feat: allow insecure connections in cdnfly, goedge, powerdns

2025-05-09 16:35:58 +08:00
parent 5abdb577fb
commit 26359b9d16
25 changed files with 147 additions and 86 deletions
--- a/internal/pkg/core/deployer/providers/goedge/goedge.go
+++ b/internal/pkg/core/deployer/providers/goedge/goedge.go
@@ -2,6 +2,7 @@ package goedge

 import (
 	"context"
+	"crypto/tls"
 	"encoding/base64"
 	"errors"
 	"fmt"
@@ -21,6 +22,8 @@ type DeployerConfig struct {
 	AccessKeyId string `json:"accessKeyId"`
 	// GoEdge 用户 AccessKey。
 	AccessKey string `json:"accessKey"`
+	// 是否允许不安全的连接。
+	AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"`
 	// 部署资源类型。
 	ResourceType ResourceType `json:"resourceType"`
 	// 证书 ID。
@@ -41,7 +44,7 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
 		panic("config is nil")
 	}

-	client, err := createSdkClient(config.ApiUrl, config.AccessKeyId, config.AccessKey)
+	client, err := createSdkClient(config.ApiUrl, config.AccessKeyId, config.AccessKey, config.AllowInsecureConnections)
 	if err != nil {
 		return nil, fmt.Errorf("failed to create sdk client: %w", err)
 	}
@@ -113,7 +116,7 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM stri
 	return nil
 }

-func createSdkClient(apiUrl, accessKeyId, accessKey string) (*goedgesdk.Client, error) {
+func createSdkClient(apiUrl, accessKeyId, accessKey string, skipTlsVerify bool) (*goedgesdk.Client, error) {
 	if _, err := url.Parse(apiUrl); err != nil {
 		return nil, errors.New("invalid goedge api url")
 	}
@@ -127,5 +130,9 @@ func createSdkClient(apiUrl, accessKeyId, accessKey string) (*goedgesdk.Client,
 	}

 	client := goedgesdk.NewClient(apiUrl, "user", accessKeyId, accessKey)
+	if skipTlsVerify {
+		client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true})
+	}
+
 	return client, nil
 }
--- a/internal/pkg/core/deployer/providers/goedge/goedge_test.go
+++ b/internal/pkg/core/deployer/providers/goedge/goedge_test.go
@@ -57,11 +57,12 @@ func TestDeploy(t *testing.T) {
 		}, "\n"))

 		deployer, err := provider.NewDeployer(&provider.DeployerConfig{
-			ApiUrl:        fApiUrl,
-			AccessKeyId:   fAccessKeyId,
-			AccessKey:     fAccessKey,
-			ResourceType:  provider.RESOURCE_TYPE_CERTIFICATE,
-			CertificateId: int64(fCertificateId),
+			ApiUrl:                   fApiUrl,
+			AccessKeyId:              fAccessKeyId,
+			AccessKey:                fAccessKey,
+			AllowInsecureConnections: true,
+			ResourceType:             provider.RESOURCE_TYPE_CERTIFICATE,
+			CertificateId:            int64(fCertificateId),
 		})
 		if err != nil {
 			t.Errorf("err: %+v", err)