Merge branch 'feat/new-workflow' of github.com:fudiwei/certimate into next

2025-02-12 09:42:00 +08:00
parent 1f6b33f4f6 94408e8a9f
commit 138e08e985
97 changed files with 2288 additions and 1138 deletions
--- a/internal/pkg/core/deployer/providers/edgio-applications/edgio_applications.go
+++ b/internal/pkg/core/deployer/providers/edgio-applications/edgio_applications.go
@@ -2,13 +2,13 @@

 import (
 	"context"
-	"encoding/pem"
 	"errors"

 	xerrors "github.com/pkg/errors"

 	"github.com/usual2970/certimate/internal/pkg/core/deployer"
 	"github.com/usual2970/certimate/internal/pkg/core/logger"
+	"github.com/usual2970/certimate/internal/pkg/utils/certs"
 	edgsdk "github.com/usual2970/certimate/internal/pkg/vendors/edgio-sdk/applications/v7"
 	edgsdkDtos "github.com/usual2970/certimate/internal/pkg/vendors/edgio-sdk/applications/v7/dtos"
 )
@@ -57,7 +57,10 @@ func NewWithLogger(config *EdgioApplicationsDeployerConfig, logger logger.Logger

 func (d *EdgioApplicationsDeployer) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
 	// 提取 Edgio 所需的服务端证书和中间证书内容
-	privateCertPem, intermediateCertPem := extractCertChains(certPem)
+	privateCertPem, intermediateCertPem, err := certs.ExtractCertificatesFromPEM(certPem)
+	if err != nil {
+		return nil, err
+	}

 	// 上传 TLS 证书
 	// REF: https://docs.edg.io/rest_api/#tag/tls-certs/operation/postConfigV01TlsCerts
@@ -81,32 +84,3 @@ func createSdkClient(clientId, clientSecret string) (*edgsdk.EdgioClient, error)
 	client := edgsdk.NewEdgioClient(clientId, clientSecret, "", "")
 	return client, nil
 }
-
-func extractCertChains(certPem string) (primaryCertPem string, intermediateCertPem string) {
-	pemBlocks := make([]*pem.Block, 0)
-	pemData := []byte(certPem)
-	for {
-		block, rest := pem.Decode(pemData)
-		if block == nil {
-			break
-		}
-
-		pemBlocks = append(pemBlocks, block)
-		pemData = rest
-	}
-
-	primaryCertPem = ""
-	intermediateCertPem = ""
-
-	if len(pemBlocks) > 0 {
-		primaryCertPem = string(pem.EncodeToMemory(pemBlocks[0]))
-	}
-
-	if len(pemBlocks) > 1 {
-		for i := 1; i < len(pemBlocks); i++ {
-			intermediateCertPem += string(pem.EncodeToMemory(pemBlocks[i]))
-		}
-	}
-
-	return primaryCertPem, intermediateCertPem
-}
--- a/internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn.go
+++ b/internal/pkg/core/deployer/providers/qiniu-cdn/qiniu_cdn.go
@@ -78,7 +78,7 @@ func (d *QiniuCDNDeployer) Deploy(ctx context.Context, certPem string, privkeyPe

 	// 获取域名信息
 	// REF: https://developer.qiniu.com/fusion/4246/the-domain-name
-	getDomainInfoResp, err := d.sdkClient.GetDomainInfo(domain)
+	getDomainInfoResp, err := d.sdkClient.GetDomainInfo(context.TODO(), domain)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.GetDomainInfo'")
 	}
@@ -88,14 +88,14 @@ func (d *QiniuCDNDeployer) Deploy(ctx context.Context, certPem string, privkeyPe
 	// 判断域名是否已启用 HTTPS。如果已启用，修改域名证书；否则，启用 HTTPS
 	// REF: https://developer.qiniu.com/fusion/4246/the-domain-name
 	if getDomainInfoResp.Https != nil && getDomainInfoResp.Https.CertID != "" {
-		modifyDomainHttpsConfResp, err := d.sdkClient.ModifyDomainHttpsConf(domain, upres.CertId, getDomainInfoResp.Https.ForceHttps, getDomainInfoResp.Https.Http2Enable)
+		modifyDomainHttpsConfResp, err := d.sdkClient.ModifyDomainHttpsConf(context.TODO(), domain, upres.CertId, getDomainInfoResp.Https.ForceHttps, getDomainInfoResp.Https.Http2Enable)
 		if err != nil {
 			return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.ModifyDomainHttpsConf'")
 		}

 		d.logger.Logt("已修改域名证书", modifyDomainHttpsConfResp)
 	} else {
-		enableDomainHttpsResp, err := d.sdkClient.EnableDomainHttps(domain, upres.CertId, true, true)
+		enableDomainHttpsResp, err := d.sdkClient.EnableDomainHttps(context.TODO(), domain, upres.CertId, true, true)
 		if err != nil {
 			return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.EnableDomainHttps'")
 		}