feat: add tencent ECDN deploy

README.md

@@ -74,7 +74,7 @@ make local.run
 |   服务商   | 支持申请证书 | 支持部署证书 | 备注                                                         |
 | :--------: | :----------: | :----------: | ------------------------------------------------------------ |
 |   阿里云   |      √       |      √       | 可签发在阿里云注册的域名；可部署到阿里云 OSS、CDN            |
-|   腾讯云   |      √       |      √       | 可签发在腾讯云注册的域名；可部署到腾讯云 COS、CDN、CLB       |
+|   腾讯云   |      √       |      √       | 可签发在腾讯云注册的域名；可部署到腾讯云 COS、CDN、ECDN、CLB       |
 |   华为云   |      √       |      √       | 可签发在华为云注册的域名；可部署到华为云 CDN、ELB            |
 |   七牛云   |              |      √       | 可部署到七牛云 CDN                                           |
 |    AWS     |      √       |              | 可签发在 AWS Route53 托管的域名                              |

README_EN.md

@@ -71,9 +71,9 @@ password：1234567890
 ## List of Supported Providers
 
 |   Provider    | Registration | Deployment | Remarks                                                                                                               |
-| :-----------: | :----------: | :--------: | ------------------------------------------------------------------------------------------------ |
+| :-----------: | :----------: | :--------: | --------------------------------------------------------------------------------------------------------------------- |
 | Alibaba Cloud |      √       |     √      | Supports domains registered on Alibaba Cloud; supports deployment to Alibaba Cloud OSS, CDN                           |
-| Tencent Cloud |      √       |     √      | Supports domains registered on Tencent Cloud; supports deployment to Tencent Cloud COS, CDN, CLB |
+| Tencent Cloud |      √       |     √      | Supports domains registered on Tencent Cloud; supports deployment to Tencent Cloud COS, CDN, ECDN, CLB                |
 | Huawei Cloud  |      √       |     √      | Supports domains registered on Huawei Cloud; supports deployment to Huawei Cloud CDN, ELB                             |
 |  Qiniu Cloud  |              |     √      | Supports deployment to Qiniu Cloud CDN                                                                                |
 |      AWS      |      √       |            | Supports domains managed on AWS Route53                                                                               |

internal/deployer/deployer.go

@@ -19,6 +19,7 @@ const (
 	targetAliyunCDN      = "aliyun-cdn"
 	targetAliyunESA      = "aliyun-dcdn"
 	targetTencentCDN     = "tencent-cdn"
+	targetTencentECDN    = "tencent-ecdn"
 	targetTencentCLB     = "tencent-clb"
 	targetTencentCOS     = "tencent-cos"
 	targetHuaweiCloudCDN = "huaweicloud-cdn"
@@ -108,6 +109,8 @@ func getWithDeployConfig(record *models.Record, cert *applicant.Certificate, dep
 		return NewAliyunESADeployer(option)
 	case targetTencentCDN:
 		return NewTencentCDNDeployer(option)	
+	case targetTencentECDN:
+		return NewTencentECDNDeployer(option)
 	case targetTencentCLB:
 		return NewTencentCLBDeployer(option)
 	case targetTencentCOS:

internal/deployer/tencent_ecdn.go

@@ -0,0 +1,146 @@
+package deployer
+
+import (
+	"context"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"strings"
+
+	cdn "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn/v20180606"
+	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
+	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
+	ssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
+
+	"github.com/usual2970/certimate/internal/domain"
+	"github.com/usual2970/certimate/internal/utils/rand"
+)
+
+type TencentECDNDeployer struct {
+	option     *DeployerOption
+	credential *common.Credential
+	infos      []string
+}
+
+func NewTencentECDNDeployer(option *DeployerOption) (Deployer, error) {
+	access := &domain.TencentAccess{}
+	if err := json.Unmarshal([]byte(option.Access), access); err != nil {
+		return nil, fmt.Errorf("failed to unmarshal tencent access: %w", err)
+	}
+
+	credential := common.NewCredential(
+		access.SecretId,
+		access.SecretKey,
+	)
+
+	return &TencentECDNDeployer{
+		option:     option,
+		credential: credential,
+		infos:      make([]string, 0),
+	}, nil
+}
+
+func (d *TencentECDNDeployer) GetID() string {
+	return fmt.Sprintf("%s-%s", d.option.AccessRecord.GetString("name"), d.option.AccessRecord.Id)
+}
+
+func (d *TencentECDNDeployer) GetInfo() []string {
+	return d.infos
+}
+
+func (d *TencentECDNDeployer) Deploy(ctx context.Context) error {
+	// 上传证书
+	certId, err := d.uploadCert()
+	if err != nil {
+		return fmt.Errorf("failed to upload certificate: %w", err)
+	}
+	d.infos = append(d.infos, toStr("上传证书", certId))
+
+	if err := d.deploy(certId); err != nil {
+		return fmt.Errorf("failed to deploy: %w", err)
+	}
+
+	return nil
+}
+
+func (d *TencentECDNDeployer) uploadCert() (string, error) {
+	cpf := profile.NewClientProfile()
+	cpf.HttpProfile.Endpoint = "ssl.tencentcloudapi.com"
+
+	client, _ := ssl.NewClient(d.credential, "", cpf)
+
+	request := ssl.NewUploadCertificateRequest()
+
+	request.CertificatePublicKey = common.StringPtr(d.option.Certificate.Certificate)
+	request.CertificatePrivateKey = common.StringPtr(d.option.Certificate.PrivateKey)
+	request.Alias = common.StringPtr(d.option.Domain + "_" + rand.RandStr(6))
+	request.Repeatable = common.BoolPtr(false)
+
+	response, err := client.UploadCertificate(request)
+	if err != nil {
+		return "", fmt.Errorf("failed to upload certificate: %w", err)
+	}
+
+	return *response.Response.CertificateId, nil
+}
+
+func (d *TencentECDNDeployer) deploy(certId string) error {
+	cpf := profile.NewClientProfile()
+	cpf.HttpProfile.Endpoint = "ssl.tencentcloudapi.com"
+	// 实例化要请求产品的client对象,clientProfile是可选的
+	client, _ := ssl.NewClient(d.credential, "", cpf)
+
+	// 实例化一个请求对象,每个接口都会对应一个request对象
+	request := ssl.NewDeployCertificateInstanceRequest()
+
+	request.CertificateId = common.StringPtr(certId)
+	request.ResourceType = common.StringPtr("ecdn")
+	request.Status = common.Int64Ptr(1)
+
+	// 如果是泛域名就从cdn列表下获取SSL证书中的可用域名
+	domain := getDeployString(d.option.DeployConfig, "domain")
+	if strings.Contains(domain, "*") {
+		list, errGetList := d.getDomainList()
+		if errGetList != nil {
+			return fmt.Errorf("failed to get certificate domain list: %w", errGetList)
+		}
+		if list == nil || len(list) == 0 {
+			return fmt.Errorf("failed to get certificate domain list: empty list.")
+		}
+		request.InstanceIdList = common.StringPtrs(list)
+	} else { // 否则直接使用传入的域名
+		request.InstanceIdList = common.StringPtrs([]string{domain})
+	}
+
+	// 返回的resp是一个DeployCertificateInstanceResponse的实例，与请求对象对应
+	resp, err := client.DeployCertificateInstance(request)
+	if err != nil {
+		return fmt.Errorf("failed to deploy certificate: %w", err)
+	}
+	d.infos = append(d.infos, toStr("部署证书", resp.Response))
+	return nil
+}
+
+func (d *TencentECDNDeployer) getDomainList() ([]string, error) {
+	cpf := profile.NewClientProfile()
+	cpf.HttpProfile.Endpoint = "cdn.tencentcloudapi.com"
+	client, _ := cdn.NewClient(d.credential, "", cpf)
+
+	request := cdn.NewDescribeCertDomainsRequest()
+
+	cert := base64.StdEncoding.EncodeToString([]byte(d.option.Certificate.Certificate))
+	request.Cert = &cert
+	request.Product = common.StringPtr("ecdn")
+
+	response, err := client.DescribeCertDomains(request)
+	if err != nil {
+		return nil, fmt.Errorf("failed to get domain list: %w", err)
+	}
+
+	domains := make([]string, 0)
+	for _, domain := range response.Response.Domains {
+		domains = append(domains, *domain)
+	}
+
+	return domains, nil
+}

ui/src/components/certimate/DeployEditDialog.tsx

@@ -119,6 +119,7 @@ const DeployEditDialog = ({ trigger, deployConfig, onSave }: DeployEditDialogPro
       childComponent = <DeployToAliyunCDN />;
       break;
     case "tencent-cdn":
+    case "tencent-ecdn":
       childComponent = <DeployToTencentCDN />;
       break;
     case "tencent-clb":

ui/src/domain/domain.ts

@@ -76,6 +76,7 @@ export const deployTargetsMap: Map<DeployTarget["type"], DeployTarget> = new Map
     ["aliyun-cdn", "common.provider.aliyun.cdn", "/imgs/providers/aliyun.svg"],
     ["aliyun-dcdn", "common.provider.aliyun.dcdn", "/imgs/providers/aliyun.svg"],
     ["tencent-cdn", "common.provider.tencent.cdn", "/imgs/providers/tencent.svg"],
+    ["tencent-ecdn", "common.provider.tencent.ecdn", "/imgs/providers/tencent.svg"],
     ["tencent-clb", "common.provider.tencent.clb", "/imgs/providers/tencent.svg"],
     ["tencent-cos", "common.provider.tencent.cos", "/imgs/providers/tencent.svg"],
     ["huaweicloud-cdn", "common.provider.huaweicloud.cdn", "/imgs/providers/huaweicloud.svg"],

ui/src/i18n/locales/en/nls.common.json

@@ -58,6 +58,7 @@
   "common.provider.aliyun.dcdn": "Alibaba Cloud - DCDN",
   "common.provider.tencent": "Tencent Cloud",
   "common.provider.tencent.cdn": "Tencent Cloud - CDN",
+  "common.provider.tencent.ecdn": "Tencent Cloud - ECDN",
   "common.provider.tencent.clb": "Tencent Cloud - CLB",
   "common.provider.tencent.cos": "Tencent Cloud - COS",
   "common.provider.huaweicloud": "Huawei Cloud",

ui/src/i18n/locales/zh/nls.common.json

@@ -58,6 +58,7 @@
   "common.provider.tencent": "腾讯云",
   "common.provider.tencent.cos": "腾讯云 - COS",
   "common.provider.tencent.cdn": "腾讯云 - CDN",
+  "common.provider.tencent.ecdn": "腾讯云 - ECDN",
   "common.provider.tencent.clb": "腾讯云 - CLB",
   "common.provider.huaweicloud": "华为云",
   "common.provider.huaweicloud.cdn": "华为云 - CDN",