Update push_image.yml

bugfix

.github/workflows/push_image.yml

@@ -34,6 +34,11 @@ jobs:
           images: |
             usual2970/certimate
             registry.cn-shanghai.aliyuncs.com/usual2970/certimate
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern=v{{version}}
+            type=semver,pattern=v{{major}}.{{minor}}
 
       - name: Log in to DOCKERHUB
         uses: docker/login-action@v3
@@ -56,3 +61,4 @@ jobs:
           platforms: linux/amd64,linux/arm64
           push: true
           tags: ${{ steps.meta.outputs.tags }}
+

README.md

@@ -36,9 +36,10 @@ Certimate 旨在为用户提供一个安全、简便的 SSL 证书管理解决
 ## 💡 功能特性
 
 - 灵活的工作流编排方式，证书从申请到部署完全自动化；
-- 支持泛域名、多域名证书，可选 RSA、ECC 签名算法；
-- 支持 20+ 域名托管商（如阿里云、腾讯云、Cloudflare 等）；
-- 支持 50+ 部署目标（如 Kubernetes、CDN、WAF、负载均衡等）；
+- 支持单域名、多域名、泛域名证书，可选 RSA、ECC 签名算法；
+- 支持 PEM、PFX、JKS 等多种格式输出证书；
+- 支持 20+ 域名托管商（如阿里云、腾讯云、Cloudflare 等，[点此查看](https://docs.certimate.me/docs/reference/providers#supported-dns-providers)完整提供商清单）；
+- 支持 60+ 部署目标（如 Kubernetes、CDN、WAF、负载均衡等，[点此查看](https://docs.certimate.me/docs/reference/providers#supported-host-providers)完整提供商清单）；
 - 支持邮件、钉钉、飞书、企业微信、Webhook 等多种通知渠道；
 - 支持 Let's Encrypt、ZeroSSL、Google Trust Services 等多种 ACME 证书颁发机构；
 - 更多特性等待探索。

README_EN.md

@@ -35,12 +35,13 @@ Certimate aims to provide users with a secure and user-friendly SSL certificate
 
 ## 💡 Features
 
-- Flexible workflow orchestration, fully automated from certificate application to deployment;
-- Supports wildcard, multi-domain certificates, with options for RSA or ECC.
-- Supports more than 20+ domain registrars (e.g., Alibaba Cloud, Tencent Cloud, Cloudflare, etc.);
-- Supports more than 50+ deployment targets (e.g., Kubernetes, CDN, WAF, load balancers, etc.);
+- Flexible workflow orchestration, fully automation from certificate application to deployment;
+- Supports single-domain, multi-domain, wildcard certificates, with options for RSA or ECC.
+- Supports various certificate formats such as PEM, PFX, JKS.
+- Supports more than 20+ domain registrars (e.g., Alibaba Cloud, Tencent Cloud, Cloudflare, etc. [Check out this link](https://docs.certimate.me/en/docs/reference/providers#supported-dns-providers));
+- Supports more than 60+ deployment targets (e.g., Kubernetes, CDN, WAF, load balancers, etc. [Check out this link](https://docs.certimate.me/en/docs/reference/providers#supported-host-providers));
 - Supports multiple notification channels including email, DingTalk, Feishu, WeCom, Webhook, and more;
-- Supports multiple certificate authorities including Let's Encrypt, ZeroSSL, Google Trust Services, and more;
+- Supports multiple ACME CAs including Let's Encrypt, ZeroSSL, Google Trust Services, and more;
 - More features waiting to be discovered.
 
 ## ⏱️ Fast Track

docker/docker-compose.yml

@@ -6,5 +6,7 @@ services:
     ports:
       - 8090:8090
     volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
       - ./data:/app/pb_data
     restart: unless-stopped

internal/domain/certificate.go

@@ -1,7 +1,10 @@
 package domain
 
 import (
+	"crypto/ecdsa"
+	"crypto/rsa"
 	"crypto/x509"
+	"fmt"
 	"strings"
 	"time"
 
@@ -39,19 +42,58 @@ func (c *Certificate) PopulateFromX509(certX509 *x509.Certificate) *Certificate
 	c.EffectAt = certX509.NotBefore
 	c.ExpireAt = certX509.NotAfter
 
-	switch certX509.SignatureAlgorithm {
-	case x509.SHA256WithRSA, x509.SHA256WithRSAPSS:
-		c.KeyAlgorithm = CertificateKeyAlgorithmTypeRSA2048
-	case x509.SHA384WithRSA, x509.SHA384WithRSAPSS:
-		c.KeyAlgorithm = CertificateKeyAlgorithmTypeRSA3072
-	case x509.SHA512WithRSA, x509.SHA512WithRSAPSS:
-		c.KeyAlgorithm = CertificateKeyAlgorithmTypeRSA4096
-	case x509.ECDSAWithSHA256:
-		c.KeyAlgorithm = CertificateKeyAlgorithmTypeEC256
-	case x509.ECDSAWithSHA384:
-		c.KeyAlgorithm = CertificateKeyAlgorithmTypeEC384
-	case x509.ECDSAWithSHA512:
-		c.KeyAlgorithm = CertificateKeyAlgorithmTypeEC512
+	switch certX509.PublicKeyAlgorithm {
+	case x509.RSA:
+		{
+			len := 0
+			if pubkey, ok := certX509.PublicKey.(*rsa.PublicKey); ok {
+				len = pubkey.N.BitLen()
+			}
+
+			switch len {
+			case 0:
+				c.KeyAlgorithm = CertificateKeyAlgorithmType("RSA")
+			case 2048:
+				c.KeyAlgorithm = CertificateKeyAlgorithmTypeRSA2048
+			case 3072:
+				c.KeyAlgorithm = CertificateKeyAlgorithmTypeRSA3072
+			case 4096:
+				c.KeyAlgorithm = CertificateKeyAlgorithmTypeRSA4096
+			case 8192:
+				c.KeyAlgorithm = CertificateKeyAlgorithmTypeRSA8192
+			default:
+				c.KeyAlgorithm = CertificateKeyAlgorithmType(fmt.Sprintf("RSA%d", len))
+			}
+		}
+
+	case x509.ECDSA:
+		{
+			len := 0
+			if pubkey, ok := certX509.PublicKey.(*ecdsa.PublicKey); ok {
+				if pubkey.Curve != nil && pubkey.Curve.Params() != nil {
+					len = pubkey.Curve.Params().BitSize
+				}
+			}
+
+			switch len {
+			case 0:
+				c.KeyAlgorithm = CertificateKeyAlgorithmType("EC")
+			case 256:
+				c.KeyAlgorithm = CertificateKeyAlgorithmTypeEC256
+			case 384:
+				c.KeyAlgorithm = CertificateKeyAlgorithmTypeEC384
+			case 521:
+				c.KeyAlgorithm = CertificateKeyAlgorithmTypeEC512
+			default:
+				c.KeyAlgorithm = CertificateKeyAlgorithmType(fmt.Sprintf("EC%d", len))
+			}
+		}
+
+	case x509.Ed25519:
+		{
+			c.KeyAlgorithm = CertificateKeyAlgorithmType("ED25519")
+		}
+
 	default:
 		c.KeyAlgorithm = CertificateKeyAlgorithmType("")
 	}

internal/domain/workflow.go

@@ -62,14 +62,14 @@ type WorkflowNode struct {
 }
 
 type WorkflowNodeConfigForApply struct {
-	Domains               string         `json:"domains"`               // 域名列表，以半角逗号分隔
+	Domains               string         `json:"domains"`               // 域名列表，以半角分号分隔
 	ContactEmail          string         `json:"contactEmail"`          // 联系邮箱
 	ChallengeType         string         `json:"challengeType"`         // TODO: 验证方式。目前仅支持 dns-01
 	Provider              string         `json:"provider"`              // DNS 提供商
 	ProviderAccessId      string         `json:"providerAccessId"`      // DNS 提供商授权记录 ID
 	ProviderConfig        map[string]any `json:"providerConfig"`        // DNS 提供商额外配置
 	KeyAlgorithm          string         `json:"keyAlgorithm"`          // 密钥算法
-	Nameservers           string         `json:"nameservers"`           // DNS 服务器列表，以半角逗号分隔
+	Nameservers           string         `json:"nameservers"`           // DNS 服务器列表，以半角分号分隔
 	DnsPropagationTimeout int32          `json:"dnsPropagationTimeout"` // DNS 传播超时时间（零值取决于提供商的默认值）
 	DnsTTL                int32          `json:"dnsTTL"`                // DNS TTL（零值取决于提供商的默认值）
 	DisableFollowCNAME    bool           `json:"disableFollowCNAME"`    // 是否关闭 CNAME 跟随

ui/src/components/workflow/node/DeployNodeConfigForm1PanelConsoleConfig.tsx

@@ -16,7 +16,9 @@ export type DeployNodeConfigForm1PanelConsoleConfigProps = {
 };
 
 const initFormModel = (): DeployNodeConfigForm1PanelConsoleConfigFieldValues => {
-  return {};
+  return {
+    autoRestart: true,
+  };
 };
 
 const DeployNodeConfigForm1PanelConsoleConfig = ({

ui/src/components/workflow/node/DeployNodeConfigFormBaotaPanelConsoleConfig.tsx

@@ -16,7 +16,9 @@ export type DeployNodeConfigFormBaotaPanelConsoleConfigProps = {
 };
 
 const initFormModel = (): DeployNodeConfigFormBaotaPanelConsoleConfigFieldValues => {
-  return {};
+  return {
+    autoRestart: true,
+  };
 };
 
 const DeployNodeConfigFormBaotaPanelConsoleConfig = ({

ui/src/domain/version.ts

@@ -1 +1 @@
-export const version = "v0.3.1";
+export const version = "v0.3.3";

ui/src/domain/workflow.ts

@@ -436,11 +436,6 @@ export const getOutputBeforeNodeId = (root: WorkflowNode, nodeId: string, type:
       return true;
     }
 
-    // 如果当前节点是 ExecuteFailure，清除 ExecuteResultBranch 节点前一个节点的输出
-    if (current.type === WorkflowNodeType.ExecuteFailure) {
-      output.splice(output.length - 1);
-    }
-
     if (current.type !== WorkflowNodeType.Branch && current.outputs && current.outputs.some((io) => io.type === type)) {
       output.push({
         ...current,
@@ -449,8 +444,13 @@ export const getOutputBeforeNodeId = (root: WorkflowNode, nodeId: string, type:
     }
 
     if (isBranchLike(current)) {
-      const currentLength = output.length;
+      let currentLength = output.length;
+      const latestOutput = output.length > 0 ? output[output.length - 1] : null;
       for (const branch of current.branches!) {
+        if (branch.type === WorkflowNodeType.ExecuteFailure) {
+          output.splice(output.length - 1);
+          currentLength -= 1;
+        }
         if (traverse(branch, output)) {
           return true;
         }
@@ -458,6 +458,10 @@ export const getOutputBeforeNodeId = (root: WorkflowNode, nodeId: string, type:
         if (output.length > currentLength) {
           output.splice(currentLength);
         }
+        if (latestOutput && branch.type === WorkflowNodeType.ExecuteFailure) {
+          output.push(latestOutput);
+          currentLength += 1;
+        }
       }
     }
 

ui/src/hooks/useVersionChecker.ts

@@ -4,7 +4,7 @@ import { version } from "@/domain/version";
 
 export type UseVersionCheckerReturns = {
   hasNewVersion: boolean;
-  check: () => void;
+  checkNewVersion: () => void;
 };
 
 const extractSemver = (vers: string) => {
@@ -48,7 +48,7 @@ const useVersionChecker = () => {
       }
 
       const nIdx = releases.findIndex((e: any) => compareVersions(e.name, version) !== -1);
-      if (cIdx >= nIdx) {
+      if (cIdx !== -1 && cIdx <= nIdx) {
         return false;
       }
 
@@ -63,7 +63,7 @@ const useVersionChecker = () => {
 
   return {
     hasNewVersion: !!data,
-    check: refresh,
+    checkNewVersion: refresh,
   };
 };