diff --git a/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-oss/index.ts b/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-oss/index.ts index 1b0e6135..67b47bb1 100644 --- a/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-oss/index.ts +++ b/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-oss/index.ts @@ -1,6 +1,6 @@ import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline'; -import { AliyunAccess } from '@certd/plugin-lib'; -import { CertInfo } from '@certd/plugin-cert'; +import {AliyunAccess, AliyunSslClient} from '@certd/plugin-lib'; +import {CertInfo, CertReader} from '@certd/plugin-cert'; import { CertApplyPluginNames} from '@certd/plugin-cert'; @IsTaskPlugin({ name: 'DeployCertToAliyunOSS', @@ -82,11 +82,27 @@ export class DeployCertToAliyunOSS extends AbstractTaskPlugin { helper: '请选择前置任务输出的域名证书', component: { name: 'output-selector', - from: [...CertApplyPluginNames], + from: [...CertApplyPluginNames,"uploadCertToAliyun"], }, required: true, }) - cert!: CertInfo; + cert!: CertInfo | string; + + @TaskInput({ + title: '证书服务接入点', + helper: '不会选就按默认', + value: 'cas.aliyuncs.com', + component: { + name: 'a-select', + options: [ + { value: 'cas.aliyuncs.com', label: '中国大陆' }, + { value: 'cas.ap-southeast-1.aliyuncs.com', label: '新加坡' }, + { value: 'cas.eu-central-1.aliyuncs.com', label: '德国(法兰克福)' }, + ], + }, + required: true, + }) + casEndpoint!: string; @TaskInput({ title: 'Access授权', @@ -103,12 +119,38 @@ export class DeployCertToAliyunOSS extends AbstractTaskPlugin { async execute(): Promise { this.logger.info('开始部署证书到阿里云OSS'); const access = (await this.getAccess(this.accessId)) as AliyunAccess; + + await this.getAliyunCertId(access) this.logger.info(`bucket: ${this.bucket}, region: ${this.region}, domainName: ${this.domainName}`); const client = await this.getClient(access); await this.doRequest(client, {}); this.logger.info('部署完成'); } + async getAliyunCertId(access: AliyunAccess) { + let certId: any = this.cert; + let certName: any = this.appendTimeSuffix("certd"); + if (typeof this.cert === "object") { + const sslClient = new AliyunSslClient({ + access, + logger: this.logger, + endpoint: this.casEndpoint + }); + + certName = this.buildCertName(CertReader.getMainDomain(this.cert.crt)); + + certId = await sslClient.uploadCert({ + name: certName, + cert: this.cert + }); + this.logger.info("上传证书成功", certId, certName); + } + return { + certId, + certName + }; + } + async getClient(access: AliyunAccess) { // @ts-ignore const OSS = await import('ali-oss'); @@ -129,13 +171,23 @@ export class DeployCertToAliyunOSS extends AbstractTaskPlugin { cname: '', comp: 'add', }); + + let certStr = "" + if (typeof this.cert === "object" ){ + certStr = ` + ${this.cert.key} + ${this.cert.crt} +` + }else{ + certStr = `${this.cert}` + } + const xml = ` ${this.domainName} - ${this.cert.key} - ${this.cert.crt} + ${certStr} `; diff --git a/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/upload-to-aliyun/index.ts b/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/upload-to-aliyun/index.ts index 64c6dc02..d39f9f5c 100644 --- a/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/upload-to-aliyun/index.ts +++ b/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/upload-to-aliyun/index.ts @@ -23,7 +23,7 @@ const regionDict = [ @IsTaskPlugin({ name: 'uploadCertToAliyun', - title: '阿里云-上传证书到阿里云', + title: '阿里云-上传证书到阿里云CAS', icon: 'svg:icon-aliyun', group: pluginGroups.aliyun.key, desc: '上传证书到阿里云数字证书管理服务(CAS),注意:不会部署到任何应用上;如果不想在阿里云上同一份证书上传多次,可以把此任务作为前置任务,其他阿里云任务证书那一项选择此任务的输出',