perf: 检查cname是否正确配置

2024-10-09 02:34:28 +08:00 · 2024-10-09 02:34:28 +08:00 · b5d8935159
parent 9498d189e4
commit b5d8935159
36 changed files with 321 additions and 190 deletions
--- a/package.json
+++ b/package.json
@ -4,18 +4,18 @@
  "private": true,
  "type": "module",
  "devDependencies": {
-    "@lerna-lite/cli": "^3.2.1",
-    "@lerna-lite/publish": "^3.2.1",
-    "@lerna-lite/run": "^3.2.1",
-    "@lerna-lite/version": "^3.2.1"
+    "@lerna-lite/cli": "^3.9.3",
+    "@lerna-lite/publish": "^3.9.3",
+    "@lerna-lite/run": "^3.9.3",
+    "@lerna-lite/version": "^3.9.3"
  },
  "scripts": {
    "start": "lerna bootstrap --hoist",
    "i-all": "lerna link && lerna exec npm install  ",
    "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly && npm run commitAll",
    "afterpublishOnly": "time /t >build.trigger && git add ./build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
-    "commitAll" : "git add . && git commit -m \"build: publish\" && git push && npm run commitPro",
-    "commitPro" : "cd ./packages/core/ && git add . && git commit -m \"build: publish\" && git push",
+    "commitAll": "git add . && git commit -m \"build: publish\" && git push && npm run commitPro",
+    "commitPro": "cd ./packages/core/ && git add . && git commit -m \"build: publish\" && git push",
    "prepublishOnly1": "npm run check && lerna run build ",
    "prepublishOnly2": "npm run check && npm run before-build && lerna run build ",
    "before-build": "cd ./packages/core/basic && time /t >build.md && git add ./build.md && git commit -m \"build: prepare to build\"",
@ -25,7 +25,7 @@
  },
  "license": "AGPL-3.0",
  "dependencies": {
-    "axios": "^1.7.2",
+    "axios": "^1.7.7",
    "lodash-es": "^4.17.21"
  },
  "workspaces": [
--- a/packages/core/basic/package.json
+++ b/packages/core/basic/package.json
@ -4,6 +4,7 @@
  "version": "1.25.9",
  "type": "module",
  "main": "./dist/index.js",
+  "module": "./dist/index.js",
  "types": "./dist/index.d.ts",
  "scripts": {
    "dev": "vite",
--- a/packages/core/basic/src/index.ts
+++ b/packages/core/basic/src/index.ts
@ -1 +1 @@
-export * from './utils/index.js'
+export * from './utils/index.js';
--- a/packages/core/basic/src/utils/index.ts
+++ b/packages/core/basic/src/utils/index.ts
@ -1,21 +1,21 @@
-import sleep from "./util.sleep.js";
-import { http } from "./util.request.js";
-export * from "./util.request.js";
-export * from "./util.log.js";
-export * from "./util.file.js";
-export * from "./util.sp.js";
-export * from "./util.promise.js";
-export * from "./util.hash.js";
-export * from "./util.merge.js";
-export * from "./util.cache.js";
-import { nanoid } from "nanoid";
-import { mergeUtils } from "./util.merge.js";
-import { sp } from "./util.sp.js";
-import { hashUtils } from "./util.hash.js";
-import { promises } from "./util.promise.js";
-import { fileUtils } from "./util.file.js";
-import _ from "lodash-es";
-import { cache } from "./util.cache.js";
+export * from './util.request.js';
+export * from './util.log.js';
+export * from './util.file.js';
+export * from './util.sp.js';
+export * from './util.promise.js';
+export * from './util.hash.js';
+export * from './util.merge.js';
+export * from './util.cache.js';
+import sleep from './util.sleep.js';
+import { http } from './util.request.js';
+import { nanoid } from 'nanoid';
+import { mergeUtils } from './util.merge.js';
+import { sp } from './util.sp.js';
+import { hashUtils } from './util.hash.js';
+import { promises } from './util.promise.js';
+import { fileUtils } from './util.file.js';
+import * as _ from 'lodash-es';
+import { cache } from './util.cache.js';
 import dayjs from 'dayjs';

 export const utils = {
@ -29,5 +29,5 @@ export const utils = {
  mergeUtils,
  cache,
  nanoid,
-  dayjs
+  dayjs,
 };
--- a/packages/core/pipeline/src/index.ts
+++ b/packages/core/pipeline/src/index.ts
@ -1,4 +1,3 @@
-import "util";
 export * from "./core/index.js";
 export * from "./dt/index.js";
 export * from "./access/index.js";
--- a/packages/libs/lib-server/package.json
+++ b/packages/libs/lib-server/package.json
@ -25,19 +25,21 @@
  ],
  "license": "AGPL",
  "dependencies": {
+    "@certd/basic": "^1.25.9",
    "@certd/pipeline": "^1.25.9",
-    "@midwayjs/core": "^3",
-    "@midwayjs/i18n": "^3",
-    "@midwayjs/info": "^3",
-    "@midwayjs/koa": "^3",
-    "@midwayjs/logger": "^3",
-    "@midwayjs/typeorm": "^3",
-    "@midwayjs/cache": "^3",
+    "@midwayjs/core": "~3.17.1",
+    "@midwayjs/i18n": "~3.17.3",
+    "@midwayjs/info": "~3.17.3",
+    "@midwayjs/koa": "~3.17.1",
+    "@midwayjs/logger": "~3.4.2",
+    "@midwayjs/typeorm": "~3.17.1",
+    "@midwayjs/cache": "~3.14.0",
+    "@midwayjs/upload": "^3.17.3",
    "better-sqlite3": "^11.1.2",
    "typeorm": "^0.3.20",
    "lodash-es":  "^4.17.21",
-    "dayjs": "^1.11.7",
-    "@midwayjs/upload": "^3.16.4"
+    "dayjs": "^1.11.7"
+
  },
  "devDependencies": {
    "mwts": "^1.3.0",
--- a/packages/libs/lib-server/src/system/basic/service/plus-service.ts
+++ b/packages/libs/lib-server/src/system/basic/service/plus-service.ts
@ -1,6 +1,6 @@
 import { Config, Init, Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
-import { AppKey, http, PlusRequestService, verify } from '@certd/pipeline';
-import { logger } from '@certd/pipeline';
+import { AppKey, PlusRequestService, verify } from '@certd/pipeline';
+import { logger } from '@certd/basic';
 import { SysInstallInfo, SysLicenseInfo, SysSettingsService } from '../../settings/index.js';

@Provide()
@ -18,8 +18,6 @@ export class PlusService {
    const installInfo: SysInstallInfo = await this.sysSettingsService.getSetting(SysInstallInfo);
    this.plusRequestService = new PlusRequestService({
      plusServerBaseUrls: this.plusServerBaseUrls,
-      http: http,
-      logger,
      subjectId: installInfo.siteId,
    });
  }
--- a/packages/libs/midway-flyway-js/package.json
+++ b/packages/libs/midway-flyway-js/package.json
@ -25,9 +25,9 @@
  ],
  "license": "MIT",
  "devDependencies": {
-    "@midwayjs/core": "^3",
-    "@midwayjs/logger": "^3",
-    "@midwayjs/typeorm": "^3",
+    "@midwayjs/core": "~3.17.1",
+    "@midwayjs/logger": "~3.4.2",
+    "@midwayjs/typeorm": "~3.17.1",
    "@rollup/plugin-commonjs": "^23.0.4",
    "@rollup/plugin-json": "^6.0.0",
    "@rollup/plugin-node-resolve": "^15.0.1",
--- a/packages/plugins/plugin-cert/package.json
+++ b/packages/plugins/plugin-cert/package.json
@ -14,6 +14,7 @@
    "preview": "vite preview"
  },
  "dependencies": {
+    "@certd/basic": "^1.25.9",
    "@certd/acme-client": "^1.25.9",
    "@certd/pipeline": "^1.25.9",
    "dayjs": "^1.11.7",
@ -23,7 +24,6 @@
    "rimraf": "^5.0.5"
  },
  "devDependencies": {
-    "@alicloud/cs20151215": "^3.0.3",
    "@alicloud/openapi-client": "^0.4.0",
    "@alicloud/pop-core": "^1.7.10",
    "@rollup/plugin-commonjs": "^23.0.4",
--- a/packages/plugins/plugin-cert/src/dns-provider/base.ts
+++ b/packages/plugins/plugin-cert/src/dns-provider/base.ts
@ -1,5 +1,7 @@
-import { CreateRecordOptions, DnsProviderContext, IDnsProvider, RemoveRecordOptions } from "./api.js";
+import { CreateRecordOptions, DnsProviderContext, DnsProviderDefine, IDnsProvider, RemoveRecordOptions } from "./api.js";
 import psl from "psl";
+import { dnsProviderRegistry } from "./registry.js";
+import { Decorator } from "@certd/pipeline";

 export abstract class AbstractDnsProvider<T = any> implements IDnsProvider<T> {
  ctx!: DnsProviderContext;
@ -22,3 +24,20 @@ export function parseDomain(fullDomain: string) {
  }
  return parsed.domain as string;
 }
+
+export async function createDnsProvider(opts: { dnsProviderType: string; context: DnsProviderContext }): Promise<IDnsProvider> {
+  const { dnsProviderType, context } = opts;
+  const dnsProviderPlugin = dnsProviderRegistry.get(dnsProviderType);
+  const DnsProviderClass = dnsProviderPlugin.target;
+  const dnsProviderDefine = dnsProviderPlugin.define as DnsProviderDefine;
+  if (dnsProviderDefine.deprecated) {
+    throw new Error(dnsProviderDefine.deprecated);
+  }
+  // @ts-ignore
+  const dnsProvider: IDnsProvider = new DnsProviderClass();
+
+  Decorator.inject(dnsProviderDefine.autowire, dnsProvider, context);
+  dnsProvider.setCtx(context);
+  await dnsProvider.onInstance();
+  return dnsProvider;
+}
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
@ -1,8 +1,8 @@
-import { Decorator, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput, utils } from "@certd/pipeline";
+import { IsTaskPlugin, pluginGroups, RunStrategy, TaskInput, utils } from "@certd/pipeline";
 import type { CertInfo, CnameVerifyPlan, DomainsVerifyPlan, PrivateKeyType, SSLProvider } from "./acme.js";
 import { AcmeService } from "./acme.js";
 import _ from "lodash-es";
-import { DnsProviderContext, DnsProviderDefine, dnsProviderRegistry, IDnsProvider } from "../../dns-provider/index.js";
+import { createDnsProvider, DnsProviderContext, IDnsProvider } from "../../dns-provider/index.js";
 import { CertReader } from "./cert-reader.js";
 import { CertApplyBasePlugin } from "./base.js";

@ -271,21 +271,12 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
  }

  async createDnsProvider(dnsProviderType: string, dnsProviderAccessId: number): Promise<IDnsProvider> {
-    const dnsProviderPlugin = dnsProviderRegistry.get(dnsProviderType);
-    const DnsProviderClass = dnsProviderPlugin.target;
-    const dnsProviderDefine = dnsProviderPlugin.define as DnsProviderDefine;
-    if (dnsProviderDefine.deprecated) {
-      throw new Error(dnsProviderDefine.deprecated);
-    }
    const access = await this.accessService.getById(dnsProviderAccessId);
-
-    // @ts-ignore
-    const dnsProvider: IDnsProvider = new DnsProviderClass();
-    const context: DnsProviderContext = { access, logger: this.logger, http: this.http, utils };
-    Decorator.inject(dnsProviderDefine.autowire, dnsProvider, context);
-    dnsProvider.setCtx(context);
-    await dnsProvider.onInstance();
-    return dnsProvider;
+    const context: DnsProviderContext = { access, logger: this.logger, http: this.ctx.http, utils };
+    return await createDnsProvider({
+      dnsProviderType,
+      context,
+    });
  }

  async createDomainsVerifyPlan(): Promise<DomainsVerifyPlan> {
--- a/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/api.ts
+++ b/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/api.ts
@ -24,3 +24,13 @@ export async function GetByDomain(domain: string) {
    }
  });
 }
+
+export async function DoVerify(id: number) {
+  return await request({
+    url: apiPrefix + "/verify",
+    method: "post",
+    data: {
+      id
+    }
+  });
+}
--- a/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-record-info.vue
+++ b/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-record-info.vue
@ -1,34 +1,34 @@
 <template>
  <tbody v-if="cnameRecord" class="cname-record-info">
-  <tr>
-    <!--    <td class="domain">-->
-    <!--      {{ props.domain }}-->
-    <!--    </td>-->
-    <td class="host-record" :title="'域名：' + props.domain">
-      <fs-copyable v-model="cnameRecord.hostRecord"></fs-copyable>
-    </td>
-    <td class="record-value">
-      <fs-copyable v-model="cnameRecord.recordValue"></fs-copyable>
-    </td>
-    <td class="status center flex-center">
-      <fs-values-format v-model="cnameRecord.status" :dict="statusDict"/>
-      <fs-icon icon="ion:refresh-outline" class="pointer" @click="doRefresh"></fs-icon>
-    </td>
-  </tr>
+    <tr>
+      <!--    <td class="domain">-->
+      <!--      {{ props.domain }}-->
+      <!--    </td>-->
+      <td class="host-record" :title="'域名：' + props.domain">
+        <fs-copyable v-model="cnameRecord.hostRecord"></fs-copyable>
+      </td>
+      <td class="record-value">
+        <fs-copyable v-model="cnameRecord.recordValue"></fs-copyable>
+      </td>
+      <td class="status center flex-center">
+        <fs-values-format v-model="cnameRecord.status" :dict="statusDict" />
+        <fs-icon icon="ion:refresh-outline" class="pointer" @click="doVerify"></fs-icon>
+      </td>
+    </tr>
  </tbody>
 </template>

 <script lang="ts" setup>
-import {CnameRecord, GetByDomain} from "/@/components/plugins/cert/domains-verify-plan-editor/api";
-import {ref, watch} from "vue";
-import {dict} from "@fast-crud/fast-crud";
-
+import { CnameRecord, GetByDomain } from "/@/components/plugins/cert/domains-verify-plan-editor/api";
+import { ref, watch } from "vue";
+import { dict } from "@fast-crud/fast-crud";
+import * as api from "./api.js";
 const statusDict = dict({
  data: [
-    {label: "待设置CNAME", value: "cname", color: "warning"},
-    {label: "验证中", value: "validating", color: "primary"},
-    {label: "验证成功", value: "valid", color: "success"},
-    {label: "验证失败", value: "failed", color: "error"}
+    { label: "待设置CNAME", value: "cname", color: "warning" },
+    { label: "验证中", value: "validating", color: "primary" },
+    { label: "验证成功", value: "valid", color: "success" },
+    { label: "验证失败", value: "failed", color: "error" }
  ]
 });

@ -65,14 +65,22 @@ async function doRefresh() {
 }

 watch(
-    () => props.domain,
-    async (value) => {
-      await doRefresh();
-    },
-    {
-      immediate: true
-    }
+  () => props.domain,
+  async (value) => {
+    await doRefresh();
+  },
+  {
+    immediate: true
+  }
 );
+
+async function doVerify() {
+  if (!cnameRecord.value || !cnameRecord.value.id) {
+    return;
+  }
+  await api.DoVerify(cnameRecord.value.id);
+  await doRefresh();
+}
 </script>

 <style lang="less">
--- a/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-verify-plan.vue
+++ b/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-verify-plan.vue
@ -1,13 +1,11 @@
 <template>
  <table class="cname-verify-plan">
    <thead>
-
-
-    <tr>
-      <td style="width: 160px">主机记录</td>
-      <td style="width: 250px">请设置CNAME记录</td>
-      <td style="width: 120px" class="center">状态</td>
-    </tr>
+      <tr>
+        <td style="width: 160px">主机记录</td>
+        <td style="width: 250px">请设置CNAME记录（设置以后不要删除）</td>
+        <td style="width: 120px" class="center">状态</td>
+      </tr>
    </thead>
    <template v-for="key in domains" :key="key">
      <cname-record-info :domain="key" @change="onRecordChange(key, $event)" />
--- a/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/index.vue
+++ b/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/index.vue
@ -8,55 +8,55 @@
        </div>
        <table class="plan-table">
          <thead>
-          <tr>
-            <th>域名</th>
-            <th>验证方式</th>
-            <th>验证计划</th>
-          </tr>
+            <tr>
+              <th>域名</th>
+              <th>验证方式</th>
+              <th>验证计划</th>
+            </tr>
          </thead>
          <tbody>
-          <tr v-for="(item, key) of planRef" :key="key" class="row">
-            <td>{{ item.domain }}</td>
-            <td>
-              <div class="type">
-                <a-select v-model:value="item.type" size="small" :options="challengeTypeOptions" @change="onPlanChanged"></a-select>
-              </div>
-            </td>
-            <td style="padding: 0">
-              <div class="plan">
-                <div v-if="item.type === 'dns'" class="plan-dns">
-                  <div class="form-item">
-                    <span class="label">DNS类型：</span>
-                    <span class="input">
-                      <fs-dict-select
-                        v-model="item.dnsProviderType"
-                        size="small"
-                        :dict="dnsProviderTypeDict"
-                        placeholder="DNS提供商"
-                        @change="onPlanChanged"
-                      ></fs-dict-select>
-                    </span>
+            <tr v-for="(item, key) of planRef" :key="key" class="row">
+              <td>{{ item.domain }}</td>
+              <td>
+                <div class="type">
+                  <a-select v-model:value="item.type" size="small" :options="challengeTypeOptions" @change="onPlanChanged"></a-select>
+                </div>
+              </td>
+              <td style="padding: 0">
+                <div class="plan">
+                  <div v-if="item.type === 'dns'" class="plan-dns">
+                    <div class="form-item">
+                      <span class="label">DNS类型：</span>
+                      <span class="input">
+                        <fs-dict-select
+                          v-model="item.dnsProviderType"
+                          size="small"
+                          :dict="dnsProviderTypeDict"
+                          placeholder="DNS提供商"
+                          @change="onPlanChanged"
+                        ></fs-dict-select>
+                      </span>
+                    </div>
+                    <a-divider type="vertical" />
+                    <div class="form-item">
+                      <span class="label">DNS授权：</span>
+                      <span class="input">
+                        <access-selector
+                          v-model="item.dnsProviderAccessId"
+                          size="small"
+                          :type="item.dnsProviderType"
+                          placeholder="请选择"
+                          @change="onPlanChanged"
+                        ></access-selector>
+                      </span>
+                    </div>
                  </div>
-                  <a-divider type="vertical" />
-                  <div class="form-item">
-                    <span class="label">DNS授权：</span>
-                    <span class="input">
-                      <access-selector
-                        v-model="item.dnsProviderAccessId"
-                        size="small"
-                        :type="item.dnsProviderType"
-                        placeholder="请选择"
-                        @change="onPlanChanged"
-                      ></access-selector>
-                    </span>
+                  <div v-if="item.type === 'cname'" class="plan-cname">
+                    <cname-verify-plan v-model="item.cnameVerifyPlan" @change="onPlanChanged" />
                  </div>
                </div>
-                <div v-if="item.type === 'cname'" class="plan-cname">
-                  <cname-verify-plan v-model="item.cnameVerifyPlan" @change="onPlanChanged" />
-                </div>
-              </div>
-            </td>
-          </tr>
+              </td>
+            </tr>
          </tbody>
        </table>
        <div class="error">
@ -119,7 +119,6 @@ const dnsProviderTypeDict = dict({
  url: "pi/dnsProvider/dnsProviderTypeDict"
 });
 function onPlanChanged() {
-  debugger;
  emit("update:modelValue", planRef.value);
 }

--- a/packages/ui/certd-server/package.json
+++ b/packages/ui/certd-server/package.json
@ -21,7 +21,6 @@
    "flame": "clinic flame   -- node ./bootstrap.js"
  },
  "dependencies": {
-    "@alicloud/cs20151215": "^3.0.3",
    "@alicloud/pop-core": "^1.7.10",
    "@certd/acme-client": "^1.25.9",
    "@certd/commercial-core": "^1.25.9",
@ -35,27 +34,27 @@
    "@certd/plugin-plus": "^1.25.9",
    "@certd/plus-core": "^1.25.9",
    "@koa/cors": "^5.0.0",
-    "@midwayjs/bootstrap": "^3.16.2",
-    "@midwayjs/cache": "^3.14.0",
-    "@midwayjs/core": "^3.16.2",
-    "@midwayjs/i18n": "^3.16.4",
-    "@midwayjs/info": "^3.16.4",
-    "@midwayjs/koa": "^3.16.4",
-    "@midwayjs/logger": "^3.1.0",
-    "@midwayjs/static-file": "^3.16.4",
-    "@midwayjs/typeorm": "^3.16.4",
-    "@midwayjs/upload": "~3.16.4",
-    "@midwayjs/validate": "^3.16.4",
+    "@midwayjs/bootstrap": "~3.17.1",
+    "@midwayjs/cache": "~3.14.0",
+    "@midwayjs/core": "~3.17.1",
+    "@midwayjs/i18n": "~3.17.3",
+    "@midwayjs/info": "~3.17.3",
+    "@midwayjs/koa": "~3.17.1",
+    "@midwayjs/logger": "~3.4.2",
+    "@midwayjs/static-file": "~3.17.3",
+    "@midwayjs/typeorm": "~3.17.1",
+    "@midwayjs/upload": "~3.17.3",
+    "@midwayjs/validate": "~3.17.3",
    "ali-oss": "^6.21.0",
    "axios": "^1.7.2",
    "basic-ftp": "^5.0.5",
    "bcryptjs": "^2.4.3",
    "better-sqlite3": "^11.1.2",
-    "cache-manager": "^3.6.3",
+    "cache-manager": "^6.1.0",
    "cron-parser": "^4.9.0",
    "dayjs": "^1.11.7",
    "form-data": "^4.0.0",
-    "glob": "^10.4.5",
+    "glob": "^11.0.0",
    "https-proxy-agent": "^7.0.5",
    "iconv-lite": "^0.6.3",
    "js-yaml": "^4.1.0",
@ -64,7 +63,7 @@
    "kubernetes-client": "^9.0.0",
    "lodash-es": "^4.17.21",
    "log4js": "^6.7.1",
-    "lru-cache": "^10.2.0",
+    "lru-cache": "^11.0.1",
    "md5": "^2.3.0",
    "mwtsc": "^1.4.0",
    "nanoid": "^5.0.7",
@ -73,8 +72,8 @@
    "psl": "^1.9.0",
    "qiniu": "^7.12.0",
    "querystring": "^0.2.1",
-    "reflect-metadata": "^0.1.13",
-    "rimraf": "^5.0.5",
+    "reflect-metadata": "^0.2.2",
+    "rimraf": "^6.0.1",
    "socks": "^2.8.3",
    "socks-proxy-agent": "^8.0.4",
    "ssh2": "^1.15.0",
@ -83,24 +82,24 @@
    "syno": "^2.2.0",
    "tencentcloud-sdk-nodejs": "^4.0.44",
    "typeorm": "^0.3.20",
-    "uuid": "^8.3.2"
+    "uuid": "^10.0.0"
  },
  "devDependencies": {
-    "@midwayjs/mock": "^3.16.4",
+    "@midwayjs/mock": "~3.17.1",
    "@types/ali-oss": "^6.16.11",
-    "@types/cache-manager": "^3.4.3",
-    "@types/jest": "^26.0.24",
-    "@types/koa": "2.13.4",
+    "@types/cache-manager": "^4.0.6",
+    "@types/jest": "^29.5.13",
+    "@types/koa": "2.15.0",
    "@types/lodash-es": "^4.17.12",
    "@types/mocha": "^10.0.1",
    "@types/node": "^18",
    "@types/nodemailer": "^6.4.8",
    "@types/ssh2": "^1.15.0",
-    "c8": "^8.0.1",
+    "c8": "^10.1.2",
    "cross-env": "^7.0.3",
    "mocha": "^10.2.0",
    "mwts": "^1.3.0",
-    "prettier": "^2.8.8",
+    "prettier": "^3.3.3",
    "ts-node": "^10.9.2",
    "typescript": "^5.4.2"
  },
--- a/packages/ui/certd-server/src/modules/cname/controller/cname-record-controller.ts
+++ b/packages/ui/certd-server/src/modules/cname/controller/cname-record-controller.ts
@ -58,4 +58,12 @@ export class CnameRecordController extends CrudController<CnameRecordService> {
    const res = await this.service.getByDomain(body.domain, userId, body.createOnNotFound);
    return this.ok(res);
  }
+
+  @Post('/verify', { summary: Constants.per.authOnly })
+  async verify(@Body(ALL) body: { id: string }) {
+    const userId = this.ctx.user.id;
+    await this.service.checkUserId(body.id, userId);
+    const res = await this.service.verify(body.id);
+    return this.ok(res);
+  }
 }
--- a/packages/ui/certd-server/src/modules/cname/entity/cname-record.ts
+++ b/packages/ui/certd-server/src/modules/cname/entity/cname-record.ts
@ -1,5 +1,5 @@
 import { Column, Entity, PrimaryGeneratedColumn } from 'typeorm';
-
+export type CnameRecordStatusType = 'cname' | 'validating' | 'valid' | 'error';
 /**
 * cname record配置
 */
--- a/packages/ui/certd-server/src/modules/cname/service/cname-record-service.ts
+++ b/packages/ui/certd-server/src/modules/cname/service/cname-record-service.ts
@ -2,11 +2,14 @@ import { Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
 import { InjectEntityModel } from '@midwayjs/typeorm';
 import { Repository } from 'typeorm';
 import { BaseService, ValidateException } from '@certd/lib-server';
-import { CnameRecordEntity } from '../entity/cname-record.js';
+import { CnameRecordEntity, CnameRecordStatusType } from '../entity/cname-record.js';
 import { v4 as uuidv4 } from 'uuid';
 import { CnameProviderService } from '../../sys/cname/service/cname-provider-service.js';
 import { CnameProviderEntity } from '../../sys/cname/entity/cname_provider.js';
-import { parseDomain } from '@certd/plugin-cert';
+import { createDnsProvider, IDnsProvider, parseDomain } from '@certd/plugin-cert';
+import { cache, http, logger, utils } from '@certd/pipeline';
+import dns from 'dns';
+import { AccessService } from '../../pipeline/service/access-service.js';

 /**
 * 授权
@ -19,6 +22,10 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {

  @Inject()
  cnameProviderService: CnameProviderService;
+
+  @Inject()
+  accessService: AccessService;
+  //@ts-ignore
  getRepository() {
    return this.repository;
  }
@ -130,4 +137,81 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
      cnameProvider: provider,
    };
  }
+
+  /**
+   * 验证是否配置好cname
+   * @param id
+   */
+  async verify(id: string) {
+    const bean = await this.info(id);
+    if (!bean) {
+      throw new ValidateException(`CnameRecord:${id} 不存在`);
+    }
+    const cacheKey = `cname.record.verify.${bean.id}`;
+
+    type CacheValue = {
+      ready: boolean;
+      pass: boolean;
+    };
+    let value: CacheValue = cache.get(cacheKey);
+    if (!value) {
+      value = {
+        ready: false,
+        pass: false,
+      };
+    }
+
+    const originDomain = parseDomain(bean.domain);
+    const fullDomain = `${bean.hostRecord}.${originDomain}`;
+    const recordValue = bean.recordValue.substring(0, bean.recordValue.indexOf('.'));
+    const checkRecordValue = async () => {
+      logger.info(`检查CNAME配置 ${fullDomain} ${recordValue}`);
+      const txtRecords = await dns.promises.resolveTxt(fullDomain);
+      let records: string[] = [];
+      if (txtRecords.length) {
+        records = [].concat(...txtRecords);
+      }
+      logger.info(`检查到TXT记录 ${JSON.stringify(records)}`);
+      const success = records.includes(recordValue);
+      if (success) {
+        logger.info(`检测到CNAME配置,修改状态 ${fullDomain} ${recordValue}`);
+        await this.updateStatus(bean.id, 'valid');
+        value.pass = true;
+      }
+    };
+
+    if (value.ready) {
+      // lookup recordValue in dns
+      return await checkRecordValue();
+    }
+
+    const ttl = 60 * 60 * 30;
+    cache.set(cacheKey, value, {
+      ttl: ttl,
+    });
+
+    const cnameProvider = await this.cnameProviderService.info(bean.cnameProviderId);
+    const access = await this.accessService.getById(cnameProvider.accessId, bean.userId);
+    const context = { access, logger, http, utils };
+    const dnsProvider: IDnsProvider = await createDnsProvider({
+      dnsProviderType: cnameProvider.dnsProviderType,
+      context,
+    });
+    const domain = parseDomain(bean.recordValue);
+    const fullRecord = bean.recordValue;
+    const hostRecord = fullRecord.replace(`.${domain}`, '');
+    const req = {
+      domain: domain,
+      fullRecord: fullRecord,
+      hostRecord: hostRecord,
+      type: 'TXT',
+      value: recordValue,
+    };
+    await dnsProvider.createRecord(req);
+    value.ready = true;
+  }
+
+  async updateStatus(id: number, status: CnameRecordStatusType) {
+    await this.getRepository().update(id, { status });
+  }
 }
--- a/packages/ui/certd-server/src/modules/mine/service/user-settings-service.ts
+++ b/packages/ui/certd-server/src/modules/mine/service/user-settings-service.ts
@ -13,6 +13,7 @@ export class UserSettingsService extends BaseService<UserSettingsEntity> {
  @InjectEntityModel(UserSettingsEntity)
  repository: Repository<UserSettingsEntity>;

+  //@ts-ignore
  getRepository() {
    return this.repository;
  }
--- a/packages/ui/certd-server/src/modules/pipeline/controller/handle-controller.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/controller/handle-controller.ts
@ -15,6 +15,7 @@ import {
 import { BaseController } from '@certd/lib-server';
 import { AccessService } from '../service/access-service.js';
 import { EmailService } from '../../basic/service/email-service.js';
+import { AccessGetter } from '../service/access-getter.js';

@Provide()
@Controller('/api/pi/handle')
@ -49,6 +50,7 @@ export class HandleController extends BaseController {

  @Post('/plugin', { summary: Constants.per.authOnly })
  async pluginRequest(@Body(ALL) body: PluginRequestHandleReq) {
+    const userId = this.getUserId();
    const pluginDefine = pluginRegistry.get(body.typeName);
    const pluginCls = pluginDefine.target;
    if (pluginCls == null) {
@ -59,6 +61,9 @@ export class HandleController extends BaseController {
    const plugin: PluginRequestHandler = new pluginCls();
    //@ts-ignore
    const instance = plugin as ITaskPlugin;
+
+    const accessGetter = new AccessGetter(userId, this.accessService.getById.bind(this.accessService));
+
    //@ts-ignore
    const taskCtx: TaskInstanceContext = {
      pipeline: undefined,
@ -67,7 +72,7 @@ export class HandleController extends BaseController {
      http,
      logger: logger,
      inputChanged: true,
-      accessService: this.accessService,
+      accessService: accessGetter,
      emailService: this.emailService,
      pipelineContext: undefined,
      userContext: undefined,
--- a/packages/ui/certd-server/src/modules/pipeline/controller/pipeline-controller.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/controller/pipeline-controller.ts
@ -1,11 +1,9 @@
 import { ALL, Body, Controller, Inject, Post, Provide, Query } from '@midwayjs/core';
-import { CrudController } from '@certd/lib-server';
+import { Constants, CrudController, SysSettingsService } from '@certd/lib-server';
 import { PipelineService } from '../service/pipeline-service.js';
 import { PipelineEntity } from '../entity/pipeline.js';
-import { Constants } from '@certd/lib-server';
 import { HistoryService } from '../service/history-service.js';
 import { AuthService } from '../../sys/authority/service/auth-service.js';
-import { SysSettingsService } from '@certd/lib-server';

 /**
 * 证书
--- a/packages/ui/certd-server/src/modules/pipeline/service/access-service.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/service/access-service.ts
@ -18,6 +18,7 @@ export class AccessService extends BaseService<AccessEntity> {
  @Inject()
  encryptService: EncryptService;

+  //@ts-ignore
  getRepository() {
    return this.repository;
  }
@ -101,13 +102,13 @@ export class AccessService extends BaseService<AccessEntity> {
    return await super.update(param);
  }

-  async getById(id: any, userId?: number): Promise<any> {
+  async getById(id: any, userId: number): Promise<any> {
    const entity = await this.info(id);
    if (entity == null) {
      throw new Error(`该授权配置不存在,请确认是否已被删除:id=${id}`);
    }
    if (userId !== entity.userId) {
-      throw new PermissionException('您对该授权无访问权限');
+      throw new PermissionException('您对该Access授权无访问权限');
    }
    // const access = accessRegistry.get(entity.type);
    const setting = this.decryptAccessEntity(entity);
--- a/packages/ui/certd-server/src/modules/pipeline/service/history-log-service.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/service/history-log-service.ts
@ -13,6 +13,7 @@ export class HistoryLogService extends BaseService<HistoryLogEntity> {
  @InjectEntityModel(HistoryLogEntity)
  repository: Repository<HistoryLogEntity>;

+  //@ts-ignore
  getRepository() {
    return this.repository;
  }
--- a/packages/ui/certd-server/src/modules/pipeline/service/history-service.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/service/history-service.ts
@ -27,6 +27,7 @@ export class HistoryService extends BaseService<HistoryEntity> {
  @Config('certd')
  private certdConfig: any;

+  //@ts-ignore
  getRepository() {
    return this.repository;
  }
--- a/packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts
@ -54,6 +54,7 @@ export class PipelineService extends BaseService<PipelineEntity> {
  @Config('certd')
  private certdConfig: any;

+  //@ts-ignore
  getRepository() {
    return this.repository;
  }
--- a/packages/ui/certd-server/src/modules/pipeline/service/storage-service.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/service/storage-service.ts
@ -12,6 +12,7 @@ export class StorageService extends BaseService<StorageEntity> {
  @InjectEntityModel(StorageEntity)
  repository: Repository<StorageEntity>;

+  //@ts-ignore
  getRepository() {
    return this.repository;
  }
--- a/packages/ui/certd-server/src/modules/sys/authority/service/auth-service.ts
+++ b/packages/ui/certd-server/src/modules/sys/authority/service/auth-service.ts
@ -1,6 +1,5 @@
 import { Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
 import { RoleService } from './role-service.js';
-import { BaseService } from '@certd/lib-server';

 /**
 * 权限校验
@ -28,7 +27,7 @@ export class AuthService {
    }
  }

-  async checkEntityUserId(ctx: any, service: BaseService<any>, id: any = 0, userKey = 'userId') {
+  async checkEntityUserId(ctx: any, service: any, id: any = 0, userKey = 'userId') {
    const isAdmin = await this.isAdmin(ctx);
    if (isAdmin) {
      return true;
--- a/packages/ui/certd-server/src/modules/sys/authority/service/permission-service.ts
+++ b/packages/ui/certd-server/src/modules/sys/authority/service/permission-service.ts
@ -13,6 +13,7 @@ export class PermissionService extends BaseService<PermissionEntity> {
  @InjectEntityModel(PermissionEntity)
  repository: Repository<PermissionEntity>;

+  //@ts-ignore
  getRepository() {
    return this.repository;
  }
--- a/packages/ui/certd-server/src/modules/sys/authority/service/role-permission-service.ts
+++ b/packages/ui/certd-server/src/modules/sys/authority/service/role-permission-service.ts
@ -13,6 +13,7 @@ export class RolePermissionService extends BaseService<RolePermissionEntity> {
  @InjectEntityModel(RolePermissionEntity)
  repository: Repository<RolePermissionEntity>;

+  //@ts-ignore
  getRepository() {
    return this.repository;
  }
--- a/packages/ui/certd-server/src/modules/sys/authority/service/role-service.ts
+++ b/packages/ui/certd-server/src/modules/sys/authority/service/role-service.ts
@ -29,7 +29,8 @@ export class RoleService extends BaseService<RoleEntity> {
    ttl: 1000 * 60 * 10,
  });

-  getRepository() {
+ //@ts-ignore
+getRepository() {
    return this.repository;
  }

--- a/packages/ui/certd-server/src/modules/sys/authority/service/user-role-service.ts
+++ b/packages/ui/certd-server/src/modules/sys/authority/service/user-role-service.ts
@ -13,6 +13,7 @@ export class UserRoleService extends BaseService<UserRoleEntity> {
  @InjectEntityModel(UserRoleEntity)
  repository: Repository<UserRoleEntity>;

+  //@ts-ignore
  getRepository() {
    return this.repository;
  }
--- a/packages/ui/certd-server/src/modules/sys/authority/service/user-service.ts
+++ b/packages/ui/certd-server/src/modules/sys/authority/service/user-service.ts
@ -34,6 +34,7 @@ export class UserService extends BaseService<UserEntity> {
  @Inject()
  sysSettingsService: SysSettingsService;

+  //@ts-ignore
  getRepository() {
    return this.repository;
  }
--- a/packages/ui/certd-server/src/modules/sys/cname/service/cname-provider-service.ts
+++ b/packages/ui/certd-server/src/modules/sys/cname/service/cname-provider-service.ts
@ -13,6 +13,7 @@ export class CnameProviderService extends BaseService<CnameProviderEntity> {
  @InjectEntityModel(CnameProviderEntity)
  repository: Repository<CnameProviderEntity>;

+  //@ts-ignore
  getRepository() {
    return this.repository;
  }
--- a/packages/ui/certd-server/src/modules/sys/plus/plus-controller.ts
+++ b/packages/ui/certd-server/src/modules/sys/plus/plus-controller.ts
@ -1,10 +1,6 @@
 import { ALL, Body, Controller, Get, Inject, Post, Provide } from '@midwayjs/core';
-import { Constants, SysSettingsService } from '@certd/lib-server';
-import { BaseController } from '@certd/lib-server';
-import { AppKey, http, PlusRequestService, verify } from '@certd/pipeline';
-import { SysInstallInfo } from '@certd/lib-server';
-import { logger } from '@certd/pipeline';
-import { PlusService } from '@certd/lib-server';
+import { BaseController, Constants, PlusService, SysInstallInfo, SysSettingsService } from '@certd/lib-server';
+import { AppKey, logger, PlusRequestService, verify } from '@certd/pipeline';

 /**
 */
@ -63,8 +59,6 @@ export class SysPlusController extends BaseController {
    const timestamps = 1728365013899;
    const bindUrl = 'http://89.21.0.171:7001/';
    const service = new PlusRequestService({
-      logger: logger,
-      http: http,
      subjectId: subjectId,
      plusServerBaseUrls: ['https://api.ai.handsfree.work'],
    });
--- a/packages/ui/certd-server/src/plugins/plugin-aliyun/dns-provider/aliyun-dns-provider.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-aliyun/dns-provider/aliyun-dns-provider.ts
@ -107,16 +107,23 @@ export class AliyunDnsProvider extends AbstractDnsProvider {

    try {
      const ret = await this.client.request('AddDomainRecord', params, requestOption);
-      this.logger.info('添加域名解析成功:', value, value, ret.RecordId);
+      this.logger.info('添加域名解析成功:', JSON.stringify(options), ret.RecordId);
      return ret.RecordId;
    } catch (e: any) {
      if (e.code === 'DomainRecordDuplicate') {
        return;
      }
      this.logger.info('添加域名解析出错', e);
-      throw e;
+      this.resolveError(e, options);
    }
  }
+
+  resolveError(e: any, req: CreateRecordOptions) {
+    if (e.Message.indexOf('The specified domain name does not exist') > -1) {
+      throw new Error(`阿里云账号中不存在此域名:${req.domain}`);
+    }
+    throw e;
+  }
  async removeRecord(options: RemoveRecordOptions<any>): Promise<any> {
    const { fullRecord, value } = options.recordReq;
    const record = options.recordRes;