Merge branch 'main' into feat/workflow

2025-06-17 18:09:52 +00:00 · 2024-11-13 08:41:25 +08:00 · 2024-11-13 08:41:25 +08:00 · fd04cec606
commit fd04cec606
parent ee9578b273 2ff923dd1b
7 changed files with 37 additions and 15 deletions
--- a/internal/deployer/aliyun_clb.go
+++ b/internal/deployer/aliyun_clb.go
@ -246,10 +246,10 @@ func (d *AliyunCLBDeployer) updateListenerCertificate(ctx context.Context, aliLo
 	// REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-setdomainextensionattribute
 	//
 	// 这里仅修改跟被替换证书一致的扩展域名
-	if describeDomainExtensionsResp.Body.DomainExtensions == nil && describeDomainExtensionsResp.Body.DomainExtensions.DomainExtension == nil {
+	if describeDomainExtensionsResp.Body.DomainExtensions != nil && describeDomainExtensionsResp.Body.DomainExtensions.DomainExtension != nil {
 		for _, domainExtension := range describeDomainExtensionsResp.Body.DomainExtensions.DomainExtension {
-			if *domainExtension.ServerCertificateId == *describeLoadBalancerHTTPSListenerAttributeResp.Body.ServerCertificateId {
-				break
+			if *domainExtension.ServerCertificateId != *describeLoadBalancerHTTPSListenerAttributeResp.Body.ServerCertificateId {
+				continue
 			}

 			setDomainExtensionAttributeReq := &aliyunSlb.SetDomainExtensionAttributeRequest{
--- a/internal/deployer/qiniu_cdn.go
+++ b/internal/deployer/qiniu_cdn.go
@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"strings"

 	xerrors "github.com/pkg/errors"
 	"github.com/qiniu/go-sdk/v7/auth"
@ -69,9 +70,14 @@ func (d *QiniuCDNDeployer) Deploy(ctx context.Context) error {

 	d.infos = append(d.infos, toStr("已上传证书", upres))

+	// 在七牛 CDN 中泛域名表示为 .example.com，需去除前缀星号
+	domain := d.option.DeployConfig.GetConfigAsString("domain")
+	if strings.HasPrefix(domain, "*") {
+		domain = strings.TrimPrefix(domain, "*")
+	}
+
 	// 获取域名信息
 	// REF: https://developer.qiniu.com/fusion/4246/the-domain-name
-	domain := d.option.DeployConfig.GetConfigAsString("domain")
 	getDomainInfoResp, err := d.sdkClient.GetDomainInfo(domain)
 	if err != nil {
 		return xerrors.Wrap(err, "failed to execute sdk request 'cdn.GetDomainInfo'")
--- a/internal/deployer/tencent_clb.go
+++ b/internal/deployer/tencent_clb.go
@ -102,7 +102,7 @@ func (d *TencentCLBDeployer) Deploy(ctx context.Context) error {
 func (d *TencentCLBDeployer) createSdkClients(secretId, secretKey, region string) (*tencentCLBDeployerSdkClients, error) {
 	credential := common.NewCredential(secretId, secretKey)

-	sslClient, err := tcSsl.NewClient(credential, "", profile.NewClientProfile())
+	sslClient, err := tcSsl.NewClient(credential, region, profile.NewClientProfile())
 	if err != nil {
 		return nil, err
 	}
--- a/internal/deployer/tencent_cos.go
+++ b/internal/deployer/tencent_cos.go
@ -33,6 +33,7 @@ func NewTencentCOSDeployer(option *DeployerOption) (Deployer, error) {
 	client, err := (&TencentCOSDeployer{}).createSdkClient(
 		access.SecretId,
 		access.SecretKey,
+		option.DeployConfig.GetConfigAsString("region"),
 	)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to create sdk clients")
@ -95,9 +96,9 @@ func (d *TencentCOSDeployer) Deploy(ctx context.Context) error {
 	return nil
 }

-func (d *TencentCOSDeployer) createSdkClient(secretId, secretKey string) (*tcSsl.Client, error) {
+func (d *TencentCOSDeployer) createSdkClient(secretId, secretKey, region string) (*tcSsl.Client, error) {
 	credential := common.NewCredential(secretId, secretKey)
-	client, err := tcSsl.NewClient(credential, "", profile.NewClientProfile())
+	client, err := tcSsl.NewClient(credential, region, profile.NewClientProfile())
 	if err != nil {
 		return nil, err
 	}
--- a/internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go
+++ b/internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go
@ -6,6 +6,7 @@ import (
 	"encoding/hex"
 	"errors"
 	"fmt"
+	"regexp"
 	"strings"
 	"time"

@ -89,6 +90,12 @@ func (u *AliyunSLBUploader) Upload(ctx context.Context, certPem string, privkeyP
 	var certId, certName string
 	certName = fmt.Sprintf("certimate_%d", time.Now().UnixMilli())

+	// 去除证书和私钥内容中的空白行，以符合阿里云 API 要求
+	// REF: https://github.com/usual2970/certimate/issues/326
+	re := regexp.MustCompile(`(?m)^\s*$\n?`)
+	certPem = strings.TrimSpace(re.ReplaceAllString(certPem, ""))
+	privkeyPem = strings.TrimSpace(re.ReplaceAllString(privkeyPem, ""))
+
 	// 上传新证书
 	// REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-uploadservercertificate
 	uploadServerCertificateReq := &aliyunSlb.UploadServerCertificateRequest{
--- a/ui/src/components/certimate/DeployToTencentCLB.tsx
+++ b/ui/src/components/certimate/DeployToTencentCLB.tsx
@ -44,9 +44,7 @@ const DeployToTencentCLB = () => {
      }),
      loadbalancerId: z.string().min(1, t("domain.deployment.form.tencent_clb_loadbalancer_id.placeholder")),
      listenerId: z.string().optional(),
-      domain: z.string().regex(/^$|^(?:\*\.)?([a-zA-Z0-9-]+\.)+[a-zA-Z]{2,}$/, {
-        message: t("common.errmsg.domain_invalid"),
-      }),
+      domain: z.string().optional(),
    })
    .refine(
      (data) => {
@ -63,10 +61,20 @@ const DeployToTencentCLB = () => {
        path: ["listenerId"],
      }
    )
-    .refine((data) => (data.resourceType === "ruledomain" ? !!data.domain?.trim() : true), {
-      message: t("domain.deployment.form.tencent_clb_ruledomain.placeholder"),
-      path: ["domain"],
-    });
+    .refine(
+      (data) => {
+        switch (data.resourceType) {
+          case "ssl-deploy":
+          case "ruledomain":
+            return !!data.domain?.trim() && /^$|^(?:\*\.)?([a-zA-Z0-9-]+\.)+[a-zA-Z]{2,}$/.test(data.domain);
+        }
+        return true;
+      },
+      {
+        message: t("domain.deployment.form.tencent_clb_ruledomain.placeholder"),
+        path: ["domain"],
+      }
+    );

  useEffect(() => {
    const res = formSchema.safeParse(config.config);
--- a/ui/src/domain/version.ts
+++ b/ui/src/domain/version.ts
@ -1 +1 @@
-export const version = "Certimate v0.2.18";
+export const version = "Certimate v0.2.19";