chore: move '/internal/pkg' to '/pkg'

2025-06-17 15:54:21 +08:00
parent 30840bbba5
commit 205275b52d
611 changed files with 693 additions and 693 deletions
--- a/pkg/core/ssl-manager/providers/rainyun-sslcenter/rainyun_sslcenter.go
+++ b/pkg/core/ssl-manager/providers/rainyun-sslcenter/rainyun_sslcenter.go
@@ -0,0 +1,169 @@
+package rainyunsslcenter
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"log/slog"
+	"strings"
+
+	"github.com/usual2970/certimate/pkg/core"
+	rainyunsdk "github.com/usual2970/certimate/pkg/sdk3rd/rainyun"
+	xcert "github.com/usual2970/certimate/pkg/utils/cert"
+)
+
+type SSLManagerProviderConfig struct {
+	// 雨云 API 密钥。
+	ApiKey string `json:"ApiKey"`
+}
+
+type SSLManagerProvider struct {
+	config    *SSLManagerProviderConfig
+	logger    *slog.Logger
+	sdkClient *rainyunsdk.Client
+}
+
+var _ core.SSLManager = (*SSLManagerProvider)(nil)
+
+func NewSSLManagerProvider(config *SSLManagerProviderConfig) (*SSLManagerProvider, error) {
+	if config == nil {
+		return nil, errors.New("the configuration of the ssl manager provider is nil")
+	}
+
+	client, err := createSDKClient(config.ApiKey)
+	if err != nil {
+		return nil, fmt.Errorf("could not create sdk client: %w", err)
+	}
+
+	return &SSLManagerProvider{
+		config:    config,
+		logger:    slog.Default(),
+		sdkClient: client,
+	}, nil
+}
+
+func (m *SSLManagerProvider) SetLogger(logger *slog.Logger) {
+	if logger == nil {
+		m.logger = slog.New(slog.DiscardHandler)
+	} else {
+		m.logger = logger
+	}
+}
+
+func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLManageUploadResult, error) {
+	// 遍历证书列表，避免重复上传
+	if res, err := m.findCertIfExists(ctx, certPEM); err != nil {
+		return nil, err
+	} else if res != nil {
+		m.logger.Info("ssl certificate already exists")
+		return res, nil
+	}
+
+	// SSL 证书上传
+	// REF: https://apifox.com/apidoc/shared/a4595cc8-44c5-4678-a2a3-eed7738dab03/api-69943046
+	sslCenterCreateReq := &rainyunsdk.SslCenterCreateRequest{
+		Cert: certPEM,
+		Key:  privkeyPEM,
+	}
+	sslCenterCreateResp, err := m.sdkClient.SslCenterCreate(sslCenterCreateReq)
+	m.logger.Debug("sdk request 'sslcenter.Create'", slog.Any("request", sslCenterCreateReq), slog.Any("response", sslCenterCreateResp))
+	if err != nil {
+		return nil, fmt.Errorf("failed to execute sdk request 'sslcenter.Create': %w", err)
+	}
+
+	// 遍历证书列表，获取刚刚上传证书 ID
+	if res, err := m.findCertIfExists(ctx, certPEM); err != nil {
+		return nil, err
+	} else if res == nil {
+		return nil, errors.New("no ssl certificate found, may be upload failed")
+	} else {
+		return res, nil
+	}
+}
+
+func (m *SSLManagerProvider) findCertIfExists(ctx context.Context, certPEM string) (*core.SSLManageUploadResult, error) {
+	// 解析证书内容
+	certX509, err := xcert.ParseCertificateFromPEM(certPEM)
+	if err != nil {
+		return nil, err
+	}
+
+	// 遍历 SSL 证书列表
+	// REF: https://apifox.com/apidoc/shared/a4595cc8-44c5-4678-a2a3-eed7738dab03/api-69943046
+	// REF: https://apifox.com/apidoc/shared/a4595cc8-44c5-4678-a2a3-eed7738dab03/api-69943048
+	sslCenterListPage := int32(1)
+	sslCenterListPerPage := int32(100)
+	for {
+		select {
+		case <-ctx.Done():
+			return nil, ctx.Err()
+		default:
+		}
+
+		sslCenterListReq := &rainyunsdk.SslCenterListRequest{
+			Filters: &rainyunsdk.SslCenterListFilters{
+				Domain: &certX509.Subject.CommonName,
+			},
+			Page:    &sslCenterListPage,
+			PerPage: &sslCenterListPerPage,
+		}
+		sslCenterListResp, err := m.sdkClient.SslCenterList(sslCenterListReq)
+		m.logger.Debug("sdk request 'sslcenter.List'", slog.Any("request", sslCenterListReq), slog.Any("response", sslCenterListResp))
+		if err != nil {
+			return nil, fmt.Errorf("failed to execute sdk request 'sslcenter.List': %w", err)
+		}
+
+		if sslCenterListResp.Data != nil && sslCenterListResp.Data.Records != nil {
+			for _, sslItem := range sslCenterListResp.Data.Records {
+				// 先对比证书的多域名
+				if sslItem.Domain != strings.Join(certX509.DNSNames, ", ") {
+					continue
+				}
+
+				// 再对比证书的有效期
+				if sslItem.StartDate != certX509.NotBefore.Unix() || sslItem.ExpireDate != certX509.NotAfter.Unix() {
+					continue
+				}
+
+				// 最后对比证书内容
+				sslCenterGetResp, err := m.sdkClient.SslCenterGet(sslItem.ID)
+				if err != nil {
+					return nil, fmt.Errorf("failed to execute sdk request 'sslcenter.Get': %w", err)
+				}
+
+				var isSameCert bool
+				if sslCenterGetResp.Data != nil {
+					if sslCenterGetResp.Data.Cert == certPEM {
+						isSameCert = true
+					} else {
+						oldCertX509, err := xcert.ParseCertificateFromPEM(sslCenterGetResp.Data.Cert)
+						if err != nil {
+							continue
+						}
+
+						isSameCert = xcert.EqualCertificate(certX509, oldCertX509)
+					}
+				}
+
+				// 如果已存在相同证书，直接返回
+				if isSameCert {
+					return &core.SSLManageUploadResult{
+						CertId: fmt.Sprintf("%d", sslItem.ID),
+					}, nil
+				}
+			}
+		}
+
+		if sslCenterListResp.Data == nil || len(sslCenterListResp.Data.Records) < int(sslCenterListPerPage) {
+			break
+		} else {
+			sslCenterListPage++
+		}
+	}
+
+	return nil, nil
+}
+
+func createSDKClient(apiKey string) (*rainyunsdk.Client, error) {
+	return rainyunsdk.NewClient(apiKey)
+}
--- a/pkg/core/ssl-manager/providers/rainyun-sslcenter/rainyun_sslcenter_test.go
+++ b/pkg/core/ssl-manager/providers/rainyun-sslcenter/rainyun_sslcenter_test.go
@@ -0,0 +1,67 @@
+package rainyunsslcenter_test
+
+import (
+	"context"
+	"encoding/json"
+	"flag"
+	"fmt"
+	"os"
+	"strings"
+	"testing"
+
+	provider "github.com/usual2970/certimate/pkg/core/ssl-manager/providers/rainyun-sslcenter"
+)
+
+var (
+	fInputCertPath string
+	fInputKeyPath  string
+	fApiKey        string
+)
+
+func init() {
+	argsPrefix := "CERTIMATE_SSLMANAGER_RAINYUNSSLCENTER_"
+
+	flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "")
+	flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "")
+	flag.StringVar(&fApiKey, argsPrefix+"APIKEY", "", "")
+}
+
+/*
+Shell command to run this test:
+
+	go test -v ./rainyun_sslcenter_test.go -args \
+	--CERTIMATE_SSLMANAGER_RAINYUNSSLCENTER_INPUTCERTPATH="/path/to/your-input-cert.pem" \
+	--CERTIMATE_SSLMANAGER_RAINYUNSSLCENTER_INPUTKEYPATH="/path/to/your-input-key.pem" \
+	--CERTIMATE_SSLMANAGER_RAINYUNSSLCENTER_APIKEY="your-api-key"
+*/
+func TestDeploy(t *testing.T) {
+	flag.Parse()
+
+	t.Run("Deploy", func(t *testing.T) {
+		t.Log(strings.Join([]string{
+			"args:",
+			fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath),
+			fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath),
+			fmt.Sprintf("APIKEY: %v", fApiKey),
+		}, "\n"))
+
+		sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{
+			ApiKey: fApiKey,
+		})
+		if err != nil {
+			t.Errorf("err: %+v", err)
+			return
+		}
+
+		fInputCertData, _ := os.ReadFile(fInputCertPath)
+		fInputKeyData, _ := os.ReadFile(fInputKeyPath)
+		res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData))
+		if err != nil {
+			t.Errorf("err: %+v", err)
+			return
+		}
+
+		sres, _ := json.Marshal(res)
+		t.Logf("ok: %s", string(sres))
+	})
+}