diff --git a/packages/libs/lib-k8s/src/lib/k8s.client.ts b/packages/libs/lib-k8s/src/lib/k8s.client.ts index 2032dae0..0e2fac47 100644 --- a/packages/libs/lib-k8s/src/lib/k8s.client.ts +++ b/packages/libs/lib-k8s/src/lib/k8s.client.ts @@ -90,7 +90,7 @@ export class K8sClient { async createSecret(opts: { namespace: string; body: V1Secret }) { const namespace = opts.namespace || "default"; const created = await this.client.createNamespacedSecret(namespace, opts.body); - this.logger.info("new secrets:", opts.body); + this.logger.info("new secrets:", opts.body.metadata); return created.body; } @@ -103,17 +103,33 @@ export class K8sClient { // return await this.client.replaceNamespacedSecret(secretName, namespace, opts.body); // } - async patchSecret(opts: { namespace: string; secretName: string; body: V1Secret }) { + async patchSecret(opts: { namespace: string; secretName: string; body: V1Secret; createOnNotFound?: boolean }) { const namespace = opts.namespace || "default"; const secretName = opts.secretName; if (secretName == null) { throw new Error("secretName 不能为空"); } this.logger.info("patch secret:", secretName, namespace); - const oldSecret = await this.client.readNamespacedSecret(secretName, namespace); + let oldSecret: any = null; + try { + oldSecret = await this.client.readNamespacedSecret(secretName, namespace); + } catch (e) { + //@ts-ignore + if (e.response?.body?.code === 404) { + this.logger.warn(`secret ${secretName} 不存在`); + if (opts.createOnNotFound) { + //没有找到,则创建 + const res = await this.createSecret({ namespace, body: opts.body }); + this.logger.info(`secret ${secretName} 已创建`); + return res; + } + } + throw e; + } + const newSecret = _.merge(oldSecret.body, opts.body); const res = await this.client.replaceNamespacedSecret(secretName, namespace, newSecret); - this.logger.info("secret updated"); + this.logger.info(`secret ${secretName} 已更新`); return res.body; } diff --git a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-tke-ingress/index.ts b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-tke-ingress/index.ts index 05ad7e93..950a0145 100644 --- a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-tke-ingress/index.ts +++ b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-tke-ingress/index.ts @@ -34,20 +34,6 @@ export class DeployCertToTencentTKEIngressPlugin extends AbstractTaskPlugin { }) ingressClass!: string; - /** - * AccessProvider的key,或者一个包含access的具体的对象 - */ - @TaskInput({ - title: "Access授权", - helper: "access授权", - component: { - name: "access-selector", - type: "tencent" - }, - required: true - }) - accessId!: string; - @TaskInput({ title: "腾讯云证书id", helper: "请选择“上传证书到腾讯云”前置任务的输出", @@ -66,6 +52,7 @@ export class DeployCertToTencentTKEIngressPlugin extends AbstractTaskPlugin { }) tencentCertId!: string; + @TaskInput({ title: "域名证书", helper: "请选择前置任务输出的域名证书", @@ -85,6 +72,24 @@ export class DeployCertToTencentTKEIngressPlugin extends AbstractTaskPlugin { cert!: any; + + + /** + * AccessProvider的key,或者一个包含access的具体的对象 + */ + @TaskInput({ + title: "Access授权", + helper: "access授权", + component: { + name: "access-selector", + type: "tencent" + }, + required: true + }) + accessId!: string; + + + @TaskInput({ title: "大区", value: "ap-guangzhou", required: true }) region!: string; @@ -147,6 +152,17 @@ export class DeployCertToTencentTKEIngressPlugin extends AbstractTaskPlugin { }) skipTLSVerify!:boolean + @TaskInput({ + title: "Secret自动创建", + helper: "如果Secret不存在,则创建", + value: false, + component: { + name: "a-switch", + vModel: "checked", + }, + }) + createOnNotFound: boolean; + // @TaskInput({ title: "集群内网ip", helper: "如果开启了外网的话,无需设置" }) // clusterIp!: string; @@ -288,7 +304,7 @@ export class DeployCertToTencentTKEIngressPlugin extends AbstractTaskPlugin { secretNames = [secretName]; } for (const secret of secretNames) { - await k8sClient.patchSecret({ namespace, secretName: secret, body }); + await k8sClient.patchSecret({ namespace, secretName: secret, body , createOnNotFound: this.createOnNotFound}); this.logger.info(`CertSecret已更新:${secret}`); } }