From 99c5c8339de5487a0bac44b88a728d8f49e55cfd Mon Sep 17 00:00:00 2001 From: Fu Diwei Date: Sat, 11 Jan 2025 23:30:15 +0800 Subject: [PATCH] feat: add volcengine cert-center uploader --- go.mod | 2 + go.sum | 3 + internal/deployer/providers.go | 12 +- .../huaweicloud-cdn/huaweicloud_cdn.go | 14 +- .../volcengine-cdn/volcengine_cdn.go | 16 +-- .../volcengine-cdn/volcengine_cdn_test.go | 28 ++-- .../volcengine-live/volcengine_live.go | 16 +-- .../volcengine-live/volcengine_live_test.go | 28 ++-- .../volcengine_certcenter.go | 88 ++++++++++++ .../volcengine_certcenter_test.go | 72 ++++++++++ internal/pkg/utils/maps/maps.go | 1 + .../cdn}/client.go | 2 +- .../cdn}/models.go | 2 +- .../certcenter/api_import_certificate.go | 129 ++++++++++++++++++ .../volcengine-sdk/certcenter/interface.go | 14 ++ .../volcengine-sdk/certcenter/service.go | 71 ++++++++++ 16 files changed, 439 insertions(+), 59 deletions(-) create mode 100644 internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter.go create mode 100644 internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter_test.go rename internal/pkg/vendors/{huaweicloud-cdn-sdk => huaweicloud-sdk/cdn}/client.go (96%) rename internal/pkg/vendors/{huaweicloud-cdn-sdk => huaweicloud-sdk/cdn}/models.go (98%) create mode 100644 internal/pkg/vendors/volcengine-sdk/certcenter/api_import_certificate.go create mode 100644 internal/pkg/vendors/volcengine-sdk/certcenter/interface.go create mode 100644 internal/pkg/vendors/volcengine-sdk/certcenter/service.go diff --git a/go.mod b/go.mod index c5116a5b..68ad937c 100644 --- a/go.mod +++ b/go.mod @@ -67,10 +67,12 @@ require ( github.com/namedotcom/go v0.0.0-20180403034216-08470befbe04 // indirect github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect github.com/technoweenie/multipartstreamer v1.0.1 // indirect + github.com/volcengine/volcengine-go-sdk v1.0.177 // indirect github.com/x448/float16 v0.8.4 // indirect go.mongodb.org/mongo-driver v1.12.0 // indirect gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect k8s.io/klog/v2 v2.130.1 // indirect k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f // indirect k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 // indirect diff --git a/go.sum b/go.sum index b212a754..2ccd547b 100644 --- a/go.sum +++ b/go.sum @@ -809,8 +809,11 @@ github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6Kllzaw github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= github.com/valyala/fasttemplate v1.2.2 h1:lxLXG0uE3Qnshl9QyaK6XJxMXlQZELvChBOCmQD0Loo= github.com/valyala/fasttemplate v1.2.2/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ= +github.com/volcengine/volc-sdk-golang v1.0.23/go.mod h1:AfG/PZRUkHJ9inETvbjNifTDgut25Wbkm2QoYBTbvyU= github.com/volcengine/volc-sdk-golang v1.0.189 h1:VMDTHWYXakXJtZqPYn0As/h4eB0c4imvyru6mIp+o60= github.com/volcengine/volc-sdk-golang v1.0.189/go.mod h1:u0VtPvlXWpXDTmc9IHkaW1q+5Jjwus4oAqRhNMDRInE= +github.com/volcengine/volcengine-go-sdk v1.0.177 h1:Z5D8BZAR1ilH7bLtRjBVP/I0QOIk7G/xuLvjeSJIax0= +github.com/volcengine/volcengine-go-sdk v1.0.177/go.mod h1:gfEDc1s7SYaGoY+WH2dRrS3qiuDJMkwqyfXWCa7+7oA= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= diff --git a/internal/deployer/providers.go b/internal/deployer/providers.go index dbb75851..23d89370 100644 --- a/internal/deployer/providers.go +++ b/internal/deployer/providers.go @@ -340,17 +340,17 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, logger.Logger, switch options.Provider { case domain.DeployProviderTypeVolcEngineCDN: deployer, err := providerVolcEngineCDN.NewWithLogger(&providerVolcEngineCDN.VolcEngineCDNDeployerConfig{ - AccessKey: access.AccessKeyId, - SecretKey: access.SecretAccessKey, - Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), + AccessKeyId: access.AccessKeyId, + AccessKeySecret: access.SecretAccessKey, + Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), }, logger) return deployer, logger, err case domain.DeployProviderTypeVolcEngineLive: deployer, err := providerVolcEngineLive.NewWithLogger(&providerVolcEngineLive.VolcEngineLiveDeployerConfig{ - AccessKey: access.AccessKeyId, - SecretKey: access.SecretAccessKey, - Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), + AccessKeyId: access.AccessKeyId, + AccessKeySecret: access.SecretAccessKey, + Domain: maps.GetValueAsString(options.ProviderDeployConfig, "domain"), }, logger) return deployer, logger, err diff --git a/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go b/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go index 1dba8085..2879168b 100644 --- a/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go +++ b/internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go @@ -15,7 +15,7 @@ import ( "github.com/usual2970/certimate/internal/pkg/core/uploader" providerScm "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-scm" "github.com/usual2970/certimate/internal/pkg/utils/cast" - huaweicloudsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-cdn-sdk" + hcCdnSdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk/cdn" ) type HuaweiCloudCDNDeployerConfig struct { @@ -32,7 +32,7 @@ type HuaweiCloudCDNDeployerConfig struct { type HuaweiCloudCDNDeployer struct { config *HuaweiCloudCDNDeployerConfig logger logger.Logger - sdkClient *huaweicloudsdk.Client + sdkClient *hcCdnSdk.Client sslUploader uploader.Uploader } @@ -100,15 +100,15 @@ func (d *HuaweiCloudCDNDeployer) Deploy(ctx context.Context, certPem string, pri // 更新加速域名配置 // REF: https://support.huaweicloud.com/api-cdn/UpdateDomainMultiCertificates.html // REF: https://support.huaweicloud.com/usermanual-cdn/cdn_01_0306.html - updateDomainMultiCertificatesReqBodyContent := &huaweicloudsdk.UpdateDomainMultiCertificatesExRequestBodyContent{} + updateDomainMultiCertificatesReqBodyContent := &hcCdnSdk.UpdateDomainMultiCertificatesExRequestBodyContent{} updateDomainMultiCertificatesReqBodyContent.DomainName = d.config.Domain updateDomainMultiCertificatesReqBodyContent.HttpsSwitch = 1 updateDomainMultiCertificatesReqBodyContent.CertificateType = cast.Int32Ptr(2) updateDomainMultiCertificatesReqBodyContent.SCMCertificateId = cast.StringPtr(upres.CertId) updateDomainMultiCertificatesReqBodyContent.CertName = cast.StringPtr(upres.CertName) updateDomainMultiCertificatesReqBodyContent = updateDomainMultiCertificatesReqBodyContent.MergeConfig(showDomainFullConfigResp.Configs) - updateDomainMultiCertificatesReq := &huaweicloudsdk.UpdateDomainMultiCertificatesExRequest{ - Body: &huaweicloudsdk.UpdateDomainMultiCertificatesExRequestBody{ + updateDomainMultiCertificatesReq := &hcCdnSdk.UpdateDomainMultiCertificatesExRequest{ + Body: &hcCdnSdk.UpdateDomainMultiCertificatesExRequestBody{ Https: updateDomainMultiCertificatesReqBodyContent, }, } @@ -122,7 +122,7 @@ func (d *HuaweiCloudCDNDeployer) Deploy(ctx context.Context, certPem string, pri return &deployer.DeployResult{}, nil } -func createSdkClient(accessKeyId, secretAccessKey, region string) (*huaweicloudsdk.Client, error) { +func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcCdnSdk.Client, error) { if region == "" { region = "cn-north-1" // CDN 服务默认区域:华北一北京 } @@ -148,6 +148,6 @@ func createSdkClient(accessKeyId, secretAccessKey, region string) (*huaweiclouds return nil, err } - client := huaweicloudsdk.NewClient(hcClient) + client := hcCdnSdk.NewClient(hcClient) return client, nil } diff --git a/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go b/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go index 903ad1ea..41c16323 100644 --- a/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go +++ b/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go @@ -16,10 +16,10 @@ import ( ) type VolcEngineCDNDeployerConfig struct { - // 火山引擎 AccessKey。 - AccessKey string `json:"accessKey"` - // 火山引擎 SecretKey。 - SecretKey string `json:"secretKey"` + // 火山引擎 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 火山引擎 AccessKeySecret。 + AccessKeySecret string `json:"accessKeySecret"` // 加速域名(支持泛域名)。 Domain string `json:"domain"` } @@ -47,12 +47,12 @@ func NewWithLogger(config *VolcEngineCDNDeployerConfig, logger logger.Logger) (* } client := veCdn.NewInstance() - client.Client.SetAccessKey(config.AccessKey) - client.Client.SetSecretKey(config.SecretKey) + client.Client.SetAccessKey(config.AccessKeyId) + client.Client.SetSecretKey(config.AccessKeySecret) uploader, err := providerCdn.New(&providerCdn.VolcEngineCDNUploaderConfig{ - AccessKeyId: config.AccessKey, - AccessKeySecret: config.SecretKey, + AccessKeyId: config.AccessKeyId, + AccessKeySecret: config.AccessKeySecret, }) if err != nil { return nil, xerrors.Wrap(err, "failed to create ssl uploader") diff --git a/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn_test.go b/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn_test.go index 639a41c1..3a3ff62d 100644 --- a/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn_test.go +++ b/internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn_test.go @@ -12,11 +12,11 @@ import ( ) var ( - fInputCertPath string - fInputKeyPath string - fAccessKey string - fSecretKey string - fDomain string + fInputCertPath string + fInputKeyPath string + fAccessKeyId string + fAccessKeySecret string + fDomain string ) func init() { @@ -24,8 +24,8 @@ func init() { flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") - flag.StringVar(&fAccessKey, argsPrefix+"ACCESSKEY", "", "") - flag.StringVar(&fSecretKey, argsPrefix+"SECRETKEY", "", "") + flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") + flag.StringVar(&fAccessKeySecret, argsPrefix+"ACCESSKEYSECRET", "", "") flag.StringVar(&fDomain, argsPrefix+"DOMAIN", "", "") } @@ -35,8 +35,8 @@ Shell command to run this test: go test -v ./volcengine_cdn_test.go -args \ --CERTIMATE_DEPLOYER_VOLCENGINECDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \ --CERTIMATE_DEPLOYER_VOLCENGINECDN_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINECDN_ACCESSKEY="your-access-key" \ - --CERTIMATE_DEPLOYER_VOLCENGINECDN_SECRETKEY="your-secret-key" \ + --CERTIMATE_DEPLOYER_VOLCENGINECDN_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_DEPLOYER_VOLCENGINECDN_ACCESSKEYSECRET="your-access-key-secret" \ --CERTIMATE_DEPLOYER_VOLCENGINECDN_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { @@ -47,15 +47,15 @@ func TestDeploy(t *testing.T) { "args:", fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), - fmt.Sprintf("ACCESSKEY: %v", fAccessKey), - fmt.Sprintf("SECRETKEY: %v", fSecretKey), + fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), + fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret), fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) deployer, err := provider.New(&provider.VolcEngineCDNDeployerConfig{ - AccessKey: fAccessKey, - SecretKey: fSecretKey, - Domain: fDomain, + AccessKeyId: fAccessKeyId, + AccessKeySecret: fAccessKeySecret, + Domain: fDomain, }) if err != nil { t.Errorf("err: %+v", err) diff --git a/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go b/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go index aba43a82..b90ac6c0 100644 --- a/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go +++ b/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go @@ -17,10 +17,10 @@ import ( ) type VolcEngineLiveDeployerConfig struct { - // 火山引擎 AccessKey。 - AccessKey string `json:"accessKey"` - // 火山引擎 SecretKey。 - SecretKey string `json:"secretKey"` + // 火山引擎 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 火山引擎 AccessKeySecret。 + AccessKeySecret string `json:"accessKeySecret"` // 加速域名(支持泛域名)。 Domain string `json:"domain"` } @@ -48,12 +48,12 @@ func NewWithLogger(config *VolcEngineLiveDeployerConfig, logger logger.Logger) ( } client := veLive.NewInstance() - client.SetAccessKey(config.AccessKey) - client.SetSecretKey(config.SecretKey) + client.SetAccessKey(config.AccessKeyId) + client.SetSecretKey(config.AccessKeySecret) uploader, err := providerLive.New(&providerLive.VolcEngineLiveUploaderConfig{ - AccessKeyId: config.AccessKey, - AccessKeySecret: config.SecretKey, + AccessKeyId: config.AccessKeyId, + AccessKeySecret: config.AccessKeySecret, }) if err != nil { return nil, xerrors.Wrap(err, "failed to create ssl uploader") diff --git a/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live_test.go b/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live_test.go index 6d9da282..28097c75 100644 --- a/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live_test.go +++ b/internal/pkg/core/deployer/providers/volcengine-live/volcengine_live_test.go @@ -12,11 +12,11 @@ import ( ) var ( - fInputCertPath string - fInputKeyPath string - fAccessKey string - fSecretKey string - fDomain string + fInputCertPath string + fInputKeyPath string + fAccessKeyId string + fAccessKeySecret string + fDomain string ) func init() { @@ -24,8 +24,8 @@ func init() { flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") - flag.StringVar(&fAccessKey, argsPrefix+"ACCESSKEY", "", "") - flag.StringVar(&fSecretKey, argsPrefix+"SECRETKEY", "", "") + flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") + flag.StringVar(&fAccessKeySecret, argsPrefix+"ACCESSKEYSECRET", "", "") flag.StringVar(&fDomain, argsPrefix+"DOMAIN", "", "") } @@ -35,8 +35,8 @@ Shell command to run this test: go test -v ./volcengine_live_test.go -args \ --CERTIMATE_DEPLOYER_VOLCENGINELIVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \ --CERTIMATE_DEPLOYER_VOLCENGINELIVE_INPUTKEYPATH="/path/to/your-input-key.pem" \ - --CERTIMATE_DEPLOYER_VOLCENGINELIVE_ACCESSKEY="your-access-key" \ - --CERTIMATE_DEPLOYER_VOLCENGINELIVE_SECRETKEY="your-secret-key" \ + --CERTIMATE_DEPLOYER_VOLCENGINELIVE_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_DEPLOYER_VOLCENGINELIVE_ACCESSKEYSECRET="your-access-key-secret" \ --CERTIMATE_DEPLOYER_VOLCENGINELIVE_DOMAIN="example.com" */ func TestDeploy(t *testing.T) { @@ -47,15 +47,15 @@ func TestDeploy(t *testing.T) { "args:", fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), - fmt.Sprintf("ACCESSKEY: %v", fAccessKey), - fmt.Sprintf("SECRETKEY: %v", fSecretKey), + fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), + fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret), fmt.Sprintf("DOMAIN: %v", fDomain), }, "\n")) deployer, err := provider.New(&provider.VolcEngineLiveDeployerConfig{ - AccessKey: fAccessKey, - SecretKey: fSecretKey, - Domain: fDomain, + AccessKeyId: fAccessKeyId, + AccessKeySecret: fAccessKeySecret, + Domain: fDomain, }) if err != nil { t.Errorf("err: %+v", err) diff --git a/internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter.go b/internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter.go new file mode 100644 index 00000000..d984e727 --- /dev/null +++ b/internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter.go @@ -0,0 +1,88 @@ +package volcenginecertcenter + +import ( + "context" + "errors" + + xerrors "github.com/pkg/errors" + ve "github.com/volcengine/volcengine-go-sdk/volcengine" + veSession "github.com/volcengine/volcengine-go-sdk/volcengine/session" + + "github.com/usual2970/certimate/internal/pkg/core/uploader" + veCertCenter "github.com/usual2970/certimate/internal/pkg/vendors/volcengine-sdk/certcenter" +) + +type VolcEngineCertCenterUploaderConfig struct { + // 火山引擎 AccessKeyId。 + AccessKeyId string `json:"accessKeyId"` + // 火山引擎 AccessKeySecret。 + AccessKeySecret string `json:"accessKeySecret"` + // 火山引擎区域。 + Region string `json:"region"` +} + +type VolcEngineCertCenterUploader struct { + config *VolcEngineCertCenterUploaderConfig + sdkClient *veCertCenter.CertCenter +} + +var _ uploader.Uploader = (*VolcEngineCertCenterUploader)(nil) + +func New(config *VolcEngineCertCenterUploaderConfig) (*VolcEngineCertCenterUploader, error) { + if config == nil { + return nil, errors.New("config is nil") + } + + client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region) + if err != nil { + return nil, xerrors.Wrap(err, "failed to create sdk client: %w") + } + + return &VolcEngineCertCenterUploader{ + config: config, + sdkClient: client, + }, nil +} + +func (u *VolcEngineCertCenterUploader) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { + // 上传证书 + // REF: https://www.volcengine.com/docs/6638/1365580 + importCertificateReq := &veCertCenter.ImportCertificateInput{ + CertificateInfo: &veCertCenter.ImportCertificateInputCertificateInfo{ + CertificateChain: ve.String(certPem), + PrivateKey: ve.String(privkeyPem), + }, + Repeatable: ve.Bool(false), + } + importCertificateResp, err := u.sdkClient.ImportCertificate(importCertificateReq) + if err != nil { + return nil, xerrors.Wrap(err, "failed to execute sdk request 'certcenter.ImportCertificate'") + } + + var certId string + if importCertificateResp.InstanceId != nil { + certId = *importCertificateResp.InstanceId + } + if importCertificateResp.RepeatId != nil { + certId = *importCertificateResp.RepeatId + } + return &uploader.UploadResult{ + CertId: certId, + }, nil +} + +func createSdkClient(accessKeyId, accessKeySecret, region string) (*veCertCenter.CertCenter, error) { + if region == "" { + region = "cn-beijing" + } + + config := ve.NewConfig().WithRegion(region).WithAkSk(accessKeyId, accessKeySecret) + + session, err := veSession.NewSession(config) + if err != nil { + return nil, err + } + + client := veCertCenter.New(session) + return client, nil +} diff --git a/internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter_test.go b/internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter_test.go new file mode 100644 index 00000000..5f15c44f --- /dev/null +++ b/internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter_test.go @@ -0,0 +1,72 @@ +package volcenginecertcenter_test + +import ( + "context" + "encoding/json" + "flag" + "fmt" + "os" + "strings" + "testing" + + provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter" +) + +var ( + fInputCertPath string + fInputKeyPath string + fAccessKeyId string + fAccessKeySecret string +) + +func init() { + argsPrefix := "CERTIMATE_UPLOADER_VOLCENGINECERTCENTER_" + + flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") + flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") + flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "") + flag.StringVar(&fAccessKeySecret, argsPrefix+"ACCESSKEYSECRET", "", "") +} + +/* +Shell command to run this test: + + go test -v ./volcengine_certcenter_test.go -args \ + --CERTIMATE_UPLOADER_VOLCENGINECERTCENTER_INPUTCERTPATH="/path/to/your-input-cert.pem" \ + --CERTIMATE_UPLOADER_VOLCENGINECERTCENTER_INPUTKEYPATH="/path/to/your-input-key.pem" \ + --CERTIMATE_UPLOADER_VOLCENGINECERTCENTER_ACCESSKEYID="your-access-key-id" \ + --CERTIMATE_UPLOADER_VOLCENGINECERTCENTER_ACCESSKEYSECRET="your-access-key-secret" +*/ +func TestDeploy(t *testing.T) { + flag.Parse() + + t.Run("Deploy", func(t *testing.T) { + t.Log(strings.Join([]string{ + "args:", + fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath), + fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath), + fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId), + fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret), + }, "\n")) + + uploader, err := provider.New(&provider.VolcEngineCertCenterUploaderConfig{ + AccessKeyId: fAccessKeyId, + AccessKeySecret: fAccessKeySecret, + }) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + fInputCertData, _ := os.ReadFile(fInputCertPath) + fInputKeyData, _ := os.ReadFile(fInputKeyPath) + res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData)) + if err != nil { + t.Errorf("err: %+v", err) + return + } + + sres, _ := json.Marshal(res) + t.Logf("ok: %s", string(sres)) + }) +} diff --git a/internal/pkg/utils/maps/maps.go b/internal/pkg/utils/maps/maps.go index f0e82efc..a33d34aa 100644 --- a/internal/pkg/utils/maps/maps.go +++ b/internal/pkg/utils/maps/maps.go @@ -184,6 +184,7 @@ func GetValueOrDefaultAsBool(dict map[string]any, key string, defaultValue bool) } // 将字典解码为指定类型的结构体。 +// 与 [json.Unmarshal] 类似,但传入的是一个 [map[string]interface{}] 对象而非 JSON 格式的字符串。 // // 入参: // - dict: 字典。 diff --git a/internal/pkg/vendors/huaweicloud-cdn-sdk/client.go b/internal/pkg/vendors/huaweicloud-sdk/cdn/client.go similarity index 96% rename from internal/pkg/vendors/huaweicloud-cdn-sdk/client.go rename to internal/pkg/vendors/huaweicloud-sdk/cdn/client.go index cc484d3f..842ce9ef 100644 --- a/internal/pkg/vendors/huaweicloud-cdn-sdk/client.go +++ b/internal/pkg/vendors/huaweicloud-sdk/cdn/client.go @@ -1,4 +1,4 @@ -package huaweicloudcdnsdk +package cdn import ( "github.com/huaweicloud/huaweicloud-sdk-go-v3/core" diff --git a/internal/pkg/vendors/huaweicloud-cdn-sdk/models.go b/internal/pkg/vendors/huaweicloud-sdk/cdn/models.go similarity index 98% rename from internal/pkg/vendors/huaweicloud-cdn-sdk/models.go rename to internal/pkg/vendors/huaweicloud-sdk/cdn/models.go index cca42058..ff0def2a 100644 --- a/internal/pkg/vendors/huaweicloud-cdn-sdk/models.go +++ b/internal/pkg/vendors/huaweicloud-sdk/cdn/models.go @@ -1,4 +1,4 @@ -package huaweicloudcdnsdk +package cdn import ( hcCdnModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/model" diff --git a/internal/pkg/vendors/volcengine-sdk/certcenter/api_import_certificate.go b/internal/pkg/vendors/volcengine-sdk/certcenter/api_import_certificate.go new file mode 100644 index 00000000..ece842ed --- /dev/null +++ b/internal/pkg/vendors/volcengine-sdk/certcenter/api_import_certificate.go @@ -0,0 +1,129 @@ +package certcenter + +import ( + "github.com/volcengine/volcengine-go-sdk/volcengine" + "github.com/volcengine/volcengine-go-sdk/volcengine/request" + "github.com/volcengine/volcengine-go-sdk/volcengine/response" + "github.com/volcengine/volcengine-go-sdk/volcengine/volcengineutil" +) + +const opImportCertificateCommon = "ImportCertificate" + +func (c *CertCenter) ImportCertificateCommonRequest(input *map[string]interface{}) (req *request.Request, output *map[string]interface{}) { + op := &request.Operation{ + Name: opImportCertificateCommon, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &map[string]interface{}{} + } + + output = &map[string]interface{}{} + req = c.newRequest(op, input, output) + + req.HTTPRequest.Header.Set("Content-Type", "application/json; charset=utf-8") + + return +} + +func (c *CertCenter) ImportCertificateCommon(input *map[string]interface{}) (*map[string]interface{}, error) { + req, out := c.ImportCertificateCommonRequest(input) + return out, req.Send() +} + +func (c *CertCenter) ImportCertificateCommonWithContext(ctx volcengine.Context, input *map[string]interface{}, opts ...request.Option) (*map[string]interface{}, error) { + req, out := c.ImportCertificateCommonRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opImportCertificate = "ImportCertificate" + +func (c *CertCenter) ImportCertificateRequest(input *ImportCertificateInput) (req *request.Request, output *ImportCertificateOutput) { + op := &request.Operation{ + Name: opImportCertificate, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ImportCertificateInput{} + } + + output = &ImportCertificateOutput{} + req = c.newRequest(op, input, output) + + req.HTTPRequest.Header.Set("Content-Type", "application/json; charset=utf-8") + + return +} + +func (c *CertCenter) ImportCertificate(input *ImportCertificateInput) (*ImportCertificateOutput, error) { + req, out := c.ImportCertificateRequest(input) + return out, req.Send() +} + +func (c *CertCenter) ImportCertificateWithContext(ctx volcengine.Context, input *ImportCertificateInput, opts ...request.Option) (*ImportCertificateOutput, error) { + req, out := c.ImportCertificateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +type ImportCertificateInput struct { + _ struct{} `type:"structure" json:",omitempty"` + + Tag *string `type:"string" json:",omitempty"` + + ProjectName *string `type:"string" json:",omitempty"` + + Repeatable *bool `type:"boolean" json:",omitempty"` + + NoVerifyAndFixChain *bool `type:"boolean" json:",omitempty"` + + CertificateInfo *ImportCertificateInputCertificateInfo `type:"structure" json:",omitempty"` + + Tags *[]ImportCertificateInputTag `type:"list" json:",omitempty"` +} + +func (s ImportCertificateInput) String() string { + return volcengineutil.Prettify(s) +} + +func (s *ImportCertificateInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ImportCertificateInput"} + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +type ImportCertificateInputCertificateInfo struct { + CertificateChain *string `type:"string" json:",omitempty"` + + PrivateKey *string `type:"string" json:",omitempty"` +} + +type ImportCertificateInputTag struct { + Key *string `type:"string" json:",omitempty" required:"true"` + + Value *string `type:"string" json:",omitempty" required:"true"` +} + +type ImportCertificateOutput struct { + _ struct{} `type:"structure" json:",omitempty"` + + Metadata *response.ResponseMetadata + + InstanceId *string `type:"string" json:",omitempty"` + + RepeatId *string `type:"string" json:",omitempty"` +} + +func (s ImportCertificateOutput) String() string { + return volcengineutil.Prettify(s) +} diff --git a/internal/pkg/vendors/volcengine-sdk/certcenter/interface.go b/internal/pkg/vendors/volcengine-sdk/certcenter/interface.go new file mode 100644 index 00000000..cebe2b73 --- /dev/null +++ b/internal/pkg/vendors/volcengine-sdk/certcenter/interface.go @@ -0,0 +1,14 @@ +package certcenter + +import ( + "github.com/volcengine/volcengine-go-sdk/volcengine" + "github.com/volcengine/volcengine-go-sdk/volcengine/request" +) + +type CertCenterAPI interface { + ImportCertificate(*ImportCertificateInput) (*ImportCertificateOutput, error) + ImportCertificateWithContext(volcengine.Context, *ImportCertificateInput, ...request.Option) (*ImportCertificateOutput, error) + ImportCertificateRequest(*ImportCertificateInput) (*request.Request, *ImportCertificateOutput) +} + +var _ CertCenterAPI = (*CertCenter)(nil) diff --git a/internal/pkg/vendors/volcengine-sdk/certcenter/service.go b/internal/pkg/vendors/volcengine-sdk/certcenter/service.go new file mode 100644 index 00000000..2feb8c28 --- /dev/null +++ b/internal/pkg/vendors/volcengine-sdk/certcenter/service.go @@ -0,0 +1,71 @@ +package certcenter + +import ( + "github.com/volcengine/volcengine-go-sdk/volcengine" + "github.com/volcengine/volcengine-go-sdk/volcengine/client" + "github.com/volcengine/volcengine-go-sdk/volcengine/client/metadata" + "github.com/volcengine/volcengine-go-sdk/volcengine/corehandlers" + "github.com/volcengine/volcengine-go-sdk/volcengine/request" + "github.com/volcengine/volcengine-go-sdk/volcengine/signer/volc" + "github.com/volcengine/volcengine-go-sdk/volcengine/volcenginequery" +) + +type CertCenter struct { + *client.Client +} + +var initClient func(*client.Client) + +var initRequest func(*request.Request) + +const ( + ServiceName = "certificate_service" + EndpointsID = ServiceName + ServiceID = "certificate_service" +) + +func New(p client.ConfigProvider, cfgs ...*volcengine.Config) *CertCenter { + c := p.ClientConfig(EndpointsID, cfgs...) + return newClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion, c.SigningName) +} + +func newClient(cfg volcengine.Config, handlers request.Handlers, endpoint, signingRegion, signingName string) *CertCenter { + svc := &CertCenter{ + Client: client.New( + cfg, + metadata.ClientInfo{ + ServiceName: ServiceName, + ServiceID: ServiceID, + SigningName: signingName, + SigningRegion: signingRegion, + Endpoint: endpoint, + APIVersion: "2024-10-01", + }, + handlers, + ), + } + + svc.Handlers.Build.PushBackNamed(corehandlers.SDKVersionUserAgentHandler) + svc.Handlers.Build.PushBackNamed(corehandlers.AddHostExecEnvUserAgentHandler) + svc.Handlers.Sign.PushBackNamed(volc.SignRequestHandler) + svc.Handlers.Build.PushBackNamed(volcenginequery.BuildHandler) + svc.Handlers.Unmarshal.PushBackNamed(volcenginequery.UnmarshalHandler) + svc.Handlers.UnmarshalMeta.PushBackNamed(volcenginequery.UnmarshalMetaHandler) + svc.Handlers.UnmarshalError.PushBackNamed(volcenginequery.UnmarshalErrorHandler) + + if initClient != nil { + initClient(svc.Client) + } + + return svc +} + +func (c *CertCenter) newRequest(op *request.Operation, params, data interface{}) *request.Request { + req := c.NewRequest(op, params, data) + + if initRequest != nil { + initRequest(req) + } + + return req +}