perf: ssh登录支持openssh格式私钥、支持私钥密码

packages/ui/certd-server/src/plugins/plugin-cloudflare/plugins/plugin-deploy-to-cdn.ts

@@ -11,6 +11,7 @@ import { CertInfo, CertReader } from '@certd/plugin-cert';
 @IsTaskPlugin({
   name: 'CloudflareDeployToCDN',
   title: '部署证书到CF CDN',
+  desc: '暂未实现，不可用',
   default: {
     strategy: {
       runStrategy: RunStrategy.SkipWhenSucceed,

packages/ui/certd-server/src/plugins/plugin-host/access/ssh-access.ts

@@ -1,4 +1,5 @@
 import { AccessInput, IAccess, IsAccess } from '@certd/pipeline';
+import { ConnectConfig } from 'ssh2';
 
 @IsAccess({
   name: 'ssh',
@@ -6,7 +7,7 @@ import { AccessInput, IAccess, IsAccess } from '@certd/pipeline';
   desc: '',
   input: {},
 })
-export class SshAccess implements IAccess {
+export class SshAccess implements IAccess, ConnectConfig {
   @AccessInput({
     title: '主机地址',
     component: {
@@ -19,11 +20,12 @@ export class SshAccess implements IAccess {
     title: '端口',
     value: '22',
     component: {
+      name: 'a-input-number',
       placeholder: '22',
     },
     rules: [{ required: true, message: '此项必填' }],
   })
-  port!: string;
+  port!: number;
   @AccessInput({
     title: '用户名',
     value: 'root',
@@ -40,14 +42,24 @@ export class SshAccess implements IAccess {
   })
   password!: string;
   @AccessInput({
-    title: '密钥',
+    title: '私钥登录',
-    helper: '密钥或密码必填一项',
+    helper: '私钥或密码必填一项',
     component: {
       name: 'a-textarea',
       vModel: 'value',
     },
   })
   privateKey!: string;
+
+  @AccessInput({
+    title: '私钥密码',
+    helper: '如果你的私钥有密码的话',
+    component: {
+      name: 'a-input-password',
+      vModel: 'value',
+    },
+  })
+  passphrase!: string;
 }
 
 new SshAccess();

packages/ui/certd-server/src/plugins/plugin-host/lib/ssh.ts

@@ -1,5 +1,5 @@
 // @ts-ignore
-import ssh2 from 'ssh2';
+import ssh2, { ConnectConfig } from 'ssh2';
 import path from 'path';
 import _ from 'lodash';
 import { ILogger } from '@certd/pipeline';
@@ -19,7 +19,7 @@ export class SshClient {
          }
    * @param options
    */
-  uploadFiles(options: { connectConf: any; transports: any }) {
+  uploadFiles(options: { connectConf: ConnectConfig; transports: any }) {
     const { connectConf, transports } = options;
     const conn = new ssh2.Client();
 
@@ -53,7 +53,10 @@ export class SshClient {
     });
   }
 
-  exec(options: { connectConf: any; script: string | Array<string> }) {
+  exec(options: {
+    connectConf: ConnectConfig;
+    script: string | Array<string>;
+  }) {
     let { script } = options;
     const { connectConf } = options;
     if (_.isArray(script)) {
@@ -99,7 +102,7 @@ export class SshClient {
     });
   }
 
-  shell(options: { connectConf: any; script: string }) {
+  shell(options: { connectConf: ConnectConfig; script: string }) {
     const { connectConf, script } = options;
     return new Promise((resolve, reject) => {
       this.connect({
@@ -132,7 +135,7 @@ export class SshClient {
     });
   }
 
-  connect(options: { connectConf: any; onReady: any; onError: any }) {
+  connect(options: { connectConf: ConnectConfig; onReady: any; onError: any }) {
     const { connectConf, onReady, onError } = options;
     const conn = new ssh2.Client();
     conn

packages/ui/certd-server/src/plugins/plugin-host/plugin/upload-to-host/index.ts

@@ -32,9 +32,9 @@ export class UploadCertToHostPlugin extends AbstractTaskPlugin {
   crtPath!: string;
   @TaskInput({
     title: '私钥保存路径',
-    helper: '需要有写入权限，路径要包含证书文件名',
+    helper: '需要有写入权限，路径要包含私钥文件名',
     component: {
-      placeholder: '/root/deploy/nginx/cert.crt',
+      placeholder: '/root/deploy/nginx/cert.key',
     },
   })
   keyPath!: string;