diff --git a/internal/pkg/core/uploader/impl/huaweicloud_elb.go b/internal/pkg/core/uploader/impl/huaweicloud_elb.go index 07b20251..88af3802 100644 --- a/internal/pkg/core/uploader/impl/huaweicloud_elb.go +++ b/internal/pkg/core/uploader/impl/huaweicloud_elb.go @@ -6,9 +6,9 @@ import ( "time" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" - elb "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3" - elbModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/model" - elbRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/region" + hcElb "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3" + hcElbModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/model" + hcElbRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/region" "github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/utils/cast" @@ -24,7 +24,7 @@ type HuaweiCloudELBUploaderConfig struct { type HuaweiCloudELBUploader struct { config *HuaweiCloudELBUploaderConfig - sdkClient *elb.ElbClient + sdkClient *hcElb.ElbClient } func NewHuaweiCloudELBUploader(config *HuaweiCloudELBUploaderConfig) (*HuaweiCloudELBUploader, error) { @@ -52,7 +52,7 @@ func (u *HuaweiCloudELBUploader) Upload(ctx context.Context, certPem string, pri listCertificatesLimit := int32(2000) var listCertificatesMarker *string = nil for { - listCertificatesReq := &elbModel.ListCertificatesRequest{ + listCertificatesReq := &hcElbModel.ListCertificatesRequest{ Limit: cast.Int32Ptr(listCertificatesLimit), Marker: listCertificatesMarker, Type: &[]string{"server"}, @@ -97,15 +97,15 @@ func (u *HuaweiCloudELBUploader) Upload(ctx context.Context, certPem string, pri } } - // 生成证书名(需符合华为云命名规则) + // 生成新证书名(需符合华为云命名规则) var certId, certName string certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) // 创建新证书 // REF: https://support.huaweicloud.com/api-elb/CreateCertificate.html - createCertificateReq := &elbModel.CreateCertificateRequest{ - Body: &elbModel.CreateCertificateRequestBody{ - Certificate: &elbModel.CreateCertificateOption{ + createCertificateReq := &hcElbModel.CreateCertificateRequest{ + Body: &hcElbModel.CreateCertificateRequestBody{ + Certificate: &hcElbModel.CreateCertificateOption{ ProjectId: cast.StringPtr(u.config.ProjectId), Name: cast.StringPtr(certName), Certificate: cast.StringPtr(certPem), @@ -126,7 +126,7 @@ func (u *HuaweiCloudELBUploader) Upload(ctx context.Context, certPem string, pri }, nil } -func (u *HuaweiCloudELBUploader) createSdkClient() (*elb.ElbClient, error) { +func (u *HuaweiCloudELBUploader) createSdkClient() (*hcElb.ElbClient, error) { region := u.config.Region accessKeyId := u.config.AccessKeyId secretAccessKey := u.config.SecretAccessKey @@ -142,12 +142,12 @@ func (u *HuaweiCloudELBUploader) createSdkClient() (*elb.ElbClient, error) { return nil, err } - hcRegion, err := elbRegion.SafeValueOf(region) + hcRegion, err := hcElbRegion.SafeValueOf(region) if err != nil { return nil, err } - hcClient, err := elb.ElbClientBuilder(). + hcClient, err := hcElb.ElbClientBuilder(). WithRegion(hcRegion). WithCredential(auth). SafeBuild() @@ -155,6 +155,6 @@ func (u *HuaweiCloudELBUploader) createSdkClient() (*elb.ElbClient, error) { return nil, err } - client := elb.NewElbClient(hcClient) + client := hcElb.NewElbClient(hcClient) return client, nil } diff --git a/internal/pkg/core/uploader/impl/huaweicloud_scm.go b/internal/pkg/core/uploader/impl/huaweicloud_scm.go index 5469f7de..7db4ff55 100644 --- a/internal/pkg/core/uploader/impl/huaweicloud_scm.go +++ b/internal/pkg/core/uploader/impl/huaweicloud_scm.go @@ -6,9 +6,9 @@ import ( "time" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" - scm "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3" - scmModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3/model" - scmRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3/region" + hcScm "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3" + hcScmModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3/model" + hcScmRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3/region" "github.com/usual2970/certimate/internal/pkg/core/uploader" "github.com/usual2970/certimate/internal/pkg/utils/cast" @@ -23,7 +23,7 @@ type HuaweiCloudSCMUploaderConfig struct { type HuaweiCloudSCMUploader struct { config *HuaweiCloudSCMUploaderConfig - sdkClient *scm.ScmClient + sdkClient *hcScm.ScmClient } func NewHuaweiCloudSCMUploader(config *HuaweiCloudSCMUploaderConfig) (*HuaweiCloudSCMUploader, error) { @@ -52,7 +52,7 @@ func (u *HuaweiCloudSCMUploader) Upload(ctx context.Context, certPem string, pri listCertificatesLimit := int32(50) listCertificatesOffset := int32(0) for { - listCertificatesReq := &scmModel.ListCertificatesRequest{ + listCertificatesReq := &hcScmModel.ListCertificatesRequest{ Limit: cast.Int32Ptr(listCertificatesLimit), Offset: cast.Int32Ptr(listCertificatesOffset), SortDir: cast.StringPtr("DESC"), @@ -65,7 +65,7 @@ func (u *HuaweiCloudSCMUploader) Upload(ctx context.Context, certPem string, pri if listCertificatesResp.Certificates != nil { for _, certDetail := range *listCertificatesResp.Certificates { - exportCertificateReq := &scmModel.ExportCertificateRequest{ + exportCertificateReq := &hcScmModel.ExportCertificateRequest{ CertificateId: certDetail.Id, } exportCertificateResp, err := u.sdkClient.ExportCertificate(exportCertificateReq) @@ -109,14 +109,14 @@ func (u *HuaweiCloudSCMUploader) Upload(ctx context.Context, certPem string, pri } } - // 生成证书名(需符合华为云命名规则) + // 生成新证书名(需符合华为云命名规则) var certId, certName string certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) // 上传新证书 // REF: https://support.huaweicloud.com/api-ccm/ImportCertificate.html - importCertificateReq := &scmModel.ImportCertificateRequest{ - Body: &scmModel.ImportCertificateRequestBody{ + importCertificateReq := &hcScmModel.ImportCertificateRequest{ + Body: &hcScmModel.ImportCertificateRequestBody{ Name: certName, Certificate: certPem, PrivateKey: privkeyPem, @@ -134,7 +134,7 @@ func (u *HuaweiCloudSCMUploader) Upload(ctx context.Context, certPem string, pri }, nil } -func (u *HuaweiCloudSCMUploader) createSdkClient() (*scm.ScmClient, error) { +func (u *HuaweiCloudSCMUploader) createSdkClient() (*hcScm.ScmClient, error) { region := u.config.Region accessKeyId := u.config.AccessKeyId secretAccessKey := u.config.SecretAccessKey @@ -150,12 +150,12 @@ func (u *HuaweiCloudSCMUploader) createSdkClient() (*scm.ScmClient, error) { return nil, err } - hcRegion, err := scmRegion.SafeValueOf(region) + hcRegion, err := hcScmRegion.SafeValueOf(region) if err != nil { return nil, err } - hcClient, err := scm.ScmClientBuilder(). + hcClient, err := hcScm.ScmClientBuilder(). WithRegion(hcRegion). WithCredential(auth). SafeBuild() @@ -163,6 +163,6 @@ func (u *HuaweiCloudSCMUploader) createSdkClient() (*scm.ScmClient, error) { return nil, err } - client := scm.NewScmClient(hcClient) + client := hcScm.NewScmClient(hcClient) return client, nil } diff --git a/internal/pkg/core/uploader/impl/tencentcloud_ssl.go b/internal/pkg/core/uploader/impl/tencentcloud_ssl.go new file mode 100644 index 00000000..c6d374c2 --- /dev/null +++ b/internal/pkg/core/uploader/impl/tencentcloud_ssl.go @@ -0,0 +1,97 @@ +package impl + +import ( + "context" + "fmt" + "time" + + "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common" + "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" + tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" + + "github.com/usual2970/certimate/internal/pkg/core/uploader" + "github.com/usual2970/certimate/internal/pkg/utils/cast" +) + +type TencentCloudSSLUploaderConfig struct { + Region string `json:"region"` + SecretId string `json:"secretId"` + SecretKey string `json:"secretKey"` +} + +type TencentCloudSSLUploader struct { + config *TencentCloudSSLUploaderConfig + sdkClient *tcSsl.Client +} + +func NewTencentCloudSSLUploader(config *TencentCloudSSLUploaderConfig) (*TencentCloudSSLUploader, error) { + client, err := (&TencentCloudSSLUploader{config: config}).createSdkClient() + if err != nil { + return nil, fmt.Errorf("failed to create sdk client: %w", err) + } + + return &TencentCloudSSLUploader{ + config: config, + sdkClient: client, + }, nil +} + +func (u *TencentCloudSSLUploader) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { + // 生成新证书名(需符合腾讯云命名规则) + var certId, certName string + certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli()) + + // 上传新证书 + // REF: https://cloud.tencent.com/document/product/400/41665 + uploadCertificateReq := &tcSsl.UploadCertificateRequest{ + Alias: cast.StringPtr(certName), + CertificatePublicKey: cast.StringPtr(certPem), + CertificatePrivateKey: cast.StringPtr(privkeyPem), + Repeatable: cast.BoolPtr(false), + } + uploadCertificateResp, err := u.sdkClient.UploadCertificate(uploadCertificateReq) + if uploadCertificateResp != nil && uploadCertificateResp.Response != nil && uploadCertificateResp.Response.RepeatCertId != nil { + // 获取重复证书 + // REF: https://cloud.tencent.com/document/api/400/41673 + describeCertificateDetailReq := &tcSsl.DescribeCertificateDetailRequest{ + CertificateId: uploadCertificateResp.Response.RepeatCertId, + } + describeCertificateDetailResp, err := u.sdkClient.DescribeCertificateDetail(describeCertificateDetailReq) + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'ssl.DescribeCertificateDetail': %w", err) + } + + certId = *uploadCertificateResp.Response.RepeatCertId + certName = *describeCertificateDetailResp.Response.Alias + return &uploader.UploadResult{ + CertId: certId, + CertName: certName, + }, nil + } + if err != nil { + return nil, fmt.Errorf("failed to execute sdk request 'ssl.UploadCertificate': %w", err) + } + + certId = *uploadCertificateResp.Response.CertificateId + return &uploader.UploadResult{ + CertId: certId, + CertName: certName, + }, nil +} + +func (u *TencentCloudSSLUploader) createSdkClient() (*tcSsl.Client, error) { + region := u.config.Region + secretId := u.config.SecretId + secretKey := u.config.SecretKey + if region == "" { + region = "ap-guangzhou" // SSL 服务默认区域:广州 + } + + credential := common.NewCredential(secretId, secretKey) + client, err := tcSsl.NewClient(credential, region, profile.NewClientProfile()) + if err != nil { + return nil, err + } + + return client, nil +} diff --git a/internal/pkg/utils/cast/cast.go b/internal/pkg/utils/cast/cast.go index bdf4b2a1..a83ad164 100644 --- a/internal/pkg/utils/cast/cast.go +++ b/internal/pkg/utils/cast/cast.go @@ -4,6 +4,22 @@ func Int32Ptr(i int32) *int32 { return &i } +func Int64Ptr(i int64) *int64 { + return &i +} + +func UInt32Ptr(i uint32) *uint32 { + return &i +} + +func UInt64Ptr(i uint64) *uint64 { + return &i +} + func StringPtr(s string) *string { return &s } + +func BoolPtr(b bool) *bool { + return &b +}