diff --git a/packages/ui/certd-server/.dockerignore b/packages/ui/certd-server/.dockerignore index 9ebc66f8..cd8cf02a 100644 --- a/packages/ui/certd-server/.dockerignore +++ b/packages/ui/certd-server/.dockerignore @@ -16,4 +16,4 @@ run/ /data/db.sqlite */node_modules certd-server/tools/windows/ - +.clinic diff --git a/packages/ui/certd-server/.gitignore b/packages/ui/certd-server/.gitignore index eff795c3..9d5482af 100755 --- a/packages/ui/certd-server/.gitignore +++ b/packages/ui/certd-server/.gitignore @@ -16,3 +16,4 @@ run/ /test/setup.js /test/setup.ts /data/ +.clinic diff --git a/packages/ui/certd-server/package.json b/packages/ui/certd-server/package.json index 470b6dd4..fd7b3ad4 100644 --- a/packages/ui/certd-server/package.json +++ b/packages/ui/certd-server/package.json @@ -15,7 +15,8 @@ "ci": "npm run cov", "build": "mwtsc --cleanOutDir --skipLibCheck", "build-on-docker": "node ./before-build.js && npm run build", - "up-mw-deps": "npx midway-version -u -w" + "up-mw-deps": "npx midway-version -u -w", + "clinic": "clinic heapprofiler -- node ./bootstrap.js" }, "dependencies": { "@alicloud/cs20151215": "^3.0.3", diff --git a/packages/ui/certd-server/src/modules/authority/service/user-service.ts b/packages/ui/certd-server/src/modules/authority/service/user-service.ts index 5e883c7a..632d74df 100644 --- a/packages/ui/certd-server/src/modules/authority/service/user-service.ts +++ b/packages/ui/certd-server/src/modules/authority/service/user-service.ts @@ -11,10 +11,10 @@ import { PermissionService } from './permission-service.js'; import { UserRoleService } from './user-role-service.js'; import { Constants } from '../../../basic/constants.js'; import { UserRoleEntity } from '../entity/user-role.js'; -import { randomText } from 'svg-captcha'; import bcrypt from 'bcryptjs'; import { SysSettingsService } from '../../system/service/sys-settings-service.js'; import { SysInstallInfo } from '../../system/service/models.js'; +import { RandomUtil } from '../../../utils/random.js'; /** * 系统用户 @@ -64,7 +64,7 @@ export class UserService extends BaseService { if (!_.isEmpty(exists)) { throw new CommonException('用户名已经存在'); } - const plainPassword = param.password ?? randomText(6); + const plainPassword = param.password ?? RandomUtil.randomStr(6); param.passwordVersion = 2; param.password = await this.genPassword(plainPassword, param.passwordVersion); // 默认密码 建议未改密码不能登陆 await super.add(param); @@ -156,7 +156,7 @@ export class UserService extends BaseService { passwordVersion: 2, }); if (!newUser.password) { - newUser.password = randomText(6); + newUser.password = RandomUtil.randomStr(6); } newUser.password = await this.genPassword(newUser.password, newUser.passwordVersion); diff --git a/packages/ui/certd-server/src/modules/basic/service/code-service.ts b/packages/ui/certd-server/src/modules/basic/service/code-service.ts index c2f6f11a..ab076e8b 100644 --- a/packages/ui/certd-server/src/modules/basic/service/code-service.ts +++ b/packages/ui/certd-server/src/modules/basic/service/code-service.ts @@ -1,6 +1,5 @@ import { Inject, Provide } from '@midwayjs/core'; import { CacheManager } from '@midwayjs/cache'; -import svgCaptcha from 'svg-captcha'; // {data: '', text: 'abcd'} /** @@ -14,6 +13,7 @@ export class CodeService { */ async generateCaptcha(randomStr) { console.assert(randomStr < 10, 'randomStr 过长'); + const svgCaptcha = await import('svg-captcha'); const c = svgCaptcha.create(); //{data: '', text: 'abcd'} const imgCode = c.text; // = RandomUtil.randomStr(4, true); diff --git a/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-ack-ingress/index.ts b/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-ack-ingress/index.ts index 1290899a..9e746e55 100644 --- a/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-ack-ingress/index.ts +++ b/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-ack-ingress/index.ts @@ -2,7 +2,6 @@ import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput, // @ts-ignore import { ROAClient } from '@alicloud/pop-core'; import { AliyunAccess } from '../../access/index.js'; -import { K8sClient } from '@certd/lib-k8s'; import { appendTimeSuffix } from '../../utils/index.js'; import { CertInfo } from '@certd/plugin-cert'; @@ -105,8 +104,11 @@ export class DeployCertToAliyunAckIngressPlugin extends AbstractTaskPlugin { required: true, }) accessId!: string; - - async onInstance(): Promise {} + K8sClient: any; + async onInstance() { + const sdk = await import('@certd/lib-k8s'); + this.K8sClient = sdk.K8sClient; + } async execute(): Promise { console.log('开始部署证书到阿里云cdn'); const { regionId, ingressClass, clusterId, isPrivateIpAddress, cert } = this; @@ -115,7 +117,7 @@ export class DeployCertToAliyunAckIngressPlugin extends AbstractTaskPlugin { const kubeConfigStr = await this.getKubeConfig(client, clusterId, isPrivateIpAddress); this.logger.info('kubeconfig已成功获取'); - const k8sClient = new K8sClient({ + const k8sClient = new this.K8sClient({ kubeConfigStr, logger: this.logger, }); @@ -131,7 +133,7 @@ export class DeployCertToAliyunAckIngressPlugin extends AbstractTaskPlugin { // await this.restartIngress({ k8sClient, props }) } - async restartIngress(options: { k8sClient: K8sClient }) { + async restartIngress(options: { k8sClient: any }) { const { k8sClient } = options; const { namespace } = this; @@ -168,7 +170,7 @@ export class DeployCertToAliyunAckIngressPlugin extends AbstractTaskPlugin { } } - async patchNginxCertSecret(options: { cert: CertInfo; k8sClient: K8sClient }) { + async patchNginxCertSecret(options: { cert: CertInfo; k8sClient: any }) { const { cert, k8sClient } = options; const crt = cert.crt; const key = cert.key; diff --git a/packages/ui/certd-server/src/plugins/plugin-host/lib/ssh.ts b/packages/ui/certd-server/src/plugins/plugin-host/lib/ssh.ts index 126648ce..8cb304f1 100644 --- a/packages/ui/certd-server/src/plugins/plugin-host/lib/ssh.ts +++ b/packages/ui/certd-server/src/plugins/plugin-host/lib/ssh.ts @@ -148,6 +148,7 @@ export class AsyncSsh2Client { } } } + export class SshClient { logger: ILogger; constructor(logger: ILogger) { diff --git a/packages/ui/certd-server/src/plugins/plugin-other/plugins/plugin-k8s.ts b/packages/ui/certd-server/src/plugins/plugin-other/plugins/plugin-k8s.ts index c6027b41..411c9dc2 100644 --- a/packages/ui/certd-server/src/plugins/plugin-other/plugins/plugin-k8s.ts +++ b/packages/ui/certd-server/src/plugins/plugin-other/plugins/plugin-k8s.ts @@ -1,6 +1,5 @@ import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput, utils } from '@certd/pipeline'; import { CertInfo } from '@certd/plugin-cert'; -import { K8sClient } from '@certd/lib-k8s'; import { K8sAccess } from '../access/index.js'; import { appendTimeSuffix } from '../../plugin-aliyun/utils/index.js'; @@ -65,10 +64,14 @@ export class K8STestPlugin extends AbstractTaskPlugin { }) cert!: CertInfo; - async onInstance() {} + K8sClient: any; + async onInstance() { + const sdk = await import('@certd/lib-k8s'); + this.K8sClient = sdk.K8sClient; + } async execute(): Promise { const access: K8sAccess = await this.accessService.getById(this.accessId); - const k8sClient = new K8sClient({ + const k8sClient = new this.K8sClient({ kubeConfigStr: access.kubeconfig, logger: this.logger, }); @@ -76,7 +79,7 @@ export class K8STestPlugin extends AbstractTaskPlugin { await utils.sleep(3000); // 停留2秒,等待secret部署完成 } - async patchNginxCertSecret(options: { cert: CertInfo; k8sClient: K8sClient }) { + async patchNginxCertSecret(options: { cert: CertInfo; k8sClient: any }) { const { cert, k8sClient } = options; const crt = cert.crt; const key = cert.key; diff --git a/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/tencent-dns-provider.ts b/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/tencent-dns-provider.ts index e9adf882..696ba423 100644 --- a/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/tencent-dns-provider.ts +++ b/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/tencent-dns-provider.ts @@ -1,14 +1,7 @@ import { Autowire, HttpClient, ILogger } from '@certd/pipeline'; -import { - AbstractDnsProvider, - CreateRecordOptions, - IsDnsProvider, - RemoveRecordOptions, -} from '@certd/plugin-cert'; +import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions } from '@certd/plugin-cert'; import { TencentAccess } from '../access/index.js'; -import * as tencentcloud from 'tencentcloud-sdk-nodejs'; -const DnspodClient = tencentcloud.dnspod.v20210323.Client; @IsDnsProvider({ name: 'tencent', title: '腾讯云', @@ -38,7 +31,8 @@ export class TencentDnsProvider extends AbstractDnsProvider { }, }, }; - + const dnspodSdk: any = await import('tencentcloud-sdk-nodejs/tencentcloud/services/dnspod/v20210323/index.js'); + const DnspodClient = dnspodSdk.Client; // 实例化要请求产品的client对象,clientProfile是可选的 this.client = new DnspodClient(clientConfig); } @@ -58,12 +52,7 @@ export class TencentDnsProvider extends AbstractDnsProvider { try { const ret = await this.client.CreateRecord(params); - this.logger.info( - '添加域名解析成功:', - fullRecord, - value, - JSON.stringify(ret) - ); + this.logger.info('添加域名解析成功:', fullRecord, value, JSON.stringify(ret)); /* { "RecordId": 162, diff --git a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-cdn/index.ts b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-cdn/index.ts index 851d493e..312dc1ca 100644 --- a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-cdn/index.ts +++ b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-cdn/index.ts @@ -1,5 +1,4 @@ import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline'; -import tencentcloud from 'tencentcloud-sdk-nodejs'; import { TencentAccess } from '../../access/index.js'; import { CertInfo } from '@certd/plugin-cert'; @@ -59,17 +58,17 @@ export class DeployToCdnPlugin extends AbstractTaskPlugin { // }) // endpoint!: string; - async onInstance() {} + Client: any; - async execute(): Promise { - const accessProvider: TencentAccess = (await this.accessService.getById(this.accessId)) as TencentAccess; - const client = this.getClient(accessProvider); - const params = this.buildParams(); - await this.doRequest(client, params); + async onInstance() { + const sdk = await import('tencentcloud-sdk-nodejs/tencentcloud/services/cdn/v20180606/index.js'); + this.Client = sdk.v20180606.Client; } - getClient(accessProvider: TencentAccess) { - const CdnClient = tencentcloud.cdn.v20180606.Client; + async getClient() { + const accessProvider: TencentAccess = (await this.accessService.getById(this.accessId)) as TencentAccess; + + const CdnClient = this.Client; const clientConfig = { credential: { @@ -87,6 +86,11 @@ export class DeployToCdnPlugin extends AbstractTaskPlugin { return new CdnClient(clientConfig); } + async execute(): Promise { + const params = this.buildParams(); + await this.doRequest(params); + } + buildParams() { return { Https: { @@ -100,7 +104,8 @@ export class DeployToCdnPlugin extends AbstractTaskPlugin { }; } - async doRequest(client: any, params: any) { + async doRequest(params: any) { + const client = await this.getClient(); const ret = await client.UpdateDomainConfig(params); this.checkRet(ret); this.logger.info('设置腾讯云CDN证书成功:', ret.RequestId); diff --git a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-clb/index.ts b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-clb/index.ts index 0f9a09f6..3b8b9f7c 100644 --- a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-clb/index.ts +++ b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-clb/index.ts @@ -1,5 +1,4 @@ import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput, utils } from '@certd/pipeline'; -import tencentcloud from 'tencentcloud-sdk-nodejs'; import { TencentAccess } from '../../access/index.js'; import dayjs from 'dayjs'; @@ -92,11 +91,37 @@ export class DeployToClbPlugin extends AbstractTaskPlugin { }) accessId!: string; - async onInstance() {} - async execute(): Promise { - const accessProvider = (await this.accessService.getById(this.accessId)) as TencentAccess; - const client = this.getClient(accessProvider, this.region); + client: any; + async onInstance() { + this.client = await this.getClient(); + } + + async getClient() { + const sdk = await import('tencentcloud-sdk-nodejs/tencentcloud/services/clb/index.js'); + const ClbClient = sdk.clb.v20180317.Client; + + const accessProvider = (await this.accessService.getById(this.accessId)) as TencentAccess; + + const region = this.region; + const clientConfig = { + credential: { + secretId: accessProvider.secretId, + secretKey: accessProvider.secretKey, + }, + region: region, + profile: { + httpProfile: { + endpoint: 'clb.tencentcloudapi.com', + }, + }, + }; + + return new ClbClient(clientConfig); + } + + async execute(): Promise { + const client = this.client; const lastCertId = await this.getCertIdFromProps(client); if (!this.domain) { await this.updateListener(client); @@ -213,25 +238,6 @@ export class DeployToClbPlugin extends AbstractTaskPlugin { return ret.Listeners; } - getClient(accessProvider: TencentAccess, region: string) { - const ClbClient = tencentcloud.clb.v20180317.Client; - - const clientConfig = { - credential: { - secretId: accessProvider.secretId, - secretKey: accessProvider.secretKey, - }, - region: region, - profile: { - httpProfile: { - endpoint: 'clb.tencentcloudapi.com', - }, - }, - }; - - return new ClbClient(clientConfig); - } - checkRet(ret: any) { if (!ret || ret.Error) { throw new Error('执行失败:' + ret.Error.Code + ',' + ret.Error.Message); diff --git a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-eo/index.ts b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-eo/index.ts index 0f1b27af..698f4989 100644 --- a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-eo/index.ts +++ b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-eo/index.ts @@ -1,5 +1,4 @@ import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline'; -import tencentcloud from 'tencentcloud-sdk-nodejs-teo'; import { TencentAccess } from '../../access/index.js'; @IsTaskPlugin({ @@ -71,8 +70,12 @@ export class DeployToEOPlugin extends AbstractTaskPlugin { // required: true, // }) // endpoint!: string; + Client: any; - async onInstance() {} + async onInstance() { + const sdk = await import('tencentcloud-sdk-nodejs/tencentcloud/services/teo/v20220901/index.js'); + this.Client = sdk.v20220901.Client; + } async execute(): Promise { const accessProvider: TencentAccess = (await this.accessService.getById(this.accessId)) as TencentAccess; @@ -82,7 +85,7 @@ export class DeployToEOPlugin extends AbstractTaskPlugin { } getClient(accessProvider: TencentAccess) { - const TeoClient = tencentcloud.teo.v20220901.Client; + const TeoClient = this.Client; const clientConfig = { credential: { diff --git a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-tke-ingress/index.ts b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-tke-ingress/index.ts index 8b41c38d..5a62e740 100644 --- a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-tke-ingress/index.ts +++ b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-tke-ingress/index.ts @@ -1,6 +1,4 @@ import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput, utils } from '@certd/pipeline'; -import tencentcloud from 'tencentcloud-sdk-nodejs'; -import { K8sClient } from '@certd/lib-k8s'; import dayjs from 'dayjs'; @IsTaskPlugin({ @@ -90,14 +88,22 @@ export class DeployCertToTencentTKEIngressPlugin extends AbstractTaskPlugin { }) cert!: any; - async onInstance() {} + sdk: any; + K8sClient: any; + + async onInstance() { + // const TkeClient = this.tencentcloud.tke.v20180525.Client; + this.sdk = await import('tencentcloud-sdk-nodejs/tencentcloud/services/tke/v20220501/index.js'); + const k8sSdk = await import('@certd/lib-k8s'); + this.K8sClient = k8sSdk.K8sClient; + } async execute(): Promise { const accessProvider = await this.accessService.getById(this.accessId); const tkeClient = this.getTkeClient(accessProvider, this.region); const kubeConfigStr = await this.getTkeKubeConfig(tkeClient, this.clusterId); this.logger.info('kubeconfig已成功获取'); - const k8sClient = new K8sClient({ + const k8sClient = new this.K8sClient({ kubeConfigStr, logger: this.logger, }); @@ -120,7 +126,6 @@ export class DeployCertToTencentTKEIngressPlugin extends AbstractTaskPlugin { } getTkeClient(accessProvider: any, region = 'ap-guangzhou') { - const TkeClient = tencentcloud.tke.v20180525.Client; const clientConfig = { credential: { secretId: accessProvider.secretId, @@ -134,7 +139,7 @@ export class DeployCertToTencentTKEIngressPlugin extends AbstractTaskPlugin { }, }; - return new TkeClient(clientConfig); + return new this.sdk.Client(clientConfig); } async getTkeKubeConfig(client: any, clusterId: string) { diff --git a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/upload-to-tencent/index.ts b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/upload-to-tencent/index.ts index f409074b..43a70492 100644 --- a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/upload-to-tencent/index.ts +++ b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/upload-to-tencent/index.ts @@ -1,5 +1,4 @@ import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput, TaskOutput } from '@certd/pipeline'; -import tencentcloud from 'tencentcloud-sdk-nodejs'; import dayjs from 'dayjs'; @IsTaskPlugin({ @@ -43,7 +42,11 @@ export class UploadToTencentPlugin extends AbstractTaskPlugin { }) tencentCertId?: string; - async onInstance() {} + Client: any; + async onInstance() { + const sdk = await import('tencentcloud-sdk-nodejs/tencentcloud/services/ssl/v20191205/index.js'); + this.Client = sdk.v20191205.Client; + } async execute(): Promise { const { accessId, name, cert } = this; @@ -71,7 +74,7 @@ export class UploadToTencentPlugin extends AbstractTaskPlugin { } getClient(accessProvider: any) { - const SslClient = tencentcloud.ssl.v20191205.Client; + const SslClient = this.Client; const clientConfig = { credential: { diff --git a/packages/ui/certd-server/src/utils/random.ts b/packages/ui/certd-server/src/utils/random.ts index 6be6f6e2..45b559eb 100644 --- a/packages/ui/certd-server/src/utils/random.ts +++ b/packages/ui/certd-server/src/utils/random.ts @@ -7,7 +7,7 @@ const specials = '~!@#$%^*()_+-=[]{}|;:,./<>?'; * @param {Number} length * @param {Object} options */ -function randomStr(length, options) { +function randomStr(length, options?) { length || (length = 8); options || (options = {}); @@ -28,8 +28,7 @@ function randomStr(length, options) { } if (options.specials) { - chars += - typeof options.specials === 'string' ? options.specials : specials; + chars += typeof options.specials === 'string' ? options.specials : specials; } }