setCertificateResp)
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }

2
internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa_test.go
View File

@@ -28,7 +28,7 @@ func init() {
flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "")
flag.StringVar(&fAccessKeySecret, argsPrefix+"ACCESSKEYSECRET", "", "") flag.StringVar(&fAccessKeySecret, argsPrefix+"ACCESSKEYSECRET", "", "")
flag.StringVar(&fRegion, argsPrefix+"REGION", "", "") flag.StringVar(&fRegion, argsPrefix+"REGION", "", "")
flag.Int64Var(&fSiteId, argsPrefix+"SITEID", "", "") flag.Int64Var(&fSiteId, argsPrefix+"SITEID", 0, "")
} }
/* /*

29
internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc.go
View File

@@ -3,6 +3,7 @@
import ( import (
"context" "context"
"fmt" "fmt"
"log/slog"
"time" "time"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client" aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
@@ -12,7 +13,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
) )
type DeployerConfig struct { type DeployerConfig struct {
@@ -23,7 +23,6 @@ type DeployerConfig struct {
// 阿里云地域。 // 阿里云地域。
Region string `json:"region"` Region string `json:"region"`
// 服务版本。 // 服务版本。
// 零值时默认为 "3.0"。
ServiceVersion string `json:"serviceVersion"` ServiceVersion string `json:"serviceVersion"`
// 自定义域名(不支持泛域名)。 // 自定义域名(不支持泛域名)。
Domain string `json:"domain"` Domain string `json:"domain"`
@@ -31,7 +30,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClients *wSdkClients sdkClients *wSdkClients
} }
@@ -54,19 +53,23 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClients: clients, sdkClients: clients,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) { func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
switch d.config.ServiceVersion { switch d.config.ServiceVersion {
case "", "3.0": case "3.0":
if err := d.deployToFC3(ctx, certPem, privkeyPem); err != nil { if err := d.deployToFC3(ctx, certPem, privkeyPem); err != nil {
return nil, err return nil, err
} }
@@ -87,10 +90,9 @@ func (d *DeployerProvider) deployToFC3(ctx context.Context, certPem string, priv
// 获取自定义域名 // 获取自定义域名
// REF: https://help.aliyun.com/zh/functioncompute/fc-3-0/developer-reference/api-fc-2023-03-30-getcustomdomain // REF: https://help.aliyun.com/zh/functioncompute/fc-3-0/developer-reference/api-fc-2023-03-30-getcustomdomain
getCustomDomainResp, err := d.sdkClients.fc3.GetCustomDomain(tea.String(d.config.Domain)) getCustomDomainResp, err := d.sdkClients.fc3.GetCustomDomain(tea.String(d.config.Domain))
d.logger.Debug("sdk request 'fc.GetCustomDomain'", slog.Any("response", getCustomDomainResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'fc.GetCustomDomain'") return xerrors.Wrap(err, "failed to execute sdk request 'fc.GetCustomDomain'")
} else {
d.logger.Logt("已获取自定义域名", getCustomDomainResp)
} }
// 更新自定义域名 // 更新自定义域名
@@ -107,10 +109,9 @@ func (d *DeployerProvider) deployToFC3(ctx context.Context, certPem string, priv
}, },
} }
updateCustomDomainResp, err := d.sdkClients.fc3.UpdateCustomDomain(tea.String(d.config.Domain), updateCustomDomainReq) updateCustomDomainResp, err := d.sdkClients.fc3.UpdateCustomDomain(tea.String(d.config.Domain), updateCustomDomainReq)
d.logger.Debug("sdk request 'fc.UpdateCustomDomain'", slog.Any("request", updateCustomDomainReq), slog.Any("response", updateCustomDomainResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'fc.UpdateCustomDomain'") return xerrors.Wrap(err, "failed to execute sdk request 'fc.UpdateCustomDomain'")
} else {
d.logger.Logt("已更新自定义域名", updateCustomDomainResp)
} }
return nil return nil
@@ -120,10 +121,9 @@ func (d *DeployerProvider) deployToFC2(ctx context.Context, certPem string, priv
// 获取自定义域名 // 获取自定义域名
// REF: https://help.aliyun.com/zh/functioncompute/fc-2-0/developer-reference/api-fc-open-2021-04-06-getcustomdomain // REF: https://help.aliyun.com/zh/functioncompute/fc-2-0/developer-reference/api-fc-open-2021-04-06-getcustomdomain
getCustomDomainResp, err := d.sdkClients.fc2.GetCustomDomain(tea.String(d.config.Domain)) getCustomDomainResp, err := d.sdkClients.fc2.GetCustomDomain(tea.String(d.config.Domain))
d.logger.Debug("sdk request 'fc.GetCustomDomain'", slog.Any("response", getCustomDomainResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'fc.GetCustomDomain'") return xerrors.Wrap(err, "failed to execute sdk request 'fc.GetCustomDomain'")
} else {
d.logger.Logt("已获取自定义域名", getCustomDomainResp)
} }
// 更新自定义域名 // 更新自定义域名
@@ -138,10 +138,9 @@ func (d *DeployerProvider) deployToFC2(ctx context.Context, certPem string, priv
TlsConfig: getCustomDomainResp.Body.TlsConfig, TlsConfig: getCustomDomainResp.Body.TlsConfig,
} }
updateCustomDomainResp, err := d.sdkClients.fc2.UpdateCustomDomain(tea.String(d.config.Domain), updateCustomDomainReq) updateCustomDomainResp, err := d.sdkClients.fc2.UpdateCustomDomain(tea.String(d.config.Domain), updateCustomDomainReq)
d.logger.Debug("sdk request 'fc.UpdateCustomDomain'", slog.Any("request", updateCustomDomainReq), slog.Any("response", updateCustomDomainResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'fc.UpdateCustomDomain'") return xerrors.Wrap(err, "failed to execute sdk request 'fc.UpdateCustomDomain'")
} else {
d.logger.Logt("已更新自定义域名", updateCustomDomainResp)
} }
return nil return nil

10
internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc_test.go
View File

@@ -17,7 +17,7 @@ var (
fAccessKeyId string fAccessKeyId string
fAccessKeySecret string fAccessKeySecret string
fRegion string fRegion string
fSiteId int64 fDomain string
) )
func init() { func init() {
@@ -28,7 +28,7 @@ func init() {
flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "")
flag.StringVar(&fAccessKeySecret, argsPrefix+"ACCESSKEYSECRET", "", "") flag.StringVar(&fAccessKeySecret, argsPrefix+"ACCESSKEYSECRET", "", "")
flag.StringVar(&fRegion, argsPrefix+"REGION", "", "") flag.StringVar(&fRegion, argsPrefix+"REGION", "", "")
flag.Int64Var(&fSiteId, argsPrefix+"SITEID", "", "") flag.StringVar(&fDomain, argsPrefix+"DOMAIN", "", "")
} }
/* /*
@@ -40,7 +40,7 @@ Shell command to run this test:
--CERTIMATE_DEPLOYER_ALIYUNFC_ACCESSKEYID="your-access-key-id" \ --CERTIMATE_DEPLOYER_ALIYUNFC_ACCESSKEYID="your-access-key-id" \
--CERTIMATE_DEPLOYER_ALIYUNFC_ACCESSKEYSECRET="your-access-key-secret" \ --CERTIMATE_DEPLOYER_ALIYUNFC_ACCESSKEYSECRET="your-access-key-secret" \
--CERTIMATE_DEPLOYER_ALIYUNFC_REGION="cn-hangzhou" \ --CERTIMATE_DEPLOYER_ALIYUNFC_REGION="cn-hangzhou" \
--CERTIMATE_DEPLOYER_ALIYUNFC_SITEID="your-fc-site-id" --CERTIMATE_DEPLOYER_ALIYUNFC_DOMAIN="example.com"
*/ */
func TestDeploy(t *testing.T) { func TestDeploy(t *testing.T) {
flag.Parse() flag.Parse()
@@ -53,14 +53,14 @@ func TestDeploy(t *testing.T) {
fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId),
fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret), fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret),
fmt.Sprintf("REGION: %v", fRegion), fmt.Sprintf("REGION: %v", fRegion),
fmt.Sprintf("SITEID: %v", fSiteId), fmt.Sprintf("DOMAIN: %v", fDomain),
}, "\n")) }, "\n"))
deployer, err := provider.NewDeployer(&provider.DeployerConfig{ deployer, err := provider.NewDeployer(&provider.DeployerConfig{
AccessKeyId: fAccessKeyId, AccessKeyId: fAccessKeyId,
AccessKeySecret: fAccessKeySecret, AccessKeySecret: fAccessKeySecret,
Region: fRegion, Region: fRegion,
SiteId: fSiteId, Domain: fDomain,
}) })
if err != nil { if err != nil {
t.Errorf("err: %+v", err) t.Errorf("err: %+v", err)

17
internal/pkg/core/deployer/providers/aliyun-live/aliyun_live.go
View File

@@ -3,6 +3,7 @@
import ( import (
"context" "context"
"fmt" "fmt"
"log/slog"
"strings" "strings"
"time" "time"
@@ -12,7 +13,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
) )
type DeployerConfig struct { type DeployerConfig struct {
@@ -28,7 +28,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *aliyunLive.Client sdkClient *aliyunLive.Client
} }
@@ -46,13 +46,17 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -71,12 +75,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
SSLPri: tea.String(privkeyPem), SSLPri: tea.String(privkeyPem),
} }
setLiveDomainSSLCertificateResp, err := d.sdkClient.SetLiveDomainCertificate(setLiveDomainSSLCertificateReq) setLiveDomainSSLCertificateResp, err := d.sdkClient.SetLiveDomainCertificate(setLiveDomainSSLCertificateReq)
d.logger.Debug("sdk request 'live.SetLiveDomainCertificate'", slog.Any("request", setLiveDomainSSLCertificateReq), slog.Any("response", setLiveDomainSSLCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'live.SetLiveDomainCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'live.SetLiveDomainCertificate'")
} }
d.logger.Logt("已设置域名证书", setLiveDomainSSLCertificateResp)
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }

34
internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"strings" "strings"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client" aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
@@ -12,7 +13,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas"
) )
@@ -36,7 +36,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *aliyunNlb.Client sdkClient *aliyunNlb.Client
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -60,14 +60,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -76,10 +81,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 根据部署资源类型决定部署方式 // 根据部署资源类型决定部署方式
switch d.config.ResourceType { switch d.config.ResourceType {
case RESOURCE_TYPE_LOADBALANCER: case RESOURCE_TYPE_LOADBALANCER:
@@ -110,12 +115,11 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
LoadBalancerId: tea.String(d.config.LoadbalancerId), LoadBalancerId: tea.String(d.config.LoadbalancerId),
} }
getLoadBalancerAttributeResp, err := d.sdkClient.GetLoadBalancerAttribute(getLoadBalancerAttributeReq) getLoadBalancerAttributeResp, err := d.sdkClient.GetLoadBalancerAttribute(getLoadBalancerAttributeReq)
d.logger.Debug("sdk request 'nlb.GetLoadBalancerAttribute'", slog.Any("request", getLoadBalancerAttributeReq), slog.Any("response", getLoadBalancerAttributeResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'nlb.GetLoadBalancerAttribute'") return xerrors.Wrap(err, "failed to execute sdk request 'nlb.GetLoadBalancerAttribute'")
} }
d.logger.Logt("已查询到 NLB 负载均衡实例", getLoadBalancerAttributeResp)
// 查询 TCPSSL 监听列表 // 查询 TCPSSL 监听列表
// REF: https://help.aliyun.com/zh/slb/network-load-balancer/developer-reference/api-nlb-2022-04-30-listlisteners // REF: https://help.aliyun.com/zh/slb/network-load-balancer/developer-reference/api-nlb-2022-04-30-listlisteners
listenerIds := make([]string, 0) listenerIds := make([]string, 0)
@@ -129,6 +133,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
ListenerProtocol: tea.String("TCPSSL"), ListenerProtocol: tea.String("TCPSSL"),
} }
listListenersResp, err := d.sdkClient.ListListeners(listListenersReq) listListenersResp, err := d.sdkClient.ListListeners(listListenersReq)
d.logger.Debug("sdk request 'nlb.ListListeners'", slog.Any("request", listListenersReq), slog.Any("response", listListenersResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'nlb.ListListeners'") return xerrors.Wrap(err, "failed to execute sdk request 'nlb.ListListeners'")
} }
@@ -146,12 +151,11 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
} }
} }
d.logger.Logt("已查询到 NLB 负载均衡实例下的全部 TCPSSL 监听", listenerIds)
// 遍历更新监听证书 // 遍历更新监听证书
if len(listenerIds) == 0 { if len(listenerIds) == 0 {
return errors.New("listener not found") d.logger.Info("no nlb listeners to deploy")
} else { } else {
d.logger.Info("found tcpssl listeners to deploy", slog.Any("listenerIds", listenerIds))
var errs []error var errs []error
for _, listenerId := range listenerIds { for _, listenerId := range listenerIds {
@@ -188,12 +192,11 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
ListenerId: tea.String(cloudListenerId), ListenerId: tea.String(cloudListenerId),
} }
getListenerAttributeResp, err := d.sdkClient.GetListenerAttribute(getListenerAttributeReq) getListenerAttributeResp, err := d.sdkClient.GetListenerAttribute(getListenerAttributeReq)
d.logger.Debug("sdk request 'nlb.GetListenerAttribute'", slog.Any("request", getListenerAttributeReq), slog.Any("response", getListenerAttributeResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'nlb.GetListenerAttribute'") return xerrors.Wrap(err, "failed to execute sdk request 'nlb.GetListenerAttribute'")
} }
d.logger.Logt("已查询到 NLB 监听配置", getListenerAttributeResp)
// 修改监听的属性 // 修改监听的属性
// REF: https://help.aliyun.com/zh/slb/network-load-balancer/developer-reference/api-nlb-2022-04-30-updatelistenerattribute // REF: https://help.aliyun.com/zh/slb/network-load-balancer/developer-reference/api-nlb-2022-04-30-updatelistenerattribute
updateListenerAttributeReq := &aliyunNlb.UpdateListenerAttributeRequest{ updateListenerAttributeReq := &aliyunNlb.UpdateListenerAttributeRequest{
@@ -201,12 +204,11 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
CertificateIds: []*string{tea.String(cloudCertId)}, CertificateIds: []*string{tea.String(cloudCertId)},
} }
updateListenerAttributeResp, err := d.sdkClient.UpdateListenerAttribute(updateListenerAttributeReq) updateListenerAttributeResp, err := d.sdkClient.UpdateListenerAttribute(updateListenerAttributeReq)
d.logger.Debug("sdk request 'nlb.UpdateListenerAttribute'", slog.Any("request", updateListenerAttributeReq), slog.Any("response", updateListenerAttributeResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'nlb.UpdateListenerAttribute'") return xerrors.Wrap(err, "failed to execute sdk request 'nlb.UpdateListenerAttribute'")
} }
d.logger.Logt("已更新 NLB 监听配置", updateListenerAttributeResp)
return nil return nil
} }

20
internal/pkg/core/deployer/providers/aliyun-oss/aliyun_oss.go
View File

@@ -4,12 +4,12 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"github.com/aliyun/aliyun-oss-go-sdk/oss" "github.com/aliyun/aliyun-oss-go-sdk/oss"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
) )
type DeployerConfig struct { type DeployerConfig struct {
@@ -27,7 +27,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *oss.Client sdkClient *oss.Client
} }
@@ -45,13 +45,17 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -65,14 +69,16 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 为存储空间绑定自定义域名 // 为存储空间绑定自定义域名
// REF: https://help.aliyun.com/zh/oss/developer-reference/putcname // REF: https://help.aliyun.com/zh/oss/developer-reference/putcname
err := d.sdkClient.PutBucketCnameWithCertificate(d.config.Bucket, oss.PutBucketCname{ putBucketCnameWithCertificateReq := oss.PutBucketCname{
Cname: d.config.Domain, Cname: d.config.Domain,
CertificateConfiguration: &oss.CertificateConfiguration{ CertificateConfiguration: &oss.CertificateConfiguration{
Certificate: certPem, Certificate: certPem,
PrivateKey: privkeyPem, PrivateKey: privkeyPem,
Force: true, Force: true,
}, },
}) }
err := d.sdkClient.PutBucketCnameWithCertificate(d.config.Bucket, putBucketCnameWithCertificateReq)
d.logger.Debug("sdk request 'oss.PutBucketCnameWithCertificate'", slog.Any("bucket", d.config.Bucket), slog.Any("request", putBucketCnameWithCertificateReq))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'oss.PutBucketCnameWithCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'oss.PutBucketCnameWithCertificate'")
} }

17
internal/pkg/core/deployer/providers/aliyun-vod/aliyun_vod.go
View File

@@ -3,6 +3,7 @@
import ( import (
"context" "context"
"fmt" "fmt"
"log/slog"
"time" "time"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client" aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
@@ -11,7 +12,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
) )
type DeployerConfig struct { type DeployerConfig struct {
@@ -27,7 +27,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *aliyunVod.Client sdkClient *aliyunVod.Client
} }
@@ -45,13 +45,17 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -67,10 +71,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
SSLPri: tea.String(privkeyPem), SSLPri: tea.String(privkeyPem),
} }
setVodDomainSSLCertificateResp, err := d.sdkClient.SetVodDomainSSLCertificate(setVodDomainSSLCertificateReq) setVodDomainSSLCertificateResp, err := d.sdkClient.SetVodDomainSSLCertificate(setVodDomainSSLCertificateReq)
d.logger.Debug("sdk request 'live.SetVodDomainSSLCertificate'", slog.Any("request", setVodDomainSSLCertificateReq), slog.Any("response", setVodDomainSSLCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'live.SetVodDomainSSLCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'live.SetVodDomainSSLCertificate'")
} else {
d.logger.Logt("已设置域名证书", setVodDomainSSLCertificateResp)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

39
internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"strings" "strings"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client" aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
@@ -12,7 +13,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas"
) )
@@ -32,7 +32,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *aliyunWaf.Client sdkClient *aliyunWaf.Client
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -56,14 +56,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -77,7 +82,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else { } else {
d.logger.Logt("certificate file uploaded", upres) d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
if d.config.Domain == "" { if d.config.Domain == "" {
@@ -90,10 +95,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
RegionId: tea.String(d.config.Region), RegionId: tea.String(d.config.Region),
} }
describeDefaultHttpsResp, err := d.sdkClient.DescribeDefaultHttps(describeDefaultHttpsReq) describeDefaultHttpsResp, err := d.sdkClient.DescribeDefaultHttps(describeDefaultHttpsReq)
d.logger.Debug("sdk request 'waf.DescribeDefaultHttps'", slog.Any("request", describeDefaultHttpsReq), slog.Any("response", describeDefaultHttpsResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.DescribeDefaultHttps'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.DescribeDefaultHttps'")
} else {
d.logger.Logt("已查询到默认 SSL/TLS 设置", describeDefaultHttpsResp)
} }
// 修改默认 SSL/TLS 设置 // 修改默认 SSL/TLS 设置
@@ -110,10 +114,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
modifyDefaultHttpsReq.EnableTLSv3 = describeDefaultHttpsResp.Body.DefaultHttps.EnableTLSv3 modifyDefaultHttpsReq.EnableTLSv3 = describeDefaultHttpsResp.Body.DefaultHttps.EnableTLSv3
} }
modifyDefaultHttpsResp, err := d.sdkClient.ModifyDefaultHttps(modifyDefaultHttpsReq) modifyDefaultHttpsResp, err := d.sdkClient.ModifyDefaultHttps(modifyDefaultHttpsReq)
d.logger.Debug("sdk request 'waf.ModifyDefaultHttps'", slog.Any("request", modifyDefaultHttpsReq), slog.Any("response", modifyDefaultHttpsResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.ModifyDefaultHttps'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.ModifyDefaultHttps'")
} else {
d.logger.Logt("已修改默认 SSL/TLS 设置", modifyDefaultHttpsResp)
} }
} else { } else {
// 指定接入域名 // 指定接入域名
@@ -126,10 +129,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
Domain: tea.String(d.config.Domain), Domain: tea.String(d.config.Domain),
} }
describeDomainDetailResp, err := d.sdkClient.DescribeDomainDetail(describeDomainDetailReq) describeDomainDetailResp, err := d.sdkClient.DescribeDomainDetail(describeDomainDetailReq)
d.logger.Debug("sdk request 'waf.DescribeDomainDetail'", slog.Any("request", describeDomainDetailReq), slog.Any("response", describeDomainDetailResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.DescribeDomainDetail'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.DescribeDomainDetail'")
} else {
d.logger.Logt("已查询到 CNAME 接入详情", describeDomainDetailResp)
} }
// 修改 CNAME 接入资源 // 修改 CNAME 接入资源
@@ -143,18 +145,25 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
TLSVersion: tea.String("tlsv1"), TLSVersion: tea.String("tlsv1"),
EnableTLSv3: tea.Bool(false), EnableTLSv3: tea.Bool(false),
}, },
Redirect: &aliyunWaf.ModifyDomainRequestRedirect{}, Redirect: &aliyunWaf.ModifyDomainRequestRedirect{
Loadbalance: tea.String("iphash"),
},
} }
if describeDomainDetailResp.Body != nil && describeDomainDetailResp.Body.Listen != nil { if describeDomainDetailResp.Body != nil && describeDomainDetailResp.Body.Listen != nil {
modifyDomainReq.Listen.TLSVersion = describeDomainDetailResp.Body.Listen.TLSVersion modifyDomainReq.Listen.TLSVersion = describeDomainDetailResp.Body.Listen.TLSVersion
modifyDomainReq.Listen.EnableTLSv3 = describeDomainDetailResp.Body.Listen.EnableTLSv3 modifyDomainReq.Listen.EnableTLSv3 = describeDomainDetailResp.Body.Listen.EnableTLSv3
modifyDomainReq.Listen.FocusHttps = describeDomainDetailResp.Body.Listen.FocusHttps modifyDomainReq.Listen.FocusHttps = describeDomainDetailResp.Body.Listen.FocusHttps
} }
if describeDomainDetailResp.Body != nil && describeDomainDetailResp.Body.Redirect != nil {
modifyDomainReq.Redirect.Loadbalance = describeDomainDetailResp.Body.Redirect.Loadbalance
modifyDomainReq.Redirect.FocusHttpBackend = describeDomainDetailResp.Body.Redirect.FocusHttpBackend
modifyDomainReq.Redirect.SniEnabled = describeDomainDetailResp.Body.Redirect.SniEnabled
modifyDomainReq.Redirect.SniHost = describeDomainDetailResp.Body.Redirect.SniHost
}
modifyDomainResp, err := d.sdkClient.ModifyDomain(modifyDomainReq) modifyDomainResp, err := d.sdkClient.ModifyDomain(modifyDomainReq)
d.logger.Debug("sdk request 'waf.ModifyDomain'", slog.Any("request", modifyDomainReq), slog.Any("response", modifyDomainResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.ModifyDomain'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.ModifyDomain'")
} else {
d.logger.Logt("已修改 CNAME 接入资源", modifyDomainResp)
} }
} }

25
internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront.go
View File

@@ -3,6 +3,7 @@
import ( import (
"context" "context"
"errors" "errors"
"log/slog"
aws "github.com/aws/aws-sdk-go-v2/aws" aws "github.com/aws/aws-sdk-go-v2/aws"
awsCfg "github.com/aws/aws-sdk-go-v2/config" awsCfg "github.com/aws/aws-sdk-go-v2/config"
@@ -12,7 +13,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aws-acm" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aws-acm"
) )
@@ -30,7 +30,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *awsCf.Client sdkClient *awsCf.Client
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -58,14 +58,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -78,22 +83,21 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 获取分配配置 // 获取分配配置
// REF: https://docs.aws.amazon.com/en_us/cloudfront/latest/APIReference/API_GetDistributionConfig.html // REF: https://docs.aws.amazon.com/en_us/cloudfront/latest/APIReference/API_GetDistributionConfig.html
getDistributionConfigReq := &awsCf.GetDistributionConfigInput{ getDistributionConfigReq := &awsCf.GetDistributionConfigInput{
Id: aws.String(d.config.DistributionId), Id: aws.String(d.config.DistributionId),
} }
getDistributionConfigResp, err := d.sdkClient.GetDistributionConfig(context.TODO(), getDistributionConfigReq) getDistributionConfigResp, err := d.sdkClient.GetDistributionConfig(context.TODO(), getDistributionConfigReq)
d.logger.Debug("sdk request 'cloudfront.GetDistributionConfig'", slog.Any("request", getDistributionConfigReq), slog.Any("response", getDistributionConfigResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cloudfront.GetDistributionConfig'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cloudfront.GetDistributionConfig'")
} }
d.logger.Logt("已获取分配配置", getDistributionConfigResp)
// 更新分配配置 // 更新分配配置
// REF: https://docs.aws.amazon.com/zh_cn/cloudfront/latest/APIReference/API_UpdateDistribution.html // REF: https://docs.aws.amazon.com/zh_cn/cloudfront/latest/APIReference/API_UpdateDistribution.html
updateDistributionReq := &awsCf.UpdateDistributionInput{ updateDistributionReq := &awsCf.UpdateDistributionInput{
@@ -107,12 +111,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
updateDistributionReq.DistributionConfig.ViewerCertificate.CloudFrontDefaultCertificate = aws.Bool(false) updateDistributionReq.DistributionConfig.ViewerCertificate.CloudFrontDefaultCertificate = aws.Bool(false)
updateDistributionReq.DistributionConfig.ViewerCertificate.ACMCertificateArn = aws.String(upres.CertId) updateDistributionReq.DistributionConfig.ViewerCertificate.ACMCertificateArn = aws.String(upres.CertId)
updateDistributionResp, err := d.sdkClient.UpdateDistribution(context.TODO(), updateDistributionReq) updateDistributionResp, err := d.sdkClient.UpdateDistribution(context.TODO(), updateDistributionReq)
d.logger.Debug("sdk request 'cloudfront.UpdateDistribution'", slog.Any("request", updateDistributionReq), slog.Any("response", updateDistributionResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cloudfront.UpdateDistribution'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cloudfront.UpdateDistribution'")
} }
d.logger.Logt("已更新分配配置", updateDistributionResp)
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }

17
internal/pkg/core/deployer/providers/baiducloud-cdn/baiducloud_cdn.go
View File

@@ -3,6 +3,7 @@
import ( import (
"context" "context"
"fmt" "fmt"
"log/slog"
"time" "time"
bceCdn "github.com/baidubce/bce-sdk-go/services/cdn" bceCdn "github.com/baidubce/bce-sdk-go/services/cdn"
@@ -10,7 +11,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
) )
type DeployerConfig struct { type DeployerConfig struct {
@@ -24,7 +24,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *bceCdn.Client sdkClient *bceCdn.Client
} }
@@ -42,13 +42,17 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -64,12 +68,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
}, },
"ON", "ON",
) )
d.logger.Debug("sdk request 'cdn.PutCert'", slog.String("request.domain", d.config.Domain), slog.Any("response", putCertResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.PutCert'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.PutCert'")
} }
d.logger.Logt("已修改域名证书", putCertResp)
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }

23
internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn.go
View File

@@ -4,12 +4,12 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"time" "time"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
bssdk "github.com/usual2970/certimate/internal/pkg/vendors/baishan-sdk" bssdk "github.com/usual2970/certimate/internal/pkg/vendors/baishan-sdk"
) )
@@ -22,7 +22,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *bssdk.Client sdkClient *bssdk.Client
} }
@@ -40,13 +40,17 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -62,12 +66,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
Config: []string{"https"}, Config: []string{"https"},
} }
getDomainConfigResp, err := d.sdkClient.GetDomainConfig(getDomainConfigReq) getDomainConfigResp, err := d.sdkClient.GetDomainConfig(getDomainConfigReq)
d.logger.Debug("sdk request 'baishan.GetDomainConfig'", slog.Any("request", getDomainConfigReq), slog.Any("response", getDomainConfigResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'baishan.GetDomainConfig'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'baishan.GetDomainConfig'")
} else if len(getDomainConfigResp.Data) == 0 { } else if len(getDomainConfigResp.Data) == 0 {
return nil, errors.New("domain config not found") return nil, errors.New("domain config not found")
} else {
d.logger.Logt("已查询到域名配置", getDomainConfigResp)
} }
// 新增证书 // 新增证书
@@ -78,10 +81,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
Name: fmt.Sprintf("certimate_%d", time.Now().UnixMilli()), Name: fmt.Sprintf("certimate_%d", time.Now().UnixMilli()),
} }
createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq)
d.logger.Debug("sdk request 'baishan.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'baishan.CreateCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'baishan.CreateCertificate'")
} else {
d.logger.Logt("已新增证书", createCertificateResp)
} }
// 设置域名配置 // 设置域名配置
@@ -98,10 +100,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
}, },
} }
setDomainConfigResp, err := d.sdkClient.SetDomainConfig(setDomainConfigReq) setDomainConfigResp, err := d.sdkClient.SetDomainConfig(setDomainConfigReq)
d.logger.Debug("sdk request 'baishan.SetDomainConfig'", slog.Any("request", setDomainConfigReq), slog.Any("response", setDomainConfigResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'baishan.SetDomainConfig'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'baishan.SetDomainConfig'")
} else {
d.logger.Logt("已设置域名配置", setDomainConfigResp)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

20
internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console.go
View File

@@ -4,12 +4,12 @@ import (
"context" "context"
"crypto/tls" "crypto/tls"
"errors" "errors"
"log/slog"
"net/url" "net/url"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
btsdk "github.com/usual2970/certimate/internal/pkg/vendors/btpanel-sdk" btsdk "github.com/usual2970/certimate/internal/pkg/vendors/btpanel-sdk"
) )
@@ -26,7 +26,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *btsdk.Client sdkClient *btsdk.Client
} }
@@ -44,13 +44,17 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -61,10 +65,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
Certificate: certPem, Certificate: certPem,
} }
configSavePanelSSLResp, err := d.sdkClient.ConfigSavePanelSSL(configSavePanelSSLReq) configSavePanelSSLResp, err := d.sdkClient.ConfigSavePanelSSL(configSavePanelSSLReq)
d.logger.Debug("sdk request 'bt.ConfigSavePanelSSL'", slog.Any("request", configSavePanelSSLReq), slog.Any("response", configSavePanelSSLResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'bt.ConfigSavePanelSSL'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'bt.ConfigSavePanelSSL'")
} else {
d.logger.Logt("已设置面板 SSL 证书", configSavePanelSSLResp)
} }
if d.config.AutoRestart { if d.config.AutoRestart {
@@ -73,7 +76,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
Name: "nginx", Name: "nginx",
Type: "restart", Type: "restart",
} }
d.sdkClient.SystemServiceAdmin(systemServiceAdminReq) systemServiceAdminResp, _ := d.sdkClient.SystemServiceAdmin(systemServiceAdminReq)
d.logger.Debug("sdk request 'bt.SystemServiceAdmin'", slog.Any("request", systemServiceAdminReq), slog.Any("response", systemServiceAdminResp))
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

27
internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site.go
View File

@@ -5,13 +5,13 @@ import (
"crypto/tls" "crypto/tls"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"net/url" "net/url"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger" "github.com/usual2970/certimate/internal/pkg/utils/sliceutil"
"github.com/usual2970/certimate/internal/pkg/utils/slices"
btsdk "github.com/usual2970/certimate/internal/pkg/vendors/btpanel-sdk" btsdk "github.com/usual2970/certimate/internal/pkg/vendors/btpanel-sdk"
) )
@@ -32,7 +32,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *btsdk.Client sdkClient *btsdk.Client
} }
@@ -50,13 +50,17 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -76,10 +80,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
PrivateKey: privkeyPem, PrivateKey: privkeyPem,
} }
siteSetSSLResp, err := d.sdkClient.SiteSetSSL(siteSetSSLReq) siteSetSSLResp, err := d.sdkClient.SiteSetSSL(siteSetSSLReq)
d.logger.Debug("sdk request 'bt.SiteSetSSL'", slog.Any("request", siteSetSSLReq), slog.Any("response", siteSetSSLResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'bt.SiteSetSSL'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'bt.SiteSetSSL'")
} else {
d.logger.Logt("已设置站点证书", siteSetSSLResp)
} }
} }
@@ -95,15 +98,14 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
PrivateKey: privkeyPem, PrivateKey: privkeyPem,
} }
sslCertSaveCertResp, err := d.sdkClient.SSLCertSaveCert(sslCertSaveCertReq) sslCertSaveCertResp, err := d.sdkClient.SSLCertSaveCert(sslCertSaveCertReq)
d.logger.Debug("sdk request 'bt.SSLCertSaveCert'", slog.Any("request", sslCertSaveCertReq), slog.Any("response", sslCertSaveCertResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'bt.SSLCertSaveCert'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'bt.SSLCertSaveCert'")
} else {
d.logger.Logt("已上传证书", sslCertSaveCertResp)
} }
// 设置站点证书 // 设置站点证书
sslSetBatchCertToSiteReq := &btsdk.SSLSetBatchCertToSiteRequest{ sslSetBatchCertToSiteReq := &btsdk.SSLSetBatchCertToSiteRequest{
BatchInfo: slices.Map(d.config.SiteNames, func(siteName string) *btsdk.SSLSetBatchCertToSiteRequestBatchInfo { BatchInfo: sliceutil.Map(d.config.SiteNames, func(siteName string) *btsdk.SSLSetBatchCertToSiteRequestBatchInfo {
return &btsdk.SSLSetBatchCertToSiteRequestBatchInfo{ return &btsdk.SSLSetBatchCertToSiteRequestBatchInfo{
SiteName: siteName, SiteName: siteName,
SSLHash: sslCertSaveCertResp.SSLHash, SSLHash: sslCertSaveCertResp.SSLHash,
@@ -111,10 +113,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
}), }),
} }
sslSetBatchCertToSiteResp, err := d.sdkClient.SSLSetBatchCertToSite(sslSetBatchCertToSiteReq) sslSetBatchCertToSiteResp, err := d.sdkClient.SSLSetBatchCertToSite(sslSetBatchCertToSiteReq)
d.logger.Debug("sdk request 'bt.SSLSetBatchCertToSite'", slog.Any("request", sslSetBatchCertToSiteReq), slog.Any("response", sslSetBatchCertToSiteResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'bt.SSLSetBatchCertToSite'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'bt.SSLSetBatchCertToSite'")
} else {
d.logger.Logt("已设置站点证书", sslSetBatchCertToSiteResp)
} }
} }

25
internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn.go
View File

@@ -3,14 +3,13 @@
import ( import (
"context" "context"
"errors" "errors"
"fmt" "log/slog"
"strings" "strings"
bpCdn "github.com/byteplus-sdk/byteplus-sdk-golang/service/cdn" bpCdn "github.com/byteplus-sdk/byteplus-sdk-golang/service/cdn"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/byteplus-cdn" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/byteplus-cdn"
) )
@@ -26,7 +25,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *bpCdn.CDN sdkClient *bpCdn.CDN
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -52,14 +51,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -68,10 +72,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
domains := make([]string, 0) domains := make([]string, 0)
if strings.HasPrefix(d.config.Domain, "*.") { if strings.HasPrefix(d.config.Domain, "*.") {
// 获取指定证书可关联的域名 // 获取指定证书可关联的域名
@@ -80,6 +84,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
CertId: upres.CertId, CertId: upres.CertId,
} }
describeCertConfigResp, err := d.sdkClient.DescribeCertConfig(describeCertConfigReq) describeCertConfigResp, err := d.sdkClient.DescribeCertConfig(describeCertConfigReq)
d.logger.Debug("sdk request 'cdn.DescribeCertConfig'", slog.Any("request", describeCertConfigReq), slog.Any("response", describeCertConfigResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.DescribeCertConfig'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.DescribeCertConfig'")
} }
@@ -99,6 +104,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
if len(domains) == 0 { if len(domains) == 0 {
if len(describeCertConfigResp.Result.SpecifiedCertConfig) > 0 { if len(describeCertConfigResp.Result.SpecifiedCertConfig) > 0 {
// 所有可关联的域名都配置了该证书,跳过部署 // 所有可关联的域名都配置了该证书,跳过部署
d.logger.Info("no domains to deploy")
} else { } else {
return nil, errors.New("domain not found") return nil, errors.New("domain not found")
} }
@@ -118,10 +124,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
Domain: domain, Domain: domain,
} }
batchDeployCertResp, err := d.sdkClient.BatchDeployCert(batchDeployCertReq) batchDeployCertResp, err := d.sdkClient.BatchDeployCert(batchDeployCertReq)
d.logger.Debug("sdk request 'cdn.BatchDeployCert'", slog.Any("request", batchDeployCertReq), slog.Any("response", batchDeployCertResp))
if err != nil { if err != nil {
errs = append(errs, err) errs = append(errs, err)
} else {
d.logger.Logt(fmt.Sprintf("已关联证书到域名 %s", domain), batchDeployCertResp)
} }
} }

17
internal/pkg/core/deployer/providers/cachefly/cachefly.go
View File

@@ -3,11 +3,11 @@
import ( import (
"context" "context"
"errors" "errors"
"log/slog"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
cfsdk "github.com/usual2970/certimate/internal/pkg/vendors/cachefly-sdk" cfsdk "github.com/usual2970/certimate/internal/pkg/vendors/cachefly-sdk"
) )
@@ -18,7 +18,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *cfsdk.Client sdkClient *cfsdk.Client
} }
@@ -36,13 +36,17 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -53,10 +57,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
CertificateKey: privkeyPem, CertificateKey: privkeyPem,
} }
createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq)
d.logger.Debug("sdk request 'cachefly.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cachefly.CreateCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cachefly.CreateCertificate'")
} else {
d.logger.Logt("已上传证书", createCertificateResp)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

26
internal/pkg/core/deployer/providers/cdnfly/cdnfly.go
View File

@@ -5,13 +5,13 @@ import (
"encoding/json" "encoding/json"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"net/url" "net/url"
"time" "time"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
cfsdk "github.com/usual2970/certimate/internal/pkg/vendors/cdnfly-sdk" cfsdk "github.com/usual2970/certimate/internal/pkg/vendors/cdnfly-sdk"
) )
@@ -34,7 +34,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *cfsdk.Client sdkClient *cfsdk.Client
} }
@@ -52,13 +52,17 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -93,10 +97,9 @@ func (d *DeployerProvider) deployToSite(ctx context.Context, certPem string, pri
Id: d.config.SiteId, Id: d.config.SiteId,
} }
getSiteResp, err := d.sdkClient.GetSite(getSiteReq) getSiteResp, err := d.sdkClient.GetSite(getSiteReq)
d.logger.Debug("sdk request 'cdnfly.GetSite'", slog.Any("request", getSiteReq), slog.Any("response", getSiteResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'cdnfly.GetSite'") return xerrors.Wrap(err, "failed to execute sdk request 'cdnfly.GetSite'")
} else {
d.logger.Logt("已获取网站详情", getSiteResp)
} }
// 添加单个证书 // 添加单个证书
@@ -108,10 +111,9 @@ func (d *DeployerProvider) deployToSite(ctx context.Context, certPem string, pri
Key: privkeyPem, Key: privkeyPem,
} }
createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq) createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq)
d.logger.Debug("sdk request 'cdnfly.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'cdnfly.CreateCertificate'") return xerrors.Wrap(err, "failed to execute sdk request 'cdnfly.CreateCertificate'")
} else {
d.logger.Logt("已添加证书", createCertificateResp)
} }
// 修改单个网站 // 修改单个网站
@@ -126,10 +128,9 @@ func (d *DeployerProvider) deployToSite(ctx context.Context, certPem string, pri
HttpsListen: &updateSiteHttpsListen, HttpsListen: &updateSiteHttpsListen,
} }
updateSiteResp, err := d.sdkClient.UpdateSite(updateSiteReq) updateSiteResp, err := d.sdkClient.UpdateSite(updateSiteReq)
d.logger.Debug("sdk request 'cdnfly.UpdateSite'", slog.Any("request", updateSiteReq), slog.Any("response", updateSiteResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'cdnfly.UpdateSite'") return xerrors.Wrap(err, "failed to execute sdk request 'cdnfly.UpdateSite'")
} else {
d.logger.Logt("已修改网站", updateSiteResp)
} }
return nil return nil
@@ -150,10 +151,9 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem stri
Key: &privkeyPem, Key: &privkeyPem,
} }
updateCertificateResp, err := d.sdkClient.UpdateCertificate(updateCertificateReq) updateCertificateResp, err := d.sdkClient.UpdateCertificate(updateCertificateReq)
d.logger.Debug("sdk request 'cdnfly.UpdateCertificate'", slog.Any("request", updateCertificateReq), slog.Any("response", updateCertificateResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'cdnfly.UpdateCertificate'") return xerrors.Wrap(err, "failed to execute sdk request 'cdnfly.UpdateCertificate'")
} else {
d.logger.Logt("已修改证书", updateCertificateResp)
} }
return nil return nil

22
internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn.go
View File

@@ -2,12 +2,12 @@
import ( import (
"context" "context"
"log/slog"
"strconv" "strconv"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/dogecloud" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/dogecloud"
dogesdk "github.com/usual2970/certimate/internal/pkg/vendors/dogecloud-sdk" dogesdk "github.com/usual2970/certimate/internal/pkg/vendors/dogecloud-sdk"
@@ -24,7 +24,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *dogesdk.Client sdkClient *dogesdk.Client
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -48,14 +48,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -64,19 +69,18 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 绑定证书 // 绑定证书
// REF: https://docs.dogecloud.com/cdn/api-cert-bind // REF: https://docs.dogecloud.com/cdn/api-cert-bind
bindCdnCertId, _ := strconv.ParseInt(upres.CertId, 10, 64) bindCdnCertId, _ := strconv.ParseInt(upres.CertId, 10, 64)
bindCdnCertResp, err := d.sdkClient.BindCdnCertWithDomain(bindCdnCertId, d.config.Domain) bindCdnCertResp, err := d.sdkClient.BindCdnCertWithDomain(bindCdnCertId, d.config.Domain)
d.logger.Debug("sdk request 'cdn.BindCdnCert'", slog.Int64("request.certId", bindCdnCertId), slog.String("request.domain", d.config.Domain), slog.Any("response", bindCdnCertResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.BindCdnCert'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.BindCdnCert'")
} }
d.logger.Logt("已绑定证书", bindCdnCertResp)
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }

21
internal/pkg/core/deployer/providers/edgio-applications/edgio_applications.go
View File

@@ -2,12 +2,12 @@
import ( import (
"context" "context"
"log/slog"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
"github.com/usual2970/certimate/internal/pkg/utils/certs"
edgsdk "github.com/usual2970/certimate/internal/pkg/vendors/edgio-sdk/applications/v7" edgsdk "github.com/usual2970/certimate/internal/pkg/vendors/edgio-sdk/applications/v7"
edgsdkDtos "github.com/usual2970/certimate/internal/pkg/vendors/edgio-sdk/applications/v7/dtos" edgsdkDtos "github.com/usual2970/certimate/internal/pkg/vendors/edgio-sdk/applications/v7/dtos"
) )
@@ -23,7 +23,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *edgsdk.EdgioClient sdkClient *edgsdk.EdgioClient
} }
@@ -41,19 +41,23 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) { func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
// 提取 Edgio 所需的服务端证书和中间证书内容 // 提取 Edgio 所需的服务端证书和中间证书内容
privateCertPem, intermediateCertPem, err := certs.ExtractCertificatesFromPEM(certPem) privateCertPem, intermediateCertPem, err := certutil.ExtractCertificatesFromPEM(certPem)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -67,12 +71,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
PrivateKey: privkeyPem, PrivateKey: privkeyPem,
} }
uploadTlsCertResp, err := d.sdkClient.UploadTlsCert(uploadTlsCertReq) uploadTlsCertResp, err := d.sdkClient.UploadTlsCert(uploadTlsCertReq)
d.logger.Debug("sdk request 'edgio.UploadTlsCert'", slog.Any("request", uploadTlsCertReq), slog.Any("response", uploadTlsCertResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'edgio.UploadTlsCert'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'edgio.UploadTlsCert'")
} }
d.logger.Logt("已上传 TLS 证书", uploadTlsCertResp)
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }

23
internal/pkg/core/deployer/providers/gcore-cdn/gcore_cdn.go
View File

@@ -3,6 +3,7 @@
import ( import (
"context" "context"
"errors" "errors"
"log/slog"
"strconv" "strconv"
gprovider "github.com/G-Core/gcorelabscdn-go/gcore/provider" gprovider "github.com/G-Core/gcorelabscdn-go/gcore/provider"
@@ -10,7 +11,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/gcore-cdn" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/gcore-cdn"
gcoresdk "github.com/usual2970/certimate/internal/pkg/vendors/gcore-sdk/common" gcoresdk "github.com/usual2970/certimate/internal/pkg/vendors/gcore-sdk/common"
@@ -25,7 +25,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *gresources.Service sdkClient *gresources.Service
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -51,14 +51,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -72,16 +77,15 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else { } else {
d.logger.Logt("certificate file uploaded", upres) d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
// 获取 CDN 资源详情 // 获取 CDN 资源详情
// REF: https://api.gcore.com/docs/cdn#tag/CDN-resources/paths/~1cdn~1resources~1%7Bresource_id%7D/get // REF: https://api.gcore.com/docs/cdn#tag/CDN-resources/paths/~1cdn~1resources~1%7Bresource_id%7D/get
getResourceResp, err := d.sdkClient.Get(context.TODO(), d.config.ResourceId) getResourceResp, err := d.sdkClient.Get(context.TODO(), d.config.ResourceId)
d.logger.Debug("sdk request 'resources.Get'", slog.Any("resourceId", d.config.ResourceId), slog.Any("response", getResourceResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'resources.Get'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'resources.Get'")
} else {
d.logger.Logt("已获取 CDN 资源详情", getResourceResp)
} }
// 更新 CDN 资源详情 // 更新 CDN 资源详情
@@ -101,10 +105,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
Options: getResourceResp.Options, Options: getResourceResp.Options,
} }
updateResourceResp, err := d.sdkClient.Update(context.TODO(), d.config.ResourceId, updateResourceReq) updateResourceResp, err := d.sdkClient.Update(context.TODO(), d.config.ResourceId, updateResourceReq)
d.logger.Debug("sdk request 'resources.Update'", slog.Int64("resourceId", d.config.ResourceId), slog.Any("request", updateResourceReq), slog.Any("response", updateResourceResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'resources.Update'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'resources.Update'")
} else {
d.logger.Logt("已更新 CDN 资源详情", updateResourceResp)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

25
internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go
View File

@@ -2,6 +2,7 @@
import ( import (
"context" "context"
"log/slog"
"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global"
hcCdn "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2" hcCdn "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2"
@@ -10,7 +11,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-scm" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-scm"
hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk" hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
@@ -29,7 +29,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *hcCdn.CdnClient sdkClient *hcCdn.CdnClient
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -60,14 +60,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -76,22 +81,21 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 查询加速域名配置 // 查询加速域名配置
// REF: https://support.huaweicloud.com/api-cdn/ShowDomainFullConfig.html // REF: https://support.huaweicloud.com/api-cdn/ShowDomainFullConfig.html
showDomainFullConfigReq := &hcCdnModel.ShowDomainFullConfigRequest{ showDomainFullConfigReq := &hcCdnModel.ShowDomainFullConfigRequest{
DomainName: d.config.Domain, DomainName: d.config.Domain,
} }
showDomainFullConfigResp, err := d.sdkClient.ShowDomainFullConfig(showDomainFullConfigReq) showDomainFullConfigResp, err := d.sdkClient.ShowDomainFullConfig(showDomainFullConfigReq)
d.logger.Debug("sdk request 'cdn.ShowDomainFullConfig'", slog.Any("request", showDomainFullConfigReq), slog.Any("response", showDomainFullConfigResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.ShowDomainFullConfig'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.ShowDomainFullConfig'")
} }
d.logger.Logt("已查询到加速域名配置", showDomainFullConfigResp)
// 更新加速域名配置 // 更新加速域名配置
// REF: https://support.huaweicloud.com/api-cdn/UpdateDomainMultiCertificates.html // REF: https://support.huaweicloud.com/api-cdn/UpdateDomainMultiCertificates.html
// REF: https://support.huaweicloud.com/usermanual-cdn/cdn_01_0306.html // REF: https://support.huaweicloud.com/usermanual-cdn/cdn_01_0306.html
@@ -108,12 +112,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
}, },
} }
updateDomainMultiCertificatesResp, err := d.sdkClient.UpdateDomainMultiCertificates(updateDomainMultiCertificatesReq) updateDomainMultiCertificatesResp, err := d.sdkClient.UpdateDomainMultiCertificates(updateDomainMultiCertificatesReq)
d.logger.Debug("sdk request 'cdn.UploadDomainMultiCertificates'", slog.Any("request", updateDomainMultiCertificatesReq), slog.Any("response", updateDomainMultiCertificatesResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.UploadDomainMultiCertificates'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.UploadDomainMultiCertificates'")
} }
d.logger.Logt("已更新加速域名配置", updateDomainMultiCertificatesResp)
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }

51
internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global"
@@ -17,7 +18,6 @@ import (
"golang.org/x/exp/slices" "golang.org/x/exp/slices"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-elb" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-elb"
hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk" hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
@@ -45,7 +45,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *hcElb.ElbClient sdkClient *hcElb.ElbClient
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -73,26 +73,23 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) { func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
// 上传证书到 SCM
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file")
}
d.logger.Logt("certificate file uploaded", upres)
// 根据部署资源类型决定部署方式 // 根据部署资源类型决定部署方式
switch d.config.ResourceType { switch d.config.ResourceType {
case RESOURCE_TYPE_CERTIFICATE: case RESOURCE_TYPE_CERTIFICATE:
@@ -134,12 +131,11 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem stri
}, },
} }
updateCertificateResp, err := d.sdkClient.UpdateCertificate(updateCertificateReq) updateCertificateResp, err := d.sdkClient.UpdateCertificate(updateCertificateReq)
d.logger.Debug("sdk request 'elb.UpdateCertificate'", slog.Any("request", updateCertificateReq), slog.Any("response", updateCertificateResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'elb.UpdateCertificate'") return xerrors.Wrap(err, "failed to execute sdk request 'elb.UpdateCertificate'")
} }
d.logger.Logt("已更新 ELB 证书", updateCertificateResp)
return nil return nil
} }
@@ -154,12 +150,11 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPem str
LoadbalancerId: d.config.LoadbalancerId, LoadbalancerId: d.config.LoadbalancerId,
} }
showLoadBalancerResp, err := d.sdkClient.ShowLoadBalancer(showLoadBalancerReq) showLoadBalancerResp, err := d.sdkClient.ShowLoadBalancer(showLoadBalancerReq)
d.logger.Debug("sdk request 'elb.ShowLoadBalancer'", slog.Any("request", showLoadBalancerReq), slog.Any("response", showLoadBalancerResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'elb.ShowLoadBalancer'") return xerrors.Wrap(err, "failed to execute sdk request 'elb.ShowLoadBalancer'")
} }
d.logger.Logt("已查询到 ELB 负载均衡器", showLoadBalancerResp)
// 查询监听器列表 // 查询监听器列表
// REF: https://support.huaweicloud.com/api-elb/ListListeners.html // REF: https://support.huaweicloud.com/api-elb/ListListeners.html
listenerIds := make([]string, 0) listenerIds := make([]string, 0)
@@ -173,6 +168,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPem str
LoadbalancerId: &[]string{showLoadBalancerResp.Loadbalancer.Id}, LoadbalancerId: &[]string{showLoadBalancerResp.Loadbalancer.Id},
} }
listListenersResp, err := d.sdkClient.ListListeners(listListenersReq) listListenersResp, err := d.sdkClient.ListListeners(listListenersReq)
d.logger.Debug("sdk request 'elb.ListListeners'", slog.Any("request", listListenersReq), slog.Any("response", listListenersResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'elb.ListListeners'") return xerrors.Wrap(err, "failed to execute sdk request 'elb.ListListeners'")
} }
@@ -190,20 +186,19 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPem str
} }
} }
d.logger.Logt("已查询到 ELB 负载均衡器下的监听器", listenerIds)
// 上传证书到 SCM // 上传证书到 SCM
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to upload certificate file") return xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 遍历更新监听器证书 // 遍历更新监听器证书
if len(listenerIds) == 0 { if len(listenerIds) == 0 {
return errors.New("listener not found") d.logger.Info("no listeners to deploy")
} else { } else {
d.logger.Info("found https listeners to deploy", slog.Any("listenerIds", listenerIds))
var errs []error var errs []error
for _, listenerId := range listenerIds { for _, listenerId := range listenerIds {
@@ -229,10 +224,10 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, certPem string,
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to upload certificate file") return xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 更新监听器证书 // 更新监听器证书
if err := d.modifyListenerCertificate(ctx, d.config.ListenerId, upres.CertId); err != nil { if err := d.modifyListenerCertificate(ctx, d.config.ListenerId, upres.CertId); err != nil {
return err return err
@@ -248,12 +243,11 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL
ListenerId: cloudListenerId, ListenerId: cloudListenerId,
} }
showListenerResp, err := d.sdkClient.ShowListener(showListenerReq) showListenerResp, err := d.sdkClient.ShowListener(showListenerReq)
d.logger.Debug("sdk request 'elb.ShowListener'", slog.Any("request", showListenerReq), slog.Any("response", showListenerResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'elb.ShowListener'") return xerrors.Wrap(err, "failed to execute sdk request 'elb.ShowListener'")
} }
d.logger.Logt("已查询到 ELB 监听器", showListenerResp)
// 更新监听器 // 更新监听器
// REF: https://support.huaweicloud.com/api-elb/UpdateListener.html // REF: https://support.huaweicloud.com/api-elb/UpdateListener.html
updateListenerReq := &hcElbModel.UpdateListenerRequest{ updateListenerReq := &hcElbModel.UpdateListenerRequest{
@@ -274,6 +268,7 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL
Id: &showListenerResp.Listener.SniContainerRefs, Id: &showListenerResp.Listener.SniContainerRefs,
} }
listOldCertificateResp, err := d.sdkClient.ListCertificates(listOldCertificateReq) listOldCertificateResp, err := d.sdkClient.ListCertificates(listOldCertificateReq)
d.logger.Debug("sdk request 'elb.ListCertificates'", slog.Any("request", listOldCertificateReq), slog.Any("response", listOldCertificateResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'elb.ListCertificates'") return xerrors.Wrap(err, "failed to execute sdk request 'elb.ListCertificates'")
} }
@@ -282,6 +277,7 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL
CertificateId: cloudCertId, CertificateId: cloudCertId,
} }
showNewCertificateResp, err := d.sdkClient.ShowCertificate(showNewCertificateReq) showNewCertificateResp, err := d.sdkClient.ShowCertificate(showNewCertificateReq)
d.logger.Debug("sdk request 'elb.ShowCertificate'", slog.Any("request", showNewCertificateReq), slog.Any("response", showNewCertificateResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'elb.ShowCertificate'") return xerrors.Wrap(err, "failed to execute sdk request 'elb.ShowCertificate'")
} }
@@ -311,12 +307,11 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL
} }
} }
updateListenerResp, err := d.sdkClient.UpdateListener(updateListenerReq) updateListenerResp, err := d.sdkClient.UpdateListener(updateListenerReq)
d.logger.Debug("sdk request 'elb.UpdateListener'", slog.Any("request", updateListenerReq), slog.Any("response", updateListenerResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'elb.UpdateListener'") return xerrors.Wrap(err, "failed to execute sdk request 'elb.UpdateListener'")
} }
d.logger.Logt("已更新 ELB 监听器", updateListenerResp)
return nil return nil
} }

35
internal/pkg/core/deployer/providers/huaweicloud-waf/huaweicloud_waf.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"strings" "strings"
"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
@@ -17,7 +18,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-waf" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-waf"
hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk" hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
@@ -42,7 +42,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *hcWaf.WafClient sdkClient *hcWaf.WafClient
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -70,14 +70,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -87,7 +92,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else { } else {
d.logger.Logt("certificate file uploaded", upres) d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
// 根据部署资源类型决定部署方式 // 根据部署资源类型决定部署方式
@@ -125,10 +130,9 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem stri
CertificateId: d.config.CertificateId, CertificateId: d.config.CertificateId,
} }
showCertificateResp, err := d.sdkClient.ShowCertificate(showCertificateReq) showCertificateResp, err := d.sdkClient.ShowCertificate(showCertificateReq)
d.logger.Debug("sdk request 'waf.ShowCertificate'", slog.Any("request", showCertificateReq), slog.Any("response", showCertificateResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'waf.ShowCertificate'") return xerrors.Wrap(err, "failed to execute sdk request 'waf.ShowCertificate'")
} else {
d.logger.Logt("已获取 WAF 证书", showCertificateResp)
} }
// 更新证书 // 更新证书
@@ -142,10 +146,9 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem stri
}, },
} }
updateCertificateResp, err := d.sdkClient.UpdateCertificate(updateCertificateReq) updateCertificateResp, err := d.sdkClient.UpdateCertificate(updateCertificateReq)
d.logger.Debug("sdk request 'waf.UpdateCertificate'", slog.Any("request", updateCertificateReq), slog.Any("response", updateCertificateResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'waf.UpdateCertificate'") return xerrors.Wrap(err, "failed to execute sdk request 'waf.UpdateCertificate'")
} else {
d.logger.Logt("已更新 WAF 证书", updateCertificateResp)
} }
return nil return nil
@@ -161,7 +164,7 @@ func (d *DeployerProvider) deployToCloudServer(ctx context.Context, certPem stri
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to upload certificate file") return xerrors.Wrap(err, "failed to upload certificate file")
} else { } else {
d.logger.Logt("certificate file uploaded", upres) d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
// 遍历查询云模式防护域名列表,获取防护域名 ID // 遍历查询云模式防护域名列表,获取防护域名 ID
@@ -176,6 +179,7 @@ func (d *DeployerProvider) deployToCloudServer(ctx context.Context, certPem stri
Pagesize: hwsdk.Int32Ptr(listHostPageSize), Pagesize: hwsdk.Int32Ptr(listHostPageSize),
} }
listHostResp, err := d.sdkClient.ListHost(listHostReq) listHostResp, err := d.sdkClient.ListHost(listHostReq)
d.logger.Debug("sdk request 'waf.ListHost'", slog.Any("request", listHostReq), slog.Any("response", listHostResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'waf.ListHost'") return xerrors.Wrap(err, "failed to execute sdk request 'waf.ListHost'")
} }
@@ -209,10 +213,9 @@ func (d *DeployerProvider) deployToCloudServer(ctx context.Context, certPem stri
}, },
} }
updateHostResp, err := d.sdkClient.UpdateHost(updateHostReq) updateHostResp, err := d.sdkClient.UpdateHost(updateHostReq)
d.logger.Debug("sdk request 'waf.UpdateHost'", slog.Any("request", updateHostReq), slog.Any("response", updateHostResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'waf.UpdateHost'") return xerrors.Wrap(err, "failed to execute sdk request 'waf.UpdateHost'")
} else {
d.logger.Logt("已更新云模式防护域名的配置", updateHostResp)
} }
return nil return nil
@@ -228,7 +231,7 @@ func (d *DeployerProvider) deployToPremiumHost(ctx context.Context, certPem stri
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to upload certificate file") return xerrors.Wrap(err, "failed to upload certificate file")
} else { } else {
d.logger.Logt("certificate file uploaded", upres) d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
// 遍历查询独享模式域名列表,获取防护域名 ID // 遍历查询独享模式域名列表,获取防护域名 ID
@@ -243,6 +246,7 @@ func (d *DeployerProvider) deployToPremiumHost(ctx context.Context, certPem stri
Pagesize: hwsdk.StringPtr(fmt.Sprintf("%d", listPremiumHostPageSize)), Pagesize: hwsdk.StringPtr(fmt.Sprintf("%d", listPremiumHostPageSize)),
} }
listPremiumHostResp, err := d.sdkClient.ListPremiumHost(listPremiumHostReq) listPremiumHostResp, err := d.sdkClient.ListPremiumHost(listPremiumHostReq)
d.logger.Debug("sdk request 'waf.ListPremiumHost'", slog.Any("request", listPremiumHostReq), slog.Any("response", listPremiumHostResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'waf.ListPremiumHost'") return xerrors.Wrap(err, "failed to execute sdk request 'waf.ListPremiumHost'")
} }
@@ -276,10 +280,9 @@ func (d *DeployerProvider) deployToPremiumHost(ctx context.Context, certPem stri
}, },
} }
updatePremiumHostResp, err := d.sdkClient.UpdatePremiumHost(updatePremiumHostReq) updatePremiumHostResp, err := d.sdkClient.UpdatePremiumHost(updatePremiumHostReq)
d.logger.Debug("sdk request 'waf.UpdatePremiumHost'", slog.Any("request", updatePremiumHostReq), slog.Any("response", updatePremiumHostResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'waf.UpdatePremiumHost'") return xerrors.Wrap(err, "failed to execute sdk request 'waf.UpdatePremiumHost'")
} else {
d.logger.Logt("已修改独享模式域名配置", updatePremiumHostResp)
} }
return nil return nil

40
internal/pkg/core/deployer/providers/jdcloud-alb/jdcloud_alb.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"strings" "strings"
jdCore "github.com/jdcloud-api/jdcloud-sdk-go/core" jdCore "github.com/jdcloud-api/jdcloud-sdk-go/core"
@@ -14,10 +15,9 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/jdcloud-ssl" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/jdcloud-ssl"
"github.com/usual2970/certimate/internal/pkg/utils/slices" "github.com/usual2970/certimate/internal/pkg/utils/sliceutil"
) )
type DeployerConfig struct { type DeployerConfig struct {
@@ -42,7 +42,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *jdLbClient.LbClient sdkClient *jdLbClient.LbClient
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -69,14 +69,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -86,7 +91,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else { } else {
d.logger.Logt("certificate file uploaded", upres) d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
// 根据部署资源类型决定部署方式 // 根据部署资源类型决定部署方式
@@ -117,10 +122,9 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
// REF: https://docs.jdcloud.com/cn/load-balancer/api/describeloadbalancer // REF: https://docs.jdcloud.com/cn/load-balancer/api/describeloadbalancer
describeLoadBalancerReq := jdLbApi.NewDescribeLoadBalancerRequest(d.config.RegionId, d.config.LoadbalancerId) describeLoadBalancerReq := jdLbApi.NewDescribeLoadBalancerRequest(d.config.RegionId, d.config.LoadbalancerId)
describeLoadBalancerResp, err := d.sdkClient.DescribeLoadBalancer(describeLoadBalancerReq) describeLoadBalancerResp, err := d.sdkClient.DescribeLoadBalancer(describeLoadBalancerReq)
d.logger.Debug("sdk request 'lb.DescribeLoadBalancer'", slog.Any("request", describeLoadBalancerReq), slog.Any("response", describeLoadBalancerResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'lb.DescribeLoadBalancer'") return xerrors.Wrap(err, "failed to execute sdk request 'lb.DescribeLoadBalancer'")
} else {
d.logger.Logt("已查询到负载均衡器详情", describeLoadBalancerResp)
} }
// 查询监听器列表 // 查询监听器列表
@@ -134,6 +138,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
describeListenersReq.SetPageSize(describeListenersPageNumber) describeListenersReq.SetPageSize(describeListenersPageNumber)
describeListenersReq.SetPageSize(describeListenersPageSize) describeListenersReq.SetPageSize(describeListenersPageSize)
describeListenersResp, err := d.sdkClient.DescribeListeners(describeListenersReq) describeListenersResp, err := d.sdkClient.DescribeListeners(describeListenersReq)
d.logger.Debug("sdk request 'lb.DescribeListeners'", slog.Any("request", describeListenersReq), slog.Any("response", describeListenersResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'lb.DescribeListeners'") return xerrors.Wrap(err, "failed to execute sdk request 'lb.DescribeListeners'")
} }
@@ -153,9 +158,9 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
// 遍历更新监听器证书 // 遍历更新监听器证书
if len(listenerIds) == 0 { if len(listenerIds) == 0 {
return errors.New("listener not found") d.logger.Info("no listeners to deploy")
} else { } else {
d.logger.Logt("已查询到负载均衡器下的全部 HTTPS/TLS 监听器", listenerIds) d.logger.Info("found https/tls listeners to deploy", slog.Any("listenerIds", listenerIds))
var errs []error var errs []error
@@ -191,10 +196,9 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
// REF: https://docs.jdcloud.com/cn/load-balancer/api/describelistener // REF: https://docs.jdcloud.com/cn/load-balancer/api/describelistener
describeListenerReq := jdLbApi.NewDescribeListenerRequest(d.config.RegionId, cloudListenerId) describeListenerReq := jdLbApi.NewDescribeListenerRequest(d.config.RegionId, cloudListenerId)
describeListenerResp, err := d.sdkClient.DescribeListener(describeListenerReq) describeListenerResp, err := d.sdkClient.DescribeListener(describeListenerReq)
d.logger.Debug("sdk request 'lb.DescribeListener'", slog.Any("request", describeListenerReq), slog.Any("response", describeListenerResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'lb.DescribeListener'") return xerrors.Wrap(err, "failed to execute sdk request 'lb.DescribeListener'")
} else {
d.logger.Logt("已查询到监听器详情", describeListenerResp)
} }
if d.config.Domain == "" { if d.config.Domain == "" {
@@ -205,15 +209,14 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
updateListenerReq := jdLbApi.NewUpdateListenerRequest(d.config.RegionId, cloudListenerId) updateListenerReq := jdLbApi.NewUpdateListenerRequest(d.config.RegionId, cloudListenerId)
updateListenerReq.SetCertificateSpecs([]jdLbModel.CertificateSpec{{CertificateId: cloudCertId}}) updateListenerReq.SetCertificateSpecs([]jdLbModel.CertificateSpec{{CertificateId: cloudCertId}})
updateListenerResp, err := d.sdkClient.UpdateListener(updateListenerReq) updateListenerResp, err := d.sdkClient.UpdateListener(updateListenerReq)
d.logger.Debug("sdk request 'lb.UpdateListener'", slog.Any("request", updateListenerReq), slog.Any("response", updateListenerResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'lb.UpdateListener'") return xerrors.Wrap(err, "failed to execute sdk request 'lb.UpdateListener'")
} else {
d.logger.Logt("已修改监听器信息", updateListenerResp)
} }
} else { } else {
// 指定 SNI需部署到扩展证书 // 指定 SNI需部署到扩展证书
extCertSpecs := slices.Filter(describeListenerResp.Result.Listener.ExtensionCertificateSpecs, func(extCertSpec jdLbModel.ExtensionCertificateSpec) bool { extCertSpecs := sliceutil.Filter(describeListenerResp.Result.Listener.ExtensionCertificateSpecs, func(extCertSpec jdLbModel.ExtensionCertificateSpec) bool {
return extCertSpec.Domain == d.config.Domain return extCertSpec.Domain == d.config.Domain
}) })
if len(extCertSpecs) == 0 { if len(extCertSpecs) == 0 {
@@ -225,7 +228,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
updateListenerCertificatesReq := jdLbApi.NewUpdateListenerCertificatesRequest( updateListenerCertificatesReq := jdLbApi.NewUpdateListenerCertificatesRequest(
d.config.RegionId, d.config.RegionId,
cloudListenerId, cloudListenerId,
slices.Map(extCertSpecs, func(extCertSpec jdLbModel.ExtensionCertificateSpec) jdLbModel.ExtCertificateUpdateSpec { sliceutil.Map(extCertSpecs, func(extCertSpec jdLbModel.ExtensionCertificateSpec) jdLbModel.ExtCertificateUpdateSpec {
return jdLbModel.ExtCertificateUpdateSpec{ return jdLbModel.ExtCertificateUpdateSpec{
CertificateBindId: extCertSpec.CertificateBindId, CertificateBindId: extCertSpec.CertificateBindId,
CertificateId: &cloudCertId, CertificateId: &cloudCertId,
@@ -234,10 +237,9 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
}), }),
) )
updateListenerCertificatesResp, err := d.sdkClient.UpdateListenerCertificates(updateListenerCertificatesReq) updateListenerCertificatesResp, err := d.sdkClient.UpdateListenerCertificates(updateListenerCertificatesReq)
d.logger.Debug("sdk request 'lb.UpdateListenerCertificates'", slog.Any("request", updateListenerCertificatesReq), slog.Any("response", updateListenerCertificatesResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'lb.UpdateListenerCertificates'") return xerrors.Wrap(err, "failed to execute sdk request 'lb.UpdateListenerCertificates'")
} else {
d.logger.Logt("已批量修改扩展证书", updateListenerCertificatesResp)
} }
} }

23
internal/pkg/core/deployer/providers/jdcloud-cdn/jdcloud_cdn.go
View File

@@ -2,6 +2,7 @@
import ( import (
"context" "context"
"log/slog"
jdCore "github.com/jdcloud-api/jdcloud-sdk-go/core" jdCore "github.com/jdcloud-api/jdcloud-sdk-go/core"
jdCdnApi "github.com/jdcloud-api/jdcloud-sdk-go/services/cdn/apis" jdCdnApi "github.com/jdcloud-api/jdcloud-sdk-go/services/cdn/apis"
@@ -9,7 +10,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/jdcloud-ssl" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/jdcloud-ssl"
) )
@@ -25,7 +25,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *jdCdnClient.CdnClient sdkClient *jdCdnClient.CdnClient
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -52,14 +52,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -68,10 +73,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// REF: https://docs.jdcloud.com/cn/cdn/api/querydomainconfig // REF: https://docs.jdcloud.com/cn/cdn/api/querydomainconfig
queryDomainConfigReq := jdCdnApi.NewQueryDomainConfigRequest(d.config.Domain) queryDomainConfigReq := jdCdnApi.NewQueryDomainConfigRequest(d.config.Domain)
queryDomainConfigResp, err := d.sdkClient.QueryDomainConfig(queryDomainConfigReq) queryDomainConfigResp, err := d.sdkClient.QueryDomainConfig(queryDomainConfigReq)
d.logger.Debug("sdk request 'cdn.QueryDomainConfig'", slog.Any("request", queryDomainConfigReq), slog.Any("response", queryDomainConfigResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.QueryDomainConfig'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.QueryDomainConfig'")
} else {
d.logger.Logt("已查询到域名配置信息", queryDomainConfigResp)
} }
// 上传证书到 SSL // 上传证书到 SSL
@@ -79,7 +83,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else { } else {
d.logger.Logt("certificate file uploaded", upres) d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
// 设置通讯协议 // 设置通讯协议
@@ -92,10 +96,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
setHttpTypeReq.SetSslCertId(upres.CertId) setHttpTypeReq.SetSslCertId(upres.CertId)
setHttpTypeReq.SetJumpType(queryDomainConfigResp.Result.HttpsJumpType) setHttpTypeReq.SetJumpType(queryDomainConfigResp.Result.HttpsJumpType)
setHttpTypeResp, err := d.sdkClient.SetHttpType(setHttpTypeReq) setHttpTypeResp, err := d.sdkClient.SetHttpType(setHttpTypeReq)
d.logger.Debug("sdk request 'cdn.QueryDomainConfig'", slog.Any("request", setHttpTypeReq), slog.Any("response", setHttpTypeResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.SetHttpType'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.SetHttpType'")
} else {
d.logger.Logt("已设置通讯协议", setHttpTypeResp)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

17
internal/pkg/core/deployer/providers/jdcloud-live/jdcloud_live.go
View File

@@ -2,6 +2,7 @@
import ( import (
"context" "context"
"log/slog"
jdCore "github.com/jdcloud-api/jdcloud-sdk-go/core" jdCore "github.com/jdcloud-api/jdcloud-sdk-go/core"
jdLiveApi "github.com/jdcloud-api/jdcloud-sdk-go/services/live/apis" jdLiveApi "github.com/jdcloud-api/jdcloud-sdk-go/services/live/apis"
@@ -9,7 +10,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
) )
type DeployerConfig struct { type DeployerConfig struct {
@@ -23,7 +23,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *jdLiveClient.LiveClient sdkClient *jdLiveClient.LiveClient
} }
@@ -41,13 +41,17 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -58,10 +62,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
setLiveDomainCertificateReq.SetCert(certPem) setLiveDomainCertificateReq.SetCert(certPem)
setLiveDomainCertificateReq.SetKey(privkeyPem) setLiveDomainCertificateReq.SetKey(privkeyPem)
setLiveDomainCertificateResp, err := d.sdkClient.SetLiveDomainCertificate(setLiveDomainCertificateReq) setLiveDomainCertificateResp, err := d.sdkClient.SetLiveDomainCertificate(setLiveDomainCertificateReq)
d.logger.Debug("sdk request 'live.SetLiveDomainCertificate'", slog.Any("request", setLiveDomainCertificateReq), slog.Any("response", setLiveDomainCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'live.SetLiveDomainCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'live.SetLiveDomainCertificate'")
} else {
d.logger.Logt("已设置直播证书", setLiveDomainCertificateResp)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

21
internal/pkg/core/deployer/providers/jdcloud-vod/jdcloud_vod.go
View File

@@ -3,6 +3,7 @@
import ( import (
"context" "context"
"fmt" "fmt"
"log/slog"
"strconv" "strconv"
"time" "time"
@@ -12,7 +13,6 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
) )
type DeployerConfig struct { type DeployerConfig struct {
@@ -26,7 +26,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *jdVodClient.VodClient sdkClient *jdVodClient.VodClient
} }
@@ -44,13 +44,17 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -65,6 +69,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
listDomainsReq.SetPageNumber(1) listDomainsReq.SetPageNumber(1)
listDomainsReq.SetPageSize(100) listDomainsReq.SetPageSize(100)
listDomainsResp, err := d.sdkClient.ListDomains(listDomainsReq) listDomainsResp, err := d.sdkClient.ListDomains(listDomainsReq)
d.logger.Debug("sdk request 'vod.ListDomains'", slog.Any("request", listDomainsReq), slog.Any("response", listDomainsResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'vod.ListDomains'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'vod.ListDomains'")
} }
@@ -90,10 +95,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// REF: https://docs.jdcloud.com/cn/video-on-demand/api/gethttpssl // REF: https://docs.jdcloud.com/cn/video-on-demand/api/gethttpssl
getHttpSslReq := jdVodApi.NewGetHttpSslRequest(domainId) getHttpSslReq := jdVodApi.NewGetHttpSslRequest(domainId)
getHttpSslResp, err := d.sdkClient.GetHttpSsl(getHttpSslReq) getHttpSslResp, err := d.sdkClient.GetHttpSsl(getHttpSslReq)
d.logger.Debug("sdk request 'vod.GetHttpSsl'", slog.Any("request", getHttpSslReq), slog.Any("response", getHttpSslResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'vod.GetHttpSsl'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'vod.GetHttpSsl'")
} else {
d.logger.Logt("已查询到域名 SSL 配置", getHttpSslResp)
} }
// 设置域名 SSL 配置 // 设置域名 SSL 配置
@@ -106,10 +110,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
setHttpSslReq.SetJumpType(getHttpSslResp.Result.JumpType) setHttpSslReq.SetJumpType(getHttpSslResp.Result.JumpType)
setHttpSslReq.SetEnabled(true) setHttpSslReq.SetEnabled(true)
setHttpSslResp, err := d.sdkClient.SetHttpSsl(setHttpSslReq) setHttpSslResp, err := d.sdkClient.SetHttpSsl(setHttpSslReq)
d.logger.Debug("sdk request 'vod.SetHttpSsl'", slog.Any("request", setHttpSslReq), slog.Any("response", setHttpSslResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'vod.SetHttpSsl'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'vod.SetHttpSsl'")
} else {
d.logger.Logt("已设置域名 SSL 配置", setHttpSslResp)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

27
internal/pkg/core/deployer/providers/k8s-secret/k8s_secret.go
View File

@@ -1,8 +1,9 @@
package k8ssecret package k8ssecret
import ( import (
"context" "context"
"errors" "errors"
"log/slog"
"strings" "strings"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
@@ -13,8 +14,7 @@ import (
"k8s.io/client-go/tools/clientcmd" "k8s.io/client-go/tools/clientcmd"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
"github.com/usual2970/certimate/internal/pkg/utils/certs"
) )
type DeployerConfig struct { type DeployerConfig struct {
@@ -34,7 +34,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
} }
var _ deployer.Deployer = (*DeployerProvider)(nil) var _ deployer.Deployer = (*DeployerProvider)(nil)
@@ -45,13 +45,17 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
} }
return &DeployerProvider{ return &DeployerProvider{
logger: logger.NewNilLogger(), logger: slog.Default(),
config: config, config: config,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -72,7 +76,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return nil, errors.New("config `secretDataKeyForKey` is required") return nil, errors.New("config `secretDataKeyForKey` is required")
} }
certX509, err := certs.ParseCertificateFromPEM(certPem) certX509, err := certutil.ParseCertificateFromPEM(certPem)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -110,11 +114,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
secretPayload.Data[d.config.SecretDataKeyForCrt] = []byte(certPem) secretPayload.Data[d.config.SecretDataKeyForCrt] = []byte(certPem)
secretPayload.Data[d.config.SecretDataKeyForKey] = []byte(privkeyPem) secretPayload.Data[d.config.SecretDataKeyForKey] = []byte(privkeyPem)
_, err = client.CoreV1().Secrets(d.config.Namespace).Create(context.TODO(), secretPayload, k8sMeta.CreateOptions{}) secretPayload, err = client.CoreV1().Secrets(d.config.Namespace).Create(context.TODO(), secretPayload, k8sMeta.CreateOptions{})
d.logger.Debug("k8s operate 'Secrets.Create'", slog.String("namespace", d.config.Namespace), slog.Any("secret", secretPayload))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to create k8s secret") return nil, xerrors.Wrap(err, "failed to create k8s secret")
} else { } else {
d.logger.Logf("k8s secret created", secretPayload)
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }
} }
@@ -134,12 +138,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
secretPayload.Data[d.config.SecretDataKeyForCrt] = []byte(certPem) secretPayload.Data[d.config.SecretDataKeyForCrt] = []byte(certPem)
secretPayload.Data[d.config.SecretDataKeyForKey] = []byte(privkeyPem) secretPayload.Data[d.config.SecretDataKeyForKey] = []byte(privkeyPem)
secretPayload, err = client.CoreV1().Secrets(d.config.Namespace).Update(context.TODO(), secretPayload, k8sMeta.UpdateOptions{}) secretPayload, err = client.CoreV1().Secrets(d.config.Namespace).Update(context.TODO(), secretPayload, k8sMeta.UpdateOptions{})
d.logger.Debug("k8s operate 'Secrets.Update'", slog.String("namespace", d.config.Namespace), slog.Any("secret", secretPayload))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to update k8s secret") return nil, xerrors.Wrap(err, "failed to update k8s secret")
} }
d.logger.Logf("k8s secret updated", secretPayload)
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }

56
internal/pkg/core/deployer/providers/local/local.go
View File

@@ -1,18 +1,18 @@
package local package local
import ( import (
"bytes" "bytes"
"context" "context"
"fmt" "fmt"
"log/slog"
"os/exec" "os/exec"
"runtime" "runtime"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
"github.com/usual2970/certimate/internal/pkg/utils/certs" "github.com/usual2970/certimate/internal/pkg/utils/fileutil"
"github.com/usual2970/certimate/internal/pkg/utils/files"
) )
type DeployerConfig struct { type DeployerConfig struct {
@@ -45,7 +45,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
} }
var _ deployer.Deployer = (*DeployerProvider)(nil) var _ deployer.Deployer = (*DeployerProvider)(nil)
@@ -57,12 +57,16 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -70,55 +74,48 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 执行前置命令 // 执行前置命令
if d.config.PreCommand != "" { if d.config.PreCommand != "" {
stdout, stderr, err := execCommand(d.config.ShellEnv, d.config.PreCommand) stdout, stderr, err := execCommand(d.config.ShellEnv, d.config.PreCommand)
d.logger.Debug("run pre-command", slog.String("stdout", stdout), slog.String("stderr", stderr))
if err != nil { if err != nil {
return nil, xerrors.Wrapf(err, "failed to execute pre-command, stdout: %s, stderr: %s", stdout, stderr) return nil, xerrors.Wrapf(err, "failed to execute pre-command, stdout: %s, stderr: %s", stdout, stderr)
} }
d.logger.Logt("pre-command executed", stdout)
} }
// 写入证书和私钥文件 // 写入证书和私钥文件
switch d.config.OutputFormat { switch d.config.OutputFormat {
case OUTPUT_FORMAT_PEM: case OUTPUT_FORMAT_PEM:
if err := files.WriteString(d.config.OutputCertPath, certPem); err != nil { if err := fileutil.WriteString(d.config.OutputCertPath, certPem); err != nil {
return nil, xerrors.Wrap(err, "failed to save certificate file") return nil, xerrors.Wrap(err, "failed to save certificate file")
} }
d.logger.Info("ssl certificate file saved", slog.String("path", d.config.OutputCertPath))
d.logger.Logt("certificate file saved") if err := fileutil.WriteString(d.config.OutputKeyPath, privkeyPem); err != nil {
if err := files.WriteString(d.config.OutputKeyPath, privkeyPem); err != nil {
return nil, xerrors.Wrap(err, "failed to save private key file") return nil, xerrors.Wrap(err, "failed to save private key file")
} }
d.logger.Info("ssl private key file saved", slog.String("path", d.config.OutputKeyPath))
d.logger.Logt("private key file saved")
case OUTPUT_FORMAT_PFX: case OUTPUT_FORMAT_PFX:
pfxData, err := certs.TransformCertificateFromPEMToPFX(certPem, privkeyPem, d.config.PfxPassword) pfxData, err := certutil.TransformCertificateFromPEMToPFX(certPem, privkeyPem, d.config.PfxPassword)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to transform certificate to PFX") return nil, xerrors.Wrap(err, "failed to transform certificate to PFX")
} }
d.logger.Info("ssl certificate transformed to pfx")
d.logger.Logt("certificate transformed to PFX") if err := fileutil.Write(d.config.OutputCertPath, pfxData); err != nil {
if err := files.Write(d.config.OutputCertPath, pfxData); err != nil {
return nil, xerrors.Wrap(err, "failed to save certificate file") return nil, xerrors.Wrap(err, "failed to save certificate file")
} }
d.logger.Info("ssl certificate file saved", slog.String("path", d.config.OutputCertPath))
d.logger.Logt("certificate file saved")
case OUTPUT_FORMAT_JKS: case OUTPUT_FORMAT_JKS:
jksData, err := certs.TransformCertificateFromPEMToJKS(certPem, privkeyPem, d.config.JksAlias, d.config.JksKeypass, d.config.JksStorepass) jksData, err := certutil.TransformCertificateFromPEMToJKS(certPem, privkeyPem, d.config.JksAlias, d.config.JksKeypass, d.config.JksStorepass)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to transform certificate to JKS") return nil, xerrors.Wrap(err, "failed to transform certificate to JKS")
} }
d.logger.Info("ssl certificate transformed to jks")
d.logger.Logt("certificate transformed to JKS") if err := fileutil.Write(d.config.OutputCertPath, jksData); err != nil {
if err := files.Write(d.config.OutputCertPath, jksData); err != nil {
return nil, xerrors.Wrap(err, "failed to save certificate file") return nil, xerrors.Wrap(err, "failed to save certificate file")
} }
d.logger.Info("ssl certificate file saved", slog.String("path", d.config.OutputCertPath))
d.logger.Logt("certificate file uploaded")
default: default:
return nil, fmt.Errorf("unsupported output format: %s", d.config.OutputFormat) return nil, fmt.Errorf("unsupported output format: %s", d.config.OutputFormat)
@@ -127,11 +124,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 执行后置命令 // 执行后置命令
if d.config.PostCommand != "" { if d.config.PostCommand != "" {
stdout, stderr, err := execCommand(d.config.ShellEnv, d.config.PostCommand) stdout, stderr, err := execCommand(d.config.ShellEnv, d.config.PostCommand)
d.logger.Debug("run post-command", slog.String("stdout", stdout), slog.String("stderr", stderr))
if err != nil { if err != nil {
return nil, xerrors.Wrapf(err, "failed to execute post-command, stdout: %s, stderr: %s", stdout, stderr) return nil, xerrors.Wrapf(err, "failed to execute post-command, stdout: %s, stderr: %s", stdout, stderr)
} }
d.logger.Logt("post-command executed", stdout)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

28
internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn.go
View File

@@ -2,13 +2,13 @@
import ( import (
"context" "context"
"log/slog"
"strings" "strings"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/qiniu/go-sdk/v7/auth" "github.com/qiniu/go-sdk/v7/auth"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/qiniu-sslcert" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/qiniu-sslcert"
qiniusdk "github.com/usual2970/certimate/internal/pkg/vendors/qiniu-sdk" qiniusdk "github.com/usual2970/certimate/internal/pkg/vendors/qiniu-sdk"
@@ -25,7 +25,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *qiniusdk.Client sdkClient *qiniusdk.Client
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -49,14 +49,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -65,38 +70,35 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// "*.example.com" → ".example.com",适配七牛云 CDN 要求的泛域名格式 // "*.example.com" → ".example.com",适配七牛云 CDN 要求的泛域名格式
domain := strings.TrimPrefix(d.config.Domain, "*") domain := strings.TrimPrefix(d.config.Domain, "*")
// 获取域名信息 // 获取域名信息
// REF: https://developer.qiniu.com/fusion/4246/the-domain-name // REF: https://developer.qiniu.com/fusion/4246/the-domain-name
getDomainInfoResp, err := d.sdkClient.GetDomainInfo(context.TODO(), domain) getDomainInfoResp, err := d.sdkClient.GetDomainInfo(context.TODO(), domain)
d.logger.Debug("sdk request 'cdn.GetDomainInfo'", slog.String("request.domain", domain), slog.Any("response", getDomainInfoResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.GetDomainInfo'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.GetDomainInfo'")
} }
d.logger.Logt("已获取域名信息", getDomainInfoResp)
// 判断域名是否已启用 HTTPS。如果已启用修改域名证书否则启用 HTTPS // 判断域名是否已启用 HTTPS。如果已启用修改域名证书否则启用 HTTPS
// REF: https://developer.qiniu.com/fusion/4246/the-domain-name // REF: https://developer.qiniu.com/fusion/4246/the-domain-name
if getDomainInfoResp.Https != nil && getDomainInfoResp.Https.CertID != "" { if getDomainInfoResp.Https != nil && getDomainInfoResp.Https.CertID != "" {
modifyDomainHttpsConfResp, err := d.sdkClient.ModifyDomainHttpsConf(context.TODO(), domain, upres.CertId, getDomainInfoResp.Https.ForceHttps, getDomainInfoResp.Https.Http2Enable) modifyDomainHttpsConfResp, err := d.sdkClient.ModifyDomainHttpsConf(context.TODO(), domain, upres.CertId, getDomainInfoResp.Https.ForceHttps, getDomainInfoResp.Https.Http2Enable)
d.logger.Debug("sdk request 'cdn.ModifyDomainHttpsConf'", slog.String("request.domain", domain), slog.String("request.certId", upres.CertId), slog.Any("response", modifyDomainHttpsConfResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.ModifyDomainHttpsConf'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.ModifyDomainHttpsConf'")
} }
d.logger.Logt("已修改域名证书", modifyDomainHttpsConfResp)
} else { } else {
enableDomainHttpsResp, err := d.sdkClient.EnableDomainHttps(context.TODO(), domain, upres.CertId, true, true) enableDomainHttpsResp, err := d.sdkClient.EnableDomainHttps(context.TODO(), domain, upres.CertId, true, true)
d.logger.Debug("sdk request 'cdn.EnableDomainHttps'", slog.String("request.domain", domain), slog.String("request.certId", upres.CertId), slog.Any("response", enableDomainHttpsResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.EnableDomainHttps'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.EnableDomainHttps'")
} }
d.logger.Logt("已将域名升级为 HTTPS", enableDomainHttpsResp)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

22
internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili.go
View File

@@ -2,12 +2,12 @@
import ( import (
"context" "context"
"log/slog"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/qiniu/go-sdk/v7/pili" "github.com/qiniu/go-sdk/v7/pili"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/qiniu-sslcert" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/qiniu-sslcert"
) )
@@ -25,7 +25,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *pili.Manager sdkClient *pili.Manager
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -49,14 +49,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: manager, sdkClient: manager,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -65,10 +70,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 修改域名证书配置 // 修改域名证书配置
// REF: https://developer.qiniu.com/pili/9910/pili-service-sdk#66 // REF: https://developer.qiniu.com/pili/9910/pili-service-sdk#66
setDomainCertReq := pili.SetDomainCertRequest{ setDomainCertReq := pili.SetDomainCertRequest{
@@ -77,11 +82,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
CertName: upres.CertName, CertName: upres.CertName,
} }
err = d.sdkClient.SetDomainCert(context.TODO(), setDomainCertReq) err = d.sdkClient.SetDomainCert(context.TODO(), setDomainCertReq)
d.logger.Debug("sdk request 'pili.SetDomainCert'", slog.Any("request", setDomainCertReq))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'pili.SetDomainCert'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'pili.SetDomainCert'")
} }
d.logger.Logt("已修改域名证书配置")
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }

17
internal/pkg/core/deployer/providers/safeline/safeline.go
View File

@@ -5,12 +5,12 @@ import (
"crypto/tls" "crypto/tls"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"net/url" "net/url"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
safelinesdk "github.com/usual2970/certimate/internal/pkg/vendors/safeline-sdk" safelinesdk "github.com/usual2970/certimate/internal/pkg/vendors/safeline-sdk"
) )
@@ -30,7 +30,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *safelinesdk.Client sdkClient *safelinesdk.Client
} }
@@ -48,13 +48,17 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -88,10 +92,9 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem stri
}, },
} }
updateCertificateResp, err := d.sdkClient.UpdateCertificate(updateCertificateReq) updateCertificateResp, err := d.sdkClient.UpdateCertificate(updateCertificateReq)
d.logger.Debug("sdk request 'safeline.UpdateCertificate'", slog.Any("request", updateCertificateReq), slog.Any("response", updateCertificateResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'safeline.UpdateCertificate'") return xerrors.Wrap(err, "failed to execute sdk request 'safeline.UpdateCertificate'")
} else {
d.logger.Logt("已更新证书", updateCertificateResp)
} }
return nil return nil

48
internal/pkg/core/deployer/providers/ssh/ssh.go
View File

@@ -1,9 +1,10 @@
package ssh package ssh
import ( import (
"bytes" "bytes"
"context" "context"
"fmt" "fmt"
"log/slog"
"os" "os"
"path/filepath" "path/filepath"
@@ -13,8 +14,7 @@ import (
"golang.org/x/crypto/ssh" "golang.org/x/crypto/ssh"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
"github.com/usual2970/certimate/internal/pkg/utils/certs"
) )
type DeployerConfig struct { type DeployerConfig struct {
@@ -60,7 +60,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
} }
var _ deployer.Deployer = (*DeployerProvider)(nil) var _ deployer.Deployer = (*DeployerProvider)(nil)
@@ -72,12 +72,16 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
@@ -96,16 +100,15 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
} }
defer client.Close() defer client.Close()
d.logger.Logt("SSH connected") d.logger.Info("ssh connected")
// 执行前置命令 // 执行前置命令
if d.config.PreCommand != "" { if d.config.PreCommand != "" {
stdout, stderr, err := execSshCommand(client, d.config.PreCommand) stdout, stderr, err := execSshCommand(client, d.config.PreCommand)
d.logger.Debug("run pre-command", slog.String("stdout", stdout), slog.String("stderr", stderr))
if err != nil { if err != nil {
return nil, xerrors.Wrapf(err, "failed to execute pre-command: stdout: %s, stderr: %s", stdout, stderr) return nil, xerrors.Wrapf(err, "failed to execute pre-command: stdout: %s, stderr: %s", stdout, stderr)
} }
d.logger.Logt("SSH pre-command executed", stdout)
} }
// 上传证书和私钥文件 // 上传证书和私钥文件
@@ -114,42 +117,36 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
if err := writeFileString(client, d.config.UseSCP, d.config.OutputCertPath, certPem); err != nil { if err := writeFileString(client, d.config.UseSCP, d.config.OutputCertPath, certPem); err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} }
d.logger.Info("ssl certificate file uploaded", slog.String("path", d.config.OutputCertPath))
d.logger.Logt("certificate file uploaded")
if err := writeFileString(client, d.config.UseSCP, d.config.OutputKeyPath, privkeyPem); err != nil { if err := writeFileString(client, d.config.UseSCP, d.config.OutputKeyPath, privkeyPem); err != nil {
return nil, xerrors.Wrap(err, "failed to upload private key file") return nil, xerrors.Wrap(err, "failed to upload private key file")
} }
d.logger.Info("ssl private key file uploaded", slog.String("path", d.config.OutputKeyPath))
d.logger.Logt("private key file uploaded")
case OUTPUT_FORMAT_PFX: case OUTPUT_FORMAT_PFX:
pfxData, err := certs.TransformCertificateFromPEMToPFX(certPem, privkeyPem, d.config.PfxPassword) pfxData, err := certutil.TransformCertificateFromPEMToPFX(certPem, privkeyPem, d.config.PfxPassword)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to transform certificate to PFX") return nil, xerrors.Wrap(err, "failed to transform certificate to PFX")
} }
d.logger.Info("ssl certificate transformed to pfx")
d.logger.Logt("certificate transformed to PFX")
if err := writeFile(client, d.config.UseSCP, d.config.OutputCertPath, pfxData); err != nil { if err := writeFile(client, d.config.UseSCP, d.config.OutputCertPath, pfxData); err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} }
d.logger.Info("ssl certificate file uploaded", slog.String("path", d.config.OutputCertPath))
d.logger.Logt("certificate file uploaded")
case OUTPUT_FORMAT_JKS: case OUTPUT_FORMAT_JKS:
jksData, err := certs.TransformCertificateFromPEMToJKS(certPem, privkeyPem, d.config.JksAlias, d.config.JksKeypass, d.config.JksStorepass) jksData, err := certutil.TransformCertificateFromPEMToJKS(certPem, privkeyPem, d.config.JksAlias, d.config.JksKeypass, d.config.JksStorepass)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to transform certificate to JKS") return nil, xerrors.Wrap(err, "failed to transform certificate to JKS")
} }
d.logger.Info("ssl certificate transformed to jks")
d.logger.Logt("certificate transformed to JKS")
if err := writeFile(client, d.config.UseSCP, d.config.OutputCertPath, jksData); err != nil { if err := writeFile(client, d.config.UseSCP, d.config.OutputCertPath, jksData); err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} }
d.logger.Info("ssl certificate file uploaded", slog.String("path", d.config.OutputCertPath))
d.logger.Logt("certificate file uploaded")
default: default:
return nil, fmt.Errorf("unsupported output format: %s", d.config.OutputFormat) return nil, fmt.Errorf("unsupported output format: %s", d.config.OutputFormat)
@@ -158,11 +155,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 执行后置命令 // 执行后置命令
if d.config.PostCommand != "" { if d.config.PostCommand != "" {
stdout, stderr, err := execSshCommand(client, d.config.PostCommand) stdout, stderr, err := execSshCommand(client, d.config.PostCommand)
d.logger.Debug("run post-command", slog.String("stdout", stdout), slog.String("stderr", stderr))
if err != nil { if err != nil {
return nil, xerrors.Wrapf(err, "failed to execute post-command, stdout: %s, stderr: %s", stdout, stderr) return nil, xerrors.Wrapf(err, "failed to execute post-command, stdout: %s, stderr: %s", stdout, stderr)
} }
d.logger.Logt("SSH post-command executed", stdout)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

28
internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go
View File

@@ -2,6 +2,7 @@
import ( import (
"context" "context"
"log/slog"
"strings" "strings"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
@@ -12,7 +13,6 @@ import (
"golang.org/x/exp/slices" "golang.org/x/exp/slices"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
) )
@@ -28,7 +28,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClients *wSdkClients sdkClients *wSdkClients
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -60,14 +60,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClients: clients, sdkClients: clients,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -76,10 +81,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 获取待部署的 CDN 实例 // 获取待部署的 CDN 实例
// 如果是泛域名,根据证书匹配 CDN 实例 // 如果是泛域名,根据证书匹配 CDN 实例
instanceIds := make([]string, 0) instanceIds := make([]string, 0)
@@ -111,8 +116,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
} }
if len(instanceIds) == 0 { if len(instanceIds) == 0 {
d.logger.Logt("已部署过或没有要部署的 CDN 实例") d.logger.Info("no cdn instances to deploy")
} else { } else {
d.logger.Info("found cdn instances to deploy", slog.Any("instanceIds", instanceIds))
// 证书部署到 CDN 实例 // 证书部署到 CDN 实例
// REF: https://cloud.tencent.com/document/product/400/91667 // REF: https://cloud.tencent.com/document/product/400/91667
deployCertificateInstanceReq := tcSsl.NewDeployCertificateInstanceRequest() deployCertificateInstanceReq := tcSsl.NewDeployCertificateInstanceRequest()
@@ -121,11 +128,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
deployCertificateInstanceReq.Status = common.Int64Ptr(1) deployCertificateInstanceReq.Status = common.Int64Ptr(1)
deployCertificateInstanceReq.InstanceIdList = common.StringPtrs(instanceIds) deployCertificateInstanceReq.InstanceIdList = common.StringPtrs(instanceIds)
deployCertificateInstanceResp, err := d.sdkClients.ssl.DeployCertificateInstance(deployCertificateInstanceReq) deployCertificateInstanceResp, err := d.sdkClients.ssl.DeployCertificateInstance(deployCertificateInstanceReq)
d.logger.Debug("sdk request 'ssl.DeployCertificateInstance'", slog.Any("request", deployCertificateInstanceReq), slog.Any("response", deployCertificateInstanceResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.DeployCertificateInstance'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.DeployCertificateInstance'")
} }
d.logger.Logt("已部署证书到云资源实例", deployCertificateInstanceResp.Response)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
@@ -138,6 +144,7 @@ func (d *DeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]stri
describeCertDomainsReq.CertId = common.StringPtr(cloudCertId) describeCertDomainsReq.CertId = common.StringPtr(cloudCertId)
describeCertDomainsReq.Product = common.StringPtr("cdn") describeCertDomainsReq.Product = common.StringPtr("cdn")
describeCertDomainsResp, err := d.sdkClients.cdn.DescribeCertDomains(describeCertDomainsReq) describeCertDomainsResp, err := d.sdkClients.cdn.DescribeCertDomains(describeCertDomainsReq)
d.logger.Debug("sdk request 'cdn.DescribeCertDomains'", slog.Any("request", describeCertDomainsReq), slog.Any("response", describeCertDomainsResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.DescribeCertDomains'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.DescribeCertDomains'")
} }
@@ -159,6 +166,7 @@ func (d *DeployerProvider) getDeployedDomainsByCertificateId(cloudCertId string)
describeDeployedResourcesReq.CertificateIds = common.StringPtrs([]string{cloudCertId}) describeDeployedResourcesReq.CertificateIds = common.StringPtrs([]string{cloudCertId})
describeDeployedResourcesReq.ResourceType = common.StringPtr("cdn") describeDeployedResourcesReq.ResourceType = common.StringPtr("cdn")
describeDeployedResourcesResp, err := d.sdkClients.ssl.DescribeDeployedResources(describeDeployedResourcesReq) describeDeployedResourcesResp, err := d.sdkClients.ssl.DescribeDeployedResources(describeDeployedResourcesReq)
d.logger.Debug("sdk request 'cdn.DescribeDeployedResources'", slog.Any("request", describeDeployedResourcesReq), slog.Any("response", describeDeployedResourcesResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.DescribeDeployedResources'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.DescribeDeployedResources'")
} }

40
internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
tcClb "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb/v20180317" tcClb "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb/v20180317"
@@ -12,7 +13,6 @@ import (
tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
) )
@@ -39,7 +39,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClients *wSdkClients sdkClients *wSdkClients
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -71,14 +71,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClients: clients, sdkClients: clients,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -87,10 +92,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 根据部署资源类型决定部署方式 // 根据部署资源类型决定部署方式
switch d.config.ResourceType { switch d.config.ResourceType {
case RESOURCE_TYPE_VIA_SSLDEPLOY: case RESOURCE_TYPE_VIA_SSLDEPLOY:
@@ -142,12 +147,11 @@ func (d *DeployerProvider) deployViaSslService(ctx context.Context, cloudCertId
deployCertificateInstanceReq.InstanceIdList = common.StringPtrs([]string{fmt.Sprintf("%s|%s|%s", d.config.LoadbalancerId, d.config.ListenerId, d.config.Domain)}) deployCertificateInstanceReq.InstanceIdList = common.StringPtrs([]string{fmt.Sprintf("%s|%s|%s", d.config.LoadbalancerId, d.config.ListenerId, d.config.Domain)})
} }
deployCertificateInstanceResp, err := d.sdkClients.ssl.DeployCertificateInstance(deployCertificateInstanceReq) deployCertificateInstanceResp, err := d.sdkClients.ssl.DeployCertificateInstance(deployCertificateInstanceReq)
d.logger.Debug("sdk request 'ssl.DeployCertificateInstance'", slog.Any("request", deployCertificateInstanceReq), slog.Any("response", deployCertificateInstanceResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'ssl.DeployCertificateInstance'") return xerrors.Wrap(err, "failed to execute sdk request 'ssl.DeployCertificateInstance'")
} }
d.logger.Logt("已部署证书到云资源实例", deployCertificateInstanceResp.Response)
return nil return nil
} }
@@ -162,6 +166,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
describeListenersReq := tcClb.NewDescribeListenersRequest() describeListenersReq := tcClb.NewDescribeListenersRequest()
describeListenersReq.LoadBalancerId = common.StringPtr(d.config.LoadbalancerId) describeListenersReq.LoadBalancerId = common.StringPtr(d.config.LoadbalancerId)
describeListenersResp, err := d.sdkClients.clb.DescribeListeners(describeListenersReq) describeListenersResp, err := d.sdkClients.clb.DescribeListeners(describeListenersReq)
d.logger.Debug("sdk request 'clb.DescribeListeners'", slog.Any("request", describeListenersReq), slog.Any("response", describeListenersResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'clb.DescribeListeners'") return xerrors.Wrap(err, "failed to execute sdk request 'clb.DescribeListeners'")
} else { } else {
@@ -176,12 +181,11 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
} }
} }
d.logger.Logt("已查询到负载均衡器下的监听器", listenerIds)
// 遍历更新监听器证书 // 遍历更新监听器证书
if len(listenerIds) == 0 { if len(listenerIds) == 0 {
return errors.New("listener not found") d.logger.Info("no clb listeners to deploy")
} else { } else {
d.logger.Info("found https/tcpssl/quic listeners to deploy", slog.Any("listenerIds", listenerIds))
var errs []error var errs []error
for _, listenerId := range listenerIds { for _, listenerId := range listenerIds {
@@ -236,12 +240,11 @@ func (d *DeployerProvider) deployToRuleDomain(ctx context.Context, cloudCertId s
CertId: common.StringPtr(cloudCertId), CertId: common.StringPtr(cloudCertId),
} }
modifyDomainAttributesResp, err := d.sdkClients.clb.ModifyDomainAttributes(modifyDomainAttributesReq) modifyDomainAttributesResp, err := d.sdkClients.clb.ModifyDomainAttributes(modifyDomainAttributesReq)
d.logger.Debug("sdk request 'clb.ModifyDomainAttributes'", slog.Any("request", modifyDomainAttributesReq), slog.Any("response", modifyDomainAttributesResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'clb.ModifyDomainAttributes'") return xerrors.Wrap(err, "failed to execute sdk request 'clb.ModifyDomainAttributes'")
} }
d.logger.Logt("已修改七层监听器转发规则的域名级别属性", modifyDomainAttributesResp.Response)
return nil return nil
} }
@@ -252,15 +255,13 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL
describeListenersReq.LoadBalancerId = common.StringPtr(cloudLoadbalancerId) describeListenersReq.LoadBalancerId = common.StringPtr(cloudLoadbalancerId)
describeListenersReq.ListenerIds = common.StringPtrs([]string{cloudListenerId}) describeListenersReq.ListenerIds = common.StringPtrs([]string{cloudListenerId})
describeListenersResp, err := d.sdkClients.clb.DescribeListeners(describeListenersReq) describeListenersResp, err := d.sdkClients.clb.DescribeListeners(describeListenersReq)
d.logger.Debug("sdk request 'clb.DescribeListeners'", slog.Any("request", describeListenersReq), slog.Any("response", describeListenersResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'clb.DescribeListeners'") return xerrors.Wrap(err, "failed to execute sdk request 'clb.DescribeListeners'")
} } else if len(describeListenersResp.Response.Listeners) == 0 {
if len(describeListenersResp.Response.Listeners) == 0 {
return errors.New("listener not found") return errors.New("listener not found")
} }
d.logger.Logt("已查询到监听器属性", describeListenersResp.Response)
// 修改监听器属性 // 修改监听器属性
// REF: https://cloud.tencent.com/document/product/214/30681 // REF: https://cloud.tencent.com/document/product/214/30681
modifyListenerReq := tcClb.NewModifyListenerRequest() modifyListenerReq := tcClb.NewModifyListenerRequest()
@@ -274,12 +275,11 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL
modifyListenerReq.Certificate.SSLMode = common.StringPtr("UNIDIRECTIONAL") modifyListenerReq.Certificate.SSLMode = common.StringPtr("UNIDIRECTIONAL")
} }
modifyListenerResp, err := d.sdkClients.clb.ModifyListener(modifyListenerReq) modifyListenerResp, err := d.sdkClients.clb.ModifyListener(modifyListenerReq)
d.logger.Debug("sdk request 'clb.ModifyListener'", slog.Any("request", modifyListenerReq), slog.Any("response", modifyListenerResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'clb.ModifyListener'") return xerrors.Wrap(err, "failed to execute sdk request 'clb.ModifyListener'")
} }
d.logger.Logt("已修改监听器属性", modifyListenerResp.Response)
return nil return nil
} }

22
internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common" "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
@@ -11,7 +12,6 @@ import (
tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
) )
@@ -31,7 +31,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *tcSsl.Client sdkClient *tcSsl.Client
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -58,14 +58,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -81,10 +86,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 证书部署到 COS 实例 // 证书部署到 COS 实例
// REF: https://cloud.tencent.com/document/product/400/91667 // REF: https://cloud.tencent.com/document/product/400/91667
deployCertificateInstanceReq := tcSsl.NewDeployCertificateInstanceRequest() deployCertificateInstanceReq := tcSsl.NewDeployCertificateInstanceRequest()
@@ -93,12 +98,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
deployCertificateInstanceReq.Status = common.Int64Ptr(1) deployCertificateInstanceReq.Status = common.Int64Ptr(1)
deployCertificateInstanceReq.InstanceIdList = common.StringPtrs([]string{fmt.Sprintf("%s#%s#%s", d.config.Region, d.config.Bucket, d.config.Domain)}) deployCertificateInstanceReq.InstanceIdList = common.StringPtrs([]string{fmt.Sprintf("%s#%s#%s", d.config.Region, d.config.Bucket, d.config.Domain)})
deployCertificateInstanceResp, err := d.sdkClient.DeployCertificateInstance(deployCertificateInstanceReq) deployCertificateInstanceResp, err := d.sdkClient.DeployCertificateInstance(deployCertificateInstanceReq)
d.logger.Debug("sdk request 'ssl.DeployCertificateInstance'", slog.Any("request", deployCertificateInstanceReq), slog.Any("response", deployCertificateInstanceResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.DeployCertificateInstance'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.DeployCertificateInstance'")
} }
d.logger.Logt("已部署证书到云资源实例", deployCertificateInstanceResp.Response)
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }

22
internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css.go
View File

@@ -2,6 +2,7 @@
import ( import (
"context" "context"
"log/slog"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common" "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
@@ -9,7 +10,6 @@ import (
tcLive "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/live/v20180801" tcLive "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/live/v20180801"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
) )
@@ -25,7 +25,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *tcLive.Client sdkClient *tcLive.Client
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -52,14 +52,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -68,10 +73,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 绑定证书对应的播放域名 // 绑定证书对应的播放域名
// REF: https://cloud.tencent.com/document/product/267/78655 // REF: https://cloud.tencent.com/document/product/267/78655
modifyLiveDomainCertBindingsReq := &tcLive.ModifyLiveDomainCertBindingsRequest{ modifyLiveDomainCertBindingsReq := &tcLive.ModifyLiveDomainCertBindingsRequest{
@@ -84,12 +89,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
CloudCertId: common.StringPtr(upres.CertId), CloudCertId: common.StringPtr(upres.CertId),
} }
modifyLiveDomainCertBindingsResp, err := d.sdkClient.ModifyLiveDomainCertBindings(modifyLiveDomainCertBindingsReq) modifyLiveDomainCertBindingsResp, err := d.sdkClient.ModifyLiveDomainCertBindings(modifyLiveDomainCertBindingsReq)
d.logger.Debug("sdk request 'live.ModifyLiveDomainCertBindings'", slog.Any("request", modifyLiveDomainCertBindingsReq), slog.Any("response", modifyLiveDomainCertBindingsResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'live.ModifyLiveDomainCertBindings'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'live.ModifyLiveDomainCertBindings'")
} }
d.logger.Logt("已部署证书到云资源实例", modifyLiveDomainCertBindingsResp.Response)
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }

27
internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go
View File

@@ -2,6 +2,7 @@
import ( import (
"context" "context"
"log/slog"
"strings" "strings"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
@@ -11,7 +12,6 @@ import (
tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
) )
@@ -27,7 +27,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClients *wSdkClients sdkClients *wSdkClients
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -59,14 +59,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClients: clients, sdkClients: clients,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -75,10 +80,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 获取待部署的 CDN 实例 // 获取待部署的 CDN 实例
// 如果是泛域名,根据证书匹配 CDN 实例 // 如果是泛域名,根据证书匹配 CDN 实例
instanceIds := make([]string, 0) instanceIds := make([]string, 0)
@@ -94,8 +99,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
} }
if len(instanceIds) == 0 { if len(instanceIds) == 0 {
d.logger.Logt("已部署过或没有要部署的 ECDN 实例") d.logger.Info("no ecdn instances to deploy")
} else { } else {
d.logger.Info("found ecdn instances to deploy", slog.Any("instanceIds", instanceIds))
// 证书部署到 ECDN 实例 // 证书部署到 ECDN 实例
// REF: https://cloud.tencent.com/document/product/400/91667 // REF: https://cloud.tencent.com/document/product/400/91667
deployCertificateInstanceReq := tcSsl.NewDeployCertificateInstanceRequest() deployCertificateInstanceReq := tcSsl.NewDeployCertificateInstanceRequest()
@@ -104,11 +111,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
deployCertificateInstanceReq.Status = common.Int64Ptr(1) deployCertificateInstanceReq.Status = common.Int64Ptr(1)
deployCertificateInstanceReq.InstanceIdList = common.StringPtrs(instanceIds) deployCertificateInstanceReq.InstanceIdList = common.StringPtrs(instanceIds)
deployCertificateInstanceResp, err := d.sdkClients.ssl.DeployCertificateInstance(deployCertificateInstanceReq) deployCertificateInstanceResp, err := d.sdkClients.ssl.DeployCertificateInstance(deployCertificateInstanceReq)
d.logger.Debug("sdk request 'ssl.DeployCertificateInstance'", slog.Any("request", deployCertificateInstanceReq), slog.Any("response", deployCertificateInstanceResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.DeployCertificateInstance'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.DeployCertificateInstance'")
} }
d.logger.Logt("已部署证书到云资源实例", deployCertificateInstanceResp.Response)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
@@ -121,6 +127,7 @@ func (d *DeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]stri
describeCertDomainsReq.CertId = common.StringPtr(cloudCertId) describeCertDomainsReq.CertId = common.StringPtr(cloudCertId)
describeCertDomainsReq.Product = common.StringPtr("ecdn") describeCertDomainsReq.Product = common.StringPtr("ecdn")
describeCertDomainsResp, err := d.sdkClients.cdn.DescribeCertDomains(describeCertDomainsReq) describeCertDomainsResp, err := d.sdkClients.cdn.DescribeCertDomains(describeCertDomainsReq)
d.logger.Debug("sdk request 'cdn.DescribeCertDomains'", slog.Any("request", describeCertDomainsReq), slog.Any("response", describeCertDomainsResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.DescribeCertDomains'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.DescribeCertDomains'")
} }

22
internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go
View File

@@ -3,6 +3,7 @@
import ( import (
"context" "context"
"errors" "errors"
"log/slog"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common" "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
@@ -11,7 +12,6 @@ import (
tcTeo "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901" tcTeo "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
) )
@@ -29,7 +29,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClients *wSdkClients sdkClients *wSdkClients
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -61,14 +61,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClients: clients, sdkClients: clients,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -81,10 +86,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 配置域名证书 // 配置域名证书
// REF: https://cloud.tencent.com/document/product/1552/80764 // REF: https://cloud.tencent.com/document/product/1552/80764
modifyHostsCertificateReq := tcTeo.NewModifyHostsCertificateRequest() modifyHostsCertificateReq := tcTeo.NewModifyHostsCertificateRequest()
@@ -93,12 +98,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
modifyHostsCertificateReq.Hosts = common.StringPtrs([]string{d.config.Domain}) modifyHostsCertificateReq.Hosts = common.StringPtrs([]string{d.config.Domain})
modifyHostsCertificateReq.ServerCertInfo = []*tcTeo.ServerCertInfo{{CertId: common.StringPtr(upres.CertId)}} modifyHostsCertificateReq.ServerCertInfo = []*tcTeo.ServerCertInfo{{CertId: common.StringPtr(upres.CertId)}}
modifyHostsCertificateResp, err := d.sdkClients.teo.ModifyHostsCertificate(modifyHostsCertificateReq) modifyHostsCertificateResp, err := d.sdkClients.teo.ModifyHostsCertificate(modifyHostsCertificateReq)
d.logger.Debug("sdk request 'teo.ModifyHostsCertificate'", slog.Any("request", modifyHostsCertificateReq), slog.Any("response", modifyHostsCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'teo.ModifyHostsCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'teo.ModifyHostsCertificate'")
} }
d.logger.Logt("已配置域名证书", modifyHostsCertificateResp.Response)
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }

23
internal/pkg/core/deployer/providers/tencentcloud-scf/tencentcloud_scf.go
View File

@@ -2,6 +2,7 @@
import ( import (
"context" "context"
"log/slog"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common" "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
@@ -9,7 +10,6 @@ import (
tcScf "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/scf/v20180416" tcScf "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/scf/v20180416"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
) )
@@ -27,7 +27,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *tcScf.Client sdkClient *tcScf.Client
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -54,14 +54,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -71,10 +76,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
getCustomDomainReq := tcScf.NewGetCustomDomainRequest() getCustomDomainReq := tcScf.NewGetCustomDomainRequest()
getCustomDomainReq.Domain = common.StringPtr(d.config.Domain) getCustomDomainReq.Domain = common.StringPtr(d.config.Domain)
getCustomDomainResp, err := d.sdkClient.GetCustomDomain(getCustomDomainReq) getCustomDomainResp, err := d.sdkClient.GetCustomDomain(getCustomDomainReq)
d.logger.Debug("sdk request 'scf.GetCustomDomain'", slog.Any("request", getCustomDomainReq), slog.Any("response", getCustomDomainResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'scf.GetCustomDomain'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'scf.GetCustomDomain'")
} else {
d.logger.Logt("已查看云函数自定义域名详情", getCustomDomainResp.Response)
} }
// 上传证书到 SSL // 上传证书到 SSL
@@ -82,7 +86,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else { } else {
d.logger.Logt("certificate file uploaded", upres) d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
// 更新云函数自定义域名 // 更新云函数自定义域名
@@ -94,10 +98,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
} }
updateCustomDomainReq.Protocol = getCustomDomainResp.Response.Protocol updateCustomDomainReq.Protocol = getCustomDomainResp.Response.Protocol
updateCustomDomainResp, err := d.sdkClient.UpdateCustomDomain(updateCustomDomainReq) updateCustomDomainResp, err := d.sdkClient.UpdateCustomDomain(updateCustomDomainReq)
d.logger.Debug("sdk request 'scf.UpdateCustomDomain'", slog.Any("request", updateCustomDomainReq), slog.Any("response", updateCustomDomainResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'scf.UpdateCustomDomain'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'scf.UpdateCustomDomain'")
} else {
d.logger.Logt("已设置点播域名 HTTPS 证书", updateCustomDomainResp.Response)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

28
internal/pkg/core/deployer/providers/tencentcloud-ssl-deploy/tencentcloud_ssl_deploy.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"time" "time"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
@@ -12,7 +13,6 @@ import (
tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
) )
@@ -32,7 +32,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *tcSsl.Client sdkClient *tcSsl.Client
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -59,14 +59,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -82,10 +87,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 证书部署到云资源实例列表 // 证书部署到云资源实例列表
// REF: https://cloud.tencent.com/document/product/400/91667 // REF: https://cloud.tencent.com/document/product/400/91667
deployCertificateInstanceReq := tcSsl.NewDeployCertificateInstanceRequest() deployCertificateInstanceReq := tcSsl.NewDeployCertificateInstanceRequest()
@@ -94,14 +99,13 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
deployCertificateInstanceReq.InstanceIdList = common.StringPtrs(d.config.ResourceIds) deployCertificateInstanceReq.InstanceIdList = common.StringPtrs(d.config.ResourceIds)
deployCertificateInstanceReq.Status = common.Int64Ptr(1) deployCertificateInstanceReq.Status = common.Int64Ptr(1)
deployCertificateInstanceResp, err := d.sdkClient.DeployCertificateInstance(deployCertificateInstanceReq) deployCertificateInstanceResp, err := d.sdkClient.DeployCertificateInstance(deployCertificateInstanceReq)
d.logger.Debug("sdk request 'ssl.DeployCertificateInstance'", slog.Any("request", deployCertificateInstanceReq), slog.Any("response", deployCertificateInstanceResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.DeployCertificateInstance'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.DeployCertificateInstance'")
} else if deployCertificateInstanceResp.Response == nil || deployCertificateInstanceResp.Response.DeployRecordId == nil { } else if deployCertificateInstanceResp.Response == nil || deployCertificateInstanceResp.Response.DeployRecordId == nil {
return nil, errors.New("failed to create deploy record") return nil, errors.New("failed to create deploy record")
} }
d.logger.Logt("已部署证书到云资源实例", deployCertificateInstanceResp.Response)
// 循环获取部署任务详情,等待任务状态变更 // 循环获取部署任务详情,等待任务状态变更
// REF: https://cloud.tencent.com.cn/document/api/400/91658 // REF: https://cloud.tencent.com.cn/document/api/400/91658
for { for {
@@ -113,12 +117,13 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
describeHostDeployRecordDetailReq.DeployRecordId = common.StringPtr(fmt.Sprintf("%d", *deployCertificateInstanceResp.Response.DeployRecordId)) describeHostDeployRecordDetailReq.DeployRecordId = common.StringPtr(fmt.Sprintf("%d", *deployCertificateInstanceResp.Response.DeployRecordId))
describeHostDeployRecordDetailReq.Limit = common.Uint64Ptr(100) describeHostDeployRecordDetailReq.Limit = common.Uint64Ptr(100)
describeHostDeployRecordDetailResp, err := d.sdkClient.DescribeHostDeployRecordDetail(describeHostDeployRecordDetailReq) describeHostDeployRecordDetailResp, err := d.sdkClient.DescribeHostDeployRecordDetail(describeHostDeployRecordDetailReq)
d.logger.Debug("sdk request 'ssl.DescribeHostDeployRecordDetail'", slog.Any("request", describeHostDeployRecordDetailReq), slog.Any("response", describeHostDeployRecordDetailResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.DescribeHostDeployRecordDetail'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.DescribeHostDeployRecordDetail'")
} }
if describeHostDeployRecordDetailResp.Response.TotalCount == nil { if describeHostDeployRecordDetailResp.Response.TotalCount == nil {
return nil, errors.New("部署任务状态异常") return nil, errors.New("unexpected deployment job status")
} else { } else {
acc := int64(0) acc := int64(0)
if describeHostDeployRecordDetailResp.Response.SuccessTotalCount != nil { if describeHostDeployRecordDetailResp.Response.SuccessTotalCount != nil {
@@ -129,12 +134,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
} }
if acc == *describeHostDeployRecordDetailResp.Response.TotalCount { if acc == *describeHostDeployRecordDetailResp.Response.TotalCount {
d.logger.Logt("已获取部署任务详情", describeHostDeployRecordDetailResp)
break break
} }
} }
d.logger.Logt("部署任务未完成 ...") d.logger.Info("waiting for deployment job completion ...")
time.Sleep(time.Second * 5) time.Sleep(time.Second * 5)
} }

20
internal/pkg/core/deployer/providers/tencentcloud-vod/tencentcloud_vod.go
View File

@@ -2,6 +2,7 @@
import ( import (
"context" "context"
"log/slog"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common" "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
@@ -9,7 +10,6 @@ import (
tcVod "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod/v20180717" tcVod "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod/v20180717"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
) )
@@ -27,7 +27,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *tcVod.Client sdkClient *tcVod.Client
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -54,14 +54,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -71,7 +76,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else { } else {
d.logger.Logt("certificate file uploaded", upres) d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
// 设置点播域名 HTTPS 证书 // 设置点播域名 HTTPS 证书
@@ -84,10 +89,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
setVodDomainCertificateReq.SubAppId = common.Uint64Ptr(uint64(d.config.SubAppId)) setVodDomainCertificateReq.SubAppId = common.Uint64Ptr(uint64(d.config.SubAppId))
} }
setVodDomainCertificateResp, err := d.sdkClient.SetVodDomainCertificate(setVodDomainCertificateReq) setVodDomainCertificateResp, err := d.sdkClient.SetVodDomainCertificate(setVodDomainCertificateReq)
d.logger.Debug("sdk request 'vod.SetVodDomainCertificate'", slog.Any("request", setVodDomainCertificateReq), slog.Any("response", setVodDomainCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'vod.SetVodDomainCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'vod.SetVodDomainCertificate'")
} else {
d.logger.Logt("已设置点播域名 HTTPS 证书", setVodDomainCertificateResp.Response)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

23
internal/pkg/core/deployer/providers/tencentcloud-waf/tencentcloud_waf.go
View File

@@ -3,6 +3,7 @@
import ( import (
"context" "context"
"errors" "errors"
"log/slog"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common" "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
@@ -10,7 +11,6 @@ import (
tcWaf "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125" tcWaf "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
) )
@@ -32,7 +32,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *tcWaf.Client sdkClient *tcWaf.Client
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -59,14 +59,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -86,7 +91,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else { } else {
d.logger.Logt("certificate file uploaded", upres) d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
// 查询单个 SaaS 型 WAF 域名详情 // 查询单个 SaaS 型 WAF 域名详情
@@ -96,10 +101,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
describeDomainDetailsSaasReq.DomainId = common.StringPtr(d.config.DomainId) describeDomainDetailsSaasReq.DomainId = common.StringPtr(d.config.DomainId)
describeDomainDetailsSaasReq.InstanceId = common.StringPtr(d.config.InstanceId) describeDomainDetailsSaasReq.InstanceId = common.StringPtr(d.config.InstanceId)
describeDomainDetailsSaasResp, err := d.sdkClient.DescribeDomainDetailsSaas(describeDomainDetailsSaasReq) describeDomainDetailsSaasResp, err := d.sdkClient.DescribeDomainDetailsSaas(describeDomainDetailsSaasReq)
d.logger.Debug("sdk request 'waf.DescribeDomainDetailsSaas'", slog.Any("request", describeDomainDetailsSaasReq), slog.Any("response", describeDomainDetailsSaasResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.DescribeDomainDetailsSaas'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.DescribeDomainDetailsSaas'")
} else {
d.logger.Logt("已查询到 SaaS 型 WAF 域名详情", describeDomainDetailsSaasResp.Response)
} }
// 编辑 SaaS 型 WAF 域名 // 编辑 SaaS 型 WAF 域名
@@ -111,10 +115,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
modifySpartaProtectionReq.CertType = common.Int64Ptr(2) modifySpartaProtectionReq.CertType = common.Int64Ptr(2)
modifySpartaProtectionReq.SSLId = common.StringPtr(upres.CertId) modifySpartaProtectionReq.SSLId = common.StringPtr(upres.CertId)
modifySpartaProtectionResp, err := d.sdkClient.ModifySpartaProtection(modifySpartaProtectionReq) modifySpartaProtectionResp, err := d.sdkClient.ModifySpartaProtection(modifySpartaProtectionReq)
d.logger.Debug("sdk request 'waf.ModifySpartaProtection'", slog.Any("request", modifySpartaProtectionReq), slog.Any("response", modifySpartaProtectionResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.ModifySpartaProtection'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.ModifySpartaProtection'")
} else {
d.logger.Logt("已编辑 SaaS 型 WAF 域名", modifySpartaProtectionResp.Response)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

25
internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn.go
View File

@@ -3,6 +3,7 @@
import ( import (
"context" "context"
"errors" "errors"
"log/slog"
"strconv" "strconv"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
@@ -11,7 +12,6 @@ import (
uAuth "github.com/ucloud/ucloud-sdk-go/ucloud/auth" uAuth "github.com/ucloud/ucloud-sdk-go/ucloud/auth"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ucloud-ussl" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ucloud-ussl"
) )
@@ -29,7 +29,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *uCdn.UCDNClient sdkClient *uCdn.UCDNClient
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -57,14 +57,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -73,10 +78,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 获取加速域名配置 // 获取加速域名配置
// REF: https://docs.ucloud.cn/api/ucdn-api/get_ucdn_domain_config // REF: https://docs.ucloud.cn/api/ucdn-api/get_ucdn_domain_config
getUcdnDomainConfigReq := d.sdkClient.NewGetUcdnDomainConfigRequest() getUcdnDomainConfigReq := d.sdkClient.NewGetUcdnDomainConfigRequest()
@@ -85,14 +90,13 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
getUcdnDomainConfigReq.ProjectId = usdk.String(d.config.ProjectId) getUcdnDomainConfigReq.ProjectId = usdk.String(d.config.ProjectId)
} }
getUcdnDomainConfigResp, err := d.sdkClient.GetUcdnDomainConfig(getUcdnDomainConfigReq) getUcdnDomainConfigResp, err := d.sdkClient.GetUcdnDomainConfig(getUcdnDomainConfigReq)
d.logger.Debug("sdk request 'ucdn.GetUcdnDomainConfig'", slog.Any("request", getUcdnDomainConfigReq), slog.Any("response", getUcdnDomainConfigResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ucdn.GetUcdnDomainConfig'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'ucdn.GetUcdnDomainConfig'")
} else if len(getUcdnDomainConfigResp.DomainList) == 0 { } else if len(getUcdnDomainConfigResp.DomainList) == 0 {
return nil, errors.New("no domain found") return nil, errors.New("no domain found")
} }
d.logger.Logt("已查询到加速域名配置", getUcdnDomainConfigResp)
// 更新 HTTPS 加速配置 // 更新 HTTPS 加速配置
// REF: https://docs.ucloud.cn/api/ucdn-api/update_ucdn_domain_https_config_v2 // REF: https://docs.ucloud.cn/api/ucdn-api/update_ucdn_domain_https_config_v2
certId, _ := strconv.Atoi(upres.CertId) certId, _ := strconv.Atoi(upres.CertId)
@@ -108,12 +112,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
updateUcdnDomainHttpsConfigV2Req.ProjectId = usdk.String(d.config.ProjectId) updateUcdnDomainHttpsConfigV2Req.ProjectId = usdk.String(d.config.ProjectId)
} }
updateUcdnDomainHttpsConfigV2Resp, err := d.sdkClient.UpdateUcdnDomainHttpsConfigV2(updateUcdnDomainHttpsConfigV2Req) updateUcdnDomainHttpsConfigV2Resp, err := d.sdkClient.UpdateUcdnDomainHttpsConfigV2(updateUcdnDomainHttpsConfigV2Req)
d.logger.Debug("sdk request 'ucdn.UpdateUcdnDomainHttpsConfigV2'", slog.Any("request", updateUcdnDomainHttpsConfigV2Req), slog.Any("response", updateUcdnDomainHttpsConfigV2Resp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ucdn.UpdateUcdnDomainHttpsConfigV2'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'ucdn.UpdateUcdnDomainHttpsConfigV2'")
} }
d.logger.Logt("已更新 HTTPS 加速配置", updateUcdnDomainHttpsConfigV2Resp)
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }

24
internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3.go
View File

@@ -2,13 +2,13 @@
import ( import (
"context" "context"
"log/slog"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
usdk "github.com/ucloud/ucloud-sdk-go/ucloud" usdk "github.com/ucloud/ucloud-sdk-go/ucloud"
uAuth "github.com/ucloud/ucloud-sdk-go/ucloud/auth" uAuth "github.com/ucloud/ucloud-sdk-go/ucloud/auth"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ucloud-ussl" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/ucloud-ussl"
usdkFile "github.com/usual2970/certimate/internal/pkg/vendors/ucloud-sdk/ufile" usdkFile "github.com/usual2970/certimate/internal/pkg/vendors/ucloud-sdk/ufile"
@@ -31,7 +31,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *usdkFile.UFileClient sdkClient *usdkFile.UFileClient
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -59,14 +59,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -75,10 +80,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 添加 SSL 证书 // 添加 SSL 证书
// REF: https://docs.ucloud.cn/api/ufile-api/add_ufile_ssl_cert // REF: https://docs.ucloud.cn/api/ufile-api/add_ufile_ssl_cert
addUFileSSLCertReq := d.sdkClient.NewAddUFileSSLCertRequest() addUFileSSLCertReq := d.sdkClient.NewAddUFileSSLCertRequest()
@@ -90,12 +95,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
addUFileSSLCertReq.ProjectId = usdk.String(d.config.ProjectId) addUFileSSLCertReq.ProjectId = usdk.String(d.config.ProjectId)
} }
addUFileSSLCertResp, err := d.sdkClient.AddUFileSSLCert(addUFileSSLCertReq) addUFileSSLCertResp, err := d.sdkClient.AddUFileSSLCert(addUFileSSLCertReq)
d.logger.Debug("sdk request 'us3.AddUFileSSLCert'", slog.Any("request", addUFileSSLCertReq), slog.Any("response", addUFileSSLCertResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ucdn.AddUFileSSLCert'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'us3.AddUFileSSLCert'")
} }
d.logger.Logt("添加 SSL 证书", addUFileSSLCertResp)
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }

25
internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go
View File

@@ -3,14 +3,13 @@
import ( import (
"context" "context"
"errors" "errors"
"fmt" "log/slog"
"strings" "strings"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
veCdn "github.com/volcengine/volc-sdk-golang/service/cdn" veCdn "github.com/volcengine/volc-sdk-golang/service/cdn"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-cdn" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-cdn"
) )
@@ -26,7 +25,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *veCdn.CDN sdkClient *veCdn.CDN
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -52,14 +51,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -68,10 +72,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
domains := make([]string, 0) domains := make([]string, 0)
if strings.HasPrefix(d.config.Domain, "*.") { if strings.HasPrefix(d.config.Domain, "*.") {
// 获取指定证书可关联的域名 // 获取指定证书可关联的域名
@@ -80,6 +84,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
CertId: upres.CertId, CertId: upres.CertId,
} }
describeCertConfigResp, err := d.sdkClient.DescribeCertConfig(describeCertConfigReq) describeCertConfigResp, err := d.sdkClient.DescribeCertConfig(describeCertConfigReq)
d.logger.Debug("sdk request 'cdn.DescribeCertConfig'", slog.Any("request", describeCertConfigReq), slog.Any("response", describeCertConfigResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.DescribeCertConfig'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.DescribeCertConfig'")
} }
@@ -99,6 +104,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
if len(domains) == 0 { if len(domains) == 0 {
if len(describeCertConfigResp.Result.SpecifiedCertConfig) > 0 { if len(describeCertConfigResp.Result.SpecifiedCertConfig) > 0 {
// 所有可关联的域名都配置了该证书,跳过部署 // 所有可关联的域名都配置了该证书,跳过部署
d.logger.Info("no domains to deploy")
} else { } else {
return nil, errors.New("domain not found") return nil, errors.New("domain not found")
} }
@@ -118,10 +124,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
Domain: domain, Domain: domain,
} }
batchDeployCertResp, err := d.sdkClient.BatchDeployCert(batchDeployCertReq) batchDeployCertResp, err := d.sdkClient.BatchDeployCert(batchDeployCertReq)
d.logger.Debug("sdk request 'cdn.BatchDeployCert'", slog.Any("request", batchDeployCertReq), slog.Any("response", batchDeployCertResp))
if err != nil { if err != nil {
errs = append(errs, err) errs = append(errs, err)
} else {
d.logger.Logt(fmt.Sprintf("已关联证书到域名 %s", domain), batchDeployCertResp)
} }
} }

22
internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
veClb "github.com/volcengine/volcengine-go-sdk/service/clb" veClb "github.com/volcengine/volcengine-go-sdk/service/clb"
@@ -11,7 +12,6 @@ import (
veSession "github.com/volcengine/volcengine-go-sdk/volcengine/session" veSession "github.com/volcengine/volcengine-go-sdk/volcengine/session"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter"
) )
@@ -32,7 +32,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *veClb.CLB sdkClient *veClb.CLB
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -60,14 +60,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -76,10 +81,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 根据部署资源类型决定部署方式 // 根据部署资源类型决定部署方式
switch d.config.ResourceType { switch d.config.ResourceType {
case RESOURCE_TYPE_LISTENER: case RESOURCE_TYPE_LISTENER:
@@ -107,10 +112,9 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str
CertCenterCertificateId: ve.String(cloudCertId), CertCenterCertificateId: ve.String(cloudCertId),
} }
modifyListenerAttributesResp, err := d.sdkClient.ModifyListenerAttributes(modifyListenerAttributesReq) modifyListenerAttributesResp, err := d.sdkClient.ModifyListenerAttributes(modifyListenerAttributesReq)
d.logger.Debug("sdk request 'clb.ModifyListenerAttributes'", slog.Any("request", modifyListenerAttributesReq), slog.Any("response", modifyListenerAttributesResp))
if err != nil { if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'clb.ModifyListenerAttributes'") return xerrors.Wrap(err, "failed to execute sdk request 'clb.ModifyListenerAttributes'")
} else {
d.logger.Logt("已修改监听器", modifyListenerAttributesResp)
} }
return nil return nil

22
internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn.go
View File

@@ -2,6 +2,7 @@
import ( import (
"context" "context"
"log/slog"
"strings" "strings"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
@@ -10,7 +11,6 @@ import (
veSession "github.com/volcengine/volcengine-go-sdk/volcengine/session" veSession "github.com/volcengine/volcengine-go-sdk/volcengine/session"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter"
) )
@@ -28,7 +28,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *veDcdn.DCDN sdkClient *veDcdn.DCDN
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -56,14 +56,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -72,10 +77,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// "*.example.com" → ".example.com",适配火山引擎 DCDN 要求的泛域名格式 // "*.example.com" → ".example.com",适配火山引擎 DCDN 要求的泛域名格式
domain := strings.TrimPrefix(d.config.Domain, "*") domain := strings.TrimPrefix(d.config.Domain, "*")
@@ -87,10 +92,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
DomainNames: ve.StringSlice([]string{domain}), DomainNames: ve.StringSlice([]string{domain}),
} }
createCertBindResp, err := d.sdkClient.CreateCertBind(createCertBindReq) createCertBindResp, err := d.sdkClient.CreateCertBind(createCertBindReq)
d.logger.Debug("sdk request 'dcdn.CreateCertBind'", slog.Any("request", createCertBindReq), slog.Any("response", createCertBindResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'dcdn.CreateCertBind'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'dcdn.CreateCertBind'")
} else {
d.logger.Logt("已绑定证书", createCertBindResp)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

23
internal/pkg/core/deployer/providers/volcengine-imagex/volcengine_imagex.go
View File

@@ -3,13 +3,13 @@
import ( import (
"context" "context"
"errors" "errors"
"log/slog"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
veBase "github.com/volcengine/volc-sdk-golang/base" veBase "github.com/volcengine/volc-sdk-golang/base"
veImageX "github.com/volcengine/volc-sdk-golang/service/imagex/v2" veImageX "github.com/volcengine/volc-sdk-golang/service/imagex/v2"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter"
) )
@@ -29,7 +29,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *veImageX.Imagex sdkClient *veImageX.Imagex
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -57,14 +57,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -81,7 +86,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else { } else {
d.logger.Logt("certificate file uploaded", upres) d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
// 获取域名配置 // 获取域名配置
@@ -91,10 +96,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
DomainName: d.config.Domain, DomainName: d.config.Domain,
} }
getDomainConfigResp, err := d.sdkClient.GetDomainConfig(context.TODO(), getDomainConfigReq) getDomainConfigResp, err := d.sdkClient.GetDomainConfig(context.TODO(), getDomainConfigReq)
d.logger.Debug("sdk request 'imagex.GetDomainConfig'", slog.Any("request", getDomainConfigReq), slog.Any("response", getDomainConfigResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'imagex.GetDomainConfig'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'imagex.GetDomainConfig'")
} else {
d.logger.Logt("已获取域名配置", getDomainConfigResp)
} }
// 更新 HTTPS 配置 // 更新 HTTPS 配置
@@ -121,10 +125,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
updateHttpsReq.UpdateHTTPSBody.HTTPS.ForceRedirectCode = getDomainConfigResp.Result.HTTPSConfig.ForceRedirectCode updateHttpsReq.UpdateHTTPSBody.HTTPS.ForceRedirectCode = getDomainConfigResp.Result.HTTPSConfig.ForceRedirectCode
} }
updateHttpsResp, err := d.sdkClient.UpdateHTTPS(context.TODO(), updateHttpsReq) updateHttpsResp, err := d.sdkClient.UpdateHTTPS(context.TODO(), updateHttpsReq)
d.logger.Debug("sdk request 'imagex.UpdateHttps'", slog.Any("request", updateHttpsReq), slog.Any("response", updateHttpsResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'imagex.UpdateHttps'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'imagex.UpdateHttps'")
} else {
d.logger.Logt("已更新 HTTPS 配置", updateHttpsResp)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

26
internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go
View File

@@ -3,7 +3,7 @@
import ( import (
"context" "context"
"errors" "errors"
"fmt" "log/slog"
"strings" "strings"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
@@ -11,7 +11,6 @@ import (
ve "github.com/volcengine/volcengine-go-sdk/volcengine" ve "github.com/volcengine/volcengine-go-sdk/volcengine"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-live" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-live"
) )
@@ -27,7 +26,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *veLive.Live sdkClient *veLive.Live
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -53,14 +52,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -69,10 +73,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
domains := make([]string, 0) domains := make([]string, 0)
if strings.HasPrefix(d.config.Domain, "*.") { if strings.HasPrefix(d.config.Domain, "*.") {
listDomainDetailPageNum := int32(1) listDomainDetailPageNum := int32(1)
@@ -86,6 +90,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
PageSize: listDomainDetailPageSize, PageSize: listDomainDetailPageSize,
} }
listDomainDetailResp, err := d.sdkClient.ListDomainDetail(ctx, listDomainDetailReq) listDomainDetailResp, err := d.sdkClient.ListDomainDetail(ctx, listDomainDetailReq)
d.logger.Debug("sdk request 'live.ListDomainDetail'", slog.Any("request", listDomainDetailReq), slog.Any("response", listDomainDetailResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'live.ListDomainDetail'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'live.ListDomainDetail'")
} }
@@ -110,7 +115,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
} }
if len(domains) == 0 { if len(domains) == 0 {
return nil, xerrors.Errorf("未查询到匹配的域名: %s", d.config.Domain) return nil, errors.New("domain not found")
} }
} else { } else {
domains = append(domains, d.config.Domain) domains = append(domains, d.config.Domain)
@@ -128,10 +133,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
HTTPS: ve.Bool(true), HTTPS: ve.Bool(true),
} }
bindCertResp, err := d.sdkClient.BindCert(ctx, bindCertReq) bindCertResp, err := d.sdkClient.BindCert(ctx, bindCertReq)
d.logger.Debug("sdk request 'live.BindCert'", slog.Any("request", bindCertReq), slog.Any("response", bindCertResp))
if err != nil { if err != nil {
errs = append(errs, err) errs = append(errs, err)
} else {
d.logger.Logt(fmt.Sprintf("已绑定证书到域名 %s", domain), bindCertResp)
} }
} }

22
internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos.go
View File

@@ -4,12 +4,12 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
veTos "github.com/volcengine/ve-tos-golang-sdk/v2/tos" veTos "github.com/volcengine/ve-tos-golang-sdk/v2/tos"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter"
) )
@@ -29,7 +29,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
sdkClient *veTos.ClientV2 sdkClient *veTos.ClientV2
sslUploader uploader.Uploader sslUploader uploader.Uploader
} }
@@ -57,14 +57,19 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
sdkClient: client, sdkClient: client,
sslUploader: uploader, sslUploader: uploader,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d return d
} }
@@ -80,10 +85,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem) upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file") return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
} }
d.logger.Logt("certificate file uploaded", upres)
// 设置自定义域名 // 设置自定义域名
// REF: https://www.volcengine.com/docs/6559/1250189 // REF: https://www.volcengine.com/docs/6559/1250189
putBucketCustomDomainReq := &veTos.PutBucketCustomDomainInput{ putBucketCustomDomainReq := &veTos.PutBucketCustomDomainInput{
@@ -94,10 +99,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
}, },
} }
putBucketCustomDomainResp, err := d.sdkClient.PutBucketCustomDomain(context.TODO(), putBucketCustomDomainReq) putBucketCustomDomainResp, err := d.sdkClient.PutBucketCustomDomain(context.TODO(), putBucketCustomDomainReq)
d.logger.Debug("sdk request 'tos.PutBucketCustomDomain'", slog.Any("request", putBucketCustomDomainReq), slog.Any("response", putBucketCustomDomainResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'tos.PutBucketCustomDomain'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'tos.PutBucketCustomDomain'")
} else {
d.logger.Logt("已设置自定义域名", putBucketCustomDomainResp)
} }
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil

24
internal/pkg/core/deployer/providers/webhook/webhook.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"crypto/tls" "crypto/tls"
"encoding/json" "encoding/json"
"log/slog"
"strings" "strings"
"time" "time"
@@ -11,8 +12,7 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer" "github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/logger" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
"github.com/usual2970/certimate/internal/pkg/utils/certs"
) )
type DeployerConfig struct { type DeployerConfig struct {
@@ -26,7 +26,7 @@ type DeployerConfig struct {
type DeployerProvider struct { type DeployerProvider struct {
config *DeployerConfig config *DeployerConfig
logger logger.Logger logger *slog.Logger
httpClient *resty.Client httpClient *resty.Client
} }
@@ -47,18 +47,22 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{ return &DeployerProvider{
config: config, config: config,
logger: logger.NewNilLogger(), logger: slog.Default(),
httpClient: client, httpClient: client,
}, nil }, nil
} }
func (d *DeployerProvider) WithLogger(logger logger.Logger) *DeployerProvider { func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
d.logger = logger if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d return d
} }
func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) { func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
certX509, err := certs.ParseCertificateFromPEM(certPem) certX509, err := certutil.ParseCertificateFromPEM(certPem)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to parse x509") return nil, xerrors.Wrap(err, "failed to parse x509")
} }
@@ -86,18 +90,18 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return nil, xerrors.Errorf("unexpected webhook response status code: %d", resp.StatusCode()) return nil, xerrors.Errorf("unexpected webhook response status code: %d", resp.StatusCode())
} }
d.logger.Logt("Webhook request sent", resp.String()) d.logger.Debug("webhook responded", slog.Any("response", resp.String()))
return &deployer.DeployResult{}, nil return &deployer.DeployResult{}, nil
} }
func replaceJsonValueRecursively(data interface{}, oldStr, newStr string) interface{} { func replaceJsonValueRecursively(data interface{}, oldStr, newStr string) interface{} {
switch v := data.(type) { switch v := data.(type) {
case map[string]interface{}: case map[string]any:
for k, val := range v { for k, val := range v {
v[k] = replaceJsonValueRecursively(val, oldStr, newStr) v[k] = replaceJsonValueRecursively(val, oldStr, newStr)
} }
case []interface{}: case []any:
for i, val := range v { for i, val := range v {
v[i] = replaceJsonValueRecursively(val, oldStr, newStr) v[i] = replaceJsonValueRecursively(val, oldStr, newStr)
} }

94
internal/pkg/core/logger/builtin.go
View File

@@ -1,94 +0,0 @@
package logger
import (
"encoding/json"
"fmt"
"reflect"
"strings"
"github.com/usual2970/certimate/internal/pkg/utils/types"
)
// 表示默认的日志记录器类型。
type DefaultLogger struct {
records []string
}
var _ Logger = (*DefaultLogger)(nil)
func (l *DefaultLogger) Logt(tag string, data ...any) {
l.ensureInitialized()
temp := make([]string, len(data)+1)
temp[0] = tag
for i, v := range data {
s := ""
if types.IsNil(v) {
s = "<nil>"
} else {
switch reflect.ValueOf(v).Kind() {
case reflect.String:
s = v.(string)
case reflect.Bool,
reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64,
reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64,
reflect.Float32, reflect.Float64:
s = fmt.Sprintf("%v", v)
default:
jbytes, _ := json.Marshal(v)
s = string(jbytes)
}
}
temp[i+1] = s
}
l.records = append(l.records, strings.Join(temp, ": "))
}
func (l *DefaultLogger) Logf(format string, args ...any) {
l.ensureInitialized()
l.records = append(l.records, fmt.Sprintf(format, args...))
}
func (l *DefaultLogger) GetRecords() []string {
l.ensureInitialized()
temp := make([]string, len(l.records))
copy(temp, l.records)
return temp
}
func (l *DefaultLogger) FlushRecords() {
l.records = make([]string, 0)
}
func (l *DefaultLogger) ensureInitialized() {
if l.records == nil {
l.records = make([]string, 0)
}
}
func NewDefaultLogger() *DefaultLogger {
return &DefaultLogger{
records: make([]string, 0),
}
}
// 表示空的日志记录器类型。
// 该日志记录器不会执行任何操作。
type NilLogger struct{}
var _ Logger = (*NilLogger)(nil)
func (l *NilLogger) Logt(string, ...any) {}
func (l *NilLogger) Logf(string, ...any) {}
func (l *NilLogger) GetRecords() []string {
return make([]string, 0)
}
func (l *NilLogger) FlushRecords() {}
func NewNilLogger() *NilLogger {
return &NilLogger{}
}

27
internal/pkg/core/logger/logger.go
View File

@@ -1,27 +0,0 @@
package logger
// 表示定义日志记录器的抽象类型接口。
type Logger interface {
// 追加一条日志记录。
// 该方法会将 `data` 以 JSON 序列化后拼接到 `tag` 结尾。
//
// 入参:
// - tag标签。
// - data数据。
Logt(tag string, data ...any)
// 追加一条日志记录。
// 该方法会将 `args` 以 `format` 格式化。
//
// 入参:
// - format格式化字符串。
// - args格式化参数。
Logf(format string, args ...any)
// 获取所有日志记录。
// TODO: 记录时间
GetRecords() []string
// 清空所有日志记录。
FlushRecords()
}

56
internal/pkg/core/logger/logger_test.go
View File

@@ -1,56 +0,0 @@
package logger_test
import (
"testing"
"github.com/usual2970/certimate/internal/pkg/core/logger"
)
/*
Shell command to run this test:
go test -v ./logger_test.go
*/
func TestLogger(t *testing.T) {
t.Run("Logger_Appendt", func(t *testing.T) {
logger := logger.NewDefaultLogger()
logger.Logt("test")
logger.Logt("test_nil", nil)
logger.Logt("test_int", 1024)
logger.Logt("test_string", "certimate")
logger.Logt("test_map", map[string]interface{}{"key": "value"})
logger.Logt("test_struct", struct{ Name string }{Name: "certimate"})
logger.Logt("test_slice", []string{"certimate"})
t.Log(logger.GetRecords())
if len(logger.GetRecords()) != 7 {
t.Errorf("expected 7 records, got %d", len(logger.GetRecords()))
}
logger.FlushRecords()
if len(logger.GetRecords()) != 0 {
t.Errorf("expected 0 records, got %d", len(logger.GetRecords()))
}
})
t.Run("Logger_Appendf", func(t *testing.T) {
logger := logger.NewDefaultLogger()
logger.Logf("test")
logger.Logf("test_nil: %v", nil)
logger.Logf("test_int: %v", 1024)
logger.Logf("test_string: %v", "certimate")
logger.Logf("test_map: %v", map[string]interface{}{"key": "value"})
logger.Logf("test_struct: %v", struct{ Name string }{Name: "certimate"})
logger.Logf("test_slice: %v", []string{"certimate"})
t.Log(logger.GetRecords())
if len(logger.GetRecords()) != 7 {
t.Errorf("expected 7 records, got %d", len(logger.GetRecords()))
}
logger.FlushRecords()
if len(logger.GetRecords()) != 0 {
t.Errorf("expected 0 records, got %d", len(logger.GetRecords()))
}
})
}

7
internal/pkg/core/notifier/notifier.go
View File

@@ -1,9 +1,14 @@
package notifier package notifier
import "context" import (
"context"
"log/slog"
)
// 表示定义消息通知器的抽象类型接口。 // 表示定义消息通知器的抽象类型接口。
type Notifier interface { type Notifier interface {
WithLogger(logger *slog.Logger) Notifier
// 发送通知。 // 发送通知。
// //
// 入参: // 入参:

11
internal/pkg/core/notifier/providers/bark/bark.go
View File

@@ -2,6 +2,7 @@
import ( import (
"context" "context"
"log/slog"
"github.com/nikoksr/notify" "github.com/nikoksr/notify"
"github.com/nikoksr/notify/service/bark" "github.com/nikoksr/notify/service/bark"
@@ -19,6 +20,7 @@ type NotifierConfig struct {
type NotifierProvider struct { type NotifierProvider struct {
config *NotifierConfig config *NotifierConfig
logger *slog.Logger
} }
var _ notifier.Notifier = (*NotifierProvider)(nil) var _ notifier.Notifier = (*NotifierProvider)(nil)
@@ -33,6 +35,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
}, nil }, nil
} }
func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
if logger == nil {
n.logger = slog.Default()
} else {
n.logger = logger
}
return n
}
func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) { func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
var srv notify.Notifier var srv notify.Notifier
if n.config.ServerUrl == "" { if n.config.ServerUrl == "" {

11
internal/pkg/core/notifier/providers/dingtalk/dingtalk.go
View File

@@ -2,6 +2,7 @@
import ( import (
"context" "context"
"log/slog"
"github.com/nikoksr/notify/service/dingding" "github.com/nikoksr/notify/service/dingding"
@@ -17,6 +18,7 @@ type NotifierConfig struct {
type NotifierProvider struct { type NotifierProvider struct {
config *NotifierConfig config *NotifierConfig
logger *slog.Logger
} }
var _ notifier.Notifier = (*NotifierProvider)(nil) var _ notifier.Notifier = (*NotifierProvider)(nil)
@@ -31,6 +33,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
}, nil }, nil
} }
func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
if logger == nil {
n.logger = slog.Default()
} else {
n.logger = logger
}
return n
}
func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) { func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
srv := dingding.New(&dingding.Config{ srv := dingding.New(&dingding.Config{
Token: n.config.AccessToken, Token: n.config.AccessToken,

11
internal/pkg/core/notifier/providers/email/email.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"crypto/tls" "crypto/tls"
"fmt" "fmt"
"log/slog"
"net/smtp" "net/smtp"
"github.com/domodwyer/mailyak/v3" "github.com/domodwyer/mailyak/v3"
@@ -31,6 +32,7 @@ type NotifierConfig struct {
type NotifierProvider struct { type NotifierProvider struct {
config *NotifierConfig config *NotifierConfig
logger *slog.Logger
} }
var _ notifier.Notifier = (*NotifierProvider)(nil) var _ notifier.Notifier = (*NotifierProvider)(nil)
@@ -45,6 +47,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
}, nil }, nil
} }
func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
if logger == nil {
n.logger = slog.Default()
} else {
n.logger = logger
}
return n
}
func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) { func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
var smtpAuth smtp.Auth var smtpAuth smtp.Auth
if n.config.Username != "" || n.config.Password != "" { if n.config.Username != "" || n.config.Password != "" {

11
internal/pkg/core/notifier/providers/lark/lark.go
View File

@@ -2,6 +2,7 @@
import ( import (
"context" "context"
"log/slog"
"github.com/nikoksr/notify/service/lark" "github.com/nikoksr/notify/service/lark"
@@ -15,6 +16,7 @@ type NotifierConfig struct {
type NotifierProvider struct { type NotifierProvider struct {
config *NotifierConfig config *NotifierConfig
logger *slog.Logger
} }
var _ notifier.Notifier = (*NotifierProvider)(nil) var _ notifier.Notifier = (*NotifierProvider)(nil)
@@ -29,6 +31,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
}, nil }, nil
} }
func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
if logger == nil {
n.logger = slog.Default()
} else {
n.logger = logger
}
return n
}
func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) { func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
srv := lark.NewWebhookService(n.config.WebhookUrl) srv := lark.NewWebhookService(n.config.WebhookUrl)

11
internal/pkg/core/notifier/providers/serverchan/serverchan.go
View File

@@ -2,6 +2,7 @@
import ( import (
"context" "context"
"log/slog"
"net/http" "net/http"
notifyHttp "github.com/nikoksr/notify/service/http" notifyHttp "github.com/nikoksr/notify/service/http"
@@ -16,6 +17,7 @@ type NotifierConfig struct {
type NotifierProvider struct { type NotifierProvider struct {
config *NotifierConfig config *NotifierConfig
logger *slog.Logger
} }
var _ notifier.Notifier = (*NotifierProvider)(nil) var _ notifier.Notifier = (*NotifierProvider)(nil)
@@ -30,6 +32,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
}, nil }, nil
} }
func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
if logger == nil {
n.logger = slog.Default()
} else {
n.logger = logger
}
return n
}
func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) { func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
srv := notifyHttp.New() srv := notifyHttp.New()

11
internal/pkg/core/notifier/providers/telegram/telegram.go
View File

@@ -2,6 +2,7 @@
import ( import (
"context" "context"
"log/slog"
"github.com/nikoksr/notify/service/telegram" "github.com/nikoksr/notify/service/telegram"
@@ -17,6 +18,7 @@ type NotifierConfig struct {
type NotifierProvider struct { type NotifierProvider struct {
config *NotifierConfig config *NotifierConfig
logger *slog.Logger
} }
var _ notifier.Notifier = (*NotifierProvider)(nil) var _ notifier.Notifier = (*NotifierProvider)(nil)
@@ -31,6 +33,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
}, nil }, nil
} }
func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
if logger == nil {
n.logger = slog.Default()
} else {
n.logger = logger
}
return n
}
func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) { func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
srv, err := telegram.New(n.config.ApiToken) srv, err := telegram.New(n.config.ApiToken)
if err != nil { if err != nil {

11
internal/pkg/core/notifier/providers/webhook/webhook.go
View File

@@ -3,6 +3,7 @@
import ( import (
"context" "context"
"crypto/tls" "crypto/tls"
"log/slog"
"net/http" "net/http"
webhook "github.com/nikoksr/notify/service/http" webhook "github.com/nikoksr/notify/service/http"
@@ -19,6 +20,7 @@ type NotifierConfig struct {
type NotifierProvider struct { type NotifierProvider struct {
config *NotifierConfig config *NotifierConfig
logger *slog.Logger
} }
var _ notifier.Notifier = (*NotifierProvider)(nil) var _ notifier.Notifier = (*NotifierProvider)(nil)
@@ -33,6 +35,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
}, nil }, nil
} }
func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
if logger == nil {
n.logger = slog.Default()
} else {
n.logger = logger
}
return n
}
func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) { func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
srv := webhook.New() srv := webhook.New()
srv.AddReceiversURLs(n.config.Url) srv.AddReceiversURLs(n.config.Url)

11
internal/pkg/core/notifier/providers/wecom/wecom.go
View File

@@ -2,6 +2,7 @@
import ( import (
"context" "context"
"log/slog"
"net/http" "net/http"
notifyHttp "github.com/nikoksr/notify/service/http" notifyHttp "github.com/nikoksr/notify/service/http"
@@ -16,6 +17,7 @@ type NotifierConfig struct {
type NotifierProvider struct { type NotifierProvider struct {
config *NotifierConfig config *NotifierConfig
logger *slog.Logger
} }
var _ notifier.Notifier = (*NotifierProvider)(nil) var _ notifier.Notifier = (*NotifierProvider)(nil)
@@ -30,6 +32,15 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
}, nil }, nil
} }
func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
if logger == nil {
n.logger = slog.Default()
} else {
n.logger = logger
}
return n
}
func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) { func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
srv := notifyHttp.New() srv := notifyHttp.New()

17
internal/pkg/core/uploader/providers/1panel-ssl/1panel_ssl.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"net/url" "net/url"
"strings" "strings"
"time" "time"
@@ -23,6 +24,7 @@ type UploaderConfig struct {
type UploaderProvider struct { type UploaderProvider struct {
config *UploaderConfig config *UploaderConfig
logger *slog.Logger
sdkClient *opsdk.Client sdkClient *opsdk.Client
} }
@@ -40,15 +42,26 @@ func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
return &UploaderProvider{ return &UploaderProvider{
config: config, config: config,
logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
if logger == nil {
u.logger = slog.Default()
} else {
u.logger = logger
}
return u
}
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
// 遍历证书列表,避免重复上传 // 遍历证书列表,避免重复上传
if res, err := u.getExistCert(ctx, certPem, privkeyPem); err != nil { if res, err := u.getExistCert(ctx, certPem, privkeyPem); err != nil {
return nil, err return nil, err
} else if res != nil { } else if res != nil {
u.logger.Info("ssl certificate already exists")
return res, nil return res, nil
} }
@@ -63,6 +76,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
PrivateKey: privkeyPem, PrivateKey: privkeyPem,
} }
uploadWebsiteSSLResp, err := u.sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq) uploadWebsiteSSLResp, err := u.sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq)
u.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request '1panel.UploadWebsiteSSL'") return nil, xerrors.Wrap(err, "failed to execute sdk request '1panel.UploadWebsiteSSL'")
} }
@@ -86,6 +100,7 @@ func (u *UploaderProvider) getExistCert(ctx context.Context, certPem string, pri
PageSize: searchWebsiteSSLPageSize, PageSize: searchWebsiteSSLPageSize,
} }
searchWebsiteSSLResp, err := u.sdkClient.SearchWebsiteSSL(searchWebsiteSSLReq) searchWebsiteSSLResp, err := u.sdkClient.SearchWebsiteSSL(searchWebsiteSSLReq)
u.logger.Debug("sdk request '1panel.SearchWebsiteSSL'", slog.Any("request", searchWebsiteSSLReq), slog.Any("response", searchWebsiteSSLResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request '1panel.SearchWebsiteSSL'") return nil, xerrors.Wrap(err, "failed to execute sdk request '1panel.SearchWebsiteSSL'")
} }
@@ -93,7 +108,7 @@ func (u *UploaderProvider) getExistCert(ctx context.Context, certPem string, pri
for _, sslItem := range searchWebsiteSSLResp.Data.Items { for _, sslItem := range searchWebsiteSSLResp.Data.Items {
if strings.TrimSpace(sslItem.PEM) == strings.TrimSpace(certPem) && if strings.TrimSpace(sslItem.PEM) == strings.TrimSpace(certPem) &&
strings.TrimSpace(sslItem.PrivateKey) == strings.TrimSpace(privkeyPem) { strings.TrimSpace(sslItem.PrivateKey) == strings.TrimSpace(privkeyPem) {
// 如果已存在相同证书,直接返回已有的证书信息 // 如果已存在相同证书,直接返回
return &uploader.UploadResult{ return &uploader.UploadResult{
CertId: fmt.Sprintf("%d", sslItem.ID), CertId: fmt.Sprintf("%d", sslItem.ID),
CertName: sslItem.Description, CertName: sslItem.Description,

50
internal/pkg/core/uploader/providers/aliyun-cas/aliyun_cas.go
View File

@@ -3,16 +3,17 @@
import ( import (
"context" "context"
"fmt" "fmt"
"log/slog"
"strings" "strings"
"time" "time"
aliyunCas "github.com/alibabacloud-go/cas-20200407/v3/client" alicas "github.com/alibabacloud-go/cas-20200407/v3/client"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client" aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
"github.com/alibabacloud-go/tea/tea" "github.com/alibabacloud-go/tea/tea"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
"github.com/usual2970/certimate/internal/pkg/utils/certs" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
) )
type UploaderConfig struct { type UploaderConfig struct {
@@ -26,7 +27,8 @@ type UploaderConfig struct {
type UploaderProvider struct { type UploaderProvider struct {
config *UploaderConfig config *UploaderConfig
sdkClient *aliyunCas.Client logger *slog.Logger
sdkClient *alicas.Client
} }
var _ uploader.Uploader = (*UploaderProvider)(nil) var _ uploader.Uploader = (*UploaderProvider)(nil)
@@ -36,24 +38,30 @@ func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
panic("config is nil") panic("config is nil")
} }
client, err := createSdkClient( client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region)
config.AccessKeyId,
config.AccessKeySecret,
config.Region,
)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to create sdk client") return nil, xerrors.Wrap(err, "failed to create sdk client")
} }
return &UploaderProvider{ return &UploaderProvider{
config: config, config: config,
logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
if logger == nil {
u.logger = slog.Default()
} else {
u.logger = logger
}
return u
}
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
// 解析证书内容 // 解析证书内容
certX509, err := certs.ParseCertificateFromPEM(certPem) certX509, err := certutil.ParseCertificateFromPEM(certPem)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -64,12 +72,13 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
listUserCertificateOrderPage := int64(1) listUserCertificateOrderPage := int64(1)
listUserCertificateOrderLimit := int64(50) listUserCertificateOrderLimit := int64(50)
for { for {
listUserCertificateOrderReq := &aliyunCas.ListUserCertificateOrderRequest{ listUserCertificateOrderReq := &alicas.ListUserCertificateOrderRequest{
CurrentPage: tea.Int64(listUserCertificateOrderPage), CurrentPage: tea.Int64(listUserCertificateOrderPage),
ShowSize: tea.Int64(listUserCertificateOrderLimit), ShowSize: tea.Int64(listUserCertificateOrderLimit),
OrderType: tea.String("CERT"), OrderType: tea.String("CERT"),
} }
listUserCertificateOrderResp, err := u.sdkClient.ListUserCertificateOrder(listUserCertificateOrderReq) listUserCertificateOrderResp, err := u.sdkClient.ListUserCertificateOrder(listUserCertificateOrderReq)
u.logger.Debug("sdk request 'cas.ListUserCertificateOrder'", slog.Any("request", listUserCertificateOrderReq), slog.Any("response", listUserCertificateOrderResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.ListUserCertificateOrder'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.ListUserCertificateOrder'")
} }
@@ -77,10 +86,11 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
if listUserCertificateOrderResp.Body.CertificateOrderList != nil { if listUserCertificateOrderResp.Body.CertificateOrderList != nil {
for _, certDetail := range listUserCertificateOrderResp.Body.CertificateOrderList { for _, certDetail := range listUserCertificateOrderResp.Body.CertificateOrderList {
if strings.EqualFold(certX509.SerialNumber.Text(16), *certDetail.SerialNo) { if strings.EqualFold(certX509.SerialNumber.Text(16), *certDetail.SerialNo) {
getUserCertificateDetailReq := &aliyunCas.GetUserCertificateDetailRequest{ getUserCertificateDetailReq := &alicas.GetUserCertificateDetailRequest{
CertId: certDetail.CertificateId, CertId: certDetail.CertificateId,
} }
getUserCertificateDetailResp, err := u.sdkClient.GetUserCertificateDetail(getUserCertificateDetailReq) getUserCertificateDetailResp, err := u.sdkClient.GetUserCertificateDetail(getUserCertificateDetailReq)
u.logger.Debug("sdk request 'cas.GetUserCertificateDetail'", slog.Any("request", getUserCertificateDetailReq), slog.Any("response", getUserCertificateDetailResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.GetUserCertificateDetail'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.GetUserCertificateDetail'")
} }
@@ -89,16 +99,17 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
if *getUserCertificateDetailResp.Body.Cert == certPem { if *getUserCertificateDetailResp.Body.Cert == certPem {
isSameCert = true isSameCert = true
} else { } else {
oldCertX509, err := certs.ParseCertificateFromPEM(*getUserCertificateDetailResp.Body.Cert) oldCertX509, err := certutil.ParseCertificateFromPEM(*getUserCertificateDetailResp.Body.Cert)
if err != nil { if err != nil {
continue continue
} }
isSameCert = certs.EqualCertificate(certX509, oldCertX509) isSameCert = certutil.EqualCertificate(certX509, oldCertX509)
} }
// 如果已存在相同证书,直接返回已有的证书信息 // 如果已存在相同证书,直接返回
if isSameCert { if isSameCert {
u.logger.Info("ssl certificate already exists")
return &uploader.UploadResult{ return &uploader.UploadResult{
CertId: fmt.Sprintf("%d", tea.Int64Value(certDetail.CertificateId)), CertId: fmt.Sprintf("%d", tea.Int64Value(certDetail.CertificateId)),
CertName: *certDetail.Name, CertName: *certDetail.Name,
@@ -121,12 +132,13 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
// 上传新证书 // 上传新证书
// REF: https://help.aliyun.com/zh/ssl-certificate/developer-reference/api-cas-2020-04-07-uploadusercertificate // REF: https://help.aliyun.com/zh/ssl-certificate/developer-reference/api-cas-2020-04-07-uploadusercertificate
uploadUserCertificateReq := &aliyunCas.UploadUserCertificateRequest{ uploadUserCertificateReq := &alicas.UploadUserCertificateRequest{
Name: tea.String(certName), Name: tea.String(certName),
Cert: tea.String(certPem), Cert: tea.String(certPem),
Key: tea.String(privkeyPem), Key: tea.String(privkeyPem),
} }
uploadUserCertificateResp, err := u.sdkClient.UploadUserCertificate(uploadUserCertificateReq) uploadUserCertificateResp, err := u.sdkClient.UploadUserCertificate(uploadUserCertificateReq)
u.logger.Debug("sdk request 'cas.UploadUserCertificate'", slog.Any("request", uploadUserCertificateReq), slog.Any("response", uploadUserCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.UploadUserCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.UploadUserCertificate'")
} }
@@ -138,7 +150,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
}, nil }, nil
} }
func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunCas.Client, error) { func createSdkClient(accessKeyId, accessKeySecret, region string) (*alicas.Client, error) {
if region == "" { if region == "" {
region = "cn-hangzhou" // CAS 服务默认区域:华东一杭州 region = "cn-hangzhou" // CAS 服务默认区域:华东一杭州
} }
@@ -152,13 +164,13 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunCas.Cl
endpoint = fmt.Sprintf("cas.%s.aliyuncs.com", region) endpoint = fmt.Sprintf("cas.%s.aliyuncs.com", region)
} }
config := &aliyunOpen.Config{ config := &aliopen.Config{
Endpoint: tea.String(endpoint), Endpoint: tea.String(endpoint),
AccessKeyId: tea.String(accessKeyId), AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret), AccessKeySecret: tea.String(accessKeySecret),
} }
client, err := aliyunCas.NewClient(config) client, err := alicas.NewClient(config)
if err != nil { if err != nil {
return nil, err return nil, err
} }

43
internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go
View File

@@ -5,17 +5,18 @@ import (
"crypto/sha256" "crypto/sha256"
"encoding/hex" "encoding/hex"
"fmt" "fmt"
"log/slog"
"regexp" "regexp"
"strings" "strings"
"time" "time"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client" aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
aliyunSlb "github.com/alibabacloud-go/slb-20140515/v4/client" alislb "github.com/alibabacloud-go/slb-20140515/v4/client"
"github.com/alibabacloud-go/tea/tea" "github.com/alibabacloud-go/tea/tea"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
"github.com/usual2970/certimate/internal/pkg/utils/certs" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
) )
type UploaderConfig struct { type UploaderConfig struct {
@@ -29,7 +30,8 @@ type UploaderConfig struct {
type UploaderProvider struct { type UploaderProvider struct {
config *UploaderConfig config *UploaderConfig
sdkClient *aliyunSlb.Client logger *slog.Logger
sdkClient *alislb.Client
} }
var _ uploader.Uploader = (*UploaderProvider)(nil) var _ uploader.Uploader = (*UploaderProvider)(nil)
@@ -39,34 +41,41 @@ func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
panic("config is nil") panic("config is nil")
} }
client, err := createSdkClient( client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region)
config.AccessKeyId,
config.AccessKeySecret,
config.Region,
)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to create sdk client") return nil, xerrors.Wrap(err, "failed to create sdk client")
} }
return &UploaderProvider{ return &UploaderProvider{
config: config, config: config,
logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
if logger == nil {
u.logger = slog.Default()
} else {
u.logger = logger
}
return u
}
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
// 解析证书内容 // 解析证书内容
certX509, err := certs.ParseCertificateFromPEM(certPem) certX509, err := certutil.ParseCertificateFromPEM(certPem)
if err != nil { if err != nil {
return nil, err return nil, err
} }
// 查询证书列表,避免重复上传 // 查询证书列表,避免重复上传
// REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-describeservercertificates // REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-describeservercertificates
describeServerCertificatesReq := &aliyunSlb.DescribeServerCertificatesRequest{ describeServerCertificatesReq := &alislb.DescribeServerCertificatesRequest{
RegionId: tea.String(u.config.Region), RegionId: tea.String(u.config.Region),
} }
describeServerCertificatesResp, err := u.sdkClient.DescribeServerCertificates(describeServerCertificatesReq) describeServerCertificatesResp, err := u.sdkClient.DescribeServerCertificates(describeServerCertificatesReq)
u.logger.Debug("sdk request 'slb.DescribeServerCertificates'", slog.Any("request", describeServerCertificatesReq), slog.Any("response", describeServerCertificatesResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeServerCertificates'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'slb.DescribeServerCertificates'")
} }
@@ -78,8 +87,9 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
isSameCert := *certDetail.IsAliCloudCertificate == 0 && isSameCert := *certDetail.IsAliCloudCertificate == 0 &&
strings.EqualFold(fingerprintHex, strings.ReplaceAll(*certDetail.Fingerprint, ":", "")) && strings.EqualFold(fingerprintHex, strings.ReplaceAll(*certDetail.Fingerprint, ":", "")) &&
strings.EqualFold(certX509.Subject.CommonName, *certDetail.CommonName) strings.EqualFold(certX509.Subject.CommonName, *certDetail.CommonName)
// 如果已存在相同证书,直接返回已有的证书信息 // 如果已存在相同证书,直接返回
if isSameCert { if isSameCert {
u.logger.Info("ssl certificate already exists")
return &uploader.UploadResult{ return &uploader.UploadResult{
CertId: *certDetail.ServerCertificateId, CertId: *certDetail.ServerCertificateId,
CertName: *certDetail.ServerCertificateName, CertName: *certDetail.ServerCertificateName,
@@ -100,13 +110,14 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
// 上传新证书 // 上传新证书
// REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-uploadservercertificate // REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-uploadservercertificate
uploadServerCertificateReq := &aliyunSlb.UploadServerCertificateRequest{ uploadServerCertificateReq := &alislb.UploadServerCertificateRequest{
RegionId: tea.String(u.config.Region), RegionId: tea.String(u.config.Region),
ServerCertificateName: tea.String(certName), ServerCertificateName: tea.String(certName),
ServerCertificate: tea.String(certPem), ServerCertificate: tea.String(certPem),
PrivateKey: tea.String(privkeyPem), PrivateKey: tea.String(privkeyPem),
} }
uploadServerCertificateResp, err := u.sdkClient.UploadServerCertificate(uploadServerCertificateReq) uploadServerCertificateResp, err := u.sdkClient.UploadServerCertificate(uploadServerCertificateReq)
u.logger.Debug("sdk request 'slb.UploadServerCertificate'", slog.Any("request", uploadServerCertificateReq), slog.Any("response", uploadServerCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'slb.UploadServerCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'slb.UploadServerCertificate'")
} }
@@ -118,7 +129,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
}, nil }, nil
} }
func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunSlb.Client, error) { func createSdkClient(accessKeyId, accessKeySecret, region string) (*alislb.Client, error) {
// 接入点一览 https://api.aliyun.com/product/Slb // 接入点一览 https://api.aliyun.com/product/Slb
var endpoint string var endpoint string
switch region { switch region {
@@ -132,13 +143,13 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunSlb.Cl
endpoint = fmt.Sprintf("slb.%s.aliyuncs.com", region) endpoint = fmt.Sprintf("slb.%s.aliyuncs.com", region)
} }
config := &aliyunOpen.Config{ config := &aliopen.Config{
Endpoint: tea.String(endpoint), Endpoint: tea.String(endpoint),
AccessKeyId: tea.String(accessKeyId), AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret), AccessKeySecret: tea.String(accessKeySecret),
} }
client, err := aliyunSlb.NewClient(config) client, err := alislb.NewClient(config)
if err != nil { if err != nil {
return nil, err return nil, err
} }

47
internal/pkg/core/uploader/providers/aws-acm/aws_acm.go
View File

@@ -2,16 +2,17 @@
import ( import (
"context" "context"
"log/slog"
aws "github.com/aws/aws-sdk-go-v2/aws" aws "github.com/aws/aws-sdk-go-v2/aws"
awsCfg "github.com/aws/aws-sdk-go-v2/config" awscfg "github.com/aws/aws-sdk-go-v2/config"
awsCred "github.com/aws/aws-sdk-go-v2/credentials" awscred "github.com/aws/aws-sdk-go-v2/credentials"
awsAcm "github.com/aws/aws-sdk-go-v2/service/acm" awsacm "github.com/aws/aws-sdk-go-v2/service/acm"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"golang.org/x/exp/slices" "golang.org/x/exp/slices"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
"github.com/usual2970/certimate/internal/pkg/utils/certs" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
) )
type UploaderConfig struct { type UploaderConfig struct {
@@ -25,7 +26,8 @@ type UploaderConfig struct {
type UploaderProvider struct { type UploaderProvider struct {
config *UploaderConfig config *UploaderConfig
sdkClient *awsAcm.Client logger *slog.Logger
sdkClient *awsacm.Client
} }
var _ uploader.Uploader = (*UploaderProvider)(nil) var _ uploader.Uploader = (*UploaderProvider)(nil)
@@ -42,19 +44,29 @@ func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
return &UploaderProvider{ return &UploaderProvider{
config: config, config: config,
logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
if logger == nil {
u.logger = slog.Default()
} else {
u.logger = logger
}
return u
}
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
// 解析证书内容 // 解析证书内容
certX509, err := certs.ParseCertificateFromPEM(certPem) certX509, err := certutil.ParseCertificateFromPEM(certPem)
if err != nil { if err != nil {
return nil, err return nil, err
} }
// 生成 AWS 业务参数 // 生成 AWS 业务参数
scertPem, _ := certs.ConvertCertificateToPEM(certX509) scertPem, _ := certutil.ConvertCertificateToPEM(certX509)
bcertPem := certPem bcertPem := certPem
// 获取证书列表,避免重复上传 // 获取证书列表,避免重复上传
@@ -62,11 +74,12 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
listCertificatesNextToken := new(string) listCertificatesNextToken := new(string)
listCertificatesMaxItems := int32(1000) listCertificatesMaxItems := int32(1000)
for { for {
listCertificatesReq := &awsAcm.ListCertificatesInput{ listCertificatesReq := &awsacm.ListCertificatesInput{
NextToken: listCertificatesNextToken, NextToken: listCertificatesNextToken,
MaxItems: aws.Int32(listCertificatesMaxItems), MaxItems: aws.Int32(listCertificatesMaxItems),
} }
listCertificatesResp, err := u.sdkClient.ListCertificates(context.TODO(), listCertificatesReq) listCertificatesResp, err := u.sdkClient.ListCertificates(context.TODO(), listCertificatesReq)
u.logger.Debug("sdk request 'acm.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'acm.ListCertificates'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'acm.ListCertificates'")
} }
@@ -87,7 +100,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
// 最后对比证书内容 // 最后对比证书内容
// REF: https://docs.aws.amazon.com/en_us/acm/latest/APIReference/API_ListTagsForCertificate.html // REF: https://docs.aws.amazon.com/en_us/acm/latest/APIReference/API_ListTagsForCertificate.html
getCertificateReq := &awsAcm.GetCertificateInput{ getCertificateReq := &awsacm.GetCertificateInput{
CertificateArn: certSummary.CertificateArn, CertificateArn: certSummary.CertificateArn,
} }
getCertificateResp, err := u.sdkClient.GetCertificate(context.TODO(), getCertificateReq) getCertificateResp, err := u.sdkClient.GetCertificate(context.TODO(), getCertificateReq)
@@ -99,17 +112,18 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
oldCertPem = aws.ToString(getCertificateResp.Certificate) oldCertPem = aws.ToString(getCertificateResp.Certificate)
} }
oldCertX509, err := certs.ParseCertificateFromPEM(oldCertPem) oldCertX509, err := certutil.ParseCertificateFromPEM(oldCertPem)
if err != nil { if err != nil {
continue continue
} }
if !certs.EqualCertificate(certX509, oldCertX509) { if !certutil.EqualCertificate(certX509, oldCertX509) {
continue continue
} }
} }
// 如果以上信息都一致,则视为已存在相同证书,直接返回 // 如果以上信息都一致,则视为已存在相同证书,直接返回
u.logger.Info("ssl certificate already exists")
return &uploader.UploadResult{ return &uploader.UploadResult{
CertId: *certSummary.CertificateArn, CertId: *certSummary.CertificateArn,
}, nil }, nil
@@ -124,12 +138,13 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
// 导入证书 // 导入证书
// REF: https://docs.aws.amazon.com/en_us/acm/latest/APIReference/API_ImportCertificate.html // REF: https://docs.aws.amazon.com/en_us/acm/latest/APIReference/API_ImportCertificate.html
importCertificateReq := &awsAcm.ImportCertificateInput{ importCertificateReq := &awsacm.ImportCertificateInput{
Certificate: ([]byte)(scertPem), Certificate: ([]byte)(scertPem),
CertificateChain: ([]byte)(bcertPem), CertificateChain: ([]byte)(bcertPem),
PrivateKey: ([]byte)(privkeyPem), PrivateKey: ([]byte)(privkeyPem),
} }
importCertificateResp, err := u.sdkClient.ImportCertificate(context.TODO(), importCertificateReq) importCertificateResp, err := u.sdkClient.ImportCertificate(context.TODO(), importCertificateReq)
u.logger.Debug("sdk request 'acm.ImportCertificate'", slog.Any("request", importCertificateReq), slog.Any("response", importCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'acm.ImportCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'acm.ImportCertificate'")
} }
@@ -139,15 +154,15 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
}, nil }, nil
} }
func createSdkClient(accessKeyId, secretAccessKey, region string) (*awsAcm.Client, error) { func createSdkClient(accessKeyId, secretAccessKey, region string) (*awsacm.Client, error) {
cfg, err := awsCfg.LoadDefaultConfig(context.TODO()) cfg, err := awscfg.LoadDefaultConfig(context.TODO())
if err != nil { if err != nil {
return nil, err return nil, err
} }
client := awsAcm.NewFromConfig(cfg, func(o *awsAcm.Options) { client := awsacm.NewFromConfig(cfg, func(o *awsacm.Options) {
o.Region = region o.Region = region
o.Credentials = aws.NewCredentialsCache(awsCred.NewStaticCredentialsProvider(accessKeyId, secretAccessKey, "")) o.Credentials = aws.NewCredentialsCache(awscred.NewStaticCredentialsProvider(accessKeyId, secretAccessKey, ""))
}) })
return client, nil return client, nil
} }

21
internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"crypto/x509" "crypto/x509"
"fmt" "fmt"
"log/slog"
"time" "time"
"github.com/Azure/azure-sdk-for-go/sdk/azcore" "github.com/Azure/azure-sdk-for-go/sdk/azcore"
@@ -13,7 +14,7 @@ import (
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
"github.com/usual2970/certimate/internal/pkg/utils/certs" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
azcommon "github.com/usual2970/certimate/internal/pkg/vendors/azure-sdk/common" azcommon "github.com/usual2970/certimate/internal/pkg/vendors/azure-sdk/common"
) )
@@ -32,6 +33,7 @@ type UploaderConfig struct {
type UploaderProvider struct { type UploaderProvider struct {
config *UploaderConfig config *UploaderConfig
logger *slog.Logger
sdkClient *azcertificates.Client sdkClient *azcertificates.Client
} }
@@ -49,13 +51,23 @@ func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
return &UploaderProvider{ return &UploaderProvider{
config: config, config: config,
logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
if logger == nil {
u.logger = slog.Default()
} else {
u.logger = logger
}
return u
}
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
// 解析证书内容 // 解析证书内容
certX509, err := certs.ParseCertificateFromPEM(certPem) certX509, err := certutil.ParseCertificateFromPEM(certPem)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -103,6 +115,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
// 最后对比证书内容 // 最后对比证书内容
getCertificateResp, err := u.sdkClient.GetCertificate(context.TODO(), certItem.ID.Name(), certItem.ID.Version(), nil) getCertificateResp, err := u.sdkClient.GetCertificate(context.TODO(), certItem.ID.Name(), certItem.ID.Version(), nil)
u.logger.Debug("sdk request 'keyvault.GetCertificate'", slog.String("request.certificateName", certItem.ID.Name()), slog.String("request.certificateVersion", certItem.ID.Version()), slog.Any("response", getCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'keyvault.GetCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'keyvault.GetCertificate'")
} else { } else {
@@ -111,12 +124,13 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
continue continue
} }
if !certs.EqualCertificate(certX509, oldCertX509) { if !certutil.EqualCertificate(certX509, oldCertX509) {
continue continue
} }
} }
// 如果以上信息都一致,则视为已存在相同证书,直接返回 // 如果以上信息都一致,则视为已存在相同证书,直接返回
u.logger.Info("ssl certificate already exists")
return &uploader.UploadResult{ return &uploader.UploadResult{
CertId: string(*certItem.ID), CertId: string(*certItem.ID),
CertName: certItem.ID.Name(), CertName: certItem.ID.Name(),
@@ -142,6 +156,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
}, },
} }
importCertificateResp, err := u.sdkClient.ImportCertificate(context.TODO(), certName, importCertificateParams, nil) importCertificateResp, err := u.sdkClient.ImportCertificate(context.TODO(), certName, importCertificateParams, nil)
u.logger.Debug("sdk request 'keyvault.ImportCertificate'", slog.String("request.certificateName", certName), slog.Any("request.parameters", importCertificateParams), slog.Any("response", importCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'keyvault.ImportCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'keyvault.ImportCertificate'")
} }

41
internal/pkg/core/uploader/providers/byteplus-cdn/byteplus_cdn.go
View File

@@ -6,14 +6,15 @@ import (
"crypto/sha256" "crypto/sha256"
"encoding/hex" "encoding/hex"
"fmt" "fmt"
"log/slog"
"strings" "strings"
"time" "time"
bpCdn "github.com/byteplus-sdk/byteplus-sdk-golang/service/cdn" bytepluscdn "github.com/byteplus-sdk/byteplus-sdk-golang/service/cdn"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
"github.com/usual2970/certimate/internal/pkg/utils/certs" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
) )
type UploaderConfig struct { type UploaderConfig struct {
@@ -25,7 +26,8 @@ type UploaderConfig struct {
type UploaderProvider struct { type UploaderProvider struct {
config *UploaderConfig config *UploaderConfig
sdkClient *bpCdn.CDN logger *slog.Logger
sdkClient *bytepluscdn.CDN
} }
var _ uploader.Uploader = (*UploaderProvider)(nil) var _ uploader.Uploader = (*UploaderProvider)(nil)
@@ -35,19 +37,29 @@ func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
panic("config is nil") panic("config is nil")
} }
client := bpCdn.NewInstance() client := bytepluscdn.NewInstance()
client.Client.SetAccessKey(config.AccessKey) client.Client.SetAccessKey(config.AccessKey)
client.Client.SetSecretKey(config.SecretKey) client.Client.SetSecretKey(config.SecretKey)
return &UploaderProvider{ return &UploaderProvider{
config: config, config: config,
logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
if logger == nil {
u.logger = slog.Default()
} else {
u.logger = logger
}
return u
}
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
// 解析证书内容 // 解析证书内容
certX509, err := certs.ParseCertificateFromPEM(certPem) certX509, err := certutil.ParseCertificateFromPEM(certPem)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -57,13 +69,14 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
listCertInfoPageNum := int64(1) listCertInfoPageNum := int64(1)
listCertInfoPageSize := int64(100) listCertInfoPageSize := int64(100)
listCertInfoTotal := 0 listCertInfoTotal := 0
listCertInfoReq := &bpCdn.ListCertInfoRequest{ listCertInfoReq := &bytepluscdn.ListCertInfoRequest{
PageNum: bpCdn.GetInt64Ptr(listCertInfoPageNum), PageNum: bytepluscdn.GetInt64Ptr(listCertInfoPageNum),
PageSize: bpCdn.GetInt64Ptr(listCertInfoPageSize), PageSize: bytepluscdn.GetInt64Ptr(listCertInfoPageSize),
Source: bpCdn.GetStrPtr("cert_center"), Source: bytepluscdn.GetStrPtr("cert_center"),
} }
for { for {
listCertInfoResp, err := u.sdkClient.ListCertInfo(listCertInfoReq) listCertInfoResp, err := u.sdkClient.ListCertInfo(listCertInfoReq)
u.logger.Debug("sdk request 'cdn.ListCertInfo'", slog.Any("request", listCertInfoReq), slog.Any("response", listCertInfoResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.ListCertInfo'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.ListCertInfo'")
} }
@@ -74,8 +87,9 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
fingerprintSha256 := sha256.Sum256(certX509.Raw) fingerprintSha256 := sha256.Sum256(certX509.Raw)
isSameCert := strings.EqualFold(hex.EncodeToString(fingerprintSha1[:]), certDetail.CertFingerprint.Sha1) && isSameCert := strings.EqualFold(hex.EncodeToString(fingerprintSha1[:]), certDetail.CertFingerprint.Sha1) &&
strings.EqualFold(hex.EncodeToString(fingerprintSha256[:]), certDetail.CertFingerprint.Sha256) strings.EqualFold(hex.EncodeToString(fingerprintSha256[:]), certDetail.CertFingerprint.Sha256)
// 如果已存在相同证书,直接返回已有的证书信息 // 如果已存在相同证书,直接返回
if isSameCert { if isSameCert {
u.logger.Info("ssl certificate already exists")
return &uploader.UploadResult{ return &uploader.UploadResult{
CertId: certDetail.CertId, CertId: certDetail.CertId,
CertName: certDetail.Desc, CertName: certDetail.Desc,
@@ -99,13 +113,14 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
// 上传新证书 // 上传新证书
// REF: https://docs.byteplus.com/en/docs/byteplus-cdn/reference-addcertificate // REF: https://docs.byteplus.com/en/docs/byteplus-cdn/reference-addcertificate
addCertificateReq := &bpCdn.AddCertificateRequest{ addCertificateReq := &bytepluscdn.AddCertificateRequest{
Certificate: certPem, Certificate: certPem,
PrivateKey: privkeyPem, PrivateKey: privkeyPem,
Source: bpCdn.GetStrPtr("cert_center"), Source: bytepluscdn.GetStrPtr("cert_center"),
Desc: bpCdn.GetStrPtr(certName), Desc: bytepluscdn.GetStrPtr(certName),
} }
addCertificateResp, err := u.sdkClient.AddCertificate(addCertificateReq) addCertificateResp, err := u.sdkClient.AddCertificate(addCertificateReq)
u.logger.Debug("sdk request 'cdn.AddCertificate'", slog.Any("request", addCertificateReq), slog.Any("response", addCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.AddCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.AddCertificate'")
} }

26
internal/pkg/core/uploader/providers/dogecloud/dogecloud.go
View File

@@ -3,12 +3,13 @@
import ( import (
"context" "context"
"fmt" "fmt"
"log/slog"
"time" "time"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
doge "github.com/usual2970/certimate/internal/pkg/vendors/dogecloud-sdk" dogesdk "github.com/usual2970/certimate/internal/pkg/vendors/dogecloud-sdk"
) )
type UploaderConfig struct { type UploaderConfig struct {
@@ -20,7 +21,8 @@ type UploaderConfig struct {
type UploaderProvider struct { type UploaderProvider struct {
config *UploaderConfig config *UploaderConfig
sdkClient *doge.Client logger *slog.Logger
sdkClient *dogesdk.Client
} }
var _ uploader.Uploader = (*UploaderProvider)(nil) var _ uploader.Uploader = (*UploaderProvider)(nil)
@@ -30,20 +32,27 @@ func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
panic("config is nil") panic("config is nil")
} }
client, err := createSdkClient( client, err := createSdkClient(config.AccessKey, config.SecretKey)
config.AccessKey,
config.SecretKey,
)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to create sdk client") return nil, xerrors.Wrap(err, "failed to create sdk client")
} }
return &UploaderProvider{ return &UploaderProvider{
config: config, config: config,
logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
if logger == nil {
u.logger = slog.Default()
} else {
u.logger = logger
}
return u
}
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
// 生成新证书名(需符合多吉云命名规则) // 生成新证书名(需符合多吉云命名规则)
var certId, certName string var certId, certName string
@@ -52,6 +61,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
// 上传新证书 // 上传新证书
// REF: https://docs.dogecloud.com/cdn/api-cert-upload // REF: https://docs.dogecloud.com/cdn/api-cert-upload
uploadSslCertResp, err := u.sdkClient.UploadCdnCert(certName, certPem, privkeyPem) uploadSslCertResp, err := u.sdkClient.UploadCdnCert(certName, certPem, privkeyPem)
u.logger.Debug("sdk request 'cdn.UploadCdnCert'", slog.Any("response", uploadSslCertResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.UploadCdnCert'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.UploadCdnCert'")
} }
@@ -63,7 +73,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
}, nil }, nil
} }
func createSdkClient(accessKey, secretKey string) (*doge.Client, error) { func createSdkClient(accessKey, secretKey string) (*dogesdk.Client, error) {
client := doge.NewClient(accessKey, secretKey) client := dogesdk.NewClient(accessKey, secretKey)
return client, nil return client, nil
} }

13
internal/pkg/core/uploader/providers/gcore-cdn/gcore_cdn.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"time" "time"
gprovider "github.com/G-Core/gcorelabscdn-go/gcore/provider" gprovider "github.com/G-Core/gcorelabscdn-go/gcore/provider"
@@ -21,6 +22,7 @@ type UploaderConfig struct {
type UploaderProvider struct { type UploaderProvider struct {
config *UploaderConfig config *UploaderConfig
logger *slog.Logger
sdkClient *gsslcerts.Service sdkClient *gsslcerts.Service
} }
@@ -38,10 +40,20 @@ func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
return &UploaderProvider{ return &UploaderProvider{
config: config, config: config,
logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
if logger == nil {
u.logger = slog.Default()
} else {
u.logger = logger
}
return u
}
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
// 生成新证书名(需符合 Gcore 命名规则) // 生成新证书名(需符合 Gcore 命名规则)
var certId, certName string var certId, certName string
@@ -57,6 +69,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
ValidateRootCA: false, ValidateRootCA: false,
} }
createCertificateResp, err := u.sdkClient.Create(context.TODO(), createCertificateReq) createCertificateResp, err := u.sdkClient.Create(context.TODO(), createCertificateReq)
u.logger.Debug("sdk request 'sslcerts.Create'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'sslcerts.Create'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'sslcerts.Create'")
} }

69
internal/pkg/core/uploader/providers/huaweicloud-elb/huaweicloud_elb.go
View File

@@ -4,20 +4,21 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"time" "time"
"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global"
hcElb "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3" hcelb "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3"
hcElbModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/model" hcelbmodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/model"
hcElbRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/region" hcelbregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/region"
hcIam "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3" hciam "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3"
hcIamModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/model" hciammodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/model"
hcIamRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/region" hciamregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/region"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
"github.com/usual2970/certimate/internal/pkg/utils/certs" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk" hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
) )
@@ -32,7 +33,8 @@ type UploaderConfig struct {
type UploaderProvider struct { type UploaderProvider struct {
config *UploaderConfig config *UploaderConfig
sdkClient *hcElb.ElbClient logger *slog.Logger
sdkClient *hcelb.ElbClient
} }
var _ uploader.Uploader = (*UploaderProvider)(nil) var _ uploader.Uploader = (*UploaderProvider)(nil)
@@ -42,24 +44,30 @@ func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
panic("config is nil") panic("config is nil")
} }
client, err := createSdkClient( client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region)
config.AccessKeyId,
config.SecretAccessKey,
config.Region,
)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to create sdk client") return nil, xerrors.Wrap(err, "failed to create sdk client")
} }
return &UploaderProvider{ return &UploaderProvider{
config: config, config: config,
logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
if logger == nil {
u.logger = slog.Default()
} else {
u.logger = logger
}
return u
}
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
// 解析证书内容 // 解析证书内容
certX509, err := certs.ParseCertificateFromPEM(certPem) certX509, err := certutil.ParseCertificateFromPEM(certPem)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -69,12 +77,13 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
listCertificatesLimit := int32(2000) listCertificatesLimit := int32(2000)
var listCertificatesMarker *string = nil var listCertificatesMarker *string = nil
for { for {
listCertificatesReq := &hcElbModel.ListCertificatesRequest{ listCertificatesReq := &hcelbmodel.ListCertificatesRequest{
Limit: hwsdk.Int32Ptr(listCertificatesLimit), Limit: hwsdk.Int32Ptr(listCertificatesLimit),
Marker: listCertificatesMarker, Marker: listCertificatesMarker,
Type: &[]string{"server"}, Type: &[]string{"server"},
} }
listCertificatesResp, err := u.sdkClient.ListCertificates(listCertificatesReq) listCertificatesResp, err := u.sdkClient.ListCertificates(listCertificatesReq)
u.logger.Debug("sdk request 'elb.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'elb.ListCertificates'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'elb.ListCertificates'")
} }
@@ -85,16 +94,17 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
if certDetail.Certificate == certPem { if certDetail.Certificate == certPem {
isSameCert = true isSameCert = true
} else { } else {
oldCertX509, err := certs.ParseCertificateFromPEM(certDetail.Certificate) oldCertX509, err := certutil.ParseCertificateFromPEM(certDetail.Certificate)
if err != nil { if err != nil {
continue continue
} }
isSameCert = certs.EqualCertificate(certX509, oldCertX509) isSameCert = certutil.EqualCertificate(certX509, oldCertX509)
} }
// 如果已存在相同证书,直接返回已有的证书信息 // 如果已存在相同证书,直接返回
if isSameCert { if isSameCert {
u.logger.Info("ssl certificate already exists")
return &uploader.UploadResult{ return &uploader.UploadResult{
CertId: certDetail.Id, CertId: certDetail.Id,
CertName: certDetail.Name, CertName: certDetail.Name,
@@ -123,9 +133,9 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
// 创建新证书 // 创建新证书
// REF: https://support.huaweicloud.com/api-elb/CreateCertificate.html // REF: https://support.huaweicloud.com/api-elb/CreateCertificate.html
createCertificateReq := &hcElbModel.CreateCertificateRequest{ createCertificateReq := &hcelbmodel.CreateCertificateRequest{
Body: &hcElbModel.CreateCertificateRequestBody{ Body: &hcelbmodel.CreateCertificateRequestBody{
Certificate: &hcElbModel.CreateCertificateOption{ Certificate: &hcelbmodel.CreateCertificateOption{
ProjectId: hwsdk.StringPtr(projectId), ProjectId: hwsdk.StringPtr(projectId),
Name: hwsdk.StringPtr(certName), Name: hwsdk.StringPtr(certName),
Certificate: hwsdk.StringPtr(certPem), Certificate: hwsdk.StringPtr(certPem),
@@ -134,6 +144,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
}, },
} }
createCertificateResp, err := u.sdkClient.CreateCertificate(createCertificateReq) createCertificateResp, err := u.sdkClient.CreateCertificate(createCertificateReq)
u.logger.Debug("sdk request 'elb.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'elb.CreateCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'elb.CreateCertificate'")
} }
@@ -146,7 +157,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
}, nil }, nil
} }
func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcElb.ElbClient, error) { func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcelb.ElbClient, error) {
if region == "" { if region == "" {
region = "cn-north-4" // ELB 服务默认区域:华北四北京 region = "cn-north-4" // ELB 服务默认区域:华北四北京
} }
@@ -159,12 +170,12 @@ func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcElb.ElbCli
return nil, err return nil, err
} }
hcRegion, err := hcElbRegion.SafeValueOf(region) hcRegion, err := hcelbregion.SafeValueOf(region)
if err != nil { if err != nil {
return nil, err return nil, err
} }
hcClient, err := hcElb.ElbClientBuilder(). hcClient, err := hcelb.ElbClientBuilder().
WithRegion(hcRegion). WithRegion(hcRegion).
WithCredential(auth). WithCredential(auth).
SafeBuild() SafeBuild()
@@ -172,7 +183,7 @@ func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcElb.ElbCli
return nil, err return nil, err
} }
client := hcElb.NewElbClient(hcClient) client := hcelb.NewElbClient(hcClient)
return client, nil return client, nil
} }
@@ -189,12 +200,12 @@ func getSdkProjectId(accessKeyId, secretAccessKey, region string) (string, error
return "", err return "", err
} }
hcRegion, err := hcIamRegion.SafeValueOf(region) hcRegion, err := hciamregion.SafeValueOf(region)
if err != nil { if err != nil {
return "", err return "", err
} }
hcClient, err := hcIam.IamClientBuilder(). hcClient, err := hciam.IamClientBuilder().
WithRegion(hcRegion). WithRegion(hcRegion).
WithCredential(auth). WithCredential(auth).
SafeBuild() SafeBuild()
@@ -202,9 +213,9 @@ func getSdkProjectId(accessKeyId, secretAccessKey, region string) (string, error
return "", err return "", err
} }
client := hcIam.NewIamClient(hcClient) client := hciam.NewIamClient(hcClient)
request := &hcIamModel.KeystoneListProjectsRequest{ request := &hciammodel.KeystoneListProjectsRequest{
Name: &region, Name: &region,
} }
response, err := client.KeystoneListProjects(request) response, err := client.KeystoneListProjects(request)

56
internal/pkg/core/uploader/providers/huaweicloud-scm/huaweicloud_scm.go
View File

@@ -3,16 +3,17 @@
import ( import (
"context" "context"
"fmt" "fmt"
"log/slog"
"time" "time"
"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
hcScm "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3" hcscm "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3"
hcScmModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3/model" hcscmmodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3/model"
hcScmRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3/region" hcscmregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3/region"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
"github.com/usual2970/certimate/internal/pkg/utils/certs" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk" hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
) )
@@ -27,7 +28,8 @@ type UploaderConfig struct {
type UploaderProvider struct { type UploaderProvider struct {
config *UploaderConfig config *UploaderConfig
sdkClient *hcScm.ScmClient logger *slog.Logger
sdkClient *hcscm.ScmClient
} }
var _ uploader.Uploader = (*UploaderProvider)(nil) var _ uploader.Uploader = (*UploaderProvider)(nil)
@@ -37,24 +39,30 @@ func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
panic("config is nil") panic("config is nil")
} }
client, err := createSdkClient( client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region)
config.AccessKeyId,
config.SecretAccessKey,
config.Region,
)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to create sdk client") return nil, xerrors.Wrap(err, "failed to create sdk client")
} }
return &UploaderProvider{ return &UploaderProvider{
config: config, config: config,
logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
if logger == nil {
u.logger = slog.Default()
} else {
u.logger = logger
}
return u
}
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
// 解析证书内容 // 解析证书内容
certX509, err := certs.ParseCertificateFromPEM(certPem) certX509, err := certutil.ParseCertificateFromPEM(certPem)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -65,23 +73,25 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
listCertificatesLimit := int32(50) listCertificatesLimit := int32(50)
listCertificatesOffset := int32(0) listCertificatesOffset := int32(0)
for { for {
listCertificatesReq := &hcScmModel.ListCertificatesRequest{ listCertificatesReq := &hcscmmodel.ListCertificatesRequest{
Limit: hwsdk.Int32Ptr(listCertificatesLimit), Limit: hwsdk.Int32Ptr(listCertificatesLimit),
Offset: hwsdk.Int32Ptr(listCertificatesOffset), Offset: hwsdk.Int32Ptr(listCertificatesOffset),
SortDir: hwsdk.StringPtr("DESC"), SortDir: hwsdk.StringPtr("DESC"),
SortKey: hwsdk.StringPtr("certExpiredTime"), SortKey: hwsdk.StringPtr("certExpiredTime"),
} }
listCertificatesResp, err := u.sdkClient.ListCertificates(listCertificatesReq) listCertificatesResp, err := u.sdkClient.ListCertificates(listCertificatesReq)
u.logger.Debug("sdk request 'scm.ListCertificates'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'scm.ListCertificates'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'scm.ListCertificates'")
} }
if listCertificatesResp.Certificates != nil { if listCertificatesResp.Certificates != nil {
for _, certDetail := range *listCertificatesResp.Certificates { for _, certDetail := range *listCertificatesResp.Certificates {
exportCertificateReq := &hcScmModel.ExportCertificateRequest{ exportCertificateReq := &hcscmmodel.ExportCertificateRequest{
CertificateId: certDetail.Id, CertificateId: certDetail.Id,
} }
exportCertificateResp, err := u.sdkClient.ExportCertificate(exportCertificateReq) exportCertificateResp, err := u.sdkClient.ExportCertificate(exportCertificateReq)
u.logger.Debug("sdk request 'scm.ExportCertificate'", slog.Any("request", exportCertificateReq), slog.Any("response", exportCertificateResp))
if err != nil { if err != nil {
if exportCertificateResp != nil && exportCertificateResp.HttpStatusCode == 404 { if exportCertificateResp != nil && exportCertificateResp.HttpStatusCode == 404 {
continue continue
@@ -93,16 +103,17 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
if *exportCertificateResp.Certificate == certPem { if *exportCertificateResp.Certificate == certPem {
isSameCert = true isSameCert = true
} else { } else {
oldCertX509, err := certs.ParseCertificateFromPEM(*exportCertificateResp.Certificate) oldCertX509, err := certutil.ParseCertificateFromPEM(*exportCertificateResp.Certificate)
if err != nil { if err != nil {
continue continue
} }
isSameCert = certs.EqualCertificate(certX509, oldCertX509) isSameCert = certutil.EqualCertificate(certX509, oldCertX509)
} }
// 如果已存在相同证书,直接返回已有的证书信息 // 如果已存在相同证书,直接返回
if isSameCert { if isSameCert {
u.logger.Info("ssl certificate already exists")
return &uploader.UploadResult{ return &uploader.UploadResult{
CertId: certDetail.Id, CertId: certDetail.Id,
CertName: certDetail.Name, CertName: certDetail.Name,
@@ -124,14 +135,15 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
// 上传新证书 // 上传新证书
// REF: https://support.huaweicloud.com/api-ccm/ImportCertificate.html // REF: https://support.huaweicloud.com/api-ccm/ImportCertificate.html
importCertificateReq := &hcScmModel.ImportCertificateRequest{ importCertificateReq := &hcscmmodel.ImportCertificateRequest{
Body: &hcScmModel.ImportCertificateRequestBody{ Body: &hcscmmodel.ImportCertificateRequestBody{
Name: certName, Name: certName,
Certificate: certPem, Certificate: certPem,
PrivateKey: privkeyPem, PrivateKey: privkeyPem,
}, },
} }
importCertificateResp, err := u.sdkClient.ImportCertificate(importCertificateReq) importCertificateResp, err := u.sdkClient.ImportCertificate(importCertificateReq)
u.logger.Debug("sdk request 'scm.ImportCertificate'", slog.Any("request", importCertificateReq), slog.Any("response", importCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'scm.ImportCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'scm.ImportCertificate'")
} }
@@ -143,7 +155,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
}, nil }, nil
} }
func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcScm.ScmClient, error) { func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcscm.ScmClient, error) {
if region == "" { if region == "" {
region = "cn-north-4" // SCM 服务默认区域:华北四北京 region = "cn-north-4" // SCM 服务默认区域:华北四北京
} }
@@ -156,12 +168,12 @@ func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcScm.ScmCli
return nil, err return nil, err
} }
hcRegion, err := hcScmRegion.SafeValueOf(region) hcRegion, err := hcscmregion.SafeValueOf(region)
if err != nil { if err != nil {
return nil, err return nil, err
} }
hcClient, err := hcScm.ScmClientBuilder(). hcClient, err := hcscm.ScmClientBuilder().
WithRegion(hcRegion). WithRegion(hcRegion).
WithCredential(auth). WithCredential(auth).
SafeBuild() SafeBuild()
@@ -169,6 +181,6 @@ func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcScm.ScmCli
return nil, err return nil, err
} }
client := hcScm.NewScmClient(hcClient) client := hcscm.NewScmClient(hcClient)
return client, nil return client, nil
} }

70
internal/pkg/core/uploader/providers/huaweicloud-waf/huaweicloud_waf.go
View File

@@ -4,20 +4,21 @@ import (
"context" "context"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"time" "time"
"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global"
hcIam "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3" hciam "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3"
hcIamModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/model" hciammodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/model"
hcIamRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/region" hciamregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/region"
hcWaf "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1" hcwaf "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1"
hcWafModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/model" hcwafmodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/model"
hcWafRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/region" hcwafregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/region"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
"github.com/usual2970/certimate/internal/pkg/utils/certs" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk" hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
) )
@@ -32,7 +33,8 @@ type UploaderConfig struct {
type UploaderProvider struct { type UploaderProvider struct {
config *UploaderConfig config *UploaderConfig
sdkClient *hcWaf.WafClient logger *slog.Logger
sdkClient *hcwaf.WafClient
} }
var _ uploader.Uploader = (*UploaderProvider)(nil) var _ uploader.Uploader = (*UploaderProvider)(nil)
@@ -42,24 +44,30 @@ func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
panic("config is nil") panic("config is nil")
} }
client, err := createSdkClient( client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region)
config.AccessKeyId,
config.SecretAccessKey,
config.Region,
)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to create sdk client") return nil, xerrors.Wrap(err, "failed to create sdk client")
} }
return &UploaderProvider{ return &UploaderProvider{
config: config, config: config,
logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
if logger == nil {
u.logger = slog.Default()
} else {
u.logger = logger
}
return u
}
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
// 解析证书内容 // 解析证书内容
certX509, err := certs.ParseCertificateFromPEM(certPem) certX509, err := certutil.ParseCertificateFromPEM(certPem)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -70,21 +78,23 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
listCertificatesPage := int32(1) listCertificatesPage := int32(1)
listCertificatesPageSize := int32(100) listCertificatesPageSize := int32(100)
for { for {
listCertificatesReq := &hcWafModel.ListCertificatesRequest{ listCertificatesReq := &hcwafmodel.ListCertificatesRequest{
Page: hwsdk.Int32Ptr(listCertificatesPage), Page: hwsdk.Int32Ptr(listCertificatesPage),
Pagesize: hwsdk.Int32Ptr(listCertificatesPageSize), Pagesize: hwsdk.Int32Ptr(listCertificatesPageSize),
} }
listCertificatesResp, err := u.sdkClient.ListCertificates(listCertificatesReq) listCertificatesResp, err := u.sdkClient.ListCertificates(listCertificatesReq)
u.logger.Debug("sdk request 'waf.ShowCertificate'", slog.Any("request", listCertificatesReq), slog.Any("response", listCertificatesResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.ListCertificates'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.ListCertificates'")
} }
if listCertificatesResp.Items != nil { if listCertificatesResp.Items != nil {
for _, certItem := range *listCertificatesResp.Items { for _, certItem := range *listCertificatesResp.Items {
showCertificateReq := &hcWafModel.ShowCertificateRequest{ showCertificateReq := &hcwafmodel.ShowCertificateRequest{
CertificateId: certItem.Id, CertificateId: certItem.Id,
} }
showCertificateResp, err := u.sdkClient.ShowCertificate(showCertificateReq) showCertificateResp, err := u.sdkClient.ShowCertificate(showCertificateReq)
u.logger.Debug("sdk request 'waf.ShowCertificate'", slog.Any("request", showCertificateReq), slog.Any("response", showCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.ShowCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.ShowCertificate'")
} }
@@ -93,16 +103,17 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
if *showCertificateResp.Content == certPem { if *showCertificateResp.Content == certPem {
isSameCert = true isSameCert = true
} else { } else {
oldCertX509, err := certs.ParseCertificateFromPEM(*showCertificateResp.Content) oldCertX509, err := certutil.ParseCertificateFromPEM(*showCertificateResp.Content)
if err != nil { if err != nil {
continue continue
} }
isSameCert = certs.EqualCertificate(certX509, oldCertX509) isSameCert = certutil.EqualCertificate(certX509, oldCertX509)
} }
// 如果已存在相同证书,直接返回已有的证书信息 // 如果已存在相同证书,直接返回
if isSameCert { if isSameCert {
u.logger.Info("ssl certificate already exists")
return &uploader.UploadResult{ return &uploader.UploadResult{
CertId: certItem.Id, CertId: certItem.Id,
CertName: certItem.Name, CertName: certItem.Name,
@@ -124,14 +135,15 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
// 创建证书 // 创建证书
// REF: https://support.huaweicloud.com/api-waf/CreateCertificate.html // REF: https://support.huaweicloud.com/api-waf/CreateCertificate.html
createCertificateReq := &hcWafModel.CreateCertificateRequest{ createCertificateReq := &hcwafmodel.CreateCertificateRequest{
Body: &hcWafModel.CreateCertificateRequestBody{ Body: &hcwafmodel.CreateCertificateRequestBody{
Name: certName, Name: certName,
Content: certPem, Content: certPem,
Key: privkeyPem, Key: privkeyPem,
}, },
} }
createCertificateResp, err := u.sdkClient.CreateCertificate(createCertificateReq) createCertificateResp, err := u.sdkClient.CreateCertificate(createCertificateReq)
u.logger.Debug("sdk request 'waf.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.CreateCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'waf.CreateCertificate'")
} }
@@ -144,7 +156,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
}, nil }, nil
} }
func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcWaf.WafClient, error) { func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcwaf.WafClient, error) {
projectId, err := getSdkProjectId(accessKeyId, secretAccessKey, region) projectId, err := getSdkProjectId(accessKeyId, secretAccessKey, region)
if err != nil { if err != nil {
return nil, err return nil, err
@@ -159,12 +171,12 @@ func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcWaf.WafCli
return nil, err return nil, err
} }
hcRegion, err := hcWafRegion.SafeValueOf(region) hcRegion, err := hcwafregion.SafeValueOf(region)
if err != nil { if err != nil {
return nil, err return nil, err
} }
hcClient, err := hcWaf.WafClientBuilder(). hcClient, err := hcwaf.WafClientBuilder().
WithRegion(hcRegion). WithRegion(hcRegion).
WithCredential(auth). WithCredential(auth).
SafeBuild() SafeBuild()
@@ -172,7 +184,7 @@ func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcWaf.WafCli
return nil, err return nil, err
} }
client := hcWaf.NewWafClient(hcClient) client := hcwaf.NewWafClient(hcClient)
return client, nil return client, nil
} }
@@ -185,12 +197,12 @@ func getSdkProjectId(accessKeyId, secretAccessKey, region string) (string, error
return "", err return "", err
} }
hcRegion, err := hcIamRegion.SafeValueOf(region) hcRegion, err := hciamregion.SafeValueOf(region)
if err != nil { if err != nil {
return "", err return "", err
} }
hcClient, err := hcIam.IamClientBuilder(). hcClient, err := hciam.IamClientBuilder().
WithRegion(hcRegion). WithRegion(hcRegion).
WithCredential(auth). WithCredential(auth).
SafeBuild() SafeBuild()
@@ -198,9 +210,9 @@ func getSdkProjectId(accessKeyId, secretAccessKey, region string) (string, error
return "", err return "", err
} }
client := hcIam.NewIamClient(hcClient) client := hciam.NewIamClient(hcClient)
request := &hcIamModel.KeystoneListProjectsRequest{ request := &hciammodel.KeystoneListProjectsRequest{
Name: &region, Name: &region,
} }
response, err := client.KeystoneListProjects(request) response, err := client.KeystoneListProjects(request)

39
internal/pkg/core/uploader/providers/jdcloud-ssl/jdcloud_ssl.go
View File

@@ -5,17 +5,18 @@ import (
"crypto/sha256" "crypto/sha256"
"encoding/hex" "encoding/hex"
"fmt" "fmt"
"log/slog"
"strings" "strings"
"time" "time"
jdCore "github.com/jdcloud-api/jdcloud-sdk-go/core" jdcore "github.com/jdcloud-api/jdcloud-sdk-go/core"
jdSslApi "github.com/jdcloud-api/jdcloud-sdk-go/services/ssl/apis" jdsslapi "github.com/jdcloud-api/jdcloud-sdk-go/services/ssl/apis"
jdSslClient "github.com/jdcloud-api/jdcloud-sdk-go/services/ssl/client" jdsslclient "github.com/jdcloud-api/jdcloud-sdk-go/services/ssl/client"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"golang.org/x/exp/slices" "golang.org/x/exp/slices"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
"github.com/usual2970/certimate/internal/pkg/utils/certs" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
) )
type UploaderConfig struct { type UploaderConfig struct {
@@ -27,7 +28,8 @@ type UploaderConfig struct {
type UploaderProvider struct { type UploaderProvider struct {
config *UploaderConfig config *UploaderConfig
sdkClient *jdSslClient.SslClient logger *slog.Logger
sdkClient *jdsslclient.SslClient
} }
var _ uploader.Uploader = (*UploaderProvider)(nil) var _ uploader.Uploader = (*UploaderProvider)(nil)
@@ -44,13 +46,23 @@ func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
return &UploaderProvider{ return &UploaderProvider{
config: config, config: config,
logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
if logger == nil {
u.logger = slog.Default()
} else {
u.logger = logger
}
return u
}
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
// 解析证书内容 // 解析证书内容
certX509, err := certs.ParseCertificateFromPEM(certPem) certX509, err := certutil.ParseCertificateFromPEM(certPem)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -66,11 +78,12 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
describeCertsPageNumber := 1 describeCertsPageNumber := 1
describeCertsPageSize := 10 describeCertsPageSize := 10
for { for {
describeCertsReq := jdSslApi.NewDescribeCertsRequest() describeCertsReq := jdsslapi.NewDescribeCertsRequest()
describeCertsReq.SetDomainName(certX509.Subject.CommonName) describeCertsReq.SetDomainName(certX509.Subject.CommonName)
describeCertsReq.SetPageNumber(describeCertsPageNumber) describeCertsReq.SetPageNumber(describeCertsPageNumber)
describeCertsReq.SetPageSize(describeCertsPageSize) describeCertsReq.SetPageSize(describeCertsPageSize)
describeCertsResp, err := u.sdkClient.DescribeCerts(describeCertsReq) describeCertsResp, err := u.sdkClient.DescribeCerts(describeCertsReq)
u.logger.Debug("sdk request 'ssl.DescribeCerts'", slog.Any("request", describeCertsReq), slog.Any("response", describeCertsResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.DescribeCerts'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.DescribeCerts'")
} }
@@ -101,6 +114,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
} }
// 如果以上信息都一致,则视为已存在相同证书,直接返回 // 如果以上信息都一致,则视为已存在相同证书,直接返回
u.logger.Info("ssl certificate already exists")
return &uploader.UploadResult{ return &uploader.UploadResult{
CertId: certDetail.CertId, CertId: certDetail.CertId,
CertName: certDetail.CertName, CertName: certDetail.CertName,
@@ -119,8 +133,9 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
// 上传证书 // 上传证书
// REF: https://docs.jdcloud.com/cn/ssl-certificate/api/uploadcert // REF: https://docs.jdcloud.com/cn/ssl-certificate/api/uploadcert
uploadCertReq := jdSslApi.NewUploadCertRequest(certName, privkeyPem, certPem) uploadCertReq := jdsslapi.NewUploadCertRequest(certName, privkeyPem, certPem)
uploadCertResp, err := u.sdkClient.UploadCert(uploadCertReq) uploadCertResp, err := u.sdkClient.UploadCert(uploadCertReq)
u.logger.Debug("sdk request 'ssl.UploadCertificate'", slog.Any("request", uploadCertReq), slog.Any("response", uploadCertResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.UploadCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.UploadCertificate'")
} }
@@ -131,9 +146,9 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
}, nil }, nil
} }
func createSdkClient(accessKeyId, accessKeySecret string) (*jdSslClient.SslClient, error) { func createSdkClient(accessKeyId, accessKeySecret string) (*jdsslclient.SslClient, error) {
clientCredentials := jdCore.NewCredentials(accessKeyId, accessKeySecret) clientCredentials := jdcore.NewCredentials(accessKeyId, accessKeySecret)
client := jdSslClient.NewSslClient(clientCredentials) client := jdsslclient.NewSslClient(clientCredentials)
client.SetLogger(jdCore.NewDefaultLogger(jdCore.LogWarn)) client.SetLogger(jdcore.NewDefaultLogger(jdcore.LogWarn))
return client, nil return client, nil
} }

30
internal/pkg/core/uploader/providers/qiniu-sslcert/qiniu_sslcert.go
View File

@@ -3,14 +3,15 @@
import ( import (
"context" "context"
"fmt" "fmt"
"log/slog"
"time" "time"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/qiniu/go-sdk/v7/auth" "github.com/qiniu/go-sdk/v7/auth"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
"github.com/usual2970/certimate/internal/pkg/utils/certs" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
qiniuEx "github.com/usual2970/certimate/internal/pkg/vendors/qiniu-sdk" qiniusdk "github.com/usual2970/certimate/internal/pkg/vendors/qiniu-sdk"
) )
type UploaderConfig struct { type UploaderConfig struct {
@@ -22,7 +23,8 @@ type UploaderConfig struct {
type UploaderProvider struct { type UploaderProvider struct {
config *UploaderConfig config *UploaderConfig
sdkClient *qiniuEx.Client logger *slog.Logger
sdkClient *qiniusdk.Client
} }
var _ uploader.Uploader = (*UploaderProvider)(nil) var _ uploader.Uploader = (*UploaderProvider)(nil)
@@ -32,23 +34,30 @@ func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
panic("config is nil") panic("config is nil")
} }
client, err := createSdkClient( client, err := createSdkClient(config.AccessKey, config.SecretKey)
config.AccessKey,
config.SecretKey,
)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to create sdk client") return nil, xerrors.Wrap(err, "failed to create sdk client")
} }
return &UploaderProvider{ return &UploaderProvider{
config: config, config: config,
logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
if logger == nil {
u.logger = slog.Default()
} else {
u.logger = logger
}
return u
}
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
// 解析证书内容 // 解析证书内容
certX509, err := certs.ParseCertificateFromPEM(certPem) certX509, err := certutil.ParseCertificateFromPEM(certPem)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -60,6 +69,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
// 上传新证书 // 上传新证书
// REF: https://developer.qiniu.com/fusion/8593/interface-related-certificate // REF: https://developer.qiniu.com/fusion/8593/interface-related-certificate
uploadSslCertResp, err := u.sdkClient.UploadSslCert(context.TODO(), certName, certX509.Subject.CommonName, certPem, privkeyPem) uploadSslCertResp, err := u.sdkClient.UploadSslCert(context.TODO(), certName, certX509.Subject.CommonName, certPem, privkeyPem)
u.logger.Debug("sdk request 'ssl.UploadCertificate'", slog.Any("response", uploadSslCertResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.UploadSslCert'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.UploadSslCert'")
} }
@@ -71,8 +81,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
}, nil }, nil
} }
func createSdkClient(accessKey, secretKey string) (*qiniuEx.Client, error) { func createSdkClient(accessKey, secretKey string) (*qiniusdk.Client, error) {
credential := auth.New(accessKey, secretKey) credential := auth.New(accessKey, secretKey)
client := qiniuEx.NewClient(credential) client := qiniusdk.NewClient(credential)
return client, nil return client, nil
} }

28
internal/pkg/core/uploader/providers/tencentcloud-ssl/tencentcloud_ssl.go
View File

@@ -2,11 +2,12 @@
import ( import (
"context" "context"
"log/slog"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common" "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
) )
@@ -20,7 +21,8 @@ type UploaderConfig struct {
type UploaderProvider struct { type UploaderProvider struct {
config *UploaderConfig config *UploaderConfig
sdkClient *tcSsl.Client logger *slog.Logger
sdkClient *tcssl.Client
} }
var _ uploader.Uploader = (*UploaderProvider)(nil) var _ uploader.Uploader = (*UploaderProvider)(nil)
@@ -30,28 +32,36 @@ func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
panic("config is nil") panic("config is nil")
} }
client, err := createSdkClient( client, err := createSdkClient(config.SecretId, config.SecretKey)
config.SecretId,
config.SecretKey,
)
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to create sdk client") return nil, xerrors.Wrap(err, "failed to create sdk client")
} }
return &UploaderProvider{ return &UploaderProvider{
config: config, config: config,
logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
if logger == nil {
u.logger = slog.Default()
} else {
u.logger = logger
}
return u
}
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
// 上传新证书 // 上传新证书
// REF: https://cloud.tencent.com/document/product/400/41665 // REF: https://cloud.tencent.com/document/product/400/41665
uploadCertificateReq := tcSsl.NewUploadCertificateRequest() uploadCertificateReq := tcssl.NewUploadCertificateRequest()
uploadCertificateReq.CertificatePublicKey = common.StringPtr(certPem) uploadCertificateReq.CertificatePublicKey = common.StringPtr(certPem)
uploadCertificateReq.CertificatePrivateKey = common.StringPtr(privkeyPem) uploadCertificateReq.CertificatePrivateKey = common.StringPtr(privkeyPem)
uploadCertificateReq.Repeatable = common.BoolPtr(false) uploadCertificateReq.Repeatable = common.BoolPtr(false)
uploadCertificateResp, err := u.sdkClient.UploadCertificate(uploadCertificateReq) uploadCertificateResp, err := u.sdkClient.UploadCertificate(uploadCertificateReq)
u.logger.Debug("sdk request 'ssl.UploadCertificate'", slog.Any("request", uploadCertificateReq), slog.Any("response", uploadCertificateResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.UploadCertificate'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.UploadCertificate'")
} }
@@ -63,9 +73,9 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
}, nil }, nil
} }
func createSdkClient(secretId, secretKey string) (*tcSsl.Client, error) { func createSdkClient(secretId, secretKey string) (*tcssl.Client, error) {
credential := common.NewCredential(secretId, secretKey) credential := common.NewCredential(secretId, secretKey)
client, err := tcSsl.NewClient(credential, "", profile.NewClientProfile()) client, err := tcssl.NewClient(credential, "", profile.NewClientProfile())
if err != nil { if err != nil {
return nil, err return nil, err
} }

65
internal/pkg/core/uploader/providers/ucloud-ussl/ucloud_ussl.go
View File

@@ -8,16 +8,17 @@ import (
"encoding/hex" "encoding/hex"
"errors" "errors"
"fmt" "fmt"
"log/slog"
"strings" "strings"
"time" "time"
xerrors "github.com/pkg/errors" xerrors "github.com/pkg/errors"
usdk "github.com/ucloud/ucloud-sdk-go/ucloud" "github.com/ucloud/ucloud-sdk-go/ucloud"
uAuth "github.com/ucloud/ucloud-sdk-go/ucloud/auth" ucloudauth "github.com/ucloud/ucloud-sdk-go/ucloud/auth"
"github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/core/uploader"
"github.com/usual2970/certimate/internal/pkg/utils/certs" "github.com/usual2970/certimate/internal/pkg/utils/certutil"
usdkSsl "github.com/usual2970/certimate/internal/pkg/vendors/ucloud-sdk/ussl" usslsdk "github.com/usual2970/certimate/internal/pkg/vendors/ucloud-sdk/ussl"
) )
type UploaderConfig struct { type UploaderConfig struct {
@@ -31,7 +32,8 @@ type UploaderConfig struct {
type UploaderProvider struct { type UploaderProvider struct {
config *UploaderConfig config *UploaderConfig
sdkClient *usdkSsl.USSLClient logger *slog.Logger
sdkClient *usslsdk.USSLClient
} }
var _ uploader.Uploader = (*UploaderProvider)(nil) var _ uploader.Uploader = (*UploaderProvider)(nil)
@@ -48,10 +50,20 @@ func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
return &UploaderProvider{ return &UploaderProvider{
config: config, config: config,
logger: slog.Default(),
sdkClient: client, sdkClient: client,
}, nil }, nil
} }
func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
if logger == nil {
u.logger = slog.Default()
} else {
u.logger = logger
}
return u
}
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
// 生成新证书名(需符合优刻得命名规则) // 生成新证书名(需符合优刻得命名规则)
var certId, certName string var certId, certName string
@@ -66,14 +78,15 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
// 上传托管证书 // 上传托管证书
// REF: https://docs.ucloud.cn/api/usslcertificate-api/upload_normal_certificate // REF: https://docs.ucloud.cn/api/usslcertificate-api/upload_normal_certificate
uploadNormalCertificateReq := u.sdkClient.NewUploadNormalCertificateRequest() uploadNormalCertificateReq := u.sdkClient.NewUploadNormalCertificateRequest()
uploadNormalCertificateReq.CertificateName = usdk.String(certName) uploadNormalCertificateReq.CertificateName = ucloud.String(certName)
uploadNormalCertificateReq.SslPublicKey = usdk.String(certPemBase64) uploadNormalCertificateReq.SslPublicKey = ucloud.String(certPemBase64)
uploadNormalCertificateReq.SslPrivateKey = usdk.String(privkeyPemBase64) uploadNormalCertificateReq.SslPrivateKey = ucloud.String(privkeyPemBase64)
uploadNormalCertificateReq.SslMD5 = usdk.String(certMd5Hex) uploadNormalCertificateReq.SslMD5 = ucloud.String(certMd5Hex)
if u.config.ProjectId != "" { if u.config.ProjectId != "" {
uploadNormalCertificateReq.ProjectId = usdk.String(u.config.ProjectId) uploadNormalCertificateReq.ProjectId = ucloud.String(u.config.ProjectId)
} }
uploadNormalCertificateResp, err := u.sdkClient.UploadNormalCertificate(uploadNormalCertificateReq) uploadNormalCertificateResp, err := u.sdkClient.UploadNormalCertificate(uploadNormalCertificateReq)
u.logger.Debug("sdk request 'ussl.UploadNormalCertificate'", slog.Any("request", uploadNormalCertificateReq), slog.Any("response", uploadNormalCertificateResp))
if err != nil { if err != nil {
if uploadNormalCertificateResp != nil && uploadNormalCertificateResp.GetRetCode() == 80035 { if uploadNormalCertificateResp != nil && uploadNormalCertificateResp.GetRetCode() == 80035 {
if res, err := u.getExistCert(ctx, certPem); err != nil { if res, err := u.getExistCert(ctx, certPem); err != nil {
@@ -81,6 +94,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
} else if res == nil { } else if res == nil {
return nil, errors.New("no certificate found") return nil, errors.New("no certificate found")
} else { } else {
u.logger.Info("ssl certificate already exists")
return res, nil return res, nil
} }
} }
@@ -92,7 +106,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
return &uploader.UploadResult{ return &uploader.UploadResult{
CertId: certId, CertId: certId,
CertName: certName, CertName: certName,
ExtendedData: map[string]interface{}{ ExtendedData: map[string]any{
"resourceId": uploadNormalCertificateResp.LongResourceID, "resourceId": uploadNormalCertificateResp.LongResourceID,
}, },
}, nil }, nil
@@ -100,7 +114,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
func (u *UploaderProvider) getExistCert(ctx context.Context, certPem string) (res *uploader.UploadResult, err error) { func (u *UploaderProvider) getExistCert(ctx context.Context, certPem string) (res *uploader.UploadResult, err error) {
// 解析证书内容 // 解析证书内容
certX509, err := certs.ParseCertificateFromPEM(certPem) certX509, err := certutil.ParseCertificateFromPEM(certPem)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -112,15 +126,16 @@ func (u *UploaderProvider) getExistCert(ctx context.Context, certPem string) (re
getCertificateListLimit := int(1000) getCertificateListLimit := int(1000)
for { for {
getCertificateListReq := u.sdkClient.NewGetCertificateListRequest() getCertificateListReq := u.sdkClient.NewGetCertificateListRequest()
getCertificateListReq.Mode = usdk.String("trust") getCertificateListReq.Mode = ucloud.String("trust")
getCertificateListReq.Domain = usdk.String(certX509.Subject.CommonName) getCertificateListReq.Domain = ucloud.String(certX509.Subject.CommonName)
getCertificateListReq.Sort = usdk.String("2") getCertificateListReq.Sort = ucloud.String("2")
getCertificateListReq.Page = usdk.Int(getCertificateListPage) getCertificateListReq.Page = ucloud.Int(getCertificateListPage)
getCertificateListReq.PageSize = usdk.Int(getCertificateListLimit) getCertificateListReq.PageSize = ucloud.Int(getCertificateListLimit)
if u.config.ProjectId != "" { if u.config.ProjectId != "" {
getCertificateListReq.ProjectId = usdk.String(u.config.ProjectId) getCertificateListReq.ProjectId = ucloud.String(u.config.ProjectId)
} }
getCertificateListResp, err := u.sdkClient.GetCertificateList(getCertificateListReq) getCertificateListResp, err := u.sdkClient.GetCertificateList(getCertificateListReq)
u.logger.Debug("sdk request 'ussl.GetCertificateList'", slog.Any("request", getCertificateListReq), slog.Any("response", getCertificateListResp))
if err != nil { if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ussl.GetCertificateList'") return nil, xerrors.Wrap(err, "failed to execute sdk request 'ussl.GetCertificateList'")
} }
@@ -143,9 +158,9 @@ func (u *UploaderProvider) getExistCert(ctx context.Context, certPem string) (re
} }
getCertificateDetailInfoReq := u.sdkClient.NewGetCertificateDetailInfoRequest() getCertificateDetailInfoReq := u.sdkClient.NewGetCertificateDetailInfoRequest()
getCertificateDetailInfoReq.CertificateID = usdk.Int(certInfo.CertificateID) getCertificateDetailInfoReq.CertificateID = ucloud.Int(certInfo.CertificateID)
if u.config.ProjectId != "" { if u.config.ProjectId != "" {
getCertificateDetailInfoReq.ProjectId = usdk.String(u.config.ProjectId) getCertificateDetailInfoReq.ProjectId = ucloud.String(u.config.ProjectId)
} }
getCertificateDetailInfoResp, err := u.sdkClient.GetCertificateDetailInfo(getCertificateDetailInfoReq) getCertificateDetailInfoResp, err := u.sdkClient.GetCertificateDetailInfo(getCertificateDetailInfoReq)
if err != nil { if err != nil {
@@ -197,7 +212,7 @@ func (u *UploaderProvider) getExistCert(ctx context.Context, certPem string) (re
return &uploader.UploadResult{ return &uploader.UploadResult{
CertId: fmt.Sprintf("%d", certInfo.CertificateID), CertId: fmt.Sprintf("%d", certInfo.CertificateID),
CertName: certInfo.Name, CertName: certInfo.Name,
ExtendedData: map[string]interface{}{ ExtendedData: map[string]any{
"resourceId": certInfo.CertificateSN, "resourceId": certInfo.CertificateSN,
}, },
}, nil }, nil
@@ -214,13 +229,13 @@ func (u *UploaderProvider) getExistCert(ctx context.Context, certPem string) (re
return nil, nil return nil, nil
} }
func createSdkClient(privateKey, publicKey string) (*usdkSsl.USSLClient, error) { func createSdkClient(privateKey, publicKey string) (*usslsdk.USSLClient, error) {
cfg := usdk.NewConfig() cfg := ucloud.NewConfig()
credential := uAuth.NewCredential() credential := ucloudauth.NewCredential()
credential.PrivateKey = privateKey credential.PrivateKey = privateKey
credential.PublicKey = publicKey credential.PublicKey = publicKey
client := usdkSsl.NewClient(&cfg, &credential) client := usslsdk.NewClient(&cfg, &credential)
return client, nil return client, nil
} }

Some files were not shown because too many files have changed in this diff Show More