From f3bf4faee0be5bdbfdbcf70a502849ed4c8ed4c4 Mon Sep 17 00:00:00 2001
From: 5aaee9 <7685264+5aaee9@users.noreply.github.com>
Date: Sat, 5 Apr 2025 17:01:41 +0800
Subject: [PATCH 1/2] feat(lego): support set key type

---
 .../src/plugin/cert-plugin/lego/index.ts      | 25 ++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

diff --git a/packages/plugins/plugin-cert/src/plugin/cert-plugin/lego/index.ts b/packages/plugins/plugin-cert/src/plugin/cert-plugin/lego/index.ts
index dc274e2d..28f33ebb 100644
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/lego/index.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/lego/index.ts
@@ -9,6 +9,7 @@ import JSZip from "jszip";
 
 export { CertReader };
 export type { CertInfo };
+export type PrivateKeyType = "rsa2048" | "rsa3072" | "rsa4096" | "rsa8192" | "ec256" | "ec384";
 
 @IsTaskPlugin({
   name: "CertApplyLego",
@@ -90,6 +91,28 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
   })
   customArgs = "";
 
+  @TaskInput({
+    title: "加密算法",
+    value: "ec256",
+    component: {
+      name: "a-select",
+      vModel: "value",
+      options: [
+        { value: "rsa2048", label: "RSA 2048" },
+        { value: "rsa3072", label: "RSA 3072" },
+        { value: "rsa4096", label: "RSA 4096" },
+        { value: "rsa8192", label: "RSA 8192" },
+        { value: "ec256", label: "EC 256" },
+        { value: "ec384", label: "EC 384" },
+        // { value: "ec_521", label: "EC 521" },
+      ],
+    },
+    helper: "如无特殊需求，默认即可",
+    required: true,
+  })
+  privateKeyType!: PrivateKeyType;
+
+
   eab?: EabAccess;
 
   async onInstance() {
@@ -120,7 +143,7 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
     if (this.eab) {
       eabArgs = ` --eab --kid "${this.eab.kid}" --hmac "${this.eab.hmacKey}"`;
     }
-    const keyType = "-k rsa2048";
+    const keyType = `-k ${this.privateKeyType}`;
 
     const saveDir = `./data/.lego/pipeline_${this.pipeline.id}/`;
     const savePathArgs = `--path "${saveDir}"`;

From 9b536af9e656dc89e2a87078c129cad6f591e467 Mon Sep 17 00:00:00 2001
From: Indexyz <7685264+5aaee9@users.noreply.github.com>
Date: Fri, 11 Apr 2025 16:37:31 +0800
Subject: [PATCH 2/2] feat: release image to ghcr

---
 .github/workflows/build-image-for-test.yml |  9 +++++++++
 .github/workflows/build-image.yml          | 11 ++++++++++-
 README.md                                  |  2 ++
 3 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build-image-for-test.yml b/.github/workflows/build-image-for-test.yml
index 73ecec71..eb32c4d9 100644
--- a/.github/workflows/build-image-for-test.yml
+++ b/.github/workflows/build-image-for-test.yml
@@ -10,6 +10,7 @@ on:
 #    - cron: '17 19 * * *'
 permissions:
   contents: read
+  packages: write
 
 jobs:
   build-certd-image:
@@ -61,6 +62,13 @@ jobs:
           username: ${{ secrets.aliyun_cs_username }}
           password: ${{ secrets.aliyun_cs_password }}
 
+      - name: Login to GitHub Packages
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Login to Docker Hub
         uses: docker/login-action@v3
         with:
@@ -76,4 +84,5 @@ jobs:
           tags: |
             registry.cn-shenzhen.aliyuncs.com/handsfree/certd-dev:latest
             greper/certd-dev:latest
+            ghcr.io/${{ github.repository }}:dev-latest
 
diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml
index 1ea31067..d4d4c22f 100644
--- a/.github/workflows/build-image.yml
+++ b/.github/workflows/build-image.yml
@@ -10,6 +10,7 @@ on:
 #    - cron: '17 19 * * *'
 permissions:
   contents: read
+  packages: write
 
 jobs:
   build-certd-image:
@@ -61,6 +62,13 @@ jobs:
           username: ${{ secrets.aliyun_cs_username }}
           password: ${{ secrets.aliyun_cs_password }}
 
+      - name: Login to GitHub Packages
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+  
       - name: Login to Docker Hub
         uses: docker/login-action@v3
         with:
@@ -78,7 +86,8 @@ jobs:
             registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}
             greper/certd:latest
             greper/certd:${{steps.get_certd_version.outputs.result}}
-
+            ghcr.io/${{ github.repository }}:latest
+            ghcr.io/${{ github.repository }}:${{steps.get_certd_version.outputs.result}}
 #      - name: Build armv7
 #        uses: docker/build-push-action@v6
 #        with:
diff --git a/README.md b/README.md
index f832474e..97da7d6a 100644
--- a/README.md
+++ b/README.md
@@ -85,6 +85,8 @@ https://certd.handfree.work/
   * `https://hub.docker.com/r/greper/certd`
   * `greper/certd:latest`
   * `greper/certd:armv7`、`greper/certd:[version]-armv7`
+* GitHub Packages地址:
+  * `ghcr.io/certd/certd:latest`
 
 * 镜像构建通过`Actions`自动执行，过程公开透明，请放心使用
   * [点我查看镜像构建日志](https://github.com/certd/certd/actions/workflows/build-image.yml)