From d2b6ab75b7cb098f501c73866ddceb771e44b7d1 Mon Sep 17 00:00:00 2001 From: Leo Chen Date: Thu, 10 Oct 2024 19:01:32 +0800 Subject: [PATCH] add feat: support for tencent cdn extensive domain --- go.mod | 3 ++- go.sum | 5 +++- internal/deployer/tencent_cdn.go | 44 +++++++++++++++++++++++++++++++- 3 files changed, 49 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 037277bb..90122942 100644 --- a/go.mod +++ b/go.mod @@ -18,7 +18,8 @@ require ( github.com/pocketbase/dbx v1.10.1 github.com/pocketbase/pocketbase v0.22.18 github.com/qiniu/go-sdk/v7 v7.22.0 - github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.992 + github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn v1.0.1017 + github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1017 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl v1.0.992 golang.org/x/crypto v0.26.0 ) diff --git a/go.sum b/go.sum index 20e87997..c3790534 100644 --- a/go.sum +++ b/go.sum @@ -381,9 +381,12 @@ github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsT github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/technoweenie/multipartstreamer v1.0.1 h1:XRztA5MXiR1TIRHxH2uNxXxaIkKQDeX7m2XsSOlQEnM= github.com/technoweenie/multipartstreamer v1.0.1/go.mod h1:jNVxdtShOxzAsukZwTSw6MDx5eUJoiEBsSvzDU9uzog= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn v1.0.1017 h1:OymmfmyFkvHirY3WHsoRT3cdTEsqygLbMn8jM41erK4= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn v1.0.1017/go.mod h1:gnLxGXlLmF+jDqWR1/RVoF/UUwxQxomQhkc0oN7KeuI= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.898/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0= -github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.992 h1:266lOve+E8vzhnrb/Mr05Ee+oxXD9C82JiusY/AZqXw= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.992/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1017 h1:SXrldOXwgomYuATVAuz5ofpTjB+99qVELgdy5R5kMgI= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1017/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.898 h1:LoYv5u+gUoFpU/AmIuTRG/2KiEkdm9gCC0dTvk8WITQ= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.898/go.mod h1:c1j6YQ+vCbeA8kJ59Im4UnMd1GxovlpPBDhGZoewfn8= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl v1.0.992 h1:A6O89OlCJQUpNxGqC/E5By04UNKBryIt5olQIGOx8mg= diff --git a/internal/deployer/tencent_cdn.go b/internal/deployer/tencent_cdn.go index 9c1ceeb0..48481f20 100644 --- a/internal/deployer/tencent_cdn.go +++ b/internal/deployer/tencent_cdn.go @@ -5,11 +5,14 @@ import ( "certimate/internal/utils/rand" "context" "encoding/json" + "encoding/base64" "fmt" + "strings" "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common" "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile" ssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205" + cdn "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn/v20180606" ) type tencentCdn struct { @@ -89,14 +92,29 @@ func (t *tencentCdn) deploy(certId string) error { // 实例化要请求产品的client对象,clientProfile是可选的 client, _ := ssl.NewClient(t.credential, "", cpf) + + // 实例化一个请求对象,每个接口都会对应一个request对象 request := ssl.NewDeployCertificateInstanceRequest() request.CertificateId = common.StringPtr(certId) - request.InstanceIdList = common.StringPtrs([]string{t.option.Domain}) request.ResourceType = common.StringPtr("cdn") request.Status = common.Int64Ptr(1) + // 如果是泛域名就从cdn列表下获取SSL证书中的可用域名 + if(strings.Contains(t.option.Domain, "*")){ + list, err_get_list := t.getDomainList() + if err_get_list != nil { + return fmt.Errorf("failed to get certificate domain list: %w", err_get_list) + } + if list == nil || len(list) == 0 { + return fmt.Errorf("failed to get certificate domain list: empty list.") + } + request.InstanceIdList = common.StringPtrs(list) + }else{ // 否则直接使用传入的域名 + request.InstanceIdList = common.StringPtrs([]string{t.option.Domain}) + } + // 返回的resp是一个DeployCertificateInstanceResponse的实例,与请求对象对应 resp, err := client.DeployCertificateInstance(request) @@ -106,3 +124,27 @@ func (t *tencentCdn) deploy(certId string) error { t.infos = append(t.infos, toStr("部署证书", resp.Response)) return nil } + +func (t *tencentCdn) getDomainList() ([]string, error) { + cpf := profile.NewClientProfile() + cpf.HttpProfile.Endpoint = "cdn.tencentcloudapi.com" + client, _ := cdn.NewClient(t.credential, "", cpf) + + request := cdn.NewDescribeCertDomainsRequest() + + cert := base64.StdEncoding.EncodeToString([]byte(t.option.Certificate.Certificate)) + request.Cert = &cert + + + response, err := client.DescribeCertDomains(request) + if err != nil { + return nil, fmt.Errorf("failed to get domain list: %w", err) + } + + domains := make([]string, 0) + for _, domain := range response.Response.Domains { + domains = append(domains, *domain) + } + + return domains, nil +}