GuanM/certimate
1
0
Fork 0
mirror of https://github.com/usual2970/certimate.git synced 2025-06-07 21:19:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'main' of https://github.com/usual2970/certimate

Browse Source
This commit is contained in:
Fu Diwei 2025-03-25 17:20:28 +08:00
commit ee99bcf8a1
114 changed files with 2251 additions and 824 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
go.mod
View File

@ -99,13 +99,18 @@ require (
github.com/google/gnostic-models v0.6.9 // indirect
github.com/google/go-cmp v0.6.0 // indirect
github.com/google/gofuzz v1.2.0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/kylelemons/godebug v1.1.0 // indirect
github.com/leodido/go-urn v1.4.0 // indirect
github.com/mailru/easyjson v0.9.0 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/namedotcom/go v0.0.0-20180403034216-08470befbe04 // indirect
github.com/nrdcg/desec v0.10.0 // indirect
github.com/nrdcg/mailinabox v0.2.0 // indirect
github.com/nrdcg/porkbun v0.4.0 // indirect
github.com/peterhellberg/link v1.2.0 // indirect
github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
github.com/qiniu/dyn v1.3.0 // indirect
github.com/qiniu/x v1.10.5 // indirect

9
go.sum
View File

@ -494,6 +494,7 @@ github.com/hashicorp/consul/sdk v0.8.0/go.mod h1:GBvyrGALthsZObzUGsfgHZQDXjg4lOj
github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80=
github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80=
github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
github.com/hashicorp/go-hclog v0.12.0/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ=
github.com/hashicorp/go-hclog v0.16.2/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ=
@ -503,6 +504,8 @@ github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iP
github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk=
github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA=
github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs=
github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU=
github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk=
github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8=
github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU=
github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4=
@ -646,10 +649,14 @@ github.com/ncruces/go-strftime v0.1.9/go.mod h1:Fwc5htZGVVkseilnfgOVb9mKy6w1naJm
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
github.com/nikoksr/notify v1.3.0 h1:UxzfxzAYGQD9a5JYLBTVx0lFMxeHCke3rPCkfWdPgLs=
github.com/nikoksr/notify v1.3.0/go.mod h1:Xor2hMmkvrCfkCKvXGbcrESez4brac2zQjhd6U2BbeM=
github.com/nrdcg/desec v0.10.0 h1:qrEDiqnsvNU9QE7lXIXi/tIHAfyaFXKxF2/8/52O8uM=
github.com/nrdcg/desec v0.10.0/go.mod h1:5+4vyhMRTs49V9CNoODF/HwT8Mwxv9DJ6j+7NekUnBs=
github.com/nrdcg/mailinabox v0.2.0 h1:IKq8mfKiVwNW2hQii/ng1dJ4yYMMv3HAP3fMFIq2CFk=
github.com/nrdcg/mailinabox v0.2.0/go.mod h1:0yxqeYOiGyxAu7Sb94eMxHPIOsPYXAjTeA9ZhePhGnc=
github.com/nrdcg/namesilo v0.2.1 h1:kLjCjsufdW/IlC+iSfAqj0iQGgKjlbUUeDJio5Y6eMg=
github.com/nrdcg/namesilo v0.2.1/go.mod h1:lwMvfQTyYq+BbjJd30ylEG4GPSS6PII0Tia4rRpRiyw=
github.com/nrdcg/porkbun v0.4.0 h1:rWweKlwo1PToQ3H+tEO9gPRW0wzzgmI/Ob3n2Guticw=
github.com/nrdcg/porkbun v0.4.0/go.mod h1:/QMskrHEIM0IhC/wY7iTCUgINsxdT2WcOphktJ9+Q54=
github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
@ -675,6 +682,8 @@ github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144T
github.com/pavlo-v-chernykh/keystore-go/v4 v4.5.0 h1:2nosf3P75OZv2/ZO/9Px5ZgZ5gbKrzA3joN1QMfOGMQ=
github.com/pavlo-v-chernykh/keystore-go/v4 v4.5.0/go.mod h1:lAVhWwbNaveeJmxrxuSTxMgKpF6DjnuVpn6T8WiBwYQ=
github.com/performancecopilot/speed/v4 v4.0.0/go.mod h1:qxrSyuDGrTOWfV+uKRFhfxw6h/4HXRGUiZiufxo49BM=
github.com/peterhellberg/link v1.2.0 h1:UA5pg3Gp/E0F2WdX7GERiNrPQrM1K6CVJUUWfHa4t6c=
github.com/peterhellberg/link v1.2.0/go.mod h1:gYfAh+oJgQu2SrZHg5hROVRQe1ICoK0/HHJTcE0edxc=
github.com/pierrec/lz4 v1.0.2-0.20190131084431-473cd7ce01a1/go.mod h1:3/3N9NVKO0jef7pBehbT1qWhCMrIgbYNnFAZCqQ5LRc=
github.com/pierrec/lz4 v2.6.1+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ=

50
internal/applicant/providers.go
View File

@ -14,6 +14,7 @@ import (
pCloudflare "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudflare"
pClouDNS "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudns"
pCMCCCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud"
pDeSEC "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/desec"
pDNSLA "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla"
pDynv6 "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/dynv6"
pGcore "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/gcore"
@ -25,9 +26,11 @@ import (
pNameDotCom "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/namedotcom"
pNameSilo "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/namesilo"
pNS1 "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/ns1"
pPorkbun "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/porkbun"
pPowerDNS "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/powerdns"
pRainYun "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/rainyun"
pTencentCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud"
pVercel "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/vercel"
pVolcEngine "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/volcengine"
pWestcn "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/westcn"
"github.com/usual2970/certimate/internal/pkg/utils/maputil"
@ -171,6 +174,21 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
return applicant, err
}
case domain.ApplyDNSProviderTypeDeSEC:
{
access := domain.AccessConfigForDeSEC{}
if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err)
}
applicant, err := pDeSEC.NewChallengeProvider(&pDeSEC.ChallengeProviderConfig{
Token: access.Token,
DnsPropagationTimeout: options.DnsPropagationTimeout,
DnsTTL: options.DnsTTL,
})
return applicant, err
}
case domain.ApplyDNSProviderTypeDNSLA:
{
access := domain.AccessConfigForDNSLA{}
@ -345,6 +363,22 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
return applicant, err
}
case domain.ApplyDNSProviderTypePorkbun:
{
access := domain.AccessConfigForPorkbun{}
if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err)
}
applicant, err := pPorkbun.NewChallengeProvider(&pPorkbun.ChallengeProviderConfig{
ApiKey: access.ApiKey,
SecretApiKey: access.SecretApiKey,
DnsPropagationTimeout: options.DnsPropagationTimeout,
DnsTTL: options.DnsTTL,
})
return applicant, err
}
case domain.ApplyDNSProviderTypePowerDNS:
{
access := domain.AccessConfigForPowerDNS{}
@ -392,6 +426,22 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
return applicant, err
}
case domain.ApplyDNSProviderTypeVercel:
{
access := domain.AccessConfigForVercel{}
if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err)
}
applicant, err := pVercel.NewChallengeProvider(&pVercel.ChallengeProviderConfig{
ApiAccessToken: access.ApiAccessToken,
TeamId: access.TeamId,
DnsPropagationTimeout: options.DnsPropagationTimeout,
DnsTTL: options.DnsTTL,
})
return applicant, err
}
case domain.ApplyDNSProviderTypeVolcEngine, domain.ApplyDNSProviderTypeVolcEngineDNS:
{
access := domain.AccessConfigForVolcEngine{}

16
internal/deployer/providers.go
View File

@ -61,6 +61,7 @@ import (
pUCloudUCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ucloud-ucdn"
pUCloudUS3 "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/ucloud-us3"
pUpyunCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/upyun-cdn"
pVolcEngineALB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-alb"
pVolcEngineCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-cdn"
pVolcEngineCLB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-clb"
pVolcEngineDCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-dcdn"
@ -848,7 +849,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
}
}
case domain.DeployProviderTypeVolcEngineCDN, domain.DeployProviderTypeVolcEngineCLB, domain.DeployProviderTypeVolcEngineDCDN, domain.DeployProviderTypeVolcEngineImageX, domain.DeployProviderTypeVolcEngineLive, domain.DeployProviderTypeVolcEngineTOS:
case domain.DeployProviderTypeVolcEngineALB, domain.DeployProviderTypeVolcEngineCDN, domain.DeployProviderTypeVolcEngineCLB, domain.DeployProviderTypeVolcEngineDCDN, domain.DeployProviderTypeVolcEngineImageX, domain.DeployProviderTypeVolcEngineLive, domain.DeployProviderTypeVolcEngineTOS:
{
access := domain.AccessConfigForVolcEngine{}
if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
@ -856,6 +857,18 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
}
switch options.Provider {
case domain.DeployProviderTypeVolcEngineALB:
deployer, err := pVolcEngineALB.NewDeployer(&pVolcEngineALB.DeployerConfig{
AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.SecretAccessKey,
Region: maputil.GetString(options.ProviderDeployConfig, "region"),
ResourceType: pVolcEngineALB.ResourceType(maputil.GetString(options.ProviderDeployConfig, "resourceType")),
LoadbalancerId: maputil.GetString(options.ProviderDeployConfig, "loadbalancerId"),
ListenerId: maputil.GetString(options.ProviderDeployConfig, "listenerId"),
Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
})
return deployer, err
case domain.DeployProviderTypeVolcEngineCDN:
deployer, err := pVolcEngineCDN.NewDeployer(&pVolcEngineCDN.DeployerConfig{
AccessKeyId: access.AccessKeyId,
@ -870,6 +883,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
AccessKeySecret: access.SecretAccessKey,
Region: maputil.GetString(options.ProviderDeployConfig, "region"),
ResourceType: pVolcEngineCLB.ResourceType(maputil.GetString(options.ProviderDeployConfig, "resourceType")),
LoadbalancerId: maputil.GetString(options.ProviderDeployConfig, "loadbalancerId"),
ListenerId: maputil.GetString(options.ProviderDeployConfig, "listenerId"),
})
return deployer, err

14
internal/domain/access.go
View File

@ -98,6 +98,10 @@ type AccessConfigForCMCCCloud struct {
AccessKeySecret string `json:"accessKeySecret"`
}
type AccessConfigForDeSEC struct {
Token string `json:"token"`
}
type AccessConfigForDNSLA struct {
ApiId string `json:"apiId"`
ApiSecret string `json:"apiSecret"`
@ -165,6 +169,11 @@ type AccessConfigForNS1 struct {
ApiKey string `json:"apiKey"`
}
type AccessConfigForPorkbun struct {
ApiKey string `json:"apiKey"`
SecretApiKey string `json:"secretApiKey"`
}
type AccessConfigForPowerDNS struct {
ApiUrl string `json:"apiUrl"`
ApiKey string `json:"apiKey"`
@ -210,6 +219,11 @@ type AccessConfigForUpyun struct {
Password string `json:"password"`
}
type AccessConfigForVercel struct {
ApiAccessToken string `json:"apiAccessToken"`
TeamId string `json:"teamId,omitempty"`
}
type AccessConfigForVolcEngine struct {
AccessKeyId string `json:"accessKeyId"`
SecretAccessKey string `json:"secretAccessKey"`

7
internal/domain/provider.go
View File

@ -26,6 +26,7 @@ const (
AccessProviderTypeCMCCCloud = AccessProviderType("cmcccloud")
AccessProviderTypeCTCCCloud = AccessProviderType("ctcccloud") // 联通云(预留)
AccessProviderTypeCUCCCloud = AccessProviderType("cucccloud") // 天翼云(预留)
AccessProviderTypeDeSEC = AccessProviderType("desec")
AccessProviderTypeDNSLA = AccessProviderType("dnsla")
AccessProviderTypeDogeCloud = AccessProviderType("dogecloud")
AccessProviderTypeDynv6 = AccessProviderType("dynv6")
@ -43,6 +44,7 @@ const (
AccessProviderTypeNameDotCom = AccessProviderType("namedotcom")
AccessProviderTypeNameSilo = AccessProviderType("namesilo")
AccessProviderTypeNS1 = AccessProviderType("ns1")
AccessProviderTypePorkbun = AccessProviderType("porkbun")
AccessProviderTypePowerDNS = AccessProviderType("powerdns")
AccessProviderTypeQiniu = AccessProviderType("qiniu")
AccessProviderTypeQingCloud = AccessProviderType("qingcloud") // 青云(预留)
@ -52,6 +54,7 @@ const (
AccessProviderTypeTencentCloud = AccessProviderType("tencentcloud")
AccessProviderTypeUCloud = AccessProviderType("ucloud")
AccessProviderTypeUpyun = AccessProviderType("upyun")
AccessProviderTypeVercel = AccessProviderType("vercel")
AccessProviderTypeVolcEngine = AccessProviderType("volcengine")
AccessProviderTypeWebhook = AccessProviderType("webhook")
AccessProviderTypeWestcn = AccessProviderType("westcn")
@ -79,6 +82,7 @@ const (
ApplyDNSProviderTypeCloudflare = ApplyDNSProviderType("cloudflare")
ApplyDNSProviderTypeClouDNS = ApplyDNSProviderType("cloudns")
ApplyDNSProviderTypeCMCCCloud = ApplyDNSProviderType("cmcccloud")
ApplyDNSProviderTypeDeSEC = ApplyDNSProviderType("desec")
ApplyDNSProviderTypeDNSLA = ApplyDNSProviderType("dnsla")
ApplyDNSProviderTypeDynv6 = ApplyDNSProviderType("dynv6")
ApplyDNSProviderTypeGcore = ApplyDNSProviderType("gcore")
@ -92,10 +96,12 @@ const (
ApplyDNSProviderTypeNameDotCom = ApplyDNSProviderType("namedotcom")
ApplyDNSProviderTypeNameSilo = ApplyDNSProviderType("namesilo")
ApplyDNSProviderTypeNS1 = ApplyDNSProviderType("ns1")
ApplyDNSProviderTypePorkbun = ApplyDNSProviderType("porkbun")
ApplyDNSProviderTypePowerDNS = ApplyDNSProviderType("powerdns")
ApplyDNSProviderTypeRainYun = ApplyDNSProviderType("rainyun")
ApplyDNSProviderTypeTencentCloud = ApplyDNSProviderType("tencentcloud") // 兼容旧值,等同于 [ApplyDNSProviderTypeTencentCloudDNS]
ApplyDNSProviderTypeTencentCloudDNS = ApplyDNSProviderType("tencentcloud-dns")
ApplyDNSProviderTypeVercel = ApplyDNSProviderType("vercel")
ApplyDNSProviderTypeVolcEngine = ApplyDNSProviderType("volcengine") // 兼容旧值,等同于 [ApplyDNSProviderTypeVolcEngineDNS]
ApplyDNSProviderTypeVolcEngineDNS = ApplyDNSProviderType("volcengine-dns")
ApplyDNSProviderTypeWestcn = ApplyDNSProviderType("westcn")
@ -168,6 +174,7 @@ const (
DeployProviderTypeUCloudUS3 = DeployProviderType("ucloud-us3")
DeployProviderTypeUpyunCDN = DeployProviderType("upyun-cdn")
DeployProviderTypeUpyunFile = DeployProviderType("upyun-file")
DeployProviderTypeVolcEngineALB = DeployProviderType("volcengine-alb")
DeployProviderTypeVolcEngineCDN = DeployProviderType("volcengine-cdn")
DeployProviderTypeVolcEngineCLB = DeployProviderType("volcengine-clb")
DeployProviderTypeVolcEngineDCDN = DeployProviderType("volcengine-dcdn")

14
internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud/internal/lego.go
View File

@ -6,7 +6,7 @@ import (
"strings"
"time"
bceDns "github.com/baidubce/bce-sdk-go/services/dns"
bcedns "github.com/baidubce/bce-sdk-go/services/dns"
"github.com/go-acme/lego/v4/challenge"
"github.com/go-acme/lego/v4/challenge/dns01"
"github.com/go-acme/lego/v4/platform/config/env"
@ -38,7 +38,7 @@ type Config struct {
}
type DNSProvider struct {
client *bceDns.Client
client *bcedns.Client
config *Config
}
@ -69,7 +69,7 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
return nil, errors.New("baiducloud: the configuration of the DNS provider is nil")
}
client, err := bceDns.NewClient(config.AccessKeyID, config.SecretAccessKey, "")
client, err := bcedns.NewClient(config.AccessKeyID, config.SecretAccessKey, "")
if err != nil {
return nil, err
} else {
@ -128,11 +128,11 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
return d.config.PropagationTimeout, d.config.PollingInterval
}
func (d *DNSProvider) getDNSRecord(zoneName, subDomain string) (*bceDns.Record, error) {
func (d *DNSProvider) getDNSRecord(zoneName, subDomain string) (*bcedns.Record, error) {
pageMarker := ""
pageSize := 1000
for {
request := &bceDns.ListRecordRequest{}
request := &bcedns.ListRecordRequest{}
request.Rr = subDomain
request.Marker = pageMarker
request.MaxKeys = pageSize
@ -165,7 +165,7 @@ func (d *DNSProvider) addOrUpdateDNSRecord(zoneName, subDomain, value string) er
}
if record == nil {
request := &bceDns.CreateRecordRequest{
request := &bcedns.CreateRecordRequest{
Type: "TXT",
Rr: subDomain,
Value: value,
@ -174,7 +174,7 @@ func (d *DNSProvider) addOrUpdateDNSRecord(zoneName, subDomain, value string) er
err := d.client.CreateRecord(zoneName, request, d.generateClientToken())
return err
} else {
request := &bceDns.UpdateRecordRequest{
request := &bcedns.UpdateRecordRequest{
Type: "TXT",
Rr: subDomain,
Value: value,

36
internal/pkg/core/applicant/acme-dns-01/lego-providers/desec/desec.go Normal file
View File

@ -0,0 +1,36 @@
package desec
import (
"time"
"github.com/go-acme/lego/v4/challenge"
"github.com/go-acme/lego/v4/providers/dns/desec"
)
type ChallengeProviderConfig struct {
Token string `json:"token"`
DnsPropagationTimeout int32 `json:"dnsPropagationTimeout,omitempty"`
DnsTTL int32 `json:"dnsTTL,omitempty"`
}
func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) {
if config == nil {
panic("config is nil")
}
providerConfig := desec.NewDefaultConfig()
providerConfig.Token = config.Token
if config.DnsPropagationTimeout != 0 {
providerConfig.PropagationTimeout = time.Duration(config.DnsPropagationTimeout) * time.Second
}
if config.DnsTTL != 0 {
providerConfig.TTL = int(config.DnsTTL)
}
provider, err := desec.NewDNSProviderConfig(providerConfig)
if err != nil {
return nil, err
}
return provider, nil
}

14
internal/pkg/core/applicant/acme-dns-01/lego-providers/gname/internal/lego.go
View File

@ -122,8 +122,8 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
}
func (d *DNSProvider) getDNSRecord(zoneName, subDomain string) (*gnamesdk.ResolutionRecord, error) {
page := 1
pageSize := 20
page := int32(1)
pageSize := int32(20)
for {
request := &gnamesdk.ListDomainResolutionRequest{}
request.ZoneName = zoneName
@ -166,18 +166,19 @@ func (d *DNSProvider) addOrUpdateDNSRecord(zoneName, subDomain, value string) er
RecordType: "TXT",
RecordName: subDomain,
RecordValue: value,
TTL: d.config.TTL,
TTL: int32(d.config.TTL),
}
_, err := d.client.AddDomainResolution(request)
return err
} else {
recordId, _ := record.ID.Int64()
request := &gnamesdk.ModifyDomainResolutionRequest{
ID: record.ID,
ID: recordId,
ZoneName: zoneName,
RecordType: "TXT",
RecordName: subDomain,
RecordValue: value,
TTL: d.config.TTL,
TTL: int32(d.config.TTL),
}
_, err := d.client.ModifyDomainResolution(request)
return err
@ -194,9 +195,10 @@ func (d *DNSProvider) removeDNSRecord(zoneName, subDomain string) error {
return nil
}
recordId, _ := record.ID.Int64()
request := &gnamesdk.DeleteDomainResolutionRequest{
ZoneName: zoneName,
RecordID: record.ID,
RecordID: recordId,
}
_, err = d.client.DeleteDomainResolution(request)
return err

30
internal/pkg/core/applicant/acme-dns-01/lego-providers/jdcloud/internal/lego.go
View File

@ -8,10 +8,10 @@ import (
"github.com/go-acme/lego/v4/challenge"
"github.com/go-acme/lego/v4/challenge/dns01"
"github.com/go-acme/lego/v4/platform/config/env"
jdCore "github.com/jdcloud-api/jdcloud-sdk-go/core"
jdDnsApi "github.com/jdcloud-api/jdcloud-sdk-go/services/domainservice/apis"
jdDnsClient "github.com/jdcloud-api/jdcloud-sdk-go/services/domainservice/client"
jdDnsModel "github.com/jdcloud-api/jdcloud-sdk-go/services/domainservice/models"
jdcore "github.com/jdcloud-api/jdcloud-sdk-go/core"
jddnsapi "github.com/jdcloud-api/jdcloud-sdk-go/services/domainservice/apis"
jddnsclient "github.com/jdcloud-api/jdcloud-sdk-go/services/domainservice/client"
jddnsmodel "github.com/jdcloud-api/jdcloud-sdk-go/services/domainservice/models"
)
const (
@ -41,7 +41,7 @@ type Config struct {
}
type DNSProvider struct {
client *jdDnsClient.DomainserviceClient
client *jddnsclient.DomainserviceClient
config *Config
}
@ -73,12 +73,12 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
return nil, errors.New("jdcloud: the configuration of the DNS provider is nil")
}
clientCredentials := jdCore.NewCredentials(config.AccessKeyID, config.AccessKeySecret)
client := jdDnsClient.NewDomainserviceClient(clientCredentials)
clientCredentials := jdcore.NewCredentials(config.AccessKeyID, config.AccessKeySecret)
client := jddnsclient.NewDomainserviceClient(clientCredentials)
clientConfig := &client.Config
clientConfig.SetTimeout(config.HTTPTimeout)
client.SetConfig(clientConfig)
client.SetLogger(jdCore.NewDefaultLogger(jdCore.LogWarn))
client.SetLogger(jdcore.NewDefaultLogger(jdcore.LogWarn))
return &DNSProvider{
client: client,
@ -130,11 +130,11 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
return d.config.PropagationTimeout, d.config.PollingInterval
}
func (d *DNSProvider) getDNSZone(zoneName string) (*jdDnsModel.DomainInfo, error) {
func (d *DNSProvider) getDNSZone(zoneName string) (*jddnsmodel.DomainInfo, error) {
pageNumber := 1
pageSize := 10
for {
request := jdDnsApi.NewDescribeDomainsRequest(d.config.RegionId, pageNumber, pageSize)
request := jddnsapi.NewDescribeDomainsRequest(d.config.RegionId, pageNumber, pageSize)
request.SetDomainName(zoneName)
response, err := d.client.DescribeDomains(request)
@ -158,7 +158,7 @@ func (d *DNSProvider) getDNSZone(zoneName string) (*jdDnsModel.DomainInfo, error
return nil, fmt.Errorf("jdcloud: zone %s not found", zoneName)
}
func (d *DNSProvider) getDNSZoneAndRecord(zoneName, subDomain string) (*jdDnsModel.DomainInfo, *jdDnsModel.RRInfo, error) {
func (d *DNSProvider) getDNSZoneAndRecord(zoneName, subDomain string) (*jddnsmodel.DomainInfo, *jddnsmodel.RRInfo, error) {
zone, err := d.getDNSZone(zoneName)
if err != nil {
return nil, nil, err
@ -167,7 +167,7 @@ func (d *DNSProvider) getDNSZoneAndRecord(zoneName, subDomain string) (*jdDnsMod
pageNumber := 1
pageSize := 10
for {
request := jdDnsApi.NewDescribeResourceRecordRequest(d.config.RegionId, fmt.Sprintf("%d", zone.Id))
request := jddnsapi.NewDescribeResourceRecordRequest(d.config.RegionId, fmt.Sprintf("%d", zone.Id))
request.SetSearch(subDomain)
request.SetPageNumber(pageNumber)
request.SetPageSize(pageSize)
@ -200,7 +200,7 @@ func (d *DNSProvider) addOrUpdateDNSRecord(zoneName, subDomain, value string) er
}
if record == nil {
request := jdDnsApi.NewCreateResourceRecordRequest(d.config.RegionId, fmt.Sprintf("%d", zone.Id), &jdDnsModel.AddRR{
request := jddnsapi.NewCreateResourceRecordRequest(d.config.RegionId, fmt.Sprintf("%d", zone.Id), &jddnsmodel.AddRR{
Type: "TXT",
HostRecord: subDomain,
HostValue: value,
@ -210,7 +210,7 @@ func (d *DNSProvider) addOrUpdateDNSRecord(zoneName, subDomain, value string) er
_, err := d.client.CreateResourceRecord(request)
return err
} else {
request := jdDnsApi.NewModifyResourceRecordRequest(d.config.RegionId, fmt.Sprintf("%d", zone.Id), fmt.Sprintf("%d", record.Id), &jdDnsModel.UpdateRR{
request := jddnsapi.NewModifyResourceRecordRequest(d.config.RegionId, fmt.Sprintf("%d", zone.Id), fmt.Sprintf("%d", record.Id), &jddnsmodel.UpdateRR{
Type: "TXT",
HostRecord: subDomain,
HostValue: value,
@ -231,7 +231,7 @@ func (d *DNSProvider) removeDNSRecord(zoneName, subDomain string) error {
if record == nil {
return nil
} else {
request := jdDnsApi.NewDeleteResourceRecordRequest(d.config.RegionId, fmt.Sprintf("%d", zone.Id), fmt.Sprintf("%d", record.Id))
request := jddnsapi.NewDeleteResourceRecordRequest(d.config.RegionId, fmt.Sprintf("%d", zone.Id), fmt.Sprintf("%d", record.Id))
_, err = d.client.DeleteResourceRecord(request)
return err
}

38
internal/pkg/core/applicant/acme-dns-01/lego-providers/porkbun/porkbun.go Normal file
View File

@ -0,0 +1,38 @@
package porkbun
import (
"time"
"github.com/go-acme/lego/v4/challenge"
"github.com/go-acme/lego/v4/providers/dns/porkbun"
)
type ChallengeProviderConfig struct {
ApiKey string `json:"apiKey"`
SecretApiKey string `json:"secretApiKey"`
DnsPropagationTimeout int32 `json:"dnsPropagationTimeout,omitempty"`
DnsTTL int32 `json:"dnsTTL,omitempty"`
}
func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) {
if config == nil {
panic("config is nil")
}
providerConfig := porkbun.NewDefaultConfig()
providerConfig.APIKey = config.ApiKey
providerConfig.SecretAPIKey = config.SecretApiKey
if config.DnsPropagationTimeout != 0 {
providerConfig.PropagationTimeout = time.Duration(config.DnsPropagationTimeout) * time.Second
}
if config.DnsTTL != 0 {
providerConfig.TTL = int(config.DnsTTL)
}
provider, err := porkbun.NewDNSProviderConfig(providerConfig)
if err != nil {
return nil, err
}
return provider, nil
}

2
internal/pkg/core/applicant/acme-dns-01/lego-providers/powerdns/powerdns.go
View File

@ -1,4 +1,4 @@
package namesilo
package powerdns
import (
"net/url"

38
internal/pkg/core/applicant/acme-dns-01/lego-providers/vercel/vercel.go Normal file
View File

@ -0,0 +1,38 @@
package vercel
import (
"time"
"github.com/go-acme/lego/v4/challenge"
"github.com/go-acme/lego/v4/providers/dns/vercel"
)
type ChallengeProviderConfig struct {
ApiAccessToken string `json:"apiAccessToken"`
TeamId string `json:"teamId,omitempty"`
DnsPropagationTimeout int32 `json:"dnsPropagationTimeout,omitempty"`
DnsTTL int32 `json:"dnsTTL,omitempty"`
}
func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) {
if config == nil {
panic("config is nil")
}
providerConfig := vercel.NewDefaultConfig()
providerConfig.AuthToken = config.ApiAccessToken
providerConfig.TeamID = config.TeamId
if config.DnsPropagationTimeout != 0 {
providerConfig.PropagationTimeout = time.Duration(config.DnsPropagationTimeout) * time.Second
}
if config.DnsTTL != 0 {
providerConfig.TTL = int(config.DnsTTL)
}
provider, err := vercel.NewDNSProviderConfig(providerConfig)
if err != nil {
return nil, err
}
return provider, nil
}

120
internal/pkg/core/deployer/providers/aliyun-alb/aliyun_alb.go
View File

@ -9,9 +9,9 @@ import (
"strings"
"time"
aliyunAlb "github.com/alibabacloud-go/alb-20200616/v2/client"
aliyunCas "github.com/alibabacloud-go/cas-20200407/v3/client"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
alialb "github.com/alibabacloud-go/alb-20200616/v2/client"
alicas "github.com/alibabacloud-go/cas-20200407/v3/client"
aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
"github.com/alibabacloud-go/tea/tea"
xerrors "github.com/pkg/errors"
"golang.org/x/exp/slices"
@ -51,8 +51,8 @@ type DeployerProvider struct {
var _ deployer.Deployer = (*DeployerProvider)(nil)
type wSdkClients struct {
alb *aliyunAlb.Client
cas *aliyunCas.Client
ALB *alialb.Client
CAS *alicas.Client
}
func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
@ -123,10 +123,10 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
// 查询负载均衡实例的详细信息
// REF: https://help.aliyun.com/zh/slb/application-load-balancer/developer-reference/api-alb-2020-06-16-getloadbalancerattribute
getLoadBalancerAttributeReq := &aliyunAlb.GetLoadBalancerAttributeRequest{
getLoadBalancerAttributeReq := &alialb.GetLoadBalancerAttributeRequest{
LoadBalancerId: tea.String(d.config.LoadbalancerId),
}
getLoadBalancerAttributeResp, err := d.sdkClients.alb.GetLoadBalancerAttribute(getLoadBalancerAttributeReq)
getLoadBalancerAttributeResp, err := d.sdkClients.ALB.GetLoadBalancerAttribute(getLoadBalancerAttributeReq)
d.logger.Debug("sdk request 'alb.GetLoadBalancerAttribute'", slog.Any("request", getLoadBalancerAttributeReq), slog.Any("response", getLoadBalancerAttributeResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.GetLoadBalancerAttribute'")
@ -138,13 +138,13 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
listListenersLimit := int32(100)
var listListenersToken *string = nil
for {
listListenersReq := &aliyunAlb.ListListenersRequest{
listListenersReq := &alialb.ListListenersRequest{
MaxResults: tea.Int32(listListenersLimit),
NextToken: listListenersToken,
LoadBalancerIds: []*string{tea.String(d.config.LoadbalancerId)},
ListenerProtocol: tea.String("HTTPS"),
}
listListenersResp, err := d.sdkClients.alb.ListListeners(listListenersReq)
listListenersResp, err := d.sdkClients.ALB.ListListeners(listListenersReq)
d.logger.Debug("sdk request 'alb.ListListeners'", slog.Any("request", listListenersReq), slog.Any("response", listListenersResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.ListListeners'")
@ -167,13 +167,13 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
// REF: https://help.aliyun.com/zh/slb/application-load-balancer/developer-reference/api-alb-2020-06-16-listlisteners
listListenersToken = nil
for {
listListenersReq := &aliyunAlb.ListListenersRequest{
listListenersReq := &alialb.ListListenersRequest{
MaxResults: tea.Int32(listListenersLimit),
NextToken: listListenersToken,
LoadBalancerIds: []*string{tea.String(d.config.LoadbalancerId)},
ListenerProtocol: tea.String("QUIC"),
}
listListenersResp, err := d.sdkClients.alb.ListListeners(listListenersReq)
listListenersResp, err := d.sdkClients.ALB.ListListeners(listListenersReq)
d.logger.Debug("sdk request 'alb.ListListeners'", slog.Any("request", listListenersReq), slog.Any("response", listListenersResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.ListListeners'")
@ -229,10 +229,10 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str
func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error {
// 查询监听的属性
// REF: https://help.aliyun.com/zh/slb/application-load-balancer/developer-reference/api-alb-2020-06-16-getlistenerattribute
getListenerAttributeReq := &aliyunAlb.GetListenerAttributeRequest{
getListenerAttributeReq := &alialb.GetListenerAttributeRequest{
ListenerId: tea.String(cloudListenerId),
}
getListenerAttributeResp, err := d.sdkClients.alb.GetListenerAttribute(getListenerAttributeReq)
getListenerAttributeResp, err := d.sdkClients.ALB.GetListenerAttribute(getListenerAttributeReq)
d.logger.Debug("sdk request 'alb.GetListenerAttribute'", slog.Any("request", getListenerAttributeReq), slog.Any("response", getListenerAttributeResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.GetListenerAttribute'")
@ -243,13 +243,13 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
// 修改监听的属性
// REF: https://help.aliyun.com/zh/slb/application-load-balancer/developer-reference/api-alb-2020-06-16-updatelistenerattribute
updateListenerAttributeReq := &aliyunAlb.UpdateListenerAttributeRequest{
updateListenerAttributeReq := &alialb.UpdateListenerAttributeRequest{
ListenerId: tea.String(cloudListenerId),
Certificates: []*aliyunAlb.UpdateListenerAttributeRequestCertificates{{
Certificates: []*alialb.UpdateListenerAttributeRequestCertificates{{
CertificateId: tea.String(cloudCertId),
}},
}
updateListenerAttributeResp, err := d.sdkClients.alb.UpdateListenerAttribute(updateListenerAttributeReq)
updateListenerAttributeResp, err := d.sdkClients.ALB.UpdateListenerAttribute(updateListenerAttributeReq)
d.logger.Debug("sdk request 'alb.UpdateListenerAttribute'", slog.Any("request", updateListenerAttributeReq), slog.Any("response", updateListenerAttributeResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.UpdateListenerAttribute'")
@ -259,17 +259,17 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
// 查询监听证书列表
// REF: https://help.aliyun.com/zh/slb/application-load-balancer/developer-reference/api-alb-2020-06-16-listlistenercertificates
listenerCertificates := make([]aliyunAlb.ListListenerCertificatesResponseBodyCertificates, 0)
listenerCertificates := make([]alialb.ListListenerCertificatesResponseBodyCertificates, 0)
listListenerCertificatesLimit := int32(100)
var listListenerCertificatesToken *string = nil
for {
listListenerCertificatesReq := &aliyunAlb.ListListenerCertificatesRequest{
listListenerCertificatesReq := &alialb.ListListenerCertificatesRequest{
NextToken: listListenerCertificatesToken,
MaxResults: tea.Int32(listListenerCertificatesLimit),
ListenerId: tea.String(cloudListenerId),
CertificateType: tea.String("Server"),
}
listListenerCertificatesResp, err := d.sdkClients.alb.ListListenerCertificates(listListenerCertificatesReq)
listListenerCertificatesResp, err := d.sdkClients.ALB.ListListenerCertificates(listListenerCertificatesReq)
d.logger.Debug("sdk request 'alb.ListListenerCertificates'", slog.Any("request", listListenerCertificatesReq), slog.Any("response", listListenerCertificatesResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.ListListenerCertificates'")
@ -291,52 +291,62 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
// 遍历查询监听证书,并找出需要解除关联的证书
// REF: https://help.aliyun.com/zh/slb/application-load-balancer/developer-reference/api-alb-2020-06-16-listlistenercertificates
// REF: https://help.aliyun.com/zh/ssl-certificate/developer-reference/api-cas-2020-04-07-getusercertificatedetail
certificateIsAssociated := false
certificateIdsExpired := make([]string, 0)
certificateIsAlreadyAssociated := false
certificateIdsToDissociate := make([]string, 0)
if len(listenerCertificates) > 0 {
d.logger.Info("found listener certificates to deploy", slog.Any("listenerCertificates", listenerCertificates))
var errs []error
for _, listenerCertificate := range listenerCertificates {
// 监听证书 ID 格式:${证书 ID}-${地域}
certificateId := strings.Split(*listenerCertificate.CertificateId, "-")[0]
if certificateId == cloudCertId {
certificateIsAssociated = true
if tea.BoolValue(listenerCertificate.IsDefault) {
continue
}
if *listenerCertificate.IsDefault || !strings.EqualFold(*listenerCertificate.Status, "Associated") {
if !strings.EqualFold(tea.StringValue(listenerCertificate.Status), "Associated") {
continue
}
// 监听证书 ID 格式:${证书 ID}-${地域}
certificateId := strings.Split(tea.StringValue(listenerCertificate.CertificateId), "-")[0]
if certificateId == cloudCertId {
certificateIsAlreadyAssociated = true
break
}
certificateIdAsInt64, err := strconv.ParseInt(certificateId, 10, 64)
if err != nil {
errs = append(errs, err)
continue
}
getUserCertificateDetailReq := &aliyunCas.GetUserCertificateDetailRequest{
getUserCertificateDetailReq := &alicas.GetUserCertificateDetailRequest{
CertId: tea.Int64(certificateIdAsInt64),
}
getUserCertificateDetailResp, err := d.sdkClients.cas.GetUserCertificateDetail(getUserCertificateDetailReq)
getUserCertificateDetailResp, err := d.sdkClients.CAS.GetUserCertificateDetail(getUserCertificateDetailReq)
d.logger.Debug("sdk request 'cas.GetUserCertificateDetail'", slog.Any("request", getUserCertificateDetailReq), slog.Any("response", getUserCertificateDetailResp))
if err != nil {
if sdkerr, ok := err.(*tea.SDKError); ok {
if tea.IntValue(sdkerr.StatusCode) == 400 && tea.StringValue(sdkerr.Code) == "NotFound" {
continue
}
}
errs = append(errs, xerrors.Wrap(err, "failed to execute sdk request 'cas.GetUserCertificateDetail'"))
continue
}
} else {
certCNMatched := tea.StringValue(getUserCertificateDetailResp.Body.Common) == d.config.Domain
certSANMatched := slices.Contains(strings.Split(tea.StringValue(getUserCertificateDetailResp.Body.Sans), ","), d.config.Domain)
if !certCNMatched && !certSANMatched {
continue
}
certCnMatched := getUserCertificateDetailResp.Body.Common != nil && *getUserCertificateDetailResp.Body.Common == d.config.Domain
certSanMatched := getUserCertificateDetailResp.Body.Sans != nil && slices.Contains(strings.Split(*getUserCertificateDetailResp.Body.Sans, ","), d.config.Domain)
if !certCnMatched && !certSanMatched {
continue
}
certEndDate, _ := time.Parse("2006-01-02", tea.StringValue(getUserCertificateDetailResp.Body.EndDate))
if time.Now().Before(certEndDate) {
continue
}
certEndDate, _ := time.Parse("2006-01-02", *getUserCertificateDetailResp.Body.EndDate)
if time.Now().Before(certEndDate) {
continue
certificateIdsToDissociate = append(certificateIdsToDissociate, certificateId)
}
certificateIdsExpired = append(certificateIdsExpired, certificateId)
}
if len(errs) > 0 {
@ -346,16 +356,16 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
// 关联监听和扩展证书
// REF: https://help.aliyun.com/zh/slb/application-load-balancer/developer-reference/api-alb-2020-06-16-associateadditionalcertificateswithlistener
if !certificateIsAssociated {
associateAdditionalCertificatesFromListenerReq := &aliyunAlb.AssociateAdditionalCertificatesWithListenerRequest{
if !certificateIsAlreadyAssociated {
associateAdditionalCertificatesFromListenerReq := &alialb.AssociateAdditionalCertificatesWithListenerRequest{
ListenerId: tea.String(cloudListenerId),
Certificates: []*aliyunAlb.AssociateAdditionalCertificatesWithListenerRequestCertificates{
Certificates: []*alialb.AssociateAdditionalCertificatesWithListenerRequestCertificates{
{
CertificateId: tea.String(cloudCertId),
},
},
}
associateAdditionalCertificatesFromListenerResp, err := d.sdkClients.alb.AssociateAdditionalCertificatesWithListener(associateAdditionalCertificatesFromListenerReq)
associateAdditionalCertificatesFromListenerResp, err := d.sdkClients.ALB.AssociateAdditionalCertificatesWithListener(associateAdditionalCertificatesFromListenerReq)
d.logger.Debug("sdk request 'alb.AssociateAdditionalCertificatesWithListener'", slog.Any("request", associateAdditionalCertificatesFromListenerReq), slog.Any("response", associateAdditionalCertificatesFromListenerResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.AssociateAdditionalCertificatesWithListener'")
@ -364,19 +374,19 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
// 解除关联监听和扩展证书
// REF: https://help.aliyun.com/zh/slb/application-load-balancer/developer-reference/api-alb-2020-06-16-dissociateadditionalcertificatesfromlistener
if len(certificateIdsExpired) > 0 {
dissociateAdditionalCertificates := make([]*aliyunAlb.DissociateAdditionalCertificatesFromListenerRequestCertificates, 0)
for _, certificateId := range certificateIdsExpired {
dissociateAdditionalCertificates = append(dissociateAdditionalCertificates, &aliyunAlb.DissociateAdditionalCertificatesFromListenerRequestCertificates{
if !certificateIsAlreadyAssociated && len(certificateIdsToDissociate) > 0 {
dissociateAdditionalCertificates := make([]*alialb.DissociateAdditionalCertificatesFromListenerRequestCertificates, 0)
for _, certificateId := range certificateIdsToDissociate {
dissociateAdditionalCertificates = append(dissociateAdditionalCertificates, &alialb.DissociateAdditionalCertificatesFromListenerRequestCertificates{
CertificateId: tea.String(certificateId),
})
}
dissociateAdditionalCertificatesFromListenerReq := &aliyunAlb.DissociateAdditionalCertificatesFromListenerRequest{
dissociateAdditionalCertificatesFromListenerReq := &alialb.DissociateAdditionalCertificatesFromListenerRequest{
ListenerId: tea.String(cloudListenerId),
Certificates: dissociateAdditionalCertificates,
}
dissociateAdditionalCertificatesFromListenerResp, err := d.sdkClients.alb.DissociateAdditionalCertificatesFromListener(dissociateAdditionalCertificatesFromListenerReq)
dissociateAdditionalCertificatesFromListenerResp, err := d.sdkClients.ALB.DissociateAdditionalCertificatesFromListener(dissociateAdditionalCertificatesFromListenerReq)
d.logger.Debug("sdk request 'alb.DissociateAdditionalCertificatesFromListener'", slog.Any("request", dissociateAdditionalCertificatesFromListenerReq), slog.Any("response", dissociateAdditionalCertificatesFromListenerResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.DissociateAdditionalCertificatesFromListener'")
@ -397,12 +407,12 @@ func createSdkClients(accessKeyId, accessKeySecret, region string) (*wSdkClients
albEndpoint = fmt.Sprintf("alb.%s.aliyuncs.com", region)
}
albConfig := &aliyunOpen.Config{
albConfig := &aliopen.Config{
AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret),
Endpoint: tea.String(albEndpoint),
}
albClient, err := aliyunAlb.NewClient(albConfig)
albClient, err := alialb.NewClient(albConfig)
if err != nil {
return nil, err
}
@ -415,19 +425,19 @@ func createSdkClients(accessKeyId, accessKeySecret, region string) (*wSdkClients
casEndpoint = "cas.aliyuncs.com"
}
casConfig := &aliyunOpen.Config{
casConfig := &aliopen.Config{
Endpoint: tea.String(casEndpoint),
AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret),
}
casClient, err := aliyunCas.NewClient(casConfig)
casClient, err := alicas.NewClient(casConfig)
if err != nil {
return nil, err
}
return &wSdkClients{
alb: albClient,
cas: casClient,
ALB: albClient,
CAS: casClient,
}, nil
}

18
internal/pkg/core/deployer/providers/aliyun-cas-deploy/aliyun_cas_deploy.go
View File

@ -8,8 +8,8 @@ import (
"strings"
"time"
aliyunCas "github.com/alibabacloud-go/cas-20200407/v3/client"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
alicas "github.com/alibabacloud-go/cas-20200407/v3/client"
aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
"github.com/alibabacloud-go/tea/tea"
xerrors "github.com/pkg/errors"
@ -35,7 +35,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *aliyunCas.Client
sdkClient *alicas.Client
sslUploader uploader.Uploader
}
@ -95,7 +95,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
if len(contactIds) == 0 {
// 获取联系人列表
// REF: https://help.aliyun.com/zh/ssl-certificate/developer-reference/api-cas-2020-04-07-listcontact
listContactReq := &aliyunCas.ListContactRequest{}
listContactReq := &alicas.ListContactRequest{}
listContactReq.ShowSize = tea.Int32(1)
listContactReq.CurrentPage = tea.Int32(1)
listContactResp, err := d.sdkClient.ListContact(listContactReq)
@ -111,7 +111,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 创建部署任务
// REF: https://help.aliyun.com/zh/ssl-certificate/developer-reference/api-cas-2020-04-07-createdeploymentjob
createDeploymentJobReq := &aliyunCas.CreateDeploymentJobRequest{
createDeploymentJobReq := &alicas.CreateDeploymentJobRequest{
Name: tea.String(fmt.Sprintf("certimate-%d", time.Now().UnixMilli())),
JobType: tea.String("user"),
CertIds: tea.String(upres.CertId),
@ -131,7 +131,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return nil, ctx.Err()
}
describeDeploymentJobReq := &aliyunCas.DescribeDeploymentJobRequest{
describeDeploymentJobReq := &alicas.DescribeDeploymentJobRequest{
JobId: createDeploymentJobResp.Body.JobId,
}
describeDeploymentJobResp, err := d.sdkClient.DescribeDeploymentJob(describeDeploymentJobReq)
@ -155,7 +155,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunCas.Client, error) {
func createSdkClient(accessKeyId, accessKeySecret, region string) (*alicas.Client, error) {
if region == "" {
region = "cn-hangzhou" // CAS 服务默认区域:华东一杭州
}
@ -169,13 +169,13 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunCas.Cl
endpoint = fmt.Sprintf("cas.%s.aliyuncs.com", region)
}
config := &aliyunOpen.Config{
config := &aliopen.Config{
AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret),
Endpoint: tea.String(endpoint),
}
client, err := aliyunCas.NewClient(config)
client, err := alicas.NewClient(config)
if err != nil {
return nil, err
}

14
internal/pkg/core/deployer/providers/aliyun-cdn/aliyun_cdn.go
View File

@ -7,8 +7,8 @@ import (
"strings"
"time"
aliyunCdn "github.com/alibabacloud-go/cdn-20180510/v5/client"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
alicdn "github.com/alibabacloud-go/cdn-20180510/v5/client"
aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
"github.com/alibabacloud-go/tea/tea"
xerrors "github.com/pkg/errors"
@ -27,7 +27,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *aliyunCdn.Client
sdkClient *alicdn.Client
}
var _ deployer.Deployer = (*DeployerProvider)(nil)
@ -64,7 +64,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 设置 CDN 域名域名证书
// REF: https://help.aliyun.com/zh/cdn/developer-reference/api-cdn-2018-05-10-setcdndomainsslcertificate
setCdnDomainSSLCertificateReq := &aliyunCdn.SetCdnDomainSSLCertificateRequest{
setCdnDomainSSLCertificateReq := &alicdn.SetCdnDomainSSLCertificateRequest{
DomainName: tea.String(domain),
CertName: tea.String(fmt.Sprintf("certimate-%d", time.Now().UnixMilli())),
CertType: tea.String("upload"),
@ -81,14 +81,14 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(accessKeyId, accessKeySecret string) (*aliyunCdn.Client, error) {
config := &aliyunOpen.Config{
func createSdkClient(accessKeyId, accessKeySecret string) (*alicdn.Client, error) {
config := &aliopen.Config{
AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret),
Endpoint: tea.String("cdn.aliyuncs.com"),
}
client, err := aliyunCdn.NewClient(config)
client, err := alicdn.NewClient(config)
if err != nil {
return nil, err
}

24
internal/pkg/core/deployer/providers/aliyun-clb/aliyun_clb.go
View File

@ -6,8 +6,8 @@ import (
"fmt"
"log/slog"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
aliyunSlb "github.com/alibabacloud-go/slb-20140515/v4/client"
aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
alislb "github.com/alibabacloud-go/slb-20140515/v4/client"
"github.com/alibabacloud-go/tea/tea"
xerrors "github.com/pkg/errors"
@ -39,7 +39,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *aliyunSlb.Client
sdkClient *alislb.Client
sslUploader uploader.Uploader
}
@ -117,7 +117,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
// 查询负载均衡实例的详细信息
// REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-describeloadbalancerattribute
describeLoadBalancerAttributeReq := &aliyunSlb.DescribeLoadBalancerAttributeRequest{
describeLoadBalancerAttributeReq := &alislb.DescribeLoadBalancerAttributeRequest{
RegionId: tea.String(d.config.Region),
LoadBalancerId: tea.String(d.config.LoadbalancerId),
}
@ -133,7 +133,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
describeLoadBalancerListenersLimit := int32(100)
var describeLoadBalancerListenersToken *string = nil
for {
describeLoadBalancerListenersReq := &aliyunSlb.DescribeLoadBalancerListenersRequest{
describeLoadBalancerListenersReq := &alislb.DescribeLoadBalancerListenersRequest{
RegionId: tea.String(d.config.Region),
MaxResults: tea.Int32(describeLoadBalancerListenersLimit),
NextToken: describeLoadBalancerListenersToken,
@ -199,7 +199,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str
func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudLoadbalancerId string, cloudListenerPort int32, cloudCertId string) error {
// 查询监听配置
// REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-describeloadbalancerhttpslistenerattribute
describeLoadBalancerHTTPSListenerAttributeReq := &aliyunSlb.DescribeLoadBalancerHTTPSListenerAttributeRequest{
describeLoadBalancerHTTPSListenerAttributeReq := &alislb.DescribeLoadBalancerHTTPSListenerAttributeRequest{
LoadBalancerId: tea.String(cloudLoadbalancerId),
ListenerPort: tea.Int32(cloudListenerPort),
}
@ -214,7 +214,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
// 修改监听配置
// REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-setloadbalancerhttpslistenerattribute
setLoadBalancerHTTPSListenerAttributeReq := &aliyunSlb.SetLoadBalancerHTTPSListenerAttributeRequest{
setLoadBalancerHTTPSListenerAttributeReq := &alislb.SetLoadBalancerHTTPSListenerAttributeRequest{
RegionId: tea.String(d.config.Region),
LoadBalancerId: tea.String(cloudLoadbalancerId),
ListenerPort: tea.Int32(cloudListenerPort),
@ -230,7 +230,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
// 查询扩展域名
// REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-describedomainextensions
describeDomainExtensionsReq := &aliyunSlb.DescribeDomainExtensionsRequest{
describeDomainExtensionsReq := &alislb.DescribeDomainExtensionsRequest{
RegionId: tea.String(d.config.Region),
LoadBalancerId: tea.String(cloudLoadbalancerId),
ListenerPort: tea.Int32(cloudListenerPort),
@ -251,7 +251,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
continue
}
setDomainExtensionAttributeReq := &aliyunSlb.SetDomainExtensionAttributeRequest{
setDomainExtensionAttributeReq := &alislb.SetDomainExtensionAttributeRequest{
RegionId: tea.String(d.config.Region),
DomainExtensionId: tea.String(*domainExtension.DomainExtensionId),
ServerCertificateId: tea.String(cloudCertId),
@ -273,7 +273,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
return nil
}
func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunSlb.Client, error) {
func createSdkClient(accessKeyId, accessKeySecret, region string) (*alislb.Client, error) {
// 接入点一览 https://api.aliyun.com/product/Slb
var endpoint string
switch region {
@ -287,13 +287,13 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunSlb.Cl
endpoint = fmt.Sprintf("slb.%s.aliyuncs.com", region)
}
config := &aliyunOpen.Config{
config := &aliopen.Config{
AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret),
Endpoint: tea.String(endpoint),
}
client, err := aliyunSlb.NewClient(config)
client, err := alislb.NewClient(config)
if err != nil {
return nil, err
}

14
internal/pkg/core/deployer/providers/aliyun-dcdn/aliyun_dcdn.go
View File

@ -7,8 +7,8 @@ import (
"strings"
"time"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
aliyunDcdn "github.com/alibabacloud-go/dcdn-20180115/v3/client"
aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
alidcdn "github.com/alibabacloud-go/dcdn-20180115/v3/client"
"github.com/alibabacloud-go/tea/tea"
xerrors "github.com/pkg/errors"
@ -27,7 +27,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *aliyunDcdn.Client
sdkClient *alidcdn.Client
}
var _ deployer.Deployer = (*DeployerProvider)(nil)
@ -64,7 +64,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 配置域名证书
// REF: https://help.aliyun.com/zh/edge-security-acceleration/dcdn/developer-reference/api-dcdn-2018-01-15-setdcdndomainsslcertificate
setDcdnDomainSSLCertificateReq := &aliyunDcdn.SetDcdnDomainSSLCertificateRequest{
setDcdnDomainSSLCertificateReq := &alidcdn.SetDcdnDomainSSLCertificateRequest{
DomainName: tea.String(domain),
CertName: tea.String(fmt.Sprintf("certimate-%d", time.Now().UnixMilli())),
CertType: tea.String("upload"),
@ -81,14 +81,14 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(accessKeyId, accessKeySecret string) (*aliyunDcdn.Client, error) {
config := &aliyunOpen.Config{
func createSdkClient(accessKeyId, accessKeySecret string) (*alidcdn.Client, error) {
config := &aliopen.Config{
AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret),
Endpoint: tea.String("dcdn.aliyuncs.com"),
}
client, err := aliyunDcdn.NewClient(config)
client, err := alidcdn.NewClient(config)
if err != nil {
return nil, err
}

14
internal/pkg/core/deployer/providers/aliyun-esa/aliyun_esa.go
View File

@ -8,8 +8,8 @@ import (
"strconv"
"strings"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
aliyunEsa "github.com/alibabacloud-go/esa-20240910/v2/client"
aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
aliesa "github.com/alibabacloud-go/esa-20240910/v2/client"
"github.com/alibabacloud-go/tea/tea"
xerrors "github.com/pkg/errors"
@ -32,7 +32,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *aliyunEsa.Client
sdkClient *aliesa.Client
sslUploader uploader.Uploader
}
@ -87,7 +87,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 配置站点证书
// REF: https://help.aliyun.com/zh/edge-security-acceleration/esa/api-esa-2024-09-10-setcertificate
certId, _ := strconv.ParseInt(upres.CertId, 10, 64)
setCertificateReq := &aliyunEsa.SetCertificateRequest{
setCertificateReq := &aliesa.SetCertificateRequest{
SiteId: tea.Int64(d.config.SiteId),
Type: tea.String("cas"),
CasId: tea.Int64(certId),
@ -101,15 +101,15 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunEsa.Client, error) {
func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliesa.Client, error) {
// 接入点一览 https://api.aliyun.com/product/ESA
config := &aliyunOpen.Config{
config := &aliopen.Config{
AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret),
Endpoint: tea.String(fmt.Sprintf("esa.%s.aliyuncs.com", region)),
}
client, err := aliyunEsa.NewClient(config)
client, err := aliesa.NewClient(config)
if err != nil {
return nil, err
}

42
internal/pkg/core/deployer/providers/aliyun-fc/aliyun_fc.go
View File

@ -6,9 +6,9 @@ import (
"log/slog"
"time"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
aliyunFc3 "github.com/alibabacloud-go/fc-20230330/v4/client"
aliyunFc2 "github.com/alibabacloud-go/fc-open-20210406/v2/client"
aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
alifc3 "github.com/alibabacloud-go/fc-20230330/v4/client"
alifc2 "github.com/alibabacloud-go/fc-open-20210406/v2/client"
"github.com/alibabacloud-go/tea/tea"
xerrors "github.com/pkg/errors"
@ -24,7 +24,7 @@ type DeployerConfig struct {
Region string `json:"region"`
// 服务版本。
ServiceVersion string `json:"serviceVersion"`
// 自定义域名(支持泛域名)。
// 自定义域名(支持泛域名)。
Domain string `json:"domain"`
}
@ -37,8 +37,8 @@ type DeployerProvider struct {
var _ deployer.Deployer = (*DeployerProvider)(nil)
type wSdkClients struct {
fc2 *aliyunFc2.Client
fc3 *aliyunFc3.Client
FC2 *alifc2.Client
FC3 *alifc3.Client
}
func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
@ -89,7 +89,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
func (d *DeployerProvider) deployToFC3(ctx context.Context, certPem string, privkeyPem string) error {
// 获取自定义域名
// REF: https://help.aliyun.com/zh/functioncompute/fc-3-0/developer-reference/api-fc-2023-03-30-getcustomdomain
getCustomDomainResp, err := d.sdkClients.fc3.GetCustomDomain(tea.String(d.config.Domain))
getCustomDomainResp, err := d.sdkClients.FC3.GetCustomDomain(tea.String(d.config.Domain))
d.logger.Debug("sdk request 'fc.GetCustomDomain'", slog.Any("response", getCustomDomainResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'fc.GetCustomDomain'")
@ -97,9 +97,9 @@ func (d *DeployerProvider) deployToFC3(ctx context.Context, certPem string, priv
// 更新自定义域名
// REF: https://help.aliyun.com/zh/functioncompute/fc-3-0/developer-reference/api-fc-2023-03-30-updatecustomdomain
updateCustomDomainReq := &aliyunFc3.UpdateCustomDomainRequest{
Body: &aliyunFc3.UpdateCustomDomainInput{
CertConfig: &aliyunFc3.CertConfig{
updateCustomDomainReq := &alifc3.UpdateCustomDomainRequest{
Body: &alifc3.UpdateCustomDomainInput{
CertConfig: &alifc3.CertConfig{
CertName: tea.String(fmt.Sprintf("certimate-%d", time.Now().UnixMilli())),
Certificate: tea.String(certPem),
PrivateKey: tea.String(privkeyPem),
@ -108,7 +108,7 @@ func (d *DeployerProvider) deployToFC3(ctx context.Context, certPem string, priv
TlsConfig: getCustomDomainResp.Body.TlsConfig,
},
}
updateCustomDomainResp, err := d.sdkClients.fc3.UpdateCustomDomain(tea.String(d.config.Domain), updateCustomDomainReq)
updateCustomDomainResp, err := d.sdkClients.FC3.UpdateCustomDomain(tea.String(d.config.Domain), updateCustomDomainReq)
d.logger.Debug("sdk request 'fc.UpdateCustomDomain'", slog.Any("request", updateCustomDomainReq), slog.Any("response", updateCustomDomainResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'fc.UpdateCustomDomain'")
@ -120,7 +120,7 @@ func (d *DeployerProvider) deployToFC3(ctx context.Context, certPem string, priv
func (d *DeployerProvider) deployToFC2(ctx context.Context, certPem string, privkeyPem string) error {
// 获取自定义域名
// REF: https://help.aliyun.com/zh/functioncompute/fc-2-0/developer-reference/api-fc-open-2021-04-06-getcustomdomain
getCustomDomainResp, err := d.sdkClients.fc2.GetCustomDomain(tea.String(d.config.Domain))
getCustomDomainResp, err := d.sdkClients.FC2.GetCustomDomain(tea.String(d.config.Domain))
d.logger.Debug("sdk request 'fc.GetCustomDomain'", slog.Any("response", getCustomDomainResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'fc.GetCustomDomain'")
@ -128,8 +128,8 @@ func (d *DeployerProvider) deployToFC2(ctx context.Context, certPem string, priv
// 更新自定义域名
// REF: https://help.aliyun.com/zh/functioncompute/fc-2-0/developer-reference/api-fc-open-2021-04-06-updatecustomdomain
updateCustomDomainReq := &aliyunFc2.UpdateCustomDomainRequest{
CertConfig: &aliyunFc2.CertConfig{
updateCustomDomainReq := &alifc2.UpdateCustomDomainRequest{
CertConfig: &alifc2.CertConfig{
CertName: tea.String(fmt.Sprintf("certimate-%d", time.Now().UnixMilli())),
Certificate: tea.String(certPem),
PrivateKey: tea.String(privkeyPem),
@ -137,7 +137,7 @@ func (d *DeployerProvider) deployToFC2(ctx context.Context, certPem string, priv
Protocol: getCustomDomainResp.Body.Protocol,
TlsConfig: getCustomDomainResp.Body.TlsConfig,
}
updateCustomDomainResp, err := d.sdkClients.fc2.UpdateCustomDomain(tea.String(d.config.Domain), updateCustomDomainReq)
updateCustomDomainResp, err := d.sdkClients.FC2.UpdateCustomDomain(tea.String(d.config.Domain), updateCustomDomainReq)
d.logger.Debug("sdk request 'fc.UpdateCustomDomain'", slog.Any("request", updateCustomDomainReq), slog.Any("response", updateCustomDomainResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'fc.UpdateCustomDomain'")
@ -156,30 +156,30 @@ func createSdkClients(accessKeyId, accessKeySecret, region string) (*wSdkClients
fc2Endpoint = fmt.Sprintf("fc.%s.aliyuncs.com", region)
}
fc2Config := &aliyunOpen.Config{
fc2Config := &aliopen.Config{
AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret),
Endpoint: tea.String(fc2Endpoint),
}
fc2Client, err := aliyunFc2.NewClient(fc2Config)
fc2Client, err := alifc2.NewClient(fc2Config)
if err != nil {
return nil, err
}
// 接入点一览 https://api.aliyun.com/product/FC-Open
fc3Endpoint := fmt.Sprintf("fcv3.%s.aliyuncs.com", region)
fc3Config := &aliyunOpen.Config{
fc3Config := &aliopen.Config{
AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret),
Endpoint: tea.String(fc3Endpoint),
}
fc3Client, err := aliyunFc3.NewClient(fc3Config)
fc3Client, err := alifc3.NewClient(fc3Config)
if err != nil {
return nil, err
}
return &wSdkClients{
fc2: fc2Client,
fc3: fc3Client,
FC2: fc2Client,
FC3: fc3Client,
}, nil
}

14
internal/pkg/core/deployer/providers/aliyun-live/aliyun_live.go
View File

@ -7,8 +7,8 @@ import (
"strings"
"time"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
aliyunLive "github.com/alibabacloud-go/live-20161101/client"
aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
alilive "github.com/alibabacloud-go/live-20161101/client"
"github.com/alibabacloud-go/tea/tea"
xerrors "github.com/pkg/errors"
@ -29,7 +29,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *aliyunLive.Client
sdkClient *alilive.Client
}
var _ deployer.Deployer = (*DeployerProvider)(nil)
@ -66,7 +66,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 设置域名证书
// REF: https://help.aliyun.com/zh/live/developer-reference/api-live-2016-11-01-setlivedomaincertificate
setLiveDomainSSLCertificateReq := &aliyunLive.SetLiveDomainCertificateRequest{
setLiveDomainSSLCertificateReq := &alilive.SetLiveDomainCertificateRequest{
DomainName: tea.String(domain),
CertName: tea.String(fmt.Sprintf("certimate-%d", time.Now().UnixMilli())),
CertType: tea.String("upload"),
@ -83,7 +83,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunLive.Client, error) {
func createSdkClient(accessKeyId, accessKeySecret, region string) (*alilive.Client, error) {
// 接入点一览 https://api.aliyun.com/product/live
var endpoint string
switch region {
@ -100,13 +100,13 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunLive.C
endpoint = fmt.Sprintf("live.%s.aliyuncs.com", region)
}
config := &aliyunOpen.Config{
config := &aliopen.Config{
AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret),
Endpoint: tea.String(endpoint),
}
client, err := aliyunLive.NewClient(config)
client, err := alilive.NewClient(config)
if err != nil {
return nil, err
}

20
internal/pkg/core/deployer/providers/aliyun-nlb/aliyun_nlb.go
View File

@ -7,8 +7,8 @@ import (
"log/slog"
"strings"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
aliyunNlb "github.com/alibabacloud-go/nlb-20220430/v2/client"
aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
alinlb "github.com/alibabacloud-go/nlb-20220430/v2/client"
"github.com/alibabacloud-go/tea/tea"
xerrors "github.com/pkg/errors"
@ -37,7 +37,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *aliyunNlb.Client
sdkClient *alinlb.Client
sslUploader uploader.Uploader
}
@ -111,7 +111,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
// 查询负载均衡实例的详细信息
// REF: https://help.aliyun.com/zh/slb/network-load-balancer/developer-reference/api-nlb-2022-04-30-getloadbalancerattribute
getLoadBalancerAttributeReq := &aliyunNlb.GetLoadBalancerAttributeRequest{
getLoadBalancerAttributeReq := &alinlb.GetLoadBalancerAttributeRequest{
LoadBalancerId: tea.String(d.config.LoadbalancerId),
}
getLoadBalancerAttributeResp, err := d.sdkClient.GetLoadBalancerAttribute(getLoadBalancerAttributeReq)
@ -126,7 +126,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
listListenersLimit := int32(100)
var listListenersToken *string = nil
for {
listListenersReq := &aliyunNlb.ListListenersRequest{
listListenersReq := &alinlb.ListListenersRequest{
MaxResults: tea.Int32(listListenersLimit),
NextToken: listListenersToken,
LoadBalancerIds: []*string{tea.String(d.config.LoadbalancerId)},
@ -188,7 +188,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str
func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error {
// 查询监听的属性
// REF: https://help.aliyun.com/zh/slb/network-load-balancer/developer-reference/api-nlb-2022-04-30-getlistenerattribute
getListenerAttributeReq := &aliyunNlb.GetListenerAttributeRequest{
getListenerAttributeReq := &alinlb.GetListenerAttributeRequest{
ListenerId: tea.String(cloudListenerId),
}
getListenerAttributeResp, err := d.sdkClient.GetListenerAttribute(getListenerAttributeReq)
@ -199,7 +199,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
// 修改监听的属性
// REF: https://help.aliyun.com/zh/slb/network-load-balancer/developer-reference/api-nlb-2022-04-30-updatelistenerattribute
updateListenerAttributeReq := &aliyunNlb.UpdateListenerAttributeRequest{
updateListenerAttributeReq := &alinlb.UpdateListenerAttributeRequest{
ListenerId: tea.String(cloudListenerId),
CertificateIds: []*string{tea.String(cloudCertId)},
}
@ -212,7 +212,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
return nil
}
func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunNlb.Client, error) {
func createSdkClient(accessKeyId, accessKeySecret, region string) (*alinlb.Client, error) {
// 接入点一览 https://api.aliyun.com/product/Nlb
var endpoint string
switch region {
@ -220,13 +220,13 @@ func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunNlb.Cl
endpoint = fmt.Sprintf("nlb.%s.aliyuncs.com", region)
}
config := &aliyunOpen.Config{
config := &aliopen.Config{
AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret),
Endpoint: tea.String(endpoint),
}
client, err := aliyunNlb.NewClient(config)
client, err := alinlb.NewClient(config)
if err != nil {
return nil, err
}

14
internal/pkg/core/deployer/providers/aliyun-vod/aliyun_vod.go
View File

@ -6,9 +6,9 @@ import (
"log/slog"
"time"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
"github.com/alibabacloud-go/tea/tea"
aliyunVod "github.com/alibabacloud-go/vod-20170321/v4/client"
alivod "github.com/alibabacloud-go/vod-20170321/v4/client"
xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
@ -28,7 +28,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *aliyunVod.Client
sdkClient *alivod.Client
}
var _ deployer.Deployer = (*DeployerProvider)(nil)
@ -62,7 +62,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
// 设置域名证书
// REF: https://help.aliyun.com/zh/vod/developer-reference/api-vod-2017-03-21-setvoddomainsslcertificate
setVodDomainSSLCertificateReq := &aliyunVod.SetVodDomainSSLCertificateRequest{
setVodDomainSSLCertificateReq := &alivod.SetVodDomainSSLCertificateRequest{
DomainName: tea.String(d.config.Domain),
CertName: tea.String(fmt.Sprintf("certimate-%d", time.Now().UnixMilli())),
CertType: tea.String("upload"),
@ -79,17 +79,17 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunVod.Client, error) {
func createSdkClient(accessKeyId, accessKeySecret, region string) (*alivod.Client, error) {
// 接入点一览 https://api.aliyun.com/product/vod
endpoint := fmt.Sprintf("vod.%s.aliyuncs.com", region)
config := &aliyunOpen.Config{
config := &aliopen.Config{
AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret),
Endpoint: tea.String(endpoint),
}
client, err := aliyunVod.NewClient(config)
client, err := alivod.NewClient(config)
if err != nil {
return nil, err
}

24
internal/pkg/core/deployer/providers/aliyun-waf/aliyun_waf.go
View File

@ -7,9 +7,9 @@ import (
"log/slog"
"strings"
aliyunOpen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
"github.com/alibabacloud-go/tea/tea"
aliyunWaf "github.com/alibabacloud-go/waf-openapi-20211001/v5/client"
aliwaf "github.com/alibabacloud-go/waf-openapi-20211001/v5/client"
xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
@ -35,7 +35,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *aliyunWaf.Client
sdkClient *aliwaf.Client
sslUploader uploader.Uploader
}
@ -106,7 +106,7 @@ func (d *DeployerProvider) deployToWAF3(ctx context.Context, certPem string, pri
// 查询默认 SSL/TLS 设置
// REF: https://help.aliyun.com/zh/waf/web-application-firewall-3-0/developer-reference/api-waf-openapi-2021-10-01-describedefaulthttps
describeDefaultHttpsReq := &aliyunWaf.DescribeDefaultHttpsRequest{
describeDefaultHttpsReq := &aliwaf.DescribeDefaultHttpsRequest{
InstanceId: tea.String(d.config.InstanceId),
RegionId: tea.String(d.config.Region),
}
@ -118,7 +118,7 @@ func (d *DeployerProvider) deployToWAF3(ctx context.Context, certPem string, pri
// 修改默认 SSL/TLS 设置
// REF: https://help.aliyun.com/zh/waf/web-application-firewall-3-0/developer-reference/api-waf-openapi-2021-10-01-modifydefaulthttps
modifyDefaultHttpsReq := &aliyunWaf.ModifyDefaultHttpsRequest{
modifyDefaultHttpsReq := &aliwaf.ModifyDefaultHttpsRequest{
InstanceId: tea.String(d.config.InstanceId),
RegionId: tea.String(d.config.Region),
CertId: tea.String(upres.CertId),
@ -139,7 +139,7 @@ func (d *DeployerProvider) deployToWAF3(ctx context.Context, certPem string, pri
// 查询 CNAME 接入详情
// REF: https://help.aliyun.com/zh/waf/web-application-firewall-3-0/developer-reference/api-waf-openapi-2021-10-01-describedomaindetail
describeDomainDetailReq := &aliyunWaf.DescribeDomainDetailRequest{
describeDomainDetailReq := &aliwaf.DescribeDomainDetailRequest{
InstanceId: tea.String(d.config.InstanceId),
RegionId: tea.String(d.config.Region),
Domain: tea.String(d.config.Domain),
@ -152,16 +152,16 @@ func (d *DeployerProvider) deployToWAF3(ctx context.Context, certPem string, pri
// 修改 CNAME 接入资源
// REF: https://help.aliyun.com/zh/waf/web-application-firewall-3-0/developer-reference/api-waf-openapi-2021-10-01-modifydomain
modifyDomainReq := &aliyunWaf.ModifyDomainRequest{
modifyDomainReq := &aliwaf.ModifyDomainRequest{
InstanceId: tea.String(d.config.InstanceId),
RegionId: tea.String(d.config.Region),
Domain: tea.String(d.config.Domain),
Listen: &aliyunWaf.ModifyDomainRequestListen{
Listen: &aliwaf.ModifyDomainRequestListen{
CertId: tea.String(upres.CertId),
TLSVersion: tea.String("tlsv1"),
EnableTLSv3: tea.Bool(false),
},
Redirect: &aliyunWaf.ModifyDomainRequestRedirect{
Redirect: &aliwaf.ModifyDomainRequestRedirect{
Loadbalance: tea.String("iphash"),
},
}
@ -186,15 +186,15 @@ func (d *DeployerProvider) deployToWAF3(ctx context.Context, certPem string, pri
return nil
}
func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliyunWaf.Client, error) {
func createSdkClient(accessKeyId, accessKeySecret, region string) (*aliwaf.Client, error) {
// 接入点一览https://api.aliyun.com/product/waf-openapi
config := &aliyunOpen.Config{
config := &aliopen.Config{
AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret),
Endpoint: tea.String(fmt.Sprintf("wafopenapi.%s.aliyuncs.com", region)),
}
client, err := aliyunWaf.NewClient(config)
client, err := aliwaf.NewClient(config)
if err != nil {
return nil, err
}

24
internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront.go
View File

@ -6,10 +6,10 @@ import (
"log/slog"
aws "github.com/aws/aws-sdk-go-v2/aws"
awsCfg "github.com/aws/aws-sdk-go-v2/config"
awsCred "github.com/aws/aws-sdk-go-v2/credentials"
awsCf "github.com/aws/aws-sdk-go-v2/service/cloudfront"
awsCfTypes "github.com/aws/aws-sdk-go-v2/service/cloudfront/types"
awscfg "github.com/aws/aws-sdk-go-v2/config"
awscred "github.com/aws/aws-sdk-go-v2/credentials"
"github.com/aws/aws-sdk-go-v2/service/cloudfront"
"github.com/aws/aws-sdk-go-v2/service/cloudfront/types"
xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
@ -31,7 +31,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *awsCf.Client
sdkClient *cloudfront.Client
sslUploader uploader.Uploader
}
@ -89,7 +89,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 获取分配配置
// REF: https://docs.aws.amazon.com/en_us/cloudfront/latest/APIReference/API_GetDistributionConfig.html
getDistributionConfigReq := &awsCf.GetDistributionConfigInput{
getDistributionConfigReq := &cloudfront.GetDistributionConfigInput{
Id: aws.String(d.config.DistributionId),
}
getDistributionConfigResp, err := d.sdkClient.GetDistributionConfig(context.TODO(), getDistributionConfigReq)
@ -100,13 +100,13 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 更新分配配置
// REF: https://docs.aws.amazon.com/zh_cn/cloudfront/latest/APIReference/API_UpdateDistribution.html
updateDistributionReq := &awsCf.UpdateDistributionInput{
updateDistributionReq := &cloudfront.UpdateDistributionInput{
Id: aws.String(d.config.DistributionId),
DistributionConfig: getDistributionConfigResp.DistributionConfig,
IfMatch: getDistributionConfigResp.ETag,
}
if updateDistributionReq.DistributionConfig.ViewerCertificate == nil {
updateDistributionReq.DistributionConfig.ViewerCertificate = &awsCfTypes.ViewerCertificate{}
updateDistributionReq.DistributionConfig.ViewerCertificate = &types.ViewerCertificate{}
}
updateDistributionReq.DistributionConfig.ViewerCertificate.CloudFrontDefaultCertificate = aws.Bool(false)
updateDistributionReq.DistributionConfig.ViewerCertificate.ACMCertificateArn = aws.String(upres.CertId)
@ -119,15 +119,15 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(accessKeyId, secretAccessKey, region string) (*awsCf.Client, error) {
cfg, err := awsCfg.LoadDefaultConfig(context.TODO())
func createSdkClient(accessKeyId, secretAccessKey, region string) (*cloudfront.Client, error) {
cfg, err := awscfg.LoadDefaultConfig(context.TODO())
if err != nil {
return nil, err
}
client := awsCf.NewFromConfig(cfg, func(o *awsCf.Options) {
client := cloudfront.NewFromConfig(cfg, func(o *cloudfront.Options) {
o.Region = region
o.Credentials = aws.NewCredentialsCache(awsCred.NewStaticCredentialsProvider(accessKeyId, secretAccessKey, ""))
o.Credentials = aws.NewCredentialsCache(awscred.NewStaticCredentialsProvider(accessKeyId, secretAccessKey, ""))
})
return client, nil
}

12
internal/pkg/core/deployer/providers/baiducloud-cdn/baiducloud_cdn.go
View File

@ -6,8 +6,8 @@ import (
"log/slog"
"time"
bceCdn "github.com/baidubce/bce-sdk-go/services/cdn"
bceCdnApi "github.com/baidubce/bce-sdk-go/services/cdn/api"
bcecdn "github.com/baidubce/bce-sdk-go/services/cdn"
bcecdnapi "github.com/baidubce/bce-sdk-go/services/cdn/api"
xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
@ -25,7 +25,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *bceCdn.Client
sdkClient *bcecdn.Client
}
var _ deployer.Deployer = (*DeployerProvider)(nil)
@ -61,7 +61,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// REF: https://cloud.baidu.com/doc/CDN/s/qjzuz2hp8
putCertResp, err := d.sdkClient.PutCert(
d.config.Domain,
&bceCdnApi.UserCertificate{
&bcecdnapi.UserCertificate{
CertName: fmt.Sprintf("certimate-%d", time.Now().UnixMilli()),
ServerData: certPem,
PrivateData: privkeyPem,
@ -76,8 +76,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(accessKeyId, secretAccessKey string) (*bceCdn.Client, error) {
client, err := bceCdn.NewClient(accessKeyId, secretAccessKey, "")
func createSdkClient(accessKeyId, secretAccessKey string) (*bcecdn.Client, error) {
client, err := bcecdn.NewClient(accessKeyId, secretAccessKey, "")
if err != nil {
return nil, err
}

20
internal/pkg/core/deployer/providers/baishan-cdn/baishan_cdn.go
View File

@ -2,9 +2,12 @@
import (
"context"
"encoding/json"
"errors"
"fmt"
"log/slog"
"regexp"
"strings"
"time"
xerrors "github.com/pkg/errors"
@ -75,6 +78,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 新增证书
// REF: https://portal.baishancloud.com/track/document/downloadPdf/1441
certificateId := ""
createCertificateReq := &bssdk.CreateCertificateRequest{
Certificate: certPem,
Key: privkeyPem,
@ -83,7 +87,19 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq)
d.logger.Debug("sdk request 'baishan.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp))
if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'baishan.CreateCertificate'")
if createCertificateResp != nil {
if createCertificateResp.GetCode() == 400699 && strings.Contains(createCertificateResp.GetMessage(), "this certificate is exists") {
// 证书已存在,忽略新增证书接口错误
re := regexp.MustCompile(`\d+`)
certificateId = re.FindString(createCertificateResp.GetMessage())
}
}
if certificateId == "" {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'baishan.CreateCertificate'")
}
} else {
certificateId = createCertificateResp.Data.CertId.String()
}
// 设置域名配置
@ -92,7 +108,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
Domains: d.config.Domain,
Config: &bssdk.DomainConfig{
Https: &bssdk.DomainConfigHttps{
CertId: createCertificateResp.Data.CertId,
CertId: json.Number(certificateId),
ForceHttps: getDomainConfigResp.Data[0].Config.Https.ForceHttps,
EnableHttp2: getDomainConfigResp.Data[0].Config.Https.EnableHttp2,
EnableOcsp: getDomainConfigResp.Data[0].Config.Https.EnableOcsp,

10
internal/pkg/core/deployer/providers/byteplus-cdn/byteplus_cdn.go
View File

@ -6,7 +6,7 @@ import (
"log/slog"
"strings"
bpCdn "github.com/byteplus-sdk/byteplus-sdk-golang/service/cdn"
bpcdn "github.com/byteplus-sdk/byteplus-sdk-golang/service/cdn"
xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
@ -26,7 +26,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *bpCdn.CDN
sdkClient *bpcdn.CDN
sslUploader uploader.Uploader
}
@ -37,7 +37,7 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
panic("config is nil")
}
client := bpCdn.NewInstance()
client := bpcdn.NewInstance()
client.Client.SetAccessKey(config.AccessKey)
client.Client.SetSecretKey(config.SecretKey)
@ -80,7 +80,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
if strings.HasPrefix(d.config.Domain, "*.") {
// 获取指定证书可关联的域名
// REF: https://docs.byteplus.com/en/docs/byteplus-cdn/reference-describecertconfig-9ea17
describeCertConfigReq := &bpCdn.DescribeCertConfigRequest{
describeCertConfigReq := &bpcdn.DescribeCertConfigRequest{
CertId: upres.CertId,
}
describeCertConfigResp, err := d.sdkClient.DescribeCertConfig(describeCertConfigReq)
@ -119,7 +119,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
for _, domain := range domains {
// 关联证书与加速域名
// REF: https://docs.byteplus.com/en/docs/byteplus-cdn/reference-batchdeploycert
batchDeployCertReq := &bpCdn.BatchDeployCertRequest{
batchDeployCertReq := &bpcdn.BatchDeployCertRequest{
CertId: upres.CertId,
Domain: domain,
}

4
internal/pkg/core/deployer/providers/edgio-applications/edgio_applications.go
View File

@ -9,7 +9,7 @@ import (
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
edgsdk "github.com/usual2970/certimate/internal/pkg/vendors/edgio-sdk/applications/v7"
edgsdkDtos "github.com/usual2970/certimate/internal/pkg/vendors/edgio-sdk/applications/v7/dtos"
edgsdkdtos "github.com/usual2970/certimate/internal/pkg/vendors/edgio-sdk/applications/v7/dtos"
)
type DeployerConfig struct {
@ -64,7 +64,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 上传 TLS 证书
// REF: https://docs.edg.io/rest_api/#tag/tls-certs/operation/postConfigV01TlsCerts
uploadTlsCertReq := edgsdkDtos.UploadTlsCertRequest{
uploadTlsCertReq := edgsdkdtos.UploadTlsCertRequest{
EnvironmentID: d.config.EnvironmentId,
PrimaryCert: privateCertPem,
IntermediateCert: intermediateCertPem,

28
internal/pkg/core/deployer/providers/huaweicloud-cdn/huaweicloud_cdn.go
View File

@ -5,9 +5,9 @@ import (
"log/slog"
"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global"
hcCdn "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2"
hcCdnModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/model"
hcCdnRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/region"
hccdn "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2"
hccdnmodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/model"
hccdnregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/region"
xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
@ -30,7 +30,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *hcCdn.CdnClient
sdkClient *hccdn.CdnClient
sslUploader uploader.Uploader
}
@ -87,7 +87,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 查询加速域名配置
// REF: https://support.huaweicloud.com/api-cdn/ShowDomainFullConfig.html
showDomainFullConfigReq := &hcCdnModel.ShowDomainFullConfigRequest{
showDomainFullConfigReq := &hccdnmodel.ShowDomainFullConfigRequest{
DomainName: d.config.Domain,
}
showDomainFullConfigResp, err := d.sdkClient.ShowDomainFullConfig(showDomainFullConfigReq)
@ -99,15 +99,15 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 更新加速域名配置
// REF: https://support.huaweicloud.com/api-cdn/UpdateDomainMultiCertificates.html
// REF: https://support.huaweicloud.com/usermanual-cdn/cdn_01_0306.html
updateDomainMultiCertificatesReqBodyContent := &hcCdnModel.UpdateDomainMultiCertificatesRequestBodyContent{}
updateDomainMultiCertificatesReqBodyContent := &hccdnmodel.UpdateDomainMultiCertificatesRequestBodyContent{}
updateDomainMultiCertificatesReqBodyContent.DomainName = d.config.Domain
updateDomainMultiCertificatesReqBodyContent.HttpsSwitch = 1
updateDomainMultiCertificatesReqBodyContent.CertificateType = hwsdk.Int32Ptr(2)
updateDomainMultiCertificatesReqBodyContent.ScmCertificateId = hwsdk.StringPtr(upres.CertId)
updateDomainMultiCertificatesReqBodyContent.CertName = hwsdk.StringPtr(upres.CertName)
updateDomainMultiCertificatesReqBodyContent = assign(updateDomainMultiCertificatesReqBodyContent, showDomainFullConfigResp.Configs)
updateDomainMultiCertificatesReq := &hcCdnModel.UpdateDomainMultiCertificatesRequest{
Body: &hcCdnModel.UpdateDomainMultiCertificatesRequestBody{
updateDomainMultiCertificatesReq := &hccdnmodel.UpdateDomainMultiCertificatesRequest{
Body: &hccdnmodel.UpdateDomainMultiCertificatesRequestBody{
Https: updateDomainMultiCertificatesReqBodyContent,
},
}
@ -120,7 +120,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcCdn.CdnClient, error) {
func createSdkClient(accessKeyId, secretAccessKey, region string) (*hccdn.CdnClient, error) {
if region == "" {
region = "cn-north-1" // CDN 服务默认区域:华北一北京
}
@ -133,12 +133,12 @@ func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcCdn.CdnCli
return nil, err
}
hcRegion, err := hcCdnRegion.SafeValueOf(region)
hcRegion, err := hccdnregion.SafeValueOf(region)
if err != nil {
return nil, err
}
hcClient, err := hcCdn.CdnClientBuilder().
hcClient, err := hccdn.CdnClientBuilder().
WithRegion(hcRegion).
WithCredential(auth).
SafeBuild()
@ -146,11 +146,11 @@ func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcCdn.CdnCli
return nil, err
}
client := hcCdn.NewCdnClient(hcClient)
client := hccdn.NewCdnClient(hcClient)
return client, nil
}
func assign(reqContent *hcCdnModel.UpdateDomainMultiCertificatesRequestBodyContent, target *hcCdnModel.ConfigsGetBody) *hcCdnModel.UpdateDomainMultiCertificatesRequestBodyContent {
func assign(reqContent *hccdnmodel.UpdateDomainMultiCertificatesRequestBodyContent, target *hccdnmodel.ConfigsGetBody) *hccdnmodel.UpdateDomainMultiCertificatesRequestBodyContent {
if target == nil {
return reqContent
}
@ -167,7 +167,7 @@ func assign(reqContent *hcCdnModel.UpdateDomainMultiCertificatesRequestBodyConte
}
if target.ForceRedirect != nil {
reqContent.ForceRedirectConfig = &hcCdnModel.ForceRedirect{}
reqContent.ForceRedirectConfig = &hccdnmodel.ForceRedirect{}
if target.ForceRedirect.Status == "on" {
reqContent.ForceRedirectConfig.Switch = 1

52
internal/pkg/core/deployer/providers/huaweicloud-elb/huaweicloud_elb.go
View File

@ -8,12 +8,12 @@ import (
"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global"
hcElb "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3"
hcElbModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/model"
hcElbRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/region"
hcIam "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3"
hcIamModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/model"
hcIamRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/region"
hcelb "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3"
hcelbmodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/model"
hcelbregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/region"
hciam "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3"
hciammodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/model"
hciamregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/region"
xerrors "github.com/pkg/errors"
"golang.org/x/exp/slices"
@ -46,7 +46,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *hcElb.ElbClient
sdkClient *hcelb.ElbClient
sslUploader uploader.Uploader
}
@ -121,10 +121,10 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem stri
// 更新证书
// REF: https://support.huaweicloud.com/api-elb/UpdateCertificate.html
updateCertificateReq := &hcElbModel.UpdateCertificateRequest{
updateCertificateReq := &hcelbmodel.UpdateCertificateRequest{
CertificateId: d.config.CertificateId,
Body: &hcElbModel.UpdateCertificateRequestBody{
Certificate: &hcElbModel.UpdateCertificateOption{
Body: &hcelbmodel.UpdateCertificateRequestBody{
Certificate: &hcelbmodel.UpdateCertificateOption{
Certificate: hwsdk.StringPtr(certPem),
PrivateKey: hwsdk.StringPtr(privkeyPem),
},
@ -146,7 +146,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPem str
// 查询负载均衡器详情
// REF: https://support.huaweicloud.com/api-elb/ShowLoadBalancer.html
showLoadBalancerReq := &hcElbModel.ShowLoadBalancerRequest{
showLoadBalancerReq := &hcelbmodel.ShowLoadBalancerRequest{
LoadbalancerId: d.config.LoadbalancerId,
}
showLoadBalancerResp, err := d.sdkClient.ShowLoadBalancer(showLoadBalancerReq)
@ -161,7 +161,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, certPem str
listListenersLimit := int32(2000)
var listListenersMarker *string = nil
for {
listListenersReq := &hcElbModel.ListListenersRequest{
listListenersReq := &hcelbmodel.ListListenersRequest{
Limit: hwsdk.Int32Ptr(listListenersLimit),
Marker: listListenersMarker,
Protocol: &[]string{"HTTPS", "TERMINATED_HTTPS"},
@ -239,7 +239,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, certPem string,
func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error {
// 查询监听器详情
// REF: https://support.huaweicloud.com/api-elb/ShowListener.html
showListenerReq := &hcElbModel.ShowListenerRequest{
showListenerReq := &hcelbmodel.ShowListenerRequest{
ListenerId: cloudListenerId,
}
showListenerResp, err := d.sdkClient.ShowListener(showListenerReq)
@ -250,10 +250,10 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL
// 更新监听器
// REF: https://support.huaweicloud.com/api-elb/UpdateListener.html
updateListenerReq := &hcElbModel.UpdateListenerRequest{
updateListenerReq := &hcelbmodel.UpdateListenerRequest{
ListenerId: cloudListenerId,
Body: &hcElbModel.UpdateListenerRequestBody{
Listener: &hcElbModel.UpdateListenerOption{
Body: &hcelbmodel.UpdateListenerRequestBody{
Listener: &hcelbmodel.UpdateListenerOption{
DefaultTlsContainerRef: hwsdk.StringPtr(cloudCertId),
},
},
@ -264,7 +264,7 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL
sniCertIds := make([]string, 0)
sniCertIds = append(sniCertIds, cloudCertId)
listOldCertificateReq := &hcElbModel.ListCertificatesRequest{
listOldCertificateReq := &hcelbmodel.ListCertificatesRequest{
Id: &showListenerResp.Listener.SniContainerRefs,
}
listOldCertificateResp, err := d.sdkClient.ListCertificates(listOldCertificateReq)
@ -273,7 +273,7 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL
return xerrors.Wrap(err, "failed to execute sdk request 'elb.ListCertificates'")
}
showNewCertificateReq := &hcElbModel.ShowCertificateRequest{
showNewCertificateReq := &hcelbmodel.ShowCertificateRequest{
CertificateId: cloudCertId,
}
showNewCertificateResp, err := d.sdkClient.ShowCertificate(showNewCertificateReq)
@ -315,7 +315,7 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL
return nil
}
func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcElb.ElbClient, error) {
func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcelb.ElbClient, error) {
projectId, err := getSdkProjectId(accessKeyId, secretAccessKey, region)
if err != nil {
return nil, err
@ -330,12 +330,12 @@ func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcElb.ElbCli
return nil, err
}
hcRegion, err := hcElbRegion.SafeValueOf(region)
hcRegion, err := hcelbregion.SafeValueOf(region)
if err != nil {
return nil, err
}
hcClient, err := hcElb.ElbClientBuilder().
hcClient, err := hcelb.ElbClientBuilder().
WithRegion(hcRegion).
WithCredential(auth).
SafeBuild()
@ -343,7 +343,7 @@ func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcElb.ElbCli
return nil, err
}
client := hcElb.NewElbClient(hcClient)
client := hcelb.NewElbClient(hcClient)
return client, nil
}
@ -360,12 +360,12 @@ func getSdkProjectId(accessKeyId, secretAccessKey, region string) (string, error
return "", err
}
hcRegion, err := hcIamRegion.SafeValueOf(region)
hcRegion, err := hciamregion.SafeValueOf(region)
if err != nil {
return "", err
}
hcClient, err := hcIam.IamClientBuilder().
hcClient, err := hciam.IamClientBuilder().
WithRegion(hcRegion).
WithCredential(auth).
SafeBuild()
@ -373,9 +373,9 @@ func getSdkProjectId(accessKeyId, secretAccessKey, region string) (string, error
return "", err
}
client := hcIam.NewIamClient(hcClient)
client := hciam.NewIamClient(hcClient)
request := &hcIamModel.KeystoneListProjectsRequest{
request := &hciammodel.KeystoneListProjectsRequest{
Name: &region,
}
response, err := client.KeystoneListProjects(request)

48
internal/pkg/core/deployer/providers/huaweicloud-waf/huaweicloud_waf.go
View File

@ -9,12 +9,12 @@ import (
"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global"
hcIam "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3"
hcIamModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/model"
hcIamRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/region"
hcWaf "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1"
hcWafModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/model"
hcWafRegion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/region"
hciam "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3"
hciamModel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/model"
hciamregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iam/v3/region"
hcwaf "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1"
hcwafmodel "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/model"
hcwafregion "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/region"
xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
@ -43,7 +43,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *hcWaf.WafClient
sdkClient *hcwaf.WafClient
sslUploader uploader.Uploader
}
@ -126,7 +126,7 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem stri
// 查询证书
// REF: https://support.huaweicloud.com/api-waf/ShowCertificate.html
showCertificateReq := &hcWafModel.ShowCertificateRequest{
showCertificateReq := &hcwafmodel.ShowCertificateRequest{
CertificateId: d.config.CertificateId,
}
showCertificateResp, err := d.sdkClient.ShowCertificate(showCertificateReq)
@ -137,9 +137,9 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem stri
// 更新证书
// REF: https://support.huaweicloud.com/api-waf/UpdateCertificate.html
updateCertificateReq := &hcWafModel.UpdateCertificateRequest{
updateCertificateReq := &hcwafmodel.UpdateCertificateRequest{
CertificateId: d.config.CertificateId,
Body: &hcWafModel.UpdateCertificateRequestBody{
Body: &hcwafmodel.UpdateCertificateRequestBody{
Name: *showCertificateResp.Name,
Content: hwsdk.StringPtr(certPem),
Key: hwsdk.StringPtr(privkeyPem),
@ -173,7 +173,7 @@ func (d *DeployerProvider) deployToCloudServer(ctx context.Context, certPem stri
listHostPage := int32(1)
listHostPageSize := int32(100)
for {
listHostReq := &hcWafModel.ListHostRequest{
listHostReq := &hcwafmodel.ListHostRequest{
Hostname: hwsdk.StringPtr(strings.TrimPrefix(d.config.Domain, "*")),
Page: hwsdk.Int32Ptr(listHostPage),
Pagesize: hwsdk.Int32Ptr(listHostPageSize),
@ -205,9 +205,9 @@ func (d *DeployerProvider) deployToCloudServer(ctx context.Context, certPem stri
// 更新云模式防护域名的配置
// REF: https://support.huaweicloud.com/api-waf/UpdateHost.html
updateHostReq := &hcWafModel.UpdateHostRequest{
updateHostReq := &hcwafmodel.UpdateHostRequest{
InstanceId: hostId,
Body: &hcWafModel.UpdateHostRequestBody{
Body: &hcwafmodel.UpdateHostRequestBody{
Certificateid: hwsdk.StringPtr(upres.CertId),
Certificatename: hwsdk.StringPtr(upres.CertName),
},
@ -240,7 +240,7 @@ func (d *DeployerProvider) deployToPremiumHost(ctx context.Context, certPem stri
listPremiumHostPage := int32(1)
listPremiumHostPageSize := int32(100)
for {
listPremiumHostReq := &hcWafModel.ListPremiumHostRequest{
listPremiumHostReq := &hcwafmodel.ListPremiumHostRequest{
Hostname: hwsdk.StringPtr(strings.TrimPrefix(d.config.Domain, "*")),
Page: hwsdk.StringPtr(fmt.Sprintf("%d", listPremiumHostPage)),
Pagesize: hwsdk.StringPtr(fmt.Sprintf("%d", listPremiumHostPageSize)),
@ -272,9 +272,9 @@ func (d *DeployerProvider) deployToPremiumHost(ctx context.Context, certPem stri
// 修改独享模式域名配置
// REF: https://support.huaweicloud.com/api-waf/UpdatePremiumHost.html
updatePremiumHostReq := &hcWafModel.UpdatePremiumHostRequest{
updatePremiumHostReq := &hcwafmodel.UpdatePremiumHostRequest{
HostId: hostId,
Body: &hcWafModel.UpdatePremiumHostRequestBody{
Body: &hcwafmodel.UpdatePremiumHostRequestBody{
Certificateid: hwsdk.StringPtr(upres.CertId),
Certificatename: hwsdk.StringPtr(upres.CertName),
},
@ -288,7 +288,7 @@ func (d *DeployerProvider) deployToPremiumHost(ctx context.Context, certPem stri
return nil
}
func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcWaf.WafClient, error) {
func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcwaf.WafClient, error) {
projectId, err := getSdkProjectId(accessKeyId, secretAccessKey, region)
if err != nil {
return nil, err
@ -303,12 +303,12 @@ func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcWaf.WafCli
return nil, err
}
hcRegion, err := hcWafRegion.SafeValueOf(region)
hcRegion, err := hcwafregion.SafeValueOf(region)
if err != nil {
return nil, err
}
hcClient, err := hcWaf.WafClientBuilder().
hcClient, err := hcwaf.WafClientBuilder().
WithRegion(hcRegion).
WithCredential(auth).
SafeBuild()
@ -316,7 +316,7 @@ func createSdkClient(accessKeyId, secretAccessKey, region string) (*hcWaf.WafCli
return nil, err
}
client := hcWaf.NewWafClient(hcClient)
client := hcwaf.NewWafClient(hcClient)
return client, nil
}
@ -329,12 +329,12 @@ func getSdkProjectId(accessKeyId, secretAccessKey, region string) (string, error
return "", err
}
hcRegion, err := hcIamRegion.SafeValueOf(region)
hcRegion, err := hciamregion.SafeValueOf(region)
if err != nil {
return "", err
}
hcClient, err := hcIam.IamClientBuilder().
hcClient, err := hciam.IamClientBuilder().
WithRegion(hcRegion).
WithCredential(auth).
SafeBuild()
@ -342,9 +342,9 @@ func getSdkProjectId(accessKeyId, secretAccessKey, region string) (string, error
return "", err
}
client := hcIam.NewIamClient(hcClient)
client := hciam.NewIamClient(hcClient)
request := &hcIamModel.KeystoneListProjectsRequest{
request := &hciamModel.KeystoneListProjectsRequest{
Name: &region,
}
response, err := client.KeystoneListProjects(request)

40
internal/pkg/core/deployer/providers/jdcloud-alb/jdcloud_alb.go
View File

@ -7,11 +7,11 @@ import (
"log/slog"
"strings"
jdCore "github.com/jdcloud-api/jdcloud-sdk-go/core"
jdCommon "github.com/jdcloud-api/jdcloud-sdk-go/services/common/models"
jdLbApi "github.com/jdcloud-api/jdcloud-sdk-go/services/lb/apis"
jdLbClient "github.com/jdcloud-api/jdcloud-sdk-go/services/lb/client"
jdLbModel "github.com/jdcloud-api/jdcloud-sdk-go/services/lb/models"
jdcore "github.com/jdcloud-api/jdcloud-sdk-go/core"
jdcommon "github.com/jdcloud-api/jdcloud-sdk-go/services/common/models"
jdlbapi "github.com/jdcloud-api/jdcloud-sdk-go/services/lb/apis"
jdlbclient "github.com/jdcloud-api/jdcloud-sdk-go/services/lb/client"
jdlbmodel "github.com/jdcloud-api/jdcloud-sdk-go/services/lb/models"
xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
@ -43,7 +43,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *jdLbClient.LbClient
sdkClient *jdlbclient.LbClient
sslUploader uploader.Uploader
}
@ -120,7 +120,7 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
// 查询负载均衡器详情
// REF: https://docs.jdcloud.com/cn/load-balancer/api/describeloadbalancer
describeLoadBalancerReq := jdLbApi.NewDescribeLoadBalancerRequest(d.config.RegionId, d.config.LoadbalancerId)
describeLoadBalancerReq := jdlbapi.NewDescribeLoadBalancerRequest(d.config.RegionId, d.config.LoadbalancerId)
describeLoadBalancerResp, err := d.sdkClient.DescribeLoadBalancer(describeLoadBalancerReq)
d.logger.Debug("sdk request 'lb.DescribeLoadBalancer'", slog.Any("request", describeLoadBalancerReq), slog.Any("response", describeLoadBalancerResp))
if err != nil {
@ -133,8 +133,8 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
describeListenersPageNumber := 1
describeListenersPageSize := 100
for {
describeListenersReq := jdLbApi.NewDescribeListenersRequest(d.config.RegionId)
describeListenersReq.SetFilters([]jdCommon.Filter{{Name: "loadBalancerId", Values: []string{d.config.LoadbalancerId}}})
describeListenersReq := jdlbapi.NewDescribeListenersRequest(d.config.RegionId)
describeListenersReq.SetFilters([]jdcommon.Filter{{Name: "loadBalancerId", Values: []string{d.config.LoadbalancerId}}})
describeListenersReq.SetPageSize(describeListenersPageNumber)
describeListenersReq.SetPageSize(describeListenersPageSize)
describeListenersResp, err := d.sdkClient.DescribeListeners(describeListenersReq)
@ -194,7 +194,7 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str
func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error {
// 查询监听器详情
// REF: https://docs.jdcloud.com/cn/load-balancer/api/describelistener
describeListenerReq := jdLbApi.NewDescribeListenerRequest(d.config.RegionId, cloudListenerId)
describeListenerReq := jdlbapi.NewDescribeListenerRequest(d.config.RegionId, cloudListenerId)
describeListenerResp, err := d.sdkClient.DescribeListener(describeListenerReq)
d.logger.Debug("sdk request 'lb.DescribeListener'", slog.Any("request", describeListenerReq), slog.Any("response", describeListenerResp))
if err != nil {
@ -206,8 +206,8 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
// 修改监听器信息
// REF: https://docs.jdcloud.com/cn/load-balancer/api/updatelistener
updateListenerReq := jdLbApi.NewUpdateListenerRequest(d.config.RegionId, cloudListenerId)
updateListenerReq.SetCertificateSpecs([]jdLbModel.CertificateSpec{{CertificateId: cloudCertId}})
updateListenerReq := jdlbapi.NewUpdateListenerRequest(d.config.RegionId, cloudListenerId)
updateListenerReq.SetCertificateSpecs([]jdlbmodel.CertificateSpec{{CertificateId: cloudCertId}})
updateListenerResp, err := d.sdkClient.UpdateListener(updateListenerReq)
d.logger.Debug("sdk request 'lb.UpdateListener'", slog.Any("request", updateListenerReq), slog.Any("response", updateListenerResp))
if err != nil {
@ -216,7 +216,7 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
} else {
// 指定 SNI需部署到扩展证书
extCertSpecs := sliceutil.Filter(describeListenerResp.Result.Listener.ExtensionCertificateSpecs, func(extCertSpec jdLbModel.ExtensionCertificateSpec) bool {
extCertSpecs := sliceutil.Filter(describeListenerResp.Result.Listener.ExtensionCertificateSpecs, func(extCertSpec jdlbmodel.ExtensionCertificateSpec) bool {
return extCertSpec.Domain == d.config.Domain
})
if len(extCertSpecs) == 0 {
@ -225,11 +225,11 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
// 批量修改扩展证书
// REF: https://docs.jdcloud.com/cn/load-balancer/api/updatelistenercertificates
updateListenerCertificatesReq := jdLbApi.NewUpdateListenerCertificatesRequest(
updateListenerCertificatesReq := jdlbapi.NewUpdateListenerCertificatesRequest(
d.config.RegionId,
cloudListenerId,
sliceutil.Map(extCertSpecs, func(extCertSpec jdLbModel.ExtensionCertificateSpec) jdLbModel.ExtCertificateUpdateSpec {
return jdLbModel.ExtCertificateUpdateSpec{
sliceutil.Map(extCertSpecs, func(extCertSpec jdlbmodel.ExtensionCertificateSpec) jdlbmodel.ExtCertificateUpdateSpec {
return jdlbmodel.ExtCertificateUpdateSpec{
CertificateBindId: extCertSpec.CertificateBindId,
CertificateId: &cloudCertId,
Domain: &extCertSpec.Domain,
@ -246,9 +246,9 @@ func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudL
return nil
}
func createSdkClient(accessKeyId, accessKeySecret string) (*jdLbClient.LbClient, error) {
clientCredentials := jdCore.NewCredentials(accessKeyId, accessKeySecret)
client := jdLbClient.NewLbClient(clientCredentials)
client.SetLogger(jdCore.NewDefaultLogger(jdCore.LogWarn))
func createSdkClient(accessKeyId, accessKeySecret string) (*jdlbclient.LbClient, error) {
clientCredentials := jdcore.NewCredentials(accessKeyId, accessKeySecret)
client := jdlbclient.NewLbClient(clientCredentials)
client.SetLogger(jdcore.NewDefaultLogger(jdcore.LogWarn))
return client, nil
}

20
internal/pkg/core/deployer/providers/jdcloud-cdn/jdcloud_cdn.go
View File

@ -4,9 +4,9 @@ import (
"context"
"log/slog"
jdCore "github.com/jdcloud-api/jdcloud-sdk-go/core"
jdCdnApi "github.com/jdcloud-api/jdcloud-sdk-go/services/cdn/apis"
jdCdnClient "github.com/jdcloud-api/jdcloud-sdk-go/services/cdn/client"
jdcore "github.com/jdcloud-api/jdcloud-sdk-go/core"
jdcdnapi "github.com/jdcloud-api/jdcloud-sdk-go/services/cdn/apis"
jdcdnclient "github.com/jdcloud-api/jdcloud-sdk-go/services/cdn/client"
xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
@ -26,7 +26,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *jdCdnClient.CdnClient
sdkClient *jdcdnclient.CdnClient
sslUploader uploader.Uploader
}
@ -71,7 +71,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
// 查询域名配置信息
// REF: https://docs.jdcloud.com/cn/cdn/api/querydomainconfig
queryDomainConfigReq := jdCdnApi.NewQueryDomainConfigRequest(d.config.Domain)
queryDomainConfigReq := jdcdnapi.NewQueryDomainConfigRequest(d.config.Domain)
queryDomainConfigResp, err := d.sdkClient.QueryDomainConfig(queryDomainConfigReq)
d.logger.Debug("sdk request 'cdn.QueryDomainConfig'", slog.Any("request", queryDomainConfigReq), slog.Any("response", queryDomainConfigResp))
if err != nil {
@ -88,7 +88,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 设置通讯协议
// REF: https://docs.jdcloud.com/cn/cdn/api/sethttptype
setHttpTypeReq := jdCdnApi.NewSetHttpTypeRequest(d.config.Domain)
setHttpTypeReq := jdcdnapi.NewSetHttpTypeRequest(d.config.Domain)
setHttpTypeReq.SetHttpType("https")
setHttpTypeReq.SetCertificate(certPem)
setHttpTypeReq.SetRsaKey(privkeyPem)
@ -104,9 +104,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(accessKeyId, accessKeySecret string) (*jdCdnClient.CdnClient, error) {
clientCredentials := jdCore.NewCredentials(accessKeyId, accessKeySecret)
client := jdCdnClient.NewCdnClient(clientCredentials)
client.SetLogger(jdCore.NewDefaultLogger(jdCore.LogWarn))
func createSdkClient(accessKeyId, accessKeySecret string) (*jdcdnclient.CdnClient, error) {
clientCredentials := jdcore.NewCredentials(accessKeyId, accessKeySecret)
client := jdcdnclient.NewCdnClient(clientCredentials)
client.SetLogger(jdcore.NewDefaultLogger(jdcore.LogWarn))
return client, nil
}

18
internal/pkg/core/deployer/providers/jdcloud-live/jdcloud_live.go
View File

@ -4,9 +4,9 @@ import (
"context"
"log/slog"
jdCore "github.com/jdcloud-api/jdcloud-sdk-go/core"
jdLiveApi "github.com/jdcloud-api/jdcloud-sdk-go/services/live/apis"
jdLiveClient "github.com/jdcloud-api/jdcloud-sdk-go/services/live/client"
jdcore "github.com/jdcloud-api/jdcloud-sdk-go/core"
jdliveapi "github.com/jdcloud-api/jdcloud-sdk-go/services/live/apis"
jdliveclient "github.com/jdcloud-api/jdcloud-sdk-go/services/live/client"
xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
@ -24,7 +24,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *jdLiveClient.LiveClient
sdkClient *jdliveclient.LiveClient
}
var _ deployer.Deployer = (*DeployerProvider)(nil)
@ -58,7 +58,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
// 设置直播证书
// REF: https://docs.jdcloud.com/cn/live-video/api/setlivedomaincertificate
setLiveDomainCertificateReq := jdLiveApi.NewSetLiveDomainCertificateRequest(d.config.Domain, "on")
setLiveDomainCertificateReq := jdliveapi.NewSetLiveDomainCertificateRequest(d.config.Domain, "on")
setLiveDomainCertificateReq.SetCert(certPem)
setLiveDomainCertificateReq.SetKey(privkeyPem)
setLiveDomainCertificateResp, err := d.sdkClient.SetLiveDomainCertificate(setLiveDomainCertificateReq)
@ -70,9 +70,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(accessKeyId, accessKeySecret string) (*jdLiveClient.LiveClient, error) {
clientCredentials := jdCore.NewCredentials(accessKeyId, accessKeySecret)
client := jdLiveClient.NewLiveClient(clientCredentials)
client.SetLogger(jdCore.NewDefaultLogger(jdCore.LogWarn))
func createSdkClient(accessKeyId, accessKeySecret string) (*jdliveclient.LiveClient, error) {
clientCredentials := jdcore.NewCredentials(accessKeyId, accessKeySecret)
client := jdliveclient.NewLiveClient(clientCredentials)
client.SetLogger(jdcore.NewDefaultLogger(jdcore.LogWarn))
return client, nil
}

22
internal/pkg/core/deployer/providers/jdcloud-vod/jdcloud_vod.go
View File

@ -7,9 +7,9 @@ import (
"strconv"
"time"
jdCore "github.com/jdcloud-api/jdcloud-sdk-go/core"
jdVodApi "github.com/jdcloud-api/jdcloud-sdk-go/services/vod/apis"
jdVodClient "github.com/jdcloud-api/jdcloud-sdk-go/services/vod/client"
jdcore "github.com/jdcloud-api/jdcloud-sdk-go/core"
jdvodapi "github.com/jdcloud-api/jdcloud-sdk-go/services/vod/apis"
jdvodclient "github.com/jdcloud-api/jdcloud-sdk-go/services/vod/client"
xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
@ -27,7 +27,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *jdVodClient.VodClient
sdkClient *jdvodclient.VodClient
}
var _ deployer.Deployer = (*DeployerProvider)(nil)
@ -65,7 +65,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
listDomainsPageNumber := 1
listDomainsPageSize := 100
for {
listDomainsReq := jdVodApi.NewListDomainsRequest()
listDomainsReq := jdvodapi.NewListDomainsRequest()
listDomainsReq.SetPageNumber(1)
listDomainsReq.SetPageSize(100)
listDomainsResp, err := d.sdkClient.ListDomains(listDomainsReq)
@ -93,7 +93,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 查询域名 SSL 配置
// REF: https://docs.jdcloud.com/cn/video-on-demand/api/gethttpssl
getHttpSslReq := jdVodApi.NewGetHttpSslRequest(domainId)
getHttpSslReq := jdvodapi.NewGetHttpSslRequest(domainId)
getHttpSslResp, err := d.sdkClient.GetHttpSsl(getHttpSslReq)
d.logger.Debug("sdk request 'vod.GetHttpSsl'", slog.Any("request", getHttpSslReq), slog.Any("response", getHttpSslResp))
if err != nil {
@ -102,7 +102,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 设置域名 SSL 配置
// REF: https://docs.jdcloud.com/cn/video-on-demand/api/sethttpssl
setHttpSslReq := jdVodApi.NewSetHttpSslRequest(domainId)
setHttpSslReq := jdvodapi.NewSetHttpSslRequest(domainId)
setHttpSslReq.SetTitle(fmt.Sprintf("certimate-%d", time.Now().UnixMilli()))
setHttpSslReq.SetSslCert(certPem)
setHttpSslReq.SetSslKey(privkeyPem)
@ -118,9 +118,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(accessKeyId, accessKeySecret string) (*jdVodClient.VodClient, error) {
clientCredentials := jdCore.NewCredentials(accessKeyId, accessKeySecret)
client := jdVodClient.NewVodClient(clientCredentials)
client.SetLogger(jdCore.NewDefaultLogger(jdCore.LogWarn))
func createSdkClient(accessKeyId, accessKeySecret string) (*jdvodclient.VodClient, error) {
clientCredentials := jdcore.NewCredentials(accessKeyId, accessKeySecret)
client := jdvodclient.NewVodClient(clientCredentials)
client.SetLogger(jdcore.NewDefaultLogger(jdcore.LogWarn))
return client, nil
}

22
internal/pkg/core/deployer/providers/k8s-secret/k8s_secret.go
View File

@ -7,8 +7,8 @@ import (
"strings"
xerrors "github.com/pkg/errors"
k8sCore "k8s.io/api/core/v1"
k8sMeta "k8s.io/apimachinery/pkg/apis/meta/v1"
k8score "k8s.io/api/core/v1"
k8smeta "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/client-go/kubernetes"
"k8s.io/client-go/rest"
"k8s.io/client-go/tools/clientcmd"
@ -87,7 +87,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return nil, xerrors.Wrap(err, "failed to create k8s client")
}
var secretPayload *k8sCore.Secret
var secretPayload *k8score.Secret
secretAnnotations := map[string]string{
"certimate/common-name": certX509.Subject.CommonName,
"certimate/subject-sn": certX509.Subject.SerialNumber,
@ -97,24 +97,24 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
}
// 获取 Secret 实例,如果不存在则创建
secretPayload, err = client.CoreV1().Secrets(d.config.Namespace).Get(context.TODO(), d.config.SecretName, k8sMeta.GetOptions{})
secretPayload, err = client.CoreV1().Secrets(d.config.Namespace).Get(context.TODO(), d.config.SecretName, k8smeta.GetOptions{})
if err != nil {
secretPayload = &k8sCore.Secret{
TypeMeta: k8sMeta.TypeMeta{
secretPayload = &k8score.Secret{
TypeMeta: k8smeta.TypeMeta{
Kind: "Secret",
APIVersion: "v1",
},
ObjectMeta: k8sMeta.ObjectMeta{
ObjectMeta: k8smeta.ObjectMeta{
Name: d.config.SecretName,
Annotations: secretAnnotations,
},
Type: k8sCore.SecretType(d.config.SecretType),
Type: k8score.SecretType(d.config.SecretType),
}
secretPayload.Data = make(map[string][]byte)
secretPayload.Data[d.config.SecretDataKeyForCrt] = []byte(certPem)
secretPayload.Data[d.config.SecretDataKeyForKey] = []byte(privkeyPem)
secretPayload, err = client.CoreV1().Secrets(d.config.Namespace).Create(context.TODO(), secretPayload, k8sMeta.CreateOptions{})
secretPayload, err = client.CoreV1().Secrets(d.config.Namespace).Create(context.TODO(), secretPayload, k8smeta.CreateOptions{})
d.logger.Debug("k8s operate 'Secrets.Create'", slog.String("namespace", d.config.Namespace), slog.Any("secret", secretPayload))
if err != nil {
return nil, xerrors.Wrap(err, "failed to create k8s secret")
@ -124,7 +124,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
}
// 更新 Secret 实例
secretPayload.Type = k8sCore.SecretType(d.config.SecretType)
secretPayload.Type = k8score.SecretType(d.config.SecretType)
if secretPayload.ObjectMeta.Annotations == nil {
secretPayload.ObjectMeta.Annotations = secretAnnotations
} else {
@ -137,7 +137,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
}
secretPayload.Data[d.config.SecretDataKeyForCrt] = []byte(certPem)
secretPayload.Data[d.config.SecretDataKeyForKey] = []byte(privkeyPem)
secretPayload, err = client.CoreV1().Secrets(d.config.Namespace).Update(context.TODO(), secretPayload, k8sMeta.UpdateOptions{})
secretPayload, err = client.CoreV1().Secrets(d.config.Namespace).Update(context.TODO(), secretPayload, k8smeta.UpdateOptions{})
d.logger.Debug("k8s operate 'Secrets.Update'", slog.String("namespace", d.config.Namespace), slog.Any("secret", secretPayload))
if err != nil {
return nil, xerrors.Wrap(err, "failed to update k8s secret")

2
internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn_test.go
View File

@ -37,7 +37,7 @@ Shell command to run this test:
--CERTIMATE_DEPLOYER_QINIUCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \
--CERTIMATE_DEPLOYER_QINIUCDN_ACCESSKEY="your-access-key" \
--CERTIMATE_DEPLOYER_QINIUCDN_SECRETKEY="your-secret-key" \
--CERTIMATE_DEPLOYER_QINIUCDN_DOMAIN="example.com" \
--CERTIMATE_DEPLOYER_QINIUCDN_DOMAIN="example.com"
*/
func TestDeploy(t *testing.T) {
flag.Parse()

2
internal/pkg/core/deployer/providers/qiniu-pili/qiniu_pili_test.go
View File

@ -40,7 +40,7 @@ Shell command to run this test:
--CERTIMATE_DEPLOYER_QINIUPILI_ACCESSKEY="your-access-key" \
--CERTIMATE_DEPLOYER_QINIUPILI_SECRETKEY="your-secret-key" \
--CERTIMATE_DEPLOYER_QINIUPILI_HUB="your-hub-name" \
--CERTIMATE_DEPLOYER_QINIUPILI_DOMAIN="example.com" \
--CERTIMATE_DEPLOYER_QINIUPILI_DOMAIN="example.com"
*/
func TestDeploy(t *testing.T) {
flag.Parse()

28
internal/pkg/core/deployer/providers/tencentcloud-cdn/tencentcloud_cdn.go
View File

@ -6,10 +6,10 @@ import (
"strings"
xerrors "github.com/pkg/errors"
tcCdn "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn/v20180606"
tccdn "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn/v20180606"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
"golang.org/x/exp/slices"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
@ -36,8 +36,8 @@ type DeployerProvider struct {
var _ deployer.Deployer = (*DeployerProvider)(nil)
type wSdkClients struct {
ssl *tcSsl.Client
cdn *tcCdn.Client
SSL *tcssl.Client
CDN *tccdn.Client
}
func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
@ -122,12 +122,12 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 证书部署到 CDN 实例
// REF: https://cloud.tencent.com/document/product/400/91667
deployCertificateInstanceReq := tcSsl.NewDeployCertificateInstanceRequest()
deployCertificateInstanceReq := tcssl.NewDeployCertificateInstanceRequest()
deployCertificateInstanceReq.CertificateId = common.StringPtr(upres.CertId)
deployCertificateInstanceReq.ResourceType = common.StringPtr("cdn")
deployCertificateInstanceReq.Status = common.Int64Ptr(1)
deployCertificateInstanceReq.InstanceIdList = common.StringPtrs(instanceIds)
deployCertificateInstanceResp, err := d.sdkClients.ssl.DeployCertificateInstance(deployCertificateInstanceReq)
deployCertificateInstanceResp, err := d.sdkClients.SSL.DeployCertificateInstance(deployCertificateInstanceReq)
d.logger.Debug("sdk request 'ssl.DeployCertificateInstance'", slog.Any("request", deployCertificateInstanceReq), slog.Any("response", deployCertificateInstanceResp))
if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.DeployCertificateInstance'")
@ -140,10 +140,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
func (d *DeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]string, error) {
// 获取证书中的可用域名
// REF: https://cloud.tencent.com/document/product/228/42491
describeCertDomainsReq := tcCdn.NewDescribeCertDomainsRequest()
describeCertDomainsReq := tccdn.NewDescribeCertDomainsRequest()
describeCertDomainsReq.CertId = common.StringPtr(cloudCertId)
describeCertDomainsReq.Product = common.StringPtr("cdn")
describeCertDomainsResp, err := d.sdkClients.cdn.DescribeCertDomains(describeCertDomainsReq)
describeCertDomainsResp, err := d.sdkClients.CDN.DescribeCertDomains(describeCertDomainsReq)
d.logger.Debug("sdk request 'cdn.DescribeCertDomains'", slog.Any("request", describeCertDomainsReq), slog.Any("response", describeCertDomainsResp))
if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.DescribeCertDomains'")
@ -162,10 +162,10 @@ func (d *DeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]stri
func (d *DeployerProvider) getDeployedDomainsByCertificateId(cloudCertId string) ([]string, error) {
// 根据证书查询关联 CDN 域名
// REF: https://cloud.tencent.com/document/product/400/62674
describeDeployedResourcesReq := tcSsl.NewDescribeDeployedResourcesRequest()
describeDeployedResourcesReq := tcssl.NewDescribeDeployedResourcesRequest()
describeDeployedResourcesReq.CertificateIds = common.StringPtrs([]string{cloudCertId})
describeDeployedResourcesReq.ResourceType = common.StringPtr("cdn")
describeDeployedResourcesResp, err := d.sdkClients.ssl.DescribeDeployedResources(describeDeployedResourcesReq)
describeDeployedResourcesResp, err := d.sdkClients.SSL.DescribeDeployedResources(describeDeployedResourcesReq)
d.logger.Debug("sdk request 'cdn.DescribeDeployedResources'", slog.Any("request", describeDeployedResourcesReq), slog.Any("response", describeDeployedResourcesResp))
if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.DescribeDeployedResources'")
@ -186,18 +186,18 @@ func (d *DeployerProvider) getDeployedDomainsByCertificateId(cloudCertId string)
func createSdkClients(secretId, secretKey string) (*wSdkClients, error) {
credential := common.NewCredential(secretId, secretKey)
sslClient, err := tcSsl.NewClient(credential, "", profile.NewClientProfile())
sslClient, err := tcssl.NewClient(credential, "", profile.NewClientProfile())
if err != nil {
return nil, err
}
cdnClient, err := tcCdn.NewClient(credential, "", profile.NewClientProfile())
cdnClient, err := tccdn.NewClient(credential, "", profile.NewClientProfile())
if err != nil {
return nil, err
}
return &wSdkClients{
ssl: sslClient,
cdn: cdnClient,
SSL: sslClient,
CDN: cdnClient,
}, nil
}

40
internal/pkg/core/deployer/providers/tencentcloud-clb/tencentcloud_clb.go
View File

@ -7,10 +7,10 @@ import (
"log/slog"
xerrors "github.com/pkg/errors"
tcClb "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb/v20180317"
tcclb "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb/v20180317"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
@ -47,8 +47,8 @@ type DeployerProvider struct {
var _ deployer.Deployer = (*DeployerProvider)(nil)
type wSdkClients struct {
ssl *tcSsl.Client
clb *tcClb.Client
SSL *tcssl.Client
CLB *tcclb.Client
}
func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
@ -135,7 +135,7 @@ func (d *DeployerProvider) deployViaSslService(ctx context.Context, cloudCertId
// 证书部署到 CLB 实例
// REF: https://cloud.tencent.com/document/product/400/91667
deployCertificateInstanceReq := tcSsl.NewDeployCertificateInstanceRequest()
deployCertificateInstanceReq := tcssl.NewDeployCertificateInstanceRequest()
deployCertificateInstanceReq.CertificateId = common.StringPtr(cloudCertId)
deployCertificateInstanceReq.ResourceType = common.StringPtr("clb")
deployCertificateInstanceReq.Status = common.Int64Ptr(1)
@ -146,7 +146,7 @@ func (d *DeployerProvider) deployViaSslService(ctx context.Context, cloudCertId
// 指定 SNI需部署到域名
deployCertificateInstanceReq.InstanceIdList = common.StringPtrs([]string{fmt.Sprintf("%s|%s|%s", d.config.LoadbalancerId, d.config.ListenerId, d.config.Domain)})
}
deployCertificateInstanceResp, err := d.sdkClients.ssl.DeployCertificateInstance(deployCertificateInstanceReq)
deployCertificateInstanceResp, err := d.sdkClients.SSL.DeployCertificateInstance(deployCertificateInstanceReq)
d.logger.Debug("sdk request 'ssl.DeployCertificateInstance'", slog.Any("request", deployCertificateInstanceReq), slog.Any("response", deployCertificateInstanceResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'ssl.DeployCertificateInstance'")
@ -163,9 +163,9 @@ func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId
// 查询监听器列表
// REF: https://cloud.tencent.com/document/api/214/30686
listenerIds := make([]string, 0)
describeListenersReq := tcClb.NewDescribeListenersRequest()
describeListenersReq := tcclb.NewDescribeListenersRequest()
describeListenersReq.LoadBalancerId = common.StringPtr(d.config.LoadbalancerId)
describeListenersResp, err := d.sdkClients.clb.DescribeListeners(describeListenersReq)
describeListenersResp, err := d.sdkClients.CLB.DescribeListeners(describeListenersReq)
d.logger.Debug("sdk request 'clb.DescribeListeners'", slog.Any("request", describeListenersReq), slog.Any("response", describeListenersResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'clb.DescribeListeners'")
@ -231,15 +231,15 @@ func (d *DeployerProvider) deployToRuleDomain(ctx context.Context, cloudCertId s
// 修改负载均衡七层监听器转发规则的域名级别属性
// REF: https://cloud.tencent.com/document/api/214/38092
modifyDomainAttributesReq := tcClb.NewModifyDomainAttributesRequest()
modifyDomainAttributesReq := tcclb.NewModifyDomainAttributesRequest()
modifyDomainAttributesReq.LoadBalancerId = common.StringPtr(d.config.LoadbalancerId)
modifyDomainAttributesReq.ListenerId = common.StringPtr(d.config.ListenerId)
modifyDomainAttributesReq.Domain = common.StringPtr(d.config.Domain)
modifyDomainAttributesReq.Certificate = &tcClb.CertificateInput{
modifyDomainAttributesReq.Certificate = &tcclb.CertificateInput{
SSLMode: common.StringPtr("UNIDIRECTIONAL"),
CertId: common.StringPtr(cloudCertId),
}
modifyDomainAttributesResp, err := d.sdkClients.clb.ModifyDomainAttributes(modifyDomainAttributesReq)
modifyDomainAttributesResp, err := d.sdkClients.CLB.ModifyDomainAttributes(modifyDomainAttributesReq)
d.logger.Debug("sdk request 'clb.ModifyDomainAttributes'", slog.Any("request", modifyDomainAttributesReq), slog.Any("response", modifyDomainAttributesResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'clb.ModifyDomainAttributes'")
@ -251,10 +251,10 @@ func (d *DeployerProvider) deployToRuleDomain(ctx context.Context, cloudCertId s
func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudLoadbalancerId, cloudListenerId, cloudCertId string) error {
// 查询监听器列表
// REF: https://cloud.tencent.com/document/api/214/30686
describeListenersReq := tcClb.NewDescribeListenersRequest()
describeListenersReq := tcclb.NewDescribeListenersRequest()
describeListenersReq.LoadBalancerId = common.StringPtr(cloudLoadbalancerId)
describeListenersReq.ListenerIds = common.StringPtrs([]string{cloudListenerId})
describeListenersResp, err := d.sdkClients.clb.DescribeListeners(describeListenersReq)
describeListenersResp, err := d.sdkClients.CLB.DescribeListeners(describeListenersReq)
d.logger.Debug("sdk request 'clb.DescribeListeners'", slog.Any("request", describeListenersReq), slog.Any("response", describeListenersResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'clb.DescribeListeners'")
@ -264,17 +264,17 @@ func (d *DeployerProvider) modifyListenerCertificate(ctx context.Context, cloudL
// 修改监听器属性
// REF: https://cloud.tencent.com/document/product/214/30681
modifyListenerReq := tcClb.NewModifyListenerRequest()
modifyListenerReq := tcclb.NewModifyListenerRequest()
modifyListenerReq.LoadBalancerId = common.StringPtr(cloudLoadbalancerId)
modifyListenerReq.ListenerId = common.StringPtr(cloudListenerId)
modifyListenerReq.Certificate = &tcClb.CertificateInput{CertId: common.StringPtr(cloudCertId)}
modifyListenerReq.Certificate = &tcclb.CertificateInput{CertId: common.StringPtr(cloudCertId)}
if describeListenersResp.Response.Listeners[0].Certificate != nil && describeListenersResp.Response.Listeners[0].Certificate.SSLMode != nil {
modifyListenerReq.Certificate.SSLMode = describeListenersResp.Response.Listeners[0].Certificate.SSLMode
modifyListenerReq.Certificate.CertCaId = describeListenersResp.Response.Listeners[0].Certificate.CertCaId
} else {
modifyListenerReq.Certificate.SSLMode = common.StringPtr("UNIDIRECTIONAL")
}
modifyListenerResp, err := d.sdkClients.clb.ModifyListener(modifyListenerReq)
modifyListenerResp, err := d.sdkClients.CLB.ModifyListener(modifyListenerReq)
d.logger.Debug("sdk request 'clb.ModifyListener'", slog.Any("request", modifyListenerReq), slog.Any("response", modifyListenerResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'clb.ModifyListener'")
@ -287,18 +287,18 @@ func createSdkClients(secretId, secretKey, region string) (*wSdkClients, error)
credential := common.NewCredential(secretId, secretKey)
// 注意虽然官方文档中地域无需指定,但实际需要部署到 CLB 时必传
sslClient, err := tcSsl.NewClient(credential, region, profile.NewClientProfile())
sslClient, err := tcssl.NewClient(credential, region, profile.NewClientProfile())
if err != nil {
return nil, err
}
clbClient, err := tcClb.NewClient(credential, region, profile.NewClientProfile())
clbClient, err := tcclb.NewClient(credential, region, profile.NewClientProfile())
if err != nil {
return nil, err
}
return &wSdkClients{
ssl: sslClient,
clb: clbClient,
SSL: sslClient,
CLB: clbClient,
}, nil
}

10
internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos.go
View File

@ -9,7 +9,7 @@ import (
xerrors "github.com/pkg/errors"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
@ -32,7 +32,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *tcSsl.Client
sdkClient *tcssl.Client
sslUploader uploader.Uploader
}
@ -92,7 +92,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 证书部署到 COS 实例
// REF: https://cloud.tencent.com/document/product/400/91667
deployCertificateInstanceReq := tcSsl.NewDeployCertificateInstanceRequest()
deployCertificateInstanceReq := tcssl.NewDeployCertificateInstanceRequest()
deployCertificateInstanceReq.CertificateId = common.StringPtr(upres.CertId)
deployCertificateInstanceReq.ResourceType = common.StringPtr("cos")
deployCertificateInstanceReq.Status = common.Int64Ptr(1)
@ -106,9 +106,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(secretId, secretKey, region string) (*tcSsl.Client, error) {
func createSdkClient(secretId, secretKey, region string) (*tcssl.Client, error) {
credential := common.NewCredential(secretId, secretKey)
client, err := tcSsl.NewClient(credential, region, profile.NewClientProfile())
client, err := tcssl.NewClient(credential, region, profile.NewClientProfile())
if err != nil {
return nil, err
}

12
internal/pkg/core/deployer/providers/tencentcloud-css/tencentcloud_css.go
View File

@ -7,7 +7,7 @@ import (
xerrors "github.com/pkg/errors"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
tcLive "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/live/v20180801"
tclive "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/live/v20180801"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
@ -26,7 +26,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *tcLive.Client
sdkClient *tclive.Client
sslUploader uploader.Uploader
}
@ -79,8 +79,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 绑定证书对应的播放域名
// REF: https://cloud.tencent.com/document/product/267/78655
modifyLiveDomainCertBindingsReq := &tcLive.ModifyLiveDomainCertBindingsRequest{
DomainInfos: []*tcLive.LiveCertDomainInfo{
modifyLiveDomainCertBindingsReq := &tclive.ModifyLiveDomainCertBindingsRequest{
DomainInfos: []*tclive.LiveCertDomainInfo{
{
DomainName: common.StringPtr(d.config.Domain),
Status: common.Int64Ptr(1),
@ -97,10 +97,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(secretId, secretKey string) (*tcLive.Client, error) {
func createSdkClient(secretId, secretKey string) (*tclive.Client, error) {
credential := common.NewCredential(secretId, secretKey)
client, err := tcLive.NewClient(credential, "", profile.NewClientProfile())
client, err := tclive.NewClient(credential, "", profile.NewClientProfile())
if err != nil {
return nil, err
}

24
internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go
View File

@ -6,10 +6,10 @@ import (
"strings"
xerrors "github.com/pkg/errors"
tcCdn "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn/v20180606"
tccdn "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn/v20180606"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
@ -35,8 +35,8 @@ type DeployerProvider struct {
var _ deployer.Deployer = (*DeployerProvider)(nil)
type wSdkClients struct {
ssl *tcSsl.Client
cdn *tcCdn.Client
SSL *tcssl.Client
CDN *tccdn.Client
}
func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
@ -105,12 +105,12 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 证书部署到 ECDN 实例
// REF: https://cloud.tencent.com/document/product/400/91667
deployCertificateInstanceReq := tcSsl.NewDeployCertificateInstanceRequest()
deployCertificateInstanceReq := tcssl.NewDeployCertificateInstanceRequest()
deployCertificateInstanceReq.CertificateId = common.StringPtr(upres.CertId)
deployCertificateInstanceReq.ResourceType = common.StringPtr("ecdn")
deployCertificateInstanceReq.Status = common.Int64Ptr(1)
deployCertificateInstanceReq.InstanceIdList = common.StringPtrs(instanceIds)
deployCertificateInstanceResp, err := d.sdkClients.ssl.DeployCertificateInstance(deployCertificateInstanceReq)
deployCertificateInstanceResp, err := d.sdkClients.SSL.DeployCertificateInstance(deployCertificateInstanceReq)
d.logger.Debug("sdk request 'ssl.DeployCertificateInstance'", slog.Any("request", deployCertificateInstanceReq), slog.Any("response", deployCertificateInstanceResp))
if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.DeployCertificateInstance'")
@ -123,10 +123,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
func (d *DeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]string, error) {
// 获取证书中的可用域名
// REF: https://cloud.tencent.com/document/product/228/42491
describeCertDomainsReq := tcCdn.NewDescribeCertDomainsRequest()
describeCertDomainsReq := tccdn.NewDescribeCertDomainsRequest()
describeCertDomainsReq.CertId = common.StringPtr(cloudCertId)
describeCertDomainsReq.Product = common.StringPtr("ecdn")
describeCertDomainsResp, err := d.sdkClients.cdn.DescribeCertDomains(describeCertDomainsReq)
describeCertDomainsResp, err := d.sdkClients.CDN.DescribeCertDomains(describeCertDomainsReq)
d.logger.Debug("sdk request 'cdn.DescribeCertDomains'", slog.Any("request", describeCertDomainsReq), slog.Any("response", describeCertDomainsResp))
if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.DescribeCertDomains'")
@ -145,18 +145,18 @@ func (d *DeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]stri
func createSdkClients(secretId, secretKey string) (*wSdkClients, error) {
credential := common.NewCredential(secretId, secretKey)
sslClient, err := tcSsl.NewClient(credential, "", profile.NewClientProfile())
sslClient, err := tcssl.NewClient(credential, "", profile.NewClientProfile())
if err != nil {
return nil, err
}
cdnClient, err := tcCdn.NewClient(credential, "", profile.NewClientProfile())
cdnClient, err := tccdn.NewClient(credential, "", profile.NewClientProfile())
if err != nil {
return nil, err
}
return &wSdkClients{
ssl: sslClient,
cdn: cdnClient,
SSL: sslClient,
CDN: cdnClient,
}, nil
}

22
internal/pkg/core/deployer/providers/tencentcloud-eo/tencentcloud_eo.go
View File

@ -8,8 +8,8 @@ import (
xerrors "github.com/pkg/errors"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
tcTeo "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901"
tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
tcteo "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo/v20220901"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
@ -37,8 +37,8 @@ type DeployerProvider struct {
var _ deployer.Deployer = (*DeployerProvider)(nil)
type wSdkClients struct {
ssl *tcSsl.Client
teo *tcTeo.Client
SSL *tcssl.Client
TEO *tcteo.Client
}
func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
@ -92,12 +92,12 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 配置域名证书
// REF: https://cloud.tencent.com/document/product/1552/80764
modifyHostsCertificateReq := tcTeo.NewModifyHostsCertificateRequest()
modifyHostsCertificateReq := tcteo.NewModifyHostsCertificateRequest()
modifyHostsCertificateReq.ZoneId = common.StringPtr(d.config.ZoneId)
modifyHostsCertificateReq.Mode = common.StringPtr("sslcert")
modifyHostsCertificateReq.Hosts = common.StringPtrs([]string{d.config.Domain})
modifyHostsCertificateReq.ServerCertInfo = []*tcTeo.ServerCertInfo{{CertId: common.StringPtr(upres.CertId)}}
modifyHostsCertificateResp, err := d.sdkClients.teo.ModifyHostsCertificate(modifyHostsCertificateReq)
modifyHostsCertificateReq.ServerCertInfo = []*tcteo.ServerCertInfo{{CertId: common.StringPtr(upres.CertId)}}
modifyHostsCertificateResp, err := d.sdkClients.TEO.ModifyHostsCertificate(modifyHostsCertificateReq)
d.logger.Debug("sdk request 'teo.ModifyHostsCertificate'", slog.Any("request", modifyHostsCertificateReq), slog.Any("response", modifyHostsCertificateResp))
if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'teo.ModifyHostsCertificate'")
@ -109,18 +109,18 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
func createSdkClients(secretId, secretKey string) (*wSdkClients, error) {
credential := common.NewCredential(secretId, secretKey)
sslClient, err := tcSsl.NewClient(credential, "", profile.NewClientProfile())
sslClient, err := tcssl.NewClient(credential, "", profile.NewClientProfile())
if err != nil {
return nil, err
}
teoClient, err := tcTeo.NewClient(credential, "", profile.NewClientProfile())
teoClient, err := tcteo.NewClient(credential, "", profile.NewClientProfile())
if err != nil {
return nil, err
}
return &wSdkClients{
ssl: sslClient,
teo: teoClient,
SSL: sslClient,
TEO: teoClient,
}, nil
}

14
internal/pkg/core/deployer/providers/tencentcloud-scf/tencentcloud_scf.go
View File

@ -7,7 +7,7 @@ import (
xerrors "github.com/pkg/errors"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
tcScf "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/scf/v20180416"
tcscf "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/scf/v20180416"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
@ -28,7 +28,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *tcScf.Client
sdkClient *tcscf.Client
sslUploader uploader.Uploader
}
@ -73,7 +73,7 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
// 查看云函数自定义域名详情
// REF: https://cloud.tencent.com/document/product/583/111924
getCustomDomainReq := tcScf.NewGetCustomDomainRequest()
getCustomDomainReq := tcscf.NewGetCustomDomainRequest()
getCustomDomainReq.Domain = common.StringPtr(d.config.Domain)
getCustomDomainResp, err := d.sdkClient.GetCustomDomain(getCustomDomainReq)
d.logger.Debug("sdk request 'scf.GetCustomDomain'", slog.Any("request", getCustomDomainReq), slog.Any("response", getCustomDomainResp))
@ -91,9 +91,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 更新云函数自定义域名
// REF: https://cloud.tencent.com/document/product/583/111922
updateCustomDomainReq := tcScf.NewUpdateCustomDomainRequest()
updateCustomDomainReq := tcscf.NewUpdateCustomDomainRequest()
updateCustomDomainReq.Domain = common.StringPtr(d.config.Domain)
updateCustomDomainReq.CertConfig = &tcScf.CertConf{
updateCustomDomainReq.CertConfig = &tcscf.CertConf{
CertificateId: common.StringPtr(upres.CertId),
}
updateCustomDomainReq.Protocol = getCustomDomainResp.Response.Protocol
@ -106,9 +106,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(secretId, secretKey, region string) (*tcScf.Client, error) {
func createSdkClient(secretId, secretKey, region string) (*tcscf.Client, error) {
credential := common.NewCredential(secretId, secretKey)
client, err := tcScf.NewClient(credential, region, profile.NewClientProfile())
client, err := tcscf.NewClient(credential, region, profile.NewClientProfile())
if err != nil {
return nil, err
}

12
internal/pkg/core/deployer/providers/tencentcloud-ssl-deploy/tencentcloud_ssl_deploy.go
View File

@ -10,7 +10,7 @@ import (
xerrors "github.com/pkg/errors"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
tcSsl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
@ -33,7 +33,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *tcSsl.Client
sdkClient *tcssl.Client
sslUploader uploader.Uploader
}
@ -93,7 +93,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 证书部署到云资源实例列表
// REF: https://cloud.tencent.com/document/product/400/91667
deployCertificateInstanceReq := tcSsl.NewDeployCertificateInstanceRequest()
deployCertificateInstanceReq := tcssl.NewDeployCertificateInstanceRequest()
deployCertificateInstanceReq.CertificateId = common.StringPtr(upres.CertId)
deployCertificateInstanceReq.ResourceType = common.StringPtr(d.config.ResourceType)
deployCertificateInstanceReq.InstanceIdList = common.StringPtrs(d.config.ResourceIds)
@ -113,7 +113,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return nil, ctx.Err()
}
describeHostDeployRecordDetailReq := tcSsl.NewDescribeHostDeployRecordDetailRequest()
describeHostDeployRecordDetailReq := tcssl.NewDescribeHostDeployRecordDetailRequest()
describeHostDeployRecordDetailReq.DeployRecordId = common.StringPtr(fmt.Sprintf("%d", *deployCertificateInstanceResp.Response.DeployRecordId))
describeHostDeployRecordDetailReq.Limit = common.Uint64Ptr(100)
describeHostDeployRecordDetailResp, err := d.sdkClient.DescribeHostDeployRecordDetail(describeHostDeployRecordDetailReq)
@ -145,10 +145,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(secretId, secretKey, region string) (*tcSsl.Client, error) {
func createSdkClient(secretId, secretKey, region string) (*tcssl.Client, error) {
credential := common.NewCredential(secretId, secretKey)
client, err := tcSsl.NewClient(credential, region, profile.NewClientProfile())
client, err := tcssl.NewClient(credential, region, profile.NewClientProfile())
if err != nil {
return nil, err
}

10
internal/pkg/core/deployer/providers/tencentcloud-vod/tencentcloud_vod.go
View File

@ -7,7 +7,7 @@ import (
xerrors "github.com/pkg/errors"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
tcVod "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod/v20180717"
tcvod "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod/v20180717"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
@ -28,7 +28,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *tcVod.Client
sdkClient *tcvod.Client
sslUploader uploader.Uploader
}
@ -81,7 +81,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 设置点播域名 HTTPS 证书
// REF: https://cloud.tencent.com/document/api/266/102015
setVodDomainCertificateReq := tcVod.NewSetVodDomainCertificateRequest()
setVodDomainCertificateReq := tcvod.NewSetVodDomainCertificateRequest()
setVodDomainCertificateReq.Domain = common.StringPtr(d.config.Domain)
setVodDomainCertificateReq.Operation = common.StringPtr("Set")
setVodDomainCertificateReq.CertID = common.StringPtr(upres.CertId)
@ -97,9 +97,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(secretId, secretKey string) (*tcVod.Client, error) {
func createSdkClient(secretId, secretKey string) (*tcvod.Client, error) {
credential := common.NewCredential(secretId, secretKey)
client, err := tcVod.NewClient(credential, "", profile.NewClientProfile())
client, err := tcvod.NewClient(credential, "", profile.NewClientProfile())
if err != nil {
return nil, err
}

12
internal/pkg/core/deployer/providers/tencentcloud-waf/tencentcloud_waf.go
View File

@ -8,7 +8,7 @@ import (
xerrors "github.com/pkg/errors"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
tcWaf "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125"
tcwaf "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
@ -33,7 +33,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *tcWaf.Client
sdkClient *tcwaf.Client
sslUploader uploader.Uploader
}
@ -96,7 +96,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 查询单个 SaaS 型 WAF 域名详情
// REF: https://cloud.tencent.com/document/api/627/82938
describeDomainDetailsSaasReq := tcWaf.NewDescribeDomainDetailsSaasRequest()
describeDomainDetailsSaasReq := tcwaf.NewDescribeDomainDetailsSaasRequest()
describeDomainDetailsSaasReq.Domain = common.StringPtr(d.config.Domain)
describeDomainDetailsSaasReq.DomainId = common.StringPtr(d.config.DomainId)
describeDomainDetailsSaasReq.InstanceId = common.StringPtr(d.config.InstanceId)
@ -108,7 +108,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 编辑 SaaS 型 WAF 域名
// REF: https://cloud.tencent.com/document/api/627/94309
modifySpartaProtectionReq := tcWaf.NewModifySpartaProtectionRequest()
modifySpartaProtectionReq := tcwaf.NewModifySpartaProtectionRequest()
modifySpartaProtectionReq.Domain = common.StringPtr(d.config.Domain)
modifySpartaProtectionReq.DomainId = common.StringPtr(d.config.DomainId)
modifySpartaProtectionReq.InstanceID = common.StringPtr(d.config.InstanceId)
@ -123,9 +123,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(secretId, secretKey, region string) (*tcWaf.Client, error) {
func createSdkClient(secretId, secretKey, region string) (*tcwaf.Client, error) {
credential := common.NewCredential(secretId, secretKey)
client, err := tcWaf.NewClient(credential, region, profile.NewClientProfile())
client, err := tcwaf.NewClient(credential, region, profile.NewClientProfile())
if err != nil {
return nil, err
}

34
internal/pkg/core/deployer/providers/ucloud-ucdn/ucloud_ucdn.go
View File

@ -7,9 +7,9 @@ import (
"strconv"
xerrors "github.com/pkg/errors"
uCdn "github.com/ucloud/ucloud-sdk-go/services/ucdn"
usdk "github.com/ucloud/ucloud-sdk-go/ucloud"
uAuth "github.com/ucloud/ucloud-sdk-go/ucloud/auth"
"github.com/ucloud/ucloud-sdk-go/services/ucdn"
"github.com/ucloud/ucloud-sdk-go/ucloud"
"github.com/ucloud/ucloud-sdk-go/ucloud/auth"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
@ -30,7 +30,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *uCdn.UCDNClient
sdkClient *ucdn.UCDNClient
sslUploader uploader.Uploader
}
@ -87,7 +87,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
getUcdnDomainConfigReq := d.sdkClient.NewGetUcdnDomainConfigRequest()
getUcdnDomainConfigReq.DomainId = []string{d.config.DomainId}
if d.config.ProjectId != "" {
getUcdnDomainConfigReq.ProjectId = usdk.String(d.config.ProjectId)
getUcdnDomainConfigReq.ProjectId = ucloud.String(d.config.ProjectId)
}
getUcdnDomainConfigResp, err := d.sdkClient.GetUcdnDomainConfig(getUcdnDomainConfigReq)
d.logger.Debug("sdk request 'ucdn.GetUcdnDomainConfig'", slog.Any("request", getUcdnDomainConfigReq), slog.Any("response", getUcdnDomainConfigResp))
@ -101,15 +101,15 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// REF: https://docs.ucloud.cn/api/ucdn-api/update_ucdn_domain_https_config_v2
certId, _ := strconv.Atoi(upres.CertId)
updateUcdnDomainHttpsConfigV2Req := d.sdkClient.NewUpdateUcdnDomainHttpsConfigV2Request()
updateUcdnDomainHttpsConfigV2Req.DomainId = usdk.String(d.config.DomainId)
updateUcdnDomainHttpsConfigV2Req.HttpsStatusCn = usdk.String(getUcdnDomainConfigResp.DomainList[0].HttpsStatusCn)
updateUcdnDomainHttpsConfigV2Req.HttpsStatusAbroad = usdk.String(getUcdnDomainConfigResp.DomainList[0].HttpsStatusAbroad)
updateUcdnDomainHttpsConfigV2Req.HttpsStatusAbroad = usdk.String(getUcdnDomainConfigResp.DomainList[0].HttpsStatusAbroad)
updateUcdnDomainHttpsConfigV2Req.CertId = usdk.Int(certId)
updateUcdnDomainHttpsConfigV2Req.CertName = usdk.String(upres.CertName)
updateUcdnDomainHttpsConfigV2Req.CertType = usdk.String("ussl")
updateUcdnDomainHttpsConfigV2Req.DomainId = ucloud.String(d.config.DomainId)
updateUcdnDomainHttpsConfigV2Req.HttpsStatusCn = ucloud.String(getUcdnDomainConfigResp.DomainList[0].HttpsStatusCn)
updateUcdnDomainHttpsConfigV2Req.HttpsStatusAbroad = ucloud.String(getUcdnDomainConfigResp.DomainList[0].HttpsStatusAbroad)
updateUcdnDomainHttpsConfigV2Req.HttpsStatusAbroad = ucloud.String(getUcdnDomainConfigResp.DomainList[0].HttpsStatusAbroad)
updateUcdnDomainHttpsConfigV2Req.CertId = ucloud.Int(certId)
updateUcdnDomainHttpsConfigV2Req.CertName = ucloud.String(upres.CertName)
updateUcdnDomainHttpsConfigV2Req.CertType = ucloud.String("ussl")
if d.config.ProjectId != "" {
updateUcdnDomainHttpsConfigV2Req.ProjectId = usdk.String(d.config.ProjectId)
updateUcdnDomainHttpsConfigV2Req.ProjectId = ucloud.String(d.config.ProjectId)
}
updateUcdnDomainHttpsConfigV2Resp, err := d.sdkClient.UpdateUcdnDomainHttpsConfigV2(updateUcdnDomainHttpsConfigV2Req)
d.logger.Debug("sdk request 'ucdn.UpdateUcdnDomainHttpsConfigV2'", slog.Any("request", updateUcdnDomainHttpsConfigV2Req), slog.Any("response", updateUcdnDomainHttpsConfigV2Resp))
@ -120,13 +120,13 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(privateKey, publicKey string) (*uCdn.UCDNClient, error) {
cfg := usdk.NewConfig()
func createSdkClient(privateKey, publicKey string) (*ucdn.UCDNClient, error) {
cfg := ucloud.NewConfig()
credential := uAuth.NewCredential()
credential := auth.NewCredential()
credential.PrivateKey = privateKey
credential.PublicKey = publicKey
client := uCdn.NewClient(&cfg, &credential)
client := ucdn.NewClient(&cfg, &credential)
return client, nil
}

18
internal/pkg/core/deployer/providers/ucloud-us3/ucloud_us3.go
View File

@ -5,8 +5,8 @@ import (
"log/slog"
xerrors "github.com/pkg/errors"
usdk "github.com/ucloud/ucloud-sdk-go/ucloud"
uAuth "github.com/ucloud/ucloud-sdk-go/ucloud/auth"
"github.com/ucloud/ucloud-sdk-go/ucloud"
"github.com/ucloud/ucloud-sdk-go/ucloud/auth"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
@ -87,12 +87,12 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 添加 SSL 证书
// REF: https://docs.ucloud.cn/api/ufile-api/add_ufile_ssl_cert
addUFileSSLCertReq := d.sdkClient.NewAddUFileSSLCertRequest()
addUFileSSLCertReq.BucketName = usdk.String(d.config.Bucket)
addUFileSSLCertReq.Domain = usdk.String(d.config.Domain)
addUFileSSLCertReq.USSLId = usdk.String(upres.CertId)
addUFileSSLCertReq.CertificateName = usdk.String(upres.CertName)
addUFileSSLCertReq.BucketName = ucloud.String(d.config.Bucket)
addUFileSSLCertReq.Domain = ucloud.String(d.config.Domain)
addUFileSSLCertReq.USSLId = ucloud.String(upres.CertId)
addUFileSSLCertReq.CertificateName = ucloud.String(upres.CertName)
if d.config.ProjectId != "" {
addUFileSSLCertReq.ProjectId = usdk.String(d.config.ProjectId)
addUFileSSLCertReq.ProjectId = ucloud.String(d.config.ProjectId)
}
addUFileSSLCertResp, err := d.sdkClient.AddUFileSSLCert(addUFileSSLCertReq)
d.logger.Debug("sdk request 'us3.AddUFileSSLCert'", slog.Any("request", addUFileSSLCertReq), slog.Any("response", addUFileSSLCertResp))
@ -104,10 +104,10 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
}
func createSdkClient(privateKey, publicKey, region string) (*usdkFile.UFileClient, error) {
cfg := usdk.NewConfig()
cfg := ucloud.NewConfig()
cfg.Region = region
credential := uAuth.NewCredential()
credential := auth.NewCredential()
credential.PrivateKey = privateKey
credential.PublicKey = publicKey

2
internal/pkg/core/deployer/providers/upyun-cdn/upyun_cdn_test.go
View File

@ -37,7 +37,7 @@ Shell command to run this test:
--CERTIMATE_DEPLOYER_UPYUNCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \
--CERTIMATE_DEPLOYER_UPYUNCDN_USERNAME="your-username" \
--CERTIMATE_DEPLOYER_UPYUNCDN_PASSWORD="your-password" \
--CERTIMATE_DEPLOYER_UPYUNCDN_DOMAIN="example.com" \
--CERTIMATE_DEPLOYER_UPYUNCDN_DOMAIN="example.com"
*/
func TestDeploy(t *testing.T) {
flag.Parse()

10
internal/pkg/core/deployer/providers/volcengine-alb/consts.go Normal file
View File

@ -0,0 +1,10 @@
package volcenginealb
type ResourceType string
const (
// 资源类型:部署到指定负载均衡器。
RESOURCE_TYPE_LOADBALANCER = ResourceType("loadbalancer")
// 资源类型:部署到指定监听器。
RESOURCE_TYPE_LISTENER = ResourceType("listener")
)

263
internal/pkg/core/deployer/providers/volcengine-alb/volcengine_alb.go Normal file
View File

@ -0,0 +1,263 @@
package volcenginealb
import (
"context"
"errors"
"fmt"
"log/slog"
xerrors "github.com/pkg/errors"
vealb "github.com/volcengine/volcengine-go-sdk/service/alb"
ve "github.com/volcengine/volcengine-go-sdk/volcengine"
vesession "github.com/volcengine/volcengine-go-sdk/volcengine/session"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter"
"github.com/usual2970/certimate/internal/pkg/utils/sliceutil"
)
type DeployerConfig struct {
// 火山引擎 AccessKeyId。
AccessKeyId string `json:"accessKeyId"`
// 火山引擎 AccessKeySecret。
AccessKeySecret string `json:"accessKeySecret"`
// 火山引擎地域。
Region string `json:"region"`
// 部署资源类型。
ResourceType ResourceType `json:"resourceType"`
// 负载均衡实例 ID。
// 部署资源类型为 [RESOURCE_TYPE_LOADBALANCER] 时必填。
LoadbalancerId string `json:"loadbalancerId,omitempty"`
// 负载均衡监听器 ID。
// 部署资源类型为 [RESOURCE_TYPE_LISTENER] 时必填。
ListenerId string `json:"listenerId,omitempty"`
// SNI 域名(支持泛域名)。
// 部署资源类型为 [RESOURCE_TYPE_LOADBALANCER]、[RESOURCE_TYPE_LISTENER] 时选填。
Domain string `json:"domain,omitempty"`
}
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *vealb.ALB
sslUploader uploader.Uploader
}
var _ deployer.Deployer = (*DeployerProvider)(nil)
func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
if config == nil {
panic("config is nil")
}
client, err := createSdkClient(config.AccessKeyId, config.AccessKeySecret, config.Region)
if err != nil {
return nil, xerrors.Wrap(err, "failed to create sdk client")
}
uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{
AccessKeyId: config.AccessKeyId,
AccessKeySecret: config.AccessKeySecret,
Region: config.Region,
})
if err != nil {
return nil, xerrors.Wrap(err, "failed to create ssl uploader")
}
return &DeployerProvider{
config: config,
logger: slog.Default(),
sdkClient: client,
sslUploader: uploader,
}, nil
}
func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
d.sslUploader.WithLogger(logger)
return d
}
func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
// 上传证书到证书中心
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
}
// 根据部署资源类型决定部署方式
switch d.config.ResourceType {
case RESOURCE_TYPE_LOADBALANCER:
if err := d.deployToLoadbalancer(ctx, upres.CertId); err != nil {
return nil, err
}
case RESOURCE_TYPE_LISTENER:
if err := d.deployToListener(ctx, upres.CertId); err != nil {
return nil, err
}
default:
return nil, fmt.Errorf("unsupported resource type: %s", d.config.ResourceType)
}
return &deployer.DeployResult{}, nil
}
func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error {
if d.config.LoadbalancerId == "" {
return errors.New("config `loadbalancerId` is required")
}
// 查询 ALB 实例的详细信息
// REF: https://www.volcengine.com/docs/6767/113596
describeLoadBalancerAttributesReq := &vealb.DescribeLoadBalancerAttributesInput{
LoadBalancerId: ve.String(d.config.LoadbalancerId),
}
describeLoadBalancerAttributesResp, err := d.sdkClient.DescribeLoadBalancerAttributes(describeLoadBalancerAttributesReq)
d.logger.Debug("sdk request 'alb.DescribeLoadBalancerAttributes'", slog.Any("request", describeLoadBalancerAttributesReq), slog.Any("response", describeLoadBalancerAttributesResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.DescribeLoadBalancerAttributes'")
}
// 查询 HTTPS 监听器列表
// REF: https://www.volcengine.com/docs/6767/113684
listenerIds := make([]string, 0)
describeListenersPageSize := int64(100)
describeListenersPageNumber := int64(1)
for {
describeListenersReq := &vealb.DescribeListenersInput{
LoadBalancerId: ve.String(d.config.LoadbalancerId),
Protocol: ve.String("HTTPS"),
PageNumber: ve.Int64(describeListenersPageNumber),
PageSize: ve.Int64(describeListenersPageSize),
}
describeListenersResp, err := d.sdkClient.DescribeListeners(describeListenersReq)
d.logger.Debug("sdk request 'alb.DescribeListeners'", slog.Any("request", describeListenersReq), slog.Any("response", describeListenersResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.DescribeListeners'")
}
for _, listener := range describeListenersResp.Listeners {
listenerIds = append(listenerIds, *listener.ListenerId)
}
if len(describeListenersResp.Listeners) < int(describeListenersPageSize) {
break
} else {
describeListenersPageNumber++
}
}
// 遍历更新监听证书
if len(listenerIds) == 0 {
d.logger.Info("no alb listeners to deploy")
} else {
d.logger.Info("found https listeners to deploy", slog.Any("listenerIds", listenerIds))
var errs []error
for _, listenerId := range listenerIds {
if err := d.updateListenerCertificate(ctx, listenerId, cloudCertId); err != nil {
errs = append(errs, err)
}
}
if len(errs) > 0 {
return errors.Join(errs...)
}
}
return nil
}
func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error {
if d.config.ListenerId == "" {
return errors.New("config `listenerId` is required")
}
if err := d.updateListenerCertificate(ctx, d.config.LoadbalancerId, cloudCertId); err != nil {
return err
}
return nil
}
func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error {
// 查询指定监听器的详细信息
// REF: https://www.volcengine.com/docs/6767/113686
describeListenerAttributesReq := &vealb.DescribeListenerAttributesInput{
ListenerId: ve.String(cloudListenerId),
}
describeListenerAttributesResp, err := d.sdkClient.DescribeListenerAttributes(describeListenerAttributesReq)
d.logger.Debug("sdk request 'alb.DescribeListenerAttributes'", slog.Any("request", describeListenerAttributesReq), slog.Any("response", describeListenerAttributesResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.DescribeListenerAttributes'")
}
if d.config.Domain == "" {
// 未指定 SNI只需部署到监听器
// 修改指定监听器
// REF: https://www.volcengine.com/docs/6767/113683
modifyListenerAttributesReq := &vealb.ModifyListenerAttributesInput{
ListenerId: ve.String(cloudListenerId),
CertificateSource: ve.String("cert_center"),
CertCenterCertificateId: ve.String(cloudCertId),
}
modifyListenerAttributesResp, err := d.sdkClient.ModifyListenerAttributes(modifyListenerAttributesReq)
d.logger.Debug("sdk request 'alb.ModifyListenerAttributes'", slog.Any("request", modifyListenerAttributesReq), slog.Any("response", modifyListenerAttributesResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.ModifyListenerAttributes'")
}
} else {
// 指定 SNI需部署到扩展域名
// 修改指定监听器
// REF: https://www.volcengine.com/docs/6767/113683
modifyListenerAttributesReq := &vealb.ModifyListenerAttributesInput{
ListenerId: ve.String(cloudListenerId),
DomainExtensions: sliceutil.Map(
sliceutil.Filter(
describeListenerAttributesResp.DomainExtensions,
func(domain *vealb.DomainExtensionForDescribeListenerAttributesOutput) bool {
return *domain.Domain == d.config.Domain
},
),
func(domain *vealb.DomainExtensionForDescribeListenerAttributesOutput) *vealb.DomainExtensionForModifyListenerAttributesInput {
return &vealb.DomainExtensionForModifyListenerAttributesInput{
DomainExtensionId: domain.DomainExtensionId,
Domain: domain.Domain,
CertificateSource: ve.String("cert_center"),
CertCenterCertificateId: ve.String(cloudCertId),
Action: ve.String("modify"),
}
}),
}
modifyListenerAttributesResp, err := d.sdkClient.ModifyListenerAttributes(modifyListenerAttributesReq)
d.logger.Debug("sdk request 'alb.ModifyListenerAttributes'", slog.Any("request", modifyListenerAttributesReq), slog.Any("response", modifyListenerAttributesResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'alb.ModifyListenerAttributes'")
}
}
return nil
}
func createSdkClient(accessKeyId, accessKeySecret, region string) (*vealb.ALB, error) {
config := ve.NewConfig().WithRegion(region).WithAkSk(accessKeyId, accessKeySecret)
session, err := vesession.NewSession(config)
if err != nil {
return nil, err
}
client := vealb.New(session)
return client, nil
}

81
internal/pkg/core/deployer/providers/volcengine-alb/volcengine_alb_test.go Normal file
View File

@ -0,0 +1,81 @@
package volcenginealb_test
import (
"context"
"flag"
"fmt"
"os"
"strings"
"testing"
provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/volcengine-alb"
)
var (
fInputCertPath string
fInputKeyPath string
fAccessKeyId string
fAccessKeySecret string
fRegion string
fListenerId string
)
func init() {
argsPrefix := "CERTIMATE_DEPLOYER_VOLCENGINEALB_"
flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "")
flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "")
flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "")
flag.StringVar(&fAccessKeySecret, argsPrefix+"ACCESSKEYSECRET", "", "")
flag.StringVar(&fRegion, argsPrefix+"REGION", "", "")
flag.StringVar(&fListenerId, argsPrefix+"LISTENERID", "", "")
}
/*
Shell command to run this test:
go test -v ./volcengine_alb_test.go -args \
--CERTIMATE_DEPLOYER_VOLCENGINEALB_INPUTCERTPATH="/path/to/your-input-cert.pem" \
--CERTIMATE_DEPLOYER_VOLCENGINEALB_INPUTKEYPATH="/path/to/your-input-key.pem" \
--CERTIMATE_DEPLOYER_VOLCENGINEALB_ACCESSKEYID="your-access-key-id" \
--CERTIMATE_DEPLOYER_VOLCENGINEALB_ACCESSKEYSECRET="your-access-key-secret" \
--CERTIMATE_DEPLOYER_VOLCENGINEALB_REGION="cn-beijing" \
--CERTIMATE_DEPLOYER_VOLCENGINEALB_LISTENERID="your-listener-id"
*/
func TestDeploy(t *testing.T) {
flag.Parse()
t.Run("Deploy", func(t *testing.T) {
t.Log(strings.Join([]string{
"args:",
fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath),
fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath),
fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId),
fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret),
fmt.Sprintf("REGION: %v", fRegion),
fmt.Sprintf("LISTENERID: %v", fListenerId),
}, "\n"))
deployer, err := provider.NewDeployer(&provider.DeployerConfig{
AccessKeyId: fAccessKeyId,
AccessKeySecret: fAccessKeySecret,
Region: fRegion,
ResourceType: provider.RESOURCE_TYPE_LISTENER,
ListenerId: fListenerId,
})
if err != nil {
t.Errorf("err: %+v", err)
return
}
fInputCertData, _ := os.ReadFile(fInputCertPath)
fInputKeyData, _ := os.ReadFile(fInputKeyPath)
res, err := deployer.Deploy(context.Background(), string(fInputCertData), string(fInputKeyData))
if err != nil {
t.Errorf("err: %+v", err)
return
}
t.Logf("ok: %v", res)
})
}

10
internal/pkg/core/deployer/providers/volcengine-cdn/volcengine_cdn.go
View File

@ -7,7 +7,7 @@ import (
"strings"
xerrors "github.com/pkg/errors"
veCdn "github.com/volcengine/volc-sdk-golang/service/cdn"
vecdn "github.com/volcengine/volc-sdk-golang/service/cdn"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
@ -26,7 +26,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *veCdn.CDN
sdkClient *vecdn.CDN
sslUploader uploader.Uploader
}
@ -37,7 +37,7 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
panic("config is nil")
}
client := veCdn.NewInstance()
client := vecdn.NewInstance()
client.Client.SetAccessKey(config.AccessKeyId)
client.Client.SetSecretKey(config.AccessKeySecret)
@ -80,7 +80,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
if strings.HasPrefix(d.config.Domain, "*.") {
// 获取指定证书可关联的域名
// REF: https://www.volcengine.com/docs/6454/125711
describeCertConfigReq := &veCdn.DescribeCertConfigRequest{
describeCertConfigReq := &vecdn.DescribeCertConfigRequest{
CertId: upres.CertId,
}
describeCertConfigResp, err := d.sdkClient.DescribeCertConfig(describeCertConfigReq)
@ -119,7 +119,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
for _, domain := range domains {
// 关联证书与加速域名
// REF: https://www.volcengine.com/docs/6454/125712
batchDeployCertReq := &veCdn.BatchDeployCertRequest{
batchDeployCertReq := &vecdn.BatchDeployCertRequest{
CertId: upres.CertId,
Domain: domain,
}

2
internal/pkg/core/deployer/providers/volcengine-clb/consts.go
View File

@ -3,6 +3,8 @@
type ResourceType string
const (
// 资源类型:部署到指定负载均衡器。
RESOURCE_TYPE_LOADBALANCER = ResourceType("loadbalancer")
// 资源类型:部署到指定监听器。
RESOURCE_TYPE_LISTENER = ResourceType("listener")
)

100
internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb.go
View File

@ -7,9 +7,9 @@ import (
"log/slog"
xerrors "github.com/pkg/errors"
veClb "github.com/volcengine/volcengine-go-sdk/service/clb"
veclb "github.com/volcengine/volcengine-go-sdk/service/clb"
ve "github.com/volcengine/volcengine-go-sdk/volcengine"
veSession "github.com/volcengine/volcengine-go-sdk/volcengine/session"
vesession "github.com/volcengine/volcengine-go-sdk/volcengine/session"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
@ -25,6 +25,9 @@ type DeployerConfig struct {
Region string `json:"region"`
// 部署资源类型。
ResourceType ResourceType `json:"resourceType"`
// 负载均衡实例 ID。
// 部署资源类型为 [RESOURCE_TYPE_LOADBALANCER] 时必填。
LoadbalancerId string `json:"loadbalancerId,omitempty"`
// 负载均衡监听器 ID。
// 部署资源类型为 [RESOURCE_TYPE_LISTENER] 时必填。
ListenerId string `json:"listenerId,omitempty"`
@ -33,7 +36,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *veClb.CLB
sdkClient *veclb.CLB
sslUploader uploader.Uploader
}
@ -87,6 +90,11 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 根据部署资源类型决定部署方式
switch d.config.ResourceType {
case RESOURCE_TYPE_LOADBALANCER:
if err := d.deployToLoadbalancer(ctx, upres.CertId); err != nil {
return nil, err
}
case RESOURCE_TYPE_LISTENER:
if err := d.deployToListener(ctx, upres.CertId); err != nil {
return nil, err
@ -99,15 +107,89 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func (d *DeployerProvider) deployToLoadbalancer(ctx context.Context, cloudCertId string) error {
if d.config.LoadbalancerId == "" {
return errors.New("config `loadbalancerId` is required")
}
// 查看指定负载均衡实例的详情
// REF: https://www.volcengine.com/docs/6406/71773
describeLoadBalancerAttributesReq := &veclb.DescribeLoadBalancerAttributesInput{
LoadBalancerId: ve.String(d.config.LoadbalancerId),
}
describeLoadBalancerAttributesResp, err := d.sdkClient.DescribeLoadBalancerAttributes(describeLoadBalancerAttributesReq)
d.logger.Debug("sdk request 'clb.DescribeLoadBalancerAttributes'", slog.Any("request", describeLoadBalancerAttributesReq), slog.Any("response", describeLoadBalancerAttributesResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'clb.DescribeLoadBalancerAttributes'")
}
// 查询 HTTPS 监听器列表
// REF: https://www.volcengine.com/docs/6406/71776
listenerIds := make([]string, 0)
describeListenersPageSize := int64(100)
describeListenersPageNumber := int64(1)
for {
describeListenersReq := &veclb.DescribeListenersInput{
LoadBalancerId: ve.String(d.config.LoadbalancerId),
Protocol: ve.String("HTTPS"),
PageNumber: ve.Int64(describeListenersPageNumber),
PageSize: ve.Int64(describeListenersPageSize),
}
describeListenersResp, err := d.sdkClient.DescribeListeners(describeListenersReq)
d.logger.Debug("sdk request 'clb.DescribeListeners'", slog.Any("request", describeListenersReq), slog.Any("response", describeListenersResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'clb.DescribeListeners'")
}
for _, listener := range describeListenersResp.Listeners {
listenerIds = append(listenerIds, *listener.ListenerId)
}
if len(describeListenersResp.Listeners) < int(describeListenersPageSize) {
break
} else {
describeListenersPageNumber++
}
}
// 遍历更新监听证书
if len(listenerIds) == 0 {
d.logger.Info("no clb listeners to deploy")
} else {
d.logger.Info("found https listeners to deploy", slog.Any("listenerIds", listenerIds))
var errs []error
for _, listenerId := range listenerIds {
if err := d.updateListenerCertificate(ctx, listenerId, cloudCertId); err != nil {
errs = append(errs, err)
}
}
if len(errs) > 0 {
return errors.Join(errs...)
}
}
return nil
}
func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId string) error {
if d.config.ListenerId == "" {
return errors.New("config `listenerId` is required")
}
// 修改监听器
if err := d.updateListenerCertificate(ctx, d.config.LoadbalancerId, cloudCertId); err != nil {
return err
}
return nil
}
func (d *DeployerProvider) updateListenerCertificate(ctx context.Context, cloudListenerId string, cloudCertId string) error {
// 修改指定监听器
// REF: https://www.volcengine.com/docs/6406/71775
modifyListenerAttributesReq := &veClb.ModifyListenerAttributesInput{
ListenerId: ve.String(d.config.ListenerId),
modifyListenerAttributesReq := &veclb.ModifyListenerAttributesInput{
ListenerId: ve.String(cloudListenerId),
CertificateSource: ve.String("cert_center"),
CertCenterCertificateId: ve.String(cloudCertId),
}
@ -120,14 +202,14 @@ func (d *DeployerProvider) deployToListener(ctx context.Context, cloudCertId str
return nil
}
func createSdkClient(accessKeyId, accessKeySecret, region string) (*veClb.CLB, error) {
func createSdkClient(accessKeyId, accessKeySecret, region string) (*veclb.CLB, error) {
config := ve.NewConfig().WithRegion(region).WithAkSk(accessKeyId, accessKeySecret)
session, err := veSession.NewSession(config)
session, err := vesession.NewSession(config)
if err != nil {
return nil, err
}
client := veClb.New(session)
client := veclb.New(session)
return client, nil
}

2
internal/pkg/core/deployer/providers/volcengine-clb/volcengine_clb_test.go
View File

@ -40,7 +40,7 @@ Shell command to run this test:
--CERTIMATE_DEPLOYER_VOLCENGINECLB_ACCESSKEYID="your-access-key-id" \
--CERTIMATE_DEPLOYER_VOLCENGINECLB_ACCESSKEYSECRET="your-access-key-secret" \
--CERTIMATE_DEPLOYER_VOLCENGINECLB_REGION="cn-beijing" \
--CERTIMATE_DEPLOYER_VOLCENGINECLB_LISTENERID="cn-beijing"
--CERTIMATE_DEPLOYER_VOLCENGINECLB_LISTENERID="your-listener-id"
*/
func TestDeploy(t *testing.T) {
flag.Parse()

14
internal/pkg/core/deployer/providers/volcengine-dcdn/volcengine_dcdn.go
View File

@ -6,9 +6,9 @@ import (
"strings"
xerrors "github.com/pkg/errors"
veDcdn "github.com/volcengine/volcengine-go-sdk/service/dcdn"
vedcdn "github.com/volcengine/volcengine-go-sdk/service/dcdn"
ve "github.com/volcengine/volcengine-go-sdk/volcengine"
veSession "github.com/volcengine/volcengine-go-sdk/volcengine/session"
vesession "github.com/volcengine/volcengine-go-sdk/volcengine/session"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
@ -29,7 +29,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *veDcdn.DCDN
sdkClient *vedcdn.DCDN
sslUploader uploader.Uploader
}
@ -86,7 +86,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 绑定证书
// REF: https://www.volcengine.com/docs/6559/1250189
createCertBindReq := &veDcdn.CreateCertBindInput{
createCertBindReq := &vedcdn.CreateCertBindInput{
CertSource: ve.String("volc"),
CertId: ve.String(upres.CertId),
DomainNames: ve.StringSlice([]string{domain}),
@ -100,18 +100,18 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(accessKeyId, accessKeySecret, region string) (*veDcdn.DCDN, error) {
func createSdkClient(accessKeyId, accessKeySecret, region string) (*vedcdn.DCDN, error) {
if region == "" {
region = "cn-beijing" // DCDN 服务默认区域:北京
}
config := ve.NewConfig().WithRegion(region).WithAkSk(accessKeyId, accessKeySecret)
session, err := veSession.NewSession(config)
session, err := vesession.NewSession(config)
if err != nil {
return nil, err
}
client := veDcdn.New(session)
client := vedcdn.New(session)
return client, nil
}

26
internal/pkg/core/deployer/providers/volcengine-imagex/volcengine_imagex.go
View File

@ -6,8 +6,8 @@ import (
"log/slog"
xerrors "github.com/pkg/errors"
veBase "github.com/volcengine/volc-sdk-golang/base"
veImageX "github.com/volcengine/volc-sdk-golang/service/imagex/v2"
vebase "github.com/volcengine/volc-sdk-golang/base"
veimagex "github.com/volcengine/volc-sdk-golang/service/imagex/v2"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
@ -30,7 +30,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *veImageX.Imagex
sdkClient *veimagex.Imagex
sslUploader uploader.Uploader
}
@ -91,7 +91,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 获取域名配置
// REF: https://www.volcengine.com/docs/508/9366
getDomainConfigReq := &veImageX.GetDomainConfigQuery{
getDomainConfigReq := &veimagex.GetDomainConfigQuery{
ServiceID: d.config.ServiceId,
DomainName: d.config.Domain,
}
@ -103,13 +103,13 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 更新 HTTPS 配置
// REF: https://www.volcengine.com/docs/508/66012
updateHttpsReq := &veImageX.UpdateHTTPSReq{
UpdateHTTPSQuery: &veImageX.UpdateHTTPSQuery{
updateHttpsReq := &veimagex.UpdateHTTPSReq{
UpdateHTTPSQuery: &veimagex.UpdateHTTPSQuery{
ServiceID: d.config.ServiceId,
},
UpdateHTTPSBody: &veImageX.UpdateHTTPSBody{
UpdateHTTPSBody: &veimagex.UpdateHTTPSBody{
Domain: d.config.Domain,
HTTPS: &veImageX.UpdateHTTPSBodyHTTPS{
HTTPS: &veimagex.UpdateHTTPSBodyHTTPS{
CertID: upres.CertId,
EnableHTTPS: true,
},
@ -133,15 +133,15 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(accessKeyId, accessKeySecret, region string) (*veImageX.Imagex, error) {
var instance *veImageX.Imagex
func createSdkClient(accessKeyId, accessKeySecret, region string) (*veimagex.Imagex, error) {
var instance *veimagex.Imagex
if region == "" {
instance = veImageX.NewInstance()
instance = veimagex.NewInstance()
} else {
instance = veImageX.NewInstanceWithRegion(region)
instance = veimagex.NewInstanceWithRegion(region)
}
instance.SetCredential(veBase.Credentials{
instance.SetCredential(vebase.Credentials{
AccessKeyID: accessKeyId,
SecretAccessKey: accessKeySecret,
})

10
internal/pkg/core/deployer/providers/volcengine-live/volcengine_live.go
View File

@ -7,7 +7,7 @@ import (
"strings"
xerrors "github.com/pkg/errors"
veLive "github.com/volcengine/volc-sdk-golang/service/live/v20230101"
velive "github.com/volcengine/volc-sdk-golang/service/live/v20230101"
ve "github.com/volcengine/volcengine-go-sdk/volcengine"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
@ -27,7 +27,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *veLive.Live
sdkClient *velive.Live
sslUploader uploader.Uploader
}
@ -38,7 +38,7 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
panic("config is nil")
}
client := veLive.NewInstance()
client := velive.NewInstance()
client.SetAccessKey(config.AccessKeyId)
client.SetSecretKey(config.AccessKeySecret)
@ -85,7 +85,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
for {
// 查询域名列表
// REF: https://www.volcengine.com/docs/6469/1186277#%E6%9F%A5%E8%AF%A2%E5%9F%9F%E5%90%8D%E5%88%97%E8%A1%A8
listDomainDetailReq := &veLive.ListDomainDetailBody{
listDomainDetailReq := &velive.ListDomainDetailBody{
PageNum: listDomainDetailPageNum,
PageSize: listDomainDetailPageSize,
}
@ -127,7 +127,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
for _, domain := range domains {
// 绑定证书
// REF: https://www.volcengine.com/docs/6469/1186278#%E7%BB%91%E5%AE%9A%E8%AF%81%E4%B9%A6
bindCertReq := &veLive.BindCertBody{
bindCertReq := &velive.BindCertBody{
ChainID: upres.CertId,
Domain: domain,
HTTPS: ve.Bool(true),

16
internal/pkg/core/deployer/providers/volcengine-tos/volcengine_tos.go
View File

@ -7,7 +7,7 @@ import (
"log/slog"
xerrors "github.com/pkg/errors"
veTos "github.com/volcengine/ve-tos-golang-sdk/v2/tos"
"github.com/volcengine/ve-tos-golang-sdk/v2/tos"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
@ -30,7 +30,7 @@ type DeployerConfig struct {
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *veTos.ClientV2
sdkClient *tos.ClientV2
sslUploader uploader.Uploader
}
@ -91,9 +91,9 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 设置自定义域名
// REF: https://www.volcengine.com/docs/6559/1250189
putBucketCustomDomainReq := &veTos.PutBucketCustomDomainInput{
putBucketCustomDomainReq := &tos.PutBucketCustomDomainInput{
Bucket: d.config.Bucket,
Rule: veTos.CustomDomainRule{
Rule: tos.CustomDomainRule{
Domain: d.config.Domain,
CertID: upres.CertId,
},
@ -107,13 +107,13 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
return &deployer.DeployResult{}, nil
}
func createSdkClient(accessKeyId, accessKeySecret, region string) (*veTos.ClientV2, error) {
func createSdkClient(accessKeyId, accessKeySecret, region string) (*tos.ClientV2, error) {
endpoint := fmt.Sprintf("tos-%s.ivolces.com", region)
client, err := veTos.NewClientV2(
client, err := tos.NewClientV2(
endpoint,
veTos.WithRegion(region),
veTos.WithCredentials(veTos.NewStaticCredentials(accessKeyId, accessKeySecret)),
tos.WithRegion(region),
tos.WithCredentials(tos.NewStaticCredentials(accessKeyId, accessKeySecret)),
)
if err != nil {
return nil, err

54
internal/pkg/core/uploader/providers/aliyun-cas/aliyun_cas.go
View File

@ -85,36 +85,38 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
if listUserCertificateOrderResp.Body.CertificateOrderList != nil {
for _, certDetail := range listUserCertificateOrderResp.Body.CertificateOrderList {
if strings.EqualFold(certX509.SerialNumber.Text(16), *certDetail.SerialNo) {
getUserCertificateDetailReq := &alicas.GetUserCertificateDetailRequest{
CertId: certDetail.CertificateId,
}
getUserCertificateDetailResp, err := u.sdkClient.GetUserCertificateDetail(getUserCertificateDetailReq)
u.logger.Debug("sdk request 'cas.GetUserCertificateDetail'", slog.Any("request", getUserCertificateDetailReq), slog.Any("response", getUserCertificateDetailResp))
if !strings.EqualFold(certX509.SerialNumber.Text(16), *certDetail.SerialNo) {
continue
}
getUserCertificateDetailReq := &alicas.GetUserCertificateDetailRequest{
CertId: certDetail.CertificateId,
}
getUserCertificateDetailResp, err := u.sdkClient.GetUserCertificateDetail(getUserCertificateDetailReq)
u.logger.Debug("sdk request 'cas.GetUserCertificateDetail'", slog.Any("request", getUserCertificateDetailReq), slog.Any("response", getUserCertificateDetailResp))
if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.GetUserCertificateDetail'")
}
var isSameCert bool
if *getUserCertificateDetailResp.Body.Cert == certPem {
isSameCert = true
} else {
oldCertX509, err := certutil.ParseCertificateFromPEM(*getUserCertificateDetailResp.Body.Cert)
if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cas.GetUserCertificateDetail'")
continue
}
var isSameCert bool
if *getUserCertificateDetailResp.Body.Cert == certPem {
isSameCert = true
} else {
oldCertX509, err := certutil.ParseCertificateFromPEM(*getUserCertificateDetailResp.Body.Cert)
if err != nil {
continue
}
isSameCert = certutil.EqualCertificate(certX509, oldCertX509)
}
isSameCert = certutil.EqualCertificate(certX509, oldCertX509)
}
// 如果已存在相同证书,直接返回
if isSameCert {
u.logger.Info("ssl certificate already exists")
return &uploader.UploadResult{
CertId: fmt.Sprintf("%d", tea.Int64Value(certDetail.CertificateId)),
CertName: *certDetail.Name,
}, nil
}
// 如果已存在相同证书,直接返回
if isSameCert {
u.logger.Info("ssl certificate already exists")
return &uploader.UploadResult{
CertId: fmt.Sprintf("%d", tea.Int64Value(certDetail.CertificateId)),
CertName: *certDetail.Name,
}, nil
}
}
}

4
internal/pkg/core/uploader/providers/upyun-ssl/upyun_ssl.go
View File

@ -59,9 +59,9 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
PrivateKey: privkeyPem,
}
uploadHttpsCertificateResp, err := u.sdkClient.UploadHttpsCertificate(uploadHttpsCertificateReq)
u.logger.Debug("sdk request 'ssl.UploadHttpsCertificate'", slog.Any("response", uploadHttpsCertificateResp))
u.logger.Debug("sdk request 'console.UploadHttpsCertificate'", slog.Any("response", uploadHttpsCertificateResp))
if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'ssl.UploadHttpsCertificate'")
return nil, xerrors.Wrap(err, "failed to execute sdk request 'console.UploadHttpsCertificate'")
}
return &uploader.UploadResult{

25
internal/pkg/vendors/1panel-sdk/api.go vendored
View File

@ -8,44 +8,29 @@ import (
func (c *Client) UpdateSystemSSL(req *UpdateSystemSSLRequest) (*UpdateSystemSSLResponse, error) {
resp := &UpdateSystemSSLResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/settings/ssl/update", req, resp)
if err != nil {
return nil, err
}
return resp, nil
return resp, err
}
func (c *Client) SearchWebsiteSSL(req *SearchWebsiteSSLRequest) (*SearchWebsiteSSLResponse, error) {
resp := &SearchWebsiteSSLResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/websites/ssl/search", req, resp)
if err != nil {
return nil, err
}
return resp, nil
return resp, err
}
func (c *Client) UploadWebsiteSSL(req *UploadWebsiteSSLRequest) (*UploadWebsiteSSLResponse, error) {
resp := &UploadWebsiteSSLResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/websites/ssl/upload", req, resp)
if err != nil {
return nil, err
}
return resp, nil
return resp, err
}
func (c *Client) GetHttpsConf(req *GetHttpsConfRequest) (*GetHttpsConfResponse, error) {
resp := &GetHttpsConfResponse{}
err := c.sendRequestWithResult(http.MethodGet, fmt.Sprintf("/websites/%d/https", req.WebsiteID), req, resp)
if err != nil {
return nil, err
}
return resp, nil
return resp, err
}
func (c *Client) UpdateHttpsConf(req *UpdateHttpsConfRequest) (*UpdateHttpsConfResponse, error) {
resp := &UpdateHttpsConfResponse{}
err := c.sendRequestWithResult(http.MethodPost, fmt.Sprintf("/websites/%d/https", req.WebsiteID), req, resp)
if err != nil {
return nil, err
}
return resp, nil
return resp, err
}

7
internal/pkg/vendors/1panel-sdk/client.go vendored
View File

@ -77,9 +77,9 @@ func (c *Client) sendRequest(method string, path string, params interface{}) (*r
resp, err := req.Send()
if err != nil {
return nil, fmt.Errorf("1panel api error: failed to send request: %w", err)
return resp, fmt.Errorf("1panel api error: failed to send request: %w", err)
} else if resp.IsError() {
return nil, fmt.Errorf("1panel api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
return resp, fmt.Errorf("1panel api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
}
return resp, nil
@ -88,6 +88,9 @@ func (c *Client) sendRequest(method string, path string, params interface{}) (*r
func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error {
resp, err := c.sendRequest(method, path, params)
if err != nil {
if resp != nil {
json.Unmarshal(resp.Body(), &result)
}
return err
}

22
internal/pkg/vendors/1panel-sdk/models.go vendored
View File

@ -6,16 +6,22 @@ type BaseResponse interface {
}
type baseResponse struct {
Code int32 `json:"code"`
Message string `json:"message"`
Code *int32 `json:"code,omitempty"`
Message *string `json:"message,omitempty"`
}
func (r *baseResponse) GetCode() int32 {
return r.Code
if r.Code != nil {
return *r.Code
}
return 0
}
func (r *baseResponse) GetMessage() string {
return r.Message
if r.Message != nil {
return *r.Message
}
return ""
}
type UpdateSystemSSLRequest struct {
@ -38,7 +44,7 @@ type SearchWebsiteSSLRequest struct {
type SearchWebsiteSSLResponse struct {
baseResponse
Data struct {
Data *struct {
Items []*struct {
ID int64 `json:"id"`
PEM string `json:"pem"`
@ -50,7 +56,7 @@ type SearchWebsiteSSLResponse struct {
CreatedAt string `json:"createdAt"`
} `json:"items"`
Total int32 `json:"total"`
} `json:"data"`
} `json:"data,omitempty"`
}
type UploadWebsiteSSLRequest struct {
@ -73,13 +79,13 @@ type GetHttpsConfRequest struct {
type GetHttpsConfResponse struct {
baseResponse
Data struct {
Data *struct {
Enable bool `json:"enable"`
HttpConfig string `json:"httpConfig"`
SSLProtocol []string `json:"SSLProtocol"`
Algorithm string `json:"algorithm"`
Hsts bool `json:"hsts"`
} `json:"data"`
} `json:"data,omitempty"`
}
type UpdateHttpsConfRequest struct {

27
internal/pkg/vendors/baishan-sdk/api.go vendored
View File

@ -5,28 +5,19 @@ import (
)
func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) {
resp := CreateCertificateResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/v2/domain/certificate", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &CreateCertificateResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/v2/domain/certificate", req, resp)
return resp, err
}
func (c *Client) GetDomainConfig(req *GetDomainConfigRequest) (*GetDomainConfigResponse, error) {
resp := GetDomainConfigResponse{}
err := c.sendRequestWithResult(http.MethodGet, "/v2/domain/config", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &GetDomainConfigResponse{}
err := c.sendRequestWithResult(http.MethodGet, "/v2/domain/config", req, resp)
return resp, err
}
func (c *Client) SetDomainConfig(req *SetDomainConfigRequest) (*SetDomainConfigResponse, error) {
resp := SetDomainConfigResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/v2/domain/config", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &SetDomainConfigResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/v2/domain/config", req, resp)
return resp, err
}

29
internal/pkg/vendors/baishan-sdk/client.go vendored
View File

@ -4,6 +4,8 @@ import (
"encoding/json"
"fmt"
"net/http"
"net/url"
"reflect"
"strings"
"time"
@ -35,21 +37,33 @@ func (c *Client) sendRequest(method string, path string, params interface{}) (*r
req.Method = method
req.URL = "https://cdn.api.baishan.com" + path
if strings.EqualFold(method, http.MethodGet) {
qs := make(map[string]string)
qs := url.Values{}
if params != nil {
temp := make(map[string]any)
jsonb, _ := json.Marshal(params)
json.Unmarshal(jsonb, &temp)
for k, v := range temp {
if v != nil {
qs[k] = fmt.Sprintf("%v", v)
rv := reflect.ValueOf(v)
switch rv.Kind() {
case reflect.Slice, reflect.Array:
for i := 0; i < rv.Len(); i++ {
qs.Add(fmt.Sprintf("%s[]", k), fmt.Sprintf("%v", rv.Index(i).Interface()))
}
case reflect.Map:
for _, rk := range rv.MapKeys() {
qs.Add(fmt.Sprintf("%s[%s]", k, rk.Interface()), fmt.Sprintf("%v", rv.MapIndex(rk).Interface()))
}
default:
qs.Set(k, fmt.Sprintf("%v", v))
}
}
}
}
req = req.
SetQueryParams(qs).
SetQueryParam("token", c.apiToken)
SetQueryParam("token", c.apiToken).
SetQueryParamsFromValues(qs)
} else {
req = req.
SetHeader("Content-Type", "application/json").
@ -59,9 +73,9 @@ func (c *Client) sendRequest(method string, path string, params interface{}) (*r
resp, err := req.Send()
if err != nil {
return nil, fmt.Errorf("baishan api error: failed to send request: %w", err)
return resp, fmt.Errorf("baishan api error: failed to send request: %w", err)
} else if resp.IsError() {
return nil, fmt.Errorf("baishan api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
return resp, fmt.Errorf("baishan api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
}
return resp, nil
@ -70,6 +84,9 @@ func (c *Client) sendRequest(method string, path string, params interface{}) (*r
func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error {
resp, err := c.sendRequest(method, path, params)
if err != nil {
if resp != nil {
json.Unmarshal(resp.Body(), &result)
}
return err
}

44
internal/pkg/vendors/baishan-sdk/models.go vendored
View File

@ -1,21 +1,29 @@
package baishansdk
import "encoding/json"
type BaseResponse interface {
GetCode() int
GetCode() int32
GetMessage() string
}
type baseResponse struct {
Code int `json:"code"`
Message string `json:"message"`
Code *int32 `json:"code,omitempty"`
Message *string `json:"message,omitempty"`
}
func (r *baseResponse) GetCode() int {
return r.Code
func (r *baseResponse) GetCode() int32 {
if r.Code != nil {
return *r.Code
}
return 0
}
func (r *baseResponse) GetMessage() string {
return r.Message
if r.Message != nil {
return *r.Message
}
return ""
}
type CreateCertificateRequest struct {
@ -26,11 +34,11 @@ type CreateCertificateRequest struct {
type CreateCertificateResponse struct {
baseResponse
Data *DomainCertificate `json:"data"`
Data *DomainCertificate `json:"data,omitempty"`
}
type GetDomainConfigRequest struct {
Domains string `json:"domains"`
Domains string `json:"domains"`
Config []string `json:"config"`
}
@ -39,7 +47,7 @@ type GetDomainConfigResponse struct {
Data []*struct {
Domain string `json:"domain"`
Config *DomainConfig `json:"config"`
} `json:"data"`
} `json:"data,omitempty"`
}
type SetDomainConfigRequest struct {
@ -51,14 +59,14 @@ type SetDomainConfigResponse struct {
baseResponse
Data *struct {
Config *DomainConfig `json:"config"`
} `json:"data"`
} `json:"data,omitempty"`
}
type DomainCertificate struct {
CertId int64 `json:"cert_id"`
Name string `json:"name"`
CertStartTime string `json:"cert_start_time"`
CertExpireTime string `json:"cert_expire_time"`
CertId json.Number `json:"cert_id"`
Name string `json:"name"`
CertStartTime string `json:"cert_start_time"`
CertExpireTime string `json:"cert_expire_time"`
}
type DomainConfig struct {
@ -66,8 +74,8 @@ type DomainConfig struct {
}
type DomainConfigHttps struct {
CertId int64 `json:"cert_id"`
ForceHttps *string `json:"force_https,omitempty"`
EnableHttp2 *string `json:"http2,omitempty"`
EnableOcsp *string `json:"ocsp,omitempty"`
CertId json.Number `json:"cert_id"`
ForceHttps *string `json:"force_https,omitempty"`
EnableHttp2 *string `json:"http2,omitempty"`
EnableOcsp *string `json:"ocsp,omitempty"`
}

45
internal/pkg/vendors/btpanel-sdk/api.go vendored
View File

@ -1,46 +1,31 @@
package btpanelsdk
func (c *Client) ConfigSavePanelSSL(req *ConfigSavePanelSSLRequest) (*ConfigSavePanelSSLResponse, error) {
resp := ConfigSavePanelSSLResponse{}
err := c.sendRequestWithResult("/config?action=SavePanelSSL", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &ConfigSavePanelSSLResponse{}
err := c.sendRequestWithResult("/config?action=SavePanelSSL", req, resp)
return resp, err
}
func (c *Client) SiteSetSSL(req *SiteSetSSLRequest) (*SiteSetSSLResponse, error) {
resp := SiteSetSSLResponse{}
err := c.sendRequestWithResult("/site?action=SetSSL", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &SiteSetSSLResponse{}
err := c.sendRequestWithResult("/site?action=SetSSL", req, resp)
return resp, err
}
func (c *Client) SystemServiceAdmin(req *SystemServiceAdminRequest) (*SystemServiceAdminResponse, error) {
resp := SystemServiceAdminResponse{}
err := c.sendRequestWithResult("/system?action=ServiceAdmin", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &SystemServiceAdminResponse{}
err := c.sendRequestWithResult("/system?action=ServiceAdmin", req, resp)
return resp, err
}
func (c *Client) SSLCertSaveCert(req *SSLCertSaveCertRequest) (*SSLCertSaveCertResponse, error) {
resp := SSLCertSaveCertResponse{}
err := c.sendRequestWithResult("/ssl/cert/save_cert", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &SSLCertSaveCertResponse{}
err := c.sendRequestWithResult("/ssl/cert/save_cert", req, resp)
return resp, err
}
func (c *Client) SSLSetBatchCertToSite(req *SSLSetBatchCertToSiteRequest) (*SSLSetBatchCertToSiteResponse, error) {
resp := SSLSetBatchCertToSiteResponse{}
err := c.sendRequestWithResult("/ssl?action=SetBatchCertToSite", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &SSLSetBatchCertToSiteResponse{}
err := c.sendRequestWithResult("/ssl?action=SetBatchCertToSite", req, resp)
return resp, err
}

4
internal/pkg/vendors/btpanel-sdk/client.go vendored
View File

@ -84,9 +84,9 @@ func (c *Client) sendRequest(path string, params interface{}) (*resty.Response,
SetFormData(data)
resp, err := req.Post(url)
if err != nil {
return nil, fmt.Errorf("baota api error: failed to send request: %w", err)
return resp, fmt.Errorf("baota api error: failed to send request: %w", err)
} else if resp.IsError() {
return nil, fmt.Errorf("baota api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
return resp, fmt.Errorf("baota api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
}
return resp, nil

9
internal/pkg/vendors/cachefly-sdk/api.go vendored
View File

@ -5,10 +5,7 @@ import (
)
func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) {
resp := CreateCertificateResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/certificates", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &CreateCertificateResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/certificates", req, resp)
return resp, err
}

7
internal/pkg/vendors/cachefly-sdk/client.go vendored
View File

@ -57,9 +57,9 @@ func (c *Client) sendRequest(method string, path string, params interface{}) (*r
resp, err := req.Send()
if err != nil {
return nil, fmt.Errorf("cachefly api error: failed to send request: %w", err)
return resp, fmt.Errorf("cachefly api error: failed to send request: %w", err)
} else if resp.IsError() {
return nil, fmt.Errorf("cachefly api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
return resp, fmt.Errorf("cachefly api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
}
return resp, nil
@ -68,6 +68,9 @@ func (c *Client) sendRequest(method string, path string, params interface{}) (*r
func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error {
resp, err := c.sendRequest(method, path, params)
if err != nil {
if resp != nil {
json.Unmarshal(resp.Body(), &result)
}
return err
}

9
internal/pkg/vendors/cachefly-sdk/models.go vendored
View File

@ -1,15 +1,18 @@
package cacheflysdk
type BaseResponse interface {
GetMessage() *string
GetMessage() string
}
type baseResponse struct {
Message *string `json:"message,omitempty"`
}
func (r *baseResponse) GetMessage() *string {
return r.Message
func (r *baseResponse) GetMessage() string {
if r.Message != nil {
return *r.Message
}
return ""
}
type CreateCertificateRequest struct {

36
internal/pkg/vendors/cdnfly-sdk/api.go vendored
View File

@ -6,37 +6,25 @@ import (
)
func (c *Client) GetSite(req *GetSiteRequest) (*GetSiteResponse, error) {
resp := GetSiteResponse{}
err := c.sendRequestWithResult(http.MethodGet, fmt.Sprintf("/v1/sites/%s", req.Id), req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &GetSiteResponse{}
err := c.sendRequestWithResult(http.MethodGet, fmt.Sprintf("/v1/sites/%s", req.Id), req, resp)
return resp, err
}
func (c *Client) UpdateSite(req *UpdateSiteRequest) (*UpdateSiteResponse, error) {
resp := UpdateSiteResponse{}
err := c.sendRequestWithResult(http.MethodPut, fmt.Sprintf("/v1/sites/%s", req.Id), req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &UpdateSiteResponse{}
err := c.sendRequestWithResult(http.MethodPut, fmt.Sprintf("/v1/sites/%s", req.Id), req, resp)
return resp, err
}
func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) {
resp := CreateCertificateResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/v1/certs", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &CreateCertificateResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/v1/certs", req, resp)
return resp, err
}
func (c *Client) UpdateCertificate(req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) {
resp := UpdateCertificateResponse{}
err := c.sendRequestWithResult(http.MethodPut, fmt.Sprintf("/v1/certs/%s", req.Id), req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &UpdateCertificateResponse{}
err := c.sendRequestWithResult(http.MethodPut, fmt.Sprintf("/v1/certs/%s", req.Id), req, resp)
return resp, err
}

7
internal/pkg/vendors/cdnfly-sdk/client.go vendored
View File

@ -63,9 +63,9 @@ func (c *Client) sendRequest(method string, path string, params interface{}) (*r
resp, err := req.Send()
if err != nil {
return nil, fmt.Errorf("cdnfly api error: failed to send request: %w", err)
return resp, fmt.Errorf("cdnfly api error: failed to send request: %w", err)
} else if resp.IsError() {
return nil, fmt.Errorf("cdnfly api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
return resp, fmt.Errorf("cdnfly api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
}
return resp, nil
@ -74,6 +74,9 @@ func (c *Client) sendRequest(method string, path string, params interface{}) (*r
func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error {
resp, err := c.sendRequest(method, path, params)
if err != nil {
if resp != nil {
json.Unmarshal(resp.Body(), &result)
}
return err
}

2
internal/pkg/vendors/cdnfly-sdk/models.go vendored
View File

@ -31,7 +31,7 @@ type GetSiteResponse struct {
Name string `json:"name"`
Domain string `json:"domain"`
HttpsListen string `json:"https_listen"`
} `json:"data"`
} `json:"data,omitempty"`
}
type UpdateSiteRequest struct {

45
internal/pkg/vendors/dnsla-sdk/api.go vendored
View File

@ -7,46 +7,31 @@ import (
)
func (c *Client) ListDomains(req *ListDomainsRequest) (*ListDomainsResponse, error) {
resp := ListDomainsResponse{}
err := c.sendRequestWithResult(http.MethodGet, "/domainList", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &ListDomainsResponse{}
err := c.sendRequestWithResult(http.MethodGet, "/domainList", req, resp)
return resp, err
}
func (c *Client) ListRecords(req *ListRecordsRequest) (*ListRecordsResponse, error) {
resp := ListRecordsResponse{}
err := c.sendRequestWithResult(http.MethodGet, "/recordList", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &ListRecordsResponse{}
err := c.sendRequestWithResult(http.MethodGet, "/recordList", req, resp)
return resp, err
}
func (c *Client) CreateRecord(req *CreateRecordRequest) (*CreateRecordResponse, error) {
resp := CreateRecordResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/record", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &CreateRecordResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/record", req, resp)
return resp, err
}
func (c *Client) UpdateRecord(req *UpdateRecordRequest) (*UpdateRecordResponse, error) {
resp := UpdateRecordResponse{}
err := c.sendRequestWithResult(http.MethodPut, "/record", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &UpdateRecordResponse{}
err := c.sendRequestWithResult(http.MethodPut, "/record", req, resp)
return resp, err
}
func (c *Client) DeleteRecord(req *DeleteRecordRequest) (*DeleteRecordResponse, error) {
resp := DeleteRecordResponse{}
err := c.sendRequestWithResult(http.MethodDelete, fmt.Sprintf("/record?id=%s", url.QueryEscape(req.Id)), req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &DeleteRecordResponse{}
err := c.sendRequestWithResult(http.MethodDelete, fmt.Sprintf("/record?id=%s", url.QueryEscape(req.Id)), req, resp)
return resp, err
}

7
internal/pkg/vendors/dnsla-sdk/client.go vendored
View File

@ -58,9 +58,9 @@ func (c *Client) sendRequest(method string, path string, params interface{}) (*r
resp, err := req.Send()
if err != nil {
return nil, fmt.Errorf("dnsla api error: failed to send request: %w", err)
return resp, fmt.Errorf("dnsla api error: failed to send request: %w", err)
} else if resp.IsError() {
return nil, fmt.Errorf("dnsla api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
return resp, fmt.Errorf("dnsla api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
}
return resp, nil
@ -69,6 +69,9 @@ func (c *Client) sendRequest(method string, path string, params interface{}) (*r
func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error {
resp, err := c.sendRequest(method, path, params)
if err != nil {
if resp != nil {
json.Unmarshal(resp.Body(), &result)
}
return err
}

18
internal/pkg/vendors/dnsla-sdk/models.go vendored
View File

@ -1,21 +1,27 @@
package dnslasdk
type BaseResponse interface {
GetCode() int
GetCode() int32
GetMessage() string
}
type baseResponse struct {
Code int `json:"code"`
Message string `json:"message"`
Code *int32 `json:"code,omitempty"`
Message *string `json:"message,omitempty"`
}
func (r *baseResponse) GetCode() int {
return r.Code
func (r *baseResponse) GetCode() int32 {
if r.Code != nil {
return *r.Code
}
return 0
}
func (r *baseResponse) GetMessage() string {
return r.Message
if r.Message != nil {
return *r.Message
}
return ""
}
type DomainInfo struct {

36
internal/pkg/vendors/gname-sdk/api.go vendored
View File

@ -1,37 +1,25 @@
package gnamesdk
func (c *Client) AddDomainResolution(req *AddDomainResolutionRequest) (*AddDomainResolutionResponse, error) {
result := AddDomainResolutionResponse{}
err := c.sendRequestWithResult("/api/resolution/add", req, &result)
if err != nil {
return nil, err
}
return &result, nil
resp := &AddDomainResolutionResponse{}
err := c.sendRequestWithResult("/api/resolution/add", req, resp)
return resp, err
}
func (c *Client) ModifyDomainResolution(req *ModifyDomainResolutionRequest) (*ModifyDomainResolutionResponse, error) {
resp := ModifyDomainResolutionResponse{}
err := c.sendRequestWithResult("/api/resolution/edit", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &ModifyDomainResolutionResponse{}
err := c.sendRequestWithResult("/api/resolution/edit", req, resp)
return resp, err
}
func (c *Client) DeleteDomainResolution(req *DeleteDomainResolutionRequest) (*DeleteDomainResolutionResponse, error) {
resp := DeleteDomainResolutionResponse{}
err := c.sendRequestWithResult("/api/resolution/delete", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &DeleteDomainResolutionResponse{}
err := c.sendRequestWithResult("/api/resolution/delete", req, resp)
return resp, err
}
func (c *Client) ListDomainResolution(req *ListDomainResolutionRequest) (*ListDomainResolutionResponse, error) {
resp := ListDomainResolutionResponse{}
err := c.sendRequestWithResult("/api/resolution/list", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &ListDomainResolutionResponse{}
err := c.sendRequestWithResult("/api/resolution/list", req, resp)
return resp, err
}

4
internal/pkg/vendors/gname-sdk/client.go vendored
View File

@ -80,9 +80,9 @@ func (c *Client) sendRequest(path string, params interface{}) (*resty.Response,
SetFormData(data)
resp, err := req.Post(url)
if err != nil {
return nil, fmt.Errorf("gname api error: failed to send request: %w", err)
return resp, fmt.Errorf("gname api error: failed to send request: %w", err)
} else if resp.IsError() {
return nil, fmt.Errorf("gname api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
return resp, fmt.Errorf("gname api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
}
return resp, nil

44
internal/pkg/vendors/gname-sdk/models.go vendored
View File

@ -1,16 +1,18 @@
package gnamesdk
import "encoding/json"
type BaseResponse interface {
GetCode() int
GetCode() int32
GetMessage() string
}
type baseResponse struct {
Code int `json:"code"`
Code int32 `json:"code"`
Message string `json:"msg"`
}
func (r *baseResponse) GetCode() int {
func (r *baseResponse) GetCode() int32 {
return r.Code
}
@ -23,23 +25,23 @@ type AddDomainResolutionRequest struct {
RecordType string `json:"lx"`
RecordName string `json:"zj"`
RecordValue string `json:"jlz"`
MX int `json:"mx"`
TTL int `json:"ttl"`
MX int32 `json:"mx"`
TTL int32 `json:"ttl"`
}
type AddDomainResolutionResponse struct {
baseResponse
Data string `json:"data"`
Data json.Number `json:"data"`
}
type ModifyDomainResolutionRequest struct {
ID string `json:"jxid"`
ID int64 `json:"jxid"`
ZoneName string `json:"ym"`
RecordType string `json:"lx"`
RecordName string `json:"zj"`
RecordValue string `json:"jlz"`
MX int `json:"mx"`
TTL int `json:"ttl"`
MX int32 `json:"mx"`
TTL int32 `json:"ttl"`
}
type ModifyDomainResolutionResponse struct {
@ -48,7 +50,7 @@ type ModifyDomainResolutionResponse struct {
type DeleteDomainResolutionRequest struct {
ZoneName string `json:"ym"`
RecordID string `json:"jxid"`
RecordID int64 `json:"jxid"`
}
type DeleteDomainResolutionResponse struct {
@ -57,23 +59,23 @@ type DeleteDomainResolutionResponse struct {
type ListDomainResolutionRequest struct {
ZoneName string `json:"ym"`
Page *int `json:"page,omitempty"`
PageSize *int `json:"limit,omitempty"`
Page *int32 `json:"page,omitempty"`
PageSize *int32 `json:"limit,omitempty"`
}
type ListDomainResolutionResponse struct {
baseResponse
Count int `json:"count"`
Count int32 `json:"count"`
Data []*ResolutionRecord `json:"data"`
Page int `json:"page"`
PageSize int `json:"pagesize"`
Page int32 `json:"page"`
PageSize int32 `json:"pagesize"`
}
type ResolutionRecord struct {
ID string `json:"id"`
ZoneName string `json:"ym"`
RecordType string `json:"lx"`
RecordName string `json:"zjt"`
RecordValue string `json:"jxz"`
MX int `json:"mx"`
ID json.Number `json:"id"`
ZoneName string `json:"ym"`
RecordType string `json:"lx"`
RecordName string `json:"zjt"`
RecordValue string `json:"jxz"`
MX int32 `json:"mx"`
}

9
internal/pkg/vendors/safeline-sdk/api.go vendored
View File

@ -1,10 +1,7 @@
package safelinesdk
func (c *Client) UpdateCertificate(req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) {
resp := UpdateCertificateResponse{}
err := c.sendRequestWithResult("/api/open/cert", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &UpdateCertificateResponse{}
err := c.sendRequestWithResult("/api/open/cert", req, resp)
return resp, err
}

7
internal/pkg/vendors/safeline-sdk/client.go vendored
View File

@ -45,9 +45,9 @@ func (c *Client) sendRequest(path string, params interface{}) (*resty.Response,
SetBody(params)
resp, err := req.Post(url)
if err != nil {
return nil, fmt.Errorf("safeline api error: failed to send request: %w", err)
return resp, fmt.Errorf("safeline api error: failed to send request: %w", err)
} else if resp.IsError() {
return nil, fmt.Errorf("safeline api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
return resp, fmt.Errorf("safeline api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
}
return resp, nil
@ -56,6 +56,9 @@ func (c *Client) sendRequest(path string, params interface{}) (*resty.Response,
func (c *Client) sendRequestWithResult(path string, params interface{}, result BaseResponse) error {
resp, err := c.sendRequest(path, params)
if err != nil {
if resp != nil {
json.Unmarshal(resp.Body(), &result)
}
return err
}

49
internal/pkg/vendors/upyun-sdk/console/api.go vendored
View File

@ -33,12 +33,9 @@ func (c *Client) UploadHttpsCertificate(req *UploadHttpsCertificateRequest) (*Up
}
}
resp := UploadHttpsCertificateResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/api/https/certificate/", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &UploadHttpsCertificateResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/api/https/certificate/", req, resp)
return resp, err
}
func (c *Client) GetHttpsCertificateManager(certificateId string) (*GetHttpsCertificateManagerResponse, error) {
@ -48,13 +45,10 @@ func (c *Client) GetHttpsCertificateManager(certificateId string) (*GetHttpsCert
}
}
req := GetHttpsCertificateManagerRequest{CertificateId: certificateId}
resp := GetHttpsCertificateManagerResponse{}
err := c.sendRequestWithResult(http.MethodGet, "/api/https/certificate/manager/", &req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
req := &GetHttpsCertificateManagerRequest{CertificateId: certificateId}
resp := &GetHttpsCertificateManagerResponse{}
err := c.sendRequestWithResult(http.MethodGet, "/api/https/certificate/manager/", req, resp)
return resp, err
}
func (c *Client) UpdateHttpsCertificateManager(req *UpdateHttpsCertificateManagerRequest) (*UpdateHttpsCertificateManagerResponse, error) {
@ -64,12 +58,9 @@ func (c *Client) UpdateHttpsCertificateManager(req *UpdateHttpsCertificateManage
}
}
resp := UpdateHttpsCertificateManagerResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/api/https/certificate/manager", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &UpdateHttpsCertificateManagerResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/api/https/certificate/manager", req, resp)
return resp, err
}
func (c *Client) GetHttpsServiceManager(domain string) (*GetHttpsServiceManagerResponse, error) {
@ -79,13 +70,10 @@ func (c *Client) GetHttpsServiceManager(domain string) (*GetHttpsServiceManagerR
}
}
req := GetHttpsServiceManagerRequest{Domain: domain}
resp := GetHttpsServiceManagerResponse{}
err := c.sendRequestWithResult(http.MethodGet, "/api/https/services/manager", &req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
req := &GetHttpsServiceManagerRequest{Domain: domain}
resp := &GetHttpsServiceManagerResponse{}
err := c.sendRequestWithResult(http.MethodGet, "/api/https/services/manager", req, resp)
return resp, err
}
func (c *Client) MigrateHttpsDomain(req *MigrateHttpsDomainRequest) (*MigrateHttpsDomainResponse, error) {
@ -95,10 +83,7 @@ func (c *Client) MigrateHttpsDomain(req *MigrateHttpsDomainRequest) (*MigrateHtt
}
}
resp := MigrateHttpsDomainResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/api/https/migrate/domain", req, &resp)
if err != nil {
return nil, err
}
return &resp, nil
resp := &MigrateHttpsDomainResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/api/https/migrate/domain", req, resp)
return resp, err
}

8
internal/pkg/vendors/upyun-sdk/console/client.go vendored
View File

@ -60,12 +60,11 @@ func (c *Client) sendRequest(method string, path string, params interface{}) (*r
SetBody(params)
}
req = req.SetDebug(true)
resp, err := req.Send()
if err != nil {
return nil, fmt.Errorf("upyun api error: failed to send request: %w", err)
return resp, fmt.Errorf("upyun api error: failed to send request: %w", err)
} else if resp.IsError() {
return nil, fmt.Errorf("upyun api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
return resp, fmt.Errorf("upyun api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
}
return resp, nil
@ -74,6 +73,9 @@ func (c *Client) sendRequest(method string, path string, params interface{}) (*r
func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result interface{}) error {
resp, err := c.sendRequest(method, path, params)
if err != nil {
if resp != nil {
json.Unmarshal(resp.Body(), &result)
}
return err
}

22
internal/pkg/vendors/upyun-sdk/console/models.go vendored
View File

@ -17,7 +17,7 @@ type baseResponseData struct {
ErrorMessage string `json:"message"`
}
func (r *baseResponseData) GetErrorCode() int {
func (r *baseResponseData) GetErrorCode() int32 {
if r.ErrorCode.String() == "" {
return 0
}
@ -27,7 +27,7 @@ func (r *baseResponseData) GetErrorCode() int {
return -1
}
return int(errcode)
return int32(errcode)
}
func (r *baseResponseData) GetErrorMessage() string {
@ -41,10 +41,10 @@ type signinRequest struct {
type signinResponse struct {
baseResponse
Data struct {
Data *struct {
baseResponseData
Result bool `json:"result"`
} `json:"data"`
} `json:"data,omitempty"`
}
type UploadHttpsCertificateRequest struct {
@ -56,13 +56,13 @@ type UploadHttpsCertificateResponse struct {
baseResponse
Data *struct {
baseResponseData
Status int `json:"status"`
Status int32 `json:"status"`
Result struct {
CertificateId string `json:"certificate_id"`
CommonName string `json:"commonName"`
Serial string `json:"serial"`
} `json:"result"`
} `json:"data"`
} `json:"data,omitempty"`
}
type GetHttpsCertificateManagerRequest struct {
@ -76,7 +76,7 @@ type GetHttpsCertificateManagerResponse struct {
AuthenticateNum int32 `json:"authenticate_num"`
AuthenticateDomains []string `json:"authenticate_domain"`
Domains []HttpsCertificateManagerDomain `json:"domains"`
} `json:"data"`
} `json:"data,omitempty"`
}
type HttpsCertificateManagerDomain struct {
@ -98,7 +98,7 @@ type UpdateHttpsCertificateManagerResponse struct {
Data *struct {
baseResponseData
Status bool `json:"status"`
} `json:"data"`
} `json:"data,omitempty"`
}
type GetHttpsServiceManagerRequest struct {
@ -109,9 +109,9 @@ type GetHttpsServiceManagerResponse struct {
baseResponse
Data *struct {
baseResponseData
Status int `json:"status"`
Status int32 `json:"status"`
Domains []HttpsServiceManagerDomain `json:"result"`
} `json:"data"`
} `json:"data,omitempty"`
}
type HttpsServiceManagerDomain struct {
@ -137,5 +137,5 @@ type MigrateHttpsDomainResponse struct {
Data *struct {
baseResponseData
Status bool `json:"status"`
} `json:"data"`
} `json:"data,omitempty"`
}

191
migrations/1742644800_upgrade.go Normal file
View File

@ -0,0 +1,191 @@
package migrations
import (
"github.com/pocketbase/pocketbase/core"
m "github.com/pocketbase/pocketbase/migrations"
)
func init() {
m.Register(func(app core.App) error {
// update collection `workflow_run`
{
collection, err := app.FindCollectionByNameOrId("qjp8lygssgwyqyz")
if err != nil {
return err
}
// update field
if err := collection.Fields.AddMarshaledJSONAt(7, []byte(`{
"autogeneratePattern": "",
"hidden": false,
"id": "hvebkuxw",
"max": 20000,
"min": 0,
"name": "error",
"pattern": "",
"presentable": false,
"primaryKey": false,
"required": false,
"system": false,
"type": "text"
}`)); err != nil {
return err
}
if err := app.Save(collection); err != nil {
return err
}
}
// update collection `workflow_output`
{
collection, err := app.FindCollectionByNameOrId("bqnxb95f2cooowp")
if err != nil {
return err
}
// update field
if err := collection.Fields.AddMarshaledJSONAt(5, []byte(`{
"hidden": false,
"id": "he4cceqb",
"maxSize": 5000000,
"name": "outputs",
"presentable": false,
"required": false,
"system": false,
"type": "json"
}`)); err != nil {
return err
}
if err := app.Save(collection); err != nil {
return err
}
}
// update collection `workflow_logs`
{
collection, err := app.FindCollectionByNameOrId("pbc_1682296116")
if err != nil {
return err
}
// update field
if err := collection.Fields.AddMarshaledJSONAt(7, []byte(`{
"autogeneratePattern": "",
"hidden": false,
"id": "text3065852031",
"max": 20000,
"min": 0,
"name": "message",
"pattern": "",
"presentable": false,
"primaryKey": false,
"required": false,
"system": false,
"type": "text"
}`)); err != nil {
return err
}
// update field
if err := collection.Fields.AddMarshaledJSONAt(8, []byte(`{
"hidden": false,
"id": "json2918445923",
"maxSize": 5000000,
"name": "data",
"presentable": false,
"required": false,
"system": false,
"type": "json"
}`)); err != nil {
return err
}
if err := app.Save(collection); err != nil {
return err
}
}
// update collection `access`
{
collection, err := app.FindCollectionByNameOrId("4yzbv8urny5ja1e")
if err != nil {
return err
}
// update field
if err := collection.Fields.AddMarshaledJSONAt(2, []byte(`{
"hidden": false,
"id": "hwy7m03o",
"maxSelect": 1,
"name": "provider",
"presentable": false,
"required": false,
"system": false,
"type": "select",
"values": [
"1panel",
"acmehttpreq",
"akamai",
"aliyun",
"aws",
"azure",
"baiducloud",
"baishan",
"baotapanel",
"byteplus",
"cachefly",
"cdnfly",
"cloudflare",
"cloudns",
"cmcccloud",
"ctcccloud",
"cucccloud",
"desec",
"dnsla",
"dogecloud",
"dynv6",
"edgio",
"fastly",
"gname",
"gcore",
"godaddy",
"goedge",
"huaweicloud",
"jdcloud",
"k8s",
"local",
"namecheap",
"namedotcom",
"namesilo",
"ns1",
"porkbun",
"powerdns",
"qiniu",
"qingcloud",
"rainyun",
"safeline",
"ssh",
"tencentcloud",
"ucloud",
"upyun",
"vercel",
"volcengine",
"webhook",
"westcn"
]
}`)); err != nil {
return err
}
if err := app.Save(collection); err != nil {
return err
}
}
return nil
}, func(app core.App) error {
return nil
})
}

87
ui/public/imgs/providers/desec.svg Normal file
View File

@ -0,0 +1,87 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<svg
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
width="7.4053912mm"
height="7.5173831mm"
viewBox="0 0 7.4053913 7.5173831"
version="1.1"
id="svg1262"
sodipodi:docname="logo.notext.svg"
inkscape:version="0.92.4 (5da689c313, 2019-01-14)">
<defs
id="defs1256" />
<sodipodi:namedview
id="base"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageopacity="0.0"
inkscape:pageshadow="2"
inkscape:zoom="5.6"
inkscape:cx="101.86078"
inkscape:cy="8.9271745"
inkscape:document-units="mm"
inkscape:current-layer="g3885"
showgrid="false"
fit-margin-top="0"
fit-margin-left="0"
fit-margin-right="0"
fit-margin-bottom="0"
inkscape:window-width="2560"
inkscape:window-height="1365"
inkscape:window-x="0"
inkscape:window-y="38"
inkscape:window-maximized="1" />
<metadata
id="metadata1259">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
<dc:title></dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
<g
inkscape:label="Layer 1"
inkscape:groupmode="layer"
id="layer1"
transform="translate(-254.94057,-266.78298)">
<g
id="g3885"
transform="matrix(0.26519825,0,0,0.26519825,228.89366,215.69135)"
style="fill:#000000">
<g
style="fill:#000000;stroke:#ffffff;stroke-opacity:1"
id="layer1-9"
transform="matrix(0.22901929,0,0,0.22901929,26.296508,84.906304)"
inkscape:export-filename="/home/nils/git/desec-stack/webapp/src/assets/logo.png"
inkscape:export-xdpi="567.52002"
inkscape:export-ydpi="567.52002">
<g
style="fill:#000000;stroke:#ffffff;stroke-opacity:1"
transform="translate(-194.13584,150.8067)"
id="g3933">
<path
inkscape:connector-curvature="0"
d="m 509.13584,366.2239 c 8.87906,-33.13708 42.93987,-52.8021 76.07695,-43.92304 21.43594,5.74374 38.17931,22.48711 43.92305,43.92304 0,0 -6.09923,-6.07815 -10,-6.07815 -3.90077,0 -10,6.07815 -10,6.07815 0,0 -6.09923,-6.07815 -10,-6.07815 -3.90077,0 -10,6.07815 -10,6.07815 0,0 -6.09923,-6.07815 -10,-6.07815 -3.90077,0 -10,6.07815 -10,6.07815 0,0 -6.09923,-6.07815 -10,-6.07815 -3.90077,0 -10,6.07815 -10,6.07815 0,0 -6.09923,-6.07815 -10,-6.07815 -3.90077,0 -10,6.07815 -10,6.07815 0,0 -6.09923,-6.07815 -10,-6.07815 -3.90077,0 -10,6.07815 -10,6.07815 z"
id="path2985-6-3"
style="color:#000000;display:inline;overflow:visible;visibility:visible;fill:#000000;fill-opacity:1;stroke:#ffffff;stroke-width:0.99999994;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1;marker:none;enable-background:accumulate" />
<path
inkscape:connector-curvature="0"
d="m 567.42674,364.89583 v 61.87321 c 0,9.34738 5.48085,16.17306 12.23879,16.17306 6.75795,0 12.23635,-6.83606 12.23635,-16.18344 0,0 -1.07806,-1.02674 -1.75904,-1.03964 -0.64261,-0.0122 -1.69589,0.91753 -1.69589,0.91753 0,6.70817 -3.93157,13.01592 -8.78142,13.01592 -4.84984,0 -8.78142,-6.30775 -8.78142,-13.01592 l -7.6e-4,-61.74072 z"
id="path3775-7-4-6"
style="color:#000000;display:inline;overflow:visible;visibility:visible;fill:#000000;fill-opacity:1;stroke:#ffffff;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:117.14173126;stroke-opacity:1;marker:none;enable-background:accumulate" />
</g>
</g>
</g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 4.0 KiB

1
ui/public/imgs/providers/porkbun.svg Normal file
View File

@ -0,0 +1 @@
<svg width="200" height="200" viewBox="0 0 1024 1024" xmlns="http://www.w3.org/2000/svg"><style>.st1{fill:#fff}</style><g><circle cx="512" cy="512" r="512" style="fill:#ef7878"/><g><path class="st1" d="M398.3 331.8c-33.2-17.9-70.3-31.9-108.6-40.9-7.7 16.6-11.5 33.2-11.5 52.4 0 28.1 8.9 53.7 24.3 74.1 24.2-35.7 56.2-66.4 95.8-85.6zm323.3 85.6c15.3-20.4 24.3-46 24.3-74.1 0-19.2-3.8-37.1-11.5-52.4-38.3 7.7-75.4 21.7-108.6 40.9 38.3 19.2 71.5 49.9 95.8 85.6zm-152.1 58.8c-7.7 0-14.1 6.4-14.1 14.1 0 2.6 1.3 5.1 2.6 7.7 5.1 7.7 12.8 12.8 21.7 15.3 2.6-5.1 3.8-11.5 3.8-17.9V489c-1.2-7.7-6.3-12.8-14-12.8z"/><path class="st1" d="M503.1 320.3c-126.5 5.1-224.9 112.4-224.9 239v131.6c0 23 19.2 42.2 42.2 42.2 23 0 42.2-19.2 42.2-42.2v-34.5H659v34.5c0 23 19.2 42.2 42.2 42.2 23 0 42.2-19.2 42.2-42.2v-138c1.2-131.6-107.5-237.7-240.3-232.6zm132.8 184c-7.7 12.8-19.2 21.7-33.2 26.8-8.9 17.9-28.1 30.7-49.8 30.7h-6.4c-7.7 0-14.1-6.4-14.1-14.1s6.4-14.1 14.1-14.1c6.4 0 12.8-2.6 17.9-5.1-7.7-3.8-15.3-8.9-20.4-16.6-5.1-6.4-7.7-12.8-7.7-21.7 0-17.9 15.3-33.2 33.2-33.2 11.5 0 20.4 5.1 26.8 14.1 7.7 10.2 12.8 21.7 12.8 35.8v5.1c6.4-2.6 11.5-7.7 15.3-12.8 2.6-3.8 6.4-3.8 10.2-2.6 2.6-1.2 3.9 3.9 1.3 7.7z"/></g></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

1
ui/public/imgs/providers/vercel.svg Normal file
View File

@ -0,0 +1 @@
<svg viewBox="0 0 1024 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="200" height="200"><path d="M512 60l512 904H0z" fill="#212121" p-id="6434"></path></svg>
Side by Side

After

Width:  |  Height:  |  Size: 216 B

9
ui/src/components/access/AccessForm.tsx
View File

@ -23,6 +23,7 @@ import AccessFormCdnflyConfig from "./AccessFormCdnflyConfig";
import AccessFormCloudflareConfig from "./AccessFormCloudflareConfig";
import AccessFormClouDNSConfig from "./AccessFormClouDNSConfig";
import AccessFormCMCCCloudConfig from "./AccessFormCMCCCloudConfig";
import AccessFormDeSECConfig from "./AccessFormDeSECConfig";
import AccessFormDNSLAConfig from "./AccessFormDNSLAConfig";
import AccessFormDogeCloudConfig from "./AccessFormDogeCloudConfig";
import AccessFormDynv6Config from "./AccessFormDynv6Config";
@ -38,6 +39,7 @@ import AccessFormNamecheapConfig from "./AccessFormNamecheapConfig";
import AccessFormNameDotComConfig from "./AccessFormNameDotComConfig";
import AccessFormNameSiloConfig from "./AccessFormNameSiloConfig";
import AccessFormNS1Config from "./AccessFormNS1Config";
import AccessFormPorkbunConfig from "./AccessFormPorkbunConfig";
import AccessFormPowerDNSConfig from "./AccessFormPowerDNSConfig";
import AccessFormQiniuConfig from "./AccessFormQiniuConfig";
import AccessFormRainYunConfig from "./AccessFormRainYunConfig";
@ -46,6 +48,7 @@ import AccessFormSSHConfig from "./AccessFormSSHConfig";
import AccessFormTencentCloudConfig from "./AccessFormTencentCloudConfig";
import AccessFormUCloudConfig from "./AccessFormUCloudConfig";
import AccessFormUpyunConfig from "./AccessFormUpyunConfig";
import AccessFormVercelConfig from "./AccessFormVercelConfig";
import AccessFormVolcEngineConfig from "./AccessFormVolcEngineConfig";
import AccessFormWebhookConfig from "./AccessFormWebhookConfig";
import AccessFormWestcnConfig from "./AccessFormWestcnConfig";
@ -130,6 +133,8 @@ const AccessForm = forwardRef<AccessFormInstance, AccessFormProps>(({ className,
return <AccessFormClouDNSConfig {...nestedFormProps} />;
case ACCESS_PROVIDERS.CMCCCLOUD:
return <AccessFormCMCCCloudConfig {...nestedFormProps} />;
case ACCESS_PROVIDERS.DESEC:
return <AccessFormDeSECConfig {...nestedFormProps} />;
case ACCESS_PROVIDERS.DNSLA:
return <AccessFormDNSLAConfig {...nestedFormProps} />;
case ACCESS_PROVIDERS.DOGECLOUD:
@ -160,6 +165,8 @@ const AccessForm = forwardRef<AccessFormInstance, AccessFormProps>(({ className,
return <AccessFormNameSiloConfig {...nestedFormProps} />;
case ACCESS_PROVIDERS.NS1:
return <AccessFormNS1Config {...nestedFormProps} />;
case ACCESS_PROVIDERS.PORKBUN:
return <AccessFormPorkbunConfig {...nestedFormProps} />;
case ACCESS_PROVIDERS.POWERDNS:
return <AccessFormPowerDNSConfig {...nestedFormProps} />;
case ACCESS_PROVIDERS.QINIU:
@ -176,6 +183,8 @@ const AccessForm = forwardRef<AccessFormInstance, AccessFormProps>(({ className,
return <AccessFormUCloudConfig {...nestedFormProps} />;
case ACCESS_PROVIDERS.UPYUN:
return <AccessFormUpyunConfig {...nestedFormProps} />;
case ACCESS_PROVIDERS.VERCEL:
return <AccessFormVercelConfig {...nestedFormProps} />;
case ACCESS_PROVIDERS.VOLCENGINE:
return <AccessFormVolcEngineConfig {...nestedFormProps} />;
case ACCESS_PROVIDERS.WEBHOOK:

61
ui/src/components/access/AccessFormDeSECConfig.tsx Normal file
View File

@ -0,0 +1,61 @@
import { useTranslation } from "react-i18next";
import { Form, type FormInstance, Input } from "antd";
import { createSchemaFieldRule } from "antd-zod";
import { z } from "zod";
import { type AccessConfigForDeSEC } from "@/domain/access";
type AccessFormDeSECConfigFieldValues = Nullish<AccessConfigForDeSEC>;
export type AccessFormDeSECConfigProps = {
form: FormInstance;
formName: string;
disabled?: boolean;
initialValues?: AccessFormDeSECConfigFieldValues;
onValuesChange?: (values: AccessFormDeSECConfigFieldValues) => void;
};
const initFormModel = (): AccessFormDeSECConfigFieldValues => {
return {
token: "",
};
};
const AccessFormDeSECConfig = ({ form: formInst, formName, disabled, initialValues, onValuesChange }: AccessFormDeSECConfigProps) => {
const { t } = useTranslation();
const formSchema = z.object({
token: z
.string()
.min(1, t("access.form.desec_token.placeholder"))
.max(256, t("common.errmsg.string_max", { max: 256 }))
.trim(),
});
const formRule = createSchemaFieldRule(formSchema);
const handleFormChange = (_: unknown, values: z.infer<typeof formSchema>) => {
onValuesChange?.(values);
};
return (
<Form
form={formInst}
disabled={disabled}
initialValues={initialValues ?? initFormModel()}
layout="vertical"
name={formName}
onValuesChange={handleFormChange}
>
<Form.Item
name="token"
label={t("access.form.desec_token.label")}
rules={[formRule]}
tooltip={<span dangerouslySetInnerHTML={{ __html: t("access.form.desec_token.tooltip") }}></span>}
>
<Input.Password autoComplete="new-password" placeholder={t("access.form.desec_token.placeholder")} />
</Form.Item>
</Form>
);
};
export default AccessFormDeSECConfig;

76
ui/src/components/access/AccessFormPorkbunConfig.tsx Normal file
View File

@ -0,0 +1,76 @@
import { useTranslation } from "react-i18next";
import { Form, type FormInstance, Input } from "antd";
import { createSchemaFieldRule } from "antd-zod";
import { z } from "zod";
import { type AccessConfigForPorkbun } from "@/domain/access";
type AccessFormPorkbunConfigFieldValues = Nullish<AccessConfigForPorkbun>;
export type AccessFormPorkbunConfigProps = {
form: FormInstance;
formName: string;
disabled?: boolean;
initialValues?: AccessFormPorkbunConfigFieldValues;
onValuesChange?: (values: AccessFormPorkbunConfigFieldValues) => void;
};
const initFormModel = (): AccessFormPorkbunConfigFieldValues => {
return {
apiKey: "",
secretApiKey: "",
};
};
const AccessFormPorkbunConfig = ({ form: formInst, formName, disabled, initialValues, onValuesChange }: AccessFormPorkbunConfigProps) => {
const { t } = useTranslation();
const formSchema = z.object({
apiKey: z
.string()
.min(1, t("access.form.porkbun_api_key.placeholder"))
.max(256, t("common.errmsg.string_max", { max: 256 }))
.trim(),
secretApiKey: z
.string()
.min(1, t("access.form.porkbun_secret_api_key.placeholder"))
.max(256, t("common.errmsg.string_max", { max: 256 }))
.trim(),
});
const formRule = createSchemaFieldRule(formSchema);
const handleFormChange = (_: unknown, values: z.infer<typeof formSchema>) => {
onValuesChange?.(values);
};
return (
<Form
form={formInst}
disabled={disabled}
initialValues={initialValues ?? initFormModel()}
layout="vertical"
name={formName}
onValuesChange={handleFormChange}
>
<Form.Item
name="apiKey"
label={t("access.form.porkbun_api_key.label")}
rules={[formRule]}
tooltip={<span dangerouslySetInnerHTML={{ __html: t("access.form.porkbun_api_key.tooltip") }}></span>}
>
<Input autoComplete="new-password" placeholder={t("access.form.porkbun_api_key.placeholder")} />
</Form.Item>
<Form.Item
name="secretApiKey"
label={t("access.form.porkbun_secret_api_key.label")}
rules={[formRule]}
tooltip={<span dangerouslySetInnerHTML={{ __html: t("access.form.porkbun_secret_api_key.tooltip") }}></span>}
>
<Input.Password autoComplete="new-password" placeholder={t("access.form.porkbun_secret_api_key.placeholder")} />
</Form.Item>
</Form>
);
};
export default AccessFormPorkbunConfig;

4
ui/src/components/access/AccessFormUCloudConfig.tsx
View File

@ -28,9 +28,9 @@ const AccessFormUCloudConfig = ({ form: formInst, formName, disabled, initialVal
const formSchema = z.object({
privateKey: z
.string()
.trim()
.min(1, t("access.form.ucloud_private_key.placeholder"))
.max(64, t("common.errmsg.string_max", { max: 64 })),
.max(64, t("common.errmsg.string_max", { max: 64 }))
.trim(),
publicKey: z
.string()
.min(1, t("access.form.ucloud_public_key.placeholder"))

75
ui/src/components/access/AccessFormVercelConfig.tsx Normal file
View File

@ -0,0 +1,75 @@
import { useTranslation } from "react-i18next";
import { Form, type FormInstance, Input } from "antd";
import { createSchemaFieldRule } from "antd-zod";
import { z } from "zod";
import { type AccessConfigForVercel } from "@/domain/access";
type AccessFormVercelConfigFieldValues = Nullish<AccessConfigForVercel>;
export type AccessFormVercelConfigProps = {
form: FormInstance;
formName: string;
disabled?: boolean;
initialValues?: AccessFormVercelConfigFieldValues;
onValuesChange?: (values: AccessFormVercelConfigFieldValues) => void;
};
const initFormModel = (): AccessFormVercelConfigFieldValues => {
return {
apiAccessToken: "",
};
};
const AccessFormVercelConfig = ({ form: formInst, formName, disabled, initialValues, onValuesChange }: AccessFormVercelConfigProps) => {
const { t } = useTranslation();
const formSchema = z.object({
apiAccessToken: z
.string()
.min(1, t("access.form.vercel_api_access_token.placeholder"))
.max(256, t("common.errmsg.string_max", { max: 256 }))
.trim(),
teamId: z
.string()
.max(256, t("common.errmsg.string_max", { max: 256 }))
.trim()
.nullish(),
});
const formRule = createSchemaFieldRule(formSchema);
const handleFormChange = (_: unknown, values: z.infer<typeof formSchema>) => {
onValuesChange?.(values);
};
return (
<Form
form={formInst}
disabled={disabled}
initialValues={initialValues ?? initFormModel()}
layout="vertical"
name={formName}
onValuesChange={handleFormChange}
>
<Form.Item
name="apiAccessToken"
label={t("access.form.vercel_api_access_token.label")}
rules={[formRule]}
tooltip={<span dangerouslySetInnerHTML={{ __html: t("access.form.vercel_api_access_token.tooltip") }}></span>}
>
<Input.Password autoComplete="new-password" placeholder={t("access.form.vercel_api_access_token.placeholder")} />
</Form.Item>
<Form.Item
name="teamId"
label={t("access.form.vercel_team_id.label")}
rules={[formRule]}
tooltip={<span dangerouslySetInnerHTML={{ __html: t("access.form.vercel_team_id.tooltip") }}></span>}
>
<Input placeholder={t("access.form.vercel_team_id.placeholder")} />
</Form.Item>
</Form>
);
};
export default AccessFormVercelConfig;

4
ui/src/components/access/AccessFormVolcEngineConfig.tsx
View File

@ -28,9 +28,9 @@ const AccessFormVolcEngineConfig = ({ form: formInst, formName, disabled, initia
const formSchema = z.object({
accessKeyId: z
.string()
.trim()
.min(1, t("access.form.volcengine_access_key_id.placeholder"))
.max(64, t("common.errmsg.string_max", { max: 64 })),
.max(64, t("common.errmsg.string_max", { max: 64 }))
.trim(),
secretAccessKey: z
.string()
.min(1, t("access.form.volcengine_secret_access_key.placeholder"))

Some files were not shown because too many files have changed in this diff Show More