diff --git a/go.mod b/go.mod index 52c05aea..ee281548 100644 --- a/go.mod +++ b/go.mod @@ -57,6 +57,7 @@ require ( github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns v1.3.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resourcegraph/armresourcegraph v0.9.0 // indirect github.com/AzureAD/microsoft-authentication-library-for-go v1.3.2 // indirect + github.com/G-Core/gcorelabscdn-go v1.0.26 // indirect github.com/alibabacloud-go/openplatform-20191219/v2 v2.0.1 // indirect github.com/alibabacloud-go/tea-fileform v1.1.1 // indirect github.com/alibabacloud-go/tea-oss-sdk v1.1.3 // indirect diff --git a/go.sum b/go.sum index a0cd77e9..c3d1b3a6 100644 --- a/go.sum +++ b/go.sum @@ -79,6 +79,8 @@ github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0 github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= +github.com/G-Core/gcorelabscdn-go v1.0.26 h1:22SqETUw64s+It/op1T7y3ukEOU62CJOsUcsfSkhvZs= +github.com/G-Core/gcorelabscdn-go v1.0.26/go.mod h1:iSGXaTvZBzDHQW+rKFS918BgFVpONcyLEijwh8WsXpE= github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.25.0 h1:3c8yed4lgqTt+oTQ+JNMDo+F4xprBf+O/il4ZC0nRLw= github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.25.0/go.mod h1:obipzmGjfSjam60XLwGfqUkJsfiheAl+TUjG+4yzyPM= github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.49.0 h1:o90wcURuxekmXrtxmYWTyNla0+ZEHhud6DI1ZTxd1vI= diff --git a/internal/pkg/core/uploader/providers/gcore-cdn/gcore_cdn.go b/internal/pkg/core/uploader/providers/gcore-cdn/gcore_cdn.go new file mode 100644 index 00000000..32cadb62 --- /dev/null +++ b/internal/pkg/core/uploader/providers/gcore-cdn/gcore_cdn.go @@ -0,0 +1,79 @@ +package gcorecdn + +import ( + "context" + "errors" + "fmt" + "time" + + gprovider "github.com/G-Core/gcorelabscdn-go/gcore/provider" + gsslcerts "github.com/G-Core/gcorelabscdn-go/sslcerts" + xerrors "github.com/pkg/errors" + + "github.com/usual2970/certimate/internal/pkg/core/uploader" + gcoresdk "github.com/usual2970/certimate/internal/pkg/vendors/gcore-sdk/common" +) + +type GcoreCDNUploaderConfig struct { + // Gcore API Token。 + ApiToken string `json:"apiToken"` +} + +type GcoreCDNUploader struct { + config *GcoreCDNUploaderConfig + sdkClient *gsslcerts.Service +} + +var _ uploader.Uploader = (*GcoreCDNUploader)(nil) + +func New(config *GcoreCDNUploaderConfig) (*GcoreCDNUploader, error) { + if config == nil { + return nil, errors.New("config is nil") + } + + client, err := createSdkClient(config.ApiToken) + if err != nil { + return nil, xerrors.Wrap(err, "failed to create sdk client") + } + + return &GcoreCDNUploader{ + config: config, + sdkClient: client, + }, nil +} + +func (u *GcoreCDNUploader) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) { + // 生成新证书名(需符合 Gcore 命名规则) + var certId, certName string + certName = fmt.Sprintf("certimate_%d", time.Now().UnixMilli()) + + // 新增证书 + // REF: https://api.gcore.com/docs/cdn#tag/CA-certificates/operation/ca_certificates-add + createCertificateReq := &gsslcerts.CreateRequest{ + Name: certName, + Cert: certPem, + PrivateKey: privkeyPem, + Automated: false, + ValidateRootCA: false, + } + createCertificateResp, err := u.sdkClient.Create(context.TODO(), createCertificateReq) + if err != nil { + return nil, xerrors.Wrap(err, "failed to execute sdk request 'sslcerts.Create'") + } + + certId = fmt.Sprintf("%d", createCertificateResp.ID) + certName = createCertificateResp.Name + return &uploader.UploadResult{ + CertId: certId, + CertName: certName, + }, nil +} + +func createSdkClient(apiToken string) (*gsslcerts.Service, error) { + requester := gprovider.NewClient( + gcoresdk.BASE_URL, + gprovider.WithSigner(gcoresdk.NewAuthRequestSigner(apiToken)), + ) + service := gsslcerts.NewService(requester) + return service, nil +} diff --git a/internal/pkg/vendors/gcore-sdk/common/endpoint.go b/internal/pkg/vendors/gcore-sdk/common/endpoint.go new file mode 100644 index 00000000..d4032da3 --- /dev/null +++ b/internal/pkg/vendors/gcore-sdk/common/endpoint.go @@ -0,0 +1,3 @@ +package common + +const BASE_URL = "https://api.gcore.com" diff --git a/internal/pkg/vendors/gcore-sdk/common/signer.go b/internal/pkg/vendors/gcore-sdk/common/signer.go new file mode 100644 index 00000000..bc66ee09 --- /dev/null +++ b/internal/pkg/vendors/gcore-sdk/common/signer.go @@ -0,0 +1,24 @@ +package common + +import ( + "net/http" + + "github.com/G-Core/gcorelabscdn-go/gcore" +) + +type AuthRequestSigner struct { + apiToken string +} + +var _ gcore.RequestSigner = (*AuthRequestSigner)(nil) + +func NewAuthRequestSigner(apiToken string) *AuthRequestSigner { + return &AuthRequestSigner{ + apiToken: apiToken, + } +} + +func (s *AuthRequestSigner) Sign(req *http.Request) error { + req.Header.Set("Authorization", "APIKey "+s.apiToken) + return nil +}